@xylex-group/athena 2.4.1 → 2.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. package/README.md +52 -1
  2. package/bin/athena-js.js +0 -0
  3. package/dist/browser.cjs +2642 -56
  4. package/dist/browser.cjs.map +1 -1
  5. package/dist/browser.d.cts +8 -7
  6. package/dist/browser.d.ts +8 -7
  7. package/dist/browser.js +2635 -57
  8. package/dist/browser.js.map +1 -1
  9. package/dist/cli/index.cjs +1648 -239
  10. package/dist/cli/index.cjs.map +1 -1
  11. package/dist/cli/index.d.cts +3 -3
  12. package/dist/cli/index.d.ts +3 -3
  13. package/dist/cli/index.js +1648 -239
  14. package/dist/cli/index.js.map +1 -1
  15. package/dist/cookies.cjs +10 -3
  16. package/dist/cookies.cjs.map +1 -1
  17. package/dist/cookies.d.cts +1 -174
  18. package/dist/cookies.d.ts +1 -174
  19. package/dist/cookies.js +10 -3
  20. package/dist/cookies.js.map +1 -1
  21. package/dist/index-CVcQCGyG.d.cts +174 -0
  22. package/dist/index-CVcQCGyG.d.ts +174 -0
  23. package/dist/index.cjs +2642 -56
  24. package/dist/index.cjs.map +1 -1
  25. package/dist/index.d.cts +8 -7
  26. package/dist/index.d.ts +8 -7
  27. package/dist/index.js +2635 -57
  28. package/dist/index.js.map +1 -1
  29. package/dist/model-form-AKYrgede.d.ts +2772 -0
  30. package/dist/model-form-ehfqLuG7.d.cts +2772 -0
  31. package/dist/{pipeline-CR4V15jF.d.ts → pipeline-BUsR9XlO.d.ts} +1 -1
  32. package/dist/{pipeline-DZeExYMA.d.cts → pipeline-BfCWSRYl.d.cts} +1 -1
  33. package/dist/react-email-BQzmXBDE.d.cts +304 -0
  34. package/dist/react-email-BrVRp80B.d.ts +304 -0
  35. package/dist/react.cjs +178 -71
  36. package/dist/react.cjs.map +1 -1
  37. package/dist/react.d.cts +22 -5
  38. package/dist/react.d.ts +22 -5
  39. package/dist/react.js +92 -5
  40. package/dist/react.js.map +1 -1
  41. package/dist/{types-D1JvL21V.d.cts → types-BSIsyss1.d.cts} +1 -1
  42. package/dist/{types-09Q4D86N.d.cts → types-BsyRW49r.d.cts} +3 -3
  43. package/dist/{types-09Q4D86N.d.ts → types-BsyRW49r.d.ts} +3 -3
  44. package/dist/{types-DU3gNdFv.d.ts → types-t_TVqnmp.d.ts} +1 -1
  45. package/package.json +22 -21
  46. package/dist/model-form-4LPnOPAF.d.cts +0 -1383
  47. package/dist/model-form-CO4-LmNC.d.ts +0 -1383
  48. package/dist/react-email-6mOyxBo4.d.cts +0 -657
  49. package/dist/react-email-Buhcpglm.d.ts +0 -657
package/dist/index.js CHANGED
@@ -130,6 +130,60 @@ function buildAthenaGatewayUrl(baseUrl, path) {
130
130
  return `${baseUrl}${path}`;
131
131
  }
132
132
 
133
+ // src/cookies/base64.ts
134
+ function getAtob() {
135
+ const candidate = globalThis.atob;
136
+ return typeof candidate === "function" ? candidate : void 0;
137
+ }
138
+ function getBtoa() {
139
+ const candidate = globalThis.btoa;
140
+ return typeof candidate === "function" ? candidate : void 0;
141
+ }
142
+ function bytesToBinaryString(bytes) {
143
+ let result = "";
144
+ for (const byte of bytes) {
145
+ result += String.fromCharCode(byte);
146
+ }
147
+ return result;
148
+ }
149
+ function binaryStringToBytes(binary) {
150
+ const bytes = new Uint8Array(binary.length);
151
+ for (let i = 0; i < binary.length; i++) {
152
+ bytes[i] = binary.charCodeAt(i);
153
+ }
154
+ return bytes;
155
+ }
156
+ function encodeBase64(bytes) {
157
+ const btoaFn = getBtoa();
158
+ if (btoaFn) {
159
+ return btoaFn(bytesToBinaryString(bytes));
160
+ }
161
+ return Buffer.from(bytes).toString("base64");
162
+ }
163
+ function decodeBase64(base64) {
164
+ const atobFn = getAtob();
165
+ if (atobFn) {
166
+ return binaryStringToBytes(atobFn(base64));
167
+ }
168
+ return new Uint8Array(Buffer.from(base64, "base64"));
169
+ }
170
+ function encodeBytesToBase64Url(bytes) {
171
+ return encodeBase64(bytes).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
172
+ }
173
+ function encodeStringToBase64Url(value) {
174
+ const bytes = new TextEncoder().encode(value);
175
+ return encodeBytesToBase64Url(bytes);
176
+ }
177
+ function decodeBase64UrlToBytes(value) {
178
+ const normalized = value.replace(/-/g, "+").replace(/_/g, "/");
179
+ const paddingLength = normalized.length % 4;
180
+ const padded = paddingLength === 0 ? normalized : `${normalized}${"=".repeat(4 - paddingLength)}`;
181
+ return decodeBase64(padded);
182
+ }
183
+ function decodeBase64UrlToString(value) {
184
+ return new TextDecoder().decode(decodeBase64UrlToBytes(value));
185
+ }
186
+
133
187
  // src/cookies/cookie-utils.ts
134
188
  var SECURE_COOKIE_PREFIX = "__Secure-";
135
189
  function parseCookies(cookieHeader) {
@@ -141,24 +195,615 @@ function parseCookies(cookieHeader) {
141
195
  });
142
196
  return cookieMap;
143
197
  }
198
+
199
+ // src/cookies/crypto.ts
200
+ var HS256_ALG = "HS256";
201
+ async function getSubtleCrypto() {
202
+ const globalCrypto = globalThis.crypto;
203
+ if (globalCrypto?.subtle) {
204
+ return globalCrypto.subtle;
205
+ }
206
+ const { webcrypto } = await import('crypto');
207
+ const subtle = webcrypto.subtle;
208
+ if (!subtle) {
209
+ throw new Error("Web Crypto subtle API is unavailable.");
210
+ }
211
+ return subtle;
212
+ }
213
+ async function importHmacKey(secret, usage) {
214
+ const subtle = await getSubtleCrypto();
215
+ return subtle.importKey(
216
+ "raw",
217
+ new TextEncoder().encode(secret),
218
+ {
219
+ name: "HMAC",
220
+ hash: "SHA-256"
221
+ },
222
+ false,
223
+ [usage]
224
+ );
225
+ }
226
+ function bufferToBytes(buffer) {
227
+ return new Uint8Array(buffer);
228
+ }
229
+ function parseJwtPayload(payloadSegment) {
230
+ try {
231
+ const decoded = decodeBase64UrlToString(payloadSegment);
232
+ const payload = JSON.parse(decoded);
233
+ if (!payload || typeof payload !== "object") {
234
+ return null;
235
+ }
236
+ return payload;
237
+ } catch {
238
+ return null;
239
+ }
240
+ }
241
+ function isJwtExpired(payload) {
242
+ const exp = payload.exp;
243
+ if (typeof exp !== "number") {
244
+ return false;
245
+ }
246
+ return exp < Math.floor(Date.now() / 1e3);
247
+ }
248
+ async function signHmacBase64Url(secret, value) {
249
+ const subtle = await getSubtleCrypto();
250
+ const key = await importHmacKey(secret, "sign");
251
+ const signature = await subtle.sign("HMAC", key, new TextEncoder().encode(value));
252
+ return encodeBytesToBase64Url(bufferToBytes(signature));
253
+ }
254
+ async function signJwtHS256(payload, secret, expiresIn = 60 * 5) {
255
+ const now = Math.floor(Date.now() / 1e3);
256
+ const header = { alg: HS256_ALG, typ: "JWT" };
257
+ const fullPayload = {
258
+ ...payload,
259
+ iat: now,
260
+ exp: now + expiresIn
261
+ };
262
+ const headerPart = encodeStringToBase64Url(JSON.stringify(header));
263
+ const payloadPart = encodeStringToBase64Url(JSON.stringify(fullPayload));
264
+ const message = `${headerPart}.${payloadPart}`;
265
+ const signature = await signHmacBase64Url(secret, message);
266
+ return `${message}.${signature}`;
267
+ }
268
+ async function verifyJwtHS256(token, secret) {
269
+ const parts = token.split(".");
270
+ if (parts.length !== 3) {
271
+ return null;
272
+ }
273
+ const [headerPart, payloadPart, signaturePart] = parts;
274
+ if (!headerPart || !payloadPart || !signaturePart) {
275
+ return null;
276
+ }
277
+ let header = null;
278
+ try {
279
+ header = JSON.parse(decodeBase64UrlToString(headerPart));
280
+ } catch {
281
+ return null;
282
+ }
283
+ if (!header || header.alg !== HS256_ALG) {
284
+ return null;
285
+ }
286
+ const payload = parseJwtPayload(payloadPart);
287
+ if (!payload) {
288
+ return null;
289
+ }
290
+ const expectedSignature = await signHmacBase64Url(secret, `${headerPart}.${payloadPart}`);
291
+ if (expectedSignature !== signaturePart) {
292
+ return null;
293
+ }
294
+ if (isJwtExpired(payload)) {
295
+ return null;
296
+ }
297
+ return payload;
298
+ }
299
+
300
+ // src/cookies/session-store.ts
301
+ var ALLOWED_COOKIE_SIZE = 4096;
302
+ var ESTIMATED_EMPTY_COOKIE_SIZE = 200;
303
+ var CHUNK_SIZE = ALLOWED_COOKIE_SIZE - ESTIMATED_EMPTY_COOKIE_SIZE;
304
+ function getChunkIndex(cookieName) {
305
+ const parts = cookieName.split(".");
306
+ const lastPart = parts[parts.length - 1];
307
+ const index = parseInt(lastPart || "0", 10);
308
+ return Number.isNaN(index) ? 0 : index;
309
+ }
310
+ function readExistingChunks(cookieName, ctx) {
311
+ const chunks = {};
312
+ const cookies = parseCookies(ctx.headers?.get("cookie") || "");
313
+ for (const [name, value] of cookies) {
314
+ if (name.startsWith(cookieName)) {
315
+ chunks[name] = value;
316
+ }
317
+ }
318
+ return chunks;
319
+ }
320
+ function joinChunks(chunks) {
321
+ const sortedKeys = Object.keys(chunks).sort((left, right) => getChunkIndex(left) - getChunkIndex(right));
322
+ return sortedKeys.map((key) => chunks[key]).join("");
323
+ }
324
+ function chunkCookie(storeName, cookie, chunks, ctx) {
325
+ const chunkCount = Math.ceil(cookie.value.length / CHUNK_SIZE);
326
+ if (chunkCount === 1) {
327
+ chunks[cookie.name] = cookie.value;
328
+ return [cookie];
329
+ }
330
+ const cookies = [];
331
+ for (let index = 0; index < chunkCount; index++) {
332
+ const name = `${cookie.name}.${index}`;
333
+ const start = index * CHUNK_SIZE;
334
+ const value = cookie.value.substring(start, start + CHUNK_SIZE);
335
+ cookies.push({
336
+ ...cookie,
337
+ name,
338
+ value
339
+ });
340
+ chunks[name] = value;
341
+ }
342
+ ctx.logger?.debug?.(`CHUNKING_${storeName.toUpperCase()}_COOKIE`, {
343
+ message: `${storeName} cookie exceeds allowed ${ALLOWED_COOKIE_SIZE} bytes.`,
344
+ emptyCookieSize: ESTIMATED_EMPTY_COOKIE_SIZE,
345
+ valueSize: cookie.value.length,
346
+ chunkCount,
347
+ chunks: cookies.map((entry) => entry.value.length + ESTIMATED_EMPTY_COOKIE_SIZE)
348
+ });
349
+ return cookies;
350
+ }
351
+ function getCleanCookies(chunks, cookieOptions) {
352
+ const cleanedChunks = {};
353
+ for (const name in chunks) {
354
+ cleanedChunks[name] = {
355
+ name,
356
+ value: "",
357
+ attributes: {
358
+ ...cookieOptions,
359
+ maxAge: 0
360
+ }
361
+ };
362
+ }
363
+ return cleanedChunks;
364
+ }
365
+ var storeFactory = (storeName) => (cookieName, cookieOptions, ctx) => {
366
+ const chunks = readExistingChunks(cookieName, ctx);
367
+ return {
368
+ getValue() {
369
+ return joinChunks(chunks);
370
+ },
371
+ hasChunks() {
372
+ return Object.keys(chunks).length > 0;
373
+ },
374
+ chunk(value, options) {
375
+ const cleanedChunks = getCleanCookies(chunks, cookieOptions);
376
+ for (const name in chunks) {
377
+ delete chunks[name];
378
+ }
379
+ const cookies = cleanedChunks;
380
+ const chunked = chunkCookie(
381
+ storeName,
382
+ {
383
+ name: cookieName,
384
+ value,
385
+ attributes: {
386
+ ...cookieOptions,
387
+ ...options
388
+ }
389
+ },
390
+ chunks,
391
+ ctx
392
+ );
393
+ for (const chunk of chunked) {
394
+ cookies[chunk.name] = chunk;
395
+ }
396
+ return Object.values(cookies);
397
+ },
398
+ clean() {
399
+ const cleanedChunks = getCleanCookies(chunks, cookieOptions);
400
+ for (const name in chunks) {
401
+ delete chunks[name];
402
+ }
403
+ return Object.values(cleanedChunks);
404
+ },
405
+ setCookies(cookies) {
406
+ for (const cookie of cookies) {
407
+ ctx.setCookie(cookie.name, cookie.value, cookie.attributes);
408
+ }
409
+ }
410
+ };
411
+ };
412
+ var createSessionStore = storeFactory("Session");
413
+ var createAccountStore = storeFactory("Account");
414
+
415
+ // src/cookies/index.ts
416
+ var DEFAULT_COOKIE_PREFIX = "athena-auth";
417
+ var LEGACY_COOKIE_PREFIX = "better-auth";
418
+ var DEFAULT_SESSION_MAX_AGE = 7 * 24 * 60 * 60;
419
+ var DEFAULT_CACHE_MAX_AGE = 60 * 5;
420
+ function isProductionRuntime() {
421
+ return typeof process !== "undefined" && process.env?.NODE_ENV === "production";
422
+ }
423
+ function getEnvironmentSecret() {
424
+ if (typeof process === "undefined") {
425
+ return void 0;
426
+ }
427
+ return process.env?.ATHENA_AUTH_SECRET || process.env?.BETTER_AUTH_SECRET || process.env?.AUTH_SECRET;
428
+ }
429
+ function isDynamicBaseURLConfig(baseURL) {
430
+ return typeof baseURL === "object" && baseURL !== null && "allowedHosts" in baseURL && Array.isArray(baseURL.allowedHosts);
431
+ }
432
+ function resolveCookiePrefixes(primaryPrefix) {
433
+ const prefixes = [primaryPrefix];
434
+ if (!prefixes.includes(DEFAULT_COOKIE_PREFIX)) {
435
+ prefixes.push(DEFAULT_COOKIE_PREFIX);
436
+ }
437
+ if (!prefixes.includes(LEGACY_COOKIE_PREFIX)) {
438
+ prefixes.push(LEGACY_COOKIE_PREFIX);
439
+ }
440
+ return prefixes;
441
+ }
442
+ function createError(message) {
443
+ return new Error(`@xylex-group/athena/cookies: ${message}`);
444
+ }
445
+ function getSecretOrThrow(secret) {
446
+ const resolved = secret || getEnvironmentSecret();
447
+ if (!resolved) {
448
+ throw createError(
449
+ "getCookieCache requires a secret. Pass `secret` or set ATHENA_AUTH_SECRET/BETTER_AUTH_SECRET/AUTH_SECRET."
450
+ );
451
+ }
452
+ return resolved;
453
+ }
454
+ function asObject(value) {
455
+ if (!value || typeof value !== "object") {
456
+ return null;
457
+ }
458
+ return value;
459
+ }
460
+ function getSessionTokenFromPair(session) {
461
+ const token = session.session?.token;
462
+ if (typeof token !== "string" || token.length === 0) {
463
+ throw createError("setSessionCookie requires `session.session.token` to be a non-empty string.");
464
+ }
465
+ return token;
466
+ }
467
+ async function resolveCookieVersion(versionConfig, session, user) {
468
+ if (!versionConfig) {
469
+ return "1";
470
+ }
471
+ if (typeof versionConfig === "string") {
472
+ return versionConfig;
473
+ }
474
+ return versionConfig(session, user);
475
+ }
476
+ function getSessionCookieCacheName(cookiePrefix, cookieName, isSecure) {
477
+ return isSecure ? `${SECURE_COOKIE_PREFIX}${cookiePrefix}.${cookieName}` : `${cookiePrefix}.${cookieName}`;
478
+ }
479
+ async function setCookieValue(ctx, name, value, attributes) {
480
+ const secret = ctx.context.secret;
481
+ if (secret && typeof ctx.setSignedCookie === "function") {
482
+ await ctx.setSignedCookie(name, value, secret, attributes);
483
+ return;
484
+ }
485
+ ctx.setCookie(name, value, attributes);
486
+ }
487
+ function parseJsonSafely(value) {
488
+ try {
489
+ return JSON.parse(value);
490
+ } catch {
491
+ return null;
492
+ }
493
+ }
494
+ function getIsSecureCookie(config) {
495
+ if (config?.isSecure !== void 0) {
496
+ return config.isSecure;
497
+ }
498
+ return isProductionRuntime();
499
+ }
500
+ function createCookieGetter(options) {
501
+ const baseURLString = typeof options.baseURL === "string" ? options.baseURL : void 0;
502
+ const dynamicProtocol = typeof options.baseURL === "object" && options.baseURL !== null ? options.baseURL.protocol : void 0;
503
+ const secure = options.advanced?.useSecureCookies !== void 0 ? options.advanced.useSecureCookies : dynamicProtocol === "https" ? true : dynamicProtocol === "http" ? false : baseURLString ? baseURLString.startsWith("https://") : isProductionRuntime();
504
+ const secureCookiePrefix = secure ? SECURE_COOKIE_PREFIX : "";
505
+ const crossSubdomainEnabled = !!options.advanced?.crossSubDomainCookies?.enabled;
506
+ const domain = crossSubdomainEnabled ? options.advanced?.crossSubDomainCookies?.domain || (baseURLString ? new URL(baseURLString).hostname : void 0) : void 0;
507
+ if (crossSubdomainEnabled && !domain && !isDynamicBaseURLConfig(options.baseURL)) {
508
+ throw createError("baseURL is required when `crossSubDomainCookies.enabled` is true.");
509
+ }
510
+ function createCookie(cookieName, overrideAttributes = {}) {
511
+ const prefix = options.advanced?.cookiePrefix || DEFAULT_COOKIE_PREFIX;
512
+ const name = options.advanced?.cookies?.[cookieName]?.name || `${prefix}.${cookieName}`;
513
+ const attributes = options.advanced?.cookies?.[cookieName]?.attributes || {};
514
+ return {
515
+ name: `${secureCookiePrefix}${name}`,
516
+ attributes: {
517
+ secure: !!secureCookiePrefix,
518
+ sameSite: "lax",
519
+ path: "/",
520
+ httpOnly: true,
521
+ ...crossSubdomainEnabled ? { domain } : {},
522
+ ...options.advanced?.defaultCookieAttributes,
523
+ ...overrideAttributes,
524
+ ...attributes
525
+ }
526
+ };
527
+ }
528
+ return createCookie;
529
+ }
530
+ function getCookies(options) {
531
+ const createCookie = createCookieGetter(options);
532
+ const sessionToken = createCookie("session_token", { maxAge: options.session?.expiresIn || DEFAULT_SESSION_MAX_AGE });
533
+ const sessionData = createCookie("session_data", { maxAge: options.session?.cookieCache?.maxAge || DEFAULT_CACHE_MAX_AGE });
534
+ const accountData = createCookie("account_data", { maxAge: options.session?.cookieCache?.maxAge || DEFAULT_CACHE_MAX_AGE });
535
+ const dontRememberToken = createCookie("dont_remember");
536
+ return {
537
+ sessionToken: {
538
+ name: sessionToken.name,
539
+ attributes: sessionToken.attributes
540
+ },
541
+ sessionData: {
542
+ name: sessionData.name,
543
+ attributes: sessionData.attributes
544
+ },
545
+ dontRememberToken: {
546
+ name: dontRememberToken.name,
547
+ attributes: dontRememberToken.attributes
548
+ },
549
+ accountData: {
550
+ name: accountData.name,
551
+ attributes: accountData.attributes
552
+ }
553
+ };
554
+ }
555
+ async function setCookieCache(ctx, session, dontRememberMe) {
556
+ const cookieCacheConfig = ctx.context.options?.session?.cookieCache;
557
+ if (!cookieCacheConfig?.enabled) {
558
+ return;
559
+ }
560
+ const version = await resolveCookieVersion(
561
+ cookieCacheConfig.version,
562
+ session.session,
563
+ session.user
564
+ );
565
+ const sessionData = {
566
+ session: session.session,
567
+ user: session.user,
568
+ updatedAt: Date.now(),
569
+ version
570
+ };
571
+ const baseAttributes = ctx.context.authCookies.sessionData.attributes;
572
+ const maxAge = dontRememberMe ? void 0 : baseAttributes.maxAge;
573
+ const options = {
574
+ ...baseAttributes,
575
+ maxAge
576
+ };
577
+ const expiresAt = Date.now() + (options.maxAge || 60) * 1e3;
578
+ const strategy = cookieCacheConfig.strategy || "compact";
579
+ const secret = getSecretOrThrow(ctx.context.secret);
580
+ let encoded;
581
+ if (strategy === "jwt") {
582
+ encoded = await signJwtHS256(sessionData, secret, options.maxAge || DEFAULT_CACHE_MAX_AGE);
583
+ } else if (strategy === "jwe") {
584
+ throw createError("`jwe` strategy is not supported by the SDK cookie helper.");
585
+ } else {
586
+ const signature = await signHmacBase64Url(
587
+ secret,
588
+ JSON.stringify({
589
+ ...sessionData,
590
+ expiresAt
591
+ })
592
+ );
593
+ encoded = encodeStringToBase64Url(
594
+ JSON.stringify({
595
+ session: sessionData,
596
+ expiresAt,
597
+ signature
598
+ })
599
+ );
600
+ }
601
+ if (encoded.length > 4093) {
602
+ const store = createSessionStore(ctx.context.authCookies.sessionData.name, options, ctx);
603
+ const cookies = store.chunk(encoded, options);
604
+ store.setCookies(cookies);
605
+ } else {
606
+ const store = createSessionStore(ctx.context.authCookies.sessionData.name, options, ctx);
607
+ if (store.hasChunks()) {
608
+ store.setCookies(store.clean());
609
+ }
610
+ ctx.setCookie(ctx.context.authCookies.sessionData.name, encoded, options);
611
+ }
612
+ }
613
+ async function setSessionCookie(ctx, session, dontRememberMe, overrides) {
614
+ if (dontRememberMe === void 0 && typeof ctx.getSignedCookie === "function" && ctx.context.secret) {
615
+ const existingFlag = await ctx.getSignedCookie(ctx.context.authCookies.dontRememberToken.name, ctx.context.secret);
616
+ dontRememberMe = !!existingFlag;
617
+ }
618
+ const resolvedDontRememberMe = dontRememberMe ?? false;
619
+ const token = getSessionTokenFromPair(session);
620
+ const options = ctx.context.authCookies.sessionToken.attributes;
621
+ const maxAge = resolvedDontRememberMe ? void 0 : ctx.context.sessionConfig?.expiresIn;
622
+ await setCookieValue(ctx, ctx.context.authCookies.sessionToken.name, token, {
623
+ ...options,
624
+ maxAge,
625
+ ...overrides
626
+ });
627
+ if (resolvedDontRememberMe) {
628
+ await setCookieValue(
629
+ ctx,
630
+ ctx.context.authCookies.dontRememberToken.name,
631
+ "true",
632
+ ctx.context.authCookies.dontRememberToken.attributes
633
+ );
634
+ }
635
+ await setCookieCache(ctx, session, resolvedDontRememberMe);
636
+ ctx.context.setNewSession?.(session);
637
+ }
638
+ function expireCookie(ctx, cookie) {
639
+ ctx.setCookie(cookie.name, "", {
640
+ ...cookie.attributes,
641
+ maxAge: 0
642
+ });
643
+ }
644
+ function deleteSessionCookie(ctx, skipDontRememberMe) {
645
+ expireCookie(ctx, ctx.context.authCookies.sessionToken);
646
+ expireCookie(ctx, ctx.context.authCookies.sessionData);
647
+ if (ctx.context.options?.account?.storeAccountCookie) {
648
+ expireCookie(ctx, ctx.context.authCookies.accountData);
649
+ const accountStore = createAccountStore(
650
+ ctx.context.authCookies.accountData.name,
651
+ ctx.context.authCookies.accountData.attributes,
652
+ ctx
653
+ );
654
+ accountStore.setCookies(accountStore.clean());
655
+ }
656
+ const sessionStore = createSessionStore(
657
+ ctx.context.authCookies.sessionData.name,
658
+ ctx.context.authCookies.sessionData.attributes,
659
+ ctx
660
+ );
661
+ sessionStore.setCookies(sessionStore.clean());
662
+ if (!skipDontRememberMe) {
663
+ expireCookie(ctx, ctx.context.authCookies.dontRememberToken);
664
+ }
665
+ }
144
666
  var getSessionCookie = (request, config) => {
145
667
  const cookies = (request instanceof Headers || !("headers" in request) ? request : request.headers).get("cookie");
146
668
  if (!cookies) {
147
669
  return null;
148
670
  }
149
- const { cookieName = "session_token", cookiePrefix = "athena-auth" } = {};
671
+ const { cookieName = "session_token", cookiePrefix = "athena-auth" } = config || {};
150
672
  const parsedCookie = parseCookies(cookies);
151
673
  const getCookie = (name) => parsedCookie.get(name) || parsedCookie.get(`${SECURE_COOKIE_PREFIX}${name}`);
152
- const sessionToken = getCookie(`${cookiePrefix}.${cookieName}`) || getCookie(`${cookiePrefix}-${cookieName}`);
153
- if (sessionToken) {
154
- return sessionToken;
674
+ const candidateCookieNames = Array.from(/* @__PURE__ */ new Set([
675
+ cookieName,
676
+ cookieName.replace(/_/g, "-"),
677
+ cookieName.replace(/-/g, "_")
678
+ ])).filter(Boolean);
679
+ for (const candidateName of candidateCookieNames) {
680
+ const sessionToken = getCookie(`${cookiePrefix}.${candidateName}`) || getCookie(`${cookiePrefix}-${candidateName}`);
681
+ if (sessionToken) {
682
+ return sessionToken;
683
+ }
155
684
  }
156
685
  return null;
157
686
  };
687
+ var getCookieCache = async (request, config) => {
688
+ const headers = request instanceof Headers || !("headers" in request) ? request : request.headers;
689
+ const cookieHeader = headers.get("cookie");
690
+ if (!cookieHeader) {
691
+ return null;
692
+ }
693
+ const parsedCookie = parseCookies(cookieHeader);
694
+ const cookieName = config?.cookieName || "session_data";
695
+ const requestedPrefix = config?.cookiePrefix || DEFAULT_COOKIE_PREFIX;
696
+ const strategy = config?.strategy || "compact";
697
+ const cookiePrefixes = resolveCookiePrefixes(requestedPrefix);
698
+ const isSecure = getIsSecureCookie(config);
699
+ const secret = getSecretOrThrow(config?.secret);
700
+ let sessionData;
701
+ for (const prefix of cookiePrefixes) {
702
+ const candidate = getSessionCookieCacheName(prefix, cookieName, isSecure);
703
+ const cookieValue = parsedCookie.get(candidate);
704
+ if (cookieValue) {
705
+ sessionData = cookieValue;
706
+ break;
707
+ }
708
+ }
709
+ if (!sessionData) {
710
+ const reconstructedChunks = [];
711
+ for (const prefix of cookiePrefixes) {
712
+ const candidate = getSessionCookieCacheName(prefix, cookieName, isSecure);
713
+ for (const [name, value] of parsedCookie.entries()) {
714
+ if (!name.startsWith(`${candidate}.`)) {
715
+ continue;
716
+ }
717
+ const parts = name.split(".");
718
+ const indexStr = parts[parts.length - 1];
719
+ const index = parseInt(indexStr || "0", 10);
720
+ if (!Number.isNaN(index)) {
721
+ reconstructedChunks.push({ index, value });
722
+ }
723
+ }
724
+ if (reconstructedChunks.length > 0) {
725
+ break;
726
+ }
727
+ }
728
+ if (reconstructedChunks.length > 0) {
729
+ reconstructedChunks.sort((left, right) => left.index - right.index);
730
+ sessionData = reconstructedChunks.map((chunk) => chunk.value).join("");
731
+ }
732
+ }
733
+ if (!sessionData) {
734
+ return null;
735
+ }
736
+ if (strategy === "jwe") {
737
+ throw createError(
738
+ "`jwe` strategy is not supported by the SDK cookie helper. Use compact/jwt or pass cookie data through the auth server."
739
+ );
740
+ }
741
+ if (strategy === "jwt") {
742
+ const payload = await verifyJwtHS256(sessionData, secret);
743
+ if (!payload) {
744
+ return null;
745
+ }
746
+ const sessionRecord = asObject(payload.session);
747
+ const userRecord = asObject(payload.user);
748
+ const updatedAt = payload.updatedAt;
749
+ if (!sessionRecord || !userRecord || typeof updatedAt !== "number") {
750
+ return null;
751
+ }
752
+ if (config?.version) {
753
+ const cookieVersion = typeof payload.version === "string" ? payload.version : "1";
754
+ const expectedVersion = typeof config.version === "string" ? config.version : await config.version(sessionRecord, userRecord);
755
+ if (cookieVersion !== expectedVersion) {
756
+ return null;
757
+ }
758
+ }
759
+ return {
760
+ session: sessionRecord,
761
+ user: userRecord,
762
+ updatedAt,
763
+ version: typeof payload.version === "string" ? payload.version : void 0
764
+ };
765
+ }
766
+ const compactPayload = parseJsonSafely(decodeBase64UrlToString(sessionData));
767
+ if (!compactPayload) {
768
+ return null;
769
+ }
770
+ const expectedSignature = await signHmacBase64Url(
771
+ secret,
772
+ JSON.stringify({
773
+ ...compactPayload.session,
774
+ expiresAt: compactPayload.expiresAt
775
+ })
776
+ );
777
+ if (expectedSignature !== compactPayload.signature) {
778
+ return null;
779
+ }
780
+ if (compactPayload.expiresAt <= Date.now()) {
781
+ return null;
782
+ }
783
+ const resolvedSession = compactPayload.session;
784
+ if (config?.version) {
785
+ const cookieVersion = resolvedSession.version || "1";
786
+ const expectedVersion = typeof config.version === "string" ? config.version : await config.version(resolvedSession.session, resolvedSession.user);
787
+ if (cookieVersion !== expectedVersion) {
788
+ return null;
789
+ }
790
+ }
791
+ const sessionObject = asObject(resolvedSession.session);
792
+ const userObject = asObject(resolvedSession.user);
793
+ if (!sessionObject || !userObject) {
794
+ return null;
795
+ }
796
+ return {
797
+ session: sessionObject,
798
+ user: userObject,
799
+ updatedAt: resolvedSession.updatedAt,
800
+ version: resolvedSession.version
801
+ };
802
+ };
158
803
 
159
804
  // package.json
160
805
  var package_default = {
161
- version: "2.4.1"
806
+ version: "2.7.0"
162
807
  };
163
808
 
164
809
  // src/sdk-version.ts
@@ -2695,42 +3340,1450 @@ async function withRetry(config, fn) {
2695
3340
  if (!retry) {
2696
3341
  throw error;
2697
3342
  }
2698
- const delay = computeDelayMs(currentAttempt, error, resolvedConfig);
2699
- await sleep(delay);
3343
+ const delay = computeDelayMs(currentAttempt, error, resolvedConfig);
3344
+ await sleep(delay);
3345
+ }
3346
+ }
3347
+ throw new Error("withRetry reached an unexpected state");
3348
+ }
3349
+
3350
+ // src/db/module.ts
3351
+ function createDbModule(input) {
3352
+ const db = {
3353
+ from(table, options) {
3354
+ return input.from(table, options);
3355
+ },
3356
+ select(table, columns, options) {
3357
+ return input.from(table).select(columns, options);
3358
+ },
3359
+ insert(table, values, options) {
3360
+ return Array.isArray(values) ? input.from(table).insert(values, options) : input.from(table).insert(values, options);
3361
+ },
3362
+ upsert(table, values, options) {
3363
+ return Array.isArray(values) ? input.from(table).upsert(values, options) : input.from(table).upsert(values, options);
3364
+ },
3365
+ update(table, values, options) {
3366
+ return input.from(table).update(values, options);
3367
+ },
3368
+ delete(table, options) {
3369
+ return input.from(table).delete(options);
3370
+ },
3371
+ rpc(fn, args, options) {
3372
+ return input.rpc(fn, args, options);
3373
+ },
3374
+ query(query, options) {
3375
+ return input.query(query, options);
3376
+ }
3377
+ };
3378
+ return db;
3379
+ }
3380
+
3381
+ // src/storage/file.ts
3382
+ function createStorageFileModule(base, config = {}) {
3383
+ const upload = async (input, options) => {
3384
+ const sources = normalizeUploadSources(input);
3385
+ validateUploadConstraints(sources, input);
3386
+ const uploadRequests = sources.map((source, index) => {
3387
+ const storageKey = resolveUploadStorageKey(input, source, index, options, config);
3388
+ return {
3389
+ source,
3390
+ uploadRequest: {
3391
+ s3_id: input.s3_id,
3392
+ bucket: input.bucket,
3393
+ storage_key: storageKey,
3394
+ name: input.name ?? source.fileName,
3395
+ original_name: input.original_name ?? source.fileName,
3396
+ resource_id: input.resource_id ?? input.resourceId,
3397
+ mime_type: input.mime_type ?? source.contentType,
3398
+ content_type: input.content_type ?? source.contentType,
3399
+ size_bytes: source.sizeBytes,
3400
+ public: input.public,
3401
+ metadata: input.metadata
3402
+ }
3403
+ };
3404
+ });
3405
+ input.onProgress?.(createProgressSnapshot("preparing", sources, 0, 0, 0));
3406
+ const uploadUrls = uploadRequests.length === 1 ? [await base.createStorageUploadUrl(uploadRequests[0].uploadRequest, options)] : (await base.createStorageUploadUrls({ files: uploadRequests.map((request) => request.uploadRequest) }, options)).files;
3407
+ const aggregateLoaded = new Array(uploadRequests.length).fill(0);
3408
+ const uploaded = [];
3409
+ for (let index = 0; index < uploadRequests.length; index += 1) {
3410
+ const request = uploadRequests[index];
3411
+ const uploadUrl = uploadUrls[index];
3412
+ const response = await putUploadBody(uploadUrl.upload.url, request.source, input, options, (progress) => {
3413
+ aggregateLoaded[index] = progress.loaded;
3414
+ input.onProgress?.(createProgressSnapshot("uploading", sources, index, progress.loaded, sum(aggregateLoaded)));
3415
+ });
3416
+ uploaded.push({
3417
+ file: uploadUrl.file,
3418
+ upload: uploadUrl.upload,
3419
+ source: request.source.source,
3420
+ fileName: request.source.fileName,
3421
+ storage_key: request.uploadRequest.storage_key,
3422
+ response
3423
+ });
3424
+ aggregateLoaded[index] = request.source.sizeBytes;
3425
+ input.onProgress?.(createProgressSnapshot("complete", sources, index, request.source.sizeBytes, sum(aggregateLoaded)));
3426
+ }
3427
+ return {
3428
+ files: uploaded,
3429
+ count: uploaded.length
3430
+ };
3431
+ };
3432
+ const download = ((input, queryOrOptions, maybeOptions) => {
3433
+ const { fileIds, query, options } = normalizeDownloadArgs(input, queryOrOptions, maybeOptions);
3434
+ const downloads = fileIds.map((fileId) => base.getStorageFileProxy(fileId, query, options));
3435
+ return Array.isArray(input) || isRecord5(input) && Array.isArray(input.fileIds) ? Promise.all(downloads) : downloads[0];
3436
+ });
3437
+ const deleteFile = ((input, options) => {
3438
+ if (Array.isArray(input)) {
3439
+ return Promise.all(input.map((fileId) => base.deleteStorageFile(fileId, options)));
3440
+ }
3441
+ return base.deleteStorageFile(input, options);
3442
+ });
3443
+ return {
3444
+ upload,
3445
+ download,
3446
+ list(input, options) {
3447
+ const prefix = resolveStoragePath(input.prefix ?? "", input, options, config);
3448
+ return base.listStorageFiles(
3449
+ {
3450
+ s3_id: input.s3_id,
3451
+ prefix
3452
+ },
3453
+ options
3454
+ );
3455
+ },
3456
+ delete: deleteFile
3457
+ };
3458
+ }
3459
+ function resolveStoragePath(path, input, options, config = {}) {
3460
+ const context = createPathContext(input, options, config);
3461
+ const prefixPath = input.prefixPath ?? config.prefixPath;
3462
+ const prefix = typeof prefixPath === "function" ? prefixPath(context) : prefixPath;
3463
+ return joinStoragePath(renderStorageTemplate(prefix ?? "", context), renderStorageTemplate(path, context));
3464
+ }
3465
+ function resolveUploadStorageKey(input, source, index, options, config) {
3466
+ const explicitKey = input.storage_key ?? input.storageKey;
3467
+ const keyTemplate = input.storageKeyTemplate;
3468
+ const fallbackName = source.fileName;
3469
+ const context = createPathContext(input, options, config);
3470
+ const key = keyTemplate ? renderStorageTemplate(keyTemplate, {
3471
+ ...context,
3472
+ vars: {
3473
+ ...context.vars,
3474
+ index,
3475
+ fileName: source.fileName,
3476
+ name: source.fileName
3477
+ }
3478
+ }) : explicitKey ?? fallbackName;
3479
+ return resolveStoragePath(key, input, options, config);
3480
+ }
3481
+ function normalizeUploadSources(input) {
3482
+ const files = toArray(input.files);
3483
+ if (files.length === 0) {
3484
+ throw new Error("athena.storage.file.upload requires at least one file");
3485
+ }
3486
+ return files.map((source, index) => {
3487
+ const fileName = input.fileName ?? sourceName(source) ?? `file-${index + 1}`;
3488
+ const sizeBytes = sourceSize(source);
3489
+ const contentType = input.content_type ?? input.mime_type ?? sourceContentType(source);
3490
+ return {
3491
+ source,
3492
+ fileName,
3493
+ sizeBytes,
3494
+ contentType
3495
+ };
3496
+ });
3497
+ }
3498
+ function validateUploadConstraints(sources, input) {
3499
+ const maxFiles = input.maxFiles ?? 1;
3500
+ if (sources.length > maxFiles) {
3501
+ throw new Error(`athena.storage.file.upload accepts at most ${maxFiles} file${maxFiles === 1 ? "" : "s"} for this call`);
3502
+ }
3503
+ const maxFileSizeBytes = input.maxFileSizeBytes ?? (input.maxFileSizeMb === void 0 ? void 0 : Math.floor(input.maxFileSizeMb * 1024 * 1024));
3504
+ if (maxFileSizeBytes !== void 0) {
3505
+ const tooLarge = sources.find((source) => source.sizeBytes > maxFileSizeBytes);
3506
+ if (tooLarge) {
3507
+ throw new Error(`athena.storage.file.upload rejected ${tooLarge.fileName}: file exceeds ${maxFileSizeBytes} bytes`);
3508
+ }
3509
+ }
3510
+ const allowedExtensions = normalizeExtensions(input.allowedExtensions ?? input.extensions);
3511
+ if (allowedExtensions.size > 0) {
3512
+ const invalid = sources.find((source) => !allowedExtensions.has(fileExtension(source.fileName)));
3513
+ if (invalid) {
3514
+ throw new Error(`athena.storage.file.upload rejected ${invalid.fileName}: extension is not allowed`);
3515
+ }
3516
+ }
3517
+ }
3518
+ async function putUploadBody(url, source, input, options, onProgress) {
3519
+ const headers = new Headers(input.uploadHeaders);
3520
+ if (source.contentType && !headers.has("Content-Type")) {
3521
+ headers.set("Content-Type", source.contentType);
3522
+ }
3523
+ if (typeof XMLHttpRequest !== "undefined") {
3524
+ return putUploadBodyWithXhr(url, source, headers, options, onProgress);
3525
+ }
3526
+ onProgress({ loaded: 0 });
3527
+ const response = await fetch(url, {
3528
+ method: "PUT",
3529
+ headers,
3530
+ body: source.source,
3531
+ signal: options?.signal
3532
+ });
3533
+ if (!response.ok) {
3534
+ throw new Error(`athena.storage.file.upload failed with status ${response.status}`);
3535
+ }
3536
+ onProgress({ loaded: source.sizeBytes });
3537
+ return response;
3538
+ }
3539
+ function putUploadBodyWithXhr(url, source, headers, options, onProgress) {
3540
+ const Xhr = XMLHttpRequest;
3541
+ if (Xhr === void 0) {
3542
+ return Promise.reject(new Error("athena.storage.file.upload requires XMLHttpRequest in this runtime"));
3543
+ }
3544
+ return new Promise((resolve3, reject) => {
3545
+ const xhr = new Xhr();
3546
+ const abort = () => xhr.abort();
3547
+ xhr.open("PUT", url);
3548
+ headers.forEach((value, key) => xhr.setRequestHeader(key, value));
3549
+ xhr.upload.onprogress = (event) => {
3550
+ onProgress({ loaded: event.loaded });
3551
+ };
3552
+ xhr.onload = () => {
3553
+ if (options?.signal) {
3554
+ options.signal.removeEventListener("abort", abort);
3555
+ }
3556
+ if (xhr.status < 200 || xhr.status >= 300) {
3557
+ reject(new Error(`athena.storage.file.upload failed with status ${xhr.status}`));
3558
+ return;
3559
+ }
3560
+ onProgress({ loaded: source.sizeBytes });
3561
+ resolve3(new Response(xhr.response, {
3562
+ status: xhr.status,
3563
+ statusText: xhr.statusText,
3564
+ headers: parseXhrHeaders(xhr.getAllResponseHeaders())
3565
+ }));
3566
+ };
3567
+ xhr.onerror = () => {
3568
+ if (options?.signal) {
3569
+ options.signal.removeEventListener("abort", abort);
3570
+ }
3571
+ reject(new Error("athena.storage.file.upload failed with a network error"));
3572
+ };
3573
+ xhr.onabort = () => {
3574
+ if (options?.signal) {
3575
+ options.signal.removeEventListener("abort", abort);
3576
+ }
3577
+ reject(new DOMException("Upload aborted", "AbortError"));
3578
+ };
3579
+ if (options?.signal) {
3580
+ if (options.signal.aborted) {
3581
+ abort();
3582
+ return;
3583
+ }
3584
+ options.signal.addEventListener("abort", abort, { once: true });
3585
+ }
3586
+ xhr.send(source.source);
3587
+ });
3588
+ }
3589
+ function normalizeDownloadArgs(input, queryOrOptions, maybeOptions) {
3590
+ if (typeof input === "string") {
3591
+ return { fileIds: [input], query: queryOrOptions, options: maybeOptions };
3592
+ }
3593
+ if (Array.isArray(input)) {
3594
+ return { fileIds: [...input], query: queryOrOptions, options: maybeOptions };
3595
+ }
3596
+ const downloadInput = input;
3597
+ const { fileId, fileIds, ...query } = downloadInput;
3598
+ return {
3599
+ fileIds: fileIds ? [...fileIds] : fileId ? [fileId] : [],
3600
+ query,
3601
+ options: queryOrOptions
3602
+ };
3603
+ }
3604
+ function createPathContext(input, options, config) {
3605
+ const organizationId = input.organizationId ?? input.organization_id ?? options?.organizationId ?? void 0;
3606
+ const userId = input.userId ?? input.user_id ?? options?.userId ?? void 0;
3607
+ const resourceId = input.resourceId ?? input.resource_id ?? void 0;
3608
+ const vars = {
3609
+ ...config.vars ?? {},
3610
+ ...input.vars ?? {}
3611
+ };
3612
+ if (organizationId !== void 0) {
3613
+ vars.organizationId = organizationId;
3614
+ vars.organization_id = organizationId;
3615
+ }
3616
+ if (userId !== void 0) {
3617
+ vars.userId = userId;
3618
+ vars.user_id = userId;
3619
+ }
3620
+ if (resourceId !== void 0) {
3621
+ vars.resourceId = resourceId;
3622
+ vars.resource_id = resourceId;
3623
+ }
3624
+ return {
3625
+ vars,
3626
+ env: {
3627
+ ...readProcessEnv(),
3628
+ ...config.env ?? {},
3629
+ ...input.env ?? {}
3630
+ },
3631
+ organizationId,
3632
+ organization_id: organizationId,
3633
+ userId,
3634
+ user_id: userId,
3635
+ resourceId,
3636
+ resource_id: resourceId
3637
+ };
3638
+ }
3639
+ function renderStorageTemplate(template, context) {
3640
+ return template.replace(/\$\{([^}]+)\}|\{([^}]+)\}/g, (_match, shellToken, braceToken) => {
3641
+ const token = (shellToken ?? braceToken ?? "").trim();
3642
+ if (!token) return "";
3643
+ const value = resolveTemplateToken(token, context);
3644
+ return value === void 0 || value === null ? "" : String(value);
3645
+ });
3646
+ }
3647
+ function resolveTemplateToken(token, context) {
3648
+ if (token.startsWith("env.")) {
3649
+ return context.env[token.slice(4)];
3650
+ }
3651
+ if (token in context.vars) {
3652
+ return context.vars[token];
3653
+ }
3654
+ return context.env[token];
3655
+ }
3656
+ function joinStoragePath(...parts) {
3657
+ return parts.map((part) => part.trim().replace(/^\/+|\/+$/g, "")).filter(Boolean).join("/");
3658
+ }
3659
+ function toArray(files) {
3660
+ if (isUploadSource(files)) return [files];
3661
+ return Array.from(files);
3662
+ }
3663
+ function isUploadSource(value) {
3664
+ return value instanceof Blob || value instanceof ArrayBuffer || value instanceof Uint8Array;
3665
+ }
3666
+ function sourceName(source) {
3667
+ return isRecord5(source) && typeof source.name === "string" && source.name.trim() ? source.name.trim() : void 0;
3668
+ }
3669
+ function sourceSize(source) {
3670
+ if (source instanceof Blob) return source.size;
3671
+ return source.byteLength;
3672
+ }
3673
+ function sourceContentType(source) {
3674
+ return source instanceof Blob && source.type.trim() ? source.type.trim() : void 0;
3675
+ }
3676
+ function normalizeExtensions(extensions) {
3677
+ return new Set((extensions ?? []).map((extension) => extension.replace(/^\./, "").toLowerCase()).filter(Boolean));
3678
+ }
3679
+ function fileExtension(fileName) {
3680
+ const lastDot = fileName.lastIndexOf(".");
3681
+ return lastDot === -1 ? "" : fileName.slice(lastDot + 1).toLowerCase();
3682
+ }
3683
+ function createProgressSnapshot(phase, sources, fileIndex, loaded, aggregateLoaded) {
3684
+ const total = sources[fileIndex]?.sizeBytes ?? 0;
3685
+ const aggregateTotal = sources.reduce((totalBytes, source) => totalBytes + source.sizeBytes, 0);
3686
+ return {
3687
+ phase,
3688
+ fileIndex,
3689
+ fileCount: sources.length,
3690
+ fileName: sources[fileIndex]?.fileName ?? "",
3691
+ loaded,
3692
+ total,
3693
+ percent: total > 0 ? Math.round(loaded / total * 100) : 100,
3694
+ aggregateLoaded,
3695
+ aggregateTotal,
3696
+ aggregatePercent: aggregateTotal > 0 ? Math.round(aggregateLoaded / aggregateTotal * 100) : 100
3697
+ };
3698
+ }
3699
+ function sum(values) {
3700
+ return values.reduce((total, value) => total + value, 0);
3701
+ }
3702
+ function parseXhrHeaders(raw) {
3703
+ const headers = new Headers();
3704
+ for (const line of raw.trim().split(/[\r\n]+/)) {
3705
+ const index = line.indexOf(":");
3706
+ if (index === -1) continue;
3707
+ headers.set(line.slice(0, index).trim(), line.slice(index + 1).trim());
3708
+ }
3709
+ return headers;
3710
+ }
3711
+ function readProcessEnv() {
3712
+ const processLike = globalThis.process;
3713
+ return processLike?.env ?? {};
3714
+ }
3715
+ function isRecord5(value) {
3716
+ return Boolean(value) && typeof value === "object";
3717
+ }
3718
+
3719
+ // src/storage/module.ts
3720
+ var storageSdkManifest = {
3721
+ namespace: "storage",
3722
+ basePath: "/storage",
3723
+ envelopeKinds: {
3724
+ raw: "response body is the payload",
3725
+ athena: "response body is { status, message, data }"
3726
+ },
3727
+ methods: [
3728
+ {
3729
+ name: "listStorageCatalogs",
3730
+ method: "GET",
3731
+ path: "/storage/catalogs",
3732
+ responseEnvelope: "raw",
3733
+ responseType: "{ data: S3CatalogItem[] }"
3734
+ },
3735
+ {
3736
+ name: "createStorageCatalog",
3737
+ method: "POST",
3738
+ path: "/storage/catalogs",
3739
+ requestType: "CreateStorageCatalogRequest",
3740
+ responseEnvelope: "raw",
3741
+ responseType: "S3CatalogItem"
3742
+ },
3743
+ {
3744
+ name: "updateStorageCatalog",
3745
+ method: "PATCH",
3746
+ path: "/storage/catalogs/{id}",
3747
+ pathParams: ["id"],
3748
+ requestType: "UpdateStorageCatalogRequest",
3749
+ responseEnvelope: "raw",
3750
+ responseType: "S3CatalogItem"
3751
+ },
3752
+ {
3753
+ name: "deleteStorageCatalog",
3754
+ method: "DELETE",
3755
+ path: "/storage/catalogs/{id}",
3756
+ pathParams: ["id"],
3757
+ responseEnvelope: "raw",
3758
+ responseType: "{ id: string; deleted: boolean }"
3759
+ },
3760
+ {
3761
+ name: "listStorageCredentials",
3762
+ method: "GET",
3763
+ path: "/storage/credentials",
3764
+ responseEnvelope: "raw",
3765
+ responseType: "{ data: S3CredentialListItem[] }"
3766
+ },
3767
+ {
3768
+ name: "createStorageUploadUrl",
3769
+ method: "POST",
3770
+ path: "/storage/files/upload-url",
3771
+ requestType: "CreateStorageUploadUrlRequest",
3772
+ responseEnvelope: "athena",
3773
+ responseType: "StorageUploadUrlResponse"
3774
+ },
3775
+ {
3776
+ name: "createStorageUploadUrls",
3777
+ method: "POST",
3778
+ path: "/storage/files/upload-urls",
3779
+ requestType: "CreateStorageUploadUrlsRequest",
3780
+ responseEnvelope: "athena",
3781
+ responseType: "StorageBatchUploadUrlResponse"
3782
+ },
3783
+ {
3784
+ name: "listStorageFiles",
3785
+ method: "POST",
3786
+ path: "/storage/files/list",
3787
+ requestType: "ListStorageFilesRequest",
3788
+ responseEnvelope: "athena",
3789
+ responseType: "StorageListFilesResponse"
3790
+ },
3791
+ {
3792
+ name: "getStorageFile",
3793
+ method: "GET",
3794
+ path: "/storage/files/{file_id}",
3795
+ pathParams: ["file_id"],
3796
+ responseEnvelope: "athena",
3797
+ responseType: "StorageFileMutationResponse"
3798
+ },
3799
+ {
3800
+ name: "getStorageFileUrl",
3801
+ method: "GET",
3802
+ path: "/storage/files/{file_id}/url",
3803
+ pathParams: ["file_id"],
3804
+ queryParams: ["purpose"],
3805
+ responseEnvelope: "athena",
3806
+ responseType: "PresignedFileUrlResponse"
3807
+ },
3808
+ {
3809
+ name: "getStorageFileProxy",
3810
+ method: "GET",
3811
+ path: "/storage/files/{file_id}/proxy",
3812
+ pathParams: ["file_id"],
3813
+ queryParams: ["purpose"],
3814
+ responseEnvelope: "raw",
3815
+ responseType: "Response",
3816
+ binary: true
3817
+ },
3818
+ {
3819
+ name: "updateStorageFile",
3820
+ method: "PATCH",
3821
+ path: "/storage/files/{file_id}",
3822
+ pathParams: ["file_id"],
3823
+ requestType: "UpdateStorageFileRequest",
3824
+ responseEnvelope: "athena",
3825
+ responseType: "StorageFileMutationResponse"
3826
+ },
3827
+ {
3828
+ name: "deleteStorageFile",
3829
+ method: "DELETE",
3830
+ path: "/storage/files/{file_id}",
3831
+ pathParams: ["file_id"],
3832
+ responseEnvelope: "athena",
3833
+ responseType: "StorageFileMutationResponse"
3834
+ },
3835
+ {
3836
+ name: "setStorageFileVisibility",
3837
+ method: "PATCH",
3838
+ path: "/storage/files/{file_id}/visibility",
3839
+ pathParams: ["file_id"],
3840
+ requestType: "SetStorageFileVisibilityRequest",
3841
+ responseEnvelope: "athena",
3842
+ responseType: "StorageFileMutationResponse"
3843
+ },
3844
+ {
3845
+ name: "deleteStorageFolder",
3846
+ method: "POST",
3847
+ path: "/storage/folders/delete",
3848
+ requestType: "DeleteStorageFolderRequest",
3849
+ responseEnvelope: "athena",
3850
+ responseType: "StorageFolderMutationResponse"
3851
+ },
3852
+ {
3853
+ name: "moveStorageFolder",
3854
+ method: "POST",
3855
+ path: "/storage/folders/move",
3856
+ requestType: "MoveStorageFolderRequest",
3857
+ responseEnvelope: "athena",
3858
+ responseType: "StorageFolderMutationResponse"
3859
+ }
3860
+ ]
3861
+ };
3862
+ var AthenaStorageErrorCode = {
3863
+ InvalidUrl: "INVALID_URL",
3864
+ NetworkError: "NETWORK_ERROR",
3865
+ HttpError: "HTTP_ERROR",
3866
+ InvalidJson: "INVALID_JSON",
3867
+ InvalidAthenaEnvelope: "INVALID_ATHENA_ENVELOPE",
3868
+ UnknownError: "UNKNOWN_ERROR"
3869
+ };
3870
+ var AthenaStorageError = class extends Error {
3871
+ code;
3872
+ athenaCode;
3873
+ kind;
3874
+ category;
3875
+ retryable;
3876
+ status;
3877
+ endpoint;
3878
+ method;
3879
+ requestId;
3880
+ hint;
3881
+ causeDetail;
3882
+ raw;
3883
+ normalized;
3884
+ __athenaNormalizedError;
3885
+ constructor(input) {
3886
+ super(input.message, { cause: input.cause });
3887
+ this.name = "AthenaStorageError";
3888
+ this.code = input.code;
3889
+ this.status = input.status;
3890
+ this.endpoint = input.endpoint;
3891
+ this.method = input.method;
3892
+ this.requestId = input.requestId;
3893
+ this.hint = input.hint;
3894
+ this.causeDetail = causeToString(input.cause);
3895
+ this.raw = input.raw ?? null;
3896
+ this.normalized = normalizeStorageErrorInput(input);
3897
+ this.__athenaNormalizedError = this.normalized;
3898
+ this.athenaCode = this.normalized.code;
3899
+ this.kind = this.normalized.kind;
3900
+ this.category = this.normalized.category;
3901
+ this.retryable = this.normalized.retryable;
3902
+ Object.defineProperty(this, "__athenaNormalizedError", {
3903
+ value: this.normalized,
3904
+ enumerable: false,
3905
+ configurable: false,
3906
+ writable: false
3907
+ });
3908
+ }
3909
+ toDetails() {
3910
+ return {
3911
+ code: this.code,
3912
+ athenaCode: this.athenaCode,
3913
+ kind: this.kind,
3914
+ category: this.category,
3915
+ retryable: this.retryable,
3916
+ message: this.message,
3917
+ status: this.status,
3918
+ endpoint: this.endpoint,
3919
+ method: this.method,
3920
+ requestId: this.requestId,
3921
+ hint: this.hint,
3922
+ cause: this.causeDetail,
3923
+ raw: this.raw
3924
+ };
3925
+ }
3926
+ };
3927
+ function isRecord6(value) {
3928
+ return Boolean(value) && typeof value === "object" && !Array.isArray(value);
3929
+ }
3930
+ function causeToString(cause) {
3931
+ if (cause === void 0 || cause === null) return void 0;
3932
+ if (typeof cause === "string") return cause;
3933
+ if (cause instanceof Error && cause.message.trim()) return cause.message.trim();
3934
+ try {
3935
+ return JSON.stringify(cause);
3936
+ } catch {
3937
+ return String(cause);
3938
+ }
3939
+ }
3940
+ function storageGatewayCode(code) {
3941
+ if (code === "INVALID_URL") return "INVALID_URL";
3942
+ if (code === "NETWORK_ERROR") return "NETWORK_ERROR";
3943
+ if (code === "INVALID_JSON" || code === "INVALID_ATHENA_ENVELOPE") return "INVALID_JSON";
3944
+ if (code === "HTTP_ERROR") return "HTTP_ERROR";
3945
+ return "UNKNOWN_ERROR";
3946
+ }
3947
+ function headerValue(headers, names) {
3948
+ for (const name of names) {
3949
+ const value = headers.get(name);
3950
+ if (value?.trim()) return value.trim();
3951
+ }
3952
+ return void 0;
3953
+ }
3954
+ function storageOperationFromEndpoint(endpoint, method) {
3955
+ const endpointPath = String(endpoint).split("?")[0];
3956
+ for (const candidate of storageSdkManifest.methods) {
3957
+ if (candidate.method !== method) continue;
3958
+ const pattern = `^${candidate.path.replace(/[.*+?^${}()|[\]\\]/g, "\\$&").replace(/\\\{[^/]+\\\}/g, "[^/]+")}$`;
3959
+ if (new RegExp(pattern).test(endpointPath)) {
3960
+ return candidate.name;
3961
+ }
3962
+ }
3963
+ return `storage:${method.toLowerCase()}`;
3964
+ }
3965
+ function normalizeStorageErrorInput(input) {
3966
+ return normalizeAthenaError(
3967
+ {
3968
+ data: null,
3969
+ error: {
3970
+ message: input.message,
3971
+ gatewayCode: storageGatewayCode(input.code),
3972
+ status: input.status,
3973
+ raw: input.raw ?? input.cause ?? null
3974
+ },
3975
+ errorDetails: {
3976
+ code: storageGatewayCode(input.code),
3977
+ message: input.message,
3978
+ status: input.status,
3979
+ endpoint: input.endpoint,
3980
+ method: input.method,
3981
+ requestId: input.requestId,
3982
+ hint: input.hint,
3983
+ cause: causeToString(input.cause)
3984
+ },
3985
+ raw: input.raw ?? input.cause ?? null,
3986
+ status: input.status
3987
+ },
3988
+ { operation: storageOperationFromEndpoint(input.endpoint, input.method) }
3989
+ );
3990
+ }
3991
+ function createAthenaStorageError(input) {
3992
+ return new AthenaStorageError(input);
3993
+ }
3994
+ async function notifyStorageError(error, options, runtimeOptions) {
3995
+ const handlers = [runtimeOptions?.onError, options?.onError].filter(
3996
+ (handler) => typeof handler === "function"
3997
+ );
3998
+ for (const handler of handlers) {
3999
+ try {
4000
+ await handler(error);
4001
+ } catch {
4002
+ }
4003
+ }
4004
+ }
4005
+ async function rejectStorageError(input, options, runtimeOptions) {
4006
+ const error = createAthenaStorageError(input);
4007
+ await notifyStorageError(error, options, runtimeOptions);
4008
+ throw error;
4009
+ }
4010
+ function parseResponseBody3(rawText, contentType) {
4011
+ if (!rawText) {
4012
+ return { parsed: null, parseFailed: false };
4013
+ }
4014
+ const contentTypeSuggestsJson = contentType?.toLowerCase().includes("application/json") ?? false;
4015
+ const looksJson = contentTypeSuggestsJson || rawText.startsWith("{") || rawText.startsWith("[");
4016
+ if (!looksJson) {
4017
+ return { parsed: rawText, parseFailed: false };
4018
+ }
4019
+ try {
4020
+ return { parsed: JSON.parse(rawText), parseFailed: false };
4021
+ } catch {
4022
+ return { parsed: rawText, parseFailed: true };
4023
+ }
4024
+ }
4025
+ function appendQuery(path, query) {
4026
+ if (!query) return path;
4027
+ const params = new URLSearchParams();
4028
+ for (const [key, value] of Object.entries(query)) {
4029
+ if (value === void 0 || value === null) continue;
4030
+ params.set(key, String(value));
4031
+ }
4032
+ const queryText = params.toString();
4033
+ return queryText ? `${path}?${queryText}` : path;
4034
+ }
4035
+ function storagePath(path) {
4036
+ return path;
4037
+ }
4038
+ function withPathParam(path, name, value) {
4039
+ return path.replace(`{${name}}`, encodeURIComponent(value));
4040
+ }
4041
+ function resolveErrorMessage3(payload, fallback) {
4042
+ if (isRecord6(payload)) {
4043
+ const message = payload.message ?? payload.error ?? payload.details;
4044
+ if (typeof message === "string" && message.trim()) {
4045
+ return message.trim();
4046
+ }
4047
+ }
4048
+ if (typeof payload === "string" && payload.trim()) {
4049
+ return payload.trim();
4050
+ }
4051
+ return fallback;
4052
+ }
4053
+ function resolveErrorHint2(payload) {
4054
+ if (!isRecord6(payload)) return void 0;
4055
+ const hint = payload.hint ?? payload.suggestion;
4056
+ return typeof hint === "string" && hint.trim() ? hint.trim() : void 0;
4057
+ }
4058
+ function resolveErrorCause(payload) {
4059
+ if (!isRecord6(payload)) return void 0;
4060
+ const cause = payload.cause ?? payload.reason;
4061
+ return typeof cause === "string" && cause.trim() ? cause.trim() : void 0;
4062
+ }
4063
+ function storageCodeFromUnknown(error) {
4064
+ if (isAthenaGatewayError(error)) {
4065
+ if (error.code === "INVALID_URL") return "INVALID_URL";
4066
+ if (error.code === "NETWORK_ERROR") return "NETWORK_ERROR";
4067
+ if (error.code === "INVALID_JSON") return "INVALID_JSON";
4068
+ if (error.code === "HTTP_ERROR") return "HTTP_ERROR";
4069
+ }
4070
+ return "UNKNOWN_ERROR";
4071
+ }
4072
+ async function callStorageEndpoint(gateway, endpoint, method, envelope, payload, options, runtimeOptions) {
4073
+ let url;
4074
+ let headers;
4075
+ try {
4076
+ const baseUrl = options?.baseUrl ? normalizeAthenaGatewayBaseUrl(options.baseUrl) : gateway.baseUrl;
4077
+ url = buildAthenaGatewayUrl(baseUrl, endpoint);
4078
+ headers = gateway.buildHeaders(options);
4079
+ } catch (error) {
4080
+ return rejectStorageError(
4081
+ {
4082
+ code: storageCodeFromUnknown(error),
4083
+ message: error instanceof Error ? error.message : `Athena storage ${method} ${endpoint} failed before sending the request`,
4084
+ status: isAthenaGatewayError(error) ? error.status : 0,
4085
+ endpoint,
4086
+ method,
4087
+ raw: error,
4088
+ requestId: isAthenaGatewayError(error) ? error.requestId : void 0,
4089
+ hint: isAthenaGatewayError(error) ? error.hint : void 0,
4090
+ cause: error
4091
+ },
4092
+ options,
4093
+ runtimeOptions
4094
+ );
4095
+ }
4096
+ const requestInit = {
4097
+ method,
4098
+ headers,
4099
+ signal: options?.signal
4100
+ };
4101
+ if (payload !== void 0 && method !== "GET") {
4102
+ requestInit.body = JSON.stringify(payload);
4103
+ }
4104
+ let response;
4105
+ try {
4106
+ response = await fetch(url, requestInit);
4107
+ } catch (error) {
4108
+ const message = error instanceof Error ? error.message : String(error);
4109
+ return rejectStorageError(
4110
+ {
4111
+ code: "NETWORK_ERROR",
4112
+ message: `Network error while calling Athena storage ${method} ${endpoint}: ${message}`,
4113
+ status: 0,
4114
+ endpoint,
4115
+ method,
4116
+ cause: error
4117
+ },
4118
+ options,
4119
+ runtimeOptions
4120
+ );
4121
+ }
4122
+ let rawText;
4123
+ try {
4124
+ rawText = await response.text();
4125
+ } catch (error) {
4126
+ return rejectStorageError(
4127
+ {
4128
+ code: "NETWORK_ERROR",
4129
+ message: `Athena storage ${method} ${endpoint} response body could not be read`,
4130
+ status: response.status,
4131
+ endpoint,
4132
+ method,
4133
+ requestId: headerValue(response.headers, ["x-athena-request-id", "x-request-id", "request-id"]),
4134
+ cause: error
4135
+ },
4136
+ options,
4137
+ runtimeOptions
4138
+ );
4139
+ }
4140
+ const parsedBody = parseResponseBody3(rawText ?? "", response.headers.get("content-type"));
4141
+ const requestId = headerValue(response.headers, ["x-athena-request-id", "x-request-id", "request-id"]);
4142
+ if (parsedBody.parseFailed) {
4143
+ return rejectStorageError(
4144
+ {
4145
+ code: "INVALID_JSON",
4146
+ message: `Athena storage ${method} ${endpoint} returned malformed JSON`,
4147
+ status: response.status,
4148
+ endpoint,
4149
+ method,
4150
+ requestId,
4151
+ raw: parsedBody.parsed
4152
+ },
4153
+ options,
4154
+ runtimeOptions
4155
+ );
4156
+ }
4157
+ if (!response.ok) {
4158
+ return rejectStorageError(
4159
+ {
4160
+ code: "HTTP_ERROR",
4161
+ message: resolveErrorMessage3(
4162
+ parsedBody.parsed,
4163
+ `Athena storage ${method} ${endpoint} failed with status ${response.status}`
4164
+ ),
4165
+ status: response.status,
4166
+ endpoint,
4167
+ method,
4168
+ requestId,
4169
+ hint: resolveErrorHint2(parsedBody.parsed),
4170
+ cause: resolveErrorCause(parsedBody.parsed),
4171
+ raw: parsedBody.parsed
4172
+ },
4173
+ options,
4174
+ runtimeOptions
4175
+ );
4176
+ }
4177
+ if (envelope === "athena") {
4178
+ if (!isRecord6(parsedBody.parsed) || !("data" in parsedBody.parsed)) {
4179
+ return rejectStorageError(
4180
+ {
4181
+ code: "INVALID_ATHENA_ENVELOPE",
4182
+ message: `Athena storage ${method} ${endpoint} returned an invalid Athena envelope`,
4183
+ status: response.status,
4184
+ endpoint,
4185
+ method,
4186
+ requestId,
4187
+ raw: parsedBody.parsed
4188
+ },
4189
+ options,
4190
+ runtimeOptions
4191
+ );
4192
+ }
4193
+ return parsedBody.parsed.data;
4194
+ }
4195
+ return parsedBody.parsed;
4196
+ }
4197
+ async function callStorageBinaryEndpoint(gateway, endpoint, method, options, runtimeOptions) {
4198
+ let url;
4199
+ let headers;
4200
+ try {
4201
+ const baseUrl = options?.baseUrl ? normalizeAthenaGatewayBaseUrl(options.baseUrl) : gateway.baseUrl;
4202
+ url = buildAthenaGatewayUrl(baseUrl, endpoint);
4203
+ headers = gateway.buildHeaders(options);
4204
+ } catch (error) {
4205
+ return rejectStorageError(
4206
+ {
4207
+ code: storageCodeFromUnknown(error),
4208
+ message: error instanceof Error ? error.message : `Athena storage ${method} ${endpoint} failed before sending the request`,
4209
+ status: isAthenaGatewayError(error) ? error.status : 0,
4210
+ endpoint,
4211
+ method,
4212
+ raw: error,
4213
+ requestId: isAthenaGatewayError(error) ? error.requestId : void 0,
4214
+ hint: isAthenaGatewayError(error) ? error.hint : void 0,
4215
+ cause: error
4216
+ },
4217
+ options,
4218
+ runtimeOptions
4219
+ );
4220
+ }
4221
+ let response;
4222
+ try {
4223
+ response = await fetch(url, {
4224
+ method,
4225
+ headers,
4226
+ signal: options?.signal
4227
+ });
4228
+ } catch (error) {
4229
+ const message = error instanceof Error ? error.message : String(error);
4230
+ return rejectStorageError(
4231
+ {
4232
+ code: "NETWORK_ERROR",
4233
+ message: `Network error while calling Athena storage ${method} ${endpoint}: ${message}`,
4234
+ status: 0,
4235
+ endpoint,
4236
+ method,
4237
+ cause: error
4238
+ },
4239
+ options,
4240
+ runtimeOptions
4241
+ );
4242
+ }
4243
+ if (response.ok) {
4244
+ return response;
4245
+ }
4246
+ const requestId = headerValue(response.headers, ["x-athena-request-id", "x-request-id", "request-id"]);
4247
+ let rawErrorBody = null;
4248
+ try {
4249
+ const rawText = await response.text();
4250
+ const parsedBody = parseResponseBody3(rawText ?? "", response.headers.get("content-type"));
4251
+ rawErrorBody = parsedBody.parsed;
4252
+ } catch (error) {
4253
+ return rejectStorageError(
4254
+ {
4255
+ code: "NETWORK_ERROR",
4256
+ message: `Athena storage ${method} ${endpoint} error response body could not be read`,
4257
+ status: response.status,
4258
+ endpoint,
4259
+ method,
4260
+ requestId,
4261
+ cause: error
4262
+ },
4263
+ options,
4264
+ runtimeOptions
4265
+ );
4266
+ }
4267
+ return rejectStorageError(
4268
+ {
4269
+ code: "HTTP_ERROR",
4270
+ message: resolveErrorMessage3(
4271
+ rawErrorBody,
4272
+ `Athena storage ${method} ${endpoint} failed with status ${response.status}`
4273
+ ),
4274
+ status: response.status,
4275
+ endpoint,
4276
+ method,
4277
+ requestId,
4278
+ hint: resolveErrorHint2(rawErrorBody),
4279
+ cause: resolveErrorCause(rawErrorBody),
4280
+ raw: rawErrorBody
4281
+ },
4282
+ options,
4283
+ runtimeOptions
4284
+ );
4285
+ }
4286
+ function isBlobBody(body) {
4287
+ return typeof Blob !== "undefined" && body instanceof Blob;
4288
+ }
4289
+ function isReadableStreamBody(body) {
4290
+ return typeof ReadableStream !== "undefined" && body instanceof ReadableStream;
4291
+ }
4292
+ async function putPresignedUploadBody(uploadUrl, uploadHeaders, body, options) {
4293
+ const headers = new Headers(uploadHeaders);
4294
+ Object.entries(options?.headers ?? {}).forEach(([key, value]) => headers.set(key, value));
4295
+ if (!headers.has("Content-Type") && isBlobBody(body) && body.type) {
4296
+ headers.set("Content-Type", body.type);
4297
+ }
4298
+ const init = {
4299
+ method: "PUT",
4300
+ headers,
4301
+ body,
4302
+ signal: options?.signal
4303
+ };
4304
+ if (isReadableStreamBody(body)) {
4305
+ init.duplex = "half";
4306
+ }
4307
+ return fetch(uploadUrl, init);
4308
+ }
4309
+ function attachManagedUpload(upload) {
4310
+ const headers = {};
4311
+ return {
4312
+ ...upload,
4313
+ method: "PUT",
4314
+ headers,
4315
+ expiresAt: upload.expires_at,
4316
+ put(body, options) {
4317
+ return putPresignedUploadBody(upload.url, headers, body, options);
4318
+ }
4319
+ };
4320
+ }
4321
+ function attachUploadHelper(response) {
4322
+ return {
4323
+ ...response,
4324
+ upload: attachManagedUpload(response.upload)
4325
+ };
4326
+ }
4327
+ function attachUploadHelpers(response) {
4328
+ return {
4329
+ files: response.files.map(attachUploadHelper)
4330
+ };
4331
+ }
4332
+ function normalizeUploadUrlRequest(input) {
4333
+ const s3_id = input.s3_id ?? input.s3Id;
4334
+ const storage_key = input.storage_key ?? input.storageKey;
4335
+ if (!s3_id?.trim()) {
4336
+ throw new Error("athena.storage.file.upload requires s3_id or s3Id");
4337
+ }
4338
+ if (!storage_key?.trim()) {
4339
+ throw new Error("athena.storage.file.upload requires storage_key or storageKey");
4340
+ }
4341
+ const fileName = input.fileName?.trim();
4342
+ const originalName = input.originalName?.trim();
4343
+ return {
4344
+ s3_id,
4345
+ bucket: input.bucket,
4346
+ storage_key,
4347
+ name: input.name ?? fileName,
4348
+ original_name: input.original_name ?? originalName ?? fileName,
4349
+ resource_id: input.resource_id ?? input.resourceId,
4350
+ mime_type: input.mime_type ?? input.mimeType,
4351
+ content_type: input.content_type ?? input.contentType,
4352
+ size_bytes: input.size_bytes ?? input.sizeBytes,
4353
+ file_id: input.file_id ?? input.fileId,
4354
+ public: input.public,
4355
+ visibility: input.visibility,
4356
+ metadata: input.metadata
4357
+ };
4358
+ }
4359
+ async function callStorageUploadBinaryEndpoint(gateway, endpoint, body, options, runtimeOptions) {
4360
+ let url;
4361
+ let headers;
4362
+ try {
4363
+ const baseUrl = options?.baseUrl ? normalizeAthenaGatewayBaseUrl(options.baseUrl) : gateway.baseUrl;
4364
+ url = buildAthenaGatewayUrl(baseUrl, endpoint);
4365
+ headers = gateway.buildHeaders(options);
4366
+ } catch (error) {
4367
+ return rejectStorageError(
4368
+ {
4369
+ code: storageCodeFromUnknown(error),
4370
+ message: error instanceof Error ? error.message : `Athena storage PUT ${endpoint} failed before sending the request`,
4371
+ status: isAthenaGatewayError(error) ? error.status : 0,
4372
+ endpoint,
4373
+ method: "PUT",
4374
+ raw: error,
4375
+ requestId: isAthenaGatewayError(error) ? error.requestId : void 0,
4376
+ hint: isAthenaGatewayError(error) ? error.hint : void 0,
4377
+ cause: error
4378
+ },
4379
+ options,
4380
+ runtimeOptions
4381
+ );
4382
+ }
4383
+ delete headers["Content-Type"];
4384
+ delete headers["content-type"];
4385
+ if (isBlobBody(body) && body.type) {
4386
+ headers["Content-Type"] = body.type;
4387
+ }
4388
+ const requestInit = {
4389
+ method: "PUT",
4390
+ headers,
4391
+ body,
4392
+ signal: options?.signal
4393
+ };
4394
+ if (isReadableStreamBody(body)) {
4395
+ requestInit.duplex = "half";
4396
+ }
4397
+ let response;
4398
+ try {
4399
+ response = await fetch(url, requestInit);
4400
+ } catch (error) {
4401
+ const message = error instanceof Error ? error.message : String(error);
4402
+ return rejectStorageError(
4403
+ {
4404
+ code: "NETWORK_ERROR",
4405
+ message: `Network error while calling Athena storage PUT ${endpoint}: ${message}`,
4406
+ status: 0,
4407
+ endpoint,
4408
+ method: "PUT",
4409
+ cause: error
4410
+ },
4411
+ options,
4412
+ runtimeOptions
4413
+ );
4414
+ }
4415
+ let rawText;
4416
+ try {
4417
+ rawText = await response.text();
4418
+ } catch (error) {
4419
+ return rejectStorageError(
4420
+ {
4421
+ code: "NETWORK_ERROR",
4422
+ message: `Athena storage PUT ${endpoint} response body could not be read`,
4423
+ status: response.status,
4424
+ endpoint,
4425
+ method: "PUT",
4426
+ requestId: headerValue(response.headers, ["x-athena-request-id", "x-request-id", "request-id"]),
4427
+ cause: error
4428
+ },
4429
+ options,
4430
+ runtimeOptions
4431
+ );
4432
+ }
4433
+ const parsedBody = parseResponseBody3(rawText ?? "", response.headers.get("content-type"));
4434
+ const requestId = headerValue(response.headers, ["x-athena-request-id", "x-request-id", "request-id"]);
4435
+ if (parsedBody.parseFailed) {
4436
+ return rejectStorageError(
4437
+ {
4438
+ code: "INVALID_JSON",
4439
+ message: `Athena storage PUT ${endpoint} returned malformed JSON`,
4440
+ status: response.status,
4441
+ endpoint,
4442
+ method: "PUT",
4443
+ requestId,
4444
+ raw: parsedBody.parsed
4445
+ },
4446
+ options,
4447
+ runtimeOptions
4448
+ );
4449
+ }
4450
+ if (!response.ok) {
4451
+ return rejectStorageError(
4452
+ {
4453
+ code: "HTTP_ERROR",
4454
+ message: resolveErrorMessage3(
4455
+ parsedBody.parsed,
4456
+ `Athena storage PUT ${endpoint} failed with status ${response.status}`
4457
+ ),
4458
+ status: response.status,
4459
+ endpoint,
4460
+ method: "PUT",
4461
+ requestId,
4462
+ hint: resolveErrorHint2(parsedBody.parsed),
4463
+ cause: resolveErrorCause(parsedBody.parsed),
4464
+ raw: parsedBody.parsed
4465
+ },
4466
+ options,
4467
+ runtimeOptions
4468
+ );
4469
+ }
4470
+ if (!isRecord6(parsedBody.parsed) || !("data" in parsedBody.parsed)) {
4471
+ return rejectStorageError(
4472
+ {
4473
+ code: "INVALID_ATHENA_ENVELOPE",
4474
+ message: `Athena storage PUT ${endpoint} returned an invalid Athena envelope`,
4475
+ status: response.status,
4476
+ endpoint,
4477
+ method: "PUT",
4478
+ requestId,
4479
+ raw: parsedBody.parsed
4480
+ },
4481
+ options,
4482
+ runtimeOptions
4483
+ );
4484
+ }
4485
+ return parsedBody.parsed.data;
4486
+ }
4487
+ function createStorageModule(gateway, runtimeOptions) {
4488
+ const callRaw = (path, method, payload, options) => callStorageEndpoint(
4489
+ gateway,
4490
+ storagePath(path),
4491
+ method,
4492
+ "raw",
4493
+ payload,
4494
+ options,
4495
+ runtimeOptions
4496
+ );
4497
+ const callAthena2 = (path, method, payload, options) => callStorageEndpoint(
4498
+ gateway,
4499
+ storagePath(path),
4500
+ method,
4501
+ "athena",
4502
+ payload,
4503
+ options,
4504
+ runtimeOptions
4505
+ );
4506
+ const base = {
4507
+ listStorageCatalogs(options) {
4508
+ return callRaw("/storage/catalogs", "GET", void 0, options);
4509
+ },
4510
+ createStorageCatalog(input, options) {
4511
+ return callRaw("/storage/catalogs", "POST", input, options);
4512
+ },
4513
+ updateStorageCatalog(id, input, options) {
4514
+ return callRaw(withPathParam("/storage/catalogs/{id}", "id", id), "PATCH", input, options);
4515
+ },
4516
+ deleteStorageCatalog(id, options) {
4517
+ return callRaw(withPathParam("/storage/catalogs/{id}", "id", id), "DELETE", void 0, options);
4518
+ },
4519
+ listStorageCredentials(options) {
4520
+ return callRaw("/storage/credentials", "GET", void 0, options);
4521
+ },
4522
+ createStorageUploadUrl(input, options) {
4523
+ return callAthena2("/storage/files/upload-url", "POST", input, options);
4524
+ },
4525
+ createStorageUploadUrls(input, options) {
4526
+ return callAthena2("/storage/files/upload-urls", "POST", input, options);
4527
+ },
4528
+ listStorageFiles(input, options) {
4529
+ return callAthena2("/storage/files/list", "POST", input, options);
4530
+ },
4531
+ getStorageFile(fileId, options) {
4532
+ return callAthena2(withPathParam("/storage/files/{file_id}", "file_id", fileId), "GET", void 0, options);
4533
+ },
4534
+ getStorageFileUrl(fileId, query, options) {
4535
+ const path = appendQuery(
4536
+ withPathParam("/storage/files/{file_id}/url", "file_id", fileId),
4537
+ query
4538
+ );
4539
+ return callAthena2(path, "GET", void 0, options);
4540
+ },
4541
+ getStorageFileProxy(fileId, query, options) {
4542
+ const path = appendQuery(
4543
+ withPathParam("/storage/files/{file_id}/proxy", "file_id", fileId),
4544
+ query
4545
+ );
4546
+ return callStorageBinaryEndpoint(gateway, storagePath(path), "GET", options, runtimeOptions);
4547
+ },
4548
+ updateStorageFile(fileId, input, options) {
4549
+ return callAthena2(withPathParam("/storage/files/{file_id}", "file_id", fileId), "PATCH", input, options);
4550
+ },
4551
+ deleteStorageFile(fileId, options) {
4552
+ return callAthena2(withPathParam("/storage/files/{file_id}", "file_id", fileId), "DELETE", void 0, options);
4553
+ },
4554
+ setStorageFileVisibility(fileId, input, options) {
4555
+ return callAthena2(withPathParam("/storage/files/{file_id}/visibility", "file_id", fileId), "PATCH", input, options);
4556
+ },
4557
+ deleteStorageFolder(input, options) {
4558
+ return callAthena2("/storage/folders/delete", "POST", input, options);
4559
+ },
4560
+ moveStorageFolder(input, options) {
4561
+ return callAthena2("/storage/folders/move", "POST", input, options);
4562
+ }
4563
+ };
4564
+ const fileFacade = createStorageFileModule(base, runtimeOptions);
4565
+ const fileUpload = ((input, options) => {
4566
+ if (isRecord6(input) && "files" in input) {
4567
+ return fileFacade.upload(input, options);
4568
+ }
4569
+ return base.createStorageUploadUrl(
4570
+ normalizeUploadUrlRequest(input),
4571
+ options
4572
+ ).then(attachUploadHelper);
4573
+ });
4574
+ const fileDelete = ((input, options) => fileFacade.delete(input, options));
4575
+ const file = {
4576
+ ...fileFacade,
4577
+ upload: fileUpload,
4578
+ uploadMany(input, options) {
4579
+ return base.createStorageUploadUrls(
4580
+ { files: input.files.map(normalizeUploadUrlRequest) },
4581
+ options
4582
+ ).then(attachUploadHelpers);
4583
+ },
4584
+ confirmUpload(fileId, input, options) {
4585
+ return callAthena2(withPathParam("/storage/files/{file_id}/confirm-upload", "file_id", fileId), "POST", input ?? {}, options);
4586
+ },
4587
+ uploadBinary(fileId, body, options) {
4588
+ return callStorageUploadBinaryEndpoint(
4589
+ gateway,
4590
+ storagePath(withPathParam("/storage/files/{file_id}/upload", "file_id", fileId)),
4591
+ body,
4592
+ options,
4593
+ runtimeOptions
4594
+ );
4595
+ },
4596
+ search(input, options) {
4597
+ return callAthena2("/storage/files/search", "POST", input, options);
4598
+ },
4599
+ get(fileId, options) {
4600
+ return base.getStorageFile(fileId, options);
4601
+ },
4602
+ update(fileId, input, options) {
4603
+ return base.updateStorageFile(fileId, input, options);
4604
+ },
4605
+ delete: fileDelete,
4606
+ deleteMany(input, options) {
4607
+ return callAthena2("/storage/files/delete-many", "POST", input, options);
4608
+ },
4609
+ updateMany(input, options) {
4610
+ return callAthena2("/storage/files/update-many", "POST", input, options);
4611
+ },
4612
+ restore(fileId, options) {
4613
+ return callAthena2(withPathParam("/storage/files/{file_id}/restore", "file_id", fileId), "POST", {}, options);
4614
+ },
4615
+ purge(fileId, options) {
4616
+ return callAthena2(withPathParam("/storage/files/{file_id}/purge", "file_id", fileId), "DELETE", void 0, options);
4617
+ },
4618
+ copy(fileId, input, options) {
4619
+ return callAthena2(withPathParam("/storage/files/{file_id}/copy", "file_id", fileId), "POST", input, options);
4620
+ },
4621
+ url(fileId, query, options) {
4622
+ return base.getStorageFileUrl(fileId, query, options);
4623
+ },
4624
+ publicUrl(fileId, options) {
4625
+ return callAthena2(withPathParam("/storage/files/{file_id}/public-url", "file_id", fileId), "GET", void 0, options);
4626
+ },
4627
+ proxy(fileId, query, options) {
4628
+ return base.getStorageFileProxy(fileId, query, options);
4629
+ },
4630
+ visibility: {
4631
+ set(fileId, input, options) {
4632
+ return base.setStorageFileVisibility(fileId, input, options);
4633
+ },
4634
+ setMany(input, options) {
4635
+ return callAthena2("/storage/files/visibility-many", "POST", input, options);
4636
+ }
2700
4637
  }
2701
- }
2702
- throw new Error("withRetry reached an unexpected state");
2703
- }
2704
-
2705
- // src/db/module.ts
2706
- function createDbModule(input) {
2707
- const db = {
2708
- from(table, options) {
2709
- return input.from(table, options);
4638
+ };
4639
+ const credentials = {
4640
+ list(options) {
4641
+ return base.listStorageCredentials(options);
4642
+ }
4643
+ };
4644
+ const catalog = {
4645
+ list(options) {
4646
+ return base.listStorageCatalogs(options);
2710
4647
  },
2711
- select(table, columns, options) {
2712
- return input.from(table).select(columns, options);
4648
+ create(input, options) {
4649
+ return base.createStorageCatalog(input, options);
2713
4650
  },
2714
- insert(table, values, options) {
2715
- return Array.isArray(values) ? input.from(table).insert(values, options) : input.from(table).insert(values, options);
4651
+ update(id, input, options) {
4652
+ return base.updateStorageCatalog(id, input, options);
2716
4653
  },
2717
- upsert(table, values, options) {
2718
- return Array.isArray(values) ? input.from(table).upsert(values, options) : input.from(table).upsert(values, options);
4654
+ delete(id, options) {
4655
+ return base.deleteStorageCatalog(id, options);
4656
+ }
4657
+ };
4658
+ const folder = {
4659
+ list(input, options) {
4660
+ return callAthena2("/storage/folders/list", "POST", input, options);
2719
4661
  },
2720
- update(table, values, options) {
2721
- return input.from(table).update(values, options);
4662
+ tree(input, options) {
4663
+ return callAthena2("/storage/folders/tree", "POST", input, options);
2722
4664
  },
2723
- delete(table, options) {
2724
- return input.from(table).delete(options);
4665
+ delete(input, options) {
4666
+ return base.deleteStorageFolder(input, options);
2725
4667
  },
2726
- rpc(fn, args, options) {
2727
- return input.rpc(fn, args, options);
4668
+ move(input, options) {
4669
+ return base.moveStorageFolder(input, options);
4670
+ }
4671
+ };
4672
+ const permission = {
4673
+ list(input, options) {
4674
+ return callAthena2("/storage/permissions/list", "POST", input, options);
2728
4675
  },
2729
- query(query, options) {
2730
- return input.query(query, options);
4676
+ grant(input, options) {
4677
+ return callAthena2("/storage/permissions/grant", "POST", input, options);
4678
+ },
4679
+ revoke(input, options) {
4680
+ return callAthena2("/storage/permissions/revoke", "POST", input, options);
4681
+ },
4682
+ check(input, options) {
4683
+ return callAthena2("/storage/permissions/check", "POST", input, options);
2731
4684
  }
2732
4685
  };
2733
- return db;
4686
+ const objectFolder = {
4687
+ create(input, options) {
4688
+ return callAthena2("/storage/objects/folder", "POST", input, options);
4689
+ },
4690
+ delete(input, options) {
4691
+ return callAthena2("/storage/objects/folder/delete", "POST", input, options);
4692
+ },
4693
+ rename(input, options) {
4694
+ return callAthena2("/storage/objects/folder/rename", "POST", input, options);
4695
+ }
4696
+ };
4697
+ const object = {
4698
+ list(input, options) {
4699
+ return callAthena2("/storage/objects", "POST", input, options);
4700
+ },
4701
+ head(input, options) {
4702
+ return callAthena2("/storage/objects/head", "POST", input, options);
4703
+ },
4704
+ exists(input, options) {
4705
+ return callAthena2("/storage/objects/exists", "POST", input, options);
4706
+ },
4707
+ validate(input, options) {
4708
+ return callAthena2("/storage/objects/validate", "POST", input, options);
4709
+ },
4710
+ update(input, options) {
4711
+ return callAthena2("/storage/objects/update", "POST", input, options);
4712
+ },
4713
+ copy(input, options) {
4714
+ return callAthena2("/storage/objects/copy", "POST", input, options);
4715
+ },
4716
+ url(input, options) {
4717
+ return callAthena2("/storage/objects/url", "POST", input, options);
4718
+ },
4719
+ publicUrl(input, options) {
4720
+ return callAthena2("/storage/objects/public-url", "POST", input, options);
4721
+ },
4722
+ delete(input, options) {
4723
+ return callAthena2("/storage/objects/delete", "POST", input, options);
4724
+ },
4725
+ uploadUrl(input, options) {
4726
+ return callAthena2("/storage/objects/upload-url", "POST", input, options);
4727
+ },
4728
+ folder: objectFolder
4729
+ };
4730
+ const bucket = {
4731
+ list(input, options) {
4732
+ return callAthena2("/storage/buckets/list", "POST", input, options);
4733
+ },
4734
+ create(input, options) {
4735
+ return callAthena2("/storage/buckets/create", "POST", input, options);
4736
+ },
4737
+ delete(input, options) {
4738
+ return callAthena2("/storage/buckets/delete", "POST", input, options);
4739
+ },
4740
+ cors: {
4741
+ get(input, options) {
4742
+ return callAthena2("/storage/buckets/cors", "POST", input, options);
4743
+ },
4744
+ set(input, options) {
4745
+ return callAthena2("/storage/buckets/cors/set", "POST", input, options);
4746
+ },
4747
+ delete(input, options) {
4748
+ return callAthena2("/storage/buckets/cors/delete", "POST", input, options);
4749
+ }
4750
+ }
4751
+ };
4752
+ const multipart = {
4753
+ create(input, options) {
4754
+ return callAthena2("/storage/multipart/create", "POST", input, options);
4755
+ },
4756
+ signPart(input, options) {
4757
+ return callAthena2("/storage/multipart/sign-part", "POST", input, options);
4758
+ },
4759
+ complete(input, options) {
4760
+ return callAthena2("/storage/multipart/complete", "POST", input, options);
4761
+ },
4762
+ abort(input, options) {
4763
+ return callAthena2("/storage/multipart/abort", "POST", input, options);
4764
+ },
4765
+ listParts(input, options) {
4766
+ return callAthena2("/storage/multipart/list-parts", "POST", input, options);
4767
+ }
4768
+ };
4769
+ const audit = {
4770
+ list(input, options) {
4771
+ return callAthena2("/storage/audit/list", "POST", input, options);
4772
+ }
4773
+ };
4774
+ return {
4775
+ ...base,
4776
+ credentials,
4777
+ catalog,
4778
+ file,
4779
+ folder,
4780
+ permission,
4781
+ object,
4782
+ bucket,
4783
+ multipart,
4784
+ audit,
4785
+ delete: file.delete
4786
+ };
2734
4787
  }
2735
4788
 
2736
4789
  // src/query-ast.ts
@@ -2760,7 +4813,7 @@ var BOOLEAN_SAFE_OPERATORS = /* @__PURE__ */ new Set([
2760
4813
  "ilike",
2761
4814
  "is"
2762
4815
  ]);
2763
- function isRecord5(value) {
4816
+ function isRecord7(value) {
2764
4817
  return Boolean(value) && typeof value === "object" && !Array.isArray(value);
2765
4818
  }
2766
4819
  function isUuidString(value) {
@@ -2773,7 +4826,7 @@ function shouldUseUuidTextComparison(column, value) {
2773
4826
  return typeof value === "string" && isUuidString(value) && isUuidIdentifierColumn(column);
2774
4827
  }
2775
4828
  function isRelationSelectNode(value) {
2776
- return isRecord5(value) && isRecord5(value.select);
4829
+ return isRecord7(value) && isRecord7(value.select);
2777
4830
  }
2778
4831
  function normalizeIdentifier(value, label) {
2779
4832
  const normalized = value.trim();
@@ -2829,7 +4882,7 @@ function compileRelationToken(key, node) {
2829
4882
  return `${prefix}${relationToken}(${nested})`;
2830
4883
  }
2831
4884
  function compileSelectShape(select) {
2832
- if (!isRecord5(select)) {
4885
+ if (!isRecord7(select)) {
2833
4886
  throw new Error("findMany select must be an object");
2834
4887
  }
2835
4888
  const tokens = [];
@@ -2853,7 +4906,7 @@ function compileSelectShape(select) {
2853
4906
  return tokens.join(",");
2854
4907
  }
2855
4908
  function selectShapeUsesRelationSchema(select) {
2856
- if (!isRecord5(select)) {
4909
+ if (!isRecord7(select)) {
2857
4910
  return false;
2858
4911
  }
2859
4912
  for (const rawValue of Object.values(select)) {
@@ -2871,7 +4924,7 @@ function selectShapeUsesRelationSchema(select) {
2871
4924
  }
2872
4925
  function compileColumnWhere(column, input) {
2873
4926
  const normalizedColumn = normalizeIdentifier(column, "where column");
2874
- if (!isRecord5(input)) {
4927
+ if (!isRecord7(input)) {
2875
4928
  return [buildGatewayCondition("eq", normalizedColumn, input)];
2876
4929
  }
2877
4930
  const conditions = [];
@@ -2899,7 +4952,7 @@ function compileColumnWhere(column, input) {
2899
4952
  return conditions;
2900
4953
  }
2901
4954
  function compileBooleanExpressionTerms(clause, label) {
2902
- if (!isRecord5(clause)) {
4955
+ if (!isRecord7(clause)) {
2903
4956
  throw new Error(`findMany where.${label} clauses must be objects`);
2904
4957
  }
2905
4958
  const entries = Object.entries(clause).filter(([, value]) => value !== void 0);
@@ -2908,7 +4961,7 @@ function compileBooleanExpressionTerms(clause, label) {
2908
4961
  }
2909
4962
  const [rawColumn, rawValue] = entries[0];
2910
4963
  const column = normalizeIdentifier(rawColumn, `where.${label} column`);
2911
- if (!isRecord5(rawValue)) {
4964
+ if (!isRecord7(rawValue)) {
2912
4965
  return [`${column}.eq.${stringifyFilterValue(rawValue)}`];
2913
4966
  }
2914
4967
  const operatorEntries = Object.entries(rawValue).filter(([, value]) => value !== void 0);
@@ -2932,7 +4985,7 @@ function compileWhere(where) {
2932
4985
  if (where === void 0) {
2933
4986
  return void 0;
2934
4987
  }
2935
- if (!isRecord5(where)) {
4988
+ if (!isRecord7(where)) {
2936
4989
  throw new Error("findMany where must be an object");
2937
4990
  }
2938
4991
  const conditions = [];
@@ -2982,7 +5035,7 @@ function compileOrderBy(orderBy) {
2982
5035
  if (orderBy === void 0) {
2983
5036
  return void 0;
2984
5037
  }
2985
- if (!isRecord5(orderBy)) {
5038
+ if (!isRecord7(orderBy)) {
2986
5039
  throw new Error("findMany orderBy must be an object");
2987
5040
  }
2988
5041
  if ("column" in orderBy) {
@@ -3157,11 +5210,11 @@ function toFindManyAstOrder(order) {
3157
5210
  ascending: order.direction !== "descending"
3158
5211
  };
3159
5212
  }
3160
- function isRecord6(value) {
5213
+ function isRecord8(value) {
3161
5214
  return Boolean(value) && typeof value === "object" && !Array.isArray(value);
3162
5215
  }
3163
5216
  function normalizeFindManyAstColumnPredicate(value) {
3164
- if (!isRecord6(value)) {
5217
+ if (!isRecord8(value)) {
3165
5218
  return {
3166
5219
  eq: value
3167
5220
  };
@@ -3185,7 +5238,7 @@ function normalizeFindManyAstBooleanOperand(clause) {
3185
5238
  return normalized;
3186
5239
  }
3187
5240
  function normalizeFindManyAstWhere(where) {
3188
- if (!where || !isRecord6(where)) {
5241
+ if (!where || !isRecord8(where)) {
3189
5242
  return where;
3190
5243
  }
3191
5244
  const normalized = {};
@@ -3199,7 +5252,7 @@ function normalizeFindManyAstWhere(where) {
3199
5252
  );
3200
5253
  continue;
3201
5254
  }
3202
- if (key === "not" && isRecord6(value)) {
5255
+ if (key === "not" && isRecord8(value)) {
3203
5256
  normalized.not = normalizeFindManyAstBooleanOperand(
3204
5257
  value
3205
5258
  );
@@ -3210,7 +5263,7 @@ function normalizeFindManyAstWhere(where) {
3210
5263
  return normalized;
3211
5264
  }
3212
5265
  function predicateRequiresUuidQueryFallback(column, value) {
3213
- if (!isRecord6(value)) {
5266
+ if (!isRecord8(value)) {
3214
5267
  return shouldUseUuidTextComparison(column, value);
3215
5268
  }
3216
5269
  const eqValue = value.eq;
@@ -3228,7 +5281,7 @@ function booleanOperandRequiresUuidQueryFallback(clause) {
3228
5281
  return false;
3229
5282
  }
3230
5283
  function findManyAstWhereRequiresLegacyTransport(where) {
3231
- if (!where || !isRecord6(where)) {
5284
+ if (!where || !isRecord8(where)) {
3232
5285
  return false;
3233
5286
  }
3234
5287
  for (const [key, value] of Object.entries(where)) {
@@ -3243,7 +5296,7 @@ function findManyAstWhereRequiresLegacyTransport(where) {
3243
5296
  }
3244
5297
  continue;
3245
5298
  }
3246
- if (key === "not" && isRecord6(value)) {
5299
+ if (key === "not" && isRecord8(value)) {
3247
5300
  if (booleanOperandRequiresUuidQueryFallback(value)) {
3248
5301
  return true;
3249
5302
  }
@@ -3445,7 +5498,7 @@ async function executeExperimentalRead(experimental, runner) {
3445
5498
  throw error;
3446
5499
  }
3447
5500
  }
3448
- function isRecord7(value) {
5501
+ function isRecord9(value) {
3449
5502
  return Boolean(value) && typeof value === "object" && !Array.isArray(value);
3450
5503
  }
3451
5504
  function firstNonEmptyString2(...values) {
@@ -3457,8 +5510,8 @@ function firstNonEmptyString2(...values) {
3457
5510
  return void 0;
3458
5511
  }
3459
5512
  function resolveStructuredErrorPayload2(raw) {
3460
- if (!isRecord7(raw)) return null;
3461
- return isRecord7(raw.error) ? raw.error : raw;
5513
+ if (!isRecord9(raw)) return null;
5514
+ return isRecord9(raw.error) ? raw.error : raw;
3462
5515
  }
3463
5516
  function resolveStructuredErrorDetails(payload, message) {
3464
5517
  if (!payload || !("details" in payload)) {
@@ -3474,7 +5527,7 @@ function resolveStructuredErrorDetails(payload, message) {
3474
5527
  return details;
3475
5528
  }
3476
5529
  function createResultError(response, result, normalized) {
3477
- const rawRecord = isRecord7(response.raw) ? response.raw : null;
5530
+ const rawRecord = isRecord9(response.raw) ? response.raw : null;
3478
5531
  const payload = resolveStructuredErrorPayload2(response.raw);
3479
5532
  const message = firstNonEmptyString2(
3480
5533
  response.error,
@@ -4937,7 +6990,7 @@ function createClientFromConfig(config) {
4937
6990
  };
4938
6991
  const query = createQueryBuilder(gateway, formatGatewayResult, config.experimental, queryTracer);
4939
6992
  const db = createDbModule({ from, rpc, query });
4940
- return {
6993
+ const sdkClient = {
4941
6994
  from,
4942
6995
  db,
4943
6996
  rpc,
@@ -4945,6 +6998,14 @@ function createClientFromConfig(config) {
4945
6998
  verifyConnection: gateway.verifyConnection,
4946
6999
  auth: auth.auth
4947
7000
  };
7001
+ if (config.experimental?.athenaStorageBackend) {
7002
+ const storageClient = {
7003
+ ...sdkClient,
7004
+ storage: createStorageModule(gateway, config.experimental.storage)
7005
+ };
7006
+ return storageClient;
7007
+ }
7008
+ return sdkClient;
4948
7009
  }
4949
7010
  var DEFAULT_BACKEND = { type: "athena" };
4950
7011
  function toBackendConfig(b) {
@@ -4975,6 +7036,12 @@ function mergeExperimentalOptions(current, next) {
4975
7036
  ...next.traceQueries
4976
7037
  };
4977
7038
  }
7039
+ if (current?.storage || next.storage) {
7040
+ merged.storage = {
7041
+ ...current?.storage ?? {},
7042
+ ...next.storage ?? {}
7043
+ };
7044
+ }
4978
7045
  return merged;
4979
7046
  }
4980
7047
  var AthenaClientBuilderImpl = class {
@@ -5011,7 +7078,7 @@ var AthenaClientBuilderImpl = class {
5011
7078
  }
5012
7079
  experimental(options) {
5013
7080
  this.experimentalOptions = mergeExperimentalOptions(this.experimentalOptions, options);
5014
- return this;
7081
+ return options.athenaStorageBackend ? this : this;
5015
7082
  }
5016
7083
  options(options) {
5017
7084
  if (options.client !== void 0) {
@@ -5032,7 +7099,7 @@ var AthenaClientBuilderImpl = class {
5032
7099
  if (options.experimental !== void 0) {
5033
7100
  this.experimentalOptions = mergeExperimentalOptions(this.experimentalOptions, options.experimental);
5034
7101
  }
5035
- return this;
7102
+ return options.experimental?.athenaStorageBackend ? this : this;
5036
7103
  }
5037
7104
  build() {
5038
7105
  if (!this.baseUrl || !this.apiKey) {
@@ -5663,7 +7730,7 @@ function resolveNullishValue(mode) {
5663
7730
  if (mode === "null") return null;
5664
7731
  return "";
5665
7732
  }
5666
- function isRecord8(value) {
7733
+ function isRecord10(value) {
5667
7734
  return Boolean(value) && typeof value === "object" && !Array.isArray(value);
5668
7735
  }
5669
7736
  function isNullableColumn(model, key) {
@@ -5672,7 +7739,7 @@ function isNullableColumn(model, key) {
5672
7739
  }
5673
7740
  function toModelFormDefaults(model, values, options) {
5674
7741
  const source = values;
5675
- if (!isRecord8(source)) {
7742
+ if (!isRecord10(source)) {
5676
7743
  return {};
5677
7744
  }
5678
7745
  const mode = options?.nullishMode ?? "empty-string";
@@ -6103,6 +8170,90 @@ async function loadGeneratorConfig(options = {}) {
6103
8170
  }
6104
8171
  }
6105
8172
 
8173
+ // src/generator/env.ts
8174
+ function readEnvStringValue2(key) {
8175
+ if (typeof process === "undefined" || !process.env) {
8176
+ return void 0;
8177
+ }
8178
+ const value = process.env[key];
8179
+ if (typeof value !== "string") {
8180
+ return void 0;
8181
+ }
8182
+ const trimmed = value.trim();
8183
+ return trimmed.length > 0 ? trimmed : void 0;
8184
+ }
8185
+ function throwMissingEnvVar(key) {
8186
+ throw new Error(
8187
+ `Generator config env var ${key} is missing or empty. Set ${key} or provide a default value.`
8188
+ );
8189
+ }
8190
+ function resolveEnvValue(key, options, resolver) {
8191
+ const rawValue = readEnvStringValue2(key);
8192
+ if (rawValue === void 0) {
8193
+ if (options?.default !== void 0) {
8194
+ return options.default;
8195
+ }
8196
+ if (options?.optional) {
8197
+ return void 0;
8198
+ }
8199
+ return throwMissingEnvVar(key);
8200
+ }
8201
+ return resolver(rawValue);
8202
+ }
8203
+ function resolveStringEnv(key, options) {
8204
+ return resolveEnvValue(key, options, (value) => value);
8205
+ }
8206
+ function resolveBooleanEnv(key, options) {
8207
+ return resolveEnvValue(key, options, (value) => parseBooleanFlag2(value, false));
8208
+ }
8209
+ function resolveListEnv(key, options) {
8210
+ return resolveEnvValue(key, options, (value) => {
8211
+ const separator = options?.separator ?? ",";
8212
+ return value.split(separator).map((entry) => entry.trim()).filter((entry, index, entries) => entry.length > 0 && entries.indexOf(entry) === index);
8213
+ })?.slice();
8214
+ }
8215
+ function resolveJsonEnv(key, options) {
8216
+ return resolveEnvValue(key, options, (value) => {
8217
+ try {
8218
+ return JSON.parse(value);
8219
+ } catch (error) {
8220
+ const message = error instanceof Error ? error.message : String(error);
8221
+ throw new Error(`Generator config env var ${key} must contain valid JSON. ${message}`);
8222
+ }
8223
+ });
8224
+ }
8225
+ function resolveOneOfEnv(key, allowedValues, options) {
8226
+ return resolveEnvValue(key, options, (value) => {
8227
+ if (allowedValues.includes(value)) {
8228
+ return value;
8229
+ }
8230
+ throw new Error(
8231
+ `Generator config env var ${key} must be one of: ${allowedValues.join(", ")}. Received: ${value}.`
8232
+ );
8233
+ });
8234
+ }
8235
+ function generatorEnvString(key, options) {
8236
+ return resolveStringEnv(key, options);
8237
+ }
8238
+ function generatorEnvBoolean(key, options) {
8239
+ return resolveBooleanEnv(key, options);
8240
+ }
8241
+ function generatorEnvList(key, options) {
8242
+ return resolveListEnv(key, options);
8243
+ }
8244
+ function generatorEnvJson(key, options) {
8245
+ return resolveJsonEnv(key, options);
8246
+ }
8247
+ function generatorEnvOneOf(key, allowedValues, options) {
8248
+ return resolveOneOfEnv(key, allowedValues, options);
8249
+ }
8250
+ var generatorEnv = Object.assign(generatorEnvString, {
8251
+ boolean: generatorEnvBoolean,
8252
+ list: generatorEnvList,
8253
+ json: generatorEnvJson,
8254
+ oneOf: generatorEnvOneOf
8255
+ });
8256
+
6106
8257
  // src/utils/slugify.ts
6107
8258
  function slugify(input) {
6108
8259
  return input.toLowerCase().replace(/[^a-z0-9]+/g, "-").replace(/^-+|-+$/g, "").slice(0, 64);
@@ -6860,6 +9011,433 @@ async function runSchemaGenerator(options = {}) {
6860
9011
  };
6861
9012
  }
6862
9013
 
6863
- export { AthenaClient, AthenaError, AthenaErrorCategory, AthenaErrorCode, AthenaErrorKind, AthenaGatewayError, Backend, DEFAULT_POSTGRES_SCHEMAS, assertInt, coerceInt, createAuthClient, createAuthReactEmailInput, createClient, createModelFormAdapter, createPostgresIntrospectionProvider, createTypedClient, defineAuthEmailTemplate, defineDatabase, defineGeneratorConfig, defineModel, defineRegistry, defineSchema, findGeneratorConfigPath, generateArtifactsFromSnapshot, identifier, isAthenaGatewayError, isOk, loadGeneratorConfig, normalizeAthenaError, normalizeAthenaGatewayBaseUrl, normalizeGeneratorConfig, normalizeSchemaSelection, parseBooleanFlag2 as parseBooleanFlag, renderAthenaReactEmail, requireAffected, requireSuccess, resolveGeneratorProvider, resolvePostgresColumnType, resolveProviderSchemas, runSchemaGenerator, toModelFormDefaults, toModelPayload, unwrap, unwrapOne, unwrapRows, verifyAthenaGatewayUrl, withRetry };
9014
+ // src/auth/server.ts
9015
+ var DEFAULT_AUTH_BASE_PATH = "/api/auth";
9016
+ var ATHENA_AUTH_BASE_ERROR_CODES = {
9017
+ HANDLER_NOT_CONFIGURED: "HANDLER_NOT_CONFIGURED",
9018
+ INVALID_BASE_URL: "INVALID_BASE_URL",
9019
+ UNTRUSTED_HOST: "UNTRUSTED_HOST"
9020
+ };
9021
+ function capitalize2(value) {
9022
+ return value.length > 0 ? `${value[0]?.toUpperCase()}${value.slice(1)}` : value;
9023
+ }
9024
+ function serializeSetCookieValue(name, value, attributes) {
9025
+ const parts = [`${name}=${encodeURIComponent(value)}`];
9026
+ const knownKeys = /* @__PURE__ */ new Set([
9027
+ "maxAge",
9028
+ "expires",
9029
+ "domain",
9030
+ "path",
9031
+ "secure",
9032
+ "httpOnly",
9033
+ "partitioned",
9034
+ "sameSite"
9035
+ ]);
9036
+ if (attributes.maxAge !== void 0) {
9037
+ parts.push(`Max-Age=${Math.trunc(attributes.maxAge)}`);
9038
+ }
9039
+ if (attributes.expires instanceof Date) {
9040
+ parts.push(`Expires=${attributes.expires.toUTCString()}`);
9041
+ }
9042
+ if (attributes.domain) {
9043
+ parts.push(`Domain=${attributes.domain}`);
9044
+ }
9045
+ if (attributes.path) {
9046
+ parts.push(`Path=${attributes.path}`);
9047
+ }
9048
+ if (attributes.secure) {
9049
+ parts.push("Secure");
9050
+ }
9051
+ if (attributes.httpOnly) {
9052
+ parts.push("HttpOnly");
9053
+ }
9054
+ if (attributes.partitioned) {
9055
+ parts.push("Partitioned");
9056
+ }
9057
+ if (attributes.sameSite) {
9058
+ parts.push(`SameSite=${capitalize2(attributes.sameSite)}`);
9059
+ }
9060
+ for (const [key, rawValue] of Object.entries(attributes)) {
9061
+ if (knownKeys.has(key) || rawValue === void 0 || rawValue === null || rawValue === false) {
9062
+ continue;
9063
+ }
9064
+ if (rawValue === true) {
9065
+ parts.push(key);
9066
+ continue;
9067
+ }
9068
+ parts.push(`${key}=${String(rawValue)}`);
9069
+ }
9070
+ return parts.join("; ");
9071
+ }
9072
+ function readCookieFromHeaders(headers, name) {
9073
+ const cookieHeader = headers?.get("cookie");
9074
+ if (!cookieHeader) {
9075
+ return void 0;
9076
+ }
9077
+ return parseCookies(cookieHeader).get(name);
9078
+ }
9079
+ function isRecord11(value) {
9080
+ return Boolean(value) && typeof value === "object" && !Array.isArray(value);
9081
+ }
9082
+ function resolveSessionCandidate(value) {
9083
+ if (!isRecord11(value)) {
9084
+ return null;
9085
+ }
9086
+ const session = isRecord11(value.session) ? value.session : void 0;
9087
+ const user = isRecord11(value.user) ? value.user : void 0;
9088
+ if (session && typeof session.token === "string" && session.token.length > 0 && user) {
9089
+ return {
9090
+ session,
9091
+ user
9092
+ };
9093
+ }
9094
+ return null;
9095
+ }
9096
+ function inferSessionPair(returned) {
9097
+ return resolveSessionCandidate(returned) ?? (isRecord11(returned) ? resolveSessionCandidate(returned.data) : null) ?? (isRecord11(returned) ? resolveSessionCandidate(returned.session) : null);
9098
+ }
9099
+ function resolveResponseHeaders(ctx) {
9100
+ if (ctx.context.responseHeaders instanceof Headers) {
9101
+ return ctx.context.responseHeaders;
9102
+ }
9103
+ const headers = new Headers();
9104
+ ctx.context.responseHeaders = headers;
9105
+ return headers;
9106
+ }
9107
+ function normalizeBaseURL(baseURL) {
9108
+ return baseURL.replace(/\/$/, "");
9109
+ }
9110
+ function normalizeBasePath(basePath) {
9111
+ if (!basePath || basePath === "/") {
9112
+ return DEFAULT_AUTH_BASE_PATH;
9113
+ }
9114
+ const normalized = basePath.startsWith("/") ? basePath : `/${basePath}`;
9115
+ return normalized.endsWith("/") && normalized.length > 1 ? normalized.slice(0, -1) : normalized;
9116
+ }
9117
+ function isDynamicBaseURLConfig2(baseURL) {
9118
+ return typeof baseURL === "object" && baseURL !== null && "allowedHosts" in baseURL && Array.isArray(baseURL.allowedHosts);
9119
+ }
9120
+ function getRequestUrl(request) {
9121
+ try {
9122
+ return new URL(request.url);
9123
+ } catch {
9124
+ return new URL("http://localhost");
9125
+ }
9126
+ }
9127
+ function getRequestHost(request, url) {
9128
+ const forwardedHost = request.headers.get("x-forwarded-host")?.split(",")[0]?.trim();
9129
+ const host = forwardedHost || request.headers.get("host") || url.host;
9130
+ return host || null;
9131
+ }
9132
+ function getRequestProtocol(request, configuredProtocol, url) {
9133
+ if (configuredProtocol === "http" || configuredProtocol === "https") {
9134
+ return configuredProtocol;
9135
+ }
9136
+ const forwardedProto = request.headers.get("x-forwarded-proto")?.split(",")[0]?.trim();
9137
+ if (forwardedProto === "http" || forwardedProto === "https") {
9138
+ return forwardedProto;
9139
+ }
9140
+ if (url.protocol === "http:" || url.protocol === "https:") {
9141
+ return url.protocol.slice(0, -1);
9142
+ }
9143
+ return "http";
9144
+ }
9145
+ function resolveRequestBaseURL(baseURL, request) {
9146
+ if (typeof baseURL === "string") {
9147
+ return normalizeBaseURL(baseURL);
9148
+ }
9149
+ const requestUrl = getRequestUrl(request);
9150
+ const host = getRequestHost(request, requestUrl);
9151
+ if (!host) {
9152
+ return null;
9153
+ }
9154
+ if (isDynamicBaseURLConfig2(baseURL)) {
9155
+ const allowedHosts = baseURL.allowedHosts ?? [];
9156
+ if (allowedHosts.length > 0 && !allowedHosts.includes(host)) {
9157
+ return null;
9158
+ }
9159
+ }
9160
+ const protocol = typeof baseURL === "object" && baseURL !== null ? getRequestProtocol(request, baseURL.protocol, requestUrl) : getRequestProtocol(request, void 0, requestUrl);
9161
+ return `${protocol}://${host}`;
9162
+ }
9163
+ function getOrigin(baseURL) {
9164
+ if (!baseURL) {
9165
+ return void 0;
9166
+ }
9167
+ try {
9168
+ return new URL(baseURL).origin;
9169
+ } catch {
9170
+ return void 0;
9171
+ }
9172
+ }
9173
+ async function resolveTrustedOrigins(config, baseURL, request) {
9174
+ const resolved = typeof config.trustedOrigins === "function" ? await config.trustedOrigins(request) : config.trustedOrigins ?? [];
9175
+ const values = [
9176
+ getOrigin(baseURL),
9177
+ ...resolved
9178
+ ];
9179
+ return Array.from(new Set(values.filter((value) => typeof value === "string" && value.length > 0)));
9180
+ }
9181
+ async function resolveTrustedProviders(config, request) {
9182
+ const configured = typeof config.trustedProviders === "function" ? await config.trustedProviders(request) : config.trustedProviders ?? [];
9183
+ const values = [
9184
+ ...Object.keys(config.socialProviders ?? {}),
9185
+ ...configured
9186
+ ];
9187
+ return Array.from(new Set(values.filter((value) => typeof value === "string" && value.length > 0)));
9188
+ }
9189
+ function createJsonResponse(payload, init) {
9190
+ const headers = new Headers(init?.headers);
9191
+ if (!headers.has("content-type")) {
9192
+ headers.set("content-type", "application/json; charset=utf-8");
9193
+ }
9194
+ return new Response(JSON.stringify(payload), {
9195
+ ...init,
9196
+ headers
9197
+ });
9198
+ }
9199
+ function mergeResponseHeaders(response, headers) {
9200
+ return new Response(response.body, {
9201
+ status: response.status,
9202
+ statusText: response.statusText,
9203
+ headers
9204
+ });
9205
+ }
9206
+ function defineAthenaAuthConfig(config) {
9207
+ return config;
9208
+ }
9209
+ function athenaAuth(config) {
9210
+ const normalizedBasePath = normalizeBasePath(config.basePath);
9211
+ const staticBaseURL = typeof config.baseURL === "string" ? normalizeBaseURL(config.baseURL) : void 0;
9212
+ const runtime = {
9213
+ baseURL: staticBaseURL,
9214
+ basePath: normalizedBasePath,
9215
+ secret: config.secret,
9216
+ cookies: {
9217
+ session: config.session,
9218
+ advanced: config.advanced
9219
+ }
9220
+ };
9221
+ const resolvedDatabase = typeof config.database === "function" ? config.database(runtime) : config.database;
9222
+ const cookies = getCookies({
9223
+ baseURL: staticBaseURL ?? config.baseURL,
9224
+ session: config.session,
9225
+ advanced: config.advanced
9226
+ });
9227
+ const auth = {};
9228
+ const createCookieContext = (input = {}) => {
9229
+ const responseHeaders = input.responseHeaders ?? new Headers();
9230
+ const runtimeHeaders = input.headers;
9231
+ const authCookies = input.cookies ?? auth.cookies;
9232
+ const setCookie = input.setCookie ?? ((name, value, attributes) => {
9233
+ responseHeaders.append(
9234
+ "set-cookie",
9235
+ serializeSetCookieValue(name, value, attributes)
9236
+ );
9237
+ });
9238
+ return {
9239
+ headers: runtimeHeaders,
9240
+ getCookie: input.getCookie ?? ((name) => readCookieFromHeaders(runtimeHeaders, name)),
9241
+ setCookie,
9242
+ logger: input.logger,
9243
+ setSignedCookie: input.setSignedCookie,
9244
+ getSignedCookie: input.getSignedCookie,
9245
+ context: {
9246
+ secret: runtime.secret,
9247
+ authCookies,
9248
+ sessionConfig: {
9249
+ expiresIn: config.session?.expiresIn
9250
+ },
9251
+ options: {
9252
+ session: {
9253
+ cookieCache: config.session?.cookieCache
9254
+ },
9255
+ account: {
9256
+ storeAccountCookie: true
9257
+ }
9258
+ },
9259
+ setNewSession: input.setNewSession
9260
+ }
9261
+ };
9262
+ };
9263
+ const setSession = async (input, session, dontRememberMe, overrides) => {
9264
+ const cookieContext = createCookieContext(input);
9265
+ await setSessionCookie(cookieContext, session, dontRememberMe, overrides);
9266
+ };
9267
+ const clearSession = (input, skipDontRememberMe) => {
9268
+ const cookieContext = createCookieContext(input);
9269
+ deleteSessionCookie(cookieContext, skipDontRememberMe);
9270
+ };
9271
+ const applyResponseCookies = async (ctx) => {
9272
+ const responseHeaders = resolveResponseHeaders(ctx);
9273
+ const session = ctx.context.setSession ?? inferSessionPair(ctx.context.returned);
9274
+ if (ctx.context.clearSession) {
9275
+ clearSession({
9276
+ headers: ctx.headers,
9277
+ responseHeaders
9278
+ });
9279
+ }
9280
+ if (session) {
9281
+ await setSession(
9282
+ {
9283
+ headers: ctx.headers,
9284
+ responseHeaders
9285
+ },
9286
+ session,
9287
+ ctx.context.dontRememberMe,
9288
+ ctx.context.cookieOverrides
9289
+ );
9290
+ }
9291
+ return responseHeaders;
9292
+ };
9293
+ const runAfterHooks = async (ctx) => {
9294
+ for (const plugin of auth.plugins) {
9295
+ for (const hook of plugin.hooks?.after ?? []) {
9296
+ if (!hook.matcher(ctx)) {
9297
+ continue;
9298
+ }
9299
+ await hook.handler({
9300
+ ...ctx,
9301
+ auth
9302
+ });
9303
+ }
9304
+ }
9305
+ return ctx;
9306
+ };
9307
+ const resolveRequestContext = async (request) => {
9308
+ const requestUrl = getRequestUrl(request);
9309
+ const resolvedBaseURL = resolveRequestBaseURL(config.baseURL, request);
9310
+ if (!resolvedBaseURL) {
9311
+ throw new Error(
9312
+ isDynamicBaseURLConfig2(config.baseURL) ? "Could not resolve base URL from request. Check allowedHosts/baseURL." : "Could not resolve base URL from request."
9313
+ );
9314
+ }
9315
+ const requestCookies = getCookies({
9316
+ baseURL: resolvedBaseURL,
9317
+ session: config.session,
9318
+ advanced: config.advanced
9319
+ });
9320
+ const trustedOrigins = await resolveTrustedOrigins(config, resolvedBaseURL, request);
9321
+ const trustedProviders = await resolveTrustedProviders(config, request);
9322
+ return {
9323
+ auth,
9324
+ request,
9325
+ url: requestUrl,
9326
+ path: requestUrl.pathname,
9327
+ basePath: normalizedBasePath,
9328
+ baseURL: resolvedBaseURL,
9329
+ origin: getOrigin(resolvedBaseURL) ?? resolvedBaseURL,
9330
+ headers: request.headers,
9331
+ cookies: requestCookies,
9332
+ trustedOrigins,
9333
+ trustedProviders,
9334
+ options: config,
9335
+ runtime: {
9336
+ ...runtime,
9337
+ baseURL: resolvedBaseURL
9338
+ },
9339
+ database: auth.database,
9340
+ socialProviders: auth.socialProviders
9341
+ };
9342
+ };
9343
+ const handler = async (request) => {
9344
+ const requestContext = await resolveRequestContext(request);
9345
+ if (typeof config.handler !== "function") {
9346
+ return createJsonResponse(
9347
+ {
9348
+ ok: false,
9349
+ code: ATHENA_AUTH_BASE_ERROR_CODES.HANDLER_NOT_CONFIGURED,
9350
+ error: "No native auth handler was configured for this Athena auth instance.",
9351
+ path: requestContext.path,
9352
+ basePath: requestContext.basePath
9353
+ },
9354
+ { status: 501 }
9355
+ );
9356
+ }
9357
+ const result = await config.handler(requestContext);
9358
+ if (result instanceof Response) {
9359
+ return result;
9360
+ }
9361
+ const response = result.response ?? (result.returned !== void 0 ? createJsonResponse(result.returned) : new Response(null, { status: 204 }));
9362
+ const responseHeaders = new Headers(response.headers);
9363
+ await runAfterHooks({
9364
+ path: requestContext.path,
9365
+ headers: request.headers,
9366
+ context: {
9367
+ responseHeaders,
9368
+ returned: result.returned,
9369
+ setSession: result.setSession,
9370
+ clearSession: result.clearSession,
9371
+ dontRememberMe: result.dontRememberMe,
9372
+ cookieOverrides: result.cookieOverrides
9373
+ }
9374
+ });
9375
+ return mergeResponseHeaders(response, responseHeaders);
9376
+ };
9377
+ const api = Object.assign(
9378
+ {
9379
+ applyResponseCookies,
9380
+ clearSession,
9381
+ createCookieContext,
9382
+ getCookieCache,
9383
+ getSessionCookie,
9384
+ resolveRequestContext,
9385
+ runAfterHooks,
9386
+ setSession
9387
+ },
9388
+ config.api ?? {}
9389
+ );
9390
+ const $ERROR_CODES = {
9391
+ ...auth.plugins?.reduce((acc, plugin) => {
9392
+ if (plugin.$ERROR_CODES) {
9393
+ return {
9394
+ ...acc,
9395
+ ...plugin.$ERROR_CODES
9396
+ };
9397
+ }
9398
+ return acc;
9399
+ }, {}),
9400
+ ...config.errorCodes ?? {},
9401
+ ...ATHENA_AUTH_BASE_ERROR_CODES
9402
+ };
9403
+ Object.assign(auth, {
9404
+ config,
9405
+ options: config,
9406
+ runtime,
9407
+ database: resolvedDatabase,
9408
+ socialProviders: config.socialProviders ?? {},
9409
+ plugins: [...config.plugins ?? []],
9410
+ cookies,
9411
+ api,
9412
+ $ERROR_CODES,
9413
+ createCookieContext,
9414
+ setSession,
9415
+ clearSession,
9416
+ applyResponseCookies,
9417
+ runAfterHooks,
9418
+ resolveRequestContext,
9419
+ handler
9420
+ });
9421
+ auth.$context = Promise.all([
9422
+ resolveTrustedOrigins(config, staticBaseURL),
9423
+ resolveTrustedProviders(config)
9424
+ ]).then(([trustedOrigins, trustedProviders]) => ({
9425
+ auth,
9426
+ options: config,
9427
+ runtime,
9428
+ basePath: normalizedBasePath,
9429
+ baseURL: staticBaseURL,
9430
+ origin: getOrigin(staticBaseURL),
9431
+ database: auth.database,
9432
+ socialProviders: auth.socialProviders,
9433
+ plugins: auth.plugins,
9434
+ cookies: auth.cookies,
9435
+ trustedOrigins,
9436
+ trustedProviders
9437
+ }));
9438
+ return auth;
9439
+ }
9440
+
9441
+ export { ATHENA_AUTH_BASE_ERROR_CODES, AthenaClient, AthenaError, AthenaErrorCategory, AthenaErrorCode, AthenaErrorKind, AthenaGatewayError, AthenaStorageError, AthenaStorageErrorCode, Backend, DEFAULT_POSTGRES_SCHEMAS, assertInt, athenaAuth, coerceInt, createAthenaStorageError, createAuthClient, createAuthReactEmailInput, createClient, createModelFormAdapter, createPostgresIntrospectionProvider, createTypedClient, defineAthenaAuthConfig, defineAuthEmailTemplate, defineDatabase, defineGeneratorConfig, defineModel, defineRegistry, defineSchema, findGeneratorConfigPath, generateArtifactsFromSnapshot, generatorEnv, identifier, isAthenaGatewayError, isOk, loadGeneratorConfig, normalizeAthenaError, normalizeAthenaGatewayBaseUrl, normalizeGeneratorConfig, normalizeSchemaSelection, parseBooleanFlag2 as parseBooleanFlag, renderAthenaReactEmail, requireAffected, requireSuccess, resolveGeneratorProvider, resolvePostgresColumnType, resolveProviderSchemas, runSchemaGenerator, storageSdkManifest, toModelFormDefaults, toModelPayload, unwrap, unwrapOne, unwrapRows, verifyAthenaGatewayUrl, withRetry };
6864
9442
  //# sourceMappingURL=index.js.map
6865
9443
  //# sourceMappingURL=index.js.map