@navios/jwt 0.2.0 → 0.3.1

package/project.json

@@ -0,0 +1,53 @@
+{
+  "name": "@navios/jwt",
+  "$schema": "../../node_modules/nx/schemas/project-schema.json",
+  "sourceRoot": "packages/jwt/src",
+  "prefix": "jwt",
+  "tags": [],
+  "projectType": "library",
+  "targets": {
+    "check": {
+      "executor": "nx:run-commands",
+      "outputs": ["{projectRoot}/dist"],
+      "inputs": ["^projectSources", "projectSources"],
+      "options": {
+        "command": ["tsc -b"],
+        "cwd": "packages/jwt"
+      }
+    },
+    "test:ci": {
+      "executor": "nx:run-commands",
+      "inputs": ["^projectSources", "project"],
+      "options": {
+        "command": "vitest run",
+        "cwd": "packages/jwt"
+      }
+    },
+    "build": {
+      "executor": "nx:run-commands",
+      "inputs": ["projectSources"],
+      "outputs": ["{projectRoot}/lib"],
+      "dependsOn": ["check"],
+      "options": {
+        "command": "tsup",
+        "cwd": "packages/jwt"
+      }
+    },
+    "publish": {
+      "executor": "nx:run-commands",
+      "dependsOn": ["build"],
+      "options": {
+        "command": "yarn npm publish --access public",
+        "cwd": "packages/jwt"
+      }
+    },
+    "publish:next": {
+      "executor": "nx:run-commands",
+      "dependsOn": ["build"],
+      "options": {
+        "command": "yarn npm publish --access public --tag next",
+        "cwd": "packages/jwt"
+      }
+    }
+  }
+}

package/src/jwt-service.provider.mts

@@ -1,36 +1,18 @@
-import type {
-  BoundInjectionToken,
-  FactoryContext,
-  FactoryInjectionToken,
-} from '@navios/core'
+import type { BoundInjectionToken, FactoryInjectionToken } from '@navios/core'
 
-import {
-  Injectable,
-  InjectableType,
-  InjectionToken,
-  resolveService,
-} from '@navios/core'
+import { InjectionToken } from '@navios/core'
 
 import type { JwtServiceOptions } from './options/jwt-service.options.mjs'
 
-import { JwtService } from './jwt.service.mjs'
+import { JwtService, JwtServiceToken } from './jwt.service.mjs'
 import { JwtServiceOptionsSchema } from './options/jwt-service.options.mjs'
 
-export const JwtServiceToken = InjectionToken.create(
-  JwtService,
-  JwtServiceOptionsSchema,
-)
-
-@Injectable({
-  token: JwtServiceToken,
-  type: InjectableType.Factory,
-})
-export class JwtServiceFactory {
-  create(ctx: FactoryContext, args: JwtServiceOptions) {
-    return resolveService(ctx, JwtService, [args])
-  }
-}
-
+export function provideJwtService(
+  config: JwtServiceOptions,
+): BoundInjectionToken<JwtService, typeof JwtServiceOptionsSchema>
+export function provideJwtService(
+  config: () => Promise<JwtServiceOptions>,
+): FactoryInjectionToken<JwtService, typeof JwtServiceOptionsSchema>
 export function provideJwtService(
   config: JwtServiceOptions | (() => Promise<JwtServiceOptions>),
 ):

package/src/jwt.service.mts

@@ -1,4 +1,4 @@
-import { Injectable, Logger, syncInject } from '@navios/core'
+import { Injectable, InjectionToken, Logger, syncInject } from '@navios/core'
 
 import jwt from 'jsonwebtoken'
 
@@ -11,9 +11,19 @@ import type {
   VerifyOptions,
 } from './options/jwt-service.options.mjs'
 
-import { RequestType } from './options/jwt-service.options.mjs'
+import {
+  JwtServiceOptionsSchema,
+  RequestType,
+} from './options/jwt-service.options.mjs'
+
+export const JwtServiceToken = InjectionToken.create(
+  Symbol.for('JwtService'),
+  JwtServiceOptionsSchema,
+)
 
-@Injectable()
+@Injectable({
+  token: JwtServiceToken,
+})
 export class JwtService {
   logger = syncInject(Logger, {
     context: JwtService.name,
@@ -127,6 +137,7 @@ export class JwtService {
       throw new Error()
     }
 
+    // @ts-expect-error We check it
     return jwt.verify(token, secret, verifyOptions) as unknown as T
   }
 
@@ -146,6 +157,7 @@ export class JwtService {
       Promise.resolve()
         .then(() => secret)
         .then((scrt: GetSecretKeyResult) => {
+          // @ts-expect-error We check it
           jwt.verify(token, scrt, verifyOptions, (err, decoded) =>
             err ? reject(err) : resolve(decoded as T),
           )

package/src/options/jwt-service.options.mts

@@ -43,7 +43,13 @@ export const SignOptionsSchema = z.object({
   keyid: z.string().optional(),
   expiresIn: z.union([z.string(), z.number()]).optional(),
   notBefore: z.union([z.string(), z.number()]).optional(),
-  audience: z.union([z.string(), z.string().array()]).optional(),
+  audience: z
+    .union([
+      z.string(),
+      z.instanceof(RegExp),
+      z.array(z.union([z.string(), z.instanceof(RegExp)])),
+    ])
+    .optional(),
   subject: z.string().optional(),
   issuer: z.string().optional(),
   jwtid: z.string().optional(),
@@ -60,7 +66,11 @@ export type SignOptions = z.infer<typeof SignOptionsSchema>
 export const VerifyOptionsSchema = z.object({
   algorithms: AlgorithmType.array().optional(),
   audience: z
-    .union([z.string(), z.instanceof(RegExp), z.string().array()])
+    .union([
+      z.string(),
+      z.instanceof(RegExp),
+      z.array(z.union([z.string(), z.instanceof(RegExp)])),
+    ])
     .optional(),
   clockTimestamp: z.number().optional(),
   clockTolerance: z.number().optional(),

package/tsconfig.json

@@ -0,0 +1,13 @@
+{
+  "extends": "../../tsconfig.json",
+  "compilerOptions": {
+    "module": "Node18",
+    "outDir": "dist"
+  },
+  "include": ["src/**/*"],
+  "references": [
+    {
+      "path": "../core"
+    }
+  ]
+}

package/tsup.config.mts

@@ -0,0 +1,12 @@
+import { defineConfig } from 'tsup'
+
+export default defineConfig({
+  entry: ['src/index.mts'],
+  outDir: 'lib',
+  format: ['esm', 'cjs'],
+  clean: true,
+  treeshake: 'smallest',
+  sourcemap: true,
+  platform: 'node',
+  experimentalDts: true,
+})

package/vitest.config.mts

@@ -0,0 +1,9 @@
+import { defineProject } from 'vitest/config'
+
+export default defineProject({
+  test: {
+    typecheck: {
+      enabled: true,
+    },
+  },
+})

package/dist/index.js

@@ -1,365 +0,0 @@
-"use strict";
-var __create = Object.create;
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getProtoOf = Object.getPrototypeOf;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __knownSymbol = (name, symbol) => (symbol = Symbol[name]) ? symbol : Symbol.for("Symbol." + name);
-var __typeError = (msg) => {
-  throw TypeError(msg);
-};
-var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
-var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-  mod
-));
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-var __decoratorStart = (base) => [, , , __create((base == null ? void 0 : base[__knownSymbol("metadata")]) ?? null)];
-var __decoratorStrings = ["class", "method", "getter", "setter", "accessor", "field", "value", "get", "set"];
-var __expectFn = (fn) => fn !== void 0 && typeof fn !== "function" ? __typeError("Function expected") : fn;
-var __decoratorContext = (kind, name, done, metadata, fns) => ({ kind: __decoratorStrings[kind], name, metadata, addInitializer: (fn) => done._ ? __typeError("Already initialized") : fns.push(__expectFn(fn || null)) });
-var __decoratorMetadata = (array, target) => __defNormalProp(target, __knownSymbol("metadata"), array[3]);
-var __runInitializers = (array, flags, self, value) => {
-  for (var i = 0, fns = array[flags >> 1], n = fns && fns.length; i < n; i++) flags & 1 ? fns[i].call(self) : value = fns[i].call(self, value);
-  return value;
-};
-var __decorateElement = (array, flags, name, decorators, target, extra) => {
-  var fn, it, done, ctx, access, k = flags & 7, s = !!(flags & 8), p = !!(flags & 16);
-  var j = k > 3 ? array.length + 1 : k ? s ? 1 : 2 : 0, key = __decoratorStrings[k + 5];
-  var initializers = k > 3 && (array[j - 1] = []), extraInitializers = array[j] || (array[j] = []);
-  var desc = k && (!p && !s && (target = target.prototype), k < 5 && (k > 3 || !p) && __getOwnPropDesc(k < 4 ? target : { get [name]() {
-    return __privateGet(this, extra);
-  }, set [name](x) {
-    return __privateSet(this, extra, x);
-  } }, name));
-  k ? p && k < 4 && __name(extra, (k > 2 ? "set " : k > 1 ? "get " : "") + name) : __name(target, name);
-  for (var i = decorators.length - 1; i >= 0; i--) {
-    ctx = __decoratorContext(k, name, done = {}, array[3], extraInitializers);
-    if (k) {
-      ctx.static = s, ctx.private = p, access = ctx.access = { has: p ? (x) => __privateIn(target, x) : (x) => name in x };
-      if (k ^ 3) access.get = p ? (x) => (k ^ 1 ? __privateGet : __privateMethod)(x, target, k ^ 4 ? extra : desc.get) : (x) => x[name];
-      if (k > 2) access.set = p ? (x, y) => __privateSet(x, target, y, k ^ 4 ? extra : desc.set) : (x, y) => x[name] = y;
-    }
-    it = (0, decorators[i])(k ? k < 4 ? p ? extra : desc[key] : k > 4 ? void 0 : { get: desc.get, set: desc.set } : target, ctx), done._ = 1;
-    if (k ^ 4 || it === void 0) __expectFn(it) && (k > 4 ? initializers.unshift(it) : k ? p ? extra = it : desc[key] = it : target = it);
-    else if (typeof it !== "object" || it === null) __typeError("Object expected");
-    else __expectFn(fn = it.get) && (desc.get = fn), __expectFn(fn = it.set) && (desc.set = fn), __expectFn(fn = it.init) && initializers.unshift(fn);
-  }
-  return k || __decoratorMetadata(array, target), desc && __defProp(target, name, desc), p ? k ^ 4 ? extra : desc : target;
-};
-var __accessCheck = (obj, member, msg) => member.has(obj) || __typeError("Cannot " + msg);
-var __privateIn = (member, obj) => Object(obj) !== obj ? __typeError('Cannot use the "in" operator on this value') : member.has(obj);
-var __privateGet = (obj, member, getter) => (__accessCheck(obj, member, "read from private field"), getter ? getter.call(obj) : member.get(obj));
-var __privateSet = (obj, member, value, setter) => (__accessCheck(obj, member, "write to private field"), setter ? setter.call(obj, value) : member.set(obj, value), value);
-var __privateMethod = (obj, member, method) => (__accessCheck(obj, member, "access private method"), method);
-
-// packages/jwt/src/index.mts
-var src_exports = {};
-__export(src_exports, {
-  AlgorithmType: () => AlgorithmType,
-  JsonWebTokenError: () => JsonWebTokenError,
-  JwtHeaderSchema: () => JwtHeaderSchema,
-  JwtService: () => JwtService,
-  JwtServiceFactory: () => JwtServiceFactory,
-  JwtServiceOptionsSchema: () => JwtServiceOptionsSchema,
-  JwtServiceToken: () => JwtServiceToken,
-  NotBeforeError: () => NotBeforeError,
-  RequestType: () => RequestType,
-  SecretSchema: () => SecretSchema,
-  SignOptionsSchema: () => SignOptionsSchema,
-  TokenExpiredError: () => TokenExpiredError,
-  VerifyOptionsSchema: () => VerifyOptionsSchema,
-  provideJwtService: () => provideJwtService
-});
-module.exports = __toCommonJS(src_exports);
-var import_jsonwebtoken2 = __toESM(require("jsonwebtoken"), 1);
-
-// packages/jwt/src/options/jwt-service.options.mts
-var import_zod = require("zod");
-var RequestType = /* @__PURE__ */ ((RequestType2) => {
-  RequestType2["Sign"] = "Sign";
-  RequestType2["Verify"] = "Verify";
-  return RequestType2;
-})(RequestType || {});
-var AlgorithmType = import_zod.z.enum([
-  "HS256",
-  "HS384",
-  "HS512",
-  "RS256",
-  "RS384",
-  "RS512",
-  "ES256",
-  "ES384",
-  "ES512",
-  "PS256",
-  "PS384",
-  "PS512",
-  "none"
-]);
-var JwtHeaderSchema = import_zod.z.object({
-  alg: AlgorithmType.or(import_zod.z.string()),
-  typ: import_zod.z.string().optional(),
-  cty: import_zod.z.string().optional(),
-  crit: import_zod.z.string().array().optional(),
-  kid: import_zod.z.string().optional(),
-  jku: import_zod.z.string().optional(),
-  x5u: import_zod.z.union([import_zod.z.string(), import_zod.z.array(import_zod.z.string())]).optional(),
-  "x5t#S256": import_zod.z.string().optional(),
-  x5t: import_zod.z.string().optional(),
-  x5c: import_zod.z.union([import_zod.z.string(), import_zod.z.array(import_zod.z.string())]).optional()
-});
-var SignOptionsSchema = import_zod.z.object({
-  algorithm: AlgorithmType.optional(),
-  keyid: import_zod.z.string().optional(),
-  expiresIn: import_zod.z.union([import_zod.z.string(), import_zod.z.number()]).optional(),
-  notBefore: import_zod.z.union([import_zod.z.string(), import_zod.z.number()]).optional(),
-  audience: import_zod.z.union([import_zod.z.string(), import_zod.z.string().array()]).optional(),
-  subject: import_zod.z.string().optional(),
-  issuer: import_zod.z.string().optional(),
-  jwtid: import_zod.z.string().optional(),
-  mutatePayload: import_zod.z.boolean().optional(),
-  noTimestamp: import_zod.z.boolean().optional(),
-  header: JwtHeaderSchema.optional(),
-  encoding: import_zod.z.string().optional(),
-  allowInsecureKeySizes: import_zod.z.boolean().optional(),
-  allowInvalidAsymmetricKeyTypes: import_zod.z.boolean().optional()
-});
-var VerifyOptionsSchema = import_zod.z.object({
-  algorithms: AlgorithmType.array().optional(),
-  audience: import_zod.z.union([import_zod.z.string(), import_zod.z.instanceof(RegExp), import_zod.z.string().array()]).optional(),
-  clockTimestamp: import_zod.z.number().optional(),
-  clockTolerance: import_zod.z.number().optional(),
-  complete: import_zod.z.boolean().optional(),
-  issuer: import_zod.z.union([import_zod.z.string(), import_zod.z.string().array()]).optional(),
-  ignoreExpiration: import_zod.z.boolean().optional(),
-  ignoreNotBefore: import_zod.z.boolean().optional(),
-  jwtid: import_zod.z.string().optional(),
-  nonce: import_zod.z.string().optional(),
-  subject: import_zod.z.string().optional(),
-  maxAge: import_zod.z.union([import_zod.z.string(), import_zod.z.number()]).optional(),
-  allowInvalidAsymmetricKeyTypes: import_zod.z.boolean().optional()
-});
-var SecretSchema = import_zod.z.union([
-  import_zod.z.string(),
-  import_zod.z.instanceof(Buffer),
-  import_zod.z.object({
-    type: import_zod.z.string()
-  }).passthrough(),
-  import_zod.z.object({
-    key: import_zod.z.union([import_zod.z.string(), import_zod.z.instanceof(Buffer)]),
-    passphrase: import_zod.z.string()
-  })
-]);
-var JwtServiceOptionsSchema = import_zod.z.object({
-  signOptions: SignOptionsSchema.optional(),
-  secret: import_zod.z.string().optional(),
-  publicKey: import_zod.z.union([import_zod.z.string(), import_zod.z.instanceof(Buffer)]).optional(),
-  privateKey: SecretSchema.optional(),
-  verifyOptions: VerifyOptionsSchema.optional(),
-  secretOrKeyProvider: import_zod.z.function().args(
-    import_zod.z.nativeEnum(RequestType),
-    import_zod.z.any(),
-    import_zod.z.union([SignOptionsSchema, VerifyOptionsSchema]).optional()
-  ).returns(import_zod.z.union([SecretSchema, import_zod.z.promise(SecretSchema)])).optional()
-});
-
-// packages/jwt/src/jwt.service.mts
-var import_core = require("@navios/core");
-var import_jsonwebtoken = __toESM(require("jsonwebtoken"), 1);
-var _JwtService_decorators, _init;
-_JwtService_decorators = [(0, import_core.Injectable)()];
-var _JwtService = class _JwtService {
-  constructor(options = {}) {
-    this.options = options;
-  }
-  logger = (0, import_core.syncInject)(import_core.Logger, {
-    context: _JwtService.name
-  });
-  sign(payload, options = {}) {
-    const signOptions = this.mergeJwtOptions(
-      { ...options },
-      "signOptions"
-    );
-    const secret = this.getSecretKey(
-      payload,
-      options,
-      "privateKey",
-      "Sign" /* Sign */
-    );
-    if (secret instanceof Promise) {
-      secret.catch(() => {
-      });
-      this.logger.warn(
-        'For async version of "secretOrKeyProvider", please use "signAsync".'
-      );
-      throw new Error();
-    }
-    const allowedSignOptKeys = ["secret", "privateKey"];
-    const signOptKeys = Object.keys(signOptions);
-    if (typeof payload === "string" && signOptKeys.some((k) => !allowedSignOptKeys.includes(k))) {
-      throw new Error(
-        "Payload as string is not allowed with the following sign options: " + signOptKeys.join(", ")
-      );
-    }
-    return import_jsonwebtoken.default.sign(payload, secret, signOptions);
-  }
-  signAsync(payload, options = {}) {
-    const signOptions = this.mergeJwtOptions(
-      { ...options },
-      "signOptions"
-    );
-    const secret = this.getSecretKey(
-      payload,
-      options,
-      "privateKey",
-      "Sign" /* Sign */
-    );
-    const allowedSignOptKeys = ["secret", "privateKey"];
-    const signOptKeys = Object.keys(signOptions);
-    if (typeof payload === "string" && signOptKeys.some((k) => !allowedSignOptKeys.includes(k))) {
-      throw new Error(
-        "Payload as string is not allowed with the following sign options: " + signOptKeys.join(", ")
-      );
-    }
-    return new Promise(
-      (resolve, reject) => Promise.resolve().then(() => secret).then((scrt) => {
-        import_jsonwebtoken.default.sign(
-          payload,
-          scrt,
-          signOptions,
-          (err, encoded) => err ? reject(err) : resolve(encoded)
-        );
-      })
-    );
-  }
-  verify(token, options = {}) {
-    const verifyOptions = this.mergeJwtOptions({ ...options }, "verifyOptions");
-    const secret = this.getSecretKey(
-      token,
-      options,
-      "publicKey",
-      "Verify" /* Verify */
-    );
-    if (secret instanceof Promise) {
-      secret.catch(() => {
-      });
-      this.logger.warn(
-        'For async version of "secretOrKeyProvider", please use "verifyAsync".'
-      );
-      throw new Error();
-    }
-    return import_jsonwebtoken.default.verify(token, secret, verifyOptions);
-  }
-  verifyAsync(token, options = {}) {
-    const verifyOptions = this.mergeJwtOptions({ ...options }, "verifyOptions");
-    const secret = this.getSecretKey(
-      token,
-      options,
-      "publicKey",
-      "Verify" /* Verify */
-    );
-    return new Promise(
-      (resolve, reject) => Promise.resolve().then(() => secret).then((scrt) => {
-        import_jsonwebtoken.default.verify(
-          token,
-          scrt,
-          verifyOptions,
-          (err, decoded) => err ? reject(err) : resolve(decoded)
-        );
-      }).catch(reject)
-    );
-  }
-  decode(token, options) {
-    return import_jsonwebtoken.default.decode(token, options);
-  }
-  mergeJwtOptions(options, key) {
-    delete options.secret;
-    if (key === "signOptions") {
-      delete options.privateKey;
-    } else {
-      delete options.publicKey;
-    }
-    return options ? {
-      ...this.options[key] || {},
-      ...options
-    } : (
-      // @ts-expect-error We check it
-      this.options[key]
-    );
-  }
-  getSecretKey(token, options, key, secretRequestType) {
-    const secret = this.options.secretOrKeyProvider ? this.options.secretOrKeyProvider(secretRequestType, token, options) : (options == null ? void 0 : options.secret) || this.options.secret || (key === "privateKey" ? (options == null ? void 0 : options.privateKey) || this.options.privateKey : (options == null ? void 0 : options.publicKey) || this.options.publicKey) || this.options[key];
-    return secret;
-  }
-};
-_init = __decoratorStart(null);
-_JwtService = __decorateElement(_init, 0, "JwtService", _JwtService_decorators, _JwtService);
-__runInitializers(_init, 1, _JwtService);
-var JwtService = _JwtService;
-
-// packages/jwt/src/jwt-service.provider.mts
-var import_core2 = require("@navios/core");
-var JwtServiceToken = import_core2.InjectionToken.create(
-  JwtService,
-  JwtServiceOptionsSchema
-);
-var _JwtServiceFactory_decorators, _init2;
-_JwtServiceFactory_decorators = [(0, import_core2.Injectable)({
-  token: JwtServiceToken,
-  type: import_core2.InjectableType.Factory
-})];
-var JwtServiceFactory = class {
-  create(ctx, args) {
-    return (0, import_core2.resolveService)(ctx, JwtService, [args]);
-  }
-};
-_init2 = __decoratorStart(null);
-JwtServiceFactory = __decorateElement(_init2, 0, "JwtServiceFactory", _JwtServiceFactory_decorators, JwtServiceFactory);
-__runInitializers(_init2, 1, JwtServiceFactory);
-function provideJwtService(config) {
-  if (typeof config === "function") {
-    return import_core2.InjectionToken.factory(JwtServiceToken, config);
-  }
-  return import_core2.InjectionToken.bound(JwtServiceToken, config);
-}
-
-// packages/jwt/src/index.mts
-var TokenExpiredError = import_jsonwebtoken2.default.TokenExpiredError;
-var NotBeforeError = import_jsonwebtoken2.default.NotBeforeError;
-var JsonWebTokenError = import_jsonwebtoken2.default.JsonWebTokenError;
-// Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
-  AlgorithmType,
-  JsonWebTokenError,
-  JwtHeaderSchema,
-  JwtService,
-  JwtServiceFactory,
-  JwtServiceOptionsSchema,
-  JwtServiceToken,
-  NotBeforeError,
-  RequestType,
-  SecretSchema,
-  SignOptionsSchema,
-  TokenExpiredError,
-  VerifyOptionsSchema,
-  provideJwtService
-});
-//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../packages/jwt/src/index.mts","../../../../packages/jwt/src/options/jwt-service.options.mts","../../../../packages/jwt/src/jwt.service.mts","../../../../packages/jwt/src/jwt-service.provider.mts"],"sourcesContent":["import jwt from 'jsonwebtoken'\n\nexport * from './options/jwt-service.options.mjs'\nexport * from './jwt.service.mjs'\nexport * from './jwt-service.provider.mjs'\nexport const TokenExpiredError = jwt.TokenExpiredError\nexport const NotBeforeError = jwt.NotBeforeError\nexport const JsonWebTokenError = jwt.JsonWebTokenError\n","import type { Secret as JwtSecret } from 'jsonwebtoken'\n\nimport { z } from 'zod'\n\nexport enum RequestType {\n  Sign = 'Sign',\n  Verify = 'Verify',\n}\n\nexport const AlgorithmType = z.enum([\n  'HS256',\n  'HS384',\n  'HS512',\n  'RS256',\n  'RS384',\n  'RS512',\n  'ES256',\n  'ES384',\n  'ES512',\n  'PS256',\n  'PS384',\n  'PS512',\n  'none',\n])\n\nexport const JwtHeaderSchema = z.object({\n  alg: AlgorithmType.or(z.string()),\n  typ: z.string().optional(),\n  cty: z.string().optional(),\n  crit: z.string().array().optional(),\n  kid: z.string().optional(),\n  jku: z.string().optional(),\n  x5u: z.union([z.string(), z.array(z.string())]).optional(),\n  'x5t#S256': z.string().optional(),\n  x5t: z.string().optional(),\n  x5c: z.union([z.string(), z.array(z.string())]).optional(),\n})\n\nexport type JwtHeader = z.infer<typeof JwtHeaderSchema>\n\nexport const SignOptionsSchema = z.object({\n  algorithm: AlgorithmType.optional(),\n  keyid: z.string().optional(),\n  expiresIn: z.union([z.string(), z.number()]).optional(),\n  notBefore: z.union([z.string(), z.number()]).optional(),\n  audience: z.union([z.string(), z.string().array()]).optional(),\n  subject: z.string().optional(),\n  issuer: z.string().optional(),\n  jwtid: z.string().optional(),\n  mutatePayload: z.boolean().optional(),\n  noTimestamp: z.boolean().optional(),\n  header: JwtHeaderSchema.optional(),\n  encoding: z.string().optional(),\n  allowInsecureKeySizes: z.boolean().optional(),\n  allowInvalidAsymmetricKeyTypes: z.boolean().optional(),\n})\n\nexport type SignOptions = z.infer<typeof SignOptionsSchema>\n\nexport const VerifyOptionsSchema = z.object({\n  algorithms: AlgorithmType.array().optional(),\n  audience: z\n    .union([z.string(), z.instanceof(RegExp), z.string().array()])\n    .optional(),\n  clockTimestamp: z.number().optional(),\n  clockTolerance: z.number().optional(),\n  complete: z.boolean().optional(),\n  issuer: z.union([z.string(), z.string().array()]).optional(),\n  ignoreExpiration: z.boolean().optional(),\n  ignoreNotBefore: z.boolean().optional(),\n  jwtid: z.string().optional(),\n  nonce: z.string().optional(),\n  subject: z.string().optional(),\n  maxAge: z.union([z.string(), z.number()]).optional(),\n  allowInvalidAsymmetricKeyTypes: z.boolean().optional(),\n})\n\nexport type VerifyOptions = z.infer<typeof VerifyOptionsSchema>\n\nexport const SecretSchema = z.union([\n  z.string(),\n  z.instanceof(Buffer),\n  z\n    .object({\n      type: z.string(),\n    })\n    .passthrough(),\n  z.object({\n    key: z.union([z.string(), z.instanceof(Buffer)]),\n    passphrase: z.string(),\n  }),\n])\n\nexport type Secret = z.infer<typeof SecretSchema>\n\nexport const JwtServiceOptionsSchema = z.object({\n  signOptions: SignOptionsSchema.optional(),\n  secret: z.string().optional(),\n  publicKey: z.union([z.string(), z.instanceof(Buffer)]).optional(),\n  privateKey: SecretSchema.optional(),\n  verifyOptions: VerifyOptionsSchema.optional(),\n  secretOrKeyProvider: z\n    .function()\n    .args(\n      z.nativeEnum(RequestType),\n      z.any(),\n      z.union([SignOptionsSchema, VerifyOptionsSchema]).optional(),\n    )\n    .returns(z.union([SecretSchema, z.promise(SecretSchema)]))\n    .optional(),\n})\n\nexport type JwtServiceOptions = z.infer<typeof JwtServiceOptionsSchema>\n\nexport interface JwtSignOptions extends SignOptions {\n  secret?: string | Buffer\n  privateKey?: Secret\n}\n\nexport interface JwtVerifyOptions extends VerifyOptions {\n  secret?: string | Buffer\n  publicKey?: string | Buffer\n}\n\nexport type GetSecretKeyResult = string | Buffer | JwtSecret\n","import { Injectable, Logger, syncInject } from '@navios/core'\n\nimport jwt from 'jsonwebtoken'\n\nimport type {\n  GetSecretKeyResult,\n  JwtServiceOptions,\n  JwtSignOptions,\n  JwtVerifyOptions,\n  SignOptions,\n  VerifyOptions,\n} from './options/jwt-service.options.mjs'\n\nimport { RequestType } from './options/jwt-service.options.mjs'\n\n@Injectable()\nexport class JwtService {\n  logger = syncInject(Logger, {\n    context: JwtService.name,\n  })\n\n  constructor(private readonly options: JwtServiceOptions = {}) {}\n\n  sign(\n    payload: string,\n    options?: Omit<JwtSignOptions, keyof SignOptions>,\n  ): string\n  sign(payload: Buffer | object, options?: JwtSignOptions): string\n  sign(\n    payload: string | Buffer | object,\n    options: JwtSignOptions = {},\n  ): string {\n    const signOptions = this.mergeJwtOptions(\n      { ...options },\n      'signOptions',\n    ) as jwt.SignOptions\n    const secret = this.getSecretKey(\n      payload,\n      options,\n      'privateKey',\n      RequestType.Sign,\n    )\n\n    if (secret instanceof Promise) {\n      secret.catch(() => {}) // suppress rejection from async provider\n      this.logger.warn(\n        'For async version of \"secretOrKeyProvider\", please use \"signAsync\".',\n      )\n      throw new Error()\n    }\n\n    const allowedSignOptKeys = ['secret', 'privateKey']\n    const signOptKeys = Object.keys(signOptions)\n    if (\n      typeof payload === 'string' &&\n      signOptKeys.some((k) => !allowedSignOptKeys.includes(k))\n    ) {\n      throw new Error(\n        'Payload as string is not allowed with the following sign options: ' +\n          signOptKeys.join(', '),\n      )\n    }\n\n    return jwt.sign(payload, secret, signOptions)\n  }\n\n  signAsync(\n    payload: string,\n    options?: Omit<JwtSignOptions, keyof jwt.SignOptions>,\n  ): Promise<string>\n  signAsync(payload: Buffer | object, options?: JwtSignOptions): Promise<string>\n  signAsync(\n    payload: string | Buffer | object,\n    options: JwtSignOptions = {},\n  ): Promise<string> {\n    const signOptions = this.mergeJwtOptions(\n      { ...options },\n      'signOptions',\n    ) as jwt.SignOptions\n    const secret = this.getSecretKey(\n      payload,\n      options,\n      'privateKey',\n      RequestType.Sign,\n    )\n\n    const allowedSignOptKeys = ['secret', 'privateKey']\n    const signOptKeys = Object.keys(signOptions)\n    if (\n      typeof payload === 'string' &&\n      signOptKeys.some((k) => !allowedSignOptKeys.includes(k))\n    ) {\n      throw new Error(\n        'Payload as string is not allowed with the following sign options: ' +\n          signOptKeys.join(', '),\n      )\n    }\n\n    return new Promise((resolve, reject) =>\n      Promise.resolve()\n        .then(() => secret)\n        .then((scrt: GetSecretKeyResult) => {\n          jwt.sign(payload, scrt, signOptions, (err, encoded) =>\n            err ? reject(err) : resolve(encoded as string),\n          )\n        }),\n    )\n  }\n\n  verify<T extends object = any>(\n    token: string,\n    options: JwtVerifyOptions = {},\n  ): T {\n    const verifyOptions = this.mergeJwtOptions({ ...options }, 'verifyOptions')\n    const secret = this.getSecretKey(\n      token,\n      options,\n      'publicKey',\n      RequestType.Verify,\n    )\n\n    if (secret instanceof Promise) {\n      secret.catch(() => {}) // suppress rejection from async provider\n      this.logger.warn(\n        'For async version of \"secretOrKeyProvider\", please use \"verifyAsync\".',\n      )\n      throw new Error()\n    }\n\n    return jwt.verify(token, secret, verifyOptions) as unknown as T\n  }\n\n  verifyAsync<T extends object = any>(\n    token: string,\n    options: JwtVerifyOptions = {},\n  ): Promise<T> {\n    const verifyOptions = this.mergeJwtOptions({ ...options }, 'verifyOptions')\n    const secret = this.getSecretKey(\n      token,\n      options,\n      'publicKey',\n      RequestType.Verify,\n    )\n\n    return new Promise((resolve, reject) =>\n      Promise.resolve()\n        .then(() => secret)\n        .then((scrt: GetSecretKeyResult) => {\n          jwt.verify(token, scrt, verifyOptions, (err, decoded) =>\n            err ? reject(err) : resolve(decoded as T),\n          )\n        })\n        .catch(reject),\n    )\n  }\n\n  decode<T = any>(token: string, options?: jwt.DecodeOptions): T {\n    return jwt.decode(token, options) as T\n  }\n\n  private mergeJwtOptions(\n    options: JwtVerifyOptions | JwtSignOptions,\n    key: 'verifyOptions' | 'signOptions',\n  ): VerifyOptions | SignOptions {\n    delete options.secret\n    if (key === 'signOptions') {\n      delete (options as JwtSignOptions).privateKey\n    } else {\n      delete (options as JwtVerifyOptions).publicKey\n    }\n    return options\n      ? {\n          ...(this.options[key] || {}),\n          ...options,\n        }\n      : // @ts-expect-error We check it\n        this.options[key]\n  }\n\n  private getSecretKey(\n    token: string | object | Buffer,\n    options: JwtVerifyOptions | JwtSignOptions,\n    key: 'publicKey' | 'privateKey',\n    secretRequestType: RequestType,\n  ): GetSecretKeyResult | Promise<GetSecretKeyResult> {\n    const secret = this.options.secretOrKeyProvider\n      ? this.options.secretOrKeyProvider(secretRequestType, token, options)\n      : options?.secret ||\n        this.options.secret ||\n        (key === 'privateKey'\n          ? (options as JwtSignOptions)?.privateKey || this.options.privateKey\n          : (options as JwtVerifyOptions)?.publicKey ||\n            this.options.publicKey) ||\n        this.options[key]\n\n    return secret as GetSecretKeyResult\n  }\n}\n","import type {\n  BoundInjectionToken,\n  FactoryContext,\n  FactoryInjectionToken,\n} from '@navios/core'\n\nimport {\n  Injectable,\n  InjectableType,\n  InjectionToken,\n  resolveService,\n} from '@navios/core'\n\nimport type { JwtServiceOptions } from './options/jwt-service.options.mjs'\n\nimport { JwtService } from './jwt.service.mjs'\nimport { JwtServiceOptionsSchema } from './options/jwt-service.options.mjs'\n\nexport const JwtServiceToken = InjectionToken.create(\n  JwtService,\n  JwtServiceOptionsSchema,\n)\n\n@Injectable({\n  token: JwtServiceToken,\n  type: InjectableType.Factory,\n})\nexport class JwtServiceFactory {\n  create(ctx: FactoryContext, args: JwtServiceOptions) {\n    return resolveService(ctx, JwtService, [args])\n  }\n}\n\nexport function provideJwtService(\n  config: JwtServiceOptions | (() => Promise<JwtServiceOptions>),\n):\n  | BoundInjectionToken<JwtService, typeof JwtServiceOptionsSchema>\n  | FactoryInjectionToken<JwtService, typeof JwtServiceOptionsSchema> {\n  if (typeof config === 'function') {\n    return InjectionToken.factory(JwtServiceToken, config)\n  }\n  return InjectionToken.bound(JwtServiceToken, config)\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAAA,uBAAgB;;;ACEhB,iBAAkB;AAEX,IAAK,cAAL,kBAAKC,iBAAL;AACL,EAAAA,aAAA,UAAO;AACP,EAAAA,aAAA,YAAS;AAFC,SAAAA;AAAA,GAAA;AAKL,IAAM,gBAAgB,aAAE,KAAK;AAAA,EAClC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAEM,IAAM,kBAAkB,aAAE,OAAO;AAAA,EACtC,KAAK,cAAc,GAAG,aAAE,OAAO,CAAC;AAAA,EAChC,KAAK,aAAE,OAAO,EAAE,SAAS;AAAA,EACzB,KAAK,aAAE,OAAO,EAAE,SAAS;AAAA,EACzB,MAAM,aAAE,OAAO,EAAE,MAAM,EAAE,SAAS;AAAA,EAClC,KAAK,aAAE,OAAO,EAAE,SAAS;AAAA,EACzB,KAAK,aAAE,OAAO,EAAE,SAAS;AAAA,EACzB,KAAK,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,MAAM,aAAE,OAAO,CAAC,CAAC,CAAC,EAAE,SAAS;AAAA,EACzD,YAAY,aAAE,OAAO,EAAE,SAAS;AAAA,EAChC,KAAK,aAAE,OAAO,EAAE,SAAS;AAAA,EACzB,KAAK,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,MAAM,aAAE,OAAO,CAAC,CAAC,CAAC,EAAE,SAAS;AAC3D,CAAC;AAIM,IAAM,oBAAoB,aAAE,OAAO;AAAA,EACxC,WAAW,cAAc,SAAS;AAAA,EAClC,OAAO,aAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,WAAW,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,OAAO,CAAC,CAAC,EAAE,SAAS;AAAA,EACtD,WAAW,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,OAAO,CAAC,CAAC,EAAE,SAAS;AAAA,EACtD,UAAU,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,OAAO,EAAE,MAAM,CAAC,CAAC,EAAE,SAAS;AAAA,EAC7D,SAAS,aAAE,OAAO,EAAE,SAAS;AAAA,EAC7B,QAAQ,aAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,OAAO,aAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,eAAe,aAAE,QAAQ,EAAE,SAAS;AAAA,EACpC,aAAa,aAAE,QAAQ,EAAE,SAAS;AAAA,EAClC,QAAQ,gBAAgB,SAAS;AAAA,EACjC,UAAU,aAAE,OAAO,EAAE,SAAS;AAAA,EAC9B,uBAAuB,aAAE,QAAQ,EAAE,SAAS;AAAA,EAC5C,gCAAgC,aAAE,QAAQ,EAAE,SAAS;AACvD,CAAC;AAIM,IAAM,sBAAsB,aAAE,OAAO;AAAA,EAC1C,YAAY,cAAc,MAAM,EAAE,SAAS;AAAA,EAC3C,UAAU,aACP,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,WAAW,MAAM,GAAG,aAAE,OAAO,EAAE,MAAM,CAAC,CAAC,EAC5D,SAAS;AAAA,EACZ,gBAAgB,aAAE,OAAO,EAAE,SAAS;AAAA,EACpC,gBAAgB,aAAE,OAAO,EAAE,SAAS;AAAA,EACpC,UAAU,aAAE,QAAQ,EAAE,SAAS;AAAA,EAC/B,QAAQ,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,OAAO,EAAE,MAAM,CAAC,CAAC,EAAE,SAAS;AAAA,EAC3D,kBAAkB,aAAE,QAAQ,EAAE,SAAS;AAAA,EACvC,iBAAiB,aAAE,QAAQ,EAAE,SAAS;AAAA,EACtC,OAAO,aAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,OAAO,aAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,SAAS,aAAE,OAAO,EAAE,SAAS;AAAA,EAC7B,QAAQ,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,OAAO,CAAC,CAAC,EAAE,SAAS;AAAA,EACnD,gCAAgC,aAAE,QAAQ,EAAE,SAAS;AACvD,CAAC;AAIM,IAAM,eAAe,aAAE,MAAM;AAAA,EAClC,aAAE,OAAO;AAAA,EACT,aAAE,WAAW,MAAM;AAAA,EACnB,aACG,OAAO;AAAA,IACN,MAAM,aAAE,OAAO;AAAA,EACjB,CAAC,EACA,YAAY;AAAA,EACf,aAAE,OAAO;AAAA,IACP,KAAK,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,WAAW,MAAM,CAAC,CAAC;AAAA,IAC/C,YAAY,aAAE,OAAO;AAAA,EACvB,CAAC;AACH,CAAC;AAIM,IAAM,0BAA0B,aAAE,OAAO;AAAA,EAC9C,aAAa,kBAAkB,SAAS;AAAA,EACxC,QAAQ,aAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,WAAW,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,WAAW,MAAM,CAAC,CAAC,EAAE,SAAS;AAAA,EAChE,YAAY,aAAa,SAAS;AAAA,EAClC,eAAe,oBAAoB,SAAS;AAAA,EAC5C,qBAAqB,aAClB,SAAS,EACT;AAAA,IACC,aAAE,WAAW,WAAW;AAAA,IACxB,aAAE,IAAI;AAAA,IACN,aAAE,MAAM,CAAC,mBAAmB,mBAAmB,CAAC,EAAE,SAAS;AAAA,EAC7D,EACC,QAAQ,aAAE,MAAM,CAAC,cAAc,aAAE,QAAQ,YAAY,CAAC,CAAC,CAAC,EACxD,SAAS;AACd,CAAC;;;AC9GD,kBAA+C;AAE/C,0BAAgB;AAFhB;AAeA,8BAAC,wBAAW;AACL,IAAM,cAAN,MAAM,YAAW;AAAA,EAKtB,YAA6B,UAA6B,CAAC,GAAG;AAAjC;AAAA,EAAkC;AAAA,EAJ/D,aAAS,wBAAW,oBAAQ;AAAA,IAC1B,SAAS,YAAW;AAAA,EACtB,CAAC;AAAA,EASD,KACE,SACA,UAA0B,CAAC,GACnB;AACR,UAAM,cAAc,KAAK;AAAA,MACvB,EAAE,GAAG,QAAQ;AAAA,MACb;AAAA,IACF;AACA,UAAM,SAAS,KAAK;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA;AAAA,IAEF;AAEA,QAAI,kBAAkB,SAAS;AAC7B,aAAO,MAAM,MAAM;AAAA,MAAC,CAAC;AACrB,WAAK,OAAO;AAAA,QACV;AAAA,MACF;AACA,YAAM,IAAI,MAAM;AAAA,IAClB;AAEA,UAAM,qBAAqB,CAAC,UAAU,YAAY;AAClD,UAAM,cAAc,OAAO,KAAK,WAAW;AAC3C,QACE,OAAO,YAAY,YACnB,YAAY,KAAK,CAAC,MAAM,CAAC,mBAAmB,SAAS,CAAC,CAAC,GACvD;AACA,YAAM,IAAI;AAAA,QACR,uEACE,YAAY,KAAK,IAAI;AAAA,MACzB;AAAA,IACF;AAEA,WAAO,oBAAAC,QAAI,KAAK,SAAS,QAAQ,WAAW;AAAA,EAC9C;AAAA,EAOA,UACE,SACA,UAA0B,CAAC,GACV;AACjB,UAAM,cAAc,KAAK;AAAA,MACvB,EAAE,GAAG,QAAQ;AAAA,MACb;AAAA,IACF;AACA,UAAM,SAAS,KAAK;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA;AAAA,IAEF;AAEA,UAAM,qBAAqB,CAAC,UAAU,YAAY;AAClD,UAAM,cAAc,OAAO,KAAK,WAAW;AAC3C,QACE,OAAO,YAAY,YACnB,YAAY,KAAK,CAAC,MAAM,CAAC,mBAAmB,SAAS,CAAC,CAAC,GACvD;AACA,YAAM,IAAI;AAAA,QACR,uEACE,YAAY,KAAK,IAAI;AAAA,MACzB;AAAA,IACF;AAEA,WAAO,IAAI;AAAA,MAAQ,CAAC,SAAS,WAC3B,QAAQ,QAAQ,EACb,KAAK,MAAM,MAAM,EACjB,KAAK,CAAC,SAA6B;AAClC,4BAAAA,QAAI;AAAA,UAAK;AAAA,UAAS;AAAA,UAAM;AAAA,UAAa,CAAC,KAAK,YACzC,MAAM,OAAO,GAAG,IAAI,QAAQ,OAAiB;AAAA,QAC/C;AAAA,MACF,CAAC;AAAA,IACL;AAAA,EACF;AAAA,EAEA,OACE,OACA,UAA4B,CAAC,GAC1B;AACH,UAAM,gBAAgB,KAAK,gBAAgB,EAAE,GAAG,QAAQ,GAAG,eAAe;AAC1E,UAAM,SAAS,KAAK;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA;AAAA,IAEF;AAEA,QAAI,kBAAkB,SAAS;AAC7B,aAAO,MAAM,MAAM;AAAA,MAAC,CAAC;AACrB,WAAK,OAAO;AAAA,QACV;AAAA,MACF;AACA,YAAM,IAAI,MAAM;AAAA,IAClB;AAEA,WAAO,oBAAAA,QAAI,OAAO,OAAO,QAAQ,aAAa;AAAA,EAChD;AAAA,EAEA,YACE,OACA,UAA4B,CAAC,GACjB;AACZ,UAAM,gBAAgB,KAAK,gBAAgB,EAAE,GAAG,QAAQ,GAAG,eAAe;AAC1E,UAAM,SAAS,KAAK;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA;AAAA,IAEF;AAEA,WAAO,IAAI;AAAA,MAAQ,CAAC,SAAS,WAC3B,QAAQ,QAAQ,EACb,KAAK,MAAM,MAAM,EACjB,KAAK,CAAC,SAA6B;AAClC,4BAAAA,QAAI;AAAA,UAAO;AAAA,UAAO;AAAA,UAAM;AAAA,UAAe,CAAC,KAAK,YAC3C,MAAM,OAAO,GAAG,IAAI,QAAQ,OAAY;AAAA,QAC1C;AAAA,MACF,CAAC,EACA,MAAM,MAAM;AAAA,IACjB;AAAA,EACF;AAAA,EAEA,OAAgB,OAAe,SAAgC;AAC7D,WAAO,oBAAAA,QAAI,OAAO,OAAO,OAAO;AAAA,EAClC;AAAA,EAEQ,gBACN,SACA,KAC6B;AAC7B,WAAO,QAAQ;AACf,QAAI,QAAQ,eAAe;AACzB,aAAQ,QAA2B;AAAA,IACrC,OAAO;AACL,aAAQ,QAA6B;AAAA,IACvC;AACA,WAAO,UACH;AAAA,MACE,GAAI,KAAK,QAAQ,GAAG,KAAK,CAAC;AAAA,MAC1B,GAAG;AAAA,IACL;AAAA;AAAA,MAEA,KAAK,QAAQ,GAAG;AAAA;AAAA,EACtB;AAAA,EAEQ,aACN,OACA,SACA,KACA,mBACkD;AAClD,UAAM,SAAS,KAAK,QAAQ,sBACxB,KAAK,QAAQ,oBAAoB,mBAAmB,OAAO,OAAO,KAClE,mCAAS,WACT,KAAK,QAAQ,WACZ,QAAQ,gBACJ,mCAA4B,eAAc,KAAK,QAAQ,cACvD,mCAA8B,cAC/B,KAAK,QAAQ,cACjB,KAAK,QAAQ,GAAG;AAEpB,WAAO;AAAA,EACT;AACF;AArLO;AAAM,cAAN,0CADP,wBACa;AAAN,4BAAM;AAAN,IAAM,aAAN;;;ACVP,IAAAC,eAKO;AAOA,IAAM,kBAAkB,4BAAe;AAAA,EAC5C;AAAA,EACA;AACF;AArBA,mCAAAC;AAuBA,qCAAC,yBAAW;AAAA,EACV,OAAO;AAAA,EACP,MAAM,4BAAe;AACvB,CAAC;AACM,IAAM,oBAAN,MAAwB;AAAA,EAC7B,OAAO,KAAqB,MAAyB;AACnD,eAAO,6BAAe,KAAK,YAAY,CAAC,IAAI,CAAC;AAAA,EAC/C;AACF;AAJOA,SAAA;AAAM,oBAAN,kBAAAA,QAAA,wBAJP,+BAIa;AAAN,kBAAAA,QAAA,GAAM;AAMN,SAAS,kBACd,QAGoE;AACpE,MAAI,OAAO,WAAW,YAAY;AAChC,WAAO,4BAAe,QAAQ,iBAAiB,MAAM;AAAA,EACvD;AACA,SAAO,4BAAe,MAAM,iBAAiB,MAAM;AACrD;;;AHrCO,IAAM,oBAAoB,qBAAAC,QAAI;AAC9B,IAAM,iBAAiB,qBAAAA,QAAI;AAC3B,IAAM,oBAAoB,qBAAAA,QAAI;","names":["import_jsonwebtoken","RequestType","jwt","import_core","_init","jwt"]}

package/dist/index.mjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../packages/jwt/src/index.mts","../../../../packages/jwt/src/options/jwt-service.options.mts","../../../../packages/jwt/src/jwt.service.mts","../../../../packages/jwt/src/jwt-service.provider.mts"],"sourcesContent":["import jwt from 'jsonwebtoken'\n\nexport * from './options/jwt-service.options.mjs'\nexport * from './jwt.service.mjs'\nexport * from './jwt-service.provider.mjs'\nexport const TokenExpiredError = jwt.TokenExpiredError\nexport const NotBeforeError = jwt.NotBeforeError\nexport const JsonWebTokenError = jwt.JsonWebTokenError\n","import type { Secret as JwtSecret } from 'jsonwebtoken'\n\nimport { z } from 'zod'\n\nexport enum RequestType {\n  Sign = 'Sign',\n  Verify = 'Verify',\n}\n\nexport const AlgorithmType = z.enum([\n  'HS256',\n  'HS384',\n  'HS512',\n  'RS256',\n  'RS384',\n  'RS512',\n  'ES256',\n  'ES384',\n  'ES512',\n  'PS256',\n  'PS384',\n  'PS512',\n  'none',\n])\n\nexport const JwtHeaderSchema = z.object({\n  alg: AlgorithmType.or(z.string()),\n  typ: z.string().optional(),\n  cty: z.string().optional(),\n  crit: z.string().array().optional(),\n  kid: z.string().optional(),\n  jku: z.string().optional(),\n  x5u: z.union([z.string(), z.array(z.string())]).optional(),\n  'x5t#S256': z.string().optional(),\n  x5t: z.string().optional(),\n  x5c: z.union([z.string(), z.array(z.string())]).optional(),\n})\n\nexport type JwtHeader = z.infer<typeof JwtHeaderSchema>\n\nexport const SignOptionsSchema = z.object({\n  algorithm: AlgorithmType.optional(),\n  keyid: z.string().optional(),\n  expiresIn: z.union([z.string(), z.number()]).optional(),\n  notBefore: z.union([z.string(), z.number()]).optional(),\n  audience: z.union([z.string(), z.string().array()]).optional(),\n  subject: z.string().optional(),\n  issuer: z.string().optional(),\n  jwtid: z.string().optional(),\n  mutatePayload: z.boolean().optional(),\n  noTimestamp: z.boolean().optional(),\n  header: JwtHeaderSchema.optional(),\n  encoding: z.string().optional(),\n  allowInsecureKeySizes: z.boolean().optional(),\n  allowInvalidAsymmetricKeyTypes: z.boolean().optional(),\n})\n\nexport type SignOptions = z.infer<typeof SignOptionsSchema>\n\nexport const VerifyOptionsSchema = z.object({\n  algorithms: AlgorithmType.array().optional(),\n  audience: z\n    .union([z.string(), z.instanceof(RegExp), z.string().array()])\n    .optional(),\n  clockTimestamp: z.number().optional(),\n  clockTolerance: z.number().optional(),\n  complete: z.boolean().optional(),\n  issuer: z.union([z.string(), z.string().array()]).optional(),\n  ignoreExpiration: z.boolean().optional(),\n  ignoreNotBefore: z.boolean().optional(),\n  jwtid: z.string().optional(),\n  nonce: z.string().optional(),\n  subject: z.string().optional(),\n  maxAge: z.union([z.string(), z.number()]).optional(),\n  allowInvalidAsymmetricKeyTypes: z.boolean().optional(),\n})\n\nexport type VerifyOptions = z.infer<typeof VerifyOptionsSchema>\n\nexport const SecretSchema = z.union([\n  z.string(),\n  z.instanceof(Buffer),\n  z\n    .object({\n      type: z.string(),\n    })\n    .passthrough(),\n  z.object({\n    key: z.union([z.string(), z.instanceof(Buffer)]),\n    passphrase: z.string(),\n  }),\n])\n\nexport type Secret = z.infer<typeof SecretSchema>\n\nexport const JwtServiceOptionsSchema = z.object({\n  signOptions: SignOptionsSchema.optional(),\n  secret: z.string().optional(),\n  publicKey: z.union([z.string(), z.instanceof(Buffer)]).optional(),\n  privateKey: SecretSchema.optional(),\n  verifyOptions: VerifyOptionsSchema.optional(),\n  secretOrKeyProvider: z\n    .function()\n    .args(\n      z.nativeEnum(RequestType),\n      z.any(),\n      z.union([SignOptionsSchema, VerifyOptionsSchema]).optional(),\n    )\n    .returns(z.union([SecretSchema, z.promise(SecretSchema)]))\n    .optional(),\n})\n\nexport type JwtServiceOptions = z.infer<typeof JwtServiceOptionsSchema>\n\nexport interface JwtSignOptions extends SignOptions {\n  secret?: string | Buffer\n  privateKey?: Secret\n}\n\nexport interface JwtVerifyOptions extends VerifyOptions {\n  secret?: string | Buffer\n  publicKey?: string | Buffer\n}\n\nexport type GetSecretKeyResult = string | Buffer | JwtSecret\n","import { Injectable, Logger, syncInject } from '@navios/core'\n\nimport jwt from 'jsonwebtoken'\n\nimport type {\n  GetSecretKeyResult,\n  JwtServiceOptions,\n  JwtSignOptions,\n  JwtVerifyOptions,\n  SignOptions,\n  VerifyOptions,\n} from './options/jwt-service.options.mjs'\n\nimport { RequestType } from './options/jwt-service.options.mjs'\n\n@Injectable()\nexport class JwtService {\n  logger = syncInject(Logger, {\n    context: JwtService.name,\n  })\n\n  constructor(private readonly options: JwtServiceOptions = {}) {}\n\n  sign(\n    payload: string,\n    options?: Omit<JwtSignOptions, keyof SignOptions>,\n  ): string\n  sign(payload: Buffer | object, options?: JwtSignOptions): string\n  sign(\n    payload: string | Buffer | object,\n    options: JwtSignOptions = {},\n  ): string {\n    const signOptions = this.mergeJwtOptions(\n      { ...options },\n      'signOptions',\n    ) as jwt.SignOptions\n    const secret = this.getSecretKey(\n      payload,\n      options,\n      'privateKey',\n      RequestType.Sign,\n    )\n\n    if (secret instanceof Promise) {\n      secret.catch(() => {}) // suppress rejection from async provider\n      this.logger.warn(\n        'For async version of \"secretOrKeyProvider\", please use \"signAsync\".',\n      )\n      throw new Error()\n    }\n\n    const allowedSignOptKeys = ['secret', 'privateKey']\n    const signOptKeys = Object.keys(signOptions)\n    if (\n      typeof payload === 'string' &&\n      signOptKeys.some((k) => !allowedSignOptKeys.includes(k))\n    ) {\n      throw new Error(\n        'Payload as string is not allowed with the following sign options: ' +\n          signOptKeys.join(', '),\n      )\n    }\n\n    return jwt.sign(payload, secret, signOptions)\n  }\n\n  signAsync(\n    payload: string,\n    options?: Omit<JwtSignOptions, keyof jwt.SignOptions>,\n  ): Promise<string>\n  signAsync(payload: Buffer | object, options?: JwtSignOptions): Promise<string>\n  signAsync(\n    payload: string | Buffer | object,\n    options: JwtSignOptions = {},\n  ): Promise<string> {\n    const signOptions = this.mergeJwtOptions(\n      { ...options },\n      'signOptions',\n    ) as jwt.SignOptions\n    const secret = this.getSecretKey(\n      payload,\n      options,\n      'privateKey',\n      RequestType.Sign,\n    )\n\n    const allowedSignOptKeys = ['secret', 'privateKey']\n    const signOptKeys = Object.keys(signOptions)\n    if (\n      typeof payload === 'string' &&\n      signOptKeys.some((k) => !allowedSignOptKeys.includes(k))\n    ) {\n      throw new Error(\n        'Payload as string is not allowed with the following sign options: ' +\n          signOptKeys.join(', '),\n      )\n    }\n\n    return new Promise((resolve, reject) =>\n      Promise.resolve()\n        .then(() => secret)\n        .then((scrt: GetSecretKeyResult) => {\n          jwt.sign(payload, scrt, signOptions, (err, encoded) =>\n            err ? reject(err) : resolve(encoded as string),\n          )\n        }),\n    )\n  }\n\n  verify<T extends object = any>(\n    token: string,\n    options: JwtVerifyOptions = {},\n  ): T {\n    const verifyOptions = this.mergeJwtOptions({ ...options }, 'verifyOptions')\n    const secret = this.getSecretKey(\n      token,\n      options,\n      'publicKey',\n      RequestType.Verify,\n    )\n\n    if (secret instanceof Promise) {\n      secret.catch(() => {}) // suppress rejection from async provider\n      this.logger.warn(\n        'For async version of \"secretOrKeyProvider\", please use \"verifyAsync\".',\n      )\n      throw new Error()\n    }\n\n    return jwt.verify(token, secret, verifyOptions) as unknown as T\n  }\n\n  verifyAsync<T extends object = any>(\n    token: string,\n    options: JwtVerifyOptions = {},\n  ): Promise<T> {\n    const verifyOptions = this.mergeJwtOptions({ ...options }, 'verifyOptions')\n    const secret = this.getSecretKey(\n      token,\n      options,\n      'publicKey',\n      RequestType.Verify,\n    )\n\n    return new Promise((resolve, reject) =>\n      Promise.resolve()\n        .then(() => secret)\n        .then((scrt: GetSecretKeyResult) => {\n          jwt.verify(token, scrt, verifyOptions, (err, decoded) =>\n            err ? reject(err) : resolve(decoded as T),\n          )\n        })\n        .catch(reject),\n    )\n  }\n\n  decode<T = any>(token: string, options?: jwt.DecodeOptions): T {\n    return jwt.decode(token, options) as T\n  }\n\n  private mergeJwtOptions(\n    options: JwtVerifyOptions | JwtSignOptions,\n    key: 'verifyOptions' | 'signOptions',\n  ): VerifyOptions | SignOptions {\n    delete options.secret\n    if (key === 'signOptions') {\n      delete (options as JwtSignOptions).privateKey\n    } else {\n      delete (options as JwtVerifyOptions).publicKey\n    }\n    return options\n      ? {\n          ...(this.options[key] || {}),\n          ...options,\n        }\n      : // @ts-expect-error We check it\n        this.options[key]\n  }\n\n  private getSecretKey(\n    token: string | object | Buffer,\n    options: JwtVerifyOptions | JwtSignOptions,\n    key: 'publicKey' | 'privateKey',\n    secretRequestType: RequestType,\n  ): GetSecretKeyResult | Promise<GetSecretKeyResult> {\n    const secret = this.options.secretOrKeyProvider\n      ? this.options.secretOrKeyProvider(secretRequestType, token, options)\n      : options?.secret ||\n        this.options.secret ||\n        (key === 'privateKey'\n          ? (options as JwtSignOptions)?.privateKey || this.options.privateKey\n          : (options as JwtVerifyOptions)?.publicKey ||\n            this.options.publicKey) ||\n        this.options[key]\n\n    return secret as GetSecretKeyResult\n  }\n}\n","import type {\n  BoundInjectionToken,\n  FactoryContext,\n  FactoryInjectionToken,\n} from '@navios/core'\n\nimport {\n  Injectable,\n  InjectableType,\n  InjectionToken,\n  resolveService,\n} from '@navios/core'\n\nimport type { JwtServiceOptions } from './options/jwt-service.options.mjs'\n\nimport { JwtService } from './jwt.service.mjs'\nimport { JwtServiceOptionsSchema } from './options/jwt-service.options.mjs'\n\nexport const JwtServiceToken = InjectionToken.create(\n  JwtService,\n  JwtServiceOptionsSchema,\n)\n\n@Injectable({\n  token: JwtServiceToken,\n  type: InjectableType.Factory,\n})\nexport class JwtServiceFactory {\n  create(ctx: FactoryContext, args: JwtServiceOptions) {\n    return resolveService(ctx, JwtService, [args])\n  }\n}\n\nexport function provideJwtService(\n  config: JwtServiceOptions | (() => Promise<JwtServiceOptions>),\n):\n  | BoundInjectionToken<JwtService, typeof JwtServiceOptionsSchema>\n  | FactoryInjectionToken<JwtService, typeof JwtServiceOptionsSchema> {\n  if (typeof config === 'function') {\n    return InjectionToken.factory(JwtServiceToken, config)\n  }\n  return InjectionToken.bound(JwtServiceToken, config)\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,OAAOA,UAAS;;;ACEhB,SAAS,SAAS;AAEX,IAAK,cAAL,kBAAKC,iBAAL;AACL,EAAAA,aAAA,UAAO;AACP,EAAAA,aAAA,YAAS;AAFC,SAAAA;AAAA,GAAA;AAKL,IAAM,gBAAgB,EAAE,KAAK;AAAA,EAClC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAEM,IAAM,kBAAkB,EAAE,OAAO;AAAA,EACtC,KAAK,cAAc,GAAG,EAAE,OAAO,CAAC;AAAA,EAChC,KAAK,EAAE,OAAO,EAAE,SAAS;AAAA,EACzB,KAAK,EAAE,OAAO,EAAE,SAAS;AAAA,EACzB,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS;AAAA,EAClC,KAAK,EAAE,OAAO,EAAE,SAAS;AAAA,EACzB,KAAK,EAAE,OAAO,EAAE,SAAS;AAAA,EACzB,KAAK,EAAE,MAAM,CAAC,EAAE,OAAO,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,SAAS;AAAA,EACzD,YAAY,EAAE,OAAO,EAAE,SAAS;AAAA,EAChC,KAAK,EAAE,OAAO,EAAE,SAAS;AAAA,EACzB,KAAK,EAAE,MAAM,CAAC,EAAE,OAAO,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,SAAS;AAC3D,CAAC;AAIM,IAAM,oBAAoB,EAAE,OAAO;AAAA,EACxC,WAAW,cAAc,SAAS;AAAA,EAClC,OAAO,EAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,WAAW,EAAE,MAAM,CAAC,EAAE,OAAO,GAAG,EAAE,OAAO,CAAC,CAAC,EAAE,SAAS;AAAA,EACtD,WAAW,EAAE,MAAM,CAAC,EAAE,OAAO,GAAG,EAAE,OAAO,CAAC,CAAC,EAAE,SAAS;AAAA,EACtD,UAAU,EAAE,MAAM,CAAC,EAAE,OAAO,GAAG,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC,EAAE,SAAS;AAAA,EAC7D,SAAS,EAAE,OAAO,EAAE,SAAS;AAAA,EAC7B,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,OAAO,EAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,eAAe,EAAE,QAAQ,EAAE,SAAS;AAAA,EACpC,aAAa,EAAE,QAAQ,EAAE,SAAS;AAAA,EAClC,QAAQ,gBAAgB,SAAS;AAAA,EACjC,UAAU,EAAE,OAAO,EAAE,SAAS;AAAA,EAC9B,uBAAuB,EAAE,QAAQ,EAAE,SAAS;AAAA,EAC5C,gCAAgC,EAAE,QAAQ,EAAE,SAAS;AACvD,CAAC;AAIM,IAAM,sBAAsB,EAAE,OAAO;AAAA,EAC1C,YAAY,cAAc,MAAM,EAAE,SAAS;AAAA,EAC3C,UAAU,EACP,MAAM,CAAC,EAAE,OAAO,GAAG,EAAE,WAAW,MAAM,GAAG,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC,EAC5D,SAAS;AAAA,EACZ,gBAAgB,EAAE,OAAO,EAAE,SAAS;AAAA,EACpC,gBAAgB,EAAE,OAAO,EAAE,SAAS;AAAA,EACpC,UAAU,EAAE,QAAQ,EAAE,SAAS;AAAA,EAC/B,QAAQ,EAAE,MAAM,CAAC,EAAE,OAAO,GAAG,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC,EAAE,SAAS;AAAA,EAC3D,kBAAkB,EAAE,QAAQ,EAAE,SAAS;AAAA,EACvC,iBAAiB,EAAE,QAAQ,EAAE,SAAS;AAAA,EACtC,OAAO,EAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,OAAO,EAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,SAAS,EAAE,OAAO,EAAE,SAAS;AAAA,EAC7B,QAAQ,EAAE,MAAM,CAAC,EAAE,OAAO,GAAG,EAAE,OAAO,CAAC,CAAC,EAAE,SAAS;AAAA,EACnD,gCAAgC,EAAE,QAAQ,EAAE,SAAS;AACvD,CAAC;AAIM,IAAM,eAAe,EAAE,MAAM;AAAA,EAClC,EAAE,OAAO;AAAA,EACT,EAAE,WAAW,MAAM;AAAA,EACnB,EACG,OAAO;AAAA,IACN,MAAM,EAAE,OAAO;AAAA,EACjB,CAAC,EACA,YAAY;AAAA,EACf,EAAE,OAAO;AAAA,IACP,KAAK,EAAE,MAAM,CAAC,EAAE,OAAO,GAAG,EAAE,WAAW,MAAM,CAAC,CAAC;AAAA,IAC/C,YAAY,EAAE,OAAO;AAAA,EACvB,CAAC;AACH,CAAC;AAIM,IAAM,0BAA0B,EAAE,OAAO;AAAA,EAC9C,aAAa,kBAAkB,SAAS;AAAA,EACxC,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,WAAW,EAAE,MAAM,CAAC,EAAE,OAAO,GAAG,EAAE,WAAW,MAAM,CAAC,CAAC,EAAE,SAAS;AAAA,EAChE,YAAY,aAAa,SAAS;AAAA,EAClC,eAAe,oBAAoB,SAAS;AAAA,EAC5C,qBAAqB,EAClB,SAAS,EACT;AAAA,IACC,EAAE,WAAW,WAAW;AAAA,IACxB,EAAE,IAAI;AAAA,IACN,EAAE,MAAM,CAAC,mBAAmB,mBAAmB,CAAC,EAAE,SAAS;AAAA,EAC7D,EACC,QAAQ,EAAE,MAAM,CAAC,cAAc,EAAE,QAAQ,YAAY,CAAC,CAAC,CAAC,EACxD,SAAS;AACd,CAAC;;;AC9GD,SAAS,YAAY,QAAQ,kBAAkB;AAE/C,OAAO,SAAS;AAFhB;AAeA,0BAAC,WAAW;AACL,IAAM,cAAN,MAAM,YAAW;AAAA,EAKtB,YAA6B,UAA6B,CAAC,GAAG;AAAjC;AAAA,EAAkC;AAAA,EAJ/D,SAAS,WAAW,QAAQ;AAAA,IAC1B,SAAS,YAAW;AAAA,EACtB,CAAC;AAAA,EASD,KACE,SACA,UAA0B,CAAC,GACnB;AACR,UAAM,cAAc,KAAK;AAAA,MACvB,EAAE,GAAG,QAAQ;AAAA,MACb;AAAA,IACF;AACA,UAAM,SAAS,KAAK;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA;AAAA,IAEF;AAEA,QAAI,kBAAkB,SAAS;AAC7B,aAAO,MAAM,MAAM;AAAA,MAAC,CAAC;AACrB,WAAK,OAAO;AAAA,QACV;AAAA,MACF;AACA,YAAM,IAAI,MAAM;AAAA,IAClB;AAEA,UAAM,qBAAqB,CAAC,UAAU,YAAY;AAClD,UAAM,cAAc,OAAO,KAAK,WAAW;AAC3C,QACE,OAAO,YAAY,YACnB,YAAY,KAAK,CAAC,MAAM,CAAC,mBAAmB,SAAS,CAAC,CAAC,GACvD;AACA,YAAM,IAAI;AAAA,QACR,uEACE,YAAY,KAAK,IAAI;AAAA,MACzB;AAAA,IACF;AAEA,WAAO,IAAI,KAAK,SAAS,QAAQ,WAAW;AAAA,EAC9C;AAAA,EAOA,UACE,SACA,UAA0B,CAAC,GACV;AACjB,UAAM,cAAc,KAAK;AAAA,MACvB,EAAE,GAAG,QAAQ;AAAA,MACb;AAAA,IACF;AACA,UAAM,SAAS,KAAK;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA;AAAA,IAEF;AAEA,UAAM,qBAAqB,CAAC,UAAU,YAAY;AAClD,UAAM,cAAc,OAAO,KAAK,WAAW;AAC3C,QACE,OAAO,YAAY,YACnB,YAAY,KAAK,CAAC,MAAM,CAAC,mBAAmB,SAAS,CAAC,CAAC,GACvD;AACA,YAAM,IAAI;AAAA,QACR,uEACE,YAAY,KAAK,IAAI;AAAA,MACzB;AAAA,IACF;AAEA,WAAO,IAAI;AAAA,MAAQ,CAAC,SAAS,WAC3B,QAAQ,QAAQ,EACb,KAAK,MAAM,MAAM,EACjB,KAAK,CAAC,SAA6B;AAClC,YAAI;AAAA,UAAK;AAAA,UAAS;AAAA,UAAM;AAAA,UAAa,CAAC,KAAK,YACzC,MAAM,OAAO,GAAG,IAAI,QAAQ,OAAiB;AAAA,QAC/C;AAAA,MACF,CAAC;AAAA,IACL;AAAA,EACF;AAAA,EAEA,OACE,OACA,UAA4B,CAAC,GAC1B;AACH,UAAM,gBAAgB,KAAK,gBAAgB,EAAE,GAAG,QAAQ,GAAG,eAAe;AAC1E,UAAM,SAAS,KAAK;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA;AAAA,IAEF;AAEA,QAAI,kBAAkB,SAAS;AAC7B,aAAO,MAAM,MAAM;AAAA,MAAC,CAAC;AACrB,WAAK,OAAO;AAAA,QACV;AAAA,MACF;AACA,YAAM,IAAI,MAAM;AAAA,IAClB;AAEA,WAAO,IAAI,OAAO,OAAO,QAAQ,aAAa;AAAA,EAChD;AAAA,EAEA,YACE,OACA,UAA4B,CAAC,GACjB;AACZ,UAAM,gBAAgB,KAAK,gBAAgB,EAAE,GAAG,QAAQ,GAAG,eAAe;AAC1E,UAAM,SAAS,KAAK;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA;AAAA,IAEF;AAEA,WAAO,IAAI;AAAA,MAAQ,CAAC,SAAS,WAC3B,QAAQ,QAAQ,EACb,KAAK,MAAM,MAAM,EACjB,KAAK,CAAC,SAA6B;AAClC,YAAI;AAAA,UAAO;AAAA,UAAO;AAAA,UAAM;AAAA,UAAe,CAAC,KAAK,YAC3C,MAAM,OAAO,GAAG,IAAI,QAAQ,OAAY;AAAA,QAC1C;AAAA,MACF,CAAC,EACA,MAAM,MAAM;AAAA,IACjB;AAAA,EACF;AAAA,EAEA,OAAgB,OAAe,SAAgC;AAC7D,WAAO,IAAI,OAAO,OAAO,OAAO;AAAA,EAClC;AAAA,EAEQ,gBACN,SACA,KAC6B;AAC7B,WAAO,QAAQ;AACf,QAAI,QAAQ,eAAe;AACzB,aAAQ,QAA2B;AAAA,IACrC,OAAO;AACL,aAAQ,QAA6B;AAAA,IACvC;AACA,WAAO,UACH;AAAA,MACE,GAAI,KAAK,QAAQ,GAAG,KAAK,CAAC;AAAA,MAC1B,GAAG;AAAA,IACL;AAAA;AAAA,MAEA,KAAK,QAAQ,GAAG;AAAA;AAAA,EACtB;AAAA,EAEQ,aACN,OACA,SACA,KACA,mBACkD;AAClD,UAAM,SAAS,KAAK,QAAQ,sBACxB,KAAK,QAAQ,oBAAoB,mBAAmB,OAAO,OAAO,KAClE,mCAAS,WACT,KAAK,QAAQ,WACZ,QAAQ,gBACJ,mCAA4B,eAAc,KAAK,QAAQ,cACvD,mCAA8B,cAC/B,KAAK,QAAQ,cACjB,KAAK,QAAQ,GAAG;AAEpB,WAAO;AAAA,EACT;AACF;AArLO;AAAM,cAAN,0CADP,wBACa;AAAN,4BAAM;AAAN,IAAM,aAAN;;;ACVP;AAAA,EACE,cAAAC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AAOA,IAAM,kBAAkB,eAAe;AAAA,EAC5C;AAAA,EACA;AACF;AArBA,mCAAAC;AAuBA,iCAACC,YAAW;AAAA,EACV,OAAO;AAAA,EACP,MAAM,eAAe;AACvB,CAAC;AACM,IAAM,oBAAN,MAAwB;AAAA,EAC7B,OAAO,KAAqB,MAAyB;AACnD,WAAO,eAAe,KAAK,YAAY,CAAC,IAAI,CAAC;AAAA,EAC/C;AACF;AAJOD,SAAA;AAAM,oBAAN,kBAAAA,QAAA,wBAJP,+BAIa;AAAN,kBAAAA,QAAA,GAAM;AAMN,SAAS,kBACd,QAGoE;AACpE,MAAI,OAAO,WAAW,YAAY;AAChC,WAAO,eAAe,QAAQ,iBAAiB,MAAM;AAAA,EACvD;AACA,SAAO,eAAe,MAAM,iBAAiB,MAAM;AACrD;;;AHrCO,IAAM,oBAAoBE,KAAI;AAC9B,IAAM,iBAAiBA,KAAI;AAC3B,IAAM,oBAAoBA,KAAI;","names":["jwt","RequestType","Injectable","_init","Injectable","jwt"]}