@schemavaults/auth-server-sdk 0.17.2

package/dist/route_guards/authenticated.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authenticated.js","sourceRoot":"","sources":["../../src/route_guards/authenticated.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAoB,MAAM,oBAAoB,CAAC;AAEtE,MAAM,OAAO,gCACX,SAAQ,cAAc;IAGf,eAAe;QACpB,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YACzB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AAED,eAAe,gCAAgC,CAAC"}

package/dist/route_guards/base-route-guard.d.ts

@@ -0,0 +1,15 @@
+import type { UserData } from "@schemavaults/auth-common";
+import type { InitRouteGuardCheckOptions } from "./init_route_guard_check_options";
+export interface IRouteGuard {
+    isAccessAllowed: () => boolean;
+    user: UserData | null;
+}
+export declare abstract class BaseRouteGuard implements IRouteGuard {
+    protected _user: UserData | null;
+    private readonly environment;
+    constructor({ user, environment }: InitRouteGuardCheckOptions);
+    protected get isAuthenticated(): boolean;
+    protected get isAdmin(): boolean;
+    abstract isAccessAllowed(): boolean;
+    get user(): UserData | null;
+}

package/dist/route_guards/base-route-guard.js

@@ -0,0 +1,24 @@
+export class BaseRouteGuard {
+    _user;
+    environment;
+    constructor({ user, environment }) {
+        this._user = user;
+        this.environment = environment;
+    }
+    get isAuthenticated() {
+        const isUserSet = !!this._user;
+        if (this.environment !== "production") {
+            console.debug("User is authenticated:", isUserSet, "User:", this._user);
+        }
+        return isUserSet;
+    }
+    get isAdmin() {
+        return (this.isAuthenticated &&
+            typeof this._user?.admin === "boolean" &&
+            this._user.admin);
+    }
+    get user() {
+        return this._user;
+    }
+}
+//# sourceMappingURL=base-route-guard.js.map

package/dist/route_guards/base-route-guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"base-route-guard.js","sourceRoot":"","sources":["../../src/route_guards/base-route-guard.ts"],"names":[],"mappings":"AASA,MAAM,OAAgB,cAAc;IACxB,KAAK,CAAkB;IAChB,WAAW,CAA6B;IAEzD,YAAmB,EAAE,IAAI,EAAE,WAAW,EAA8B;QAClE,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QAClB,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;IACjC,CAAC;IAED,IAAc,eAAe;QAC3B,MAAM,SAAS,GAAY,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;QACxC,IAAI,IAAI,CAAC,WAAW,KAAK,YAAY,EAAE,CAAC;YACtC,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QAC1E,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,IAAc,OAAO;QACnB,OAAO,CACL,IAAI,CAAC,eAAe;YACpB,OAAO,IAAI,CAAC,KAAK,EAAE,KAAK,KAAK,SAAS;YACtC,IAAI,CAAC,KAAK,CAAC,KAAK,CACjB,CAAC;IACJ,CAAC;IAID,IAAW,IAAI;QACb,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;CACF"}

package/dist/route_guards/index.d.ts

@@ -0,0 +1,4 @@
+export type { IRouteGuard } from "./base-route-guard";
+export { AuthenticationRequiredRouteGuard } from "./authenticated";
+export { AdminRequiredRouteGuard } from "./admin";
+export { RouteGuardFactory, RouteGuardFactory as default, } from "./route-guard-factory";

package/dist/route_guards/index.js

@@ -0,0 +1,4 @@
+export { AuthenticationRequiredRouteGuard } from "./authenticated";
+export { AdminRequiredRouteGuard } from "./admin";
+export { RouteGuardFactory, RouteGuardFactory as default, } from "./route-guard-factory";
+//# sourceMappingURL=index.js.map

package/dist/route_guards/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/route_guards/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,gCAAgC,EAAE,MAAM,iBAAiB,CAAC;AACnE,OAAO,EAAE,uBAAuB,EAAE,MAAM,SAAS,CAAC;AAElD,OAAO,EACL,iBAAiB,EACjB,iBAAiB,IAAI,OAAO,GAC7B,MAAM,uBAAuB,CAAC"}

package/dist/route_guards/init_route_guard_check_options.d.ts

@@ -0,0 +1,6 @@
+import type { SchemaVaultsAppEnvironment } from "@schemavaults/app-definitions";
+import type { UserData } from "@schemavaults/auth-common";
+export interface InitRouteGuardCheckOptions {
+    user: UserData | null;
+    environment: SchemaVaultsAppEnvironment;
+}

package/dist/route_guards/init_route_guard_check_options.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=init_route_guard_check_options.js.map

package/dist/route_guards/init_route_guard_check_options.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"init_route_guard_check_options.js","sourceRoot":"","sources":["../../src/route_guards/init_route_guard_check_options.ts"],"names":[],"mappings":""}

package/dist/route_guards/route-guard-factory.d.ts

@@ -0,0 +1,25 @@
+import type { IRouteGuard } from "./base-route-guard";
+import type { InitRouteGuardCheckOptions } from "./init_route_guard_check_options";
+import { type PotentiallyValidTokenSource } from "@schemavaults/auth-common";
+import { type SchemaVaultsAppEnvironment } from "@schemavaults/app-definitions";
+import { type IJwtKeyManager } from "../JwtKeyManager";
+export interface RouteGuardFactoryInitOptions {
+    environment: SchemaVaultsAppEnvironment;
+    jwt_keys_manager?: IJwtKeyManager;
+    is_auth_server?: boolean;
+    debug?: boolean;
+}
+declare const GUARD_TYPES: readonly ["authenticated", "admin"];
+type RouteGuardType = (typeof GUARD_TYPES)[number];
+export declare class RouteGuardFactory {
+    private readonly jwt_keys_manager;
+    private readonly environment;
+    private readonly debug;
+    private readonly is_auth_server;
+    constructor({ environment, ...opts }: RouteGuardFactoryInitOptions);
+    private static isValidRouteGuardType;
+    createGuardFromOptions(type: RouteGuardType, opts: InitRouteGuardCheckOptions): IRouteGuard;
+    createGuardFromTokenSources(type: RouteGuardType, token_sources: readonly PotentiallyValidTokenSource[], jwt_audience: string): Promise<IRouteGuard>;
+    createGuardFromAuthHeader(type: RouteGuardType, authHeader: string | null, jwt_audience: string): Promise<IRouteGuard>;
+}
+export default RouteGuardFactory;

package/dist/route_guards/route-guard-factory.js

@@ -0,0 +1,155 @@
+import AdminRequiredRouteGuard from "./admin";
+import AuthenticationRequiredRouteGuard from "./authenticated";
+import { z } from "zod";
+import { decodeFirstOfSeveralJwts, } from "@schemavaults/auth-common";
+import { decodeJWT as decodeSchemavaultsJwt, getKeysetIdFromToken, } from "@schemavaults/jwt";
+import { apiServerIdSchema, getAppEnvironment, getHardcodedClientWebAppDomain, SCHEMAVAULTS_AUTH_APP_DEFINITION, } from "@schemavaults/app-definitions";
+import loadJwtDecodingKeys from "../JwtKeyManager/loadJwtDecodingKeys";
+import { RemoteJwtKeyManager } from "../JwtKeyManager";
+const GUARD_TYPES = [
+    "authenticated",
+    "admin",
+];
+const validGuardTypeSchema = z.string().refine((str) => {
+    return GUARD_TYPES.includes(str);
+});
+const GUARDS = {
+    authenticated: (opts) => new AuthenticationRequiredRouteGuard(opts),
+    admin: (opts) => new AdminRequiredRouteGuard(opts),
+};
+export class RouteGuardFactory {
+    jwt_keys_manager;
+    environment;
+    debug;
+    is_auth_server;
+    constructor({ environment, ...opts }) {
+        this.environment = environment;
+        this.debug = opts.debug ?? false;
+        if (typeof opts.is_auth_server !== "boolean" &&
+            typeof opts.is_auth_server !== "undefined") {
+            throw new TypeError("Invalid value for 'is_auth_server'");
+        }
+        this.is_auth_server = opts.is_auth_server ?? false;
+        if (opts.jwt_keys_manager) {
+            this.jwt_keys_manager = opts.jwt_keys_manager;
+        }
+        else {
+            if (this.is_auth_server) {
+                throw new TypeError("An argument for 'jwt_keys_manager' is required when 'is_auth_server' is true");
+            }
+            this.jwt_keys_manager = new RemoteJwtKeyManager({
+                auth_server_uri: getHardcodedClientWebAppDomain(SCHEMAVAULTS_AUTH_APP_DEFINITION.app_id, environment),
+            });
+        }
+    }
+    static isValidRouteGuardType(type) {
+        if (typeof type !== "string")
+            return false;
+        return validGuardTypeSchema.safeParse(type).success;
+    }
+    createGuardFromOptions(type, opts) {
+        if (!RouteGuardFactory.isValidRouteGuardType(type)) {
+            throw new Error(`Invalid route guard type, should be one of: ${GUARD_TYPES.join(", ")}`);
+        }
+        const GUARD_LOADER = GUARDS[type];
+        const GUARD = GUARD_LOADER(opts);
+        return GUARD;
+    }
+    async createGuardFromTokenSources(type, token_sources, jwt_audience) {
+        const environment = this.environment;
+        const debug = this.debug;
+        if (debug) {
+            console.log(`[RouteGuardFactory] Initializing route guard from token sources: `, token_sources);
+        }
+        if (!apiServerIdSchema.safeParse(jwt_audience).success) {
+            throw new TypeError(`Invalid API server ID for 'jwt_audience': ${jwt_audience}`);
+        }
+        let user = null;
+        try {
+            user = await decodeFirstOfSeveralJwts({
+                token_sources,
+                jwt_audience,
+                decodeJWT: async (opts) => {
+                    if (environment !== "production") {
+                        console.log(`[RouteGuardFactory] Attempting to decode JWT...`);
+                    }
+                    let keyset_id;
+                    try {
+                        keyset_id = getKeysetIdFromToken(opts.token);
+                    }
+                    catch (e) {
+                        console.error("Failed to load 'keyset_id' from auth token: ", e);
+                        throw new Error("Failed to load 'keyset_id' from auth token!");
+                    }
+                    const keys_manager = this.jwt_keys_manager;
+                    if (!keys_manager) {
+                        throw new Error("Failed to resolve reference to JWT keys manager to operate this route guard!");
+                    }
+                    let decodingKeys;
+                    try {
+                        decodingKeys = await loadJwtDecodingKeys({
+                            keyset_id,
+                            keys_manager,
+                            audience_id: jwt_audience,
+                            debug,
+                        });
+                        if (decodingKeys.keyset_id !== keyset_id) {
+                            throw new Error("Mismatch between the keyset ID of result and what was requested!");
+                        }
+                    }
+                    catch (e) {
+                        console.error(`Failed to load keys associated with token-associated keyset '${keyset_id}': `, e);
+                        throw new Error("Failed to load keys associated with token-associated keyset!");
+                    }
+                    const { decryption_key, verification_key } = decodingKeys;
+                    try {
+                        return (await decodeSchemavaultsJwt({
+                            jwt: opts.token,
+                            type: opts.type,
+                            audience: opts.jwt_audience,
+                            decryption_key,
+                            verification_key,
+                            keyset_id,
+                            env: environment,
+                        }));
+                    }
+                    catch (e) {
+                        console.error("Failed to decode JSON web token: ", e);
+                        throw new Error("Failed to decode JSON web token!");
+                    }
+                },
+            }, debug);
+        }
+        catch (e) {
+            console.error("No-op error creating route-guard... Failed to decode JWTs, setting user = null", e);
+            user = null;
+        }
+        const init_opts = {
+            user,
+            environment: getAppEnvironment(),
+        };
+        if (this.environment !== "production") {
+            console.log(`[RouteGuardFactory] Creating route guard with init options: `, init_opts);
+        }
+        return this.createGuardFromOptions(type, init_opts);
+    }
+    async createGuardFromAuthHeader(type, authHeader, jwt_audience) {
+        if (!authHeader || typeof authHeader !== "string") {
+            throw new Error("No auth header found");
+        }
+        const bearerPrefix = "Bearer ";
+        if (!authHeader.startsWith(bearerPrefix)) {
+            throw new Error("Auth header should have a 'Bearer' prefix");
+        }
+        const token = authHeader.slice(bearerPrefix.length);
+        return await this.createGuardFromTokenSources(type, [
+            {
+                sourceHint: "Auth Header Access Token",
+                token,
+                type: "access",
+            },
+        ], jwt_audience);
+    }
+}
+export default RouteGuardFactory;
+//# sourceMappingURL=route-guard-factory.js.map

package/dist/route_guards/route-guard-factory.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"route-guard-factory.js","sourceRoot":"","sources":["../../src/route_guards/route-guard-factory.ts"],"names":[],"mappings":"AAAA,OAAO,uBAAuB,MAAM,SAAS,CAAC;AAC9C,OAAO,gCAAgC,MAAM,iBAAiB,CAAC;AAE/D,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EACL,wBAAwB,GAIzB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAEL,SAAS,IAAI,qBAAqB,EAClC,oBAAoB,GACrB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,iBAAiB,EACjB,iBAAiB,EACjB,8BAA8B,EAC9B,gCAAgC,GAEjC,MAAM,+BAA+B,CAAC;AACvC,OAAO,mBAEN,MAAM,qCAAqC,CAAC;AAC7C,OAAO,EAAE,mBAAmB,EAAuB,MAAM,iBAAiB,CAAC;AAW3E,MAAM,WAAW,GAAG;IAClB,eAAe;IACf,OAAO;CAC6B,CAAC;AAGvC,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,EAAyB,EAAE;IAC5E,OACE,WACD,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC;AAEH,MAAM,MAAM,GAAG;IACb,aAAa,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,gCAAgC,CAAC,IAAI,CAAC;IACnE,KAAK,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,uBAAuB,CAAC,IAAI,CAAC;CAInD,CAAC;AAEF,MAAM,OAAO,iBAAiB;IACX,gBAAgB,CAAiB;IACjC,WAAW,CAA6B;IACxC,KAAK,CAAU;IACf,cAAc,CAAU;IAEzC,YAAmB,EAAE,WAAW,EAAE,GAAG,IAAI,EAAgC;QACvE,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC;QACjC,IACE,OAAO,IAAI,CAAC,cAAc,KAAK,SAAS;YACxC,OAAO,IAAI,CAAC,cAAc,KAAK,WAAW,EAC1C,CAAC;YACD,MAAM,IAAI,SAAS,CAAC,oCAAoC,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,IAAI,KAAK,CAAC;QAEnD,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC1B,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC;QAChD,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxB,MAAM,IAAI,SAAS,CACjB,8EAA8E,CAC/E,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,gBAAgB,GAAG,IAAI,mBAAmB,CAAC;gBAC9C,eAAe,EAAE,8BAA8B,CAC7C,gCAAgC,CAAC,MAAM,EACvC,WAAW,CACZ;aACF,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,qBAAqB,CAAC,IAAa;QAChD,IAAI,OAAO,IAAI,KAAK,QAAQ;YAAE,OAAO,KAAK,CAAC;QAC3C,OAAO,oBAAoB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC;IACtD,CAAC;IAEM,sBAAsB,CAC3B,IAAoB,EACpB,IAAgC;QAEhC,IAAI,CAAC,iBAAiB,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;YACnD,MAAM,IAAI,KAAK,CACb,+CAA+C,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACxE,CAAC;QACJ,CAAC;QACD,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QAEjC,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,KAAK,CAAC,2BAA2B,CACtC,IAAoB,EACpB,aAAqD,EACrD,YAAoB;QAEpB,MAAM,WAAW,GAA+B,IAAI,CAAC,WAAW,CAAC;QACjE,MAAM,KAAK,GAAY,IAAI,CAAC,KAAK,CAAC;QAClC,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,CAAC,GAAG,CACT,mEAAmE,EACnE,aAAa,CACd,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,YAA6B,CAAC,CAAC,OAAO,EAAE,CAAC;YACxE,MAAM,IAAI,SAAS,CACjB,6CAA6C,YAAY,EAAE,CAC5D,CAAC;QACJ,CAAC;QAED,IAAI,IAAI,GAAoB,IAAI,CAAC;QAEjC,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,wBAAwB,CACnC;gBACE,aAAa;gBACb,YAAY;gBACZ,SAAS,EAAE,KAAK,EAAE,IAAI,EAAgC,EAAE;oBACtD,IAAI,WAAW,KAAK,YAAY,EAAE,CAAC;wBACjC,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;oBACjE,CAAC;oBAED,IAAI,SAAiB,CAAC;oBACtB,IAAI,CAAC;wBACH,SAAS,GAAG,oBAAoB,CAAC,IAAI,CAAC,KAAsB,CAAC,CAAC;oBAChE,CAAC;oBAAC,OAAO,CAAU,EAAE,CAAC;wBACpB,OAAO,CAAC,KAAK,CAAC,8CAA8C,EAAE,CAAC,CAAC,CAAC;wBACjE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;oBACjE,CAAC;oBAED,MAAM,YAAY,GAAmB,IAAI,CAAC,gBAAgB,CAAC;oBAC3D,IAAI,CAAC,YAAY,EAAE,CAAC;wBAClB,MAAM,IAAI,KAAK,CACb,8EAA8E,CAC/E,CAAC;oBACJ,CAAC;oBAED,IAAI,YAAkC,CAAC;oBACvC,IAAI,CAAC;wBACH,YAAY,GAAG,MAAM,mBAAmB,CAAC;4BACvC,SAAS;4BACT,YAAY;4BACZ,WAAW,EAAE,YAAY;4BACzB,KAAK;yBACN,CAAC,CAAC;wBACH,IAAI,YAAY,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;4BACzC,MAAM,IAAI,KAAK,CACb,kEAAkE,CACnE,CAAC;wBACJ,CAAC;oBACH,CAAC;oBAAC,OAAO,CAAU,EAAE,CAAC;wBACpB,OAAO,CAAC,KAAK,CACX,gEAAgE,SAAS,KAAK,EAC9E,CAAC,CACF,CAAC;wBACF,MAAM,IAAI,KAAK,CACb,8DAA8D,CAC/D,CAAC;oBACJ,CAAC;oBACD,MAAM,EAAE,cAAc,EAAE,gBAAgB,EAAE,GAAG,YAAY,CAAC;oBAE1D,IAAI,CAAC;wBACH,OAAO,CAAC,MAAM,qBAAqB,CAAC;4BAClC,GAAG,EAAE,IAAI,CAAC,KAAK;4BACf,IAAI,EAAE,IAAI,CAAC,IAAI;4BACf,QAAQ,EAAE,IAAI,CAAC,YAAY;4BAC3B,cAAc;4BACd,gBAAgB;4BAChB,SAAS;4BACT,GAAG,EAAE,WAAW;yBACjB,CAAC,CAA4B,CAAC;oBACjC,CAAC;oBAAC,OAAO,CAAU,EAAE,CAAC;wBACpB,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,CAAC,CAAC,CAAC;wBACtD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;oBACtD,CAAC;gBACH,CAAC;aACF,EACD,KAAK,CACN,CAAC;QACJ,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CACX,gFAAgF,EAChF,CAAC,CACF,CAAC;YACF,IAAI,GAAG,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAA+B;YAC5C,IAAI;YACJ,WAAW,EAAE,iBAAiB,EAAE;SACjC,CAAC;QAEF,IAAI,IAAI,CAAC,WAAW,KAAK,YAAY,EAAE,CAAC;YACtC,OAAO,CAAC,GAAG,CACT,8DAA8D,EAC9D,SAAS,CACV,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,sBAAsB,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;IACtD,CAAC;IAEM,KAAK,CAAC,yBAAyB,CACpC,IAAoB,EACpB,UAAyB,EACzB,YAAoB;QAEpB,IAAI,CAAC,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;YAClD,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC1C,CAAC;QACD,MAAM,YAAY,GAAG,SAAkB,CAAC;QACxC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YACzC,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC/D,CAAC;QACD,MAAM,KAAK,GAAW,UAAU,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAE5D,OAAO,MAAM,IAAI,CAAC,2BAA2B,CAC3C,IAAI,EACJ;YACE;gBACE,UAAU,EAAE,0BAA0B;gBACtC,KAAK;gBACL,IAAI,EAAE,QAAQ;aACf;SACF,EACD,YAAY,CACb,CAAC;IACJ,CAAC;CACF;AAED,eAAe,iBAAiB,CAAC"}

package/package.json

@@ -0,0 +1,45 @@
+{
+  "name": "@schemavaults/auth-server-sdk",
+  "description": "TypeScript SDK for building authenticated endpoints/middlewares for the Auth Server and Resource Servers",
+  "version": "0.17.2",
+  "license": "UNLICENSED",
+  "private": false,
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/schemavaults/auth.git",
+    "directory": "packages/auth-server-sdk"
+  },
+  "type": "module",
+  "main": "dist/index.js",
+  "module": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "dependencies": {
+    "zod": "3.23.8",
+    "@schemavaults/jwt": "0.6.13",
+    "@schemavaults/auth-common": "0.7.27",
+    "@schemavaults/app-definitions": "0.6.1"
+  },
+  "scripts": {
+    "build": "tsc --project tsconfig.json && tsc-alias --project tsconfig.json",
+    "test": "NODE_ENV=test bun test",
+    "cleanup:compiled-tests-output": "find ./dist -type f \\( -name \"*.test.js\" -o -name \"*.test.js.map\" -o -name \"*.test.d.ts\" \\) -delete",
+    "cleanup": "bun run cleanup:compiled-tests-output",
+    "postbuild": "bun run cleanup",
+    "lint": "eslint src --ext .ts,.tsx"
+  },
+  "devDependencies": {
+    "typescript": "5.9.3",
+    "bun-types": "1.3.6",
+    "tsc-alias": "1.8.15",
+    "next": "16.0.10",
+    "eslint": "9.39.1",
+    "@eslint/js": "9.39.1",
+    "globals": "16.5.0",
+    "@typescript-eslint/eslint-plugin": "8.48.1",
+    "@typescript-eslint/parser": "8.48.1"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "packageManager": "bun@1.3.6"
+}