hono 4.5.10 → 4.6.0

package/dist/context.js

@@ -59,16 +59,30 @@ var Context = class {
   set res(_res) {
     this.#isFresh = false;
     if (this.#res && _res) {
-      this.#res.headers.delete("content-type");
-      for (const [k, v] of this.#res.headers.entries()) {
-        if (k === "set-cookie") {
-          const cookies = this.#res.headers.getSetCookie();
-          _res.headers.delete("set-cookie");
-          for (const cookie of cookies) {
-            _res.headers.append("set-cookie", cookie);
+      try {
+        for (const [k, v] of this.#res.headers.entries()) {
+          if (k === "content-type") {
+            continue;
           }
+          if (k === "set-cookie") {
+            const cookies = this.#res.headers.getSetCookie();
+            _res.headers.delete("set-cookie");
+            for (const cookie of cookies) {
+              _res.headers.append("set-cookie", cookie);
+            }
+          } else {
+            _res.headers.set(k, v);
+          }
+        }
+      } catch (e) {
+        if (e instanceof TypeError && e.message.includes("immutable")) {
+          this.res = new Response(_res.body, {
+            headers: _res.headers,
+            status: _res.status
+          });
+          return;
         } else {
-          _res.headers.set(k, v);
+          throw e;
         }
       }
     }
@@ -212,14 +226,9 @@ var Context = class {
     this.#preparedHeaders ??= {};
     this.#preparedHeaders["content-type"] = "text/html; charset=UTF-8";
     if (typeof html === "object") {
-      if (!(html instanceof Promise)) {
-        html = html.toString();
-      }
-      if (html instanceof Promise) {
-        return html.then((html2) => resolveCallback(html2, HtmlEscapedCallbackPhase.Stringify, false, {})).then((html2) => {
-          return typeof arg === "number" ? this.newResponse(html2, arg, headers) : this.newResponse(html2, arg);
-        });
-      }
+      return resolveCallback(html, HtmlEscapedCallbackPhase.Stringify, false, {}).then((html2) => {
+        return typeof arg === "number" ? this.newResponse(html2, arg, headers) : this.newResponse(html2, arg);
+      });
     }
     return typeof arg === "number" ? this.newResponse(html, arg, headers) : this.newResponse(html, arg);
   };

package/dist/helper/streaming/sse.js

@@ -1,16 +1,18 @@
 // src/helper/streaming/sse.ts
 import { StreamingApi } from "../../utils/stream.js";
+import { HtmlEscapedCallbackPhase, resolveCallback } from "../../utils/html.js";
 var SSEStreamingApi = class extends StreamingApi {
   constructor(writable, readable) {
     super(writable, readable);
   }
   async writeSSE(message) {
-    const data = message.data.split("\n").map((line) => {
+    const data = await resolveCallback(message.data, HtmlEscapedCallbackPhase.Stringify, false, {});
+    const dataLines = data.split("\n").map((line) => {
       return `data: ${line}`;
     }).join("\n");
     const sseData = [
       message.event && `event: ${message.event}`,
-      data,
+      dataLines,
       message.id && `id: ${message.id}`,
       message.retry && `retry: ${message.retry}`
     ].filter(Boolean).join("\n") + "\n\n";

package/dist/jsx/base.js

@@ -234,7 +234,7 @@ var jsxFn = (tag, props, children) => {
       props,
       children
     );
-  } else if (tag === "svg") {
+  } else if (tag === "svg" || tag === "head") {
     nameSpaceContext ||= createContext("");
     return new JSXNode(tag, props, [
       new JSXFunctionNode(

package/dist/jsx/components.js

@@ -48,11 +48,11 @@ var ErrorBoundary = async ({ children, fallback, fallbackRender, onError }) => {
     const index = errorBoundaryCounter++;
     const replaceRe = RegExp(`(<template id="E:${index}"></template>.*?)(.*?)(<!--E:${index}-->)`);
     const caught = false;
-    const catchCallback = ({ error, buffer }) => {
+    const catchCallback = ({ error: error2, buffer }) => {
       if (caught) {
         return "";
       }
-      const fallbackResString = fallbackRes(error);
+      const fallbackResString = fallbackRes(error2);
       if (buffer) {
         buffer[0] = buffer[0].replace(replaceRe, fallbackResString);
       }
@@ -66,12 +66,17 @@ d.replaceWith(c.content)
 })(document)
 <\/script>`;
     };
+    let error;
+    const promiseAll = Promise.all(resArray).catch((e) => error = e);
     return raw(`<template id="E:${index}"></template><!--E:${index}-->`, [
       ({ phase, buffer, context }) => {
         if (phase === HtmlEscapedCallbackPhase.BeforeStream) {
           return;
         }
-        return Promise.all(resArray).then(async (htmlArray) => {
+        return promiseAll.then(async (htmlArray) => {
+          if (error) {
+            throw error;
+          }
           htmlArray = htmlArray.flat();
           const content = htmlArray.join("");
           let html = buffer ? "" : `<template data-hono-target="E:${index}">${content}</template><script>
@@ -127,10 +132,10 @@ d.remove()
 <\/script>`),
                 content2.callbacks
               );
-            }).catch((error) => catchCallback({ error, buffer }))
+            }).catch((error2) => catchCallback({ error: error2, buffer }))
           );
           return raw(html, promises);
-        }).catch((error) => catchCallback({ error, buffer }));
+        }).catch((error2) => catchCallback({ error: error2, buffer }));
       }
     ]);
   } else {

package/dist/jsx/intrinsic-element/components.js

@@ -78,8 +78,15 @@ var documentMetadataTag = (tag, children, props, sort) => {
 };
 var title = ({ children, ...props }) => {
   const nameSpaceContext = getNameSpaceContext();
-  if (nameSpaceContext && useContext(nameSpaceContext) === "svg") {
-    new JSXNode("title", props, toArray(children ?? []));
+  if (nameSpaceContext) {
+    const context = useContext(nameSpaceContext);
+    if (context === "svg" || context === "head") {
+      return new JSXNode(
+        "title",
+        props,
+        toArray(children ?? [])
+      );
+    }
   }
   return documentMetadataTag("title", children, props, false);
 };
@@ -87,7 +94,8 @@ var script = ({
   children,
   ...props
 }) => {
-  if (["src", "async"].some((k) => !props[k])) {
+  const nameSpaceContext = getNameSpaceContext();
+  if (["src", "async"].some((k) => !props[k]) || nameSpaceContext && useContext(nameSpaceContext) === "head") {
     return returnWithoutSpecialBehavior("script", children, props);
   }
   return documentMetadataTag("script", children, props, false);
@@ -110,6 +118,10 @@ var link = ({ children, ...props }) => {
   return documentMetadataTag("link", children, props, "precedence" in props);
 };
 var meta = ({ children, ...props }) => {
+  const nameSpaceContext = getNameSpaceContext();
+  if (nameSpaceContext && useContext(nameSpaceContext) === "head") {
+    return returnWithoutSpecialBehavior("meta", children, props);
+  }
   return documentMetadataTag("meta", children, props, false);
 };
 var newJSXNode = (tag, { children, ...props }) => new JSXNode(tag, props, toArray(children ?? []));

package/dist/middleware/basic-auth/index.js

@@ -1,25 +1,7 @@
 // src/middleware/basic-auth/index.ts
 import { HTTPException } from "../../http-exception.js";
+import { auth } from "../../utils/basic-auth.js";
 import { timingSafeEqual } from "../../utils/buffer.js";
-import { decodeBase64 } from "../../utils/encode.js";
-var CREDENTIALS_REGEXP = /^ *(?:[Bb][Aa][Ss][Ii][Cc]) +([A-Za-z0-9._~+/-]+=*) *$/;
-var USER_PASS_REGEXP = /^([^:]*):(.*)$/;
-var utf8Decoder = new TextDecoder();
-var auth = (req) => {
-  const match = CREDENTIALS_REGEXP.exec(req.header("Authorization") || "");
-  if (!match) {
-    return void 0;
-  }
-  let userPass = void 0;
-  try {
-    userPass = USER_PASS_REGEXP.exec(utf8Decoder.decode(decodeBase64(match[1])));
-  } catch {
-  }
-  if (!userPass) {
-    return void 0;
-  }
-  return { username: userPass[1], password: userPass[2] };
-};
 var basicAuth = (options, ...users) => {
   const usernamePasswordInOptions = "username" in options && "password" in options;
   const verifyUserInOptions = "verifyUser" in options;
@@ -31,11 +13,14 @@ var basicAuth = (options, ...users) => {
   if (!options.realm) {
     options.realm = "Secure Area";
   }
+  if (!options.invalidUserMessage) {
+    options.invalidUserMessage = "Unauthorized";
+  }
   if (usernamePasswordInOptions) {
     users.unshift({ username: options.username, password: options.password });
   }
   return async function basicAuth2(ctx, next) {
-    const requestUser = auth(ctx.req);
+    const requestUser = auth(ctx.req.raw);
     if (requestUser) {
       if (verifyUserInOptions) {
         if (await options.verifyUser(requestUser.username, requestUser.password, ctx)) {
@@ -55,13 +40,19 @@ var basicAuth = (options, ...users) => {
         }
       }
     }
-    const res = new Response("Unauthorized", {
-      status: 401,
+    const status = 401;
+    const headers = {
+      "WWW-Authenticate": 'Basic realm="' + options.realm?.replace(/"/g, '\\"') + '"'
+    };
+    const responseMessage = typeof options.invalidUserMessage === "function" ? await options.invalidUserMessage(ctx) : options.invalidUserMessage;
+    const res = typeof responseMessage === "string" ? new Response(responseMessage, { status, headers }) : new Response(JSON.stringify(responseMessage), {
+      status,
       headers: {
-        "WWW-Authenticate": 'Basic realm="' + options.realm?.replace(/"/g, '\\"') + '"'
+        ...headers,
+        "content-type": "application/json; charset=UTF-8"
       }
     });
-    throw new HTTPException(401, { res });
+    throw new HTTPException(status, { res });
   };
 };
 export {

package/dist/middleware/bearer-auth/index.js

@@ -18,26 +18,38 @@ var bearerAuth = (options) => {
   const prefixRegexStr = options.prefix === "" ? "" : `${options.prefix} +`;
   const regexp = new RegExp(`^${prefixRegexStr}(${TOKEN_STRINGS}) *$`);
   const wwwAuthenticatePrefix = options.prefix === "" ? "" : `${options.prefix} `;
+  const throwHTTPException = async (c, status, wwwAuthenticateHeader, messageOption) => {
+    const headers = {
+      "WWW-Authenticate": wwwAuthenticateHeader
+    };
+    const responseMessage = typeof messageOption === "function" ? await messageOption(c) : messageOption;
+    const res = typeof responseMessage === "string" ? new Response(responseMessage, { status, headers }) : new Response(JSON.stringify(responseMessage), {
+      status,
+      headers: {
+        ...headers,
+        "content-type": "application/json; charset=UTF-8"
+      }
+    });
+    throw new HTTPException(status, { res });
+  };
   return async function bearerAuth2(c, next) {
     const headerToken = c.req.header(options.headerName || HEADER);
     if (!headerToken) {
-      const res = new Response("Unauthorized", {
-        status: 401,
-        headers: {
-          "WWW-Authenticate": `${wwwAuthenticatePrefix}realm="` + realm + '"'
-        }
-      });
-      throw new HTTPException(401, { res });
+      await throwHTTPException(
+        c,
+        401,
+        `${wwwAuthenticatePrefix}realm="${realm}"`,
+        options.noAuthenticationHeaderMessage || "Unauthorized"
+      );
     } else {
       const match = regexp.exec(headerToken);
       if (!match) {
-        const res = new Response("Bad Request", {
-          status: 400,
-          headers: {
-            "WWW-Authenticate": `${wwwAuthenticatePrefix}error="invalid_request"`
-          }
-        });
-        throw new HTTPException(400, { res });
+        await throwHTTPException(
+          c,
+          400,
+          `${wwwAuthenticatePrefix}error="invalid_request"`,
+          options.invalidAuthenticationHeaderMessage || "Bad Request"
+        );
       } else {
         let equal = false;
         if ("verifyToken" in options) {
@@ -53,13 +65,12 @@ var bearerAuth = (options) => {
           }
         }
         if (!equal) {
-          const res = new Response("Unauthorized", {
-            status: 401,
-            headers: {
-              "WWW-Authenticate": `${wwwAuthenticatePrefix}error="invalid_token"`
-            }
-          });
-          throw new HTTPException(401, { res });
+          await throwHTTPException(
+            c,
+            401,
+            `${wwwAuthenticatePrefix}error="invalid_token"`,
+            options.invalidTokenMessage || "Unauthorized"
+          );
         }
       }
     }

package/dist/middleware/context-storage/index.js

@@ -0,0 +1,19 @@
+// src/middleware/context-storage/index.ts
+import { AsyncLocalStorage } from "node:async_hooks";
+var asyncLocalStorage = new AsyncLocalStorage();
+var contextStorage = () => {
+  return async function contextStorage2(c, next) {
+    await asyncLocalStorage.run(c, next);
+  };
+};
+var getContext = () => {
+  const context = asyncLocalStorage.getStore();
+  if (!context) {
+    throw new Error("Context is not available");
+  }
+  return context;
+};
+export {
+  contextStorage,
+  getContext
+};

package/dist/middleware/jsx-renderer/index.js

@@ -21,6 +21,7 @@ var createRenderer = (c, Layout, component, options) => (children, props) => {
     if (options.stream === true) {
       c.header("Transfer-Encoding", "chunked");
       c.header("Content-Type", "text/html; charset=UTF-8");
+      c.header("Content-Encoding", "Identity");
     } else {
       for (const [key, value] of Object.entries(options.stream)) {
         c.header(key, value);

package/dist/middleware/secure-headers/secure-headers.js

@@ -27,7 +27,8 @@ var DEFAULT_OPTIONS = {
   xFrameOptions: true,
   xPermittedCrossDomainPolicies: true,
   xXssProtection: true,
-  removePoweredBy: true
+  removePoweredBy: true,
+  permissionsPolicy: {}
 };
 var generateNonce = () => {
   const buffer = new Uint8Array(16);
@@ -53,6 +54,12 @@ var secureHeaders = (customOptions) => {
     }
     headersToSet.push(["Content-Security-Policy", value]);
   }
+  if (options.permissionsPolicy && Object.keys(options.permissionsPolicy).length > 0) {
+    headersToSet.push([
+      "Permissions-Policy",
+      getPermissionsPolicyDirectives(options.permissionsPolicy)
+    ]);
+  }
   if (options.reportingEndpoints) {
     headersToSet.push(["Reporting-Endpoints", getReportingEndpoints(options.reportingEndpoints)]);
   }
@@ -112,6 +119,28 @@ function getCSPDirectives(contentSecurityPolicy) {
     resultValues
   ];
 }
+function getPermissionsPolicyDirectives(policy) {
+  return Object.entries(policy).map(([directive, value]) => {
+    const kebabDirective = camelToKebab(directive);
+    if (typeof value === "boolean") {
+      return `${kebabDirective}=${value ? "*" : "none"}`;
+    }
+    if (Array.isArray(value)) {
+      if (value.length === 0) {
+        return `${kebabDirective}=()`;
+      }
+      if (value.length === 1 && (value[0] === "*" || value[0] === "none")) {
+        return `${kebabDirective}=${value[0]}`;
+      }
+      const allowlist = value.map((item) => ["self", "src"].includes(item) ? item : `"${item}"`);
+      return `${kebabDirective}=(${allowlist.join(" ")})`;
+    }
+    return "";
+  }).filter(Boolean).join(", ");
+}
+function camelToKebab(str) {
+  return str.replace(/([a-z\d])([A-Z])/g, "$1-$2").toLowerCase();
+}
 function getReportingEndpoints(reportingEndpoints = []) {
   return reportingEndpoints.map((endpoint) => `${endpoint.name}="${endpoint.url}"`).join(", ");
 }

package/dist/middleware/serve-static/index.js

@@ -1,6 +1,11 @@
 // src/middleware/serve-static/index.ts
 import { getFilePath, getFilePathWithoutDefaultDocument } from "../../utils/filepath.js";
 import { getMimeType } from "../../utils/mime.js";
+var ENCODINGS = {
+  br: ".br",
+  zstd: ".zst",
+  gzip: ".gz"
+};
 var DEFAULT_DOCUMENT = "index.html";
 var defaultPathResolve = (path) => path;
 var serveStatic = (options) => {
@@ -18,7 +23,7 @@ var serveStatic = (options) => {
         root
       });
       if (path2 && await options.isDir(path2)) {
-        filename = filename + "/";
+        filename += "/";
       }
     }
     let path = getFilePath({
@@ -34,34 +39,46 @@ var serveStatic = (options) => {
     path = pathResolve(path);
     let content = await getContent(path, c);
     if (!content) {
-      let pathWithOutDefaultDocument = getFilePathWithoutDefaultDocument({
+      let pathWithoutDefaultDocument = getFilePathWithoutDefaultDocument({
         filename,
         root
       });
-      if (!pathWithOutDefaultDocument) {
+      if (!pathWithoutDefaultDocument) {
         return await next();
       }
-      pathWithOutDefaultDocument = pathResolve(pathWithOutDefaultDocument);
-      if (pathWithOutDefaultDocument !== path) {
-        content = await getContent(pathWithOutDefaultDocument, c);
+      pathWithoutDefaultDocument = pathResolve(pathWithoutDefaultDocument);
+      if (pathWithoutDefaultDocument !== path) {
+        content = await getContent(pathWithoutDefaultDocument, c);
         if (content) {
-          path = pathWithOutDefaultDocument;
+          path = pathWithoutDefaultDocument;
         }
       }
     }
     if (content instanceof Response) {
       return c.newResponse(content.body, content);
     }
+    const mimeType = options.mimes ? getMimeType(path, options.mimes) ?? getMimeType(path) : getMimeType(path);
+    if (mimeType) {
+      c.header("Content-Type", mimeType);
+    }
     if (content) {
-      let mimeType;
-      if (options.mimes) {
-        mimeType = getMimeType(path, options.mimes) ?? getMimeType(path);
-      } else {
-        mimeType = getMimeType(path);
-      }
-      if (mimeType) {
-        c.header("Content-Type", mimeType);
+      if (options.precompressed) {
+        const acceptEncodings = c.req.header("Accept-Encoding")?.split(",").map((encoding) => encoding.trim()).filter(
+          (encoding) => Object.hasOwn(ENCODINGS, encoding)
+        ).sort(
+          (a, b) => Object.keys(ENCODINGS).indexOf(a) - Object.keys(ENCODINGS).indexOf(b)
+        ) ?? [];
+        for (const encoding of acceptEncodings) {
+          const compressedContent = await getContent(path + ENCODINGS[encoding], c);
+          if (compressedContent) {
+            content = compressedContent;
+            c.header("Content-Encoding", encoding);
+            c.header("Vary", "Accept-Encoding", { append: true });
+            break;
+          }
+        }
       }
+      await options.onFound?.(path, c);
       return c.body(content);
     }
     await options.onNotFound?.(path, c);

package/dist/types/adapter/bun/websocket.d.ts

@@ -10,16 +10,14 @@ interface BunWebSocketHandler<T> {
     close(ws: BunServerWebSocket<T>, code?: number, reason?: string): void;
     message(ws: BunServerWebSocket<T>, message: string | Uint8Array): void;
 }
-interface CreateWebSocket {
-    (): {
-        upgradeWebSocket: UpgradeWebSocket;
-        websocket: BunWebSocketHandler<BunWebSocketData>;
-    };
+interface CreateWebSocket<T> {
+    upgradeWebSocket: UpgradeWebSocket<T>;
+    websocket: BunWebSocketHandler<BunWebSocketData>;
 }
 export interface BunWebSocketData {
     connId: number;
     url: URL;
     protocol: string;
 }
-export declare const createBunWebSocket: CreateWebSocket;
+export declare const createBunWebSocket: <T>() => CreateWebSocket<T>;
 export {};

package/dist/types/adapter/cloudflare-pages/handler.d.ts

@@ -1,7 +1,7 @@
 import type { Hono } from '../../hono';
 import type { BlankSchema, Env, Input, MiddlewareHandler, Schema } from '../../types';
 type Params<P extends string = any> = Record<P, string | string[]>;
-export type EventContext<Env = {}, P extends string = any, Data = {}> = {
+export type EventContext<Env = {}, P extends string = any, Data = Record<string, unknown>> = {
     request: Request;
     functionPath: string;
     waitUntil: (promise: Promise<unknown>) => void;
@@ -17,7 +17,11 @@ export type EventContext<Env = {}, P extends string = any, Data = {}> = {
 };
 declare type PagesFunction<Env = unknown, Params extends string = any, Data extends Record<string, unknown> = Record<string, unknown>> = (context: EventContext<Env, Params, Data>) => Response | Promise<Response>;
 export declare const handle: <E extends Env = Env, S extends Schema = BlankSchema, BasePath extends string = "/">(app: Hono<E, S, BasePath>) => PagesFunction<E["Bindings"], any, Record<string, unknown>>;
-export declare function handleMiddleware<E extends Env = any, P extends string = any, I extends Input = {}>(middleware: MiddlewareHandler<E, P, I>): PagesFunction<E['Bindings']>;
+export declare function handleMiddleware<E extends Env = {}, P extends string = any, I extends Input = {}>(middleware: MiddlewareHandler<E & {
+    Bindings: {
+        eventContext: EventContext;
+    };
+}, P, I>): PagesFunction<E['Bindings']>;
 /**
  *
  * @description `serveStatic()` is for advanced mode:

package/dist/types/adapter/cloudflare-workers/websocket.d.ts

@@ -1,2 +1,2 @@
 import type { UpgradeWebSocket } from '../../helper/websocket';
-export declare const upgradeWebSocket: UpgradeWebSocket;
+export declare const upgradeWebSocket: UpgradeWebSocket<WebSocket>;

package/dist/types/adapter/deno/websocket.d.ts

@@ -18,4 +18,4 @@ export interface UpgradeWebSocketOptions {
      */
     idleTimeout?: number;
 }
-export declare const upgradeWebSocket: UpgradeWebSocket<UpgradeWebSocketOptions>;
+export declare const upgradeWebSocket: UpgradeWebSocket<WebSocket, UpgradeWebSocketOptions>;

package/dist/types/helper/streaming/sse.d.ts

@@ -1,7 +1,7 @@
 import type { Context } from '../../context';
 import { StreamingApi } from '../../utils/stream';
 export interface SSEMessage {
-    data: string;
+    data: string | Promise<string>;
     event?: string;
     id?: string;
     retry?: number;

package/dist/types/helper/websocket/index.d.ts

@@ -7,24 +7,24 @@ import type { MiddlewareHandler } from '../../types';
 /**
  * WebSocket Event Listeners type
  */
-export interface WSEvents {
-    onOpen?: (evt: Event, ws: WSContext) => void;
-    onMessage?: (evt: MessageEvent<WSMessageReceive>, ws: WSContext) => void;
-    onClose?: (evt: CloseEvent, ws: WSContext) => void;
-    onError?: (evt: Event, ws: WSContext) => void;
+export interface WSEvents<T = unknown> {
+    onOpen?: (evt: Event, ws: WSContext<T>) => void;
+    onMessage?: (evt: MessageEvent<WSMessageReceive>, ws: WSContext<T>) => void;
+    onClose?: (evt: CloseEvent, ws: WSContext<T>) => void;
+    onError?: (evt: Event, ws: WSContext<T>) => void;
 }
 /**
  * Upgrade WebSocket Type
  */
-export type UpgradeWebSocket<T = any> = (createEvents: (c: Context) => WSEvents | Promise<WSEvents>, options?: T) => MiddlewareHandler<any, string, {
+export type UpgradeWebSocket<T = unknown, U = any> = (createEvents: (c: Context) => WSEvents<T> | Promise<WSEvents<T>>, options?: U) => MiddlewareHandler<any, string, {
     outputFormat: 'ws';
 }>;
 export type WSReadyState = 0 | 1 | 2 | 3;
-export type WSContext = {
+export type WSContext<T = unknown> = {
     send(source: string | ArrayBuffer | Uint8Array, options?: {
         compress: boolean;
     }): void;
-    raw?: unknown;
+    raw?: T;
     binaryType: BinaryType;
     readyState: WSReadyState;
     url: URL | null;

package/dist/types/middleware/basic-auth/index.d.ts

@@ -4,15 +4,18 @@
  */
 import type { Context } from '../../context';
 import type { MiddlewareHandler } from '../../types';
+type MessageFunction = (c: Context) => string | object | Promise<string | object>;
 type BasicAuthOptions = {
     username: string;
     password: string;
     realm?: string;
     hashFunction?: Function;
+    invalidUserMessage?: string | object | MessageFunction;
 } | {
     verifyUser: (username: string, password: string, c: Context) => boolean | Promise<boolean>;
     realm?: string;
     hashFunction?: Function;
+    invalidUserMessage?: string | object | MessageFunction;
 };
 /**
  * Basic Auth Middleware for Hono.
@@ -25,6 +28,7 @@ type BasicAuthOptions = {
  * @param {string} [options.realm="Secure Area"] - The realm attribute for the WWW-Authenticate header.
  * @param {Function} [options.hashFunction] - The hash function used for secure comparison.
  * @param {Function} [options.verifyUser] - The function to verify user credentials.
+ * @param {string | object | MessageFunction} [options.invalidUserMessage="Unauthorized"] - The invalid user message.
  * @returns {MiddlewareHandler} The middleware handler function.
  * @throws {HTTPException} If neither "username and password" nor "verifyUser" options are provided.
  *

package/dist/types/middleware/bearer-auth/index.d.ts

@@ -4,18 +4,25 @@
  */
 import type { Context } from '../../context';
 import type { MiddlewareHandler } from '../../types';
+type MessageFunction = (c: Context) => string | object | Promise<string | object>;
 type BearerAuthOptions = {
     token: string | string[];
     realm?: string;
     prefix?: string;
     headerName?: string;
     hashFunction?: Function;
+    noAuthenticationHeaderMessage?: string | object | MessageFunction;
+    invalidAuthenticationHeaderMessage?: string | object | MessageFunction;
+    invalidTokenMessage?: string | object | MessageFunction;
 } | {
     realm?: string;
     prefix?: string;
     headerName?: string;
     verifyToken: (token: string, c: Context) => boolean | Promise<boolean>;
     hashFunction?: Function;
+    noAuthenticationHeaderMessage?: string | object | MessageFunction;
+    invalidAuthenticationHeaderMessage?: string | object | MessageFunction;
+    invalidTokenMessage?: string | object | MessageFunction;
 };
 /**
  * Bearer Auth Middleware for Hono.
@@ -29,6 +36,9 @@ type BearerAuthOptions = {
  * @param {string} [options.prefix="Bearer"] - The prefix (or known as `schema`) for the Authorization header value. If set to the empty string, no prefix is expected.
  * @param {string} [options.headerName=Authorization] - The header name.
  * @param {Function} [options.hashFunction] - A function to handle hashing for safe comparison of authentication tokens.
+ * @param {string | object | MessageFunction} [options.noAuthenticationHeaderMessage="Unauthorized"] - The no authentication header message.
+ * @param {string | object | MessageFunction} [options.invalidAuthenticationHeaderMeasage="Bad Request"] - The invalid authentication header message.
+ * @param {string | object | MessageFunction} [options.invalidTokenMessage="Unauthorized"] - The invalid token message.
  * @returns {MiddlewareHandler} The middleware handler function.
  * @throws {Error} If neither "token" nor "verifyToken" options are provided.
  * @throws {HTTPException} If authentication fails, with 401 status code for missing or invalid token, or 400 status code for invalid request.