@nuria-tech/auth-sdk 1.0.2 → 1.0.4

package/dist/nuxt.js

@@ -0,0 +1,716 @@
+// src/errors/auth-error.ts
+var AuthError = class extends Error {
+  constructor(code, message, cause) {
+    super(message);
+    this.code = code;
+    this.cause = cause;
+    this.name = "AuthError";
+  }
+};
+
+// src/core/pkce.ts
+var ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";
+function getCryptoImpl() {
+  if (typeof globalThis !== "undefined" && globalThis.crypto) {
+    return globalThis.crypto;
+  }
+  throw new Error("Web Crypto API unavailable");
+}
+function randomString(length = 64) {
+  const crypto = getCryptoImpl();
+  const THRESHOLD = 256 - 256 % ALPHABET.length;
+  const result = [];
+  while (result.length < length) {
+    const bytes = new Uint8Array(Math.ceil((length - result.length) * 1.4));
+    crypto.getRandomValues(bytes);
+    for (const b of bytes) {
+      if (result.length >= length) break;
+      if (b < THRESHOLD) result.push(ALPHABET[b % ALPHABET.length]);
+    }
+  }
+  return result.join("");
+}
+function toBase64Url(bytes) {
+  const binary = Array.from(bytes, (b) => String.fromCharCode(b)).join("");
+  return btoa(binary).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
+}
+function verifierToBytes(verifier) {
+  const bytes = new Uint8Array(verifier.length);
+  for (let i = 0; i < verifier.length; i++) {
+    bytes[i] = verifier.charCodeAt(i);
+  }
+  return bytes;
+}
+async function createCodeChallenge(verifier) {
+  const crypto = getCryptoImpl();
+  const buffer = verifierToBytes(verifier);
+  const digest = await crypto.subtle.digest("SHA-256", buffer);
+  return toBase64Url(new Uint8Array(digest));
+}
+
+// src/core/utils.ts
+var STORAGE_KEYS = {
+  session: "nuria:session",
+  state: "nuria:oauth:state",
+  codeVerifier: "nuria:oauth:code_verifier"
+};
+function normalizeTokenSet(raw, now) {
+  var _a, _b, _c, _d, _e, _f, _g, _h, _i, _j;
+  const accessToken = (_b = (_a = raw.access_token) != null ? _a : raw.accessToken) != null ? _b : raw.Token;
+  if (!accessToken || typeof accessToken !== "string") {
+    throw new AuthError(
+      "TOKEN_EXCHANGE_FAILED" /* TOKEN_EXCHANGE_FAILED */,
+      "Missing access token in token response"
+    );
+  }
+  const expiresIn = Number((_d = (_c = raw.expires_in) != null ? _c : raw.expiresIn) != null ? _d : 0) || void 0;
+  const expiresAtFromResponse = Number((_e = raw.ExpiresAt) != null ? _e : 0) || void 0;
+  const computedExpiresAt = expiresIn != null ? now() + expiresIn * 1e3 : expiresAtFromResponse ? expiresAtFromResponse : void 0;
+  return {
+    accessToken,
+    tokenType: (_g = (_f = raw.token_type) != null ? _f : raw.tokenType) != null ? _g : raw.TokenType,
+    expiresIn,
+    refreshToken: (_i = (_h = raw.refresh_token) != null ? _h : raw.refreshToken) != null ? _i : raw.RefreshToken,
+    idToken: (_j = raw.id_token) != null ? _j : raw.idToken,
+    scope: raw.scope,
+    expiresAt: computedExpiresAt
+  };
+}
+async function safeGet(storage, key) {
+  try {
+    return await storage.get(key);
+  } catch (cause) {
+    throw new AuthError(
+      "STORAGE_ERROR" /* STORAGE_ERROR */,
+      `Failed reading key: ${key}`,
+      cause
+    );
+  }
+}
+async function safeSet(storage, key, value) {
+  try {
+    await storage.set(key, value);
+  } catch (cause) {
+    throw new AuthError(
+      "STORAGE_ERROR" /* STORAGE_ERROR */,
+      `Failed writing key: ${key}`,
+      cause
+    );
+  }
+}
+async function safeRemove(storage, key) {
+  try {
+    await storage.remove(key);
+  } catch (cause) {
+    throw new AuthError(
+      "STORAGE_ERROR" /* STORAGE_ERROR */,
+      `Failed removing key: ${key}`,
+      cause
+    );
+  }
+}
+function timingSafeEqual(a, b) {
+  if (a.length !== b.length) return false;
+  let diff = 0;
+  for (let i = 0; i < a.length; i++) {
+    diff |= a.charCodeAt(i) ^ b.charCodeAt(i);
+  }
+  return diff === 0;
+}
+function parseUrl(url) {
+  try {
+    return new URL(url);
+  } catch (e) {
+    throw new AuthError("CALLBACK_ERROR" /* CALLBACK_ERROR */, "Invalid callback URL");
+  }
+}
+
+// src/storage/memory-storage-adapter.ts
+var MemoryStorageAdapter = class {
+  constructor() {
+    this.store = /* @__PURE__ */ new Map();
+  }
+  get(key) {
+    var _a;
+    return (_a = this.store.get(key)) != null ? _a : null;
+  }
+  set(key, value) {
+    this.store.set(key, value);
+  }
+  remove(key) {
+    this.store.delete(key);
+  }
+};
+
+// src/transport/fetch-transport.ts
+var RETRYABLE_STATUS = /* @__PURE__ */ new Set([408, 425, 429, 500, 502, 503, 504]);
+var FetchAuthTransport = class {
+  constructor(options = {}) {
+    var _a, _b, _c;
+    this.fetchFn = (_a = options.fetchFn) != null ? _a : fetch;
+    this.timeoutMs = options.timeoutMs;
+    this.retries = (_b = options.retries) != null ? _b : 0;
+    this.interceptors = (_c = options.interceptors) != null ? _c : [];
+  }
+  async request(url, req = {}) {
+    var _a, _b, _c, _d;
+    let request = req;
+    for (const i of this.interceptors) {
+      if (i.onRequest) request = await i.onRequest(url, request);
+    }
+    const retries = (_a = request.retries) != null ? _a : this.retries;
+    let attempt = 0;
+    while (true) {
+      const controller = new AbortController();
+      const timeout = (_b = request.timeoutMs) != null ? _b : this.timeoutMs;
+      const timer = timeout ? setTimeout(() => controller.abort(), timeout) : void 0;
+      try {
+        const defaultContentType = typeof request.body === "string" ? "application/x-www-form-urlencoded" : "application/json";
+        const res = await this.fetchFn(this.withQuery(url, request.query), {
+          method: (_c = request.method) != null ? _c : "GET",
+          credentials: request.credentials,
+          headers: {
+            "Content-Type": defaultContentType,
+            ...(_d = request.headers) != null ? _d : {}
+          },
+          body: request.body !== void 0 ? typeof request.body === "string" ? request.body : JSON.stringify(request.body) : void 0,
+          signal: controller.signal
+        });
+        const data = await this.parseBody(res);
+        if (!res.ok) {
+          if (attempt < retries && RETRYABLE_STATUS.has(res.status)) {
+            attempt += 1;
+            continue;
+          }
+          throw new AuthError("HTTP_ERROR" /* HTTP_ERROR */, `HTTP ${res.status}`);
+        }
+        let out = {
+          status: res.status,
+          data,
+          headers: res.headers
+        };
+        for (const i of this.interceptors) {
+          if (i.onResponse) out = await i.onResponse(out);
+        }
+        return out;
+      } catch (cause) {
+        if (cause instanceof AuthError) throw cause;
+        if (attempt < retries) {
+          attempt += 1;
+          continue;
+        }
+        throw new AuthError(
+          "NETWORK_ERROR" /* NETWORK_ERROR */,
+          "Network request failed",
+          cause
+        );
+      } finally {
+        if (timer) clearTimeout(timer);
+      }
+    }
+  }
+  withQuery(url, query) {
+    if (!query) return url;
+    const parsed = new URL(url);
+    Object.entries(query).forEach(([k, v]) => {
+      if (v !== void 0) parsed.searchParams.set(k, v);
+    });
+    return parsed.toString();
+  }
+  async parseBody(res) {
+    var _a;
+    const contentType = (_a = res.headers.get("content-type")) != null ? _a : "";
+    if (contentType.includes("application/json")) {
+      return await res.json();
+    }
+    return await res.text();
+  }
+};
+
+// src/client/nuria-auth-client.ts
+var DefaultAuthClient = class {
+  constructor(config) {
+    this.config = config;
+    this.session = null;
+    this.refreshPromise = null;
+    this.listeners = /* @__PURE__ */ new Set();
+    var _a, _b, _c;
+    this.storage = (_a = config.storage) != null ? _a : new MemoryStorageAdapter();
+    this.transport = (_b = config.transport) != null ? _b : new FetchAuthTransport();
+    this.now = (_c = config.now) != null ? _c : (() => Date.now());
+  }
+  async startLogin(options = {}) {
+    var _a, _b;
+    const state = randomString(32);
+    const codeVerifier = randomString(96);
+    const codeChallenge = await createCodeChallenge(codeVerifier);
+    await safeSet(this.storage, STORAGE_KEYS.state, state);
+    await safeSet(this.storage, STORAGE_KEYS.codeVerifier, codeVerifier);
+    const params = {
+      response_type: "code",
+      client_id: this.config.clientId,
+      redirect_uri: this.config.redirectUri,
+      state,
+      code_challenge: codeChallenge,
+      code_challenge_method: "S256"
+    };
+    const scope = (_b = (_a = options.scopes) == null ? void 0 : _a.join(" ")) != null ? _b : this.config.scope;
+    if (scope) params.scope = scope;
+    if (options.loginHint) params.login_hint = options.loginHint;
+    if (options.extraParams) {
+      const RESERVED = /* @__PURE__ */ new Set([
+        "response_type",
+        "client_id",
+        "redirect_uri",
+        "state",
+        "code_challenge",
+        "code_challenge_method"
+      ]);
+      for (const [k, v] of Object.entries(options.extraParams)) {
+        if (!RESERVED.has(k)) params[k] = v;
+      }
+    }
+    const url = new URL(this.config.authorizationEndpoint);
+    Object.entries(params).forEach(([k, v]) => url.searchParams.set(k, v));
+    const redirectUrl = url.toString();
+    if (this.config.onRedirect) {
+      await this.config.onRedirect(redirectUrl);
+      return;
+    }
+    if (typeof window !== "undefined") {
+      window.location.assign(redirectUrl);
+      return;
+    }
+    throw new AuthError(
+      "INVALID_CONFIG" /* INVALID_CONFIG */,
+      "Missing onRedirect callback for non-browser runtime"
+    );
+  }
+  async handleRedirectCallback(callbackUrl) {
+    const input = callbackUrl != null ? callbackUrl : typeof window !== "undefined" ? window.location.href : "";
+    if (!input) {
+      throw new AuthError(
+        "CALLBACK_ERROR" /* CALLBACK_ERROR */,
+        "callbackUrl required in non-browser runtime"
+      );
+    }
+    const url = parseUrl(input);
+    const error = url.searchParams.get("error");
+    if (error) {
+      const desc = url.searchParams.get("error_description");
+      throw new AuthError(
+        "CALLBACK_ERROR" /* CALLBACK_ERROR */,
+        desc ? `Authorization error: ${error} \u2014 ${desc}` : `Authorization error: ${error}`
+      );
+    }
+    const code = url.searchParams.get("code");
+    if (!code) {
+      throw new AuthError(
+        "MISSING_CODE" /* MISSING_CODE */,
+        "Missing code in callback"
+      );
+    }
+    const state = url.searchParams.get("state");
+    if (!state) {
+      throw new AuthError(
+        "MISSING_STATE" /* MISSING_STATE */,
+        "Missing state in callback"
+      );
+    }
+    const storedState = await safeGet(this.storage, STORAGE_KEYS.state);
+    if (!storedState || !timingSafeEqual(storedState, state)) {
+      throw new AuthError(
+        "STATE_MISMATCH" /* STATE_MISMATCH */,
+        "State validation failed"
+      );
+    }
+    return this.exchangeCode(code);
+  }
+  getSession() {
+    return this.session;
+  }
+  async getAccessToken() {
+    var _a, _b;
+    if (!this.session) {
+      await this.hydrateSession();
+    }
+    if (!this.session) return null;
+    const exp = this.session.tokens.expiresAt;
+    if (exp && exp <= this.now() && this.config.enableRefreshToken) {
+      if (!this.refreshPromise) {
+        this.refreshPromise = this.doRefresh().finally(() => {
+          this.refreshPromise = null;
+        });
+      }
+      await this.refreshPromise;
+    }
+    return (_b = (_a = this.session) == null ? void 0 : _a.tokens.accessToken) != null ? _b : null;
+  }
+  async logout(options) {
+    if (options == null ? void 0 : options.returnTo) {
+      let returnToUrl;
+      try {
+        returnToUrl = new URL(options.returnTo);
+      } catch (e) {
+        throw new AuthError(
+          "INVALID_CONFIG" /* INVALID_CONFIG */,
+          "returnTo must be a valid absolute URL"
+        );
+      }
+      const isHttps = returnToUrl.protocol === "https:";
+      const isLocalHttp = returnToUrl.protocol === "http:" && (returnToUrl.hostname === "localhost" || returnToUrl.hostname === "127.0.0.1" || returnToUrl.hostname === "[::1]");
+      if (!isHttps && !isLocalHttp) {
+        throw new AuthError(
+          "INVALID_CONFIG" /* INVALID_CONFIG */,
+          "returnTo must use https:// (or http:// only for localhost)"
+        );
+      }
+      if (returnToUrl.username || returnToUrl.password) {
+        throw new AuthError(
+          "INVALID_CONFIG" /* INVALID_CONFIG */,
+          "returnTo must not include URL credentials"
+        );
+      }
+    }
+    this.session = null;
+    await safeRemove(this.storage, STORAGE_KEYS.session);
+    await safeRemove(this.storage, STORAGE_KEYS.state);
+    await safeRemove(this.storage, STORAGE_KEYS.codeVerifier);
+    this.notify();
+    if (this.config.logoutEndpoint) {
+      const url = new URL(this.config.logoutEndpoint);
+      if (options == null ? void 0 : options.returnTo) {
+        url.searchParams.set("returnTo", options.returnTo);
+      }
+      const logoutUrl = url.toString();
+      if (this.config.onRedirect) {
+        await this.config.onRedirect(logoutUrl);
+      } else if (typeof window !== "undefined") {
+        window.location.assign(logoutUrl);
+      }
+    }
+  }
+  isAuthenticated() {
+    var _a, _b;
+    const accessToken = (_a = this.session) == null ? void 0 : _a.tokens.accessToken;
+    if (!accessToken) return false;
+    const exp = (_b = this.session) == null ? void 0 : _b.tokens.expiresAt;
+    if (exp && exp <= this.now()) return false;
+    return true;
+  }
+  onAuthStateChanged(handler) {
+    this.listeners.add(handler);
+    return () => this.listeners.delete(handler);
+  }
+  async getUserinfo() {
+    const accessToken = await this.getAccessToken();
+    if (!accessToken) {
+      throw new AuthError(
+        "INVALID_CONFIG" /* INVALID_CONFIG */,
+        "Not authenticated \u2014 call handleRedirectCallback first"
+      );
+    }
+    if (!this.config.userinfoEndpoint) {
+      throw new AuthError(
+        "INVALID_CONFIG" /* INVALID_CONFIG */,
+        "config.userinfoEndpoint is required for getUserinfo"
+      );
+    }
+    const response = await this.transport.request(
+      this.config.userinfoEndpoint,
+      { headers: { Authorization: `Bearer ${accessToken}` } }
+    );
+    return response.data;
+  }
+  async startLoginCodeChallenge(options) {
+    var _a, _b, _c, _d, _e, _f, _g;
+    if (!(options == null ? void 0 : options.email)) {
+      throw new AuthError(
+        "INVALID_CONFIG" /* INVALID_CONFIG */,
+        "email is required for startLoginCodeChallenge"
+      );
+    }
+    const response = await this.transport.request(
+      `${this.config.baseUrl}/v2/login-code/challenge`,
+      {
+        method: "POST",
+        credentials: "include",
+        body: {
+          email: options.email,
+          channel: (_a = options.channel) != null ? _a : "email",
+          destination: options.destination,
+          purpose: (_b = options.purpose) != null ? _b : "login"
+        }
+      }
+    );
+    return {
+      challengeId: String((_c = response.data.challengeId) != null ? _c : ""),
+      channel: String((_d = response.data.channel) != null ? _d : ""),
+      destinationMasked: String((_e = response.data.destinationMasked) != null ? _e : ""),
+      expiresAt: Number((_f = response.data.expiresAt) != null ? _f : 0),
+      purpose: String((_g = response.data.purpose) != null ? _g : "login")
+    };
+  }
+  async verifyLoginCode(options) {
+    if (!(options == null ? void 0 : options.challengeId) || !(options == null ? void 0 : options.code)) {
+      throw new AuthError(
+        "INVALID_CONFIG" /* INVALID_CONFIG */,
+        "challengeId and code are required for verifyLoginCode"
+      );
+    }
+    const response = await this.transport.request(
+      `${this.config.baseUrl}/v2/2fa/verify-login`,
+      {
+        method: "POST",
+        credentials: "include",
+        body: {
+          challengeId: options.challengeId,
+          code: options.code
+        }
+      }
+    );
+    const tokens = normalizeTokenSet(response.data, this.now);
+    return this.createSession(tokens);
+  }
+  async loginWithCodeSent(options) {
+    return this.startLoginCodeChallenge(options);
+  }
+  async completeLoginWithCode(options) {
+    return this.verifyLoginCode(options);
+  }
+  async loginWithGoogle(options) {
+    if (!(options == null ? void 0 : options.idToken)) {
+      throw new AuthError(
+        "INVALID_CONFIG" /* INVALID_CONFIG */,
+        "idToken is required for loginWithGoogle"
+      );
+    }
+    const response = await this.transport.request(
+      `${this.config.baseUrl}/v2/google`,
+      {
+        method: "POST",
+        credentials: "include",
+        body: {
+          idToken: options.idToken
+        }
+      }
+    );
+    const tokens = normalizeTokenSet(response.data, this.now);
+    return this.createSession(tokens);
+  }
+  async loginWithPassword(options) {
+    if (!(options == null ? void 0 : options.email) || !(options == null ? void 0 : options.password)) {
+      throw new AuthError(
+        "INVALID_CONFIG" /* INVALID_CONFIG */,
+        "email and password are required for loginWithPassword"
+      );
+    }
+    const response = await this.transport.request(
+      `${this.config.baseUrl}/v2/login`,
+      {
+        method: "POST",
+        credentials: "include",
+        body: {
+          email: options.email,
+          password: options.password
+        }
+      }
+    );
+    const tokens = normalizeTokenSet(response.data, this.now);
+    return this.createSession(tokens);
+  }
+  async exchangeCode(code) {
+    const verifier = await safeGet(this.storage, STORAGE_KEYS.codeVerifier);
+    if (!verifier) {
+      throw new AuthError(
+        "TOKEN_EXCHANGE_FAILED" /* TOKEN_EXCHANGE_FAILED */,
+        "Missing PKCE code_verifier in storage"
+      );
+    }
+    const body = new URLSearchParams({
+      grant_type: "authorization_code",
+      code,
+      code_verifier: verifier,
+      redirect_uri: this.config.redirectUri,
+      client_id: this.config.clientId
+    });
+    const response = await this.transport.request(
+      this.config.tokenEndpoint,
+      {
+        method: "POST",
+        credentials: "include",
+        body: body.toString()
+      }
+    );
+    const tokens = normalizeTokenSet(response.data, this.now);
+    await safeRemove(this.storage, STORAGE_KEYS.state);
+    await safeRemove(this.storage, STORAGE_KEYS.codeVerifier);
+    return this.createSession(tokens);
+  }
+  async doRefresh() {
+    var _a;
+    const refreshToken = (_a = this.session) == null ? void 0 : _a.tokens.refreshToken;
+    const body = new URLSearchParams({
+      grant_type: "refresh_token",
+      client_id: this.config.clientId
+    });
+    if (refreshToken) body.set("refresh_token", refreshToken);
+    const response = await this.transport.request(
+      this.config.tokenEndpoint,
+      {
+        method: "POST",
+        credentials: "include",
+        body: body.toString()
+      }
+    );
+    const tokens = normalizeTokenSet(response.data, this.now);
+    return this.createSession(tokens);
+  }
+  async createSession(tokens) {
+    var _a, _b;
+    const previousRefreshToken = (_a = this.session) == null ? void 0 : _a.tokens.refreshToken;
+    const mergedTokens = {
+      ...tokens,
+      refreshToken: (_b = tokens.refreshToken) != null ? _b : previousRefreshToken
+    };
+    this.session = {
+      tokens: mergedTokens,
+      createdAt: this.now()
+    };
+    await safeSet(
+      this.storage,
+      STORAGE_KEYS.session,
+      JSON.stringify(this.session)
+    );
+    this.notify();
+    return this.session;
+  }
+  notify() {
+    this.listeners.forEach((handler) => handler(this.session));
+  }
+  async hydrateSession() {
+    var _a;
+    const raw = await safeGet(this.storage, STORAGE_KEYS.session);
+    if (!raw) return;
+    try {
+      const parsed = JSON.parse(raw);
+      if (typeof ((_a = parsed == null ? void 0 : parsed.tokens) == null ? void 0 : _a.accessToken) !== "string") {
+        await safeRemove(this.storage, STORAGE_KEYS.session);
+        return;
+      }
+      this.session = parsed;
+    } catch (e) {
+      await safeRemove(this.storage, STORAGE_KEYS.session);
+      this.session = null;
+    }
+  }
+};
+
+// src/client/create-client.ts
+var DEFAULT_AUTH_BASE_URL = "https://ms-auth-v2.nuria.com.br";
+var DEFAULT_AUTHORIZATION_PATH = "/v2/oauth/authorize";
+var DEFAULT_TOKEN_PATH = "/v2/oauth/token";
+var DEFAULT_SCOPE = "openid profile email";
+function normalizeBaseUrl(value) {
+  const raw = String(value != null ? value : DEFAULT_AUTH_BASE_URL).trim();
+  if (!raw) {
+    throw new AuthError(
+      "INVALID_CONFIG" /* INVALID_CONFIG */,
+      "config.baseUrl must be a valid absolute URL"
+    );
+  }
+  let parsed;
+  try {
+    parsed = new URL(raw);
+  } catch (e) {
+    throw new AuthError(
+      "INVALID_CONFIG" /* INVALID_CONFIG */,
+      "config.baseUrl must be a valid absolute URL"
+    );
+  }
+  return parsed.toString().replace(/\/+$/, "");
+}
+function resolveEndpoint(baseUrl, explicit, fallbackPath) {
+  if (explicit) {
+    try {
+      return new URL(explicit).toString();
+    } catch (e) {
+      throw new AuthError(
+        "INVALID_CONFIG" /* INVALID_CONFIG */,
+        "OAuth endpoints must be valid absolute URLs"
+      );
+    }
+  }
+  return new URL(fallbackPath, `${baseUrl}/`).toString();
+}
+function createAuthClient(config) {
+  var _a, _b;
+  if (!(config == null ? void 0 : config.clientId)) {
+    throw new AuthError(
+      "INVALID_CONFIG" /* INVALID_CONFIG */,
+      "config.clientId is required"
+    );
+  }
+  if (!config.redirectUri) {
+    throw new AuthError(
+      "INVALID_CONFIG" /* INVALID_CONFIG */,
+      "config.redirectUri is required"
+    );
+  }
+  const baseUrl = normalizeBaseUrl(config.baseUrl);
+  const resolvedConfig = {
+    ...config,
+    baseUrl,
+    scope: String((_a = config.scope) != null ? _a : "").trim() || DEFAULT_SCOPE,
+    enableRefreshToken: (_b = config.enableRefreshToken) != null ? _b : true,
+    authorizationEndpoint: resolveEndpoint(
+      baseUrl,
+      config.authorizationEndpoint,
+      DEFAULT_AUTHORIZATION_PATH
+    ),
+    tokenEndpoint: resolveEndpoint(
+      baseUrl,
+      config.tokenEndpoint,
+      DEFAULT_TOKEN_PATH
+    )
+  };
+  return new DefaultAuthClient(resolvedConfig);
+}
+
+// src/storage/cookie-storage-adapter.ts
+var CookieStorageAdapter = class {
+  constructor(callbacks) {
+    this.callbacks = callbacks;
+  }
+  async get(key) {
+    return this.callbacks.getCookie(key);
+  }
+  async set(key, value) {
+    await this.callbacks.setCookie(key, value);
+  }
+  async remove(key) {
+    await this.callbacks.removeCookie(key);
+  }
+};
+
+// src/nuxt/index.ts
+function createNuxtCookieStorageAdapter(cookies) {
+  return new CookieStorageAdapter({
+    getCookie: async (name) => {
+      var _a;
+      return (_a = await cookies.get(name)) != null ? _a : null;
+    },
+    setCookie: (name, value) => cookies.set(name, value),
+    removeCookie: (name) => cookies.remove(name)
+  });
+}
+function createNuxtAuthClient(config, cookies) {
+  return createAuthClient({
+    ...config,
+    storage: createNuxtCookieStorageAdapter(cookies)
+  });
+}
+
+export { createNuxtAuthClient, createNuxtCookieStorageAdapter };
+//# sourceMappingURL=nuxt.js.map
+//# sourceMappingURL=nuxt.js.map