npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@dcsv-io/d2-auth-abstractions

v0.1.2

Published

<!-- Copyright (c) DCSV. Licensed under the Apache License, Version 2.0. -->

Downloads

178

Readme

@dcsv-io/d2-auth-abstractions

Auth-related constants for TS consumers — Scopes tree, AuthErrorCodes, AuthFailures factories, JwtClaimTypes. Mirrors DcsvIo.D2.Auth.Abstractions + DcsvIo.D2.Auth.Errors consolidated (matches the .NET assembly placement).

Install

pnpm add @dcsv-io/d2-auth-abstractions

Public API

| Export | Source | Mirror | | ------------------------------------------------------- | --------------------------------- | ------------------------------------------- | | Scopes (nested constants) | scopes.g.ts (codegen) | Scopes.*.* (.NET) | | ALL_SCOPES | scopes.g.ts | Scopes.AllScopes | | AuthErrorCodes | auth-error-codes.g.ts (codegen) | DcsvIo.D2.Auth.Errors.AuthErrorCodes | | ALL_AUTH_ERROR_CODES / getAuthErrorHttpStatus(code) | auth-error-codes.g.ts | AuthErrorCodes.AllCodes / GetHttpStatus | | AuthFailures.<factory>() | auth-failures.g.ts (codegen) | DcsvIo.D2.Auth.Errors.AuthFailures.* | | JwtClaimTypes | jwt-claim-types.g.ts (codegen) | DcsvIo.D2.Auth.Abstractions.JwtClaimTypes | | JwtPayload | jwt-payload.g.ts (codegen) | TS-only typed view over the same spec |

Codegen workflow

prebuild chains 4 emitter scripts (auth-scopes / auth-error-codes / auth-failures / jwt-claims) before tsc -b, so pnpm -r build regenerates transparently. Generated files (*.g.ts) are committed to git.

JwtClaimTypes AND JwtPayload both emit from contracts/jwt-claims/jwt-claims.spec.json (one generator, two outputs; sources committed):

  • JwtClaimTypes — string-constant catalog (every claim's wire name).
  • JwtPayload — TS interface typed on every standard + d2-custom claim with stable per-field types; inside-act claims live nested inside act and are not surfaced as top-level fields. A trailing raw: Readonly<Record<string, unknown>> escape hatch carries the raw decoded claims for downstream consumers needing access to non-spec'd claims.

The .NET side consumes the same spec for JwtClaimTypes constants; .NET reads claim values via ClaimsPrincipal so a typed payload is not needed there. Cross-language drift on the constant catalog is structurally impossible (single source).

Header constants

Wire-protocol header catalogs live in the per-transport packages (@dcsv-io/d2-headers-http, @dcsv-io/d2-headers-grpc, @dcsv-io/d2-headers-amqp, @dcsv-io/d2-headers-common).

Dependencies

  • @dcsv-io/d2-resultD2Result shape returned by AuthFailures.* factories.

Usage example

import {
  Scopes,
  AuthFailures,
  AuthErrorCodes,
  JwtClaimTypes,
} from "@dcsv-io/d2-auth-abstractions";
import { HttpHeaders } from "@dcsv-io/d2-headers-http";

// Scope check.
if (!ctx.scopes.has(Scopes.auth.user.impersonate.consent)) {
  return AuthFailures.scopeInsufficient(ctx.traceId);
}

// Header read.
const idempotency = req.headers[HttpHeaders.IDEMPOTENCY_KEY];

// Claim read.
const sub = jwtPayload[JwtClaimTypes.SUB];

// Error-code discrimination.
if (result.errorCode === AuthErrorCodes.AUTH_JWT_EXPIRED) {
  // refresh the token and retry
}

Parity with .NET

Mirrors DcsvIo.D2.Auth.Abstractions + DcsvIo.D2.Auth.Errors:

  • Scopes tree — same dot-segmented spec names emitted as nested constants (e.g. Scopes.auth.user.impersonate.consent).
  • AuthErrorCodes — same string values (every constant is its own name).
  • AuthFailures — every factory returns D2Result.fail(...) with matching errorCode + statusCode + default messageKey.
  • JwtClaimTypes — codegen-emitted from contracts/jwt-claims/jwt-claims.spec.json; same constant names + values on both sides.
  • JwtPayload — TS-only typed view emitted from the same spec; .NET reads claims via ClaimsPrincipal rather than a typed shape.

Edge cases

  • getAuthErrorHttpStatus returns 500 for unknown codes — defensive default, every shipped AUTH_* code IS in the table.
  • Scopes may include _self keys at branch nodes when an entry is both a leaf scope AND has children (rare; edge case for forward-compat).
  • Generated files (*.g.ts) are committed to git.