@noony-serverless/core 0.1.5 → 0.2.0

package/build/middlewares/guards/RouteGuards.js

@@ -43,8 +43,8 @@
  *       return { valid: false, error: error.message };
  *     }
  *   },
- *   extractUserId: (decoded: any) => decoded.sub,
- *   isTokenExpired: (decoded: any) => decoded.exp < Date.now() / 1000
+ *   extractUserId: (decoded: unknown) => (decoded as any).sub,
+ *   isTokenExpired: (decoded: unknown) => (decoded as any).exp < Date.now() / 1000
  * };
  *
  * // Configure guard system
@@ -168,6 +168,50 @@ const ConservativeCacheInvalidation_1 = require("./cache/ConservativeCacheInvali
 const FastAuthGuard_1 = require("./guards/FastAuthGuard");
 const PermissionGuardFactory_1 = require("./guards/PermissionGuardFactory");
 const PermissionRegistry_1 = require("./registry/PermissionRegistry");
+const CustomTokenVerificationPortAdapter_1 = require("./adapters/CustomTokenVerificationPortAdapter");
+/**
+ * Helper function to check if a token validator is a CustomTokenVerificationPort
+ */
+function isCustomTokenVerificationPort(validator) {
+    return (typeof validator === 'object' &&
+        'verifyToken' in validator &&
+        !('validateToken' in validator));
+}
+/**
+ * Convert any token validator to the TokenValidator interface expected by RouteGuards.
+ * Automatically wraps CustomTokenVerificationPort implementations with an adapter.
+ */
+function normalizeTokenValidator(validator) {
+    if (isCustomTokenVerificationPort(validator)) {
+        // For CustomTokenVerificationPort, we create a generic adapter
+        // We use a basic configuration that tries to extract common fields
+        return new CustomTokenVerificationPortAdapter_1.CustomTokenVerificationPortAdapter(validator, {
+            userIdExtractor: (user) => {
+                // Try to extract user ID from common field names
+                if (user && typeof user === 'object') {
+                    const userObj = user;
+                    return String(userObj.sub ||
+                        userObj.id ||
+                        userObj.userId ||
+                        userObj.user_id ||
+                        'unknown');
+                }
+                return 'unknown';
+            },
+            expirationExtractor: (user) => {
+                // Try to extract expiration from common field names
+                if (user && typeof user === 'object') {
+                    const userObj = user;
+                    const exp = userObj.exp || userObj.expiresAt || userObj.expires_at;
+                    return typeof exp === 'number' ? exp : undefined;
+                }
+                return undefined;
+            },
+        });
+    }
+    // Already a TokenValidator, return as-is
+    return validator;
+}
 /**
  * Route Guards Facade Implementation
  *
@@ -211,9 +255,58 @@ let RouteGuards = class RouteGuards {
      *
      * @param profile - Environment profile with guard configurations
      * @param permissionSource - User permission data source
-     * @param tokenValidator - JWT token validation service
+     * @param tokenValidator - Token validation service (supports both TokenValidator and CustomTokenVerificationPort)
      * @param authConfig - Authentication guard configuration
      * @returns Promise resolving when configuration is complete
+     *
+     * @example
+     * Using with CustomTokenVerificationPort from AuthenticationMiddleware:
+     * ```typescript
+     * import { CustomTokenVerificationPort } from '@/middlewares/authenticationMiddleware';
+     * import { RouteGuards, GuardSetup } from '@/middlewares/guards';
+     *
+     * // Same token verifier used across the framework
+     * const tokenVerifier: CustomTokenVerificationPort<User> = {
+     *   async verifyToken(token: string): Promise<User> {
+     *     const payload = jwt.verify(token, process.env.JWT_SECRET!) as JWTPayload;
+     *     return {
+     *       id: payload.sub,
+     *       email: payload.email,
+     *       roles: payload.roles || [],
+     *       sub: payload.sub,
+     *       exp: payload.exp
+     *     };
+     *   }
+     * };
+     *
+     * // Configure RouteGuards with the same verifier
+     * await RouteGuards.configure(
+     *   GuardSetup.production(),
+     *   userPermissionSource,
+     *   tokenVerifier, // Automatically wrapped with adapter
+     *   authConfig
+     * );
+     * ```
+     *
+     * @example
+     * Traditional usage with TokenValidator (backward compatible):
+     * ```typescript
+     * const tokenValidator: TokenValidator = {
+     *   async validateToken(token: string) {
+     *     // Your existing validation logic
+     *     return { valid: true, decoded: userPayload };
+     *   },
+     *   extractUserId: (decoded) => decoded.sub,
+     *   isTokenExpired: (decoded) => decoded.exp < Date.now() / 1000
+     * };
+     *
+     * await RouteGuards.configure(
+     *   GuardSetup.production(),
+     *   userPermissionSource,
+     *   tokenValidator, // Works as before
+     *   authConfig
+     * );
+     * ```
      */
     static async configure(profile, permissionSource, tokenValidator, authConfig) {
         if (RouteGuards_1.isConfigured) {
@@ -223,20 +316,30 @@ let RouteGuards = class RouteGuards {
         try {
             // Create guard configuration
             const config = GuardConfiguration_1.GuardConfiguration.fromEnvironmentProfile(profile);
-            // Select cache adapter based on environment
+            // Get effective cache type considering environment variable override
+            // Environment variable NOONY_GUARD_CACHE_ENABLE takes precedence for security
+            const effectiveCacheType = GuardConfiguration_1.GuardConfiguration.getEffectiveCacheType(profile.cacheType);
+            // Select cache adapter based on effective cache type
             let cache;
-            if (profile.cacheType === 'memory') {
+            if (effectiveCacheType === 'memory') {
                 cache = new MemoryCacheAdapter_1.MemoryCacheAdapter({
                     maxSize: config.cache.maxEntries || 1000,
                     defaultTTL: config.cache.defaultTtlMs || 15 * 60 * 1000,
                     name: 'guard-memory-cache',
                 });
             }
-            else if (profile.cacheType === 'none') {
+            else if (effectiveCacheType === 'none') {
                 cache = new NoopCacheAdapter_1.NoopCacheAdapter();
+                // Log cache status for debugging
+                if (!GuardConfiguration_1.GuardConfiguration.isCachingEnabled()) {
+                    console.log(`🚫 Guard caching disabled by environment variable NOONY_GUARD_CACHE_ENABLE`);
+                }
+                else {
+                    console.log(`🚫 Guard caching disabled by configuration (cacheType: 'none')`);
+                }
             }
             else {
-                // Default to memory cache
+                // Default to memory cache (redis support would go here)
                 cache = new MemoryCacheAdapter_1.MemoryCacheAdapter({
                     maxSize: 1000,
                     defaultTTL: 15 * 60 * 1000,
@@ -249,8 +352,10 @@ let RouteGuards = class RouteGuards {
             const userContextService = new FastUserContextService_1.FastUserContextService(cache, config, permissionSource, permissionRegistry);
             // Create cache invalidation service
             const cacheInvalidation = new ConservativeCacheInvalidation_1.ConservativeCacheInvalidation(cache);
+            // Normalize token validator to ensure compatibility
+            const normalizedTokenValidator = normalizeTokenValidator(tokenValidator);
             // Create authentication guard
-            const authGuard = new FastAuthGuard_1.FastAuthGuard(cache, config, authConfig, userContextService, cacheInvalidation, tokenValidator);
+            const authGuard = new FastAuthGuard_1.FastAuthGuard(cache, config, authConfig, userContextService, cacheInvalidation, normalizedTokenValidator);
             // Create permission guard factory
             const guardFactory = new PermissionGuardFactory_1.PermissionGuardFactory(userContextService, config, cache);
             // Register services with TypeDI container
@@ -269,6 +374,8 @@ let RouteGuards = class RouteGuards {
             console.log('✅ RouteGuards configured successfully', {
                 environment: profile.environment,
                 cacheType: profile.cacheType,
+                effectiveCacheType: effectiveCacheType,
+                cachingEnabled: GuardConfiguration_1.GuardConfiguration.isCachingEnabled(),
                 permissionStrategy: config.security.permissionResolutionStrategy,
                 timestamp: new Date().toISOString(),
             });
@@ -437,6 +544,192 @@ let RouteGuards = class RouteGuards {
         const instance = RouteGuards_1.getInstance();
         return instance.performHealthCheck();
     }
+    /**
+     * Factory method: Configure RouteGuards with CustomTokenVerificationPort for JWT tokens.
+     * Provides a streamlined setup for JWT-based authentication with common field extraction.
+     *
+     * @example
+     * Quick JWT setup with CustomTokenVerificationPort:
+     * ```typescript
+     * import { CustomTokenVerificationPort } from '@/middlewares/authenticationMiddleware';
+     *
+     * interface JWTUser {
+     *   sub: string;
+     *   email: string;
+     *   roles: string[];
+     *   exp: number;
+     * }
+     *
+     * const jwtVerifier: CustomTokenVerificationPort<JWTUser> = {
+     *   async verifyToken(token: string): Promise<JWTUser> {
+     *     const payload = jwt.verify(token, process.env.JWT_SECRET!) as any;
+     *     return {
+     *       sub: payload.sub,
+     *       email: payload.email,
+     *       roles: payload.roles || [],
+     *       exp: payload.exp
+     *     };
+     *   }
+     * };
+     *
+     * // One-line setup for JWT authentication
+     * await RouteGuards.configureWithJWT(
+     *   GuardSetup.production(),
+     *   userPermissionSource,
+     *   jwtVerifier,
+     *   {
+     *     tokenHeader: 'authorization',
+     *     tokenPrefix: 'Bearer ',
+     *     requireEmailVerification: true
+     *   }
+     * );
+     * ```
+     */
+    static async configureWithJWT(profile, permissionSource, jwtVerifier, authConfig) {
+        // Create a properly typed adapter for JWT tokens
+        const tokenValidator = CustomTokenVerificationPortAdapter_1.TokenVerificationAdapterFactory.forJWT(jwtVerifier);
+        await RouteGuards_1.configure(profile, permissionSource, tokenValidator, authConfig);
+    }
+    /**
+     * Factory method: Configure RouteGuards with CustomTokenVerificationPort for API keys.
+     * Provides setup for API key-based authentication with flexible field mapping.
+     *
+     * @example
+     * API key authentication setup:
+     * ```typescript
+     * interface APIKeyUser {
+     *   keyId: string;
+     *   permissions: string[];
+     *   organization: string;
+     *   expiresAt?: number;
+     *   isActive: boolean;
+     * }
+     *
+     * const apiKeyVerifier: CustomTokenVerificationPort<APIKeyUser> = {
+     *   async verifyToken(token: string): Promise<APIKeyUser> {
+     *     const keyData = await validateAPIKeyInDatabase(token);
+     *     if (!keyData || !keyData.isActive) {
+     *       throw new Error('Invalid or inactive API key');
+     *     }
+     *     return keyData;
+     *   }
+     * };
+     *
+     * await RouteGuards.configureWithAPIKey(
+     *   GuardSetup.production(),
+     *   userPermissionSource,
+     *   apiKeyVerifier,
+     *   {
+     *     tokenHeader: 'x-api-key',
+     *     tokenPrefix: '',
+     *     allowInactiveUsers: false
+     *   },
+     *   'keyId',
+     *   'expiresAt'
+     * );
+     * ```
+     */
+    static async configureWithAPIKey(profile, permissionSource, apiKeyVerifier, authConfig, userIdField, expirationField) {
+        // Create a properly configured adapter for API keys
+        const tokenValidator = CustomTokenVerificationPortAdapter_1.TokenVerificationAdapterFactory.forAPIKey(apiKeyVerifier, userIdField, expirationField);
+        await RouteGuards_1.configure(profile, permissionSource, tokenValidator, authConfig);
+    }
+    /**
+     * Factory method: Configure RouteGuards with CustomTokenVerificationPort for OAuth tokens.
+     * Provides setup for OAuth-based authentication with scope validation.
+     *
+     * @example
+     * OAuth token authentication with scope requirements:
+     * ```typescript
+     * interface OAuthUser {
+     *   sub: string;
+     *   email: string;
+     *   scope: string[];
+     *   exp: number;
+     *   client_id: string;
+     * }
+     *
+     * const oauthVerifier: CustomTokenVerificationPort<OAuthUser> = {
+     *   async verifyToken(token: string): Promise<OAuthUser> {
+     *     const response = await fetch(`${OAUTH_INTROSPECT_URL}`, {
+     *       method: 'POST',
+     *       headers: { 'Authorization': `Bearer ${token}` },
+     *       body: new URLSearchParams({ token })
+     *     });
+     *
+     *     const tokenInfo = await response.json();
+     *     if (!tokenInfo.active) {
+     *       throw new Error('Token is not active');
+     *     }
+     *
+     *     return tokenInfo as OAuthUser;
+     *   }
+     * };
+     *
+     * await RouteGuards.configureWithOAuth(
+     *   GuardSetup.production(),
+     *   userPermissionSource,
+     *   oauthVerifier,
+     *   {
+     *     tokenHeader: 'authorization',
+     *     tokenPrefix: 'Bearer ',
+     *     requireEmailVerification: false
+     *   },
+     *   ['read:profile', 'write:data'] // Required OAuth scopes
+     * );
+     * ```
+     */
+    static async configureWithOAuth(profile, permissionSource, oauthVerifier, authConfig, requiredScopes) {
+        // Create a properly configured adapter for OAuth tokens
+        const tokenValidator = CustomTokenVerificationPortAdapter_1.TokenVerificationAdapterFactory.forOAuth(oauthVerifier, requiredScopes);
+        await RouteGuards_1.configure(profile, permissionSource, tokenValidator, authConfig);
+    }
+    /**
+     * Factory method: Configure RouteGuards with a custom CustomTokenVerificationPort adapter.
+     * Provides maximum flexibility for custom token validation scenarios.
+     *
+     * @example
+     * Custom token validation with business-specific logic:
+     * ```typescript
+     * interface CustomUser {
+     *   userId: string;
+     *   tenantId: string;
+     *   roles: string[];
+     *   sessionExpiry: number;
+     *   isVerified: boolean;
+     * }
+     *
+     * const customVerifier: CustomTokenVerificationPort<CustomUser> = {
+     *   async verifyToken(token: string): Promise<CustomUser> {
+     *     // Your custom verification logic
+     *     return await verifyCustomToken(token);
+     *   }
+     * };
+     *
+     * await RouteGuards.configureWithCustom(
+     *   GuardSetup.production(),
+     *   userPermissionSource,
+     *   customVerifier,
+     *   {
+     *     tokenHeader: 'x-auth-token',
+     *     tokenPrefix: 'Custom ',
+     *     customValidation: async (token, user) => {
+     *       return user.isVerified && user.tenantId === 'valid-tenant';
+     *     }
+     *   },
+     *   {
+     *     userIdExtractor: (user) => user.userId,
+     *     expirationExtractor: (user) => user.sessionExpiry,
+     *     additionalValidation: (user) => user.isVerified
+     *   }
+     * );
+     * ```
+     */
+    static async configureWithCustom(profile, permissionSource, customVerifier, authConfig, adapterConfig) {
+        // Create a custom configured adapter
+        const tokenValidator = CustomTokenVerificationPortAdapter_1.TokenVerificationAdapterFactory.custom(customVerifier, adapterConfig);
+        await RouteGuards_1.configure(profile, permissionSource, tokenValidator, authConfig);
+    }
     // Private implementation methods
     createPlainPermissionGuard(permissions, options) {
         this.trackGuardCreation();

package/build/middlewares/guards/adapters/CustomTokenVerificationPortAdapter.d.ts

@@ -0,0 +1,271 @@
+/**
+ * CustomTokenVerificationPort Adapter
+ *
+ * Bridges the CustomTokenVerificationPort interface from AuthenticationMiddleware
+ * to the RouteGuards TokenValidator interface, enabling code reuse and unified
+ * token validation across the entire Noony Framework.
+ *
+ * Key Features:
+ * - Seamless integration between authentication systems
+ * - Maintains type safety through generics
+ * - Supports any token validation implementation (JWT, OAuth, API keys, etc.)
+ * - Preserves all existing RouteGuards functionality
+ * - Zero-overhead abstraction with full performance
+ *
+ * Benefits:
+ * - One authentication interface to implement and maintain
+ * - Consistent patterns across AuthenticationMiddleware and RouteGuards
+ * - Backward compatibility with existing RouteGuards implementations
+ * - Simplified setup for authentication workflows
+ *
+ * @example
+ * Bridge a JWT verification port to RouteGuards:
+ * ```typescript
+ * import { CustomTokenVerificationPort } from '@/middlewares/authenticationMiddleware';
+ * import { CustomTokenVerificationPortAdapter } from '@/middlewares/guards/adapters';
+ *
+ * // Define your user type
+ * interface User {
+ *   id: string;
+ *   email: string;
+ *   roles: string[];
+ *   sub: string;  // JWT subject
+ *   exp: number;  // JWT expiration
+ *   iat: number;  // Issued at
+ * }
+ *
+ * // Implement token verification once
+ * const jwtVerifier: CustomTokenVerificationPort<User> = {
+ *   async verifyToken(token: string): Promise<User> {
+ *     const payload = jwt.verify(token, process.env.JWT_SECRET!) as any;
+ *     return {
+ *       id: payload.sub,
+ *       email: payload.email,
+ *       roles: payload.roles || [],
+ *       sub: payload.sub,
+ *       exp: payload.exp,
+ *       iat: payload.iat
+ *     };
+ *   }
+ * };
+ *
+ * // Create adapter for RouteGuards
+ * const tokenValidator = new CustomTokenVerificationPortAdapter(
+ *   jwtVerifier,
+ *   {
+ *     userIdExtractor: (user: User) => user.id,
+ *     expirationExtractor: (user: User) => user.exp
+ *   }
+ * );
+ *
+ * // Use with RouteGuards
+ * await RouteGuards.configure(
+ *   GuardSetup.production(),
+ *   userPermissionSource,
+ *   tokenValidator, // Works seamlessly!
+ *   authConfig
+ * );
+ * ```
+ *
+ * @example
+ * API key verification with custom user structure:
+ * ```typescript
+ * interface APIKeyUser {
+ *   keyId: string;
+ *   permissions: string[];
+ *   organization: string;
+ *   expiresAt: number;
+ *   isActive: boolean;
+ * }
+ *
+ * const apiKeyVerifier: CustomTokenVerificationPort<APIKeyUser> = {
+ *   async verifyToken(token: string): Promise<APIKeyUser> {
+ *     const keyData = await validateAPIKey(token);
+ *     if (!keyData || !keyData.isActive) {
+ *       throw new Error('Invalid or inactive API key');
+ *     }
+ *     return keyData;
+ *   }
+ * };
+ *
+ * // Adapter with custom extractors
+ * const apiTokenValidator = new CustomTokenVerificationPortAdapter(
+ *   apiKeyVerifier,
+ *   {
+ *     userIdExtractor: (user: APIKeyUser) => user.keyId,
+ *     expirationExtractor: (user: APIKeyUser) => user.expiresAt,
+ *     additionalValidation: (user: APIKeyUser) => user.isActive
+ *   }
+ * );
+ *
+ * // Seamlessly works with RouteGuards
+ * await RouteGuards.configure(
+ *   GuardSetup.production(),
+ *   userPermissionSource,
+ *   apiTokenValidator,
+ *   authConfig
+ * );
+ * ```
+ *
+ * @example
+ * OAuth token verification:
+ * ```typescript
+ * interface OAuthUser {
+ *   sub: string;        // OAuth subject
+ *   email: string;
+ *   scope: string[];    // OAuth scopes
+ *   exp: number;
+ *   client_id: string;
+ * }
+ *
+ * const oauthVerifier: CustomTokenVerificationPort<OAuthUser> = {
+ *   async verifyToken(token: string): Promise<OAuthUser> {
+ *     // Validate with OAuth provider
+ *     const response = await fetch(`${OAUTH_INTROSPECT_URL}`, {
+ *       method: 'POST',
+ *       headers: { 'Authorization': `Bearer ${token}` }
+ *     });
+ *
+ *     const tokenInfo = await response.json();
+ *     if (!tokenInfo.active) {
+ *       throw new Error('Token is not active');
+ *     }
+ *
+ *     return tokenInfo as OAuthUser;
+ *   }
+ * };
+ *
+ * const oauthTokenValidator = new CustomTokenVerificationPortAdapter(
+ *   oauthVerifier,
+ *   {
+ *     userIdExtractor: (user: OAuthUser) => user.sub,
+ *     expirationExtractor: (user: OAuthUser) => user.exp
+ *   }
+ * );
+ * ```
+ *
+ * @author Noony Framework Team
+ * @version 1.0.0
+ */
+import { CustomTokenVerificationPort } from '../../authenticationMiddleware';
+import { TokenValidator } from '../guards/FastAuthGuard';
+/**
+ * Configuration options for the CustomTokenVerificationPort adapter.
+ * Provides flexible configuration for extracting required data from
+ * different user object structures.
+ */
+export interface AdapterConfig<T> {
+    /**
+     * Extract user ID from the verified user object.
+     * This ID will be used for permission lookups and caching.
+     */
+    userIdExtractor: (user: T) => string;
+    /**
+     * Extract token expiration timestamp from the user object.
+     * Should return Unix timestamp (seconds since epoch).
+     *
+     * @param user - Verified user object
+     * @returns Unix timestamp or undefined if no expiration
+     */
+    expirationExtractor?: (user: T) => number | undefined;
+    /**
+     * Optional additional validation after token verification.
+     * Allows custom business logic validation on the verified user.
+     *
+     * @param user - Verified user object
+     * @returns true if user passes additional validation
+     */
+    additionalValidation?: (user: T) => boolean | Promise<boolean>;
+    /**
+     * Custom error message for token validation failures.
+     * If not provided, uses the original error from the verification port.
+     */
+    errorMessage?: string;
+}
+/**
+ * Adapter class that bridges CustomTokenVerificationPort to TokenValidator.
+ * Enables seamless integration between AuthenticationMiddleware and RouteGuards
+ * while maintaining full type safety and performance.
+ *
+ * @template T - The user type returned by the CustomTokenVerificationPort
+ */
+export declare class CustomTokenVerificationPortAdapter<T> implements TokenValidator {
+    private readonly verificationPort;
+    private readonly config;
+    constructor(verificationPort: CustomTokenVerificationPort<T>, config: AdapterConfig<T>);
+    /**
+     * Validate and decode token using the wrapped CustomTokenVerificationPort.
+     *
+     * @param token - JWT token string to validate
+     * @returns Validation result with decoded user data
+     */
+    validateToken(token: string): Promise<{
+        valid: boolean;
+        decoded?: T;
+        error?: string;
+    }>;
+    /**
+     * Extract user ID from the decoded token/user data.
+     * Uses the configured userIdExtractor function.
+     *
+     * @param decoded - Decoded user data from validateToken
+     * @returns User ID string
+     */
+    extractUserId(decoded: T): string;
+    /**
+     * Check if the token is expired based on the decoded data.
+     * Uses the configured expirationExtractor if available.
+     *
+     * @param decoded - Decoded user data from validateToken
+     * @returns true if token is expired, false otherwise
+     */
+    isTokenExpired(decoded: T): boolean;
+}
+/**
+ * Helper factory functions for common token verification scenarios.
+ * Provides pre-configured adapters for standard authentication patterns.
+ */
+export declare class TokenVerificationAdapterFactory {
+    /**
+     * Create adapter for standard JWT tokens with common claims.
+     * Assumes the user object has 'sub' for user ID and 'exp' for expiration.
+     *
+     * @param verificationPort - JWT token verification port
+     * @returns Configured adapter for JWT tokens
+     */
+    static forJWT<T extends {
+        sub: string;
+        exp?: number;
+    }>(verificationPort: CustomTokenVerificationPort<T>): CustomTokenVerificationPortAdapter<T>;
+    /**
+     * Create adapter for API key tokens with custom ID and expiration fields.
+     *
+     * @param verificationPort - API key verification port
+     * @param userIdField - Field name for user/key ID (e.g., 'keyId', 'apiKeyId')
+     * @param expirationField - Optional field name for expiration (e.g., 'expiresAt', 'exp')
+     * @returns Configured adapter for API key tokens
+     */
+    static forAPIKey<T extends Record<string, unknown>>(verificationPort: CustomTokenVerificationPort<T>, userIdField: keyof T, expirationField?: keyof T): CustomTokenVerificationPortAdapter<T>;
+    /**
+     * Create adapter for OAuth tokens with standard OAuth claims.
+     *
+     * @param verificationPort - OAuth token verification port
+     * @param additionalScopes - Optional required OAuth scopes
+     * @returns Configured adapter for OAuth tokens
+     */
+    static forOAuth<T extends {
+        sub: string;
+        exp?: number;
+        scope?: string[];
+    }>(verificationPort: CustomTokenVerificationPort<T>, additionalScopes?: string[]): CustomTokenVerificationPortAdapter<T>;
+    /**
+     * Create adapter with custom configuration.
+     * Use this for non-standard token structures or complex validation logic.
+     *
+     * @param verificationPort - Token verification port
+     * @param config - Custom adapter configuration
+     * @returns Configured adapter with custom settings
+     */
+    static custom<T>(verificationPort: CustomTokenVerificationPort<T>, config: AdapterConfig<T>): CustomTokenVerificationPortAdapter<T>;
+}
+//# sourceMappingURL=CustomTokenVerificationPortAdapter.d.ts.map