{"version":3,"file":"index.mjs","sources":["../src/common/get-base-url.ts","../src/common/default-forwarded-headers.ts","../src/common/process-location-header.ts","../src/common/get-cookie-domain.ts","../src/next-edge/index.ts"],"sourcesContent":["import { type CreateApiHandlerOptions } from \"../type/create-api-handler-options\"\n\nexport function getBaseUrl(options: CreateApiHandlerOptions) {\n  let baseUrl = options.fallbackToPlayground\n    ? \"https://playground.projects.oryapis.com/\"\n    : \"\"\n\n  if (process.env.ORY_SDK_URL) {\n    baseUrl = process.env.ORY_SDK_URL\n  }\n\n  if (process.env.ORY_KRATOS_URL) {\n    baseUrl = process.env.ORY_KRATOS_URL\n  }\n\n  if (process.env.ORY_SDK_URL && process.env.ORY_KRATOS_URL) {\n    throw new Error(\"Only one of ORY_SDK_URL or ORY_KRATOS_URL can be set.\")\n  }\n\n  if (options.apiBaseUrlOverride) {\n    baseUrl = options.apiBaseUrlOverride\n  }\n\n  return baseUrl.replace(/\\/$/, \"\")\n}\nexport { CreateApiHandlerOptions }\n","export const defaultForwardedHeaders = [\n  \"accept\",\n  \"accept-charset\",\n  \"accept-encoding\",\n  \"accept-language\",\n  \"authorization\",\n  \"cache-control\",\n  \"content-type\",\n  \"cookie\",\n  \"host\",\n  \"user-agent\",\n  \"referer\",\n]\n","export function processLocationHeader(\n  locationHeaderValue: string,\n  baseUrl: string,\n) {\n  if (locationHeaderValue.startsWith(baseUrl)) {\n    return locationHeaderValue.replace(baseUrl, \"/api/.ory\")\n  }\n\n  if (\n    locationHeaderValue.startsWith(\"/api/kratos/public/\") ||\n    locationHeaderValue.startsWith(\"/self-service/\") ||\n    locationHeaderValue.startsWith(\"/ui/\")\n  ) {\n    return \"/api/.ory\" + locationHeaderValue\n  }\n\n  return locationHeaderValue\n}\n","import tldjs from \"tldjs\"\nimport { CreateApiHandlerOptions } from \"./get-base-url\"\n\nexport function guessCookieDomain(\n  url: string | undefined,\n  options: CreateApiHandlerOptions,\n) {\n  if (!url || options.forceCookieDomain) {\n    return options.forceCookieDomain\n  }\n\n  if (options.dontUseTldForCookieDomain) {\n    return undefined\n  }\n\n  const parsed = tldjs.parse(url || \"\")\n\n  if (!parsed.isValid || parsed.isIp) {\n    return undefined\n  }\n\n  if (!parsed.domain) {\n    return parsed.hostname\n  }\n\n  return parsed.domain\n}\n","import { SerializeOptions as CookieSerializeOptions, serialize } from \"cookie\"\nimport { IncomingHttpHeaders } from \"http\"\nimport { isText } from \"istextorbinary\"\nimport { NextApiRequest, NextApiResponse } from \"next\"\nimport parse, { splitCookiesString } from \"set-cookie-parser\"\nimport { CreateApiHandlerOptions } from \"../type/create-api-handler-options\"\nimport { getBaseUrl } from \"../common/get-base-url\"\nimport { defaultForwardedHeaders } from \"../common/default-forwarded-headers\"\nimport { processLocationHeader } from \"../common/process-location-header\"\nimport { guessCookieDomain } from \"../common/get-cookie-domain\"\n\nfunction readRawBody(req: NextApiRequest): Promise<Buffer> {\n  return new Promise((resolve, reject) => {\n    const chunks: Uint8Array[] = []\n    req.on(\"data\", (chunk) => chunks.push(chunk))\n    req.on(\"end\", () => resolve(Buffer.concat(chunks)))\n    req.on(\"error\", (err) => reject(err))\n  })\n}\n\nexport function filterRequestHeaders(\n  headers: IncomingHttpHeaders,\n  forwardAdditionalHeaders?: string[],\n): Headers {\n  const filteredHeaders = new Headers()\n  Object.entries(headers).forEach(([key, value]) => {\n    const isValid =\n      defaultForwardedHeaders.includes(key) ||\n      (forwardAdditionalHeaders ?? []).includes(key)\n    if (isValid)\n      filteredHeaders.set(key, Array.isArray(value) ? value.join(\",\") : value)\n  })\n  return filteredHeaders\n}\n\n/**\n * The NextJS API configuration\n */\nexport const config = {\n  api: {\n    bodyParser: false,\n  },\n}\n\nfunction processSetCookieHeader(\n  protocol: string,\n  originalReq: NextApiRequest,\n  fetchResponse: Response,\n  options: CreateApiHandlerOptions,\n) {\n  const isTls =\n    protocol === \"https:\" ||\n    originalReq.headers[\"x-forwarded-proto\"] === \"https\"\n\n  const secure =\n    options.forceCookieSecure === undefined ? isTls : options.forceCookieSecure\n\n  const forwarded = originalReq.rawHeaders.findIndex(\n    (h) => h.toLowerCase() === \"x-forwarded-host\",\n  )\n  const host =\n    forwarded > -1\n      ? originalReq.rawHeaders[forwarded + 1]\n      : originalReq.headers.host\n  const domain = guessCookieDomain(host, options)\n\n  return parse(\n    splitCookiesString(fetchResponse.headers.get(\"set-cookie\") || \"\"),\n  )\n    .map((cookie) => ({\n      ...cookie,\n      domain,\n      secure,\n      encode: (v: string) => v,\n    }))\n    .map(({ value, name, ...options }) =>\n      serialize(name, value, options as CookieSerializeOptions),\n    )\n}\n\n/**\n * Creates a NextJS / Vercel API Handler\n *\n * For this handler to work, please set the environment variable `ORY_SDK_URL`.\n */\nexport function createApiHandler(options: CreateApiHandlerOptions) {\n  const baseUrl = getBaseUrl(options)\n  return async (req: NextApiRequest, res: NextApiResponse<string>) => {\n    const { paths, ...query } = req.query\n\n    const searchParams = new URLSearchParams()\n    Object.keys(query).forEach((key) => {\n      searchParams.set(key, String(query[key]))\n    })\n\n    const path = Array.isArray(paths) ? paths.join(\"/\") : paths\n\n    const url = new URL(path, baseUrl)\n    url.search = searchParams.toString()\n\n    if (path === \"ui/welcome\") {\n      // A special for redirecting to the home page\n      // if we were being redirected to the hosted UI\n      // welcome page.\n      res.redirect(303, \"../../../\")\n      return\n    }\n\n    const headers = filterRequestHeaders(\n      req.headers,\n      options.forwardAdditionalHeaders,\n    )\n\n    headers.set(\"X-Ory-Base-URL-Rewrite\", \"false\")\n    headers.set(\"Ory-Base-URL-Rewrite\", \"false\")\n    headers.set(\"Ory-No-Custom-Domain-Redirect\", \"true\")\n\n    // Only effective in CI.\n    if (\n      process.env.ORY_CI_RATE_LIMIT_HEADER &&\n      process.env.ORY_CI_RATE_LIMIT_HEADER_VALUE\n    ) {\n      headers.set(\n        process.env.ORY_CI_RATE_LIMIT_HEADER,\n        process.env.ORY_CI_RATE_LIMIT_HEADER_VALUE,\n      )\n    }\n\n    const response = await fetch(url, {\n      method: req.method,\n      headers,\n      body:\n        req.method !== \"GET\" && req.method !== \"HEAD\"\n          ? await readRawBody(req)\n          : null,\n      redirect: \"manual\",\n    })\n\n    for (const [key, value] of response.headers) {\n      res.appendHeader(key, value)\n    }\n\n    res.removeHeader(\"set-cookie\")\n    res.removeHeader(\"location\")\n\n    if (response.headers.get(\"set-cookie\")) {\n      const cookies = processSetCookieHeader(\n        (req as unknown as { protocol: string }).protocol,\n        req,\n        response,\n        options,\n      )\n      cookies.forEach((cookie) => {\n        res.appendHeader(\"Set-Cookie\", cookie)\n      })\n    }\n\n    if (response.headers.get(\"location\")) {\n      const location = processLocationHeader(\n        response.headers.get(\"location\"),\n        baseUrl,\n      )\n      res.setHeader(\"Location\", location)\n    }\n\n    res.removeHeader(\"transfer-encoding\")\n    res.removeHeader(\"content-encoding\")\n    res.removeHeader(\"content-length\")\n\n    res.status(response.status)\n\n    const buf = Buffer.from(await response.arrayBuffer())\n\n    if (buf.byteLength > 0) {\n      if (isText(null, buf)) {\n        res.send(\n          buf.toString(\"utf-8\").replace(new RegExp(baseUrl, \"g\"), \"/api/.ory\"),\n        )\n      } else {\n        res.write(buf)\n      }\n    }\n\n    res.end()\n  }\n}\n"],"names":["options"],"mappings":";;;;;AAEO,SAAS,WAAW,OAAkC,EAAA;AAC3D,EAAI,IAAA,OAAA,GAAU,OAAQ,CAAA,oBAAA,GAClB,0CACA,GAAA,EAAA,CAAA;AAEJ,EAAI,IAAA,OAAA,CAAQ,IAAI,WAAa,EAAA;AAC3B,IAAA,OAAA,GAAU,QAAQ,GAAI,CAAA,WAAA,CAAA;AAAA,GACxB;AAEA,EAAI,IAAA,OAAA,CAAQ,IAAI,cAAgB,EAAA;AAC9B,IAAA,OAAA,GAAU,QAAQ,GAAI,CAAA,cAAA,CAAA;AAAA,GACxB;AAEA,EAAA,IAAI,OAAQ,CAAA,GAAA,CAAI,WAAe,IAAA,OAAA,CAAQ,IAAI,cAAgB,EAAA;AACzD,IAAM,MAAA,IAAI,MAAM,uDAAuD,CAAA,CAAA;AAAA,GACzE;AAEA,EAAA,IAAI,QAAQ,kBAAoB,EAAA;AAC9B,IAAA,OAAA,GAAU,OAAQ,CAAA,kBAAA,CAAA;AAAA,GACpB;AAEA,EAAO,OAAA,OAAA,CAAQ,OAAQ,CAAA,KAAA,EAAO,EAAE,CAAA,CAAA;AAClC;;ACxBO,MAAM,uBAA0B,GAAA;AAAA,EACrC,QAAA;AAAA,EACA,gBAAA;AAAA,EACA,iBAAA;AAAA,EACA,iBAAA;AAAA,EACA,eAAA;AAAA,EACA,eAAA;AAAA,EACA,cAAA;AAAA,EACA,QAAA;AAAA,EACA,MAAA;AAAA,EACA,YAAA;AAAA,EACA,SAAA;AACF,CAAA;;ACZgB,SAAA,qBAAA,CACd,qBACA,OACA,EAAA;AACA,EAAI,IAAA,mBAAA,CAAoB,UAAW,CAAA,OAAO,CAAG,EAAA;AAC3C,IAAO,OAAA,mBAAA,CAAoB,OAAQ,CAAA,OAAA,EAAS,WAAW,CAAA,CAAA;AAAA,GACzD;AAEA,EACE,IAAA,mBAAA,CAAoB,UAAW,CAAA,qBAAqB,CACpD,IAAA,mBAAA,CAAoB,UAAW,CAAA,gBAAgB,CAC/C,IAAA,mBAAA,CAAoB,UAAW,CAAA,MAAM,CACrC,EAAA;AACA,IAAA,OAAO,WAAc,GAAA,mBAAA,CAAA;AAAA,GACvB;AAEA,EAAO,OAAA,mBAAA,CAAA;AACT;;ACdgB,SAAA,iBAAA,CACd,KACA,OACA,EAAA;AACA,EAAI,IAAA,CAAC,GAAO,IAAA,OAAA,CAAQ,iBAAmB,EAAA;AACrC,IAAA,OAAO,OAAQ,CAAA,iBAAA,CAAA;AAAA,GACjB;AAEA,EAAA,IAAI,QAAQ,yBAA2B,EAAA;AACrC,IAAO,OAAA,KAAA,CAAA,CAAA;AAAA,GACT;AAEA,EAAA,MAAM,MAAS,GAAA,KAAA,CAAM,KAAM,CAAA,GAAA,IAAO,EAAE,CAAA,CAAA;AAEpC,EAAA,IAAI,CAAC,MAAA,CAAO,OAAW,IAAA,MAAA,CAAO,IAAM,EAAA;AAClC,IAAO,OAAA,KAAA,CAAA,CAAA;AAAA,GACT;AAEA,EAAI,IAAA,CAAC,OAAO,MAAQ,EAAA;AAClB,IAAA,OAAO,MAAO,CAAA,QAAA,CAAA;AAAA,GAChB;AAEA,EAAA,OAAO,MAAO,CAAA,MAAA,CAAA;AAChB;;ACfA,SAAS,YAAY,GAAsC,EAAA;AACzD,EAAA,OAAO,IAAI,OAAA,CAAQ,CAAC,OAAA,EAAS,MAAW,KAAA;AACtC,IAAA,MAAM,SAAuB,EAAC,CAAA;AAC9B,IAAA,GAAA,CAAI,GAAG,MAAQ,EAAA,CAAC,UAAU,MAAO,CAAA,IAAA,CAAK,KAAK,CAAC,CAAA,CAAA;AAC5C,IAAI,GAAA,CAAA,EAAA,CAAG,OAAO,MAAM,OAAA,CAAQ,OAAO,MAAO,CAAA,MAAM,CAAC,CAAC,CAAA,CAAA;AAClD,IAAA,GAAA,CAAI,GAAG,OAAS,EAAA,CAAC,GAAQ,KAAA,MAAA,CAAO,GAAG,CAAC,CAAA,CAAA;AAAA,GACrC,CAAA,CAAA;AACH,CAAA;AAEgB,SAAA,oBAAA,CACd,SACA,wBACS,EAAA;AACT,EAAM,MAAA,eAAA,GAAkB,IAAI,OAAQ,EAAA,CAAA;AACpC,EAAO,MAAA,CAAA,OAAA,CAAQ,OAAO,CAAE,CAAA,OAAA,CAAQ,CAAC,CAAC,GAAA,EAAK,KAAK,CAAM,KAAA;AAChD,IAAM,MAAA,OAAA,GACJ,wBAAwB,QAAS,CAAA,GAAG,MACnC,wBAA4B,IAAA,EAAI,EAAA,QAAA,CAAS,GAAG,CAAA,CAAA;AAC/C,IAAI,IAAA,OAAA;AACF,MAAgB,eAAA,CAAA,GAAA,CAAI,GAAK,EAAA,KAAA,CAAM,OAAQ,CAAA,KAAK,IAAI,KAAM,CAAA,IAAA,CAAK,GAAG,CAAA,GAAI,KAAK,CAAA,CAAA;AAAA,GAC1E,CAAA,CAAA;AACD,EAAO,OAAA,eAAA,CAAA;AACT,CAAA;AAKO,MAAM,MAAS,GAAA;AAAA,EACpB,GAAK,EAAA;AAAA,IACH,UAAY,EAAA,KAAA;AAAA,GACd;AACF,EAAA;AAEA,SAAS,sBACP,CAAA,QAAA,EACA,WACA,EAAA,aAAA,EACA,OACA,EAAA;AACA,EAAA,MAAM,QACJ,QAAa,KAAA,QAAA,IACb,WAAY,CAAA,OAAA,CAAQ,mBAAmB,CAAM,KAAA,OAAA,CAAA;AAE/C,EAAA,MAAM,MACJ,GAAA,OAAA,CAAQ,iBAAsB,KAAA,KAAA,CAAA,GAAY,QAAQ,OAAQ,CAAA,iBAAA,CAAA;AAE5D,EAAM,MAAA,SAAA,GAAY,YAAY,UAAW,CAAA,SAAA;AAAA,IACvC,CAAC,CAAA,KAAM,CAAE,CAAA,WAAA,EAAkB,KAAA,kBAAA;AAAA,GAC7B,CAAA;AACA,EAAM,MAAA,IAAA,GACJ,YAAY,CACR,CAAA,GAAA,WAAA,CAAY,WAAW,SAAY,GAAA,CAAC,CACpC,GAAA,WAAA,CAAY,OAAQ,CAAA,IAAA,CAAA;AAC1B,EAAM,MAAA,MAAA,GAAS,iBAAkB,CAAA,IAAA,EAAM,OAAO,CAAA,CAAA;AAE9C,EAAO,OAAA,KAAA;AAAA,IACL,mBAAmB,aAAc,CAAA,OAAA,CAAQ,GAAI,CAAA,YAAY,KAAK,EAAE,CAAA;AAAA,GAClE,CACG,GAAI,CAAA,CAAC,MAAY,MAAA;AAAA,IAChB,GAAG,MAAA;AAAA,IACH,MAAA;AAAA,IACA,MAAA;AAAA,IACA,MAAA,EAAQ,CAAC,CAAc,KAAA,CAAA;AAAA,IACvB,CACD,CAAA,GAAA;AAAA,IAAI,CAAC,EAAE,KAAA,EAAO,IAAM,EAAA,GAAGA,UACtB,KAAA,SAAA,CAAU,IAAM,EAAA,KAAA,EAAOA,QAAiC,CAAA;AAAA,GAC1D,CAAA;AACJ,CAAA;AAOO,SAAS,iBAAiB,OAAkC,EAAA;AACjE,EAAM,MAAA,OAAA,GAAU,WAAW,OAAO,CAAA,CAAA;AAClC,EAAO,OAAA,OAAO,KAAqB,GAAiC,KAAA;AAClE,IAAA,MAAM,EAAE,KAAA,EAAO,GAAG,KAAA,KAAU,GAAI,CAAA,KAAA,CAAA;AAEhC,IAAM,MAAA,YAAA,GAAe,IAAI,eAAgB,EAAA,CAAA;AACzC,IAAA,MAAA,CAAO,IAAK,CAAA,KAAK,CAAE,CAAA,OAAA,CAAQ,CAAC,GAAQ,KAAA;AAClC,MAAA,YAAA,CAAa,IAAI,GAAK,EAAA,MAAA,CAAO,KAAM,CAAA,GAAG,CAAC,CAAC,CAAA,CAAA;AAAA,KACzC,CAAA,CAAA;AAED,IAAM,MAAA,IAAA,GAAO,MAAM,OAAQ,CAAA,KAAK,IAAI,KAAM,CAAA,IAAA,CAAK,GAAG,CAAI,GAAA,KAAA,CAAA;AAEtD,IAAA,MAAM,GAAM,GAAA,IAAI,GAAI,CAAA,IAAA,EAAM,OAAO,CAAA,CAAA;AACjC,IAAI,GAAA,CAAA,MAAA,GAAS,aAAa,QAAS,EAAA,CAAA;AAEnC,IAAA,IAAI,SAAS,YAAc,EAAA;AAIzB,MAAI,GAAA,CAAA,QAAA,CAAS,KAAK,WAAW,CAAA,CAAA;AAC7B,MAAA,OAAA;AAAA,KACF;AAEA,IAAA,MAAM,OAAU,GAAA,oBAAA;AAAA,MACd,GAAI,CAAA,OAAA;AAAA,MACJ,OAAQ,CAAA,wBAAA;AAAA,KACV,CAAA;AAEA,IAAQ,OAAA,CAAA,GAAA,CAAI,0BAA0B,OAAO,CAAA,CAAA;AAC7C,IAAQ,OAAA,CAAA,GAAA,CAAI,wBAAwB,OAAO,CAAA,CAAA;AAC3C,IAAQ,OAAA,CAAA,GAAA,CAAI,iCAAiC,MAAM,CAAA,CAAA;AAGnD,IAAA,IACE,OAAQ,CAAA,GAAA,CAAI,wBACZ,IAAA,OAAA,CAAQ,IAAI,8BACZ,EAAA;AACA,MAAQ,OAAA,CAAA,GAAA;AAAA,QACN,QAAQ,GAAI,CAAA,wBAAA;AAAA,QACZ,QAAQ,GAAI,CAAA,8BAAA;AAAA,OACd,CAAA;AAAA,KACF;AAEA,IAAM,MAAA,QAAA,GAAW,MAAM,KAAA,CAAM,GAAK,EAAA;AAAA,MAChC,QAAQ,GAAI,CAAA,MAAA;AAAA,MACZ,OAAA;AAAA,MACA,IAAA,EACE,GAAI,CAAA,MAAA,KAAW,KAAS,IAAA,GAAA,CAAI,WAAW,MACnC,GAAA,MAAM,WAAY,CAAA,GAAG,CACrB,GAAA,IAAA;AAAA,MACN,QAAU,EAAA,QAAA;AAAA,KACX,CAAA,CAAA;AAED,IAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,CAAA,IAAK,SAAS,OAAS,EAAA;AAC3C,MAAI,GAAA,CAAA,YAAA,CAAa,KAAK,KAAK,CAAA,CAAA;AAAA,KAC7B;AAEA,IAAA,GAAA,CAAI,aAAa,YAAY,CAAA,CAAA;AAC7B,IAAA,GAAA,CAAI,aAAa,UAAU,CAAA,CAAA;AAE3B,IAAA,IAAI,QAAS,CAAA,OAAA,CAAQ,GAAI,CAAA,YAAY,CAAG,EAAA;AACtC,MAAA,MAAM,OAAU,GAAA,sBAAA;AAAA,QACb,GAAwC,CAAA,QAAA;AAAA,QACzC,GAAA;AAAA,QACA,QAAA;AAAA,QACA,OAAA;AAAA,OACF,CAAA;AACA,MAAQ,OAAA,CAAA,OAAA,CAAQ,CAAC,MAAW,KAAA;AAC1B,QAAI,GAAA,CAAA,YAAA,CAAa,cAAc,MAAM,CAAA,CAAA;AAAA,OACtC,CAAA,CAAA;AAAA,KACH;AAEA,IAAA,IAAI,QAAS,CAAA,OAAA,CAAQ,GAAI,CAAA,UAAU,CAAG,EAAA;AACpC,MAAA,MAAM,QAAW,GAAA,qBAAA;AAAA,QACf,QAAA,CAAS,OAAQ,CAAA,GAAA,CAAI,UAAU,CAAA;AAAA,QAC/B,OAAA;AAAA,OACF,CAAA;AACA,MAAI,GAAA,CAAA,SAAA,CAAU,YAAY,QAAQ,CAAA,CAAA;AAAA,KACpC;AAEA,IAAA,GAAA,CAAI,aAAa,mBAAmB,CAAA,CAAA;AACpC,IAAA,GAAA,CAAI,aAAa,kBAAkB,CAAA,CAAA;AACnC,IAAA,GAAA,CAAI,aAAa,gBAAgB,CAAA,CAAA;AAEjC,IAAI,GAAA,CAAA,MAAA,CAAO,SAAS,MAAM,CAAA,CAAA;AAE1B,IAAA,MAAM,MAAM,MAAO,CAAA,IAAA,CAAK,MAAM,QAAA,CAAS,aAAa,CAAA,CAAA;AAEpD,IAAI,IAAA,GAAA,CAAI,aAAa,CAAG,EAAA;AACtB,MAAI,IAAA,MAAA,CAAO,IAAM,EAAA,GAAG,CAAG,EAAA;AACrB,QAAI,GAAA,CAAA,IAAA;AAAA,UACF,GAAA,CAAI,QAAS,CAAA,OAAO,CAAE,CAAA,OAAA,CAAQ,IAAI,MAAO,CAAA,OAAA,EAAS,GAAG,CAAA,EAAG,WAAW,CAAA;AAAA,SACrE,CAAA;AAAA,OACK,MAAA;AACL,QAAA,GAAA,CAAI,MAAM,GAAG,CAAA,CAAA;AAAA,OACf;AAAA,KACF;AAEA,IAAA,GAAA,CAAI,GAAI,EAAA,CAAA;AAAA,GACV,CAAA;AACF;;;;"}