{"version":3,"file":"config.mjs","sources":["../../server/config.js"],"sourcesContent":["'use strict';\n\nconst {\n DEFAULT_ACCESS_TOKEN_LIFESPAN,\n DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN,\n DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN,\n DEFAULT_MAX_SESSION_LIFESPAN,\n DEFAULT_IDLE_SESSION_LIFESPAN,\n} = require('./services/constants');\n\nmodule.exports = {\n default: ({ env }) => ({\n jwtSecret: env('JWT_SECRET'),\n jwt: {\n expiresIn: '30d',\n },\n /**\n * JWT management mode for the Content API authentication\n * - \"legacy-support\": use plugin JWTs (backward compatible)\n * - \"refresh\": use SessionManager (access/refresh tokens)\n */\n jwtManagement: 'legacy-support',\n sessions: {\n accessTokenLifespan: DEFAULT_ACCESS_TOKEN_LIFESPAN,\n maxRefreshTokenLifespan: DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN,\n idleRefreshTokenLifespan: DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN,\n maxSessionLifespan: DEFAULT_MAX_SESSION_LIFESPAN,\n idleSessionLifespan: DEFAULT_IDLE_SESSION_LIFESPAN,\n httpOnly: false,\n },\n ratelimit: {\n interval: 60000,\n max: 10,\n },\n layout: {\n user: {\n actions: {\n create: 'contentManagerUser.create', // Use the User plugin's controller.\n update: 'contentManagerUser.update',\n },\n },\n },\n callback: {\n validate(callback, provider) {\n let uCallback;\n let uProviderCallback;\n\n try {\n uCallback = new URL(callback);\n uProviderCallback = new URL(provider.callback);\n } catch {\n throw new Error('The callback is not a valid URL');\n }\n\n // Make sure the different origin matches\n if (uCallback.origin !== uProviderCallback.origin) {\n throw new Error(\n `Forbidden callback provided: origins don't match. Please verify your config.`\n );\n }\n\n // Make sure the different pathname matches\n if (uCallback.pathname !== uProviderCallback.pathname) {\n throw new Error(\n `Forbidden callback provided: pathname don't match. Please verify your config.`\n );\n }\n\n // NOTE: We're not checking the search parameters on purpose to allow passing different states\n },\n },\n }),\n validator() {},\n};\n"],"names":["DEFAULT_ACCESS_TOKEN_LIFESPAN","DEFAULT_MAX_REFRESH_TOKEN_LIFESPAN","DEFAULT_IDLE_REFRESH_TOKEN_LIFESPAN","DEFAULT_MAX_SESSION_LIFESPAN","DEFAULT_IDLE_SESSION_LIFESPAN","require$$0","config","default","env","jwtSecret","jwt","expiresIn","jwtManagement","sessions","accessTokenLifespan","maxRefreshTokenLifespan","idleRefreshTokenLifespan","maxSessionLifespan","idleSessionLifespan","httpOnly","ratelimit","interval","max","layout","user","actions","create","update","callback","validate","provider","uCallback","uProviderCallback","URL","Error","origin","pathname","validator"],"mappings":";;;;;;;IAEA,MAAM,EACJA,6BAA6B,EAC7BC,kCAAkC,EAClCC,mCAAmC,EACnCC,4BAA4B,EAC5BC,6BAA6B,EAC9B,GAAGC,gBAAAA,EAAAA;IAEJC,MAAiB,GAAA;AACfC,QAAAA,OAAAA,EAAS,CAAC,EAAEC,GAAG,EAAE,IAAM;AACrBC,gBAAAA,SAAAA,EAAWD,GAAI,CAAA,YAAA,CAAA;gBACfE,GAAK,EAAA;oBACHC,SAAW,EAAA;AACZ,iBAAA;AACL;;;;AAIA,SACIC,aAAe,EAAA,gBAAA;gBACfC,QAAU,EAAA;oBACRC,mBAAqBd,EAAAA,6BAAAA;oBACrBe,uBAAyBd,EAAAA,kCAAAA;oBACzBe,wBAA0Bd,EAAAA,mCAAAA;oBAC1Be,kBAAoBd,EAAAA,4BAAAA;oBACpBe,mBAAqBd,EAAAA,6BAAAA;oBACrBe,QAAU,EAAA;AACX,iBAAA;gBACDC,SAAW,EAAA;oBACTC,QAAU,EAAA,KAAA;oBACVC,GAAK,EAAA;AACN,iBAAA;gBACDC,MAAQ,EAAA;oBACNC,IAAM,EAAA;wBACJC,OAAS,EAAA;4BACPC,MAAQ,EAAA,2BAAA;4BACRC,MAAQ,EAAA;AACT;AACF;AACF,iBAAA;gBACDC,QAAU,EAAA;oBACRC,QAASD,CAAAA,CAAAA,QAAQ,EAAEE,QAAQ,EAAA;wBACzB,IAAIC,SAAAA;wBACJ,IAAIC,iBAAAA;wBAEJ,IAAI;AACFD,4BAAAA,SAAAA,GAAY,IAAIE,GAAIL,CAAAA,QAAAA,CAAAA;4BACpBI,iBAAoB,GAAA,IAAIC,GAAIH,CAAAA,QAAAA,CAASF,QAAQ,CAAA;AACvD,yBAAA,CAAU,OAAM;AACN,4BAAA,MAAM,IAAIM,KAAM,CAAA,iCAAA,CAAA;AACjB;;AAGD,wBAAA,IAAIH,SAAUI,CAAAA,MAAM,KAAKH,iBAAAA,CAAkBG,MAAM,EAAE;AACjD,4BAAA,MAAM,IAAID,KAAAA,CACR,CAAC,4EAA4E,CAAC,CAAA;AAEjF;;AAGD,wBAAA,IAAIH,SAAUK,CAAAA,QAAQ,KAAKJ,iBAAAA,CAAkBI,QAAQ,EAAE;AACrD,4BAAA,MAAM,IAAIF,KAAAA,CACR,CAAC,6EAA6E,CAAC,CAAA;AAElF;;AAGF;AACF;aACL,CAAA;QACEG,SAAc,CAAA,GAAA;AAChB,KAAA;;;;;;"}