dbsc-toolkit 1.2.4 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (28) hide show
  1. package/README.md +51 -9
  2. package/dist/core/index.d.ts +3 -2
  3. package/dist/core/index.d.ts.map +1 -1
  4. package/dist/core/index.js +1 -1
  5. package/dist/core/index.js.map +1 -1
  6. package/dist/core/protocol/headers.d.ts +8 -0
  7. package/dist/core/protocol/headers.d.ts.map +1 -1
  8. package/dist/core/protocol/headers.js +41 -0
  9. package/dist/core/protocol/headers.js.map +1 -1
  10. package/dist/core/types.d.ts +14 -1
  11. package/dist/core/types.d.ts.map +1 -1
  12. package/dist/express/index.d.ts +11 -3
  13. package/dist/express/index.d.ts.map +1 -1
  14. package/dist/express/index.js +54 -10
  15. package/dist/express/index.js.map +1 -1
  16. package/dist/fastify/index.d.ts +11 -2
  17. package/dist/fastify/index.d.ts.map +1 -1
  18. package/dist/fastify/index.js +73 -20
  19. package/dist/fastify/index.js.map +1 -1
  20. package/dist/hono/index.d.ts +21 -2
  21. package/dist/hono/index.d.ts.map +1 -1
  22. package/dist/hono/index.js +92 -23
  23. package/dist/hono/index.js.map +1 -1
  24. package/dist/nextjs/index.d.ts +13 -1
  25. package/dist/nextjs/index.d.ts.map +1 -1
  26. package/dist/nextjs/index.js +88 -22
  27. package/dist/nextjs/index.js.map +1 -1
  28. package/package.json +1 -1
package/README.md CHANGED
@@ -13,9 +13,11 @@ Chrome 147+ supports DBSC natively. This library handles the server side. Verifi
13
13
 
14
14
  ## Live demo
15
15
 
16
- Try it: <https://dbsctest-production.up.railway.app/>
16
+ Try it: <https://dbsc-toolkit.onrender.com/>
17
17
 
18
- Open in Chrome 147+, click **Login**, then **Check session** — `tier` reads `"dbsc"` once the TPM key is bound. Use **Clear cookies** to reset and replay the flow. Source in [examples/express/](./examples/express/).
18
+ Open in Chrome 147+, click **Login**, then **Check session** — `tier` reads `"dbsc"` once the TPM key is bound. The demo uses a 60-second bound-cookie TTL so refresh kicks in fast — watch DevTools Network for the automatic `POST /dbsc/refresh` after the cookie expires. Use **Clear cookies** to reset and replay the flow. Source in [examples/express/](./examples/express/).
19
+
20
+ > Heads up: the demo runs on in-memory storage. Render restarts wipe sessions, so if "Check session" returns `not authenticated` after a while, the instance probably restarted — click **Login** again.
19
21
 
20
22
  ## Install
21
23
 
@@ -41,23 +43,41 @@ npm install express cookie-parser pg
41
43
  ```ts
42
44
  import express from "express";
43
45
  import cookieParser from "cookie-parser";
44
- import { dbsc } from "dbsc-toolkit/express";
46
+ import { randomUUID } from "node:crypto";
47
+ import { dbsc, bindSession } from "dbsc-toolkit/express";
45
48
  import { MemoryStorage } from "dbsc-toolkit/storage/memory";
46
49
 
47
50
  const app = express();
51
+ app.set("trust proxy", true);
48
52
  app.use(cookieParser());
49
- app.use(dbsc({ storage: new MemoryStorage() }));
53
+ app.use(express.json());
54
+
55
+ const storage = new MemoryStorage();
56
+ app.use(dbsc({ storage }));
50
57
 
51
- app.get("/me", (req, res) => {
52
- res.json(res.locals.dbsc);
58
+ app.post("/login", async (req, res) => {
59
+ const sessionId = randomUUID();
60
+ await bindSession(res, sessionId, storage, { userId: req.body.username });
61
+ res.json({ ok: true });
53
62
  });
54
63
 
64
+ app.get("/me", (req, res) => res.json(res.locals.dbsc));
65
+
55
66
  app.listen(3000);
56
67
  ```
57
68
 
58
- That single `app.use(dbsc(...))` mounts `POST /dbsc/registration` and `POST /dbsc/refresh` automatically. Chrome drives both your application code never sees those requests.
69
+ `app.use(dbsc(...))` mounts `POST /dbsc/registration` and `POST /dbsc/refresh` automatically Chrome drives both, your code never sees them. `bindSession()` is the one-liner you add to your login route: it writes the session row, issues a challenge, builds the registration header (both legacy + new names), and sets the two short-lived cookies Chrome needs to complete binding.
70
+
71
+ A full demo with `/me`, `/logout`, and `/clear-cookies` is in [examples/express/src/server.js](./examples/express/src/server.js).
72
+
73
+ ## Adding DBSC to an existing app
59
74
 
60
- A full `/login` flow with cookie issuance is in [examples/express/src/server.js](./examples/express/src/server.js).
75
+ If you already have a working session cookie and login route (Express-session, NextAuth, your own table — doesn't matter), DBSC slots in beside what you have. You don't migrate the session store and you don't rewrite login. Two patterns:
76
+
77
+ - Add one `bindSession()` call at the end of your existing login.
78
+ - Or set `autoBind` on the middleware and never touch login at all — DBSC binds users on their next page load.
79
+
80
+ Full integration story, per-route policy table, and rollout timeline in [docs/integrating-existing-auth.md](./docs/integrating-existing-auth.md).
61
81
 
62
82
  ## Subpath imports
63
83
 
@@ -126,9 +146,11 @@ See [docs/security/best-practices.md](./docs/security/best-practices.md) for the
126
146
 
127
147
  You need HTTPS — `__Host-` cookies require it and Chrome rejects DBSC on plain HTTP. Two options:
128
148
 
129
- - Deploy somewhere that gives you HTTPS (Railway, Fly, Render, Cloudflare Tunnel). Easiest path. We tested against Railway successfully.
149
+ - Deploy somewhere that gives you HTTPS (Render, Fly, Railway, Cloudflare Tunnel). Easiest path. The live demo above runs on Render.
130
150
  - Run `local-ssl-proxy --source 3001 --target 3000` in front of your local server.
131
151
 
152
+ If you deploy behind any reverse proxy (Render, Fly, Cloudflare, nginx), call `app.set("trust proxy", true)` in Express before mounting the DBSC middleware. Without it, `req.protocol` returns `http` even when the client connected over HTTPS, so the `scope.origin` in the registration response goes out with the wrong scheme and Chrome silently terminates the session. Fastify needs `Fastify({ trustProxy: true })`; Hono and Next.js derive origin from the request URL directly and don't need any flag.
153
+
132
154
  A working demo is in [examples/express/](./examples/express/).
133
155
 
134
156
  ## Framework support
@@ -215,6 +237,26 @@ app.use(dbsc({
215
237
 
216
238
  Event types: `registration`, `refresh`, `verification_failure`, `session_stolen`, `fallback_tier`.
217
239
 
240
+ ## Skipped sessions
241
+
242
+ Chrome may send a request without the bound credential and tell you why via the `Secure-Session-Skipped` header. The library parses it and exposes the entries on the request:
243
+
244
+ ```ts
245
+ app.get("/payment", (req, res) => {
246
+ const skipped = res.locals.dbsc.skipped;
247
+ if (skipped.some(s => s.reason === "quota_exceeded")) {
248
+ // Chrome throttled DBSC registrations for this site, briefly
249
+ // unsafe to assume the binding is fresh — fall back or step up
250
+ return res.status(503).json({ error: "session binding temporarily unavailable" });
251
+ }
252
+ // ...
253
+ });
254
+ ```
255
+
256
+ Reasons defined by the spec: `unreachable` (couldn't reach the refresh endpoint), `server_error` (refresh got a 5xx), `quota_exceeded` (browser's anti-abuse throttle). These are diagnostics from Chrome — your server cannot disable them, but it can react to them.
257
+
258
+ The quota is scoped per `(browser install, origin)`, not per origin globally. A site with a million users has a million separate quota buckets — one user spamming logins on their own Chrome cannot drain quota for anyone else. In production with normal login-once-and-stay-logged-in behavior, registration runs once per user and `quota_exceeded` essentially never trips. You hit it during development because the test loop logs in and out on the same browser dozens of times in a few minutes. To recover during testing, clear site data for the origin (`chrome://settings/clearBrowserData` → last hour → cookies and site data) or test in a fresh Incognito window.
259
+
218
260
  ## Header naming
219
261
 
220
262
  The W3C draft renamed the headers from `Sec-Session-*` to `Secure-Session-*`. Chrome 147 acts on the new names. The middleware reads both and writes both for compatibility. If you build response headers manually, send both:
package/dist/core/index.d.ts CHANGED
@@ -1,9 +1,10 @@
1
- export type { ProtectionTier, BoundKey, Session, Challenge, RegistrationProof, RefreshProof, StorageAdapter, RateLimiter, DbscOptions, AnyTelemetryEvent, TelemetryEvent, RegistrationEvent, RefreshEvent, VerificationFailureEvent, SessionStolenEvent, FallbackTierEvent, } from "./types.js";
1
+ export type { ProtectionTier, BoundKey, Session, Challenge, RegistrationProof, RefreshProof, StorageAdapter, RateLimiter, DbscOptions, AutoBindResult, AnyTelemetryEvent, TelemetryEvent, RegistrationEvent, RefreshEvent, VerificationFailureEvent, SessionStolenEvent, FallbackTierEvent, } from "./types.js";
2
2
  export { DbscProtocolError, DbscVerificationError, DbscStorageError, ErrorCodes } from "./errors.js";
3
3
  export { validateJwk, detectAlgorithm } from "./crypto/jwk.js";
4
4
  export { verifyDbscJws, parseRegistrationJws } from "./crypto/jws.js";
5
5
  export { generateJti, issueChallenge } from "./protocol/challenge.js";
6
- export { buildRegistrationHeader, buildChallengeHeader, parseSessionResponseHeader, buildSessionIdCookie, readSessionResponseHeader, REGISTRATION_HEADER, RESPONSE_HEADER, CHALLENGE_HEADER, LEGACY_REGISTRATION_HEADER, LEGACY_RESPONSE_HEADER, LEGACY_CHALLENGE_HEADER, } from "./protocol/headers.js";
6
+ export { buildRegistrationHeader, buildChallengeHeader, parseSessionResponseHeader, parseSessionSkippedHeader, buildSessionIdCookie, readSessionResponseHeader, REGISTRATION_HEADER, RESPONSE_HEADER, CHALLENGE_HEADER, SKIPPED_HEADER, LEGACY_REGISTRATION_HEADER, LEGACY_RESPONSE_HEADER, LEGACY_CHALLENGE_HEADER, LEGACY_SKIPPED_HEADER, } from "./protocol/headers.js";
7
+ export type { SkippedEntry, SkippedReason } from "./protocol/headers.js";
7
8
  export { handleRegistration } from "./protocol/registration.js";
8
9
  export { handleRefresh } from "./protocol/refresh.js";
9
10
  export { negotiateTier, detectDbscSupport } from "./fallback/negotiate.js";
package/dist/core/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":"AAAA,YAAY,EACV,cAAc,EACd,QAAQ,EACR,OAAO,EACP,SAAS,EACT,iBAAiB,EACjB,YAAY,EACZ,cAAc,EACd,WAAW,EACX,WAAW,EACX,iBAAiB,EACjB,cAAc,EACd,iBAAiB,EACjB,YAAY,EACZ,wBAAwB,EACxB,kBAAkB,EAClB,iBAAiB,GAClB,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAErG,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAEtE,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACtE,OAAO,EACL,uBAAuB,EACvB,oBAAoB,EACpB,0BAA0B,EAC1B,oBAAoB,EACpB,yBAAyB,EACzB,mBAAmB,EACnB,eAAe,EACf,gBAAgB,EAChB,0BAA0B,EAC1B,sBAAsB,EACtB,uBAAuB,GACxB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAEtD,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC3E,OAAO,EACL,4BAA4B,EAC5B,0BAA0B,EAC1B,8BAA8B,EAC9B,4BAA4B,GAC7B,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAExF,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":"AAAA,YAAY,EACV,cAAc,EACd,QAAQ,EACR,OAAO,EACP,SAAS,EACT,iBAAiB,EACjB,YAAY,EACZ,cAAc,EACd,WAAW,EACX,WAAW,EACX,cAAc,EACd,iBAAiB,EACjB,cAAc,EACd,iBAAiB,EACjB,YAAY,EACZ,wBAAwB,EACxB,kBAAkB,EAClB,iBAAiB,GAClB,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAErG,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAEtE,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACtE,OAAO,EACL,uBAAuB,EACvB,oBAAoB,EACpB,0BAA0B,EAC1B,yBAAyB,EACzB,oBAAoB,EACpB,yBAAyB,EACzB,mBAAmB,EACnB,eAAe,EACf,gBAAgB,EAChB,cAAc,EACd,0BAA0B,EAC1B,sBAAsB,EACtB,uBAAuB,EACvB,qBAAqB,GACtB,MAAM,uBAAuB,CAAC;AAC/B,YAAY,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACzE,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAEtD,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC3E,OAAO,EACL,4BAA4B,EAC5B,0BAA0B,EAC1B,8BAA8B,EAC9B,4BAA4B,GAC7B,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAExF,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC"}
package/dist/core/index.js CHANGED
@@ -2,7 +2,7 @@ export { DbscProtocolError, DbscVerificationError, DbscStorageError, ErrorCodes
2
2
  export { validateJwk, detectAlgorithm } from "./crypto/jwk.js";
3
3
  export { verifyDbscJws, parseRegistrationJws } from "./crypto/jws.js";
4
4
  export { generateJti, issueChallenge } from "./protocol/challenge.js";
5
- export { buildRegistrationHeader, buildChallengeHeader, parseSessionResponseHeader, buildSessionIdCookie, readSessionResponseHeader, REGISTRATION_HEADER, RESPONSE_HEADER, CHALLENGE_HEADER, LEGACY_REGISTRATION_HEADER, LEGACY_RESPONSE_HEADER, LEGACY_CHALLENGE_HEADER, } from "./protocol/headers.js";
5
+ export { buildRegistrationHeader, buildChallengeHeader, parseSessionResponseHeader, parseSessionSkippedHeader, buildSessionIdCookie, readSessionResponseHeader, REGISTRATION_HEADER, RESPONSE_HEADER, CHALLENGE_HEADER, SKIPPED_HEADER, LEGACY_REGISTRATION_HEADER, LEGACY_RESPONSE_HEADER, LEGACY_CHALLENGE_HEADER, LEGACY_SKIPPED_HEADER, } from "./protocol/headers.js";
6
6
  export { handleRegistration } from "./protocol/registration.js";
7
7
  export { handleRefresh } from "./protocol/refresh.js";
8
8
  export { negotiateTier, detectDbscSupport } from "./fallback/negotiate.js";
package/dist/core/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":"AAmBA,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAErG,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAEtE,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACtE,OAAO,EACL,uBAAuB,EACvB,oBAAoB,EACpB,0BAA0B,EAC1B,oBAAoB,EACpB,yBAAyB,EACzB,mBAAmB,EACnB,eAAe,EACf,gBAAgB,EAChB,0BAA0B,EAC1B,sBAAsB,EACtB,uBAAuB,GACxB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAEtD,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC3E,OAAO,EACL,4BAA4B,EAC5B,0BAA0B,EAC1B,8BAA8B,EAC9B,4BAA4B,GAC7B,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAExF,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":"AAoBA,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAErG,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAEtE,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACtE,OAAO,EACL,uBAAuB,EACvB,oBAAoB,EACpB,0BAA0B,EAC1B,yBAAyB,EACzB,oBAAoB,EACpB,yBAAyB,EACzB,mBAAmB,EACnB,eAAe,EACf,gBAAgB,EAChB,cAAc,EACd,0BAA0B,EAC1B,sBAAsB,EACtB,uBAAuB,EACvB,qBAAqB,GACtB,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAEtD,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC3E,OAAO,EACL,4BAA4B,EAC5B,0BAA0B,EAC1B,8BAA8B,EAC9B,4BAA4B,GAC7B,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAExF,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC"}
package/dist/core/protocol/headers.d.ts CHANGED
@@ -14,8 +14,16 @@ export declare function buildSessionIdCookie(sessionId: string, opts: {
14
14
  export declare const REGISTRATION_HEADER = "Secure-Session-Registration";
15
15
  export declare const RESPONSE_HEADER = "Secure-Session-Response";
16
16
  export declare const CHALLENGE_HEADER = "Secure-Session-Challenge";
17
+ export declare const SKIPPED_HEADER = "Secure-Session-Skipped";
17
18
  export declare const LEGACY_REGISTRATION_HEADER = "Sec-Session-Registration";
18
19
  export declare const LEGACY_RESPONSE_HEADER = "Sec-Session-Response";
19
20
  export declare const LEGACY_CHALLENGE_HEADER = "Sec-Session-Challenge";
21
+ export declare const LEGACY_SKIPPED_HEADER = "Sec-Session-Skipped";
20
22
  export declare function readSessionResponseHeader(headers: Record<string, string | string[] | undefined>): string | undefined;
23
+ export type SkippedReason = "unreachable" | "server_error" | "quota_exceeded";
24
+ export interface SkippedEntry {
25
+ reason: SkippedReason;
26
+ sessionId?: string;
27
+ }
28
+ export declare function parseSessionSkippedHeader(headers: Record<string, string | string[] | undefined>): SkippedEntry[];
21
29
  //# sourceMappingURL=headers.d.ts.map
package/dist/core/protocol/headers.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"headers.d.ts","sourceRoot":"","sources":["../../../src/core/protocol/headers.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,yBAAyB;IACxC,SAAS,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC;IAC9B,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,yBAAyB,GAAG,MAAM,CAK/E;AAED,wBAAgB,oBAAoB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,CAG5E;AAED,wBAAgB,0BAA0B,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAE9D;AAED,wBAAgB,oBAAoB,CAClC,SAAS,EAAE,MAAM,EACjB,IAAI,EAAE;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GAC1C,MAAM,CAMR;AAED,eAAO,MAAM,mBAAmB,gCAAgC,CAAC;AACjE,eAAO,MAAM,eAAe,4BAA4B,CAAC;AACzD,eAAO,MAAM,gBAAgB,6BAA6B,CAAC;AAE3D,eAAO,MAAM,0BAA0B,6BAA6B,CAAC;AACrE,eAAO,MAAM,sBAAsB,yBAAyB,CAAC;AAC7D,eAAO,MAAM,uBAAuB,0BAA0B,CAAC;AAE/D,wBAAgB,yBAAyB,CACvC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,GACrD,MAAM,GAAG,SAAS,CAIpB"}
1
+ {"version":3,"file":"headers.d.ts","sourceRoot":"","sources":["../../../src/core/protocol/headers.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,yBAAyB;IACxC,SAAS,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC;IAC9B,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,yBAAyB,GAAG,MAAM,CAK/E;AAED,wBAAgB,oBAAoB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,CAG5E;AAED,wBAAgB,0BAA0B,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAE9D;AAED,wBAAgB,oBAAoB,CAClC,SAAS,EAAE,MAAM,EACjB,IAAI,EAAE;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GAC1C,MAAM,CAMR;AAED,eAAO,MAAM,mBAAmB,gCAAgC,CAAC;AACjE,eAAO,MAAM,eAAe,4BAA4B,CAAC;AACzD,eAAO,MAAM,gBAAgB,6BAA6B,CAAC;AAC3D,eAAO,MAAM,cAAc,2BAA2B,CAAC;AAEvD,eAAO,MAAM,0BAA0B,6BAA6B,CAAC;AACrE,eAAO,MAAM,sBAAsB,yBAAyB,CAAC;AAC7D,eAAO,MAAM,uBAAuB,0BAA0B,CAAC;AAC/D,eAAO,MAAM,qBAAqB,wBAAwB,CAAC;AAE3D,wBAAgB,yBAAyB,CACvC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,GACrD,MAAM,GAAG,SAAS,CAIpB;AAED,MAAM,MAAM,aAAa,GAAG,aAAa,GAAG,cAAc,GAAG,gBAAgB,CAAC;AAE9E,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,aAAa,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAQD,wBAAgB,yBAAyB,CACvC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,GACrD,YAAY,EAAE,CAgChB"}
package/dist/core/protocol/headers.js CHANGED
@@ -23,13 +23,54 @@ export function buildSessionIdCookie(sessionId, opts) {
23
23
  export const REGISTRATION_HEADER = "Secure-Session-Registration";
24
24
  export const RESPONSE_HEADER = "Secure-Session-Response";
25
25
  export const CHALLENGE_HEADER = "Secure-Session-Challenge";
26
+ export const SKIPPED_HEADER = "Secure-Session-Skipped";
26
27
  export const LEGACY_REGISTRATION_HEADER = "Sec-Session-Registration";
27
28
  export const LEGACY_RESPONSE_HEADER = "Sec-Session-Response";
28
29
  export const LEGACY_CHALLENGE_HEADER = "Sec-Session-Challenge";
30
+ export const LEGACY_SKIPPED_HEADER = "Sec-Session-Skipped";
29
31
  export function readSessionResponseHeader(headers) {
30
32
  const v = headers["secure-session-response"] ?? headers["sec-session-response"];
31
33
  if (Array.isArray(v))
32
34
  return v[0];
33
35
  return v;
34
36
  }
37
+ const SKIPPED_REASONS = new Set([
38
+ "unreachable",
39
+ "server_error",
40
+ "quota_exceeded",
41
+ ]);
42
+ export function parseSessionSkippedHeader(headers) {
43
+ const raw = headers["secure-session-skipped"] ?? headers["sec-session-skipped"];
44
+ if (!raw)
45
+ return [];
46
+ const value = Array.isArray(raw) ? raw.join(", ") : raw;
47
+ const entries = [];
48
+ for (const item of value.split(",")) {
49
+ const trimmed = item.trim();
50
+ if (!trimmed)
51
+ continue;
52
+ const [tokenPart, ...paramParts] = trimmed.split(";");
53
+ const reason = tokenPart.trim();
54
+ if (!SKIPPED_REASONS.has(reason))
55
+ continue;
56
+ let sessionId;
57
+ for (const param of paramParts) {
58
+ const eq = param.indexOf("=");
59
+ if (eq === -1)
60
+ continue;
61
+ const key = param.slice(0, eq).trim();
62
+ let val = param.slice(eq + 1).trim();
63
+ if (val.startsWith('"') && val.endsWith('"')) {
64
+ val = val.slice(1, -1);
65
+ }
66
+ if (key === "session_identifier")
67
+ sessionId = val;
68
+ }
69
+ const entry = { reason: reason };
70
+ if (sessionId !== undefined)
71
+ entry.sessionId = sessionId;
72
+ entries.push(entry);
73
+ }
74
+ return entries;
75
+ }
35
76
  //# sourceMappingURL=headers.js.map
package/dist/core/protocol/headers.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"headers.js","sourceRoot":"","sources":["../../../src/core/protocol/headers.ts"],"names":[],"mappings":"AAOA,MAAM,UAAU,uBAAuB,CAAC,IAA+B;IACrE,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,IAAI,OAAO,CAAC;IACtC,MAAM,KAAK,GAAG,CAAC,IAAI,GAAG,GAAG,EAAE,SAAS,IAAI,CAAC,WAAW,GAAG,EAAE,cAAc,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC;IAC1F,IAAI,IAAI,CAAC,UAAU;QAAE,KAAK,CAAC,IAAI,CAAC,OAAO,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;IAC3D,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACzB,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,GAAW,EAAE,SAAkB;IAClE,MAAM,IAAI,GAAG,IAAI,GAAG,GAAG,CAAC;IACxB,OAAO,SAAS,CAAC,CAAC,CAAC,GAAG,IAAI,QAAQ,SAAS,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;AACxD,CAAC;AAED,MAAM,UAAU,0BAA0B,CAAC,GAAW;IACpD,OAAO,GAAG,CAAC,IAAI,EAAE,CAAC;AACpB,CAAC;AAED,MAAM,UAAU,oBAAoB,CAClC,SAAiB,EACjB,IAA2C;IAE3C,MAAM,KAAK,GAAG,CAAC,uBAAuB,SAAS,EAAE,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;IACzE,IAAI,IAAI,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAChF,KAAK,CAAC,IAAI,CAAC,YAAY,QAAQ,EAAE,CAAC,CAAC;IACnC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,CAAC,MAAM,mBAAmB,GAAG,6BAA6B,CAAC;AACjE,MAAM,CAAC,MAAM,eAAe,GAAG,yBAAyB,CAAC;AACzD,MAAM,CAAC,MAAM,gBAAgB,GAAG,0BAA0B,CAAC;AAE3D,MAAM,CAAC,MAAM,0BAA0B,GAAG,0BAA0B,CAAC;AACrE,MAAM,CAAC,MAAM,sBAAsB,GAAG,sBAAsB,CAAC;AAC7D,MAAM,CAAC,MAAM,uBAAuB,GAAG,uBAAuB,CAAC;AAE/D,MAAM,UAAU,yBAAyB,CACvC,OAAsD;IAEtD,MAAM,CAAC,GAAG,OAAO,CAAC,yBAAyB,CAAC,IAAI,OAAO,CAAC,sBAAsB,CAAC,CAAC;IAChF,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;QAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;IAClC,OAAO,CAAC,CAAC;AACX,CAAC"}
1
+ {"version":3,"file":"headers.js","sourceRoot":"","sources":["../../../src/core/protocol/headers.ts"],"names":[],"mappings":"AAOA,MAAM,UAAU,uBAAuB,CAAC,IAA+B;IACrE,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,IAAI,OAAO,CAAC;IACtC,MAAM,KAAK,GAAG,CAAC,IAAI,GAAG,GAAG,EAAE,SAAS,IAAI,CAAC,WAAW,GAAG,EAAE,cAAc,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC;IAC1F,IAAI,IAAI,CAAC,UAAU;QAAE,KAAK,CAAC,IAAI,CAAC,OAAO,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;IAC3D,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACzB,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,GAAW,EAAE,SAAkB;IAClE,MAAM,IAAI,GAAG,IAAI,GAAG,GAAG,CAAC;IACxB,OAAO,SAAS,CAAC,CAAC,CAAC,GAAG,IAAI,QAAQ,SAAS,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;AACxD,CAAC;AAED,MAAM,UAAU,0BAA0B,CAAC,GAAW;IACpD,OAAO,GAAG,CAAC,IAAI,EAAE,CAAC;AACpB,CAAC;AAED,MAAM,UAAU,oBAAoB,CAClC,SAAiB,EACjB,IAA2C;IAE3C,MAAM,KAAK,GAAG,CAAC,uBAAuB,SAAS,EAAE,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;IACzE,IAAI,IAAI,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAChF,KAAK,CAAC,IAAI,CAAC,YAAY,QAAQ,EAAE,CAAC,CAAC;IACnC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,CAAC,MAAM,mBAAmB,GAAG,6BAA6B,CAAC;AACjE,MAAM,CAAC,MAAM,eAAe,GAAG,yBAAyB,CAAC;AACzD,MAAM,CAAC,MAAM,gBAAgB,GAAG,0BAA0B,CAAC;AAC3D,MAAM,CAAC,MAAM,cAAc,GAAG,wBAAwB,CAAC;AAEvD,MAAM,CAAC,MAAM,0BAA0B,GAAG,0BAA0B,CAAC;AACrE,MAAM,CAAC,MAAM,sBAAsB,GAAG,sBAAsB,CAAC;AAC7D,MAAM,CAAC,MAAM,uBAAuB,GAAG,uBAAuB,CAAC;AAC/D,MAAM,CAAC,MAAM,qBAAqB,GAAG,qBAAqB,CAAC;AAE3D,MAAM,UAAU,yBAAyB,CACvC,OAAsD;IAEtD,MAAM,CAAC,GAAG,OAAO,CAAC,yBAAyB,CAAC,IAAI,OAAO,CAAC,sBAAsB,CAAC,CAAC;IAChF,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;QAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;IAClC,OAAO,CAAC,CAAC;AACX,CAAC;AASD,MAAM,eAAe,GAAwB,IAAI,GAAG,CAAC;IACnD,aAAa;IACb,cAAc;IACd,gBAAgB;CACjB,CAAC,CAAC;AAEH,MAAM,UAAU,yBAAyB,CACvC,OAAsD;IAEtD,MAAM,GAAG,GAAG,OAAO,CAAC,wBAAwB,CAAC,IAAI,OAAO,CAAC,qBAAqB,CAAC,CAAC;IAChF,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,CAAC;IACpB,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IACxD,MAAM,OAAO,GAAmB,EAAE,CAAC;IAEnC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QACpC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,OAAO;YAAE,SAAS;QAEvB,MAAM,CAAC,SAAS,EAAE,GAAG,UAAU,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACtD,MAAM,MAAM,GAAG,SAAU,CAAC,IAAI,EAAE,CAAC;QACjC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC;YAAE,SAAS;QAE3C,IAAI,SAA6B,CAAC;QAClC,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;YAC/B,MAAM,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC9B,IAAI,EAAE,KAAK,CAAC,CAAC;gBAAE,SAAS;YACxB,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YACtC,IAAI,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YACrC,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC7C,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YACzB,CAAC;YACD,IAAI,GAAG,KAAK,oBAAoB;gBAAE,SAAS,GAAG,GAAG,CAAC;QACpD,CAAC;QAED,MAAM,KAAK,GAAiB,EAAE,MAAM,EAAE,MAAuB,EAAE,CAAC;QAChE,IAAI,SAAS,KAAK,SAAS;YAAE,KAAK,CAAC,SAAS,GAAG,SAAS,CAAC;QACzD,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACtB,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC"}
package/dist/core/types.d.ts CHANGED
@@ -81,12 +81,25 @@ export interface FallbackTierEvent extends TelemetryEvent {
81
81
  export type AnyTelemetryEvent = RegistrationEvent | RefreshEvent | VerificationFailureEvent | SessionStolenEvent | FallbackTierEvent;
82
82
  export interface DbscOptions {
83
83
  storage: StorageAdapter;
84
- fallback?: "webauthn" | "hmac" | "none";
85
84
  registrationPath?: string;
86
85
  refreshPath?: string;
87
86
  boundCookieTtl?: number;
88
87
  registrationCookieTtl?: number;
89
88
  rateLimiter?: RateLimiter;
90
89
  onEvent?: (event: AnyTelemetryEvent) => void;
90
+ /**
91
+ * Optional callback for transparent migration. On every request that does not
92
+ * carry the bound cookie yet, the middleware calls this with the
93
+ * framework-native request. If it returns a userId string, the response gets
94
+ * the registration header + the two short-lived cookies, so Chrome 147+
95
+ * triggers /dbsc/registration on its own. Return null to skip.
96
+ * The sessionId used is whatever your existing auth says — supply both via
97
+ * the result type below.
98
+ */
99
+ autoBind?: (req: any) => Promise<AutoBindResult | null> | AutoBindResult | null;
100
+ }
101
+ export interface AutoBindResult {
102
+ sessionId: string;
103
+ userId: string;
91
104
  }
92
105
  //# sourceMappingURL=types.d.ts.map
package/dist/core/types.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/core/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,cAAc,GAAG,MAAM,GAAG,UAAU,GAAG,MAAM,GAAG,MAAM,CAAC;AAEnE,MAAM,WAAW,QAAQ;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,GAAG,EAAE,UAAU,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,OAAO,GAAG,OAAO,CAAC;CAC9B;AAED,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,cAAc,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,SAAS;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,GAAG,EAAE,UAAU,CAAC;IAChB,SAAS,EAAE,OAAO,GAAG,OAAO,CAAC;IAC7B,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,YAAY;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,cAAc;IAC7B,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;IAChD,UAAU,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5C,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEzC,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;IACzD,WAAW,CAAC,GAAG,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1C,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjD,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IACrD,YAAY,CAAC,SAAS,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAClD,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAEhD,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAChD,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACjD;AAED,MAAM,WAAW,WAAW;IAC1B,iBAAiB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAChD,YAAY,CAAC,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC9D,aAAa,CAAC,EAAE,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9D;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,cAAc,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,iBAAkB,SAAQ,cAAc;IACvD,IAAI,EAAE,cAAc,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,EAAE,EAAE,MAAM,CAAC;CACZ;AAED,MAAM,WAAW,YAAa,SAAQ,cAAc;IAClD,IAAI,EAAE,SAAS,CAAC;IAChB,EAAE,EAAE,MAAM,CAAC;CACZ;AAED,MAAM,WAAW,wBAAyB,SAAQ,cAAc;IAC9D,IAAI,EAAE,sBAAsB,CAAC;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,EAAE,EAAE,MAAM,CAAC;CACZ;AAED,MAAM,WAAW,kBAAmB,SAAQ,cAAc;IACxD,IAAI,EAAE,gBAAgB,CAAC;IACvB,EAAE,EAAE,MAAM,CAAC;CACZ;AAED,MAAM,WAAW,iBAAkB,SAAQ,cAAc;IACvD,IAAI,EAAE,eAAe,CAAC;IACtB,IAAI,EAAE,cAAc,CAAC;IACrB,EAAE,EAAE,cAAc,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,MAAM,iBAAiB,GACzB,iBAAiB,GACjB,YAAY,GACZ,wBAAwB,GACxB,kBAAkB,GAClB,iBAAiB,CAAC;AAEtB,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,cAAc,CAAC;IACxB,QAAQ,CAAC,EAAE,UAAU,GAAG,MAAM,GAAG,MAAM,CAAC;IACxC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,iBAAiB,KAAK,IAAI,CAAC;CAC9C"}
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/core/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,cAAc,GAAG,MAAM,GAAG,UAAU,GAAG,MAAM,GAAG,MAAM,CAAC;AAEnE,MAAM,WAAW,QAAQ;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,GAAG,EAAE,UAAU,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,OAAO,GAAG,OAAO,CAAC;CAC9B;AAED,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,cAAc,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,SAAS;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,GAAG,EAAE,UAAU,CAAC;IAChB,SAAS,EAAE,OAAO,GAAG,OAAO,CAAC;IAC7B,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,YAAY;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,cAAc;IAC7B,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;IAChD,UAAU,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5C,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEzC,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;IACzD,WAAW,CAAC,GAAG,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1C,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjD,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IACrD,YAAY,CAAC,SAAS,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAClD,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAEhD,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAChD,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACjD;AAED,MAAM,WAAW,WAAW;IAC1B,iBAAiB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAChD,YAAY,CAAC,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC9D,aAAa,CAAC,EAAE,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9D;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,cAAc,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,iBAAkB,SAAQ,cAAc;IACvD,IAAI,EAAE,cAAc,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,EAAE,EAAE,MAAM,CAAC;CACZ;AAED,MAAM,WAAW,YAAa,SAAQ,cAAc;IAClD,IAAI,EAAE,SAAS,CAAC;IAChB,EAAE,EAAE,MAAM,CAAC;CACZ;AAED,MAAM,WAAW,wBAAyB,SAAQ,cAAc;IAC9D,IAAI,EAAE,sBAAsB,CAAC;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,EAAE,EAAE,MAAM,CAAC;CACZ;AAED,MAAM,WAAW,kBAAmB,SAAQ,cAAc;IACxD,IAAI,EAAE,gBAAgB,CAAC;IACvB,EAAE,EAAE,MAAM,CAAC;CACZ;AAED,MAAM,WAAW,iBAAkB,SAAQ,cAAc;IACvD,IAAI,EAAE,eAAe,CAAC;IACtB,IAAI,EAAE,cAAc,CAAC;IACrB,EAAE,EAAE,cAAc,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,MAAM,iBAAiB,GACzB,iBAAiB,GACjB,YAAY,GACZ,wBAAwB,GACxB,kBAAkB,GAClB,iBAAiB,CAAC;AAEtB,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,cAAc,CAAC;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,iBAAiB,KAAK,IAAI,CAAC;IAC7C;;;;;;;;OAQG;IACH,QAAQ,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,GAAG,cAAc,GAAG,IAAI,CAAC;CACjF;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;CAChB"}
package/dist/express/index.d.ts CHANGED
@@ -1,13 +1,13 @@
1
- import type { RequestHandler } from "express";
2
- import { type DbscOptions, type ProtectionTier } from "../core/index.js";
1
+ import type { Response, RequestHandler } from "express";
2
+ import { type DbscOptions, type StorageAdapter, type ProtectionTier, type SkippedEntry } from "../core/index.js";
3
3
  export interface DbscExpressOptions extends DbscOptions {
4
4
  secure?: boolean;
5
5
  }
6
6
  export interface DbscLocals {
7
7
  sessionId: string | null;
8
8
  tier: ProtectionTier;
9
+ skipped: SkippedEntry[];
9
10
  revoke: () => Promise<void>;
10
- requireBound: () => void;
11
11
  }
12
12
  declare global {
13
13
  namespace Express {
@@ -16,5 +16,13 @@ declare global {
16
16
  }
17
17
  }
18
18
  }
19
+ export interface BindSessionOptions {
20
+ userId: string;
21
+ secure?: boolean;
22
+ registrationPath?: string;
23
+ registrationCookieTtl?: number;
24
+ sessionTtl?: number;
25
+ }
26
+ export declare function bindSession(res: Response, sessionId: string, storage: StorageAdapter, opts: BindSessionOptions): Promise<void>;
19
27
  export declare function dbsc(opts: DbscExpressOptions): RequestHandler;
20
28
  //# sourceMappingURL=index.d.ts.map
package/dist/express/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/express/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAmC,cAAc,EAAE,MAAM,SAAS,CAAC;AAE/E,OAAO,EAgBL,KAAK,WAAW,EAEhB,KAAK,cAAc,EACpB,MAAM,kBAAkB,CAAC;AAW1B,MAAM,WAAW,kBAAmB,SAAQ,WAAW;IACrD,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,UAAU;IACzB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,IAAI,EAAE,cAAc,CAAC;IACrB,MAAM,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,YAAY,EAAE,MAAM,IAAI,CAAC;CAC1B;AAED,OAAO,CAAC,MAAM,CAAC;IACb,UAAU,OAAO,CAAC;QAChB,UAAU,MAAM;YACd,IAAI,EAAE,UAAU,CAAC;SAClB;KACF;CACF;AAuBD,wBAAgB,IAAI,CAAC,IAAI,EAAE,kBAAkB,GAAG,cAAc,CAmP7D"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/express/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAW,QAAQ,EAAgB,cAAc,EAAE,MAAM,SAAS,CAAC;AAE/E,OAAO,EAiBL,KAAK,WAAW,EAChB,KAAK,cAAc,EAEnB,KAAK,cAAc,EACnB,KAAK,YAAY,EAElB,MAAM,kBAAkB,CAAC;AAY1B,MAAM,WAAW,kBAAmB,SAAQ,WAAW;IACrD,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,UAAU;IACzB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,IAAI,EAAE,cAAc,CAAC;IACrB,OAAO,EAAE,YAAY,EAAE,CAAC;IACxB,MAAM,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC7B;AAED,OAAO,CAAC,MAAM,CAAC;IACb,UAAU,OAAO,CAAC;QAChB,UAAU,MAAM;YACd,IAAI,EAAE,UAAU,CAAC;SAClB;KACF;CACF;AAuBD,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,wBAAsB,WAAW,CAC/B,GAAG,EAAE,QAAQ,EACb,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,cAAc,EACvB,IAAI,EAAE,kBAAkB,GACvB,OAAO,CAAC,IAAI,CAAC,CAyCf;AAED,wBAAgB,IAAI,CAAC,IAAI,EAAE,kBAAkB,GAAG,cAAc,CAwP7D"}
package/dist/express/index.js CHANGED
@@ -1,5 +1,4 @@
1
- import { randomBytes as nodeRandomBytes } from "node:crypto";
2
- import { handleRegistration, handleRefresh, issueChallenge, buildChallengeHeader, readSessionResponseHeader, CHALLENGE_HEADER, LEGACY_CHALLENGE_HEADER, NoopRateLimiter, emit, DbscProtocolError, DbscVerificationError, } from "../core/index.js";
1
+ import { handleRegistration, handleRefresh, issueChallenge, buildRegistrationHeader, buildChallengeHeader, readSessionResponseHeader, parseSessionSkippedHeader, REGISTRATION_HEADER, CHALLENGE_HEADER, LEGACY_REGISTRATION_HEADER, LEGACY_CHALLENGE_HEADER, NoopRateLimiter, emit, DbscProtocolError, DbscVerificationError, } from "../core/index.js";
3
2
  const cookieNames = (secure) => ({
4
3
  bound: secure ? "__Host-dbsc-session" : "dbsc-session",
5
4
  reg: secure ? "__Host-dbsc-reg" : "dbsc-reg",
@@ -7,6 +6,7 @@ const cookieNames = (secure) => ({
7
6
  });
8
7
  const DEFAULT_BOUND_TTL = 10 * 60 * 1000;
9
8
  const DEFAULT_REG_TTL = 24 * 60 * 60 * 1000;
9
+ const DEFAULT_SESSION_TTL = 24 * 60 * 60 * 1000;
10
10
  function cookieOpts(ttlMs, secure) {
11
11
  return {
12
12
  httpOnly: true,
@@ -27,9 +27,46 @@ function serializeCookie(name, value, opts) {
27
27
  parts.push(`Path=${opts.path}`);
28
28
  return parts.join("; ");
29
29
  }
30
+ export async function bindSession(res, sessionId, storage, opts) {
31
+ const secure = opts.secure ?? true;
32
+ const registrationPath = opts.registrationPath ?? "/dbsc/registration";
33
+ const regCookieTtl = opts.registrationCookieTtl ?? DEFAULT_REG_TTL;
34
+ const sessionTtl = opts.sessionTtl ?? DEFAULT_SESSION_TTL;
35
+ const COOKIES = cookieNames(secure);
36
+ const existing = await storage.getSession(sessionId);
37
+ const now = Date.now();
38
+ if (!existing) {
39
+ await storage.setSession({
40
+ id: sessionId,
41
+ userId: opts.userId,
42
+ tier: "none",
43
+ createdAt: now,
44
+ expiresAt: now + sessionTtl,
45
+ lastRefreshAt: 0,
46
+ });
47
+ }
48
+ const challenge = await issueChallenge(sessionId, storage);
49
+ const regHeader = buildRegistrationHeader({
50
+ refreshPath: registrationPath,
51
+ challenge: challenge.jti,
52
+ cookieName: COOKIES.bound,
53
+ });
54
+ res.setHeader(REGISTRATION_HEADER, regHeader);
55
+ res.setHeader(LEGACY_REGISTRATION_HEADER, regHeader);
56
+ const prior = res.getHeader("Set-Cookie");
57
+ const priorList = Array.isArray(prior)
58
+ ? prior.map(String)
59
+ : prior !== undefined
60
+ ? [String(prior)]
61
+ : [];
62
+ res.setHeader("Set-Cookie", [
63
+ ...priorList,
64
+ serializeCookie(COOKIES.reg, sessionId, cookieOpts(regCookieTtl, secure)),
65
+ serializeCookie(COOKIES.challenge, challenge.jti, cookieOpts(5 * 60 * 1000, secure)),
66
+ ]);
67
+ }
30
68
  export function dbsc(opts) {
31
- const { storage, fallback = "webauthn", registrationPath = "/dbsc/registration", refreshPath = "/dbsc/refresh", boundCookieTtl = DEFAULT_BOUND_TTL, registrationCookieTtl = DEFAULT_REG_TTL, rateLimiter = new NoopRateLimiter(), onEvent, secure = true, } = opts;
32
- const hmacSecret = nodeRandomBytes(32);
69
+ const { storage, registrationPath = "/dbsc/registration", refreshPath = "/dbsc/refresh", boundCookieTtl = DEFAULT_BOUND_TTL, registrationCookieTtl = DEFAULT_REG_TTL, rateLimiter = new NoopRateLimiter(), onEvent, autoBind, secure = true, } = opts;
33
70
  const COOKIES = cookieNames(secure);
34
71
  async function handleRegistrationRoute(req, res) {
35
72
  const ip = req.ip ?? "unknown";
@@ -199,9 +236,11 @@ export function dbsc(opts) {
199
236
  return;
200
237
  }
201
238
  const sessionId = req.cookies?.[COOKIES.bound];
239
+ const skipped = parseSessionSkippedHeader(req.headers);
202
240
  res.locals.dbsc = {
203
241
  sessionId: sessionId ?? null,
204
242
  tier: "none",
243
+ skipped,
205
244
  revoke: async () => {
206
245
  if (sessionId)
207
246
  await storage.revokeSession(sessionId);
@@ -209,12 +248,6 @@ export function dbsc(opts) {
209
248
  serializeCookie(COOKIES.bound, "", { ...cookieOpts(0, secure), maxAge: 0 }),
210
249
  ]);
211
250
  },
212
- requireBound: () => {
213
- if (!sessionId) {
214
- res.status(401).json({ error: "authentication required" });
215
- throw new Error("unauthenticated");
216
- }
217
- },
218
251
  };
219
252
  if (sessionId) {
220
253
  const session = await storage.getSession(sessionId);
@@ -228,6 +261,17 @@ export function dbsc(opts) {
228
261
  }
229
262
  }
230
263
  }
264
+ else if (autoBind && !(req.cookies?.[COOKIES.reg])) {
265
+ const result = await autoBind(req);
266
+ if (result) {
267
+ await bindSession(res, result.sessionId, storage, {
268
+ userId: result.userId,
269
+ secure,
270
+ registrationPath,
271
+ registrationCookieTtl,
272
+ });
273
+ }
274
+ }
231
275
  next();
232
276
  };
233
277
  }
package/dist/express/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/express/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,IAAI,eAAe,EAAE,MAAM,aAAa,CAAC;AAC7D,OAAO,EACL,kBAAkB,EAClB,aAAa,EACb,cAAc,EAEd,oBAAoB,EACpB,yBAAyB,EAEzB,gBAAgB,EAEhB,uBAAuB,EACvB,eAAe,EACf,IAAI,EACJ,iBAAiB,EACjB,qBAAqB,GAKtB,MAAM,kBAAkB,CAAC;AAE1B,MAAM,WAAW,GAAG,CAAC,MAAe,EAAE,EAAE,CAAC,CAAC;IACxC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,cAAc;IACtD,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,UAAU;IAC5C,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,gBAAgB;CAC/D,CAAC,CAAC;AAEH,MAAM,iBAAiB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AACzC,MAAM,eAAe,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAqB5C,SAAS,UAAU,CAAC,KAAa,EAAE,MAAe;IAChD,OAAO;QACL,QAAQ,EAAE,IAAI;QACd,MAAM;QACN,QAAQ,EAAE,KAAc;QACxB,MAAM,EAAE,KAAK,GAAG,IAAI;QACpB,IAAI,EAAE,GAAG;KACV,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,IAAY,EAAE,KAAa,EAAE,IAAmC;IACvF,MAAM,KAAK,GAAG,CAAC,GAAG,IAAI,IAAI,KAAK,EAAE,CAAC,CAAC;IACnC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACvB,IAAI,IAAI,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAChF,KAAK,CAAC,IAAI,CAAC,YAAY,QAAQ,EAAE,CAAC,CAAC;IACnC,KAAK,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IACrC,KAAK,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;IAChC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,IAAI,CAAC,IAAwB;IAC3C,MAAM,EACJ,OAAO,EACP,QAAQ,GAAG,UAAU,EACrB,gBAAgB,GAAG,oBAAoB,EACvC,WAAW,GAAG,eAAe,EAC7B,cAAc,GAAG,iBAAiB,EAClC,qBAAqB,GAAG,eAAe,EACvC,WAAW,GAAG,IAAI,eAAe,EAAE,EACnC,OAAO,EACP,MAAM,GAAG,IAAI,GACd,GAAG,IAAI,CAAC;IAET,MAAM,UAAU,GAAG,eAAe,CAAC,EAAE,CAAC,CAAC;IACvC,MAAM,OAAO,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IAEpC,KAAK,UAAU,uBAAuB,CAAC,GAAY,EAAE,GAAa;QAChE,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,SAAS,CAAC;QAC/B,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC;QACxD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;YAChD,OAAO;QACT,CAAC;QAED,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,CAAuB,CAAC;QACnE,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,SAAS,CAAuB,CAAC;QAE3E,IAAI,CAAC,SAAS,IAAI,CAAC,WAAW,EAAE,CAAC;YAC/B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,qCAAqC,EAAE,CAAC,CAAC;YACvE,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,kBAAkB,CACtB;gBACE,SAAS;gBACT,wBAAwB,EAAE,yBAAyB,CAAC,GAAG,CAAC,OAAwD,CAAC;gBACjH,WAAW;aACZ,EACD,OAAO,CACR,CAAC;YAEF,IAAI,CAAC,OAAO,EAAE;gBACZ,IAAI,EAAE,cAAc;gBACpB,SAAS;gBACT,IAAI,EAAE,MAAM;gBACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,SAAS,EAAE,OAAO;gBAClB,EAAE;aACH,CAAC,CAAC;YAEH,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBAC1B,eAAe,CAAC,OAAO,CAAC,KAAK,EAAE,SAAS,EAAE,UAAU,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;gBAC7E,eAAe,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;aAChF,CAAC,CAAC;YACH,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;YAClD,MAAM,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,MAAM,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACtD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,kBAAkB,EAAE,SAAS;gBAC7B,WAAW,EAAE,WAAW;gBACxB,KAAK,EAAE;oBACL,MAAM;oBACN,YAAY,EAAE,IAAI;oBAClB,mBAAmB,EAAE,EAAE;iBACxB;gBACD,WAAW,EAAE;oBACX;wBACE,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,OAAO,CAAC,KAAK;wBACnB,UAAU,EAAE,wCAAwC;qBACrD;iBACF;aACF,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,WAAW,CAAC,aAAa,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;YAE/C,IAAI,GAAG,YAAY,qBAAqB,IAAI,GAAG,YAAY,iBAAiB,EAAE,CAAC;gBAC7E,IAAI,CAAC,OAAO,EAAE;oBACZ,IAAI,EAAE,sBAAsB;oBAC5B,SAAS;oBACT,IAAI,EAAE,MAAM;oBACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;oBACrB,MAAM,EAAE,GAAG,CAAC,IAAI;oBAChB,EAAE;iBACH,CAAC,CAAC;gBACH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC7C,OAAO;YACT,CAAC;YACD,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;IAED,KAAK,UAAU,kBAAkB,CAAC,GAAY,EAAE,GAAa;QAC3D,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,SAAS,CAAC;QAC/B,MAAM,eAAe,GAAG,GAAG,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC;QAC7D,MAAM,SAAS,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC;eACnF,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAwB,CAAC;QAE1D,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACtB,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,YAAY,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;QAC9D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;YAChD,OAAO;QACT,CAAC;QAED,MAAM,cAAc,GAAG,yBAAyB,CAAC,GAAG,CAAC,OAAwD,CAAC,CAAC;QAE/G,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YAC3D,GAAG,CAAC,SAAS,CAAC,gBAAgB,EAAE,oBAAoB,CAAC,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC;YAChF,GAAG,CAAC,SAAS,CAAC,uBAAuB,EAAE,oBAAoB,CAAC,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC;YACvF,GAAG,CAAC,SAAS,CACX,YAAY,EACZ,eAAe,CAAC,OAAO,CAAC,SAAS,EAAE,SAAS,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,MAAM,CAAC,CAAC,CACrF,CAAC;YACF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACtB,OAAO;QACT,CAAC;QAED,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,SAAS,CAAuB,CAAC;QAC3E,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YAC3D,GAAG,CAAC,SAAS,CAAC,gBAAgB,EAAE,oBAAoB,CAAC,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC;YAChF,GAAG,CAAC,SAAS,CAAC,uBAAuB,EAAE,oBAAoB,CAAC,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC;YACvF,GAAG,CAAC,SAAS,CACX,YAAY,EACZ,eAAe,CAAC,OAAO,CAAC,SAAS,EAAE,SAAS,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,MAAM,CAAC,CAAC,CACrF,CAAC;YACF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACtB,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,aAAa,CAAC,EAAE,SAAS,EAAE,wBAAwB,EAAE,cAAc,EAAE,WAAW,EAAE,EAAE,OAAO,CAAC,CAAC;YAEnG,IAAI,CAAC,OAAO,EAAE;gBACZ,IAAI,EAAE,SAAS;gBACf,SAAS;gBACT,IAAI,EAAE,MAAM;gBACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,EAAE;aACH,CAAC,CAAC;YAEH,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBAC1B,eAAe,CAAC,OAAO,CAAC,KAAK,EAAE,SAAS,EAAE,UAAU,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;gBAC7E,eAAe,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;aAChF,CAAC,CAAC;YACH,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;YAClD,MAAM,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,MAAM,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACtD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,kBAAkB,EAAE,SAAS;gBAC7B,WAAW,EAAE,WAAW;gBACxB,KAAK,EAAE;oBACL,MAAM;oBACN,YAAY,EAAE,IAAI;oBAClB,mBAAmB,EAAE,EAAE;iBACxB;gBACD,WAAW,EAAE;oBACX;wBACE,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,OAAO,CAAC,KAAK;wBACnB,UAAU,EAAE,wCAAwC;qBACrD;iBACF;aACF,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,WAAW,CAAC,aAAa,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;YAE/C,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;YACzD,IAAI,WAAW,EAAE,CAAC;gBAChB,IAAI,CAAC,OAAO,EAAE;oBACZ,IAAI,EAAE,gBAAgB;oBACtB,SAAS;oBACT,IAAI,EAAE,MAAM;oBACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;oBACrB,EAAE;iBACH,CAAC,CAAC;YACL,CAAC;YAED,IAAI,GAAG,YAAY,qBAAqB,IAAI,GAAG,YAAY,iBAAiB,EAAE,CAAC;gBAC7E,IAAI,CAAC,OAAO,EAAE;oBACZ,IAAI,EAAE,sBAAsB;oBAC5B,SAAS;oBACT,IAAI,EAAE,MAAM;oBACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;oBACrB,MAAM,EAAG,GAA6B,CAAC,IAAI;oBAC3C,EAAE;iBACH,CAAC,CAAC;gBACH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC7C,OAAO;YACT,CAAC;YACD,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;IAED,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAiB,EAAE;QAC9E,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;YAC3D,MAAM,uBAAuB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YACxC,OAAO;QACT,CAAC;QAED,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;YACtD,MAAM,kBAAkB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YACnC,OAAO;QACT,CAAC;QAED,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAuB,CAAC;QAErE,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG;YAChB,SAAS,EAAE,SAAS,IAAI,IAAI;YAC5B,IAAI,EAAE,MAAM;YACZ,MAAM,EAAE,KAAK,IAAI,EAAE;gBACjB,IAAI,SAAS;oBAAE,MAAM,OAAO,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;gBACtD,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;oBAC1B,eAAe,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;iBAC5E,CAAC,CAAC;YACL,CAAC;YACD,YAAY,EAAE,GAAG,EAAE;gBACjB,IAAI,CAAC,SAAS,EAAE,CAAC;oBACf,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,yBAAyB,EAAE,CAAC,CAAC;oBAC3D,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;gBACrC,CAAC;YACH,CAAC;SACF,CAAC;QAEF,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;YACpD,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,UAAU,GAAG,OAAO,CAAC,aAAa,GAAG,cAAc,CAAC;gBAC1D,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,EAAE,CAAC;oBACvD,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC;gBAChC,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;gBACtC,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/express/index.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,kBAAkB,EAClB,aAAa,EACb,cAAc,EACd,uBAAuB,EACvB,oBAAoB,EACpB,yBAAyB,EACzB,yBAAyB,EACzB,mBAAmB,EACnB,gBAAgB,EAChB,0BAA0B,EAC1B,uBAAuB,EACvB,eAAe,EACf,IAAI,EACJ,iBAAiB,EACjB,qBAAqB,GAQtB,MAAM,kBAAkB,CAAC;AAE1B,MAAM,WAAW,GAAG,CAAC,MAAe,EAAE,EAAE,CAAC,CAAC;IACxC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,cAAc;IACtD,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,UAAU;IAC5C,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,gBAAgB;CAC/D,CAAC,CAAC;AAEH,MAAM,iBAAiB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AACzC,MAAM,eAAe,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAC5C,MAAM,mBAAmB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAqBhD,SAAS,UAAU,CAAC,KAAa,EAAE,MAAe;IAChD,OAAO;QACL,QAAQ,EAAE,IAAI;QACd,MAAM;QACN,QAAQ,EAAE,KAAc;QACxB,MAAM,EAAE,KAAK,GAAG,IAAI;QACpB,IAAI,EAAE,GAAG;KACV,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,IAAY,EAAE,KAAa,EAAE,IAAmC;IACvF,MAAM,KAAK,GAAG,CAAC,GAAG,IAAI,IAAI,KAAK,EAAE,CAAC,CAAC;IACnC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACvB,IAAI,IAAI,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAChF,KAAK,CAAC,IAAI,CAAC,YAAY,QAAQ,EAAE,CAAC,CAAC;IACnC,KAAK,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IACrC,KAAK,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;IAChC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAUD,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,GAAa,EACb,SAAiB,EACjB,OAAuB,EACvB,IAAwB;IAExB,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC;IACnC,MAAM,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,IAAI,oBAAoB,CAAC;IACvE,MAAM,YAAY,GAAG,IAAI,CAAC,qBAAqB,IAAI,eAAe,CAAC;IACnE,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,mBAAmB,CAAC;IAC1D,MAAM,OAAO,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IAEpC,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IACrD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,OAAO,CAAC,UAAU,CAAC;YACvB,EAAE,EAAE,SAAS;YACb,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,IAAI,EAAE,MAAM;YACZ,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,GAAG,GAAG,UAAU;YAC3B,aAAa,EAAE,CAAC;SACjB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC3D,MAAM,SAAS,GAAG,uBAAuB,CAAC;QACxC,WAAW,EAAE,gBAAgB;QAC7B,SAAS,EAAE,SAAS,CAAC,GAAG;QACxB,UAAU,EAAE,OAAO,CAAC,KAAK;KAC1B,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAAC,mBAAmB,EAAE,SAAS,CAAC,CAAC;IAC9C,GAAG,CAAC,SAAS,CAAC,0BAA0B,EAAE,SAAS,CAAC,CAAC;IAErD,MAAM,KAAK,GAAG,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;IAC1C,MAAM,SAAS,GAAa,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAC9C,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC;QACnB,CAAC,CAAC,KAAK,KAAK,SAAS;YACnB,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACjB,CAAC,CAAC,EAAE,CAAC;IACT,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;QAC1B,GAAG,SAAS;QACZ,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,SAAS,EAAE,UAAU,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;QACzE,eAAe,CAAC,OAAO,CAAC,SAAS,EAAE,SAAS,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,MAAM,CAAC,CAAC;KACrF,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,IAAI,CAAC,IAAwB;IAC3C,MAAM,EACJ,OAAO,EACP,gBAAgB,GAAG,oBAAoB,EACvC,WAAW,GAAG,eAAe,EAC7B,cAAc,GAAG,iBAAiB,EAClC,qBAAqB,GAAG,eAAe,EACvC,WAAW,GAAG,IAAI,eAAe,EAAE,EACnC,OAAO,EACP,QAAQ,EACR,MAAM,GAAG,IAAI,GACd,GAAG,IAAI,CAAC;IAET,MAAM,OAAO,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IAEpC,KAAK,UAAU,uBAAuB,CAAC,GAAY,EAAE,GAAa;QAChE,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,SAAS,CAAC;QAC/B,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC;QACxD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;YAChD,OAAO;QACT,CAAC;QAED,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,CAAuB,CAAC;QACnE,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,SAAS,CAAuB,CAAC;QAE3E,IAAI,CAAC,SAAS,IAAI,CAAC,WAAW,EAAE,CAAC;YAC/B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,qCAAqC,EAAE,CAAC,CAAC;YACvE,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,kBAAkB,CACtB;gBACE,SAAS;gBACT,wBAAwB,EAAE,yBAAyB,CAAC,GAAG,CAAC,OAAwD,CAAC;gBACjH,WAAW;aACZ,EACD,OAAO,CACR,CAAC;YAEF,IAAI,CAAC,OAAO,EAAE;gBACZ,IAAI,EAAE,cAAc;gBACpB,SAAS;gBACT,IAAI,EAAE,MAAM;gBACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,SAAS,EAAE,OAAO;gBAClB,EAAE;aACH,CAAC,CAAC;YAEH,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBAC1B,eAAe,CAAC,OAAO,CAAC,KAAK,EAAE,SAAS,EAAE,UAAU,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;gBAC7E,eAAe,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;aAChF,CAAC,CAAC;YACH,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;YAClD,MAAM,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,MAAM,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACtD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,kBAAkB,EAAE,SAAS;gBAC7B,WAAW,EAAE,WAAW;gBACxB,KAAK,EAAE;oBACL,MAAM;oBACN,YAAY,EAAE,IAAI;oBAClB,mBAAmB,EAAE,EAAE;iBACxB;gBACD,WAAW,EAAE;oBACX;wBACE,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,OAAO,CAAC,KAAK;wBACnB,UAAU,EAAE,wCAAwC;qBACrD;iBACF;aACF,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,WAAW,CAAC,aAAa,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;YAE/C,IAAI,GAAG,YAAY,qBAAqB,IAAI,GAAG,YAAY,iBAAiB,EAAE,CAAC;gBAC7E,IAAI,CAAC,OAAO,EAAE;oBACZ,IAAI,EAAE,sBAAsB;oBAC5B,SAAS;oBACT,IAAI,EAAE,MAAM;oBACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;oBACrB,MAAM,EAAE,GAAG,CAAC,IAAI;oBAChB,EAAE;iBACH,CAAC,CAAC;gBACH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC7C,OAAO;YACT,CAAC;YACD,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;IAED,KAAK,UAAU,kBAAkB,CAAC,GAAY,EAAE,GAAa;QAC3D,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,SAAS,CAAC;QAC/B,MAAM,eAAe,GAAG,GAAG,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC;QAC7D,MAAM,SAAS,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC;eACnF,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAwB,CAAC;QAE1D,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACtB,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,YAAY,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;QAC9D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;YAChD,OAAO;QACT,CAAC;QAED,MAAM,cAAc,GAAG,yBAAyB,CAAC,GAAG,CAAC,OAAwD,CAAC,CAAC;QAE/G,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YAC3D,GAAG,CAAC,SAAS,CAAC,gBAAgB,EAAE,oBAAoB,CAAC,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC;YAChF,GAAG,CAAC,SAAS,CAAC,uBAAuB,EAAE,oBAAoB,CAAC,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC;YACvF,GAAG,CAAC,SAAS,CACX,YAAY,EACZ,eAAe,CAAC,OAAO,CAAC,SAAS,EAAE,SAAS,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,MAAM,CAAC,CAAC,CACrF,CAAC;YACF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACtB,OAAO;QACT,CAAC;QAED,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,SAAS,CAAuB,CAAC;QAC3E,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YAC3D,GAAG,CAAC,SAAS,CAAC,gBAAgB,EAAE,oBAAoB,CAAC,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC;YAChF,GAAG,CAAC,SAAS,CAAC,uBAAuB,EAAE,oBAAoB,CAAC,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC;YACvF,GAAG,CAAC,SAAS,CACX,YAAY,EACZ,eAAe,CAAC,OAAO,CAAC,SAAS,EAAE,SAAS,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,MAAM,CAAC,CAAC,CACrF,CAAC;YACF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACtB,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,aAAa,CAAC,EAAE,SAAS,EAAE,wBAAwB,EAAE,cAAc,EAAE,WAAW,EAAE,EAAE,OAAO,CAAC,CAAC;YAEnG,IAAI,CAAC,OAAO,EAAE;gBACZ,IAAI,EAAE,SAAS;gBACf,SAAS;gBACT,IAAI,EAAE,MAAM;gBACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,EAAE;aACH,CAAC,CAAC;YAEH,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBAC1B,eAAe,CAAC,OAAO,CAAC,KAAK,EAAE,SAAS,EAAE,UAAU,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;gBAC7E,eAAe,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;aAChF,CAAC,CAAC;YACH,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;YAClD,MAAM,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,MAAM,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACtD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,kBAAkB,EAAE,SAAS;gBAC7B,WAAW,EAAE,WAAW;gBACxB,KAAK,EAAE;oBACL,MAAM;oBACN,YAAY,EAAE,IAAI;oBAClB,mBAAmB,EAAE,EAAE;iBACxB;gBACD,WAAW,EAAE;oBACX;wBACE,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,OAAO,CAAC,KAAK;wBACnB,UAAU,EAAE,wCAAwC;qBACrD;iBACF;aACF,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,WAAW,CAAC,aAAa,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;YAE/C,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;YACzD,IAAI,WAAW,EAAE,CAAC;gBAChB,IAAI,CAAC,OAAO,EAAE;oBACZ,IAAI,EAAE,gBAAgB;oBACtB,SAAS;oBACT,IAAI,EAAE,MAAM;oBACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;oBACrB,EAAE;iBACH,CAAC,CAAC;YACL,CAAC;YAED,IAAI,GAAG,YAAY,qBAAqB,IAAI,GAAG,YAAY,iBAAiB,EAAE,CAAC;gBAC7E,IAAI,CAAC,OAAO,EAAE;oBACZ,IAAI,EAAE,sBAAsB;oBAC5B,SAAS;oBACT,IAAI,EAAE,MAAM;oBACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;oBACrB,MAAM,EAAG,GAA6B,CAAC,IAAI;oBAC3C,EAAE;iBACH,CAAC,CAAC;gBACH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC7C,OAAO;YACT,CAAC;YACD,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;IAED,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAiB,EAAE;QAC9E,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;YAC3D,MAAM,uBAAuB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YACxC,OAAO;QACT,CAAC;QAED,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;YACtD,MAAM,kBAAkB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YACnC,OAAO;QACT,CAAC;QAED,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAuB,CAAC;QACrE,MAAM,OAAO,GAAG,yBAAyB,CAAC,GAAG,CAAC,OAAwD,CAAC,CAAC;QAExG,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG;YAChB,SAAS,EAAE,SAAS,IAAI,IAAI;YAC5B,IAAI,EAAE,MAAM;YACZ,OAAO;YACP,MAAM,EAAE,KAAK,IAAI,EAAE;gBACjB,IAAI,SAAS;oBAAE,MAAM,OAAO,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;gBACtD,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;oBAC1B,eAAe,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;iBAC5E,CAAC,CAAC;YACL,CAAC;SACF,CAAC;QAEF,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;YACpD,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,UAAU,GAAG,OAAO,CAAC,aAAa,GAAG,cAAc,CAAC;gBAC1D,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,EAAE,CAAC;oBACvD,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC;gBAChC,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;gBACtC,CAAC;YACH,CAAC;QACH,CAAC;aAAM,IAAI,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YACrD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,CAAC;YACnC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,WAAW,CAAC,GAAG,EAAE,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE;oBAChD,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,MAAM;oBACN,gBAAgB;oBAChB,qBAAqB;iBACtB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC"}
package/dist/fastify/index.d.ts CHANGED
@@ -1,11 +1,12 @@
1
- import type { FastifyPluginAsync } from "fastify";
1
+ import type { FastifyPluginAsync, FastifyReply } from "fastify";
2
2
  import "@fastify/cookie";
3
- import { type DbscOptions, type ProtectionTier } from "../core/index.js";
3
+ import { type DbscOptions, type StorageAdapter, type ProtectionTier, type SkippedEntry } from "../core/index.js";
4
4
  declare module "fastify" {
5
5
  interface FastifyRequest {
6
6
  dbsc: {
7
7
  sessionId: string | null;
8
8
  tier: ProtectionTier;
9
+ skipped: SkippedEntry[];
9
10
  revoke(): Promise<void>;
10
11
  };
11
12
  }
@@ -13,5 +14,13 @@ declare module "fastify" {
13
14
  export interface DbscFastifyOptions extends DbscOptions {
14
15
  secure?: boolean;
15
16
  }
17
+ export interface BindSessionOptions {
18
+ userId: string;
19
+ secure?: boolean;
20
+ registrationPath?: string;
21
+ registrationCookieTtl?: number;
22
+ sessionTtl?: number;
23
+ }
24
+ export declare function bindSession(reply: FastifyReply, sessionId: string, storage: StorageAdapter, opts: BindSessionOptions): Promise<void>;
16
25
  export declare const dbsc: FastifyPluginAsync<DbscFastifyOptions>;
17
26
  //# sourceMappingURL=index.d.ts.map
package/dist/fastify/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/fastify/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAgC,MAAM,SAAS,CAAC;AAEhF,OAAO,iBAAiB,CAAC;AACzB,OAAO,EAYL,KAAK,WAAW,EAChB,KAAK,cAAc,EACpB,MAAM,kBAAkB,CAAC;AAE1B,OAAO,QAAQ,SAAS,CAAC;IACvB,UAAU,cAAc;QACtB,IAAI,EAAE;YACJ,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;YACzB,IAAI,EAAE,cAAc,CAAC;YACrB,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;SACzB,CAAC;KACH;CACF;AAQD,MAAM,WAAW,kBAAmB,SAAQ,WAAW;IACrD,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAoLD,eAAO,MAAM,IAAI,wCAA2D,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/fastify/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAkB,YAAY,EAAE,MAAM,SAAS,CAAC;AAEhF,OAAO,iBAAiB,CAAC;AACzB,OAAO,EAgBL,KAAK,WAAW,EAChB,KAAK,cAAc,EACnB,KAAK,cAAc,EACnB,KAAK,YAAY,EAClB,MAAM,kBAAkB,CAAC;AAE1B,OAAO,QAAQ,SAAS,CAAC;IACvB,UAAU,cAAc;QACtB,IAAI,EAAE;YACJ,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;YACzB,IAAI,EAAE,cAAc,CAAC;YACrB,OAAO,EAAE,YAAY,EAAE,CAAC;YACxB,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;SACzB,CAAC;KACH;CACF;AAYD,MAAM,WAAW,kBAAmB,SAAQ,WAAW;IACrD,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,wBAAsB,WAAW,CAC/B,KAAK,EAAE,YAAY,EACnB,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,cAAc,EACvB,IAAI,EAAE,kBAAkB,GACvB,OAAO,CAAC,IAAI,CAAC,CAsCf;AAoMD,eAAO,MAAM,IAAI,wCAA2D,CAAC"}