authhero 8.14.0 → 8.14.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/authhero.cjs +6 -5
- package/dist/authhero.d.ts +224 -224
- package/dist/authhero.mjs +42 -26
- package/dist/stats.html +1 -1
- package/dist/tsconfig.types.tsbuildinfo +1 -1
- package/dist/types/index.d.ts +224 -224
- package/dist/types/routes/auth-api/authorize.d.ts +14 -14
- package/dist/types/routes/auth-api/index.d.ts +50 -50
- package/package.json +3 -3
package/dist/authhero.mjs
CHANGED
|
@@ -8517,7 +8517,7 @@ var ane = (e, t) => {
|
|
|
8517
8517
|
}, Yd = (e, t, n, r) => {
|
|
8518
8518
|
let i = une(t, n, r);
|
|
8519
8519
|
e.header("Set-Cookie", i, { append: !0 });
|
|
8520
|
-
}, Xd = "
|
|
8520
|
+
}, Xd = "mr4p633u", dne = /* @__PURE__ */ p({
|
|
8521
8521
|
common: () => Zd,
|
|
8522
8522
|
consent: () => Qd,
|
|
8523
8523
|
default: () => fne,
|
|
@@ -45621,7 +45621,7 @@ async function LH(e, t, n, r, i = N.USERNAME_PASSWORD) {
|
|
|
45621
45621
|
code: "TOO_MANY_FAILED_LOGINS"
|
|
45622
45622
|
});
|
|
45623
45623
|
let f = await a.passwords.get(t.tenant.id, u.user_id), p = f && await a_.compare(n.password, f.password);
|
|
45624
|
-
if (!p) {
|
|
45624
|
+
if (!p && !f) {
|
|
45625
45625
|
let r = await fH(e, t.tenant.id, u.connection);
|
|
45626
45626
|
r?.options?.import_mode === !0 && await DH({
|
|
45627
45627
|
ctx: e,
|
|
@@ -51659,53 +51659,68 @@ var CY = r.object({
|
|
|
51659
51659
|
handler: async (e) => {
|
|
51660
51660
|
let t = e.var.tenant_id, n = e.req.query("include_password_hashes") === "true";
|
|
51661
51661
|
n && _Y(e, pY);
|
|
51662
|
-
let r = e.req.query("gzip") !== "false", i = new TextEncoder(), a = sY(e.env.data, t, { includePasswordHashes: n })[Symbol.asyncIterator](), o = 0, s = !1, c;
|
|
51662
|
+
let r = e.req.query("gzip") !== "false", i = new TextEncoder(), a = sY(e.env.data, t, { includePasswordHashes: n })[Symbol.asyncIterator](), o = 0, s = !1, c = [], l = 0, u = !1;
|
|
51663
51663
|
try {
|
|
51664
|
-
c
|
|
51664
|
+
for (; c.length < 1e3 && l < 1048576;) {
|
|
51665
|
+
let { value: e, done: t } = await a.next();
|
|
51666
|
+
if (t) {
|
|
51667
|
+
u = !0;
|
|
51668
|
+
break;
|
|
51669
|
+
}
|
|
51670
|
+
let n = i.encode(JSON.stringify(e) + "\n");
|
|
51671
|
+
c.push(n), l += n.byteLength, o += 1;
|
|
51672
|
+
}
|
|
51665
51673
|
} catch (r) {
|
|
51666
51674
|
throw await P(e, t, {
|
|
51667
51675
|
type: M.FAILED_API_OPERATION,
|
|
51668
|
-
description: `Tenant export failed (password_hashes=${n}) by ${e.var.user?.sub ?? "unknown"}: ${r instanceof Error ? r.message : String(r)}`,
|
|
51676
|
+
description: `Tenant export failed after ${o} rows (password_hashes=${n}) by ${e.var.user?.sub ?? "unknown"}: ${r instanceof Error ? r.message : String(r)}`,
|
|
51669
51677
|
targetType: "tenant",
|
|
51670
51678
|
targetId: t
|
|
51671
|
-
}), new _(500, { message: "Tenant export failed" });
|
|
51679
|
+
}).catch(() => {}), new _(500, { message: "Tenant export failed" });
|
|
51672
51680
|
}
|
|
51673
|
-
let
|
|
51681
|
+
let d = new ReadableStream({
|
|
51674
51682
|
async pull(r) {
|
|
51683
|
+
let l = c.shift();
|
|
51684
|
+
if (l) {
|
|
51685
|
+
r.enqueue(l);
|
|
51686
|
+
return;
|
|
51687
|
+
}
|
|
51675
51688
|
try {
|
|
51676
|
-
let
|
|
51677
|
-
if (
|
|
51689
|
+
let c = u ? void 0 : await a.next();
|
|
51690
|
+
if (!c || c.done) {
|
|
51678
51691
|
s || (s = !0, await P(e, t, {
|
|
51679
51692
|
type: M.SUCCESS_API_OPERATION,
|
|
51680
51693
|
description: `Tenant export (${o} rows, password_hashes=${n}) by ${e.var.user?.sub ?? "unknown"}`,
|
|
51681
51694
|
targetType: "tenant",
|
|
51682
|
-
targetId: t
|
|
51683
|
-
|
|
51695
|
+
targetId: t,
|
|
51696
|
+
waitForCompletion: !0
|
|
51697
|
+
}).catch(() => {})), r.close();
|
|
51684
51698
|
return;
|
|
51685
51699
|
}
|
|
51686
|
-
o += 1, r.enqueue(i.encode(JSON.stringify(c) + "\n"));
|
|
51700
|
+
o += 1, r.enqueue(i.encode(JSON.stringify(c.value) + "\n"));
|
|
51687
51701
|
} catch (i) {
|
|
51688
51702
|
s || (s = !0, await P(e, t, {
|
|
51689
51703
|
type: M.FAILED_API_OPERATION,
|
|
51690
51704
|
description: `Tenant export failed after ${o} rows (password_hashes=${n}) by ${e.var.user?.sub ?? "unknown"}: ${i instanceof Error ? i.message : String(i)}`,
|
|
51691
51705
|
targetType: "tenant",
|
|
51692
|
-
targetId: t
|
|
51693
|
-
|
|
51706
|
+
targetId: t,
|
|
51707
|
+
waitForCompletion: !0
|
|
51708
|
+
}).catch(() => {})), r.error(i);
|
|
51694
51709
|
}
|
|
51695
51710
|
},
|
|
51696
51711
|
async cancel() {
|
|
51697
51712
|
await a.return?.(void 0);
|
|
51698
51713
|
}
|
|
51699
51714
|
});
|
|
51700
|
-
if (!r) return new Response(
|
|
51715
|
+
if (!r) return new Response(d, {
|
|
51701
51716
|
status: 200,
|
|
51702
51717
|
headers: {
|
|
51703
51718
|
"content-type": "application/x-ndjson",
|
|
51704
51719
|
"content-disposition": `attachment; filename="${t}-export.jsonl"`
|
|
51705
51720
|
}
|
|
51706
51721
|
});
|
|
51707
|
-
let
|
|
51708
|
-
return new Response(
|
|
51722
|
+
let f = d.pipeThrough(new CompressionStream("gzip"));
|
|
51723
|
+
return new Response(f, {
|
|
51709
51724
|
status: 200,
|
|
51710
51725
|
headers: {
|
|
51711
51726
|
"content-type": "application/gzip",
|
|
@@ -58358,7 +58373,8 @@ var l2 = F({
|
|
|
58358
58373
|
allowSubDomainWildcards: !0
|
|
58359
58374
|
})) throw new _(400, { message: `Invalid redirect URI - ${O.redirect_uri}` });
|
|
58360
58375
|
}
|
|
58361
|
-
|
|
58376
|
+
let le = `${ba(e.env, e.var.custom_domain)}userinfo`;
|
|
58377
|
+
if (O.audience && O.audience !== le) {
|
|
58362
58378
|
let { resource_servers: n } = await t.data.resourceServers.list(D.tenant.id);
|
|
58363
58379
|
if (!n.some((e) => e.identifier === O.audience)) {
|
|
58364
58380
|
let t = {
|
|
@@ -58374,19 +58390,19 @@ var l2 = F({
|
|
|
58374
58390
|
throw new _(403, { message: `Service not found: ${O.audience}` });
|
|
58375
58391
|
}
|
|
58376
58392
|
}
|
|
58377
|
-
let
|
|
58378
|
-
for (let e of
|
|
58393
|
+
let ue, de = Kie(D.tenant.id, e.req.header("cookie"));
|
|
58394
|
+
for (let e of de) {
|
|
58379
58395
|
let n = await t.data.sessions.get(D.tenant.id, e);
|
|
58380
58396
|
if (n && !n.revoked_at) {
|
|
58381
|
-
|
|
58397
|
+
ue = n;
|
|
58382
58398
|
break;
|
|
58383
58399
|
}
|
|
58384
58400
|
}
|
|
58385
|
-
if (D.sso_disabled && (
|
|
58401
|
+
if (D.sso_disabled && (ue = void 0), h == "none") {
|
|
58386
58402
|
if (!se || !T || !d) throw new _(400, { message: "Missing required parameters for silent auth: redirect_uri, state, and response_type" });
|
|
58387
58403
|
return V0({
|
|
58388
58404
|
ctx: e,
|
|
58389
|
-
session:
|
|
58405
|
+
session: ue || void 0,
|
|
58390
58406
|
redirect_uri: se,
|
|
58391
58407
|
state: T,
|
|
58392
58408
|
response_type: d,
|
|
@@ -58407,17 +58423,17 @@ var l2 = F({
|
|
|
58407
58423
|
let t = await z0(e, D.tenant.id, ee, O, te);
|
|
58408
58424
|
return t instanceof Response ? t : e.json(t);
|
|
58409
58425
|
}
|
|
58410
|
-
let
|
|
58426
|
+
let fe = await L0({
|
|
58411
58427
|
ctx: e,
|
|
58412
58428
|
client: D,
|
|
58413
58429
|
auth0Client: ne,
|
|
58414
58430
|
authParams: O,
|
|
58415
|
-
session:
|
|
58431
|
+
session: ue || void 0,
|
|
58416
58432
|
connection: E,
|
|
58417
58433
|
login_hint: y,
|
|
58418
58434
|
screen_hint: re
|
|
58419
58435
|
});
|
|
58420
|
-
return
|
|
58436
|
+
return fe instanceof Response ? fe : e.json(fe);
|
|
58421
58437
|
}
|
|
58422
58438
|
}), u2 = F({
|
|
58423
58439
|
route: t({
|