@tern-secure/backend 1.2.0-canary.v20251202164451 → 1.2.0-canary.v20251202175855

package/dist/auth/index.js

@@ -1,9 +1,7 @@
 "use strict";
-var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
   for (var name in all)
@@ -17,14 +15,6 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-  mod
-));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 
 // src/auth/index.ts
@@ -742,14 +732,6 @@ var ONE_HOUR_IN_SECONDS = 60 * 60;
 var ONE_MINUTE_IN_SECONDS = 60;
 var ONE_MINUTE_IN_MILLIS = ONE_MINUTE_IN_SECONDS * 1e3;
 var ONE_DAY_IN_MILLIS = 24 * 60 * 60 * 1e3;
-var Attributes = {
-  AuthToken: "__ternsecureAuthToken",
-  AuthSignature: "__ternsecureAuthSignature",
-  AuthStatus: "__ternsecureAuthStatus",
-  AuthReason: "__ternsecureAuthReason",
-  AuthMessage: "__ternsecureAuthMessage",
-  TernSecureUrl: "__ternsecureUrl"
-};
 var Cookies = {
   Session: "__session",
   CsrfToken: "__terncf",
@@ -774,46 +756,6 @@ var QueryParameters = {
   HandshakeReason: "__tern_hs_reason",
   HandshakeNonce: Cookies.HandshakeNonce
 };
-var Headers2 = {
-  Accept: "accept",
-  AppCheckToken: "x-ternsecure-appcheck",
-  AuthMessage: "x-ternsecure-auth-message",
-  Authorization: "authorization",
-  AuthReason: "x-ternsecure-auth-reason",
-  AuthSignature: "x-ternsecure-auth-signature",
-  AuthStatus: "x-ternsecure-auth-status",
-  AuthToken: "x-ternsecure-auth-token",
-  CacheControl: "cache-control",
-  TernSecureRedirectTo: "x-ternsecure-redirect-to",
-  TernSecureRequestData: "x-ternsecure-request-data",
-  TernSecureUrl: "x-ternsecure-url",
-  CloudFrontForwardedProto: "cloudfront-forwarded-proto",
-  ContentType: "content-type",
-  ContentSecurityPolicy: "content-security-policy",
-  ContentSecurityPolicyReportOnly: "content-security-policy-report-only",
-  EnableDebug: "x-ternsecure-debug",
-  ForwardedHost: "x-forwarded-host",
-  ForwardedPort: "x-forwarded-port",
-  ForwardedProto: "x-forwarded-proto",
-  Host: "host",
-  Location: "location",
-  Nonce: "x-nonce",
-  Origin: "origin",
-  Referrer: "referer",
-  SecFetchDest: "sec-fetch-dest",
-  UserAgent: "user-agent",
-  ReportingEndpoints: "reporting-endpoints"
-};
-var ContentTypes = {
-  Json: "application/json"
-};
-var constants = {
-  Attributes,
-  Cookies,
-  Headers: Headers2,
-  ContentTypes,
-  QueryParameters
-};
 
 // src/app-check/generator.ts
 function transformMillisecondsToSecondsString(milliseconds) {
@@ -875,99 +817,12 @@ var AppCheckTokenGenerator = class {
 // src/app-check/serverAppCheck.ts
 var import_redis = require("@upstash/redis");
 
-// src/admin/sessionTernSecure.ts
-var import_errors4 = require("@tern-secure/shared/errors");
-
-// src/utils/admin-init.ts
-var import_firebase_admin = __toESM(require("firebase-admin"));
-var import_app_check = require("firebase-admin/app-check");
-
 // src/utils/config.ts
 var loadAdminConfig = () => ({
   projectId: process.env.FIREBASE_PROJECT_ID || "",
   clientEmail: process.env.FIREBASE_CLIENT_EMAIL || "",
   privateKey: process.env.FIREBASE_PRIVATE_KEY || ""
 });
-var validateAdminConfig = (config) => {
-  const requiredFields = [
-    "projectId",
-    "clientEmail",
-    "privateKey"
-  ];
-  const errors = [];
-  requiredFields.forEach((field) => {
-    if (!config[field]) {
-      errors.push(`Missing required field: FIREBASE_${String(field).toUpperCase()}`);
-    }
-  });
-  return {
-    isValid: errors.length === 0,
-    errors,
-    config
-  };
-};
-var initializeAdminConfig = () => {
-  const config = loadAdminConfig();
-  const validationResult = validateAdminConfig(config);
-  if (!validationResult.isValid) {
-    throw new Error(
-      `Firebase Admin configuration validation failed:
-${validationResult.errors.join("\n")}`
-    );
-  }
-  return config;
-};
-
-// src/utils/admin-init.ts
-if (!import_firebase_admin.default.apps.length) {
-  try {
-    const config = initializeAdminConfig();
-    import_firebase_admin.default.initializeApp({
-      credential: import_firebase_admin.default.credential.cert({
-        ...config,
-        privateKey: config.privateKey.replace(/\\n/g, "\n")
-      })
-    });
-  } catch (error) {
-    console.error("Firebase admin initialization error", error);
-  }
-}
-var adminTernSecureAuth = import_firebase_admin.default.auth();
-var adminTernSecureDb = import_firebase_admin.default.firestore();
-var TernSecureTenantManager = import_firebase_admin.default.auth().tenantManager();
-var appCheckAdmin = (0, import_app_check.getAppCheck)();
-
-// src/admin/sessionTernSecure.ts
-var DEFAULT_COOKIE_CONFIG = {
-  DEFAULT_EXPIRES_IN_MS: 5 * 60 * 1e3,
-  // 5 minutes
-  DEFAULT_EXPIRES_IN_SECONDS: 5 * 60,
-  REVOKE_REFRESH_TOKENS_ON_SIGNOUT: true
-};
-var DEFAULT_COOKIE_OPTIONS = {
-  httpOnly: true,
-  secure: process.env.NODE_ENV === "production",
-  sameSite: "strict",
-  path: "/"
-};
-
-// src/admin/nextSessionTernSecure.ts
-var import_cookie = require("@tern-secure/shared/cookie");
-var import_errors5 = require("@tern-secure/shared/errors");
-var import_headers = require("next/headers");
-var SESSION_CONSTANTS = {
-  COOKIE_NAME: constants.Cookies.Session,
-  DEFAULT_EXPIRES_IN_MS: 60 * 60 * 24 * 5 * 1e3,
-  // 5 days
-  DEFAULT_EXPIRES_IN_SECONDS: 60 * 60 * 24 * 5,
-  REVOKE_REFRESH_TOKENS_ON_SIGNOUT: true
-};
-
-// src/tokens/ternSecureRequest.ts
-var import_cookie2 = require("cookie");
-
-// src/admin/user.ts
-var import_errors6 = require("@tern-secure/shared/errors");
 
 // src/app-check/verifier.ts
 var import_jose6 = require("jose");
@@ -1047,7 +902,7 @@ var AppCheck = class {
     });
   };
 };
-function getAppCheck2(serviceAccount, tenantId, limitedUse) {
+function getAppCheck(serviceAccount, tenantId, limitedUse) {
   return new AppCheck(new ServiceAccountManager(serviceAccount), tenantId, limitedUse);
 }
 
@@ -1280,7 +1135,7 @@ function getAuth(options) {
   async function createAppCheckToken() {
     const adminConfig = loadAdminConfig();
     const appId = process.env.NEXT_PUBLIC_FIREBASE_APP_ID || "";
-    const appCheck = getAppCheck2(adminConfig, options.tenantId);
+    const appCheck = getAppCheck(adminConfig, options.tenantId);
     try {
       const appCheckResponse = await appCheck.createToken(adminConfig.projectId, appId);
       return {
@@ -1296,7 +1151,7 @@ function getAuth(options) {
   }
   async function verifyAppCheckToken2(token) {
     const adminConfig = loadAdminConfig();
-    const appCheck = getAppCheck2(adminConfig, options.tenantId);
+    const appCheck = getAppCheck(adminConfig, options.tenantId);
     try {
       const decodedToken = await appCheck.verifyToken(token, adminConfig.projectId, {});
       return {