npm - authhero - Versions diffs - 0.127.0 → 0.128.0 - Mend

authhero 0.127.0 → 0.128.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/authhero.cjs CHANGED Viewed

@@ -151,7 +151,7 @@ In order to be iterable, non-array objects must have a [Symbol.iterator]() metho
 In order to be iterable, non-array objects must have a [Symbol.iterator]() method.`)}function Y3(t,e){if(t){if(typeof t=="string")return xp(t,e);var n=Object.prototype.toString.call(t).slice(8,-1);if(n==="Object"&&t.constructor&&(n=t.constructor.name),n==="Map"||n==="Set")return Array.from(t);if(n==="Arguments"||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n))return xp(t,e)}}function xp(t,e){(e==null||e>t.length)&&(e=t.length);for(var n=0,r=new Array(e);n<e;n++)r[n]=t[n];return r}function kp(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter(function(i){return Object.getOwnPropertyDescriptor(t,i).enumerable})),n.push.apply(n,r)}return n}function Sp(t){for(var e=1;e<arguments.length;e++){var n=arguments[e]!=null?arguments[e]:{};e%2?kp(Object(n),!0).forEach(function(r){Q3(t,r,n[r])}):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(n)):kp(Object(n)).forEach(function(r){Object.defineProperty(t,r,Object.getOwnPropertyDescriptor(n,r))})}return t}function Q3(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}var Ap={formatExtension:function(e,n,r){return"".concat(e).concat(r.ext()).concat(n)}};function eb(t,e,n,r){if(n?n=Sp(Sp({},Ap),n):n=Ap,r=new He(r),t.country&&t.country!=="001"){if(!r.hasCountry(t.country))throw new Error("Unknown country: ".concat(t.country));r.country(t.country)}else if(t.countryCallingCode)r.selectNumberingPlan(t.countryCallingCode);else return t.phone||"";var i=r.countryCallingCode(),s=n.v2?t.nationalNumber:t.phone,o;switch(e){case"NATIONAL":return s?(o=ao(s,t.carrierCode,"NATIONAL",r,n),ja(o,t.ext,r,n.formatExtension)):"";case"INTERNATIONAL":return s?(o=ao(s,null,"INTERNATIONAL",r,n),o="+".concat(i," ").concat(o),ja(o,t.ext,r,n.formatExtension)):"+".concat(i);case"E.164":return"+".concat(i).concat(s);case"RFC3966":return Z3({number:"+".concat(i).concat(s),ext:t.ext});case"IDD":if(!n.fromCountry)return;var c=nb(s,t.carrierCode,i,n.fromCountry,r);return ja(c,t.ext,r,n.formatExtension);default:throw new Error('Unknown "format" argument passed to "formatNumber()": "'.concat(e,'"'))}}function ao(t,e,n,r,i){var s=tb(r.formats(),t);return s?U3(t,s,{useInternationalFormat:n==="INTERNATIONAL",withNationalPrefix:!(s.nationalPrefixIsOptionalWhenFormattingInNationalFormat()&&i&&i.nationalPrefix===!1),carrierCode:e,metadata:r}):t}function tb(t,e){for(var n=X3(t),r;!(r=n()).done;){var i=r.value;if(i.leadingDigitsPatterns().length>0){var s=i.leadingDigitsPatterns()[i.leadingDigitsPatterns().length-1];if(e.search(s)!==0)continue}if(Gt(e,i.pattern()))return i}}function ja(t,e,n,r){return e?r(t,e,n):t}function nb(t,e,n,r,i){var s=jl(r,i.metadata);if(s===n){var o=ao(t,e,"NATIONAL",i);return n==="1"?n+" "+o:o}var c=F3(r,void 0,i.metadata);if(c)return"".concat(c," ").concat(n," ").concat(ao(t,null,"INTERNATIONAL",i))}function Ep(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter(function(i){return Object.getOwnPropertyDescriptor(t,i).enumerable})),n.push.apply(n,r)}return n}function Ip(t){for(var e=1;e<arguments.length;e++){var n=arguments[e]!=null?arguments[e]:{};e%2?Ep(Object(n),!0).forEach(function(r){rb(t,r,n[r])}):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(n)):Ep(Object(n)).forEach(function(r){Object.defineProperty(t,r,Object.getOwnPropertyDescriptor(n,r))})}return t}function rb(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function ib(t,e){if(!(t instanceof e))throw new TypeError("Cannot call a class as a function")}function sb(t,e){for(var n=0;n<e.length;n++){var r=e[n];r.enumerable=r.enumerable||!1,r.configurable=!0,"value"in r&&(r.writable=!0),Object.defineProperty(t,r.key,r)}}function ob(t,e,n){return e&&sb(t.prototype,e),Object.defineProperty(t,"prototype",{writable:!1}),t}var ab=function(){function t(e,n,r){if(ib(this,t),!e)throw new TypeError("First argument is required");if(typeof e!="string")throw new TypeError("First argument must be a string");if(typeof e=="string"){if(e[0]==="+"&&!n)throw new TypeError("`metadata` argument not passed");if(sr(n)&&sr(n.countries)){r=n;var i=e;if(!lb.test(i))throw new Error('Invalid `number` argument passed: must consist of a "+" followed by digits');var s=tm(i,void 0,void 0,r),o=s.countryCallingCode,c=s.number;if(n=c,e=o,!n)throw new Error("Invalid `number` argument passed: too short")}}if(!n)throw new TypeError("`nationalNumber` argument is required");if(typeof n!="string")throw new TypeError("`nationalNumber` argument must be a string");Yg(r);var d=db(e,r),l=d.country,u=d.countryCallingCode;this.country=l,this.countryCallingCode=u,this.nationalNumber=n,this.number="+"+this.countryCallingCode+this.nationalNumber,this.getMetadata=function(){return r}}return ob(t,[{key:"setExt",value:function(n){this.ext=n}},{key:"getPossibleCountries",value:function(){return this.country?[this.country]:b3(this.countryCallingCode,this.nationalNumber,this.getMetadata())}},{key:"isPossible",value:function(){return m3(this,{v2:!0},this.getMetadata())}},{key:"isValid",value:function(){return v3(this,{v2:!0},this.getMetadata())}},{key:"isNonGeographic",value:function(){var n=new He(this.getMetadata());return n.isNonGeographicCallingCode(this.countryCallingCode)}},{key:"isEqual",value:function(n){return this.number===n.number&&this.ext===n.ext}},{key:"getType",value:function(){return Rl(this,{v2:!0},this.getMetadata())}},{key:"format",value:function(n,r){return eb(this,n,r?Ip(Ip({},r),{},{v2:!0}):{v2:!0},this.getMetadata())}},{key:"formatNational",value:function(n){return this.format("NATIONAL",n)}},{key:"formatInternational",value:function(n){return this.format("INTERNATIONAL",n)}},{key:"getURI",value:function(n){return this.format("RFC3966",n)}}]),t}(),cb=function(e){return/^[A-Z]{2}$/.test(e)};function db(t,e){var n,r,i=new He(e);return cb(t)?(n=t,i.selectNumberingPlan(n),r=i.countryCallingCode()):r=t,{country:n,countryCallingCode:r}}var lb=/^\+\d+$/;function yd(t){"@babel/helpers - typeof";return yd=typeof Symbol=="function"&&typeof Symbol.iterator=="symbol"?function(e){return typeof e}:function(e){return e&&typeof Symbol=="function"&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},yd(t)}function ub(t,e,n){return Object.defineProperty(t,"prototype",{writable:!1}),t}function fb(t,e){if(!(t instanceof e))throw new TypeError("Cannot call a class as a function")}function pb(t,e){if(typeof e!="function"&&e!==null)throw new TypeError("Super expression must either be null or a function");t.prototype=Object.create(e&&e.prototype,{constructor:{value:t,writable:!0,configurable:!0}}),Object.defineProperty(t,"prototype",{writable:!1}),e&&li(t,e)}function hb(t){var e=im();return function(){var r=ui(t),i;if(e){var s=ui(this).constructor;i=Reflect.construct(r,arguments,s)}else i=r.apply(this,arguments);return gb(this,i)}}function gb(t,e){if(e&&(yd(e)==="object"||typeof e=="function"))return e;if(e!==void 0)throw new TypeError("Derived constructors may only return object or undefined");return rm(t)}function rm(t){if(t===void 0)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return t}function wd(t){var e=typeof Map=="function"?new Map:void 0;return wd=function(r){if(r===null||!mb(r))return r;if(typeof r!="function")throw new TypeError("Super expression must either be null or a function");if(typeof e<"u"){if(e.has(r))return e.get(r);e.set(r,i)}function i(){return rs(r,arguments,ui(this).constructor)}return i.prototype=Object.create(r.prototype,{constructor:{value:i,enumerable:!1,writable:!0,configurable:!0}}),li(i,r)},wd(t)}function rs(t,e,n){return im()?rs=Reflect.construct:rs=function(i,s,o){var c=[null];c.push.apply(c,s);var d=Function.bind.apply(i,c),l=new d;return o&&li(l,o.prototype),l},rs.apply(null,arguments)}function im(){if(typeof Reflect>"u"||!Reflect.construct||Reflect.construct.sham)return!1;if(typeof Proxy=="function")return!0;try{return Boolean.prototype.valueOf.call(Reflect.construct(Boolean,[],function(){})),!0}catch{return!1}}function mb(t){return Function.toString.call(t).indexOf("[native code]")!==-1}function li(t,e){return li=Object.setPrototypeOf||function(r,i){return r.__proto__=i,r},li(t,e)}function ui(t){return ui=Object.setPrototypeOf?Object.getPrototypeOf:function(n){return n.__proto__||Object.getPrototypeOf(n)},ui(t)}var Rt=function(t){pb(n,t);var e=hb(n);function n(r){var i;return fb(this,n),i=e.call(this,r),Object.setPrototypeOf(rm(i),n.prototype),i.name=i.constructor.name,i}return ub(n)}(wd(Error)),Np=new RegExp("(?:"+nm()+")$","i");function _b(t){var e=t.search(Np);if(e<0)return{};for(var n=t.slice(0,e),r=t.match(Np),i=1;i<r.length;){if(r[i])return{number:n,ext:r[i]};i++}}var yb={0:"0",1:"1",2:"2",3:"3",4:"4",5:"5",6:"6",7:"7",8:"8",9:"9","０":"0","１":"1","２":"2","３":"3","４":"4","５":"5","６":"6","７":"7","８":"8","９":"9","٠":"0","١":"1","٢":"2","٣":"3","٤":"4","٥":"5","٦":"6","٧":"7","٨":"8","٩":"9","۰":"0","۱":"1","۲":"2","۳":"3","۴":"4","۵":"5","۶":"6","۷":"7","۸":"8","۹":"9"};function wb(t){return yb[t]}function vb(t,e){var n=typeof Symbol<"u"&&t[Symbol.iterator]||t["@@iterator"];if(n)return(n=n.call(t)).next.bind(n);if(Array.isArray(t)||(n=bb(t))||e){n&&(t=n);var r=0;return function(){return r>=t.length?{done:!0}:{done:!1,value:t[r++]}}}throw new TypeError(`Invalid attempt to iterate non-iterable instance.
 In order to be iterable, non-array objects must have a [Symbol.iterator]() method.`)}function bb(t,e){if(t){if(typeof t=="string")return Cp(t,e);var n=Object.prototype.toString.call(t).slice(8,-1);if(n==="Object"&&t.constructor&&(n=t.constructor.name),n==="Map"||n==="Set")return Array.from(t);if(n==="Arguments"||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n))return Cp(t,e)}}function Cp(t,e){(e==null||e>t.length)&&(e=t.length);for(var n=0,r=new Array(e);n<e;n++)r[n]=t[n];return r}function zp(t){for(var e="",n=vb(t.split("")),r;!(r=n()).done;){var i=r.value;e+=$b(i,e)||""}return e}function $b(t,e,n){return t==="+"?e?void 0:"+":wb(t)}function xb(t,e){var n=typeof Symbol<"u"&&t[Symbol.iterator]||t["@@iterator"];if(n)return(n=n.call(t)).next.bind(n);if(Array.isArray(t)||(n=kb(t))||e){n&&(t=n);var r=0;return function(){return r>=t.length?{done:!0}:{done:!1,value:t[r++]}}}throw new TypeError(`Invalid attempt to iterate non-iterable instance.
 In order to be iterable, non-array objects must have a [Symbol.iterator]() method.`)}function kb(t,e){if(t){if(typeof t=="string")return Op(t,e);var n=Object.prototype.toString.call(t).slice(8,-1);if(n==="Object"&&t.constructor&&(n=t.constructor.name),n==="Map"||n==="Set")return Array.from(t);if(n==="Arguments"||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n))return Op(t,e)}}function Op(t,e){(e==null||e>t.length)&&(e=t.length);for(var n=0,r=new Array(e);n<e;n++)r[n]=t[n];return r}function Sb(t,e){var n=e.countries,r=e.metadata;r=new He(r);for(var i=xb(n),s;!(s=i()).done;){var o=s.value;if(r.country(o),r.leadingDigits()){if(t&&t.search(r.leadingDigits())===0)return o}else if(Rl({phone:t,country:o},void 0,r.metadata))return o}}function Ab(t,e){var n=e.nationalNumber,r=e.defaultCountry,i=e.metadata,s=i.getCountryCodesForCallingCode(t);if(s)return s.length===1?s[0]:Sb(n,{countries:s,defaultCountry:r,metadata:i.metadata})}var sm="+",Eb="[\\-\\.\\(\\)]?",Pp="(["+wt+"]|"+Eb+")",Ib="^\\"+sm+Pp+"*["+wt+"]"+Pp+"*$",Nb=new RegExp(Ib,"g"),vd=wt,Cb="["+vd+"]+((\\-)*["+vd+"])*",zb="a-zA-Z",Ob="["+zb+"]+((\\-)*["+vd+"])*",Pb="^("+Cb+"\\.)*"+Ob+"\\.?$",jb=new RegExp(Pb,"g"),jp="tel:",bd=";phone-context=",Tb=";isub=";function Rb(t){var e=t.indexOf(bd);if(e<0)return null;var n=e+bd.length;if(n>=t.length)return"";var r=t.indexOf(";",n);return r>=0?t.substring(n,r):t.substring(n)}function Bb(t){return t===null?!0:t.length===0?!1:Nb.test(t)||jb.test(t)}function Lb(t,e){var n=e.extractFormattedPhoneNumber,r=Rb(t);if(!Bb(r))throw new Rt("NOT_A_NUMBER");var i;if(r===null)i=n(t)||"";else{i="",r.charAt(0)===sm&&(i+=r);var s=t.indexOf(jp),o;s>=0?o=s+jp.length:o=0;var c=t.indexOf(bd);i+=t.substring(o,c)}var d=i.indexOf(Tb);if(d>0&&(i=i.substring(0,d)),i!=="")return i}var Ub=250,Mb=new RegExp("["+Ll+wt+"]"),Fb=new RegExp("[^"+wt+"#]+$");function Vb(t,e,n){if(e=e||{},n=new He(n),e.defaultCountry&&!n.hasCountry(e.defaultCountry))throw e.v2?new Rt("INVALID_COUNTRY"):new Error("Unknown country: ".concat(e.defaultCountry));var r=qb(t,e.v2,e.extract),i=r.number,s=r.ext,o=r.error;if(!i){if(e.v2)throw o==="TOO_SHORT"?new Rt("TOO_SHORT"):new Rt("NOT_A_NUMBER");return{}}var c=Kb(i,e.defaultCountry,e.defaultCallingCode,n),d=c.country,l=c.nationalNumber,u=c.countryCallingCode,p=c.countryCallingCodeSource,m=c.carrierCode;if(!n.hasSelectedNumberingPlan()){if(e.v2)throw new Rt("INVALID_COUNTRY");return{}}if(!l||l.length<Bl){if(e.v2)throw new Rt("TOO_SHORT");return{}}if(l.length>x3){if(e.v2)throw new Rt("TOO_LONG");return{}}if(e.v2){var w=new ab(u,l,n.metadata);return d&&(w.country=d),m&&(w.carrierCode=m),s&&(w.ext=s),w.__countryCallingCodeSource=p,w}var h=(e.extended?n.hasSelectedNumberingPlan():d)?Gt(l,n.nationalNumberPattern()):!1;return e.extended?{country:d,countryCallingCode:u,carrierCode:m,valid:h,possible:h?!0:!!(e.extended===!0&&n.possibleLengths()&&em(l,n)),phone:l,ext:s}:h?Hb(d,l,s):{}}function Db(t,e,n){if(t){if(t.length>Ub){if(n)throw new Rt("TOO_LONG");return}if(e===!1)return t;var r=t.search(Mb);if(!(r<0))return t.slice(r).replace(Fb,"")}}function qb(t,e,n){var r=Lb(t,{extractFormattedPhoneNumber:function(o){return Db(o,n,e)}});if(!r)return{};if(!W3(r))return J3(r)?{error:"TOO_SHORT"}:{};var i=_b(r);return i.ext?i:{number:r}}function Hb(t,e,n){var r={country:t,phone:e};return n&&(r.ext=n),r}function Kb(t,e,n,r){var i=tm(zp(t),e,n,r.metadata),s=i.countryCallingCodeSource,o=i.countryCallingCode,c=i.number,d;if(o)r.selectNumberingPlan(o);else if(c&&(e||n))r.selectNumberingPlan(e,n),e&&(d=e),o=n||jl(e,r.metadata);else return{};if(!c)return{countryCallingCodeSource:s,countryCallingCode:o};var l=_d(zp(c),r),u=l.nationalNumber,p=l.carrierCode,m=Ab(o,{nationalNumber:u,defaultCountry:e,metadata:r});return m&&(d=m,m==="001"||r.country(d)),{country:d,countryCallingCode:o,countryCallingCodeSource:s,nationalNumber:u,carrierCode:p}}function Tp(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter(function(i){return Object.getOwnPropertyDescriptor(t,i).enumerable})),n.push.apply(n,r)}return n}function Rp(t){for(var e=1;e<arguments.length;e++){var n=arguments[e]!=null?arguments[e]:{};e%2?Tp(Object(n),!0).forEach(function(r){Gb(t,r,n[r])}):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(n)):Tp(Object(n)).forEach(function(r){Object.defineProperty(t,r,Object.getOwnPropertyDescriptor(n,r))})}return t}function Gb(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function Wb(t,e,n){return Vb(t,Rp(Rp({},e),{},{v2:!0}),n)}function Bp(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter(function(i){return Object.getOwnPropertyDescriptor(t,i).enumerable})),n.push.apply(n,r)}return n}function Jb(t){for(var e=1;e<arguments.length;e++){var n=arguments[e]!=null?arguments[e]:{};e%2?Bp(Object(n),!0).forEach(function(r){Zb(t,r,n[r])}):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(n)):Bp(Object(n)).forEach(function(r){Object.defineProperty(t,r,Object.getOwnPropertyDescriptor(n,r))})}return t}function Zb(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function Xb(t,e){return t4(t)||e4(t,e)||Qb(t,e)||Yb()}function Yb(){throw new TypeError(`Invalid attempt to destructure non-iterable instance.
-In order to be iterable, non-array objects must have a [Symbol.iterator]() method.`)}function Qb(t,e){if(t){if(typeof t=="string")return Lp(t,e);var n=Object.prototype.toString.call(t).slice(8,-1);if(n==="Object"&&t.constructor&&(n=t.constructor.name),n==="Map"||n==="Set")return Array.from(t);if(n==="Arguments"||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n))return Lp(t,e)}}function Lp(t,e){(e==null||e>t.length)&&(e=t.length);for(var n=0,r=new Array(e);n<e;n++)r[n]=t[n];return r}function e4(t,e){var n=t==null?null:typeof Symbol<"u"&&t[Symbol.iterator]||t["@@iterator"];if(n!=null){var r=[],i=!0,s=!1,o,c;try{for(n=n.call(t);!(i=(o=n.next()).done)&&(r.push(o.value),!(e&&r.length===e));i=!0);}catch(d){s=!0,c=d}finally{try{!i&&n.return!=null&&n.return()}finally{if(s)throw c}}return r}}function t4(t){if(Array.isArray(t))return t}function n4(t){var e=Array.prototype.slice.call(t),n=Xb(e,4),r=n[0],i=n[1],s=n[2],o=n[3],c,d,l;if(typeof r=="string")c=r;else throw new TypeError("A text for parsing must be a string.");if(!i||typeof i=="string")o?(d=s,l=o):(d=void 0,l=s),i&&(d=Jb({defaultCountry:i},d));else if(sr(i))s?(d=i,l=s):l=i;else throw new Error("Invalid second argument: ".concat(i));return{text:c,options:d,metadata:l}}function Up(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter(function(i){return Object.getOwnPropertyDescriptor(t,i).enumerable})),n.push.apply(n,r)}return n}function Mp(t){for(var e=1;e<arguments.length;e++){var n=arguments[e]!=null?arguments[e]:{};e%2?Up(Object(n),!0).forEach(function(r){r4(t,r,n[r])}):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(n)):Up(Object(n)).forEach(function(r){Object.defineProperty(t,r,Object.getOwnPropertyDescriptor(n,r))})}return t}function r4(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function i4(t,e,n){e&&e.defaultCountry&&!h3(e.defaultCountry,n)&&(e=Mp(Mp({},e),{},{defaultCountry:void 0}));try{return Wb(t,e,n)}catch(r){if(!(r instanceof Rt))throw r}}function s4(){var t=n4(arguments),e=t.text,n=t.options,r=t.metadata;return i4(e,n,r)}function o4(){return i3(s4,arguments)}function fi(t,e="US"){const n=t.trim();if(n.includes("@")){const r=n.toLowerCase(),i=/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(r);return{connection:"email",normalized:i?r:null,isValid:i}}else if(/^\+?\d[\d\s\-().]*$/.test(n)){const r=o4(n,{defaultCountry:e});return r&&r.isValid()?{connection:"sms",normalized:r.number,isValid:!0}:{connection:"sms",normalized:null,isValid:!1}}else return{connection:"username",normalized:n,isValid:!0}}const a4=a.z.object({client_id:a.z.string(),username:a.z.string().transform(t=>t.toLowerCase()),otp:a.z.string(),authParams:Jr.optional()});async function om(t,{client_id:e,username:n,otp:r,authParams:i}){const s=await t.env.data.clients.get(e);if(!s)throw new N(403,{message:"Client not found"});return Ul(t,s,i||{client_id:e,response_type:Ct.TOKEN_ID_TOKEN,response_mode:Ft.WEB_MESSAGE},n,r)}async function Ul(t,e,n,r,i,s,o){const{env:c}=t,d=await c.data.codes.get(e.tenant.id,i,"otp");if(!d)throw new N(400,{message:"Code not found or expired"});if(d.expires_at<new Date().toISOString())throw new N(400,{message:"Code expired"});if(d.used_at)throw new N(400,{message:"Code already used"});const l=Ot(t.req),{connection:u,normalized:p}=fi(r,l.countryCode);if(!p)throw new N(400,{message:"Invalid username format"});const m=await c.data.loginSessions.get(e.tenant.id,d.login_id);if(!m||m.authParams.username!==r)throw new N(400,{message:"Code not found or expired"});if(o&&m.ip!==l.ip)return t.redirect(`${ct(t.env)}invalid-session?state=${m.id}`);const w=await bo(t,{client:e,username:p,provider:u,connection:u,isSocial:!1,ip:t.req.header("x-real-ip")});return await c.data.codes.used(e.tenant.id,i),pn(t,{user:w,client:e,loginSession:m,authParams:n,ticketAuth:s})}const Fp=a.z.object({client_id:a.z.string().optional(),client_secret:a.z.string().optional()}),c4=a.z.union([Xg.extend(Fp.shape),a.z.object({grant_type:a.z.literal("authorization_code"),client_id:a.z.string(),code:a.z.string(),redirect_uri:a.z.string(),code_verifier:a.z.string().min(43).max(128)}),a.z.object({grant_type:a.z.literal("authorization_code"),code:a.z.string(),redirect_uri:a.z.string().optional(),...Fp.shape}),a.z.object({grant_type:a.z.literal("refresh_token"),client_id:a.z.string(),refresh_token:a.z.string(),redirect_uri:a.z.string().optional()}),a.z.object({grant_type:a.z.literal("http://auth0.com/oauth/grant-type/passwordless/otp"),client_id:a.z.string(),username:a.z.string(),otp:a.z.string(),realm:a.z.enum(["email","sms"])})]);function d4(t){if(!t)return{};const[e,n]=t.split(" ");if((e==null?void 0:e.toLowerCase())==="basic"&&n){const[r,i]=atob(n).split(":");return{client_id:r,client_secret:i}}return{}}const l4=new a.OpenAPIHono().openapi(a.createRoute({tags:["oauth2"],method:"post",path:"/",request:{body:{content:{"application/x-www-form-urlencoded":{schema:c4}}}},responses:{200:{content:{"application/json":{schema:k0}},description:"Tokens"}}}),async t=>{const e=t.req.valid("form"),n=d4(t.req.header("Authorization")),r={...e,...n};if(!r.client_id)throw new N(400,{message:"client_id is required"});switch(t.set("client_id",r.client_id),e.grant_type){case Qn.AuthorizationCode:return e3(t,Qv.parse(r));case Qn.ClientCredential:return Yv(t,Xg.parse(r));case Qn.RefreshToken:return n3(t,t3.parse(r));case Qn.OTP:return om(t,a4.parse(r));default:throw new N(400,{message:"Not implemented"})}});var Ml={exports:{}};const Fl=[{id:0,value:"Too weak",minDiversity:0,minLength:0},{id:1,value:"Weak",minDiversity:2,minLength:6},{id:2,value:"Medium",minDiversity:4,minLength:8},{id:3,value:"Strong",minDiversity:4,minLength:10}],am=(t,e=Fl,n="!\"#$%&'()*+,-./:;<=>?@[\\\\\\]^_`{|}~")=>{let r=t||"";e[0].minDiversity=0,e[0].minLength=0;const i=[{regex:"[a-z]",message:"lowercase"},{regex:"[A-Z]",message:"uppercase"},{regex:"[0-9]",message:"number"}];n&&i.push({regex:`[${n}]`,message:"symbol"});let s={};s.contains=i.filter(c=>new RegExp(`${c.regex}`).test(r)).map(c=>c.message),s.length=r.length;let o=e.filter(c=>s.contains.length>=c.minDiversity).filter(c=>s.length>=c.minLength).sort((c,d)=>d.id-c.id).map(c=>({id:c.id,value:c.value}));return Object.assign(s,o[0]),s};Ml.exports={passwordStrength:am,defaultOptions:Fl};var u4=Ml.exports.passwordStrength=am;Ml.exports.defaultOptions=Fl;function Vl(t){return u4(t).id<2?!1:t.length>=8&&/[a-z]/.test(t)&&/[A-Z]/.test(t)&&/[0-9]/.test(t)&&/[^A-Za-z0-9]/.test(t)}async function Ri(t,e){var i;const n=await t.env.data.emailProviders.get(t.var.tenant_id)||(t.env.DEFAULT_TENANT_ID?await t.env.data.emailProviders.get(t.env.DEFAULT_TENANT_ID):null);if(!n)throw new N(500,{message:"Email provider not found"});const r=(i=t.env.emailProviders)==null?void 0:i[n.name];if(!r)throw new N(500,{message:"Email provider not found"});await r({emailProvider:n,...e,from:n.default_from_address||`login@${t.env.ISSUER}`})}async function cm(t,e){var o,c;if(!t.var.client_id)throw new N(500,{message:"Client not found"});const n=await Ti(t.env,t.var.client_id),r=n.connections.find(d=>d.strategy==="sms");if(!r)throw new N(500,{message:"SMS provider not found"});const i=((o=r.options)==null?void 0:o.provider)||"twilio",s=(c=t.env.smsProviders)==null?void 0:c[i];if(!s)throw new N(500,{message:"SMS provider not found"});await s({options:r.options,to:e.to,text:e.text,template:"auth-code",data:{code:e.code,tenantName:n.tenant.name,tenantId:n.tenant.id}})}async function dm(t,e,n,r){const i=await t.env.data.tenants.get(t.var.tenant_id);if(!i)throw new N(500,{message:"Tenant not found"});const s=`${ct(t.env)}reset-password?state=${r}&code=${n}`,o={vendorName:i.name,lng:i.language||"en"};await Ri(t,{to:e,subject:re("reset_password_title",o),html:`Click here to reset your password: ${ct(t.env)}reset-password?state=${r}&code=${n}`,template:"auth-password-reset",data:{vendorName:i.name,logo:i.logo||"",passwordResetUrl:s,supportUrl:i.support_url||"https://support.sesamy.com",buttonColor:i.primary_color||"#7d68f4",passwordResetTitle:re("password_reset_title",o),resetPasswordEmailClickToReset:re("reset_password_email_click_to_reset",o),resetPasswordEmailReset:re("reset_password_email_reset",o),supportInfo:re("support_info",o),contactUs:re("contact_us",o),copyright:re("copyright",o),tenantName:i.name,tenantId:i.id}})}async function lm(t,{to:e,code:n}){const r=await t.env.data.tenants.get(t.var.tenant_id);if(!r)throw new N(500,{message:"Tenant not found"});const{connection:i}=fi(e),s=new URL(ct(t.env)),o={vendorName:r.name,vendorId:r.id,loginDomain:s.hostname,code:n,lng:r.language||"en"};i==="email"?await Ri(t,{to:e,subject:re("code_email_subject",o),html:`Click here to validate your email: ${ct(t.env)}validate-email`,template:"auth-code",data:{code:n,vendorName:r.name,logo:r.logo||"",supportUrl:r.support_url||"",buttonColor:r.primary_color||"",welcomeToYourAccount:re("welcome_to_your_account",o),linkEmailClickToLogin:re("link_email_click_to_login",o),linkEmailLogin:re("link_email_login",o),linkEmailOrEnterCode:re("link_email_or_enter_code",o),codeValid30Mins:re("code_valid_30_minutes",o),supportInfo:re("support_info",o),contactUs:re("contact_us",o),copyright:re("copyright",o)}}):i==="sms"&&await cm(t,{to:e,text:re("sms_code_text",o),code:n});const c=we(t,{type:ge.CODE_LINK_SENT,description:e});It(t,t.env.data.logs.create(r.id,c))}async function Dl(t,{to:e,code:n,authParams:r}){const i=await t.env.data.tenants.get(t.var.tenant_id);if(!i)throw new N(500,{message:"Tenant not found"});if(!r.redirect_uri)throw new N(400,{message:"redirect_uri is required"});const{connection:s}=fi(e),o=new URL(je(t.env));o.pathname="passwordless/verify_redirect",o.searchParams.set("verification_code",n),o.searchParams.set("connection",s),o.searchParams.set("client_id",r.client_id),o.searchParams.set("redirect_uri",r.redirect_uri),o.searchParams.set("email",e),r.response_type&&o.searchParams.set("response_type",r.response_type),r.scope&&o.searchParams.set("scope",r.scope),r.state&&o.searchParams.set("state",r.state),r.nonce&&o.searchParams.set("nonce",r.nonce),r.code_challenge&&o.searchParams.set("code_challenge",r.code_challenge),r.code_challenge_method&&o.searchParams.set("code_challenge_method",r.code_challenge_method),r.audience&&o.searchParams.set("audience",r.audience);const c={vendorName:i.name,code:n,lng:i.language||"en"};if(s==="email")await Ri(t,{to:e,subject:re("code_email_subject",c),html:`Click here to validate your email: ${ct(t.env)}validate-email`,template:"auth-link",data:{code:n,vendorName:i.name,logo:i.logo||"",supportUrl:i.support_url||"",magicLink:o.toString(),buttonColor:i.primary_color||"",welcomeToYourAccount:re("welcome_to_your_account",c),linkEmailClickToLogin:re("link_email_click_to_login",c),linkEmailLogin:re("link_email_login",c),linkEmailOrEnterCode:re("link_email_or_enter_code",c),codeValid30Mins:re("code_valid_30_minutes",c),supportInfo:re("support_info",c),contactUs:re("contact_us",c),copyright:re("copyright",c)}});else if(s==="sms")await cm(t,{to:e,text:`${re("link_sms_login",c)}: ${o.toString()}`,code:n});else throw new N(400,{message:"Only email and SMS connections are supported for magic links"});const d=we(t,{type:ge.CODE_LINK_SENT,description:e});It(t,t.env.data.logs.create(i.id,d))}async function ql(t,e){const n=await t.env.data.tenants.get(t.var.tenant_id);if(!n)throw new N(500,{message:"Tenant not found"});if(!e.email)throw new N(400,{message:"User has no email"});const r={vendorName:n.name,lng:n.language||"en"};await Ri(t,{to:e.email,subject:re("welcome_to_your_account",r),html:`Click here to validate your email: ${ct(t.env)}validate-email`,template:"auth-verify-email",data:{vendorName:n.name,logo:n.logo||"",emailValidationUrl:`${ct(t.env)}validate-email`,supportUrl:n.support_url||"https://support.sesamy.com",buttonColor:n.primary_color||"#7d68f4",welcomeToYourAccount:re("welcome_to_your_account",r),verifyEmailVerify:re("verify_email_verify",r),supportInfo:re("support_info",r),contactUs:re("contact_us",r),copyright:re("copyright",r)}})}async function f4(t,e,n,r){const i=await t.env.data.tenants.get(t.var.tenant_id);if(!i)throw new N(500,{message:"Tenant not found"});const s={vendorName:i.name,lng:i.language||"en"},o=`${ct(t.env)}signup?state=${r}&code=${n}`;await Ri(t,{to:e,subject:re("register_password_account",s),html:`Click here to register: ${o}`,template:"auth-pre-signup-verification",data:{vendorName:i.name,logo:i.logo||"",signupUrl:o,setPassword:re("set_password",s),registerPasswordAccount:re("register_password_account",s),clickToSignUpDescription:re("click_to_sign_up_description",s),supportUrl:i.support_url||"https://support.sesamy.com",buttonColor:i.primary_color||"#7d68f4",welcomeToYourAccount:re("welcome_to_your_account",s),verifyEmailVerify:re("verify_email_verify",s),supportInfo:re("support_info",s),contactUs:re("contact_us",s),copyright:re("copyright",s)}})}const p4=new a.OpenAPIHono().openapi(a.createRoute({tags:["dbconnections"],method:"post",path:"/signup",request:{body:{content:{"application/json":{schema:a.z.object({client_id:a.z.string(),connection:a.z.literal("Username-Password-Authentication"),email:a.z.string().transform(t=>t.toLowerCase()),password:a.z.string()})}}}},responses:{200:{content:{"application/json":{schema:a.z.object({_id:a.z.string(),email:a.z.string().optional(),email_verified:a.z.boolean(),app_metadata:a.z.object({}),user_metadata:a.z.object({})})}},description:"Created user"}}}),async t=>{const{email:e,password:n,client_id:r}=t.req.valid("json"),i=await t.env.data.clients.get(r);if(!i)throw new N(400,{message:"Client not found"});if(t.set("client_id",i.id),t.set("tenant_id",i.tenant.id),!Vl(n))throw new N(400,{message:"Password does not meet the requirements"});if(await xs({userAdapter:t.env.data.users,tenant_id:i.tenant.id,username:e,provider:"auth2"}))throw new N(400,{message:"Invalid sign up"});const o=await t.env.data.users.create(i.tenant.id,{user_id:`auth2|${go()}`,email:e,email_verified:!1,provider:"auth2",connection:"Username-Password-Authentication",is_social:!1});t.set("user_id",o.user_id),t.set("username",o.email),t.set("connection",o.connection);const c=await mi.hash(n,10);await t.env.data.passwords.create(i.tenant.id,{user_id:o.user_id,password:c,algorithm:"bcrypt"}),await ql(t,o);const d=we(t,{type:ge.SUCCESS_SIGNUP,description:"Successful signup"});return await t.env.data.logs.create(i.tenant.id,d),t.json({_id:o.user_id,email:o.email,email_verified:!1,app_metadata:{},user_metadata:{}})}).openapi(a.createRoute({tags:["dbconnections"],method:"post",path:"/change_password",request:{body:{content:{"application/json":{schema:a.z.object({client_id:a.z.string(),connection:a.z.literal("Username-Password-Authentication"),email:a.z.string().transform(t=>t.toLowerCase())})}}}},responses:{200:{description:"Redirect to the client's redirect uri"}}}),async t=>{const{email:e,client_id:n}=t.req.valid("json"),r=await t.env.data.clients.get(n);if(!r)throw new N(400,{message:"Client not found"});if(t.set("client_id",r.id),t.set("tenant_id",r.tenant.id),!await vr({userAdapter:t.env.data.users,tenant_id:r.tenant.id,username:e,provider:"auth2"}))return t.html("If an account with that email exists, we've sent instructions to reset your password.");const s={client_id:n,username:e},o=await t.env.data.loginSessions.create(r.tenant.id,{expires_at:new Date(Date.now()+or*1e3).toISOString(),authParams:s,csrf_token:xe(),...Ot(t.req)});return await dm(t,e,o.id,o.authParams.state),t.html("If an account with that email exists, we've sent instructions to reset your password.")});function Mn(){const t="1234567890";let e="";for(let n=0;n<6;n+=1)e+=t[Math.floor(Math.random()*10)];return e.toString()}const h4=new a.OpenAPIHono().openapi(a.createRoute({tags:["passwordless"],method:"post",path:"/start",request:{body:{content:{"application/json":{schema:a.z.union([a.z.object({connection:a.z.literal("email"),client_id:a.z.string(),email:a.z.string().transform(t=>t.toLowerCase()),send:a.z.enum(["link","code"]),authParams:Jr.omit({client_id:!0})}),a.z.object({client_id:a.z.string(),connection:a.z.literal("sms"),phone_number:a.z.string(),send:a.z.enum(["link","code"]),authParams:Jr.omit({client_id:!0})})])}}}},responses:{200:{description:"Status"}}}),async t=>{const e=t.req.valid("json"),{env:n}=t,{client_id:r,send:i,authParams:s,connection:o}=e,c=await t.env.data.clients.get(r);if(!c)throw new N(400,{message:"Client not found"});t.set("client_id",c.id),t.set("tenant_id",c.tenant.id);const d=o==="email"?e.email:e.phone_number,l=await n.data.loginSessions.create(c.tenant.id,{authParams:{...s,client_id:r,username:d},expires_at:new Date(Date.now()+Wa).toISOString(),csrf_token:xe(),...Ot(t.req)}),u=await n.data.codes.create(c.tenant.id,{code_id:Mn(),code_type:"otp",login_id:l.id,expires_at:new Date(Date.now()+Wa).toISOString()});return i==="link"?await Dl(t,{to:d,code:u.code_id,authParams:{...s,client_id:r}}):await lm(t,{to:d,code:u.code_id}),t.html("OK")}).openapi(a.createRoute({tags:["passwordless"],method:"get",path:"/verify_redirect",request:{query:a.z.object({scope:a.z.string(),response_type:a.z.nativeEnum(Ct),redirect_uri:a.z.string(),state:a.z.string(),nonce:a.z.string().optional(),verification_code:a.z.string(),connection:a.z.string(),client_id:a.z.string(),email:a.z.string().transform(t=>t.toLowerCase()),audience:a.z.string().optional()})},responses:{302:{description:"Status"}}}),async t=>{const{env:e}=t,{client_id:n,email:r,verification_code:i,redirect_uri:s,state:o,scope:c,audience:d,response_type:l,nonce:u}=t.req.valid("query"),p=await Ti(e,n);return t.set("client_id",p.id),t.set("tenant_id",p.tenant.id),t.set("connection","email"),Ul(t,p,{client_id:n,redirect_uri:s,state:o,nonce:u,scope:c,audience:d,response_type:l},r,i,!1,!0)});class Lr extends N{constructor(n,r){super(n,r);te(this,"_code");this._code=r==null?void 0:r.code}get code(){return this._code}}async function Hl(t,e,n,r,i){const{env:s}=t,{username:o}=n;if(t.set("username",o),!o)throw new N(400,{message:"Username is required"});const c=await vr({userAdapter:t.env.data.users,tenant_id:e.tenant.id,username:o,provider:"auth2"});if(!c){const h=we(t,{type:ge.FAILED_LOGIN_INCORRECT_PASSWORD,description:"Invalid user"});throw It(t,t.env.data.logs.create(e.tenant.id,h)),new Lr(403,{message:"User not found",code:"USER_NOT_FOUND"})}const d=c.linked_to?await s.data.users.get(e.tenant.id,c.linked_to):c;if(!d)throw new Lr(403,{message:"User not found",code:"USER_NOT_FOUND"});t.set("connection",c.connection),t.set("user_id",d.user_id);const l=await s.data.passwords.get(e.tenant.id,c.user_id);if(!(l&&await mi.compare(n.password,l.password))){const h=we(t,{type:ge.FAILED_LOGIN_INCORRECT_PASSWORD,description:"Invalid password"});throw It(t,t.env.data.logs.create(e.tenant.id,h)),new Lr(403,{message:"Invalid password",code:"INVALID_PASSWORD"})}if((await s.data.logs.list(e.tenant.id,{page:0,per_page:10,include_totals:!1,q:`user_id:${d.user_id}`})).logs.filter(h=>h.type===ge.FAILED_LOGIN_INCORRECT_PASSWORD&&new Date(h.date)>new Date(Date.now()-1e3*60*5)).length>=3){const h=we(t,{type:ge.FAILED_LOGIN,description:"Too many failed login attempts"});throw It(t,t.env.data.logs.create(e.tenant.id,h)),new Lr(403,{message:"Too many failed login attempts",code:"TOO_MANY_FAILED_LOGINS"})}if(!c.email_verified&&e.email_validation==="enforced"){await ql(t,c);const h=we(t,{type:ge.FAILED_LOGIN,description:"Email not verified"});throw await t.env.data.logs.create(e.tenant.id,h),new Lr(403,{message:"Email not verified",code:"EMAIL_NOT_VERIFIED"})}const w=we(t,{type:ge.SUCCESS_LOGIN,description:"Successful login",strategy_type:"Username-Password-Authentication",strategy:"Username-Password-Authentication"});return It(t,t.env.data.logs.create(e.tenant.id,w)),pn(t,{client:e,authParams:n,user:d,ticketAuth:i,loginSession:r})}async function g4(t,e,n,r){await bo(t,{client:e,username:n,provider:"auth2",connection:"Username-Password-Authentication",isSocial:!1,ip:t.req.header("x-real-ip")});let i=Mn(),s=await t.env.data.codes.get(e.tenant.id,i,"password_reset");for(;s;)i=Mn(),s=await t.env.data.codes.get(e.tenant.id,i,"password_reset");const o=await t.env.data.loginSessions.create(e.tenant.id,{expires_at:new Date(Date.now()+d_).toISOString(),authParams:{client_id:e.id,username:n},csrf_token:xe(),...Ot(t.req)}),c=await t.env.data.codes.create(e.tenant.id,{code_id:i,code_type:"password_reset",login_id:o.id,expires_at:new Date(Date.now()+c_).toISOString()});await dm(t,n,c.code_id,r)}const m4=new a.OpenAPIHono().openapi(a.createRoute({tags:["oauth"],method:"post",path:"/",request:{body:{content:{"application/json":{schema:a.z.union([a.z.object({credential_type:a.z.literal("http://auth0.com/oauth/grant-type/passwordless/otp"),otp:a.z.string(),client_id:a.z.string(),username:a.z.string().transform(t=>t.toLowerCase()),realm:a.z.enum(["email"]),scope:a.z.string().optional()}),a.z.object({credential_type:a.z.literal("http://auth0.com/oauth/grant-type/password-realm"),client_id:a.z.string(),username:a.z.string().transform(t=>t.toLowerCase()),password:a.z.string(),realm:a.z.enum(["Username-Password-Authentication"]),scope:a.z.string().optional()})])}}}},responses:{200:{description:"List of tenants"}}}),async t=>{const e=t.req.valid("json"),{client_id:n,username:r}=e;t.set("username",r);const i=await t.env.data.clients.get(n);if(!i)throw new N(400,{message:"Client not found"});t.set("client_id",n),t.set("tenant_id",i.tenant.id);const s=r.toLocaleLowerCase();if("otp"in e)return Ul(t,i,{client_id:n,username:s},s,e.otp,!0);if("password"in e){const o=await t.env.data.loginSessions.create(i.tenant.id,{expires_at:new Date(Date.now()+or*1e3).toISOString(),authParams:{client_id:n,username:s},csrf_token:xe(),...Ot(t.req)});return Hl(t,i,{username:s,password:e.password,client_id:n},o,!0)}else throw new N(400,{message:"Code or password required"})});function _4(t,e){var r,i,s;if(!t||e.length===0)return!1;const n=((r=Ta(t))==null?void 0:r.host)??null;if(!n)return!1;for(const o of e){let c;if(o.startsWith("http://")||o.startsWith("https://")?c=((i=Ta(o))==null?void 0:i.host)??null:c=((s=Ta("https://"+o))==null?void 0:s.host)??null,n===c)return!0}return!1}function Ta(t){try{return new URL(t)}catch{return null}}async function y4({ctx:t,session:e,client:n,authParams:r,connection:i,login_hint:s}){const o=new URL(t.req.url);t.var.custom_domain&&(o.hostname=t.var.custom_domain);const{ip:c,useragent:d,auth0Client:l}=Ot(t.req),u=await t.env.data.loginSessions.create(n.tenant.id,{expires_at:new Date(Date.now()+or*1e3).toISOString(),authParams:r,csrf_token:xe(),authorization_url:o.toString(),ip:c,useragent:d,auth0Client:l});if(e&&s){const p=await t.env.data.users.get(n.tenant.id,e.user_id);if((p==null?void 0:p.email)===s)return pn(t,{client:n,loginSession:u,authParams:r,user:p,sessionId:e.id})}if(i==="email"&&s){const p=Mn();return await t.env.data.codes.create(n.tenant.id,{code_id:p,code_type:"otp",login_id:u.id,expires_at:new Date(Date.now()+or*1e3).toISOString()}),await Dl(t,{code:p,to:s,authParams:r}),t.redirect(`/u/enter-code?state=${u.id}`)}return e?t.redirect(`/u/check-account?state=${u.id}`):t.redirect(`/u/login/identifier?state=${u.id}`)}function w4(t){if(t==="Username-Password-Authentication")return"auth2";if(t==="email")return"email";throw new N(403,{message:"Invalid realm"})}async function v4(t,e,n,r,i){var m;const{env:s}=t;t.set("connection",i);const o=await s.data.codes.get(e,n,"ticket");if(!o||o.used_at)throw new N(403,{message:"Ticket not found"});const c=await s.data.loginSessions.get(e,o.login_id);if(!c||!c.authParams.username)throw new N(403,{message:"Session not found"});const d=await s.data.clients.get(c.authParams.client_id);if(!d)throw new N(403,{message:"Client not found"});t.set("client_id",c.authParams.client_id),await s.data.codes.used(e,n);const l=w4(i);let u=await bo(t,{username:c.authParams.username,provider:l,client:d,connection:l==="auth2"?"Username-Password-Authentication":"email",isSocial:!1,ip:t.req.header("x-real-ip")});t.set("username",u.email||u.phone_number),t.set("user_id",u.user_id);const p=await G0(t,{user:u,client:d,loginSession:c});return pn(t,{authParams:{scope:(m=c.authParams)==null?void 0:m.scope,...r},loginSession:c,sessionId:p.id,user:u,client:d})}async function Vp(t,e){return`<!DOCTYPE html>
+In order to be iterable, non-array objects must have a [Symbol.iterator]() method.`)}function Qb(t,e){if(t){if(typeof t=="string")return Lp(t,e);var n=Object.prototype.toString.call(t).slice(8,-1);if(n==="Object"&&t.constructor&&(n=t.constructor.name),n==="Map"||n==="Set")return Array.from(t);if(n==="Arguments"||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n))return Lp(t,e)}}function Lp(t,e){(e==null||e>t.length)&&(e=t.length);for(var n=0,r=new Array(e);n<e;n++)r[n]=t[n];return r}function e4(t,e){var n=t==null?null:typeof Symbol<"u"&&t[Symbol.iterator]||t["@@iterator"];if(n!=null){var r=[],i=!0,s=!1,o,c;try{for(n=n.call(t);!(i=(o=n.next()).done)&&(r.push(o.value),!(e&&r.length===e));i=!0);}catch(d){s=!0,c=d}finally{try{!i&&n.return!=null&&n.return()}finally{if(s)throw c}}return r}}function t4(t){if(Array.isArray(t))return t}function n4(t){var e=Array.prototype.slice.call(t),n=Xb(e,4),r=n[0],i=n[1],s=n[2],o=n[3],c,d,l;if(typeof r=="string")c=r;else throw new TypeError("A text for parsing must be a string.");if(!i||typeof i=="string")o?(d=s,l=o):(d=void 0,l=s),i&&(d=Jb({defaultCountry:i},d));else if(sr(i))s?(d=i,l=s):l=i;else throw new Error("Invalid second argument: ".concat(i));return{text:c,options:d,metadata:l}}function Up(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter(function(i){return Object.getOwnPropertyDescriptor(t,i).enumerable})),n.push.apply(n,r)}return n}function Mp(t){for(var e=1;e<arguments.length;e++){var n=arguments[e]!=null?arguments[e]:{};e%2?Up(Object(n),!0).forEach(function(r){r4(t,r,n[r])}):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(n)):Up(Object(n)).forEach(function(r){Object.defineProperty(t,r,Object.getOwnPropertyDescriptor(n,r))})}return t}function r4(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function i4(t,e,n){e&&e.defaultCountry&&!h3(e.defaultCountry,n)&&(e=Mp(Mp({},e),{},{defaultCountry:void 0}));try{return Wb(t,e,n)}catch(r){if(!(r instanceof Rt))throw r}}function s4(){var t=n4(arguments),e=t.text,n=t.options,r=t.metadata;return i4(e,n,r)}function o4(){return i3(s4,arguments)}function fi(t,e="US"){const n=t.trim();if(n.includes("@")){const r=n.toLowerCase(),i=/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(r);return{connection:"email",normalized:i?r:null,isValid:i}}else if(/^\+?\d[\d\s\-().]*$/.test(n)){const r=o4(n,{defaultCountry:e});return r&&r.isValid()?{connection:"sms",normalized:r.number,isValid:!0}:{connection:"sms",normalized:null,isValid:!1}}else return{connection:"username",normalized:n,isValid:!0}}const a4=a.z.object({client_id:a.z.string(),username:a.z.string().transform(t=>t.toLowerCase()),otp:a.z.string(),authParams:Jr.optional()});async function om(t,{client_id:e,username:n,otp:r,authParams:i}){const s=await t.env.data.clients.get(e);if(!s)throw new N(403,{message:"Client not found"});return Ul(t,s,i||{client_id:e,response_type:Ct.TOKEN_ID_TOKEN,response_mode:Ft.WEB_MESSAGE},n,r)}async function Ul(t,e,n,r,i,s,o){const{env:c}=t,d=await c.data.codes.get(e.tenant.id,i,"otp");if(!d)throw new N(400,{message:"Code not found or expired"});if(d.expires_at<new Date().toISOString())throw new N(400,{message:"Code expired"});if(d.used_at)throw new N(400,{message:"Code already used"});const l=Ot(t.req),{connection:u,normalized:p}=fi(r,l.countryCode);if(!p)throw new N(400,{message:"Invalid username format"});const m=await c.data.loginSessions.get(e.tenant.id,d.login_id);if(!m||m.authParams.username!==r)throw new N(400,{message:"Code not found or expired"});if(o&&m.ip!==l.ip)return t.redirect(`${ct(t.env)}invalid-session?state=${m.id}`);const w=await bo(t,{client:e,username:p,provider:u,connection:u,isSocial:!1,ip:t.req.header("x-real-ip")});return await c.data.codes.used(e.tenant.id,i),pn(t,{user:w,client:e,loginSession:m,authParams:n,ticketAuth:s})}const Fp=a.z.object({client_id:a.z.string().optional(),client_secret:a.z.string().optional()}),c4=a.z.union([Xg.extend(Fp.shape),a.z.object({grant_type:a.z.literal("authorization_code"),client_id:a.z.string(),code:a.z.string(),redirect_uri:a.z.string(),code_verifier:a.z.string().min(43).max(128)}),a.z.object({grant_type:a.z.literal("authorization_code"),code:a.z.string(),redirect_uri:a.z.string().optional(),...Fp.shape}),a.z.object({grant_type:a.z.literal("refresh_token"),client_id:a.z.string(),refresh_token:a.z.string(),redirect_uri:a.z.string().optional()}),a.z.object({grant_type:a.z.literal("http://auth0.com/oauth/grant-type/passwordless/otp"),client_id:a.z.string(),username:a.z.string(),otp:a.z.string(),realm:a.z.enum(["email","sms"])})]);function d4(t){if(!t)return{};const[e,n]=t.split(" ");if((e==null?void 0:e.toLowerCase())==="basic"&&n){const[r,i]=atob(n).split(":");return{client_id:r,client_secret:i}}return{}}const l4=new a.OpenAPIHono().openapi(a.createRoute({tags:["oauth2"],method:"post",path:"/",request:{body:{content:{"application/x-www-form-urlencoded":{schema:c4}}}},responses:{200:{content:{"application/json":{schema:k0}},description:"Tokens"}}}),async t=>{const e=t.req.valid("form"),n=d4(t.req.header("Authorization")),r={...e,...n};if(!r.client_id)throw new N(400,{message:"client_id is required"});switch(t.set("client_id",r.client_id),e.grant_type){case Qn.AuthorizationCode:return e3(t,Qv.parse(r));case Qn.ClientCredential:return Yv(t,Xg.parse(r));case Qn.RefreshToken:return n3(t,t3.parse(r));case Qn.OTP:return om(t,a4.parse(r));default:throw new N(400,{message:"Not implemented"})}});var Ml={exports:{}};const Fl=[{id:0,value:"Too weak",minDiversity:0,minLength:0},{id:1,value:"Weak",minDiversity:2,minLength:6},{id:2,value:"Medium",minDiversity:4,minLength:8},{id:3,value:"Strong",minDiversity:4,minLength:10}],am=(t,e=Fl,n="!\"#$%&'()*+,-./:;<=>?@[\\\\\\]^_`{|}~")=>{let r=t||"";e[0].minDiversity=0,e[0].minLength=0;const i=[{regex:"[a-z]",message:"lowercase"},{regex:"[A-Z]",message:"uppercase"},{regex:"[0-9]",message:"number"}];n&&i.push({regex:`[${n}]`,message:"symbol"});let s={};s.contains=i.filter(c=>new RegExp(`${c.regex}`).test(r)).map(c=>c.message),s.length=r.length;let o=e.filter(c=>s.contains.length>=c.minDiversity).filter(c=>s.length>=c.minLength).sort((c,d)=>d.id-c.id).map(c=>({id:c.id,value:c.value}));return Object.assign(s,o[0]),s};Ml.exports={passwordStrength:am,defaultOptions:Fl};var u4=Ml.exports.passwordStrength=am;Ml.exports.defaultOptions=Fl;function Vl(t){return u4(t).id<2?!1:t.length>=8&&/[a-z]/.test(t)&&/[A-Z]/.test(t)&&/[0-9]/.test(t)&&/[^A-Za-z0-9]/.test(t)}async function Ri(t,e){var i;const n=await t.env.data.emailProviders.get(t.var.tenant_id)||(t.env.DEFAULT_TENANT_ID?await t.env.data.emailProviders.get(t.env.DEFAULT_TENANT_ID):null);if(!n)throw new N(500,{message:"Email provider not found"});const r=(i=t.env.emailProviders)==null?void 0:i[n.name];if(!r)throw new N(500,{message:"Email provider not found"});await r({emailProvider:n,...e,from:n.default_from_address||`login@${t.env.ISSUER}`})}async function cm(t,e){var o,c;if(!t.var.client_id)throw new N(500,{message:"Client not found"});const n=await Ti(t.env,t.var.client_id),r=n.connections.find(d=>d.strategy==="sms");if(!r)throw new N(500,{message:"SMS provider not found"});const i=((o=r.options)==null?void 0:o.provider)||"twilio",s=(c=t.env.smsProviders)==null?void 0:c[i];if(!s)throw new N(500,{message:"SMS provider not found"});await s({options:r.options,to:e.to,from:e.from,text:e.text,template:"auth-code",data:{code:e.code,tenantName:n.tenant.name,tenantId:n.tenant.id}})}async function dm(t,e,n,r){const i=await t.env.data.tenants.get(t.var.tenant_id);if(!i)throw new N(500,{message:"Tenant not found"});const s=`${ct(t.env)}reset-password?state=${r}&code=${n}`,o={vendorName:i.name,lng:i.language||"en"};await Ri(t,{to:e,subject:re("reset_password_title",o),html:`Click here to reset your password: ${ct(t.env)}reset-password?state=${r}&code=${n}`,template:"auth-password-reset",data:{vendorName:i.name,logo:i.logo||"",passwordResetUrl:s,supportUrl:i.support_url||"https://support.sesamy.com",buttonColor:i.primary_color||"#7d68f4",passwordResetTitle:re("password_reset_title",o),resetPasswordEmailClickToReset:re("reset_password_email_click_to_reset",o),resetPasswordEmailReset:re("reset_password_email_reset",o),supportInfo:re("support_info",o),contactUs:re("contact_us",o),copyright:re("copyright",o),tenantName:i.name,tenantId:i.id}})}async function lm(t,{to:e,code:n}){const r=await t.env.data.tenants.get(t.var.tenant_id);if(!r)throw new N(500,{message:"Tenant not found"});const{connection:i}=fi(e),s=new URL(ct(t.env)),o={vendorName:r.name,vendorId:r.id,loginDomain:s.hostname,code:n,lng:r.language||"en"};i==="email"?await Ri(t,{to:e,subject:re("code_email_subject",o),html:`Click here to validate your email: ${ct(t.env)}validate-email`,template:"auth-code",data:{code:n,vendorName:r.name,logo:r.logo||"",supportUrl:r.support_url||"",buttonColor:r.primary_color||"",welcomeToYourAccount:re("welcome_to_your_account",o),linkEmailClickToLogin:re("link_email_click_to_login",o),linkEmailLogin:re("link_email_login",o),linkEmailOrEnterCode:re("link_email_or_enter_code",o),codeValid30Mins:re("code_valid_30_minutes",o),supportInfo:re("support_info",o),contactUs:re("contact_us",o),copyright:re("copyright",o)}}):i==="sms"&&await cm(t,{to:e,text:re("sms_code_text",o),code:n,from:r.name});const c=we(t,{type:ge.CODE_LINK_SENT,description:e});It(t,t.env.data.logs.create(r.id,c))}async function Dl(t,{to:e,code:n,authParams:r}){const i=await t.env.data.tenants.get(t.var.tenant_id);if(!i)throw new N(500,{message:"Tenant not found"});if(!r.redirect_uri)throw new N(400,{message:"redirect_uri is required"});const{connection:s}=fi(e),o=new URL(je(t.env));o.pathname="passwordless/verify_redirect",o.searchParams.set("verification_code",n),o.searchParams.set("connection",s),o.searchParams.set("client_id",r.client_id),o.searchParams.set("redirect_uri",r.redirect_uri),o.searchParams.set("email",e),r.response_type&&o.searchParams.set("response_type",r.response_type),r.scope&&o.searchParams.set("scope",r.scope),r.state&&o.searchParams.set("state",r.state),r.nonce&&o.searchParams.set("nonce",r.nonce),r.code_challenge&&o.searchParams.set("code_challenge",r.code_challenge),r.code_challenge_method&&o.searchParams.set("code_challenge_method",r.code_challenge_method),r.audience&&o.searchParams.set("audience",r.audience);const c={vendorName:i.name,code:n,lng:i.language||"en"};if(s==="email")await Ri(t,{to:e,subject:re("code_email_subject",c),html:`Click here to validate your email: ${ct(t.env)}validate-email`,template:"auth-link",data:{code:n,vendorName:i.name,logo:i.logo||"",supportUrl:i.support_url||"",magicLink:o.toString(),buttonColor:i.primary_color||"",welcomeToYourAccount:re("welcome_to_your_account",c),linkEmailClickToLogin:re("link_email_click_to_login",c),linkEmailLogin:re("link_email_login",c),linkEmailOrEnterCode:re("link_email_or_enter_code",c),codeValid30Mins:re("code_valid_30_minutes",c),supportInfo:re("support_info",c),contactUs:re("contact_us",c),copyright:re("copyright",c)}});else if(s==="sms")await cm(t,{to:e,text:`${re("link_sms_login",c)}: ${o.toString()}`,code:n,from:i.name});else throw new N(400,{message:"Only email and SMS connections are supported for magic links"});const d=we(t,{type:ge.CODE_LINK_SENT,description:e});It(t,t.env.data.logs.create(i.id,d))}async function ql(t,e){const n=await t.env.data.tenants.get(t.var.tenant_id);if(!n)throw new N(500,{message:"Tenant not found"});if(!e.email)throw new N(400,{message:"User has no email"});const r={vendorName:n.name,lng:n.language||"en"};await Ri(t,{to:e.email,subject:re("welcome_to_your_account",r),html:`Click here to validate your email: ${ct(t.env)}validate-email`,template:"auth-verify-email",data:{vendorName:n.name,logo:n.logo||"",emailValidationUrl:`${ct(t.env)}validate-email`,supportUrl:n.support_url||"https://support.sesamy.com",buttonColor:n.primary_color||"#7d68f4",welcomeToYourAccount:re("welcome_to_your_account",r),verifyEmailVerify:re("verify_email_verify",r),supportInfo:re("support_info",r),contactUs:re("contact_us",r),copyright:re("copyright",r)}})}async function f4(t,e,n,r){const i=await t.env.data.tenants.get(t.var.tenant_id);if(!i)throw new N(500,{message:"Tenant not found"});const s={vendorName:i.name,lng:i.language||"en"},o=`${ct(t.env)}signup?state=${r}&code=${n}`;await Ri(t,{to:e,subject:re("register_password_account",s),html:`Click here to register: ${o}`,template:"auth-pre-signup-verification",data:{vendorName:i.name,logo:i.logo||"",signupUrl:o,setPassword:re("set_password",s),registerPasswordAccount:re("register_password_account",s),clickToSignUpDescription:re("click_to_sign_up_description",s),supportUrl:i.support_url||"https://support.sesamy.com",buttonColor:i.primary_color||"#7d68f4",welcomeToYourAccount:re("welcome_to_your_account",s),verifyEmailVerify:re("verify_email_verify",s),supportInfo:re("support_info",s),contactUs:re("contact_us",s),copyright:re("copyright",s)}})}const p4=new a.OpenAPIHono().openapi(a.createRoute({tags:["dbconnections"],method:"post",path:"/signup",request:{body:{content:{"application/json":{schema:a.z.object({client_id:a.z.string(),connection:a.z.literal("Username-Password-Authentication"),email:a.z.string().transform(t=>t.toLowerCase()),password:a.z.string()})}}}},responses:{200:{content:{"application/json":{schema:a.z.object({_id:a.z.string(),email:a.z.string().optional(),email_verified:a.z.boolean(),app_metadata:a.z.object({}),user_metadata:a.z.object({})})}},description:"Created user"}}}),async t=>{const{email:e,password:n,client_id:r}=t.req.valid("json"),i=await t.env.data.clients.get(r);if(!i)throw new N(400,{message:"Client not found"});if(t.set("client_id",i.id),t.set("tenant_id",i.tenant.id),!Vl(n))throw new N(400,{message:"Password does not meet the requirements"});if(await xs({userAdapter:t.env.data.users,tenant_id:i.tenant.id,username:e,provider:"auth2"}))throw new N(400,{message:"Invalid sign up"});const o=await t.env.data.users.create(i.tenant.id,{user_id:`auth2|${go()}`,email:e,email_verified:!1,provider:"auth2",connection:"Username-Password-Authentication",is_social:!1});t.set("user_id",o.user_id),t.set("username",o.email),t.set("connection",o.connection);const c=await mi.hash(n,10);await t.env.data.passwords.create(i.tenant.id,{user_id:o.user_id,password:c,algorithm:"bcrypt"}),await ql(t,o);const d=we(t,{type:ge.SUCCESS_SIGNUP,description:"Successful signup"});return await t.env.data.logs.create(i.tenant.id,d),t.json({_id:o.user_id,email:o.email,email_verified:!1,app_metadata:{},user_metadata:{}})}).openapi(a.createRoute({tags:["dbconnections"],method:"post",path:"/change_password",request:{body:{content:{"application/json":{schema:a.z.object({client_id:a.z.string(),connection:a.z.literal("Username-Password-Authentication"),email:a.z.string().transform(t=>t.toLowerCase())})}}}},responses:{200:{description:"Redirect to the client's redirect uri"}}}),async t=>{const{email:e,client_id:n}=t.req.valid("json"),r=await t.env.data.clients.get(n);if(!r)throw new N(400,{message:"Client not found"});if(t.set("client_id",r.id),t.set("tenant_id",r.tenant.id),!await vr({userAdapter:t.env.data.users,tenant_id:r.tenant.id,username:e,provider:"auth2"}))return t.html("If an account with that email exists, we've sent instructions to reset your password.");const s={client_id:n,username:e},o=await t.env.data.loginSessions.create(r.tenant.id,{expires_at:new Date(Date.now()+or*1e3).toISOString(),authParams:s,csrf_token:xe(),...Ot(t.req)});return await dm(t,e,o.id,o.authParams.state),t.html("If an account with that email exists, we've sent instructions to reset your password.")});function Mn(){const t="1234567890";let e="";for(let n=0;n<6;n+=1)e+=t[Math.floor(Math.random()*10)];return e.toString()}const h4=new a.OpenAPIHono().openapi(a.createRoute({tags:["passwordless"],method:"post",path:"/start",request:{body:{content:{"application/json":{schema:a.z.union([a.z.object({connection:a.z.literal("email"),client_id:a.z.string(),email:a.z.string().transform(t=>t.toLowerCase()),send:a.z.enum(["link","code"]),authParams:Jr.omit({client_id:!0})}),a.z.object({client_id:a.z.string(),connection:a.z.literal("sms"),phone_number:a.z.string(),send:a.z.enum(["link","code"]),authParams:Jr.omit({client_id:!0})})])}}}},responses:{200:{description:"Status"}}}),async t=>{const e=t.req.valid("json"),{env:n}=t,{client_id:r,send:i,authParams:s,connection:o}=e,c=await t.env.data.clients.get(r);if(!c)throw new N(400,{message:"Client not found"});t.set("client_id",c.id),t.set("tenant_id",c.tenant.id);const d=o==="email"?e.email:e.phone_number,l=await n.data.loginSessions.create(c.tenant.id,{authParams:{...s,client_id:r,username:d},expires_at:new Date(Date.now()+Wa).toISOString(),csrf_token:xe(),...Ot(t.req)}),u=await n.data.codes.create(c.tenant.id,{code_id:Mn(),code_type:"otp",login_id:l.id,expires_at:new Date(Date.now()+Wa).toISOString()});return i==="link"?await Dl(t,{to:d,code:u.code_id,authParams:{...s,client_id:r}}):await lm(t,{to:d,code:u.code_id}),t.html("OK")}).openapi(a.createRoute({tags:["passwordless"],method:"get",path:"/verify_redirect",request:{query:a.z.object({scope:a.z.string(),response_type:a.z.nativeEnum(Ct),redirect_uri:a.z.string(),state:a.z.string(),nonce:a.z.string().optional(),verification_code:a.z.string(),connection:a.z.string(),client_id:a.z.string(),email:a.z.string().transform(t=>t.toLowerCase()),audience:a.z.string().optional()})},responses:{302:{description:"Status"}}}),async t=>{const{env:e}=t,{client_id:n,email:r,verification_code:i,redirect_uri:s,state:o,scope:c,audience:d,response_type:l,nonce:u}=t.req.valid("query"),p=await Ti(e,n);return t.set("client_id",p.id),t.set("tenant_id",p.tenant.id),t.set("connection","email"),Ul(t,p,{client_id:n,redirect_uri:s,state:o,nonce:u,scope:c,audience:d,response_type:l},r,i,!1,!0)});class Lr extends N{constructor(n,r){super(n,r);te(this,"_code");this._code=r==null?void 0:r.code}get code(){return this._code}}async function Hl(t,e,n,r,i){const{env:s}=t,{username:o}=n;if(t.set("username",o),!o)throw new N(400,{message:"Username is required"});const c=await vr({userAdapter:t.env.data.users,tenant_id:e.tenant.id,username:o,provider:"auth2"});if(!c){const h=we(t,{type:ge.FAILED_LOGIN_INCORRECT_PASSWORD,description:"Invalid user"});throw It(t,t.env.data.logs.create(e.tenant.id,h)),new Lr(403,{message:"User not found",code:"USER_NOT_FOUND"})}const d=c.linked_to?await s.data.users.get(e.tenant.id,c.linked_to):c;if(!d)throw new Lr(403,{message:"User not found",code:"USER_NOT_FOUND"});t.set("connection",c.connection),t.set("user_id",d.user_id);const l=await s.data.passwords.get(e.tenant.id,c.user_id);if(!(l&&await mi.compare(n.password,l.password))){const h=we(t,{type:ge.FAILED_LOGIN_INCORRECT_PASSWORD,description:"Invalid password"});throw It(t,t.env.data.logs.create(e.tenant.id,h)),new Lr(403,{message:"Invalid password",code:"INVALID_PASSWORD"})}if((await s.data.logs.list(e.tenant.id,{page:0,per_page:10,include_totals:!1,q:`user_id:${d.user_id}`})).logs.filter(h=>h.type===ge.FAILED_LOGIN_INCORRECT_PASSWORD&&new Date(h.date)>new Date(Date.now()-1e3*60*5)).length>=3){const h=we(t,{type:ge.FAILED_LOGIN,description:"Too many failed login attempts"});throw It(t,t.env.data.logs.create(e.tenant.id,h)),new Lr(403,{message:"Too many failed login attempts",code:"TOO_MANY_FAILED_LOGINS"})}if(!c.email_verified&&e.email_validation==="enforced"){await ql(t,c);const h=we(t,{type:ge.FAILED_LOGIN,description:"Email not verified"});throw await t.env.data.logs.create(e.tenant.id,h),new Lr(403,{message:"Email not verified",code:"EMAIL_NOT_VERIFIED"})}const w=we(t,{type:ge.SUCCESS_LOGIN,description:"Successful login",strategy_type:"Username-Password-Authentication",strategy:"Username-Password-Authentication"});return It(t,t.env.data.logs.create(e.tenant.id,w)),pn(t,{client:e,authParams:n,user:d,ticketAuth:i,loginSession:r})}async function g4(t,e,n,r){await bo(t,{client:e,username:n,provider:"auth2",connection:"Username-Password-Authentication",isSocial:!1,ip:t.req.header("x-real-ip")});let i=Mn(),s=await t.env.data.codes.get(e.tenant.id,i,"password_reset");for(;s;)i=Mn(),s=await t.env.data.codes.get(e.tenant.id,i,"password_reset");const o=await t.env.data.loginSessions.create(e.tenant.id,{expires_at:new Date(Date.now()+d_).toISOString(),authParams:{client_id:e.id,username:n},csrf_token:xe(),...Ot(t.req)}),c=await t.env.data.codes.create(e.tenant.id,{code_id:i,code_type:"password_reset",login_id:o.id,expires_at:new Date(Date.now()+c_).toISOString()});await dm(t,n,c.code_id,r)}const m4=new a.OpenAPIHono().openapi(a.createRoute({tags:["oauth"],method:"post",path:"/",request:{body:{content:{"application/json":{schema:a.z.union([a.z.object({credential_type:a.z.literal("http://auth0.com/oauth/grant-type/passwordless/otp"),otp:a.z.string(),client_id:a.z.string(),username:a.z.string().transform(t=>t.toLowerCase()),realm:a.z.enum(["email"]),scope:a.z.string().optional()}),a.z.object({credential_type:a.z.literal("http://auth0.com/oauth/grant-type/password-realm"),client_id:a.z.string(),username:a.z.string().transform(t=>t.toLowerCase()),password:a.z.string(),realm:a.z.enum(["Username-Password-Authentication"]),scope:a.z.string().optional()})])}}}},responses:{200:{description:"List of tenants"}}}),async t=>{const e=t.req.valid("json"),{client_id:n,username:r}=e;t.set("username",r);const i=await t.env.data.clients.get(n);if(!i)throw new N(400,{message:"Client not found"});t.set("client_id",n),t.set("tenant_id",i.tenant.id);const s=r.toLocaleLowerCase();if("otp"in e)return Ul(t,i,{client_id:n,username:s},s,e.otp,!0);if("password"in e){const o=await t.env.data.loginSessions.create(i.tenant.id,{expires_at:new Date(Date.now()+or*1e3).toISOString(),authParams:{client_id:n,username:s},csrf_token:xe(),...Ot(t.req)});return Hl(t,i,{username:s,password:e.password,client_id:n},o,!0)}else throw new N(400,{message:"Code or password required"})});function _4(t,e){var r,i,s;if(!t||e.length===0)return!1;const n=((r=Ta(t))==null?void 0:r.host)??null;if(!n)return!1;for(const o of e){let c;if(o.startsWith("http://")||o.startsWith("https://")?c=((i=Ta(o))==null?void 0:i.host)??null:c=((s=Ta("https://"+o))==null?void 0:s.host)??null,n===c)return!0}return!1}function Ta(t){try{return new URL(t)}catch{return null}}async function y4({ctx:t,session:e,client:n,authParams:r,connection:i,login_hint:s}){const o=new URL(t.req.url);t.var.custom_domain&&(o.hostname=t.var.custom_domain);const{ip:c,useragent:d,auth0Client:l}=Ot(t.req),u=await t.env.data.loginSessions.create(n.tenant.id,{expires_at:new Date(Date.now()+or*1e3).toISOString(),authParams:r,csrf_token:xe(),authorization_url:o.toString(),ip:c,useragent:d,auth0Client:l});if(e&&s){const p=await t.env.data.users.get(n.tenant.id,e.user_id);if((p==null?void 0:p.email)===s)return pn(t,{client:n,loginSession:u,authParams:r,user:p,sessionId:e.id})}if(i==="email"&&s){const p=Mn();return await t.env.data.codes.create(n.tenant.id,{code_id:p,code_type:"otp",login_id:u.id,expires_at:new Date(Date.now()+or*1e3).toISOString()}),await Dl(t,{code:p,to:s,authParams:r}),t.redirect(`/u/enter-code?state=${u.id}`)}return e?t.redirect(`/u/check-account?state=${u.id}`):t.redirect(`/u/login/identifier?state=${u.id}`)}function w4(t){if(t==="Username-Password-Authentication")return"auth2";if(t==="email")return"email";throw new N(403,{message:"Invalid realm"})}async function v4(t,e,n,r,i){var m;const{env:s}=t;t.set("connection",i);const o=await s.data.codes.get(e,n,"ticket");if(!o||o.used_at)throw new N(403,{message:"Ticket not found"});const c=await s.data.loginSessions.get(e,o.login_id);if(!c||!c.authParams.username)throw new N(403,{message:"Session not found"});const d=await s.data.clients.get(c.authParams.client_id);if(!d)throw new N(403,{message:"Client not found"});t.set("client_id",c.authParams.client_id),await s.data.codes.used(e,n);const l=w4(i);let u=await bo(t,{username:c.authParams.username,provider:l,client:d,connection:l==="auth2"?"Username-Password-Authentication":"email",isSocial:!1,ip:t.req.header("x-real-ip")});t.set("username",u.email||u.phone_number),t.set("user_id",u.user_id);const p=await G0(t,{user:u,client:d,loginSession:c});return pn(t,{authParams:{scope:(m=c.authParams)==null?void 0:m.scope,...r},loginSession:c,sessionId:p.id,user:u,client:d})}async function Vp(t,e){return`<!DOCTYPE html>
   <html>
   <head>

package/dist/authhero.d.ts CHANGED Viewed

@@ -5093,6 +5093,7 @@ export type Strategy = {
 };
 export type SendSMSParams = {
 	to: string;
+	from?: string;
 	text: string;
 	template: string;
 	options: any;

package/dist/authhero.mjs CHANGED Viewed

@@ -21101,6 +21101,7 @@ async function qg(t, e) {
   await s({
     options: r.options,
     to: e.to,
+    from: e.from,
     text: e.text,
     template: "auth-code",
     data: {
@@ -21177,7 +21178,8 @@ async function Kg(t, { to: e, code: n }) {
   }) : i === "sms" && await qg(t, {
     to: e,
     text: ie("sms_code_text", o),
-    code: n
+    code: n,
+    from: r.name
   });
   const a = be(t, {
     type: ye.CODE_LINK_SENT,
@@ -21228,7 +21230,8 @@ async function Tl(t, { to: e, code: n, authParams: r }) {
     await qg(t, {
       to: e,
       text: `${ie("link_sms_login", a)}: ${o.toString()}`,
-      code: n
+      code: n,
+      from: i.name
     });
   else
     throw new C(400, {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "authhero",
-  "version": "0.127.0",
+  "version": "0.128.0",
   "files": [
     "dist"
   ],