{"version":3,"file":"index.mjs","sources":["../src/common/get-base-url.ts","../src/common/default-forwarded-headers.ts","../src/common/process-location-header.ts","../src/common/get-cookie-domain.ts","../src/next-edge-app/index.ts"],"sourcesContent":["import { type CreateApiHandlerOptions } from \"../type/create-api-handler-options\"\n\nexport function getBaseUrl(options: CreateApiHandlerOptions) {\n  let baseUrl = options.fallbackToPlayground\n    ? \"https://playground.projects.oryapis.com/\"\n    : \"\"\n\n  if (process.env.ORY_SDK_URL) {\n    baseUrl = process.env.ORY_SDK_URL\n  }\n\n  if (process.env.ORY_KRATOS_URL) {\n    baseUrl = process.env.ORY_KRATOS_URL\n  }\n\n  if (process.env.ORY_SDK_URL && process.env.ORY_KRATOS_URL) {\n    throw new Error(\"Only one of ORY_SDK_URL or ORY_KRATOS_URL can be set.\")\n  }\n\n  if (options.apiBaseUrlOverride) {\n    baseUrl = options.apiBaseUrlOverride\n  }\n\n  return baseUrl.replace(/\\/$/, \"\")\n}\nexport { CreateApiHandlerOptions }\n","export const defaultForwardedHeaders = [\n  \"accept\",\n  \"accept-charset\",\n  \"accept-encoding\",\n  \"accept-language\",\n  \"authorization\",\n  \"cache-control\",\n  \"content-type\",\n  \"cookie\",\n  \"host\",\n  \"user-agent\",\n  \"referer\",\n]\n","export function processLocationHeader(\n  locationHeaderValue: string,\n  baseUrl: string,\n) {\n  if (locationHeaderValue.startsWith(baseUrl)) {\n    return locationHeaderValue.replace(baseUrl, \"/api/.ory\")\n  }\n\n  if (\n    locationHeaderValue.startsWith(\"/api/kratos/public/\") ||\n    locationHeaderValue.startsWith(\"/self-service/\") ||\n    locationHeaderValue.startsWith(\"/ui/\")\n  ) {\n    return \"/api/.ory\" + locationHeaderValue\n  }\n\n  return locationHeaderValue\n}\n","import tldjs from \"tldjs\"\nimport { CreateApiHandlerOptions } from \"./get-base-url\"\n\nexport function guessCookieDomain(\n  url: string | undefined,\n  options: CreateApiHandlerOptions,\n) {\n  if (!url || options.forceCookieDomain) {\n    return options.forceCookieDomain\n  }\n\n  if (options.dontUseTldForCookieDomain) {\n    return undefined\n  }\n\n  const parsed = tldjs.parse(url || \"\")\n\n  if (!parsed.isValid || parsed.isIp) {\n    return undefined\n  }\n\n  if (!parsed.domain) {\n    return parsed.hostname\n  }\n\n  return parsed.domain\n}\n","import { SerializeOptions as CookieSerializeOptions, serialize } from \"cookie\"\nimport { headers } from \"next/headers\"\nimport { redirect } from \"next/navigation\"\nimport { NextResponse, type NextRequest } from \"next/server\"\nimport parse, { splitCookiesString } from \"set-cookie-parser\"\nimport { getBaseUrl } from \"../common/get-base-url\"\nimport { CreateApiHandlerOptions } from \"../type/create-api-handler-options\"\nimport { defaultForwardedHeaders } from \"../common/default-forwarded-headers\"\nimport { processLocationHeader } from \"../common/process-location-header\"\nimport { guessCookieDomain } from \"../common/get-cookie-domain\"\n\nexport function filterRequestHeaders(\n  forwardAdditionalHeaders?: string[],\n): Headers {\n  const filteredHeaders = new Headers()\n  headers().forEach((value, key) => {\n    const isValid =\n      defaultForwardedHeaders.includes(key) ||\n      (forwardAdditionalHeaders ?? []).includes(key)\n    if (isValid) filteredHeaders.set(key, value)\n  })\n\n  return filteredHeaders\n}\n\nfunction processSetCookieHeader(\n  protocol: string,\n  fetchResponse: Response,\n  options: CreateApiHandlerOptions,\n) {\n  const requestHeaders = headers()\n  const isTls =\n    protocol === \"https:\" || requestHeaders.get(\"x-forwarded-proto\") === \"https\"\n\n  const secure =\n    options.forceCookieSecure === undefined ? isTls : options.forceCookieSecure\n\n  const forwarded = requestHeaders.get(\"x-forwarded-host\")\n  const host = forwarded ? forwarded : requestHeaders.get(\"host\")\n  const domain = guessCookieDomain(host, options)\n\n  return parse(\n    splitCookiesString(fetchResponse.headers.get(\"set-cookie\") || \"\"),\n  )\n    .map((cookie) => ({\n      ...cookie,\n      domain,\n      secure,\n      encode: (v: string) => v,\n    }))\n    .map(({ value, name, ...options }) =>\n      serialize(name, value, options as CookieSerializeOptions),\n    )\n}\n\nexport function createApiHandler(options: CreateApiHandlerOptions) {\n  const baseUrl = getBaseUrl(options)\n\n  const handler = async (\n    request: NextRequest,\n    { params }: { params: { path: string[] } },\n  ) => {\n    const path = request.nextUrl.pathname.replace(\"/api/.ory\", \"\")\n    const url = new URL(path, baseUrl)\n    url.search = request.nextUrl.search\n\n    if (path === \"ui/welcome\") {\n      // A special for redirecting to the home page\n      // if we were being redirected to the hosted UI\n      // welcome page.\n      redirect(\"../../../\")\n    }\n\n    const requestHeaders = filterRequestHeaders(\n      options.forwardAdditionalHeaders,\n    )\n\n    requestHeaders.set(\"X-Ory-Base-URL-Rewrite\", \"false\")\n    requestHeaders.set(\"Ory-Base-URL-Rewrite\", \"false\")\n    requestHeaders.set(\"Ory-No-Custom-Domain-Redirect\", \"true\")\n\n    // Only effective in CI.\n    if (\n      process.env.ORY_CI_RATE_LIMIT_HEADER &&\n      process.env.ORY_CI_RATE_LIMIT_HEADER_VALUE\n    ) {\n      requestHeaders.set(\n        process.env.ORY_CI_RATE_LIMIT_HEADER,\n        process.env.ORY_CI_RATE_LIMIT_HEADER_VALUE,\n      )\n    }\n\n    try {\n      const response = await fetch(url, {\n        method: request.method,\n        headers: requestHeaders,\n        body:\n          request.method !== \"GET\" && request.method !== \"HEAD\"\n            ? await request.arrayBuffer()\n            : null,\n        redirect: \"manual\",\n      })\n\n      const responseHeaders = new Headers()\n      for (const [key, value] of response.headers) {\n        responseHeaders.append(key, value)\n      }\n\n      responseHeaders.delete(\"location\")\n      responseHeaders.delete(\"set-cookie\")\n      if (response.headers.get(\"set-cookie\")) {\n        const cookies = processSetCookieHeader(\n          request.nextUrl.protocol,\n          response,\n          options,\n        )\n        cookies.forEach((cookie) => {\n          responseHeaders.append(\"Set-Cookie\", cookie)\n        })\n      }\n\n      if (response.headers.get(\"location\")) {\n        const location = processLocationHeader(\n          response.headers.get(\"location\"),\n          baseUrl,\n        )\n        responseHeaders.set(\"location\", location)\n      }\n\n      responseHeaders.delete(\"transfer-encoding\")\n      responseHeaders.delete(\"content-encoding\")\n      responseHeaders.delete(\"content-length\")\n\n      const buf = Buffer.from(await response.arrayBuffer())\n\n      try {\n        return new NextResponse(\n          buf.toString(\"utf-8\").replace(new RegExp(baseUrl, \"g\"), \"/api/.ory\"),\n          {\n            status: response.status,\n            headers: responseHeaders,\n          },\n        )\n      } catch (err) {\n        return new NextResponse(response.body, {\n          status: response.status,\n          headers: responseHeaders,\n        })\n      }\n    } catch (error) {\n      console.error(error, {\n        path,\n        url,\n        method: request.method,\n        headers: requestHeaders,\n      })\n      throw error\n    }\n  }\n\n  return {\n    GET: handler,\n    POST: handler,\n  }\n}\n"],"names":["options"],"mappings":";;;;;;;AAEO,SAAS,WAAW,OAAkC,EAAA;AAC3D,EAAI,IAAA,OAAA,GAAU,OAAQ,CAAA,oBAAA,GAClB,0CACA,GAAA,EAAA,CAAA;AAEJ,EAAI,IAAA,OAAA,CAAQ,IAAI,WAAa,EAAA;AAC3B,IAAA,OAAA,GAAU,QAAQ,GAAI,CAAA,WAAA,CAAA;AAAA,GACxB;AAEA,EAAI,IAAA,OAAA,CAAQ,IAAI,cAAgB,EAAA;AAC9B,IAAA,OAAA,GAAU,QAAQ,GAAI,CAAA,cAAA,CAAA;AAAA,GACxB;AAEA,EAAA,IAAI,OAAQ,CAAA,GAAA,CAAI,WAAe,IAAA,OAAA,CAAQ,IAAI,cAAgB,EAAA;AACzD,IAAM,MAAA,IAAI,MAAM,uDAAuD,CAAA,CAAA;AAAA,GACzE;AAEA,EAAA,IAAI,QAAQ,kBAAoB,EAAA;AAC9B,IAAA,OAAA,GAAU,OAAQ,CAAA,kBAAA,CAAA;AAAA,GACpB;AAEA,EAAO,OAAA,OAAA,CAAQ,OAAQ,CAAA,KAAA,EAAO,EAAE,CAAA,CAAA;AAClC;;ACxBO,MAAM,uBAA0B,GAAA;AAAA,EACrC,QAAA;AAAA,EACA,gBAAA;AAAA,EACA,iBAAA;AAAA,EACA,iBAAA;AAAA,EACA,eAAA;AAAA,EACA,eAAA;AAAA,EACA,cAAA;AAAA,EACA,QAAA;AAAA,EACA,MAAA;AAAA,EACA,YAAA;AAAA,EACA,SAAA;AACF,CAAA;;ACZgB,SAAA,qBAAA,CACd,qBACA,OACA,EAAA;AACA,EAAI,IAAA,mBAAA,CAAoB,UAAW,CAAA,OAAO,CAAG,EAAA;AAC3C,IAAO,OAAA,mBAAA,CAAoB,OAAQ,CAAA,OAAA,EAAS,WAAW,CAAA,CAAA;AAAA,GACzD;AAEA,EACE,IAAA,mBAAA,CAAoB,UAAW,CAAA,qBAAqB,CACpD,IAAA,mBAAA,CAAoB,UAAW,CAAA,gBAAgB,CAC/C,IAAA,mBAAA,CAAoB,UAAW,CAAA,MAAM,CACrC,EAAA;AACA,IAAA,OAAO,WAAc,GAAA,mBAAA,CAAA;AAAA,GACvB;AAEA,EAAO,OAAA,mBAAA,CAAA;AACT;;ACdgB,SAAA,iBAAA,CACd,KACA,OACA,EAAA;AACA,EAAI,IAAA,CAAC,GAAO,IAAA,OAAA,CAAQ,iBAAmB,EAAA;AACrC,IAAA,OAAO,OAAQ,CAAA,iBAAA,CAAA;AAAA,GACjB;AAEA,EAAA,IAAI,QAAQ,yBAA2B,EAAA;AACrC,IAAO,OAAA,KAAA,CAAA,CAAA;AAAA,GACT;AAEA,EAAA,MAAM,MAAS,GAAA,KAAA,CAAM,KAAM,CAAA,GAAA,IAAO,EAAE,CAAA,CAAA;AAEpC,EAAA,IAAI,CAAC,MAAA,CAAO,OAAW,IAAA,MAAA,CAAO,IAAM,EAAA;AAClC,IAAO,OAAA,KAAA,CAAA,CAAA;AAAA,GACT;AAEA,EAAI,IAAA,CAAC,OAAO,MAAQ,EAAA;AAClB,IAAA,OAAO,MAAO,CAAA,QAAA,CAAA;AAAA,GAChB;AAEA,EAAA,OAAO,MAAO,CAAA,MAAA,CAAA;AAChB;;ACfO,SAAS,qBACd,wBACS,EAAA;AACT,EAAM,MAAA,eAAA,GAAkB,IAAI,OAAQ,EAAA,CAAA;AACpC,EAAA,OAAA,EAAU,CAAA,OAAA,CAAQ,CAAC,KAAA,EAAO,GAAQ,KAAA;AAChC,IAAM,MAAA,OAAA,GACJ,wBAAwB,QAAS,CAAA,GAAG,MACnC,wBAA4B,IAAA,EAAI,EAAA,QAAA,CAAS,GAAG,CAAA,CAAA;AAC/C,IAAI,IAAA,OAAA;AAAS,MAAgB,eAAA,CAAA,GAAA,CAAI,KAAK,KAAK,CAAA,CAAA;AAAA,GAC5C,CAAA,CAAA;AAED,EAAO,OAAA,eAAA,CAAA;AACT,CAAA;AAEA,SAAS,sBAAA,CACP,QACA,EAAA,aAAA,EACA,OACA,EAAA;AACA,EAAA,MAAM,iBAAiB,OAAQ,EAAA,CAAA;AAC/B,EAAA,MAAM,QACJ,QAAa,KAAA,QAAA,IAAY,cAAe,CAAA,GAAA,CAAI,mBAAmB,CAAM,KAAA,OAAA,CAAA;AAEvE,EAAA,MAAM,MACJ,GAAA,OAAA,CAAQ,iBAAsB,KAAA,KAAA,CAAA,GAAY,QAAQ,OAAQ,CAAA,iBAAA,CAAA;AAE5D,EAAM,MAAA,SAAA,GAAY,cAAe,CAAA,GAAA,CAAI,kBAAkB,CAAA,CAAA;AACvD,EAAA,MAAM,IAAO,GAAA,SAAA,GAAY,SAAY,GAAA,cAAA,CAAe,IAAI,MAAM,CAAA,CAAA;AAC9D,EAAM,MAAA,MAAA,GAAS,iBAAkB,CAAA,IAAA,EAAM,OAAO,CAAA,CAAA;AAE9C,EAAO,OAAA,KAAA;AAAA,IACL,mBAAmB,aAAc,CAAA,OAAA,CAAQ,GAAI,CAAA,YAAY,KAAK,EAAE,CAAA;AAAA,GAClE,CACG,GAAI,CAAA,CAAC,MAAY,MAAA;AAAA,IAChB,GAAG,MAAA;AAAA,IACH,MAAA;AAAA,IACA,MAAA;AAAA,IACA,MAAA,EAAQ,CAAC,CAAc,KAAA,CAAA;AAAA,IACvB,CACD,CAAA,GAAA;AAAA,IAAI,CAAC,EAAE,KAAA,EAAO,IAAM,EAAA,GAAGA,UACtB,KAAA,SAAA,CAAU,IAAM,EAAA,KAAA,EAAOA,QAAiC,CAAA;AAAA,GAC1D,CAAA;AACJ,CAAA;AAEO,SAAS,iBAAiB,OAAkC,EAAA;AACjE,EAAM,MAAA,OAAA,GAAU,WAAW,OAAO,CAAA,CAAA;AAElC,EAAA,MAAM,OAAU,GAAA,OACd,OACA,EAAA,EAAE,QACC,KAAA;AACH,IAAA,MAAM,OAAO,OAAQ,CAAA,OAAA,CAAQ,QAAS,CAAA,OAAA,CAAQ,aAAa,EAAE,CAAA,CAAA;AAC7D,IAAA,MAAM,GAAM,GAAA,IAAI,GAAI,CAAA,IAAA,EAAM,OAAO,CAAA,CAAA;AACjC,IAAI,GAAA,CAAA,MAAA,GAAS,QAAQ,OAAQ,CAAA,MAAA,CAAA;AAE7B,IAAA,IAAI,SAAS,YAAc,EAAA;AAIzB,MAAA,QAAA,CAAS,WAAW,CAAA,CAAA;AAAA,KACtB;AAEA,IAAA,MAAM,cAAiB,GAAA,oBAAA;AAAA,MACrB,OAAQ,CAAA,wBAAA;AAAA,KACV,CAAA;AAEA,IAAe,cAAA,CAAA,GAAA,CAAI,0BAA0B,OAAO,CAAA,CAAA;AACpD,IAAe,cAAA,CAAA,GAAA,CAAI,wBAAwB,OAAO,CAAA,CAAA;AAClD,IAAe,cAAA,CAAA,GAAA,CAAI,iCAAiC,MAAM,CAAA,CAAA;AAG1D,IAAA,IACE,OAAQ,CAAA,GAAA,CAAI,wBACZ,IAAA,OAAA,CAAQ,IAAI,8BACZ,EAAA;AACA,MAAe,cAAA,CAAA,GAAA;AAAA,QACb,QAAQ,GAAI,CAAA,wBAAA;AAAA,QACZ,QAAQ,GAAI,CAAA,8BAAA;AAAA,OACd,CAAA;AAAA,KACF;AAEA,IAAI,IAAA;AACF,MAAM,MAAA,QAAA,GAAW,MAAM,KAAA,CAAM,GAAK,EAAA;AAAA,QAChC,QAAQ,OAAQ,CAAA,MAAA;AAAA,QAChB,OAAS,EAAA,cAAA;AAAA,QACT,IAAA,EACE,OAAQ,CAAA,MAAA,KAAW,KAAS,IAAA,OAAA,CAAQ,WAAW,MAC3C,GAAA,MAAM,OAAQ,CAAA,WAAA,EACd,GAAA,IAAA;AAAA,QACN,QAAU,EAAA,QAAA;AAAA,OACX,CAAA,CAAA;AAED,MAAM,MAAA,eAAA,GAAkB,IAAI,OAAQ,EAAA,CAAA;AACpC,MAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,CAAA,IAAK,SAAS,OAAS,EAAA;AAC3C,QAAgB,eAAA,CAAA,MAAA,CAAO,KAAK,KAAK,CAAA,CAAA;AAAA,OACnC;AAEA,MAAA,eAAA,CAAgB,OAAO,UAAU,CAAA,CAAA;AACjC,MAAA,eAAA,CAAgB,OAAO,YAAY,CAAA,CAAA;AACnC,MAAA,IAAI,QAAS,CAAA,OAAA,CAAQ,GAAI,CAAA,YAAY,CAAG,EAAA;AACtC,QAAA,MAAM,OAAU,GAAA,sBAAA;AAAA,UACd,QAAQ,OAAQ,CAAA,QAAA;AAAA,UAChB,QAAA;AAAA,UACA,OAAA;AAAA,SACF,CAAA;AACA,QAAQ,OAAA,CAAA,OAAA,CAAQ,CAAC,MAAW,KAAA;AAC1B,UAAgB,eAAA,CAAA,MAAA,CAAO,cAAc,MAAM,CAAA,CAAA;AAAA,SAC5C,CAAA,CAAA;AAAA,OACH;AAEA,MAAA,IAAI,QAAS,CAAA,OAAA,CAAQ,GAAI,CAAA,UAAU,CAAG,EAAA;AACpC,QAAA,MAAM,QAAW,GAAA,qBAAA;AAAA,UACf,QAAA,CAAS,OAAQ,CAAA,GAAA,CAAI,UAAU,CAAA;AAAA,UAC/B,OAAA;AAAA,SACF,CAAA;AACA,QAAgB,eAAA,CAAA,GAAA,CAAI,YAAY,QAAQ,CAAA,CAAA;AAAA,OAC1C;AAEA,MAAA,eAAA,CAAgB,OAAO,mBAAmB,CAAA,CAAA;AAC1C,MAAA,eAAA,CAAgB,OAAO,kBAAkB,CAAA,CAAA;AACzC,MAAA,eAAA,CAAgB,OAAO,gBAAgB,CAAA,CAAA;AAEvC,MAAA,MAAM,MAAM,MAAO,CAAA,IAAA,CAAK,MAAM,QAAA,CAAS,aAAa,CAAA,CAAA;AAEpD,MAAI,IAAA;AACF,QAAA,OAAO,IAAI,YAAA;AAAA,UACT,GAAA,CAAI,QAAS,CAAA,OAAO,CAAE,CAAA,OAAA,CAAQ,IAAI,MAAO,CAAA,OAAA,EAAS,GAAG,CAAA,EAAG,WAAW,CAAA;AAAA,UACnE;AAAA,YACE,QAAQ,QAAS,CAAA,MAAA;AAAA,YACjB,OAAS,EAAA,eAAA;AAAA,WACX;AAAA,SACF,CAAA;AAAA,eACO,GAAK,EAAA;AACZ,QAAO,OAAA,IAAI,YAAa,CAAA,QAAA,CAAS,IAAM,EAAA;AAAA,UACrC,QAAQ,QAAS,CAAA,MAAA;AAAA,UACjB,OAAS,EAAA,eAAA;AAAA,SACV,CAAA,CAAA;AAAA,OACH;AAAA,aACO,KAAO,EAAA;AACd,MAAA,OAAA,CAAQ,MAAM,KAAO,EAAA;AAAA,QACnB,IAAA;AAAA,QACA,GAAA;AAAA,QACA,QAAQ,OAAQ,CAAA,MAAA;AAAA,QAChB,OAAS,EAAA,cAAA;AAAA,OACV,CAAA,CAAA;AACD,MAAM,MAAA,KAAA,CAAA;AAAA,KACR;AAAA,GACF,CAAA;AAEA,EAAO,OAAA;AAAA,IACL,GAAK,EAAA,OAAA;AAAA,IACL,IAAM,EAAA,OAAA;AAAA,GACR,CAAA;AACF;;;;"}