@tern-secure/backend 1.2.0-canary.v20250919134427 → 1.2.0-canary.v20251002175916

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (78) hide show
  1. package/auth/package.json +5 -0
  2. package/dist/admin/index.d.ts +1 -1
  3. package/dist/admin/index.d.ts.map +1 -1
  4. package/dist/admin/index.js +200 -182
  5. package/dist/admin/index.js.map +1 -1
  6. package/dist/admin/index.mjs +23 -489
  7. package/dist/admin/index.mjs.map +1 -1
  8. package/dist/admin/nextSessionTernSecure.d.ts.map +1 -1
  9. package/dist/admin/sessionTernSecure.d.ts +27 -5
  10. package/dist/admin/sessionTernSecure.d.ts.map +1 -1
  11. package/dist/auth/getauth.d.ts +15 -0
  12. package/dist/auth/getauth.d.ts.map +1 -0
  13. package/dist/auth/index.d.ts +2 -0
  14. package/dist/auth/index.d.ts.map +1 -0
  15. package/dist/auth/index.js +694 -0
  16. package/dist/auth/index.js.map +1 -0
  17. package/dist/auth/index.mjs +53 -0
  18. package/dist/auth/index.mjs.map +1 -0
  19. package/dist/{chunk-ZIO4EKS5.mjs → chunk-4SGWLAJG.mjs} +8 -31
  20. package/dist/chunk-4SGWLAJG.mjs.map +1 -0
  21. package/dist/chunk-NEPV6OWI.mjs +550 -0
  22. package/dist/chunk-NEPV6OWI.mjs.map +1 -0
  23. package/dist/chunk-YKIA5EBF.mjs +142 -0
  24. package/dist/chunk-YKIA5EBF.mjs.map +1 -0
  25. package/dist/constants.d.ts +4 -5
  26. package/dist/constants.d.ts.map +1 -1
  27. package/dist/fireRestApi/createFireApi.d.ts +12 -0
  28. package/dist/fireRestApi/createFireApi.d.ts.map +1 -0
  29. package/dist/fireRestApi/emulator.d.ts +4 -0
  30. package/dist/fireRestApi/emulator.d.ts.map +1 -0
  31. package/dist/fireRestApi/endpointUrl.d.ts +6 -0
  32. package/dist/fireRestApi/endpointUrl.d.ts.map +1 -0
  33. package/dist/fireRestApi/endpoints/AbstractApi.d.ts +7 -0
  34. package/dist/fireRestApi/endpoints/AbstractApi.d.ts.map +1 -0
  35. package/dist/fireRestApi/endpoints/EmailApi.d.ts +14 -0
  36. package/dist/fireRestApi/endpoints/EmailApi.d.ts.map +1 -0
  37. package/dist/fireRestApi/endpoints/PasswordApi.d.ts +20 -0
  38. package/dist/fireRestApi/endpoints/PasswordApi.d.ts.map +1 -0
  39. package/dist/fireRestApi/endpoints/SignInTokenApi.d.ts +11 -0
  40. package/dist/fireRestApi/endpoints/SignInTokenApi.d.ts.map +1 -0
  41. package/dist/fireRestApi/endpoints/SignUpApi.d.ts +11 -0
  42. package/dist/fireRestApi/endpoints/SignUpApi.d.ts.map +1 -0
  43. package/dist/fireRestApi/endpoints/TokenApi.d.ts +21 -0
  44. package/dist/fireRestApi/endpoints/TokenApi.d.ts.map +1 -0
  45. package/dist/fireRestApi/endpoints/index.d.ts +6 -0
  46. package/dist/fireRestApi/endpoints/index.d.ts.map +1 -0
  47. package/dist/fireRestApi/index.d.ts +2 -0
  48. package/dist/fireRestApi/index.d.ts.map +1 -0
  49. package/dist/fireRestApi/request.d.ts +34 -0
  50. package/dist/fireRestApi/request.d.ts.map +1 -0
  51. package/dist/fireRestApi/resources/JSON.d.ts +50 -0
  52. package/dist/fireRestApi/resources/JSON.d.ts.map +1 -0
  53. package/dist/fireRestApi/resources/Token.d.ts +13 -0
  54. package/dist/fireRestApi/resources/Token.d.ts.map +1 -0
  55. package/dist/index.d.ts +1 -1
  56. package/dist/index.d.ts.map +1 -1
  57. package/dist/index.js +271 -75
  58. package/dist/index.js.map +1 -1
  59. package/dist/index.mjs +257 -179
  60. package/dist/index.mjs.map +1 -1
  61. package/dist/instance/backendFireInstance.d.ts +4 -4
  62. package/dist/instance/backendFireInstance.d.ts.map +1 -1
  63. package/dist/instance/backendInstanceEdge.d.ts +2 -2
  64. package/dist/instance/backendInstanceEdge.d.ts.map +1 -1
  65. package/dist/tokens/authstate.d.ts +1 -1
  66. package/dist/tokens/authstate.d.ts.map +1 -1
  67. package/dist/tokens/keys.d.ts.map +1 -1
  68. package/dist/tokens/request.d.ts +3 -3
  69. package/dist/tokens/request.d.ts.map +1 -1
  70. package/dist/tokens/requestFire.d.ts.map +1 -1
  71. package/dist/tokens/types.d.ts +5 -2
  72. package/dist/tokens/types.d.ts.map +1 -1
  73. package/dist/utils/options.d.ts +1 -1
  74. package/dist/utils/options.d.ts.map +1 -1
  75. package/package.json +14 -3
  76. package/dist/admin/gemini.sessionTernSecure.d.ts +0 -8
  77. package/dist/admin/gemini.sessionTernSecure.d.ts.map +0 -1
  78. package/dist/chunk-ZIO4EKS5.mjs.map +0 -1
package/dist/index.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/tokens/authstate.ts","../src/api/endpoints/SessionApi.ts","../src/runtime.ts","../src/utils/path.ts","../src/api/request.ts","../src/api/createBackendApi.ts","../src/utils/options.ts","../src/tokens/keys.ts","../src/tokens/verify.ts","../src/tokens/request.ts","../src/instance/backendInstanceEdge.ts","../src/tokens/requestFire.ts","../src/instance/backendFireInstance.ts","../src/utils/logger.ts","../src/utils/enableDebugLogging.ts","../src/adapters/PostgresAdapter.ts","../src/adapters/RedisAdapter.ts","../src/adapters/index.ts"],"sourcesContent":["import type { CheckAuthorizationFromSessionClaims, DecodedIdToken } from '@tern-secure/types';\nimport type { JWTPayload } from 'jose';\n\nimport { constants } from '../constants';\nimport type { TokenVerificationErrorReason } from '../utils/errors';\nimport { mapJwtPayloadToDecodedIdToken } from '../utils/mapDecode';\nimport type { TernSecureRequest } from './ternSecureRequest';\n\nexport const AuthStatus = {\n SignedIn: 'signed-in',\n SignedOut: 'signed-out',\n} as const;\n\nexport type AuthStatus = (typeof AuthStatus)[keyof typeof AuthStatus];\n\nexport const AuthErrorReason = {\n SessionTokenAndUATMissing: 'session-token-and-uat-missing',\n SessionTokenMissing: 'session-token-missing',\n SessionTokenExpired: 'session-token-expired',\n SessionTokenIATBeforeClientUAT: 'session-token-iat-before-client-uat',\n SessionTokenNBF: 'session-token-nbf',\n SessionTokenIatInTheFuture: 'session-token-iat-in-the-future',\n ActiveOrganizationMismatch: 'active-organization-mismatch',\n UnexpectedError: 'unexpected-error',\n} as const;\n\nexport type AuthErrorReason = (typeof AuthErrorReason)[keyof typeof AuthErrorReason];\n\nexport type AuthReason = AuthErrorReason | TokenVerificationErrorReason;\n\nexport type SignedInAuthObject = {\n sessionClaims: DecodedIdToken;\n userId: string;\n token: string;\n require: CheckAuthorizationFromSessionClaims;\n error: string | null;\n};\n\nexport type SignedOutAuthObject = {\n sessionClaims: null;\n userId: null;\n require: CheckAuthorizationFromSessionClaims;\n error: string | null;\n};\n\nexport type SignedInState = {\n status: typeof AuthStatus.SignedIn;\n reason: null;\n isSignedIn: true;\n auth: () => SignedInAuthObject;\n token: string;\n headers: Headers;\n};\n\nexport type SignedOutState = {\n status: typeof AuthStatus.SignedOut;\n reason: string;\n isSignedIn: false;\n auth: () => SignedOutAuthObject;\n token: null;\n headers: Headers;\n};\n\nexport type RequestState = SignedInState | SignedOutState;\n\nexport interface BackendInstance {\n ternSecureRequest: TernSecureRequest;\n requestState: RequestState;\n}\n\nexport type AuthObject = SignedInAuthObject | SignedOutAuthObject;\n\nfunction createHasAuthorization(\n decodedIdToken: DecodedIdToken,\n): CheckAuthorizationFromSessionClaims {\n return (authorizationParams: any) => {\n if (\n !authorizationParams ||\n typeof authorizationParams !== 'object' ||\n Array.isArray(authorizationParams)\n ) {\n return false;\n }\n const claims = decodedIdToken as Record<string, any>;\n\n return Object.entries(authorizationParams).every(([key, value]) => {\n const claimValue = claims[key];\n if (typeof claimValue === 'undefined') {\n return false;\n }\n if (Array.isArray(value)) {\n if (Array.isArray(claimValue)) {\n return value.some(v => claimValue.includes(v));\n }\n return value.includes(claimValue);\n }\n\n if (Array.isArray(claimValue)) {\n return claimValue.includes(value);\n }\n return claimValue === value;\n });\n };\n}\n\nexport function signedInAuthObject(\n sessionToken: string,\n sessionClaims: JWTPayload,\n): SignedInAuthObject {\n const decodedIdToken = mapJwtPayloadToDecodedIdToken(sessionClaims);\n return {\n sessionClaims: {\n ...decodedIdToken,\n },\n userId: decodedIdToken.uid,\n token: sessionToken,\n require: createHasAuthorization(decodedIdToken),\n error: null,\n };\n}\n\nexport function signedOutAuthObject(): SignedOutAuthObject {\n return {\n sessionClaims: null,\n userId: null,\n require: () => false,\n error: 'No active session',\n };\n}\n\nexport function signedIn(\n sessionClaims: JWTPayload,\n headers: Headers = new Headers(),\n token: string,\n): SignedInState {\n const authObject = signedInAuthObject(token, sessionClaims);\n return {\n status: AuthStatus.SignedIn,\n reason: null,\n isSignedIn: true,\n auth: () => authObject,\n token,\n headers,\n };\n}\n\nexport function signedOut(reason: AuthReason, headers: Headers = new Headers()): SignedOutState {\n return decorateHeaders({\n status: AuthStatus.SignedOut,\n reason,\n isSignedIn: false,\n auth: () => signedOutAuthObject(),\n token: null,\n headers,\n });\n}\n\nconst decorateHeaders = <T extends RequestState>(requestState: T): T => {\n const headers = new Headers(requestState.headers || {});\n if (requestState.reason) {\n try {\n headers.set(constants.Headers.AuthReason, requestState.reason);\n } catch {\n // Ignore errors\n }\n }\n\n if (requestState.status) {\n try {\n headers.set(constants.Headers.AuthStatus, requestState.status);\n } catch {\n // Ignore errors\n }\n }\n requestState.headers = headers;\n return requestState;\n};\n","import type { RequestFunction } from \"../request\";\n\nconst rootPath = \"/sessions\";\n\ntype CreateSessionParams = {\n idToken: string;\n csrfToken: string;\n};\n\nexport class SessionApi {\n constructor(protected request: RequestFunction) {}\n\n public async createSession(params: CreateSessionParams) {\n return this.request({\n method: \"POST\",\n path: rootPath,\n bodyParams: params,\n });\n }\n}\n","/**\n * This file exports APIs that vary across runtimes (i.e. Node & Browser - V8 isolates)\n * as a singleton object.\n *\n * Runtime polyfills are written in VanillaJS for now to avoid TS complication. Moreover,\n * due to this issue https://github.com/microsoft/TypeScript/issues/44848, there is not a good way\n * to tell Typescript which conditional import to use during build type.\n *\n * The Runtime type definition ensures type safety for now.\n * Runtime js modules are copied into dist folder with bash script.\n *\n * TODO: Support TS runtime modules\n */\n\n// @ts-ignore - These are package subpaths\nimport { webcrypto as crypto } from '#crypto';\n\ntype Runtime = {\n crypto: Crypto;\n fetch: typeof globalThis.fetch;\n AbortController: typeof globalThis.AbortController;\n Blob: typeof globalThis.Blob;\n FormData: typeof globalThis.FormData;\n Headers: typeof globalThis.Headers;\n Request: typeof globalThis.Request;\n Response: typeof globalThis.Response;\n};\n\n// Invoking the global.fetch without binding it first to the globalObject fails in\n// Cloudflare Workers with an \"Illegal Invocation\" error.\n//\n// The globalThis object is supported for Node >= 12.0.\n//\n// https://github.com/supabase/supabase/issues/4417\nconst globalFetch = fetch.bind(globalThis);\n\nexport const runtime: Runtime = {\n crypto,\n get fetch() {\n // We need to use the globalFetch for Cloudflare Workers but the fetch for testing\n return process.env.NODE_ENV === 'test' ? fetch : globalFetch;\n },\n AbortController: globalThis.AbortController,\n Blob: globalThis.Blob,\n FormData: globalThis.FormData,\n Headers: globalThis.Headers,\n Request: globalThis.Request,\n Response: globalThis.Response,\n};\n","const SEPARATOR = '/';\nconst MULTIPLE_SEPARATOR_REGEX = new RegExp('(?<!:)' + SEPARATOR + '{1,}', 'g');\n\ntype PathString = string | null | undefined;\n\nexport function joinPaths(...args: PathString[]): string {\n return args\n .filter(p => p)\n .join(SEPARATOR)\n .replace(MULTIPLE_SEPARATOR_REGEX, SEPARATOR);\n}\n","import type {\n TernSecureAPIError,\n TernSecureApiErrorJSON,\n} from \"@tern-secure/types\";\n\nimport { constants } from \"../constants\";\nimport { runtime } from \"../runtime\";\nimport { joinPaths } from \"../utils/path\";\n\nexport type HTTPMethod = \"DELETE\" | \"GET\" | \"PATCH\" | \"POST\" | \"PUT\";\nexport type BackendApiRequestOptions = {\n method?: HTTPMethod;\n queryParams?: Record<string, unknown>;\n headerParams?: Record<string, string>;\n bodyParams?: Record<string, unknown>;\n formData?: FormData;\n} & ({ url: string; path?: string } | { url?: string; path: string });\n\nexport type BackendApiResponse<T> =\n | {\n data: T;\n errors: null;\n totalCount?: number;\n }\n | {\n data: null;\n errors: TernSecureAPIError[];\n totalCount?: never;\n status?: number;\n statusText?: string;\n retryAfter?: number;\n };\n\nexport type RequestFunction = ReturnType<typeof createRequest>;\n\ntype CreateRequestOptions = {\n apiUrl?: string;\n apiVersion?: string;\n};\n\nexport function createRequest(options: CreateRequestOptions) {\n const requestFn = async <T>(\n requestOptions: BackendApiRequestOptions\n ): Promise<BackendApiResponse<T>> => {\n const { apiUrl, apiVersion } = options;\n const { path, method, queryParams, headerParams, bodyParams, formData } =\n requestOptions;\n\n const url = joinPaths(apiUrl, apiVersion, path);\n const finalUrl = new URL(url);\n\n if (queryParams) {\n Object.entries(queryParams).forEach(([key, value]) => {\n if (value) {\n [value].flat().forEach(v => finalUrl.searchParams.append(key, v as string));\n }\n });\n }\n\n const headers: Record<string, any> = {\n ...headerParams,\n };\n let res: Response | undefined;\n\n try {\n if (formData) {\n res = await runtime.fetch(finalUrl.href, {\n method,\n headers,\n body: formData,\n });\n } else {\n headers[\"Content-Type\"] = \"application/json\";\n const hasBody =\n method !== \"GET\" && bodyParams && Object.keys(bodyParams).length > 0;\n const body = hasBody ? { body: JSON.stringify(bodyParams) } : null;\n\n res = await runtime.fetch(finalUrl.href, {\n method,\n headers,\n ...body,\n });\n }\n\n const isJSONResponse =\n res?.headers &&\n res.headers?.get(constants.Headers.ContentType) ===\n constants.ContentTypes.Json;\n const responseBody = await (isJSONResponse ? res.json() : res.text());\n\n if (!res.ok) {\n return {\n data: null,\n errors: parseErrors(responseBody),\n status: res?.status,\n statusText: res?.statusText,\n };\n }\n\n return {\n data: responseBody,\n errors: null,\n };\n } catch (error) {\n if (error instanceof Error) {\n return {\n data: null,\n errors: [\n {\n code: \"unexpected_error\",\n message: error.message || \"An unexpected error occurred\",\n },\n ],\n };\n }\n\n return {\n data: null,\n errors: parseErrors(error),\n status: res?.status,\n statusText: res?.statusText,\n };\n }\n };\n return requestFn;\n}\n\nfunction parseErrors(data: unknown): TernSecureAPIError[] {\n if (!!data && typeof data === \"object\" && \"errors\" in data) {\n const errors = data.errors as TernSecureApiErrorJSON[];\n return errors.length > 0 ? errors.map(parseError) : [];\n }\n return [];\n}\n\nexport function parseError(error: TernSecureApiErrorJSON): TernSecureAPIError {\n return {\n code: error.code,\n message: error.message,\n };\n}\n","import { SessionApi } from \"./endpoints\";\nimport { createRequest } from './request'\n\nexport type CreateBackendApiOptions = Parameters<typeof createRequest>[0];\nexport type ApiClient = ReturnType<typeof createBackendApi>;\n\nexport function createBackendApi(options: CreateBackendApiOptions) {\n const request = createRequest(options);\n return {\n sessions: new SessionApi(request),\n };\n}","import type {RequestOptions } from \"../tokens/types\";\n\nexport type RuntimeOptions = Omit<RequestOptions, \"apiUrl\">;\n\nexport type buildTimeOptions = Partial<Pick<RequestOptions, \"apiUrl\" | \"apiVersion\">>;\n\nconst defaultOptions: buildTimeOptions = {\n apiUrl: undefined,\n apiVersion: undefined,\n};\n\nexport function mergePreDefinedOptions(\n userOptions: buildTimeOptions = {}\n): buildTimeOptions {\n return {\n ...defaultOptions,\n ...userOptions,\n };\n}","import { type RemoteJWKSetOptions } from 'jose';\n\nimport {\n CACHE_CONTROL_REGEX,\n DEFAULT_CACHE_DURATION,\n MAX_CACHE_LAST_UPDATED_AT_SECONDS,\n SESSION_COOKIE_PUBLIC_KEYS_URL,\n} from '../constants';\nimport { TokenVerificationError, TokenVerificationErrorReason } from '../utils/errors';\n\nexport type PublicKeys = { [key: string]: string };\n\ninterface PublicKeysResponse {\n keys: PublicKeys;\n expiresAt: number;\n}\n\nexport type LoadJWKFromRemoteOptions = RemoteJWKSetOptions & {\n kid: string;\n keyURL?: string;\n skipJwksCache?: boolean;\n};\n\ntype CertificateCache = Record<string, string>;\n\nlet cache: CertificateCache = {};\nlet lastUpdatedAt = 0;\nlet googleExpiresAt = 0;\n\nfunction getFromCache(kid: string) {\n return cache[kid];\n}\n\nfunction getCacheValues() {\n return Object.values(cache);\n}\n\nfunction setInCache(kid: string, certificate: string, shouldExpire = true) {\n cache[kid] = certificate;\n lastUpdatedAt = shouldExpire ? Date.now() : -1;\n}\n\nasync function fetchPublicKeys(keyUrl: string): Promise<PublicKeysResponse> {\n const url = new URL(keyUrl);\n const response = await fetch(url);\n if (!response.ok) {\n throw new TokenVerificationError({\n message: `Error loading public keys from ${url.href} with code=${response.status} `,\n reason: TokenVerificationErrorReason.TokenInvalid,\n });\n }\n\n const data = await response.json();\n const expiresAt = getExpiresAt(response);\n\n return {\n keys: data,\n expiresAt,\n };\n}\n\nexport async function loadJWKFromRemote({\n keyURL = SESSION_COOKIE_PUBLIC_KEYS_URL,\n skipJwksCache,\n kid,\n}: LoadJWKFromRemoteOptions): Promise<string> {\n if (skipJwksCache || isCacheExpired() || !getFromCache(kid)) {\n const { keys, expiresAt } = await fetchPublicKeys(keyURL);\n\n if (!keys || Object.keys(keys).length === 0) {\n throw new TokenVerificationError({\n message: `The JWKS endpoint ${keyURL} returned no keys`,\n reason: TokenVerificationErrorReason.RemoteJWKFailedToLoad,\n });\n }\n googleExpiresAt = expiresAt;\n\n Object.entries(keys).forEach(([keyId, cert]) => {\n setInCache(keyId, cert);\n });\n }\n const cert = getFromCache(kid);\n if (!cert) {\n getCacheValues();\n const availableKids = Object.keys(cache).sort().join(', ');\n\n throw new TokenVerificationError({\n message: `No public key found for kid \"${kid}\". Available kids: [${availableKids}]`,\n reason: TokenVerificationErrorReason.TokenInvalid,\n });\n }\n return cert;\n}\n\nfunction isCacheExpired() {\n const now = Date.now();\n if (lastUpdatedAt === -1) {\n return false;\n }\n\n const cacheAge = now - lastUpdatedAt;\n const maxCacheAge = MAX_CACHE_LAST_UPDATED_AT_SECONDS * 1000;\n const localCacheExpired = cacheAge >= maxCacheAge;\n const googleCacheExpired = now >= googleExpiresAt;\n\n const isExpired = localCacheExpired || googleCacheExpired;\n\n if (isExpired) {\n cache = {};\n }\n\n return isExpired;\n}\n\nfunction getExpiresAt(res: Response) {\n const cacheControlHeader = res.headers.get('cache-control');\n if (!cacheControlHeader) {\n return Date.now() + DEFAULT_CACHE_DURATION;\n }\n const maxAgeMatch = cacheControlHeader.match(CACHE_CONTROL_REGEX);\n const maxAge = maxAgeMatch ? parseInt(maxAgeMatch[1], 10) : DEFAULT_CACHE_DURATION / 1000;\n\n return Date.now() + maxAge * 1000;\n}\n\nexport const getCacheStats = () => ({\n localExpiry: lastUpdatedAt + MAX_CACHE_LAST_UPDATED_AT_SECONDS * 1000,\n googleExpiry: googleExpiresAt,\n cacheCount: Object.keys(cache).length,\n});\n","import type { DecodedIdToken, TernSecureConfig } from '@tern-secure/types';\n\nimport type { JwtReturnType } from '../jwt/types';\nimport { ternDecodeJwt, verifyJwt, type VerifyJwtOptions } from '../jwt/verifyJwt';\nimport { TokenVerificationError, TokenVerificationErrorReason } from '../utils/errors';\nimport type { LoadJWKFromRemoteOptions } from './keys';\nimport { loadJWKFromRemote } from './keys';\n\nexport type VerifyTokenVOptions = Omit<VerifyJwtOptions, 'key'> & Omit<LoadJWKFromRemoteOptions, 'kid'> & {\n jwtKey?: string;\n};\n\nexport { TernSecureConfig };\n\nexport async function verifyToken(\n token: string,\n options: VerifyTokenVOptions,\n): Promise<JwtReturnType<DecodedIdToken, TokenVerificationError>> {\n const { data: decodedResult, errors } = ternDecodeJwt(token);\n\n if (errors) {\n return { errors };\n }\n\n const { header } = decodedResult;\n const { kid } = header;\n\n if (!kid) {\n return {\n errors: [\n new TokenVerificationError({\n reason: TokenVerificationErrorReason.TokenInvalid,\n message: 'JWT \"kid\" header is missing.',\n }),\n ],\n };\n }\n\n try {\n const key = options.jwtKey || (await loadJWKFromRemote({ ...options, kid }));\n\n if (!key) {\n return {\n errors: [\n new TokenVerificationError({\n reason: TokenVerificationErrorReason.TokenInvalid,\n message: `No public key found for kid \"${kid}\".`,\n }),\n ],\n };\n }\n return await verifyJwt(token, { ...options, key });\n } catch (error) {\n if (error instanceof TokenVerificationError) {\n return { errors: [error] };\n }\n return {\n errors: [error as TokenVerificationError],\n };\n }\n}\n","import type { ApiClient } from '../api';\nimport {\n type buildTimeOptions,\n mergePreDefinedOptions,\n type RuntimeOptions,\n} from '../utils/options';\nimport type { RequestState } from './authstate';\nimport { AuthErrorReason, signedIn, signedOut } from './authstate';\nimport { getSessionConfig } from './sessionConfig';\nimport type { RequestOptions } from './types';\nimport { verifyToken } from './verify';\n\nconst BEARER_PREFIX = 'Bearer ';\nconst AUTH_COOKIE_NAME = '_session_cookie';\n\nfunction extractTokenFromHeader(request: Request): string | null {\n const authHeader = request.headers.get('Authorization');\n\n if (!authHeader || !authHeader.startsWith(BEARER_PREFIX)) {\n return null;\n }\n\n return authHeader.slice(BEARER_PREFIX.length);\n}\n\nfunction extractTokenFromCookie(request: Request, opts: RequestOptions): string | null {\n const cookieHeader = request.headers.get('Cookie') || undefined;\n const sessionName = getSessionConfig(opts).COOKIE_NAME;\n\n if (!cookieHeader) {\n return null;\n }\n\n const cookies = cookieHeader.split(';').reduce(\n (acc, cookie) => {\n const [name, value] = cookie.trim().split('=');\n acc[name] = value;\n return acc;\n },\n {} as Record<string, string>,\n );\n\n return cookies[AUTH_COOKIE_NAME] || null;\n}\n\nfunction hasAuthorizationHeader(request: Request): boolean {\n return request.headers.has('Authorization');\n}\n\nexport async function authenticateRequest(\n request: Request,\n options: RequestOptions,\n): Promise<RequestState> {\n async function authenticateRequestWithTokenInCookie() {\n const token = extractTokenFromCookie(request, options);\n if (!token) {\n return signedOut(AuthErrorReason.SessionTokenMissing);\n }\n const { data, errors } = await verifyToken(token, options);\n\n if (errors) {\n throw errors[0];\n }\n\n const signedInRequestState = signedIn(data, undefined, token);\n return signedInRequestState;\n }\n\n async function authenticateRequestWithTokenInHeader() {\n const token = extractTokenFromHeader(request);\n if (!token) {\n return signedOut(AuthErrorReason.SessionTokenMissing);\n }\n\n const { data, errors } = await verifyToken(token, options);\n\n if (errors) {\n throw errors[0];\n }\n\n const signedInRequestState = signedIn(data, undefined, token);\n return signedInRequestState;\n }\n\n if (hasAuthorizationHeader(request)) {\n return authenticateRequestWithTokenInHeader();\n }\n\n return authenticateRequestWithTokenInCookie();\n}\n\n/**\n * @internal\n */\nexport type CreateAuthenticateRequestOptions = {\n options: buildTimeOptions;\n apiClient: ApiClient;\n};\n\nexport function createAuthenticateRequest(params: CreateAuthenticateRequestOptions) {\n const buildTimeOptions = mergePreDefinedOptions(params.options);\n const apiClient = params.apiClient;\n\n const handleAuthenticateRequest = (request: Request, options: RuntimeOptions = {}) => {\n const { apiUrl } = buildTimeOptions;\n return authenticateRequest(request, { ...options, apiUrl, apiClient });\n };\n\n return {\n authenticateRequest: handleAuthenticateRequest,\n };\n}\n","import type { ApiClient,CreateBackendApiOptions} from \"../api\";\r\nimport { createBackendApi } from \"../api\";\r\nimport type { RequestState } from \"../tokens/authstate\";\r\nimport type { CreateAuthenticateRequestOptions } from \"../tokens/request\";\r\nimport { createAuthenticateRequest } from \"../tokens/request\";\r\nimport type {\r\n TernSecureRequest,\r\n} from \"../tokens/ternSecureRequest\";\r\n\r\nexport type TernSecureBackendOptions = CreateBackendApiOptions & CreateAuthenticateRequestOptions['options']\r\n\r\nexport type TernSecureBackendClient = ApiClient & ReturnType<typeof createAuthenticateRequest>;\r\n\r\nexport interface BackendInstance {\r\n ternSecureRequest: TernSecureRequest;\r\n requestState: RequestState;\r\n}\r\n\r\nexport function createBackendInstanceClient(options: TernSecureBackendOptions): TernSecureBackendClient {\r\n const opts = { ...options };\r\n const apiClient = createBackendApi(opts);\r\n const requestState = createAuthenticateRequest({options: opts, apiClient});\r\n\r\n return {\r\n ...apiClient,\r\n ...requestState,\r\n };\r\n}\r\n","import type { RequestState } from './authstate';\nimport { AuthErrorReason, signedIn, signedOut } from './authstate';\nimport { getSessionConfig } from './sessionConfig';\nimport type { AuthenticateFireRequestOptions, RequestOptions } from './types';\nimport { verifyToken } from './verify';\n\ntype RuntimeOptions = Omit<AuthenticateFireRequestOptions, 'firebaseConfig'>;\n\ntype FirebaseOptions = Partial<Pick<AuthenticateFireRequestOptions, 'firebaseConfig'>>;\n\nconst defaultFirebaseOptions = {\n apiKey: '',\n authDomain: '',\n projectId: '',\n tenantId: undefined,\n} as FirebaseOptions;\n\nexport function mergePreDefinedOptions<T extends Record<string, any>>(\n preDefinedOptions: T,\n options: Partial<T>,\n): T {\n return Object.keys(preDefinedOptions).reduce(\n (obj: T, key: string) => {\n return { ...obj, [key]: options[key] || obj[key] };\n },\n { ...preDefinedOptions },\n );\n}\n\nconst BEARER_PREFIX = 'Bearer ';\nconst AUTH_COOKIE_NAME = '_session_cookie';\n\nfunction extractTokenFromHeader(request: Request): string | null {\n const authHeader = request.headers.get('Authorization');\n\n if (!authHeader || !authHeader.startsWith(BEARER_PREFIX)) {\n return null;\n }\n\n return authHeader.slice(BEARER_PREFIX.length);\n}\n\nfunction extractTokenFromCookie(request: Request, opts: RequestOptions): string | null {\n const cookieHeader = request.headers.get('Cookie') || undefined;\n const sessionName = getSessionConfig(opts).COOKIE_NAME;\n\n if (!cookieHeader) {\n return null;\n }\n\n const cookies = cookieHeader.split(';').reduce(\n (acc, cookie) => {\n const [name, value] = cookie.trim().split('=');\n acc[name] = value;\n return acc;\n },\n {} as Record<string, string>,\n );\n\n return cookies[AUTH_COOKIE_NAME] || null;\n}\n\nfunction hasAuthorizationHeader(request: Request): boolean {\n return request.headers.has('Authorization');\n}\n\nexport async function authenticateRequest(\n request: Request,\n options: AuthenticateFireRequestOptions,\n): Promise<RequestState> {\n async function authenticateRequestWithTokenInCookie() {\n const token = extractTokenFromCookie(request, options);\n if (!token) {\n return signedOut(AuthErrorReason.SessionTokenMissing);\n }\n const { data, errors } = await verifyToken(token, options);\n\n if (errors) {\n throw errors[0];\n }\n\n const signedInRequestState = signedIn(data, undefined, token);\n return signedInRequestState;\n }\n\n async function authenticateRequestWithTokenInHeader() {\n const token = extractTokenFromHeader(request);\n if (!token) {\n return signedOut(AuthErrorReason.SessionTokenMissing);\n }\n\n const { data, errors } = await verifyToken(token, options);\n\n if (errors) {\n throw errors[0];\n }\n\n const signedInRequestState = signedIn(data, undefined, token);\n return signedInRequestState;\n }\n\n if (hasAuthorizationHeader(request)) {\n return authenticateRequestWithTokenInHeader();\n }\n\n return authenticateRequestWithTokenInCookie();\n}\n\n/**\n * @internal\n */\nexport type CreateFireAuthenticateRequestOptions = {\n options: FirebaseOptions;\n};\n\nexport function createFireAuthenticateRequest(params: CreateFireAuthenticateRequestOptions) {\n const buildTimeOptions = mergePreDefinedOptions(defaultFirebaseOptions, params.options);\n\n const handleAuthenticateRequest = (request: Request, options: RuntimeOptions = {}) => {\n const runtimeOptions = { ...buildTimeOptions, ...options };\n return authenticateRequest(request, runtimeOptions);\n };\n\n return {\n authenticateRequest: handleAuthenticateRequest,\n };\n}\n","\nimport type { ApiClient,CreateBackendApiOptions} from \"../api\";\nimport { createBackendApi } from \"../api\";\nimport type { CreateFireAuthenticateRequestOptions } from \"../tokens/requestFire\";\nimport { createFireAuthenticateRequest } from \"../tokens/requestFire\";\n\nexport type TernSecureFireOptions = CreateBackendApiOptions & CreateFireAuthenticateRequestOptions['options']\n\nexport type TernSecureFireClient = ApiClient & ReturnType<typeof createFireAuthenticateRequest>;\n\nexport function createFireClient(options: TernSecureFireOptions): TernSecureFireClient {\n const opts = { ...options };\n const apiClient = createBackendApi(opts);\n const requestState = createFireAuthenticateRequest({options: opts});\n\n return {\n ...apiClient,\n ...requestState,\n };\n}\n","export enum LogLevel {\n ERROR = 0,\n WARN = 1,\n INFO = 2,\n DEBUG = 3,\n}\n\nexport interface LoggerOptions {\n enabled: boolean\n level: LogLevel\n prefix: string\n}\n\nexport class Logger {\n private options: LoggerOptions\n\n constructor(options: Partial<LoggerOptions> = {}) {\n this.options = {\n enabled: false,\n level: LogLevel.INFO,\n prefix: '[TernSecure-Backend]',\n ...options,\n }\n }\n\n enable(): void {\n this.options.enabled = true\n }\n\n disable(): void {\n this.options.enabled = false\n }\n\n setLevel(level: LogLevel): void {\n this.options.level = level\n }\n\n setPrefix(prefix: string): void {\n this.options.prefix = prefix\n }\n\n private log(level: LogLevel, levelName: string, message: string, ...args: any[]): void {\n if (!this.options.enabled || level > this.options.level) {\n return\n }\n\n const timestamp = new Date().toISOString()\n const formattedMessage = `${timestamp} ${this.options.prefix} [${levelName}] ${message}`\n \n switch (level) {\n case LogLevel.ERROR:\n console.error(formattedMessage, ...args)\n break\n case LogLevel.WARN:\n console.warn(formattedMessage, ...args)\n break\n case LogLevel.INFO:\n console.info(formattedMessage, ...args)\n break\n case LogLevel.DEBUG:\n console.debug(formattedMessage, ...args)\n break\n }\n }\n\n error(message: string, ...args: any[]): void {\n this.log(LogLevel.ERROR, 'ERROR', message, ...args)\n }\n\n warn(message: string, ...args: any[]): void {\n this.log(LogLevel.WARN, 'WARN', message, ...args)\n }\n\n info(message: string, ...args: any[]): void {\n this.log(LogLevel.INFO, 'INFO', message, ...args)\n }\n\n debug(message: string, ...args: any[]): void {\n this.log(LogLevel.DEBUG, 'DEBUG', message, ...args)\n }\n}\n\nexport const createLogger = (options?: Partial<LoggerOptions>): Logger => {\n return new Logger(options)\n}\n\nexport const redisLogger = createLogger({ prefix: '[TernSecure-Redis]' })\nexport const authLogger = createLogger({ prefix: '[TernSecure-Auth]' })","import { authLogger, LogLevel,redisLogger } from \"./logger\"\n\nexport function enableDebugLogging(): void {\n authLogger.enable()\n authLogger.setLevel(LogLevel.DEBUG)\n \n redisLogger.enable()\n redisLogger.setLevel(LogLevel.DEBUG)\n}\n\nexport function disableDebugLogging(): void {\n authLogger.disable()\n redisLogger.disable()\n}\n\nexport function setLogLevel(level: LogLevel): void {\n authLogger.setLevel(level)\n redisLogger.setLevel(level)\n}","import { authLogger } from \"../utils/logger\";\nimport type { DisabledUserAdapter, DisabledUserRecord, PostgresConfig } from \"./types\";\n\nexport class PostgresAdapter implements DisabledUserAdapter {\n private config: PostgresConfig;\n private tableName: string;\n\n constructor(config: PostgresConfig) {\n this.config = config;\n this.tableName = config.table || 'disabled_users';\n }\n\n getDisabledUser = async(uid: string): Promise<DisabledUserRecord | null> => {\n try {\n // For edge runtime, we'll use fetch to call a REST API endpoint\n // This avoids the need for full postgres client libraries in edge\n const response = await fetch(this.config.url, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n 'Authorization': `Bearer ${this.config.token}`,\n },\n body: JSON.stringify({\n query: `SELECT uid, email, disabled_time as \"disabledTime\" FROM ${this.tableName} WHERE uid = $1`,\n params: [uid],\n }),\n });\n\n if (!response.ok) {\n throw new Error(`HTTP error! status: ${response.status}`);\n }\n\n const result = await response.json();\n \n if (result.rows && result.rows.length > 0) {\n const row = result.rows[0];\n const disabledUser: DisabledUserRecord = {\n uid: row.uid,\n email: row.email,\n disabledTime: row.disabledTime,\n };\n \n authLogger.debug(`Found disabled user: ${uid}`);\n return disabledUser;\n }\n\n authLogger.debug(`No disabled user found: ${uid}`);\n return null;\n } catch (error) {\n authLogger.error('Failed to fetch disabled user from Postgres:', error);\n return null;\n }\n }\n}","import { Redis } from \"@upstash/redis\";\n\nimport { authLogger } from \"../utils/logger\";\nimport type {\n DisabledUserAdapter,\n DisabledUserRecord,\n RedisConfig,\n} from \"./types\";\n\ninterface CacheEntry<T> {\n value: T;\n expiresAt: number;\n}\n\nclass TTLCache<T> {\n private cache = new Map<string, CacheEntry<T>>();\n private readonly defaultTTL: number;\n\n constructor(defaultTTLMs: number = 60000) {\n this.defaultTTL = defaultTTLMs;\n }\n\n set(key: string, value: T, ttlMs?: number): void {\n const expiresAt = Date.now() + (ttlMs ?? this.defaultTTL);\n this.cache.set(key, { value, expiresAt });\n console.log(`TTLCache.set: key=${key}, value=${JSON.stringify(value)}, expiresAt=${expiresAt}, cacheSize=${this.cache.size}`);\n }\n\n private getEntry(key: string): CacheEntry<T> | undefined {\n const entry = this.cache.get(key);\n if (!entry) return undefined;\n\n const now = Date.now();\n if (now > entry.expiresAt) {\n console.log(`TTLCache: key=${key} expired (now=${now}, expiresAt=${entry.expiresAt})`);\n this.cache.delete(key);\n return undefined;\n }\n\n return entry;\n }\n\n get(key: string): T | undefined {\n const entry = this.getEntry(key);\n const hasEntry = entry !== undefined;\n const cacheHasKey = this.cache.has(key);\n const rawEntry = this.cache.get(key);\n \n console.log(`TTLCache.get: key=${key}, hasEntry=${hasEntry}, cacheHasKey=${cacheHasKey}`);\n console.log(`TTLCache.get: rawEntry=${JSON.stringify(rawEntry)}, entry=${JSON.stringify(entry)}`);\n \n if (!entry) {\n console.log(`TTLCache.get: no entry found for key=${key}, returning undefined`);\n return undefined;\n }\n\n console.log(`TTLCache.get: returning value=${JSON.stringify(entry.value)} for key=${key}`);\n return entry.value;\n }\n\n\n delete(key: string): boolean {\n return this.cache.delete(key);\n }\n\n clear(): void {\n this.cache.clear();\n }\n\n cleanup(): void {\n const now = Date.now();\n for (const [key, entry] of this.cache.entries()) {\n if (now > entry.expiresAt) {\n this.cache.delete(key);\n }\n }\n }\n}\n\nexport class RedisAdapter implements DisabledUserAdapter {\n private redis: Redis;\n private cache: TTLCache<DisabledUserRecord | null>;\n private keyPrefix: string;\n\n constructor(config: RedisConfig) {\n this.redis = new Redis({\n url: config.url,\n token: config.token,\n });\n\n this.keyPrefix = config.keyPrefix || \"disabled_user:\";\n const cacheTTL = config.ttl || 30000; // Default 30 seconds\n this.cache = new TTLCache<DisabledUserRecord | null>(cacheTTL);\n\n setInterval(() => this.cache.cleanup(), 5 * 60 * 1000);\n }\n\n getDisabledUser = async (uid: string): Promise<DisabledUserRecord | null> => {\n const cacheKey = `${this.keyPrefix}${uid}`;\n \n authLogger.debug(`RedisAdapter: Checking cache for key: ${cacheKey}`);\n \n // Try to get from cache first\n const cachedResult = this.cache.get(cacheKey);\n authLogger.debug(`RedisAdapter: Cache get result for ${cacheKey}:`, {\n cachedResult: JSON.stringify(cachedResult),\n isUndefined: cachedResult === undefined,\n type: typeof cachedResult\n });\n \n if (cachedResult !== undefined) {\n authLogger.debug(`Cache hit for disabled user: ${uid}`, { \n cacheKey,\n cachedResult: JSON.stringify(cachedResult)\n });\n return cachedResult;\n }\n\n authLogger.debug(\n `Cache miss for disabled user: ${uid}, fetching from Redis with key: ${cacheKey}`\n );\n\n try {\n const disabledUser: DisabledUserRecord | null =\n await this.redis.get(cacheKey);\n\n authLogger.debug(`Redis returned for key ${cacheKey}:`, { \n disabledUser: JSON.stringify(disabledUser),\n type: typeof disabledUser\n });\n\n // Cache the result (including null values to prevent repeated Redis calls)\n this.cache.set(cacheKey, disabledUser);\n \n authLogger.debug(`Cached disabled user result for: ${uid}`, {\n cacheKey,\n isDisabled: !!disabledUser,\n cachedValue: JSON.stringify(disabledUser)\n });\n\n return disabledUser;\n } catch (error) {\n authLogger.error(\"Failed to fetch disabled user from Redis:\", error);\n return null;\n }\n };\n\n invalidateCache(uid: string): void {\n const cacheKey = `${this.keyPrefix}${uid}`;\n this.cache.delete(cacheKey);\n }\n}\n","import { PostgresAdapter } from \"./PostgresAdapter\";\nimport { RedisAdapter } from \"./RedisAdapter\";\nimport type { AdapterConfiguration,DisabledUserAdapter } from \"./types\";\n\nexport function createAdapter(\n config: AdapterConfiguration\n): DisabledUserAdapter {\n switch (config.type) {\n case \"redis\":\n return new RedisAdapter(config.config as any);\n case \"postgres\":\n return new PostgresAdapter(config.config as any);\n default:\n throw new Error(`Unsupported adapter type: ${(config as any).type}`);\n }\n}\n\nexport function validateCheckRevokedOptions(options?: {\n enabled: boolean;\n adapter?: AdapterConfiguration;\n}): { isValid: boolean; error?: string } {\n if (options?.enabled && !options.adapter) {\n return {\n isValid: false,\n error: \"When checkRevoked.enabled is true, an adapter must be provided\",\n };\n }\n return { isValid: true };\n}\n\n\nexport { RedisAdapter } from './RedisAdapter';\nexport { PostgresAdapter } from './PostgresAdapter';\nexport type {\n DisabledUserAdapter,\n DisabledUserRecord,\n AdapterConfig,\n RedisConfig,\n PostgresConfig,\n AdapterType,\n AdapterConfiguration,\n CheckRevokedOptions,\n} from './types';\n"],"mappings":";;;;;;;;;;;;;;;;;;AAQO,IAAM,aAAa;AAAA,EACxB,UAAU;AAAA,EACV,WAAW;AACb;AAIO,IAAM,kBAAkB;AAAA,EAC7B,2BAA2B;AAAA,EAC3B,qBAAqB;AAAA,EACrB,qBAAqB;AAAA,EACrB,gCAAgC;AAAA,EAChC,iBAAiB;AAAA,EACjB,4BAA4B;AAAA,EAC5B,4BAA4B;AAAA,EAC5B,iBAAiB;AACnB;AAgDA,SAAS,uBACP,gBACqC;AACrC,SAAO,CAAC,wBAA6B;AACnC,QACE,CAAC,uBACD,OAAO,wBAAwB,YAC/B,MAAM,QAAQ,mBAAmB,GACjC;AACA,aAAO;AAAA,IACT;AACA,UAAM,SAAS;AAEf,WAAO,OAAO,QAAQ,mBAAmB,EAAE,MAAM,CAAC,CAAC,KAAK,KAAK,MAAM;AACjE,YAAM,aAAa,OAAO,GAAG;AAC7B,UAAI,OAAO,eAAe,aAAa;AACrC,eAAO;AAAA,MACT;AACA,UAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,YAAI,MAAM,QAAQ,UAAU,GAAG;AAC7B,iBAAO,MAAM,KAAK,OAAK,WAAW,SAAS,CAAC,CAAC;AAAA,QAC/C;AACA,eAAO,MAAM,SAAS,UAAU;AAAA,MAClC;AAEA,UAAI,MAAM,QAAQ,UAAU,GAAG;AAC7B,eAAO,WAAW,SAAS,KAAK;AAAA,MAClC;AACA,aAAO,eAAe;AAAA,IACxB,CAAC;AAAA,EACH;AACF;AAEO,SAAS,mBACd,cACA,eACoB;AACpB,QAAM,iBAAiB,8BAA8B,aAAa;AAClE,SAAO;AAAA,IACL,eAAe;AAAA,MACb,GAAG;AAAA,IACL;AAAA,IACA,QAAQ,eAAe;AAAA,IACvB,OAAO;AAAA,IACP,SAAS,uBAAuB,cAAc;AAAA,IAC9C,OAAO;AAAA,EACT;AACF;AAEO,SAAS,sBAA2C;AACzD,SAAO;AAAA,IACL,eAAe;AAAA,IACf,QAAQ;AAAA,IACR,SAAS,MAAM;AAAA,IACf,OAAO;AAAA,EACT;AACF;AAEO,SAAS,SACd,eACA,UAAmB,IAAI,QAAQ,GAC/B,OACe;AACf,QAAM,aAAa,mBAAmB,OAAO,aAAa;AAC1D,SAAO;AAAA,IACL,QAAQ,WAAW;AAAA,IACnB,QAAQ;AAAA,IACR,YAAY;AAAA,IACZ,MAAM,MAAM;AAAA,IACZ;AAAA,IACA;AAAA,EACF;AACF;AAEO,SAAS,UAAU,QAAoB,UAAmB,IAAI,QAAQ,GAAmB;AAC9F,SAAO,gBAAgB;AAAA,IACrB,QAAQ,WAAW;AAAA,IACnB;AAAA,IACA,YAAY;AAAA,IACZ,MAAM,MAAM,oBAAoB;AAAA,IAChC,OAAO;AAAA,IACP;AAAA,EACF,CAAC;AACH;AAEA,IAAM,kBAAkB,CAAyB,iBAAuB;AACtE,QAAM,UAAU,IAAI,QAAQ,aAAa,WAAW,CAAC,CAAC;AACtD,MAAI,aAAa,QAAQ;AACvB,QAAI;AACF,cAAQ,IAAI,UAAU,QAAQ,YAAY,aAAa,MAAM;AAAA,IAC/D,QAAQ;AAAA,IAER;AAAA,EACF;AAEA,MAAI,aAAa,QAAQ;AACvB,QAAI;AACF,cAAQ,IAAI,UAAU,QAAQ,YAAY,aAAa,MAAM;AAAA,IAC/D,QAAQ;AAAA,IAER;AAAA,EACF;AACA,eAAa,UAAU;AACvB,SAAO;AACT;;;AC9KA,IAAM,WAAW;AAOV,IAAM,aAAN,MAAiB;AAAA,EACtB,YAAsB,SAA0B;AAA1B;AAAA,EAA2B;AAAA,EAEjD,MAAa,cAAc,QAA6B;AACtD,WAAO,KAAK,QAAQ;AAAA,MAClB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,YAAY;AAAA,IACd,CAAC;AAAA,EACH;AACF;;;ACJA,SAAS,aAAa,cAAc;AAmBpC,IAAM,cAAc,MAAM,KAAK,UAAU;AAElC,IAAM,UAAmB;AAAA,EAC9B;AAAA,EACA,IAAI,QAAQ;AAEV,WAAO,QAAQ,IAAI,aAAa,SAAS,QAAQ;AAAA,EACnD;AAAA,EACA,iBAAiB,WAAW;AAAA,EAC5B,MAAM,WAAW;AAAA,EACjB,UAAU,WAAW;AAAA,EACrB,SAAS,WAAW;AAAA,EACpB,SAAS,WAAW;AAAA,EACpB,UAAU,WAAW;AACvB;;;AChDA,IAAM,YAAY;AAClB,IAAM,2BAA2B,IAAI,OAAO,WAAW,YAAY,QAAQ,GAAG;AAIvE,SAAS,aAAa,MAA4B;AACvD,SAAO,KACJ,OAAO,OAAK,CAAC,EACb,KAAK,SAAS,EACd,QAAQ,0BAA0B,SAAS;AAChD;;;AC8BO,SAAS,cAAc,SAA+B;AAC3D,QAAM,YAAY,OAChB,mBACmC;AACnC,UAAM,EAAE,QAAQ,WAAW,IAAI;AAC/B,UAAM,EAAE,MAAM,QAAQ,aAAa,cAAc,YAAY,SAAS,IACpE;AAEF,UAAM,MAAM,UAAU,QAAQ,YAAY,IAAI;AAC9C,UAAM,WAAW,IAAI,IAAI,GAAG;AAE5B,QAAI,aAAa;AACf,aAAO,QAAQ,WAAW,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM;AACpD,YAAI,OAAO;AACT,WAAC,KAAK,EAAE,KAAK,EAAE,QAAQ,OAAK,SAAS,aAAa,OAAO,KAAK,CAAW,CAAC;AAAA,QAC5E;AAAA,MACF,CAAC;AAAA,IACH;AAEA,UAAM,UAA+B;AAAA,MACnC,GAAG;AAAA,IACL;AACA,QAAI;AAEJ,QAAI;AACF,UAAI,UAAU;AACZ,cAAM,MAAM,QAAQ,MAAM,SAAS,MAAM;AAAA,UACvC;AAAA,UACA;AAAA,UACA,MAAM;AAAA,QACR,CAAC;AAAA,MACH,OAAO;AACL,gBAAQ,cAAc,IAAI;AAC1B,cAAM,UACJ,WAAW,SAAS,cAAc,OAAO,KAAK,UAAU,EAAE,SAAS;AACrE,cAAM,OAAO,UAAU,EAAE,MAAM,KAAK,UAAU,UAAU,EAAE,IAAI;AAE9D,cAAM,MAAM,QAAQ,MAAM,SAAS,MAAM;AAAA,UACvC;AAAA,UACA;AAAA,UACA,GAAG;AAAA,QACL,CAAC;AAAA,MACH;AAEA,YAAM,iBACJ,KAAK,WACL,IAAI,SAAS,IAAI,UAAU,QAAQ,WAAW,MAC5C,UAAU,aAAa;AAC3B,YAAM,eAAe,OAAO,iBAAiB,IAAI,KAAK,IAAI,IAAI,KAAK;AAEnE,UAAI,CAAC,IAAI,IAAI;AACX,eAAO;AAAA,UACL,MAAM;AAAA,UACN,QAAQ,YAAY,YAAY;AAAA,UAChC,QAAQ,KAAK;AAAA,UACb,YAAY,KAAK;AAAA,QACnB;AAAA,MACF;AAEA,aAAO;AAAA,QACL,MAAM;AAAA,QACN,QAAQ;AAAA,MACV;AAAA,IACF,SAAS,OAAO;AACd,UAAI,iBAAiB,OAAO;AAC1B,eAAO;AAAA,UACL,MAAM;AAAA,UACN,QAAQ;AAAA,YACN;AAAA,cACE,MAAM;AAAA,cACN,SAAS,MAAM,WAAW;AAAA,YAC5B;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAEA,aAAO;AAAA,QACL,MAAM;AAAA,QACN,QAAQ,YAAY,KAAK;AAAA,QACzB,QAAQ,KAAK;AAAA,QACb,YAAY,KAAK;AAAA,MACnB;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,YAAY,MAAqC;AACxD,MAAI,CAAC,CAAC,QAAQ,OAAO,SAAS,YAAY,YAAY,MAAM;AAC1D,UAAM,SAAS,KAAK;AACpB,WAAO,OAAO,SAAS,IAAI,OAAO,IAAI,UAAU,IAAI,CAAC;AAAA,EACvD;AACA,SAAO,CAAC;AACV;AAEO,SAAS,WAAW,OAAmD;AAC5E,SAAO;AAAA,IACL,MAAM,MAAM;AAAA,IACZ,SAAS,MAAM;AAAA,EACjB;AACF;;;ACtIO,SAAS,iBAAiB,SAAkC;AACjE,QAAM,UAAU,cAAc,OAAO;AACrC,SAAO;AAAA,IACL,UAAU,IAAI,WAAW,OAAO;AAAA,EAClC;AACF;;;ACLA,IAAM,iBAAmC;AAAA,EACvC,QAAQ;AAAA,EACR,YAAY;AACd;AAEO,SAAS,uBACd,cAAgC,CAAC,GACf;AAClB,SAAO;AAAA,IACL,GAAG;AAAA,IACH,GAAG;AAAA,EACL;AACF;;;ACOA,IAAI,QAA0B,CAAC;AAC/B,IAAI,gBAAgB;AACpB,IAAI,kBAAkB;AAEtB,SAAS,aAAa,KAAa;AACjC,SAAO,MAAM,GAAG;AAClB;AAEA,SAAS,iBAAiB;AACxB,SAAO,OAAO,OAAO,KAAK;AAC5B;AAEA,SAAS,WAAW,KAAa,aAAqB,eAAe,MAAM;AACzE,QAAM,GAAG,IAAI;AACb,kBAAgB,eAAe,KAAK,IAAI,IAAI;AAC9C;AAEA,eAAe,gBAAgB,QAA6C;AAC1E,QAAM,MAAM,IAAI,IAAI,MAAM;AAC1B,QAAM,WAAW,MAAM,MAAM,GAAG;AAChC,MAAI,CAAC,SAAS,IAAI;AAChB,UAAM,IAAI,uBAAuB;AAAA,MAC/B,SAAS,kCAAkC,IAAI,IAAI,cAAc,SAAS,MAAM;AAAA,MAChF,QAAQ,6BAA6B;AAAA,IACvC,CAAC;AAAA,EACH;AAEA,QAAM,OAAO,MAAM,SAAS,KAAK;AACjC,QAAM,YAAY,aAAa,QAAQ;AAEvC,SAAO;AAAA,IACL,MAAM;AAAA,IACN;AAAA,EACF;AACF;AAEA,eAAsB,kBAAkB;AAAA,EACtC,SAAS;AAAA,EACT;AAAA,EACA;AACF,GAA8C;AAC5C,MAAI,iBAAiB,eAAe,KAAK,CAAC,aAAa,GAAG,GAAG;AAC3D,UAAM,EAAE,MAAM,UAAU,IAAI,MAAM,gBAAgB,MAAM;AAExD,QAAI,CAAC,QAAQ,OAAO,KAAK,IAAI,EAAE,WAAW,GAAG;AAC3C,YAAM,IAAI,uBAAuB;AAAA,QAC/B,SAAS,qBAAqB,MAAM;AAAA,QACpC,QAAQ,6BAA6B;AAAA,MACvC,CAAC;AAAA,IACH;AACA,sBAAkB;AAElB,WAAO,QAAQ,IAAI,EAAE,QAAQ,CAAC,CAAC,OAAOA,KAAI,MAAM;AAC9C,iBAAW,OAAOA,KAAI;AAAA,IACxB,CAAC;AAAA,EACH;AACA,QAAM,OAAO,aAAa,GAAG;AAC7B,MAAI,CAAC,MAAM;AACT,mBAAe;AACf,UAAM,gBAAgB,OAAO,KAAK,KAAK,EAAE,KAAK,EAAE,KAAK,IAAI;AAEzD,UAAM,IAAI,uBAAuB;AAAA,MAC/B,SAAS,gCAAgC,GAAG,uBAAuB,aAAa;AAAA,MAChF,QAAQ,6BAA6B;AAAA,IACvC,CAAC;AAAA,EACH;AACA,SAAO;AACT;AAEA,SAAS,iBAAiB;AACxB,QAAM,MAAM,KAAK,IAAI;AACrB,MAAI,kBAAkB,IAAI;AACxB,WAAO;AAAA,EACT;AAEA,QAAM,WAAW,MAAM;AACvB,QAAM,cAAc,oCAAoC;AACxD,QAAM,oBAAoB,YAAY;AACtC,QAAM,qBAAqB,OAAO;AAElC,QAAM,YAAY,qBAAqB;AAEvC,MAAI,WAAW;AACb,YAAQ,CAAC;AAAA,EACX;AAEA,SAAO;AACT;AAEA,SAAS,aAAa,KAAe;AACnC,QAAM,qBAAqB,IAAI,QAAQ,IAAI,eAAe;AAC1D,MAAI,CAAC,oBAAoB;AACvB,WAAO,KAAK,IAAI,IAAI;AAAA,EACtB;AACA,QAAM,cAAc,mBAAmB,MAAM,mBAAmB;AAChE,QAAM,SAAS,cAAc,SAAS,YAAY,CAAC,GAAG,EAAE,IAAI,yBAAyB;AAErF,SAAO,KAAK,IAAI,IAAI,SAAS;AAC/B;;;AC7GA,eAAsB,YACpB,OACA,SACgE;AAChE,QAAM,EAAE,MAAM,eAAe,OAAO,IAAI,cAAc,KAAK;AAE3D,MAAI,QAAQ;AACV,WAAO,EAAE,OAAO;AAAA,EAClB;AAEA,QAAM,EAAE,OAAO,IAAI;AACnB,QAAM,EAAE,IAAI,IAAI;AAEhB,MAAI,CAAC,KAAK;AACR,WAAO;AAAA,MACL,QAAQ;AAAA,QACN,IAAI,uBAAuB;AAAA,UACzB,QAAQ,6BAA6B;AAAA,UACrC,SAAS;AAAA,QACX,CAAC;AAAA,MACH;AAAA,IACF;AAAA,EACF;AAEA,MAAI;AACF,UAAM,MAAM,QAAQ,UAAW,MAAM,kBAAkB,EAAE,GAAG,SAAS,IAAI,CAAC;AAE1E,QAAI,CAAC,KAAK;AACR,aAAO;AAAA,QACL,QAAQ;AAAA,UACN,IAAI,uBAAuB;AAAA,YACzB,QAAQ,6BAA6B;AAAA,YACrC,SAAS,gCAAgC,GAAG;AAAA,UAC9C,CAAC;AAAA,QACH;AAAA,MACF;AAAA,IACF;AACA,WAAO,MAAM,UAAU,OAAO,EAAE,GAAG,SAAS,IAAI,CAAC;AAAA,EACnD,SAAS,OAAO;AACd,QAAI,iBAAiB,wBAAwB;AAC3C,aAAO,EAAE,QAAQ,CAAC,KAAK,EAAE;AAAA,IAC3B;AACA,WAAO;AAAA,MACL,QAAQ,CAAC,KAA+B;AAAA,IAC1C;AAAA,EACF;AACF;;;AChDA,IAAM,gBAAgB;AACtB,IAAM,mBAAmB;AAEzB,SAAS,uBAAuB,SAAiC;AAC/D,QAAM,aAAa,QAAQ,QAAQ,IAAI,eAAe;AAEtD,MAAI,CAAC,cAAc,CAAC,WAAW,WAAW,aAAa,GAAG;AACxD,WAAO;AAAA,EACT;AAEA,SAAO,WAAW,MAAM,cAAc,MAAM;AAC9C;AAEA,SAAS,uBAAuB,SAAkB,MAAqC;AACrF,QAAM,eAAe,QAAQ,QAAQ,IAAI,QAAQ,KAAK;AACtD,QAAM,cAAc,iBAAiB,IAAI,EAAE;AAE3C,MAAI,CAAC,cAAc;AACjB,WAAO;AAAA,EACT;AAEA,QAAM,UAAU,aAAa,MAAM,GAAG,EAAE;AAAA,IACtC,CAAC,KAAK,WAAW;AACf,YAAM,CAAC,MAAM,KAAK,IAAI,OAAO,KAAK,EAAE,MAAM,GAAG;AAC7C,UAAI,IAAI,IAAI;AACZ,aAAO;AAAA,IACT;AAAA,IACA,CAAC;AAAA,EACH;AAEA,SAAO,QAAQ,gBAAgB,KAAK;AACtC;AAEA,SAAS,uBAAuB,SAA2B;AACzD,SAAO,QAAQ,QAAQ,IAAI,eAAe;AAC5C;AAEA,eAAsB,oBACpB,SACA,SACuB;AACvB,iBAAe,uCAAuC;AACpD,UAAM,QAAQ,uBAAuB,SAAS,OAAO;AACrD,QAAI,CAAC,OAAO;AACV,aAAO,UAAU,gBAAgB,mBAAmB;AAAA,IACtD;AACA,UAAM,EAAE,MAAM,OAAO,IAAI,MAAM,YAAY,OAAO,OAAO;AAEzD,QAAI,QAAQ;AACV,YAAM,OAAO,CAAC;AAAA,IAChB;AAEA,UAAM,uBAAuB,SAAS,MAAM,QAAW,KAAK;AAC5D,WAAO;AAAA,EACT;AAEA,iBAAe,uCAAuC;AACpD,UAAM,QAAQ,uBAAuB,OAAO;AAC5C,QAAI,CAAC,OAAO;AACV,aAAO,UAAU,gBAAgB,mBAAmB;AAAA,IACtD;AAEA,UAAM,EAAE,MAAM,OAAO,IAAI,MAAM,YAAY,OAAO,OAAO;AAEzD,QAAI,QAAQ;AACV,YAAM,OAAO,CAAC;AAAA,IAChB;AAEA,UAAM,uBAAuB,SAAS,MAAM,QAAW,KAAK;AAC5D,WAAO;AAAA,EACT;AAEA,MAAI,uBAAuB,OAAO,GAAG;AACnC,WAAO,qCAAqC;AAAA,EAC9C;AAEA,SAAO,qCAAqC;AAC9C;AAUO,SAAS,0BAA0B,QAA0C;AAClF,QAAM,mBAAmB,uBAAuB,OAAO,OAAO;AAC9D,QAAM,YAAY,OAAO;AAEzB,QAAM,4BAA4B,CAAC,SAAkB,UAA0B,CAAC,MAAM;AACpF,UAAM,EAAE,OAAO,IAAI;AACnB,WAAO,oBAAoB,SAAS,EAAE,GAAG,SAAS,QAAQ,UAAU,CAAC;AAAA,EACvE;AAEA,SAAO;AAAA,IACL,qBAAqB;AAAA,EACvB;AACF;;;AC7FO,SAAS,4BAA4B,SAA4D;AACtG,QAAM,OAAO,EAAE,GAAG,QAAQ;AAC1B,QAAM,YAAY,iBAAiB,IAAI;AACvC,QAAM,eAAe,0BAA0B,EAAC,SAAS,MAAM,UAAS,CAAC;AAEzE,SAAO;AAAA,IACL,GAAG;AAAA,IACH,GAAG;AAAA,EACL;AACF;;;ACjBA,IAAM,yBAAyB;AAAA,EAC7B,QAAQ;AAAA,EACR,YAAY;AAAA,EACZ,WAAW;AAAA,EACX,UAAU;AACZ;AAEO,SAASC,wBACd,mBACA,SACG;AACH,SAAO,OAAO,KAAK,iBAAiB,EAAE;AAAA,IACpC,CAAC,KAAQ,QAAgB;AACvB,aAAO,EAAE,GAAG,KAAK,CAAC,GAAG,GAAG,QAAQ,GAAG,KAAK,IAAI,GAAG,EAAE;AAAA,IACnD;AAAA,IACA,EAAE,GAAG,kBAAkB;AAAA,EACzB;AACF;AAEA,IAAMC,iBAAgB;AACtB,IAAMC,oBAAmB;AAEzB,SAASC,wBAAuB,SAAiC;AAC/D,QAAM,aAAa,QAAQ,QAAQ,IAAI,eAAe;AAEtD,MAAI,CAAC,cAAc,CAAC,WAAW,WAAWF,cAAa,GAAG;AACxD,WAAO;AAAA,EACT;AAEA,SAAO,WAAW,MAAMA,eAAc,MAAM;AAC9C;AAEA,SAASG,wBAAuB,SAAkB,MAAqC;AACrF,QAAM,eAAe,QAAQ,QAAQ,IAAI,QAAQ,KAAK;AACtD,QAAM,cAAc,iBAAiB,IAAI,EAAE;AAE3C,MAAI,CAAC,cAAc;AACjB,WAAO;AAAA,EACT;AAEA,QAAM,UAAU,aAAa,MAAM,GAAG,EAAE;AAAA,IACtC,CAAC,KAAK,WAAW;AACf,YAAM,CAAC,MAAM,KAAK,IAAI,OAAO,KAAK,EAAE,MAAM,GAAG;AAC7C,UAAI,IAAI,IAAI;AACZ,aAAO;AAAA,IACT;AAAA,IACA,CAAC;AAAA,EACH;AAEA,SAAO,QAAQF,iBAAgB,KAAK;AACtC;AAEA,SAASG,wBAAuB,SAA2B;AACzD,SAAO,QAAQ,QAAQ,IAAI,eAAe;AAC5C;AAEA,eAAsBC,qBACpB,SACA,SACuB;AACvB,iBAAe,uCAAuC;AACpD,UAAM,QAAQF,wBAAuB,SAAS,OAAO;AACrD,QAAI,CAAC,OAAO;AACV,aAAO,UAAU,gBAAgB,mBAAmB;AAAA,IACtD;AACA,UAAM,EAAE,MAAM,OAAO,IAAI,MAAM,YAAY,OAAO,OAAO;AAEzD,QAAI,QAAQ;AACV,YAAM,OAAO,CAAC;AAAA,IAChB;AAEA,UAAM,uBAAuB,SAAS,MAAM,QAAW,KAAK;AAC5D,WAAO;AAAA,EACT;AAEA,iBAAe,uCAAuC;AACpD,UAAM,QAAQD,wBAAuB,OAAO;AAC5C,QAAI,CAAC,OAAO;AACV,aAAO,UAAU,gBAAgB,mBAAmB;AAAA,IACtD;AAEA,UAAM,EAAE,MAAM,OAAO,IAAI,MAAM,YAAY,OAAO,OAAO;AAEzD,QAAI,QAAQ;AACV,YAAM,OAAO,CAAC;AAAA,IAChB;AAEA,UAAM,uBAAuB,SAAS,MAAM,QAAW,KAAK;AAC5D,WAAO;AAAA,EACT;AAEA,MAAIE,wBAAuB,OAAO,GAAG;AACnC,WAAO,qCAAqC;AAAA,EAC9C;AAEA,SAAO,qCAAqC;AAC9C;AASO,SAAS,8BAA8B,QAA8C;AAC1F,QAAM,mBAAmBL,wBAAuB,wBAAwB,OAAO,OAAO;AAEtF,QAAM,4BAA4B,CAAC,SAAkB,UAA0B,CAAC,MAAM;AACpF,UAAM,iBAAiB,EAAE,GAAG,kBAAkB,GAAG,QAAQ;AACzD,WAAOM,qBAAoB,SAAS,cAAc;AAAA,EACpD;AAEA,SAAO;AAAA,IACL,qBAAqB;AAAA,EACvB;AACF;;;ACpHO,SAAS,iBAAiB,SAAsD;AACrF,QAAM,OAAO,EAAE,GAAG,QAAQ;AAC1B,QAAM,YAAY,iBAAiB,IAAI;AACvC,QAAM,eAAe,8BAA8B,EAAC,SAAS,KAAI,CAAC;AAElE,SAAO;AAAA,IACL,GAAG;AAAA,IACH,GAAG;AAAA,EACL;AACF;;;ACnBO,IAAK,WAAL,kBAAKC,cAAL;AACL,EAAAA,oBAAA,WAAQ,KAAR;AACA,EAAAA,oBAAA,UAAO,KAAP;AACA,EAAAA,oBAAA,UAAO,KAAP;AACA,EAAAA,oBAAA,WAAQ,KAAR;AAJU,SAAAA;AAAA,GAAA;AAaL,IAAM,SAAN,MAAa;AAAA,EACV;AAAA,EAER,YAAY,UAAkC,CAAC,GAAG;AAChD,SAAK,UAAU;AAAA,MACb,SAAS;AAAA,MACT,OAAO;AAAA,MACP,QAAQ;AAAA,MACR,GAAG;AAAA,IACL;AAAA,EACF;AAAA,EAEA,SAAe;AACb,SAAK,QAAQ,UAAU;AAAA,EACzB;AAAA,EAEA,UAAgB;AACd,SAAK,QAAQ,UAAU;AAAA,EACzB;AAAA,EAEA,SAAS,OAAuB;AAC9B,SAAK,QAAQ,QAAQ;AAAA,EACvB;AAAA,EAEA,UAAU,QAAsB;AAC9B,SAAK,QAAQ,SAAS;AAAA,EACxB;AAAA,EAEQ,IAAI,OAAiB,WAAmB,YAAoB,MAAmB;AACrF,QAAI,CAAC,KAAK,QAAQ,WAAW,QAAQ,KAAK,QAAQ,OAAO;AACvD;AAAA,IACF;AAEA,UAAM,aAAY,oBAAI,KAAK,GAAE,YAAY;AACzC,UAAM,mBAAmB,GAAG,SAAS,IAAI,KAAK,QAAQ,MAAM,KAAK,SAAS,KAAK,OAAO;AAEtF,YAAQ,OAAO;AAAA,MACb,KAAK;AACH,gBAAQ,MAAM,kBAAkB,GAAG,IAAI;AACvC;AAAA,MACF,KAAK;AACH,gBAAQ,KAAK,kBAAkB,GAAG,IAAI;AACtC;AAAA,MACF,KAAK;AACH,gBAAQ,KAAK,kBAAkB,GAAG,IAAI;AACtC;AAAA,MACF,KAAK;AACH,gBAAQ,MAAM,kBAAkB,GAAG,IAAI;AACvC;AAAA,IACJ;AAAA,EACF;AAAA,EAEA,MAAM,YAAoB,MAAmB;AAC3C,SAAK,IAAI,eAAgB,SAAS,SAAS,GAAG,IAAI;AAAA,EACpD;AAAA,EAEA,KAAK,YAAoB,MAAmB;AAC1C,SAAK,IAAI,cAAe,QAAQ,SAAS,GAAG,IAAI;AAAA,EAClD;AAAA,EAEA,KAAK,YAAoB,MAAmB;AAC1C,SAAK,IAAI,cAAe,QAAQ,SAAS,GAAG,IAAI;AAAA,EAClD;AAAA,EAEA,MAAM,YAAoB,MAAmB;AAC3C,SAAK,IAAI,eAAgB,SAAS,SAAS,GAAG,IAAI;AAAA,EACpD;AACF;AAEO,IAAM,eAAe,CAAC,YAA6C;AACxE,SAAO,IAAI,OAAO,OAAO;AAC3B;AAEO,IAAM,cAAc,aAAa,EAAE,QAAQ,qBAAqB,CAAC;AACjE,IAAM,aAAa,aAAa,EAAE,QAAQ,oBAAoB,CAAC;;;ACrF/D,SAAS,qBAA2B;AACzC,aAAW,OAAO;AAClB,aAAW,sBAAuB;AAElC,cAAY,OAAO;AACnB,cAAY,sBAAuB;AACrC;AAEO,SAAS,sBAA4B;AAC1C,aAAW,QAAQ;AACnB,cAAY,QAAQ;AACtB;AAEO,SAAS,YAAY,OAAuB;AACjD,aAAW,SAAS,KAAK;AACzB,cAAY,SAAS,KAAK;AAC5B;;;ACfO,IAAM,kBAAN,MAAqD;AAAA,EAClD;AAAA,EACA;AAAA,EAER,YAAY,QAAwB;AAClC,SAAK,SAAS;AACd,SAAK,YAAY,OAAO,SAAS;AAAA,EACnC;AAAA,EAEA,kBAAkB,OAAM,QAAoD;AAC1E,QAAI;AAGF,YAAM,WAAW,MAAM,MAAM,KAAK,OAAO,KAAK;AAAA,QAC5C,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,iBAAiB,UAAU,KAAK,OAAO,KAAK;AAAA,QAC9C;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB,OAAO,2DAA2D,KAAK,SAAS;AAAA,UAChF,QAAQ,CAAC,GAAG;AAAA,QACd,CAAC;AAAA,MACH,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,IAAI,MAAM,uBAAuB,SAAS,MAAM,EAAE;AAAA,MAC1D;AAEA,YAAM,SAAS,MAAM,SAAS,KAAK;AAEnC,UAAI,OAAO,QAAQ,OAAO,KAAK,SAAS,GAAG;AACzC,cAAM,MAAM,OAAO,KAAK,CAAC;AACzB,cAAM,eAAmC;AAAA,UACvC,KAAK,IAAI;AAAA,UACT,OAAO,IAAI;AAAA,UACX,cAAc,IAAI;AAAA,QACpB;AAEA,mBAAW,MAAM,wBAAwB,GAAG,EAAE;AAC9C,eAAO;AAAA,MACT;AAEA,iBAAW,MAAM,2BAA2B,GAAG,EAAE;AACjD,aAAO;AAAA,IACT,SAAS,OAAO;AACd,iBAAW,MAAM,gDAAgD,KAAK;AACtE,aAAO;AAAA,IACT;AAAA,EACF;AACF;;;ACrDA,SAAS,aAAa;AActB,IAAM,WAAN,MAAkB;AAAA,EACR,QAAQ,oBAAI,IAA2B;AAAA,EAC9B;AAAA,EAEjB,YAAY,eAAuB,KAAO;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,IAAI,KAAa,OAAU,OAAsB;AAC/C,UAAM,YAAY,KAAK,IAAI,KAAK,SAAS,KAAK;AAC9C,SAAK,MAAM,IAAI,KAAK,EAAE,OAAO,UAAU,CAAC;AACxC,YAAQ,IAAI,qBAAqB,GAAG,WAAW,KAAK,UAAU,KAAK,CAAC,eAAe,SAAS,eAAe,KAAK,MAAM,IAAI,EAAE;AAAA,EAC9H;AAAA,EAEQ,SAAS,KAAwC;AACvD,UAAM,QAAQ,KAAK,MAAM,IAAI,GAAG;AAChC,QAAI,CAAC,MAAO,QAAO;AAEnB,UAAM,MAAM,KAAK,IAAI;AACrB,QAAI,MAAM,MAAM,WAAW;AACzB,cAAQ,IAAI,iBAAiB,GAAG,iBAAiB,GAAG,eAAe,MAAM,SAAS,GAAG;AACrF,WAAK,MAAM,OAAO,GAAG;AACrB,aAAO;AAAA,IACT;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,IAAI,KAA4B;AAC9B,UAAM,QAAQ,KAAK,SAAS,GAAG;AAC/B,UAAM,WAAW,UAAU;AAC3B,UAAM,cAAc,KAAK,MAAM,IAAI,GAAG;AACtC,UAAM,WAAW,KAAK,MAAM,IAAI,GAAG;AAEnC,YAAQ,IAAI,qBAAqB,GAAG,cAAc,QAAQ,iBAAiB,WAAW,EAAE;AACxF,YAAQ,IAAI,0BAA0B,KAAK,UAAU,QAAQ,CAAC,WAAW,KAAK,UAAU,KAAK,CAAC,EAAE;AAEhG,QAAI,CAAC,OAAO;AACV,cAAQ,IAAI,wCAAwC,GAAG,uBAAuB;AAC9E,aAAO;AAAA,IACT;AAEA,YAAQ,IAAI,iCAAiC,KAAK,UAAU,MAAM,KAAK,CAAC,YAAY,GAAG,EAAE;AACzF,WAAO,MAAM;AAAA,EACf;AAAA,EAGA,OAAO,KAAsB;AAC3B,WAAO,KAAK,MAAM,OAAO,GAAG;AAAA,EAC9B;AAAA,EAEA,QAAc;AACZ,SAAK,MAAM,MAAM;AAAA,EACnB;AAAA,EAEA,UAAgB;AACd,UAAM,MAAM,KAAK,IAAI;AACrB,eAAW,CAAC,KAAK,KAAK,KAAK,KAAK,MAAM,QAAQ,GAAG;AAC/C,UAAI,MAAM,MAAM,WAAW;AACzB,aAAK,MAAM,OAAO,GAAG;AAAA,MACvB;AAAA,IACF;AAAA,EACF;AACF;AAEO,IAAM,eAAN,MAAkD;AAAA,EAC/C;AAAA,EACA;AAAA,EACA;AAAA,EAER,YAAY,QAAqB;AAC/B,SAAK,QAAQ,IAAI,MAAM;AAAA,MACrB,KAAK,OAAO;AAAA,MACZ,OAAO,OAAO;AAAA,IAChB,CAAC;AAED,SAAK,YAAY,OAAO,aAAa;AACrC,UAAM,WAAW,OAAO,OAAO;AAC/B,SAAK,QAAQ,IAAI,SAAoC,QAAQ;AAE7D,gBAAY,MAAM,KAAK,MAAM,QAAQ,GAAG,IAAI,KAAK,GAAI;AAAA,EACvD;AAAA,EAEA,kBAAkB,OAAO,QAAoD;AAC3E,UAAM,WAAW,GAAG,KAAK,SAAS,GAAG,GAAG;AAExC,eAAW,MAAM,yCAAyC,QAAQ,EAAE;AAGpE,UAAM,eAAe,KAAK,MAAM,IAAI,QAAQ;AAC5C,eAAW,MAAM,sCAAsC,QAAQ,KAAK;AAAA,MAClE,cAAc,KAAK,UAAU,YAAY;AAAA,MACzC,aAAa,iBAAiB;AAAA,MAC9B,MAAM,OAAO;AAAA,IACf,CAAC;AAED,QAAI,iBAAiB,QAAW;AAC9B,iBAAW,MAAM,gCAAgC,GAAG,IAAI;AAAA,QACtD;AAAA,QACA,cAAc,KAAK,UAAU,YAAY;AAAA,MAC3C,CAAC;AACD,aAAO;AAAA,IACT;AAEA,eAAW;AAAA,MACT,iCAAiC,GAAG,mCAAmC,QAAQ;AAAA,IACjF;AAEA,QAAI;AACF,YAAM,eACJ,MAAM,KAAK,MAAM,IAAI,QAAQ;AAE/B,iBAAW,MAAM,0BAA0B,QAAQ,KAAK;AAAA,QACtD,cAAc,KAAK,UAAU,YAAY;AAAA,QACzC,MAAM,OAAO;AAAA,MACf,CAAC;AAGD,WAAK,MAAM,IAAI,UAAU,YAAY;AAErC,iBAAW,MAAM,oCAAoC,GAAG,IAAI;AAAA,QAC1D;AAAA,QACA,YAAY,CAAC,CAAC;AAAA,QACd,aAAa,KAAK,UAAU,YAAY;AAAA,MAC1C,CAAC;AAED,aAAO;AAAA,IACT,SAAS,OAAO;AACd,iBAAW,MAAM,6CAA6C,KAAK;AACnE,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,gBAAgB,KAAmB;AACjC,UAAM,WAAW,GAAG,KAAK,SAAS,GAAG,GAAG;AACxC,SAAK,MAAM,OAAO,QAAQ;AAAA,EAC5B;AACF;;;ACnJO,SAAS,cACd,QACqB;AACrB,UAAQ,OAAO,MAAM;AAAA,IACnB,KAAK;AACH,aAAO,IAAI,aAAa,OAAO,MAAa;AAAA,IAC9C,KAAK;AACH,aAAO,IAAI,gBAAgB,OAAO,MAAa;AAAA,IACjD;AACE,YAAM,IAAI,MAAM,6BAA8B,OAAe,IAAI,EAAE;AAAA,EACvE;AACF;AAEO,SAAS,4BAA4B,SAGH;AACvC,MAAI,SAAS,WAAW,CAAC,QAAQ,SAAS;AACxC,WAAO;AAAA,MACL,SAAS;AAAA,MACT,OAAO;AAAA,IACT;AAAA,EACF;AACA,SAAO,EAAE,SAAS,KAAK;AACzB;","names":["cert","mergePreDefinedOptions","BEARER_PREFIX","AUTH_COOKIE_NAME","extractTokenFromHeader","extractTokenFromCookie","hasAuthorizationHeader","authenticateRequest","LogLevel"]}
1
+ {"version":3,"sources":["../src/tokens/authstate.ts","../src/fireRestApi/endpoints/AbstractApi.ts","../src/fireRestApi/endpoints/EmailApi.ts","../src/fireRestApi/endpoints/PasswordApi.ts","../src/fireRestApi/endpoints/SignInTokenApi.ts","../src/fireRestApi/endpoints/SignUpApi.ts","../src/fireRestApi/endpoints/TokenApi.ts","../src/runtime.ts","../src/fireRestApi/emulator.ts","../src/fireRestApi/endpointUrl.ts","../src/fireRestApi/request.ts","../src/fireRestApi/createFireApi.ts","../src/tokens/request.ts","../src/utils/options.ts","../src/instance/backendInstanceEdge.ts","../src/tokens/requestFire.ts","../src/instance/backendFireInstance.ts","../src/utils/logger.ts","../src/utils/enableDebugLogging.ts","../src/adapters/PostgresAdapter.ts","../src/adapters/RedisAdapter.ts","../src/adapters/index.ts"],"sourcesContent":["import type { CheckAuthorizationFromSessionClaims, DecodedIdToken } from '@tern-secure/types';\nimport type { JWTPayload } from 'jose';\n\nimport { constants } from '../constants';\nimport type { TokenVerificationErrorReason } from '../utils/errors';\nimport { mapJwtPayloadToDecodedIdToken } from '../utils/mapDecode';\nimport type { TernSecureRequest } from './ternSecureRequest';\n\nexport const AuthStatus = {\n SignedIn: 'signed-in',\n SignedOut: 'signed-out',\n} as const;\n\nexport type AuthStatus = (typeof AuthStatus)[keyof typeof AuthStatus];\n\nexport const AuthErrorReason = {\n SessionTokenAndUATMissing: 'session-token-and-uat-missing',\n SessionTokenMissing: 'session-token-missing',\n SessionTokenExpired: 'session-token-expired',\n SessionTokenIATBeforeClientUAT: 'session-token-iat-before-client-uat',\n SessionTokenNBF: 'session-token-nbf',\n SessionTokenIatInTheFuture: 'session-token-iat-in-the-future',\n ActiveOrganizationMismatch: 'active-organization-mismatch',\n UnexpectedError: 'unexpected-error',\n} as const;\n\nexport type AuthErrorReason = (typeof AuthErrorReason)[keyof typeof AuthErrorReason];\n\nexport type AuthReason = AuthErrorReason | TokenVerificationErrorReason;\n\nexport type SignedInAuthObject = {\n sessionClaims: DecodedIdToken;\n userId: string;\n token: string;\n require: CheckAuthorizationFromSessionClaims;\n error: string | null;\n};\n\nexport type SignedOutAuthObject = {\n sessionClaims: null;\n userId: null;\n require: CheckAuthorizationFromSessionClaims;\n error: string | null;\n};\n\nexport type SignedInState = {\n status: typeof AuthStatus.SignedIn;\n reason: null;\n isSignedIn: true;\n auth: () => SignedInAuthObject;\n token: string;\n headers: Headers;\n};\n\nexport type SignedOutState = {\n status: typeof AuthStatus.SignedOut;\n reason: string;\n isSignedIn: false;\n auth: () => SignedOutAuthObject;\n token: null;\n headers: Headers;\n};\n\nexport type RequestState = SignedInState | SignedOutState;\n\nexport interface BackendInstance {\n ternSecureRequest: TernSecureRequest;\n requestState: RequestState;\n}\n\nexport type AuthObject = SignedInAuthObject | SignedOutAuthObject;\n\nfunction createHasAuthorization(\n decodedIdToken: DecodedIdToken,\n): CheckAuthorizationFromSessionClaims {\n return (authorizationParams: any) => {\n if (\n !authorizationParams ||\n typeof authorizationParams !== 'object' ||\n Array.isArray(authorizationParams)\n ) {\n return false;\n }\n const claims = decodedIdToken as Record<string, any>;\n\n return Object.entries(authorizationParams).every(([key, value]) => {\n const claimValue = claims[key];\n if (typeof claimValue === 'undefined') {\n return false;\n }\n if (Array.isArray(value)) {\n if (Array.isArray(claimValue)) {\n return value.some(v => claimValue.includes(v));\n }\n return value.includes(claimValue);\n }\n\n if (Array.isArray(claimValue)) {\n return claimValue.includes(value);\n }\n return claimValue === value;\n });\n };\n}\n\nexport function signedInAuthObject(\n sessionToken: string,\n sessionClaims: JWTPayload,\n): SignedInAuthObject {\n const decodedIdToken = mapJwtPayloadToDecodedIdToken(sessionClaims);\n return {\n sessionClaims: {\n ...decodedIdToken,\n },\n userId: decodedIdToken.uid,\n token: sessionToken,\n require: createHasAuthorization(decodedIdToken),\n error: null,\n };\n}\n\nexport function signedOutAuthObject(): SignedOutAuthObject {\n return {\n sessionClaims: null,\n userId: null,\n require: () => false,\n error: 'No active session',\n };\n}\n\nexport function signedIn(\n sessionClaims: JWTPayload,\n headers: Headers = new Headers(),\n token: string,\n): SignedInState {\n const authObject = signedInAuthObject(token, sessionClaims);\n return {\n status: AuthStatus.SignedIn,\n reason: null,\n isSignedIn: true,\n auth: () => authObject,\n token,\n headers,\n };\n}\n\nexport function signedOut(\n reason: AuthReason,\n message = '',\n headers: Headers = new Headers(),\n): SignedOutState {\n return decorateHeaders({\n status: AuthStatus.SignedOut,\n reason,\n message,\n isSignedIn: false,\n auth: () => signedOutAuthObject(),\n token: null,\n headers,\n });\n}\n\nconst decorateHeaders = <T extends RequestState>(requestState: T): T => {\n const headers = new Headers(requestState.headers || {});\n if (requestState.reason) {\n try {\n headers.set(constants.Headers.AuthReason, requestState.reason);\n } catch {\n // Ignore errors\n }\n }\n\n if (requestState.status) {\n try {\n headers.set(constants.Headers.AuthStatus, requestState.status);\n } catch {\n // Ignore errors\n }\n }\n requestState.headers = headers;\n return requestState;\n};\n","import type { RequestFunction } from '../request';\n\nexport abstract class AbstractAPI {\n constructor(protected request: RequestFunction) {}\n\n protected requireApiKey(apiKey: string) {\n if (!apiKey) {\n throw new Error('A valid API key is required.');\n }\n }\n}\n","import { AbstractAPI } from \"./AbstractApi\";\n\n\ntype sendEmailVerificationParams = {\n idToken: string;\n requestType: 'VERIFY_EMAIL';\n};\n\ntype ConfirmEmailVerificationParams = {\n oobCode: string;\n};\n\n\nexport class EmailApi extends AbstractAPI {\n public async verifyEmailVerification(apiKey: string, params: sendEmailVerificationParams) {\n this.requireApiKey(apiKey);\n const { ...restParams } = params;\n return this.request({\n endpoint: \"sendOobCode\",\n method: \"POST\",\n bodyParams: restParams,\n });\n }\n\n public async confirmEmailVerification(apiKey: string, params: ConfirmEmailVerificationParams) {\n this.requireApiKey(apiKey);\n const { ...restParams } = params;\n return this.request({\n endpoint: \"sendOobCode\",\n method: \"POST\",\n bodyParams: restParams,\n });\n }\n}","import { AbstractAPI } from \"./AbstractApi\";\n\n\ntype ConfirmPasswordResetParams = {\n oobCode: string;\n newPassword: string;\n};\n\ntype VerifyPasswordResetCodeParams = {\n oobCode: string;\n};\n\ntype ChangePasswordParams = {\n idToken: string;\n password: string;\n returnSecureToken?: boolean;\n};\n\nexport class PasswordApi extends AbstractAPI {\n public async verifyPasswordResetCode(apiKey: string, params: VerifyPasswordResetCodeParams) {\n this.requireApiKey(apiKey);\n const { ...restParams } = params;\n return this.request({\n endpoint: \"passwordReset\",\n method: \"POST\",\n bodyParams: restParams,\n });\n }\n\n public async confirmPasswordReset(apiKey: string, params: ConfirmPasswordResetParams) {\n this.requireApiKey(apiKey);\n const { ...restParams } = params;\n return this.request({\n endpoint: \"passwordReset\",\n method: \"POST\",\n bodyParams: restParams,\n });\n }\n\n public async changePassword(apiKey: string, params: ChangePasswordParams) {\n this.requireApiKey(apiKey);\n const { ...restParams } = params;\n return this.request({\n endpoint: \"passwordReset\",\n method: \"POST\",\n bodyParams: restParams,\n });\n }\n}","import type { IdAndRefreshTokens } from '../resources/Token';\nimport { AbstractAPI } from './AbstractApi';\n\n\ntype CreateSignInTokenParams = {\n token: string;\n returnSecureToken?: boolean;\n};\n\nexport class SignInTokenApi extends AbstractAPI {\n public async createCustomToken(\n apiKey: string,\n params: CreateSignInTokenParams,\n ): Promise<IdAndRefreshTokens> {\n try {\n this.requireApiKey(apiKey);\n const { ...restParams } = params;\n\n const response = await this.request<IdAndRefreshTokens>({\n endpoint: \"signInWithCustomToken\",\n method: 'POST',\n bodyParams: restParams,\n });\n\n if (response.errors) {\n const errorMessage = response.errors[0]?.message || 'Failed to create custom token';\n throw new Error(errorMessage);\n }\n\n return response.data;\n } catch (error) {\n const contextualMessage = `Failed to create custom token: ${error instanceof Error ? error.message : 'Unknown error'}`;\n throw new Error(contextualMessage);\n }\n }\n}\n","import { AbstractAPI } from \"./AbstractApi\";\n\n\ntype CreateSignUpTokenParams = {\n email: string;\n password: string;\n returnSecureToken?: boolean;\n};\n\n\nexport class SignUpApi extends AbstractAPI {\n public async createCustomToken(apiKey: string, params: CreateSignUpTokenParams) {\n this.requireApiKey(apiKey);\n const { ...restParams } = params;\n return this.request({\n endpoint: \"signUp\",\n method: \"POST\",\n bodyParams: restParams,\n });\n }\n\n}\n","\nimport type { IdAndRefreshTokens } from '../resources/Token';\nimport { AbstractAPI } from './AbstractApi';\n\n\nconst rootPath = \"/sessions\";\nconst base = \"accounts:signInWithCustomToken\";\n\n\ntype RefreshTokenParams = {\n expired_token: string;\n refresh_token: string;\n request_origin: string;\n request_originating_ip?: string;\n request_headers?: Record<string, string[]>;\n suffixed_cookies?: boolean;\n format?: 'token' | 'cookie';\n};\n\ntype IdAndRefreshTokensParams = {\n token: string;\n returnSecureToken?: boolean;\n};\n\nexport class TokenApi extends AbstractAPI {\n public async refreshToken(apiKey: string, params: RefreshTokenParams) {\n this.requireApiKey(apiKey);\n const { ...restParams } = params;\n return this.request({\n endpoint: \"refreshToken\",\n method: \"POST\",\n bodyParams: restParams,\n });\n }\n\n public async exchangeCustomForIdAndRefreshTokens(\n apiKey: string,\n params: IdAndRefreshTokensParams,\n ): Promise<IdAndRefreshTokens> {\n try {\n this.requireApiKey(apiKey);\n const { ...restParams } = params;\n\n const response = await this.request<IdAndRefreshTokens>({\n endpoint: \"signInWithCustomToken\",\n method: 'POST',\n apiKey,\n bodyParams: restParams,\n });\n\n if (response.errors) {\n const errorMessage = response.errors[0]?.message || 'Failed to create custom token';\n console.error('Error response from exchangeCustomForIdAndRefreshTokens:', response.errors);\n throw new Error(errorMessage);\n }\n\n return response.data;\n } catch (error) {\n const contextualMessage = `Failed to create custom token: ${error instanceof Error ? error.message : 'Unknown error'}`;\n throw new Error(contextualMessage);\n }\n }\n\n}\n","/**\n * This file exports APIs that vary across runtimes (i.e. Node & Browser - V8 isolates)\n * as a singleton object.\n *\n * Runtime polyfills are written in VanillaJS for now to avoid TS complication. Moreover,\n * due to this issue https://github.com/microsoft/TypeScript/issues/44848, there is not a good way\n * to tell Typescript which conditional import to use during build type.\n *\n * The Runtime type definition ensures type safety for now.\n * Runtime js modules are copied into dist folder with bash script.\n *\n * TODO: Support TS runtime modules\n */\n\n// @ts-ignore - These are package subpaths\nimport { webcrypto as crypto } from '#crypto';\n\ntype Runtime = {\n crypto: Crypto;\n fetch: typeof globalThis.fetch;\n AbortController: typeof globalThis.AbortController;\n Blob: typeof globalThis.Blob;\n FormData: typeof globalThis.FormData;\n Headers: typeof globalThis.Headers;\n Request: typeof globalThis.Request;\n Response: typeof globalThis.Response;\n};\n\n// Invoking the global.fetch without binding it first to the globalObject fails in\n// Cloudflare Workers with an \"Illegal Invocation\" error.\n//\n// The globalThis object is supported for Node >= 12.0.\n//\n// https://github.com/supabase/supabase/issues/4417\nconst globalFetch = fetch.bind(globalThis);\n\nexport const runtime: Runtime = {\n crypto,\n get fetch() {\n // We need to use the globalFetch for Cloudflare Workers but the fetch for testing\n return process.env.NODE_ENV === 'test' ? fetch : globalFetch;\n },\n AbortController: globalThis.AbortController,\n Blob: globalThis.Blob,\n FormData: globalThis.FormData,\n Headers: globalThis.Headers,\n Request: globalThis.Request,\n Response: globalThis.Response,\n};\n","export const FIREBASE_AUTH_EMULATOR_HOST = process.env.FIREBASE_AUTH_EMULATOR_HOST;\n\nexport function emulatorHost(): string | undefined {\n if (typeof process === 'undefined') return undefined;\n return FIREBASE_AUTH_EMULATOR_HOST;\n}\n\nexport function useEmulator(): boolean {\n return !!emulatorHost();\n}\n","import { FIREBASE_AUTH_EMULATOR_HOST, useEmulator } from './emulator';\n\nexport const getRefreshTokenEndpoint = (apiKey: string) => {\n return `https://securetoken.googleapis.com/v1/token?key=${apiKey}`;\n};\n\nexport const signInWithPassword = (apiKey: string) => {\n return `https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key=${apiKey}`;\n};\n\nexport const signUpEndpoint = (apiKey: string) => {\n return `https://identitytoolkit.googleapis.com/v1/accounts:signUp?key=${apiKey}`;\n};\n\nexport const getCustomTokenEndpoint = (apiKey: string) => {\n if (useEmulator() && FIREBASE_AUTH_EMULATOR_HOST) {\n let protocol = 'http://';\n if (FIREBASE_AUTH_EMULATOR_HOST.startsWith('http://')) {\n protocol = '';\n }\n\n return `${protocol}${FIREBASE_AUTH_EMULATOR_HOST}/identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=${apiKey}`;\n }\n return `https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=${apiKey}`;\n};\n\nexport const passwordResetEndpoint = (apiKey: string) => {\n return `https://identitytoolkit.googleapis.com/v1/accounts:resetPassword?key=${apiKey}`;\n};\n","import type {\n TernSecureAPIError,\n TernSecureApiErrorJSON,\n} from \"@tern-secure/types\";\n\nimport { constants } from \"../constants\";\nimport { runtime } from \"../runtime\";\nimport {\n getCustomTokenEndpoint,\n getRefreshTokenEndpoint,\n passwordResetEndpoint,\n signInWithPassword,\n signUpEndpoint,\n} from \"./endpointUrl\";\n\nexport type HTTPMethod = \"DELETE\" | \"GET\" | \"PATCH\" | \"POST\" | \"PUT\";\nexport type FirebaseEndpoint =\n | \"refreshToken\"\n | \"signInWithPassword\"\n | \"signUp\"\n | \"signInWithCustomToken\"\n | \"passwordReset\"\n | \"sendOobCode\"\n\nexport type BackendApiRequestOptions = {\n endpoint: FirebaseEndpoint;\n method?: HTTPMethod;\n apiKey?: string;\n queryParams?: Record<string, unknown>;\n headerParams?: Record<string, string>;\n bodyParams?: Record<string, unknown>;\n formData?: FormData;\n}\n\nexport type BackendApiResponse<T> =\n | {\n data: T;\n errors: null;\n totalCount?: number;\n }\n | {\n data: null;\n errors: TernSecureAPIError[];\n totalCount?: never;\n status?: number;\n statusText?: string;\n retryAfter?: number;\n };\n\nexport type RequestFunction = ReturnType<typeof createRequest>;\n\ntype CreateRequestOptions = {\n apiKey?: string;\n apiUrl?: string;\n apiVersion?: string;\n};\n\nconst FIREBASE_ENDPOINT_MAP: Record<FirebaseEndpoint, (apiKey: string) => string> = {\n refreshToken: getRefreshTokenEndpoint,\n signInWithPassword: signInWithPassword,\n signUp: signUpEndpoint,\n signInWithCustomToken: getCustomTokenEndpoint,\n passwordReset: passwordResetEndpoint,\n sendOobCode: signInWithPassword,\n};\n\n\nexport function createRequest(options: CreateRequestOptions) {\n const requestFn = async <T>(\n requestOptions: BackendApiRequestOptions\n ): Promise<BackendApiResponse<T>> => {\n const { endpoint, method, apiKey, queryParams, headerParams, bodyParams, formData } =\n requestOptions;\n\n if (!apiKey) {\n return {\n data: null,\n errors: [\n {\n code: \"missing_api_key\",\n message: \"Firebase API key is required\",\n },\n ],\n };\n }\n\n const endpointUrl = FIREBASE_ENDPOINT_MAP[endpoint](apiKey);\n const finalUrl = new URL(endpointUrl);\n console.log('endpoint url:', endpointUrl);\n\n console.log('Final URL href:', finalUrl.href);\n console.log('Final URL:', finalUrl);\n console.log('Method:', method);\n\n if (queryParams) {\n Object.entries(queryParams).forEach(([key, value]) => {\n if (value) {\n [value].flat().forEach(v => finalUrl.searchParams.append(key, v as string));\n }\n });\n }\n\n const headers: Record<string, any> = {\n ...headerParams,\n };\n let res: Response | undefined;\n\n try {\n if (formData) {\n res = await runtime.fetch(finalUrl.href, {\n method,\n headers,\n body: formData,\n });\n } else {\n headers[\"Content-Type\"] = \"application/json\";\n const hasBody =\n method !== \"GET\" && bodyParams && Object.keys(bodyParams).length > 0;\n const body = hasBody ? { body: JSON.stringify(bodyParams) } : null;\n\n res = await runtime.fetch(finalUrl.href, {\n method,\n headers,\n ...body,\n });\n }\n\n const isJSONResponse =\n res?.headers &&\n res.headers?.get(constants.Headers.ContentType) ===\n constants.ContentTypes.Json;\n const responseBody = await (isJSONResponse ? res.json() : res.text());\n\n if (!res.ok) {\n return {\n data: null,\n errors: parseErrors(responseBody),\n status: res?.status,\n statusText: res?.statusText,\n };\n }\n\n return {\n data: responseBody,\n errors: null,\n };\n } catch (error) {\n if (error instanceof Error) {\n return {\n data: null,\n errors: [\n {\n code: \"unexpected_error\",\n message: error.message || \"An unexpected error occurred\",\n },\n ],\n };\n }\n\n return {\n data: null,\n errors: parseErrors(error),\n status: res?.status,\n statusText: res?.statusText,\n };\n }\n };\n return requestFn;\n}\n\nfunction parseErrors(data: unknown): TernSecureAPIError[] {\n if (!!data && typeof data === \"object\" && \"errors\" in data) {\n const errors = data.errors as TernSecureApiErrorJSON[];\n return errors.length > 0 ? errors.map(parseError) : [];\n }\n return [];\n}\n\nexport function parseError(error: TernSecureApiErrorJSON): TernSecureAPIError {\n return {\n code: error.code,\n message: error.message,\n };\n}\n","import { EmailApi, PasswordApi, SignInTokenApi, SignUpApi, TokenApi } from './endpoints';\nimport { createRequest } from './request';\n\nexport type CreateFireApiOptions = Parameters<typeof createRequest>[0];\nexport type ApiClient = ReturnType<typeof createFireApi>;\n\nexport function createFireApi(options: CreateFireApiOptions) {\n const request = createRequest(options);\n return {\n email: new EmailApi(request),\n password: new PasswordApi(request),\n signIn: new SignInTokenApi(request),\n signUp: new SignUpApi(request),\n tokens: new TokenApi(request),\n };\n}\n","import { getCookieName, getCookiePrefix } from '@tern-secure/shared/cookie';\n\nimport { constants } from '../constants';\nimport type { ApiClient } from '../fireRestApi';\nimport type { TokenCarrier } from '../utils/errors';\nimport { TokenVerificationError, TokenVerificationErrorReason } from '../utils/errors';\nimport {\n type buildTimeOptions,\n mergePreDefinedOptions,\n type RuntimeOptions,\n} from '../utils/options';\nimport type { RequestState, SignedInState, SignedOutState } from './authstate';\nimport { AuthErrorReason, signedIn, signedOut } from './authstate';\nimport type { AuthenticateRequestOptions } from './types';\nimport { verifyToken } from './verify';\n\nconst BEARER_PREFIX = 'Bearer ';\n\n\nfunction extractTokenFromHeader(request: Request): string | null {\n const authHeader = request.headers.get('Authorization');\n\n if (!authHeader || !authHeader.startsWith(BEARER_PREFIX)) {\n return null;\n }\n\n return authHeader.slice(BEARER_PREFIX.length);\n}\n\nfunction extractTokenFromCookie(request: Request): string | null {\n const cookieHeader = request.headers.get('Cookie') || undefined;\n\n if (!cookieHeader) {\n return null;\n }\n\n const cookiePrefix = getCookiePrefix();\n const idTokenCookieName = getCookieName(\n constants.Cookies.IdToken,\n cookiePrefix,\n );\n\n const cookies = cookieHeader.split(';').reduce(\n (acc, cookie) => {\n const [name, value] = cookie.trim().split('=');\n acc[name] = value;\n return acc;\n },\n {} as Record<string, string>,\n );\n\n return idTokenCookieName || null;\n}\n\nfunction hasAuthorizationHeader(request: Request): boolean {\n return request.headers.has('Authorization');\n}\n\nfunction isRequestForRefresh(error: TokenVerificationError, request: Request) {\n return (\n error.reason === TokenVerificationErrorReason.TokenExpired &&\n request.method === 'GET'\n );\n}\n\nexport async function authenticateRequest(\n request: Request,\n options: AuthenticateRequestOptions,\n): Promise<RequestState> {\n\n async function refreshToken() {\n try {\n const response = await options.apiClient?.tokens.refreshToken(options.firebaseConfig?.apiKey || '' , {\n format: 'cookie',\n refresh_token: '',\n expired_token: '',\n request_origin: options.apiUrl || '',\n })\n } catch (error) {\n console.error('Error refreshing token:', error);\n }\n }\n async function authenticateRequestWithTokenInCookie() {\n const token = extractTokenFromCookie(request);\n if (!token) {\n return signedOut(AuthErrorReason.SessionTokenMissing);\n }\n try {\n const { data, errors } = await verifyToken(token, options);\n\n if (errors) {\n throw errors[0];\n }\n\n const signedInRequestState = signedIn(data, undefined, token);\n return signedInRequestState;\n } catch (err) {\n return handleError(err, 'cookie');\n }\n }\n\n async function authenticateRequestWithTokenInHeader() {\n const token = extractTokenFromHeader(request);\n if (!token) {\n return signedOut(AuthErrorReason.SessionTokenMissing, '');\n }\n try {\n const { data, errors } = await verifyToken(token, options);\n\n if (errors) {\n throw errors[0];\n }\n\n const signedInRequestState = signedIn(data, undefined, token);\n return signedInRequestState;\n } catch (err) {\n return handleError(err, 'header');\n }\n }\n\n async function handleError(\n err: unknown,\n tokenCarrier: TokenCarrier,\n ): Promise<SignedInState | SignedOutState> {\n if (!(err instanceof TokenVerificationError)) {\n return signedOut(AuthErrorReason.UnexpectedError);\n }\n let refreshError: string | null;\n\n err.tokenCarrier = tokenCarrier;\n\n return signedOut(err.reason, err.getFullMessage());\n }\n\n if (hasAuthorizationHeader(request)) {\n return authenticateRequestWithTokenInHeader();\n }\n\n return authenticateRequestWithTokenInCookie();\n}\n\n/**\n * @internal\n */\nexport type CreateAuthenticateRequestOptions = {\n options: buildTimeOptions;\n apiClient: ApiClient;\n};\n\nexport function createAuthenticateRequest(params: CreateAuthenticateRequestOptions) {\n const buildTimeOptions = mergePreDefinedOptions(params.options);\n const apiClient = params.apiClient;\n\n const handleAuthenticateRequest = (request: Request, options: RuntimeOptions = {}) => {\n const { apiUrl } = buildTimeOptions;\n return authenticateRequest(request, { ...options, apiUrl, apiClient });\n };\n\n return {\n authenticateRequest: handleAuthenticateRequest,\n };\n}\n","import type {RequestOptions } from \"../tokens/types\";\n\nexport type RuntimeOptions = Omit<RequestOptions, \"apiUrl\">;\n\nexport type buildTimeOptions = Partial<Pick<RequestOptions, \"apiKey\" |\"apiUrl\" | \"apiVersion\">>;\n\nconst defaultOptions: buildTimeOptions = {\n apiKey: undefined,\n apiUrl: undefined,\n apiVersion: undefined,\n};\n\nexport function mergePreDefinedOptions(\n userOptions: buildTimeOptions = {}\n): buildTimeOptions {\n return {\n ...defaultOptions,\n ...userOptions,\n };\n}","import type { ApiClient,CreateFireApiOptions} from \"../fireRestApi\";\r\nimport { createFireApi } from \"../fireRestApi\";\r\nimport type { RequestState } from \"../tokens/authstate\";\r\nimport type { CreateAuthenticateRequestOptions } from \"../tokens/request\";\r\nimport { createAuthenticateRequest } from \"../tokens/request\";\r\nimport type {\r\n TernSecureRequest,\r\n} from \"../tokens/ternSecureRequest\";\r\n\r\nexport type TernSecureBackendOptions = CreateFireApiOptions & CreateAuthenticateRequestOptions['options'];\r\n\r\nexport type TernSecureBackendClient = ApiClient & ReturnType<typeof createAuthenticateRequest>;\r\n\r\nexport interface BackendInstance {\r\n ternSecureRequest: TernSecureRequest;\r\n requestState: RequestState;\r\n}\r\n\r\nexport function createBackendInstanceClient(options: TernSecureBackendOptions): TernSecureBackendClient {\r\n const opts = { ...options };\r\n const apiClient = createFireApi(opts);\r\n const requestState = createAuthenticateRequest({options: opts, apiClient});\r\n\r\n return {\r\n ...apiClient,\r\n ...requestState,\r\n };\r\n}\r\n","import type { RequestState } from './authstate';\nimport { AuthErrorReason, signedIn, signedOut } from './authstate';\nimport type { AuthenticateFireRequestOptions, } from './types';\nimport { verifyToken } from './verify';\n\ntype RuntimeOptions = Omit<AuthenticateFireRequestOptions, 'firebaseConfig'>;\n\ntype FirebaseOptions = Partial<Pick<AuthenticateFireRequestOptions, 'firebaseConfig'>>;\n\nconst defaultFirebaseOptions = {\n apiKey: '',\n authDomain: '',\n projectId: '',\n tenantId: undefined,\n} as FirebaseOptions;\n\nexport function mergePreDefinedOptions<T extends Record<string, any>>(\n preDefinedOptions: T,\n options: Partial<T>,\n): T {\n return Object.keys(preDefinedOptions).reduce(\n (obj: T, key: string) => {\n return { ...obj, [key]: options[key] || obj[key] };\n },\n { ...preDefinedOptions },\n );\n}\n\nconst BEARER_PREFIX = 'Bearer ';\nconst AUTH_COOKIE_NAME = '_session_cookie';\n\nfunction extractTokenFromHeader(request: Request): string | null {\n const authHeader = request.headers.get('Authorization');\n\n if (!authHeader || !authHeader.startsWith(BEARER_PREFIX)) {\n return null;\n }\n\n return authHeader.slice(BEARER_PREFIX.length);\n}\n\nfunction extractTokenFromCookie(request: Request): string | null {\n const cookieHeader = request.headers.get('Cookie') || undefined;\n\n if (!cookieHeader) {\n return null;\n }\n\n const cookies = cookieHeader.split(';').reduce(\n (acc, cookie) => {\n const [name, value] = cookie.trim().split('=');\n acc[name] = value;\n return acc;\n },\n {} as Record<string, string>,\n );\n\n return cookies[AUTH_COOKIE_NAME] || null;\n}\n\nfunction hasAuthorizationHeader(request: Request): boolean {\n return request.headers.has('Authorization');\n}\n\nexport async function authenticateRequest(\n request: Request,\n options: AuthenticateFireRequestOptions,\n): Promise<RequestState> {\n async function authenticateRequestWithTokenInCookie() {\n const token = extractTokenFromCookie(request);\n if (!token) {\n return signedOut(AuthErrorReason.SessionTokenMissing);\n }\n const { data, errors } = await verifyToken(token, options);\n\n if (errors) {\n throw errors[0];\n }\n\n const signedInRequestState = signedIn(data, undefined, token);\n return signedInRequestState;\n }\n\n async function authenticateRequestWithTokenInHeader() {\n const token = extractTokenFromHeader(request);\n if (!token) {\n return signedOut(AuthErrorReason.SessionTokenMissing);\n }\n\n const { data, errors } = await verifyToken(token, options);\n\n if (errors) {\n throw errors[0];\n }\n\n const signedInRequestState = signedIn(data, undefined, token);\n return signedInRequestState;\n }\n\n if (hasAuthorizationHeader(request)) {\n return authenticateRequestWithTokenInHeader();\n }\n\n return authenticateRequestWithTokenInCookie();\n}\n\n/**\n * @internal\n */\nexport type CreateFireAuthenticateRequestOptions = {\n options: FirebaseOptions;\n};\n\nexport function createFireAuthenticateRequest(params: CreateFireAuthenticateRequestOptions) {\n const buildTimeOptions = mergePreDefinedOptions(defaultFirebaseOptions, params.options);\n\n const handleAuthenticateRequest = (request: Request, options: RuntimeOptions = {}) => {\n const runtimeOptions = { ...buildTimeOptions, ...options };\n return authenticateRequest(request, runtimeOptions);\n };\n\n return {\n authenticateRequest: handleAuthenticateRequest,\n };\n}\n","import type { ApiClient, CreateFireApiOptions } from '../fireRestApi';\nimport { createFireApi } from '../fireRestApi';\nimport type { CreateFireAuthenticateRequestOptions } from '../tokens/requestFire';\nimport { createFireAuthenticateRequest } from '../tokens/requestFire';\n\nexport type TernSecureFireOptions = CreateFireApiOptions &\n CreateFireAuthenticateRequestOptions['options'];\n\nexport type TernSecureFireClient = ApiClient & ReturnType<typeof createFireAuthenticateRequest>;\n\nexport function createFireClient(options: TernSecureFireOptions): TernSecureFireClient {\n const opts = { ...options };\n const apiClient = createFireApi(opts);\n const requestState = createFireAuthenticateRequest({ options: opts });\n\n return {\n ...apiClient,\n ...requestState,\n };\n}\n","export enum LogLevel {\n ERROR = 0,\n WARN = 1,\n INFO = 2,\n DEBUG = 3,\n}\n\nexport interface LoggerOptions {\n enabled: boolean\n level: LogLevel\n prefix: string\n}\n\nexport class Logger {\n private options: LoggerOptions\n\n constructor(options: Partial<LoggerOptions> = {}) {\n this.options = {\n enabled: false,\n level: LogLevel.INFO,\n prefix: '[TernSecure-Backend]',\n ...options,\n }\n }\n\n enable(): void {\n this.options.enabled = true\n }\n\n disable(): void {\n this.options.enabled = false\n }\n\n setLevel(level: LogLevel): void {\n this.options.level = level\n }\n\n setPrefix(prefix: string): void {\n this.options.prefix = prefix\n }\n\n private log(level: LogLevel, levelName: string, message: string, ...args: any[]): void {\n if (!this.options.enabled || level > this.options.level) {\n return\n }\n\n const timestamp = new Date().toISOString()\n const formattedMessage = `${timestamp} ${this.options.prefix} [${levelName}] ${message}`\n \n switch (level) {\n case LogLevel.ERROR:\n console.error(formattedMessage, ...args)\n break\n case LogLevel.WARN:\n console.warn(formattedMessage, ...args)\n break\n case LogLevel.INFO:\n console.info(formattedMessage, ...args)\n break\n case LogLevel.DEBUG:\n console.debug(formattedMessage, ...args)\n break\n }\n }\n\n error(message: string, ...args: any[]): void {\n this.log(LogLevel.ERROR, 'ERROR', message, ...args)\n }\n\n warn(message: string, ...args: any[]): void {\n this.log(LogLevel.WARN, 'WARN', message, ...args)\n }\n\n info(message: string, ...args: any[]): void {\n this.log(LogLevel.INFO, 'INFO', message, ...args)\n }\n\n debug(message: string, ...args: any[]): void {\n this.log(LogLevel.DEBUG, 'DEBUG', message, ...args)\n }\n}\n\nexport const createLogger = (options?: Partial<LoggerOptions>): Logger => {\n return new Logger(options)\n}\n\nexport const redisLogger = createLogger({ prefix: '[TernSecure-Redis]' })\nexport const authLogger = createLogger({ prefix: '[TernSecure-Auth]' })","import { authLogger, LogLevel,redisLogger } from \"./logger\"\n\nexport function enableDebugLogging(): void {\n authLogger.enable()\n authLogger.setLevel(LogLevel.DEBUG)\n \n redisLogger.enable()\n redisLogger.setLevel(LogLevel.DEBUG)\n}\n\nexport function disableDebugLogging(): void {\n authLogger.disable()\n redisLogger.disable()\n}\n\nexport function setLogLevel(level: LogLevel): void {\n authLogger.setLevel(level)\n redisLogger.setLevel(level)\n}","import { authLogger } from \"../utils/logger\";\nimport type { DisabledUserAdapter, DisabledUserRecord, PostgresConfig } from \"./types\";\n\nexport class PostgresAdapter implements DisabledUserAdapter {\n private config: PostgresConfig;\n private tableName: string;\n\n constructor(config: PostgresConfig) {\n this.config = config;\n this.tableName = config.table || 'disabled_users';\n }\n\n getDisabledUser = async(uid: string): Promise<DisabledUserRecord | null> => {\n try {\n // For edge runtime, we'll use fetch to call a REST API endpoint\n // This avoids the need for full postgres client libraries in edge\n const response = await fetch(this.config.url, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n 'Authorization': `Bearer ${this.config.token}`,\n },\n body: JSON.stringify({\n query: `SELECT uid, email, disabled_time as \"disabledTime\" FROM ${this.tableName} WHERE uid = $1`,\n params: [uid],\n }),\n });\n\n if (!response.ok) {\n throw new Error(`HTTP error! status: ${response.status}`);\n }\n\n const result = await response.json();\n \n if (result.rows && result.rows.length > 0) {\n const row = result.rows[0];\n const disabledUser: DisabledUserRecord = {\n uid: row.uid,\n email: row.email,\n disabledTime: row.disabledTime,\n };\n \n authLogger.debug(`Found disabled user: ${uid}`);\n return disabledUser;\n }\n\n authLogger.debug(`No disabled user found: ${uid}`);\n return null;\n } catch (error) {\n authLogger.error('Failed to fetch disabled user from Postgres:', error);\n return null;\n }\n }\n}","import { Redis } from \"@upstash/redis\";\n\nimport { authLogger } from \"../utils/logger\";\nimport type {\n DisabledUserAdapter,\n DisabledUserRecord,\n RedisConfig,\n} from \"./types\";\n\ninterface CacheEntry<T> {\n value: T;\n expiresAt: number;\n}\n\nclass TTLCache<T> {\n private cache = new Map<string, CacheEntry<T>>();\n private readonly defaultTTL: number;\n\n constructor(defaultTTLMs: number = 60000) {\n this.defaultTTL = defaultTTLMs;\n }\n\n set(key: string, value: T, ttlMs?: number): void {\n const expiresAt = Date.now() + (ttlMs ?? this.defaultTTL);\n this.cache.set(key, { value, expiresAt });\n console.log(`TTLCache.set: key=${key}, value=${JSON.stringify(value)}, expiresAt=${expiresAt}, cacheSize=${this.cache.size}`);\n }\n\n private getEntry(key: string): CacheEntry<T> | undefined {\n const entry = this.cache.get(key);\n if (!entry) return undefined;\n\n const now = Date.now();\n if (now > entry.expiresAt) {\n console.log(`TTLCache: key=${key} expired (now=${now}, expiresAt=${entry.expiresAt})`);\n this.cache.delete(key);\n return undefined;\n }\n\n return entry;\n }\n\n get(key: string): T | undefined {\n const entry = this.getEntry(key);\n const hasEntry = entry !== undefined;\n const cacheHasKey = this.cache.has(key);\n const rawEntry = this.cache.get(key);\n \n console.log(`TTLCache.get: key=${key}, hasEntry=${hasEntry}, cacheHasKey=${cacheHasKey}`);\n console.log(`TTLCache.get: rawEntry=${JSON.stringify(rawEntry)}, entry=${JSON.stringify(entry)}`);\n \n if (!entry) {\n console.log(`TTLCache.get: no entry found for key=${key}, returning undefined`);\n return undefined;\n }\n\n console.log(`TTLCache.get: returning value=${JSON.stringify(entry.value)} for key=${key}`);\n return entry.value;\n }\n\n\n delete(key: string): boolean {\n return this.cache.delete(key);\n }\n\n clear(): void {\n this.cache.clear();\n }\n\n cleanup(): void {\n const now = Date.now();\n for (const [key, entry] of this.cache.entries()) {\n if (now > entry.expiresAt) {\n this.cache.delete(key);\n }\n }\n }\n}\n\nexport class RedisAdapter implements DisabledUserAdapter {\n private redis: Redis;\n private cache: TTLCache<DisabledUserRecord | null>;\n private keyPrefix: string;\n\n constructor(config: RedisConfig) {\n this.redis = new Redis({\n url: config.url,\n token: config.token,\n });\n\n this.keyPrefix = config.keyPrefix || \"disabled_user:\";\n const cacheTTL = config.ttl || 30000; // Default 30 seconds\n this.cache = new TTLCache<DisabledUserRecord | null>(cacheTTL);\n\n setInterval(() => this.cache.cleanup(), 5 * 60 * 1000);\n }\n\n getDisabledUser = async (uid: string): Promise<DisabledUserRecord | null> => {\n const cacheKey = `${this.keyPrefix}${uid}`;\n \n authLogger.debug(`RedisAdapter: Checking cache for key: ${cacheKey}`);\n \n // Try to get from cache first\n const cachedResult = this.cache.get(cacheKey);\n authLogger.debug(`RedisAdapter: Cache get result for ${cacheKey}:`, {\n cachedResult: JSON.stringify(cachedResult),\n isUndefined: cachedResult === undefined,\n type: typeof cachedResult\n });\n \n if (cachedResult !== undefined) {\n authLogger.debug(`Cache hit for disabled user: ${uid}`, { \n cacheKey,\n cachedResult: JSON.stringify(cachedResult)\n });\n return cachedResult;\n }\n\n authLogger.debug(\n `Cache miss for disabled user: ${uid}, fetching from Redis with key: ${cacheKey}`\n );\n\n try {\n const disabledUser: DisabledUserRecord | null =\n await this.redis.get(cacheKey);\n\n authLogger.debug(`Redis returned for key ${cacheKey}:`, { \n disabledUser: JSON.stringify(disabledUser),\n type: typeof disabledUser\n });\n\n // Cache the result (including null values to prevent repeated Redis calls)\n this.cache.set(cacheKey, disabledUser);\n \n authLogger.debug(`Cached disabled user result for: ${uid}`, {\n cacheKey,\n isDisabled: !!disabledUser,\n cachedValue: JSON.stringify(disabledUser)\n });\n\n return disabledUser;\n } catch (error) {\n authLogger.error(\"Failed to fetch disabled user from Redis:\", error);\n return null;\n }\n };\n\n invalidateCache(uid: string): void {\n const cacheKey = `${this.keyPrefix}${uid}`;\n this.cache.delete(cacheKey);\n }\n}\n","import { PostgresAdapter } from \"./PostgresAdapter\";\nimport { RedisAdapter } from \"./RedisAdapter\";\nimport type { AdapterConfiguration,DisabledUserAdapter } from \"./types\";\n\nexport function createAdapter(\n config: AdapterConfiguration\n): DisabledUserAdapter {\n switch (config.type) {\n case \"redis\":\n return new RedisAdapter(config.config as any);\n case \"postgres\":\n return new PostgresAdapter(config.config as any);\n default:\n throw new Error(`Unsupported adapter type: ${(config as any).type}`);\n }\n}\n\nexport function validateCheckRevokedOptions(options?: {\n enabled: boolean;\n adapter?: AdapterConfiguration;\n}): { isValid: boolean; error?: string } {\n if (options?.enabled && !options.adapter) {\n return {\n isValid: false,\n error: \"When checkRevoked.enabled is true, an adapter must be provided\",\n };\n }\n return { isValid: true };\n}\n\n\nexport { RedisAdapter } from './RedisAdapter';\nexport { PostgresAdapter } from './PostgresAdapter';\nexport type {\n DisabledUserAdapter,\n DisabledUserRecord,\n AdapterConfig,\n RedisConfig,\n PostgresConfig,\n AdapterType,\n AdapterConfiguration,\n CheckRevokedOptions,\n} from './types';\n"],"mappings":";;;;;;;;;;;;;AAQO,IAAM,aAAa;AAAA,EACxB,UAAU;AAAA,EACV,WAAW;AACb;AAIO,IAAM,kBAAkB;AAAA,EAC7B,2BAA2B;AAAA,EAC3B,qBAAqB;AAAA,EACrB,qBAAqB;AAAA,EACrB,gCAAgC;AAAA,EAChC,iBAAiB;AAAA,EACjB,4BAA4B;AAAA,EAC5B,4BAA4B;AAAA,EAC5B,iBAAiB;AACnB;AAgDA,SAAS,uBACP,gBACqC;AACrC,SAAO,CAAC,wBAA6B;AACnC,QACE,CAAC,uBACD,OAAO,wBAAwB,YAC/B,MAAM,QAAQ,mBAAmB,GACjC;AACA,aAAO;AAAA,IACT;AACA,UAAM,SAAS;AAEf,WAAO,OAAO,QAAQ,mBAAmB,EAAE,MAAM,CAAC,CAAC,KAAK,KAAK,MAAM;AACjE,YAAM,aAAa,OAAO,GAAG;AAC7B,UAAI,OAAO,eAAe,aAAa;AACrC,eAAO;AAAA,MACT;AACA,UAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,YAAI,MAAM,QAAQ,UAAU,GAAG;AAC7B,iBAAO,MAAM,KAAK,OAAK,WAAW,SAAS,CAAC,CAAC;AAAA,QAC/C;AACA,eAAO,MAAM,SAAS,UAAU;AAAA,MAClC;AAEA,UAAI,MAAM,QAAQ,UAAU,GAAG;AAC7B,eAAO,WAAW,SAAS,KAAK;AAAA,MAClC;AACA,aAAO,eAAe;AAAA,IACxB,CAAC;AAAA,EACH;AACF;AAEO,SAAS,mBACd,cACA,eACoB;AACpB,QAAM,iBAAiB,8BAA8B,aAAa;AAClE,SAAO;AAAA,IACL,eAAe;AAAA,MACb,GAAG;AAAA,IACL;AAAA,IACA,QAAQ,eAAe;AAAA,IACvB,OAAO;AAAA,IACP,SAAS,uBAAuB,cAAc;AAAA,IAC9C,OAAO;AAAA,EACT;AACF;AAEO,SAAS,sBAA2C;AACzD,SAAO;AAAA,IACL,eAAe;AAAA,IACf,QAAQ;AAAA,IACR,SAAS,MAAM;AAAA,IACf,OAAO;AAAA,EACT;AACF;AAEO,SAAS,SACd,eACA,UAAmB,IAAI,QAAQ,GAC/B,OACe;AACf,QAAM,aAAa,mBAAmB,OAAO,aAAa;AAC1D,SAAO;AAAA,IACL,QAAQ,WAAW;AAAA,IACnB,QAAQ;AAAA,IACR,YAAY;AAAA,IACZ,MAAM,MAAM;AAAA,IACZ;AAAA,IACA;AAAA,EACF;AACF;AAEO,SAAS,UACd,QACA,UAAU,IACV,UAAmB,IAAI,QAAQ,GACf;AAChB,SAAO,gBAAgB;AAAA,IACrB,QAAQ,WAAW;AAAA,IACnB;AAAA,IACA;AAAA,IACA,YAAY;AAAA,IACZ,MAAM,MAAM,oBAAoB;AAAA,IAChC,OAAO;AAAA,IACP;AAAA,EACF,CAAC;AACH;AAEA,IAAM,kBAAkB,CAAyB,iBAAuB;AACtE,QAAM,UAAU,IAAI,QAAQ,aAAa,WAAW,CAAC,CAAC;AACtD,MAAI,aAAa,QAAQ;AACvB,QAAI;AACF,cAAQ,IAAI,UAAU,QAAQ,YAAY,aAAa,MAAM;AAAA,IAC/D,QAAQ;AAAA,IAER;AAAA,EACF;AAEA,MAAI,aAAa,QAAQ;AACvB,QAAI;AACF,cAAQ,IAAI,UAAU,QAAQ,YAAY,aAAa,MAAM;AAAA,IAC/D,QAAQ;AAAA,IAER;AAAA,EACF;AACA,eAAa,UAAU;AACvB,SAAO;AACT;;;ACnLO,IAAe,cAAf,MAA2B;AAAA,EAChC,YAAsB,SAA0B;AAA1B;AAAA,EAA2B;AAAA,EAEvC,cAAc,QAAgB;AACtC,QAAI,CAAC,QAAQ;AACX,YAAM,IAAI,MAAM,8BAA8B;AAAA,IAChD;AAAA,EACF;AACF;;;ACGO,IAAM,WAAN,cAAuB,YAAY;AAAA,EACxC,MAAa,wBAAwB,QAAgB,QAAqC;AACxF,SAAK,cAAc,MAAM;AACzB,UAAM,EAAE,GAAG,WAAW,IAAI;AAC1B,WAAO,KAAK,QAAQ;AAAA,MAClB,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,YAAY;AAAA,IACd,CAAC;AAAA,EACH;AAAA,EAEA,MAAa,yBAAyB,QAAgB,QAAwC;AAC5F,SAAK,cAAc,MAAM;AACzB,UAAM,EAAE,GAAG,WAAW,IAAI;AAC1B,WAAO,KAAK,QAAQ;AAAA,MAClB,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,YAAY;AAAA,IACd,CAAC;AAAA,EACH;AACF;;;ACfO,IAAM,cAAN,cAA0B,YAAY;AAAA,EAC3C,MAAa,wBAAwB,QAAgB,QAAuC;AAC1F,SAAK,cAAc,MAAM;AACzB,UAAM,EAAE,GAAG,WAAW,IAAI;AAC1B,WAAO,KAAK,QAAQ;AAAA,MAClB,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,YAAY;AAAA,IACd,CAAC;AAAA,EACH;AAAA,EAEA,MAAa,qBAAqB,QAAgB,QAAoC;AACpF,SAAK,cAAc,MAAM;AACzB,UAAM,EAAE,GAAG,WAAW,IAAI;AAC1B,WAAO,KAAK,QAAQ;AAAA,MAClB,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,YAAY;AAAA,IACd,CAAC;AAAA,EACH;AAAA,EAEE,MAAa,eAAe,QAAgB,QAA8B;AAC1E,SAAK,cAAc,MAAM;AACzB,UAAM,EAAE,GAAG,WAAW,IAAI;AAC1B,WAAO,KAAK,QAAQ;AAAA,MAClB,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,YAAY;AAAA,IACd,CAAC;AAAA,EACH;AACF;;;ACvCO,IAAM,iBAAN,cAA6B,YAAY;AAAA,EAC9C,MAAa,kBACX,QACA,QAC6B;AAC7B,QAAI;AACF,WAAK,cAAc,MAAM;AACzB,YAAM,EAAE,GAAG,WAAW,IAAI;AAE1B,YAAM,WAAW,MAAM,KAAK,QAA4B;AAAA,QACtD,UAAU;AAAA,QACV,QAAQ;AAAA,QACR,YAAY;AAAA,MACd,CAAC;AAED,UAAI,SAAS,QAAQ;AACnB,cAAM,eAAe,SAAS,OAAO,CAAC,GAAG,WAAW;AACpD,cAAM,IAAI,MAAM,YAAY;AAAA,MAC9B;AAEA,aAAO,SAAS;AAAA,IAClB,SAAS,OAAO;AACd,YAAM,oBAAoB,kCAAkC,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AACpH,YAAM,IAAI,MAAM,iBAAiB;AAAA,IACnC;AAAA,EACF;AACF;;;ACzBO,IAAM,YAAN,cAAwB,YAAY;AAAA,EACzC,MAAa,kBAAkB,QAAgB,QAAiC;AAC9E,SAAK,cAAc,MAAM;AACzB,UAAM,EAAE,GAAG,WAAW,IAAI;AAC1B,WAAO,KAAK,QAAQ;AAAA,MAClB,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,YAAY;AAAA,IACd,CAAC;AAAA,EACH;AAEF;;;ACGO,IAAM,WAAN,cAAuB,YAAY;AAAA,EACxC,MAAa,aAAa,QAAgB,QAA4B;AACpE,SAAK,cAAc,MAAM;AACzB,UAAM,EAAE,GAAG,WAAW,IAAI;AAC1B,WAAO,KAAK,QAAQ;AAAA,MAClB,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,YAAY;AAAA,IACd,CAAC;AAAA,EACH;AAAA,EAEA,MAAa,oCACX,QACA,QAC6B;AAC7B,QAAI;AACF,WAAK,cAAc,MAAM;AACzB,YAAM,EAAE,GAAG,WAAW,IAAI;AAE1B,YAAM,WAAW,MAAM,KAAK,QAA4B;AAAA,QACtD,UAAU;AAAA,QACV,QAAQ;AAAA,QACR;AAAA,QACA,YAAY;AAAA,MACd,CAAC;AAED,UAAI,SAAS,QAAQ;AACnB,cAAM,eAAe,SAAS,OAAO,CAAC,GAAG,WAAW;AACpD,gBAAQ,MAAM,4DAA4D,SAAS,MAAM;AACzF,cAAM,IAAI,MAAM,YAAY;AAAA,MAC9B;AAEA,aAAO,SAAS;AAAA,IAClB,SAAS,OAAO;AACd,YAAM,oBAAoB,kCAAkC,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AACpH,YAAM,IAAI,MAAM,iBAAiB;AAAA,IACnC;AAAA,EACF;AAEF;;;AChDA,SAAS,aAAa,cAAc;AAmBpC,IAAM,cAAc,MAAM,KAAK,UAAU;AAElC,IAAM,UAAmB;AAAA,EAC9B;AAAA,EACA,IAAI,QAAQ;AAEV,WAAO,QAAQ,IAAI,aAAa,SAAS,QAAQ;AAAA,EACnD;AAAA,EACA,iBAAiB,WAAW;AAAA,EAC5B,MAAM,WAAW;AAAA,EACjB,UAAU,WAAW;AAAA,EACrB,SAAS,WAAW;AAAA,EACpB,SAAS,WAAW;AAAA,EACpB,UAAU,WAAW;AACvB;;;AChDO,IAAM,8BAA8B,QAAQ,IAAI;AAEhD,SAAS,eAAmC;AACjD,MAAI,OAAO,YAAY,YAAa,QAAO;AAC3C,SAAO;AACT;AAEO,SAAS,cAAuB;AACrC,SAAO,CAAC,CAAC,aAAa;AACxB;;;ACPO,IAAM,0BAA0B,CAAC,WAAmB;AACzD,SAAO,mDAAmD,MAAM;AAClE;AAEO,IAAM,qBAAqB,CAAC,WAAmB;AACpD,SAAO,6EAA6E,MAAM;AAC5F;AAEO,IAAM,iBAAiB,CAAC,WAAmB;AAChD,SAAO,iEAAiE,MAAM;AAChF;AAEO,IAAM,yBAAyB,CAAC,WAAmB;AACxD,MAAI,YAAY,KAAK,6BAA6B;AAChD,QAAI,WAAW;AACf,QAAI,4BAA4B,WAAW,SAAS,GAAG;AACrD,iBAAW;AAAA,IACb;AAEA,WAAO,GAAG,QAAQ,GAAG,2BAA2B,yEAAyE,MAAM;AAAA,EACjI;AACA,SAAO,gFAAgF,MAAM;AAC/F;AAEO,IAAM,wBAAwB,CAAC,WAAmB;AACvD,SAAO,wEAAwE,MAAM;AACvF;;;AC6BA,IAAM,wBAA8E;AAAA,EAClF,cAAc;AAAA,EACd;AAAA,EACA,QAAQ;AAAA,EACR,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,aAAa;AACf;AAGO,SAAS,cAAc,SAA+B;AAC3D,QAAM,YAAY,OAChB,mBACmC;AACnC,UAAM,EAAE,UAAU,QAAQ,QAAQ,aAAa,cAAc,YAAY,SAAS,IAChF;AAEF,QAAI,CAAC,QAAQ;AACX,aAAO;AAAA,QACL,MAAM;AAAA,QACN,QAAQ;AAAA,UACN;AAAA,YACE,MAAM;AAAA,YACN,SAAS;AAAA,UACX;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAEA,UAAM,cAAc,sBAAsB,QAAQ,EAAE,MAAM;AAC1D,UAAM,WAAW,IAAI,IAAI,WAAW;AACpC,YAAQ,IAAI,iBAAiB,WAAW;AAExC,YAAQ,IAAI,mBAAmB,SAAS,IAAI;AAC5C,YAAQ,IAAI,cAAc,QAAQ;AAClC,YAAQ,IAAI,WAAW,MAAM;AAE7B,QAAI,aAAa;AACf,aAAO,QAAQ,WAAW,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM;AACpD,YAAI,OAAO;AACT,WAAC,KAAK,EAAE,KAAK,EAAE,QAAQ,OAAK,SAAS,aAAa,OAAO,KAAK,CAAW,CAAC;AAAA,QAC5E;AAAA,MACF,CAAC;AAAA,IACH;AAEA,UAAM,UAA+B;AAAA,MACnC,GAAG;AAAA,IACL;AACA,QAAI;AAEJ,QAAI;AACF,UAAI,UAAU;AACZ,cAAM,MAAM,QAAQ,MAAM,SAAS,MAAM;AAAA,UACvC;AAAA,UACA;AAAA,UACA,MAAM;AAAA,QACR,CAAC;AAAA,MACH,OAAO;AACL,gBAAQ,cAAc,IAAI;AAC1B,cAAM,UACJ,WAAW,SAAS,cAAc,OAAO,KAAK,UAAU,EAAE,SAAS;AACrE,cAAM,OAAO,UAAU,EAAE,MAAM,KAAK,UAAU,UAAU,EAAE,IAAI;AAE9D,cAAM,MAAM,QAAQ,MAAM,SAAS,MAAM;AAAA,UACvC;AAAA,UACA;AAAA,UACA,GAAG;AAAA,QACL,CAAC;AAAA,MACH;AAEA,YAAM,iBACJ,KAAK,WACL,IAAI,SAAS,IAAI,UAAU,QAAQ,WAAW,MAC5C,UAAU,aAAa;AAC3B,YAAM,eAAe,OAAO,iBAAiB,IAAI,KAAK,IAAI,IAAI,KAAK;AAEnE,UAAI,CAAC,IAAI,IAAI;AACX,eAAO;AAAA,UACL,MAAM;AAAA,UACN,QAAQ,YAAY,YAAY;AAAA,UAChC,QAAQ,KAAK;AAAA,UACb,YAAY,KAAK;AAAA,QACnB;AAAA,MACF;AAEA,aAAO;AAAA,QACL,MAAM;AAAA,QACN,QAAQ;AAAA,MACV;AAAA,IACF,SAAS,OAAO;AACd,UAAI,iBAAiB,OAAO;AAC1B,eAAO;AAAA,UACL,MAAM;AAAA,UACN,QAAQ;AAAA,YACN;AAAA,cACE,MAAM;AAAA,cACN,SAAS,MAAM,WAAW;AAAA,YAC5B;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAEA,aAAO;AAAA,QACL,MAAM;AAAA,QACN,QAAQ,YAAY,KAAK;AAAA,QACzB,QAAQ,KAAK;AAAA,QACb,YAAY,KAAK;AAAA,MACnB;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,YAAY,MAAqC;AACxD,MAAI,CAAC,CAAC,QAAQ,OAAO,SAAS,YAAY,YAAY,MAAM;AAC1D,UAAM,SAAS,KAAK;AACpB,WAAO,OAAO,SAAS,IAAI,OAAO,IAAI,UAAU,IAAI,CAAC;AAAA,EACvD;AACA,SAAO,CAAC;AACV;AAEO,SAAS,WAAW,OAAmD;AAC5E,SAAO;AAAA,IACL,MAAM,MAAM;AAAA,IACZ,SAAS,MAAM;AAAA,EACjB;AACF;;;ACjLO,SAAS,cAAc,SAA+B;AAC3D,QAAM,UAAU,cAAc,OAAO;AACrC,SAAO;AAAA,IACL,OAAO,IAAI,SAAS,OAAO;AAAA,IAC3B,UAAU,IAAI,YAAY,OAAO;AAAA,IACjC,QAAQ,IAAI,eAAe,OAAO;AAAA,IAClC,QAAQ,IAAI,UAAU,OAAO;AAAA,IAC7B,QAAQ,IAAI,SAAS,OAAO;AAAA,EAC9B;AACF;;;ACfA,SAAS,eAAe,uBAAuB;;;ACM/C,IAAM,iBAAmC;AAAA,EACvC,QAAQ;AAAA,EACR,QAAQ;AAAA,EACR,YAAY;AACd;AAEO,SAAS,uBACd,cAAgC,CAAC,GACf;AAClB,SAAO;AAAA,IACL,GAAG;AAAA,IACH,GAAG;AAAA,EACL;AACF;;;ADHA,IAAM,gBAAgB;AAGtB,SAAS,uBAAuB,SAAiC;AAC/D,QAAM,aAAa,QAAQ,QAAQ,IAAI,eAAe;AAEtD,MAAI,CAAC,cAAc,CAAC,WAAW,WAAW,aAAa,GAAG;AACxD,WAAO;AAAA,EACT;AAEA,SAAO,WAAW,MAAM,cAAc,MAAM;AAC9C;AAEA,SAAS,uBAAuB,SAAiC;AAC/D,QAAM,eAAe,QAAQ,QAAQ,IAAI,QAAQ,KAAK;AAEtD,MAAI,CAAC,cAAc;AACjB,WAAO;AAAA,EACT;AAEA,QAAM,eAAe,gBAAgB;AACrC,QAAM,oBAAoB;AAAA,IACpB,UAAU,QAAQ;AAAA,IAClB;AAAA,EACN;AAEA,QAAM,UAAU,aAAa,MAAM,GAAG,EAAE;AAAA,IACtC,CAAC,KAAK,WAAW;AACf,YAAM,CAAC,MAAM,KAAK,IAAI,OAAO,KAAK,EAAE,MAAM,GAAG;AAC7C,UAAI,IAAI,IAAI;AACZ,aAAO;AAAA,IACT;AAAA,IACA,CAAC;AAAA,EACH;AAEA,SAAO,qBAAqB;AAC9B;AAEA,SAAS,uBAAuB,SAA2B;AACzD,SAAO,QAAQ,QAAQ,IAAI,eAAe;AAC5C;AASA,eAAsB,oBACpB,SACA,SACuB;AAEvB,iBAAe,eAAe;AAC5B,QAAI;AACF,YAAM,WAAW,MAAM,QAAQ,WAAW,OAAO,aAAa,QAAQ,gBAAgB,UAAU,IAAK;AAAA,QACnG,QAAQ;AAAA,QACR,eAAe;AAAA,QACf,eAAe;AAAA,QACf,gBAAgB,QAAQ,UAAU;AAAA,MACpC,CAAC;AAAA,IACH,SAAS,OAAO;AACd,cAAQ,MAAM,2BAA2B,KAAK;AAAA,IAChD;AAAA,EACF;AACA,iBAAe,uCAAuC;AACpD,UAAM,QAAQ,uBAAuB,OAAO;AAC5C,QAAI,CAAC,OAAO;AACV,aAAO,UAAU,gBAAgB,mBAAmB;AAAA,IACtD;AACA,QAAI;AACF,YAAM,EAAE,MAAM,OAAO,IAAI,MAAM,YAAY,OAAO,OAAO;AAEzD,UAAI,QAAQ;AACV,cAAM,OAAO,CAAC;AAAA,MAChB;AAEA,YAAM,uBAAuB,SAAS,MAAM,QAAW,KAAK;AAC5D,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,aAAO,YAAY,KAAK,QAAQ;AAAA,IAClC;AAAA,EACF;AAEA,iBAAe,uCAAuC;AACpD,UAAM,QAAQ,uBAAuB,OAAO;AAC5C,QAAI,CAAC,OAAO;AACV,aAAO,UAAU,gBAAgB,qBAAqB,EAAE;AAAA,IAC1D;AACA,QAAI;AACF,YAAM,EAAE,MAAM,OAAO,IAAI,MAAM,YAAY,OAAO,OAAO;AAEzD,UAAI,QAAQ;AACV,cAAM,OAAO,CAAC;AAAA,MAChB;AAEA,YAAM,uBAAuB,SAAS,MAAM,QAAW,KAAK;AAC5D,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,aAAO,YAAY,KAAK,QAAQ;AAAA,IAClC;AAAA,EACF;AAEA,iBAAe,YACb,KACA,cACyC;AACzC,QAAI,EAAE,eAAe,yBAAyB;AAC5C,aAAO,UAAU,gBAAgB,eAAe;AAAA,IAClD;AACA,QAAI;AAEJ,QAAI,eAAe;AAEnB,WAAO,UAAU,IAAI,QAAQ,IAAI,eAAe,CAAC;AAAA,EACnD;AAEA,MAAI,uBAAuB,OAAO,GAAG;AACnC,WAAO,qCAAqC;AAAA,EAC9C;AAEA,SAAO,qCAAqC;AAC9C;AAUO,SAAS,0BAA0B,QAA0C;AAClF,QAAM,mBAAmB,uBAAuB,OAAO,OAAO;AAC9D,QAAM,YAAY,OAAO;AAEzB,QAAM,4BAA4B,CAAC,SAAkB,UAA0B,CAAC,MAAM;AACpF,UAAM,EAAE,OAAO,IAAI;AACnB,WAAO,oBAAoB,SAAS,EAAE,GAAG,SAAS,QAAQ,UAAU,CAAC;AAAA,EACvE;AAEA,SAAO;AAAA,IACL,qBAAqB;AAAA,EACvB;AACF;;;AE/IO,SAAS,4BAA4B,SAA4D;AACtG,QAAM,OAAO,EAAE,GAAG,QAAQ;AAC1B,QAAM,YAAY,cAAc,IAAI;AACpC,QAAM,eAAe,0BAA0B,EAAC,SAAS,MAAM,UAAS,CAAC;AAEzE,SAAO;AAAA,IACL,GAAG;AAAA,IACH,GAAG;AAAA,EACL;AACF;;;AClBA,IAAM,yBAAyB;AAAA,EAC7B,QAAQ;AAAA,EACR,YAAY;AAAA,EACZ,WAAW;AAAA,EACX,UAAU;AACZ;AAEO,SAASA,wBACd,mBACA,SACG;AACH,SAAO,OAAO,KAAK,iBAAiB,EAAE;AAAA,IACpC,CAAC,KAAQ,QAAgB;AACvB,aAAO,EAAE,GAAG,KAAK,CAAC,GAAG,GAAG,QAAQ,GAAG,KAAK,IAAI,GAAG,EAAE;AAAA,IACnD;AAAA,IACA,EAAE,GAAG,kBAAkB;AAAA,EACzB;AACF;AAEA,IAAMC,iBAAgB;AACtB,IAAM,mBAAmB;AAEzB,SAASC,wBAAuB,SAAiC;AAC/D,QAAM,aAAa,QAAQ,QAAQ,IAAI,eAAe;AAEtD,MAAI,CAAC,cAAc,CAAC,WAAW,WAAWD,cAAa,GAAG;AACxD,WAAO;AAAA,EACT;AAEA,SAAO,WAAW,MAAMA,eAAc,MAAM;AAC9C;AAEA,SAASE,wBAAuB,SAAiC;AAC/D,QAAM,eAAe,QAAQ,QAAQ,IAAI,QAAQ,KAAK;AAEtD,MAAI,CAAC,cAAc;AACjB,WAAO;AAAA,EACT;AAEA,QAAM,UAAU,aAAa,MAAM,GAAG,EAAE;AAAA,IACtC,CAAC,KAAK,WAAW;AACf,YAAM,CAAC,MAAM,KAAK,IAAI,OAAO,KAAK,EAAE,MAAM,GAAG;AAC7C,UAAI,IAAI,IAAI;AACZ,aAAO;AAAA,IACT;AAAA,IACA,CAAC;AAAA,EACH;AAEA,SAAO,QAAQ,gBAAgB,KAAK;AACtC;AAEA,SAASC,wBAAuB,SAA2B;AACzD,SAAO,QAAQ,QAAQ,IAAI,eAAe;AAC5C;AAEA,eAAsBC,qBACpB,SACA,SACuB;AACvB,iBAAe,uCAAuC;AACpD,UAAM,QAAQF,wBAAuB,OAAO;AAC5C,QAAI,CAAC,OAAO;AACV,aAAO,UAAU,gBAAgB,mBAAmB;AAAA,IACtD;AACA,UAAM,EAAE,MAAM,OAAO,IAAI,MAAM,YAAY,OAAO,OAAO;AAEzD,QAAI,QAAQ;AACV,YAAM,OAAO,CAAC;AAAA,IAChB;AAEA,UAAM,uBAAuB,SAAS,MAAM,QAAW,KAAK;AAC5D,WAAO;AAAA,EACT;AAEA,iBAAe,uCAAuC;AACpD,UAAM,QAAQD,wBAAuB,OAAO;AAC5C,QAAI,CAAC,OAAO;AACV,aAAO,UAAU,gBAAgB,mBAAmB;AAAA,IACtD;AAEA,UAAM,EAAE,MAAM,OAAO,IAAI,MAAM,YAAY,OAAO,OAAO;AAEzD,QAAI,QAAQ;AACV,YAAM,OAAO,CAAC;AAAA,IAChB;AAEA,UAAM,uBAAuB,SAAS,MAAM,QAAW,KAAK;AAC5D,WAAO;AAAA,EACT;AAEA,MAAIE,wBAAuB,OAAO,GAAG;AACnC,WAAO,qCAAqC;AAAA,EAC9C;AAEA,SAAO,qCAAqC;AAC9C;AASO,SAAS,8BAA8B,QAA8C;AAC1F,QAAM,mBAAmBJ,wBAAuB,wBAAwB,OAAO,OAAO;AAEtF,QAAM,4BAA4B,CAAC,SAAkB,UAA0B,CAAC,MAAM;AACpF,UAAM,iBAAiB,EAAE,GAAG,kBAAkB,GAAG,QAAQ;AACzD,WAAOK,qBAAoB,SAAS,cAAc;AAAA,EACpD;AAEA,SAAO;AAAA,IACL,qBAAqB;AAAA,EACvB;AACF;;;AClHO,SAAS,iBAAiB,SAAsD;AACrF,QAAM,OAAO,EAAE,GAAG,QAAQ;AAC1B,QAAM,YAAY,cAAc,IAAI;AACpC,QAAM,eAAe,8BAA8B,EAAE,SAAS,KAAK,CAAC;AAEpE,SAAO;AAAA,IACL,GAAG;AAAA,IACH,GAAG;AAAA,EACL;AACF;;;ACnBO,IAAK,WAAL,kBAAKC,cAAL;AACL,EAAAA,oBAAA,WAAQ,KAAR;AACA,EAAAA,oBAAA,UAAO,KAAP;AACA,EAAAA,oBAAA,UAAO,KAAP;AACA,EAAAA,oBAAA,WAAQ,KAAR;AAJU,SAAAA;AAAA,GAAA;AAaL,IAAM,SAAN,MAAa;AAAA,EACV;AAAA,EAER,YAAY,UAAkC,CAAC,GAAG;AAChD,SAAK,UAAU;AAAA,MACb,SAAS;AAAA,MACT,OAAO;AAAA,MACP,QAAQ;AAAA,MACR,GAAG;AAAA,IACL;AAAA,EACF;AAAA,EAEA,SAAe;AACb,SAAK,QAAQ,UAAU;AAAA,EACzB;AAAA,EAEA,UAAgB;AACd,SAAK,QAAQ,UAAU;AAAA,EACzB;AAAA,EAEA,SAAS,OAAuB;AAC9B,SAAK,QAAQ,QAAQ;AAAA,EACvB;AAAA,EAEA,UAAU,QAAsB;AAC9B,SAAK,QAAQ,SAAS;AAAA,EACxB;AAAA,EAEQ,IAAI,OAAiB,WAAmB,YAAoB,MAAmB;AACrF,QAAI,CAAC,KAAK,QAAQ,WAAW,QAAQ,KAAK,QAAQ,OAAO;AACvD;AAAA,IACF;AAEA,UAAM,aAAY,oBAAI,KAAK,GAAE,YAAY;AACzC,UAAM,mBAAmB,GAAG,SAAS,IAAI,KAAK,QAAQ,MAAM,KAAK,SAAS,KAAK,OAAO;AAEtF,YAAQ,OAAO;AAAA,MACb,KAAK;AACH,gBAAQ,MAAM,kBAAkB,GAAG,IAAI;AACvC;AAAA,MACF,KAAK;AACH,gBAAQ,KAAK,kBAAkB,GAAG,IAAI;AACtC;AAAA,MACF,KAAK;AACH,gBAAQ,KAAK,kBAAkB,GAAG,IAAI;AACtC;AAAA,MACF,KAAK;AACH,gBAAQ,MAAM,kBAAkB,GAAG,IAAI;AACvC;AAAA,IACJ;AAAA,EACF;AAAA,EAEA,MAAM,YAAoB,MAAmB;AAC3C,SAAK,IAAI,eAAgB,SAAS,SAAS,GAAG,IAAI;AAAA,EACpD;AAAA,EAEA,KAAK,YAAoB,MAAmB;AAC1C,SAAK,IAAI,cAAe,QAAQ,SAAS,GAAG,IAAI;AAAA,EAClD;AAAA,EAEA,KAAK,YAAoB,MAAmB;AAC1C,SAAK,IAAI,cAAe,QAAQ,SAAS,GAAG,IAAI;AAAA,EAClD;AAAA,EAEA,MAAM,YAAoB,MAAmB;AAC3C,SAAK,IAAI,eAAgB,SAAS,SAAS,GAAG,IAAI;AAAA,EACpD;AACF;AAEO,IAAM,eAAe,CAAC,YAA6C;AACxE,SAAO,IAAI,OAAO,OAAO;AAC3B;AAEO,IAAM,cAAc,aAAa,EAAE,QAAQ,qBAAqB,CAAC;AACjE,IAAM,aAAa,aAAa,EAAE,QAAQ,oBAAoB,CAAC;;;ACrF/D,SAAS,qBAA2B;AACzC,aAAW,OAAO;AAClB,aAAW,sBAAuB;AAElC,cAAY,OAAO;AACnB,cAAY,sBAAuB;AACrC;AAEO,SAAS,sBAA4B;AAC1C,aAAW,QAAQ;AACnB,cAAY,QAAQ;AACtB;AAEO,SAAS,YAAY,OAAuB;AACjD,aAAW,SAAS,KAAK;AACzB,cAAY,SAAS,KAAK;AAC5B;;;ACfO,IAAM,kBAAN,MAAqD;AAAA,EAClD;AAAA,EACA;AAAA,EAER,YAAY,QAAwB;AAClC,SAAK,SAAS;AACd,SAAK,YAAY,OAAO,SAAS;AAAA,EACnC;AAAA,EAEA,kBAAkB,OAAM,QAAoD;AAC1E,QAAI;AAGF,YAAM,WAAW,MAAM,MAAM,KAAK,OAAO,KAAK;AAAA,QAC5C,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,iBAAiB,UAAU,KAAK,OAAO,KAAK;AAAA,QAC9C;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB,OAAO,2DAA2D,KAAK,SAAS;AAAA,UAChF,QAAQ,CAAC,GAAG;AAAA,QACd,CAAC;AAAA,MACH,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,IAAI,MAAM,uBAAuB,SAAS,MAAM,EAAE;AAAA,MAC1D;AAEA,YAAM,SAAS,MAAM,SAAS,KAAK;AAEnC,UAAI,OAAO,QAAQ,OAAO,KAAK,SAAS,GAAG;AACzC,cAAM,MAAM,OAAO,KAAK,CAAC;AACzB,cAAM,eAAmC;AAAA,UACvC,KAAK,IAAI;AAAA,UACT,OAAO,IAAI;AAAA,UACX,cAAc,IAAI;AAAA,QACpB;AAEA,mBAAW,MAAM,wBAAwB,GAAG,EAAE;AAC9C,eAAO;AAAA,MACT;AAEA,iBAAW,MAAM,2BAA2B,GAAG,EAAE;AACjD,aAAO;AAAA,IACT,SAAS,OAAO;AACd,iBAAW,MAAM,gDAAgD,KAAK;AACtE,aAAO;AAAA,IACT;AAAA,EACF;AACF;;;ACrDA,SAAS,aAAa;AActB,IAAM,WAAN,MAAkB;AAAA,EACR,QAAQ,oBAAI,IAA2B;AAAA,EAC9B;AAAA,EAEjB,YAAY,eAAuB,KAAO;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,IAAI,KAAa,OAAU,OAAsB;AAC/C,UAAM,YAAY,KAAK,IAAI,KAAK,SAAS,KAAK;AAC9C,SAAK,MAAM,IAAI,KAAK,EAAE,OAAO,UAAU,CAAC;AACxC,YAAQ,IAAI,qBAAqB,GAAG,WAAW,KAAK,UAAU,KAAK,CAAC,eAAe,SAAS,eAAe,KAAK,MAAM,IAAI,EAAE;AAAA,EAC9H;AAAA,EAEQ,SAAS,KAAwC;AACvD,UAAM,QAAQ,KAAK,MAAM,IAAI,GAAG;AAChC,QAAI,CAAC,MAAO,QAAO;AAEnB,UAAM,MAAM,KAAK,IAAI;AACrB,QAAI,MAAM,MAAM,WAAW;AACzB,cAAQ,IAAI,iBAAiB,GAAG,iBAAiB,GAAG,eAAe,MAAM,SAAS,GAAG;AACrF,WAAK,MAAM,OAAO,GAAG;AACrB,aAAO;AAAA,IACT;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,IAAI,KAA4B;AAC9B,UAAM,QAAQ,KAAK,SAAS,GAAG;AAC/B,UAAM,WAAW,UAAU;AAC3B,UAAM,cAAc,KAAK,MAAM,IAAI,GAAG;AACtC,UAAM,WAAW,KAAK,MAAM,IAAI,GAAG;AAEnC,YAAQ,IAAI,qBAAqB,GAAG,cAAc,QAAQ,iBAAiB,WAAW,EAAE;AACxF,YAAQ,IAAI,0BAA0B,KAAK,UAAU,QAAQ,CAAC,WAAW,KAAK,UAAU,KAAK,CAAC,EAAE;AAEhG,QAAI,CAAC,OAAO;AACV,cAAQ,IAAI,wCAAwC,GAAG,uBAAuB;AAC9E,aAAO;AAAA,IACT;AAEA,YAAQ,IAAI,iCAAiC,KAAK,UAAU,MAAM,KAAK,CAAC,YAAY,GAAG,EAAE;AACzF,WAAO,MAAM;AAAA,EACf;AAAA,EAGA,OAAO,KAAsB;AAC3B,WAAO,KAAK,MAAM,OAAO,GAAG;AAAA,EAC9B;AAAA,EAEA,QAAc;AACZ,SAAK,MAAM,MAAM;AAAA,EACnB;AAAA,EAEA,UAAgB;AACd,UAAM,MAAM,KAAK,IAAI;AACrB,eAAW,CAAC,KAAK,KAAK,KAAK,KAAK,MAAM,QAAQ,GAAG;AAC/C,UAAI,MAAM,MAAM,WAAW;AACzB,aAAK,MAAM,OAAO,GAAG;AAAA,MACvB;AAAA,IACF;AAAA,EACF;AACF;AAEO,IAAM,eAAN,MAAkD;AAAA,EAC/C;AAAA,EACA;AAAA,EACA;AAAA,EAER,YAAY,QAAqB;AAC/B,SAAK,QAAQ,IAAI,MAAM;AAAA,MACrB,KAAK,OAAO;AAAA,MACZ,OAAO,OAAO;AAAA,IAChB,CAAC;AAED,SAAK,YAAY,OAAO,aAAa;AACrC,UAAM,WAAW,OAAO,OAAO;AAC/B,SAAK,QAAQ,IAAI,SAAoC,QAAQ;AAE7D,gBAAY,MAAM,KAAK,MAAM,QAAQ,GAAG,IAAI,KAAK,GAAI;AAAA,EACvD;AAAA,EAEA,kBAAkB,OAAO,QAAoD;AAC3E,UAAM,WAAW,GAAG,KAAK,SAAS,GAAG,GAAG;AAExC,eAAW,MAAM,yCAAyC,QAAQ,EAAE;AAGpE,UAAM,eAAe,KAAK,MAAM,IAAI,QAAQ;AAC5C,eAAW,MAAM,sCAAsC,QAAQ,KAAK;AAAA,MAClE,cAAc,KAAK,UAAU,YAAY;AAAA,MACzC,aAAa,iBAAiB;AAAA,MAC9B,MAAM,OAAO;AAAA,IACf,CAAC;AAED,QAAI,iBAAiB,QAAW;AAC9B,iBAAW,MAAM,gCAAgC,GAAG,IAAI;AAAA,QACtD;AAAA,QACA,cAAc,KAAK,UAAU,YAAY;AAAA,MAC3C,CAAC;AACD,aAAO;AAAA,IACT;AAEA,eAAW;AAAA,MACT,iCAAiC,GAAG,mCAAmC,QAAQ;AAAA,IACjF;AAEA,QAAI;AACF,YAAM,eACJ,MAAM,KAAK,MAAM,IAAI,QAAQ;AAE/B,iBAAW,MAAM,0BAA0B,QAAQ,KAAK;AAAA,QACtD,cAAc,KAAK,UAAU,YAAY;AAAA,QACzC,MAAM,OAAO;AAAA,MACf,CAAC;AAGD,WAAK,MAAM,IAAI,UAAU,YAAY;AAErC,iBAAW,MAAM,oCAAoC,GAAG,IAAI;AAAA,QAC1D;AAAA,QACA,YAAY,CAAC,CAAC;AAAA,QACd,aAAa,KAAK,UAAU,YAAY;AAAA,MAC1C,CAAC;AAED,aAAO;AAAA,IACT,SAAS,OAAO;AACd,iBAAW,MAAM,6CAA6C,KAAK;AACnE,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,gBAAgB,KAAmB;AACjC,UAAM,WAAW,GAAG,KAAK,SAAS,GAAG,GAAG;AACxC,SAAK,MAAM,OAAO,QAAQ;AAAA,EAC5B;AACF;;;ACnJO,SAAS,cACd,QACqB;AACrB,UAAQ,OAAO,MAAM;AAAA,IACnB,KAAK;AACH,aAAO,IAAI,aAAa,OAAO,MAAa;AAAA,IAC9C,KAAK;AACH,aAAO,IAAI,gBAAgB,OAAO,MAAa;AAAA,IACjD;AACE,YAAM,IAAI,MAAM,6BAA8B,OAAe,IAAI,EAAE;AAAA,EACvE;AACF;AAEO,SAAS,4BAA4B,SAGH;AACvC,MAAI,SAAS,WAAW,CAAC,QAAQ,SAAS;AACxC,WAAO;AAAA,MACL,SAAS;AAAA,MACT,OAAO;AAAA,IACT;AAAA,EACF;AACA,SAAO,EAAE,SAAS,KAAK;AACzB;","names":["mergePreDefinedOptions","BEARER_PREFIX","extractTokenFromHeader","extractTokenFromCookie","hasAuthorizationHeader","authenticateRequest","LogLevel"]}
package/dist/instance/backendFireInstance.d.ts CHANGED
@@ -1,7 +1,7 @@
1
- import type { ApiClient, CreateBackendApiOptions } from "../api";
2
- import type { CreateFireAuthenticateRequestOptions } from "../tokens/requestFire";
3
- import { createFireAuthenticateRequest } from "../tokens/requestFire";
4
- export type TernSecureFireOptions = CreateBackendApiOptions & CreateFireAuthenticateRequestOptions['options'];
1
+ import type { ApiClient, CreateFireApiOptions } from '../fireRestApi';
2
+ import type { CreateFireAuthenticateRequestOptions } from '../tokens/requestFire';
3
+ import { createFireAuthenticateRequest } from '../tokens/requestFire';
4
+ export type TernSecureFireOptions = CreateFireApiOptions & CreateFireAuthenticateRequestOptions['options'];
5
5
  export type TernSecureFireClient = ApiClient & ReturnType<typeof createFireAuthenticateRequest>;
6
6
  export declare function createFireClient(options: TernSecureFireOptions): TernSecureFireClient;
7
7
  //# sourceMappingURL=backendFireInstance.d.ts.map
package/dist/instance/backendFireInstance.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"backendFireInstance.d.ts","sourceRoot":"","sources":["../../src/instance/backendFireInstance.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAC,uBAAuB,EAAC,MAAM,QAAQ,CAAC;AAE/D,OAAO,KAAK,EAAE,oCAAoC,EAAE,MAAM,uBAAuB,CAAC;AAClF,OAAO,EAAE,6BAA6B,EAAE,MAAM,uBAAuB,CAAC;AAEtE,MAAM,MAAM,qBAAqB,GAAG,uBAAuB,GAAG,oCAAoC,CAAC,SAAS,CAAC,CAAA;AAE7G,MAAM,MAAM,oBAAoB,GAAG,SAAS,GAAG,UAAU,CAAC,OAAO,6BAA6B,CAAC,CAAC;AAEhG,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,qBAAqB,GAAG,oBAAoB,CASrF"}
1
+ {"version":3,"file":"backendFireInstance.d.ts","sourceRoot":"","sources":["../../src/instance/backendFireInstance.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AAEtE,OAAO,KAAK,EAAE,oCAAoC,EAAE,MAAM,uBAAuB,CAAC;AAClF,OAAO,EAAE,6BAA6B,EAAE,MAAM,uBAAuB,CAAC;AAEtE,MAAM,MAAM,qBAAqB,GAAG,oBAAoB,GACtD,oCAAoC,CAAC,SAAS,CAAC,CAAC;AAElD,MAAM,MAAM,oBAAoB,GAAG,SAAS,GAAG,UAAU,CAAC,OAAO,6BAA6B,CAAC,CAAC;AAEhG,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,qBAAqB,GAAG,oBAAoB,CASrF"}
package/dist/instance/backendInstanceEdge.d.ts CHANGED
@@ -1,9 +1,9 @@
1
- import type { ApiClient, CreateBackendApiOptions } from "../api";
1
+ import type { ApiClient, CreateFireApiOptions } from "../fireRestApi";
2
2
  import type { RequestState } from "../tokens/authstate";
3
3
  import type { CreateAuthenticateRequestOptions } from "../tokens/request";
4
4
  import { createAuthenticateRequest } from "../tokens/request";
5
5
  import type { TernSecureRequest } from "../tokens/ternSecureRequest";
6
- export type TernSecureBackendOptions = CreateBackendApiOptions & CreateAuthenticateRequestOptions['options'];
6
+ export type TernSecureBackendOptions = CreateFireApiOptions & CreateAuthenticateRequestOptions['options'];
7
7
  export type TernSecureBackendClient = ApiClient & ReturnType<typeof createAuthenticateRequest>;
8
8
  export interface BackendInstance {
9
9
  ternSecureRequest: TernSecureRequest;
package/dist/instance/backendInstanceEdge.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"backendInstanceEdge.d.ts","sourceRoot":"","sources":["../../src/instance/backendInstanceEdge.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAC,uBAAuB,EAAC,MAAM,QAAQ,CAAC;AAE/D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,KAAK,EAAE,gCAAgC,EAAE,MAAM,mBAAmB,CAAC;AAC1E,OAAO,EAAE,yBAAyB,EAAE,MAAM,mBAAmB,CAAC;AAC9D,OAAO,KAAK,EACV,iBAAiB,EAClB,MAAM,6BAA6B,CAAC;AAErC,MAAM,MAAM,wBAAwB,GAAG,uBAAuB,GAAG,gCAAgC,CAAC,SAAS,CAAC,CAAA;AAE5G,MAAM,MAAM,uBAAuB,GAAG,SAAS,GAAG,UAAU,CAAC,OAAO,yBAAyB,CAAC,CAAC;AAE/F,MAAM,WAAW,eAAe;IAC9B,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,YAAY,EAAE,YAAY,CAAC;CAC5B;AAED,wBAAgB,2BAA2B,CAAC,OAAO,EAAE,wBAAwB,GAAG,uBAAuB,CAStG"}
1
+ {"version":3,"file":"backendInstanceEdge.d.ts","sourceRoot":"","sources":["../../src/instance/backendInstanceEdge.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAC,oBAAoB,EAAC,MAAM,gBAAgB,CAAC;AAEpE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,KAAK,EAAE,gCAAgC,EAAE,MAAM,mBAAmB,CAAC;AAC1E,OAAO,EAAE,yBAAyB,EAAE,MAAM,mBAAmB,CAAC;AAC9D,OAAO,KAAK,EACV,iBAAiB,EAClB,MAAM,6BAA6B,CAAC;AAErC,MAAM,MAAM,wBAAwB,GAAG,oBAAoB,GAAG,gCAAgC,CAAC,SAAS,CAAC,CAAC;AAE1G,MAAM,MAAM,uBAAuB,GAAG,SAAS,GAAG,UAAU,CAAC,OAAO,yBAAyB,CAAC,CAAC;AAE/F,MAAM,WAAW,eAAe;IAC9B,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,YAAY,EAAE,YAAY,CAAC;CAC5B;AAED,wBAAgB,2BAA2B,CAAC,OAAO,EAAE,wBAAwB,GAAG,uBAAuB,CAStG"}
package/dist/tokens/authstate.d.ts CHANGED
@@ -57,5 +57,5 @@ export type AuthObject = SignedInAuthObject | SignedOutAuthObject;
57
57
  export declare function signedInAuthObject(sessionToken: string, sessionClaims: JWTPayload): SignedInAuthObject;
58
58
  export declare function signedOutAuthObject(): SignedOutAuthObject;
59
59
  export declare function signedIn(sessionClaims: JWTPayload, headers: Headers | undefined, token: string): SignedInState;
60
- export declare function signedOut(reason: AuthReason, headers?: Headers): SignedOutState;
60
+ export declare function signedOut(reason: AuthReason, message?: string, headers?: Headers): SignedOutState;
61
61
  //# sourceMappingURL=authstate.d.ts.map
package/dist/tokens/authstate.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"authstate.d.ts","sourceRoot":"","sources":["../../src/tokens/authstate.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mCAAmC,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAC9F,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAGvC,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,iBAAiB,CAAC;AAEpE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAE7D,eAAO,MAAM,UAAU;;;CAGb,CAAC;AAEX,MAAM,MAAM,UAAU,GAAG,CAAC,OAAO,UAAU,CAAC,CAAC,MAAM,OAAO,UAAU,CAAC,CAAC;AAEtE,eAAO,MAAM,eAAe;;;;;;;;;CASlB,CAAC;AAEX,MAAM,MAAM,eAAe,GAAG,CAAC,OAAO,eAAe,CAAC,CAAC,MAAM,OAAO,eAAe,CAAC,CAAC;AAErF,MAAM,MAAM,UAAU,GAAG,eAAe,GAAG,4BAA4B,CAAC;AAExE,MAAM,MAAM,kBAAkB,GAAG;IAC/B,aAAa,EAAE,cAAc,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,mCAAmC,CAAC;IAC7C,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,aAAa,EAAE,IAAI,CAAC;IACpB,MAAM,EAAE,IAAI,CAAC;IACb,OAAO,EAAE,mCAAmC,CAAC;IAC7C,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAC1B,MAAM,EAAE,OAAO,UAAU,CAAC,QAAQ,CAAC;IACnC,MAAM,EAAE,IAAI,CAAC;IACb,UAAU,EAAE,IAAI,CAAC;IACjB,IAAI,EAAE,MAAM,kBAAkB,CAAC;IAC/B,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,MAAM,EAAE,OAAO,UAAU,CAAC,SAAS,CAAC;IACpC,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,KAAK,CAAC;IAClB,IAAI,EAAE,MAAM,mBAAmB,CAAC;IAChC,KAAK,EAAE,IAAI,CAAC;IACZ,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG,aAAa,GAAG,cAAc,CAAC;AAE1D,MAAM,WAAW,eAAe;IAC9B,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,YAAY,EAAE,YAAY,CAAC;CAC5B;AAED,MAAM,MAAM,UAAU,GAAG,kBAAkB,GAAG,mBAAmB,CAAC;AAmClE,wBAAgB,kBAAkB,CAChC,YAAY,EAAE,MAAM,EACpB,aAAa,EAAE,UAAU,GACxB,kBAAkB,CAWpB;AAED,wBAAgB,mBAAmB,IAAI,mBAAmB,CAOzD;AAED,wBAAgB,QAAQ,CACtB,aAAa,EAAE,UAAU,EACzB,OAAO,EAAE,OAAO,YAAgB,EAChC,KAAK,EAAE,MAAM,GACZ,aAAa,CAUf;AAED,wBAAgB,SAAS,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,GAAE,OAAuB,GAAG,cAAc,CAS9F"}
1
+ {"version":3,"file":"authstate.d.ts","sourceRoot":"","sources":["../../src/tokens/authstate.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mCAAmC,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAC9F,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAGvC,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,iBAAiB,CAAC;AAEpE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAE7D,eAAO,MAAM,UAAU;;;CAGb,CAAC;AAEX,MAAM,MAAM,UAAU,GAAG,CAAC,OAAO,UAAU,CAAC,CAAC,MAAM,OAAO,UAAU,CAAC,CAAC;AAEtE,eAAO,MAAM,eAAe;;;;;;;;;CASlB,CAAC;AAEX,MAAM,MAAM,eAAe,GAAG,CAAC,OAAO,eAAe,CAAC,CAAC,MAAM,OAAO,eAAe,CAAC,CAAC;AAErF,MAAM,MAAM,UAAU,GAAG,eAAe,GAAG,4BAA4B,CAAC;AAExE,MAAM,MAAM,kBAAkB,GAAG;IAC/B,aAAa,EAAE,cAAc,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,mCAAmC,CAAC;IAC7C,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,aAAa,EAAE,IAAI,CAAC;IACpB,MAAM,EAAE,IAAI,CAAC;IACb,OAAO,EAAE,mCAAmC,CAAC;IAC7C,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAC1B,MAAM,EAAE,OAAO,UAAU,CAAC,QAAQ,CAAC;IACnC,MAAM,EAAE,IAAI,CAAC;IACb,UAAU,EAAE,IAAI,CAAC;IACjB,IAAI,EAAE,MAAM,kBAAkB,CAAC;IAC/B,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,MAAM,EAAE,OAAO,UAAU,CAAC,SAAS,CAAC;IACpC,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,KAAK,CAAC;IAClB,IAAI,EAAE,MAAM,mBAAmB,CAAC;IAChC,KAAK,EAAE,IAAI,CAAC;IACZ,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG,aAAa,GAAG,cAAc,CAAC;AAE1D,MAAM,WAAW,eAAe;IAC9B,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,YAAY,EAAE,YAAY,CAAC;CAC5B;AAED,MAAM,MAAM,UAAU,GAAG,kBAAkB,GAAG,mBAAmB,CAAC;AAmClE,wBAAgB,kBAAkB,CAChC,YAAY,EAAE,MAAM,EACpB,aAAa,EAAE,UAAU,GACxB,kBAAkB,CAWpB;AAED,wBAAgB,mBAAmB,IAAI,mBAAmB,CAOzD;AAED,wBAAgB,QAAQ,CACtB,aAAa,EAAE,UAAU,EACzB,OAAO,EAAE,OAAO,YAAgB,EAChC,KAAK,EAAE,MAAM,GACZ,aAAa,CAUf;AAED,wBAAgB,SAAS,CACvB,MAAM,EAAE,UAAU,EAClB,OAAO,SAAK,EACZ,OAAO,GAAE,OAAuB,GAC/B,cAAc,CAUhB"}
package/dist/tokens/keys.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"keys.d.ts","sourceRoot":"","sources":["../../src/tokens/keys.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,mBAAmB,EAAE,MAAM,MAAM,CAAC;AAUhD,MAAM,MAAM,UAAU,GAAG;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;CAAE,CAAC;AAOnD,MAAM,MAAM,wBAAwB,GAAG,mBAAmB,GAAG;IAC3D,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB,CAAC;AAwCF,wBAAsB,iBAAiB,CAAC,EACtC,MAAuC,EACvC,aAAa,EACb,GAAG,GACJ,EAAE,wBAAwB,GAAG,OAAO,CAAC,MAAM,CAAC,CA2B5C;AAiCD,eAAO,MAAM,aAAa;;;;CAIxB,CAAC"}
1
+ {"version":3,"file":"keys.d.ts","sourceRoot":"","sources":["../../src/tokens/keys.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,mBAAmB,EAAE,MAAM,MAAM,CAAC;AAUhD,MAAM,MAAM,UAAU,GAAG;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;CAAE,CAAC;AAOnD,MAAM,MAAM,wBAAwB,GAAG,mBAAmB,GAAG;IAC3D,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB,CAAC;AAwCF,wBAAsB,iBAAiB,CAAC,EACtC,MAA+B,EAC/B,aAAa,EACb,GAAG,GACJ,EAAE,wBAAwB,GAAG,OAAO,CAAC,MAAM,CAAC,CA2B5C;AAiCD,eAAO,MAAM,aAAa;;;;CAIxB,CAAC"}
package/dist/tokens/request.d.ts CHANGED
@@ -1,8 +1,8 @@
1
- import type { ApiClient } from '../api';
1
+ import type { ApiClient } from '../fireRestApi';
2
2
  import { type buildTimeOptions, type RuntimeOptions } from '../utils/options';
3
3
  import type { RequestState } from './authstate';
4
- import type { RequestOptions } from './types';
5
- export declare function authenticateRequest(request: Request, options: RequestOptions): Promise<RequestState>;
4
+ import type { AuthenticateRequestOptions } from './types';
5
+ export declare function authenticateRequest(request: Request, options: AuthenticateRequestOptions): Promise<RequestState>;
6
6
  /**
7
7
  * @internal
8
8
  */
package/dist/tokens/request.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"request.d.ts","sourceRoot":"","sources":["../../src/tokens/request.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACxC,OAAO,EACL,KAAK,gBAAgB,EAErB,KAAK,cAAc,EACpB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAGhD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAwC9C,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,YAAY,CAAC,CAqCvB;AAED;;GAEG;AACH,MAAM,MAAM,gCAAgC,GAAG;IAC7C,OAAO,EAAE,gBAAgB,CAAC;IAC1B,SAAS,EAAE,SAAS,CAAC;CACtB,CAAC;AAEF,wBAAgB,yBAAyB,CAAC,MAAM,EAAE,gCAAgC;mCAIpC,OAAO,YAAW,cAAc;EAQ7E"}
1
+ {"version":3,"file":"request.d.ts","sourceRoot":"","sources":["../../src/tokens/request.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAGhD,OAAO,EACL,KAAK,gBAAgB,EAErB,KAAK,cAAc,EACpB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,KAAK,EAAE,YAAY,EAAiC,MAAM,aAAa,CAAC;AAE/E,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,SAAS,CAAC;AAoD1D,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,0BAA0B,GAClC,OAAO,CAAC,YAAY,CAAC,CAuEvB;AAED;;GAEG;AACH,MAAM,MAAM,gCAAgC,GAAG;IAC7C,OAAO,EAAE,gBAAgB,CAAC;IAC1B,SAAS,EAAE,SAAS,CAAC;CACtB,CAAC;AAEF,wBAAgB,yBAAyB,CAAC,MAAM,EAAE,gCAAgC;mCAIpC,OAAO,YAAW,cAAc;EAQ7E"}
package/dist/tokens/requestFire.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"requestFire.d.ts","sourceRoot":"","sources":["../../src/tokens/requestFire.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAGhD,OAAO,KAAK,EAAE,8BAA8B,EAAkB,MAAM,SAAS,CAAC;AAG9E,KAAK,cAAc,GAAG,IAAI,CAAC,8BAA8B,EAAE,gBAAgB,CAAC,CAAC;AAE7E,KAAK,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC,8BAA8B,EAAE,gBAAgB,CAAC,CAAC,CAAC;AASvF,wBAAgB,sBAAsB,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAClE,iBAAiB,EAAE,CAAC,EACpB,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,GAClB,CAAC,CAOH;AAuCD,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,8BAA8B,GACtC,OAAO,CAAC,YAAY,CAAC,CAqCvB;AAED;;GAEG;AACH,MAAM,MAAM,oCAAoC,GAAG;IACjD,OAAO,EAAE,eAAe,CAAC;CAC1B,CAAC;AAEF,wBAAgB,6BAA6B,CAAC,MAAM,EAAE,oCAAoC;mCAG5C,OAAO,YAAW,cAAc;EAQ7E"}
1
+ {"version":3,"file":"requestFire.d.ts","sourceRoot":"","sources":["../../src/tokens/requestFire.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAEhD,OAAO,KAAK,EAAE,8BAA8B,EAAI,MAAM,SAAS,CAAC;AAGhE,KAAK,cAAc,GAAG,IAAI,CAAC,8BAA8B,EAAE,gBAAgB,CAAC,CAAC;AAE7E,KAAK,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC,8BAA8B,EAAE,gBAAgB,CAAC,CAAC,CAAC;AASvF,wBAAgB,sBAAsB,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAClE,iBAAiB,EAAE,CAAC,EACpB,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,GAClB,CAAC,CAOH;AAsCD,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,8BAA8B,GACtC,OAAO,CAAC,YAAY,CAAC,CAqCvB;AAED;;GAEG;AACH,MAAM,MAAM,oCAAoC,GAAG;IACjD,OAAO,EAAE,eAAe,CAAC;CAC1B,CAAC;AAEF,wBAAgB,6BAA6B,CAAC,MAAM,EAAE,oCAAoC;mCAG5C,OAAO,YAAW,cAAc;EAQ7E"}
package/dist/tokens/types.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  import type { CheckRevokedOptions } from '../adapters';
2
- import type { ApiClient } from '../api';
2
+ import type { ApiClient } from '../fireRestApi';
3
3
  import type { TernSecureConfig, VerifyTokenVOptions } from './verify';
4
4
  export type SessionCookieAttributes = {
5
5
  path?: string;
@@ -25,14 +25,15 @@ export type RequestOptions = {
25
25
  checkRevoked?: CheckRevokedOptions;
26
26
  cookies?: MiddlewareCookiesOptions;
27
27
  apiClient?: ApiClient;
28
+ apiKey?: string;
28
29
  apiUrl?: string;
29
30
  apiVersion?: string;
31
+ firebaseConfig?: TernSecureConfig;
30
32
  } & VerifyTokenVOptions;
31
33
  export type AuthenticateFireRequestOptions = {
32
34
  signInUrl?: string;
33
35
  signUpUrl?: string;
34
36
  checkRevoked?: CheckRevokedOptions;
35
- cookies?: MiddlewareCookiesOptions;
36
37
  apiClient?: ApiClient;
37
38
  apiUrl?: string;
38
39
  apiVersion?: string;
@@ -43,6 +44,8 @@ export type AuthenticateRequestOptions = {
43
44
  signUpUrl?: string;
44
45
  checkRevoked?: CheckRevokedOptions;
45
46
  apiClient?: ApiClient;
47
+ apiUrl?: string;
48
+ apiVersion?: string;
46
49
  firebaseConfig?: TernSecureConfig;
47
50
  } & VerifyTokenVOptions;
48
51
  //# sourceMappingURL=types.d.ts.map
package/dist/tokens/types.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/tokens/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACxC,OAAO,KAAK,EAAE,gBAAgB,EAAC,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAErE,MAAM,MAAM,uBAAuB,GAAG;IACpC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,IAAI,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,QAAQ,CAAC,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;CACtC,CAAC;AAEF,MAAM,MAAM,2BAA2B,GAAG;IACxC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,uBAAuB,CAAC;IACpC,4BAA4B,CAAC,EAAE,OAAO,CAAC;CACxC,CAAC;AAEF,MAAM,MAAM,wBAAwB,GAAG;IACrC,cAAc,EAAE,2BAA2B,CAAC;CAC7C,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,mBAAmB,CAAC;IACnC,OAAO,CAAC,EAAE,wBAAwB,CAAC;IACnC,SAAS,CAAC,EAAE,SAAS,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,GAAG,mBAAmB,CAAC;AAExB,MAAM,MAAM,8BAA8B,GAAG;IAC3C,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,mBAAmB,CAAC;IACnC,OAAO,CAAC,EAAE,wBAAwB,CAAC;IACnC,SAAS,CAAC,EAAE,SAAS,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,gBAAgB,CAAA;CAClC,GAAG,mBAAmB,CAAC;AAGxB,MAAM,MAAM,0BAA0B,GAAG;IACvC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,mBAAmB,CAAC;IACnC,SAAS,CAAC,EAAE,SAAS,CAAC;IACtB,cAAc,CAAC,EAAE,gBAAgB,CAAA;CAClC,GAAG,mBAAmB,CAAC"}
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/tokens/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,KAAK,EAAE,gBAAgB,EAAC,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAErE,MAAM,MAAM,uBAAuB,GAAG;IACpC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,IAAI,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,QAAQ,CAAC,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;CACtC,CAAC;AAEF,MAAM,MAAM,2BAA2B,GAAG;IACxC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,uBAAuB,CAAC;IACpC,4BAA4B,CAAC,EAAE,OAAO,CAAC;CACxC,CAAC;AAEF,MAAM,MAAM,wBAAwB,GAAG;IACrC,cAAc,EAAE,2BAA2B,CAAC;CAC7C,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,mBAAmB,CAAC;IACnC,OAAO,CAAC,EAAE,wBAAwB,CAAC;IACnC,SAAS,CAAC,EAAE,SAAS,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,gBAAgB,CAAA;CAClC,GAAG,mBAAmB,CAAC;AAExB,MAAM,MAAM,8BAA8B,GAAG;IAC3C,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,mBAAmB,CAAC;IACnC,SAAS,CAAC,EAAE,SAAS,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,gBAAgB,CAAA;CAClC,GAAG,mBAAmB,CAAC;AAGxB,MAAM,MAAM,0BAA0B,GAAG;IACvC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,mBAAmB,CAAC;IACnC,SAAS,CAAC,EAAE,SAAS,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,gBAAgB,CAAA;CAClC,GAAG,mBAAmB,CAAC"}
package/dist/utils/options.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  import type { RequestOptions } from "../tokens/types";
2
2
  export type RuntimeOptions = Omit<RequestOptions, "apiUrl">;
3
- export type buildTimeOptions = Partial<Pick<RequestOptions, "apiUrl" | "apiVersion">>;
3
+ export type buildTimeOptions = Partial<Pick<RequestOptions, "apiKey" | "apiUrl" | "apiVersion">>;
4
4
  export declare function mergePreDefinedOptions(userOptions?: buildTimeOptions): buildTimeOptions;
5
5
  //# sourceMappingURL=options.d.ts.map
package/dist/utils/options.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"options.d.ts","sourceRoot":"","sources":["../../src/utils/options.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAC,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAErD,MAAM,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;AAE5D,MAAM,MAAM,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC,cAAc,EAAE,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC;AAOtF,wBAAgB,sBAAsB,CACpC,WAAW,GAAE,gBAAqB,GACjC,gBAAgB,CAKlB"}
1
+ {"version":3,"file":"options.d.ts","sourceRoot":"","sources":["../../src/utils/options.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAC,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAErD,MAAM,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;AAE5D,MAAM,MAAM,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC,cAAc,EAAE,QAAQ,GAAE,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC;AAQhG,wBAAgB,sBAAsB,CACpC,WAAW,GAAE,gBAAqB,GACjC,gBAAgB,CAKlB"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@tern-secure/backend",
3
- "version": "1.2.0-canary.v20250919134427",
3
+ "version": "1.2.0-canary.v20251002175916",
4
4
  "repository": {
5
5
  "type": "git",
6
6
  "url": "git+https://github.com/TernSecure/auth.git",
@@ -12,6 +12,7 @@
12
12
  "files": [
13
13
  "dist",
14
14
  "admin",
15
+ "auth",
15
16
  "internal",
16
17
  "jwt"
17
18
  ],
@@ -48,6 +49,16 @@
48
49
  "default": "./dist/admin/index.js"
49
50
  }
50
51
  },
52
+ "./auth": {
53
+ "import": {
54
+ "types": "./dist/auth/index.d.ts",
55
+ "default": "./dist/auth/index.mjs"
56
+ },
57
+ "require": {
58
+ "types": "./dist/auth/index.d.ts",
59
+ "default": "./dist/auth/index.js"
60
+ }
61
+ },
51
62
  "./jwt": {
52
63
  "import": {
53
64
  "types": "./dist/jwt/index.d.ts",
@@ -66,8 +77,8 @@
66
77
  "jose": "^5.10.0",
67
78
  "tslib": "2.4.1",
68
79
  "@upstash/redis": "^1.35.2",
69
- "@tern-secure/shared": "1.3.0-canary.v20250919134427",
70
- "@tern-secure/types": "1.1.0-canary.v20250919134427"
80
+ "@tern-secure/shared": "1.3.0-canary.v20251002175916",
81
+ "@tern-secure/types": "1.1.0-canary.v20251002175916"
71
82
  },
72
83
  "devDependencies": {
73
84
  "@types/js-cookie": "^3.0.6",
package/dist/admin/gemini.sessionTernSecure.d.ts DELETED
@@ -1,8 +0,0 @@
1
- import type { CookieStore, SessionParams, SessionResult } from "@tern-secure/types";
2
- import type { RequestOptions } from "../tokens/types";
3
- export declare function createSessionCookie(params: SessionParams | string, cookieStore: CookieStore, options?: RequestOptions & {
4
- cookies?: any;
5
- }): Promise<SessionResult>;
6
- export declare function clearSessionCookie(cookieStore: CookieStore, options?: RequestOptions): Promise<SessionResult>;
7
- export declare function createCustomToken(uid: string, options?: RequestOptions): Promise<string | null>;
8
- //# sourceMappingURL=gemini.sessionTernSecure.d.ts.map
package/dist/admin/gemini.sessionTernSecure.d.ts.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"gemini.sessionTernSecure.d.ts","sourceRoot":"","sources":["../../src/admin/gemini.sessionTernSecure.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,WAAW,EACX,aAAa,EACb,aAAa,EACd,MAAM,oBAAoB,CAAC;AAG5B,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAGtD,wBAAsB,mBAAmB,CACvC,MAAM,EAAE,aAAa,GAAG,MAAM,EAC9B,WAAW,EAAE,WAAW,EACxB,OAAO,CAAC,EAAE,cAAc,GAAG;IAAE,OAAO,CAAC,EAAE,GAAG,CAAA;CAAE,GAC3C,OAAO,CAAC,aAAa,CAAC,CA2HxB;AAED,wBAAsB,kBAAkB,CACtC,WAAW,EAAE,WAAW,EACxB,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,aAAa,CAAC,CAgDxB;AAED,wBAAsB,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CASrG"}
package/dist/chunk-ZIO4EKS5.mjs.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/constants.ts","../src/tokens/ternSecureRequest.ts","../src/tokens/ternUrl.ts","../src/tokens/sessionConfig.ts"],"sourcesContent":["export const GOOGLE_PUBLIC_KEYS_URL =\n 'https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com';\nexport const SESSION_COOKIE_PUBLIC_KEYS_URL =\n 'https://www.googleapis.com/identitytoolkit/v3/relyingparty/publicKeys';\nexport const MAX_CACHE_LAST_UPDATED_AT_SECONDS = 5 * 60;\nexport const DEFAULT_CACHE_DURATION = 3600 * 1000; // 1 hour in milliseconds\nexport const CACHE_CONTROL_REGEX = /max-age=(\\d+)/;\n\nconst Attributes = {\n AuthToken: '__ternsecureAuthToken',\n AuthSignature: '__ternsecureAuthSignature',\n AuthStatus: '__ternsecureAuthStatus',\n AuthReason: '__ternsecureAuthReason',\n AuthMessage: '__ternsecureAuthMessage',\n TernSecureUrl: '__ternsecureUrl',\n} as const;\n\nconst Cookies = {\n Session: '__session',\n IdToken: '_tern',\n CsrfToken: '_session_terncf',\n SessionCookie: '_session_cookie',\n SessionToken: '_session_token',\n Refresh: '__refresh',\n Handshake: '__ternsecure_handshake',\n DevBrowser: '__ternsecure_db_jwt',\n RedirectCount: '__ternsecure_redirect_count',\n HandshakeNonce: '__ternsecure_handshake_nonce',\n} as const;\n\nconst Headers = {\n Accept: 'accept',\n AuthMessage: 'x-ternsecure-auth-message',\n Authorization: 'authorization',\n AuthReason: 'x-ternsecure-auth-reason',\n AuthSignature: 'x-ternsecure-auth-signature',\n AuthStatus: 'x-ternsecure-auth-status',\n AuthToken: 'x-ternsecure-auth-token',\n CacheControl: 'cache-control',\n TernSecureRedirectTo: 'x-ternsecure-redirect-to',\n TernSecureRequestData: 'x-ternsecure-request-data',\n TernSecureUrl: 'x-ternsecure-url',\n CloudFrontForwardedProto: 'cloudfront-forwarded-proto',\n ContentType: 'content-type',\n ContentSecurityPolicy: 'content-security-policy',\n ContentSecurityPolicyReportOnly: 'content-security-policy-report-only',\n EnableDebug: 'x-ternsecure-debug',\n ForwardedHost: 'x-forwarded-host',\n ForwardedPort: 'x-forwarded-port',\n ForwardedProto: 'x-forwarded-proto',\n Host: 'host',\n Location: 'location',\n Nonce: 'x-nonce',\n Origin: 'origin',\n Referrer: 'referer',\n SecFetchDest: 'sec-fetch-dest',\n UserAgent: 'user-agent',\n ReportingEndpoints: 'reporting-endpoints',\n} as const;\n\nconst ContentTypes = {\n Json: 'application/json',\n} as const;\n\n/**\n * @internal\n */\nexport const constants = {\n Attributes,\n Cookies,\n Headers,\n ContentTypes,\n} as const;\n\nexport type Constants = typeof constants;\n","import { parse } from \"cookie\";\n\nimport { constants } from \"../constants\";\nimport type { TernUrl } from \"./ternUrl\";\nimport { createTernUrl } from \"./ternUrl\";\n\nclass TernSecureRequest extends Request {\n readonly ternUrl: TernUrl;\n readonly cookies: Map<string, string | undefined>;\n\n public constructor(\n input: TernSecureRequest | Request | RequestInfo,\n init?: RequestInit\n ) {\n const url =\n typeof input !== \"string\" && \"url\" in input ? input.url : String(input);\n super(url, init || typeof input === \"string\" ? undefined : input);\n this.ternUrl = this.deriveUrlFromHeaders(this);\n this.cookies = this.parseCookies(this);\n }\n\n public toJSON() {\n return {\n url: this.ternUrl.href,\n method: this.method,\n headers: JSON.stringify(Object.fromEntries(this.headers)),\n ternUrl: this.ternUrl.toString(),\n cookies: JSON.stringify(Object.fromEntries(this.cookies)),\n };\n }\n\n private deriveUrlFromHeaders(req: Request) {\n const initialUrl = new URL(req.url);\n const forwardedProto = req.headers.get(constants.Headers.ForwardedProto);\n const forwardedHost = req.headers.get(constants.Headers.ForwardedHost);\n const host = req.headers.get(constants.Headers.Host);\n const protocol = initialUrl.protocol;\n\n const resolvedHost = this.getFirstValueFromHeader(forwardedHost) ?? host;\n const resolvedProtocol =\n this.getFirstValueFromHeader(forwardedProto) ??\n protocol?.replace(/[:/]/, \"\");\n const origin =\n resolvedHost && resolvedProtocol\n ? `${resolvedProtocol}://${resolvedHost}`\n : initialUrl.origin;\n\n if (origin === initialUrl.origin) {\n return createTernUrl(initialUrl);\n }\n\n return createTernUrl(initialUrl.pathname + initialUrl.search, origin);\n }\n\n private getFirstValueFromHeader(value?: string | null) {\n return value?.split(\",\")[0];\n }\n\n private parseCookies(req: Request) {\n const cookiesRecord = parse(\n this.decodeCookieValue(req.headers.get(\"cookie\") || \"\")\n );\n return new Map(Object.entries(cookiesRecord));\n }\n\n private decodeCookieValue(str: string) {\n return str ? str.replace(/(%[0-9A-Z]{2})+/g, decodeURIComponent) : str;\n }\n}\n\nexport const createTernSecureRequest = (\n ...args: ConstructorParameters<typeof TernSecureRequest>\n): TernSecureRequest => {\n return args[0] instanceof TernSecureRequest\n ? args[0]\n : new TernSecureRequest(...args);\n};\n\nexport type { TernSecureRequest };\n","class TernUrl extends URL {\n public isCrossOrigin(other: URL | string) {\n return this.origin !== new URL(other.toString()).origin;\n }\n}\n\nexport type WithTernUrl<T> = T & {\n /**\n * When a NextJs app is hosted on a platform different from Vercel\n * or inside a container (Netlify, Fly.io, AWS Amplify, docker etc),\n * req.url is always set to `localhost:3000` instead of the actual host of the app.\n *\n */\n ternUrl: TernUrl;\n};\n\nexport const createTernUrl = (\n ...args: ConstructorParameters<typeof TernUrl>\n): TernUrl => {\n return new TernUrl(...args);\n};\n\nexport type { TernUrl };\n","import type { RequestOptions } from \"./types\";\n\nexport const getSessionConfig = (options?: RequestOptions) => {\n const cookieConfig = options?.cookies?.session_cookie;\n \n return {\n COOKIE_NAME: cookieConfig?.name,\n DEFAULT_EXPIRES_IN_MS: cookieConfig?.attributes?.maxAge,\n DEFAULT_EXPIRES_IN_SECONDS: Math.floor((cookieConfig?.attributes?.maxAge || 0) / 1000),\n REVOKE_REFRESH_TOKENS_ON_SIGNOUT: cookieConfig?.revokeRefreshTokensOnSignOut,\n };\n};\n\n\nexport const getCookieOptions = (options?: RequestOptions) => {\n const cookieConfig = options?.cookies?.session_cookie;\n \n return {\n httpOnly: cookieConfig?.attributes?.httpOnly,\n secure: cookieConfig?.attributes?.secure,\n sameSite: cookieConfig?.attributes?.sameSite,\n path: cookieConfig?.attributes?.path,\n };\n};"],"mappings":";AAEO,IAAM,iCACX;AACK,IAAM,oCAAoC,IAAI;AAC9C,IAAM,yBAAyB,OAAO;AACtC,IAAM,sBAAsB;AAEnC,IAAM,aAAa;AAAA,EACjB,WAAW;AAAA,EACX,eAAe;AAAA,EACf,YAAY;AAAA,EACZ,YAAY;AAAA,EACZ,aAAa;AAAA,EACb,eAAe;AACjB;AAEA,IAAM,UAAU;AAAA,EACd,SAAS;AAAA,EACT,SAAS;AAAA,EACT,WAAW;AAAA,EACX,eAAe;AAAA,EACf,cAAc;AAAA,EACd,SAAS;AAAA,EACT,WAAW;AAAA,EACX,YAAY;AAAA,EACZ,eAAe;AAAA,EACf,gBAAgB;AAClB;AAEA,IAAM,UAAU;AAAA,EACd,QAAQ;AAAA,EACR,aAAa;AAAA,EACb,eAAe;AAAA,EACf,YAAY;AAAA,EACZ,eAAe;AAAA,EACf,YAAY;AAAA,EACZ,WAAW;AAAA,EACX,cAAc;AAAA,EACd,sBAAsB;AAAA,EACtB,uBAAuB;AAAA,EACvB,eAAe;AAAA,EACf,0BAA0B;AAAA,EAC1B,aAAa;AAAA,EACb,uBAAuB;AAAA,EACvB,iCAAiC;AAAA,EACjC,aAAa;AAAA,EACb,eAAe;AAAA,EACf,eAAe;AAAA,EACf,gBAAgB;AAAA,EAChB,MAAM;AAAA,EACN,UAAU;AAAA,EACV,OAAO;AAAA,EACP,QAAQ;AAAA,EACR,UAAU;AAAA,EACV,cAAc;AAAA,EACd,WAAW;AAAA,EACX,oBAAoB;AACtB;AAEA,IAAM,eAAe;AAAA,EACnB,MAAM;AACR;AAKO,IAAM,YAAY;AAAA,EACvB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;;;ACxEA,SAAS,aAAa;;;ACAtB,IAAM,UAAN,cAAsB,IAAI;AAAA,EACjB,cAAc,OAAqB;AACxC,WAAO,KAAK,WAAW,IAAI,IAAI,MAAM,SAAS,CAAC,EAAE;AAAA,EACnD;AACF;AAYO,IAAM,gBAAgB,IACxB,SACS;AACZ,SAAO,IAAI,QAAQ,GAAG,IAAI;AAC5B;;;ADdA,IAAM,oBAAN,cAAgC,QAAQ;AAAA,EAC7B;AAAA,EACA;AAAA,EAEF,YACL,OACA,MACA;AACA,UAAM,MACJ,OAAO,UAAU,YAAY,SAAS,QAAQ,MAAM,MAAM,OAAO,KAAK;AACxE,UAAM,KAAK,QAAQ,OAAO,UAAU,WAAW,SAAY,KAAK;AAChE,SAAK,UAAU,KAAK,qBAAqB,IAAI;AAC7C,SAAK,UAAU,KAAK,aAAa,IAAI;AAAA,EACvC;AAAA,EAEO,SAAS;AACd,WAAO;AAAA,MACL,KAAK,KAAK,QAAQ;AAAA,MAClB,QAAQ,KAAK;AAAA,MACb,SAAS,KAAK,UAAU,OAAO,YAAY,KAAK,OAAO,CAAC;AAAA,MACxD,SAAS,KAAK,QAAQ,SAAS;AAAA,MAC/B,SAAS,KAAK,UAAU,OAAO,YAAY,KAAK,OAAO,CAAC;AAAA,IAC1D;AAAA,EACF;AAAA,EAEQ,qBAAqB,KAAc;AACzC,UAAM,aAAa,IAAI,IAAI,IAAI,GAAG;AAClC,UAAM,iBAAiB,IAAI,QAAQ,IAAI,UAAU,QAAQ,cAAc;AACvE,UAAM,gBAAgB,IAAI,QAAQ,IAAI,UAAU,QAAQ,aAAa;AACrE,UAAM,OAAO,IAAI,QAAQ,IAAI,UAAU,QAAQ,IAAI;AACnD,UAAM,WAAW,WAAW;AAE5B,UAAM,eAAe,KAAK,wBAAwB,aAAa,KAAK;AACpE,UAAM,mBACJ,KAAK,wBAAwB,cAAc,KAC3C,UAAU,QAAQ,QAAQ,EAAE;AAC9B,UAAM,SACJ,gBAAgB,mBACZ,GAAG,gBAAgB,MAAM,YAAY,KACrC,WAAW;AAEjB,QAAI,WAAW,WAAW,QAAQ;AAChC,aAAO,cAAc,UAAU;AAAA,IACjC;AAEA,WAAO,cAAc,WAAW,WAAW,WAAW,QAAQ,MAAM;AAAA,EACtE;AAAA,EAEQ,wBAAwB,OAAuB;AACrD,WAAO,OAAO,MAAM,GAAG,EAAE,CAAC;AAAA,EAC5B;AAAA,EAEQ,aAAa,KAAc;AACjC,UAAM,gBAAgB;AAAA,MACpB,KAAK,kBAAkB,IAAI,QAAQ,IAAI,QAAQ,KAAK,EAAE;AAAA,IACxD;AACA,WAAO,IAAI,IAAI,OAAO,QAAQ,aAAa,CAAC;AAAA,EAC9C;AAAA,EAEQ,kBAAkB,KAAa;AACrC,WAAO,MAAM,IAAI,QAAQ,oBAAoB,kBAAkB,IAAI;AAAA,EACrE;AACF;AAEO,IAAM,0BAA0B,IAClC,SACmB;AACtB,SAAO,KAAK,CAAC,aAAa,oBACtB,KAAK,CAAC,IACN,IAAI,kBAAkB,GAAG,IAAI;AACnC;;;AE1EO,IAAM,mBAAmB,CAAC,YAA6B;AAC5D,QAAM,eAAe,SAAS,SAAS;AAEvC,SAAO;AAAA,IACL,aAAa,cAAc;AAAA,IAC3B,uBAAuB,cAAc,YAAY;AAAA,IACjD,4BAA4B,KAAK,OAAO,cAAc,YAAY,UAAU,KAAK,GAAI;AAAA,IACrF,kCAAkC,cAAc;AAAA,EAClD;AACF;AAGO,IAAM,mBAAmB,CAAC,YAA6B;AAC5D,QAAM,eAAe,SAAS,SAAS;AAEvC,SAAO;AAAA,IACL,UAAU,cAAc,YAAY;AAAA,IACpC,QAAQ,cAAc,YAAY;AAAA,IAClC,UAAU,cAAc,YAAY;AAAA,IACpC,MAAM,cAAc,YAAY;AAAA,EAClC;AACF;","names":[]}