@vlian/framework 1.0.0

package/dist/utils/configSecurity.d.ts

@@ -0,0 +1,101 @@
+import { z } from 'zod';
+/**
+ * 配置签名验证选项
+ */
+export interface ConfigSignatureOptions {
+    /**
+     * 是否启用签名验证
+     */
+    enabled: boolean;
+    /**
+     * 公钥（用于验证签名）
+     */
+    publicKey?: string;
+    /**
+     * 签名算法
+     */
+    algorithm?: string;
+}
+/**
+ * 配置来源验证选项
+ */
+export interface ConfigOriginOptions {
+    /**
+     * 允许的来源列表
+     */
+    allowedOrigins?: string[];
+    /**
+     * 是否验证 CORS
+     */
+    verifyCORS?: boolean;
+    /**
+     * 是否验证 Referer
+     */
+    verifyReferer?: boolean;
+}
+/**
+ * 配置白名单选项
+ */
+export interface ConfigWhitelistOptions {
+    /**
+     * 允许的配置键列表
+     */
+    allowedKeys?: string[];
+    /**
+     * 禁止的配置键列表
+     */
+    forbiddenKeys?: string[];
+    /**
+     * 配置值验证 Schema
+     */
+    valueSchema?: z.ZodSchema;
+}
+/**
+ * 配置安全选项
+ */
+export interface ConfigSecurityOptions {
+    /**
+     * 签名验证
+     */
+    signature?: ConfigSignatureOptions;
+    /**
+     * 来源验证
+     */
+    origin?: ConfigOriginOptions;
+    /**
+     * 白名单
+     */
+    whitelist?: ConfigWhitelistOptions;
+}
+/**
+ * 配置安全工具类
+ */
+export declare class ConfigSecurity {
+    /**
+     * 验证配置签名
+     */
+    static verifySignature(config: Record<string, unknown>, signature: string, options: ConfigSignatureOptions): Promise<boolean>;
+    /**
+     * 验证配置来源
+     */
+    static verifyOrigin(options: ConfigOriginOptions): boolean;
+    /**
+     * 验证配置白名单
+     */
+    static verifyWhitelist(config: Record<string, unknown>, options: ConfigWhitelistOptions): {
+        valid: boolean;
+        errors: string[];
+    };
+    /**
+     * 清理配置中的危险内容
+     */
+    static sanitizeConfig(config: Record<string, unknown>): Record<string, unknown>;
+    /**
+     * 验证配置安全性
+     */
+    static validateConfigSecurity(config: Record<string, unknown>, options: ConfigSecurityOptions): Promise<{
+        valid: boolean;
+        errors: string[];
+    }>;
+}
+//# sourceMappingURL=configSecurity.d.ts.map

package/dist/utils/configSecurity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"configSecurity.d.ts","sourceRoot":"","sources":["../../src/utils/configSecurity.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC;;OAEG;IACH,OAAO,EAAE,OAAO,CAAC;IACjB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B;;OAEG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB;;OAEG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB;;OAEG;IACH,WAAW,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC;;OAEG;IACH,SAAS,CAAC,EAAE,sBAAsB,CAAC;IACnC;;OAEG;IACH,MAAM,CAAC,EAAE,mBAAmB,CAAC;IAC7B;;OAEG;IACH,SAAS,CAAC,EAAE,sBAAsB,CAAC;CACpC;AAED;;GAEG;AACH,qBAAa,cAAc;IACzB;;OAEG;WACU,eAAe,CAC1B,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,sBAAsB,GAC9B,OAAO,CAAC,OAAO,CAAC;IAkFnB;;OAEG;IACH,MAAM,CAAC,YAAY,CAAC,OAAO,EAAE,mBAAmB,GAAG,OAAO;IAgC1D;;OAEG;IACH,MAAM,CAAC,eAAe,CACpB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,sBAAsB,GAC9B;QACD,KAAK,EAAE,OAAO,CAAC;QACf,MAAM,EAAE,MAAM,EAAE,CAAC;KAClB;IAmCD;;OAEG;IACH,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IAwB/E;;OAEG;WACU,sBAAsB,CACjC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,qBAAqB,GAC7B,OAAO,CAAC;QACT,KAAK,EAAE,OAAO,CAAC;QACf,MAAM,EAAE,MAAM,EAAE,CAAC;KAClB,CAAC;CA2BH"}

package/dist/utils/configSecurity.js

@@ -0,0 +1,176 @@
+import { SecurityError } from "./errors";
+import { SecurityUtils } from "./security";
+import { Validator } from "./validation";
+/**
+ * 配置安全工具类
+ */ export class ConfigSecurity {
+    /**
+   * 验证配置签名
+   */ static async verifySignature(config, signature, options) {
+        if (!options.enabled) {
+            return true;
+        }
+        if (!options.publicKey) {
+            throw new SecurityError('签名验证需要提供公钥');
+        }
+        if (!signature || signature.length === 0) {
+            throw new SecurityError('签名不能为空');
+        }
+        try {
+            // 使用 Web Crypto API 验证签名
+            if (typeof window === 'undefined' || !window.crypto || !window.crypto.subtle) {
+                throw new SecurityError('签名验证需要浏览器支持 Web Crypto API');
+            }
+            // 将配置转换为字符串（用于签名验证）
+            // 使用稳定的 JSON 序列化（按键排序）
+            const configString = JSON.stringify(config, Object.keys(config).sort());
+            const encoder = new TextEncoder();
+            const data = encoder.encode(configString);
+            // 将签名从 Base64 解码
+            const signatureBuffer = Uint8Array.from(atob(signature), (c)=>c.charCodeAt(0));
+            // 导入公钥（支持 PEM 格式）
+            const algorithm = options.algorithm || 'RSASSA-PKCS1-v1_5';
+            let publicKey;
+            try {
+                // 尝试导入 PEM 格式的公钥
+                const pemHeader = '-----BEGIN PUBLIC KEY-----';
+                const pemFooter = '-----END PUBLIC KEY-----';
+                let pemKey = options.publicKey;
+                if (!pemKey.includes(pemHeader)) {
+                    pemKey = `${pemHeader}\n${pemKey}\n${pemFooter}`;
+                }
+                // 将 PEM 转换为 ArrayBuffer
+                const pemContents = pemKey.replace(pemHeader, '').replace(pemFooter, '').replace(/\s/g, '');
+                const binaryDer = Uint8Array.from(atob(pemContents), (c)=>c.charCodeAt(0));
+                publicKey = await window.crypto.subtle.importKey('spki', binaryDer.buffer, {
+                    name: algorithm,
+                    hash: 'SHA-256'
+                }, false, [
+                    'verify'
+                ]);
+            } catch (importError) {
+                throw new SecurityError('公钥导入失败', importError instanceof Error ? importError : undefined);
+            }
+            // 验证签名
+            const isValid = await window.crypto.subtle.verify({
+                name: algorithm
+            }, publicKey, signatureBuffer, data);
+            return isValid;
+        } catch (error) {
+            if (error instanceof SecurityError) {
+                throw error;
+            }
+            throw new SecurityError('签名验证失败', error instanceof Error ? error : undefined);
+        }
+    }
+    /**
+   * 验证配置来源
+   */ static verifyOrigin(options) {
+        if (!options.allowedOrigins || options.allowedOrigins.length === 0) {
+            return true; // 如果没有配置白名单，允许所有来源
+        }
+        if (typeof window === 'undefined') {
+            return true; // 非浏览器环境，跳过验证
+        }
+        const currentOrigin = window.location.origin;
+        const referer = document.referrer;
+        // 验证当前来源
+        if (options.allowedOrigins.includes(currentOrigin)) {
+            return true;
+        }
+        // 验证 Referer
+        if (options.verifyReferer && referer) {
+            try {
+                const refererOrigin = new URL(referer).origin;
+                if (options.allowedOrigins.includes(refererOrigin)) {
+                    return true;
+                }
+            } catch  {
+            // Referer 解析失败
+            }
+        }
+        return false;
+    }
+    /**
+   * 验证配置白名单
+   */ static verifyWhitelist(config, options) {
+        const errors = [];
+        // 检查允许的键
+        if (options.allowedKeys && options.allowedKeys.length > 0) {
+            const configKeys = Object.keys(config);
+            const invalidKeys = configKeys.filter((key)=>!options.allowedKeys.includes(key));
+            if (invalidKeys.length > 0) {
+                errors.push(`配置包含不允许的键: ${invalidKeys.join(', ')}`);
+            }
+        }
+        // 检查禁止的键
+        if (options.forbiddenKeys && options.forbiddenKeys.length > 0) {
+            const configKeys = Object.keys(config);
+            const forbiddenFound = configKeys.filter((key)=>options.forbiddenKeys.includes(key));
+            if (forbiddenFound.length > 0) {
+                errors.push(`配置包含禁止的键: ${forbiddenFound.join(', ')}`);
+            }
+        }
+        // 验证配置值
+        if (options.valueSchema) {
+            const result = Validator.validateObject(options.valueSchema, config);
+            if (!result.valid) {
+                errors.push(...result.errors);
+            }
+        }
+        return {
+            valid: errors.length === 0,
+            errors
+        };
+    }
+    /**
+   * 清理配置中的危险内容
+   */ static sanitizeConfig(config) {
+        const sanitized = {};
+        for (const [key, value] of Object.entries(config)){
+            if (typeof value === 'string') {
+                // 检查是否包含危险内容
+                const validation = SecurityUtils.validateInput(value);
+                if (validation.safe && validation.sanitized) {
+                    sanitized[key] = validation.sanitized;
+                } else {
+                    // 包含危险内容，跳过或记录警告
+                    console.warn(`配置项 ${key} 包含潜在危险内容，已跳过`);
+                }
+            } else if (value && typeof value === 'object' && !Array.isArray(value)) {
+                // 递归清理对象
+                sanitized[key] = this.sanitizeConfig(value);
+            } else {
+                sanitized[key] = value;
+            }
+        }
+        return sanitized;
+    }
+    /**
+   * 验证配置安全性
+   */ static async validateConfigSecurity(config, options) {
+        const errors = [];
+        // 验证来源
+        if (options.origin) {
+            const originValid = this.verifyOrigin(options.origin);
+            if (!originValid) {
+                errors.push('配置来源验证失败');
+            }
+        }
+        // 验证白名单
+        if (options.whitelist) {
+            const whitelistResult = this.verifyWhitelist(config, options.whitelist);
+            if (!whitelistResult.valid) {
+                errors.push(...whitelistResult.errors);
+            }
+        }
+        // 清理配置（已实现但暂不使用返回值）
+        // const sanitizedConfig = this.sanitizeConfig(config);
+        return {
+            valid: errors.length === 0,
+            errors
+        };
+    }
+}
+
+//# sourceMappingURL=configSecurity.js.map

package/dist/utils/configSecurity.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/utils/configSecurity.ts"],"sourcesContent":["import { SecurityError } from './errors';\nimport { SecurityUtils } from './security';\nimport { Validator } from './validation';\nimport { z } from 'zod';\n\n/**\n * 配置签名验证选项\n */\nexport interface ConfigSignatureOptions {\n  /**\n   * 是否启用签名验证\n   */\n  enabled: boolean;\n  /**\n   * 公钥（用于验证签名）\n   */\n  publicKey?: string;\n  /**\n   * 签名算法\n   */\n  algorithm?: string;\n}\n\n/**\n * 配置来源验证选项\n */\nexport interface ConfigOriginOptions {\n  /**\n   * 允许的来源列表\n   */\n  allowedOrigins?: string[];\n  /**\n   * 是否验证 CORS\n   */\n  verifyCORS?: boolean;\n  /**\n   * 是否验证 Referer\n   */\n  verifyReferer?: boolean;\n}\n\n/**\n * 配置白名单选项\n */\nexport interface ConfigWhitelistOptions {\n  /**\n   * 允许的配置键列表\n   */\n  allowedKeys?: string[];\n  /**\n   * 禁止的配置键列表\n   */\n  forbiddenKeys?: string[];\n  /**\n   * 配置值验证 Schema\n   */\n  valueSchema?: z.ZodSchema;\n}\n\n/**\n * 配置安全选项\n */\nexport interface ConfigSecurityOptions {\n  /**\n   * 签名验证\n   */\n  signature?: ConfigSignatureOptions;\n  /**\n   * 来源验证\n   */\n  origin?: ConfigOriginOptions;\n  /**\n   * 白名单\n   */\n  whitelist?: ConfigWhitelistOptions;\n}\n\n/**\n * 配置安全工具类\n */\nexport class ConfigSecurity {\n  /**\n   * 验证配置签名\n   */\n  static async verifySignature(\n    config: Record<string, unknown>,\n    signature: string,\n    options: ConfigSignatureOptions\n  ): Promise<boolean> {\n    if (!options.enabled) {\n      return true;\n    }\n\n    if (!options.publicKey) {\n      throw new SecurityError('签名验证需要提供公钥');\n    }\n\n    if (!signature || signature.length === 0) {\n      throw new SecurityError('签名不能为空');\n    }\n\n    try {\n      // 使用 Web Crypto API 验证签名\n      if (typeof window === 'undefined' || !window.crypto || !window.crypto.subtle) {\n        throw new SecurityError('签名验证需要浏览器支持 Web Crypto API');\n      }\n\n      // 将配置转换为字符串（用于签名验证）\n      // 使用稳定的 JSON 序列化（按键排序）\n      const configString = JSON.stringify(config, Object.keys(config).sort());\n      const encoder = new TextEncoder();\n      const data = encoder.encode(configString);\n\n      // 将签名从 Base64 解码\n      const signatureBuffer = Uint8Array.from(atob(signature), (c) => c.charCodeAt(0));\n\n      // 导入公钥（支持 PEM 格式）\n      const algorithm = options.algorithm || 'RSASSA-PKCS1-v1_5';\n      let publicKey: CryptoKey;\n\n      try {\n        // 尝试导入 PEM 格式的公钥\n        const pemHeader = '-----BEGIN PUBLIC KEY-----';\n        const pemFooter = '-----END PUBLIC KEY-----';\n        let pemKey = options.publicKey;\n\n        if (!pemKey.includes(pemHeader)) {\n          pemKey = `${pemHeader}\\n${pemKey}\\n${pemFooter}`;\n        }\n\n        // 将 PEM 转换为 ArrayBuffer\n        const pemContents = pemKey\n          .replace(pemHeader, '')\n          .replace(pemFooter, '')\n          .replace(/\\s/g, '');\n        const binaryDer = Uint8Array.from(atob(pemContents), (c) => c.charCodeAt(0));\n\n        publicKey = await window.crypto.subtle.importKey(\n          'spki',\n          binaryDer.buffer,\n          {\n            name: algorithm,\n            hash: 'SHA-256',\n          },\n          false,\n          ['verify']\n        );\n      } catch (importError) {\n        throw new SecurityError('公钥导入失败', importError instanceof Error ? importError : undefined);\n      }\n\n      // 验证签名\n      const isValid = await window.crypto.subtle.verify(\n        {\n          name: algorithm,\n        },\n        publicKey,\n        signatureBuffer,\n        data\n      );\n\n      return isValid;\n    } catch (error) {\n      if (error instanceof SecurityError) {\n        throw error;\n      }\n      throw new SecurityError('签名验证失败', error instanceof Error ? error : undefined);\n    }\n  }\n\n  /**\n   * 验证配置来源\n   */\n  static verifyOrigin(options: ConfigOriginOptions): boolean {\n    if (!options.allowedOrigins || options.allowedOrigins.length === 0) {\n      return true; // 如果没有配置白名单，允许所有来源\n    }\n\n    if (typeof window === 'undefined') {\n      return true; // 非浏览器环境，跳过验证\n    }\n\n    const currentOrigin = window.location.origin;\n    const referer = document.referrer;\n\n    // 验证当前来源\n    if (options.allowedOrigins.includes(currentOrigin)) {\n      return true;\n    }\n\n    // 验证 Referer\n    if (options.verifyReferer && referer) {\n      try {\n        const refererOrigin = new URL(referer).origin;\n        if (options.allowedOrigins.includes(refererOrigin)) {\n          return true;\n        }\n      } catch {\n        // Referer 解析失败\n      }\n    }\n\n    return false;\n  }\n\n  /**\n   * 验证配置白名单\n   */\n  static verifyWhitelist(\n    config: Record<string, unknown>,\n    options: ConfigWhitelistOptions\n  ): {\n    valid: boolean;\n    errors: string[];\n  } {\n    const errors: string[] = [];\n\n    // 检查允许的键\n    if (options.allowedKeys && options.allowedKeys.length > 0) {\n      const configKeys = Object.keys(config);\n      const invalidKeys = configKeys.filter((key) => !options.allowedKeys!.includes(key));\n      if (invalidKeys.length > 0) {\n        errors.push(`配置包含不允许的键: ${invalidKeys.join(', ')}`);\n      }\n    }\n\n    // 检查禁止的键\n    if (options.forbiddenKeys && options.forbiddenKeys.length > 0) {\n      const configKeys = Object.keys(config);\n      const forbiddenFound = configKeys.filter((key) => options.forbiddenKeys!.includes(key));\n      if (forbiddenFound.length > 0) {\n        errors.push(`配置包含禁止的键: ${forbiddenFound.join(', ')}`);\n      }\n    }\n\n    // 验证配置值\n    if (options.valueSchema) {\n      const result = Validator.validateObject(options.valueSchema, config);\n      if (!result.valid) {\n        errors.push(...result.errors);\n      }\n    }\n\n    return {\n      valid: errors.length === 0,\n      errors,\n    };\n  }\n\n  /**\n   * 清理配置中的危险内容\n   */\n  static sanitizeConfig(config: Record<string, unknown>): Record<string, unknown> {\n    const sanitized: Record<string, unknown> = {};\n\n    for (const [key, value] of Object.entries(config)) {\n      if (typeof value === 'string') {\n        // 检查是否包含危险内容\n        const validation = SecurityUtils.validateInput(value);\n        if (validation.safe && validation.sanitized) {\n          sanitized[key] = validation.sanitized;\n        } else {\n          // 包含危险内容，跳过或记录警告\n          console.warn(`配置项 ${key} 包含潜在危险内容，已跳过`);\n        }\n      } else if (value && typeof value === 'object' && !Array.isArray(value)) {\n        // 递归清理对象\n        sanitized[key] = this.sanitizeConfig(value as Record<string, unknown>);\n      } else {\n        sanitized[key] = value;\n      }\n    }\n\n    return sanitized;\n  }\n\n  /**\n   * 验证配置安全性\n   */\n  static async validateConfigSecurity(\n    config: Record<string, unknown>,\n    options: ConfigSecurityOptions\n  ): Promise<{\n    valid: boolean;\n    errors: string[];\n  }> {\n    const errors: string[] = [];\n\n    // 验证来源\n    if (options.origin) {\n      const originValid = this.verifyOrigin(options.origin);\n      if (!originValid) {\n        errors.push('配置来源验证失败');\n      }\n    }\n\n    // 验证白名单\n    if (options.whitelist) {\n      const whitelistResult = this.verifyWhitelist(config, options.whitelist);\n      if (!whitelistResult.valid) {\n        errors.push(...whitelistResult.errors);\n      }\n    }\n\n    // 清理配置（已实现但暂不使用返回值）\n    // const sanitizedConfig = this.sanitizeConfig(config);\n\n    return {\n      valid: errors.length === 0,\n      errors,\n    };\n  }\n}\n"],"names":["SecurityError","SecurityUtils","Validator","ConfigSecurity","verifySignature","config","signature","options","enabled","publicKey","length","window","crypto","subtle","configString","JSON","stringify","Object","keys","sort","encoder","TextEncoder","data","encode","signatureBuffer","Uint8Array","from","atob","c","charCodeAt","algorithm","pemHeader","pemFooter","pemKey","includes","pemContents","replace","binaryDer","importKey","buffer","name","hash","importError","Error","undefined","isValid","verify","error","verifyOrigin","allowedOrigins","currentOrigin","location","origin","referer","document","referrer","verifyReferer","refererOrigin","URL","verifyWhitelist","errors","allowedKeys","configKeys","invalidKeys","filter","key","push","join","forbiddenKeys","forbiddenFound","valueSchema","result","validateObject","valid","sanitizeConfig","sanitized","value","entries","validation","validateInput","safe","console","warn","Array","isArray","validateConfigSecurity","originValid","whitelist","whitelistResult"],"mappings":"AAAA,SAASA,aAAa,QAAQ,WAAW;AACzC,SAASC,aAAa,QAAQ,aAAa;AAC3C,SAASC,SAAS,QAAQ,eAAe;AA2EzC;;CAEC,GACD,OAAO,MAAMC;IACX;;GAEC,GACD,aAAaC,gBACXC,MAA+B,EAC/BC,SAAiB,EACjBC,OAA+B,EACb;QAClB,IAAI,CAACA,QAAQC,OAAO,EAAE;YACpB,OAAO;QACT;QAEA,IAAI,CAACD,QAAQE,SAAS,EAAE;YACtB,MAAM,IAAIT,cAAc;QAC1B;QAEA,IAAI,CAACM,aAAaA,UAAUI,MAAM,KAAK,GAAG;YACxC,MAAM,IAAIV,cAAc;QAC1B;QAEA,IAAI;YACF,yBAAyB;YACzB,IAAI,OAAOW,WAAW,eAAe,CAACA,OAAOC,MAAM,IAAI,CAACD,OAAOC,MAAM,CAACC,MAAM,EAAE;gBAC5E,MAAM,IAAIb,cAAc;YAC1B;YAEA,oBAAoB;YACpB,uBAAuB;YACvB,MAAMc,eAAeC,KAAKC,SAAS,CAACX,QAAQY,OAAOC,IAAI,CAACb,QAAQc,IAAI;YACpE,MAAMC,UAAU,IAAIC;YACpB,MAAMC,OAAOF,QAAQG,MAAM,CAACT;YAE5B,iBAAiB;YACjB,MAAMU,kBAAkBC,WAAWC,IAAI,CAACC,KAAKrB,YAAY,CAACsB,IAAMA,EAAEC,UAAU,CAAC;YAE7E,kBAAkB;YAClB,MAAMC,YAAYvB,QAAQuB,SAAS,IAAI;YACvC,IAAIrB;YAEJ,IAAI;gBACF,iBAAiB;gBACjB,MAAMsB,YAAY;gBAClB,MAAMC,YAAY;gBAClB,IAAIC,SAAS1B,QAAQE,SAAS;gBAE9B,IAAI,CAACwB,OAAOC,QAAQ,CAACH,YAAY;oBAC/BE,SAAS,GAAGF,UAAU,EAAE,EAAEE,OAAO,EAAE,EAAED,WAAW;gBAClD;gBAEA,wBAAwB;gBACxB,MAAMG,cAAcF,OACjBG,OAAO,CAACL,WAAW,IACnBK,OAAO,CAACJ,WAAW,IACnBI,OAAO,CAAC,OAAO;gBAClB,MAAMC,YAAYZ,WAAWC,IAAI,CAACC,KAAKQ,cAAc,CAACP,IAAMA,EAAEC,UAAU,CAAC;gBAEzEpB,YAAY,MAAME,OAAOC,MAAM,CAACC,MAAM,CAACyB,SAAS,CAC9C,QACAD,UAAUE,MAAM,EAChB;oBACEC,MAAMV;oBACNW,MAAM;gBACR,GACA,OACA;oBAAC;iBAAS;YAEd,EAAE,OAAOC,aAAa;gBACpB,MAAM,IAAI1C,cAAc,UAAU0C,uBAAuBC,QAAQD,cAAcE;YACjF;YAEA,OAAO;YACP,MAAMC,UAAU,MAAMlC,OAAOC,MAAM,CAACC,MAAM,CAACiC,MAAM,CAC/C;gBACEN,MAAMV;YACR,GACArB,WACAe,iBACAF;YAGF,OAAOuB;QACT,EAAE,OAAOE,OAAO;YACd,IAAIA,iBAAiB/C,eAAe;gBAClC,MAAM+C;YACR;YACA,MAAM,IAAI/C,cAAc,UAAU+C,iBAAiBJ,QAAQI,QAAQH;QACrE;IACF;IAEA;;GAEC,GACD,OAAOI,aAAazC,OAA4B,EAAW;QACzD,IAAI,CAACA,QAAQ0C,cAAc,IAAI1C,QAAQ0C,cAAc,CAACvC,MAAM,KAAK,GAAG;YAClE,OAAO,MAAM,mBAAmB;QAClC;QAEA,IAAI,OAAOC,WAAW,aAAa;YACjC,OAAO,MAAM,cAAc;QAC7B;QAEA,MAAMuC,gBAAgBvC,OAAOwC,QAAQ,CAACC,MAAM;QAC5C,MAAMC,UAAUC,SAASC,QAAQ;QAEjC,SAAS;QACT,IAAIhD,QAAQ0C,cAAc,CAACf,QAAQ,CAACgB,gBAAgB;YAClD,OAAO;QACT;QAEA,aAAa;QACb,IAAI3C,QAAQiD,aAAa,IAAIH,SAAS;YACpC,IAAI;gBACF,MAAMI,gBAAgB,IAAIC,IAAIL,SAASD,MAAM;gBAC7C,IAAI7C,QAAQ0C,cAAc,CAACf,QAAQ,CAACuB,gBAAgB;oBAClD,OAAO;gBACT;YACF,EAAE,OAAM;YACN,eAAe;YACjB;QACF;QAEA,OAAO;IACT;IAEA;;GAEC,GACD,OAAOE,gBACLtD,MAA+B,EAC/BE,OAA+B,EAI/B;QACA,MAAMqD,SAAmB,EAAE;QAE3B,SAAS;QACT,IAAIrD,QAAQsD,WAAW,IAAItD,QAAQsD,WAAW,CAACnD,MAAM,GAAG,GAAG;YACzD,MAAMoD,aAAa7C,OAAOC,IAAI,CAACb;YAC/B,MAAM0D,cAAcD,WAAWE,MAAM,CAAC,CAACC,MAAQ,CAAC1D,QAAQsD,WAAW,CAAE3B,QAAQ,CAAC+B;YAC9E,IAAIF,YAAYrD,MAAM,GAAG,GAAG;gBAC1BkD,OAAOM,IAAI,CAAC,CAAC,WAAW,EAAEH,YAAYI,IAAI,CAAC,OAAO;YACpD;QACF;QAEA,SAAS;QACT,IAAI5D,QAAQ6D,aAAa,IAAI7D,QAAQ6D,aAAa,CAAC1D,MAAM,GAAG,GAAG;YAC7D,MAAMoD,aAAa7C,OAAOC,IAAI,CAACb;YAC/B,MAAMgE,iBAAiBP,WAAWE,MAAM,CAAC,CAACC,MAAQ1D,QAAQ6D,aAAa,CAAElC,QAAQ,CAAC+B;YAClF,IAAII,eAAe3D,MAAM,GAAG,GAAG;gBAC7BkD,OAAOM,IAAI,CAAC,CAAC,UAAU,EAAEG,eAAeF,IAAI,CAAC,OAAO;YACtD;QACF;QAEA,QAAQ;QACR,IAAI5D,QAAQ+D,WAAW,EAAE;YACvB,MAAMC,SAASrE,UAAUsE,cAAc,CAACjE,QAAQ+D,WAAW,EAAEjE;YAC7D,IAAI,CAACkE,OAAOE,KAAK,EAAE;gBACjBb,OAAOM,IAAI,IAAIK,OAAOX,MAAM;YAC9B;QACF;QAEA,OAAO;YACLa,OAAOb,OAAOlD,MAAM,KAAK;YACzBkD;QACF;IACF;IAEA;;GAEC,GACD,OAAOc,eAAerE,MAA+B,EAA2B;QAC9E,MAAMsE,YAAqC,CAAC;QAE5C,KAAK,MAAM,CAACV,KAAKW,MAAM,IAAI3D,OAAO4D,OAAO,CAACxE,QAAS;YACjD,IAAI,OAAOuE,UAAU,UAAU;gBAC7B,aAAa;gBACb,MAAME,aAAa7E,cAAc8E,aAAa,CAACH;gBAC/C,IAAIE,WAAWE,IAAI,IAAIF,WAAWH,SAAS,EAAE;oBAC3CA,SAAS,CAACV,IAAI,GAAGa,WAAWH,SAAS;gBACvC,OAAO;oBACL,iBAAiB;oBACjBM,QAAQC,IAAI,CAAC,CAAC,IAAI,EAAEjB,IAAI,aAAa,CAAC;gBACxC;YACF,OAAO,IAAIW,SAAS,OAAOA,UAAU,YAAY,CAACO,MAAMC,OAAO,CAACR,QAAQ;gBACtE,SAAS;gBACTD,SAAS,CAACV,IAAI,GAAG,IAAI,CAACS,cAAc,CAACE;YACvC,OAAO;gBACLD,SAAS,CAACV,IAAI,GAAGW;YACnB;QACF;QAEA,OAAOD;IACT;IAEA;;GAEC,GACD,aAAaU,uBACXhF,MAA+B,EAC/BE,OAA8B,EAI7B;QACD,MAAMqD,SAAmB,EAAE;QAE3B,OAAO;QACP,IAAIrD,QAAQ6C,MAAM,EAAE;YAClB,MAAMkC,cAAc,IAAI,CAACtC,YAAY,CAACzC,QAAQ6C,MAAM;YACpD,IAAI,CAACkC,aAAa;gBAChB1B,OAAOM,IAAI,CAAC;YACd;QACF;QAEA,QAAQ;QACR,IAAI3D,QAAQgF,SAAS,EAAE;YACrB,MAAMC,kBAAkB,IAAI,CAAC7B,eAAe,CAACtD,QAAQE,QAAQgF,SAAS;YACtE,IAAI,CAACC,gBAAgBf,KAAK,EAAE;gBAC1Bb,OAAOM,IAAI,IAAIsB,gBAAgB5B,MAAM;YACvC;QACF;QAEA,oBAAoB;QACpB,uDAAuD;QAEvD,OAAO;YACLa,OAAOb,OAAOlD,MAAM,KAAK;YACzBkD;QACF;IACF;AACF"}

package/dist/utils/csrf.cjs

@@ -0,0 +1,159 @@
+/**
+ * CSRF 防护工具
+ * 提供 CSRF Token 的生成、存储和验证功能
+ */ /**
+ * CSRF Token 存储接口
+ */ "use strict";
+Object.defineProperty(exports, "__esModule", {
+    value: true
+});
+function _export(target, all) {
+    for(var name in all)Object.defineProperty(target, name, {
+        enumerable: true,
+        get: Object.getOwnPropertyDescriptor(all, name).get
+    });
+}
+_export(exports, {
+    get CSRFTokenManager () {
+        return CSRFTokenManager;
+    },
+    get getCSRFManager () {
+        return getCSRFManager;
+    },
+    get initCSRFManager () {
+        return initCSRFManager;
+    }
+});
+function _define_property(obj, key, value) {
+    if (key in obj) {
+        Object.defineProperty(obj, key, {
+            value: value,
+            enumerable: true,
+            configurable: true,
+            writable: true
+        });
+    } else {
+        obj[key] = value;
+    }
+    return obj;
+}
+/**
+ * 默认 Token 存储（使用 Cookie）
+ */ let CookieTokenStorage = class CookieTokenStorage {
+    getToken() {
+        if (typeof document === 'undefined') {
+            return null;
+        }
+        const cookies = document.cookie.split(';');
+        for (const cookie of cookies){
+            const [name, value] = cookie.trim().split('=');
+            if (name === this.cookieName) {
+                return decodeURIComponent(value);
+            }
+        }
+        return null;
+    }
+    setToken(token) {
+        if (typeof document === 'undefined') {
+            return;
+        }
+        // 设置 Cookie（HttpOnly 由服务端设置，这里只设置客户端可访问的）
+        document.cookie = `${this.cookieName}=${encodeURIComponent(token)}; path=/; SameSite=Strict`;
+    }
+    clearToken() {
+        if (typeof document === 'undefined') {
+            return;
+        }
+        document.cookie = `${this.cookieName}=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT`;
+    }
+    constructor(cookieName = 'csrf-token'){
+        _define_property(this, "cookieName", void 0);
+        this.cookieName = cookieName;
+    }
+};
+/**
+ * 内存 Token 存储（用于 SSR 或测试）
+ */ let MemoryTokenStorage = class MemoryTokenStorage {
+    getToken() {
+        return this.token;
+    }
+    setToken(token) {
+        this.token = token;
+    }
+    clearToken() {
+        this.token = null;
+    }
+    constructor(){
+        _define_property(this, "token", null);
+    }
+};
+let CSRFTokenManager = class CSRFTokenManager {
+    /**
+   * 获取 CSRF Token
+   */ async getToken() {
+        if (this.getTokenFn) {
+            try {
+                return await Promise.resolve(this.getTokenFn());
+            } catch (error) {
+                console.warn('CSRF Token 获取失败:', error);
+                return null;
+            }
+        }
+        // 从存储中获取
+        return this.storage.getToken();
+    }
+    /**
+   * 设置 CSRF Token
+   */ setToken(token) {
+        this.storage.setToken(token);
+    }
+    /**
+   * 验证 CSRF Token
+   */ async validateToken(token) {
+        if (this.validateTokenFn) {
+            try {
+                return await Promise.resolve(this.validateTokenFn(token));
+            } catch (error) {
+                console.warn('CSRF Token 验证失败:', error);
+                return false;
+            }
+        }
+        // 默认验证：检查存储中的 Token 是否匹配
+        const storedToken = this.storage.getToken();
+        return storedToken !== null && storedToken === token;
+    }
+    /**
+   * 清除 CSRF Token
+   */ clearToken() {
+        this.storage.clearToken();
+    }
+    /**
+   * 获取请求头名称
+   */ getHeaderName() {
+        return this.headerName;
+    }
+    constructor(config){
+        _define_property(this, "storage", void 0);
+        _define_property(this, "headerName", void 0);
+        _define_property(this, "cookieName", void 0);
+        _define_property(this, "getTokenFn", void 0);
+        _define_property(this, "validateTokenFn", void 0);
+        this.headerName = config?.headerName ?? 'X-CSRF-Token';
+        this.cookieName = config?.cookieName ?? 'csrf-token';
+        this.storage = config?.storage ?? (typeof document !== 'undefined' ? new CookieTokenStorage(this.cookieName) : new MemoryTokenStorage());
+        this.getTokenFn = config?.getToken;
+        this.validateTokenFn = config?.validateToken;
+    }
+};
+/**
+ * 全局 CSRF Token 管理器实例
+ */ let globalCSRFManager = null;
+function initCSRFManager(config) {
+    globalCSRFManager = new CSRFTokenManager(config);
+    return globalCSRFManager;
+}
+function getCSRFManager() {
+    return globalCSRFManager;
+}
+
+//# sourceMappingURL=csrf.js.map

package/dist/utils/csrf.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/utils/csrf.ts"],"sourcesContent":["/**\n * CSRF 防护工具\n * 提供 CSRF Token 的生成、存储和验证功能\n */\n\n/**\n * CSRF Token 存储接口\n */\nexport interface CSRFTokenStorage {\n  /**\n   * 获取 Token\n   */\n  getToken(): string | null;\n  /**\n   * 设置 Token\n   */\n  setToken(token: string): void;\n  /**\n   * 清除 Token\n   */\n  clearToken(): void;\n}\n\n/**\n * 默认 Token 存储（使用 Cookie）\n */\nclass CookieTokenStorage implements CSRFTokenStorage {\n  private cookieName: string;\n\n  constructor(cookieName: string = 'csrf-token') {\n    this.cookieName = cookieName;\n  }\n\n  getToken(): string | null {\n    if (typeof document === 'undefined') {\n      return null;\n    }\n\n    const cookies = document.cookie.split(';');\n    for (const cookie of cookies) {\n      const [name, value] = cookie.trim().split('=');\n      if (name === this.cookieName) {\n        return decodeURIComponent(value);\n      }\n    }\n    return null;\n  }\n\n  setToken(token: string): void {\n    if (typeof document === 'undefined') {\n      return;\n    }\n\n    // 设置 Cookie（HttpOnly 由服务端设置，这里只设置客户端可访问的）\n    document.cookie = `${this.cookieName}=${encodeURIComponent(token)}; path=/; SameSite=Strict`;\n  }\n\n  clearToken(): void {\n    if (typeof document === 'undefined') {\n      return;\n    }\n\n    document.cookie = `${this.cookieName}=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT`;\n  }\n}\n\n/**\n * 内存 Token 存储（用于 SSR 或测试）\n */\nclass MemoryTokenStorage implements CSRFTokenStorage {\n  private token: string | null = null;\n\n  getToken(): string | null {\n    return this.token;\n  }\n\n  setToken(token: string): void {\n    this.token = token;\n  }\n\n  clearToken(): void {\n    this.token = null;\n  }\n}\n\n/**\n * CSRF Token 管理器\n */\nexport class CSRFTokenManager {\n  private storage: CSRFTokenStorage;\n  private headerName: string;\n  private cookieName: string;\n  private getTokenFn?: () => string | Promise<string>;\n  private validateTokenFn?: (token: string) => boolean | Promise<boolean>;\n\n  constructor(config?: {\n    storage?: CSRFTokenStorage;\n    headerName?: string;\n    cookieName?: string;\n    getToken?: () => string | Promise<string>;\n    validateToken?: (token: string) => boolean | Promise<boolean>;\n  }) {\n    this.headerName = config?.headerName ?? 'X-CSRF-Token';\n    this.cookieName = config?.cookieName ?? 'csrf-token';\n    this.storage = config?.storage ?? (typeof document !== 'undefined' \n      ? new CookieTokenStorage(this.cookieName)\n      : new MemoryTokenStorage());\n    this.getTokenFn = config?.getToken;\n    this.validateTokenFn = config?.validateToken;\n  }\n\n  /**\n   * 获取 CSRF Token\n   */\n  async getToken(): Promise<string | null> {\n    if (this.getTokenFn) {\n      try {\n        return await Promise.resolve(this.getTokenFn());\n      } catch (error) {\n        console.warn('CSRF Token 获取失败:', error);\n        return null;\n      }\n    }\n\n    // 从存储中获取\n    return this.storage.getToken();\n  }\n\n  /**\n   * 设置 CSRF Token\n   */\n  setToken(token: string): void {\n    this.storage.setToken(token);\n  }\n\n  /**\n   * 验证 CSRF Token\n   */\n  async validateToken(token: string): Promise<boolean> {\n    if (this.validateTokenFn) {\n      try {\n        return await Promise.resolve(this.validateTokenFn(token));\n      } catch (error) {\n        console.warn('CSRF Token 验证失败:', error);\n        return false;\n      }\n    }\n\n    // 默认验证：检查存储中的 Token 是否匹配\n    const storedToken = this.storage.getToken();\n    return storedToken !== null && storedToken === token;\n  }\n\n  /**\n   * 清除 CSRF Token\n   */\n  clearToken(): void {\n    this.storage.clearToken();\n  }\n\n  /**\n   * 获取请求头名称\n   */\n  getHeaderName(): string {\n    return this.headerName;\n  }\n}\n\n/**\n * 全局 CSRF Token 管理器实例\n */\nlet globalCSRFManager: CSRFTokenManager | null = null;\n\n/**\n * 初始化 CSRF Token 管理器\n */\nexport function initCSRFManager(config?: {\n  storage?: CSRFTokenStorage;\n  headerName?: string;\n  cookieName?: string;\n  getToken?: () => string | Promise<string>;\n  validateToken?: (token: string) => boolean | Promise<boolean>;\n}): CSRFTokenManager {\n  globalCSRFManager = new CSRFTokenManager(config);\n  return globalCSRFManager;\n}\n\n/**\n * 获取全局 CSRF Token 管理器\n */\nexport function getCSRFManager(): CSRFTokenManager | null {\n  return globalCSRFManager;\n}\n"],"names":["CSRFTokenManager","getCSRFManager","initCSRFManager","CookieTokenStorage","getToken","document","cookies","cookie","split","name","value","trim","cookieName","decodeURIComponent","setToken","token","encodeURIComponent","clearToken","MemoryTokenStorage","getTokenFn","Promise","resolve","error","console","warn","storage","validateToken","validateTokenFn","storedToken","getHeaderName","headerName","config","globalCSRFManager"],"mappings":"AAAA;;;CAGC,GAED;;CAEC;;;;;;;;;;;QAiFYA;eAAAA;;QAsGGC;eAAAA;;QAdAC;eAAAA;;;;;;;;;;;;;;;;AAzJhB;;CAEC,GACD,IAAA,AAAMC,qBAAN,MAAMA;IAOJC,WAA0B;QACxB,IAAI,OAAOC,aAAa,aAAa;YACnC,OAAO;QACT;QAEA,MAAMC,UAAUD,SAASE,MAAM,CAACC,KAAK,CAAC;QACtC,KAAK,MAAMD,UAAUD,QAAS;YAC5B,MAAM,CAACG,MAAMC,MAAM,GAAGH,OAAOI,IAAI,GAAGH,KAAK,CAAC;YAC1C,IAAIC,SAAS,IAAI,CAACG,UAAU,EAAE;gBAC5B,OAAOC,mBAAmBH;YAC5B;QACF;QACA,OAAO;IACT;IAEAI,SAASC,KAAa,EAAQ;QAC5B,IAAI,OAAOV,aAAa,aAAa;YACnC;QACF;QAEA,0CAA0C;QAC1CA,SAASE,MAAM,GAAG,GAAG,IAAI,CAACK,UAAU,CAAC,CAAC,EAAEI,mBAAmBD,OAAO,yBAAyB,CAAC;IAC9F;IAEAE,aAAmB;QACjB,IAAI,OAAOZ,aAAa,aAAa;YACnC;QACF;QAEAA,SAASE,MAAM,GAAG,GAAG,IAAI,CAACK,UAAU,CAAC,gDAAgD,CAAC;IACxF;IAlCA,YAAYA,aAAqB,YAAY,CAAE;QAF/C,uBAAQA,cAAR,KAAA;QAGE,IAAI,CAACA,UAAU,GAAGA;IACpB;AAiCF;AAEA;;CAEC,GACD,IAAA,AAAMM,qBAAN,MAAMA;IAGJd,WAA0B;QACxB,OAAO,IAAI,CAACW,KAAK;IACnB;IAEAD,SAASC,KAAa,EAAQ;QAC5B,IAAI,CAACA,KAAK,GAAGA;IACf;IAEAE,aAAmB;QACjB,IAAI,CAACF,KAAK,GAAG;IACf;;QAZA,uBAAQA,SAAuB;;AAajC;AAKO,IAAA,AAAMf,mBAAN,MAAMA;IAuBX;;GAEC,GACD,MAAMI,WAAmC;QACvC,IAAI,IAAI,CAACe,UAAU,EAAE;YACnB,IAAI;gBACF,OAAO,MAAMC,QAAQC,OAAO,CAAC,IAAI,CAACF,UAAU;YAC9C,EAAE,OAAOG,OAAO;gBACdC,QAAQC,IAAI,CAAC,oBAAoBF;gBACjC,OAAO;YACT;QACF;QAEA,SAAS;QACT,OAAO,IAAI,CAACG,OAAO,CAACrB,QAAQ;IAC9B;IAEA;;GAEC,GACDU,SAASC,KAAa,EAAQ;QAC5B,IAAI,CAACU,OAAO,CAACX,QAAQ,CAACC;IACxB;IAEA;;GAEC,GACD,MAAMW,cAAcX,KAAa,EAAoB;QACnD,IAAI,IAAI,CAACY,eAAe,EAAE;YACxB,IAAI;gBACF,OAAO,MAAMP,QAAQC,OAAO,CAAC,IAAI,CAACM,eAAe,CAACZ;YACpD,EAAE,OAAOO,OAAO;gBACdC,QAAQC,IAAI,CAAC,oBAAoBF;gBACjC,OAAO;YACT;QACF;QAEA,yBAAyB;QACzB,MAAMM,cAAc,IAAI,CAACH,OAAO,CAACrB,QAAQ;QACzC,OAAOwB,gBAAgB,QAAQA,gBAAgBb;IACjD;IAEA;;GAEC,GACDE,aAAmB;QACjB,IAAI,CAACQ,OAAO,CAACR,UAAU;IACzB;IAEA;;GAEC,GACDY,gBAAwB;QACtB,OAAO,IAAI,CAACC,UAAU;IACxB;IAtEA,YAAYC,MAMX,CAAE;QAZH,uBAAQN,WAAR,KAAA;QACA,uBAAQK,cAAR,KAAA;QACA,uBAAQlB,cAAR,KAAA;QACA,uBAAQO,cAAR,KAAA;QACA,uBAAQQ,mBAAR,KAAA;QASE,IAAI,CAACG,UAAU,GAAGC,QAAQD,cAAc;QACxC,IAAI,CAAClB,UAAU,GAAGmB,QAAQnB,cAAc;QACxC,IAAI,CAACa,OAAO,GAAGM,QAAQN,WAAY,CAAA,OAAOpB,aAAa,cACnD,IAAIF,mBAAmB,IAAI,CAACS,UAAU,IACtC,IAAIM,oBAAmB;QAC3B,IAAI,CAACC,UAAU,GAAGY,QAAQ3B;QAC1B,IAAI,CAACuB,eAAe,GAAGI,QAAQL;IACjC;AAyDF;AAEA;;CAEC,GACD,IAAIM,oBAA6C;AAK1C,SAAS9B,gBAAgB6B,MAM/B;IACCC,oBAAoB,IAAIhC,iBAAiB+B;IACzC,OAAOC;AACT;AAKO,SAAS/B;IACd,OAAO+B;AACT"}

package/dist/utils/csrf.d.ts

@@ -0,0 +1,73 @@
+/**
+ * CSRF 防护工具
+ * 提供 CSRF Token 的生成、存储和验证功能
+ */
+/**
+ * CSRF Token 存储接口
+ */
+export interface CSRFTokenStorage {
+    /**
+     * 获取 Token
+     */
+    getToken(): string | null;
+    /**
+     * 设置 Token
+     */
+    setToken(token: string): void;
+    /**
+     * 清除 Token
+     */
+    clearToken(): void;
+}
+/**
+ * CSRF Token 管理器
+ */
+export declare class CSRFTokenManager {
+    private storage;
+    private headerName;
+    private cookieName;
+    private getTokenFn?;
+    private validateTokenFn?;
+    constructor(config?: {
+        storage?: CSRFTokenStorage;
+        headerName?: string;
+        cookieName?: string;
+        getToken?: () => string | Promise<string>;
+        validateToken?: (token: string) => boolean | Promise<boolean>;
+    });
+    /**
+     * 获取 CSRF Token
+     */
+    getToken(): Promise<string | null>;
+    /**
+     * 设置 CSRF Token
+     */
+    setToken(token: string): void;
+    /**
+     * 验证 CSRF Token
+     */
+    validateToken(token: string): Promise<boolean>;
+    /**
+     * 清除 CSRF Token
+     */
+    clearToken(): void;
+    /**
+     * 获取请求头名称
+     */
+    getHeaderName(): string;
+}
+/**
+ * 初始化 CSRF Token 管理器
+ */
+export declare function initCSRFManager(config?: {
+    storage?: CSRFTokenStorage;
+    headerName?: string;
+    cookieName?: string;
+    getToken?: () => string | Promise<string>;
+    validateToken?: (token: string) => boolean | Promise<boolean>;
+}): CSRFTokenManager;
+/**
+ * 获取全局 CSRF Token 管理器
+ */
+export declare function getCSRFManager(): CSRFTokenManager | null;
+//# sourceMappingURL=csrf.d.ts.map

package/dist/utils/csrf.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"csrf.d.ts","sourceRoot":"","sources":["../../src/utils/csrf.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;OAEG;IACH,QAAQ,IAAI,MAAM,GAAG,IAAI,CAAC;IAC1B;;OAEG;IACH,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B;;OAEG;IACH,UAAU,IAAI,IAAI,CAAC;CACpB;AAgED;;GAEG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,OAAO,CAAmB;IAClC,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,UAAU,CAAC,CAAiC;IACpD,OAAO,CAAC,eAAe,CAAC,CAAgD;gBAE5D,MAAM,CAAC,EAAE;QACnB,OAAO,CAAC,EAAE,gBAAgB,CAAC;QAC3B,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,QAAQ,CAAC,EAAE,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;QAC1C,aAAa,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;KAC/D;IAUD;;OAEG;IACG,QAAQ,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAcxC;;OAEG;IACH,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAI7B;;OAEG;IACG,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAepD;;OAEG;IACH,UAAU,IAAI,IAAI;IAIlB;;OAEG;IACH,aAAa,IAAI,MAAM;CAGxB;AAOD;;GAEG;AACH,wBAAgB,eAAe,CAAC,MAAM,CAAC,EAAE;IACvC,OAAO,CAAC,EAAE,gBAAgB,CAAC;IAC3B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC1C,aAAa,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CAC/D,GAAG,gBAAgB,CAGnB;AAED;;GAEG;AACH,wBAAgB,cAAc,IAAI,gBAAgB,GAAG,IAAI,CAExD"}