@stackframe/stack 2.8.52 → 2.8.56

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. package/CHANGELOG.md +40 -0
  2. package/dist/components/credential-sign-up.js.map +1 -1
  3. package/dist/components/user-button.js +4 -4
  4. package/dist/components/user-button.js.map +1 -1
  5. package/dist/components-page/stack-handler.js.map +1 -1
  6. package/dist/esm/components/credential-sign-up.js.map +1 -1
  7. package/dist/esm/components/user-button.js +4 -4
  8. package/dist/esm/components/user-button.js.map +1 -1
  9. package/dist/esm/components-page/stack-handler.js.map +1 -1
  10. package/dist/esm/generated/global-css.js +1 -1
  11. package/dist/esm/generated/global-css.js.map +1 -1
  12. package/dist/esm/lib/cookie.js +56 -20
  13. package/dist/esm/lib/cookie.js.map +1 -1
  14. package/dist/esm/lib/stack-app/apps/implementations/admin-app-impl.js +7 -1
  15. package/dist/esm/lib/stack-app/apps/implementations/admin-app-impl.js.map +1 -1
  16. package/dist/esm/lib/stack-app/apps/implementations/client-app-impl.js +7 -6
  17. package/dist/esm/lib/stack-app/apps/implementations/client-app-impl.js.map +1 -1
  18. package/dist/esm/lib/stack-app/apps/implementations/common.js +1 -1
  19. package/dist/esm/lib/stack-app/apps/implementations/common.js.map +1 -1
  20. package/dist/esm/lib/stack-app/apps/implementations/server-app-impl.js +2 -4
  21. package/dist/esm/lib/stack-app/apps/implementations/server-app-impl.js.map +1 -1
  22. package/dist/esm/lib/stack-app/apps/interfaces/admin-app.js.map +1 -1
  23. package/dist/esm/lib/stack-app/projects/index.js +3 -1
  24. package/dist/esm/lib/stack-app/projects/index.js.map +1 -1
  25. package/dist/generated/global-css.js +1 -1
  26. package/dist/generated/global-css.js.map +1 -1
  27. package/dist/index.d.mts +19 -18
  28. package/dist/index.d.ts +19 -18
  29. package/dist/integrations/convex.d.mts +11 -0
  30. package/dist/integrations/convex.d.ts +11 -0
  31. package/dist/lib/cookie.js +56 -20
  32. package/dist/lib/cookie.js.map +1 -1
  33. package/dist/lib/stack-app/apps/implementations/admin-app-impl.js +7 -1
  34. package/dist/lib/stack-app/apps/implementations/admin-app-impl.js.map +1 -1
  35. package/dist/lib/stack-app/apps/implementations/client-app-impl.js +6 -5
  36. package/dist/lib/stack-app/apps/implementations/client-app-impl.js.map +1 -1
  37. package/dist/lib/stack-app/apps/implementations/common.js +1 -1
  38. package/dist/lib/stack-app/apps/implementations/common.js.map +1 -1
  39. package/dist/lib/stack-app/apps/implementations/server-app-impl.js +4 -16
  40. package/dist/lib/stack-app/apps/implementations/server-app-impl.js.map +1 -1
  41. package/dist/lib/stack-app/apps/interfaces/admin-app.js.map +1 -1
  42. package/dist/lib/stack-app/projects/index.js +3 -1
  43. package/dist/lib/stack-app/projects/index.js.map +1 -1
  44. package/package.json +13 -4
package/dist/index.d.mts CHANGED
@@ -6,14 +6,15 @@ import { GenericQueryCtx, UserIdentity } from 'convex/server';
6
6
  import { inlineProductSchema } from '@stackframe/stack-shared/dist/schema-fields';
7
7
  import * as yup from 'yup';
8
8
  import { ProductionModeError } from '@stackframe/stack-shared/dist/helpers/production-mode';
9
- import { CompleteConfig, EnvironmentConfigOverrideOverride } from '@stackframe/stack-shared/dist/config/schema';
9
+ import { CompleteConfig, EnvironmentConfigOverrideOverride, EnvironmentConfigNormalizedOverride } from '@stackframe/stack-shared/dist/config/schema';
10
10
  import { ChatContent } from '@stackframe/stack-shared/dist/interface/admin-interface';
11
- import { AdminTransaction } from '@stackframe/stack-shared/dist/interface/crud/transactions';
11
+ import { TransactionType, Transaction } from '@stackframe/stack-shared/dist/interface/crud/transactions';
12
12
  import { InternalSession } from '@stackframe/stack-shared/dist/sessions';
13
13
  import { XOR, PrettifyType, IfAndOnlyIf } from '@stackframe/stack-shared/dist/utils/types';
14
14
  import { InternalApiKeysCrud } from '@stackframe/stack-shared/dist/interface/crud/internal-api-keys';
15
15
  import { ReadonlyJson } from '@stackframe/stack-shared/dist/utils/json';
16
16
  import { GeoInfo } from '@stackframe/stack-shared/dist/utils/geo';
17
+ export { getConvexProvidersConfig } from './integrations/convex.mjs';
17
18
  import * as react_jsx_runtime from 'react/jsx-runtime';
18
19
  import * as lucide_react from 'lucide-react';
19
20
  import React$1 from 'react';
@@ -976,11 +977,11 @@ type StackAdminApp<HasTokenStore extends boolean = boolean, ProjectId extends st
976
977
  {
977
978
  cursor?: string;
978
979
  limit?: number;
979
- type?: 'subscription' | 'one_time' | 'item_quantity_change';
980
+ type?: TransactionType;
980
981
  customerType?: 'user' | 'team' | 'custom';
981
982
  }
982
983
  ], {
983
- transactions: AdminTransaction[];
984
+ transactions: Transaction[];
984
985
  nextCursor: string | null;
985
986
  }, true> & {
986
987
  createInternalApiKey(options: InternalApiKeyCreateOptions): Promise<InternalApiKeyFirstView>;
@@ -1068,6 +1069,10 @@ type StackAdminApp<HasTokenStore extends boolean = boolean, ProjectId extends st
1068
1069
  expiresAt?: string;
1069
1070
  description?: string;
1070
1071
  })): Promise<void>;
1072
+ refundTransaction(options: {
1073
+ type: "subscription" | "one-time-purchase";
1074
+ id: string;
1075
+ }): Promise<void>;
1071
1076
  } & StackServerApp<HasTokenStore, ProjectId>);
1072
1077
  declare const StackAdminApp: StackAdminAppConstructor;
1073
1078
 
@@ -1174,13 +1179,17 @@ type AdminProject = {
1174
1179
  readonly isProductionMode: boolean;
1175
1180
  readonly ownerTeamId: string | null;
1176
1181
  readonly logoUrl: string | null | undefined;
1177
- readonly fullLogoUrl: string | null | undefined;
1182
+ readonly logoFullUrl: string | null | undefined;
1183
+ readonly logoDarkModeUrl: string | null | undefined;
1184
+ readonly logoFullDarkModeUrl: string | null | undefined;
1178
1185
  readonly config: AdminProjectConfig;
1179
1186
  update(this: AdminProject, update: AdminProjectUpdateOptions): Promise<void>;
1180
1187
  delete(this: AdminProject): Promise<void>;
1181
1188
  getConfig(this: AdminProject): Promise<CompleteConfig>;
1182
1189
  useConfig(this: AdminProject): CompleteConfig;
1183
- updateConfig(this: AdminProject, config: EnvironmentConfigOverrideOverride): Promise<void>;
1190
+ updateConfig(this: AdminProject, config: EnvironmentConfigOverrideOverride & {
1191
+ [K in keyof EnvironmentConfigNormalizedOverride]: "............................ERROR MESSAGE AFTER THIS LINE............................ You have attempted to update a config object with a top-level property in it (for example `emails`). This is very likely a mistake, and you probably meant to update a nested property instead (for example `emails.server`). If you really meant to update a top-level property (resetting all nested properties to their defaults), cast as any (the code will work at runtime) ............................ERROR MESSAGE BEFORE THIS LINE............................";
1192
+ }): Promise<void>;
1184
1193
  getProductionModeErrors(this: AdminProject): Promise<ProductionModeError[]>;
1185
1194
  useProductionModeErrors(this: AdminProject): ProductionModeError[];
1186
1195
  } & Project;
@@ -1192,7 +1201,9 @@ type AdminProjectUpdateOptions = {
1192
1201
  description?: string;
1193
1202
  isProductionMode?: boolean;
1194
1203
  logoUrl?: string | null;
1195
- fullLogoUrl?: string | null;
1204
+ logoFullUrl?: string | null;
1205
+ logoDarkModeUrl?: string | null;
1206
+ logoFullDarkModeUrl?: string | null;
1196
1207
  config?: AdminProjectConfigUpdateOptions;
1197
1208
  };
1198
1209
  type AdminProjectCreateOptions = Omit<AdminProjectUpdateOptions, 'displayName'> & {
@@ -1368,16 +1379,6 @@ type StackClientApp<HasTokenStore extends boolean = boolean, ProjectId extends s
1368
1379
  }>);
1369
1380
  declare const StackClientApp: StackClientAppConstructor;
1370
1381
 
1371
- declare function getConvexProvidersConfig(options: {
1372
- baseUrl?: string;
1373
- projectId: string;
1374
- }): {
1375
- type: string;
1376
- issuer: URL;
1377
- jwks: URL;
1378
- algorithm: string;
1379
- }[];
1380
-
1381
1382
  declare const iconMap: {
1382
1383
  readonly Contact: React$1.ForwardRefExoticComponent<Omit<lucide_react.LucideProps, "ref"> & React$1.RefAttributes<SVGSVGElement>>;
1383
1384
  readonly ShieldCheck: React$1.ForwardRefExoticComponent<Omit<lucide_react.LucideProps, "ref"> & React$1.RefAttributes<SVGSVGElement>>;
@@ -1760,4 +1761,4 @@ type UserButtonProps = {
1760
1761
  };
1761
1762
  declare function UserButton(props: UserButtonProps): react_jsx_runtime.JSX.Element;
1762
1763
 
1763
- export { AccountSettings, type AdminDomainConfig, type AdminEmailConfig, type AdminOAuthProviderConfig, type AdminOwnedProject, type AdminProject, type AdminProjectConfig, type AdminProjectConfigUpdateOptions, type AdminProjectCreateOptions, type AdminProjectPermission, type AdminProjectPermissionDefinition, type AdminProjectPermissionDefinitionCreateOptions, type AdminProjectPermissionDefinitionUpdateOptions, type AdminProjectUpdateOptions, type AdminSentEmail, type AdminTeamPermission, type AdminTeamPermissionDefinition, type AdminTeamPermissionDefinitionCreateOptions, type AdminTeamPermissionDefinitionUpdateOptions, type Auth, AuthPage, CliAuthConfirmation, type Connection, type ContactChannel, CredentialSignIn, CredentialSignUp, type CurrentInternalServerUser, type CurrentInternalUser, type CurrentServerUser, type CurrentUser, type EditableTeamMemberProfile, EmailVerification, ForgotPassword, type GetCurrentUserOptions, type GetCurrentUserOptions as GetUserOptions, type HandlerUrls, type InternalApiKey, type InternalApiKeyBase, type InternalApiKeyBaseCrudRead, type InternalApiKeyCreateOptions, type InternalApiKeyFirstView, MagicLinkSignIn, MessageCard, OAuthButton, OAuthButtonGroup, type OAuthConnection, type OAuthProvider, type OAuthProviderConfig, type OAuthScopesOnSignIn, PasswordReset, type Project, type ProjectConfig, SelectedTeamSwitcher, type ServerContactChannel, type ServerListUsersOptions, type ServerOAuthProvider, type ServerTeam, type ServerTeamCreateOptions, type ServerTeamMemberProfile, type ServerTeamUpdateOptions, type ServerTeamUser, type ServerUser, type Session, SignIn, SignUp, StackAdminApp, type StackAdminAppConstructor, type StackAdminAppConstructorOptions, StackClientApp, type StackClientAppConstructor, type StackClientAppConstructorOptions, type StackClientAppJson, StackHandler, NextStackProvider as StackProvider, StackServerApp, type StackServerAppConstructor, type StackServerAppConstructorOptions, StackTheme, type Team, type TeamCreateOptions, type TeamInvitation$1 as TeamInvitation, type TeamMemberProfile, TeamSwitcher, type TeamUpdateOptions, type TeamUser, type User, UserAvatar, UserButton, getConvexProvidersConfig, stackAppInternalsSymbol, useStackApp, useUser };
1764
+ export { AccountSettings, type AdminDomainConfig, type AdminEmailConfig, type AdminOAuthProviderConfig, type AdminOwnedProject, type AdminProject, type AdminProjectConfig, type AdminProjectConfigUpdateOptions, type AdminProjectCreateOptions, type AdminProjectPermission, type AdminProjectPermissionDefinition, type AdminProjectPermissionDefinitionCreateOptions, type AdminProjectPermissionDefinitionUpdateOptions, type AdminProjectUpdateOptions, type AdminSentEmail, type AdminTeamPermission, type AdminTeamPermissionDefinition, type AdminTeamPermissionDefinitionCreateOptions, type AdminTeamPermissionDefinitionUpdateOptions, type Auth, AuthPage, CliAuthConfirmation, type Connection, type ContactChannel, CredentialSignIn, CredentialSignUp, type CurrentInternalServerUser, type CurrentInternalUser, type CurrentServerUser, type CurrentUser, type EditableTeamMemberProfile, EmailVerification, ForgotPassword, type GetCurrentUserOptions, type GetCurrentUserOptions as GetUserOptions, type HandlerUrls, type InternalApiKey, type InternalApiKeyBase, type InternalApiKeyBaseCrudRead, type InternalApiKeyCreateOptions, type InternalApiKeyFirstView, MagicLinkSignIn, MessageCard, OAuthButton, OAuthButtonGroup, type OAuthConnection, type OAuthProvider, type OAuthProviderConfig, type OAuthScopesOnSignIn, PasswordReset, type Project, type ProjectConfig, SelectedTeamSwitcher, type ServerContactChannel, type ServerListUsersOptions, type ServerOAuthProvider, type ServerTeam, type ServerTeamCreateOptions, type ServerTeamMemberProfile, type ServerTeamUpdateOptions, type ServerTeamUser, type ServerUser, type Session, SignIn, SignUp, StackAdminApp, type StackAdminAppConstructor, type StackAdminAppConstructorOptions, StackClientApp, type StackClientAppConstructor, type StackClientAppConstructorOptions, type StackClientAppJson, StackHandler, NextStackProvider as StackProvider, StackServerApp, type StackServerAppConstructor, type StackServerAppConstructorOptions, StackTheme, type Team, type TeamCreateOptions, type TeamInvitation$1 as TeamInvitation, type TeamMemberProfile, TeamSwitcher, type TeamUpdateOptions, type TeamUser, type User, UserAvatar, UserButton, stackAppInternalsSymbol, useStackApp, useUser };
package/dist/index.d.ts CHANGED
@@ -6,14 +6,15 @@ import { GenericQueryCtx, UserIdentity } from 'convex/server';
6
6
  import { inlineProductSchema } from '@stackframe/stack-shared/dist/schema-fields';
7
7
  import * as yup from 'yup';
8
8
  import { ProductionModeError } from '@stackframe/stack-shared/dist/helpers/production-mode';
9
- import { CompleteConfig, EnvironmentConfigOverrideOverride } from '@stackframe/stack-shared/dist/config/schema';
9
+ import { CompleteConfig, EnvironmentConfigOverrideOverride, EnvironmentConfigNormalizedOverride } from '@stackframe/stack-shared/dist/config/schema';
10
10
  import { ChatContent } from '@stackframe/stack-shared/dist/interface/admin-interface';
11
- import { AdminTransaction } from '@stackframe/stack-shared/dist/interface/crud/transactions';
11
+ import { TransactionType, Transaction } from '@stackframe/stack-shared/dist/interface/crud/transactions';
12
12
  import { InternalSession } from '@stackframe/stack-shared/dist/sessions';
13
13
  import { XOR, PrettifyType, IfAndOnlyIf } from '@stackframe/stack-shared/dist/utils/types';
14
14
  import { InternalApiKeysCrud } from '@stackframe/stack-shared/dist/interface/crud/internal-api-keys';
15
15
  import { ReadonlyJson } from '@stackframe/stack-shared/dist/utils/json';
16
16
  import { GeoInfo } from '@stackframe/stack-shared/dist/utils/geo';
17
+ export { getConvexProvidersConfig } from './integrations/convex.js';
17
18
  import * as react_jsx_runtime from 'react/jsx-runtime';
18
19
  import * as lucide_react from 'lucide-react';
19
20
  import React$1 from 'react';
@@ -976,11 +977,11 @@ type StackAdminApp<HasTokenStore extends boolean = boolean, ProjectId extends st
976
977
  {
977
978
  cursor?: string;
978
979
  limit?: number;
979
- type?: 'subscription' | 'one_time' | 'item_quantity_change';
980
+ type?: TransactionType;
980
981
  customerType?: 'user' | 'team' | 'custom';
981
982
  }
982
983
  ], {
983
- transactions: AdminTransaction[];
984
+ transactions: Transaction[];
984
985
  nextCursor: string | null;
985
986
  }, true> & {
986
987
  createInternalApiKey(options: InternalApiKeyCreateOptions): Promise<InternalApiKeyFirstView>;
@@ -1068,6 +1069,10 @@ type StackAdminApp<HasTokenStore extends boolean = boolean, ProjectId extends st
1068
1069
  expiresAt?: string;
1069
1070
  description?: string;
1070
1071
  })): Promise<void>;
1072
+ refundTransaction(options: {
1073
+ type: "subscription" | "one-time-purchase";
1074
+ id: string;
1075
+ }): Promise<void>;
1071
1076
  } & StackServerApp<HasTokenStore, ProjectId>);
1072
1077
  declare const StackAdminApp: StackAdminAppConstructor;
1073
1078
 
@@ -1174,13 +1179,17 @@ type AdminProject = {
1174
1179
  readonly isProductionMode: boolean;
1175
1180
  readonly ownerTeamId: string | null;
1176
1181
  readonly logoUrl: string | null | undefined;
1177
- readonly fullLogoUrl: string | null | undefined;
1182
+ readonly logoFullUrl: string | null | undefined;
1183
+ readonly logoDarkModeUrl: string | null | undefined;
1184
+ readonly logoFullDarkModeUrl: string | null | undefined;
1178
1185
  readonly config: AdminProjectConfig;
1179
1186
  update(this: AdminProject, update: AdminProjectUpdateOptions): Promise<void>;
1180
1187
  delete(this: AdminProject): Promise<void>;
1181
1188
  getConfig(this: AdminProject): Promise<CompleteConfig>;
1182
1189
  useConfig(this: AdminProject): CompleteConfig;
1183
- updateConfig(this: AdminProject, config: EnvironmentConfigOverrideOverride): Promise<void>;
1190
+ updateConfig(this: AdminProject, config: EnvironmentConfigOverrideOverride & {
1191
+ [K in keyof EnvironmentConfigNormalizedOverride]: "............................ERROR MESSAGE AFTER THIS LINE............................ You have attempted to update a config object with a top-level property in it (for example `emails`). This is very likely a mistake, and you probably meant to update a nested property instead (for example `emails.server`). If you really meant to update a top-level property (resetting all nested properties to their defaults), cast as any (the code will work at runtime) ............................ERROR MESSAGE BEFORE THIS LINE............................";
1192
+ }): Promise<void>;
1184
1193
  getProductionModeErrors(this: AdminProject): Promise<ProductionModeError[]>;
1185
1194
  useProductionModeErrors(this: AdminProject): ProductionModeError[];
1186
1195
  } & Project;
@@ -1192,7 +1201,9 @@ type AdminProjectUpdateOptions = {
1192
1201
  description?: string;
1193
1202
  isProductionMode?: boolean;
1194
1203
  logoUrl?: string | null;
1195
- fullLogoUrl?: string | null;
1204
+ logoFullUrl?: string | null;
1205
+ logoDarkModeUrl?: string | null;
1206
+ logoFullDarkModeUrl?: string | null;
1196
1207
  config?: AdminProjectConfigUpdateOptions;
1197
1208
  };
1198
1209
  type AdminProjectCreateOptions = Omit<AdminProjectUpdateOptions, 'displayName'> & {
@@ -1368,16 +1379,6 @@ type StackClientApp<HasTokenStore extends boolean = boolean, ProjectId extends s
1368
1379
  }>);
1369
1380
  declare const StackClientApp: StackClientAppConstructor;
1370
1381
 
1371
- declare function getConvexProvidersConfig(options: {
1372
- baseUrl?: string;
1373
- projectId: string;
1374
- }): {
1375
- type: string;
1376
- issuer: URL;
1377
- jwks: URL;
1378
- algorithm: string;
1379
- }[];
1380
-
1381
1382
  declare const iconMap: {
1382
1383
  readonly Contact: React$1.ForwardRefExoticComponent<Omit<lucide_react.LucideProps, "ref"> & React$1.RefAttributes<SVGSVGElement>>;
1383
1384
  readonly ShieldCheck: React$1.ForwardRefExoticComponent<Omit<lucide_react.LucideProps, "ref"> & React$1.RefAttributes<SVGSVGElement>>;
@@ -1760,4 +1761,4 @@ type UserButtonProps = {
1760
1761
  };
1761
1762
  declare function UserButton(props: UserButtonProps): react_jsx_runtime.JSX.Element;
1762
1763
 
1763
- export { AccountSettings, type AdminDomainConfig, type AdminEmailConfig, type AdminOAuthProviderConfig, type AdminOwnedProject, type AdminProject, type AdminProjectConfig, type AdminProjectConfigUpdateOptions, type AdminProjectCreateOptions, type AdminProjectPermission, type AdminProjectPermissionDefinition, type AdminProjectPermissionDefinitionCreateOptions, type AdminProjectPermissionDefinitionUpdateOptions, type AdminProjectUpdateOptions, type AdminSentEmail, type AdminTeamPermission, type AdminTeamPermissionDefinition, type AdminTeamPermissionDefinitionCreateOptions, type AdminTeamPermissionDefinitionUpdateOptions, type Auth, AuthPage, CliAuthConfirmation, type Connection, type ContactChannel, CredentialSignIn, CredentialSignUp, type CurrentInternalServerUser, type CurrentInternalUser, type CurrentServerUser, type CurrentUser, type EditableTeamMemberProfile, EmailVerification, ForgotPassword, type GetCurrentUserOptions, type GetCurrentUserOptions as GetUserOptions, type HandlerUrls, type InternalApiKey, type InternalApiKeyBase, type InternalApiKeyBaseCrudRead, type InternalApiKeyCreateOptions, type InternalApiKeyFirstView, MagicLinkSignIn, MessageCard, OAuthButton, OAuthButtonGroup, type OAuthConnection, type OAuthProvider, type OAuthProviderConfig, type OAuthScopesOnSignIn, PasswordReset, type Project, type ProjectConfig, SelectedTeamSwitcher, type ServerContactChannel, type ServerListUsersOptions, type ServerOAuthProvider, type ServerTeam, type ServerTeamCreateOptions, type ServerTeamMemberProfile, type ServerTeamUpdateOptions, type ServerTeamUser, type ServerUser, type Session, SignIn, SignUp, StackAdminApp, type StackAdminAppConstructor, type StackAdminAppConstructorOptions, StackClientApp, type StackClientAppConstructor, type StackClientAppConstructorOptions, type StackClientAppJson, StackHandler, NextStackProvider as StackProvider, StackServerApp, type StackServerAppConstructor, type StackServerAppConstructorOptions, StackTheme, type Team, type TeamCreateOptions, type TeamInvitation$1 as TeamInvitation, type TeamMemberProfile, TeamSwitcher, type TeamUpdateOptions, type TeamUser, type User, UserAvatar, UserButton, getConvexProvidersConfig, stackAppInternalsSymbol, useStackApp, useUser };
1764
+ export { AccountSettings, type AdminDomainConfig, type AdminEmailConfig, type AdminOAuthProviderConfig, type AdminOwnedProject, type AdminProject, type AdminProjectConfig, type AdminProjectConfigUpdateOptions, type AdminProjectCreateOptions, type AdminProjectPermission, type AdminProjectPermissionDefinition, type AdminProjectPermissionDefinitionCreateOptions, type AdminProjectPermissionDefinitionUpdateOptions, type AdminProjectUpdateOptions, type AdminSentEmail, type AdminTeamPermission, type AdminTeamPermissionDefinition, type AdminTeamPermissionDefinitionCreateOptions, type AdminTeamPermissionDefinitionUpdateOptions, type Auth, AuthPage, CliAuthConfirmation, type Connection, type ContactChannel, CredentialSignIn, CredentialSignUp, type CurrentInternalServerUser, type CurrentInternalUser, type CurrentServerUser, type CurrentUser, type EditableTeamMemberProfile, EmailVerification, ForgotPassword, type GetCurrentUserOptions, type GetCurrentUserOptions as GetUserOptions, type HandlerUrls, type InternalApiKey, type InternalApiKeyBase, type InternalApiKeyBaseCrudRead, type InternalApiKeyCreateOptions, type InternalApiKeyFirstView, MagicLinkSignIn, MessageCard, OAuthButton, OAuthButtonGroup, type OAuthConnection, type OAuthProvider, type OAuthProviderConfig, type OAuthScopesOnSignIn, PasswordReset, type Project, type ProjectConfig, SelectedTeamSwitcher, type ServerContactChannel, type ServerListUsersOptions, type ServerOAuthProvider, type ServerTeam, type ServerTeamCreateOptions, type ServerTeamMemberProfile, type ServerTeamUpdateOptions, type ServerTeamUser, type ServerUser, type Session, SignIn, SignUp, StackAdminApp, type StackAdminAppConstructor, type StackAdminAppConstructorOptions, StackClientApp, type StackClientAppConstructor, type StackClientAppConstructorOptions, type StackClientAppJson, StackHandler, NextStackProvider as StackProvider, StackServerApp, type StackServerAppConstructor, type StackServerAppConstructorOptions, StackTheme, type Team, type TeamCreateOptions, type TeamInvitation$1 as TeamInvitation, type TeamMemberProfile, TeamSwitcher, type TeamUpdateOptions, type TeamUser, type User, UserAvatar, UserButton, stackAppInternalsSymbol, useStackApp, useUser };
package/dist/integrations/convex.d.mts ADDED
@@ -0,0 +1,11 @@
1
+ declare function getConvexProvidersConfig(options: {
2
+ baseUrl?: string;
3
+ projectId: string;
4
+ }): {
5
+ type: string;
6
+ issuer: URL;
7
+ jwks: URL;
8
+ algorithm: string;
9
+ }[];
10
+
11
+ export { getConvexProvidersConfig };
package/dist/integrations/convex.d.ts ADDED
@@ -0,0 +1,11 @@
1
+ declare function getConvexProvidersConfig(options: {
2
+ baseUrl?: string;
3
+ projectId: string;
4
+ }): {
5
+ type: string;
6
+ issuer: URL;
7
+ jwks: URL;
8
+ algorithm: string;
9
+ }[];
10
+
11
+ export { getConvexProvidersConfig };
package/dist/lib/cookie.js CHANGED
@@ -106,7 +106,7 @@ function createNextCookieHelper(rscCookiesAwaited, rscHeadersAwaited) {
106
106
  },
107
107
  getAll: () => {
108
108
  try {
109
- rscCookiesAwaited.set("stack-is-https", "true", { secure: true });
109
+ rscCookiesAwaited.set("stack-is-https", "true", { secure: true, expires: new Date(Date.now() + 1e3 * 60 * 60 * 24 * 365) });
110
110
  } catch (e) {
111
111
  if (typeof e === "object" && e !== null && "message" in e && typeof e.message === "string" && e.message.includes("Cookies can only be modified in a Server Action or Route Handler")) {
112
112
  } else {
@@ -124,21 +124,22 @@ function createNextCookieHelper(rscCookiesAwaited, rscHeadersAwaited) {
124
124
  try {
125
125
  rscCookiesAwaited.set(name, value, {
126
126
  secure: isSecureCookie,
127
- maxAge: options.maxAge,
128
- domain: options.domain
127
+ maxAge: options.maxAge === "session" ? void 0 : options.maxAge,
128
+ domain: options.domain,
129
+ sameSite: "lax"
129
130
  });
130
131
  } catch (e) {
131
132
  handleCookieError(e, options);
132
133
  }
133
134
  },
134
- setOrDelete(name, value, options = {}) {
135
+ setOrDelete(name, value, options) {
135
136
  if (value === null) {
136
137
  this.delete(name, options);
137
138
  } else {
138
139
  this.set(name, value, options);
139
140
  }
140
141
  },
141
- delete(name, options = {}) {
142
+ delete(name, options) {
142
143
  try {
143
144
  if (options.domain !== void 0) {
144
145
  rscCookiesAwaited.delete({ name, domain: options.domain });
@@ -158,7 +159,7 @@ function getCookieClient(name) {
158
159
  }
159
160
  function getAllCookiesClient() {
160
161
  ensureClient();
161
- import_js_cookie.default.set("stack-is-https", "true", { secure: true });
162
+ import_js_cookie.default.set("stack-is-https", "true", { secure: true, expires: new Date(Date.now() + 1e3 * 60 * 60 * 24 * 365) });
162
163
  return import_js_cookie.default.get();
163
164
  }
164
165
  async function getCookie(name) {
@@ -178,21 +179,56 @@ function determineSecureFromClientContext() {
178
179
  function determineSecureFromServerContext(cookies, headers) {
179
180
  return cookies.has("stack-is-https") || headers.get("x-forwarded-proto") === "https";
180
181
  }
181
- function setCookieClientInternal(name, value, options = {}) {
182
+ var _shouldSetPartitionedClientCache = void 0;
183
+ function shouldSetPartitionedClient() {
184
+ return _shouldSetPartitionedClientCache ??= _internalShouldSetPartitionedClient();
185
+ }
186
+ function _internalShouldSetPartitionedClient() {
187
+ ensureClient();
188
+ if (!determineSecureFromClientContext()) {
189
+ return false;
190
+ }
191
+ const cookie1Name = "__Host-stack-temporary-chips-test-" + Math.random().toString(36).substring(2, 15);
192
+ document.cookie = `${cookie1Name}=value1; Secure; path=/`;
193
+ const cookies1 = document.cookie.split("; ");
194
+ document.cookie = `${cookie1Name}=delete1; Secure; path=/; expires=Thu, 01 Jan 1970 00:00:00 UTC;`;
195
+ if (cookies1.some((c) => c.startsWith(cookie1Name + "="))) {
196
+ return false;
197
+ }
198
+ const cookie2Name = "__Host-stack-temporary-chips-test-" + Math.random().toString(36).substring(2, 15);
199
+ document.cookie = `${cookie2Name}=delete1; Secure; SameSite=None; Partitioned; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;
200
+ document.cookie = `${cookie2Name}=delete2; Secure; SameSite=None; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;
201
+ document.cookie = `${cookie2Name}=set1; Secure; SameSite=None; Partitioned; path=/`;
202
+ document.cookie = `${cookie2Name}=set2; Secure; SameSite=None; path=/`;
203
+ const cookies2 = document.cookie.split("; ");
204
+ const numberOfCookiesWithThisName = cookies2.filter((c) => c.startsWith(cookie2Name + "=")).length;
205
+ document.cookie = `${cookie2Name}=delete3; Secure; SameSite=None; Partitioned; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;
206
+ document.cookie = `${cookie2Name}=delete4; Secure; SameSite=None; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;
207
+ return numberOfCookiesWithThisName === 2;
208
+ }
209
+ function setCookieClientInternal(name, value, options) {
182
210
  const secure = options.secure ?? determineSecureFromClientContext();
211
+ const partitioned = shouldSetPartitionedClient();
183
212
  import_js_cookie.default.set(name, value, {
184
- expires: options.maxAge === void 0 ? void 0 : new Date(Date.now() + options.maxAge * 1e3),
213
+ expires: options.maxAge === "session" ? void 0 : new Date(Date.now() + options.maxAge * 1e3),
185
214
  domain: options.domain,
186
- secure
215
+ secure,
216
+ sameSite: "Lax",
217
+ ...partitioned ? {
218
+ partitioned,
219
+ sameSite: "None"
220
+ } : {}
187
221
  });
188
222
  }
189
- function deleteCookieClientInternal(name, options = {}) {
190
- if (options.domain !== void 0) {
191
- import_js_cookie.default.remove(name, { domain: options.domain, secure: determineSecureFromClientContext() });
223
+ function deleteCookieClientInternal(name, options) {
224
+ for (const partitioned of [true, false]) {
225
+ if (options.domain !== void 0) {
226
+ import_js_cookie.default.remove(name, { domain: options.domain, secure: determineSecureFromClientContext(), partitioned });
227
+ }
228
+ import_js_cookie.default.remove(name, { secure: determineSecureFromClientContext(), partitioned });
192
229
  }
193
- import_js_cookie.default.remove(name, { secure: determineSecureFromClientContext() });
194
230
  }
195
- function setOrDeleteCookieClient(name, value, options = {}) {
231
+ function setOrDeleteCookieClient(name, value, options) {
196
232
  ensureClient();
197
233
  if (value === null) {
198
234
  deleteCookieClientInternal(name, options);
@@ -200,23 +236,23 @@ function setOrDeleteCookieClient(name, value, options = {}) {
200
236
  setCookieClientInternal(name, value, options);
201
237
  }
202
238
  }
203
- async function setOrDeleteCookie(name, value, options = {}) {
239
+ async function setOrDeleteCookie(name, value, options) {
204
240
  const cookieHelper = await createCookieHelper();
205
241
  cookieHelper.setOrDelete(name, value, options);
206
242
  }
207
- function deleteCookieClient(name, options = {}) {
243
+ function deleteCookieClient(name, options) {
208
244
  ensureClient();
209
245
  deleteCookieClientInternal(name, options);
210
246
  }
211
- async function deleteCookie(name, options = {}) {
247
+ async function deleteCookie(name, options) {
212
248
  const cookieHelper = await createCookieHelper();
213
249
  cookieHelper.delete(name, options);
214
250
  }
215
- function setCookieClient(name, value, options = {}) {
251
+ function setCookieClient(name, value, options) {
216
252
  ensureClient();
217
253
  setCookieClientInternal(name, value, options);
218
254
  }
219
- async function setCookie(name, value, options = {}) {
255
+ async function setCookie(name, value, options) {
220
256
  const cookieHelper = await createCookieHelper();
221
257
  cookieHelper.set(name, value, options);
222
258
  }
@@ -237,7 +273,7 @@ function consumeVerifierAndStateCookie(state) {
237
273
  if (!codeVerifier) {
238
274
  return null;
239
275
  }
240
- deleteCookieClient(cookieName);
276
+ deleteCookieClient(cookieName, {});
241
277
  return {
242
278
  codeVerifier
243
279
  };
package/dist/lib/cookie.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/lib/cookie.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { cookies as rscCookies, headers as rscHeaders } from '@stackframe/stack-sc/force-react-server'; // THIS_LINE_PLATFORM next\nimport { isBrowserLike } from '@stackframe/stack-shared/dist/utils/env';\nimport { StackAssertionError } from '@stackframe/stack-shared/dist/utils/errors';\nimport Cookies from \"js-cookie\";\nimport { calculatePKCECodeChallenge, generateRandomCodeVerifier, generateRandomState } from \"oauth4webapi\";\n\ntype SetCookieOptions = { maxAge?: number, noOpIfServerComponent?: boolean, domain?: string, secure?: boolean };\ntype DeleteCookieOptions = { noOpIfServerComponent?: boolean, domain?: string };\n\nfunction ensureClient() {\n if (!isBrowserLike()) {\n throw new Error(\"cookieClient functions can only be called in a browser environment, yet window is undefined\");\n }\n}\n\nexport type CookieHelper = {\n get: (name: string) => string | null,\n getAll: () => Record<string, string>,\n set: (name: string, value: string, options: SetCookieOptions) => void,\n setOrDelete: (name: string, value: string | null, options: SetCookieOptions & DeleteCookieOptions) => void,\n delete: (name: string, options: DeleteCookieOptions) => void,\n};\n\nconst placeholderCookieHelperIdentity = { \"placeholder cookie helper identity\": true };\nexport async function createPlaceholderCookieHelper(): Promise<CookieHelper> {\n function throwError(): never {\n throw new StackAssertionError(\"Throwing cookie helper is just a placeholder. This should never be called\");\n }\n return {\n get: throwError,\n getAll: throwError,\n set: throwError,\n setOrDelete: throwError,\n delete: throwError,\n };\n}\n\nexport async function createCookieHelper(): Promise<CookieHelper> {\n if (isBrowserLike()) {\n return createBrowserCookieHelper();\n } else {\n return createNextCookieHelper(\n await rscCookies(),\n await rscHeaders(),\n );\n }\n}\n\nexport function createBrowserCookieHelper(): CookieHelper {\n return {\n get: getCookieClient,\n getAll: getAllCookiesClient,\n set: setCookieClient,\n setOrDelete: setOrDeleteCookieClient,\n delete: deleteCookieClient,\n };\n}\n\nfunction handleCookieError(e: unknown, options: DeleteCookieOptions | SetCookieOptions) {\n if (e instanceof Error && e.message.includes(\"Cookies can only be modified in\")) {\n if (options.noOpIfServerComponent) {\n // ignore\n } else {\n throw new StackAssertionError(\"Attempted to set cookie in server component. Pass { noOpIfServerComponent: true } in the options of Stack's cookie functions if this is intentional and you want to ignore this error. Read more: https://nextjs.org/docs/app/api-reference/functions/cookies#options\");\n }\n } else {\n throw e;\n }\n}\n\nfunction createNextCookieHelper(\n rscCookiesAwaited: Awaited<ReturnType<typeof rscCookies>>,\n rscHeadersAwaited: Awaited<ReturnType<typeof rscHeaders>>,\n): CookieHelper {\n const cookieHelper = {\n get: (name: string) => {\n const all = cookieHelper.getAll();\n return all[name] ?? null;\n },\n getAll: () => {\n // set a helper cookie, see comment in `NextCookieHelper.set` below\n try {\n rscCookiesAwaited.set(\"stack-is-https\", \"true\", { secure: true });\n } catch (e) {\n if (\n typeof e === 'object'\n && e !== null\n && 'message' in e\n && typeof e.message === 'string'\n && e.message.includes('Cookies can only be modified in a Server Action or Route Handler')\n ) {\n // ignore\n } else {\n throw e;\n }\n }\n const all = rscCookiesAwaited.getAll();\n return all.reduce((acc, entry) => {\n acc[entry.name] = entry.value;\n return acc;\n }, {} as Record<string, string>);\n },\n set: (name: string, value: string, options: SetCookieOptions) => {\n // Whenever the client is on HTTPS, we want to set the Secure flag on the cookie.\n //\n // This is not easy to find out on a Next.js server, so we use the following steps:\n //\n // 1. If we're on the client, we can check window.location.protocol which is the ground-truth\n // 2. Check whether the stack-is-https cookie exists. This cookie is set in various places on\n // the client if the protocol is known to be HTTPS\n // 3. Check the X-Forwarded-Proto header\n // 4. Otherwise, assume HTTP without the S\n //\n // Note that malicious clients could theoretically manipulate the `stack-is-https` cookie or\n // the `X-Forwarded-Proto` header; that wouldn't cause any trouble except for themselves,\n // though.\n const isSecureCookie = determineSecureFromServerContext(rscCookiesAwaited, rscHeadersAwaited);\n\n try {\n rscCookiesAwaited.set(name, value, {\n secure: isSecureCookie,\n maxAge: options.maxAge,\n domain: options.domain,\n });\n } catch (e) {\n handleCookieError(e, options);\n }\n },\n setOrDelete(name: string, value: string | null, options: SetCookieOptions & DeleteCookieOptions = {}) {\n if (value === null) {\n this.delete(name, options);\n } else {\n this.set(name, value, options);\n }\n },\n delete(name: string, options: DeleteCookieOptions = {}) {\n try {\n if (options.domain !== undefined) {\n rscCookiesAwaited.delete({ name, domain: options.domain });\n } else {\n rscCookiesAwaited.delete(name);\n }\n } catch (e) {\n handleCookieError(e, options);\n }\n },\n };\n return cookieHelper;\n}\n\nexport function getCookieClient(name: string): string | null {\n const all = getAllCookiesClient();\n return all[name] ?? null;\n}\n\nexport function getAllCookiesClient(): Record<string, string> {\n ensureClient();\n // set a helper cookie, see comment in `NextCookieHelper.set` above\n Cookies.set(\"stack-is-https\", \"true\", { secure: true });\n return Cookies.get();\n}\n\nexport async function getCookie(name: string): Promise<string | null> {\n const cookieHelper = await createCookieHelper();\n return cookieHelper.get(name);\n}\n\nexport async function isSecure(): Promise<boolean> {\n if (isBrowserLike()) {\n return determineSecureFromClientContext();\n }\n return determineSecureFromServerContext(await rscCookies(), await rscHeaders());\n return false;\n}\n\nfunction determineSecureFromClientContext(): boolean {\n return typeof window !== \"undefined\" && window.location.protocol === \"https:\";\n}\nfunction determineSecureFromServerContext(\n cookies: Awaited<ReturnType<typeof rscCookies>>,\n headers: Awaited<ReturnType<typeof rscHeaders>>,\n): boolean {\n return cookies.has(\"stack-is-https\") || headers.get(\"x-forwarded-proto\") === \"https\";\n}\n\nfunction setCookieClientInternal(name: string, value: string, options: SetCookieOptions = {}) {\n const secure = options.secure ?? determineSecureFromClientContext();\n Cookies.set(name, value, {\n expires: options.maxAge === undefined ? undefined : new Date(Date.now() + (options.maxAge) * 1000),\n domain: options.domain,\n secure,\n });\n}\n\nfunction deleteCookieClientInternal(name: string, options: DeleteCookieOptions = {}) {\n if (options.domain !== undefined) {\n Cookies.remove(name, { domain: options.domain, secure: determineSecureFromClientContext() });\n }\n Cookies.remove(name, { secure: determineSecureFromClientContext() });\n}\n\nexport function setOrDeleteCookieClient(name: string, value: string | null, options: SetCookieOptions & DeleteCookieOptions = {}) {\n ensureClient();\n if (value === null) {\n deleteCookieClientInternal(name, options);\n } else {\n setCookieClientInternal(name, value, options);\n }\n}\n\nexport async function setOrDeleteCookie(name: string, value: string | null, options: SetCookieOptions & DeleteCookieOptions = {}) {\n const cookieHelper = await createCookieHelper();\n cookieHelper.setOrDelete(name, value, options);\n}\n\nexport function deleteCookieClient(name: string, options: DeleteCookieOptions = {}) {\n ensureClient();\n deleteCookieClientInternal(name, options);\n}\n\nexport async function deleteCookie(name: string, options: DeleteCookieOptions = {}) {\n const cookieHelper = await createCookieHelper();\n cookieHelper.delete(name, options);\n}\n\nexport function setCookieClient(name: string, value: string, options: SetCookieOptions = {}) {\n ensureClient();\n setCookieClientInternal(name, value, options);\n}\n\nexport async function setCookie(name: string, value: string, options: SetCookieOptions = {}) {\n const cookieHelper = await createCookieHelper();\n cookieHelper.set(name, value, options);\n}\n\nexport async function saveVerifierAndState() {\n const codeVerifier = generateRandomCodeVerifier();\n const codeChallenge = await calculatePKCECodeChallenge(codeVerifier);\n const state = generateRandomState();\n\n await setCookie(\"stack-oauth-outer-\" + state, codeVerifier, { maxAge: 60 * 60 });\n\n return {\n codeChallenge,\n state,\n };\n}\n\nexport function consumeVerifierAndStateCookie(state: string) {\n ensureClient();\n const cookieName = \"stack-oauth-outer-\" + state;\n const codeVerifier = getCookieClient(cookieName);\n if (!codeVerifier) {\n return null;\n }\n deleteCookieClient(cookieName);\n return {\n codeVerifier,\n };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAIA,gCAA6D;AAC7D,iBAA8B;AAC9B,oBAAoC;AACpC,uBAAoB;AACpB,0BAA4F;AAK5F,SAAS,eAAe;AACtB,MAAI,KAAC,0BAAc,GAAG;AACpB,UAAM,IAAI,MAAM,6FAA6F;AAAA,EAC/G;AACF;AAWA,eAAsB,gCAAuD;AAC3E,WAAS,aAAoB;AAC3B,UAAM,IAAI,kCAAoB,2EAA2E;AAAA,EAC3G;AACA,SAAO;AAAA,IACL,KAAK;AAAA,IACL,QAAQ;AAAA,IACR,KAAK;AAAA,IACL,aAAa;AAAA,IACb,QAAQ;AAAA,EACV;AACF;AAEA,eAAsB,qBAA4C;AAChE,UAAI,0BAAc,GAAG;AACnB,WAAO,0BAA0B;AAAA,EACnC,OAAO;AACL,WAAO;AAAA,MACL,UAAM,0BAAAA,SAAW;AAAA,MACjB,UAAM,0BAAAC,SAAW;AAAA,IACnB;AAAA,EACF;AACF;AAEO,SAAS,4BAA0C;AACxD,SAAO;AAAA,IACL,KAAK;AAAA,IACL,QAAQ;AAAA,IACR,KAAK;AAAA,IACL,aAAa;AAAA,IACb,QAAQ;AAAA,EACV;AACF;AAEA,SAAS,kBAAkB,GAAY,SAAiD;AACtF,MAAI,aAAa,SAAS,EAAE,QAAQ,SAAS,iCAAiC,GAAG;AAC/E,QAAI,QAAQ,uBAAuB;AAAA,IAEnC,OAAO;AACL,YAAM,IAAI,kCAAoB,uQAAuQ;AAAA,IACvS;AAAA,EACF,OAAO;AACL,UAAM;AAAA,EACR;AACF;AAEA,SAAS,uBACP,mBACA,mBACc;AACd,QAAM,eAAe;AAAA,IACnB,KAAK,CAAC,SAAiB;AACrB,YAAM,MAAM,aAAa,OAAO;AAChC,aAAO,IAAI,IAAI,KAAK;AAAA,IACtB;AAAA,IACA,QAAQ,MAAM;AAEZ,UAAI;AACF,0BAAkB,IAAI,kBAAkB,QAAQ,EAAE,QAAQ,KAAK,CAAC;AAAA,MAClE,SAAS,GAAG;AACV,YACE,OAAO,MAAM,YACV,MAAM,QACN,aAAa,KACb,OAAO,EAAE,YAAY,YACrB,EAAE,QAAQ,SAAS,kEAAkE,GACxF;AAAA,QAEF,OAAO;AACL,gBAAM;AAAA,QACR;AAAA,MACF;AACA,YAAM,MAAM,kBAAkB,OAAO;AACrC,aAAO,IAAI,OAAO,CAAC,KAAK,UAAU;AAChC,YAAI,MAAM,IAAI,IAAI,MAAM;AACxB,eAAO;AAAA,MACT,GAAG,CAAC,CAA2B;AAAA,IACjC;AAAA,IACA,KAAK,CAAC,MAAc,OAAe,YAA8B;AAc/D,YAAM,iBAAiB,iCAAiC,mBAAmB,iBAAiB;AAE5F,UAAI;AACF,0BAAkB,IAAI,MAAM,OAAO;AAAA,UACjC,QAAQ;AAAA,UACR,QAAQ,QAAQ;AAAA,UAChB,QAAQ,QAAQ;AAAA,QAClB,CAAC;AAAA,MACH,SAAS,GAAG;AACV,0BAAkB,GAAG,OAAO;AAAA,MAC9B;AAAA,IACF;AAAA,IACA,YAAY,MAAc,OAAsB,UAAkD,CAAC,GAAG;AACpG,UAAI,UAAU,MAAM;AAClB,aAAK,OAAO,MAAM,OAAO;AAAA,MAC3B,OAAO;AACL,aAAK,IAAI,MAAM,OAAO,OAAO;AAAA,MAC/B;AAAA,IACF;AAAA,IACA,OAAO,MAAc,UAA+B,CAAC,GAAG;AACtD,UAAI;AACF,YAAI,QAAQ,WAAW,QAAW;AAChC,4BAAkB,OAAO,EAAE,MAAM,QAAQ,QAAQ,OAAO,CAAC;AAAA,QAC3D,OAAO;AACL,4BAAkB,OAAO,IAAI;AAAA,QAC/B;AAAA,MACF,SAAS,GAAG;AACV,0BAAkB,GAAG,OAAO;AAAA,MAC9B;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEO,SAAS,gBAAgB,MAA6B;AAC3D,QAAM,MAAM,oBAAoB;AAChC,SAAO,IAAI,IAAI,KAAK;AACtB;AAEO,SAAS,sBAA8C;AAC5D,eAAa;AAEb,mBAAAC,QAAQ,IAAI,kBAAkB,QAAQ,EAAE,QAAQ,KAAK,CAAC;AACtD,SAAO,iBAAAA,QAAQ,IAAI;AACrB;AAEA,eAAsB,UAAU,MAAsC;AACpE,QAAM,eAAe,MAAM,mBAAmB;AAC9C,SAAO,aAAa,IAAI,IAAI;AAC9B;AAEA,eAAsB,WAA6B;AACjD,UAAI,0BAAc,GAAG;AACnB,WAAO,iCAAiC;AAAA,EAC1C;AACA,SAAO,iCAAiC,UAAM,0BAAAF,SAAW,GAAG,UAAM,0BAAAC,SAAW,CAAC;AAC9E,SAAO;AACT;AAEA,SAAS,mCAA4C;AACnD,SAAO,OAAO,WAAW,eAAe,OAAO,SAAS,aAAa;AACvE;AACA,SAAS,iCACP,SACA,SACS;AACT,SAAO,QAAQ,IAAI,gBAAgB,KAAK,QAAQ,IAAI,mBAAmB,MAAM;AAC/E;AAEA,SAAS,wBAAwB,MAAc,OAAe,UAA4B,CAAC,GAAG;AAC5F,QAAM,SAAS,QAAQ,UAAU,iCAAiC;AAClE,mBAAAC,QAAQ,IAAI,MAAM,OAAO;AAAA,IACvB,SAAS,QAAQ,WAAW,SAAY,SAAY,IAAI,KAAK,KAAK,IAAI,IAAK,QAAQ,SAAU,GAAI;AAAA,IACjG,QAAQ,QAAQ;AAAA,IAChB;AAAA,EACF,CAAC;AACH;AAEA,SAAS,2BAA2B,MAAc,UAA+B,CAAC,GAAG;AACnF,MAAI,QAAQ,WAAW,QAAW;AAChC,qBAAAA,QAAQ,OAAO,MAAM,EAAE,QAAQ,QAAQ,QAAQ,QAAQ,iCAAiC,EAAE,CAAC;AAAA,EAC7F;AACA,mBAAAA,QAAQ,OAAO,MAAM,EAAE,QAAQ,iCAAiC,EAAE,CAAC;AACrE;AAEO,SAAS,wBAAwB,MAAc,OAAsB,UAAkD,CAAC,GAAG;AAChI,eAAa;AACb,MAAI,UAAU,MAAM;AAClB,+BAA2B,MAAM,OAAO;AAAA,EAC1C,OAAO;AACL,4BAAwB,MAAM,OAAO,OAAO;AAAA,EAC9C;AACF;AAEA,eAAsB,kBAAkB,MAAc,OAAsB,UAAkD,CAAC,GAAG;AAChI,QAAM,eAAe,MAAM,mBAAmB;AAC9C,eAAa,YAAY,MAAM,OAAO,OAAO;AAC/C;AAEO,SAAS,mBAAmB,MAAc,UAA+B,CAAC,GAAG;AAClF,eAAa;AACb,6BAA2B,MAAM,OAAO;AAC1C;AAEA,eAAsB,aAAa,MAAc,UAA+B,CAAC,GAAG;AAClF,QAAM,eAAe,MAAM,mBAAmB;AAC9C,eAAa,OAAO,MAAM,OAAO;AACnC;AAEO,SAAS,gBAAgB,MAAc,OAAe,UAA4B,CAAC,GAAG;AAC3F,eAAa;AACb,0BAAwB,MAAM,OAAO,OAAO;AAC9C;AAEA,eAAsB,UAAU,MAAc,OAAe,UAA4B,CAAC,GAAG;AAC3F,QAAM,eAAe,MAAM,mBAAmB;AAC9C,eAAa,IAAI,MAAM,OAAO,OAAO;AACvC;AAEA,eAAsB,uBAAuB;AAC3C,QAAM,mBAAe,gDAA2B;AAChD,QAAM,gBAAgB,UAAM,gDAA2B,YAAY;AACnE,QAAM,YAAQ,yCAAoB;AAElC,QAAM,UAAU,uBAAuB,OAAO,cAAc,EAAE,QAAQ,KAAK,GAAG,CAAC;AAE/E,SAAO;AAAA,IACL;AAAA,IACA;AAAA,EACF;AACF;AAEO,SAAS,8BAA8B,OAAe;AAC3D,eAAa;AACb,QAAM,aAAa,uBAAuB;AAC1C,QAAM,eAAe,gBAAgB,UAAU;AAC/C,MAAI,CAAC,cAAc;AACjB,WAAO;AAAA,EACT;AACA,qBAAmB,UAAU;AAC7B,SAAO;AAAA,IACL;AAAA,EACF;AACF;","names":["rscCookies","rscHeaders","Cookies"]}
1
+ {"version":3,"sources":["../../src/lib/cookie.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { cookies as rscCookies, headers as rscHeaders } from '@stackframe/stack-sc/force-react-server'; // THIS_LINE_PLATFORM next\nimport { isBrowserLike } from '@stackframe/stack-shared/dist/utils/env';\nimport { StackAssertionError } from '@stackframe/stack-shared/dist/utils/errors';\nimport Cookies from \"js-cookie\";\nimport { calculatePKCECodeChallenge, generateRandomCodeVerifier, generateRandomState } from \"oauth4webapi\";\n\n\n// INFO: This file is used to manage cookies. It also sets some cookie flags automatically, see this description.\n//\n// It provides asynchronous setCookie, getCookie, deleteCookie, etc. functions that can be used in various environments\n// (browser + Next.js for now). Under the hood, they just get a CookieHelper object and then set the cookies there.\n//\n// The CookieHelper object is a simple object that lets you set, get and delete cookies synchronously. Acquiring one\n// is asynchronous (except for browser environments, where they can be acquired synchronously), but once you have it,\n// you can use it synchronously. This function is useful if you cannot await in the calling code, but otherwise you\n// should prefer to await the functions directly.\n//\n// Some cookie flags are set automatically by the CookieHelper (and hence also the <xyz>Cookie functions).\n// In particular:\n// - SameSite is set to `Lax` by default, which is already true in Chromium-based browsers, so this creates\n// compatibility with other browsers that use either Strict or None (particularly Safari and Firefox, and older\n// versions of Chrome). If Partitioned is automatically set (as described below), then this value is set to `None`\n// instead.\n// - Secure is set depending on whether we could successfully determine that the client is on HTTPS. For this, we use a\n// set of heuristics:\n// - In a browser environment, we check window.location.protocol which is always accurate\n// - In a Next.js server environment:\n// - First we check the `stack-is-https` cookie, which is set in various places on the\n// client with a Secure attribute. If that one is passed on to the server, we know that the client is on HTTPS\n// and we can set the Secure flag on the cookie. TODO: Should we also do this with a second cookie with a\n// __Host- prefix, so a malicious subdomain of the current domain cannot forcibly enable HTTPS mode and\n// therefore prevent new cookies from being set?\n// - Otherwise, we check the X-Forwarded-Proto header. If that one is `https`, we know that the client is\n// (pretending to be) on HTTPS and we can set the Secure flag on the cookie. Note that this header is\n// spoofable by malicious clients (so is the cookie actually), but since setting this value can only *increase*\n// security (and therefore prevent setting of a cookie), and requires a malicious client, this is still safe.\n// - If neither of the above is true, we don't set the Secure flag on the cookie.\n// - Partitioned is set depending on whether it is needed & supported. Unfortunately, the fact that Partitioned\n// cookies require SameSite=None, browsers that don't support it will still set them as normal third-party cookies,\n// which are fundamentally unsafe. Therefore, we need to take extra care that we only ever set Partitioned cookies\n// if we know for sure that the browser supports it.\n// - In a browser environment, we check:\n// - Whether `Secure` is set. If it's not, we don't set Partitioned.\n// - Whether we can set & retrieve cookies without Partitioned being set. If this is the case, we are likely in a\n// top-level context or a browser that partitions cookies by default (eg. Firefox). In this case, we don't need\n// Partitioned and can just proceed as normal.\n// - Whether CHIPS is supported. To prevent the case where CHIPS is not supported but third-party cookies are (in\n// which we would accidentally set SameSite=None without Partitioned as the latter requires the former), we\n// check this by running a simple test with document.cookie.\n// - Whether the browser supports Partitioned cookies. If yes, set Partitioned. Otherwise, don't set Partitioned.\n// Since there's no easy cross-compat way to do this (CookieStore and document.cookie do not return whether a\n// cookie is partitioned on some/all versions of Safari and Firefox), we use a heuristic; we run this test by\n// creating two cookies with the same name: One with Partitioned and one without. If there are two resulting\n// cookies, that means they were put into different jars, implying that the browser supports Partitioned cookies\n// (but doesn't partition cookies by default). If they result in just one cookie, that could mean that the\n// browser doesn't support Partitioned cookies, or that the browser doesn't put partitioned cookies into\n// different jars by default, in which case we still don't know. This heuristic works on Chrome, but may\n// incorrectly conclude that some other browsers don't support Partitioned. But from a security perspective,\n// that is better than accidentally setting SameSite=None without Partitioned. TODO: Find a better heuristic to\n// to determine whether the browser supports Partitioned cookies or not.\n// - In a Next.js server environment, right now we do nothing because of the complexity involved :( TODO: In the\n// future, we could improve this for example by setting hint cookies from the client, but we need to make sure that\n// no malicious actor (eg. on a malicious subdomain) can forcefully enable Partitioned cookies on a browser that\n// does not support it.\n\n\ntype SetCookieOptions = { maxAge: number | \"session\", noOpIfServerComponent?: boolean, domain?: string, secure?: boolean };\ntype DeleteCookieOptions = { noOpIfServerComponent?: boolean, domain?: string };\n\nfunction ensureClient() {\n if (!isBrowserLike()) {\n throw new Error(\"cookieClient functions can only be called in a browser environment, yet window is undefined\");\n }\n}\n\nexport type CookieHelper = {\n get: (name: string) => string | null,\n getAll: () => Record<string, string>,\n set: (name: string, value: string, options: SetCookieOptions) => void,\n setOrDelete: (name: string, value: string | null, options: SetCookieOptions & DeleteCookieOptions) => void,\n delete: (name: string, options: DeleteCookieOptions) => void,\n};\n\nconst placeholderCookieHelperIdentity = { \"placeholder cookie helper identity\": true };\nexport async function createPlaceholderCookieHelper(): Promise<CookieHelper> {\n function throwError(): never {\n throw new StackAssertionError(\"Throwing cookie helper is just a placeholder. This should never be called\");\n }\n return {\n get: throwError,\n getAll: throwError,\n set: throwError,\n setOrDelete: throwError,\n delete: throwError,\n };\n}\n\nexport async function createCookieHelper(): Promise<CookieHelper> {\n if (isBrowserLike()) {\n return createBrowserCookieHelper();\n } else {\n return createNextCookieHelper(\n await rscCookies(),\n await rscHeaders(),\n );\n }\n}\n\nexport function createBrowserCookieHelper(): CookieHelper {\n return {\n get: getCookieClient,\n getAll: getAllCookiesClient,\n set: setCookieClient,\n setOrDelete: setOrDeleteCookieClient,\n delete: deleteCookieClient,\n };\n}\n\nfunction handleCookieError(e: unknown, options: DeleteCookieOptions | SetCookieOptions) {\n if (e instanceof Error && e.message.includes(\"Cookies can only be modified in\")) {\n if (options.noOpIfServerComponent) {\n // ignore\n } else {\n throw new StackAssertionError(\"Attempted to set cookie in server component. Pass { noOpIfServerComponent: true } in the options of Stack's cookie functions if this is intentional and you want to ignore this error. Read more: https://nextjs.org/docs/app/api-reference/functions/cookies#options\");\n }\n } else {\n throw e;\n }\n}\n\nfunction createNextCookieHelper(\n rscCookiesAwaited: Awaited<ReturnType<typeof rscCookies>>,\n rscHeadersAwaited: Awaited<ReturnType<typeof rscHeaders>>,\n): CookieHelper {\n const cookieHelper = {\n get: (name: string) => {\n const all = cookieHelper.getAll();\n return all[name] ?? null;\n },\n getAll: () => {\n // set a helper cookie, see comment in `NextCookieHelper.set` below\n try {\n rscCookiesAwaited.set(\"stack-is-https\", \"true\", { secure: true, expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 365) });\n } catch (e) {\n if (\n typeof e === 'object'\n && e !== null\n && 'message' in e\n && typeof e.message === 'string'\n && e.message.includes('Cookies can only be modified in a Server Action or Route Handler')\n ) {\n // ignore\n } else {\n throw e;\n }\n }\n const all = rscCookiesAwaited.getAll();\n return all.reduce((acc, entry) => {\n acc[entry.name] = entry.value;\n return acc;\n }, {} as Record<string, string>);\n },\n set: (name: string, value: string, options: SetCookieOptions) => {\n // Whenever the client is on HTTPS, we want to set the Secure flag on the cookie.\n //\n // This is not easy to find out on a Next.js server, so see the algorithm at the top of this file.\n //\n // Note that malicious clients could theoretically manipulate the `stack-is-https` cookie or\n // the `X-Forwarded-Proto` header; that wouldn't cause any trouble except for themselves,\n // though.\n const isSecureCookie = determineSecureFromServerContext(rscCookiesAwaited, rscHeadersAwaited);\n\n try {\n rscCookiesAwaited.set(name, value, {\n secure: isSecureCookie,\n maxAge: options.maxAge === \"session\" ? undefined : options.maxAge,\n domain: options.domain,\n sameSite: \"lax\",\n });\n } catch (e) {\n handleCookieError(e, options);\n }\n },\n setOrDelete(name: string, value: string | null, options: SetCookieOptions & DeleteCookieOptions) {\n if (value === null) {\n this.delete(name, options);\n } else {\n this.set(name, value, options);\n }\n },\n delete(name: string, options: DeleteCookieOptions) {\n try {\n if (options.domain !== undefined) {\n rscCookiesAwaited.delete({ name, domain: options.domain });\n } else {\n rscCookiesAwaited.delete(name);\n }\n } catch (e) {\n handleCookieError(e, options);\n }\n },\n };\n return cookieHelper;\n}\n\nexport function getCookieClient(name: string): string | null {\n const all = getAllCookiesClient();\n return all[name] ?? null;\n}\n\nexport function getAllCookiesClient(): Record<string, string> {\n ensureClient();\n // set a helper cookie, see comment in `NextCookieHelper.set` above\n Cookies.set(\"stack-is-https\", \"true\", { secure: true, expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 365) });\n return Cookies.get();\n}\n\nexport async function getCookie(name: string): Promise<string | null> {\n const cookieHelper = await createCookieHelper();\n return cookieHelper.get(name);\n}\n\nexport async function isSecure(): Promise<boolean> {\n if (isBrowserLike()) {\n return determineSecureFromClientContext();\n }\n return determineSecureFromServerContext(await rscCookies(), await rscHeaders());\n return false;\n}\n\nfunction determineSecureFromClientContext(): boolean {\n return typeof window !== \"undefined\" && window.location.protocol === \"https:\";\n}\nfunction determineSecureFromServerContext(\n cookies: Awaited<ReturnType<typeof rscCookies>>,\n headers: Awaited<ReturnType<typeof rscHeaders>>,\n): boolean {\n // see the algorithm at the top of this file\n // TODO: We should probably also check that the stack-is-https cookie has a Secure attribute itself,\n // TODO: We should consider adding another cookie __Host-stack-is-https, see the comment in the algorithm at the top of this file\n return cookies.has(\"stack-is-https\") || headers.get(\"x-forwarded-proto\") === \"https\";\n}\n\n\nlet _shouldSetPartitionedClientCache: boolean | undefined = undefined;\nfunction shouldSetPartitionedClient() {\n return _shouldSetPartitionedClientCache ??= _internalShouldSetPartitionedClient();\n}\nfunction _internalShouldSetPartitionedClient() {\n ensureClient();\n\n if (!(determineSecureFromClientContext())) {\n return false;\n }\n\n // check whether we can set & retrieve normal cookies (either because we're on a top-level/same-origin context or the browser partitions cookies by default)\n const cookie1Name = \"__Host-stack-temporary-chips-test-\" + Math.random().toString(36).substring(2, 15);\n document.cookie = `${cookie1Name}=value1; Secure; path=/`;\n const cookies1 = document.cookie.split(\"; \");\n document.cookie = `${cookie1Name}=delete1; Secure; path=/; expires=Thu, 01 Jan 1970 00:00:00 UTC;`;\n if (cookies1.some((c) => c.startsWith(cookie1Name + \"=\"))) {\n return false;\n }\n\n\n // check whether Partitioned cookies are supported by the browser\n // TODO: See comment at the top. Feels like we should find a better way to do this\n const cookie2Name = \"__Host-stack-temporary-chips-test-\" + Math.random().toString(36).substring(2, 15);\n\n // just to be safe, delete the cookie first to avoid weird RNG-prediction attacks\n // I don't know what they look like (since this is a host cookie) but better safe than sorry\n // (this function should be 100% bulletproof so we don't accidentally fall back to non-partitioned third party cookies on unsupported browsers)\n document.cookie = `${cookie2Name}=delete1; Secure; SameSite=None; Partitioned; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;\n document.cookie = `${cookie2Name}=delete2; Secure; SameSite=None; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;\n\n // set the cookie, once partitioned and once not partitioned\n document.cookie = `${cookie2Name}=set1; Secure; SameSite=None; Partitioned; path=/`;\n document.cookie = `${cookie2Name}=set2; Secure; SameSite=None; path=/`;\n\n // check if there are two cookies\n const cookies2 = document.cookie.split(\"; \");\n const numberOfCookiesWithThisName = cookies2.filter((c) => c.startsWith(cookie2Name + \"=\")).length;\n\n // clean up\n document.cookie = `${cookie2Name}=delete3; Secure; SameSite=None; Partitioned; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;\n document.cookie = `${cookie2Name}=delete4; Secure; SameSite=None; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;\n\n return numberOfCookiesWithThisName === 2;\n}\n\nfunction setCookieClientInternal(name: string, value: string, options: SetCookieOptions) {\n const secure = options.secure ?? determineSecureFromClientContext();\n const partitioned = shouldSetPartitionedClient();\n Cookies.set(name, value, {\n expires: options.maxAge === \"session\" ? undefined : new Date(Date.now() + (options.maxAge) * 1000),\n domain: options.domain,\n secure,\n sameSite: \"Lax\",\n ...(partitioned ? {\n partitioned,\n sameSite: \"None\",\n } : {}),\n });\n}\n\nfunction deleteCookieClientInternal(name: string, options: DeleteCookieOptions) {\n for (const partitioned of [true, false]) {\n if (options.domain !== undefined) {\n Cookies.remove(name, { domain: options.domain, secure: determineSecureFromClientContext(), partitioned });\n }\n Cookies.remove(name, { secure: determineSecureFromClientContext(), partitioned });\n }\n}\n\nexport function setOrDeleteCookieClient(name: string, value: string | null, options: SetCookieOptions & DeleteCookieOptions) {\n ensureClient();\n if (value === null) {\n deleteCookieClientInternal(name, options);\n } else {\n setCookieClientInternal(name, value, options);\n }\n}\n\nexport async function setOrDeleteCookie(name: string, value: string | null, options: SetCookieOptions & DeleteCookieOptions) {\n const cookieHelper = await createCookieHelper();\n cookieHelper.setOrDelete(name, value, options);\n}\n\nexport function deleteCookieClient(name: string, options: DeleteCookieOptions) {\n ensureClient();\n deleteCookieClientInternal(name, options);\n}\n\nexport async function deleteCookie(name: string, options: DeleteCookieOptions) {\n const cookieHelper = await createCookieHelper();\n cookieHelper.delete(name, options);\n}\n\nexport function setCookieClient(name: string, value: string, options: SetCookieOptions) {\n ensureClient();\n setCookieClientInternal(name, value, options);\n}\n\nexport async function setCookie(name: string, value: string, options: SetCookieOptions) {\n const cookieHelper = await createCookieHelper();\n cookieHelper.set(name, value, options);\n}\n\nexport async function saveVerifierAndState() {\n const codeVerifier = generateRandomCodeVerifier();\n const codeChallenge = await calculatePKCECodeChallenge(codeVerifier);\n const state = generateRandomState();\n\n await setCookie(\"stack-oauth-outer-\" + state, codeVerifier, { maxAge: 60 * 60 });\n\n return {\n codeChallenge,\n state,\n };\n}\n\nexport function consumeVerifierAndStateCookie(state: string) {\n ensureClient();\n const cookieName = \"stack-oauth-outer-\" + state;\n const codeVerifier = getCookieClient(cookieName);\n if (!codeVerifier) {\n return null;\n }\n deleteCookieClient(cookieName, {});\n return {\n codeVerifier,\n };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAIA,gCAA6D;AAC7D,iBAA8B;AAC9B,oBAAoC;AACpC,uBAAoB;AACpB,0BAA4F;AAiE5F,SAAS,eAAe;AACtB,MAAI,KAAC,0BAAc,GAAG;AACpB,UAAM,IAAI,MAAM,6FAA6F;AAAA,EAC/G;AACF;AAWA,eAAsB,gCAAuD;AAC3E,WAAS,aAAoB;AAC3B,UAAM,IAAI,kCAAoB,2EAA2E;AAAA,EAC3G;AACA,SAAO;AAAA,IACL,KAAK;AAAA,IACL,QAAQ;AAAA,IACR,KAAK;AAAA,IACL,aAAa;AAAA,IACb,QAAQ;AAAA,EACV;AACF;AAEA,eAAsB,qBAA4C;AAChE,UAAI,0BAAc,GAAG;AACnB,WAAO,0BAA0B;AAAA,EACnC,OAAO;AACL,WAAO;AAAA,MACL,UAAM,0BAAAA,SAAW;AAAA,MACjB,UAAM,0BAAAC,SAAW;AAAA,IACnB;AAAA,EACF;AACF;AAEO,SAAS,4BAA0C;AACxD,SAAO;AAAA,IACL,KAAK;AAAA,IACL,QAAQ;AAAA,IACR,KAAK;AAAA,IACL,aAAa;AAAA,IACb,QAAQ;AAAA,EACV;AACF;AAEA,SAAS,kBAAkB,GAAY,SAAiD;AACtF,MAAI,aAAa,SAAS,EAAE,QAAQ,SAAS,iCAAiC,GAAG;AAC/E,QAAI,QAAQ,uBAAuB;AAAA,IAEnC,OAAO;AACL,YAAM,IAAI,kCAAoB,uQAAuQ;AAAA,IACvS;AAAA,EACF,OAAO;AACL,UAAM;AAAA,EACR;AACF;AAEA,SAAS,uBACP,mBACA,mBACc;AACd,QAAM,eAAe;AAAA,IACnB,KAAK,CAAC,SAAiB;AACrB,YAAM,MAAM,aAAa,OAAO;AAChC,aAAO,IAAI,IAAI,KAAK;AAAA,IACtB;AAAA,IACA,QAAQ,MAAM;AAEZ,UAAI;AACF,0BAAkB,IAAI,kBAAkB,QAAQ,EAAE,QAAQ,MAAM,SAAS,IAAI,KAAK,KAAK,IAAI,IAAI,MAAO,KAAK,KAAK,KAAK,GAAG,EAAE,CAAC;AAAA,MAC7H,SAAS,GAAG;AACV,YACE,OAAO,MAAM,YACV,MAAM,QACN,aAAa,KACb,OAAO,EAAE,YAAY,YACrB,EAAE,QAAQ,SAAS,kEAAkE,GACxF;AAAA,QAEF,OAAO;AACL,gBAAM;AAAA,QACR;AAAA,MACF;AACA,YAAM,MAAM,kBAAkB,OAAO;AACrC,aAAO,IAAI,OAAO,CAAC,KAAK,UAAU;AAChC,YAAI,MAAM,IAAI,IAAI,MAAM;AACxB,eAAO;AAAA,MACT,GAAG,CAAC,CAA2B;AAAA,IACjC;AAAA,IACA,KAAK,CAAC,MAAc,OAAe,YAA8B;AAQ/D,YAAM,iBAAiB,iCAAiC,mBAAmB,iBAAiB;AAE5F,UAAI;AACF,0BAAkB,IAAI,MAAM,OAAO;AAAA,UACjC,QAAQ;AAAA,UACR,QAAQ,QAAQ,WAAW,YAAY,SAAY,QAAQ;AAAA,UAC3D,QAAQ,QAAQ;AAAA,UAChB,UAAU;AAAA,QACZ,CAAC;AAAA,MACH,SAAS,GAAG;AACV,0BAAkB,GAAG,OAAO;AAAA,MAC9B;AAAA,IACF;AAAA,IACA,YAAY,MAAc,OAAsB,SAAiD;AAC/F,UAAI,UAAU,MAAM;AAClB,aAAK,OAAO,MAAM,OAAO;AAAA,MAC3B,OAAO;AACL,aAAK,IAAI,MAAM,OAAO,OAAO;AAAA,MAC/B;AAAA,IACF;AAAA,IACA,OAAO,MAAc,SAA8B;AACjD,UAAI;AACF,YAAI,QAAQ,WAAW,QAAW;AAChC,4BAAkB,OAAO,EAAE,MAAM,QAAQ,QAAQ,OAAO,CAAC;AAAA,QAC3D,OAAO;AACL,4BAAkB,OAAO,IAAI;AAAA,QAC/B;AAAA,MACF,SAAS,GAAG;AACV,0BAAkB,GAAG,OAAO;AAAA,MAC9B;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEO,SAAS,gBAAgB,MAA6B;AAC3D,QAAM,MAAM,oBAAoB;AAChC,SAAO,IAAI,IAAI,KAAK;AACtB;AAEO,SAAS,sBAA8C;AAC5D,eAAa;AAEb,mBAAAC,QAAQ,IAAI,kBAAkB,QAAQ,EAAE,QAAQ,MAAM,SAAS,IAAI,KAAK,KAAK,IAAI,IAAI,MAAO,KAAK,KAAK,KAAK,GAAG,EAAE,CAAC;AACjH,SAAO,iBAAAA,QAAQ,IAAI;AACrB;AAEA,eAAsB,UAAU,MAAsC;AACpE,QAAM,eAAe,MAAM,mBAAmB;AAC9C,SAAO,aAAa,IAAI,IAAI;AAC9B;AAEA,eAAsB,WAA6B;AACjD,UAAI,0BAAc,GAAG;AACnB,WAAO,iCAAiC;AAAA,EAC1C;AACA,SAAO,iCAAiC,UAAM,0BAAAF,SAAW,GAAG,UAAM,0BAAAC,SAAW,CAAC;AAC9E,SAAO;AACT;AAEA,SAAS,mCAA4C;AACnD,SAAO,OAAO,WAAW,eAAe,OAAO,SAAS,aAAa;AACvE;AACA,SAAS,iCACP,SACA,SACS;AAIT,SAAO,QAAQ,IAAI,gBAAgB,KAAK,QAAQ,IAAI,mBAAmB,MAAM;AAC/E;AAGA,IAAI,mCAAwD;AAC5D,SAAS,6BAA6B;AACpC,SAAO,qCAAqC,oCAAoC;AAClF;AACA,SAAS,sCAAsC;AAC7C,eAAa;AAEb,MAAI,CAAE,iCAAiC,GAAI;AACzC,WAAO;AAAA,EACT;AAGA,QAAM,cAAc,uCAAuC,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,UAAU,GAAG,EAAE;AACrG,WAAS,SAAS,GAAG,WAAW;AAChC,QAAM,WAAW,SAAS,OAAO,MAAM,IAAI;AAC3C,WAAS,SAAS,GAAG,WAAW;AAChC,MAAI,SAAS,KAAK,CAAC,MAAM,EAAE,WAAW,cAAc,GAAG,CAAC,GAAG;AACzD,WAAO;AAAA,EACT;AAKA,QAAM,cAAc,uCAAuC,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,UAAU,GAAG,EAAE;AAKrG,WAAS,SAAS,GAAG,WAAW;AAChC,WAAS,SAAS,GAAG,WAAW;AAGhC,WAAS,SAAS,GAAG,WAAW;AAChC,WAAS,SAAS,GAAG,WAAW;AAGhC,QAAM,WAAW,SAAS,OAAO,MAAM,IAAI;AAC3C,QAAM,8BAA8B,SAAS,OAAO,CAAC,MAAM,EAAE,WAAW,cAAc,GAAG,CAAC,EAAE;AAG5F,WAAS,SAAS,GAAG,WAAW;AAChC,WAAS,SAAS,GAAG,WAAW;AAEhC,SAAO,gCAAgC;AACzC;AAEA,SAAS,wBAAwB,MAAc,OAAe,SAA2B;AACvF,QAAM,SAAS,QAAQ,UAAU,iCAAiC;AAClE,QAAM,cAAc,2BAA2B;AAC/C,mBAAAC,QAAQ,IAAI,MAAM,OAAO;AAAA,IACvB,SAAS,QAAQ,WAAW,YAAY,SAAY,IAAI,KAAK,KAAK,IAAI,IAAK,QAAQ,SAAU,GAAI;AAAA,IACjG,QAAQ,QAAQ;AAAA,IAChB;AAAA,IACA,UAAU;AAAA,IACV,GAAI,cAAc;AAAA,MAChB;AAAA,MACA,UAAU;AAAA,IACZ,IAAI,CAAC;AAAA,EACP,CAAC;AACH;AAEA,SAAS,2BAA2B,MAAc,SAA8B;AAC9E,aAAW,eAAe,CAAC,MAAM,KAAK,GAAG;AACvC,QAAI,QAAQ,WAAW,QAAW;AAChC,uBAAAA,QAAQ,OAAO,MAAM,EAAE,QAAQ,QAAQ,QAAQ,QAAQ,iCAAiC,GAAG,YAAY,CAAC;AAAA,IAC1G;AACA,qBAAAA,QAAQ,OAAO,MAAM,EAAE,QAAQ,iCAAiC,GAAG,YAAY,CAAC;AAAA,EAClF;AACF;AAEO,SAAS,wBAAwB,MAAc,OAAsB,SAAiD;AAC3H,eAAa;AACb,MAAI,UAAU,MAAM;AAClB,+BAA2B,MAAM,OAAO;AAAA,EAC1C,OAAO;AACL,4BAAwB,MAAM,OAAO,OAAO;AAAA,EAC9C;AACF;AAEA,eAAsB,kBAAkB,MAAc,OAAsB,SAAiD;AAC3H,QAAM,eAAe,MAAM,mBAAmB;AAC9C,eAAa,YAAY,MAAM,OAAO,OAAO;AAC/C;AAEO,SAAS,mBAAmB,MAAc,SAA8B;AAC7E,eAAa;AACb,6BAA2B,MAAM,OAAO;AAC1C;AAEA,eAAsB,aAAa,MAAc,SAA8B;AAC7E,QAAM,eAAe,MAAM,mBAAmB;AAC9C,eAAa,OAAO,MAAM,OAAO;AACnC;AAEO,SAAS,gBAAgB,MAAc,OAAe,SAA2B;AACtF,eAAa;AACb,0BAAwB,MAAM,OAAO,OAAO;AAC9C;AAEA,eAAsB,UAAU,MAAc,OAAe,SAA2B;AACtF,QAAM,eAAe,MAAM,mBAAmB;AAC9C,eAAa,IAAI,MAAM,OAAO,OAAO;AACvC;AAEA,eAAsB,uBAAuB;AAC3C,QAAM,mBAAe,gDAA2B;AAChD,QAAM,gBAAgB,UAAM,gDAA2B,YAAY;AACnE,QAAM,YAAQ,yCAAoB;AAElC,QAAM,UAAU,uBAAuB,OAAO,cAAc,EAAE,QAAQ,KAAK,GAAG,CAAC;AAE/E,SAAO;AAAA,IACL;AAAA,IACA;AAAA,EACF;AACF;AAEO,SAAS,8BAA8B,OAAe;AAC3D,eAAa;AACb,QAAM,aAAa,uBAAuB;AAC1C,QAAM,eAAe,gBAAgB,UAAU;AAC/C,MAAI,CAAC,cAAc;AACjB,WAAO;AAAA,EACT;AACA,qBAAmB,YAAY,CAAC,CAAC;AACjC,SAAO;AAAA,IACL;AAAA,EACF;AACF;","names":["rscCookies","rscHeaders","Cookies"]}
package/dist/lib/stack-app/apps/implementations/admin-app-impl.js CHANGED
@@ -131,7 +131,9 @@ var _StackAdminAppImplIncomplete = class extends import_server_app_impl._StackSe
131
131
  isProductionMode: data.is_production_mode,
132
132
  ownerTeamId: data.owner_team_id,
133
133
  logoUrl: data.logo_url,
134
- fullLogoUrl: data.full_logo_url,
134
+ logoFullUrl: data.logo_full_url,
135
+ logoDarkModeUrl: data.logo_dark_mode_url,
136
+ logoFullDarkModeUrl: data.logo_full_dark_mode_url,
135
137
  config: {
136
138
  signUpEnabled: data.config.sign_up_enabled,
137
139
  credentialEnabled: data.config.credential_enabled,
@@ -523,6 +525,10 @@ var _StackAdminAppImplIncomplete = class extends import_server_app_impl._StackSe
523
525
  }
524
526
  );
525
527
  }
528
+ async refundTransaction(options) {
529
+ await this._interface.refundTransaction({ type: options.type, id: options.id });
530
+ await this._transactionsCache.invalidateWhere(() => true);
531
+ }
526
532
  async listTransactions(params) {
527
533
  const crud = import_results.Result.orThrow(await this._transactionsCache.getOrWait([params.cursor, params.limit, params.type, params.customerType], "write-only"));
528
534
  return crud;