@absolutejs/auth 0.22.6 → 0.23.0

package/README.md

@@ -25,14 +25,13 @@ Absolute Auth is a TypeScript-based authentication system that provides a compre
 
 ## Usage
 
-### Running the Example Server
+### Example app
 
-Start the example server:
-   ```bash
-   bun dev
-   ```
-
-3. Open your browser and navigate to `http://localhost:3000` to test the authentication flow.
+A full, runnable demo lives in the AbsoluteJS examples repo under
+[`examples/auth`](https://github.com/absolutejs/examples/tree/main/auth). It
+shows `@absolutejs/auth` across all six AbsoluteJS frontends (React, Vue,
+Svelte, Angular, HTML, HTMX) — login, identity linking/merging, and connector
+grants — against one shared Elysia server.
 
 ## Authentication System
 
@@ -51,12 +50,6 @@ Start the example server:
 - **Event Handlers**: Define custom event handlers for authorization, callback, status, refresh, signout, and revoke events.
 - **User Management**: Implement custom functions for creating and retrieving users.
 
-### Example Components and Utilities in the `example` Directory
-
-- `components/Example.tsx`: A React component that demonstrates the usage of the authentication system, including login, signout, and protected routes.
-- `components/Navbar.tsx`: A React component that provides a navigation bar with authentication-related links and actions.
-- `server.ts`: The main server file that sets up the example server, handles routes, and integrates the authentication system.
-
 ## Note
 
 This project uses Bun and is built for Elysia.

package/dist/index.d.ts

@@ -1 +1,300 @@
-export * from "./src/index";
+import { Elysia } from 'elysia';
+import { AbsoluteAuthProps } from './types';
+export declare const absoluteAuth: <UserType>({ providersConfiguration, authorizeRoute, callbackRoute, profileRoute, signoutRoute, statusRoute, refreshRoute, revokeRoute, cleanupIntervalMs, maxSessions, sessionDurationMs, authSessionStore, resolveAuthIntent, onAuthorizeSuccess, onAuthorizeError, onProfileSuccess, onProfileError, onCallbackSuccess, onLinkIdentity, onLinkIdentityConflict, onLinkConnector, onCallbackError, onStatus, onRefreshSuccess, onRefreshError, onSignOut, onRevocationSuccess, onRevocationError, onSessionCleanup }: AbsoluteAuthProps<UserType>) => Promise<Elysia<"", {
+    decorator: {};
+    store: {
+        session: import("./types").SessionRecord<UserType> & import("./types").SessionRecord<unknown>;
+        unregisteredSession: import("./types").UnregisteredSessionRecord;
+    };
+    derive: {
+        readonly cleanupSessions: () => Promise<void>;
+    } & {
+        readonly protectRoute: <AuthReturn, AuthFailReturn>(handleAuth: (user: UserType) => AuthReturn | Promise<AuthReturn>, handleAuthFail?: ((error: {
+            readonly code: "Bad Request";
+            readonly message: "Cookies are missing";
+        } | {
+            readonly code: "Unauthorized";
+            readonly message: "User is not authenticated";
+        }) => AuthFailReturn) | undefined) => Promise<import("elysia").ElysiaCustomStatusResponse<"Bad Request", "Cookies are missing", 400> | import("elysia").ElysiaCustomStatusResponse<"Unauthorized", "User is not authenticated", 401> | AuthReturn | NonNullable<AuthFailReturn>>;
+    };
+    resolve: {};
+}, {
+    typebox: {};
+    error: {};
+}, {
+    schema: {};
+    standaloneSchema: {};
+    macro: {};
+    macroFn: {};
+    parser: {};
+    response: {};
+} & {
+    schema: {};
+    standaloneSchema: {};
+    macro: {};
+    macroFn: {};
+    parser: {};
+    response: import("elysia").ExtractErrorFromHandle<{
+        readonly cleanupSessions: () => Promise<void>;
+    }>;
+} & {
+    schema: import("elysia").UnwrapRoute<{
+        cookie: import("@sinclair/typebox").TObject<{
+            user_session_id: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TTemplateLiteralSyntax<"${string}-${string}-${string}-${string}-${string}">>;
+        }>;
+    }, {}, "">;
+    standaloneSchema: {};
+    macro: {};
+    macroFn: {};
+    parser: {};
+    response: import("elysia").ExtractErrorFromHandle<{
+        readonly protectRoute: <AuthReturn, AuthFailReturn>(handleAuth: (user: UserType) => AuthReturn | Promise<AuthReturn>, handleAuthFail?: ((error: {
+            readonly code: "Bad Request";
+            readonly message: "Cookies are missing";
+        } | {
+            readonly code: "Unauthorized";
+            readonly message: "User is not authenticated";
+        }) => AuthFailReturn) | undefined) => Promise<import("elysia").ElysiaCustomStatusResponse<"Bad Request", "Cookies are missing", 400> | import("elysia").ElysiaCustomStatusResponse<"Unauthorized", "User is not authenticated", 401> | AuthReturn | NonNullable<AuthFailReturn>>;
+    }>;
+}, ((({
+    [x: string]: {
+        delete: {
+            body: unknown;
+            params: {};
+            query: unknown;
+            headers: unknown;
+            response: {
+                200: Response;
+                400: "Cookies are missing";
+                401: "No auth provider found" | "No user session id found";
+                422: {
+                    type: "validation";
+                    on: string;
+                    summary?: string;
+                    message?: string;
+                    found?: unknown;
+                    property?: string;
+                    expected?: string;
+                };
+                500: "Sign out operation failed";
+            };
+        };
+    };
+} & {
+    [x: string]: {
+        post: {
+            body: unknown;
+            params: {};
+            query: unknown;
+            headers: unknown;
+            response: {
+                200: Response;
+                400: "Cookies are missing" | "Invalid provider";
+                401: "Client provider not found" | "Client variant is required" | "Client variant not found" | "Provider is required" | "No auth provider found" | "No user session found";
+                422: {
+                    type: "validation";
+                    on: string;
+                    summary?: string;
+                    message?: string;
+                    found?: unknown;
+                    property?: string;
+                    expected?: string;
+                };
+                500: "Failed to revoke token";
+                501: "Provider does not support revocation";
+            };
+        };
+    };
+} & ({
+    [x: string]: {
+        get: {
+            body: unknown;
+            params: {};
+            query: unknown;
+            headers: unknown;
+            response: {
+                200: {
+                    user: NonNullable<UserType> | null;
+                };
+                400: "Cookies are missing";
+                422: {
+                    type: "validation";
+                    on: string;
+                    summary?: string;
+                    message?: string;
+                    found?: unknown;
+                    property?: string;
+                    expected?: string;
+                };
+                500: `Error: ${string} - ${string}` | `Unknown Error: ${string}`;
+            };
+        };
+    };
+} & ({
+    [x: string]: {
+        post: {
+            body: unknown;
+            params: {};
+            query: unknown;
+            headers: unknown;
+            response: {
+                200: Response;
+                400: "Cookies are missing" | "Invalid provider" | "No refresh token found";
+                401: "Client provider not found" | "Client variant is required" | "Client variant not found" | "Provider is required" | "No auth provider found" | "No user session found";
+                422: {
+                    type: "validation";
+                    on: string;
+                    summary?: string;
+                    message?: string;
+                    found?: unknown;
+                    property?: string;
+                    expected?: string;
+                };
+                500: "Failed to refresh token";
+                501: "Provider is not refreshable";
+            };
+        };
+    };
+} & ({
+    [x: string]: {
+        ":provider": {
+            get: {
+                body: unknown;
+                params: {
+                    provider: "42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "google" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoom";
+                };
+                query: {
+                    client?: string | undefined;
+                    intent?: "login" | "link_identity" | "link_connector" | undefined;
+                };
+                headers: unknown;
+                response: {
+                    200: Response;
+                    400: "Provider is required" | "Cookies are missing";
+                    401: "Client provider not found" | "Client variant is required" | "Client variant not found" | "Provider is required";
+                    422: {
+                        type: "validation";
+                        on: string;
+                        summary?: string;
+                        message?: string;
+                        found?: unknown;
+                        property?: string;
+                        expected?: string;
+                    };
+                    500: "Failed to create authorization URL";
+                };
+            };
+        };
+    };
+} | {
+    [x: string]: {
+        ":provider": {
+            [x: string]: {
+                get: {
+                    body: unknown;
+                    params: {
+                        provider: "42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "google" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoom";
+                    };
+                    query: {
+                        client?: string | undefined;
+                        intent?: "login" | "link_identity" | "link_connector" | undefined;
+                    };
+                    headers: unknown;
+                    response: {
+                        200: Response;
+                        400: "Provider is required" | "Cookies are missing";
+                        401: "Client provider not found" | "Client variant is required" | "Client variant not found" | "Provider is required";
+                        422: {
+                            type: "validation";
+                            on: string;
+                            summary?: string;
+                            message?: string;
+                            found?: unknown;
+                            property?: string;
+                            expected?: string;
+                        };
+                        500: "Failed to create authorization URL";
+                    };
+                };
+            };
+        };
+    };
+})))) & {
+    [x: string]: {
+        get: {
+            body: unknown;
+            params: {};
+            query: unknown;
+            headers: unknown;
+            response: {
+                [x: string]: any;
+            };
+        };
+    };
+}) & {
+    [x: string]: {
+        get: {
+            body: unknown;
+            params: {};
+            query: unknown;
+            headers: unknown;
+            response: {
+                200: Response;
+                400: "Cookies are missing";
+                401: "Client provider not found" | "Client variant is required" | "Client variant not found" | "Provider is required" | "No auth provider found" | "Invalid provider" | "No user session found";
+                422: {
+                    type: "validation";
+                    on: string;
+                    summary?: string;
+                    message?: string;
+                    found?: unknown;
+                    property?: string;
+                    expected?: string;
+                };
+                500: `${string} - ${string}` | `Failed to validate authorization code: Unknown status: ${string}`;
+            };
+        };
+    };
+}) & {}, {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+}, {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+} & {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+} & {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+}>>;
+export * from './types';
+export * from './typebox';
+export type { AbsoluteAuthSessionStore } from './sessionTypes';
+export { isAuthIntent, isUserSessionId, isValidUser } from './typeGuards';
+export { AbsoluteAuthIdentityConflictError } from './errors';
+export { sessionStore } from './sessionStore';
+export { createInMemoryAuthSessionStore } from './authSessionStores';
+export { createNeonAuthSessionStore } from './neonAuthSessionStore';
+export { createLinkedProviderCredentialResolver } from './linkedProviderResolver';
+export { createOAuthLinkedProviderCredentialResolver } from './oauthLinkedProviderResolver';
+export { createNeonLinkedProviderStores, createNeonOAuthLinkedProviderCredentialResolver } from './neonLinkedProviders';
+export { createInMemoryLinkedProviderStores } from './linkedProviderStores';
+export { protectRoutePlugin } from './protectRoute';
+export { sessionCleanup } from './sessionCleanup';
+export * from './utils';
+export { buildClientProviders, resolveClientProviderEntry, resolveProviderClientConfiguration } from './providerClients';
+export type { OAuth2TokenResponse, OAuth2Client, ProviderOption, PKCEProvider, OIDCProvider, RefreshableProvider, RevocableProvider, ScopeRequiredProvider, ProvidersMap, ProviderConfiguration, CredentialsFor } from 'citra';
+export { providers, providerOptions, refreshableProviderOptions, revocableProviderOptions, oidcProviderOptions, pkceProviderOptions, scopeRequiredProviderOptions, decodeJWT, extractPropFromIdentity, isValidProviderOption, isRefreshableOAuth2Client, isRefreshableProviderOption, isOIDCProviderOption, isPKCEProviderOption, isRevocableProviderOption, isRevocableOAuth2Client } from 'citra';

package/dist/index.js

@@ -3192,19 +3192,22 @@ var signout = ({
     userSessionId: user_session_id.value
   });
   const signoutSession = authSessionStore ? compatibilityLayer.session : session;
-  try {
-    await onSignOut?.({
-      authProvider: auth_provider.value,
-      session: signoutSession,
-      userSessionId: user_session_id.value
-    });
-  } catch (err) {
-    console.error("[signout] Sign out operation failed:", {
-      authProvider: auth_provider.value,
-      error: err instanceof Error ? err.message : err,
-      stack: err instanceof Error ? err.stack : undefined
-    });
-    return status("Internal Server Error", "Sign out operation failed");
+  const currentSession = signoutSession[user_session_id.value];
+  if (currentSession !== undefined) {
+    try {
+      await onSignOut?.({
+        authProvider: auth_provider.value,
+        session: signoutSession,
+        userSessionId: user_session_id.value
+      });
+    } catch (err) {
+      console.error("[signout] Sign out operation failed:", {
+        authProvider: auth_provider.value,
+        error: err instanceof Error ? err.message : err,
+        stack: err instanceof Error ? err.stack : undefined
+      });
+      return status("Internal Server Error", "Sign out operation failed");
+    }
   }
   delete signoutSession[user_session_id.value];
   if (authSessionStore) {
@@ -3219,7 +3222,7 @@ var signout = ({
   return new Response(null, { status: 204 });
 }, {
   cookie: t8.Cookie({
-    auth_provider: authProviderOption,
+    auth_provider: t8.Optional(authProviderOption),
     user_session_id: t8.Optional(t8.TemplateLiteral("${string}-${string}-${string}-${string}-${string}"))
   })
 });
@@ -13879,5 +13882,5 @@ export {
   AbsoluteAuthIdentityConflictError
 };
 
-//# debugId=A6C23409DC7CDF3964756E2164756E21
+//# debugId=7F98E858A24BE38A64756E2164756E21
 //# sourceMappingURL=index.js.map