@nauth-toolkit/core 0.1.17 → 0.1.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/storage.factory.d.ts.map +1 -1
- package/dist/adapters/storage.factory.js +250 -18
- package/dist/adapters/storage.factory.js.map +1 -1
- package/dist/bootstrap.d.ts.map +1 -1
- package/dist/bootstrap.js +2 -1
- package/dist/bootstrap.js.map +1 -1
- package/dist/dto/admin-signup.dto.d.ts +196 -0
- package/dist/dto/admin-signup.dto.d.ts.map +1 -0
- package/dist/dto/admin-signup.dto.js +317 -0
- package/dist/dto/admin-signup.dto.js.map +1 -0
- package/dist/dto/index.d.ts +1 -0
- package/dist/dto/index.d.ts.map +1 -1
- package/dist/dto/index.js +1 -0
- package/dist/dto/index.js.map +1 -1
- package/dist/handlers/csrf.handler.d.ts.map +1 -1
- package/dist/handlers/csrf.handler.js +7 -2
- package/dist/handlers/csrf.handler.js.map +1 -1
- package/dist/handlers/social-redirect.handler.d.ts +126 -0
- package/dist/handlers/social-redirect.handler.d.ts.map +1 -0
- package/dist/handlers/social-redirect.handler.js +346 -0
- package/dist/handlers/social-redirect.handler.js.map +1 -0
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +4 -0
- package/dist/index.js.map +1 -1
- package/dist/interfaces/config.interface.d.ts +49 -0
- package/dist/interfaces/config.interface.d.ts.map +1 -1
- package/dist/interfaces/index.d.ts +1 -0
- package/dist/interfaces/index.d.ts.map +1 -1
- package/dist/interfaces/index.js +1 -0
- package/dist/interfaces/index.js.map +1 -1
- package/dist/interfaces/social-auth-state-store.interface.d.ts +100 -0
- package/dist/interfaces/social-auth-state-store.interface.d.ts.map +1 -0
- package/dist/interfaces/social-auth-state-store.interface.js +3 -0
- package/dist/interfaces/social-auth-state-store.interface.js.map +1 -0
- package/dist/interfaces/storage-adapter.interface.d.ts +2 -2
- package/dist/interfaces/storage-adapter.interface.d.ts.map +1 -1
- package/dist/internal.d.ts +5 -0
- package/dist/internal.d.ts.map +1 -1
- package/dist/internal.js +7 -1
- package/dist/internal.js.map +1 -1
- package/dist/schemas/auth-config.schema.d.ts +121 -28
- package/dist/schemas/auth-config.schema.d.ts.map +1 -1
- package/dist/schemas/auth-config.schema.js +21 -1
- package/dist/schemas/auth-config.schema.js.map +1 -1
- package/dist/services/auth.service.d.ts +39 -0
- package/dist/services/auth.service.d.ts.map +1 -1
- package/dist/services/auth.service.js +221 -9
- package/dist/services/auth.service.js.map +1 -1
- package/dist/services/email-verification.service.d.ts.map +1 -1
- package/dist/services/email-verification.service.js +4 -3
- package/dist/services/email-verification.service.js.map +1 -1
- package/dist/services/social-auth-base.service.d.ts +5 -10
- package/dist/services/social-auth-base.service.d.ts.map +1 -1
- package/dist/services/social-auth-base.service.js +11 -59
- package/dist/services/social-auth-base.service.js.map +1 -1
- package/dist/services/social-auth-state-store.service.d.ts +58 -0
- package/dist/services/social-auth-state-store.service.d.ts.map +1 -0
- package/dist/services/social-auth-state-store.service.js +261 -0
- package/dist/services/social-auth-state-store.service.js.map +1 -0
- package/dist/storage/account-lockout-storage.service.d.ts +2 -2
- package/dist/storage/account-lockout-storage.service.d.ts.map +1 -1
- package/dist/storage/account-lockout-storage.service.js +2 -2
- package/dist/storage/account-lockout-storage.service.js.map +1 -1
- package/dist/utils/index.d.ts +1 -0
- package/dist/utils/index.d.ts.map +1 -1
- package/dist/utils/index.js +1 -0
- package/dist/utils/index.js.map +1 -1
- package/dist/utils/password-generator.d.ts +29 -0
- package/dist/utils/password-generator.d.ts.map +1 -0
- package/dist/utils/password-generator.js +98 -0
- package/dist/utils/password-generator.js.map +1 -0
- package/dist/utils/setup/init-social.d.ts +2 -5
- package/dist/utils/setup/init-social.d.ts.map +1 -1
- package/dist/utils/setup/init-social.js.map +1 -1
- package/package.json +1 -1
|
@@ -0,0 +1,100 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Social OAuth state store interface
|
|
3
|
+
*
|
|
4
|
+
* This abstracts storage for OAuth CSRF `state` and redirect context so it can be:
|
|
5
|
+
* - shared across multiple server instances (ECS / k8s / multi-node)
|
|
6
|
+
* - backed by Redis or database using the existing transient `StorageAdapter`
|
|
7
|
+
*
|
|
8
|
+
* Security notes:
|
|
9
|
+
* - `state` MUST be one-time use (replay protection)
|
|
10
|
+
* - `state` MUST expire quickly (default: 5 minutes)
|
|
11
|
+
* - Stored redirect context MUST NOT include secrets (it may be echoed back to the frontend)
|
|
12
|
+
*
|
|
13
|
+
* @example
|
|
14
|
+
* ```typescript
|
|
15
|
+
* // Provider flow (CSRF)
|
|
16
|
+
* const state = await store.createCsrfState('google');
|
|
17
|
+
* // redirect user to provider with state
|
|
18
|
+
* await store.validateAndConsumeCsrfState('google', state);
|
|
19
|
+
*
|
|
20
|
+
* // Redirect flow context (optional)
|
|
21
|
+
* await store.setRedirectContext(state, { returnTo: '/auth/callback', appState: '12345', action: 'login' });
|
|
22
|
+
* const ctx = await store.consumeRedirectContext(state);
|
|
23
|
+
* ```
|
|
24
|
+
*/
|
|
25
|
+
export interface ISocialAuthStateStore {
|
|
26
|
+
/**
|
|
27
|
+
* Create a CSRF `state` value for a provider and persist it for later validation.
|
|
28
|
+
*
|
|
29
|
+
* @param provider - Provider name (e.g. 'google', 'apple', 'facebook')
|
|
30
|
+
* @returns Newly generated state token
|
|
31
|
+
* @throws {Error} When provider is invalid or storage fails
|
|
32
|
+
*/
|
|
33
|
+
createCsrfState(provider: string): Promise<string>;
|
|
34
|
+
/**
|
|
35
|
+
* Validate and consume a CSRF `state` token.
|
|
36
|
+
*
|
|
37
|
+
* This MUST be one-time use: subsequent validations must fail.
|
|
38
|
+
*
|
|
39
|
+
* @param provider - Provider expected for this state token
|
|
40
|
+
* @param state - State token from the OAuth callback
|
|
41
|
+
* @throws {Error} When state is missing/invalid/expired or provider mismatch occurs
|
|
42
|
+
*/
|
|
43
|
+
validateAndConsumeCsrfState(provider: string, state: string): Promise<void>;
|
|
44
|
+
/**
|
|
45
|
+
* Store optional redirect context for a CSRF state token.
|
|
46
|
+
*
|
|
47
|
+
* @param state - CSRF state token
|
|
48
|
+
* @param context - Redirect context (non-secret)
|
|
49
|
+
* @throws {Error} When storage fails
|
|
50
|
+
*/
|
|
51
|
+
setRedirectContext(state: string, context: SocialAuthRedirectContext): Promise<void>;
|
|
52
|
+
/**
|
|
53
|
+
* Consume (read and delete) redirect context for a CSRF state token.
|
|
54
|
+
*
|
|
55
|
+
* This is separate from CSRF validation consumption; controllers may consume context
|
|
56
|
+
* after provider validation to build the final frontend redirect.
|
|
57
|
+
*
|
|
58
|
+
* @param state - CSRF state token
|
|
59
|
+
* @returns Context or null if missing/expired
|
|
60
|
+
*/
|
|
61
|
+
consumeRedirectContext(state: string): Promise<SocialAuthRedirectContext | null>;
|
|
62
|
+
}
|
|
63
|
+
/**
|
|
64
|
+
* Redirect context stored during the redirect-first social login flow.
|
|
65
|
+
*
|
|
66
|
+
* @example
|
|
67
|
+
* ```typescript
|
|
68
|
+
* { returnTo: '/auth/callback', appState: '12345', action: 'login' }
|
|
69
|
+
* ```
|
|
70
|
+
*/
|
|
71
|
+
export interface SocialAuthRedirectContext {
|
|
72
|
+
/**
|
|
73
|
+
* Frontend URL or path to redirect to after completing authentication.
|
|
74
|
+
*
|
|
75
|
+
* Recommended: relative path only (e.g. `/auth/callback`) to prevent open redirects.
|
|
76
|
+
*/
|
|
77
|
+
returnTo: string;
|
|
78
|
+
/**
|
|
79
|
+
* Opaque, non-secret application state to round-trip back to the frontend.
|
|
80
|
+
* This should be URL-safe or will be URL-encoded when appended as a query param.
|
|
81
|
+
*/
|
|
82
|
+
appState?: string;
|
|
83
|
+
/**
|
|
84
|
+
* Delivery mode chosen at redirect start time.
|
|
85
|
+
*
|
|
86
|
+
* Why this exists:
|
|
87
|
+
* - In hybrid deployments, the provider callback request often has no reliable `Origin` header.
|
|
88
|
+
* - We must not guess delivery based on the provider callback request.
|
|
89
|
+
*
|
|
90
|
+
* When set, the callback flow MUST honor it.
|
|
91
|
+
*/
|
|
92
|
+
delivery?: 'cookies' | 'json';
|
|
93
|
+
/**
|
|
94
|
+
* Redirect flow action.
|
|
95
|
+
* - `login`: Authenticate user
|
|
96
|
+
* - `link`: Link provider to existing session (future)
|
|
97
|
+
*/
|
|
98
|
+
action: 'login' | 'link';
|
|
99
|
+
}
|
|
100
|
+
//# sourceMappingURL=social-auth-state-store.interface.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"social-auth-state-store.interface.d.ts","sourceRoot":"","sources":["../../src/interfaces/social-auth-state-store.interface.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,WAAW,qBAAqB;IACpC;;;;;;OAMG;IACH,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAEnD;;;;;;;;OAQG;IACH,2BAA2B,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE5E;;;;;;OAMG;IACH,kBAAkB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,yBAAyB,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAErF;;;;;;;;OAQG;IACH,sBAAsB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,yBAAyB,GAAG,IAAI,CAAC,CAAC;CAClF;AAED;;;;;;;GAOG;AACH,MAAM,WAAW,yBAAyB;IACxC;;;;OAIG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;;;;;;;OAQG;IACH,QAAQ,CAAC,EAAE,SAAS,GAAG,MAAM,CAAC;IAE9B;;;;OAIG;IACH,MAAM,EAAE,OAAO,GAAG,MAAM,CAAC;CAC1B"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"social-auth-state-store.interface.js","sourceRoot":"","sources":["../../src/interfaces/social-auth-state-store.interface.ts"],"names":[],"mappings":""}
|
|
@@ -69,8 +69,8 @@ export interface AccountLockoutStorage {
|
|
|
69
69
|
recordFailedAttempt(ipAddress: string): Promise<number>;
|
|
70
70
|
getFailedAttempts(ipAddress: string): Promise<number>;
|
|
71
71
|
isAccountLocked(ipAddress: string): Promise<boolean>;
|
|
72
|
-
|
|
73
|
-
|
|
72
|
+
lockIpAddress(ipAddress: string, duration: number, reason: string): Promise<void>;
|
|
73
|
+
unlockIpAddress(ipAddress: string): Promise<void>;
|
|
74
74
|
resetFailedAttempts(ipAddress: string): Promise<void>;
|
|
75
75
|
}
|
|
76
76
|
//# sourceMappingURL=storage-adapter.interface.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"storage-adapter.interface.d.ts","sourceRoot":"","sources":["../../src/interfaces/storage-adapter.interface.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAE5B;;OAEG;IACH,SAAS,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;IAE9B;;OAEG;IACH,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,EAAE,CAAC,EAAE,OAAO,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC;IAChH,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAChC,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAEtC;;OAEG;IACH,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACxD,IAAI,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACnC,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAChD,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAElC;;OAEG;IACH,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzD,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IACtD,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAExD;;OAEG;IACH,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACpE,IAAI,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAEnC;;OAEG;IACH,IAAI,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACzC,IAAI,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;IAElF;;OAEG;IACH,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACzB,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,kBAAkB,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC5F,YAAY,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACpE,cAAc,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACrE;AAED;;;;;GAKG;AACH,MAAM,WAAW,qBAAqB;IACpC,mBAAmB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACxD,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACtD,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACrD,
|
|
1
|
+
{"version":3,"file":"storage-adapter.interface.d.ts","sourceRoot":"","sources":["../../src/interfaces/storage-adapter.interface.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAE5B;;OAEG;IACH,SAAS,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;IAE9B;;OAEG;IACH,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,EAAE,CAAC,EAAE,OAAO,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC;IAChH,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAChC,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAEtC;;OAEG;IACH,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACxD,IAAI,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACnC,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAChD,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAElC;;OAEG;IACH,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzD,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IACtD,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAExD;;OAEG;IACH,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACpE,IAAI,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAEnC;;OAEG;IACH,IAAI,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACzC,IAAI,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;IAElF;;OAEG;IACH,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACzB,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,kBAAkB,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC5F,YAAY,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACpE,cAAc,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACrE;AAED;;;;;GAKG;AACH,MAAM,WAAW,qBAAqB;IACpC,mBAAmB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACxD,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACtD,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACrD,aAAa,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAClF,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAClD,mBAAmB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACvD"}
|
package/dist/internal.d.ts
CHANGED
|
@@ -126,6 +126,11 @@ export { BaseMFAProviderService } from './services/mfa-base.service';
|
|
|
126
126
|
* @internal
|
|
127
127
|
*/
|
|
128
128
|
export { BaseSocialAuthProviderService } from './services/social-auth-base.service';
|
|
129
|
+
/**
|
|
130
|
+
* Storage-backed OAuth CSRF + redirect context store
|
|
131
|
+
* @internal
|
|
132
|
+
*/
|
|
133
|
+
export { SocialAuthStateStore } from './services/social-auth-state-store.service';
|
|
129
134
|
/**
|
|
130
135
|
* Social provider registry service
|
|
131
136
|
* Internal registry for managing social auth provider instances
|
package/dist/internal.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"internal.d.ts","sourceRoot":"","sources":["../src/internal.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AAMH;;;GAGG;AACH,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAEhE;;;GAGG;AACH,OAAO,EAAE,0BAA0B,EAAE,MAAM,0CAA0C,CAAC;AAMtF;;;GAGG;AACH,OAAO,EAAE,2BAA2B,EAAE,MAAM,4CAA4C,CAAC;AAEzF;;;GAGG;AACH,OAAO,EAAE,sBAAsB,EAAE,MAAM,8CAA8C,CAAC;AAEtF;;;GAGG;AACH,cAAc,0CAA0C,CAAC;AAEzD;;;GAGG;AACH,cAAc,4BAA4B,CAAC;AAE3C;;;GAGG;AACH,cAAc,wCAAwC,CAAC;AAMvD;;;GAGG;AACH,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAE9D;;;GAGG;AACH,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAEpD;;;GAGG;AACH,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAE5D;;;GAGG;AACH,OAAO,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AAEzE;;;GAGG;AACH,OAAO,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AAEzE;;;GAGG;AACH,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAMrE;;;GAGG;AACH,OAAO,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AAEzE;;;GAGG;AACH,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAErE;;;GAGG;AACH,OAAO,EAAE,0BAA0B,EAAE,MAAM,0CAA0C,CAAC;AAMtF;;;GAGG;AACH,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAErE;;;GAGG;AACH,OAAO,EAAE,6BAA6B,EAAE,MAAM,qCAAqC,CAAC;AAEpF;;;;GAIG;AACH,OAAO,EAAE,sBAAsB,EAAE,MAAM,6CAA6C,CAAC;AAMrF;;;;GAIG;AACH,OAAO,EAAE,wBAAwB,IAAI,gBAAgB,EAAE,MAAM,+BAA+B,CAAC"}
|
|
1
|
+
{"version":3,"file":"internal.d.ts","sourceRoot":"","sources":["../src/internal.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AAMH;;;GAGG;AACH,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAEhE;;;GAGG;AACH,OAAO,EAAE,0BAA0B,EAAE,MAAM,0CAA0C,CAAC;AAMtF;;;GAGG;AACH,OAAO,EAAE,2BAA2B,EAAE,MAAM,4CAA4C,CAAC;AAEzF;;;GAGG;AACH,OAAO,EAAE,sBAAsB,EAAE,MAAM,8CAA8C,CAAC;AAEtF;;;GAGG;AACH,cAAc,0CAA0C,CAAC;AAEzD;;;GAGG;AACH,cAAc,4BAA4B,CAAC;AAE3C;;;GAGG;AACH,cAAc,wCAAwC,CAAC;AAMvD;;;GAGG;AACH,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAE9D;;;GAGG;AACH,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAEpD;;;GAGG;AACH,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAE5D;;;GAGG;AACH,OAAO,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AAEzE;;;GAGG;AACH,OAAO,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AAEzE;;;GAGG;AACH,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAMrE;;;GAGG;AACH,OAAO,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AAEzE;;;GAGG;AACH,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAErE;;;GAGG;AACH,OAAO,EAAE,0BAA0B,EAAE,MAAM,0CAA0C,CAAC;AAMtF;;;GAGG;AACH,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAErE;;;GAGG;AACH,OAAO,EAAE,6BAA6B,EAAE,MAAM,qCAAqC,CAAC;AAEpF;;;GAGG;AACH,OAAO,EAAE,oBAAoB,EAAE,MAAM,4CAA4C,CAAC;AAElF;;;;GAIG;AACH,OAAO,EAAE,sBAAsB,EAAE,MAAM,6CAA6C,CAAC;AAMrF;;;;GAIG;AACH,OAAO,EAAE,wBAAwB,IAAI,gBAAgB,EAAE,MAAM,+BAA+B,CAAC"}
|
package/dist/internal.js
CHANGED
|
@@ -52,7 +52,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
52
52
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
53
53
|
};
|
|
54
54
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
55
|
-
exports.AuthAuditService = exports.SocialProviderRegistry = exports.BaseSocialAuthProviderService = exports.BaseMFAProviderService = exports.AdaptiveMFADecisionService = exports.RiskScoringService = exports.RiskDetectionService = exports.GeoLocationService = exports.TrustedDeviceService = exports.PasswordResetService = exports.SessionService = exports.JwtService = exports.PasswordService = exports.AuthFlowContextBuilder = exports.AuthFlowStateMachineService = exports.AuthChallengeHelperService = exports.ChallengeService = void 0;
|
|
55
|
+
exports.AuthAuditService = exports.SocialProviderRegistry = exports.SocialAuthStateStore = exports.BaseSocialAuthProviderService = exports.BaseMFAProviderService = exports.AdaptiveMFADecisionService = exports.RiskScoringService = exports.RiskDetectionService = exports.GeoLocationService = exports.TrustedDeviceService = exports.PasswordResetService = exports.SessionService = exports.JwtService = exports.PasswordService = exports.AuthFlowContextBuilder = exports.AuthFlowStateMachineService = exports.AuthChallengeHelperService = exports.ChallengeService = void 0;
|
|
56
56
|
// ============================================================================
|
|
57
57
|
// Challenge System (Internal Orchestration)
|
|
58
58
|
// ============================================================================
|
|
@@ -173,6 +173,12 @@ Object.defineProperty(exports, "BaseMFAProviderService", { enumerable: true, get
|
|
|
173
173
|
*/
|
|
174
174
|
var social_auth_base_service_1 = require("./services/social-auth-base.service");
|
|
175
175
|
Object.defineProperty(exports, "BaseSocialAuthProviderService", { enumerable: true, get: function () { return social_auth_base_service_1.BaseSocialAuthProviderService; } });
|
|
176
|
+
/**
|
|
177
|
+
* Storage-backed OAuth CSRF + redirect context store
|
|
178
|
+
* @internal
|
|
179
|
+
*/
|
|
180
|
+
var social_auth_state_store_service_1 = require("./services/social-auth-state-store.service");
|
|
181
|
+
Object.defineProperty(exports, "SocialAuthStateStore", { enumerable: true, get: function () { return social_auth_state_store_service_1.SocialAuthStateStore; } });
|
|
176
182
|
/**
|
|
177
183
|
* Social provider registry service
|
|
178
184
|
* Internal registry for managing social auth provider instances
|
package/dist/internal.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"internal.js","sourceRoot":"","sources":["../src/internal.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;;;;;;;;;;;;;;;;;AAEH,+EAA+E;AAC/E,4CAA4C;AAC5C,+EAA+E;AAE/E;;;GAGG;AACH,kEAAgE;AAAvD,qHAAA,gBAAgB,OAAA;AAEzB;;;GAGG;AACH,0FAAsF;AAA7E,2IAAA,0BAA0B,OAAA;AAEnC,+EAA+E;AAC/E,+CAA+C;AAC/C,+EAA+E;AAE/E;;;GAGG;AACH,8FAAyF;AAAhF,8IAAA,2BAA2B,OAAA;AAEpC;;;GAGG;AACH,kGAAsF;AAA7E,2IAAA,sBAAsB,OAAA;AAE/B;;;GAGG;AACH,2EAAyD;AAEzD;;;GAGG;AACH,6DAA2C;AAE3C;;;GAGG;AACH,yEAAuD;AAEvD,+EAA+E;AAC/E,0CAA0C;AAC1C,+EAA+E;AAE/E;;;GAGG;AACH,gEAA8D;AAArD,mHAAA,eAAe,OAAA;AAExB;;;GAGG;AACH,sDAAoD;AAA3C,yGAAA,UAAU,OAAA;AAEnB;;;GAGG;AACH,8DAA4D;AAAnD,iHAAA,cAAc,OAAA;AAEvB;;;GAGG;AACH,4EAAyE;AAAhE,8HAAA,oBAAoB,OAAA;AAE7B;;;GAGG;AACH,4EAAyE;AAAhE,8HAAA,oBAAoB,OAAA;AAE7B;;;GAGG;AACH,wEAAqE;AAA5D,0HAAA,kBAAkB,OAAA;AAE3B,+EAA+E;AAC/E,sCAAsC;AACtC,+EAA+E;AAE/E;;;GAGG;AACH,4EAAyE;AAAhE,8HAAA,oBAAoB,OAAA;AAE7B;;;GAGG;AACH,wEAAqE;AAA5D,0HAAA,kBAAkB,OAAA;AAE3B;;;GAGG;AACH,0FAAsF;AAA7E,2IAAA,0BAA0B,OAAA;AAEnC,+EAA+E;AAC/E,yDAAyD;AACzD,+EAA+E;AAE/E;;;GAGG;AACH,gEAAqE;AAA5D,0HAAA,sBAAsB,OAAA;AAE/B;;;GAGG;AACH,gFAAoF;AAA3E,yIAAA,6BAA6B,OAAA;AAEtC;;;;GAIG;AACH,gGAAqF;AAA5E,0IAAA,sBAAsB,OAAA;AAE/B,+EAA+E;AAC/E,8CAA8C;AAC9C,+EAA+E;AAE/E;;;;GAIG;AACH,oEAA6F;AAApF,sHAAA,wBAAwB,OAAoB"}
|
|
1
|
+
{"version":3,"file":"internal.js","sourceRoot":"","sources":["../src/internal.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;;;;;;;;;;;;;;;;;AAEH,+EAA+E;AAC/E,4CAA4C;AAC5C,+EAA+E;AAE/E;;;GAGG;AACH,kEAAgE;AAAvD,qHAAA,gBAAgB,OAAA;AAEzB;;;GAGG;AACH,0FAAsF;AAA7E,2IAAA,0BAA0B,OAAA;AAEnC,+EAA+E;AAC/E,+CAA+C;AAC/C,+EAA+E;AAE/E;;;GAGG;AACH,8FAAyF;AAAhF,8IAAA,2BAA2B,OAAA;AAEpC;;;GAGG;AACH,kGAAsF;AAA7E,2IAAA,sBAAsB,OAAA;AAE/B;;;GAGG;AACH,2EAAyD;AAEzD;;;GAGG;AACH,6DAA2C;AAE3C;;;GAGG;AACH,yEAAuD;AAEvD,+EAA+E;AAC/E,0CAA0C;AAC1C,+EAA+E;AAE/E;;;GAGG;AACH,gEAA8D;AAArD,mHAAA,eAAe,OAAA;AAExB;;;GAGG;AACH,sDAAoD;AAA3C,yGAAA,UAAU,OAAA;AAEnB;;;GAGG;AACH,8DAA4D;AAAnD,iHAAA,cAAc,OAAA;AAEvB;;;GAGG;AACH,4EAAyE;AAAhE,8HAAA,oBAAoB,OAAA;AAE7B;;;GAGG;AACH,4EAAyE;AAAhE,8HAAA,oBAAoB,OAAA;AAE7B;;;GAGG;AACH,wEAAqE;AAA5D,0HAAA,kBAAkB,OAAA;AAE3B,+EAA+E;AAC/E,sCAAsC;AACtC,+EAA+E;AAE/E;;;GAGG;AACH,4EAAyE;AAAhE,8HAAA,oBAAoB,OAAA;AAE7B;;;GAGG;AACH,wEAAqE;AAA5D,0HAAA,kBAAkB,OAAA;AAE3B;;;GAGG;AACH,0FAAsF;AAA7E,2IAAA,0BAA0B,OAAA;AAEnC,+EAA+E;AAC/E,yDAAyD;AACzD,+EAA+E;AAE/E;;;GAGG;AACH,gEAAqE;AAA5D,0HAAA,sBAAsB,OAAA;AAE/B;;;GAGG;AACH,gFAAoF;AAA3E,yIAAA,6BAA6B,OAAA;AAEtC;;;GAGG;AACH,8FAAkF;AAAzE,uIAAA,oBAAoB,OAAA;AAE7B;;;;GAIG;AACH,gGAAqF;AAA5E,0IAAA,sBAAsB,OAAA;AAE/B,+EAA+E;AAC/E,8CAA8C;AAC9C,+EAA+E;AAE/E;;;;GAIG;AACH,oEAA6F;AAApF,sHAAA,wBAAwB,OAAoB"}
|
|
@@ -134,6 +134,7 @@ export declare const signupConfigSchema: z.ZodObject<{
|
|
|
134
134
|
allowDuplicatePhones: z.ZodOptional<z.ZodBoolean>;
|
|
135
135
|
emailVerification: z.ZodOptional<z.ZodObject<{
|
|
136
136
|
expiresIn: z.ZodOptional<z.ZodNumber>;
|
|
137
|
+
maxAttempts: z.ZodOptional<z.ZodNumber>;
|
|
137
138
|
resendDelay: z.ZodOptional<z.ZodNumber>;
|
|
138
139
|
rateLimitMax: z.ZodOptional<z.ZodNumber>;
|
|
139
140
|
rateLimitWindow: z.ZodOptional<z.ZodNumber>;
|
|
@@ -142,6 +143,7 @@ export declare const signupConfigSchema: z.ZodObject<{
|
|
|
142
143
|
attemptWindow: z.ZodOptional<z.ZodNumber>;
|
|
143
144
|
}, "strip", z.ZodTypeAny, {
|
|
144
145
|
expiresIn?: number | undefined;
|
|
146
|
+
maxAttempts?: number | undefined;
|
|
145
147
|
resendDelay?: number | undefined;
|
|
146
148
|
rateLimitMax?: number | undefined;
|
|
147
149
|
rateLimitWindow?: number | undefined;
|
|
@@ -150,6 +152,7 @@ export declare const signupConfigSchema: z.ZodObject<{
|
|
|
150
152
|
attemptWindow?: number | undefined;
|
|
151
153
|
}, {
|
|
152
154
|
expiresIn?: number | undefined;
|
|
155
|
+
maxAttempts?: number | undefined;
|
|
153
156
|
resendDelay?: number | undefined;
|
|
154
157
|
rateLimitMax?: number | undefined;
|
|
155
158
|
rateLimitWindow?: number | undefined;
|
|
@@ -194,6 +197,7 @@ export declare const signupConfigSchema: z.ZodObject<{
|
|
|
194
197
|
allowDuplicatePhones?: boolean | undefined;
|
|
195
198
|
emailVerification?: {
|
|
196
199
|
expiresIn?: number | undefined;
|
|
200
|
+
maxAttempts?: number | undefined;
|
|
197
201
|
resendDelay?: number | undefined;
|
|
198
202
|
rateLimitMax?: number | undefined;
|
|
199
203
|
rateLimitWindow?: number | undefined;
|
|
@@ -218,6 +222,7 @@ export declare const signupConfigSchema: z.ZodObject<{
|
|
|
218
222
|
allowDuplicatePhones?: boolean | undefined;
|
|
219
223
|
emailVerification?: {
|
|
220
224
|
expiresIn?: number | undefined;
|
|
225
|
+
maxAttempts?: number | undefined;
|
|
221
226
|
resendDelay?: number | undefined;
|
|
222
227
|
rateLimitMax?: number | undefined;
|
|
223
228
|
rateLimitWindow?: number | undefined;
|
|
@@ -431,24 +436,24 @@ export declare const lifecycleHooksSchema: z.ZodObject<{
|
|
|
431
436
|
onAdaptiveMFATriggered?: any;
|
|
432
437
|
onSignInBlocked?: any;
|
|
433
438
|
afterSignup?: any;
|
|
439
|
+
afterLogin?: any;
|
|
434
440
|
beforePasswordChange?: any;
|
|
435
441
|
afterPasswordChange?: any;
|
|
442
|
+
afterLoginFailed?: any;
|
|
436
443
|
beforeSignup?: any;
|
|
437
444
|
beforeLogin?: any;
|
|
438
|
-
afterLogin?: any;
|
|
439
|
-
afterLoginFailed?: any;
|
|
440
445
|
beforeAccountLock?: any;
|
|
441
446
|
afterAccountLock?: any;
|
|
442
447
|
}, {
|
|
443
448
|
onAdaptiveMFATriggered?: any;
|
|
444
449
|
onSignInBlocked?: any;
|
|
445
450
|
afterSignup?: any;
|
|
451
|
+
afterLogin?: any;
|
|
446
452
|
beforePasswordChange?: any;
|
|
447
453
|
afterPasswordChange?: any;
|
|
454
|
+
afterLoginFailed?: any;
|
|
448
455
|
beforeSignup?: any;
|
|
449
456
|
beforeLogin?: any;
|
|
450
|
-
afterLogin?: any;
|
|
451
|
-
afterLoginFailed?: any;
|
|
452
457
|
beforeAccountLock?: any;
|
|
453
458
|
afterAccountLock?: any;
|
|
454
459
|
}>;
|
|
@@ -670,6 +675,19 @@ export declare const socialProviderConfigSchema: z.ZodObject<{
|
|
|
670
675
|
autoLink?: boolean | undefined;
|
|
671
676
|
allowSignup?: boolean | undefined;
|
|
672
677
|
}>;
|
|
678
|
+
export declare const socialRedirectConfigSchema: z.ZodObject<{
|
|
679
|
+
frontendBaseUrl: z.ZodOptional<z.ZodString>;
|
|
680
|
+
allowAbsoluteReturnTo: z.ZodOptional<z.ZodBoolean>;
|
|
681
|
+
allowedReturnToOrigins: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
682
|
+
}, "strip", z.ZodTypeAny, {
|
|
683
|
+
frontendBaseUrl?: string | undefined;
|
|
684
|
+
allowAbsoluteReturnTo?: boolean | undefined;
|
|
685
|
+
allowedReturnToOrigins?: string[] | undefined;
|
|
686
|
+
}, {
|
|
687
|
+
frontendBaseUrl?: string | undefined;
|
|
688
|
+
allowAbsoluteReturnTo?: boolean | undefined;
|
|
689
|
+
allowedReturnToOrigins?: string[] | undefined;
|
|
690
|
+
}>;
|
|
673
691
|
export declare const socialConfigSchema: z.ZodObject<{
|
|
674
692
|
google: z.ZodOptional<z.ZodObject<{
|
|
675
693
|
enabled: z.ZodOptional<z.ZodBoolean>;
|
|
@@ -746,6 +764,19 @@ export declare const socialConfigSchema: z.ZodObject<{
|
|
|
746
764
|
autoLink?: boolean | undefined;
|
|
747
765
|
allowSignup?: boolean | undefined;
|
|
748
766
|
}>>;
|
|
767
|
+
redirect: z.ZodOptional<z.ZodObject<{
|
|
768
|
+
frontendBaseUrl: z.ZodOptional<z.ZodString>;
|
|
769
|
+
allowAbsoluteReturnTo: z.ZodOptional<z.ZodBoolean>;
|
|
770
|
+
allowedReturnToOrigins: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
771
|
+
}, "strip", z.ZodTypeAny, {
|
|
772
|
+
frontendBaseUrl?: string | undefined;
|
|
773
|
+
allowAbsoluteReturnTo?: boolean | undefined;
|
|
774
|
+
allowedReturnToOrigins?: string[] | undefined;
|
|
775
|
+
}, {
|
|
776
|
+
frontendBaseUrl?: string | undefined;
|
|
777
|
+
allowAbsoluteReturnTo?: boolean | undefined;
|
|
778
|
+
allowedReturnToOrigins?: string[] | undefined;
|
|
779
|
+
}>>;
|
|
749
780
|
}, "strip", z.ZodTypeAny, {
|
|
750
781
|
google?: {
|
|
751
782
|
enabled?: boolean | undefined;
|
|
@@ -774,6 +805,11 @@ export declare const socialConfigSchema: z.ZodObject<{
|
|
|
774
805
|
autoLink?: boolean | undefined;
|
|
775
806
|
allowSignup?: boolean | undefined;
|
|
776
807
|
} | undefined;
|
|
808
|
+
redirect?: {
|
|
809
|
+
frontendBaseUrl?: string | undefined;
|
|
810
|
+
allowAbsoluteReturnTo?: boolean | undefined;
|
|
811
|
+
allowedReturnToOrigins?: string[] | undefined;
|
|
812
|
+
} | undefined;
|
|
777
813
|
}, {
|
|
778
814
|
google?: {
|
|
779
815
|
enabled?: boolean | undefined;
|
|
@@ -802,6 +838,11 @@ export declare const socialConfigSchema: z.ZodObject<{
|
|
|
802
838
|
autoLink?: boolean | undefined;
|
|
803
839
|
allowSignup?: boolean | undefined;
|
|
804
840
|
} | undefined;
|
|
841
|
+
redirect?: {
|
|
842
|
+
frontendBaseUrl?: string | undefined;
|
|
843
|
+
allowAbsoluteReturnTo?: boolean | undefined;
|
|
844
|
+
allowedReturnToOrigins?: string[] | undefined;
|
|
845
|
+
} | undefined;
|
|
805
846
|
}>;
|
|
806
847
|
export declare const totpConfigSchema: z.ZodObject<{
|
|
807
848
|
window: z.ZodOptional<z.ZodNumber>;
|
|
@@ -1575,6 +1616,7 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
1575
1616
|
allowDuplicatePhones: z.ZodOptional<z.ZodBoolean>;
|
|
1576
1617
|
emailVerification: z.ZodOptional<z.ZodObject<{
|
|
1577
1618
|
expiresIn: z.ZodOptional<z.ZodNumber>;
|
|
1619
|
+
maxAttempts: z.ZodOptional<z.ZodNumber>;
|
|
1578
1620
|
resendDelay: z.ZodOptional<z.ZodNumber>;
|
|
1579
1621
|
rateLimitMax: z.ZodOptional<z.ZodNumber>;
|
|
1580
1622
|
rateLimitWindow: z.ZodOptional<z.ZodNumber>;
|
|
@@ -1583,6 +1625,7 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
1583
1625
|
attemptWindow: z.ZodOptional<z.ZodNumber>;
|
|
1584
1626
|
}, "strip", z.ZodTypeAny, {
|
|
1585
1627
|
expiresIn?: number | undefined;
|
|
1628
|
+
maxAttempts?: number | undefined;
|
|
1586
1629
|
resendDelay?: number | undefined;
|
|
1587
1630
|
rateLimitMax?: number | undefined;
|
|
1588
1631
|
rateLimitWindow?: number | undefined;
|
|
@@ -1591,6 +1634,7 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
1591
1634
|
attemptWindow?: number | undefined;
|
|
1592
1635
|
}, {
|
|
1593
1636
|
expiresIn?: number | undefined;
|
|
1637
|
+
maxAttempts?: number | undefined;
|
|
1594
1638
|
resendDelay?: number | undefined;
|
|
1595
1639
|
rateLimitMax?: number | undefined;
|
|
1596
1640
|
rateLimitWindow?: number | undefined;
|
|
@@ -1635,6 +1679,7 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
1635
1679
|
allowDuplicatePhones?: boolean | undefined;
|
|
1636
1680
|
emailVerification?: {
|
|
1637
1681
|
expiresIn?: number | undefined;
|
|
1682
|
+
maxAttempts?: number | undefined;
|
|
1638
1683
|
resendDelay?: number | undefined;
|
|
1639
1684
|
rateLimitMax?: number | undefined;
|
|
1640
1685
|
rateLimitWindow?: number | undefined;
|
|
@@ -1659,6 +1704,7 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
1659
1704
|
allowDuplicatePhones?: boolean | undefined;
|
|
1660
1705
|
emailVerification?: {
|
|
1661
1706
|
expiresIn?: number | undefined;
|
|
1707
|
+
maxAttempts?: number | undefined;
|
|
1662
1708
|
resendDelay?: number | undefined;
|
|
1663
1709
|
rateLimitMax?: number | undefined;
|
|
1664
1710
|
rateLimitWindow?: number | undefined;
|
|
@@ -1872,24 +1918,24 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
1872
1918
|
onAdaptiveMFATriggered?: any;
|
|
1873
1919
|
onSignInBlocked?: any;
|
|
1874
1920
|
afterSignup?: any;
|
|
1921
|
+
afterLogin?: any;
|
|
1875
1922
|
beforePasswordChange?: any;
|
|
1876
1923
|
afterPasswordChange?: any;
|
|
1924
|
+
afterLoginFailed?: any;
|
|
1877
1925
|
beforeSignup?: any;
|
|
1878
1926
|
beforeLogin?: any;
|
|
1879
|
-
afterLogin?: any;
|
|
1880
|
-
afterLoginFailed?: any;
|
|
1881
1927
|
beforeAccountLock?: any;
|
|
1882
1928
|
afterAccountLock?: any;
|
|
1883
1929
|
}, {
|
|
1884
1930
|
onAdaptiveMFATriggered?: any;
|
|
1885
1931
|
onSignInBlocked?: any;
|
|
1886
1932
|
afterSignup?: any;
|
|
1933
|
+
afterLogin?: any;
|
|
1887
1934
|
beforePasswordChange?: any;
|
|
1888
1935
|
afterPasswordChange?: any;
|
|
1936
|
+
afterLoginFailed?: any;
|
|
1889
1937
|
beforeSignup?: any;
|
|
1890
1938
|
beforeLogin?: any;
|
|
1891
|
-
afterLogin?: any;
|
|
1892
|
-
afterLoginFailed?: any;
|
|
1893
1939
|
beforeAccountLock?: any;
|
|
1894
1940
|
afterAccountLock?: any;
|
|
1895
1941
|
}>>;
|
|
@@ -2169,6 +2215,19 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
2169
2215
|
autoLink?: boolean | undefined;
|
|
2170
2216
|
allowSignup?: boolean | undefined;
|
|
2171
2217
|
}>>;
|
|
2218
|
+
redirect: z.ZodOptional<z.ZodObject<{
|
|
2219
|
+
frontendBaseUrl: z.ZodOptional<z.ZodString>;
|
|
2220
|
+
allowAbsoluteReturnTo: z.ZodOptional<z.ZodBoolean>;
|
|
2221
|
+
allowedReturnToOrigins: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
2222
|
+
}, "strip", z.ZodTypeAny, {
|
|
2223
|
+
frontendBaseUrl?: string | undefined;
|
|
2224
|
+
allowAbsoluteReturnTo?: boolean | undefined;
|
|
2225
|
+
allowedReturnToOrigins?: string[] | undefined;
|
|
2226
|
+
}, {
|
|
2227
|
+
frontendBaseUrl?: string | undefined;
|
|
2228
|
+
allowAbsoluteReturnTo?: boolean | undefined;
|
|
2229
|
+
allowedReturnToOrigins?: string[] | undefined;
|
|
2230
|
+
}>>;
|
|
2172
2231
|
}, "strip", z.ZodTypeAny, {
|
|
2173
2232
|
google?: {
|
|
2174
2233
|
enabled?: boolean | undefined;
|
|
@@ -2197,6 +2256,11 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
2197
2256
|
autoLink?: boolean | undefined;
|
|
2198
2257
|
allowSignup?: boolean | undefined;
|
|
2199
2258
|
} | undefined;
|
|
2259
|
+
redirect?: {
|
|
2260
|
+
frontendBaseUrl?: string | undefined;
|
|
2261
|
+
allowAbsoluteReturnTo?: boolean | undefined;
|
|
2262
|
+
allowedReturnToOrigins?: string[] | undefined;
|
|
2263
|
+
} | undefined;
|
|
2200
2264
|
}, {
|
|
2201
2265
|
google?: {
|
|
2202
2266
|
enabled?: boolean | undefined;
|
|
@@ -2225,6 +2289,11 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
2225
2289
|
autoLink?: boolean | undefined;
|
|
2226
2290
|
allowSignup?: boolean | undefined;
|
|
2227
2291
|
} | undefined;
|
|
2292
|
+
redirect?: {
|
|
2293
|
+
frontendBaseUrl?: string | undefined;
|
|
2294
|
+
allowAbsoluteReturnTo?: boolean | undefined;
|
|
2295
|
+
allowedReturnToOrigins?: string[] | undefined;
|
|
2296
|
+
} | undefined;
|
|
2228
2297
|
}>>;
|
|
2229
2298
|
mfa: z.ZodOptional<z.ZodObject<{
|
|
2230
2299
|
enabled: z.ZodOptional<z.ZodBoolean>;
|
|
@@ -2826,6 +2895,14 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
2826
2895
|
autoLink?: boolean | undefined;
|
|
2827
2896
|
allowSignup?: boolean | undefined;
|
|
2828
2897
|
} | undefined;
|
|
2898
|
+
redirect?: {
|
|
2899
|
+
frontendBaseUrl?: string | undefined;
|
|
2900
|
+
allowAbsoluteReturnTo?: boolean | undefined;
|
|
2901
|
+
allowedReturnToOrigins?: string[] | undefined;
|
|
2902
|
+
} | undefined;
|
|
2903
|
+
} | undefined;
|
|
2904
|
+
login?: {
|
|
2905
|
+
identifierType?: "email" | "phone" | "username" | "email_or_username" | undefined;
|
|
2829
2906
|
} | undefined;
|
|
2830
2907
|
tablePrefix?: string | undefined;
|
|
2831
2908
|
signup?: {
|
|
@@ -2834,6 +2911,7 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
2834
2911
|
allowDuplicatePhones?: boolean | undefined;
|
|
2835
2912
|
emailVerification?: {
|
|
2836
2913
|
expiresIn?: number | undefined;
|
|
2914
|
+
maxAttempts?: number | undefined;
|
|
2837
2915
|
resendDelay?: number | undefined;
|
|
2838
2916
|
rateLimitMax?: number | undefined;
|
|
2839
2917
|
rateLimitWindow?: number | undefined;
|
|
@@ -2853,9 +2931,6 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
2853
2931
|
codeLength?: number | undefined;
|
|
2854
2932
|
} | undefined;
|
|
2855
2933
|
} | undefined;
|
|
2856
|
-
login?: {
|
|
2857
|
-
identifierType?: "email" | "phone" | "username" | "email_or_username" | undefined;
|
|
2858
|
-
} | undefined;
|
|
2859
2934
|
lockout?: {
|
|
2860
2935
|
duration?: number | undefined;
|
|
2861
2936
|
maxAttempts?: number | undefined;
|
|
@@ -2880,12 +2955,12 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
2880
2955
|
onAdaptiveMFATriggered?: any;
|
|
2881
2956
|
onSignInBlocked?: any;
|
|
2882
2957
|
afterSignup?: any;
|
|
2958
|
+
afterLogin?: any;
|
|
2883
2959
|
beforePasswordChange?: any;
|
|
2884
2960
|
afterPasswordChange?: any;
|
|
2961
|
+
afterLoginFailed?: any;
|
|
2885
2962
|
beforeSignup?: any;
|
|
2886
2963
|
beforeLogin?: any;
|
|
2887
|
-
afterLogin?: any;
|
|
2888
|
-
afterLoginFailed?: any;
|
|
2889
2964
|
beforeAccountLock?: any;
|
|
2890
2965
|
afterAccountLock?: any;
|
|
2891
2966
|
} | undefined;
|
|
@@ -3086,6 +3161,14 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
3086
3161
|
autoLink?: boolean | undefined;
|
|
3087
3162
|
allowSignup?: boolean | undefined;
|
|
3088
3163
|
} | undefined;
|
|
3164
|
+
redirect?: {
|
|
3165
|
+
frontendBaseUrl?: string | undefined;
|
|
3166
|
+
allowAbsoluteReturnTo?: boolean | undefined;
|
|
3167
|
+
allowedReturnToOrigins?: string[] | undefined;
|
|
3168
|
+
} | undefined;
|
|
3169
|
+
} | undefined;
|
|
3170
|
+
login?: {
|
|
3171
|
+
identifierType?: "email" | "phone" | "username" | "email_or_username" | undefined;
|
|
3089
3172
|
} | undefined;
|
|
3090
3173
|
tablePrefix?: string | undefined;
|
|
3091
3174
|
signup?: {
|
|
@@ -3094,6 +3177,7 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
3094
3177
|
allowDuplicatePhones?: boolean | undefined;
|
|
3095
3178
|
emailVerification?: {
|
|
3096
3179
|
expiresIn?: number | undefined;
|
|
3180
|
+
maxAttempts?: number | undefined;
|
|
3097
3181
|
resendDelay?: number | undefined;
|
|
3098
3182
|
rateLimitMax?: number | undefined;
|
|
3099
3183
|
rateLimitWindow?: number | undefined;
|
|
@@ -3113,9 +3197,6 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
3113
3197
|
codeLength?: number | undefined;
|
|
3114
3198
|
} | undefined;
|
|
3115
3199
|
} | undefined;
|
|
3116
|
-
login?: {
|
|
3117
|
-
identifierType?: "email" | "phone" | "username" | "email_or_username" | undefined;
|
|
3118
|
-
} | undefined;
|
|
3119
3200
|
lockout?: {
|
|
3120
3201
|
duration?: number | undefined;
|
|
3121
3202
|
maxAttempts?: number | undefined;
|
|
@@ -3140,12 +3221,12 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
3140
3221
|
onAdaptiveMFATriggered?: any;
|
|
3141
3222
|
onSignInBlocked?: any;
|
|
3142
3223
|
afterSignup?: any;
|
|
3224
|
+
afterLogin?: any;
|
|
3143
3225
|
beforePasswordChange?: any;
|
|
3144
3226
|
afterPasswordChange?: any;
|
|
3227
|
+
afterLoginFailed?: any;
|
|
3145
3228
|
beforeSignup?: any;
|
|
3146
3229
|
beforeLogin?: any;
|
|
3147
|
-
afterLogin?: any;
|
|
3148
|
-
afterLoginFailed?: any;
|
|
3149
3230
|
beforeAccountLock?: any;
|
|
3150
3231
|
afterAccountLock?: any;
|
|
3151
3232
|
} | undefined;
|
|
@@ -3346,6 +3427,14 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
3346
3427
|
autoLink?: boolean | undefined;
|
|
3347
3428
|
allowSignup?: boolean | undefined;
|
|
3348
3429
|
} | undefined;
|
|
3430
|
+
redirect?: {
|
|
3431
|
+
frontendBaseUrl?: string | undefined;
|
|
3432
|
+
allowAbsoluteReturnTo?: boolean | undefined;
|
|
3433
|
+
allowedReturnToOrigins?: string[] | undefined;
|
|
3434
|
+
} | undefined;
|
|
3435
|
+
} | undefined;
|
|
3436
|
+
login?: {
|
|
3437
|
+
identifierType?: "email" | "phone" | "username" | "email_or_username" | undefined;
|
|
3349
3438
|
} | undefined;
|
|
3350
3439
|
tablePrefix?: string | undefined;
|
|
3351
3440
|
signup?: {
|
|
@@ -3354,6 +3443,7 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
3354
3443
|
allowDuplicatePhones?: boolean | undefined;
|
|
3355
3444
|
emailVerification?: {
|
|
3356
3445
|
expiresIn?: number | undefined;
|
|
3446
|
+
maxAttempts?: number | undefined;
|
|
3357
3447
|
resendDelay?: number | undefined;
|
|
3358
3448
|
rateLimitMax?: number | undefined;
|
|
3359
3449
|
rateLimitWindow?: number | undefined;
|
|
@@ -3373,9 +3463,6 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
3373
3463
|
codeLength?: number | undefined;
|
|
3374
3464
|
} | undefined;
|
|
3375
3465
|
} | undefined;
|
|
3376
|
-
login?: {
|
|
3377
|
-
identifierType?: "email" | "phone" | "username" | "email_or_username" | undefined;
|
|
3378
|
-
} | undefined;
|
|
3379
3466
|
lockout?: {
|
|
3380
3467
|
duration?: number | undefined;
|
|
3381
3468
|
maxAttempts?: number | undefined;
|
|
@@ -3400,12 +3487,12 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
3400
3487
|
onAdaptiveMFATriggered?: any;
|
|
3401
3488
|
onSignInBlocked?: any;
|
|
3402
3489
|
afterSignup?: any;
|
|
3490
|
+
afterLogin?: any;
|
|
3403
3491
|
beforePasswordChange?: any;
|
|
3404
3492
|
afterPasswordChange?: any;
|
|
3493
|
+
afterLoginFailed?: any;
|
|
3405
3494
|
beforeSignup?: any;
|
|
3406
3495
|
beforeLogin?: any;
|
|
3407
|
-
afterLogin?: any;
|
|
3408
|
-
afterLoginFailed?: any;
|
|
3409
3496
|
beforeAccountLock?: any;
|
|
3410
3497
|
afterAccountLock?: any;
|
|
3411
3498
|
} | undefined;
|
|
@@ -3606,6 +3693,14 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
3606
3693
|
autoLink?: boolean | undefined;
|
|
3607
3694
|
allowSignup?: boolean | undefined;
|
|
3608
3695
|
} | undefined;
|
|
3696
|
+
redirect?: {
|
|
3697
|
+
frontendBaseUrl?: string | undefined;
|
|
3698
|
+
allowAbsoluteReturnTo?: boolean | undefined;
|
|
3699
|
+
allowedReturnToOrigins?: string[] | undefined;
|
|
3700
|
+
} | undefined;
|
|
3701
|
+
} | undefined;
|
|
3702
|
+
login?: {
|
|
3703
|
+
identifierType?: "email" | "phone" | "username" | "email_or_username" | undefined;
|
|
3609
3704
|
} | undefined;
|
|
3610
3705
|
tablePrefix?: string | undefined;
|
|
3611
3706
|
signup?: {
|
|
@@ -3614,6 +3709,7 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
3614
3709
|
allowDuplicatePhones?: boolean | undefined;
|
|
3615
3710
|
emailVerification?: {
|
|
3616
3711
|
expiresIn?: number | undefined;
|
|
3712
|
+
maxAttempts?: number | undefined;
|
|
3617
3713
|
resendDelay?: number | undefined;
|
|
3618
3714
|
rateLimitMax?: number | undefined;
|
|
3619
3715
|
rateLimitWindow?: number | undefined;
|
|
@@ -3633,9 +3729,6 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
3633
3729
|
codeLength?: number | undefined;
|
|
3634
3730
|
} | undefined;
|
|
3635
3731
|
} | undefined;
|
|
3636
|
-
login?: {
|
|
3637
|
-
identifierType?: "email" | "phone" | "username" | "email_or_username" | undefined;
|
|
3638
|
-
} | undefined;
|
|
3639
3732
|
lockout?: {
|
|
3640
3733
|
duration?: number | undefined;
|
|
3641
3734
|
maxAttempts?: number | undefined;
|
|
@@ -3660,12 +3753,12 @@ export declare const authConfigSchema: z.ZodEffects<z.ZodObject<{
|
|
|
3660
3753
|
onAdaptiveMFATriggered?: any;
|
|
3661
3754
|
onSignInBlocked?: any;
|
|
3662
3755
|
afterSignup?: any;
|
|
3756
|
+
afterLogin?: any;
|
|
3663
3757
|
beforePasswordChange?: any;
|
|
3664
3758
|
afterPasswordChange?: any;
|
|
3759
|
+
afterLoginFailed?: any;
|
|
3665
3760
|
beforeSignup?: any;
|
|
3666
3761
|
beforeLogin?: any;
|
|
3667
|
-
afterLogin?: any;
|
|
3668
|
-
afterLoginFailed?: any;
|
|
3669
3762
|
beforeAccountLock?: any;
|
|
3670
3763
|
afterAccountLock?: any;
|
|
3671
3764
|
} | undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-config.schema.d.ts","sourceRoot":"","sources":["../../src/schemas/auth-config.schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AA0BxB;;GAEG;AACH,eAAO,MAAM,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2CxB,CAAC;AAML,eAAO,MAAM,kBAAkB
|
|
1
|
+
{"version":3,"file":"auth-config.schema.d.ts","sourceRoot":"","sources":["../../src/schemas/auth-config.schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AA0BxB;;GAEG;AACH,eAAO,MAAM,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2CxB,CAAC;AAML,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA6B7B,CAAC;AAMH,eAAO,MAAM,iBAAiB;;;;;;EAE5B,CAAC;AAMH,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAqB/B,CAAC;AAMH,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;EAK9B,CAAC;AAMH,eAAO,MAAM,mBAAmB;;;;;;;;;;;;EAI9B,CAAC;AAMH,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAkB/B,CAAC;AAOH,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAY/B,CAAC;AA6CH;;GAEG;AACH,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAS5B,CAAC;AAqCH;;GAEG;AACH,eAAO,MAAM,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAE1B,CAAC;AAMH,eAAO,MAAM,iBAAiB,gDAG5B,CAAC;AAMH,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;;;;;EAQrC,CAAC;AAEH,eAAO,MAAM,0BAA0B;;;;;;;;;;;;EAIrC,CAAC;AAEH,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAK7B,CAAC;AAMH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;EAK3B,CAAC;AAEH,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;EAO9B,CAAC;AAEH,eAAO,MAAM,uBAAuB;;;;;;;;;;;;EAIlC,CAAC;AAEH,eAAO,MAAM,qBAAqB;;;;;;;;;;;;EAIhC,CAAC;AAEH,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAgClC,CAAC;AAEH,eAAO,MAAM,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAc1B,CAAC;AAMH,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAiBpC,CAAC;AAMH,eAAO,MAAM,qBAAqB;;;;;;EAEhC,CAAC;AAMH,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAWlC,CAAC;AAMH;;;;;;;;;GASG;AACH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAiNzB,CAAC;AAEL;;;GAGG;AACH,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC"}
|