alepha 0.13.2 → 0.13.3

package/dist/server/index.d.ts

@@ -1,6 +1,6 @@
 import * as alepha19 from "alepha";
 import { Alepha, AlephaError, Async, FileLike, KIND, Primitive, Static, StreamLike, TArray, TFile, TObject, TRecord, TSchema, TStream, TString, TVoid } from "alepha";
-import * as alepha_logger6 from "alepha/logger";
+import * as alepha_logger0 from "alepha/logger";
 import { Readable } from "node:stream";
 import { DateTimeProvider, DurationLike } from "alepha/datetime";
 import { ReadableStream } from "node:stream/web";
@@ -226,7 +226,7 @@ declare class ServerRequestParser {
 //#region src/server/providers/ServerTimingProvider.d.ts
 type TimingMap = Record<string, [number, number]>;
 declare class ServerTimingProvider {
-  protected readonly log: alepha_logger6.Logger;
+  protected readonly log: alepha_logger0.Logger;
   protected readonly alepha: Alepha;
   options: {
     prefix: string;
@@ -249,7 +249,7 @@ declare class ServerTimingProvider {
  * - $page => React route (for SSR)
  */
 declare class ServerRouterProvider extends RouterProvider<ServerRouteMatcher> {
-  protected readonly log: alepha_logger6.Logger;
+  protected readonly log: alepha_logger0.Logger;
   protected readonly alepha: Alepha;
   protected readonly routes: ServerRoute[];
   protected readonly serverTimingProvider: ServerTimingProvider;
@@ -288,7 +288,7 @@ declare class ServerRouterProvider extends RouterProvider<ServerRouteMatcher> {
  * ServerProvider supports both Node.js HTTP requests and Web (Fetch API) requests.
  */
 declare class ServerProvider {
-  protected readonly log: alepha_logger6.Logger;
+  protected readonly log: alepha_logger0.Logger;
   protected readonly alepha: Alepha;
   protected readonly dateTimeProvider: DateTimeProvider;
   protected readonly router: ServerRouterProvider;
@@ -320,7 +320,7 @@ declare class ServerProvider {
 //#endregion
 //#region src/server/services/HttpClient.d.ts
 declare class HttpClient {
-  protected readonly log: alepha_logger6.Logger;
+  protected readonly log: alepha_logger0.Logger;
   protected readonly alepha: Alepha;
   readonly cache: alepha_cache0.CachePrimitiveFn<HttpClientCache, any[]>;
   protected readonly pendingRequests: HttpClientPendingRequests;
@@ -527,7 +527,7 @@ interface ActionPrimitiveOptions<TConfig extends RequestConfigSchema> extends Om
   handler: ServerActionHandler<TConfig>;
 }
 declare class ActionPrimitive<TConfig extends RequestConfigSchema> extends Primitive<ActionPrimitiveOptions<TConfig>> {
-  protected readonly log: alepha_logger6.Logger;
+  protected readonly log: alepha_logger0.Logger;
   protected readonly env: {
     SERVER_API_PREFIX: string;
   };
@@ -676,7 +676,7 @@ declare const Bun: any;
 declare class BunHttpServerProvider extends ServerProvider {
   protected readonly alepha: Alepha;
   protected readonly dateTimeProvider: DateTimeProvider;
-  protected readonly log: alepha_logger6.Logger;
+  protected readonly log: alepha_logger0.Logger;
   protected readonly env: {
     SERVER_PORT: number;
     SERVER_HOST: string;
@@ -701,7 +701,7 @@ declare module "alepha" {
 declare class NodeHttpServerProvider extends ServerProvider {
   protected readonly alepha: Alepha;
   protected readonly dateTimeProvider: DateTimeProvider;
-  protected readonly log: alepha_logger6.Logger;
+  protected readonly log: alepha_logger0.Logger;
   protected readonly env: {
     SERVER_PORT: number;
     SERVER_HOST: string;
@@ -718,7 +718,7 @@ declare class NodeHttpServerProvider extends ServerProvider {
 //#endregion
 //#region src/server/providers/ServerLoggerProvider.d.ts
 declare class ServerLoggerProvider {
-  protected readonly log: alepha_logger6.Logger;
+  protected readonly log: alepha_logger0.Logger;
   protected readonly alepha: Alepha;
   readonly onRequest: alepha19.HookPrimitive<"server:onRequest">;
   readonly onError: alepha19.HookPrimitive<"server:onError">;

package/dist/server-auth/index.d.ts

@@ -1,4 +1,4 @@
-import * as alepha198 from "alepha";
+import * as alepha147 from "alepha";
 import { Alepha, Async, KIND, Primitive, Static } from "alepha";
 import * as alepha_server_cookies0 from "alepha/server/cookies";
 import { Cookies, ServerCookiesProvider } from "alepha/server/cookies";
@@ -20,82 +20,82 @@ declare const alephaServerAuthRoutes: {
 };
 //#endregion
 //#region src/server-auth/schemas/authenticationProviderSchema.d.ts
-declare const authenticationProviderSchema: alepha198.TObject<{
-  name: alepha198.TString;
-  type: alepha198.TUnsafe<"OAUTH2" | "OIDC" | "CREDENTIALS">;
+declare const authenticationProviderSchema: alepha147.TObject<{
+  name: alepha147.TString;
+  type: alepha147.TUnsafe<"OAUTH2" | "OIDC" | "CREDENTIALS">;
 }>;
 type AuthenticationProvider = Static<typeof authenticationProviderSchema>;
 //#endregion
 //#region src/server-auth/schemas/tokenResponseSchema.d.ts
-declare const tokenResponseSchema: alepha198.TObject<{
-  provider: alepha198.TString;
-  access_token: alepha198.TString;
-  issued_at: alepha198.TNumber;
-  expires_in: alepha198.TOptional<alepha198.TNumber>;
-  refresh_token: alepha198.TOptional<alepha198.TString>;
-  refresh_token_expires_in: alepha198.TOptional<alepha198.TNumber>;
-  refresh_expires_in: alepha198.TOptional<alepha198.TNumber>;
-  id_token: alepha198.TOptional<alepha198.TString>;
-  scope: alepha198.TOptional<alepha198.TString>;
-  user: alepha198.TObject<{
-    id: alepha198.TString;
-    name: alepha198.TOptional<alepha198.TString>;
-    email: alepha198.TOptional<alepha198.TString>;
-    username: alepha198.TOptional<alepha198.TString>;
-    picture: alepha198.TOptional<alepha198.TString>;
-    sessionId: alepha198.TOptional<alepha198.TString>;
-    organizations: alepha198.TOptional<alepha198.TArray<alepha198.TString>>;
-    roles: alepha198.TOptional<alepha198.TArray<alepha198.TString>>;
+declare const tokenResponseSchema: alepha147.TObject<{
+  provider: alepha147.TString;
+  access_token: alepha147.TString;
+  issued_at: alepha147.TNumber;
+  expires_in: alepha147.TOptional<alepha147.TNumber>;
+  refresh_token: alepha147.TOptional<alepha147.TString>;
+  refresh_token_expires_in: alepha147.TOptional<alepha147.TNumber>;
+  refresh_expires_in: alepha147.TOptional<alepha147.TNumber>;
+  id_token: alepha147.TOptional<alepha147.TString>;
+  scope: alepha147.TOptional<alepha147.TString>;
+  user: alepha147.TObject<{
+    id: alepha147.TString;
+    name: alepha147.TOptional<alepha147.TString>;
+    email: alepha147.TOptional<alepha147.TString>;
+    username: alepha147.TOptional<alepha147.TString>;
+    picture: alepha147.TOptional<alepha147.TString>;
+    sessionId: alepha147.TOptional<alepha147.TString>;
+    organizations: alepha147.TOptional<alepha147.TArray<alepha147.TString>>;
+    roles: alepha147.TOptional<alepha147.TArray<alepha147.TString>>;
   }>;
-  api: alepha198.TObject<{
-    prefix: alepha198.TOptional<alepha198.TString>;
-    links: alepha198.TArray<alepha198.TObject<{
-      name: alepha198.TString;
-      group: alepha198.TOptional<alepha198.TString>;
-      path: alepha198.TString;
-      method: alepha198.TOptional<alepha198.TString>;
-      requestBodyType: alepha198.TOptional<alepha198.TString>;
-      service: alepha198.TOptional<alepha198.TString>;
+  api: alepha147.TObject<{
+    prefix: alepha147.TOptional<alepha147.TString>;
+    links: alepha147.TArray<alepha147.TObject<{
+      name: alepha147.TString;
+      group: alepha147.TOptional<alepha147.TString>;
+      path: alepha147.TString;
+      method: alepha147.TOptional<alepha147.TString>;
+      requestBodyType: alepha147.TOptional<alepha147.TString>;
+      service: alepha147.TOptional<alepha147.TString>;
     }>>;
   }>;
 }>;
 type TokenResponse = Static<typeof tokenResponseSchema>;
 //#endregion
 //#region src/server-auth/schemas/tokensSchema.d.ts
-declare const tokensSchema: alepha198.TObject<{
-  provider: alepha198.TString;
-  access_token: alepha198.TString;
-  issued_at: alepha198.TNumber;
-  expires_in: alepha198.TOptional<alepha198.TNumber>;
-  refresh_token: alepha198.TOptional<alepha198.TString>;
-  refresh_token_expires_in: alepha198.TOptional<alepha198.TNumber>;
-  refresh_expires_in: alepha198.TOptional<alepha198.TNumber>;
-  id_token: alepha198.TOptional<alepha198.TString>;
-  scope: alepha198.TOptional<alepha198.TString>;
+declare const tokensSchema: alepha147.TObject<{
+  provider: alepha147.TString;
+  access_token: alepha147.TString;
+  issued_at: alepha147.TNumber;
+  expires_in: alepha147.TOptional<alepha147.TNumber>;
+  refresh_token: alepha147.TOptional<alepha147.TString>;
+  refresh_token_expires_in: alepha147.TOptional<alepha147.TNumber>;
+  refresh_expires_in: alepha147.TOptional<alepha147.TNumber>;
+  id_token: alepha147.TOptional<alepha147.TString>;
+  scope: alepha147.TOptional<alepha147.TString>;
 }>;
 type Tokens = Static<typeof tokensSchema>;
 //#endregion
 //#region src/server-auth/schemas/userinfoResponseSchema.d.ts
-declare const userinfoResponseSchema: alepha198.TObject<{
-  user: alepha198.TOptional<alepha198.TObject<{
-    id: alepha198.TString;
-    name: alepha198.TOptional<alepha198.TString>;
-    email: alepha198.TOptional<alepha198.TString>;
-    username: alepha198.TOptional<alepha198.TString>;
-    picture: alepha198.TOptional<alepha198.TString>;
-    sessionId: alepha198.TOptional<alepha198.TString>;
-    organizations: alepha198.TOptional<alepha198.TArray<alepha198.TString>>;
-    roles: alepha198.TOptional<alepha198.TArray<alepha198.TString>>;
+declare const userinfoResponseSchema: alepha147.TObject<{
+  user: alepha147.TOptional<alepha147.TObject<{
+    id: alepha147.TString;
+    name: alepha147.TOptional<alepha147.TString>;
+    email: alepha147.TOptional<alepha147.TString>;
+    username: alepha147.TOptional<alepha147.TString>;
+    picture: alepha147.TOptional<alepha147.TString>;
+    sessionId: alepha147.TOptional<alepha147.TString>;
+    organizations: alepha147.TOptional<alepha147.TArray<alepha147.TString>>;
+    roles: alepha147.TOptional<alepha147.TArray<alepha147.TString>>;
   }>>;
-  api: alepha198.TObject<{
-    prefix: alepha198.TOptional<alepha198.TString>;
-    links: alepha198.TArray<alepha198.TObject<{
-      name: alepha198.TString;
-      group: alepha198.TOptional<alepha198.TString>;
-      path: alepha198.TString;
-      method: alepha198.TOptional<alepha198.TString>;
-      requestBodyType: alepha198.TOptional<alepha198.TString>;
-      service: alepha198.TOptional<alepha198.TString>;
+  api: alepha147.TObject<{
+    prefix: alepha147.TOptional<alepha147.TString>;
+    links: alepha147.TArray<alepha147.TObject<{
+      name: alepha147.TString;
+      group: alepha147.TOptional<alepha147.TString>;
+      path: alepha147.TString;
+      method: alepha147.TOptional<alepha147.TString>;
+      requestBodyType: alepha147.TOptional<alepha147.TString>;
+      service: alepha147.TOptional<alepha147.TString>;
     }>>;
   }>;
 }>;
@@ -108,34 +108,34 @@ declare class ServerAuthProvider {
   protected readonly serverCookiesProvider: ServerCookiesProvider;
   protected readonly dateTimeProvider: DateTimeProvider;
   protected readonly serverLinksProvider: ServerLinksProvider;
-  protected readonly authorizationCode: alepha_server_cookies0.AbstractCookiePrimitive<alepha198.TObject<{
-    provider: alepha198.TString;
-    codeVerifier: alepha198.TOptional<alepha198.TString>;
-    redirectUri: alepha198.TOptional<alepha198.TString>;
-    state: alepha198.TOptional<alepha198.TString>;
-    nonce: alepha198.TOptional<alepha198.TString>;
+  protected readonly authorizationCode: alepha_server_cookies0.AbstractCookiePrimitive<alepha147.TObject<{
+    provider: alepha147.TString;
+    codeVerifier: alepha147.TOptional<alepha147.TString>;
+    redirectUri: alepha147.TOptional<alepha147.TString>;
+    state: alepha147.TOptional<alepha147.TString>;
+    nonce: alepha147.TOptional<alepha147.TString>;
   }>>;
-  readonly tokens: alepha_server_cookies0.AbstractCookiePrimitive<alepha198.TObject<{
-    provider: alepha198.TString;
-    access_token: alepha198.TString;
-    issued_at: alepha198.TNumber;
-    expires_in: alepha198.TOptional<alepha198.TNumber>;
-    refresh_token: alepha198.TOptional<alepha198.TString>;
-    refresh_token_expires_in: alepha198.TOptional<alepha198.TNumber>;
-    refresh_expires_in: alepha198.TOptional<alepha198.TNumber>;
-    id_token: alepha198.TOptional<alepha198.TString>;
-    scope: alepha198.TOptional<alepha198.TString>;
+  readonly tokens: alepha_server_cookies0.AbstractCookiePrimitive<alepha147.TObject<{
+    provider: alepha147.TString;
+    access_token: alepha147.TString;
+    issued_at: alepha147.TNumber;
+    expires_in: alepha147.TOptional<alepha147.TNumber>;
+    refresh_token: alepha147.TOptional<alepha147.TString>;
+    refresh_token_expires_in: alepha147.TOptional<alepha147.TNumber>;
+    refresh_expires_in: alepha147.TOptional<alepha147.TNumber>;
+    id_token: alepha147.TOptional<alepha147.TString>;
+    scope: alepha147.TOptional<alepha147.TString>;
   }>>;
   get identities(): Array<AuthPrimitive>;
   getAuthenticationProviders(filters?: {
     realmName?: string;
   }): AuthenticationProvider[];
-  protected readonly configure: alepha198.HookPrimitive<"configure">;
+  protected readonly configure: alepha147.HookPrimitive<"configure">;
   protected getAccessTokens(tokens: Tokens): string | undefined;
   /**
    * Fill request headers with access token from cookies or fallback to provider's fallback function.
    */
-  protected readonly onRequest: alepha198.HookPrimitive<"server:onRequest">;
+  protected readonly onRequest: alepha147.HookPrimitive<"server:onRequest">;
   /**
    * Convert cookies to tokens.
    * If the tokens are expired, try to refresh them using the refresh token.
@@ -146,26 +146,26 @@ declare class ServerAuthProvider {
    * Get user information.
    */
   readonly userinfo: alepha_server0.RoutePrimitive<{
-    response: alepha198.TObject<{
-      user: alepha198.TOptional<alepha198.TObject<{
-        id: alepha198.TString;
-        name: alepha198.TOptional<alepha198.TString>;
-        email: alepha198.TOptional<alepha198.TString>;
-        username: alepha198.TOptional<alepha198.TString>;
-        picture: alepha198.TOptional<alepha198.TString>;
-        sessionId: alepha198.TOptional<alepha198.TString>;
-        organizations: alepha198.TOptional<alepha198.TArray<alepha198.TString>>;
-        roles: alepha198.TOptional<alepha198.TArray<alepha198.TString>>;
+    response: alepha147.TObject<{
+      user: alepha147.TOptional<alepha147.TObject<{
+        id: alepha147.TString;
+        name: alepha147.TOptional<alepha147.TString>;
+        email: alepha147.TOptional<alepha147.TString>;
+        username: alepha147.TOptional<alepha147.TString>;
+        picture: alepha147.TOptional<alepha147.TString>;
+        sessionId: alepha147.TOptional<alepha147.TString>;
+        organizations: alepha147.TOptional<alepha147.TArray<alepha147.TString>>;
+        roles: alepha147.TOptional<alepha147.TArray<alepha147.TString>>;
       }>>;
-      api: alepha198.TObject<{
-        prefix: alepha198.TOptional<alepha198.TString>;
-        links: alepha198.TArray<alepha198.TObject<{
-          name: alepha198.TString;
-          group: alepha198.TOptional<alepha198.TString>;
-          path: alepha198.TString;
-          method: alepha198.TOptional<alepha198.TString>;
-          requestBodyType: alepha198.TOptional<alepha198.TString>;
-          service: alepha198.TOptional<alepha198.TString>;
+      api: alepha147.TObject<{
+        prefix: alepha147.TOptional<alepha147.TString>;
+        links: alepha147.TArray<alepha147.TObject<{
+          name: alepha147.TString;
+          group: alepha147.TOptional<alepha147.TString>;
+          path: alepha147.TString;
+          method: alepha147.TOptional<alepha147.TString>;
+          requestBodyType: alepha147.TOptional<alepha147.TString>;
+          service: alepha147.TOptional<alepha147.TString>;
         }>>;
       }>;
     }>;
@@ -174,65 +174,65 @@ declare class ServerAuthProvider {
    * Refresh a token for internal providers.
    */
   readonly refresh: alepha_server0.RoutePrimitive<{
-    query: alepha198.TObject<{
-      provider: alepha198.TString;
+    query: alepha147.TObject<{
+      provider: alepha147.TString;
     }>;
-    body: alepha198.TObject<{
-      refresh_token: alepha198.TString;
-      access_token: alepha198.TOptional<alepha198.TString>;
+    body: alepha147.TObject<{
+      refresh_token: alepha147.TString;
+      access_token: alepha147.TOptional<alepha147.TString>;
     }>;
-    response: alepha198.TObject<{
-      provider: alepha198.TString;
-      access_token: alepha198.TString;
-      issued_at: alepha198.TNumber;
-      expires_in: alepha198.TOptional<alepha198.TNumber>;
-      refresh_token: alepha198.TOptional<alepha198.TString>;
-      refresh_token_expires_in: alepha198.TOptional<alepha198.TNumber>;
-      refresh_expires_in: alepha198.TOptional<alepha198.TNumber>;
-      id_token: alepha198.TOptional<alepha198.TString>;
-      scope: alepha198.TOptional<alepha198.TString>;
+    response: alepha147.TObject<{
+      provider: alepha147.TString;
+      access_token: alepha147.TString;
+      issued_at: alepha147.TNumber;
+      expires_in: alepha147.TOptional<alepha147.TNumber>;
+      refresh_token: alepha147.TOptional<alepha147.TString>;
+      refresh_token_expires_in: alepha147.TOptional<alepha147.TNumber>;
+      refresh_expires_in: alepha147.TOptional<alepha147.TNumber>;
+      id_token: alepha147.TOptional<alepha147.TString>;
+      scope: alepha147.TOptional<alepha147.TString>;
     }>;
   }>;
   /**
    * Login for local password-based authentication.
    */
   readonly token: alepha_server0.RoutePrimitive<{
-    query: alepha198.TObject<{
-      provider: alepha198.TString;
+    query: alepha147.TObject<{
+      provider: alepha147.TString;
     }>;
-    body: alepha198.TObject<{
-      username: alepha198.TString;
-      password: alepha198.TString;
+    body: alepha147.TObject<{
+      username: alepha147.TString;
+      password: alepha147.TString;
     }>;
-    response: alepha198.TObject<{
-      provider: alepha198.TString;
-      access_token: alepha198.TString;
-      issued_at: alepha198.TNumber;
-      expires_in: alepha198.TOptional<alepha198.TNumber>;
-      refresh_token: alepha198.TOptional<alepha198.TString>;
-      refresh_token_expires_in: alepha198.TOptional<alepha198.TNumber>;
-      refresh_expires_in: alepha198.TOptional<alepha198.TNumber>;
-      id_token: alepha198.TOptional<alepha198.TString>;
-      scope: alepha198.TOptional<alepha198.TString>;
-      user: alepha198.TObject<{
-        id: alepha198.TString;
-        name: alepha198.TOptional<alepha198.TString>;
-        email: alepha198.TOptional<alepha198.TString>;
-        username: alepha198.TOptional<alepha198.TString>;
-        picture: alepha198.TOptional<alepha198.TString>;
-        sessionId: alepha198.TOptional<alepha198.TString>;
-        organizations: alepha198.TOptional<alepha198.TArray<alepha198.TString>>;
-        roles: alepha198.TOptional<alepha198.TArray<alepha198.TString>>;
+    response: alepha147.TObject<{
+      provider: alepha147.TString;
+      access_token: alepha147.TString;
+      issued_at: alepha147.TNumber;
+      expires_in: alepha147.TOptional<alepha147.TNumber>;
+      refresh_token: alepha147.TOptional<alepha147.TString>;
+      refresh_token_expires_in: alepha147.TOptional<alepha147.TNumber>;
+      refresh_expires_in: alepha147.TOptional<alepha147.TNumber>;
+      id_token: alepha147.TOptional<alepha147.TString>;
+      scope: alepha147.TOptional<alepha147.TString>;
+      user: alepha147.TObject<{
+        id: alepha147.TString;
+        name: alepha147.TOptional<alepha147.TString>;
+        email: alepha147.TOptional<alepha147.TString>;
+        username: alepha147.TOptional<alepha147.TString>;
+        picture: alepha147.TOptional<alepha147.TString>;
+        sessionId: alepha147.TOptional<alepha147.TString>;
+        organizations: alepha147.TOptional<alepha147.TArray<alepha147.TString>>;
+        roles: alepha147.TOptional<alepha147.TArray<alepha147.TString>>;
       }>;
-      api: alepha198.TObject<{
-        prefix: alepha198.TOptional<alepha198.TString>;
-        links: alepha198.TArray<alepha198.TObject<{
-          name: alepha198.TString;
-          group: alepha198.TOptional<alepha198.TString>;
-          path: alepha198.TString;
-          method: alepha198.TOptional<alepha198.TString>;
-          requestBodyType: alepha198.TOptional<alepha198.TString>;
-          service: alepha198.TOptional<alepha198.TString>;
+      api: alepha147.TObject<{
+        prefix: alepha147.TOptional<alepha147.TString>;
+        links: alepha147.TArray<alepha147.TObject<{
+          name: alepha147.TString;
+          group: alepha147.TOptional<alepha147.TString>;
+          path: alepha147.TString;
+          method: alepha147.TOptional<alepha147.TString>;
+          requestBodyType: alepha147.TOptional<alepha147.TString>;
+          service: alepha147.TOptional<alepha147.TString>;
         }>>;
       }>;
     }>;
@@ -241,9 +241,9 @@ declare class ServerAuthProvider {
    * Oauth2/OIDC login route.
    */
   readonly login: alepha_server0.RoutePrimitive<{
-    query: alepha198.TObject<{
-      provider: alepha198.TString;
-      redirect_uri: alepha198.TOptional<alepha198.TString>;
+    query: alepha147.TObject<{
+      provider: alepha147.TString;
+      redirect_uri: alepha147.TOptional<alepha147.TString>;
     }>;
   }>;
   /**
@@ -255,8 +255,8 @@ declare class ServerAuthProvider {
    * Logout route for OAuth2/OIDC providers.
    */
   readonly logout: alepha_server0.RoutePrimitive<{
-    query: alepha198.TObject<{
-      post_logout_redirect_uri: alepha198.TOptional<alepha198.TString>;
+    query: alepha147.TObject<{
+      post_logout_redirect_uri: alepha147.TOptional<alepha147.TString>;
     }>;
   }>;
   protected provider(opts: string | {
@@ -577,7 +577,7 @@ declare module "alepha" {
  * @see {@link ServerAuthProvider}
  * @module alepha.server.auth
  */
-declare const AlephaServerAuth: alepha198.Service<alepha198.Module>;
+declare const AlephaServerAuth: alepha147.Service<alepha147.Module>;
 //#endregion
 export { $auth, $authCredentials, $authGithub, $authGoogle, AccessToken, AlephaServerAuth, AuthExternal, AuthInternal, AuthPrimitive, AuthPrimitiveOptions, AuthenticationProvider, Credentials, CredentialsFn, CredentialsOptions, LinkAccountFn, LinkAccountOptions, OAuth2Options, OAuth2Profile, OidcOptions, ServerAuthProvider, TokenResponse, Tokens, UserinfoResponse, WithLinkFn, WithLoginFn, alephaServerAuthRoutes, authenticationProviderSchema, tokenResponseSchema, tokensSchema, userinfoResponseSchema };
 //# sourceMappingURL=index.d.ts.map

package/dist/server-cookies/index.js

@@ -1,4 +1,4 @@
-import { $env, $hook, $inject, $module, Alepha, KIND, Primitive, createPrimitive, t } from "alepha";
+import { $env, $hook, $inject, $module, Alepha, AlephaError, KIND, Primitive, createPrimitive, t } from "alepha";
 import { AlephaServer } from "alepha/server";
 import { createCipheriv, createDecipheriv, createHmac, randomBytes, timingSafeEqual } from "node:crypto";
 import { deflateRawSync, inflateRawSync } from "node:zlib";
@@ -87,7 +87,7 @@ var ServerCookiesProvider = class {
 		const contextCookies = this.alepha.context.get("request")?.cookies;
 		if (cookies) return cookies;
 		if (contextCookies) return contextCookies;
-		throw new Error("Cookie context is not available. This method must be called within a server request cycle.");
+		throw new AlephaError("Cookie context is not available. This method must be called within a server request cycle.");
 	}
 	getCookie(name, options, contextCookies) {
 		const cookies = this.getCookiesFromContext(contextCookies);

package/dist/server-cookies/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","names":["cookies: Record<string, string>","parts: string[]","cookie: Cookie"],"sources":["../../src/server-cookies/services/CookieParser.ts","../../src/server-cookies/providers/ServerCookiesProvider.ts","../../src/server-cookies/primitives/$cookie.ts","../../src/server-cookies/index.ts"],"sourcesContent":["import type { Cookie } from \"../primitives/$cookie.ts\";\n\nexport class CookieParser {\n  public parseRequestCookies(header: string): Record<string, string> {\n    const cookies: Record<string, string> = {};\n    const parts = header.split(\";\");\n    for (const part of parts) {\n      const [key, value] = part.split(\"=\");\n      if (!key || !value) {\n        continue;\n      }\n\n      cookies[key.trim()] = value.trim();\n    }\n\n    return cookies;\n  }\n\n  public serializeResponseCookies(\n    cookies: Record<string, Cookie | null>,\n    isHttps: boolean,\n  ): string[] {\n    const headers = [];\n\n    for (const [name, cookie] of Object.entries(cookies)) {\n      // If the cookie is null, we need to delete it\n      if (cookie == null) {\n        headers.push(`${name}=; Path=/; Max-Age=0`);\n        continue;\n      }\n\n      if (!cookie.value) {\n        continue;\n      }\n\n      headers.push(this.cookieToString(name, cookie, isHttps));\n    }\n\n    return headers;\n  }\n\n  public cookieToString(\n    name: string,\n    cookie: Cookie,\n    isHttps?: boolean,\n  ): string {\n    const parts: string[] = [];\n\n    parts.push(`${name}=${cookie.value}`);\n\n    if (cookie.path) {\n      parts.push(`Path=${cookie.path}`);\n    }\n    if (cookie.maxAge) {\n      parts.push(`Max-Age=${cookie.maxAge}`);\n    }\n    if (cookie.secure !== false && isHttps) {\n      parts.push(\"Secure\");\n    }\n    if (cookie.httpOnly) {\n      parts.push(\"HttpOnly\");\n    }\n    if (cookie.sameSite) {\n      parts.push(`SameSite=${cookie.sameSite}`);\n    }\n    if (cookie.domain) {\n      parts.push(`Domain=${cookie.domain}`);\n    }\n\n    return parts.join(\"; \");\n  }\n}\n","import {\n  createCipheriv,\n  createDecipheriv,\n  createHmac,\n  randomBytes,\n  timingSafeEqual,\n} from \"node:crypto\";\nimport { deflateRawSync, inflateRawSync } from \"node:zlib\";\nimport {\n  $env,\n  $hook,\n  $inject,\n  Alepha,\n  type Static,\n  type TSchema,\n  t,\n} from \"alepha\";\nimport { DateTimeProvider } from \"alepha/datetime\";\nimport { $logger } from \"alepha/logger\";\nimport { DEFAULT_APP_SECRET } from \"alepha/security\";\nimport type { ServerRequest } from \"alepha/server\";\nimport type {\n  Cookie,\n  CookiePrimitiveOptions,\n  Cookies,\n} from \"../primitives/$cookie.ts\";\nimport { CookieParser } from \"../services/CookieParser.ts\";\n\nconst envSchema = t.object({\n  APP_SECRET: t.text({\n    default: DEFAULT_APP_SECRET,\n  }),\n});\n\nexport class ServerCookiesProvider {\n  protected readonly alepha = $inject(Alepha);\n  protected readonly log = $logger();\n  protected readonly cookieParser = $inject(CookieParser);\n  protected readonly dateTimeProvider = $inject(DateTimeProvider);\n  protected readonly env = $env(envSchema);\n\n  // crypto constants\n  protected readonly ALGORITHM = \"aes-256-gcm\";\n  protected readonly IV_LENGTH = 16; // For GCM\n  protected readonly AUTH_TAG_LENGTH = 16;\n  protected readonly SIGNATURE_LENGTH = 32; // For SHA256\n\n  public readonly onRequest = $hook({\n    on: \"server:onRequest\",\n    handler: async ({ request }) => {\n      request.cookies = {\n        req: this.cookieParser.parseRequestCookies(\n          request.headers.cookie ?? \"\",\n        ),\n        res: {},\n      };\n    },\n  });\n\n  public readonly onAction = $hook({\n    on: \"action:onRequest\",\n    handler: async ({ request }) => {\n      request.cookies = {\n        req: this.cookieParser.parseRequestCookies(\n          request.headers.cookie ?? \"\",\n        ),\n        res: {},\n      };\n    },\n  });\n\n  public readonly onSend = $hook({\n    on: \"server:onSend\",\n    handler: async ({ request }) => {\n      if (request.cookies && Object.keys(request.cookies.res).length > 0) {\n        const setCookieHeaders = this.cookieParser.serializeResponseCookies(\n          request.cookies.res,\n          request.url.protocol === \"https:\",\n        );\n        if (setCookieHeaders.length > 0) {\n          request.reply.headers[\"set-cookie\"] = setCookieHeaders;\n        }\n      }\n    },\n  });\n\n  protected getCookiesFromContext(cookies?: Cookies): Cookies {\n    const contextCookies =\n      this.alepha.context.get<ServerRequest>(\"request\")?.cookies;\n    if (cookies) return cookies;\n    if (contextCookies) return contextCookies;\n    throw new Error(\n      \"Cookie context is not available. This method must be called within a server request cycle.\",\n    );\n  }\n\n  public getCookie<T extends TSchema>(\n    name: string,\n    options: CookiePrimitiveOptions<T>,\n    contextCookies?: Cookies,\n  ): Static<T> | undefined {\n    const cookies = this.getCookiesFromContext(contextCookies);\n    let rawValue = cookies.req[name];\n\n    if (!rawValue) return undefined;\n\n    try {\n      rawValue = decodeURIComponent(rawValue);\n\n      if (options.sign) {\n        const signature = rawValue.substring(0, this.SIGNATURE_LENGTH * 2);\n        const value = rawValue.substring(this.SIGNATURE_LENGTH * 2);\n        const expectedSignature = this.sign(value);\n\n        if (\n          !timingSafeEqual(\n            Buffer.from(signature, \"hex\"),\n            Buffer.from(expectedSignature, \"hex\"),\n          )\n        ) {\n          this.log.warn(`Invalid signature for cookie \"${name}\".`);\n          return undefined;\n        }\n        rawValue = value;\n      }\n\n      if (options.encrypt) {\n        rawValue = this.decrypt(rawValue);\n      }\n\n      if (options.compress) {\n        rawValue = inflateRawSync(Buffer.from(rawValue, \"base64\")).toString(\n          \"utf8\",\n        );\n      }\n\n      return this.alepha.codec.decode(options.schema, JSON.parse(rawValue));\n    } catch (error) {\n      this.log.warn(`Failed to parse cookie \"${name}\"`, error);\n      // corrupted or invalid cookie, instruct browser to delete it on next response\n      this.deleteCookie(name, cookies);\n      return undefined;\n    }\n  }\n\n  public setCookie<T extends TSchema>(\n    name: string,\n    options: CookiePrimitiveOptions<T>,\n    data: Static<T>,\n    contextCookies?: Cookies,\n  ): void {\n    const cookies = this.getCookiesFromContext(contextCookies);\n    let value = JSON.stringify(this.alepha.codec.decode(options.schema, data));\n\n    if (options.compress) {\n      value = deflateRawSync(value).toString(\"base64\");\n    }\n\n    if (options.encrypt) {\n      value = this.encrypt(value);\n    }\n\n    if (options.sign) {\n      value = this.sign(value) + value;\n    }\n\n    const cookie: Cookie = {\n      value: encodeURIComponent(value),\n      path: options.path ?? \"/\",\n      sameSite: options.sameSite ?? \"lax\",\n      secure: options.secure ?? this.alepha.isProduction(),\n      httpOnly: options.httpOnly,\n      domain: options.domain,\n    };\n\n    if (options.ttl) {\n      cookie.maxAge = this.dateTimeProvider.duration(options.ttl).as(\"seconds\");\n    }\n\n    cookies.res[name] = cookie;\n  }\n\n  public deleteCookie<T extends TSchema>(\n    name: string,\n    contextCookies?: Cookies,\n  ): void {\n    const cookies = this.getCookiesFromContext(contextCookies);\n    cookies.res[name] = null;\n  }\n\n  // --- Crypto & Parsing ---\n\n  protected encrypt(text: string): string {\n    const iv = randomBytes(this.IV_LENGTH);\n    const cipher = createCipheriv(\n      this.ALGORITHM,\n      Buffer.from(this.secretKey()),\n      iv,\n    );\n    const encrypted = Buffer.concat([\n      cipher.update(text, \"utf8\"),\n      cipher.final(),\n    ]);\n    const authTag = cipher.getAuthTag();\n    return Buffer.concat([iv, authTag, encrypted]).toString(\"base64\");\n  }\n\n  protected decrypt(encryptedText: string): string {\n    const data = Buffer.from(encryptedText, \"base64\");\n    const iv = data.subarray(0, this.IV_LENGTH);\n    const authTag = data.subarray(\n      this.IV_LENGTH,\n      this.IV_LENGTH + this.AUTH_TAG_LENGTH,\n    );\n\n    const encrypted = data.subarray(this.IV_LENGTH + this.AUTH_TAG_LENGTH);\n    const decipher = createDecipheriv(\n      this.ALGORITHM,\n      Buffer.from(this.secretKey()),\n      iv,\n    );\n\n    decipher.setAuthTag(authTag);\n\n    const decrypted = Buffer.concat([\n      decipher.update(encrypted),\n      decipher.final(),\n    ]);\n\n    return decrypted.toString(\"utf8\");\n  }\n\n  public secretKey(): string {\n    let secret = this.env.APP_SECRET;\n    if (secret.length < 32) {\n      // pad secret to 32 bytes\n      secret = secret.padEnd(32, \"0\");\n    } else if (secret.length > 32) {\n      // truncate secret to 32 bytes\n      secret = secret.substring(0, 32);\n    }\n    return secret;\n  }\n\n  protected sign(data: string): string {\n    return createHmac(\"sha256\", this.secretKey()).update(data).digest(\"hex\");\n  }\n}\n","import {\n  $inject,\n  createPrimitive,\n  KIND,\n  Primitive,\n  type Static,\n  type TSchema,\n} from \"alepha\";\nimport type { DurationLike } from \"alepha/datetime\";\nimport { ServerCookiesProvider } from \"../providers/ServerCookiesProvider.ts\";\n\n/**\n * Declares a type-safe, configurable HTTP cookie.\n * This primitive provides methods to get, set, and delete the cookie\n * within the server request/response cycle.\n */\nexport const $cookie = <T extends TSchema>(\n  options: CookiePrimitiveOptions<T>,\n): AbstractCookiePrimitive<T> => {\n  return createPrimitive(CookiePrimitive<T>, options);\n};\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport interface CookiePrimitiveOptions<T extends TSchema> {\n  /** The schema for the cookie's value, used for validation and type safety. */\n  schema: T;\n\n  /** The name of the cookie. */\n  name?: string;\n\n  /** The cookie's path. Defaults to \"/\". */\n  path?: string;\n\n  /** Time-to-live for the cookie. Maps to `Max-Age`. */\n  ttl?: DurationLike;\n\n  /** If true, the cookie is only sent over HTTPS. Defaults to true in production. */\n  secure?: boolean;\n\n  /** If true, the cookie cannot be accessed by client-side scripts. */\n  httpOnly?: boolean;\n\n  /** SameSite policy for the cookie. Defaults to \"lax\". */\n  sameSite?: \"strict\" | \"lax\" | \"none\";\n\n  /** The domain for the cookie. */\n  domain?: string;\n\n  /** If true, the cookie value will be compressed using zlib. */\n  compress?: boolean;\n\n  /** If true, the cookie value will be encrypted. Requires `COOKIE_SECRET` env var. */\n  encrypt?: boolean;\n\n  /** If true, the cookie will be signed to prevent tampering. Requires `COOKIE_SECRET` env var. */\n  sign?: boolean;\n}\n\nexport interface AbstractCookiePrimitive<T extends TSchema> {\n  readonly name: string;\n  readonly options: CookiePrimitiveOptions<T>;\n  set(\n    value: Static<T>,\n    options?: { cookies?: Cookies; ttl?: DurationLike },\n  ): void;\n  get(options?: { cookies?: Cookies }): Static<T> | undefined;\n  del(options?: { cookies?: Cookies }): void;\n}\n\nexport class CookiePrimitive<T extends TSchema>\n  extends Primitive<CookiePrimitiveOptions<T>>\n  implements AbstractCookiePrimitive<T>\n{\n  protected readonly serverCookiesProvider = $inject(ServerCookiesProvider);\n\n  public get schema(): T {\n    return this.options.schema;\n  }\n\n  public get name(): string {\n    return this.options.name ?? `${this.config.propertyKey}`;\n  }\n\n  /**\n   * Sets the cookie with the given value in the current request's response.\n   */\n  public set(\n    value: Static<T>,\n    options?: { cookies?: Cookies; ttl?: DurationLike },\n  ): void {\n    this.serverCookiesProvider.setCookie(\n      this.name,\n      {\n        ...this.options,\n        ttl: options?.ttl ?? this.options.ttl,\n      },\n      value,\n      options?.cookies,\n    );\n  }\n\n  /**\n   * Gets the cookie value from the current request. Returns undefined if not found or invalid.\n   */\n  public get(options?: { cookies?: Cookies }): Static<T> | undefined {\n    return this.serverCookiesProvider.getCookie(\n      this.name,\n      this.options,\n      options?.cookies,\n    );\n  }\n\n  /**\n   * Deletes the cookie in the current request's response.\n   */\n  public del(options?: { cookies?: Cookies }): void {\n    this.serverCookiesProvider.deleteCookie(this.name, options?.cookies);\n  }\n}\n\n$cookie[KIND] = CookiePrimitive;\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport interface Cookies {\n  req: Record<string, string>;\n  res: Record<string, Cookie | null>;\n}\n\nexport interface Cookie {\n  value: string;\n  path?: string;\n  maxAge?: number;\n  secure?: boolean;\n  httpOnly?: boolean;\n  sameSite?: \"strict\" | \"lax\" | \"none\";\n  domain?: string;\n}\n","import { $module } from \"alepha\";\nimport { AlephaServer } from \"alepha/server\";\nimport { $cookie, type Cookies } from \"./primitives/$cookie.ts\";\nimport { ServerCookiesProvider } from \"./providers/ServerCookiesProvider.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport * from \"./primitives/$cookie.ts\";\nexport * from \"./providers/ServerCookiesProvider.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\ndeclare module \"alepha/server\" {\n  interface ServerRequest {\n    cookies: Cookies;\n  }\n}\n\n/**\n * Provides HTTP cookie management capabilities for server requests and responses with type-safe cookie primitives.\n *\n * The server-cookies module enables declarative cookie handling using the `$cookie` primitive on class properties.\n * It offers automatic cookie parsing, secure cookie configuration, and seamless integration with server routes\n * for managing user sessions, preferences, and authentication tokens.\n *\n * @see {@link $cookie}\n * @module alepha.server.cookies\n */\nexport const AlephaServerCookies = $module({\n  name: \"alepha.server.cookies\",\n  primitives: [$cookie],\n  services: [AlephaServer, ServerCookiesProvider],\n});\n"],"mappings":";;;;;;;;;AAEA,IAAa,eAAb,MAA0B;CACxB,AAAO,oBAAoB,QAAwC;EACjE,MAAMA,UAAkC,EAAE;EAC1C,MAAM,QAAQ,OAAO,MAAM,IAAI;AAC/B,OAAK,MAAM,QAAQ,OAAO;GACxB,MAAM,CAAC,KAAK,SAAS,KAAK,MAAM,IAAI;AACpC,OAAI,CAAC,OAAO,CAAC,MACX;AAGF,WAAQ,IAAI,MAAM,IAAI,MAAM,MAAM;;AAGpC,SAAO;;CAGT,AAAO,yBACL,SACA,SACU;EACV,MAAM,UAAU,EAAE;AAElB,OAAK,MAAM,CAAC,MAAM,WAAW,OAAO,QAAQ,QAAQ,EAAE;AAEpD,OAAI,UAAU,MAAM;AAClB,YAAQ,KAAK,GAAG,KAAK,sBAAsB;AAC3C;;AAGF,OAAI,CAAC,OAAO,MACV;AAGF,WAAQ,KAAK,KAAK,eAAe,MAAM,QAAQ,QAAQ,CAAC;;AAG1D,SAAO;;CAGT,AAAO,eACL,MACA,QACA,SACQ;EACR,MAAMC,QAAkB,EAAE;AAE1B,QAAM,KAAK,GAAG,KAAK,GAAG,OAAO,QAAQ;AAErC,MAAI,OAAO,KACT,OAAM,KAAK,QAAQ,OAAO,OAAO;AAEnC,MAAI,OAAO,OACT,OAAM,KAAK,WAAW,OAAO,SAAS;AAExC,MAAI,OAAO,WAAW,SAAS,QAC7B,OAAM,KAAK,SAAS;AAEtB,MAAI,OAAO,SACT,OAAM,KAAK,WAAW;AAExB,MAAI,OAAO,SACT,OAAM,KAAK,YAAY,OAAO,WAAW;AAE3C,MAAI,OAAO,OACT,OAAM,KAAK,UAAU,OAAO,SAAS;AAGvC,SAAO,MAAM,KAAK,KAAK;;;;;;ACzC3B,MAAM,YAAY,EAAE,OAAO,EACzB,YAAY,EAAE,KAAK,EACjB,SAAS,oBACV,CAAC,EACH,CAAC;AAEF,IAAa,wBAAb,MAAmC;CACjC,AAAmB,SAAS,QAAQ,OAAO;CAC3C,AAAmB,MAAM,SAAS;CAClC,AAAmB,eAAe,QAAQ,aAAa;CACvD,AAAmB,mBAAmB,QAAQ,iBAAiB;CAC/D,AAAmB,MAAM,KAAK,UAAU;CAGxC,AAAmB,YAAY;CAC/B,AAAmB,YAAY;CAC/B,AAAmB,kBAAkB;CACrC,AAAmB,mBAAmB;CAEtC,AAAgB,YAAY,MAAM;EAChC,IAAI;EACJ,SAAS,OAAO,EAAE,cAAc;AAC9B,WAAQ,UAAU;IAChB,KAAK,KAAK,aAAa,oBACrB,QAAQ,QAAQ,UAAU,GAC3B;IACD,KAAK,EAAE;IACR;;EAEJ,CAAC;CAEF,AAAgB,WAAW,MAAM;EAC/B,IAAI;EACJ,SAAS,OAAO,EAAE,cAAc;AAC9B,WAAQ,UAAU;IAChB,KAAK,KAAK,aAAa,oBACrB,QAAQ,QAAQ,UAAU,GAC3B;IACD,KAAK,EAAE;IACR;;EAEJ,CAAC;CAEF,AAAgB,SAAS,MAAM;EAC7B,IAAI;EACJ,SAAS,OAAO,EAAE,cAAc;AAC9B,OAAI,QAAQ,WAAW,OAAO,KAAK,QAAQ,QAAQ,IAAI,CAAC,SAAS,GAAG;IAClE,MAAM,mBAAmB,KAAK,aAAa,yBACzC,QAAQ,QAAQ,KAChB,QAAQ,IAAI,aAAa,SAC1B;AACD,QAAI,iBAAiB,SAAS,EAC5B,SAAQ,MAAM,QAAQ,gBAAgB;;;EAI7C,CAAC;CAEF,AAAU,sBAAsB,SAA4B;EAC1D,MAAM,iBACJ,KAAK,OAAO,QAAQ,IAAmB,UAAU,EAAE;AACrD,MAAI,QAAS,QAAO;AACpB,MAAI,eAAgB,QAAO;AAC3B,QAAM,IAAI,MACR,6FACD;;CAGH,AAAO,UACL,MACA,SACA,gBACuB;EACvB,MAAM,UAAU,KAAK,sBAAsB,eAAe;EAC1D,IAAI,WAAW,QAAQ,IAAI;AAE3B,MAAI,CAAC,SAAU,QAAO;AAEtB,MAAI;AACF,cAAW,mBAAmB,SAAS;AAEvC,OAAI,QAAQ,MAAM;IAChB,MAAM,YAAY,SAAS,UAAU,GAAG,KAAK,mBAAmB,EAAE;IAClE,MAAM,QAAQ,SAAS,UAAU,KAAK,mBAAmB,EAAE;IAC3D,MAAM,oBAAoB,KAAK,KAAK,MAAM;AAE1C,QACE,CAAC,gBACC,OAAO,KAAK,WAAW,MAAM,EAC7B,OAAO,KAAK,mBAAmB,MAAM,CACtC,EACD;AACA,UAAK,IAAI,KAAK,iCAAiC,KAAK,IAAI;AACxD;;AAEF,eAAW;;AAGb,OAAI,QAAQ,QACV,YAAW,KAAK,QAAQ,SAAS;AAGnC,OAAI,QAAQ,SACV,YAAW,eAAe,OAAO,KAAK,UAAU,SAAS,CAAC,CAAC,SACzD,OACD;AAGH,UAAO,KAAK,OAAO,MAAM,OAAO,QAAQ,QAAQ,KAAK,MAAM,SAAS,CAAC;WAC9D,OAAO;AACd,QAAK,IAAI,KAAK,2BAA2B,KAAK,IAAI,MAAM;AAExD,QAAK,aAAa,MAAM,QAAQ;AAChC;;;CAIJ,AAAO,UACL,MACA,SACA,MACA,gBACM;EACN,MAAM,UAAU,KAAK,sBAAsB,eAAe;EAC1D,IAAI,QAAQ,KAAK,UAAU,KAAK,OAAO,MAAM,OAAO,QAAQ,QAAQ,KAAK,CAAC;AAE1E,MAAI,QAAQ,SACV,SAAQ,eAAe,MAAM,CAAC,SAAS,SAAS;AAGlD,MAAI,QAAQ,QACV,SAAQ,KAAK,QAAQ,MAAM;AAG7B,MAAI,QAAQ,KACV,SAAQ,KAAK,KAAK,MAAM,GAAG;EAG7B,MAAMC,SAAiB;GACrB,OAAO,mBAAmB,MAAM;GAChC,MAAM,QAAQ,QAAQ;GACtB,UAAU,QAAQ,YAAY;GAC9B,QAAQ,QAAQ,UAAU,KAAK,OAAO,cAAc;GACpD,UAAU,QAAQ;GAClB,QAAQ,QAAQ;GACjB;AAED,MAAI,QAAQ,IACV,QAAO,SAAS,KAAK,iBAAiB,SAAS,QAAQ,IAAI,CAAC,GAAG,UAAU;AAG3E,UAAQ,IAAI,QAAQ;;CAGtB,AAAO,aACL,MACA,gBACM;EACN,MAAM,UAAU,KAAK,sBAAsB,eAAe;AAC1D,UAAQ,IAAI,QAAQ;;CAKtB,AAAU,QAAQ,MAAsB;EACtC,MAAM,KAAK,YAAY,KAAK,UAAU;EACtC,MAAM,SAAS,eACb,KAAK,WACL,OAAO,KAAK,KAAK,WAAW,CAAC,EAC7B,GACD;EACD,MAAM,YAAY,OAAO,OAAO,CAC9B,OAAO,OAAO,MAAM,OAAO,EAC3B,OAAO,OAAO,CACf,CAAC;EACF,MAAM,UAAU,OAAO,YAAY;AACnC,SAAO,OAAO,OAAO;GAAC;GAAI;GAAS;GAAU,CAAC,CAAC,SAAS,SAAS;;CAGnE,AAAU,QAAQ,eAA+B;EAC/C,MAAM,OAAO,OAAO,KAAK,eAAe,SAAS;EACjD,MAAM,KAAK,KAAK,SAAS,GAAG,KAAK,UAAU;EAC3C,MAAM,UAAU,KAAK,SACnB,KAAK,WACL,KAAK,YAAY,KAAK,gBACvB;EAED,MAAM,YAAY,KAAK,SAAS,KAAK,YAAY,KAAK,gBAAgB;EACtE,MAAM,WAAW,iBACf,KAAK,WACL,OAAO,KAAK,KAAK,WAAW,CAAC,EAC7B,GACD;AAED,WAAS,WAAW,QAAQ;AAO5B,SALkB,OAAO,OAAO,CAC9B,SAAS,OAAO,UAAU,EAC1B,SAAS,OAAO,CACjB,CAAC,CAEe,SAAS,OAAO;;CAGnC,AAAO,YAAoB;EACzB,IAAI,SAAS,KAAK,IAAI;AACtB,MAAI,OAAO,SAAS,GAElB,UAAS,OAAO,OAAO,IAAI,IAAI;WACtB,OAAO,SAAS,GAEzB,UAAS,OAAO,UAAU,GAAG,GAAG;AAElC,SAAO;;CAGT,AAAU,KAAK,MAAsB;AACnC,SAAO,WAAW,UAAU,KAAK,WAAW,CAAC,CAAC,OAAO,KAAK,CAAC,OAAO,MAAM;;;;;;;;;;;ACrO5E,MAAa,WACX,YAC+B;AAC/B,QAAO,gBAAgB,iBAAoB,QAAQ;;AAmDrD,IAAa,kBAAb,cACU,UAEV;CACE,AAAmB,wBAAwB,QAAQ,sBAAsB;CAEzE,IAAW,SAAY;AACrB,SAAO,KAAK,QAAQ;;CAGtB,IAAW,OAAe;AACxB,SAAO,KAAK,QAAQ,QAAQ,GAAG,KAAK,OAAO;;;;;CAM7C,AAAO,IACL,OACA,SACM;AACN,OAAK,sBAAsB,UACzB,KAAK,MACL;GACE,GAAG,KAAK;GACR,KAAK,SAAS,OAAO,KAAK,QAAQ;GACnC,EACD,OACA,SAAS,QACV;;;;;CAMH,AAAO,IAAI,SAAwD;AACjE,SAAO,KAAK,sBAAsB,UAChC,KAAK,MACL,KAAK,SACL,SAAS,QACV;;;;;CAMH,AAAO,IAAI,SAAuC;AAChD,OAAK,sBAAsB,aAAa,KAAK,MAAM,SAAS,QAAQ;;;AAIxE,QAAQ,QAAQ;;;;;;;;;;;;;;AC7FhB,MAAa,sBAAsB,QAAQ;CACzC,MAAM;CACN,YAAY,CAAC,QAAQ;CACrB,UAAU,CAAC,cAAc,sBAAsB;CAChD,CAAC"}
+{"version":3,"file":"index.js","names":["cookies: Record<string, string>","parts: string[]","cookie: Cookie"],"sources":["../../src/server-cookies/services/CookieParser.ts","../../src/server-cookies/providers/ServerCookiesProvider.ts","../../src/server-cookies/primitives/$cookie.ts","../../src/server-cookies/index.ts"],"sourcesContent":["import type { Cookie } from \"../primitives/$cookie.ts\";\n\nexport class CookieParser {\n  public parseRequestCookies(header: string): Record<string, string> {\n    const cookies: Record<string, string> = {};\n    const parts = header.split(\";\");\n    for (const part of parts) {\n      const [key, value] = part.split(\"=\");\n      if (!key || !value) {\n        continue;\n      }\n\n      cookies[key.trim()] = value.trim();\n    }\n\n    return cookies;\n  }\n\n  public serializeResponseCookies(\n    cookies: Record<string, Cookie | null>,\n    isHttps: boolean,\n  ): string[] {\n    const headers = [];\n\n    for (const [name, cookie] of Object.entries(cookies)) {\n      // If the cookie is null, we need to delete it\n      if (cookie == null) {\n        headers.push(`${name}=; Path=/; Max-Age=0`);\n        continue;\n      }\n\n      if (!cookie.value) {\n        continue;\n      }\n\n      headers.push(this.cookieToString(name, cookie, isHttps));\n    }\n\n    return headers;\n  }\n\n  public cookieToString(\n    name: string,\n    cookie: Cookie,\n    isHttps?: boolean,\n  ): string {\n    const parts: string[] = [];\n\n    parts.push(`${name}=${cookie.value}`);\n\n    if (cookie.path) {\n      parts.push(`Path=${cookie.path}`);\n    }\n    if (cookie.maxAge) {\n      parts.push(`Max-Age=${cookie.maxAge}`);\n    }\n    if (cookie.secure !== false && isHttps) {\n      parts.push(\"Secure\");\n    }\n    if (cookie.httpOnly) {\n      parts.push(\"HttpOnly\");\n    }\n    if (cookie.sameSite) {\n      parts.push(`SameSite=${cookie.sameSite}`);\n    }\n    if (cookie.domain) {\n      parts.push(`Domain=${cookie.domain}`);\n    }\n\n    return parts.join(\"; \");\n  }\n}\n","import {\n  createCipheriv,\n  createDecipheriv,\n  createHmac,\n  randomBytes,\n  timingSafeEqual,\n} from \"node:crypto\";\nimport { deflateRawSync, inflateRawSync } from \"node:zlib\";\nimport {\n  $env,\n  $hook,\n  $inject,\n  Alepha,\n  AlephaError,\n  type Static,\n  type TSchema,\n  t,\n} from \"alepha\";\nimport { DateTimeProvider } from \"alepha/datetime\";\nimport { $logger } from \"alepha/logger\";\nimport { DEFAULT_APP_SECRET } from \"alepha/security\";\nimport type { ServerRequest } from \"alepha/server\";\nimport type {\n  Cookie,\n  CookiePrimitiveOptions,\n  Cookies,\n} from \"../primitives/$cookie.ts\";\nimport { CookieParser } from \"../services/CookieParser.ts\";\n\nconst envSchema = t.object({\n  APP_SECRET: t.text({\n    default: DEFAULT_APP_SECRET,\n  }),\n});\n\nexport class ServerCookiesProvider {\n  protected readonly alepha = $inject(Alepha);\n  protected readonly log = $logger();\n  protected readonly cookieParser = $inject(CookieParser);\n  protected readonly dateTimeProvider = $inject(DateTimeProvider);\n  protected readonly env = $env(envSchema);\n\n  // crypto constants\n  protected readonly ALGORITHM = \"aes-256-gcm\";\n  protected readonly IV_LENGTH = 16; // For GCM\n  protected readonly AUTH_TAG_LENGTH = 16;\n  protected readonly SIGNATURE_LENGTH = 32; // For SHA256\n\n  public readonly onRequest = $hook({\n    on: \"server:onRequest\",\n    handler: async ({ request }) => {\n      request.cookies = {\n        req: this.cookieParser.parseRequestCookies(\n          request.headers.cookie ?? \"\",\n        ),\n        res: {},\n      };\n    },\n  });\n\n  public readonly onAction = $hook({\n    on: \"action:onRequest\",\n    handler: async ({ request }) => {\n      request.cookies = {\n        req: this.cookieParser.parseRequestCookies(\n          request.headers.cookie ?? \"\",\n        ),\n        res: {},\n      };\n    },\n  });\n\n  public readonly onSend = $hook({\n    on: \"server:onSend\",\n    handler: async ({ request }) => {\n      if (request.cookies && Object.keys(request.cookies.res).length > 0) {\n        const setCookieHeaders = this.cookieParser.serializeResponseCookies(\n          request.cookies.res,\n          request.url.protocol === \"https:\",\n        );\n        if (setCookieHeaders.length > 0) {\n          request.reply.headers[\"set-cookie\"] = setCookieHeaders;\n        }\n      }\n    },\n  });\n\n  protected getCookiesFromContext(cookies?: Cookies): Cookies {\n    const contextCookies =\n      this.alepha.context.get<ServerRequest>(\"request\")?.cookies;\n    if (cookies) return cookies;\n    if (contextCookies) return contextCookies;\n    throw new AlephaError(\n      \"Cookie context is not available. This method must be called within a server request cycle.\",\n    );\n  }\n\n  public getCookie<T extends TSchema>(\n    name: string,\n    options: CookiePrimitiveOptions<T>,\n    contextCookies?: Cookies,\n  ): Static<T> | undefined {\n    const cookies = this.getCookiesFromContext(contextCookies);\n    let rawValue = cookies.req[name];\n\n    if (!rawValue) return undefined;\n\n    try {\n      rawValue = decodeURIComponent(rawValue);\n\n      if (options.sign) {\n        const signature = rawValue.substring(0, this.SIGNATURE_LENGTH * 2);\n        const value = rawValue.substring(this.SIGNATURE_LENGTH * 2);\n        const expectedSignature = this.sign(value);\n\n        if (\n          !timingSafeEqual(\n            Buffer.from(signature, \"hex\"),\n            Buffer.from(expectedSignature, \"hex\"),\n          )\n        ) {\n          this.log.warn(`Invalid signature for cookie \"${name}\".`);\n          return undefined;\n        }\n        rawValue = value;\n      }\n\n      if (options.encrypt) {\n        rawValue = this.decrypt(rawValue);\n      }\n\n      if (options.compress) {\n        rawValue = inflateRawSync(Buffer.from(rawValue, \"base64\")).toString(\n          \"utf8\",\n        );\n      }\n\n      return this.alepha.codec.decode(options.schema, JSON.parse(rawValue));\n    } catch (error) {\n      this.log.warn(`Failed to parse cookie \"${name}\"`, error);\n      // corrupted or invalid cookie, instruct browser to delete it on next response\n      this.deleteCookie(name, cookies);\n      return undefined;\n    }\n  }\n\n  public setCookie<T extends TSchema>(\n    name: string,\n    options: CookiePrimitiveOptions<T>,\n    data: Static<T>,\n    contextCookies?: Cookies,\n  ): void {\n    const cookies = this.getCookiesFromContext(contextCookies);\n    let value = JSON.stringify(this.alepha.codec.decode(options.schema, data));\n\n    if (options.compress) {\n      value = deflateRawSync(value).toString(\"base64\");\n    }\n\n    if (options.encrypt) {\n      value = this.encrypt(value);\n    }\n\n    if (options.sign) {\n      value = this.sign(value) + value;\n    }\n\n    const cookie: Cookie = {\n      value: encodeURIComponent(value),\n      path: options.path ?? \"/\",\n      sameSite: options.sameSite ?? \"lax\",\n      secure: options.secure ?? this.alepha.isProduction(),\n      httpOnly: options.httpOnly,\n      domain: options.domain,\n    };\n\n    if (options.ttl) {\n      cookie.maxAge = this.dateTimeProvider.duration(options.ttl).as(\"seconds\");\n    }\n\n    cookies.res[name] = cookie;\n  }\n\n  public deleteCookie<T extends TSchema>(\n    name: string,\n    contextCookies?: Cookies,\n  ): void {\n    const cookies = this.getCookiesFromContext(contextCookies);\n    cookies.res[name] = null;\n  }\n\n  // --- Crypto & Parsing ---\n\n  protected encrypt(text: string): string {\n    const iv = randomBytes(this.IV_LENGTH);\n    const cipher = createCipheriv(\n      this.ALGORITHM,\n      Buffer.from(this.secretKey()),\n      iv,\n    );\n    const encrypted = Buffer.concat([\n      cipher.update(text, \"utf8\"),\n      cipher.final(),\n    ]);\n    const authTag = cipher.getAuthTag();\n    return Buffer.concat([iv, authTag, encrypted]).toString(\"base64\");\n  }\n\n  protected decrypt(encryptedText: string): string {\n    const data = Buffer.from(encryptedText, \"base64\");\n    const iv = data.subarray(0, this.IV_LENGTH);\n    const authTag = data.subarray(\n      this.IV_LENGTH,\n      this.IV_LENGTH + this.AUTH_TAG_LENGTH,\n    );\n\n    const encrypted = data.subarray(this.IV_LENGTH + this.AUTH_TAG_LENGTH);\n    const decipher = createDecipheriv(\n      this.ALGORITHM,\n      Buffer.from(this.secretKey()),\n      iv,\n    );\n\n    decipher.setAuthTag(authTag);\n\n    const decrypted = Buffer.concat([\n      decipher.update(encrypted),\n      decipher.final(),\n    ]);\n\n    return decrypted.toString(\"utf8\");\n  }\n\n  public secretKey(): string {\n    let secret = this.env.APP_SECRET;\n    if (secret.length < 32) {\n      // pad secret to 32 bytes\n      secret = secret.padEnd(32, \"0\");\n    } else if (secret.length > 32) {\n      // truncate secret to 32 bytes\n      secret = secret.substring(0, 32);\n    }\n    return secret;\n  }\n\n  protected sign(data: string): string {\n    return createHmac(\"sha256\", this.secretKey()).update(data).digest(\"hex\");\n  }\n}\n","import {\n  $inject,\n  createPrimitive,\n  KIND,\n  Primitive,\n  type Static,\n  type TSchema,\n} from \"alepha\";\nimport type { DurationLike } from \"alepha/datetime\";\nimport { ServerCookiesProvider } from \"../providers/ServerCookiesProvider.ts\";\n\n/**\n * Declares a type-safe, configurable HTTP cookie.\n * This primitive provides methods to get, set, and delete the cookie\n * within the server request/response cycle.\n */\nexport const $cookie = <T extends TSchema>(\n  options: CookiePrimitiveOptions<T>,\n): AbstractCookiePrimitive<T> => {\n  return createPrimitive(CookiePrimitive<T>, options);\n};\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport interface CookiePrimitiveOptions<T extends TSchema> {\n  /** The schema for the cookie's value, used for validation and type safety. */\n  schema: T;\n\n  /** The name of the cookie. */\n  name?: string;\n\n  /** The cookie's path. Defaults to \"/\". */\n  path?: string;\n\n  /** Time-to-live for the cookie. Maps to `Max-Age`. */\n  ttl?: DurationLike;\n\n  /** If true, the cookie is only sent over HTTPS. Defaults to true in production. */\n  secure?: boolean;\n\n  /** If true, the cookie cannot be accessed by client-side scripts. */\n  httpOnly?: boolean;\n\n  /** SameSite policy for the cookie. Defaults to \"lax\". */\n  sameSite?: \"strict\" | \"lax\" | \"none\";\n\n  /** The domain for the cookie. */\n  domain?: string;\n\n  /** If true, the cookie value will be compressed using zlib. */\n  compress?: boolean;\n\n  /** If true, the cookie value will be encrypted. Requires `COOKIE_SECRET` env var. */\n  encrypt?: boolean;\n\n  /** If true, the cookie will be signed to prevent tampering. Requires `COOKIE_SECRET` env var. */\n  sign?: boolean;\n}\n\nexport interface AbstractCookiePrimitive<T extends TSchema> {\n  readonly name: string;\n  readonly options: CookiePrimitiveOptions<T>;\n  set(\n    value: Static<T>,\n    options?: { cookies?: Cookies; ttl?: DurationLike },\n  ): void;\n  get(options?: { cookies?: Cookies }): Static<T> | undefined;\n  del(options?: { cookies?: Cookies }): void;\n}\n\nexport class CookiePrimitive<T extends TSchema>\n  extends Primitive<CookiePrimitiveOptions<T>>\n  implements AbstractCookiePrimitive<T>\n{\n  protected readonly serverCookiesProvider = $inject(ServerCookiesProvider);\n\n  public get schema(): T {\n    return this.options.schema;\n  }\n\n  public get name(): string {\n    return this.options.name ?? `${this.config.propertyKey}`;\n  }\n\n  /**\n   * Sets the cookie with the given value in the current request's response.\n   */\n  public set(\n    value: Static<T>,\n    options?: { cookies?: Cookies; ttl?: DurationLike },\n  ): void {\n    this.serverCookiesProvider.setCookie(\n      this.name,\n      {\n        ...this.options,\n        ttl: options?.ttl ?? this.options.ttl,\n      },\n      value,\n      options?.cookies,\n    );\n  }\n\n  /**\n   * Gets the cookie value from the current request. Returns undefined if not found or invalid.\n   */\n  public get(options?: { cookies?: Cookies }): Static<T> | undefined {\n    return this.serverCookiesProvider.getCookie(\n      this.name,\n      this.options,\n      options?.cookies,\n    );\n  }\n\n  /**\n   * Deletes the cookie in the current request's response.\n   */\n  public del(options?: { cookies?: Cookies }): void {\n    this.serverCookiesProvider.deleteCookie(this.name, options?.cookies);\n  }\n}\n\n$cookie[KIND] = CookiePrimitive;\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport interface Cookies {\n  req: Record<string, string>;\n  res: Record<string, Cookie | null>;\n}\n\nexport interface Cookie {\n  value: string;\n  path?: string;\n  maxAge?: number;\n  secure?: boolean;\n  httpOnly?: boolean;\n  sameSite?: \"strict\" | \"lax\" | \"none\";\n  domain?: string;\n}\n","import { $module } from \"alepha\";\nimport { AlephaServer } from \"alepha/server\";\nimport { $cookie, type Cookies } from \"./primitives/$cookie.ts\";\nimport { ServerCookiesProvider } from \"./providers/ServerCookiesProvider.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport * from \"./primitives/$cookie.ts\";\nexport * from \"./providers/ServerCookiesProvider.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\ndeclare module \"alepha/server\" {\n  interface ServerRequest {\n    cookies: Cookies;\n  }\n}\n\n/**\n * Provides HTTP cookie management capabilities for server requests and responses with type-safe cookie primitives.\n *\n * The server-cookies module enables declarative cookie handling using the `$cookie` primitive on class properties.\n * It offers automatic cookie parsing, secure cookie configuration, and seamless integration with server routes\n * for managing user sessions, preferences, and authentication tokens.\n *\n * @see {@link $cookie}\n * @module alepha.server.cookies\n */\nexport const AlephaServerCookies = $module({\n  name: \"alepha.server.cookies\",\n  primitives: [$cookie],\n  services: [AlephaServer, ServerCookiesProvider],\n});\n"],"mappings":";;;;;;;;;AAEA,IAAa,eAAb,MAA0B;CACxB,AAAO,oBAAoB,QAAwC;EACjE,MAAMA,UAAkC,EAAE;EAC1C,MAAM,QAAQ,OAAO,MAAM,IAAI;AAC/B,OAAK,MAAM,QAAQ,OAAO;GACxB,MAAM,CAAC,KAAK,SAAS,KAAK,MAAM,IAAI;AACpC,OAAI,CAAC,OAAO,CAAC,MACX;AAGF,WAAQ,IAAI,MAAM,IAAI,MAAM,MAAM;;AAGpC,SAAO;;CAGT,AAAO,yBACL,SACA,SACU;EACV,MAAM,UAAU,EAAE;AAElB,OAAK,MAAM,CAAC,MAAM,WAAW,OAAO,QAAQ,QAAQ,EAAE;AAEpD,OAAI,UAAU,MAAM;AAClB,YAAQ,KAAK,GAAG,KAAK,sBAAsB;AAC3C;;AAGF,OAAI,CAAC,OAAO,MACV;AAGF,WAAQ,KAAK,KAAK,eAAe,MAAM,QAAQ,QAAQ,CAAC;;AAG1D,SAAO;;CAGT,AAAO,eACL,MACA,QACA,SACQ;EACR,MAAMC,QAAkB,EAAE;AAE1B,QAAM,KAAK,GAAG,KAAK,GAAG,OAAO,QAAQ;AAErC,MAAI,OAAO,KACT,OAAM,KAAK,QAAQ,OAAO,OAAO;AAEnC,MAAI,OAAO,OACT,OAAM,KAAK,WAAW,OAAO,SAAS;AAExC,MAAI,OAAO,WAAW,SAAS,QAC7B,OAAM,KAAK,SAAS;AAEtB,MAAI,OAAO,SACT,OAAM,KAAK,WAAW;AAExB,MAAI,OAAO,SACT,OAAM,KAAK,YAAY,OAAO,WAAW;AAE3C,MAAI,OAAO,OACT,OAAM,KAAK,UAAU,OAAO,SAAS;AAGvC,SAAO,MAAM,KAAK,KAAK;;;;;;ACxC3B,MAAM,YAAY,EAAE,OAAO,EACzB,YAAY,EAAE,KAAK,EACjB,SAAS,oBACV,CAAC,EACH,CAAC;AAEF,IAAa,wBAAb,MAAmC;CACjC,AAAmB,SAAS,QAAQ,OAAO;CAC3C,AAAmB,MAAM,SAAS;CAClC,AAAmB,eAAe,QAAQ,aAAa;CACvD,AAAmB,mBAAmB,QAAQ,iBAAiB;CAC/D,AAAmB,MAAM,KAAK,UAAU;CAGxC,AAAmB,YAAY;CAC/B,AAAmB,YAAY;CAC/B,AAAmB,kBAAkB;CACrC,AAAmB,mBAAmB;CAEtC,AAAgB,YAAY,MAAM;EAChC,IAAI;EACJ,SAAS,OAAO,EAAE,cAAc;AAC9B,WAAQ,UAAU;IAChB,KAAK,KAAK,aAAa,oBACrB,QAAQ,QAAQ,UAAU,GAC3B;IACD,KAAK,EAAE;IACR;;EAEJ,CAAC;CAEF,AAAgB,WAAW,MAAM;EAC/B,IAAI;EACJ,SAAS,OAAO,EAAE,cAAc;AAC9B,WAAQ,UAAU;IAChB,KAAK,KAAK,aAAa,oBACrB,QAAQ,QAAQ,UAAU,GAC3B;IACD,KAAK,EAAE;IACR;;EAEJ,CAAC;CAEF,AAAgB,SAAS,MAAM;EAC7B,IAAI;EACJ,SAAS,OAAO,EAAE,cAAc;AAC9B,OAAI,QAAQ,WAAW,OAAO,KAAK,QAAQ,QAAQ,IAAI,CAAC,SAAS,GAAG;IAClE,MAAM,mBAAmB,KAAK,aAAa,yBACzC,QAAQ,QAAQ,KAChB,QAAQ,IAAI,aAAa,SAC1B;AACD,QAAI,iBAAiB,SAAS,EAC5B,SAAQ,MAAM,QAAQ,gBAAgB;;;EAI7C,CAAC;CAEF,AAAU,sBAAsB,SAA4B;EAC1D,MAAM,iBACJ,KAAK,OAAO,QAAQ,IAAmB,UAAU,EAAE;AACrD,MAAI,QAAS,QAAO;AACpB,MAAI,eAAgB,QAAO;AAC3B,QAAM,IAAI,YACR,6FACD;;CAGH,AAAO,UACL,MACA,SACA,gBACuB;EACvB,MAAM,UAAU,KAAK,sBAAsB,eAAe;EAC1D,IAAI,WAAW,QAAQ,IAAI;AAE3B,MAAI,CAAC,SAAU,QAAO;AAEtB,MAAI;AACF,cAAW,mBAAmB,SAAS;AAEvC,OAAI,QAAQ,MAAM;IAChB,MAAM,YAAY,SAAS,UAAU,GAAG,KAAK,mBAAmB,EAAE;IAClE,MAAM,QAAQ,SAAS,UAAU,KAAK,mBAAmB,EAAE;IAC3D,MAAM,oBAAoB,KAAK,KAAK,MAAM;AAE1C,QACE,CAAC,gBACC,OAAO,KAAK,WAAW,MAAM,EAC7B,OAAO,KAAK,mBAAmB,MAAM,CACtC,EACD;AACA,UAAK,IAAI,KAAK,iCAAiC,KAAK,IAAI;AACxD;;AAEF,eAAW;;AAGb,OAAI,QAAQ,QACV,YAAW,KAAK,QAAQ,SAAS;AAGnC,OAAI,QAAQ,SACV,YAAW,eAAe,OAAO,KAAK,UAAU,SAAS,CAAC,CAAC,SACzD,OACD;AAGH,UAAO,KAAK,OAAO,MAAM,OAAO,QAAQ,QAAQ,KAAK,MAAM,SAAS,CAAC;WAC9D,OAAO;AACd,QAAK,IAAI,KAAK,2BAA2B,KAAK,IAAI,MAAM;AAExD,QAAK,aAAa,MAAM,QAAQ;AAChC;;;CAIJ,AAAO,UACL,MACA,SACA,MACA,gBACM;EACN,MAAM,UAAU,KAAK,sBAAsB,eAAe;EAC1D,IAAI,QAAQ,KAAK,UAAU,KAAK,OAAO,MAAM,OAAO,QAAQ,QAAQ,KAAK,CAAC;AAE1E,MAAI,QAAQ,SACV,SAAQ,eAAe,MAAM,CAAC,SAAS,SAAS;AAGlD,MAAI,QAAQ,QACV,SAAQ,KAAK,QAAQ,MAAM;AAG7B,MAAI,QAAQ,KACV,SAAQ,KAAK,KAAK,MAAM,GAAG;EAG7B,MAAMC,SAAiB;GACrB,OAAO,mBAAmB,MAAM;GAChC,MAAM,QAAQ,QAAQ;GACtB,UAAU,QAAQ,YAAY;GAC9B,QAAQ,QAAQ,UAAU,KAAK,OAAO,cAAc;GACpD,UAAU,QAAQ;GAClB,QAAQ,QAAQ;GACjB;AAED,MAAI,QAAQ,IACV,QAAO,SAAS,KAAK,iBAAiB,SAAS,QAAQ,IAAI,CAAC,GAAG,UAAU;AAG3E,UAAQ,IAAI,QAAQ;;CAGtB,AAAO,aACL,MACA,gBACM;EACN,MAAM,UAAU,KAAK,sBAAsB,eAAe;AAC1D,UAAQ,IAAI,QAAQ;;CAKtB,AAAU,QAAQ,MAAsB;EACtC,MAAM,KAAK,YAAY,KAAK,UAAU;EACtC,MAAM,SAAS,eACb,KAAK,WACL,OAAO,KAAK,KAAK,WAAW,CAAC,EAC7B,GACD;EACD,MAAM,YAAY,OAAO,OAAO,CAC9B,OAAO,OAAO,MAAM,OAAO,EAC3B,OAAO,OAAO,CACf,CAAC;EACF,MAAM,UAAU,OAAO,YAAY;AACnC,SAAO,OAAO,OAAO;GAAC;GAAI;GAAS;GAAU,CAAC,CAAC,SAAS,SAAS;;CAGnE,AAAU,QAAQ,eAA+B;EAC/C,MAAM,OAAO,OAAO,KAAK,eAAe,SAAS;EACjD,MAAM,KAAK,KAAK,SAAS,GAAG,KAAK,UAAU;EAC3C,MAAM,UAAU,KAAK,SACnB,KAAK,WACL,KAAK,YAAY,KAAK,gBACvB;EAED,MAAM,YAAY,KAAK,SAAS,KAAK,YAAY,KAAK,gBAAgB;EACtE,MAAM,WAAW,iBACf,KAAK,WACL,OAAO,KAAK,KAAK,WAAW,CAAC,EAC7B,GACD;AAED,WAAS,WAAW,QAAQ;AAO5B,SALkB,OAAO,OAAO,CAC9B,SAAS,OAAO,UAAU,EAC1B,SAAS,OAAO,CACjB,CAAC,CAEe,SAAS,OAAO;;CAGnC,AAAO,YAAoB;EACzB,IAAI,SAAS,KAAK,IAAI;AACtB,MAAI,OAAO,SAAS,GAElB,UAAS,OAAO,OAAO,IAAI,IAAI;WACtB,OAAO,SAAS,GAEzB,UAAS,OAAO,UAAU,GAAG,GAAG;AAElC,SAAO;;CAGT,AAAU,KAAK,MAAsB;AACnC,SAAO,WAAW,UAAU,KAAK,WAAW,CAAC,CAAC,OAAO,KAAK,CAAC,OAAO,MAAM;;;;;;;;;;;ACtO5E,MAAa,WACX,YAC+B;AAC/B,QAAO,gBAAgB,iBAAoB,QAAQ;;AAmDrD,IAAa,kBAAb,cACU,UAEV;CACE,AAAmB,wBAAwB,QAAQ,sBAAsB;CAEzE,IAAW,SAAY;AACrB,SAAO,KAAK,QAAQ;;CAGtB,IAAW,OAAe;AACxB,SAAO,KAAK,QAAQ,QAAQ,GAAG,KAAK,OAAO;;;;;CAM7C,AAAO,IACL,OACA,SACM;AACN,OAAK,sBAAsB,UACzB,KAAK,MACL;GACE,GAAG,KAAK;GACR,KAAK,SAAS,OAAO,KAAK,QAAQ;GACnC,EACD,OACA,SAAS,QACV;;;;;CAMH,AAAO,IAAI,SAAwD;AACjE,SAAO,KAAK,sBAAsB,UAChC,KAAK,MACL,KAAK,SACL,SAAS,QACV;;;;;CAMH,AAAO,IAAI,SAAuC;AAChD,OAAK,sBAAsB,aAAa,KAAK,MAAM,SAAS,QAAQ;;;AAIxE,QAAQ,QAAQ;;;;;;;;;;;;;;AC7FhB,MAAa,sBAAsB,QAAQ;CACzC,MAAM;CACN,YAAY,CAAC,QAAQ;CACrB,UAAU,CAAC,cAAc,sBAAsB;CAChD,CAAC"}