@tern-secure/nextjs 5.1.8 → 5.1.9

package/dist/types/server/edge-session.d.ts

@@ -1,4 +1,16 @@
 import type { NextRequest } from "next/server";
-import type { SessionResult } from "./types";
+import type { BaseUser, SessionResult } from "./types";
 export declare function verifySession(request: NextRequest): Promise<SessionResult>;
+/**
+ * Edge-compatible token verification using Firebase Auth REST API
+ */
+export declare function verifyTokenEdge(idToken: string): Promise<BaseUser | null>;
+/**
+ * Edge-compatible session cookie verification
+ */
+export declare function verifySessionEdge(sessionCookie: string): Promise<BaseUser | null>;
+/**
+ * Edge-compatible session verification using Firebase Auth REST API
+ */
+export declare function VerifySessionWithRestApi(request: NextRequest): Promise<SessionResult>;
 //# sourceMappingURL=edge-session.d.ts.map

package/dist/types/server/edge-session.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"edge-session.d.ts","sourceRoot":"","sources":["../../../src/server/edge-session.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAY,MAAM,SAAS,CAAA;AAItD,wBAAsB,aAAa,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,aAAa,CAAC,CA6DhF"}
+{"version":3,"file":"edge-session.d.ts","sourceRoot":"","sources":["../../../src/server/edge-session.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAG/C,OAAO,KAAK,EAAE,QAAQ,EAAC,aAAa,EAAE,MAAM,SAAS,CAAC;AAEtD,wBAAsB,aAAa,CACjC,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,aAAa,CAAC,CAgCxB;AAED;;GAEG;AACH,wBAAsB,eAAe,CACnC,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CA+B1B;AAED;;GAEG;AACH,wBAAsB,iBAAiB,CACrC,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CA+B1B;AAED;;GAEG;AACH,wBAAsB,wBAAwB,CAC5C,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,aAAa,CAAC,CAmDxB"}

package/dist/types/server/headers-utils.d.ts

@@ -0,0 +1,10 @@
+import { constants } from '@tern-secure/backend';
+import type { NextRequest } from 'next/server';
+import type { RequestLike } from './types';
+export declare function getCustomAttributeFromRequest(req: RequestLike, key: string): string | null | undefined;
+export declare function getAuthKeyFromRequest(req: RequestLike, key: keyof typeof constants.Attributes): string | null | undefined;
+export declare function getHeader(req: RequestLike, name: string): string | null | undefined;
+export declare function detectClerkMiddleware(req: RequestLike): boolean;
+export declare function isNextRequest(val: unknown): val is NextRequest;
+export declare function isRequestWebAPI(val: unknown): val is Request;
+//# sourceMappingURL=headers-utils.d.ts.map

package/dist/types/server/headers-utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"headers-utils.d.ts","sourceRoot":"","sources":["../../../src/server/headers-utils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE/C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAE3C,wBAAgB,6BAA6B,CAAC,GAAG,EAAE,WAAW,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,GAAG,SAAS,CAGtG;AAED,wBAAgB,qBAAqB,CACnC,GAAG,EAAE,WAAW,EAChB,GAAG,EAAE,MAAM,OAAO,SAAS,CAAC,UAAU,GACrC,MAAM,GAAG,IAAI,GAAG,SAAS,CAE3B;AAED,wBAAgB,SAAS,CAAC,GAAG,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,GAAG,SAAS,CASnF;AAED,wBAAgB,qBAAqB,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO,CAE/D;AAED,wBAAgB,aAAa,CAAC,GAAG,EAAE,OAAO,GAAG,GAAG,IAAI,WAAW,CAW9D;AAED,wBAAgB,eAAe,CAAC,GAAG,EAAE,OAAO,GAAG,GAAG,IAAI,OAAO,CAO5D"}

package/dist/types/server/index.d.ts

@@ -1,4 +1,7 @@
-export { ternSecureMiddleware, createRouteMatcher } from './ternSecureMiddleware';
-export { auth, getUser, type AuthResult } from './auth';
-export type { User, SessionResult } from './types';
+export { ternSecureMiddleware, } from "./ternSecureEdgeMiddleware";
+export { createRouteMatcher } from "./routeMatcher";
+export { auth } from "../app-router/server/auth";
+export type { AuthResult } from "../app-router/server/auth";
+export type { BaseUser, SessionResult } from "./types";
+export { NextCookieStore } from "../utils/NextCookieAdapter";
 //# sourceMappingURL=index.d.ts.map

package/dist/types/server/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAA;AACjF,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,UAAU,EAAE,MAAM,QAAQ,CAAA;AACvD,YAAY,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oBAAoB,GACrB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EACL,IAAI,EACL,MAAM,2BAA2B,CAAC;AACnC,YAAY,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AAC5D,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACvD,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC"}

package/dist/types/server/jwt-edge.d.ts

@@ -1,20 +1,14 @@
-export declare function verifyFirebaseToken(token: string, isSessionCookie?: boolean): Promise<{
+interface FirebaseTokenResult {
     valid: boolean;
-    uid: string;
-    email: string | undefined;
-    emailVerified: boolean | undefined;
-    authTime: number;
-    issuedAt: number;
-    expiresAt: number;
-    error?: undefined;
-} | {
-    valid: boolean;
-    error: string;
-    uid?: undefined;
-    email?: undefined;
-    emailVerified?: undefined;
-    authTime?: undefined;
-    issuedAt?: undefined;
-    expiresAt?: undefined;
-}>;
+    tenant?: string;
+    uid?: string;
+    email?: string | null;
+    emailVerified?: boolean;
+    authTime?: number;
+    issuedAt?: number;
+    expiresAt?: number;
+    error?: string;
+}
+export declare function verifyFirebaseToken(token: string, isSessionCookie?: boolean): Promise<FirebaseTokenResult>;
+export {};
 //# sourceMappingURL=jwt-edge.d.ts.map

package/dist/types/server/jwt-edge.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"jwt-edge.d.ts","sourceRoot":"","sources":["../../../src/server/jwt-edge.ts"],"names":[],"mappings":"AAuDA,wBAAsB,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,eAAe,UAAQ;;;;;;;;;;;;;;;;;;GAmE3E"}
+{"version":3,"file":"jwt-edge.d.ts","sourceRoot":"","sources":["../../../src/server/jwt-edge.ts"],"names":[],"mappings":"AAsBA,UAAU,mBAAmB;IAC3B,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAoCD,wBAAsB,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,eAAe,UAAQ,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAmG9G"}

package/dist/types/server/jwt.d.ts

@@ -1,20 +1,14 @@
-export declare function verifyFirebaseToken(token: string, isSessionCookie?: boolean): Promise<{
+interface FirebaseTokenResult {
     valid: boolean;
-    uid: string;
-    email: string | undefined;
-    emailVerified: boolean | undefined;
-    authTime: number;
-    issuedAt: number;
-    expiresAt: number;
-    error?: undefined;
-} | {
-    valid: boolean;
-    error: string;
-    uid?: undefined;
-    email?: undefined;
-    emailVerified?: undefined;
-    authTime?: undefined;
-    issuedAt?: undefined;
-    expiresAt?: undefined;
-}>;
+    tenant?: string;
+    uid?: string;
+    email?: string | null;
+    emailVerified?: boolean;
+    authTime?: number;
+    issuedAt?: number;
+    expiresAt?: number;
+    error?: string;
+}
+export declare function verifyFirebaseToken(token: string, isSessionCookie?: boolean): Promise<FirebaseTokenResult>;
+export {};
 //# sourceMappingURL=jwt.d.ts.map

package/dist/types/server/jwt.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../../src/server/jwt.ts"],"names":[],"mappings":"AAuDA,wBAAsB,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,eAAe,UAAQ;;;;;;;;;;;;;;;;;;GAoF/E"}
+{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../../src/server/jwt.ts"],"names":[],"mappings":"AAsBA,UAAU,mBAAmB;IAC3B,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAsCD,wBAAsB,mBAAmB,CACvC,KAAK,EAAE,MAAM,EACb,eAAe,UAAQ,GACtB,OAAO,CAAC,mBAAmB,CAAC,CA+F9B"}

package/dist/types/server/nextErrors.d.ts

@@ -0,0 +1,54 @@
+declare const CONTROL_FLOW_ERROR: {
+    REDIRECT_TO_URL: string;
+    REDIRECT_TO_SIGN_IN: string;
+    REDIRECT_TO_SIGN_UP: string;
+};
+/**
+ * In-house implementation of `notFound()`
+ * https://github.com/vercel/next.js/blob/canary/packages/next/src/client/components/not-found.ts
+ */
+declare const LEGACY_NOT_FOUND_ERROR_CODE = "NEXT_NOT_FOUND";
+type LegacyNotFoundError = Error & {
+    digest: typeof LEGACY_NOT_FOUND_ERROR_CODE;
+};
+/**
+ * Checks for the error thrown from `notFound()` for versions <= next@15.0.4
+ */
+declare function isLegacyNextjsNotFoundError(error: unknown): error is LegacyNotFoundError;
+export declare const HTTP_ERROR_FALLBACK_ERROR_CODE = "NEXT_HTTP_ERROR_FALLBACK";
+export type HTTPAccessFallbackError = Error & {
+    digest: `${typeof HTTP_ERROR_FALLBACK_ERROR_CODE};${string}`;
+};
+export declare function isHTTPAccessFallbackError(error: unknown): error is HTTPAccessFallbackError;
+export declare function whichHTTPAccessFallbackError(error: unknown): number | undefined;
+declare function isNextjsNotFoundError(error: unknown): error is LegacyNotFoundError | HTTPAccessFallbackError;
+/**
+ * In-house implementation of `redirect()` extended with a `tern_digest` property
+ * https://github.com/vercel/next.js/blob/canary/packages/next/src/client/components/redirect.ts
+ */
+declare const REDIRECT_ERROR_CODE = "NEXT_REDIRECT";
+type RedirectError<T = unknown> = Error & {
+    digest: `${typeof REDIRECT_ERROR_CODE};${'replace'};${string};${307};`;
+    tern_digest: typeof CONTROL_FLOW_ERROR.REDIRECT_TO_URL | typeof CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN;
+} & T;
+declare function nextjsRedirectError(url: string, extra: Record<string, unknown>, type?: 'replace', statusCode?: 307): never;
+declare function redirectToSignInError(url: string, returnBackUrl?: string | URL | null): never;
+declare function redirectToSignUpError(url: string, returnBackUrl?: string | URL | null): never;
+/**
+ * Checks an error to determine if it's an error generated by the
+ * `redirect(url)` helper.
+ *
+ * @param error the error that may reference a redirect error
+ * @returns true if the error is a redirect error
+ */
+declare function isNextjsRedirectError(error: unknown): error is RedirectError<{
+    redirectUrl: string | URL;
+}>;
+declare function isRedirectToSignInError(error: unknown): error is RedirectError<{
+    returnBackUrl: string | URL;
+}>;
+declare function isRedirectToSignUpError(error: unknown): error is RedirectError<{
+    returnBackUrl: string | URL;
+}>;
+export { isNextjsNotFoundError, isLegacyNextjsNotFoundError, redirectToSignInError, redirectToSignUpError, nextjsRedirectError, isNextjsRedirectError, isRedirectToSignInError, isRedirectToSignUpError, };
+//# sourceMappingURL=nextErrors.d.ts.map

package/dist/types/server/nextErrors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"nextErrors.d.ts","sourceRoot":"","sources":["../../../src/server/nextErrors.ts"],"names":[],"mappings":"AACA,QAAA,MAAM,kBAAkB;;;;CAIvB,CAAC;AAEF;;;GAGG;AACH,QAAA,MAAM,2BAA2B,mBAAmB,CAAC;AAErD,KAAK,mBAAmB,GAAG,KAAK,GAAG;IACjC,MAAM,EAAE,OAAO,2BAA2B,CAAC;CAC5C,CAAC;AAEF;;GAEG;AACH,iBAAS,2BAA2B,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,mBAAmB,CAMjF;AAUD,eAAO,MAAM,8BAA8B,6BAA6B,CAAC;AAEzE,MAAM,MAAM,uBAAuB,GAAG,KAAK,GAAG;IAC5C,MAAM,EAAE,GAAG,OAAO,8BAA8B,IAAI,MAAM,EAAE,CAAC;CAC9D,CAAC;AAEF,wBAAgB,yBAAyB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,uBAAuB,CAO1F;AAED,wBAAgB,4BAA4B,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,GAAG,SAAS,CAO/E;AAED,iBAAS,qBAAqB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,mBAAmB,GAAG,uBAAuB,CAMrG;AAED;;;GAGG;AAEH,QAAA,MAAM,mBAAmB,kBAAkB,CAAC;AAE5C,KAAK,aAAa,CAAC,CAAC,GAAG,OAAO,IAAI,KAAK,GAAG;IACxC,MAAM,EAAE,GAAG,OAAO,mBAAmB,IAAI,SAAS,IAAI,MAAM,IAAI,GAAG,GAAG,CAAC;IACvE,WAAW,EAAE,OAAO,kBAAkB,CAAC,eAAe,GAAG,OAAO,kBAAkB,CAAC,mBAAmB,CAAC;CACxG,GAAG,CAAC,CAAC;AAEN,iBAAS,mBAAmB,CAC1B,GAAG,EAAE,MAAM,EACX,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC9B,IAAI,GAAE,SAAqB,EAC3B,UAAU,GAAE,GAAS,GACpB,KAAK,CAMP;AAMD,iBAAS,qBAAqB,CAAC,GAAG,EAAE,MAAM,EAAE,aAAa,CAAC,EAAE,MAAM,GAAG,GAAG,GAAG,IAAI,GAAG,KAAK,CAKtF;AAED,iBAAS,qBAAqB,CAAC,GAAG,EAAE,MAAM,EAAE,aAAa,CAAC,EAAE,MAAM,GAAG,GAAG,GAAG,IAAI,GAAG,KAAK,CAKtF;AAED;;;;;;GAMG;AACH,iBAAS,qBAAqB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,aAAa,CAAC;IAAE,WAAW,EAAE,MAAM,GAAG,GAAG,CAAA;CAAE,CAAC,CAmBpG;AAED,iBAAS,uBAAuB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,aAAa,CAAC;IAAE,aAAa,EAAE,MAAM,GAAG,GAAG,CAAA;CAAE,CAAC,CAMxG;AAED,iBAAS,uBAAuB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,aAAa,CAAC;IAAE,aAAa,EAAE,MAAM,GAAG,GAAG,CAAA;CAAE,CAAC,CAMxG;AAED,OAAO,EACL,qBAAqB,EACrB,2BAA2B,EAC3B,qBAAqB,EACrB,qBAAqB,EACrB,mBAAmB,EACnB,qBAAqB,EACrB,uBAAuB,EACvB,uBAAuB,GACxB,CAAC"}

package/dist/types/server/nextFetcher.d.ts

@@ -0,0 +1,26 @@
+type Fetcher = typeof globalThis.fetch;
+/**
+ * Based on nextjs internal implementation https://github.com/vercel/next.js/blob/6185444e0a944a82e7719ac37dad8becfed86acd/packages/next/src/server/lib/patch-fetch.ts#L23
+ */
+type NextFetcher = Fetcher & {
+    readonly __nextPatched: true;
+    readonly __nextGetStaticStore: () => {
+        getStore: () => StaticGenerationAsyncStorage | undefined;
+    };
+};
+/**
+ * Full type can be found https://github.com/vercel/next.js/blob/6185444e0a944a82e7719ac37dad8becfed86acd/packages/next/src/client/components/static-generation-async-storage.external.ts#L4
+ */
+interface StaticGenerationAsyncStorage {
+    /**
+     * Available for Next 14
+     */
+    readonly pagePath?: string;
+    /**
+     * Available for Next 15
+     */
+    readonly page?: string;
+}
+declare function isNextFetcher(fetch: Fetcher | NextFetcher): fetch is NextFetcher;
+export { isNextFetcher };
+//# sourceMappingURL=nextFetcher.d.ts.map

package/dist/types/server/nextFetcher.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"nextFetcher.d.ts","sourceRoot":"","sources":["../../../src/server/nextFetcher.ts"],"names":[],"mappings":"AAAA,KAAK,OAAO,GAAG,OAAO,UAAU,CAAC,KAAK,CAAC;AAEvC;;GAEG;AACH,KAAK,WAAW,GAAG,OAAO,GAAG;IAC3B,QAAQ,CAAC,aAAa,EAAE,IAAI,CAAC;IAC7B,QAAQ,CAAC,oBAAoB,EAAE,MAAM;QAAE,QAAQ,EAAE,MAAM,4BAA4B,GAAG,SAAS,CAAA;KAAE,CAAC;CACnG,CAAC;AAEF;;GAEG;AACH,UAAU,4BAA4B;IACpC;;OAEG;IACH,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B;;OAEG;IACH,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,iBAAS,aAAa,CAAC,KAAK,EAAE,OAAO,GAAG,WAAW,GAAG,KAAK,IAAI,WAAW,CAEzE;AAED,OAAO,EAAE,aAAa,EAAE,CAAC"}

package/dist/types/server/node/SessionTernSecure.d.ts

@@ -0,0 +1,3 @@
+import type { TernVerificationResult } from "@tern-secure/types";
+export declare function verifyFirebaseToken(token: string): Promise<TernVerificationResult>;
+//# sourceMappingURL=SessionTernSecure.d.ts.map

package/dist/types/server/node/SessionTernSecure.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SessionTernSecure.d.ts","sourceRoot":"","sources":["../../../../src/server/node/SessionTernSecure.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,oBAAoB,CAAC;AAEjE,wBAAsB,mBAAmB,CACvC,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,sBAAsB,CAAC,CA0BjC"}

package/dist/types/server/{auth.d.ts → node/auth.d.ts}

@@ -1,10 +1,10 @@
-import type { UserInfo } from "./types";
+import type { BaseUser } from "../../types";
 export interface AuthResult {
-    user: UserInfo | null;
+    user: BaseUser | null;
     error: Error | null;
 }
 /**
- * Get the current authenticated user from the session or token
+ * Get the current authenticated user from the session cookies
  */
 export declare const auth: () => Promise<AuthResult>;
 /**
@@ -14,10 +14,10 @@ export declare const isAuthenticated: () => Promise<boolean>;
 /**
  * Get user info from auth result
  */
-export declare const getUser: () => Promise<UserInfo | null>;
+export declare const getUser: () => Promise<BaseUser | null>;
 /**
  * Require authentication
  * Throws error if not authenticated
  */
-export declare const requireAuth: () => Promise<UserInfo>;
+export declare const requireAuth: () => Promise<BaseUser>;
 //# sourceMappingURL=auth.d.ts.map

package/dist/types/server/node/auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../../src/server/node/auth.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAG5C,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAC;IACtB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;CACrB;AAED;;GAEG;AACH,eAAO,MAAM,IAAI,QAAmB,OAAO,CAAC,UAAU,CA4CpD,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,eAAe,QAAmB,OAAO,CAAC,OAAO,CAG5D,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,OAAO,QAAmB,OAAO,CAAC,QAAQ,GAAG,IAAI,CAG5D,CAAC;AAEH;;;GAGG;AACH,eAAO,MAAM,WAAW,QAAmB,OAAO,CAAC,QAAQ,CAQzD,CAAC"}

package/dist/types/server/node/index.d.ts

@@ -0,0 +1,3 @@
+export { ternSecureMiddleware, createRouteMatcher, } from "./ternSecureNodeMiddleware";
+export { auth, getUser, isAuthenticated, requireAuth, type AuthResult, } from "./auth";
+//# sourceMappingURL=index.d.ts.map

package/dist/types/server/node/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/server/node/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oBAAoB,EACpB,kBAAkB,GACnB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACL,IAAI,EACJ,OAAO,EACP,eAAe,EACf,WAAW,EACX,KAAK,UAAU,GAChB,MAAM,QAAQ,CAAC"}

package/dist/types/server/node/node-session.d.ts

@@ -0,0 +1,4 @@
+import type { NextRequest } from "next/server";
+import type { SessionResult } from "../types";
+export declare function verifySession(request: NextRequest): Promise<SessionResult>;
+//# sourceMappingURL=node-session.d.ts.map

package/dist/types/server/node/node-session.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"node-session.d.ts","sourceRoot":"","sources":["../../../../src/server/node/node-session.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE/C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAG9C,wBAAsB,aAAa,CACjC,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,aAAa,CAAC,CAmCxB"}

package/dist/types/server/node/ternSecureNodeMiddleware.d.ts

@@ -0,0 +1,54 @@
+import type { NextMiddleware, NextRequest } from "next/server";
+import type { BaseUser, NextMiddlewareEvtParam, NextMiddlewareRequestParam, NextMiddlewareReturn } from "../types";
+type RedirectToParams = {
+    returnBackUrl?: string | URL | null;
+};
+export type RedirectFun<ReturnType> = (params?: RedirectToParams) => ReturnType;
+export type AuthObject = {
+    user: BaseUser | null;
+    session: string | null;
+};
+export interface MiddlewareAuth extends AuthObject {
+    (): Promise<MiddlewareAuthObject>;
+    protect: () => Promise<void>;
+}
+type MiddlewareHandler = (auth: MiddlewareAuth, request: NextMiddlewareRequestParam, event: NextMiddlewareEvtParam) => NextMiddlewareReturn;
+export type MiddlewareAuthObject = AuthObject & {
+    redirectToSignIn: RedirectFun<Response>;
+    redirectToSignUp: RedirectFun<Response>;
+};
+/**
+ * Create a route matcher function for public paths
+ */
+export declare const createRouteMatcher: (patterns: string[]) => (request: NextRequest) => boolean;
+export interface MiddlewareOptions {
+    signInUrl?: string;
+    signUpUrl?: string;
+    debug?: boolean;
+}
+type MiddlewareOptionsCallback = (req: NextRequest) => MiddlewareOptions | Promise<MiddlewareOptions>;
+interface TernSecureMiddleware {
+    /**
+     * @example
+     * export default ternSecureMiddleware((auth, request, event) => { ... }, options);
+     */
+    (handler: MiddlewareHandler, options?: MiddlewareOptions): NextMiddleware;
+    /**
+     * @example
+     * export default ternSecureMiddleware((auth, request, event) => { ... }, (req) => options);
+     */
+    (handler: MiddlewareHandler, options?: MiddlewareOptionsCallback): NextMiddleware;
+    /**
+     * @example
+     * export default ternSecureMiddleware(options);
+     */
+    (options?: MiddlewareOptions): NextMiddleware;
+    /**
+     * @example
+     * export default ternSecureMiddleware;
+     */
+    (request: NextMiddlewareRequestParam, event: NextMiddlewareEvtParam): NextMiddlewareReturn;
+}
+export declare const ternSecureMiddleware: TernSecureMiddleware;
+export {};
+//# sourceMappingURL=ternSecureNodeMiddleware.d.ts.map

package/dist/types/server/node/ternSecureNodeMiddleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ternSecureNodeMiddleware.d.ts","sourceRoot":"","sources":["../../../../src/server/node/ternSecureNodeMiddleware.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,cAAc,EAAC,WAAW,EAAE,MAAM,aAAa,CAAC;AAY9D,OAAO,KAAK,EAAE,QAAQ,EACpB,sBAAsB,EACtB,0BAA0B,EAC1B,oBAAoB,EACrB,MAAM,UAAU,CAAC;AAElB,KAAK,gBAAgB,GAAG;IAAE,aAAa,CAAC,EAAE,MAAM,GAAG,GAAG,GAAG,IAAI,CAAA;CAAE,CAAC;AAChE,MAAM,MAAM,WAAW,CAAC,UAAU,IAAI,CAAC,MAAM,CAAC,EAAE,gBAAgB,KAAK,UAAU,CAAC;AAEhF,MAAM,MAAM,UAAU,GAAG;IACvB,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAC;IACtB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;CACxB,CAAC;AAEF,MAAM,WAAW,cAAe,SAAQ,UAAU;IAChD,IAAI,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAClC,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9B;AAED,KAAK,iBAAiB,GAAG,CACvB,IAAI,EAAE,cAAc,EACpB,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,sBAAsB,KAC1B,oBAAoB,CAAC;AAE1B,MAAM,MAAM,oBAAoB,GAAG,UAAU,GAAG;IAC9C,gBAAgB,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC;IACxC,gBAAgB,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC;CACzC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,kBAAkB,GAAI,UAAU,MAAM,EAAE,MAC3C,SAAS,WAAW,KAAG,OAUhC,CAAC;AA8BF,MAAM,WAAW,iBAAiB;IAChC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AACD,KAAK,yBAAyB,GAAG,CAC/B,GAAG,EAAE,WAAW,KACb,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAEpD,UAAU,oBAAoB;IAC5B;;;OAGG;IACH,CAAC,OAAO,EAAE,iBAAiB,EAAE,OAAO,CAAC,EAAE,iBAAiB,GAAG,cAAc,CAAC;IAE1E;;;OAGG;IACH,CACE,OAAO,EAAE,iBAAiB,EAC1B,OAAO,CAAC,EAAE,yBAAyB,GAClC,cAAc,CAAC;IAElB;;;OAGG;IACH,CAAC,OAAO,CAAC,EAAE,iBAAiB,GAAG,cAAc,CAAC;IAC9C;;;OAGG;IACH,CACE,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,sBAAsB,GAC5B,oBAAoB,CAAC;CACzB;AAED,eAAO,MAAM,oBAAoB,EAmF3B,oBAAoB,CAAC"}

package/dist/types/server/protect.d.ts

@@ -0,0 +1,26 @@
+import type { AuthObject, SignedInAuthObject } from "@tern-secure/backend";
+import type { CheckAuthorizationFromSessionClaims } from "@tern-secure/types";
+import type { RedirectFun } from "./redirect";
+type AuthProtectOptions = {
+    /**
+     * The URL to redirect the user to if they are not authorized.
+     */
+    unauthorizedUrl?: string;
+    /**
+     * The URL to redirect the user to if they are not authenticated.
+     */
+    unauthenticatedUrl?: string;
+};
+export interface AuthProtect {
+    (params?: (require: CheckAuthorizationFromSessionClaims) => boolean, options?: AuthProtectOptions): Promise<SignedInAuthObject>;
+    (options?: AuthProtectOptions): Promise<SignedInAuthObject>;
+}
+export declare function createProtect(opts: {
+    request: Request;
+    authObject: AuthObject;
+    notFound: () => never;
+    redirect: (url: string) => void;
+    redirectToSignIn: RedirectFun<unknown>;
+}): AuthProtect;
+export {};
+//# sourceMappingURL=protect.d.ts.map

package/dist/types/server/protect.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"protect.d.ts","sourceRoot":"","sources":["../../../src/server/protect.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAE3E,OAAO,KAAK,EAAE,mCAAmC,EAAE,MAAM,oBAAoB,CAAC;AAI9E,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAE9C,KAAK,kBAAkB,GAAG;IACxB;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B,CAAC;AAEF,MAAM,WAAW,WAAW;IAC1B,CACE,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,mCAAmC,KAAK,OAAO,EAClE,OAAO,CAAC,EAAE,kBAAkB,GAC3B,OAAO,CAAC,kBAAkB,CAAC,CAAC;IAC/B,CAAC,OAAO,CAAC,EAAE,kBAAkB,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;CAC7D;AAED,wBAAgB,aAAa,CAAC,IAAI,EAAE;IAClC,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,UAAU,CAAC;IACvB,QAAQ,EAAE,MAAM,KAAK,CAAC;IACtB,QAAQ,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAChC,gBAAgB,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACxC,GAAG,WAAW,CAkDd"}

package/dist/types/server/redirect.d.ts

@@ -0,0 +1,20 @@
+type RedirectAdapter<RedirectReturn> = (url: string) => RedirectReturn;
+type RedirectToParams = {
+    returnBackUrl?: string | URL | null;
+};
+export type RedirectFun<ReturnType> = (params?: RedirectToParams) => ReturnType;
+/**
+ * @internal
+ */
+type CreateRedirect = <ReturnType>(params: {
+    redirectAdapter: RedirectAdapter<ReturnType>;
+    baseUrl: URL | string;
+    signInUrl?: URL | string;
+    signUpUrl?: URL | string;
+}) => {
+    redirectToSignIn: RedirectFun<ReturnType>;
+    redirectToSignUp: RedirectFun<ReturnType>;
+};
+export declare const createRedirect: CreateRedirect;
+export {};
+//# sourceMappingURL=redirect.d.ts.map

package/dist/types/server/redirect.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"redirect.d.ts","sourceRoot":"","sources":["../../../src/server/redirect.ts"],"names":[],"mappings":"AA2CA,KAAK,eAAe,CAAC,cAAc,IAAI,CAAC,GAAG,EAAE,MAAM,KAAK,cAAc,CAAC;AACvE,KAAK,gBAAgB,GAAG;IAAE,aAAa,CAAC,EAAE,MAAM,GAAG,GAAG,GAAG,IAAI,CAAA;CAAE,CAAC;AAChE,MAAM,MAAM,WAAW,CAAC,UAAU,IAAI,CAAC,MAAM,CAAC,EAAE,gBAAgB,KAAK,UAAU,CAAC;AAEhF;;GAEG;AACH,KAAK,cAAc,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE;IACzC,eAAe,EAAE,eAAe,CAAC,UAAU,CAAC,CAAC;IAC7C,OAAO,EAAE,GAAG,GAAG,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC;IACzB,SAAS,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC;CAC1B,KAAK;IACJ,gBAAgB,EAAE,WAAW,CAAC,UAAU,CAAC,CAAC;IAC1C,gBAAgB,EAAE,WAAW,CAAC,UAAU,CAAC,CAAC;CAC3C,CAAC;AAGF,eAAO,MAAM,cAAc,EAAE,cAqC5B,CAAC"}

package/dist/types/server/routeMatcher.d.ts

@@ -0,0 +1,13 @@
+import { type WithPathPatternWildcard } from '@tern-secure/shared/pathMatcher';
+import type { Autocomplete } from '@tern-secure/types';
+import type Link from 'next/link';
+import type { NextRequest } from 'next/server';
+type NextTypedRoute<T = Parameters<typeof Link>['0']['href']> = T extends string ? T : never;
+type RouteMatcherWithNextTypedRoutes = Autocomplete<WithPathPatternWildcard<NextTypedRoute> | NextTypedRoute>;
+export type RouteMatcherParams = Array<RegExp | RouteMatcherWithNextTypedRoutes> | RouteMatcherWithNextTypedRoutes | RegExp | ((req: NextRequest) => boolean);
+/**
+ * Create a route matcher function for public paths
+ */
+export declare const createRouteMatcher: (routes: RouteMatcherParams) => (request: NextRequest) => boolean;
+export {};
+//# sourceMappingURL=routeMatcher.d.ts.map

package/dist/types/server/routeMatcher.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"routeMatcher.d.ts","sourceRoot":"","sources":["../../../src/server/routeMatcher.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,KAAK,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAClG,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE/C,KAAK,cAAc,CAAC,CAAC,GAAG,UAAU,CAAC,OAAO,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,MAAM,GAAG,CAAC,GAAG,KAAK,CAAC;AAC7F,KAAK,+BAA+B,GAAG,YAAY,CACjD,uBAAuB,CAAC,cAAc,CAAC,GAAG,cAAc,CACzD,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAC1B,KAAK,CAAC,MAAM,GAAG,+BAA+B,CAAC,GAC/C,+BAA+B,GAC/B,MAAM,GACN,CAAC,CAAC,GAAG,EAAE,WAAW,KAAK,OAAO,CAAC,CAAC;AACpC;;GAEG;AACH,eAAO,MAAM,kBAAkB,GAAI,QAAQ,kBAAkB,eAExC,WAAW,YAK/B,CAAC"}

package/dist/types/server/sdk-versions.d.ts

@@ -0,0 +1,8 @@
+declare const isNext13: boolean;
+/**
+ * Those versions are affected by a bundling issue that will break the application if `node:fs` is used inside a server function.
+ * The affected versions are >=next@13.5.4 and <=next@14.0.4
+ */
+declare const isNextWithUnstableServerActions: boolean;
+export { isNext13, isNextWithUnstableServerActions };
+//# sourceMappingURL=sdk-versions.d.ts.map

package/dist/types/server/sdk-versions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sdk-versions.d.ts","sourceRoot":"","sources":["../../../src/server/sdk-versions.ts"],"names":[],"mappings":"AAEA,QAAA,MAAM,QAAQ,SAAoC,CAAC;AAEnD;;;GAGG;AACH,QAAA,MAAM,+BAA+B,SAAiD,CAAC;AAEvF,OAAO,EAAE,QAAQ,EAAE,+BAA+B,EAAE,CAAC"}

package/dist/types/server/session-store.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"session-store.d.ts","sourceRoot":"","sources":["../../../src/server/session-store.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,SAAS,CAAA;AAEnC;;;GAGG;AACH,cAAM,YAAY;IAChB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAc;IACrC,OAAO,CAAC,QAAQ,CAAmB;IACnC,OAAO,CAAC,gBAAgB,CAAsB;IAE9C,OAAO;IAIP,MAAM,CAAC,WAAW,IAAI,YAAY;IAOlC,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI;IAMrC,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,IAAI;IAIvC,cAAc,IAAI,IAAI,GAAG,IAAI;IAK7B,UAAU,CAAC,SAAS,EAAE,MAAM;IAI5B,KAAK;IAIL,KAAK;;;;;CAON;AAGD,eAAO,MAAM,YAAY,cAA6B,CAAA;AAEtD;;;GAGG;AACH,eAAO,MAAM,eAAe,cAAqB,MAAM,KAAG,IAAI,GAAG,IAE/D,CAAA"}
+{"version":3,"file":"session-store.d.ts","sourceRoot":"","sources":["../../../src/server/session-store.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,SAAS,CAAA;AAEnC;;;GAGG;AACH,cAAM,YAAY;IAChB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAc;IACrC,OAAO,CAAC,QAAQ,CAAmB;IACnC,OAAO,CAAC,gBAAgB,CAAsB;IAE9C,OAAO;IAIP,MAAM,CAAC,WAAW,IAAI,YAAY;IAOlC,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI;IAMrC,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,IAAI;IAIvC,cAAc,IAAI,IAAI,GAAG,IAAI;IAK7B,UAAU,CAAC,SAAS,EAAE,MAAM;IAI5B,KAAK;IAIL,KAAK;;;;;CAON;AAGD,eAAO,MAAM,YAAY,cAA6B,CAAA;AAEtD;;;GAGG;AACH,eAAO,MAAM,eAAe,cAAqB,MAAM,KAAG,IAAI,GAAG,IAE/D,CAAA"}

package/dist/types/server/ternSecureEdgeMiddleware.d.ts

@@ -0,0 +1,47 @@
+import type { AuthObject, RequestOptions } from '@tern-secure/backend';
+import type { TernSecureConfig } from '@tern-secure/types';
+import type { NextMiddleware, NextRequest } from 'next/server';
+import { NextResponse } from 'next/server';
+import { type AuthProtect } from './protect';
+import { type RedirectFun } from './redirect';
+import type { NextMiddlewareEvtParam, NextMiddlewareRequestParam, NextMiddlewareReturn } from './types';
+export type MiddlewareAuthObject = AuthObject & {
+    redirectToSignIn: RedirectFun<Response>;
+    redirectToSignUp: RedirectFun<Response>;
+};
+export interface MiddlewareAuth {
+    (): Promise<MiddlewareAuthObject>;
+    protect: AuthProtect;
+}
+type MiddlewareHandler = (auth: MiddlewareAuth, request: NextMiddlewareRequestParam, event: NextMiddlewareEvtParam) => NextMiddlewareReturn;
+export interface MiddlewareOptions extends RequestOptions {
+    debug?: boolean;
+    firebaseOptions?: TernSecureConfig;
+}
+type MiddlewareOptionsCallback = (req: NextRequest) => MiddlewareOptions | Promise<MiddlewareOptions>;
+interface TernSecureMiddleware {
+    /**
+     * @example
+     * export default ternSecureMiddleware((auth, request, event) => { ... }, options);
+     */
+    (handler: MiddlewareHandler, options?: MiddlewareOptions): NextMiddleware;
+    /**
+     * @example
+     * export default ternSecureMiddleware((auth, request, event) => { ... }, (req) => options);
+     */
+    (handler: MiddlewareHandler, options?: MiddlewareOptionsCallback): NextMiddleware;
+    /**
+     * @example
+     * export default ternSecureMiddleware(options);
+     */
+    (options?: MiddlewareOptions): NextMiddleware;
+    /**
+     * @example
+     * export default ternSecureMiddleware;
+     */
+    (request: NextMiddlewareRequestParam, event: NextMiddlewareEvtParam): NextMiddlewareReturn;
+}
+export declare const ternSecureMiddleware: TernSecureMiddleware;
+export declare const redirectAdapter: (url: string | URL) => NextResponse<unknown>;
+export {};
+//# sourceMappingURL=ternSecureEdgeMiddleware.d.ts.map

package/dist/types/server/ternSecureEdgeMiddleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ternSecureEdgeMiddleware.d.ts","sourceRoot":"","sources":["../../../src/server/ternSecureEdgeMiddleware.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,UAAU,EACV,cAAc,EAEf,MAAM,sBAAsB,CAAC;AAO9B,OAAO,KAAK,EACV,gBAAgB,EACjB,MAAM,oBAAoB,CAAC;AAE5B,OAAO,KAAK,EAAE,cAAc,EAAC,WAAW,EAAE,MAAM,aAAa,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAe3C,OAAO,EAAE,KAAK,WAAW,EAAgB,MAAM,WAAW,CAAC;AAC3D,OAAO,EAAkB,KAAK,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9D,OAAO,KAAK,EACV,sBAAsB,EACtB,0BAA0B,EAC1B,oBAAoB,EACrB,MAAM,SAAS,CAAC;AAGjB,MAAM,MAAM,oBAAoB,GAAG,UAAU,GAAG;IAC9C,gBAAgB,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC;IACxC,gBAAgB,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC;CACzC,CAAC;AAEF,MAAM,WAAW,cAAc;IAC7B,IAAI,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAElC,OAAO,EAAE,WAAW,CAAC;CACtB;AAED,KAAK,iBAAiB,GAAG,CACvB,IAAI,EAAE,cAAc,EACpB,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,sBAAsB,KAC1B,oBAAoB,CAAC;AAE1B,MAAM,WAAW,iBAAkB,SAAQ,cAAc;IACvD,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,eAAe,CAAC,EAAE,gBAAgB,CAAC;CACpC;AACD,KAAK,yBAAyB,GAAG,CAC/B,GAAG,EAAE,WAAW,KACb,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAEpD,UAAU,oBAAoB;IAC5B;;;OAGG;IACH,CAAC,OAAO,EAAE,iBAAiB,EAAE,OAAO,CAAC,EAAE,iBAAiB,GAAG,cAAc,CAAC;IAE1E;;;OAGG;IACH,CAAC,OAAO,EAAE,iBAAiB,EAAE,OAAO,CAAC,EAAE,yBAAyB,GAAG,cAAc,CAAC;IAElF;;;OAGG;IACH,CAAC,OAAO,CAAC,EAAE,iBAAiB,GAAG,cAAc,CAAC;IAC9C;;;OAGG;IACH,CAAC,OAAO,EAAE,0BAA0B,EAAE,KAAK,EAAE,sBAAsB,GAAG,oBAAoB,CAAC;CAC5F;AAkBD,eAAO,MAAM,oBAAoB,EA0G3B,oBAAoB,CAAC;AA0E3B,eAAO,MAAM,eAAe,GAAI,KAAK,MAAM,GAAG,GAAG,0BAIhD,CAAC"}

package/dist/types/server/ternSecureFireMiddleware.d.ts

@@ -0,0 +1,47 @@
+import type { AuthObject, RequestOptions } from '@tern-secure/backend';
+import type { TernSecureConfig } from '@tern-secure/types';
+import type { NextMiddleware, NextRequest } from 'next/server';
+import { NextResponse } from 'next/server';
+import { type AuthProtect } from './protect';
+import { type RedirectFun } from './redirect';
+import type { NextMiddlewareEvtParam, NextMiddlewareRequestParam, NextMiddlewareReturn } from './types';
+export type MiddlewareAuthObject = AuthObject & {
+    redirectToSignIn: RedirectFun<Response>;
+    redirectToSignUp: RedirectFun<Response>;
+};
+export interface MiddlewareAuth {
+    (): Promise<MiddlewareAuthObject>;
+    protect: AuthProtect;
+}
+type MiddlewareHandler = (auth: MiddlewareAuth, request: NextMiddlewareRequestParam, event: NextMiddlewareEvtParam) => NextMiddlewareReturn;
+export interface MiddlewareOptions extends RequestOptions {
+    debug?: boolean;
+    firebaseOptions?: TernSecureConfig;
+}
+type MiddlewareOptionsCallback = (req: NextRequest) => MiddlewareOptions | Promise<MiddlewareOptions>;
+interface TernSecureMiddleware {
+    /**
+     * @example
+     * export default ternSecureMiddleware((auth, request, event) => { ... }, options);
+     */
+    (handler: MiddlewareHandler, options?: MiddlewareOptions): NextMiddleware;
+    /**
+     * @example
+     * export default ternSecureMiddleware((auth, request, event) => { ... }, (req) => options);
+     */
+    (handler: MiddlewareHandler, options?: MiddlewareOptionsCallback): NextMiddleware;
+    /**
+     * @example
+     * export default ternSecureMiddleware(options);
+     */
+    (options?: MiddlewareOptions): NextMiddleware;
+    /**
+     * @example
+     * export default ternSecureMiddleware;
+     */
+    (request: NextMiddlewareRequestParam, event: NextMiddlewareEvtParam): NextMiddlewareReturn;
+}
+export declare const ternSecureMiddleware: TernSecureMiddleware;
+export declare const redirectAdapter: (url: string | URL) => NextResponse<unknown>;
+export {};
+//# sourceMappingURL=ternSecureFireMiddleware.d.ts.map

package/dist/types/server/ternSecureFireMiddleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ternSecureFireMiddleware.d.ts","sourceRoot":"","sources":["../../../src/server/ternSecureFireMiddleware.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,UAAU,EACV,cAAc,EAEf,MAAM,sBAAsB,CAAC;AAM9B,OAAO,KAAK,EACV,gBAAgB,EACjB,MAAM,oBAAoB,CAAC;AAE5B,OAAO,KAAK,EAAE,cAAc,EAAC,WAAW,EAAE,MAAM,aAAa,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAc3C,OAAO,EAAE,KAAK,WAAW,EAAgB,MAAM,WAAW,CAAC;AAC3D,OAAO,EAAkB,KAAK,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9D,OAAO,KAAK,EACV,sBAAsB,EACtB,0BAA0B,EAC1B,oBAAoB,EACrB,MAAM,SAAS,CAAC;AAGjB,MAAM,MAAM,oBAAoB,GAAG,UAAU,GAAG;IAC9C,gBAAgB,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC;IACxC,gBAAgB,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC;CACzC,CAAC;AAEF,MAAM,WAAW,cAAc;IAC7B,IAAI,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAElC,OAAO,EAAE,WAAW,CAAC;CACtB;AAED,KAAK,iBAAiB,GAAG,CACvB,IAAI,EAAE,cAAc,EACpB,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,sBAAsB,KAC1B,oBAAoB,CAAC;AAE1B,MAAM,WAAW,iBAAkB,SAAQ,cAAc;IACvD,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,eAAe,CAAC,EAAE,gBAAgB,CAAC;CACpC;AACD,KAAK,yBAAyB,GAAG,CAC/B,GAAG,EAAE,WAAW,KACb,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAEpD,UAAU,oBAAoB;IAC5B;;;OAGG;IACH,CAAC,OAAO,EAAE,iBAAiB,EAAE,OAAO,CAAC,EAAE,iBAAiB,GAAG,cAAc,CAAC;IAE1E;;;OAGG;IACH,CAAC,OAAO,EAAE,iBAAiB,EAAE,OAAO,CAAC,EAAE,yBAAyB,GAAG,cAAc,CAAC;IAElF;;;OAGG;IACH,CAAC,OAAO,CAAC,EAAE,iBAAiB,GAAG,cAAc,CAAC;IAC9C;;;OAGG;IACH,CAAC,OAAO,EAAE,0BAA0B,EAAE,KAAK,EAAE,sBAAsB,GAAG,oBAAoB,CAAC;CAC5F;AAkBD,eAAO,MAAM,oBAAoB,EAkF3B,oBAAoB,CAAC;AAmE3B,eAAO,MAAM,eAAe,GAAI,KAAK,MAAM,GAAG,GAAG,0BAIhD,CAAC"}

package/dist/types/server/types.d.ts

@@ -1,3 +1,15 @@
+import type { TernSecureUser } from "@tern-secure/types";
+import type { IncomingMessage } from "http";
+import type { NextApiRequest } from "next";
+import type { NextApiRequestCookies } from "next/dist/server/api-utils";
+import type { NextMiddleware, NextRequest } from "next/server";
+type GsspRequest = IncomingMessage & {
+    cookies: NextApiRequestCookies;
+};
+export type RequestLike = NextRequest | NextApiRequest | GsspRequest;
+export type NextMiddlewareRequestParam = Parameters<NextMiddleware>["0"];
+export type NextMiddlewareReturn = ReturnType<NextMiddleware>;
+export type NextMiddlewareEvtParam = Parameters<NextMiddleware>["1"];
 export interface User {
     uid: string;
     email: string | null;
@@ -5,10 +17,11 @@ export interface User {
     authTime?: number;
     disabled?: boolean;
 }
-export interface UserInfo {
+export interface BaseUser {
     uid: string;
     email: string | null;
     emailVerified?: boolean;
+    tenantId: string | null;
     authTime?: number;
     disabled?: boolean;
 }
@@ -20,7 +33,8 @@ export interface SessionUser {
 }
 export interface SessionResult {
     isAuthenticated: boolean;
-    user: UserInfo | null;
+    user: BaseUser | null;
     error?: string;
 }
+export type { TernSecureUser };
 //# sourceMappingURL=types.d.ts.map

package/dist/types/server/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/server/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,IAAI;IACjB,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACrB;AAIC,MAAM,WAAW,QAAQ;IACvB,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACnB;AAED,MAAM,WAAW,WAAW;IAC1B,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,aAAa,EAAE,OAAO,CAAA;IACtB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACnB;AAED,MAAM,WAAW,aAAa;IAC5B,eAAe,EAAE,OAAO,CAAA;IACxB,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAA;IACrB,KAAK,CAAC,EAAE,MAAM,CAAA;CACf"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/server/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAA;AACxD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,MAAM,CAAC;AAC5C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,MAAM,CAAC;AAC3C,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACxE,OAAO,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAG/D,KAAK,WAAW,GAAG,eAAe,GAAG;IAAE,OAAO,EAAE,qBAAqB,CAAA;CAAE,CAAC;AAExE,MAAM,MAAM,WAAW,GAAG,WAAW,GAAG,cAAc,GAAG,WAAW,CAAC;AAErE,MAAM,MAAM,0BAA0B,GAAG,UAAU,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,CAAC;AACzE,MAAM,MAAM,oBAAoB,GAAG,UAAU,CAAC,cAAc,CAAC,CAAC;AAC9D,MAAM,MAAM,sBAAsB,GAAG,UAAU,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,CAAC;AAGrE,MAAM,WAAW,IAAI;IACjB,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACrB;AAED,MAAM,WAAW,QAAQ;IACvB,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACnB;AAED,MAAM,WAAW,WAAW;IAC1B,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,aAAa,EAAE,OAAO,CAAA;IACtB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACnB;AAED,MAAM,WAAW,aAAa;IAC5B,eAAe,EAAE,OAAO,CAAA;IACxB,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAA;IACrB,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED,YAAY,EAAE,cAAc,EAAE,CAAC"}

package/dist/types/server/utils.d.ts

@@ -1,3 +1,5 @@
+import type { RequestState, TernSecureRequest } from "@tern-secure/backend";
+import { NextRequest, NextResponse } from 'next/server';
 import type { User } from "./types";
 interface RequestContext {
     user: User;
@@ -18,5 +20,10 @@ export declare class Store {
     };
     static cleanup(): void;
 }
+export declare const setRequestHeadersOnNextResponse: (res: NextResponse | Response, req: Request, newHeaders: Record<string, string>) => void;
+export declare function decorateRequest(req: TernSecureRequest, res: Response, requestState: RequestState): Response;
+export declare const isPrerenderingBailout: (e: unknown) => boolean;
+export declare function buildRequestLike(): Promise<NextRequest>;
+export declare function getScriptNonceFromHeader(cspHeaderValue: string): string | undefined;
 export {};
 //# sourceMappingURL=utils.d.ts.map