@xylex-group/athena 2.4.1 → 2.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. package/README.md +52 -1
  2. package/bin/athena-js.js +0 -0
  3. package/dist/browser.cjs +2642 -56
  4. package/dist/browser.cjs.map +1 -1
  5. package/dist/browser.d.cts +8 -7
  6. package/dist/browser.d.ts +8 -7
  7. package/dist/browser.js +2635 -57
  8. package/dist/browser.js.map +1 -1
  9. package/dist/cli/index.cjs +1648 -239
  10. package/dist/cli/index.cjs.map +1 -1
  11. package/dist/cli/index.d.cts +3 -3
  12. package/dist/cli/index.d.ts +3 -3
  13. package/dist/cli/index.js +1648 -239
  14. package/dist/cli/index.js.map +1 -1
  15. package/dist/cookies.cjs +10 -3
  16. package/dist/cookies.cjs.map +1 -1
  17. package/dist/cookies.d.cts +1 -174
  18. package/dist/cookies.d.ts +1 -174
  19. package/dist/cookies.js +10 -3
  20. package/dist/cookies.js.map +1 -1
  21. package/dist/index-CVcQCGyG.d.cts +174 -0
  22. package/dist/index-CVcQCGyG.d.ts +174 -0
  23. package/dist/index.cjs +2642 -56
  24. package/dist/index.cjs.map +1 -1
  25. package/dist/index.d.cts +8 -7
  26. package/dist/index.d.ts +8 -7
  27. package/dist/index.js +2635 -57
  28. package/dist/index.js.map +1 -1
  29. package/dist/model-form-AKYrgede.d.ts +2772 -0
  30. package/dist/model-form-ehfqLuG7.d.cts +2772 -0
  31. package/dist/{pipeline-CR4V15jF.d.ts → pipeline-BUsR9XlO.d.ts} +1 -1
  32. package/dist/{pipeline-DZeExYMA.d.cts → pipeline-BfCWSRYl.d.cts} +1 -1
  33. package/dist/react-email-BQzmXBDE.d.cts +304 -0
  34. package/dist/react-email-BrVRp80B.d.ts +304 -0
  35. package/dist/react.cjs +178 -71
  36. package/dist/react.cjs.map +1 -1
  37. package/dist/react.d.cts +22 -5
  38. package/dist/react.d.ts +22 -5
  39. package/dist/react.js +92 -5
  40. package/dist/react.js.map +1 -1
  41. package/dist/{types-D1JvL21V.d.cts → types-BSIsyss1.d.cts} +1 -1
  42. package/dist/{types-09Q4D86N.d.cts → types-BsyRW49r.d.cts} +3 -3
  43. package/dist/{types-09Q4D86N.d.ts → types-BsyRW49r.d.ts} +3 -3
  44. package/dist/{types-DU3gNdFv.d.ts → types-t_TVqnmp.d.ts} +1 -1
  45. package/package.json +22 -21
  46. package/dist/model-form-4LPnOPAF.d.cts +0 -1383
  47. package/dist/model-form-CO4-LmNC.d.ts +0 -1383
  48. package/dist/react-email-6mOyxBo4.d.cts +0 -657
  49. package/dist/react-email-Buhcpglm.d.ts +0 -657
package/dist/browser.cjs CHANGED
@@ -127,6 +127,60 @@ function buildAthenaGatewayUrl(baseUrl, path) {
127
127
  return `${baseUrl}${path}`;
128
128
  }
129
129
 
130
+ // src/cookies/base64.ts
131
+ function getAtob() {
132
+ const candidate = globalThis.atob;
133
+ return typeof candidate === "function" ? candidate : void 0;
134
+ }
135
+ function getBtoa() {
136
+ const candidate = globalThis.btoa;
137
+ return typeof candidate === "function" ? candidate : void 0;
138
+ }
139
+ function bytesToBinaryString(bytes) {
140
+ let result = "";
141
+ for (const byte of bytes) {
142
+ result += String.fromCharCode(byte);
143
+ }
144
+ return result;
145
+ }
146
+ function binaryStringToBytes(binary) {
147
+ const bytes = new Uint8Array(binary.length);
148
+ for (let i = 0; i < binary.length; i++) {
149
+ bytes[i] = binary.charCodeAt(i);
150
+ }
151
+ return bytes;
152
+ }
153
+ function encodeBase64(bytes) {
154
+ const btoaFn = getBtoa();
155
+ if (btoaFn) {
156
+ return btoaFn(bytesToBinaryString(bytes));
157
+ }
158
+ return Buffer.from(bytes).toString("base64");
159
+ }
160
+ function decodeBase64(base64) {
161
+ const atobFn = getAtob();
162
+ if (atobFn) {
163
+ return binaryStringToBytes(atobFn(base64));
164
+ }
165
+ return new Uint8Array(Buffer.from(base64, "base64"));
166
+ }
167
+ function encodeBytesToBase64Url(bytes) {
168
+ return encodeBase64(bytes).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
169
+ }
170
+ function encodeStringToBase64Url(value) {
171
+ const bytes = new TextEncoder().encode(value);
172
+ return encodeBytesToBase64Url(bytes);
173
+ }
174
+ function decodeBase64UrlToBytes(value) {
175
+ const normalized = value.replace(/-/g, "+").replace(/_/g, "/");
176
+ const paddingLength = normalized.length % 4;
177
+ const padded = paddingLength === 0 ? normalized : `${normalized}${"=".repeat(4 - paddingLength)}`;
178
+ return decodeBase64(padded);
179
+ }
180
+ function decodeBase64UrlToString(value) {
181
+ return new TextDecoder().decode(decodeBase64UrlToBytes(value));
182
+ }
183
+
130
184
  // src/cookies/cookie-utils.ts
131
185
  var SECURE_COOKIE_PREFIX = "__Secure-";
132
186
  function parseCookies(cookieHeader) {
@@ -138,24 +192,615 @@ function parseCookies(cookieHeader) {
138
192
  });
139
193
  return cookieMap;
140
194
  }
195
+
196
+ // src/cookies/crypto.ts
197
+ var HS256_ALG = "HS256";
198
+ async function getSubtleCrypto() {
199
+ const globalCrypto = globalThis.crypto;
200
+ if (globalCrypto?.subtle) {
201
+ return globalCrypto.subtle;
202
+ }
203
+ const { webcrypto } = await import('crypto');
204
+ const subtle = webcrypto.subtle;
205
+ if (!subtle) {
206
+ throw new Error("Web Crypto subtle API is unavailable.");
207
+ }
208
+ return subtle;
209
+ }
210
+ async function importHmacKey(secret, usage) {
211
+ const subtle = await getSubtleCrypto();
212
+ return subtle.importKey(
213
+ "raw",
214
+ new TextEncoder().encode(secret),
215
+ {
216
+ name: "HMAC",
217
+ hash: "SHA-256"
218
+ },
219
+ false,
220
+ [usage]
221
+ );
222
+ }
223
+ function bufferToBytes(buffer) {
224
+ return new Uint8Array(buffer);
225
+ }
226
+ function parseJwtPayload(payloadSegment) {
227
+ try {
228
+ const decoded = decodeBase64UrlToString(payloadSegment);
229
+ const payload = JSON.parse(decoded);
230
+ if (!payload || typeof payload !== "object") {
231
+ return null;
232
+ }
233
+ return payload;
234
+ } catch {
235
+ return null;
236
+ }
237
+ }
238
+ function isJwtExpired(payload) {
239
+ const exp = payload.exp;
240
+ if (typeof exp !== "number") {
241
+ return false;
242
+ }
243
+ return exp < Math.floor(Date.now() / 1e3);
244
+ }
245
+ async function signHmacBase64Url(secret, value) {
246
+ const subtle = await getSubtleCrypto();
247
+ const key = await importHmacKey(secret, "sign");
248
+ const signature = await subtle.sign("HMAC", key, new TextEncoder().encode(value));
249
+ return encodeBytesToBase64Url(bufferToBytes(signature));
250
+ }
251
+ async function signJwtHS256(payload, secret, expiresIn = 60 * 5) {
252
+ const now = Math.floor(Date.now() / 1e3);
253
+ const header = { alg: HS256_ALG, typ: "JWT" };
254
+ const fullPayload = {
255
+ ...payload,
256
+ iat: now,
257
+ exp: now + expiresIn
258
+ };
259
+ const headerPart = encodeStringToBase64Url(JSON.stringify(header));
260
+ const payloadPart = encodeStringToBase64Url(JSON.stringify(fullPayload));
261
+ const message = `${headerPart}.${payloadPart}`;
262
+ const signature = await signHmacBase64Url(secret, message);
263
+ return `${message}.${signature}`;
264
+ }
265
+ async function verifyJwtHS256(token, secret) {
266
+ const parts = token.split(".");
267
+ if (parts.length !== 3) {
268
+ return null;
269
+ }
270
+ const [headerPart, payloadPart, signaturePart] = parts;
271
+ if (!headerPart || !payloadPart || !signaturePart) {
272
+ return null;
273
+ }
274
+ let header = null;
275
+ try {
276
+ header = JSON.parse(decodeBase64UrlToString(headerPart));
277
+ } catch {
278
+ return null;
279
+ }
280
+ if (!header || header.alg !== HS256_ALG) {
281
+ return null;
282
+ }
283
+ const payload = parseJwtPayload(payloadPart);
284
+ if (!payload) {
285
+ return null;
286
+ }
287
+ const expectedSignature = await signHmacBase64Url(secret, `${headerPart}.${payloadPart}`);
288
+ if (expectedSignature !== signaturePart) {
289
+ return null;
290
+ }
291
+ if (isJwtExpired(payload)) {
292
+ return null;
293
+ }
294
+ return payload;
295
+ }
296
+
297
+ // src/cookies/session-store.ts
298
+ var ALLOWED_COOKIE_SIZE = 4096;
299
+ var ESTIMATED_EMPTY_COOKIE_SIZE = 200;
300
+ var CHUNK_SIZE = ALLOWED_COOKIE_SIZE - ESTIMATED_EMPTY_COOKIE_SIZE;
301
+ function getChunkIndex(cookieName) {
302
+ const parts = cookieName.split(".");
303
+ const lastPart = parts[parts.length - 1];
304
+ const index = parseInt(lastPart || "0", 10);
305
+ return Number.isNaN(index) ? 0 : index;
306
+ }
307
+ function readExistingChunks(cookieName, ctx) {
308
+ const chunks = {};
309
+ const cookies = parseCookies(ctx.headers?.get("cookie") || "");
310
+ for (const [name, value] of cookies) {
311
+ if (name.startsWith(cookieName)) {
312
+ chunks[name] = value;
313
+ }
314
+ }
315
+ return chunks;
316
+ }
317
+ function joinChunks(chunks) {
318
+ const sortedKeys = Object.keys(chunks).sort((left, right) => getChunkIndex(left) - getChunkIndex(right));
319
+ return sortedKeys.map((key) => chunks[key]).join("");
320
+ }
321
+ function chunkCookie(storeName, cookie, chunks, ctx) {
322
+ const chunkCount = Math.ceil(cookie.value.length / CHUNK_SIZE);
323
+ if (chunkCount === 1) {
324
+ chunks[cookie.name] = cookie.value;
325
+ return [cookie];
326
+ }
327
+ const cookies = [];
328
+ for (let index = 0; index < chunkCount; index++) {
329
+ const name = `${cookie.name}.${index}`;
330
+ const start = index * CHUNK_SIZE;
331
+ const value = cookie.value.substring(start, start + CHUNK_SIZE);
332
+ cookies.push({
333
+ ...cookie,
334
+ name,
335
+ value
336
+ });
337
+ chunks[name] = value;
338
+ }
339
+ ctx.logger?.debug?.(`CHUNKING_${storeName.toUpperCase()}_COOKIE`, {
340
+ message: `${storeName} cookie exceeds allowed ${ALLOWED_COOKIE_SIZE} bytes.`,
341
+ emptyCookieSize: ESTIMATED_EMPTY_COOKIE_SIZE,
342
+ valueSize: cookie.value.length,
343
+ chunkCount,
344
+ chunks: cookies.map((entry) => entry.value.length + ESTIMATED_EMPTY_COOKIE_SIZE)
345
+ });
346
+ return cookies;
347
+ }
348
+ function getCleanCookies(chunks, cookieOptions) {
349
+ const cleanedChunks = {};
350
+ for (const name in chunks) {
351
+ cleanedChunks[name] = {
352
+ name,
353
+ value: "",
354
+ attributes: {
355
+ ...cookieOptions,
356
+ maxAge: 0
357
+ }
358
+ };
359
+ }
360
+ return cleanedChunks;
361
+ }
362
+ var storeFactory = (storeName) => (cookieName, cookieOptions, ctx) => {
363
+ const chunks = readExistingChunks(cookieName, ctx);
364
+ return {
365
+ getValue() {
366
+ return joinChunks(chunks);
367
+ },
368
+ hasChunks() {
369
+ return Object.keys(chunks).length > 0;
370
+ },
371
+ chunk(value, options) {
372
+ const cleanedChunks = getCleanCookies(chunks, cookieOptions);
373
+ for (const name in chunks) {
374
+ delete chunks[name];
375
+ }
376
+ const cookies = cleanedChunks;
377
+ const chunked = chunkCookie(
378
+ storeName,
379
+ {
380
+ name: cookieName,
381
+ value,
382
+ attributes: {
383
+ ...cookieOptions,
384
+ ...options
385
+ }
386
+ },
387
+ chunks,
388
+ ctx
389
+ );
390
+ for (const chunk of chunked) {
391
+ cookies[chunk.name] = chunk;
392
+ }
393
+ return Object.values(cookies);
394
+ },
395
+ clean() {
396
+ const cleanedChunks = getCleanCookies(chunks, cookieOptions);
397
+ for (const name in chunks) {
398
+ delete chunks[name];
399
+ }
400
+ return Object.values(cleanedChunks);
401
+ },
402
+ setCookies(cookies) {
403
+ for (const cookie of cookies) {
404
+ ctx.setCookie(cookie.name, cookie.value, cookie.attributes);
405
+ }
406
+ }
407
+ };
408
+ };
409
+ var createSessionStore = storeFactory("Session");
410
+ var createAccountStore = storeFactory("Account");
411
+
412
+ // src/cookies/index.ts
413
+ var DEFAULT_COOKIE_PREFIX = "athena-auth";
414
+ var LEGACY_COOKIE_PREFIX = "better-auth";
415
+ var DEFAULT_SESSION_MAX_AGE = 7 * 24 * 60 * 60;
416
+ var DEFAULT_CACHE_MAX_AGE = 60 * 5;
417
+ function isProductionRuntime() {
418
+ return typeof process !== "undefined" && process.env?.NODE_ENV === "production";
419
+ }
420
+ function getEnvironmentSecret() {
421
+ if (typeof process === "undefined") {
422
+ return void 0;
423
+ }
424
+ return process.env?.ATHENA_AUTH_SECRET || process.env?.BETTER_AUTH_SECRET || process.env?.AUTH_SECRET;
425
+ }
426
+ function isDynamicBaseURLConfig(baseURL) {
427
+ return typeof baseURL === "object" && baseURL !== null && "allowedHosts" in baseURL && Array.isArray(baseURL.allowedHosts);
428
+ }
429
+ function resolveCookiePrefixes(primaryPrefix) {
430
+ const prefixes = [primaryPrefix];
431
+ if (!prefixes.includes(DEFAULT_COOKIE_PREFIX)) {
432
+ prefixes.push(DEFAULT_COOKIE_PREFIX);
433
+ }
434
+ if (!prefixes.includes(LEGACY_COOKIE_PREFIX)) {
435
+ prefixes.push(LEGACY_COOKIE_PREFIX);
436
+ }
437
+ return prefixes;
438
+ }
439
+ function createError(message) {
440
+ return new Error(`@xylex-group/athena/cookies: ${message}`);
441
+ }
442
+ function getSecretOrThrow(secret) {
443
+ const resolved = secret || getEnvironmentSecret();
444
+ if (!resolved) {
445
+ throw createError(
446
+ "getCookieCache requires a secret. Pass `secret` or set ATHENA_AUTH_SECRET/BETTER_AUTH_SECRET/AUTH_SECRET."
447
+ );
448
+ }
449
+ return resolved;
450
+ }
451
+ function asObject(value) {
452
+ if (!value || typeof value !== "object") {
453
+ return null;
454
+ }
455
+ return value;
456
+ }
457
+ function getSessionTokenFromPair(session) {
458
+ const token = session.session?.token;
459
+ if (typeof token !== "string" || token.length === 0) {
460
+ throw createError("setSessionCookie requires `session.session.token` to be a non-empty string.");
461
+ }
462
+ return token;
463
+ }
464
+ async function resolveCookieVersion(versionConfig, session, user) {
465
+ if (!versionConfig) {
466
+ return "1";
467
+ }
468
+ if (typeof versionConfig === "string") {
469
+ return versionConfig;
470
+ }
471
+ return versionConfig(session, user);
472
+ }
473
+ function getSessionCookieCacheName(cookiePrefix, cookieName, isSecure) {
474
+ return isSecure ? `${SECURE_COOKIE_PREFIX}${cookiePrefix}.${cookieName}` : `${cookiePrefix}.${cookieName}`;
475
+ }
476
+ async function setCookieValue(ctx, name, value, attributes) {
477
+ const secret = ctx.context.secret;
478
+ if (secret && typeof ctx.setSignedCookie === "function") {
479
+ await ctx.setSignedCookie(name, value, secret, attributes);
480
+ return;
481
+ }
482
+ ctx.setCookie(name, value, attributes);
483
+ }
484
+ function parseJsonSafely(value) {
485
+ try {
486
+ return JSON.parse(value);
487
+ } catch {
488
+ return null;
489
+ }
490
+ }
491
+ function getIsSecureCookie(config) {
492
+ if (config?.isSecure !== void 0) {
493
+ return config.isSecure;
494
+ }
495
+ return isProductionRuntime();
496
+ }
497
+ function createCookieGetter(options) {
498
+ const baseURLString = typeof options.baseURL === "string" ? options.baseURL : void 0;
499
+ const dynamicProtocol = typeof options.baseURL === "object" && options.baseURL !== null ? options.baseURL.protocol : void 0;
500
+ const secure = options.advanced?.useSecureCookies !== void 0 ? options.advanced.useSecureCookies : dynamicProtocol === "https" ? true : dynamicProtocol === "http" ? false : baseURLString ? baseURLString.startsWith("https://") : isProductionRuntime();
501
+ const secureCookiePrefix = secure ? SECURE_COOKIE_PREFIX : "";
502
+ const crossSubdomainEnabled = !!options.advanced?.crossSubDomainCookies?.enabled;
503
+ const domain = crossSubdomainEnabled ? options.advanced?.crossSubDomainCookies?.domain || (baseURLString ? new URL(baseURLString).hostname : void 0) : void 0;
504
+ if (crossSubdomainEnabled && !domain && !isDynamicBaseURLConfig(options.baseURL)) {
505
+ throw createError("baseURL is required when `crossSubDomainCookies.enabled` is true.");
506
+ }
507
+ function createCookie(cookieName, overrideAttributes = {}) {
508
+ const prefix = options.advanced?.cookiePrefix || DEFAULT_COOKIE_PREFIX;
509
+ const name = options.advanced?.cookies?.[cookieName]?.name || `${prefix}.${cookieName}`;
510
+ const attributes = options.advanced?.cookies?.[cookieName]?.attributes || {};
511
+ return {
512
+ name: `${secureCookiePrefix}${name}`,
513
+ attributes: {
514
+ secure: !!secureCookiePrefix,
515
+ sameSite: "lax",
516
+ path: "/",
517
+ httpOnly: true,
518
+ ...crossSubdomainEnabled ? { domain } : {},
519
+ ...options.advanced?.defaultCookieAttributes,
520
+ ...overrideAttributes,
521
+ ...attributes
522
+ }
523
+ };
524
+ }
525
+ return createCookie;
526
+ }
527
+ function getCookies(options) {
528
+ const createCookie = createCookieGetter(options);
529
+ const sessionToken = createCookie("session_token", { maxAge: options.session?.expiresIn || DEFAULT_SESSION_MAX_AGE });
530
+ const sessionData = createCookie("session_data", { maxAge: options.session?.cookieCache?.maxAge || DEFAULT_CACHE_MAX_AGE });
531
+ const accountData = createCookie("account_data", { maxAge: options.session?.cookieCache?.maxAge || DEFAULT_CACHE_MAX_AGE });
532
+ const dontRememberToken = createCookie("dont_remember");
533
+ return {
534
+ sessionToken: {
535
+ name: sessionToken.name,
536
+ attributes: sessionToken.attributes
537
+ },
538
+ sessionData: {
539
+ name: sessionData.name,
540
+ attributes: sessionData.attributes
541
+ },
542
+ dontRememberToken: {
543
+ name: dontRememberToken.name,
544
+ attributes: dontRememberToken.attributes
545
+ },
546
+ accountData: {
547
+ name: accountData.name,
548
+ attributes: accountData.attributes
549
+ }
550
+ };
551
+ }
552
+ async function setCookieCache(ctx, session, dontRememberMe) {
553
+ const cookieCacheConfig = ctx.context.options?.session?.cookieCache;
554
+ if (!cookieCacheConfig?.enabled) {
555
+ return;
556
+ }
557
+ const version = await resolveCookieVersion(
558
+ cookieCacheConfig.version,
559
+ session.session,
560
+ session.user
561
+ );
562
+ const sessionData = {
563
+ session: session.session,
564
+ user: session.user,
565
+ updatedAt: Date.now(),
566
+ version
567
+ };
568
+ const baseAttributes = ctx.context.authCookies.sessionData.attributes;
569
+ const maxAge = dontRememberMe ? void 0 : baseAttributes.maxAge;
570
+ const options = {
571
+ ...baseAttributes,
572
+ maxAge
573
+ };
574
+ const expiresAt = Date.now() + (options.maxAge || 60) * 1e3;
575
+ const strategy = cookieCacheConfig.strategy || "compact";
576
+ const secret = getSecretOrThrow(ctx.context.secret);
577
+ let encoded;
578
+ if (strategy === "jwt") {
579
+ encoded = await signJwtHS256(sessionData, secret, options.maxAge || DEFAULT_CACHE_MAX_AGE);
580
+ } else if (strategy === "jwe") {
581
+ throw createError("`jwe` strategy is not supported by the SDK cookie helper.");
582
+ } else {
583
+ const signature = await signHmacBase64Url(
584
+ secret,
585
+ JSON.stringify({
586
+ ...sessionData,
587
+ expiresAt
588
+ })
589
+ );
590
+ encoded = encodeStringToBase64Url(
591
+ JSON.stringify({
592
+ session: sessionData,
593
+ expiresAt,
594
+ signature
595
+ })
596
+ );
597
+ }
598
+ if (encoded.length > 4093) {
599
+ const store = createSessionStore(ctx.context.authCookies.sessionData.name, options, ctx);
600
+ const cookies = store.chunk(encoded, options);
601
+ store.setCookies(cookies);
602
+ } else {
603
+ const store = createSessionStore(ctx.context.authCookies.sessionData.name, options, ctx);
604
+ if (store.hasChunks()) {
605
+ store.setCookies(store.clean());
606
+ }
607
+ ctx.setCookie(ctx.context.authCookies.sessionData.name, encoded, options);
608
+ }
609
+ }
610
+ async function setSessionCookie(ctx, session, dontRememberMe, overrides) {
611
+ if (dontRememberMe === void 0 && typeof ctx.getSignedCookie === "function" && ctx.context.secret) {
612
+ const existingFlag = await ctx.getSignedCookie(ctx.context.authCookies.dontRememberToken.name, ctx.context.secret);
613
+ dontRememberMe = !!existingFlag;
614
+ }
615
+ const resolvedDontRememberMe = dontRememberMe ?? false;
616
+ const token = getSessionTokenFromPair(session);
617
+ const options = ctx.context.authCookies.sessionToken.attributes;
618
+ const maxAge = resolvedDontRememberMe ? void 0 : ctx.context.sessionConfig?.expiresIn;
619
+ await setCookieValue(ctx, ctx.context.authCookies.sessionToken.name, token, {
620
+ ...options,
621
+ maxAge,
622
+ ...overrides
623
+ });
624
+ if (resolvedDontRememberMe) {
625
+ await setCookieValue(
626
+ ctx,
627
+ ctx.context.authCookies.dontRememberToken.name,
628
+ "true",
629
+ ctx.context.authCookies.dontRememberToken.attributes
630
+ );
631
+ }
632
+ await setCookieCache(ctx, session, resolvedDontRememberMe);
633
+ ctx.context.setNewSession?.(session);
634
+ }
635
+ function expireCookie(ctx, cookie) {
636
+ ctx.setCookie(cookie.name, "", {
637
+ ...cookie.attributes,
638
+ maxAge: 0
639
+ });
640
+ }
641
+ function deleteSessionCookie(ctx, skipDontRememberMe) {
642
+ expireCookie(ctx, ctx.context.authCookies.sessionToken);
643
+ expireCookie(ctx, ctx.context.authCookies.sessionData);
644
+ if (ctx.context.options?.account?.storeAccountCookie) {
645
+ expireCookie(ctx, ctx.context.authCookies.accountData);
646
+ const accountStore = createAccountStore(
647
+ ctx.context.authCookies.accountData.name,
648
+ ctx.context.authCookies.accountData.attributes,
649
+ ctx
650
+ );
651
+ accountStore.setCookies(accountStore.clean());
652
+ }
653
+ const sessionStore = createSessionStore(
654
+ ctx.context.authCookies.sessionData.name,
655
+ ctx.context.authCookies.sessionData.attributes,
656
+ ctx
657
+ );
658
+ sessionStore.setCookies(sessionStore.clean());
659
+ if (!skipDontRememberMe) {
660
+ expireCookie(ctx, ctx.context.authCookies.dontRememberToken);
661
+ }
662
+ }
141
663
  var getSessionCookie = (request, config) => {
142
664
  const cookies = (request instanceof Headers || !("headers" in request) ? request : request.headers).get("cookie");
143
665
  if (!cookies) {
144
666
  return null;
145
667
  }
146
- const { cookieName = "session_token", cookiePrefix = "athena-auth" } = {};
668
+ const { cookieName = "session_token", cookiePrefix = "athena-auth" } = config || {};
147
669
  const parsedCookie = parseCookies(cookies);
148
670
  const getCookie = (name) => parsedCookie.get(name) || parsedCookie.get(`${SECURE_COOKIE_PREFIX}${name}`);
149
- const sessionToken = getCookie(`${cookiePrefix}.${cookieName}`) || getCookie(`${cookiePrefix}-${cookieName}`);
150
- if (sessionToken) {
151
- return sessionToken;
671
+ const candidateCookieNames = Array.from(/* @__PURE__ */ new Set([
672
+ cookieName,
673
+ cookieName.replace(/_/g, "-"),
674
+ cookieName.replace(/-/g, "_")
675
+ ])).filter(Boolean);
676
+ for (const candidateName of candidateCookieNames) {
677
+ const sessionToken = getCookie(`${cookiePrefix}.${candidateName}`) || getCookie(`${cookiePrefix}-${candidateName}`);
678
+ if (sessionToken) {
679
+ return sessionToken;
680
+ }
152
681
  }
153
682
  return null;
154
683
  };
684
+ var getCookieCache = async (request, config) => {
685
+ const headers = request instanceof Headers || !("headers" in request) ? request : request.headers;
686
+ const cookieHeader = headers.get("cookie");
687
+ if (!cookieHeader) {
688
+ return null;
689
+ }
690
+ const parsedCookie = parseCookies(cookieHeader);
691
+ const cookieName = config?.cookieName || "session_data";
692
+ const requestedPrefix = config?.cookiePrefix || DEFAULT_COOKIE_PREFIX;
693
+ const strategy = config?.strategy || "compact";
694
+ const cookiePrefixes = resolveCookiePrefixes(requestedPrefix);
695
+ const isSecure = getIsSecureCookie(config);
696
+ const secret = getSecretOrThrow(config?.secret);
697
+ let sessionData;
698
+ for (const prefix of cookiePrefixes) {
699
+ const candidate = getSessionCookieCacheName(prefix, cookieName, isSecure);
700
+ const cookieValue = parsedCookie.get(candidate);
701
+ if (cookieValue) {
702
+ sessionData = cookieValue;
703
+ break;
704
+ }
705
+ }
706
+ if (!sessionData) {
707
+ const reconstructedChunks = [];
708
+ for (const prefix of cookiePrefixes) {
709
+ const candidate = getSessionCookieCacheName(prefix, cookieName, isSecure);
710
+ for (const [name, value] of parsedCookie.entries()) {
711
+ if (!name.startsWith(`${candidate}.`)) {
712
+ continue;
713
+ }
714
+ const parts = name.split(".");
715
+ const indexStr = parts[parts.length - 1];
716
+ const index = parseInt(indexStr || "0", 10);
717
+ if (!Number.isNaN(index)) {
718
+ reconstructedChunks.push({ index, value });
719
+ }
720
+ }
721
+ if (reconstructedChunks.length > 0) {
722
+ break;
723
+ }
724
+ }
725
+ if (reconstructedChunks.length > 0) {
726
+ reconstructedChunks.sort((left, right) => left.index - right.index);
727
+ sessionData = reconstructedChunks.map((chunk) => chunk.value).join("");
728
+ }
729
+ }
730
+ if (!sessionData) {
731
+ return null;
732
+ }
733
+ if (strategy === "jwe") {
734
+ throw createError(
735
+ "`jwe` strategy is not supported by the SDK cookie helper. Use compact/jwt or pass cookie data through the auth server."
736
+ );
737
+ }
738
+ if (strategy === "jwt") {
739
+ const payload = await verifyJwtHS256(sessionData, secret);
740
+ if (!payload) {
741
+ return null;
742
+ }
743
+ const sessionRecord = asObject(payload.session);
744
+ const userRecord = asObject(payload.user);
745
+ const updatedAt = payload.updatedAt;
746
+ if (!sessionRecord || !userRecord || typeof updatedAt !== "number") {
747
+ return null;
748
+ }
749
+ if (config?.version) {
750
+ const cookieVersion = typeof payload.version === "string" ? payload.version : "1";
751
+ const expectedVersion = typeof config.version === "string" ? config.version : await config.version(sessionRecord, userRecord);
752
+ if (cookieVersion !== expectedVersion) {
753
+ return null;
754
+ }
755
+ }
756
+ return {
757
+ session: sessionRecord,
758
+ user: userRecord,
759
+ updatedAt,
760
+ version: typeof payload.version === "string" ? payload.version : void 0
761
+ };
762
+ }
763
+ const compactPayload = parseJsonSafely(decodeBase64UrlToString(sessionData));
764
+ if (!compactPayload) {
765
+ return null;
766
+ }
767
+ const expectedSignature = await signHmacBase64Url(
768
+ secret,
769
+ JSON.stringify({
770
+ ...compactPayload.session,
771
+ expiresAt: compactPayload.expiresAt
772
+ })
773
+ );
774
+ if (expectedSignature !== compactPayload.signature) {
775
+ return null;
776
+ }
777
+ if (compactPayload.expiresAt <= Date.now()) {
778
+ return null;
779
+ }
780
+ const resolvedSession = compactPayload.session;
781
+ if (config?.version) {
782
+ const cookieVersion = resolvedSession.version || "1";
783
+ const expectedVersion = typeof config.version === "string" ? config.version : await config.version(resolvedSession.session, resolvedSession.user);
784
+ if (cookieVersion !== expectedVersion) {
785
+ return null;
786
+ }
787
+ }
788
+ const sessionObject = asObject(resolvedSession.session);
789
+ const userObject = asObject(resolvedSession.user);
790
+ if (!sessionObject || !userObject) {
791
+ return null;
792
+ }
793
+ return {
794
+ session: sessionObject,
795
+ user: userObject,
796
+ updatedAt: resolvedSession.updatedAt,
797
+ version: resolvedSession.version
798
+ };
799
+ };
155
800
 
156
801
  // package.json
157
802
  var package_default = {
158
- version: "2.4.1"
803
+ version: "2.7.0"
159
804
  };
160
805
 
161
806
  // src/sdk-version.ts
@@ -2692,42 +3337,1450 @@ async function withRetry(config, fn) {
2692
3337
  if (!retry) {
2693
3338
  throw error;
2694
3339
  }
2695
- const delay = computeDelayMs(currentAttempt, error, resolvedConfig);
2696
- await sleep(delay);
3340
+ const delay = computeDelayMs(currentAttempt, error, resolvedConfig);
3341
+ await sleep(delay);
3342
+ }
3343
+ }
3344
+ throw new Error("withRetry reached an unexpected state");
3345
+ }
3346
+
3347
+ // src/db/module.ts
3348
+ function createDbModule(input) {
3349
+ const db = {
3350
+ from(table, options) {
3351
+ return input.from(table, options);
3352
+ },
3353
+ select(table, columns, options) {
3354
+ return input.from(table).select(columns, options);
3355
+ },
3356
+ insert(table, values, options) {
3357
+ return Array.isArray(values) ? input.from(table).insert(values, options) : input.from(table).insert(values, options);
3358
+ },
3359
+ upsert(table, values, options) {
3360
+ return Array.isArray(values) ? input.from(table).upsert(values, options) : input.from(table).upsert(values, options);
3361
+ },
3362
+ update(table, values, options) {
3363
+ return input.from(table).update(values, options);
3364
+ },
3365
+ delete(table, options) {
3366
+ return input.from(table).delete(options);
3367
+ },
3368
+ rpc(fn, args, options) {
3369
+ return input.rpc(fn, args, options);
3370
+ },
3371
+ query(query, options) {
3372
+ return input.query(query, options);
3373
+ }
3374
+ };
3375
+ return db;
3376
+ }
3377
+
3378
+ // src/storage/file.ts
3379
+ function createStorageFileModule(base, config = {}) {
3380
+ const upload = async (input, options) => {
3381
+ const sources = normalizeUploadSources(input);
3382
+ validateUploadConstraints(sources, input);
3383
+ const uploadRequests = sources.map((source, index) => {
3384
+ const storageKey = resolveUploadStorageKey(input, source, index, options, config);
3385
+ return {
3386
+ source,
3387
+ uploadRequest: {
3388
+ s3_id: input.s3_id,
3389
+ bucket: input.bucket,
3390
+ storage_key: storageKey,
3391
+ name: input.name ?? source.fileName,
3392
+ original_name: input.original_name ?? source.fileName,
3393
+ resource_id: input.resource_id ?? input.resourceId,
3394
+ mime_type: input.mime_type ?? source.contentType,
3395
+ content_type: input.content_type ?? source.contentType,
3396
+ size_bytes: source.sizeBytes,
3397
+ public: input.public,
3398
+ metadata: input.metadata
3399
+ }
3400
+ };
3401
+ });
3402
+ input.onProgress?.(createProgressSnapshot("preparing", sources, 0, 0, 0));
3403
+ const uploadUrls = uploadRequests.length === 1 ? [await base.createStorageUploadUrl(uploadRequests[0].uploadRequest, options)] : (await base.createStorageUploadUrls({ files: uploadRequests.map((request) => request.uploadRequest) }, options)).files;
3404
+ const aggregateLoaded = new Array(uploadRequests.length).fill(0);
3405
+ const uploaded = [];
3406
+ for (let index = 0; index < uploadRequests.length; index += 1) {
3407
+ const request = uploadRequests[index];
3408
+ const uploadUrl = uploadUrls[index];
3409
+ const response = await putUploadBody(uploadUrl.upload.url, request.source, input, options, (progress) => {
3410
+ aggregateLoaded[index] = progress.loaded;
3411
+ input.onProgress?.(createProgressSnapshot("uploading", sources, index, progress.loaded, sum(aggregateLoaded)));
3412
+ });
3413
+ uploaded.push({
3414
+ file: uploadUrl.file,
3415
+ upload: uploadUrl.upload,
3416
+ source: request.source.source,
3417
+ fileName: request.source.fileName,
3418
+ storage_key: request.uploadRequest.storage_key,
3419
+ response
3420
+ });
3421
+ aggregateLoaded[index] = request.source.sizeBytes;
3422
+ input.onProgress?.(createProgressSnapshot("complete", sources, index, request.source.sizeBytes, sum(aggregateLoaded)));
3423
+ }
3424
+ return {
3425
+ files: uploaded,
3426
+ count: uploaded.length
3427
+ };
3428
+ };
3429
+ const download = ((input, queryOrOptions, maybeOptions) => {
3430
+ const { fileIds, query, options } = normalizeDownloadArgs(input, queryOrOptions, maybeOptions);
3431
+ const downloads = fileIds.map((fileId) => base.getStorageFileProxy(fileId, query, options));
3432
+ return Array.isArray(input) || isRecord5(input) && Array.isArray(input.fileIds) ? Promise.all(downloads) : downloads[0];
3433
+ });
3434
+ const deleteFile = ((input, options) => {
3435
+ if (Array.isArray(input)) {
3436
+ return Promise.all(input.map((fileId) => base.deleteStorageFile(fileId, options)));
3437
+ }
3438
+ return base.deleteStorageFile(input, options);
3439
+ });
3440
+ return {
3441
+ upload,
3442
+ download,
3443
+ list(input, options) {
3444
+ const prefix = resolveStoragePath(input.prefix ?? "", input, options, config);
3445
+ return base.listStorageFiles(
3446
+ {
3447
+ s3_id: input.s3_id,
3448
+ prefix
3449
+ },
3450
+ options
3451
+ );
3452
+ },
3453
+ delete: deleteFile
3454
+ };
3455
+ }
3456
+ function resolveStoragePath(path, input, options, config = {}) {
3457
+ const context = createPathContext(input, options, config);
3458
+ const prefixPath = input.prefixPath ?? config.prefixPath;
3459
+ const prefix = typeof prefixPath === "function" ? prefixPath(context) : prefixPath;
3460
+ return joinStoragePath(renderStorageTemplate(prefix ?? "", context), renderStorageTemplate(path, context));
3461
+ }
3462
+ function resolveUploadStorageKey(input, source, index, options, config) {
3463
+ const explicitKey = input.storage_key ?? input.storageKey;
3464
+ const keyTemplate = input.storageKeyTemplate;
3465
+ const fallbackName = source.fileName;
3466
+ const context = createPathContext(input, options, config);
3467
+ const key = keyTemplate ? renderStorageTemplate(keyTemplate, {
3468
+ ...context,
3469
+ vars: {
3470
+ ...context.vars,
3471
+ index,
3472
+ fileName: source.fileName,
3473
+ name: source.fileName
3474
+ }
3475
+ }) : explicitKey ?? fallbackName;
3476
+ return resolveStoragePath(key, input, options, config);
3477
+ }
3478
+ function normalizeUploadSources(input) {
3479
+ const files = toArray(input.files);
3480
+ if (files.length === 0) {
3481
+ throw new Error("athena.storage.file.upload requires at least one file");
3482
+ }
3483
+ return files.map((source, index) => {
3484
+ const fileName = input.fileName ?? sourceName(source) ?? `file-${index + 1}`;
3485
+ const sizeBytes = sourceSize(source);
3486
+ const contentType = input.content_type ?? input.mime_type ?? sourceContentType(source);
3487
+ return {
3488
+ source,
3489
+ fileName,
3490
+ sizeBytes,
3491
+ contentType
3492
+ };
3493
+ });
3494
+ }
3495
+ function validateUploadConstraints(sources, input) {
3496
+ const maxFiles = input.maxFiles ?? 1;
3497
+ if (sources.length > maxFiles) {
3498
+ throw new Error(`athena.storage.file.upload accepts at most ${maxFiles} file${maxFiles === 1 ? "" : "s"} for this call`);
3499
+ }
3500
+ const maxFileSizeBytes = input.maxFileSizeBytes ?? (input.maxFileSizeMb === void 0 ? void 0 : Math.floor(input.maxFileSizeMb * 1024 * 1024));
3501
+ if (maxFileSizeBytes !== void 0) {
3502
+ const tooLarge = sources.find((source) => source.sizeBytes > maxFileSizeBytes);
3503
+ if (tooLarge) {
3504
+ throw new Error(`athena.storage.file.upload rejected ${tooLarge.fileName}: file exceeds ${maxFileSizeBytes} bytes`);
3505
+ }
3506
+ }
3507
+ const allowedExtensions = normalizeExtensions(input.allowedExtensions ?? input.extensions);
3508
+ if (allowedExtensions.size > 0) {
3509
+ const invalid = sources.find((source) => !allowedExtensions.has(fileExtension(source.fileName)));
3510
+ if (invalid) {
3511
+ throw new Error(`athena.storage.file.upload rejected ${invalid.fileName}: extension is not allowed`);
3512
+ }
3513
+ }
3514
+ }
3515
+ async function putUploadBody(url, source, input, options, onProgress) {
3516
+ const headers = new Headers(input.uploadHeaders);
3517
+ if (source.contentType && !headers.has("Content-Type")) {
3518
+ headers.set("Content-Type", source.contentType);
3519
+ }
3520
+ if (typeof XMLHttpRequest !== "undefined") {
3521
+ return putUploadBodyWithXhr(url, source, headers, options, onProgress);
3522
+ }
3523
+ onProgress({ loaded: 0 });
3524
+ const response = await fetch(url, {
3525
+ method: "PUT",
3526
+ headers,
3527
+ body: source.source,
3528
+ signal: options?.signal
3529
+ });
3530
+ if (!response.ok) {
3531
+ throw new Error(`athena.storage.file.upload failed with status ${response.status}`);
3532
+ }
3533
+ onProgress({ loaded: source.sizeBytes });
3534
+ return response;
3535
+ }
3536
+ function putUploadBodyWithXhr(url, source, headers, options, onProgress) {
3537
+ const Xhr = XMLHttpRequest;
3538
+ if (Xhr === void 0) {
3539
+ return Promise.reject(new Error("athena.storage.file.upload requires XMLHttpRequest in this runtime"));
3540
+ }
3541
+ return new Promise((resolve, reject) => {
3542
+ const xhr = new Xhr();
3543
+ const abort = () => xhr.abort();
3544
+ xhr.open("PUT", url);
3545
+ headers.forEach((value, key) => xhr.setRequestHeader(key, value));
3546
+ xhr.upload.onprogress = (event) => {
3547
+ onProgress({ loaded: event.loaded });
3548
+ };
3549
+ xhr.onload = () => {
3550
+ if (options?.signal) {
3551
+ options.signal.removeEventListener("abort", abort);
3552
+ }
3553
+ if (xhr.status < 200 || xhr.status >= 300) {
3554
+ reject(new Error(`athena.storage.file.upload failed with status ${xhr.status}`));
3555
+ return;
3556
+ }
3557
+ onProgress({ loaded: source.sizeBytes });
3558
+ resolve(new Response(xhr.response, {
3559
+ status: xhr.status,
3560
+ statusText: xhr.statusText,
3561
+ headers: parseXhrHeaders(xhr.getAllResponseHeaders())
3562
+ }));
3563
+ };
3564
+ xhr.onerror = () => {
3565
+ if (options?.signal) {
3566
+ options.signal.removeEventListener("abort", abort);
3567
+ }
3568
+ reject(new Error("athena.storage.file.upload failed with a network error"));
3569
+ };
3570
+ xhr.onabort = () => {
3571
+ if (options?.signal) {
3572
+ options.signal.removeEventListener("abort", abort);
3573
+ }
3574
+ reject(new DOMException("Upload aborted", "AbortError"));
3575
+ };
3576
+ if (options?.signal) {
3577
+ if (options.signal.aborted) {
3578
+ abort();
3579
+ return;
3580
+ }
3581
+ options.signal.addEventListener("abort", abort, { once: true });
3582
+ }
3583
+ xhr.send(source.source);
3584
+ });
3585
+ }
3586
+ function normalizeDownloadArgs(input, queryOrOptions, maybeOptions) {
3587
+ if (typeof input === "string") {
3588
+ return { fileIds: [input], query: queryOrOptions, options: maybeOptions };
3589
+ }
3590
+ if (Array.isArray(input)) {
3591
+ return { fileIds: [...input], query: queryOrOptions, options: maybeOptions };
3592
+ }
3593
+ const downloadInput = input;
3594
+ const { fileId, fileIds, ...query } = downloadInput;
3595
+ return {
3596
+ fileIds: fileIds ? [...fileIds] : fileId ? [fileId] : [],
3597
+ query,
3598
+ options: queryOrOptions
3599
+ };
3600
+ }
3601
+ function createPathContext(input, options, config) {
3602
+ const organizationId = input.organizationId ?? input.organization_id ?? options?.organizationId ?? void 0;
3603
+ const userId = input.userId ?? input.user_id ?? options?.userId ?? void 0;
3604
+ const resourceId = input.resourceId ?? input.resource_id ?? void 0;
3605
+ const vars = {
3606
+ ...config.vars ?? {},
3607
+ ...input.vars ?? {}
3608
+ };
3609
+ if (organizationId !== void 0) {
3610
+ vars.organizationId = organizationId;
3611
+ vars.organization_id = organizationId;
3612
+ }
3613
+ if (userId !== void 0) {
3614
+ vars.userId = userId;
3615
+ vars.user_id = userId;
3616
+ }
3617
+ if (resourceId !== void 0) {
3618
+ vars.resourceId = resourceId;
3619
+ vars.resource_id = resourceId;
3620
+ }
3621
+ return {
3622
+ vars,
3623
+ env: {
3624
+ ...readProcessEnv(),
3625
+ ...config.env ?? {},
3626
+ ...input.env ?? {}
3627
+ },
3628
+ organizationId,
3629
+ organization_id: organizationId,
3630
+ userId,
3631
+ user_id: userId,
3632
+ resourceId,
3633
+ resource_id: resourceId
3634
+ };
3635
+ }
3636
+ function renderStorageTemplate(template, context) {
3637
+ return template.replace(/\$\{([^}]+)\}|\{([^}]+)\}/g, (_match, shellToken, braceToken) => {
3638
+ const token = (shellToken ?? braceToken ?? "").trim();
3639
+ if (!token) return "";
3640
+ const value = resolveTemplateToken(token, context);
3641
+ return value === void 0 || value === null ? "" : String(value);
3642
+ });
3643
+ }
3644
+ function resolveTemplateToken(token, context) {
3645
+ if (token.startsWith("env.")) {
3646
+ return context.env[token.slice(4)];
3647
+ }
3648
+ if (token in context.vars) {
3649
+ return context.vars[token];
3650
+ }
3651
+ return context.env[token];
3652
+ }
3653
+ function joinStoragePath(...parts) {
3654
+ return parts.map((part) => part.trim().replace(/^\/+|\/+$/g, "")).filter(Boolean).join("/");
3655
+ }
3656
+ function toArray(files) {
3657
+ if (isUploadSource(files)) return [files];
3658
+ return Array.from(files);
3659
+ }
3660
+ function isUploadSource(value) {
3661
+ return value instanceof Blob || value instanceof ArrayBuffer || value instanceof Uint8Array;
3662
+ }
3663
+ function sourceName(source) {
3664
+ return isRecord5(source) && typeof source.name === "string" && source.name.trim() ? source.name.trim() : void 0;
3665
+ }
3666
+ function sourceSize(source) {
3667
+ if (source instanceof Blob) return source.size;
3668
+ return source.byteLength;
3669
+ }
3670
+ function sourceContentType(source) {
3671
+ return source instanceof Blob && source.type.trim() ? source.type.trim() : void 0;
3672
+ }
3673
+ function normalizeExtensions(extensions) {
3674
+ return new Set((extensions ?? []).map((extension) => extension.replace(/^\./, "").toLowerCase()).filter(Boolean));
3675
+ }
3676
+ function fileExtension(fileName) {
3677
+ const lastDot = fileName.lastIndexOf(".");
3678
+ return lastDot === -1 ? "" : fileName.slice(lastDot + 1).toLowerCase();
3679
+ }
3680
+ function createProgressSnapshot(phase, sources, fileIndex, loaded, aggregateLoaded) {
3681
+ const total = sources[fileIndex]?.sizeBytes ?? 0;
3682
+ const aggregateTotal = sources.reduce((totalBytes, source) => totalBytes + source.sizeBytes, 0);
3683
+ return {
3684
+ phase,
3685
+ fileIndex,
3686
+ fileCount: sources.length,
3687
+ fileName: sources[fileIndex]?.fileName ?? "",
3688
+ loaded,
3689
+ total,
3690
+ percent: total > 0 ? Math.round(loaded / total * 100) : 100,
3691
+ aggregateLoaded,
3692
+ aggregateTotal,
3693
+ aggregatePercent: aggregateTotal > 0 ? Math.round(aggregateLoaded / aggregateTotal * 100) : 100
3694
+ };
3695
+ }
3696
+ function sum(values) {
3697
+ return values.reduce((total, value) => total + value, 0);
3698
+ }
3699
+ function parseXhrHeaders(raw) {
3700
+ const headers = new Headers();
3701
+ for (const line of raw.trim().split(/[\r\n]+/)) {
3702
+ const index = line.indexOf(":");
3703
+ if (index === -1) continue;
3704
+ headers.set(line.slice(0, index).trim(), line.slice(index + 1).trim());
3705
+ }
3706
+ return headers;
3707
+ }
3708
+ function readProcessEnv() {
3709
+ const processLike = globalThis.process;
3710
+ return processLike?.env ?? {};
3711
+ }
3712
+ function isRecord5(value) {
3713
+ return Boolean(value) && typeof value === "object";
3714
+ }
3715
+
3716
+ // src/storage/module.ts
3717
+ var storageSdkManifest = {
3718
+ namespace: "storage",
3719
+ basePath: "/storage",
3720
+ envelopeKinds: {
3721
+ raw: "response body is the payload",
3722
+ athena: "response body is { status, message, data }"
3723
+ },
3724
+ methods: [
3725
+ {
3726
+ name: "listStorageCatalogs",
3727
+ method: "GET",
3728
+ path: "/storage/catalogs",
3729
+ responseEnvelope: "raw",
3730
+ responseType: "{ data: S3CatalogItem[] }"
3731
+ },
3732
+ {
3733
+ name: "createStorageCatalog",
3734
+ method: "POST",
3735
+ path: "/storage/catalogs",
3736
+ requestType: "CreateStorageCatalogRequest",
3737
+ responseEnvelope: "raw",
3738
+ responseType: "S3CatalogItem"
3739
+ },
3740
+ {
3741
+ name: "updateStorageCatalog",
3742
+ method: "PATCH",
3743
+ path: "/storage/catalogs/{id}",
3744
+ pathParams: ["id"],
3745
+ requestType: "UpdateStorageCatalogRequest",
3746
+ responseEnvelope: "raw",
3747
+ responseType: "S3CatalogItem"
3748
+ },
3749
+ {
3750
+ name: "deleteStorageCatalog",
3751
+ method: "DELETE",
3752
+ path: "/storage/catalogs/{id}",
3753
+ pathParams: ["id"],
3754
+ responseEnvelope: "raw",
3755
+ responseType: "{ id: string; deleted: boolean }"
3756
+ },
3757
+ {
3758
+ name: "listStorageCredentials",
3759
+ method: "GET",
3760
+ path: "/storage/credentials",
3761
+ responseEnvelope: "raw",
3762
+ responseType: "{ data: S3CredentialListItem[] }"
3763
+ },
3764
+ {
3765
+ name: "createStorageUploadUrl",
3766
+ method: "POST",
3767
+ path: "/storage/files/upload-url",
3768
+ requestType: "CreateStorageUploadUrlRequest",
3769
+ responseEnvelope: "athena",
3770
+ responseType: "StorageUploadUrlResponse"
3771
+ },
3772
+ {
3773
+ name: "createStorageUploadUrls",
3774
+ method: "POST",
3775
+ path: "/storage/files/upload-urls",
3776
+ requestType: "CreateStorageUploadUrlsRequest",
3777
+ responseEnvelope: "athena",
3778
+ responseType: "StorageBatchUploadUrlResponse"
3779
+ },
3780
+ {
3781
+ name: "listStorageFiles",
3782
+ method: "POST",
3783
+ path: "/storage/files/list",
3784
+ requestType: "ListStorageFilesRequest",
3785
+ responseEnvelope: "athena",
3786
+ responseType: "StorageListFilesResponse"
3787
+ },
3788
+ {
3789
+ name: "getStorageFile",
3790
+ method: "GET",
3791
+ path: "/storage/files/{file_id}",
3792
+ pathParams: ["file_id"],
3793
+ responseEnvelope: "athena",
3794
+ responseType: "StorageFileMutationResponse"
3795
+ },
3796
+ {
3797
+ name: "getStorageFileUrl",
3798
+ method: "GET",
3799
+ path: "/storage/files/{file_id}/url",
3800
+ pathParams: ["file_id"],
3801
+ queryParams: ["purpose"],
3802
+ responseEnvelope: "athena",
3803
+ responseType: "PresignedFileUrlResponse"
3804
+ },
3805
+ {
3806
+ name: "getStorageFileProxy",
3807
+ method: "GET",
3808
+ path: "/storage/files/{file_id}/proxy",
3809
+ pathParams: ["file_id"],
3810
+ queryParams: ["purpose"],
3811
+ responseEnvelope: "raw",
3812
+ responseType: "Response",
3813
+ binary: true
3814
+ },
3815
+ {
3816
+ name: "updateStorageFile",
3817
+ method: "PATCH",
3818
+ path: "/storage/files/{file_id}",
3819
+ pathParams: ["file_id"],
3820
+ requestType: "UpdateStorageFileRequest",
3821
+ responseEnvelope: "athena",
3822
+ responseType: "StorageFileMutationResponse"
3823
+ },
3824
+ {
3825
+ name: "deleteStorageFile",
3826
+ method: "DELETE",
3827
+ path: "/storage/files/{file_id}",
3828
+ pathParams: ["file_id"],
3829
+ responseEnvelope: "athena",
3830
+ responseType: "StorageFileMutationResponse"
3831
+ },
3832
+ {
3833
+ name: "setStorageFileVisibility",
3834
+ method: "PATCH",
3835
+ path: "/storage/files/{file_id}/visibility",
3836
+ pathParams: ["file_id"],
3837
+ requestType: "SetStorageFileVisibilityRequest",
3838
+ responseEnvelope: "athena",
3839
+ responseType: "StorageFileMutationResponse"
3840
+ },
3841
+ {
3842
+ name: "deleteStorageFolder",
3843
+ method: "POST",
3844
+ path: "/storage/folders/delete",
3845
+ requestType: "DeleteStorageFolderRequest",
3846
+ responseEnvelope: "athena",
3847
+ responseType: "StorageFolderMutationResponse"
3848
+ },
3849
+ {
3850
+ name: "moveStorageFolder",
3851
+ method: "POST",
3852
+ path: "/storage/folders/move",
3853
+ requestType: "MoveStorageFolderRequest",
3854
+ responseEnvelope: "athena",
3855
+ responseType: "StorageFolderMutationResponse"
3856
+ }
3857
+ ]
3858
+ };
3859
+ var AthenaStorageErrorCode = {
3860
+ InvalidUrl: "INVALID_URL",
3861
+ NetworkError: "NETWORK_ERROR",
3862
+ HttpError: "HTTP_ERROR",
3863
+ InvalidJson: "INVALID_JSON",
3864
+ InvalidAthenaEnvelope: "INVALID_ATHENA_ENVELOPE",
3865
+ UnknownError: "UNKNOWN_ERROR"
3866
+ };
3867
+ var AthenaStorageError = class extends Error {
3868
+ code;
3869
+ athenaCode;
3870
+ kind;
3871
+ category;
3872
+ retryable;
3873
+ status;
3874
+ endpoint;
3875
+ method;
3876
+ requestId;
3877
+ hint;
3878
+ causeDetail;
3879
+ raw;
3880
+ normalized;
3881
+ __athenaNormalizedError;
3882
+ constructor(input) {
3883
+ super(input.message, { cause: input.cause });
3884
+ this.name = "AthenaStorageError";
3885
+ this.code = input.code;
3886
+ this.status = input.status;
3887
+ this.endpoint = input.endpoint;
3888
+ this.method = input.method;
3889
+ this.requestId = input.requestId;
3890
+ this.hint = input.hint;
3891
+ this.causeDetail = causeToString(input.cause);
3892
+ this.raw = input.raw ?? null;
3893
+ this.normalized = normalizeStorageErrorInput(input);
3894
+ this.__athenaNormalizedError = this.normalized;
3895
+ this.athenaCode = this.normalized.code;
3896
+ this.kind = this.normalized.kind;
3897
+ this.category = this.normalized.category;
3898
+ this.retryable = this.normalized.retryable;
3899
+ Object.defineProperty(this, "__athenaNormalizedError", {
3900
+ value: this.normalized,
3901
+ enumerable: false,
3902
+ configurable: false,
3903
+ writable: false
3904
+ });
3905
+ }
3906
+ toDetails() {
3907
+ return {
3908
+ code: this.code,
3909
+ athenaCode: this.athenaCode,
3910
+ kind: this.kind,
3911
+ category: this.category,
3912
+ retryable: this.retryable,
3913
+ message: this.message,
3914
+ status: this.status,
3915
+ endpoint: this.endpoint,
3916
+ method: this.method,
3917
+ requestId: this.requestId,
3918
+ hint: this.hint,
3919
+ cause: this.causeDetail,
3920
+ raw: this.raw
3921
+ };
3922
+ }
3923
+ };
3924
+ function isRecord6(value) {
3925
+ return Boolean(value) && typeof value === "object" && !Array.isArray(value);
3926
+ }
3927
+ function causeToString(cause) {
3928
+ if (cause === void 0 || cause === null) return void 0;
3929
+ if (typeof cause === "string") return cause;
3930
+ if (cause instanceof Error && cause.message.trim()) return cause.message.trim();
3931
+ try {
3932
+ return JSON.stringify(cause);
3933
+ } catch {
3934
+ return String(cause);
3935
+ }
3936
+ }
3937
+ function storageGatewayCode(code) {
3938
+ if (code === "INVALID_URL") return "INVALID_URL";
3939
+ if (code === "NETWORK_ERROR") return "NETWORK_ERROR";
3940
+ if (code === "INVALID_JSON" || code === "INVALID_ATHENA_ENVELOPE") return "INVALID_JSON";
3941
+ if (code === "HTTP_ERROR") return "HTTP_ERROR";
3942
+ return "UNKNOWN_ERROR";
3943
+ }
3944
+ function headerValue(headers, names) {
3945
+ for (const name of names) {
3946
+ const value = headers.get(name);
3947
+ if (value?.trim()) return value.trim();
3948
+ }
3949
+ return void 0;
3950
+ }
3951
+ function storageOperationFromEndpoint(endpoint, method) {
3952
+ const endpointPath = String(endpoint).split("?")[0];
3953
+ for (const candidate of storageSdkManifest.methods) {
3954
+ if (candidate.method !== method) continue;
3955
+ const pattern = `^${candidate.path.replace(/[.*+?^${}()|[\]\\]/g, "\\$&").replace(/\\\{[^/]+\\\}/g, "[^/]+")}$`;
3956
+ if (new RegExp(pattern).test(endpointPath)) {
3957
+ return candidate.name;
3958
+ }
3959
+ }
3960
+ return `storage:${method.toLowerCase()}`;
3961
+ }
3962
+ function normalizeStorageErrorInput(input) {
3963
+ return normalizeAthenaError(
3964
+ {
3965
+ data: null,
3966
+ error: {
3967
+ message: input.message,
3968
+ gatewayCode: storageGatewayCode(input.code),
3969
+ status: input.status,
3970
+ raw: input.raw ?? input.cause ?? null
3971
+ },
3972
+ errorDetails: {
3973
+ code: storageGatewayCode(input.code),
3974
+ message: input.message,
3975
+ status: input.status,
3976
+ endpoint: input.endpoint,
3977
+ method: input.method,
3978
+ requestId: input.requestId,
3979
+ hint: input.hint,
3980
+ cause: causeToString(input.cause)
3981
+ },
3982
+ raw: input.raw ?? input.cause ?? null,
3983
+ status: input.status
3984
+ },
3985
+ { operation: storageOperationFromEndpoint(input.endpoint, input.method) }
3986
+ );
3987
+ }
3988
+ function createAthenaStorageError(input) {
3989
+ return new AthenaStorageError(input);
3990
+ }
3991
+ async function notifyStorageError(error, options, runtimeOptions) {
3992
+ const handlers = [runtimeOptions?.onError, options?.onError].filter(
3993
+ (handler) => typeof handler === "function"
3994
+ );
3995
+ for (const handler of handlers) {
3996
+ try {
3997
+ await handler(error);
3998
+ } catch {
3999
+ }
4000
+ }
4001
+ }
4002
+ async function rejectStorageError(input, options, runtimeOptions) {
4003
+ const error = createAthenaStorageError(input);
4004
+ await notifyStorageError(error, options, runtimeOptions);
4005
+ throw error;
4006
+ }
4007
+ function parseResponseBody3(rawText, contentType) {
4008
+ if (!rawText) {
4009
+ return { parsed: null, parseFailed: false };
4010
+ }
4011
+ const contentTypeSuggestsJson = contentType?.toLowerCase().includes("application/json") ?? false;
4012
+ const looksJson = contentTypeSuggestsJson || rawText.startsWith("{") || rawText.startsWith("[");
4013
+ if (!looksJson) {
4014
+ return { parsed: rawText, parseFailed: false };
4015
+ }
4016
+ try {
4017
+ return { parsed: JSON.parse(rawText), parseFailed: false };
4018
+ } catch {
4019
+ return { parsed: rawText, parseFailed: true };
4020
+ }
4021
+ }
4022
+ function appendQuery(path, query) {
4023
+ if (!query) return path;
4024
+ const params = new URLSearchParams();
4025
+ for (const [key, value] of Object.entries(query)) {
4026
+ if (value === void 0 || value === null) continue;
4027
+ params.set(key, String(value));
4028
+ }
4029
+ const queryText = params.toString();
4030
+ return queryText ? `${path}?${queryText}` : path;
4031
+ }
4032
+ function storagePath(path) {
4033
+ return path;
4034
+ }
4035
+ function withPathParam(path, name, value) {
4036
+ return path.replace(`{${name}}`, encodeURIComponent(value));
4037
+ }
4038
+ function resolveErrorMessage3(payload, fallback) {
4039
+ if (isRecord6(payload)) {
4040
+ const message = payload.message ?? payload.error ?? payload.details;
4041
+ if (typeof message === "string" && message.trim()) {
4042
+ return message.trim();
4043
+ }
4044
+ }
4045
+ if (typeof payload === "string" && payload.trim()) {
4046
+ return payload.trim();
4047
+ }
4048
+ return fallback;
4049
+ }
4050
+ function resolveErrorHint2(payload) {
4051
+ if (!isRecord6(payload)) return void 0;
4052
+ const hint = payload.hint ?? payload.suggestion;
4053
+ return typeof hint === "string" && hint.trim() ? hint.trim() : void 0;
4054
+ }
4055
+ function resolveErrorCause(payload) {
4056
+ if (!isRecord6(payload)) return void 0;
4057
+ const cause = payload.cause ?? payload.reason;
4058
+ return typeof cause === "string" && cause.trim() ? cause.trim() : void 0;
4059
+ }
4060
+ function storageCodeFromUnknown(error) {
4061
+ if (isAthenaGatewayError(error)) {
4062
+ if (error.code === "INVALID_URL") return "INVALID_URL";
4063
+ if (error.code === "NETWORK_ERROR") return "NETWORK_ERROR";
4064
+ if (error.code === "INVALID_JSON") return "INVALID_JSON";
4065
+ if (error.code === "HTTP_ERROR") return "HTTP_ERROR";
4066
+ }
4067
+ return "UNKNOWN_ERROR";
4068
+ }
4069
+ async function callStorageEndpoint(gateway, endpoint, method, envelope, payload, options, runtimeOptions) {
4070
+ let url;
4071
+ let headers;
4072
+ try {
4073
+ const baseUrl = options?.baseUrl ? normalizeAthenaGatewayBaseUrl(options.baseUrl) : gateway.baseUrl;
4074
+ url = buildAthenaGatewayUrl(baseUrl, endpoint);
4075
+ headers = gateway.buildHeaders(options);
4076
+ } catch (error) {
4077
+ return rejectStorageError(
4078
+ {
4079
+ code: storageCodeFromUnknown(error),
4080
+ message: error instanceof Error ? error.message : `Athena storage ${method} ${endpoint} failed before sending the request`,
4081
+ status: isAthenaGatewayError(error) ? error.status : 0,
4082
+ endpoint,
4083
+ method,
4084
+ raw: error,
4085
+ requestId: isAthenaGatewayError(error) ? error.requestId : void 0,
4086
+ hint: isAthenaGatewayError(error) ? error.hint : void 0,
4087
+ cause: error
4088
+ },
4089
+ options,
4090
+ runtimeOptions
4091
+ );
4092
+ }
4093
+ const requestInit = {
4094
+ method,
4095
+ headers,
4096
+ signal: options?.signal
4097
+ };
4098
+ if (payload !== void 0 && method !== "GET") {
4099
+ requestInit.body = JSON.stringify(payload);
4100
+ }
4101
+ let response;
4102
+ try {
4103
+ response = await fetch(url, requestInit);
4104
+ } catch (error) {
4105
+ const message = error instanceof Error ? error.message : String(error);
4106
+ return rejectStorageError(
4107
+ {
4108
+ code: "NETWORK_ERROR",
4109
+ message: `Network error while calling Athena storage ${method} ${endpoint}: ${message}`,
4110
+ status: 0,
4111
+ endpoint,
4112
+ method,
4113
+ cause: error
4114
+ },
4115
+ options,
4116
+ runtimeOptions
4117
+ );
4118
+ }
4119
+ let rawText;
4120
+ try {
4121
+ rawText = await response.text();
4122
+ } catch (error) {
4123
+ return rejectStorageError(
4124
+ {
4125
+ code: "NETWORK_ERROR",
4126
+ message: `Athena storage ${method} ${endpoint} response body could not be read`,
4127
+ status: response.status,
4128
+ endpoint,
4129
+ method,
4130
+ requestId: headerValue(response.headers, ["x-athena-request-id", "x-request-id", "request-id"]),
4131
+ cause: error
4132
+ },
4133
+ options,
4134
+ runtimeOptions
4135
+ );
4136
+ }
4137
+ const parsedBody = parseResponseBody3(rawText ?? "", response.headers.get("content-type"));
4138
+ const requestId = headerValue(response.headers, ["x-athena-request-id", "x-request-id", "request-id"]);
4139
+ if (parsedBody.parseFailed) {
4140
+ return rejectStorageError(
4141
+ {
4142
+ code: "INVALID_JSON",
4143
+ message: `Athena storage ${method} ${endpoint} returned malformed JSON`,
4144
+ status: response.status,
4145
+ endpoint,
4146
+ method,
4147
+ requestId,
4148
+ raw: parsedBody.parsed
4149
+ },
4150
+ options,
4151
+ runtimeOptions
4152
+ );
4153
+ }
4154
+ if (!response.ok) {
4155
+ return rejectStorageError(
4156
+ {
4157
+ code: "HTTP_ERROR",
4158
+ message: resolveErrorMessage3(
4159
+ parsedBody.parsed,
4160
+ `Athena storage ${method} ${endpoint} failed with status ${response.status}`
4161
+ ),
4162
+ status: response.status,
4163
+ endpoint,
4164
+ method,
4165
+ requestId,
4166
+ hint: resolveErrorHint2(parsedBody.parsed),
4167
+ cause: resolveErrorCause(parsedBody.parsed),
4168
+ raw: parsedBody.parsed
4169
+ },
4170
+ options,
4171
+ runtimeOptions
4172
+ );
4173
+ }
4174
+ if (envelope === "athena") {
4175
+ if (!isRecord6(parsedBody.parsed) || !("data" in parsedBody.parsed)) {
4176
+ return rejectStorageError(
4177
+ {
4178
+ code: "INVALID_ATHENA_ENVELOPE",
4179
+ message: `Athena storage ${method} ${endpoint} returned an invalid Athena envelope`,
4180
+ status: response.status,
4181
+ endpoint,
4182
+ method,
4183
+ requestId,
4184
+ raw: parsedBody.parsed
4185
+ },
4186
+ options,
4187
+ runtimeOptions
4188
+ );
4189
+ }
4190
+ return parsedBody.parsed.data;
4191
+ }
4192
+ return parsedBody.parsed;
4193
+ }
4194
+ async function callStorageBinaryEndpoint(gateway, endpoint, method, options, runtimeOptions) {
4195
+ let url;
4196
+ let headers;
4197
+ try {
4198
+ const baseUrl = options?.baseUrl ? normalizeAthenaGatewayBaseUrl(options.baseUrl) : gateway.baseUrl;
4199
+ url = buildAthenaGatewayUrl(baseUrl, endpoint);
4200
+ headers = gateway.buildHeaders(options);
4201
+ } catch (error) {
4202
+ return rejectStorageError(
4203
+ {
4204
+ code: storageCodeFromUnknown(error),
4205
+ message: error instanceof Error ? error.message : `Athena storage ${method} ${endpoint} failed before sending the request`,
4206
+ status: isAthenaGatewayError(error) ? error.status : 0,
4207
+ endpoint,
4208
+ method,
4209
+ raw: error,
4210
+ requestId: isAthenaGatewayError(error) ? error.requestId : void 0,
4211
+ hint: isAthenaGatewayError(error) ? error.hint : void 0,
4212
+ cause: error
4213
+ },
4214
+ options,
4215
+ runtimeOptions
4216
+ );
4217
+ }
4218
+ let response;
4219
+ try {
4220
+ response = await fetch(url, {
4221
+ method,
4222
+ headers,
4223
+ signal: options?.signal
4224
+ });
4225
+ } catch (error) {
4226
+ const message = error instanceof Error ? error.message : String(error);
4227
+ return rejectStorageError(
4228
+ {
4229
+ code: "NETWORK_ERROR",
4230
+ message: `Network error while calling Athena storage ${method} ${endpoint}: ${message}`,
4231
+ status: 0,
4232
+ endpoint,
4233
+ method,
4234
+ cause: error
4235
+ },
4236
+ options,
4237
+ runtimeOptions
4238
+ );
4239
+ }
4240
+ if (response.ok) {
4241
+ return response;
4242
+ }
4243
+ const requestId = headerValue(response.headers, ["x-athena-request-id", "x-request-id", "request-id"]);
4244
+ let rawErrorBody = null;
4245
+ try {
4246
+ const rawText = await response.text();
4247
+ const parsedBody = parseResponseBody3(rawText ?? "", response.headers.get("content-type"));
4248
+ rawErrorBody = parsedBody.parsed;
4249
+ } catch (error) {
4250
+ return rejectStorageError(
4251
+ {
4252
+ code: "NETWORK_ERROR",
4253
+ message: `Athena storage ${method} ${endpoint} error response body could not be read`,
4254
+ status: response.status,
4255
+ endpoint,
4256
+ method,
4257
+ requestId,
4258
+ cause: error
4259
+ },
4260
+ options,
4261
+ runtimeOptions
4262
+ );
4263
+ }
4264
+ return rejectStorageError(
4265
+ {
4266
+ code: "HTTP_ERROR",
4267
+ message: resolveErrorMessage3(
4268
+ rawErrorBody,
4269
+ `Athena storage ${method} ${endpoint} failed with status ${response.status}`
4270
+ ),
4271
+ status: response.status,
4272
+ endpoint,
4273
+ method,
4274
+ requestId,
4275
+ hint: resolveErrorHint2(rawErrorBody),
4276
+ cause: resolveErrorCause(rawErrorBody),
4277
+ raw: rawErrorBody
4278
+ },
4279
+ options,
4280
+ runtimeOptions
4281
+ );
4282
+ }
4283
+ function isBlobBody(body) {
4284
+ return typeof Blob !== "undefined" && body instanceof Blob;
4285
+ }
4286
+ function isReadableStreamBody(body) {
4287
+ return typeof ReadableStream !== "undefined" && body instanceof ReadableStream;
4288
+ }
4289
+ async function putPresignedUploadBody(uploadUrl, uploadHeaders, body, options) {
4290
+ const headers = new Headers(uploadHeaders);
4291
+ Object.entries(options?.headers ?? {}).forEach(([key, value]) => headers.set(key, value));
4292
+ if (!headers.has("Content-Type") && isBlobBody(body) && body.type) {
4293
+ headers.set("Content-Type", body.type);
4294
+ }
4295
+ const init = {
4296
+ method: "PUT",
4297
+ headers,
4298
+ body,
4299
+ signal: options?.signal
4300
+ };
4301
+ if (isReadableStreamBody(body)) {
4302
+ init.duplex = "half";
4303
+ }
4304
+ return fetch(uploadUrl, init);
4305
+ }
4306
+ function attachManagedUpload(upload) {
4307
+ const headers = {};
4308
+ return {
4309
+ ...upload,
4310
+ method: "PUT",
4311
+ headers,
4312
+ expiresAt: upload.expires_at,
4313
+ put(body, options) {
4314
+ return putPresignedUploadBody(upload.url, headers, body, options);
4315
+ }
4316
+ };
4317
+ }
4318
+ function attachUploadHelper(response) {
4319
+ return {
4320
+ ...response,
4321
+ upload: attachManagedUpload(response.upload)
4322
+ };
4323
+ }
4324
+ function attachUploadHelpers(response) {
4325
+ return {
4326
+ files: response.files.map(attachUploadHelper)
4327
+ };
4328
+ }
4329
+ function normalizeUploadUrlRequest(input) {
4330
+ const s3_id = input.s3_id ?? input.s3Id;
4331
+ const storage_key = input.storage_key ?? input.storageKey;
4332
+ if (!s3_id?.trim()) {
4333
+ throw new Error("athena.storage.file.upload requires s3_id or s3Id");
4334
+ }
4335
+ if (!storage_key?.trim()) {
4336
+ throw new Error("athena.storage.file.upload requires storage_key or storageKey");
4337
+ }
4338
+ const fileName = input.fileName?.trim();
4339
+ const originalName = input.originalName?.trim();
4340
+ return {
4341
+ s3_id,
4342
+ bucket: input.bucket,
4343
+ storage_key,
4344
+ name: input.name ?? fileName,
4345
+ original_name: input.original_name ?? originalName ?? fileName,
4346
+ resource_id: input.resource_id ?? input.resourceId,
4347
+ mime_type: input.mime_type ?? input.mimeType,
4348
+ content_type: input.content_type ?? input.contentType,
4349
+ size_bytes: input.size_bytes ?? input.sizeBytes,
4350
+ file_id: input.file_id ?? input.fileId,
4351
+ public: input.public,
4352
+ visibility: input.visibility,
4353
+ metadata: input.metadata
4354
+ };
4355
+ }
4356
+ async function callStorageUploadBinaryEndpoint(gateway, endpoint, body, options, runtimeOptions) {
4357
+ let url;
4358
+ let headers;
4359
+ try {
4360
+ const baseUrl = options?.baseUrl ? normalizeAthenaGatewayBaseUrl(options.baseUrl) : gateway.baseUrl;
4361
+ url = buildAthenaGatewayUrl(baseUrl, endpoint);
4362
+ headers = gateway.buildHeaders(options);
4363
+ } catch (error) {
4364
+ return rejectStorageError(
4365
+ {
4366
+ code: storageCodeFromUnknown(error),
4367
+ message: error instanceof Error ? error.message : `Athena storage PUT ${endpoint} failed before sending the request`,
4368
+ status: isAthenaGatewayError(error) ? error.status : 0,
4369
+ endpoint,
4370
+ method: "PUT",
4371
+ raw: error,
4372
+ requestId: isAthenaGatewayError(error) ? error.requestId : void 0,
4373
+ hint: isAthenaGatewayError(error) ? error.hint : void 0,
4374
+ cause: error
4375
+ },
4376
+ options,
4377
+ runtimeOptions
4378
+ );
4379
+ }
4380
+ delete headers["Content-Type"];
4381
+ delete headers["content-type"];
4382
+ if (isBlobBody(body) && body.type) {
4383
+ headers["Content-Type"] = body.type;
4384
+ }
4385
+ const requestInit = {
4386
+ method: "PUT",
4387
+ headers,
4388
+ body,
4389
+ signal: options?.signal
4390
+ };
4391
+ if (isReadableStreamBody(body)) {
4392
+ requestInit.duplex = "half";
4393
+ }
4394
+ let response;
4395
+ try {
4396
+ response = await fetch(url, requestInit);
4397
+ } catch (error) {
4398
+ const message = error instanceof Error ? error.message : String(error);
4399
+ return rejectStorageError(
4400
+ {
4401
+ code: "NETWORK_ERROR",
4402
+ message: `Network error while calling Athena storage PUT ${endpoint}: ${message}`,
4403
+ status: 0,
4404
+ endpoint,
4405
+ method: "PUT",
4406
+ cause: error
4407
+ },
4408
+ options,
4409
+ runtimeOptions
4410
+ );
4411
+ }
4412
+ let rawText;
4413
+ try {
4414
+ rawText = await response.text();
4415
+ } catch (error) {
4416
+ return rejectStorageError(
4417
+ {
4418
+ code: "NETWORK_ERROR",
4419
+ message: `Athena storage PUT ${endpoint} response body could not be read`,
4420
+ status: response.status,
4421
+ endpoint,
4422
+ method: "PUT",
4423
+ requestId: headerValue(response.headers, ["x-athena-request-id", "x-request-id", "request-id"]),
4424
+ cause: error
4425
+ },
4426
+ options,
4427
+ runtimeOptions
4428
+ );
4429
+ }
4430
+ const parsedBody = parseResponseBody3(rawText ?? "", response.headers.get("content-type"));
4431
+ const requestId = headerValue(response.headers, ["x-athena-request-id", "x-request-id", "request-id"]);
4432
+ if (parsedBody.parseFailed) {
4433
+ return rejectStorageError(
4434
+ {
4435
+ code: "INVALID_JSON",
4436
+ message: `Athena storage PUT ${endpoint} returned malformed JSON`,
4437
+ status: response.status,
4438
+ endpoint,
4439
+ method: "PUT",
4440
+ requestId,
4441
+ raw: parsedBody.parsed
4442
+ },
4443
+ options,
4444
+ runtimeOptions
4445
+ );
4446
+ }
4447
+ if (!response.ok) {
4448
+ return rejectStorageError(
4449
+ {
4450
+ code: "HTTP_ERROR",
4451
+ message: resolveErrorMessage3(
4452
+ parsedBody.parsed,
4453
+ `Athena storage PUT ${endpoint} failed with status ${response.status}`
4454
+ ),
4455
+ status: response.status,
4456
+ endpoint,
4457
+ method: "PUT",
4458
+ requestId,
4459
+ hint: resolveErrorHint2(parsedBody.parsed),
4460
+ cause: resolveErrorCause(parsedBody.parsed),
4461
+ raw: parsedBody.parsed
4462
+ },
4463
+ options,
4464
+ runtimeOptions
4465
+ );
4466
+ }
4467
+ if (!isRecord6(parsedBody.parsed) || !("data" in parsedBody.parsed)) {
4468
+ return rejectStorageError(
4469
+ {
4470
+ code: "INVALID_ATHENA_ENVELOPE",
4471
+ message: `Athena storage PUT ${endpoint} returned an invalid Athena envelope`,
4472
+ status: response.status,
4473
+ endpoint,
4474
+ method: "PUT",
4475
+ requestId,
4476
+ raw: parsedBody.parsed
4477
+ },
4478
+ options,
4479
+ runtimeOptions
4480
+ );
4481
+ }
4482
+ return parsedBody.parsed.data;
4483
+ }
4484
+ function createStorageModule(gateway, runtimeOptions) {
4485
+ const callRaw = (path, method, payload, options) => callStorageEndpoint(
4486
+ gateway,
4487
+ storagePath(path),
4488
+ method,
4489
+ "raw",
4490
+ payload,
4491
+ options,
4492
+ runtimeOptions
4493
+ );
4494
+ const callAthena2 = (path, method, payload, options) => callStorageEndpoint(
4495
+ gateway,
4496
+ storagePath(path),
4497
+ method,
4498
+ "athena",
4499
+ payload,
4500
+ options,
4501
+ runtimeOptions
4502
+ );
4503
+ const base = {
4504
+ listStorageCatalogs(options) {
4505
+ return callRaw("/storage/catalogs", "GET", void 0, options);
4506
+ },
4507
+ createStorageCatalog(input, options) {
4508
+ return callRaw("/storage/catalogs", "POST", input, options);
4509
+ },
4510
+ updateStorageCatalog(id, input, options) {
4511
+ return callRaw(withPathParam("/storage/catalogs/{id}", "id", id), "PATCH", input, options);
4512
+ },
4513
+ deleteStorageCatalog(id, options) {
4514
+ return callRaw(withPathParam("/storage/catalogs/{id}", "id", id), "DELETE", void 0, options);
4515
+ },
4516
+ listStorageCredentials(options) {
4517
+ return callRaw("/storage/credentials", "GET", void 0, options);
4518
+ },
4519
+ createStorageUploadUrl(input, options) {
4520
+ return callAthena2("/storage/files/upload-url", "POST", input, options);
4521
+ },
4522
+ createStorageUploadUrls(input, options) {
4523
+ return callAthena2("/storage/files/upload-urls", "POST", input, options);
4524
+ },
4525
+ listStorageFiles(input, options) {
4526
+ return callAthena2("/storage/files/list", "POST", input, options);
4527
+ },
4528
+ getStorageFile(fileId, options) {
4529
+ return callAthena2(withPathParam("/storage/files/{file_id}", "file_id", fileId), "GET", void 0, options);
4530
+ },
4531
+ getStorageFileUrl(fileId, query, options) {
4532
+ const path = appendQuery(
4533
+ withPathParam("/storage/files/{file_id}/url", "file_id", fileId),
4534
+ query
4535
+ );
4536
+ return callAthena2(path, "GET", void 0, options);
4537
+ },
4538
+ getStorageFileProxy(fileId, query, options) {
4539
+ const path = appendQuery(
4540
+ withPathParam("/storage/files/{file_id}/proxy", "file_id", fileId),
4541
+ query
4542
+ );
4543
+ return callStorageBinaryEndpoint(gateway, storagePath(path), "GET", options, runtimeOptions);
4544
+ },
4545
+ updateStorageFile(fileId, input, options) {
4546
+ return callAthena2(withPathParam("/storage/files/{file_id}", "file_id", fileId), "PATCH", input, options);
4547
+ },
4548
+ deleteStorageFile(fileId, options) {
4549
+ return callAthena2(withPathParam("/storage/files/{file_id}", "file_id", fileId), "DELETE", void 0, options);
4550
+ },
4551
+ setStorageFileVisibility(fileId, input, options) {
4552
+ return callAthena2(withPathParam("/storage/files/{file_id}/visibility", "file_id", fileId), "PATCH", input, options);
4553
+ },
4554
+ deleteStorageFolder(input, options) {
4555
+ return callAthena2("/storage/folders/delete", "POST", input, options);
4556
+ },
4557
+ moveStorageFolder(input, options) {
4558
+ return callAthena2("/storage/folders/move", "POST", input, options);
4559
+ }
4560
+ };
4561
+ const fileFacade = createStorageFileModule(base, runtimeOptions);
4562
+ const fileUpload = ((input, options) => {
4563
+ if (isRecord6(input) && "files" in input) {
4564
+ return fileFacade.upload(input, options);
4565
+ }
4566
+ return base.createStorageUploadUrl(
4567
+ normalizeUploadUrlRequest(input),
4568
+ options
4569
+ ).then(attachUploadHelper);
4570
+ });
4571
+ const fileDelete = ((input, options) => fileFacade.delete(input, options));
4572
+ const file = {
4573
+ ...fileFacade,
4574
+ upload: fileUpload,
4575
+ uploadMany(input, options) {
4576
+ return base.createStorageUploadUrls(
4577
+ { files: input.files.map(normalizeUploadUrlRequest) },
4578
+ options
4579
+ ).then(attachUploadHelpers);
4580
+ },
4581
+ confirmUpload(fileId, input, options) {
4582
+ return callAthena2(withPathParam("/storage/files/{file_id}/confirm-upload", "file_id", fileId), "POST", input ?? {}, options);
4583
+ },
4584
+ uploadBinary(fileId, body, options) {
4585
+ return callStorageUploadBinaryEndpoint(
4586
+ gateway,
4587
+ storagePath(withPathParam("/storage/files/{file_id}/upload", "file_id", fileId)),
4588
+ body,
4589
+ options,
4590
+ runtimeOptions
4591
+ );
4592
+ },
4593
+ search(input, options) {
4594
+ return callAthena2("/storage/files/search", "POST", input, options);
4595
+ },
4596
+ get(fileId, options) {
4597
+ return base.getStorageFile(fileId, options);
4598
+ },
4599
+ update(fileId, input, options) {
4600
+ return base.updateStorageFile(fileId, input, options);
4601
+ },
4602
+ delete: fileDelete,
4603
+ deleteMany(input, options) {
4604
+ return callAthena2("/storage/files/delete-many", "POST", input, options);
4605
+ },
4606
+ updateMany(input, options) {
4607
+ return callAthena2("/storage/files/update-many", "POST", input, options);
4608
+ },
4609
+ restore(fileId, options) {
4610
+ return callAthena2(withPathParam("/storage/files/{file_id}/restore", "file_id", fileId), "POST", {}, options);
4611
+ },
4612
+ purge(fileId, options) {
4613
+ return callAthena2(withPathParam("/storage/files/{file_id}/purge", "file_id", fileId), "DELETE", void 0, options);
4614
+ },
4615
+ copy(fileId, input, options) {
4616
+ return callAthena2(withPathParam("/storage/files/{file_id}/copy", "file_id", fileId), "POST", input, options);
4617
+ },
4618
+ url(fileId, query, options) {
4619
+ return base.getStorageFileUrl(fileId, query, options);
4620
+ },
4621
+ publicUrl(fileId, options) {
4622
+ return callAthena2(withPathParam("/storage/files/{file_id}/public-url", "file_id", fileId), "GET", void 0, options);
4623
+ },
4624
+ proxy(fileId, query, options) {
4625
+ return base.getStorageFileProxy(fileId, query, options);
4626
+ },
4627
+ visibility: {
4628
+ set(fileId, input, options) {
4629
+ return base.setStorageFileVisibility(fileId, input, options);
4630
+ },
4631
+ setMany(input, options) {
4632
+ return callAthena2("/storage/files/visibility-many", "POST", input, options);
4633
+ }
2697
4634
  }
2698
- }
2699
- throw new Error("withRetry reached an unexpected state");
2700
- }
2701
-
2702
- // src/db/module.ts
2703
- function createDbModule(input) {
2704
- const db = {
2705
- from(table, options) {
2706
- return input.from(table, options);
4635
+ };
4636
+ const credentials = {
4637
+ list(options) {
4638
+ return base.listStorageCredentials(options);
4639
+ }
4640
+ };
4641
+ const catalog = {
4642
+ list(options) {
4643
+ return base.listStorageCatalogs(options);
2707
4644
  },
2708
- select(table, columns, options) {
2709
- return input.from(table).select(columns, options);
4645
+ create(input, options) {
4646
+ return base.createStorageCatalog(input, options);
2710
4647
  },
2711
- insert(table, values, options) {
2712
- return Array.isArray(values) ? input.from(table).insert(values, options) : input.from(table).insert(values, options);
4648
+ update(id, input, options) {
4649
+ return base.updateStorageCatalog(id, input, options);
2713
4650
  },
2714
- upsert(table, values, options) {
2715
- return Array.isArray(values) ? input.from(table).upsert(values, options) : input.from(table).upsert(values, options);
4651
+ delete(id, options) {
4652
+ return base.deleteStorageCatalog(id, options);
4653
+ }
4654
+ };
4655
+ const folder = {
4656
+ list(input, options) {
4657
+ return callAthena2("/storage/folders/list", "POST", input, options);
2716
4658
  },
2717
- update(table, values, options) {
2718
- return input.from(table).update(values, options);
4659
+ tree(input, options) {
4660
+ return callAthena2("/storage/folders/tree", "POST", input, options);
2719
4661
  },
2720
- delete(table, options) {
2721
- return input.from(table).delete(options);
4662
+ delete(input, options) {
4663
+ return base.deleteStorageFolder(input, options);
2722
4664
  },
2723
- rpc(fn, args, options) {
2724
- return input.rpc(fn, args, options);
4665
+ move(input, options) {
4666
+ return base.moveStorageFolder(input, options);
4667
+ }
4668
+ };
4669
+ const permission = {
4670
+ list(input, options) {
4671
+ return callAthena2("/storage/permissions/list", "POST", input, options);
2725
4672
  },
2726
- query(query, options) {
2727
- return input.query(query, options);
4673
+ grant(input, options) {
4674
+ return callAthena2("/storage/permissions/grant", "POST", input, options);
4675
+ },
4676
+ revoke(input, options) {
4677
+ return callAthena2("/storage/permissions/revoke", "POST", input, options);
4678
+ },
4679
+ check(input, options) {
4680
+ return callAthena2("/storage/permissions/check", "POST", input, options);
2728
4681
  }
2729
4682
  };
2730
- return db;
4683
+ const objectFolder = {
4684
+ create(input, options) {
4685
+ return callAthena2("/storage/objects/folder", "POST", input, options);
4686
+ },
4687
+ delete(input, options) {
4688
+ return callAthena2("/storage/objects/folder/delete", "POST", input, options);
4689
+ },
4690
+ rename(input, options) {
4691
+ return callAthena2("/storage/objects/folder/rename", "POST", input, options);
4692
+ }
4693
+ };
4694
+ const object = {
4695
+ list(input, options) {
4696
+ return callAthena2("/storage/objects", "POST", input, options);
4697
+ },
4698
+ head(input, options) {
4699
+ return callAthena2("/storage/objects/head", "POST", input, options);
4700
+ },
4701
+ exists(input, options) {
4702
+ return callAthena2("/storage/objects/exists", "POST", input, options);
4703
+ },
4704
+ validate(input, options) {
4705
+ return callAthena2("/storage/objects/validate", "POST", input, options);
4706
+ },
4707
+ update(input, options) {
4708
+ return callAthena2("/storage/objects/update", "POST", input, options);
4709
+ },
4710
+ copy(input, options) {
4711
+ return callAthena2("/storage/objects/copy", "POST", input, options);
4712
+ },
4713
+ url(input, options) {
4714
+ return callAthena2("/storage/objects/url", "POST", input, options);
4715
+ },
4716
+ publicUrl(input, options) {
4717
+ return callAthena2("/storage/objects/public-url", "POST", input, options);
4718
+ },
4719
+ delete(input, options) {
4720
+ return callAthena2("/storage/objects/delete", "POST", input, options);
4721
+ },
4722
+ uploadUrl(input, options) {
4723
+ return callAthena2("/storage/objects/upload-url", "POST", input, options);
4724
+ },
4725
+ folder: objectFolder
4726
+ };
4727
+ const bucket = {
4728
+ list(input, options) {
4729
+ return callAthena2("/storage/buckets/list", "POST", input, options);
4730
+ },
4731
+ create(input, options) {
4732
+ return callAthena2("/storage/buckets/create", "POST", input, options);
4733
+ },
4734
+ delete(input, options) {
4735
+ return callAthena2("/storage/buckets/delete", "POST", input, options);
4736
+ },
4737
+ cors: {
4738
+ get(input, options) {
4739
+ return callAthena2("/storage/buckets/cors", "POST", input, options);
4740
+ },
4741
+ set(input, options) {
4742
+ return callAthena2("/storage/buckets/cors/set", "POST", input, options);
4743
+ },
4744
+ delete(input, options) {
4745
+ return callAthena2("/storage/buckets/cors/delete", "POST", input, options);
4746
+ }
4747
+ }
4748
+ };
4749
+ const multipart = {
4750
+ create(input, options) {
4751
+ return callAthena2("/storage/multipart/create", "POST", input, options);
4752
+ },
4753
+ signPart(input, options) {
4754
+ return callAthena2("/storage/multipart/sign-part", "POST", input, options);
4755
+ },
4756
+ complete(input, options) {
4757
+ return callAthena2("/storage/multipart/complete", "POST", input, options);
4758
+ },
4759
+ abort(input, options) {
4760
+ return callAthena2("/storage/multipart/abort", "POST", input, options);
4761
+ },
4762
+ listParts(input, options) {
4763
+ return callAthena2("/storage/multipart/list-parts", "POST", input, options);
4764
+ }
4765
+ };
4766
+ const audit = {
4767
+ list(input, options) {
4768
+ return callAthena2("/storage/audit/list", "POST", input, options);
4769
+ }
4770
+ };
4771
+ return {
4772
+ ...base,
4773
+ credentials,
4774
+ catalog,
4775
+ file,
4776
+ folder,
4777
+ permission,
4778
+ object,
4779
+ bucket,
4780
+ multipart,
4781
+ audit,
4782
+ delete: file.delete
4783
+ };
2731
4784
  }
2732
4785
 
2733
4786
  // src/query-ast.ts
@@ -2757,7 +4810,7 @@ var BOOLEAN_SAFE_OPERATORS = /* @__PURE__ */ new Set([
2757
4810
  "ilike",
2758
4811
  "is"
2759
4812
  ]);
2760
- function isRecord5(value) {
4813
+ function isRecord7(value) {
2761
4814
  return Boolean(value) && typeof value === "object" && !Array.isArray(value);
2762
4815
  }
2763
4816
  function isUuidString(value) {
@@ -2770,7 +4823,7 @@ function shouldUseUuidTextComparison(column, value) {
2770
4823
  return typeof value === "string" && isUuidString(value) && isUuidIdentifierColumn(column);
2771
4824
  }
2772
4825
  function isRelationSelectNode(value) {
2773
- return isRecord5(value) && isRecord5(value.select);
4826
+ return isRecord7(value) && isRecord7(value.select);
2774
4827
  }
2775
4828
  function normalizeIdentifier(value, label) {
2776
4829
  const normalized = value.trim();
@@ -2826,7 +4879,7 @@ function compileRelationToken(key, node) {
2826
4879
  return `${prefix}${relationToken}(${nested})`;
2827
4880
  }
2828
4881
  function compileSelectShape(select) {
2829
- if (!isRecord5(select)) {
4882
+ if (!isRecord7(select)) {
2830
4883
  throw new Error("findMany select must be an object");
2831
4884
  }
2832
4885
  const tokens = [];
@@ -2850,7 +4903,7 @@ function compileSelectShape(select) {
2850
4903
  return tokens.join(",");
2851
4904
  }
2852
4905
  function selectShapeUsesRelationSchema(select) {
2853
- if (!isRecord5(select)) {
4906
+ if (!isRecord7(select)) {
2854
4907
  return false;
2855
4908
  }
2856
4909
  for (const rawValue of Object.values(select)) {
@@ -2868,7 +4921,7 @@ function selectShapeUsesRelationSchema(select) {
2868
4921
  }
2869
4922
  function compileColumnWhere(column, input) {
2870
4923
  const normalizedColumn = normalizeIdentifier(column, "where column");
2871
- if (!isRecord5(input)) {
4924
+ if (!isRecord7(input)) {
2872
4925
  return [buildGatewayCondition("eq", normalizedColumn, input)];
2873
4926
  }
2874
4927
  const conditions = [];
@@ -2896,7 +4949,7 @@ function compileColumnWhere(column, input) {
2896
4949
  return conditions;
2897
4950
  }
2898
4951
  function compileBooleanExpressionTerms(clause, label) {
2899
- if (!isRecord5(clause)) {
4952
+ if (!isRecord7(clause)) {
2900
4953
  throw new Error(`findMany where.${label} clauses must be objects`);
2901
4954
  }
2902
4955
  const entries = Object.entries(clause).filter(([, value]) => value !== void 0);
@@ -2905,7 +4958,7 @@ function compileBooleanExpressionTerms(clause, label) {
2905
4958
  }
2906
4959
  const [rawColumn, rawValue] = entries[0];
2907
4960
  const column = normalizeIdentifier(rawColumn, `where.${label} column`);
2908
- if (!isRecord5(rawValue)) {
4961
+ if (!isRecord7(rawValue)) {
2909
4962
  return [`${column}.eq.${stringifyFilterValue(rawValue)}`];
2910
4963
  }
2911
4964
  const operatorEntries = Object.entries(rawValue).filter(([, value]) => value !== void 0);
@@ -2929,7 +4982,7 @@ function compileWhere(where) {
2929
4982
  if (where === void 0) {
2930
4983
  return void 0;
2931
4984
  }
2932
- if (!isRecord5(where)) {
4985
+ if (!isRecord7(where)) {
2933
4986
  throw new Error("findMany where must be an object");
2934
4987
  }
2935
4988
  const conditions = [];
@@ -2979,7 +5032,7 @@ function compileOrderBy(orderBy) {
2979
5032
  if (orderBy === void 0) {
2980
5033
  return void 0;
2981
5034
  }
2982
- if (!isRecord5(orderBy)) {
5035
+ if (!isRecord7(orderBy)) {
2983
5036
  throw new Error("findMany orderBy must be an object");
2984
5037
  }
2985
5038
  if ("column" in orderBy) {
@@ -3154,11 +5207,11 @@ function toFindManyAstOrder(order) {
3154
5207
  ascending: order.direction !== "descending"
3155
5208
  };
3156
5209
  }
3157
- function isRecord6(value) {
5210
+ function isRecord8(value) {
3158
5211
  return Boolean(value) && typeof value === "object" && !Array.isArray(value);
3159
5212
  }
3160
5213
  function normalizeFindManyAstColumnPredicate(value) {
3161
- if (!isRecord6(value)) {
5214
+ if (!isRecord8(value)) {
3162
5215
  return {
3163
5216
  eq: value
3164
5217
  };
@@ -3182,7 +5235,7 @@ function normalizeFindManyAstBooleanOperand(clause) {
3182
5235
  return normalized;
3183
5236
  }
3184
5237
  function normalizeFindManyAstWhere(where) {
3185
- if (!where || !isRecord6(where)) {
5238
+ if (!where || !isRecord8(where)) {
3186
5239
  return where;
3187
5240
  }
3188
5241
  const normalized = {};
@@ -3196,7 +5249,7 @@ function normalizeFindManyAstWhere(where) {
3196
5249
  );
3197
5250
  continue;
3198
5251
  }
3199
- if (key === "not" && isRecord6(value)) {
5252
+ if (key === "not" && isRecord8(value)) {
3200
5253
  normalized.not = normalizeFindManyAstBooleanOperand(
3201
5254
  value
3202
5255
  );
@@ -3207,7 +5260,7 @@ function normalizeFindManyAstWhere(where) {
3207
5260
  return normalized;
3208
5261
  }
3209
5262
  function predicateRequiresUuidQueryFallback(column, value) {
3210
- if (!isRecord6(value)) {
5263
+ if (!isRecord8(value)) {
3211
5264
  return shouldUseUuidTextComparison(column, value);
3212
5265
  }
3213
5266
  const eqValue = value.eq;
@@ -3225,7 +5278,7 @@ function booleanOperandRequiresUuidQueryFallback(clause) {
3225
5278
  return false;
3226
5279
  }
3227
5280
  function findManyAstWhereRequiresLegacyTransport(where) {
3228
- if (!where || !isRecord6(where)) {
5281
+ if (!where || !isRecord8(where)) {
3229
5282
  return false;
3230
5283
  }
3231
5284
  for (const [key, value] of Object.entries(where)) {
@@ -3240,7 +5293,7 @@ function findManyAstWhereRequiresLegacyTransport(where) {
3240
5293
  }
3241
5294
  continue;
3242
5295
  }
3243
- if (key === "not" && isRecord6(value)) {
5296
+ if (key === "not" && isRecord8(value)) {
3244
5297
  if (booleanOperandRequiresUuidQueryFallback(value)) {
3245
5298
  return true;
3246
5299
  }
@@ -3442,7 +5495,7 @@ async function executeExperimentalRead(experimental, runner) {
3442
5495
  throw error;
3443
5496
  }
3444
5497
  }
3445
- function isRecord7(value) {
5498
+ function isRecord9(value) {
3446
5499
  return Boolean(value) && typeof value === "object" && !Array.isArray(value);
3447
5500
  }
3448
5501
  function firstNonEmptyString2(...values) {
@@ -3454,8 +5507,8 @@ function firstNonEmptyString2(...values) {
3454
5507
  return void 0;
3455
5508
  }
3456
5509
  function resolveStructuredErrorPayload2(raw) {
3457
- if (!isRecord7(raw)) return null;
3458
- return isRecord7(raw.error) ? raw.error : raw;
5510
+ if (!isRecord9(raw)) return null;
5511
+ return isRecord9(raw.error) ? raw.error : raw;
3459
5512
  }
3460
5513
  function resolveStructuredErrorDetails(payload, message) {
3461
5514
  if (!payload || !("details" in payload)) {
@@ -3471,7 +5524,7 @@ function resolveStructuredErrorDetails(payload, message) {
3471
5524
  return details;
3472
5525
  }
3473
5526
  function createResultError(response, result, normalized) {
3474
- const rawRecord = isRecord7(response.raw) ? response.raw : null;
5527
+ const rawRecord = isRecord9(response.raw) ? response.raw : null;
3475
5528
  const payload = resolveStructuredErrorPayload2(response.raw);
3476
5529
  const message = firstNonEmptyString2(
3477
5530
  response.error,
@@ -4934,7 +6987,7 @@ function createClientFromConfig(config) {
4934
6987
  };
4935
6988
  const query = createQueryBuilder(gateway, formatGatewayResult, config.experimental, queryTracer);
4936
6989
  const db = createDbModule({ from, rpc, query });
4937
- return {
6990
+ const sdkClient = {
4938
6991
  from,
4939
6992
  db,
4940
6993
  rpc,
@@ -4942,6 +6995,14 @@ function createClientFromConfig(config) {
4942
6995
  verifyConnection: gateway.verifyConnection,
4943
6996
  auth: auth.auth
4944
6997
  };
6998
+ if (config.experimental?.athenaStorageBackend) {
6999
+ const storageClient = {
7000
+ ...sdkClient,
7001
+ storage: createStorageModule(gateway, config.experimental.storage)
7002
+ };
7003
+ return storageClient;
7004
+ }
7005
+ return sdkClient;
4945
7006
  }
4946
7007
  var DEFAULT_BACKEND = { type: "athena" };
4947
7008
  function toBackendConfig(b) {
@@ -4972,6 +7033,12 @@ function mergeExperimentalOptions(current, next) {
4972
7033
  ...next.traceQueries
4973
7034
  };
4974
7035
  }
7036
+ if (current?.storage || next.storage) {
7037
+ merged.storage = {
7038
+ ...current?.storage ?? {},
7039
+ ...next.storage ?? {}
7040
+ };
7041
+ }
4975
7042
  return merged;
4976
7043
  }
4977
7044
  var AthenaClientBuilderImpl = class {
@@ -5008,7 +7075,7 @@ var AthenaClientBuilderImpl = class {
5008
7075
  }
5009
7076
  experimental(options) {
5010
7077
  this.experimentalOptions = mergeExperimentalOptions(this.experimentalOptions, options);
5011
- return this;
7078
+ return options.athenaStorageBackend ? this : this;
5012
7079
  }
5013
7080
  options(options) {
5014
7081
  if (options.client !== void 0) {
@@ -5029,7 +7096,7 @@ var AthenaClientBuilderImpl = class {
5029
7096
  if (options.experimental !== void 0) {
5030
7097
  this.experimentalOptions = mergeExperimentalOptions(this.experimentalOptions, options.experimental);
5031
7098
  }
5032
- return this;
7099
+ return options.experimental?.athenaStorageBackend ? this : this;
5033
7100
  }
5034
7101
  build() {
5035
7102
  if (!this.baseUrl || !this.apiKey) {
@@ -5225,7 +7292,7 @@ function resolveNullishValue(mode) {
5225
7292
  if (mode === "null") return null;
5226
7293
  return "";
5227
7294
  }
5228
- function isRecord8(value) {
7295
+ function isRecord10(value) {
5229
7296
  return Boolean(value) && typeof value === "object" && !Array.isArray(value);
5230
7297
  }
5231
7298
  function isNullableColumn(model, key) {
@@ -5234,7 +7301,7 @@ function isNullableColumn(model, key) {
5234
7301
  }
5235
7302
  function toModelFormDefaults(model, values, options) {
5236
7303
  const source = values;
5237
- if (!isRecord8(source)) {
7304
+ if (!isRecord10(source)) {
5238
7305
  return {};
5239
7306
  }
5240
7307
  const mode = options?.nullishMode ?? "empty-string";
@@ -5309,6 +7376,90 @@ function resolveProviderSchemas(providerConfig) {
5309
7376
  return [...DEFAULT_POSTGRES_SCHEMAS];
5310
7377
  }
5311
7378
 
7379
+ // src/generator/env.ts
7380
+ function readEnvStringValue(key) {
7381
+ if (typeof process === "undefined" || !process.env) {
7382
+ return void 0;
7383
+ }
7384
+ const value = process.env[key];
7385
+ if (typeof value !== "string") {
7386
+ return void 0;
7387
+ }
7388
+ const trimmed = value.trim();
7389
+ return trimmed.length > 0 ? trimmed : void 0;
7390
+ }
7391
+ function throwMissingEnvVar(key) {
7392
+ throw new Error(
7393
+ `Generator config env var ${key} is missing or empty. Set ${key} or provide a default value.`
7394
+ );
7395
+ }
7396
+ function resolveEnvValue(key, options, resolver) {
7397
+ const rawValue = readEnvStringValue(key);
7398
+ if (rawValue === void 0) {
7399
+ if (options?.default !== void 0) {
7400
+ return options.default;
7401
+ }
7402
+ if (options?.optional) {
7403
+ return void 0;
7404
+ }
7405
+ return throwMissingEnvVar(key);
7406
+ }
7407
+ return resolver(rawValue);
7408
+ }
7409
+ function resolveStringEnv(key, options) {
7410
+ return resolveEnvValue(key, options, (value) => value);
7411
+ }
7412
+ function resolveBooleanEnv(key, options) {
7413
+ return resolveEnvValue(key, options, (value) => parseBooleanFlag2(value, false));
7414
+ }
7415
+ function resolveListEnv(key, options) {
7416
+ return resolveEnvValue(key, options, (value) => {
7417
+ const separator = options?.separator ?? ",";
7418
+ return value.split(separator).map((entry) => entry.trim()).filter((entry, index, entries) => entry.length > 0 && entries.indexOf(entry) === index);
7419
+ })?.slice();
7420
+ }
7421
+ function resolveJsonEnv(key, options) {
7422
+ return resolveEnvValue(key, options, (value) => {
7423
+ try {
7424
+ return JSON.parse(value);
7425
+ } catch (error) {
7426
+ const message = error instanceof Error ? error.message : String(error);
7427
+ throw new Error(`Generator config env var ${key} must contain valid JSON. ${message}`);
7428
+ }
7429
+ });
7430
+ }
7431
+ function resolveOneOfEnv(key, allowedValues, options) {
7432
+ return resolveEnvValue(key, options, (value) => {
7433
+ if (allowedValues.includes(value)) {
7434
+ return value;
7435
+ }
7436
+ throw new Error(
7437
+ `Generator config env var ${key} must be one of: ${allowedValues.join(", ")}. Received: ${value}.`
7438
+ );
7439
+ });
7440
+ }
7441
+ function generatorEnvString(key, options) {
7442
+ return resolveStringEnv(key, options);
7443
+ }
7444
+ function generatorEnvBoolean(key, options) {
7445
+ return resolveBooleanEnv(key, options);
7446
+ }
7447
+ function generatorEnvList(key, options) {
7448
+ return resolveListEnv(key, options);
7449
+ }
7450
+ function generatorEnvJson(key, options) {
7451
+ return resolveJsonEnv(key, options);
7452
+ }
7453
+ function generatorEnvOneOf(key, allowedValues, options) {
7454
+ return resolveOneOfEnv(key, allowedValues, options);
7455
+ }
7456
+ var generatorEnv = Object.assign(generatorEnvString, {
7457
+ boolean: generatorEnvBoolean,
7458
+ list: generatorEnvList,
7459
+ json: generatorEnvJson,
7460
+ oneOf: generatorEnvOneOf
7461
+ });
7462
+
5312
7463
  // src/generator/postgres-type-mapping.ts
5313
7464
  var NUMBER_TYPES = /* @__PURE__ */ new Set([
5314
7465
  "int2",
@@ -5425,6 +7576,433 @@ function resolvePostgresColumnType(column) {
5425
7576
  return wrapArrayType(baseType, column.arrayDimensions);
5426
7577
  }
5427
7578
 
7579
+ // src/auth/server.ts
7580
+ var DEFAULT_AUTH_BASE_PATH = "/api/auth";
7581
+ var ATHENA_AUTH_BASE_ERROR_CODES = {
7582
+ HANDLER_NOT_CONFIGURED: "HANDLER_NOT_CONFIGURED",
7583
+ INVALID_BASE_URL: "INVALID_BASE_URL",
7584
+ UNTRUSTED_HOST: "UNTRUSTED_HOST"
7585
+ };
7586
+ function capitalize(value) {
7587
+ return value.length > 0 ? `${value[0]?.toUpperCase()}${value.slice(1)}` : value;
7588
+ }
7589
+ function serializeSetCookieValue(name, value, attributes) {
7590
+ const parts = [`${name}=${encodeURIComponent(value)}`];
7591
+ const knownKeys = /* @__PURE__ */ new Set([
7592
+ "maxAge",
7593
+ "expires",
7594
+ "domain",
7595
+ "path",
7596
+ "secure",
7597
+ "httpOnly",
7598
+ "partitioned",
7599
+ "sameSite"
7600
+ ]);
7601
+ if (attributes.maxAge !== void 0) {
7602
+ parts.push(`Max-Age=${Math.trunc(attributes.maxAge)}`);
7603
+ }
7604
+ if (attributes.expires instanceof Date) {
7605
+ parts.push(`Expires=${attributes.expires.toUTCString()}`);
7606
+ }
7607
+ if (attributes.domain) {
7608
+ parts.push(`Domain=${attributes.domain}`);
7609
+ }
7610
+ if (attributes.path) {
7611
+ parts.push(`Path=${attributes.path}`);
7612
+ }
7613
+ if (attributes.secure) {
7614
+ parts.push("Secure");
7615
+ }
7616
+ if (attributes.httpOnly) {
7617
+ parts.push("HttpOnly");
7618
+ }
7619
+ if (attributes.partitioned) {
7620
+ parts.push("Partitioned");
7621
+ }
7622
+ if (attributes.sameSite) {
7623
+ parts.push(`SameSite=${capitalize(attributes.sameSite)}`);
7624
+ }
7625
+ for (const [key, rawValue] of Object.entries(attributes)) {
7626
+ if (knownKeys.has(key) || rawValue === void 0 || rawValue === null || rawValue === false) {
7627
+ continue;
7628
+ }
7629
+ if (rawValue === true) {
7630
+ parts.push(key);
7631
+ continue;
7632
+ }
7633
+ parts.push(`${key}=${String(rawValue)}`);
7634
+ }
7635
+ return parts.join("; ");
7636
+ }
7637
+ function readCookieFromHeaders(headers, name) {
7638
+ const cookieHeader = headers?.get("cookie");
7639
+ if (!cookieHeader) {
7640
+ return void 0;
7641
+ }
7642
+ return parseCookies(cookieHeader).get(name);
7643
+ }
7644
+ function isRecord11(value) {
7645
+ return Boolean(value) && typeof value === "object" && !Array.isArray(value);
7646
+ }
7647
+ function resolveSessionCandidate(value) {
7648
+ if (!isRecord11(value)) {
7649
+ return null;
7650
+ }
7651
+ const session = isRecord11(value.session) ? value.session : void 0;
7652
+ const user = isRecord11(value.user) ? value.user : void 0;
7653
+ if (session && typeof session.token === "string" && session.token.length > 0 && user) {
7654
+ return {
7655
+ session,
7656
+ user
7657
+ };
7658
+ }
7659
+ return null;
7660
+ }
7661
+ function inferSessionPair(returned) {
7662
+ return resolveSessionCandidate(returned) ?? (isRecord11(returned) ? resolveSessionCandidate(returned.data) : null) ?? (isRecord11(returned) ? resolveSessionCandidate(returned.session) : null);
7663
+ }
7664
+ function resolveResponseHeaders(ctx) {
7665
+ if (ctx.context.responseHeaders instanceof Headers) {
7666
+ return ctx.context.responseHeaders;
7667
+ }
7668
+ const headers = new Headers();
7669
+ ctx.context.responseHeaders = headers;
7670
+ return headers;
7671
+ }
7672
+ function normalizeBaseURL(baseURL) {
7673
+ return baseURL.replace(/\/$/, "");
7674
+ }
7675
+ function normalizeBasePath(basePath) {
7676
+ if (!basePath || basePath === "/") {
7677
+ return DEFAULT_AUTH_BASE_PATH;
7678
+ }
7679
+ const normalized = basePath.startsWith("/") ? basePath : `/${basePath}`;
7680
+ return normalized.endsWith("/") && normalized.length > 1 ? normalized.slice(0, -1) : normalized;
7681
+ }
7682
+ function isDynamicBaseURLConfig2(baseURL) {
7683
+ return typeof baseURL === "object" && baseURL !== null && "allowedHosts" in baseURL && Array.isArray(baseURL.allowedHosts);
7684
+ }
7685
+ function getRequestUrl(request) {
7686
+ try {
7687
+ return new URL(request.url);
7688
+ } catch {
7689
+ return new URL("http://localhost");
7690
+ }
7691
+ }
7692
+ function getRequestHost(request, url) {
7693
+ const forwardedHost = request.headers.get("x-forwarded-host")?.split(",")[0]?.trim();
7694
+ const host = forwardedHost || request.headers.get("host") || url.host;
7695
+ return host || null;
7696
+ }
7697
+ function getRequestProtocol(request, configuredProtocol, url) {
7698
+ if (configuredProtocol === "http" || configuredProtocol === "https") {
7699
+ return configuredProtocol;
7700
+ }
7701
+ const forwardedProto = request.headers.get("x-forwarded-proto")?.split(",")[0]?.trim();
7702
+ if (forwardedProto === "http" || forwardedProto === "https") {
7703
+ return forwardedProto;
7704
+ }
7705
+ if (url.protocol === "http:" || url.protocol === "https:") {
7706
+ return url.protocol.slice(0, -1);
7707
+ }
7708
+ return "http";
7709
+ }
7710
+ function resolveRequestBaseURL(baseURL, request) {
7711
+ if (typeof baseURL === "string") {
7712
+ return normalizeBaseURL(baseURL);
7713
+ }
7714
+ const requestUrl = getRequestUrl(request);
7715
+ const host = getRequestHost(request, requestUrl);
7716
+ if (!host) {
7717
+ return null;
7718
+ }
7719
+ if (isDynamicBaseURLConfig2(baseURL)) {
7720
+ const allowedHosts = baseURL.allowedHosts ?? [];
7721
+ if (allowedHosts.length > 0 && !allowedHosts.includes(host)) {
7722
+ return null;
7723
+ }
7724
+ }
7725
+ const protocol = typeof baseURL === "object" && baseURL !== null ? getRequestProtocol(request, baseURL.protocol, requestUrl) : getRequestProtocol(request, void 0, requestUrl);
7726
+ return `${protocol}://${host}`;
7727
+ }
7728
+ function getOrigin(baseURL) {
7729
+ if (!baseURL) {
7730
+ return void 0;
7731
+ }
7732
+ try {
7733
+ return new URL(baseURL).origin;
7734
+ } catch {
7735
+ return void 0;
7736
+ }
7737
+ }
7738
+ async function resolveTrustedOrigins(config, baseURL, request) {
7739
+ const resolved = typeof config.trustedOrigins === "function" ? await config.trustedOrigins(request) : config.trustedOrigins ?? [];
7740
+ const values = [
7741
+ getOrigin(baseURL),
7742
+ ...resolved
7743
+ ];
7744
+ return Array.from(new Set(values.filter((value) => typeof value === "string" && value.length > 0)));
7745
+ }
7746
+ async function resolveTrustedProviders(config, request) {
7747
+ const configured = typeof config.trustedProviders === "function" ? await config.trustedProviders(request) : config.trustedProviders ?? [];
7748
+ const values = [
7749
+ ...Object.keys(config.socialProviders ?? {}),
7750
+ ...configured
7751
+ ];
7752
+ return Array.from(new Set(values.filter((value) => typeof value === "string" && value.length > 0)));
7753
+ }
7754
+ function createJsonResponse(payload, init) {
7755
+ const headers = new Headers(init?.headers);
7756
+ if (!headers.has("content-type")) {
7757
+ headers.set("content-type", "application/json; charset=utf-8");
7758
+ }
7759
+ return new Response(JSON.stringify(payload), {
7760
+ ...init,
7761
+ headers
7762
+ });
7763
+ }
7764
+ function mergeResponseHeaders(response, headers) {
7765
+ return new Response(response.body, {
7766
+ status: response.status,
7767
+ statusText: response.statusText,
7768
+ headers
7769
+ });
7770
+ }
7771
+ function defineAthenaAuthConfig(config) {
7772
+ return config;
7773
+ }
7774
+ function athenaAuth(config) {
7775
+ const normalizedBasePath = normalizeBasePath(config.basePath);
7776
+ const staticBaseURL = typeof config.baseURL === "string" ? normalizeBaseURL(config.baseURL) : void 0;
7777
+ const runtime = {
7778
+ baseURL: staticBaseURL,
7779
+ basePath: normalizedBasePath,
7780
+ secret: config.secret,
7781
+ cookies: {
7782
+ session: config.session,
7783
+ advanced: config.advanced
7784
+ }
7785
+ };
7786
+ const resolvedDatabase = typeof config.database === "function" ? config.database(runtime) : config.database;
7787
+ const cookies = getCookies({
7788
+ baseURL: staticBaseURL ?? config.baseURL,
7789
+ session: config.session,
7790
+ advanced: config.advanced
7791
+ });
7792
+ const auth = {};
7793
+ const createCookieContext = (input = {}) => {
7794
+ const responseHeaders = input.responseHeaders ?? new Headers();
7795
+ const runtimeHeaders = input.headers;
7796
+ const authCookies = input.cookies ?? auth.cookies;
7797
+ const setCookie = input.setCookie ?? ((name, value, attributes) => {
7798
+ responseHeaders.append(
7799
+ "set-cookie",
7800
+ serializeSetCookieValue(name, value, attributes)
7801
+ );
7802
+ });
7803
+ return {
7804
+ headers: runtimeHeaders,
7805
+ getCookie: input.getCookie ?? ((name) => readCookieFromHeaders(runtimeHeaders, name)),
7806
+ setCookie,
7807
+ logger: input.logger,
7808
+ setSignedCookie: input.setSignedCookie,
7809
+ getSignedCookie: input.getSignedCookie,
7810
+ context: {
7811
+ secret: runtime.secret,
7812
+ authCookies,
7813
+ sessionConfig: {
7814
+ expiresIn: config.session?.expiresIn
7815
+ },
7816
+ options: {
7817
+ session: {
7818
+ cookieCache: config.session?.cookieCache
7819
+ },
7820
+ account: {
7821
+ storeAccountCookie: true
7822
+ }
7823
+ },
7824
+ setNewSession: input.setNewSession
7825
+ }
7826
+ };
7827
+ };
7828
+ const setSession = async (input, session, dontRememberMe, overrides) => {
7829
+ const cookieContext = createCookieContext(input);
7830
+ await setSessionCookie(cookieContext, session, dontRememberMe, overrides);
7831
+ };
7832
+ const clearSession = (input, skipDontRememberMe) => {
7833
+ const cookieContext = createCookieContext(input);
7834
+ deleteSessionCookie(cookieContext, skipDontRememberMe);
7835
+ };
7836
+ const applyResponseCookies = async (ctx) => {
7837
+ const responseHeaders = resolveResponseHeaders(ctx);
7838
+ const session = ctx.context.setSession ?? inferSessionPair(ctx.context.returned);
7839
+ if (ctx.context.clearSession) {
7840
+ clearSession({
7841
+ headers: ctx.headers,
7842
+ responseHeaders
7843
+ });
7844
+ }
7845
+ if (session) {
7846
+ await setSession(
7847
+ {
7848
+ headers: ctx.headers,
7849
+ responseHeaders
7850
+ },
7851
+ session,
7852
+ ctx.context.dontRememberMe,
7853
+ ctx.context.cookieOverrides
7854
+ );
7855
+ }
7856
+ return responseHeaders;
7857
+ };
7858
+ const runAfterHooks = async (ctx) => {
7859
+ for (const plugin of auth.plugins) {
7860
+ for (const hook of plugin.hooks?.after ?? []) {
7861
+ if (!hook.matcher(ctx)) {
7862
+ continue;
7863
+ }
7864
+ await hook.handler({
7865
+ ...ctx,
7866
+ auth
7867
+ });
7868
+ }
7869
+ }
7870
+ return ctx;
7871
+ };
7872
+ const resolveRequestContext = async (request) => {
7873
+ const requestUrl = getRequestUrl(request);
7874
+ const resolvedBaseURL = resolveRequestBaseURL(config.baseURL, request);
7875
+ if (!resolvedBaseURL) {
7876
+ throw new Error(
7877
+ isDynamicBaseURLConfig2(config.baseURL) ? "Could not resolve base URL from request. Check allowedHosts/baseURL." : "Could not resolve base URL from request."
7878
+ );
7879
+ }
7880
+ const requestCookies = getCookies({
7881
+ baseURL: resolvedBaseURL,
7882
+ session: config.session,
7883
+ advanced: config.advanced
7884
+ });
7885
+ const trustedOrigins = await resolveTrustedOrigins(config, resolvedBaseURL, request);
7886
+ const trustedProviders = await resolveTrustedProviders(config, request);
7887
+ return {
7888
+ auth,
7889
+ request,
7890
+ url: requestUrl,
7891
+ path: requestUrl.pathname,
7892
+ basePath: normalizedBasePath,
7893
+ baseURL: resolvedBaseURL,
7894
+ origin: getOrigin(resolvedBaseURL) ?? resolvedBaseURL,
7895
+ headers: request.headers,
7896
+ cookies: requestCookies,
7897
+ trustedOrigins,
7898
+ trustedProviders,
7899
+ options: config,
7900
+ runtime: {
7901
+ ...runtime,
7902
+ baseURL: resolvedBaseURL
7903
+ },
7904
+ database: auth.database,
7905
+ socialProviders: auth.socialProviders
7906
+ };
7907
+ };
7908
+ const handler = async (request) => {
7909
+ const requestContext = await resolveRequestContext(request);
7910
+ if (typeof config.handler !== "function") {
7911
+ return createJsonResponse(
7912
+ {
7913
+ ok: false,
7914
+ code: ATHENA_AUTH_BASE_ERROR_CODES.HANDLER_NOT_CONFIGURED,
7915
+ error: "No native auth handler was configured for this Athena auth instance.",
7916
+ path: requestContext.path,
7917
+ basePath: requestContext.basePath
7918
+ },
7919
+ { status: 501 }
7920
+ );
7921
+ }
7922
+ const result = await config.handler(requestContext);
7923
+ if (result instanceof Response) {
7924
+ return result;
7925
+ }
7926
+ const response = result.response ?? (result.returned !== void 0 ? createJsonResponse(result.returned) : new Response(null, { status: 204 }));
7927
+ const responseHeaders = new Headers(response.headers);
7928
+ await runAfterHooks({
7929
+ path: requestContext.path,
7930
+ headers: request.headers,
7931
+ context: {
7932
+ responseHeaders,
7933
+ returned: result.returned,
7934
+ setSession: result.setSession,
7935
+ clearSession: result.clearSession,
7936
+ dontRememberMe: result.dontRememberMe,
7937
+ cookieOverrides: result.cookieOverrides
7938
+ }
7939
+ });
7940
+ return mergeResponseHeaders(response, responseHeaders);
7941
+ };
7942
+ const api = Object.assign(
7943
+ {
7944
+ applyResponseCookies,
7945
+ clearSession,
7946
+ createCookieContext,
7947
+ getCookieCache,
7948
+ getSessionCookie,
7949
+ resolveRequestContext,
7950
+ runAfterHooks,
7951
+ setSession
7952
+ },
7953
+ config.api ?? {}
7954
+ );
7955
+ const $ERROR_CODES = {
7956
+ ...auth.plugins?.reduce((acc, plugin) => {
7957
+ if (plugin.$ERROR_CODES) {
7958
+ return {
7959
+ ...acc,
7960
+ ...plugin.$ERROR_CODES
7961
+ };
7962
+ }
7963
+ return acc;
7964
+ }, {}),
7965
+ ...config.errorCodes ?? {},
7966
+ ...ATHENA_AUTH_BASE_ERROR_CODES
7967
+ };
7968
+ Object.assign(auth, {
7969
+ config,
7970
+ options: config,
7971
+ runtime,
7972
+ database: resolvedDatabase,
7973
+ socialProviders: config.socialProviders ?? {},
7974
+ plugins: [...config.plugins ?? []],
7975
+ cookies,
7976
+ api,
7977
+ $ERROR_CODES,
7978
+ createCookieContext,
7979
+ setSession,
7980
+ clearSession,
7981
+ applyResponseCookies,
7982
+ runAfterHooks,
7983
+ resolveRequestContext,
7984
+ handler
7985
+ });
7986
+ auth.$context = Promise.all([
7987
+ resolveTrustedOrigins(config, staticBaseURL),
7988
+ resolveTrustedProviders(config)
7989
+ ]).then(([trustedOrigins, trustedProviders]) => ({
7990
+ auth,
7991
+ options: config,
7992
+ runtime,
7993
+ basePath: normalizedBasePath,
7994
+ baseURL: staticBaseURL,
7995
+ origin: getOrigin(staticBaseURL),
7996
+ database: auth.database,
7997
+ socialProviders: auth.socialProviders,
7998
+ plugins: auth.plugins,
7999
+ cookies: auth.cookies,
8000
+ trustedOrigins,
8001
+ trustedProviders
8002
+ }));
8003
+ return auth;
8004
+ }
8005
+
5428
8006
  // src/browser.ts
5429
8007
  function throwBrowserUnsupported(apiName) {
5430
8008
  throw new Error(
@@ -5456,22 +8034,28 @@ async function runSchemaGenerator(options = {}) {
5456
8034
  return throwBrowserUnsupported("runSchemaGenerator");
5457
8035
  }
5458
8036
 
8037
+ exports.ATHENA_AUTH_BASE_ERROR_CODES = ATHENA_AUTH_BASE_ERROR_CODES;
5459
8038
  exports.AthenaClient = AthenaClient;
5460
8039
  exports.AthenaError = AthenaError;
5461
8040
  exports.AthenaErrorCategory = AthenaErrorCategory;
5462
8041
  exports.AthenaErrorCode = AthenaErrorCode;
5463
8042
  exports.AthenaErrorKind = AthenaErrorKind;
5464
8043
  exports.AthenaGatewayError = AthenaGatewayError;
8044
+ exports.AthenaStorageError = AthenaStorageError;
8045
+ exports.AthenaStorageErrorCode = AthenaStorageErrorCode;
5465
8046
  exports.Backend = Backend;
5466
8047
  exports.DEFAULT_POSTGRES_SCHEMAS = DEFAULT_POSTGRES_SCHEMAS;
5467
8048
  exports.assertInt = assertInt;
8049
+ exports.athenaAuth = athenaAuth;
5468
8050
  exports.coerceInt = coerceInt;
8051
+ exports.createAthenaStorageError = createAthenaStorageError;
5469
8052
  exports.createAuthClient = createAuthClient;
5470
8053
  exports.createAuthReactEmailInput = createAuthReactEmailInput;
5471
8054
  exports.createClient = createClient;
5472
8055
  exports.createModelFormAdapter = createModelFormAdapter;
5473
8056
  exports.createPostgresIntrospectionProvider = createPostgresIntrospectionProvider;
5474
8057
  exports.createTypedClient = createTypedClient;
8058
+ exports.defineAthenaAuthConfig = defineAthenaAuthConfig;
5475
8059
  exports.defineAuthEmailTemplate = defineAuthEmailTemplate;
5476
8060
  exports.defineDatabase = defineDatabase;
5477
8061
  exports.defineGeneratorConfig = defineGeneratorConfig;
@@ -5480,6 +8064,7 @@ exports.defineRegistry = defineRegistry;
5480
8064
  exports.defineSchema = defineSchema;
5481
8065
  exports.findGeneratorConfigPath = findGeneratorConfigPath;
5482
8066
  exports.generateArtifactsFromSnapshot = generateArtifactsFromSnapshot;
8067
+ exports.generatorEnv = generatorEnv;
5483
8068
  exports.identifier = identifier;
5484
8069
  exports.isAthenaGatewayError = isAthenaGatewayError;
5485
8070
  exports.isOk = isOk;
@@ -5496,6 +8081,7 @@ exports.resolveGeneratorProvider = resolveGeneratorProvider;
5496
8081
  exports.resolvePostgresColumnType = resolvePostgresColumnType;
5497
8082
  exports.resolveProviderSchemas = resolveProviderSchemas;
5498
8083
  exports.runSchemaGenerator = runSchemaGenerator;
8084
+ exports.storageSdkManifest = storageSdkManifest;
5499
8085
  exports.toModelFormDefaults = toModelFormDefaults;
5500
8086
  exports.toModelPayload = toModelPayload;
5501
8087
  exports.unwrap = unwrap;