@schemavaults/auth-common 0.7.27

package/dist/middleware/auth-middleware.js

@@ -0,0 +1,177 @@
+import { parseNavigationPath, } from "./parse-navigation-path";
+import { evaluateAuthMiddlewareRules, } from "./middleware-rules";
+export function AuthMiddleware({ path, authStatus, rules, authedOnUnauthedRouteRedirectTo, unauthedOnAuthedRouteRedirectTo, authorize_uri, successful_logout_redirect_uri, environment, ...opts }) {
+    // Determine environment
+    if (!environment) {
+        throw new TypeError("[AuthMiddleware] Did not receive an 'environment' input option!");
+    }
+    let debug = false;
+    if (typeof opts.debug === "boolean") {
+        debug = opts.debug;
+    }
+    else {
+        if (environment === "development" ||
+            environment === "test" ||
+            environment === "staging") {
+            debug = true;
+        }
+    }
+    if (typeof path !== "string") {
+        throw new Error("AuthMiddleware: path must be a string.");
+    }
+    const isAuthorizePage = path.startsWith(authorize_uri);
+    const parsedPath = parseNavigationPath(path);
+    if (debug) {
+        console.log('[AuthMiddleware] Running auth middleware on path: "/' +
+            parsedPath.join("/") +
+            '"');
+        console.log(`[AuthMiddleware] Current authentication status:`, authStatus);
+        console.log("[AuthMiddleware] Rules: ", rules);
+    }
+    // Redirect from the logout page if a URL was supplied
+    if (typeof successful_logout_redirect_uri === "string") {
+        const isLogoutPage = parsedPath.length === 2 &&
+            parsedPath[0] == "auth" &&
+            parsedPath[1] == "logout";
+        if (isLogoutPage && authStatus.status === "logged-out") {
+            return {
+                redirect: true,
+                redirectTo: successful_logout_redirect_uri,
+                remain: false,
+            };
+        }
+    }
+    const middlewareRuleDetermination = evaluateAuthMiddlewareRules(parsedPath, authStatus, rules, environment);
+    if (debug) {
+        console.log("[AuthMiddleware] Middleware situation reducer evaluation: ", middlewareRuleDetermination);
+    }
+    // A basic sanity check on the result of evaluateAuthMiddlewareRules
+    if (middlewareRuleDetermination.length !== 3 ||
+        middlewareRuleDetermination[1] !== "on") {
+        throw new Error("AuthMiddleware: Invalid middleware rule determination.");
+    }
+    if (middlewareRuleDetermination[0] === "logged-in") {
+        if (debug) {
+            console.log("[AuthMiddleware] Reccommending redirect to: ", authedOnUnauthedRouteRedirectTo);
+        }
+        if (isAuthorizePage) {
+            return {
+                redirect: true,
+                remain: false,
+                redirectTo: authedOnUnauthedRouteRedirectTo,
+            };
+        }
+        switch (middlewareRuleDetermination[2]) {
+            case "public":
+                if (debug) {
+                    console.log(`[AuthMiddleware] Recommending remain on page: /${parsedPath.join("/")}`);
+                }
+                return {
+                    redirect: false,
+                    remain: true,
+                };
+            case "unauthed":
+                if (debug) {
+                    console.log(`[AuthMiddleware] Recommending redirect to page: `, authedOnUnauthedRouteRedirectTo, ` ( from current url: ${parsedPath.join(", ")})`);
+                }
+                return {
+                    redirect: true,
+                    remain: false,
+                    redirectTo: authedOnUnauthedRouteRedirectTo,
+                };
+            case "authed":
+                if (debug) {
+                    console.log(`[AuthMiddleware] Recommending remain on page: /${parsedPath.join("/")}`);
+                }
+                return {
+                    redirect: false,
+                    remain: true,
+                };
+            case "api": {
+                if (debug) {
+                    console.log(`[AuthMiddleware] Recommending API request to pass-through: /${parsedPath.join("/")}`);
+                }
+                return {
+                    redirect: false,
+                    remain: true,
+                };
+            }
+            case "admin": {
+                if (authStatus.status === "logged-in" && authStatus.admin) {
+                    if (debug) {
+                        console.log(`[AuthMiddleware] Recommending admin remain on page: /${parsedPath.join("/")}`);
+                    }
+                    return {
+                        redirect: false,
+                        remain: true,
+                    };
+                }
+                else if (authStatus.status === "logged-in") {
+                    return {
+                        redirect: true,
+                        remain: false,
+                        redirectTo: authedOnUnauthedRouteRedirectTo,
+                    };
+                }
+                else {
+                    authStatus.status;
+                    return {
+                        redirect: true,
+                        remain: false,
+                        redirectTo: unauthedOnAuthedRouteRedirectTo,
+                    };
+                }
+            }
+            default:
+                throw new Error("AuthMiddleware: Invalid page security level.");
+        }
+    }
+    else {
+        // logged-out
+        switch (middlewareRuleDetermination[2]) {
+            case "public":
+                if (debug) {
+                    console.log(`[AuthMiddleware] Recommending remain on page: /${parsedPath.join("/")}`);
+                }
+                return {
+                    redirect: false,
+                    remain: true,
+                };
+            case "unauthed":
+                if (debug) {
+                    console.log(`[AuthMiddleware] Recommending remain on page: /${parsedPath.join("/")}`);
+                }
+                return {
+                    redirect: false,
+                    remain: true,
+                };
+            case "authed":
+                if (debug) {
+                    console.log(`[AuthMiddleware] Recommending redirect to page: }`, unauthedOnAuthedRouteRedirectTo);
+                }
+                return {
+                    redirect: true,
+                    remain: false,
+                    redirectTo: unauthedOnAuthedRouteRedirectTo,
+                };
+            case "admin":
+                if (debug) {
+                    console.log(`[AuthMiddleware] Recommending redirect to page: }`, unauthedOnAuthedRouteRedirectTo);
+                }
+                return {
+                    redirect: true,
+                    remain: false,
+                    redirectTo: unauthedOnAuthedRouteRedirectTo,
+                };
+            case "api":
+                return {
+                    redirect: false,
+                    remain: undefined,
+                    error: "Unauthorized",
+                };
+            default:
+                throw new Error("AuthMiddleware: Invalid page security level.");
+        }
+    }
+}
+//# sourceMappingURL=auth-middleware.js.map

package/dist/middleware/auth-middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-middleware.js","sourceRoot":"","sources":["../../src/middleware/auth-middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,mBAAmB,GACpB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EACL,2BAA2B,GAG5B,MAAM,oBAAoB,CAAC;AAyC5B,MAAM,UAAU,cAAc,CAAC,EAC7B,IAAI,EACJ,UAAU,EACV,KAAK,EACL,+BAA+B,EAC/B,+BAA+B,EAC/B,aAAa,EACb,8BAA8B,EAC9B,WAAW,EACX,GAAG,IAAI,EACe;IACtB,wBAAwB;IACxB,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,SAAS,CACjB,iEAAiE,CAClE,CAAC;IACJ,CAAC;IAED,IAAI,KAAK,GAAY,KAAK,CAAC;IAC3B,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;QACpC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;IACrB,CAAC;SAAM,CAAC;QACN,IACE,WAAW,KAAK,aAAa;YAC7B,WAAW,KAAK,MAAM;YACtB,WAAW,KAAK,SAAS,EACzB,CAAC;YACD,KAAK,GAAG,IAAI,CAAC;QACf,CAAC;IACH,CAAC;IAED,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,CAAC;IAED,MAAM,eAAe,GAAY,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;IAEhE,MAAM,UAAU,GAAmB,mBAAmB,CAAC,IAAI,CAAC,CAAC;IAC7D,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CACT,sDAAsD;YACpD,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC;YACpB,GAAG,CACN,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,iDAAiD,EAAE,UAAU,CAAC,CAAC;QAC3E,OAAO,CAAC,GAAG,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC;IACjD,CAAC;IAED,sDAAsD;IACtD,IAAI,OAAO,8BAA8B,KAAK,QAAQ,EAAE,CAAC;QACvD,MAAM,YAAY,GAChB,UAAU,CAAC,MAAM,KAAK,CAAC;YACvB,UAAU,CAAC,CAAC,CAAC,IAAI,MAAM;YACvB,UAAU,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC;QAE5B,IAAI,YAAY,IAAI,UAAU,CAAC,MAAM,KAAK,YAAY,EAAE,CAAC;YACvD,OAAO;gBACL,QAAQ,EAAE,IAAI;gBACd,UAAU,EAAE,8BAA8B;gBAC1C,MAAM,EAAE,KAAK;aACd,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,2BAA2B,GAAG,2BAA2B,CAC7D,UAAU,EACV,UAAU,EACV,KAAK,EACL,WAAW,CACZ,CAAC;IAEF,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CACT,4DAA4D,EAC5D,2BAA2B,CAC5B,CAAC;IACJ,CAAC;IAED,oEAAoE;IACpE,IACE,2BAA2B,CAAC,MAAM,KAAK,CAAC;QACxC,2BAA2B,CAAC,CAAC,CAAC,KAAK,IAAI,EACvC,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;IAC5E,CAAC;IAED,IAAI,2BAA2B,CAAC,CAAC,CAAC,KAAK,WAAW,EAAE,CAAC;QACnD,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,CAAC,GAAG,CACT,8CAA8C,EAC9C,+BAA+B,CAChC,CAAC;QACJ,CAAC;QACD,IAAI,eAAe,EAAE,CAAC;YACpB,OAAO;gBACL,QAAQ,EAAE,IAAI;gBACd,MAAM,EAAE,KAAK;gBACb,UAAU,EAAE,+BAA+B;aAC5C,CAAC;QACJ,CAAC;QAED,QAAQ,2BAA2B,CAAC,CAAC,CAAC,EAAE,CAAC;YACvC,KAAK,QAAQ;gBACX,IAAI,KAAK,EAAE,CAAC;oBACV,OAAO,CAAC,GAAG,CACT,kDAAkD,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CACzE,CAAC;gBACJ,CAAC;gBACD,OAAO;oBACL,QAAQ,EAAE,KAAK;oBACf,MAAM,EAAE,IAAI;iBACb,CAAC;YACJ,KAAK,UAAU;gBACb,IAAI,KAAK,EAAE,CAAC;oBACV,OAAO,CAAC,GAAG,CACT,kDAAkD,EAClD,+BAA+B,EAC/B,wBAAwB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CACjD,CAAC;gBACJ,CAAC;gBACD,OAAO;oBACL,QAAQ,EAAE,IAAI;oBACd,MAAM,EAAE,KAAK;oBACb,UAAU,EAAE,+BAA+B;iBAC5C,CAAC;YACJ,KAAK,QAAQ;gBACX,IAAI,KAAK,EAAE,CAAC;oBACV,OAAO,CAAC,GAAG,CACT,kDAAkD,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CACzE,CAAC;gBACJ,CAAC;gBACD,OAAO;oBACL,QAAQ,EAAE,KAAK;oBACf,MAAM,EAAE,IAAI;iBACb,CAAC;YACJ,KAAK,KAAK,CAAC,CAAC,CAAC;gBACX,IAAI,KAAK,EAAE,CAAC;oBACV,OAAO,CAAC,GAAG,CACT,+DAA+D,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CACtF,CAAC;gBACJ,CAAC;gBACD,OAAO;oBACL,QAAQ,EAAE,KAAK;oBACf,MAAM,EAAE,IAAI;iBACb,CAAC;YACJ,CAAC;YACD,KAAK,OAAO,CAAC,CAAC,CAAC;gBACb,IAAI,UAAU,CAAC,MAAM,KAAK,WAAW,IAAI,UAAU,CAAC,KAAK,EAAE,CAAC;oBAC1D,IAAI,KAAK,EAAE,CAAC;wBACV,OAAO,CAAC,GAAG,CACT,wDAAwD,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAC/E,CAAC;oBACJ,CAAC;oBACD,OAAO;wBACL,QAAQ,EAAE,KAAK;wBACf,MAAM,EAAE,IAAI;qBACb,CAAC;gBACJ,CAAC;qBAAM,IAAI,UAAU,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;oBAC7C,OAAO;wBACL,QAAQ,EAAE,IAAI;wBACd,MAAM,EAAE,KAAK;wBACb,UAAU,EAAE,+BAA+B;qBAC5C,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,UAAU,CAAC,MAA6B,CAAC;oBACzC,OAAO;wBACL,QAAQ,EAAE,IAAI;wBACd,MAAM,EAAE,KAAK;wBACb,UAAU,EAAE,+BAA+B;qBAC5C,CAAC;gBACJ,CAAC;YACH,CAAC;YACD;gBACE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;SAAM,CAAC;QACN,aAAa;QACb,QAAQ,2BAA2B,CAAC,CAAC,CAAC,EAAE,CAAC;YACvC,KAAK,QAAQ;gBACX,IAAI,KAAK,EAAE,CAAC;oBACV,OAAO,CAAC,GAAG,CACT,kDAAkD,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CACzE,CAAC;gBACJ,CAAC;gBACD,OAAO;oBACL,QAAQ,EAAE,KAAK;oBACf,MAAM,EAAE,IAAI;iBACb,CAAC;YACJ,KAAK,UAAU;gBACb,IAAI,KAAK,EAAE,CAAC;oBACV,OAAO,CAAC,GAAG,CACT,kDAAkD,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CACzE,CAAC;gBACJ,CAAC;gBACD,OAAO;oBACL,QAAQ,EAAE,KAAK;oBACf,MAAM,EAAE,IAAI;iBACb,CAAC;YACJ,KAAK,QAAQ;gBACX,IAAI,KAAK,EAAE,CAAC;oBACV,OAAO,CAAC,GAAG,CACT,mDAAmD,EACnD,+BAA+B,CAChC,CAAC;gBACJ,CAAC;gBACD,OAAO;oBACL,QAAQ,EAAE,IAAI;oBACd,MAAM,EAAE,KAAK;oBACb,UAAU,EAAE,+BAA+B;iBAC5C,CAAC;YACJ,KAAK,OAAO;gBACV,IAAI,KAAK,EAAE,CAAC;oBACV,OAAO,CAAC,GAAG,CACT,mDAAmD,EACnD,+BAA+B,CAChC,CAAC;gBACJ,CAAC;gBACD,OAAO;oBACL,QAAQ,EAAE,IAAI;oBACd,MAAM,EAAE,KAAK;oBACb,UAAU,EAAE,+BAA+B;iBAC5C,CAAC;YACJ,KAAK,KAAK;gBACR,OAAO;oBACL,QAAQ,EAAE,KAAK;oBACf,MAAM,EAAE,SAAS;oBACjB,KAAK,EAAE,cAAc;iBACtB,CAAC;YACJ;gBACE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/middleware/compare-path.d.ts

@@ -0,0 +1,2 @@
+import type { NavigationPath } from "./parse-navigation-path";
+export declare function comparePath(path: NavigationPath, route: NavigationPath): boolean;

package/dist/middleware/compare-path.js

@@ -0,0 +1,14 @@
+export function comparePath(path, route) {
+    if (!Array.isArray(path) || !Array.isArray(route)) {
+        throw new Error("comparePath: path and route must be arrays of route segments.");
+    }
+    if (path.length === 0 && route.length === 0) {
+        return true;
+    }
+    if (route.length === 0 && path.length > 0) {
+        return false;
+    }
+    return route.every((segment, i) => segment === path[i]);
+}
+;
+//# sourceMappingURL=compare-path.js.map

package/dist/middleware/compare-path.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"compare-path.js","sourceRoot":"","sources":["../../src/middleware/compare-path.ts"],"names":[],"mappings":"AAEA,MAAM,UAAU,WAAW,CAAC,IAAoB,EAAE,KAAqB;IACrE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAClD,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC,CAAC;IACnF,CAAC;IACD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5C,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1C,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;AAC1D,CAAC;AAAA,CAAC"}

package/dist/middleware/decode-first-of-several-jwts.d.ts

@@ -0,0 +1,10 @@
+import type { PotentiallyValidTokenSource } from "./token-source";
+import type { DecodeTokenFn } from "./decode-token-type";
+export interface DecodeFirstOfSeveralJwtsInputOptions {
+    token_sources: readonly PotentiallyValidTokenSource[];
+    decodeJWT: DecodeTokenFn;
+    jwt_audience: string;
+}
+type DecodeTokenOutput = Awaited<ReturnType<DecodeTokenFn>>;
+export declare function decodeFirstOfSeveralJwts({ token_sources, decodeJWT, jwt_audience, }: DecodeFirstOfSeveralJwtsInputOptions, debug?: boolean): Promise<DecodeTokenOutput>;
+export {};

package/dist/middleware/decode-first-of-several-jwts.js

@@ -0,0 +1,56 @@
+export async function decodeFirstOfSeveralJwts({ token_sources, decodeJWT, jwt_audience, }, debug = false) {
+    const n_token_sources = token_sources.length;
+    if (!Array.isArray(token_sources) || n_token_sources === 0) {
+        throw new Error("Did not receive a list of tokens to decode");
+    }
+    console.assert(typeof n_token_sources === "number" && n_token_sources > 0, "Expected there to be at least 1 potentially valid token if this point was reached!");
+    if (typeof jwt_audience !== "string") {
+        throw new Error("JWT audience is not a string!");
+    }
+    const decodeTokenPromises = token_sources.map(function (token) {
+        const type = token.type;
+        const decode_promise = decodeJWT({
+            type,
+            token: token.token,
+            jwt_audience,
+        });
+        return decode_promise;
+    });
+    const decodeResults = await Promise.allSettled(decodeTokenPromises);
+    const fulfilledDecodePromises = decodeResults.filter(function isFulfilledPromise(result) {
+        return result.status === "fulfilled";
+    });
+    const successfulDecodeResults = fulfilledDecodePromises.map((fulfilled_decode_result) => fulfilled_decode_result.value);
+    const n_successful_decode_results = successfulDecodeResults.length;
+    if (debug) {
+        console.log(`[decodeFirstOfSeveralJwts] Decoded ${n_successful_decode_results}/${n_token_sources} tokens successfully.`);
+    }
+    const successfulDecodeResult = n_successful_decode_results >= 1;
+    if (!successfulDecodeResult) {
+        const errorMessage = n_token_sources > 1
+            ? `Failed to decode any of the ${n_token_sources} provided JWTs`
+            : "Failed to decode the single JWT that was provided!";
+        throw new Error(errorMessage);
+    }
+    function validateSameInfoAcrossTokens() {
+        const uids_set = new Set();
+        const subs_set = new Set();
+        const auds_set = new Set();
+        for (const decoded of successfulDecodeResults) {
+            uids_set.add(decoded.uid);
+            subs_set.add(decoded.sub);
+            if (decoded.uid !== decoded.sub) {
+                throw new Error("uid not equal to sub");
+            }
+        }
+        if (uids_set.size !== 1 || subs_set.size !== 1) {
+            throw new Error("Token decoding produced different user IDs!");
+        }
+    }
+    validateSameInfoAcrossTokens();
+    // All of the results should in theory contain the same data-- use the first one (arbitrary)
+    console.assert(n_successful_decode_results >= 1, "Expected there to be at least one JWT to have been decoded successfully if this point was reached!");
+    const firstSuccessfulResult = successfulDecodeResults[0];
+    return firstSuccessfulResult;
+}
+//# sourceMappingURL=decode-first-of-several-jwts.js.map

package/dist/middleware/decode-first-of-several-jwts.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"decode-first-of-several-jwts.js","sourceRoot":"","sources":["../../src/middleware/decode-first-of-several-jwts.ts"],"names":[],"mappings":"AAYA,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,EACE,aAAa,EACb,SAAS,EACT,YAAY,GACyB,EACvC,QAAiB,KAAK;IAEtB,MAAM,eAAe,GAAW,aAAa,CAAC,MAAM,CAAC;IACrD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,eAAe,KAAK,CAAC,EAAE,CAAC;QAC3D,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IACD,OAAO,CAAC,MAAM,CACZ,OAAO,eAAe,KAAK,QAAQ,IAAI,eAAe,GAAG,CAAC,EAC1D,oFAAoF,CACrF,CAAC;IAEF,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,CAAC;IAED,MAAM,mBAAmB,GAAiC,aAAa,CAAC,GAAG,CACzE,UAAU,KAAkC;QAC1C,MAAM,IAAI,GAAmB,KAAK,CAAC,IAAI,CAAC;QAExC,MAAM,cAAc,GAA+B,SAAS,CAAC;YAC3D,IAAI;YACJ,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,YAAY;SACb,CAAC,CAAC;QACH,OAAO,cAAc,CAAC;IACxB,CAAC,CACF,CAAC;IAEF,MAAM,aAAa,GACjB,MAAM,OAAO,CAAC,UAAU,CAAC,mBAAmB,CAAC,CAAC;IAEhD,MAAM,uBAAuB,GAAG,aAAa,CAAC,MAAM,CAClD,SAAS,kBAAkB,CACzB,MAA+C;QAE/C,OAAO,MAAM,CAAC,MAAM,KAAK,WAAW,CAAC;IACvC,CAAC,CACF,CAAC;IAEF,MAAM,uBAAuB,GAC3B,uBAAuB,CAAC,GAAG,CACzB,CAAC,uBAAuB,EAAqB,EAAE,CAC7C,uBAAuB,CAAC,KAAK,CAChC,CAAC;IAEJ,MAAM,2BAA2B,GAAW,uBAAuB,CAAC,MAAM,CAAC;IAE3E,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CACT,sCAAsC,2BAA2B,IAAI,eAAgC,uBAAuB,CAC7H,CAAC;IACJ,CAAC;IAED,MAAM,sBAAsB,GAAY,2BAA2B,IAAI,CAAC,CAAC;IAEzE,IAAI,CAAC,sBAAsB,EAAE,CAAC;QAC5B,MAAM,YAAY,GAChB,eAAe,GAAG,CAAC;YACjB,CAAC,CAAC,+BAA+B,eAAe,gBAAgB;YAChE,CAAC,CAAC,oDAAoD,CAAC;QAC3D,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;IAChC,CAAC;IAED,SAAS,4BAA4B;QACnC,MAAM,QAAQ,GAAgB,IAAI,GAAG,EAAE,CAAC;QACxC,MAAM,QAAQ,GAAgB,IAAI,GAAG,EAAE,CAAC;QACxC,MAAM,QAAQ,GAAgB,IAAI,GAAG,EAAE,CAAC;QAExC,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;YAC9C,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC1B,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC1B,IAAI,OAAO,CAAC,GAAG,KAAK,OAAO,CAAC,GAAG,EAAE,CAAC;gBAChC,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YAC1C,CAAC;QACH,CAAC;QACD,IAAI,QAAQ,CAAC,IAAI,KAAK,CAAC,IAAI,QAAQ,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;YAC/C,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IACD,4BAA4B,EAAE,CAAC;IAE/B,4FAA4F;IAC5F,OAAO,CAAC,MAAM,CACZ,2BAA2B,IAAI,CAAC,EAChC,oGAAoG,CACrG,CAAC;IACF,MAAM,qBAAqB,GAAsB,uBAAuB,CAAC,CAAC,CAAC,CAAC;IAE5E,OAAO,qBAAqB,CAAC;AAC/B,CAAC"}

package/dist/middleware/decode-token-type.d.ts

@@ -0,0 +1,9 @@
+import type { UserData } from "../user_data";
+import type { PotentiallyValidTokenSource } from "./token-source";
+import type { OrganizationID } from "../organizations";
+export interface DecodeTokenFnInputOptions extends PotentiallyValidTokenSource {
+    jwt_audience: string;
+}
+export type DecodeTokenFn = (opts: DecodeTokenFnInputOptions) => Promise<UserData & {
+    orgs: readonly OrganizationID[];
+}>;

package/dist/middleware/decode-token-type.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=decode-token-type.js.map

package/dist/middleware/decode-token-type.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"decode-token-type.js","sourceRoot":"","sources":["../../src/middleware/decode-token-type.ts"],"names":[],"mappings":""}

package/dist/middleware/default-auth-middleware-rules.d.ts

@@ -0,0 +1,7 @@
+export declare const defaultAuthMiddlewareRules: {
+    readonly public: [[], ["auth", "logout"], ["auth", "authorize"], ["api", "auth", "token"], ["api", "auth", "logout"], ["api", "environment"], ["error"]];
+    readonly unauthed: [["auth", "login"], ["auth", "register"], ["auth", "forgot-password"]];
+    readonly authed: [["account"], ["auth", "account"]];
+    readonly admin: [["admin"]];
+    readonly api: [["api"], ["trpc"]];
+};

package/dist/middleware/default-auth-middleware-rules.js

@@ -0,0 +1,24 @@
+export const defaultAuthMiddlewareRules = {
+    public: [
+        [], // The root path is public
+        ["auth", "logout"],
+        ["auth", "authorize"],
+        ["api", "auth", "token"],
+        ["api", "auth", "logout"],
+        ["api", "environment"], // allow frontend client to ask server what environment this is running in
+        ["error"],
+    ],
+    unauthed: [
+        ["auth", "login"],
+        ["auth", "register"],
+        ["auth", "forgot-password"],
+    ],
+    authed: [
+        // -- by default, all routes require authentication
+        ["account"],
+        ["auth", "account"],
+    ],
+    admin: [["admin"]],
+    api: [["api"], ["trpc"]],
+};
+//# sourceMappingURL=default-auth-middleware-rules.js.map

package/dist/middleware/default-auth-middleware-rules.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"default-auth-middleware-rules.js","sourceRoot":"","sources":["../../src/middleware/default-auth-middleware-rules.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,0BAA0B,GAAG;IACxC,MAAM,EAAE;QACN,EAAE,EAAE,0BAA0B;QAC9B,CAAC,MAAM,EAAE,QAAQ,CAAC;QAClB,CAAC,MAAM,EAAE,WAAW,CAAC;QACrB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC;QACxB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC;QACzB,CAAC,KAAK,EAAE,aAAa,CAAC,EAAE,0EAA0E;QAClG,CAAC,OAAO,CAAC;KACV;IACD,QAAQ,EAAE;QACR,CAAC,MAAM,EAAE,OAAO,CAAC;QACjB,CAAC,MAAM,EAAE,UAAU,CAAC;QACpB,CAAC,MAAM,EAAE,iBAAiB,CAAC;KAC5B;IACD,MAAM,EAAE;QACN,mDAAmD;QACnD,CAAC,SAAS,CAAC;QACX,CAAC,MAAM,EAAE,SAAS,CAAC;KACpB;IACD,KAAK,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC;IAClB,GAAG,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC;CACc,CAAC"}

package/dist/middleware/determine-auth-status.d.ts

@@ -0,0 +1,13 @@
+import type { UserData } from "../user_data";
+import type { DecodeTokenFn } from "./decode-token-type";
+import type { AuthenticationStatus } from "./middleware-rules";
+import type { PotentiallyValidTokenSource } from "./token-source";
+export interface DetermineAuthStatusInputOptions {
+    user_data?: UserData;
+    token_sources?: readonly PotentiallyValidTokenSource[];
+    client_type: "server" | "client";
+    jwt_audience?: string;
+    decodeJWT?: DecodeTokenFn;
+    debug?: boolean;
+}
+export declare function determineAuthStatus(opts: DetermineAuthStatusInputOptions): Promise<AuthenticationStatus>;

package/dist/middleware/determine-auth-status.js

@@ -0,0 +1,91 @@
+import { decodeFirstOfSeveralJwts } from "./decode-first-of-several-jwts";
+export async function determineAuthStatus(opts) {
+    const debug = opts.debug ?? false;
+    if (debug) {
+        console.log("[determineAuthStatus] Determining auth status with options: ", opts);
+    }
+    if (!opts.token_sources || !Array.isArray(opts.token_sources)) {
+        if (debug) {
+            console.warn("[determineAuthStatus] No token sources provided");
+        }
+        return {
+            status: "logged-out",
+        };
+    }
+    // Consider yourself authenticated on the frontend if you have any tokens saved
+    // Actually validate the token on the backend
+    if (opts.client_type === "client") {
+        // this validation is really loose!! if they think they're logged in that's good enough-- server will actually check and tell them
+        if ((Array.isArray(opts.token_sources) && opts.token_sources.length >= 1) ||
+            opts.user_data) {
+            const loggedInDetermination = {
+                status: "logged-in",
+                admin: opts.user_data?.admin ?? false,
+            };
+            if (debug) {
+                console.log("[determineAuthStatus] Determined user has tokens and is probably logged in: ", loggedInDetermination);
+            }
+            return loggedInDetermination;
+        }
+        else {
+            if (debug) {
+                console.warn("[determineAuthStatus] Client does not appear to have any tokens or user data stored! Treating as unauthenticated!");
+            }
+        }
+    }
+    else if (opts.client_type === "server") {
+        // Actually validate the token
+        // Use a `decodeJWT` function that is only available on the server-side
+        if (typeof opts.decodeJWT !== "function") {
+            throw new Error("Expected decodeJWT function server-side");
+        }
+        const jwt_audience = opts.jwt_audience;
+        if (typeof jwt_audience !== "string") {
+            throw new Error("JWT audience must be set for determineAuthStatus in a server environment!");
+        }
+        // if no jwt tokens were provided then they are unauthenticated
+        if (!Array.isArray(opts.token_sources) || opts.token_sources.length === 0) {
+            return {
+                status: "logged-out",
+            };
+        }
+        const token_sources = opts.token_sources;
+        let decoded_jwt;
+        try {
+            const decoded = await decodeFirstOfSeveralJwts({
+                token_sources,
+                decodeJWT: opts.decodeJWT,
+                jwt_audience,
+            }, debug);
+            if (typeof decoded === "object" && !!decoded) {
+                decoded_jwt = decoded;
+            }
+            else {
+                throw new Error("Failed to decode JWT into user data");
+            }
+        }
+        catch (e) {
+            console.error("[determineAuthStatus] Error decoding JWT: ", e);
+            return {
+                status: "logged-out",
+            };
+        }
+        if (typeof decoded_jwt !== "object")
+            throw new Error("Expected decoded jwt to be an object");
+        const admin = Object.hasOwn(decoded_jwt, "admin")
+            ? (decoded_jwt.admin ?? false)
+            : false;
+        return {
+            status: "logged-in",
+            admin,
+        };
+    }
+    else {
+        throw new Error("Invalid environment to run auth middleware auth status determination: " +
+            opts.client_type);
+    }
+    return {
+        status: "logged-out",
+    };
+}
+//# sourceMappingURL=determine-auth-status.js.map

package/dist/middleware/determine-auth-status.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"determine-auth-status.js","sourceRoot":"","sources":["../../src/middleware/determine-auth-status.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAC;AAkB1E,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,IAAqC;IAErC,MAAM,KAAK,GAAY,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC;IAC3C,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CACT,8DAA8D,EAC9D,IAAI,CACL,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,aAAa,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,CAAC;QAC9D,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;QAClE,CAAC;QACD,OAAO;YACL,MAAM,EAAE,YAAY;SACrB,CAAC;IACJ,CAAC;IAED,+EAA+E;IAC/E,6CAA6C;IAC7C,IAAI,IAAI,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;QAClC,kIAAkI;QAClI,IACE,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,IAAI,CAAC,CAAC;YACrE,IAAI,CAAC,SAAS,EACd,CAAC;YACD,MAAM,qBAAqB,GAAG;gBAC5B,MAAM,EAAE,WAAW;gBACnB,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,KAAK,IAAI,KAAK;aAC7B,CAAC;YAEX,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,GAAG,CACT,8EAA8E,EAC9E,qBAAqB,CACtB,CAAC;YACJ,CAAC;YAED,OAAO,qBAAqB,CAAC;QAC/B,CAAC;aAAM,CAAC;YACN,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,IAAI,CACV,mHAAmH,CACpH,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;SAAM,IAAI,IAAI,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;QACzC,8BAA8B;QAE9B,uEAAuE;QACvE,IAAI,OAAO,IAAI,CAAC,SAAS,KAAK,UAAU,EAAE,CAAC;YACzC,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC;QACvC,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CACb,2EAA2E,CAC5E,CAAC;QACJ,CAAC;QAED,+DAA+D;QAC/D,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1E,OAAO;gBACL,MAAM,EAAE,YAAY;aACZ,CAAC;QACb,CAAC;QAED,MAAM,aAAa,GACjB,IAAI,CAAC,aAAa,CAAC;QAErB,IAAI,WAAqB,CAAC;QAC1B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,wBAAwB,CAC5C;gBACE,aAAa;gBACb,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,YAAY;aACb,EACD,KAAK,CACN,CAAC;YACF,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;gBAC7C,WAAW,GAAG,OAAO,CAAC;YACxB,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,4CAA4C,EAAE,CAAC,CAAC,CAAC;YAC/D,OAAO;gBACL,MAAM,EAAE,YAAY;aACZ,CAAC;QACb,CAAC;QAED,IAAI,OAAO,WAAW,KAAK,QAAQ;YACjC,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;QAC1D,MAAM,KAAK,GAAY,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC;YACxD,CAAC,CAAC,CAAC,WAAW,CAAC,KAAK,IAAI,KAAK,CAAC;YAC9B,CAAC,CAAC,KAAK,CAAC;QACV,OAAO;YACL,MAAM,EAAE,WAAW;YACnB,KAAK;SACG,CAAC;IACb,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CACb,wEAAwE;YACtE,IAAI,CAAC,WAAW,CACnB,CAAC;IACJ,CAAC;IAED,OAAO;QACL,MAAM,EAAE,YAAY;KACZ,CAAC;AACb,CAAC"}

package/dist/middleware/index.d.ts

@@ -0,0 +1,10 @@
+export { AuthMiddleware } from "./auth-middleware";
+export type { AuthMiddlewareOptions, AuthMiddlewareResult, } from "./auth-middleware";
+export * from "./auth-middleware-error";
+export type * from "./auth-middleware-error";
+export type { AuthMiddlewareRules } from "./middleware-rules";
+export { defaultAuthMiddlewareRules } from "./default-auth-middleware-rules";
+export { determineAuthStatus } from "./determine-auth-status";
+export type { DecodeTokenFn } from "./decode-token-type";
+export type { PotentiallyValidTokenSource } from "./token-source";
+export { decodeFirstOfSeveralJwts, type DecodeFirstOfSeveralJwtsInputOptions, } from "./decode-first-of-several-jwts";

package/dist/middleware/index.js

@@ -0,0 +1,6 @@
+export { AuthMiddleware } from "./auth-middleware";
+export * from "./auth-middleware-error";
+export { defaultAuthMiddlewareRules } from "./default-auth-middleware-rules";
+export { determineAuthStatus } from "./determine-auth-status";
+export { decodeFirstOfSeveralJwts, } from "./decode-first-of-several-jwts";
+//# sourceMappingURL=index.js.map

package/dist/middleware/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAMnD,cAAc,yBAAyB,CAAC;AAIxC,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAE7E,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAI9D,OAAO,EACL,wBAAwB,GAEzB,MAAM,gCAAgC,CAAC"}

package/dist/middleware/middleware-rules.d.ts

@@ -0,0 +1,30 @@
+import type { SchemaVaultsAppEnvironment } from "@schemavaults/app-definitions";
+import type { NavigationPath } from "./parse-navigation-path";
+import { z } from "zod";
+export declare const pageSecurityLevelSchema: z.ZodEnum<["public", "unauthed", "authed", "admin", "api"]>;
+type PageSecurityLevel = z.infer<typeof pageSecurityLevelSchema>;
+export type AuthMiddlewareRules = Record<PageSecurityLevel, NavigationPath[]>;
+export declare const authenticationStatusSchema: z.ZodUnion<readonly [z.ZodObject<{
+    status: z.ZodLiteral<"logged-in">;
+    admin: z.ZodOptional<z.ZodBoolean>;
+}, "strict", z.ZodTypeAny, {
+    status: "logged-in";
+    admin?: boolean | undefined;
+}, {
+    status: "logged-in";
+    admin?: boolean | undefined;
+}>, z.ZodObject<{
+    status: z.ZodLiteral<"logged-out">;
+}, "strict", z.ZodTypeAny, {
+    status: "logged-out";
+}, {
+    status: "logged-out";
+}>]>;
+export type AuthenticationStatus = z.infer<typeof authenticationStatusSchema>;
+type AuthMiddlewareResult = readonly [
+    AuthenticationStatus["status"],
+    "on",
+    PageSecurityLevel
+];
+export declare function evaluateAuthMiddlewareRules(currentPath: NavigationPath, authStatus: AuthenticationStatus, rules: AuthMiddlewareRules, environment: SchemaVaultsAppEnvironment): AuthMiddlewareResult;
+export {};

package/dist/middleware/middleware-rules.js

@@ -0,0 +1,117 @@
+import { comparePath } from "./compare-path";
+import { z } from "zod";
+// Every requires authentication by default, unless it is in the public list or the unauthed list.
+// An unauthed route is a route that is only accessible to unauthenticated users.
+// (i.e. redirect users from the login/register pages)
+export const pageSecurityLevelSchema = z.enum([
+    "public",
+    "unauthed",
+    "authed",
+    "admin",
+    "api",
+]);
+export const authenticationStatusSchema = z.union([
+    z
+        .object({
+        status: z.literal("logged-in"),
+        admin: z.boolean().optional(),
+    })
+        .required({
+        status: true,
+    })
+        .strict(),
+    z
+        .object({
+        status: z.literal("logged-out"),
+    })
+        .required({ status: true })
+        .strict(),
+]);
+function isAuthenticationStatus(value) {
+    return authenticationStatusSchema.safeParse(value).success;
+}
+export function evaluateAuthMiddlewareRules(
+// The current path (which the middleware is being run on)
+currentPath, 
+// The current authentication status of the user (logged in or logged out)
+authStatus, 
+// The rules for the middleware to follow, given the current path and authentication status
+rules, 
+// App Environment (enables additional debug logging)
+environment) {
+    if (!environment) {
+        throw new TypeError("'environment' must be provided");
+    }
+    if (environment === "development") {
+        console.log("[AuthMiddleware] Evaluating current path against redirect rules...");
+    }
+    if (!isAuthenticationStatus(authStatus)) {
+        throw new Error("authStatus must be either 'logged-in' or 'logged-out'");
+    }
+    // Get the page security level
+    const defaultPageSecurityLevel = "authed";
+    let pageSecurityLevel = defaultPageSecurityLevel;
+    try {
+        if (environment === "development") {
+            console.log("[AuthMiddleware] Current path: ", currentPath);
+            try {
+                console.log("[AuthMiddleware] Rules: ", rules);
+            }
+            catch (e) {
+                void e; /** no-op */
+            }
+        }
+        if (rules.public.some((route) => {
+            const isMatch = comparePath(currentPath, route);
+            if (environment === "test" && isMatch) {
+                console.log(`[AuthMiddleware] Current path "${currentPath.join("/")}" matches public route: `, route);
+            }
+            return isMatch;
+        })) {
+            // Current path matches a public route rule
+            pageSecurityLevel = "public";
+        }
+        else if (rules.unauthed.some((route) => {
+            const isMatch = comparePath(currentPath, route);
+            if (environment === "test" && isMatch) {
+                console.log(`[AuthMiddleware] Current path "${currentPath.join("/")}" matches unauthed route: `, route);
+            }
+            return isMatch;
+        })) {
+            // Current path matches an unauthed route rule
+            pageSecurityLevel = "unauthed";
+        }
+        else if (rules.authed?.some((route) => {
+            const isMatch = comparePath(currentPath, route);
+            if (environment === "test" && isMatch) {
+                console.log(`[AuthMiddleware] Current path "${currentPath.join("/")}" matches authed route: `, route);
+            }
+            return isMatch;
+        })) {
+            // Current path matches an authed route rule
+            pageSecurityLevel = "authed";
+        }
+        else if (rules.api.some((route) => {
+            const isMatch = comparePath(currentPath, route);
+            if (environment === "test" && isMatch) {
+                console.log(`[AuthMiddleware] Current path "${currentPath.join("/")}" matches api route: `, route);
+            }
+            return isMatch;
+        })) {
+            pageSecurityLevel = "api";
+        }
+        else {
+            if (environment === "development") {
+                console.log(`[AuthMiddleware] Current path "${currentPath.join("/")}" does not match any route rule-- treating as 'authed' by default`);
+            }
+            pageSecurityLevel = "authed";
+        }
+    }
+    catch (e) {
+        /** default to authed, but log the error */
+        console.error(e);
+        pageSecurityLevel = defaultPageSecurityLevel;
+    }
+    return [authStatus.status, "on", pageSecurityLevel];
+}
+//# sourceMappingURL=middleware-rules.js.map

package/dist/middleware/middleware-rules.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware-rules.js","sourceRoot":"","sources":["../../src/middleware/middleware-rules.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAE7C,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,kGAAkG;AAClG,iFAAiF;AACjF,sDAAsD;AAEtD,MAAM,CAAC,MAAM,uBAAuB,GAAG,CAAC,CAAC,IAAI,CAAC;IAC5C,QAAQ;IACR,UAAU;IACV,QAAQ;IACR,OAAO;IACP,KAAK;CACG,CAAC,CAAC;AAKZ,MAAM,CAAC,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAAC;IAChD,CAAC;SACE,MAAM,CAAC;QACN,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;QAC9B,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;KAC9B,CAAC;SACD,QAAQ,CAAC;QACR,MAAM,EAAE,IAAI;KACb,CAAC;SACD,MAAM,EAAE;IACX,CAAC;SACE,MAAM,CAAC;QACN,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC;KAChC,CAAC;SACD,QAAQ,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;SAC1B,MAAM,EAAE;CACH,CAAC,CAAC;AAIZ,SAAS,sBAAsB,CAAC,KAAc;IAC5C,OAAO,0BAA0B,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC;AAC7D,CAAC;AAQD,MAAM,UAAU,2BAA2B;AACzC,0DAA0D;AAC1D,WAA2B;AAC3B,0EAA0E;AAC1E,UAAgC;AAChC,2FAA2F;AAC3F,KAA0B;AAC1B,qDAAqD;AACrD,WAAuC;IAEvC,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,SAAS,CAAC,gCAAgC,CAAC,CAAC;IACxD,CAAC;IAED,IAAI,WAAW,KAAK,aAAa,EAAE,CAAC;QAClC,OAAO,CAAC,GAAG,CACT,oEAAoE,CACrE,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;IAC3E,CAAC;IAED,8BAA8B;IAC9B,MAAM,wBAAwB,GAC5B,QAA6C,CAAC;IAChD,IAAI,iBAAiB,GAAsB,wBAAwB,CAAC;IACpE,IAAI,CAAC;QACH,IAAI,WAAW,KAAK,aAAa,EAAE,CAAC;YAClC,OAAO,CAAC,GAAG,CAAC,iCAAiC,EAAE,WAAW,CAAC,CAAC;YAC5D,IAAI,CAAC;gBACH,OAAO,CAAC,GAAG,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC;YACjD,CAAC;YAAC,OAAO,CAAU,EAAE,CAAC;gBACpB,KAAK,CAAC,CAAC,CAAC,YAAY;YACtB,CAAC;QACH,CAAC;QACD,IACE,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,KAAqB,EAAW,EAAE;YACnD,MAAM,OAAO,GAAY,WAAW,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;YACzD,IAAI,WAAW,KAAK,MAAM,IAAI,OAAO,EAAE,CAAC;gBACtC,OAAO,CAAC,GAAG,CACT,kCAAkC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,0BAA0B,EACjF,KAAK,CACN,CAAC;YACJ,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC,CAAC,EACF,CAAC;YACD,2CAA2C;YAC3C,iBAAiB,GAAG,QAAQ,CAAC;QAC/B,CAAC;aAAM,IACL,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,KAAqB,EAAW,EAAE;YACrD,MAAM,OAAO,GAAY,WAAW,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;YACzD,IAAI,WAAW,KAAK,MAAM,IAAI,OAAO,EAAE,CAAC;gBACtC,OAAO,CAAC,GAAG,CACT,kCAAkC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,4BAA4B,EACnF,KAAK,CACN,CAAC;YACJ,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC,CAAC,EACF,CAAC;YACD,8CAA8C;YAC9C,iBAAiB,GAAG,UAAU,CAAC;QACjC,CAAC;aAAM,IACL,KAAK,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,KAAqB,EAAW,EAAE;YACpD,MAAM,OAAO,GAAY,WAAW,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;YACzD,IAAI,WAAW,KAAK,MAAM,IAAI,OAAO,EAAE,CAAC;gBACtC,OAAO,CAAC,GAAG,CACT,kCAAkC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,0BAA0B,EACjF,KAAK,CACN,CAAC;YACJ,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC,CAAC,EACF,CAAC;YACD,4CAA4C;YAC5C,iBAAiB,GAAG,QAAQ,CAAC;QAC/B,CAAC;aAAM,IACL,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,KAAqB,EAAW,EAAE;YAChD,MAAM,OAAO,GAAY,WAAW,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;YACzD,IAAI,WAAW,KAAK,MAAM,IAAI,OAAO,EAAE,CAAC;gBACtC,OAAO,CAAC,GAAG,CACT,kCAAkC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,uBAAuB,EAC9E,KAAK,CACN,CAAC;YACJ,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC,CAAC,EACF,CAAC;YACD,iBAAiB,GAAG,KAAK,CAAC;QAC5B,CAAC;aAAM,CAAC;YACN,IAAI,WAAW,KAAK,aAAa,EAAE,CAAC;gBAClC,OAAO,CAAC,GAAG,CACT,kCAAkC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,mEAAmE,CAC3H,CAAC;YACJ,CAAC;YACD,iBAAiB,GAAG,QAAQ,CAAC;QAC/B,CAAC;IACH,CAAC;IAAC,OAAO,CAAU,EAAE,CAAC;QACpB,2CAA2C;QAC3C,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACjB,iBAAiB,GAAG,wBAA2C,CAAC;IAClE,CAAC;IAED,OAAO,CAAC,UAAU,CAAC,MAAM,EAAE,IAAI,EAAE,iBAAiB,CAAU,CAAC;AAC/D,CAAC"}

package/dist/middleware/parse-navigation-path.d.ts

@@ -0,0 +1,3 @@
+export type NavigationPath = string[];
+export declare function parseNavigationPath(path_url: string): NavigationPath;
+export default parseNavigationPath;