@absolutejs/auth 0.22.4 → 0.22.6

package/dist/src/authSessionStores.d.ts

@@ -0,0 +1,7 @@
+import type { AbsoluteAuthSessionStore } from './sessionTypes';
+import type { SessionData, UnregisteredSessionData, UserSessionId } from './types';
+export type CreateInMemoryAuthSessionStoreOptions<UserType> = {
+    sessions?: Record<UserSessionId, SessionData<UserType>>;
+    unregisteredSessions?: Record<UserSessionId, UnregisteredSessionData>;
+};
+export declare const createInMemoryAuthSessionStore: <UserType>(input?: CreateInMemoryAuthSessionStoreOptions<UserType>) => AbsoluteAuthSessionStore<UserType>;

package/dist/src/authorize.d.ts

@@ -29,12 +29,15 @@ export declare const authorize: ({ clientProviders, authorizeRoute, onAuthorizeS
                 params: {
                     provider: "42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "google" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoom";
                 };
-                query: unknown;
+                query: {
+                    client?: string | undefined;
+                    intent?: "login" | "link_identity" | "link_connector" | undefined;
+                };
                 headers: unknown;
                 response: {
                     200: Response;
-                    400: "Cookies are missing" | "Provider is required";
-                    401: "Client provider not found";
+                    400: "Provider is required" | "Cookies are missing";
+                    401: "Client provider not found" | "Client variant is required" | "Client variant not found" | "Provider is required";
                     422: {
                         type: "validation";
                         on: string;
@@ -58,12 +61,15 @@ export declare const authorize: ({ clientProviders, authorizeRoute, onAuthorizeS
                     params: {
                         provider: "42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "google" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoom";
                     };
-                    query: unknown;
+                    query: {
+                        client?: string | undefined;
+                        intent?: "login" | "link_identity" | "link_connector" | undefined;
+                    };
                     headers: unknown;
                     response: {
                         200: Response;
-                        400: "Cookies are missing" | "Provider is required";
-                        401: "Client provider not found";
+                        400: "Provider is required" | "Cookies are missing";
+                        401: "Client provider not found" | "Client variant is required" | "Client variant not found" | "Provider is required";
                         422: {
                             type: "validation";
                             on: string;

package/dist/src/callback.d.ts

@@ -1,12 +1,18 @@
 import { Elysia } from 'elysia';
-import { ClientProviders, OnCallbackError, OnCallbackSuccess, RouteString } from './types';
+import type { AbsoluteAuthSessionStore } from './sessionTypes';
+import { ClientProviders, OnCallbackError, OnCallbackSuccess, OnLinkConnector, OnLinkIdentity, OnLinkIdentityConflict, ResolveAuthIntent, RouteString } from './types';
 type CallbackProps<UserType> = {
+    authSessionStore?: AbsoluteAuthSessionStore<UserType>;
     clientProviders: ClientProviders;
     callbackRoute?: RouteString;
+    resolveAuthIntent?: ResolveAuthIntent<UserType>;
     onCallbackSuccess: OnCallbackSuccess<UserType>;
+    onLinkIdentity?: OnLinkIdentity<UserType>;
+    onLinkIdentityConflict?: OnLinkIdentityConflict<UserType>;
+    onLinkConnector?: OnLinkConnector<UserType>;
     onCallbackError: OnCallbackError;
 };
-export declare const callback: <UserType>({ clientProviders, callbackRoute, onCallbackSuccess, onCallbackError }: CallbackProps<UserType>) => Elysia<"", {
+export declare const callback: <UserType>({ authSessionStore, clientProviders, callbackRoute, resolveAuthIntent, onCallbackSuccess, onLinkIdentity, onLinkIdentityConflict, onLinkConnector, onCallbackError }: CallbackProps<UserType>) => Elysia<"", {
     decorator: {};
     store: {
         session: import("./types").SessionRecord<UserType>;

package/dist/src/errors.d.ts

@@ -0,0 +1,12 @@
+import { AuthIntent } from './types';
+export type AuthIdentityConflict = {
+    authProvider: string;
+    providerSubject: string;
+    existingUserAuthSub: string;
+    currentUserAuthSub?: string;
+    intent?: AuthIntent;
+};
+export declare class AbsoluteAuthIdentityConflictError extends Error {
+    conflict: AuthIdentityConflict;
+    constructor(conflict: AuthIdentityConflict);
+}

package/dist/src/index.d.ts

@@ -1,6 +1,6 @@
 import { Elysia } from 'elysia';
 import { AbsoluteAuthProps } from './types';
-export declare const absoluteAuth: <UserType>({ providersConfiguration, authorizeRoute, callbackRoute, profileRoute, signoutRoute, statusRoute, refreshRoute, revokeRoute, cleanupIntervalMs, maxSessions, sessionDurationMs, onAuthorizeSuccess, onAuthorizeError, onProfileSuccess, onProfileError, onCallbackSuccess, onCallbackError, onStatus, onRefreshSuccess, onRefreshError, onSignOut, onRevocationSuccess, onRevocationError, onSessionCleanup }: AbsoluteAuthProps<UserType>) => Promise<Elysia<"", {
+export declare const absoluteAuth: <UserType>({ providersConfiguration, authorizeRoute, callbackRoute, profileRoute, signoutRoute, statusRoute, refreshRoute, revokeRoute, cleanupIntervalMs, maxSessions, sessionDurationMs, authSessionStore, resolveAuthIntent, onAuthorizeSuccess, onAuthorizeError, onProfileSuccess, onProfileError, onCallbackSuccess, onLinkIdentity, onLinkIdentityConflict, onLinkConnector, onCallbackError, onStatus, onRefreshSuccess, onRefreshError, onSignOut, onRevocationSuccess, onRevocationError, onSessionCleanup }: AbsoluteAuthProps<UserType>) => Promise<Elysia<"", {
     decorator: {};
     store: {
         session: import("./types").SessionRecord<UserType> & import("./types").SessionRecord<unknown>;
@@ -90,7 +90,7 @@ export declare const absoluteAuth: <UserType>({ providersConfiguration, authoriz
             response: {
                 200: Response;
                 400: "Cookies are missing" | "Invalid provider";
-                401: "Client provider not found" | "No auth provider found" | "No user session found";
+                401: "Client provider not found" | "Client variant is required" | "Client variant not found" | "Provider is required" | "No auth provider found" | "No user session found";
                 422: {
                     type: "validation";
                     on: string;
@@ -140,7 +140,7 @@ export declare const absoluteAuth: <UserType>({ providersConfiguration, authoriz
             response: {
                 200: Response;
                 400: "Cookies are missing" | "Invalid provider" | "No refresh token found";
-                401: "Client provider not found" | "No auth provider found" | "No user session found";
+                401: "Client provider not found" | "Client variant is required" | "Client variant not found" | "Provider is required" | "No auth provider found" | "No user session found";
                 422: {
                     type: "validation";
                     on: string;
@@ -163,12 +163,15 @@ export declare const absoluteAuth: <UserType>({ providersConfiguration, authoriz
                 params: {
                     provider: "42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "google" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoom";
                 };
-                query: unknown;
+                query: {
+                    client?: string | undefined;
+                    intent?: "login" | "link_identity" | "link_connector" | undefined;
+                };
                 headers: unknown;
                 response: {
                     200: Response;
-                    400: "Cookies are missing" | "Provider is required";
-                    401: "Client provider not found";
+                    400: "Provider is required" | "Cookies are missing";
+                    401: "Client provider not found" | "Client variant is required" | "Client variant not found" | "Provider is required";
                     422: {
                         type: "validation";
                         on: string;
@@ -192,12 +195,15 @@ export declare const absoluteAuth: <UserType>({ providersConfiguration, authoriz
                     params: {
                         provider: "42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "google" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoom";
                     };
-                    query: unknown;
+                    query: {
+                        client?: string | undefined;
+                        intent?: "login" | "link_identity" | "link_connector" | undefined;
+                    };
                     headers: unknown;
                     response: {
                         200: Response;
-                        400: "Cookies are missing" | "Provider is required";
-                        401: "Client provider not found";
+                        400: "Provider is required" | "Cookies are missing";
+                        401: "Client provider not found" | "Client variant is required" | "Client variant not found" | "Provider is required";
                         422: {
                             type: "validation";
                             on: string;
@@ -235,7 +241,7 @@ export declare const absoluteAuth: <UserType>({ providersConfiguration, authoriz
             response: {
                 200: Response;
                 400: "Cookies are missing";
-                401: "Client provider not found" | "No auth provider found" | "Invalid provider" | "No user session found";
+                401: "Client provider not found" | "Client variant is required" | "Client variant not found" | "Provider is required" | "No auth provider found" | "Invalid provider" | "No user session found";
                 422: {
                     type: "validation";
                     on: string;
@@ -276,10 +282,19 @@ export declare const absoluteAuth: <UserType>({ providersConfiguration, authoriz
 }>>;
 export * from './types';
 export * from './typebox';
-export { isUserSessionId, isValidUser } from './typeGuards';
+export type { AbsoluteAuthSessionStore } from './sessionTypes';
+export { isAuthIntent, isUserSessionId, isValidUser } from './typeGuards';
+export { AbsoluteAuthIdentityConflictError } from './errors';
 export { sessionStore } from './sessionStore';
+export { createInMemoryAuthSessionStore } from './authSessionStores';
+export { createNeonAuthSessionStore } from './neonAuthSessionStore';
+export { createLinkedProviderCredentialResolver } from './linkedProviderResolver';
+export { createOAuthLinkedProviderCredentialResolver } from './oauthLinkedProviderResolver';
+export { createNeonLinkedProviderStores, createNeonOAuthLinkedProviderCredentialResolver } from './neonLinkedProviders';
+export { createInMemoryLinkedProviderStores } from './linkedProviderStores';
 export { protectRoutePlugin } from './protectRoute';
 export { sessionCleanup } from './sessionCleanup';
 export * from './utils';
+export { buildClientProviders, resolveClientProviderEntry, resolveProviderClientConfiguration } from './providerClients';
 export type { OAuth2TokenResponse, OAuth2Client, ProviderOption, PKCEProvider, OIDCProvider, RefreshableProvider, RevocableProvider, ScopeRequiredProvider, ProvidersMap, ProviderConfiguration, CredentialsFor } from 'citra';
 export { providers, providerOptions, refreshableProviderOptions, revocableProviderOptions, oidcProviderOptions, pkceProviderOptions, scopeRequiredProviderOptions, decodeJWT, extractPropFromIdentity, isValidProviderOption, isRefreshableOAuth2Client, isRefreshableProviderOption, isOIDCProviderOption, isPKCEProviderOption, isRevocableProviderOption, isRevocableOAuth2Client } from 'citra';

package/dist/src/linkedProviderResolver.d.ts

@@ -0,0 +1,22 @@
+import type { LinkedProviderAccessTokenLease, LinkedProviderBinding, LinkedProviderBindingStore, LinkedProviderCredentialFailureReport, LinkedProviderCredentialResolver, LinkedProviderGrant, LinkedProviderGrantStore, ResolvedLinkedProviderCredential } from '@absolutejs/linked-providers';
+export type LinkedProviderRefreshResult = {
+    grant: LinkedProviderGrant;
+    lease: LinkedProviderAccessTokenLease;
+};
+export type CreateLinkedProviderCredentialResolverOptions = {
+    grantStore: LinkedProviderGrantStore;
+    bindingStore: LinkedProviderBindingStore;
+    loadAccessTokenLease: (grant: LinkedProviderGrant) => Promise<LinkedProviderAccessTokenLease | null> | LinkedProviderAccessTokenLease | null;
+    refreshAccessTokenLease?: (grant: LinkedProviderGrant, input?: {
+        minValidityMs?: number;
+        requiredScopes?: string[];
+    }) => Promise<LinkedProviderRefreshResult | null> | LinkedProviderRefreshResult | null;
+    now?: () => number;
+    onReportFailure?: (input: {
+        credential: ResolvedLinkedProviderCredential;
+        report: LinkedProviderCredentialFailureReport;
+        grant?: LinkedProviderGrant;
+        binding?: LinkedProviderBinding;
+    }) => Promise<void> | void;
+};
+export declare const createLinkedProviderCredentialResolver: ({ grantStore, bindingStore, loadAccessTokenLease, refreshAccessTokenLease, now, onReportFailure }: CreateLinkedProviderCredentialResolverOptions) => LinkedProviderCredentialResolver;

package/dist/src/linkedProviderStores.d.ts

@@ -0,0 +1,9 @@
+import type { LinkedProviderBinding, LinkedProviderBindingStore, LinkedProviderGrant, LinkedProviderGrantStore } from '@absolutejs/linked-providers';
+export type CreateInMemoryLinkedProviderStoresOptions = {
+    grants?: LinkedProviderGrant[];
+    bindings?: LinkedProviderBinding[];
+};
+export declare const createInMemoryLinkedProviderStores: (input?: CreateInMemoryLinkedProviderStoresOptions) => {
+    grantStore: LinkedProviderGrantStore;
+    bindingStore: LinkedProviderBindingStore;
+};