@nauth-toolkit/core 0.1.98 → 0.1.100

package/dist/openapi/generate-openapi.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Build-time OpenAPI schema generator for nauth-toolkit DTOs.
+ *
+ * Why this exists:
+ * - Consumer apps often import DTO classes from `node_modules`.
+ * - Many OpenAPI integrations (including NestJS Swagger plugin transforms)
+ *   don't introspect external packages well enough to "expand" DTO shapes.
+ * - To keep `@nauth-toolkit/core` framework-agnostic, we generate and ship
+ *   OpenAPI component schemas as plain JSON.
+ *
+ * Output:
+ * - `dist/openapi/components.schemas.json`
+ *
+ * Implementation approach (Option A):
+ * - Parse `src/dto/index.ts` to find exported DTO/type files.
+ * - Collect exported symbols (classes/interfaces/enums/types) from those files.
+ * - Create a temporary "registry" type that references all symbols.
+ * - Generate a single JSON Schema document and convert `definitions` into
+ *   OpenAPI `components.schemas` (with `$ref` rewrites).
+ *
+ * @example
+ * ```bash
+ * # Executed by the core build:
+ * node dist/openapi/generate-openapi.js
+ * ```
+ */
+export declare function generateOpenApiSchemas(): void;
+//# sourceMappingURL=generate-openapi.d.ts.map

package/dist/openapi/generate-openapi.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"generate-openapi.d.ts","sourceRoot":"","sources":["../../src/openapi/generate-openapi.ts"],"names":[],"mappings":"AAKA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,wBAAgB,sBAAsB,IAAI,IAAI,CAgD7C"}

package/dist/openapi/generate-openapi.js

@@ -0,0 +1,247 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateOpenApiSchemas = generateOpenApiSchemas;
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+const ts_json_schema_generator_1 = require("ts-json-schema-generator");
+const ts = __importStar(require("typescript"));
+/**
+ * Build-time OpenAPI schema generator for nauth-toolkit DTOs.
+ *
+ * Why this exists:
+ * - Consumer apps often import DTO classes from `node_modules`.
+ * - Many OpenAPI integrations (including NestJS Swagger plugin transforms)
+ *   don't introspect external packages well enough to "expand" DTO shapes.
+ * - To keep `@nauth-toolkit/core` framework-agnostic, we generate and ship
+ *   OpenAPI component schemas as plain JSON.
+ *
+ * Output:
+ * - `dist/openapi/components.schemas.json`
+ *
+ * Implementation approach (Option A):
+ * - Parse `src/dto/index.ts` to find exported DTO/type files.
+ * - Collect exported symbols (classes/interfaces/enums/types) from those files.
+ * - Create a temporary "registry" type that references all symbols.
+ * - Generate a single JSON Schema document and convert `definitions` into
+ *   OpenAPI `components.schemas` (with `$ref` rewrites).
+ *
+ * @example
+ * ```bash
+ * # Executed by the core build:
+ * node dist/openapi/generate-openapi.js
+ * ```
+ */
+function generateOpenApiSchemas() {
+    const packageRoot = (0, node_path_1.resolve)(__dirname, '..', '..');
+    const tsconfigPath = (0, node_path_1.join)(packageRoot, 'tsconfig.json');
+    const dtoIndexPath = (0, node_path_1.join)(packageRoot, 'src', 'dto', 'index.ts');
+    // `dist/openapi` (same folder as this compiled script)
+    const outputDir = __dirname;
+    const outputJsonPath = (0, node_path_1.join)(outputDir, 'components.schemas.json');
+    // Temporary TS source file used only for schema generation.
+    //
+    // Important: this must live under `rootDir` (src/) because the generator
+    // type-checks using the project's tsconfig.
+    const tempRegistryPath = (0, node_path_1.join)(packageRoot, 'src', 'openapi', '_nauth-openapi-dto-registry.ts');
+    (0, node_fs_1.mkdirSync)(outputDir, { recursive: true });
+    (0, node_fs_1.mkdirSync)((0, node_path_1.dirname)(tempRegistryPath), { recursive: true });
+    const dtoExportFiles = parseDtoExportFiles(dtoIndexPath);
+    const exportedSymbols = collectExportedSymbols(dtoExportFiles);
+    // Avoid generating an empty schema file if parsing fails.
+    if (exportedSymbols.length === 0) {
+        throw new Error(`OpenAPI generation failed: no exported DTO symbols found from ${dtoIndexPath}.`);
+    }
+    (0, node_fs_1.writeFileSync)(tempRegistryPath, renderRegistryType(exportedSymbols), 'utf8');
+    try {
+        const generatorConfig = {
+            path: tempRegistryPath,
+            tsconfig: tsconfigPath,
+            type: 'NAuthOpenApiDtoRegistry',
+            expose: 'all',
+            // We already run `tsc -b` as part of the build. Skipping type-check here
+            // avoids TypeScript project-file-list issues when generating schemas.
+            skipTypeCheck: true,
+        };
+        const generator = (0, ts_json_schema_generator_1.createGenerator)(generatorConfig);
+        const jsonSchema = generator.createSchema('NAuthOpenApiDtoRegistry');
+        const openApiDoc = buildOpenApiDocumentFromJsonSchema(jsonSchema);
+        (0, node_fs_1.writeFileSync)(outputJsonPath, `${JSON.stringify(openApiDoc, null, 2)}\n`, 'utf8');
+    }
+    finally {
+        // Best-effort cleanup. Even if this fails, it doesn't affect consumers.
+        (0, node_fs_1.rmSync)(tempRegistryPath, { force: true });
+    }
+}
+/**
+ * Parse `src/dto/index.ts` to get the list of `export * from './x';` files.
+ */
+function parseDtoExportFiles(dtoIndexPath) {
+    const content = (0, node_fs_1.readFileSync)(dtoIndexPath, 'utf8');
+    const baseDir = (0, node_path_1.dirname)(dtoIndexPath);
+    const files = new Set();
+    for (const line of content.split('\n')) {
+        const match = line.match(/^\s*export\s+\*\s+from\s+['"](\.\/[^'"]+)['"]\s*;\s*$/);
+        if (!match)
+            continue;
+        const relative = match[1];
+        const resolved = (0, node_path_1.join)(baseDir, `${relative}.ts`).replace(/\.ts\.ts$/, '.ts');
+        files.add(resolved);
+    }
+    return Array.from(files).sort();
+}
+/**
+ * Collect exported symbol names from DTO source files.
+ *
+ * We intentionally keep this limited to common exported declarations:
+ * - `export class Foo`
+ * - `export interface Foo`
+ * - `export enum Foo`
+ * - `export type Foo = ...`
+ */
+function collectExportedSymbols(dtoFiles) {
+    const symbols = new Set();
+    for (const filePath of dtoFiles) {
+        const src = (0, node_fs_1.readFileSync)(filePath, 'utf8');
+        const sourceFile = ts.createSourceFile(filePath, src, ts.ScriptTarget.ES2022, true);
+        for (const statement of sourceFile.statements) {
+            if (!hasExportModifier(statement))
+                continue;
+            if (ts.isClassDeclaration(statement) && statement.name) {
+                symbols.add(statement.name.text);
+                continue;
+            }
+            if (ts.isInterfaceDeclaration(statement) && statement.name) {
+                symbols.add(statement.name.text);
+                continue;
+            }
+            if (ts.isEnumDeclaration(statement) && statement.name) {
+                symbols.add(statement.name.text);
+                continue;
+            }
+            if (ts.isTypeAliasDeclaration(statement) && statement.name) {
+                symbols.add(statement.name.text);
+                continue;
+            }
+        }
+    }
+    return Array.from(symbols).sort();
+}
+function hasExportModifier(node) {
+    const modifiers = ts.canHaveModifiers(node) ? ts.getModifiers(node) : undefined;
+    return !!modifiers?.some((m) => m.kind === ts.SyntaxKind.ExportKeyword);
+}
+/**
+ * Render a temporary DTO registry type referencing all exported DTO symbols.
+ */
+function renderRegistryType(symbols) {
+    const lines = [];
+    lines.push('/**');
+    lines.push(' * AUTO-GENERATED FILE (build-time only)');
+    lines.push(' *');
+    lines.push(' * This file is created temporarily during the core build to');
+    lines.push(' * generate OpenAPI component schemas. It is not published.');
+    lines.push(' */');
+    // Temp file lives in `src/openapi/`, so `../dto` resolves to `src/dto/`.
+    lines.push("import type * as Dtos from '../dto';");
+    lines.push('');
+    lines.push('export type NAuthOpenApiDtoRegistry = {');
+    for (const name of symbols) {
+        // Keep it purely in the type space.
+        lines.push(`  ${name}: Dtos.${name};`);
+    }
+    lines.push('};');
+    lines.push('');
+    return lines.join('\n');
+}
+/**
+ * Convert a JSON Schema document into an OpenAPI document containing
+ * `components.schemas`.
+ *
+ * OpenAPI tooling generally expects shared schemas to be addressed via:
+ * - `#/components/schemas/<Name>`
+ *
+ * JSON Schema generators often emit shared types under:
+ * - `#/definitions/<Name>`
+ */
+function buildOpenApiDocumentFromJsonSchema(jsonSchema) {
+    if (typeof jsonSchema !== 'object' || jsonSchema === null || !('definitions' in jsonSchema)) {
+        throw new Error('OpenAPI generation failed: JSON Schema missing `definitions`.');
+    }
+    const definitions = jsonSchema.definitions ?? {};
+    const schemas = {};
+    for (const [name, schema] of Object.entries(definitions)) {
+        schemas[name] = rewriteRefs(schema);
+    }
+    // Remove registry type if it got emitted as a definition.
+    delete schemas.NAuthOpenApiDtoRegistry;
+    // Also rewrite refs in case any schema object references the registry name.
+    for (const [name, schema] of Object.entries(schemas)) {
+        schemas[name] = rewriteRefs(schema);
+    }
+    return {
+        openapi: '3.0.3',
+        components: { schemas },
+    };
+}
+/**
+ * Recursively rewrite JSON Schema `$ref` pointers to OpenAPI pointers.
+ */
+function rewriteRefs(value) {
+    if (Array.isArray(value)) {
+        return value.map((v) => rewriteRefs(v));
+    }
+    if (typeof value !== 'object' || value === null) {
+        return value;
+    }
+    const obj = value;
+    const next = {};
+    for (const [key, val] of Object.entries(obj)) {
+        if (key === '$ref' && typeof val === 'string') {
+            next[key] = val.replace(/^#\/definitions\//, '#/components/schemas/');
+            continue;
+        }
+        next[key] = rewriteRefs(val);
+    }
+    return next;
+}
+// ============================================================================
+// CLI entrypoint (build-time)
+// ============================================================================
+// When executed directly by `node dist/openapi/generate-openapi.js`
+if (require.main === module) {
+    generateOpenApiSchemas();
+}
+//# sourceMappingURL=generate-openapi.js.map

package/dist/openapi/generate-openapi.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"generate-openapi.js","sourceRoot":"","sources":["../../src/openapi/generate-openapi.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+BA,wDAgDC;AA/ED,qCAAyE;AACzE,yCAAmD;AACnD,uEAAwE;AACxE,+CAAiC;AAEjC;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,SAAgB,sBAAsB;IACpC,MAAM,WAAW,GAAG,IAAA,mBAAO,EAAC,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IACnD,MAAM,YAAY,GAAG,IAAA,gBAAI,EAAC,WAAW,EAAE,eAAe,CAAC,CAAC;IACxD,MAAM,YAAY,GAAG,IAAA,gBAAI,EAAC,WAAW,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC;IAEjE,uDAAuD;IACvD,MAAM,SAAS,GAAG,SAAS,CAAC;IAC5B,MAAM,cAAc,GAAG,IAAA,gBAAI,EAAC,SAAS,EAAE,yBAAyB,CAAC,CAAC;IAElE,4DAA4D;IAC5D,EAAE;IACF,yEAAyE;IACzE,4CAA4C;IAC5C,MAAM,gBAAgB,GAAG,IAAA,gBAAI,EAAC,WAAW,EAAE,KAAK,EAAE,SAAS,EAAE,gCAAgC,CAAC,CAAC;IAE/F,IAAA,mBAAS,EAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1C,IAAA,mBAAS,EAAC,IAAA,mBAAO,EAAC,gBAAgB,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE1D,MAAM,cAAc,GAAG,mBAAmB,CAAC,YAAY,CAAC,CAAC;IACzD,MAAM,eAAe,GAAG,sBAAsB,CAAC,cAAc,CAAC,CAAC;IAE/D,0DAA0D;IAC1D,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,iEAAiE,YAAY,GAAG,CAAC,CAAC;IACpG,CAAC;IAED,IAAA,uBAAa,EAAC,gBAAgB,EAAE,kBAAkB,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC,CAAC;IAE7E,IAAI,CAAC;QACH,MAAM,eAAe,GAAW;YAC9B,IAAI,EAAE,gBAAgB;YACtB,QAAQ,EAAE,YAAY;YACtB,IAAI,EAAE,yBAAyB;YAC/B,MAAM,EAAE,KAAK;YACb,yEAAyE;YACzE,sEAAsE;YACtE,aAAa,EAAE,IAAI;SACpB,CAAC;QAEF,MAAM,SAAS,GAAG,IAAA,0CAAe,EAAC,eAAe,CAAC,CAAC;QACnD,MAAM,UAAU,GAAG,SAAS,CAAC,YAAY,CAAC,yBAAyB,CAAC,CAAC;QAErE,MAAM,UAAU,GAAG,kCAAkC,CAAC,UAAU,CAAC,CAAC;QAClE,IAAA,uBAAa,EAAC,cAAc,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACpF,CAAC;YAAS,CAAC;QACT,wEAAwE;QACxE,IAAA,gBAAM,EAAC,gBAAgB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IAC5C,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,YAAoB;IAC/C,MAAM,OAAO,GAAG,IAAA,sBAAY,EAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,IAAA,mBAAO,EAAC,YAAY,CAAC,CAAC;IACtC,MAAM,KAAK,GAAG,IAAI,GAAG,EAAU,CAAC;IAEhC,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACvC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,uDAAuD,CAAC,CAAC;QAClF,IAAI,CAAC,KAAK;YAAE,SAAS;QAErB,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAC1B,MAAM,QAAQ,GAAG,IAAA,gBAAI,EAAC,OAAO,EAAE,GAAG,QAAQ,KAAK,CAAC,CAAC,OAAO,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;QAC7E,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACtB,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC;AAClC,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,sBAAsB,CAAC,QAAkB;IAChD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;IAElC,KAAK,MAAM,QAAQ,IAAI,QAAQ,EAAE,CAAC;QAChC,MAAM,GAAG,GAAG,IAAA,sBAAY,EAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC3C,MAAM,UAAU,GAAG,EAAE,CAAC,gBAAgB,CAAC,QAAQ,EAAE,GAAG,EAAE,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAEpF,KAAK,MAAM,SAAS,IAAI,UAAU,CAAC,UAAU,EAAE,CAAC;YAC9C,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC;gBAAE,SAAS;YAE5C,IAAI,EAAE,CAAC,kBAAkB,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC,IAAI,EAAE,CAAC;gBACvD,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjC,SAAS;YACX,CAAC;YAED,IAAI,EAAE,CAAC,sBAAsB,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC,IAAI,EAAE,CAAC;gBAC3D,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjC,SAAS;YACX,CAAC;YAED,IAAI,EAAE,CAAC,iBAAiB,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC,IAAI,EAAE,CAAC;gBACtD,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjC,SAAS;YACX,CAAC;YAED,IAAI,EAAE,CAAC,sBAAsB,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC,IAAI,EAAE,CAAC;gBAC3D,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjC,SAAS;YACX,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;AACpC,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAa;IACtC,MAAM,SAAS,GAAG,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAChF,OAAO,CAAC,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAC1E,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,OAAiB;IAC3C,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAClB,KAAK,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;IACvD,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjB,KAAK,CAAC,IAAI,CAAC,8DAA8D,CAAC,CAAC;IAC3E,KAAK,CAAC,IAAI,CAAC,6DAA6D,CAAC,CAAC;IAC1E,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAClB,yEAAyE;IACzE,KAAK,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;IACnD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;IAEtD,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;QAC3B,oCAAoC;QACpC,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,UAAU,IAAI,GAAG,CAAC,CAAC;IACzC,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,kCAAkC,CAAC,UAAmB;IAI7D,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,KAAK,IAAI,IAAI,CAAC,CAAC,aAAa,IAAI,UAAU,CAAC,EAAE,CAAC;QAC5F,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC,CAAC;IACnF,CAAC;IAED,MAAM,WAAW,GAAI,UAAwD,CAAC,WAAW,IAAI,EAAE,CAAC;IAEhG,MAAM,OAAO,GAA4B,EAAE,CAAC;IAC5C,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;QACzD,OAAO,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC;IAED,0DAA0D;IAC1D,OAAO,OAAO,CAAC,uBAAuB,CAAC;IAEvC,4EAA4E;IAC5E,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QACrD,OAAO,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC;IAED,OAAO;QACL,OAAO,EAAE,OAAO;QAChB,UAAU,EAAE,EAAE,OAAO,EAAE;KACxB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,KAAc;IACjC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1C,CAAC;IAED,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,GAAG,GAAG,KAAgC,CAAC;IAC7C,MAAM,IAAI,GAA4B,EAAE,CAAC;IAEzC,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7C,IAAI,GAAG,KAAK,MAAM,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC9C,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,mBAAmB,EAAE,uBAAuB,CAAC,CAAC;YACtE,SAAS;QACX,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,+EAA+E;AAC/E,8BAA8B;AAC9B,+EAA+E;AAE/E,oEAAoE;AACpE,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;IAC5B,sBAAsB,EAAE,CAAC;AAC3B,CAAC"}

package/dist/openapi/index.d.ts

@@ -0,0 +1,77 @@
+/**
+ * OpenAPI component schemas exported by `@nauth-toolkit/core`.
+ *
+ * This is intentionally framework-agnostic: consumer apps can merge these
+ * schemas into their OpenAPI document (NestJS, Express, Fastify, etc.).
+ *
+ * Notes:
+ * - Schemas are generated at build time into `dist/openapi/components.schemas.json`
+ * - The schema names match the exported DTO/type names (e.g. `SignupDTO`)
+ *
+ * @example
+ * ```typescript
+ * import { loadNAuthOpenApiSchemas } from '@nauth-toolkit/core/openapi';
+ *
+ * // Merge into your OpenAPI document:
+ * const schemas = loadNAuthOpenApiSchemas();
+ * openapi.components = openapi.components ?? {};
+ * openapi.components.schemas = {
+ *   ...(openapi.components.schemas ?? {}),
+ *   ...schemas,
+ * };
+ * ```
+ */
+export interface NAuthOpenApiDocument {
+    /**
+     * OpenAPI version string.
+     *
+     * Example: `"3.0.3"`
+     */
+    openapi: string;
+    /**
+     * OpenAPI components section containing reusable schemas.
+     */
+    components: {
+        /**
+         * Generated schemas keyed by DTO/type name.
+         *
+         * Values are OpenAPI Schema Objects (kept as `unknown` to avoid introducing
+         * a runtime dependency on an OpenAPI typings package).
+         */
+        schemas: Record<string, unknown>;
+    };
+}
+/**
+ * Load the generated OpenAPI document from the packaged JSON file.
+ *
+ * This is safe to call in production code. The JSON is generated during the
+ * library build and shipped in `dist/`.
+ *
+ * @returns The generated OpenAPI document containing `components.schemas`.
+ *
+ * @throws {Error} When the generated OpenAPI JSON file is missing or invalid.
+ *
+ * @example
+ * ```typescript
+ * import { loadNAuthOpenApiDocument } from '@nauth-toolkit/core/openapi';
+ *
+ * const doc = loadNAuthOpenApiDocument();
+ * console.log(Object.keys(doc.components.schemas));
+ * ```
+ */
+export declare function loadNAuthOpenApiDocument(): NAuthOpenApiDocument;
+/**
+ * Load only the OpenAPI component schemas (`components.schemas`).
+ *
+ * @returns The generated OpenAPI schemas keyed by DTO/type name.
+ *
+ * @example
+ * ```typescript
+ * import { loadNAuthOpenApiSchemas } from '@nauth-toolkit/core/openapi';
+ *
+ * const schemas = loadNAuthOpenApiSchemas();
+ * console.log(Object.keys(schemas));
+ * ```
+ */
+export declare function loadNAuthOpenApiSchemas(): Record<string, unknown>;
+//# sourceMappingURL=index.d.ts.map

package/dist/openapi/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/openapi/index.ts"],"names":[],"mappings":"AAGA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;;OAIG;IACH,OAAO,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,UAAU,EAAE;QACV;;;;;WAKG;QACH,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;KAClC,CAAC;CACH;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,wBAAwB,IAAI,oBAAoB,CAI/D;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,uBAAuB,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAEjE"}

package/dist/openapi/index.js

@@ -0,0 +1,46 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.loadNAuthOpenApiDocument = loadNAuthOpenApiDocument;
+exports.loadNAuthOpenApiSchemas = loadNAuthOpenApiSchemas;
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+/**
+ * Load the generated OpenAPI document from the packaged JSON file.
+ *
+ * This is safe to call in production code. The JSON is generated during the
+ * library build and shipped in `dist/`.
+ *
+ * @returns The generated OpenAPI document containing `components.schemas`.
+ *
+ * @throws {Error} When the generated OpenAPI JSON file is missing or invalid.
+ *
+ * @example
+ * ```typescript
+ * import { loadNAuthOpenApiDocument } from '@nauth-toolkit/core/openapi';
+ *
+ * const doc = loadNAuthOpenApiDocument();
+ * console.log(Object.keys(doc.components.schemas));
+ * ```
+ */
+function loadNAuthOpenApiDocument() {
+    const filePath = (0, node_path_1.join)(__dirname, 'components.schemas.json');
+    const json = (0, node_fs_1.readFileSync)(filePath, 'utf8');
+    return JSON.parse(json);
+}
+/**
+ * Load only the OpenAPI component schemas (`components.schemas`).
+ *
+ * @returns The generated OpenAPI schemas keyed by DTO/type name.
+ *
+ * @example
+ * ```typescript
+ * import { loadNAuthOpenApiSchemas } from '@nauth-toolkit/core/openapi';
+ *
+ * const schemas = loadNAuthOpenApiSchemas();
+ * console.log(Object.keys(schemas));
+ * ```
+ */
+function loadNAuthOpenApiSchemas() {
+    return loadNAuthOpenApiDocument().components.schemas;
+}
+//# sourceMappingURL=index.js.map

package/dist/openapi/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/openapi/index.ts"],"names":[],"mappings":";;AAkEA,4DAIC;AAeD,0DAEC;AAvFD,qCAAuC;AACvC,yCAAiC;AA+CjC;;;;;;;;;;;;;;;;;GAiBG;AACH,SAAgB,wBAAwB;IACtC,MAAM,QAAQ,GAAG,IAAA,gBAAI,EAAC,SAAS,EAAE,yBAAyB,CAAC,CAAC;IAC5D,MAAM,IAAI,GAAG,IAAA,sBAAY,EAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAC5C,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAyB,CAAC;AAClD,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,SAAgB,uBAAuB;IACrC,OAAO,wBAAwB,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;AACvD,CAAC"}

package/dist/services/auth-service-internal-helpers.d.ts

@@ -242,15 +242,15 @@ export declare class AuthServiceInternalHelpers {
      */
     maskPhone(phone: string): string;
     /**
-     * Validate reCAPTCHA token if required
+     * Validate reCAPTCHA token only when explicitly required via @RequireRecaptcha().
      *
-     * Explicit control via @RequireRecaptcha() decorator on routes.
-     * No automatic enforcement - consumer controls which endpoints need protection.
+     * Validation runs solely when the route has @RequireRecaptcha().
+     * If the decorator is not present, any recaptchaToken in the request is ignored.
      *
-     * Validation logic:
+     * Logic:
      * 1. Skip if reCAPTCHA not enabled in config
-     * 2. Enforce if route has @RequireRecaptcha() decorator (throws if token missing/invalid)
-     * 3. If token provided (even when not required), validate it opportunistically
+     * 2. Skip if route does not have @RequireRecaptcha() (ignore token)
+     * 3. If @RequireRecaptcha(): require token and validate (throws if missing/invalid)
      *
      * @param token - reCAPTCHA token from client (optional)
      * @param clientIp - Client IP address for validation (optional)

package/dist/services/auth-service-internal-helpers.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth-service-internal-helpers.d.ts","sourceRoot":"","sources":["../../src/services/auth-service-internal-helpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,KAAK,EAAE,MAAM,kCAAkC,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAC/E,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAAE,wBAAwB,EAAE,MAAM,8BAA8B,CAAC;AACxE,OAAO,EAAE,wBAAwB,EAAE,MAAM,8BAA8B,CAAC;AACxE,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAC7E,OAAO,EAAE,4BAA4B,EAAE,MAAM,4CAA4C,CAAC;AAC1F,OAAO,EAAE,wBAAwB,IAAI,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AACpF,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EAAE,kBAAkB,EAAE,MAAM,qCAAqC,CAAC;AAEzE,OAAO,EACL,qBAAqB,EAErB,oBAAoB,EACpB,mBAAmB,EACnB,qBAAqB,EACrB,wBAAwB,EAExB,gBAAgB,EACjB,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAKvD,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAC7D,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAMpD;;;;;;;;;;GAUG;AACH,qBAAa,0BAA0B;IAEnC,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,sBAAsB;IACvC,OAAO,CAAC,QAAQ,CAAC,wBAAwB;IACzC,OAAO,CAAC,QAAQ,CAAC,wBAAwB;IACzC,OAAO,CAAC,QAAQ,CAAC,gBAAgB;IACjC,OAAO,CAAC,QAAQ,CAAC,eAAe;IAChC,OAAO,CAAC,QAAQ,CAAC,iBAAiB;IAClC,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,qBAAqB;IACtC,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,YAAY;gBAXZ,cAAc,EAAE,UAAU,CAAC,QAAQ,CAAC,EACpC,sBAAsB,EAAE,UAAU,CAAC,gBAAgB,CAAC,EACpD,wBAAwB,EAAE,wBAAwB,EAClD,wBAAwB,EAAE,wBAAwB,GAAG,SAAS,EAC9D,gBAAgB,EAAE,gBAAgB,EAClC,eAAe,EAAE,0BAA0B,EAC3C,iBAAiB,EAAE,iBAAiB,EACpC,cAAc,EAAE,cAAc,EAC9B,qBAAqB,EAAE,4BAA4B,EACnD,MAAM,EAAE,WAAW,EACnB,MAAM,EAAE,WAAW,EACnB,YAAY,EAAE,mBAAmB;IAOpD;;;;;;;;;OASG;YACW,eAAe;IA0B7B;;;;;;OAMG;IACG,iBAAiB,CACrB,gBAAgB,EAAE,oBAAoB,GAAG;QAAE,IAAI,CAAC,EAAE,QAAQ,CAAA;KAAE,EAC5D,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,eAAe,CAAC;IA2D3B;;;;;;OAMG;IACG,iBAAiB,CACrB,gBAAgB,EAAE,oBAAoB,GAAG;QAAE,IAAI,CAAC,EAAE,QAAQ,CAAA;KAAE,EAC5D,IAAI,EAAE,mBAAmB,GAAG,oBAAoB,GAC/C,OAAO,CAAC,eAAe,CAAC;IA4I3B;;;;;;;;;OASG;IACG,qBAAqB,CACzB,gBAAgB,EAAE,oBAAoB,GAAG;QAAE,IAAI,CAAC,EAAE,QAAQ,CAAA;KAAE,EAC5D,IAAI,EAAE,qBAAqB,GAAG,wBAAwB,EACtD,UAAU,EAAE,UAAU,GAAG,SAAS,EAClC,oBAAoB,EAAE,oBAAoB,GAAG,SAAS,EACtD,YAAY,EAAE,gBAAgB,GAAG,SAAS,GACzC,OAAO,CAAC,eAAe,CAAC;IAmP3B;;;;;;;;OAQG;IACG,yBAAyB,CAC7B,gBAAgB,EAAE,oBAAoB,GAAG;QAAE,IAAI,CAAC,EAAE,QAAQ,CAAA;KAAE,EAC5D,WAAW,EAAE,MAAM,EACnB,eAAe,EAAE,eAAe,EAChC,YAAY,EAAE,gBAAgB,GAAG,SAAS,GACzC,OAAO,CAAC,eAAe,CAAC;IAiE3B;;;;;;;;OAQG;IACG,cAAc,CAClB,gBAAgB,EAAE,oBAAoB,GAAG;QAAE,IAAI,CAAC,EAAE,QAAQ,CAAA;KAAE,EAC5D,IAAI,EAAE,gBAAgB,EACtB,UAAU,EAAE,UAAU,GAAG,SAAS,EAClC,aAAa,EAAE,gBAAgB,GAAG,SAAS,GAC1C,OAAO,CAAC,eAAe,CAAC;IAiF3B;;;;;;OAMG;IACH,0BAA0B,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI;IASpE;;;;;;;;;OASG;IACH,uBAAuB,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,qBAAqB,GAAG,IAAI;IA0ExE;;;;;;;;;OASG;IACH,sBAAsB,CACpB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,OAAO,GAAG,UAAU,GAAG,OAAO,GAAG,mBAAmB,GAChE,OAAO;IAsBV;;;;;;;;;;;OAWG;IACG,6BAA6B,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC;IA4C7F;;;;;;;;;OASG;IACG,oBAAoB,CACxB,UAAU,EAAE,MAAM,EAClB,cAAc,CAAC,EAAE,OAAO,GAAG,UAAU,GAAG,OAAO,GAAG,mBAAmB,GACpE,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC;IAiExB;;;;;;;;;;;;;;;;OAgBG;IACG,kBAAkB,CACtB,MAAM,EAAE;QACN,IAAI,EAAE,KAAK,CAAC;QACZ,WAAW,EAAE,MAAM,CAAC;QACpB,kBAAkB,EAAE,OAAO,CAAC;QAC5B,cAAc,EAAE,OAAO,CAAC;QACxB,YAAY,EAAE,MAAM,CAAC;QACrB,aAAa,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;QACpC,KAAK,CAAC,EAAE;YACN,SAAS,EAAE,kBAAkB,CAAC;YAC9B,WAAW,EAAE,SAAS,GAAG,SAAS,GAAG,MAAM,GAAG,YAAY,CAAC;YAC3D,MAAM,CAAC,EAAE,MAAM,CAAC;YAChB,WAAW,CAAC,EAAE,MAAM,CAAC;YACrB,UAAU,CAAC,EAAE,MAAM,CAAC;YACpB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACpC,CAAC;KACH,EACD,eAAe,EAAE,eAAe,EAChC,YAAY,EAAE,gBAAgB,GAAG,SAAS,GACzC,OAAO,CAAC;QAAE,eAAe,EAAE,MAAM,CAAA;KAAE,CAAC;IA0HvC;;;;;;OAMG;IACG,iBAAiB,CAAC,UAAU,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAwB3E;;;;;;;OAOG;IACG,kBAAkB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,aAAa,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAoBjH;;;;;OAKG;IACH,gBAAgB,CAAC,QAAQ,EAAE;QAAE,WAAW,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,KAAK,IAAI,CAAA;KAAE,EAAE,YAAY,EAAE,OAAO,GAAG,IAAI;IA+BpH;;;;;OAKG;IACH,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAQhC;;;;;OAKG;IACH,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAUhC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA6BG;IACG,yBAAyB,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA8B5F;;;;;;;;;OASG;YACW,oBAAoB;CAqDnC"}
+{"version":3,"file":"auth-service-internal-helpers.d.ts","sourceRoot":"","sources":["../../src/services/auth-service-internal-helpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,KAAK,EAAE,MAAM,kCAAkC,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAC/E,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAAE,wBAAwB,EAAE,MAAM,8BAA8B,CAAC;AACxE,OAAO,EAAE,wBAAwB,EAAE,MAAM,8BAA8B,CAAC;AACxE,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAC7E,OAAO,EAAE,4BAA4B,EAAE,MAAM,4CAA4C,CAAC;AAC1F,OAAO,EAAE,wBAAwB,IAAI,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AACpF,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EAAE,kBAAkB,EAAE,MAAM,qCAAqC,CAAC;AAEzE,OAAO,EACL,qBAAqB,EAErB,oBAAoB,EACpB,mBAAmB,EACnB,qBAAqB,EACrB,wBAAwB,EAExB,gBAAgB,EACjB,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAKvD,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAC7D,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAMpD;;;;;;;;;;GAUG;AACH,qBAAa,0BAA0B;IAEnC,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,sBAAsB;IACvC,OAAO,CAAC,QAAQ,CAAC,wBAAwB;IACzC,OAAO,CAAC,QAAQ,CAAC,wBAAwB;IACzC,OAAO,CAAC,QAAQ,CAAC,gBAAgB;IACjC,OAAO,CAAC,QAAQ,CAAC,eAAe;IAChC,OAAO,CAAC,QAAQ,CAAC,iBAAiB;IAClC,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,qBAAqB;IACtC,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,YAAY;gBAXZ,cAAc,EAAE,UAAU,CAAC,QAAQ,CAAC,EACpC,sBAAsB,EAAE,UAAU,CAAC,gBAAgB,CAAC,EACpD,wBAAwB,EAAE,wBAAwB,EAClD,wBAAwB,EAAE,wBAAwB,GAAG,SAAS,EAC9D,gBAAgB,EAAE,gBAAgB,EAClC,eAAe,EAAE,0BAA0B,EAC3C,iBAAiB,EAAE,iBAAiB,EACpC,cAAc,EAAE,cAAc,EAC9B,qBAAqB,EAAE,4BAA4B,EACnD,MAAM,EAAE,WAAW,EACnB,MAAM,EAAE,WAAW,EACnB,YAAY,EAAE,mBAAmB;IAOpD;;;;;;;;;OASG;YACW,eAAe;IA0B7B;;;;;;OAMG;IACG,iBAAiB,CACrB,gBAAgB,EAAE,oBAAoB,GAAG;QAAE,IAAI,CAAC,EAAE,QAAQ,CAAA;KAAE,EAC5D,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,eAAe,CAAC;IA2D3B;;;;;;OAMG;IACG,iBAAiB,CACrB,gBAAgB,EAAE,oBAAoB,GAAG;QAAE,IAAI,CAAC,EAAE,QAAQ,CAAA;KAAE,EAC5D,IAAI,EAAE,mBAAmB,GAAG,oBAAoB,GAC/C,OAAO,CAAC,eAAe,CAAC;IA4I3B;;;;;;;;;OASG;IACG,qBAAqB,CACzB,gBAAgB,EAAE,oBAAoB,GAAG;QAAE,IAAI,CAAC,EAAE,QAAQ,CAAA;KAAE,EAC5D,IAAI,EAAE,qBAAqB,GAAG,wBAAwB,EACtD,UAAU,EAAE,UAAU,GAAG,SAAS,EAClC,oBAAoB,EAAE,oBAAoB,GAAG,SAAS,EACtD,YAAY,EAAE,gBAAgB,GAAG,SAAS,GACzC,OAAO,CAAC,eAAe,CAAC;IAmP3B;;;;;;;;OAQG;IACG,yBAAyB,CAC7B,gBAAgB,EAAE,oBAAoB,GAAG;QAAE,IAAI,CAAC,EAAE,QAAQ,CAAA;KAAE,EAC5D,WAAW,EAAE,MAAM,EACnB,eAAe,EAAE,eAAe,EAChC,YAAY,EAAE,gBAAgB,GAAG,SAAS,GACzC,OAAO,CAAC,eAAe,CAAC;IAiE3B;;;;;;;;OAQG;IACG,cAAc,CAClB,gBAAgB,EAAE,oBAAoB,GAAG;QAAE,IAAI,CAAC,EAAE,QAAQ,CAAA;KAAE,EAC5D,IAAI,EAAE,gBAAgB,EACtB,UAAU,EAAE,UAAU,GAAG,SAAS,EAClC,aAAa,EAAE,gBAAgB,GAAG,SAAS,GAC1C,OAAO,CAAC,eAAe,CAAC;IAiF3B;;;;;;OAMG;IACH,0BAA0B,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI;IASpE;;;;;;;;;OASG;IACH,uBAAuB,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,qBAAqB,GAAG,IAAI;IA0ExE;;;;;;;;;OASG;IACH,sBAAsB,CACpB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,OAAO,GAAG,UAAU,GAAG,OAAO,GAAG,mBAAmB,GAChE,OAAO;IAsBV;;;;;;;;;;;OAWG;IACG,6BAA6B,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC;IA4C7F;;;;;;;;;OASG;IACG,oBAAoB,CACxB,UAAU,EAAE,MAAM,EAClB,cAAc,CAAC,EAAE,OAAO,GAAG,UAAU,GAAG,OAAO,GAAG,mBAAmB,GACpE,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC;IAiExB;;;;;;;;;;;;;;;;OAgBG;IACG,kBAAkB,CACtB,MAAM,EAAE;QACN,IAAI,EAAE,KAAK,CAAC;QACZ,WAAW,EAAE,MAAM,CAAC;QACpB,kBAAkB,EAAE,OAAO,CAAC;QAC5B,cAAc,EAAE,OAAO,CAAC;QACxB,YAAY,EAAE,MAAM,CAAC;QACrB,aAAa,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;QACpC,KAAK,CAAC,EAAE;YACN,SAAS,EAAE,kBAAkB,CAAC;YAC9B,WAAW,EAAE,SAAS,GAAG,SAAS,GAAG,MAAM,GAAG,YAAY,CAAC;YAC3D,MAAM,CAAC,EAAE,MAAM,CAAC;YAChB,WAAW,CAAC,EAAE,MAAM,CAAC;YACrB,UAAU,CAAC,EAAE,MAAM,CAAC;YACpB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACpC,CAAC;KACH,EACD,eAAe,EAAE,eAAe,EAChC,YAAY,EAAE,gBAAgB,GAAG,SAAS,GACzC,OAAO,CAAC;QAAE,eAAe,EAAE,MAAM,CAAA;KAAE,CAAC;IA0HvC;;;;;;OAMG;IACG,iBAAiB,CAAC,UAAU,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAwB3E;;;;;;;OAOG;IACG,kBAAkB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,aAAa,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAoBjH;;;;;OAKG;IACH,gBAAgB,CAAC,QAAQ,EAAE;QAAE,WAAW,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,KAAK,IAAI,CAAA;KAAE,EAAE,YAAY,EAAE,OAAO,GAAG,IAAI;IA+BpH;;;;;OAKG;IACH,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAQhC;;;;;OAKG;IACH,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAUhC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA6BG;IACG,yBAAyB,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAyB5F;;;;;;;;;OASG;YACW,oBAAoB;CAqDnC"}

package/dist/services/auth-service-internal-helpers.js

@@ -1072,15 +1072,15 @@ class AuthServiceInternalHelpers {
     // reCAPTCHA Validation
     // ============================================================================
     /**
-     * Validate reCAPTCHA token if required
+     * Validate reCAPTCHA token only when explicitly required via @RequireRecaptcha().
      *
-     * Explicit control via @RequireRecaptcha() decorator on routes.
-     * No automatic enforcement - consumer controls which endpoints need protection.
+     * Validation runs solely when the route has @RequireRecaptcha().
+     * If the decorator is not present, any recaptchaToken in the request is ignored.
      *
-     * Validation logic:
+     * Logic:
      * 1. Skip if reCAPTCHA not enabled in config
-     * 2. Enforce if route has @RequireRecaptcha() decorator (throws if token missing/invalid)
-     * 3. If token provided (even when not required), validate it opportunistically
+     * 2. Skip if route does not have @RequireRecaptcha() (ignore token)
+     * 3. If @RequireRecaptcha(): require token and validate (throws if missing/invalid)
      *
      * @param token - reCAPTCHA token from client (optional)
      * @param clientIp - Client IP address for validation (optional)
@@ -1109,20 +1109,15 @@ class AuthServiceInternalHelpers {
         }
         // Get current request context for attributes set by decorators
         const req = context_storage_1.ContextStorage.get('REQUEST');
-        // Check if reCAPTCHA is explicitly required via @RequireRecaptcha() decorator
-        if (req?.attributes.nauthRequireRecaptcha === true) {
-            this.logger?.debug?.('reCAPTCHA validation required (explicit @RequireRecaptcha() decorator)');
-            if (!token) {
-                throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.RECAPTCHA_REQUIRED, 'reCAPTCHA token is required');
-            }
-            await this.verifyRecaptchaToken(token, clientIp);
+        // Validate only when @RequireRecaptcha() is on the route; otherwise ignore any token
+        if (req?.attributes.nauthRequireRecaptcha !== true) {
             return;
         }
-        // Opportunistic validation: if token provided, validate it (even when not required)
-        if (token) {
-            this.logger?.debug?.('reCAPTCHA token provided, performing opportunistic validation');
-            await this.verifyRecaptchaToken(token, clientIp);
+        this.logger?.debug?.('reCAPTCHA validation required (explicit @RequireRecaptcha() decorator)');
+        if (!token) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.RECAPTCHA_REQUIRED, 'reCAPTCHA token is required');
         }
+        await this.verifyRecaptchaToken(token, clientIp);
     }
     /**
      * Verify reCAPTCHA token with Google's API