@spfn/auth 0.2.0-beta.5 → 0.2.0-beta.50

package/dist/config.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/config/index.ts","../src/config/schema.ts"],"sourcesContent":["/**\n * Core Package Configuration\n *\n * @example\n * ```typescript\n * import { registry } from '@spfn/core/config';\n *\n * const env = registry.validate();\n * console.log(env.DB_POOL_MAX);\n * ```\n *\n * @module config\n */\n\nimport { createEnvRegistry } from '@spfn/core/env';\nimport { authEnvSchema } from './schema';\n\nexport { authEnvSchema as envSchema } from './schema';\n\n/**\n * Environment registry\n */\nconst registry = createEnvRegistry(authEnvSchema);\nexport const env = registry.validate();","/**\n * Auth Environment Variable Schema\n *\n * Centralized schema definition for all environment variables used in @spfn/auth.\n * This provides type safety, validation, and documentation for Auth configuration.\n *\n * @module config/schema\n */\n\nimport {\n    defineEnvSchema,\n    envString,\n    envNumber,\n    createSecureSecretParser,\n    createPasswordParser,\n} from '@spfn/core/env';\n\n/**\n * Auth environment variable schema\n *\n * Defines all Auth environment variables with:\n * - Type information\n * - Default values\n * - Validation rules\n * - Documentation\n *\n * @example\n * ```typescript\n * import { authEnvSchema } from '@spfn/auth/config';\n *\n * // Access schema information\n * console.log(authEnvSchema.SPFN_AUTH_SESSION_SECRET.description);\n * console.log(authEnvSchema.SPFN_AUTH_JWT_EXPIRES_IN.default);\n * ```\n */\nexport const authEnvSchema = defineEnvSchema({\n    // ============================================================================\n    // Session Configuration\n    // ============================================================================\n    SPFN_AUTH_SESSION_SECRET: {\n        ...envString({\n            description: 'Session encryption secret (minimum 32 characters for AES-256)',\n            required: true,\n            fallbackKeys: ['SESSION_SECRET'],\n            validator: createSecureSecretParser({\n                minLength: 32,\n                minUniqueChars: 16,\n                minEntropy: 3.5,\n            }),\n            sensitive: true,\n            nextjs: true, // Required for Next.js RSC session validation\n            examples: [\n                'my-super-secret-session-key-at-least-32-chars-long',\n                'use-a-cryptographically-secure-random-string-here',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_SESSION_TTL: {\n        ...envString({\n            description: 'Session TTL (time to live) - supports duration strings like \\'7d\\', \\'12h\\', \\'45m\\'',\n            default: '7d',\n            required: false,\n            nextjs: true, // May be needed for session validation in Next.js RSC\n            examples: ['7d', '30d', '12h', '45m', '3600'],\n        }),\n    },\n\n    // ============================================================================\n    // JWT Configuration\n    // ============================================================================\n    SPFN_AUTH_JWT_SECRET: {\n        ...envString({\n            description: 'JWT signing secret for server-signed tokens (legacy mode)',\n            default: 'dev-secret-key-change-in-production',\n            required: false,\n            examples: [\n                'your-jwt-secret-key-here',\n                'use-different-from-session-secret',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_JWT_EXPIRES_IN: {\n        ...envString({\n            description: 'JWT token expiration time (e.g., \\'7d\\', \\'24h\\', \\'1h\\')',\n            default: '7d',\n            required: false,\n            examples: ['7d', '24h', '1h', '30m'],\n        }),\n    },\n\n    // ============================================================================\n    // Security Configuration\n    // ============================================================================\n    SPFN_AUTH_BCRYPT_SALT_ROUNDS: {\n        ...envNumber({\n            description: 'Bcrypt salt rounds (cost factor, higher = more secure but slower)',\n            default: 10,\n            required: false,\n            examples: [10, 12, 14],\n        }),\n        key: 'SPFN_AUTH_BCRYPT_SALT_ROUNDS',\n    },\n\n    SPFN_AUTH_VERIFICATION_TOKEN_SECRET: {\n        ...envString({\n            description: 'Verification token secret for email verification, password reset, etc.',\n            required: true,\n            examples: [\n                'your-verification-token-secret',\n                'can-be-different-from-jwt-secret',\n            ],\n        }),\n    },\n\n    // ============================================================================\n    // Admin Account Configuration\n    // ============================================================================\n    SPFN_AUTH_ADMIN_ACCOUNTS: {\n        ...envString({\n            description: 'JSON array of admin accounts (recommended for multiple admins)',\n            required: false,\n            examples: [\n                '[{\"email\":\"admin@example.com\",\"password\":\"secure-pass\",\"role\":\"admin\"}]',\n                '[{\"email\":\"super@example.com\",\"password\":\"pass1\",\"role\":\"superadmin\"},{\"email\":\"admin@example.com\",\"password\":\"pass2\",\"role\":\"admin\"}]',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_ADMIN_EMAILS: {\n        ...envString({\n            description: 'Comma-separated list of admin emails (legacy CSV format)',\n            required: false,\n            examples: [\n                'admin@example.com,user@example.com',\n                'super@example.com,admin@example.com,user@example.com',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_ADMIN_PASSWORDS: {\n        ...envString({\n            description: 'Comma-separated list of admin passwords (legacy CSV format)',\n            required: false,\n            examples: [\n                'admin-pass,user-pass',\n                'super-pass,admin-pass,user-pass',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_ADMIN_ROLES: {\n        ...envString({\n            description: 'Comma-separated list of admin roles (legacy CSV format)',\n            required: false,\n            examples: [\n                'admin,user',\n                'superadmin,admin,user',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_ADMIN_EMAIL: {\n        ...envString({\n            description: 'Single admin email (simplest format)',\n            required: false,\n            examples: ['admin@example.com'],\n        }),\n    },\n\n    SPFN_AUTH_ADMIN_PASSWORD: {\n        ...envString({\n            description: 'Single admin password (simplest format)',\n            required: false,\n            validator: createPasswordParser({\n                minLength: 8,\n                requireUppercase: true,\n                requireLowercase: true,\n                requireNumber: true,\n                requireSpecial: true,\n            }),\n            sensitive: true,\n            examples: ['SecureAdmin123!'],\n        }),\n    },\n\n    // ============================================================================\n    // API Configuration\n    // ============================================================================\n    SPFN_API_URL: {\n        ...envString({\n            description: 'Base API URL for invitation links and other external-facing URLs',\n            default: 'http://localhost:8790',\n            required: false,\n            examples: [\n                'https://api.example.com',\n                'http://localhost:8790',\n            ],\n        }),\n    },\n\n    // ============================================================================\n    // AWS SNS Configuration (SMS)\n    // ============================================================================\n    SPFN_AUTH_AWS_REGION: {\n        ...envString({\n            description: 'AWS region for SNS service',\n            default: 'ap-northeast-2',\n            required: false,\n            examples: ['ap-northeast-2', 'us-east-1', 'eu-west-1'],\n        }),\n    },\n\n    SPFN_AUTH_AWS_SNS_ACCESS_KEY_ID: {\n        ...envString({\n            description: 'AWS SNS access key ID (optional, uses default credentials chain if not provided)',\n            required: false,\n            sensitive: true,\n            examples: ['AKIAIOSFODNN7EXAMPLE'],\n        }),\n    },\n\n    SPFN_AUTH_AWS_SNS_SECRET_ACCESS_KEY: {\n        ...envString({\n            description: 'AWS SNS secret access key (optional, uses default credentials chain if not provided)',\n            required: false,\n            sensitive: true,\n            examples: ['wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY'],\n        }),\n    },\n\n    SPFN_AUTH_AWS_SNS_SENDER_ID: {\n        ...envString({\n            description: 'SMS sender ID displayed to recipients (max 11 characters, alphanumeric)',\n            required: false,\n            examples: ['MyApp', 'YourBrand'],\n        }),\n    },\n\n    // ============================================================================\n    // AWS SES Configuration (Email)\n    // ============================================================================\n    SPFN_AUTH_AWS_SES_ACCESS_KEY_ID: {\n        ...envString({\n            description: 'AWS SES access key ID (optional, uses default credentials chain if not provided)',\n            required: false,\n            sensitive: true,\n            examples: ['AKIAIOSFODNN7EXAMPLE'],\n        }),\n    },\n\n    SPFN_AUTH_AWS_SES_SECRET_ACCESS_KEY: {\n        ...envString({\n            description: 'AWS SES secret access key (optional, uses default credentials chain if not provided)',\n            required: false,\n            sensitive: true,\n            examples: ['wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY'],\n        }),\n    },\n\n    SPFN_AUTH_AWS_SES_FROM_EMAIL: {\n        ...envString({\n            description: 'Sender email address (must be verified in AWS SES)',\n            required: false,\n            examples: ['noreply@example.com', 'auth@yourdomain.com'],\n        }),\n    },\n\n    SPFN_AUTH_AWS_SES_FROM_NAME: {\n        ...envString({\n            description: 'Sender display name',\n            required: false,\n            examples: ['MyApp', 'Your Company'],\n        }),\n    },\n});"],"mappings":";AAcA,SAAS,yBAAyB;;;ACLlC;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AAoBA,IAAM,gBAAgB,gBAAgB;AAAA;AAAA;AAAA;AAAA,EAIzC,0BAA0B;AAAA,IACtB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,cAAc,CAAC,gBAAgB;AAAA,MAC/B,WAAW,yBAAyB;AAAA,QAChC,WAAW;AAAA,QACX,gBAAgB;AAAA,QAChB,YAAY;AAAA,MAChB,CAAC;AAAA,MACD,WAAW;AAAA,MACX,QAAQ;AAAA;AAAA,MACR,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,uBAAuB;AAAA,IACnB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,SAAS;AAAA,MACT,UAAU;AAAA,MACV,QAAQ;AAAA;AAAA,MACR,UAAU,CAAC,MAAM,OAAO,OAAO,OAAO,MAAM;AAAA,IAChD,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA,EAKA,sBAAsB;AAAA,IAClB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,SAAS;AAAA,MACT,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,0BAA0B;AAAA,IACtB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,SAAS;AAAA,MACT,UAAU;AAAA,MACV,UAAU,CAAC,MAAM,OAAO,MAAM,KAAK;AAAA,IACvC,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA,EAKA,8BAA8B;AAAA,IAC1B,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,SAAS;AAAA,MACT,UAAU;AAAA,MACV,UAAU,CAAC,IAAI,IAAI,EAAE;AAAA,IACzB,CAAC;AAAA,IACD,KAAK;AAAA,EACT;AAAA,EAEA,qCAAqC;AAAA,IACjC,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA,EAKA,0BAA0B;AAAA,IACtB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,wBAAwB;AAAA,IACpB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,2BAA2B;AAAA,IACvB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,uBAAuB;AAAA,IACnB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,uBAAuB;AAAA,IACnB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU,CAAC,mBAAmB;AAAA,IAClC,CAAC;AAAA,EACL;AAAA,EAEA,0BAA0B;AAAA,IACtB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,WAAW,qBAAqB;AAAA,QAC5B,WAAW;AAAA,QACX,kBAAkB;AAAA,QAClB,kBAAkB;AAAA,QAClB,eAAe;AAAA,QACf,gBAAgB;AAAA,MACpB,CAAC;AAAA,MACD,WAAW;AAAA,MACX,UAAU,CAAC,iBAAiB;AAAA,IAChC,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA,EAKA,cAAc;AAAA,IACV,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,SAAS;AAAA,MACT,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA,EAKA,sBAAsB;AAAA,IAClB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,SAAS;AAAA,MACT,UAAU;AAAA,MACV,UAAU,CAAC,kBAAkB,aAAa,WAAW;AAAA,IACzD,CAAC;AAAA,EACL;AAAA,EAEA,iCAAiC;AAAA,IAC7B,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,WAAW;AAAA,MACX,UAAU,CAAC,sBAAsB;AAAA,IACrC,CAAC;AAAA,EACL;AAAA,EAEA,qCAAqC;AAAA,IACjC,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,WAAW;AAAA,MACX,UAAU,CAAC,0CAA0C;AAAA,IACzD,CAAC;AAAA,EACL;AAAA,EAEA,6BAA6B;AAAA,IACzB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU,CAAC,SAAS,WAAW;AAAA,IACnC,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA,EAKA,iCAAiC;AAAA,IAC7B,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,WAAW;AAAA,MACX,UAAU,CAAC,sBAAsB;AAAA,IACrC,CAAC;AAAA,EACL;AAAA,EAEA,qCAAqC;AAAA,IACjC,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,WAAW;AAAA,MACX,UAAU,CAAC,0CAA0C;AAAA,IACzD,CAAC;AAAA,EACL;AAAA,EAEA,8BAA8B;AAAA,IAC1B,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU,CAAC,uBAAuB,qBAAqB;AAAA,IAC3D,CAAC;AAAA,EACL;AAAA,EAEA,6BAA6B;AAAA,IACzB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU,CAAC,SAAS,cAAc;AAAA,IACtC,CAAC;AAAA,EACL;AACJ,CAAC;;;AD9PD,IAAM,WAAW,kBAAkB,aAAa;AACzC,IAAM,MAAM,SAAS,SAAS;","names":[]}
+{"version":3,"sources":["../src/config/index.ts","../src/config/schema.ts"],"sourcesContent":["/**\n * Core Package Configuration\n *\n * @example\n * ```typescript\n * import { registry } from '@spfn/core/config';\n *\n * const env = registry.validate();\n * console.log(env.DB_POOL_MAX);\n * ```\n *\n * @module config\n */\n\nimport { createEnvRegistry } from '@spfn/core/env';\nimport { authEnvSchema } from './schema';\n\nexport { authEnvSchema as envSchema } from './schema';\n\n/**\n * Environment registry\n */\nconst registry = createEnvRegistry(authEnvSchema);\nexport const env = registry.validate();","/**\n * Auth Environment Variable Schema\n *\n * Centralized schema definition for all environment variables used in @spfn/auth.\n * This provides type safety, validation, and documentation for Auth configuration.\n *\n * @module config/schema\n */\n\nimport {\n    defineEnvSchema,\n    envString,\n    envNumber,\n    envBoolean,\n    createSecureSecretParser,\n    createPasswordParser,\n} from '@spfn/core/env';\n\n/**\n * Auth environment variable schema\n *\n * Defines all Auth environment variables with:\n * - Type information\n * - Default values\n * - Validation rules\n * - Documentation\n *\n * @example\n * ```typescript\n * import { authEnvSchema } from '@spfn/auth/config';\n *\n * // Access schema information\n * console.log(authEnvSchema.SPFN_AUTH_SESSION_SECRET.description);\n * console.log(authEnvSchema.SPFN_AUTH_JWT_EXPIRES_IN.default);\n * ```\n */\nexport const authEnvSchema = defineEnvSchema({\n    // ============================================================================\n    // Session Configuration\n    // ============================================================================\n    SPFN_AUTH_SESSION_SECRET: {\n        ...envString({\n            description: 'Session encryption secret (minimum 32 characters for AES-256)',\n            required: true,\n            fallbackKeys: ['SESSION_SECRET'],\n            validator: createSecureSecretParser({\n                minLength: 32,\n                minUniqueChars: 16,\n                minEntropy: 3.5,\n            }),\n            sensitive: true,\n            nextjs: true, // Required for Next.js RSC session validation\n            examples: [\n                'my-super-secret-session-key-at-least-32-chars-long',\n                'use-a-cryptographically-secure-random-string-here',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_SESSION_TTL: {\n        ...envString({\n            description: 'Session TTL (time to live) - supports duration strings like \\'7d\\', \\'12h\\', \\'45m\\'',\n            default: '7d',\n            required: false,\n            nextjs: true, // May be needed for session validation in Next.js RSC\n            examples: ['7d', '30d', '12h', '45m', '3600'],\n        }),\n    },\n\n    // ============================================================================\n    // JWT Configuration\n    // ============================================================================\n    SPFN_AUTH_JWT_SECRET: {\n        ...envString({\n            description: 'JWT signing secret for server-signed tokens (legacy mode)',\n            default: 'dev-secret-key-change-in-production',\n            required: false,\n            examples: [\n                'your-jwt-secret-key-here',\n                'use-different-from-session-secret',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_JWT_EXPIRES_IN: {\n        ...envString({\n            description: 'JWT token expiration time (e.g., \\'7d\\', \\'24h\\', \\'1h\\')',\n            default: '7d',\n            required: false,\n            examples: ['7d', '24h', '1h', '30m'],\n        }),\n    },\n\n    // ============================================================================\n    // Security Configuration\n    // ============================================================================\n    SPFN_AUTH_COOKIE_SECURE: {\n        ...envBoolean({\n            description: 'Override cookie Secure flag. Defaults to NODE_ENV === \"production\". Set to false for HTTP-only environments (e.g. bastion over plain HTTP).',\n            required: false,\n            nextjs: true,\n            examples: [true, false],\n        }),\n    },\n\n    SPFN_AUTH_BCRYPT_SALT_ROUNDS: {\n        ...envNumber({\n            description: 'Bcrypt salt rounds (cost factor, higher = more secure but slower)',\n            default: 10,\n            required: false,\n            examples: [10, 12, 14],\n        }),\n        key: 'SPFN_AUTH_BCRYPT_SALT_ROUNDS',\n    },\n\n    SPFN_AUTH_VERIFICATION_TOKEN_SECRET: {\n        ...envString({\n            description: 'Verification token secret for email verification, password reset, etc.',\n            required: true,\n            examples: [\n                'your-verification-token-secret',\n                'can-be-different-from-jwt-secret',\n            ],\n        }),\n    },\n\n    // ============================================================================\n    // Admin Account Configuration\n    // ============================================================================\n    SPFN_AUTH_ADMIN_ACCOUNTS: {\n        ...envString({\n            description: 'JSON array of admin accounts (recommended for multiple admins)',\n            required: false,\n            examples: [\n                '[{\"email\":\"admin@example.com\",\"password\":\"secure-pass\",\"role\":\"admin\"}]',\n                '[{\"email\":\"super@example.com\",\"password\":\"pass1\",\"role\":\"superadmin\"},{\"email\":\"admin@example.com\",\"password\":\"pass2\",\"role\":\"admin\"}]',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_ADMIN_EMAILS: {\n        ...envString({\n            description: 'Comma-separated list of admin emails (legacy CSV format)',\n            required: false,\n            examples: [\n                'admin@example.com,user@example.com',\n                'super@example.com,admin@example.com,user@example.com',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_ADMIN_PASSWORDS: {\n        ...envString({\n            description: 'Comma-separated list of admin passwords (legacy CSV format)',\n            required: false,\n            examples: [\n                'admin-pass,user-pass',\n                'super-pass,admin-pass,user-pass',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_ADMIN_ROLES: {\n        ...envString({\n            description: 'Comma-separated list of admin roles (legacy CSV format)',\n            required: false,\n            examples: [\n                'admin,user',\n                'superadmin,admin,user',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_ADMIN_EMAIL: {\n        ...envString({\n            description: 'Single admin email (simplest format)',\n            required: false,\n            examples: ['admin@example.com'],\n        }),\n    },\n\n    SPFN_AUTH_ADMIN_PASSWORD: {\n        ...envString({\n            description: 'Single admin password (simplest format)',\n            required: false,\n            validator: createPasswordParser({\n                minLength: 8,\n                requireUppercase: true,\n                requireLowercase: true,\n                requireNumber: true,\n                requireSpecial: true,\n            }),\n            sensitive: true,\n            examples: ['SecureAdmin123!'],\n        }),\n    },\n\n    // ============================================================================\n    // Username Configuration\n    // ============================================================================\n    SPFN_AUTH_RESERVED_USERNAMES: {\n        ...envString({\n            description: 'Comma-separated list of reserved usernames that cannot be registered',\n            required: false,\n            default: 'admin,root,system,support,help,moderator,superadmin',\n            examples: [\n                'admin,root,system,support,help',\n                'admin,root,system,support,help,moderator,superadmin,operator',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_USERNAME_MIN_LENGTH: {\n        ...envNumber({\n            description: 'Minimum username length',\n            default: 3,\n            required: false,\n            examples: [2, 3, 4],\n        }),\n    },\n\n    SPFN_AUTH_USERNAME_MAX_LENGTH: {\n        ...envNumber({\n            description: 'Maximum username length',\n            default: 30,\n            required: false,\n            examples: [20, 30, 50],\n        }),\n    },\n\n    // ============================================================================\n    // API Configuration\n    // ============================================================================\n    SPFN_API_URL: {\n        ...envString({\n            description: 'Internal API URL for server-to-server communication',\n            default: 'http://localhost:8790',\n            required: false,\n            examples: [\n                'https://api.example.com',\n                'http://localhost:8790',\n            ],\n        }),\n    },\n\n    NEXT_PUBLIC_SPFN_API_URL: {\n        ...envString({\n            description: 'Public-facing API URL used for browser-facing redirects (e.g. OAuth callback). Falls back to SPFN_API_URL if not set.',\n            required: false,\n            examples: [\n                'https://api.example.com',\n                'http://localhost:8790',\n            ],\n        }),\n    },\n\n    SPFN_APP_URL: {\n        ...envString({\n            description: 'Next.js application URL (internal). Used for server-to-server communication.',\n            default: 'http://localhost:3000',\n            required: false,\n            examples: [\n                'https://app.example.com',\n                'http://localhost:3000',\n            ],\n        }),\n    },\n\n    NEXT_PUBLIC_SPFN_APP_URL: {\n        ...envString({\n            description: 'Public-facing Next.js app URL for browser redirects (e.g. OAuth redirect). Falls back to SPFN_APP_URL if not set.',\n            required: false,\n            examples: [\n                'https://app.example.com',\n                'http://localhost:3000',\n            ],\n        }),\n    },\n\n    // ============================================================================\n    // OAuth Configuration - Google\n    // ============================================================================\n    SPFN_AUTH_GOOGLE_CLIENT_ID: {\n        ...envString({\n            description: 'Google OAuth 2.0 Client ID. When set, Google OAuth routes are automatically enabled.',\n            required: false,\n            examples: ['123456789-abc123.apps.googleusercontent.com'],\n        }),\n    },\n\n    SPFN_AUTH_GOOGLE_CLIENT_SECRET: {\n        ...envString({\n            description: 'Google OAuth 2.0 Client Secret',\n            required: false,\n            sensitive: true,\n            examples: ['GOCSPX-abcdefghijklmnop'],\n        }),\n    },\n\n    SPFN_AUTH_GOOGLE_SCOPES: {\n        ...envString({\n            description: 'Comma-separated Google OAuth scopes. Defaults to \"email,profile\" if not set.',\n            required: false,\n            examples: [\n                'email,profile',\n                'email,profile,https://www.googleapis.com/auth/gmail.readonly',\n                'email,profile,https://www.googleapis.com/auth/calendar.readonly',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_GOOGLE_REDIRECT_URI: {\n        ...envString({\n            description: 'Google OAuth callback URL. Defaults to {NEXT_PUBLIC_SPFN_API_URL || SPFN_API_URL}/_auth/oauth/google/callback',\n            required: false,\n            examples: [\n                'https://api.example.com/_auth/oauth/google/callback',\n                'http://localhost:8790/_auth/oauth/google/callback',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_OAUTH_SUCCESS_URL: {\n        ...envString({\n            description: 'OAuth callback page URL. This page should use OAuthCallback component to finalize session.',\n            required: false,\n            default: '/auth/callback',\n            examples: [\n                '/auth/callback',\n                'https://app.example.com/auth/callback',\n            ],\n        }),\n    },\n\n    SPFN_AUTH_OAUTH_ERROR_URL: {\n        ...envString({\n            description: 'URL to redirect after OAuth error. Use {error} placeholder for error message.',\n            required: false,\n            default: '/auth/error?error={error}',\n            examples: [\n                'https://app.example.com/auth/error?error={error}',\n                'http://localhost:3000/auth/error?error={error}',\n            ],\n        }),\n    },\n});"],"mappings":";AAcA,SAAS,yBAAyB;;;ACLlC;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AAoBA,IAAM,gBAAgB,gBAAgB;AAAA;AAAA;AAAA;AAAA,EAIzC,0BAA0B;AAAA,IACtB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,cAAc,CAAC,gBAAgB;AAAA,MAC/B,WAAW,yBAAyB;AAAA,QAChC,WAAW;AAAA,QACX,gBAAgB;AAAA,QAChB,YAAY;AAAA,MAChB,CAAC;AAAA,MACD,WAAW;AAAA,MACX,QAAQ;AAAA;AAAA,MACR,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,uBAAuB;AAAA,IACnB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,SAAS;AAAA,MACT,UAAU;AAAA,MACV,QAAQ;AAAA;AAAA,MACR,UAAU,CAAC,MAAM,OAAO,OAAO,OAAO,MAAM;AAAA,IAChD,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA,EAKA,sBAAsB;AAAA,IAClB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,SAAS;AAAA,MACT,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,0BAA0B;AAAA,IACtB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,SAAS;AAAA,MACT,UAAU;AAAA,MACV,UAAU,CAAC,MAAM,OAAO,MAAM,KAAK;AAAA,IACvC,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA,EAKA,yBAAyB;AAAA,IACrB,GAAG,WAAW;AAAA,MACV,aAAa;AAAA,MACb,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,UAAU,CAAC,MAAM,KAAK;AAAA,IAC1B,CAAC;AAAA,EACL;AAAA,EAEA,8BAA8B;AAAA,IAC1B,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,SAAS;AAAA,MACT,UAAU;AAAA,MACV,UAAU,CAAC,IAAI,IAAI,EAAE;AAAA,IACzB,CAAC;AAAA,IACD,KAAK;AAAA,EACT;AAAA,EAEA,qCAAqC;AAAA,IACjC,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA,EAKA,0BAA0B;AAAA,IACtB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,wBAAwB;AAAA,IACpB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,2BAA2B;AAAA,IACvB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,uBAAuB;AAAA,IACnB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,uBAAuB;AAAA,IACnB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU,CAAC,mBAAmB;AAAA,IAClC,CAAC;AAAA,EACL;AAAA,EAEA,0BAA0B;AAAA,IACtB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,WAAW,qBAAqB;AAAA,QAC5B,WAAW;AAAA,QACX,kBAAkB;AAAA,QAClB,kBAAkB;AAAA,QAClB,eAAe;AAAA,QACf,gBAAgB;AAAA,MACpB,CAAC;AAAA,MACD,WAAW;AAAA,MACX,UAAU,CAAC,iBAAiB;AAAA,IAChC,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA,EAKA,8BAA8B;AAAA,IAC1B,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,SAAS;AAAA,MACT,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,+BAA+B;AAAA,IAC3B,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,SAAS;AAAA,MACT,UAAU;AAAA,MACV,UAAU,CAAC,GAAG,GAAG,CAAC;AAAA,IACtB,CAAC;AAAA,EACL;AAAA,EAEA,+BAA+B;AAAA,IAC3B,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,SAAS;AAAA,MACT,UAAU;AAAA,MACV,UAAU,CAAC,IAAI,IAAI,EAAE;AAAA,IACzB,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA,EAKA,cAAc;AAAA,IACV,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,SAAS;AAAA,MACT,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,0BAA0B;AAAA,IACtB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,cAAc;AAAA,IACV,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,SAAS;AAAA,MACT,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,0BAA0B;AAAA,IACtB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA,EAKA,4BAA4B;AAAA,IACxB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU,CAAC,6CAA6C;AAAA,IAC5D,CAAC;AAAA,EACL;AAAA,EAEA,gCAAgC;AAAA,IAC5B,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,WAAW;AAAA,MACX,UAAU,CAAC,yBAAyB;AAAA,IACxC,CAAC;AAAA,EACL;AAAA,EAEA,yBAAyB;AAAA,IACrB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,+BAA+B;AAAA,IAC3B,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,6BAA6B;AAAA,IACzB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,SAAS;AAAA,MACT,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,2BAA2B;AAAA,IACvB,GAAG,UAAU;AAAA,MACT,aAAa;AAAA,MACb,UAAU;AAAA,MACV,SAAS;AAAA,MACT,UAAU;AAAA,QACN;AAAA,QACA;AAAA,MACJ;AAAA,IACJ,CAAC;AAAA,EACL;AACJ,CAAC;;;ADnUD,IAAM,WAAW,kBAAkB,aAAa;AACzC,IAAM,MAAM,SAAS,SAAS;","names":[]}

package/dist/errors.d.ts

@@ -132,6 +132,30 @@ declare class VerificationTokenTargetMismatchError extends ValidationError {
         details?: Record<string, any>;
     });
 }
+/**
+ * Reserved Username Error (400)
+ *
+ * Thrown when trying to use a reserved/prohibited username
+ */
+declare class ReservedUsernameError extends ValidationError {
+    constructor(data?: {
+        username?: string;
+        message?: string;
+        details?: Record<string, any>;
+    });
+}
+/**
+ * Username Already Taken Error (409)
+ *
+ * Thrown when trying to set a username that is already in use
+ */
+declare class UsernameAlreadyTakenError extends ConflictError {
+    constructor(data?: {
+        username?: string;
+        message?: string;
+        details?: Record<string, any>;
+    });
+}
 /**
  * Insufficient Permissions Error (403)
  *
@@ -177,14 +201,18 @@ type authErrors_InvalidVerificationTokenError = InvalidVerificationTokenError;
 declare const authErrors_InvalidVerificationTokenError: typeof InvalidVerificationTokenError;
 type authErrors_KeyExpiredError = KeyExpiredError;
 declare const authErrors_KeyExpiredError: typeof KeyExpiredError;
+type authErrors_ReservedUsernameError = ReservedUsernameError;
+declare const authErrors_ReservedUsernameError: typeof ReservedUsernameError;
 type authErrors_TokenExpiredError = TokenExpiredError;
 declare const authErrors_TokenExpiredError: typeof TokenExpiredError;
+type authErrors_UsernameAlreadyTakenError = UsernameAlreadyTakenError;
+declare const authErrors_UsernameAlreadyTakenError: typeof UsernameAlreadyTakenError;
 type authErrors_VerificationTokenPurposeMismatchError = VerificationTokenPurposeMismatchError;
 declare const authErrors_VerificationTokenPurposeMismatchError: typeof VerificationTokenPurposeMismatchError;
 type authErrors_VerificationTokenTargetMismatchError = VerificationTokenTargetMismatchError;
 declare const authErrors_VerificationTokenTargetMismatchError: typeof VerificationTokenTargetMismatchError;
 declare namespace authErrors {
-  export { authErrors_AccountAlreadyExistsError as AccountAlreadyExistsError, authErrors_AccountDisabledError as AccountDisabledError, authErrors_InsufficientPermissionsError as InsufficientPermissionsError, authErrors_InsufficientRoleError as InsufficientRoleError, authErrors_InvalidCredentialsError as InvalidCredentialsError, authErrors_InvalidKeyFingerprintError as InvalidKeyFingerprintError, authErrors_InvalidTokenError as InvalidTokenError, authErrors_InvalidVerificationCodeError as InvalidVerificationCodeError, authErrors_InvalidVerificationTokenError as InvalidVerificationTokenError, authErrors_KeyExpiredError as KeyExpiredError, authErrors_TokenExpiredError as TokenExpiredError, authErrors_VerificationTokenPurposeMismatchError as VerificationTokenPurposeMismatchError, authErrors_VerificationTokenTargetMismatchError as VerificationTokenTargetMismatchError };
+  export { authErrors_AccountAlreadyExistsError as AccountAlreadyExistsError, authErrors_AccountDisabledError as AccountDisabledError, authErrors_InsufficientPermissionsError as InsufficientPermissionsError, authErrors_InsufficientRoleError as InsufficientRoleError, authErrors_InvalidCredentialsError as InvalidCredentialsError, authErrors_InvalidKeyFingerprintError as InvalidKeyFingerprintError, authErrors_InvalidTokenError as InvalidTokenError, authErrors_InvalidVerificationCodeError as InvalidVerificationCodeError, authErrors_InvalidVerificationTokenError as InvalidVerificationTokenError, authErrors_KeyExpiredError as KeyExpiredError, authErrors_ReservedUsernameError as ReservedUsernameError, authErrors_TokenExpiredError as TokenExpiredError, authErrors_UsernameAlreadyTakenError as UsernameAlreadyTakenError, authErrors_VerificationTokenPurposeMismatchError as VerificationTokenPurposeMismatchError, authErrors_VerificationTokenTargetMismatchError as VerificationTokenTargetMismatchError };
 }
 
 /**
@@ -193,4 +221,4 @@ declare namespace authErrors {
 
 declare const authErrorRegistry: ErrorRegistry;
 
-export { AccountAlreadyExistsError, AccountDisabledError, authErrors as AuthError, InsufficientPermissionsError, InsufficientRoleError, InvalidCredentialsError, InvalidKeyFingerprintError, InvalidTokenError, InvalidVerificationCodeError, InvalidVerificationTokenError, KeyExpiredError, TokenExpiredError, VerificationTokenPurposeMismatchError, VerificationTokenTargetMismatchError, authErrorRegistry };
+export { AccountAlreadyExistsError, AccountDisabledError, authErrors as AuthError, InsufficientPermissionsError, InsufficientRoleError, InvalidCredentialsError, InvalidKeyFingerprintError, InvalidTokenError, InvalidVerificationCodeError, InvalidVerificationTokenError, KeyExpiredError, ReservedUsernameError, TokenExpiredError, UsernameAlreadyTakenError, VerificationTokenPurposeMismatchError, VerificationTokenTargetMismatchError, authErrorRegistry };

package/dist/errors.js

@@ -20,7 +20,9 @@ __export(auth_errors_exports, {
   InvalidVerificationCodeError: () => InvalidVerificationCodeError,
   InvalidVerificationTokenError: () => InvalidVerificationTokenError,
   KeyExpiredError: () => KeyExpiredError,
+  ReservedUsernameError: () => ReservedUsernameError,
   TokenExpiredError: () => TokenExpiredError,
+  UsernameAlreadyTakenError: () => UsernameAlreadyTakenError,
   VerificationTokenPurposeMismatchError: () => VerificationTokenPurposeMismatchError,
   VerificationTokenTargetMismatchError: () => VerificationTokenTargetMismatchError
 });
@@ -115,6 +117,24 @@ var VerificationTokenTargetMismatchError = class extends ValidationError {
     this.name = "VerificationTokenTargetMismatchError";
   }
 };
+var ReservedUsernameError = class extends ValidationError {
+  constructor(data = {}) {
+    super({
+      message: data.message || "This username is reserved",
+      details: { username: data.username, ...data.details }
+    });
+    this.name = "ReservedUsernameError";
+  }
+};
+var UsernameAlreadyTakenError = class extends ConflictError {
+  constructor(data = {}) {
+    super({
+      message: data.message || "Username is already taken",
+      details: { username: data.username, ...data.details }
+    });
+    this.name = "UsernameAlreadyTakenError";
+  }
+};
 var InsufficientPermissionsError = class extends ForbiddenError {
   constructor(data = {}) {
     const requiredPermissions = data.requiredPermissions || [];
@@ -145,6 +165,8 @@ authErrorRegistry.append([
   KeyExpiredError,
   AccountDisabledError,
   AccountAlreadyExistsError,
+  ReservedUsernameError,
+  UsernameAlreadyTakenError,
   InvalidVerificationCodeError,
   InvalidVerificationTokenError,
   InvalidKeyFingerprintError,
@@ -165,7 +187,9 @@ export {
   InvalidVerificationCodeError,
   InvalidVerificationTokenError,
   KeyExpiredError,
+  ReservedUsernameError,
   TokenExpiredError,
+  UsernameAlreadyTakenError,
   VerificationTokenPurposeMismatchError,
   VerificationTokenTargetMismatchError,
   authErrorRegistry

package/dist/errors.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/errors/index.ts","../src/errors/auth-errors.ts"],"sourcesContent":["/**\n * Auth Error Exports\n */\n\nimport { ErrorRegistry } from \"@spfn/core/errors\";\n\nimport {\n    InvalidCredentialsError,\n    InvalidTokenError,\n    TokenExpiredError,\n    KeyExpiredError,\n    AccountDisabledError,\n    AccountAlreadyExistsError,\n    InvalidVerificationCodeError,\n    InvalidVerificationTokenError,\n    InvalidKeyFingerprintError,\n    VerificationTokenPurposeMismatchError,\n    VerificationTokenTargetMismatchError,\n    InsufficientPermissionsError,\n    InsufficientRoleError,\n} from './auth-errors';\n\nexport {\n    InvalidCredentialsError,\n    InvalidTokenError,\n    TokenExpiredError,\n    KeyExpiredError,\n    AccountDisabledError,\n    AccountAlreadyExistsError,\n    InvalidVerificationCodeError,\n    InvalidVerificationTokenError,\n    InvalidKeyFingerprintError,\n    VerificationTokenPurposeMismatchError,\n    VerificationTokenTargetMismatchError,\n    InsufficientPermissionsError,\n    InsufficientRoleError,\n} from './auth-errors';\n\nexport const authErrorRegistry = new ErrorRegistry();\nauthErrorRegistry.append([\n    InvalidCredentialsError,\n    InvalidTokenError,\n    TokenExpiredError,\n    KeyExpiredError,\n    AccountDisabledError,\n    AccountAlreadyExistsError,\n    InvalidVerificationCodeError,\n    InvalidVerificationTokenError,\n    InvalidKeyFingerprintError,\n    VerificationTokenPurposeMismatchError,\n    VerificationTokenTargetMismatchError,\n    InsufficientPermissionsError,\n    InsufficientRoleError,\n]);\n\nexport * as AuthError from './auth-errors';","/**\n * Authentication & Authorization Error Classes\n *\n * Custom error classes for auth-specific scenarios\n */\n\nimport {\n    ValidationError,\n    UnauthorizedError,\n    ForbiddenError,\n    ConflictError\n} from '@spfn/core/errors';\n\n/**\n * Invalid Credentials Error (401)\n *\n * Thrown when login credentials are incorrect\n */\nexport class InvalidCredentialsError extends UnauthorizedError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({ message: data.message || 'Invalid credentials', details: data.details });\n        this.name = 'InvalidCredentialsError';\n    }\n}\n\n/**\n * Invalid Token Error (401)\n *\n * Thrown when authentication token is invalid or malformed\n */\nexport class InvalidTokenError extends UnauthorizedError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({ message: data.message || 'Invalid authentication token', details: data.details });\n        this.name = 'InvalidTokenError';\n    }\n}\n\n/**\n * Token Expired Error (401)\n *\n * Thrown when authentication token has expired\n */\nexport class TokenExpiredError extends UnauthorizedError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({ message: data.message || 'Authentication token has expired', details: data.details });\n        this.name = 'TokenExpiredError';\n    }\n}\n\n/**\n * Key Expired Error (401)\n *\n * Thrown when public key has expired\n */\nexport class KeyExpiredError extends UnauthorizedError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({ message: data.message || 'Public key has expired', details: data.details });\n        this.name = 'KeyExpiredError';\n    }\n}\n\n/**\n * Account Disabled Error (403)\n *\n * Thrown when user account is disabled or inactive\n */\nexport class AccountDisabledError extends ForbiddenError\n{\n    constructor(data: { status?: string; message?: string; details?: Record<string, any> } = {})\n    {\n        const status = data.status || 'disabled';\n        super({\n            message: data.message || `Account is ${status}`,\n            details: { status, ...data.details }\n        });\n        this.name = 'AccountDisabledError';\n    }\n}\n\n/**\n * Account Already Exists Error (409)\n *\n * Thrown when trying to register with existing email/phone\n */\nexport class AccountAlreadyExistsError extends ConflictError\n{\n    constructor(data: { identifier?: string; identifierType?: 'email' | 'phone'; message?: string; details?: Record<string, any> } = {})\n    {\n        super({\n            message: data.message || 'Account already exists',\n            details: {\n                identifier: data.identifier,\n                identifierType: data.identifierType,\n                ...data.details\n            }\n        });\n        this.name = 'AccountAlreadyExistsError';\n    }\n}\n\n/**\n * Invalid Verification Code Error (400)\n *\n * Thrown when verification code is invalid, expired, or already used\n */\nexport class InvalidVerificationCodeError extends ValidationError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({ message: data.message || 'Invalid verification code', details: data.details });\n        this.name = 'InvalidVerificationCodeError';\n    }\n}\n\n/**\n * Invalid Verification Token Error (400)\n *\n * Thrown when verification token is invalid or expired\n */\nexport class InvalidVerificationTokenError extends ValidationError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({ message: data.message || 'Invalid or expired verification token', details: data.details });\n        this.name = 'InvalidVerificationTokenError';\n    }\n}\n\n/**\n * Invalid Key Fingerprint Error (400)\n *\n * Thrown when public key fingerprint doesn't match the public key\n */\nexport class InvalidKeyFingerprintError extends ValidationError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({ message: data.message || 'Invalid key fingerprint', details: data.details });\n        this.name = 'InvalidKeyFingerprintError';\n    }\n}\n\n/**\n * Verification Token Purpose Mismatch Error (400)\n *\n * Thrown when verification token purpose doesn't match expected purpose\n */\nexport class VerificationTokenPurposeMismatchError extends ValidationError\n{\n    constructor(data: { expected?: string; actual?: string; message?: string; details?: Record<string, any> } = {})\n    {\n        const expected = data.expected || 'unknown';\n        const actual = data.actual || 'unknown';\n        super({\n            message: data.message || `Verification token is for ${actual}, but ${expected} was expected`,\n            details: { expected, actual, ...data.details }\n        });\n        this.name = 'VerificationTokenPurposeMismatchError';\n    }\n}\n\n/**\n * Verification Token Target Mismatch Error (400)\n *\n * Thrown when verification token target doesn't match provided email/phone\n */\nexport class VerificationTokenTargetMismatchError extends ValidationError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({\n            message: data.message || 'Verification token does not match provided email/phone',\n            details: data.details\n        });\n        this.name = 'VerificationTokenTargetMismatchError';\n    }\n}\n\n/**\n * Insufficient Permissions Error (403)\n *\n * Thrown when user lacks required permissions for the operation\n */\nexport class InsufficientPermissionsError extends ForbiddenError\n{\n    constructor(data: { requiredPermissions?: string[]; message?: string; details?: Record<string, any> } = {})\n    {\n        const requiredPermissions = data.requiredPermissions || [];\n        super({\n            message: data.message || `Missing required permissions: ${requiredPermissions.join(', ')}`,\n            details: { requiredPermissions, ...data.details }\n        });\n        this.name = 'InsufficientPermissionsError';\n    }\n}\n\n/**\n * Insufficient Role Error (403)\n *\n * Thrown when user lacks required role for the operation\n */\nexport class InsufficientRoleError extends ForbiddenError\n{\n    constructor(data: { requiredRoles?: string[]; message?: string; details?: Record<string, any> } = {})\n    {\n        const requiredRoles = data.requiredRoles || [];\n        super({\n            message: data.message || `Required roles: ${requiredRoles.join(', ')}`,\n            details: { requiredRoles, ...data.details }\n        });\n        this.name = 'InsufficientRoleError';\n    }\n}"],"mappings":";;;;;;;AAIA,SAAS,qBAAqB;;;ACJ9B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AAOA,IAAM,0BAAN,cAAsC,kBAC7C;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,uBAAuB,SAAS,KAAK,QAAQ,CAAC;AAC/E,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,oBAAN,cAAgC,kBACvC;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,gCAAgC,SAAS,KAAK,QAAQ,CAAC;AACxF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,oBAAN,cAAgC,kBACvC;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,oCAAoC,SAAS,KAAK,QAAQ,CAAC;AAC5F,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,kBAAN,cAA8B,kBACrC;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,0BAA0B,SAAS,KAAK,QAAQ,CAAC;AAClF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,uBAAN,cAAmC,eAC1C;AAAA,EACI,YAAY,OAA6E,CAAC,GAC1F;AACI,UAAM,SAAS,KAAK,UAAU;AAC9B,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,cAAc,MAAM;AAAA,MAC7C,SAAS,EAAE,QAAQ,GAAG,KAAK,QAAQ;AAAA,IACvC,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,4BAAN,cAAwC,cAC/C;AAAA,EACI,YAAY,OAAqH,CAAC,GAClI;AACI,UAAM;AAAA,MACF,SAAS,KAAK,WAAW;AAAA,MACzB,SAAS;AAAA,QACL,YAAY,KAAK;AAAA,QACjB,gBAAgB,KAAK;AAAA,QACrB,GAAG,KAAK;AAAA,MACZ;AAAA,IACJ,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,+BAAN,cAA2C,gBAClD;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,6BAA6B,SAAS,KAAK,QAAQ,CAAC;AACrF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,gCAAN,cAA4C,gBACnD;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,yCAAyC,SAAS,KAAK,QAAQ,CAAC;AACjG,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,6BAAN,cAAyC,gBAChD;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,2BAA2B,SAAS,KAAK,QAAQ,CAAC;AACnF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,wCAAN,cAAoD,gBAC3D;AAAA,EACI,YAAY,OAAgG,CAAC,GAC7G;AACI,UAAM,WAAW,KAAK,YAAY;AAClC,UAAM,SAAS,KAAK,UAAU;AAC9B,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,6BAA6B,MAAM,SAAS,QAAQ;AAAA,MAC7E,SAAS,EAAE,UAAU,QAAQ,GAAG,KAAK,QAAQ;AAAA,IACjD,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,uCAAN,cAAmD,gBAC1D;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM;AAAA,MACF,SAAS,KAAK,WAAW;AAAA,MACzB,SAAS,KAAK;AAAA,IAClB,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,+BAAN,cAA2C,eAClD;AAAA,EACI,YAAY,OAA4F,CAAC,GACzG;AACI,UAAM,sBAAsB,KAAK,uBAAuB,CAAC;AACzD,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,iCAAiC,oBAAoB,KAAK,IAAI,CAAC;AAAA,MACxF,SAAS,EAAE,qBAAqB,GAAG,KAAK,QAAQ;AAAA,IACpD,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,wBAAN,cAAoC,eAC3C;AAAA,EACI,YAAY,OAAsF,CAAC,GACnG;AACI,UAAM,gBAAgB,KAAK,iBAAiB,CAAC;AAC7C,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,mBAAmB,cAAc,KAAK,IAAI,CAAC;AAAA,MACpE,SAAS,EAAE,eAAe,GAAG,KAAK,QAAQ;AAAA,IAC9C,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;;;ADtLO,IAAM,oBAAoB,IAAI,cAAc;AACnD,kBAAkB,OAAO;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACJ,CAAC;","names":[]}
+{"version":3,"sources":["../src/errors/index.ts","../src/errors/auth-errors.ts"],"sourcesContent":["/**\n * Auth Error Exports\n */\n\nimport { ErrorRegistry } from \"@spfn/core/errors\";\n\nimport {\n    InvalidCredentialsError,\n    InvalidTokenError,\n    TokenExpiredError,\n    KeyExpiredError,\n    AccountDisabledError,\n    AccountAlreadyExistsError,\n    ReservedUsernameError,\n    UsernameAlreadyTakenError,\n    InvalidVerificationCodeError,\n    InvalidVerificationTokenError,\n    InvalidKeyFingerprintError,\n    VerificationTokenPurposeMismatchError,\n    VerificationTokenTargetMismatchError,\n    InsufficientPermissionsError,\n    InsufficientRoleError,\n} from './auth-errors';\n\nexport {\n    InvalidCredentialsError,\n    InvalidTokenError,\n    TokenExpiredError,\n    KeyExpiredError,\n    AccountDisabledError,\n    AccountAlreadyExistsError,\n    ReservedUsernameError,\n    UsernameAlreadyTakenError,\n    InvalidVerificationCodeError,\n    InvalidVerificationTokenError,\n    InvalidKeyFingerprintError,\n    VerificationTokenPurposeMismatchError,\n    VerificationTokenTargetMismatchError,\n    InsufficientPermissionsError,\n    InsufficientRoleError,\n} from './auth-errors';\n\nexport const authErrorRegistry = new ErrorRegistry();\nauthErrorRegistry.append([\n    InvalidCredentialsError,\n    InvalidTokenError,\n    TokenExpiredError,\n    KeyExpiredError,\n    AccountDisabledError,\n    AccountAlreadyExistsError,\n    ReservedUsernameError,\n    UsernameAlreadyTakenError,\n    InvalidVerificationCodeError,\n    InvalidVerificationTokenError,\n    InvalidKeyFingerprintError,\n    VerificationTokenPurposeMismatchError,\n    VerificationTokenTargetMismatchError,\n    InsufficientPermissionsError,\n    InsufficientRoleError,\n]);\n\nexport * as AuthError from './auth-errors';","/**\n * Authentication & Authorization Error Classes\n *\n * Custom error classes for auth-specific scenarios\n */\n\nimport {\n    ValidationError,\n    UnauthorizedError,\n    ForbiddenError,\n    ConflictError\n} from '@spfn/core/errors';\n\n/**\n * Invalid Credentials Error (401)\n *\n * Thrown when login credentials are incorrect\n */\nexport class InvalidCredentialsError extends UnauthorizedError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({ message: data.message || 'Invalid credentials', details: data.details });\n        this.name = 'InvalidCredentialsError';\n    }\n}\n\n/**\n * Invalid Token Error (401)\n *\n * Thrown when authentication token is invalid or malformed\n */\nexport class InvalidTokenError extends UnauthorizedError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({ message: data.message || 'Invalid authentication token', details: data.details });\n        this.name = 'InvalidTokenError';\n    }\n}\n\n/**\n * Token Expired Error (401)\n *\n * Thrown when authentication token has expired\n */\nexport class TokenExpiredError extends UnauthorizedError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({ message: data.message || 'Authentication token has expired', details: data.details });\n        this.name = 'TokenExpiredError';\n    }\n}\n\n/**\n * Key Expired Error (401)\n *\n * Thrown when public key has expired\n */\nexport class KeyExpiredError extends UnauthorizedError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({ message: data.message || 'Public key has expired', details: data.details });\n        this.name = 'KeyExpiredError';\n    }\n}\n\n/**\n * Account Disabled Error (403)\n *\n * Thrown when user account is disabled or inactive\n */\nexport class AccountDisabledError extends ForbiddenError\n{\n    constructor(data: { status?: string; message?: string; details?: Record<string, any> } = {})\n    {\n        const status = data.status || 'disabled';\n        super({\n            message: data.message || `Account is ${status}`,\n            details: { status, ...data.details }\n        });\n        this.name = 'AccountDisabledError';\n    }\n}\n\n/**\n * Account Already Exists Error (409)\n *\n * Thrown when trying to register with existing email/phone\n */\nexport class AccountAlreadyExistsError extends ConflictError\n{\n    constructor(data: { identifier?: string; identifierType?: 'email' | 'phone'; message?: string; details?: Record<string, any> } = {})\n    {\n        super({\n            message: data.message || 'Account already exists',\n            details: {\n                identifier: data.identifier,\n                identifierType: data.identifierType,\n                ...data.details\n            }\n        });\n        this.name = 'AccountAlreadyExistsError';\n    }\n}\n\n/**\n * Invalid Verification Code Error (400)\n *\n * Thrown when verification code is invalid, expired, or already used\n */\nexport class InvalidVerificationCodeError extends ValidationError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({ message: data.message || 'Invalid verification code', details: data.details });\n        this.name = 'InvalidVerificationCodeError';\n    }\n}\n\n/**\n * Invalid Verification Token Error (400)\n *\n * Thrown when verification token is invalid or expired\n */\nexport class InvalidVerificationTokenError extends ValidationError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({ message: data.message || 'Invalid or expired verification token', details: data.details });\n        this.name = 'InvalidVerificationTokenError';\n    }\n}\n\n/**\n * Invalid Key Fingerprint Error (400)\n *\n * Thrown when public key fingerprint doesn't match the public key\n */\nexport class InvalidKeyFingerprintError extends ValidationError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({ message: data.message || 'Invalid key fingerprint', details: data.details });\n        this.name = 'InvalidKeyFingerprintError';\n    }\n}\n\n/**\n * Verification Token Purpose Mismatch Error (400)\n *\n * Thrown when verification token purpose doesn't match expected purpose\n */\nexport class VerificationTokenPurposeMismatchError extends ValidationError\n{\n    constructor(data: { expected?: string; actual?: string; message?: string; details?: Record<string, any> } = {})\n    {\n        const expected = data.expected || 'unknown';\n        const actual = data.actual || 'unknown';\n        super({\n            message: data.message || `Verification token is for ${actual}, but ${expected} was expected`,\n            details: { expected, actual, ...data.details }\n        });\n        this.name = 'VerificationTokenPurposeMismatchError';\n    }\n}\n\n/**\n * Verification Token Target Mismatch Error (400)\n *\n * Thrown when verification token target doesn't match provided email/phone\n */\nexport class VerificationTokenTargetMismatchError extends ValidationError\n{\n    constructor(data: { message?: string; details?: Record<string, any> } = {})\n    {\n        super({\n            message: data.message || 'Verification token does not match provided email/phone',\n            details: data.details\n        });\n        this.name = 'VerificationTokenTargetMismatchError';\n    }\n}\n\n/**\n * Reserved Username Error (400)\n *\n * Thrown when trying to use a reserved/prohibited username\n */\nexport class ReservedUsernameError extends ValidationError\n{\n    constructor(data: { username?: string; message?: string; details?: Record<string, any> } = {})\n    {\n        super({\n            message: data.message || 'This username is reserved',\n            details: { username: data.username, ...data.details }\n        });\n        this.name = 'ReservedUsernameError';\n    }\n}\n\n/**\n * Username Already Taken Error (409)\n *\n * Thrown when trying to set a username that is already in use\n */\nexport class UsernameAlreadyTakenError extends ConflictError\n{\n    constructor(data: { username?: string; message?: string; details?: Record<string, any> } = {})\n    {\n        super({\n            message: data.message || 'Username is already taken',\n            details: { username: data.username, ...data.details }\n        });\n        this.name = 'UsernameAlreadyTakenError';\n    }\n}\n\n/**\n * Insufficient Permissions Error (403)\n *\n * Thrown when user lacks required permissions for the operation\n */\nexport class InsufficientPermissionsError extends ForbiddenError\n{\n    constructor(data: { requiredPermissions?: string[]; message?: string; details?: Record<string, any> } = {})\n    {\n        const requiredPermissions = data.requiredPermissions || [];\n        super({\n            message: data.message || `Missing required permissions: ${requiredPermissions.join(', ')}`,\n            details: { requiredPermissions, ...data.details }\n        });\n        this.name = 'InsufficientPermissionsError';\n    }\n}\n\n/**\n * Insufficient Role Error (403)\n *\n * Thrown when user lacks required role for the operation\n */\nexport class InsufficientRoleError extends ForbiddenError\n{\n    constructor(data: { requiredRoles?: string[]; message?: string; details?: Record<string, any> } = {})\n    {\n        const requiredRoles = data.requiredRoles || [];\n        super({\n            message: data.message || `Required roles: ${requiredRoles.join(', ')}`,\n            details: { requiredRoles, ...data.details }\n        });\n        this.name = 'InsufficientRoleError';\n    }\n}"],"mappings":";;;;;;;AAIA,SAAS,qBAAqB;;;ACJ9B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AAOA,IAAM,0BAAN,cAAsC,kBAC7C;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,uBAAuB,SAAS,KAAK,QAAQ,CAAC;AAC/E,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,oBAAN,cAAgC,kBACvC;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,gCAAgC,SAAS,KAAK,QAAQ,CAAC;AACxF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,oBAAN,cAAgC,kBACvC;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,oCAAoC,SAAS,KAAK,QAAQ,CAAC;AAC5F,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,kBAAN,cAA8B,kBACrC;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,0BAA0B,SAAS,KAAK,QAAQ,CAAC;AAClF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,uBAAN,cAAmC,eAC1C;AAAA,EACI,YAAY,OAA6E,CAAC,GAC1F;AACI,UAAM,SAAS,KAAK,UAAU;AAC9B,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,cAAc,MAAM;AAAA,MAC7C,SAAS,EAAE,QAAQ,GAAG,KAAK,QAAQ;AAAA,IACvC,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,4BAAN,cAAwC,cAC/C;AAAA,EACI,YAAY,OAAqH,CAAC,GAClI;AACI,UAAM;AAAA,MACF,SAAS,KAAK,WAAW;AAAA,MACzB,SAAS;AAAA,QACL,YAAY,KAAK;AAAA,QACjB,gBAAgB,KAAK;AAAA,QACrB,GAAG,KAAK;AAAA,MACZ;AAAA,IACJ,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,+BAAN,cAA2C,gBAClD;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,6BAA6B,SAAS,KAAK,QAAQ,CAAC;AACrF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,gCAAN,cAA4C,gBACnD;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,yCAAyC,SAAS,KAAK,QAAQ,CAAC;AACjG,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,6BAAN,cAAyC,gBAChD;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM,EAAE,SAAS,KAAK,WAAW,2BAA2B,SAAS,KAAK,QAAQ,CAAC;AACnF,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,wCAAN,cAAoD,gBAC3D;AAAA,EACI,YAAY,OAAgG,CAAC,GAC7G;AACI,UAAM,WAAW,KAAK,YAAY;AAClC,UAAM,SAAS,KAAK,UAAU;AAC9B,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,6BAA6B,MAAM,SAAS,QAAQ;AAAA,MAC7E,SAAS,EAAE,UAAU,QAAQ,GAAG,KAAK,QAAQ;AAAA,IACjD,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,uCAAN,cAAmD,gBAC1D;AAAA,EACI,YAAY,OAA4D,CAAC,GACzE;AACI,UAAM;AAAA,MACF,SAAS,KAAK,WAAW;AAAA,MACzB,SAAS,KAAK;AAAA,IAClB,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,wBAAN,cAAoC,gBAC3C;AAAA,EACI,YAAY,OAA+E,CAAC,GAC5F;AACI,UAAM;AAAA,MACF,SAAS,KAAK,WAAW;AAAA,MACzB,SAAS,EAAE,UAAU,KAAK,UAAU,GAAG,KAAK,QAAQ;AAAA,IACxD,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,4BAAN,cAAwC,cAC/C;AAAA,EACI,YAAY,OAA+E,CAAC,GAC5F;AACI,UAAM;AAAA,MACF,SAAS,KAAK,WAAW;AAAA,MACzB,SAAS,EAAE,UAAU,KAAK,UAAU,GAAG,KAAK,QAAQ;AAAA,IACxD,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,+BAAN,cAA2C,eAClD;AAAA,EACI,YAAY,OAA4F,CAAC,GACzG;AACI,UAAM,sBAAsB,KAAK,uBAAuB,CAAC;AACzD,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,iCAAiC,oBAAoB,KAAK,IAAI,CAAC;AAAA,MACxF,SAAS,EAAE,qBAAqB,GAAG,KAAK,QAAQ;AAAA,IACpD,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;AAOO,IAAM,wBAAN,cAAoC,eAC3C;AAAA,EACI,YAAY,OAAsF,CAAC,GACnG;AACI,UAAM,gBAAgB,KAAK,iBAAiB,CAAC;AAC7C,UAAM;AAAA,MACF,SAAS,KAAK,WAAW,mBAAmB,cAAc,KAAK,IAAI,CAAC;AAAA,MACpE,SAAS,EAAE,eAAe,GAAG,KAAK,QAAQ;AAAA,IAC9C,CAAC;AACD,SAAK,OAAO;AAAA,EAChB;AACJ;;;ADpNO,IAAM,oBAAoB,IAAI,cAAc;AACnD,kBAAkB,OAAO;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACJ,CAAC;","names":[]}