alepha 0.13.4 → 0.13.6

package/dist/security/index.js

@@ -5,7 +5,7 @@ import { DateTimeProvider } from "alepha/datetime";
 import { promisify } from "node:util";
 import { UnauthorizedError } from "alepha/server";
 
-//#region src/security/errors/InvalidPermissionError.ts
+//#region ../../src/security/errors/InvalidPermissionError.ts
 var InvalidPermissionError = class extends Error {
 	constructor(name) {
 		super(`Permission '${name}' is invalid`);
@@ -13,13 +13,13 @@ var InvalidPermissionError = class extends Error {
 };
 
 //#endregion
-//#region src/security/errors/InvalidTokenError.ts
+//#region ../../src/security/errors/InvalidTokenError.ts
 var InvalidTokenError = class extends Error {
 	status = 401;
 };
 
 //#endregion
-//#region src/security/errors/RealmNotFoundError.ts
+//#region ../../src/security/errors/RealmNotFoundError.ts
 var RealmNotFoundError = class extends Error {
 	constructor(realm) {
 		super(`Realm '${realm}' not found`);
@@ -27,14 +27,14 @@ var RealmNotFoundError = class extends Error {
 };
 
 //#endregion
-//#region src/security/errors/SecurityError.ts
+//#region ../../src/security/errors/SecurityError.ts
 var SecurityError = class extends Error {
 	name = "SecurityError";
 	status = 403;
 };
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/buffer_utils.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/buffer_utils.js
 const encoder = new TextEncoder();
 const decoder = new TextDecoder();
 const MAX_INT32 = 2 ** 32;
@@ -59,7 +59,7 @@ function encode$1(string) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/base64.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/base64.js
 function encodeBase64(input) {
 	if (Uint8Array.prototype.toBase64) return input.toBase64();
 	const CHUNK_SIZE = 32768;
@@ -76,7 +76,7 @@ function decodeBase64(encoded) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/util/base64url.js
+//#region ../../../../node_modules/jose/dist/webapi/util/base64url.js
 function decode(input) {
 	if (Uint8Array.fromBase64) return Uint8Array.fromBase64(typeof input === "string" ? input : decoder.decode(input), { alphabet: "base64url" });
 	let encoded = input;
@@ -99,7 +99,7 @@ function encode(input) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/util/errors.js
+//#region ../../../../node_modules/jose/dist/webapi/util/errors.js
 var JOSEError = class extends Error {
 	static code = "ERR_JOSE_GENERIC";
 	code = "ERR_JOSE_GENERIC";
@@ -194,7 +194,7 @@ var JWSSignatureVerificationFailed = class extends JOSEError {
 };
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/crypto_key.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/crypto_key.js
 const unusable = (name, prop = "algorithm.name") => /* @__PURE__ */ new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`);
 const isAlgorithm = (algorithm, name) => algorithm.name === name;
 function getHashLength(hash) {
@@ -260,7 +260,7 @@ function checkSigCryptoKey(key, alg, usage) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/invalid_key_input.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/invalid_key_input.js
 function message(msg, actual, ...types) {
 	types = types.filter(Boolean);
 	if (types.length > 2) {
@@ -279,7 +279,7 @@ const invalidKeyInput = (actual, ...types) => message("Key must be ", actual, ..
 const withAlg = (alg, actual, ...types) => message(`Key for the ${alg} algorithm must be `, actual, ...types);
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/is_key_like.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/is_key_like.js
 const isCryptoKey = (key) => {
 	if (key?.[Symbol.toStringTag] === "CryptoKey") return true;
 	try {
@@ -292,7 +292,7 @@ const isKeyObject = (key) => key?.[Symbol.toStringTag] === "KeyObject";
 const isKeyLike = (key) => isCryptoKey(key) || isKeyObject(key);
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/is_disjoint.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/is_disjoint.js
 function isDisjoint(...headers) {
 	const sources = headers.filter(Boolean);
 	if (sources.length === 0 || sources.length === 1) return true;
@@ -312,7 +312,7 @@ function isDisjoint(...headers) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/is_object.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/is_object.js
 const isObjectLike = (value) => typeof value === "object" && value !== null;
 function isObject(input) {
 	if (!isObjectLike(input) || Object.prototype.toString.call(input) !== "[object Object]") return false;
@@ -323,7 +323,7 @@ function isObject(input) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/check_key_length.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/check_key_length.js
 function checkKeyLength(alg, key) {
 	if (alg.startsWith("RS") || alg.startsWith("PS")) {
 		const { modulusLength } = key.algorithm;
@@ -332,7 +332,7 @@ function checkKeyLength(alg, key) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/jwk_to_key.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/jwk_to_key.js
 function subtleMapping(jwk) {
 	let algorithm;
 	let keyUsages;
@@ -451,7 +451,7 @@ async function jwkToKey(jwk) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/key/import.js
+//#region ../../../../node_modules/jose/dist/webapi/key/import.js
 async function importJWK(jwk, alg, options) {
 	if (!isObject(jwk)) throw new TypeError("JWK must be an object");
 	let ext;
@@ -486,7 +486,7 @@ async function importJWK(jwk, alg, options) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/validate_crit.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/validate_crit.js
 function validateCrit(Err, recognizedDefault, recognizedOption, protectedHeader, joseHeader) {
 	if (joseHeader.crit !== void 0 && protectedHeader?.crit === void 0) throw new Err("\"crit\" (Critical) Header Parameter MUST be integrity protected");
 	if (!protectedHeader || protectedHeader.crit === void 0) return /* @__PURE__ */ new Set();
@@ -503,7 +503,7 @@ function validateCrit(Err, recognizedDefault, recognizedOption, protectedHeader,
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/validate_algorithms.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/validate_algorithms.js
 function validateAlgorithms(option, algorithms) {
 	if (algorithms !== void 0 && (!Array.isArray(algorithms) || algorithms.some((s) => typeof s !== "string"))) throw new TypeError(`"${option}" option must be an array of strings`);
 	if (!algorithms) return;
@@ -511,14 +511,14 @@ function validateAlgorithms(option, algorithms) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/is_jwk.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/is_jwk.js
 const isJWK = (key) => isObject(key) && typeof key.kty === "string";
 const isPrivateJWK = (key) => key.kty !== "oct" && (key.kty === "AKP" && typeof key.priv === "string" || typeof key.d === "string");
 const isPublicJWK = (key) => key.kty !== "oct" && key.d === void 0 && key.priv === void 0;
 const isSecretJWK = (key) => key.kty === "oct" && typeof key.k === "string";
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/normalize_key.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/normalize_key.js
 let cache;
 const handleJWK = async (key, jwk, alg, freeze = false) => {
 	cache ||= /* @__PURE__ */ new WeakMap();
@@ -642,7 +642,7 @@ async function normalizeKey(key, alg) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/check_key_type.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/check_key_type.js
 const tag = (key) => key?.[Symbol.toStringTag];
 const jwkMatchesOp = (alg, key, usage) => {
 	if (key.use !== void 0) {
@@ -731,7 +731,7 @@ function checkKeyType(alg, key, usage) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/subtle_dsa.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/subtle_dsa.js
 function subtleAlgorithm(alg, algorithm) {
 	const hash = `SHA-${alg.slice(-3)}`;
 	switch (alg) {
@@ -771,7 +771,7 @@ function subtleAlgorithm(alg, algorithm) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/get_sign_verify_key.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/get_sign_verify_key.js
 async function getSigKey(alg, key, usage) {
 	if (key instanceof Uint8Array) {
 		if (!alg.startsWith("HS")) throw new TypeError(invalidKeyInput(key, "CryptoKey", "KeyObject", "JSON Web Key"));
@@ -785,7 +785,7 @@ async function getSigKey(alg, key, usage) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/verify.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/verify.js
 async function verify(alg, key, signature, data) {
 	const cryptoKey = await getSigKey(alg, key, "verify");
 	checkKeyLength(alg, cryptoKey);
@@ -798,7 +798,7 @@ async function verify(alg, key, signature, data) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/jws/flattened/verify.js
+//#region ../../../../node_modules/jose/dist/webapi/jws/flattened/verify.js
 async function flattenedVerify(jws, key, options) {
 	if (!isObject(jws)) throw new JWSInvalid("Flattened JWS must be an object");
 	if (jws.protected === void 0 && jws.header === void 0) throw new JWSInvalid("Flattened JWS must have either of the \"protected\" or \"header\" members");
@@ -865,7 +865,7 @@ async function flattenedVerify(jws, key, options) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/jws/compact/verify.js
+//#region ../../../../node_modules/jose/dist/webapi/jws/compact/verify.js
 async function compactVerify(jws, key, options) {
 	if (jws instanceof Uint8Array) jws = decoder.decode(jws);
 	if (typeof jws !== "string") throw new JWSInvalid("Compact JWS must be a string or Uint8Array");
@@ -888,7 +888,7 @@ async function compactVerify(jws, key, options) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/jwt_claims_set.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/jwt_claims_set.js
 const epoch = (date) => Math.floor(date.getTime() / 1e3);
 const minute = 60;
 const hour = minute * 60;
@@ -1053,7 +1053,7 @@ var JWTClaimsBuilder = class {
 };
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/jwt/verify.js
+//#region ../../../../node_modules/jose/dist/webapi/jwt/verify.js
 async function jwtVerify(jwt, key, options) {
 	const verified = await compactVerify(jwt, key, options);
 	if (verified.protectedHeader.crit?.includes("b64") && verified.protectedHeader.b64 === false) throw new JWTInvalid("JWTs MUST NOT use unencoded payload");
@@ -1069,7 +1069,7 @@ async function jwtVerify(jwt, key, options) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/lib/sign.js
+//#region ../../../../node_modules/jose/dist/webapi/lib/sign.js
 async function sign(alg, key, data) {
 	const cryptoKey = await getSigKey(alg, key, "sign");
 	checkKeyLength(alg, cryptoKey);
@@ -1078,7 +1078,7 @@ async function sign(alg, key, data) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/jws/flattened/sign.js
+//#region ../../../../node_modules/jose/dist/webapi/jws/flattened/sign.js
 var FlattenedSign = class {
 	#payload;
 	#protectedHeader;
@@ -1143,7 +1143,7 @@ var FlattenedSign = class {
 };
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/jws/compact/sign.js
+//#region ../../../../node_modules/jose/dist/webapi/jws/compact/sign.js
 var CompactSign = class {
 	#flattened;
 	constructor(payload) {
@@ -1161,7 +1161,7 @@ var CompactSign = class {
 };
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/jwt/sign.js
+//#region ../../../../node_modules/jose/dist/webapi/jwt/sign.js
 var SignJWT = class {
 	#protectedHeader;
 	#jwt;
@@ -1209,7 +1209,7 @@ var SignJWT = class {
 };
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/jwks/local.js
+//#region ../../../../node_modules/jose/dist/webapi/jwks/local.js
 function getKtyFromAlg(alg) {
 	switch (typeof alg === "string" && alg.slice(0, 2)) {
 		case "RS":
@@ -1305,7 +1305,7 @@ function createLocalJWKSet(jwks) {
 }
 
 //#endregion
-//#region ../../node_modules/jose/dist/webapi/jwks/remote.js
+//#region ../../../../node_modules/jose/dist/webapi/jwks/remote.js
 function isCloudflareWorkers() {
 	return typeof WebSocketPair !== "undefined" || typeof navigator !== "undefined" && navigator.userAgent === "Cloudflare-Workers" || typeof EdgeRuntime !== "undefined" && EdgeRuntime === "vercel";
 }
@@ -1447,7 +1447,7 @@ function createRemoteJWKSet(url, options) {
 }
 
 //#endregion
-//#region src/security/providers/JwtProvider.ts
+//#region ../../src/security/providers/JwtProvider.ts
 /**
 * Provides utilities for working with JSON Web Tokens (JWT).
 */
@@ -1549,7 +1549,7 @@ var JwtProvider = class {
 };
 
 //#endregion
-//#region src/security/providers/SecurityProvider.ts
+//#region ../../src/security/providers/SecurityProvider.ts
 const DEFAULT_APP_SECRET = "05759934015388327323179852515731";
 const envSchema = t.object({ APP_SECRET: t.text({ default: DEFAULT_APP_SECRET }) });
 var SecurityProvider = class {
@@ -1941,7 +1941,7 @@ var SecurityProvider = class {
 };
 
 //#endregion
-//#region src/security/primitives/$permission.ts
+//#region ../../src/security/primitives/$permission.ts
 /**
 * Create a new permission.
 */
@@ -1977,7 +1977,7 @@ var PermissionPrimitive = class extends Primitive {
 $permission[KIND] = PermissionPrimitive;
 
 //#endregion
-//#region src/security/primitives/$realm.ts
+//#region ../../src/security/primitives/$realm.ts
 /**
 * Create a new realm.
 */
@@ -2132,7 +2132,7 @@ var RealmPrimitive = class extends Primitive {
 $realm[KIND] = RealmPrimitive;
 
 //#endregion
-//#region src/security/primitives/$role.ts
+//#region ../../src/security/primitives/$role.ts
 /**
 * Create a new role.
 */
@@ -2170,7 +2170,7 @@ var RolePrimitive = class extends Primitive {
 $role[KIND] = RolePrimitive;
 
 //#endregion
-//#region src/security/providers/CryptoProvider.ts
+//#region ../../src/security/providers/CryptoProvider.ts
 const scryptAsync = promisify(scrypt);
 var CryptoProvider = class {
 	async hashPassword(password) {
@@ -2199,7 +2199,7 @@ var CryptoProvider = class {
 };
 
 //#endregion
-//#region src/security/errors/InvalidCredentialsError.ts
+//#region ../../src/security/errors/InvalidCredentialsError.ts
 /**
 * Error thrown when the provided credentials are invalid.
 *
@@ -2214,7 +2214,7 @@ var InvalidCredentialsError = class extends UnauthorizedError {
 };
 
 //#endregion
-//#region src/security/primitives/$serviceAccount.ts
+//#region ../../src/security/primitives/$serviceAccount.ts
 /**
 * Allow to get an access token for a service account.
 *
@@ -2314,7 +2314,7 @@ const $serviceAccount = (options) => {
 };
 
 //#endregion
-//#region src/security/schemas/permissionSchema.ts
+//#region ../../src/security/schemas/permissionSchema.ts
 const permissionSchema = t.object({
 	name: t.text({ description: "Name of the permission." }),
 	group: t.optional(t.text({ description: "Group of the permission." })),
@@ -2324,7 +2324,7 @@ const permissionSchema = t.object({
 });
 
 //#endregion
-//#region src/security/schemas/roleSchema.ts
+//#region ../../src/security/schemas/roleSchema.ts
 const roleSchema = t.object({
 	name: t.text({ description: "Name of the role." }),
 	description: t.optional(t.text({ description: "Describe the role." })),
@@ -2337,7 +2337,7 @@ const roleSchema = t.object({
 });
 
 //#endregion
-//#region src/security/schemas/userAccountInfoSchema.ts
+//#region ../../src/security/schemas/userAccountInfoSchema.ts
 const userAccountInfoSchema = t.object({
 	id: t.text({ description: "Unique identifier for the user." }),
 	name: t.optional(t.text({ description: "Full name of the user." })),
@@ -2353,7 +2353,7 @@ const userAccountInfoSchema = t.object({
 });
 
 //#endregion
-//#region src/security/index.ts
+//#region ../../src/security/index.ts
 /**
 * Provides comprehensive authentication and authorization capabilities with JWT tokens, role-based access control, and user management.
 *

package/dist/server/index.browser.js

@@ -2,7 +2,7 @@ import { $inject, $module, Alepha, AlephaError, isFileLike, t } from "alepha";
 import { $cache } from "alepha/cache";
 import { $logger } from "alepha/logger";
 
-//#region src/server/errors/HttpError.ts
+//#region ../../src/server/errors/HttpError.ts
 const isHttpError = (error, status) => {
 	if (!(!!error && typeof error === "object" && "message" in error && typeof error.message === "string" && "status" in error && typeof error.status === "number")) return false;
 	if (status) return error.status === status;
@@ -63,7 +63,7 @@ const errorNameByStatus = {
 };
 
 //#endregion
-//#region src/server/helpers/isMultipart.ts
+//#region ../../src/server/helpers/isMultipart.ts
 /**
 * Checks if the route has multipart/form-data request body.
 */
@@ -77,7 +77,7 @@ const isMultipart = (options) => {
 };
 
 //#endregion
-//#region src/server/schemas/errorSchema.ts
+//#region ../../src/server/schemas/errorSchema.ts
 const errorSchema = t.object({
 	error: t.text({ description: "HTTP error name" }),
 	status: t.integer({ description: "HTTP status code" }),
@@ -103,7 +103,7 @@ const errorSchema = t.object({
 });
 
 //#endregion
-//#region src/server/services/HttpClient.ts
+//#region ../../src/server/services/HttpClient.ts
 var HttpClient = class {
 	log = $logger();
 	alepha = $inject(Alepha);
@@ -315,7 +315,7 @@ var HttpClient = class {
 };
 
 //#endregion
-//#region src/server/constants/routeMethods.ts
+//#region ../../src/server/constants/routeMethods.ts
 const routeMethods = [
 	"GET",
 	"POST",
@@ -329,7 +329,7 @@ const routeMethods = [
 ];
 
 //#endregion
-//#region src/server/errors/BadRequestError.ts
+//#region ../../src/server/errors/BadRequestError.ts
 var BadRequestError = class extends HttpError {
 	constructor(message = "Invalid request body", cause) {
 		super({
@@ -340,7 +340,7 @@ var BadRequestError = class extends HttpError {
 };
 
 //#endregion
-//#region src/server/errors/ConflictError.ts
+//#region ../../src/server/errors/ConflictError.ts
 var ConflictError = class extends HttpError {
 	constructor(message = "Entity already exists", cause) {
 		super({
@@ -351,7 +351,7 @@ var ConflictError = class extends HttpError {
 };
 
 //#endregion
-//#region src/server/errors/ForbiddenError.ts
+//#region ../../src/server/errors/ForbiddenError.ts
 var ForbiddenError = class extends HttpError {
 	constructor(message = "No permission to access this resource", cause) {
 		super({
@@ -362,7 +362,7 @@ var ForbiddenError = class extends HttpError {
 };
 
 //#endregion
-//#region src/server/errors/NotFoundError.ts
+//#region ../../src/server/errors/NotFoundError.ts
 var NotFoundError = class extends HttpError {
 	constructor(message = "Resource not found", cause) {
 		super({
@@ -373,7 +373,7 @@ var NotFoundError = class extends HttpError {
 };
 
 //#endregion
-//#region src/server/errors/UnauthorizedError.ts
+//#region ../../src/server/errors/UnauthorizedError.ts
 var UnauthorizedError = class extends HttpError {
 	name = "UnauthorizedError";
 	constructor(message = "Not allowed to access this resource", cause) {
@@ -385,7 +385,7 @@ var UnauthorizedError = class extends HttpError {
 };
 
 //#endregion
-//#region src/server/errors/ValidationError.ts
+//#region ../../src/server/errors/ValidationError.ts
 var ValidationError = class extends HttpError {
 	constructor(message = "Validation has failed", cause) {
 		super({
@@ -396,7 +396,7 @@ var ValidationError = class extends HttpError {
 };
 
 //#endregion
-//#region src/server/helpers/ServerReply.ts
+//#region ../../src/server/helpers/ServerReply.ts
 /**
 * Helper for building server replies.
 */
@@ -435,7 +435,7 @@ var ServerReply = class {
 };
 
 //#endregion
-//#region src/server/schemas/okSchema.ts
+//#region ../../src/server/schemas/okSchema.ts
 const okSchema = t.object({
 	ok: t.boolean({ description: "True when operation succeed" }),
 	id: t.optional(t.union([t.text(), t.integer()])),
@@ -446,7 +446,7 @@ const okSchema = t.object({
 });
 
 //#endregion
-//#region src/server/index.browser.ts
+//#region ../../src/server/index.browser.ts
 const AlephaServer = $module({
 	name: "alepha.server",
 	primitives: [],