@rttnd/gau 1.3.0 → 1.3.1

package/dist/src/client/solid/Protected.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"Protected.d.ts","sourceRoot":"","sources":["../../../../src/client/solid/Protected.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AACnE,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAMzD,wBAAgB,SAAS,CAAC,KAAK,CAAC,KAAK,GAAG,OAAO,EAC7C,IAAI,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,UAAU,EACvE,kBAAkB,CAAC,EAAE,CAAC,MAAM,UAAU,CAAC,GAAG,MAAM,GAC/C,aAAa,CA0Bf"}
+{"version":3,"file":"Protected.d.ts","sourceRoot":"","sources":["../../../../src/client/solid/Protected.tsx"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AACnE,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAMzD,wBAAgB,SAAS,CAAC,KAAK,CAAC,KAAK,GAAG,OAAO,EAC7C,IAAI,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,UAAU,EACvE,kBAAkB,CAAC,EAAE,CAAC,MAAM,UAAU,CAAC,GAAG,MAAM,GAC/C,aAAa,CA4Bf"}

package/dist/src/client/solid/index.jsx

@@ -452,11 +452,13 @@ function Protected(page, fallbackOrRedirect) {
       });
       return null;
     };
-    return <Show
+    return <Show when={!auth.isLoading()} fallback={null}>
+        <Show
       when={auth.session().user}
       fallback={isRedirectMode ? <Redirect /> : Fallback ? <Fallback /> : null}
     >
-        {page(auth.session)}
+          {page(auth.session)}
+        </Show>
       </Show>;
   };
 }
@@ -497,7 +499,7 @@ function AuthProvider(props) {
       const s = props.session;
       return s?.loading ?? false;
     }
-    return internalSession.loading;
+    return !mounted() || internalSession.loading;
   });
   const refetch = async () => {
     if (hasExternalSession()) {

package/dist/src/src/adapters/drizzle/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/adapters/drizzle/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAC/C,OAAO,KAAK,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,UAAU,CAAA;AAEzD,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAA;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAEhD,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAA;AAK5D,wBAAgB,cAAc,CAC5B,CAAC,SAAS,UAAU,EACpB,CAAC,SAAS,aAAa,EAEvB,EAAE,EACE,kBAAkB,CAAC,MAAM,GAAG,OAAO,EAAE,GAAG,EAAE,GAAG,CAAC,GAC9C,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,GACjC,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAC7B,KAAK,EAAE,CAAC,EACR,QAAQ,EAAE,CAAC,GACV,OAAO,CAcT"}

package/dist/src/src/adapters/drizzle/mysql.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mysql.d.ts","sourceRoot":"","sources":["../../../../../src/adapters/drizzle/mysql.ts"],"names":[],"mappings":"AACA,wBAAgB,mBAAmB,IAAI,KAAK,CAE3C"}

package/dist/src/src/adapters/drizzle/pg.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pg.d.ts","sourceRoot":"","sources":["../../../../../src/adapters/drizzle/pg.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAsC,KAAK,EAAE,MAAM,aAAa,CAAA;AACvF,OAAO,KAAK,EAAE,UAAU,EAAW,MAAM,qBAAqB,CAAA;AAC9D,OAAO,KAAK,EAAW,OAAO,EAA6B,MAAM,YAAY,CAAA;AAG7E,MAAM,MAAM,UAAU,GAAG,KAAK,GAAG;IAC/B,EAAE,EAAE,SAAS,CAAA;IACb,IAAI,EAAE,SAAS,CAAA;IACf,KAAK,EAAE,SAAS,CAAA;IAChB,KAAK,EAAE,SAAS,CAAA;IAChB,aAAa,EAAE,SAAS,CAAA;IACxB,IAAI,CAAC,EAAE,SAAS,CAAA;IAChB,SAAS,EAAE,SAAS,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;CACrB,CAAA;AAED,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG;IAClC,MAAM,EAAE,SAAS,CAAA;IACjB,IAAI,EAAE,SAAS,CAAA;IACf,QAAQ,EAAE,SAAS,CAAA;IACnB,iBAAiB,EAAE,SAAS,CAAA;IAC5B,YAAY,EAAE,SAAS,CAAA;IACvB,WAAW,EAAE,SAAS,CAAA;IACtB,SAAS,EAAE,SAAS,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;IACpB,KAAK,EAAE,SAAS,CAAA;IAChB,OAAO,EAAE,SAAS,CAAA;IAClB,YAAY,CAAC,EAAE,SAAS,CAAA;CACzB,CAAA;AAED,wBAAgB,sBAAsB,CACpC,EAAE,SAAS,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EACpC,CAAC,SAAS,UAAU,EACpB,CAAC,SAAS,aAAa,EACvB,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,GAAG,OAAO,CA2JxC"}

package/dist/src/src/adapters/drizzle/sqlite.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sqlite.d.ts","sourceRoot":"","sources":["../../../../../src/adapters/drizzle/sqlite.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAsC,KAAK,EAAE,MAAM,aAAa,CAAA;AACvF,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAA;AACjE,OAAO,KAAK,EAAW,OAAO,EAA6B,MAAM,kBAAkB,CAAA;AAInF,MAAM,MAAM,UAAU,GAAG,KAAK,GAAG;IAC/B,EAAE,EAAE,SAAS,CAAA;IACb,IAAI,EAAE,SAAS,CAAA;IACf,KAAK,EAAE,SAAS,CAAA;IAChB,KAAK,EAAE,SAAS,CAAA;IAChB,aAAa,EAAE,SAAS,CAAA;IACxB,IAAI,CAAC,EAAE,SAAS,CAAA;IAChB,SAAS,EAAE,SAAS,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;CACrB,CAAA;AAED,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG;IAClC,MAAM,EAAE,SAAS,CAAA;IACjB,IAAI,EAAE,SAAS,CAAA;IACf,QAAQ,EAAE,SAAS,CAAA;IACnB,iBAAiB,EAAE,SAAS,CAAA;IAC5B,YAAY,EAAE,SAAS,CAAA;IACvB,WAAW,EAAE,SAAS,CAAA;IACtB,SAAS,EAAE,SAAS,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;IACpB,KAAK,EAAE,SAAS,CAAA;IAChB,OAAO,EAAE,SAAS,CAAA;IAClB,YAAY,CAAC,EAAE,SAAS,CAAA;CACzB,CAAA;AAED,wBAAgB,oBAAoB,CAClC,EAAE,SAAS,kBAAkB,CAAC,MAAM,GAAG,OAAO,EAAE,GAAG,EAAE,GAAG,CAAC,EACzD,CAAC,SAAS,UAAU,EACpB,CAAC,SAAS,aAAa,EACvB,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,GAAG,OAAO,CAkJxC"}

package/dist/src/src/adapters/drizzle/transaction.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"transaction.d.ts","sourceRoot":"","sources":["../../../../../src/adapters/drizzle/transaction.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAA;AAGjE;;;;;;;;;GASG;AACH,wBAAsB,WAAW,CAAC,CAAC,EACjC,EAAE,EAAE,kBAAkB,CAAC,MAAM,GAAG,OAAO,EAAE,GAAG,EAAE,GAAG,CAAC,EAClD,QAAQ,EAAE,CACR,EAAE,EAAE,IAAI,CAAC,OAAO,EAAE,EAAE,aAAa,CAAC,KAC/B,OAAO,CAAC,CAAC,CAAC,GACd,OAAO,CAAC,CAAC,CAAC,CAgBZ"}

package/dist/src/src/adapters/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/adapters/index.ts"],"names":[],"mappings":"AAAA,cAAc,WAAW,CAAA;AACzB,cAAc,UAAU,CAAA"}

package/dist/src/src/adapters/memory/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/adapters/memory/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAW,OAAO,EAA6B,MAAM,kBAAkB,CAAA;AAWnF,wBAAgB,aAAa,IAAI,OAAO,CAkHvC"}

package/dist/src/{cli → src/cli}/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/cli/index.ts"],"names":[],"mappings":""}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/cli/index.ts"],"names":[],"mappings":""}

package/dist/src/src/client/token.d.ts

@@ -0,0 +1,11 @@
+export declare const SESSION_TOKEN_KEY = "__gau-session-token";
+export declare const REFRESHED_TOKEN_HEADER = "X-Refreshed-Token";
+export declare function storeSessionToken(token: string): void;
+export declare function getSessionToken(): string | null;
+export declare function clearSessionToken(): void;
+export declare function handleRefreshedToken(response: Response): void;
+export declare function generatePKCE(): Promise<{
+    codeVerifier: string;
+    codeChallenge: string;
+}>;
+//# sourceMappingURL=token.d.ts.map

package/dist/src/src/client/token.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"token.d.ts","sourceRoot":"","sources":["../../../../src/client/token.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,iBAAiB,wBAAwB,CAAA;AAEtD,eAAO,MAAM,sBAAsB,sBAAsB,CAAA;AAEzD,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,QAO9C;AAED,wBAAgB,eAAe,IAAI,MAAM,GAAG,IAAI,CAS/C;AAED,wBAAgB,iBAAiB,SAOhC;AAED,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,QAAQ,GAAG,IAAI,CAM7D;AAED,wBAAsB,YAAY;;;GAsBjC"}

package/dist/src/src/core/cookies.d.ts

@@ -0,0 +1,24 @@
+import type { SerializeOptions } from 'cookie';
+export declare const DEFAULT_COOKIE_SERIALIZE_OPTIONS: SerializeOptions;
+export type Cookie = [string, string, SerializeOptions];
+export declare function parseCookies(cookieHeader: string | null | undefined): Map<string, string>;
+export declare class Cookies {
+    #private;
+    private readonly requestCookies;
+    private readonly defaultOptions;
+    constructor(requestCookies: Map<string, string>, defaultOptions: SerializeOptions);
+    get(name: string): string | undefined;
+    set(name: string, value: string, options?: SerializeOptions): void;
+    delete(name: string, options?: Omit<SerializeOptions, 'expires' | 'maxAge'>): void;
+    toHeaders(): Headers;
+}
+export declare const CSRF_COOKIE_NAME = "__gau-csrf-token";
+export declare const SESSION_COOKIE_NAME = "__gau-session-token";
+export declare const SESSION_STRATEGY_COOKIE_NAME = "__gau-session-strategy";
+export declare const LINKING_TOKEN_COOKIE_NAME = "__gau-linking-token";
+export declare const PKCE_COOKIE_NAME = "__gau-pkce-code-verifier";
+export declare const CALLBACK_URI_COOKIE_NAME = "__gau-callback-uri";
+export declare const PROVIDER_OPTIONS_COOKIE_NAME = "__gau-provider-options";
+export declare const CLIENT_CHALLENGE_COOKIE_NAME = "__gau-client-challenge";
+export declare const CSRF_MAX_AGE: number;
+//# sourceMappingURL=cookies.d.ts.map

package/dist/src/src/core/cookies.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cookies.d.ts","sourceRoot":"","sources":["../../../../src/core/cookies.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAA;AAG9C,eAAO,MAAM,gCAAgC,EAAE,gBAK9C,CAAA;AAED,MAAM,MAAM,MAAM,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,gBAAgB,CAAC,CAAA;AAEvD,wBAAgB,YAAY,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAQzF;AAED,qBAAa,OAAO;;IAIhB,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAFjC,YACmB,cAAc,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,EACnC,cAAc,EAAE,gBAAgB,EAC/C;IAEJ,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAEpC;IAED,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,IAAI,CAGjE;IAED,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,CAAC,gBAAgB,EAAE,SAAS,GAAG,QAAQ,CAAC,GAAG,IAAI,CAEjF;IAED,SAAS,IAAI,OAAO,CAMnB;CACF;AAED,eAAO,MAAM,gBAAgB,qBAAqB,CAAA;AAClD,eAAO,MAAM,mBAAmB,wBAAwB,CAAA;AACxD,eAAO,MAAM,4BAA4B,2BAA2B,CAAA;AACpE,eAAO,MAAM,yBAAyB,wBAAwB,CAAA;AAC9D,eAAO,MAAM,gBAAgB,6BAA6B,CAAA;AAC1D,eAAO,MAAM,wBAAwB,uBAAuB,CAAA;AAC5D,eAAO,MAAM,4BAA4B,2BAA2B,CAAA;AACpE,eAAO,MAAM,4BAA4B,2BAA2B,CAAA;AAEpE,eAAO,MAAM,YAAY,QAAU,CAAA"}

package/dist/src/src/core/createAuth.d.ts

@@ -0,0 +1,278 @@
+import type { OAuth2Tokens } from 'arctic';
+import type { SerializeOptions } from 'cookie';
+import type { SignOptions, VerifyOptions } from '../jwt';
+import type { AuthUser, OAuthProvider, OAuthProviderConfig, ProviderProfileOverrides } from '../oauth';
+import type { Cookies } from './cookies';
+import type { Adapter, GauServerSession } from './index';
+type ProviderId<P> = P extends OAuthProvider<infer T> ? T : never;
+export type ProviderIds<T> = T extends {
+    providerMap: Map<infer K extends string, any>;
+} ? K : string;
+export type ProfileName<T, P extends string> = T extends {
+    profiles: infer R;
+} ? P extends keyof R ? keyof R[P] : never : never;
+export interface CreateAuthOptions<TProviders extends OAuthProvider[]> {
+    /** The database adapter to use for storing users and accounts. */
+    adapter: Adapter;
+    /** Array of OAuth providers to support. */
+    providers: TProviders;
+    /** Base path for authentication routes (defaults to '/api/auth'). */
+    basePath?: string;
+    /** Session management options */
+    session?: {
+        /** Strategy to use for sessions: 'auto' (default), 'cookie', or 'token'. */
+        strategy?: 'auto' | 'cookie' | 'token';
+    };
+    /** Configuration for JWT signing and verification. */
+    jwt?: {
+        /** Signing algorithm: 'ES256' (default) or 'HS256'. */
+        algorithm?: 'ES256' | 'HS256';
+        /** Secret for HS256 or base64url-encoded private key for ES256 (overrides AUTH_SECRET). */
+        secret?: string;
+        /** Issuer claim (iss) for JWTs. */
+        iss?: string;
+        /** Audience claim (aud) for JWTs. */
+        aud?: string;
+        /** Default time-to-live in seconds for JWTs (defaults to 1 day). */
+        ttl?: number;
+    };
+    /** Custom options for session cookies. */
+    cookies?: Partial<SerializeOptions>;
+    /**
+     * Hook that fires right after provider.validateCallback() returns tokens,
+     * but before any user lookup/link/create logic. Return { handled: true, response }
+     * to short-circuit the default flow and send a custom response.
+     */
+    onOAuthExchange?: (context: {
+        request: Request;
+        providerId: string;
+        state: string;
+        code: string;
+        codeVerifier: string;
+        callbackUri?: string | null;
+        redirectTo: string;
+        cookies: Cookies;
+        providerUser: AuthUser;
+        tokens: OAuth2Tokens;
+        isLinking: boolean;
+        sessionUserId?: string;
+    }) => Promise<{
+        handled: true;
+        response: Response;
+    } | {
+        handled: false;
+    }>;
+    /** Map/override the provider's profile right after token exchange. */
+    mapExternalProfile?: (context: {
+        request: Request;
+        providerId: string;
+        providerUser: AuthUser;
+        tokens: OAuth2Tokens;
+        isLinking: boolean;
+    }) => Promise<AuthUser | Partial<AuthUser> | null | undefined>;
+    /** Gate the link action just before persisting an account. */
+    onBeforeLinkAccount?: (context: {
+        request: Request;
+        providerId: string;
+        userId: string;
+        providerUser: AuthUser;
+        tokens: OAuth2Tokens;
+    }) => Promise<{
+        allow: true;
+    } | {
+        allow: false;
+        response?: Response;
+    }>;
+    /** Observe or augment after link/update tokens. */
+    onAfterLinkAccount?: (context: {
+        request: Request;
+        providerId: string;
+        userId: string;
+        providerUser: AuthUser;
+        tokens: OAuth2Tokens;
+        action: 'link' | 'update';
+    }) => Promise<void>;
+    /** Trusted hosts for CSRF protection: 'all' or array of hostnames (defaults to []). */
+    trustHosts?: 'all' | string[];
+    /** Account linking behavior: 'verifiedEmail' (default), 'always', or false. */
+    autoLink?: 'verifiedEmail' | 'always' | false;
+    /** Allow linking providers whose primary emails differ from the user's current primary email. Defaults to true. */
+    allowDifferentEmails?: boolean;
+    /** When linking a new provider, update missing user info (name/image/emailVerified) from provider profile. Defaults to false. */
+    updateUserInfoOnLink?: boolean;
+    /** Optional configuration for role-based access control. */
+    roles?: {
+        /** Default role for newly created users. */
+        defaultRole?: string;
+        /** Dynamically resolve the role at the moment of user creation. Return undefined to fall back to defaultRole. */
+        resolveOnCreate?: (context: {
+            providerId: string;
+            profile: any;
+            request: Request;
+        }) => string | undefined;
+        /** Roles that are considered admin-like for helper predicates and `session.user.isAdmin`. */
+        adminRoles?: string[];
+        /** Users that are always treated as admin for helper predicates and `session.user.isAdmin`. */
+        adminUserIds?: string[];
+    };
+    /**
+     * CORS configuration. When true (default): request Origin & allow credentials
+     * When false, CORS headers are not added at all.
+     * Provide an object to fine-tune behaviour.
+     */
+    cors?: true | false | {
+        /**
+         * Allowed origins.
+         * - 'all' (default) allows any origin (reflected when credentials enabled),
+         * - 'trust' reuses the createAuth trustHosts list
+         * - specify an explicit array of full origins (e.g. https://app.example.com)
+         *   or hostnames (e.g. app.example.com).
+         * When array contains '*', it's treated as 'all'.
+         */
+        allowedOrigins?: 'all' | 'trust' | string[];
+        /** Whether to send Access-Control-Allow-Credentials (defaults to true). */
+        allowCredentials?: boolean;
+        /** Allowed headers (defaults to ['Content-Type','Authorization','Cookie']). */
+        allowedHeaders?: string[];
+        /** Allowed methods (defaults to ['GET','POST','OPTIONS']). */
+        allowedMethods?: string[];
+        /** Exposed headers (optional). */
+        exposeHeaders?: string[];
+        /** Preflight max age in seconds (optional). */
+        maxAge?: number;
+    };
+    /**
+     * Named, server-defined profiles that group provider specific settings.
+     * Clients can reference a profile by name (e.g. signIn('github', { profile: 'myprofile' })).
+     */
+    profiles?: ProfilesConfig<TProviders>;
+}
+/**
+ * Options for issuing a session.
+ */
+export interface IssueSessionOptions {
+    /** Custom claims to include in the session JWT. */
+    data?: Record<string, unknown>;
+    /** Time-to-live in seconds (defaults to auth's configured jwt.ttl). */
+    ttl?: number;
+}
+/**
+ * Result of issuing a session.
+ */
+export interface IssueSessionResult {
+    /** The raw JWT session token (for Bearer auth or storage). */
+    token: string;
+    /** The serialized Set-Cookie header value (for web apps). */
+    cookie: string;
+    /** The cookie name used by gau. */
+    cookieName: string;
+    /** The maxAge in seconds. */
+    maxAge: number;
+}
+/**
+ * Options for refreshing a session.
+ */
+export interface RefreshSessionOptions {
+    /** Override the default TTL for the new token. */
+    ttl?: number;
+    /**
+     * Only refresh if past this fraction of TTL (0-1).
+     * Example: 0.5 means only refresh if session is past 50% of its lifetime.
+     */
+    threshold?: number;
+}
+/**
+ * Result of refreshing a session. Extends IssueSessionResult with source information.
+ */
+export interface RefreshSessionResult extends IssueSessionResult {
+    /**
+     * How the original token was provided.
+     * - 'cookie': Token was extracted from the Cookie header
+     * - 'bearer': Token was extracted from Authorization: Bearer header
+     * - 'token': A raw token string was passed directly
+     */
+    source: 'cookie' | 'bearer' | 'token';
+}
+export type Auth<TProviders extends OAuthProvider[] = any> = Adapter & {
+    providerMap: Map<ProviderId<TProviders[number]>, TProviders[number]>;
+    basePath: string;
+    cookieOptions: SerializeOptions;
+    jwt: {
+        ttl: number;
+    };
+    onOAuthExchange?: CreateAuthOptions<TProviders>['onOAuthExchange'];
+    mapExternalProfile?: CreateAuthOptions<TProviders>['mapExternalProfile'];
+    onBeforeLinkAccount?: CreateAuthOptions<TProviders>['onBeforeLinkAccount'];
+    onAfterLinkAccount?: CreateAuthOptions<TProviders>['onAfterLinkAccount'];
+    signJWT: <U extends Record<string, unknown>>(payload: U, customOptions?: Partial<SignOptions>) => Promise<string>;
+    verifyJWT: <U = Record<string, unknown>>(token: string, customOptions?: Partial<VerifyOptions>) => Promise<U | null>;
+    createSession: (userId: string, data?: Record<string, unknown>, ttl?: number) => Promise<string>;
+    validateSession: (token: string) => Promise<GauServerSession | null>;
+    /**
+     * Issue a session for a user, returning both the token and a Set-Cookie header.
+     * Useful for guest login, invite redemption, admin impersonation, etc.
+     */
+    issueSession: (userId: string, options?: IssueSessionOptions) => Promise<IssueSessionResult>;
+    /**
+     * Refresh an existing session, issuing a new token with extended TTL.
+     * Preserves custom claims from the original token.
+     *
+     * @param tokenOrRequest - The existing session token, or a Request to extract the token from
+     * @param options.ttl - Override the default TTL for the new token
+     * @param options.threshold - Only refresh if past this fraction of TTL (0-1).
+     *   When set, returns null if below threshold.
+     *   Example: 0.5 means only refresh if session is past 50% of its lifetime.
+     * @returns The refreshed session with source info, or null if invalid/expired/below threshold
+     */
+    refreshSession: (tokenOrRequest: string | Request, options?: RefreshSessionOptions) => Promise<RefreshSessionResult | null>;
+    /**
+     * Get a valid access token for a linked provider. If the stored token is expired and a refresh token exists,
+     * this will refresh it using the provider's refreshAccessToken and persist rotated tokens.
+     */
+    getAccessToken: (userId: string, providerId: string) => Promise<{
+        accessToken: string;
+        expiresAt?: number | null;
+    } | null>;
+    trustHosts: 'all' | string[];
+    autoLink: 'verifiedEmail' | 'always' | false;
+    allowDifferentEmails: boolean;
+    updateUserInfoOnLink: boolean;
+    sessionStrategy: 'auto' | 'cookie' | 'token';
+    development: boolean;
+    roles: {
+        defaultRole: string;
+        resolveOnCreate?: (context: {
+            providerId: string;
+            profile: any;
+            request: Request;
+        }) => string | undefined;
+        adminRoles: string[];
+        adminUserIds: string[];
+    };
+    cors: false | {
+        allowedOrigins: 'all' | 'trust' | string[];
+        allowCredentials: boolean;
+        allowedHeaders: string[];
+        allowedMethods: string[];
+        exposeHeaders?: string[];
+        maxAge?: number;
+    };
+    profiles: ResolvedProfiles<TProviders>;
+};
+export interface ProfileDefinition {
+    scopes?: string[];
+    redirectUri?: string;
+    /** When true, this profile can only be linked to an existing session; standalone sign-in is disabled. */
+    linkOnly?: boolean;
+    /** Additional provider-specific authorization params. */
+    params?: Record<string, string>;
+}
+type ProviderIdOfArray<TProviders extends OAuthProvider[]> = ProviderId<TProviders[number]>;
+type ProviderConfigFor<TProviders extends OAuthProvider[], K extends string> = Extract<TProviders[number], OAuthProvider<K, any>> extends OAuthProvider<any, infer C> ? C : OAuthProviderConfig;
+export type ProfilesConfig<TProviders extends OAuthProvider[]> = Partial<{
+    [K in ProviderIdOfArray<TProviders>]: Record<string, ProfileDefinition & ProviderProfileOverrides<ProviderConfigFor<TProviders, K>>>;
+}>;
+export type ResolvedProfiles<TProviders extends OAuthProvider[]> = ProfilesConfig<TProviders>;
+export declare function createAuth<const TProviders extends OAuthProvider[]>({ adapter, providers, basePath, jwt: jwtConfig, session: sessionConfig, cookies: cookieConfig, onOAuthExchange, mapExternalProfile, onBeforeLinkAccount, onAfterLinkAccount, trustHosts, autoLink, allowDifferentEmails, updateUserInfoOnLink, roles: rolesConfig, cors, profiles: profilesConfig }: CreateAuthOptions<TProviders>): Auth<TProviders>;
+export {};
+//# sourceMappingURL=createAuth.d.ts.map

package/dist/src/src/core/createAuth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"createAuth.d.ts","sourceRoot":"","sources":["../../../../src/core/createAuth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAA;AAC1C,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAA;AAC9C,OAAO,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAA;AACxD,OAAO,KAAK,EAAE,QAAQ,EAAE,aAAa,EAAE,mBAAmB,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAA;AACtG,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACxC,OAAO,KAAK,EAAE,OAAO,EAAE,gBAAgB,EAAE,MAAM,SAAS,CAAA;AAOxD,KAAK,UAAU,CAAC,CAAC,IAAI,CAAC,SAAS,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,KAAK,CAAA;AACjE,MAAM,MAAM,WAAW,CAAC,CAAC,IAAI,CAAC,SAAS;IAAE,WAAW,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,MAAM,EAAE,GAAG,CAAC,CAAA;CAAE,GAAG,CAAC,GAAG,MAAM,CAAA;AAErG,MAAM,MAAM,WAAW,CAAC,CAAC,EAAE,CAAC,SAAS,MAAM,IAAI,CAAC,SAAS;IAAE,QAAQ,EAAE,MAAM,CAAC,CAAA;CAAE,GAC1E,CAAC,SAAS,MAAM,CAAC,GACf,MAAM,CAAC,CAAC,CAAC,CAAC,GACV,KAAK,GACP,KAAK,CAAA;AAET,MAAM,WAAW,iBAAiB,CAAC,UAAU,SAAS,aAAa,EAAE;IACnE,kEAAkE;IAClE,OAAO,EAAE,OAAO,CAAA;IAChB,2CAA2C;IAC3C,SAAS,EAAE,UAAU,CAAA;IACrB,qEAAqE;IACrE,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,iCAAiC;IACjC,OAAO,CAAC,EAAE;QACR,4EAA4E;QAC5E,QAAQ,CAAC,EAAE,MAAM,GAAG,QAAQ,GAAG,OAAO,CAAA;KACvC,CAAA;IACD,sDAAsD;IACtD,GAAG,CAAC,EAAE;QACJ,uDAAuD;QACvD,SAAS,CAAC,EAAE,OAAO,GAAG,OAAO,CAAA;QAC7B,2FAA2F;QAC3F,MAAM,CAAC,EAAE,MAAM,CAAA;QACf,mCAAmC;QACnC,GAAG,CAAC,EAAE,MAAM,CAAA;QACZ,qCAAqC;QACrC,GAAG,CAAC,EAAE,MAAM,CAAA;QACZ,oEAAoE;QACpE,GAAG,CAAC,EAAE,MAAM,CAAA;KACb,CAAA;IACD,0CAA0C;IAC1C,OAAO,CAAC,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;IACnC;;;;OAIG;IACH,eAAe,CAAC,EAAE,CAAC,OAAO,EAAE;QAC1B,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,MAAM,CAAA;QAClB,KAAK,EAAE,MAAM,CAAA;QACb,IAAI,EAAE,MAAM,CAAA;QACZ,YAAY,EAAE,MAAM,CAAA;QACpB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;QAC3B,UAAU,EAAE,MAAM,CAAA;QAClB,OAAO,EAAE,OAAO,CAAA;QAChB,YAAY,EAAE,QAAQ,CAAA;QACtB,MAAM,EAAE,YAAY,CAAA;QACpB,SAAS,EAAE,OAAO,CAAA;QAClB,aAAa,CAAC,EAAE,MAAM,CAAA;KACvB,KAAK,OAAO,CAAC;QAAE,OAAO,EAAE,IAAI,CAAC;QAAC,QAAQ,EAAE,QAAQ,CAAA;KAAE,GAAG;QAAE,OAAO,EAAE,KAAK,CAAA;KAAE,CAAC,CAAA;IACzE,sEAAsE;IACtE,kBAAkB,CAAC,EAAE,CAAC,OAAO,EAAE;QAC7B,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,MAAM,CAAA;QAClB,YAAY,EAAE,QAAQ,CAAA;QACtB,MAAM,EAAE,YAAY,CAAA;QACpB,SAAS,EAAE,OAAO,CAAA;KACnB,KAAK,OAAO,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,GAAG,IAAI,GAAG,SAAS,CAAC,CAAA;IAC9D,8DAA8D;IAC9D,mBAAmB,CAAC,EAAE,CAAC,OAAO,EAAE;QAC9B,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,MAAM,CAAA;QAClB,MAAM,EAAE,MAAM,CAAA;QACd,YAAY,EAAE,QAAQ,CAAA;QACtB,MAAM,EAAE,YAAY,CAAA;KACrB,KAAK,OAAO,CAAC;QAAE,KAAK,EAAE,IAAI,CAAA;KAAE,GAAG;QAAE,KAAK,EAAE,KAAK,CAAC;QAAC,QAAQ,CAAC,EAAE,QAAQ,CAAA;KAAE,CAAC,CAAA;IACtE,mDAAmD;IACnD,kBAAkB,CAAC,EAAE,CAAC,OAAO,EAAE;QAC7B,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,MAAM,CAAA;QAClB,MAAM,EAAE,MAAM,CAAA;QACd,YAAY,EAAE,QAAQ,CAAA;QACtB,MAAM,EAAE,YAAY,CAAA;QACpB,MAAM,EAAE,MAAM,GAAG,QAAQ,CAAA;KAC1B,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IACnB,uFAAuF;IACvF,UAAU,CAAC,EAAE,KAAK,GAAG,MAAM,EAAE,CAAA;IAC7B,+EAA+E;IAC/E,QAAQ,CAAC,EAAE,eAAe,GAAG,QAAQ,GAAG,KAAK,CAAA;IAC7C,mHAAmH;IACnH,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAC9B,iIAAiI;IACjI,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAC9B,4DAA4D;IAC5D,KAAK,CAAC,EAAE;QACN,4CAA4C;QAC5C,WAAW,CAAC,EAAE,MAAM,CAAA;QACpB,iHAAiH;QACjH,eAAe,CAAC,EAAE,CAAC,OAAO,EAAE;YAAE,UAAU,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,GAAG,CAAC;YAAC,OAAO,EAAE,OAAO,CAAA;SAAE,KAAK,MAAM,GAAG,SAAS,CAAA;QACzG,6FAA6F;QAC7F,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;QACrB,+FAA+F;QAC/F,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;KACxB,CAAA;IACD;;;;OAIG;IACH,IAAI,CAAC,EAAE,IAAI,GAAG,KAAK,GAAG;QACpB;;;;;;;WAOG;QACH,cAAc,CAAC,EAAE,KAAK,GAAG,OAAO,GAAG,MAAM,EAAE,CAAA;QAC3C,2EAA2E;QAC3E,gBAAgB,CAAC,EAAE,OAAO,CAAA;QAC1B,+EAA+E;QAC/E,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;QACzB,8DAA8D;QAC9D,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;QACzB,kCAAkC;QAClC,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;QACxB,+CAA+C;QAC/C,MAAM,CAAC,EAAE,MAAM,CAAA;KAChB,CAAA;IACD;;;OAGG;IACH,QAAQ,CAAC,EAAE,cAAc,CAAC,UAAU,CAAC,CAAA;CACtC;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,mDAAmD;IACnD,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC9B,uEAAuE;IACvE,GAAG,CAAC,EAAE,MAAM,CAAA;CACb;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,8DAA8D;IAC9D,KAAK,EAAE,MAAM,CAAA;IACb,6DAA6D;IAC7D,MAAM,EAAE,MAAM,CAAA;IACd,mCAAmC;IACnC,UAAU,EAAE,MAAM,CAAA;IAClB,6BAA6B;IAC7B,MAAM,EAAE,MAAM,CAAA;CACf;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,kDAAkD;IAClD,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAqB,SAAQ,kBAAkB;IAC9D;;;;;OAKG;IACH,MAAM,EAAE,QAAQ,GAAG,QAAQ,GAAG,OAAO,CAAA;CACtC;AAED,MAAM,MAAM,IAAI,CAAC,UAAU,SAAS,aAAa,EAAE,GAAG,GAAG,IAAI,OAAO,GAAG;IACrE,WAAW,EAAE,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC,CAAA;IACpE,QAAQ,EAAE,MAAM,CAAA;IAChB,aAAa,EAAE,gBAAgB,CAAA;IAC/B,GAAG,EAAE;QAAE,GAAG,EAAE,MAAM,CAAA;KAAE,CAAA;IACpB,eAAe,CAAC,EAAE,iBAAiB,CAAC,UAAU,CAAC,CAAC,iBAAiB,CAAC,CAAA;IAClE,kBAAkB,CAAC,EAAE,iBAAiB,CAAC,UAAU,CAAC,CAAC,oBAAoB,CAAC,CAAA;IACxE,mBAAmB,CAAC,EAAE,iBAAiB,CAAC,UAAU,CAAC,CAAC,qBAAqB,CAAC,CAAA;IAC1E,kBAAkB,CAAC,EAAE,iBAAiB,CAAC,UAAU,CAAC,CAAC,oBAAoB,CAAC,CAAA;IACxE,OAAO,EAAE,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,aAAa,CAAC,EAAE,OAAO,CAAC,WAAW,CAAC,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;IACjH,SAAS,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC,KAAK,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAA;IACpH,aAAa,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;IAChG,eAAe,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,CAAA;IACpE;;;OAGG;IACH,YAAY,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,mBAAmB,KAAK,OAAO,CAAC,kBAAkB,CAAC,CAAA;IAC5F;;;;;;;;;;OAUG;IACH,cAAc,EAAE,CAAC,cAAc,EAAE,MAAM,GAAG,OAAO,EAAE,OAAO,CAAC,EAAE,qBAAqB,KAAK,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CAAA;IAC3H;;;OAGG;IACH,cAAc,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,KAAK,OAAO,CAAC;QAAE,WAAW,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;KAAE,GAAG,IAAI,CAAC,CAAA;IAC1H,UAAU,EAAE,KAAK,GAAG,MAAM,EAAE,CAAA;IAC5B,QAAQ,EAAE,eAAe,GAAG,QAAQ,GAAG,KAAK,CAAA;IAC5C,oBAAoB,EAAE,OAAO,CAAA;IAC7B,oBAAoB,EAAE,OAAO,CAAA;IAC7B,eAAe,EAAE,MAAM,GAAG,QAAQ,GAAG,OAAO,CAAA;IAC5C,WAAW,EAAE,OAAO,CAAA;IACpB,KAAK,EAAE;QACL,WAAW,EAAE,MAAM,CAAA;QACnB,eAAe,CAAC,EAAE,CAAC,OAAO,EAAE;YAAE,UAAU,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,GAAG,CAAC;YAAC,OAAO,EAAE,OAAO,CAAA;SAAE,KAAK,MAAM,GAAG,SAAS,CAAA;QACzG,UAAU,EAAE,MAAM,EAAE,CAAA;QACpB,YAAY,EAAE,MAAM,EAAE,CAAA;KACvB,CAAA;IACD,IAAI,EAAE,KAAK,GAAG;QACZ,cAAc,EAAE,KAAK,GAAG,OAAO,GAAG,MAAM,EAAE,CAAA;QAC1C,gBAAgB,EAAE,OAAO,CAAA;QACzB,cAAc,EAAE,MAAM,EAAE,CAAA;QACxB,cAAc,EAAE,MAAM,EAAE,CAAA;QACxB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;QACxB,MAAM,CAAC,EAAE,MAAM,CAAA;KAChB,CAAA;IACD,QAAQ,EAAE,gBAAgB,CAAC,UAAU,CAAC,CAAA;CACvC,CAAA;AAED,MAAM,WAAW,iBAAiB;IAChC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;IACjB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,yGAAyG;IACzG,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,yDAAyD;IACzD,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAChC;AAED,KAAK,iBAAiB,CAAC,UAAU,SAAS,aAAa,EAAE,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAA;AAC3F,KAAK,iBAAiB,CAAC,UAAU,SAAS,aAAa,EAAE,EAAE,CAAC,SAAS,MAAM,IACvE,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,aAAa,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,SAAS,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,mBAAmB,CAAA;AAEpH,MAAM,MAAM,cAAc,CAAC,UAAU,SAAS,aAAa,EAAE,IAAI,OAAO,CAAC;KACtE,CAAC,IAAI,iBAAiB,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,iBAAiB,GAAG,wBAAwB,CAAC,iBAAiB,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC;CACrI,CAAC,CAAA;AACF,MAAM,MAAM,gBAAgB,CAAC,UAAU,SAAS,aAAa,EAAE,IAAI,cAAc,CAAC,UAAU,CAAC,CAAA;AAE7F,wBAAgB,UAAU,CAAC,KAAK,CAAC,UAAU,SAAS,aAAa,EAAE,EAAE,EACnE,OAAO,EACP,SAAS,EACT,QAAsB,EACtB,GAAG,EAAE,SAAc,EACnB,OAAO,EAAE,aAAkB,EAC3B,OAAO,EAAE,YAAiB,EAC1B,eAAe,EACf,kBAAkB,EAClB,mBAAmB,EACnB,kBAAkB,EAClB,UAAe,EACf,QAA0B,EAC1B,oBAA2B,EAC3B,oBAA4B,EAC5B,KAAK,EAAE,WAAgB,EACvB,IAAW,EACX,QAAQ,EAAE,cAAc,EACzB,EAAE,iBAAiB,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,CAuOlD"}

package/dist/src/src/core/handler.d.ts

@@ -0,0 +1,3 @@
+import type { Auth } from './createAuth';
+export declare function createHandler(auth: Auth): (request: Request) => Promise<Response>;
+//# sourceMappingURL=handler.d.ts.map

package/dist/src/src/core/handler.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"handler.d.ts","sourceRoot":"","sources":["../../../../src/core/handler.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AAexC,wBAAgB,aAAa,CAAC,IAAI,EAAE,IAAI,GAAG,CAAC,OAAO,EAAE,OAAO,KAAK,OAAO,CAAC,QAAQ,CAAC,CAiEjF"}

package/dist/src/src/core/handlers/callback.d.ts

@@ -0,0 +1,3 @@
+import type { Auth } from '../createAuth';
+export declare function handleCallback(request: Request, auth: Auth, providerId: string): Promise<Response>;
+//# sourceMappingURL=callback.d.ts.map

package/dist/src/src/core/handlers/callback.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"callback.d.ts","sourceRoot":"","sources":["../../../../../src/core/handlers/callback.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAA;AAgBzC,wBAAsB,cAAc,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CA8mBxG"}

package/dist/src/src/core/handlers/cors.d.ts

@@ -0,0 +1,4 @@
+import type { Auth } from '../createAuth';
+export declare function applyCors(request: Request, response: Response, auth: Auth): Response;
+export declare function handlePreflight(request: Request, auth: Auth): Response;
+//# sourceMappingURL=cors.d.ts.map

package/dist/src/src/core/handlers/cors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cors.d.ts","sourceRoot":"","sources":["../../../../../src/core/handlers/cors.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAA;AA8BzC,wBAAgB,SAAS,CAAC,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,GAAG,QAAQ,CAuBpF;AAED,wBAAgB,eAAe,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,GAAG,QAAQ,CAqBtE"}

package/dist/src/src/core/handlers/index.d.ts

@@ -0,0 +1,8 @@
+export { handleCallback } from './callback';
+export { applyCors, handlePreflight } from './cors';
+export { handleLink, handleUnlink } from './link';
+export { handleSignIn, handleSignOut } from './login';
+export { handleSession } from './session';
+export { handleToken } from './token';
+export { verifyRequestOrigin } from './utils';
+//# sourceMappingURL=index.d.ts.map

package/dist/src/src/core/handlers/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/core/handlers/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAA;AAC3C,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,QAAQ,CAAA;AACnD,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAA;AACjD,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAA;AACzC,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAA;AACrC,OAAO,EAAE,mBAAmB,EAAE,MAAM,SAAS,CAAA"}

package/dist/src/src/core/handlers/link.d.ts

@@ -0,0 +1,4 @@
+import type { Auth } from '../createAuth';
+export declare function handleLink(request: Request, auth: Auth, providerId: string): Promise<Response>;
+export declare function handleUnlink(request: Request, auth: Auth, providerId: string): Promise<Response>;
+//# sourceMappingURL=link.d.ts.map

package/dist/src/src/core/handlers/link.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"link.d.ts","sourceRoot":"","sources":["../../../../../src/core/handlers/link.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAA;AAKzC,wBAAsB,UAAU,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAkBpG;AAED,wBAAsB,YAAY,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAuCtG"}

package/dist/src/src/core/handlers/login.d.ts

@@ -0,0 +1,4 @@
+import type { Auth } from '../createAuth';
+export declare function handleSignIn(request: Request, auth: Auth, providerId: string): Promise<Response>;
+export declare function handleSignOut(request: Request, auth: Auth): Promise<Response>;
+//# sourceMappingURL=login.d.ts.map

package/dist/src/src/core/handlers/login.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../../../../src/core/handlers/login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAA;AAMzC,wBAAsB,YAAY,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAEtG;AAED,wBAAsB,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,CAkBnF"}

package/dist/src/src/core/handlers/session.d.ts

@@ -0,0 +1,3 @@
+import type { Auth } from '../createAuth';
+export declare function handleSession(request: Request, auth: Auth): Promise<Response>;
+//# sourceMappingURL=session.d.ts.map

package/dist/src/src/core/handlers/session.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../../../../src/core/handlers/session.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAA;AAIzC,wBAAsB,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,CAoBnF"}

package/dist/src/src/core/handlers/token.d.ts

@@ -0,0 +1,3 @@
+import type { Auth } from '../createAuth';
+export declare function handleToken(request: Request, auth: Auth): Promise<Response>;
+//# sourceMappingURL=token.d.ts.map

package/dist/src/src/core/handlers/token.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"token.d.ts","sourceRoot":"","sources":["../../../../../src/core/handlers/token.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAA;AAGzC,wBAAsB,WAAW,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,CAsCjF"}

package/dist/src/src/core/handlers/utils.d.ts

@@ -0,0 +1,4 @@
+import type { Auth } from '../createAuth';
+export declare function verifyRequestOrigin(request: Request, trustHosts: 'all' | string[], development: boolean): boolean;
+export declare function prepareOAuthRedirect(request: Request, auth: Auth, providerId: string, linkingToken: string | null): Promise<Response>;
+//# sourceMappingURL=utils.d.ts.map

package/dist/src/src/core/handlers/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../../../src/core/handlers/utils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAA;AAezC,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,GAAG,MAAM,EAAE,EAAE,WAAW,EAAE,OAAO,GAAG,OAAO,CA+BjH;AAED,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,IAAI,EACV,UAAU,EAAE,MAAM,EAClB,YAAY,EAAE,MAAM,GAAG,IAAI,GAC1B,OAAO,CAAC,QAAQ,CAAC,CAiInB"}

package/dist/src/src/core/hooks.d.ts

@@ -0,0 +1,50 @@
+import type { OAuth2Tokens } from 'arctic';
+import type { Cookies } from './cookies';
+import type { Auth } from './createAuth';
+export interface OAuthExchangeContext {
+    request: Request;
+    providerId: string;
+    state: string;
+    code: string;
+    codeVerifier: string;
+    callbackUri?: string | null;
+    redirectTo: string;
+    cookies: Cookies;
+    providerUser: any;
+    tokens: OAuth2Tokens;
+    isLinking: boolean;
+    sessionUserId?: string;
+}
+export type OAuthExchangeResult = {
+    handled: true;
+    response: Response;
+} | {
+    handled: false;
+};
+export declare function runOnOAuthExchange(auth: Auth | undefined, ctx: OAuthExchangeContext): Promise<OAuthExchangeResult>;
+export interface MapExternalProfileContext {
+    request: Request;
+    providerId: string;
+    providerUser: any;
+    tokens: OAuth2Tokens;
+    isLinking: boolean;
+}
+export declare function maybeMapExternalProfile(auth: Auth | undefined, ctx: MapExternalProfileContext): Promise<any>;
+export interface BeforeLinkAccountContext {
+    request: Request;
+    providerId: string;
+    userId: string;
+    providerUser: any;
+    tokens: OAuth2Tokens;
+}
+export declare function runOnBeforeLinkAccount(auth: Auth | undefined, ctx: BeforeLinkAccountContext): Promise<{
+    allow: true;
+} | {
+    allow: false;
+    response?: Response;
+}>;
+export interface AfterLinkAccountContext extends BeforeLinkAccountContext {
+    action: 'link' | 'update';
+}
+export declare function runOnAfterLinkAccount(auth: Auth | undefined, ctx: AfterLinkAccountContext): Promise<void>;
+//# sourceMappingURL=hooks.d.ts.map

package/dist/src/src/core/hooks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hooks.d.ts","sourceRoot":"","sources":["../../../../src/core/hooks.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAA;AAC1C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACxC,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AAExC,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,KAAK,EAAE,MAAM,CAAA;IACb,IAAI,EAAE,MAAM,CAAA;IACZ,YAAY,EAAE,MAAM,CAAA;IACpB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC3B,UAAU,EAAE,MAAM,CAAA;IAClB,OAAO,EAAE,OAAO,CAAA;IAChB,YAAY,EAAE,GAAG,CAAA;IACjB,MAAM,EAAE,YAAY,CAAA;IACpB,SAAS,EAAE,OAAO,CAAA;IAClB,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB;AAED,MAAM,MAAM,mBAAmB,GAAG;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,QAAQ,EAAE,QAAQ,CAAA;CAAE,GAAG;IAAE,OAAO,EAAE,KAAK,CAAA;CAAE,CAAA;AAE5F,wBAAsB,kBAAkB,CAAC,IAAI,EAAE,IAAI,GAAG,SAAS,EAAE,GAAG,EAAE,oBAAoB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAaxH;AAED,MAAM,WAAW,yBAAyB;IACxC,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,YAAY,EAAE,GAAG,CAAA;IACjB,MAAM,EAAE,YAAY,CAAA;IACpB,SAAS,EAAE,OAAO,CAAA;CACnB;AAED,wBAAsB,uBAAuB,CAAC,IAAI,EAAE,IAAI,GAAG,SAAS,EAAE,GAAG,EAAE,yBAAyB,GAAG,OAAO,CAAC,GAAG,CAAC,CAalH;AAED,MAAM,WAAW,wBAAwB;IACvC,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,MAAM,EAAE,MAAM,CAAA;IACd,YAAY,EAAE,GAAG,CAAA;IACjB,MAAM,EAAE,YAAY,CAAA;CACrB;AAED,wBAAsB,sBAAsB,CAAC,IAAI,EAAE,IAAI,GAAG,SAAS,EAAE,GAAG,EAAE,wBAAwB,GAAG,OAAO,CAAC;IAAE,KAAK,EAAE,IAAI,CAAA;CAAE,GAAG;IAAE,KAAK,EAAE,KAAK,CAAC;IAAC,QAAQ,CAAC,EAAE,QAAQ,CAAA;CAAE,CAAC,CAapK;AAED,MAAM,WAAW,uBAAwB,SAAQ,wBAAwB;IAAG,MAAM,EAAE,MAAM,GAAG,QAAQ,CAAA;CAAE;AAEvG,wBAAsB,qBAAqB,CAAC,IAAI,EAAE,IAAI,GAAG,SAAS,EAAE,GAAG,EAAE,uBAAuB,GAAG,OAAO,CAAC,IAAI,CAAC,CAS/G"}

package/dist/src/src/core/index.d.ts

@@ -0,0 +1,96 @@
+export interface User {
+    id: string;
+    name?: string | null;
+    email?: string | null;
+    emailVerified?: boolean | null;
+    image?: string | null;
+    role?: string | null;
+    isAdmin?: boolean;
+}
+export interface Session {
+    id: string;
+    sub: string;
+    [key: string]: unknown;
+}
+export interface ClientAccount {
+    provider: string;
+    providerAccountId: string;
+}
+/**
+ * Client-safe session data.
+ */
+export interface GauSession<TProviders extends string = string> {
+    user: User | null;
+    session: Session | null;
+    accounts?: ClientAccount[] | null;
+    providers?: TProviders[];
+}
+/**
+ * Full server-side session with complete account data including tokens.
+ *
+ * Never serialize this to the client - contains sensitive access/refresh tokens.
+ */
+export interface GauServerSession<TProviders extends string = string> {
+    user: User | null;
+    session: Session | null;
+    accounts?: Account[] | null;
+    providers?: TProviders[];
+}
+export declare const NULL_SESSION: {
+    readonly user: null;
+    readonly session: null;
+    readonly accounts: null;
+};
+export declare function toClientSession<TProviders extends string = string>(serverSession: GauServerSession<TProviders>): GauSession<TProviders>;
+export interface NewUser extends Omit<User, 'id' | 'accounts' | 'isAdmin'> {
+    id?: string;
+}
+export interface Account {
+    userId: string;
+    provider: string;
+    providerAccountId: string;
+    type?: string;
+    accessToken?: string | null;
+    refreshToken?: string | null;
+    expiresAt?: number | null;
+    idToken?: string | null;
+    scope?: string | null;
+    tokenType?: string | null;
+    sessionState?: string | null;
+}
+export interface NewAccount extends Account {
+}
+export interface Adapter {
+    getUser: (id: string) => Promise<User | null>;
+    getUserByEmail: (email: string) => Promise<User | null>;
+    getUserByAccount: (provider: string, providerAccountId: string) => Promise<User | null>;
+    getAccounts: (userId: string) => Promise<Account[]>;
+    getUserAndAccounts: (userId: string) => Promise<{
+        user: User;
+        accounts: Account[];
+    } | null>;
+    createUser: (data: NewUser) => Promise<User>;
+    linkAccount: (data: NewAccount) => Promise<void>;
+    unlinkAccount: (provider: string, providerAccountId: string) => Promise<void>;
+    updateAccount?: (data: Partial<Account> & {
+        userId: string;
+        provider: string;
+        providerAccountId: string;
+    }) => Promise<void>;
+    updateUser: (data: Partial<User> & {
+        id: string;
+    }) => Promise<User>;
+    deleteUser: (id: string) => Promise<void>;
+}
+export declare class AuthError extends Error {
+    readonly cause?: unknown;
+    constructor(message: string, cause?: unknown);
+}
+export declare function json<T>(data: T, init?: ResponseInit): Response;
+export declare function redirect(url: string, status?: 302 | 303): Response;
+export * from './cookies';
+export * from './createAuth';
+export * from './handler';
+export * from './utils';
+export declare const REFRESHED_TOKEN_HEADER = "X-Refreshed-Token";
+//# sourceMappingURL=index.d.ts.map

package/dist/src/src/core/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/core/index.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,IAAI;IACnB,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACrB,aAAa,CAAC,EAAE,OAAO,GAAG,IAAI,CAAA;IAC9B,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACrB,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,OAAO,CAAC,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAA;IACV,GAAG,EAAE,MAAM,CAAA;IACX,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;CACvB;AAED,MAAM,WAAW,aAAa;IAC5B,QAAQ,EAAE,MAAM,CAAA;IAChB,iBAAiB,EAAE,MAAM,CAAA;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,UAAU,CAAC,UAAU,SAAS,MAAM,GAAG,MAAM;IAC5D,IAAI,EAAE,IAAI,GAAG,IAAI,CAAA;IACjB,OAAO,EAAE,OAAO,GAAG,IAAI,CAAA;IACvB,QAAQ,CAAC,EAAE,aAAa,EAAE,GAAG,IAAI,CAAA;IACjC,SAAS,CAAC,EAAE,UAAU,EAAE,CAAA;CACzB;AAED;;;;GAIG;AACH,MAAM,WAAW,gBAAgB,CAAC,UAAU,SAAS,MAAM,GAAG,MAAM;IAClE,IAAI,EAAE,IAAI,GAAG,IAAI,CAAA;IACjB,OAAO,EAAE,OAAO,GAAG,IAAI,CAAA;IACvB,QAAQ,CAAC,EAAE,OAAO,EAAE,GAAG,IAAI,CAAA;IAC3B,SAAS,CAAC,EAAE,UAAU,EAAE,CAAA;CACzB;AAED,eAAO,MAAM,YAAY;;;;CAIf,CAAA;AAEV,wBAAgB,eAAe,CAAC,UAAU,SAAS,MAAM,GAAG,MAAM,EAChE,aAAa,EAAE,gBAAgB,CAAC,UAAU,CAAC,GAC1C,UAAU,CAAC,UAAU,CAAC,CAUxB;AAED,MAAM,WAAW,OAAQ,SAAQ,IAAI,CAAC,IAAI,EAAE,IAAI,GAAG,UAAU,GAAG,SAAS,CAAC;IACxE,EAAE,CAAC,EAAE,MAAM,CAAA;CACZ;AAED,MAAM,WAAW,OAAO;IACtB,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,EAAE,MAAM,CAAA;IAChB,iBAAiB,EAAE,MAAM,CAAA;IACzB,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC3B,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC5B,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACzB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACrB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACzB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CAC7B;AAED,MAAM,WAAW,UAAW,SAAQ,OAAO;CAAG;AAE9C,MAAM,WAAW,OAAO;IACtB,OAAO,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,CAAA;IAC7C,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,CAAA;IACvD,gBAAgB,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,iBAAiB,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,CAAA;IACvF,WAAW,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,EAAE,CAAC,CAAA;IACnD,kBAAkB,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC;QAAE,IAAI,EAAE,IAAI,CAAC;QAAC,QAAQ,EAAE,OAAO,EAAE,CAAA;KAAE,GAAG,IAAI,CAAC,CAAA;IAC3F,UAAU,EAAE,CAAC,IAAI,EAAE,OAAO,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAC5C,WAAW,EAAE,CAAC,IAAI,EAAE,UAAU,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAChD,aAAa,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,iBAAiB,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAC7E,aAAa,CAAC,EAAE,CAAC,IAAI,EAAE,OAAO,CAAC,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,iBAAiB,EAAE,MAAM,CAAA;KAAE,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAC3H,UAAU,EAAE,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,GAAG;QAAE,EAAE,EAAE,MAAM,CAAA;KAAE,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IACnE,UAAU,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;CAC1C;AAED,qBAAa,SAAU,SAAQ,KAAK;IAClC,SAAkB,KAAK,CAAC,EAAE,OAAO,CAAA;IACjC,YAAY,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,OAAO,EAI3C;CACF;AAED,wBAAgB,IAAI,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,GAAE,YAAiB,GAAG,QAAQ,CAKlE;AAED,wBAAgB,QAAQ,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,GAAE,GAAG,GAAG,GAAS,GAAG,QAAQ,CAOvE;AAED,cAAc,WAAW,CAAA;AACzB,cAAc,cAAc,CAAA;AAC5B,cAAc,WAAW,CAAA;AACzB,cAAc,SAAS,CAAA;AAEvB,eAAO,MAAM,sBAAsB,sBAAsB,CAAA"}

package/dist/src/src/core/utils.d.ts

@@ -0,0 +1,10 @@
+export type SessionTokenSource = 'cookie' | 'bearer';
+/**
+ * Extract the session token from a Request.
+ * Prefers Cookie, then falls back to Authorization: Bearer.
+ */
+export declare function getSessionTokenFromRequest(request: Request): {
+    token?: string;
+    source?: SessionTokenSource;
+};
+//# sourceMappingURL=utils.d.ts.map

package/dist/src/src/core/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../../src/core/utils.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,kBAAkB,GAAG,QAAQ,GAAG,QAAQ,CAAA;AAEpD;;;GAGG;AACH,wBAAgB,0BAA0B,CAAC,OAAO,EAAE,OAAO,GAAG;IAAE,KAAK,CAAC,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,kBAAkB,CAAA;CAAE,CAW5G"}

package/dist/src/src/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,QAAQ,CAAA;AACtB,YAAY,EAAE,UAAU,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA"}

package/dist/src/src/jwt/index.d.ts

@@ -0,0 +1,2 @@
+export * from './jwt';
+//# sourceMappingURL=index.d.ts.map

package/dist/src/src/jwt/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/jwt/index.ts"],"names":[],"mappings":"AAAA,cAAc,OAAO,CAAA"}

package/dist/src/src/jwt/jwt.d.ts

@@ -0,0 +1,48 @@
+export type SupportedAlgorithm = 'ES256' | 'HS256';
+interface CommonSignOptions {
+    /** Time-to-live in seconds (exp claim). If omitted the token will not expire. */
+    ttl?: number;
+}
+export type SignOptions = ({
+    algorithm?: 'ES256';
+    privateKey?: CryptoKey;
+    secret?: string;
+} & CommonSignOptions & {
+    iss?: string;
+    aud?: string | string[];
+    sub?: string;
+}) | ({
+    algorithm: 'HS256';
+    secret?: string | Uint8Array;
+    privateKey?: never;
+} & CommonSignOptions & {
+    iss?: string;
+    aud?: string | string[];
+    sub?: string;
+});
+/**
+ * Create a signed JWT.
+ * Defaults to ES256 when a privateKey is supplied. Falls back to HS256 when a secret is supplied.
+ */
+export declare function sign<T extends Record<string, unknown>>(payload: T, options?: SignOptions): Promise<string>;
+export type VerifyOptions = {
+    algorithm?: 'ES256';
+    publicKey?: CryptoKey;
+    secret?: string;
+    iss?: string;
+    aud?: string | string[];
+} | {
+    algorithm: 'HS256';
+    secret?: string | Uint8Array;
+    publicKey?: never;
+    iss?: string;
+    aud?: string | string[];
+};
+/**
+ * Verify a JWT and return its payload when the signature is valid.
+ * The algorithm is inferred from options – ES256 by default.
+ * Throws when verification fails or the token is expired.
+ */
+export declare function verify<T = Record<string, unknown>>(token: string, options: VerifyOptions): Promise<T>;
+export {};
+//# sourceMappingURL=jwt.d.ts.map

package/dist/src/src/jwt/jwt.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../../../src/jwt/jwt.ts"],"names":[],"mappings":"AAWA,MAAM,MAAM,kBAAkB,GAAG,OAAO,GAAG,OAAO,CAAA;AAElD,UAAU,iBAAiB;IACzB,iFAAiF;IACjF,GAAG,CAAC,EAAE,MAAM,CAAA;CACb;AAED,MAAM,MAAM,WAAW,GACjB,CAAC;IAAE,SAAS,CAAC,EAAE,OAAO,CAAC;IAAC,UAAU,CAAC,EAAE,SAAS,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,GACjE,iBAAiB,GAAG;IAAE,GAAG,CAAC,EAAE,MAAM,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,GAC9E,CAAC;IAAE,SAAS,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,GAAG,UAAU,CAAC;IAAC,UAAU,CAAC,EAAE,KAAK,CAAA;CAAE,GACvE,iBAAiB,GAAG;IAAE,GAAG,CAAC,EAAE,MAAM,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAAA;AAElF;;;GAGG;AACH,wBAAsB,IAAI,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,GAAE,WAAgB,GAAG,OAAO,CAAC,MAAM,CAAC,CA6DpH;AAED,MAAM,MAAM,aAAa,GACnB;IAAE,SAAS,CAAC,EAAE,OAAO,CAAC;IAAC,SAAS,CAAC,EAAE,SAAS,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;CAAE,GACtG;IAAE,SAAS,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,GAAG,UAAU,CAAC;IAAC,SAAS,CAAC,EAAE,KAAK,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;CAAE,CAAA;AAEpH;;;;GAIG;AACH,wBAAsB,MAAM,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,CAoG3G"}

package/dist/src/src/jwt/utils.d.ts

@@ -0,0 +1,10 @@
+export declare function constantTimeEqual(a: Uint8Array, b: Uint8Array): boolean;
+export declare function deriveKeysFromSecret(secret: string): Promise<{
+    privateKey: CryptoKey;
+    publicKey: CryptoKey;
+}>;
+/**
+ * Convert JWS raw signature (r || s) to DER-encoded format for WebCrypto.
+ */
+export declare function rawToDer(raw: Uint8Array): Uint8Array;
+//# sourceMappingURL=utils.d.ts.map

package/dist/src/src/jwt/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../../src/jwt/utils.ts"],"names":[],"mappings":"AAEA,wBAAgB,iBAAiB,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,UAAU,GAAG,OAAO,CAOvE;AAoBD,wBAAsB,oBAAoB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC;IAAE,UAAU,EAAE,SAAS,CAAC;IAAC,SAAS,EAAE,SAAS,CAAA;CAAE,CAAC,CA6BnH;AAED;;GAEG;AACH,wBAAgB,QAAQ,CAAC,GAAG,EAAE,UAAU,GAAG,UAAU,CA2CpD"}

package/dist/src/src/oauth/index.d.ts

@@ -0,0 +1,52 @@
+import type { OAuth2Tokens } from 'arctic';
+export { Discord } from './providers/discord';
+export { Facebook } from './providers/facebook';
+export { GitHub } from './providers/github';
+export { Google } from './providers/google';
+export { Microsoft } from './providers/microsoft';
+export interface OAuthProviderConfig {
+    clientId: string;
+    clientSecret: string;
+    redirectUri?: string;
+    scope?: string[];
+    linkOnly?: boolean;
+    params?: Record<string, string>;
+}
+export interface RefreshedTokens {
+    accessToken: string;
+    refreshToken?: string | null;
+    expiresAt?: number | null;
+    idToken?: string | null;
+    tokenType?: string | null;
+    scope?: string | null;
+}
+export interface AuthUser {
+    id: string;
+    name: string;
+    email: string | null;
+    emailVerified: boolean | null;
+    avatar: string | null;
+    raw: Record<string, unknown>;
+}
+export type ProviderProfileOverrides<C> = Partial<Pick<C, Extract<keyof C, 'tenant' | 'prompt'>>>;
+export interface OAuthProvider<T extends string = string, C = OAuthProviderConfig> {
+    id: T;
+    requiresRedirectUri?: boolean;
+    linkOnly?: boolean;
+    getAuthorizationUrl: (state: string, codeVerifier: string, options?: {
+        scopes?: string[];
+        redirectUri?: string;
+        params?: Record<string, string>;
+        overrides?: ProviderProfileOverrides<C>;
+    }) => Promise<URL>;
+    validateCallback: (code: string, codeVerifier: string, redirectUri?: string, overrides?: ProviderProfileOverrides<C>) => Promise<{
+        tokens: OAuth2Tokens;
+        user: AuthUser;
+    }>;
+    refreshAccessToken?: (refreshToken: string, options?: {
+        redirectUri?: string;
+        scopes?: string[];
+        overrides?: ProviderProfileOverrides<C>;
+    }) => Promise<RefreshedTokens>;
+}
+//# sourceMappingURL=index.d.ts.map

package/dist/src/src/oauth/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/oauth/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAA;AAE1C,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAA;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAC3C,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAC3C,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAA;AAEjD,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,MAAM,CAAA;IAChB,YAAY,EAAE,MAAM,CAAA;IACpB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAChC;AAED,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,MAAM,CAAA;IACnB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC5B,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACzB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACzB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CACtB;AAED,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,EAAE,MAAM,CAAA;IACZ,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,aAAa,EAAE,OAAO,GAAG,IAAI,CAAA;IAC7B,MAAM,EAAE,MAAM,GAAG,IAAI,CAAA;IACrB,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAC7B;AAED,MAAM,MAAM,wBAAwB,CAAC,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,CAAC,MAAM,CAAC,EAAE,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAA;AAEjG,MAAM,WAAW,aAAa,CAAC,CAAC,SAAS,MAAM,GAAG,MAAM,EAAE,CAAC,GAAG,mBAAmB;IAC/E,EAAE,EAAE,CAAC,CAAA;IACL,mBAAmB,CAAC,EAAE,OAAO,CAAA;IAC7B,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,mBAAmB,EAAE,CACnB,KAAK,EAAE,MAAM,EACb,YAAY,EAAE,MAAM,EACpB,OAAO,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAAC,WAAW,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAAC,SAAS,CAAC,EAAE,wBAAwB,CAAC,CAAC,CAAC,CAAA;KAAE,KAC5H,OAAO,CAAC,GAAG,CAAC,CAAA;IACjB,gBAAgB,EAAE,CAChB,IAAI,EAAE,MAAM,EACZ,YAAY,EAAE,MAAM,EACpB,WAAW,CAAC,EAAE,MAAM,EACpB,SAAS,CAAC,EAAE,wBAAwB,CAAC,CAAC,CAAC,KACpC,OAAO,CAAC;QAAE,MAAM,EAAE,YAAY,CAAC;QAAC,IAAI,EAAE,QAAQ,CAAA;KAAE,CAAC,CAAA;IACtD,kBAAkB,CAAC,EAAE,CACnB,YAAY,EAAE,MAAM,EACpB,OAAO,CAAC,EAAE;QAAE,WAAW,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAAC,SAAS,CAAC,EAAE,wBAAwB,CAAC,CAAC,CAAC,CAAA;KAAE,KAC3F,OAAO,CAAC,eAAe,CAAC,CAAA;CAC9B"}

package/dist/src/src/oauth/providers/discord.d.ts

@@ -0,0 +1,3 @@
+import type { OAuthProvider, OAuthProviderConfig } from '../index';
+export declare function Discord(config: OAuthProviderConfig): OAuthProvider<'discord'>;
+//# sourceMappingURL=discord.d.ts.map

package/dist/src/src/oauth/providers/discord.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"discord.d.ts","sourceRoot":"","sources":["../../../../../src/oauth/providers/discord.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAY,aAAa,EAAE,mBAAmB,EAAmB,MAAM,UAAU,CAAA;AAmC7F,wBAAgB,OAAO,CAAC,MAAM,EAAE,mBAAmB,GAAG,aAAa,CAAC,SAAS,CAAC,CA0D7E"}

package/dist/src/src/oauth/providers/facebook.d.ts

@@ -0,0 +1,3 @@
+import type { OAuthProvider, OAuthProviderConfig } from '../index';
+export declare function Facebook(config: OAuthProviderConfig): OAuthProvider<'facebook', OAuthProviderConfig>;
+//# sourceMappingURL=facebook.d.ts.map

package/dist/src/src/oauth/providers/facebook.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"facebook.d.ts","sourceRoot":"","sources":["../../../../../src/oauth/providers/facebook.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAY,aAAa,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAA;AA0C5E,wBAAgB,QAAQ,CAAC,MAAM,EAAE,mBAAmB,GAAG,aAAa,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAyCpG"}

package/dist/src/src/oauth/providers/github.d.ts

@@ -0,0 +1,3 @@
+import type { OAuthProvider, OAuthProviderConfig } from '../index';
+export declare function GitHub(config: OAuthProviderConfig): OAuthProvider<'github', OAuthProviderConfig>;
+//# sourceMappingURL=github.d.ts.map

package/dist/src/src/oauth/providers/github.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"github.d.ts","sourceRoot":"","sources":["../../../../../src/oauth/providers/github.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAY,aAAa,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAA;AAuE5E,wBAAgB,MAAM,CAAC,MAAM,EAAE,mBAAmB,GAAG,aAAa,CAAC,QAAQ,EAAE,mBAAmB,CAAC,CAmChG"}

package/dist/src/src/oauth/providers/google.d.ts

@@ -0,0 +1,3 @@
+import type { OAuthProvider, OAuthProviderConfig } from '../index';
+export declare function Google(config: OAuthProviderConfig): OAuthProvider<'google'>;
+//# sourceMappingURL=google.d.ts.map

package/dist/src/src/oauth/providers/google.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"google.d.ts","sourceRoot":"","sources":["../../../../../src/oauth/providers/google.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAY,aAAa,EAAE,mBAAmB,EAAmB,MAAM,UAAU,CAAA;AAmC7F,wBAAgB,MAAM,CAAC,MAAM,EAAE,mBAAmB,GAAG,aAAa,CAAC,QAAQ,CAAC,CAkE3E"}

package/dist/src/src/oauth/providers/microsoft.d.ts

@@ -0,0 +1,8 @@
+import type { OAuthProvider, OAuthProviderConfig } from '../index';
+interface MicrosoftConfig extends OAuthProviderConfig {
+    tenant?: 'common' | 'organizations' | 'consumers' | (string & {});
+    prompt?: 'login' | 'none' | 'consent' | 'select_account' | (string & {});
+}
+export declare function Microsoft(config: MicrosoftConfig): OAuthProvider<'microsoft', MicrosoftConfig>;
+export {};
+//# sourceMappingURL=microsoft.d.ts.map

package/dist/src/src/oauth/providers/microsoft.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"microsoft.d.ts","sourceRoot":"","sources":["../../../../../src/oauth/providers/microsoft.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAY,aAAa,EAAE,mBAAmB,EAAmB,MAAM,UAAU,CAAA;AAU7F,UAAU,eAAgB,SAAQ,mBAAmB;IACnD,MAAM,CAAC,EAAE,QAAQ,GAAG,eAAe,GAAG,WAAW,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAA;IACjE,MAAM,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,SAAS,GAAG,gBAAgB,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAA;CACzE;AAiGD,wBAAgB,SAAS,CAAC,MAAM,EAAE,eAAe,GAAG,aAAa,CAAC,WAAW,EAAE,eAAe,CAAC,CAoF9F"}

package/dist/src/src/oauth/utils.d.ts

@@ -0,0 +1,5 @@
+export declare function createOAuthUris(): {
+    state: string;
+    codeVerifier: string;
+};
+//# sourceMappingURL=utils.d.ts.map

package/dist/src/src/oauth/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../../src/oauth/utils.ts"],"names":[],"mappings":"AAEA,wBAAgB,eAAe;;;EAQ9B"}

package/dist/src/src/runtimes/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/runtimes/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAA"}

package/dist/src/src/runtimes/tauri/index.d.ts

@@ -0,0 +1,8 @@
+import type { ProfileName, ProviderIds } from '../../core';
+export declare function isTauri(): boolean;
+export declare function signInWithTauri<const TAuth = unknown, P extends ProviderIds<TAuth> = ProviderIds<TAuth>, PR extends (ProfileName<TAuth, P> | string) | undefined = undefined>(provider: P, baseUrl: string, scheme?: string, redirectOverride?: string, profile?: PR): Promise<void>;
+export declare function setupTauriListener(handler: (url: string) => Promise<void>): Promise<(() => void) | void>;
+export declare function handleTauriDeepLink(url: string, baseUrl: string, scheme: string, onToken: (token: string) => void): Promise<void>;
+export declare function linkAccountWithTauri<const TAuth = unknown, P extends ProviderIds<TAuth> = ProviderIds<TAuth>, PR extends (ProfileName<TAuth, P> | string) | undefined = undefined>(provider: P, baseUrl: string, scheme?: string, redirectOverride?: string, profile?: PR): Promise<void>;
+export declare function startAuthBridge(baseUrl: string, scheme: string, onToken: (token: string) => Promise<void> | void): Promise<(() => void) | void>;
+//# sourceMappingURL=index.d.ts.map

package/dist/src/src/runtimes/tauri/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/runtimes/tauri/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAI1D,wBAAgB,OAAO,IAAI,OAAO,CAEjC;AAmBD,wBAAsB,eAAe,CAAC,KAAK,CAAC,KAAK,GAAG,OAAO,EAAE,CAAC,SAAS,WAAW,CAAC,KAAK,CAAC,GAAG,WAAW,CAAC,KAAK,CAAC,EAAE,EAAE,SAAS,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,GAAG,SAAS,GAAG,SAAS,EACjL,QAAQ,EAAE,CAAC,EACX,OAAO,EAAE,MAAM,EACf,MAAM,GAAE,MAAc,EACtB,gBAAgB,CAAC,EAAE,MAAM,EACzB,OAAO,CAAC,EAAE,EAAE,iBA4Cb;AAED,wBAAsB,kBAAkB,CACtC,OAAO,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,GACtC,OAAO,CAAC,CAAC,MAAM,IAAI,CAAC,GAAG,IAAI,CAAC,CAc9B;AAED,wBAAsB,mBAAmB,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,iBAmCvH;AAED,wBAAsB,oBAAoB,CAAC,KAAK,CAAC,KAAK,GAAG,OAAO,EAAE,CAAC,SAAS,WAAW,CAAC,KAAK,CAAC,GAAG,WAAW,CAAC,KAAK,CAAC,EAAE,EAAE,SAAS,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,GAAG,SAAS,GAAG,SAAS,EACtL,QAAQ,EAAE,CAAC,EACX,OAAO,EAAE,MAAM,EACf,MAAM,GAAE,MAAc,EACtB,gBAAgB,CAAC,EAAE,MAAM,EACzB,OAAO,CAAC,EAAE,EAAE,iBA6Cb;AAED,wBAAsB,eAAe,CACnC,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,GAC/C,OAAO,CAAC,CAAC,MAAM,IAAI,CAAC,GAAG,IAAI,CAAC,CAQ9B"}

package/dist/src/src/solidstart/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/solidstart/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,gBAAgB,EAA2B,qBAAqB,EAAE,MAAM,SAAS,CAAA;AAClH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAE7C,OAAO,EAAE,UAAU,EAA2D,sBAAsB,EAAmB,MAAM,SAAS,CAAA;AAEtI,OAAO,EAAE,sBAAsB,EAAE,CAAA;AAEjC,KAAK,YAAY,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,IAAI,UAAU,CAAC,OAAO,UAAU,CAAC,UAAU,CAAC,CAAC,CAAA;AAEtG;;;;;;;;;;;GAWG;AACH,wBAAgB,SAAS,CAAC,KAAK,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,EAAE,aAAa,EAAE,iBAAiB,CAAC,UAAU,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC;;;;EAY/I;AAED;;;;GAIG;AACH,wBAAgB,gCAAgC,CAAC,KAAK,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,EAAE,YAAY,CAAC,UAAU,CAAC,gPAsB7H;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,cAAc,CAAC,KAAK,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,EAC1E,cAAc,EAAE,MAAM,EAAE,GAAG,OAAO,EAClC,aAAa,EAAE,iBAAiB,CAAC,UAAU,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC,iCA0BxE;AAWD;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,EAC7E,aAAa,EAAE,iBAAiB,CAAC,UAAU,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC,EACvE,OAAO,GAAE,qBAA0B,iCAcpC"}

package/dist/src/src/sveltekit/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/sveltekit/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,eAAe,CAAA;AACzD,OAAO,KAAK,EAAE,iBAAiB,EAA6C,qBAAqB,EAAE,MAAM,SAAS,CAAA;AAClH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAC7C,OAAO,EAAE,UAAU,EAA2D,sBAAsB,EAAmB,MAAM,SAAS,CAAA;AAEtI,OAAO,EAAE,sBAAsB,EAAE,CAAA;AAEjC,KAAK,YAAY,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,IAAI,UAAU,CAAC,OAAO,UAAU,CAAC,UAAU,CAAC,CAAC,CAAA;AAEtG;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,aAAa,CAAC,KAAK,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,EAAE,aAAa,EAAE,iBAAiB,CAAC,UAAU,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC;;;;;EA4DnJ;AAWD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,EAC/E,aAAa,EAAE,iBAAiB,CAAC,UAAU,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC,EACvE,OAAO,GAAE,qBAA0B,GAClC,MAAM,CAiBR"}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@rttnd/gau",
   "type": "module",
-  "version": "1.3.0",
+  "version": "1.3.1",
   "packageManager": "bun@1.3.5",
   "description": "gau is a delightful auth library",
   "license": "MIT",

package/dist/src/adapters/drizzle/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/adapters/drizzle/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAC/C,OAAO,KAAK,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,UAAU,CAAA;AAEzD,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAA;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAEhD,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAA;AAK5D,wBAAgB,cAAc,CAC5B,CAAC,SAAS,UAAU,EACpB,CAAC,SAAS,aAAa,EAEvB,EAAE,EACE,kBAAkB,CAAC,MAAM,GAAG,OAAO,EAAE,GAAG,EAAE,GAAG,CAAC,GAC9C,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,GACjC,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAC7B,KAAK,EAAE,CAAC,EACR,QAAQ,EAAE,CAAC,GACV,OAAO,CAcT"}

package/dist/src/adapters/drizzle/mysql.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"mysql.d.ts","sourceRoot":"","sources":["../../../../src/adapters/drizzle/mysql.ts"],"names":[],"mappings":"AACA,wBAAgB,mBAAmB,IAAI,KAAK,CAE3C"}

package/dist/src/adapters/drizzle/pg.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"pg.d.ts","sourceRoot":"","sources":["../../../../src/adapters/drizzle/pg.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAsC,KAAK,EAAE,MAAM,aAAa,CAAA;AACvF,OAAO,KAAK,EAAE,UAAU,EAAW,MAAM,qBAAqB,CAAA;AAC9D,OAAO,KAAK,EAAW,OAAO,EAA6B,MAAM,YAAY,CAAA;AAG7E,MAAM,MAAM,UAAU,GAAG,KAAK,GAAG;IAC/B,EAAE,EAAE,SAAS,CAAA;IACb,IAAI,EAAE,SAAS,CAAA;IACf,KAAK,EAAE,SAAS,CAAA;IAChB,KAAK,EAAE,SAAS,CAAA;IAChB,aAAa,EAAE,SAAS,CAAA;IACxB,IAAI,CAAC,EAAE,SAAS,CAAA;IAChB,SAAS,EAAE,SAAS,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;CACrB,CAAA;AAED,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG;IAClC,MAAM,EAAE,SAAS,CAAA;IACjB,IAAI,EAAE,SAAS,CAAA;IACf,QAAQ,EAAE,SAAS,CAAA;IACnB,iBAAiB,EAAE,SAAS,CAAA;IAC5B,YAAY,EAAE,SAAS,CAAA;IACvB,WAAW,EAAE,SAAS,CAAA;IACtB,SAAS,EAAE,SAAS,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;IACpB,KAAK,EAAE,SAAS,CAAA;IAChB,OAAO,EAAE,SAAS,CAAA;IAClB,YAAY,CAAC,EAAE,SAAS,CAAA;CACzB,CAAA;AAED,wBAAgB,sBAAsB,CACpC,EAAE,SAAS,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EACpC,CAAC,SAAS,UAAU,EACpB,CAAC,SAAS,aAAa,EACvB,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,GAAG,OAAO,CA2JxC"}

package/dist/src/adapters/drizzle/sqlite.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"sqlite.d.ts","sourceRoot":"","sources":["../../../../src/adapters/drizzle/sqlite.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAsC,KAAK,EAAE,MAAM,aAAa,CAAA;AACvF,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAA;AACjE,OAAO,KAAK,EAAW,OAAO,EAA6B,MAAM,kBAAkB,CAAA;AAInF,MAAM,MAAM,UAAU,GAAG,KAAK,GAAG;IAC/B,EAAE,EAAE,SAAS,CAAA;IACb,IAAI,EAAE,SAAS,CAAA;IACf,KAAK,EAAE,SAAS,CAAA;IAChB,KAAK,EAAE,SAAS,CAAA;IAChB,aAAa,EAAE,SAAS,CAAA;IACxB,IAAI,CAAC,EAAE,SAAS,CAAA;IAChB,SAAS,EAAE,SAAS,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;CACrB,CAAA;AAED,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG;IAClC,MAAM,EAAE,SAAS,CAAA;IACjB,IAAI,EAAE,SAAS,CAAA;IACf,QAAQ,EAAE,SAAS,CAAA;IACnB,iBAAiB,EAAE,SAAS,CAAA;IAC5B,YAAY,EAAE,SAAS,CAAA;IACvB,WAAW,EAAE,SAAS,CAAA;IACtB,SAAS,EAAE,SAAS,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;IACpB,KAAK,EAAE,SAAS,CAAA;IAChB,OAAO,EAAE,SAAS,CAAA;IAClB,YAAY,CAAC,EAAE,SAAS,CAAA;CACzB,CAAA;AAED,wBAAgB,oBAAoB,CAClC,EAAE,SAAS,kBAAkB,CAAC,MAAM,GAAG,OAAO,EAAE,GAAG,EAAE,GAAG,CAAC,EACzD,CAAC,SAAS,UAAU,EACpB,CAAC,SAAS,aAAa,EACvB,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,GAAG,OAAO,CAkJxC"}

package/dist/src/adapters/drizzle/transaction.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"transaction.d.ts","sourceRoot":"","sources":["../../../../src/adapters/drizzle/transaction.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAA;AAGjE;;;;;;;;;GASG;AACH,wBAAsB,WAAW,CAAC,CAAC,EACjC,EAAE,EAAE,kBAAkB,CAAC,MAAM,GAAG,OAAO,EAAE,GAAG,EAAE,GAAG,CAAC,EAClD,QAAQ,EAAE,CACR,EAAE,EAAE,IAAI,CAAC,OAAO,EAAE,EAAE,aAAa,CAAC,KAC/B,OAAO,CAAC,CAAC,CAAC,GACd,OAAO,CAAC,CAAC,CAAC,CAgBZ"}

package/dist/src/adapters/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/adapters/index.ts"],"names":[],"mappings":"AAAA,cAAc,WAAW,CAAA;AACzB,cAAc,UAAU,CAAA"}

package/dist/src/adapters/memory/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/adapters/memory/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAW,OAAO,EAA6B,MAAM,kBAAkB,CAAA;AAWnF,wBAAgB,aAAa,IAAI,OAAO,CAkHvC"}

package/dist/src/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,QAAQ,CAAA;AACtB,YAAY,EAAE,UAAU,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA"}

package/dist/src/runtimes/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/runtimes/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAA"}

package/dist/src/solidstart/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/solidstart/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,gBAAgB,EAA2B,qBAAqB,EAAE,MAAM,SAAS,CAAA;AAClH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAE7C,OAAO,EAAE,UAAU,EAA2D,sBAAsB,EAAmB,MAAM,SAAS,CAAA;AAEtI,OAAO,EAAE,sBAAsB,EAAE,CAAA;AAEjC,KAAK,YAAY,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,IAAI,UAAU,CAAC,OAAO,UAAU,CAAC,UAAU,CAAC,CAAC,CAAA;AAEtG;;;;;;;;;;;GAWG;AACH,wBAAgB,SAAS,CAAC,KAAK,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,EAAE,aAAa,EAAE,iBAAiB,CAAC,UAAU,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC;;;;EAY/I;AAED;;;;GAIG;AACH,wBAAgB,gCAAgC,CAAC,KAAK,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,EAAE,YAAY,CAAC,UAAU,CAAC,gPAsB7H;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,cAAc,CAAC,KAAK,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,EAC1E,cAAc,EAAE,MAAM,EAAE,GAAG,OAAO,EAClC,aAAa,EAAE,iBAAiB,CAAC,UAAU,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC,iCA0BxE;AAWD;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,EAC7E,aAAa,EAAE,iBAAiB,CAAC,UAAU,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC,EACvE,OAAO,GAAE,qBAA0B,iCAcpC"}

package/dist/src/sveltekit/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/sveltekit/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,eAAe,CAAA;AACzD,OAAO,KAAK,EAAE,iBAAiB,EAA6C,qBAAqB,EAAE,MAAM,SAAS,CAAA;AAClH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAC7C,OAAO,EAAE,UAAU,EAA2D,sBAAsB,EAAmB,MAAM,SAAS,CAAA;AAEtI,OAAO,EAAE,sBAAsB,EAAE,CAAA;AAEjC,KAAK,YAAY,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,IAAI,UAAU,CAAC,OAAO,UAAU,CAAC,UAAU,CAAC,CAAC,CAAA;AAEtG;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,aAAa,CAAC,KAAK,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,EAAE,aAAa,EAAE,iBAAiB,CAAC,UAAU,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC;;;;;EA4DnJ;AAWD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,CAAC,UAAU,SAAS,aAAa,CAAC,GAAG,CAAC,EAAE,EAC/E,aAAa,EAAE,iBAAiB,CAAC,UAAU,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC,EACvE,OAAO,GAAE,qBAA0B,GAClC,MAAM,CAiBR"}