@otplib/core 13.0.2 → 13.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (19) hide show
  1. package/dist/errors.cjs +1 -1
  2. package/dist/errors.cjs.map +1 -1
  3. package/dist/errors.js +1 -1
  4. package/dist/errors.js.map +1 -1
  5. package/dist/index.cjs +1 -1
  6. package/dist/index.cjs.map +1 -1
  7. package/dist/index.d.cts +1 -1
  8. package/dist/index.d.ts +1 -1
  9. package/dist/index.js +1 -1
  10. package/dist/index.js.map +1 -1
  11. package/dist/metafile-cjs.json +1 -1
  12. package/dist/metafile-esm.json +1 -1
  13. package/dist/utils.cjs +1 -1
  14. package/dist/utils.cjs.map +1 -1
  15. package/dist/utils.d.cts +137 -6
  16. package/dist/utils.d.ts +137 -6
  17. package/dist/utils.js +1 -1
  18. package/dist/utils.js.map +1 -1
  19. package/package.json +1 -1
package/dist/errors.cjs CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";var h=Object.defineProperty;var W=Object.getOwnPropertyDescriptor;var Y=Object.getOwnPropertyNames;var j=Object.prototype.hasOwnProperty;var D=(s,e)=>{for(var t in e)h(s,t,{get:e[t],enumerable:!0})},F=(s,e,t,N)=>{if(e&&typeof e=="object"||typeof e=="function")for(let o of Y(e))!j.call(s,o)&&o!==t&&h(s,o,{get:()=>e[o],enumerable:!(N=W(e,o))||N.enumerable});return s};var G=s=>F(h({},"__esModule",{value:!0}),s);var J={};D(J,{AlgorithmError:()=>C,Base32DecodeError:()=>U,Base32EncodeError:()=>B,Base32Error:()=>x,Base32PluginMissingError:()=>L,ConfigurationError:()=>n,CounterError:()=>a,CounterNegativeError:()=>E,CounterOverflowError:()=>T,CounterToleranceError:()=>g,CounterToleranceTooLargeError:()=>A,CryptoError:()=>p,CryptoPluginMissingError:()=>k,DigitsError:()=>f,EpochToleranceError:()=>m,EpochToleranceNegativeError:()=>R,EpochToleranceTooLargeError:()=>I,HMACError:()=>w,IssuerMissingError:()=>z,LabelMissingError:()=>_,OTPError:()=>r,PeriodError:()=>u,PeriodTooLargeError:()=>y,PeriodTooSmallError:()=>$,PluginError:()=>d,RandomBytesError:()=>q,SecretError:()=>c,SecretMissingError:()=>M,SecretTooLongError:()=>O,SecretTooShortError:()=>b,SecretTypeError:()=>H,TimeError:()=>l,TimeNegativeError:()=>P,TokenError:()=>i,TokenFormatError:()=>S,TokenLengthError:()=>v});module.exports=G(J);var r=class extends Error{constructor(e,t){super(e,t),this.name="OTPError"}},c=class extends r{constructor(e){super(e),this.name="SecretError"}},b=class extends c{constructor(e,t){super(`Secret must be at least ${e} bytes (${e*8} bits), got ${t} bytes`),this.name="SecretTooShortError"}},O=class extends c{constructor(e,t){super(`Secret must not exceed ${e} bytes, got ${t} bytes`),this.name="SecretTooLongError"}},a=class extends r{constructor(e){super(e),this.name="CounterError"}},E=class extends a{constructor(){super("Counter must be non-negative"),this.name="CounterNegativeError"}},T=class extends a{constructor(){super("Counter exceeds maximum safe integer value"),this.name="CounterOverflowError"}},l=class extends r{constructor(e){super(e),this.name="TimeError"}},P=class extends l{constructor(){super("Time must be non-negative"),this.name="TimeNegativeError"}},u=class extends r{constructor(e){super(e),this.name="PeriodError"}},$=class extends u{constructor(e){super(`Period must be at least ${e} second(s)`),this.name="PeriodTooSmallError"}},y=class extends u{constructor(e){super(`Period must not exceed ${e} seconds`),this.name="PeriodTooLargeError"}},f=class extends r{constructor(e){super(e),this.name="DigitsError"}},C=class extends r{constructor(e){super(e),this.name="AlgorithmError"}},i=class extends r{constructor(e){super(e),this.name="TokenError"}},v=class extends i{constructor(e,t){super(`Token must be ${e} digits, got ${t}`),this.name="TokenLengthError"}},S=class extends i{constructor(){super("Token must contain only digits"),this.name="TokenFormatError"}},p=class extends r{constructor(e,t){super(e,t),this.name="CryptoError"}},w=class extends p{constructor(e,t){super(`HMAC computation failed: ${e}`,t),this.name="HMACError"}},q=class extends p{constructor(e,t){super(`Random byte generation failed: ${e}`,t),this.name="RandomBytesError"}},x=class extends r{constructor(e,t){super(e,t),this.name="Base32Error"}},B=class extends x{constructor(e,t){super(`Base32 encoding failed: ${e}`,t),this.name="Base32EncodeError"}},U=class extends x{constructor(e,t){super(`Base32 decoding failed: ${e}`,t),this.name="Base32DecodeError"}},g=class extends r{constructor(e){super(e),this.name="CounterToleranceError"}},A=class extends g{constructor(e,t){super(`Counter tolerance size must not exceed ${e}, got ${t}. Large tolerances can cause performance issues.`),this.name="CounterToleranceTooLargeError"}},m=class extends r{constructor(e){super(e),this.name="EpochToleranceError"}},R=class extends m{constructor(){super("Epoch tolerance cannot contain negative values"),this.name="EpochToleranceNegativeError"}},I=class extends m{constructor(e,t){super(`Epoch tolerance must not exceed ${e} seconds, got ${t}. Large tolerances can cause performance issues.`),this.name="EpochToleranceTooLargeError"}},d=class extends r{constructor(e){super(e),this.name="PluginError"}},k=class extends d{constructor(){super("Crypto plugin is required. Example: new TOTP({ crypto: new NodeCryptoPlugin() }) or new TOTP({ crypto: new WebCryptoPlugin() })"),this.name="CryptoPluginMissingError"}},L=class extends d{constructor(){super("Base32 plugin is required. Example: new TOTP({ base32: new ScureBase32Plugin() })"),this.name="Base32PluginMissingError"}},n=class extends r{constructor(e){super(e),this.name="ConfigurationError"}},M=class extends n{constructor(){super("Secret is required. Use generateSecret() to create one, or provide via { secret: 'YOUR_BASE32_SECRET' }"),this.name="SecretMissingError"}},_=class extends n{constructor(){super("Label is required for URI generation. Example: { label: 'user@example.com' }"),this.name="LabelMissingError"}},z=class extends n{constructor(){super("Issuer is required for URI generation. Example: { issuer: 'MyApp' }"),this.name="IssuerMissingError"}},H=class extends n{constructor(){super("Class API requires secret to be a Base32 string, not Uint8Array. Use generateSecret() or provide a Base32-encoded string."),this.name="SecretTypeError"}};0&&(module.exports={AlgorithmError,Base32DecodeError,Base32EncodeError,Base32Error,Base32PluginMissingError,ConfigurationError,CounterError,CounterNegativeError,CounterOverflowError,CounterToleranceError,CounterToleranceTooLargeError,CryptoError,CryptoPluginMissingError,DigitsError,EpochToleranceError,EpochToleranceNegativeError,EpochToleranceTooLargeError,HMACError,IssuerMissingError,LabelMissingError,OTPError,PeriodError,PeriodTooLargeError,PeriodTooSmallError,PluginError,RandomBytesError,SecretError,SecretMissingError,SecretTooLongError,SecretTooShortError,SecretTypeError,TimeError,TimeNegativeError,TokenError,TokenFormatError,TokenLengthError});
1
+ "use strict";var h=Object.defineProperty;var j=Object.getOwnPropertyDescriptor;var D=Object.getOwnPropertyNames;var F=Object.prototype.hasOwnProperty;var G=(s,e)=>{for(var t in e)h(s,t,{get:e[t],enumerable:!0})},J=(s,e,t,Y)=>{if(e&&typeof e=="object"||typeof e=="function")for(let o of D(e))!F.call(s,o)&&o!==t&&h(s,o,{get:()=>e[o],enumerable:!(Y=j(e,o))||Y.enumerable});return s};var K=s=>J(h({},"__esModule",{value:!0}),s);var N={};G(N,{AlgorithmError:()=>v,Base32DecodeError:()=>B,Base32EncodeError:()=>A,Base32Error:()=>x,Base32PluginMissingError:()=>M,ConfigurationError:()=>n,CounterError:()=>a,CounterNegativeError:()=>$,CounterOverflowError:()=>E,CounterToleranceError:()=>g,CounterToleranceTooLargeError:()=>R,CryptoError:()=>p,CryptoPluginMissingError:()=>L,DigitsError:()=>y,EpochToleranceError:()=>m,EpochToleranceNegativeError:()=>I,EpochToleranceTooLargeError:()=>k,HMACError:()=>q,IssuerMissingError:()=>z,LabelMissingError:()=>w,OTPError:()=>r,PeriodError:()=>u,PeriodTooLargeError:()=>f,PeriodTooSmallError:()=>P,PluginError:()=>d,RandomBytesError:()=>U,SecretError:()=>c,SecretMissingError:()=>_,SecretTooLongError:()=>O,SecretTooShortError:()=>b,SecretTypeError:()=>H,TimeError:()=>l,TimeNegativeError:()=>T,TokenError:()=>i,TokenFormatError:()=>S,TokenLengthError:()=>C});module.exports=K(N);var r=class extends Error{constructor(e,t){super(e,t),this.name="OTPError"}},c=class extends r{constructor(e){super(e),this.name="SecretError"}},b=class extends c{constructor(e,t){super(`Secret must be at least ${e} bytes (${e*8} bits), got ${t} bytes`),this.name="SecretTooShortError"}},O=class extends c{constructor(e,t){super(`Secret must not exceed ${e} bytes, got ${t} bytes`),this.name="SecretTooLongError"}},a=class extends r{constructor(e){super(e),this.name="CounterError"}},$=class extends a{constructor(){super("Counter must be non-negative"),this.name="CounterNegativeError"}},E=class extends a{constructor(){super("Counter exceeds maximum safe integer value"),this.name="CounterOverflowError"}},l=class extends r{constructor(e){super(e),this.name="TimeError"}},T=class extends l{constructor(){super("Time must be non-negative"),this.name="TimeNegativeError"}},u=class extends r{constructor(e){super(e),this.name="PeriodError"}},P=class extends u{constructor(e){super(`Period must be at least ${e} second(s)`),this.name="PeriodTooSmallError"}},f=class extends u{constructor(e){super(`Period must not exceed ${e} seconds`),this.name="PeriodTooLargeError"}},y=class extends r{constructor(e){super(e),this.name="DigitsError"}},v=class extends r{constructor(e){super(e),this.name="AlgorithmError"}},i=class extends r{constructor(e){super(e),this.name="TokenError"}},C=class extends i{constructor(e,t){super(`Token must be ${e} digits, got ${t}`),this.name="TokenLengthError"}},S=class extends i{constructor(){super("Token must contain only digits"),this.name="TokenFormatError"}},p=class extends r{constructor(e,t){super(e,t),this.name="CryptoError"}},q=class extends p{constructor(e,t){super(`HMAC computation failed: ${e}`,t),this.name="HMACError"}},U=class extends p{constructor(e,t){super(`Random byte generation failed: ${e}`,t),this.name="RandomBytesError"}},x=class extends r{constructor(e,t){super(e,t),this.name="Base32Error"}},A=class extends x{constructor(e,t){super(`Base32 encoding failed: ${e}`,t),this.name="Base32EncodeError"}},B=class extends x{constructor(e,t){super(`Base32 decoding failed: ${e}`,t),this.name="Base32DecodeError"}},g=class extends r{constructor(e){super(e),this.name="CounterToleranceError"}},R=class extends g{constructor(e,t){super(`Counter tolerance size must not exceed ${e}, got ${t}. Large tolerances can cause performance issues.`),this.name="CounterToleranceTooLargeError"}},m=class extends r{constructor(e){super(e),this.name="EpochToleranceError"}},I=class extends m{constructor(){super("Epoch tolerance cannot contain negative values"),this.name="EpochToleranceNegativeError"}},k=class extends m{constructor(e,t){super(`Epoch tolerance must not exceed ${e} seconds, got ${t}. Large tolerances can cause performance issues.`),this.name="EpochToleranceTooLargeError"}},d=class extends r{constructor(e){super(e),this.name="PluginError"}},L=class extends d{constructor(){super("Crypto plugin is required."),this.name="CryptoPluginMissingError"}},M=class extends d{constructor(){super("Base32 plugin is required."),this.name="Base32PluginMissingError"}},n=class extends r{constructor(e){super(e),this.name="ConfigurationError"}},_=class extends n{constructor(){super("Secret is required. Use generateSecret() to create one, or provide via { secret: 'YOUR_BASE32_SECRET' }"),this.name="SecretMissingError"}},w=class extends n{constructor(){super("Label is required for URI generation. Example: { label: 'user@example.com' }"),this.name="LabelMissingError"}},z=class extends n{constructor(){super("Issuer is required for URI generation. Example: { issuer: 'MyApp' }"),this.name="IssuerMissingError"}},H=class extends n{constructor(){super("Class API requires secret to be a Base32 string, not Uint8Array. Use generateSecret() or provide a Base32-encoded string."),this.name="SecretTypeError"}};0&&(module.exports={AlgorithmError,Base32DecodeError,Base32EncodeError,Base32Error,Base32PluginMissingError,ConfigurationError,CounterError,CounterNegativeError,CounterOverflowError,CounterToleranceError,CounterToleranceTooLargeError,CryptoError,CryptoPluginMissingError,DigitsError,EpochToleranceError,EpochToleranceNegativeError,EpochToleranceTooLargeError,HMACError,IssuerMissingError,LabelMissingError,OTPError,PeriodError,PeriodTooLargeError,PeriodTooSmallError,PluginError,RandomBytesError,SecretError,SecretMissingError,SecretTooLongError,SecretTooShortError,SecretTypeError,TimeError,TimeNegativeError,TokenError,TokenFormatError,TokenLengthError});
2
2
  //# sourceMappingURL=errors.cjs.map
package/dist/errors.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/errors.ts"],"sourcesContent":["/**\n * Options for OTPError construction\n */\nexport type OTPErrorOptions = {\n /**\n * The underlying error that caused this error.\n * Useful for error chaining and debugging.\n */\n cause?: unknown;\n};\n\n/**\n * Base error class for all otplib errors\n *\n * Supports ES2022 error chaining via the `cause` property.\n *\n * @example\n * ```typescript\n * try {\n * // ... operation that throws\n * } catch (error) {\n * throw new OTPError('Operation failed', { cause: error });\n * }\n * ```\n */\nexport class OTPError extends Error {\n constructor(message: string, options?: OTPErrorOptions) {\n super(message, options);\n this.name = \"OTPError\";\n }\n}\n\n/**\n * Error thrown when secret validation fails\n */\nexport class SecretError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"SecretError\";\n }\n}\n\n/**\n * Error thrown when secret is too short (< 128 bits)\n */\nexport class SecretTooShortError extends SecretError {\n constructor(minBytes: number, actualBytes: number) {\n super(\n `Secret must be at least ${minBytes} bytes (${minBytes * 8} bits), got ${actualBytes} bytes`,\n );\n this.name = \"SecretTooShortError\";\n }\n}\n\n/**\n * Error thrown when secret is unreasonably large (> 64 bytes)\n */\nexport class SecretTooLongError extends SecretError {\n constructor(maxBytes: number, actualBytes: number) {\n super(`Secret must not exceed ${maxBytes} bytes, got ${actualBytes} bytes`);\n this.name = \"SecretTooLongError\";\n }\n}\n\n/**\n * Error thrown when counter is invalid\n */\nexport class CounterError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"CounterError\";\n }\n}\n\n/**\n * Error thrown when counter is negative\n */\nexport class CounterNegativeError extends CounterError {\n constructor() {\n super(\"Counter must be non-negative\");\n this.name = \"CounterNegativeError\";\n }\n}\n\n/**\n * Error thrown when counter exceeds maximum value (2^53 - 1 for safe integer)\n */\nexport class CounterOverflowError extends CounterError {\n constructor() {\n super(\"Counter exceeds maximum safe integer value\");\n this.name = \"CounterOverflowError\";\n }\n}\n\n/**\n * Error thrown when time is invalid\n */\nexport class TimeError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"TimeError\";\n }\n}\n\n/**\n * Error thrown when time is negative\n */\nexport class TimeNegativeError extends TimeError {\n constructor() {\n super(\"Time must be non-negative\");\n this.name = \"TimeNegativeError\";\n }\n}\n\n/**\n * Error thrown when period is invalid\n */\nexport class PeriodError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"PeriodError\";\n }\n}\n\n/**\n * Error thrown when period is too small\n */\nexport class PeriodTooSmallError extends PeriodError {\n constructor(minPeriod: number) {\n super(`Period must be at least ${minPeriod} second(s)`);\n this.name = \"PeriodTooSmallError\";\n }\n}\n\n/**\n * Error thrown when period is too large\n */\nexport class PeriodTooLargeError extends PeriodError {\n constructor(maxPeriod: number) {\n super(`Period must not exceed ${maxPeriod} seconds`);\n this.name = \"PeriodTooLargeError\";\n }\n}\n\n/**\n * Error thrown when digits value is invalid\n */\nexport class DigitsError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"DigitsError\";\n }\n}\n\n/**\n * Error thrown when hash algorithm is invalid\n */\nexport class AlgorithmError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"AlgorithmError\";\n }\n}\n\n/**\n * Error thrown when token is invalid\n */\nexport class TokenError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"TokenError\";\n }\n}\n\n/**\n * Error thrown when token has incorrect length\n */\nexport class TokenLengthError extends TokenError {\n constructor(expected: number, actual: number) {\n super(`Token must be ${expected} digits, got ${actual}`);\n this.name = \"TokenLengthError\";\n }\n}\n\n/**\n * Error thrown when token contains non-digit characters\n */\nexport class TokenFormatError extends TokenError {\n constructor() {\n super(\"Token must contain only digits\");\n this.name = \"TokenFormatError\";\n }\n}\n\n/**\n * Error thrown when crypto operation fails\n */\nexport class CryptoError extends OTPError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(message, options);\n this.name = \"CryptoError\";\n }\n}\n\n/**\n * Error thrown when HMAC computation fails\n *\n * The original error from the crypto plugin is available via `cause`.\n *\n * @example\n * ```typescript\n * try {\n * await cryptoContext.hmac('sha1', key, data);\n * } catch (error) {\n * if (error instanceof HMACError) {\n * console.log('HMAC failed:', error.message);\n * console.log('Original error:', error.cause);\n * }\n * }\n * ```\n */\nexport class HMACError extends CryptoError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`HMAC computation failed: ${message}`, options);\n this.name = \"HMACError\";\n }\n}\n\n/**\n * Error thrown when random byte generation fails\n *\n * The original error from the crypto plugin is available via `cause`.\n */\nexport class RandomBytesError extends CryptoError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`Random byte generation failed: ${message}`, options);\n this.name = \"RandomBytesError\";\n }\n}\n\n/**\n * Error thrown when Base32 operation fails\n */\nexport class Base32Error extends OTPError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(message, options);\n this.name = \"Base32Error\";\n }\n}\n\n/**\n * Error thrown when Base32 encoding fails\n *\n * The original error from the Base32 plugin is available via `cause`.\n *\n * @example\n * ```typescript\n * try {\n * base32Context.encode(data);\n * } catch (error) {\n * if (error instanceof Base32EncodeError) {\n * console.log('Encoding failed:', error.message);\n * console.log('Original error:', error.cause);\n * }\n * }\n * ```\n */\nexport class Base32EncodeError extends Base32Error {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`Base32 encoding failed: ${message}`, options);\n this.name = \"Base32EncodeError\";\n }\n}\n\n/**\n * Error thrown when Base32 decoding fails\n *\n * The original error from the Base32 plugin is available via `cause`.\n *\n * @example\n * ```typescript\n * try {\n * base32Context.decode(invalidString);\n * } catch (error) {\n * if (error instanceof Base32DecodeError) {\n * console.log('Decoding failed:', error.message);\n * console.log('Original error:', error.cause);\n * }\n * }\n * ```\n */\nexport class Base32DecodeError extends Base32Error {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`Base32 decoding failed: ${message}`, options);\n this.name = \"Base32DecodeError\";\n }\n}\n\n/**\n * Error thrown when counter tolerance is invalid\n */\nexport class CounterToleranceError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"CounterToleranceError\";\n }\n}\n\n/**\n * Error thrown when counter tolerance is too large\n */\nexport class CounterToleranceTooLargeError extends CounterToleranceError {\n constructor(maxTolerance: number, actualSize: number) {\n super(\n `Counter tolerance size must not exceed ${maxTolerance}, got ${actualSize}. ` +\n `Large tolerances can cause performance issues.`,\n );\n this.name = \"CounterToleranceTooLargeError\";\n }\n}\n\n/**\n * Error thrown when epoch tolerance is invalid\n */\nexport class EpochToleranceError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"EpochToleranceError\";\n }\n}\n\n/**\n * Error thrown when epoch tolerance contains negative values\n */\nexport class EpochToleranceNegativeError extends EpochToleranceError {\n constructor() {\n super(\"Epoch tolerance cannot contain negative values\");\n this.name = \"EpochToleranceNegativeError\";\n }\n}\n\n/**\n * Error thrown when epoch tolerance is too large\n */\nexport class EpochToleranceTooLargeError extends EpochToleranceError {\n constructor(maxTolerance: number, actualValue: number) {\n super(\n `Epoch tolerance must not exceed ${maxTolerance} seconds, got ${actualValue}. ` +\n `Large tolerances can cause performance issues.`,\n );\n this.name = \"EpochToleranceTooLargeError\";\n }\n}\n\n/**\n * Error thrown when a required plugin is missing\n */\nexport class PluginError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"PluginError\";\n }\n}\n\n/**\n * Error thrown when crypto plugin is not configured\n */\nexport class CryptoPluginMissingError extends PluginError {\n constructor() {\n super(\n \"Crypto plugin is required. \" +\n \"Example: new TOTP({ crypto: new NodeCryptoPlugin() }) or \" +\n \"new TOTP({ crypto: new WebCryptoPlugin() })\",\n );\n this.name = \"CryptoPluginMissingError\";\n }\n}\n\n/**\n * Error thrown when Base32 plugin is not configured\n */\nexport class Base32PluginMissingError extends PluginError {\n constructor() {\n super(\"Base32 plugin is required. Example: new TOTP({ base32: new ScureBase32Plugin() })\");\n this.name = \"Base32PluginMissingError\";\n }\n}\n\n/**\n * Error thrown when required configuration is missing\n */\nexport class ConfigurationError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"ConfigurationError\";\n }\n}\n\n/**\n * Error thrown when secret is not configured\n */\nexport class SecretMissingError extends ConfigurationError {\n constructor() {\n super(\n \"Secret is required. \" +\n \"Use generateSecret() to create one, or provide via { secret: 'YOUR_BASE32_SECRET' }\",\n );\n this.name = \"SecretMissingError\";\n }\n}\n\n/**\n * Error thrown when label is not configured (required for URI generation)\n */\nexport class LabelMissingError extends ConfigurationError {\n constructor() {\n super(\"Label is required for URI generation. Example: { label: 'user@example.com' }\");\n this.name = \"LabelMissingError\";\n }\n}\n\n/**\n * Error thrown when issuer is not configured (required for URI generation)\n */\nexport class IssuerMissingError extends ConfigurationError {\n constructor() {\n super(\"Issuer is required for URI generation. Example: { issuer: 'MyApp' }\");\n this.name = \"IssuerMissingError\";\n }\n}\n\n/**\n * Error thrown when secret must be a Base32 string but is provided as bytes\n */\nexport class SecretTypeError extends ConfigurationError {\n constructor() {\n super(\n \"Class API requires secret to be a Base32 string, not Uint8Array. \" +\n \"Use generateSecret() or provide a Base32-encoded string.\",\n );\n this.name = \"SecretTypeError\";\n }\n}\n"],"mappings":"yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,oBAAAE,EAAA,sBAAAC,EAAA,sBAAAC,EAAA,gBAAAC,EAAA,6BAAAC,EAAA,uBAAAC,EAAA,iBAAAC,EAAA,yBAAAC,EAAA,yBAAAC,EAAA,0BAAAC,EAAA,kCAAAC,EAAA,gBAAAC,EAAA,6BAAAC,EAAA,gBAAAC,EAAA,wBAAAC,EAAA,gCAAAC,EAAA,gCAAAC,EAAA,cAAAC,EAAA,uBAAAC,EAAA,sBAAAC,EAAA,aAAAC,EAAA,gBAAAC,EAAA,wBAAAC,EAAA,wBAAAC,EAAA,gBAAAC,EAAA,qBAAAC,EAAA,gBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,wBAAAC,EAAA,oBAAAC,EAAA,cAAAC,EAAA,sBAAAC,EAAA,eAAAC,EAAA,qBAAAC,EAAA,qBAAAC,IAAA,eAAAC,EAAAtC,GAyBO,IAAMsB,EAAN,cAAuB,KAAM,CAClC,YAAYiB,EAAiBC,EAA2B,CACtD,MAAMD,EAASC,CAAO,EACtB,KAAK,KAAO,UACd,CACF,EAKaZ,EAAN,cAA0BN,CAAS,CACxC,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKaR,EAAN,cAAkCH,CAAY,CACnD,YAAYa,EAAkBC,EAAqB,CACjD,MACE,2BAA2BD,CAAQ,WAAWA,EAAW,CAAC,eAAeC,CAAW,QACtF,EACA,KAAK,KAAO,qBACd,CACF,EAKaZ,EAAN,cAAiCF,CAAY,CAClD,YAAYe,EAAkBD,EAAqB,CACjD,MAAM,0BAA0BC,CAAQ,eAAeD,CAAW,QAAQ,EAC1E,KAAK,KAAO,oBACd,CACF,EAKalC,EAAN,cAA2Bc,CAAS,CACzC,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,cACd,CACF,EAKa9B,EAAN,cAAmCD,CAAa,CACrD,aAAc,CACZ,MAAM,8BAA8B,EACpC,KAAK,KAAO,sBACd,CACF,EAKaE,EAAN,cAAmCF,CAAa,CACrD,aAAc,CACZ,MAAM,4CAA4C,EAClD,KAAK,KAAO,sBACd,CACF,EAKayB,EAAN,cAAwBX,CAAS,CACtC,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,WACd,CACF,EAKaL,EAAN,cAAgCD,CAAU,CAC/C,aAAc,CACZ,MAAM,2BAA2B,EACjC,KAAK,KAAO,mBACd,CACF,EAKaV,EAAN,cAA0BD,CAAS,CACxC,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKad,EAAN,cAAkCF,CAAY,CACnD,YAAYqB,EAAmB,CAC7B,MAAM,2BAA2BA,CAAS,YAAY,EACtD,KAAK,KAAO,qBACd,CACF,EAKapB,EAAN,cAAkCD,CAAY,CACnD,YAAYsB,EAAmB,CAC7B,MAAM,0BAA0BA,CAAS,UAAU,EACnD,KAAK,KAAO,qBACd,CACF,EAKa9B,EAAN,cAA0BO,CAAS,CACxC,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKarC,EAAN,cAA6BoB,CAAS,CAC3C,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,gBACd,CACF,EAKaJ,EAAN,cAAyBb,CAAS,CACvC,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,YACd,CACF,EAKaF,EAAN,cAA+BF,CAAW,CAC/C,YAAYW,EAAkBC,EAAgB,CAC5C,MAAM,iBAAiBD,CAAQ,gBAAgBC,CAAM,EAAE,EACvD,KAAK,KAAO,kBACd,CACF,EAKaX,EAAN,cAA+BD,CAAW,CAC/C,aAAc,CACZ,MAAM,gCAAgC,EACtC,KAAK,KAAO,kBACd,CACF,EAKatB,EAAN,cAA0BS,CAAS,CACxC,YAAYiB,EAAiBC,EAA2B,CACtD,MAAMD,EAASC,CAAO,EACtB,KAAK,KAAO,aACd,CACF,EAmBarB,EAAN,cAAwBN,CAAY,CACzC,YAAY0B,EAAiBC,EAA2B,CACtD,MAAM,4BAA4BD,CAAO,GAAIC,CAAO,EACpD,KAAK,KAAO,WACd,CACF,EAOab,EAAN,cAA+Bd,CAAY,CAChD,YAAY0B,EAAiBC,EAA2B,CACtD,MAAM,kCAAkCD,CAAO,GAAIC,CAAO,EAC1D,KAAK,KAAO,kBACd,CACF,EAKanC,EAAN,cAA0BiB,CAAS,CACxC,YAAYiB,EAAiBC,EAA2B,CACtD,MAAMD,EAASC,CAAO,EACtB,KAAK,KAAO,aACd,CACF,EAmBapC,EAAN,cAAgCC,CAAY,CACjD,YAAYkC,EAAiBC,EAA2B,CACtD,MAAM,2BAA2BD,CAAO,GAAIC,CAAO,EACnD,KAAK,KAAO,mBACd,CACF,EAmBarC,EAAN,cAAgCE,CAAY,CACjD,YAAYkC,EAAiBC,EAA2B,CACtD,MAAM,2BAA2BD,CAAO,GAAIC,CAAO,EACnD,KAAK,KAAO,mBACd,CACF,EAKa7B,EAAN,cAAoCW,CAAS,CAClD,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,uBACd,CACF,EAKa3B,EAAN,cAA4CD,CAAsB,CACvE,YAAYqC,EAAsBC,EAAoB,CACpD,MACE,0CAA0CD,CAAY,SAASC,CAAU,kDAE3E,EACA,KAAK,KAAO,+BACd,CACF,EAKajC,EAAN,cAAkCM,CAAS,CAChD,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,qBACd,CACF,EAKatB,EAAN,cAA0CD,CAAoB,CACnE,aAAc,CACZ,MAAM,gDAAgD,EACtD,KAAK,KAAO,6BACd,CACF,EAKaE,EAAN,cAA0CF,CAAoB,CACnE,YAAYgC,EAAsBE,EAAqB,CACrD,MACE,mCAAmCF,CAAY,iBAAiBE,CAAW,kDAE7E,EACA,KAAK,KAAO,6BACd,CACF,EAKaxB,EAAN,cAA0BJ,CAAS,CACxC,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKazB,EAAN,cAAuCY,CAAY,CACxD,aAAc,CACZ,MACE,iIAGF,EACA,KAAK,KAAO,0BACd,CACF,EAKapB,EAAN,cAAuCoB,CAAY,CACxD,aAAc,CACZ,MAAM,mFAAmF,EACzF,KAAK,KAAO,0BACd,CACF,EAKanB,EAAN,cAAiCe,CAAS,CAC/C,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,oBACd,CACF,EAKaV,EAAN,cAAiCtB,CAAmB,CACzD,aAAc,CACZ,MACE,yGAEF,EACA,KAAK,KAAO,oBACd,CACF,EAKac,EAAN,cAAgCd,CAAmB,CACxD,aAAc,CACZ,MAAM,8EAA8E,EACpF,KAAK,KAAO,mBACd,CACF,EAKaa,EAAN,cAAiCb,CAAmB,CACzD,aAAc,CACZ,MAAM,qEAAqE,EAC3E,KAAK,KAAO,oBACd,CACF,EAKayB,EAAN,cAA8BzB,CAAmB,CACtD,aAAc,CACZ,MACE,2HAEF,EACA,KAAK,KAAO,iBACd,CACF","names":["errors_exports","__export","AlgorithmError","Base32DecodeError","Base32EncodeError","Base32Error","Base32PluginMissingError","ConfigurationError","CounterError","CounterNegativeError","CounterOverflowError","CounterToleranceError","CounterToleranceTooLargeError","CryptoError","CryptoPluginMissingError","DigitsError","EpochToleranceError","EpochToleranceNegativeError","EpochToleranceTooLargeError","HMACError","IssuerMissingError","LabelMissingError","OTPError","PeriodError","PeriodTooLargeError","PeriodTooSmallError","PluginError","RandomBytesError","SecretError","SecretMissingError","SecretTooLongError","SecretTooShortError","SecretTypeError","TimeError","TimeNegativeError","TokenError","TokenFormatError","TokenLengthError","__toCommonJS","message","options","minBytes","actualBytes","maxBytes","minPeriod","maxPeriod","expected","actual","maxTolerance","actualSize","actualValue"]}
1
+ {"version":3,"sources":["../src/errors.ts"],"sourcesContent":["/**\n * Options for OTPError construction\n */\nexport type OTPErrorOptions = {\n /**\n * The underlying error that caused this error.\n * Useful for error chaining and debugging.\n */\n cause?: unknown;\n};\n\n/**\n * Base error class for all otplib errors\n *\n * Supports ES2022 error chaining via the `cause` property.\n *\n * @example\n * ```typescript\n * try {\n * // ... operation that throws\n * } catch (error) {\n * throw new OTPError('Operation failed', { cause: error });\n * }\n * ```\n */\nexport class OTPError extends Error {\n constructor(message: string, options?: OTPErrorOptions) {\n super(message, options);\n this.name = \"OTPError\";\n }\n}\n\n/**\n * Error thrown when secret validation fails\n */\nexport class SecretError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"SecretError\";\n }\n}\n\n/**\n * Error thrown when secret is too short (< 128 bits)\n */\nexport class SecretTooShortError extends SecretError {\n constructor(minBytes: number, actualBytes: number) {\n super(\n `Secret must be at least ${minBytes} bytes (${minBytes * 8} bits), got ${actualBytes} bytes`,\n );\n this.name = \"SecretTooShortError\";\n }\n}\n\n/**\n * Error thrown when secret is unreasonably large (> 64 bytes)\n */\nexport class SecretTooLongError extends SecretError {\n constructor(maxBytes: number, actualBytes: number) {\n super(`Secret must not exceed ${maxBytes} bytes, got ${actualBytes} bytes`);\n this.name = \"SecretTooLongError\";\n }\n}\n\n/**\n * Error thrown when counter is invalid\n */\nexport class CounterError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"CounterError\";\n }\n}\n\n/**\n * Error thrown when counter is negative\n */\nexport class CounterNegativeError extends CounterError {\n constructor() {\n super(\"Counter must be non-negative\");\n this.name = \"CounterNegativeError\";\n }\n}\n\n/**\n * Error thrown when counter exceeds maximum value (2^53 - 1 for safe integer)\n */\nexport class CounterOverflowError extends CounterError {\n constructor() {\n super(\"Counter exceeds maximum safe integer value\");\n this.name = \"CounterOverflowError\";\n }\n}\n\n/**\n * Error thrown when time is invalid\n */\nexport class TimeError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"TimeError\";\n }\n}\n\n/**\n * Error thrown when time is negative\n */\nexport class TimeNegativeError extends TimeError {\n constructor() {\n super(\"Time must be non-negative\");\n this.name = \"TimeNegativeError\";\n }\n}\n\n/**\n * Error thrown when period is invalid\n */\nexport class PeriodError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"PeriodError\";\n }\n}\n\n/**\n * Error thrown when period is too small\n */\nexport class PeriodTooSmallError extends PeriodError {\n constructor(minPeriod: number) {\n super(`Period must be at least ${minPeriod} second(s)`);\n this.name = \"PeriodTooSmallError\";\n }\n}\n\n/**\n * Error thrown when period is too large\n */\nexport class PeriodTooLargeError extends PeriodError {\n constructor(maxPeriod: number) {\n super(`Period must not exceed ${maxPeriod} seconds`);\n this.name = \"PeriodTooLargeError\";\n }\n}\n\n/**\n * Error thrown when digits value is invalid\n */\nexport class DigitsError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"DigitsError\";\n }\n}\n\n/**\n * Error thrown when hash algorithm is invalid\n */\nexport class AlgorithmError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"AlgorithmError\";\n }\n}\n\n/**\n * Error thrown when token is invalid\n */\nexport class TokenError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"TokenError\";\n }\n}\n\n/**\n * Error thrown when token has incorrect length\n */\nexport class TokenLengthError extends TokenError {\n constructor(expected: number, actual: number) {\n super(`Token must be ${expected} digits, got ${actual}`);\n this.name = \"TokenLengthError\";\n }\n}\n\n/**\n * Error thrown when token contains non-digit characters\n */\nexport class TokenFormatError extends TokenError {\n constructor() {\n super(\"Token must contain only digits\");\n this.name = \"TokenFormatError\";\n }\n}\n\n/**\n * Error thrown when crypto operation fails\n */\nexport class CryptoError extends OTPError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(message, options);\n this.name = \"CryptoError\";\n }\n}\n\n/**\n * Error thrown when HMAC computation fails\n *\n * The original error from the crypto plugin is available via `cause`.\n *\n * @example\n * ```typescript\n * try {\n * await cryptoContext.hmac('sha1', key, data);\n * } catch (error) {\n * if (error instanceof HMACError) {\n * console.log('HMAC failed:', error.message);\n * console.log('Original error:', error.cause);\n * }\n * }\n * ```\n */\nexport class HMACError extends CryptoError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`HMAC computation failed: ${message}`, options);\n this.name = \"HMACError\";\n }\n}\n\n/**\n * Error thrown when random byte generation fails\n *\n * The original error from the crypto plugin is available via `cause`.\n */\nexport class RandomBytesError extends CryptoError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`Random byte generation failed: ${message}`, options);\n this.name = \"RandomBytesError\";\n }\n}\n\n/**\n * Error thrown when Base32 operation fails\n */\nexport class Base32Error extends OTPError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(message, options);\n this.name = \"Base32Error\";\n }\n}\n\n/**\n * Error thrown when Base32 encoding fails\n *\n * The original error from the Base32 plugin is available via `cause`.\n *\n * @example\n * ```typescript\n * try {\n * base32Context.encode(data);\n * } catch (error) {\n * if (error instanceof Base32EncodeError) {\n * console.log('Encoding failed:', error.message);\n * console.log('Original error:', error.cause);\n * }\n * }\n * ```\n */\nexport class Base32EncodeError extends Base32Error {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`Base32 encoding failed: ${message}`, options);\n this.name = \"Base32EncodeError\";\n }\n}\n\n/**\n * Error thrown when Base32 decoding fails\n *\n * The original error from the Base32 plugin is available via `cause`.\n *\n * @example\n * ```typescript\n * try {\n * base32Context.decode(invalidString);\n * } catch (error) {\n * if (error instanceof Base32DecodeError) {\n * console.log('Decoding failed:', error.message);\n * console.log('Original error:', error.cause);\n * }\n * }\n * ```\n */\nexport class Base32DecodeError extends Base32Error {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`Base32 decoding failed: ${message}`, options);\n this.name = \"Base32DecodeError\";\n }\n}\n\n/**\n * Error thrown when counter tolerance is invalid\n */\nexport class CounterToleranceError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"CounterToleranceError\";\n }\n}\n\n/**\n * Error thrown when counter tolerance is too large\n */\nexport class CounterToleranceTooLargeError extends CounterToleranceError {\n constructor(maxTolerance: number, actualSize: number) {\n super(\n `Counter tolerance size must not exceed ${maxTolerance}, got ${actualSize}. ` +\n `Large tolerances can cause performance issues.`,\n );\n this.name = \"CounterToleranceTooLargeError\";\n }\n}\n\n/**\n * Error thrown when epoch tolerance is invalid\n */\nexport class EpochToleranceError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"EpochToleranceError\";\n }\n}\n\n/**\n * Error thrown when epoch tolerance contains negative values\n */\nexport class EpochToleranceNegativeError extends EpochToleranceError {\n constructor() {\n super(\"Epoch tolerance cannot contain negative values\");\n this.name = \"EpochToleranceNegativeError\";\n }\n}\n\n/**\n * Error thrown when epoch tolerance is too large\n */\nexport class EpochToleranceTooLargeError extends EpochToleranceError {\n constructor(maxTolerance: number, actualValue: number) {\n super(\n `Epoch tolerance must not exceed ${maxTolerance} seconds, got ${actualValue}. ` +\n `Large tolerances can cause performance issues.`,\n );\n this.name = \"EpochToleranceTooLargeError\";\n }\n}\n\n/**\n * Error thrown when a required plugin is missing\n */\nexport class PluginError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"PluginError\";\n }\n}\n\n/**\n * Error thrown when crypto plugin is not configured\n */\nexport class CryptoPluginMissingError extends PluginError {\n constructor() {\n super(\"Crypto plugin is required.\");\n this.name = \"CryptoPluginMissingError\";\n }\n}\n\n/**\n * Error thrown when Base32 plugin is not configured\n */\nexport class Base32PluginMissingError extends PluginError {\n constructor() {\n super(\"Base32 plugin is required.\");\n this.name = \"Base32PluginMissingError\";\n }\n}\n\n/**\n * Error thrown when required configuration is missing\n */\nexport class ConfigurationError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"ConfigurationError\";\n }\n}\n\n/**\n * Error thrown when secret is not configured\n */\nexport class SecretMissingError extends ConfigurationError {\n constructor() {\n super(\n \"Secret is required. \" +\n \"Use generateSecret() to create one, or provide via { secret: 'YOUR_BASE32_SECRET' }\",\n );\n this.name = \"SecretMissingError\";\n }\n}\n\n/**\n * Error thrown when label is not configured (required for URI generation)\n */\nexport class LabelMissingError extends ConfigurationError {\n constructor() {\n super(\"Label is required for URI generation. Example: { label: 'user@example.com' }\");\n this.name = \"LabelMissingError\";\n }\n}\n\n/**\n * Error thrown when issuer is not configured (required for URI generation)\n */\nexport class IssuerMissingError extends ConfigurationError {\n constructor() {\n super(\"Issuer is required for URI generation. Example: { issuer: 'MyApp' }\");\n this.name = \"IssuerMissingError\";\n }\n}\n\n/**\n * Error thrown when secret must be a Base32 string but is provided as bytes\n */\nexport class SecretTypeError extends ConfigurationError {\n constructor() {\n super(\n \"Class API requires secret to be a Base32 string, not Uint8Array. \" +\n \"Use generateSecret() or provide a Base32-encoded string.\",\n );\n this.name = \"SecretTypeError\";\n }\n}\n"],"mappings":"yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,oBAAAE,EAAA,sBAAAC,EAAA,sBAAAC,EAAA,gBAAAC,EAAA,6BAAAC,EAAA,uBAAAC,EAAA,iBAAAC,EAAA,yBAAAC,EAAA,yBAAAC,EAAA,0BAAAC,EAAA,kCAAAC,EAAA,gBAAAC,EAAA,6BAAAC,EAAA,gBAAAC,EAAA,wBAAAC,EAAA,gCAAAC,EAAA,gCAAAC,EAAA,cAAAC,EAAA,uBAAAC,EAAA,sBAAAC,EAAA,aAAAC,EAAA,gBAAAC,EAAA,wBAAAC,EAAA,wBAAAC,EAAA,gBAAAC,EAAA,qBAAAC,EAAA,gBAAAC,EAAA,uBAAAC,EAAA,uBAAAC,EAAA,wBAAAC,EAAA,oBAAAC,EAAA,cAAAC,EAAA,sBAAAC,EAAA,eAAAC,EAAA,qBAAAC,EAAA,qBAAAC,IAAA,eAAAC,EAAAtC,GAyBO,IAAMsB,EAAN,cAAuB,KAAM,CAClC,YAAYiB,EAAiBC,EAA2B,CACtD,MAAMD,EAASC,CAAO,EACtB,KAAK,KAAO,UACd,CACF,EAKaZ,EAAN,cAA0BN,CAAS,CACxC,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKaR,EAAN,cAAkCH,CAAY,CACnD,YAAYa,EAAkBC,EAAqB,CACjD,MACE,2BAA2BD,CAAQ,WAAWA,EAAW,CAAC,eAAeC,CAAW,QACtF,EACA,KAAK,KAAO,qBACd,CACF,EAKaZ,EAAN,cAAiCF,CAAY,CAClD,YAAYe,EAAkBD,EAAqB,CACjD,MAAM,0BAA0BC,CAAQ,eAAeD,CAAW,QAAQ,EAC1E,KAAK,KAAO,oBACd,CACF,EAKalC,EAAN,cAA2Bc,CAAS,CACzC,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,cACd,CACF,EAKa9B,EAAN,cAAmCD,CAAa,CACrD,aAAc,CACZ,MAAM,8BAA8B,EACpC,KAAK,KAAO,sBACd,CACF,EAKaE,EAAN,cAAmCF,CAAa,CACrD,aAAc,CACZ,MAAM,4CAA4C,EAClD,KAAK,KAAO,sBACd,CACF,EAKayB,EAAN,cAAwBX,CAAS,CACtC,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,WACd,CACF,EAKaL,EAAN,cAAgCD,CAAU,CAC/C,aAAc,CACZ,MAAM,2BAA2B,EACjC,KAAK,KAAO,mBACd,CACF,EAKaV,EAAN,cAA0BD,CAAS,CACxC,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKad,EAAN,cAAkCF,CAAY,CACnD,YAAYqB,EAAmB,CAC7B,MAAM,2BAA2BA,CAAS,YAAY,EACtD,KAAK,KAAO,qBACd,CACF,EAKapB,EAAN,cAAkCD,CAAY,CACnD,YAAYsB,EAAmB,CAC7B,MAAM,0BAA0BA,CAAS,UAAU,EACnD,KAAK,KAAO,qBACd,CACF,EAKa9B,EAAN,cAA0BO,CAAS,CACxC,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKarC,EAAN,cAA6BoB,CAAS,CAC3C,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,gBACd,CACF,EAKaJ,EAAN,cAAyBb,CAAS,CACvC,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,YACd,CACF,EAKaF,EAAN,cAA+BF,CAAW,CAC/C,YAAYW,EAAkBC,EAAgB,CAC5C,MAAM,iBAAiBD,CAAQ,gBAAgBC,CAAM,EAAE,EACvD,KAAK,KAAO,kBACd,CACF,EAKaX,EAAN,cAA+BD,CAAW,CAC/C,aAAc,CACZ,MAAM,gCAAgC,EACtC,KAAK,KAAO,kBACd,CACF,EAKatB,EAAN,cAA0BS,CAAS,CACxC,YAAYiB,EAAiBC,EAA2B,CACtD,MAAMD,EAASC,CAAO,EACtB,KAAK,KAAO,aACd,CACF,EAmBarB,EAAN,cAAwBN,CAAY,CACzC,YAAY0B,EAAiBC,EAA2B,CACtD,MAAM,4BAA4BD,CAAO,GAAIC,CAAO,EACpD,KAAK,KAAO,WACd,CACF,EAOab,EAAN,cAA+Bd,CAAY,CAChD,YAAY0B,EAAiBC,EAA2B,CACtD,MAAM,kCAAkCD,CAAO,GAAIC,CAAO,EAC1D,KAAK,KAAO,kBACd,CACF,EAKanC,EAAN,cAA0BiB,CAAS,CACxC,YAAYiB,EAAiBC,EAA2B,CACtD,MAAMD,EAASC,CAAO,EACtB,KAAK,KAAO,aACd,CACF,EAmBapC,EAAN,cAAgCC,CAAY,CACjD,YAAYkC,EAAiBC,EAA2B,CACtD,MAAM,2BAA2BD,CAAO,GAAIC,CAAO,EACnD,KAAK,KAAO,mBACd,CACF,EAmBarC,EAAN,cAAgCE,CAAY,CACjD,YAAYkC,EAAiBC,EAA2B,CACtD,MAAM,2BAA2BD,CAAO,GAAIC,CAAO,EACnD,KAAK,KAAO,mBACd,CACF,EAKa7B,EAAN,cAAoCW,CAAS,CAClD,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,uBACd,CACF,EAKa3B,EAAN,cAA4CD,CAAsB,CACvE,YAAYqC,EAAsBC,EAAoB,CACpD,MACE,0CAA0CD,CAAY,SAASC,CAAU,kDAE3E,EACA,KAAK,KAAO,+BACd,CACF,EAKajC,EAAN,cAAkCM,CAAS,CAChD,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,qBACd,CACF,EAKatB,EAAN,cAA0CD,CAAoB,CACnE,aAAc,CACZ,MAAM,gDAAgD,EACtD,KAAK,KAAO,6BACd,CACF,EAKaE,EAAN,cAA0CF,CAAoB,CACnE,YAAYgC,EAAsBE,EAAqB,CACrD,MACE,mCAAmCF,CAAY,iBAAiBE,CAAW,kDAE7E,EACA,KAAK,KAAO,6BACd,CACF,EAKaxB,EAAN,cAA0BJ,CAAS,CACxC,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKazB,EAAN,cAAuCY,CAAY,CACxD,aAAc,CACZ,MAAM,4BAA4B,EAClC,KAAK,KAAO,0BACd,CACF,EAKapB,EAAN,cAAuCoB,CAAY,CACxD,aAAc,CACZ,MAAM,4BAA4B,EAClC,KAAK,KAAO,0BACd,CACF,EAKanB,EAAN,cAAiCe,CAAS,CAC/C,YAAYiB,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,oBACd,CACF,EAKaV,EAAN,cAAiCtB,CAAmB,CACzD,aAAc,CACZ,MACE,yGAEF,EACA,KAAK,KAAO,oBACd,CACF,EAKac,EAAN,cAAgCd,CAAmB,CACxD,aAAc,CACZ,MAAM,8EAA8E,EACpF,KAAK,KAAO,mBACd,CACF,EAKaa,EAAN,cAAiCb,CAAmB,CACzD,aAAc,CACZ,MAAM,qEAAqE,EAC3E,KAAK,KAAO,oBACd,CACF,EAKayB,EAAN,cAA8BzB,CAAmB,CACtD,aAAc,CACZ,MACE,2HAEF,EACA,KAAK,KAAO,iBACd,CACF","names":["errors_exports","__export","AlgorithmError","Base32DecodeError","Base32EncodeError","Base32Error","Base32PluginMissingError","ConfigurationError","CounterError","CounterNegativeError","CounterOverflowError","CounterToleranceError","CounterToleranceTooLargeError","CryptoError","CryptoPluginMissingError","DigitsError","EpochToleranceError","EpochToleranceNegativeError","EpochToleranceTooLargeError","HMACError","IssuerMissingError","LabelMissingError","OTPError","PeriodError","PeriodTooLargeError","PeriodTooSmallError","PluginError","RandomBytesError","SecretError","SecretMissingError","SecretTooLongError","SecretTooShortError","SecretTypeError","TimeError","TimeNegativeError","TokenError","TokenFormatError","TokenLengthError","__toCommonJS","message","options","minBytes","actualBytes","maxBytes","minPeriod","maxPeriod","expected","actual","maxTolerance","actualSize","actualValue"]}
package/dist/errors.js CHANGED
@@ -1,2 +1,2 @@
1
- var r=class extends Error{constructor(e,t){super(e,t),this.name="OTPError"}},o=class extends r{constructor(e){super(e),this.name="SecretError"}},g=class extends o{constructor(e,t){super(`Secret must be at least ${e} bytes (${e*8} bits), got ${t} bytes`),this.name="SecretTooShortError"}},h=class extends o{constructor(e,t){super(`Secret must not exceed ${e} bytes, got ${t} bytes`),this.name="SecretTooLongError"}},c=class extends r{constructor(e){super(e),this.name="CounterError"}},b=class extends c{constructor(){super("Counter must be non-negative"),this.name="CounterNegativeError"}},O=class extends c{constructor(){super("Counter exceeds maximum safe integer value"),this.name="CounterOverflowError"}},d=class extends r{constructor(e){super(e),this.name="TimeError"}},E=class extends d{constructor(){super("Time must be non-negative"),this.name="TimeNegativeError"}},a=class extends r{constructor(e){super(e),this.name="PeriodError"}},T=class extends a{constructor(e){super(`Period must be at least ${e} second(s)`),this.name="PeriodTooSmallError"}},P=class extends a{constructor(e){super(`Period must not exceed ${e} seconds`),this.name="PeriodTooLargeError"}},$=class extends r{constructor(e){super(e),this.name="DigitsError"}},y=class extends r{constructor(e){super(e),this.name="AlgorithmError"}},u=class extends r{constructor(e){super(e),this.name="TokenError"}},f=class extends u{constructor(e,t){super(`Token must be ${e} digits, got ${t}`),this.name="TokenLengthError"}},C=class extends u{constructor(){super("Token must contain only digits"),this.name="TokenFormatError"}},i=class extends r{constructor(e,t){super(e,t),this.name="CryptoError"}},v=class extends i{constructor(e,t){super(`HMAC computation failed: ${e}`,t),this.name="HMACError"}},S=class extends i{constructor(e,t){super(`Random byte generation failed: ${e}`,t),this.name="RandomBytesError"}},p=class extends r{constructor(e,t){super(e,t),this.name="Base32Error"}},w=class extends p{constructor(e,t){super(`Base32 encoding failed: ${e}`,t),this.name="Base32EncodeError"}},q=class extends p{constructor(e,t){super(`Base32 decoding failed: ${e}`,t),this.name="Base32DecodeError"}},l=class extends r{constructor(e){super(e),this.name="CounterToleranceError"}},B=class extends l{constructor(e,t){super(`Counter tolerance size must not exceed ${e}, got ${t}. Large tolerances can cause performance issues.`),this.name="CounterToleranceTooLargeError"}},x=class extends r{constructor(e){super(e),this.name="EpochToleranceError"}},U=class extends x{constructor(){super("Epoch tolerance cannot contain negative values"),this.name="EpochToleranceNegativeError"}},A=class extends x{constructor(e,t){super(`Epoch tolerance must not exceed ${e} seconds, got ${t}. Large tolerances can cause performance issues.`),this.name="EpochToleranceTooLargeError"}},m=class extends r{constructor(e){super(e),this.name="PluginError"}},R=class extends m{constructor(){super("Crypto plugin is required. Example: new TOTP({ crypto: new NodeCryptoPlugin() }) or new TOTP({ crypto: new WebCryptoPlugin() })"),this.name="CryptoPluginMissingError"}},I=class extends m{constructor(){super("Base32 plugin is required. Example: new TOTP({ base32: new ScureBase32Plugin() })"),this.name="Base32PluginMissingError"}},n=class extends r{constructor(e){super(e),this.name="ConfigurationError"}},k=class extends n{constructor(){super("Secret is required. Use generateSecret() to create one, or provide via { secret: 'YOUR_BASE32_SECRET' }"),this.name="SecretMissingError"}},L=class extends n{constructor(){super("Label is required for URI generation. Example: { label: 'user@example.com' }"),this.name="LabelMissingError"}},M=class extends n{constructor(){super("Issuer is required for URI generation. Example: { issuer: 'MyApp' }"),this.name="IssuerMissingError"}},_=class extends n{constructor(){super("Class API requires secret to be a Base32 string, not Uint8Array. Use generateSecret() or provide a Base32-encoded string."),this.name="SecretTypeError"}};export{y as AlgorithmError,q as Base32DecodeError,w as Base32EncodeError,p as Base32Error,I as Base32PluginMissingError,n as ConfigurationError,c as CounterError,b as CounterNegativeError,O as CounterOverflowError,l as CounterToleranceError,B as CounterToleranceTooLargeError,i as CryptoError,R as CryptoPluginMissingError,$ as DigitsError,x as EpochToleranceError,U as EpochToleranceNegativeError,A as EpochToleranceTooLargeError,v as HMACError,M as IssuerMissingError,L as LabelMissingError,r as OTPError,a as PeriodError,P as PeriodTooLargeError,T as PeriodTooSmallError,m as PluginError,S as RandomBytesError,o as SecretError,k as SecretMissingError,h as SecretTooLongError,g as SecretTooShortError,_ as SecretTypeError,d as TimeError,E as TimeNegativeError,u as TokenError,C as TokenFormatError,f as TokenLengthError};
1
+ var r=class extends Error{constructor(e,t){super(e,t),this.name="OTPError"}},o=class extends r{constructor(e){super(e),this.name="SecretError"}},g=class extends o{constructor(e,t){super(`Secret must be at least ${e} bytes (${e*8} bits), got ${t} bytes`),this.name="SecretTooShortError"}},h=class extends o{constructor(e,t){super(`Secret must not exceed ${e} bytes, got ${t} bytes`),this.name="SecretTooLongError"}},c=class extends r{constructor(e){super(e),this.name="CounterError"}},b=class extends c{constructor(){super("Counter must be non-negative"),this.name="CounterNegativeError"}},O=class extends c{constructor(){super("Counter exceeds maximum safe integer value"),this.name="CounterOverflowError"}},d=class extends r{constructor(e){super(e),this.name="TimeError"}},$=class extends d{constructor(){super("Time must be non-negative"),this.name="TimeNegativeError"}},a=class extends r{constructor(e){super(e),this.name="PeriodError"}},E=class extends a{constructor(e){super(`Period must be at least ${e} second(s)`),this.name="PeriodTooSmallError"}},T=class extends a{constructor(e){super(`Period must not exceed ${e} seconds`),this.name="PeriodTooLargeError"}},P=class extends r{constructor(e){super(e),this.name="DigitsError"}},f=class extends r{constructor(e){super(e),this.name="AlgorithmError"}},u=class extends r{constructor(e){super(e),this.name="TokenError"}},y=class extends u{constructor(e,t){super(`Token must be ${e} digits, got ${t}`),this.name="TokenLengthError"}},v=class extends u{constructor(){super("Token must contain only digits"),this.name="TokenFormatError"}},i=class extends r{constructor(e,t){super(e,t),this.name="CryptoError"}},C=class extends i{constructor(e,t){super(`HMAC computation failed: ${e}`,t),this.name="HMACError"}},S=class extends i{constructor(e,t){super(`Random byte generation failed: ${e}`,t),this.name="RandomBytesError"}},p=class extends r{constructor(e,t){super(e,t),this.name="Base32Error"}},q=class extends p{constructor(e,t){super(`Base32 encoding failed: ${e}`,t),this.name="Base32EncodeError"}},U=class extends p{constructor(e,t){super(`Base32 decoding failed: ${e}`,t),this.name="Base32DecodeError"}},l=class extends r{constructor(e){super(e),this.name="CounterToleranceError"}},A=class extends l{constructor(e,t){super(`Counter tolerance size must not exceed ${e}, got ${t}. Large tolerances can cause performance issues.`),this.name="CounterToleranceTooLargeError"}},x=class extends r{constructor(e){super(e),this.name="EpochToleranceError"}},B=class extends x{constructor(){super("Epoch tolerance cannot contain negative values"),this.name="EpochToleranceNegativeError"}},R=class extends x{constructor(e,t){super(`Epoch tolerance must not exceed ${e} seconds, got ${t}. Large tolerances can cause performance issues.`),this.name="EpochToleranceTooLargeError"}},m=class extends r{constructor(e){super(e),this.name="PluginError"}},I=class extends m{constructor(){super("Crypto plugin is required."),this.name="CryptoPluginMissingError"}},k=class extends m{constructor(){super("Base32 plugin is required."),this.name="Base32PluginMissingError"}},n=class extends r{constructor(e){super(e),this.name="ConfigurationError"}},L=class extends n{constructor(){super("Secret is required. Use generateSecret() to create one, or provide via { secret: 'YOUR_BASE32_SECRET' }"),this.name="SecretMissingError"}},M=class extends n{constructor(){super("Label is required for URI generation. Example: { label: 'user@example.com' }"),this.name="LabelMissingError"}},_=class extends n{constructor(){super("Issuer is required for URI generation. Example: { issuer: 'MyApp' }"),this.name="IssuerMissingError"}},w=class extends n{constructor(){super("Class API requires secret to be a Base32 string, not Uint8Array. Use generateSecret() or provide a Base32-encoded string."),this.name="SecretTypeError"}};export{f as AlgorithmError,U as Base32DecodeError,q as Base32EncodeError,p as Base32Error,k as Base32PluginMissingError,n as ConfigurationError,c as CounterError,b as CounterNegativeError,O as CounterOverflowError,l as CounterToleranceError,A as CounterToleranceTooLargeError,i as CryptoError,I as CryptoPluginMissingError,P as DigitsError,x as EpochToleranceError,B as EpochToleranceNegativeError,R as EpochToleranceTooLargeError,C as HMACError,_ as IssuerMissingError,M as LabelMissingError,r as OTPError,a as PeriodError,T as PeriodTooLargeError,E as PeriodTooSmallError,m as PluginError,S as RandomBytesError,o as SecretError,L as SecretMissingError,h as SecretTooLongError,g as SecretTooShortError,w as SecretTypeError,d as TimeError,$ as TimeNegativeError,u as TokenError,v as TokenFormatError,y as TokenLengthError};
2
2
  //# sourceMappingURL=errors.js.map
package/dist/errors.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/errors.ts"],"sourcesContent":["/**\n * Options for OTPError construction\n */\nexport type OTPErrorOptions = {\n /**\n * The underlying error that caused this error.\n * Useful for error chaining and debugging.\n */\n cause?: unknown;\n};\n\n/**\n * Base error class for all otplib errors\n *\n * Supports ES2022 error chaining via the `cause` property.\n *\n * @example\n * ```typescript\n * try {\n * // ... operation that throws\n * } catch (error) {\n * throw new OTPError('Operation failed', { cause: error });\n * }\n * ```\n */\nexport class OTPError extends Error {\n constructor(message: string, options?: OTPErrorOptions) {\n super(message, options);\n this.name = \"OTPError\";\n }\n}\n\n/**\n * Error thrown when secret validation fails\n */\nexport class SecretError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"SecretError\";\n }\n}\n\n/**\n * Error thrown when secret is too short (< 128 bits)\n */\nexport class SecretTooShortError extends SecretError {\n constructor(minBytes: number, actualBytes: number) {\n super(\n `Secret must be at least ${minBytes} bytes (${minBytes * 8} bits), got ${actualBytes} bytes`,\n );\n this.name = \"SecretTooShortError\";\n }\n}\n\n/**\n * Error thrown when secret is unreasonably large (> 64 bytes)\n */\nexport class SecretTooLongError extends SecretError {\n constructor(maxBytes: number, actualBytes: number) {\n super(`Secret must not exceed ${maxBytes} bytes, got ${actualBytes} bytes`);\n this.name = \"SecretTooLongError\";\n }\n}\n\n/**\n * Error thrown when counter is invalid\n */\nexport class CounterError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"CounterError\";\n }\n}\n\n/**\n * Error thrown when counter is negative\n */\nexport class CounterNegativeError extends CounterError {\n constructor() {\n super(\"Counter must be non-negative\");\n this.name = \"CounterNegativeError\";\n }\n}\n\n/**\n * Error thrown when counter exceeds maximum value (2^53 - 1 for safe integer)\n */\nexport class CounterOverflowError extends CounterError {\n constructor() {\n super(\"Counter exceeds maximum safe integer value\");\n this.name = \"CounterOverflowError\";\n }\n}\n\n/**\n * Error thrown when time is invalid\n */\nexport class TimeError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"TimeError\";\n }\n}\n\n/**\n * Error thrown when time is negative\n */\nexport class TimeNegativeError extends TimeError {\n constructor() {\n super(\"Time must be non-negative\");\n this.name = \"TimeNegativeError\";\n }\n}\n\n/**\n * Error thrown when period is invalid\n */\nexport class PeriodError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"PeriodError\";\n }\n}\n\n/**\n * Error thrown when period is too small\n */\nexport class PeriodTooSmallError extends PeriodError {\n constructor(minPeriod: number) {\n super(`Period must be at least ${minPeriod} second(s)`);\n this.name = \"PeriodTooSmallError\";\n }\n}\n\n/**\n * Error thrown when period is too large\n */\nexport class PeriodTooLargeError extends PeriodError {\n constructor(maxPeriod: number) {\n super(`Period must not exceed ${maxPeriod} seconds`);\n this.name = \"PeriodTooLargeError\";\n }\n}\n\n/**\n * Error thrown when digits value is invalid\n */\nexport class DigitsError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"DigitsError\";\n }\n}\n\n/**\n * Error thrown when hash algorithm is invalid\n */\nexport class AlgorithmError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"AlgorithmError\";\n }\n}\n\n/**\n * Error thrown when token is invalid\n */\nexport class TokenError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"TokenError\";\n }\n}\n\n/**\n * Error thrown when token has incorrect length\n */\nexport class TokenLengthError extends TokenError {\n constructor(expected: number, actual: number) {\n super(`Token must be ${expected} digits, got ${actual}`);\n this.name = \"TokenLengthError\";\n }\n}\n\n/**\n * Error thrown when token contains non-digit characters\n */\nexport class TokenFormatError extends TokenError {\n constructor() {\n super(\"Token must contain only digits\");\n this.name = \"TokenFormatError\";\n }\n}\n\n/**\n * Error thrown when crypto operation fails\n */\nexport class CryptoError extends OTPError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(message, options);\n this.name = \"CryptoError\";\n }\n}\n\n/**\n * Error thrown when HMAC computation fails\n *\n * The original error from the crypto plugin is available via `cause`.\n *\n * @example\n * ```typescript\n * try {\n * await cryptoContext.hmac('sha1', key, data);\n * } catch (error) {\n * if (error instanceof HMACError) {\n * console.log('HMAC failed:', error.message);\n * console.log('Original error:', error.cause);\n * }\n * }\n * ```\n */\nexport class HMACError extends CryptoError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`HMAC computation failed: ${message}`, options);\n this.name = \"HMACError\";\n }\n}\n\n/**\n * Error thrown when random byte generation fails\n *\n * The original error from the crypto plugin is available via `cause`.\n */\nexport class RandomBytesError extends CryptoError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`Random byte generation failed: ${message}`, options);\n this.name = \"RandomBytesError\";\n }\n}\n\n/**\n * Error thrown when Base32 operation fails\n */\nexport class Base32Error extends OTPError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(message, options);\n this.name = \"Base32Error\";\n }\n}\n\n/**\n * Error thrown when Base32 encoding fails\n *\n * The original error from the Base32 plugin is available via `cause`.\n *\n * @example\n * ```typescript\n * try {\n * base32Context.encode(data);\n * } catch (error) {\n * if (error instanceof Base32EncodeError) {\n * console.log('Encoding failed:', error.message);\n * console.log('Original error:', error.cause);\n * }\n * }\n * ```\n */\nexport class Base32EncodeError extends Base32Error {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`Base32 encoding failed: ${message}`, options);\n this.name = \"Base32EncodeError\";\n }\n}\n\n/**\n * Error thrown when Base32 decoding fails\n *\n * The original error from the Base32 plugin is available via `cause`.\n *\n * @example\n * ```typescript\n * try {\n * base32Context.decode(invalidString);\n * } catch (error) {\n * if (error instanceof Base32DecodeError) {\n * console.log('Decoding failed:', error.message);\n * console.log('Original error:', error.cause);\n * }\n * }\n * ```\n */\nexport class Base32DecodeError extends Base32Error {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`Base32 decoding failed: ${message}`, options);\n this.name = \"Base32DecodeError\";\n }\n}\n\n/**\n * Error thrown when counter tolerance is invalid\n */\nexport class CounterToleranceError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"CounterToleranceError\";\n }\n}\n\n/**\n * Error thrown when counter tolerance is too large\n */\nexport class CounterToleranceTooLargeError extends CounterToleranceError {\n constructor(maxTolerance: number, actualSize: number) {\n super(\n `Counter tolerance size must not exceed ${maxTolerance}, got ${actualSize}. ` +\n `Large tolerances can cause performance issues.`,\n );\n this.name = \"CounterToleranceTooLargeError\";\n }\n}\n\n/**\n * Error thrown when epoch tolerance is invalid\n */\nexport class EpochToleranceError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"EpochToleranceError\";\n }\n}\n\n/**\n * Error thrown when epoch tolerance contains negative values\n */\nexport class EpochToleranceNegativeError extends EpochToleranceError {\n constructor() {\n super(\"Epoch tolerance cannot contain negative values\");\n this.name = \"EpochToleranceNegativeError\";\n }\n}\n\n/**\n * Error thrown when epoch tolerance is too large\n */\nexport class EpochToleranceTooLargeError extends EpochToleranceError {\n constructor(maxTolerance: number, actualValue: number) {\n super(\n `Epoch tolerance must not exceed ${maxTolerance} seconds, got ${actualValue}. ` +\n `Large tolerances can cause performance issues.`,\n );\n this.name = \"EpochToleranceTooLargeError\";\n }\n}\n\n/**\n * Error thrown when a required plugin is missing\n */\nexport class PluginError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"PluginError\";\n }\n}\n\n/**\n * Error thrown when crypto plugin is not configured\n */\nexport class CryptoPluginMissingError extends PluginError {\n constructor() {\n super(\n \"Crypto plugin is required. \" +\n \"Example: new TOTP({ crypto: new NodeCryptoPlugin() }) or \" +\n \"new TOTP({ crypto: new WebCryptoPlugin() })\",\n );\n this.name = \"CryptoPluginMissingError\";\n }\n}\n\n/**\n * Error thrown when Base32 plugin is not configured\n */\nexport class Base32PluginMissingError extends PluginError {\n constructor() {\n super(\"Base32 plugin is required. Example: new TOTP({ base32: new ScureBase32Plugin() })\");\n this.name = \"Base32PluginMissingError\";\n }\n}\n\n/**\n * Error thrown when required configuration is missing\n */\nexport class ConfigurationError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"ConfigurationError\";\n }\n}\n\n/**\n * Error thrown when secret is not configured\n */\nexport class SecretMissingError extends ConfigurationError {\n constructor() {\n super(\n \"Secret is required. \" +\n \"Use generateSecret() to create one, or provide via { secret: 'YOUR_BASE32_SECRET' }\",\n );\n this.name = \"SecretMissingError\";\n }\n}\n\n/**\n * Error thrown when label is not configured (required for URI generation)\n */\nexport class LabelMissingError extends ConfigurationError {\n constructor() {\n super(\"Label is required for URI generation. Example: { label: 'user@example.com' }\");\n this.name = \"LabelMissingError\";\n }\n}\n\n/**\n * Error thrown when issuer is not configured (required for URI generation)\n */\nexport class IssuerMissingError extends ConfigurationError {\n constructor() {\n super(\"Issuer is required for URI generation. Example: { issuer: 'MyApp' }\");\n this.name = \"IssuerMissingError\";\n }\n}\n\n/**\n * Error thrown when secret must be a Base32 string but is provided as bytes\n */\nexport class SecretTypeError extends ConfigurationError {\n constructor() {\n super(\n \"Class API requires secret to be a Base32 string, not Uint8Array. \" +\n \"Use generateSecret() or provide a Base32-encoded string.\",\n );\n this.name = \"SecretTypeError\";\n }\n}\n"],"mappings":"AAyBO,IAAMA,EAAN,cAAuB,KAAM,CAClC,YAAYC,EAAiBC,EAA2B,CACtD,MAAMD,EAASC,CAAO,EACtB,KAAK,KAAO,UACd,CACF,EAKaC,EAAN,cAA0BH,CAAS,CACxC,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKaG,EAAN,cAAkCD,CAAY,CACnD,YAAYE,EAAkBC,EAAqB,CACjD,MACE,2BAA2BD,CAAQ,WAAWA,EAAW,CAAC,eAAeC,CAAW,QACtF,EACA,KAAK,KAAO,qBACd,CACF,EAKaC,EAAN,cAAiCJ,CAAY,CAClD,YAAYK,EAAkBF,EAAqB,CACjD,MAAM,0BAA0BE,CAAQ,eAAeF,CAAW,QAAQ,EAC1E,KAAK,KAAO,oBACd,CACF,EAKaG,EAAN,cAA2BT,CAAS,CACzC,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,cACd,CACF,EAKaS,EAAN,cAAmCD,CAAa,CACrD,aAAc,CACZ,MAAM,8BAA8B,EACpC,KAAK,KAAO,sBACd,CACF,EAKaE,EAAN,cAAmCF,CAAa,CACrD,aAAc,CACZ,MAAM,4CAA4C,EAClD,KAAK,KAAO,sBACd,CACF,EAKaG,EAAN,cAAwBZ,CAAS,CACtC,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,WACd,CACF,EAKaY,EAAN,cAAgCD,CAAU,CAC/C,aAAc,CACZ,MAAM,2BAA2B,EACjC,KAAK,KAAO,mBACd,CACF,EAKaE,EAAN,cAA0Bd,CAAS,CACxC,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKac,EAAN,cAAkCD,CAAY,CACnD,YAAYE,EAAmB,CAC7B,MAAM,2BAA2BA,CAAS,YAAY,EACtD,KAAK,KAAO,qBACd,CACF,EAKaC,EAAN,cAAkCH,CAAY,CACnD,YAAYI,EAAmB,CAC7B,MAAM,0BAA0BA,CAAS,UAAU,EACnD,KAAK,KAAO,qBACd,CACF,EAKaC,EAAN,cAA0BnB,CAAS,CACxC,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKamB,EAAN,cAA6BpB,CAAS,CAC3C,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,gBACd,CACF,EAKaoB,EAAN,cAAyBrB,CAAS,CACvC,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,YACd,CACF,EAKaqB,EAAN,cAA+BD,CAAW,CAC/C,YAAYE,EAAkBC,EAAgB,CAC5C,MAAM,iBAAiBD,CAAQ,gBAAgBC,CAAM,EAAE,EACvD,KAAK,KAAO,kBACd,CACF,EAKaC,EAAN,cAA+BJ,CAAW,CAC/C,aAAc,CACZ,MAAM,gCAAgC,EACtC,KAAK,KAAO,kBACd,CACF,EAKaK,EAAN,cAA0B1B,CAAS,CACxC,YAAYC,EAAiBC,EAA2B,CACtD,MAAMD,EAASC,CAAO,EACtB,KAAK,KAAO,aACd,CACF,EAmBayB,EAAN,cAAwBD,CAAY,CACzC,YAAYzB,EAAiBC,EAA2B,CACtD,MAAM,4BAA4BD,CAAO,GAAIC,CAAO,EACpD,KAAK,KAAO,WACd,CACF,EAOa0B,EAAN,cAA+BF,CAAY,CAChD,YAAYzB,EAAiBC,EAA2B,CACtD,MAAM,kCAAkCD,CAAO,GAAIC,CAAO,EAC1D,KAAK,KAAO,kBACd,CACF,EAKa2B,EAAN,cAA0B7B,CAAS,CACxC,YAAYC,EAAiBC,EAA2B,CACtD,MAAMD,EAASC,CAAO,EACtB,KAAK,KAAO,aACd,CACF,EAmBa4B,EAAN,cAAgCD,CAAY,CACjD,YAAY5B,EAAiBC,EAA2B,CACtD,MAAM,2BAA2BD,CAAO,GAAIC,CAAO,EACnD,KAAK,KAAO,mBACd,CACF,EAmBa6B,EAAN,cAAgCF,CAAY,CACjD,YAAY5B,EAAiBC,EAA2B,CACtD,MAAM,2BAA2BD,CAAO,GAAIC,CAAO,EACnD,KAAK,KAAO,mBACd,CACF,EAKa8B,EAAN,cAAoChC,CAAS,CAClD,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,uBACd,CACF,EAKagC,EAAN,cAA4CD,CAAsB,CACvE,YAAYE,EAAsBC,EAAoB,CACpD,MACE,0CAA0CD,CAAY,SAASC,CAAU,kDAE3E,EACA,KAAK,KAAO,+BACd,CACF,EAKaC,EAAN,cAAkCpC,CAAS,CAChD,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,qBACd,CACF,EAKaoC,EAAN,cAA0CD,CAAoB,CACnE,aAAc,CACZ,MAAM,gDAAgD,EACtD,KAAK,KAAO,6BACd,CACF,EAKaE,EAAN,cAA0CF,CAAoB,CACnE,YAAYF,EAAsBK,EAAqB,CACrD,MACE,mCAAmCL,CAAY,iBAAiBK,CAAW,kDAE7E,EACA,KAAK,KAAO,6BACd,CACF,EAKaC,EAAN,cAA0BxC,CAAS,CACxC,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKawC,EAAN,cAAuCD,CAAY,CACxD,aAAc,CACZ,MACE,iIAGF,EACA,KAAK,KAAO,0BACd,CACF,EAKaE,EAAN,cAAuCF,CAAY,CACxD,aAAc,CACZ,MAAM,mFAAmF,EACzF,KAAK,KAAO,0BACd,CACF,EAKaG,EAAN,cAAiC3C,CAAS,CAC/C,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,oBACd,CACF,EAKa2C,EAAN,cAAiCD,CAAmB,CACzD,aAAc,CACZ,MACE,yGAEF,EACA,KAAK,KAAO,oBACd,CACF,EAKaE,EAAN,cAAgCF,CAAmB,CACxD,aAAc,CACZ,MAAM,8EAA8E,EACpF,KAAK,KAAO,mBACd,CACF,EAKaG,EAAN,cAAiCH,CAAmB,CACzD,aAAc,CACZ,MAAM,qEAAqE,EAC3E,KAAK,KAAO,oBACd,CACF,EAKaI,EAAN,cAA8BJ,CAAmB,CACtD,aAAc,CACZ,MACE,2HAEF,EACA,KAAK,KAAO,iBACd,CACF","names":["OTPError","message","options","SecretError","SecretTooShortError","minBytes","actualBytes","SecretTooLongError","maxBytes","CounterError","CounterNegativeError","CounterOverflowError","TimeError","TimeNegativeError","PeriodError","PeriodTooSmallError","minPeriod","PeriodTooLargeError","maxPeriod","DigitsError","AlgorithmError","TokenError","TokenLengthError","expected","actual","TokenFormatError","CryptoError","HMACError","RandomBytesError","Base32Error","Base32EncodeError","Base32DecodeError","CounterToleranceError","CounterToleranceTooLargeError","maxTolerance","actualSize","EpochToleranceError","EpochToleranceNegativeError","EpochToleranceTooLargeError","actualValue","PluginError","CryptoPluginMissingError","Base32PluginMissingError","ConfigurationError","SecretMissingError","LabelMissingError","IssuerMissingError","SecretTypeError"]}
1
+ {"version":3,"sources":["../src/errors.ts"],"sourcesContent":["/**\n * Options for OTPError construction\n */\nexport type OTPErrorOptions = {\n /**\n * The underlying error that caused this error.\n * Useful for error chaining and debugging.\n */\n cause?: unknown;\n};\n\n/**\n * Base error class for all otplib errors\n *\n * Supports ES2022 error chaining via the `cause` property.\n *\n * @example\n * ```typescript\n * try {\n * // ... operation that throws\n * } catch (error) {\n * throw new OTPError('Operation failed', { cause: error });\n * }\n * ```\n */\nexport class OTPError extends Error {\n constructor(message: string, options?: OTPErrorOptions) {\n super(message, options);\n this.name = \"OTPError\";\n }\n}\n\n/**\n * Error thrown when secret validation fails\n */\nexport class SecretError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"SecretError\";\n }\n}\n\n/**\n * Error thrown when secret is too short (< 128 bits)\n */\nexport class SecretTooShortError extends SecretError {\n constructor(minBytes: number, actualBytes: number) {\n super(\n `Secret must be at least ${minBytes} bytes (${minBytes * 8} bits), got ${actualBytes} bytes`,\n );\n this.name = \"SecretTooShortError\";\n }\n}\n\n/**\n * Error thrown when secret is unreasonably large (> 64 bytes)\n */\nexport class SecretTooLongError extends SecretError {\n constructor(maxBytes: number, actualBytes: number) {\n super(`Secret must not exceed ${maxBytes} bytes, got ${actualBytes} bytes`);\n this.name = \"SecretTooLongError\";\n }\n}\n\n/**\n * Error thrown when counter is invalid\n */\nexport class CounterError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"CounterError\";\n }\n}\n\n/**\n * Error thrown when counter is negative\n */\nexport class CounterNegativeError extends CounterError {\n constructor() {\n super(\"Counter must be non-negative\");\n this.name = \"CounterNegativeError\";\n }\n}\n\n/**\n * Error thrown when counter exceeds maximum value (2^53 - 1 for safe integer)\n */\nexport class CounterOverflowError extends CounterError {\n constructor() {\n super(\"Counter exceeds maximum safe integer value\");\n this.name = \"CounterOverflowError\";\n }\n}\n\n/**\n * Error thrown when time is invalid\n */\nexport class TimeError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"TimeError\";\n }\n}\n\n/**\n * Error thrown when time is negative\n */\nexport class TimeNegativeError extends TimeError {\n constructor() {\n super(\"Time must be non-negative\");\n this.name = \"TimeNegativeError\";\n }\n}\n\n/**\n * Error thrown when period is invalid\n */\nexport class PeriodError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"PeriodError\";\n }\n}\n\n/**\n * Error thrown when period is too small\n */\nexport class PeriodTooSmallError extends PeriodError {\n constructor(minPeriod: number) {\n super(`Period must be at least ${minPeriod} second(s)`);\n this.name = \"PeriodTooSmallError\";\n }\n}\n\n/**\n * Error thrown when period is too large\n */\nexport class PeriodTooLargeError extends PeriodError {\n constructor(maxPeriod: number) {\n super(`Period must not exceed ${maxPeriod} seconds`);\n this.name = \"PeriodTooLargeError\";\n }\n}\n\n/**\n * Error thrown when digits value is invalid\n */\nexport class DigitsError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"DigitsError\";\n }\n}\n\n/**\n * Error thrown when hash algorithm is invalid\n */\nexport class AlgorithmError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"AlgorithmError\";\n }\n}\n\n/**\n * Error thrown when token is invalid\n */\nexport class TokenError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"TokenError\";\n }\n}\n\n/**\n * Error thrown when token has incorrect length\n */\nexport class TokenLengthError extends TokenError {\n constructor(expected: number, actual: number) {\n super(`Token must be ${expected} digits, got ${actual}`);\n this.name = \"TokenLengthError\";\n }\n}\n\n/**\n * Error thrown when token contains non-digit characters\n */\nexport class TokenFormatError extends TokenError {\n constructor() {\n super(\"Token must contain only digits\");\n this.name = \"TokenFormatError\";\n }\n}\n\n/**\n * Error thrown when crypto operation fails\n */\nexport class CryptoError extends OTPError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(message, options);\n this.name = \"CryptoError\";\n }\n}\n\n/**\n * Error thrown when HMAC computation fails\n *\n * The original error from the crypto plugin is available via `cause`.\n *\n * @example\n * ```typescript\n * try {\n * await cryptoContext.hmac('sha1', key, data);\n * } catch (error) {\n * if (error instanceof HMACError) {\n * console.log('HMAC failed:', error.message);\n * console.log('Original error:', error.cause);\n * }\n * }\n * ```\n */\nexport class HMACError extends CryptoError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`HMAC computation failed: ${message}`, options);\n this.name = \"HMACError\";\n }\n}\n\n/**\n * Error thrown when random byte generation fails\n *\n * The original error from the crypto plugin is available via `cause`.\n */\nexport class RandomBytesError extends CryptoError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`Random byte generation failed: ${message}`, options);\n this.name = \"RandomBytesError\";\n }\n}\n\n/**\n * Error thrown when Base32 operation fails\n */\nexport class Base32Error extends OTPError {\n constructor(message: string, options?: OTPErrorOptions) {\n super(message, options);\n this.name = \"Base32Error\";\n }\n}\n\n/**\n * Error thrown when Base32 encoding fails\n *\n * The original error from the Base32 plugin is available via `cause`.\n *\n * @example\n * ```typescript\n * try {\n * base32Context.encode(data);\n * } catch (error) {\n * if (error instanceof Base32EncodeError) {\n * console.log('Encoding failed:', error.message);\n * console.log('Original error:', error.cause);\n * }\n * }\n * ```\n */\nexport class Base32EncodeError extends Base32Error {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`Base32 encoding failed: ${message}`, options);\n this.name = \"Base32EncodeError\";\n }\n}\n\n/**\n * Error thrown when Base32 decoding fails\n *\n * The original error from the Base32 plugin is available via `cause`.\n *\n * @example\n * ```typescript\n * try {\n * base32Context.decode(invalidString);\n * } catch (error) {\n * if (error instanceof Base32DecodeError) {\n * console.log('Decoding failed:', error.message);\n * console.log('Original error:', error.cause);\n * }\n * }\n * ```\n */\nexport class Base32DecodeError extends Base32Error {\n constructor(message: string, options?: OTPErrorOptions) {\n super(`Base32 decoding failed: ${message}`, options);\n this.name = \"Base32DecodeError\";\n }\n}\n\n/**\n * Error thrown when counter tolerance is invalid\n */\nexport class CounterToleranceError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"CounterToleranceError\";\n }\n}\n\n/**\n * Error thrown when counter tolerance is too large\n */\nexport class CounterToleranceTooLargeError extends CounterToleranceError {\n constructor(maxTolerance: number, actualSize: number) {\n super(\n `Counter tolerance size must not exceed ${maxTolerance}, got ${actualSize}. ` +\n `Large tolerances can cause performance issues.`,\n );\n this.name = \"CounterToleranceTooLargeError\";\n }\n}\n\n/**\n * Error thrown when epoch tolerance is invalid\n */\nexport class EpochToleranceError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"EpochToleranceError\";\n }\n}\n\n/**\n * Error thrown when epoch tolerance contains negative values\n */\nexport class EpochToleranceNegativeError extends EpochToleranceError {\n constructor() {\n super(\"Epoch tolerance cannot contain negative values\");\n this.name = \"EpochToleranceNegativeError\";\n }\n}\n\n/**\n * Error thrown when epoch tolerance is too large\n */\nexport class EpochToleranceTooLargeError extends EpochToleranceError {\n constructor(maxTolerance: number, actualValue: number) {\n super(\n `Epoch tolerance must not exceed ${maxTolerance} seconds, got ${actualValue}. ` +\n `Large tolerances can cause performance issues.`,\n );\n this.name = \"EpochToleranceTooLargeError\";\n }\n}\n\n/**\n * Error thrown when a required plugin is missing\n */\nexport class PluginError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"PluginError\";\n }\n}\n\n/**\n * Error thrown when crypto plugin is not configured\n */\nexport class CryptoPluginMissingError extends PluginError {\n constructor() {\n super(\"Crypto plugin is required.\");\n this.name = \"CryptoPluginMissingError\";\n }\n}\n\n/**\n * Error thrown when Base32 plugin is not configured\n */\nexport class Base32PluginMissingError extends PluginError {\n constructor() {\n super(\"Base32 plugin is required.\");\n this.name = \"Base32PluginMissingError\";\n }\n}\n\n/**\n * Error thrown when required configuration is missing\n */\nexport class ConfigurationError extends OTPError {\n constructor(message: string) {\n super(message);\n this.name = \"ConfigurationError\";\n }\n}\n\n/**\n * Error thrown when secret is not configured\n */\nexport class SecretMissingError extends ConfigurationError {\n constructor() {\n super(\n \"Secret is required. \" +\n \"Use generateSecret() to create one, or provide via { secret: 'YOUR_BASE32_SECRET' }\",\n );\n this.name = \"SecretMissingError\";\n }\n}\n\n/**\n * Error thrown when label is not configured (required for URI generation)\n */\nexport class LabelMissingError extends ConfigurationError {\n constructor() {\n super(\"Label is required for URI generation. Example: { label: 'user@example.com' }\");\n this.name = \"LabelMissingError\";\n }\n}\n\n/**\n * Error thrown when issuer is not configured (required for URI generation)\n */\nexport class IssuerMissingError extends ConfigurationError {\n constructor() {\n super(\"Issuer is required for URI generation. Example: { issuer: 'MyApp' }\");\n this.name = \"IssuerMissingError\";\n }\n}\n\n/**\n * Error thrown when secret must be a Base32 string but is provided as bytes\n */\nexport class SecretTypeError extends ConfigurationError {\n constructor() {\n super(\n \"Class API requires secret to be a Base32 string, not Uint8Array. \" +\n \"Use generateSecret() or provide a Base32-encoded string.\",\n );\n this.name = \"SecretTypeError\";\n }\n}\n"],"mappings":"AAyBO,IAAMA,EAAN,cAAuB,KAAM,CAClC,YAAYC,EAAiBC,EAA2B,CACtD,MAAMD,EAASC,CAAO,EACtB,KAAK,KAAO,UACd,CACF,EAKaC,EAAN,cAA0BH,CAAS,CACxC,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKaG,EAAN,cAAkCD,CAAY,CACnD,YAAYE,EAAkBC,EAAqB,CACjD,MACE,2BAA2BD,CAAQ,WAAWA,EAAW,CAAC,eAAeC,CAAW,QACtF,EACA,KAAK,KAAO,qBACd,CACF,EAKaC,EAAN,cAAiCJ,CAAY,CAClD,YAAYK,EAAkBF,EAAqB,CACjD,MAAM,0BAA0BE,CAAQ,eAAeF,CAAW,QAAQ,EAC1E,KAAK,KAAO,oBACd,CACF,EAKaG,EAAN,cAA2BT,CAAS,CACzC,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,cACd,CACF,EAKaS,EAAN,cAAmCD,CAAa,CACrD,aAAc,CACZ,MAAM,8BAA8B,EACpC,KAAK,KAAO,sBACd,CACF,EAKaE,EAAN,cAAmCF,CAAa,CACrD,aAAc,CACZ,MAAM,4CAA4C,EAClD,KAAK,KAAO,sBACd,CACF,EAKaG,EAAN,cAAwBZ,CAAS,CACtC,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,WACd,CACF,EAKaY,EAAN,cAAgCD,CAAU,CAC/C,aAAc,CACZ,MAAM,2BAA2B,EACjC,KAAK,KAAO,mBACd,CACF,EAKaE,EAAN,cAA0Bd,CAAS,CACxC,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKac,EAAN,cAAkCD,CAAY,CACnD,YAAYE,EAAmB,CAC7B,MAAM,2BAA2BA,CAAS,YAAY,EACtD,KAAK,KAAO,qBACd,CACF,EAKaC,EAAN,cAAkCH,CAAY,CACnD,YAAYI,EAAmB,CAC7B,MAAM,0BAA0BA,CAAS,UAAU,EACnD,KAAK,KAAO,qBACd,CACF,EAKaC,EAAN,cAA0BnB,CAAS,CACxC,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKamB,EAAN,cAA6BpB,CAAS,CAC3C,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,gBACd,CACF,EAKaoB,EAAN,cAAyBrB,CAAS,CACvC,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,YACd,CACF,EAKaqB,EAAN,cAA+BD,CAAW,CAC/C,YAAYE,EAAkBC,EAAgB,CAC5C,MAAM,iBAAiBD,CAAQ,gBAAgBC,CAAM,EAAE,EACvD,KAAK,KAAO,kBACd,CACF,EAKaC,EAAN,cAA+BJ,CAAW,CAC/C,aAAc,CACZ,MAAM,gCAAgC,EACtC,KAAK,KAAO,kBACd,CACF,EAKaK,EAAN,cAA0B1B,CAAS,CACxC,YAAYC,EAAiBC,EAA2B,CACtD,MAAMD,EAASC,CAAO,EACtB,KAAK,KAAO,aACd,CACF,EAmBayB,EAAN,cAAwBD,CAAY,CACzC,YAAYzB,EAAiBC,EAA2B,CACtD,MAAM,4BAA4BD,CAAO,GAAIC,CAAO,EACpD,KAAK,KAAO,WACd,CACF,EAOa0B,EAAN,cAA+BF,CAAY,CAChD,YAAYzB,EAAiBC,EAA2B,CACtD,MAAM,kCAAkCD,CAAO,GAAIC,CAAO,EAC1D,KAAK,KAAO,kBACd,CACF,EAKa2B,EAAN,cAA0B7B,CAAS,CACxC,YAAYC,EAAiBC,EAA2B,CACtD,MAAMD,EAASC,CAAO,EACtB,KAAK,KAAO,aACd,CACF,EAmBa4B,EAAN,cAAgCD,CAAY,CACjD,YAAY5B,EAAiBC,EAA2B,CACtD,MAAM,2BAA2BD,CAAO,GAAIC,CAAO,EACnD,KAAK,KAAO,mBACd,CACF,EAmBa6B,EAAN,cAAgCF,CAAY,CACjD,YAAY5B,EAAiBC,EAA2B,CACtD,MAAM,2BAA2BD,CAAO,GAAIC,CAAO,EACnD,KAAK,KAAO,mBACd,CACF,EAKa8B,EAAN,cAAoChC,CAAS,CAClD,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,uBACd,CACF,EAKagC,EAAN,cAA4CD,CAAsB,CACvE,YAAYE,EAAsBC,EAAoB,CACpD,MACE,0CAA0CD,CAAY,SAASC,CAAU,kDAE3E,EACA,KAAK,KAAO,+BACd,CACF,EAKaC,EAAN,cAAkCpC,CAAS,CAChD,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,qBACd,CACF,EAKaoC,EAAN,cAA0CD,CAAoB,CACnE,aAAc,CACZ,MAAM,gDAAgD,EACtD,KAAK,KAAO,6BACd,CACF,EAKaE,EAAN,cAA0CF,CAAoB,CACnE,YAAYF,EAAsBK,EAAqB,CACrD,MACE,mCAAmCL,CAAY,iBAAiBK,CAAW,kDAE7E,EACA,KAAK,KAAO,6BACd,CACF,EAKaC,EAAN,cAA0BxC,CAAS,CACxC,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,aACd,CACF,EAKawC,EAAN,cAAuCD,CAAY,CACxD,aAAc,CACZ,MAAM,4BAA4B,EAClC,KAAK,KAAO,0BACd,CACF,EAKaE,EAAN,cAAuCF,CAAY,CACxD,aAAc,CACZ,MAAM,4BAA4B,EAClC,KAAK,KAAO,0BACd,CACF,EAKaG,EAAN,cAAiC3C,CAAS,CAC/C,YAAYC,EAAiB,CAC3B,MAAMA,CAAO,EACb,KAAK,KAAO,oBACd,CACF,EAKa2C,EAAN,cAAiCD,CAAmB,CACzD,aAAc,CACZ,MACE,yGAEF,EACA,KAAK,KAAO,oBACd,CACF,EAKaE,EAAN,cAAgCF,CAAmB,CACxD,aAAc,CACZ,MAAM,8EAA8E,EACpF,KAAK,KAAO,mBACd,CACF,EAKaG,EAAN,cAAiCH,CAAmB,CACzD,aAAc,CACZ,MAAM,qEAAqE,EAC3E,KAAK,KAAO,oBACd,CACF,EAKaI,EAAN,cAA8BJ,CAAmB,CACtD,aAAc,CACZ,MACE,2HAEF,EACA,KAAK,KAAO,iBACd,CACF","names":["OTPError","message","options","SecretError","SecretTooShortError","minBytes","actualBytes","SecretTooLongError","maxBytes","CounterError","CounterNegativeError","CounterOverflowError","TimeError","TimeNegativeError","PeriodError","PeriodTooSmallError","minPeriod","PeriodTooLargeError","maxPeriod","DigitsError","AlgorithmError","TokenError","TokenLengthError","expected","actual","TokenFormatError","CryptoError","HMACError","RandomBytesError","Base32Error","Base32EncodeError","Base32DecodeError","CounterToleranceError","CounterToleranceTooLargeError","maxTolerance","actualSize","EpochToleranceError","EpochToleranceNegativeError","EpochToleranceTooLargeError","actualValue","PluginError","CryptoPluginMissingError","Base32PluginMissingError","ConfigurationError","SecretMissingError","LabelMissingError","IssuerMissingError","SecretTypeError"]}
package/dist/index.cjs CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";var G=Object.defineProperty;var qr=Object.getOwnPropertyDescriptor;var _r=Object.getOwnPropertyNames;var kr=Object.prototype.hasOwnProperty;var Ir=(r,e)=>{for(var t in e)G(r,t,{get:e[t],enumerable:!0})},Dr=(r,e,t,o)=>{if(e&&typeof e=="object"||typeof e=="function")for(let n of _r(e))!kr.call(r,n)&&n!==t&&G(r,n,{get:()=>e[n],enumerable:!(o=qr(e,n))||o.enumerable});return r};var Nr=r=>Dr(G({},"__esModule",{value:!0}),r);var $r={};Ir($r,{AlgorithmError:()=>X,Base32Context:()=>z,Base32DecodeError:()=>O,Base32EncodeError:()=>A,Base32Error:()=>B,Base32PluginMissingError:()=>q,ConfigurationError:()=>u,CounterError:()=>l,CounterNegativeError:()=>d,CounterOverflowError:()=>m,CounterToleranceError:()=>L,CounterToleranceTooLargeError:()=>C,CryptoContext:()=>K,CryptoError:()=>b,CryptoPluginMissingError:()=>M,DEFAULT_PERIOD:()=>Q,DigitsError:()=>H,EpochToleranceError:()=>S,EpochToleranceNegativeError:()=>v,EpochToleranceTooLargeError:()=>R,HMACError:()=>a,IssuerMissingError:()=>I,LabelMissingError:()=>k,MAX_COUNTER:()=>Z,MAX_PERIOD:()=>F,MAX_SECRET_BYTES:()=>Y,MAX_WINDOW:()=>$,MIN_PERIOD:()=>j,MIN_SECRET_BYTES:()=>W,OTPError:()=>s,PeriodError:()=>x,PeriodTooLargeError:()=>E,PeriodTooSmallError:()=>T,PluginError:()=>U,RECOMMENDED_SECRET_BYTES:()=>J,RandomBytesError:()=>w,SecretError:()=>c,SecretMissingError:()=>_,SecretTooLongError:()=>g,SecretTooShortError:()=>p,SecretTypeError:()=>D,TimeError:()=>N,TimeNegativeError:()=>y,TokenError:()=>f,TokenFormatError:()=>P,TokenLengthError:()=>h,constantTimeEqual:()=>gr,counterToBytes:()=>ur,createBase32Context:()=>vr,createCryptoContext:()=>Sr,dynamicTruncate:()=>cr,generateSecret:()=>yr,getDigestSize:()=>lr,hasBase32:()=>Mr,hasCrypto:()=>Ur,hasPlugins:()=>Rr,hexToBytes:()=>dr,normalizeCounterTolerance:()=>xr,normalizeEpochTolerance:()=>Tr,normalizeSecret:()=>mr,requireBase32Plugin:()=>fr,requireBase32String:()=>wr,requireCryptoPlugin:()=>Er,requireIssuer:()=>br,requireLabel:()=>Pr,requireSecret:()=>hr,stringToBytes:()=>V,truncateDigits:()=>pr,validateByteLengthEqual:()=>rr,validateCounter:()=>tr,validateCounterTolerance:()=>ir,validateEpochTolerance:()=>ar,validatePeriod:()=>or,validateSecret:()=>er,validateTime:()=>nr,validateToken:()=>sr,wrapResult:()=>Or,wrapResultAsync:()=>Cr});module.exports=Nr($r);var s=class extends Error{constructor(e,t){super(e,t),this.name="OTPError"}},c=class extends s{constructor(e){super(e),this.name="SecretError"}},p=class extends c{constructor(e,t){super(`Secret must be at least ${e} bytes (${e*8} bits), got ${t} bytes`),this.name="SecretTooShortError"}},g=class extends c{constructor(e,t){super(`Secret must not exceed ${e} bytes, got ${t} bytes`),this.name="SecretTooLongError"}},l=class extends s{constructor(e){super(e),this.name="CounterError"}},d=class extends l{constructor(){super("Counter must be non-negative"),this.name="CounterNegativeError"}},m=class extends l{constructor(){super("Counter exceeds maximum safe integer value"),this.name="CounterOverflowError"}},N=class extends s{constructor(e){super(e),this.name="TimeError"}},y=class extends N{constructor(){super("Time must be non-negative"),this.name="TimeNegativeError"}},x=class extends s{constructor(e){super(e),this.name="PeriodError"}},T=class extends x{constructor(e){super(`Period must be at least ${e} second(s)`),this.name="PeriodTooSmallError"}},E=class extends x{constructor(e){super(`Period must not exceed ${e} seconds`),this.name="PeriodTooLargeError"}},H=class extends s{constructor(e){super(e),this.name="DigitsError"}},X=class extends s{constructor(e){super(e),this.name="AlgorithmError"}},f=class extends s{constructor(e){super(e),this.name="TokenError"}},h=class extends f{constructor(e,t){super(`Token must be ${e} digits, got ${t}`),this.name="TokenLengthError"}},P=class extends f{constructor(){super("Token must contain only digits"),this.name="TokenFormatError"}},b=class extends s{constructor(e,t){super(e,t),this.name="CryptoError"}},a=class extends b{constructor(e,t){super(`HMAC computation failed: ${e}`,t),this.name="HMACError"}},w=class extends b{constructor(e,t){super(`Random byte generation failed: ${e}`,t),this.name="RandomBytesError"}},B=class extends s{constructor(e,t){super(e,t),this.name="Base32Error"}},A=class extends B{constructor(e,t){super(`Base32 encoding failed: ${e}`,t),this.name="Base32EncodeError"}},O=class extends B{constructor(e,t){super(`Base32 decoding failed: ${e}`,t),this.name="Base32DecodeError"}},L=class extends s{constructor(e){super(e),this.name="CounterToleranceError"}},C=class extends L{constructor(e,t){super(`Counter tolerance size must not exceed ${e}, got ${t}. Large tolerances can cause performance issues.`),this.name="CounterToleranceTooLargeError"}},S=class extends s{constructor(e){super(e),this.name="EpochToleranceError"}},v=class extends S{constructor(){super("Epoch tolerance cannot contain negative values"),this.name="EpochToleranceNegativeError"}},R=class extends S{constructor(e,t){super(`Epoch tolerance must not exceed ${e} seconds, got ${t}. Large tolerances can cause performance issues.`),this.name="EpochToleranceTooLargeError"}},U=class extends s{constructor(e){super(e),this.name="PluginError"}},M=class extends U{constructor(){super("Crypto plugin is required. Example: new TOTP({ crypto: new NodeCryptoPlugin() }) or new TOTP({ crypto: new WebCryptoPlugin() })"),this.name="CryptoPluginMissingError"}},q=class extends U{constructor(){super("Base32 plugin is required. Example: new TOTP({ base32: new ScureBase32Plugin() })"),this.name="Base32PluginMissingError"}},u=class extends s{constructor(e){super(e),this.name="ConfigurationError"}},_=class extends u{constructor(){super("Secret is required. Use generateSecret() to create one, or provide via { secret: 'YOUR_BASE32_SECRET' }"),this.name="SecretMissingError"}},k=class extends u{constructor(){super("Label is required for URI generation. Example: { label: 'user@example.com' }"),this.name="LabelMissingError"}},I=class extends u{constructor(){super("Issuer is required for URI generation. Example: { issuer: 'MyApp' }"),this.name="IssuerMissingError"}},D=class extends u{constructor(){super("Class API requires secret to be a Base32 string, not Uint8Array. Use generateSecret() or provide a Base32-encoded string."),this.name="SecretTypeError"}};var Lr=new TextEncoder,W=16,Y=64,J=20,j=1,F=3600,Q=30,Z=Number.MAX_SAFE_INTEGER,$=100;function er(r){if(r.length<W)throw new p(W,r.length);if(r.length>Y)throw new g(Y,r.length)}function tr(r){let e=typeof r=="bigint"?r:BigInt(r);if(e<0n)throw new d;if(e>BigInt(Z))throw new m}function nr(r){if(r<0)throw new y}function or(r){if(!Number.isInteger(r)||r<j)throw new T(j);if(r>F)throw new E(F)}function sr(r,e){if(r.length!==e)throw new h(e,r.length);if(!/^\d+$/.test(r))throw new P}function ir(r){if((Array.isArray(r)?r.length:r*2+1)>$*2+1)throw new C($,Array.isArray(r)?r.length:r)}function ar(r,e=Q){let[t,o]=Array.isArray(r)?r:[r,r];if(t<0||o<0)throw new v;let n=$*e,i=Math.max(t,o);if(i>n)throw new R(n,i)}function ur(r){let e=typeof r=="bigint"?r:BigInt(r),t=new ArrayBuffer(8);return new DataView(t).setBigUint64(0,e,!1),new Uint8Array(t)}function cr(r){let e=r[r.length-1]&15;return(r[e]&127)<<24|r[e+1]<<16|r[e+2]<<8|r[e+3]}function pr(r,e){let t=10**e;return(r%t).toString().padStart(e,"0")}function rr(r,e){return r.length===e.length}function gr(r,e){let t=V(r),o=V(e);if(!rr(t,o))return!1;let n=0;for(let i=0;i<t.length;i++)n|=t[i]^o[i];return n===0}function lr(r){switch(r){case"sha1":return 20;case"sha256":return 32;case"sha512":return 64}}function V(r){return typeof r=="string"?Lr.encode(r):r}function dr(r){let e=new Uint8Array(r.length/2);for(let t=0;t<r.length;t+=2)e[t/2]=parseInt(r.substring(t,t+2),16);return e}function mr(r,e){if(typeof r=="string"){if(!e)throw new Error("String secrets require a Base32Plugin. Please provide a base32 parameter.");return e.decode(r)}return r}function yr(r){let{crypto:e,base32:t,length:o=J}=r,n=e.randomBytes(o);return t.encode(n,{padding:!1})}function xr(r=0){if(Array.isArray(r))return r;let e=[];for(let t=-r;t<=r;t++)e.push(t|0);return e}function Tr(r=0){return Array.isArray(r)?r:[r,r]}function Er(r){if(!r)throw new M}function fr(r){if(!r)throw new q}function hr(r){if(!r)throw new _}function Pr(r){if(!r)throw new k}function br(r){if(!r)throw new I}function wr(r){if(typeof r!="string")throw new D}function Br(r){return{ok:!0,value:r}}function Ar(r){return{ok:!1,error:r}}function Or(r){return(...e)=>{try{return Br(r(...e))}catch(t){return Ar(t)}}}function Cr(r){return async(...e)=>{try{return Br(await r(...e))}catch(t){return Ar(t)}}}var K=class{constructor(e){this.crypto=e}get plugin(){return this.crypto}async hmac(e,t,o){try{let n=this.crypto.hmac(e,t,o);return n instanceof Promise?await n:n}catch(n){let i=n instanceof Error?n.message:String(n);throw new a(i,{cause:n})}}hmacSync(e,t,o){try{let n=this.crypto.hmac(e,t,o);if(n instanceof Promise)throw new a("Crypto plugin does not support synchronous HMAC operations");return n}catch(n){if(n instanceof a)throw n;let i=n instanceof Error?n.message:String(n);throw new a(i,{cause:n})}}randomBytes(e){try{return this.crypto.randomBytes(e)}catch(t){let o=t instanceof Error?t.message:String(t);throw new w(o,{cause:t})}}};function Sr(r){return new K(r)}var z=class{constructor(e){this.base32=e}get plugin(){return this.base32}encode(e,t){try{return this.base32.encode(e,t)}catch(o){let n=o instanceof Error?o.message:String(o);throw new A(n,{cause:o})}}decode(e){try{return this.base32.decode(e)}catch(t){let o=t instanceof Error?t.message:String(t);throw new O(o,{cause:t})}}};function vr(r){return new z(r)}function Rr(r){return r.crypto!==void 0&&r.base32!==void 0}function Ur(r){return r.crypto!==void 0}function Mr(r){return r.base32!==void 0}0&&(module.exports={AlgorithmError,Base32Context,Base32DecodeError,Base32EncodeError,Base32Error,Base32PluginMissingError,ConfigurationError,CounterError,CounterNegativeError,CounterOverflowError,CounterToleranceError,CounterToleranceTooLargeError,CryptoContext,CryptoError,CryptoPluginMissingError,DEFAULT_PERIOD,DigitsError,EpochToleranceError,EpochToleranceNegativeError,EpochToleranceTooLargeError,HMACError,IssuerMissingError,LabelMissingError,MAX_COUNTER,MAX_PERIOD,MAX_SECRET_BYTES,MAX_WINDOW,MIN_PERIOD,MIN_SECRET_BYTES,OTPError,PeriodError,PeriodTooLargeError,PeriodTooSmallError,PluginError,RECOMMENDED_SECRET_BYTES,RandomBytesError,SecretError,SecretMissingError,SecretTooLongError,SecretTooShortError,SecretTypeError,TimeError,TimeNegativeError,TokenError,TokenFormatError,TokenLengthError,constantTimeEqual,counterToBytes,createBase32Context,createCryptoContext,dynamicTruncate,generateSecret,getDigestSize,hasBase32,hasCrypto,hasPlugins,hexToBytes,normalizeCounterTolerance,normalizeEpochTolerance,normalizeSecret,requireBase32Plugin,requireBase32String,requireCryptoPlugin,requireIssuer,requireLabel,requireSecret,stringToBytes,truncateDigits,validateByteLengthEqual,validateCounter,validateCounterTolerance,validateEpochTolerance,validatePeriod,validateSecret,validateTime,validateToken,wrapResult,wrapResultAsync});
1
+ "use strict";var H=Object.defineProperty;var kr=Object.getOwnPropertyDescriptor;var Lr=Object.getOwnPropertyNames;var Gr=Object.prototype.hasOwnProperty;var Xr=(r,e)=>{for(var t in e)H(r,t,{get:e[t],enumerable:!0})},$r=(r,e,t,o)=>{if(e&&typeof e=="object"||typeof e=="function")for(let n of Lr(e))!Gr.call(r,n)&&n!==t&&H(r,n,{get:()=>e[n],enumerable:!(o=kr(e,n))||o.enumerable});return r};var Yr=r=>$r(H({},"__esModule",{value:!0}),r);var zr={};Xr(zr,{AlgorithmError:()=>W,Base32Context:()=>$,Base32DecodeError:()=>S,Base32EncodeError:()=>C,Base32Error:()=>B,Base32PluginMissingError:()=>U,ConfigurationError:()=>u,CounterError:()=>d,CounterNegativeError:()=>E,CounterOverflowError:()=>T,CounterToleranceError:()=>G,CounterToleranceTooLargeError:()=>w,CryptoContext:()=>X,CryptoError:()=>b,CryptoPluginMissingError:()=>I,DEFAULT_PERIOD:()=>Z,DigitsError:()=>Y,EpochToleranceError:()=>R,EpochToleranceNegativeError:()=>_,EpochToleranceTooLargeError:()=>M,HMACError:()=>a,IssuerMissingError:()=>q,LabelMissingError:()=>N,MAX_COUNTER:()=>rr,MAX_PERIOD:()=>Q,MAX_SECRET_BYTES:()=>F,MAX_WINDOW:()=>er,MIN_PERIOD:()=>J,MIN_SECRET_BYTES:()=>j,OTPError:()=>s,PeriodError:()=>x,PeriodTooLargeError:()=>f,PeriodTooSmallError:()=>y,PluginError:()=>v,RECOMMENDED_SECRET_BYTES:()=>V,RandomBytesError:()=>A,SecretError:()=>p,SecretMissingError:()=>D,SecretTooLongError:()=>g,SecretTooShortError:()=>l,SecretTypeError:()=>k,TimeError:()=>L,TimeNegativeError:()=>m,TokenError:()=>h,TokenFormatError:()=>O,TokenLengthError:()=>P,constantTimeEqual:()=>yr,counterToBytes:()=>Tr,createBase32Context:()=>Ur,createCryptoContext:()=>Ir,createGuardrails:()=>ir,dynamicTruncate:()=>mr,generateSecret:()=>Or,getDigestSize:()=>fr,hasBase32:()=>qr,hasCrypto:()=>Nr,hasGuardrailOverrides:()=>ar,hasPlugins:()=>Dr,hexToBytes:()=>hr,normalizeCounterTolerance:()=>br,normalizeEpochTolerance:()=>Ar,normalizeSecret:()=>Pr,requireBase32Plugin:()=>K,requireBase32String:()=>wr,requireCryptoPlugin:()=>or,requireIssuer:()=>Sr,requireLabel:()=>Cr,requireSecret:()=>Br,stringToBytes:()=>z,truncateDigits:()=>xr,validateByteLengthEqual:()=>nr,validateCounter:()=>cr,validateCounterTolerance:()=>dr,validateEpochTolerance:()=>Er,validatePeriod:()=>lr,validateSecret:()=>ur,validateTime:()=>pr,validateToken:()=>gr,wrapResult:()=>Mr,wrapResultAsync:()=>vr});module.exports=Yr(zr);var s=class extends Error{constructor(e,t){super(e,t),this.name="OTPError"}},p=class extends s{constructor(e){super(e),this.name="SecretError"}},l=class extends p{constructor(e,t){super(`Secret must be at least ${e} bytes (${e*8} bits), got ${t} bytes`),this.name="SecretTooShortError"}},g=class extends p{constructor(e,t){super(`Secret must not exceed ${e} bytes, got ${t} bytes`),this.name="SecretTooLongError"}},d=class extends s{constructor(e){super(e),this.name="CounterError"}},E=class extends d{constructor(){super("Counter must be non-negative"),this.name="CounterNegativeError"}},T=class extends d{constructor(){super("Counter exceeds maximum safe integer value"),this.name="CounterOverflowError"}},L=class extends s{constructor(e){super(e),this.name="TimeError"}},m=class extends L{constructor(){super("Time must be non-negative"),this.name="TimeNegativeError"}},x=class extends s{constructor(e){super(e),this.name="PeriodError"}},y=class extends x{constructor(e){super(`Period must be at least ${e} second(s)`),this.name="PeriodTooSmallError"}},f=class extends x{constructor(e){super(`Period must not exceed ${e} seconds`),this.name="PeriodTooLargeError"}},Y=class extends s{constructor(e){super(e),this.name="DigitsError"}},W=class extends s{constructor(e){super(e),this.name="AlgorithmError"}},h=class extends s{constructor(e){super(e),this.name="TokenError"}},P=class extends h{constructor(e,t){super(`Token must be ${e} digits, got ${t}`),this.name="TokenLengthError"}},O=class extends h{constructor(){super("Token must contain only digits"),this.name="TokenFormatError"}},b=class extends s{constructor(e,t){super(e,t),this.name="CryptoError"}},a=class extends b{constructor(e,t){super(`HMAC computation failed: ${e}`,t),this.name="HMACError"}},A=class extends b{constructor(e,t){super(`Random byte generation failed: ${e}`,t),this.name="RandomBytesError"}},B=class extends s{constructor(e,t){super(e,t),this.name="Base32Error"}},C=class extends B{constructor(e,t){super(`Base32 encoding failed: ${e}`,t),this.name="Base32EncodeError"}},S=class extends B{constructor(e,t){super(`Base32 decoding failed: ${e}`,t),this.name="Base32DecodeError"}},G=class extends s{constructor(e){super(e),this.name="CounterToleranceError"}},w=class extends G{constructor(e,t){super(`Counter tolerance size must not exceed ${e}, got ${t}. Large tolerances can cause performance issues.`),this.name="CounterToleranceTooLargeError"}},R=class extends s{constructor(e){super(e),this.name="EpochToleranceError"}},_=class extends R{constructor(){super("Epoch tolerance cannot contain negative values"),this.name="EpochToleranceNegativeError"}},M=class extends R{constructor(e,t){super(`Epoch tolerance must not exceed ${e} seconds, got ${t}. Large tolerances can cause performance issues.`),this.name="EpochToleranceTooLargeError"}},v=class extends s{constructor(e){super(e),this.name="PluginError"}},I=class extends v{constructor(){super("Crypto plugin is required."),this.name="CryptoPluginMissingError"}},U=class extends v{constructor(){super("Base32 plugin is required."),this.name="Base32PluginMissingError"}},u=class extends s{constructor(e){super(e),this.name="ConfigurationError"}},D=class extends u{constructor(){super("Secret is required. Use generateSecret() to create one, or provide via { secret: 'YOUR_BASE32_SECRET' }"),this.name="SecretMissingError"}},N=class extends u{constructor(){super("Label is required for URI generation. Example: { label: 'user@example.com' }"),this.name="LabelMissingError"}},q=class extends u{constructor(){super("Issuer is required for URI generation. Example: { issuer: 'MyApp' }"),this.name="IssuerMissingError"}},k=class extends u{constructor(){super("Class API requires secret to be a Base32 string, not Uint8Array. Use generateSecret() or provide a Base32-encoded string."),this.name="SecretTypeError"}};var Wr=new TextEncoder,j=16,F=64,V=20,J=1,Q=3600,Z=30,rr=Number.MAX_SAFE_INTEGER,er=100,tr=Symbol("otplib.guardrails.override"),c=Object.freeze({MIN_SECRET_BYTES:j,MAX_SECRET_BYTES:F,MIN_PERIOD:J,MAX_PERIOD:Q,MAX_COUNTER:rr,MAX_WINDOW:er,[tr]:!1});function ir(r){return r?Object.freeze({...c,...r,[tr]:!0}):c}function ar(r){return r[tr]??!1}function ur(r,e=c){if(r.length<e.MIN_SECRET_BYTES)throw new l(e.MIN_SECRET_BYTES,r.length);if(r.length>e.MAX_SECRET_BYTES)throw new g(e.MAX_SECRET_BYTES,r.length)}function cr(r,e=c){let t=typeof r=="bigint"?r:BigInt(r);if(t<0n)throw new E;if(t>BigInt(e.MAX_COUNTER))throw new T}function pr(r){if(r<0)throw new m}function lr(r,e=c){if(!Number.isInteger(r)||r<e.MIN_PERIOD)throw new y(e.MIN_PERIOD);if(r>e.MAX_PERIOD)throw new f(e.MAX_PERIOD)}function gr(r,e){if(r.length!==e)throw new P(e,r.length);if(!/^\d+$/.test(r))throw new O}function dr(r,e=c){if((Array.isArray(r)?r.length:r*2+1)>e.MAX_WINDOW*2+1)throw new w(e.MAX_WINDOW,Array.isArray(r)?r.length:r)}function Er(r,e=Z,t=c){let[o,n]=Array.isArray(r)?r:[r,r];if(o<0||n<0)throw new _;let i=t.MAX_WINDOW*e,sr=Math.max(o,n);if(sr>i)throw new M(i,sr)}function Tr(r){let e=typeof r=="bigint"?r:BigInt(r),t=new ArrayBuffer(8);return new DataView(t).setBigUint64(0,e,!1),new Uint8Array(t)}function mr(r){let e=r[r.length-1]&15;return(r[e]&127)<<24|r[e+1]<<16|r[e+2]<<8|r[e+3]}function xr(r,e){let t=10**e;return(r%t).toString().padStart(e,"0")}function nr(r,e){return r.length===e.length}function yr(r,e){let t=z(r),o=z(e);if(!nr(t,o))return!1;let n=0;for(let i=0;i<t.length;i++)n|=t[i]^o[i];return n===0}function fr(r){switch(r){case"sha1":return 20;case"sha256":return 32;case"sha512":return 64}}function z(r){return typeof r=="string"?Wr.encode(r):r}function hr(r){let e=new Uint8Array(r.length/2);for(let t=0;t<r.length;t+=2)e[t/2]=parseInt(r.substring(t,t+2),16);return e}function Pr(r,e){return typeof r=="string"?(K(e),e.decode(r)):r}function Or(r){let{crypto:e,base32:t,length:o=V}=r;or(e),K(t);let n=e.randomBytes(o);return t.encode(n,{padding:!1})}function br(r=0){if(Array.isArray(r))return r;let e=[];for(let t=-r;t<=r;t++)e.push(t|0);return e}function Ar(r=0){return Array.isArray(r)?r:[r,r]}function or(r){if(!r)throw new I}function K(r){if(!r)throw new U}function Br(r){if(!r)throw new D}function Cr(r){if(!r)throw new N}function Sr(r){if(!r)throw new q}function wr(r){if(typeof r!="string")throw new k}function Rr(r){return{ok:!0,value:r}}function _r(r){return{ok:!1,error:r}}function Mr(r){return(...e)=>{try{return Rr(r(...e))}catch(t){return _r(t)}}}function vr(r){return async(...e)=>{try{return Rr(await r(...e))}catch(t){return _r(t)}}}var X=class{constructor(e){this.crypto=e}get plugin(){return this.crypto}async hmac(e,t,o){try{let n=this.crypto.hmac(e,t,o);return n instanceof Promise?await n:n}catch(n){let i=n instanceof Error?n.message:String(n);throw new a(i,{cause:n})}}hmacSync(e,t,o){try{let n=this.crypto.hmac(e,t,o);if(n instanceof Promise)throw new a("Crypto plugin does not support synchronous HMAC operations");return n}catch(n){if(n instanceof a)throw n;let i=n instanceof Error?n.message:String(n);throw new a(i,{cause:n})}}randomBytes(e){try{return this.crypto.randomBytes(e)}catch(t){let o=t instanceof Error?t.message:String(t);throw new A(o,{cause:t})}}};function Ir(r){return new X(r)}var $=class{constructor(e){this.base32=e}get plugin(){return this.base32}encode(e,t){try{return this.base32.encode(e,t)}catch(o){let n=o instanceof Error?o.message:String(o);throw new C(n,{cause:o})}}decode(e){try{return this.base32.decode(e)}catch(t){let o=t instanceof Error?t.message:String(t);throw new S(o,{cause:t})}}};function Ur(r){return new $(r)}function Dr(r){return r.crypto!==void 0&&r.base32!==void 0}function Nr(r){return r.crypto!==void 0}function qr(r){return r.base32!==void 0}0&&(module.exports={AlgorithmError,Base32Context,Base32DecodeError,Base32EncodeError,Base32Error,Base32PluginMissingError,ConfigurationError,CounterError,CounterNegativeError,CounterOverflowError,CounterToleranceError,CounterToleranceTooLargeError,CryptoContext,CryptoError,CryptoPluginMissingError,DEFAULT_PERIOD,DigitsError,EpochToleranceError,EpochToleranceNegativeError,EpochToleranceTooLargeError,HMACError,IssuerMissingError,LabelMissingError,MAX_COUNTER,MAX_PERIOD,MAX_SECRET_BYTES,MAX_WINDOW,MIN_PERIOD,MIN_SECRET_BYTES,OTPError,PeriodError,PeriodTooLargeError,PeriodTooSmallError,PluginError,RECOMMENDED_SECRET_BYTES,RandomBytesError,SecretError,SecretMissingError,SecretTooLongError,SecretTooShortError,SecretTypeError,TimeError,TimeNegativeError,TokenError,TokenFormatError,TokenLengthError,constantTimeEqual,counterToBytes,createBase32Context,createCryptoContext,createGuardrails,dynamicTruncate,generateSecret,getDigestSize,hasBase32,hasCrypto,hasGuardrailOverrides,hasPlugins,hexToBytes,normalizeCounterTolerance,normalizeEpochTolerance,normalizeSecret,requireBase32Plugin,requireBase32String,requireCryptoPlugin,requireIssuer,requireLabel,requireSecret,stringToBytes,truncateDigits,validateByteLengthEqual,validateCounter,validateCounterTolerance,validateEpochTolerance,validatePeriod,validateSecret,validateTime,validateToken,wrapResult,wrapResultAsync});
2
2
  //# sourceMappingURL=index.cjs.map