@voyantjs/utils 0.1.0

package/dist/session-claims.js

@@ -0,0 +1,184 @@
+/**
+ * Session Claims Cookie Utilities
+ *
+ * Implements signed session claims to reduce API calls in middleware.
+ * Claims contain minimal session info (userId, sessionId hash) that can be
+ * verified locally without database lookup.
+ *
+ * Security:
+ * - HMAC-SHA256 signing prevents tampering
+ * - 5-minute expiration ensures quick revocation
+ * - HttpOnly, Secure, SameSite cookies
+ *
+ * Compatible with both Node.js (middleware) and Cloudflare Workers (API)
+ */
+// Use Node crypto when available (Next.js middleware, Node.js environments)
+// Falls back to Web Crypto API for Cloudflare Workers
+let nodeCrypto = null;
+try {
+    // eslint-disable-next-line @typescript-eslint/no-require-imports
+    nodeCrypto = require("node:crypto");
+}
+catch {
+    // Not in Node.js environment
+}
+function getWebCrypto() {
+    if (typeof globalThis.crypto !== "undefined" && globalThis.crypto.subtle) {
+        return globalThis.crypto;
+    }
+    if (nodeCrypto?.webcrypto) {
+        return nodeCrypto.webcrypto;
+    }
+    throw new Error("No crypto implementation available");
+}
+const CLAIMS_EXPIRY_SECONDS = 5 * 60; // 5 minutes
+/**
+ * Create a short identifier from session ID for inclusion in claims
+ * Uses first 16 chars of base64url-encoded SHA-256 hash
+ */
+async function hashSessionId(sessionId) {
+    // Node.js crypto (preferred - synchronous)
+    if (nodeCrypto) {
+        const hash = nodeCrypto.createHash("sha256").update(sessionId).digest("base64url");
+        return hash.slice(0, 16);
+    }
+    // Web Crypto API (Cloudflare Workers)
+    const webCrypto = getWebCrypto();
+    const encoder = new TextEncoder();
+    const data = encoder.encode(sessionId);
+    const hashBuffer = await webCrypto.subtle.digest("SHA-256", data);
+    const hashArray = Array.from(new Uint8Array(hashBuffer));
+    // Convert to base64url manually
+    const hashB64 = btoa(String.fromCharCode(...hashArray))
+        .replace(/\+/g, "-")
+        .replace(/\//g, "_")
+        .replace(/=/g, "");
+    return hashB64.slice(0, 16);
+}
+/**
+ * Sign session claims and return as JWT-like token
+ *
+ * Format: base64url(header).base64url(payload).base64url(signature)
+ *
+ * @param userId - User ID from verified session
+ * @param sessionId - Full session ID (will be hashed)
+ * @param secret - HMAC secret for signing
+ * @returns Signed token string
+ */
+export async function signSessionClaims(userId, sessionId, secret) {
+    const now = Math.floor(Date.now() / 1000);
+    const exp = now + CLAIMS_EXPIRY_SECONDS;
+    const sessionIdHash = await hashSessionId(sessionId);
+    const claims = {
+        userId,
+        sessionId: sessionIdHash,
+        iat: now,
+        exp,
+    };
+    // Encode payload (works in both environments)
+    const header = { alg: "HS256", typ: "JWT" };
+    const headerB64 = btoa(JSON.stringify(header))
+        .replace(/\+/g, "-")
+        .replace(/\//g, "_")
+        .replace(/=/g, "");
+    const payloadB64 = btoa(JSON.stringify(claims))
+        .replace(/\+/g, "-")
+        .replace(/\//g, "_")
+        .replace(/=/g, "");
+    // Create signature
+    const message = `${headerB64}.${payloadB64}`;
+    let signature;
+    // Node.js crypto (preferred - synchronous)
+    if (nodeCrypto) {
+        signature = nodeCrypto.createHmac("sha256", secret).update(message).digest("base64url");
+    }
+    else {
+        // Web Crypto API (Cloudflare Workers)
+        const webCrypto = getWebCrypto();
+        const encoder = new TextEncoder();
+        const keyData = encoder.encode(secret);
+        const key = await webCrypto.subtle.importKey("raw", keyData, { name: "HMAC", hash: "SHA-256" }, false, ["sign"]);
+        const sigBuffer = await webCrypto.subtle.sign("HMAC", key, encoder.encode(message));
+        const sigArray = Array.from(new Uint8Array(sigBuffer));
+        signature = btoa(String.fromCharCode(...sigArray))
+            .replace(/\+/g, "-")
+            .replace(/\//g, "_")
+            .replace(/=/g, "");
+    }
+    return `${headerB64}.${payloadB64}.${signature}`;
+}
+/**
+ * Verify and decode session claims token
+ *
+ * @param token - Signed token from cookie
+ * @param secret - HMAC secret for verification
+ * @returns Decoded claims if valid, null if invalid/expired
+ */
+export async function verifySessionClaims(token, secret) {
+    try {
+        const parts = token.split(".");
+        if (parts.length !== 3) {
+            return null;
+        }
+        const [headerB64, payloadB64, signature] = parts;
+        // Ensure all parts are defined
+        if (!headerB64 || !payloadB64 || !signature) {
+            return null;
+        }
+        // Verify signature
+        const message = `${headerB64}.${payloadB64}`;
+        let expectedSig;
+        // Node.js crypto (preferred - synchronous)
+        if (nodeCrypto) {
+            expectedSig = nodeCrypto.createHmac("sha256", secret).update(message).digest("base64url");
+        }
+        else {
+            // Web Crypto API (Cloudflare Workers)
+            const webCrypto = getWebCrypto();
+            const encoder = new TextEncoder();
+            const keyData = encoder.encode(secret);
+            const key = await webCrypto.subtle.importKey("raw", keyData, { name: "HMAC", hash: "SHA-256" }, false, ["sign"]);
+            const sigBuffer = await webCrypto.subtle.sign("HMAC", key, encoder.encode(message));
+            const sigArray = Array.from(new Uint8Array(sigBuffer));
+            expectedSig = btoa(String.fromCharCode(...sigArray))
+                .replace(/\+/g, "-")
+                .replace(/\//g, "_")
+                .replace(/=/g, "");
+        }
+        // Constant-time comparison
+        if (!constantTimeEqual(signature, expectedSig)) {
+            return null;
+        }
+        // Decode payload (works in both environments)
+        // base64url decode: replace - with +, _ with /, then decode
+        const payloadJson = atob(payloadB64.replace(/-/g, "+").replace(/_/g, "/"));
+        const payload = JSON.parse(payloadJson);
+        // Check expiration
+        const now = Math.floor(Date.now() / 1000);
+        if (payload.exp < now) {
+            return null;
+        }
+        // Validate structure
+        if (!payload.userId || !payload.sessionId || !payload.iat || !payload.exp) {
+            return null;
+        }
+        return payload;
+    }
+    catch (_error) {
+        // Invalid token format or JSON parse error
+        return null;
+    }
+}
+/**
+ * Constant-time string comparison to prevent timing attacks
+ */
+function constantTimeEqual(a, b) {
+    if (a.length !== b.length)
+        return false;
+    let result = 0;
+    for (let i = 0; i < a.length; i++) {
+        result |= a.charCodeAt(i) ^ b.charCodeAt(i);
+    }
+    return result === 0;
+}
+//# sourceMappingURL=session-claims.js.map

package/dist/session-claims.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session-claims.js","sourceRoot":"","sources":["../src/session-claims.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,4EAA4E;AAC5E,sDAAsD;AACtD,IAAI,UAAU,GAAwC,IAAI,CAAA;AAC1D,IAAI,CAAC;IACH,iEAAiE;IACjE,UAAU,GAAG,OAAO,CAAC,aAAa,CAAC,CAAA;AACrC,CAAC;AAAC,MAAM,CAAC;IACP,6BAA6B;AAC/B,CAAC;AAED,SAAS,YAAY;IACnB,IAAI,OAAO,UAAU,CAAC,MAAM,KAAK,WAAW,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QACzE,OAAO,UAAU,CAAC,MAAM,CAAA;IAC1B,CAAC;IAED,IAAI,UAAU,EAAE,SAAS,EAAE,CAAC;QAC1B,OAAO,UAAU,CAAC,SAAmB,CAAA;IACvC,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAA;AACvD,CAAC;AASD,MAAM,qBAAqB,GAAG,CAAC,GAAG,EAAE,CAAA,CAAC,YAAY;AAEjD;;;GAGG;AACH,KAAK,UAAU,aAAa,CAAC,SAAiB;IAC5C,2CAA2C;IAC3C,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAA;QAClF,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IAC1B,CAAC;IAED,sCAAsC;IACtC,MAAM,SAAS,GAAG,YAAY,EAAE,CAAA;IAChC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAA;IACjC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;IACtC,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAA;IACjE,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC,CAAA;IACxD,gCAAgC;IAChC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,SAAS,CAAC,CAAC;SACpD,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;IACpB,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;AAC7B,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,MAAc,EACd,SAAiB,EACjB,MAAc;IAEd,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAA;IACzC,MAAM,GAAG,GAAG,GAAG,GAAG,qBAAqB,CAAA;IAEvC,MAAM,aAAa,GAAG,MAAM,aAAa,CAAC,SAAS,CAAC,CAAA;IACpD,MAAM,MAAM,GAAkB;QAC5B,MAAM;QACN,SAAS,EAAE,aAAa;QACxB,GAAG,EAAE,GAAG;QACR,GAAG;KACJ,CAAA;IAED,8CAA8C;IAC9C,MAAM,MAAM,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,CAAA;IAC3C,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;SAC3C,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;IACpB,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;SAC5C,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;IAEpB,mBAAmB;IACnB,MAAM,OAAO,GAAG,GAAG,SAAS,IAAI,UAAU,EAAE,CAAA;IAE5C,IAAI,SAAiB,CAAA;IACrB,2CAA2C;IAC3C,IAAI,UAAU,EAAE,CAAC;QACf,SAAS,GAAG,UAAU,CAAC,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAA;IACzF,CAAC;SAAM,CAAC;QACN,sCAAsC;QACtC,MAAM,SAAS,GAAG,YAAY,EAAE,CAAA;QAChC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAA;QACjC,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QACtC,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC,SAAS,CAC1C,KAAK,EACL,OAAO,EACP,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,EACjC,KAAK,EACL,CAAC,MAAM,CAAC,CACT,CAAA;QACD,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAA;QACnF,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC,CAAA;QACtD,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,QAAQ,CAAC,CAAC;aAC/C,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;aACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;aACnB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;IACtB,CAAC;IAED,OAAO,GAAG,SAAS,IAAI,UAAU,IAAI,SAAS,EAAE,CAAA;AAClD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,KAAa,EACb,MAAc;IAEd,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC9B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,IAAI,CAAA;QACb,CAAC;QAED,MAAM,CAAC,SAAS,EAAE,UAAU,EAAE,SAAS,CAAC,GAAG,KAAK,CAAA;QAEhD,+BAA+B;QAC/B,IAAI,CAAC,SAAS,IAAI,CAAC,UAAU,IAAI,CAAC,SAAS,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAA;QACb,CAAC;QAED,mBAAmB;QACnB,MAAM,OAAO,GAAG,GAAG,SAAS,IAAI,UAAU,EAAE,CAAA;QAE5C,IAAI,WAAmB,CAAA;QACvB,2CAA2C;QAC3C,IAAI,UAAU,EAAE,CAAC;YACf,WAAW,GAAG,UAAU,CAAC,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAA;QAC3F,CAAC;aAAM,CAAC;YACN,sCAAsC;YACtC,MAAM,SAAS,GAAG,YAAY,EAAE,CAAA;YAChC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAA;YACjC,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;YACtC,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC,SAAS,CAC1C,KAAK,EACL,OAAO,EACP,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,EACjC,KAAK,EACL,CAAC,MAAM,CAAC,CACT,CAAA;YACD,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAA;YACnF,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC,CAAA;YACtD,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,QAAQ,CAAC,CAAC;iBACjD,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;iBACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;iBACnB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;QACtB,CAAC;QAED,2BAA2B;QAC3B,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,WAAW,CAAC,EAAE,CAAC;YAC/C,OAAO,IAAI,CAAA;QACb,CAAC;QAED,8CAA8C;QAC9C,4DAA4D;QAC5D,MAAM,WAAW,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAA;QAC1E,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAkB,CAAA;QAExD,mBAAmB;QACnB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAA;QACzC,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;YACtB,OAAO,IAAI,CAAA;QACb,CAAC;QAED,qBAAqB;QACrB,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;YAC1E,OAAO,IAAI,CAAA;QACb,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;IAAC,OAAO,MAAM,EAAE,CAAC;QAChB,2CAA2C;QAC3C,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,CAAS,EAAE,CAAS;IAC7C,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;QAAE,OAAO,KAAK,CAAA;IAEvC,IAAI,MAAM,GAAG,CAAC,CAAA;IACd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,MAAM,IAAI,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;IAC7C,CAAC;IAED,OAAO,MAAM,KAAK,CAAC,CAAA;AACrB,CAAC"}

package/dist/sms/provider.d.ts

@@ -0,0 +1,28 @@
+export type SendTransactionalSmsInput = {
+    toE164: string;
+    body: string;
+    senderId?: string;
+};
+/**
+ * BYOK (Bring Your Own Key) Twilio configuration for organization-specific credentials.
+ */
+export type TwilioByokConfig = {
+    accountSid: string;
+    authToken: string;
+    phoneNumber?: string | null;
+    messagingServiceSid?: string | null;
+};
+export type SendTransactionalSmsResult = {
+    provider: "twilio" | "sns";
+    id?: string;
+    raw?: unknown;
+};
+/**
+ * Send a transactional SMS via Twilio.
+ *
+ * @param input - SMS content and recipient
+ * @param twilioConfig - Optional organization-specific Twilio credentials (BYOK).
+ *                       If not provided, falls back to global environment variables.
+ */
+export declare function sendTransactionalSms(input: SendTransactionalSmsInput, twilioConfig?: TwilioByokConfig): Promise<SendTransactionalSmsResult>;
+//# sourceMappingURL=provider.d.ts.map

package/dist/sms/provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../../src/sms/provider.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,yBAAyB,GAAG;IACtC,MAAM,EAAE,MAAM,CAAA;IACd,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG;IAC7B,UAAU,EAAE,MAAM,CAAA;IAClB,SAAS,EAAE,MAAM,CAAA;IACjB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC3B,mBAAmB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CACpC,CAAA;AAED,MAAM,MAAM,0BAA0B,GAAG;IACvC,QAAQ,EAAE,QAAQ,GAAG,KAAK,CAAA;IAC1B,EAAE,CAAC,EAAE,MAAM,CAAA;IACX,GAAG,CAAC,EAAE,OAAO,CAAA;CACd,CAAA;AAOD;;;;;;GAMG;AACH,wBAAsB,oBAAoB,CACxC,KAAK,EAAE,yBAAyB,EAChC,YAAY,CAAC,EAAE,gBAAgB,GAC9B,OAAO,CAAC,0BAA0B,CAAC,CAiDrC"}

package/dist/sms/provider.js

@@ -0,0 +1,50 @@
+import { createTwilioClientWithCredentials, getTwilioClient } from "../twilio/client.js";
+function getSmsProvider() {
+    const p = (process.env.SMS_PROVIDER || "twilio").toLowerCase();
+    return p === "sns" ? "sns" : "twilio";
+}
+/**
+ * Send a transactional SMS via Twilio.
+ *
+ * @param input - SMS content and recipient
+ * @param twilioConfig - Optional organization-specific Twilio credentials (BYOK).
+ *                       If not provided, falls back to global environment variables.
+ */
+export async function sendTransactionalSms(input, twilioConfig) {
+    const provider = getSmsProvider();
+    if (provider === "twilio") {
+        // Use organization-specific credentials if provided (BYOK)
+        if (twilioConfig) {
+            const client = createTwilioClientWithCredentials(twilioConfig.accountSid, twilioConfig.authToken);
+            // Prefer messaging service SID over phone number
+            const messagingServiceSid = twilioConfig.messagingServiceSid;
+            const fromNumber = twilioConfig.phoneNumber;
+            if (!messagingServiceSid && !fromNumber) {
+                throw new Error("BYOK Twilio config requires either phoneNumber or messagingServiceSid");
+            }
+            const res = await client.messages.create({
+                to: input.toE164,
+                body: input.body,
+                ...(messagingServiceSid ? { messagingServiceSid } : {}),
+                ...(fromNumber && !messagingServiceSid ? { from: fromNumber } : {}),
+            });
+            return { provider: "twilio", id: res.sid, raw: res };
+        }
+        // Fall back to global environment variables
+        const client = getTwilioClient();
+        const messagingServiceSid = process.env.TWILIO_MESSAGING_SERVICE_SID;
+        const fromNumber = process.env.TWILIO_PHONE_NUMBER;
+        if (!messagingServiceSid && !fromNumber) {
+            throw new Error("Configure TWILIO_MESSAGING_SERVICE_SID or TWILIO_PHONE_NUMBER");
+        }
+        const res = await client.messages.create({
+            to: input.toE164,
+            body: input.body,
+            ...(messagingServiceSid ? { messagingServiceSid } : {}),
+            ...(fromNumber ? { from: fromNumber } : {}),
+        });
+        return { provider: "twilio", id: res.sid, raw: res };
+    }
+    throw new Error("SNS is no longer supported");
+}
+//# sourceMappingURL=provider.js.map

package/dist/sms/provider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider.js","sourceRoot":"","sources":["../../src/sms/provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iCAAiC,EAAC,eAAe,EAAE,MAAM,qBAAqB,CAAA;AAwBvF,SAAS,cAAc;IACrB,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAA;IAC9D,OAAO,CAAC,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAA;AACvC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,KAAgC,EAChC,YAA+B;IAE/B,MAAM,QAAQ,GAAG,cAAc,EAAE,CAAA;IAEjC,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC1B,2DAA2D;QAC3D,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,MAAM,GAAG,iCAAiC,CAC9C,YAAY,CAAC,UAAU,EACvB,YAAY,CAAC,SAAS,CACvB,CAAA;YAED,iDAAiD;YACjD,MAAM,mBAAmB,GAAG,YAAY,CAAC,mBAAmB,CAAA;YAC5D,MAAM,UAAU,GAAG,YAAY,CAAC,WAAW,CAAA;YAE3C,IAAI,CAAC,mBAAmB,IAAI,CAAC,UAAU,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CACb,uEAAuE,CACxE,CAAA;YACH,CAAC;YAED,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACvC,EAAE,EAAE,KAAK,CAAC,MAAM;gBAChB,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC,EAAE,mBAAmB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACvD,GAAG,CAAC,UAAU,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aACpE,CAAC,CAAA;YACF,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAA;QACtD,CAAC;QAED,4CAA4C;QAC5C,MAAM,MAAM,GAAG,eAAe,EAAE,CAAA;QAChC,MAAM,mBAAmB,GAAG,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAA;QACpE,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAA;QAElD,IAAI,CAAC,mBAAmB,IAAI,CAAC,UAAU,EAAE,CAAC;YACxC,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC,CAAA;QAClF,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YACvC,EAAE,EAAE,KAAK,CAAC,MAAM;YAChB,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC,EAAE,mBAAmB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACvD,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC5C,CAAC,CAAA;QACF,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAA;IACtD,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAA;AAC/C,CAAC"}

package/dist/sms/segments.d.ts

@@ -0,0 +1,3 @@
+export declare function isGsm7(text: string): boolean;
+export declare function countSmsSegments(text: string): number;
+//# sourceMappingURL=segments.d.ts.map

package/dist/sms/segments.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"segments.d.ts","sourceRoot":"","sources":["../../src/sms/segments.ts"],"names":[],"mappings":"AAUA,wBAAgB,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAK5C;AAED,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAiBrD"}

package/dist/sms/segments.js

@@ -0,0 +1,33 @@
+// Minimal GSM-7 detection and segment counting
+const GSM_7_BASIC_CHARS = "@£$¥èéùìòÇ\nØø\rÅåΔ_ΦΓΛΩΠΨΣΘΞ\u0020!\"#¤%&'()*+,-./0123456789:;<=>?ABCDEFGHIJKLMNOPQRSTUVWXYZÄÖÑܧabcdefghijklmnopqrstuvwxyzäöñüà";
+const GSM_7_EXTENDED_CHARS = "^{}\\[~]|€";
+function isGsm7Char(char) {
+    return GSM_7_BASIC_CHARS.includes(char) || GSM_7_EXTENDED_CHARS.includes(char);
+}
+export function isGsm7(text) {
+    for (const ch of text) {
+        if (!isGsm7Char(ch))
+            return false;
+    }
+    return true;
+}
+export function countSmsSegments(text) {
+    if (!text)
+        return 0;
+    const gsm = isGsm7(text);
+    // Extended table chars count as two septets in GSM-7
+    const gsmLength = gsm
+        ? Array.from(text).reduce((acc, ch) => acc + (GSM_7_EXTENDED_CHARS.includes(ch) ? 2 : 1), 0)
+        : 0;
+    if (gsm) {
+        if (gsmLength <= 160)
+            return 1;
+        return Math.ceil(gsmLength / 153);
+    }
+    // UCS-2
+    const ucsLen = Array.from(text).length;
+    if (ucsLen <= 70)
+        return 1;
+    return Math.ceil(ucsLen / 67);
+}
+//# sourceMappingURL=segments.js.map

package/dist/sms/segments.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"segments.js","sourceRoot":"","sources":["../../src/sms/segments.ts"],"names":[],"mappings":"AAAA,+CAA+C;AAE/C,MAAM,iBAAiB,GACrB,mIAAmI,CAAA;AACrI,MAAM,oBAAoB,GAAG,YAAY,CAAA;AAEzC,SAAS,UAAU,CAAC,IAAY;IAC9B,OAAO,iBAAiB,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,oBAAoB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;AAChF,CAAC;AAED,MAAM,UAAU,MAAM,CAAC,IAAY;IACjC,KAAK,MAAM,EAAE,IAAI,IAAI,EAAE,CAAC;QACtB,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YAAE,OAAO,KAAK,CAAA;IACnC,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,IAAY;IAC3C,IAAI,CAAC,IAAI;QAAE,OAAO,CAAC,CAAA;IACnB,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAA;IACxB,qDAAqD;IACrD,MAAM,SAAS,GAAG,GAAG;QACnB,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,oBAAoB,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC5F,CAAC,CAAC,CAAC,CAAA;IAEL,IAAI,GAAG,EAAE,CAAC;QACR,IAAI,SAAS,IAAI,GAAG;YAAE,OAAO,CAAC,CAAA;QAC9B,OAAO,IAAI,CAAC,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,CAAA;IACnC,CAAC;IAED,QAAQ;IACR,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAA;IACtC,IAAI,MAAM,IAAI,EAAE;QAAE,OAAO,CAAC,CAAA;IAC1B,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC,CAAA;AAC/B,CAAC"}

package/dist/temporal.d.ts

@@ -0,0 +1,2 @@
+export declare function toIsoDateUtc(date: Date): string;
+//# sourceMappingURL=temporal.d.ts.map

package/dist/temporal.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"temporal.d.ts","sourceRoot":"","sources":["../src/temporal.ts"],"names":[],"mappings":"AACA,wBAAgB,YAAY,CAAC,IAAI,EAAE,IAAI,GAAG,MAAM,CAG/C"}

package/dist/temporal.js

@@ -0,0 +1,6 @@
+// Minimal temporal helpers used by client apps
+export function toIsoDateUtc(date) {
+    const d = new Date(Date.UTC(date.getFullYear(), date.getMonth(), date.getDate()));
+    return d.toISOString().slice(0, 10);
+}
+//# sourceMappingURL=temporal.js.map

package/dist/temporal.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"temporal.js","sourceRoot":"","sources":["../src/temporal.ts"],"names":[],"mappings":"AAAA,+CAA+C;AAC/C,MAAM,UAAU,YAAY,CAAC,IAAU;IACrC,MAAM,CAAC,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAA;IACjF,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;AACrC,CAAC"}

package/dist/timezones.d.ts

@@ -0,0 +1,9 @@
+export declare const timezones: {
+    value: string;
+    abbr: string;
+    offset: number;
+    isdst: boolean;
+    text: string;
+    utc: string[];
+}[];
+//# sourceMappingURL=timezones.d.ts.map

package/dist/timezones.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"timezones.d.ts","sourceRoot":"","sources":["../src/timezones.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,SAAS;;;;;;;GAgsCrB,CAAA"}