{"version":3,"file":"config.mjs","sources":["../../server/config.js"],"sourcesContent":["'use strict';\n\nconst {\n DEFAULT_ACCESS_TOKEN_LIFESPAN,\n DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN,\n DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN,\n DEFAULT_MAX_SESSION_LIFESPAN,\n DEFAULT_IDLE_SESSION_LIFESPAN,\n} = require('./services/constants');\n\nmodule.exports = {\n default: ({ env }) => ({\n jwtSecret: env('JWT_SECRET'),\n jwt: {\n expiresIn: '30d',\n },\n /**\n * JWT management mode for the Content API authentication\n * - \"legacy-support\": use plugin JWTs (backward compatible)\n * - \"refresh\": use SessionManager (access/refresh tokens)\n */\n jwtManagement: 'legacy-support',\n sessions: {\n accessTokenLifespan: DEFAULT_ACCESS_TOKEN_LIFESPAN,\n maxRefreshTokenLifespan: DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN,\n idleRefreshTokenLifespan: DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN,\n maxSessionLifespan: DEFAULT_MAX_SESSION_LIFESPAN,\n idleSessionLifespan: DEFAULT_IDLE_SESSION_LIFESPAN,\n httpOnly: false,\n },\n ratelimit: {\n interval: 60000,\n max: 10,\n },\n layout: {\n user: {\n actions: {\n create: 'contentManagerUser.create', // Use the User plugin's controller.\n update: 'contentManagerUser.update',\n },\n },\n },\n callback: {\n validate(callback, provider) {\n let uCallback;\n let uProviderCallback;\n\n try {\n uCallback = new URL(callback);\n uProviderCallback = new URL(provider.callback);\n } catch {\n throw new Error('The callback is not a valid URL');\n }\n\n // Make sure the different origin matches\n if (uCallback.origin !== uProviderCallback.origin) {\n throw new Error(\n `Forbidden callback provided: origins don't match. Please verify your config.`\n );\n }\n\n // Make sure the different pathname matches\n if (uCallback.pathname !== uProviderCallback.pathname) {\n throw new Error(\n `Forbidden callback provided: pathname don't match. Please verify your config.`\n );\n }\n\n // NOTE: We're not checking the search parameters on purpose to allow passing different states\n },\n },\n }),\n validator() {},\n};\n"],"names":["DEFAULT_ACCESS_TOKEN_LIFESPAN","DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN","DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN","DEFAULT_MAX_SESSION_LIFESPAN","DEFAULT_IDLE_SESSION_LIFESPAN","require$$0","config","default","env","jwtSecret","jwt","expiresIn","jwtManagement","sessions","accessTokenLifespan","maxRefreshTokenLifespan","idleRefreshTokenLifespan","maxSessionLifespan","idleSessionLifespan","httpOnly","ratelimit","interval","max","layout","user","actions","create","update","callback","validate","provider","uCallback","uProviderCallback","URL","Error","origin","pathname","validator"],"mappings":";;;;;;;IAEA,MAAM,EACJA,6BAA6B,EAC7BC,kCAAkC,EAClCC,mCAAmC,EACnCC,4BAA4B,EAC5BC,6BAA6B,EAC9B,GAAGC,gBAAAA,EAAAA;IAEJC,MAAAA,GAAiB;AACfC,QAAAA,OAAAA,EAAS,CAAC,EAAEC,GAAG,EAAE,IAAM;AACrBC,gBAAAA,SAAAA,EAAWD,GAAAA,CAAI,YAAA,CAAA;gBACfE,GAAAA,EAAK;oBACHC,SAAAA,EAAW;AACjB,iBAAA;AACA;;;;AAIA,SACIC,aAAAA,EAAe,gBAAA;gBACfC,QAAAA,EAAU;oBACRC,mBAAAA,EAAqBd,6BAAAA;oBACrBe,uBAAAA,EAAyBd,kCAAAA;oBACzBe,wBAAAA,EAA0Bd,mCAAAA;oBAC1Be,kBAAAA,EAAoBd,4BAAAA;oBACpBe,mBAAAA,EAAqBd,6BAAAA;oBACrBe,QAAAA,EAAU;AAChB,iBAAA;gBACIC,SAAAA,EAAW;oBACTC,QAAAA,EAAU,KAAA;oBACVC,GAAAA,EAAK;AACX,iBAAA;gBACIC,MAAAA,EAAQ;oBACNC,IAAAA,EAAM;wBACJC,OAAAA,EAAS;4BACPC,MAAAA,EAAQ,2BAAA;4BACRC,MAAAA,EAAQ;AAClB;AACA;AACA,iBAAA;gBACIC,QAAAA,EAAU;oBACRC,QAAAA,CAAAA,CAASD,QAAQ,EAAEE,QAAQ,EAAA;wBACzB,IAAIC,SAAAA;wBACJ,IAAIC,iBAAAA;wBAEJ,IAAI;AACFD,4BAAAA,SAAAA,GAAY,IAAIE,GAAAA,CAAIL,QAAAA,CAAAA;4BACpBI,iBAAAA,GAAoB,IAAIC,GAAAA,CAAIH,QAAAA,CAASF,QAAQ,CAAA;AACvD,wBAAA,CAAA,CAAU,OAAM;AACN,4BAAA,MAAM,IAAIM,KAAAA,CAAM,iCAAA,CAAA;AAC1B,wBAAA;;AAGQ,wBAAA,IAAIH,SAAAA,CAAUI,MAAM,KAAKH,iBAAAA,CAAkBG,MAAM,EAAE;AACjD,4BAAA,MAAM,IAAID,KAAAA,CACR,CAAC,4EAA4E,CAAA,CAAA;AAEzF,wBAAA;;AAGQ,wBAAA,IAAIH,SAAAA,CAAUK,QAAQ,KAAKJ,iBAAAA,CAAkBI,QAAQ,EAAE;AACrD,4BAAA,MAAM,IAAIF,KAAAA,CACR,CAAC,6EAA6E,CAAA,CAAA;AAE1F,wBAAA;;AAGA,oBAAA;AACA;aACA,CAAA;QACEG,SAAAA,CAAAA,GAAAA,CAAY;AACd,KAAA;;;;;;"}