actor-gate 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/package.json +1 -1
  2. package/src/express/protected-route.d.ts +10 -0
  3. package/src/express/protected-route.js +10 -0
  4. package/src/next/app/protected-route.d.ts +9 -0
  5. package/src/next/app/protected-route.js +9 -0
  6. package/src/next/pages/protected-route.d.ts +10 -0
  7. package/src/next/pages/protected-route.js +10 -0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "actor-gate",
3
- "version": "0.2.0",
3
+ "version": "0.2.1",
4
4
  "description": "Schema-agnostic Next.js auth library for direct and MCP authentication flows.",
5
5
  "type": "module",
6
6
  "private": false,
package/src/express/protected-route.d.ts CHANGED
@@ -40,5 +40,15 @@ export type WithExpressProtectedRouteOptions<TSessionId, TUserId, TActor extends
40
40
  resourceMetadataUrl?: string;
41
41
  };
42
42
  };
43
+ /**
44
+ * Wraps an Express route with access-token authentication and standardized
45
+ * auth/system error responses.
46
+ *
47
+ * Handler output behavior:
48
+ * - Return a non-`undefined` value to send `200` with `res.json(output)`.
49
+ * - Return `undefined` to send `204`.
50
+ * - If your handler already committed the response (for example via
51
+ * `res.status(...).json(...)`), this wrapper does not overwrite it.
52
+ */
43
53
  export declare function withExpressProtectedRoute<TSessionId, TUserId, TActor extends AuthActor = AuthActor, TServerSessionData extends Record<string, unknown> = Record<string, never>, TClientSessionData extends Record<string, unknown> = Record<string, never>, TExtClaims extends Record<string, unknown> = Record<string, never>, TReq extends ExpressRequestLike = ExpressRequestLike, TRes extends ExpressResponseLike = ExpressResponseLike, TOutput = unknown>(options: WithExpressProtectedRouteOptions<TSessionId, TUserId, TActor, TServerSessionData, TClientSessionData, TExtClaims, TReq, TRes, TOutput>): (req: TReq, res: TRes) => Promise<void>;
44
54
  export {};
package/src/express/protected-route.js CHANGED
@@ -37,6 +37,16 @@ function sendExpressAuthError(res, error, input) {
37
37
  }
38
38
  res.status(built.statusCode).json(built.body);
39
39
  }
40
+ /**
41
+ * Wraps an Express route with access-token authentication and standardized
42
+ * auth/system error responses.
43
+ *
44
+ * Handler output behavior:
45
+ * - Return a non-`undefined` value to send `200` with `res.json(output)`.
46
+ * - Return `undefined` to send `204`.
47
+ * - If your handler already committed the response (for example via
48
+ * `res.status(...).json(...)`), this wrapper does not overwrite it.
49
+ */
40
50
  export function withExpressProtectedRoute(options) {
41
51
  const authorizationHeaderName = options.authorizationHeaderName ?? 'authorization';
42
52
  const requestIdHeaderName = options.requestIdHeaderName ?? 'x-request-id';
package/src/next/app/protected-route.d.ts CHANGED
@@ -24,4 +24,13 @@ export type WithAppProtectedRouteOptions<TSessionId, TUserId, TActor extends Aut
24
24
  authorizationHeaderName?: string;
25
25
  challenge?: WithAppAuthRouteOptions<TOutput>['challenge'];
26
26
  };
27
+ /**
28
+ * Wraps a Next.js App Router handler with access-token authentication and
29
+ * standardized auth/system error handling.
30
+ *
31
+ * Handler output behavior:
32
+ * - Return a `Response` to fully control the HTTP response.
33
+ * - Return a non-`undefined` non-`Response` value to send `200` JSON.
34
+ * - Return `undefined` to send `204`.
35
+ */
27
36
  export declare function withAppProtectedRoute<TSessionId, TUserId, TActor extends AuthActor = AuthActor, TServerSessionData extends Record<string, unknown> = Record<string, never>, TClientSessionData extends Record<string, unknown> = Record<string, never>, TExtClaims extends Record<string, unknown> = Record<string, never>, TOutput = unknown>(options: WithAppProtectedRouteOptions<TSessionId, TUserId, TActor, TServerSessionData, TClientSessionData, TExtClaims, TOutput>): (req: Request) => Promise<Response>;
package/src/next/app/protected-route.js CHANGED
@@ -1,6 +1,15 @@
1
1
  import { AuthServiceError } from '../../core/services/auth-error';
2
2
  import { assertBearerOnlyActorPolicy, resolveAccessTokenTransportAdapter, } from '../shared/direct-auth-utils';
3
3
  import { withAppAuthRoute } from './wrapper';
4
+ /**
5
+ * Wraps a Next.js App Router handler with access-token authentication and
6
+ * standardized auth/system error handling.
7
+ *
8
+ * Handler output behavior:
9
+ * - Return a `Response` to fully control the HTTP response.
10
+ * - Return a non-`undefined` non-`Response` value to send `200` JSON.
11
+ * - Return `undefined` to send `204`.
12
+ */
4
13
  export function withAppProtectedRoute(options) {
5
14
  const accessTokenTransportAdapter = resolveAccessTokenTransportAdapter(options.accessTokenTransport);
6
15
  return withAppAuthRoute({
package/src/next/pages/protected-route.d.ts CHANGED
@@ -25,4 +25,14 @@ export type WithPagesProtectedRouteOptions<TSessionId, TUserId, TActor extends A
25
25
  authorizationHeaderName?: string;
26
26
  challenge?: WithPagesAuthRouteOptions<TOutput>['challenge'];
27
27
  };
28
+ /**
29
+ * Wraps a Next.js Pages API route with access-token authentication and
30
+ * standardized auth/system error handling.
31
+ *
32
+ * Handler output behavior:
33
+ * - Return a non-`undefined` value to send `200` with `res.json(output)`.
34
+ * - Return `undefined` to send `204`.
35
+ * - If your handler already finished the response (for example by calling
36
+ * `res.status(...).json(...)` directly), the wrapper does not overwrite it.
37
+ */
28
38
  export declare function withPagesProtectedRoute<TSessionId, TUserId, TActor extends AuthActor = AuthActor, TServerSessionData extends Record<string, unknown> = Record<string, never>, TClientSessionData extends Record<string, unknown> = Record<string, never>, TExtClaims extends Record<string, unknown> = Record<string, never>, TOutput = unknown>(options: WithPagesProtectedRouteOptions<TSessionId, TUserId, TActor, TServerSessionData, TClientSessionData, TExtClaims, TOutput>): NextApiHandler;
package/src/next/pages/protected-route.js CHANGED
@@ -1,6 +1,16 @@
1
1
  import { AuthServiceError } from '../../core/services/auth-error';
2
2
  import { assertBearerOnlyActorPolicy, resolveAccessTokenTransportAdapter, } from '../shared/direct-auth-utils';
3
3
  import { withPagesAuthRoute } from './wrapper';
4
+ /**
5
+ * Wraps a Next.js Pages API route with access-token authentication and
6
+ * standardized auth/system error handling.
7
+ *
8
+ * Handler output behavior:
9
+ * - Return a non-`undefined` value to send `200` with `res.json(output)`.
10
+ * - Return `undefined` to send `204`.
11
+ * - If your handler already finished the response (for example by calling
12
+ * `res.status(...).json(...)` directly), the wrapper does not overwrite it.
13
+ */
4
14
  export function withPagesProtectedRoute(options) {
5
15
  const accessTokenTransportAdapter = resolveAccessTokenTransportAdapter(options.accessTokenTransport);
6
16
  return withPagesAuthRoute({