npm - @tinyrack/tinyauth-server - Versions diffs - 0.0.7 - Mend

@tinyrack/tinyauth-server 0.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (782) hide show

package/LICENSE +661 -0
package/dist/emails/components/email-layout.d.ts +8 -0
package/dist/emails/components/email-layout.d.ts.map +1 -0
package/dist/emails/components/email-layout.js +6 -0
package/dist/emails/components/email-layout.js.map +1 -0
package/dist/emails/i18n/en.json +26 -0
package/dist/emails/i18n/index.d.ts +3 -0
package/dist/emails/i18n/index.d.ts.map +1 -0
package/dist/emails/i18n/index.js +12 -0
package/dist/emails/i18n/index.js.map +1 -0
package/dist/emails/i18n/ja.json +26 -0
package/dist/emails/i18n/ko.json +26 -0
package/dist/emails/render.d.ts +12 -0
package/dist/emails/render.d.ts.map +1 -0
package/dist/emails/render.js +22 -0
package/dist/emails/render.js.map +1 -0
package/dist/emails/templates/password-reset.d.ts +10 -0
package/dist/emails/templates/password-reset.d.ts.map +1 -0
package/dist/emails/templates/password-reset.js +10 -0
package/dist/emails/templates/password-reset.js.map +1 -0
package/dist/emails/templates/verification.d.ts +10 -0
package/dist/emails/templates/verification.d.ts.map +1 -0
package/dist/emails/templates/verification.js +10 -0
package/dist/emails/templates/verification.js.map +1 -0
package/dist/entities/base.entity.d.ts +23 -0
package/dist/entities/base.entity.d.ts.map +1 -0
package/dist/entities/base.entity.js +17 -0
package/dist/entities/base.entity.js.map +1 -0
package/dist/entities/email-verification.entity.d.ts +90 -0
package/dist/entities/email-verification.entity.d.ts.map +1 -0
package/dist/entities/email-verification.entity.js +42 -0
package/dist/entities/email-verification.entity.js.map +1 -0
package/dist/entities/jwt-key.entity.d.ts +256 -0
package/dist/entities/jwt-key.entity.d.ts.map +1 -0
package/dist/entities/jwt-key.entity.js +125 -0
package/dist/entities/jwt-key.entity.js.map +1 -0
package/dist/entities/oauth-client.entity.d.ts +1541 -0
package/dist/entities/oauth-client.entity.d.ts.map +1 -0
package/dist/entities/oauth-client.entity.js +68 -0
package/dist/entities/oauth-client.entity.js.map +1 -0
package/dist/entities/oauth-code.entity.d.ts +1562 -0
package/dist/entities/oauth-code.entity.d.ts.map +1 -0
package/dist/entities/oauth-code.entity.js +79 -0
package/dist/entities/oauth-code.entity.js.map +1 -0
package/dist/entities/password-reset.entity.d.ts +90 -0
package/dist/entities/password-reset.entity.d.ts.map +1 -0
package/dist/entities/password-reset.entity.js +39 -0
package/dist/entities/password-reset.entity.js.map +1 -0
package/dist/entities/pending-oauth-registration.entity.d.ts +116 -0
package/dist/entities/pending-oauth-registration.entity.d.ts.map +1 -0
package/dist/entities/pending-oauth-registration.entity.js +67 -0
package/dist/entities/pending-oauth-registration.entity.js.map +1 -0
package/dist/entities/revoked-token.entity.d.ts +1559 -0
package/dist/entities/revoked-token.entity.d.ts.map +1 -0
package/dist/entities/revoked-token.entity.js +68 -0
package/dist/entities/revoked-token.entity.js.map +1 -0
package/dist/entities/terms-content.entity.d.ts +804 -0
package/dist/entities/terms-content.entity.d.ts.map +1 -0
package/dist/entities/terms-content.entity.js +46 -0
package/dist/entities/terms-content.entity.js.map +1 -0
package/dist/entities/terms.entity.d.ts +797 -0
package/dist/entities/terms.entity.d.ts.map +1 -0
package/dist/entities/terms.entity.js +42 -0
package/dist/entities/terms.entity.js.map +1 -0
package/dist/entities/user-consent.entity.d.ts +1555 -0
package/dist/entities/user-consent.entity.d.ts.map +1 -0
package/dist/entities/user-consent.entity.js +66 -0
package/dist/entities/user-consent.entity.js.map +1 -0
package/dist/entities/user-oauth.entity.d.ts +75 -0
package/dist/entities/user-oauth.entity.d.ts.map +1 -0
package/dist/entities/user-oauth.entity.js +45 -0
package/dist/entities/user-oauth.entity.js.map +1 -0
package/dist/entities/user-passkey.entity.d.ts +145 -0
package/dist/entities/user-passkey.entity.d.ts.map +1 -0
package/dist/entities/user-passkey.entity.js +64 -0
package/dist/entities/user-passkey.entity.js.map +1 -0
package/dist/entities/user-terms-consent.entity.d.ts +804 -0
package/dist/entities/user-terms-consent.entity.d.ts.map +1 -0
package/dist/entities/user-terms-consent.entity.js +62 -0
package/dist/entities/user-terms-consent.entity.js.map +1 -0
package/dist/entities/user-totp-recovery-code.entity.d.ts +527 -0
package/dist/entities/user-totp-recovery-code.entity.d.ts.map +1 -0
package/dist/entities/user-totp-recovery-code.entity.js +34 -0
package/dist/entities/user-totp-recovery-code.entity.js.map +1 -0
package/dist/entities/user-totp.entity.d.ts +527 -0
package/dist/entities/user-totp.entity.d.ts.map +1 -0
package/dist/entities/user-totp.entity.js +38 -0
package/dist/entities/user-totp.entity.js.map +1 -0
package/dist/entities/user.entity.d.ts +533 -0
package/dist/entities/user.entity.d.ts.map +1 -0
package/dist/entities/user.entity.js +70 -0
package/dist/entities/user.entity.js.map +1 -0
package/dist/entrypoints/app.d.ts +1300 -0
package/dist/entrypoints/app.d.ts.map +1 -0
package/dist/entrypoints/app.js +64 -0
package/dist/entrypoints/app.js.map +1 -0
package/dist/entrypoints/config/index.d.ts +2 -0
package/dist/entrypoints/config/index.d.ts.map +1 -0
package/dist/entrypoints/config/index.js +2 -0
package/dist/entrypoints/config/index.js.map +1 -0
package/dist/entrypoints/database/d1/cli.d.ts +3 -0
package/dist/entrypoints/database/d1/cli.d.ts.map +1 -0
package/dist/entrypoints/database/d1/cli.js +12 -0
package/dist/entrypoints/database/d1/cli.js.map +1 -0
package/dist/entrypoints/database/d1/compiled-functions.d.ts +666 -0
package/dist/entrypoints/database/d1/compiled-functions.d.ts.map +1 -0
package/dist/entrypoints/database/d1/compiled-functions.js +8365 -0
package/dist/entrypoints/database/d1/compiled-functions.js.map +1 -0
package/dist/entrypoints/database/d1/d1.d.ts +5 -0
package/dist/entrypoints/database/d1/d1.d.ts.map +1 -0
package/dist/entrypoints/database/d1/d1.js +39 -0
package/dist/entrypoints/database/d1/d1.js.map +1 -0
package/dist/entrypoints/database/postgres/cli.d.ts +3 -0
package/dist/entrypoints/database/postgres/cli.d.ts.map +1 -0
package/dist/entrypoints/database/postgres/cli.js +9 -0
package/dist/entrypoints/database/postgres/cli.js.map +1 -0
package/dist/entrypoints/database/postgres/compiled-functions.d.ts +666 -0
package/dist/entrypoints/database/postgres/compiled-functions.d.ts.map +1 -0
package/dist/entrypoints/database/postgres/compiled-functions.js +8365 -0
package/dist/entrypoints/database/postgres/compiled-functions.js.map +1 -0
package/dist/entrypoints/database/postgres/postgres.d.ts +9 -0
package/dist/entrypoints/database/postgres/postgres.d.ts.map +1 -0
package/dist/entrypoints/database/postgres/postgres.js +34 -0
package/dist/entrypoints/database/postgres/postgres.js.map +1 -0
package/dist/entrypoints/database/sqlite/cli.d.ts +3 -0
package/dist/entrypoints/database/sqlite/cli.d.ts.map +1 -0
package/dist/entrypoints/database/sqlite/cli.js +6 -0
package/dist/entrypoints/database/sqlite/cli.js.map +1 -0
package/dist/entrypoints/database/sqlite/compiled-functions.d.ts +666 -0
package/dist/entrypoints/database/sqlite/compiled-functions.d.ts.map +1 -0
package/dist/entrypoints/database/sqlite/compiled-functions.js +8365 -0
package/dist/entrypoints/database/sqlite/compiled-functions.js.map +1 -0
package/dist/entrypoints/database/sqlite/sqlite.d.ts +6 -0
package/dist/entrypoints/database/sqlite/sqlite.d.ts.map +1 -0
package/dist/entrypoints/database/sqlite/sqlite.js +32 -0
package/dist/entrypoints/database/sqlite/sqlite.js.map +1 -0
package/dist/entrypoints/frontend/cloudflare.d.ts +2 -0
package/dist/entrypoints/frontend/cloudflare.d.ts.map +1 -0
package/dist/entrypoints/frontend/cloudflare.js +2 -0
package/dist/entrypoints/frontend/cloudflare.js.map +1 -0
package/dist/entrypoints/frontend/index.d.ts +6 -0
package/dist/entrypoints/frontend/index.d.ts.map +1 -0
package/dist/entrypoints/frontend/index.js +3 -0
package/dist/entrypoints/frontend/index.js.map +1 -0
package/dist/entrypoints/frontend/proxy.d.ts +2 -0
package/dist/entrypoints/frontend/proxy.d.ts.map +1 -0
package/dist/entrypoints/frontend/proxy.js +2 -0
package/dist/entrypoints/frontend/proxy.js.map +1 -0
package/dist/entrypoints/frontend/static.d.ts +2 -0
package/dist/entrypoints/frontend/static.d.ts.map +1 -0
package/dist/entrypoints/frontend/static.js +2 -0
package/dist/entrypoints/frontend/static.js.map +1 -0
package/dist/entrypoints/identity-providers/apple.d.ts +14 -0
package/dist/entrypoints/identity-providers/apple.d.ts.map +1 -0
package/dist/entrypoints/identity-providers/apple.js +23 -0
package/dist/entrypoints/identity-providers/apple.js.map +1 -0
package/dist/entrypoints/identity-providers/generic-oauth.d.ts +25 -0
package/dist/entrypoints/identity-providers/generic-oauth.d.ts.map +1 -0
package/dist/entrypoints/identity-providers/generic-oauth.js +20 -0
package/dist/entrypoints/identity-providers/generic-oauth.js.map +1 -0
package/dist/entrypoints/identity-providers/github.d.ts +13 -0
package/dist/entrypoints/identity-providers/github.d.ts.map +1 -0
package/dist/entrypoints/identity-providers/github.js +24 -0
package/dist/entrypoints/identity-providers/github.js.map +1 -0
package/dist/entrypoints/identity-providers/google.d.ts +13 -0
package/dist/entrypoints/identity-providers/google.d.ts.map +1 -0
package/dist/entrypoints/identity-providers/google.js +24 -0
package/dist/entrypoints/identity-providers/google.js.map +1 -0
package/dist/entrypoints/index.d.ts +3 -0
package/dist/entrypoints/index.d.ts.map +1 -0
package/dist/entrypoints/index.js +3 -0
package/dist/entrypoints/index.js.map +1 -0
package/dist/entrypoints/mail/nodemailer.d.ts +11 -0
package/dist/entrypoints/mail/nodemailer.d.ts.map +1 -0
package/dist/entrypoints/mail/nodemailer.js +30 -0
package/dist/entrypoints/mail/nodemailer.js.map +1 -0
package/dist/entrypoints/scheduler/croner.d.ts +6 -0
package/dist/entrypoints/scheduler/croner.d.ts.map +1 -0
package/dist/entrypoints/scheduler/croner.js +22 -0
package/dist/entrypoints/scheduler/croner.js.map +1 -0
package/dist/entrypoints/services.d.ts +3 -0
package/dist/entrypoints/services.d.ts.map +1 -0
package/dist/entrypoints/services.js +2 -0
package/dist/entrypoints/services.js.map +1 -0
package/dist/lib/app-env.d.ts +17 -0
package/dist/lib/app-env.d.ts.map +1 -0
package/dist/lib/app-env.js +2 -0
package/dist/lib/app-env.js.map +1 -0
package/dist/lib/base64url.d.ts +33 -0
package/dist/lib/base64url.d.ts.map +1 -0
package/dist/lib/base64url.js +93 -0
package/dist/lib/base64url.js.map +1 -0
package/dist/lib/config/account-deletion.d.ts +11 -0
package/dist/lib/config/account-deletion.d.ts.map +1 -0
package/dist/lib/config/account-deletion.js +16 -0
package/dist/lib/config/account-deletion.js.map +1 -0
package/dist/lib/config/auth.d.ts +109 -0
package/dist/lib/config/auth.d.ts.map +1 -0
package/dist/lib/config/auth.js +155 -0
package/dist/lib/config/auth.js.map +1 -0
package/dist/lib/config/branding.d.ts +134 -0
package/dist/lib/config/branding.d.ts.map +1 -0
package/dist/lib/config/branding.js +83 -0
package/dist/lib/config/branding.js.map +1 -0
package/dist/lib/config/cleanup.d.ts +59 -0
package/dist/lib/config/cleanup.d.ts.map +1 -0
package/dist/lib/config/cleanup.js +119 -0
package/dist/lib/config/cleanup.js.map +1 -0
package/dist/lib/config/client.d.ts +30 -0
package/dist/lib/config/client.d.ts.map +1 -0
package/dist/lib/config/client.js +43 -0
package/dist/lib/config/client.js.map +1 -0
package/dist/lib/config/database.d.ts +8 -0
package/dist/lib/config/database.d.ts.map +1 -0
package/dist/lib/config/database.js +8 -0
package/dist/lib/config/database.js.map +1 -0
package/dist/lib/config/email.d.ts +17 -0
package/dist/lib/config/email.d.ts.map +1 -0
package/dist/lib/config/email.js +7 -0
package/dist/lib/config/email.js.map +1 -0
package/dist/lib/config/frontend.d.ts +12 -0
package/dist/lib/config/frontend.d.ts.map +1 -0
package/dist/lib/config/frontend.js +7 -0
package/dist/lib/config/frontend.js.map +1 -0
package/dist/lib/config/i18n.d.ts +31 -0
package/dist/lib/config/i18n.d.ts.map +1 -0
package/dist/lib/config/i18n.js +23 -0
package/dist/lib/config/i18n.js.map +1 -0
package/dist/lib/config/identity-providers.d.ts +66 -0
package/dist/lib/config/identity-providers.d.ts.map +1 -0
package/dist/lib/config/identity-providers.js +71 -0
package/dist/lib/config/identity-providers.js.map +1 -0
package/dist/lib/config/index.d.ts +41 -0
package/dist/lib/config/index.d.ts.map +1 -0
package/dist/lib/config/index.js +21 -0
package/dist/lib/config/index.js.map +1 -0
package/dist/lib/config/logging.d.ts +52 -0
package/dist/lib/config/logging.d.ts.map +1 -0
package/dist/lib/config/logging.js +41 -0
package/dist/lib/config/logging.js.map +1 -0
package/dist/lib/config/openapi.d.ts +15 -0
package/dist/lib/config/openapi.d.ts.map +1 -0
package/dist/lib/config/openapi.js +28 -0
package/dist/lib/config/openapi.js.map +1 -0
package/dist/lib/config/registration.d.ts +15 -0
package/dist/lib/config/registration.d.ts.map +1 -0
package/dist/lib/config/registration.js +24 -0
package/dist/lib/config/registration.js.map +1 -0
package/dist/lib/config/resolved.d.ts +274 -0
package/dist/lib/config/resolved.d.ts.map +1 -0
package/dist/lib/config/resolved.js +45 -0
package/dist/lib/config/resolved.js.map +1 -0
package/dist/lib/config/scheduler.d.ts +13 -0
package/dist/lib/config/scheduler.d.ts.map +1 -0
package/dist/lib/config/scheduler.js +14 -0
package/dist/lib/config/scheduler.js.map +1 -0
package/dist/lib/config/security.d.ts +11 -0
package/dist/lib/config/security.d.ts.map +1 -0
package/dist/lib/config/security.js +42 -0
package/dist/lib/config/security.js.map +1 -0
package/dist/lib/config/server.d.ts +13 -0
package/dist/lib/config/server.d.ts.map +1 -0
package/dist/lib/config/server.js +45 -0
package/dist/lib/config/server.js.map +1 -0
package/dist/lib/config/terms.d.ts +47 -0
package/dist/lib/config/terms.d.ts.map +1 -0
package/dist/lib/config/terms.js +71 -0
package/dist/lib/config/terms.js.map +1 -0
package/dist/lib/config/tokens.d.ts +32 -0
package/dist/lib/config/tokens.d.ts.map +1 -0
package/dist/lib/config/tokens.js +47 -0
package/dist/lib/config/tokens.js.map +1 -0
package/dist/lib/config/user.d.ts +22 -0
package/dist/lib/config/user.d.ts.map +1 -0
package/dist/lib/config/user.js +18 -0
package/dist/lib/config/user.js.map +1 -0
package/dist/lib/crypto.d.ts +106 -0
package/dist/lib/crypto.d.ts.map +1 -0
package/dist/lib/crypto.js +253 -0
package/dist/lib/crypto.js.map +1 -0
package/dist/lib/database/compiled-functions.d.ts +16 -0
package/dist/lib/database/compiled-functions.d.ts.map +1 -0
package/dist/lib/database/compiled-functions.js +66 -0
package/dist/lib/database/compiled-functions.js.map +1 -0
package/dist/lib/database/entities.d.ts +10 -0
package/dist/lib/database/entities.d.ts.map +1 -0
package/dist/lib/database/entities.js +43 -0
package/dist/lib/database/entities.js.map +1 -0
package/dist/lib/duration.d.ts +44 -0
package/dist/lib/duration.d.ts.map +1 -0
package/dist/lib/duration.js +103 -0
package/dist/lib/duration.js.map +1 -0
package/dist/lib/email-pattern.d.ts +16 -0
package/dist/lib/email-pattern.d.ts.map +1 -0
package/dist/lib/email-pattern.js +41 -0
package/dist/lib/email-pattern.js.map +1 -0
package/dist/lib/frontend/cloudflare.d.ts +12 -0
package/dist/lib/frontend/cloudflare.d.ts.map +1 -0
package/dist/lib/frontend/cloudflare.js +34 -0
package/dist/lib/frontend/cloudflare.js.map +1 -0
package/dist/lib/frontend/proxy.d.ts +24 -0
package/dist/lib/frontend/proxy.d.ts.map +1 -0
package/dist/lib/frontend/proxy.js +38 -0
package/dist/lib/frontend/proxy.js.map +1 -0
package/dist/lib/frontend/static.d.ts +21 -0
package/dist/lib/frontend/static.d.ts.map +1 -0
package/dist/lib/frontend/static.js +108 -0
package/dist/lib/frontend/static.js.map +1 -0
package/dist/lib/interpolate-html.d.ts +34 -0
package/dist/lib/interpolate-html.d.ts.map +1 -0
package/dist/lib/interpolate-html.js +63 -0
package/dist/lib/interpolate-html.js.map +1 -0
package/dist/lib/ip-utils.d.ts +61 -0
package/dist/lib/ip-utils.d.ts.map +1 -0
package/dist/lib/ip-utils.js +213 -0
package/dist/lib/ip-utils.js.map +1 -0
package/dist/lib/locale.d.ts +57 -0
package/dist/lib/locale.d.ts.map +1 -0
package/dist/lib/locale.js +25 -0
package/dist/lib/locale.js.map +1 -0
package/dist/lib/logger.d.ts +14 -0
package/dist/lib/logger.d.ts.map +1 -0
package/dist/lib/logger.js +41 -0
package/dist/lib/logger.js.map +1 -0
package/dist/lib/openapi.d.ts +35 -0
package/dist/lib/openapi.d.ts.map +1 -0
package/dist/lib/openapi.js +33 -0
package/dist/lib/openapi.js.map +1 -0
package/dist/lib/password-policy.d.ts +39 -0
package/dist/lib/password-policy.d.ts.map +1 -0
package/dist/lib/password-policy.js +51 -0
package/dist/lib/password-policy.js.map +1 -0
package/dist/lib/pkce.d.ts +26 -0
package/dist/lib/pkce.d.ts.map +1 -0
package/dist/lib/pkce.js +52 -0
package/dist/lib/pkce.js.map +1 -0
package/dist/lib/scopes.d.ts +10 -0
package/dist/lib/scopes.d.ts.map +1 -0
package/dist/lib/scopes.js +35 -0
package/dist/lib/scopes.js.map +1 -0
package/dist/lib/swagger-tags.d.ts +15 -0
package/dist/lib/swagger-tags.d.ts.map +1 -0
package/dist/lib/swagger-tags.js +15 -0
package/dist/lib/swagger-tags.js.map +1 -0
package/dist/middleware/auth.d.ts +64 -0
package/dist/middleware/auth.d.ts.map +1 -0
package/dist/middleware/auth.js +123 -0
package/dist/middleware/auth.js.map +1 -0
package/dist/middleware/logger.d.ts +18 -0
package/dist/middleware/logger.d.ts.map +1 -0
package/dist/middleware/logger.js +38 -0
package/dist/middleware/logger.js.map +1 -0
package/dist/middleware/mikro-orm.d.ts +3 -0
package/dist/middleware/mikro-orm.d.ts.map +1 -0
package/dist/middleware/mikro-orm.js +11 -0
package/dist/middleware/mikro-orm.js.map +1 -0
package/dist/middleware/services.d.ts +8 -0
package/dist/middleware/services.d.ts.map +1 -0
package/dist/middleware/services.js +8 -0
package/dist/middleware/services.js.map +1 -0
package/dist/middleware/session.d.ts +63 -0
package/dist/middleware/session.d.ts.map +1 -0
package/dist/middleware/session.js +89 -0
package/dist/middleware/session.js.map +1 -0
package/dist/middleware/trusted-proxy-guard.d.ts +7 -0
package/dist/middleware/trusted-proxy-guard.d.ts.map +1 -0
package/dist/middleware/trusted-proxy-guard.js +34 -0
package/dist/middleware/trusted-proxy-guard.js.map +1 -0
package/dist/repositories/email-verification.repository.d.ts +18 -0
package/dist/repositories/email-verification.repository.d.ts.map +1 -0
package/dist/repositories/email-verification.repository.js +47 -0
package/dist/repositories/email-verification.repository.js.map +1 -0
package/dist/repositories/jwt-key.repository.d.ts +49 -0
package/dist/repositories/jwt-key.repository.d.ts.map +1 -0
package/dist/repositories/jwt-key.repository.js +72 -0
package/dist/repositories/jwt-key.repository.js.map +1 -0
package/dist/repositories/oauth-client.repository.d.ts +5 -0
package/dist/repositories/oauth-client.repository.d.ts.map +1 -0
package/dist/repositories/oauth-client.repository.js +4 -0
package/dist/repositories/oauth-client.repository.js.map +1 -0
package/dist/repositories/oauth-code.repository.d.ts +19 -0
package/dist/repositories/oauth-code.repository.d.ts.map +1 -0
package/dist/repositories/oauth-code.repository.js +32 -0
package/dist/repositories/oauth-code.repository.js.map +1 -0
package/dist/repositories/password-reset.repository.d.ts +19 -0
package/dist/repositories/password-reset.repository.d.ts.map +1 -0
package/dist/repositories/password-reset.repository.js +53 -0
package/dist/repositories/password-reset.repository.js.map +1 -0
package/dist/repositories/pending-oauth-registration.repository.d.ts +38 -0
package/dist/repositories/pending-oauth-registration.repository.d.ts.map +1 -0
package/dist/repositories/pending-oauth-registration.repository.js +50 -0
package/dist/repositories/pending-oauth-registration.repository.js.map +1 -0
package/dist/repositories/revoked-token.repository.d.ts +32 -0
package/dist/repositories/revoked-token.repository.d.ts.map +1 -0
package/dist/repositories/revoked-token.repository.js +43 -0
package/dist/repositories/revoked-token.repository.js.map +1 -0
package/dist/repositories/terms-content.repository.d.ts +5 -0
package/dist/repositories/terms-content.repository.d.ts.map +1 -0
package/dist/repositories/terms-content.repository.js +4 -0
package/dist/repositories/terms-content.repository.js.map +1 -0
package/dist/repositories/terms.repository.d.ts +9 -0
package/dist/repositories/terms.repository.d.ts.map +1 -0
package/dist/repositories/terms.repository.js +12 -0
package/dist/repositories/terms.repository.js.map +1 -0
package/dist/repositories/user-consent.repository.d.ts +22 -0
package/dist/repositories/user-consent.repository.d.ts.map +1 -0
package/dist/repositories/user-consent.repository.js +51 -0
package/dist/repositories/user-consent.repository.js.map +1 -0
package/dist/repositories/user-oauth.repository.d.ts +68 -0
package/dist/repositories/user-oauth.repository.d.ts.map +1 -0
package/dist/repositories/user-oauth.repository.js +94 -0
package/dist/repositories/user-oauth.repository.js.map +1 -0
package/dist/repositories/user-passkey.repository.d.ts +187 -0
package/dist/repositories/user-passkey.repository.d.ts.map +1 -0
package/dist/repositories/user-passkey.repository.js +61 -0
package/dist/repositories/user-passkey.repository.js.map +1 -0
package/dist/repositories/user-terms-consent.repository.d.ts +38 -0
package/dist/repositories/user-terms-consent.repository.d.ts.map +1 -0
package/dist/repositories/user-terms-consent.repository.js +71 -0
package/dist/repositories/user-terms-consent.repository.js.map +1 -0
package/dist/repositories/user-totp-recovery-code.repository.d.ts +376 -0
package/dist/repositories/user-totp-recovery-code.repository.d.ts.map +1 -0
package/dist/repositories/user-totp-recovery-code.repository.js +41 -0
package/dist/repositories/user-totp-recovery-code.repository.js.map +1 -0
package/dist/repositories/user-totp.repository.d.ts +564 -0
package/dist/repositories/user-totp.repository.d.ts.map +1 -0
package/dist/repositories/user-totp.repository.js +56 -0
package/dist/repositories/user-totp.repository.js.map +1 -0
package/dist/repositories/user.repository.d.ts +32 -0
package/dist/repositories/user.repository.d.ts.map +1 -0
package/dist/repositories/user.repository.js +70 -0
package/dist/repositories/user.repository.js.map +1 -0
package/dist/routes/.well-known/index.d.ts +12 -0
package/dist/routes/.well-known/index.d.ts.map +1 -0
package/dist/routes/.well-known/index.js +4 -0
package/dist/routes/.well-known/index.js.map +1 -0
package/dist/routes/.well-known/openid-configuration/get.d.ts +19 -0
package/dist/routes/.well-known/openid-configuration/get.d.ts.map +1 -0
package/dist/routes/.well-known/openid-configuration/get.js +12 -0
package/dist/routes/.well-known/openid-configuration/get.js.map +1 -0
package/dist/routes/api/auth/email/resend/post.d.ts +22 -0
package/dist/routes/api/auth/email/resend/post.d.ts.map +1 -0
package/dist/routes/api/auth/email/resend/post.js +64 -0
package/dist/routes/api/auth/email/resend/post.js.map +1 -0
package/dist/routes/api/auth/email/verify/post.d.ts +29 -0
package/dist/routes/api/auth/email/verify/post.d.ts.map +1 -0
package/dist/routes/api/auth/email/verify/post.js +55 -0
package/dist/routes/api/auth/email/verify/post.js.map +1 -0
package/dist/routes/api/auth/index.d.ts +275 -0
package/dist/routes/api/auth/index.d.ts.map +1 -0
package/dist/routes/api/auth/index.js +25 -0
package/dist/routes/api/auth/index.js.map +1 -0
package/dist/routes/api/auth/login/post.d.ts +30 -0
package/dist/routes/api/auth/login/post.d.ts.map +1 -0
package/dist/routes/api/auth/login/post.js +76 -0
package/dist/routes/api/auth/login/post.js.map +1 -0
package/dist/routes/api/auth/logout/post.d.ts +14 -0
package/dist/routes/api/auth/logout/post.d.ts.map +1 -0
package/dist/routes/api/auth/logout/post.js +21 -0
package/dist/routes/api/auth/logout/post.js.map +1 -0
package/dist/routes/api/auth/passkey/options/post.d.ts +31 -0
package/dist/routes/api/auth/passkey/options/post.d.ts.map +1 -0
package/dist/routes/api/auth/passkey/options/post.js +43 -0
package/dist/routes/api/auth/passkey/options/post.js.map +1 -0
package/dist/routes/api/auth/passkey/verify/post.d.ts +41 -0
package/dist/routes/api/auth/passkey/verify/post.d.ts.map +1 -0
package/dist/routes/api/auth/passkey/verify/post.js +75 -0
package/dist/routes/api/auth/passkey/verify/post.js.map +1 -0
package/dist/routes/api/auth/password/forgot/post.d.ts +22 -0
package/dist/routes/api/auth/password/forgot/post.d.ts.map +1 -0
package/dist/routes/api/auth/password/forgot/post.js +72 -0
package/dist/routes/api/auth/password/forgot/post.js.map +1 -0
package/dist/routes/api/auth/password/reset/post.d.ts +19 -0
package/dist/routes/api/auth/password/reset/post.d.ts.map +1 -0
package/dist/routes/api/auth/password/reset/post.js +62 -0
package/dist/routes/api/auth/password/reset/post.js.map +1 -0
package/dist/routes/api/auth/register/post.d.ts +39 -0
package/dist/routes/api/auth/register/post.d.ts.map +1 -0
package/dist/routes/api/auth/register/post.js +95 -0
package/dist/routes/api/auth/register/post.js.map +1 -0
package/dist/routes/api/auth/totp/recovery/verify/post.d.ts +36 -0
package/dist/routes/api/auth/totp/recovery/verify/post.d.ts.map +1 -0
package/dist/routes/api/auth/totp/recovery/verify/post.js +68 -0
package/dist/routes/api/auth/totp/recovery/verify/post.js.map +1 -0
package/dist/routes/api/auth/totp/verify/post.d.ts +29 -0
package/dist/routes/api/auth/totp/verify/post.d.ts.map +1 -0
package/dist/routes/api/auth/totp/verify/post.js +59 -0
package/dist/routes/api/auth/totp/verify/post.js.map +1 -0
package/dist/routes/api/config/get.d.ts +76 -0
package/dist/routes/api/config/get.d.ts.map +1 -0
package/dist/routes/api/config/get.js +70 -0
package/dist/routes/api/config/get.js.map +1 -0
package/dist/routes/api/config/index.d.ts +76 -0
package/dist/routes/api/config/index.d.ts.map +1 -0
package/dist/routes/api/config/index.js +4 -0
package/dist/routes/api/config/index.js.map +1 -0
package/dist/routes/api/consent/get.d.ts +37 -0
package/dist/routes/api/consent/get.d.ts.map +1 -0
package/dist/routes/api/consent/get.js +73 -0
package/dist/routes/api/consent/get.js.map +1 -0
package/dist/routes/api/consent/index.d.ts +54 -0
package/dist/routes/api/consent/index.d.ts.map +1 -0
package/dist/routes/api/consent/index.js +7 -0
package/dist/routes/api/consent/index.js.map +1 -0
package/dist/routes/api/consent/post.d.ts +33 -0
package/dist/routes/api/consent/post.d.ts.map +1 -0
package/dist/routes/api/consent/post.js +105 -0
package/dist/routes/api/consent/post.js.map +1 -0
package/dist/routes/api/docs/get.d.ts +17 -0
package/dist/routes/api/docs/get.d.ts.map +1 -0
package/dist/routes/api/docs/get.js +19 -0
package/dist/routes/api/docs/get.js.map +1 -0
package/dist/routes/api/docs/index.d.ts +12 -0
package/dist/routes/api/docs/index.d.ts.map +1 -0
package/dist/routes/api/docs/index.js +4 -0
package/dist/routes/api/docs/index.js.map +1 -0
package/dist/routes/api/health/get.d.ts +36 -0
package/dist/routes/api/health/get.d.ts.map +1 -0
package/dist/routes/api/health/get.js +64 -0
package/dist/routes/api/health/get.js.map +1 -0
package/dist/routes/api/health/index.d.ts +66 -0
package/dist/routes/api/health/index.d.ts.map +1 -0
package/dist/routes/api/health/index.js +9 -0
package/dist/routes/api/health/index.js.map +1 -0
package/dist/routes/api/health/live/get.d.ts +20 -0
package/dist/routes/api/health/live/get.d.ts.map +1 -0
package/dist/routes/api/health/live/get.js +28 -0
package/dist/routes/api/health/live/get.js.map +1 -0
package/dist/routes/api/health/ready/get.d.ts +35 -0
package/dist/routes/api/health/ready/get.d.ts.map +1 -0
package/dist/routes/api/health/ready/get.js +60 -0
package/dist/routes/api/health/ready/get.js.map +1 -0
package/dist/routes/api/index.d.ts +927 -0
package/dist/routes/api/index.d.ts.map +1 -0
package/dist/routes/api/index.js +19 -0
package/dist/routes/api/index.js.map +1 -0
package/dist/routes/api/oauth/_provider/authorize/get.d.ts +21 -0
package/dist/routes/api/oauth/_provider/authorize/get.d.ts.map +1 -0
package/dist/routes/api/oauth/_provider/authorize/get.js +60 -0
package/dist/routes/api/oauth/_provider/authorize/get.js.map +1 -0
package/dist/routes/api/oauth/_provider/callback/get.d.ts +23 -0
package/dist/routes/api/oauth/_provider/callback/get.d.ts.map +1 -0
package/dist/routes/api/oauth/_provider/callback/get.js +137 -0
package/dist/routes/api/oauth/_provider/callback/get.js.map +1 -0
package/dist/routes/api/oauth/_provider/callback/post.d.ts +23 -0
package/dist/routes/api/oauth/_provider/callback/post.d.ts.map +1 -0
package/dist/routes/api/oauth/_provider/callback/post.js +140 -0
package/dist/routes/api/oauth/_provider/callback/post.js.map +1 -0
package/dist/routes/api/oauth/_provider/delete.d.ts +18 -0
package/dist/routes/api/oauth/_provider/delete.d.ts.map +1 -0
package/dist/routes/api/oauth/_provider/delete.js +62 -0
package/dist/routes/api/oauth/_provider/delete.js.map +1 -0
package/dist/routes/api/oauth/index.d.ts +76 -0
package/dist/routes/api/oauth/index.d.ts.map +1 -0
package/dist/routes/api/oauth/index.js +11 -0
package/dist/routes/api/oauth/index.js.map +1 -0
package/dist/routes/api/terms/consent/post.d.ts +29 -0
package/dist/routes/api/terms/consent/post.d.ts.map +1 -0
package/dist/routes/api/terms/consent/post.js +111 -0
package/dist/routes/api/terms/consent/post.js.map +1 -0
package/dist/routes/api/terms/get.d.ts +40 -0
package/dist/routes/api/terms/get.d.ts.map +1 -0
package/dist/routes/api/terms/get.js +53 -0
package/dist/routes/api/terms/get.js.map +1 -0
package/dist/routes/api/terms/index.d.ts +55 -0
package/dist/routes/api/terms/index.d.ts.map +1 -0
package/dist/routes/api/terms/index.js +7 -0
package/dist/routes/api/terms/index.js.map +1 -0
package/dist/routes/api/user/delete.d.ts +21 -0
package/dist/routes/api/user/delete.d.ts.map +1 -0
package/dist/routes/api/user/delete.js +89 -0
package/dist/routes/api/user/delete.js.map +1 -0
package/dist/routes/api/user/index.d.ts +334 -0
package/dist/routes/api/user/index.d.ts.map +1 -0
package/dist/routes/api/user/index.js +35 -0
package/dist/routes/api/user/index.js.map +1 -0
package/dist/routes/api/user/oauth-accounts/get.d.ts +23 -0
package/dist/routes/api/user/oauth-accounts/get.d.ts.map +1 -0
package/dist/routes/api/user/oauth-accounts/get.js +58 -0
package/dist/routes/api/user/oauth-accounts/get.js.map +1 -0
package/dist/routes/api/user/passkeys/_id/delete.d.ts +18 -0
package/dist/routes/api/user/passkeys/_id/delete.d.ts.map +1 -0
package/dist/routes/api/user/passkeys/_id/delete.js +87 -0
package/dist/routes/api/user/passkeys/_id/delete.js.map +1 -0
package/dist/routes/api/user/passkeys/_id/patch.d.ts +22 -0
package/dist/routes/api/user/passkeys/_id/patch.d.ts.map +1 -0
package/dist/routes/api/user/passkeys/_id/patch.js +64 -0
package/dist/routes/api/user/passkeys/_id/patch.js.map +1 -0
package/dist/routes/api/user/passkeys/get.d.ts +21 -0
package/dist/routes/api/user/passkeys/get.d.ts.map +1 -0
package/dist/routes/api/user/passkeys/get.js +52 -0
package/dist/routes/api/user/passkeys/get.js.map +1 -0
package/dist/routes/api/user/passkeys/register/options/post.d.ts +55 -0
package/dist/routes/api/user/passkeys/register/options/post.d.ts.map +1 -0
package/dist/routes/api/user/passkeys/register/options/post.js +74 -0
package/dist/routes/api/user/passkeys/register/options/post.js.map +1 -0
package/dist/routes/api/user/passkeys/register/verify/post.d.ts +50 -0
package/dist/routes/api/user/passkeys/register/verify/post.d.ts.map +1 -0
package/dist/routes/api/user/passkeys/register/verify/post.js +95 -0
package/dist/routes/api/user/passkeys/register/verify/post.js.map +1 -0
package/dist/routes/api/user/password/delete.d.ts +23 -0
package/dist/routes/api/user/password/delete.d.ts.map +1 -0
package/dist/routes/api/user/password/delete.js +78 -0
package/dist/routes/api/user/password/delete.js.map +1 -0
package/dist/routes/api/user/password/post.d.ts +23 -0
package/dist/routes/api/user/password/post.d.ts.map +1 -0
package/dist/routes/api/user/password/post.js +81 -0
package/dist/routes/api/user/password/post.js.map +1 -0
package/dist/routes/api/user/password/put.d.ts +24 -0
package/dist/routes/api/user/password/put.d.ts.map +1 -0
package/dist/routes/api/user/password/put.js +74 -0
package/dist/routes/api/user/password/put.js.map +1 -0
package/dist/routes/api/user/session/get.d.ts +32 -0
package/dist/routes/api/user/session/get.d.ts.map +1 -0
package/dist/routes/api/user/session/get.js +36 -0
package/dist/routes/api/user/session/get.js.map +1 -0
package/dist/routes/api/user/totp/confirm/post.d.ts +32 -0
package/dist/routes/api/user/totp/confirm/post.d.ts.map +1 -0
package/dist/routes/api/user/totp/confirm/post.js +73 -0
package/dist/routes/api/user/totp/confirm/post.js.map +1 -0
package/dist/routes/api/user/totp/delete.d.ts +23 -0
package/dist/routes/api/user/totp/delete.d.ts.map +1 -0
package/dist/routes/api/user/totp/delete.js +74 -0
package/dist/routes/api/user/totp/delete.js.map +1 -0
package/dist/routes/api/user/totp/recovery/regenerate/post.d.ts +18 -0
package/dist/routes/api/user/totp/recovery/regenerate/post.d.ts.map +1 -0
package/dist/routes/api/user/totp/recovery/regenerate/post.js +54 -0
package/dist/routes/api/user/totp/recovery/regenerate/post.js.map +1 -0
package/dist/routes/api/user/totp/setup/post.d.ts +22 -0
package/dist/routes/api/user/totp/setup/post.d.ts.map +1 -0
package/dist/routes/api/user/totp/setup/post.js +82 -0
package/dist/routes/api/user/totp/setup/post.js.map +1 -0
package/dist/routes/api/user/totp/verify/post.d.ts +23 -0
package/dist/routes/api/user/totp/verify/post.d.ts.map +1 -0
package/dist/routes/api/user/totp/verify/post.js +71 -0
package/dist/routes/api/user/totp/verify/post.js.map +1 -0
package/dist/routes/index.d.ts +1115 -0
package/dist/routes/index.d.ts.map +1 -0
package/dist/routes/index.js +9 -0
package/dist/routes/index.js.map +1 -0
package/dist/routes/oauth/.well-known/jwks/get.d.ts +24 -0
package/dist/routes/oauth/.well-known/jwks/get.d.ts.map +1 -0
package/dist/routes/oauth/.well-known/jwks/get.js +41 -0
package/dist/routes/oauth/.well-known/jwks/get.js.map +1 -0
package/dist/routes/oauth/.well-known/openid-configuration/get.d.ts +29 -0
package/dist/routes/oauth/.well-known/openid-configuration/get.d.ts.map +1 -0
package/dist/routes/oauth/.well-known/openid-configuration/get.js +119 -0
package/dist/routes/oauth/.well-known/openid-configuration/get.js.map +1 -0
package/dist/routes/oauth/authorize/get.d.ts +48 -0
package/dist/routes/oauth/authorize/get.d.ts.map +1 -0
package/dist/routes/oauth/authorize/get.js +102 -0
package/dist/routes/oauth/authorize/get.js.map +1 -0
package/dist/routes/oauth/index.d.ts +182 -0
package/dist/routes/oauth/index.d.ts.map +1 -0
package/dist/routes/oauth/index.js +17 -0
package/dist/routes/oauth/index.js.map +1 -0
package/dist/routes/oauth/introspect/post.d.ts +28 -0
package/dist/routes/oauth/introspect/post.d.ts.map +1 -0
package/dist/routes/oauth/introspect/post.js +69 -0
package/dist/routes/oauth/introspect/post.js.map +1 -0
package/dist/routes/oauth/revoke/post.d.ts +22 -0
package/dist/routes/oauth/revoke/post.d.ts.map +1 -0
package/dist/routes/oauth/revoke/post.js +73 -0
package/dist/routes/oauth/revoke/post.js.map +1 -0
package/dist/routes/oauth/token/post.d.ts +29 -0
package/dist/routes/oauth/token/post.d.ts.map +1 -0
package/dist/routes/oauth/token/post.js +98 -0
package/dist/routes/oauth/token/post.js.map +1 -0
package/dist/routes/oauth/userinfo/get.d.ts +23 -0
package/dist/routes/oauth/userinfo/get.d.ts.map +1 -0
package/dist/routes/oauth/userinfo/get.js +65 -0
package/dist/routes/oauth/userinfo/get.js.map +1 -0
package/dist/schemas/error.d.ts +2104 -0
package/dist/schemas/error.d.ts.map +1 -0
package/dist/schemas/error.js +164 -0
package/dist/schemas/error.js.map +1 -0
package/dist/schemas/field.d.ts +97 -0
package/dist/schemas/field.d.ts.map +1 -0
package/dist/schemas/field.js +168 -0
package/dist/schemas/field.js.map +1 -0
package/dist/schemas/header.d.ts +7 -0
package/dist/schemas/header.d.ts.map +1 -0
package/dist/schemas/header.js +11 -0
package/dist/schemas/header.js.map +1 -0
package/dist/schemas/oauth.d.ts +26 -0
package/dist/schemas/oauth.d.ts.map +1 -0
package/dist/schemas/oauth.js +51 -0
package/dist/schemas/oauth.js.map +1 -0
package/dist/schemas/provider.d.ts +7 -0
package/dist/schemas/provider.d.ts.map +1 -0
package/dist/schemas/provider.js +31 -0
package/dist/schemas/provider.js.map +1 -0
package/dist/schemas/response.d.ts +645 -0
package/dist/schemas/response.d.ts.map +1 -0
package/dist/schemas/response.js +598 -0
package/dist/schemas/response.js.map +1 -0
package/dist/schemas/terms.d.ts +93 -0
package/dist/schemas/terms.d.ts.map +1 -0
package/dist/schemas/terms.js +109 -0
package/dist/schemas/terms.js.map +1 -0
package/dist/seeders/config.seeder.d.ts +21 -0
package/dist/seeders/config.seeder.d.ts.map +1 -0
package/dist/seeders/config.seeder.js +168 -0
package/dist/seeders/config.seeder.js.map +1 -0
package/dist/services/cleanup.service.d.ts +166 -0
package/dist/services/cleanup.service.d.ts.map +1 -0
package/dist/services/cleanup.service.js +605 -0
package/dist/services/cleanup.service.js.map +1 -0
package/dist/services/container.d.ts +201 -0
package/dist/services/container.d.ts.map +1 -0
package/dist/services/container.js +75 -0
package/dist/services/container.js.map +1 -0
package/dist/services/email.service.d.ts +69 -0
package/dist/services/email.service.d.ts.map +1 -0
package/dist/services/email.service.js +164 -0
package/dist/services/email.service.js.map +1 -0
package/dist/services/jwt.service.d.ts +321 -0
package/dist/services/jwt.service.d.ts.map +1 -0
package/dist/services/jwt.service.js +524 -0
package/dist/services/jwt.service.js.map +1 -0
package/dist/services/mikro.service.d.ts +43 -0
package/dist/services/mikro.service.d.ts.map +1 -0
package/dist/services/mikro.service.js +68 -0
package/dist/services/mikro.service.js.map +1 -0
package/dist/services/oauth-authorize.service.d.ts +91 -0
package/dist/services/oauth-authorize.service.d.ts.map +1 -0
package/dist/services/oauth-authorize.service.js +237 -0
package/dist/services/oauth-authorize.service.js.map +1 -0
package/dist/services/oauth-client.service.d.ts +38 -0
package/dist/services/oauth-client.service.d.ts.map +1 -0
package/dist/services/oauth-client.service.js +80 -0
package/dist/services/oauth-client.service.js.map +1 -0
package/dist/services/oauth-connect.service.d.ts +182 -0
package/dist/services/oauth-connect.service.d.ts.map +1 -0
package/dist/services/oauth-connect.service.js +592 -0
package/dist/services/oauth-connect.service.js.map +1 -0
package/dist/services/oauth-token.service.d.ts +162 -0
package/dist/services/oauth-token.service.d.ts.map +1 -0
package/dist/services/oauth-token.service.js +374 -0
package/dist/services/oauth-token.service.js.map +1 -0
package/dist/services/passkey.service.d.ts +73 -0
package/dist/services/passkey.service.d.ts.map +1 -0
package/dist/services/passkey.service.js +199 -0
package/dist/services/passkey.service.js.map +1 -0
package/dist/services/password-auth.service.d.ts +24 -0
package/dist/services/password-auth.service.d.ts.map +1 -0
package/dist/services/password-auth.service.js +87 -0
package/dist/services/password-auth.service.js.map +1 -0
package/dist/services/password-reset.service.d.ts +31 -0
package/dist/services/password-reset.service.d.ts.map +1 -0
package/dist/services/password-reset.service.js +54 -0
package/dist/services/password-reset.service.js.map +1 -0
package/dist/services/scheduler.service.d.ts +15 -0
package/dist/services/scheduler.service.d.ts.map +1 -0
package/dist/services/scheduler.service.js +52 -0
package/dist/services/scheduler.service.js.map +1 -0
package/dist/services/security.service.d.ts +17 -0
package/dist/services/security.service.d.ts.map +1 -0
package/dist/services/security.service.js +82 -0
package/dist/services/security.service.js.map +1 -0
package/dist/services/terms.service.d.ts +131 -0
package/dist/services/terms.service.d.ts.map +1 -0
package/dist/services/terms.service.js +210 -0
package/dist/services/terms.service.js.map +1 -0
package/dist/services/totp.service.d.ts +86 -0
package/dist/services/totp.service.d.ts.map +1 -0
package/dist/services/totp.service.js +244 -0
package/dist/services/totp.service.js.map +1 -0
package/dist/services/user-consent.service.d.ts +34 -0
package/dist/services/user-consent.service.d.ts.map +1 -0
package/dist/services/user-consent.service.js +42 -0
package/dist/services/user-consent.service.js.map +1 -0
package/dist/services/user.service.d.ts +60 -0
package/dist/services/user.service.d.ts.map +1 -0
package/dist/services/user.service.js +176 -0
package/dist/services/user.service.js.map +1 -0
package/package.json +155 -0
package/public/assets/index-CrY7bb7j.css +2 -0
package/public/assets/index-jYk5DHP_.js +75 -0
package/public/assets/index-jYk5DHP_.js.map +1 -0
package/public/index.html +27 -0
package/public/vite.svg +1 -0

package/dist/entities/jwt-key.entity.d.ts ADDED Viewed

@@ -0,0 +1,256 @@
+import { type InferEntity } from '@mikro-orm/core';
+import { JwtKeyRepository } from '../repositories/jwt-key.repository.ts';
+/**
+ * JWT Key status for rotation lifecycle
+ *
+ * - next: Key is generated but not yet active (pre-rotation)
+ * - active: Currently used for signing tokens
+ * - previous: Recently rotated out, still valid for verification
+ * - retired: No longer valid for any operation
+ */
+export declare const JwtKeyStatus: {
+    /** Generated but not yet active */
+    readonly NEXT: "next";
+    /** Currently used for signing */
+    readonly ACTIVE: "active";
+    /** Recently rotated, still valid for verification */
+    readonly PREVIOUS: "previous";
+    /** No longer valid */
+    readonly RETIRED: "retired";
+};
+export type JwtKeyStatus = (typeof JwtKeyStatus)[keyof typeof JwtKeyStatus];
+/**
+ * JWT Key Entity for asymmetric key management (RS256)
+ *
+ * Stores RSA key pairs for JWT signing and verification.
+ * Supports key rotation with multiple active keys for seamless transitions.
+ *
+ * Security notes:
+ * - Private keys are stored in PEM format
+ * - In production, consider encrypting private_key column at rest
+ * - Only 'active' keys are used for signing
+ * - 'active' and 'previous' keys are used for verification
+ * - 'previous' keys are exposed in JWKS for token verification
+ */
+export declare const JwtKeyEntitySchema: import("@mikro-orm/core").EntitySchemaWithMeta<"JwtKeyEntity", "jwt_key", import("@mikro-orm/core").InferEntityFromProperties<{
+    /**
+     * Key ID (kid) - unique identifier for JWT header
+     * Format: "key-{timestamp}-{random}"
+     */
+    readonly kid: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<string, Omit<import("@mikro-orm/core").EmptyOptions, "primary"> & {
+        primary: true;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * RSA Private Key in PEM format
+     * Used for signing tokens (only when status is 'active')
+     */
+    readonly private_key: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<string, Omit<import("@mikro-orm/core").EmptyOptions, "hidden"> & {
+        hidden: true;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * RSA Public Key in PEM format
+     * Used for token verification and exposed via JWKS endpoint
+     */
+    readonly public_key: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<string, import("@mikro-orm/core").EmptyOptions, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * JWT signing algorithm
+     */
+    readonly algorithm: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<string, Omit<import("@mikro-orm/core").EmptyOptions, "default"> & {
+        default: "RS256";
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * Key status in rotation lifecycle
+     */
+    readonly status: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<"next" | "previous" | "active" | "retired", Omit<import("@mikro-orm/core").EmptyOptions, "default"> & {
+        default: "next";
+    }, "type" | "default" | "ref" | "hidden" | "length" | "serializedPrimaryKey" | "name" | "comment" | "array" | "fieldName" | "fieldNames" | "columnType" | "columnTypes" | "runtimeType" | "precision" | "scale" | "autoincrement" | "returning" | "onCreate" | "onUpdate" | "defaultRaw" | "formula" | "generated" | "nullable" | "unsigned" | "persist" | "hydrate" | "version" | "concurrencyCheck" | "index" | "unique" | "check" | "lazy" | "primary" | "setter" | "getter" | "getterName" | "accessor" | "serializer" | "serializedName" | "groups" | "customOrder" | "extra" | "ignoreSchemaChanges" | ("~options" | "~type" | "$type" | "strictNullable") | "nativeEnumName">, "type" | "default" | "ref" | "hidden" | "length" | "serializedPrimaryKey" | "name" | "comment" | "array" | "fieldName" | "fieldNames" | "columnType" | "columnTypes" | "runtimeType" | "precision" | "scale" | "autoincrement" | "returning" | "onCreate" | "onUpdate" | "defaultRaw" | "formula" | "generated" | "nullable" | "unsigned" | "persist" | "hydrate" | "version" | "concurrencyCheck" | "index" | "unique" | "check" | "lazy" | "primary" | "setter" | "getter" | "getterName" | "accessor" | "serializer" | "serializedName" | "groups" | "customOrder" | "extra" | "ignoreSchemaChanges" | ("~options" | "~type" | "$type" | "strictNullable") | "nativeEnumName">;
+    /**
+     * Timestamp when key was activated (started signing)
+     */
+    readonly activated_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, Omit<Omit<import("@mikro-orm/core").EmptyOptions, "nullable"> & {
+        nullable: true;
+    }, "default"> & {
+        default: null;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * Timestamp when key was deactivated (stopped signing)
+     */
+    readonly deactivated_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, Omit<Omit<import("@mikro-orm/core").EmptyOptions, "nullable"> & {
+        nullable: true;
+    }, "default"> & {
+        default: null;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * Timestamp when key was retired (no longer valid)
+     */
+    readonly retired_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, Omit<Omit<import("@mikro-orm/core").EmptyOptions, "nullable"> & {
+        nullable: true;
+    }, "default"> & {
+        default: null;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * Scheduled expiration date for automatic rotation
+     */
+    readonly expires_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, Omit<Omit<import("@mikro-orm/core").EmptyOptions, "nullable"> & {
+        nullable: true;
+    }, "default"> & {
+        default: null;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+}, undefined, import("@mikro-orm/core").InferEntityFromProperties<{
+    readonly created_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, import("@mikro-orm/core").EmptyOptions & {
+        onCreate: (...args: any[]) => any;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    readonly updated_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, import("@mikro-orm/core").EmptyOptions & {
+        onCreate: (...args: any[]) => any;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+}, undefined, never, never, false>, typeof JwtKeyRepository, false>, import("@mikro-orm/core").InferEntityFromProperties<{
+    readonly created_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, import("@mikro-orm/core").EmptyOptions & {
+        onCreate: (...args: any[]) => any;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    readonly updated_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, import("@mikro-orm/core").EmptyOptions & {
+        onCreate: (...args: any[]) => any;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+}, undefined, never, never, false>, {
+    /**
+     * Key ID (kid) - unique identifier for JWT header
+     * Format: "key-{timestamp}-{random}"
+     */
+    readonly kid: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<string, Omit<import("@mikro-orm/core").EmptyOptions, "primary"> & {
+        primary: true;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * RSA Private Key in PEM format
+     * Used for signing tokens (only when status is 'active')
+     */
+    readonly private_key: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<string, Omit<import("@mikro-orm/core").EmptyOptions, "hidden"> & {
+        hidden: true;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * RSA Public Key in PEM format
+     * Used for token verification and exposed via JWKS endpoint
+     */
+    readonly public_key: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<string, import("@mikro-orm/core").EmptyOptions, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * JWT signing algorithm
+     */
+    readonly algorithm: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<string, Omit<import("@mikro-orm/core").EmptyOptions, "default"> & {
+        default: "RS256";
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * Key status in rotation lifecycle
+     */
+    readonly status: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<"next" | "previous" | "active" | "retired", Omit<import("@mikro-orm/core").EmptyOptions, "default"> & {
+        default: "next";
+    }, "type" | "default" | "ref" | "hidden" | "length" | "serializedPrimaryKey" | "name" | "comment" | "array" | "fieldName" | "fieldNames" | "columnType" | "columnTypes" | "runtimeType" | "precision" | "scale" | "autoincrement" | "returning" | "onCreate" | "onUpdate" | "defaultRaw" | "formula" | "generated" | "nullable" | "unsigned" | "persist" | "hydrate" | "version" | "concurrencyCheck" | "index" | "unique" | "check" | "lazy" | "primary" | "setter" | "getter" | "getterName" | "accessor" | "serializer" | "serializedName" | "groups" | "customOrder" | "extra" | "ignoreSchemaChanges" | ("~options" | "~type" | "$type" | "strictNullable") | "nativeEnumName">, "type" | "default" | "ref" | "hidden" | "length" | "serializedPrimaryKey" | "name" | "comment" | "array" | "fieldName" | "fieldNames" | "columnType" | "columnTypes" | "runtimeType" | "precision" | "scale" | "autoincrement" | "returning" | "onCreate" | "onUpdate" | "defaultRaw" | "formula" | "generated" | "nullable" | "unsigned" | "persist" | "hydrate" | "version" | "concurrencyCheck" | "index" | "unique" | "check" | "lazy" | "primary" | "setter" | "getter" | "getterName" | "accessor" | "serializer" | "serializedName" | "groups" | "customOrder" | "extra" | "ignoreSchemaChanges" | ("~options" | "~type" | "$type" | "strictNullable") | "nativeEnumName">;
+    /**
+     * Timestamp when key was activated (started signing)
+     */
+    readonly activated_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, Omit<Omit<import("@mikro-orm/core").EmptyOptions, "nullable"> & {
+        nullable: true;
+    }, "default"> & {
+        default: null;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * Timestamp when key was deactivated (stopped signing)
+     */
+    readonly deactivated_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, Omit<Omit<import("@mikro-orm/core").EmptyOptions, "nullable"> & {
+        nullable: true;
+    }, "default"> & {
+        default: null;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * Timestamp when key was retired (no longer valid)
+     */
+    readonly retired_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, Omit<Omit<import("@mikro-orm/core").EmptyOptions, "nullable"> & {
+        nullable: true;
+    }, "default"> & {
+        default: null;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * Scheduled expiration date for automatic rotation
+     */
+    readonly expires_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, Omit<Omit<import("@mikro-orm/core").EmptyOptions, "nullable"> & {
+        nullable: true;
+    }, "default"> & {
+        default: null;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+}, import("@mikro-orm/core").EntityCtor<import("@mikro-orm/core").InferEntityFromProperties<{
+    /**
+     * Key ID (kid) - unique identifier for JWT header
+     * Format: "key-{timestamp}-{random}"
+     */
+    readonly kid: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<string, Omit<import("@mikro-orm/core").EmptyOptions, "primary"> & {
+        primary: true;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * RSA Private Key in PEM format
+     * Used for signing tokens (only when status is 'active')
+     */
+    readonly private_key: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<string, Omit<import("@mikro-orm/core").EmptyOptions, "hidden"> & {
+        hidden: true;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * RSA Public Key in PEM format
+     * Used for token verification and exposed via JWKS endpoint
+     */
+    readonly public_key: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<string, import("@mikro-orm/core").EmptyOptions, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * JWT signing algorithm
+     */
+    readonly algorithm: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<string, Omit<import("@mikro-orm/core").EmptyOptions, "default"> & {
+        default: "RS256";
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * Key status in rotation lifecycle
+     */
+    readonly status: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<"next" | "previous" | "active" | "retired", Omit<import("@mikro-orm/core").EmptyOptions, "default"> & {
+        default: "next";
+    }, "type" | "default" | "ref" | "hidden" | "length" | "serializedPrimaryKey" | "name" | "comment" | "array" | "fieldName" | "fieldNames" | "columnType" | "columnTypes" | "runtimeType" | "precision" | "scale" | "autoincrement" | "returning" | "onCreate" | "onUpdate" | "defaultRaw" | "formula" | "generated" | "nullable" | "unsigned" | "persist" | "hydrate" | "version" | "concurrencyCheck" | "index" | "unique" | "check" | "lazy" | "primary" | "setter" | "getter" | "getterName" | "accessor" | "serializer" | "serializedName" | "groups" | "customOrder" | "extra" | "ignoreSchemaChanges" | ("~options" | "~type" | "$type" | "strictNullable") | "nativeEnumName">, "type" | "default" | "ref" | "hidden" | "length" | "serializedPrimaryKey" | "name" | "comment" | "array" | "fieldName" | "fieldNames" | "columnType" | "columnTypes" | "runtimeType" | "precision" | "scale" | "autoincrement" | "returning" | "onCreate" | "onUpdate" | "defaultRaw" | "formula" | "generated" | "nullable" | "unsigned" | "persist" | "hydrate" | "version" | "concurrencyCheck" | "index" | "unique" | "check" | "lazy" | "primary" | "setter" | "getter" | "getterName" | "accessor" | "serializer" | "serializedName" | "groups" | "customOrder" | "extra" | "ignoreSchemaChanges" | ("~options" | "~type" | "$type" | "strictNullable") | "nativeEnumName">;
+    /**
+     * Timestamp when key was activated (started signing)
+     */
+    readonly activated_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, Omit<Omit<import("@mikro-orm/core").EmptyOptions, "nullable"> & {
+        nullable: true;
+    }, "default"> & {
+        default: null;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * Timestamp when key was deactivated (stopped signing)
+     */
+    readonly deactivated_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, Omit<Omit<import("@mikro-orm/core").EmptyOptions, "nullable"> & {
+        nullable: true;
+    }, "default"> & {
+        default: null;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * Timestamp when key was retired (no longer valid)
+     */
+    readonly retired_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, Omit<Omit<import("@mikro-orm/core").EmptyOptions, "nullable"> & {
+        nullable: true;
+    }, "default"> & {
+        default: null;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    /**
+     * Scheduled expiration date for automatic rotation
+     */
+    readonly expires_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, Omit<Omit<import("@mikro-orm/core").EmptyOptions, "nullable"> & {
+        nullable: true;
+    }, "default"> & {
+        default: null;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+}, undefined, import("@mikro-orm/core").InferEntityFromProperties<{
+    readonly created_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, import("@mikro-orm/core").EmptyOptions & {
+        onCreate: (...args: any[]) => any;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+    readonly updated_at: Pick<import("@mikro-orm/core").UniversalPropertyOptionsBuilder<Date, import("@mikro-orm/core").EmptyOptions & {
+        onCreate: (...args: any[]) => any;
+    }, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>, keyof import("@mikro-orm/core").PropertyOptions<any> | ("~options" | "~type" | "$type" | "strictNullable")>;
+}, undefined, never, never, false>, typeof JwtKeyRepository, false>>>;
+export type IJwtKeyEntity = InferEntity<typeof JwtKeyEntitySchema>;
+export declare class JwtKeyEntity extends JwtKeyEntitySchema.class {
+    /**
+     * Check if key can be used for verification
+     */
+    isVerificationKey(): boolean;
+}
+//# sourceMappingURL=jwt-key.entity.d.ts.map

package/dist/entities/jwt-key.entity.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"jwt-key.entity.d.ts","sourceRoot":"","sources":["../../src/entities/jwt-key.entity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAgB,KAAK,WAAW,EAAE,MAAM,iBAAiB,CAAC;AACjE,OAAO,EAAE,gBAAgB,EAAE,MAAM,uCAAuC,CAAC;AAGzE;;;;;;;GAOG;AACH,eAAO,MAAM,YAAY;IACvB,mCAAmC;;IAEnC,iCAAiC;;IAEjC,qDAAqD;;IAErD,sBAAsB;;CAEd,CAAC;AAEX,MAAM,MAAM,YAAY,GAAG,CAAC,OAAO,YAAY,CAAC,CAAC,MAAM,OAAO,YAAY,CAAC,CAAC;AAE5E;;;;;;;;;;;;GAYG;AACH,eAAO,MAAM,kBAAkB;IAO3B;;;OAGG;;;;IAGH;;;OAGG;;;;IAOH;;;OAGG;;IAGH;;OAEG;;;;IAMH;;OAEG;;;;IAMH;;OAEG;;;;;;IAOH;;OAEG;;;;;;IAOH;;OAEG;;;;;;IAOH;;OAEG;;;;;;;;mBA8Bghb,GAAG;;;mBAAH,GAAG;;;;mBAAH,GAAG;;;mBAAH,GAAG;;;IAjGthb;;;OAGG;;;;IAGH;;;OAGG;;;;IAOH;;;OAGG;;IAGH;;OAEG;;;;IAMH;;OAEG;;;;IAMH;;OAEG;;;;;;IAOH;;OAEG;;;;;;IAOH;;OAEG;;;;;;IAOH;;OAEG;;;;;;;IAnEH;;;OAGG;;;;IAGH;;;OAGG;;;;IAOH;;;OAGG;;IAGH;;OAEG;;;;IAMH;;OAEG;;;;IAMH;;OAEG;;;;;;IAOH;;OAEG;;;;;;IAOH;;OAEG;;;;;;IAOH;;OAEG;;;;;;;;mBA8Bghb,GAAG;;;mBAAH,GAAG;;qEAjBxhb,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,WAAW,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEnE,qBAAa,YAAa,SAAQ,kBAAkB,CAAC,KAAK;IACxD;;OAEG;IACH,iBAAiB,IAAI,OAAO;CAM7B"}

package/dist/entities/jwt-key.entity.js ADDED Viewed

@@ -0,0 +1,125 @@
+import { defineEntity } from '@mikro-orm/core';
+import { JwtKeyRepository } from "../repositories/jwt-key.repository.js";
+import { BaseSchema } from "./base.entity.js";
+/**
+ * JWT Key status for rotation lifecycle
+ *
+ * - next: Key is generated but not yet active (pre-rotation)
+ * - active: Currently used for signing tokens
+ * - previous: Recently rotated out, still valid for verification
+ * - retired: No longer valid for any operation
+ */
+export const JwtKeyStatus = {
+    /** Generated but not yet active */
+    NEXT: 'next',
+    /** Currently used for signing */
+    ACTIVE: 'active',
+    /** Recently rotated, still valid for verification */
+    PREVIOUS: 'previous',
+    /** No longer valid */
+    RETIRED: 'retired',
+};
+/**
+ * JWT Key Entity for asymmetric key management (RS256)
+ *
+ * Stores RSA key pairs for JWT signing and verification.
+ * Supports key rotation with multiple active keys for seamless transitions.
+ *
+ * Security notes:
+ * - Private keys are stored in PEM format
+ * - In production, consider encrypting private_key column at rest
+ * - Only 'active' keys are used for signing
+ * - 'active' and 'previous' keys are used for verification
+ * - 'previous' keys are exposed in JWKS for token verification
+ */
+export const JwtKeyEntitySchema = defineEntity({
+    name: 'JwtKeyEntity',
+    tableName: 'jwt_key',
+    comment: 'RSA key pairs for JWT signing (RS256)',
+    extends: BaseSchema,
+    repository: () => JwtKeyRepository,
+    properties: (p) => ({
+        /**
+         * Key ID (kid) - unique identifier for JWT header
+         * Format: "key-{timestamp}-{random}"
+         */
+        kid: p.string().primary().comment('Key ID for JWT header (kid claim)'),
+        /**
+         * RSA Private Key in PEM format
+         * Used for signing tokens (only when status is 'active')
+         */
+        private_key: p
+            .text()
+            .comment('RSA private key in PEM format')
+            .lazy()
+            .hidden(),
+        /**
+         * RSA Public Key in PEM format
+         * Used for token verification and exposed via JWKS endpoint
+         */
+        public_key: p.text().comment('RSA public key in PEM format'),
+        /**
+         * JWT signing algorithm
+         */
+        algorithm: p
+            .string()
+            .comment('JWT signing algorithm (RS256)')
+            .default('RS256'),
+        /**
+         * Key status in rotation lifecycle
+         */
+        status: p
+            .enum(() => JwtKeyStatus)
+            .comment('Key status: next, active, previous, retired')
+            .default(JwtKeyStatus.NEXT),
+        /**
+         * Timestamp when key was activated (started signing)
+         */
+        activated_at: p
+            .datetime()
+            .comment('When the key was activated for signing')
+            .nullable()
+            .default(null),
+        /**
+         * Timestamp when key was deactivated (stopped signing)
+         */
+        deactivated_at: p
+            .datetime()
+            .comment('When the key was deactivated from signing')
+            .nullable()
+            .default(null),
+        /**
+         * Timestamp when key was retired (no longer valid)
+         */
+        retired_at: p
+            .datetime()
+            .comment('When the key was fully retired')
+            .nullable()
+            .default(null),
+        /**
+         * Scheduled expiration date for automatic rotation
+         */
+        expires_at: p
+            .datetime()
+            .comment('Scheduled expiration for automatic rotation')
+            .nullable()
+            .default(null),
+    }),
+    indexes: [
+        {
+            name: 'jwt_key_status_idx',
+            properties: ['status'],
+        },
+    ],
+});
+export class JwtKeyEntity extends JwtKeyEntitySchema.class {
+    /**
+     * Check if key can be used for verification
+     */
+    isVerificationKey() {
+        return (this.status === JwtKeyStatus.ACTIVE ||
+            this.status === JwtKeyStatus.PREVIOUS);
+    }
+}
+JwtKeyEntitySchema.setClass(JwtKeyEntity);
+//# sourceMappingURL=jwt-key.entity.js.map

package/dist/entities/jwt-key.entity.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"jwt-key.entity.js","sourceRoot":"","sources":["../../src/entities/jwt-key.entity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAoB,MAAM,iBAAiB,CAAC;AACjE,OAAO,EAAE,gBAAgB,EAAE,MAAM,uCAAuC,CAAC;AACzE,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAE9C;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,mCAAmC;IACnC,IAAI,EAAE,MAAM;IACZ,iCAAiC;IACjC,MAAM,EAAE,QAAQ;IAChB,qDAAqD;IACrD,QAAQ,EAAE,UAAU;IACpB,sBAAsB;IACtB,OAAO,EAAE,SAAS;CACV,CAAC;AAIX;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,YAAY,CAAC;IAC7C,IAAI,EAAE,cAAc;IACpB,SAAS,EAAE,SAAS;IACpB,OAAO,EAAE,uCAAuC;IAChD,OAAO,EAAE,UAAU;IACnB,UAAU,EAAE,GAAG,EAAE,CAAC,gBAAgB;IAClC,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAClB;;;WAGG;QACH,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,mCAAmC,CAAC;QAEtE;;;WAGG;QACH,WAAW,EAAE,CAAC;aACX,IAAI,EAAE;aACN,OAAO,CAAC,+BAA+B,CAAC;aACxC,IAAI,EAAE;aACN,MAAM,EAAE;QAEX;;;WAGG;QACH,UAAU,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,8BAA8B,CAAC;QAE5D;;WAEG;QACH,SAAS,EAAE,CAAC;aACT,MAAM,EAAE;aACR,OAAO,CAAC,+BAA+B,CAAC;aACxC,OAAO,CAAC,OAAO,CAAC;QAEnB;;WAEG;QACH,MAAM,EAAE,CAAC;aACN,IAAI,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC;aACxB,OAAO,CAAC,6CAA6C,CAAC;aACtD,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC;QAE7B;;WAEG;QACH,YAAY,EAAE,CAAC;aACZ,QAAQ,EAAE;aACV,OAAO,CAAC,wCAAwC,CAAC;aACjD,QAAQ,EAAE;aACV,OAAO,CAAC,IAAI,CAAC;QAEhB;;WAEG;QACH,cAAc,EAAE,CAAC;aACd,QAAQ,EAAE;aACV,OAAO,CAAC,2CAA2C,CAAC;aACpD,QAAQ,EAAE;aACV,OAAO,CAAC,IAAI,CAAC;QAEhB;;WAEG;QACH,UAAU,EAAE,CAAC;aACV,QAAQ,EAAE;aACV,OAAO,CAAC,gCAAgC,CAAC;aACzC,QAAQ,EAAE;aACV,OAAO,CAAC,IAAI,CAAC;QAEhB;;WAEG;QACH,UAAU,EAAE,CAAC;aACV,QAAQ,EAAE;aACV,OAAO,CAAC,6CAA6C,CAAC;aACtD,QAAQ,EAAE;aACV,OAAO,CAAC,IAAI,CAAC;KACjB,CAAC;IACF,OAAO,EAAE;QACP;YACE,IAAI,EAAE,oBAAoB;YAC1B,UAAU,EAAE,CAAC,QAAQ,CAAC;SACvB;KACF;CACF,CAAC,CAAC;AAIH,MAAM,OAAO,YAAa,SAAQ,kBAAkB,CAAC,KAAK;IACxD;;OAEG;IACH,iBAAiB;QACf,OAAO,CACL,IAAI,CAAC,MAAM,KAAK,YAAY,CAAC,MAAM;YACnC,IAAI,CAAC,MAAM,KAAK,YAAY,CAAC,QAAQ,CACtC,CAAC;IACJ,CAAC;CACF;AAED,kBAAkB,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC"}