@simulacrum/auth0-simulator 0.11.1 → 0.11.3

package/dist/_virtual/rolldown_runtime.cjs

@@ -0,0 +1,29 @@
+//#region rolldown:runtime
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+	if (from && typeof from === "object" || typeof from === "function") {
+		for (var keys = __getOwnPropNames(from), i = 0, n = keys.length, key; i < n; i++) {
+			key = keys[i];
+			if (!__hasOwnProp.call(to, key) && key !== except) {
+				__defProp(to, key, {
+					get: ((k) => from[k]).bind(null, key),
+					enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable
+				});
+			}
+		}
+	}
+	return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", {
+	value: mod,
+	enumerable: true
+}) : target, mod));
+
+//#endregion
+
+exports.__toESM = __toESM;

package/dist/_virtual/rolldown_runtime.mjs

@@ -0,0 +1,7 @@
+import { createRequire } from "node:module";
+
+//#region rolldown:runtime
+var __require = /* @__PURE__ */ createRequire(import.meta.url);
+
+//#endregion
+export { __require };

package/dist/auth/constants.cjs

@@ -0,0 +1,15 @@
+
+//#region src/auth/constants.ts
+const PRIVATE_KEY = "-----BEGIN RSA PRIVATE KEY-----~~MIIEpAIBAAKCAQEAwzwwEqR5p7a6CaG61i3od+GLTyype3t/f0pwwtoA9NsZANcj~~HaAUR/qzqlNRQlLI687vF1OfbETYLeHIT5V36QGrMfrYR/tYAoaKFixC/wOjt8EB~~PoeHgaTOAyGf3V3YNwocNU+StyV1X4hPmDjCrapNYpbKIcAJwq5Ij0WBKGNXBcUU~~bAceRtLqgzf/6x2vcQJeE5nJK5gd41f/jtlK9Xge0Ig6CcdKOI7U3agyI/iNF3SL~~0bnCfvtDRIkgAzzeN5Yj4S3Z4rJVQ1RgzZmqBmnjw8h06G8wDyaQPf19u4F///gF~~+dL1md/fVRKL5UL7OZg42hIZzwzdhrxOGcXUFQIDAQABAoIBAQCSwHUqLjO722Av~~yT/VqqBpLEI4+0tSJFyL4/qqnI/HfcFnnk8o/6D/EfVm/EXCYtPgXKXflN3q1jzh~~ECwvlhySKszyPqnAQa/ABj1ZuV+KrMOtZgh3Zgx3aNfqBqZSES5rANB/ShbwT9nQ~~O3gI5fF/9NlCWDIL+HvduH+WIhqZrfHbTQrntr0sMvYTNE8PkAsB1GGZ5VO8gGGT~~Tg3kKOpNGWAJUYape/1Mb0Z1W8E1YDEaQKCnVY+Whr3+ZuLveDmyTuvLrUi+MAA4~~EaISkBZQo3ehUMjXm/0PdG4U9f2otAOhdwa2eT9irTkNS0TU+bi7VDEEhTmRKyfO~~yyVAGzTpAoGBAOmPbnMBAJYLk0SiQVspxIT+LW3tDWc7aFr/TtqAXkEVxI2xG6wA~~dEyRasBbPJDSWEljMre4g/6GG1fsPj0l5n2S8azy6jIu49ANvZPrrrBsuVYStR18~~MibzxjWWUht3vOCZBKtbqgHbC/oc49jMLPO5XrDFMTJPU5GkWRRLRZArAoGBANX+~~H6NQ7fUg8TUerXEB1WqA+FH4zVqJ/NKjbqaj9FPFWG59AjBVqQ335QzDWNCs/LjD~~REF/6qMeP2adehNhEVv2nK3rS+po9b4yLkiSysLivFPry9AxMGzFr3XzgoDb+y+y~~T02zj2k7nkGlNSSSanIxsp+TzTKsIY7ZbGx6d8y/AoGAS/kSDmq3DBe70cmNxN+z~~QyeDE4zWnUvfyCngNocnIbi49PY1cB+9tOJgfS2wZ9NkUIrqBoUIupRY9KKuJCnd~~7d8MqhtiPuytwhGWJzW030KejvcK3wp1LeKCCRBaqQCr+csMj8kDZhMgtD0NiInx~~3V3hBVM/i4PuRSPWrhlGCX0CgYEAq/xR8TBaD2kqc0b0np6ap75/1WHhqaK9T42K~~oOOkuq8hI6vU1oQCGvfhXyChgRWHB/foI7xrGC53RkHKm0ioawEJa75whTVWTEaI~~bEuOKpOQSOJ6LBlckg9PtbzAZlBm0S6+DfUCjdEcoCXnUD1cz+qhZR+lC9TMI8Mb~~IRRMtIECgYBrVlenf/rHK1UMC3FDmkOzH7agShcDHqzFMR1/NcMDolZNXXFy/u4t~~nDxci1smAUQr4oNs1lk9UzCdt0+pVCjmhbriBngwsS6sazOesDft53w6RTczsRpa~~09YDfcXhnI5yT+vd5r4xA5HhyniY7W1ahSzGDYIGlVm5IReC3P6Caw==~~-----END RSA PRIVATE KEY-----~~";
+const JWKS = { keys: [{
+	kty: "RSA",
+	n: "wzwwEqR5p7a6CaG61i3od-GLTyype3t_f0pwwtoA9NsZANcjHaAUR_qzqlNRQlLI687vF1OfbETYLeHIT5V36QGrMfrYR_tYAoaKFixC_wOjt8EBPoeHgaTOAyGf3V3YNwocNU-StyV1X4hPmDjCrapNYpbKIcAJwq5Ij0WBKGNXBcUUbAceRtLqgzf_6x2vcQJeE5nJK5gd41f_jtlK9Xge0Ig6CcdKOI7U3agyI_iNF3SL0bnCfvtDRIkgAzzeN5Yj4S3Z4rJVQ1RgzZmqBmnjw8h06G8wDyaQPf19u4F___gF-dL1md_fVRKL5UL7OZg42hIZzwzdhrxOGcXUFQ",
+	e: "AQAB",
+	alg: "RS256",
+	kid: "NkRGQjI5N0RBNUUwMTYwOEMxQUVGQkJBQTJBODBGNTE2MDA5NDM5RA",
+	use: "sig"
+}] };
+
+//#endregion
+exports.JWKS = JWKS;
+exports.PRIVATE_KEY = PRIVATE_KEY;

package/dist/auth/constants.mjs

@@ -0,0 +1,14 @@
+//#region src/auth/constants.ts
+const PRIVATE_KEY = "-----BEGIN RSA PRIVATE KEY-----~~MIIEpAIBAAKCAQEAwzwwEqR5p7a6CaG61i3od+GLTyype3t/f0pwwtoA9NsZANcj~~HaAUR/qzqlNRQlLI687vF1OfbETYLeHIT5V36QGrMfrYR/tYAoaKFixC/wOjt8EB~~PoeHgaTOAyGf3V3YNwocNU+StyV1X4hPmDjCrapNYpbKIcAJwq5Ij0WBKGNXBcUU~~bAceRtLqgzf/6x2vcQJeE5nJK5gd41f/jtlK9Xge0Ig6CcdKOI7U3agyI/iNF3SL~~0bnCfvtDRIkgAzzeN5Yj4S3Z4rJVQ1RgzZmqBmnjw8h06G8wDyaQPf19u4F///gF~~+dL1md/fVRKL5UL7OZg42hIZzwzdhrxOGcXUFQIDAQABAoIBAQCSwHUqLjO722Av~~yT/VqqBpLEI4+0tSJFyL4/qqnI/HfcFnnk8o/6D/EfVm/EXCYtPgXKXflN3q1jzh~~ECwvlhySKszyPqnAQa/ABj1ZuV+KrMOtZgh3Zgx3aNfqBqZSES5rANB/ShbwT9nQ~~O3gI5fF/9NlCWDIL+HvduH+WIhqZrfHbTQrntr0sMvYTNE8PkAsB1GGZ5VO8gGGT~~Tg3kKOpNGWAJUYape/1Mb0Z1W8E1YDEaQKCnVY+Whr3+ZuLveDmyTuvLrUi+MAA4~~EaISkBZQo3ehUMjXm/0PdG4U9f2otAOhdwa2eT9irTkNS0TU+bi7VDEEhTmRKyfO~~yyVAGzTpAoGBAOmPbnMBAJYLk0SiQVspxIT+LW3tDWc7aFr/TtqAXkEVxI2xG6wA~~dEyRasBbPJDSWEljMre4g/6GG1fsPj0l5n2S8azy6jIu49ANvZPrrrBsuVYStR18~~MibzxjWWUht3vOCZBKtbqgHbC/oc49jMLPO5XrDFMTJPU5GkWRRLRZArAoGBANX+~~H6NQ7fUg8TUerXEB1WqA+FH4zVqJ/NKjbqaj9FPFWG59AjBVqQ335QzDWNCs/LjD~~REF/6qMeP2adehNhEVv2nK3rS+po9b4yLkiSysLivFPry9AxMGzFr3XzgoDb+y+y~~T02zj2k7nkGlNSSSanIxsp+TzTKsIY7ZbGx6d8y/AoGAS/kSDmq3DBe70cmNxN+z~~QyeDE4zWnUvfyCngNocnIbi49PY1cB+9tOJgfS2wZ9NkUIrqBoUIupRY9KKuJCnd~~7d8MqhtiPuytwhGWJzW030KejvcK3wp1LeKCCRBaqQCr+csMj8kDZhMgtD0NiInx~~3V3hBVM/i4PuRSPWrhlGCX0CgYEAq/xR8TBaD2kqc0b0np6ap75/1WHhqaK9T42K~~oOOkuq8hI6vU1oQCGvfhXyChgRWHB/foI7xrGC53RkHKm0ioawEJa75whTVWTEaI~~bEuOKpOQSOJ6LBlckg9PtbzAZlBm0S6+DfUCjdEcoCXnUD1cz+qhZR+lC9TMI8Mb~~IRRMtIECgYBrVlenf/rHK1UMC3FDmkOzH7agShcDHqzFMR1/NcMDolZNXXFy/u4t~~nDxci1smAUQr4oNs1lk9UzCdt0+pVCjmhbriBngwsS6sazOesDft53w6RTczsRpa~~09YDfcXhnI5yT+vd5r4xA5HhyniY7W1ahSzGDYIGlVm5IReC3P6Caw==~~-----END RSA PRIVATE KEY-----~~";
+const JWKS = { keys: [{
+	kty: "RSA",
+	n: "wzwwEqR5p7a6CaG61i3od-GLTyype3t_f0pwwtoA9NsZANcjHaAUR_qzqlNRQlLI687vF1OfbETYLeHIT5V36QGrMfrYR_tYAoaKFixC_wOjt8EBPoeHgaTOAyGf3V3YNwocNU-StyV1X4hPmDjCrapNYpbKIcAJwq5Ij0WBKGNXBcUUbAceRtLqgzf_6x2vcQJeE5nJK5gd41f_jtlK9Xge0Ig6CcdKOI7U3agyI_iNF3SL0bnCfvtDRIkgAzzeN5Yj4S3Z4rJVQ1RgzZmqBmnjw8h06G8wDyaQPf19u4F___gF-dL1md_fVRKL5UL7OZg42hIZzwzdhrxOGcXUFQ",
+	e: "AQAB",
+	alg: "RS256",
+	kid: "NkRGQjI5N0RBNUUwMTYwOEMxQUVGQkJBQTJBODBGNTE2MDA5NDM5RA",
+	use: "sig"
+}] };
+
+//#endregion
+export { JWKS, PRIVATE_KEY };
+//# sourceMappingURL=constants.mjs.map

package/dist/auth/constants.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.mjs","names":[],"sources":["../../src/auth/constants.ts"],"sourcesContent":["export const PRIVATE_KEY =\n  \"-----BEGIN RSA PRIVATE KEY-----~~MIIEpAIBAAKCAQEAwzwwEqR5p7a6CaG61i3od+GLTyype3t/f0pwwtoA9NsZANcj~~HaAUR/qzqlNRQlLI687vF1OfbETYLeHIT5V36QGrMfrYR/tYAoaKFixC/wOjt8EB~~PoeHgaTOAyGf3V3YNwocNU+StyV1X4hPmDjCrapNYpbKIcAJwq5Ij0WBKGNXBcUU~~bAceRtLqgzf/6x2vcQJeE5nJK5gd41f/jtlK9Xge0Ig6CcdKOI7U3agyI/iNF3SL~~0bnCfvtDRIkgAzzeN5Yj4S3Z4rJVQ1RgzZmqBmnjw8h06G8wDyaQPf19u4F///gF~~+dL1md/fVRKL5UL7OZg42hIZzwzdhrxOGcXUFQIDAQABAoIBAQCSwHUqLjO722Av~~yT/VqqBpLEI4+0tSJFyL4/qqnI/HfcFnnk8o/6D/EfVm/EXCYtPgXKXflN3q1jzh~~ECwvlhySKszyPqnAQa/ABj1ZuV+KrMOtZgh3Zgx3aNfqBqZSES5rANB/ShbwT9nQ~~O3gI5fF/9NlCWDIL+HvduH+WIhqZrfHbTQrntr0sMvYTNE8PkAsB1GGZ5VO8gGGT~~Tg3kKOpNGWAJUYape/1Mb0Z1W8E1YDEaQKCnVY+Whr3+ZuLveDmyTuvLrUi+MAA4~~EaISkBZQo3ehUMjXm/0PdG4U9f2otAOhdwa2eT9irTkNS0TU+bi7VDEEhTmRKyfO~~yyVAGzTpAoGBAOmPbnMBAJYLk0SiQVspxIT+LW3tDWc7aFr/TtqAXkEVxI2xG6wA~~dEyRasBbPJDSWEljMre4g/6GG1fsPj0l5n2S8azy6jIu49ANvZPrrrBsuVYStR18~~MibzxjWWUht3vOCZBKtbqgHbC/oc49jMLPO5XrDFMTJPU5GkWRRLRZArAoGBANX+~~H6NQ7fUg8TUerXEB1WqA+FH4zVqJ/NKjbqaj9FPFWG59AjBVqQ335QzDWNCs/LjD~~REF/6qMeP2adehNhEVv2nK3rS+po9b4yLkiSysLivFPry9AxMGzFr3XzgoDb+y+y~~T02zj2k7nkGlNSSSanIxsp+TzTKsIY7ZbGx6d8y/AoGAS/kSDmq3DBe70cmNxN+z~~QyeDE4zWnUvfyCngNocnIbi49PY1cB+9tOJgfS2wZ9NkUIrqBoUIupRY9KKuJCnd~~7d8MqhtiPuytwhGWJzW030KejvcK3wp1LeKCCRBaqQCr+csMj8kDZhMgtD0NiInx~~3V3hBVM/i4PuRSPWrhlGCX0CgYEAq/xR8TBaD2kqc0b0np6ap75/1WHhqaK9T42K~~oOOkuq8hI6vU1oQCGvfhXyChgRWHB/foI7xrGC53RkHKm0ioawEJa75whTVWTEaI~~bEuOKpOQSOJ6LBlckg9PtbzAZlBm0S6+DfUCjdEcoCXnUD1cz+qhZR+lC9TMI8Mb~~IRRMtIECgYBrVlenf/rHK1UMC3FDmkOzH7agShcDHqzFMR1/NcMDolZNXXFy/u4t~~nDxci1smAUQr4oNs1lk9UzCdt0+pVCjmhbriBngwsS6sazOesDft53w6RTczsRpa~~09YDfcXhnI5yT+vd5r4xA5HhyniY7W1ahSzGDYIGlVm5IReC3P6Caw==~~-----END RSA PRIVATE KEY-----~~\" as const;\n\nexport const JWKS = {\n  keys: [\n    {\n      kty: \"RSA\",\n      n: \"wzwwEqR5p7a6CaG61i3od-GLTyype3t_f0pwwtoA9NsZANcjHaAUR_qzqlNRQlLI687vF1OfbETYLeHIT5V36QGrMfrYR_tYAoaKFixC_wOjt8EBPoeHgaTOAyGf3V3YNwocNU-StyV1X4hPmDjCrapNYpbKIcAJwq5Ij0WBKGNXBcUUbAceRtLqgzf_6x2vcQJeE5nJK5gd41f_jtlK9Xge0Ig6CcdKOI7U3agyI_iNF3SL0bnCfvtDRIkgAzzeN5Yj4S3Z4rJVQ1RgzZmqBmnjw8h06G8wDyaQPf19u4F___gF-dL1md_fVRKL5UL7OZg42hIZzwzdhrxOGcXUFQ\",\n      e: \"AQAB\",\n      alg: \"RS256\",\n      kid: \"NkRGQjI5N0RBNUUwMTYwOEMxQUVGQkJBQTJBODBGNTE2MDA5NDM5RA\",\n      use: \"sig\",\n    },\n  ],\n} as const;\n"],"mappings":";AAAA,MAAa,cACX;AAEF,MAAa,OAAO,EAClB,MAAM,CACJ;CACE,KAAK;CACL,GAAG;CACH,GAAG;CACH,KAAK;CACL,KAAK;CACL,KAAK;CACN,CACF,EACF"}

package/dist/auth/date.cjs

@@ -0,0 +1,8 @@
+
+//#region src/auth/date.ts
+const epochTime = (date = Date.now()) => Math.floor(date / 1e3);
+const expiresAt = (hours = 1) => epochTime() + hours * 60 * 60 * 1e3;
+
+//#endregion
+exports.epochTime = epochTime;
+exports.expiresAt = expiresAt;

package/dist/auth/date.mjs

@@ -0,0 +1,7 @@
+//#region src/auth/date.ts
+const epochTime = (date = Date.now()) => Math.floor(date / 1e3);
+const expiresAt = (hours = 1) => epochTime() + hours * 60 * 60 * 1e3;
+
+//#endregion
+export { epochTime, expiresAt };
+//# sourceMappingURL=date.mjs.map

package/dist/auth/date.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"date.mjs","names":[],"sources":["../../src/auth/date.ts"],"sourcesContent":["export const epochTime = (date = Date.now()): number => Math.floor(date / 1000);\n\nexport const expiresAt = (hours = 1): number =>\n  epochTime() + hours * 60 * 60 * 1000;\n\nexport const epochTimeToLocalDate = (epoch: number): Date => {\n  let date = new Date(0);\n  date.setUTCSeconds(epoch);\n  return date;\n};\n"],"mappings":";AAAA,MAAa,aAAa,OAAO,KAAK,KAAK,KAAa,KAAK,MAAM,OAAO,IAAK;AAE/E,MAAa,aAAa,QAAQ,MAChC,WAAW,GAAG,QAAQ,KAAK,KAAK"}

package/dist/auth/jwt.cjs

@@ -0,0 +1,16 @@
+const require_rolldown_runtime = require('../_virtual/rolldown_runtime.cjs');
+const require_constants = require('./constants.cjs');
+let jsonwebtoken = require("jsonwebtoken");
+jsonwebtoken = require_rolldown_runtime.__toESM(jsonwebtoken);
+
+//#region src/auth/jwt.ts
+const parseKey = (key) => key.split("~~").join("\n");
+function createJsonWebToken(payload, privateKey = parseKey(require_constants.PRIVATE_KEY), options = {
+	algorithm: "RS256",
+	keyid: require_constants.JWKS.keys[0].kid
+}) {
+	return jsonwebtoken.sign(payload, privateKey, options);
+}
+
+//#endregion
+exports.createJsonWebToken = createJsonWebToken;

package/dist/auth/jwt.mjs

@@ -0,0 +1,15 @@
+import { JWKS, PRIVATE_KEY } from "./constants.mjs";
+import * as jwt from "jsonwebtoken";
+
+//#region src/auth/jwt.ts
+const parseKey = (key) => key.split("~~").join("\n");
+function createJsonWebToken(payload, privateKey = parseKey(PRIVATE_KEY), options = {
+	algorithm: "RS256",
+	keyid: JWKS.keys[0].kid
+}) {
+	return jwt.sign(payload, privateKey, options);
+}
+
+//#endregion
+export { createJsonWebToken };
+//# sourceMappingURL=jwt.mjs.map

package/dist/auth/jwt.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.mjs","names":[],"sources":["../../src/auth/jwt.ts"],"sourcesContent":["import type { SignOptions } from \"jsonwebtoken\";\nimport * as jwt from \"jsonwebtoken\";\nimport { JWKS, PRIVATE_KEY } from \"./constants.ts\";\n\nexport const parseKey = (key: string): string => key.split(\"~~\").join(\"\\n\");\n\ntype SignPayload = Parameters<typeof jwt.sign>[0];\n\nexport function createJsonWebToken<P extends SignPayload>(\n  payload: P,\n  privateKey = parseKey(PRIVATE_KEY),\n  options: SignOptions = {\n    algorithm: \"RS256\",\n    keyid: JWKS.keys[0].kid,\n  }\n): string {\n  return jwt.sign(payload, privateKey, options);\n}\n"],"mappings":";;;;AAIA,MAAa,YAAY,QAAwB,IAAI,MAAM,KAAK,CAAC,KAAK,KAAK;AAI3E,SAAgB,mBACd,SACA,aAAa,SAAS,YAAY,EAClC,UAAuB;CACrB,WAAW;CACX,OAAO,KAAK,KAAK,GAAG;CACrB,EACO;AACR,QAAO,IAAI,KAAK,SAAS,YAAY,QAAQ"}

package/dist/auth/refresh-token.cjs

@@ -0,0 +1,24 @@
+const require_rolldown_runtime = require('../_virtual/rolldown_runtime.cjs');
+const require_date = require('./date.cjs');
+let assert_ts = require("assert-ts");
+let base64_url = require("base64-url");
+
+//#region src/auth/refresh-token.ts
+function issueRefreshToken(scope, grantType) {
+	return grantType === "refresh_token" || scope.includes("offline_access");
+}
+function createRefreshToken({ exp, rotations = 0, scope, user, nonce }) {
+	(0, assert_ts.assert)(!!user.id, `no identifier for user`);
+	return (0, base64_url.encode)(JSON.stringify({
+		exp,
+		iat: require_date.epochTime(),
+		rotations,
+		scope,
+		user: { id: user.id },
+		nonce
+	}));
+}
+
+//#endregion
+exports.createRefreshToken = createRefreshToken;
+exports.issueRefreshToken = issueRefreshToken;

package/dist/auth/refresh-token.mjs

@@ -0,0 +1,23 @@
+import { epochTime } from "./date.mjs";
+import { assert } from "assert-ts";
+import { encode } from "base64-url";
+
+//#region src/auth/refresh-token.ts
+function issueRefreshToken(scope, grantType) {
+	return grantType === "refresh_token" || scope.includes("offline_access");
+}
+function createRefreshToken({ exp, rotations = 0, scope, user, nonce }) {
+	assert(!!user.id, `no identifier for user`);
+	return encode(JSON.stringify({
+		exp,
+		iat: epochTime(),
+		rotations,
+		scope,
+		user: { id: user.id },
+		nonce
+	}));
+}
+
+//#endregion
+export { createRefreshToken, issueRefreshToken };
+//# sourceMappingURL=refresh-token.mjs.map

package/dist/auth/refresh-token.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"refresh-token.mjs","names":[],"sources":["../../src/auth/refresh-token.ts"],"sourcesContent":["import type { GrantType, RefreshToken } from \"../types.ts\";\nimport { epochTime } from \"./date.ts\";\nimport { encode } from \"base64-url\";\nimport { assert } from \"assert-ts\";\n\nexport function issueRefreshToken(\n  scope: string,\n  grantType: GrantType\n): boolean {\n  return grantType === \"refresh_token\" || scope.includes(\"offline_access\");\n}\n\nexport function createRefreshToken({\n  exp,\n  rotations = 0,\n  scope,\n  user,\n  nonce,\n}: Omit<RefreshToken, \"iat\">): string {\n  assert(!!user.id, `no identifier for user`);\n\n  return encode(\n    JSON.stringify({\n      exp,\n      iat: epochTime(),\n      rotations,\n      scope,\n      user: { id: user.id },\n      nonce,\n    })\n  );\n}\n"],"mappings":";;;;;AAKA,SAAgB,kBACd,OACA,WACS;AACT,QAAO,cAAc,mBAAmB,MAAM,SAAS,iBAAiB;;AAG1E,SAAgB,mBAAmB,EACjC,KACA,YAAY,GACZ,OACA,MACA,SACoC;AACpC,QAAO,CAAC,CAAC,KAAK,IAAI,yBAAyB;AAE3C,QAAO,OACL,KAAK,UAAU;EACb;EACA,KAAK,WAAW;EAChB;EACA;EACA,MAAM,EAAE,IAAI,KAAK,IAAI;EACrB;EACD,CAAC,CACH"}

package/dist/config/get-config.cjs

@@ -0,0 +1,39 @@
+const require_rolldown_runtime = require('../_virtual/rolldown_runtime.cjs');
+const require_types = require('../types.cjs');
+let cosmiconfig = require("cosmiconfig");
+
+//#region src/config/get-config.ts
+const DefaultAuth0Port = 4400;
+const DefaultArgs = {
+	clientID: "00000000000000000000000000000000",
+	audience: "https://thefrontside.auth0.com/api/v1/",
+	scope: "openid profile email offline_access"
+};
+function getPort({ domain, port }) {
+	if (typeof port === "number") return port;
+	if (domain) {
+		const parts = domain.split(":");
+		if (parts.length === 2) return parseInt(parts[1]);
+	}
+	return DefaultAuth0Port;
+}
+function getConfigCreator(explorer$1) {
+	return function getConfig$1(options) {
+		let searchResult = explorer$1.search();
+		let config = searchResult === null ? DefaultArgs : searchResult.config;
+		let strippedOptions = options ?? {};
+		let configuration = {
+			...DefaultArgs,
+			...config,
+			...strippedOptions
+		};
+		configuration.port = getPort(configuration);
+		require_types.configurationSchema.parse(configuration);
+		return configuration;
+	};
+}
+const explorer = (0, cosmiconfig.cosmiconfigSync)("auth0Simulator");
+const getConfig = getConfigCreator(explorer);
+
+//#endregion
+exports.getConfig = getConfig;

package/dist/config/get-config.mjs

@@ -0,0 +1,39 @@
+import { configurationSchema } from "../types.mjs";
+import { cosmiconfigSync } from "cosmiconfig";
+
+//#region src/config/get-config.ts
+const DefaultAuth0Port = 4400;
+const DefaultArgs = {
+	clientID: "00000000000000000000000000000000",
+	audience: "https://thefrontside.auth0.com/api/v1/",
+	scope: "openid profile email offline_access"
+};
+function getPort({ domain, port }) {
+	if (typeof port === "number") return port;
+	if (domain) {
+		const parts = domain.split(":");
+		if (parts.length === 2) return parseInt(parts[1]);
+	}
+	return DefaultAuth0Port;
+}
+function getConfigCreator(explorer$1) {
+	return function getConfig$1(options) {
+		let searchResult = explorer$1.search();
+		let config = searchResult === null ? DefaultArgs : searchResult.config;
+		let strippedOptions = options ?? {};
+		let configuration = {
+			...DefaultArgs,
+			...config,
+			...strippedOptions
+		};
+		configuration.port = getPort(configuration);
+		configurationSchema.parse(configuration);
+		return configuration;
+	};
+}
+const explorer = cosmiconfigSync("auth0Simulator");
+const getConfig = getConfigCreator(explorer);
+
+//#endregion
+export { getConfig };
+//# sourceMappingURL=get-config.mjs.map

package/dist/config/get-config.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-config.mjs","names":["DefaultArgs: ConfigSchema","getConfig","explorer","config: ConfigSchema"],"sources":["../../src/config/get-config.ts"],"sourcesContent":["import { cosmiconfigSync } from \"cosmiconfig\";\nimport type { Auth0Configuration, ConfigSchema } from \"../types.ts\";\nimport { configurationSchema } from \"../types.ts\";\n\nconst DefaultAuth0Port = 4400;\n\nexport const DefaultArgs: ConfigSchema = {\n  clientID: \"00000000000000000000000000000000\",\n  audience: \"https://thefrontside.auth0.com/api/v1/\",\n  scope: \"openid profile email offline_access\",\n};\n\ntype Explorer = ReturnType<typeof cosmiconfigSync>;\n\nfunction getPort({ domain, port }: Auth0Configuration): number {\n  if (typeof port === \"number\") {\n    return port;\n  }\n\n  if (domain) {\n    const parts = domain.split(\":\");\n    if (parts.length === 2) {\n      return parseInt(parts[1]!);\n    }\n  }\n\n  return DefaultAuth0Port;\n}\n\n// This higher order function would only be used for testing and\n// allows different cosmiconfig instances to be used for testing\nexport function getConfigCreator(explorer: Explorer) {\n  return function getConfig(\n    options?: Partial<Auth0Configuration>\n  ): Auth0Configuration {\n    let searchResult = explorer.search();\n\n    let config: ConfigSchema =\n      searchResult === null ? DefaultArgs : searchResult.config;\n\n    let strippedOptions = options ?? {};\n\n    let configuration = {\n      ...DefaultArgs,\n      ...config,\n      ...strippedOptions,\n    } as Auth0Configuration;\n\n    configuration.port = getPort(configuration);\n\n    configurationSchema.parse(configuration);\n\n    return configuration;\n  };\n}\n\nconst explorer = cosmiconfigSync(\"auth0Simulator\");\n\nexport const getConfig = getConfigCreator(explorer);\n"],"mappings":";;;;AAIA,MAAM,mBAAmB;AAEzB,MAAaA,cAA4B;CACvC,UAAU;CACV,UAAU;CACV,OAAO;CACR;AAID,SAAS,QAAQ,EAAE,QAAQ,QAAoC;AAC7D,KAAI,OAAO,SAAS,SAClB,QAAO;AAGT,KAAI,QAAQ;EACV,MAAM,QAAQ,OAAO,MAAM,IAAI;AAC/B,MAAI,MAAM,WAAW,EACnB,QAAO,SAAS,MAAM,GAAI;;AAI9B,QAAO;;AAKT,SAAgB,iBAAiB,YAAoB;AACnD,QAAO,SAASC,YACd,SACoB;EACpB,IAAI,eAAeC,WAAS,QAAQ;EAEpC,IAAIC,SACF,iBAAiB,OAAO,cAAc,aAAa;EAErD,IAAI,kBAAkB,WAAW,EAAE;EAEnC,IAAI,gBAAgB;GAClB,GAAG;GACH,GAAG;GACH,GAAG;GACJ;AAED,gBAAc,OAAO,QAAQ,cAAc;AAE3C,sBAAoB,MAAM,cAAc;AAExC,SAAO;;;AAIX,MAAM,WAAW,gBAAgB,iBAAiB;AAElD,MAAa,YAAY,iBAAiB,SAAS"}

package/dist/handlers/auth0-handlers.cjs

@@ -0,0 +1,207 @@
+const require_rolldown_runtime = require('../_virtual/rolldown_runtime.cjs');
+const require_login_redirect = require('./login-redirect.cjs');
+const require_web_message = require('./web-message.cjs');
+const require_utils = require('./utils.cjs');
+const require_login = require('../views/login.cjs');
+const require_oauth_handlers = require('./oauth-handlers.cjs');
+const require_username_password = require('../views/username-password.cjs');
+let querystring = require("querystring");
+let assert_ts = require("assert-ts");
+let base64_url = require("base64-url");
+let jsonwebtoken = require("jsonwebtoken");
+
+//#region src/handlers/auth0-handlers.ts
+const createLogger = (debug) => ({ log: (...args) => {
+	if (!debug) return;
+	console.dir(...args);
+} });
+const createAuth0Handlers = (simulationStore, serviceURL, options, debug) => {
+	let { audience, scope, clientID, rulesDirectory } = options;
+	let personQuery = require_utils.createPersonQuery(simulationStore);
+	let authorizeHandlers = {
+		query: require_login_redirect.createLoginRedirectHandler(options),
+		web_message: require_web_message.createWebMessageHandler()
+	};
+	let logger = createLogger(debug);
+	return {
+		["/heartbeat"]: function(_, res) {
+			res.status(200).json({ ok: true });
+		},
+		["/authorize"]: function(req, res, next) {
+			logger.log({ "/authorize": {
+				body: req.body,
+				query: req.query,
+				session: req.session
+			} });
+			let currentUser = req.query.currentUser;
+			(0, assert_ts.assert)(!!req.session, "no session");
+			if (currentUser) req.session.username = currentUser;
+			let responseMode = req.query.response_mode ?? "query";
+			(0, assert_ts.assert)(["query", "web_message"].includes(responseMode), `unknown response_mode ${responseMode}`);
+			let handler = authorizeHandlers[responseMode];
+			handler(req, res, next);
+		},
+		["/login"]: function(req, res) {
+			logger.log({ "/login": {
+				body: req.body,
+				query: req.query
+			} });
+			let query = req.query;
+			let responseClientId = query.client_id ?? clientID;
+			let responseAudience = query.audience ?? audience;
+			(0, assert_ts.assert)(!!responseClientId, `no clientID assigned`);
+			let html = require_login.loginView({
+				domain: new URL(serviceURL(req)).host,
+				scope,
+				redirectUri: query.redirect_uri,
+				clientID: responseClientId,
+				audience: responseAudience,
+				loginFailed: false
+			});
+			res.set("Content-Type", "text/html");
+			res.status(200).send(Buffer.from(html));
+		},
+		["/usernamepassword/login"]: function(req, res) {
+			logger.log({ "/usernamepassword/login": {
+				body: req.body,
+				query: req.query
+			} });
+			let { username, nonce, password } = req.body;
+			(0, assert_ts.assert)(!!username, "no username in /usernamepassword/login");
+			(0, assert_ts.assert)(!!nonce, "no nonce in /usernamepassword/login");
+			(0, assert_ts.assert)(!!req.session, "no session");
+			if (!personQuery((person) => person.email?.toLowerCase() === username.toLowerCase() && person.password === password)) {
+				let query = req.query;
+				let responseClientId = query.client_id ?? clientID;
+				let responseAudience = query.audience ?? audience;
+				(0, assert_ts.assert)(!!clientID, `no clientID assigned`);
+				let html = require_login.loginView({
+					domain: new URL(serviceURL(req)).host,
+					scope,
+					redirectUri: query.redirect_uri,
+					clientID: responseClientId,
+					audience: responseAudience,
+					loginFailed: true
+				});
+				res.set("Content-Type", "text/html");
+				res.status(400).send(html);
+				return;
+			}
+			req.session.username = username;
+			simulationStore.store.dispatch(simulationStore.actions.batchUpdater([simulationStore.schema.sessions.patch({ [nonce]: {
+				username,
+				nonce
+			} })]));
+			res.status(200).send(require_username_password.userNamePasswordForm(req.body));
+		},
+		["/login/callback"]: function(req, res) {
+			let wctx = JSON.parse(req.body.wctx);
+			logger.log({ "/login/callback": {
+				body: req.body,
+				query: req.query,
+				wctx
+			} });
+			let { redirect_uri, nonce } = wctx;
+			const { username } = simulationStore.schema.sessions.selectById(simulationStore.store.getState(), { id: nonce }) ?? {};
+			let routerUrl = `${redirect_uri}?${(0, querystring.stringify)({
+				code: (0, base64_url.encode)(`${nonce}:${username}`),
+				...wctx
+			})}`;
+			res.redirect(302, routerUrl);
+		},
+		["/oauth/token"]: async function(req, res, next) {
+			logger.log({ "/oauth/token": {
+				body: req.body,
+				query: req.query
+			} });
+			try {
+				let iss = serviceURL(req);
+				let responseClientId = req?.body?.client_id ?? clientID;
+				let responseAudience = req?.body?.audience ?? audience;
+				(0, assert_ts.assert)(!!responseClientId, "500::no clientID in options or request body");
+				let tokens = await require_oauth_handlers.createTokens({
+					simulationStore,
+					body: req.body,
+					iss,
+					clientID: responseClientId,
+					audience: responseAudience,
+					rulesDirectory,
+					scope
+				});
+				res.status(200).json({
+					...tokens,
+					expires_in: 86400,
+					token_type: "Bearer"
+				});
+			} catch (error) {
+				next(error);
+			}
+		},
+		["/v2/logout"]: function(req, res) {
+			req.session = null;
+			let returnToUrl = req.query.returnTo ?? req.headers.referer;
+			(0, assert_ts.assert)(typeof returnToUrl === "string", `no logical returnTo url`);
+			res.redirect(returnToUrl);
+		},
+		["/userinfo"]: function(req, res) {
+			let token = null;
+			if (req.headers.authorization) token = req.headers.authorization?.split(" ")?.[1];
+			else token = req?.query?.access_token;
+			(0, assert_ts.assert)(!!token, "no authorization header or access_token");
+			let { sub } = (0, jsonwebtoken.decode)(token, { json: true });
+			let user = personQuery((person) => {
+				(0, assert_ts.assert)(!!person.id, `no email defined on person scenario`);
+				return person.id === sub;
+			});
+			(0, assert_ts.assert)(!!user, "no user in /userinfo");
+			let userinfo = {
+				sub,
+				name: user.name,
+				given_name: user.name,
+				family_name: user.name,
+				email: user.email,
+				email_verified: true,
+				locale: "en",
+				hd: "okta.com"
+			};
+			res.status(200).json(userinfo);
+		},
+		["/passwordless/start"]: function(req, res, next) {
+			logger.log({ "/passwordless/start": { body: req.body } });
+			try {
+				const { client_id, connection, email, phone_number } = req.body;
+				if (!client_id) {
+					res.status(400).json({ error: "client_id is required" });
+					return;
+				}
+				if (!connection || connection !== "email" && connection !== "sms") {
+					res.status(400).json({ error: "connection must be 'email' or 'sms'" });
+					return;
+				}
+				if (connection === "email" && !email) {
+					res.status(400).json({ error: "email is required when connection is 'email'" });
+					return;
+				}
+				if (connection === "sms" && !phone_number) {
+					res.status(400).json({ error: "phone_number is required when connection is 'sms'" });
+					return;
+				}
+				if (connection === "email") res.status(200).json({
+					_id: "000000000000000000000000",
+					email,
+					email_verified: false
+				});
+				else res.status(200).json({
+					_id: "000000000000000000000000",
+					phone_number,
+					phone_verified: false
+				});
+			} catch (error) {
+				next(error);
+			}
+		}
+	};
+};
+
+//#endregion
+exports.createAuth0Handlers = createAuth0Handlers;