@stackframe/stack-shared 2.5.16 → 2.5.18

package/dist/schema-fields.js

@@ -1,4 +1,6 @@
 import * as yup from "yup";
+import { isBase64 } from "./utils/bytes";
+import { StackAssertionError } from "./utils/errors";
 import { allProviders } from "./utils/oauth";
 import { isUuid } from "./utils/uuids";
 const _idDescription = (identify) => `The unique identifier of this ${identify}`;
@@ -55,6 +57,30 @@ export function yupObject(...args) {
     return object.default(undefined);
 }
 /* eslint-enable no-restricted-syntax */
+export function yupUnion(...args) {
+    if (args.length === 0)
+        throw new Error('yupUnion must have at least one schema');
+    const [first] = args;
+    const firstDesc = first.describe();
+    for (const schema of args) {
+        const desc = schema.describe();
+        if (desc.type !== firstDesc.type)
+            throw new StackAssertionError(`yupUnion must have schemas of the same type (got: ${firstDesc.type} and ${desc.type})`, { first, schema, firstDesc, desc });
+    }
+    return yupMixed().required().test('is-one-of', 'Invalid value', async (value, context) => {
+        const errors = [];
+        for (const schema of args) {
+            try {
+                await schema.validate(value, context.options);
+                return true;
+            }
+            catch (e) {
+                errors.push(e);
+            }
+        }
+        throw new AggregateError(errors, 'Invalid value; must be one of the provided schemas');
+    });
+}
 // Common
 export const adaptSchema = yupMixed();
 /**
@@ -99,6 +125,11 @@ export const jsonStringOrEmptySchema = yupString().test("json", "Invalid JSON fo
     }
 });
 export const emailSchema = yupString().email();
+export const base64Schema = yupString().test("is-base64", "Invalid base64 format", (value) => {
+    if (value == null)
+        return true;
+    return isBase64(value);
+});
 // Request auth
 export const clientOrHigherAuthTypeSchema = yupString().oneOf(['client', 'server', 'admin']);
 export const serverOrHigherAuthTypeSchema = yupString().oneOf(['server', 'admin']);
@@ -115,6 +146,7 @@ export const projectConfigIdSchema = yupString().meta({ openapiField: { descript
 export const projectAllowLocalhostSchema = yupBoolean().meta({ openapiField: { description: 'Whether localhost is allowed as a domain for this project. Should only be allowed in development mode', exampleValue: true } });
 export const projectCreateTeamOnSignUpSchema = yupBoolean().meta({ openapiField: { description: 'Whether a team should be created for each user that signs up', exampleValue: true } });
 export const projectMagicLinkEnabledSchema = yupBoolean().meta({ openapiField: { description: 'Whether magic link authentication is enabled for this project', exampleValue: true } });
+export const projectSignUpEnabledSchema = yupBoolean().meta({ openapiField: { description: 'Whether users can sign up new accounts, or whether they are only allowed to sign in to existing accounts. Regardless of this option, the server API can always create new users with the `POST /users` endpoint.', exampleValue: true } });
 export const projectCredentialEnabledSchema = yupBoolean().meta({ openapiField: { description: 'Whether email password authentication is enabled for this project', exampleValue: true } });
 // Project OAuth config
 export const oauthIdSchema = yupString().oneOf(allProviders).meta({ openapiField: { description: `OAuth provider ID, one of ${allProviders.map(x => `\`${x}\``).join(', ')}`, exampleValue: 'google' } });
@@ -155,11 +187,15 @@ export const userIdSchema = yupString().uuid().meta({ openapiField: { descriptio
 export const primaryEmailSchema = emailSchema.meta({ openapiField: { description: 'Primary email', exampleValue: 'johndoe@example.com' } });
 export const primaryEmailVerifiedSchema = yupBoolean().meta({ openapiField: { description: 'Whether the primary email has been verified to belong to this user', exampleValue: true } });
 export const userDisplayNameSchema = yupString().nullable().meta({ openapiField: { description: _displayNameDescription('user'), exampleValue: 'John Doe' } });
-export const selectedTeamIdSchema = yupString().meta({ openapiField: { description: 'ID of the team currently selected by the user', exampleValue: 'team-id' } });
+export const selectedTeamIdSchema = yupString().uuid().meta({ openapiField: { description: 'ID of the team currently selected by the user', exampleValue: 'team-id' } });
 export const profileImageUrlSchema = yupString().meta({ openapiField: { description: _profileImageUrlDescription('user'), exampleValue: 'https://example.com/image.jpg' } });
 export const signedUpAtMillisSchema = yupNumber().meta({ openapiField: { description: _signedUpAtMillisDescription, exampleValue: 1630000000000 } });
 export const userClientMetadataSchema = jsonSchema.meta({ openapiField: { description: _clientMetaDataDescription('user'), exampleValue: { key: 'value' } } });
 export const userServerMetadataSchema = jsonSchema.meta({ openapiField: { description: _serverMetaDataDescription('user'), exampleValue: { key: 'value' } } });
+export const userOAuthProviderSchema = yupObject({
+    type: yupString().required(),
+    provider_user_id: yupString().required(),
+});
 // Auth
 export const signInEmailSchema = emailSchema.meta({ openapiField: { description: 'The email to sign in with.', exampleValue: 'johndoe@example.com' } });
 export const emailOtpSignInCallbackUrlSchema = urlSchema.meta({ openapiField: { description: 'The base callback URL to construct the magic link from. A query argument `code` with the verification code will be appended to it. The page should then make a request to the `/auth/otp/sign-in` endpoint.', exampleValue: 'https://example.com/handler/magic-link-callback' } });
@@ -203,6 +239,8 @@ export const teamProfileImageUrlSchema = yupString().meta({ openapiField: { desc
 export const teamClientMetadataSchema = jsonSchema.meta({ openapiField: { description: _clientMetaDataDescription('team'), exampleValue: { key: 'value' } } });
 export const teamServerMetadataSchema = jsonSchema.meta({ openapiField: { description: _serverMetaDataDescription('team'), exampleValue: { key: 'value' } } });
 export const teamCreatedAtMillisSchema = yupNumber().meta({ openapiField: { description: _createdAtMillisDescription('team'), exampleValue: 1630000000000 } });
+export const teamInvitationEmailSchema = emailSchema.meta({ openapiField: { description: 'The email to sign in with.', exampleValue: 'johndoe@example.com' } });
+export const teamInvitationCallbackUrlSchema = urlSchema.meta({ openapiField: { description: 'The base callback URL to construct a verification link for the verification e-mail. A query argument `code` with the verification code will be appended to it. The page should then make a request to the `/contact-channels/verify` endpoint.', exampleValue: 'https://example.com/handler/email-verification' } });
 // Team member profiles
 export const teamMemberDisplayNameSchema = yupString().meta({ openapiField: { description: _displayNameDescription('team member') + ' Note that this is separate from the display_name of the user.', exampleValue: 'John Doe' } });
 export const teamMemberProfileImageUrlSchema = yupString().meta({ openapiField: { description: _profileImageUrlDescription('team member'), exampleValue: 'https://example.com/image.jpg' } });

package/dist/utils/arrays.d.ts

@@ -13,3 +13,4 @@ export declare function rotateLeft(arr: readonly any[], n: number): any[];
 export declare function rotateRight(arr: readonly any[], n: number): any[];
 export declare function shuffle<T>(arr: readonly T[]): T[];
 export declare function outerProduct<T, U>(arr1: readonly T[], arr2: readonly U[]): [T, U][];
+export declare function unique<T>(arr: readonly T[]): T[];

package/dist/utils/arrays.js

@@ -65,3 +65,6 @@ export function shuffle(arr) {
 export function outerProduct(arr1, arr2) {
     return arr1.flatMap((item1) => arr2.map((item2) => [item1, item2]));
 }
+export function unique(arr) {
+    return [...new Set(arr)];
+}

package/dist/utils/bytes.d.ts

@@ -1,2 +1,6 @@
 export declare function encodeBase32(input: Uint8Array): string;
 export declare function decodeBase32(input: string): Uint8Array;
+export declare function encodeBase64(input: Uint8Array): string;
+export declare function decodeBase64(input: string): Uint8Array;
+export declare function isBase32(input: string): boolean;
+export declare function isBase64(input: string): boolean;

package/dist/utils/bytes.js

@@ -1,3 +1,4 @@
+import { StackAssertionError } from "./errors";
 const crockfordAlphabet = "0123456789ABCDEFGHJKMNPQRSTVWXYZ";
 const crockfordReplacements = new Map([
     ["o", "0"],
@@ -19,9 +20,16 @@ export function encodeBase32(input) {
     if (bits > 0) {
         output += crockfordAlphabet[(value << (5 - bits)) & 31];
     }
+    // sanity check
+    if (!isBase32(output)) {
+        throw new StackAssertionError("Invalid base32 output; this should never happen");
+    }
     return output;
 }
 export function decodeBase32(input) {
+    if (!isBase32(input)) {
+        throw new StackAssertionError("Invalid base32 string");
+    }
     const output = new Uint8Array((input.length * 5 / 8) | 0);
     let bits = 0;
     let value = 0;
@@ -46,3 +54,31 @@ export function decodeBase32(input) {
     }
     return output;
 }
+export function encodeBase64(input) {
+    const res = btoa(String.fromCharCode(...input));
+    // sanity check
+    if (!isBase64(res)) {
+        throw new StackAssertionError("Invalid base64 output; this should never happen");
+    }
+    return res;
+}
+export function decodeBase64(input) {
+    if (!isBase64(input)) {
+        throw new StackAssertionError("Invalid base64 string");
+    }
+    return new Uint8Array(atob(input).split("").map((char) => char.charCodeAt(0)));
+}
+export function isBase32(input) {
+    for (const char of input) {
+        if (char === " ")
+            continue;
+        if (!crockfordAlphabet.includes(char)) {
+            return false;
+        }
+    }
+    return true;
+}
+export function isBase64(input) {
+    const regex = /^([0-9a-zA-Z+/]{4})*(([0-9a-zA-Z+/]{2}==)|([0-9a-zA-Z+/]{3}=))?$/;
+    return regex.test(input);
+}

package/dist/utils/crypto.d.ts

@@ -1,3 +1,4 @@
+export declare function generateRandomValues(array: Uint8Array): typeof array;
 /**
  * Generates a secure alphanumeric string using the system's cryptographically secure
  * random number generator.

package/dist/utils/crypto.js

@@ -1,5 +1,15 @@
 import { encodeBase32 } from "./bytes";
+import { StackAssertionError } from "./errors";
 import { globalVar } from "./globals";
+export function generateRandomValues(array) {
+    if (!globalVar.crypto) {
+        throw new StackAssertionError("Crypto API is not available in this environment. Are you using an old browser?");
+    }
+    if (!globalVar.crypto.getRandomValues) {
+        throw new StackAssertionError("crypto.getRandomValues is not available in this environment. Are you using an old browser?");
+    }
+    return globalVar.crypto.getRandomValues(array);
+}
 /**
  * Generates a secure alphanumeric string using the system's cryptographically secure
  * random number generator.
@@ -7,7 +17,7 @@ import { globalVar } from "./globals";
 export function generateSecureRandomString(minBitsOfEntropy = 224) {
     const base32CharactersCount = Math.ceil(minBitsOfEntropy / 5);
     const bytesCount = Math.ceil(base32CharactersCount * 5 / 8);
-    const randomBytes = globalVar.crypto.getRandomValues(new Uint8Array(bytesCount));
+    const randomBytes = generateRandomValues(new Uint8Array(bytesCount));
     const str = encodeBase32(randomBytes);
     return str.slice(str.length - base32CharactersCount).toLowerCase();
 }

package/dist/utils/results.d.ts

@@ -12,6 +12,7 @@ export type AsyncResult<T, E = unknown, P = void> = Result<T, E> | ({
 });
 export declare const Result: {
     fromThrowing: typeof fromThrowing;
+    fromThrowingAsync: typeof fromThrowingAsync;
     fromPromise: typeof promiseToResult;
     ok<T>(data: T): {
         status: "ok";
@@ -60,6 +61,7 @@ declare function pending<P>(progress: P): AsyncResult<never, never, P> & {
 };
 declare function promiseToResult<T>(promise: Promise<T>): Promise<Result<T>>;
 declare function fromThrowing<T>(fn: () => T): Result<T, unknown>;
+declare function fromThrowingAsync<T>(fn: () => Promise<T>): Promise<Result<T, unknown>>;
 declare function mapResult<T, U, E = unknown, P = unknown>(result: Result<T, E>, fn: (data: T) => U): Result<U, E>;
 declare function mapResult<T, U, E = unknown, P = unknown>(result: AsyncResult<T, E, P>, fn: (data: T) => U): AsyncResult<U, E, P>;
 declare class RetryError extends AggregateError {

package/dist/utils/results.js

@@ -2,6 +2,7 @@ import { wait } from "./promises";
 import { deindent } from "./strings";
 export const Result = {
     fromThrowing,
+    fromThrowingAsync,
     fromPromise: promiseToResult,
     ok(data) {
         return {
@@ -71,6 +72,14 @@ function fromThrowing(fn) {
         return Result.error(error);
     }
 }
+async function fromThrowingAsync(fn) {
+    try {
+        return Result.ok(await fn());
+    }
+    catch (error) {
+        return Result.error(error);
+    }
+}
 function mapResult(result, fn) {
     if (result.status === "error")
         return {

package/dist/utils/strings.js

@@ -1,4 +1,4 @@
-import { findLastIndex } from "./arrays";
+import { findLastIndex, unique } from "./arrays";
 import { StackAssertionError } from "./errors";
 import { filterUndefined } from "./objects";
 export function typedToLowercase(s) {
@@ -207,6 +207,9 @@ export function nicify(value, options = {}) {
                     return `[${resValues.join(", ")}]`;
                 }
             }
+            if (value instanceof URL) {
+                return `URL(${JSON.stringify(value.toString())})`;
+            }
             const constructorName = [null, Object.prototype].includes(Object.getPrototypeOf(value)) ? null : (nicifiableClassNameOverrides.get(value.constructor) ?? value.constructor.name);
             const constructorString = constructorName ? `${nicifyPropertyString(constructorName)} ` : "";
             const entries = getNicifiableEntries(value).filter(([k]) => !hideFields.includes(k));
@@ -256,7 +259,16 @@ function nicifyPropertyString(str) {
     return JSON.stringify(str);
 }
 function getNicifiableKeys(value) {
-    return ("getNicifiableKeys" in value ? value.getNicifiableKeys?.bind(value) : null)?.() ?? Object.keys(value).sort();
+    const overridden = ("getNicifiableKeys" in value ? value.getNicifiableKeys?.bind(value) : null)?.();
+    if (overridden != null)
+        return overridden;
+    const keys = Object.keys(value).sort();
+    if (value instanceof Error) {
+        if (value.cause)
+            keys.unshift("cause");
+        keys.unshift("message", "stack");
+    }
+    return unique(keys);
 }
 function getNicifiableEntries(value) {
     const recordLikes = [Headers];

package/dist/utils/uuids.js

@@ -1,7 +1,7 @@
-import { globalVar } from "./globals";
+import { generateRandomValues } from "./crypto";
 export function generateUuid() {
     // crypto.randomUuid is not supported in all browsers, so this is a polyfill
-    return "10000000-1000-4000-8000-100000000000".replace(/[018]/g, c => (+c ^ globalVar.crypto.getRandomValues(new Uint8Array(1))[0] & 15 >> +c / 4).toString(16));
+    return "10000000-1000-4000-8000-100000000000".replace(/[018]/g, c => (+c ^ generateRandomValues(new Uint8Array(1))[0] & 15 >> +c / 4).toString(16));
 }
 export function isUuid(str) {
     return /^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/.test(str);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stackframe/stack-shared",
-  "version": "2.5.16",
+  "version": "2.5.18",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "files": [
@@ -36,7 +36,7 @@
     "jose": "^5.2.2",
     "oauth4webapi": "^2.10.3",
     "uuid": "^9.0.1",
-    "@stackframe/stack-sc": "2.5.16"
+    "@stackframe/stack-sc": "2.5.18"
   },
   "devDependencies": {
     "rimraf": "^5.0.5",