npm - mulguard - Versions diffs - 1.1.7 → 1.1.9 - Mend

mulguard 1.1.7 → 1.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (546) hide show

package/LICENSE +3 -3
package/README.md +21 -582
package/adapters.d.ts +2 -0
package/adapters.d.ts.map +1 -0
package/adapters.js +1 -0
package/index.d.ts +329 -0
package/index.d.ts.map +1 -0
package/index.js +145 -0
package/jwt.d.ts +9 -0
package/jwt.d.ts.map +1 -0
package/jwt.js +8 -0
package/lib/actions.d.ts +13 -0
package/lib/actions.d.ts.map +1 -0
package/lib/actions.js +86 -0
package/lib/client.d.ts +104 -0
package/lib/client.d.ts.map +1 -0
package/lib/client.js +95 -0
package/lib/env.d.ts +12 -0
package/lib/env.d.ts.map +1 -0
package/lib/env.js +38 -0
package/lib/index.d.ts +56 -0
package/lib/index.d.ts.map +1 -0
package/lib/index.js +187 -0
package/lib/types.d.ts +24 -0
package/lib/types.d.ts.map +1 -0
package/lib/types.js +1 -0
package/middleware.d.ts +9 -0
package/middleware.d.ts.map +1 -0
package/middleware.js +12 -0
package/next.d.ts +9 -0
package/next.d.ts.map +1 -0
package/next.js +12 -0
package/package.json +93 -102
package/providers/42-school.d.ts +3 -0
package/providers/42-school.d.ts.map +1 -0
package/providers/42-school.js +2 -0
package/providers/apple.d.ts +3 -0
package/providers/apple.d.ts.map +1 -0
package/providers/apple.js +2 -0
package/providers/asgardeo.d.ts +3 -0
package/providers/asgardeo.d.ts.map +1 -0
package/providers/asgardeo.js +2 -0
package/providers/atlassian.d.ts +3 -0
package/providers/atlassian.d.ts.map +1 -0
package/providers/atlassian.js +2 -0
package/providers/auth0.d.ts +3 -0
package/providers/auth0.d.ts.map +1 -0
package/providers/auth0.js +2 -0
package/providers/authentik.d.ts +3 -0
package/providers/authentik.d.ts.map +1 -0
package/providers/authentik.js +2 -0
package/providers/azure-ad-b2c.d.ts +3 -0
package/providers/azure-ad-b2c.d.ts.map +1 -0
package/providers/azure-ad-b2c.js +2 -0
package/providers/azure-ad.d.ts +3 -0
package/providers/azure-ad.d.ts.map +1 -0
package/providers/azure-ad.js +2 -0
package/providers/azure-devops.d.ts +3 -0
package/providers/azure-devops.d.ts.map +1 -0
package/providers/azure-devops.js +2 -0
package/providers/bankid-no.d.ts +3 -0
package/providers/bankid-no.d.ts.map +1 -0
package/providers/bankid-no.js +2 -0
package/providers/battlenet.d.ts +3 -0
package/providers/battlenet.d.ts.map +1 -0
package/providers/battlenet.js +2 -0
package/providers/beyondidentity.d.ts +3 -0
package/providers/beyondidentity.d.ts.map +1 -0
package/providers/beyondidentity.js +2 -0
package/providers/bitbucket.d.ts +3 -0
package/providers/bitbucket.d.ts.map +1 -0
package/providers/bitbucket.js +2 -0
package/providers/box.d.ts +3 -0
package/providers/box.d.ts.map +1 -0
package/providers/box.js +2 -0
package/providers/boxyhq-saml.d.ts +3 -0
package/providers/boxyhq-saml.d.ts.map +1 -0
package/providers/boxyhq-saml.js +2 -0
package/providers/bungie.d.ts +3 -0
package/providers/bungie.d.ts.map +1 -0
package/providers/bungie.js +2 -0
package/providers/click-up.d.ts +3 -0
package/providers/click-up.d.ts.map +1 -0
package/providers/click-up.js +2 -0
package/providers/cognito.d.ts +3 -0
package/providers/cognito.d.ts.map +1 -0
package/providers/cognito.js +2 -0
package/providers/coinbase.d.ts +3 -0
package/providers/coinbase.d.ts.map +1 -0
package/providers/coinbase.js +2 -0
package/providers/concept2.d.ts +3 -0
package/providers/concept2.d.ts.map +1 -0
package/providers/concept2.js +2 -0
package/providers/credentials.d.ts +3 -0
package/providers/credentials.d.ts.map +1 -0
package/providers/credentials.js +2 -0
package/providers/descope.d.ts +3 -0
package/providers/descope.d.ts.map +1 -0
package/providers/descope.js +2 -0
package/providers/discord.d.ts +3 -0
package/providers/discord.d.ts.map +1 -0
package/providers/discord.js +2 -0
package/providers/dribbble.d.ts +3 -0
package/providers/dribbble.d.ts.map +1 -0
package/providers/dribbble.js +2 -0
package/providers/dropbox.d.ts +3 -0
package/providers/dropbox.d.ts.map +1 -0
package/providers/dropbox.js +2 -0
package/providers/duende-identity-server6.d.ts +3 -0
package/providers/duende-identity-server6.d.ts.map +1 -0
package/providers/duende-identity-server6.js +2 -0
package/providers/email.d.ts +3 -0
package/providers/email.d.ts.map +1 -0
package/providers/email.js +2 -0
package/providers/eventbrite.d.ts +3 -0
package/providers/eventbrite.d.ts.map +1 -0
package/providers/eventbrite.js +2 -0
package/providers/eveonline.d.ts +3 -0
package/providers/eveonline.d.ts.map +1 -0
package/providers/eveonline.js +2 -0
package/providers/facebook.d.ts +3 -0
package/providers/facebook.d.ts.map +1 -0
package/providers/facebook.js +2 -0
package/providers/faceit.d.ts +3 -0
package/providers/faceit.d.ts.map +1 -0
package/providers/faceit.js +2 -0
package/providers/figma.d.ts +3 -0
package/providers/figma.d.ts.map +1 -0
package/providers/figma.js +2 -0
package/providers/forwardemail.d.ts +3 -0
package/providers/forwardemail.d.ts.map +1 -0
package/providers/forwardemail.js +2 -0
package/providers/foursquare.d.ts +3 -0
package/providers/foursquare.d.ts.map +1 -0
package/providers/foursquare.js +2 -0
package/providers/freshbooks.d.ts +3 -0
package/providers/freshbooks.d.ts.map +1 -0
package/providers/freshbooks.js +2 -0
package/providers/frontegg.d.ts +3 -0
package/providers/frontegg.d.ts.map +1 -0
package/providers/frontegg.js +2 -0
package/providers/fusionauth.d.ts +3 -0
package/providers/fusionauth.d.ts.map +1 -0
package/providers/fusionauth.js +2 -0
package/providers/github.d.ts +3 -0
package/providers/github.d.ts.map +1 -0
package/providers/github.js +2 -0
package/providers/gitlab.d.ts +3 -0
package/providers/gitlab.d.ts.map +1 -0
package/providers/gitlab.js +2 -0
package/providers/google.d.ts +3 -0
package/providers/google.d.ts.map +1 -0
package/providers/google.js +2 -0
package/providers/hubspot.d.ts +3 -0
package/providers/hubspot.d.ts.map +1 -0
package/providers/hubspot.js +2 -0
package/providers/huggingface.d.ts +3 -0
package/providers/huggingface.d.ts.map +1 -0
package/providers/huggingface.js +2 -0
package/providers/identity-server4.d.ts +3 -0
package/providers/identity-server4.d.ts.map +1 -0
package/providers/identity-server4.js +2 -0
package/providers/index.d.ts +2 -0
package/providers/index.d.ts.map +1 -0
package/providers/index.js +1 -0
package/providers/instagram.d.ts +3 -0
package/providers/instagram.d.ts.map +1 -0
package/providers/instagram.js +2 -0
package/providers/kakao.d.ts +3 -0
package/providers/kakao.d.ts.map +1 -0
package/providers/kakao.js +2 -0
package/providers/keycloak.d.ts +3 -0
package/providers/keycloak.d.ts.map +1 -0
package/providers/keycloak.js +2 -0
package/providers/kinde.d.ts +3 -0
package/providers/kinde.d.ts.map +1 -0
package/providers/kinde.js +2 -0
package/providers/line.d.ts +3 -0
package/providers/line.d.ts.map +1 -0
package/providers/line.js +2 -0
package/providers/linkedin.d.ts +3 -0
package/providers/linkedin.d.ts.map +1 -0
package/providers/linkedin.js +2 -0
package/providers/logto.d.ts +3 -0
package/providers/logto.d.ts.map +1 -0
package/providers/logto.js +2 -0
package/providers/loops.d.ts +3 -0
package/providers/loops.d.ts.map +1 -0
package/providers/loops.js +2 -0
package/providers/mailchimp.d.ts +3 -0
package/providers/mailchimp.d.ts.map +1 -0
package/providers/mailchimp.js +2 -0
package/providers/mailgun.d.ts +3 -0
package/providers/mailgun.d.ts.map +1 -0
package/providers/mailgun.js +2 -0
package/providers/mailru.d.ts +3 -0
package/providers/mailru.d.ts.map +1 -0
package/providers/mailru.js +2 -0
package/providers/mastodon.d.ts +3 -0
package/providers/mastodon.d.ts.map +1 -0
package/providers/mastodon.js +2 -0
package/providers/mattermost.d.ts +3 -0
package/providers/mattermost.d.ts.map +1 -0
package/providers/mattermost.js +2 -0
package/providers/medium.d.ts +3 -0
package/providers/medium.d.ts.map +1 -0
package/providers/medium.js +2 -0
package/providers/microsoft-entra-id.d.ts +3 -0
package/providers/microsoft-entra-id.d.ts.map +1 -0
package/providers/microsoft-entra-id.js +2 -0
package/providers/naver.d.ts +3 -0
package/providers/naver.d.ts.map +1 -0
package/providers/naver.js +2 -0
package/providers/netlify.d.ts +3 -0
package/providers/netlify.d.ts.map +1 -0
package/providers/netlify.js +2 -0
package/providers/netsuite.d.ts +3 -0
package/providers/netsuite.d.ts.map +1 -0
package/providers/netsuite.js +2 -0
package/providers/nextcloud.d.ts +3 -0
package/providers/nextcloud.d.ts.map +1 -0
package/providers/nextcloud.js +2 -0
package/providers/nodemailer.d.ts +3 -0
package/providers/nodemailer.d.ts.map +1 -0
package/providers/nodemailer.js +2 -0
package/providers/notion.d.ts +3 -0
package/providers/notion.d.ts.map +1 -0
package/providers/notion.js +2 -0
package/providers/okta.d.ts +3 -0
package/providers/okta.d.ts.map +1 -0
package/providers/okta.js +2 -0
package/providers/onelogin.d.ts +3 -0
package/providers/onelogin.d.ts.map +1 -0
package/providers/onelogin.js +2 -0
package/providers/ory-hydra.d.ts +3 -0
package/providers/ory-hydra.d.ts.map +1 -0
package/providers/ory-hydra.js +2 -0
package/providers/osso.d.ts +3 -0
package/providers/osso.d.ts.map +1 -0
package/providers/osso.js +2 -0
package/providers/osu.d.ts +3 -0
package/providers/osu.d.ts.map +1 -0
package/providers/osu.js +2 -0
package/providers/passage.d.ts +3 -0
package/providers/passage.d.ts.map +1 -0
package/providers/passage.js +2 -0
package/providers/passkey.d.ts +3 -0
package/providers/passkey.d.ts.map +1 -0
package/providers/passkey.js +2 -0
package/providers/patreon.d.ts +3 -0
package/providers/patreon.d.ts.map +1 -0
package/providers/patreon.js +2 -0
package/providers/ping-id.d.ts +3 -0
package/providers/ping-id.d.ts.map +1 -0
package/providers/ping-id.js +2 -0
package/providers/pinterest.d.ts +3 -0
package/providers/pinterest.d.ts.map +1 -0
package/providers/pinterest.js +2 -0
package/providers/pipedrive.d.ts +3 -0
package/providers/pipedrive.d.ts.map +1 -0
package/providers/pipedrive.js +2 -0
package/providers/postmark.d.ts +3 -0
package/providers/postmark.d.ts.map +1 -0
package/providers/postmark.js +2 -0
package/providers/reddit.d.ts +3 -0
package/providers/reddit.d.ts.map +1 -0
package/providers/reddit.js +2 -0
package/providers/resend.d.ts +3 -0
package/providers/resend.d.ts.map +1 -0
package/providers/resend.js +2 -0
package/providers/roblox.d.ts +3 -0
package/providers/roblox.d.ts.map +1 -0
package/providers/roblox.js +2 -0
package/providers/salesforce.d.ts +3 -0
package/providers/salesforce.d.ts.map +1 -0
package/providers/salesforce.js +2 -0
package/providers/sendgrid.d.ts +3 -0
package/providers/sendgrid.d.ts.map +1 -0
package/providers/sendgrid.js +2 -0
package/providers/simplelogin.d.ts +3 -0
package/providers/simplelogin.d.ts.map +1 -0
package/providers/simplelogin.js +2 -0
package/providers/slack.d.ts +3 -0
package/providers/slack.d.ts.map +1 -0
package/providers/slack.js +2 -0
package/providers/spotify.d.ts +3 -0
package/providers/spotify.d.ts.map +1 -0
package/providers/spotify.js +2 -0
package/providers/strava.d.ts +3 -0
package/providers/strava.d.ts.map +1 -0
package/providers/strava.js +2 -0
package/providers/threads.d.ts +3 -0
package/providers/threads.d.ts.map +1 -0
package/providers/threads.js +2 -0
package/providers/tiktok.d.ts +3 -0
package/providers/tiktok.d.ts.map +1 -0
package/providers/tiktok.js +2 -0
package/providers/todoist.d.ts +3 -0
package/providers/todoist.d.ts.map +1 -0
package/providers/todoist.js +2 -0
package/providers/trakt.d.ts +3 -0
package/providers/trakt.d.ts.map +1 -0
package/providers/trakt.js +2 -0
package/providers/twitch.d.ts +3 -0
package/providers/twitch.d.ts.map +1 -0
package/providers/twitch.js +2 -0
package/providers/twitter.d.ts +3 -0
package/providers/twitter.d.ts.map +1 -0
package/providers/twitter.js +2 -0
package/providers/united-effects.d.ts +3 -0
package/providers/united-effects.d.ts.map +1 -0
package/providers/united-effects.js +2 -0
package/providers/vipps.d.ts +3 -0
package/providers/vipps.d.ts.map +1 -0
package/providers/vipps.js +2 -0
package/providers/vk.d.ts +3 -0
package/providers/vk.d.ts.map +1 -0
package/providers/vk.js +2 -0
package/providers/webauthn.d.ts +3 -0
package/providers/webauthn.d.ts.map +1 -0
package/providers/webauthn.js +2 -0
package/providers/webex.d.ts +3 -0
package/providers/webex.d.ts.map +1 -0
package/providers/webex.js +2 -0
package/providers/wechat.d.ts +3 -0
package/providers/wechat.d.ts.map +1 -0
package/providers/wechat.js +2 -0
package/providers/wikimedia.d.ts +3 -0
package/providers/wikimedia.d.ts.map +1 -0
package/providers/wikimedia.js +2 -0
package/providers/wordpress.d.ts +3 -0
package/providers/wordpress.d.ts.map +1 -0
package/providers/wordpress.js +2 -0
package/providers/workos.d.ts +3 -0
package/providers/workos.d.ts.map +1 -0
package/providers/workos.js +2 -0
package/providers/yandex.d.ts +3 -0
package/providers/yandex.d.ts.map +1 -0
package/providers/yandex.js +2 -0
package/providers/zitadel.d.ts +3 -0
package/providers/zitadel.d.ts.map +1 -0
package/providers/zitadel.js +2 -0
package/providers/zoho.d.ts +3 -0
package/providers/zoho.d.ts.map +1 -0
package/providers/zoho.js +2 -0
package/providers/zoom.d.ts +3 -0
package/providers/zoom.d.ts.map +1 -0
package/providers/zoom.js +2 -0
package/react.d.ts +102 -0
package/react.d.ts.map +1 -0
package/react.js +361 -0
package/src/adapters.ts +1 -0
package/src/index.ts +430 -0
package/src/jwt.ts +9 -0
package/src/lib/actions.ts +144 -0
package/src/lib/client.ts +245 -0
package/src/lib/env.ts +36 -0
package/src/lib/index.ts +313 -0
package/src/lib/types.ts +30 -0
package/src/middleware.ts +16 -0
package/src/next.ts +16 -0
package/src/providers/42-school.ts +2 -0
package/src/providers/apple.ts +2 -0
package/src/providers/asgardeo.ts +2 -0
package/src/providers/atlassian.ts +2 -0
package/src/providers/auth0.ts +2 -0
package/src/providers/authentik.ts +2 -0
package/src/providers/azure-ad-b2c.ts +2 -0
package/src/providers/azure-ad.ts +2 -0
package/src/providers/azure-devops.ts +2 -0
package/src/providers/bankid-no.ts +2 -0
package/src/providers/battlenet.ts +2 -0
package/src/providers/beyondidentity.ts +2 -0
package/src/providers/bitbucket.ts +2 -0
package/src/providers/box.ts +2 -0
package/src/providers/boxyhq-saml.ts +2 -0
package/src/providers/bungie.ts +2 -0
package/src/providers/click-up.ts +2 -0
package/src/providers/cognito.ts +2 -0
package/src/providers/coinbase.ts +2 -0
package/src/providers/concept2.ts +2 -0
package/src/providers/credentials.ts +2 -0
package/src/providers/descope.ts +2 -0
package/src/providers/discord.ts +2 -0
package/src/providers/dribbble.ts +2 -0
package/src/providers/dropbox.ts +2 -0
package/src/providers/duende-identity-server6.ts +2 -0
package/src/providers/email.ts +2 -0
package/src/providers/eventbrite.ts +2 -0
package/src/providers/eveonline.ts +2 -0
package/src/providers/facebook.ts +2 -0
package/src/providers/faceit.ts +2 -0
package/src/providers/figma.ts +2 -0
package/src/providers/forwardemail.ts +2 -0
package/src/providers/foursquare.ts +2 -0
package/src/providers/freshbooks.ts +2 -0
package/src/providers/frontegg.ts +2 -0
package/src/providers/fusionauth.ts +2 -0
package/src/providers/github.ts +2 -0
package/src/providers/gitlab.ts +2 -0
package/src/providers/google.ts +2 -0
package/src/providers/hubspot.ts +2 -0
package/src/providers/huggingface.ts +2 -0
package/src/providers/identity-server4.ts +2 -0
package/src/providers/index.ts +1 -0
package/src/providers/instagram.ts +2 -0
package/src/providers/kakao.ts +2 -0
package/src/providers/keycloak.ts +2 -0
package/src/providers/kinde.ts +2 -0
package/src/providers/line.ts +2 -0
package/src/providers/linkedin.ts +2 -0
package/src/providers/logto.ts +2 -0
package/src/providers/loops.ts +2 -0
package/src/providers/mailchimp.ts +2 -0
package/src/providers/mailgun.ts +2 -0
package/src/providers/mailru.ts +2 -0
package/src/providers/mastodon.ts +2 -0
package/src/providers/mattermost.ts +2 -0
package/src/providers/medium.ts +2 -0
package/src/providers/microsoft-entra-id.ts +2 -0
package/src/providers/naver.ts +2 -0
package/src/providers/netlify.ts +2 -0
package/src/providers/netsuite.ts +2 -0
package/src/providers/nextcloud.ts +2 -0
package/src/providers/nodemailer.ts +2 -0
package/src/providers/notion.ts +2 -0
package/src/providers/okta.ts +2 -0
package/src/providers/onelogin.ts +2 -0
package/src/providers/ory-hydra.ts +2 -0
package/src/providers/osso.ts +2 -0
package/src/providers/osu.ts +2 -0
package/src/providers/passage.ts +2 -0
package/src/providers/passkey.ts +2 -0
package/src/providers/patreon.ts +2 -0
package/src/providers/ping-id.ts +2 -0
package/src/providers/pinterest.ts +2 -0
package/src/providers/pipedrive.ts +2 -0
package/src/providers/postmark.ts +2 -0
package/src/providers/reddit.ts +2 -0
package/src/providers/resend.ts +2 -0
package/src/providers/roblox.ts +2 -0
package/src/providers/salesforce.ts +2 -0
package/src/providers/sendgrid.ts +2 -0
package/src/providers/simplelogin.ts +2 -0
package/src/providers/slack.ts +2 -0
package/src/providers/spotify.ts +2 -0
package/src/providers/strava.ts +2 -0
package/src/providers/threads.ts +2 -0
package/src/providers/tiktok.ts +2 -0
package/src/providers/todoist.ts +2 -0
package/src/providers/trakt.ts +2 -0
package/src/providers/twitch.ts +2 -0
package/src/providers/twitter.ts +2 -0
package/src/providers/united-effects.ts +2 -0
package/src/providers/vipps.ts +2 -0
package/src/providers/vk.ts +2 -0
package/src/providers/webauthn.ts +2 -0
package/src/providers/webex.ts +2 -0
package/src/providers/wechat.ts +2 -0
package/src/providers/wikimedia.ts +2 -0
package/src/providers/wordpress.ts +2 -0
package/src/providers/workos.ts +2 -0
package/src/providers/yandex.ts +2 -0
package/src/providers/zitadel.ts +2 -0
package/src/providers/zoho.ts +2 -0
package/src/providers/zoom.ts +2 -0
package/src/react.tsx +546 -0
package/src/webauthn.ts +152 -0
package/webauthn.d.ts +9 -0
package/webauthn.d.ts.map +1 -0
package/webauthn.js +92 -0
package/dist/actions-CMtg7FGv.js +0 -1
package/dist/actions-CjQUKaXF.mjs +0 -200
package/dist/client/index.js +0 -1
package/dist/client/index.mjs +0 -484
package/dist/components/AccountPicker.d.ts +0 -11
package/dist/components/OAuthButton.d.ts +0 -11
package/dist/components/PassKeyButton.d.ts +0 -11
package/dist/components/PassKeyRegister.d.ts +0 -10
package/dist/components/TwoFactorSetup.d.ts +0 -8
package/dist/components/TwoFactorVerify.d.ts +0 -9
package/dist/core/account-picker/encryption.d.ts +0 -22
package/dist/core/account-picker/index.d.ts +0 -22
package/dist/core/auth/email-password.d.ts +0 -145
package/dist/core/auth/oauth/index.d.ts +0 -14
package/dist/core/auth/oauth/oauth-handler.d.ts +0 -172
package/dist/core/auth/oauth/pkce.d.ts +0 -168
package/dist/core/auth/oauth/providers.d.ts +0 -198
package/dist/core/auth/oauth/state-store-cookie.d.ts +0 -83
package/dist/core/auth/oauth/state-store-redis.d.ts +0 -25
package/dist/core/auth/oauth/state-store.d.ts +0 -48
package/dist/core/auth/otp.d.ts +0 -184
package/dist/core/auth/passkey.d.ts +0 -35
package/dist/core/auth/password.d.ts +0 -22
package/dist/core/auth/signin-unified.d.ts +0 -33
package/dist/core/auth/two-factor.d.ts +0 -28
package/dist/core/client/index.d.ts +0 -132
package/dist/core/client/token-refresh-manager.d.ts +0 -48
package/dist/core/errors/index.d.ts +0 -269
package/dist/core/index.d.ts +0 -9
package/dist/core/logger/index.d.ts +0 -147
package/dist/core/mulguard/auth-handlers.d.ts +0 -100
package/dist/core/mulguard/defaults.d.ts +0 -58
package/dist/core/mulguard/index.d.ts +0 -9
package/dist/core/mulguard/integration.d.ts +0 -104
package/dist/core/mulguard/oauth-handler.d.ts +0 -93
package/dist/core/mulguard/session-manager.d.ts +0 -94
package/dist/core/security/csrf.d.ts +0 -46
package/dist/core/security/headers.d.ts +0 -24
package/dist/core/security/index.d.ts +0 -132
package/dist/core/security/rate-limit.d.ts +0 -39
package/dist/core/security/security-manager.d.ts +0 -236
package/dist/core/security/validation.d.ts +0 -251
package/dist/core/security/xss.d.ts +0 -20
package/dist/core/session/index.d.ts +0 -35
package/dist/core/session/session-manager.d.ts +0 -235
package/dist/core/types/auth.d.ts +0 -290
package/dist/core/types/errors.d.ts +0 -200
package/dist/core/types/index.d.ts +0 -484
package/dist/core/utils/auth-helpers.d.ts +0 -136
package/dist/core/utils/logger.d.ts +0 -121
package/dist/index/index.js +0 -1
package/dist/index/index.mjs +0 -2736
package/dist/index.d.ts +0 -18
package/dist/mulguard.d.ts +0 -373
package/dist/nextjs/client/hooks.d.ts +0 -122
package/dist/nextjs/client/index.d.ts +0 -13
package/dist/nextjs/client/provider.d.ts +0 -69
package/dist/nextjs/client/server-actions-helper.d.ts +0 -22
package/dist/nextjs/handlers/api.d.ts +0 -10
package/dist/nextjs/handlers/index.d.ts +0 -9
package/dist/nextjs/handlers/route.d.ts +0 -76
package/dist/nextjs/index.d.ts +0 -15
package/dist/nextjs/proxy/index.d.ts +0 -149
package/dist/nextjs/proxy/security.d.ts +0 -9
package/dist/nextjs/server/actions.d.ts +0 -30
package/dist/nextjs/server/auth.d.ts +0 -65
package/dist/nextjs/server/cookies.d.ts +0 -41
package/dist/nextjs/server/index.d.ts +0 -18
package/dist/nextjs/server/oauth-state.d.ts +0 -32
package/dist/nextjs/server/session-helpers.d.ts +0 -24
package/dist/nextjs/server/session.d.ts +0 -144
package/dist/oauth-state-Drwz6fES.js +0 -1
package/dist/oauth-state-pdypStuS.mjs +0 -210
package/dist/server/index.js +0 -1
package/dist/server/index.mjs +0 -29

package/dist/core/auth/oauth/state-store-cookie.d.ts DELETED Viewed

@@ -1,83 +0,0 @@
-import { OAuthStateStore } from './state-store';
-/**
- * Cookie options interface
- */
-export interface OAuthCookieOptions {
-    httpOnly?: boolean;
-    secure?: boolean;
-    sameSite?: 'strict' | 'lax' | 'none';
-    maxAge?: number;
-    path?: string;
-    domain?: string;
-}
-/**
- * Cookie handler interface for framework-agnostic cookie operations
- */
-export interface CookieHandler {
-    /**
-     * Get cookie value by name
-     */
-    getCookie(name: string): Promise<string | null> | string | null;
-    /**
-     * Set cookie with options
-     */
-    setCookie(name: string, value: string, options: OAuthCookieOptions): Promise<void> | void;
-    /**
-     * Delete cookie
-     */
-    deleteCookie(name: string, options?: {
-        path?: string;
-    }): Promise<void> | void;
-}
-/**
- * Configuration for cookie-based OAuth state store
- */
-export interface CookieOAuthStateStoreConfig {
-    /**
-     * Cookie handler implementation
-     */
-    cookieHandler: CookieHandler;
-    /**
-     * Cookie name (default: '__mulguard_oauth_state')
-     */
-    cookieName?: string;
-    /**
-     * TTL in milliseconds (default: 10 minutes)
-     */
-    ttl?: number;
-    /**
-     * Whether to use secure cookies (default: true in production)
-     */
-    secure?: boolean;
-    /**
-     * SameSite cookie attribute (default: 'strict')
-     */
-    sameSite?: 'strict' | 'lax' | 'none';
-}
-/**
- * Creates a cookie-based OAuth state store.
- *
- * ✅ SECURE: Uses httpOnly cookies to prevent XSS attacks
- * ✅ FRAMEWORK-AGNOSTIC: Works with any framework via cookie handler
- * ⚠️ LIMITATION: Not suitable for production with multiple server instances (use Redis instead)
- *
- * @param config - Cookie store configuration
- * @returns OAuth state store implementation
- */
-export declare function createCookieOAuthStateStore(config: CookieOAuthStateStoreConfig): OAuthStateStore;
-/**
- * Creates a Next.js-specific cookie-based OAuth state store.
- *
- * Convenience function for Next.js applications.
- *
- * @example
- * ```typescript
- * import { createNextJsCookieOAuthStateStore } from 'mulguard/core/auth/oauth/state-store-cookie'
- *
- * export const auth = mulguard({
- *   oauthStateStore: createNextJsCookieOAuthStateStore(),
- *   // ... rest of config
- * })
- * ```
- */
-export declare function createNextJsCookieOAuthStateStore(): OAuthStateStore;

package/dist/core/auth/oauth/state-store-redis.d.ts DELETED Viewed

@@ -1,25 +0,0 @@
-import { OAuthStateStore } from './state-store';
-/**
- * Redis client interface (compatible with ioredis and node-redis)
- */
-export interface RedisClient {
-    set(key: string, value: string, mode?: string, duration?: number): Promise<string | null>;
-    get(key: string): Promise<string | null>;
-    del(key: string): Promise<number>;
-    keys(pattern: string): Promise<string[]>;
-}
-/**
- * Creates a Redis-based OAuth state store.
- *
- * @param redis - Redis client instance (ioredis or node-redis)
- * @param keyPrefix - Key prefix for state keys (default: 'mulguard:oauth:state:')
- * @returns OAuth state store implementation
- *
- * @example
- * ```typescript
- * import Redis from 'ioredis'
- * const redis = new Redis(process.env.REDIS_URL)
- * const stateStore = createRedisOAuthStateStore(redis)
- * ```
- */
-export declare function createRedisOAuthStateStore(redis: RedisClient, keyPrefix?: string): OAuthStateStore;

package/dist/core/auth/oauth/state-store.d.ts DELETED Viewed

@@ -1,48 +0,0 @@
-/**
- * OAuth State Store Interface
- * Allows pluggable state storage for OAuth CSRF protection
- *
- * Default implementation uses in-memory Map (for development)
- * Production should use Redis, database, or other persistent store
- *
- * @module @mulguard/core/auth/oauth/state-store
- */
-export interface OAuthState {
-    provider: string;
-    expiresAt: number;
-}
-export interface OAuthStateStore {
-    /**
-     * Store OAuth state with TTL
-     */
-    set(state: string, data: OAuthState, ttl: number): Promise<void> | void;
-    /**
-     * Get OAuth state
-     */
-    get(state: string): Promise<OAuthState | null> | OAuthState | null;
-    /**
-     * Delete OAuth state
-     */
-    delete(state: string): Promise<void> | void;
-    /**
-     * Cleanup expired states (optional, for periodic cleanup)
-     */
-    cleanup?(): Promise<void> | void;
-}
-/**
- * In-memory OAuth state store (default, for development)
- * ⚠️ Not suitable for production with multiple server instances
- */
-export declare class MemoryOAuthStateStore implements OAuthStateStore {
-    private states;
-    set(state: string, data: OAuthState, _ttl: number): void;
-    get(state: string): OAuthState | null;
-    delete(state: string): void;
-    cleanup(): void;
-}
-/**
- * Create default in-memory OAuth state store
- */
-export declare function createMemoryOAuthStateStore(): OAuthStateStore;
-export { createCookieOAuthStateStore, createNextJsCookieOAuthStateStore, type CookieHandler, type CookieOAuthStateStoreConfig, } from './state-store-cookie';
-export { createRedisOAuthStateStore, type RedisClient, } from './state-store-redis';

package/dist/core/auth/otp.d.ts DELETED Viewed

@@ -1,184 +0,0 @@
-import { AuthResult, User, Session } from '../types';
-import { SecurityManager } from '../security/security-manager';
-import { Logger } from '../logger';
-/**
- * OTP provider type.
- */
-export type OTPProvider = 'email' | 'sms';
-/**
- * OTP configuration.
- */
-export interface OTPConfig {
-    readonly length?: number;
-    readonly expiresIn?: number;
-    readonly provider?: OTPProvider;
-    readonly security?: SecurityManager;
-    readonly logger?: Logger;
-}
-/**
- * OTP storage adapter interface.
- */
-export interface OTPStorageAdapter {
-    /**
-     * Stores an OTP code.
-     *
-     * @param email - User email
-     * @param code - OTP code
-     * @param expiresIn - Expiration time in seconds
-     */
-    set(email: string, code: string, expiresIn: number): Promise<void>;
-    /**
-     * Gets an OTP code.
-     *
-     * @param email - User email
-     * @returns OTP code or null if not found/expired
-     */
-    get(email: string): Promise<string | null>;
-    /**
-     * Deletes an OTP code.
-     *
-     * @param email - User email
-     */
-    delete(email: string): Promise<void>;
-}
-/**
- * In-memory OTP storage adapter.
- */
-export declare class MemoryOTPStorage implements OTPStorageAdapter {
-    private readonly storage;
-    set(email: string, code: string, expiresIn: number): Promise<void>;
-    get(email: string): Promise<string | null>;
-    delete(email: string): Promise<void>;
-}
-/**
- * OTP authentication handler.
- *
- * Provides secure OTP generation, validation, and authentication.
- *
- * @example
- * ```typescript
- * const handler = new OTPAuth({
- *   length: 6,
- *   expiresIn: 600, // 10 minutes
- *   provider: 'email',
- * })
- *
- * // Generate OTP
- * const code = await handler.generateOTP('user@example.com')
- *
- * // Verify OTP
- * const result = await handler.verifyOTP('user@example.com', code, userLookup, createSession)
- * ```
- */
-export declare class OTPAuth {
-    private readonly config;
-    private readonly storage;
-    private readonly security;
-    constructor(config?: OTPConfig, storage?: OTPStorageAdapter);
-    /**
-     * Generates an OTP code for a user.
-     *
-     * @param email - User email
-     * @returns Generated OTP code
-     *
-     * @example
-     * ```typescript
-     * const code = await handler.generateOTP('user@example.com')
-     * // Send code via email/SMS
-     * ```
-     */
-    generateOTP(email: string): Promise<string>;
-    /**
-     * Verifies an OTP code and authenticates the user.
-     *
-     * @template TUser - User type
-     * @template TSession - Session type
-     * @param email - User email
-     * @param code - OTP code to verify
-     * @param userLookup - Function to lookup user by email
-     * @param createSession - Function to create session (optional)
-     * @returns Authentication result
-     *
-     * @example
-     * ```typescript
-     * const result = await handler.verifyOTP(
-     *   'user@example.com',
-     *   '123456',
-     *   async (email) => await db.user.findUnique({ where: { email } })
-     * )
-     * ```
-     */
-    verifyOTP<TUser extends User = User, TSession extends Session<TUser> = Session<TUser>>(email: string, code: string, userLookup: (email: string) => Promise<TUser | null>, createSession?: (user: TUser) => Promise<TSession>): Promise<AuthResult<TUser, TSession>>;
-    /**
-     * Generates a numeric OTP code.
-     *
-     * @param length - Code length
-     * @returns Numeric code string
-     */
-    private generateNumericCode;
-    /**
-     * Constant-time string comparison to prevent timing attacks.
-     *
-     * @param a - First string
-     * @param b - Second string
-     * @returns True if strings match
-     */
-    private constantTimeCompare;
-}
-/**
- * Creates an OTP authentication handler.
- *
- * @param config - OTP configuration
- * @param storage - OTP storage adapter (optional)
- * @returns OTP authentication handler
- *
- * @example
- * ```typescript
- * const handler = createOTPAuth({
- *   length: 6,
- *   expiresIn: 600,
- *   provider: 'email',
- * })
- * ```
- */
-export declare function createOTPAuth(config?: OTPConfig, storage?: OTPStorageAdapter): OTPAuth;
-/**
- * TODO: Performance
- * - [ ] Add OTP generation caching
- * - [ ] Optimize storage lookups
- * - [ ] Implement async code generation
- *
- * TODO: Features
- * - [ ] Add SMS provider support
- * - [ ] Implement OTP resend functionality
- * - [ ] Add OTP rate limiting
- * - [ ] Create OTP delivery tracking
- * - [ ] Add OTP code hints (for testing)
- *
- * TODO: Security
- * - [ ] Add OTP brute force protection
- * - [ ] Implement OTP code rotation
- * - [ ] Add OTP delivery verification
- * - [ ] Create security event logging
- *
- * TODO: Type Safety
- * - [ ] Add branded types for OTP codes
- * - [ ] Create type-safe OTP storage
- * - [ ] Implement compile-time validation
- *
- * TODO: Testing
- * - [ ] Add comprehensive unit tests
- * - [ ] Test OTP expiration
- * - [ ] Test constant-time comparison
- * - [ ] Add storage adapter tests
- *
- * TODO: Documentation
- * - [ ] Document OTP flow
- * - [ ] Add provider setup guide
- * - [ ] Create security best practices guide
- *
- * TODO: Limitations
- * - [ ] OTP storage is in-memory (consider Redis for production)
- * - [ ] Code generation uses Math.random (consider crypto.randomInt)
- * - [ ] No SMS provider implementation yet
- */

package/dist/core/auth/passkey.d.ts DELETED Viewed

@@ -1,35 +0,0 @@
-import { ApiClient, AuthResult } from '../types';
-export interface PassKeyCredential {
-    id: string;
-    name: string;
-    createdAt: Date;
-    lastUsedAt?: Date;
-}
-export interface PassKeyRegisterOptions {
-    name?: string;
-    userId?: string;
-}
-export interface PassKeyAuthOptions {
-    userId?: string;
-}
-export interface PassKeyMethods {
-    register(options?: PassKeyRegisterOptions): Promise<{
-        success: boolean;
-        passkeyId?: string;
-        error?: string;
-    }>;
-    authenticate(options?: PassKeyAuthOptions): Promise<AuthResult>;
-    list(): Promise<PassKeyCredential[]>;
-    remove(passKeyId: string): Promise<{
-        success: boolean;
-        error?: string;
-    }>;
-}
-/**
- * Check if WebAuthn is supported
- */
-export declare function isWebAuthnSupported(): boolean;
-/**
- * Create PassKey methods
- */
-export declare function createPassKeyMethods(client: ApiClient): PassKeyMethods;

package/dist/core/auth/password.d.ts DELETED Viewed

@@ -1,22 +0,0 @@
-/**
- * Password validation and utilities
- */
-/**
- * Validate password strength
- */
-export interface PasswordValidationResult {
-    valid: boolean;
-    errors: string[];
-    strength: 'weak' | 'medium' | 'strong';
-}
-export interface PasswordPolicy {
-    minLength?: number;
-    requireUppercase?: boolean;
-    requireLowercase?: boolean;
-    requireNumbers?: boolean;
-    requireSpecialChars?: boolean;
-}
-/**
- * Validate password against policy
- */
-export declare function validatePassword(password: string, policy?: PasswordPolicy): PasswordValidationResult;

package/dist/core/auth/signin-unified.d.ts DELETED Viewed

@@ -1,33 +0,0 @@
-import { MulguardInstance } from '../../mulguard';
-import { EmailCredentials, AuthResult } from '../types';
-/**
- * Unified sign in function - delegates to auth.signIn unified logic
- *
- * @example
- * ```typescript
- * // OAuth providers
- * await signIn(auth, 'google')
- * await signIn(auth, 'github')
- *
- * // Credentials
- * await signIn(auth, 'credentials', { email: 'user@example.com', password: 'password' })
- *
- * // OTP
- * await signIn(auth, 'otp', { email: 'user@example.com', code: '123456' })
- *
- * // Passkey
- * await signIn(auth, 'passkey', { userId: 'user-id' })
- * ```
- */
-export declare function signIn(auth: MulguardInstance, provider: 'google' | 'github' | 'apple' | 'facebook' | string): Promise<{
-    url: string;
-    state: string;
-}>;
-export declare function signIn(auth: MulguardInstance, provider: 'credentials', credentials: EmailCredentials): Promise<AuthResult>;
-export declare function signIn(auth: MulguardInstance, provider: 'otp', options: {
-    email: string;
-    code?: string;
-}): Promise<AuthResult>;
-export declare function signIn(auth: MulguardInstance, provider: 'passkey', options?: {
-    userId?: string;
-}): Promise<AuthResult>;

package/dist/core/auth/two-factor.d.ts DELETED Viewed

@@ -1,28 +0,0 @@
-import { ApiClient } from '../types';
-export interface TwoFactorMethods {
-    enable(): Promise<{
-        success: boolean;
-        qrCode?: string;
-        secret?: string;
-        error?: string;
-    }>;
-    verify(code: string): Promise<{
-        success: boolean;
-        backupCodes?: string[];
-        error?: string;
-    }>;
-    disable(): Promise<{
-        success: boolean;
-        error?: string;
-    }>;
-    generateBackupCodes(): Promise<{
-        success: boolean;
-        backupCodes?: string[];
-        error?: string;
-    }>;
-    isEnabled(): Promise<boolean>;
-}
-/**
- * Create 2FA methods
- */
-export declare function createTwoFactorMethods(client: ApiClient): TwoFactorMethods;

package/dist/core/client/index.d.ts DELETED Viewed

@@ -1,132 +0,0 @@
-/**
- * HTTP Client for making requests to backend API
- * Enhanced with timeout enforcement, retry logic, and interceptors
- */
-export interface HttpClientConfig {
-    baseURL: string;
-    apiPrefix: string;
-    timeout?: number;
-    headers?: Record<string, string>;
-    retry?: RetryConfig;
-    interceptors?: InterceptorsConfig;
-    /** Token refresh manager for automatic token refresh on 401 errors */
-    tokenRefreshManager?: import('./token-refresh-manager').TokenRefreshManager;
-}
-export interface RetryConfig {
-    /** Maximum number of retry attempts (default: 3) */
-    maxAttempts?: number;
-    /** Delay between retries in milliseconds (default: 1000) */
-    retryDelay?: number;
-    /** Exponential backoff multiplier (default: 2) */
-    backoffMultiplier?: number;
-    /** HTTP status codes that should trigger retry (default: [408, 429, 500, 502, 503, 504]) */
-    retryableStatusCodes?: number[];
-    /** Whether to retry on network errors (default: true) */
-    retryOnNetworkError?: boolean;
-}
-export interface InterceptorsConfig {
-    /** Request interceptor - called before sending request */
-    onRequest?: (config: RequestConfig) => Promise<RequestConfig> | RequestConfig;
-    /** Response interceptor - called after receiving response */
-    onResponse?: <T>(response: HttpResponse<T>) => Promise<HttpResponse<T>> | HttpResponse<T>;
-    /** Error interceptor - called on error */
-    onError?: (error: ApiError) => Promise<ApiError> | ApiError;
-}
-export interface RequestConfig {
-    url: string;
-    method: string;
-    headers: Record<string, string>;
-    body?: unknown;
-    credentials?: 'include' | 'omit' | 'same-origin';
-}
-interface InternalRequestOptions {
-    method?: 'GET' | 'POST' | 'PUT' | 'DELETE' | 'PATCH';
-    headers?: Record<string, string>;
-    body?: unknown;
-    credentials?: 'include' | 'omit' | 'same-origin';
-    skipRetry?: boolean;
-    skipInterceptors?: boolean;
-    skipTokenRefresh?: boolean;
-}
-export interface HttpResponse<T = unknown> {
-    data: T;
-    status: number;
-    statusText: string;
-    headers: Headers;
-}
-export declare class HttpClient {
-    private config;
-    private pendingRequests;
-    constructor(config: HttpClientConfig);
-    /**
-     * Make HTTP request with timeout, retry, and interceptors
-     */
-    request<T = unknown>(path: string, options?: InternalRequestOptions): Promise<HttpResponse<T>>;
-    /**
-     * Execute HTTP request with retry logic
-     */
-    private executeRequest;
-    /**
-     * Check if request should be retried
-     */
-    private shouldRetry;
-    /**
-     * Calculate retry delay with exponential backoff
-     */
-    private calculateRetryDelay;
-    /**
-     * Sleep utility for retry delays
-     */
-    private sleep;
-    /**
-     * Build RequestInit from RequestConfig
-     */
-    private buildRequestInitFromConfig;
-    /**
-     * GET request
-     */
-    get<T = unknown>(path: string, options?: Omit<InternalRequestOptions, 'method' | 'body'>): Promise<HttpResponse<T>>;
-    /**
-     * POST request
-     */
-    post<T = unknown>(path: string, body?: unknown, options?: Omit<InternalRequestOptions, 'method'>): Promise<HttpResponse<T>>;
-    /**
-     * PUT request
-     */
-    put<T = unknown>(path: string, body?: unknown, options?: Omit<InternalRequestOptions, 'method'>): Promise<HttpResponse<T>>;
-    /**
-     * DELETE request
-     */
-    delete<T = unknown>(path: string, options?: Omit<InternalRequestOptions, 'method' | 'body'>): Promise<HttpResponse<T>>;
-    /**
-     * Build full URL
-     */
-    private buildUrl;
-    /**
-     * Parse response
-     */
-    private parseResponse;
-    /**
-     * Handle error response
-     */
-    private handleErrorResponse;
-}
-/**
- * API Error class with enhanced error information
- */
-export declare class ApiError extends Error {
-    code: string;
-    statusCode: number;
-    originalError?: Error;
-    retryable?: boolean;
-    constructor(message: string, code?: string, statusCode?: number, originalError?: Error, retryable?: boolean);
-    /**
-     * Check if error is retryable
-     */
-    isRetryable(): boolean;
-    /**
-     * Get user-friendly error message
-     */
-    getUserMessage(): string;
-}
-export {};

package/dist/core/client/token-refresh-manager.d.ts DELETED Viewed

@@ -1,48 +0,0 @@
-import { Session } from '../types';
-export interface TokenRefreshConfig {
-    /** Enable/disable automatic token refresh */
-    enabled?: boolean;
-    /** Time before token expiration to refresh (in seconds) */
-    refreshThreshold?: number;
-    /** Maximum number of refresh retries on failure */
-    maxRetries?: number;
-    /** Delay between retries (milliseconds) */
-    retryDelay?: number;
-    /** Maximum refresh requests per minute */
-    rateLimit?: number;
-    /** Enable/disable auto sign-out on refresh failure */
-    autoSignOutOnFailure?: boolean;
-    /** Login page URL for redirect on failure */
-    redirectToLogin?: string;
-    /** Enable/disable auto redirect on failure */
-    autoRedirectOnFailure?: boolean;
-    /** Callback on successful token refresh */
-    onTokenRefreshed?: (session: Session) => void | Promise<void>;
-    /** Callback on token refresh failure (before sign-out) */
-    onTokenRefreshFailed?: (error: Error) => void | Promise<void>;
-    /** Callback before redirect (can return false to cancel redirect) */
-    onBeforeRedirect?: (error: Error) => boolean | Promise<boolean>;
-}
-export interface TokenRefreshManager {
-    /** Refresh token with single refresh queue */
-    refreshToken(): Promise<Session | null>;
-    /** Check if refresh is in progress */
-    isRefreshing(): boolean;
-    /** Wait for current refresh to complete */
-    waitForRefresh(): Promise<Session | null>;
-    /** Clear state (on sign-out) */
-    clear(): void;
-    /** Handle token refresh failure */
-    handleRefreshFailure(error: Error): Promise<void>;
-}
-type RefreshFunction = () => Promise<Session | null>;
-type SignOutFunction = () => Promise<{
-    success: boolean;
-    error?: string;
-}>;
-type ClearSessionFunction = () => Promise<void>;
-/**
- * Create Token Refresh Manager
- */
-export declare function createTokenRefreshManager(refreshFn: RefreshFunction, signOutFn: SignOutFunction, clearSessionFn: ClearSessionFunction, config?: TokenRefreshConfig): TokenRefreshManager;
-export {};