@robelest/convex-auth 0.0.4-preview.2 → 0.0.4-preview.21

package/dist/providers/sso.js

@@ -0,0 +1,34 @@
+//#region src/providers/sso.ts
+/**
+* Enterprise SSO provider.
+*
+* Zero-configuration — sensible defaults are applied for all enterprise
+* protocols (OIDC, SAML, SCIM). Per-tenant configuration is done at
+* runtime via `auth.sso.*` helpers.
+*
+* @example
+* ```ts
+* import { createAuth } from "@robelest/convex-auth/component";
+* import { SSO, Password } from "@robelest/convex-auth/providers";
+* import { components } from "./_generated/api";
+*
+* export const auth = createAuth(components.auth, {
+*   providers: [new SSO(), new Password()],
+* });
+* ```
+*/
+var SSO = class {
+	id = "enterprise-sso";
+	type = "sso";
+	/** @internal Convert to the internal materialized config shape. */
+	_toMaterialized() {
+		return {
+			id: this.id,
+			type: "sso"
+		};
+	}
+};
+
+//#endregion
+export { SSO };
+//# sourceMappingURL=sso.js.map

package/dist/providers/sso.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sso.js","names":[],"sources":["../../src/providers/sso.ts"],"sourcesContent":["/**\n * Enterprise SSO provider (OIDC + SAML + SCIM).\n *\n * Adding `new SSO()` to your providers list enables enterprise SSO\n * sign-in flows and registers the OIDC, SAML, and SCIM runtime HTTP\n * routes. It also makes `auth.sso.*` available on the auth\n * object returned by `createAuth`.\n *\n * ```ts\n * import { SSO } from \"@robelest/convex-auth/providers\";\n *\n * const auth = createAuth(components.auth, {\n *   providers: [new SSO(), new Password()],\n * });\n *\n * // auth.sso is now available\n * await auth.sso.admin.oidc.configure(ctx, { enterpriseId, clientId, ... });\n * ```\n *\n * Without `new SSO()` in the providers list, `auth.sso` is not\n * present on the returned object and accessing it is a TypeScript error.\n *\n * @module\n */\n\nimport type { SSOProviderConfig } from \"../server/types\";\n\n/**\n * Enterprise SSO provider.\n *\n * Zero-configuration — sensible defaults are applied for all enterprise\n * protocols (OIDC, SAML, SCIM). Per-tenant configuration is done at\n * runtime via `auth.sso.*` helpers.\n *\n * @example\n * ```ts\n * import { createAuth } from \"@robelest/convex-auth/component\";\n * import { SSO, Password } from \"@robelest/convex-auth/providers\";\n * import { components } from \"./_generated/api\";\n *\n * export const auth = createAuth(components.auth, {\n *   providers: [new SSO(), new Password()],\n * });\n * ```\n */\nexport class SSO {\n  readonly id = \"enterprise-sso\";\n  readonly type = \"sso\" as const;\n\n  /** @internal Convert to the internal materialized config shape. */\n  _toMaterialized(): SSOProviderConfig {\n    return { id: this.id, type: \"sso\" };\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;AA6CA,IAAa,MAAb,MAAiB;CACf,AAAS,KAAK;CACd,AAAS,OAAO;;CAGhB,kBAAqC;AACnC,SAAO;GAAE,IAAI,KAAK;GAAI,MAAM;GAAO"}

package/dist/providers/totp.d.ts

@@ -1,6 +1,15 @@
-import { TotpProviderConfig } from "../server/types.js";
-
 //#region src/providers/totp.d.ts
+/**
+ * TOTP (Time-based One-Time Password) two-factor authentication provider.
+ *
+ * ```ts
+ * import { Totp } from "@robelest/convex-auth/providers";
+ *
+ * new Totp({ issuer: "My App" })
+ * ```
+ *
+ * @module
+ */
 /**
  * Configuration for the TOTP provider.
  */
@@ -30,13 +39,7 @@ declare class Totp {
   readonly type: "totp";
   readonly config: TotpConfig;
   constructor(config?: TotpConfig);
-  /** @internal Convert to the internal materialized config shape. */
-  _toMaterialized(): TotpProviderConfig;
 }
-/**
- * @deprecated Use `new Totp(config)` instead.
- */
-declare function totp(config?: TotpConfig): TotpProviderConfig;
 //#endregion
-export { Totp, TotpConfig, totp as default };
+export { Totp, TotpConfig };
 //# sourceMappingURL=totp.d.ts.map

package/dist/providers/totp.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"totp.d.ts","names":[],"sources":["../../src/providers/totp.ts"],"mappings":";;;AAuCA;;;AAAA,UAtBiB,UAAA;EA2BK;EAzBpB,MAAA;EA+BqC;EA7BrC,MAAA;EAmBS;EAjBT,MAAA;AAAA;;;;;;;;;AAsCD;;;;;cAtBY,IAAA;EAAA,SACF,EAAA;EAAA,SACA,IAAA;EAAA,SACA,MAAA,EAAQ,UAAA;cAEL,MAAA,GAAQ,UAAA;;EAMpB,eAAA,CAAA,GAAmB,kBAAA;AAAA;;;;iBAoBG,IAAA,CACtB,MAAA,GAAS,UAAA,GACR,kBAAA"}
+{"version":3,"file":"totp.d.ts","names":[],"sources":["../../src/providers/totp.ts"],"mappings":";;AAiBA;;;;;;;;;AAsBA;;;;UAtBiB,UAAA;EAwBN;EAtBT,MAAA;EAuBiB;EArBjB,MAAA;EAuBoB;EArBpB,MAAA;AAAA;;;;;;;;;;;;;;cAgBW,IAAA;EAAA,SACF,EAAA;EAAA,SACA,IAAA;EAAA,SACA,MAAA,EAAQ,UAAA;cAEL,MAAA,GAAQ,UAAA;AAAA"}

package/dist/providers/totp.js

@@ -33,13 +33,7 @@ var Totp = class {
 		};
 	}
 };
-/**
-* @deprecated Use `new Totp(config)` instead.
-*/
-function totp(config) {
-	return new Totp(config)._toMaterialized();
-}
 
 //#endregion
-export { Totp, totp as default };
+export { Totp };
 //# sourceMappingURL=totp.js.map

package/dist/providers/totp.js.map

@@ -1 +1 @@
-{"version":3,"file":"totp.js","names":[],"sources":["../../src/providers/totp.ts"],"sourcesContent":["/**\n * TOTP (Time-based One-Time Password) two-factor authentication provider.\n *\n * ```ts\n * import { Totp } from \"@robelest/convex-auth/providers\";\n *\n * new Totp({ issuer: \"My App\" })\n * ```\n *\n * @module\n */\n\nimport type { TotpProviderConfig } from \"../server/types\";\n\n/**\n * Configuration for the TOTP provider.\n */\nexport interface TotpConfig {\n  /** Issuer name shown in authenticator apps (e.g. \"My App\"). */\n  issuer?: string;\n  /** Number of digits in each code (default: 6). */\n  digits?: number;\n  /** Time period in seconds for code rotation (default: 30). */\n  period?: number;\n}\n\n/**\n * TOTP (Time-based One-Time Password) two-factor authentication provider.\n *\n * Generates time-based one-time passwords compatible with authenticator\n * apps like Google Authenticator and Authy.\n *\n * @example\n * ```ts\n * import { Totp } from \"@robelest/convex-auth/providers\";\n *\n * new Totp({ issuer: \"My App\" })\n * ```\n */\nexport class Totp {\n  readonly id: string;\n  readonly type = \"totp\" as const;\n  readonly config: TotpConfig;\n\n  constructor(config: TotpConfig = {}) {\n    this.id = \"totp\";\n    this.config = config;\n  }\n\n  /** @internal Convert to the internal materialized config shape. */\n  _toMaterialized(): TotpProviderConfig {\n    return {\n      id: this.id,\n      type: \"totp\",\n      options: {\n        issuer: this.config.issuer ?? \"ConvexAuth\",\n        digits: this.config.digits ?? 6,\n        period: this.config.period ?? 30,\n      },\n    };\n  }\n}\n\n// ============================================================================\n// Backward-compatible default export\n// ============================================================================\n\n/**\n * @deprecated Use `new Totp(config)` instead.\n */\nexport default function totp(\n  config?: TotpConfig,\n): TotpProviderConfig {\n  return new Totp(config)._toMaterialized();\n}\n"],"mappings":";;;;;;;;;;;;;;AAuCA,IAAa,OAAb,MAAkB;CAChB,AAAS;CACT,AAAS,OAAO;CAChB,AAAS;CAET,YAAY,SAAqB,EAAE,EAAE;AACnC,OAAK,KAAK;AACV,OAAK,SAAS;;;CAIhB,kBAAsC;AACpC,SAAO;GACL,IAAI,KAAK;GACT,MAAM;GACN,SAAS;IACP,QAAQ,KAAK,OAAO,UAAU;IAC9B,QAAQ,KAAK,OAAO,UAAU;IAC9B,QAAQ,KAAK,OAAO,UAAU;IAC/B;GACF;;;;;;AAWL,SAAwB,KACtB,QACoB;AACpB,QAAO,IAAI,KAAK,OAAO,CAAC,iBAAiB"}
+{"version":3,"file":"totp.js","names":[],"sources":["../../src/providers/totp.ts"],"sourcesContent":["/**\n * TOTP (Time-based One-Time Password) two-factor authentication provider.\n *\n * ```ts\n * import { Totp } from \"@robelest/convex-auth/providers\";\n *\n * new Totp({ issuer: \"My App\" })\n * ```\n *\n * @module\n */\n\nimport type { TotpProviderConfig } from \"../server/types\";\n\n/**\n * Configuration for the TOTP provider.\n */\nexport interface TotpConfig {\n  /** Issuer name shown in authenticator apps (e.g. \"My App\"). */\n  issuer?: string;\n  /** Number of digits in each code (default: 6). */\n  digits?: number;\n  /** Time period in seconds for code rotation (default: 30). */\n  period?: number;\n}\n\n/**\n * TOTP (Time-based One-Time Password) two-factor authentication provider.\n *\n * Generates time-based one-time passwords compatible with authenticator\n * apps like Google Authenticator and Authy.\n *\n * @example\n * ```ts\n * import { Totp } from \"@robelest/convex-auth/providers\";\n *\n * new Totp({ issuer: \"My App\" })\n * ```\n */\nexport class Totp {\n  readonly id: string;\n  readonly type = \"totp\" as const;\n  readonly config: TotpConfig;\n\n  constructor(config: TotpConfig = {}) {\n    this.id = \"totp\";\n    this.config = config;\n  }\n\n  /** @internal Convert to the internal materialized config shape. */\n  _toMaterialized(): TotpProviderConfig {\n    return {\n      id: this.id,\n      type: \"totp\",\n      options: {\n        issuer: this.config.issuer ?? \"ConvexAuth\",\n        digits: this.config.digits ?? 6,\n        period: this.config.period ?? 30,\n      },\n    };\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;AAuCA,IAAa,OAAb,MAAkB;CAChB,AAAS;CACT,AAAS,OAAO;CAChB,AAAS;CAET,YAAY,SAAqB,EAAE,EAAE;AACnC,OAAK,KAAK;AACV,OAAK,SAAS;;;CAIhB,kBAAsC;AACpC,SAAO;GACL,IAAI,KAAK;GACT,MAAM;GACN,SAAS;IACP,QAAQ,KAAK,OAAO,UAAU;IAC9B,QAAQ,KAAK,OAAO,UAAU;IAC9B,QAAQ,KAAK,OAAO,UAAU;IAC/B;GACF"}

package/dist/runtime/browser.js

@@ -0,0 +1,68 @@
+import { Fx } from "@robelest/fx";
+
+//#region src/client/runtime/browser.ts
+/** @internal */
+function base64urlEncode(buffer) {
+	const bytes = new Uint8Array(buffer);
+	let binary = "";
+	for (let i = 0; i < bytes.byteLength; i++) binary += String.fromCharCode(bytes[i]);
+	return btoa(binary).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+/** @internal */
+function base64urlDecode(str) {
+	const padded = str.replace(/-/g, "+").replace(/_/g, "/");
+	const binary = atob(padded);
+	const bytes = new Uint8Array(binary.length);
+	for (let i = 0; i < binary.length; i++) bytes[i] = binary.charCodeAt(i);
+	return bytes;
+}
+/** @internal */
+async function browserMutex(key, callback) {
+	const lockManager = globalThis?.navigator?.locks;
+	return lockManager !== void 0 ? await lockManager.request(key, callback) : await manualMutex(key, callback);
+}
+/** @internal */
+function getStorageListenerRegistry() {
+	const globalAny = globalThis;
+	if (globalAny.__convexAuthStorageListeners === void 0) globalAny.__convexAuthStorageListeners = {};
+	return globalAny.__convexAuthStorageListeners;
+}
+function getManualMutexTails() {
+	const globalAny = globalThis;
+	if (globalAny.__convexAuthMutexTails === void 0) globalAny.__convexAuthMutexTails = {};
+	return globalAny.__convexAuthMutexTails;
+}
+async function manualMutex(key, callback) {
+	const mutexTails = getManualMutexTails();
+	const previousTail = mutexTails[key] ?? Promise.resolve();
+	let releaseCurrent;
+	const currentTail = new Promise((resolve) => {
+		releaseCurrent = resolve;
+	});
+	mutexTails[key] = previousTail.then(() => currentTail, () => currentTail);
+	await Fx.run(Fx.from({
+		ok: () => previousTail,
+		err: () => void 0
+	}).pipe(Fx.recover(() => Fx.succeed(void 0))));
+	let result;
+	let threw = false;
+	let thrownError;
+	await Fx.run(Fx.from({
+		ok: async () => {
+			result = await callback();
+		},
+		err: (e) => e
+	}).pipe(Fx.recover((e) => {
+		threw = true;
+		thrownError = e;
+		return Fx.succeed(void 0);
+	})));
+	releaseCurrent?.();
+	if (mutexTails[key] === currentTail) delete mutexTails[key];
+	if (threw) throw thrownError;
+	return result;
+}
+
+//#endregion
+export { base64urlDecode, base64urlEncode, browserMutex, getStorageListenerRegistry };
+//# sourceMappingURL=browser.js.map

package/dist/runtime/browser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"browser.js","names":[],"sources":["../../src/client/runtime/browser.ts"],"sourcesContent":["import { Fx } from \"@robelest/fx\";\n\n/** @internal */\nexport function base64urlEncode(buffer: ArrayBuffer): string {\n  const bytes = new Uint8Array(buffer);\n  let binary = \"\";\n  for (let i = 0; i < bytes.byteLength; i++) {\n    binary += String.fromCharCode(bytes[i]!);\n  }\n  return btoa(binary)\n    .replace(/\\+/g, \"-\")\n    .replace(/\\//g, \"_\")\n    .replace(/=+$/, \"\");\n}\n\n/** @internal */\nexport function base64urlDecode(str: string): Uint8Array {\n  const padded = str.replace(/-/g, \"+\").replace(/_/g, \"/\");\n  const binary = atob(padded);\n  const bytes = new Uint8Array(binary.length);\n  for (let i = 0; i < binary.length; i++) {\n    bytes[i] = binary.charCodeAt(i);\n  }\n  return bytes;\n}\n\n/** @internal */\nexport async function browserMutex<T>(\n  key: string,\n  callback: () => Promise<T>,\n): Promise<T> {\n  const lockManager = (globalThis as any)?.navigator?.locks;\n  return lockManager !== undefined\n    ? await lockManager.request(key, callback)\n    : await manualMutex(key, callback);\n}\n\n/** @internal */\nexport function getStorageListenerRegistry(): Record<\n  string,\n  (event: StorageEvent) => void\n> {\n  const globalAny = globalThis as any;\n  if (globalAny.__convexAuthStorageListeners === undefined) {\n    globalAny.__convexAuthStorageListeners = {} as Record<\n      string,\n      (event: StorageEvent) => void\n    >;\n  }\n  return globalAny.__convexAuthStorageListeners as Record<\n    string,\n    (event: StorageEvent) => void\n  >;\n}\n\nfunction getManualMutexTails(): Record<string, Promise<void>> {\n  const globalAny = globalThis as any;\n  if (globalAny.__convexAuthMutexTails === undefined) {\n    globalAny.__convexAuthMutexTails = {} as Record<string, Promise<void>>;\n  }\n  return globalAny.__convexAuthMutexTails as Record<string, Promise<void>>;\n}\n\nasync function manualMutex<T>(\n  key: string,\n  callback: () => Promise<T>,\n): Promise<T> {\n  const mutexTails = getManualMutexTails();\n  const previousTail = mutexTails[key] ?? Promise.resolve();\n\n  let releaseCurrent: (() => void) | undefined;\n  const currentTail = new Promise<void>((resolve) => {\n    releaseCurrent = resolve;\n  });\n\n  mutexTails[key] = previousTail.then(\n    () => currentTail,\n    () => currentTail,\n  );\n\n  await Fx.run(\n    Fx.from({\n      ok: () => previousTail,\n      err: () => undefined,\n    }).pipe(Fx.recover(() => Fx.succeed(undefined))),\n  );\n  let result: T;\n  let threw = false;\n  let thrownError: unknown;\n  await Fx.run(\n    Fx.from({\n      ok: async () => {\n        result = await callback();\n      },\n      err: (e) => e,\n    }).pipe(\n      Fx.recover((e) => {\n        threw = true;\n        thrownError = e;\n        return Fx.succeed(undefined);\n      }),\n    ),\n  );\n  releaseCurrent?.();\n  if (mutexTails[key] === currentTail) {\n    delete mutexTails[key];\n  }\n  if (threw) {\n    throw thrownError;\n  }\n  return result!;\n}\n"],"mappings":";;;;AAGA,SAAgB,gBAAgB,QAA6B;CAC3D,MAAM,QAAQ,IAAI,WAAW,OAAO;CACpC,IAAI,SAAS;AACb,MAAK,IAAI,IAAI,GAAG,IAAI,MAAM,YAAY,IACpC,WAAU,OAAO,aAAa,MAAM,GAAI;AAE1C,QAAO,KAAK,OAAO,CAChB,QAAQ,OAAO,IAAI,CACnB,QAAQ,OAAO,IAAI,CACnB,QAAQ,OAAO,GAAG;;;AAIvB,SAAgB,gBAAgB,KAAyB;CACvD,MAAM,SAAS,IAAI,QAAQ,MAAM,IAAI,CAAC,QAAQ,MAAM,IAAI;CACxD,MAAM,SAAS,KAAK,OAAO;CAC3B,MAAM,QAAQ,IAAI,WAAW,OAAO,OAAO;AAC3C,MAAK,IAAI,IAAI,GAAG,IAAI,OAAO,QAAQ,IACjC,OAAM,KAAK,OAAO,WAAW,EAAE;AAEjC,QAAO;;;AAIT,eAAsB,aACpB,KACA,UACY;CACZ,MAAM,cAAe,YAAoB,WAAW;AACpD,QAAO,gBAAgB,SACnB,MAAM,YAAY,QAAQ,KAAK,SAAS,GACxC,MAAM,YAAY,KAAK,SAAS;;;AAItC,SAAgB,6BAGd;CACA,MAAM,YAAY;AAClB,KAAI,UAAU,iCAAiC,OAC7C,WAAU,+BAA+B,EAAE;AAK7C,QAAO,UAAU;;AAMnB,SAAS,sBAAqD;CAC5D,MAAM,YAAY;AAClB,KAAI,UAAU,2BAA2B,OACvC,WAAU,yBAAyB,EAAE;AAEvC,QAAO,UAAU;;AAGnB,eAAe,YACb,KACA,UACY;CACZ,MAAM,aAAa,qBAAqB;CACxC,MAAM,eAAe,WAAW,QAAQ,QAAQ,SAAS;CAEzD,IAAI;CACJ,MAAM,cAAc,IAAI,SAAe,YAAY;AACjD,mBAAiB;GACjB;AAEF,YAAW,OAAO,aAAa,WACvB,mBACA,YACP;AAED,OAAM,GAAG,IACP,GAAG,KAAK;EACN,UAAU;EACV,WAAW;EACZ,CAAC,CAAC,KAAK,GAAG,cAAc,GAAG,QAAQ,OAAU,CAAC,CAAC,CACjD;CACD,IAAI;CACJ,IAAI,QAAQ;CACZ,IAAI;AACJ,OAAM,GAAG,IACP,GAAG,KAAK;EACN,IAAI,YAAY;AACd,YAAS,MAAM,UAAU;;EAE3B,MAAM,MAAM;EACb,CAAC,CAAC,KACD,GAAG,SAAS,MAAM;AAChB,UAAQ;AACR,gBAAc;AACd,SAAO,GAAG,QAAQ,OAAU;GAC5B,CACH,CACF;AACD,mBAAkB;AAClB,KAAI,WAAW,SAAS,YACtB,QAAO,WAAW;AAEpB,KAAI,MACF,OAAM;AAER,QAAO"}

package/dist/runtime/invite.js

@@ -0,0 +1,51 @@
+//#region src/client/runtime/invite.ts
+/** @internal */
+function createInviteManager(args) {
+	const { param, storageGet, storageSet, storageRemove, cleanUrlParams, tokenKey, emailKey } = args;
+	let pendingInvite = null;
+	const urlInviteToken = param("invite");
+	if (urlInviteToken) pendingInvite = {
+		token: urlInviteToken,
+		email: param("email")
+	};
+	else (async () => {
+		const storedToken = await storageGet(tokenKey);
+		if (storedToken && !pendingInvite) {
+			pendingInvite = {
+				token: storedToken,
+				email: await storageGet(emailKey) ?? null
+			};
+			storageRemove(tokenKey);
+			storageRemove(emailKey);
+		}
+	})();
+	return {
+		getPendingInvite() {
+			return pendingInvite;
+		},
+		async persistInvite() {
+			if (!pendingInvite) return;
+			await storageSet(tokenKey, pendingInvite.token);
+			if (pendingInvite.email) await storageSet(emailKey, pendingInvite.email);
+		},
+		async acceptInvite() {
+			if (!pendingInvite) return {
+				ok: false,
+				message: "No pending invite"
+			};
+			const { token } = pendingInvite;
+			pendingInvite = null;
+			storageRemove(tokenKey);
+			storageRemove(emailKey);
+			cleanUrlParams(["invite", "email"]);
+			return {
+				ok: true,
+				token
+			};
+		}
+	};
+}
+
+//#endregion
+export { createInviteManager };
+//# sourceMappingURL=invite.js.map

package/dist/runtime/invite.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"invite.js","names":[],"sources":["../../src/client/runtime/invite.ts"],"sourcesContent":["/** @internal */\nexport function createInviteManager(args: {\n  param: (name: string) => string | null;\n  storageGet: (name: string) => Promise<string | null>;\n  storageSet: (name: string, value: string) => Promise<void>;\n  storageRemove: (name: string) => Promise<void>;\n  cleanUrlParams: (params: string[]) => void;\n  tokenKey: string;\n  emailKey: string;\n}) {\n  const {\n    param,\n    storageGet,\n    storageSet,\n    storageRemove,\n    cleanUrlParams,\n    tokenKey,\n    emailKey,\n  } = args;\n\n  let pendingInvite: { token: string; email: string | null } | null = null;\n\n  const urlInviteToken = param(\"invite\");\n  if (urlInviteToken) {\n    pendingInvite = { token: urlInviteToken, email: param(\"email\") };\n  } else {\n    void (async () => {\n      const storedToken = await storageGet(tokenKey);\n      if (storedToken && !pendingInvite) {\n        pendingInvite = {\n          token: storedToken,\n          email: (await storageGet(emailKey)) ?? null,\n        };\n        void storageRemove(tokenKey);\n        void storageRemove(emailKey);\n      }\n    })();\n  }\n\n  return {\n    getPendingInvite() {\n      return pendingInvite;\n    },\n    async persistInvite() {\n      if (!pendingInvite) return;\n      await storageSet(tokenKey, pendingInvite.token);\n      if (pendingInvite.email) {\n        await storageSet(emailKey, pendingInvite.email);\n      }\n    },\n    async acceptInvite(): Promise<{\n      ok: boolean;\n      token?: string;\n      message?: string;\n    }> {\n      if (!pendingInvite) return { ok: false, message: \"No pending invite\" };\n      const { token } = pendingInvite;\n      pendingInvite = null;\n      void storageRemove(tokenKey);\n      void storageRemove(emailKey);\n      cleanUrlParams([\"invite\", \"email\"]);\n      return { ok: true, token };\n    },\n  };\n}\n"],"mappings":";;AACA,SAAgB,oBAAoB,MAQjC;CACD,MAAM,EACJ,OACA,YACA,YACA,eACA,gBACA,UACA,aACE;CAEJ,IAAI,gBAAgE;CAEpE,MAAM,iBAAiB,MAAM,SAAS;AACtC,KAAI,eACF,iBAAgB;EAAE,OAAO;EAAgB,OAAO,MAAM,QAAQ;EAAE;KAEhE,EAAM,YAAY;EAChB,MAAM,cAAc,MAAM,WAAW,SAAS;AAC9C,MAAI,eAAe,CAAC,eAAe;AACjC,mBAAgB;IACd,OAAO;IACP,OAAQ,MAAM,WAAW,SAAS,IAAK;IACxC;AACD,GAAK,cAAc,SAAS;AAC5B,GAAK,cAAc,SAAS;;KAE5B;AAGN,QAAO;EACL,mBAAmB;AACjB,UAAO;;EAET,MAAM,gBAAgB;AACpB,OAAI,CAAC,cAAe;AACpB,SAAM,WAAW,UAAU,cAAc,MAAM;AAC/C,OAAI,cAAc,MAChB,OAAM,WAAW,UAAU,cAAc,MAAM;;EAGnD,MAAM,eAIH;AACD,OAAI,CAAC,cAAe,QAAO;IAAE,IAAI;IAAO,SAAS;IAAqB;GACtE,MAAM,EAAE,UAAU;AAClB,mBAAgB;AAChB,GAAK,cAAc,SAAS;AAC5B,GAAK,cAAc,SAAS;AAC5B,kBAAe,CAAC,UAAU,QAAQ,CAAC;AACnC,UAAO;IAAE,IAAI;IAAM;IAAO;;EAE7B"}

package/dist/runtime/proxy.js

@@ -0,0 +1,70 @@
+import { Fx } from "@robelest/fx";
+import { ConvexError } from "convex/values";
+
+//#region src/client/runtime/proxy.ts
+const NETWORK_ERROR_PATTERN = /(network|fetch|load failed|failed to fetch)/i;
+/** @internal */
+function isTransientNetworkError(error) {
+	return error instanceof TypeError || error instanceof Error && NETWORK_ERROR_PATTERN.test(error.message || "");
+}
+/** @internal */
+function isRetriableProxyRefreshError(error) {
+	if (isTransientNetworkError(error)) return true;
+	if (!(error instanceof Error)) return false;
+	const statusMatch = error.message.match(/Proxy request failed:\s*(\d{3})/);
+	if (statusMatch === null) return false;
+	const statusCode = Number(statusMatch[1]);
+	return statusCode >= 500 && statusCode < 600;
+}
+/** @internal */
+function createProxyHelpers(args) {
+	const { proxy } = args;
+	const resolveProxyUrl = () => {
+		const origin = typeof window !== "undefined" && typeof window.location?.origin === "string" ? window.location.origin : typeof location !== "undefined" && typeof location.origin === "string" ? location.origin : null;
+		if (origin !== null) return new URL(proxy, origin).toString();
+		return Fx.run(Fx.from({
+			ok: () => new URL(proxy).toString(),
+			err: () => proxy
+		}).pipe(Fx.recover((fallback) => Fx.succeed(fallback))));
+	};
+	const isAbsoluteUrl = (value) => {
+		return Fx.run(Fx.from({
+			ok: () => {
+				new URL(value);
+				return true;
+			},
+			err: () => false
+		}).pipe(Fx.recover((v) => Fx.succeed(v))));
+	};
+	const proxyFetch = async (body) => {
+		const proxyUrl = await resolveProxyUrl();
+		if (typeof window === "undefined" && !await isAbsoluteUrl(proxyUrl)) throw new Error(`Cannot call relative proxy URL \`${proxy}\` without a browser origin. Pass an absolute proxy URL for server runtimes.`);
+		const response = await fetch(proxyUrl, {
+			method: "POST",
+			headers: { "Content-Type": "application/json" },
+			credentials: "include",
+			body: JSON.stringify(body)
+		});
+		if (!response.ok) {
+			const errorBody = await Fx.run(Fx.from({
+				ok: () => response.json(),
+				err: () => ({})
+			}).pipe(Fx.recover((fallback) => Fx.succeed(fallback))));
+			if (typeof errorBody === "object" && errorBody !== null && "authError" in errorBody && typeof errorBody.authError === "object") throw new ConvexError(errorBody.authError);
+			throw new Error(errorBody.error ?? `Proxy request failed: ${response.status}`);
+		}
+		return Fx.run(Fx.from({
+			ok: () => response.json(),
+			err: () => /* @__PURE__ */ new Error("Proxy response was not valid JSON")
+		}).pipe(Fx.recover((e) => Fx.fatal(e))));
+	};
+	return {
+		isAbsoluteUrl,
+		proxyFetch,
+		resolveProxyUrl
+	};
+}
+
+//#endregion
+export { createProxyHelpers, isRetriableProxyRefreshError, isTransientNetworkError };
+//# sourceMappingURL=proxy.js.map

package/dist/runtime/proxy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"proxy.js","names":[],"sources":["../../src/client/runtime/proxy.ts"],"sourcesContent":["import { Fx } from \"@robelest/fx\";\nimport { ConvexError, type Value } from \"convex/values\";\n\nconst NETWORK_ERROR_PATTERN = /(network|fetch|load failed|failed to fetch)/i;\n\n/** @internal */\nexport function isTransientNetworkError(error: unknown): boolean {\n  return (\n    error instanceof TypeError ||\n    (error instanceof Error && NETWORK_ERROR_PATTERN.test(error.message || \"\"))\n  );\n}\n\n/** @internal */\nexport function isRetriableProxyRefreshError(error: unknown): boolean {\n  if (isTransientNetworkError(error)) {\n    return true;\n  }\n  if (!(error instanceof Error)) {\n    return false;\n  }\n  const statusMatch = error.message.match(/Proxy request failed:\\s*(\\d{3})/);\n  if (statusMatch === null) {\n    return false;\n  }\n  const statusCode = Number(statusMatch[1]);\n  return statusCode >= 500 && statusCode < 600;\n}\n\n/** @internal */\nexport function createProxyHelpers(args: { proxy: string | undefined }) {\n  const { proxy } = args;\n\n  const resolveProxyUrl = () => {\n    const origin =\n      typeof window !== \"undefined\" &&\n      typeof window.location?.origin === \"string\"\n        ? window.location.origin\n        : typeof location !== \"undefined\" && typeof location.origin === \"string\"\n          ? location.origin\n          : null;\n    if (origin !== null) {\n      return new URL(proxy!, origin).toString();\n    }\n    return Fx.run(\n      Fx.from({\n        ok: () => new URL(proxy!).toString(),\n        err: () => proxy! as string,\n      }).pipe(Fx.recover((fallback) => Fx.succeed(fallback))),\n    );\n  };\n\n  const isAbsoluteUrl = (value: string) => {\n    return Fx.run(\n      Fx.from({\n        ok: () => {\n          new URL(value);\n          return true;\n        },\n        err: () => false as const,\n      }).pipe(Fx.recover((v) => Fx.succeed(v))),\n    );\n  };\n\n  const proxyFetch = async (body: Record<string, unknown>) => {\n    const proxyUrl = await resolveProxyUrl();\n    if (typeof window === \"undefined\" && !(await isAbsoluteUrl(proxyUrl))) {\n      throw new Error(\n        `Cannot call relative proxy URL \\`${proxy!}\\` without a browser origin. ` +\n          \"Pass an absolute proxy URL for server runtimes.\",\n      );\n    }\n\n    const response = await fetch(proxyUrl, {\n      method: \"POST\",\n      headers: { \"Content-Type\": \"application/json\" },\n      credentials: \"include\",\n      body: JSON.stringify(body),\n    });\n    if (!response.ok) {\n      const errorBody = await Fx.run(\n        Fx.from({\n          ok: () => response.json() as Promise<Record<string, unknown>>,\n          err: () => ({}) as Record<string, unknown>,\n        }).pipe(Fx.recover((fallback) => Fx.succeed(fallback))),\n      );\n      if (\n        typeof errorBody === \"object\" &&\n        errorBody !== null &&\n        \"authError\" in errorBody &&\n        typeof (errorBody as Record<string, unknown>).authError === \"object\"\n      ) {\n        throw new ConvexError(\n          (errorBody as Record<string, unknown>).authError as Value,\n        );\n      }\n      throw new Error(\n        ((errorBody as Record<string, unknown>).error as string) ??\n          `Proxy request failed: ${response.status}`,\n      );\n    }\n    return Fx.run(\n      Fx.from({\n        ok: () => response.json(),\n        err: () => new Error(\"Proxy response was not valid JSON\"),\n      }).pipe(Fx.recover((e) => Fx.fatal(e))),\n    );\n  };\n\n  return { isAbsoluteUrl, proxyFetch, resolveProxyUrl };\n}\n"],"mappings":";;;;AAGA,MAAM,wBAAwB;;AAG9B,SAAgB,wBAAwB,OAAyB;AAC/D,QACE,iBAAiB,aAChB,iBAAiB,SAAS,sBAAsB,KAAK,MAAM,WAAW,GAAG;;;AAK9E,SAAgB,6BAA6B,OAAyB;AACpE,KAAI,wBAAwB,MAAM,CAChC,QAAO;AAET,KAAI,EAAE,iBAAiB,OACrB,QAAO;CAET,MAAM,cAAc,MAAM,QAAQ,MAAM,kCAAkC;AAC1E,KAAI,gBAAgB,KAClB,QAAO;CAET,MAAM,aAAa,OAAO,YAAY,GAAG;AACzC,QAAO,cAAc,OAAO,aAAa;;;AAI3C,SAAgB,mBAAmB,MAAqC;CACtE,MAAM,EAAE,UAAU;CAElB,MAAM,wBAAwB;EAC5B,MAAM,SACJ,OAAO,WAAW,eAClB,OAAO,OAAO,UAAU,WAAW,WAC/B,OAAO,SAAS,SAChB,OAAO,aAAa,eAAe,OAAO,SAAS,WAAW,WAC5D,SAAS,SACT;AACR,MAAI,WAAW,KACb,QAAO,IAAI,IAAI,OAAQ,OAAO,CAAC,UAAU;AAE3C,SAAO,GAAG,IACR,GAAG,KAAK;GACN,UAAU,IAAI,IAAI,MAAO,CAAC,UAAU;GACpC,WAAW;GACZ,CAAC,CAAC,KAAK,GAAG,SAAS,aAAa,GAAG,QAAQ,SAAS,CAAC,CAAC,CACxD;;CAGH,MAAM,iBAAiB,UAAkB;AACvC,SAAO,GAAG,IACR,GAAG,KAAK;GACN,UAAU;AACR,QAAI,IAAI,MAAM;AACd,WAAO;;GAET,WAAW;GACZ,CAAC,CAAC,KAAK,GAAG,SAAS,MAAM,GAAG,QAAQ,EAAE,CAAC,CAAC,CAC1C;;CAGH,MAAM,aAAa,OAAO,SAAkC;EAC1D,MAAM,WAAW,MAAM,iBAAiB;AACxC,MAAI,OAAO,WAAW,eAAe,CAAE,MAAM,cAAc,SAAS,CAClE,OAAM,IAAI,MACR,oCAAoC,MAAO,8EAE5C;EAGH,MAAM,WAAW,MAAM,MAAM,UAAU;GACrC,QAAQ;GACR,SAAS,EAAE,gBAAgB,oBAAoB;GAC/C,aAAa;GACb,MAAM,KAAK,UAAU,KAAK;GAC3B,CAAC;AACF,MAAI,CAAC,SAAS,IAAI;GAChB,MAAM,YAAY,MAAM,GAAG,IACzB,GAAG,KAAK;IACN,UAAU,SAAS,MAAM;IACzB,YAAY,EAAE;IACf,CAAC,CAAC,KAAK,GAAG,SAAS,aAAa,GAAG,QAAQ,SAAS,CAAC,CAAC,CACxD;AACD,OACE,OAAO,cAAc,YACrB,cAAc,QACd,eAAe,aACf,OAAQ,UAAsC,cAAc,SAE5D,OAAM,IAAI,YACP,UAAsC,UACxC;AAEH,SAAM,IAAI,MACN,UAAsC,SACtC,yBAAyB,SAAS,SACrC;;AAEH,SAAO,GAAG,IACR,GAAG,KAAK;GACN,UAAU,SAAS,MAAM;GACzB,2BAAW,IAAI,MAAM,oCAAoC;GAC1D,CAAC,CAAC,KAAK,GAAG,SAAS,MAAM,GAAG,MAAM,EAAE,CAAC,CAAC,CACxC;;AAGH,QAAO;EAAE;EAAe;EAAY;EAAiB"}

package/dist/runtime/storage.js

@@ -0,0 +1,37 @@
+import { Fx } from "@robelest/fx";
+
+//#region src/client/runtime/storage.ts
+/** @internal */
+function createStorageHelpers(args) {
+	const { storage, key } = args;
+	const get = async (name) => {
+		if (!storage) return null;
+		return Fx.run(Fx.from({
+			ok: async () => await storage.getItem(key(name)) ?? null,
+			err: (e) => e
+		}).pipe(Fx.inspect((error) => Fx.sync(() => console.error(`[convex-auth] Failed to read ${name} from storage:`, error))), Fx.recover(() => Fx.succeed(null))));
+	};
+	const set = async (name, value) => {
+		if (!storage) return;
+		await Fx.run(Fx.from({
+			ok: () => storage.setItem(key(name), value),
+			err: (e) => e
+		}).pipe(Fx.inspect((error) => Fx.sync(() => console.error(`[convex-auth] Failed to write ${name} to storage:`, error))), Fx.recover(() => Fx.succeed(void 0))));
+	};
+	const remove = async (name) => {
+		if (!storage) return;
+		await Fx.run(Fx.from({
+			ok: () => storage.removeItem(key(name)),
+			err: (e) => e
+		}).pipe(Fx.inspect((error) => Fx.sync(() => console.error(`[convex-auth] Failed to remove ${name} from storage:`, error))), Fx.recover(() => Fx.succeed(void 0))));
+	};
+	return {
+		get,
+		set,
+		remove
+	};
+}
+
+//#endregion
+export { createStorageHelpers };
+//# sourceMappingURL=storage.js.map

package/dist/runtime/storage.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"storage.js","names":[],"sources":["../../src/client/runtime/storage.ts"],"sourcesContent":["import { Fx } from \"@robelest/fx\";\n\nimport type { Storage } from \"../core/types\";\n\n/** @internal */\nexport function createStorageHelpers(args: {\n  storage: Storage | null;\n  key: (name: string) => string;\n}) {\n  const { storage, key } = args;\n\n  const get = async (name: string): Promise<string | null> => {\n    if (!storage) {\n      return null;\n    }\n    return Fx.run(\n      Fx.from({\n        ok: async () => (await storage.getItem(key(name))) ?? null,\n        err: (e) => e,\n      }).pipe(\n        Fx.inspect((error) =>\n          Fx.sync(() =>\n            console.error(\n              `[convex-auth] Failed to read ${name} from storage:`,\n              error,\n            ),\n          ),\n        ),\n        Fx.recover(() => Fx.succeed(null)),\n      ),\n    );\n  };\n\n  const set = async (name: string, value: string): Promise<void> => {\n    if (!storage) {\n      return;\n    }\n    await Fx.run(\n      Fx.from({\n        ok: () => storage.setItem(key(name), value),\n        err: (e) => e,\n      }).pipe(\n        Fx.inspect((error) =>\n          Fx.sync(() =>\n            console.error(\n              `[convex-auth] Failed to write ${name} to storage:`,\n              error,\n            ),\n          ),\n        ),\n        Fx.recover(() => Fx.succeed(undefined)),\n      ),\n    );\n  };\n\n  const remove = async (name: string): Promise<void> => {\n    if (!storage) {\n      return;\n    }\n    await Fx.run(\n      Fx.from({\n        ok: () => storage.removeItem(key(name)),\n        err: (e) => e,\n      }).pipe(\n        Fx.inspect((error) =>\n          Fx.sync(() =>\n            console.error(\n              `[convex-auth] Failed to remove ${name} from storage:`,\n              error,\n            ),\n          ),\n        ),\n        Fx.recover(() => Fx.succeed(undefined)),\n      ),\n    );\n  };\n\n  return { get, set, remove };\n}\n"],"mappings":";;;;AAKA,SAAgB,qBAAqB,MAGlC;CACD,MAAM,EAAE,SAAS,QAAQ;CAEzB,MAAM,MAAM,OAAO,SAAyC;AAC1D,MAAI,CAAC,QACH,QAAO;AAET,SAAO,GAAG,IACR,GAAG,KAAK;GACN,IAAI,YAAa,MAAM,QAAQ,QAAQ,IAAI,KAAK,CAAC,IAAK;GACtD,MAAM,MAAM;GACb,CAAC,CAAC,KACD,GAAG,SAAS,UACV,GAAG,WACD,QAAQ,MACN,gCAAgC,KAAK,iBACrC,MACD,CACF,CACF,EACD,GAAG,cAAc,GAAG,QAAQ,KAAK,CAAC,CACnC,CACF;;CAGH,MAAM,MAAM,OAAO,MAAc,UAAiC;AAChE,MAAI,CAAC,QACH;AAEF,QAAM,GAAG,IACP,GAAG,KAAK;GACN,UAAU,QAAQ,QAAQ,IAAI,KAAK,EAAE,MAAM;GAC3C,MAAM,MAAM;GACb,CAAC,CAAC,KACD,GAAG,SAAS,UACV,GAAG,WACD,QAAQ,MACN,iCAAiC,KAAK,eACtC,MACD,CACF,CACF,EACD,GAAG,cAAc,GAAG,QAAQ,OAAU,CAAC,CACxC,CACF;;CAGH,MAAM,SAAS,OAAO,SAAgC;AACpD,MAAI,CAAC,QACH;AAEF,QAAM,GAAG,IACP,GAAG,KAAK;GACN,UAAU,QAAQ,WAAW,IAAI,KAAK,CAAC;GACvC,MAAM,MAAM;GACb,CAAC,CAAC,KACD,GAAG,SAAS,UACV,GAAG,WACD,QAAQ,MACN,kCAAkC,KAAK,iBACvC,MACD,CACF,CACF,EACD,GAAG,cAAc,GAAG,QAAQ,OAAU,CAAC,CACxC,CACF;;AAGH,QAAO;EAAE;EAAK;EAAK;EAAQ"}