@usequota/nextjs 0.2.0 → 0.3.0

package/dist/server.d.mts

@@ -1,93 +1,7 @@
-export { Q as QuotaError, a as QuotaInsufficientCreditsError, b as QuotaNotConnectedError, d as QuotaRateLimitError, c as QuotaTokenExpiredError, e as errorFromResponse } from './errors-CmNx3kSz.mjs';
+import { QuotaTokenStorage } from '@usequota/core';
+export { InMemoryTokenStorage, OAuthTokenResponse, QuotaClient, QuotaClientConfig, QuotaError, QuotaInsufficientCreditsError, QuotaNotConnectedError, QuotaRateLimitError, QuotaTokenExpiredError, QuotaTokenStorage, VerifyWebhookOptions, WebhookEvent, createWebhookHandler, errorFromResponse, exchangeCodeForToken, parseSSEStream, parseWebhook, refreshAccessToken, verifyWebhookSignature } from '@usequota/core';
 import { QuotaUser, CreditPackage } from '@usequota/types';
 
-/**
- * @usequota/nextjs - Token Storage Adapter
- *
- * Defines the interface for pluggable token storage backends.
- * The default implementation uses httpOnly cookies, but apps can
- * provide their own (e.g., Supabase, Redis, a database).
- */
-/**
- * Pluggable token storage adapter for the Quota SDK.
- *
- * Implement this interface to store Quota OAuth tokens in your own backend
- * (database, Redis, etc.) instead of the default httpOnly cookies.
- *
- * @example
- * ```typescript
- * import { QuotaTokenStorage } from '@usequota/nextjs/server';
- * import { createClient } from '@supabase/supabase-js';
- *
- * const supabaseTokenStorage: QuotaTokenStorage = {
- *   async getTokens(request) {
- *     const supabase = createClient(...);
- *     const userId = await getUserId(request);
- *     const { data } = await supabase
- *       .from('quota_accounts')
- *       .select('access_token, refresh_token')
- *       .eq('user_id', userId)
- *       .single();
- *     if (!data) return null;
- *     return { accessToken: data.access_token, refreshToken: data.refresh_token };
- *   },
- *
- *   async setTokens(tokens, request) {
- *     const supabase = createClient(...);
- *     const userId = await getUserId(request);
- *     await supabase.from('quota_accounts').upsert({
- *       user_id: userId,
- *       access_token: tokens.accessToken,
- *       refresh_token: tokens.refreshToken,
- *     });
- *   },
- *
- *   async deleteTokens(request) {
- *     const supabase = createClient(...);
- *     const userId = await getUserId(request);
- *     await supabase.from('quota_accounts').delete().eq('user_id', userId);
- *   },
- * };
- * ```
- */
-interface QuotaTokenStorage {
-    /**
-     * Retrieve stored tokens for the current request's user.
-     * Return null if no tokens are stored.
-     */
-    getTokens(request: Request): Promise<{
-        accessToken: string;
-        refreshToken?: string;
-    } | null>;
-    /**
-     * Persist tokens for the current request's user.
-     * Called after OAuth callback and after token refresh.
-     *
-     * For storage backends that modify the Response (like cookies),
-     * return the modified Response. For backends that don't modify
-     * the Response (like databases), return void.
-     */
-    setTokens(tokens: {
-        accessToken: string;
-        refreshToken?: string;
-        expiresIn?: number;
-    }, request: Request, response?: Response): Promise<Response | void>;
-    /**
-     * Delete all stored tokens for the current request's user.
-     * Called on disconnect.
-     *
-     * For storage backends that modify the Response (like cookies),
-     * return the modified Response. For backends that don't modify
-     * the Response (like databases), return void.
-     */
-    deleteTokens(request: Request, response?: Response): Promise<Response | void>;
-    /**
-     * Get the external user ID for hosted mode.
-     * Only required if you use hosted storage mode alongside tokenStorage.
-     */
-    getExternalUserId?(request: Request): Promise<string | null>;
-}
-
 /**
  * @usequota/nextjs - Route Handler Factory
  *
@@ -474,4 +388,4 @@ declare function clearQuotaAuth(config?: {
     cookiePrefix?: string;
 }): Promise<void>;
 
-export { type QuotaAuthContext, type QuotaRouteHandlerConfig, type QuotaRouteHandlers, type QuotaServerConfig, type QuotaTokenStorage, type WithQuotaAuthConfig, clearQuotaAuth, createQuotaCheckout, createQuotaRouteHandlers, getQuotaPackages, getQuotaUser, requireQuotaAuth, withQuotaAuth };
+export { type QuotaAuthContext, type QuotaRouteHandlerConfig, type QuotaRouteHandlers, type QuotaServerConfig, type WithQuotaAuthConfig, clearQuotaAuth, createQuotaCheckout, createQuotaRouteHandlers, getQuotaPackages, getQuotaUser, requireQuotaAuth, withQuotaAuth };

package/dist/server.d.ts

@@ -1,93 +1,7 @@
-export { Q as QuotaError, a as QuotaInsufficientCreditsError, b as QuotaNotConnectedError, d as QuotaRateLimitError, c as QuotaTokenExpiredError, e as errorFromResponse } from './errors-CmNx3kSz.js';
+import { QuotaTokenStorage } from '@usequota/core';
+export { InMemoryTokenStorage, OAuthTokenResponse, QuotaClient, QuotaClientConfig, QuotaError, QuotaInsufficientCreditsError, QuotaNotConnectedError, QuotaRateLimitError, QuotaTokenExpiredError, QuotaTokenStorage, VerifyWebhookOptions, WebhookEvent, createWebhookHandler, errorFromResponse, exchangeCodeForToken, parseSSEStream, parseWebhook, refreshAccessToken, verifyWebhookSignature } from '@usequota/core';
 import { QuotaUser, CreditPackage } from '@usequota/types';
 
-/**
- * @usequota/nextjs - Token Storage Adapter
- *
- * Defines the interface for pluggable token storage backends.
- * The default implementation uses httpOnly cookies, but apps can
- * provide their own (e.g., Supabase, Redis, a database).
- */
-/**
- * Pluggable token storage adapter for the Quota SDK.
- *
- * Implement this interface to store Quota OAuth tokens in your own backend
- * (database, Redis, etc.) instead of the default httpOnly cookies.
- *
- * @example
- * ```typescript
- * import { QuotaTokenStorage } from '@usequota/nextjs/server';
- * import { createClient } from '@supabase/supabase-js';
- *
- * const supabaseTokenStorage: QuotaTokenStorage = {
- *   async getTokens(request) {
- *     const supabase = createClient(...);
- *     const userId = await getUserId(request);
- *     const { data } = await supabase
- *       .from('quota_accounts')
- *       .select('access_token, refresh_token')
- *       .eq('user_id', userId)
- *       .single();
- *     if (!data) return null;
- *     return { accessToken: data.access_token, refreshToken: data.refresh_token };
- *   },
- *
- *   async setTokens(tokens, request) {
- *     const supabase = createClient(...);
- *     const userId = await getUserId(request);
- *     await supabase.from('quota_accounts').upsert({
- *       user_id: userId,
- *       access_token: tokens.accessToken,
- *       refresh_token: tokens.refreshToken,
- *     });
- *   },
- *
- *   async deleteTokens(request) {
- *     const supabase = createClient(...);
- *     const userId = await getUserId(request);
- *     await supabase.from('quota_accounts').delete().eq('user_id', userId);
- *   },
- * };
- * ```
- */
-interface QuotaTokenStorage {
-    /**
-     * Retrieve stored tokens for the current request's user.
-     * Return null if no tokens are stored.
-     */
-    getTokens(request: Request): Promise<{
-        accessToken: string;
-        refreshToken?: string;
-    } | null>;
-    /**
-     * Persist tokens for the current request's user.
-     * Called after OAuth callback and after token refresh.
-     *
-     * For storage backends that modify the Response (like cookies),
-     * return the modified Response. For backends that don't modify
-     * the Response (like databases), return void.
-     */
-    setTokens(tokens: {
-        accessToken: string;
-        refreshToken?: string;
-        expiresIn?: number;
-    }, request: Request, response?: Response): Promise<Response | void>;
-    /**
-     * Delete all stored tokens for the current request's user.
-     * Called on disconnect.
-     *
-     * For storage backends that modify the Response (like cookies),
-     * return the modified Response. For backends that don't modify
-     * the Response (like databases), return void.
-     */
-    deleteTokens(request: Request, response?: Response): Promise<Response | void>;
-    /**
-     * Get the external user ID for hosted mode.
-     * Only required if you use hosted storage mode alongside tokenStorage.
-     */
-    getExternalUserId?(request: Request): Promise<string | null>;
-}
-
 /**
  * @usequota/nextjs - Route Handler Factory
  *
@@ -474,4 +388,4 @@ declare function clearQuotaAuth(config?: {
     cookiePrefix?: string;
 }): Promise<void>;
 
-export { type QuotaAuthContext, type QuotaRouteHandlerConfig, type QuotaRouteHandlers, type QuotaServerConfig, type QuotaTokenStorage, type WithQuotaAuthConfig, clearQuotaAuth, createQuotaCheckout, createQuotaRouteHandlers, getQuotaPackages, getQuotaUser, requireQuotaAuth, withQuotaAuth };
+export { type QuotaAuthContext, type QuotaRouteHandlerConfig, type QuotaRouteHandlers, type QuotaServerConfig, type WithQuotaAuthConfig, clearQuotaAuth, createQuotaCheckout, createQuotaRouteHandlers, getQuotaPackages, getQuotaUser, requireQuotaAuth, withQuotaAuth };

package/dist/server.js

@@ -30,169 +30,53 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // src/server.ts
 var server_exports = {};
 __export(server_exports, {
-  QuotaError: () => QuotaError,
-  QuotaInsufficientCreditsError: () => QuotaInsufficientCreditsError,
-  QuotaNotConnectedError: () => QuotaNotConnectedError,
-  QuotaRateLimitError: () => QuotaRateLimitError,
-  QuotaTokenExpiredError: () => QuotaTokenExpiredError,
+  InMemoryTokenStorage: () => import_core10.InMemoryTokenStorage,
+  QuotaClient: () => import_core6.QuotaClient,
+  QuotaError: () => import_core5.QuotaError,
+  QuotaInsufficientCreditsError: () => import_core5.QuotaInsufficientCreditsError,
+  QuotaNotConnectedError: () => import_core5.QuotaNotConnectedError,
+  QuotaRateLimitError: () => import_core5.QuotaRateLimitError,
+  QuotaTokenExpiredError: () => import_core5.QuotaTokenExpiredError,
   clearQuotaAuth: () => clearQuotaAuth,
   createQuotaCheckout: () => createQuotaCheckout,
   createQuotaRouteHandlers: () => createQuotaRouteHandlers,
-  errorFromResponse: () => errorFromResponse,
+  createWebhookHandler: () => import_core9.createWebhookHandler,
+  errorFromResponse: () => import_core5.errorFromResponse,
+  exchangeCodeForToken: () => import_core8.exchangeCodeForToken,
   getQuotaPackages: () => getQuotaPackages,
   getQuotaUser: () => getQuotaUser,
+  parseSSEStream: () => import_core7.parseSSEStream,
+  parseWebhook: () => import_core9.parseWebhook,
+  refreshAccessToken: () => import_core8.refreshAccessToken,
   requireQuotaAuth: () => requireQuotaAuth,
+  verifyWebhookSignature: () => import_core9.verifyWebhookSignature,
   withQuotaAuth: () => withQuotaAuth
 });
 module.exports = __toCommonJS(server_exports);
-
-// src/errors.ts
-var QuotaError = class extends Error {
-  /** Machine-readable error code */
-  code;
-  /** HTTP status code associated with this error */
-  statusCode;
-  /** Optional hint for resolving the error */
-  hint;
-  constructor(message, code, statusCode, hint) {
-    super(message);
-    this.name = "QuotaError";
-    this.code = code;
-    this.statusCode = statusCode;
-    this.hint = hint;
-    Object.setPrototypeOf(this, new.target.prototype);
-  }
-};
-var QuotaInsufficientCreditsError = class extends QuotaError {
-  /** Current balance (if available) */
-  balance;
-  /** Credits required for the operation (if available) */
-  required;
-  constructor(message, options) {
-    super(
-      message ?? "Insufficient credits to complete this operation",
-      "insufficient_credits",
-      402,
-      "Purchase more credits or reduce usage"
-    );
-    this.name = "QuotaInsufficientCreditsError";
-    this.balance = options?.balance;
-    this.required = options?.required;
-    Object.setPrototypeOf(this, new.target.prototype);
-  }
-};
-var QuotaNotConnectedError = class extends QuotaError {
-  constructor(message) {
-    super(
-      message ?? "User has not connected a Quota account",
-      "not_connected",
-      401,
-      "Connect your Quota account to use this feature"
-    );
-    this.name = "QuotaNotConnectedError";
-    Object.setPrototypeOf(this, new.target.prototype);
-  }
-};
-var QuotaTokenExpiredError = class extends QuotaError {
-  constructor(message) {
-    super(
-      message ?? "Quota access token has expired and could not be refreshed",
-      "token_expired",
-      401,
-      "Reconnect your Quota account"
-    );
-    this.name = "QuotaTokenExpiredError";
-    Object.setPrototypeOf(this, new.target.prototype);
-  }
-};
-var QuotaRateLimitError = class extends QuotaError {
-  /** Seconds until the rate limit resets */
-  retryAfter;
-  constructor(message, retryAfter) {
-    super(
-      message ?? "Rate limit exceeded",
-      "rate_limit_exceeded",
-      429,
-      "Wait before retrying"
-    );
-    this.name = "QuotaRateLimitError";
-    this.retryAfter = retryAfter ?? 60;
-    Object.setPrototypeOf(this, new.target.prototype);
-  }
-};
-async function errorFromResponse(response) {
-  if (response.ok) {
-    return null;
-  }
-  let body;
-  try {
-    body = await response.json();
-  } catch {
-  }
-  const message = body?.error?.message ?? response.statusText;
-  const code = body?.error?.code;
-  switch (response.status) {
-    case 402: {
-      const opts = {};
-      if (body?.error?.balance !== void 0) opts.balance = body.error.balance;
-      if (body?.error?.required !== void 0)
-        opts.required = body.error.required;
-      return new QuotaInsufficientCreditsError(message, opts);
-    }
-    case 429: {
-      const parsed = parseInt(response.headers.get("retry-after") ?? "60", 10);
-      const retryAfter = Number.isNaN(parsed) ? 60 : parsed;
-      return new QuotaRateLimitError(message, retryAfter);
-    }
-    case 401: {
-      if (code === "not_connected") {
-        return new QuotaNotConnectedError(message);
-      }
-      if (code === "token_expired") {
-        return new QuotaTokenExpiredError(message);
-      }
-      return new QuotaTokenExpiredError(message);
-    }
-    default:
-      return new QuotaError(message, code ?? "unknown", response.status);
-  }
-}
+var import_core5 = require("@usequota/core");
+var import_core6 = require("@usequota/core");
+var import_core7 = require("@usequota/core");
+var import_core8 = require("@usequota/core");
+var import_core9 = require("@usequota/core");
+var import_core10 = require("@usequota/core");
 
 // src/route-handlers.ts
 var import_headers = require("next/headers");
 
 // src/token-refresh.ts
-var FETCH_TIMEOUT_MS = 1e4;
-async function refreshAccessTokenWithCredentials(opts) {
+var import_core = require("@usequota/core");
+var import_core2 = require("@usequota/core");
+var import_core3 = require("@usequota/core");
+async function refreshAndPersistTokens(opts) {
+  let tokenData;
   try {
-    const response = await fetch(`${opts.baseUrl}/oauth/token`, {
-      method: "POST",
-      headers: { "Content-Type": "application/json" },
-      body: JSON.stringify({
-        grant_type: "refresh_token",
-        refresh_token: opts.refreshToken,
-        client_id: opts.clientId,
-        client_secret: opts.clientSecret
-      }),
-      signal: AbortSignal.timeout(FETCH_TIMEOUT_MS)
+    tokenData = await (0, import_core.refreshAccessTokenWithCredentials)({
+      refreshToken: opts.refreshToken,
+      clientId: opts.clientId,
+      clientSecret: opts.clientSecret,
+      baseUrl: opts.baseUrl
     });
-    if (!response.ok) {
-      return null;
-    }
-    return await response.json();
-  } catch (error) {
-    console.error("Failed to refresh Quota access token:", error);
-    return null;
-  }
-}
-async function refreshAndPersistTokens(opts) {
-  const tokenData = await refreshAccessTokenWithCredentials({
-    refreshToken: opts.refreshToken,
-    clientId: opts.clientId,
-    clientSecret: opts.clientSecret,
-    baseUrl: opts.baseUrl
-  });
-  if (!tokenData) {
+  } catch {
     return null;
   }
   if (opts.tokenStorage && opts.request) {
@@ -323,7 +207,7 @@ function createQuotaRouteHandlers(config) {
         method: "POST",
         headers: { "Content-Type": "application/json" },
         body: JSON.stringify(tokenBody),
-        signal: AbortSignal.timeout(FETCH_TIMEOUT_MS)
+        signal: AbortSignal.timeout(import_core2.FETCH_TIMEOUT_MS)
       });
       if (!tokenResponse.ok) {
         const redirectUrl2 = new URL(errorRedirect, url.origin);
@@ -368,7 +252,7 @@ function createQuotaRouteHandlers(config) {
         if (config.callbacks?.onConnect) {
           const userResponse = await fetch(`${baseUrl}/v1/me`, {
             headers: { Authorization: `Bearer ${tokenData.access_token}` },
-            signal: AbortSignal.timeout(FETCH_TIMEOUT_MS)
+            signal: AbortSignal.timeout(import_core2.FETCH_TIMEOUT_MS)
           });
           if (userResponse.ok) {
             const user = await userResponse.json();
@@ -422,7 +306,7 @@ function createQuotaRouteHandlers(config) {
       }
       const response = await fetch(`${baseUrl}/v1/me`, {
         headers: { Authorization: `Bearer ${accessToken}` },
-        signal: AbortSignal.timeout(FETCH_TIMEOUT_MS)
+        signal: AbortSignal.timeout(import_core2.FETCH_TIMEOUT_MS)
       });
       if (!response.ok) {
         if (response.status === 401) {
@@ -430,7 +314,7 @@ function createQuotaRouteHandlers(config) {
           if (refreshed) {
             const retryResponse = await fetch(`${baseUrl}/v1/me`, {
               headers: { Authorization: `Bearer ${refreshed}` },
-              signal: AbortSignal.timeout(FETCH_TIMEOUT_MS)
+              signal: AbortSignal.timeout(import_core2.FETCH_TIMEOUT_MS)
             });
             if (retryResponse.ok) {
               const user2 = await retryResponse.json();
@@ -464,7 +348,7 @@ function createQuotaRouteHandlers(config) {
   async function packages(_request) {
     try {
       const response = await fetch(`${baseUrl}/v1/packages`, {
-        signal: AbortSignal.timeout(FETCH_TIMEOUT_MS)
+        signal: AbortSignal.timeout(import_core2.FETCH_TIMEOUT_MS)
       });
       if (!response.ok) {
         return Response.json(
@@ -535,7 +419,7 @@ function createQuotaRouteHandlers(config) {
           success_url: successUrl,
           cancel_url: cancelUrl
         }),
-        signal: AbortSignal.timeout(FETCH_TIMEOUT_MS)
+        signal: AbortSignal.timeout(import_core2.FETCH_TIMEOUT_MS)
       });
       if (!response.ok) {
         return Response.json(
@@ -672,6 +556,7 @@ function createQuotaRouteHandlers(config) {
 
 // src/with-quota-auth.ts
 var import_headers2 = require("next/headers");
+var import_core4 = require("@usequota/core");
 var DEFAULT_BASE_URL2 = "https://api.usequota.app";
 var DEFAULT_COOKIE_PREFIX2 = "quota";
 var DEFAULT_COOKIE_MAX_AGE2 = 60 * 60 * 24 * 7;
@@ -698,7 +583,7 @@ function withQuotaAuth(config, handler) {
           externalUserId = await config.getExternalUserId(request);
         }
         if (!externalUserId) {
-          throw new QuotaError(
+          throw new import_core4.QuotaError(
             "getExternalUserId is required for hosted storage mode",
             "configuration_error",
             500
@@ -710,13 +595,13 @@ function withQuotaAuth(config, handler) {
             "X-Quota-Client-Secret": config.clientSecret,
             "X-Quota-User": externalUserId
           },
-          signal: AbortSignal.timeout(FETCH_TIMEOUT_MS)
+          signal: AbortSignal.timeout(import_core2.FETCH_TIMEOUT_MS)
         });
         if (!response.ok) {
           if (response.status === 401 || response.status === 404) {
-            throw new QuotaNotConnectedError();
+            throw new import_core4.QuotaNotConnectedError();
           }
-          throw new QuotaError(
+          throw new import_core4.QuotaError(
             `Failed to fetch user: ${response.statusText}`,
             "api_error",
             response.status
@@ -737,15 +622,15 @@ function withQuotaAuth(config, handler) {
           refreshTokenValue = cookieStore.get(`${cookiePrefix}_refresh_token`)?.value ?? null;
         }
         if (!token) {
-          throw new QuotaNotConnectedError();
+          throw new import_core4.QuotaNotConnectedError();
         }
         let response = await fetch(`${baseUrl}/v1/me`, {
           headers: { Authorization: `Bearer ${token}` },
-          signal: AbortSignal.timeout(FETCH_TIMEOUT_MS)
+          signal: AbortSignal.timeout(import_core2.FETCH_TIMEOUT_MS)
         });
         if (response.status === 401) {
           if (!refreshTokenValue) {
-            throw new QuotaTokenExpiredError();
+            throw new import_core4.QuotaTokenExpiredError();
           }
           const newAccessToken = await refreshAndPersistTokens({
             refreshToken: refreshTokenValue,
@@ -781,18 +666,18 @@ function withQuotaAuth(config, handler) {
             }
           });
           if (!newAccessToken) {
-            throw new QuotaTokenExpiredError();
+            throw new import_core4.QuotaTokenExpiredError();
           }
           response = await fetch(`${baseUrl}/v1/me`, {
             headers: { Authorization: `Bearer ${newAccessToken}` },
-            signal: AbortSignal.timeout(FETCH_TIMEOUT_MS)
+            signal: AbortSignal.timeout(import_core2.FETCH_TIMEOUT_MS)
           });
           if (!response.ok) {
-            throw new QuotaTokenExpiredError();
+            throw new import_core4.QuotaTokenExpiredError();
           }
           accessToken = newAccessToken;
         } else if (!response.ok) {
-          throw new QuotaError(
+          throw new import_core4.QuotaError(
             `Failed to fetch user: ${response.statusText}`,
             "api_error",
             response.status
@@ -804,13 +689,13 @@ function withQuotaAuth(config, handler) {
       }
       return await handler(request, { user, accessToken });
     } catch (error) {
-      if (error instanceof QuotaNotConnectedError) {
+      if (error instanceof import_core4.QuotaNotConnectedError) {
         return Response.json(
           { error: { code: error.code, message: error.message } },
           { status: 401 }
         );
       }
-      if (error instanceof QuotaTokenExpiredError) {
+      if (error instanceof import_core4.QuotaTokenExpiredError) {
         return Response.json(
           {
             error: {
@@ -822,7 +707,7 @@ function withQuotaAuth(config, handler) {
           { status: 401 }
         );
       }
-      if (error instanceof QuotaInsufficientCreditsError) {
+      if (error instanceof import_core4.QuotaInsufficientCreditsError) {
         return Response.json(
           {
             error: {
@@ -834,7 +719,7 @@ function withQuotaAuth(config, handler) {
           { status: 402 }
         );
       }
-      if (error instanceof QuotaRateLimitError) {
+      if (error instanceof import_core4.QuotaRateLimitError) {
         return new Response(
           JSON.stringify({
             error: {
@@ -851,7 +736,7 @@ function withQuotaAuth(config, handler) {
           }
         );
       }
-      if (error instanceof QuotaError) {
+      if (error instanceof import_core4.QuotaError) {
         return Response.json(
           { error: { code: error.code, message: error.message } },
           { status: error.statusCode }
@@ -868,6 +753,7 @@ function withQuotaAuth(config, handler) {
 
 // src/server.ts
 var import_headers3 = require("next/headers");
+var import_core11 = require("@usequota/core");
 var DEFAULT_BASE_URL3 = "https://api.usequota.app";
 var DEFAULT_COOKIE_PREFIX3 = "quota";
 var DEFAULT_STORAGE_MODE = "client";
@@ -891,7 +777,7 @@ async function getQuotaUser(config) {
           "X-Quota-Client-Secret": config.clientSecret,
           "X-Quota-User": externalUserId
         },
-        signal: AbortSignal.timeout(FETCH_TIMEOUT_MS)
+        signal: AbortSignal.timeout(import_core2.FETCH_TIMEOUT_MS)
       });
       if (!response2.ok) {
         if (response2.status === 401 || response2.status === 404) {
@@ -910,7 +796,7 @@ async function getQuotaUser(config) {
       headers: {
         Authorization: `Bearer ${accessToken}`
       },
-      signal: AbortSignal.timeout(FETCH_TIMEOUT_MS)
+      signal: AbortSignal.timeout(import_core2.FETCH_TIMEOUT_MS)
     });
     if (!response.ok) {
       if (response.status === 401) {
@@ -918,13 +804,13 @@ async function getQuotaUser(config) {
           `${cookiePrefix}_refresh_token`
         )?.value;
         if (refreshTokenValue) {
-          const refreshed = await refreshAccessTokenWithCredentials({
-            refreshToken: refreshTokenValue,
-            clientId: config.clientId,
-            clientSecret: config.clientSecret,
-            baseUrl
-          });
-          if (refreshed) {
+          try {
+            const refreshed = await (0, import_core3.refreshAccessTokenWithCredentials)({
+              refreshToken: refreshTokenValue,
+              clientId: config.clientId,
+              clientSecret: config.clientSecret,
+              baseUrl
+            });
             cookieStore.set(
               `${cookiePrefix}_access_token`,
               refreshed.access_token,
@@ -951,11 +837,13 @@ async function getQuotaUser(config) {
               headers: {
                 Authorization: `Bearer ${refreshed.access_token}`
               },
-              signal: AbortSignal.timeout(FETCH_TIMEOUT_MS)
+              signal: AbortSignal.timeout(import_core2.FETCH_TIMEOUT_MS)
             });
             if (retryResponse.ok) {
               return await retryResponse.json();
             }
+          } catch {
+            return null;
           }
         }
       }
@@ -972,7 +860,7 @@ async function requireQuotaAuth(config) {
   if (!user) {
     const { redirect } = await import("next/navigation");
     redirect("/");
-    throw new QuotaNotConnectedError("Redirecting to /");
+    throw new import_core11.QuotaNotConnectedError("Redirecting to /");
   }
   return user;
 }
@@ -980,7 +868,7 @@ async function getQuotaPackages(config) {
   const baseUrl = config?.baseUrl ?? DEFAULT_BASE_URL3;
   try {
     const response = await fetch(`${baseUrl}/v1/packages`, {
-      signal: AbortSignal.timeout(FETCH_TIMEOUT_MS)
+      signal: AbortSignal.timeout(import_core2.FETCH_TIMEOUT_MS)
     });
     if (!response.ok) {
       throw new Error(`Failed to fetch packages: ${response.statusText}`);
@@ -1015,7 +903,7 @@ async function createQuotaCheckout(config) {
         `${cookiePrefix}_access_token`
       )?.value;
       if (!accessToken) {
-        throw new QuotaNotConnectedError("Not authenticated");
+        throw new import_core11.QuotaNotConnectedError("Not authenticated");
       }
       headers["Authorization"] = `Bearer ${accessToken}`;
     }
@@ -1027,7 +915,7 @@ async function createQuotaCheckout(config) {
         success_url: config.successUrl,
         cancel_url: config.cancelUrl
       }),
-      signal: AbortSignal.timeout(FETCH_TIMEOUT_MS)
+      signal: AbortSignal.timeout(import_core2.FETCH_TIMEOUT_MS)
     });
     if (!response.ok) {
       throw new Error(`Failed to create checkout: ${response.statusText}`);
@@ -1052,6 +940,8 @@ async function clearQuotaAuth(config) {
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  InMemoryTokenStorage,
+  QuotaClient,
   QuotaError,
   QuotaInsufficientCreditsError,
   QuotaNotConnectedError,
@@ -1060,9 +950,15 @@ async function clearQuotaAuth(config) {
   clearQuotaAuth,
   createQuotaCheckout,
   createQuotaRouteHandlers,
+  createWebhookHandler,
   errorFromResponse,
+  exchangeCodeForToken,
   getQuotaPackages,
   getQuotaUser,
+  parseSSEStream,
+  parseWebhook,
+  refreshAccessToken,
   requireQuotaAuth,
+  verifyWebhookSignature,
   withQuotaAuth
 });