npm - mongoku - Versions diffs - 2.8.1-compat → 2.9.0-compat - Mend

mongoku 2.8.1-compat → 2.9.0-compat

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (398) hide show

package/build/server/chunks/{_server.ts-CNiqI4C6.js.map → _server.ts-CEBmCzTO.js.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"_server.ts-~~CNiqI4C6~~.js","sources":["../../../.svelte-kit/adapter-node/entries/endpoints/auth/callback/_server.ts.js"],"sourcesContent":["import { b as base } from \"../../../../chunks/server.js\";\nimport \"../../../../chunks/url.js\";\nimport \"@sveltejs/kit/internal/server\";\nimport \"../../../../chunks/root.js\";\nimport { g as getOAuthConfig, c as cookieOptions, e as exchangeCode, a as getCallbackUrl, b as extractUserFromIdToken, d as checkRequiredClaim, f as createSessionCookie, h as OAUTH_RETURN_COOKIE, s as sanitizeOAuthReturnPath } from \"../../../../chunks/oauth.js\";\nimport { redirect, error } from \"@sveltejs/kit\";\nconst GET = async ({ url, cookies }) => {\n const config = await getOAuthConfig();\n if (!config) {\n redirect(302, `${base}/`);\n }\n const oauthError = url.searchParams.get(\"error\");\n if (oauthError) {\n error(403, url.searchParams.get(\"error_description\") \|\| oauthError);\n }\n const code = url.searchParams.get(\"code\");\n const state = url.searchParams.get(\"state\");\n if (!code \|\| !state) {\n error(400, \"Missing code or state parameter\");\n }\n const storedState = cookies.get(\"mongoku_pkce_state\");\n const storedVerifier = cookies.get(\"mongoku_pkce_verifier\");\n if (!storedState \|\| !storedVerifier) {\n error(400, \"Missing OAuth cookies — please try logging in again\");\n }\n if (state !== storedState) {\n error(403, \"Invalid OAuth state\");\n }\n cookies.delete(\"mongoku_pkce_state\", cookieOptions(url));\n cookies.delete(\"mongoku_pkce_verifier\", cookieOptions(url));\n const tokens = await exchangeCode(config, url.origin, code, storedVerifier, getCallbackUrl(url.origin));\n let user = {};\n let claims = {};\n if (tokens.id_token) {\n ({ user, claims } = extractUserFromIdToken(tokens.id_token));\n }\n if (config.allowedSubs && (!user.sub \|\| !config.allowedSubs.has(user.sub))) {\n error(403, \"Your account is not authorized to access this application\");\n }\n if (config.requiredClaim && !checkRequiredClaim(claims, config.requiredClaim)) {\n error(403, `Required claim not satisfied: ${config.requiredClaim.field}=${config.requiredClaim.value}`);\n }\n cookies.set(\"mongoku_session\", createSessionCookie(config, user), cookieOptions(url, config.sessionDuration));\n const returnCookie = cookies.get(OAUTH_RETURN_COOKIE);\n cookies.delete(OAUTH_RETURN_COOKIE, cookieOptions(url));\n const afterLogin = sanitizeOAuthReturnPath(url, returnCookie) ?? `${base}/`;\n redirect(302, afterLogin);\n};\nexport {\n GET\n};\n"],"names":[],"mappings":";;;;;;;;AAMK,MAAC,GAAG,GAAG,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK;AACxC,EAAE,MAAM,MAAM,GAAG,MAAM,cAAc,EAAE;AACvC,EAAE,IAAI,CAAC,MAAM,EAAE;AACf,IAAI,QAAQ,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;AAC7B,EAAE;AACF,EAAE,MAAM,UAAU,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC;AAClD,EAAE,IAAI,UAAU,EAAE;AAClB,IAAI,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,UAAU,CAAC;AACvE,EAAE;AACF,EAAE,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC;AAC3C,EAAE,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC;AAC7C,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE;AACvB,IAAI,KAAK,CAAC,GAAG,EAAE,iCAAiC,CAAC;AACjD,EAAE;AACF,EAAE,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC;AACvD,EAAE,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;AAC7D,EAAE,IAAI,CAAC,WAAW,IAAI,CAAC,cAAc,EAAE;AACvC,IAAI,KAAK,CAAC,GAAG,EAAE,qDAAqD,CAAC;AACrE,EAAE;AACF,EAAE,IAAI,KAAK,KAAK,WAAW,EAAE;AAC7B,IAAI,KAAK,CAAC,GAAG,EAAE,qBAAqB,CAAC;AACrC,EAAE;AACF,EAAE,OAAO,CAAC,MAAM,CAAC,oBAAoB,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC;AAC1D,EAAE,OAAO,CAAC,MAAM,CAAC,uBAAuB,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC;AAC7D,EAAE,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;AACzG,EAAE,IAAI,IAAI,GAAG,EAAE;AACf,EAAE,IAAI,MAAM,GAAG,EAAE;AACjB,EAAE,IAAI,MAAM,CAAC,QAAQ,EAAE;AACvB,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,sBAAsB,CAAC,MAAM,CAAC,QAAQ,CAAC;AAC/D,EAAE;AACF,EAAE,IAAI,MAAM,CAAC,WAAW,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE;AAC9E,IAAI,KAAK,CAAC,GAAG,EAAE,2DAA2D,CAAC;AAC3E,EAAE;AACF,EAAE,IAAI,MAAM,CAAC,aAAa,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,MAAM,CAAC,aAAa,CAAC,EAAE;AACjF,IAAI,KAAK,CAAC,GAAG,EAAE,CAAC,8BAA8B,EAAE,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC;AAC3G,EAAE;AACF,EAAE,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,mBAAmB,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,eAAe,CAAC,CAAC;AAC/G,EAAE,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;AACvD,EAAE,OAAO,CAAC,MAAM,CAAC,mBAAmB,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC;AACzD,EAAE,MAAM,UAAU,GAAG,uBAAuB,CAAC,GAAG,EAAE,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;AAC7E,EAAE,QAAQ,CAAC,GAAG,EAAE,UAAU,CAAC;AAC3B;;;;"}
1	+ {"version":3,"file":"_server.ts-CEBmCzTO.js","sources":["../../../.svelte-kit/adapter-node/entries/endpoints/auth/callback/_server.ts.js"],"sourcesContent":["import { b as base } from \"../../../../chunks/server.js\";\nimport \"../../../../chunks/url.js\";\nimport \"@sveltejs/kit/internal/server\";\nimport \"../../../../chunks/root.js\";\nimport { g as getOAuthConfig, c as cookieOptions, e as exchangeCode, a as getCallbackUrl, b as extractUserFromIdToken, d as checkRequiredClaim, f as createSessionCookie, h as OAUTH_RETURN_COOKIE, s as sanitizeOAuthReturnPath } from \"../../../../chunks/oauth.js\";\nimport { redirect, error } from \"@sveltejs/kit\";\nconst GET = async ({ url, cookies }) => {\n const config = await getOAuthConfig();\n if (!config) {\n redirect(302, `${base}/`);\n }\n const oauthError = url.searchParams.get(\"error\");\n if (oauthError) {\n error(403, url.searchParams.get(\"error_description\") \|\| oauthError);\n }\n const code = url.searchParams.get(\"code\");\n const state = url.searchParams.get(\"state\");\n if (!code \|\| !state) {\n error(400, \"Missing code or state parameter\");\n }\n const storedState = cookies.get(\"mongoku_pkce_state\");\n const storedVerifier = cookies.get(\"mongoku_pkce_verifier\");\n if (!storedState \|\| !storedVerifier) {\n error(400, \"Missing OAuth cookies — please try logging in again\");\n }\n if (state !== storedState) {\n error(403, \"Invalid OAuth state\");\n }\n cookies.delete(\"mongoku_pkce_state\", cookieOptions(url));\n cookies.delete(\"mongoku_pkce_verifier\", cookieOptions(url));\n const tokens = await exchangeCode(config, url.origin, code, storedVerifier, getCallbackUrl(url.origin));\n let user = {};\n let claims = {};\n if (tokens.id_token) {\n ({ user, claims } = extractUserFromIdToken(tokens.id_token));\n }\n if (config.allowedSubs && (!user.sub \|\| !config.allowedSubs.has(user.sub))) {\n error(403, \"Your account is not authorized to access this application\");\n }\n if (config.requiredClaim && !checkRequiredClaim(claims, config.requiredClaim)) {\n error(403, `Required claim not satisfied: ${config.requiredClaim.field}=${config.requiredClaim.value}`);\n }\n cookies.set(\"mongoku_session\", createSessionCookie(config, user), cookieOptions(url, config.sessionDuration));\n const returnCookie = cookies.get(OAUTH_RETURN_COOKIE);\n cookies.delete(OAUTH_RETURN_COOKIE, cookieOptions(url));\n const afterLogin = sanitizeOAuthReturnPath(url, returnCookie) ?? `${base}/`;\n redirect(302, afterLogin);\n};\nexport {\n GET\n};\n"],"names":[],"mappings":";;;;;;;;AAMK,MAAC,GAAG,GAAG,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK;AACxC,EAAE,MAAM,MAAM,GAAG,MAAM,cAAc,EAAE;AACvC,EAAE,IAAI,CAAC,MAAM,EAAE;AACf,IAAI,QAAQ,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;AAC7B,EAAE;AACF,EAAE,MAAM,UAAU,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC;AAClD,EAAE,IAAI,UAAU,EAAE;AAClB,IAAI,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,UAAU,CAAC;AACvE,EAAE;AACF,EAAE,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC;AAC3C,EAAE,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC;AAC7C,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE;AACvB,IAAI,KAAK,CAAC,GAAG,EAAE,iCAAiC,CAAC;AACjD,EAAE;AACF,EAAE,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC;AACvD,EAAE,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;AAC7D,EAAE,IAAI,CAAC,WAAW,IAAI,CAAC,cAAc,EAAE;AACvC,IAAI,KAAK,CAAC,GAAG,EAAE,qDAAqD,CAAC;AACrE,EAAE;AACF,EAAE,IAAI,KAAK,KAAK,WAAW,EAAE;AAC7B,IAAI,KAAK,CAAC,GAAG,EAAE,qBAAqB,CAAC;AACrC,EAAE;AACF,EAAE,OAAO,CAAC,MAAM,CAAC,oBAAoB,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC;AAC1D,EAAE,OAAO,CAAC,MAAM,CAAC,uBAAuB,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC;AAC7D,EAAE,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;AACzG,EAAE,IAAI,IAAI,GAAG,EAAE;AACf,EAAE,IAAI,MAAM,GAAG,EAAE;AACjB,EAAE,IAAI,MAAM,CAAC,QAAQ,EAAE;AACvB,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,sBAAsB,CAAC,MAAM,CAAC,QAAQ,CAAC;AAC/D,EAAE;AACF,EAAE,IAAI,MAAM,CAAC,WAAW,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE;AAC9E,IAAI,KAAK,CAAC,GAAG,EAAE,2DAA2D,CAAC;AAC3E,EAAE;AACF,EAAE,IAAI,MAAM,CAAC,aAAa,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,MAAM,CAAC,aAAa,CAAC,EAAE;AACjF,IAAI,KAAK,CAAC,GAAG,EAAE,CAAC,8BAA8B,EAAE,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC;AAC3G,EAAE;AACF,EAAE,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,mBAAmB,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,eAAe,CAAC,CAAC;AAC/G,EAAE,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;AACvD,EAAE,OAAO,CAAC,MAAM,CAAC,mBAAmB,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC;AACzD,EAAE,MAAM,UAAU,GAAG,uBAAuB,CAAC,GAAG,EAAE,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;AAC7E,EAAE,QAAQ,CAAC,GAAG,EAAE,UAAU,CAAC;AAC3B;;;;"}

package/build/server/chunks/{_server.ts-OSPJ0dek.js → _server.ts-CoUHVeKI.js} RENAMED Viewed

@@ -1,8 +1,8 @@
 import { b as base } from './server-Crjo4w1q.js';
-import './url-hmE1zcJ6.js';
-import { g as getOAuthConfig, i as generateCodeVerifier, j as generateCodeChallenge, k as generateState, a as getCallbackUrl, c as cookieOptions, s as sanitizeOAuthReturnPath, h as OAUTH_RETURN_COOKIE, l as buildAuthorizationUrl } from './oauth-BbSyq_Sb.js';
-import { r as redirect } from './index-wpIsICWW.js';
-import './async-lVJA8xJZ.js';
+import './root-otUAnOAR.js';
+import { g as getOAuthConfig, i as generateCodeVerifier, j as generateCodeChallenge, k as generateState, a as getCallbackUrl, c as cookieOptions, s as sanitizeOAuthReturnPath, h as OAUTH_RETURN_COOKIE, l as buildAuthorizationUrl } from './oauth-D6jTWKFd.js';
+import { r as redirect } from './index-NcxaM188.js';
+import './async-DUoD1OpG.js';
 import './shared-server-BmU87nph.js';
 import 'node:crypto';
@@ -28,4 +28,4 @@ const GET = async ({ url, cookies }) => {
 };
 export { GET };
-//# sourceMappingURL=_server.ts-OSPJ0dek.js.map
+//# sourceMappingURL=_server.ts-CoUHVeKI.js.map

package/build/server/chunks/{_server.ts-OSPJ0dek.js.map → _server.ts-CoUHVeKI.js.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"_server.ts-~~OSPJ0dek~~.js","sources":["../../../.svelte-kit/adapter-node/entries/endpoints/auth/login/_server.ts.js"],"sourcesContent":["import { b as base } from \"../../../../chunks/server.js\";\nimport \"../../../../chunks/url.js\";\nimport \"@sveltejs/kit/internal/server\";\nimport \"../../../../chunks/root.js\";\nimport { g as getOAuthConfig, i as generateCodeVerifier, j as generateCodeChallenge, k as generateState, a as getCallbackUrl, c as cookieOptions, s as sanitizeOAuthReturnPath, h as OAUTH_RETURN_COOKIE, l as buildAuthorizationUrl } from \"../../../../chunks/oauth.js\";\nimport { redirect } from \"@sveltejs/kit\";\nconst GET = async ({ url, cookies }) => {\n const config = await getOAuthConfig();\n if (!config) {\n redirect(302, `${base}/`);\n }\n const codeVerifier = generateCodeVerifier();\n const codeChallenge = generateCodeChallenge(codeVerifier);\n const state = generateState();\n const callbackUrl = getCallbackUrl(url.origin);\n cookies.set(\"mongoku_pkce_verifier\", codeVerifier, cookieOptions(url, 300));\n cookies.set(\"mongoku_pkce_state\", state, cookieOptions(url, 300));\n const returnParam = url.searchParams.get(\"return\");\n const sanitizedReturn = sanitizeOAuthReturnPath(url, returnParam);\n if (sanitizedReturn) {\n cookies.set(OAUTH_RETURN_COOKIE, sanitizedReturn, cookieOptions(url, 300));\n } else {\n cookies.delete(OAUTH_RETURN_COOKIE, cookieOptions(url));\n }\n redirect(302, buildAuthorizationUrl(config, url.origin, callbackUrl, codeChallenge, state));\n};\nexport {\n GET\n};\n"],"names":[],"mappings":";;;;;;;;AAMK,MAAC,GAAG,GAAG,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK;AACxC,EAAE,MAAM,MAAM,GAAG,MAAM,cAAc,EAAE;AACvC,EAAE,IAAI,CAAC,MAAM,EAAE;AACf,IAAI,QAAQ,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;AAC7B,EAAE;AACF,EAAE,MAAM,YAAY,GAAG,oBAAoB,EAAE;AAC7C,EAAE,MAAM,aAAa,GAAG,qBAAqB,CAAC,YAAY,CAAC;AAC3D,EAAE,MAAM,KAAK,GAAG,aAAa,EAAE;AAC/B,EAAE,MAAM,WAAW,GAAG,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC;AAChD,EAAE,OAAO,CAAC,GAAG,CAAC,uBAAuB,EAAE,YAAY,EAAE,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;AAC7E,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,EAAE,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;AACnE,EAAE,MAAM,WAAW,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC;AACpD,EAAE,MAAM,eAAe,GAAG,uBAAuB,CAAC,GAAG,EAAE,WAAW,CAAC;AACnE,EAAE,IAAI,eAAe,EAAE;AACvB,IAAI,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,eAAe,EAAE,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;AAC9E,EAAE,CAAC,MAAM;AACT,IAAI,OAAO,CAAC,MAAM,CAAC,mBAAmB,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC;AAC3D,EAAE;AACF,EAAE,QAAQ,CAAC,GAAG,EAAE,qBAAqB,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,WAAW,EAAE,aAAa,EAAE,KAAK,CAAC,CAAC;AAC7F;;;;"}
1	+ {"version":3,"file":"_server.ts-CoUHVeKI.js","sources":["../../../.svelte-kit/adapter-node/entries/endpoints/auth/login/_server.ts.js"],"sourcesContent":["import { b as base } from \"../../../../chunks/server.js\";\nimport \"../../../../chunks/url.js\";\nimport \"@sveltejs/kit/internal/server\";\nimport \"../../../../chunks/root.js\";\nimport { g as getOAuthConfig, i as generateCodeVerifier, j as generateCodeChallenge, k as generateState, a as getCallbackUrl, c as cookieOptions, s as sanitizeOAuthReturnPath, h as OAUTH_RETURN_COOKIE, l as buildAuthorizationUrl } from \"../../../../chunks/oauth.js\";\nimport { redirect } from \"@sveltejs/kit\";\nconst GET = async ({ url, cookies }) => {\n const config = await getOAuthConfig();\n if (!config) {\n redirect(302, `${base}/`);\n }\n const codeVerifier = generateCodeVerifier();\n const codeChallenge = generateCodeChallenge(codeVerifier);\n const state = generateState();\n const callbackUrl = getCallbackUrl(url.origin);\n cookies.set(\"mongoku_pkce_verifier\", codeVerifier, cookieOptions(url, 300));\n cookies.set(\"mongoku_pkce_state\", state, cookieOptions(url, 300));\n const returnParam = url.searchParams.get(\"return\");\n const sanitizedReturn = sanitizeOAuthReturnPath(url, returnParam);\n if (sanitizedReturn) {\n cookies.set(OAUTH_RETURN_COOKIE, sanitizedReturn, cookieOptions(url, 300));\n } else {\n cookies.delete(OAUTH_RETURN_COOKIE, cookieOptions(url));\n }\n redirect(302, buildAuthorizationUrl(config, url.origin, callbackUrl, codeChallenge, state));\n};\nexport {\n GET\n};\n"],"names":[],"mappings":";;;;;;;;AAMK,MAAC,GAAG,GAAG,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK;AACxC,EAAE,MAAM,MAAM,GAAG,MAAM,cAAc,EAAE;AACvC,EAAE,IAAI,CAAC,MAAM,EAAE;AACf,IAAI,QAAQ,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;AAC7B,EAAE;AACF,EAAE,MAAM,YAAY,GAAG,oBAAoB,EAAE;AAC7C,EAAE,MAAM,aAAa,GAAG,qBAAqB,CAAC,YAAY,CAAC;AAC3D,EAAE,MAAM,KAAK,GAAG,aAAa,EAAE;AAC/B,EAAE,MAAM,WAAW,GAAG,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC;AAChD,EAAE,OAAO,CAAC,GAAG,CAAC,uBAAuB,EAAE,YAAY,EAAE,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;AAC7E,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,EAAE,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;AACnE,EAAE,MAAM,WAAW,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC;AACpD,EAAE,MAAM,eAAe,GAAG,uBAAuB,CAAC,GAAG,EAAE,WAAW,CAAC;AACnE,EAAE,IAAI,eAAe,EAAE;AACvB,IAAI,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,eAAe,EAAE,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;AAC9E,EAAE,CAAC,MAAM;AACT,IAAI,OAAO,CAAC,MAAM,CAAC,mBAAmB,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC;AAC3D,EAAE;AACF,EAAE,QAAQ,CAAC,GAAG,EAAE,qBAAqB,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,WAAW,EAAE,aAAa,EAAE,KAAK,CAAC,CAAC;AAC7F;;;;"}

package/build/server/chunks/{_server.ts-CHqxLmE4.js → _server.ts-i-glbZtX.js} RENAMED Viewed

@@ -1,7 +1,7 @@
 import { b as base } from './server-Crjo4w1q.js';
-import './url-hmE1zcJ6.js';
-import { g as getOAuthConfig, O as OAUTH_CIMD_CLIENT_ID, a as getCallbackUrl } from './oauth-BbSyq_Sb.js';
-import './async-lVJA8xJZ.js';
+import './root-otUAnOAR.js';
+import { g as getOAuthConfig, O as OAUTH_CIMD_CLIENT_ID, a as getCallbackUrl } from './oauth-D6jTWKFd.js';
+import './async-DUoD1OpG.js';
 import './shared-server-BmU87nph.js';
 import 'node:crypto';
@@ -31,4 +31,4 @@ const GET = async ({ url }) => {
 };
 export { GET };
-//# sourceMappingURL=_server.ts-CHqxLmE4.js.map
+//# sourceMappingURL=_server.ts-i-glbZtX.js.map

package/build/server/chunks/{_server.ts-CHqxLmE4.js.map → _server.ts-i-glbZtX.js.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"_server.ts-~~CHqxLmE4~~.js","sources":["../../../.svelte-kit/adapter-node/entries/endpoints/.well-known/cimd.json/_server.ts.js"],"sourcesContent":["import { b as base } from \"../../../../chunks/server.js\";\nimport \"../../../../chunks/url.js\";\nimport \"@sveltejs/kit/internal/server\";\nimport \"../../../../chunks/root.js\";\nimport { g as getOAuthConfig, O as OAUTH_CIMD_CLIENT_ID, a as getCallbackUrl } from \"../../../../chunks/oauth.js\";\nconst GET = async ({ url }) => {\n const config = await getOAuthConfig();\n if (!config) {\n return new Response(\"OAuth is not configured\", { status: 404 });\n }\n if (config.clientId !== OAUTH_CIMD_CLIENT_ID) {\n return new Response(\"CIMD is disabled\", { status: 404 });\n }\n return new Response(\n JSON.stringify({\n client_id: new URL(url.pathname, url.origin).toString(),\n client_name: \"Mongoku\",\n client_uri: `${url.origin}${base}`,\n redirect_uris: [getCallbackUrl(url.origin)],\n token_endpoint_auth_method: \"none\",\n scope: config.scopes\n }),\n {\n headers: {\n \"Content-Type\": \"application/json\"\n }\n }\n );\n};\nexport {\n GET\n};\n"],"names":[],"mappings":";;;;;;;AAKK,MAAC,GAAG,GAAG,OAAO,EAAE,GAAG,EAAE,KAAK;AAC/B,EAAE,MAAM,MAAM,GAAG,MAAM,cAAc,EAAE;AACvC,EAAE,IAAI,CAAC,MAAM,EAAE;AACf,IAAI,OAAO,IAAI,QAAQ,CAAC,yBAAyB,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;AACnE,EAAE;AACF,EAAE,IAAI,MAAM,CAAC,QAAQ,KAAK,oBAAoB,EAAE;AAChD,IAAI,OAAO,IAAI,QAAQ,CAAC,kBAAkB,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;AAC5D,EAAE;AACF,EAAE,OAAO,IAAI,QAAQ;AACrB,IAAI,IAAI,CAAC,SAAS,CAAC;AACnB,MAAM,SAAS,EAAE,IAAI,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE;AAC7D,MAAM,WAAW,EAAE,SAAS;AAC5B,MAAM,UAAU,EAAE,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;AACxC,MAAM,aAAa,EAAE,CAAC,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;AACjD,MAAM,0BAA0B,EAAE,MAAM;AACxC,MAAM,KAAK,EAAE,MAAM,CAAC;AACpB,KAAK,CAAC;AACN,IAAI;AACJ,MAAM,OAAO,EAAE;AACf,QAAQ,cAAc,EAAE;AACxB;AACA;AACA,GAAG;AACH;;;;"}
1	+ {"version":3,"file":"_server.ts-i-glbZtX.js","sources":["../../../.svelte-kit/adapter-node/entries/endpoints/.well-known/cimd.json/_server.ts.js"],"sourcesContent":["import { b as base } from \"../../../../chunks/server.js\";\nimport \"../../../../chunks/url.js\";\nimport \"@sveltejs/kit/internal/server\";\nimport \"../../../../chunks/root.js\";\nimport { g as getOAuthConfig, O as OAUTH_CIMD_CLIENT_ID, a as getCallbackUrl } from \"../../../../chunks/oauth.js\";\nconst GET = async ({ url }) => {\n const config = await getOAuthConfig();\n if (!config) {\n return new Response(\"OAuth is not configured\", { status: 404 });\n }\n if (config.clientId !== OAUTH_CIMD_CLIENT_ID) {\n return new Response(\"CIMD is disabled\", { status: 404 });\n }\n return new Response(\n JSON.stringify({\n client_id: new URL(url.pathname, url.origin).toString(),\n client_name: \"Mongoku\",\n client_uri: `${url.origin}${base}`,\n redirect_uris: [getCallbackUrl(url.origin)],\n token_endpoint_auth_method: \"none\",\n scope: config.scopes\n }),\n {\n headers: {\n \"Content-Type\": \"application/json\"\n }\n }\n );\n};\nexport {\n GET\n};\n"],"names":[],"mappings":";;;;;;;AAKK,MAAC,GAAG,GAAG,OAAO,EAAE,GAAG,EAAE,KAAK;AAC/B,EAAE,MAAM,MAAM,GAAG,MAAM,cAAc,EAAE;AACvC,EAAE,IAAI,CAAC,MAAM,EAAE;AACf,IAAI,OAAO,IAAI,QAAQ,CAAC,yBAAyB,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;AACnE,EAAE;AACF,EAAE,IAAI,MAAM,CAAC,QAAQ,KAAK,oBAAoB,EAAE;AAChD,IAAI,OAAO,IAAI,QAAQ,CAAC,kBAAkB,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;AAC5D,EAAE;AACF,EAAE,OAAO,IAAI,QAAQ;AACrB,IAAI,IAAI,CAAC,SAAS,CAAC;AACnB,MAAM,SAAS,EAAE,IAAI,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE;AAC7D,MAAM,WAAW,EAAE,SAAS;AAC5B,MAAM,UAAU,EAAE,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;AACxC,MAAM,aAAa,EAAE,CAAC,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;AACjD,MAAM,0BAA0B,EAAE,MAAM;AACxC,MAAM,KAAK,EAAE,MAAM,CAAC;AACpB,KAAK,CAAC;AACN,IAAI;AACJ,MAAM,OAAO,EAAE;AACf,QAAQ,cAAc,EAAE;AACxB;AACA;AACA,GAAG;AACH;;;;"}

package/build/server/chunks/{async-lVJA8xJZ.js → async-DUoD1OpG.js} RENAMED Viewed

@@ -3,7 +3,8 @@ let tracing_mode_flag = false;
 function enable_async_mode_flag() {
   async_mode_flag = true;
 }
 enable_async_mode_flag();
 export { async_mode_flag as a, tracing_mode_flag as t };
-//# sourceMappingURL=async-lVJA8xJZ.js.map
+//# sourceMappingURL=async-DUoD1OpG.js.map

package/build/server/chunks/async-DUoD1OpG.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"async-DUoD1OpG.js","sources":["../../../.svelte-kit/adapter-node/chunks/index3.js","../../../.svelte-kit/adapter-node/chunks/async.js"],"sourcesContent":["let async_mode_flag = false;\nlet tracing_mode_flag = false;\nfunction enable_async_mode_flag() {\n async_mode_flag = true;\n}\nexport {\n async_mode_flag as a,\n enable_async_mode_flag as e,\n tracing_mode_flag as t\n};\n","import { e as enable_async_mode_flag } from \"./index3.js\";\nenable_async_mode_flag();\n"],"names":[],"mappings":"AAAG,IAAC,eAAe,GAAG;AACnB,IAAC,iBAAiB,GAAG;AACxB,SAAS,sBAAsB,GAAG;AAClC,EAAE,eAAe,GAAG,IAAI;AACxB;;ACHA,sBAAsB,EAAE;;;;"}

package/build/server/chunks/client-COtw9Xqw.js ADDED Viewed

@@ -0,0 +1,7 @@
+import './state.svelte-Bj5yxNNk.js';
+import { s as stores } from './client2-BIa3wTXU.js';
+({
+  check: stores.updated.check
+});
+//# sourceMappingURL=client-COtw9Xqw.js.map

package/build/server/chunks/{client-C7bEwskR.js.map → client-COtw9Xqw.js.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"client-~~C7bEwskR~~.js","sources":["../../../.svelte-kit/adapter-node/chunks/client.js"],"sourcesContent":["import \"./state.svelte.js\";\nimport { s as stores } from \"./client2.js\";\n({\n check: stores.updated.check\n});\n"],"names":[],"mappings":";;;AAEA,CAAC;AACD,EAAE,KAAK,EAAE,MAAM,CAAC,OAAO,CAAC;AACxB,CAAC"}
1	+ {"version":3,"file":"client-COtw9Xqw.js","sources":["../../../.svelte-kit/adapter-node/chunks/client.js"],"sourcesContent":["import \"./state.svelte.js\";\nimport { s as stores } from \"./client2.js\";\n({\n check: stores.updated.check\n});\n"],"names":[],"mappings":";;;AAEA,CAAC;AACD,EAAE,KAAK,EAAE,MAAM,CAAC,OAAO,CAAC;AACxB,CAAC"}

package/build/server/chunks/{client2-DcCKOWWC.js → client2-BIa3wTXU.js} RENAMED Viewed

@@ -1,8 +1,8 @@
-import './url-hmE1zcJ6.js';
-import './utils2-kjxf7BZO.js';
-import { w as writable } from './index-CC9WtE-y.js';
+import './root-otUAnOAR.js';
+import './utils-BQzn9ikS.js';
+import { w as writable } from './index-CtYzvcG6.js';
 import './exports-B5ORJhfK.js';
-import './state.svelte-Dzb7Lf2r.js';
+import './state.svelte-Bj5yxNNk.js';
 function create_updated_store() {
   const { set, subscribe } = writable(false);
@@ -24,4 +24,4 @@ function goto(url, opts = {}) {
 }
 export { goto as g, stores as s };
-//# sourceMappingURL=client2-DcCKOWWC.js.map
+//# sourceMappingURL=client2-BIa3wTXU.js.map

package/build/server/chunks/client2-BIa3wTXU.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"client2-BIa3wTXU.js","sources":["../../../.svelte-kit/adapter-node/chunks/client2.js"],"sourcesContent":["import \"@sveltejs/kit/internal\";\nimport \"./url.js\";\nimport \"./utils.js\";\nimport { w as writable } from \"./index.js\";\nimport \"@sveltejs/kit/internal/server\";\nimport \"./root.js\";\nimport \"./exports.js\";\nimport \"./state.svelte.js\";\nfunction create_updated_store() {\n const { set, subscribe } = writable(false);\n {\n return {\n subscribe,\n // eslint-disable-next-line @typescript-eslint/require-await\n check: async () => false\n };\n }\n}\nconst stores = {\n updated: /* @__PURE__ */ create_updated_store()\n};\nfunction goto(url, opts = {}) {\n {\n throw new Error(\"Cannot call goto(...) on the server\");\n }\n}\nexport {\n goto as g,\n stores as s\n};\n"],"names":[],"mappings":";;;;;;AAQA,SAAS,oBAAoB,GAAG;AAChC,EAAE,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC;AAC5C,EAAE;AACF,IAAI,OAAO;AACX,MAAM,SAAS;AACf;AACA,MAAM,KAAK,EAAE,YAAY;AACzB,KAAK;AACL,EAAE;AACF;AACK,MAAC,MAAM,GAAG;AACf,EAAE,OAAO,kBAAkB,oBAAoB;AAC/C;AACA,SAAS,IAAI,CAAC,GAAG,EAAE,IAAI,GAAG,EAAE,EAAE;AAC9B,EAAE;AACF,IAAI,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC;AAC1D,EAAE;AACF;;;;"}

package/build/server/chunks/error.svelte-DUZ2SYyF.js ADDED Viewed

@@ -0,0 +1,18 @@
+import './async-DUoD1OpG.js';
+import { e as escape_html } from './root-otUAnOAR.js';
+import { p as page } from './index2-B0RgZaJY.js';
+import './client-COtw9Xqw.js';
+import './state.svelte-Bj5yxNNk.js';
+import './client2-BIa3wTXU.js';
+import './utils-BQzn9ikS.js';
+import './index-CtYzvcG6.js';
+import './exports-B5ORJhfK.js';
+function Error($$renderer, $$props) {
+  $$renderer.component(($$renderer2) => {
+    $$renderer2.push(`<h1>${escape_html(page.status)}</h1> <p>${escape_html(page.error?.message)}</p>`);
+  });
+}
+export { Error as default };
+//# sourceMappingURL=error.svelte-DUZ2SYyF.js.map

package/build/server/chunks/{error.svelte-Bk-0XnBt.js.map → error.svelte-DUZ2SYyF.js.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"error.svelte-~~Bk-0XnBt~~.js","sources":["../../../.svelte-kit/adapter-node/entries/fallbacks/error.svelte.js"],"sourcesContent":["import \"../../chunks/async.js\";\nimport { b as escape_html } from \"../../chunks/root.js\";\nimport { p as page } from \"../../chunks/index2.js\";\nfunction Error($$renderer, $$props) {\n $$renderer.component(($$renderer2) => {\n $$renderer2.push(`<h1>${escape_html(page.status)}</h1> <p>${escape_html(page.error?.message)}</p>`);\n });\n}\nexport {\n Error as default\n};\n"],"names":[],"mappings":";;;;;;;;;;AAGA,SAAS,KAAK,CAAC,UAAU,EAAE,OAAO,EAAE;AACpC,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,WAAW,KAAK;AACxC,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,WAAW,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC;AACvG,EAAE,CAAC,CAAC;AACJ;;;;"}
1	+ {"version":3,"file":"error.svelte-DUZ2SYyF.js","sources":["../../../.svelte-kit/adapter-node/entries/fallbacks/error.svelte.js"],"sourcesContent":["import \"../../chunks/async.js\";\nimport { b as escape_html } from \"../../chunks/root.js\";\nimport { p as page } from \"../../chunks/index2.js\";\nfunction Error($$renderer, $$props) {\n $$renderer.component(($$renderer2) => {\n $$renderer2.push(`<h1>${escape_html(page.status)}</h1> <p>${escape_html(page.error?.message)}</p>`);\n });\n}\nexport {\n Error as default\n};\n"],"names":[],"mappings":";;;;;;;;;;AAGA,SAAS,KAAK,CAAC,UAAU,EAAE,OAAO,EAAE;AACpC,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,WAAW,KAAK;AACxC,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,WAAW,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC;AACvG,EAAE,CAAC,CAAC;AACJ;;;;"}

package/build/server/chunks/{hooks.server-ChbJBVwm.js → hooks.server-BiUSRqj1.js} RENAMED Viewed

@@ -1,10 +1,10 @@
 import { b as base } from './server-Crjo4w1q.js';
-import './url-hmE1zcJ6.js';
+import './root-otUAnOAR.js';
 import { p as private_env } from './shared-server-BmU87nph.js';
 import { c as contextStore, l as logger } from './logger-PfH_grbh.js';
-import { g as getOAuthConfig, v as verifySession } from './oauth-BbSyq_Sb.js';
+import { g as getOAuthConfig, v as verifySession } from './oauth-D6jTWKFd.js';
 import { MongoError } from 'mongodb';
-import './async-lVJA8xJZ.js';
+import './async-DUoD1OpG.js';
 import 'async_hooks';
 import 'node:util';
 import 'node:crypto';
@@ -78,4 +78,4 @@ const handleError = ({ error }) => {
 };
 export { handle, handleError };
-//# sourceMappingURL=hooks.server-ChbJBVwm.js.map
+//# sourceMappingURL=hooks.server-BiUSRqj1.js.map

package/build/server/chunks/{hooks.server-ChbJBVwm.js.map → hooks.server-BiUSRqj1.js.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"hooks.server-~~ChbJBVwm~~.js","sources":["../../../.svelte-kit/adapter-node/entries/hooks.server.js"],"sourcesContent":["import { b as base } from \"../chunks/server.js\";\nimport \"../chunks/url.js\";\nimport \"@sveltejs/kit/internal/server\";\nimport \"../chunks/root.js\";\nimport { b as private_env } from \"../chunks/shared-server.js\";\nimport { c as contextStore, l as logger } from \"../chunks/logger.js\";\nimport { g as getOAuthConfig, v as verifySession } from \"../chunks/oauth.js\";\nimport { MongoError } from \"mongodb\";\nError.stackTraceLimit = 100;\nconst handle = async ({ event, resolve }) => {\n const oauthConfig = await getOAuthConfig();\n const authBasic = private_env.MONGOKU_AUTH_BASIC;\n event.locals.requestId = event.request.headers.get(\"X-Request-ID\") \|\| crypto.randomUUID();\n event.setHeaders({\n \"X-Request-ID\": event.locals.requestId\n });\n return contextStore.run(event, async () => {\n const startTime = performance.now();\n if (oauthConfig) {\n const isAuthRoute = event.url.pathname.startsWith(`${base}/auth/`);\n const isCimdRoute = event.url.pathname === `${base}/.well-known/cimd.json`;\n if (!isAuthRoute && !isCimdRoute) {\n const sessionCookie = event.cookies.get(\"mongoku_session\");\n const session = sessionCookie ? verifySession(oauthConfig, sessionCookie) : null;\n if (!session) {\n const acceptsHtml = event.request.headers.get(\"accept\")?.includes(\"text/html\");\n logger.logRequest(acceptsHtml ? 302 : 401, performance.now() - startTime);\n if (acceptsHtml) {\n const returnTo = `${event.url.pathname}${event.url.search}`;\n const loginUrl = `${base}/auth/login?return=${encodeURIComponent(returnTo)}`;\n return new Response(null, {\n status: 302,\n headers: { Location: loginUrl }\n });\n }\n return new Response(JSON.stringify({ message: \"Session expired\" }), {\n status: 401,\n headers: { \"Content-Type\": \"application/json\" }\n });\n }\n event.locals.user = { sub: session.sub, name: session.name, email: session.email };\n }\n } else if (authBasic) {\n const [username, password] = authBasic.split(\":\");\n const basicAuth = event.request.headers.get(\"Authorization\");\n if (!basicAuth?.toLowerCase().startsWith(\"basic \") \|\| basicAuth.slice(\"basic \".length) !== Buffer.from(`${username}:${password}`).toString(\"base64\")) {\n logger.logRequest(401, performance.now() - startTime);\n return new Response(\"Unauthorized\", {\n status: 401,\n headers: { \"WWW-Authenticate\": \"Basic\" }\n });\n }\n }\n const response = await resolve(event);\n logger.logRequest(response.status, performance.now() - startTime);\n return response;\n });\n};\nconst handleError = ({ error }) => {\n logger.error(error);\n if (error instanceof MongoError) {\n return {\n message: error.message,\n code: error.code\n };\n }\n if (error instanceof Error) {\n return {\n message: error.message\n };\n }\n return {\n message: \"An unexpected error occurred\"\n };\n};\nexport {\n handle,\n handleError\n};\n"],"names":[],"mappings":";;;;;;;;;;;AAQA,KAAK,CAAC,eAAe,GAAG,GAAG;AACtB,MAAC,MAAM,GAAG,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK;AAC7C,EAAE,MAAM,WAAW,GAAG,MAAM,cAAc,EAAE;AAC5C,EAAE,MAAM,SAAS,GAAG,WAAW,CAAC,kBAAkB;AAClD,EAAE,KAAK,CAAC,MAAM,CAAC,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,MAAM,CAAC,UAAU,EAAE;AAC3F,EAAE,KAAK,CAAC,UAAU,CAAC;AACnB,IAAI,cAAc,EAAE,KAAK,CAAC,MAAM,CAAC;AACjC,GAAG,CAAC;AACJ,EAAE,OAAO,YAAY,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY;AAC7C,IAAI,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE;AACvC,IAAI,IAAI,WAAW,EAAE;AACrB,MAAM,MAAM,WAAW,GAAG,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;AACxE,MAAM,MAAM,WAAW,GAAG,KAAK,CAAC,GAAG,CAAC,QAAQ,KAAK,CAAC,EAAE,IAAI,CAAC,sBAAsB,CAAC;AAChF,MAAM,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,EAAE;AACxC,QAAQ,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;AAClE,QAAQ,MAAM,OAAO,GAAG,aAAa,GAAG,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,GAAG,IAAI;AACxF,QAAQ,IAAI,CAAC,OAAO,EAAE;AACtB,UAAU,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,WAAW,CAAC;AACxF,UAAU,MAAM,CAAC,UAAU,CAAC,WAAW,GAAG,GAAG,GAAG,GAAG,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;AACnF,UAAU,IAAI,WAAW,EAAE;AAC3B,YAAY,MAAM,QAAQ,GAAG,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;AACvE,YAAY,MAAM,QAAQ,GAAG,CAAC,EAAE,IAAI,CAAC,mBAAmB,EAAE,kBAAkB,CAAC,QAAQ,CAAC,CAAC,CAAC;AACxF,YAAY,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE;AACtC,cAAc,MAAM,EAAE,GAAG;AACzB,cAAc,OAAO,EAAE,EAAE,QAAQ,EAAE,QAAQ;AAC3C,aAAa,CAAC;AACd,UAAU;AACV,UAAU,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,iBAAiB,EAAE,CAAC,EAAE;AAC9E,YAAY,MAAM,EAAE,GAAG;AACvB,YAAY,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB;AACzD,WAAW,CAAC;AACZ,QAAQ;AACR,QAAQ,KAAK,CAAC,MAAM,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE;AAC1F,MAAM;AACN,IAAI,CAAC,MAAM,IAAI,SAAS,EAAE;AAC1B,MAAM,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC;AACvD,MAAM,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;AAClE,MAAM,IAAI,CAAC,SAAS,EAAE,WAAW,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;AAC5J,QAAQ,MAAM,CAAC,UAAU,CAAC,GAAG,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;AAC7D,QAAQ,OAAO,IAAI,QAAQ,CAAC,cAAc,EAAE;AAC5C,UAAU,MAAM,EAAE,GAAG;AACrB,UAAU,OAAO,EAAE,EAAE,kBAAkB,EAAE,OAAO;AAChD,SAAS,CAAC;AACV,MAAM;AACN,IAAI;AACJ,IAAI,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC;AACzC,IAAI,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;AACrE,IAAI,OAAO,QAAQ;AACnB,EAAE,CAAC,CAAC;AACJ;AACK,MAAC,WAAW,GAAG,CAAC,EAAE,KAAK,EAAE,KAAK;AACnC,EAAE,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC;AACrB,EAAE,IAAI,KAAK,YAAY,UAAU,EAAE;AACnC,IAAI,OAAO;AACX,MAAM,OAAO,EAAE,KAAK,CAAC,OAAO;AAC5B,MAAM,IAAI,EAAE,KAAK,CAAC;AAClB,KAAK;AACL,EAAE;AACF,EAAE,IAAI,KAAK,YAAY,KAAK,EAAE;AAC9B,IAAI,OAAO;AACX,MAAM,OAAO,EAAE,KAAK,CAAC;AACrB,KAAK;AACL,EAAE;AACF,EAAE,OAAO;AACT,IAAI,OAAO,EAAE;AACb,GAAG;AACH;;;;"}
1	+ {"version":3,"file":"hooks.server-BiUSRqj1.js","sources":["../../../.svelte-kit/adapter-node/entries/hooks.server.js"],"sourcesContent":["import { b as base } from \"../chunks/server.js\";\nimport \"../chunks/url.js\";\nimport \"@sveltejs/kit/internal/server\";\nimport \"../chunks/root.js\";\nimport { b as private_env } from \"../chunks/shared-server.js\";\nimport { c as contextStore, l as logger } from \"../chunks/logger.js\";\nimport { g as getOAuthConfig, v as verifySession } from \"../chunks/oauth.js\";\nimport { MongoError } from \"mongodb\";\nError.stackTraceLimit = 100;\nconst handle = async ({ event, resolve }) => {\n const oauthConfig = await getOAuthConfig();\n const authBasic = private_env.MONGOKU_AUTH_BASIC;\n event.locals.requestId = event.request.headers.get(\"X-Request-ID\") \|\| crypto.randomUUID();\n event.setHeaders({\n \"X-Request-ID\": event.locals.requestId\n });\n return contextStore.run(event, async () => {\n const startTime = performance.now();\n if (oauthConfig) {\n const isAuthRoute = event.url.pathname.startsWith(`${base}/auth/`);\n const isCimdRoute = event.url.pathname === `${base}/.well-known/cimd.json`;\n if (!isAuthRoute && !isCimdRoute) {\n const sessionCookie = event.cookies.get(\"mongoku_session\");\n const session = sessionCookie ? verifySession(oauthConfig, sessionCookie) : null;\n if (!session) {\n const acceptsHtml = event.request.headers.get(\"accept\")?.includes(\"text/html\");\n logger.logRequest(acceptsHtml ? 302 : 401, performance.now() - startTime);\n if (acceptsHtml) {\n const returnTo = `${event.url.pathname}${event.url.search}`;\n const loginUrl = `${base}/auth/login?return=${encodeURIComponent(returnTo)}`;\n return new Response(null, {\n status: 302,\n headers: { Location: loginUrl }\n });\n }\n return new Response(JSON.stringify({ message: \"Session expired\" }), {\n status: 401,\n headers: { \"Content-Type\": \"application/json\" }\n });\n }\n event.locals.user = { sub: session.sub, name: session.name, email: session.email };\n }\n } else if (authBasic) {\n const [username, password] = authBasic.split(\":\");\n const basicAuth = event.request.headers.get(\"Authorization\");\n if (!basicAuth?.toLowerCase().startsWith(\"basic \") \|\| basicAuth.slice(\"basic \".length) !== Buffer.from(`${username}:${password}`).toString(\"base64\")) {\n logger.logRequest(401, performance.now() - startTime);\n return new Response(\"Unauthorized\", {\n status: 401,\n headers: { \"WWW-Authenticate\": \"Basic\" }\n });\n }\n }\n const response = await resolve(event);\n logger.logRequest(response.status, performance.now() - startTime);\n return response;\n });\n};\nconst handleError = ({ error }) => {\n logger.error(error);\n if (error instanceof MongoError) {\n return {\n message: error.message,\n code: error.code\n };\n }\n if (error instanceof Error) {\n return {\n message: error.message\n };\n }\n return {\n message: \"An unexpected error occurred\"\n };\n};\nexport {\n handle,\n handleError\n};\n"],"names":[],"mappings":";;;;;;;;;;;AAQA,KAAK,CAAC,eAAe,GAAG,GAAG;AACtB,MAAC,MAAM,GAAG,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK;AAC7C,EAAE,MAAM,WAAW,GAAG,MAAM,cAAc,EAAE;AAC5C,EAAE,MAAM,SAAS,GAAG,WAAW,CAAC,kBAAkB;AAClD,EAAE,KAAK,CAAC,MAAM,CAAC,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,MAAM,CAAC,UAAU,EAAE;AAC3F,EAAE,KAAK,CAAC,UAAU,CAAC;AACnB,IAAI,cAAc,EAAE,KAAK,CAAC,MAAM,CAAC;AACjC,GAAG,CAAC;AACJ,EAAE,OAAO,YAAY,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY;AAC7C,IAAI,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE;AACvC,IAAI,IAAI,WAAW,EAAE;AACrB,MAAM,MAAM,WAAW,GAAG,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;AACxE,MAAM,MAAM,WAAW,GAAG,KAAK,CAAC,GAAG,CAAC,QAAQ,KAAK,CAAC,EAAE,IAAI,CAAC,sBAAsB,CAAC;AAChF,MAAM,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,EAAE;AACxC,QAAQ,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;AAClE,QAAQ,MAAM,OAAO,GAAG,aAAa,GAAG,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,GAAG,IAAI;AACxF,QAAQ,IAAI,CAAC,OAAO,EAAE;AACtB,UAAU,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,WAAW,CAAC;AACxF,UAAU,MAAM,CAAC,UAAU,CAAC,WAAW,GAAG,GAAG,GAAG,GAAG,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;AACnF,UAAU,IAAI,WAAW,EAAE;AAC3B,YAAY,MAAM,QAAQ,GAAG,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;AACvE,YAAY,MAAM,QAAQ,GAAG,CAAC,EAAE,IAAI,CAAC,mBAAmB,EAAE,kBAAkB,CAAC,QAAQ,CAAC,CAAC,CAAC;AACxF,YAAY,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE;AACtC,cAAc,MAAM,EAAE,GAAG;AACzB,cAAc,OAAO,EAAE,EAAE,QAAQ,EAAE,QAAQ;AAC3C,aAAa,CAAC;AACd,UAAU;AACV,UAAU,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,iBAAiB,EAAE,CAAC,EAAE;AAC9E,YAAY,MAAM,EAAE,GAAG;AACvB,YAAY,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB;AACzD,WAAW,CAAC;AACZ,QAAQ;AACR,QAAQ,KAAK,CAAC,MAAM,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE;AAC1F,MAAM;AACN,IAAI,CAAC,MAAM,IAAI,SAAS,EAAE;AAC1B,MAAM,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC;AACvD,MAAM,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;AAClE,MAAM,IAAI,CAAC,SAAS,EAAE,WAAW,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;AAC5J,QAAQ,MAAM,CAAC,UAAU,CAAC,GAAG,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;AAC7D,QAAQ,OAAO,IAAI,QAAQ,CAAC,cAAc,EAAE;AAC5C,UAAU,MAAM,EAAE,GAAG;AACrB,UAAU,OAAO,EAAE,EAAE,kBAAkB,EAAE,OAAO;AAChD,SAAS,CAAC;AACV,MAAM;AACN,IAAI;AACJ,IAAI,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC;AACzC,IAAI,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;AACrE,IAAI,OAAO,QAAQ;AACnB,EAAE,CAAC,CAAC;AACJ;AACK,MAAC,WAAW,GAAG,CAAC,EAAE,KAAK,EAAE,KAAK;AACnC,EAAE,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC;AACrB,EAAE,IAAI,KAAK,YAAY,UAAU,EAAE;AACnC,IAAI,OAAO;AACX,MAAM,OAAO,EAAE,KAAK,CAAC,OAAO;AAC5B,MAAM,IAAI,EAAE,KAAK,CAAC;AAClB,KAAK;AACL,EAAE;AACF,EAAE,IAAI,KAAK,YAAY,KAAK,EAAE;AAC9B,IAAI,OAAO;AACX,MAAM,OAAO,EAAE,KAAK,CAAC;AACrB,KAAK;AACL,EAAE;AACF,EAAE,OAAO;AACT,IAAI,OAAO,EAAE;AACb,GAAG;AACH;;;;"}

package/build/server/chunks/{index-CC9WtE-y.js → index-CtYzvcG6.js} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { r as noop, t as safe_not_equal } from './url-hmE1zcJ6.js';
+import { C as noop, E as safe_not_equal } from './root-otUAnOAR.js';
 const subscriber_queue = [];
 function readable(value, start) {
@@ -55,4 +55,4 @@ function writable(value, start = noop) {
 }
 export { readable as r, writable as w };
-//# sourceMappingURL=index-CC9WtE-y.js.map
+//# sourceMappingURL=index-CtYzvcG6.js.map

package/build/server/chunks/index-CtYzvcG6.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index-CtYzvcG6.js","sources":["../../../.svelte-kit/adapter-node/chunks/index.js"],"sourcesContent":["import { n as noop } from \"./render-context.js\";\nimport { l as safe_not_equal } from \"./root.js\";\nconst subscriber_queue = [];\nfunction readable(value, start) {\n return {\n subscribe: writable(value, start).subscribe\n };\n}\nfunction writable(value, start = noop) {\n let stop = null;\n const subscribers = /* @__PURE__ */ new Set();\n function set(new_value) {\n if (safe_not_equal(value, new_value)) {\n value = new_value;\n if (stop) {\n const run_queue = !subscriber_queue.length;\n for (const subscriber of subscribers) {\n subscriber[1]();\n subscriber_queue.push(subscriber, value);\n }\n if (run_queue) {\n for (let i = 0; i < subscriber_queue.length; i += 2) {\n subscriber_queue[i][0](subscriber_queue[i + 1]);\n }\n subscriber_queue.length = 0;\n }\n }\n }\n }\n function update(fn) {\n set(fn(\n /** @type {T} */\n value\n ));\n }\n function subscribe(run, invalidate = noop) {\n const subscriber = [run, invalidate];\n subscribers.add(subscriber);\n if (subscribers.size === 1) {\n stop = start(set, update) || noop;\n }\n run(\n /** @type {T} */\n value\n );\n return () => {\n subscribers.delete(subscriber);\n if (subscribers.size === 0 && stop) {\n stop();\n stop = null;\n }\n };\n }\n return { set, update, subscribe };\n}\nexport {\n readable as r,\n writable as w\n};\n"],"names":[],"mappings":";;AAEA,MAAM,gBAAgB,GAAG,EAAE;AAC3B,SAAS,QAAQ,CAAC,KAAK,EAAE,KAAK,EAAE;AAChC,EAAE,OAAO;AACT,IAAI,SAAS,EAAE,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;AACtC,GAAG;AACH;AACA,SAAS,QAAQ,CAAC,KAAK,EAAE,KAAK,GAAG,IAAI,EAAE;AACvC,EAAE,IAAI,IAAI,GAAG,IAAI;AACjB,EAAE,MAAM,WAAW,mBAAmB,IAAI,GAAG,EAAE;AAC/C,EAAE,SAAS,GAAG,CAAC,SAAS,EAAE;AAC1B,IAAI,IAAI,cAAc,CAAC,KAAK,EAAE,SAAS,CAAC,EAAE;AAC1C,MAAM,KAAK,GAAG,SAAS;AACvB,MAAM,IAAI,IAAI,EAAE;AAChB,QAAQ,MAAM,SAAS,GAAG,CAAC,gBAAgB,CAAC,MAAM;AAClD,QAAQ,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE;AAC9C,UAAU,UAAU,CAAC,CAAC,CAAC,EAAE;AACzB,UAAU,gBAAgB,CAAC,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC;AAClD,QAAQ;AACR,QAAQ,IAAI,SAAS,EAAE;AACvB,UAAU,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,gBAAgB,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE;AAC/D,YAAY,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AAC3D,UAAU;AACV,UAAU,gBAAgB,CAAC,MAAM,GAAG,CAAC;AACrC,QAAQ;AACR,MAAM;AACN,IAAI;AACJ,EAAE;AACF,EAAE,SAAS,MAAM,CAAC,EAAE,EAAE;AACtB,IAAI,GAAG,CAAC,EAAE;AACV;AACA,MAAM;AACN,KAAK,CAAC;AACN,EAAE;AACF,EAAE,SAAS,SAAS,CAAC,GAAG,EAAE,UAAU,GAAG,IAAI,EAAE;AAC7C,IAAI,MAAM,UAAU,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC;AACxC,IAAI,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC;AAC/B,IAAI,IAAI,WAAW,CAAC,IAAI,KAAK,CAAC,EAAE;AAChC,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,IAAI;AACvC,IAAI;AACJ,IAAI,GAAG;AACP;AACA,MAAM;AACN,KAAK;AACL,IAAI,OAAO,MAAM;AACjB,MAAM,WAAW,CAAC,MAAM,CAAC,UAAU,CAAC;AACpC,MAAM,IAAI,WAAW,CAAC,IAAI,KAAK,CAAC,IAAI,IAAI,EAAE;AAC1C,QAAQ,IAAI,EAAE;AACd,QAAQ,IAAI,GAAG,IAAI;AACnB,MAAM;AACN,IAAI,CAAC;AACL,EAAE;AACF,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE;AACnC;;;;"}

package/build/server/chunks/{index-wpIsICWW.js → index-NcxaM188.js} RENAMED Viewed

@@ -27,6 +27,15 @@ class Redirect {
 	 * @param {string} location
 	 */
 	constructor(status, location) {
+		try {
+			new Headers({ location });
+		} catch {
+			throw new Error(
+				`Invalid redirect location ${JSON.stringify(location)}: ` +
+					'this string contains characters that cannot be used in HTTP headers'
+			);
+		}
 		this.status = status;
 		this.location = location;
 	}
@@ -65,7 +74,6 @@ class ActionFailure {
 }
 const text_encoder = new TextEncoder();
-new TextDecoder();
 /** @import { StandardSchemaV1 } from '@standard-schema/spec' */
@@ -150,7 +158,7 @@ function error(status, body) {
  * @param {300 | 301 | 302 | 303 | 304 | 305 | 306 | 307 | 308 | ({} & number)} status The [HTTP status code](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status#redirection_messages). Must be in the range 300-308.
  * @param {string | URL} location The location to redirect to.
  * @throws {Redirect} This error instructs SvelteKit to redirect to the specified location.
- * @throws {Error} If the provided status is invalid.
+ * @throws {Error} If the provided status is invalid or the location cannot be used as a header value.
  * @return {never}
  */
 function redirect(status, location) {
@@ -165,6 +173,15 @@ function redirect(status, location) {
 	);
 }
+/**
+ * Checks whether this is a redirect thrown by {@link redirect}.
+ * @param {unknown} e The object to check.
+ * @return {e is Redirect}
+ */
+function isRedirect(e) {
+	return e instanceof Redirect;
+}
 /**
  * Create a JSON `Response` object from the supplied data.
  * @param {any} data The value that will be serialized as JSON.
@@ -215,5 +232,5 @@ function text(body, init) {
 	});
 }
-export { ActionFailure as A, HttpError as H, Redirect as R, SvelteKitError as S, error as e, json as j, redirect as r, text as t };
-//# sourceMappingURL=index-wpIsICWW.js.map
+export { ActionFailure as A, HttpError as H, Redirect as R, SvelteKitError as S, error as e, isRedirect as i, json as j, redirect as r, text as t };
+//# sourceMappingURL=index-NcxaM188.js.map

package/build/server/chunks/index-NcxaM188.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index-NcxaM188.js","sources":["../../../node_modules/.pnpm/@sveltejs+kit@2.60.1_@sveltejs+vite-plugin-svelte@6.2.4_svelte@5.55.7_@typescript-eslin_99290c215b9ac496ad155a5e7a7ba93e/node_modules/@sveltejs/kit/src/exports/internal/index.js","../../../node_modules/.pnpm/@sveltejs+kit@2.60.1_@sveltejs+vite-plugin-svelte@6.2.4_svelte@5.55.7_@typescript-eslin_99290c215b9ac496ad155a5e7a7ba93e/node_modules/@sveltejs/kit/src/runtime/utils.js","../../../node_modules/.pnpm/@sveltejs+kit@2.60.1_@sveltejs+vite-plugin-svelte@6.2.4_svelte@5.55.7_@typescript-eslin_99290c215b9ac496ad155a5e7a7ba93e/node_modules/@sveltejs/kit/src/exports/index.js"],"sourcesContent":["/** @import { StandardSchemaV1 } from '@standard-schema/spec' */\n\nexport class HttpError {\n\t/**\n\t * @param {number} status\n\t * @param {{message: string} extends App.Error ? (App.Error | string | undefined) : App.Error} body\n\t */\n\tconstructor(status, body) {\n\t\tthis.status = status;\n\t\tif (typeof body === 'string') {\n\t\t\tthis.body = { message: body };\n\t\t} else if (body) {\n\t\t\tthis.body = body;\n\t\t} else {\n\t\t\tthis.body = { message: `Error: ${status}` };\n\t\t}\n\t}\n\n\ttoString() {\n\t\treturn JSON.stringify(this.body);\n\t}\n}\n\nexport class Redirect {\n\t/**\n\t * @param {300 | 301 | 302 | 303 | 304 | 305 | 306 | 307 | 308} status\n\t * @param {string} location\n\t */\n\tconstructor(status, location) {\n\t\ttry {\n\t\t\tnew Headers({ location });\n\t\t} catch {\n\t\t\tthrow new Error(\n\t\t\t\t`Invalid redirect location ${JSON.stringify(location)}: ` +\n\t\t\t\t\t'this string contains characters that cannot be used in HTTP headers'\n\t\t\t);\n\t\t}\n\n\t\tthis.status = status;\n\t\tthis.location = location;\n\t}\n}\n\n/**\n * An error that was thrown from within the SvelteKit runtime that is not fatal and doesn't result in a 500, such as a 404.\n * `SvelteKitError` goes through `handleError`.\n * @extends Error\n */\nexport class SvelteKitError extends Error {\n\t/**\n\t * @param {number} status\n\t * @param {string} text\n\t * @param {string} message\n\t */\n\tconstructor(status, text, message) {\n\t\tsuper(message);\n\t\tthis.status = status;\n\t\tthis.text = text;\n\t}\n}\n\n/**\n * @template [T=undefined]\n */\nexport class ActionFailure {\n\t/**\n\t * @param {number} status\n\t * @param {T} data\n\t */\n\tconstructor(status, data) {\n\t\tthis.status = status;\n\t\tthis.data = data;\n\t}\n}\n\n/**\n * Error thrown when form validation fails imperatively\n */\nexport class ValidationError extends Error {\n\t/**\n\t * @param {StandardSchemaV1.Issue[]} issues\n\t */\n\tconstructor(issues) {\n\t\tsuper('Validation failed');\n\t\tthis.name = 'ValidationError';\n\t\tthis.issues = issues;\n\t}\n}\n\nexport { init_remote_functions } from './remote-functions.js';\n","import { BROWSER } from 'esm-env';\n\nexport const text_encoder = new TextEncoder();\n\n/**\n * Like node's path.relative, but without using node\n * @param {string} from\n * @param {string} to\n */\nexport function get_relative_path(from, to) {\n\tconst from_parts = from.split(/[/\\\\]/);\n\tconst to_parts = to.split(/[/\\\\]/);\n\tfrom_parts.pop(); // get dirname\n\n\twhile (from_parts[0] === to_parts[0]) {\n\t\tfrom_parts.shift();\n\t\tto_parts.shift();\n\t}\n\n\tlet i = from_parts.length;\n\twhile (i--) from_parts[i] = '..';\n\n\treturn from_parts.concat(to_parts).join('/');\n}\n\n/**\n * @param {Uint8Array} bytes\n * @returns {string}\n */\nexport function base64_encode(bytes) {\n\t// Using `Buffer` is faster than iterating\n\tif (!BROWSER && globalThis.Buffer) {\n\t\treturn globalThis.Buffer.from(bytes).toString('base64');\n\t}\n\n\tlet binary = '';\n\n\tfor (let i = 0; i < bytes.length; i++) {\n\t\tbinary += String.fromCharCode(bytes[i]);\n\t}\n\n\treturn btoa(binary);\n}\n\n/**\n * @param {string} encoded\n * @returns {Uint8Array}\n */\nexport function base64_decode(encoded) {\n\t// Using `Buffer` is faster than iterating\n\tif (!BROWSER && globalThis.Buffer) {\n\t\tconst buffer = globalThis.Buffer.from(encoded, 'base64');\n\t\treturn new Uint8Array(buffer);\n\t}\n\n\tconst binary = atob(encoded);\n\tconst bytes = new Uint8Array(binary.length);\n\n\tfor (let i = 0; i < binary.length; i++) {\n\t\tbytes[i] = binary.charCodeAt(i);\n\t}\n\n\treturn bytes;\n}\n","/** @import { StandardSchemaV1 } from '@standard-schema/spec' */\n\nimport { HttpError, Redirect, ActionFailure, ValidationError } from './internal/index.js';\nimport { BROWSER, DEV } from 'esm-env';\nimport {\n\tadd_data_suffix,\n\tadd_resolution_suffix,\n\thas_data_suffix,\n\thas_resolution_suffix,\n\tstrip_data_suffix,\n\tstrip_resolution_suffix\n} from '../runtime/pathname.js';\nimport { text_encoder } from '../runtime/utils.js';\n\nexport { VERSION } from '../version.js';\n\n// TODO 3.0: remove these types as they are not used anymore (we can't remove them yet because that would be a breaking change)\n/**\n * @template {number} TNumber\n * @template {any[]} [TArray=[]]\n * @typedef {TNumber extends TArray['length'] ? TArray[number] : LessThan<TNumber, [...TArray, TArray['length']]>} LessThan\n */\n\n/**\n * @template {number} TStart\n * @template {number} TEnd\n * @typedef {Exclude<TEnd | LessThan<TEnd>, LessThan<TStart>>} NumericRange\n */\n\n// Keep the status codes as `number` because restricting to certain numbers makes it unnecessarily hard to use compared to the benefits\n// (we have runtime errors already to check for invalid codes). Also see https://github.com/sveltejs/kit/issues/11780\n\n// we have to repeat the JSDoc because the display for function overloads is broken\n// see https://github.com/microsoft/TypeScript/issues/55056\n\n/**\n * Throws an error with a HTTP status code and an optional message.\n * When called during request handling, this will cause SvelteKit to\n * return an error response without invoking `handleError`.\n * Make sure you're not catching the thrown error, which would prevent SvelteKit from handling it.\n * @param {number} status The [HTTP status code](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status#client_error_responses). Must be in the range 400-599.\n * @param {App.Error} body An object that conforms to the App.Error type. If a string is passed, it will be used as the message property.\n * @overload\n * @param {number} status\n * @param {App.Error} body\n * @return {never}\n * @throws {HttpError} This error instructs SvelteKit to initiate HTTP error handling.\n * @throws {Error} If the provided status is invalid (not between 400 and 599).\n */\n/**\n * Throws an error with a HTTP status code and an optional message.\n * When called during request handling, this will cause SvelteKit to\n * return an error response without invoking `handleError`.\n * Make sure you're not catching the thrown error, which would prevent SvelteKit from handling it.\n * @param {number} status The [HTTP status code](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status#client_error_responses). Must be in the range 400-599.\n * @param {{ message: string } extends App.Error ? App.Error | string | undefined : never} [body] An object that conforms to the App.Error type. If a string is passed, it will be used as the message property.\n * @overload\n * @param {number} status\n * @param {{ message: string } extends App.Error ? App.Error | string | undefined : never} [body]\n * @return {never}\n * @throws {HttpError} This error instructs SvelteKit to initiate HTTP error handling.\n * @throws {Error} If the provided status is invalid (not between 400 and 599).\n */\n/**\n * Throws an error with a HTTP status code and an optional message.\n * When called during request handling, this will cause SvelteKit to\n * return an error response without invoking `handleError`.\n * Make sure you're not catching the thrown error, which would prevent SvelteKit from handling it.\n * @param {number} status The [HTTP status code](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status#client_error_responses). Must be in the range 400-599.\n * @param {{ message: string } extends App.Error ? App.Error | string | undefined : never} body An object that conforms to the App.Error type. If a string is passed, it will be used as the message property.\n * @return {never}\n * @throws {HttpError} This error instructs SvelteKit to initiate HTTP error handling.\n * @throws {Error} If the provided status is invalid (not between 400 and 599).\n */\nexport function error(status, body) {\n\tif ((!BROWSER || DEV) && (isNaN(status) || status < 400 || status > 599)) {\n\t\tthrow new Error(`HTTP error status codes must be between 400 and 599 — ${status} is invalid`);\n\t}\n\n\tthrow new HttpError(status, body);\n}\n\n/**\n * Checks whether this is an error thrown by {@link error}.\n * @template {number} T\n * @param {unknown} e\n * @param {T} [status] The status to filter for.\n * @return {e is (HttpError & { status: T extends undefined ? never : T })}\n */\nexport function isHttpError(e, status) {\n\tif (!(e instanceof HttpError)) return false;\n\treturn !status || e.status === status;\n}\n\n/**\n * Redirect a request. When called during request handling, SvelteKit will return a redirect response.\n * Make sure you're not catching the thrown redirect, which would prevent SvelteKit from handling it.\n *\n * Most common status codes:\n * * `303 See Other`: redirect as a GET request (often used after a form POST request)\n * * `307 Temporary Redirect`: redirect will keep the request method\n * * `308 Permanent Redirect`: redirect will keep the request method, SEO will be transferred to the new page\n *\n * [See all redirect status codes](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status#redirection_messages)\n *\n * @param {300 | 301 | 302 | 303 | 304 | 305 | 306 | 307 | 308 | ({} & number)} status The [HTTP status code](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status#redirection_messages). Must be in the range 300-308.\n * @param {string | URL} location The location to redirect to.\n * @throws {Redirect} This error instructs SvelteKit to redirect to the specified location.\n * @throws {Error} If the provided status is invalid or the location cannot be used as a header value.\n * @return {never}\n */\nexport function redirect(status, location) {\n\tif ((!BROWSER || DEV) && (isNaN(status) || status < 300 || status > 308)) {\n\t\tthrow new Error('Invalid status code');\n\t}\n\n\tthrow new Redirect(\n\t\t// @ts-ignore\n\t\tstatus,\n\t\tlocation.toString()\n\t);\n}\n\n/**\n * Checks whether this is a redirect thrown by {@link redirect}.\n * @param {unknown} e The object to check.\n * @return {e is Redirect}\n */\nexport function isRedirect(e) {\n\treturn e instanceof Redirect;\n}\n\n/**\n * Create a JSON `Response` object from the supplied data.\n * @param {any} data The value that will be serialized as JSON.\n * @param {ResponseInit} [init] Options such as `status` and `headers` that will be added to the response. `Content-Type: application/json` and `Content-Length` headers will be added automatically.\n */\nexport function json(data, init) {\n\t// TODO deprecate this in favour of `Response.json` when it's\n\t// more widely supported\n\tconst body = JSON.stringify(data);\n\n\t// we can't just do `text(JSON.stringify(data), init)` because\n\t// it will set a default `content-type` header. duplicated code\n\t// means less duplicated work\n\tconst headers = new Headers(init?.headers);\n\tif (!headers.has('content-length')) {\n\t\theaders.set('content-length', text_encoder.encode(body).byteLength.toString());\n\t}\n\n\tif (!headers.has('content-type')) {\n\t\theaders.set('content-type', 'application/json');\n\t}\n\n\treturn new Response(body, {\n\t\t...init,\n\t\theaders\n\t});\n}\n\n/**\n * Create a `Response` object from the supplied body.\n * @param {string} body The value that will be used as-is.\n * @param {ResponseInit} [init] Options such as `status` and `headers` that will be added to the response. A `Content-Length` header will be added automatically.\n */\nexport function text(body, init) {\n\tconst headers = new Headers(init?.headers);\n\tif (!headers.has('content-length')) {\n\t\tconst encoded = text_encoder.encode(body);\n\t\theaders.set('content-length', encoded.byteLength.toString());\n\t\treturn new Response(encoded, {\n\t\t\t...init,\n\t\t\theaders\n\t\t});\n\t}\n\n\treturn new Response(body, {\n\t\t...init,\n\t\theaders\n\t});\n}\n\n/**\n * Create an `ActionFailure` object. Call when form submission fails.\n * @param {number} status The [HTTP status code](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status#client_error_responses). Must be in the range 400-599.\n * @overload\n * @param {number} status\n * @returns {import('./public.js').ActionFailure<undefined>}\n */\n/**\n * Create an `ActionFailure` object. Call when form submission fails.\n * @template [T=undefined]\n * @param {number} status The [HTTP status code](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status#client_error_responses). Must be in the range 400-599.\n * @param {T} data Data associated with the failure (e.g. validation errors)\n * @overload\n * @param {number} status\n * @param {T} data\n * @returns {import('./public.js').ActionFailure<T>}\n */\n/**\n * Create an `ActionFailure` object. Call when form submission fails.\n * @param {number} status\n * @param {any} [data]\n * @returns {import('./public.js').ActionFailure<any>}\n */\nexport function fail(status, data) {\n\t// @ts-expect-error unique symbol missing\n\treturn new ActionFailure(status, data);\n}\n\n/**\n * Checks whether this is an action failure thrown by {@link fail}.\n * @param {unknown} e The object to check.\n * @return {e is import('./public.js').ActionFailure}\n */\nexport function isActionFailure(e) {\n\treturn e instanceof ActionFailure;\n}\n\n/**\n * Use this to throw a validation error to imperatively fail form validation.\n * Can be used in combination with `issue` passed to form actions to create field-specific issues.\n *\n * @example\n * ```ts\n * import { invalid } from '@sveltejs/kit';\n * import { form } from '$app/server';\n * import { tryLogin } from '$lib/server/auth';\n * import * as v from 'valibot';\n *\n * export const login = form(\n * v.object({ name: v.string(), _password: v.string() }),\n * async ({ name, _password }) => {\n * const success = tryLogin(name, _password);\n * if (!success) {\n * invalid('Incorrect username or password');\n * }\n *\n * // ...\n * }\n * );\n * ```\n * @param {...(StandardSchemaV1.Issue | string)} issues\n * @returns {never}\n * @since 2.47.3\n */\nexport function invalid(...issues) {\n\tthrow new ValidationError(\n\t\tissues.map((issue) => (typeof issue === 'string' ? { message: issue } : issue))\n\t);\n}\n\n/**\n * Checks whether this is an validation error thrown by {@link invalid}.\n * @param {unknown} e The object to check.\n * @return {e is import('./public.js').ActionFailure}\n * @since 2.47.3\n */\nexport function isValidationError(e) {\n\treturn e instanceof ValidationError;\n}\n\n/**\n * Strips possible SvelteKit-internal suffixes and trailing slashes from the URL pathname.\n * Returns the normalized URL as well as a method for adding the potential suffix back\n * based on a new pathname (possibly including search) or URL.\n * ```js\n * import { normalizeUrl } from '@sveltejs/kit';\n *\n * const { url, denormalize } = normalizeUrl('/blog/post/__data.json');\n * console.log(url.pathname); // /blog/post\n * console.log(denormalize('/blog/post/a')); // /blog/post/a/__data.json\n * ```\n * @param {URL | string} url\n * @returns {{ url: URL, wasNormalized: boolean, denormalize: (url?: string | URL) => URL }}\n * @since 2.18.0\n */\nexport function normalizeUrl(url) {\n\turl = new URL(url, 'a://a');\n\n\tconst is_route_resolution = has_resolution_suffix(url.pathname);\n\tconst is_data_request = has_data_suffix(url.pathname);\n\tconst has_trailing_slash = url.pathname !== '/' && url.pathname.endsWith('/');\n\n\tif (is_route_resolution) {\n\t\turl.pathname = strip_resolution_suffix(url.pathname);\n\t} else if (is_data_request) {\n\t\turl.pathname = strip_data_suffix(url.pathname);\n\t} else if (has_trailing_slash) {\n\t\turl.pathname = url.pathname.slice(0, -1);\n\t}\n\n\treturn {\n\t\turl,\n\t\twasNormalized: is_data_request || is_route_resolution || has_trailing_slash,\n\t\tdenormalize: (new_url = url) => {\n\t\t\tnew_url = new URL(new_url, url);\n\t\t\tif (is_route_resolution) {\n\t\t\t\tnew_url.pathname = add_resolution_suffix(new_url.pathname);\n\t\t\t} else if (is_data_request) {\n\t\t\t\tnew_url.pathname = add_data_suffix(new_url.pathname);\n\t\t\t} else if (has_trailing_slash && !new_url.pathname.endsWith('/')) {\n\t\t\t\tnew_url.pathname += '/';\n\t\t\t}\n\t\t\treturn new_url;\n\t\t}\n\t};\n}\n"],"names":[],"mappings":"AAAA;;AAEO,MAAM,SAAS,CAAC;AACvB;AACA;AACA;AACA;AACA,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE;AAC3B,EAAE,IAAI,CAAC,MAAM,GAAG,MAAM;AACtB,EAAE,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;AAChC,GAAG,IAAI,CAAC,IAAI,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE;AAChC,EAAE,CAAC,MAAM,IAAI,IAAI,EAAE;AACnB,GAAG,IAAI,CAAC,IAAI,GAAG,IAAI;AACnB,EAAE,CAAC,MAAM;AACT,GAAG,IAAI,CAAC,IAAI,GAAG,EAAE,OAAO,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,EAAE;AAC9C,EAAE;AACF,CAAC;;AAED,CAAC,QAAQ,GAAG;AACZ,EAAE,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC;AAClC,CAAC;AACD;;AAEO,MAAM,QAAQ,CAAC;AACtB;AACA;AACA;AACA;AACA,CAAC,WAAW,CAAC,MAAM,EAAE,QAAQ,EAAE;AAC/B,EAAE,IAAI;AACN,GAAG,IAAI,OAAO,CAAC,EAAE,QAAQ,EAAE,CAAC;AAC5B,EAAE,CAAC,CAAC,MAAM;AACV,GAAG,MAAM,IAAI,KAAK;AAClB,IAAI,CAAC,0BAA0B,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;AAC7D,KAAK;AACL,IAAI;AACJ,EAAE;;AAEF,EAAE,IAAI,CAAC,MAAM,GAAG,MAAM;AACtB,EAAE,IAAI,CAAC,QAAQ,GAAG,QAAQ;AAC1B,CAAC;AACD;;AAEA;AACA;AACA;AACA;AACA;AACO,MAAM,cAAc,SAAS,KAAK,CAAC;AAC1C;AACA;AACA;AACA;AACA;AACA,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE;AACpC,EAAE,KAAK,CAAC,OAAO,CAAC;AAChB,EAAE,IAAI,CAAC,MAAM,GAAG,MAAM;AACtB,EAAE,IAAI,CAAC,IAAI,GAAG,IAAI;AAClB,CAAC;AACD;;AAEA;AACA;AACA;AACO,MAAM,aAAa,CAAC;AAC3B;AACA;AACA;AACA;AACA,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE;AAC3B,EAAE,IAAI,CAAC,MAAM,GAAG,MAAM;AACtB,EAAE,IAAI,CAAC,IAAI,GAAG,IAAI;AAClB,CAAC;AACD;;ACvEO,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE;;ACF7C;;;AAgBA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;;AAEA;AACA;;AAEA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAAS,KAAK,CAAC,MAAM,EAAE,IAAI,EAAE;AACpC,CAAC,IAAyB,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,GAAG,IAAI,MAAM,GAAG,GAAG,CAAC,EAAE;AAC3E,EAAE,MAAM,IAAI,KAAK,CAAC,CAAC,sDAAsD,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;AAC/F,CAAC;;AAED,CAAC,MAAM,IAAI,SAAS,CAAC,MAAM,EAAE,IAAI,CAAC;AAClC;;AAcA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAAS,QAAQ,CAAC,MAAM,EAAE,QAAQ,EAAE;AAC3C,CAAC,IAAyB,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,GAAG,IAAI,MAAM,GAAG,GAAG,CAAC,EAAE;AAC3E,EAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC;AACxC,CAAC;;AAED,CAAC,MAAM,IAAI,QAAQ;AACnB;AACA,EAAE,MAAM;AACR,EAAE,QAAQ,CAAC,QAAQ;AACnB,EAAE;AACF;;AAEA;AACA;AACA;AACA;AACA;AACO,SAAS,UAAU,CAAC,CAAC,EAAE;AAC9B,CAAC,OAAO,CAAC,YAAY,QAAQ;AAC7B;;AAEA;AACA;AACA;AACA;AACA;AACO,SAAS,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE;AACjC;AACA;AACA,CAAC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;;AAElC;AACA;AACA;AACA,CAAC,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC;AAC3C,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,EAAE;AACrC,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;AAChF,CAAC;;AAED,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE;AACnC,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,kBAAkB,CAAC;AACjD,CAAC;;AAED,CAAC,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE;AAC3B,EAAE,GAAG,IAAI;AACT,EAAE;AACF,EAAE,CAAC;AACH;;AAEA;AACA;AACA;AACA;AACA;AACO,SAAS,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE;AACjC,CAAC,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC;AAC3C,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,EAAE;AACrC,EAAE,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC;AAC3C,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;AAC9D,EAAE,OAAO,IAAI,QAAQ,CAAC,OAAO,EAAE;AAC/B,GAAG,GAAG,IAAI;AACV,GAAG;AACH,GAAG,CAAC;AACJ,CAAC;;AAED,CAAC,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE;AAC3B,EAAE,GAAG,IAAI;AACT,EAAE;AACF,EAAE,CAAC;AACH;;;;","x_google_ignoreList":[0,1,2]}

package/build/server/chunks/{index2-DMabdSHV.js → index2-B0RgZaJY.js} RENAMED Viewed

@@ -1,5 +1,5 @@
-import './client-C7bEwskR.js';
-import { g as getContext } from './url-hmE1zcJ6.js';
+import './client-COtw9Xqw.js';
+import { g as getContext } from './root-otUAnOAR.js';
 function context() {
   return getContext("__request__");
@@ -21,4 +21,4 @@ const page$1 = {
 const page = page$1;
 export { page as p };
-//# sourceMappingURL=index2-DMabdSHV.js.map
+//# sourceMappingURL=index2-B0RgZaJY.js.map

package/build/server/chunks/{index2-DMabdSHV.js.map → index2-B0RgZaJY.js.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index2-~~DMabdSHV~~.js","sources":["../../../.svelte-kit/adapter-node/chunks/index2.js"],"sourcesContent":["import \"./client.js\";\nimport { g as getContext } from \"./root.js\";\nfunction context() {\n return getContext(\"__request__\");\n}\nconst page$1 = {\n get data() {\n return context().page.data;\n },\n get error() {\n return context().page.error;\n },\n get status() {\n return context().page.status;\n },\n get url() {\n return context().page.url;\n }\n};\nconst page = page$1;\nexport {\n page as p\n};\n"],"names":[],"mappings":";;;AAEA,SAAS,OAAO,GAAG;AACnB,EAAE,OAAO,UAAU,CAAC,aAAa,CAAC;AAClC;AACA,MAAM,MAAM,GAAG;AACf,EAAE,IAAI,IAAI,GAAG;AACb,IAAI,OAAO,OAAO,EAAE,CAAC,IAAI,CAAC,IAAI;AAC9B,EAAE,CAAC;AACH,EAAE,IAAI,KAAK,GAAG;AACd,IAAI,OAAO,OAAO,EAAE,CAAC,IAAI,CAAC,KAAK;AAC/B,EAAE,CAAC;AACH,EAAE,IAAI,MAAM,GAAG;AACf,IAAI,OAAO,OAAO,EAAE,CAAC,IAAI,CAAC,MAAM;AAChC,EAAE,CAAC;AACH,EAAE,IAAI,GAAG,GAAG;AACZ,IAAI,OAAO,OAAO,EAAE,CAAC,IAAI,CAAC,GAAG;AAC7B,EAAE;AACF,CAAC;AACI,MAAC,IAAI,GAAG;;;;"}
1	+ {"version":3,"file":"index2-B0RgZaJY.js","sources":["../../../.svelte-kit/adapter-node/chunks/index2.js"],"sourcesContent":["import \"./client.js\";\nimport { g as getContext } from \"./root.js\";\nfunction context() {\n return getContext(\"__request__\");\n}\nconst page$1 = {\n get data() {\n return context().page.data;\n },\n get error() {\n return context().page.error;\n },\n get status() {\n return context().page.status;\n },\n get url() {\n return context().page.url;\n }\n};\nconst page = page$1;\nexport {\n page as p\n};\n"],"names":[],"mappings":";;;AAEA,SAAS,OAAO,GAAG;AACnB,EAAE,OAAO,UAAU,CAAC,aAAa,CAAC;AAClC;AACA,MAAM,MAAM,GAAG;AACf,EAAE,IAAI,IAAI,GAAG;AACb,IAAI,OAAO,OAAO,EAAE,CAAC,IAAI,CAAC,IAAI;AAC9B,EAAE,CAAC;AACH,EAAE,IAAI,KAAK,GAAG;AACd,IAAI,OAAO,OAAO,EAAE,CAAC,IAAI,CAAC,KAAK;AAC/B,EAAE,CAAC;AACH,EAAE,IAAI,MAAM,GAAG;AACf,IAAI,OAAO,OAAO,EAAE,CAAC,IAAI,CAAC,MAAM;AAChC,EAAE,CAAC;AACH,EAAE,IAAI,GAAG,GAAG;AACZ,IAAI,OAAO,OAAO,EAAE,CAAC,IAAI,CAAC,GAAG;AAC7B,EAAE;AACF,CAAC;AACI,MAAC,IAAI,GAAG;;;;"}

package/build/server/chunks/{layout.svelte-CJcHX-Na.js → layout.svelte-PFROMnUZ.js} RENAMED Viewed

@@ -1,4 +1,4 @@
-import './async-lVJA8xJZ.js';
+import './async-DUoD1OpG.js';
 function Layout($$renderer, $$props) {
   let { children } = $$props;
@@ -7,4 +7,4 @@ function Layout($$renderer, $$props) {
 }
 export { Layout as default };
-//# sourceMappingURL=layout.svelte-CJcHX-Na.js.map
+//# sourceMappingURL=layout.svelte-PFROMnUZ.js.map

package/build/server/chunks/{layout.svelte-CJcHX-Na.js.map → layout.svelte-PFROMnUZ.js.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"layout.svelte-~~CJcHX-Na~~.js","sources":["../../../.svelte-kit/adapter-node/entries/fallbacks/layout.svelte.js"],"sourcesContent":["import \"../../chunks/async.js\";\nfunction Layout($$renderer, $$props) {\n let { children } = $$props;\n children($$renderer);\n $$renderer.push(`<!---->`);\n}\nexport {\n Layout as default\n};\n"],"names":[],"mappings":";;AACA,SAAS,MAAM,CAAC,UAAU,EAAE,OAAO,EAAE;AACrC,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,OAAO;AAC5B,EAAE,QAAQ,CAAC,UAAU,CAAC;AACtB,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC;AAC5B;;;;"}
1	+ {"version":3,"file":"layout.svelte-PFROMnUZ.js","sources":["../../../.svelte-kit/adapter-node/entries/fallbacks/layout.svelte.js"],"sourcesContent":["import \"../../chunks/async.js\";\nfunction Layout($$renderer, $$props) {\n let { children } = $$props;\n children($$renderer);\n $$renderer.push(`<!---->`);\n}\nexport {\n Layout as default\n};\n"],"names":[],"mappings":";;AACA,SAAS,MAAM,CAAC,UAAU,EAAE,OAAO,EAAE;AACrC,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,OAAO;AAC5B,EAAE,QAAQ,CAAC,UAAU,CAAC;AACtB,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC;AAC5B;;;;"}

package/build/server/chunks/{oauth-BbSyq_Sb.js → oauth-D6jTWKFd.js} RENAMED Viewed

@@ -1,5 +1,5 @@
 import { b as base } from './server-Crjo4w1q.js';
-import './url-hmE1zcJ6.js';
+import './root-otUAnOAR.js';
 import { p as private_env } from './shared-server-BmU87nph.js';
 import { createHmac, timingSafeEqual, randomBytes, createHash } from 'node:crypto';
@@ -245,4 +245,4 @@ function cookieOptions(url, maxAge) {
 }
 export { OAUTH_CIMD_CLIENT_ID as O, getCallbackUrl as a, extractUserFromIdToken as b, cookieOptions as c, checkRequiredClaim as d, exchangeCode as e, createSessionCookie as f, getOAuthConfig as g, OAUTH_RETURN_COOKIE as h, generateCodeVerifier as i, generateCodeChallenge as j, generateState as k, buildAuthorizationUrl as l, sanitizeOAuthReturnPath as s, verifySession as v };
-//# sourceMappingURL=oauth-BbSyq_Sb.js.map
+//# sourceMappingURL=oauth-D6jTWKFd.js.map

package/build/server/chunks/{oauth-BbSyq_Sb.js.map → oauth-D6jTWKFd.js.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"oauth-BbSyq_Sb.js","sources":["../../../.svelte-kit/adapter-node/chunks/oauth.js"],"sourcesContent":["import { b as base } from \"./server.js\";\nimport \"./url.js\";\nimport \"@sveltejs/kit/internal/server\";\nimport \"./root.js\";\nimport { b as private_env } from \"./shared-server.js\";\nimport { createHmac, randomBytes, createHash, timingSafeEqual } from \"node:crypto\";\nconst DEFAULT_SESSION_DURATION = 86400;\nconst OAUTH_CIMD_CLIENT_ID = \"__CIMD__\";\nlet cachedConfig;\nfunction parseSessionDuration(rawDuration) {\n if (!rawDuration) {\n return DEFAULT_SESSION_DURATION;\n }\n const parsed = Number(rawDuration);\n if (!Number.isInteger(parsed) \|\| parsed <= 0) {\n return DEFAULT_SESSION_DURATION;\n }\n return parsed;\n}\nasync function fetchOpenIDConfiguration(issuerUrl) {\n const wellKnown = issuerUrl.replace(/\\/+$/, \"\") + \"/.well-known/openid-configuration\";\n const response = await fetch(wellKnown);\n if (!response.ok) {\n throw new Error(`Failed to fetch OpenID configuration from ${wellKnown} (${response.status})`);\n }\n const config = await response.json();\n if (!config.authorization_endpoint \|\| !config.token_endpoint) {\n throw new Error(`OpenID configuration at ${wellKnown} is missing required endpoints`);\n }\n return config;\n}\nasync function getOAuthConfig() {\n if (cachedConfig !== void 0) {\n return cachedConfig;\n }\n const clientId = private_env.MONGOKU_OAUTH_CLIENT_ID;\n if (!clientId) {\n cachedConfig = null;\n return null;\n }\n const issuerUrl = private_env.MONGOKU_OAUTH_ISSUER_URL;\n const sessionSecret = private_env.MONGOKU_OAUTH_SESSION_SECRET;\n if (!issuerUrl \|\| !sessionSecret) {\n throw new Error(\n \"OAuth is partially configured. When MONGOKU_OAUTH_CLIENT_ID is set, MONGOKU_OAUTH_ISSUER_URL and MONGOKU_OAUTH_SESSION_SECRET are also required.\"\n );\n }\n const oidc = await fetchOpenIDConfiguration(issuerUrl);\n const allowedSubsRaw = private_env.MONGOKU_OAUTH_ALLOWED_SUBS;\n const allowedSubs = allowedSubsRaw ? new Set(\n allowedSubsRaw.split(\",\").map((s) => s.trim()).filter(Boolean)\n ) : void 0;\n const requiredClaimRaw = private_env.MONGOKU_OAUTH_REQUIRED_CLAIM;\n let requiredClaim;\n if (requiredClaimRaw) {\n const eqIndex = requiredClaimRaw.indexOf(\"=\");\n if (eqIndex <= 0) {\n throw new Error('MONGOKU_OAUTH_REQUIRED_CLAIM must be in the format \"field=value\" (e.g. \"authority=admin\")');\n }\n requiredClaim = {\n field: requiredClaimRaw.slice(0, eqIndex),\n value: requiredClaimRaw.slice(eqIndex + 1)\n };\n }\n cachedConfig = {\n clientId,\n issuerUrl,\n authorizationUrl: oidc.authorization_endpoint,\n tokenUrl: oidc.token_endpoint,\n scopes: private_env.MONGOKU_OAUTH_SCOPES ?? \"openid profile email\",\n sessionSecret,\n sessionDuration: parseSessionDuration(private_env.MONGOKU_OAUTH_SESSION_DURATION),\n allowedSubs,\n requiredClaim\n };\n return cachedConfig;\n}\nfunction resolveOAuthClientId(config, origin) {\n if (config.clientId !== OAUTH_CIMD_CLIENT_ID) {\n return config.clientId;\n }\n return new URL(`${base}/.well-known/cimd.json`, origin).toString();\n}\nfunction base64url(buffer) {\n return buffer.toString(\"base64url\");\n}\nfunction generateCodeVerifier() {\n return base64url(randomBytes(64));\n}\nfunction generateCodeChallenge(verifier) {\n return base64url(createHash(\"sha256\").update(verifier).digest());\n}\nfunction generateState() {\n return base64url(randomBytes(32));\n}\nfunction buildAuthorizationUrl(config, origin, callbackUrl, codeChallenge, state) {\n const url = new URL(config.authorizationUrl);\n url.searchParams.set(\"client_id\", resolveOAuthClientId(config, origin));\n url.searchParams.set(\"response_type\", \"code\");\n url.searchParams.set(\"redirect_uri\", callbackUrl);\n url.searchParams.set(\"scope\", config.scopes);\n url.searchParams.set(\"state\", state);\n url.searchParams.set(\"code_challenge\", codeChallenge);\n url.searchParams.set(\"code_challenge_method\", \"S256\");\n return url.toString();\n}\nasync function exchangeCode(config, origin, code, codeVerifier, callbackUrl) {\n const body = new URLSearchParams({\n grant_type: \"authorization_code\",\n code,\n redirect_uri: callbackUrl,\n client_id: resolveOAuthClientId(config, origin),\n code_verifier: codeVerifier\n });\n const response = await fetch(config.tokenUrl, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/x-www-form-urlencoded\" },\n body: body.toString()\n });\n if (!response.ok) {\n const text = await response.text();\n throw new Error(`Token exchange failed (${response.status}): ${text}`);\n }\n return response.json();\n}\nfunction extractUserFromIdToken(idToken) {\n try {\n const parts = idToken.split(\".\");\n if (parts.length !== 3) {\n return { user: {}, claims: {} };\n }\n const claims = JSON.parse(Buffer.from(parts[1], \"base64url\").toString());\n return {\n user: {\n sub: claims.sub,\n name: claims.name \|\| claims.preferred_username,\n email: claims.email\n },\n claims\n };\n } catch {\n return { user: {}, claims: {} };\n }\n}\nfunction checkRequiredClaim(claims, required) {\n const actual = claims[required.field];\n if (Array.isArray(actual)) {\n return actual.includes(required.value);\n }\n return String(actual) === required.value;\n}\nfunction createSessionCookie(config, user) {\n const sessionDuration = Number.isInteger(config.sessionDuration) && config.sessionDuration > 0 ? config.sessionDuration : DEFAULT_SESSION_DURATION;\n const payload = {\n ...user,\n exp: Math.floor(Date.now() / 1e3) + sessionDuration\n };\n const payloadStr = Buffer.from(JSON.stringify(payload)).toString(\"base64url\");\n const signature = createHmac(\"sha256\", config.sessionSecret).update(payloadStr).digest(\"base64url\");\n return `${payloadStr}.${signature}`;\n}\nfunction verifySession(config, cookie) {\n const dotIndex = cookie.lastIndexOf(\".\");\n if (dotIndex === -1) {\n return null;\n }\n const payloadStr = cookie.slice(0, dotIndex);\n const signature = cookie.slice(dotIndex + 1);\n const expectedSignature = createHmac(\"sha256\", config.sessionSecret).update(payloadStr).digest(\"base64url\");\n const a = Buffer.from(signature);\n const b = Buffer.from(expectedSignature);\n if (a.length !== b.length \|\| !timingSafeEqual(a, b)) {\n return null;\n }\n try {\n const payload = JSON.parse(Buffer.from(payloadStr, \"base64url\").toString());\n if (!Number.isFinite(payload.exp)) {\n return null;\n }\n if (payload.exp < Math.floor(Date.now() / 1e3)) {\n return null;\n }\n return payload;\n } catch {\n return null;\n }\n}\nfunction getCallbackUrl(origin) {\n return `${origin}${base}/auth/callback`;\n}\nconst OAUTH_AUTH_PREFIX = `${base}/auth`;\nfunction sanitizeOAuthReturnPath(requestUrl, raw) {\n if (raw == null \|\| raw === \"\") {\n return null;\n }\n const trimmed = raw.trim();\n if (trimmed.startsWith(\"//\")) {\n return null;\n }\n let pathWithSearch;\n if (/^https?:\\/\\//i.test(trimmed)) {\n let parsed;\n try {\n parsed = new URL(trimmed);\n } catch {\n return null;\n }\n if (parsed.origin !== requestUrl.origin) {\n return null;\n }\n pathWithSearch = parsed.pathname + parsed.search;\n } else if (trimmed.startsWith(\"/\")) {\n try {\n const parsed = new URL(trimmed, requestUrl.origin);\n if (parsed.origin !== requestUrl.origin) {\n return null;\n }\n pathWithSearch = parsed.pathname + parsed.search;\n } catch {\n return null;\n }\n } else {\n return null;\n }\n if (base !== \"\") {\n if (pathWithSearch !== base && !pathWithSearch.startsWith(`${base}/`)) {\n return null;\n }\n } else if (!pathWithSearch.startsWith(\"/\")) {\n return null;\n }\n if (pathWithSearch === OAUTH_AUTH_PREFIX \|\| pathWithSearch.startsWith(`${OAUTH_AUTH_PREFIX}/`)) {\n return null;\n }\n return pathWithSearch;\n}\nconst OAUTH_RETURN_COOKIE = \"mongoku_oauth_return\";\nfunction cookieOptions(url, maxAge) {\n return {\n httpOnly: true,\n secure: url.protocol === \"https:\",\n sameSite: \"lax\",\n path: base \|\| \"/\",\n ...maxAge !== void 0 && { maxAge }\n };\n}\nexport {\n OAUTH_CIMD_CLIENT_ID as O,\n getCallbackUrl as a,\n extractUserFromIdToken as b,\n cookieOptions as c,\n checkRequiredClaim as d,\n exchangeCode as e,\n createSessionCookie as f,\n getOAuthConfig as g,\n OAUTH_RETURN_COOKIE as h,\n generateCodeVerifier as i,\n generateCodeChallenge as j,\n generateState as k,\n buildAuthorizationUrl as l,\n sanitizeOAuthReturnPath as s,\n verifySession as v\n};\n"],"names":[],"mappings":";;;;;AAMA,MAAM,wBAAwB,GAAG,KAAK;AACjC,MAAC,oBAAoB,GAAG;AAC7B,IAAI,YAAY;AAChB,SAAS,oBAAoB,CAAC,WAAW,EAAE;AAC3C,EAAE,IAAI,CAAC,WAAW,EAAE;AACpB,IAAI,OAAO,wBAAwB;AACnC,EAAE;AACF,EAAE,MAAM,MAAM,GAAG,MAAM,CAAC,WAAW,CAAC;AACpC,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,MAAM,IAAI,CAAC,EAAE;AAChD,IAAI,OAAO,wBAAwB;AACnC,EAAE;AACF,EAAE,OAAO,MAAM;AACf;AACA,eAAe,wBAAwB,CAAC,SAAS,EAAE;AACnD,EAAE,MAAM,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,mCAAmC;AACvF,EAAE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC;AACzC,EAAE,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE;AACpB,IAAI,MAAM,IAAI,KAAK,CAAC,CAAC,0CAA0C,EAAE,SAAS,CAAC,EAAE,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AAClG,EAAE;AACF,EAAE,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE;AACtC,EAAE,IAAI,CAAC,MAAM,CAAC,sBAAsB,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE;AAChE,IAAI,MAAM,IAAI,KAAK,CAAC,CAAC,wBAAwB,EAAE,SAAS,CAAC,8BAA8B,CAAC,CAAC;AACzF,EAAE;AACF,EAAE,OAAO,MAAM;AACf;AACA,eAAe,cAAc,GAAG;AAChC,EAAE,IAAI,YAAY,KAAK,MAAM,EAAE;AAC/B,IAAI,OAAO,YAAY;AACvB,EAAE;AACF,EAAE,MAAM,QAAQ,GAAG,WAAW,CAAC,uBAAuB;AACtD,EAAE,IAAI,CAAC,QAAQ,EAAE;AACjB,IAAI,YAAY,GAAG,IAAI;AACvB,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,MAAM,SAAS,GAAG,WAAW,CAAC,wBAAwB;AACxD,EAAE,MAAM,aAAa,GAAG,WAAW,CAAC,4BAA4B;AAChE,EAAE,IAAI,CAAC,SAAS,IAAI,CAAC,aAAa,EAAE;AACpC,IAAI,MAAM,IAAI,KAAK;AACnB,MAAM;AACN,KAAK;AACL,EAAE;AACF,EAAE,MAAM,IAAI,GAAG,MAAM,wBAAwB,CAAC,SAAS,CAAC;AACxD,EAAE,MAAM,cAAc,GAAG,WAAW,CAAC,0BAA0B;AAC/D,EAAE,MAAM,WAAW,GAAG,cAAc,GAAG,IAAI,GAAG;AAC9C,IAAI,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO;AACjE,GAAG,GAAG,MAAM;AACZ,EAAE,MAAM,gBAAgB,GAAG,WAAW,CAAC,4BAA4B;AACnE,EAAE,IAAI,aAAa;AACnB,EAAE,IAAI,gBAAgB,EAAE;AACxB,IAAI,MAAM,OAAO,GAAG,gBAAgB,CAAC,OAAO,CAAC,GAAG,CAAC;AACjD,IAAI,IAAI,OAAO,IAAI,CAAC,EAAE;AACtB,MAAM,MAAM,IAAI,KAAK,CAAC,2FAA2F,CAAC;AAClH,IAAI;AACJ,IAAI,aAAa,GAAG;AACpB,MAAM,KAAK,EAAE,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,OAAO,CAAC;AAC/C,MAAM,KAAK,EAAE,gBAAgB,CAAC,KAAK,CAAC,OAAO,GAAG,CAAC;AAC/C,KAAK;AACL,EAAE;AACF,EAAE,YAAY,GAAG;AACjB,IAAI,QAAQ;AACZ,IAAI,SAAS;AACb,IAAI,gBAAgB,EAAE,IAAI,CAAC,sBAAsB;AACjD,IAAI,QAAQ,EAAE,IAAI,CAAC,cAAc;AACjC,IAAI,MAAM,EAAE,WAAW,CAAC,oBAAoB,IAAI,sBAAsB;AACtE,IAAI,aAAa;AACjB,IAAI,eAAe,EAAE,oBAAoB,CAAC,WAAW,CAAC,8BAA8B,CAAC;AACrF,IAAI,WAAW;AACf,IAAI;AACJ,GAAG;AACH,EAAE,OAAO,YAAY;AACrB;AACA,SAAS,oBAAoB,CAAC,MAAM,EAAE,MAAM,EAAE;AAC9C,EAAE,IAAI,MAAM,CAAC,QAAQ,KAAK,oBAAoB,EAAE;AAChD,IAAI,OAAO,MAAM,CAAC,QAAQ;AAC1B,EAAE;AACF,EAAE,OAAO,IAAI,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,sBAAsB,CAAC,EAAE,MAAM,CAAC,CAAC,QAAQ,EAAE;AACpE;AACA,SAAS,SAAS,CAAC,MAAM,EAAE;AAC3B,EAAE,OAAO,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC;AACrC;AACA,SAAS,oBAAoB,GAAG;AAChC,EAAE,OAAO,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;AACnC;AACA,SAAS,qBAAqB,CAAC,QAAQ,EAAE;AACzC,EAAE,OAAO,SAAS,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,CAAC;AAClE;AACA,SAAS,aAAa,GAAG;AACzB,EAAE,OAAO,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;AACnC;AACA,SAAS,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,aAAa,EAAE,KAAK,EAAE;AAClF,EAAE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,gBAAgB,CAAC;AAC9C,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,oBAAoB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACzE,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC;AAC/C,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC;AACnD,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC;AAC9C,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC;AACtC,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,gBAAgB,EAAE,aAAa,CAAC;AACvD,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,EAAE,MAAM,CAAC;AACvD,EAAE,OAAO,GAAG,CAAC,QAAQ,EAAE;AACvB;AACA,eAAe,YAAY,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE;AAC7E,EAAE,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;AACnC,IAAI,UAAU,EAAE,oBAAoB;AACpC,IAAI,IAAI;AACR,IAAI,YAAY,EAAE,WAAW;AAC7B,IAAI,SAAS,EAAE,oBAAoB,CAAC,MAAM,EAAE,MAAM,CAAC;AACnD,IAAI,aAAa,EAAE;AACnB,GAAG,CAAC;AACJ,EAAE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,QAAQ,EAAE;AAChD,IAAI,MAAM,EAAE,MAAM;AAClB,IAAI,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;AACpE,IAAI,IAAI,EAAE,IAAI,CAAC,QAAQ;AACvB,GAAG,CAAC;AACJ,EAAE,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE;AACpB,IAAI,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE;AACtC,IAAI,MAAM,IAAI,KAAK,CAAC,CAAC,uBAAuB,EAAE,QAAQ,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;AAC1E,EAAE;AACF,EAAE,OAAO,QAAQ,CAAC,IAAI,EAAE;AACxB;AACA,SAAS,sBAAsB,CAAC,OAAO,EAAE;AACzC,EAAE,IAAI;AACN,IAAI,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC;AACpC,IAAI,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;AAC5B,MAAM,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE;AACrC,IAAI;AACJ,IAAI,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,QAAQ,EAAE,CAAC;AAC5E,IAAI,OAAO;AACX,MAAM,IAAI,EAAE;AACZ,QAAQ,GAAG,EAAE,MAAM,CAAC,GAAG;AACvB,QAAQ,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,MAAM,CAAC,kBAAkB;AACtD,QAAQ,KAAK,EAAE,MAAM,CAAC;AACtB,OAAO;AACP,MAAM;AACN,KAAK;AACL,EAAE,CAAC,CAAC,MAAM;AACV,IAAI,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE;AACnC,EAAE;AACF;AACA,SAAS,kBAAkB,CAAC,MAAM,EAAE,QAAQ,EAAE;AAC9C,EAAE,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC;AACvC,EAAE,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;AAC7B,IAAI,OAAO,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC;AAC1C,EAAE;AACF,EAAE,OAAO,MAAM,CAAC,MAAM,CAAC,KAAK,QAAQ,CAAC,KAAK;AAC1C;AACA,SAAS,mBAAmB,CAAC,MAAM,EAAE,IAAI,EAAE;AAC3C,EAAE,MAAM,eAAe,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,MAAM,CAAC,eAAe,GAAG,CAAC,GAAG,MAAM,CAAC,eAAe,GAAG,wBAAwB;AACpJ,EAAE,MAAM,OAAO,GAAG;AAClB,IAAI,GAAG,IAAI;AACX,IAAI,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,GAAG;AACxC,GAAG;AACH,EAAE,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;AAC/E,EAAE,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC;AACrG,EAAE,OAAO,CAAC,EAAE,UAAU,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;AACrC;AACA,SAAS,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE;AACvC,EAAE,MAAM,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC;AAC1C,EAAE,IAAI,QAAQ,KAAK,EAAE,EAAE;AACvB,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC;AAC9C,EAAE,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,QAAQ,GAAG,CAAC,CAAC;AAC9C,EAAE,MAAM,iBAAiB,GAAG,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC;AAC7G,EAAE,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC;AAClC,EAAE,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC;AAC1C,EAAE,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;AACvD,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,IAAI;AACN,IAAI,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,QAAQ,EAAE,CAAC;AAC/E,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;AACvC,MAAM,OAAO,IAAI;AACjB,IAAI;AACJ,IAAI,IAAI,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE;AACpD,MAAM,OAAO,IAAI;AACjB,IAAI;AACJ,IAAI,OAAO,OAAO;AAClB,EAAE,CAAC,CAAC,MAAM;AACV,IAAI,OAAO,IAAI;AACf,EAAE;AACF;AACA,SAAS,cAAc,CAAC,MAAM,EAAE;AAChC,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,EAAE,IAAI,CAAC,cAAc,CAAC;AACzC;AACA,MAAM,iBAAiB,GAAG,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC;AACxC,SAAS,uBAAuB,CAAC,UAAU,EAAE,GAAG,EAAE;AAClD,EAAE,IAAI,GAAG,IAAI,IAAI,IAAI,GAAG,KAAK,EAAE,EAAE;AACjC,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,EAAE;AAC5B,EAAE,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;AAChC,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,IAAI,cAAc;AACpB,EAAE,IAAI,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;AACrC,IAAI,IAAI,MAAM;AACd,IAAI,IAAI;AACR,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC;AAC/B,IAAI,CAAC,CAAC,MAAM;AACZ,MAAM,OAAO,IAAI;AACjB,IAAI;AACJ,IAAI,IAAI,MAAM,CAAC,MAAM,KAAK,UAAU,CAAC,MAAM,EAAE;AAC7C,MAAM,OAAO,IAAI;AACjB,IAAI;AACJ,IAAI,cAAc,GAAG,MAAM,CAAC,QAAQ,GAAG,MAAM,CAAC,MAAM;AACpD,EAAE,CAAC,MAAM,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE;AACtC,IAAI,IAAI;AACR,MAAM,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC;AACxD,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,UAAU,CAAC,MAAM,EAAE;AAC/C,QAAQ,OAAO,IAAI;AACnB,MAAM;AACN,MAAM,cAAc,GAAG,MAAM,CAAC,QAAQ,GAAG,MAAM,CAAC,MAAM;AACtD,IAAI,CAAC,CAAC,MAAM;AACZ,MAAM,OAAO,IAAI;AACjB,IAAI;AACJ,EAAE,CAAC,MAAM;AACT,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,IAAI,IAAI,KAAK,EAAE,EAAE;AACnB,IAAI,IAAI,cAAc,KAAK,IAAI,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE;AAC3E,MAAM,OAAO,IAAI;AACjB,IAAI;AACJ,EAAE,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE;AAC9C,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,IAAI,cAAc,KAAK,iBAAiB,IAAI,cAAc,CAAC,UAAU,CAAC,CAAC,EAAE,iBAAiB,CAAC,CAAC,CAAC,CAAC,EAAE;AAClG,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,OAAO,cAAc;AACvB;AACK,MAAC,mBAAmB,GAAG;AAC5B,SAAS,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE;AACpC,EAAE,OAAO;AACT,IAAI,QAAQ,EAAE,IAAI;AAClB,IAAI,MAAM,EAAE,GAAG,CAAC,QAAQ,KAAK,QAAQ;AACrC,IAAI,QAAQ,EAAE,KAAK;AACnB,IAAI,IAAI,EAAE,IAAI,IAAI,GAAG;AACrB,IAAI,GAAG,MAAM,KAAK,MAAM,IAAI,EAAE,MAAM;AACpC,GAAG;AACH;;;;"}
1	+ {"version":3,"file":"oauth-D6jTWKFd.js","sources":["../../../.svelte-kit/adapter-node/chunks/oauth.js"],"sourcesContent":["import { b as base } from \"./server.js\";\nimport \"./url.js\";\nimport \"@sveltejs/kit/internal/server\";\nimport \"./root.js\";\nimport { b as private_env } from \"./shared-server.js\";\nimport { createHmac, randomBytes, createHash, timingSafeEqual } from \"node:crypto\";\nconst DEFAULT_SESSION_DURATION = 86400;\nconst OAUTH_CIMD_CLIENT_ID = \"__CIMD__\";\nlet cachedConfig;\nfunction parseSessionDuration(rawDuration) {\n if (!rawDuration) {\n return DEFAULT_SESSION_DURATION;\n }\n const parsed = Number(rawDuration);\n if (!Number.isInteger(parsed) \|\| parsed <= 0) {\n return DEFAULT_SESSION_DURATION;\n }\n return parsed;\n}\nasync function fetchOpenIDConfiguration(issuerUrl) {\n const wellKnown = issuerUrl.replace(/\\/+$/, \"\") + \"/.well-known/openid-configuration\";\n const response = await fetch(wellKnown);\n if (!response.ok) {\n throw new Error(`Failed to fetch OpenID configuration from ${wellKnown} (${response.status})`);\n }\n const config = await response.json();\n if (!config.authorization_endpoint \|\| !config.token_endpoint) {\n throw new Error(`OpenID configuration at ${wellKnown} is missing required endpoints`);\n }\n return config;\n}\nasync function getOAuthConfig() {\n if (cachedConfig !== void 0) {\n return cachedConfig;\n }\n const clientId = private_env.MONGOKU_OAUTH_CLIENT_ID;\n if (!clientId) {\n cachedConfig = null;\n return null;\n }\n const issuerUrl = private_env.MONGOKU_OAUTH_ISSUER_URL;\n const sessionSecret = private_env.MONGOKU_OAUTH_SESSION_SECRET;\n if (!issuerUrl \|\| !sessionSecret) {\n throw new Error(\n \"OAuth is partially configured. When MONGOKU_OAUTH_CLIENT_ID is set, MONGOKU_OAUTH_ISSUER_URL and MONGOKU_OAUTH_SESSION_SECRET are also required.\"\n );\n }\n const oidc = await fetchOpenIDConfiguration(issuerUrl);\n const allowedSubsRaw = private_env.MONGOKU_OAUTH_ALLOWED_SUBS;\n const allowedSubs = allowedSubsRaw ? new Set(\n allowedSubsRaw.split(\",\").map((s) => s.trim()).filter(Boolean)\n ) : void 0;\n const requiredClaimRaw = private_env.MONGOKU_OAUTH_REQUIRED_CLAIM;\n let requiredClaim;\n if (requiredClaimRaw) {\n const eqIndex = requiredClaimRaw.indexOf(\"=\");\n if (eqIndex <= 0) {\n throw new Error('MONGOKU_OAUTH_REQUIRED_CLAIM must be in the format \"field=value\" (e.g. \"authority=admin\")');\n }\n requiredClaim = {\n field: requiredClaimRaw.slice(0, eqIndex),\n value: requiredClaimRaw.slice(eqIndex + 1)\n };\n }\n cachedConfig = {\n clientId,\n issuerUrl,\n authorizationUrl: oidc.authorization_endpoint,\n tokenUrl: oidc.token_endpoint,\n scopes: private_env.MONGOKU_OAUTH_SCOPES ?? \"openid profile email\",\n sessionSecret,\n sessionDuration: parseSessionDuration(private_env.MONGOKU_OAUTH_SESSION_DURATION),\n allowedSubs,\n requiredClaim\n };\n return cachedConfig;\n}\nfunction resolveOAuthClientId(config, origin) {\n if (config.clientId !== OAUTH_CIMD_CLIENT_ID) {\n return config.clientId;\n }\n return new URL(`${base}/.well-known/cimd.json`, origin).toString();\n}\nfunction base64url(buffer) {\n return buffer.toString(\"base64url\");\n}\nfunction generateCodeVerifier() {\n return base64url(randomBytes(64));\n}\nfunction generateCodeChallenge(verifier) {\n return base64url(createHash(\"sha256\").update(verifier).digest());\n}\nfunction generateState() {\n return base64url(randomBytes(32));\n}\nfunction buildAuthorizationUrl(config, origin, callbackUrl, codeChallenge, state) {\n const url = new URL(config.authorizationUrl);\n url.searchParams.set(\"client_id\", resolveOAuthClientId(config, origin));\n url.searchParams.set(\"response_type\", \"code\");\n url.searchParams.set(\"redirect_uri\", callbackUrl);\n url.searchParams.set(\"scope\", config.scopes);\n url.searchParams.set(\"state\", state);\n url.searchParams.set(\"code_challenge\", codeChallenge);\n url.searchParams.set(\"code_challenge_method\", \"S256\");\n return url.toString();\n}\nasync function exchangeCode(config, origin, code, codeVerifier, callbackUrl) {\n const body = new URLSearchParams({\n grant_type: \"authorization_code\",\n code,\n redirect_uri: callbackUrl,\n client_id: resolveOAuthClientId(config, origin),\n code_verifier: codeVerifier\n });\n const response = await fetch(config.tokenUrl, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/x-www-form-urlencoded\" },\n body: body.toString()\n });\n if (!response.ok) {\n const text = await response.text();\n throw new Error(`Token exchange failed (${response.status}): ${text}`);\n }\n return response.json();\n}\nfunction extractUserFromIdToken(idToken) {\n try {\n const parts = idToken.split(\".\");\n if (parts.length !== 3) {\n return { user: {}, claims: {} };\n }\n const claims = JSON.parse(Buffer.from(parts[1], \"base64url\").toString());\n return {\n user: {\n sub: claims.sub,\n name: claims.name \|\| claims.preferred_username,\n email: claims.email\n },\n claims\n };\n } catch {\n return { user: {}, claims: {} };\n }\n}\nfunction checkRequiredClaim(claims, required) {\n const actual = claims[required.field];\n if (Array.isArray(actual)) {\n return actual.includes(required.value);\n }\n return String(actual) === required.value;\n}\nfunction createSessionCookie(config, user) {\n const sessionDuration = Number.isInteger(config.sessionDuration) && config.sessionDuration > 0 ? config.sessionDuration : DEFAULT_SESSION_DURATION;\n const payload = {\n ...user,\n exp: Math.floor(Date.now() / 1e3) + sessionDuration\n };\n const payloadStr = Buffer.from(JSON.stringify(payload)).toString(\"base64url\");\n const signature = createHmac(\"sha256\", config.sessionSecret).update(payloadStr).digest(\"base64url\");\n return `${payloadStr}.${signature}`;\n}\nfunction verifySession(config, cookie) {\n const dotIndex = cookie.lastIndexOf(\".\");\n if (dotIndex === -1) {\n return null;\n }\n const payloadStr = cookie.slice(0, dotIndex);\n const signature = cookie.slice(dotIndex + 1);\n const expectedSignature = createHmac(\"sha256\", config.sessionSecret).update(payloadStr).digest(\"base64url\");\n const a = Buffer.from(signature);\n const b = Buffer.from(expectedSignature);\n if (a.length !== b.length \|\| !timingSafeEqual(a, b)) {\n return null;\n }\n try {\n const payload = JSON.parse(Buffer.from(payloadStr, \"base64url\").toString());\n if (!Number.isFinite(payload.exp)) {\n return null;\n }\n if (payload.exp < Math.floor(Date.now() / 1e3)) {\n return null;\n }\n return payload;\n } catch {\n return null;\n }\n}\nfunction getCallbackUrl(origin) {\n return `${origin}${base}/auth/callback`;\n}\nconst OAUTH_AUTH_PREFIX = `${base}/auth`;\nfunction sanitizeOAuthReturnPath(requestUrl, raw) {\n if (raw == null \|\| raw === \"\") {\n return null;\n }\n const trimmed = raw.trim();\n if (trimmed.startsWith(\"//\")) {\n return null;\n }\n let pathWithSearch;\n if (/^https?:\\/\\//i.test(trimmed)) {\n let parsed;\n try {\n parsed = new URL(trimmed);\n } catch {\n return null;\n }\n if (parsed.origin !== requestUrl.origin) {\n return null;\n }\n pathWithSearch = parsed.pathname + parsed.search;\n } else if (trimmed.startsWith(\"/\")) {\n try {\n const parsed = new URL(trimmed, requestUrl.origin);\n if (parsed.origin !== requestUrl.origin) {\n return null;\n }\n pathWithSearch = parsed.pathname + parsed.search;\n } catch {\n return null;\n }\n } else {\n return null;\n }\n if (base !== \"\") {\n if (pathWithSearch !== base && !pathWithSearch.startsWith(`${base}/`)) {\n return null;\n }\n } else if (!pathWithSearch.startsWith(\"/\")) {\n return null;\n }\n if (pathWithSearch === OAUTH_AUTH_PREFIX \|\| pathWithSearch.startsWith(`${OAUTH_AUTH_PREFIX}/`)) {\n return null;\n }\n return pathWithSearch;\n}\nconst OAUTH_RETURN_COOKIE = \"mongoku_oauth_return\";\nfunction cookieOptions(url, maxAge) {\n return {\n httpOnly: true,\n secure: url.protocol === \"https:\",\n sameSite: \"lax\",\n path: base \|\| \"/\",\n ...maxAge !== void 0 && { maxAge }\n };\n}\nexport {\n OAUTH_CIMD_CLIENT_ID as O,\n getCallbackUrl as a,\n extractUserFromIdToken as b,\n cookieOptions as c,\n checkRequiredClaim as d,\n exchangeCode as e,\n createSessionCookie as f,\n getOAuthConfig as g,\n OAUTH_RETURN_COOKIE as h,\n generateCodeVerifier as i,\n generateCodeChallenge as j,\n generateState as k,\n buildAuthorizationUrl as l,\n sanitizeOAuthReturnPath as s,\n verifySession as v\n};\n"],"names":[],"mappings":";;;;;AAMA,MAAM,wBAAwB,GAAG,KAAK;AACjC,MAAC,oBAAoB,GAAG;AAC7B,IAAI,YAAY;AAChB,SAAS,oBAAoB,CAAC,WAAW,EAAE;AAC3C,EAAE,IAAI,CAAC,WAAW,EAAE;AACpB,IAAI,OAAO,wBAAwB;AACnC,EAAE;AACF,EAAE,MAAM,MAAM,GAAG,MAAM,CAAC,WAAW,CAAC;AACpC,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,MAAM,IAAI,CAAC,EAAE;AAChD,IAAI,OAAO,wBAAwB;AACnC,EAAE;AACF,EAAE,OAAO,MAAM;AACf;AACA,eAAe,wBAAwB,CAAC,SAAS,EAAE;AACnD,EAAE,MAAM,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,mCAAmC;AACvF,EAAE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC;AACzC,EAAE,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE;AACpB,IAAI,MAAM,IAAI,KAAK,CAAC,CAAC,0CAA0C,EAAE,SAAS,CAAC,EAAE,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AAClG,EAAE;AACF,EAAE,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE;AACtC,EAAE,IAAI,CAAC,MAAM,CAAC,sBAAsB,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE;AAChE,IAAI,MAAM,IAAI,KAAK,CAAC,CAAC,wBAAwB,EAAE,SAAS,CAAC,8BAA8B,CAAC,CAAC;AACzF,EAAE;AACF,EAAE,OAAO,MAAM;AACf;AACA,eAAe,cAAc,GAAG;AAChC,EAAE,IAAI,YAAY,KAAK,MAAM,EAAE;AAC/B,IAAI,OAAO,YAAY;AACvB,EAAE;AACF,EAAE,MAAM,QAAQ,GAAG,WAAW,CAAC,uBAAuB;AACtD,EAAE,IAAI,CAAC,QAAQ,EAAE;AACjB,IAAI,YAAY,GAAG,IAAI;AACvB,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,MAAM,SAAS,GAAG,WAAW,CAAC,wBAAwB;AACxD,EAAE,MAAM,aAAa,GAAG,WAAW,CAAC,4BAA4B;AAChE,EAAE,IAAI,CAAC,SAAS,IAAI,CAAC,aAAa,EAAE;AACpC,IAAI,MAAM,IAAI,KAAK;AACnB,MAAM;AACN,KAAK;AACL,EAAE;AACF,EAAE,MAAM,IAAI,GAAG,MAAM,wBAAwB,CAAC,SAAS,CAAC;AACxD,EAAE,MAAM,cAAc,GAAG,WAAW,CAAC,0BAA0B;AAC/D,EAAE,MAAM,WAAW,GAAG,cAAc,GAAG,IAAI,GAAG;AAC9C,IAAI,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO;AACjE,GAAG,GAAG,MAAM;AACZ,EAAE,MAAM,gBAAgB,GAAG,WAAW,CAAC,4BAA4B;AACnE,EAAE,IAAI,aAAa;AACnB,EAAE,IAAI,gBAAgB,EAAE;AACxB,IAAI,MAAM,OAAO,GAAG,gBAAgB,CAAC,OAAO,CAAC,GAAG,CAAC;AACjD,IAAI,IAAI,OAAO,IAAI,CAAC,EAAE;AACtB,MAAM,MAAM,IAAI,KAAK,CAAC,2FAA2F,CAAC;AAClH,IAAI;AACJ,IAAI,aAAa,GAAG;AACpB,MAAM,KAAK,EAAE,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,OAAO,CAAC;AAC/C,MAAM,KAAK,EAAE,gBAAgB,CAAC,KAAK,CAAC,OAAO,GAAG,CAAC;AAC/C,KAAK;AACL,EAAE;AACF,EAAE,YAAY,GAAG;AACjB,IAAI,QAAQ;AACZ,IAAI,SAAS;AACb,IAAI,gBAAgB,EAAE,IAAI,CAAC,sBAAsB;AACjD,IAAI,QAAQ,EAAE,IAAI,CAAC,cAAc;AACjC,IAAI,MAAM,EAAE,WAAW,CAAC,oBAAoB,IAAI,sBAAsB;AACtE,IAAI,aAAa;AACjB,IAAI,eAAe,EAAE,oBAAoB,CAAC,WAAW,CAAC,8BAA8B,CAAC;AACrF,IAAI,WAAW;AACf,IAAI;AACJ,GAAG;AACH,EAAE,OAAO,YAAY;AACrB;AACA,SAAS,oBAAoB,CAAC,MAAM,EAAE,MAAM,EAAE;AAC9C,EAAE,IAAI,MAAM,CAAC,QAAQ,KAAK,oBAAoB,EAAE;AAChD,IAAI,OAAO,MAAM,CAAC,QAAQ;AAC1B,EAAE;AACF,EAAE,OAAO,IAAI,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,sBAAsB,CAAC,EAAE,MAAM,CAAC,CAAC,QAAQ,EAAE;AACpE;AACA,SAAS,SAAS,CAAC,MAAM,EAAE;AAC3B,EAAE,OAAO,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC;AACrC;AACA,SAAS,oBAAoB,GAAG;AAChC,EAAE,OAAO,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;AACnC;AACA,SAAS,qBAAqB,CAAC,QAAQ,EAAE;AACzC,EAAE,OAAO,SAAS,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,CAAC;AAClE;AACA,SAAS,aAAa,GAAG;AACzB,EAAE,OAAO,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;AACnC;AACA,SAAS,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,aAAa,EAAE,KAAK,EAAE;AAClF,EAAE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,gBAAgB,CAAC;AAC9C,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,oBAAoB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACzE,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC;AAC/C,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC;AACnD,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC;AAC9C,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC;AACtC,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,gBAAgB,EAAE,aAAa,CAAC;AACvD,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,EAAE,MAAM,CAAC;AACvD,EAAE,OAAO,GAAG,CAAC,QAAQ,EAAE;AACvB;AACA,eAAe,YAAY,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE;AAC7E,EAAE,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;AACnC,IAAI,UAAU,EAAE,oBAAoB;AACpC,IAAI,IAAI;AACR,IAAI,YAAY,EAAE,WAAW;AAC7B,IAAI,SAAS,EAAE,oBAAoB,CAAC,MAAM,EAAE,MAAM,CAAC;AACnD,IAAI,aAAa,EAAE;AACnB,GAAG,CAAC;AACJ,EAAE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,QAAQ,EAAE;AAChD,IAAI,MAAM,EAAE,MAAM;AAClB,IAAI,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;AACpE,IAAI,IAAI,EAAE,IAAI,CAAC,QAAQ;AACvB,GAAG,CAAC;AACJ,EAAE,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE;AACpB,IAAI,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE;AACtC,IAAI,MAAM,IAAI,KAAK,CAAC,CAAC,uBAAuB,EAAE,QAAQ,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;AAC1E,EAAE;AACF,EAAE,OAAO,QAAQ,CAAC,IAAI,EAAE;AACxB;AACA,SAAS,sBAAsB,CAAC,OAAO,EAAE;AACzC,EAAE,IAAI;AACN,IAAI,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC;AACpC,IAAI,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;AAC5B,MAAM,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE;AACrC,IAAI;AACJ,IAAI,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,QAAQ,EAAE,CAAC;AAC5E,IAAI,OAAO;AACX,MAAM,IAAI,EAAE;AACZ,QAAQ,GAAG,EAAE,MAAM,CAAC,GAAG;AACvB,QAAQ,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,MAAM,CAAC,kBAAkB;AACtD,QAAQ,KAAK,EAAE,MAAM,CAAC;AACtB,OAAO;AACP,MAAM;AACN,KAAK;AACL,EAAE,CAAC,CAAC,MAAM;AACV,IAAI,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE;AACnC,EAAE;AACF;AACA,SAAS,kBAAkB,CAAC,MAAM,EAAE,QAAQ,EAAE;AAC9C,EAAE,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC;AACvC,EAAE,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;AAC7B,IAAI,OAAO,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC;AAC1C,EAAE;AACF,EAAE,OAAO,MAAM,CAAC,MAAM,CAAC,KAAK,QAAQ,CAAC,KAAK;AAC1C;AACA,SAAS,mBAAmB,CAAC,MAAM,EAAE,IAAI,EAAE;AAC3C,EAAE,MAAM,eAAe,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,MAAM,CAAC,eAAe,GAAG,CAAC,GAAG,MAAM,CAAC,eAAe,GAAG,wBAAwB;AACpJ,EAAE,MAAM,OAAO,GAAG;AAClB,IAAI,GAAG,IAAI;AACX,IAAI,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,GAAG;AACxC,GAAG;AACH,EAAE,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;AAC/E,EAAE,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC;AACrG,EAAE,OAAO,CAAC,EAAE,UAAU,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;AACrC;AACA,SAAS,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE;AACvC,EAAE,MAAM,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC;AAC1C,EAAE,IAAI,QAAQ,KAAK,EAAE,EAAE;AACvB,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC;AAC9C,EAAE,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,QAAQ,GAAG,CAAC,CAAC;AAC9C,EAAE,MAAM,iBAAiB,GAAG,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC;AAC7G,EAAE,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC;AAClC,EAAE,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC;AAC1C,EAAE,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;AACvD,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,IAAI;AACN,IAAI,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,QAAQ,EAAE,CAAC;AAC/E,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;AACvC,MAAM,OAAO,IAAI;AACjB,IAAI;AACJ,IAAI,IAAI,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,EAAE;AACpD,MAAM,OAAO,IAAI;AACjB,IAAI;AACJ,IAAI,OAAO,OAAO;AAClB,EAAE,CAAC,CAAC,MAAM;AACV,IAAI,OAAO,IAAI;AACf,EAAE;AACF;AACA,SAAS,cAAc,CAAC,MAAM,EAAE;AAChC,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,EAAE,IAAI,CAAC,cAAc,CAAC;AACzC;AACA,MAAM,iBAAiB,GAAG,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC;AACxC,SAAS,uBAAuB,CAAC,UAAU,EAAE,GAAG,EAAE;AAClD,EAAE,IAAI,GAAG,IAAI,IAAI,IAAI,GAAG,KAAK,EAAE,EAAE;AACjC,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,EAAE;AAC5B,EAAE,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;AAChC,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,IAAI,cAAc;AACpB,EAAE,IAAI,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;AACrC,IAAI,IAAI,MAAM;AACd,IAAI,IAAI;AACR,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC;AAC/B,IAAI,CAAC,CAAC,MAAM;AACZ,MAAM,OAAO,IAAI;AACjB,IAAI;AACJ,IAAI,IAAI,MAAM,CAAC,MAAM,KAAK,UAAU,CAAC,MAAM,EAAE;AAC7C,MAAM,OAAO,IAAI;AACjB,IAAI;AACJ,IAAI,cAAc,GAAG,MAAM,CAAC,QAAQ,GAAG,MAAM,CAAC,MAAM;AACpD,EAAE,CAAC,MAAM,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE;AACtC,IAAI,IAAI;AACR,MAAM,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC;AACxD,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,UAAU,CAAC,MAAM,EAAE;AAC/C,QAAQ,OAAO,IAAI;AACnB,MAAM;AACN,MAAM,cAAc,GAAG,MAAM,CAAC,QAAQ,GAAG,MAAM,CAAC,MAAM;AACtD,IAAI,CAAC,CAAC,MAAM;AACZ,MAAM,OAAO,IAAI;AACjB,IAAI;AACJ,EAAE,CAAC,MAAM;AACT,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,IAAI,IAAI,KAAK,EAAE,EAAE;AACnB,IAAI,IAAI,cAAc,KAAK,IAAI,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE;AAC3E,MAAM,OAAO,IAAI;AACjB,IAAI;AACJ,EAAE,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE;AAC9C,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,IAAI,cAAc,KAAK,iBAAiB,IAAI,cAAc,CAAC,UAAU,CAAC,CAAC,EAAE,iBAAiB,CAAC,CAAC,CAAC,CAAC,EAAE;AAClG,IAAI,OAAO,IAAI;AACf,EAAE;AACF,EAAE,OAAO,cAAc;AACvB;AACK,MAAC,mBAAmB,GAAG;AAC5B,SAAS,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE;AACpC,EAAE,OAAO;AACT,IAAI,QAAQ,EAAE,IAAI;AAClB,IAAI,MAAM,EAAE,GAAG,CAAC,QAAQ,KAAK,QAAQ;AACrC,IAAI,QAAQ,EAAE,KAAK;AACnB,IAAI,IAAI,EAAE,IAAI,IAAI,GAAG;AACrB,IAAI,GAAG,MAAM,KAAK,MAAM,IAAI,EAAE,MAAM;AACpC,GAAG;AACH;;;;"}

package/build/server/chunks/{remote-xxtqbu-DU1VUIfB.js → remote-xxtqbu-CmaCzxbq.js} RENAMED Viewed

@@ -1,10 +1,10 @@
-export { m as default } from './servers.remote-ChLjCujn.js';
-import './url-hmE1zcJ6.js';
-import './async-lVJA8xJZ.js';
+export { m as default } from './servers.remote-W2x65uTK.js';
+import './root-otUAnOAR.js';
+import './async-DUoD1OpG.js';
 import './shared-server-BmU87nph.js';
-import './utils2-kjxf7BZO.js';
-import './shared-BqTYMAzZ.js';
-import './index-wpIsICWW.js';
+import './utils-BQzn9ikS.js';
+import './shared-DlqhoNLb.js';
+import './index-NcxaM188.js';
 import './jsonParser-C3QUcODD.js';
 import 'esprima';
 import './JsonEncoder-Dgtqxb_U.js';
@@ -18,5 +18,6 @@ import 'url';
 import 'node:fs';
 import 'node:os';
 import 'node:path';
+import './schema-BZonjzNJ.js';
 import 'zod';
-//# sourceMappingURL=remote-xxtqbu-DU1VUIfB.js.map
+//# sourceMappingURL=remote-xxtqbu-CmaCzxbq.js.map

package/build/server/chunks/remote-xxtqbu-CmaCzxbq.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"remote-xxtqbu-CmaCzxbq.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;"}