@tinyrack/tinyauth-server 0.0.7

package/dist/services/jwt.service.js

@@ -0,0 +1,524 @@
+import { decodeJwt, exportJWK, exportPKCS8, exportSPKI, generateKeyPair, importPKCS8, importSPKI, jwtVerify, SignJWT, } from 'jose';
+import { JwtKeyStatus } from "../entities/jwt-key.entity.js";
+import { bytesToString, fromBase64Url } from "../lib/base64url.js";
+import { e } from "../schemas/error.js";
+/**
+ * JWT Service
+ *
+ * Handles JWT signing and verification using RS256 asymmetric keys.
+ * Manages RSA key pairs for signing with automatic rotation support.
+ * Supports token revocation via RevokedToken repository.
+ *
+ * Key Lifecycle:
+ * 1. next: Generated, waiting to be activated
+ * 2. active: Currently used for signing tokens
+ * 3. previous: Recently rotated, still valid for verification
+ * 4. retired: No longer valid for any operation
+ */
+export class JwtService {
+    /** Cache for active signing key */
+    activeKeyCache = null;
+    activeKeyCacheTime = 0;
+    CACHE_TTL_MS = 60 * 1000; // 1 minute
+    /** Deduplication lock for concurrent ensureActiveKey calls */
+    ensureActiveKeyPromise = null;
+    config;
+    mikro;
+    constructor(config, mikro) {
+        this.config = config;
+        this.mikro = mikro;
+    }
+    // ---------------------------------------------------------------------------
+    // Key Generation & Management
+    // ---------------------------------------------------------------------------
+    /**
+     * Generate a new RSA key pair
+     *
+     * @returns Generated key pair with PEM-encoded keys
+     */
+    async generateKeyPair() {
+        // Generate RSA key pair using jose
+        const { privateKey, publicKey } = await generateKeyPair('RS256', {
+            modulusLength: 2048,
+            extractable: true,
+        });
+        // Export to PEM format using jose's export functions
+        const privateKeyPem = await exportPKCS8(privateKey);
+        const publicKeyPem = await exportSPKI(publicKey);
+        // Generate unique kid
+        const kid = this.generateKid();
+        return {
+            kid,
+            privateKey: privateKeyPem,
+            publicKey: publicKeyPem,
+            algorithm: 'RS256',
+        };
+    }
+    /**
+     * Generate a unique Key ID
+     *
+     * Format: key-{timestamp}-{random}
+     */
+    generateKid() {
+        const timestamp = Date.now().toString(36);
+        const random = crypto.randomUUID().slice(0, 8);
+        return `key-${timestamp}-${random}`;
+    }
+    /**
+     * Ensure at least one active key exists
+     *
+     * Called on server startup to guarantee signing capability.
+     * Generates a new key if none exists.
+     */
+    async ensureActiveKey() {
+        const activeKey = await this.mikro.jwtKey.getActiveKey();
+        if (activeKey) {
+            return activeKey;
+        }
+        // No active key, check for a 'next' key to activate
+        const nextKey = await this.mikro.jwtKey.getNextKey();
+        if (nextKey) {
+            return this.activateKey(nextKey);
+        }
+        // No keys at all, generate and activate a new one
+        return this.createAndActivateKey();
+    }
+    /**
+     * Create a new key and immediately activate it
+     */
+    async createAndActivateKey() {
+        const keyPair = await this.generateKeyPair();
+        const rotationDays = this.config.tokens.key_rotation.interval_days;
+        const expiresAt = new Date();
+        expiresAt.setDate(expiresAt.getDate() + rotationDays);
+        const entity = this.mikro.jwtKey.create({
+            kid: keyPair.kid,
+            private_key: keyPair.privateKey,
+            public_key: keyPair.publicKey,
+            algorithm: keyPair.algorithm,
+            status: JwtKeyStatus.ACTIVE,
+            activated_at: new Date(),
+            expires_at: expiresAt,
+        });
+        await this.mikro.em.persist(entity).flush();
+        // Clear cache
+        this.activeKeyCache = null;
+        return entity;
+    }
+    /**
+     * Create a new key in 'next' status (pre-rotation)
+     */
+    async createNextKey() {
+        const keyPair = await this.generateKeyPair();
+        const rotationDays = this.config.tokens.key_rotation.interval_days;
+        const expiresAt = new Date();
+        expiresAt.setDate(expiresAt.getDate() + rotationDays);
+        const entity = this.mikro.jwtKey.create({
+            kid: keyPair.kid,
+            private_key: keyPair.privateKey,
+            public_key: keyPair.publicKey,
+            algorithm: keyPair.algorithm,
+            status: JwtKeyStatus.NEXT,
+            expires_at: expiresAt,
+        });
+        await this.mikro.em.persist(entity).flush();
+        return entity;
+    }
+    /**
+     * Activate a key (change status to 'active')
+     */
+    async activateKey(key) {
+        key.status = JwtKeyStatus.ACTIVE;
+        key.activated_at = new Date();
+        await this.mikro.em.persist(key).flush();
+        // Clear cache
+        this.activeKeyCache = null;
+        return key;
+    }
+    /**
+     * Deactivate current active key and promote next key
+     *
+     * This is the main rotation operation:
+     * 1. Current active -> previous
+     * 2. Next -> active (or create new if no next)
+     */
+    async rotateKeys() {
+        const currentActive = await this.mikro.jwtKey.getActiveKey();
+        // Deactivate current active key
+        if (currentActive) {
+            currentActive.status = JwtKeyStatus.PREVIOUS;
+            currentActive.deactivated_at = new Date();
+        }
+        // Get or create next key
+        let nextKey = await this.mikro.jwtKey.getNextKey();
+        if (!nextKey) {
+            nextKey = await this.createNextKey();
+        }
+        // Activate the next key
+        nextKey.status = JwtKeyStatus.ACTIVE;
+        nextKey.activated_at = new Date();
+        await this.mikro.em.flush();
+        // Clear cache
+        this.activeKeyCache = null;
+        return nextKey;
+    }
+    /**
+     * Retire old keys past the overlap period
+     *
+     * @param overlapDays - Days to keep previous keys valid
+     */
+    async retireOldKeys(overlapDays) {
+        const days = overlapDays ?? this.config.tokens.key_rotation.overlap_days;
+        const keysToRetire = await this.mikro.jwtKey.getKeysToRetire(days);
+        for (const key of keysToRetire) {
+            key.status = JwtKeyStatus.RETIRED;
+            key.retired_at = new Date();
+        }
+        if (keysToRetire.length > 0) {
+            await this.mikro.em.flush();
+        }
+        return keysToRetire.length;
+    }
+    /**
+     * Get the active signing key (with caching)
+     *
+     * @returns Active key with private_key loaded
+     * @throws Error if no active key exists
+     */
+    async getActiveKey() {
+        const now = Date.now();
+        // Check cache
+        if (this.activeKeyCache &&
+            now - this.activeKeyCacheTime < this.CACHE_TTL_MS) {
+            return this.activeKeyCache;
+        }
+        let key = await this.mikro.jwtKey.getActiveKey();
+        if (!key) {
+            // Lazy initialization: create or promote a key on demand.
+            // Use promise-based deduplication to prevent concurrent
+            // key generation within the same process.
+            if (!this.ensureActiveKeyPromise) {
+                this.ensureActiveKeyPromise = this.ensureActiveKey().finally(() => {
+                    this.ensureActiveKeyPromise = null;
+                });
+            }
+            key = await this.ensureActiveKeyPromise;
+        }
+        // Update cache
+        this.activeKeyCache = key;
+        this.activeKeyCacheTime = now;
+        return key;
+    }
+    /**
+     * Get key by kid for verification
+     *
+     * @param kid - Key ID from JWT header
+     * @returns Key entity or null
+     */
+    async getKeyByKid(kid) {
+        return this.mikro.jwtKey.getByKid(kid);
+    }
+    /**
+     * Get all keys valid for verification
+     *
+     * @returns Array of active and previous keys
+     */
+    async getVerificationKeys() {
+        return this.mikro.jwtKey.getVerificationKeys();
+    }
+    /**
+     * Convert PEM public key to JWK format for JWKS endpoint
+     *
+     * @param key - JWT Key entity
+     * @returns JWK object
+     */
+    async convertToJWK(key) {
+        // Import PEM to KeyLike
+        const publicKey = await importSPKI(key.public_key, key.algorithm);
+        // Export to JWK
+        const jwk = await exportJWK(publicKey);
+        // Return JWK with required fields for RS256
+        return {
+            kty: jwk.kty ?? 'RSA',
+            use: 'sig',
+            kid: key.kid,
+            alg: key.algorithm,
+            ...(jwk.n && { n: jwk.n }),
+            ...(jwk.e && { e: jwk.e }),
+        };
+    }
+    /**
+     * Get JWKS (JSON Web Key Set) for public endpoint
+     *
+     * Returns all active and previous keys in JWK format.
+     *
+     * @returns JWKS object with keys array
+     */
+    async getJWKS() {
+        // Ensure at least one active key exists (lazy initialization)
+        await this.getActiveKey();
+        const keys = await this.mikro.jwtKey.getPublicKeys();
+        const jwks = await Promise.all(keys.map((key) => this.convertToJWK(key)));
+        return { keys: jwks };
+    }
+    /**
+     * Clear the active key cache
+     *
+     * Used after bootstrap or key rotation to ensure fresh key lookup.
+     */
+    clearActiveKeyCache() {
+        this.activeKeyCache = null;
+    }
+    // ---------------------------------------------------------------------------
+    // Token Signing
+    // ---------------------------------------------------------------------------
+    /**
+     * Sign an access token using RS256
+     */
+    async signAccessToken(payload) {
+        const ttl = this.config.tokens.access_token_ttl;
+        const key = await this.getActiveKey();
+        const privateKey = await importPKCS8(key.private_key, key.algorithm);
+        const jti = crypto.randomUUID();
+        const jwt = await new SignJWT({
+            typ: 'access_token',
+            sub: payload.sub,
+            client_id: payload.client_id,
+            scope: payload.scope,
+        })
+            .setProtectedHeader({ alg: key.algorithm, typ: 'JWT', kid: key.kid })
+            .setJti(jti)
+            .setIssuedAt()
+            .setExpirationTime(`${ttl}s`)
+            .setIssuer(this.config.server.public_origin)
+            .sign(privateKey);
+        return jwt;
+    }
+    /**
+     * Sign a refresh token using RS256
+     */
+    async signRefreshToken(payload) {
+        const ttl = this.config.tokens.refresh_token_ttl;
+        const key = await this.getActiveKey();
+        const privateKey = await importPKCS8(key.private_key, key.algorithm);
+        const jti = crypto.randomUUID();
+        const jwt = await new SignJWT({
+            typ: 'refresh_token',
+            sub: payload.sub,
+            client_id: payload.client_id,
+            scope: payload.scope,
+        })
+            .setProtectedHeader({ alg: key.algorithm, typ: 'JWT', kid: key.kid })
+            .setJti(jti)
+            .setIssuedAt()
+            .setExpirationTime(`${ttl}s`)
+            .setIssuer(this.config.server.public_origin)
+            .sign(privateKey);
+        return jwt;
+    }
+    /**
+     * Sign an ID token using RS256 (for OIDC)
+     *
+     * Includes standard OIDC claims:
+     * - auth_time: Time when End-User authentication occurred
+     * - at_hash: Access Token hash (when provided)
+     */
+    async signIdToken(payload) {
+        const ttl = this.config.tokens.access_token_ttl;
+        const key = await this.getActiveKey();
+        const privateKey = await importPKCS8(key.private_key, key.algorithm);
+        const jwt = await new SignJWT({
+            sub: payload.sub,
+            aud: payload.aud,
+            ...(payload.nonce && { nonce: payload.nonce }),
+            ...(payload.auth_time !== undefined && { auth_time: payload.auth_time }),
+            ...(payload.at_hash && { at_hash: payload.at_hash }),
+            ...(payload.email && { email: payload.email }),
+            ...(payload.email_verified !== undefined && {
+                email_verified: payload.email_verified,
+            }),
+            ...(payload.name && { name: payload.name }),
+            ...(payload.picture && { picture: payload.picture }),
+        })
+            .setProtectedHeader({ alg: key.algorithm, typ: 'JWT', kid: key.kid })
+            .setIssuedAt()
+            .setExpirationTime(`${ttl}s`)
+            .setIssuer(this.config.server.public_origin)
+            .sign(privateKey);
+        return jwt;
+    }
+    // ---------------------------------------------------------------------------
+    // Token Verification
+    // ---------------------------------------------------------------------------
+    /**
+     * Verify and decode an access token
+     *
+     * @throws {InvalidAccessToken} When token is invalid, expired, or revoked
+     */
+    async verifyAccessToken(token) {
+        try {
+            const payload = await this.verifyToken(token);
+            if (!this.isAccessTokenPayload(payload)) {
+                throw new Error('Invalid access token payload structure');
+            }
+            // Check if token is revoked
+            if (payload.jti) {
+                const isRevoked = await this.mikro.revokedToken.isRevoked(payload.jti);
+                if (isRevoked) {
+                    throw new Error('Token has been revoked');
+                }
+            }
+            return payload;
+        }
+        catch {
+            throw new e.InvalidAccessToken.Error();
+        }
+    }
+    /**
+     * Verify and decode a refresh token
+     *
+     * @throws {InvalidRefreshToken} When token is invalid, expired, or revoked
+     */
+    async verifyRefreshToken(token) {
+        try {
+            const payload = await this.verifyToken(token);
+            if (!this.isRefreshTokenPayload(payload)) {
+                throw new Error('Invalid refresh token payload structure');
+            }
+            // Check if token is revoked
+            if (payload.jti) {
+                const isRevoked = await this.mikro.revokedToken.isRevoked(payload.jti);
+                if (isRevoked) {
+                    throw new Error('Token has been revoked');
+                }
+            }
+            return payload;
+        }
+        catch {
+            throw new e.InvalidRefreshToken.Error();
+        }
+    }
+    /**
+     * Internal: Verify token with appropriate key based on kid
+     */
+    async verifyToken(token) {
+        // Decode header to get kid
+        const headerPart = token.split('.')[0];
+        if (!headerPart) {
+            throw new Error('Invalid token format');
+        }
+        const header = JSON.parse(bytesToString(fromBase64Url(headerPart)));
+        const kid = typeof header['kid'] === 'string' ? header['kid'] : undefined;
+        // If kid is present, find specific key
+        if (kid) {
+            const key = await this.getKeyByKid(kid);
+            if (key?.isVerificationKey()) {
+                const publicKey = await importSPKI(key.public_key, key.algorithm);
+                const { payload } = await jwtVerify(token, publicKey);
+                return payload;
+            }
+        }
+        // Fallback: try all verification keys
+        const keys = await this.getVerificationKeys();
+        for (const key of keys) {
+            try {
+                const publicKey = await importSPKI(key.public_key, key.algorithm);
+                const { payload } = await jwtVerify(token, publicKey);
+                return payload;
+            }
+            catch { }
+        }
+        throw new Error('Token verification failed with all available keys');
+    }
+    /**
+     * Type guard to validate access token payload structure
+     */
+    isAccessTokenPayload(payload) {
+        return (payload['typ'] === 'access_token' &&
+            typeof payload.sub === 'string' &&
+            typeof payload['client_id'] === 'string' &&
+            typeof payload['scope'] === 'string');
+    }
+    /**
+     * Type guard to validate refresh token payload structure
+     */
+    isRefreshTokenPayload(payload) {
+        return (payload['typ'] === 'refresh_token' &&
+            typeof payload.sub === 'string' &&
+            typeof payload['client_id'] === 'string' &&
+            typeof payload['scope'] === 'string');
+    }
+    /**
+     * Decode a JWT without verification (for introspection)
+     */
+    decodeToken(token) {
+        try {
+            return decodeJwt(token);
+        }
+        catch {
+            return null;
+        }
+    }
+    // ---------------------------------------------------------------------------
+    // Bearer Token Extraction
+    // ---------------------------------------------------------------------------
+    /**
+     * Extract Bearer token from Authorization header
+     *
+     * @param req - Fastify request object
+     * @returns Extracted Bearer token
+     * @throws {MissingAuthorizationHeader} When Authorization header is missing
+     * @throws {InvalidAuthorizationHeaderFormat} When header format is invalid
+     * @throws {MissingBearerToken} When token is missing in header
+     *
+     * @example
+     * ```typescript
+     * const token = jwtService.extractBearerToken(req);
+     * // Returns: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
+     * ```
+     */
+    extractBearerToken(req) {
+        const authHeader = req.headers.authorization;
+        if (!authHeader) {
+            throw new e.MissingAuthorizationHeader.Error();
+        }
+        const parts = authHeader.split(' ');
+        if (parts.length !== 2 || parts[0] !== 'Bearer') {
+            throw new e.InvalidAuthorizationHeaderFormat.Error();
+        }
+        const token = parts[1];
+        if (!token) {
+            throw new e.MissingBearerToken.Error();
+        }
+        return token;
+    }
+    /**
+     * Validate Bearer token and return decoded payload
+     *
+     * Extracts Bearer token from Authorization header and verifies it.
+     * This is the main authentication handler for protected API endpoints.
+     *
+     * @param req - Fastify request object
+     * @returns Decoded access token payload with user and client info
+     * @throws {MissingAuthorizationHeader} When Authorization header is missing
+     * @throws {InvalidAuthorizationHeaderFormat} When header format is invalid
+     * @throws {MissingBearerToken} When token is missing in header
+     * @throws {InvalidAccessToken} When token is invalid or expired
+     *
+     * @example
+     * ```typescript
+     * // In a route handler
+     * const payload = await fastify.jwtService.validateBearerToken(req);
+     * console.log(payload.sub);       // User ID
+     * console.log(payload.client_id); // OAuth client ID
+     * console.log(payload.scope);     // Granted scopes
+     * ```
+     */
+    async validateBearerToken(req) {
+        const token = this.extractBearerToken(req);
+        // Use jwtService for RS256 token verification
+        const payload = await this.verifyAccessToken(token);
+        return payload;
+    }
+}
+//# sourceMappingURL=jwt.service.js.map

package/dist/services/jwt.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.service.js","sourceRoot":"","sources":["../../src/services/jwt.service.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,SAAS,EACT,SAAS,EACT,WAAW,EACX,UAAU,EACV,eAAe,EACf,WAAW,EACX,UAAU,EAEV,SAAS,EACT,OAAO,GACR,MAAM,MAAM,CAAC;AACd,OAAO,EAAqB,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAChF,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAEnE,OAAO,EAAE,CAAC,EAAE,MAAM,qBAAqB,CAAC;AAiIxC;;;;;;;;;;;;GAYG;AACH,MAAM,OAAO,UAAU;IACrB,mCAAmC;IAC3B,cAAc,GAAwB,IAAI,CAAC;IAC3C,kBAAkB,GAAW,CAAC,CAAC;IACtB,YAAY,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW;IAEtD,8DAA8D;IACtD,sBAAsB,GAAiC,IAAI,CAAC;IAEnD,MAAM,CAAwB;IAC9B,KAAK,CAAe;IACrC,YAAY,MAA6B,EAAE,KAAmB;QAC5D,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;IAED,8EAA8E;IAC9E,8BAA8B;IAC9B,8EAA8E;IAE9E;;;;OAIG;IACH,KAAK,CAAC,eAAe;QACnB,mCAAmC;QACnC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,MAAM,eAAe,CAAC,OAAO,EAAE;YAC/D,aAAa,EAAE,IAAI;YACnB,WAAW,EAAE,IAAI;SAClB,CAAC,CAAC;QAEH,qDAAqD;QACrD,MAAM,aAAa,GAAG,MAAM,WAAW,CAAC,UAAU,CAAC,CAAC;QACpD,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,CAAC;QAEjD,sBAAsB;QACtB,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QAE/B,OAAO;YACL,GAAG;YACH,UAAU,EAAE,aAAa;YACzB,SAAS,EAAE,YAAY;YACvB,SAAS,EAAE,OAAO;SACnB,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACK,WAAW;QACjB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC1C,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC/C,OAAO,OAAO,SAAS,IAAI,MAAM,EAAE,CAAC;IACtC,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,eAAe;QACnB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;QAEzD,IAAI,SAAS,EAAE,CAAC;YACd,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,oDAAoD;QACpD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;QAErD,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QACnC,CAAC;QAED,kDAAkD;QAClD,OAAO,IAAI,CAAC,oBAAoB,EAAE,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,oBAAoB;QACxB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAC7C,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,aAAa,CAAC;QAEnE,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;QAC7B,SAAS,CAAC,OAAO,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,YAAY,CAAC,CAAC;QAEtD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC;YACtC,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,WAAW,EAAE,OAAO,CAAC,UAAU;YAC/B,UAAU,EAAE,OAAO,CAAC,SAAS;YAC7B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,MAAM,EAAE,YAAY,CAAC,MAAM;YAC3B,YAAY,EAAE,IAAI,IAAI,EAAE;YACxB,UAAU,EAAE,SAAS;SACtB,CAAC,CAAC;QAEH,MAAM,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,CAAC;QAE5C,cAAc;QACd,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAE3B,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa;QACjB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAC7C,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,aAAa,CAAC;QAEnE,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;QAC7B,SAAS,CAAC,OAAO,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,YAAY,CAAC,CAAC;QAEtD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC;YACtC,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,WAAW,EAAE,OAAO,CAAC,UAAU;YAC/B,UAAU,EAAE,OAAO,CAAC,SAAS;YAC7B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,MAAM,EAAE,YAAY,CAAC,IAAI;YACzB,UAAU,EAAE,SAAS;SACtB,CAAC,CAAC;QAEH,MAAM,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,CAAC;QAE5C,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CAAC,GAAiB;QACjC,GAAG,CAAC,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC;QACjC,GAAG,CAAC,YAAY,GAAG,IAAI,IAAI,EAAE,CAAC;QAE9B,MAAM,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC;QAEzC,cAAc;QACd,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAE3B,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,UAAU;QACd,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;QAE7D,gCAAgC;QAChC,IAAI,aAAa,EAAE,CAAC;YAClB,aAAa,CAAC,MAAM,GAAG,YAAY,CAAC,QAAQ,CAAC;YAC7C,aAAa,CAAC,cAAc,GAAG,IAAI,IAAI,EAAE,CAAC;QAC5C,CAAC;QAED,yBAAyB;QACzB,IAAI,OAAO,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;QAEnD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;QACvC,CAAC;QAED,wBAAwB;QACxB,OAAO,CAAC,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC;QACrC,OAAO,CAAC,YAAY,GAAG,IAAI,IAAI,EAAE,CAAC;QAElC,MAAM,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QAE5B,cAAc;QACd,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAE3B,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,aAAa,CAAC,WAAoB;QACtC,MAAM,IAAI,GAAG,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,YAAY,CAAC;QACzE,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAEnE,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;YAC/B,GAAG,CAAC,MAAM,GAAG,YAAY,CAAC,OAAO,CAAC;YAClC,GAAG,CAAC,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC;QAC9B,CAAC;QAED,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5B,MAAM,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QAC9B,CAAC;QAED,OAAO,YAAY,CAAC,MAAM,CAAC;IAC7B,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,YAAY;QAChB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,cAAc;QACd,IACE,IAAI,CAAC,cAAc;YACnB,GAAG,GAAG,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,YAAY,EACjD,CAAC;YACD,OAAO,IAAI,CAAC,cAAc,CAAC;QAC7B,CAAC;QAED,IAAI,GAAG,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;QAEjD,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,0DAA0D;YAC1D,wDAAwD;YACxD,0CAA0C;YAC1C,IAAI,CAAC,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBACjC,IAAI,CAAC,sBAAsB,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE;oBAChE,IAAI,CAAC,sBAAsB,GAAG,IAAI,CAAC;gBACrC,CAAC,CAAC,CAAC;YACL,CAAC;YACD,GAAG,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC;QAC1C,CAAC;QAED,eAAe;QACf,IAAI,CAAC,cAAc,GAAG,GAAG,CAAC;QAC1B,IAAI,CAAC,kBAAkB,GAAG,GAAG,CAAC;QAE9B,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,WAAW,CAAC,GAAW;QAC3B,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,mBAAmB;QACvB,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC;IACjD,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,YAAY,CAAC,GAAiB;QAClC,wBAAwB;QACxB,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;QAElE,gBAAgB;QAChB,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,CAAC;QAEvC,4CAA4C;QAC5C,OAAO;YACL,GAAG,EAAE,GAAG,CAAC,GAAG,IAAI,KAAK;YACrB,GAAG,EAAE,KAAK;YACV,GAAG,EAAE,GAAG,CAAC,GAAG;YACZ,GAAG,EAAE,GAAG,CAAC,SAAS;YAClB,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;YAC1B,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;SAC3B,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,OAAO;QAGX,8DAA8D;QAC9D,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAE1B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;QAErD,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAE1E,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACxB,CAAC;IAED;;;;OAIG;IACH,mBAAmB;QACjB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;IAC7B,CAAC;IAED,8EAA8E;IAC9E,gBAAgB;IAChB,8EAA8E;IAE9E;;OAEG;IACH,KAAK,CAAC,eAAe,CAAC,OAA2B;QAC/C,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC;QAChD,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QACtC,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,GAAG,CAAC,WAAW,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;QACrE,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEhC,MAAM,GAAG,GAAG,MAAM,IAAI,OAAO,CAAC;YAC5B,GAAG,EAAE,cAAc;YACnB,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,KAAK,EAAE,OAAO,CAAC,KAAK;SACrB,CAAC;aACC,kBAAkB,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC;aACpE,MAAM,CAAC,GAAG,CAAC;aACX,WAAW,EAAE;aACb,iBAAiB,CAAC,GAAG,GAAG,GAAG,CAAC;aAC5B,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC;aAC3C,IAAI,CAAC,UAAU,CAAC,CAAC;QAEpB,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB,CAAC,OAA4B;QACjD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,iBAAiB,CAAC;QACjD,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QACtC,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,GAAG,CAAC,WAAW,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;QACrE,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEhC,MAAM,GAAG,GAAG,MAAM,IAAI,OAAO,CAAC;YAC5B,GAAG,EAAE,eAAe;YACpB,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,KAAK,EAAE,OAAO,CAAC,KAAK;SACrB,CAAC;aACC,kBAAkB,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC;aACpE,MAAM,CAAC,GAAG,CAAC;aACX,WAAW,EAAE;aACb,iBAAiB,CAAC,GAAG,GAAG,GAAG,CAAC;aAC5B,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC;aAC3C,IAAI,CAAC,UAAU,CAAC,CAAC;QAEpB,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,WAAW,CAAC,OAAuB;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC;QAChD,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QACtC,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,GAAG,CAAC,WAAW,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;QAErE,MAAM,GAAG,GAAG,MAAM,IAAI,OAAO,CAAC;YAC5B,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,GAAG,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC;YAC9C,GAAG,CAAC,OAAO,CAAC,SAAS,KAAK,SAAS,IAAI,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC;YACxE,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,CAAC;YACpD,GAAG,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC;YAC9C,GAAG,CAAC,OAAO,CAAC,cAAc,KAAK,SAAS,IAAI;gBAC1C,cAAc,EAAE,OAAO,CAAC,cAAc;aACvC,CAAC;YACF,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC;YAC3C,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,CAAC;SACrD,CAAC;aACC,kBAAkB,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC;aACpE,WAAW,EAAE;aACb,iBAAiB,CAAC,GAAG,GAAG,GAAG,CAAC;aAC5B,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC;aAC3C,IAAI,CAAC,UAAU,CAAC,CAAC;QAEpB,OAAO,GAAG,CAAC;IACb,CAAC;IAED,8EAA8E;IAC9E,qBAAqB;IACrB,8EAA8E;IAE9E;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,KAAa;QACnC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YAE9C,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;YAC5D,CAAC;YAED,4BAA4B;YAC5B,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;gBAChB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;gBACvE,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;gBAC5C,CAAC;YACH,CAAC;YAED,OAAO,OAAO,CAAC;QACjB,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,CAAC,CAAC,kBAAkB,CAAC,KAAK,EAAE,CAAC;QACzC,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,kBAAkB,CAAC,KAAa;QACpC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YAE9C,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,EAAE,CAAC;gBACzC,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;YAC7D,CAAC;YAED,4BAA4B;YAC5B,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;gBAChB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;gBACvE,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;gBAC5C,CAAC;YACH,CAAC;YAED,OAAO,OAAO,CAAC;QACjB,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,CAAC,CAAC,mBAAmB,CAAC,KAAK,EAAE,CAAC;QAC1C,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,WAAW,CAAC,KAAa;QACrC,2BAA2B;QAC3B,MAAM,UAAU,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACvC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC1C,CAAC;QACD,MAAM,MAAM,GAA4B,IAAI,CAAC,KAAK,CAChD,aAAa,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC,CACzC,CAAC;QACF,MAAM,GAAG,GAAG,OAAO,MAAM,CAAC,KAAK,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAE1E,uCAAuC;QACvC,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YAExC,IAAI,GAAG,EAAE,iBAAiB,EAAE,EAAE,CAAC;gBAC7B,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;gBAClE,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;gBACtD,OAAO,OAAO,CAAC;YACjB,CAAC;QACH,CAAC;QAED,sCAAsC;QACtC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAE9C,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,IAAI,CAAC;gBACH,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;gBAClE,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;gBACtD,OAAO,OAAO,CAAC;YACjB,CAAC;YAAC,MAAM,CAAC,CAAA,CAAC;QACZ,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;IACvE,CAAC;IAED;;OAEG;IACK,oBAAoB,CAC1B,OAAmB;QAEnB,OAAO,CACL,OAAO,CAAC,KAAK,CAAC,KAAK,cAAc;YACjC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;YAC/B,OAAO,OAAO,CAAC,WAAW,CAAC,KAAK,QAAQ;YACxC,OAAO,OAAO,CAAC,OAAO,CAAC,KAAK,QAAQ,CACrC,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,qBAAqB,CAC3B,OAAmB;QAEnB,OAAO,CACL,OAAO,CAAC,KAAK,CAAC,KAAK,eAAe;YAClC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;YAC/B,OAAO,OAAO,CAAC,WAAW,CAAC,KAAK,QAAQ;YACxC,OAAO,OAAO,CAAC,OAAO,CAAC,KAAK,QAAQ,CACrC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,KAAa;QACvB,IAAI,CAAC;YACH,OAAO,SAAS,CAAC,KAAK,CAAC,CAAC;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,0BAA0B;IAC1B,8EAA8E;IAE9E;;;;;;;;;;;;;;OAcG;IACH,kBAAkB,CAAC,GAA4C;QAC7D,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;QAE7C,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,CAAC,CAAC,0BAA0B,CAAC,KAAK,EAAE,CAAC;QACjD,CAAC;QAED,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAEpC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;YAChD,MAAM,IAAI,CAAC,CAAC,gCAAgC,CAAC,KAAK,EAAE,CAAC;QACvD,CAAC;QAED,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,CAAC,CAAC,kBAAkB,CAAC,KAAK,EAAE,CAAC;QACzC,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;OAqBG;IACH,KAAK,CAAC,mBAAmB,CAAC,GAEzB;QACC,MAAM,KAAK,GAAG,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAE3C,8CAA8C;QAC9C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;QACpD,OAAO,OAAO,CAAC;IACjB,CAAC;CACF"}

package/dist/services/mikro.service.d.ts

@@ -0,0 +1,43 @@
+import { MikroORM } from '@mikro-orm/core';
+import type { TinyAuthRuntimeConfig } from '../lib/config/index.ts';
+import type { Logger } from '../lib/logger.ts';
+import type { EmailVerificationRepository } from '../repositories/email-verification.repository.ts';
+import type { JwtKeyRepository } from '../repositories/jwt-key.repository.ts';
+import type { OAuthClientRepository } from '../repositories/oauth-client.repository.ts';
+import type { OAuthCodeRepository } from '../repositories/oauth-code.repository.ts';
+import type { PasswordResetRepository } from '../repositories/password-reset.repository.ts';
+import type { PendingOAuthRegistrationRepository } from '../repositories/pending-oauth-registration.repository.ts';
+import type { RevokedTokenRepository } from '../repositories/revoked-token.repository.ts';
+import type { TermsRepository } from '../repositories/terms.repository.ts';
+import type { TermsContentRepository } from '../repositories/terms-content.repository.ts';
+import type { UserRepository } from '../repositories/user.repository.ts';
+import type { UserConsentRepository } from '../repositories/user-consent.repository.ts';
+import type { UserOAuthRepository } from '../repositories/user-oauth.repository.ts';
+import type { UserPasskeyRepository } from '../repositories/user-passkey.repository.ts';
+import type { UserTermsConsentRepository } from '../repositories/user-terms-consent.repository.ts';
+import type { UserTotpRepository } from '../repositories/user-totp.repository.ts';
+import type { UserTotpRecoveryCodeRepository } from '../repositories/user-totp-recovery-code.repository.ts';
+export declare class MikroService {
+    readonly orm: MikroORM;
+    readonly em: MikroORM['em'];
+    readonly user: UserRepository;
+    readonly userOAuth: UserOAuthRepository;
+    readonly oauthCode: OAuthCodeRepository;
+    readonly oauthClient: OAuthClientRepository;
+    readonly emailVerification: EmailVerificationRepository;
+    readonly passwordReset: PasswordResetRepository;
+    readonly pendingOAuthRegistration: PendingOAuthRegistrationRepository;
+    readonly jwtKey: JwtKeyRepository;
+    readonly revokedToken: RevokedTokenRepository;
+    readonly userConsent: UserConsentRepository;
+    readonly userTermsConsent: UserTermsConsentRepository;
+    readonly userTotp: UserTotpRepository;
+    readonly userTotpRecoveryCode: UserTotpRecoveryCodeRepository;
+    readonly userPasskey: UserPasskeyRepository;
+    readonly terms: TermsRepository;
+    readonly termsContent: TermsContentRepository;
+    private constructor();
+    static initialize(config: TinyAuthRuntimeConfig, logger: Logger): Promise<MikroService>;
+    close(): Promise<void>;
+}
+//# sourceMappingURL=mikro.service.d.ts.map

package/dist/services/mikro.service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mikro.service.d.ts","sourceRoot":"","sources":["../../src/services/mikro.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAiB3C,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AACpE,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,KAAK,EAAE,2BAA2B,EAAE,MAAM,kDAAkD,CAAC;AACpG,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uCAAuC,CAAC;AAC9E,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4CAA4C,CAAC;AACxF,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,0CAA0C,CAAC;AACpF,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,8CAA8C,CAAC;AAC5F,OAAO,KAAK,EAAE,kCAAkC,EAAE,MAAM,0DAA0D,CAAC;AACnH,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,6CAA6C,CAAC;AAC1F,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,qCAAqC,CAAC;AAC3E,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,6CAA6C,CAAC;AAC1F,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AACzE,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4CAA4C,CAAC;AACxF,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,0CAA0C,CAAC;AACpF,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4CAA4C,CAAC;AACxF,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,kDAAkD,CAAC;AACnG,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,yCAAyC,CAAC;AAClF,OAAO,KAAK,EAAE,8BAA8B,EAAE,MAAM,uDAAuD,CAAC;AAE5G,qBAAa,YAAY;IACvB,SAAgB,GAAG,EAAE,QAAQ,CAAC;IAC9B,SAAgB,EAAE,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;IACnC,SAAgB,IAAI,EAAE,cAAc,CAAC;IACrC,SAAgB,SAAS,EAAE,mBAAmB,CAAC;IAC/C,SAAgB,SAAS,EAAE,mBAAmB,CAAC;IAC/C,SAAgB,WAAW,EAAE,qBAAqB,CAAC;IACnD,SAAgB,iBAAiB,EAAE,2BAA2B,CAAC;IAC/D,SAAgB,aAAa,EAAE,uBAAuB,CAAC;IACvD,SAAgB,wBAAwB,EAAE,kCAAkC,CAAC;IAC7E,SAAgB,MAAM,EAAE,gBAAgB,CAAC;IACzC,SAAgB,YAAY,EAAE,sBAAsB,CAAC;IACrD,SAAgB,WAAW,EAAE,qBAAqB,CAAC;IACnD,SAAgB,gBAAgB,EAAE,0BAA0B,CAAC;IAC7D,SAAgB,QAAQ,EAAE,kBAAkB,CAAC;IAC7C,SAAgB,oBAAoB,EAAE,8BAA8B,CAAC;IACrE,SAAgB,WAAW,EAAE,qBAAqB,CAAC;IACnD,SAAgB,KAAK,EAAE,eAAe,CAAC;IACvC,SAAgB,YAAY,EAAE,sBAAsB,CAAC;IAErD,OAAO;WA2Ba,UAAU,CAC5B,MAAM,EAAE,qBAAqB,EAC7B,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,YAAY,CAAC;IAUX,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAGpC"}

package/dist/services/mikro.service.js

@@ -0,0 +1,68 @@
+import { MikroORM } from '@mikro-orm/core';
+import { EmailVerificationEntitySchema } from "../entities/email-verification.entity.js";
+import { JwtKeyEntity } from "../entities/jwt-key.entity.js";
+import { OAuthClientEntitySchema } from "../entities/oauth-client.entity.js";
+import { OAuthCodeEntitySchema } from "../entities/oauth-code.entity.js";
+import { PasswordResetEntitySchema } from "../entities/password-reset.entity.js";
+import { PendingOAuthRegistrationEntitySchema } from "../entities/pending-oauth-registration.entity.js";
+import { RevokedTokenEntitySchema } from "../entities/revoked-token.entity.js";
+import { TermsEntitySchema } from "../entities/terms.entity.js";
+import { TermsContentEntitySchema } from "../entities/terms-content.entity.js";
+import { UserEntity } from "../entities/user.entity.js";
+import { UserConsentEntity } from "../entities/user-consent.entity.js";
+import { UserOAuthEntitySchema } from "../entities/user-oauth.entity.js";
+import { UserPasskeyEntitySchema } from "../entities/user-passkey.entity.js";
+import { UserTermsConsentEntity } from "../entities/user-terms-consent.entity.js";
+import { UserTotpEntitySchema } from "../entities/user-totp.entity.js";
+import { UserTotpRecoveryCodeEntitySchema } from "../entities/user-totp-recovery-code.entity.js";
+export class MikroService {
+    orm;
+    em;
+    user;
+    userOAuth;
+    oauthCode;
+    oauthClient;
+    emailVerification;
+    passwordReset;
+    pendingOAuthRegistration;
+    jwtKey;
+    revokedToken;
+    userConsent;
+    userTermsConsent;
+    userTotp;
+    userTotpRecoveryCode;
+    userPasskey;
+    terms;
+    termsContent;
+    constructor(orm) {
+        this.orm = orm;
+        this.em = orm.em;
+        this.user = orm.em.getRepository(UserEntity);
+        this.userOAuth = orm.em.getRepository(UserOAuthEntitySchema);
+        this.oauthCode = orm.em.getRepository(OAuthCodeEntitySchema);
+        this.oauthClient = orm.em.getRepository(OAuthClientEntitySchema);
+        this.emailVerification = orm.em.getRepository(EmailVerificationEntitySchema);
+        this.passwordReset = orm.em.getRepository(PasswordResetEntitySchema);
+        this.pendingOAuthRegistration = orm.em.getRepository(PendingOAuthRegistrationEntitySchema);
+        this.jwtKey = orm.em.getRepository(JwtKeyEntity);
+        this.revokedToken = orm.em.getRepository(RevokedTokenEntitySchema);
+        this.userConsent = orm.em.getRepository(UserConsentEntity);
+        this.userTermsConsent = orm.em.getRepository(UserTermsConsentEntity);
+        this.userTotp = orm.em.getRepository(UserTotpEntitySchema);
+        this.userTotpRecoveryCode = orm.em.getRepository(UserTotpRecoveryCodeEntitySchema);
+        this.userPasskey = orm.em.getRepository(UserPasskeyEntitySchema);
+        this.terms = orm.em.getRepository(TermsEntitySchema);
+        this.termsContent = orm.em.getRepository(TermsContentEntitySchema);
+    }
+    static async initialize(config, logger) {
+        logger.info('Initializing MikroORM...');
+        const orm = await MikroORM.init(await config.database.getMikroOrmOptions());
+        await config.database.initialize(orm);
+        logger.info('MikroORM initialized');
+        return new MikroService(orm);
+    }
+    async close() {
+        await this.orm.close();
+    }
+}
+//# sourceMappingURL=mikro.service.js.map

package/dist/services/mikro.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mikro.service.js","sourceRoot":"","sources":["../../src/services/mikro.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,6BAA6B,EAAE,MAAM,0CAA0C,CAAC;AACzF,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAC7D,OAAO,EAAE,uBAAuB,EAAE,MAAM,oCAAoC,CAAC;AAC7E,OAAO,EAAE,qBAAqB,EAAE,MAAM,kCAAkC,CAAC;AACzE,OAAO,EAAE,yBAAyB,EAAE,MAAM,sCAAsC,CAAC;AACjF,OAAO,EAAE,oCAAoC,EAAE,MAAM,kDAAkD,CAAC;AACxG,OAAO,EAAE,wBAAwB,EAAE,MAAM,qCAAqC,CAAC;AAC/E,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAChE,OAAO,EAAE,wBAAwB,EAAE,MAAM,qCAAqC,CAAC;AAC/E,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EAAE,qBAAqB,EAAE,MAAM,kCAAkC,CAAC;AACzE,OAAO,EAAE,uBAAuB,EAAE,MAAM,oCAAoC,CAAC;AAC7E,OAAO,EAAE,sBAAsB,EAAE,MAAM,0CAA0C,CAAC;AAClF,OAAO,EAAE,oBAAoB,EAAE,MAAM,iCAAiC,CAAC;AACvE,OAAO,EAAE,gCAAgC,EAAE,MAAM,+CAA+C,CAAC;AAoBjG,MAAM,OAAO,YAAY;IACP,GAAG,CAAW;IACd,EAAE,CAAiB;IACnB,IAAI,CAAiB;IACrB,SAAS,CAAsB;IAC/B,SAAS,CAAsB;IAC/B,WAAW,CAAwB;IACnC,iBAAiB,CAA8B;IAC/C,aAAa,CAA0B;IACvC,wBAAwB,CAAqC;IAC7D,MAAM,CAAmB;IACzB,YAAY,CAAyB;IACrC,WAAW,CAAwB;IACnC,gBAAgB,CAA6B;IAC7C,QAAQ,CAAqB;IAC7B,oBAAoB,CAAiC;IACrD,WAAW,CAAwB;IACnC,KAAK,CAAkB;IACvB,YAAY,CAAyB;IAErD,YAAoB,GAAa;QAC/B,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;QAC7C,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,qBAAqB,CAAC,CAAC;QAC7D,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,qBAAqB,CAAC,CAAC;QAC7D,IAAI,CAAC,WAAW,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,uBAAuB,CAAC,CAAC;QACjE,IAAI,CAAC,iBAAiB,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAC3C,6BAA6B,CAC9B,CAAC;QACF,IAAI,CAAC,aAAa,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,yBAAyB,CAAC,CAAC;QACrE,IAAI,CAAC,wBAAwB,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAClD,oCAAoC,CACrC,CAAC;QACF,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC;QACjD,IAAI,CAAC,YAAY,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,wBAAwB,CAAC,CAAC;QACnE,IAAI,CAAC,WAAW,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,iBAAiB,CAAC,CAAC;QAC3D,IAAI,CAAC,gBAAgB,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,sBAAsB,CAAC,CAAC;QACrE,IAAI,CAAC,QAAQ,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,oBAAoB,CAAC,CAAC;QAC3D,IAAI,CAAC,oBAAoB,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAC9C,gCAAgC,CACjC,CAAC;QACF,IAAI,CAAC,WAAW,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,uBAAuB,CAAC,CAAC;QACjE,IAAI,CAAC,KAAK,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,iBAAiB,CAAC,CAAC;QACrD,IAAI,CAAC,YAAY,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,wBAAwB,CAAC,CAAC;IACrE,CAAC;IAEM,MAAM,CAAC,KAAK,CAAC,UAAU,CAC5B,MAA6B,EAC7B,MAAc;QAEd,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;QACxC,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,kBAAkB,EAAE,CAAC,CAAC;QAC5E,MAAM,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAEtC,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QAEpC,OAAO,IAAI,YAAY,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC;IAEM,KAAK,CAAC,KAAK;QAChB,MAAM,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;IACzB,CAAC;CACF"}