@workos-inc/node 8.3.1 → 8.5.0

package/lib/session.serializer-DAUllV3H.d.cts

@@ -1,7 +0,0 @@
-import { n as Session, r as SessionResponse } from "./session.interface-zszewQtk.cjs";
-
-//#region src/user-management/serializers/session.serializer.d.ts
-declare const deserializeSession: (session: SessionResponse) => Session;
-//#endregion
-export { deserializeSession as t };
-//# sourceMappingURL=session.serializer-DAUllV3H.d.cts.map

package/lib/set-environment-role-permissions-options.interface-CJm4G5CM.d.cts

@@ -1,7 +0,0 @@
-//#region src/authorization/interfaces/set-environment-role-permissions-options.interface.d.ts
-interface SetEnvironmentRolePermissionsOptions {
-  permissions: string[];
-}
-//#endregion
-export { SetEnvironmentRolePermissionsOptions as t };
-//# sourceMappingURL=set-environment-role-permissions-options.interface-CJm4G5CM.d.cts.map

package/lib/set-organization-role-permissions-options.interface-F54jbJ3q.d.cts

@@ -1,7 +0,0 @@
-//#region src/authorization/interfaces/set-organization-role-permissions-options.interface.d.ts
-interface SetOrganizationRolePermissionsOptions {
-  permissions: string[];
-}
-//#endregion
-export { SetOrganizationRolePermissionsOptions as t };
-//# sourceMappingURL=set-organization-role-permissions-options.interface-F54jbJ3q.d.cts.map

package/lib/signature-provider-CdkJsGc8.cjs

@@ -1,38 +0,0 @@
-const require_signature_verification_exception = require('./signature-verification.exception-Dc1gSCYD.cjs');
-
-//#region src/common/crypto/signature-provider.ts
-var SignatureProvider = class {
-	cryptoProvider;
-	constructor(cryptoProvider) {
-		this.cryptoProvider = cryptoProvider;
-	}
-	async verifyHeader({ payload, sigHeader, secret, tolerance = 18e4 }) {
-		const [timestamp, signatureHash] = this.getTimestampAndSignatureHash(sigHeader);
-		if (!signatureHash || Object.keys(signatureHash).length === 0) throw new require_signature_verification_exception.SignatureVerificationException("No signature hash found with expected scheme v1");
-		if (parseInt(timestamp, 10) < Date.now() - tolerance) throw new require_signature_verification_exception.SignatureVerificationException("Timestamp outside the tolerance zone");
-		const expectedSig = await this.computeSignature(timestamp, payload, secret);
-		if (await this.cryptoProvider.secureCompare(expectedSig, signatureHash) === false) throw new require_signature_verification_exception.SignatureVerificationException("Signature hash does not match the expected signature hash for payload");
-		return true;
-	}
-	getTimestampAndSignatureHash(sigHeader) {
-		const [t, v1] = sigHeader.split(",");
-		if (typeof t === "undefined" || typeof v1 === "undefined") throw new require_signature_verification_exception.SignatureVerificationException("Signature or timestamp missing");
-		const { 1: timestamp } = t.split("=");
-		const { 1: signatureHash } = v1.split("=");
-		return [timestamp, signatureHash];
-	}
-	async computeSignature(timestamp, payload, secret) {
-		payload = JSON.stringify(payload);
-		const signedPayload = `${timestamp}.${payload}`;
-		return await this.cryptoProvider.computeHMACSignatureAsync(signedPayload, secret);
-	}
-};
-
-//#endregion
-Object.defineProperty(exports, 'SignatureProvider', {
-  enumerable: true,
-  get: function () {
-    return SignatureProvider;
-  }
-});
-//# sourceMappingURL=signature-provider-CdkJsGc8.cjs.map

package/lib/signature-provider-CdkJsGc8.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"signature-provider-CdkJsGc8.cjs","names":["SignatureVerificationException"],"sources":["../src/common/crypto/signature-provider.ts"],"sourcesContent":["import { SignatureVerificationException } from '../exceptions';\nimport { CryptoProvider } from './crypto-provider';\n\nexport class SignatureProvider {\n  private cryptoProvider: CryptoProvider;\n\n  constructor(cryptoProvider: CryptoProvider) {\n    this.cryptoProvider = cryptoProvider;\n  }\n\n  async verifyHeader({\n    payload,\n    sigHeader,\n    secret,\n    tolerance = 180000,\n  }: {\n    payload: any;\n    sigHeader: string;\n    secret: string;\n    tolerance?: number;\n  }): Promise<boolean> {\n    const [timestamp, signatureHash] =\n      this.getTimestampAndSignatureHash(sigHeader);\n\n    if (!signatureHash || Object.keys(signatureHash).length === 0) {\n      throw new SignatureVerificationException(\n        'No signature hash found with expected scheme v1',\n      );\n    }\n\n    if (parseInt(timestamp, 10) < Date.now() - tolerance) {\n      throw new SignatureVerificationException(\n        'Timestamp outside the tolerance zone',\n      );\n    }\n\n    const expectedSig = await this.computeSignature(timestamp, payload, secret);\n    if (\n      (await this.cryptoProvider.secureCompare(expectedSig, signatureHash)) ===\n      false\n    ) {\n      throw new SignatureVerificationException(\n        'Signature hash does not match the expected signature hash for payload',\n      );\n    }\n    return true;\n  }\n\n  getTimestampAndSignatureHash(sigHeader: string): [string, string] {\n    const signature = sigHeader;\n    const [t, v1] = signature.split(',');\n    if (typeof t === 'undefined' || typeof v1 === 'undefined') {\n      throw new SignatureVerificationException(\n        'Signature or timestamp missing',\n      );\n    }\n    const { 1: timestamp } = t.split('=');\n    const { 1: signatureHash } = v1.split('=');\n\n    return [timestamp, signatureHash];\n  }\n\n  async computeSignature(\n    timestamp: any,\n    payload: any,\n    secret: string,\n  ): Promise<string> {\n    payload = JSON.stringify(payload);\n    const signedPayload = `${timestamp}.${payload}`;\n\n    return await this.cryptoProvider.computeHMACSignatureAsync(\n      signedPayload,\n      secret,\n    );\n  }\n}\n"],"mappings":";;;AAGA,IAAa,oBAAb,MAA+B;CAC7B,AAAQ;CAER,YAAY,gBAAgC;AAC1C,OAAK,iBAAiB;;CAGxB,MAAM,aAAa,EACjB,SACA,WACA,QACA,YAAY,QAMO;EACnB,MAAM,CAAC,WAAW,iBAChB,KAAK,6BAA6B,UAAU;AAE9C,MAAI,CAAC,iBAAiB,OAAO,KAAK,cAAc,CAAC,WAAW,EAC1D,OAAM,IAAIA,wEACR,kDACD;AAGH,MAAI,SAAS,WAAW,GAAG,GAAG,KAAK,KAAK,GAAG,UACzC,OAAM,IAAIA,wEACR,uCACD;EAGH,MAAM,cAAc,MAAM,KAAK,iBAAiB,WAAW,SAAS,OAAO;AAC3E,MACG,MAAM,KAAK,eAAe,cAAc,aAAa,cAAc,KACpE,MAEA,OAAM,IAAIA,wEACR,wEACD;AAEH,SAAO;;CAGT,6BAA6B,WAAqC;EAEhE,MAAM,CAAC,GAAG,MADQ,UACQ,MAAM,IAAI;AACpC,MAAI,OAAO,MAAM,eAAe,OAAO,OAAO,YAC5C,OAAM,IAAIA,wEACR,iCACD;EAEH,MAAM,EAAE,GAAG,cAAc,EAAE,MAAM,IAAI;EACrC,MAAM,EAAE,GAAG,kBAAkB,GAAG,MAAM,IAAI;AAE1C,SAAO,CAAC,WAAW,cAAc;;CAGnC,MAAM,iBACJ,WACA,SACA,QACiB;AACjB,YAAU,KAAK,UAAU,QAAQ;EACjC,MAAM,gBAAgB,GAAG,UAAU,GAAG;AAEtC,SAAO,MAAM,KAAK,eAAe,0BAC/B,eACA,OACD"}

package/lib/signature-verification.exception-D2-xkCRS.d.cts

@@ -1,8 +0,0 @@
-//#region src/common/exceptions/signature-verification.exception.d.ts
-declare class SignatureVerificationException extends Error {
-  readonly name = "SignatureVerificationException";
-  constructor(message: string);
-}
-//#endregion
-export { SignatureVerificationException as t };
-//# sourceMappingURL=signature-verification.exception-D2-xkCRS.d.cts.map

package/lib/sms.interface-f_7eFA1B.d.cts

@@ -1,10 +0,0 @@
-//#region src/mfa/interfaces/sms.interface.d.ts
-interface Sms {
-  phoneNumber: string;
-}
-interface SmsResponse {
-  phone_number: string;
-}
-//#endregion
-export { SmsResponse as n, Sms as t };
-//# sourceMappingURL=sms.interface-f_7eFA1B.d.cts.map

package/lib/sms.serializer-DH2jsPuC.cjs

@@ -1,12 +0,0 @@
-
-//#region src/mfa/serializers/sms.serializer.ts
-const deserializeSms = (sms) => ({ phoneNumber: sms.phone_number });
-
-//#endregion
-Object.defineProperty(exports, 'deserializeSms', {
-  enumerable: true,
-  get: function () {
-    return deserializeSms;
-  }
-});
-//# sourceMappingURL=sms.serializer-DH2jsPuC.cjs.map

package/lib/sms.serializer-DH2jsPuC.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"sms.serializer-DH2jsPuC.cjs","names":[],"sources":["../src/mfa/serializers/sms.serializer.ts"],"sourcesContent":["import { Sms, SmsResponse } from '../interfaces';\n\nexport const deserializeSms = (sms: SmsResponse): Sms => ({\n  phoneNumber: sms.phone_number,\n});\n"],"mappings":";;AAEA,MAAa,kBAAkB,SAA2B,EACxD,aAAa,IAAI,cAClB"}

package/lib/sso-DgPiUuie.cjs

@@ -1,135 +0,0 @@
-const require_pagination = require('./pagination-BG1uBuL4.cjs');
-const require_connection_serializer = require('./connection.serializer-phS0D1t9.cjs');
-const require_list_connections_options_serializer = require('./list-connections-options.serializer-B9jyhBCh.cjs');
-const require_profile_serializer = require('./profile.serializer-BDlm0TRU.cjs');
-const require_profile_and_token_serializer = require('./profile-and-token.serializer-CUFdGpX3.cjs');
-const require_fetch_and_deserialize = require('./fetch-and-deserialize-B6lbfouV.cjs');
-const require_query_string = require('./query-string-B9WibUJl.cjs');
-
-//#region src/sso/sso.ts
-var SSO = class {
-	constructor(workos) {
-		this.workos = workos;
-	}
-	async listConnections(options) {
-		return new require_pagination.AutoPaginatable(await require_fetch_and_deserialize.fetchAndDeserialize(this.workos, "/connections", require_connection_serializer.deserializeConnection, options ? require_list_connections_options_serializer.serializeListConnectionsOptions(options) : void 0), (params) => require_fetch_and_deserialize.fetchAndDeserialize(this.workos, "/connections", require_connection_serializer.deserializeConnection, params), options ? require_list_connections_options_serializer.serializeListConnectionsOptions(options) : void 0);
-	}
-	async deleteConnection(id) {
-		await this.workos.delete(`/connections/${id}`);
-	}
-	getAuthorizationUrl(options) {
-		const { codeChallenge, codeChallengeMethod, connection, clientId, domainHint, loginHint, organization, provider, providerQueryParams, providerScopes, redirectUri, state } = options;
-		if (!provider && !connection && !organization) throw new TypeError(`Incomplete arguments. Need to specify either a 'connection', 'organization', or 'provider'.`);
-		const query = require_query_string.toQueryString({
-			code_challenge: codeChallenge,
-			code_challenge_method: codeChallengeMethod,
-			connection,
-			organization,
-			domain_hint: domainHint,
-			login_hint: loginHint,
-			provider,
-			provider_query_params: providerQueryParams,
-			provider_scopes: providerScopes,
-			client_id: clientId,
-			redirect_uri: redirectUri,
-			response_type: "code",
-			state
-		});
-		return `${this.workos.baseURL}/sso/authorize?${query}`;
-	}
-	/**
-	* Generates an authorization URL with PKCE parameters automatically generated.
-	* Use this for public clients (CLI apps, Electron, mobile) that cannot
-	* securely store a client secret.
-	*
-	* @returns Object containing url, state, and codeVerifier
-	*
-	* @example
-	* ```typescript
-	* const { url, state, codeVerifier } = await workos.sso.getAuthorizationUrlWithPKCE({
-	*   connection: 'conn_123',
-	*   clientId: 'client_123',
-	*   redirectUri: 'myapp://callback',
-	* });
-	*
-	* // Store state and codeVerifier securely, then redirect user to url
-	* // After callback, exchange the code:
-	* const { profile, accessToken } = await workos.sso.getProfileAndToken({
-	*   code: authorizationCode,
-	*   codeVerifier,
-	*   clientId: 'client_123',
-	* });
-	* ```
-	*/
-	async getAuthorizationUrlWithPKCE(options) {
-		const { connection, clientId, domainHint, loginHint, organization, provider, providerQueryParams, providerScopes, redirectUri } = options;
-		if (!provider && !connection && !organization) throw new TypeError(`Incomplete arguments. Need to specify either a 'connection', 'organization', or 'provider'.`);
-		const pkce = await this.workos.pkce.generate();
-		const state = this.workos.pkce.generateCodeVerifier(43);
-		const query = require_query_string.toQueryString({
-			code_challenge: pkce.codeChallenge,
-			code_challenge_method: "S256",
-			connection,
-			organization,
-			domain_hint: domainHint,
-			login_hint: loginHint,
-			provider,
-			provider_query_params: providerQueryParams,
-			provider_scopes: providerScopes,
-			client_id: clientId,
-			redirect_uri: redirectUri,
-			response_type: "code",
-			state
-		});
-		return {
-			url: `${this.workos.baseURL}/sso/authorize?${query}`,
-			state,
-			codeVerifier: pkce.codeVerifier
-		};
-	}
-	async getConnection(id) {
-		const { data } = await this.workos.get(`/connections/${id}`);
-		return require_connection_serializer.deserializeConnection(data);
-	}
-	/**
-	* Exchange an authorization code for a profile and access token.
-	*
-	* Auto-detects public vs confidential client mode:
-	* - If codeVerifier is provided: Uses PKCE flow (public client)
-	* - If no codeVerifier: Uses client_secret from API key (confidential client)
-	* - If both: Uses both client_secret AND codeVerifier (confidential client with PKCE)
-	*
-	* Using PKCE with confidential clients is recommended by OAuth 2.1 for defense
-	* in depth and provides additional CSRF protection on the authorization flow.
-	*
-	* @throws Error if neither codeVerifier nor API key is available
-	*/
-	async getProfileAndToken({ code, clientId, codeVerifier }) {
-		if (codeVerifier !== void 0 && codeVerifier.trim() === "") throw new TypeError("codeVerifier cannot be an empty string. Generate a valid PKCE pair using workos.pkce.generate().");
-		const hasApiKey = !!this.workos.key;
-		const hasPKCE = !!codeVerifier;
-		if (!hasPKCE && !hasApiKey) throw new TypeError("getProfileAndToken requires either a codeVerifier (for public clients) or an API key configured on the WorkOS instance (for confidential clients).");
-		const form = new URLSearchParams({
-			client_id: clientId,
-			grant_type: "authorization_code",
-			code
-		});
-		if (hasPKCE) form.set("code_verifier", codeVerifier);
-		if (hasApiKey) form.set("client_secret", this.workos.key);
-		const { data } = await this.workos.post("/sso/token", form, { skipApiKeyCheck: !hasApiKey });
-		return require_profile_and_token_serializer.deserializeProfileAndToken(data);
-	}
-	async getProfile({ accessToken }) {
-		const { data } = await this.workos.get("/sso/profile", { accessToken });
-		return require_profile_serializer.deserializeProfile(data);
-	}
-};
-
-//#endregion
-Object.defineProperty(exports, 'SSO', {
-  enumerable: true,
-  get: function () {
-    return SSO;
-  }
-});
-//# sourceMappingURL=sso-DgPiUuie.cjs.map

package/lib/sso-DgPiUuie.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"sso-DgPiUuie.cjs","names":["workos: WorkOS","AutoPaginatable","fetchAndDeserialize","deserializeConnection","serializeListConnectionsOptions","toQueryString","deserializeProfileAndToken","deserializeProfile"],"sources":["../src/sso/sso.ts"],"sourcesContent":["import { UnknownRecord } from '../common/interfaces/unknown-record.interface';\nimport { fetchAndDeserialize } from '../common/utils/fetch-and-deserialize';\nimport { AutoPaginatable } from '../common/utils/pagination';\nimport { toQueryString } from '../common/utils/query-string';\nimport { WorkOS } from '../workos';\nimport {\n  Connection,\n  ConnectionResponse,\n  GetProfileAndTokenOptions,\n  GetProfileOptions,\n  ListConnectionsOptions,\n  Profile,\n  ProfileAndToken,\n  ProfileAndTokenResponse,\n  ProfileResponse,\n  SSOAuthorizationURLOptions,\n  SSOPKCEAuthorizationURLResult,\n  SerializedListConnectionsOptions,\n} from './interfaces';\nimport {\n  deserializeConnection,\n  deserializeProfile,\n  deserializeProfileAndToken,\n  serializeListConnectionsOptions,\n} from './serializers';\n\nexport class SSO {\n  constructor(private readonly workos: WorkOS) {}\n\n  async listConnections(\n    options?: ListConnectionsOptions,\n  ): Promise<AutoPaginatable<Connection, SerializedListConnectionsOptions>> {\n    return new AutoPaginatable(\n      await fetchAndDeserialize<ConnectionResponse, Connection>(\n        this.workos,\n        '/connections',\n        deserializeConnection,\n        options ? serializeListConnectionsOptions(options) : undefined,\n      ),\n      (params) =>\n        fetchAndDeserialize<ConnectionResponse, Connection>(\n          this.workos,\n          '/connections',\n          deserializeConnection,\n          params,\n        ),\n      options ? serializeListConnectionsOptions(options) : undefined,\n    );\n  }\n  async deleteConnection(id: string) {\n    await this.workos.delete(`/connections/${id}`);\n  }\n\n  getAuthorizationUrl(options: SSOAuthorizationURLOptions): string {\n    const {\n      codeChallenge,\n      codeChallengeMethod,\n      connection,\n      clientId,\n      domainHint,\n      loginHint,\n      organization,\n      provider,\n      providerQueryParams,\n      providerScopes,\n      redirectUri,\n      state,\n    } = options;\n\n    if (!provider && !connection && !organization) {\n      throw new TypeError(\n        `Incomplete arguments. Need to specify either a 'connection', 'organization', or 'provider'.`,\n      );\n    }\n\n    const query = toQueryString({\n      code_challenge: codeChallenge,\n      code_challenge_method: codeChallengeMethod,\n      connection,\n      organization,\n      domain_hint: domainHint,\n      login_hint: loginHint,\n      provider,\n      provider_query_params: providerQueryParams,\n      provider_scopes: providerScopes,\n      client_id: clientId,\n      redirect_uri: redirectUri,\n      response_type: 'code',\n      state,\n    });\n\n    return `${this.workos.baseURL}/sso/authorize?${query}`;\n  }\n\n  /**\n   * Generates an authorization URL with PKCE parameters automatically generated.\n   * Use this for public clients (CLI apps, Electron, mobile) that cannot\n   * securely store a client secret.\n   *\n   * @returns Object containing url, state, and codeVerifier\n   *\n   * @example\n   * ```typescript\n   * const { url, state, codeVerifier } = await workos.sso.getAuthorizationUrlWithPKCE({\n   *   connection: 'conn_123',\n   *   clientId: 'client_123',\n   *   redirectUri: 'myapp://callback',\n   * });\n   *\n   * // Store state and codeVerifier securely, then redirect user to url\n   * // After callback, exchange the code:\n   * const { profile, accessToken } = await workos.sso.getProfileAndToken({\n   *   code: authorizationCode,\n   *   codeVerifier,\n   *   clientId: 'client_123',\n   * });\n   * ```\n   */\n  async getAuthorizationUrlWithPKCE(\n    options: Omit<\n      SSOAuthorizationURLOptions,\n      'codeChallenge' | 'codeChallengeMethod' | 'state'\n    >,\n  ): Promise<SSOPKCEAuthorizationURLResult> {\n    const {\n      connection,\n      clientId,\n      domainHint,\n      loginHint,\n      organization,\n      provider,\n      providerQueryParams,\n      providerScopes,\n      redirectUri,\n    } = options;\n\n    if (!provider && !connection && !organization) {\n      throw new TypeError(\n        `Incomplete arguments. Need to specify either a 'connection', 'organization', or 'provider'.`,\n      );\n    }\n\n    // Generate PKCE parameters\n    const pkce = await this.workos.pkce.generate();\n\n    // Generate secure random state\n    const state = this.workos.pkce.generateCodeVerifier(43);\n\n    const query = toQueryString({\n      code_challenge: pkce.codeChallenge,\n      code_challenge_method: 'S256',\n      connection,\n      organization,\n      domain_hint: domainHint,\n      login_hint: loginHint,\n      provider,\n      provider_query_params: providerQueryParams,\n      provider_scopes: providerScopes,\n      client_id: clientId,\n      redirect_uri: redirectUri,\n      response_type: 'code',\n      state,\n    });\n\n    const url = `${this.workos.baseURL}/sso/authorize?${query}`;\n\n    return { url, state, codeVerifier: pkce.codeVerifier };\n  }\n\n  async getConnection(id: string): Promise<Connection> {\n    const { data } = await this.workos.get<ConnectionResponse>(\n      `/connections/${id}`,\n    );\n\n    return deserializeConnection(data);\n  }\n\n  /**\n   * Exchange an authorization code for a profile and access token.\n   *\n   * Auto-detects public vs confidential client mode:\n   * - If codeVerifier is provided: Uses PKCE flow (public client)\n   * - If no codeVerifier: Uses client_secret from API key (confidential client)\n   * - If both: Uses both client_secret AND codeVerifier (confidential client with PKCE)\n   *\n   * Using PKCE with confidential clients is recommended by OAuth 2.1 for defense\n   * in depth and provides additional CSRF protection on the authorization flow.\n   *\n   * @throws Error if neither codeVerifier nor API key is available\n   */\n  async getProfileAndToken<\n    CustomAttributesType extends UnknownRecord = UnknownRecord,\n  >({\n    code,\n    clientId,\n    codeVerifier,\n  }: GetProfileAndTokenOptions): Promise<\n    ProfileAndToken<CustomAttributesType>\n  > {\n    // Validate codeVerifier is not an empty string (common mistake)\n    if (codeVerifier !== undefined && codeVerifier.trim() === '') {\n      throw new TypeError(\n        'codeVerifier cannot be an empty string. ' +\n          'Generate a valid PKCE pair using workos.pkce.generate().',\n      );\n    }\n\n    const hasApiKey = !!this.workos.key;\n    const hasPKCE = !!codeVerifier;\n\n    if (!hasPKCE && !hasApiKey) {\n      throw new TypeError(\n        'getProfileAndToken requires either a codeVerifier (for public clients) ' +\n          'or an API key configured on the WorkOS instance (for confidential clients).',\n      );\n    }\n\n    const form = new URLSearchParams({\n      client_id: clientId,\n      grant_type: 'authorization_code',\n      code,\n    });\n\n    // Support PKCE with confidential clients (OAuth 2.1 best practice)\n    // Both can be sent together for defense in depth\n    if (hasPKCE) {\n      form.set('code_verifier', codeVerifier);\n    }\n    if (hasApiKey) {\n      form.set('client_secret', this.workos.key as string);\n    }\n\n    const { data } = await this.workos.post<\n      ProfileAndTokenResponse<CustomAttributesType>\n    >('/sso/token', form, { skipApiKeyCheck: !hasApiKey });\n\n    return deserializeProfileAndToken(data);\n  }\n\n  async getProfile<CustomAttributesType extends UnknownRecord = UnknownRecord>({\n    accessToken,\n  }: GetProfileOptions): Promise<Profile<CustomAttributesType>> {\n    const { data } = await this.workos.get<\n      ProfileResponse<CustomAttributesType>\n    >('/sso/profile', {\n      accessToken,\n    });\n\n    return deserializeProfile(data);\n  }\n}\n"],"mappings":";;;;;;;;;AA0BA,IAAa,MAAb,MAAiB;CACf,YAAY,AAAiBA,QAAgB;EAAhB;;CAE7B,MAAM,gBACJ,SACwE;AACxE,SAAO,IAAIC,mCACT,MAAMC,kDACJ,KAAK,QACL,gBACAC,qDACA,UAAUC,4EAAgC,QAAQ,GAAG,OACtD,GACA,WACCF,kDACE,KAAK,QACL,gBACAC,qDACA,OACD,EACH,UAAUC,4EAAgC,QAAQ,GAAG,OACtD;;CAEH,MAAM,iBAAiB,IAAY;AACjC,QAAM,KAAK,OAAO,OAAO,gBAAgB,KAAK;;CAGhD,oBAAoB,SAA6C;EAC/D,MAAM,EACJ,eACA,qBACA,YACA,UACA,YACA,WACA,cACA,UACA,qBACA,gBACA,aACA,UACE;AAEJ,MAAI,CAAC,YAAY,CAAC,cAAc,CAAC,aAC/B,OAAM,IAAI,UACR,8FACD;EAGH,MAAM,QAAQC,mCAAc;GAC1B,gBAAgB;GAChB,uBAAuB;GACvB;GACA;GACA,aAAa;GACb,YAAY;GACZ;GACA,uBAAuB;GACvB,iBAAiB;GACjB,WAAW;GACX,cAAc;GACd,eAAe;GACf;GACD,CAAC;AAEF,SAAO,GAAG,KAAK,OAAO,QAAQ,iBAAiB;;;;;;;;;;;;;;;;;;;;;;;;;;CA2BjD,MAAM,4BACJ,SAIwC;EACxC,MAAM,EACJ,YACA,UACA,YACA,WACA,cACA,UACA,qBACA,gBACA,gBACE;AAEJ,MAAI,CAAC,YAAY,CAAC,cAAc,CAAC,aAC/B,OAAM,IAAI,UACR,8FACD;EAIH,MAAM,OAAO,MAAM,KAAK,OAAO,KAAK,UAAU;EAG9C,MAAM,QAAQ,KAAK,OAAO,KAAK,qBAAqB,GAAG;EAEvD,MAAM,QAAQA,mCAAc;GAC1B,gBAAgB,KAAK;GACrB,uBAAuB;GACvB;GACA;GACA,aAAa;GACb,YAAY;GACZ;GACA,uBAAuB;GACvB,iBAAiB;GACjB,WAAW;GACX,cAAc;GACd,eAAe;GACf;GACD,CAAC;AAIF,SAAO;GAAE,KAFG,GAAG,KAAK,OAAO,QAAQ,iBAAiB;GAEtC;GAAO,cAAc,KAAK;GAAc;;CAGxD,MAAM,cAAc,IAAiC;EACnD,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,IACjC,gBAAgB,KACjB;AAED,SAAOF,oDAAsB,KAAK;;;;;;;;;;;;;;;CAgBpC,MAAM,mBAEJ,EACA,MACA,UACA,gBAGA;AAEA,MAAI,iBAAiB,UAAa,aAAa,MAAM,KAAK,GACxD,OAAM,IAAI,UACR,mGAED;EAGH,MAAM,YAAY,CAAC,CAAC,KAAK,OAAO;EAChC,MAAM,UAAU,CAAC,CAAC;AAElB,MAAI,CAAC,WAAW,CAAC,UACf,OAAM,IAAI,UACR,qJAED;EAGH,MAAM,OAAO,IAAI,gBAAgB;GAC/B,WAAW;GACX,YAAY;GACZ;GACD,CAAC;AAIF,MAAI,QACF,MAAK,IAAI,iBAAiB,aAAa;AAEzC,MAAI,UACF,MAAK,IAAI,iBAAiB,KAAK,OAAO,IAAc;EAGtD,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,KAEjC,cAAc,MAAM,EAAE,iBAAiB,CAAC,WAAW,CAAC;AAEtD,SAAOG,gEAA2B,KAAK;;CAGzC,MAAM,WAAuE,EAC3E,eAC4D;EAC5D,MAAM,EAAE,SAAS,MAAM,KAAK,OAAO,IAEjC,gBAAgB,EAChB,aACD,CAAC;AAEF,SAAOC,8CAAmB,KAAK"}

package/lib/subtle-crypto-provider-BMf63Lhz.cjs

@@ -1,99 +0,0 @@
-const require_crypto_provider = require('./crypto-provider-Bg3tRE2P.cjs');
-
-//#region src/common/crypto/subtle-crypto-provider.ts
-/**
-* `CryptoProvider which uses the SubtleCrypto interface of the Web Crypto API.
-*
-* This only supports asynchronous operations.
-*/
-var SubtleCryptoProvider = class extends require_crypto_provider.CryptoProvider {
-	subtleCrypto;
-	constructor(subtleCrypto) {
-		super();
-		this.subtleCrypto = subtleCrypto || crypto.subtle;
-	}
-	computeHMACSignature(_payload, _secret) {
-		throw new Error("SubleCryptoProvider cannot be used in a synchronous context.");
-	}
-	/** @override */
-	async computeHMACSignatureAsync(payload, secret) {
-		const encoder = new TextEncoder();
-		const key = await this.subtleCrypto.importKey("raw", encoder.encode(secret), {
-			name: "HMAC",
-			hash: { name: "SHA-256" }
-		}, false, ["sign"]);
-		const signatureBuffer = await this.subtleCrypto.sign("hmac", key, encoder.encode(payload));
-		const signatureBytes = new Uint8Array(signatureBuffer);
-		const signatureHexCodes = new Array(signatureBytes.length);
-		for (let i = 0; i < signatureBytes.length; i++) signatureHexCodes[i] = byteHexMapping[signatureBytes[i]];
-		return signatureHexCodes.join("");
-	}
-	/** @override */
-	async secureCompare(stringA, stringB) {
-		const bufferA = this.encoder.encode(stringA);
-		const bufferB = this.encoder.encode(stringB);
-		if (bufferA.length !== bufferB.length) return false;
-		const algorithm = {
-			name: "HMAC",
-			hash: "SHA-256"
-		};
-		const key = await crypto.subtle.generateKey(algorithm, false, ["sign", "verify"]);
-		const hmac = await crypto.subtle.sign(algorithm, key, bufferA);
-		return await crypto.subtle.verify(algorithm, key, hmac, bufferB);
-	}
-	async encrypt(plaintext, key, iv, aad) {
-		const actualIv = iv || crypto.getRandomValues(new Uint8Array(32));
-		const cryptoKey = await this.subtleCrypto.importKey("raw", key, { name: "AES-GCM" }, false, ["encrypt"]);
-		const encryptParams = {
-			name: "AES-GCM",
-			iv: actualIv
-		};
-		if (aad) encryptParams.additionalData = aad;
-		const encryptedData = await this.subtleCrypto.encrypt(encryptParams, cryptoKey, plaintext);
-		const encryptedBytes = new Uint8Array(encryptedData);
-		const tagStart = encryptedBytes.length - 16;
-		const tag = encryptedBytes.slice(tagStart);
-		return {
-			ciphertext: encryptedBytes.slice(0, tagStart),
-			iv: actualIv,
-			tag
-		};
-	}
-	async decrypt(ciphertext, key, iv, tag, aad) {
-		const combinedData = new Uint8Array(ciphertext.length + tag.length);
-		combinedData.set(ciphertext, 0);
-		combinedData.set(tag, ciphertext.length);
-		const cryptoKey = await this.subtleCrypto.importKey("raw", key, { name: "AES-GCM" }, false, ["decrypt"]);
-		const decryptParams = {
-			name: "AES-GCM",
-			iv
-		};
-		if (aad) decryptParams.additionalData = aad;
-		const decryptedData = await this.subtleCrypto.decrypt(decryptParams, cryptoKey, combinedData);
-		return new Uint8Array(decryptedData);
-	}
-	randomBytes(length) {
-		const bytes = new Uint8Array(length);
-		crypto.getRandomValues(bytes);
-		return bytes;
-	}
-	randomUUID() {
-		if (typeof crypto !== "undefined" && typeof crypto.randomUUID === "function") return crypto.randomUUID();
-		const bytes = this.randomBytes(16);
-		bytes[6] = bytes[6] & 15 | 64;
-		bytes[8] = bytes[8] & 63 | 128;
-		const hex = Array.from(bytes, (b) => byteHexMapping[b]).join("");
-		return `${hex.slice(0, 8)}-${hex.slice(8, 12)}-${hex.slice(12, 16)}-${hex.slice(16, 20)}-${hex.slice(20)}`;
-	}
-};
-const byteHexMapping = new Array(256);
-for (let i = 0; i < byteHexMapping.length; i++) byteHexMapping[i] = i.toString(16).padStart(2, "0");
-
-//#endregion
-Object.defineProperty(exports, 'SubtleCryptoProvider', {
-  enumerable: true,
-  get: function () {
-    return SubtleCryptoProvider;
-  }
-});
-//# sourceMappingURL=subtle-crypto-provider-BMf63Lhz.cjs.map

package/lib/subtle-crypto-provider-BMf63Lhz.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"subtle-crypto-provider-BMf63Lhz.cjs","names":["CryptoProvider","encryptParams: AesGcmParams","decryptParams: AesGcmParams"],"sources":["../src/common/crypto/subtle-crypto-provider.ts"],"sourcesContent":["import { CryptoProvider } from './crypto-provider';\n\n/**\n * `CryptoProvider which uses the SubtleCrypto interface of the Web Crypto API.\n *\n * This only supports asynchronous operations.\n */\nexport class SubtleCryptoProvider extends CryptoProvider {\n  subtleCrypto: SubtleCrypto;\n\n  constructor(subtleCrypto?: SubtleCrypto) {\n    super();\n\n    // If no subtle crypto is interface, default to the global namespace. This\n    // is to allow custom interfaces (eg. using the Node webcrypto interface in\n    // tests).\n    this.subtleCrypto = subtleCrypto || crypto.subtle;\n  }\n\n  computeHMACSignature(_payload: string, _secret: string): string {\n    throw new Error(\n      'SubleCryptoProvider cannot be used in a synchronous context.',\n    );\n  }\n\n  /** @override */\n  async computeHMACSignatureAsync(\n    payload: string,\n    secret: string,\n  ): Promise<string> {\n    const encoder = new TextEncoder();\n\n    const key = await this.subtleCrypto.importKey(\n      'raw',\n      encoder.encode(secret),\n      {\n        name: 'HMAC',\n        hash: { name: 'SHA-256' },\n      },\n      false,\n      ['sign'],\n    );\n\n    const signatureBuffer = await this.subtleCrypto.sign(\n      'hmac',\n      key,\n      encoder.encode(payload),\n    );\n\n    // crypto.subtle returns the signature in base64 format. This must be\n    // encoded in hex to match the CryptoProvider contract. We map each byte in\n    // the buffer to its corresponding hex octet and then combine into a string.\n    const signatureBytes = new Uint8Array(signatureBuffer);\n    const signatureHexCodes = new Array(signatureBytes.length);\n\n    for (let i = 0; i < signatureBytes.length; i++) {\n      signatureHexCodes[i] = byteHexMapping[signatureBytes[i]];\n    }\n\n    return signatureHexCodes.join('');\n  }\n\n  /** @override */\n  async secureCompare(stringA: string, stringB: string): Promise<boolean> {\n    const bufferA = this.encoder.encode(stringA);\n    const bufferB = this.encoder.encode(stringB);\n\n    if (bufferA.length !== bufferB.length) {\n      return false;\n    }\n\n    const algorithm = { name: 'HMAC', hash: 'SHA-256' };\n    const key = (await crypto.subtle.generateKey(algorithm, false, [\n      'sign',\n      'verify',\n    ])) as CryptoKey;\n    const hmac = await crypto.subtle.sign(algorithm, key, bufferA);\n    const equal = await crypto.subtle.verify(algorithm, key, hmac, bufferB);\n\n    return equal;\n  }\n\n  async encrypt(\n    plaintext: Uint8Array,\n    key: Uint8Array,\n    iv?: Uint8Array,\n    aad?: Uint8Array,\n  ): Promise<{\n    ciphertext: Uint8Array;\n    iv: Uint8Array;\n    tag: Uint8Array;\n  }> {\n    const actualIv = iv || crypto.getRandomValues(new Uint8Array(32));\n\n    const cryptoKey = await this.subtleCrypto.importKey(\n      'raw',\n      key as BufferSource,\n      { name: 'AES-GCM' },\n      false,\n      ['encrypt'],\n    );\n\n    const encryptParams: AesGcmParams = {\n      name: 'AES-GCM',\n      iv: actualIv as BufferSource,\n    };\n\n    if (aad) {\n      encryptParams.additionalData = aad as BufferSource;\n    }\n\n    const encryptedData = await this.subtleCrypto.encrypt(\n      encryptParams,\n      cryptoKey,\n      plaintext as BufferSource,\n    );\n\n    const encryptedBytes = new Uint8Array(encryptedData);\n\n    // Extract tag (last 16 bytes)\n    const tagSize = 16;\n    const tagStart = encryptedBytes.length - tagSize;\n    const tag = encryptedBytes.slice(tagStart);\n    const ciphertext = encryptedBytes.slice(0, tagStart);\n\n    return {\n      ciphertext,\n      iv: actualIv,\n      tag,\n    };\n  }\n\n  async decrypt(\n    ciphertext: Uint8Array,\n    key: Uint8Array,\n    iv: Uint8Array,\n    tag: Uint8Array,\n    aad?: Uint8Array,\n  ): Promise<Uint8Array> {\n    // SubtleCrypto expects tag to be appended to ciphertext for AES-GCM\n    const combinedData = new Uint8Array(ciphertext.length + tag.length);\n    combinedData.set(ciphertext, 0);\n    combinedData.set(tag, ciphertext.length);\n\n    const cryptoKey = await this.subtleCrypto.importKey(\n      'raw',\n      key as BufferSource,\n      { name: 'AES-GCM' },\n      false,\n      ['decrypt'],\n    );\n\n    const decryptParams: AesGcmParams = {\n      name: 'AES-GCM',\n      iv: iv as BufferSource,\n    };\n\n    if (aad) {\n      decryptParams.additionalData = aad as BufferSource;\n    }\n\n    const decryptedData = await this.subtleCrypto.decrypt(\n      decryptParams,\n      cryptoKey,\n      combinedData,\n    );\n\n    return new Uint8Array(decryptedData);\n  }\n\n  randomBytes(length: number): Uint8Array {\n    const bytes = new Uint8Array(length);\n    crypto.getRandomValues(bytes);\n    return bytes;\n  }\n\n  randomUUID(): string {\n    if (\n      typeof crypto !== 'undefined' &&\n      typeof crypto.randomUUID === 'function'\n    ) {\n      return crypto.randomUUID();\n    }\n\n    // Fallback for environments without crypto.randomUUID\n    const bytes = this.randomBytes(16);\n    // tslint:disable-next-line:no-bitwise\n    bytes[6] = (bytes[6] & 0x0f) | 0x40; // version 4\n    // tslint:disable-next-line:no-bitwise\n    bytes[8] = (bytes[8] & 0x3f) | 0x80; // variant\n\n    const hex = Array.from(bytes, (b) => byteHexMapping[b]).join('');\n    return `${hex.slice(0, 8)}-${hex.slice(8, 12)}-${hex.slice(\n      12,\n      16,\n    )}-${hex.slice(16, 20)}-${hex.slice(20)}`;\n  }\n}\n\n// Cached mapping of byte to hex representation. We do this once to avoid re-\n// computing every time we need to convert the result of a signature to hex.\nconst byteHexMapping = new Array(256);\nfor (let i = 0; i < byteHexMapping.length; i++) {\n  byteHexMapping[i] = i.toString(16).padStart(2, '0');\n}\n"],"mappings":";;;;;;;;AAOA,IAAa,uBAAb,cAA0CA,uCAAe;CACvD;CAEA,YAAY,cAA6B;AACvC,SAAO;AAKP,OAAK,eAAe,gBAAgB,OAAO;;CAG7C,qBAAqB,UAAkB,SAAyB;AAC9D,QAAM,IAAI,MACR,+DACD;;;CAIH,MAAM,0BACJ,SACA,QACiB;EACjB,MAAM,UAAU,IAAI,aAAa;EAEjC,MAAM,MAAM,MAAM,KAAK,aAAa,UAClC,OACA,QAAQ,OAAO,OAAO,EACtB;GACE,MAAM;GACN,MAAM,EAAE,MAAM,WAAW;GAC1B,EACD,OACA,CAAC,OAAO,CACT;EAED,MAAM,kBAAkB,MAAM,KAAK,aAAa,KAC9C,QACA,KACA,QAAQ,OAAO,QAAQ,CACxB;EAKD,MAAM,iBAAiB,IAAI,WAAW,gBAAgB;EACtD,MAAM,oBAAoB,IAAI,MAAM,eAAe,OAAO;AAE1D,OAAK,IAAI,IAAI,GAAG,IAAI,eAAe,QAAQ,IACzC,mBAAkB,KAAK,eAAe,eAAe;AAGvD,SAAO,kBAAkB,KAAK,GAAG;;;CAInC,MAAM,cAAc,SAAiB,SAAmC;EACtE,MAAM,UAAU,KAAK,QAAQ,OAAO,QAAQ;EAC5C,MAAM,UAAU,KAAK,QAAQ,OAAO,QAAQ;AAE5C,MAAI,QAAQ,WAAW,QAAQ,OAC7B,QAAO;EAGT,MAAM,YAAY;GAAE,MAAM;GAAQ,MAAM;GAAW;EACnD,MAAM,MAAO,MAAM,OAAO,OAAO,YAAY,WAAW,OAAO,CAC7D,QACA,SACD,CAAC;EACF,MAAM,OAAO,MAAM,OAAO,OAAO,KAAK,WAAW,KAAK,QAAQ;AAG9D,SAFc,MAAM,OAAO,OAAO,OAAO,WAAW,KAAK,MAAM,QAAQ;;CAKzE,MAAM,QACJ,WACA,KACA,IACA,KAKC;EACD,MAAM,WAAW,MAAM,OAAO,gBAAgB,IAAI,WAAW,GAAG,CAAC;EAEjE,MAAM,YAAY,MAAM,KAAK,aAAa,UACxC,OACA,KACA,EAAE,MAAM,WAAW,EACnB,OACA,CAAC,UAAU,CACZ;EAED,MAAMC,gBAA8B;GAClC,MAAM;GACN,IAAI;GACL;AAED,MAAI,IACF,eAAc,iBAAiB;EAGjC,MAAM,gBAAgB,MAAM,KAAK,aAAa,QAC5C,eACA,WACA,UACD;EAED,MAAM,iBAAiB,IAAI,WAAW,cAAc;EAIpD,MAAM,WAAW,eAAe,SADhB;EAEhB,MAAM,MAAM,eAAe,MAAM,SAAS;AAG1C,SAAO;GACL,YAHiB,eAAe,MAAM,GAAG,SAAS;GAIlD,IAAI;GACJ;GACD;;CAGH,MAAM,QACJ,YACA,KACA,IACA,KACA,KACqB;EAErB,MAAM,eAAe,IAAI,WAAW,WAAW,SAAS,IAAI,OAAO;AACnE,eAAa,IAAI,YAAY,EAAE;AAC/B,eAAa,IAAI,KAAK,WAAW,OAAO;EAExC,MAAM,YAAY,MAAM,KAAK,aAAa,UACxC,OACA,KACA,EAAE,MAAM,WAAW,EACnB,OACA,CAAC,UAAU,CACZ;EAED,MAAMC,gBAA8B;GAClC,MAAM;GACF;GACL;AAED,MAAI,IACF,eAAc,iBAAiB;EAGjC,MAAM,gBAAgB,MAAM,KAAK,aAAa,QAC5C,eACA,WACA,aACD;AAED,SAAO,IAAI,WAAW,cAAc;;CAGtC,YAAY,QAA4B;EACtC,MAAM,QAAQ,IAAI,WAAW,OAAO;AACpC,SAAO,gBAAgB,MAAM;AAC7B,SAAO;;CAGT,aAAqB;AACnB,MACE,OAAO,WAAW,eAClB,OAAO,OAAO,eAAe,WAE7B,QAAO,OAAO,YAAY;EAI5B,MAAM,QAAQ,KAAK,YAAY,GAAG;AAElC,QAAM,KAAM,MAAM,KAAK,KAAQ;AAE/B,QAAM,KAAM,MAAM,KAAK,KAAQ;EAE/B,MAAM,MAAM,MAAM,KAAK,QAAQ,MAAM,eAAe,GAAG,CAAC,KAAK,GAAG;AAChE,SAAO,GAAG,IAAI,MAAM,GAAG,EAAE,CAAC,GAAG,IAAI,MAAM,GAAG,GAAG,CAAC,GAAG,IAAI,MACnD,IACA,GACD,CAAC,GAAG,IAAI,MAAM,IAAI,GAAG,CAAC,GAAG,IAAI,MAAM,GAAG;;;AAM3C,MAAM,iBAAiB,IAAI,MAAM,IAAI;AACrC,KAAK,IAAI,IAAI,GAAG,IAAI,eAAe,QAAQ,IACzC,gBAAe,KAAK,EAAE,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI"}

package/lib/totp.interface-4Tn9mcvR.d.cts

@@ -1,22 +0,0 @@
-//#region src/mfa/interfaces/totp.interface.d.ts
-interface Totp {
-  issuer: string;
-  user: string;
-}
-interface TotpWithSecrets extends Totp {
-  qrCode: string;
-  secret: string;
-  uri: string;
-}
-interface TotpResponse {
-  issuer: string;
-  user: string;
-}
-interface TotpWithSecretsResponse extends TotpResponse {
-  qr_code: string;
-  secret: string;
-  uri: string;
-}
-//#endregion
-export { TotpWithSecretsResponse as i, TotpResponse as n, TotpWithSecrets as r, Totp as t };
-//# sourceMappingURL=totp.interface-4Tn9mcvR.d.cts.map

package/lib/unauthorized.exception-B0Ma7wJ5.d.cts

@@ -1,13 +0,0 @@
-import { t as RequestException } from "./request-exception.interface-DahTOGID.cjs";
-
-//#region src/common/exceptions/unauthorized.exception.d.ts
-declare class UnauthorizedException extends Error implements RequestException {
-  readonly requestID: string;
-  readonly status = 401;
-  readonly name = "UnauthorizedException";
-  readonly message: string;
-  constructor(requestID: string);
-}
-//#endregion
-export { UnauthorizedException as t };
-//# sourceMappingURL=unauthorized.exception-B0Ma7wJ5.d.cts.map

package/lib/unknown-record.interface-DSMWbzCc.d.cts

@@ -1,5 +0,0 @@
-//#region src/common/interfaces/unknown-record.interface.d.ts
-type UnknownRecord = Record<string, unknown>;
-//#endregion
-export { UnknownRecord as t };
-//# sourceMappingURL=unknown-record.interface-DSMWbzCc.d.cts.map

package/lib/unprocessable-entity-error.interface-CGfXN5Ma.d.cts

@@ -1,8 +0,0 @@
-//#region src/common/interfaces/unprocessable-entity-error.interface.d.ts
-interface UnprocessableEntityError {
-  field: string;
-  code: string;
-}
-//#endregion
-export { UnprocessableEntityError as t };
-//# sourceMappingURL=unprocessable-entity-error.interface-CGfXN5Ma.d.cts.map

package/lib/unprocessable-entity.exception-rapwl2dZ.d.cts

@@ -1,25 +0,0 @@
-import { t as UnprocessableEntityError } from "./unprocessable-entity-error.interface-CGfXN5Ma.cjs";
-import { t as RequestException } from "./request-exception.interface-DahTOGID.cjs";
-
-//#region src/common/exceptions/unprocessable-entity.exception.d.ts
-declare class UnprocessableEntityException extends Error implements RequestException {
-  readonly status = 422;
-  readonly name = "UnprocessableEntityException";
-  readonly message: string;
-  readonly code?: string;
-  readonly requestID: string;
-  constructor({
-    code,
-    errors,
-    message,
-    requestID
-  }: {
-    code?: string;
-    errors?: UnprocessableEntityError[];
-    message?: string;
-    requestID: string;
-  });
-}
-//#endregion
-export { UnprocessableEntityException as t };
-//# sourceMappingURL=unprocessable-entity.exception-rapwl2dZ.d.cts.map

package/lib/unreachable-CWBbz4U6.cjs

@@ -1,23 +0,0 @@
-
-//#region src/common/utils/unreachable.ts
-/**
-* Indicates that code is unreachable.
-*
-* This can be used for exhaustiveness checks in situations where the compiler
-* would not otherwise check for exhaustiveness.
-*
-* If the determination that the code is unreachable proves incorrect, an
-* exception is thrown.
-*/
-const unreachable = (condition, message = `Entered unreachable code. Received '${condition}'.`) => {
-	throw new TypeError(message);
-};
-
-//#endregion
-Object.defineProperty(exports, 'unreachable', {
-  enumerable: true,
-  get: function () {
-    return unreachable;
-  }
-});
-//# sourceMappingURL=unreachable-CWBbz4U6.cjs.map

package/lib/unreachable-CWBbz4U6.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"unreachable-CWBbz4U6.cjs","names":[],"sources":["../src/common/utils/unreachable.ts"],"sourcesContent":["/**\n * Indicates that code is unreachable.\n *\n * This can be used for exhaustiveness checks in situations where the compiler\n * would not otherwise check for exhaustiveness.\n *\n * If the determination that the code is unreachable proves incorrect, an\n * exception is thrown.\n */\nexport const unreachable = (\n  condition: never,\n  message = `Entered unreachable code. Received '${condition}'.`,\n): never => {\n  throw new TypeError(message);\n};\n"],"mappings":";;;;;;;;;;;AASA,MAAa,eACX,WACA,UAAU,uCAAuC,UAAU,QACjD;AACV,OAAM,IAAI,UAAU,QAAQ"}

package/lib/update-environment-role-options.interface-dosXnOZd.d.cts

@@ -1,12 +0,0 @@
-//#region src/authorization/interfaces/update-environment-role-options.interface.d.ts
-interface UpdateEnvironmentRoleOptions {
-  name?: string;
-  description?: string | null;
-}
-interface SerializedUpdateEnvironmentRoleOptions {
-  name?: string;
-  description?: string | null;
-}
-//#endregion
-export { UpdateEnvironmentRoleOptions as n, SerializedUpdateEnvironmentRoleOptions as t };
-//# sourceMappingURL=update-environment-role-options.interface-dosXnOZd.d.cts.map

package/lib/update-environment-role-options.serializer-BNsh8m0U.d.cts

@@ -1,7 +0,0 @@
-import { n as UpdateEnvironmentRoleOptions, t as SerializedUpdateEnvironmentRoleOptions } from "./update-environment-role-options.interface-dosXnOZd.cjs";
-
-//#region src/authorization/serializers/update-environment-role-options.serializer.d.ts
-declare const serializeUpdateEnvironmentRoleOptions: (options: UpdateEnvironmentRoleOptions) => SerializedUpdateEnvironmentRoleOptions;
-//#endregion
-export { serializeUpdateEnvironmentRoleOptions as t };
-//# sourceMappingURL=update-environment-role-options.serializer-BNsh8m0U.d.cts.map

package/lib/update-environment-role-options.serializer-CBZS-b8e.cjs

@@ -1,15 +0,0 @@
-
-//#region src/authorization/serializers/update-environment-role-options.serializer.ts
-const serializeUpdateEnvironmentRoleOptions = (options) => ({
-	name: options.name,
-	description: options.description
-});
-
-//#endregion
-Object.defineProperty(exports, 'serializeUpdateEnvironmentRoleOptions', {
-  enumerable: true,
-  get: function () {
-    return serializeUpdateEnvironmentRoleOptions;
-  }
-});
-//# sourceMappingURL=update-environment-role-options.serializer-CBZS-b8e.cjs.map

package/lib/update-environment-role-options.serializer-CBZS-b8e.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"update-environment-role-options.serializer-CBZS-b8e.cjs","names":[],"sources":["../src/authorization/serializers/update-environment-role-options.serializer.ts"],"sourcesContent":["import {\n  UpdateEnvironmentRoleOptions,\n  SerializedUpdateEnvironmentRoleOptions,\n} from '../interfaces/update-environment-role-options.interface';\n\nexport const serializeUpdateEnvironmentRoleOptions = (\n  options: UpdateEnvironmentRoleOptions,\n): SerializedUpdateEnvironmentRoleOptions => ({\n  name: options.name,\n  description: options.description,\n});\n"],"mappings":";;AAKA,MAAa,yCACX,aAC4C;CAC5C,MAAM,QAAQ;CACd,aAAa,QAAQ;CACtB"}

package/lib/update-object.interface-H3nqYCkH.d.cts

@@ -1,13 +0,0 @@
-//#region src/vault/interfaces/object/update-object.interface.d.ts
-interface UpdateObjectEntity {
-  value: string;
-  version_check?: string;
-}
-interface UpdateObjectOptions {
-  id: string;
-  value: string;
-  versionCheck?: string;
-}
-//#endregion
-export { UpdateObjectOptions as n, UpdateObjectEntity as t };
-//# sourceMappingURL=update-object.interface-H3nqYCkH.d.cts.map

package/lib/update-organization-membership-options.interface-vwSowDwp.d.cts

@@ -1,12 +0,0 @@
-//#region src/user-management/interfaces/update-organization-membership-options.interface.d.ts
-interface UpdateOrganizationMembershipOptions {
-  roleSlug?: string;
-  roleSlugs?: string[];
-}
-interface SerializedUpdateOrganizationMembershipOptions {
-  role_slug?: string;
-  role_slugs?: string[];
-}
-//#endregion
-export { UpdateOrganizationMembershipOptions as n, SerializedUpdateOrganizationMembershipOptions as t };
-//# sourceMappingURL=update-organization-membership-options.interface-vwSowDwp.d.cts.map

package/lib/update-organization-membership-options.serializer-BL-XfapK.cjs

@@ -1,15 +0,0 @@
-
-//#region src/user-management/serializers/update-organization-membership-options.serializer.ts
-const serializeUpdateOrganizationMembershipOptions = (options) => ({
-	role_slug: options.roleSlug,
-	role_slugs: options.roleSlugs
-});
-
-//#endregion
-Object.defineProperty(exports, 'serializeUpdateOrganizationMembershipOptions', {
-  enumerable: true,
-  get: function () {
-    return serializeUpdateOrganizationMembershipOptions;
-  }
-});
-//# sourceMappingURL=update-organization-membership-options.serializer-BL-XfapK.cjs.map

package/lib/update-organization-membership-options.serializer-BL-XfapK.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"update-organization-membership-options.serializer-BL-XfapK.cjs","names":[],"sources":["../src/user-management/serializers/update-organization-membership-options.serializer.ts"],"sourcesContent":["import {\n  UpdateOrganizationMembershipOptions,\n  SerializedUpdateOrganizationMembershipOptions,\n} from '../interfaces/update-organization-membership-options.interface';\n\nexport const serializeUpdateOrganizationMembershipOptions = (\n  options: UpdateOrganizationMembershipOptions,\n): SerializedUpdateOrganizationMembershipOptions => ({\n  role_slug: options.roleSlug,\n  role_slugs: options.roleSlugs,\n});\n"],"mappings":";;AAKA,MAAa,gDACX,aACmD;CACnD,WAAW,QAAQ;CACnB,YAAY,QAAQ;CACrB"}

package/lib/update-organization-options.interface-C5szqmv1.d.cts

@@ -1,21 +0,0 @@
-import { t as DomainData } from "./domain-data.interface-CWu6PLZw.cjs";
-
-//#region src/organizations/interfaces/update-organization-options.interface.d.ts
-interface UpdateOrganizationOptions {
-  organization: string;
-  name?: string;
-  domainData?: DomainData[];
-  stripeCustomerId?: string | null;
-  externalId?: string | null;
-  metadata?: Record<string, string>;
-}
-interface SerializedUpdateOrganizationOptions {
-  name?: string;
-  domain_data?: DomainData[];
-  stripe_customer_id?: string | null;
-  external_id?: string | null;
-  metadata?: Record<string, string>;
-}
-//#endregion
-export { UpdateOrganizationOptions as n, SerializedUpdateOrganizationOptions as t };
-//# sourceMappingURL=update-organization-options.interface-C5szqmv1.d.cts.map

package/lib/update-organization-options.serializer-BMZ1uX4v.d.cts

@@ -1,7 +0,0 @@
-import { n as UpdateOrganizationOptions, t as SerializedUpdateOrganizationOptions } from "./update-organization-options.interface-C5szqmv1.cjs";
-
-//#region src/organizations/serializers/update-organization-options.serializer.d.ts
-declare const serializeUpdateOrganizationOptions: (options: Omit<UpdateOrganizationOptions, "organization">) => SerializedUpdateOrganizationOptions;
-//#endregion
-export { serializeUpdateOrganizationOptions as t };
-//# sourceMappingURL=update-organization-options.serializer-BMZ1uX4v.d.cts.map