Auto-commit 2026-04-29 16:31

node_modules/next-auth/core/lib/assert.d.ts

@@ -0,0 +1,17 @@
+import { MissingAdapter, MissingAPIRoute, MissingAuthorize, MissingSecret, UnsupportedStrategy } from "../errors";
+import type { RequestInternal } from "..";
+import type { WarningCode } from "../../utils/logger";
+import type { AuthOptions } from "../types";
+declare type ConfigError = MissingAPIRoute | MissingSecret | UnsupportedStrategy | MissingAuthorize | MissingAdapter;
+/**
+ * Verify that the user configured `next-auth` correctly.
+ * Good place to mention deprecations as well.
+ *
+ * REVIEW: Make some of these and corresponding docs less Next.js specific?
+ */
+export declare function assertConfig(params: {
+    options: AuthOptions;
+    req: RequestInternal;
+}): ConfigError | WarningCode[];
+export {};
+//# sourceMappingURL=assert.d.ts.map

node_modules/next-auth/core/lib/assert.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"assert.d.ts","sourceRoot":"","sources":["../../src/core/lib/assert.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,cAAc,EACd,eAAe,EACf,gBAAgB,EAChB,aAAa,EACb,mBAAmB,EAGpB,MAAM,WAAW,CAAA;AAIlB,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,IAAI,CAAA;AACzC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,UAAU,CAAA;AAE3C,aAAK,WAAW,GACZ,eAAe,GACf,aAAa,GACb,mBAAmB,GACnB,gBAAgB,GAChB,cAAc,CAAA;AAclB;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,MAAM,EAAE;IACnC,OAAO,EAAE,WAAW,CAAA;IACpB,GAAG,EAAE,eAAe,CAAA;CACrB,GAAG,WAAW,GAAG,WAAW,EAAE,CAwG9B"}

node_modules/next-auth/core/lib/assert.js

@@ -0,0 +1,83 @@
+"use strict";
+
+var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.assertConfig = assertConfig;
+var _errors = require("../errors");
+var _parseUrl = _interopRequireDefault(require("../../utils/parse-url"));
+var _cookie = require("./cookie");
+let warned = false;
+function isValidHttpUrl(url, baseUrl) {
+  try {
+    return /^https?:/.test(new URL(url, url.startsWith("/") ? baseUrl : undefined).protocol);
+  } catch (_unused) {
+    return false;
+  }
+}
+function assertConfig(params) {
+  var _req$query, _req$query2, _options$useSecureCoo, _req$cookies, _options$cookies$call, _options$cookies;
+  const {
+    options,
+    req
+  } = params;
+  const warnings = [];
+  if (!warned) {
+    if (!req.origin) warnings.push("NEXTAUTH_URL");
+    if (!options.secret && process.env.NODE_ENV !== "production") warnings.push("NO_SECRET");
+    if (options.debug) warnings.push("DEBUG_ENABLED");
+  }
+  if (!options.secret && process.env.NODE_ENV === "production") {
+    return new _errors.MissingSecret("Please define a `secret` in production.");
+  }
+  if (!((_req$query = req.query) !== null && _req$query !== void 0 && _req$query.nextauth) && !req.action) {
+    return new _errors.MissingAPIRoute("Cannot find [...nextauth].{js,ts} in `/pages/api/auth`. Make sure the filename is written correctly.");
+  }
+  const callbackUrlParam = (_req$query2 = req.query) === null || _req$query2 === void 0 ? void 0 : _req$query2.callbackUrl;
+  const url = (0, _parseUrl.default)(req.origin);
+  if (callbackUrlParam && !isValidHttpUrl(callbackUrlParam, url.base)) {
+    return new _errors.InvalidCallbackUrl(`Invalid callback URL. Received: ${callbackUrlParam}`);
+  }
+  const {
+    callbackUrl: defaultCallbackUrl
+  } = (0, _cookie.defaultCookies)((_options$useSecureCoo = options.useSecureCookies) !== null && _options$useSecureCoo !== void 0 ? _options$useSecureCoo : url.base.startsWith("https://"));
+  const callbackUrlCookie = (_req$cookies = req.cookies) === null || _req$cookies === void 0 ? void 0 : _req$cookies[(_options$cookies$call = (_options$cookies = options.cookies) === null || _options$cookies === void 0 || (_options$cookies = _options$cookies.callbackUrl) === null || _options$cookies === void 0 ? void 0 : _options$cookies.name) !== null && _options$cookies$call !== void 0 ? _options$cookies$call : defaultCallbackUrl.name];
+  if (callbackUrlCookie && !isValidHttpUrl(callbackUrlCookie, url.base)) {
+    return new _errors.InvalidCallbackUrl(`Invalid callback URL. Received: ${callbackUrlCookie}`);
+  }
+  let hasCredentials, hasEmail;
+  let hasTwitterOAuth2;
+  for (const provider of options.providers) {
+    if (provider.type === "credentials") hasCredentials = true;else if (provider.type === "email") hasEmail = true;else if (provider.id === "twitter" && provider.version === "2.0") hasTwitterOAuth2 = true;
+  }
+  if (hasCredentials) {
+    var _options$session;
+    const dbStrategy = ((_options$session = options.session) === null || _options$session === void 0 ? void 0 : _options$session.strategy) === "database";
+    const onlyCredentials = !options.providers.some(p => p.type !== "credentials");
+    if (dbStrategy && onlyCredentials) {
+      return new _errors.UnsupportedStrategy("Signin in with credentials only supported if JWT strategy is enabled");
+    }
+    const credentialsNoAuthorize = options.providers.some(p => p.type === "credentials" && !p.authorize);
+    if (credentialsNoAuthorize) {
+      return new _errors.MissingAuthorize("Must define an authorize() handler to use credentials authentication provider");
+    }
+  }
+  if (hasEmail) {
+    const {
+      adapter
+    } = options;
+    if (!adapter) {
+      return new _errors.MissingAdapter("E-mail login requires an adapter.");
+    }
+    const missingMethods = ["createVerificationToken", "useVerificationToken", "getUserByEmail"].filter(method => !adapter[method]);
+    if (missingMethods.length) {
+      return new _errors.MissingAdapterMethods(`Required adapter methods were missing: ${missingMethods.join(", ")}`);
+    }
+  }
+  if (!warned) {
+    if (hasTwitterOAuth2) warnings.push("TWITTER_OAUTH_2_BETA");
+    warned = true;
+  }
+  return warnings;
+}

node_modules/next-auth/core/lib/callback-handler.d.ts

@@ -0,0 +1,36 @@
+import type { InternalOptions } from "../types";
+import type { AdapterSession, AdapterUser } from "../../adapters";
+import type { JWT } from "../../jwt";
+import type { Account, User } from "../..";
+import type { SessionToken } from "./cookie";
+/**
+ * This function handles the complex flow of signing users in, and either creating,
+ * linking (or not linking) accounts depending on if the user is currently logged
+ * in, if they have account already and the authentication mechanism they are using.
+ *
+ * It prevents insecure behaviour, such as linking OAuth accounts unless a user is
+ * signed in and authenticated with an existing valid account.
+ *
+ * All verification (e.g. OAuth flows or email address verificaiton flows) are
+ * done prior to this handler being called to avoid additonal complexity in this
+ * handler.
+ */
+export default function callbackHandler(params: {
+    sessionToken?: SessionToken;
+    profile: User | AdapterUser | {
+        email: string;
+    };
+    account: Account | null;
+    options: InternalOptions;
+}): Promise<{
+    user: User;
+    account: Account;
+    session?: undefined;
+    isNewUser?: undefined;
+} | {
+    session: JWT | AdapterSession | null;
+    user: AdapterUser;
+    isNewUser: boolean;
+    account?: undefined;
+}>;
+//# sourceMappingURL=callback-handler.d.ts.map

node_modules/next-auth/core/lib/callback-handler.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"callback-handler.d.ts","sourceRoot":"","sources":["../../src/core/lib/callback-handler.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,UAAU,CAAA;AAC/C,OAAO,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AACjE,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,WAAW,CAAA;AACpC,OAAO,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,OAAO,CAAA;AAC1C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,UAAU,CAAA;AAG5C;;;;;;;;;;;GAWG;AACH,wBAA8B,eAAe,CAAC,MAAM,EAAE;IACpD,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,OAAO,EAAE,IAAI,GAAG,WAAW,GAAG;QAAE,KAAK,EAAE,MAAM,CAAA;KAAE,CAAA;IAC/C,OAAO,EAAE,OAAO,GAAG,IAAI,CAAA;IACvB,OAAO,EAAE,eAAe,CAAA;CACzB;;;;;;;;;;GA6MA"}

node_modules/next-auth/core/lib/callback-handler.js

@@ -0,0 +1,195 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.default = callbackHandler;
+var _errors = require("../errors");
+var _utils = require("./utils");
+async function callbackHandler(params) {
+  const {
+    sessionToken,
+    profile: _profile,
+    account,
+    options
+  } = params;
+  if (!(account !== null && account !== void 0 && account.providerAccountId) || !account.type) throw new Error("Missing or invalid provider account");
+  if (!["email", "oauth"].includes(account.type)) throw new Error("Provider not supported");
+  const {
+    adapter,
+    jwt,
+    events,
+    session: {
+      strategy: sessionStrategy,
+      generateSessionToken
+    }
+  } = options;
+  if (!adapter) {
+    return {
+      user: _profile,
+      account
+    };
+  }
+  const profile = _profile;
+  const {
+    createUser,
+    updateUser,
+    getUser,
+    getUserByAccount,
+    getUserByEmail,
+    linkAccount,
+    createSession,
+    getSessionAndUser,
+    deleteSession
+  } = adapter;
+  let session = null;
+  let user = null;
+  let isNewUser = false;
+  const useJwtSession = sessionStrategy === "jwt";
+  if (sessionToken) {
+    if (useJwtSession) {
+      try {
+        session = await jwt.decode({
+          ...jwt,
+          token: sessionToken
+        });
+        if (session && "sub" in session && session.sub) {
+          user = await getUser(session.sub);
+        }
+      } catch (_unused) {}
+    } else {
+      const userAndSession = await getSessionAndUser(sessionToken);
+      if (userAndSession) {
+        session = userAndSession.session;
+        user = userAndSession.user;
+      }
+    }
+  }
+  if (account.type === "email") {
+    const userByEmail = await getUserByEmail(profile.email);
+    if (userByEmail) {
+      var _user, _events$updateUser;
+      if (((_user = user) === null || _user === void 0 ? void 0 : _user.id) !== userByEmail.id && !useJwtSession && sessionToken) {
+        await deleteSession(sessionToken);
+      }
+      user = await updateUser({
+        id: userByEmail.id,
+        emailVerified: new Date()
+      });
+      await ((_events$updateUser = events.updateUser) === null || _events$updateUser === void 0 ? void 0 : _events$updateUser.call(events, {
+        user
+      }));
+    } else {
+      var _events$createUser;
+      const {
+        id: _,
+        ...newUser
+      } = {
+        ...profile,
+        emailVerified: new Date()
+      };
+      user = await createUser(newUser);
+      await ((_events$createUser = events.createUser) === null || _events$createUser === void 0 ? void 0 : _events$createUser.call(events, {
+        user
+      }));
+      isNewUser = true;
+    }
+    session = useJwtSession ? {} : await createSession({
+      sessionToken: await generateSessionToken(),
+      userId: user.id,
+      expires: (0, _utils.fromDate)(options.session.maxAge)
+    });
+    return {
+      session,
+      user,
+      isNewUser
+    };
+  } else if (account.type === "oauth") {
+    const userByAccount = await getUserByAccount({
+      providerAccountId: account.providerAccountId,
+      provider: account.provider
+    });
+    if (userByAccount) {
+      if (user) {
+        if (userByAccount.id === user.id) {
+          return {
+            session,
+            user,
+            isNewUser
+          };
+        }
+        throw new _errors.AccountNotLinkedError("The account is already associated with another user");
+      }
+      session = useJwtSession ? {} : await createSession({
+        sessionToken: await generateSessionToken(),
+        userId: userByAccount.id,
+        expires: (0, _utils.fromDate)(options.session.maxAge)
+      });
+      return {
+        session,
+        user: userByAccount,
+        isNewUser
+      };
+    } else {
+      var _events$createUser2, _events$linkAccount2;
+      if (user) {
+        var _events$linkAccount;
+        await linkAccount({
+          ...account,
+          userId: user.id
+        });
+        await ((_events$linkAccount = events.linkAccount) === null || _events$linkAccount === void 0 ? void 0 : _events$linkAccount.call(events, {
+          user,
+          account,
+          profile
+        }));
+        return {
+          session,
+          user,
+          isNewUser
+        };
+      }
+      const userByEmail = profile.email ? await getUserByEmail(profile.email) : null;
+      if (userByEmail) {
+        const provider = options.provider;
+        if (provider !== null && provider !== void 0 && provider.allowDangerousEmailAccountLinking) {
+          user = userByEmail;
+        } else {
+          throw new _errors.AccountNotLinkedError("Another account already exists with the same e-mail address");
+        }
+      } else {
+        const {
+          id: _,
+          ...newUser
+        } = {
+          ...profile,
+          emailVerified: null
+        };
+        user = await createUser(newUser);
+      }
+      await ((_events$createUser2 = events.createUser) === null || _events$createUser2 === void 0 ? void 0 : _events$createUser2.call(events, {
+        user
+      }));
+      await linkAccount({
+        ...account,
+        userId: user.id
+      });
+      await ((_events$linkAccount2 = events.linkAccount) === null || _events$linkAccount2 === void 0 ? void 0 : _events$linkAccount2.call(events, {
+        user,
+        account,
+        profile
+      }));
+      session = useJwtSession ? {} : await createSession({
+        sessionToken: await generateSessionToken(),
+        userId: user.id,
+        expires: (0, _utils.fromDate)(options.session.maxAge)
+      });
+      return {
+        session,
+        user,
+        isNewUser: true
+      };
+    }
+  }
+  throw new Error("Unsupported account type");
+}

node_modules/next-auth/core/lib/callback-url.d.ts

@@ -0,0 +1,17 @@
+import type { InternalOptions } from "../types";
+interface CreateCallbackUrlParams {
+    options: InternalOptions;
+    /** Try reading value from request body (POST) then from query param (GET) */
+    paramValue?: string;
+    cookieValue?: string;
+}
+/**
+ * Get callback URL based on query param / cookie + validation,
+ * and add it to `req.options.callbackUrl`.
+ */
+export declare function createCallbackUrl({ options, paramValue, cookieValue, }: CreateCallbackUrlParams): Promise<{
+    callbackUrl: string;
+    callbackUrlCookie: string | undefined;
+}>;
+export {};
+//# sourceMappingURL=callback-url.d.ts.map

node_modules/next-auth/core/lib/callback-url.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"callback-url.d.ts","sourceRoot":"","sources":["../../src/core/lib/callback-url.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,UAAU,CAAA;AAE/C,UAAU,uBAAuB;IAC/B,OAAO,EAAE,eAAe,CAAA;IACxB,6EAA6E;IAC7E,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB;AAED;;;GAGG;AACH,wBAAsB,iBAAiB,CAAC,EACtC,OAAO,EACP,UAAU,EACV,WAAW,GACZ,EAAE,uBAAuB;;;GAwBzB"}

node_modules/next-auth/core/lib/callback-url.js

@@ -0,0 +1,32 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.createCallbackUrl = createCallbackUrl;
+async function createCallbackUrl({
+  options,
+  paramValue,
+  cookieValue
+}) {
+  const {
+    url,
+    callbacks
+  } = options;
+  let callbackUrl = url.origin;
+  if (paramValue) {
+    callbackUrl = await callbacks.redirect({
+      url: paramValue,
+      baseUrl: url.origin
+    });
+  } else if (cookieValue) {
+    callbackUrl = await callbacks.redirect({
+      url: cookieValue,
+      baseUrl: url.origin
+    });
+  }
+  return {
+    callbackUrl,
+    callbackUrlCookie: callbackUrl !== cookieValue ? callbackUrl : undefined
+  };
+}

node_modules/next-auth/core/lib/cookie.d.ts

@@ -0,0 +1,50 @@
+import type { CookiesOptions } from "../..";
+import type { CookieOption, LoggerInstance, SessionStrategy } from "../types";
+import type { NextRequest } from "next/server";
+import type { NextApiRequest } from "next";
+/** Stringified form of `JWT`. Extract the content with `jwt.decode` */
+export declare type JWTString = string;
+export declare type SetCookieOptions = Partial<CookieOption["options"]> & {
+    expires?: Date | string;
+    encode?: (val: unknown) => string;
+};
+/**
+ * If `options.session.strategy` is set to `jwt`, this is a stringified `JWT`.
+ * In case of `strategy: "database"`, this is the `sessionToken` of the session in the database.
+ */
+export declare type SessionToken<T extends SessionStrategy = "jwt"> = T extends "jwt" ? JWTString : string;
+/**
+ * Use secure cookies if the site uses HTTPS
+ * This being conditional allows cookies to work non-HTTPS development URLs
+ * Honour secure cookie option, which sets 'secure' and also adds '__Secure-'
+ * prefix, but enable them by default if the site URL is HTTPS; but not for
+ * non-HTTPS URLs like http://localhost which are used in development).
+ * For more on prefixes see https://googlechrome.github.io/samples/cookie-prefixes/
+ *
+ * @TODO Review cookie settings (names, options)
+ */
+export declare function defaultCookies(useSecureCookies: boolean): CookiesOptions;
+export interface Cookie extends CookieOption {
+    value: string;
+}
+export declare class SessionStore {
+    #private;
+    constructor(option: CookieOption, req: Partial<{
+        cookies: NextRequest["cookies"] | NextApiRequest["cookies"];
+        headers: NextRequest["headers"] | NextApiRequest["headers"];
+    }>, logger: LoggerInstance | Console);
+    /**
+     * The JWT Session or database Session ID
+     * constructed from the cookie chunks.
+     */
+    get value(): string;
+    /**
+     * Given a cookie value, return new cookies, chunked, to fit the allowed cookie size.
+     * If the cookie has changed from chunked to unchunked or vice versa,
+     * it deletes the old cookies as well.
+     */
+    chunk(value: string, options: Partial<Cookie["options"]>): Cookie[];
+    /** Returns a list of cookies that should be cleaned. */
+    clean(): Cookie[];
+}
+//# sourceMappingURL=cookie.d.ts.map

node_modules/next-auth/core/lib/cookie.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cookie.d.ts","sourceRoot":"","sources":["../../src/core/lib/cookie.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,OAAO,CAAA;AAC3C,OAAO,KAAK,EAAE,YAAY,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,UAAU,CAAA;AAC7E,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAC9C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,MAAM,CAAA;AA0B1C,uEAAuE;AACvE,oBAAY,SAAS,GAAG,MAAM,CAAA;AAE9B,oBAAY,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,GAAG;IAChE,OAAO,CAAC,EAAE,IAAI,GAAG,MAAM,CAAA;IACvB,MAAM,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,CAAA;CAClC,CAAA;AAED;;;GAGG;AACH,oBAAY,YAAY,CAAC,CAAC,SAAS,eAAe,GAAG,KAAK,IAAI,CAAC,SAAS,KAAK,GACzE,SAAS,GACT,MAAM,CAAA;AAEV;;;;;;;;;GASG;AACH,wBAAgB,cAAc,CAAC,gBAAgB,EAAE,OAAO,GAAG,cAAc,CA+DxE;AAED,MAAM,WAAW,MAAO,SAAQ,YAAY;IAC1C,KAAK,EAAE,MAAM,CAAA;CACd;AAID,qBAAa,YAAY;;gBAMrB,MAAM,EAAE,YAAY,EACpB,GAAG,EAAE,OAAO,CAAC;QACX,OAAO,EAAE,WAAW,CAAC,SAAS,CAAC,GAAG,cAAc,CAAC,SAAS,CAAC,CAAA;QAC3D,OAAO,EAAE,WAAW,CAAC,SAAS,CAAC,GAAG,cAAc,CAAC,SAAS,CAAC,CAAA;KAC5D,CAAC,EACF,MAAM,EAAE,cAAc,GAAG,OAAO;IA0BlC;;;OAGG;IACH,IAAI,KAAK,WAWR;IA2CD;;;;OAIG;IACH,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,GAAG,MAAM,EAAE;IAmBnE,wDAAwD;IACxD,KAAK,IAAI,MAAM,EAAE;CAGlB"}

node_modules/next-auth/core/lib/cookie.js

@@ -0,0 +1,184 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.SessionStore = void 0;
+exports.defaultCookies = defaultCookies;
+function _classPrivateMethodInitSpec(e, a) { _checkPrivateRedeclaration(e, a), a.add(e); }
+function _classPrivateFieldInitSpec(e, t, a) { _checkPrivateRedeclaration(e, t), t.set(e, a); }
+function _checkPrivateRedeclaration(e, t) { if (t.has(e)) throw new TypeError("Cannot initialize the same private elements twice on an object"); }
+function _classPrivateFieldGet(s, a) { return s.get(_assertClassBrand(s, a)); }
+function _classPrivateFieldSet(s, a, r) { return s.set(_assertClassBrand(s, a), r), r; }
+function _assertClassBrand(e, t, n) { if ("function" == typeof e ? e === t : e.has(t)) return arguments.length < 3 ? t : n; throw new TypeError("Private element is not present on this object"); }
+const ALLOWED_COOKIE_SIZE = 4096;
+const ESTIMATED_EMPTY_COOKIE_SIZE = 163;
+const CHUNK_SIZE = ALLOWED_COOKIE_SIZE - ESTIMATED_EMPTY_COOKIE_SIZE;
+function defaultCookies(useSecureCookies) {
+  const cookiePrefix = useSecureCookies ? "__Secure-" : "";
+  return {
+    sessionToken: {
+      name: `${cookiePrefix}next-auth.session-token`,
+      options: {
+        httpOnly: true,
+        sameSite: "lax",
+        path: "/",
+        secure: useSecureCookies
+      }
+    },
+    callbackUrl: {
+      name: `${cookiePrefix}next-auth.callback-url`,
+      options: {
+        httpOnly: true,
+        sameSite: "lax",
+        path: "/",
+        secure: useSecureCookies
+      }
+    },
+    csrfToken: {
+      name: `${useSecureCookies ? "__Host-" : ""}next-auth.csrf-token`,
+      options: {
+        httpOnly: true,
+        sameSite: "lax",
+        path: "/",
+        secure: useSecureCookies
+      }
+    },
+    pkceCodeVerifier: {
+      name: `${cookiePrefix}next-auth.pkce.code_verifier`,
+      options: {
+        httpOnly: true,
+        sameSite: "lax",
+        path: "/",
+        secure: useSecureCookies,
+        maxAge: 60 * 15
+      }
+    },
+    state: {
+      name: `${cookiePrefix}next-auth.state`,
+      options: {
+        httpOnly: true,
+        sameSite: "lax",
+        path: "/",
+        secure: useSecureCookies,
+        maxAge: 60 * 15
+      }
+    },
+    nonce: {
+      name: `${cookiePrefix}next-auth.nonce`,
+      options: {
+        httpOnly: true,
+        sameSite: "lax",
+        path: "/",
+        secure: useSecureCookies
+      }
+    }
+  };
+}
+var _chunks = new WeakMap();
+var _option = new WeakMap();
+var _logger = new WeakMap();
+var _SessionStore_brand = new WeakSet();
+class SessionStore {
+  constructor(option, req, logger) {
+    _classPrivateMethodInitSpec(this, _SessionStore_brand);
+    _classPrivateFieldInitSpec(this, _chunks, {});
+    _classPrivateFieldInitSpec(this, _option, void 0);
+    _classPrivateFieldInitSpec(this, _logger, void 0);
+    _classPrivateFieldSet(_logger, this, logger);
+    _classPrivateFieldSet(_option, this, option);
+    const {
+      cookies: _cookies
+    } = req;
+    const {
+      name: cookieName
+    } = option;
+    if (typeof (_cookies === null || _cookies === void 0 ? void 0 : _cookies.getAll) === "function") {
+      for (const {
+        name,
+        value
+      } of _cookies.getAll()) {
+        if (name.startsWith(cookieName)) {
+          _classPrivateFieldGet(_chunks, this)[name] = value;
+        }
+      }
+    } else if (_cookies instanceof Map) {
+      for (const name of _cookies.keys()) {
+        if (name.startsWith(cookieName)) _classPrivateFieldGet(_chunks, this)[name] = _cookies.get(name);
+      }
+    } else {
+      for (const name in _cookies) {
+        if (name.startsWith(cookieName)) _classPrivateFieldGet(_chunks, this)[name] = _cookies[name];
+      }
+    }
+  }
+  get value() {
+    const sortedKeys = Object.keys(_classPrivateFieldGet(_chunks, this)).sort((a, b) => {
+      var _a$split$pop, _b$split$pop;
+      const aSuffix = parseInt((_a$split$pop = a.split(".").pop()) !== null && _a$split$pop !== void 0 ? _a$split$pop : "0");
+      const bSuffix = parseInt((_b$split$pop = b.split(".").pop()) !== null && _b$split$pop !== void 0 ? _b$split$pop : "0");
+      return aSuffix - bSuffix;
+    });
+    return sortedKeys.map(key => _classPrivateFieldGet(_chunks, this)[key]).join("");
+  }
+  chunk(value, options) {
+    const cookies = _assertClassBrand(_SessionStore_brand, this, _clean).call(this);
+    const chunked = _assertClassBrand(_SessionStore_brand, this, _chunk).call(this, {
+      name: _classPrivateFieldGet(_option, this).name,
+      value,
+      options: {
+        ..._classPrivateFieldGet(_option, this).options,
+        ...options
+      }
+    });
+    for (const chunk of chunked) {
+      cookies[chunk.name] = chunk;
+    }
+    return Object.values(cookies);
+  }
+  clean() {
+    return Object.values(_assertClassBrand(_SessionStore_brand, this, _clean).call(this));
+  }
+}
+exports.SessionStore = SessionStore;
+function _chunk(cookie) {
+  const chunkCount = Math.ceil(cookie.value.length / CHUNK_SIZE);
+  if (chunkCount === 1) {
+    _classPrivateFieldGet(_chunks, this)[cookie.name] = cookie.value;
+    return [cookie];
+  }
+  const cookies = [];
+  for (let i = 0; i < chunkCount; i++) {
+    const name = `${cookie.name}.${i}`;
+    const value = cookie.value.substr(i * CHUNK_SIZE, CHUNK_SIZE);
+    cookies.push({
+      ...cookie,
+      name,
+      value
+    });
+    _classPrivateFieldGet(_chunks, this)[name] = value;
+  }
+  _classPrivateFieldGet(_logger, this).debug("CHUNKING_SESSION_COOKIE", {
+    message: `Session cookie exceeds allowed ${ALLOWED_COOKIE_SIZE} bytes.`,
+    emptyCookieSize: ESTIMATED_EMPTY_COOKIE_SIZE,
+    valueSize: cookie.value.length,
+    chunks: cookies.map(c => c.value.length + ESTIMATED_EMPTY_COOKIE_SIZE)
+  });
+  return cookies;
+}
+function _clean() {
+  const cleanedChunks = {};
+  for (const name in _classPrivateFieldGet(_chunks, this)) {
+    var _classPrivateFieldGet2;
+    (_classPrivateFieldGet2 = _classPrivateFieldGet(_chunks, this)) === null || _classPrivateFieldGet2 === void 0 || delete _classPrivateFieldGet2[name];
+    cleanedChunks[name] = {
+      name,
+      value: "",
+      options: {
+        ..._classPrivateFieldGet(_option, this).options,
+        maxAge: 0
+      }
+    };
+  }
+  return cleanedChunks;
+}

node_modules/next-auth/core/lib/csrf-token.d.ts

@@ -0,0 +1,32 @@
+import type { InternalOptions } from "../types";
+interface CreateCSRFTokenParams {
+    options: InternalOptions;
+    cookieValue?: string;
+    isPost: boolean;
+    bodyValue?: string;
+}
+/**
+ * Ensure CSRF Token cookie is set for any subsequent requests.
+ * Used as part of the strategy for mitigation for CSRF tokens.
+ *
+ * Creates a cookie like 'next-auth.csrf-token' with the value 'token|hash',
+ * where 'token' is the CSRF token and 'hash' is a hash made of the token and
+ * the secret, and the two values are joined by a pipe '|'. By storing the
+ * value and the hash of the value (with the secret used as a salt) we can
+ * verify the cookie was set by the server and not by a malicous attacker.
+ *
+ * For more details, see the following OWASP links:
+ * https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#double-submit-cookie
+ * https://owasp.org/www-chapter-london/assets/slides/David_Johansson-Double_Defeat_of_Double-Submit_Cookie.pdf
+ */
+export declare function createCSRFToken({ options, cookieValue, isPost, bodyValue, }: CreateCSRFTokenParams): {
+    csrfTokenVerified: boolean;
+    csrfToken: string;
+    cookie?: undefined;
+} | {
+    cookie: string;
+    csrfToken: string;
+    csrfTokenVerified?: undefined;
+};
+export {};
+//# sourceMappingURL=csrf-token.d.ts.map

node_modules/next-auth/core/lib/csrf-token.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"csrf-token.d.ts","sourceRoot":"","sources":["../../src/core/lib/csrf-token.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,UAAU,CAAA;AAE/C,UAAU,qBAAqB;IAC7B,OAAO,EAAE,eAAe,CAAA;IACxB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,MAAM,EAAE,OAAO,CAAA;IACf,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAgB,eAAe,CAAC,EAC9B,OAAO,EACP,WAAW,EACX,MAAM,EACN,SAAS,GACV,EAAE,qBAAqB;;;;;;;;EAwBvB"}

node_modules/next-auth/core/lib/csrf-token.js

@@ -0,0 +1,32 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.createCSRFToken = createCSRFToken;
+var _crypto = require("crypto");
+function createCSRFToken({
+  options,
+  cookieValue,
+  isPost,
+  bodyValue
+}) {
+  if (cookieValue) {
+    const [csrfToken, csrfTokenHash] = cookieValue.split("|");
+    const expectedCsrfTokenHash = (0, _crypto.createHash)("sha256").update(`${csrfToken}${options.secret}`).digest("hex");
+    if (csrfTokenHash === expectedCsrfTokenHash) {
+      const csrfTokenVerified = isPost && csrfToken === bodyValue;
+      return {
+        csrfTokenVerified,
+        csrfToken
+      };
+    }
+  }
+  const csrfToken = (0, _crypto.randomBytes)(32).toString("hex");
+  const csrfTokenHash = (0, _crypto.createHash)("sha256").update(`${csrfToken}${options.secret}`).digest("hex");
+  const cookie = `${csrfToken}|${csrfTokenHash}`;
+  return {
+    cookie,
+    csrfToken
+  };
+}

node_modules/next-auth/core/lib/default-callbacks.d.ts

@@ -0,0 +1,3 @@
+import { CallbacksOptions } from "../..";
+export declare const defaultCallbacks: CallbacksOptions;
+//# sourceMappingURL=default-callbacks.d.ts.map

node_modules/next-auth/core/lib/default-callbacks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"default-callbacks.d.ts","sourceRoot":"","sources":["../../src/core/lib/default-callbacks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,OAAO,CAAA;AAExC,eAAO,MAAM,gBAAgB,EAAE,gBAe9B,CAAA"}

node_modules/next-auth/core/lib/default-callbacks.js

@@ -0,0 +1,28 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.defaultCallbacks = void 0;
+const defaultCallbacks = exports.defaultCallbacks = {
+  signIn() {
+    return true;
+  },
+  redirect({
+    url,
+    baseUrl
+  }) {
+    if (url.startsWith("/")) return `${baseUrl}${url}`;else if (new URL(url).origin === baseUrl) return url;
+    return baseUrl;
+  },
+  session({
+    session
+  }) {
+    return session;
+  },
+  jwt({
+    token
+  }) {
+    return token;
+  }
+};

node_modules/next-auth/core/lib/email/getUserFromEmail.d.ts

@@ -0,0 +1,11 @@
+import type { AdapterUser } from "../../../adapters";
+import type { InternalOptions } from "../../types";
+/**
+ * Query the database for a user by email address.
+ * If is an existing user return a user object (otherwise use placeholder).
+ */
+export default function getAdapterUserFromEmail({ email, adapter, }: {
+    email: string;
+    adapter: InternalOptions<"email">["adapter"];
+}): Promise<AdapterUser>;
+//# sourceMappingURL=getUserFromEmail.d.ts.map

node_modules/next-auth/core/lib/email/getUserFromEmail.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"getUserFromEmail.d.ts","sourceRoot":"","sources":["../../../src/core/lib/email/getUserFromEmail.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AACpD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;AAElD;;;GAGG;AACH,wBAA8B,uBAAuB,CAAC,EACpD,KAAK,EACL,OAAO,GACR,EAAE;IACD,KAAK,EAAE,MAAM,CAAA;IACb,OAAO,EAAE,eAAe,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,CAAA;CAC7C,GAAG,OAAO,CAAC,WAAW,CAAC,CAOvB"}

node_modules/next-auth/core/lib/email/getUserFromEmail.js

@@ -0,0 +1,21 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.default = getAdapterUserFromEmail;
+async function getAdapterUserFromEmail({
+  email,
+  adapter
+}) {
+  const {
+    getUserByEmail
+  } = adapter;
+  const adapterUser = email ? await getUserByEmail(email) : null;
+  if (adapterUser) return adapterUser;
+  return {
+    id: email,
+    email,
+    emailVerified: null
+  };
+}

node_modules/next-auth/core/lib/email/signin.d.ts

@@ -0,0 +1,7 @@
+import type { InternalOptions } from "../../types";
+/**
+ * Starts an e-mail login flow, by generating a token,
+ * and sending it to the user's e-mail (with the help of a DB adapter)
+ */
+export default function email(identifier: string, options: InternalOptions<"email">): Promise<string>;
+//# sourceMappingURL=signin.d.ts.map

node_modules/next-auth/core/lib/email/signin.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"signin.d.ts","sourceRoot":"","sources":["../../../src/core/lib/email/signin.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;AAElD;;;GAGG;AACH,wBAA8B,KAAK,CACjC,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,eAAe,CAAC,OAAO,CAAC,GAChC,OAAO,CAAC,MAAM,CAAC,CAuCjB"}

node_modules/next-auth/core/lib/email/signin.js

@@ -0,0 +1,43 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.default = email;
+var _crypto = require("crypto");
+var _utils = require("../utils");
+async function email(identifier, options) {
+  var _await$provider$gener, _provider$generateVer, _provider$maxAge, _adapter$createVerifi;
+  const {
+    url,
+    adapter,
+    provider,
+    callbackUrl,
+    theme
+  } = options;
+  const token = (_await$provider$gener = await ((_provider$generateVer = provider.generateVerificationToken) === null || _provider$generateVer === void 0 ? void 0 : _provider$generateVer.call(provider))) !== null && _await$provider$gener !== void 0 ? _await$provider$gener : (0, _crypto.randomBytes)(32).toString("hex");
+  const ONE_DAY_IN_SECONDS = 86400;
+  const expires = new Date(Date.now() + ((_provider$maxAge = provider.maxAge) !== null && _provider$maxAge !== void 0 ? _provider$maxAge : ONE_DAY_IN_SECONDS) * 1000);
+  const params = new URLSearchParams({
+    callbackUrl,
+    token,
+    email: identifier
+  });
+  const _url = `${url}/callback/${provider.id}?${params}`;
+  await Promise.all([provider.sendVerificationRequest({
+    identifier,
+    token,
+    expires,
+    url: _url,
+    provider,
+    theme
+  }), (_adapter$createVerifi = adapter.createVerificationToken) === null || _adapter$createVerifi === void 0 ? void 0 : _adapter$createVerifi.call(adapter, {
+    identifier,
+    token: (0, _utils.hashToken)(token, options),
+    expires
+  })]);
+  return `${url}/verify-request?${new URLSearchParams({
+    provider: provider.id,
+    type: provider.type
+  })}`;
+}

node_modules/next-auth/core/lib/oauth/authorization-url.d.ts

@@ -0,0 +1,20 @@
+import type { InternalOptions } from "../../types";
+import type { RequestInternal } from "../..";
+import type { Cookie } from "../cookie";
+/**
+ *
+ * Generates an authorization/request token URL.
+ *
+ * [OAuth 2](https://www.oauth.com/oauth2-servers/authorization/the-authorization-request/) | [OAuth 1](https://oauth.net/core/1.0a/#auth_step2)
+ */
+export default function getAuthorizationUrl({ options, query, }: {
+    options: InternalOptions<"oauth">;
+    query: RequestInternal["query"];
+}): Promise<{
+    redirect: string;
+    cookies?: undefined;
+} | {
+    redirect: string;
+    cookies: Cookie[];
+}>;
+//# sourceMappingURL=authorization-url.d.ts.map

node_modules/next-auth/core/lib/oauth/authorization-url.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"authorization-url.d.ts","sourceRoot":"","sources":["../../../src/core/lib/oauth/authorization-url.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;AAClD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,OAAO,CAAA;AAC5C,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,WAAW,CAAA;AAEvC;;;;;GAKG;AACH,wBAA8B,mBAAmB,CAAC,EAChD,OAAO,EACP,KAAK,GACN,EAAE;IACD,OAAO,EAAE,eAAe,CAAC,OAAO,CAAC,CAAA;IACjC,KAAK,EAAE,eAAe,CAAC,OAAO,CAAC,CAAA;CAChC;;;;;;GAyCA"}

node_modules/next-auth/core/lib/oauth/authorization-url.js

@@ -0,0 +1,74 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.default = getAuthorizationUrl;
+var _client = require("./client");
+var _clientLegacy = require("./client-legacy");
+var checks = _interopRequireWildcard(require("./checks"));
+function _getRequireWildcardCache(e) { if ("function" != typeof WeakMap) return null; var r = new WeakMap(), t = new WeakMap(); return (_getRequireWildcardCache = function (e) { return e ? t : r; })(e); }
+function _interopRequireWildcard(e, r) { if (!r && e && e.__esModule) return e; if (null === e || "object" != typeof e && "function" != typeof e) return { default: e }; var t = _getRequireWildcardCache(r); if (t && t.has(e)) return t.get(e); var n = { __proto__: null }, a = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var u in e) if ("default" !== u && {}.hasOwnProperty.call(e, u)) { var i = a ? Object.getOwnPropertyDescriptor(e, u) : null; i && (i.get || i.set) ? Object.defineProperty(n, u, i) : n[u] = e[u]; } return n.default = e, t && t.set(e, n), n; }
+async function getAuthorizationUrl({
+  options,
+  query
+}) {
+  var _provider$version;
+  const {
+    logger,
+    provider
+  } = options;
+  let params = {};
+  if (typeof provider.authorization === "string") {
+    const parsedUrl = new URL(provider.authorization);
+    const parsedParams = Object.fromEntries(parsedUrl.searchParams);
+    params = {
+      ...params,
+      ...parsedParams
+    };
+  } else {
+    var _provider$authorizati;
+    params = {
+      ...params,
+      ...((_provider$authorizati = provider.authorization) === null || _provider$authorizati === void 0 ? void 0 : _provider$authorizati.params)
+    };
+  }
+  params = {
+    ...params,
+    ...query
+  };
+  if ((_provider$version = provider.version) !== null && _provider$version !== void 0 && _provider$version.startsWith("1.")) {
+    var _provider$authorizati2;
+    const client = (0, _clientLegacy.oAuth1Client)(options);
+    const tokens = await client.getOAuthRequestToken(params);
+    const url = `${(_provider$authorizati2 = provider.authorization) === null || _provider$authorizati2 === void 0 ? void 0 : _provider$authorizati2.url}?${new URLSearchParams({
+      oauth_token: tokens.oauth_token,
+      oauth_token_secret: tokens.oauth_token_secret,
+      ...tokens.params
+    })}`;
+    _clientLegacy.oAuth1TokenStore.set(tokens.oauth_token, tokens.oauth_token_secret);
+    logger.debug("GET_AUTHORIZATION_URL", {
+      url,
+      provider
+    });
+    return {
+      redirect: url
+    };
+  }
+  const client = await (0, _client.openidClient)(options);
+  const authorizationParams = params;
+  const cookies = [];
+  await checks.state.create(options, cookies, authorizationParams);
+  await checks.pkce.create(options, cookies, authorizationParams);
+  await checks.nonce.create(options, cookies, authorizationParams);
+  const url = client.authorizationUrl(authorizationParams);
+  logger.debug("GET_AUTHORIZATION_URL", {
+    url,
+    cookies,
+    provider
+  });
+  return {
+    redirect: url,
+    cookies
+  };
+}

node_modules/next-auth/core/lib/oauth/callback.d.ts

@@ -0,0 +1,37 @@
+import { TokenSet } from "openid-client";
+import type { LoggerInstance, Profile } from "../../..";
+import type { OAuthConfig } from "../../../providers";
+import type { InternalOptions } from "../../types";
+import type { RequestInternal } from "../..";
+import type { Cookie } from "../cookie";
+export default function oAuthCallback(params: {
+    options: InternalOptions<"oauth">;
+    query: RequestInternal["query"];
+    body: RequestInternal["body"];
+    method: Required<RequestInternal>["method"];
+    cookies: RequestInternal["cookies"];
+}): Promise<{
+    cookies: Cookie[];
+    profile?: import("../../types").User | undefined;
+    account?: {
+        access_token?: string | undefined;
+        token_type?: string | undefined;
+        id_token?: string | undefined;
+        refresh_token?: string | undefined;
+        expires_in?: number | undefined;
+        expires_at?: number | undefined;
+        session_state?: string | undefined;
+        scope?: string | undefined;
+        provider: string;
+        type: "oauth";
+        providerAccountId: string;
+    } | undefined;
+    OAuthProfile?: Profile | undefined;
+}>;
+export interface GetProfileParams {
+    profile: Profile;
+    tokens: TokenSet;
+    provider: OAuthConfig<any>;
+    logger: LoggerInstance;
+}
+//# sourceMappingURL=callback.d.ts.map

node_modules/next-auth/core/lib/oauth/callback.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"callback.d.ts","sourceRoot":"","sources":["../../../src/core/lib/oauth/callback.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AAOxC,OAAO,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,MAAM,UAAU,CAAA;AACvD,OAAO,KAAK,EAAe,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAClE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;AAClD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,OAAO,CAAA;AAC5C,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,WAAW,CAAA;AAEvC,wBAA8B,aAAa,CAAC,MAAM,EAAE;IAClD,OAAO,EAAE,eAAe,CAAC,OAAO,CAAC,CAAA;IACjC,KAAK,EAAE,eAAe,CAAC,OAAO,CAAC,CAAA;IAC/B,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,CAAA;IAC7B,MAAM,EAAE,QAAQ,CAAC,eAAe,CAAC,CAAC,QAAQ,CAAC,CAAA;IAC3C,OAAO,EAAE,eAAe,CAAC,SAAS,CAAC,CAAA;CACpC;;;;;;;;;;;;;;;;;GAkHA;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,OAAO,CAAA;IAChB,MAAM,EAAE,QAAQ,CAAA;IAChB,QAAQ,EAAE,WAAW,CAAC,GAAG,CAAC,CAAA;IAC1B,MAAM,EAAE,cAAc,CAAA;CACvB"}

node_modules/next-auth/core/lib/oauth/callback.js

@@ -0,0 +1,160 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.default = oAuthCallback;
+var _openidClient = require("openid-client");
+var _client = require("./client");
+var _clientLegacy = require("./client-legacy");
+var _checks = _interopRequireWildcard(require("./checks"));
+var _errors = require("../../errors");
+function _getRequireWildcardCache(e) { if ("function" != typeof WeakMap) return null; var r = new WeakMap(), t = new WeakMap(); return (_getRequireWildcardCache = function (e) { return e ? t : r; })(e); }
+function _interopRequireWildcard(e, r) { if (!r && e && e.__esModule) return e; if (null === e || "object" != typeof e && "function" != typeof e) return { default: e }; var t = _getRequireWildcardCache(r); if (t && t.has(e)) return t.get(e); var n = { __proto__: null }, a = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var u in e) if ("default" !== u && {}.hasOwnProperty.call(e, u)) { var i = a ? Object.getOwnPropertyDescriptor(e, u) : null; i && (i.get || i.set) ? Object.defineProperty(n, u, i) : n[u] = e[u]; } return n.default = e, t && t.set(e, n), n; }
+async function oAuthCallback(params) {
+  var _body$error, _provider$version;
+  const {
+    options,
+    query,
+    body,
+    method,
+    cookies
+  } = params;
+  const {
+    logger,
+    provider
+  } = options;
+  const errorMessage = (_body$error = body === null || body === void 0 ? void 0 : body.error) !== null && _body$error !== void 0 ? _body$error : query === null || query === void 0 ? void 0 : query.error;
+  if (errorMessage) {
+    const error = new Error(errorMessage);
+    logger.error("OAUTH_CALLBACK_HANDLER_ERROR", {
+      error,
+      error_description: query === null || query === void 0 ? void 0 : query.error_description,
+      providerId: provider.id
+    });
+    logger.debug("OAUTH_CALLBACK_HANDLER_ERROR", {
+      body
+    });
+    throw error;
+  }
+  if ((_provider$version = provider.version) !== null && _provider$version !== void 0 && _provider$version.startsWith("1.")) {
+    try {
+      const client = await (0, _clientLegacy.oAuth1Client)(options);
+      const {
+        oauth_token,
+        oauth_verifier
+      } = query !== null && query !== void 0 ? query : {};
+      const tokens = await client.getOAuthAccessToken(oauth_token, _clientLegacy.oAuth1TokenStore.get(oauth_token), oauth_verifier);
+      let profile = await client.get(provider.profileUrl, tokens.oauth_token, tokens.oauth_token_secret);
+      if (typeof profile === "string") {
+        profile = JSON.parse(profile);
+      }
+      const newProfile = await getProfile({
+        profile,
+        tokens,
+        provider,
+        logger
+      });
+      return {
+        ...newProfile,
+        cookies: []
+      };
+    } catch (error) {
+      logger.error("OAUTH_V1_GET_ACCESS_TOKEN_ERROR", error);
+      throw error;
+    }
+  }
+  if (query !== null && query !== void 0 && query.oauth_token) _clientLegacy.oAuth1TokenStore.delete(query.oauth_token);
+  try {
+    var _provider$token, _provider$token2, _provider$userinfo;
+    const client = await (0, _client.openidClient)(options);
+    let tokens;
+    const checks = {};
+    const resCookies = [];
+    await _checks.state.use(cookies, resCookies, options, checks);
+    await _checks.pkce.use(cookies, resCookies, options, checks);
+    await _checks.nonce.use(cookies, resCookies, options, checks);
+    const params = {
+      ...client.callbackParams({
+        url: `http://n?${new URLSearchParams(query)}`,
+        body,
+        method
+      }),
+      ...((_provider$token = provider.token) === null || _provider$token === void 0 ? void 0 : _provider$token.params)
+    };
+    if ((_provider$token2 = provider.token) !== null && _provider$token2 !== void 0 && _provider$token2.request) {
+      const response = await provider.token.request({
+        provider,
+        params,
+        checks,
+        client
+      });
+      tokens = new _openidClient.TokenSet(response.tokens);
+    } else if (provider.idToken) {
+      tokens = await client.callback(provider.callbackUrl, params, checks);
+    } else {
+      tokens = await client.oauthCallback(provider.callbackUrl, params, checks);
+    }
+    if (Array.isArray(tokens.scope)) {
+      tokens.scope = tokens.scope.join(" ");
+    }
+    let profile;
+    if ((_provider$userinfo = provider.userinfo) !== null && _provider$userinfo !== void 0 && _provider$userinfo.request) {
+      profile = await provider.userinfo.request({
+        provider,
+        tokens,
+        client
+      });
+    } else if (provider.idToken) {
+      profile = tokens.claims();
+    } else {
+      var _provider$userinfo2;
+      profile = await client.userinfo(tokens, {
+        params: (_provider$userinfo2 = provider.userinfo) === null || _provider$userinfo2 === void 0 ? void 0 : _provider$userinfo2.params
+      });
+    }
+    const profileResult = await getProfile({
+      profile,
+      provider,
+      tokens,
+      logger
+    });
+    return {
+      ...profileResult,
+      cookies: resCookies
+    };
+  } catch (error) {
+    throw new _errors.OAuthCallbackError(error);
+  }
+}
+async function getProfile({
+  profile: OAuthProfile,
+  tokens,
+  provider,
+  logger
+}) {
+  try {
+    var _profile$email;
+    logger.debug("PROFILE_DATA", {
+      OAuthProfile
+    });
+    const profile = await provider.profile(OAuthProfile, tokens);
+    profile.email = (_profile$email = profile.email) === null || _profile$email === void 0 ? void 0 : _profile$email.toLowerCase();
+    if (!profile.id) throw new TypeError(`Profile id is missing in ${provider.name} OAuth profile response`);
+    return {
+      profile,
+      account: {
+        provider: provider.id,
+        type: provider.type,
+        providerAccountId: profile.id.toString(),
+        ...tokens
+      },
+      OAuthProfile
+    };
+  } catch (error) {
+    logger.error("OAUTH_PARSE_PROFILE_ERROR", {
+      error: error,
+      OAuthProfile
+    });
+  }
+}

node_modules/next-auth/core/lib/oauth/checks.d.ts

@@ -0,0 +1,42 @@
+import { AuthorizationParameters, OpenIDCallbackChecks } from "openid-client";
+import type { RequestInternal } from "../..";
+import type { OAuthChecks } from "../../../providers";
+import type { CookiesOptions, InternalOptions } from "../../types";
+import type { Cookie } from "../cookie";
+/** Returns a signed cookie. */
+export declare function signCookie(type: keyof CookiesOptions, value: string, maxAge: number, options: InternalOptions<"oauth">): Promise<Cookie>;
+export declare const PKCE_CODE_CHALLENGE_METHOD = "S256";
+export declare const pkce: {
+    create(options: InternalOptions<"oauth">, cookies: Cookie[], resParams: AuthorizationParameters): Promise<void>;
+    /**
+     * Returns code_verifier if the provider is configured to use PKCE,
+     * and clears the container cookie afterwards.
+     * An error is thrown if the code_verifier is missing or invalid.
+     * @see https://www.rfc-editor.org/rfc/rfc7636
+     * @see https://danielfett.de/2020/05/16/pkce-vs-nonce-equivalent-or-not/#pkce
+     */
+    use(cookies: RequestInternal["cookies"], resCookies: Cookie[], options: InternalOptions<"oauth">, checks: OAuthChecks): Promise<string | undefined>;
+};
+export declare const state: {
+    create(options: InternalOptions<"oauth">, cookies: Cookie[], resParams: AuthorizationParameters): Promise<void>;
+    /**
+     * Returns state if the provider is configured to use state,
+     * and clears the container cookie afterwards.
+     * An error is thrown if the state is missing or invalid.
+     * @see https://www.rfc-editor.org/rfc/rfc6749#section-10.12
+     * @see https://www.rfc-editor.org/rfc/rfc6749#section-4.1.1
+     */
+    use(cookies: RequestInternal["cookies"], resCookies: Cookie[], options: InternalOptions<"oauth">, checks: OAuthChecks): Promise<void>;
+};
+export declare const nonce: {
+    create(options: InternalOptions<"oauth">, cookies: Cookie[], resParams: AuthorizationParameters): Promise<void>;
+    /**
+     * Returns nonce if the provider is configured to use nonce,
+     * and clears the container cookie afterwards.
+     * An error is thrown if the nonce is missing or invalid.
+     * @see https://openid.net/specs/openid-connect-core-1_0.html#NonceNotes
+     * @see https://danielfett.de/2020/05/16/pkce-vs-nonce-equivalent-or-not/#nonce
+     */
+    use(cookies: RequestInternal["cookies"], resCookies: Cookie[], options: InternalOptions<"oauth">, checks: OpenIDCallbackChecks): Promise<string | undefined>;
+};
+//# sourceMappingURL=checks.d.ts.map

node_modules/next-auth/core/lib/oauth/checks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"checks.d.ts","sourceRoot":"","sources":["../../../src/core/lib/oauth/checks.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,uBAAuB,EAEvB,oBAAoB,EACrB,MAAM,eAAe,CAAA;AAGtB,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,OAAO,CAAA;AAC5C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AACrD,OAAO,KAAK,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;AAClE,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,WAAW,CAAA;AAEvC,+BAA+B;AAC/B,wBAAsB,UAAU,CAC9B,IAAI,EAAE,MAAM,cAAc,EAC1B,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,eAAe,CAAC,OAAO,CAAC,GAChC,OAAO,CAAC,MAAM,CAAC,CAkBjB;AAGD,eAAO,MAAM,0BAA0B,SAAS,CAAA;AAChD,eAAO,MAAM,IAAI;oBAEJ,gBAAgB,OAAO,CAAC,WACxB,MAAM,EAAE,aACN,uBAAuB;IAepC;;;;;;OAMG;iBAEQ,eAAe,CAAC,SAAS,CAAC,cACvB,MAAM,EAAE,WACX,gBAAgB,OAAO,CAAC,UACzB,WAAW,GAClB,QAAQ,MAAM,GAAG,SAAS,CAAC;CA0B/B,CAAA;AAGD,eAAO,MAAM,KAAK;oBAEL,gBAAgB,OAAO,CAAC,WACxB,MAAM,EAAE,aACN,uBAAuB;IAQpC;;;;;;OAMG;iBAEQ,eAAe,CAAC,SAAS,CAAC,cACvB,MAAM,EAAE,WACX,gBAAgB,OAAO,CAAC,UACzB,WAAW;CAyBtB,CAAA;AAGD,eAAO,MAAM,KAAK;oBAEL,gBAAgB,OAAO,CAAC,WACxB,MAAM,EAAE,aACN,uBAAuB;IAQpC;;;;;;OAMG;iBAEQ,eAAe,CAAC,SAAS,CAAC,cACvB,MAAM,EAAE,WACX,gBAAgB,OAAO,CAAC,UACzB,oBAAoB,GAC3B,QAAQ,MAAM,GAAG,SAAS,CAAC;CAuB/B,CAAA"}

node_modules/next-auth/core/lib/oauth/checks.js

@@ -0,0 +1,150 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.pkce = exports.nonce = exports.PKCE_CODE_CHALLENGE_METHOD = void 0;
+exports.signCookie = signCookie;
+exports.state = void 0;
+var _openidClient = require("openid-client");
+var jwt = _interopRequireWildcard(require("../../../jwt"));
+function _getRequireWildcardCache(e) { if ("function" != typeof WeakMap) return null; var r = new WeakMap(), t = new WeakMap(); return (_getRequireWildcardCache = function (e) { return e ? t : r; })(e); }
+function _interopRequireWildcard(e, r) { if (!r && e && e.__esModule) return e; if (null === e || "object" != typeof e && "function" != typeof e) return { default: e }; var t = _getRequireWildcardCache(r); if (t && t.has(e)) return t.get(e); var n = { __proto__: null }, a = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var u in e) if ("default" !== u && {}.hasOwnProperty.call(e, u)) { var i = a ? Object.getOwnPropertyDescriptor(e, u) : null; i && (i.get || i.set) ? Object.defineProperty(n, u, i) : n[u] = e[u]; } return n.default = e, t && t.set(e, n), n; }
+async function signCookie(type, value, maxAge, options) {
+  const {
+    cookies,
+    logger
+  } = options;
+  logger.debug(`CREATE_${type.toUpperCase()}`, {
+    value,
+    maxAge
+  });
+  const {
+    name
+  } = cookies[type];
+  const expires = new Date();
+  expires.setTime(expires.getTime() + maxAge * 1000);
+  return {
+    name,
+    value: await jwt.encode({
+      ...options.jwt,
+      maxAge,
+      token: {
+        value
+      },
+      salt: name
+    }),
+    options: {
+      ...cookies[type].options,
+      expires
+    }
+  };
+}
+const PKCE_MAX_AGE = 60 * 15;
+const PKCE_CODE_CHALLENGE_METHOD = exports.PKCE_CODE_CHALLENGE_METHOD = "S256";
+const pkce = exports.pkce = {
+  async create(options, cookies, resParams) {
+    var _options$provider, _options$cookies$pkce;
+    if (!((_options$provider = options.provider) !== null && _options$provider !== void 0 && (_options$provider = _options$provider.checks) !== null && _options$provider !== void 0 && _options$provider.includes("pkce"))) return;
+    const code_verifier = _openidClient.generators.codeVerifier();
+    const value = _openidClient.generators.codeChallenge(code_verifier);
+    resParams.code_challenge = value;
+    resParams.code_challenge_method = PKCE_CODE_CHALLENGE_METHOD;
+    const maxAge = (_options$cookies$pkce = options.cookies.pkceCodeVerifier.options.maxAge) !== null && _options$cookies$pkce !== void 0 ? _options$cookies$pkce : PKCE_MAX_AGE;
+    cookies.push(await signCookie("pkceCodeVerifier", code_verifier, maxAge, options));
+  },
+  async use(cookies, resCookies, options, checks) {
+    var _options$provider2;
+    if (!((_options$provider2 = options.provider) !== null && _options$provider2 !== void 0 && (_options$provider2 = _options$provider2.checks) !== null && _options$provider2 !== void 0 && _options$provider2.includes("pkce"))) return;
+    const codeVerifier = cookies === null || cookies === void 0 ? void 0 : cookies[options.cookies.pkceCodeVerifier.name];
+    if (!codeVerifier) throw new TypeError("PKCE code_verifier cookie was missing.");
+    const {
+      name
+    } = options.cookies.pkceCodeVerifier;
+    const value = await jwt.decode({
+      ...options.jwt,
+      token: codeVerifier,
+      salt: name
+    });
+    if (!(value !== null && value !== void 0 && value.value)) throw new TypeError("PKCE code_verifier value could not be parsed.");
+    resCookies.push({
+      name,
+      value: "",
+      options: {
+        ...options.cookies.pkceCodeVerifier.options,
+        maxAge: 0
+      }
+    });
+    checks.code_verifier = value.value;
+  }
+};
+const STATE_MAX_AGE = 60 * 15;
+const state = exports.state = {
+  async create(options, cookies, resParams) {
+    var _options$provider$che, _options$cookies$stat;
+    if (!((_options$provider$che = options.provider.checks) !== null && _options$provider$che !== void 0 && _options$provider$che.includes("state"))) return;
+    const value = _openidClient.generators.state();
+    resParams.state = value;
+    const maxAge = (_options$cookies$stat = options.cookies.state.options.maxAge) !== null && _options$cookies$stat !== void 0 ? _options$cookies$stat : STATE_MAX_AGE;
+    cookies.push(await signCookie("state", value, maxAge, options));
+  },
+  async use(cookies, resCookies, options, checks) {
+    var _options$provider$che2;
+    if (!((_options$provider$che2 = options.provider.checks) !== null && _options$provider$che2 !== void 0 && _options$provider$che2.includes("state"))) return;
+    const state = cookies === null || cookies === void 0 ? void 0 : cookies[options.cookies.state.name];
+    if (!state) throw new TypeError("State cookie was missing.");
+    const {
+      name
+    } = options.cookies.state;
+    const value = await jwt.decode({
+      ...options.jwt,
+      token: state,
+      salt: name
+    });
+    if (!(value !== null && value !== void 0 && value.value)) throw new TypeError("State value could not be parsed.");
+    resCookies.push({
+      name,
+      value: "",
+      options: {
+        ...options.cookies.state.options,
+        maxAge: 0
+      }
+    });
+    checks.state = value.value;
+  }
+};
+const NONCE_MAX_AGE = 60 * 15;
+const nonce = exports.nonce = {
+  async create(options, cookies, resParams) {
+    var _options$provider$che3, _options$cookies$nonc;
+    if (!((_options$provider$che3 = options.provider.checks) !== null && _options$provider$che3 !== void 0 && _options$provider$che3.includes("nonce"))) return;
+    const value = _openidClient.generators.nonce();
+    resParams.nonce = value;
+    const maxAge = (_options$cookies$nonc = options.cookies.nonce.options.maxAge) !== null && _options$cookies$nonc !== void 0 ? _options$cookies$nonc : NONCE_MAX_AGE;
+    cookies.push(await signCookie("nonce", value, maxAge, options));
+  },
+  async use(cookies, resCookies, options, checks) {
+    var _options$provider3;
+    if (!((_options$provider3 = options.provider) !== null && _options$provider3 !== void 0 && (_options$provider3 = _options$provider3.checks) !== null && _options$provider3 !== void 0 && _options$provider3.includes("nonce"))) return;
+    const nonce = cookies === null || cookies === void 0 ? void 0 : cookies[options.cookies.nonce.name];
+    if (!nonce) throw new TypeError("Nonce cookie was missing.");
+    const {
+      name
+    } = options.cookies.nonce;
+    const value = await jwt.decode({
+      ...options.jwt,
+      token: nonce,
+      salt: name
+    });
+    if (!(value !== null && value !== void 0 && value.value)) throw new TypeError("Nonce value could not be parsed.");
+    resCookies.push({
+      name,
+      value: "",
+      options: {
+        ...options.cookies.nonce.options,
+        maxAge: 0
+      }
+    });
+    checks.nonce = value.value;
+  }
+};

node_modules/next-auth/core/lib/oauth/client-legacy.d.ts

@@ -0,0 +1,8 @@
+import { OAuth } from "oauth";
+import type { InternalOptions } from "../../types";
+/**
+ * Client supporting OAuth 1.x
+ */
+export declare function oAuth1Client(options: InternalOptions<"oauth">): OAuth;
+export declare const oAuth1TokenStore: Map<any, any>;
+//# sourceMappingURL=client-legacy.d.ts.map

node_modules/next-auth/core/lib/oauth/client-legacy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client-legacy.d.ts","sourceRoot":"","sources":["../../../src/core/lib/oauth/client-legacy.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,KAAK,EAAE,MAAM,OAAO,CAAA;AAC7B,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;AAElD;;GAEG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,eAAe,CAAC,OAAO,CAAC,SA6D7D;AAED,eAAO,MAAM,gBAAgB,eAAY,CAAA"}

node_modules/next-auth/core/lib/oauth/client-legacy.js

@@ -0,0 +1,55 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.oAuth1Client = oAuth1Client;
+exports.oAuth1TokenStore = void 0;
+var _oauth = require("oauth");
+function oAuth1Client(options) {
+  var _provider$version, _provider$encoding;
+  const provider = options.provider;
+  const oauth1Client = new _oauth.OAuth(provider.requestTokenUrl, provider.accessTokenUrl, provider.clientId, provider.clientSecret, (_provider$version = provider.version) !== null && _provider$version !== void 0 ? _provider$version : "1.0", provider.callbackUrl, (_provider$encoding = provider.encoding) !== null && _provider$encoding !== void 0 ? _provider$encoding : "HMAC-SHA1");
+  const originalGet = oauth1Client.get.bind(oauth1Client);
+  oauth1Client.get = async (...args) => {
+    return await new Promise((resolve, reject) => {
+      originalGet(...args, (error, result) => {
+        if (error) {
+          return reject(error);
+        }
+        resolve(result);
+      });
+    });
+  };
+  const originalGetOAuth1AccessToken = oauth1Client.getOAuthAccessToken.bind(oauth1Client);
+  oauth1Client.getOAuthAccessToken = async (...args) => {
+    return await new Promise((resolve, reject) => {
+      originalGetOAuth1AccessToken(...args, (error, oauth_token, oauth_token_secret) => {
+        if (error) {
+          return reject(error);
+        }
+        resolve({
+          oauth_token,
+          oauth_token_secret
+        });
+      });
+    });
+  };
+  const originalGetOAuthRequestToken = oauth1Client.getOAuthRequestToken.bind(oauth1Client);
+  oauth1Client.getOAuthRequestToken = async (params = {}) => {
+    return await new Promise((resolve, reject) => {
+      originalGetOAuthRequestToken(params, (error, oauth_token, oauth_token_secret, params) => {
+        if (error) {
+          return reject(error);
+        }
+        resolve({
+          oauth_token,
+          oauth_token_secret,
+          params
+        });
+      });
+    });
+  };
+  return oauth1Client;
+}
+const oAuth1TokenStore = exports.oAuth1TokenStore = new Map();

node_modules/next-auth/core/lib/oauth/client.d.ts

@@ -0,0 +1,11 @@
+import type { Client } from "openid-client";
+import type { InternalOptions } from "../../types";
+/**
+ * NOTE: We can add auto discovery of the provider's endpoint
+ * that requires only one endpoint to be specified by the user.
+ * Check out `Issuer.discover`
+ *
+ * Client supporting OAuth 2.x and OIDC
+ */
+export declare function openidClient(options: InternalOptions<"oauth">): Promise<Client>;
+//# sourceMappingURL=client.d.ts.map

node_modules/next-auth/core/lib/oauth/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../../src/core/lib/oauth/client.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,eAAe,CAAA;AAC3C,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;AAElD;;;;;;GAMG;AACH,wBAAsB,YAAY,CAChC,OAAO,EAAE,eAAe,CAAC,OAAO,CAAC,GAChC,OAAO,CAAC,MAAM,CAAC,CAkCjB"}

node_modules/next-auth/core/lib/oauth/client.js

@@ -0,0 +1,32 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.openidClient = openidClient;
+var _openidClient = require("openid-client");
+async function openidClient(options) {
+  const provider = options.provider;
+  if (provider.httpOptions) _openidClient.custom.setHttpOptionsDefaults(provider.httpOptions);
+  let issuer;
+  if (provider.wellKnown) {
+    issuer = await _openidClient.Issuer.discover(provider.wellKnown);
+  } else {
+    var _provider$authorizati, _provider$token, _provider$userinfo;
+    issuer = new _openidClient.Issuer({
+      issuer: provider.issuer,
+      authorization_endpoint: (_provider$authorizati = provider.authorization) === null || _provider$authorizati === void 0 ? void 0 : _provider$authorizati.url,
+      token_endpoint: (_provider$token = provider.token) === null || _provider$token === void 0 ? void 0 : _provider$token.url,
+      userinfo_endpoint: (_provider$userinfo = provider.userinfo) === null || _provider$userinfo === void 0 ? void 0 : _provider$userinfo.url,
+      jwks_uri: provider.jwks_endpoint
+    });
+  }
+  const client = new issuer.Client({
+    client_id: provider.clientId,
+    client_secret: provider.clientSecret,
+    redirect_uris: [provider.callbackUrl],
+    ...provider.client
+  }, provider.jwks);
+  client[_openidClient.custom.clock_tolerance] = 10;
+  return client;
+}

node_modules/next-auth/core/lib/providers.d.ts

@@ -0,0 +1,16 @@
+import type { InternalProvider } from "../types";
+import type { Provider } from "../../providers";
+import type { InternalUrl } from "../../utils/parse-url";
+/**
+ * Adds `signinUrl` and `callbackUrl` to each provider
+ * and deep merge user-defined options.
+ */
+export default function parseProviders(params: {
+    providers: Provider[];
+    url: InternalUrl;
+    providerId?: string;
+}): {
+    providers: InternalProvider[];
+    provider?: InternalProvider;
+};
+//# sourceMappingURL=providers.d.ts.map

node_modules/next-auth/core/lib/providers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"providers.d.ts","sourceRoot":"","sources":["../../src/core/lib/providers.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,gBAAgB,EAAuB,MAAM,UAAU,CAAA;AACrE,OAAO,KAAK,EAAe,QAAQ,EAAE,MAAM,iBAAiB,CAAA;AAC5D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAA;AAExD;;;GAGG;AACH,MAAM,CAAC,OAAO,UAAU,cAAc,CAAC,MAAM,EAAE;IAC7C,SAAS,EAAE,QAAQ,EAAE,CAAA;IACrB,GAAG,EAAE,WAAW,CAAA;IAChB,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB,GAAG;IACF,SAAS,EAAE,gBAAgB,EAAE,CAAA;IAC7B,QAAQ,CAAC,EAAE,gBAAgB,CAAA;CAC5B,CA4BA"}

node_modules/next-auth/core/lib/providers.js

@@ -0,0 +1,65 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.default = parseProviders;
+var _merge = require("../../utils/merge");
+function parseProviders(params) {
+  const {
+    url,
+    providerId
+  } = params;
+  const providers = params.providers.map(({
+    options: userOptions,
+    ...rest
+  }) => {
+    var _ref;
+    if (rest.type === "oauth") {
+      var _normalizedUserOption;
+      const normalizedOptions = normalizeOAuthOptions(rest);
+      const normalizedUserOptions = normalizeOAuthOptions(userOptions, true);
+      const id = (_normalizedUserOption = normalizedUserOptions === null || normalizedUserOptions === void 0 ? void 0 : normalizedUserOptions.id) !== null && _normalizedUserOption !== void 0 ? _normalizedUserOption : rest.id;
+      return (0, _merge.merge)(normalizedOptions, {
+        ...normalizedUserOptions,
+        signinUrl: `${url}/signin/${id}`,
+        callbackUrl: `${url}/callback/${id}`
+      });
+    }
+    const id = (_ref = userOptions === null || userOptions === void 0 ? void 0 : userOptions.id) !== null && _ref !== void 0 ? _ref : rest.id;
+    return (0, _merge.merge)(rest, {
+      ...userOptions,
+      signinUrl: `${url}/signin/${id}`,
+      callbackUrl: `${url}/callback/${id}`
+    });
+  });
+  return {
+    providers,
+    provider: providers.find(({
+      id
+    }) => id === providerId)
+  };
+}
+function normalizeOAuthOptions(oauthOptions, isUserOptions = false) {
+  var _normalized$version;
+  if (!oauthOptions) return;
+  const normalized = Object.entries(oauthOptions).reduce((acc, [key, value]) => {
+    if (["authorization", "token", "userinfo"].includes(key) && typeof value === "string") {
+      var _url$searchParams;
+      const url = new URL(value);
+      acc[key] = {
+        url: `${url.origin}${url.pathname}`,
+        params: Object.fromEntries((_url$searchParams = url.searchParams) !== null && _url$searchParams !== void 0 ? _url$searchParams : [])
+      };
+    } else {
+      acc[key] = value;
+    }
+    return acc;
+  }, {});
+  if (!isUserOptions && !((_normalized$version = normalized.version) !== null && _normalized$version !== void 0 && _normalized$version.startsWith("1."))) {
+    var _ref2, _normalized$idToken, _normalized$wellKnown, _normalized$authoriza;
+    normalized.idToken = Boolean((_ref2 = (_normalized$idToken = normalized.idToken) !== null && _normalized$idToken !== void 0 ? _normalized$idToken : (_normalized$wellKnown = normalized.wellKnown) === null || _normalized$wellKnown === void 0 ? void 0 : _normalized$wellKnown.includes("openid-configuration")) !== null && _ref2 !== void 0 ? _ref2 : (_normalized$authoriza = normalized.authorization) === null || _normalized$authoriza === void 0 || (_normalized$authoriza = _normalized$authoriza.params) === null || _normalized$authoriza === void 0 || (_normalized$authoriza = _normalized$authoriza.scope) === null || _normalized$authoriza === void 0 ? void 0 : _normalized$authoriza.includes("openid"));
+    if (!normalized.checks) normalized.checks = ["state"];
+  }
+  return normalized;
+}

node_modules/next-auth/core/lib/utils.d.ts

@@ -0,0 +1,20 @@
+import type { AuthOptions } from "../..";
+import type { InternalOptions } from "../types";
+import type { InternalUrl } from "../../utils/parse-url";
+/**
+ * Takes a number in seconds and returns the date in the future.
+ * Optionally takes a second date parameter. In that case
+ * the date in the future will be calculated from that date instead of now.
+ */
+export declare function fromDate(time: number, date?: number): Date;
+export declare function hashToken(token: string, options: InternalOptions<"email">): string;
+/**
+ * Secret used salt cookies and tokens (e.g. for CSRF protection).
+ * If no secret option is specified then it creates one on the fly
+ * based on options passed here. If options contains unique data, such as
+ * OAuth provider secrets and database credentials it should be sufficent. If no secret provided in production, we throw an error. */
+export declare function createSecret(params: {
+    authOptions: AuthOptions;
+    url: InternalUrl;
+}): string;
+//# sourceMappingURL=utils.d.ts.map

node_modules/next-auth/core/lib/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/core/lib/utils.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,OAAO,CAAA;AACxC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,UAAU,CAAA;AAC/C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAA;AAExD;;;;GAIG;AACH,wBAAgB,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,SAAa,QAEvD;AAED,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,OAAO,CAAC,UAQzE;AAED;;;;qIAIqI;AACrI,wBAAgB,YAAY,CAAC,MAAM,EAAE;IACnC,WAAW,EAAE,WAAW,CAAA;IACxB,GAAG,EAAE,WAAW,CAAA;CACjB,UAUA"}

node_modules/next-auth/core/lib/utils.js

@@ -0,0 +1,31 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.createSecret = createSecret;
+exports.fromDate = fromDate;
+exports.hashToken = hashToken;
+var _crypto = require("crypto");
+function fromDate(time, date = Date.now()) {
+  return new Date(date + time * 1000);
+}
+function hashToken(token, options) {
+  var _provider$secret;
+  const {
+    provider,
+    secret
+  } = options;
+  return (0, _crypto.createHash)("sha256").update(`${token}${(_provider$secret = provider.secret) !== null && _provider$secret !== void 0 ? _provider$secret : secret}`).digest("hex");
+}
+function createSecret(params) {
+  var _authOptions$secret;
+  const {
+    authOptions,
+    url
+  } = params;
+  return (_authOptions$secret = authOptions.secret) !== null && _authOptions$secret !== void 0 ? _authOptions$secret : (0, _crypto.createHash)("sha256").update(JSON.stringify({
+    ...url,
+    ...authOptions
+  })).digest("hex");
+}