@xylex-group/athena 2.12.0 → 2.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (96) hide show
  1. package/LICENSE +21 -21
  2. package/README.md +1190 -1184
  3. package/bin/athena-js.js +104 -76
  4. package/dist/admin.cjs +45 -0
  5. package/dist/admin.cjs.map +1 -0
  6. package/dist/admin.d.cts +64 -0
  7. package/dist/admin.d.ts +64 -0
  8. package/dist/admin.js +41 -0
  9. package/dist/admin.js.map +1 -0
  10. package/dist/athena-auth-url-oLux_57a.d.cts +377 -0
  11. package/dist/athena-auth-url-oLux_57a.d.ts +377 -0
  12. package/dist/browser.cjs +33 -46
  13. package/dist/browser.cjs.map +1 -1
  14. package/dist/browser.d.cts +12 -10
  15. package/dist/browser.d.ts +12 -10
  16. package/dist/browser.js +33 -46
  17. package/dist/browser.js.map +1 -1
  18. package/dist/cli/index.cjs +150 -48
  19. package/dist/cli/index.cjs.map +1 -1
  20. package/dist/cli/index.d.cts +14 -5
  21. package/dist/cli/index.d.ts +14 -5
  22. package/dist/cli/index.js +150 -49
  23. package/dist/cli/index.js.map +1 -1
  24. package/dist/{client-QUbAs7E8.d.ts → client-BJjUwDSg.d.cts} +109 -1448
  25. package/dist/{client-C3x75Zgn.d.cts → client-DVOKSYDI.d.ts} +109 -1448
  26. package/dist/cookies.cjs +18 -0
  27. package/dist/cookies.cjs.map +1 -1
  28. package/dist/cookies.d.cts +2 -1
  29. package/dist/cookies.d.ts +2 -1
  30. package/dist/cookies.js +17 -1
  31. package/dist/cookies.js.map +1 -1
  32. package/dist/{index-CVcQCGyG.d.ts → index-CFL9xbFR.d.cts} +2 -0
  33. package/dist/{index-CVcQCGyG.d.cts → index-UKJpunc6.d.ts} +2 -0
  34. package/dist/index.cjs +101 -46
  35. package/dist/index.cjs.map +1 -1
  36. package/dist/index.d.cts +13 -10
  37. package/dist/index.d.ts +13 -10
  38. package/dist/index.js +101 -47
  39. package/dist/index.js.map +1 -1
  40. package/dist/{model-form-CD1uhWSh.d.cts → model-form-Dw4zEL5a.d.cts} +2 -2
  41. package/dist/{model-form-Dm69I-oO.d.ts → model-form-yRg71q3H.d.ts} +2 -2
  42. package/dist/{module-CW3tWJ10.d.ts → module-DBteUIob.d.ts} +12 -9
  43. package/dist/{module-Cxcurfes.d.cts → module-yoX49uQC.d.cts} +12 -9
  44. package/dist/next/client.cjs +452 -46
  45. package/dist/next/client.cjs.map +1 -1
  46. package/dist/next/client.d.cts +7 -4
  47. package/dist/next/client.d.ts +7 -4
  48. package/dist/next/client.js +430 -47
  49. package/dist/next/client.js.map +1 -1
  50. package/dist/next/server.cjs +292 -46
  51. package/dist/next/server.cjs.map +1 -1
  52. package/dist/next/server.d.cts +81 -5
  53. package/dist/next/server.d.ts +81 -5
  54. package/dist/next/server.js +280 -47
  55. package/dist/next/server.js.map +1 -1
  56. package/dist/organization.cjs +72 -0
  57. package/dist/organization.cjs.map +1 -0
  58. package/dist/organization.d.cts +43 -0
  59. package/dist/organization.d.ts +43 -0
  60. package/dist/organization.js +70 -0
  61. package/dist/organization.js.map +1 -0
  62. package/dist/payload-BzVbUgY_.d.cts +219 -0
  63. package/dist/payload-DEOWN_oo.d.ts +219 -0
  64. package/dist/{pipeline-BAwb6Vzm.d.ts → pipeline-Bj6RWt1A.d.ts} +1 -1
  65. package/dist/{pipeline-B14jVK7J.d.cts → pipeline-Dwck-wZO.d.cts} +1 -1
  66. package/dist/react.cjs +2 -10
  67. package/dist/react.cjs.map +1 -1
  68. package/dist/react.d.cts +26 -7
  69. package/dist/react.d.ts +26 -7
  70. package/dist/react.js +2 -10
  71. package/dist/react.js.map +1 -1
  72. package/dist/session-cookie-detection-BqOp9mO6.d.cts +46 -0
  73. package/dist/session-cookie-detection-BqOp9mO6.d.ts +46 -0
  74. package/dist/social-providers.cjs +4189 -0
  75. package/dist/social-providers.cjs.map +1 -0
  76. package/dist/social-providers.d.cts +4948 -0
  77. package/dist/social-providers.d.ts +4948 -0
  78. package/dist/social-providers.js +4117 -0
  79. package/dist/social-providers.js.map +1 -0
  80. package/dist/{types-Cq4-NoB4.d.ts → types-BRP7sfSF.d.ts} +50 -2
  81. package/dist/{types-Dr849HD6.d.cts → types-BU8uJH_b.d.cts} +50 -2
  82. package/dist/{types-CwJCPpLD.d.ts → types-CH78O90i.d.cts} +2 -2
  83. package/dist/{types-CwJCPpLD.d.cts → types-CH78O90i.d.ts} +2 -2
  84. package/dist/{types-DMOoYnPS.d.cts → types-CjC9_5ZQ.d.cts} +3 -3
  85. package/dist/{types-BcVmPBP-.d.ts → types-DPgejxYC.d.ts} +3 -3
  86. package/dist/types-eAKAh71s.d.cts +1476 -0
  87. package/dist/types-eAKAh71s.d.ts +1476 -0
  88. package/dist/utils.cjs +438 -12
  89. package/dist/utils.cjs.map +1 -1
  90. package/dist/utils.d.cts +76 -11
  91. package/dist/utils.d.ts +76 -11
  92. package/dist/utils.js +390 -13
  93. package/dist/utils.js.map +1 -1
  94. package/package.json +49 -22
  95. package/dist/shared-0Kdc74lu.d.ts +0 -35
  96. package/dist/shared-C0wVICRv.d.cts +0 -35
@@ -1,7 +1,10 @@
1
- import { cA as AthenaSdkClientWithStorage, cz as AthenaSdkClientWithAuth } from '../client-C3x75Zgn.cjs';
2
- import { A as AthenaAdapterBaseOptions, a as AthenaAdapterExperimentalOptions } from '../shared-C0wVICRv.cjs';
3
- import '../types-CwJCPpLD.cjs';
4
- import '../types-Dr849HD6.cjs';
1
+ import { aX as AthenaSdkClientWithStorage, aW as AthenaSdkClientWithAuth } from '../client-BJjUwDSg.cjs';
2
+ import { A as AthenaAdapterBaseOptions, a as AthenaAdapterExperimentalOptions } from '../payload-BzVbUgY_.cjs';
3
+ export { b as ATHENA_AUTH_SESSION_BRIDGE_ROUTE, c as ATHENA_AUTH_SESSION_COOKIE_NAME, d as ATHENA_AUTH_SESSION_COOKIE_NAMES, e as AthenaAuthSessionBridgeClientOptions, f as AthenaAuthSessionBridgePayload, g as AthenaAuthSessionBridgeSource, h as clearAthenaAuthSessionOnAppHost, p as persistAthenaAuthSessionOnAppHost, r as resolveSessionBridgePayload } from '../payload-BzVbUgY_.cjs';
4
+ export { A as ATHENA_AUTH_COOKIE_PREFIXES, a as ATHENA_AUTH_PATH, b as ATHENA_AUTH_UPSTREAM_ENV_KEYS, c as ATHENA_AUTH_UPSTREAM_URL_ENV_NAMES, d as AUTH_DEFAULT_VIEW, e as AUTH_ROUTES, f as AUTH_VIEW_BY_SEGMENT, g as AuthView, C as ClearAuthCookiesOptions, D as DEFAULT_ATHENA_AUTH_ORIGIN, h as clearAuthCookies, i as isAbsoluteUrl, n as normalizeAthenaAuthBaseUrl, r as resolveAthenaAuthClientBaseUrl, j as resolveAthenaAuthRequestUrl, k as resolveAthenaAuthUpstreamUrl, l as resolveAuthViewFromSegment, m as resolveEmailVerificationCallbackUrl, s as shouldRedirectAuthenticatedAuthView } from '../athena-auth-url-oLux_57a.cjs';
5
+ import '../types-CH78O90i.cjs';
6
+ import '../types-eAKAh71s.cjs';
7
+ import '../types-BU8uJH_b.cjs';
5
8
 
6
9
  type AthenaBrowserClientOptions = AthenaAdapterBaseOptions;
7
10
  type AthenaBrowserClientOptionsWithStorage = AthenaBrowserClientOptions & {
@@ -1,7 +1,10 @@
1
- import { cA as AthenaSdkClientWithStorage, cz as AthenaSdkClientWithAuth } from '../client-QUbAs7E8.js';
2
- import { A as AthenaAdapterBaseOptions, a as AthenaAdapterExperimentalOptions } from '../shared-0Kdc74lu.js';
3
- import '../types-CwJCPpLD.js';
4
- import '../types-Cq4-NoB4.js';
1
+ import { aX as AthenaSdkClientWithStorage, aW as AthenaSdkClientWithAuth } from '../client-DVOKSYDI.js';
2
+ import { A as AthenaAdapterBaseOptions, a as AthenaAdapterExperimentalOptions } from '../payload-DEOWN_oo.js';
3
+ export { b as ATHENA_AUTH_SESSION_BRIDGE_ROUTE, c as ATHENA_AUTH_SESSION_COOKIE_NAME, d as ATHENA_AUTH_SESSION_COOKIE_NAMES, e as AthenaAuthSessionBridgeClientOptions, f as AthenaAuthSessionBridgePayload, g as AthenaAuthSessionBridgeSource, h as clearAthenaAuthSessionOnAppHost, p as persistAthenaAuthSessionOnAppHost, r as resolveSessionBridgePayload } from '../payload-DEOWN_oo.js';
4
+ export { A as ATHENA_AUTH_COOKIE_PREFIXES, a as ATHENA_AUTH_PATH, b as ATHENA_AUTH_UPSTREAM_ENV_KEYS, c as ATHENA_AUTH_UPSTREAM_URL_ENV_NAMES, d as AUTH_DEFAULT_VIEW, e as AUTH_ROUTES, f as AUTH_VIEW_BY_SEGMENT, g as AuthView, C as ClearAuthCookiesOptions, D as DEFAULT_ATHENA_AUTH_ORIGIN, h as clearAuthCookies, i as isAbsoluteUrl, n as normalizeAthenaAuthBaseUrl, r as resolveAthenaAuthClientBaseUrl, j as resolveAthenaAuthRequestUrl, k as resolveAthenaAuthUpstreamUrl, l as resolveAuthViewFromSegment, m as resolveEmailVerificationCallbackUrl, s as shouldRedirectAuthenticatedAuthView } from '../athena-auth-url-oLux_57a.js';
5
+ import '../types-CH78O90i.js';
6
+ import '../types-eAKAh71s.js';
7
+ import '../types-BRP7sfSF.js';
5
8
 
6
9
  type AthenaBrowserClientOptions = AthenaAdapterBaseOptions;
7
10
  type AthenaBrowserClientOptionsWithStorage = AthenaBrowserClientOptions & {
@@ -160,7 +160,7 @@ var getSessionCookie = (request2, config) => {
160
160
 
161
161
  // src/utils/athena-request-headers.ts
162
162
  var NO_CACHE_HEADER_VALUE = "no-cache";
163
- var API_KEY_HEADER_CANDIDATES = ["x-api-key", "apikey"];
163
+ var API_KEY_HEADER_CANDIDATES = ["X-Athena-Key", "x-athena-key", "X-Api-Key", "x-api-key", "apikey"];
164
164
  var ATHENA_KEY_HEADER_CANDIDATES = ["X-Athena-Key", "x-athena-key"];
165
165
  var SESSION_TOKEN_HEADER_CANDIDATES = ["X-Athena-Auth-Session-Token"];
166
166
  var BEARER_MIRROR_HEADER_CANDIDATES = ["X-Athena-Auth-Bearer-Token"];
@@ -262,14 +262,6 @@ function buildServiceRequestHeaders(profile, sdkHeaderValue, config, options, ex
262
262
  });
263
263
  }
264
264
  function applyAthenaApiKeyHeaders(headers, apiKey, athenaKey) {
265
- if (apiKey) {
266
- if (!hasHeaderIgnoreCase(headers, "apikey")) {
267
- headers.apikey = apiKey;
268
- }
269
- if (!hasHeaderIgnoreCase(headers, "x-api-key")) {
270
- headers["x-api-key"] = apiKey;
271
- }
272
- }
273
265
  const resolvedAthenaKey = normalizeHeaderValue(athenaKey) ?? normalizeHeaderValue(apiKey);
274
266
  if (resolvedAthenaKey && !hasHeaderIgnoreCase(headers, "X-Athena-Key")) {
275
267
  headers["X-Athena-Key"] = resolvedAthenaKey;
@@ -395,7 +387,7 @@ function buildAthenaRequestHeaders(input) {
395
387
 
396
388
  // package.json
397
389
  var package_default = {
398
- version: "2.12.0"
390
+ version: "2.13.0"
399
391
  };
400
392
 
401
393
  // src/sdk-version.ts
@@ -2824,38 +2816,6 @@ async function withRetry(config, fn) {
2824
2816
  throw new Error("withRetry reached an unexpected state");
2825
2817
  }
2826
2818
 
2827
- // src/db/module.ts
2828
- function createDbModule(input) {
2829
- const db = {
2830
- from: input.from,
2831
- select(table, first, second) {
2832
- if (first && typeof first === "object" && !Array.isArray(first)) {
2833
- return input.from(table).select(void 0, first);
2834
- }
2835
- return input.from(table).select(first, second);
2836
- },
2837
- insert(table, values, options) {
2838
- return Array.isArray(values) ? input.from(table).insert(values, options) : input.from(table).insert(values, options);
2839
- },
2840
- upsert(table, values, options) {
2841
- return Array.isArray(values) ? input.from(table).upsert(values, options) : input.from(table).upsert(values, options);
2842
- },
2843
- update(table, values, options) {
2844
- return input.from(table).update(values, options);
2845
- },
2846
- delete(table, options) {
2847
- return input.from(table).delete(options);
2848
- },
2849
- rpc(fn, args, options) {
2850
- return input.rpc(fn, args, options);
2851
- },
2852
- query(query, options) {
2853
- return input.query(query, options);
2854
- }
2855
- };
2856
- return db;
2857
- }
2858
-
2859
2819
  // src/storage/file.ts
2860
2820
  function createStorageFileModule(base, config = {}) {
2861
2821
  const upload = async (input, options) => {
@@ -8434,7 +8394,30 @@ function createClientFromConfig(config, sourceConfig) {
8434
8394
  config.experimental,
8435
8395
  queryTracer
8436
8396
  );
8437
- const db = createDbModule({ from, rpc, query });
8397
+ const untypedDbFrom = from;
8398
+ const db = {
8399
+ from,
8400
+ select(table, first, second) {
8401
+ if (first && typeof first === "object" && !Array.isArray(first)) {
8402
+ return untypedDbFrom(table).select(void 0, first);
8403
+ }
8404
+ return untypedDbFrom(table).select(first, second);
8405
+ },
8406
+ insert(table, values, options) {
8407
+ return Array.isArray(values) ? untypedDbFrom(table).insert(values, options) : untypedDbFrom(table).insert(values, options);
8408
+ },
8409
+ upsert(table, values, options) {
8410
+ return Array.isArray(values) ? untypedDbFrom(table).upsert(values, options) : untypedDbFrom(table).upsert(values, options);
8411
+ },
8412
+ update(table, values, options) {
8413
+ return untypedDbFrom(table).update(values, options);
8414
+ },
8415
+ delete(table, options) {
8416
+ return untypedDbFrom(table).delete(options);
8417
+ },
8418
+ rpc,
8419
+ query
8420
+ };
8438
8421
  const chat = createChatModule({
8439
8422
  baseUrl: config.chatUrl,
8440
8423
  apiKey: config.apiKey,
@@ -8585,7 +8568,9 @@ function createClientFromConfig(config, sourceConfig) {
8585
8568
  var AthenaClient = class {
8586
8569
  /** Create a fluent builder for a strongly-typed Athena SDK client. */
8587
8570
  static builder() {
8588
- return createAthenaClientBuilder((config) => createClientFromInput(config));
8571
+ return createAthenaClientBuilder(
8572
+ (config) => createClientFromInput(config)
8573
+ );
8589
8574
  }
8590
8575
  static fromEnvironment(options = {}) {
8591
8576
  const env = options.env ?? process.env;
@@ -8616,11 +8601,12 @@ var AthenaClient = class {
8616
8601
  });
8617
8602
  }
8618
8603
  };
8619
- function createClient(configOrUrl, apiKey, options) {
8604
+ function createClient(...args) {
8605
+ const [configOrUrl, apiKey, options] = args;
8620
8606
  if (typeof configOrUrl === "string" || configOrUrl === null || configOrUrl === void 0) {
8621
8607
  return createClientFromInput({
8622
8608
  url: configOrUrl,
8623
- key: "",
8609
+ key: apiKey ?? "",
8624
8610
  ...options
8625
8611
  });
8626
8612
  }
@@ -8664,6 +8650,403 @@ function createAdapterClient(options, context) {
8664
8650
  return client;
8665
8651
  }
8666
8652
 
8653
+ // src/next/session-bridge/constants.ts
8654
+ var ATHENA_AUTH_SESSION_BRIDGE_ROUTE = "/api/athena-auth/session";
8655
+ var ATHENA_AUTH_SESSION_COOKIE_NAME = "athena-auth.session-token";
8656
+ var ATHENA_AUTH_SESSION_COOKIE_NAMES = [
8657
+ ATHENA_AUTH_SESSION_COOKIE_NAME,
8658
+ "athena-auth.session_token"
8659
+ ];
8660
+
8661
+ // src/next/session-bridge/client.ts
8662
+ var JSON_CONTENT_TYPE = "application/json";
8663
+ function isBrowserRuntime() {
8664
+ return typeof globalThis !== "undefined" && "window" in globalThis;
8665
+ }
8666
+ async function persistAthenaAuthSessionOnAppHost(payload, options) {
8667
+ if (!(payload && isBrowserRuntime())) {
8668
+ return;
8669
+ }
8670
+ const route = options?.route ?? ATHENA_AUTH_SESSION_BRIDGE_ROUTE;
8671
+ const fetchImpl = options?.fetch ?? fetch;
8672
+ const response = await fetchImpl(route, {
8673
+ body: JSON.stringify(payload),
8674
+ credentials: "same-origin",
8675
+ headers: {
8676
+ "Content-Type": JSON_CONTENT_TYPE
8677
+ },
8678
+ method: "POST"
8679
+ });
8680
+ if (!response.ok) {
8681
+ throw new Error("Failed to persist the Athena Auth session on the app host");
8682
+ }
8683
+ }
8684
+ async function clearAthenaAuthSessionOnAppHost(options) {
8685
+ if (!isBrowserRuntime()) {
8686
+ return;
8687
+ }
8688
+ const route = options?.route ?? ATHENA_AUTH_SESSION_BRIDGE_ROUTE;
8689
+ const fetchImpl = options?.fetch ?? fetch;
8690
+ const response = await fetchImpl(route, {
8691
+ credentials: "same-origin",
8692
+ method: "DELETE"
8693
+ });
8694
+ if (!response.ok) {
8695
+ throw new Error("Failed to clear the Athena Auth session on the app host");
8696
+ }
8697
+ }
8698
+
8699
+ // src/next/session-bridge/payload.ts
8700
+ function resolveSessionBridgePayload(payload) {
8701
+ const token = payload?.session?.token ?? payload?.token;
8702
+ if (typeof token !== "string") {
8703
+ return null;
8704
+ }
8705
+ const normalizedToken = token.trim();
8706
+ if (!normalizedToken) {
8707
+ return null;
8708
+ }
8709
+ return {
8710
+ token: normalizedToken,
8711
+ expiresAt: typeof payload?.session?.expiresAt === "string" ? payload.session.expiresAt : void 0
8712
+ };
8713
+ }
8714
+
8715
+ // src/utils/hostname.ts
8716
+ var LOCAL_IPV4_PATTERN = /^127(?:\.\d{1,3}){3}$/;
8717
+ function isLocalHostname(hostname) {
8718
+ const normalized = hostname.trim().replace(/\.$/, "").toLowerCase();
8719
+ if (!normalized) {
8720
+ return false;
8721
+ }
8722
+ if (normalized === "localhost" || normalized.endsWith(".localhost")) {
8723
+ return true;
8724
+ }
8725
+ if (normalized === "127.0.0.1" || LOCAL_IPV4_PATTERN.test(normalized) || normalized === "::1" || normalized === "[::1]" || normalized === "0:0:0:0:0:0:0:1") {
8726
+ return true;
8727
+ }
8728
+ return false;
8729
+ }
8730
+
8731
+ // src/utils/auth-cookies.ts
8732
+ var ATHENA_AUTH_COOKIE_PREFIXES = [
8733
+ "athena-auth",
8734
+ "__Secure-athena-auth",
8735
+ "better-auth",
8736
+ "__Secure-better-auth"
8737
+ ];
8738
+ function extractCookieNames(cookieHeader) {
8739
+ const names = /* @__PURE__ */ new Set();
8740
+ for (const rawCookie of cookieHeader.split(";")) {
8741
+ const trimmed = rawCookie.trim();
8742
+ if (!trimmed) continue;
8743
+ const eqPos = trimmed.indexOf("=");
8744
+ const name = (eqPos > -1 ? trimmed.slice(0, eqPos) : trimmed).trim();
8745
+ if (name) {
8746
+ names.add(name);
8747
+ }
8748
+ }
8749
+ return Array.from(names);
8750
+ }
8751
+ function buildCookieDomainCandidates(hostname) {
8752
+ const normalized = hostname.trim().replace(/\.$/, "").toLowerCase();
8753
+ if (!normalized || isLocalHostname(normalized)) {
8754
+ return [];
8755
+ }
8756
+ const labels = normalized.split(".").filter(Boolean);
8757
+ if (labels.length < 2) {
8758
+ return [normalized, `.${normalized}`];
8759
+ }
8760
+ const domains = /* @__PURE__ */ new Set();
8761
+ for (let index = 0; index <= labels.length - 2; index += 1) {
8762
+ const domain = labels.slice(index).join(".");
8763
+ domains.add(domain);
8764
+ domains.add(`.${domain}`);
8765
+ }
8766
+ return Array.from(domains);
8767
+ }
8768
+ function getCookieStore() {
8769
+ const candidate = globalThis.document;
8770
+ if (!candidate || typeof candidate.cookie !== "string") {
8771
+ return null;
8772
+ }
8773
+ return candidate;
8774
+ }
8775
+ function getRuntimeHostname() {
8776
+ const fromWindow = globalThis.window?.location?.hostname;
8777
+ if (typeof fromWindow === "string") {
8778
+ return fromWindow;
8779
+ }
8780
+ const fromLocation = globalThis.location?.hostname;
8781
+ if (typeof fromLocation === "string") {
8782
+ return fromLocation;
8783
+ }
8784
+ return "";
8785
+ }
8786
+ function writeExpiredCookie(cookieStore, name, path, domain) {
8787
+ const domainClause = domain ? ` domain=${domain};` : "";
8788
+ cookieStore.cookie = `${name}=; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; path=${path};${domainClause}`;
8789
+ }
8790
+ function clearAuthCookies(options = {}) {
8791
+ const cookieStore = getCookieStore();
8792
+ if (!cookieStore) {
8793
+ return [];
8794
+ }
8795
+ const cookieHeader = options.cookieHeader ?? cookieStore.cookie;
8796
+ if (!cookieHeader?.trim()) {
8797
+ return [];
8798
+ }
8799
+ const prefixes = options.prefixes?.length ? options.prefixes : [...ATHENA_AUTH_COOKIE_PREFIXES];
8800
+ const cookieNames = extractCookieNames(cookieHeader);
8801
+ const namesToClear = cookieNames.filter(
8802
+ (name) => prefixes.some((prefix) => name.startsWith(prefix))
8803
+ );
8804
+ if (namesToClear.length === 0) {
8805
+ return [];
8806
+ }
8807
+ const path = options.path?.trim() || "/";
8808
+ const hostname = options.hostname ?? getRuntimeHostname();
8809
+ const domainCandidates = buildCookieDomainCandidates(hostname);
8810
+ for (const name of namesToClear) {
8811
+ writeExpiredCookie(cookieStore, name, path);
8812
+ for (const domain of domainCandidates) {
8813
+ writeExpiredCookie(cookieStore, name, path, domain);
8814
+ }
8815
+ }
8816
+ return namesToClear;
8817
+ }
8818
+
8819
+ // src/utils/auth-routes.ts
8820
+ var AUTH_DEFAULT_VIEW = "sign-in";
8821
+ var AUTH_VIEW_BY_SEGMENT = {
8822
+ "accept-invitation": "accept-invitation",
8823
+ "check-email": "check-email",
8824
+ "forget-password": "forgot-password",
8825
+ "forgot-password": "forgot-password",
8826
+ logout: "logout",
8827
+ "reset-email-sent": "reset-email-sent",
8828
+ "reset-password": "reset-password",
8829
+ "sign-in": "sign-in",
8830
+ "sign-up": "sign-up"
8831
+ };
8832
+ var AUTHENTICATED_REDIRECT_VIEW_SET = /* @__PURE__ */ new Set([
8833
+ "sign-in",
8834
+ "sign-up",
8835
+ "forgot-password"
8836
+ ]);
8837
+ function resolveAuthViewFromSegment(segment) {
8838
+ if (!segment) {
8839
+ return AUTH_DEFAULT_VIEW;
8840
+ }
8841
+ return AUTH_VIEW_BY_SEGMENT[segment] ?? null;
8842
+ }
8843
+ function shouldRedirectAuthenticatedAuthView(view) {
8844
+ return AUTHENTICATED_REDIRECT_VIEW_SET.has(view);
8845
+ }
8846
+ var AUTH_ROUTES = {
8847
+ acceptInvitation: "/auth/accept-invitation",
8848
+ appHome: "/",
8849
+ checkEmail: "/auth/check-email",
8850
+ forgotPassword: "/auth/forgot-password",
8851
+ logout: "/auth/logout",
8852
+ resetEmailSent: "/auth/reset-email-sent",
8853
+ resetPassword: "/auth/reset-password",
8854
+ signIn: "/auth/sign-in",
8855
+ signUp: "/auth/sign-up",
8856
+ socialCallback: "/auth/social-callback"
8857
+ };
8858
+ function createAuthModeRedirects(routes = AUTH_ROUTES) {
8859
+ return {
8860
+ "forgot-password": routes.forgotPassword,
8861
+ login: routes.signIn,
8862
+ logout: routes.logout,
8863
+ "reset-password": routes.resetPassword,
8864
+ signup: routes.signUp
8865
+ };
8866
+ }
8867
+ var AUTH_MODE_REDIRECTS = createAuthModeRedirects();
8868
+ new Set(Object.keys(AUTH_MODE_REDIRECTS));
8869
+
8870
+ // src/utils/athena-auth-url.ts
8871
+ var ATHENA_AUTH_PATH = "/api/auth";
8872
+ var LOCAL_DEV_ORIGIN = "http://localhost:3000";
8873
+ var DEFAULT_ATHENA_AUTH_ORIGIN = "https://auth.athena-auth.com";
8874
+ var ATHENA_AUTH_UPSTREAM_ENV_KEYS = [
8875
+ "ATHENA_AUTH_UPSTREAM_URL",
8876
+ "ATHENA_AUTH_URL",
8877
+ "NEXT_PUBLIC_ATHENA_AUTH_UPSTREAM_URL",
8878
+ "NEXT_PUBLIC_ATHENA_AUTH_URL"
8879
+ ];
8880
+ var ATHENA_AUTH_UPSTREAM_URL_ENV_NAMES = ATHENA_AUTH_UPSTREAM_ENV_KEYS;
8881
+ var LEADING_SLASHES_REGEX = /^\/+/;
8882
+ function stripTrailingSlashes(value) {
8883
+ return value.replace(/\/+$/g, "");
8884
+ }
8885
+ function ensureLeadingSlash(value) {
8886
+ return value.startsWith("/") ? value : `/${value}`;
8887
+ }
8888
+ function ensureAthenaAuthPath(pathname) {
8889
+ const normalizedPath = stripTrailingSlashes(
8890
+ ensureLeadingSlash(pathname.trim())
8891
+ );
8892
+ if (!normalizedPath || normalizedPath === "/") {
8893
+ return ATHENA_AUTH_PATH;
8894
+ }
8895
+ if (normalizedPath.endsWith(ATHENA_AUTH_PATH)) {
8896
+ return normalizedPath;
8897
+ }
8898
+ return `${normalizedPath}${ATHENA_AUTH_PATH}`;
8899
+ }
8900
+ function stripAthenaAuthPath(pathname) {
8901
+ const normalizedPath = stripTrailingSlashes(
8902
+ ensureLeadingSlash(pathname.trim())
8903
+ );
8904
+ if (!normalizedPath || normalizedPath === "/") {
8905
+ return "/";
8906
+ }
8907
+ if (normalizedPath === ATHENA_AUTH_PATH) {
8908
+ return "/";
8909
+ }
8910
+ if (normalizedPath.endsWith(ATHENA_AUTH_PATH)) {
8911
+ const withoutAuthPath = normalizedPath.slice(0, -ATHENA_AUTH_PATH.length);
8912
+ return withoutAuthPath ? ensureLeadingSlash(withoutAuthPath) : "/";
8913
+ }
8914
+ return normalizedPath;
8915
+ }
8916
+ function readProcessEnv2() {
8917
+ try {
8918
+ const maybeProcess = globalThis.process;
8919
+ return maybeProcess?.env;
8920
+ } catch {
8921
+ return void 0;
8922
+ }
8923
+ }
8924
+ function getBrowserOrigin() {
8925
+ try {
8926
+ const origin = globalThis.window?.location?.origin;
8927
+ return typeof origin === "string" && origin.length > 0 ? origin : void 0;
8928
+ } catch {
8929
+ return void 0;
8930
+ }
8931
+ }
8932
+ function isAbsoluteUrl(value) {
8933
+ const trimmed = value.trim();
8934
+ return trimmed.startsWith("http://") || trimmed.startsWith("https://");
8935
+ }
8936
+ function readAthenaAuthUpstreamUrlFromEnv(env) {
8937
+ for (const key of ATHENA_AUTH_UPSTREAM_ENV_KEYS) {
8938
+ const value = env[key]?.trim();
8939
+ if (value) {
8940
+ return value;
8941
+ }
8942
+ }
8943
+ return void 0;
8944
+ }
8945
+ function resolveConfiguredAthenaAuthUpstreamUrl(rawUpstreamUrl) {
8946
+ if (typeof rawUpstreamUrl === "string") {
8947
+ const trimmed = rawUpstreamUrl.trim();
8948
+ return trimmed || void 0;
8949
+ }
8950
+ if (rawUpstreamUrl) {
8951
+ return readAthenaAuthUpstreamUrlFromEnv(rawUpstreamUrl);
8952
+ }
8953
+ const processEnv = readProcessEnv2();
8954
+ return processEnv ? readAthenaAuthUpstreamUrlFromEnv(processEnv) : void 0;
8955
+ }
8956
+ function normalizeAthenaAuthBaseUrl(urlOrPath) {
8957
+ const trimmed = urlOrPath.trim();
8958
+ if (!trimmed) {
8959
+ return ATHENA_AUTH_PATH;
8960
+ }
8961
+ if (isAbsoluteUrl(trimmed)) {
8962
+ const url = new URL(trimmed);
8963
+ url.pathname = ensureAthenaAuthPath(url.pathname);
8964
+ url.search = "";
8965
+ url.hash = "";
8966
+ return stripTrailingSlashes(url.toString());
8967
+ }
8968
+ return ensureAthenaAuthPath(trimmed);
8969
+ }
8970
+ function resolveAthenaAuthUpstreamUrl(rawUpstreamUrl) {
8971
+ const configuredUpstream = resolveConfiguredAthenaAuthUpstreamUrl(rawUpstreamUrl) || DEFAULT_ATHENA_AUTH_ORIGIN;
8972
+ if (isAbsoluteUrl(configuredUpstream)) {
8973
+ const upstreamUrl = new URL(configuredUpstream);
8974
+ upstreamUrl.pathname = stripAthenaAuthPath(upstreamUrl.pathname);
8975
+ upstreamUrl.search = "";
8976
+ upstreamUrl.hash = "";
8977
+ return stripTrailingSlashes(upstreamUrl.toString());
8978
+ }
8979
+ const normalizedPath = stripAthenaAuthPath(configuredUpstream);
8980
+ return stripTrailingSlashes(
8981
+ new URL(normalizedPath, LOCAL_DEV_ORIGIN).toString()
8982
+ );
8983
+ }
8984
+ function resolveBrowserFacingOrigin(rawUpstreamUrl) {
8985
+ if (resolveConfiguredAthenaAuthUpstreamUrl(rawUpstreamUrl)) {
8986
+ return `${resolveAthenaAuthUpstreamUrl(rawUpstreamUrl)}/`;
8987
+ }
8988
+ const browserOrigin = getBrowserOrigin();
8989
+ if (browserOrigin) {
8990
+ return `${browserOrigin}/`;
8991
+ }
8992
+ return `${LOCAL_DEV_ORIGIN}/`;
8993
+ }
8994
+ function resolvePreservedAthenaAuthBaseUrl(configuredAuthBaseUrl, rawUpstreamUrl) {
8995
+ const trimmed = configuredAuthBaseUrl.trim();
8996
+ const preservedConfiguredBaseUrl = trimmed || ATHENA_AUTH_PATH;
8997
+ if (isAbsoluteUrl(preservedConfiguredBaseUrl)) {
8998
+ return stripTrailingSlashes(preservedConfiguredBaseUrl);
8999
+ }
9000
+ return stripTrailingSlashes(
9001
+ new URL(
9002
+ ensureLeadingSlash(preservedConfiguredBaseUrl),
9003
+ resolveBrowserFacingOrigin(rawUpstreamUrl)
9004
+ ).toString()
9005
+ );
9006
+ }
9007
+ function resolveAthenaAuthClientBaseUrl(configuredAuthBaseUrl, rawUpstreamUrl, options = {}) {
9008
+ let baseInput;
9009
+ if (typeof configuredAuthBaseUrl === "string") {
9010
+ baseInput = configuredAuthBaseUrl;
9011
+ } else if (configuredAuthBaseUrl) {
9012
+ baseInput = readAthenaAuthUpstreamUrlFromEnv(configuredAuthBaseUrl) ?? ATHENA_AUTH_PATH;
9013
+ } else {
9014
+ const fromEnv = resolveConfiguredAthenaAuthUpstreamUrl(rawUpstreamUrl);
9015
+ baseInput = fromEnv ?? ATHENA_AUTH_PATH;
9016
+ }
9017
+ if (options.appendAuthPath === false) {
9018
+ return resolvePreservedAthenaAuthBaseUrl(baseInput, rawUpstreamUrl);
9019
+ }
9020
+ const normalizedConfiguredBaseUrl = normalizeAthenaAuthBaseUrl(baseInput);
9021
+ if (isAbsoluteUrl(normalizedConfiguredBaseUrl)) {
9022
+ return normalizedConfiguredBaseUrl;
9023
+ }
9024
+ const browserOrigin = getBrowserOrigin();
9025
+ if (browserOrigin) {
9026
+ return stripTrailingSlashes(
9027
+ new URL(normalizedConfiguredBaseUrl, browserOrigin).toString()
9028
+ );
9029
+ }
9030
+ if (resolveConfiguredAthenaAuthUpstreamUrl(rawUpstreamUrl)) {
9031
+ const upstream = resolveAthenaAuthUpstreamUrl(rawUpstreamUrl);
9032
+ return stripTrailingSlashes(
9033
+ new URL(ATHENA_AUTH_PATH, `${upstream}/`).toString()
9034
+ );
9035
+ }
9036
+ return stripTrailingSlashes(
9037
+ new URL(normalizedConfiguredBaseUrl, LOCAL_DEV_ORIGIN).toString()
9038
+ );
9039
+ }
9040
+ function resolveAthenaAuthRequestUrl(path, rawBaseUrl) {
9041
+ const normalizedPath = path.replace(LEADING_SLASHES_REGEX, "");
9042
+ const base = resolveAthenaAuthClientBaseUrl(rawBaseUrl);
9043
+ return new URL(normalizedPath, `${base}/`).toString();
9044
+ }
9045
+ var ATHENA_AUTH_VERIFY_EMAIL_PATH = "verify-email";
9046
+ function resolveEmailVerificationCallbackUrl(rawBaseUrl) {
9047
+ return resolveAthenaAuthRequestUrl(ATHENA_AUTH_VERIFY_EMAIL_PATH, rawBaseUrl);
9048
+ }
9049
+
8667
9050
  // src/next/client.ts
8668
9051
  var cachedBrowserClient = null;
8669
9052
  function createAthenaBrowserClient(options) {
@@ -8677,6 +9060,6 @@ function createAthenaBrowserClient(options) {
8677
9060
  return createAdapterClient(options);
8678
9061
  }
8679
9062
 
8680
- export { createAthenaBrowserClient };
9063
+ export { ATHENA_AUTH_COOKIE_PREFIXES, ATHENA_AUTH_PATH, ATHENA_AUTH_SESSION_BRIDGE_ROUTE, ATHENA_AUTH_SESSION_COOKIE_NAME, ATHENA_AUTH_SESSION_COOKIE_NAMES, ATHENA_AUTH_UPSTREAM_ENV_KEYS, ATHENA_AUTH_UPSTREAM_URL_ENV_NAMES, AUTH_DEFAULT_VIEW, AUTH_ROUTES, AUTH_VIEW_BY_SEGMENT, DEFAULT_ATHENA_AUTH_ORIGIN, clearAthenaAuthSessionOnAppHost, clearAuthCookies, createAthenaBrowserClient, isAbsoluteUrl, normalizeAthenaAuthBaseUrl, persistAthenaAuthSessionOnAppHost, resolveAthenaAuthClientBaseUrl, resolveAthenaAuthRequestUrl, resolveAthenaAuthUpstreamUrl, resolveAuthViewFromSegment, resolveEmailVerificationCallbackUrl, resolveSessionBridgePayload, shouldRedirectAuthenticatedAuthView };
8681
9064
  //# sourceMappingURL=client.js.map
8682
9065
  //# sourceMappingURL=client.js.map