authhero 0.154.0 → 0.156.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/authhero.cjs +1 -1
- package/dist/authhero.mjs +2 -1
- package/package.json +2 -2
package/dist/authhero.cjs
CHANGED
|
@@ -194,7 +194,7 @@ In order to be iterable, non-array objects must have a [Symbol.iterator]() metho
|
|
|
194
194
|
<\/script>
|
|
195
195
|
</body>
|
|
196
196
|
|
|
197
|
-
</html>`}async function n$({ctx:t,client:e,session:n,redirect_uri:r,state:i,nonce:o,code_challenge_method:a,code_challenge:c,audience:d,scope:l,response_type:u}){const{env:f}=t,m=new URL(r),w=`${m.protocol}//${m.host}`;async function h(se="Login required"){const ae=we(t,{type:he.FAILED_SILENT_AUTH,description:se});return await t.env.data.logs.create(e.tenant.id,ae),t.html(eh(w,JSON.stringify({error:"login_required",error_description:se,state:i})))}if(!n||(n==null?void 0:n.expires_at)&&new Date(n.expires_at)<new Date||(n==null?void 0:n.idle_expires_at)&&new Date(n.idle_expires_at)<new Date)return h();t.set("user_id",n.user_id);const v=await f.data.users.get(e.tenant.id,n.user_id);if(!v)return console.error("User not found",n.user_id),h("User not found");t.set("username",v.email),t.set("connection",v.connection);const b={client:e,authParams:{client_id:e.id,audience:d,code_challenge_method:a,code_challenge:c,scope:l,state:i,nonce:o,response_type:u},user:v,session_id:n.id},E=u===it.CODE?await y0(t,{user:v,client:e,authParams:b.authParams,login_id:n.login_session_id}):await As(t,b);await f.data.sessions.update(e.tenant.id,n.id,{used_at:new Date().toISOString(),last_interaction_at:new Date().toISOString(),device:{...n.device,last_ip:t.req.header("x-real-ip")||"",last_user_agent:t.req.header("user-agent")||""},idle_expires_at:n.idle_expires_at?new Date(Date.now()+ks*1e3).toISOString():void 0});const C=we(t,{type:he.SUCCESS_SILENT_AUTH,description:"Successful silent authentication"});await t.env.data.logs.create(e.tenant.id,C);const L=new Headers;L.set("Server-Timing","cf-nel=0; no-cloudflare-insights=1");const Y=rc(e.tenant.id,n.id,t.req.header("host"));return L.set("set-cookie",Y),t.html(eh(w,JSON.stringify(E)),{headers:L})}const r$=new s.OpenAPIHono().openapi(s.createRoute({tags:["oauth"],method:"get",path:"/",request:{query:s.z.object({client_id:s.z.string(),vendor_id:s.z.string().optional(),redirect_uri:s.z.string(),scope:s.z.string().optional(),state:s.z.string(),prompt:s.z.string().optional(),response_mode:s.z.nativeEnum(Dt).optional(),response_type:s.z.nativeEnum(it).optional(),audience:s.z.string().optional(),connection:s.z.string().optional(),nonce:s.z.string().optional(),max_age:s.z.string().optional(),login_ticket:s.z.string().optional(),code_challenge_method:s.z.nativeEnum(vs).optional(),code_challenge:s.z.string().optional(),realm:s.z.string().optional(),auth0Client:s.z.string().optional(),organization:s.z.string().optional(),login_hint:s.z.string().optional(),screen_hint:s.z.string().openapi({example:"signup",description:'Optional hint for the screen to show, like "signup" or "login".'}).optional(),ui_locales:s.z.string().optional()})},responses:{200:{description:"Successful authorization response. This can be an HTML page (e.g., for silent authentication iframe or universal login page) or a JSON object containing tokens (e.g., for response_mode=web_message).",content:{"text/html":{schema:s.z.string().openapi({example:"<html>...</html>"})},"application/json":{schema:Vd}}},302:{description:"Redirect to the client's redirect URI, an authentication page, or an external identity provider.",headers:s.z.object({Location:s.z.string().url()})},400:{description:"Bad Request. Invalid parameters or other client-side errors.",content:{"application/json":{schema:s.z.object({message:s.z.string()})}}},403:{description:"Forbidden. The request is not allowed (e.g., invalid origin).",content:{"application/json":{schema:s.z.object({message:s.z.string()})}}}}}),async t=>{const{env:e}=t,{client_id:n,vendor_id:r,redirect_uri:i,scope:o,state:a,audience:c,nonce:d,connection:l,response_type:u,response_mode:f,code_challenge:m,code_challenge_method:w,prompt:h,login_ticket:y,realm:v,auth0Client:b,login_hint:E,ui_locales:C,organization:L}=t.req.valid("query");t.set("log","authorize");const Y=await Ui(e,n);t.set("client_id",Y.id),t.set("tenant_id",Y.tenant.id);const se={redirect_uri:i,scope:o,state:a,client_id:n,vendor_id:r,audience:c,nonce:d,prompt:h,response_type:u,response_mode:f,code_challenge:m,code_challenge_method:w,username:E,ui_locales:C,organization:L},ae=t.req.header("origin");if(ae&&!Y4(ae,Y.web_origins||[]))throw new A(403,{message:`Origin ${ae} not allowed`});if(se.redirect_uri&&!xm(se.redirect_uri,Y.callbacks||[],{allowPathWildcards:!0}))throw new A(400,{message:`Invalid redirect URI - ${se.redirect_uri}`});const Se=zo(Y.tenant.id,t.req.header("cookie")),ze=Se?await e.data.sessions.get(Y.tenant.id,Se):void 0,Ce=ze&&!ze.revoked_at?ze:void 0;if(h=="none"){if(!u)throw new A(400,{message:"Missing response_type"});return n$({ctx:t,session:Ce||void 0,redirect_uri:i,state:a,response_type:u,client:Y,nonce:d,code_challenge_method:w,code_challenge:m,audience:c,scope:o})}if(l&&l!=="email")return Eb(t,Y,l,se);if(y){const N=await t$(t,Y.tenant.id,y,se,v);return N instanceof Response?N:t.json(N)}const j=await Q4({ctx:t,client:Y,auth0Client:b,authParams:se,session:Ce||void 0,connection:l,login_hint:E});return j instanceof Response?j:t.json(j)});function i$(t){const e=new s.OpenAPIHono;e.use(async(r,i)=>{const o=Es(r,t.dataAdapter),a=Vl(o,{defaultTtl:3e5,cacheEntities:["tenants","connections","clients"]});return r.env.data=Fl(r,a),i()}),e.use("/oauth/token",bh({origin:r=>r||"",allowHeaders:["Tenant-Id","Content-Type","Auth0-Client","Upgrade-Insecure-Requests"],allowMethods:["POST"],maxAge:600})),e.use(Dl).use(fm(e));const n=e.route("/v2/logout",Nb).route("/userinfo",Cb).route("/.well-known",jb).route("/oauth/token",H4).route("/dbconnections",W4).route("/passwordless",J4).route("/co/authenticate",Z4).route("/authorize",r$).route("/callback",zb);return n.doc("/spec",{openapi:"3.0.0",info:{version:"1.0.0",title:"Oauth API"},security:[{oauth2:["openid","email","profile"]}]}),pm(n),n}var o$={Stringify:1,BeforeStream:2,Stream:3},yt=(t,e)=>{const n=new String(t);return n.isEscaped=!0,n.callbacks=e,n},s$=/[&<>'"]/,Bm=async(t,e)=>{let n="";e||(e=[]);const r=await Promise.all(t);for(let i=r.length-1;n+=r[i],i--,!(i<0);i--){let o=r[i];typeof o=="object"&&e.push(...o.callbacks||[]);const a=o.isEscaped;if(o=await(typeof o=="object"?o.toString():o),typeof o=="object"&&e.push(...o.callbacks||[]),o.isEscaped??a)n+=o;else{const c=[n];dn(o,c),n=c[0]}}return yt(n,e)},dn=(t,e)=>{const n=t.search(s$);if(n===-1){e[0]+=t;return}let r,i,o=0;for(i=n;i<t.length;i++){switch(t.charCodeAt(i)){case 34:r=""";break;case 39:r="'";break;case 38:r="&";break;case 60:r="<";break;case 62:r=">";break;default:continue}e[0]+=t.substring(o,i)+r,o=i+1}e[0]+=t.substring(o,i)},Lm=t=>{const e=t.callbacks;if(!(e!=null&&e.length))return t;const n=[t],r={};return e.forEach(i=>i({phase:o$.Stringify,buffer:n,context:r})),n[0]},Um=(t,...e)=>{const n=[""];for(let r=0,i=t.length-1;r<i;r++){n[0]+=t[r];const o=Array.isArray(e[r])?e[r].flat(1/0):[e[r]];for(let a=0,c=o.length;a<c;a++){const d=o[a];if(typeof d=="string")dn(d,n);else if(typeof d=="number")n[0]+=d;else{if(typeof d=="boolean"||d===null||d===void 0)continue;if(typeof d=="object"&&d.isEscaped)if(d.callbacks)n.unshift("",d);else{const l=d.toString();l instanceof Promise?n.unshift("",l):n[0]+=l}else d instanceof Promise?n.unshift("",d):dn(d.toString(),n)}}}return n[0]+=t.at(-1),n.length===1?"callbacks"in n?yt(Lm(yt(n[0],n.callbacks))):yt(n[0]):Bm(n,n.callbacks)},nu=Symbol("RENDERER"),Cd=Symbol("ERROR_HANDLER"),Ee=Symbol("STASH"),Mm=Symbol("INTERNAL"),a$=Symbol("MEMO"),hs=Symbol("PERMALINK"),th=t=>(t[Mm]=!0,t),Fm=t=>({value:e,children:n})=>{if(!n)return;const r={children:[{tag:th(()=>{t.push(e)}),props:{}}]};Array.isArray(n)?r.children.push(...n.flat()):r.children.push(n),r.children.push({tag:th(()=>{t.pop()}),props:{}});const i={tag:"",props:r,type:""};return i[Cd]=o=>{throw t.pop(),o},i},Dm=t=>{const e=[t],n=Fm(e);return n.values=e,n.Provider=n,br.push(n),n},br=[],c$=t=>{const e=[t],n=r=>{e.push(r.value);let i;try{i=r.children?(Array.isArray(r.children)?new Km("",{},r.children):r.children).toString():""}finally{e.pop()}return i instanceof Promise?i.then(o=>yt(o,o.callbacks)):yt(i)};return n.values=e,n.Provider=n,n[nu]=Fm(e),br.push(n),n},Tr=t=>t.values.at(-1),uo={title:[],script:["src"],style:["data-href"],link:["href"],meta:["name","httpEquiv","charset","itemProp"]},jd={},po="data-precedence",Fi=t=>Array.isArray(t)?t:[t],nh=new WeakMap,rh=(t,e,n,r)=>({buffer:i,context:o})=>{if(!i)return;const a=nh.get(o)||{};nh.set(o,a);const c=a[t]||(a[t]=[]);let d=!1;const l=uo[t];if(l.length>0){e:for(const[,u]of c)for(const f of l)if(((u==null?void 0:u[f])??null)===(n==null?void 0:n[f])){d=!0;break e}}if(d?i[0]=i[0].replaceAll(e,""):l.length>0?c.push([e,n,r]):c.unshift([e,n,r]),i[0].indexOf("</head>")!==-1){let u;if(r===void 0)u=c.map(([f])=>f);else{const f=[];u=c.map(([m,,w])=>{let h=f.indexOf(w);return h===-1&&(f.push(w),h=f.length-1),[m,h]}).sort((m,w)=>m[1]-w[1]).map(([m])=>m)}u.forEach(f=>{i[0]=i[0].replaceAll(f,"")}),i[0]=i[0].replace(/(?=<\/head>)/,u.join(""))}},Di=(t,e,n)=>yt(new wt(t,n,Fi(e??[])).toString()),Vi=(t,e,n,r)=>{if("itemProp"in n)return Di(t,e,n);let{precedence:i,blocking:o,...a}=n;i=r?i??"":void 0,r&&(a[po]=i);const c=new wt(t,a,Fi(e||[])).toString();return c instanceof Promise?c.then(d=>yt(c,[...d.callbacks||[],rh(t,d,a,i)])):yt(c,[rh(t,c,a,i)])},d$=({children:t,...e})=>{const n=ru();if(n){const r=Tr(n);if(r==="svg"||r==="head")return new wt("title",e,Fi(t??[]))}return Vi("title",t,e,!1)},l$=({children:t,...e})=>{const n=ru();return["src","async"].some(r=>!e[r])||n&&Tr(n)==="head"?Di("script",t,e):Vi("script",t,e,!1)},u$=({children:t,...e})=>["href","precedence"].every(n=>n in e)?(e["data-href"]=e.href,delete e.href,Vi("style",t,e,!0)):Di("style",t,e),p$=({children:t,...e})=>["onLoad","onError"].some(n=>n in e)||e.rel==="stylesheet"&&(!("precedence"in e)||"disabled"in e)?Di("link",t,e):Vi("link",t,e,"precedence"in e),f$=({children:t,...e})=>{const n=ru();return n&&Tr(n)==="head"?Di("meta",t,e):Vi("meta",t,e,!1)},Vm=(t,{children:e,...n})=>new wt(t,n,Fi(e??[])),h$=t=>(typeof t.action=="function"&&(t.action=hs in t.action?t.action[hs]:void 0),Vm("form",t)),qm=(t,e)=>(typeof e.formAction=="function"&&(e.formAction=hs in e.formAction?e.formAction[hs]:void 0),Vm(t,e)),g$=t=>qm("input",t),m$=t=>qm("button",t);const qa=Object.freeze(Object.defineProperty({__proto__:null,button:m$,form:h$,input:g$,link:p$,meta:f$,script:l$,style:u$,title:d$},Symbol.toStringTag,{value:"Module"}));var _$=new Map([["className","class"],["htmlFor","for"],["crossOrigin","crossorigin"],["httpEquiv","http-equiv"],["itemProp","itemprop"],["fetchPriority","fetchpriority"],["noModule","nomodule"],["formAction","formaction"]]),gs=t=>_$.get(t)||t,Hm=(t,e)=>{for(const[n,r]of Object.entries(t)){const i=n[0]==="-"||!/[A-Z]/.test(n)?n:n.replace(/[A-Z]/g,o=>`-${o.toLowerCase()}`);e(i,r==null?null:typeof r=="number"?i.match(/^(?:a|border-im|column(?:-c|s)|flex(?:$|-[^b])|grid-(?:ar|[^a])|font-w|li|or|sca|st|ta|wido|z)|ty$/)?`${r}`:`${r}px`:r)}},_i=void 0,ru=()=>_i,y$=t=>/[A-Z]/.test(t)&&t.match(/^(?:al|basel|clip(?:Path|Rule)$|co|do|fill|fl|fo|gl|let|lig|i|marker[EMS]|o|pai|pointe|sh|st[or]|text[^L]|tr|u|ve|w)/)?t.replace(/([A-Z])/g,"-$1").toLowerCase():t,w$=["area","base","br","col","embed","hr","img","input","keygen","link","meta","param","source","track","wbr"],v$=["allowfullscreen","async","autofocus","autoplay","checked","controls","default","defer","disabled","download","formnovalidate","hidden","inert","ismap","itemscope","loop","multiple","muted","nomodule","novalidate","open","playsinline","readonly","required","reversed","selected"],iu=(t,e)=>{for(let n=0,r=t.length;n<r;n++){const i=t[n];if(typeof i=="string")dn(i,e);else{if(typeof i=="boolean"||i===null||i===void 0)continue;i instanceof wt?i.toStringToBuffer(e):typeof i=="number"||i.isEscaped?e[0]+=i:i instanceof Promise?e.unshift("",i):iu(i,e)}}},wt=class{constructor(t,e,n){te(this,"tag");te(this,"props");te(this,"key");te(this,"children");te(this,"isEscaped",!0);te(this,"localContexts");this.tag=t,this.props=e,this.children=n}get type(){return this.tag}get ref(){return this.props.ref||null}toString(){var e,n;const t=[""];(e=this.localContexts)==null||e.forEach(([r,i])=>{r.values.push(i)});try{this.toStringToBuffer(t)}finally{(n=this.localContexts)==null||n.forEach(([r])=>{r.values.pop()})}return t.length===1?"callbacks"in t?Lm(yt(t[0],t.callbacks)).toString():t[0]:Bm(t,t.callbacks)}toStringToBuffer(t){const e=this.tag,n=this.props;let{children:r}=this;t[0]+=`<${e}`;const i=_i&&Tr(_i)==="svg"?o=>y$(gs(o)):o=>gs(o);for(let[o,a]of Object.entries(n))if(o=i(o),o!=="children"){if(o==="style"&&typeof a=="object"){let c="";Hm(a,(d,l)=>{l!=null&&(c+=`${c?";":""}${d}:${l}`)}),t[0]+=' style="',dn(c,t),t[0]+='"'}else if(typeof a=="string")t[0]+=` ${o}="`,dn(a,t),t[0]+='"';else if(a!=null)if(typeof a=="number"||a.isEscaped)t[0]+=` ${o}="${a}"`;else if(typeof a=="boolean"&&v$.includes(o))a&&(t[0]+=` ${o}=""`);else if(o==="dangerouslySetInnerHTML"){if(r.length>0)throw"Can only set one of `children` or `props.dangerouslySetInnerHTML`.";r=[yt(a.__html)]}else if(a instanceof Promise)t[0]+=` ${o}="`,t.unshift('"',a);else if(typeof a=="function"){if(!o.startsWith("on"))throw`Invalid prop '${o}' of type 'function' supplied to '${e}'.`}else t[0]+=` ${o}="`,dn(a.toString(),t),t[0]+='"'}if(w$.includes(e)&&r.length===0){t[0]+="/>";return}t[0]+=">",iu(r,t),t[0]+=`</${e}>`}},Ha=class extends wt{toStringToBuffer(t){const{children:e}=this,n=this.tag.call(null,{...this.props,children:e.length<=1?e[0]:e});if(!(typeof n=="boolean"||n==null))if(n instanceof Promise)if(br.length===0)t.unshift("",n);else{const r=br.map(i=>[i,i.values.at(-1)]);t.unshift("",n.then(i=>(i instanceof wt&&(i.localContexts=r),i)))}else n instanceof wt?n.toStringToBuffer(t):typeof n=="number"||n.isEscaped?(t[0]+=n,n.callbacks&&(t.callbacks||(t.callbacks=[]),t.callbacks.push(...n.callbacks))):dn(n,t)}},Km=class extends wt{toStringToBuffer(t){iu(this.children,t)}},b$=(t,e,...n)=>{e??(e={}),n.length&&(e.children=n.length===1?n[0]:n);const r=e.key;delete e.key;const i=fo(t,e,n);return i.key=r,i},ih=!1,fo=(t,e,n)=>{if(!ih){for(const r in jd)qa[r][nu]=jd[r];ih=!0}return typeof t=="function"?new Ha(t,e,n):qa[t]?new Ha(qa[t],e,n):t==="svg"||t==="head"?(_i||(_i=c$("")),new wt(t,e,[new Ha(_i,{value:t},n)])):new wt(t,e,n)},ou=({children:t})=>new Km("",{children:t},Array.isArray(t)?t:t?[t]:[]),$$=(t,e,...n)=>b$(t.tag,{...t.props,...e},...n);function _(t,e,n){let r;if(!e||!("children"in e))r=fo(t,e,[]);else{const i=e.children;r=Array.isArray(i)?fo(t,e,i):fo(t,e,[i])}return r.key=n,r}const oh={name:"sesamy",logoUrl:"https://assets.sesamy.com/static/images/email/sesamy-logo.png",style:{primaryColor:"#7D68F4",buttonTextColor:"#FFFFFF",primaryHoverColor:"#A091F2"},loginBackgroundImage:"",checkoutHideSocial:!1,supportEmail:"support@sesamy.com",supportUrl:"https://support.sesamy.com",siteUrl:"https://sesamy.com",termsAndConditionsUrl:"https://store.sesamy.com/pages/terms-of-service",manageSubscriptionsUrl:"https://account.sesamy.com/manage-subscriptions"};async function Gm(t,e,n){if(!n&&!e)return oh;const r=n||e;try{const i=await fetch(`${t.API_URL}/profile/vendors/${r}/style`);if(!i.ok)throw new Error("Failed to fetch vendor settings");const o=await i.json();return Uh.parse(o)}catch(i){return console.error(i),oh}}async function ke(t,e,n=!1){var l;const{env:r}=t,i=await r.data.loginSessions.get(t.var.tenant_id||"",e);if(!i)throw new A(400,{message:"Login session not found"});t.set("loginSession",i);const o=await Ui(r,i.authParams.client_id);t.set("client_id",o.id),t.set("tenant_id",o.tenant.id);const a=await r.data.tenants.get(o.tenant.id);if(a){if(i.session_id&&!n)throw new A(400,{message:"Login session closed"})}else throw new A(400,{message:"Tenant not found"});const c=await Gm(r,o.id,i.authParams.vendor_id),d=(l=i.authParams.ui_locales)==null?void 0:l.split(" ").map(u=>u.split("-")[0]).find(u=>{if(Array.isArray(O.options.supportedLngs))return O.options.supportedLngs.includes(u)});return await O.changeLanguage(d||a.language||"sv"),{vendorSettings:{...c,termsAndConditionsUrl:o.id==="fokus-app"?"https://www.fokus.se/kopvillkor-app/":c.termsAndConditionsUrl},client:o,tenant:a,loginSession:i}}async function x$(t,e,n,r){if(r!==void 0)return r==="password";const i=await zs({userAdapter:t.env.data.users,tenant_id:e.tenant.id,email:n});if(i){const a=await t.env.data.logs.list(e.tenant.id,{page:0,per_page:10,include_totals:!1,sort:{sort_by:"date",sort_order:"desc"},q:`type:${he.SUCCESS_LOGIN} user_id:${i.user_id}`}),[c]=a.logs.filter(d=>d.strategy&&["Username-Password-Authentication","passwordless","email"].includes(d.strategy));if(c)return c.strategy==="Username-Password-Authentication"}return(await t.env.data.promptSettings.get(e.tenant.id)).password_first}const Wm=({vendorSettings:t})=>t!=null&&t.logoUrl?_("div",{className:"flex h-9 items-center",children:_("img",{src:t.logoUrl,className:"max-h-full",alt:"Vendor logo"})}):_(ou,{}),Jm=({vendorSettings:t})=>{const{termsAndConditionsUrl:e}=t;return _("div",{className:"mt-8",children:e&&_("div",{className:"text-xs text-gray-300",children:[O.t("agree_to")," ",_("a",{href:e,className:"text-primary hover:underline",target:"_blank",rel:"noreferrer",children:O.t("terms")})]})})};var Xm={exports:{}};/*!
|
|
197
|
+
</html>`}async function n$({ctx:t,client:e,session:n,redirect_uri:r,state:i,nonce:o,code_challenge_method:a,code_challenge:c,audience:d,scope:l,response_type:u}){const{env:f}=t,m=new URL(r),w=`${m.protocol}//${m.host}`;async function h(se="Login required"){const ae=we(t,{type:he.FAILED_SILENT_AUTH,description:se});return await t.env.data.logs.create(e.tenant.id,ae),t.html(eh(w,JSON.stringify({error:"login_required",error_description:se,state:i})))}if(!n||(n==null?void 0:n.expires_at)&&new Date(n.expires_at)<new Date||(n==null?void 0:n.idle_expires_at)&&new Date(n.idle_expires_at)<new Date)return h();t.set("user_id",n.user_id);const v=await f.data.users.get(e.tenant.id,n.user_id);if(!v)return console.error("User not found",n.user_id),h("User not found");t.set("username",v.email),t.set("connection",v.connection);const b={client:e,authParams:{client_id:e.id,audience:d,code_challenge_method:a,code_challenge:c,scope:l,state:i,nonce:o,response_type:u,redirect_uri:r},user:v,session_id:n.id},E=u===it.CODE?await y0(t,{user:v,client:e,authParams:b.authParams,login_id:n.login_session_id}):await As(t,b);await f.data.sessions.update(e.tenant.id,n.id,{used_at:new Date().toISOString(),last_interaction_at:new Date().toISOString(),device:{...n.device,last_ip:t.req.header("x-real-ip")||"",last_user_agent:t.req.header("user-agent")||""},idle_expires_at:n.idle_expires_at?new Date(Date.now()+ks*1e3).toISOString():void 0});const C=we(t,{type:he.SUCCESS_SILENT_AUTH,description:"Successful silent authentication"});await t.env.data.logs.create(e.tenant.id,C);const L=new Headers;L.set("Server-Timing","cf-nel=0; no-cloudflare-insights=1");const Y=rc(e.tenant.id,n.id,t.req.header("host"));return L.set("set-cookie",Y),t.html(eh(w,JSON.stringify(E)),{headers:L})}const r$=new s.OpenAPIHono().openapi(s.createRoute({tags:["oauth"],method:"get",path:"/",request:{query:s.z.object({client_id:s.z.string(),vendor_id:s.z.string().optional(),redirect_uri:s.z.string(),scope:s.z.string().optional(),state:s.z.string(),prompt:s.z.string().optional(),response_mode:s.z.nativeEnum(Dt).optional(),response_type:s.z.nativeEnum(it).optional(),audience:s.z.string().optional(),connection:s.z.string().optional(),nonce:s.z.string().optional(),max_age:s.z.string().optional(),login_ticket:s.z.string().optional(),code_challenge_method:s.z.nativeEnum(vs).optional(),code_challenge:s.z.string().optional(),realm:s.z.string().optional(),auth0Client:s.z.string().optional(),organization:s.z.string().optional(),login_hint:s.z.string().optional(),screen_hint:s.z.string().openapi({example:"signup",description:'Optional hint for the screen to show, like "signup" or "login".'}).optional(),ui_locales:s.z.string().optional()})},responses:{200:{description:"Successful authorization response. This can be an HTML page (e.g., for silent authentication iframe or universal login page) or a JSON object containing tokens (e.g., for response_mode=web_message).",content:{"text/html":{schema:s.z.string().openapi({example:"<html>...</html>"})},"application/json":{schema:Vd}}},302:{description:"Redirect to the client's redirect URI, an authentication page, or an external identity provider.",headers:s.z.object({Location:s.z.string().url()})},400:{description:"Bad Request. Invalid parameters or other client-side errors.",content:{"application/json":{schema:s.z.object({message:s.z.string()})}}},403:{description:"Forbidden. The request is not allowed (e.g., invalid origin).",content:{"application/json":{schema:s.z.object({message:s.z.string()})}}}}}),async t=>{const{env:e}=t,{client_id:n,vendor_id:r,redirect_uri:i,scope:o,state:a,audience:c,nonce:d,connection:l,response_type:u,response_mode:f,code_challenge:m,code_challenge_method:w,prompt:h,login_ticket:y,realm:v,auth0Client:b,login_hint:E,ui_locales:C,organization:L}=t.req.valid("query");t.set("log","authorize");const Y=await Ui(e,n);t.set("client_id",Y.id),t.set("tenant_id",Y.tenant.id);const se={redirect_uri:i,scope:o,state:a,client_id:n,vendor_id:r,audience:c,nonce:d,prompt:h,response_type:u,response_mode:f,code_challenge:m,code_challenge_method:w,username:E,ui_locales:C,organization:L},ae=t.req.header("origin");if(ae&&!Y4(ae,Y.web_origins||[]))throw new A(403,{message:`Origin ${ae} not allowed`});if(se.redirect_uri&&!xm(se.redirect_uri,Y.callbacks||[],{allowPathWildcards:!0}))throw new A(400,{message:`Invalid redirect URI - ${se.redirect_uri}`});const Se=zo(Y.tenant.id,t.req.header("cookie")),ze=Se?await e.data.sessions.get(Y.tenant.id,Se):void 0,Ce=ze&&!ze.revoked_at?ze:void 0;if(h=="none"){if(!u)throw new A(400,{message:"Missing response_type"});return n$({ctx:t,session:Ce||void 0,redirect_uri:i,state:a,response_type:u,client:Y,nonce:d,code_challenge_method:w,code_challenge:m,audience:c,scope:o})}if(l&&l!=="email")return Eb(t,Y,l,se);if(y){const N=await t$(t,Y.tenant.id,y,se,v);return N instanceof Response?N:t.json(N)}const j=await Q4({ctx:t,client:Y,auth0Client:b,authParams:se,session:Ce||void 0,connection:l,login_hint:E});return j instanceof Response?j:t.json(j)});function i$(t){const e=new s.OpenAPIHono;e.use(async(r,i)=>{const o=Es(r,t.dataAdapter),a=Vl(o,{defaultTtl:3e5,cacheEntities:["tenants","connections","clients"]});return r.env.data=Fl(r,a),i()}),e.use("/oauth/token",bh({origin:r=>r||"",allowHeaders:["Tenant-Id","Content-Type","Auth0-Client","Upgrade-Insecure-Requests"],allowMethods:["POST"],maxAge:600})),e.use(Dl).use(fm(e));const n=e.route("/v2/logout",Nb).route("/userinfo",Cb).route("/.well-known",jb).route("/oauth/token",H4).route("/dbconnections",W4).route("/passwordless",J4).route("/co/authenticate",Z4).route("/authorize",r$).route("/callback",zb);return n.doc("/spec",{openapi:"3.0.0",info:{version:"1.0.0",title:"Oauth API"},security:[{oauth2:["openid","email","profile"]}]}),pm(n),n}var o$={Stringify:1,BeforeStream:2,Stream:3},yt=(t,e)=>{const n=new String(t);return n.isEscaped=!0,n.callbacks=e,n},s$=/[&<>'"]/,Bm=async(t,e)=>{let n="";e||(e=[]);const r=await Promise.all(t);for(let i=r.length-1;n+=r[i],i--,!(i<0);i--){let o=r[i];typeof o=="object"&&e.push(...o.callbacks||[]);const a=o.isEscaped;if(o=await(typeof o=="object"?o.toString():o),typeof o=="object"&&e.push(...o.callbacks||[]),o.isEscaped??a)n+=o;else{const c=[n];dn(o,c),n=c[0]}}return yt(n,e)},dn=(t,e)=>{const n=t.search(s$);if(n===-1){e[0]+=t;return}let r,i,o=0;for(i=n;i<t.length;i++){switch(t.charCodeAt(i)){case 34:r=""";break;case 39:r="'";break;case 38:r="&";break;case 60:r="<";break;case 62:r=">";break;default:continue}e[0]+=t.substring(o,i)+r,o=i+1}e[0]+=t.substring(o,i)},Lm=t=>{const e=t.callbacks;if(!(e!=null&&e.length))return t;const n=[t],r={};return e.forEach(i=>i({phase:o$.Stringify,buffer:n,context:r})),n[0]},Um=(t,...e)=>{const n=[""];for(let r=0,i=t.length-1;r<i;r++){n[0]+=t[r];const o=Array.isArray(e[r])?e[r].flat(1/0):[e[r]];for(let a=0,c=o.length;a<c;a++){const d=o[a];if(typeof d=="string")dn(d,n);else if(typeof d=="number")n[0]+=d;else{if(typeof d=="boolean"||d===null||d===void 0)continue;if(typeof d=="object"&&d.isEscaped)if(d.callbacks)n.unshift("",d);else{const l=d.toString();l instanceof Promise?n.unshift("",l):n[0]+=l}else d instanceof Promise?n.unshift("",d):dn(d.toString(),n)}}}return n[0]+=t.at(-1),n.length===1?"callbacks"in n?yt(Lm(yt(n[0],n.callbacks))):yt(n[0]):Bm(n,n.callbacks)},nu=Symbol("RENDERER"),Cd=Symbol("ERROR_HANDLER"),Ee=Symbol("STASH"),Mm=Symbol("INTERNAL"),a$=Symbol("MEMO"),hs=Symbol("PERMALINK"),th=t=>(t[Mm]=!0,t),Fm=t=>({value:e,children:n})=>{if(!n)return;const r={children:[{tag:th(()=>{t.push(e)}),props:{}}]};Array.isArray(n)?r.children.push(...n.flat()):r.children.push(n),r.children.push({tag:th(()=>{t.pop()}),props:{}});const i={tag:"",props:r,type:""};return i[Cd]=o=>{throw t.pop(),o},i},Dm=t=>{const e=[t],n=Fm(e);return n.values=e,n.Provider=n,br.push(n),n},br=[],c$=t=>{const e=[t],n=r=>{e.push(r.value);let i;try{i=r.children?(Array.isArray(r.children)?new Km("",{},r.children):r.children).toString():""}finally{e.pop()}return i instanceof Promise?i.then(o=>yt(o,o.callbacks)):yt(i)};return n.values=e,n.Provider=n,n[nu]=Fm(e),br.push(n),n},Tr=t=>t.values.at(-1),uo={title:[],script:["src"],style:["data-href"],link:["href"],meta:["name","httpEquiv","charset","itemProp"]},jd={},po="data-precedence",Fi=t=>Array.isArray(t)?t:[t],nh=new WeakMap,rh=(t,e,n,r)=>({buffer:i,context:o})=>{if(!i)return;const a=nh.get(o)||{};nh.set(o,a);const c=a[t]||(a[t]=[]);let d=!1;const l=uo[t];if(l.length>0){e:for(const[,u]of c)for(const f of l)if(((u==null?void 0:u[f])??null)===(n==null?void 0:n[f])){d=!0;break e}}if(d?i[0]=i[0].replaceAll(e,""):l.length>0?c.push([e,n,r]):c.unshift([e,n,r]),i[0].indexOf("</head>")!==-1){let u;if(r===void 0)u=c.map(([f])=>f);else{const f=[];u=c.map(([m,,w])=>{let h=f.indexOf(w);return h===-1&&(f.push(w),h=f.length-1),[m,h]}).sort((m,w)=>m[1]-w[1]).map(([m])=>m)}u.forEach(f=>{i[0]=i[0].replaceAll(f,"")}),i[0]=i[0].replace(/(?=<\/head>)/,u.join(""))}},Di=(t,e,n)=>yt(new wt(t,n,Fi(e??[])).toString()),Vi=(t,e,n,r)=>{if("itemProp"in n)return Di(t,e,n);let{precedence:i,blocking:o,...a}=n;i=r?i??"":void 0,r&&(a[po]=i);const c=new wt(t,a,Fi(e||[])).toString();return c instanceof Promise?c.then(d=>yt(c,[...d.callbacks||[],rh(t,d,a,i)])):yt(c,[rh(t,c,a,i)])},d$=({children:t,...e})=>{const n=ru();if(n){const r=Tr(n);if(r==="svg"||r==="head")return new wt("title",e,Fi(t??[]))}return Vi("title",t,e,!1)},l$=({children:t,...e})=>{const n=ru();return["src","async"].some(r=>!e[r])||n&&Tr(n)==="head"?Di("script",t,e):Vi("script",t,e,!1)},u$=({children:t,...e})=>["href","precedence"].every(n=>n in e)?(e["data-href"]=e.href,delete e.href,Vi("style",t,e,!0)):Di("style",t,e),p$=({children:t,...e})=>["onLoad","onError"].some(n=>n in e)||e.rel==="stylesheet"&&(!("precedence"in e)||"disabled"in e)?Di("link",t,e):Vi("link",t,e,"precedence"in e),f$=({children:t,...e})=>{const n=ru();return n&&Tr(n)==="head"?Di("meta",t,e):Vi("meta",t,e,!1)},Vm=(t,{children:e,...n})=>new wt(t,n,Fi(e??[])),h$=t=>(typeof t.action=="function"&&(t.action=hs in t.action?t.action[hs]:void 0),Vm("form",t)),qm=(t,e)=>(typeof e.formAction=="function"&&(e.formAction=hs in e.formAction?e.formAction[hs]:void 0),Vm(t,e)),g$=t=>qm("input",t),m$=t=>qm("button",t);const qa=Object.freeze(Object.defineProperty({__proto__:null,button:m$,form:h$,input:g$,link:p$,meta:f$,script:l$,style:u$,title:d$},Symbol.toStringTag,{value:"Module"}));var _$=new Map([["className","class"],["htmlFor","for"],["crossOrigin","crossorigin"],["httpEquiv","http-equiv"],["itemProp","itemprop"],["fetchPriority","fetchpriority"],["noModule","nomodule"],["formAction","formaction"]]),gs=t=>_$.get(t)||t,Hm=(t,e)=>{for(const[n,r]of Object.entries(t)){const i=n[0]==="-"||!/[A-Z]/.test(n)?n:n.replace(/[A-Z]/g,o=>`-${o.toLowerCase()}`);e(i,r==null?null:typeof r=="number"?i.match(/^(?:a|border-im|column(?:-c|s)|flex(?:$|-[^b])|grid-(?:ar|[^a])|font-w|li|or|sca|st|ta|wido|z)|ty$/)?`${r}`:`${r}px`:r)}},_i=void 0,ru=()=>_i,y$=t=>/[A-Z]/.test(t)&&t.match(/^(?:al|basel|clip(?:Path|Rule)$|co|do|fill|fl|fo|gl|let|lig|i|marker[EMS]|o|pai|pointe|sh|st[or]|text[^L]|tr|u|ve|w)/)?t.replace(/([A-Z])/g,"-$1").toLowerCase():t,w$=["area","base","br","col","embed","hr","img","input","keygen","link","meta","param","source","track","wbr"],v$=["allowfullscreen","async","autofocus","autoplay","checked","controls","default","defer","disabled","download","formnovalidate","hidden","inert","ismap","itemscope","loop","multiple","muted","nomodule","novalidate","open","playsinline","readonly","required","reversed","selected"],iu=(t,e)=>{for(let n=0,r=t.length;n<r;n++){const i=t[n];if(typeof i=="string")dn(i,e);else{if(typeof i=="boolean"||i===null||i===void 0)continue;i instanceof wt?i.toStringToBuffer(e):typeof i=="number"||i.isEscaped?e[0]+=i:i instanceof Promise?e.unshift("",i):iu(i,e)}}},wt=class{constructor(t,e,n){te(this,"tag");te(this,"props");te(this,"key");te(this,"children");te(this,"isEscaped",!0);te(this,"localContexts");this.tag=t,this.props=e,this.children=n}get type(){return this.tag}get ref(){return this.props.ref||null}toString(){var e,n;const t=[""];(e=this.localContexts)==null||e.forEach(([r,i])=>{r.values.push(i)});try{this.toStringToBuffer(t)}finally{(n=this.localContexts)==null||n.forEach(([r])=>{r.values.pop()})}return t.length===1?"callbacks"in t?Lm(yt(t[0],t.callbacks)).toString():t[0]:Bm(t,t.callbacks)}toStringToBuffer(t){const e=this.tag,n=this.props;let{children:r}=this;t[0]+=`<${e}`;const i=_i&&Tr(_i)==="svg"?o=>y$(gs(o)):o=>gs(o);for(let[o,a]of Object.entries(n))if(o=i(o),o!=="children"){if(o==="style"&&typeof a=="object"){let c="";Hm(a,(d,l)=>{l!=null&&(c+=`${c?";":""}${d}:${l}`)}),t[0]+=' style="',dn(c,t),t[0]+='"'}else if(typeof a=="string")t[0]+=` ${o}="`,dn(a,t),t[0]+='"';else if(a!=null)if(typeof a=="number"||a.isEscaped)t[0]+=` ${o}="${a}"`;else if(typeof a=="boolean"&&v$.includes(o))a&&(t[0]+=` ${o}=""`);else if(o==="dangerouslySetInnerHTML"){if(r.length>0)throw"Can only set one of `children` or `props.dangerouslySetInnerHTML`.";r=[yt(a.__html)]}else if(a instanceof Promise)t[0]+=` ${o}="`,t.unshift('"',a);else if(typeof a=="function"){if(!o.startsWith("on"))throw`Invalid prop '${o}' of type 'function' supplied to '${e}'.`}else t[0]+=` ${o}="`,dn(a.toString(),t),t[0]+='"'}if(w$.includes(e)&&r.length===0){t[0]+="/>";return}t[0]+=">",iu(r,t),t[0]+=`</${e}>`}},Ha=class extends wt{toStringToBuffer(t){const{children:e}=this,n=this.tag.call(null,{...this.props,children:e.length<=1?e[0]:e});if(!(typeof n=="boolean"||n==null))if(n instanceof Promise)if(br.length===0)t.unshift("",n);else{const r=br.map(i=>[i,i.values.at(-1)]);t.unshift("",n.then(i=>(i instanceof wt&&(i.localContexts=r),i)))}else n instanceof wt?n.toStringToBuffer(t):typeof n=="number"||n.isEscaped?(t[0]+=n,n.callbacks&&(t.callbacks||(t.callbacks=[]),t.callbacks.push(...n.callbacks))):dn(n,t)}},Km=class extends wt{toStringToBuffer(t){iu(this.children,t)}},b$=(t,e,...n)=>{e??(e={}),n.length&&(e.children=n.length===1?n[0]:n);const r=e.key;delete e.key;const i=fo(t,e,n);return i.key=r,i},ih=!1,fo=(t,e,n)=>{if(!ih){for(const r in jd)qa[r][nu]=jd[r];ih=!0}return typeof t=="function"?new Ha(t,e,n):qa[t]?new Ha(qa[t],e,n):t==="svg"||t==="head"?(_i||(_i=c$("")),new wt(t,e,[new Ha(_i,{value:t},n)])):new wt(t,e,n)},ou=({children:t})=>new Km("",{children:t},Array.isArray(t)?t:t?[t]:[]),$$=(t,e,...n)=>b$(t.tag,{...t.props,...e},...n);function _(t,e,n){let r;if(!e||!("children"in e))r=fo(t,e,[]);else{const i=e.children;r=Array.isArray(i)?fo(t,e,i):fo(t,e,[i])}return r.key=n,r}const oh={name:"sesamy",logoUrl:"https://assets.sesamy.com/static/images/email/sesamy-logo.png",style:{primaryColor:"#7D68F4",buttonTextColor:"#FFFFFF",primaryHoverColor:"#A091F2"},loginBackgroundImage:"",checkoutHideSocial:!1,supportEmail:"support@sesamy.com",supportUrl:"https://support.sesamy.com",siteUrl:"https://sesamy.com",termsAndConditionsUrl:"https://store.sesamy.com/pages/terms-of-service",manageSubscriptionsUrl:"https://account.sesamy.com/manage-subscriptions"};async function Gm(t,e,n){if(!n&&!e)return oh;const r=n||e;try{const i=await fetch(`${t.API_URL}/profile/vendors/${r}/style`);if(!i.ok)throw new Error("Failed to fetch vendor settings");const o=await i.json();return Uh.parse(o)}catch(i){return console.error(i),oh}}async function ke(t,e,n=!1){var l;const{env:r}=t,i=await r.data.loginSessions.get(t.var.tenant_id||"",e);if(!i)throw new A(400,{message:"Login session not found"});t.set("loginSession",i);const o=await Ui(r,i.authParams.client_id);t.set("client_id",o.id),t.set("tenant_id",o.tenant.id);const a=await r.data.tenants.get(o.tenant.id);if(a){if(i.session_id&&!n)throw new A(400,{message:"Login session closed"})}else throw new A(400,{message:"Tenant not found"});const c=await Gm(r,o.id,i.authParams.vendor_id),d=(l=i.authParams.ui_locales)==null?void 0:l.split(" ").map(u=>u.split("-")[0]).find(u=>{if(Array.isArray(O.options.supportedLngs))return O.options.supportedLngs.includes(u)});return await O.changeLanguage(d||a.language||"sv"),{vendorSettings:{...c,termsAndConditionsUrl:o.id==="fokus-app"?"https://www.fokus.se/kopvillkor-app/":c.termsAndConditionsUrl},client:o,tenant:a,loginSession:i}}async function x$(t,e,n,r){if(r!==void 0)return r==="password";const i=await zs({userAdapter:t.env.data.users,tenant_id:e.tenant.id,email:n});if(i){const a=await t.env.data.logs.list(e.tenant.id,{page:0,per_page:10,include_totals:!1,sort:{sort_by:"date",sort_order:"desc"},q:`type:${he.SUCCESS_LOGIN} user_id:${i.user_id}`}),[c]=a.logs.filter(d=>d.strategy&&["Username-Password-Authentication","passwordless","email"].includes(d.strategy));if(c)return c.strategy==="Username-Password-Authentication"}return(await t.env.data.promptSettings.get(e.tenant.id)).password_first}const Wm=({vendorSettings:t})=>t!=null&&t.logoUrl?_("div",{className:"flex h-9 items-center",children:_("img",{src:t.logoUrl,className:"max-h-full",alt:"Vendor logo"})}):_(ou,{}),Jm=({vendorSettings:t})=>{const{termsAndConditionsUrl:e}=t;return _("div",{className:"mt-8",children:e&&_("div",{className:"text-xs text-gray-300",children:[O.t("agree_to")," ",_("a",{href:e,className:"text-primary hover:underline",target:"_blank",rel:"noreferrer",children:O.t("terms")})]})})};var Xm={exports:{}};/*!
|
|
198
198
|
Copyright (c) 2018 Jed Watson.
|
|
199
199
|
Licensed under the MIT License (MIT), see
|
|
200
200
|
http://jedwatson.github.io/classnames
|
package/dist/authhero.mjs
CHANGED
|
@@ -22869,7 +22869,8 @@ async function P4({
|
|
|
22869
22869
|
scope: l,
|
|
22870
22870
|
state: i,
|
|
22871
22871
|
nonce: s,
|
|
22872
|
-
response_type: u
|
|
22872
|
+
response_type: u,
|
|
22873
|
+
redirect_uri: r
|
|
22873
22874
|
},
|
|
22874
22875
|
user: v,
|
|
22875
22876
|
session_id: n.id
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "authhero",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.156.0",
|
|
4
4
|
"files": [
|
|
5
5
|
"dist"
|
|
6
6
|
],
|
|
@@ -36,7 +36,7 @@
|
|
|
36
36
|
"vite": "^5.4.11",
|
|
37
37
|
"vite-plugin-dts": "^4.3.0",
|
|
38
38
|
"vitest": "^2.1.5",
|
|
39
|
-
"@authhero/kysely-adapter": "^10.
|
|
39
|
+
"@authhero/kysely-adapter": "^10.21.0"
|
|
40
40
|
},
|
|
41
41
|
"dependencies": {
|
|
42
42
|
"@peculiar/x509": "^1.12.3",
|