alepha 0.21.2 → 0.23.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (519) hide show
  1. package/README.md +0 -1
  2. package/dist/api/audits/index.browser.js.map +1 -1
  3. package/dist/api/audits/index.d.ts +393 -403
  4. package/dist/api/audits/index.d.ts.map +1 -1
  5. package/dist/api/audits/index.js +25 -56
  6. package/dist/api/audits/index.js.map +1 -1
  7. package/dist/api/files/index.browser.js +31 -1
  8. package/dist/api/files/index.browser.js.map +1 -1
  9. package/dist/api/files/index.d.ts +313 -208
  10. package/dist/api/files/index.d.ts.map +1 -1
  11. package/dist/api/files/index.js +152 -42
  12. package/dist/api/files/index.js.map +1 -1
  13. package/dist/api/jobs/index.browser.js +2 -2
  14. package/dist/api/jobs/index.browser.js.map +1 -1
  15. package/dist/api/jobs/index.d.ts +282 -285
  16. package/dist/api/jobs/index.d.ts.map +1 -1
  17. package/dist/api/jobs/index.js +39 -33
  18. package/dist/api/jobs/index.js.map +1 -1
  19. package/dist/api/keys/index.d.ts +217 -222
  20. package/dist/api/keys/index.d.ts.map +1 -1
  21. package/dist/api/keys/index.js.map +1 -1
  22. package/dist/api/notifications/index.browser.js.map +1 -1
  23. package/dist/api/notifications/index.d.ts +188 -195
  24. package/dist/api/notifications/index.d.ts.map +1 -1
  25. package/dist/api/notifications/index.js.map +1 -1
  26. package/dist/api/oauth/index.d.ts +71 -76
  27. package/dist/api/oauth/index.d.ts.map +1 -1
  28. package/dist/api/oauth/index.js.map +1 -1
  29. package/dist/api/organizations/index.browser.js.map +1 -1
  30. package/dist/api/organizations/index.d.ts +104 -109
  31. package/dist/api/organizations/index.d.ts.map +1 -1
  32. package/dist/api/organizations/index.js.map +1 -1
  33. package/dist/api/parameters/index.browser.js +43 -16
  34. package/dist/api/parameters/index.browser.js.map +1 -1
  35. package/dist/api/parameters/index.d.ts +488 -344
  36. package/dist/api/parameters/index.d.ts.map +1 -1
  37. package/dist/api/parameters/index.js +175 -35
  38. package/dist/api/parameters/index.js.map +1 -1
  39. package/dist/api/payments/index.d.ts +396 -402
  40. package/dist/api/payments/index.d.ts.map +1 -1
  41. package/dist/api/payments/index.js.map +1 -1
  42. package/dist/api/subscriptions/index.d.ts +644 -652
  43. package/dist/api/subscriptions/index.d.ts.map +1 -1
  44. package/dist/api/subscriptions/index.js +1 -1
  45. package/dist/api/subscriptions/index.js.map +1 -1
  46. package/dist/api/users/index.browser.js +7 -0
  47. package/dist/api/users/index.browser.js.map +1 -1
  48. package/dist/api/users/index.d.ts +1106 -1005
  49. package/dist/api/users/index.d.ts.map +1 -1
  50. package/dist/api/users/index.js +307 -64
  51. package/dist/api/users/index.js.map +1 -1
  52. package/dist/api/verifications/index.browser.js.map +1 -1
  53. package/dist/api/verifications/index.d.ts +137 -143
  54. package/dist/api/verifications/index.d.ts.map +1 -1
  55. package/dist/api/verifications/index.js.map +1 -1
  56. package/dist/background/index.d.ts +95 -0
  57. package/dist/background/index.d.ts.map +1 -0
  58. package/dist/background/index.js +121 -0
  59. package/dist/background/index.js.map +1 -0
  60. package/dist/background/index.workerd.js +110 -0
  61. package/dist/background/index.workerd.js.map +1 -0
  62. package/dist/batch/index.d.ts +5 -7
  63. package/dist/batch/index.d.ts.map +1 -1
  64. package/dist/batch/index.js.map +1 -1
  65. package/dist/bin/index.js.map +1 -1
  66. package/dist/bucket/index.d.ts +76 -54
  67. package/dist/bucket/index.d.ts.map +1 -1
  68. package/dist/bucket/index.js +58 -11
  69. package/dist/bucket/index.js.map +1 -1
  70. package/dist/bucket/index.workerd.js +200 -5
  71. package/dist/bucket/index.workerd.js.map +1 -1
  72. package/dist/cache/core/index.d.ts +7 -10
  73. package/dist/cache/core/index.d.ts.map +1 -1
  74. package/dist/cache/core/index.js.map +1 -1
  75. package/dist/cache/core/index.workerd.js.map +1 -1
  76. package/dist/cache/database/index.d.ts +22 -26
  77. package/dist/cache/database/index.d.ts.map +1 -1
  78. package/dist/cache/database/index.js.map +1 -1
  79. package/dist/cache/redis/index.d.ts +4 -7
  80. package/dist/cache/redis/index.d.ts.map +1 -1
  81. package/dist/cache/redis/index.js.map +1 -1
  82. package/dist/captcha/index.d.ts +3 -6
  83. package/dist/captcha/index.d.ts.map +1 -1
  84. package/dist/captcha/index.js.map +1 -1
  85. package/dist/cli/config/index.d.ts.map +1 -1
  86. package/dist/cli/config/index.js.map +1 -1
  87. package/dist/cli/core/index.d.ts +458 -249
  88. package/dist/cli/core/index.d.ts.map +1 -1
  89. package/dist/cli/core/index.js +372 -660
  90. package/dist/cli/core/index.js.map +1 -1
  91. package/dist/cli/devtools/index.d.ts +3 -5
  92. package/dist/cli/devtools/index.d.ts.map +1 -1
  93. package/dist/cli/devtools/index.js.map +1 -1
  94. package/dist/cli/i18n/index.d.ts +20 -17
  95. package/dist/cli/i18n/index.d.ts.map +1 -1
  96. package/dist/cli/i18n/index.js +45 -11
  97. package/dist/cli/i18n/index.js.map +1 -1
  98. package/dist/cli/platform/index.d.ts +126 -1342
  99. package/dist/cli/platform/index.d.ts.map +1 -1
  100. package/dist/cli/platform/index.js +136 -2374
  101. package/dist/cli/platform/index.js.map +1 -1
  102. package/dist/cli/platform-lib/index.d.ts +1472 -0
  103. package/dist/cli/platform-lib/index.d.ts.map +1 -0
  104. package/dist/cli/platform-lib/index.js +2660 -0
  105. package/dist/cli/platform-lib/index.js.map +1 -0
  106. package/dist/cli/vendor/index.d.ts +17 -21
  107. package/dist/cli/vendor/index.d.ts.map +1 -1
  108. package/dist/cli/vendor/index.js.map +1 -1
  109. package/dist/command/index.d.ts +20 -19
  110. package/dist/command/index.d.ts.map +1 -1
  111. package/dist/command/index.js +39 -10
  112. package/dist/command/index.js.map +1 -1
  113. package/dist/{containers → container}/core/index.d.ts +13 -15
  114. package/dist/container/core/index.d.ts.map +1 -0
  115. package/dist/{containers → container}/core/index.js +23 -14
  116. package/dist/container/core/index.js.map +1 -0
  117. package/dist/{containers → container}/core/index.workerd.js +37 -22
  118. package/dist/container/core/index.workerd.js.map +1 -0
  119. package/dist/core/index.browser.js +27 -1
  120. package/dist/core/index.browser.js.map +1 -1
  121. package/dist/core/index.d.ts +48 -24
  122. package/dist/core/index.d.ts.map +1 -1
  123. package/dist/core/index.js +27 -1
  124. package/dist/core/index.js.map +1 -1
  125. package/dist/core/index.native.js +27 -1
  126. package/dist/core/index.native.js.map +1 -1
  127. package/dist/core/index.workerd.js +27 -1
  128. package/dist/core/index.workerd.js.map +1 -1
  129. package/dist/crypto/index.browser.js.map +1 -1
  130. package/dist/crypto/index.d.ts +5 -8
  131. package/dist/crypto/index.d.ts.map +1 -1
  132. package/dist/crypto/index.js.map +1 -1
  133. package/dist/datetime/index.d.ts +3 -4
  134. package/dist/datetime/index.d.ts.map +1 -1
  135. package/dist/datetime/index.js.map +1 -1
  136. package/dist/email/brevo/index.d.ts +2 -4
  137. package/dist/email/brevo/index.d.ts.map +1 -1
  138. package/dist/email/brevo/index.js.map +1 -1
  139. package/dist/email/cloudflare/index.d.ts +20 -7
  140. package/dist/email/cloudflare/index.d.ts.map +1 -1
  141. package/dist/email/cloudflare/index.js +46 -9
  142. package/dist/email/cloudflare/index.js.map +1 -1
  143. package/dist/email/core/index.d.ts +6 -9
  144. package/dist/email/core/index.d.ts.map +1 -1
  145. package/dist/email/core/index.js.map +1 -1
  146. package/dist/email/core/index.workerd.js.map +1 -1
  147. package/dist/email/smtp/index.d.ts +10 -13
  148. package/dist/email/smtp/index.d.ts.map +1 -1
  149. package/dist/email/smtp/index.js +107 -32
  150. package/dist/email/smtp/index.js.map +1 -1
  151. package/dist/fake/index.d.ts +1 -2
  152. package/dist/fake/index.d.ts.map +1 -1
  153. package/dist/fake/index.js.map +1 -1
  154. package/dist/lock/core/index.d.ts +9 -14
  155. package/dist/lock/core/index.d.ts.map +1 -1
  156. package/dist/lock/core/index.js.map +1 -1
  157. package/dist/lock/redis/index.d.ts +2 -4
  158. package/dist/lock/redis/index.d.ts.map +1 -1
  159. package/dist/lock/redis/index.js.map +1 -1
  160. package/dist/logger/index.d.ts +105 -76
  161. package/dist/logger/index.d.ts.map +1 -1
  162. package/dist/logger/index.js +196 -174
  163. package/dist/logger/index.js.map +1 -1
  164. package/dist/mcp/index.d.ts +25 -20
  165. package/dist/mcp/index.d.ts.map +1 -1
  166. package/dist/mcp/index.js +23 -0
  167. package/dist/mcp/index.js.map +1 -1
  168. package/dist/orm/core/index.browser.js.map +1 -1
  169. package/dist/orm/core/index.bun.js +19 -1
  170. package/dist/orm/core/index.bun.js.map +1 -1
  171. package/dist/orm/core/index.d.ts +76 -62
  172. package/dist/orm/core/index.d.ts.map +1 -1
  173. package/dist/orm/core/index.js +20 -2
  174. package/dist/orm/core/index.js.map +1 -1
  175. package/dist/orm/postgres/index.bun.js.map +1 -1
  176. package/dist/orm/postgres/index.d.ts +28 -20
  177. package/dist/orm/postgres/index.d.ts.map +1 -1
  178. package/dist/orm/postgres/index.js.map +1 -1
  179. package/dist/queue/core/index.d.ts +12 -15
  180. package/dist/queue/core/index.d.ts.map +1 -1
  181. package/dist/queue/core/index.js.map +1 -1
  182. package/dist/queue/core/index.workerd.js.map +1 -1
  183. package/dist/queue/redis/index.d.ts +3 -5
  184. package/dist/queue/redis/index.d.ts.map +1 -1
  185. package/dist/queue/redis/index.js.map +1 -1
  186. package/dist/react/auth/index.browser.js +9 -2
  187. package/dist/react/auth/index.browser.js.map +1 -1
  188. package/dist/react/auth/index.d.ts +14 -9
  189. package/dist/react/auth/index.d.ts.map +1 -1
  190. package/dist/react/auth/index.js +9 -2
  191. package/dist/react/auth/index.js.map +1 -1
  192. package/dist/react/core/index.d.ts +7 -8
  193. package/dist/react/core/index.d.ts.map +1 -1
  194. package/dist/react/core/index.js +6 -3
  195. package/dist/react/core/index.js.map +1 -1
  196. package/dist/react/form/index.d.ts +2 -5
  197. package/dist/react/form/index.d.ts.map +1 -1
  198. package/dist/react/form/index.js +16 -15
  199. package/dist/react/form/index.js.map +1 -1
  200. package/dist/react/head/index.browser.js.map +1 -1
  201. package/dist/react/head/index.d.ts +2 -4
  202. package/dist/react/head/index.d.ts.map +1 -1
  203. package/dist/react/head/index.js.map +1 -1
  204. package/dist/react/i18n/index.d.ts +90 -11
  205. package/dist/react/i18n/index.d.ts.map +1 -1
  206. package/dist/react/i18n/index.js +147 -11
  207. package/dist/react/i18n/index.js.map +1 -1
  208. package/dist/react/intro/index.d.ts +1 -2
  209. package/dist/react/intro/index.d.ts.map +1 -1
  210. package/dist/react/intro/index.js +2 -2
  211. package/dist/react/intro/index.js.map +1 -1
  212. package/dist/react/router/index.browser.js +193 -24
  213. package/dist/react/router/index.browser.js.map +1 -1
  214. package/dist/react/router/index.d.ts +434 -222
  215. package/dist/react/router/index.d.ts.map +1 -1
  216. package/dist/react/router/index.js +249 -35
  217. package/dist/react/router/index.js.map +1 -1
  218. package/dist/react/sitemap/index.browser.js +35 -0
  219. package/dist/react/sitemap/index.browser.js.map +1 -0
  220. package/dist/react/sitemap/index.d.ts +92 -0
  221. package/dist/react/sitemap/index.d.ts.map +1 -0
  222. package/dist/react/sitemap/index.js +131 -0
  223. package/dist/react/sitemap/index.js.map +1 -0
  224. package/dist/react/testing/index.d.ts +1 -2
  225. package/dist/react/testing/index.d.ts.map +1 -1
  226. package/dist/react/testing/index.js +16 -17
  227. package/dist/react/testing/index.js.map +1 -1
  228. package/dist/react/ui/index.d.ts +20 -25
  229. package/dist/react/ui/index.d.ts.map +1 -1
  230. package/dist/react/ui/index.js.map +1 -1
  231. package/dist/redis/index.bun.js.map +1 -1
  232. package/dist/redis/index.d.ts +17 -19
  233. package/dist/redis/index.d.ts.map +1 -1
  234. package/dist/redis/index.js.map +1 -1
  235. package/dist/retry/index.d.ts +2 -4
  236. package/dist/retry/index.d.ts.map +1 -1
  237. package/dist/retry/index.js.map +1 -1
  238. package/dist/router/index.d.ts.map +1 -1
  239. package/dist/router/index.js.map +1 -1
  240. package/dist/scheduler/index.d.ts +10 -13
  241. package/dist/scheduler/index.d.ts.map +1 -1
  242. package/dist/scheduler/index.js.map +1 -1
  243. package/dist/scheduler/index.workerd.js.map +1 -1
  244. package/dist/security/index.browser.js.map +1 -1
  245. package/dist/security/index.d.ts +45 -48
  246. package/dist/security/index.d.ts.map +1 -1
  247. package/dist/security/index.js.map +1 -1
  248. package/dist/server/auth/index.browser.js.map +1 -1
  249. package/dist/server/auth/index.d.ts +272 -173
  250. package/dist/server/auth/index.d.ts.map +1 -1
  251. package/dist/server/auth/index.js +1608 -15
  252. package/dist/server/auth/index.js.map +1 -1
  253. package/dist/server/cookies/index.browser.js.map +1 -1
  254. package/dist/server/cookies/index.d.ts +20 -7
  255. package/dist/server/cookies/index.d.ts.map +1 -1
  256. package/dist/server/cookies/index.js +22 -3
  257. package/dist/server/cookies/index.js.map +1 -1
  258. package/dist/server/core/index.browser.js.map +1 -1
  259. package/dist/server/core/index.d.ts +106 -73
  260. package/dist/server/core/index.d.ts.map +1 -1
  261. package/dist/server/core/index.js +44 -0
  262. package/dist/server/core/index.js.map +1 -1
  263. package/dist/server/cors/index.d.ts +11 -14
  264. package/dist/server/cors/index.d.ts.map +1 -1
  265. package/dist/server/cors/index.js.map +1 -1
  266. package/dist/server/etag/index.d.ts +6 -9
  267. package/dist/server/etag/index.d.ts.map +1 -1
  268. package/dist/server/etag/index.js.map +1 -1
  269. package/dist/server/health/index.d.ts +18 -21
  270. package/dist/server/health/index.d.ts.map +1 -1
  271. package/dist/server/health/index.js.map +1 -1
  272. package/dist/server/links/index.browser.js +2 -0
  273. package/dist/server/links/index.browser.js.map +1 -1
  274. package/dist/server/links/index.d.ts +63 -67
  275. package/dist/server/links/index.d.ts.map +1 -1
  276. package/dist/server/links/index.js +2 -0
  277. package/dist/server/links/index.js.map +1 -1
  278. package/dist/server/metrics/index.d.ts +5 -7
  279. package/dist/server/metrics/index.d.ts.map +1 -1
  280. package/dist/server/metrics/index.js.map +1 -1
  281. package/dist/server/proxy/index.d.ts +3 -5
  282. package/dist/server/proxy/index.d.ts.map +1 -1
  283. package/dist/server/proxy/index.js.map +1 -1
  284. package/dist/server/rate-limit/index.d.ts +10 -13
  285. package/dist/server/rate-limit/index.d.ts.map +1 -1
  286. package/dist/server/rate-limit/index.js.map +1 -1
  287. package/dist/server/static/index.d.ts +3 -5
  288. package/dist/server/static/index.d.ts.map +1 -1
  289. package/dist/server/static/index.js.map +1 -1
  290. package/dist/server/swagger/index.d.ts +5 -8
  291. package/dist/server/swagger/index.d.ts.map +1 -1
  292. package/dist/server/swagger/index.js.map +1 -1
  293. package/dist/sms/index.d.ts +3 -5
  294. package/dist/sms/index.d.ts.map +1 -1
  295. package/dist/sms/index.js.map +1 -1
  296. package/dist/system/index.browser.js.map +1 -1
  297. package/dist/system/index.d.ts +2 -4
  298. package/dist/system/index.d.ts.map +1 -1
  299. package/dist/system/index.js.map +1 -1
  300. package/dist/system/index.workerd.js.map +1 -1
  301. package/dist/topic/core/index.d.ts +4 -6
  302. package/dist/topic/core/index.d.ts.map +1 -1
  303. package/dist/topic/core/index.js.map +1 -1
  304. package/dist/topic/redis/index.d.ts +5 -8
  305. package/dist/topic/redis/index.d.ts.map +1 -1
  306. package/dist/topic/redis/index.js.map +1 -1
  307. package/package.json +59 -23
  308. package/src/api/audits/__tests__/AuditService.spec.ts +18 -110
  309. package/src/api/audits/controllers/AdminAuditController.ts +14 -0
  310. package/src/api/audits/services/AuditService.ts +21 -88
  311. package/src/api/files/__tests__/FileService.spec.ts +207 -2
  312. package/src/api/files/index.ts +3 -0
  313. package/src/api/files/schemas/fileCreatorSummarySchema.ts +22 -0
  314. package/src/api/files/schemas/fileResourceSchema.ts +10 -1
  315. package/src/api/files/services/FileService.ts +170 -72
  316. package/src/api/jobs/__tests__/$job.spec.ts +24 -1
  317. package/src/api/jobs/index.ts +4 -3
  318. package/src/api/jobs/primitives/$job.ts +7 -3
  319. package/src/api/jobs/providers/DirectJobDispatcher.ts +17 -36
  320. package/src/api/jobs/providers/JobProvider.ts +53 -24
  321. package/src/api/jobs/schemas/jobConfigAtom.ts +1 -1
  322. package/src/api/jobs/schemas/jobExecutionResourceSchema.ts +4 -1
  323. package/src/api/keys/schemas/adminApiKeyResourceSchema.ts +3 -1
  324. package/src/api/parameters/__tests__/$parameter.spec.ts +19 -2
  325. package/src/api/parameters/audits/ParameterAudits.ts +17 -0
  326. package/src/api/parameters/controllers/AdminParameterController.ts +95 -19
  327. package/src/api/parameters/index.ts +3 -0
  328. package/src/api/parameters/schemas/activateParameterBodySchema.ts +3 -3
  329. package/src/api/parameters/schemas/createParameterVersionBodySchema.ts +3 -2
  330. package/src/api/parameters/schemas/parameterCreatorSummarySchema.ts +25 -0
  331. package/src/api/parameters/schemas/parameterResponseSchema.ts +5 -0
  332. package/src/api/parameters/schemas/rollbackParameterBodySchema.ts +4 -2
  333. package/src/api/parameters/services/ParameterProvider.ts +69 -6
  334. package/src/api/subscriptions/jobs/SubscriptionJobs.ts +1 -1
  335. package/src/api/users/__tests__/AdminSessionController.spec.ts +37 -0
  336. package/src/api/users/audits/SessionAudits.ts +33 -0
  337. package/src/api/users/audits/UserAudits.ts +19 -43
  338. package/src/api/users/controllers/AdminUserController.ts +66 -1
  339. package/src/api/users/controllers/RealmController.ts +1 -0
  340. package/src/api/users/entities/sessions.ts +6 -0
  341. package/src/api/users/entities/users.ts +2 -0
  342. package/src/api/users/index.ts +9 -1
  343. package/src/api/users/primitives/$realm.ts +29 -0
  344. package/src/api/users/providers/RealmProvider.ts +15 -0
  345. package/src/api/users/schemas/realmConfigSchema.ts +14 -0
  346. package/src/api/users/schemas/sessionResourceSchema.ts +16 -0
  347. package/src/api/users/schemas/updateUserSchema.ts +1 -8
  348. package/src/api/users/schemas/userQuerySchema.ts +7 -0
  349. package/src/api/users/services/CredentialService.ts +15 -6
  350. package/src/api/users/services/IdentityService.ts +2 -1
  351. package/src/api/users/services/RegistrationService.ts +2 -1
  352. package/src/api/users/services/SessionCrudService.ts +19 -2
  353. package/src/api/users/services/SessionService.ts +39 -19
  354. package/src/api/users/services/UserService.ts +106 -8
  355. package/src/background/__tests__/BackgroundTaskProvider.spec.ts +96 -0
  356. package/src/background/index.ts +37 -0
  357. package/src/background/index.workerd.ts +28 -0
  358. package/src/background/providers/BackgroundTaskProvider.ts +70 -0
  359. package/src/background/providers/WorkerdBackgroundTaskProvider.ts +43 -0
  360. package/src/bucket/__tests__/$bucket.spec.ts +18 -0
  361. package/src/bucket/__tests__/LocalFileStorageProvider.spec.ts +5 -0
  362. package/src/bucket/__tests__/MemoryFileStorageProvider.spec.ts +5 -0
  363. package/src/bucket/__tests__/NodeS3BucketProvider.spec.ts +23 -4
  364. package/src/bucket/__tests__/shared.ts +30 -0
  365. package/src/bucket/index.ts +5 -5
  366. package/src/bucket/index.workerd.ts +11 -4
  367. package/src/bucket/primitives/$bucket.ts +27 -0
  368. package/src/bucket/providers/FileStorageProvider.ts +13 -0
  369. package/src/bucket/providers/LocalFileStorageProvider.ts +17 -1
  370. package/src/bucket/providers/MemoryFileStorageProvider.ts +7 -0
  371. package/src/bucket/providers/{CloudflareR2Provider.ts → R2FileStorageProvider.ts} +10 -1
  372. package/src/bucket/providers/{NodeS3BucketProvider.ts → S3FileStorageProvider.ts} +27 -5
  373. package/src/cli/core/__tests__/BuildDockerTask.spec.ts +25 -1
  374. package/src/cli/core/__tests__/init.spec.ts +0 -219
  375. package/src/cli/core/atoms/buildOptions.ts +0 -12
  376. package/src/cli/core/commands/__tests__/BuildCommand.spec.ts +43 -0
  377. package/src/cli/core/commands/build.ts +105 -37
  378. package/src/cli/core/commands/init.ts +0 -12
  379. package/src/cli/core/commands/pack.ts +133 -0
  380. package/src/cli/core/index.ts +3 -3
  381. package/src/cli/core/providers/ViteDevServerProvider.ts +40 -16
  382. package/src/cli/core/services/PackageManagerUtils.ts +0 -16
  383. package/src/cli/core/services/ProjectScaffolder.ts +29 -291
  384. package/src/cli/core/tasks/BuildCloudflareTask.ts +382 -56
  385. package/src/cli/core/tasks/BuildDockerTask.ts +33 -3
  386. package/src/cli/core/tasks/BuildPrerenderTask.ts +44 -7
  387. package/src/cli/core/tasks/BuildTask.ts +34 -0
  388. package/src/cli/core/templates/apiIndexTs.ts +1 -22
  389. package/src/cli/core/templates/mainCss.ts +0 -1
  390. package/src/cli/core/templates/webAppRouterTs.ts +0 -99
  391. package/src/cli/core/templates/webIndexTs.ts +1 -22
  392. package/src/cli/i18n/__tests__/I18nCheckService.spec.ts +48 -0
  393. package/src/cli/i18n/services/I18nCheckService.ts +65 -11
  394. package/src/cli/platform/__tests__/SecretsCommand.spec.ts +5 -3
  395. package/src/cli/platform/commands/SecretsCommand.ts +8 -6
  396. package/src/cli/platform/commands/platform.ts +192 -46
  397. package/src/cli/platform/index.ts +12 -52
  398. package/src/cli/{platform → platform-lib}/__tests__/CloudflareAdapter.spec.ts +426 -169
  399. package/src/cli/{platform → platform-lib}/__tests__/NamingService.spec.ts +91 -4
  400. package/src/cli/{platform → platform-lib}/__tests__/VercelAdapter.spec.ts +56 -85
  401. package/src/cli/{platform → platform-lib}/adapters/CloudflareAdapter.ts +519 -190
  402. package/src/cli/{platform → platform-lib}/adapters/PlatformAdapter.ts +62 -35
  403. package/src/cli/{platform → platform-lib}/adapters/VercelAdapter.ts +6 -10
  404. package/src/cli/{platform → platform-lib}/atoms/platformOptions.ts +34 -1
  405. package/src/cli/platform-lib/index.ts +67 -0
  406. package/src/cli/platform-lib/services/NamingService.ts +136 -0
  407. package/src/cli/{platform → platform-lib}/services/PlatformInspector.ts +60 -13
  408. package/src/cli/{platform → platform-lib}/services/PlatformOrchestrator.ts +54 -43
  409. package/src/cli/{platform → platform-lib}/services/WranglerApi.ts +4 -2
  410. package/src/command/__tests__/Runner.spec.ts +20 -0
  411. package/src/command/helpers/EnvUtils.ts +19 -3
  412. package/src/command/helpers/Runner.ts +12 -2
  413. package/src/command/providers/CliProvider.ts +34 -1
  414. package/src/{containers → container}/core/__tests__/$container.spec.ts +5 -5
  415. package/src/{containers → container}/core/index.ts +4 -4
  416. package/src/{containers → container}/core/index.workerd.ts +19 -3
  417. package/src/{containers → container}/core/primitives/$container.ts +1 -1
  418. package/src/{containers → container}/core/providers/CloudflareContainerProvider.ts +17 -19
  419. package/src/{containers → container}/core/providers/ContainerProvider.ts +16 -2
  420. package/src/{containers → container}/core/providers/MockContainerProvider.ts +1 -1
  421. package/src/core/Alepha.ts +49 -1
  422. package/src/core/__tests__/$env.spec.ts +42 -0
  423. package/src/core/__tests__/dump.spec.ts +47 -0
  424. package/src/email/cloudflare/__tests__/CloudflareEmailProvider.spec.ts +42 -10
  425. package/src/email/cloudflare/index.ts +14 -5
  426. package/src/email/cloudflare/providers/CloudflareEmailProvider.ts +54 -9
  427. package/src/logger/__tests__/Logger.spec.ts +55 -0
  428. package/src/logger/index.ts +13 -0
  429. package/src/logger/services/Logger.ts +31 -1
  430. package/src/mcp/__tests__/McpServerProvider.spec.ts +71 -0
  431. package/src/mcp/providers/McpServerProvider.ts +55 -0
  432. package/src/orm/__tests__/orm-showcase-tests.ts +27 -0
  433. package/src/orm/__tests__/orm-showcase.spec.ts +12 -0
  434. package/src/orm/core/interfaces/PgQuery.ts +4 -1
  435. package/src/orm/core/services/Repository.ts +27 -11
  436. package/src/react/auth/hooks/useAuth.ts +10 -5
  437. package/src/react/core/__tests__/useQuery.browser.spec.tsx +25 -0
  438. package/src/react/core/hooks/useAction.ts +14 -3
  439. package/src/react/core/hooks/useQuery.ts +24 -4
  440. package/src/react/form/__tests__/FormModel-submit-loading.spec.ts +71 -0
  441. package/src/react/form/__tests__/form-submitting-reactive.browser.spec.tsx +96 -0
  442. package/src/react/form/services/FormModel.ts +57 -39
  443. package/src/react/i18n/__tests__/I18nProvider.spec.ts +89 -0
  444. package/src/react/i18n/__tests__/locale-routing.spec.ts +107 -0
  445. package/src/react/i18n/components/Translate.tsx +47 -0
  446. package/src/react/i18n/index.ts +2 -0
  447. package/src/react/i18n/providers/I18nProvider.ts +171 -12
  448. package/src/react/intro/components/GettingStartedAdminSlide.tsx +2 -2
  449. package/src/react/router/__tests__/$page.spec.tsx +3 -2
  450. package/src/react/router/__tests__/RouterLocaleProvider.spec.ts +127 -0
  451. package/src/react/router/__tests__/page-can.spec.ts +18 -13
  452. package/src/react/router/hooks/useQueryParams.ts +114 -14
  453. package/src/react/router/index.browser.ts +4 -0
  454. package/src/react/router/index.shared.ts +1 -0
  455. package/src/react/router/index.ts +9 -0
  456. package/src/react/router/primitives/$page.ts +85 -4
  457. package/src/react/router/providers/ReactBrowserRouterProvider.ts +18 -8
  458. package/src/react/router/providers/ReactPageProvider.ts +12 -1
  459. package/src/react/router/providers/ReactServerProvider.ts +96 -14
  460. package/src/react/router/providers/RootComponentsProvider.ts +13 -0
  461. package/src/react/router/providers/RouterLocaleProvider.ts +125 -0
  462. package/src/react/router/providers/__tests__/RootComponentsProvider.spec.ts +15 -0
  463. package/src/react/router/providers/__tests__/rootComponents.ssr.browser.spec.tsx +67 -0
  464. package/src/react/sitemap/__tests__/$sitemap.spec.ts +131 -0
  465. package/src/react/sitemap/index.browser.ts +21 -0
  466. package/src/react/sitemap/index.ts +25 -0
  467. package/src/react/sitemap/primitives/$sitemap.browser.ts +26 -0
  468. package/src/react/sitemap/primitives/$sitemap.ts +196 -0
  469. package/src/react/ui/services/SchemaControl.ts +3 -4
  470. package/src/server/auth/__tests__/appleClientSecret.spec.ts +34 -0
  471. package/src/server/auth/__tests__/authFederationClient.spec.ts +40 -0
  472. package/src/server/auth/__tests__/federationAssertion.spec.ts +146 -0
  473. package/src/server/auth/__tests__/federationRedirectReplay.spec.ts +44 -0
  474. package/src/server/auth/helpers/appleClientSecret.ts +24 -0
  475. package/src/server/auth/helpers/federationAssertion.ts +74 -0
  476. package/src/server/auth/helpers/jtiReplayGuard.ts +41 -0
  477. package/src/server/auth/helpers/safeRedirectPath.ts +19 -0
  478. package/src/server/auth/index.ts +4 -0
  479. package/src/server/auth/primitives/$authFederationBroker.ts +273 -0
  480. package/src/server/auth/primitives/$authFederationClient.ts +89 -0
  481. package/src/server/auth/providers/ServerAuthProvider.ts +18 -4
  482. package/src/server/cookies/__tests__/ServerCookiesProvider.spec.ts +70 -0
  483. package/src/server/cookies/providers/ServerCookiesProvider.ts +23 -3
  484. package/src/server/core/interfaces/ServerRequest.ts +8 -0
  485. package/src/server/core/primitives/$route.ts +27 -0
  486. package/src/server/core/providers/ServerMultipartProvider.ts +19 -0
  487. package/src/server/links/providers/LinkProvider.ts +10 -0
  488. package/dist/containers/core/index.d.ts.map +0 -1
  489. package/dist/containers/core/index.js.map +0 -1
  490. package/dist/containers/core/index.workerd.js.map +0 -1
  491. package/src/cli/core/tasks/BuildSitemapTask.ts +0 -130
  492. package/src/cli/core/templates/componentsJsonTs.ts +0 -39
  493. package/src/cli/core/templates/saasAdminLayoutTsx.ts +0 -77
  494. package/src/cli/core/templates/saasAdminPagesTsx.ts +0 -26
  495. package/src/cli/core/templates/saasAuthLayoutTsx.ts +0 -22
  496. package/src/cli/core/templates/saasAuthPagesTsx.ts +0 -62
  497. package/src/cli/core/templates/saasRealmProviderTs.ts +0 -52
  498. package/src/cli/platform/services/NamingService.ts +0 -54
  499. /package/dist/orm/core/{chunk-o8xxKEmq.js → chunk-B4FMCO8f.js} +0 -0
  500. /package/dist/react/testing/{chunk-6Ep1yQYe.js → chunk-BpyX8vjI.js} +0 -0
  501. /package/src/cli/{platform → platform-lib}/__tests__/GitHubSecretStore.spec.ts +0 -0
  502. /package/src/cli/{platform → platform-lib}/__tests__/PlatformCacheProvider.spec.ts +0 -0
  503. /package/src/cli/{platform → platform-lib}/__tests__/PlatformInspector.spec.ts +0 -0
  504. /package/src/cli/{platform → platform-lib}/__tests__/PlatformOrchestrator.spec.ts +0 -0
  505. /package/src/cli/{platform → platform-lib}/__tests__/SecretFilterService.spec.ts +0 -0
  506. /package/src/cli/{platform → platform-lib}/__tests__/detectResources.spec.ts +0 -0
  507. /package/src/cli/{platform → platform-lib}/providers/GitHubSecretStore.ts +0 -0
  508. /package/src/cli/{platform → platform-lib}/providers/MemorySecretStore.ts +0 -0
  509. /package/src/cli/{platform → platform-lib}/providers/PlatformCacheProvider.ts +0 -0
  510. /package/src/cli/{platform → platform-lib}/providers/SecretStoreProvider.ts +0 -0
  511. /package/src/cli/{platform → platform-lib}/schemas/cloudflare.ts +0 -0
  512. /package/src/cli/{platform → platform-lib}/schemas/platform.ts +0 -0
  513. /package/src/cli/{platform → platform-lib}/schemas/vercel.ts +0 -0
  514. /package/src/cli/{platform → platform-lib}/services/CloudflareApi.ts +0 -0
  515. /package/src/cli/{platform → platform-lib}/services/SecretFilterService.ts +0 -0
  516. /package/src/cli/{platform → platform-lib}/services/VercelApi.ts +0 -0
  517. /package/src/cli/{platform → platform-lib}/services/VercelCli.ts +0 -0
  518. /package/src/{containers → container}/core/interfaces/ContainerOptions.ts +0 -0
  519. /package/src/{containers → container}/core/providers/NodeContainerProvider.ts +0 -0
package/dist/security/index.browser.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.browser.js","names":[],"sources":["../../src/security/atoms/currentTenantAtom.ts","../../src/security/schemas/userAccountInfoSchema.ts","../../src/security/atoms/currentUserAtom.ts","../../src/security/errors/InvalidCredentialsError.ts","../../src/security/errors/InvalidPermissionError.ts","../../src/security/errors/SecurityError.ts","../../src/security/primitives/$secure.browser.ts","../../src/security/schemas/permissionSchema.ts","../../src/security/schemas/roleSchema.ts","../../src/security/index.browser.ts"],"sourcesContent":["import { $atom, t } from \"alepha\";\n\n/**\n * Atom storing the active tenant for the current request.\n *\n * Transport-agnostic — works with HTTP, MCP, pipelines, jobs, and any context\n * that sets the atom before calling tenant-scoped logic.\n *\n * Typically set by an app-level middleware that resolves the tenant from the\n * request `Host` header (or another signal) and writes the resolved id to the\n * store. Framework code that reads this atom:\n *\n * - Repository scoping: `withOrganization` / `stampOrganization` prefer this\n * value over `currentUserAtom.organization` so cross-tenant users (admins,\n * agency operators) are scoped to the tenant they are currently acting in\n * rather than the one they belong to.\n * - Session creation: the value is persisted into the JWT as a `tenant` claim,\n * and the issuer resolver rejects tokens whose claim does not match the\n * tenant resolved from the current request.\n *\n * `id` is a free-form string so the framework stays neutral on tenant identity\n * (slug, UUID, composite). Pick whatever matches the column marked with\n * `PG_ORGANIZATION` in your entities.\n */\nexport const currentTenantAtom = $atom({\n name: \"alepha.security.tenant\",\n schema: t.optional(\n t.object({\n id: t.text({\n description: \"Tenant identifier (slug, UUID, or composite).\",\n }),\n }),\n ),\n});\n","import type { Static } from \"alepha\";\nimport { t } from \"alepha\";\n\nexport const userAccountInfoSchema = t.object({\n id: t.text({\n description: \"Unique identifier for the user.\",\n }),\n\n name: t.optional(\n t.text({\n description: \"Full name of the user.\",\n }),\n ),\n\n email: t.optional(\n t.text({\n description: \"Email address of the user.\",\n format: \"email\",\n }),\n ),\n\n username: t.optional(\n t.text({\n description: \"Preferred username of the user.\",\n }),\n ),\n\n picture: t.optional(\n t.text({\n description: \"URL to the user's profile picture.\",\n }),\n ),\n\n sessionId: t.optional(\n t.text({\n description: \"Session identifier for the user, if applicable.\",\n }),\n ),\n\n // -------------------------------------------------------------------------------------------------------------------\n\n organization: t.optional(\n t.uuid({\n description: \"Organization the user belongs to.\",\n }),\n ),\n\n roles: t.optional(\n t.array(t.text(), {\n description: \"List of roles assigned to the user.\",\n }),\n ),\n\n realm: t.optional(\n t.text({\n description: \"The realm (issuer) the user was authenticated from.\",\n }),\n ),\n});\n\nexport type UserAccount = Static<typeof userAccountInfoSchema>;\n","import { $atom, t } from \"alepha\";\nimport { userAccountInfoSchema } from \"../schemas/userAccountInfoSchema.ts\";\n\n/**\n * Atom storing the current authenticated user.\n *\n * Transport-agnostic — works with HTTP, MCP, pipelines, jobs, and any context\n * that sets the atom before calling secured logic.\n */\nexport const currentUserAtom = $atom({\n name: \"alepha.security.user\",\n schema: t.optional(userAccountInfoSchema),\n});\n","import { UnauthorizedError } from \"alepha/server\";\n\n/**\n * Error thrown when the provided credentials are invalid.\n *\n * Message can not be changed to avoid leaking information.\n * Cause is omitted for the same reason.\n */\nexport class InvalidCredentialsError extends UnauthorizedError {\n readonly name = \"UnauthorizedError\";\n constructor() {\n super(\"Invalid credentials\");\n }\n}\n","export class InvalidPermissionError extends Error {\n constructor(name: string) {\n super(`Permission '${name}' is invalid`);\n }\n}\n","export class SecurityError extends Error {\n public name = \"SecurityError\";\n public readonly status = 403;\n}\n","import { createMiddleware, type Middleware } from \"alepha\";\nimport { currentUserAtom } from \"../atoms/currentUserAtom.ts\";\nimport type { UserAccountToken } from \"../interfaces/UserAccountToken.ts\";\nimport type { SecureOptions } from \"./$secure.ts\";\n\nexport type { SecureOptions };\n\n/**\n * Browser-side middleware that enforces authentication and authorization.\n *\n * Resolves the user from `currentUserAtom` only (no HTTP header resolution).\n * Checks roles from the user object and permissions from the user's roles.\n *\n * In the browser, an unauthenticated or unauthorized user is not an exception —\n * the middleware short-circuits by returning `undefined` and the handler is not called.\n * Components should use `action.can()` to conditionally render UI elements.\n *\n * ```typescript\n * class OrderController {\n * getOrders = $action({\n * use: [$secure()],\n * handler: async ({ query }) => { ... },\n * });\n *\n * deleteOrder = $action({\n * use: [$secure({ permissions: [\"orders:delete\"] })],\n * handler: async ({ params }) => { ... },\n * });\n * }\n * ```\n */\nexport function $secure(options?: SecureOptions): Middleware {\n return createMiddleware({\n name: \"$secure\",\n options: (options as unknown as Record<string, unknown>) ?? undefined,\n handler: ({ alepha, next }) => {\n return async (...args: any[]) => {\n const user: UserAccountToken | undefined =\n alepha.store.get(currentUserAtom);\n\n if (!user) {\n return undefined;\n }\n\n // Issuer check\n if (options?.issuers?.length) {\n if (!user.realm || !options.issuers.includes(user.realm)) {\n return undefined;\n }\n }\n\n // Role check\n if (options?.roles?.length) {\n const hasRole = options.roles.some((role) =>\n user.roles?.includes(role),\n );\n if (!hasRole) {\n return undefined;\n }\n }\n\n // Permission check (browser-side: check against user roles)\n // Server-side permissions are enforced by the API — the browser version\n // trusts that the API registry already filtered actions by permission.\n\n // Custom guard\n if (options?.guard) {\n if (!options.guard(user)) {\n return undefined;\n }\n }\n\n return next(...args);\n };\n },\n });\n}\n","import type { Static } from \"alepha\";\nimport { t } from \"alepha\";\n\nexport const permissionSchema = t.object({\n name: t.text({\n description: \"Name of the permission.\",\n }),\n\n group: t.optional(\n t.text({\n description: \"Group of the permission.\",\n }),\n ),\n\n description: t.optional(\n t.text({\n description: \"Describe the permission.\",\n }),\n ),\n\n // HTTP Only\n\n method: t.optional(\n t.text({\n description: \"HTTP method of the permission. When available.\",\n }),\n ),\n\n path: t.optional(\n t.text({\n description: \"Pathname of the permission. When available.\",\n }),\n ),\n});\n\nexport type Permission = Static<typeof permissionSchema>;\n","import type { Static } from \"alepha\";\nimport { t } from \"alepha\";\n\nexport const roleSchema = t.object({\n name: t.text({\n description: \"Name of the role.\",\n }),\n\n description: t.optional(\n t.text({\n description: \"Describe the role.\",\n }),\n ),\n\n default: t.optional(\n t.boolean({\n description:\n \"If true, this role will be assigned to all users by default.\",\n }),\n ),\n\n permissions: t.array(\n t.object({\n name: t.text({\n description: \"Name of the permission.\",\n }),\n ownership: t.optional(\n t.boolean({\n description:\n \"If true, user will only have access to it's own resources.\",\n }),\n ),\n exclude: t.optional(\n t.array(t.text(), {\n description:\n \"Exclude some permissions. Useful when 'name' is a wildcard.\",\n }),\n ),\n }),\n ),\n});\n\nexport type Role = Static<typeof roleSchema>;\n","import { $module } from \"alepha\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport * from \"./atoms/currentTenantAtom.ts\";\nexport * from \"./atoms/currentUserAtom.ts\";\nexport * from \"./errors/InvalidCredentialsError.ts\";\nexport * from \"./errors/InvalidPermissionError.ts\";\nexport * from \"./errors/SecurityError.ts\";\nexport * from \"./interfaces/UserAccountToken.ts\";\nexport * from \"./primitives/$secure.browser.ts\";\nexport * from \"./schemas/permissionSchema.ts\";\nexport * from \"./schemas/roleSchema.ts\";\nexport * from \"./schemas/userAccountInfoSchema.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport const AlephaSecurity = $module({\n name: \"alepha.security\",\n});\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAwBA,MAAa,oBAAoB,MAAM;CACrC,MAAM;CACN,QAAQ,EAAE,SACR,EAAE,OAAO,EACP,IAAI,EAAE,KAAK,EACT,aAAa,iDACd,CAAC,EACH,CAAC,CACH;CACF,CAAC;;;AC9BF,MAAa,wBAAwB,EAAE,OAAO;CAC5C,IAAI,EAAE,KAAK,EACT,aAAa,mCACd,CAAC;CAEF,MAAM,EAAE,SACN,EAAE,KAAK,EACL,aAAa,0BACd,CAAC,CACH;CAED,OAAO,EAAE,SACP,EAAE,KAAK;EACL,aAAa;EACb,QAAQ;EACT,CAAC,CACH;CAED,UAAU,EAAE,SACV,EAAE,KAAK,EACL,aAAa,mCACd,CAAC,CACH;CAED,SAAS,EAAE,SACT,EAAE,KAAK,EACL,aAAa,sCACd,CAAC,CACH;CAED,WAAW,EAAE,SACX,EAAE,KAAK,EACL,aAAa,mDACd,CAAC,CACH;CAID,cAAc,EAAE,SACd,EAAE,KAAK,EACL,aAAa,qCACd,CAAC,CACH;CAED,OAAO,EAAE,SACP,EAAE,MAAM,EAAE,MAAM,EAAE,EAChB,aAAa,uCACd,CAAC,CACH;CAED,OAAO,EAAE,SACP,EAAE,KAAK,EACL,aAAa,uDACd,CAAC,CACH;CACF,CAAC;;;;;;;;;ACjDF,MAAa,kBAAkB,MAAM;CACnC,MAAM;CACN,QAAQ,EAAE,SAAS,sBAAsB;CAC1C,CAAC;;;;;;;;;ACJF,IAAa,0BAAb,cAA6C,kBAAkB;CAC7D,OAAgB;CAChB,cAAc;EACZ,MAAM,sBAAsB;;;;;ACXhC,IAAa,yBAAb,cAA4C,MAAM;CAChD,YAAY,MAAc;EACxB,MAAM,eAAe,KAAK,cAAc;;;;;ACF5C,IAAa,gBAAb,cAAmC,MAAM;CACvC,OAAc;CACd,SAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;AC6B3B,SAAgB,QAAQ,SAAqC;CAC3D,OAAO,iBAAiB;EACtB,MAAM;EACN,SAAU,WAAkD,KAAA;EAC5D,UAAU,EAAE,QAAQ,WAAW;GAC7B,OAAO,OAAO,GAAG,SAAgB;IAC/B,MAAM,OACJ,OAAO,MAAM,IAAI,gBAAgB;IAEnC,IAAI,CAAC,MACH;IAIF,IAAI,SAAS,SAAS;SAChB,CAAC,KAAK,SAAS,CAAC,QAAQ,QAAQ,SAAS,KAAK,MAAM,EACtD;;IAKJ,IAAI,SAAS,OAAO;SAId,CAHY,QAAQ,MAAM,MAAM,SAClC,KAAK,OAAO,SAAS,KAAK,CAEhB,EACV;;IASJ,IAAI,SAAS;SACP,CAAC,QAAQ,MAAM,KAAK,EACtB;;IAIJ,OAAO,KAAK,GAAG,KAAK;;;EAGzB,CAAC;;;;ACxEJ,MAAa,mBAAmB,EAAE,OAAO;CACvC,MAAM,EAAE,KAAK,EACX,aAAa,2BACd,CAAC;CAEF,OAAO,EAAE,SACP,EAAE,KAAK,EACL,aAAa,4BACd,CAAC,CACH;CAED,aAAa,EAAE,SACb,EAAE,KAAK,EACL,aAAa,4BACd,CAAC,CACH;CAID,QAAQ,EAAE,SACR,EAAE,KAAK,EACL,aAAa,kDACd,CAAC,CACH;CAED,MAAM,EAAE,SACN,EAAE,KAAK,EACL,aAAa,+CACd,CAAC,CACH;CACF,CAAC;;;AC9BF,MAAa,aAAa,EAAE,OAAO;CACjC,MAAM,EAAE,KAAK,EACX,aAAa,qBACd,CAAC;CAEF,aAAa,EAAE,SACb,EAAE,KAAK,EACL,aAAa,sBACd,CAAC,CACH;CAED,SAAS,EAAE,SACT,EAAE,QAAQ,EACR,aACE,gEACH,CAAC,CACH;CAED,aAAa,EAAE,MACb,EAAE,OAAO;EACP,MAAM,EAAE,KAAK,EACX,aAAa,2BACd,CAAC;EACF,WAAW,EAAE,SACX,EAAE,QAAQ,EACR,aACE,8DACH,CAAC,CACH;EACD,SAAS,EAAE,SACT,EAAE,MAAM,EAAE,MAAM,EAAE,EAChB,aACE,+DACH,CAAC,CACH;EACF,CAAC,CACH;CACF,CAAC;;;ACvBF,MAAa,iBAAiB,QAAQ,EACpC,MAAM,mBACP,CAAC"}
1
+ {"version":3,"file":"index.browser.js","names":[],"sources":["../../src/security/atoms/currentTenantAtom.ts","../../src/security/schemas/userAccountInfoSchema.ts","../../src/security/atoms/currentUserAtom.ts","../../src/security/errors/InvalidCredentialsError.ts","../../src/security/errors/InvalidPermissionError.ts","../../src/security/errors/SecurityError.ts","../../src/security/primitives/$secure.browser.ts","../../src/security/schemas/permissionSchema.ts","../../src/security/schemas/roleSchema.ts","../../src/security/index.browser.ts"],"sourcesContent":["import { $atom, t } from \"alepha\";\n\n/**\n * Atom storing the active tenant for the current request.\n *\n * Transport-agnostic — works with HTTP, MCP, pipelines, jobs, and any context\n * that sets the atom before calling tenant-scoped logic.\n *\n * Typically set by an app-level middleware that resolves the tenant from the\n * request `Host` header (or another signal) and writes the resolved id to the\n * store. Framework code that reads this atom:\n *\n * - Repository scoping: `withOrganization` / `stampOrganization` prefer this\n * value over `currentUserAtom.organization` so cross-tenant users (admins,\n * agency operators) are scoped to the tenant they are currently acting in\n * rather than the one they belong to.\n * - Session creation: the value is persisted into the JWT as a `tenant` claim,\n * and the issuer resolver rejects tokens whose claim does not match the\n * tenant resolved from the current request.\n *\n * `id` is a free-form string so the framework stays neutral on tenant identity\n * (slug, UUID, composite). Pick whatever matches the column marked with\n * `PG_ORGANIZATION` in your entities.\n */\nexport const currentTenantAtom = $atom({\n name: \"alepha.security.tenant\",\n schema: t.optional(\n t.object({\n id: t.text({\n description: \"Tenant identifier (slug, UUID, or composite).\",\n }),\n }),\n ),\n});\n","import type { Static } from \"alepha\";\nimport { t } from \"alepha\";\n\nexport const userAccountInfoSchema = t.object({\n id: t.text({\n description: \"Unique identifier for the user.\",\n }),\n\n name: t.optional(\n t.text({\n description: \"Full name of the user.\",\n }),\n ),\n\n email: t.optional(\n t.text({\n description: \"Email address of the user.\",\n format: \"email\",\n }),\n ),\n\n username: t.optional(\n t.text({\n description: \"Preferred username of the user.\",\n }),\n ),\n\n picture: t.optional(\n t.text({\n description: \"URL to the user's profile picture.\",\n }),\n ),\n\n sessionId: t.optional(\n t.text({\n description: \"Session identifier for the user, if applicable.\",\n }),\n ),\n\n // -------------------------------------------------------------------------------------------------------------------\n\n organization: t.optional(\n t.uuid({\n description: \"Organization the user belongs to.\",\n }),\n ),\n\n roles: t.optional(\n t.array(t.text(), {\n description: \"List of roles assigned to the user.\",\n }),\n ),\n\n realm: t.optional(\n t.text({\n description: \"The realm (issuer) the user was authenticated from.\",\n }),\n ),\n});\n\nexport type UserAccount = Static<typeof userAccountInfoSchema>;\n","import { $atom, t } from \"alepha\";\nimport { userAccountInfoSchema } from \"../schemas/userAccountInfoSchema.ts\";\n\n/**\n * Atom storing the current authenticated user.\n *\n * Transport-agnostic — works with HTTP, MCP, pipelines, jobs, and any context\n * that sets the atom before calling secured logic.\n */\nexport const currentUserAtom = $atom({\n name: \"alepha.security.user\",\n schema: t.optional(userAccountInfoSchema),\n});\n","import { UnauthorizedError } from \"alepha/server\";\n\n/**\n * Error thrown when the provided credentials are invalid.\n *\n * Message can not be changed to avoid leaking information.\n * Cause is omitted for the same reason.\n */\nexport class InvalidCredentialsError extends UnauthorizedError {\n readonly name = \"UnauthorizedError\";\n constructor() {\n super(\"Invalid credentials\");\n }\n}\n","export class InvalidPermissionError extends Error {\n constructor(name: string) {\n super(`Permission '${name}' is invalid`);\n }\n}\n","export class SecurityError extends Error {\n public name = \"SecurityError\";\n public readonly status = 403;\n}\n","import { createMiddleware, type Middleware } from \"alepha\";\nimport { currentUserAtom } from \"../atoms/currentUserAtom.ts\";\nimport type { UserAccountToken } from \"../interfaces/UserAccountToken.ts\";\nimport type { SecureOptions } from \"./$secure.ts\";\n\nexport type { SecureOptions };\n\n/**\n * Browser-side middleware that enforces authentication and authorization.\n *\n * Resolves the user from `currentUserAtom` only (no HTTP header resolution).\n * Checks roles from the user object and permissions from the user's roles.\n *\n * In the browser, an unauthenticated or unauthorized user is not an exception —\n * the middleware short-circuits by returning `undefined` and the handler is not called.\n * Components should use `action.can()` to conditionally render UI elements.\n *\n * ```typescript\n * class OrderController {\n * getOrders = $action({\n * use: [$secure()],\n * handler: async ({ query }) => { ... },\n * });\n *\n * deleteOrder = $action({\n * use: [$secure({ permissions: [\"orders:delete\"] })],\n * handler: async ({ params }) => { ... },\n * });\n * }\n * ```\n */\nexport function $secure(options?: SecureOptions): Middleware {\n return createMiddleware({\n name: \"$secure\",\n options: (options as unknown as Record<string, unknown>) ?? undefined,\n handler: ({ alepha, next }) => {\n return async (...args: any[]) => {\n const user: UserAccountToken | undefined =\n alepha.store.get(currentUserAtom);\n\n if (!user) {\n return undefined;\n }\n\n // Issuer check\n if (options?.issuers?.length) {\n if (!user.realm || !options.issuers.includes(user.realm)) {\n return undefined;\n }\n }\n\n // Role check\n if (options?.roles?.length) {\n const hasRole = options.roles.some((role) =>\n user.roles?.includes(role),\n );\n if (!hasRole) {\n return undefined;\n }\n }\n\n // Permission check (browser-side: check against user roles)\n // Server-side permissions are enforced by the API — the browser version\n // trusts that the API registry already filtered actions by permission.\n\n // Custom guard\n if (options?.guard) {\n if (!options.guard(user)) {\n return undefined;\n }\n }\n\n return next(...args);\n };\n },\n });\n}\n","import type { Static } from \"alepha\";\nimport { t } from \"alepha\";\n\nexport const permissionSchema = t.object({\n name: t.text({\n description: \"Name of the permission.\",\n }),\n\n group: t.optional(\n t.text({\n description: \"Group of the permission.\",\n }),\n ),\n\n description: t.optional(\n t.text({\n description: \"Describe the permission.\",\n }),\n ),\n\n // HTTP Only\n\n method: t.optional(\n t.text({\n description: \"HTTP method of the permission. When available.\",\n }),\n ),\n\n path: t.optional(\n t.text({\n description: \"Pathname of the permission. When available.\",\n }),\n ),\n});\n\nexport type Permission = Static<typeof permissionSchema>;\n","import type { Static } from \"alepha\";\nimport { t } from \"alepha\";\n\nexport const roleSchema = t.object({\n name: t.text({\n description: \"Name of the role.\",\n }),\n\n description: t.optional(\n t.text({\n description: \"Describe the role.\",\n }),\n ),\n\n default: t.optional(\n t.boolean({\n description:\n \"If true, this role will be assigned to all users by default.\",\n }),\n ),\n\n permissions: t.array(\n t.object({\n name: t.text({\n description: \"Name of the permission.\",\n }),\n ownership: t.optional(\n t.boolean({\n description:\n \"If true, user will only have access to it's own resources.\",\n }),\n ),\n exclude: t.optional(\n t.array(t.text(), {\n description:\n \"Exclude some permissions. Useful when 'name' is a wildcard.\",\n }),\n ),\n }),\n ),\n});\n\nexport type Role = Static<typeof roleSchema>;\n","import { $module } from \"alepha\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport * from \"./atoms/currentTenantAtom.ts\";\nexport * from \"./atoms/currentUserAtom.ts\";\nexport * from \"./errors/InvalidCredentialsError.ts\";\nexport * from \"./errors/InvalidPermissionError.ts\";\nexport * from \"./errors/SecurityError.ts\";\nexport * from \"./interfaces/UserAccountToken.ts\";\nexport * from \"./primitives/$secure.browser.ts\";\nexport * from \"./schemas/permissionSchema.ts\";\nexport * from \"./schemas/roleSchema.ts\";\nexport * from \"./schemas/userAccountInfoSchema.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport const AlephaSecurity = $module({\n name: \"alepha.security\",\n});\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAwBA,MAAa,oBAAoB,MAAM;CACrC,MAAM;CACN,QAAQ,EAAE,SACR,EAAE,OAAO,EACP,IAAI,EAAE,KAAK,EACT,aAAa,gDACf,CAAC,EACH,CAAC,CACH;AACF,CAAC;;;AC9BD,MAAa,wBAAwB,EAAE,OAAO;CAC5C,IAAI,EAAE,KAAK,EACT,aAAa,kCACf,CAAC;CAED,MAAM,EAAE,SACN,EAAE,KAAK,EACL,aAAa,yBACf,CAAC,CACH;CAEA,OAAO,EAAE,SACP,EAAE,KAAK;EACL,aAAa;EACb,QAAQ;CACV,CAAC,CACH;CAEA,UAAU,EAAE,SACV,EAAE,KAAK,EACL,aAAa,kCACf,CAAC,CACH;CAEA,SAAS,EAAE,SACT,EAAE,KAAK,EACL,aAAa,qCACf,CAAC,CACH;CAEA,WAAW,EAAE,SACX,EAAE,KAAK,EACL,aAAa,kDACf,CAAC,CACH;CAIA,cAAc,EAAE,SACd,EAAE,KAAK,EACL,aAAa,oCACf,CAAC,CACH;CAEA,OAAO,EAAE,SACP,EAAE,MAAM,EAAE,KAAK,GAAG,EAChB,aAAa,sCACf,CAAC,CACH;CAEA,OAAO,EAAE,SACP,EAAE,KAAK,EACL,aAAa,sDACf,CAAC,CACH;AACF,CAAC;;;;;;;;;ACjDD,MAAa,kBAAkB,MAAM;CACnC,MAAM;CACN,QAAQ,EAAE,SAAS,qBAAqB;AAC1C,CAAC;;;;;;;;;ACJD,IAAa,0BAAb,cAA6C,kBAAkB;CAC7D,OAAgB;CAChB,cAAc;EACZ,MAAM,qBAAqB;CAC7B;AACF;;;ACbA,IAAa,yBAAb,cAA4C,MAAM;CAChD,YAAY,MAAc;EACxB,MAAM,eAAe,KAAK,aAAa;CACzC;AACF;;;ACJA,IAAa,gBAAb,cAAmC,MAAM;CACvC,OAAc;CACd,SAAyB;AAC3B;;;;;;;;;;;;;;;;;;;;;;;;;;;AC4BA,SAAgB,QAAQ,SAAqC;CAC3D,OAAO,iBAAiB;EACtB,MAAM;EACN,SAAU,WAAkD,KAAA;EAC5D,UAAU,EAAE,QAAQ,WAAW;GAC7B,OAAO,OAAO,GAAG,SAAgB;IAC/B,MAAM,OACJ,OAAO,MAAM,IAAI,eAAe;IAElC,IAAI,CAAC,MACH;IAIF,IAAI,SAAS,SAAS;SAChB,CAAC,KAAK,SAAS,CAAC,QAAQ,QAAQ,SAAS,KAAK,KAAK,GACrD;IAAA;IAKJ,IAAI,SAAS,OAAO;SAId,CAHY,QAAQ,MAAM,MAAM,SAClC,KAAK,OAAO,SAAS,IAAI,CAEhB,GACT;IAAA;IASJ,IAAI,SAAS;SACP,CAAC,QAAQ,MAAM,IAAI,GACrB;IAAA;IAIJ,OAAO,KAAK,GAAG,IAAI;GACrB;EACF;CACF,CAAC;AACH;;;ACzEA,MAAa,mBAAmB,EAAE,OAAO;CACvC,MAAM,EAAE,KAAK,EACX,aAAa,0BACf,CAAC;CAED,OAAO,EAAE,SACP,EAAE,KAAK,EACL,aAAa,2BACf,CAAC,CACH;CAEA,aAAa,EAAE,SACb,EAAE,KAAK,EACL,aAAa,2BACf,CAAC,CACH;CAIA,QAAQ,EAAE,SACR,EAAE,KAAK,EACL,aAAa,iDACf,CAAC,CACH;CAEA,MAAM,EAAE,SACN,EAAE,KAAK,EACL,aAAa,8CACf,CAAC,CACH;AACF,CAAC;;;AC9BD,MAAa,aAAa,EAAE,OAAO;CACjC,MAAM,EAAE,KAAK,EACX,aAAa,oBACf,CAAC;CAED,aAAa,EAAE,SACb,EAAE,KAAK,EACL,aAAa,qBACf,CAAC,CACH;CAEA,SAAS,EAAE,SACT,EAAE,QAAQ,EACR,aACE,+DACJ,CAAC,CACH;CAEA,aAAa,EAAE,MACb,EAAE,OAAO;EACP,MAAM,EAAE,KAAK,EACX,aAAa,0BACf,CAAC;EACD,WAAW,EAAE,SACX,EAAE,QAAQ,EACR,aACE,6DACJ,CAAC,CACH;EACA,SAAS,EAAE,SACT,EAAE,MAAM,EAAE,KAAK,GAAG,EAChB,aACE,8DACJ,CAAC,CACH;CACF,CAAC,CACH;AACF,CAAC;;;ACvBD,MAAa,iBAAiB,QAAQ,EACpC,MAAM,kBACR,CAAC"}
package/dist/security/index.d.ts CHANGED
@@ -1,23 +1,20 @@
1
- import * as _$alepha from "alepha";
2
1
  import { Alepha, KIND, Middleware, Primitive, Static } from "alepha";
3
2
  import { DateTimeProvider, Duration, DurationLike } from "alepha/datetime";
4
- import * as _$alepha_logger0 from "alepha/logger";
5
3
  import { CryptoProvider, SecretProvider } from "alepha/crypto";
6
4
  import { FetchOptions, ServerRequest, UnauthorizedError } from "alepha/server";
7
- import * as _$typebox from "typebox";
8
5
  export * from "alepha/crypto";
9
6
 
10
7
  //#region ../../src/security/schemas/userAccountInfoSchema.d.ts
11
- declare const userAccountInfoSchema: _$typebox.TObject<{
12
- id: _$typebox.TString;
13
- name: _$typebox.TOptional<_$typebox.TString>;
14
- email: _$typebox.TOptional<_$typebox.TString>;
15
- username: _$typebox.TOptional<_$typebox.TString>;
16
- picture: _$typebox.TOptional<_$typebox.TString>;
17
- sessionId: _$typebox.TOptional<_$typebox.TString>;
18
- organization: _$typebox.TOptional<_$typebox.TString>;
19
- roles: _$typebox.TOptional<_$typebox.TArray<_$typebox.TString>>;
20
- realm: _$typebox.TOptional<_$typebox.TString>;
8
+ declare const userAccountInfoSchema: import("typebox").TObject<{
9
+ id: import("typebox").TString;
10
+ name: import("typebox").TOptional<import("typebox").TString>;
11
+ email: import("typebox").TOptional<import("typebox").TString>;
12
+ username: import("typebox").TOptional<import("typebox").TString>;
13
+ picture: import("typebox").TOptional<import("typebox").TString>;
14
+ sessionId: import("typebox").TOptional<import("typebox").TString>;
15
+ organization: import("typebox").TOptional<import("typebox").TString>;
16
+ roles: import("typebox").TOptional<import("typebox").TArray<import("typebox").TString>>;
17
+ realm: import("typebox").TOptional<import("typebox").TString>;
21
18
  }>;
22
19
  type UserAccount = Static<typeof userAccountInfoSchema>;
23
20
  //#endregion
@@ -65,8 +62,8 @@ interface UserAccountToken extends UserAccount {
65
62
  * (slug, UUID, composite). Pick whatever matches the column marked with
66
63
  * `PG_ORGANIZATION` in your entities.
67
64
  */
68
- declare const currentTenantAtom: _$alepha.Atom<_$typebox.TOptional<_$typebox.TObject<{
69
- id: _$typebox.TString;
65
+ declare const currentTenantAtom: import("alepha").Atom<import("typebox").TOptional<import("typebox").TObject<{
66
+ id: import("typebox").TString;
70
67
  }>>, "alepha.security.tenant">;
71
68
  //#endregion
72
69
  //#region ../../src/security/atoms/currentUserAtom.d.ts
@@ -76,16 +73,16 @@ declare const currentTenantAtom: _$alepha.Atom<_$typebox.TOptional<_$typebox.TOb
76
73
  * Transport-agnostic — works with HTTP, MCP, pipelines, jobs, and any context
77
74
  * that sets the atom before calling secured logic.
78
75
  */
79
- declare const currentUserAtom: _$alepha.Atom<_$typebox.TOptional<_$typebox.TObject<{
80
- id: _$typebox.TString;
81
- name: _$typebox.TOptional<_$typebox.TString>;
82
- email: _$typebox.TOptional<_$typebox.TString>;
83
- username: _$typebox.TOptional<_$typebox.TString>;
84
- picture: _$typebox.TOptional<_$typebox.TString>;
85
- sessionId: _$typebox.TOptional<_$typebox.TString>;
86
- organization: _$typebox.TOptional<_$typebox.TString>;
87
- roles: _$typebox.TOptional<_$typebox.TArray<_$typebox.TString>>;
88
- realm: _$typebox.TOptional<_$typebox.TString>;
76
+ declare const currentUserAtom: import("alepha").Atom<import("typebox").TOptional<import("typebox").TObject<{
77
+ id: import("typebox").TString;
78
+ name: import("typebox").TOptional<import("typebox").TString>;
79
+ email: import("typebox").TOptional<import("typebox").TString>;
80
+ username: import("typebox").TOptional<import("typebox").TString>;
81
+ picture: import("typebox").TOptional<import("typebox").TString>;
82
+ sessionId: import("typebox").TOptional<import("typebox").TString>;
83
+ organization: import("typebox").TOptional<import("typebox").TString>;
84
+ roles: import("typebox").TOptional<import("typebox").TArray<import("typebox").TString>>;
85
+ realm: import("typebox").TOptional<import("typebox").TString>;
89
86
  }>>, "alepha.security.user">;
90
87
  //#endregion
91
88
  //#region ../../src/security/errors/InvalidCredentialsError.d.ts
@@ -487,7 +484,7 @@ interface JWTVerifyOptions extends VerifyOptions, JWTClaimVerificationOptions {}
487
484
  * Provides utilities for working with JSON Web Tokens (JWT).
488
485
  */
489
486
  declare class JwtProvider {
490
- protected readonly log: _$alepha_logger0.Logger;
487
+ protected readonly log: import("alepha/logger").Logger;
491
488
  protected readonly keystore: KeyLoaderHolder[];
492
489
  protected readonly dateTimeProvider: DateTimeProvider;
493
490
  protected readonly encoder: TextEncoder;
@@ -549,24 +546,24 @@ interface JwtParseResult {
549
546
  }
550
547
  //#endregion
551
548
  //#region ../../src/security/schemas/permissionSchema.d.ts
552
- declare const permissionSchema: _$typebox.TObject<{
553
- name: _$typebox.TString;
554
- group: _$typebox.TOptional<_$typebox.TString>;
555
- description: _$typebox.TOptional<_$typebox.TString>;
556
- method: _$typebox.TOptional<_$typebox.TString>;
557
- path: _$typebox.TOptional<_$typebox.TString>;
549
+ declare const permissionSchema: import("typebox").TObject<{
550
+ name: import("typebox").TString;
551
+ group: import("typebox").TOptional<import("typebox").TString>;
552
+ description: import("typebox").TOptional<import("typebox").TString>;
553
+ method: import("typebox").TOptional<import("typebox").TString>;
554
+ path: import("typebox").TOptional<import("typebox").TString>;
558
555
  }>;
559
556
  type Permission = Static<typeof permissionSchema>;
560
557
  //#endregion
561
558
  //#region ../../src/security/schemas/roleSchema.d.ts
562
- declare const roleSchema: _$typebox.TObject<{
563
- name: _$typebox.TString;
564
- description: _$typebox.TOptional<_$typebox.TString>;
565
- default: _$typebox.TOptional<_$typebox.TBoolean>;
566
- permissions: _$typebox.TArray<_$typebox.TObject<{
567
- name: _$typebox.TString;
568
- ownership: _$typebox.TOptional<_$typebox.TBoolean>;
569
- exclude: _$typebox.TOptional<_$typebox.TArray<_$typebox.TString>>;
559
+ declare const roleSchema: import("typebox").TObject<{
560
+ name: import("typebox").TString;
561
+ description: import("typebox").TOptional<import("typebox").TString>;
562
+ default: import("typebox").TOptional<import("typebox").TBoolean>;
563
+ permissions: import("typebox").TArray<import("typebox").TObject<{
564
+ name: import("typebox").TString;
565
+ ownership: import("typebox").TOptional<import("typebox").TBoolean>;
566
+ exclude: import("typebox").TOptional<import("typebox").TArray<import("typebox").TString>>;
570
567
  }>>;
571
568
  }>;
572
569
  type Role = Static<typeof roleSchema>;
@@ -576,7 +573,7 @@ declare class SecurityProvider {
576
573
  protected readonly UNKNOWN_USER_NAME = "Anonymous User";
577
574
  protected readonly PERMISSION_REGEXP: RegExp;
578
575
  protected readonly PERMISSION_REGEXP_WILDCARD: RegExp;
579
- protected readonly log: _$alepha_logger0.Logger;
576
+ protected readonly log: import("alepha/logger").Logger;
580
577
  protected readonly jwt: JwtProvider;
581
578
  protected readonly alepha: Alepha;
582
579
  protected readonly secretProvider: SecretProvider;
@@ -589,7 +586,7 @@ declare class SecurityProvider {
589
586
  * The realms configured for the security provider.
590
587
  */
591
588
  protected readonly realms: Realm[];
592
- protected start: _$alepha.HookPrimitive<"start">;
589
+ protected start: import("alepha").HookPrimitive<"start">;
593
590
  /**
594
591
  * Creates a default JWT resolver for a realm.
595
592
  */
@@ -873,7 +870,7 @@ declare class IssuerPrimitive extends Primitive<IssuerPrimitiveOptions> {
873
870
  protected readonly securityProvider: SecurityProvider;
874
871
  protected readonly dateTimeProvider: DateTimeProvider;
875
872
  protected readonly jwt: JwtProvider;
876
- protected readonly log: _$alepha_logger0.Logger;
873
+ protected readonly log: import("alepha/logger").Logger;
877
874
  get name(): string;
878
875
  get accessTokenExpiration(): Duration;
879
876
  get refreshTokenExpiration(): Duration;
@@ -1142,15 +1139,15 @@ interface ServiceAccountStore {
1142
1139
  //#endregion
1143
1140
  //#region ../../src/security/providers/ServerSecurityProvider.d.ts
1144
1141
  declare class ServerSecurityProvider {
1145
- protected readonly log: _$alepha_logger0.Logger;
1142
+ protected readonly log: import("alepha/logger").Logger;
1146
1143
  protected readonly securityProvider: SecurityProvider;
1147
1144
  protected readonly jwtProvider: JwtProvider;
1148
1145
  protected readonly alepha: Alepha;
1149
1146
  protected readonly crypto: CryptoProvider;
1150
- protected readonly onServerRequest: _$alepha.HookPrimitive<"server:onRequest">;
1151
- protected readonly onActionRequest: _$alepha.HookPrimitive<"action:onRequest">;
1147
+ protected readonly onServerRequest: import("alepha").HookPrimitive<"server:onRequest">;
1148
+ protected readonly onActionRequest: import("alepha").HookPrimitive<"action:onRequest">;
1152
1149
  protected createTestUser(): UserAccountToken;
1153
- protected readonly onClientRequest: _$alepha.HookPrimitive<"client:onRequest">;
1150
+ protected readonly onClientRequest: import("alepha").HookPrimitive<"client:onRequest">;
1154
1151
  }
1155
1152
  type ServerSecurityUserResolver = (request: ServerRequest) => Promise<UserAccountToken | undefined>;
1156
1153
  //#endregion
@@ -1220,7 +1217,7 @@ declare module "alepha/server" {
1220
1217
  *
1221
1218
  * @module alepha.security
1222
1219
  */
1223
- declare const AlephaSecurity: _$alepha.Service<_$alepha.Module>;
1220
+ declare const AlephaSecurity: import("alepha").Service<import("alepha").Module>;
1224
1221
  //#endregion
1225
1222
  export { $basicAuth, $issuer, $permission, $role, $secure, $serviceAccount, AccessTokenResponse, AlephaSecurity, BasicAuthOptions, CreateTokenOptions, ExtendedJWTPayload, InvalidCredentialsError, InvalidPermissionError, IssuerExternal, IssuerInternal, IssuerPrimitive, IssuerPrimitiveOptions, IssuerResolver, IssuerSettings, JwtParseResult, JwtProvider, JwtSignOptions, KeyLoader, KeyLoaderHolder, Oauth2ServiceAccountPrimitiveOptions, Permission, PermissionPrimitive, PermissionPrimitiveOptions, Realm, Role, RolePrimitive, RolePrimitiveOptions, SecureOptions, SecurityCheckResult, SecurityError, SecurityProvider, ServerSecurityProvider, ServerSecurityUserResolver, ServiceAccountPrimitive, ServiceAccountPrimitiveOptions, ServiceAccountStore, UserAccount, UserAccountToken, UserInfo, currentTenantAtom, currentUserAtom, permissionSchema, roleSchema, userAccountInfoSchema };
1226
1223
  //# sourceMappingURL=index.d.ts.map
package/dist/security/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","names":["JWKParameters","kty","alg","key_ops","ext","use","x5c","x5t","x5u","kid","JWK_OKP_Public","crv","x","JWK_OKP_Private","d","JWK_AKP_Public","pub","JWK_AKP_Private","priv","JWK_EC_Public","y","JWK_EC_Private","JWK_RSA_Public","e","n","JWK_RSA_Private","dp","dq","p","q","qi","JWK_oct","k","JWK","GenericGetKeyFunction","IProtectedHeader","IToken","ReturnKeyTypes","Promise","protectedHeader","token","GetKeyFunction","CryptoKey","KeyObject","Uint8Array","FlattenedJWSInput","JWSHeaderParameters","header","payload","protected","signature","GeneralJWSInput","Omit","signatures","FlattenedJWS","Partial","GeneralJWS","JoseHeaderParameters","Pick","jku","jwk","typ","cty","b64","crit","propName","JWEKeyManagementHeaderParameters","apu","apv","p2c","p2s","iv","epk","FlattenedJWE","JWEHeaderParameters","aad","ciphertext","encrypted_key","tag","unprotected","GeneralJWE","recipients","enc","zip","CritOption","DecryptOptions","keyManagementAlgorithms","contentEncryptionAlgorithms","maxPBES2Count","maxDecompressedLength","EncryptOptions","JWTClaimVerificationOptions","Date","audience","clockTolerance","issuer","maxTokenAge","subject","currentDate","requiredClaims","VerifyOptions","algorithms","SignOptions","JWTPayload","iss","sub","aud","jti","nbf","exp","iat","FlattenedDecryptResult","additionalAuthenticatedData","plaintext","sharedUnprotectedHeader","unprotectedHeader","GeneralDecryptResult","CompactDecryptResult","CompactJWEHeaderParameters","FlattenedVerifyResult","GeneralVerifyResult","CompactVerifyResult","CompactJWSHeaderParameters","JWTVerifyResult","PayloadType","JWTHeaderParameters","JWTDecryptResult","ResolvedKey","key","JSONWebKeySet","keys","type","crypto","subtle","generateKey","ReturnType","Awaited","Extract","ProduceJWT","setIssuer","setSubject","setAudience","setJti","jwtId","setNotBefore","input","setExpirationTime","setIssuedAt","types","JWTVerifyOptions","VerifyOptions","JWTClaimVerificationOptions","JWTVerifyGetKey","JWTHeaderParameters","FlattenedJWSInput","CryptoKey","KeyObject","JWK","Uint8Array","GenericGetKeyFunction","jwtVerify","PayloadType","JWTPayload","JWTVerifyResult","Promise","jwt","key","options","ResolvedKey","getKey"],"sources":["../../src/security/schemas/userAccountInfoSchema.ts","../../src/security/interfaces/UserAccountToken.ts","../../src/security/atoms/currentTenantAtom.ts","../../src/security/atoms/currentUserAtom.ts","../../src/security/errors/InvalidCredentialsError.ts","../../src/security/errors/InvalidPermissionError.ts","../../src/security/errors/SecurityError.ts","../../src/security/interfaces/IssuerResolver.ts","../../src/security/primitives/$basicAuth.ts","../../../../node_modules/jose/dist/types/types.d.ts","../../../../node_modules/jose/dist/types/jwt/verify.d.ts","../../src/security/providers/JwtProvider.ts","../../src/security/schemas/permissionSchema.ts","../../src/security/schemas/roleSchema.ts","../../src/security/providers/SecurityProvider.ts","../../src/security/primitives/$issuer.ts","../../src/security/primitives/$permission.ts","../../src/security/primitives/$role.ts","../../src/security/primitives/$secure.ts","../../src/security/primitives/$serviceAccount.ts","../../src/security/providers/ServerSecurityProvider.ts","../../src/security/index.ts"],"x_google_ignoreList":[9,10],"mappings":";;;;;;;;;;cAGa,qBAAA,YAAqB,OAAA;MAuDhC,SAAA,CAAA,OAAA;;;;;;;;;;KAEU,WAAA,GAAc,MAAA,QAAc,qBAAA;;;;;;;UCtDvB,gBAAA,SAAyB,WAAA;;;;EAIxC,KAAA;;ADPF;;ECYE,KAAA;ED2CA;;;;ECrCA,SAAA;AAAA;;;;;;;;;;;;;;ADlBF;;;;;;;;;;;cEqBa,iBAAA,EAAiB,QAAA,CAAA,IAAA,CAAA,SAAA,CAAA,SAAA,WAAA,OAAA;MAS5B,SAAA,CAAA,OAAA;AAAA;;;;;;;;;cCxBW,eAAA,EAAe,QAAA,CAAA,IAAA,CAAA,SAAA,CAAA,SAAA,WAAA,OAAA;MAG1B,SAAA,CAAA,OAAA;;;;;;;;;;;;;;;;;;cCJW,uBAAA,SAAgC,iBAAA;EAAA,SAClC,IAAA;;;;;cCTE,sBAAA,SAA+B,KAAA;cAC9B,IAAA;AAAA;;;cCDD,aAAA,SAAsB,KAAA;EAC1B,IAAA;EAAA,SACS,MAAA;AAAA;;;;;;;KCKN,QAAA,GAAW,IAAA,CAAK,WAAA;EAC1B,SAAA;AAAA;;;APLF;UOWiB,cAAA;;;;EAIf,QAAA;;;;;;EAOA,SAAA,GAAY,GAAA,EAAK,aAAA,KAAkB,OAAA,CAAQ,QAAA;AAAA;;;UCrB5B,gBAAA;EACf,QAAA;EACA,QAAA;AAAA;;;;;;;ARHF;;;;;;;;;iBQqBgB,UAAA,CAAW,OAAA,EAAS,gBAAA,GAAmB,UAAA;;;;UCvBtCA,aAAAA;;EAEfC,GAAAA;;;;;;EAMAC,GAAAA;;EAEAC,OAAAA;ET+CA;ES7CAC,GAAAA;ET6CA;ES3CAC,GAAAA;;EAEAC,GAAAA;;EAEAC,GAAAA;;EAEA,UAAA;;EAEAC,GAAAA;;EAEAC,GAAAA;AAAAA;;;;ANhBF;;;;;;;;;;;UM2GiBwB,GAAAA,SAAYjC,aAAAA;;;;;EAK3BW,GAAAA;;;;;;EAMAG,CAAAA;ENtH0B;EMwH1BY,EAAAA;ENxH0B;EM0H1BC,EAAAA;EN1H0B;EM4H1BJ,CAAAA;;EAEAS,CAAAA;;EAEAR,CAAAA;;EAEAI,CAAAA;;EAEAC,CAAAA;;EAEAC,EAAAA;;;;;EAKAlB,CAAAA;;EAEAQ,CAAAA;;EAEAJ,GAAAA;;EAEAE,IAAAA;AAAAA;;;;AH1JF;UG+LiB2B,iBAAAA;;;;;;;EAOfE,MAAAA,GAASD,mBAAAA;;;AF/LX;;EEqMEE,OAAAA,WAAkBJ,UAAAA;EFrMG;;;;;EE4MrBK,SAAAA;;EAGAC,SAAAA;AAAAA;;UAyCeO,oBAAAA;EA9OfnD;EAgPAG,GAAAA;EA1OAD;EA6OAD,GAAAA;EA3OG;EA8OHD,GAAAA;;EAGAE,GAAAA;EAjJAG;EAoJAgD,GAAAA;EA1IAhC;EA6IAiC,GAAAA,GAAMF,IAAAA,CAAKzB,GAAAA;EAvIXT;EA0IAqC,GAAAA;EApIA/B;EAuIAgC,GAAAA;AAAAA;;UAIehB,mBAAAA,SAA4BW,oBAAAA;EAhIvC;AAqCN;;;;EAiGEvD,GAAAA;EApFA8C;;;;EA0FAe,GAAAA;EAvCF;EA0CEC,IAAAA;EAzBU;EAAA,CA4BTC,QAAAA;AAAAA;;UAmIcmB,UAAAA;;;AEtZjB;;;;;;;;;;;;;;;;EFyaEpB,IAAAA;IAAAA,CACGC,QAAAA;EAAAA;AAAAA;;UA0CY0B,2BAAAA;EEtUZ;;;;;EF4UHE,QAAAA;;;;;;;;;AEpUF;EF+UEC,cAAAA;EE9UgB;;;;;EFqVhBC,MAAAA;EElVkC;;;;;;;;EF4VlCC,WAAAA;EEpViB;;;AAGnB;;EFwVEC,OAAAA;EEvVA;;;;;EF8VApC,GAAAA;;EAGAqC,WAAAA,GAAcN,IAAAA;EG/fd;;;;;;;;EHygBAO,cAAAA;AAAAA;;UAIeC,aAAAA,SAAsBhB,UAAAA;EG3iBV;;;;;;;EHmjB3BiB,UAAAA;AAAAA;;UAOeE,UAAAA;;;;AG1hBjB;;EHgiBEC,GAAAA;EGhiBqD;;;;AChCvD;EJukBEC,GAAAA;EIliBA;;;;;EJyiBAC,GAAAA;;;;;;EAOAC,GAAAA;EIrlBqB;;;;;EJ4lBrBC,GAAAA;;;;;;EAOAC,GAAAA;;;;;;EAOAC,GAAAA;;GAGC7C,QAAAA;AAAAA;;UA0Dc0D,eAAAA,eAA8BpB,UAAAA;EK8JlC;EL5JXvD,OAAAA,EAAS4E,WAAAA,GAAcrB,UAAAA;EKsMZ;ELnMXhE,eAAAA,EAAiBsF,mBAAAA;AAAAA;;UAmBFH,0BAAAA,SAAmC5E,mBAAAA;EAClD5C,GAAAA;AAAAA;;UAIe2H,mBAAAA,SAA4BH,0BAAAA;EAC3C3D,GAAAA;AAAAA;;UAUekE,aAAAA;EACfC,IAAAA,EAAMjG,GAAAA;AAAAA;;;;;;UAQSU,SAAAA;EACfwF,IAAAA;AAAAA;;;;;;;KASUzF,SAAAA,GAAY+F,OAAAA,CACtBD,OAAAA,CAAQD,UAAAA,QAAkBH,MAAAA,CAAOC,MAAAA,CAAOC,WAAAA;EACtCH,IAAAA;AAAAA;;;;UChuBakB,gBAAAA,SAAyBD,aAAAA,EAAqBA,2BAAAA;;;;;;cCkBlD,WAAA;EAAA,mBACQ,GAAA,EADG,gBAAA,CACA,MAAA;EAAA,mBACH,QAAA,EAAU,eAAA;EAAA,mBACV,gBAAA,EAAgB,gBAAA;EAAA,mBAChB,OAAA,EAAO,WAAA;EX1Bf;;;;;;EWkCJ,YAAA,CAAa,IAAA,UAAc,eAAA,WAA0B,aAAA;;;;;;;;EAiC/C,KAAA,CACX,KAAA,UACA,OAAA,WACA,OAAA,GAAU,gBAAA,GACT,OAAA,CAAQ,cAAA;;;;;;;;;;EAwDE,MAAA,CACX,OAAA,EAAS,kBAAA,EACT,OAAA,WACA,WAAA,GAAc,cAAA,GACb,OAAA;;;;;;;YAyBO,WAAA,CAAY,GAAA;AAAA;AAAA,KAKZ,SAAA,IACV,eAAA,GAAkB,mBAAA,EAClB,KAAA,GAAQ,iBAAA,KACL,OAAA,CAAQ,SAAA,GAAY,SAAA;AAAA,UAER,eAAA;EACf,IAAA;EACA,SAAA,EAAW,SAAA;EACX,SAAA;AAAA;AAAA,UAGe,cAAA;EACf,MAAA,GAAS,OAAA,CAAQ,mBAAA;AAAA;AAAA,UAGF,kBAAA,SAA2B,UAAA;EAC1C,GAAA;EAEA,IAAA;EACA,KAAA;EACA,KAAA;EACA,YAAA;EAEA,YAAA;IAAiB,KAAA;EAAA;AAAA;AAAA,UAGF,cAAA;EACf,OAAA;EACA,MAAA,EAAQ,eAAA,CAAgB,kBAAA;AAAA;;;cC7Lb,gBAAA,YAAgB,OAAA;QA8B3B,SAAA,CAAA,OAAA;;;;;;KAEU,UAAA,GAAa,MAAA,QAAc,gBAAA;;;cChC1B,UAAA,YAAU,OAAA;QAqCrB,SAAA,CAAA,OAAA;;;;;;;;;KAEU,IAAA,GAAO,MAAA,QAAc,UAAA;;;cCdpB,gBAAA;EAAA,mBACQ,iBAAA;EAAA,mBACA,iBAAA,EAAiB,MAAA;EAAA,mBACjB,0BAAA,EAA0B,MAAA;EAAA,mBAG1B,GAAA,EAH0B,gBAAA,CAGvB,MAAA;EAAA,mBACH,GAAA,EAAG,WAAA;EAAA,mBACH,MAAA,EAAM,MAAA;EAAA,mBACN,cAAA,EAAc,cAAA;EAAA,IAEtB,SAAA,CAAA;;;;qBAOQ,WAAA,EAAa,UAAA;;;;qBAKb,MAAA,EAAQ,KAAA;EAAA,UAmBjB,KAAA,EAnBsB,QAAA,CAmBjB,aAAA;;;;YAwBL,wBAAA,CAAyB,SAAA,WAAoB,cAAA;;;;;;;EAgDhD,UAAA,CAAW,IAAA,EAAM,IAAA,KAAS,MAAA,aAAmB,IAAA;;;;;;EAgE7C,gBAAA,CAAiB,GAAA,EAAK,UAAA,YAAsB,UAAA;EA0D5C,WAAA,CAAY,KAAA,EAAO,KAAA;;;;;;;;;EAiBb,WAAA,CAAY,KAAA,UAAe,KAAA,EAAO,IAAA,KAAS,OAAA;;;;;;;;;EAuBjD,qBAAA,CACL,OAAA,EAAS,UAAA,EACT,SAAA,YACC,WAAA;;AdvPL;;;Ec8RS,UAAA,CACL,QAAA,EAAU,QAAA,EACV,OAAA;IACE,KAAA;IACA,UAAA,GAAa,UAAA;EAAA,IAEd,gBAAA;;Ab1VL;;;Ea8XS,gBAAA,CAAiB,QAAA,EAAU,cAAA,EAAgB,SAAA;Eb9XV;;;;Ea4YjC,QAAA,CAAS,SAAA,YAAqB,KAAA;Eb7X5B;;;;ACGX;;;;;EY+Ye,4BAAA,CACX,GAAA;IAAO,GAAA,EAAK,GAAA;IAAc,OAAA;MAAW,aAAA;IAAA;EAAA,GACrC,OAAA;IACE,KAAA;IACA,UAAA,GAAa,UAAA;EAAA,IAEd,OAAA,CAAQ,gBAAA;;;;;;AXpab;;;EW8dS,eAAA,CACL,cAAA,WAAyB,UAAA,KACtB,WAAA,aACF,mBAAA;;;;EAwFU,mBAAA,CACX,aAAA,WACA,OAAA;IACE,UAAA,GAAa,UAAA;IACb,KAAA;IACA,MAAA,GAAS,gBAAA;EAAA,IAEV,OAAA,CAAQ,gBAAA;;;;;;;;EA2DJ,GAAA,CAAI,QAAA,UAAkB,UAAA,WAAqB,UAAA;;;;EAO3C,SAAA,CACL,QAAA,UACA,UAAA,WAAqB,UAAA;EXpoBG;;;;;EW8oBnB,kBAAA,CAAmB,UAAA,EAAY,UAAA;;;;EAoB/B,YAAA,CAAa,IAAA,EAAM,gBAAA,EAAkB,OAAA;;;;EAWrC,kBAAA,CAAmB,IAAA,EAAM,gBAAA;EAOzB,SAAA,CAAA,GAAa,KAAA;;;;;;EASb,QAAA,CAAS,KAAA,YAAiB,IAAA;;;;;;;;EAe1B,cAAA,CAAe,IAAA;IACpB,KAAA,GAAQ,KAAA,CAAM,IAAA;IACd,KAAA;EAAA,IACE,UAAA;;;;;;AVhtBN;EU+yBS,gBAAA,CAAiB,OAAA,EAAS,MAAA;EAgB1B,uBAAA,CACL,OAAA,EAAS,MAAA;EVh0BiD;;;;;EU+0BrD,mBAAA,CAAoB,OAAA,EAAS,MAAA;EAI7B,qBAAA,CACL,OAAA,EAAS,MAAA;EAqBJ,sBAAA,CACL,OAAA,EAAS,MAAA;EAiBJ,mBAAA,CAAoB,OAAA,EAAS,MAAA;ETn4BzB;;;;;;ESq5BJ,kBAAA,CAAmB,OAAA,EAAS,MAAA;EAmB5B,0BAAA,CACL,OAAA,EAAS,MAAA;ETx6Ba;;;;ACD1B;;;EQ27BS,oBAAA,CACL,OAAA,EAAS,MAAA;AAAA;;;;UAiBI,KAAA;EACf,IAAA;EAEA,KAAA,EAAO,IAAA;;APz8BT;;;;EOg9BE,MAAA,YAAkB,aAAA;EPh9BQ;;;;EOs9B1B,OAAA,IAAW,GAAA,EAAK,MAAA,kBAAwB,WAAA;EP/8BX;;;EOo9B7B,SAAA,GAAY,cAAA;AAAA;AAAA,UAGG,mBAAA;EACf,YAAA;EACA,SAAA;AAAA;;;;;;Adp+BF;;;ce2Ba,OAAA;EAAA,UAAoB,sBAAA,GAAyB,eAAA;EAAA;;KAM9C,sBAAA;;;;;EAKV,IAAA;;;;EAKA,WAAA;;;;EAKA,KAAA,GAAQ,KAAA,UAAe,IAAA;;;;EAKvB,QAAA,GAAW,cAAA;;;;EAKX,OAAA,IAAW,UAAA,EAAY,MAAA,kBAAwB,WAAA;;;;EAK/C,SAAA,GAAY,cAAA;AAAA,KACT,cAAA,GAAiB,cAAA;AAAA,UAEL,cAAA;EACf,WAAA;;;;;IAKE,UAAA,GAAa,YAAA;EAAA;EAGf,YAAA;;;;;IAKE,UAAA,GAAa,YAAA;EAAA;EAUf,eAAA,IACE,IAAA,EAAM,WAAA,EACN,MAAA;IACE,SAAA;;;;AfpCN;;Ie0CM,QAAA;EAAA,MAEC,OAAA;IACH,YAAA;IACA,SAAA;EAAA;EAGF,gBAAA,IAAoB,YAAA,aAAyB,OAAA;IAC3C,IAAA,EAAM,WAAA;IACN,SAAA;IACA,SAAA;EAAA;EAGF,eAAA,IAAmB,YAAA,aAAyB,OAAA;AAAA;AAAA,KAGlC,cAAA;EdjGV;;;EcqGA,MAAA;AAAA;AAAA,UAGe,cAAA;EbrGJ;;;EayGX,IAAA,mBAAuB,aAAA;AAAA;AAAA,cAKZ,eAAA,SAAwB,SAAA,CAAU,sBAAA;EAAA,mBAC1B,MAAA,EAAM,MAAA;EAAA,mBACN,gBAAA,EAAgB,gBAAA;EAAA,mBAChB,gBAAA,EAAgB,gBAAA;EAAA,mBAChB,GAAA,EAAG,WAAA;EAAA,mBACH,GAAA,EADG,gBAAA,CACA,MAAA;EAAA,IAEX,IAAA,CAAA;EAAA,IAIA,qBAAA,CAAA,GAAyB,QAAA;EAAA,IAMzB,sBAAA,CAAA,GAA0B,QAAA;EAAA,UAM3B,MAAA,CAAA;;;;YAkCA,iBAAA,CAAA,GAAqB,cAAA;EZtLpB;;;;EYsNJ,gBAAA,CAAiB,QAAA,EAAU,cAAA;;;;EAO3B,QAAA,CAAA,GAAY,IAAA;;;;EAON,QAAA,CAAS,KAAA,EAAO,IAAA,KAAS,OAAA;;;;EAO/B,aAAA,CAAc,IAAA,WAAe,IAAA;EAQvB,UAAA,CAAW,KAAA,WAAgB,OAAA,CAAQ,UAAA;;;;EAQnC,WAAA,CACX,IAAA,EAAM,WAAA,EACN,YAAA;IACE,GAAA;IACA,aAAA;IACA,wBAAA;EAAA,GAEF,OAAA;IZlQwB;;;;IYuQtB,QAAA;EAAA,IAED,OAAA,CAAQ,mBAAA;EA4FE,YAAA,CACX,YAAA,UACA,WAAA,YACC,OAAA;IACD,MAAA,EAAQ,mBAAA;IACR,IAAA,EAAM,WAAA;EAAA;AAAA;AAAA,UAoEO,kBAAA;EACf,GAAA;EACA,KAAA;EACA,KAAA;AAAA;AAAA,UAGe,mBAAA;EACf,YAAA;EACA,UAAA;EACA,UAAA;EACA,SAAA;EACA,aAAA;EACA,wBAAA;EACA,KAAA;AAAA;;;;;;cC7bW,WAAA;EAAA,WACF,0BAAA,GACR,mBAAA;EAAA;;UAMc,0BAAA;EhBZJ;;;EgBgBX,IAAA;;;;EAKA,KAAA;;;;EAKA,WAAA;AAAA;AAAA,cAKW,mBAAA,SAA4B,SAAA,CAAU,0BAAA;EAAA,mBAC9B,gBAAA,EAAgB,gBAAA;EAAA,IAExB,IAAA,CAAA;EAAA,IAIA,KAAA,CAAA;EAIJ,QAAA,CAAA;EAAA,UAIG,MAAA,CAAA;;;;EAWH,GAAA,CAAI,IAAA,GAAO,WAAA;AAAA;;;;;;cCpDP,KAAA;EAAA,WAAkB,oBAAA,GAA4B,aAAA;EAAA;;UAM1C,oBAAA;EjB4Cf;;;EiBxCA,IAAA;;;;EAKA,WAAA;EAEA,MAAA,YAAkB,eAAA;EAElB,WAAA,GAAc,KAAA;IAGR,IAAA;IACA,SAAA;IACA,OAAA;EAAA;AAAA;AAAA,cAKK,aAAA,SAAsB,SAAA,CAAU,oBAAA;EAAA,mBACxB,gBAAA,EAAgB,gBAAA;EAAA,IAExB,IAAA,CAAA;EAAA,UAID,MAAA,CAAA;;;;MAoBC,MAAA,CAAA,YAAmB,eAAA;EAIvB,GAAA,CAAI,UAAA,WAAqB,mBAAA;EAIzB,KAAA,CAAM,UAAA,WAAqB,mBAAA,GAAmB,mBAAA;AAAA;;;UCjEtC,aAAA;;;;;EAKf,OAAA;;;AlBTF;EkBcE,KAAA;;;;EAKA,WAAA,aAAwB,UAAA;;;;;EAMxB,KAAA,IAAS,IAAA,EAAM,gBAAA;AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AlBgCjB;;;;;;;;ACtDA;;;;iBiB+EgB,OAAA,CAAQ,OAAA,GAAU,aAAA,GAAgB,UAAA;;;;;;;;;;;;AlBlFlD;;;;;;;;;;;;;;;;;;;cmB8Ba,eAAA,GACX,OAAA,EAAS,8BAAA,KACR,uBAAA;AAAA,KAqHS,8BAAA;EACV,WAAA;AAAA;EAGI,MAAA,EAAQ,oCAAA;AAAA;EAGR,MAAA,EAAQ,eAAA;EACR,IAAA,EAAM,WAAA;AAAA;AAAA,UAIK,oCAAA;;;;EAIf,GAAA;;;;EAKA,QAAA;;;;EAKA,YAAA;AAAA;AAAA,UAGe,uBAAA;EACf,KAAA,QAAa,OAAA;AAAA;AAAA,UAGE,mBAAA;EACf,QAAA,GAAW,mBAAA;AAAA;;;cCjLA,sBAAA;EAAA,mBACQ,GAAA,EADc,gBAAA,CACX,MAAA;EAAA,mBACH,gBAAA,EAAgB,gBAAA;EAAA,mBAChB,WAAA,EAAW,WAAA;EAAA,mBACX,MAAA,EAAM,MAAA;EAAA,mBACN,MAAA,EAAM,cAAA;EAAA,mBAEN,eAAA,EAFM,QAAA,CAES,aAAA;EAAA,mBA8Bf,eAAA,EA9Be,QAAA,CA8BA,aAAA;EAAA,UA0BxB,cAAA,CAAA,GAAkB,gBAAA;EAAA,mBAQT,eAAA,EARyB,QAAA,CAQV,aAAA;AAAA;AAAA,KAmCxB,0BAAA,IACV,OAAA,EAAS,aAAA,KACN,OAAA,CAAQ,gBAAA;;;;YC9ED,KAAA;IACR,uBAAA;MACE,KAAA;MACA,IAAA,EAAM,WAAA;IAAA;EAAA;EAAA,UAIA,KAAA;;;;;;;IAOR,6BAAA,GAAgC,gBAAA;;;;IAKhC,sBAAA,GAAyB,WAAA;;;;;;;;IASzB,wBAAA;MAA6B,EAAA;IAAA;EAAA;AAAA;AAAA;EAAA,UAKrB,aAAA;IACR,IAAA,GAAO,gBAAA;EAAA;EAAA,UAGC,mBAAA;IACR,IAAA,EAAM,gBAAA;EAAA;EAAA,UAGE,oBAAA,SAA6B,YAAA;;;;ArBpBzC;;;;IqB4BI,IAAA,GAAO,gBAAA;EAAA;AAAA;;ApBlFX;;;;;;;;;;;;;ACkBA;;cmBsFa,cAAA,EAAc,QAAA,CAAA,OAAA,CAKzB,QAAA,CALyB,MAAA"}
1
+ {"version":3,"file":"index.d.ts","names":["kty","alg","key_ops","ext","use","x5c","x5t","x5u","kid","JWKParameters","crv","x","JWK_OKP_Public","d","pub","JWK_AKP_Public","priv","y","JWK_EC_Public","e","n","JWK_RSA_Public","dp","dq","p","q","qi","k","IProtectedHeader","IToken","ReturnKeyTypes","protectedHeader","token","Promise","GenericGetKeyFunction","CryptoKey","KeyObject","JWK","Uint8Array","header","JWSHeaderParameters","payload","protected","signature","signatures","Omit","FlattenedJWSInput","Partial","jku","jwk","Pick","typ","cty","JoseHeaderParameters","b64","crit","propName","apu","apv","p2c","p2s","iv","epk","aad","ciphertext","encrypted_key","JWEHeaderParameters","tag","unprotected","FlattenedJWE","recipients","enc","zip","CritOption","keyManagementAlgorithms","contentEncryptionAlgorithms","maxPBES2Count","maxDecompressedLength","audience","clockTolerance","issuer","maxTokenAge","subject","currentDate","Date","requiredClaims","algorithms","iss","sub","aud","jti","nbf","exp","iat","additionalAuthenticatedData","plaintext","sharedUnprotectedHeader","unprotectedHeader","FlattenedDecryptResult","CompactJWEHeaderParameters","FlattenedVerifyResult","CompactJWSHeaderParameters","PayloadType","JWTPayload","JWTHeaderParameters","key","keys","type","Extract","Awaited","ReturnType","crypto","subtle","generateKey","setIssuer","setSubject","setAudience","setJti","jwtId","setNotBefore","input","setExpirationTime","setIssuedAt","types","VerifyOptions","JWTClaimVerificationOptions","GenericGetKeyFunction","JWTHeaderParameters","FlattenedJWSInput","CryptoKey","KeyObject","JWK","Uint8Array","PayloadType","JWTPayload","jwt","key","JWTVerifyOptions","options","Promise","JWTVerifyResult","JWTVerifyGetKey","getKey","ResolvedKey"],"sources":["../../src/security/schemas/userAccountInfoSchema.ts","../../src/security/interfaces/UserAccountToken.ts","../../src/security/atoms/currentTenantAtom.ts","../../src/security/atoms/currentUserAtom.ts","../../src/security/errors/InvalidCredentialsError.ts","../../src/security/errors/InvalidPermissionError.ts","../../src/security/errors/SecurityError.ts","../../src/security/interfaces/IssuerResolver.ts","../../src/security/primitives/$basicAuth.ts","../../../../node_modules/jose/dist/types/types.d.ts","../../../../node_modules/jose/dist/types/jwt/verify.d.ts","../../src/security/providers/JwtProvider.ts","../../src/security/schemas/permissionSchema.ts","../../src/security/schemas/roleSchema.ts","../../src/security/providers/SecurityProvider.ts","../../src/security/primitives/$issuer.ts","../../src/security/primitives/$permission.ts","../../src/security/primitives/$role.ts","../../src/security/primitives/$secure.ts","../../src/security/primitives/$serviceAccount.ts","../../src/security/providers/ServerSecurityProvider.ts","../../src/security/index.ts"],"x_google_ignoreList":[9,10],"mappings":";;;;;;;cAGa,qBAAA,oBAAqB,OAAA;;;;;;;;;;;KAyDtB,WAAA,GAAc,MAAM,QAAQ,qBAAA;;;;;;;UCtDvB,gBAAA,SAAyB,WAAW;;;ADHrD;ECOE,KAAA;;;;EAKA,KAAA;;;;;EAMA,SAAA;AAAA;;;;;;;;;;;ADlBF;;;;;;;;;;;;;;cEqBa,iBAAA,mBAAiB,IAAA,mBAAA,SAAA,mBAAA,OAAA;;;;;;;;;;;cCfjB,eAAA,mBAAe,IAAA,mBAAA,SAAA,mBAAA,OAAA;;;;;;;;;;;;;;;;;;;cCDf,uBAAA,SAAgC,iBAAiB;EAAA,SACnD,IAAA;;;;;cCTE,sBAAA,SAA+B,KAAK;cACnC,IAAA;AAAA;;;cCDD,aAAA,SAAsB,KAAK;EAC/B,IAAA;EAAA,SACS,MAAA;AAAA;;;;;;;KCKN,QAAA,GAAW,IAAI,CAAC,WAAA;EAC1B,SAAA;AAAA;;;;UAMe,cAAA;;;;EAIf,QAAA;;;;;;EAOA,SAAA,GAAY,GAAA,EAAK,aAAA,KAAkB,OAAA,CAAQ,QAAA;AAAA;;;UCrB5B,gBAAA;EACf,QAAA;EACA,QAAQ;AAAA;;;;ARHV;;;;;;;;;;;;iBQqBgB,UAAA,CAAW,OAAA,EAAS,gBAAA,GAAmB,UAAU;;;;UCvBhD,aAAA;;EAEfA,GAAAA;;;;;ATAF;ESMEC,GAAAA;;EAEAC,OAAAA;ETRgC;ESUhCC,GAAAA;;EAEAC,GAAAA;;EAEAC,GAAAA;;EAEAC,GAAAA;;EAEA,UAAA;;EAEAC,GAAAA;;EAEAC,GAAAA;AAAAA;;;;;;;;;;;;;;;UA2Fe,GAAA,SAAY,aAAa;EL5GL;;;;EKiHnCE,GAAAA;;;;;;EAMAG,CAAAA;EJ/HF;EIiIES,EAAAA;;EAEAC,EAAAA;EJnI0C;EIqI1CJ,CAAAA;EJpIY;EIsIZQ,CAAAA;EJtIwB;EIwIxBP,CAAAA;;EAEAI,CAAAA;EH3IF;EG6IEC,CAAAA;;EAEAC,EAAAA;EH/IiC;;;;EGoJjCf,CAAAA;;EAEAM,CAAAA;;EAEAH,GAAAA;EFjJkB;EEmJlBE,IAAAA;AAAAA;;;;;UAqCe,iBAAA;EDvKgD;AAAA;;;;ACvBjE;EAqMEuB,MAAAA,GAAS,mBAAA;EArMmB;;;;EA2M5BE,OAAAA,WAAkB,UAAU;EA3L5BpC;;;;;EAkMAqC,SAAAA;EA/FF;EAkGEC,SAAAA;AAAAA;;UAyCe,oBAAA;EAiBTO;EAfN1C,GAAAA;EAqBA4C;EAlBA9C,GAAAA;EAsBF;EAnBED,GAAAA;EAmB+D;EAhB/DE,GAAAA;EA4BA+C;EAzBAN,GAAAA;EA+BiB;EA5BjBC,GAAAA,GAAM,IAAI,CAAC,GAAA;EA+Jc;EA5JzBE,GAAAA;EAgLmB;EA7KnBC,GAAAA;AAAAA;;UAIe,mBAAA,SAA4B,oBAAoB;EAoO/D2B;;;;;EA9NA9E,GAAAA;EA0QAoF;;AAAc;AAIhB;EAxQE/B,GAAAA;EAwQqCmB;EArQrClB,IAAAA;EAoRyB;EAAA,CAjRxBC,QAAAA;AAAAA;;UAmIc,UAAA;EE1QG;;;;;;;;;;;;;;;AAEc;AAElC;;EFyRED,IAAAA;IAAAA,CACGC,QAAgB;EAAA;AAAA;;UA0CJ,2BAAA;EG1ejB;;;;;EHgfEsB,QAAAA;;;;;;;;;;EAWAC,cAAAA;;;;AG3dF;;EHkeEC,MAAAA;EGleqD;;;;AChCvD;;;;EJ4gBEC,WAAAA;;;;;;EAOAC,OAAAA;;;;;;EAOA/B,GAAAA;;EAGAgC,WAAAA,GAAc,IAAI;;;;;AItfpB;;;;EJggBEE,cAAAA;AAAAA;;UAIe,aAAA,SAAsB,UAAU;EKlhBpB;;;;;;;EL0hB3BC,UAAU;AAAA;;UAOK,UAAA;EKpSgC;;;;;EL0S/CC,GAAAA;EK/LkC;;;;;ELsMlCC,GAAAA;EKhGG;;;;;ELuGHC,GAAAA;EKsEsC;;;;;EL/DtCC,GAAAA;EKgII;;;;;ELzHJC,GAAAA;EKsTmC;;;;;EL/SnCC,GAAAA;EKxkBoC;;;;;EL+kBpCC,GAAAA;EKzkBmB;EAAA,CL4kBlBrC,QAAAA;AAAAA;;UA0Dc,eAAA,eAA8B,UAAA;EKjQ3C;ELmQFf,OAAAA,EAAS,WAAA,GAAc,UAAA;EKrMhB;ELwMPV,eAAAA,EAAiB,mBAAA;AAAA;;UAmBF,0BAAA,SAAmC,mBAAmB;EACrE9B,GAAG;AAAA;;UAIY,mBAAA,SAA4B,0BAA0B;EACrEqD,GAAG;AAAA;;UAUY,aAAA;EACfoD,IAAAA,EAAM,GAAG;AAAA;;;;;;UAQM,SAAA;EACfC,IAAI;AAAA;;;;;;;KASM,SAAA,GAAY,OAAA,CACtB,OAAA,CAAQ,UAAA,QAAkB,MAAA,CAAO,MAAA,CAAO,WAAA;EACtCA,IAAAA;AAAAA;;;;UChuBa,gBAAA,SAAyB,aAAA,EAAqB,2BAAiC;;;;;;cCkBnF,WAAA;EAAA,mBACQ,GAAA,0BAAG,MAAA;EAAA,mBACH,QAAA,EAAU,eAAA;EAAA,mBACV,gBAAA,EAAgB,gBAAA;EAAA,mBAChB,OAAA,EAAO,WAAA;EX6B1B;;;;;;EWrBO,YAAA,CAAa,IAAA,UAAc,eAAA,WAA0B,aAAA;;;;;;;;EAiC/C,KAAA,CACX,KAAA,UACA,OAAA,WACA,OAAA,GAAU,gBAAA,GACT,OAAA,CAAQ,cAAA;;;;;;;;;;EAwDE,MAAA,CACX,OAAA,EAAS,kBAAA,EACT,OAAA,WACA,WAAA,GAAc,cAAA,GACb,OAAA;;;;;;;YAyBO,WAAA,CAAY,GAAA;AAAA;AAAA,KAKZ,SAAA,IACV,eAAA,GAAkB,mBAAA,EAClB,KAAA,GAAQ,iBAAA,KACL,OAAA,CAAQ,SAAA,GAAY,SAAA;AAAA,UAER,eAAA;EACf,IAAA;EACA,SAAA,EAAW,SAAS;EACpB,SAAA;AAAA;AAAA,UAGe,cAAA;EACf,MAAA,GAAS,OAAO,CAAC,mBAAA;AAAA;AAAA,UAGF,kBAAA,SAA2B,UAAU;EACpD,GAAA;EAEA,IAAA;EACA,KAAA;EACA,KAAA;EACA,YAAA;EAEA,YAAA;IAAiB,KAAA;EAAA;AAAA;AAAA,UAGF,cAAA;EACf,OAAA;EACA,MAAA,EAAQ,eAAe,CAAC,kBAAA;AAAA;;;cC7Lb,gBAAA,oBAAgB,OAAA;;;;;;;KAgCjB,UAAA,GAAa,MAAM,QAAQ,gBAAA;;;cChC1B,UAAA,oBAAU,OAAA;;;;;;;;;;KAuCX,IAAA,GAAO,MAAM,QAAQ,UAAA;;;cCdpB,gBAAA;EAAA,mBACQ,iBAAA;EAAA,mBACA,iBAAA,EAAiB,MAAA;EAAA,mBACjB,0BAAA,EAA0B,MAAA;EAAA,mBAG1B,GAAA,0BAAG,MAAA;EAAA,mBACH,GAAA,EAAG,WAAA;EAAA,mBACH,MAAA,EAAM,MAAA;EAAA,mBACN,cAAA,EAAc,cAAA;EAAA,IAEtB,SAAA;;;;qBAOQ,WAAA,EAAa,UAAA;;;;qBAKb,MAAA,EAAQ,KAAA;EAAA,UAmBjB,KAAA,mBAAK,aAAA;;;;YAwBL,wBAAA,CAAyB,SAAA,WAAoB,cAAA;;;;;;;EAgDhD,UAAA,CAAW,IAAA,EAAM,IAAA,KAAS,MAAA,aAAmB,IAAA;;;;AdlFtD;;EckJS,gBAAA,CAAiB,GAAA,EAAK,UAAA,YAAsB,UAAA;EA0D5C,WAAA,CAAY,KAAA,EAAO,KAAA;Ed5MiC;;;;ACtD7D;;;;EamRe,WAAA,CAAY,KAAA,UAAe,KAAA,EAAO,IAAA,KAAS,OAAA;Eb/QxD;;;;AAWS;;;;Ea2RF,qBAAA,CACL,OAAA,EAAS,UAAA,EACT,SAAA,YACC,WAAA;EZlRH;;;;EYyTO,UAAA,CACL,QAAA,EAAU,QAAA,EACV,OAAA;IACE,KAAA;IACA,UAAA,GAAa,UAAA;EAAA,IAEd,gBAAA;;;;;EAoCI,gBAAA,CAAiB,QAAA,EAAU,cAAA,EAAgB,SAAA;EX3XvC;;;;EWyYJ,QAAA,CAAS,SAAA,YAAqB,KAAA;EXzYX;;;;;;;;;EW8Zb,4BAAA,CACX,GAAA;IAAO,GAAA,EAAK,GAAA;IAAc,OAAA;MAAW,aAAA;IAAA;EAAA,GACrC,OAAA;IACE,KAAA;IACA,UAAA,GAAa,UAAA;EAAA,IAEd,OAAA,CAAQ,gBAAA;;;;;;;;;EA0DJ,eAAA,CACL,cAAA,WAAyB,UAAA,KACtB,WAAA,aACF,mBAAA;;;;EAwFU,mBAAA,CACX,aAAA,WACA,OAAA;IACE,UAAA,GAAa,UAAA;IACb,KAAA;IACA,MAAA,GAAS,gBAAA;EAAA,IAEV,OAAA,CAAQ,gBAAA;EVjkBwB;;;;;;;EU4nB5B,GAAA,CAAI,QAAA,UAAkB,UAAA,WAAqB,UAAA;;;;EAO3C,SAAA,CACL,QAAA,UACA,UAAA,WAAqB,UAAA;ET7oBW;;;;;ESupB3B,kBAAA,CAAmB,UAAA,EAAY,UAAA;ETtpBd;AAAA;;ES0qBjB,YAAA,CAAa,IAAA,EAAM,gBAAA,EAAkB,OAAA;;AR3qB9C;;EQsrBS,kBAAA,CAAmB,IAAA,EAAM,gBAAA;EAOzB,SAAA,IAAa,KAAA;ER7rBa;;;;AAEX;EQosBf,QAAA,CAAS,KAAA,YAAiB,IAAA;;;AP/rBnC;;;;;EO8sBS,cAAA,CAAe,IAAA;IACpB,KAAA,GAAQ,KAAA,CAAM,IAAA;IACd,KAAA;EAAA,IACE,UAAA;EP1sBW;;;;;;EOyyBR,gBAAA,CAAiB,OAAA,EAAS,MAAA;EAgB1B,uBAAA,CACL,OAAA,EAAS,MAAA;EPtzBX;;;;;EOq0BO,mBAAA,CAAoB,OAAA,EAAS,MAAA;EAI7B,qBAAA,CACL,OAAA,EAAS,MAAA;EAqBJ,sBAAA,CACL,OAAA,EAAS,MAAA;EAiBJ,mBAAA,CAAoB,OAAA,EAAS,MAAA;;;AN/3BtC;;;;EMi5BS,kBAAA,CAAmB,OAAA,EAAS,MAAA;EAmB5B,0BAAA,CACL,OAAA,EAAS,MAAA;ENj5Ba;;;;;;;EMm6BjB,oBAAA,CACL,OAAA,EAAS,MAAA;AAAA;;;AL37Bb;UK48BiB,KAAA;EACf,IAAA;EAEA,KAAA,EAAO,IAAA;EL78BP3G;;;;;EKo9BA,MAAA,YAAkB,aAAA;ELp8BlBM;;;;EK08BA,OAAA,IAAW,GAAA,EAAK,MAAA,kBAAwB,WAAA;ELp8BrC;AA2FL;;EK82BE,SAAA,GAAY,cAAA;AAAA;AAAA,UAGG,mBAAA;EACf,YAAA;EACA,SAAS;AAAA;;;Adp+BX;;;;;;AAAA,ce2Ba,OAAA;EAAA,UAAoB,sBAAA,GAAyB,eAAA;EAAA;;KAM9C,sBAAA;;;;;EAKV,IAAA;;;;EAKA,WAAA;;;;EAKA,KAAA,GAAQ,KAAA,UAAe,IAAA;;;;EAKvB,QAAA,GAAW,cAAA;;;;EAKX,OAAA,IAAW,UAAA,EAAY,MAAA,kBAAwB,WAAA;;;AfDjD;EeME,SAAA,GAAY,cAAA;AAAA,KACT,cAAA,GAAiB,cAAA;AAAA,UAEL,cAAA;EACf,WAAA;;;;AdhEF;IcqEI,UAAA,GAAa,YAAA;EAAA;EAGf,YAAA;IdxEwC;;;;Ic6EtC,UAAA,GAAa,YAAA;EAAA;EAUf,eAAA,IACE,IAAA,EAAM,WAAA,EACN,MAAA;IACE,SAAA;;AbxEN;;;;Ia8EM,QAAA;EAAA,MAEC,OAAA;IACH,YAAA;IACA,SAAA;EAAA;EAGF,gBAAA,IAAoB,YAAA,aAAyB,OAAA;IAC3C,IAAA,EAAM,WAAA;IACN,SAAA;IACA,SAAA;EAAA;EAGF,eAAA,IAAmB,YAAA,aAAyB,OAAA;AAAA;AAAA,KAGlC,cAAA;EZ1GV;;;EY8GA,MAAM;AAAA;AAAA,UAGS,cAAA;;;;EAIf,IAAA,mBAAuB,aAAa;AAAA;AAAA,cAKzB,eAAA,SAAwB,SAAA,CAAU,sBAAA;EAAA,mBAC1B,MAAA,EAAM,MAAA;EAAA,mBACN,gBAAA,EAAgB,gBAAA;EAAA,mBAChB,gBAAA,EAAgB,gBAAA;EAAA,mBAChB,GAAA,EAAG,WAAA;EAAA,mBACH,GAAA,0BAAG,MAAA;EAAA,IAEX,IAAA;EAAA,IAIA,qBAAA,IAAyB,QAAA;EAAA,IAMzB,sBAAA,IAA0B,QAAA;EAAA,UAM3B,MAAA;;;;YAkCA,iBAAA,IAAqB,cAAA;;;;;EAgCxB,gBAAA,CAAiB,QAAA,EAAU,cAAA;;;;EAO3B,QAAA,IAAY,IAAA;;;AX9NrB;EWqOe,QAAA,CAAS,KAAA,EAAO,IAAA,KAAS,OAAA;;;;EAO/B,aAAA,CAAc,IAAA,WAAe,IAAA;EAQvB,UAAA,CAAW,KAAA,WAAgB,OAAA,CAAQ,UAAA;;;;EAQnC,WAAA,CACX,IAAA,EAAM,WAAA,EACN,YAAA;IACE,GAAA;IACA,aAAA;IACA,wBAAA;EAAA,GAEF,OAAA;IV3Q6C;;;;IUgR3C,QAAA;EAAA,IAED,OAAA,CAAQ,mBAAA;EA4FE,YAAA,CACX,YAAA,UACA,WAAA,YACC,OAAA;IACD,MAAA,EAAQ,mBAAA;IACR,IAAA,EAAM,WAAA;EAAA;AAAA;AAAA,UAoEO,kBAAA;EACf,GAAA;EACA,KAAA;EACA,KAAA;AAAA;AAAA,UAGe,mBAAA;EACf,YAAA;EACA,UAAA;EACA,UAAA;EACA,SAAA;EACA,aAAA;EACA,wBAAA;EACA,KAAA;AAAA;;;;;;cC7bW,WAAA;EAAA,WACF,0BAAA,GACR,mBAAA;EAAA;;UAMc,0BAAA;EhB2Cf;;;EgBvCA,IAAA;;;;EAKA,KAAA;;;;EAKA,WAAA;AAAA;AAAA,cAKW,mBAAA,SAA4B,SAAA,CAAU,0BAAA;EAAA,mBAC9B,gBAAA,EAAgB,gBAAA;EAAA,IAExB,IAAA;EAAA,IAIA,KAAA;EAIJ,QAAA;EAAA,UAIG,MAAA;;;;EAWH,GAAA,CAAI,IAAA,GAAO,WAAA;AAAA;;;;;;cCpDP,KAAA;EAAA,WAAkB,oBAAA,GAA4B,aAAA;EAAA;;UAM1C,oBAAA;EjBXiB;;;EiBehC,IAAA;;;;EAKA,WAAA;EAEA,MAAA,YAAkB,eAAA;EAElB,WAAA,GAAc,KAAK;IAGb,IAAA;IACA,SAAA;IACA,OAAA;EAAA;AAAA;AAAA,cAKK,aAAA,SAAsB,SAAA,CAAU,oBAAA;EAAA,mBACxB,gBAAA,EAAgB,gBAAA;EAAA,IAExB,IAAA;EAAA,UAID,MAAA;;;;MAoBC,MAAA,aAAmB,eAAA;EAIvB,GAAA,CAAI,UAAA,WAAqB,mBAAA;EAIzB,KAAA,CAAM,UAAA,WAAqB,mBAAA,GAAmB,mBAAA;AAAA;;;UCjEtC,aAAA;;;;;EAKf,OAAA;ElB8CA;;;EkBzCA,KAAA;;;;EAKA,WAAA,aAAwB,UAAA;;;;;EAMxB,KAAA,IAAS,IAAA,EAAM,gBAAgB;AAAA;;;;;;;;;;;;;;;;;;;;AlBgCjC;;;;AAA6D;;;;ACtD7D;;;;;;;;;AAeW;;;;ACGX;;;;;;;;;;;;;;iBgB6DgB,OAAA,CAAQ,OAAA,GAAU,aAAA,GAAgB,UAAU;;;;;;;;;AlBlF5D;;;;;;;;;;;;;;;;;;;;;;cmB8Ba,eAAA,GACX,OAAA,EAAS,8BAAA,KACR,uBAmHF;AAAA,KAEW,8BAAA;EACV,WAAA;AAAA;EAGI,MAAA,EAAQ,oCAAA;AAAA;EAGR,MAAA,EAAQ,eAAA;EACR,IAAA,EAAM,WAAA;AAAA;AAAA,UAIK,oCAAA;;;AnBxGjB;EmB4GE,GAAA;;;AnB5G2D;EmBiH3D,QAAA;;;AlBvKF;EkB4KE,YAAA;AAAA;AAAA,UAGe,uBAAA;EACf,KAAA,QAAa,OAAO;AAAA;AAAA,UAGL,mBAAA;EACf,QAAA,GAAW,mBAAmB;AAAA;;;cCjLnB,sBAAA;EAAA,mBACQ,GAAA,0BAAG,MAAA;EAAA,mBACH,gBAAA,EAAgB,gBAAA;EAAA,mBAChB,WAAA,EAAW,WAAA;EAAA,mBACX,MAAA,EAAM,MAAA;EAAA,mBACN,MAAA,EAAM,cAAA;EAAA,mBAEN,eAAA,mBAAe,aAAA;EAAA,mBA8Bf,eAAA,mBAAe,aAAA;EAAA,UA0BxB,cAAA,IAAkB,gBAAA;EAAA,mBAQT,eAAA,mBAAe,aAAA;AAAA;AAAA,KAmCxB,0BAAA,IACV,OAAA,EAAS,aAAA,KACN,OAAA,CAAQ,gBAAA;;;;YC9ED,KAAA;IACR,uBAAA;MACE,KAAA;MACA,IAAA,EAAM,WAAA;IAAA;EAAA;EAAA,UAIA,KAAA;;;;;;;IAOR,6BAAA,GAAgC,gBAAA;;;;IAKhC,sBAAA,GAAyB,WAAA;IrBEjB;;;;AAAiD;;;IqBOzD,wBAAA;MAA6B,EAAA;IAAA;EAAA;AAAA;AAAA;EAAA,UAKrB,aAAA;IACR,IAAA,GAAO,gBAAA;EAAA;EAAA,UAGC,mBAAA;IACR,IAAA,EAAM,gBAAA;EAAA;EAAA,UAGE,oBAAA,SAA6B,YAAA;;AnBxDzC;;;;;;ImBgEI,IAAA,GAAO,gBAAA;EAAA;AAAA;;;;;;AlB/EX;;;;;;;;;;;ckBqGa,cAAA,mBAAc,OAAA,kBAAA,MAAA"}