npm - @workos-inc/node - Versions diffs - 8.0.0-rc.9 → 8.1.0 - Mend

@workos-inc/node 8.0.0-rc.9 → 8.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1331) hide show

package/lib/user-management-DCbkjgk8.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"user-management-DCbkjgk8.cjs","names":["workos: WorkOS","getJose","CookieSession","deserializeUser","AutoPaginatable","fetchAndDeserialize","serializeListUsersOptions","serializeCreateUserOptions","serializeAuthenticateWithMagicAuthOptions","deserializeAuthenticationResponse","serializeAuthenticateWithPasswordOptions","serializeAuthenticateWithCodeOptions","serializeAuthenticateWithCodeAndVerifierOptions","serializeAuthenticateWithRefreshTokenPublicClientOptions","serializeAuthenticateWithRefreshTokenOptions","serializeAuthenticateWithTotpOptions","serializeAuthenticateWithEmailVerificationOptions","serializeAuthenticateWithOrganizationSelectionOptions","getEnv","AuthenticateWithSessionCookieFailureReason","unsealData","sealData","deserializeEmailVerification","deserializeMagicAuth","serializeCreateMagicAuthOptions","deserializePasswordReset","serializeCreatePasswordResetOptions","serializeResetPasswordOptions","serializeUpdateUserOptions","serializeEnrollAuthFactorOptions","deserializeFactorWithSecrets","deserializeChallenge","deserializeFactor","deserializeFeatureFlag","deserializeSession","serializeListSessionsOptions","deserializeIdentities","deserializeOrganizationMembership","serializeListOrganizationMembershipsOptions","serializeCreateOrganizationMembershipOptions","serializeUpdateOrganizationMembershipOptions","deserializeInvitation","serializeListInvitationsOptions","serializeSendInvitationOptions","serializeResendInvitationOptions","serializeRevokeSessionOptions","toQueryString"],"sources":["../src/user-management/user-management.ts"],"sourcesContent":["import { sealData, unsealData } from '../common/crypto/seal';\nimport { PaginationOptions } from '../common/interfaces/pagination-options.interface';\nimport { fetchAndDeserialize } from '../common/utils/fetch-and-deserialize';\nimport { AutoPaginatable } from '../common/utils/pagination';\nimport { getEnv } from '../common/utils/env';\nimport { toQueryString } from '../common/utils/query-string';\nimport { Challenge, ChallengeResponse } from '../mfa/interfaces';\nimport { deserializeChallenge } from '../mfa/serializers';\nimport {\n FeatureFlag,\n FeatureFlagResponse,\n} from '../feature-flags/interfaces/feature-flag.interface';\nimport { deserializeFeatureFlag } from '../feature-flags/serializers';\nimport { WorkOS } from '../workos';\nimport {\n AuthenticateWithCodeAndVerifierOptions,\n AuthenticateWithCodeOptions,\n AuthenticateWithMagicAuthOptions,\n AuthenticateWithPasswordOptions,\n AuthenticateWithRefreshTokenOptions,\n AuthenticateWithSessionOptions,\n AuthenticateWithTotpOptions,\n AuthenticationResponse,\n AuthenticationResponseResponse,\n CreateMagicAuthOptions,\n CreatePasswordResetOptions,\n CreateUserOptions,\n EmailVerification,\n EmailVerificationResponse,\n EnrollAuthFactorOptions,\n ListAuthFactorsOptions,\n ListSessionsOptions,\n ListUsersOptions,\n ListUserFeatureFlagsOptions,\n LogoutURLOptions,\n MagicAuth,\n MagicAuthResponse,\n PasswordReset,\n PasswordResetResponse,\n ResetPasswordOptions,\n SendVerificationEmailOptions,\n SerializedAuthenticateWithCodeAndVerifierOptions,\n SerializedAuthenticateWithCodeOptions,\n SerializedAuthenticateWithMagicAuthOptions,\n SerializedAuthenticateWithPasswordOptions,\n SerializedAuthenticateWithRefreshTokenOptions,\n SerializedAuthenticateWithRefreshTokenPublicClientOptions,\n SerializedAuthenticateWithTotpOptions,\n SerializedCreateMagicAuthOptions,\n SerializedCreatePasswordResetOptions,\n SerializedCreateUserOptions,\n SerializedListSessionsOptions,\n SerializedListUsersOptions,\n SerializedResetPasswordOptions,\n SerializedVerifyEmailOptions,\n Session,\n SessionResponse,\n UpdateUserOptions,\n User,\n UserResponse,\n VerifyEmailOptions,\n} from './interfaces';\nimport {\n AuthenticateWithEmailVerificationOptions,\n SerializedAuthenticateWithEmailVerificationOptions,\n} from './interfaces/authenticate-with-email-verification-options.interface';\nimport {\n AuthenticateWithOrganizationSelectionOptions,\n SerializedAuthenticateWithOrganizationSelectionOptions,\n} from './interfaces/authenticate-with-organization-selection.interface';\nimport {\n AccessToken,\n AuthenticateWithSessionCookieFailedResponse,\n AuthenticateWithSessionCookieFailureReason,\n AuthenticateWithSessionCookieOptions,\n AuthenticateWithSessionCookieSuccessResponse,\n SessionCookieData,\n} from './interfaces/authenticate-with-session-cookie.interface';\nimport {\n PKCEAuthorizationURLResult,\n UserManagementAuthorizationURLOptions,\n} from './interfaces/authorization-url-options.interface';\nimport {\n CreateOrganizationMembershipOptions,\n SerializedCreateOrganizationMembershipOptions,\n} from './interfaces/create-organization-membership-options.interface';\nimport {\n Factor,\n FactorResponse,\n FactorWithSecrets,\n FactorWithSecretsResponse,\n} from './interfaces/factor.interface';\nimport { Identity, IdentityResponse } from './interfaces/identity.interface';\nimport {\n Invitation,\n InvitationResponse,\n} from './interfaces/invitation.interface';\nimport {\n ListInvitationsOptions,\n SerializedListInvitationsOptions,\n} from './interfaces/list-invitations-options.interface';\nimport {\n ListOrganizationMembershipsOptions,\n SerializedListOrganizationMembershipsOptions,\n} from './interfaces/list-organization-memberships-options.interface';\nimport {\n OrganizationMembership,\n OrganizationMembershipResponse,\n} from './interfaces/organization-membership.interface';\nimport {\n RevokeSessionOptions,\n SerializedRevokeSessionOptions,\n serializeRevokeSessionOptions,\n} from './interfaces/revoke-session-options.interface';\nimport {\n ResendInvitationOptions,\n SerializedResendInvitationOptions,\n} from './interfaces/resend-invitation-options.interface';\nimport {\n SendInvitationOptions,\n SerializedSendInvitationOptions,\n} from './interfaces/send-invitation-options.interface';\nimport { SessionHandlerOptions } from './interfaces/session-handler-options.interface';\nimport {\n SerializedUpdateOrganizationMembershipOptions,\n UpdateOrganizationMembershipOptions,\n} from './interfaces/update-organization-membership-options.interface';\nimport {\n deserializeAuthenticationResponse,\n deserializeEmailVerification,\n deserializeFactorWithSecrets,\n deserializeMagicAuth,\n deserializePasswordReset,\n deserializeSession,\n deserializeUser,\n serializeAuthenticateWithCodeAndVerifierOptions,\n serializeAuthenticateWithCodeOptions,\n serializeAuthenticateWithMagicAuthOptions,\n serializeAuthenticateWithPasswordOptions,\n serializeAuthenticateWithRefreshTokenOptions,\n serializeAuthenticateWithRefreshTokenPublicClientOptions,\n serializeAuthenticateWithTotpOptions,\n serializeCreateMagicAuthOptions,\n serializeCreatePasswordResetOptions,\n serializeCreateUserOptions,\n serializeEnrollAuthFactorOptions,\n serializeListSessionsOptions,\n serializeResetPasswordOptions,\n serializeUpdateUserOptions,\n} from './serializers';\nimport { serializeAuthenticateWithEmailVerificationOptions } from './serializers/authenticate-with-email-verification.serializer';\nimport { serializeAuthenticateWithOrganizationSelectionOptions } from './serializers/authenticate-with-organization-selection-options.serializer';\nimport { serializeCreateOrganizationMembershipOptions } from './serializers/create-organization-membership-options.serializer';\nimport { deserializeFactor } from './serializers/factor.serializer';\nimport { deserializeIdentities } from './serializers/identity.serializer';\nimport { deserializeInvitation } from './serializers/invitation.serializer';\nimport { serializeListInvitationsOptions } from './serializers/list-invitations-options.serializer';\nimport { serializeListOrganizationMembershipsOptions } from './serializers/list-organization-memberships-options.serializer';\nimport { serializeListUsersOptions } from './serializers/list-users-options.serializer';\nimport { serializeResendInvitationOptions } from './serializers/resend-invitation-options.serializer';\nimport { deserializeOrganizationMembership } from './serializers/organization-membership.serializer';\nimport { serializeSendInvitationOptions } from './serializers/send-invitation-options.serializer';\nimport { serializeUpdateOrganizationMembershipOptions } from './serializers/update-organization-membership-options.serializer';\nimport { CookieSession } from './session';\nimport { getJose } from '../utils/jose';\n\nexport class UserManagement {\n private _jwks:\n | ReturnType<typeof import('jose').createRemoteJWKSet>\n | undefined;\n public clientId: string | undefined;\n\n constructor(private readonly workos: WorkOS) {\n const { clientId } = workos.options;\n\n this.clientId = clientId;\n }\n\n /**\n * Resolve clientId from method options or fall back to constructor-provided value.\n * @throws TypeError if clientId is not available from either source\n */\n private resolveClientId(clientId?: string): string {\n const resolved = clientId ?? this.clientId;\n if (!resolved) {\n throw new TypeError(\n 'clientId is required. Provide it in method options or when initializing WorkOS.',\n );\n }\n return resolved;\n }\n\n async getJWKS(): Promise<\n ReturnType<typeof import('jose').createRemoteJWKSet> | undefined\n > {\n const { createRemoteJWKSet } = await getJose();\n if (!this.clientId) {\n return;\n }\n\n // Set the JWKS URL. This is used to verify if the JWT is still valid\n this._jwks ??= createRemoteJWKSet(new URL(this.getJwksUrl(this.clientId)), {\n cooldownDuration: 1000 * 60 * 5,\n });\n\n return this._jwks;\n }\n\n /**\n * Loads a sealed session using the provided session data and cookie password.\n *\n * @param options - The options for loading the sealed session.\n * @param options.sessionData - The sealed session data.\n * @param options.cookiePassword - The password used to encrypt the session data.\n * @returns The session class.\n */\n loadSealedSession(options: {\n sessionData: string;\n cookiePassword: string;\n }): CookieSession {\n return new CookieSession(this, options.sessionData, options.cookiePassword);\n }\n\n async getUser(userId: string): Promise<User> {\n const { data } = await this.workos.get<UserResponse>(\n `/user_management/users/${userId}`,\n );\n\n return deserializeUser(data);\n }\n\n async getUserByExternalId(externalId: string): Promise<User> {\n const { data } = await this.workos.get<UserResponse>(\n `/user_management/users/external_id/${externalId}`,\n );\n\n return deserializeUser(data);\n }\n\n async listUsers(\n options?: ListUsersOptions,\n ): Promise<AutoPaginatable<User, SerializedListUsersOptions>> {\n return new AutoPaginatable(\n await fetchAndDeserialize<UserResponse, User>(\n this.workos,\n '/user_management/users',\n deserializeUser,\n options ? serializeListUsersOptions(options) : undefined,\n ),\n (params) =>\n fetchAndDeserialize<UserResponse, User>(\n this.workos,\n '/user_management/users',\n deserializeUser,\n params,\n ),\n options ? serializeListUsersOptions(options) : undefined,\n );\n }\n\n async createUser(payload: CreateUserOptions): Promise<User> {\n const { data } = await this.workos.post<\n UserResponse,\n SerializedCreateUserOptions\n >('/user_management/users', serializeCreateUserOptions(payload));\n\n return deserializeUser(data);\n }\n\n async authenticateWithMagicAuth(\n payload: AuthenticateWithMagicAuthOptions,\n ): Promise<AuthenticationResponse> {\n const { session, clientId, ...remainingPayload } = payload;\n const resolvedClientId = this.resolveClientId(clientId);\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithMagicAuthOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithMagicAuthOptions({\n ...remainingPayload,\n clientId: resolvedClientId,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithPassword(\n payload: AuthenticateWithPasswordOptions,\n ): Promise<AuthenticationResponse> {\n const { session, clientId, ...remainingPayload } = payload;\n const resolvedClientId = this.resolveClientId(clientId);\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithPasswordOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithPasswordOptions({\n ...remainingPayload,\n clientId: resolvedClientId,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n /**\n * Exchange an authorization code for tokens.\n *\n * Auto-detects public vs confidential client mode:\n * - If codeVerifier is provided: Uses PKCE flow (public client)\n * - If no codeVerifier: Uses client_secret from API key (confidential client)\n * - If both: Uses both client_secret AND codeVerifier (confidential client with PKCE)\n *\n * Using PKCE with confidential clients is recommended by OAuth 2.1 for defense\n * in depth and provides additional CSRF protection on the authorization flow.\n *\n * @throws Error if neither codeVerifier nor API key is available\n */\n async authenticateWithCode(\n payload: AuthenticateWithCodeOptions,\n ): Promise<AuthenticationResponse> {\n const { session, clientId, codeVerifier, ...remainingPayload } = payload;\n const resolvedClientId = this.resolveClientId(clientId);\n\n // Validate codeVerifier is not an empty string (common mistake)\n if (codeVerifier !== undefined && codeVerifier.trim() === '') {\n throw new TypeError(\n 'codeVerifier cannot be an empty string. ' +\n 'Generate a valid PKCE pair using workos.pkce.generate().',\n );\n }\n\n const hasApiKey = !!this.workos.key;\n const hasPKCE = !!codeVerifier;\n\n if (!hasPKCE && !hasApiKey) {\n throw new TypeError(\n 'authenticateWithCode requires either a codeVerifier (for public clients) ' +\n 'or an API key configured on the WorkOS instance (for confidential clients).',\n );\n }\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithCodeOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithCodeOptions({\n ...remainingPayload,\n clientId: resolvedClientId,\n codeVerifier,\n clientSecret: hasApiKey ? this.workos.key : undefined,\n }),\n { skipApiKeyCheck: !hasApiKey },\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n /**\n * Exchange an authorization code for tokens using PKCE (public client flow).\n * Use this instead of authenticateWithCode() when the client cannot securely\n * store a client_secret (browser, mobile, CLI, desktop apps).\n *\n * @param payload.clientId - Your WorkOS client ID\n * @param payload.code - The authorization code from the OAuth callback\n * @param payload.codeVerifier - The PKCE code verifier used to generate the code challenge\n */\n async authenticateWithCodeAndVerifier(\n payload: AuthenticateWithCodeAndVerifierOptions,\n ): Promise<AuthenticationResponse> {\n const { session, clientId, ...remainingPayload } = payload;\n const resolvedClientId = this.resolveClientId(clientId);\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithCodeAndVerifierOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithCodeAndVerifierOptions({\n ...remainingPayload,\n clientId: resolvedClientId,\n }),\n { skipApiKeyCheck: true },\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n /**\n * Refresh an access token using a refresh token.\n * Automatically detects public client mode - if no API key is configured,\n * omits client_secret from the request.\n */\n async authenticateWithRefreshToken(\n payload: AuthenticateWithRefreshTokenOptions,\n ): Promise<AuthenticationResponse> {\n const { session, clientId, ...remainingPayload } = payload;\n const resolvedClientId = this.resolveClientId(clientId);\n const isPublicClient = !this.workos.key;\n\n const body = isPublicClient\n ? serializeAuthenticateWithRefreshTokenPublicClientOptions({\n ...remainingPayload,\n clientId: resolvedClientId,\n })\n : serializeAuthenticateWithRefreshTokenOptions({\n ...remainingPayload,\n clientId: resolvedClientId,\n clientSecret: this.workos.key,\n });\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n | SerializedAuthenticateWithRefreshTokenOptions\n | SerializedAuthenticateWithRefreshTokenPublicClientOptions\n >('/user_management/authenticate', body, {\n skipApiKeyCheck: isPublicClient,\n });\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithTotp(\n payload: AuthenticateWithTotpOptions,\n ): Promise<AuthenticationResponse> {\n const { session, clientId, ...remainingPayload } = payload;\n const resolvedClientId = this.resolveClientId(clientId);\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithTotpOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithTotpOptions({\n ...remainingPayload,\n clientId: resolvedClientId,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithEmailVerification(\n payload: AuthenticateWithEmailVerificationOptions,\n ): Promise<AuthenticationResponse> {\n const { session, clientId, ...remainingPayload } = payload;\n const resolvedClientId = this.resolveClientId(clientId);\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithEmailVerificationOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithEmailVerificationOptions({\n ...remainingPayload,\n clientId: resolvedClientId,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithOrganizationSelection(\n payload: AuthenticateWithOrganizationSelectionOptions,\n ): Promise<AuthenticationResponse> {\n const { session, clientId, ...remainingPayload } = payload;\n const resolvedClientId = this.resolveClientId(clientId);\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithOrganizationSelectionOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithOrganizationSelectionOptions({\n ...remainingPayload,\n clientId: resolvedClientId,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithSessionCookie({\n sessionData,\n cookiePassword = getEnv('WORKOS_COOKIE_PASSWORD'),\n }: AuthenticateWithSessionCookieOptions): Promise<\n | AuthenticateWithSessionCookieSuccessResponse\n | AuthenticateWithSessionCookieFailedResponse\n > {\n if (!cookiePassword) {\n throw new Error('Cookie password is required');\n }\n\n const jwks = await this.getJWKS();\n\n if (!jwks) {\n throw new Error('Must provide clientId to initialize JWKS');\n }\n\n const { decodeJwt } = await getJose();\n\n if (!sessionData) {\n return {\n authenticated: false,\n reason:\n AuthenticateWithSessionCookieFailureReason.NO_SESSION_COOKIE_PROVIDED,\n };\n }\n\n const session = await unsealData<SessionCookieData>(sessionData, {\n password: cookiePassword,\n });\n\n if (!session.accessToken) {\n return {\n authenticated: false,\n reason:\n AuthenticateWithSessionCookieFailureReason.INVALID_SESSION_COOKIE,\n };\n }\n\n if (!(await this.isValidJwt(session.accessToken))) {\n return {\n authenticated: false,\n reason: AuthenticateWithSessionCookieFailureReason.INVALID_JWT,\n };\n }\n\n const {\n sid: sessionId,\n org_id: organizationId,\n role,\n roles,\n permissions,\n entitlements,\n feature_flags: featureFlags,\n } = decodeJwt<AccessToken>(session.accessToken);\n\n return {\n authenticated: true,\n sessionId,\n organizationId,\n role,\n roles,\n user: session.user,\n permissions,\n entitlements,\n featureFlags,\n accessToken: session.accessToken,\n authenticationMethod: session.authenticationMethod,\n };\n }\n\n private async isValidJwt(accessToken: string): Promise<boolean> {\n const jwks = await this.getJWKS();\n const { jwtVerify } = await getJose();\n if (!jwks) {\n throw new Error('Must provide clientId to initialize JWKS');\n }\n\n try {\n await jwtVerify(accessToken, jwks);\n return true;\n } catch (e) {\n // Only treat as invalid JWT if it's an actual JWT/JWS error from jose\n // Network errors, crypto failures, etc. should propagate\n if (\n e instanceof Error &&\n 'code' in e &&\n typeof e.code === 'string' &&\n (e.code.startsWith('ERR_JWT_') || e.code.startsWith('ERR_JWS_'))\n ) {\n return false;\n }\n throw e;\n }\n }\n\n private async prepareAuthenticationResponse({\n authenticationResponse,\n session,\n }: {\n authenticationResponse: AuthenticationResponse;\n session?: AuthenticateWithSessionOptions;\n }): Promise<AuthenticationResponse> {\n if (session?.sealSession) {\n if (!this.workos.key) {\n throw new Error(\n 'Session sealing requires server-side usage with an API key. ' +\n 'Public clients should store tokens directly ' +\n '(e.g., secure storage on mobile, keychain on desktop).',\n );\n }\n\n return {\n ...authenticationResponse,\n sealedSession: await this.sealSessionDataFromAuthenticationResponse({\n authenticationResponse,\n cookiePassword: session.cookiePassword,\n }),\n };\n }\n\n return authenticationResponse;\n }\n\n private async sealSessionDataFromAuthenticationResponse({\n authenticationResponse,\n cookiePassword,\n }: {\n authenticationResponse: AuthenticationResponse;\n cookiePassword?: string;\n }): Promise<string> {\n if (!cookiePassword) {\n throw new Error('Cookie password is required');\n }\n\n const { decodeJwt } = await getJose();\n\n const { org_id: organizationIdFromAccessToken } = decodeJwt<AccessToken>(\n authenticationResponse.accessToken,\n );\n\n const sessionData: SessionCookieData = {\n organizationId: organizationIdFromAccessToken,\n user: authenticationResponse.user,\n accessToken: authenticationResponse.accessToken,\n refreshToken: authenticationResponse.refreshToken,\n authenticationMethod: authenticationResponse.authenticationMethod,\n impersonator: authenticationResponse.impersonator,\n };\n\n return sealData(sessionData, {\n password: cookiePassword,\n });\n }\n\n async getSessionFromCookie({\n sessionData,\n cookiePassword = getEnv('WORKOS_COOKIE_PASSWORD'),\n }: SessionHandlerOptions): Promise<SessionCookieData | undefined> {\n if (!cookiePassword) {\n throw new Error('Cookie password is required');\n }\n\n if (sessionData) {\n return unsealData<SessionCookieData>(sessionData, {\n password: cookiePassword,\n });\n }\n\n return undefined;\n }\n\n async getEmailVerification(\n emailVerificationId: string,\n ): Promise<EmailVerification> {\n const { data } = await this.workos.get<EmailVerificationResponse>(\n `/user_management/email_verification/${emailVerificationId}`,\n );\n\n return deserializeEmailVerification(data);\n }\n\n async sendVerificationEmail({\n userId,\n }: SendVerificationEmailOptions): Promise<{ user: User }> {\n const { data } = await this.workos.post<{ user: UserResponse }>(\n `/user_management/users/${userId}/email_verification/send`,\n {},\n );\n\n return { user: deserializeUser(data.user) };\n }\n\n async getMagicAuth(magicAuthId: string): Promise<MagicAuth> {\n const { data } = await this.workos.get<MagicAuthResponse>(\n `/user_management/magic_auth/${magicAuthId}`,\n );\n\n return deserializeMagicAuth(data);\n }\n\n async createMagicAuth(options: CreateMagicAuthOptions): Promise<MagicAuth> {\n const { data } = await this.workos.post<\n MagicAuthResponse,\n SerializedCreateMagicAuthOptions\n >(\n '/user_management/magic_auth',\n serializeCreateMagicAuthOptions({\n ...options,\n }),\n );\n\n return deserializeMagicAuth(data);\n }\n\n async verifyEmail({\n code,\n userId,\n }: VerifyEmailOptions): Promise<{ user: User }> {\n const { data } = await this.workos.post<\n { user: UserResponse },\n SerializedVerifyEmailOptions\n >(`/user_management/users/${userId}/email_verification/confirm`, {\n code,\n });\n\n return { user: deserializeUser(data.user) };\n }\n\n async getPasswordReset(passwordResetId: string): Promise<PasswordReset> {\n const { data } = await this.workos.get<PasswordResetResponse>(\n `/user_management/password_reset/${passwordResetId}`,\n );\n\n return deserializePasswordReset(data);\n }\n\n async createPasswordReset(\n options: CreatePasswordResetOptions,\n ): Promise<PasswordReset> {\n const { data } = await this.workos.post<\n PasswordResetResponse,\n SerializedCreatePasswordResetOptions\n >(\n '/user_management/password_reset',\n serializeCreatePasswordResetOptions({\n ...options,\n }),\n );\n\n return deserializePasswordReset(data);\n }\n\n async resetPassword(payload: ResetPasswordOptions): Promise<{ user: User }> {\n const { data } = await this.workos.post<\n { user: UserResponse },\n SerializedResetPasswordOptions\n >(\n '/user_management/password_reset/confirm',\n serializeResetPasswordOptions(payload),\n );\n\n return { user: deserializeUser(data.user) };\n }\n\n async updateUser(payload: UpdateUserOptions): Promise<User> {\n const { data } = await this.workos.put<UserResponse>(\n `/user_management/users/${payload.userId}`,\n serializeUpdateUserOptions(payload),\n );\n\n return deserializeUser(data);\n }\n\n async enrollAuthFactor(payload: EnrollAuthFactorOptions): Promise<{\n authenticationFactor: FactorWithSecrets;\n authenticationChallenge: Challenge;\n }> {\n const { data } = await this.workos.post<{\n authentication_factor: FactorWithSecretsResponse;\n authentication_challenge: ChallengeResponse;\n }>(\n `/user_management/users/${payload.userId}/auth_factors`,\n serializeEnrollAuthFactorOptions(payload),\n );\n\n return {\n authenticationFactor: deserializeFactorWithSecrets(\n data.authentication_factor,\n ),\n authenticationChallenge: deserializeChallenge(\n data.authentication_challenge,\n ),\n };\n }\n\n async listAuthFactors(\n options: ListAuthFactorsOptions,\n ): Promise<AutoPaginatable<Factor, PaginationOptions>> {\n const { userId, ...restOfOptions } = options;\n return new AutoPaginatable(\n await fetchAndDeserialize<FactorResponse, Factor>(\n this.workos,\n `/user_management/users/${userId}/auth_factors`,\n deserializeFactor,\n restOfOptions,\n ),\n (params) =>\n fetchAndDeserialize<FactorResponse, Factor>(\n this.workos,\n `/user_management/users/${userId}/auth_factors`,\n deserializeFactor,\n params,\n ),\n restOfOptions,\n );\n }\n\n async listUserFeatureFlags(\n options: ListUserFeatureFlagsOptions,\n ): Promise<AutoPaginatable<FeatureFlag>> {\n const { userId, ...paginationOptions } = options;\n\n return new AutoPaginatable(\n await fetchAndDeserialize<FeatureFlagResponse, FeatureFlag>(\n this.workos,\n `/user_management/users/${userId}/feature-flags`,\n deserializeFeatureFlag,\n paginationOptions,\n ),\n (params) =>\n fetchAndDeserialize<FeatureFlagResponse, FeatureFlag>(\n this.workos,\n `/user_management/users/${userId}/feature-flags`,\n deserializeFeatureFlag,\n params,\n ),\n paginationOptions,\n );\n }\n\n async listSessions(\n userId: string,\n options?: ListSessionsOptions,\n ): Promise<AutoPaginatable<Session, SerializedListSessionsOptions>> {\n return new AutoPaginatable(\n await fetchAndDeserialize<SessionResponse, Session>(\n this.workos,\n `/user_management/users/${userId}/sessions`,\n deserializeSession,\n options ? serializeListSessionsOptions(options) : undefined,\n ),\n (params) =>\n fetchAndDeserialize<SessionResponse, Session>(\n this.workos,\n `/user_management/users/${userId}/sessions`,\n deserializeSession,\n params,\n ),\n options ? serializeListSessionsOptions(options) : undefined,\n );\n }\n\n async deleteUser(userId: string) {\n await this.workos.delete(`/user_management/users/${userId}`);\n }\n\n async getUserIdentities(userId: string): Promise<Identity[]> {\n if (!userId) {\n throw new TypeError(`Incomplete arguments. Need to specify 'userId'.`);\n }\n\n const { data } = await this.workos.get<IdentityResponse[]>(\n `/user_management/users/${userId}/identities`,\n );\n\n return deserializeIdentities(data);\n }\n\n async getOrganizationMembership(\n organizationMembershipId: string,\n ): Promise<OrganizationMembership> {\n const { data } = await this.workos.get<OrganizationMembershipResponse>(\n `/user_management/organization_memberships/${organizationMembershipId}`,\n );\n\n return deserializeOrganizationMembership(data);\n }\n\n async listOrganizationMemberships(\n options: ListOrganizationMembershipsOptions,\n ): Promise<\n AutoPaginatable<\n OrganizationMembership,\n SerializedListOrganizationMembershipsOptions\n >\n > {\n const serializedOptions =\n serializeListOrganizationMembershipsOptions(options);\n\n return new AutoPaginatable(\n await fetchAndDeserialize<\n OrganizationMembershipResponse,\n OrganizationMembership\n >(\n this.workos,\n '/user_management/organization_memberships',\n deserializeOrganizationMembership,\n serializedOptions,\n ),\n (params) =>\n fetchAndDeserialize<\n OrganizationMembershipResponse,\n OrganizationMembership\n >(\n this.workos,\n '/user_management/organization_memberships',\n deserializeOrganizationMembership,\n params,\n ),\n serializedOptions,\n );\n }\n\n async createOrganizationMembership(\n options: CreateOrganizationMembershipOptions,\n ): Promise<OrganizationMembership> {\n const { data } = await this.workos.post<\n OrganizationMembershipResponse,\n SerializedCreateOrganizationMembershipOptions\n >(\n '/user_management/organization_memberships',\n serializeCreateOrganizationMembershipOptions(options),\n );\n\n return deserializeOrganizationMembership(data);\n }\n\n async updateOrganizationMembership(\n organizationMembershipId: string,\n options: UpdateOrganizationMembershipOptions,\n ): Promise<OrganizationMembership> {\n const { data } = await this.workos.put<\n OrganizationMembershipResponse,\n SerializedUpdateOrganizationMembershipOptions\n >(\n `/user_management/organization_memberships/${organizationMembershipId}`,\n serializeUpdateOrganizationMembershipOptions(options),\n );\n\n return deserializeOrganizationMembership(data);\n }\n\n async deleteOrganizationMembership(\n organizationMembershipId: string,\n ): Promise<void> {\n await this.workos.delete(\n `/user_management/organization_memberships/${organizationMembershipId}`,\n );\n }\n\n async deactivateOrganizationMembership(\n organizationMembershipId: string,\n ): Promise<OrganizationMembership> {\n const { data } = await this.workos.put<OrganizationMembershipResponse>(\n `/user_management/organization_memberships/${organizationMembershipId}/deactivate`,\n {},\n );\n\n return deserializeOrganizationMembership(data);\n }\n\n async reactivateOrganizationMembership(\n organizationMembershipId: string,\n ): Promise<OrganizationMembership> {\n const { data } = await this.workos.put<OrganizationMembershipResponse>(\n `/user_management/organization_memberships/${organizationMembershipId}/reactivate`,\n {},\n );\n\n return deserializeOrganizationMembership(data);\n }\n\n async getInvitation(invitationId: string): Promise<Invitation> {\n const { data } = await this.workos.get<InvitationResponse>(\n `/user_management/invitations/${invitationId}`,\n );\n\n return deserializeInvitation(data);\n }\n\n async findInvitationByToken(invitationToken: string): Promise<Invitation> {\n const { data } = await this.workos.get<InvitationResponse>(\n `/user_management/invitations/by_token/${invitationToken}`,\n );\n\n return deserializeInvitation(data);\n }\n\n async listInvitations(\n options: ListInvitationsOptions,\n ): Promise<AutoPaginatable<Invitation, SerializedListInvitationsOptions>> {\n return new AutoPaginatable(\n await fetchAndDeserialize<InvitationResponse, Invitation>(\n this.workos,\n '/user_management/invitations',\n deserializeInvitation,\n options ? serializeListInvitationsOptions(options) : undefined,\n ),\n (params) =>\n fetchAndDeserialize<InvitationResponse, Invitation>(\n this.workos,\n '/user_management/invitations',\n deserializeInvitation,\n params,\n ),\n options ? serializeListInvitationsOptions(options) : undefined,\n );\n }\n\n async sendInvitation(payload: SendInvitationOptions): Promise<Invitation> {\n const { data } = await this.workos.post<\n InvitationResponse,\n SerializedSendInvitationOptions\n >(\n '/user_management/invitations',\n serializeSendInvitationOptions({\n ...payload,\n }),\n );\n\n return deserializeInvitation(data);\n }\n\n async acceptInvitation(invitationId: string): Promise<Invitation> {\n const { data } = await this.workos.post<InvitationResponse, any>(\n `/user_management/invitations/${invitationId}/accept`,\n null,\n );\n\n return deserializeInvitation(data);\n }\n\n async revokeInvitation(invitationId: string): Promise<Invitation> {\n const { data } = await this.workos.post<InvitationResponse, any>(\n `/user_management/invitations/${invitationId}/revoke`,\n null,\n );\n\n return deserializeInvitation(data);\n }\n\n async resendInvitation(\n invitationId: string,\n options?: ResendInvitationOptions,\n ): Promise<Invitation> {\n const { data } = await this.workos.post<\n InvitationResponse,\n SerializedResendInvitationOptions\n >(\n `/user_management/invitations/${invitationId}/resend`,\n options ? serializeResendInvitationOptions(options) : {},\n );\n\n return deserializeInvitation(data);\n }\n\n async revokeSession(payload: RevokeSessionOptions): Promise<void> {\n await this.workos.post<void, SerializedRevokeSessionOptions>(\n '/user_management/sessions/revoke',\n serializeRevokeSessionOptions(payload),\n );\n }\n\n /**\n * Generate an OAuth 2.0 authorization URL.\n *\n * For public clients (browser, mobile, CLI), include PKCE parameters:\n * - Generate PKCE using workos.pkce.generate()\n * - Pass codeChallenge and codeChallengeMethod here\n * - Store codeVerifier and pass to authenticateWithCode() later\n *\n * Or use getAuthorizationUrlWithPKCE() which handles PKCE automatically.\n */\n getAuthorizationUrl(options: UserManagementAuthorizationURLOptions): string {\n const {\n connectionId,\n codeChallenge,\n codeChallengeMethod,\n clientId,\n domainHint,\n loginHint,\n organizationId,\n provider,\n providerQueryParams,\n providerScopes,\n prompt,\n redirectUri,\n state,\n screenHint,\n } = options;\n const resolvedClientId = this.resolveClientId(clientId);\n\n if (!provider && !connectionId && !organizationId) {\n throw new TypeError(\n `Incomplete arguments. Need to specify either a 'connectionId', 'organizationId', or 'provider'.`,\n );\n }\n\n if (provider !== 'authkit' && screenHint) {\n throw new TypeError(\n `'screenHint' is only supported for 'authkit' provider`,\n );\n }\n\n const query = toQueryString({\n connection_id: connectionId,\n code_challenge: codeChallenge,\n code_challenge_method: codeChallengeMethod,\n organization_id: organizationId,\n domain_hint: domainHint,\n login_hint: loginHint,\n provider,\n provider_query_params: providerQueryParams,\n provider_scopes: providerScopes,\n prompt,\n client_id: resolvedClientId,\n redirect_uri: redirectUri,\n response_type: 'code',\n state,\n screen_hint: screenHint,\n });\n\n return `${this.workos.baseURL}/user_management/authorize?${query}`;\n }\n\n /**\n * Generate an OAuth 2.0 authorization URL with automatic PKCE.\n *\n * This method generates PKCE parameters internally and returns them along with\n * the authorization URL. Use this for public clients (CLI apps, Electron, mobile)\n * that cannot securely store a client secret.\n *\n * @returns Object containing url, state, and codeVerifier\n *\n * @example\n * ```typescript\n * const { url, state, codeVerifier } = await workos.userManagement.getAuthorizationUrlWithPKCE({\n * provider: 'authkit',\n * clientId: 'client_123',\n * redirectUri: 'myapp://callback',\n * });\n *\n * // Store state and codeVerifier securely, then redirect user to url\n * // After callback, exchange the code:\n * const response = await workos.userManagement.authenticateWithCode({\n * code: authorizationCode,\n * codeVerifier,\n * clientId: 'client_123',\n * });\n * ```\n */\n async getAuthorizationUrlWithPKCE(\n options: Omit<\n UserManagementAuthorizationURLOptions,\n 'codeChallenge' | 'codeChallengeMethod' | 'state'\n >,\n ): Promise<PKCEAuthorizationURLResult> {\n const {\n clientId,\n connectionId,\n domainHint,\n loginHint,\n organizationId,\n provider,\n providerQueryParams,\n providerScopes,\n prompt,\n redirectUri,\n screenHint,\n } = options;\n const resolvedClientId = this.resolveClientId(clientId);\n\n if (!provider && !connectionId && !organizationId) {\n throw new TypeError(\n `Incomplete arguments. Need to specify either a 'connectionId', 'organizationId', or 'provider'.`,\n );\n }\n\n if (provider !== 'authkit' && screenHint) {\n throw new TypeError(\n `'screenHint' is only supported for 'authkit' provider`,\n );\n }\n\n // Generate PKCE parameters\n const pkce = await this.workos.pkce.generate();\n\n // Generate secure random state\n const state = this.workos.pkce.generateCodeVerifier(43);\n\n const query = toQueryString({\n connection_id: connectionId,\n code_challenge: pkce.codeChallenge,\n code_challenge_method: 'S256',\n organization_id: organizationId,\n domain_hint: domainHint,\n login_hint: loginHint,\n provider,\n provider_query_params: providerQueryParams,\n provider_scopes: providerScopes,\n prompt,\n client_id: resolvedClientId,\n redirect_uri: redirectUri,\n response_type: 'code',\n state,\n screen_hint: screenHint,\n });\n\n const url = `${this.workos.baseURL}/user_management/authorize?${query}`;\n\n return { url, state, codeVerifier: pkce.codeVerifier };\n }\n\n getLogoutUrl(options: LogoutURLOptions): string {\n const { sessionId, returnTo } = options;\n\n if (!sessionId) {\n throw new TypeError(`Incomplete arguments. Need to specify 'sessionId'.`);\n }\n\n const url = new URL(\n '/user_management/sessions/logout',\n this.workos.baseURL,\n );\n\n url.searchParams.set('session_id', sessionId);\n if (returnTo) {\n url.searchParams.set('return_to', returnTo);\n }\n\n return url.toString();\n }\n\n getJwksUrl(clientId: string): string {\n if (!clientId) {\n throw new TypeError('clientId must be a valid clientId');\n }\n\n return `${this.workos.baseURL}/sso/jwks/${clientId}`;\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsKA,IAAa,iBAAb,MAA4B;CAC1B,AAAQ;CAGR,AAAO;CAEP,YAAY,AAAiBA,QAAgB;EAAhB;EAC3B,MAAM,EAAE,aAAa,OAAO;AAE5B,OAAK,WAAW;;;;;;CAOlB,AAAQ,gBAAgB,UAA2B;EACjD,MAAM,WAAW,YAAY,KAAK;AAClC,MAAI,CAAC,SACH,OAAM,IAAI,UACR,kFACD;AAEH,SAAO;;CAGT,MAAM,UAEJ;EACA,MAAM,EAAE,uBAAuB,MAAMC,sBAAS;AAC9C,MAAI,CAAC,KAAK,SACR;AAIF,OAAK,UAAU,mBAAmB,IAAI,IAAI,KAAK,WAAW,KAAK,SAAS,CAAC,EAAE,EACzE,kBAAkB,MAAO,KAAK,GAC/B,CAAC;AAEF,SAAO,KAAK;;;;;;;;;;CAWd,kBAAkB,SAGA;AAChB,SAAO,IAAIC,8BAAc,MAAM,QAAQ,aAAa,QAAQ,eAAe;;CAG7E,MAAM,QAAQ,QAA+B;EAC3C,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,IACjC,0BAA0B,SAC3B;AAED,SAAOC,wCAAgB,KAAK;;CAG9B,MAAM,oBAAoB,YAAmC;EAC3D,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,IACjC,sCAAsC,aACvC;AAED,SAAOA,wCAAgB,KAAK;;CAG9B,MAAM,UACJ,SAC4D;AAC5D,SAAO,IAAIC,mCACT,MAAMC,kDACJ,KAAK,QACL,0BACAF,yCACA,UAAUG,gEAA0B,QAAQ,GAAG,OAChD,GACA,WACCD,kDACE,KAAK,QACL,0BACAF,yCACA,OACD,EACH,UAAUG,gEAA0B,QAAQ,GAAG,OAChD;;CAGH,MAAM,WAAW,SAA2C;EAC1D,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAGjC,0BAA0BC,kEAA2B,QAAQ,CAAC;AAEhE,SAAOJ,wCAAgB,KAAK;;CAG9B,MAAM,0BACJ,SACiC;EACjC,MAAM,EAAE,SAAS,UAAU,GAAG,qBAAqB;EACnD,MAAM,mBAAmB,KAAK,gBAAgB,SAAS;EAEvD,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAIjC,iCACAK,kGAA0C;GACxC,GAAG;GACH,UAAU;GACV,cAAc,KAAK,OAAO;GAC3B,CAAC,CACH;AAED,SAAO,KAAK,8BAA8B;GACxC,wBAAwBC,6EAAkC,KAAK;GAC/D;GACD,CAAC;;CAGJ,MAAM,yBACJ,SACiC;EACjC,MAAM,EAAE,SAAS,UAAU,GAAG,qBAAqB;EACnD,MAAM,mBAAmB,KAAK,gBAAgB,SAAS;EAEvD,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAIjC,iCACAC,+FAAyC;GACvC,GAAG;GACH,UAAU;GACV,cAAc,KAAK,OAAO;GAC3B,CAAC,CACH;AAED,SAAO,KAAK,8BAA8B;GACxC,wBAAwBD,6EAAkC,KAAK;GAC/D;GACD,CAAC;;;;;;;;;;;;;;;CAgBJ,MAAM,qBACJ,SACiC;EACjC,MAAM,EAAE,SAAS,UAAU,cAAc,GAAG,qBAAqB;EACjE,MAAM,mBAAmB,KAAK,gBAAgB,SAAS;AAGvD,MAAI,iBAAiB,UAAa,aAAa,MAAM,KAAK,GACxD,OAAM,IAAI,UACR,mGAED;EAGH,MAAM,YAAY,CAAC,CAAC,KAAK,OAAO;AAGhC,MAAI,CAFY,CAAC,CAAC,gBAEF,CAAC,UACf,OAAM,IAAI,UACR,uJAED;EAGH,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAIjC,iCACAE,uFAAqC;GACnC,GAAG;GACH,UAAU;GACV;GACA,cAAc,YAAY,KAAK,OAAO,MAAM;GAC7C,CAAC,EACF,EAAE,iBAAiB,CAAC,WAAW,CAChC;AAED,SAAO,KAAK,8BAA8B;GACxC,wBAAwBF,6EAAkC,KAAK;GAC/D;GACD,CAAC;;;;;;;;;;;CAYJ,MAAM,gCACJ,SACiC;EACjC,MAAM,EAAE,SAAS,UAAU,GAAG,qBAAqB;EACnD,MAAM,mBAAmB,KAAK,gBAAgB,SAAS;EAEvD,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAIjC,iCACAG,+GAAgD;GAC9C,GAAG;GACH,UAAU;GACX,CAAC,EACF,EAAE,iBAAiB,MAAM,CAC1B;AAED,SAAO,KAAK,8BAA8B;GACxC,wBAAwBH,6EAAkC,KAAK;GAC/D;GACD,CAAC;;;;;;;CAQJ,MAAM,6BACJ,SACiC;EACjC,MAAM,EAAE,SAAS,UAAU,GAAG,qBAAqB;EACnD,MAAM,mBAAmB,KAAK,gBAAgB,SAAS;EACvD,MAAM,iBAAiB,CAAC,KAAK,OAAO;EAEpC,MAAM,OAAO,iBACTI,kIAAyD;GACvD,GAAG;GACH,UAAU;GACX,CAAC,GACFC,wGAA6C;GAC3C,GAAG;GACH,UAAU;GACV,cAAc,KAAK,OAAO;GAC3B,CAAC;EAEN,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAIjC,iCAAiC,MAAM,EACvC,iBAAiB,gBAClB,CAAC;AAEF,SAAO,KAAK,8BAA8B;GACxC,wBAAwBL,6EAAkC,KAAK;GAC/D;GACD,CAAC;;CAGJ,MAAM,qBACJ,SACiC;EACjC,MAAM,EAAE,SAAS,UAAU,GAAG,qBAAqB;EACnD,MAAM,mBAAmB,KAAK,gBAAgB,SAAS;EAEvD,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAIjC,iCACAM,uFAAqC;GACnC,GAAG;GACH,UAAU;GACV,cAAc,KAAK,OAAO;GAC3B,CAAC,CACH;AAED,SAAO,KAAK,8BAA8B;GACxC,wBAAwBN,6EAAkC,KAAK;GAC/D;GACD,CAAC;;CAGJ,MAAM,kCACJ,SACiC;EACjC,MAAM,EAAE,SAAS,UAAU,GAAG,qBAAqB;EACnD,MAAM,mBAAmB,KAAK,gBAAgB,SAAS;EAEvD,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAIjC,iCACAO,0GAAkD;GAChD,GAAG;GACH,UAAU;GACV,cAAc,KAAK,OAAO;GAC3B,CAAC,CACH;AAED,SAAO,KAAK,8BAA8B;GACxC,wBAAwBP,6EAAkC,KAAK;GAC/D;GACD,CAAC;;CAGJ,MAAM,sCACJ,SACiC;EACjC,MAAM,EAAE,SAAS,UAAU,GAAG,qBAAqB;EACnD,MAAM,mBAAmB,KAAK,gBAAgB,SAAS;EAEvD,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAIjC,iCACAQ,0HAAsD;GACpD,GAAG;GACH,UAAU;GACV,cAAc,KAAK,OAAO;GAC3B,CAAC,CACH;AAED,SAAO,KAAK,8BAA8B;GACxC,wBAAwBR,6EAAkC,KAAK;GAC/D;GACD,CAAC;;CAGJ,MAAM,8BAA8B,EAClC,aACA,iBAAiBS,mBAAO,yBAAyB,IAIjD;AACA,MAAI,CAAC,eACH,OAAM,IAAI,MAAM,8BAA8B;AAKhD,MAAI,CAFS,MAAM,KAAK,SAAS,CAG/B,OAAM,IAAI,MAAM,2CAA2C;EAG7D,MAAM,EAAE,cAAc,MAAMjB,sBAAS;AAErC,MAAI,CAAC,YACH,QAAO;GACL,eAAe;GACf,QACEkB,8FAA2C;GAC9C;EAGH,MAAM,UAAU,MAAMC,wBAA8B,aAAa,EAC/D,UAAU,gBACX,CAAC;AAEF,MAAI,CAAC,QAAQ,YACX,QAAO;GACL,eAAe;GACf,QACED,8FAA2C;GAC9C;AAGH,MAAI,CAAE,MAAM,KAAK,WAAW,QAAQ,YAAY,CAC9C,QAAO;GACL,eAAe;GACf,QAAQA,8FAA2C;GACpD;EAGH,MAAM,EACJ,KAAK,WACL,QAAQ,gBACR,MACA,OACA,aACA,cACA,eAAe,iBACb,UAAuB,QAAQ,YAAY;AAE/C,SAAO;GACL,eAAe;GACf;GACA;GACA;GACA;GACA,MAAM,QAAQ;GACd;GACA;GACA;GACA,aAAa,QAAQ;GACrB,sBAAsB,QAAQ;GAC/B;;CAGH,MAAc,WAAW,aAAuC;EAC9D,MAAM,OAAO,MAAM,KAAK,SAAS;EACjC,MAAM,EAAE,cAAc,MAAMlB,sBAAS;AACrC,MAAI,CAAC,KACH,OAAM,IAAI,MAAM,2CAA2C;AAG7D,MAAI;AACF,SAAM,UAAU,aAAa,KAAK;AAClC,UAAO;WACA,GAAG;AAGV,OACE,aAAa,SACb,UAAU,KACV,OAAO,EAAE,SAAS,aACjB,EAAE,KAAK,WAAW,WAAW,IAAI,EAAE,KAAK,WAAW,WAAW,EAE/D,QAAO;AAET,SAAM;;;CAIV,MAAc,8BAA8B,EAC1C,wBACA,WAIkC;AAClC,MAAI,SAAS,aAAa;AACxB,OAAI,CAAC,KAAK,OAAO,IACf,OAAM,IAAI,MACR,iKAGD;AAGH,UAAO;IACL,GAAG;IACH,eAAe,MAAM,KAAK,0CAA0C;KAClE;KACA,gBAAgB,QAAQ;KACzB,CAAC;IACH;;AAGH,SAAO;;CAGT,MAAc,0CAA0C,EACtD,wBACA,kBAIkB;AAClB,MAAI,CAAC,eACH,OAAM,IAAI,MAAM,8BAA8B;EAGhD,MAAM,EAAE,cAAc,MAAMA,sBAAS;EAErC,MAAM,EAAE,QAAQ,kCAAkC,UAChD,uBAAuB,YACxB;AAWD,SAAOoB,sBATgC;GACrC,gBAAgB;GAChB,MAAM,uBAAuB;GAC7B,aAAa,uBAAuB;GACpC,cAAc,uBAAuB;GACrC,sBAAsB,uBAAuB;GAC7C,cAAc,uBAAuB;GACtC,EAE4B,EAC3B,UAAU,gBACX,CAAC;;CAGJ,MAAM,qBAAqB,EACzB,aACA,iBAAiBH,mBAAO,yBAAyB,IACe;AAChE,MAAI,CAAC,eACH,OAAM,IAAI,MAAM,8BAA8B;AAGhD,MAAI,YACF,QAAOE,wBAA8B,aAAa,EAChD,UAAU,gBACX,CAAC;;CAMN,MAAM,qBACJ,qBAC4B;EAC5B,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,IACjC,uCAAuC,sBACxC;AAED,SAAOE,mEAA6B,KAAK;;CAG3C,MAAM,sBAAsB,EAC1B,UACwD;EACxD,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KACjC,0BAA0B,OAAO,2BACjC,EAAE,CACH;AAED,SAAO,EAAE,MAAMnB,wCAAgB,KAAK,KAAK,EAAE;;CAG7C,MAAM,aAAa,aAAyC;EAC1D,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,IACjC,+BAA+B,cAChC;AAED,SAAOoB,mDAAqB,KAAK;;CAGnC,MAAM,gBAAgB,SAAqD;EACzE,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAIjC,+BACAC,6EAAgC,EAC9B,GAAG,SACJ,CAAC,CACH;AAED,SAAOD,mDAAqB,KAAK;;CAGnC,MAAM,YAAY,EAChB,MACA,UAC8C;EAC9C,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAGjC,0BAA0B,OAAO,8BAA8B,EAC/D,MACD,CAAC;AAEF,SAAO,EAAE,MAAMpB,wCAAgB,KAAK,KAAK,EAAE;;CAG7C,MAAM,iBAAiB,iBAAiD;EACtE,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,IACjC,mCAAmC,kBACpC;AAED,SAAOsB,2DAAyB,KAAK;;CAGvC,MAAM,oBACJ,SACwB;EACxB,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAIjC,mCACAC,qFAAoC,EAClC,GAAG,SACJ,CAAC,CACH;AAED,SAAOD,2DAAyB,KAAK;;CAGvC,MAAM,cAAc,SAAwD;EAC1E,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAIjC,2CACAE,wEAA8B,QAAQ,CACvC;AAED,SAAO,EAAE,MAAMxB,wCAAgB,KAAK,KAAK,EAAE;;CAG7C,MAAM,WAAW,SAA2C;EAC1D,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,IACjC,0BAA0B,QAAQ,UAClCyB,kEAA2B,QAAQ,CACpC;AAED,SAAOzB,wCAAgB,KAAK;;CAG9B,MAAM,iBAAiB,SAGpB;EACD,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAIjC,0BAA0B,QAAQ,OAAO,gBACzC0B,+EAAiC,QAAQ,CAC1C;AAED,SAAO;GACL,sBAAsBC,uDACpB,KAAK,sBACN;GACD,yBAAyBC,kDACvB,KAAK,yBACN;GACF;;CAGH,MAAM,gBACJ,SACqD;EACrD,MAAM,EAAE,QAAQ,GAAG,kBAAkB;AACrC,SAAO,IAAI3B,mCACT,MAAMC,kDACJ,KAAK,QACL,0BAA0B,OAAO,gBACjC2B,6CACA,cACD,GACA,WACC3B,kDACE,KAAK,QACL,0BAA0B,OAAO,gBACjC2B,6CACA,OACD,EACH,cACD;;CAGH,MAAM,qBACJ,SACuC;EACvC,MAAM,EAAE,QAAQ,GAAG,sBAAsB;AAEzC,SAAO,IAAI5B,mCACT,MAAMC,kDACJ,KAAK,QACL,0BAA0B,OAAO,iBACjC4B,wDACA,kBACD,GACA,WACC5B,kDACE,KAAK,QACL,0BAA0B,OAAO,iBACjC4B,wDACA,OACD,EACH,kBACD;;CAGH,MAAM,aACJ,QACA,SACkE;AAClE,SAAO,IAAI7B,mCACT,MAAMC,kDACJ,KAAK,QACL,0BAA0B,OAAO,YACjC6B,+CACA,UAAUC,sEAA6B,QAAQ,GAAG,OACnD,GACA,WACC9B,kDACE,KAAK,QACL,0BAA0B,OAAO,YACjC6B,+CACA,OACD,EACH,UAAUC,sEAA6B,QAAQ,GAAG,OACnD;;CAGH,MAAM,WAAW,QAAgB;AAC/B,QAAM,KAAK,OAAO,OAAO,0BAA0B,SAAS;;CAG9D,MAAM,kBAAkB,QAAqC;AAC3D,MAAI,CAAC,OACH,OAAM,IAAI,UAAU,kDAAkD;EAGxE,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,IACjC,0BAA0B,OAAO,aAClC;AAED,SAAOC,kDAAsB,KAAK;;CAGpC,MAAM,0BACJ,0BACiC;EACjC,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,IACjC,6CAA6C,2BAC9C;AAED,SAAOC,6EAAkC,KAAK;;CAGhD,MAAM,4BACJ,SAMA;EACA,MAAM,oBACJC,qGAA4C,QAAQ;AAEtD,SAAO,IAAIlC,mCACT,MAAMC,kDAIJ,KAAK,QACL,6CACAgC,8EACA,kBACD,GACA,WACChC,kDAIE,KAAK,QACL,6CACAgC,8EACA,OACD,EACH,kBACD;;CAGH,MAAM,6BACJ,SACiC;EACjC,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAIjC,6CACAE,uGAA6C,QAAQ,CACtD;AAED,SAAOF,6EAAkC,KAAK;;CAGhD,MAAM,6BACJ,0BACA,SACiC;EACjC,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,IAIjC,6CAA6C,4BAC7CG,uGAA6C,QAAQ,CACtD;AAED,SAAOH,6EAAkC,KAAK;;CAGhD,MAAM,6BACJ,0BACe;AACf,QAAM,KAAK,OAAO,OAChB,6CAA6C,2BAC9C;;CAGH,MAAM,iCACJ,0BACiC;EACjC,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,IACjC,6CAA6C,yBAAyB,cACtE,EAAE,CACH;AAED,SAAOA,6EAAkC,KAAK;;CAGhD,MAAM,iCACJ,0BACiC;EACjC,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,IACjC,6CAA6C,yBAAyB,cACtE,EAAE,CACH;AAED,SAAOA,6EAAkC,KAAK;;CAGhD,MAAM,cAAc,cAA2C;EAC7D,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,IACjC,gCAAgC,eACjC;AAED,SAAOI,oDAAsB,KAAK;;CAGpC,MAAM,sBAAsB,iBAA8C;EACxE,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,IACjC,yCAAyC,kBAC1C;AAED,SAAOA,oDAAsB,KAAK;;CAGpC,MAAM,gBACJ,SACwE;AACxE,SAAO,IAAIrC,mCACT,MAAMC,kDACJ,KAAK,QACL,gCACAoC,qDACA,UAAUC,4EAAgC,QAAQ,GAAG,OACtD,GACA,WACCrC,kDACE,KAAK,QACL,gCACAoC,qDACA,OACD,EACH,UAAUC,4EAAgC,QAAQ,GAAG,OACtD;;CAGH,MAAM,eAAe,SAAqD;EACxE,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAIjC,gCACAC,0EAA+B,EAC7B,GAAG,SACJ,CAAC,CACH;AAED,SAAOF,oDAAsB,KAAK;;CAGpC,MAAM,iBAAiB,cAA2C;EAChE,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KACjC,gCAAgC,aAAa,UAC7C,KACD;AAED,SAAOA,oDAAsB,KAAK;;CAGpC,MAAM,iBAAiB,cAA2C;EAChE,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KACjC,gCAAgC,aAAa,UAC7C,KACD;AAED,SAAOA,oDAAsB,KAAK;;CAGpC,MAAM,iBACJ,cACA,SACqB;EACrB,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAIjC,gCAAgC,aAAa,UAC7C,UAAUG,8EAAiC,QAAQ,GAAG,EAAE,CACzD;AAED,SAAOH,oDAAsB,KAAK;;CAGpC,MAAM,cAAc,SAA8C;AAChE,QAAM,KAAK,OAAO,KAChB,oCACAI,uEAA8B,QAAQ,CACvC;;;;;;;;;;;;CAaH,oBAAoB,SAAwD;EAC1E,MAAM,EACJ,cACA,eACA,qBACA,UACA,YACA,WACA,gBACA,UACA,qBACA,gBACA,QACA,aACA,OACA,eACE;EACJ,MAAM,mBAAmB,KAAK,gBAAgB,SAAS;AAEvD,MAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,eACjC,OAAM,IAAI,UACR,kGACD;AAGH,MAAI,aAAa,aAAa,WAC5B,OAAM,IAAI,UACR,wDACD;EAGH,MAAM,QAAQC,mCAAc;GAC1B,eAAe;GACf,gBAAgB;GAChB,uBAAuB;GACvB,iBAAiB;GACjB,aAAa;GACb,YAAY;GACZ;GACA,uBAAuB;GACvB,iBAAiB;GACjB;GACA,WAAW;GACX,cAAc;GACd,eAAe;GACf;GACA,aAAa;GACd,CAAC;AAEF,SAAO,GAAG,KAAK,OAAO,QAAQ,6BAA6B;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA6B7D,MAAM,4BACJ,SAIqC;EACrC,MAAM,EACJ,UACA,cACA,YACA,WACA,gBACA,UACA,qBACA,gBACA,QACA,aACA,eACE;EACJ,MAAM,mBAAmB,KAAK,gBAAgB,SAAS;AAEvD,MAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,eACjC,OAAM,IAAI,UACR,kGACD;AAGH,MAAI,aAAa,aAAa,WAC5B,OAAM,IAAI,UACR,wDACD;EAIH,MAAM,OAAO,MAAM,KAAK,OAAO,KAAK,UAAU;EAG9C,MAAM,QAAQ,KAAK,OAAO,KAAK,qBAAqB,GAAG;EAEvD,MAAM,QAAQA,mCAAc;GAC1B,eAAe;GACf,gBAAgB,KAAK;GACrB,uBAAuB;GACvB,iBAAiB;GACjB,aAAa;GACb,YAAY;GACZ;GACA,uBAAuB;GACvB,iBAAiB;GACjB;GACA,WAAW;GACX,cAAc;GACd,eAAe;GACf;GACA,aAAa;GACd,CAAC;AAIF,SAAO;GAAE,KAFG,GAAG,KAAK,OAAO,QAAQ,6BAA6B;GAElD;GAAO,cAAc,KAAK;GAAc;;CAGxD,aAAa,SAAmC;EAC9C,MAAM,EAAE,WAAW,aAAa;AAEhC,MAAI,CAAC,UACH,OAAM,IAAI,UAAU,qDAAqD;EAG3E,MAAM,MAAM,IAAI,IACd,oCACA,KAAK,OAAO,QACb;AAED,MAAI,aAAa,IAAI,cAAc,UAAU;AAC7C,MAAI,SACF,KAAI,aAAa,IAAI,aAAa,SAAS;AAG7C,SAAO,IAAI,UAAU;;CAGvB,WAAW,UAA0B;AACnC,MAAI,CAAC,SACH,OAAM,IAAI,UAAU,oCAAoC;AAG1D,SAAO,GAAG,KAAK,OAAO,QAAQ,YAAY"}

package/lib/user.interface-Bln_2b82.cjs ADDED Viewed

File without changes

package/lib/user.interface-SwAIYLNB.d.cts ADDED Viewed

@@ -0,0 +1,34 @@
+//#region src/user-management/interfaces/user.interface.d.ts
+interface User {
+  object: 'user';
+  id: string;
+  email: string;
+  emailVerified: boolean;
+  profilePictureUrl: string | null;
+  firstName: string | null;
+  lastName: string | null;
+  lastSignInAt: string | null;
+  locale: string | null;
+  createdAt: string;
+  updatedAt: string;
+  externalId: string | null;
+  metadata: Record<string, string>;
+}
+interface UserResponse {
+  object: 'user';
+  id: string;
+  email: string;
+  email_verified: boolean;
+  profile_picture_url: string | null;
+  first_name: string | null;
+  last_name: string | null;
+  last_sign_in_at: string | null;
+  locale: string | null;
+  created_at: string;
+  updated_at: string;
+  external_id?: string;
+  metadata?: Record<string, string>;
+}
+//#endregion
+export { UserResponse as n, User as t };
+//# sourceMappingURL=user.interface-SwAIYLNB.d.cts.map

package/lib/user.serializer-TrM0oX4Q.d.cts ADDED Viewed

@@ -0,0 +1,7 @@
+import { n as UserResponse, t as User } from "./user.interface-SwAIYLNB.cjs";
+//#region src/user-management/serializers/user.serializer.d.ts
+declare const deserializeUser: (user: UserResponse) => User;
+//#endregion
+export { deserializeUser as t };
+//# sourceMappingURL=user.serializer-TrM0oX4Q.d.cts.map

package/lib/user.serializer-Y5EM8MeK.cjs ADDED Viewed

@@ -0,0 +1,26 @@
+//#region src/user-management/serializers/user.serializer.ts
+const deserializeUser = (user) => ({
+	object: user.object,
+	id: user.id,
+	email: user.email,
+	emailVerified: user.email_verified,
+	firstName: user.first_name,
+	profilePictureUrl: user.profile_picture_url,
+	lastName: user.last_name,
+	lastSignInAt: user.last_sign_in_at,
+	locale: user.locale,
+	createdAt: user.created_at,
+	updatedAt: user.updated_at,
+	externalId: user.external_id ?? null,
+	metadata: user.metadata ?? {}
+});
+//#endregion
+Object.defineProperty(exports, 'deserializeUser', {
+  enumerable: true,
+  get: function () {
+    return deserializeUser;
+  }
+});
+//# sourceMappingURL=user.serializer-Y5EM8MeK.cjs.map

package/lib/user.serializer-Y5EM8MeK.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"user.serializer-Y5EM8MeK.cjs","names":[],"sources":["../src/user-management/serializers/user.serializer.ts"],"sourcesContent":["import { User, UserResponse } from '../interfaces';\n\nexport const deserializeUser = (user: UserResponse): User => ({\n object: user.object,\n id: user.id,\n email: user.email,\n emailVerified: user.email_verified,\n firstName: user.first_name,\n profilePictureUrl: user.profile_picture_url,\n lastName: user.last_name,\n lastSignInAt: user.last_sign_in_at,\n locale: user.locale,\n createdAt: user.created_at,\n updatedAt: user.updated_at,\n externalId: user.external_id ?? null,\n metadata: user.metadata ?? {},\n});\n"],"mappings":";;AAEA,MAAa,mBAAmB,UAA8B;CAC5D,QAAQ,KAAK;CACb,IAAI,KAAK;CACT,OAAO,KAAK;CACZ,eAAe,KAAK;CACpB,WAAW,KAAK;CAChB,mBAAmB,KAAK;CACxB,UAAU,KAAK;CACf,cAAc,KAAK;CACnB,QAAQ,KAAK;CACb,WAAW,KAAK;CAChB,WAAW,KAAK;CAChB,YAAY,KAAK,eAAe;CAChC,UAAU,KAAK,YAAY,EAAE;CAC9B"}

package/lib/utils/jose.cjs CHANGED Viewed

@@ -1,22 +1,3 @@
+const require_jose = require('../jose-D4-VExnk.cjs');
-//#region src/utils/jose.ts
-let _josePromise;
-/**
-* Dynamically imports the jose library using import() to support Node.js 20.0-20.18.
-*
-* The jose library is ESM-only and cannot be loaded via require() in Node.js versions
-* before 20.19.0. This wrapper uses dynamic import() which works in both ESM and CJS
-* across all Node.js 20+ versions.
-*
-* This workaround can be removed when Node.js 20 reaches end-of-life (April 2026),
-* at which point we can bump to Node.js 22+ and use direct imports.
-*
-* @returns Promise that resolves to the jose module
-*/
-function getJose() {
-	return _josePromise ??= import("jose");
-}
-//#endregion
-exports.getJose = getJose;
-//# sourceMappingURL=jose.cjs.map
+exports.getJose = require_jose.getJose;

package/lib/validate-api-key.interface-JvCCei5M.cjs ADDED Viewed

File without changes

package/lib/validate-api-key.interface-kzSfRmiM.d.cts ADDED Viewed

@@ -0,0 +1,15 @@
+import { n as SerializedApiKey, t as ApiKey } from "./api-key.interface-Bc1XdCvA.cjs";
+//#region src/api-keys/interfaces/validate-api-key.interface.d.ts
+interface ValidateApiKeyOptions {
+  value: string;
+}
+interface ValidateApiKeyResponse {
+  apiKey: ApiKey | null;
+}
+interface SerializedValidateApiKeyResponse {
+  api_key: SerializedApiKey | null;
+}
+//#endregion
+export { ValidateApiKeyOptions as n, ValidateApiKeyResponse as r, SerializedValidateApiKeyResponse as t };
+//# sourceMappingURL=validate-api-key.interface-kzSfRmiM.d.cts.map

package/lib/validate-api-key.serializer-B1ScKkFd.d.cts ADDED Viewed

@@ -0,0 +1,7 @@
+import { r as ValidateApiKeyResponse, t as SerializedValidateApiKeyResponse } from "./validate-api-key.interface-kzSfRmiM.cjs";
+//#region src/api-keys/serializers/validate-api-key.serializer.d.ts
+declare function deserializeValidateApiKeyResponse(response: SerializedValidateApiKeyResponse): ValidateApiKeyResponse;
+//#endregion
+export { deserializeValidateApiKeyResponse as t };
+//# sourceMappingURL=validate-api-key.serializer-B1ScKkFd.d.cts.map

package/lib/validate-api-key.serializer-Cwpx9odk.cjs ADDED Viewed

@@ -0,0 +1,15 @@
+const require_api_key_serializer = require('./api-key.serializer-384tUKDU.cjs');
+//#region src/api-keys/serializers/validate-api-key.serializer.ts
+function deserializeValidateApiKeyResponse(response) {
+	return { apiKey: response.api_key ? require_api_key_serializer.deserializeApiKey(response.api_key) : null };
+}
+//#endregion
+Object.defineProperty(exports, 'deserializeValidateApiKeyResponse', {
+  enumerable: true,
+  get: function () {
+    return deserializeValidateApiKeyResponse;
+  }
+});
+//# sourceMappingURL=validate-api-key.serializer-Cwpx9odk.cjs.map

package/lib/validate-api-key.serializer-Cwpx9odk.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"validate-api-key.serializer-Cwpx9odk.cjs","names":["deserializeApiKey"],"sources":["../src/api-keys/serializers/validate-api-key.serializer.ts"],"sourcesContent":["import {\n SerializedValidateApiKeyResponse,\n ValidateApiKeyResponse,\n} from '../interfaces/validate-api-key.interface';\nimport { deserializeApiKey } from './api-key.serializer';\n\nexport function deserializeValidateApiKeyResponse(\n response: SerializedValidateApiKeyResponse,\n): ValidateApiKeyResponse {\n return {\n apiKey: response.api_key ? deserializeApiKey(response.api_key) : null,\n };\n}\n"],"mappings":";;;AAMA,SAAgB,kCACd,UACwB;AACxB,QAAO,EACL,QAAQ,SAAS,UAAUA,6CAAkB,SAAS,QAAQ,GAAG,MAClE"}

package/lib/vault/interfaces/index.d.cts CHANGED Viewed

@@ -1,11 +1,11 @@
-import { DataKey, DataKeyPair, KeyContext } from "./key.interface.cjs";
-import { CreateDataKeyOptions, CreateDataKeyResponse } from "./key/create-data-key.interface.cjs";
-import { DecryptDataKeyOptions, DecryptDataKeyResponse } from "./key/decrypt-data-key.interface.cjs";
-import { CreateObjectEntity, CreateObjectOptions } from "./object/create-object.interface.cjs";
-import { DeleteObjectOptions } from "./object/delete-object.interface.cjs";
-import { ListObjectVersionsResponse, ObjectVersionResponse } from "./object/list-object-versions.interface.cjs";
-import { ObjectDigestResponse } from "./object/list-objects.interface.cjs";
-import { ObjectDigest, ObjectMetadata, ObjectUpdateBy, ObjectVersion, VaultObject } from "./object.interface.cjs";
-import { ReadObjectMetadataResponse, ReadObjectOptions, ReadObjectResponse } from "./object/read-object.interface.cjs";
-import { UpdateObjectEntity, UpdateObjectOptions } from "./object/update-object.interface.cjs";
+import { n as DataKeyPair, r as KeyContext, t as DataKey } from "../../key.interface-BdqBuDSH.cjs";
+import { n as CreateDataKeyResponse, t as CreateDataKeyOptions } from "../../create-data-key.interface-l5swdCo_.cjs";
+import { n as DecryptDataKeyResponse, t as DecryptDataKeyOptions } from "../../decrypt-data-key.interface-DtA2snTS.cjs";
+import { n as CreateObjectOptions, t as CreateObjectEntity } from "../../create-object.interface-bEH6nxNn.cjs";
+import { t as DeleteObjectOptions } from "../../delete-object.interface-EBnHDGAU.cjs";
+import { n as ObjectVersionResponse, t as ListObjectVersionsResponse } from "../../list-object-versions.interface-CAFLFrnR.cjs";
+import { t as ObjectDigestResponse } from "../../list-objects.interface-DVVXFKO9.cjs";
+import { a as VaultObject, i as ObjectVersion, n as ObjectMetadata, r as ObjectUpdateBy, t as ObjectDigest } from "../../object.interface-BjtGKl3u.cjs";
+import { n as ReadObjectOptions, r as ReadObjectResponse, t as ReadObjectMetadataResponse } from "../../read-object.interface-BDX81WQG.cjs";
+import { n as UpdateObjectOptions, t as UpdateObjectEntity } from "../../update-object.interface-CNxG-_TG.cjs";
 export { CreateDataKeyOptions, CreateDataKeyResponse, CreateObjectEntity, CreateObjectOptions, DataKey, DataKeyPair, DecryptDataKeyOptions, DecryptDataKeyResponse, DeleteObjectOptions, KeyContext, ListObjectVersionsResponse, ObjectDigest, ObjectDigestResponse, ObjectMetadata, ObjectUpdateBy, ObjectVersion, ObjectVersionResponse, ReadObjectMetadataResponse, ReadObjectOptions, ReadObjectResponse, UpdateObjectEntity, UpdateObjectOptions, VaultObject };

package/lib/vault/interfaces/key/create-data-key.interface.d.cts CHANGED Viewed

@@ -1,15 +1,2 @@
-import { KeyContext } from "../key.interface.cjs";
-//#region src/vault/interfaces/key/create-data-key.interface.d.ts
-interface CreateDataKeyOptions {
-  context: KeyContext;
-}
-interface CreateDataKeyResponse {
-  context: KeyContext;
-  data_key: string;
-  encrypted_keys: string;
-  id: string;
-}
-//#endregion
-export { CreateDataKeyOptions, CreateDataKeyResponse };
-//# sourceMappingURL=create-data-key.interface.d.cts.map
+import { n as CreateDataKeyResponse, t as CreateDataKeyOptions } from "../../../create-data-key.interface-l5swdCo_.cjs";
+export { CreateDataKeyOptions, CreateDataKeyResponse };

package/lib/vault/interfaces/key/decrypt-data-key.interface.d.cts CHANGED Viewed

@@ -1,11 +1,2 @@
-//#region src/vault/interfaces/key/decrypt-data-key.interface.d.ts
-interface DecryptDataKeyOptions {
-  keys: string;
-}
-interface DecryptDataKeyResponse {
-  data_key: string;
-  id: string;
-}
-//#endregion
-export { DecryptDataKeyOptions, DecryptDataKeyResponse };
-//# sourceMappingURL=decrypt-data-key.interface.d.cts.map
+import { n as DecryptDataKeyResponse, t as DecryptDataKeyOptions } from "../../../decrypt-data-key.interface-DtA2snTS.cjs";
+export { DecryptDataKeyOptions, DecryptDataKeyResponse };

package/lib/vault/interfaces/key.interface.d.cts CHANGED Viewed

@@ -1,16 +1,2 @@
-//#region src/vault/interfaces/key.interface.d.ts
-interface KeyContext {
-  [key: string]: any;
-}
-interface DataKeyPair {
-  context: KeyContext;
-  dataKey: DataKey;
-  encryptedKeys: string;
-}
-interface DataKey {
-  key: string;
-  id: string;
-}
-//#endregion
-export { DataKey, DataKeyPair, KeyContext };
-//# sourceMappingURL=key.interface.d.cts.map
+import { n as DataKeyPair, r as KeyContext, t as DataKey } from "../../key.interface-BdqBuDSH.cjs";
+export { DataKey, DataKeyPair, KeyContext };

package/lib/vault/interfaces/object/create-object.interface.d.cts CHANGED Viewed

@@ -1,16 +1,2 @@
-import { KeyContext } from "../key.interface.cjs";
-//#region src/vault/interfaces/object/create-object.interface.d.ts
-interface CreateObjectEntity {
-  name: string;
-  value: string;
-  key_context: KeyContext;
-}
-interface CreateObjectOptions {
-  name: string;
-  value: string;
-  context: KeyContext;
-}
-//#endregion
-export { CreateObjectEntity, CreateObjectOptions };
-//# sourceMappingURL=create-object.interface.d.cts.map
+import { n as CreateObjectOptions, t as CreateObjectEntity } from "../../../create-object.interface-bEH6nxNn.cjs";
+export { CreateObjectEntity, CreateObjectOptions };

package/lib/vault/interfaces/object/delete-object.interface.d.cts CHANGED Viewed

@@ -1,7 +1,2 @@
-//#region src/vault/interfaces/object/delete-object.interface.d.ts
-interface DeleteObjectOptions {
-  id: string;
-}
-//#endregion
-export { DeleteObjectOptions };
-//# sourceMappingURL=delete-object.interface.d.cts.map
+import { t as DeleteObjectOptions } from "../../../delete-object.interface-EBnHDGAU.cjs";
+export { DeleteObjectOptions };

package/lib/vault/interfaces/object/list-object-versions.interface.d.cts CHANGED Viewed

@@ -1,12 +1,2 @@
-//#region src/vault/interfaces/object/list-object-versions.interface.d.ts
-interface ObjectVersionResponse {
-  id: string;
-  created_at: string;
-  current_version: boolean;
-}
-interface ListObjectVersionsResponse {
-  data: ObjectVersionResponse[];
-}
-//#endregion
-export { ListObjectVersionsResponse, ObjectVersionResponse };
-//# sourceMappingURL=list-object-versions.interface.d.cts.map
+import { n as ObjectVersionResponse, t as ListObjectVersionsResponse } from "../../../list-object-versions.interface-CAFLFrnR.cjs";
+export { ListObjectVersionsResponse, ObjectVersionResponse };

package/lib/vault/interfaces/object/list-objects.interface.d.cts CHANGED Viewed

@@ -1,9 +1,2 @@
-//#region src/vault/interfaces/object/list-objects.interface.d.ts
-interface ObjectDigestResponse {
-  id: string;
-  name: string;
-  updated_at: string;
-}
-//#endregion
-export { ObjectDigestResponse };
-//# sourceMappingURL=list-objects.interface.d.cts.map
+import { t as ObjectDigestResponse } from "../../../list-objects.interface-DVVXFKO9.cjs";
+export { ObjectDigestResponse };

package/lib/vault/interfaces/object/read-object.interface.d.cts CHANGED Viewed

@@ -1,25 +1,2 @@
-import { KeyContext } from "../key.interface.cjs";
-import { ObjectUpdateBy } from "../object.interface.cjs";
-//#region src/vault/interfaces/object/read-object.interface.d.ts
-interface ReadObjectOptions {
-  id: string;
-}
-interface ReadObjectMetadataResponse {
-  context: KeyContext;
-  environment_id: string;
-  id: string;
-  key_id: string;
-  updated_at: string;
-  updated_by: ObjectUpdateBy;
-  version_id: string;
-}
-interface ReadObjectResponse {
-  id: string;
-  metadata: ReadObjectMetadataResponse;
-  name: string;
-  value: string;
-}
-//#endregion
-export { ReadObjectMetadataResponse, ReadObjectOptions, ReadObjectResponse };
-//# sourceMappingURL=read-object.interface.d.cts.map
+import { n as ReadObjectOptions, r as ReadObjectResponse, t as ReadObjectMetadataResponse } from "../../../read-object.interface-BDX81WQG.cjs";
+export { ReadObjectMetadataResponse, ReadObjectOptions, ReadObjectResponse };

package/lib/vault/interfaces/object/update-object.interface.d.cts CHANGED Viewed

@@ -1,13 +1,2 @@
-//#region src/vault/interfaces/object/update-object.interface.d.ts
-interface UpdateObjectEntity {
-  value: string;
-  version_check?: string;
-}
-interface UpdateObjectOptions {
-  id: string;
-  value: string;
-  versionCheck?: string;
-}
-//#endregion
-export { UpdateObjectEntity, UpdateObjectOptions };
-//# sourceMappingURL=update-object.interface.d.cts.map
+import { n as UpdateObjectOptions, t as UpdateObjectEntity } from "../../../update-object.interface-CNxG-_TG.cjs";
+export { UpdateObjectEntity, UpdateObjectOptions };

package/lib/vault/interfaces/object.interface.d.cts CHANGED Viewed

@@ -1,35 +1,2 @@
-import { KeyContext } from "./key.interface.cjs";
-//#region src/vault/interfaces/object.interface.d.ts
-interface ObjectDigest {
-  id: string;
-  name: string;
-  updatedAt: Date;
-}
-interface ObjectUpdateBy {
-  id: string;
-  name: string;
-}
-interface ObjectMetadata {
-  context: KeyContext;
-  environmentId: string;
-  id: string;
-  keyId: string;
-  updatedAt: Date;
-  updatedBy: ObjectUpdateBy;
-  versionId: string;
-}
-interface VaultObject {
-  id: string;
-  metadata: ObjectMetadata;
-  name: string;
-  value?: string;
-}
-interface ObjectVersion {
-  createdAt: Date;
-  currentVersion: boolean;
-  id: string;
-}
-//#endregion
-export { ObjectDigest, ObjectMetadata, ObjectUpdateBy, ObjectVersion, VaultObject };
-//# sourceMappingURL=object.interface.d.cts.map
+import { a as VaultObject, i as ObjectVersion, n as ObjectMetadata, r as ObjectUpdateBy, t as ObjectDigest } from "../../object.interface-BjtGKl3u.cjs";
+export { ObjectDigest, ObjectMetadata, ObjectUpdateBy, ObjectVersion, VaultObject };

package/lib/vault/serializers/vault-key.serializer.cjs CHANGED Viewed

@@ -1,19 +1,4 @@
+const require_vault_key_serializer = require('../../vault-key.serializer-DO9iKzMq.cjs');
-//#region src/vault/serializers/vault-key.serializer.ts
-const deserializeCreateDataKeyResponse = (key) => ({
-	context: key.context,
-	dataKey: {
-		key: key.data_key,
-		id: key.id
-	},
-	encryptedKeys: key.encrypted_keys
-});
-const deserializeDecryptDataKeyResponse = (key) => ({
-	key: key.data_key,
-	id: key.id
-});
-//#endregion
-exports.deserializeCreateDataKeyResponse = deserializeCreateDataKeyResponse;
-exports.deserializeDecryptDataKeyResponse = deserializeDecryptDataKeyResponse;
-//# sourceMappingURL=vault-key.serializer.cjs.map
+exports.deserializeCreateDataKeyResponse = require_vault_key_serializer.deserializeCreateDataKeyResponse;
+exports.deserializeDecryptDataKeyResponse = require_vault_key_serializer.deserializeDecryptDataKeyResponse;

package/lib/vault/serializers/vault-key.serializer.d.cts CHANGED Viewed

@@ -1,6 +1,6 @@
-import { DataKey, DataKeyPair } from "../interfaces/key.interface.cjs";
-import { CreateDataKeyResponse } from "../interfaces/key/create-data-key.interface.cjs";
-import { DecryptDataKeyResponse } from "../interfaces/key/decrypt-data-key.interface.cjs";
+import { n as DataKeyPair, t as DataKey } from "../../key.interface-BdqBuDSH.cjs";
+import { n as CreateDataKeyResponse } from "../../create-data-key.interface-l5swdCo_.cjs";
+import { n as DecryptDataKeyResponse } from "../../decrypt-data-key.interface-DtA2snTS.cjs";
 //#region src/vault/serializers/vault-key.serializer.d.ts
 declare const deserializeCreateDataKeyResponse: (key: CreateDataKeyResponse) => DataKeyPair;

package/lib/vault/serializers/vault-object.serializer.cjs CHANGED Viewed

@@ -1,54 +1,8 @@
+const require_vault_object_serializer = require('../../vault-object.serializer-EkelXJB9.cjs');
-//#region src/vault/serializers/vault-object.serializer.ts
-const deserializeObjectMetadata = (metadata) => ({
-	context: metadata.context,
-	environmentId: metadata.environment_id,
-	id: metadata.id,
-	keyId: metadata.key_id,
-	updatedAt: new Date(Date.parse(metadata.updated_at)),
-	updatedBy: metadata.updated_by,
-	versionId: metadata.version_id
-});
-const deserializeObject = (object) => ({
-	id: object.id,
-	name: object.name,
-	value: object.value,
-	metadata: deserializeObjectMetadata(object.metadata)
-});
-const deserializeObjectDigest = (digest) => ({
-	id: digest.id,
-	name: digest.name,
-	updatedAt: new Date(Date.parse(digest.updated_at))
-});
-const deserializeListObjects = (list) => ({
-	object: "list",
-	data: list.data.map(deserializeObjectDigest),
-	listMetadata: {
-		after: list.list_metadata.after ?? void 0,
-		before: list.list_metadata.before ?? void 0
-	}
-});
-const desrializeListObjectVersions = (list) => list.data.map(deserializeObjectVersion);
-const deserializeObjectVersion = (version) => ({
-	createdAt: new Date(Date.parse(version.created_at)),
-	currentVersion: version.current_version,
-	id: version.id
-});
-const serializeCreateObjectEntity = (options) => ({
-	name: options.name,
-	value: options.value,
-	key_context: options.context
-});
-const serializeUpdateObjectEntity = (options) => ({
-	value: options.value,
-	version_check: options.versionCheck
-});
-//#endregion
-exports.deserializeListObjects = deserializeListObjects;
-exports.deserializeObject = deserializeObject;
-exports.deserializeObjectMetadata = deserializeObjectMetadata;
-exports.desrializeListObjectVersions = desrializeListObjectVersions;
-exports.serializeCreateObjectEntity = serializeCreateObjectEntity;
-exports.serializeUpdateObjectEntity = serializeUpdateObjectEntity;
-//# sourceMappingURL=vault-object.serializer.cjs.map
+exports.deserializeListObjects = require_vault_object_serializer.deserializeListObjects;
+exports.deserializeObject = require_vault_object_serializer.deserializeObject;
+exports.deserializeObjectMetadata = require_vault_object_serializer.deserializeObjectMetadata;
+exports.desrializeListObjectVersions = require_vault_object_serializer.desrializeListObjectVersions;
+exports.serializeCreateObjectEntity = require_vault_object_serializer.serializeCreateObjectEntity;
+exports.serializeUpdateObjectEntity = require_vault_object_serializer.serializeUpdateObjectEntity;

package/lib/vault/serializers/vault-object.serializer.d.cts CHANGED Viewed

@@ -1,10 +1,10 @@
-import { List, ListResponse } from "../../common/interfaces/list.interface.cjs";
-import { CreateObjectEntity, CreateObjectOptions } from "../interfaces/object/create-object.interface.cjs";
-import { ListObjectVersionsResponse } from "../interfaces/object/list-object-versions.interface.cjs";
-import { ObjectDigestResponse } from "../interfaces/object/list-objects.interface.cjs";
-import { ObjectDigest, ObjectMetadata, ObjectVersion, VaultObject } from "../interfaces/object.interface.cjs";
-import { ReadObjectMetadataResponse, ReadObjectResponse } from "../interfaces/object/read-object.interface.cjs";
-import { UpdateObjectEntity, UpdateObjectOptions } from "../interfaces/object/update-object.interface.cjs";
+import { n as ListResponse, t as List } from "../../list.interface-BEUNlSvF.cjs";
+import { n as CreateObjectOptions, t as CreateObjectEntity } from "../../create-object.interface-bEH6nxNn.cjs";
+import { t as ListObjectVersionsResponse } from "../../list-object-versions.interface-CAFLFrnR.cjs";
+import { t as ObjectDigestResponse } from "../../list-objects.interface-DVVXFKO9.cjs";
+import { a as VaultObject, i as ObjectVersion, n as ObjectMetadata, t as ObjectDigest } from "../../object.interface-BjtGKl3u.cjs";
+import { r as ReadObjectResponse, t as ReadObjectMetadataResponse } from "../../read-object.interface-BDX81WQG.cjs";
+import { n as UpdateObjectOptions, t as UpdateObjectEntity } from "../../update-object.interface-CNxG-_TG.cjs";
 //#region src/vault/serializers/vault-object.serializer.d.ts
 declare const deserializeObjectMetadata: (metadata: ReadObjectMetadataResponse) => ObjectMetadata;