npm - mulguard - Versions diffs - 1.1.6 → 1.1.8 - Mend

mulguard 1.1.6 → 1.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (540) hide show

package/README.md +21 -1078
package/adapters.d.ts +2 -0
package/adapters.d.ts.map +1 -0
package/adapters.js +1 -0
package/index.d.ts +329 -0
package/index.d.ts.map +1 -0
package/index.js +145 -0
package/jwt.d.ts +9 -0
package/jwt.d.ts.map +1 -0
package/jwt.js +8 -0
package/lib/actions.d.ts +13 -0
package/lib/actions.d.ts.map +1 -0
package/lib/actions.js +86 -0
package/lib/client.d.ts +104 -0
package/lib/client.d.ts.map +1 -0
package/lib/client.js +95 -0
package/lib/env.d.ts +12 -0
package/lib/env.d.ts.map +1 -0
package/lib/env.js +38 -0
package/lib/index.d.ts +56 -0
package/lib/index.d.ts.map +1 -0
package/lib/index.js +187 -0
package/lib/types.d.ts +24 -0
package/lib/types.d.ts.map +1 -0
package/lib/types.js +1 -0
package/middleware.d.ts +9 -0
package/middleware.d.ts.map +1 -0
package/middleware.js +12 -0
package/next.d.ts +9 -0
package/next.d.ts.map +1 -0
package/next.js +12 -0
package/package.json +117 -73
package/providers/42-school.d.ts +3 -0
package/providers/42-school.d.ts.map +1 -0
package/providers/42-school.js +2 -0
package/providers/apple.d.ts +3 -0
package/providers/apple.d.ts.map +1 -0
package/providers/apple.js +2 -0
package/providers/asgardeo.d.ts +3 -0
package/providers/asgardeo.d.ts.map +1 -0
package/providers/asgardeo.js +2 -0
package/providers/atlassian.d.ts +3 -0
package/providers/atlassian.d.ts.map +1 -0
package/providers/atlassian.js +2 -0
package/providers/auth0.d.ts +3 -0
package/providers/auth0.d.ts.map +1 -0
package/providers/auth0.js +2 -0
package/providers/authentik.d.ts +3 -0
package/providers/authentik.d.ts.map +1 -0
package/providers/authentik.js +2 -0
package/providers/azure-ad-b2c.d.ts +3 -0
package/providers/azure-ad-b2c.d.ts.map +1 -0
package/providers/azure-ad-b2c.js +2 -0
package/providers/azure-ad.d.ts +3 -0
package/providers/azure-ad.d.ts.map +1 -0
package/providers/azure-ad.js +2 -0
package/providers/azure-devops.d.ts +3 -0
package/providers/azure-devops.d.ts.map +1 -0
package/providers/azure-devops.js +2 -0
package/providers/bankid-no.d.ts +3 -0
package/providers/bankid-no.d.ts.map +1 -0
package/providers/bankid-no.js +2 -0
package/providers/battlenet.d.ts +3 -0
package/providers/battlenet.d.ts.map +1 -0
package/providers/battlenet.js +2 -0
package/providers/beyondidentity.d.ts +3 -0
package/providers/beyondidentity.d.ts.map +1 -0
package/providers/beyondidentity.js +2 -0
package/providers/bitbucket.d.ts +3 -0
package/providers/bitbucket.d.ts.map +1 -0
package/providers/bitbucket.js +2 -0
package/providers/box.d.ts +3 -0
package/providers/box.d.ts.map +1 -0
package/providers/box.js +2 -0
package/providers/boxyhq-saml.d.ts +3 -0
package/providers/boxyhq-saml.d.ts.map +1 -0
package/providers/boxyhq-saml.js +2 -0
package/providers/bungie.d.ts +3 -0
package/providers/bungie.d.ts.map +1 -0
package/providers/bungie.js +2 -0
package/providers/click-up.d.ts +3 -0
package/providers/click-up.d.ts.map +1 -0
package/providers/click-up.js +2 -0
package/providers/cognito.d.ts +3 -0
package/providers/cognito.d.ts.map +1 -0
package/providers/cognito.js +2 -0
package/providers/coinbase.d.ts +3 -0
package/providers/coinbase.d.ts.map +1 -0
package/providers/coinbase.js +2 -0
package/providers/concept2.d.ts +3 -0
package/providers/concept2.d.ts.map +1 -0
package/providers/concept2.js +2 -0
package/providers/credentials.d.ts +3 -0
package/providers/credentials.d.ts.map +1 -0
package/providers/credentials.js +2 -0
package/providers/descope.d.ts +3 -0
package/providers/descope.d.ts.map +1 -0
package/providers/descope.js +2 -0
package/providers/discord.d.ts +3 -0
package/providers/discord.d.ts.map +1 -0
package/providers/discord.js +2 -0
package/providers/dribbble.d.ts +3 -0
package/providers/dribbble.d.ts.map +1 -0
package/providers/dribbble.js +2 -0
package/providers/dropbox.d.ts +3 -0
package/providers/dropbox.d.ts.map +1 -0
package/providers/dropbox.js +2 -0
package/providers/duende-identity-server6.d.ts +3 -0
package/providers/duende-identity-server6.d.ts.map +1 -0
package/providers/duende-identity-server6.js +2 -0
package/providers/email.d.ts +3 -0
package/providers/email.d.ts.map +1 -0
package/providers/email.js +2 -0
package/providers/eventbrite.d.ts +3 -0
package/providers/eventbrite.d.ts.map +1 -0
package/providers/eventbrite.js +2 -0
package/providers/eveonline.d.ts +3 -0
package/providers/eveonline.d.ts.map +1 -0
package/providers/eveonline.js +2 -0
package/providers/facebook.d.ts +3 -0
package/providers/facebook.d.ts.map +1 -0
package/providers/facebook.js +2 -0
package/providers/faceit.d.ts +3 -0
package/providers/faceit.d.ts.map +1 -0
package/providers/faceit.js +2 -0
package/providers/figma.d.ts +3 -0
package/providers/figma.d.ts.map +1 -0
package/providers/figma.js +2 -0
package/providers/forwardemail.d.ts +3 -0
package/providers/forwardemail.d.ts.map +1 -0
package/providers/forwardemail.js +2 -0
package/providers/foursquare.d.ts +3 -0
package/providers/foursquare.d.ts.map +1 -0
package/providers/foursquare.js +2 -0
package/providers/freshbooks.d.ts +3 -0
package/providers/freshbooks.d.ts.map +1 -0
package/providers/freshbooks.js +2 -0
package/providers/frontegg.d.ts +3 -0
package/providers/frontegg.d.ts.map +1 -0
package/providers/frontegg.js +2 -0
package/providers/fusionauth.d.ts +3 -0
package/providers/fusionauth.d.ts.map +1 -0
package/providers/fusionauth.js +2 -0
package/providers/github.d.ts +3 -0
package/providers/github.d.ts.map +1 -0
package/providers/github.js +2 -0
package/providers/gitlab.d.ts +3 -0
package/providers/gitlab.d.ts.map +1 -0
package/providers/gitlab.js +2 -0
package/providers/google.d.ts +3 -0
package/providers/google.d.ts.map +1 -0
package/providers/google.js +2 -0
package/providers/hubspot.d.ts +3 -0
package/providers/hubspot.d.ts.map +1 -0
package/providers/hubspot.js +2 -0
package/providers/huggingface.d.ts +3 -0
package/providers/huggingface.d.ts.map +1 -0
package/providers/huggingface.js +2 -0
package/providers/identity-server4.d.ts +3 -0
package/providers/identity-server4.d.ts.map +1 -0
package/providers/identity-server4.js +2 -0
package/providers/index.d.ts +2 -0
package/providers/index.d.ts.map +1 -0
package/providers/index.js +1 -0
package/providers/instagram.d.ts +3 -0
package/providers/instagram.d.ts.map +1 -0
package/providers/instagram.js +2 -0
package/providers/kakao.d.ts +3 -0
package/providers/kakao.d.ts.map +1 -0
package/providers/kakao.js +2 -0
package/providers/keycloak.d.ts +3 -0
package/providers/keycloak.d.ts.map +1 -0
package/providers/keycloak.js +2 -0
package/providers/kinde.d.ts +3 -0
package/providers/kinde.d.ts.map +1 -0
package/providers/kinde.js +2 -0
package/providers/line.d.ts +3 -0
package/providers/line.d.ts.map +1 -0
package/providers/line.js +2 -0
package/providers/linkedin.d.ts +3 -0
package/providers/linkedin.d.ts.map +1 -0
package/providers/linkedin.js +2 -0
package/providers/logto.d.ts +3 -0
package/providers/logto.d.ts.map +1 -0
package/providers/logto.js +2 -0
package/providers/loops.d.ts +3 -0
package/providers/loops.d.ts.map +1 -0
package/providers/loops.js +2 -0
package/providers/mailchimp.d.ts +3 -0
package/providers/mailchimp.d.ts.map +1 -0
package/providers/mailchimp.js +2 -0
package/providers/mailgun.d.ts +3 -0
package/providers/mailgun.d.ts.map +1 -0
package/providers/mailgun.js +2 -0
package/providers/mailru.d.ts +3 -0
package/providers/mailru.d.ts.map +1 -0
package/providers/mailru.js +2 -0
package/providers/mastodon.d.ts +3 -0
package/providers/mastodon.d.ts.map +1 -0
package/providers/mastodon.js +2 -0
package/providers/mattermost.d.ts +3 -0
package/providers/mattermost.d.ts.map +1 -0
package/providers/mattermost.js +2 -0
package/providers/medium.d.ts +3 -0
package/providers/medium.d.ts.map +1 -0
package/providers/medium.js +2 -0
package/providers/microsoft-entra-id.d.ts +3 -0
package/providers/microsoft-entra-id.d.ts.map +1 -0
package/providers/microsoft-entra-id.js +2 -0
package/providers/naver.d.ts +3 -0
package/providers/naver.d.ts.map +1 -0
package/providers/naver.js +2 -0
package/providers/netlify.d.ts +3 -0
package/providers/netlify.d.ts.map +1 -0
package/providers/netlify.js +2 -0
package/providers/netsuite.d.ts +3 -0
package/providers/netsuite.d.ts.map +1 -0
package/providers/netsuite.js +2 -0
package/providers/nextcloud.d.ts +3 -0
package/providers/nextcloud.d.ts.map +1 -0
package/providers/nextcloud.js +2 -0
package/providers/nodemailer.d.ts +3 -0
package/providers/nodemailer.d.ts.map +1 -0
package/providers/nodemailer.js +2 -0
package/providers/notion.d.ts +3 -0
package/providers/notion.d.ts.map +1 -0
package/providers/notion.js +2 -0
package/providers/okta.d.ts +3 -0
package/providers/okta.d.ts.map +1 -0
package/providers/okta.js +2 -0
package/providers/onelogin.d.ts +3 -0
package/providers/onelogin.d.ts.map +1 -0
package/providers/onelogin.js +2 -0
package/providers/ory-hydra.d.ts +3 -0
package/providers/ory-hydra.d.ts.map +1 -0
package/providers/ory-hydra.js +2 -0
package/providers/osso.d.ts +3 -0
package/providers/osso.d.ts.map +1 -0
package/providers/osso.js +2 -0
package/providers/osu.d.ts +3 -0
package/providers/osu.d.ts.map +1 -0
package/providers/osu.js +2 -0
package/providers/passage.d.ts +3 -0
package/providers/passage.d.ts.map +1 -0
package/providers/passage.js +2 -0
package/providers/passkey.d.ts +3 -0
package/providers/passkey.d.ts.map +1 -0
package/providers/passkey.js +2 -0
package/providers/patreon.d.ts +3 -0
package/providers/patreon.d.ts.map +1 -0
package/providers/patreon.js +2 -0
package/providers/ping-id.d.ts +3 -0
package/providers/ping-id.d.ts.map +1 -0
package/providers/ping-id.js +2 -0
package/providers/pinterest.d.ts +3 -0
package/providers/pinterest.d.ts.map +1 -0
package/providers/pinterest.js +2 -0
package/providers/pipedrive.d.ts +3 -0
package/providers/pipedrive.d.ts.map +1 -0
package/providers/pipedrive.js +2 -0
package/providers/postmark.d.ts +3 -0
package/providers/postmark.d.ts.map +1 -0
package/providers/postmark.js +2 -0
package/providers/reddit.d.ts +3 -0
package/providers/reddit.d.ts.map +1 -0
package/providers/reddit.js +2 -0
package/providers/resend.d.ts +3 -0
package/providers/resend.d.ts.map +1 -0
package/providers/resend.js +2 -0
package/providers/roblox.d.ts +3 -0
package/providers/roblox.d.ts.map +1 -0
package/providers/roblox.js +2 -0
package/providers/salesforce.d.ts +3 -0
package/providers/salesforce.d.ts.map +1 -0
package/providers/salesforce.js +2 -0
package/providers/sendgrid.d.ts +3 -0
package/providers/sendgrid.d.ts.map +1 -0
package/providers/sendgrid.js +2 -0
package/providers/simplelogin.d.ts +3 -0
package/providers/simplelogin.d.ts.map +1 -0
package/providers/simplelogin.js +2 -0
package/providers/slack.d.ts +3 -0
package/providers/slack.d.ts.map +1 -0
package/providers/slack.js +2 -0
package/providers/spotify.d.ts +3 -0
package/providers/spotify.d.ts.map +1 -0
package/providers/spotify.js +2 -0
package/providers/strava.d.ts +3 -0
package/providers/strava.d.ts.map +1 -0
package/providers/strava.js +2 -0
package/providers/threads.d.ts +3 -0
package/providers/threads.d.ts.map +1 -0
package/providers/threads.js +2 -0
package/providers/tiktok.d.ts +3 -0
package/providers/tiktok.d.ts.map +1 -0
package/providers/tiktok.js +2 -0
package/providers/todoist.d.ts +3 -0
package/providers/todoist.d.ts.map +1 -0
package/providers/todoist.js +2 -0
package/providers/trakt.d.ts +3 -0
package/providers/trakt.d.ts.map +1 -0
package/providers/trakt.js +2 -0
package/providers/twitch.d.ts +3 -0
package/providers/twitch.d.ts.map +1 -0
package/providers/twitch.js +2 -0
package/providers/twitter.d.ts +3 -0
package/providers/twitter.d.ts.map +1 -0
package/providers/twitter.js +2 -0
package/providers/united-effects.d.ts +3 -0
package/providers/united-effects.d.ts.map +1 -0
package/providers/united-effects.js +2 -0
package/providers/vipps.d.ts +3 -0
package/providers/vipps.d.ts.map +1 -0
package/providers/vipps.js +2 -0
package/providers/vk.d.ts +3 -0
package/providers/vk.d.ts.map +1 -0
package/providers/vk.js +2 -0
package/providers/webauthn.d.ts +3 -0
package/providers/webauthn.d.ts.map +1 -0
package/providers/webauthn.js +2 -0
package/providers/webex.d.ts +3 -0
package/providers/webex.d.ts.map +1 -0
package/providers/webex.js +2 -0
package/providers/wechat.d.ts +3 -0
package/providers/wechat.d.ts.map +1 -0
package/providers/wechat.js +2 -0
package/providers/wikimedia.d.ts +3 -0
package/providers/wikimedia.d.ts.map +1 -0
package/providers/wikimedia.js +2 -0
package/providers/wordpress.d.ts +3 -0
package/providers/wordpress.d.ts.map +1 -0
package/providers/wordpress.js +2 -0
package/providers/workos.d.ts +3 -0
package/providers/workos.d.ts.map +1 -0
package/providers/workos.js +2 -0
package/providers/yandex.d.ts +3 -0
package/providers/yandex.d.ts.map +1 -0
package/providers/yandex.js +2 -0
package/providers/zitadel.d.ts +3 -0
package/providers/zitadel.d.ts.map +1 -0
package/providers/zitadel.js +2 -0
package/providers/zoho.d.ts +3 -0
package/providers/zoho.d.ts.map +1 -0
package/providers/zoho.js +2 -0
package/providers/zoom.d.ts +3 -0
package/providers/zoom.d.ts.map +1 -0
package/providers/zoom.js +2 -0
package/react.d.ts +102 -0
package/react.d.ts.map +1 -0
package/react.js +361 -0
package/src/adapters.ts +1 -0
package/src/index.ts +430 -0
package/src/jwt.ts +9 -0
package/src/lib/actions.ts +144 -0
package/src/lib/client.ts +245 -0
package/src/lib/env.ts +36 -0
package/src/lib/index.ts +313 -0
package/src/lib/types.ts +30 -0
package/src/middleware.ts +16 -0
package/src/next.ts +16 -0
package/src/providers/42-school.ts +2 -0
package/src/providers/apple.ts +2 -0
package/src/providers/asgardeo.ts +2 -0
package/src/providers/atlassian.ts +2 -0
package/src/providers/auth0.ts +2 -0
package/src/providers/authentik.ts +2 -0
package/src/providers/azure-ad-b2c.ts +2 -0
package/src/providers/azure-ad.ts +2 -0
package/src/providers/azure-devops.ts +2 -0
package/src/providers/bankid-no.ts +2 -0
package/src/providers/battlenet.ts +2 -0
package/src/providers/beyondidentity.ts +2 -0
package/src/providers/bitbucket.ts +2 -0
package/src/providers/box.ts +2 -0
package/src/providers/boxyhq-saml.ts +2 -0
package/src/providers/bungie.ts +2 -0
package/src/providers/click-up.ts +2 -0
package/src/providers/cognito.ts +2 -0
package/src/providers/coinbase.ts +2 -0
package/src/providers/concept2.ts +2 -0
package/src/providers/credentials.ts +2 -0
package/src/providers/descope.ts +2 -0
package/src/providers/discord.ts +2 -0
package/src/providers/dribbble.ts +2 -0
package/src/providers/dropbox.ts +2 -0
package/src/providers/duende-identity-server6.ts +2 -0
package/src/providers/email.ts +2 -0
package/src/providers/eventbrite.ts +2 -0
package/src/providers/eveonline.ts +2 -0
package/src/providers/facebook.ts +2 -0
package/src/providers/faceit.ts +2 -0
package/src/providers/figma.ts +2 -0
package/src/providers/forwardemail.ts +2 -0
package/src/providers/foursquare.ts +2 -0
package/src/providers/freshbooks.ts +2 -0
package/src/providers/frontegg.ts +2 -0
package/src/providers/fusionauth.ts +2 -0
package/src/providers/github.ts +2 -0
package/src/providers/gitlab.ts +2 -0
package/src/providers/google.ts +2 -0
package/src/providers/hubspot.ts +2 -0
package/src/providers/huggingface.ts +2 -0
package/src/providers/identity-server4.ts +2 -0
package/src/providers/index.ts +1 -0
package/src/providers/instagram.ts +2 -0
package/src/providers/kakao.ts +2 -0
package/src/providers/keycloak.ts +2 -0
package/src/providers/kinde.ts +2 -0
package/src/providers/line.ts +2 -0
package/src/providers/linkedin.ts +2 -0
package/src/providers/logto.ts +2 -0
package/src/providers/loops.ts +2 -0
package/src/providers/mailchimp.ts +2 -0
package/src/providers/mailgun.ts +2 -0
package/src/providers/mailru.ts +2 -0
package/src/providers/mastodon.ts +2 -0
package/src/providers/mattermost.ts +2 -0
package/src/providers/medium.ts +2 -0
package/src/providers/microsoft-entra-id.ts +2 -0
package/src/providers/naver.ts +2 -0
package/src/providers/netlify.ts +2 -0
package/src/providers/netsuite.ts +2 -0
package/src/providers/nextcloud.ts +2 -0
package/src/providers/nodemailer.ts +2 -0
package/src/providers/notion.ts +2 -0
package/src/providers/okta.ts +2 -0
package/src/providers/onelogin.ts +2 -0
package/src/providers/ory-hydra.ts +2 -0
package/src/providers/osso.ts +2 -0
package/src/providers/osu.ts +2 -0
package/src/providers/passage.ts +2 -0
package/src/providers/passkey.ts +2 -0
package/src/providers/patreon.ts +2 -0
package/src/providers/ping-id.ts +2 -0
package/src/providers/pinterest.ts +2 -0
package/src/providers/pipedrive.ts +2 -0
package/src/providers/postmark.ts +2 -0
package/src/providers/reddit.ts +2 -0
package/src/providers/resend.ts +2 -0
package/src/providers/roblox.ts +2 -0
package/src/providers/salesforce.ts +2 -0
package/src/providers/sendgrid.ts +2 -0
package/src/providers/simplelogin.ts +2 -0
package/src/providers/slack.ts +2 -0
package/src/providers/spotify.ts +2 -0
package/src/providers/strava.ts +2 -0
package/src/providers/threads.ts +2 -0
package/src/providers/tiktok.ts +2 -0
package/src/providers/todoist.ts +2 -0
package/src/providers/trakt.ts +2 -0
package/src/providers/twitch.ts +2 -0
package/src/providers/twitter.ts +2 -0
package/src/providers/united-effects.ts +2 -0
package/src/providers/vipps.ts +2 -0
package/src/providers/vk.ts +2 -0
package/src/providers/webauthn.ts +2 -0
package/src/providers/webex.ts +2 -0
package/src/providers/wechat.ts +2 -0
package/src/providers/wikimedia.ts +2 -0
package/src/providers/wordpress.ts +2 -0
package/src/providers/workos.ts +2 -0
package/src/providers/yandex.ts +2 -0
package/src/providers/zitadel.ts +2 -0
package/src/providers/zoho.ts +2 -0
package/src/providers/zoom.ts +2 -0
package/src/react.tsx +546 -0
package/src/webauthn.ts +152 -0
package/webauthn.d.ts +9 -0
package/webauthn.d.ts.map +1 -0
package/webauthn.js +92 -0
package/LICENSE +0 -70
package/dist/actions-CExpv_dD.js +0 -1
package/dist/actions-DeCfLtHA.mjs +0 -184
package/dist/client/hooks.d.ts +0 -122
package/dist/client/index.d.ts +0 -5
package/dist/client/index.js +0 -1
package/dist/client/index.mjs +0 -478
package/dist/client/provider.d.ts +0 -69
package/dist/client/server-actions-helper.d.ts +0 -22
package/dist/components/AccountPicker.d.ts +0 -11
package/dist/components/OAuthButton.d.ts +0 -11
package/dist/components/PassKeyButton.d.ts +0 -11
package/dist/components/PassKeyRegister.d.ts +0 -10
package/dist/components/TwoFactorSetup.d.ts +0 -8
package/dist/components/TwoFactorVerify.d.ts +0 -9
package/dist/core/account-picker/encryption.d.ts +0 -22
package/dist/core/account-picker/index.d.ts +0 -22
package/dist/core/auth/index.d.ts +0 -40
package/dist/core/auth/oauth-providers.d.ts +0 -197
package/dist/core/auth/oauth-state-store-cookie.d.ts +0 -83
package/dist/core/auth/oauth-state-store-redis.d.ts +0 -25
package/dist/core/auth/oauth-state-store.d.ts +0 -45
package/dist/core/auth/oauth.d.ts +0 -20
package/dist/core/auth/passkey.d.ts +0 -35
package/dist/core/auth/password.d.ts +0 -22
package/dist/core/auth/signin-unified.d.ts +0 -33
package/dist/core/auth/two-factor.d.ts +0 -28
package/dist/core/client/index.d.ts +0 -132
package/dist/core/client/token-refresh-manager.d.ts +0 -48
package/dist/core/index.d.ts +0 -11
package/dist/core/mulguard/auth-handlers.d.ts +0 -100
package/dist/core/mulguard/defaults.d.ts +0 -58
package/dist/core/mulguard/index.d.ts +0 -9
package/dist/core/mulguard/oauth-handler.d.ts +0 -93
package/dist/core/mulguard/session-manager.d.ts +0 -94
package/dist/core/security/csrf.d.ts +0 -46
package/dist/core/security/headers.d.ts +0 -24
package/dist/core/security/index.d.ts +0 -132
package/dist/core/security/rate-limit.d.ts +0 -39
package/dist/core/security/validation.d.ts +0 -251
package/dist/core/security/xss.d.ts +0 -20
package/dist/core/session/index.d.ts +0 -35
package/dist/core/types/auth.d.ts +0 -290
package/dist/core/types/errors.d.ts +0 -200
package/dist/core/types/index.d.ts +0 -462
package/dist/core/utils/auth-helpers.d.ts +0 -136
package/dist/core/utils/logger.d.ts +0 -121
package/dist/handlers/api.d.ts +0 -10
package/dist/handlers/route.d.ts +0 -76
package/dist/index/index.js +0 -1
package/dist/index/index.mjs +0 -2229
package/dist/index.d.ts +0 -21
package/dist/middleware/index.d.ts +0 -28
package/dist/middleware/proxy.d.ts +0 -53
package/dist/middleware/security.d.ts +0 -9
package/dist/mulguard.d.ts +0 -373
package/dist/oauth-state-DKle8eCr.mjs +0 -289
package/dist/oauth-state-DlvrCV11.js +0 -1
package/dist/server/actions.d.ts +0 -86
package/dist/server/auth.d.ts +0 -65
package/dist/server/cookies.d.ts +0 -42
package/dist/server/helpers.d.ts +0 -10
package/dist/server/index.d.ts +0 -14
package/dist/server/index.js +0 -1
package/dist/server/index.mjs +0 -31
package/dist/server/middleware.d.ts +0 -39
package/dist/server/oauth-state.d.ts +0 -30
package/dist/server/session-helpers.d.ts +0 -26
package/dist/server/session.d.ts +0 -28
package/dist/server/utils.d.ts +0 -10

package/webauthn.js ADDED Viewed

@@ -0,0 +1,92 @@
+import { apiBaseUrl } from "./lib/client.js";
+import { startAuthentication, startRegistration } from "@simplewebauthn/browser";
+import { getCsrfToken, getProviders, __NEXTAUTH } from "./react.js";
+const logger = {
+    debug: console.debug,
+    error: console.error,
+    warn: console.warn,
+};
+/**
+ * Fetch webauthn options from server and prompt user for authentication or registration.
+ * Returns either the completed WebAuthn response or an error request.
+ */
+async function webAuthnOptions(providerID, nextAuthConfig, options) {
+    const baseUrl = apiBaseUrl(nextAuthConfig);
+    // @ts-expect-error
+    const params = new URLSearchParams(options);
+    const optionsResp = await fetch(`${baseUrl}/webauthn-options/${providerID}?${params}`);
+    if (!optionsResp.ok) {
+        return { error: optionsResp };
+    }
+    const optionsData = await optionsResp.json();
+    if (optionsData.action === "authenticate") {
+        const webAuthnResponse = await startAuthentication(optionsData.options);
+        return { data: webAuthnResponse, action: "authenticate" };
+    }
+    else {
+        const webAuthnResponse = await startRegistration(optionsData.options);
+        return { data: webAuthnResponse, action: "register" };
+    }
+}
+export async function signIn(provider, options, authorizationParams) {
+    const { callbackUrl, ...rest } = options ?? {};
+    const { redirectTo = callbackUrl ?? window.location.href, redirect = true, ...signInParams } = rest;
+    const baseUrl = apiBaseUrl(__NEXTAUTH);
+    const providers = await getProviders();
+    if (!providers) {
+        window.location.href = `${baseUrl}/error`;
+        return; // TODO: Return error if `redirect: false`
+    }
+    if (!provider ||
+        !providers[provider] ||
+        providers[provider].type !== "webauthn") {
+        // TODO: Add docs link with explanation
+        throw new TypeError([
+            `Provider id "${provider}" does not refer to a WebAuthn provider.`,
+            'Please use `import { signIn } from "next-auth/react"` instead.',
+        ].join("\n"));
+    }
+    const webAuthnBody = {};
+    const webAuthnResponse = await webAuthnOptions(provider, __NEXTAUTH, signInParams);
+    if (webAuthnResponse.error) {
+        logger.error(new Error(await webAuthnResponse.error.text()));
+        return;
+    }
+    webAuthnBody.data = JSON.stringify(webAuthnResponse.data);
+    webAuthnBody.action = webAuthnResponse.action;
+    const signInUrl = `${baseUrl}/callback/${provider}?${new URLSearchParams(authorizationParams)}`;
+    const res = await fetch(signInUrl, {
+        method: "post",
+        headers: {
+            "Content-Type": "application/x-www-form-urlencoded",
+            "X-Auth-Return-Redirect": "1",
+        },
+        body: new URLSearchParams({
+            ...signInParams,
+            ...webAuthnBody,
+            csrfToken: await getCsrfToken(),
+            callbackUrl: redirectTo,
+        }),
+    });
+    const data = await res.json();
+    if (redirect) {
+        const url = data.url ?? callbackUrl;
+        window.location.href = url;
+        // If url contains a hash, the browser does not reload the page. We reload manually
+        if (url.includes("#"))
+            window.location.reload();
+        return;
+    }
+    const error = new URL(data.url).searchParams.get("error");
+    const code = new URL(data.url).searchParams.get("code");
+    if (res.ok) {
+        await __NEXTAUTH._getSession({ event: "storage" });
+    }
+    return {
+        error,
+        code,
+        status: res.status,
+        ok: res.ok,
+        url: error ? null : data.url,
+    };
+}

package/LICENSE DELETED Viewed

@@ -1,70 +0,0 @@
----
-**Mulverse M.U.V GENERAL PUBLIC LICENSE**
-**Version 1.0**
-**Copyright (C) [2022] Mulverse Inc.**
-**1. Definitions**
-1.1 **"Software"** refers to the Mulverse software distributed under this license, including all associated files, documentation, and any updates or modifications.
-1.2 **"You"** means the individual or entity who receives or uses the Software.
-1.3 **"Distribution"** refers to any form of sharing or redistribution of the Software, including copies or derivative works.
-**2. Permissions**
-2.1 **Use**: You are granted the right to use the Software for any purpose.
-2.2 **Copy and Distribution**: You may distribute copies of the Software, either in its original form or as modified, provided that all copies include the same license terms.
-2.3 **Modification**: You may modify the Software and distribute the modified versions, provided that the modified Software is also licensed under this GPL and that you include a prominent notice stating the changes made.
-**3. Copyleft**
-3.1 **Source Code**: If you distribute the Software or any derivative works, you must either include the source code or make it available in a manner specified by this license.
-3.2 **License Continuity**: All copies and derivative works of the Software must be distributed under the terms of this GPL. You must include a copy of this license with all distributions.
-**4. Conditions**
-4.1 **Attribution**: You must provide appropriate credit to Mulverse Inc., including a notice that the Software is licensed under the Mulverse S.N.E General Public License.
-4.2 **No Warranty**: The Software is provided "as is," without any warranty of any kind. Mulverse Inc. disclaims all warranties and conditions, including but not limited to implied warranties of merchantability and fitness for a particular purpose.
-4.3 **No Additional Restrictions**: You may not impose any additional restrictions on the rights granted by this license. This includes, but is not limited to, additional licenses or agreements.
-**5. Termination**
-5.1 **Automatic Termination**: If you breach any of the terms of this license, your rights under this license will be terminated automatically.
-5.2 **Reinstatement**: You may be reinstated if you cure the breach and notify Mulverse Inc. of the cure within 30 days of the termination.
-**6. Patent Grant**
-6.1 **Patent License**: You grant to Mulverse Inc. a non-exclusive, royalty-free license to any patents you may hold that are necessary to use the Software.
-**7. Indemnity**
-7.1 **Indemnification**: You agree to indemnify and hold Mulverse Inc. harmless from any claims, damages, or liabilities arising from your use or distribution of the Software.
-**8. Governing Law**
-8.1 **Jurisdiction**: This license shall be governed by and construed in accordance with the laws of [Your Jurisdiction].
-**9. Miscellaneous**
-9.1 **Severability**: If any provision of this license is held to be invalid or unenforceable, the remaining provisions will remain in effect.
-9.2 **Entire Agreement**: This license constitutes the entire agreement between you and Mulverse Inc. regarding the Software and supersedes all prior agreements and understandings.
-**10. Contact**
-10.1 **Inquiries**: For any questions or concerns regarding this license, please contact Mulverse Inc. at [Contact Information].
-**End of License**
----

package/dist/actions-CExpv_dD.js DELETED Viewed

@@ -1 +0,0 @@

- "use strict";const O=require("next/headers");var r=(s=>(s.INVALID_CREDENTIALS="INVALID_CREDENTIALS",s.ACCOUNT_LOCKED="ACCOUNT_LOCKED",s.ACCOUNT_INACTIVE="ACCOUNT_INACTIVE",s.TWO_FA_REQUIRED="TWO_FA_REQUIRED",s.INVALID_TWO_FA_CODE="INVALID_TWO_FA_CODE",s.SESSION_EXPIRED="SESSION_EXPIRED",s.UNAUTHORIZED="UNAUTHORIZED",s.NETWORK_ERROR="NETWORK_ERROR",s.VALIDATION_ERROR="VALIDATION_ERROR",s.RATE_LIMITED="RATE_LIMITED",s.UNKNOWN_ERROR="UNKNOWN_ERROR",s))(r||{});async function R(s){var n;try{return(n=(await O.cookies()).get(s))==null?void 0:n.value}catch(e){const o=(e==null?void 0:e.message)||"";if(o.includes("cookies")||o.includes("request scope")||o.includes("outside")||o.includes("dynamic"))return;throw e}}async function u(s){try{return(await O.cookies()).set({name:s.name,value:s.value,maxAge:s.maxAge,expires:s.expires,httpOnly:s.httpOnly??!0,secure:s.secure,sameSite:s.sameSite??"lax",path:s.path??"/",domain:s.domain}),{success:!0}}catch(n){const e=(n==null?void 0:n.message)||"";if(e.includes("cookies")||e.includes("request scope")||e.includes("outside")||e.includes("dynamic")){const o=`Cannot set cookie "${s.name}" outside request scope. Make sure this is called from a Server Action or Route Handler.`;return process.env.NODE_ENV==="development"&&console.warn(`[Mulguard] ${o}`),{success:!1,error:e,warning:o}}throw n}}async function f(s,n){try{(await O.cookies()).set({name:s,value:"",maxAge:0,expires:new Date(0),httpOnly:!0,path:(n==null?void 0:n.path)??"/",domain:n==null?void 0:n.domain})}catch(e){const o=(e==null?void 0:e.message)||"";if(o.includes("cookies")||o.includes("request scope")||o.includes("outside")||o.includes("dynamic")){process.env.NODE_ENV==="development"&&console.warn(`[Mulguard] Cannot delete cookie "${s}" outside request scope`);return}throw e}}function l(s,n,e){const o=process.env.NODE_ENV==="production";return{name:s,value:n,maxAge:e.expiresIn,httpOnly:e.httpOnly??!0,secure:e.secure??o,sameSite:e.sameSite??"lax",path:e.path??"/"}}async function g(s,n){if(!s.verify2FA)return{success:!1,error:"2FA verification is not configured",errorCode:r.VALIDATION_ERROR};try{const e=await s.verify2FA(n,{skipCookieSave:!0});if(e.success&&e.session)try{const{cookieName:o,config:t}=s._getSessionConfig(),c=typeof e.session=="object"&&"token"in e.session?String(e.session.token):JSON.stringify(e.session),i=l(o,c,t),a=await u(i);a.success||process.env.NODE_ENV==="development"&&console.warn("[Mulguard] Failed to save session after 2FA verification:",a.error||a.warning)}catch(o){process.env.NODE_ENV==="development"&&console.warn("[Mulguard] Failed to save session cookie:",o)}return e}catch(e){return{success:!1,error:e instanceof Error?e.message:"2FA verification failed",errorCode:r.UNKNOWN_ERROR}}}async function N(s){var n;try{const e=await s.getSession(),o=e==null?void 0:e.user;s.signOut&&await s.signOut();const{cookieName:t,config:c}=s._getSessionConfig();await f(t,{path:c.path||"/"});const i=(n=s._getCallbacks)==null?void 0:n.call(s);return o&&(i!=null&&i.onSignOut)&&await i.onSignOut(o),{success:!0}}catch(e){return{success:!1,error:e instanceof Error?e.message:"Sign out failed"}}}async function d(s,n){var e;if(!((e=s.signIn)!=null&&e.email))return{success:!1,error:"Email sign in is not configured",errorCode:r.VALIDATION_ERROR};try{const o=await s.signIn.email(n);if(o.success&&o.session)try{const{cookieName:t,config:c}=s._getSessionConfig(),i=typeof o.session=="object"&&"token"in o.session?String(o.session.token):JSON.stringify(o.session),a=l(t,i,c);await u(a)}catch(t){process.env.NODE_ENV==="development"&&console.warn("[Mulguard] Failed to save session cookie:",t)}return o}catch(o){return{success:!1,error:o instanceof Error?o.message:"Sign in failed",errorCode:r.UNKNOWN_ERROR}}}async function E(s,n){if(!s.signUp)return{success:!1,error:"Sign up is not configured",errorCode:r.VALIDATION_ERROR};try{const e=await s.signUp(n);if(e.success&&e.session)try{const{cookieName:o,config:t}=s._getSessionConfig(),c=typeof e.session=="object"&&"token"in e.session?String(e.session.token):JSON.stringify(e.session),i=l(o,c,t);await u(i)}catch(o){process.env.NODE_ENV==="development"&&console.warn("[Mulguard] Failed to save session cookie:",o)}return e}catch(e){return{success:!1,error:e instanceof Error?e.message:"Sign up failed",errorCode:r.UNKNOWN_ERROR}}}const _=Object.freeze(Object.defineProperty({__proto__:null,signInEmailAction:d,signOutAction:N,signUpAction:E,verify2FAAction:g},Symbol.toStringTag,{value:"Module"}));exports.AuthErrorCode=r;exports.actions=_;exports.buildCookieOptions=l;exports.deleteCookie=f;exports.getCookie=R;exports.setCookie=u;exports.signInEmailAction=d;exports.signOutAction=N;exports.signUpAction=E;exports.verify2FAAction=g;

package/dist/actions-DeCfLtHA.mjs DELETED Viewed

@@ -1,184 +0,0 @@
-import { cookies as u } from "next/headers";
-var c = /* @__PURE__ */ ((s) => (s.INVALID_CREDENTIALS = "INVALID_CREDENTIALS", s.ACCOUNT_LOCKED = "ACCOUNT_LOCKED", s.ACCOUNT_INACTIVE = "ACCOUNT_INACTIVE", s.TWO_FA_REQUIRED = "TWO_FA_REQUIRED", s.INVALID_TWO_FA_CODE = "INVALID_TWO_FA_CODE", s.SESSION_EXPIRED = "SESSION_EXPIRED", s.UNAUTHORIZED = "UNAUTHORIZED", s.NETWORK_ERROR = "NETWORK_ERROR", s.VALIDATION_ERROR = "VALIDATION_ERROR", s.RATE_LIMITED = "RATE_LIMITED", s.UNKNOWN_ERROR = "UNKNOWN_ERROR", s))(c || {});
-async function _(s) {
-  var o;
-  try {
-    return (o = (await u()).get(s)) == null ? void 0 : o.value;
-  } catch (e) {
-    const n = (e == null ? void 0 : e.message) || "";
-    if (n.includes("cookies") || n.includes("request scope") || n.includes("outside") || n.includes("dynamic"))
-      return;
-    throw e;
-  }
-}
-async function l(s) {
-  try {
-    return (await u()).set({
-      name: s.name,
-      value: s.value,
-      maxAge: s.maxAge,
-      expires: s.expires,
-      httpOnly: s.httpOnly ?? !0,
-      secure: s.secure,
-      sameSite: s.sameSite ?? "lax",
-      path: s.path ?? "/",
-      domain: s.domain
-    }), { success: !0 };
-  } catch (o) {
-    const e = (o == null ? void 0 : o.message) || "";
-    if (e.includes("cookies") || e.includes("request scope") || e.includes("outside") || e.includes("dynamic")) {
-      const n = `Cannot set cookie "${s.name}" outside request scope. Make sure this is called from a Server Action or Route Handler.`;
-      return process.env.NODE_ENV === "development" && console.warn(`[Mulguard] ${n}`), {
-        success: !1,
-        error: e,
-        warning: n
-      };
-    }
-    throw o;
-  }
-}
-async function O(s, o) {
-  try {
-    (await u()).set({
-      name: s,
-      value: "",
-      maxAge: 0,
-      expires: /* @__PURE__ */ new Date(0),
-      httpOnly: !0,
-      path: (o == null ? void 0 : o.path) ?? "/",
-      domain: o == null ? void 0 : o.domain
-    });
-  } catch (e) {
-    const n = (e == null ? void 0 : e.message) || "";
-    if (n.includes("cookies") || n.includes("request scope") || n.includes("outside") || n.includes("dynamic")) {
-      process.env.NODE_ENV === "development" && console.warn(`[Mulguard] Cannot delete cookie "${s}" outside request scope`);
-      return;
-    }
-    throw e;
-  }
-}
-function f(s, o, e) {
-  const n = process.env.NODE_ENV === "production";
-  return {
-    name: s,
-    value: o,
-    maxAge: e.expiresIn,
-    httpOnly: e.httpOnly ?? !0,
-    secure: e.secure ?? n,
-    sameSite: e.sameSite ?? "lax",
-    path: e.path ?? "/"
-  };
-}
-async function g(s, o) {
-  if (!s.verify2FA)
-    return {
-      success: !1,
-      error: "2FA verification is not configured",
-      errorCode: c.VALIDATION_ERROR
-    };
-  try {
-    const e = await s.verify2FA(o, { skipCookieSave: !0 });
-    if (e.success && e.session)
-      try {
-        const { cookieName: n, config: r } = s._getSessionConfig(), t = typeof e.session == "object" && "token" in e.session ? String(e.session.token) : JSON.stringify(e.session), i = f(n, t, r), a = await l(i);
-        a.success || process.env.NODE_ENV === "development" && console.warn("[Mulguard] Failed to save session after 2FA verification:", a.error || a.warning);
-      } catch (n) {
-        process.env.NODE_ENV === "development" && console.warn("[Mulguard] Failed to save session cookie:", n);
-      }
-    return e;
-  } catch (e) {
-    return {
-      success: !1,
-      error: e instanceof Error ? e.message : "2FA verification failed",
-      errorCode: c.UNKNOWN_ERROR
-    };
-  }
-}
-async function N(s) {
-  var o;
-  try {
-    const e = await s.getSession(), n = e == null ? void 0 : e.user;
-    s.signOut && await s.signOut();
-    const { cookieName: r, config: t } = s._getSessionConfig();
-    await O(r, {
-      path: t.path || "/"
-    });
-    const i = (o = s._getCallbacks) == null ? void 0 : o.call(s);
-    return n && (i != null && i.onSignOut) && await i.onSignOut(n), { success: !0 };
-  } catch (e) {
-    return {
-      success: !1,
-      error: e instanceof Error ? e.message : "Sign out failed"
-    };
-  }
-}
-async function d(s, o) {
-  var e;
-  if (!((e = s.signIn) != null && e.email))
-    return {
-      success: !1,
-      error: "Email sign in is not configured",
-      errorCode: c.VALIDATION_ERROR
-    };
-  try {
-    const n = await s.signIn.email(o);
-    if (n.success && n.session)
-      try {
-        const { cookieName: r, config: t } = s._getSessionConfig(), i = typeof n.session == "object" && "token" in n.session ? String(n.session.token) : JSON.stringify(n.session), a = f(r, i, t);
-        await l(a);
-      } catch (r) {
-        process.env.NODE_ENV === "development" && console.warn("[Mulguard] Failed to save session cookie:", r);
-      }
-    return n;
-  } catch (n) {
-    return {
-      success: !1,
-      error: n instanceof Error ? n.message : "Sign in failed",
-      errorCode: c.UNKNOWN_ERROR
-    };
-  }
-}
-async function E(s, o) {
-  if (!s.signUp)
-    return {
-      success: !1,
-      error: "Sign up is not configured",
-      errorCode: c.VALIDATION_ERROR
-    };
-  try {
-    const e = await s.signUp(o);
-    if (e.success && e.session)
-      try {
-        const { cookieName: n, config: r } = s._getSessionConfig(), t = typeof e.session == "object" && "token" in e.session ? String(e.session.token) : JSON.stringify(e.session), i = f(n, t, r);
-        await l(i);
-      } catch (n) {
-        process.env.NODE_ENV === "development" && console.warn("[Mulguard] Failed to save session cookie:", n);
-      }
-    return e;
-  } catch (e) {
-    return {
-      success: !1,
-      error: e instanceof Error ? e.message : "Sign up failed",
-      errorCode: c.UNKNOWN_ERROR
-    };
-  }
-}
-const m = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
-  __proto__: null,
-  signInEmailAction: d,
-  signOutAction: N,
-  signUpAction: E,
-  verify2FAAction: g
-}, Symbol.toStringTag, { value: "Module" }));
-export {
-  c as A,
-  d as a,
-  E as b,
-  l as c,
-  O as d,
-  f as e,
-  m as f,
-  _ as g,
-  N as s,
-  g as v
-};

package/dist/client/hooks.d.ts DELETED Viewed

@@ -1,122 +0,0 @@
-import { Session, AuthResult, EmailCredentials, RegisterData, RememberedUser, Verify2FAData } from '../core/types';
-import { MulguardInstance } from '../mulguard';
-export interface UseAuthReturn {
-    session: Session | null;
-    isLoading: boolean;
-    /**
-     * Unified sign in method - professional interface similar to auth.js
-     *
-     * @example
-     * ```typescript
-     * // OAuth providers
-     * await signIn('google')
-     * await signIn('github')
-     *
-     * // Credentials
-     * await signIn('credentials', { email: 'user@example.com', password: 'password' })
-     *
-     * // OTP
-     * await signIn('otp', { email: 'user@example.com', code: '123456' })
-     * ```
-     */
-    signIn(provider: 'google' | 'github' | 'apple' | 'facebook' | string): Promise<{
-        url: string;
-        state: string;
-    }>;
-    signIn(provider: 'credentials', credentials: EmailCredentials): Promise<AuthResult>;
-    signIn(provider: 'otp', options: {
-        email: string;
-        code?: string;
-    }): Promise<AuthResult>;
-    signIn(provider: 'passkey', options?: {
-        userId?: string;
-    }): Promise<AuthResult>;
-    /**
-     * Legacy sign in methods (for backward compatibility)
-     */
-    signInMethods: {
-        email(credentials: EmailCredentials): Promise<AuthResult>;
-        oauth(provider: string): Promise<{
-            url: string;
-            state: string;
-        }>;
-        passkey(options?: {
-            userId?: string;
-        }): Promise<AuthResult>;
-        otp(email: string, code?: string): Promise<AuthResult>;
-    };
-    signUp(data: RegisterData): Promise<AuthResult>;
-    signOut(): Promise<void>;
-    resetPassword(email: string): Promise<{
-        success: boolean;
-        error?: string;
-    }>;
-    verifyEmail(token: string): Promise<{
-        success: boolean;
-        error?: string;
-    }>;
-    verify2FA(data: Verify2FAData): Promise<AuthResult>;
-}
-export interface UseSessionReturn {
-    session: Session | null;
-    isLoading: boolean;
-    error: Error | null;
-}
-export interface UseAccountPickerReturn {
-    lastUsers: RememberedUser[];
-    isLoading: boolean;
-    rememberUser: (user: {
-        id: string;
-        email: string;
-        name: string;
-        avatar?: string;
-    }, provider?: 'email' | 'oauth' | 'passkey') => Promise<void>;
-    clearUser: (userId: string) => Promise<void>;
-    clearAll: () => Promise<void>;
-    refresh: () => Promise<void>;
-}
-/**
- * Main authentication hook
- *
- * @example
- * ```tsx
- * import { useAuth } from 'mulguard/client'
- * import { auth } from '@/auth'
- *
- * function LoginButton() {
- *   const { session, signIn, signOut } = useAuth(auth)
- *   // ...
- * }
- * ```
- */
-export declare function useAuth(auth: MulguardInstance): UseAuthReturn;
-/**
- * Session hook
- *
- * @example
- * ```tsx
- * import { useSession } from 'mulguard/client'
- * import { auth } from '@/auth'
- *
- * function Profile() {
- *   const { session, isLoading } = useSession(auth)
- *   // ...
- * }
- * ```
- */
-export declare function useSession(auth: MulguardInstance): UseSessionReturn;
-/**
- * Account Picker hook
- *
- * @example
- * ```tsx
- * import { useAccountPicker } from 'mulguard/client'
- * import { auth } from '@/auth'
- *
- * function AccountList() {
- *   const { lastUsers, clearUser } = useAccountPicker(auth)
- *   // ...
- * }
- * ```
- */
-export declare function useAccountPicker(auth: MulguardInstance): UseAccountPickerReturn;

package/dist/client/index.d.ts DELETED Viewed

@@ -1,5 +0,0 @@
-/**
- * Client-side hooks and utilities for Next.js
- */
-export * from './hooks';
-export * from './provider';

package/dist/client/index.js DELETED Viewed

@@ -1 +0,0 @@

- "use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const o=require("react"),O=require("react/jsx-runtime");function v(){return typeof window>"u"}async function h(){try{return await Promise.resolve().then(()=>require("../actions-CExpv_dD.js")).then(l=>l.actions)}catch{return null}}async function N(e,l){if(v())return e.verify2FA?e.verify2FA(l):{success:!1,error:"2FA verification is not configured"};try{const r=await h();if(r)return await r.verify2FAAction(e,l)}catch{}try{const r=await fetch("/api/auth/verify-2fa",{method:"POST",headers:{"Content-Type":"application/json"},credentials:"include",body:JSON.stringify(l)});if(!r.ok){const a=await r.json().catch(()=>({}));return{success:!1,error:a.error||"2FA verification failed",errorCode:a.errorCode}}return await r.json()}catch(r){return{success:!1,error:r instanceof Error?r.message:"2FA verification failed"}}}async function _(e,l){var r;if(v())return(r=e.signIn)!=null&&r.email?e.signIn.email(l):{success:!1,error:"Email sign in is not configured"};try{const a=await h();if(a)return await a.signInEmailAction(e,l)}catch{}try{const a=await fetch("/api/auth/sign-in",{method:"POST",headers:{"Content-Type":"application/json"},credentials:"include",body:JSON.stringify({provider:"email",credentials:l})});if(!a.ok){const u=await a.json().catch(()=>({}));return{success:!1,error:u.error||"Sign in failed",errorCode:u.errorCode}}return await a.json()}catch(a){return{success:!1,error:a instanceof Error?a.message:"Sign in failed"}}}async function D(e,l){if(v())return e.signUp?e.signUp(l):{success:!1,error:"Sign up is not configured"};try{const r=await h();if(r)return await r.signUpAction(e,l)}catch{}try{const r=await fetch("/api/auth/sign-up",{method:"POST",headers:{"Content-Type":"application/json"},credentials:"include",body:JSON.stringify(l)});if(!r.ok){const a=await r.json().catch(()=>({}));return{success:!1,error:a.error||"Sign up failed",errorCode:a.errorCode}}return await r.json()}catch(r){return{success:!1,error:r instanceof Error?r.message:"Sign up failed"}}}function E(e){const[l,r]=o.useState(null),[a,u]=o.useState(!0),c=o.useCallback(async(s=!1)=>{u(!0);try{const n="/api/auth/session"+(s?`?t=${Date.now()}`:""),i=await fetch(n,{method:"GET",credentials:"include",headers:{"Content-Type":"application/json","Cache-Control":"no-cache, no-store, must-revalidate",Pragma:"no-cache",Expires:"0"},cache:"no-store"});if(i.status===401||i.status===403){r(null);return}if(i.ok){const t=await i.json();t.session?r(t.session):r(null)}else r(null)}catch(n){process.env.NODE_ENV==="development"&&console.error("Failed to load session:",n),r(null)}finally{u(!1)}},[e]),g=o.useCallback(s=>{if(!s||!s.expiresAt||!e.refreshSession)return()=>{};const n=new Date(s.expiresAt),i=new Date,t=n.getTime()-i.getTime(),f=5*60*1e3;if(t>0&&t<f)return e.refreshSession().catch(()=>{}),()=>{};if(t>f){const p=t-f,S=setTimeout(()=>{var C;(C=e.refreshSession)==null||C.call(e).catch(()=>{})},p);return()=>clearTimeout(S)}return()=>{}},[e]);o.useEffect(()=>{let s=null;(async()=>{await c();try{const t=await fetch("/api/auth/session",{method:"GET",credentials:"include",headers:{"Content-Type":"application/json"},cache:"no-store"});if(t.ok){const f=await t.json();f.session?s=g(f.session):r(null)}else r(null)}catch(t){process.env.NODE_ENV==="development"&&console.debug("Failed to schedule proactive refresh:",t),r(null)}})();const i=setInterval(()=>{fetch("/api/auth/session",{method:"GET",credentials:"include",headers:{"Content-Type":"application/json"},cache:"no-store"}).then(t=>t.status===401||t.status===403?(r(null),s&&(s(),s=null),typeof window<"u"&&window.location.pathname!=="/auth/login"&&window.location.replace("/auth/login?reason=session_expired"),null):t.json()).then(t=>{t&&(t.session?(r(t.session),s&&s(),s=g(t.session)):(r(null),s&&(s(),s=null)))}).catch(()=>{r(null),s&&(s(),s=null)})},60*1e3);return()=>{clearInterval(i),s&&s()}},[c,g]);const y=o.useCallback(async s=>{try{const n=await _(e,s);return n.success&&await c(),n}catch(n){return{success:!1,error:n instanceof Error?n.message:"Sign in failed"}}},[e,c]),w=o.useCallback(async s=>{if(!e.signIn.oauth)throw new Error("OAuth sign in is not configured");return e.signIn.oauth(s)},[e]),d=o.useCallback(async s=>{if(!e.signIn.passkey)return{success:!1,error:"PassKey sign in is not configured"};try{const n=await e.signIn.passkey(s);return n.success&&await c(),n}catch(n){return{success:!1,error:n instanceof Error?n.message:"PassKey authentication failed"}}},[e,c]),m=o.useCallback(async s=>{if(!e.signUp)return{success:!1,error:"Sign up is not configured"};try{const n=await D(e,s);return n.success&&await c(),n}catch(n){return{success:!1,error:n instanceof Error?n.message:"Sign up failed"}}},[e,c]),U=o.useCallback(async()=>{var s,n;try{if(r(null),u(!0),typeof window<"u"){try{window.sessionStorage.clear()}catch{}try{const i=(s=e._getSessionConfig)==null?void 0:s.call(e),t=(i==null?void 0:i.cookieName)||"__mulguard_session";try{window.localStorage.removeItem(t)}catch{}}catch{}}if(await e.signOut(),await c(!0),r(null),u(!1),typeof window<"u"){const i="/auth/login",t=window.location.pathname,f=window.location.search;if(t===i||t.startsWith("/auth/")){window.location.reload();return}const p=new URL(i,window.location.origin);t&&t!=="/"&&p.searchParams.set("redirect",t+f),window.location.replace(p.toString())}}catch(i){if(process.env.NODE_ENV==="development"&&console.error("Sign out error:",i),r(null),u(!1),typeof window<"u"){try{window.sessionStorage.clear();const f=(n=e._getSessionConfig)==null?void 0:n.call(e),p=(f==null?void 0:f.cookieName)||"__mulguard_session";try{window.localStorage.removeItem(p)}catch{}}catch{}const t="/auth/login";window.location.pathname!==t&&!window.location.pathname.startsWith("/auth/")?window.location.replace(t):window.location.reload()}}},[e,c]),T=o.useCallback(async s=>{if(!e.resetPassword)throw new Error("Password reset is not configured");return e.resetPassword(s)},[e]),F=o.useCallback(async s=>{if(!e.verifyEmail)throw new Error("Email verification is not configured");return e.verifyEmail(s)},[e]),x=o.useCallback(async s=>{if(!e.verify2FA)return{success:!1,error:"2FA verification is not configured"};try{const n=await N(e,s);return n.success&&(await new Promise(i=>setTimeout(i,100)),await c()),n}catch(n){return{success:!1,error:n instanceof Error?n.message:"2FA verification failed"}}},[e,c]),j=o.useCallback(async(s,n)=>e.signIn(s,n),[e]);return{session:l,isLoading:a,signIn:j,signInMethods:{email:y,oauth:w,passkey:d,otp:o.useCallback(async(s,n)=>{if(!e.signIn.otp)return{success:!1,error:"OTP sign in is not configured"};try{const i=await e.signIn.otp(s,n);return i.success&&await c(),i}catch(i){return{success:!1,error:i instanceof Error?i.message:"OTP sign in failed"}}},[e,c])},signUp:m,signOut:U,resetPassword:T,verifyEmail:F,verify2FA:x}}function A(e){const[l,r]=o.useState(null),[a,u]=o.useState(!0),[c,g]=o.useState(null),y=o.useCallback(async()=>{u(!0),g(null);try{const w=await e.getSession();r(w)}catch(w){const d=w instanceof Error?w:new Error("Failed to load session");g(d),r(null)}finally{u(!1)}},[e]);return o.useEffect(()=>{y();const w=setInterval(()=>{y()},5*60*1e3);return()=>clearInterval(w)},[y]),{session:l,isLoading:a,error:c}}function P(e){const[l,r]=o.useState([]),[a,u]=o.useState(!0),c=o.useCallback(async()=>{if(!e.accountPicker){r([]),u(!1);return}u(!0);try{const d=await e.accountPicker.getLastUsers();r(d)}catch(d){process.env.NODE_ENV==="development"&&console.error("Failed to load last users:",d),r([])}finally{u(!1)}},[e]);o.useEffect(()=>{c()},[c]);const g=o.useCallback(async(d,m)=>{e.accountPicker&&(await e.accountPicker.rememberUser(d,m),await c())},[e,c]),y=o.useCallback(async d=>{e.accountPicker&&(await e.accountPicker.clearUser(d),await c())},[e,c]),w=o.useCallback(async()=>{e.accountPicker&&(await e.accountPicker.clearAll(),await c())},[e,c]);return{lastUsers:l,isLoading:a,rememberUser:g,clearUser:y,clearAll:w,refresh:c}}const b=o.createContext(null);function I({auth:e,children:l}){const r=A(e),a=P(e);return O.jsx(b.Provider,{value:{auth:e,session:r,accountPicker:a},children:l})}function k(){const e=o.useContext(b);if(!e)throw new Error("useMulguardContext must be used within MulguardProvider");return e}function L(){const{auth:e}=k();return E(e)}const M=I,R=k;exports.AuthProvider=M;exports.MulguardProvider=I;exports.useAccountPicker=P;exports.useAuth=E;exports.useAuthContext=R;exports.useAuthFromContext=L;exports.useMulguardContext=k;exports.useSession=A;