@adonisjs/ally 5.0.0-5 → 5.0.0-7

package/README.md

@@ -2,7 +2,7 @@
 
 <br />
 
-[![gh-workflow-image]][gh-workflow-url] [![npm-image]][npm-url] ![][typescript-image] [![license-image]][license-url] [![snyk-image]][snyk-url]
+[![gh-workflow-image]][gh-workflow-url] [![npm-image]][npm-url] ![][typescript-image] [![license-image]][license-url]
 
 ## Introduction
 Social authentication provider for AdonisJS. Supports *Github*, Google, Twitter, Facebook, Discord, Spotify, and LinkedIn.
@@ -21,8 +21,8 @@ In order to ensure that the AdonisJS community is welcoming to all, please revie
 ## License
 AdonisJS ally is open-sourced software licensed under the [MIT license](LICENSE.md).
 
-[gh-workflow-image]: https://img.shields.io/github/actions/workflow/status/adonisjs/ally/test.yml?style=for-the-badge
-[gh-workflow-url]: https://github.com/adonisjs/ally/actions/workflows/test.yml "Github action"
+[gh-workflow-image]: https://img.shields.io/github/actions/workflow/status/adonisjs/ally/checks.yml?style=for-the-badge
+[gh-workflow-url]: https://github.com/adonisjs/ally/actions/workflows/checks.yml "Github action"
 
 [npm-image]: https://img.shields.io/npm/v/@adonisjs/ally/latest.svg?style=for-the-badge&logo=npm
 [npm-url]: https://www.npmjs.com/package/@adonisjs/ally/v/latest "npm"
@@ -31,6 +31,3 @@ AdonisJS ally is open-sourced software licensed under the [MIT license](LICENSE.
 
 [license-url]: LICENSE.md
 [license-image]: https://img.shields.io/github/license/adonisjs/ally?style=for-the-badge
-
-[snyk-image]: https://img.shields.io/snyk/vulnerabilities/github/adonisjs/ally?label=Snyk%20Vulnerabilities&style=for-the-badge
-[snyk-url]: https://snyk.io/test/github/adonisjs/ally?targetFile=package.json "snyk"

package/build/chunk-CSAU5B4Q.js

@@ -0,0 +1,10 @@
+var __defProp = Object.defineProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+
+export {
+  __export
+};
+//# sourceMappingURL=chunk-CSAU5B4Q.js.map

package/build/chunk-CSAU5B4Q.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/build/chunk-OSVNBZ7V.js

@@ -0,0 +1,164 @@
+import {
+  E_OAUTH_MISSING_CODE,
+  E_OAUTH_STATE_MISMATCH,
+  RedirectRequest
+} from "./chunk-UF7PETXM.js";
+
+// src/abstract_drivers/oauth2.ts
+import { Exception } from "@poppinss/utils";
+import { Oauth2Client } from "@poppinss/oauth-client/oauth2";
+var Oauth2Driver = class extends Oauth2Client {
+  constructor(ctx, config) {
+    super(config);
+    this.ctx = ctx;
+    this.config = config;
+  }
+  /**
+   * Is the authorization process stateless?
+   */
+  isStateless = false;
+  /**
+   * Oauth client version
+   */
+  version = "oauth2";
+  /**
+   * The value of state read from the cookies.
+   */
+  stateCookieValue;
+  /**
+   * The Oauth2Client will use the instance returned from this method to
+   * build the redirect url
+   */
+  urlBuilder(url) {
+    return new RedirectRequest(url, this.scopeParamName, this.scopesSeparator);
+  }
+  /**
+   * Loads the value of state from the cookie and removes it right
+   * away. We read the cookie value and clear it during the
+   * current request lifecycle.
+   *
+   * :::::
+   * NOTE
+   * :::::
+   *
+   * This child class must call this method inside the constructor.
+   */
+  loadState() {
+    if (this.isStateless) {
+      return;
+    }
+    this.stateCookieValue = this.ctx.request.encryptedCookie(this.stateCookieName);
+    this.ctx.response.clearCookie(this.stateCookieName);
+  }
+  /**
+   * Persists the state inside the cookie
+   */
+  #persistState() {
+    if (this.isStateless) {
+      return;
+    }
+    const state = this.getState();
+    this.ctx.response.encryptedCookie(this.stateCookieName, state, {
+      sameSite: false,
+      httpOnly: true
+    });
+    return state;
+  }
+  /**
+   * Perform stateless authentication. Only applicable for Oauth2 client
+   */
+  stateless() {
+    this.isStateless = true;
+    return this;
+  }
+  /**
+   * Returns the redirect URL for the request.
+   */
+  async redirectUrl(callback) {
+    const url = this.getRedirectUrl(callback);
+    return url;
+  }
+  /**
+   * Redirect user for authorization.
+   */
+  async redirect(callback) {
+    const url = await this.redirectUrl((request) => {
+      const state = this.#persistState();
+      state && request.param(this.stateParamName, state);
+      if (typeof callback === "function") {
+        callback(request);
+      }
+    });
+    this.ctx.response.redirect(url);
+  }
+  /**
+   * Find if there is a state mismatch
+   */
+  stateMisMatch() {
+    if (this.isStateless) {
+      return false;
+    }
+    return this.stateCookieValue !== this.ctx.request.input(this.stateParamName);
+  }
+  /**
+   * Find if there is an error post redirect
+   */
+  hasError() {
+    return !!this.getError();
+  }
+  /**
+   * Get the post redirect error
+   */
+  getError() {
+    const error = this.ctx.request.input(this.errorParamName);
+    if (error) {
+      return error;
+    }
+    if (!this.hasCode()) {
+      return "unknown_error";
+    }
+    return null;
+  }
+  /**
+   * Returns the authorization code
+   */
+  getCode() {
+    return this.ctx.request.input(this.codeParamName, null);
+  }
+  /**
+   * Find it the code exists
+   */
+  hasCode() {
+    return !!this.getCode();
+  }
+  /**
+   * Get access token
+   */
+  async accessToken(callback) {
+    if (this.hasError()) {
+      throw new E_OAUTH_MISSING_CODE([this.codeParamName]);
+    }
+    if (this.stateMisMatch()) {
+      throw new E_OAUTH_STATE_MISMATCH();
+    }
+    return this.getAccessToken((request) => {
+      request.field(this.codeParamName, this.getCode());
+      if (typeof callback === "function") {
+        callback(request);
+      }
+    });
+  }
+  /**
+   * Not applicable with Oauth2
+   */
+  async userFromTokenAndSecret() {
+    throw new Exception(
+      '"userFromTokenAndSecret" is not applicable with Oauth2. Use "userFromToken" instead'
+    );
+  }
+};
+
+export {
+  Oauth2Driver
+};
+//# sourceMappingURL=chunk-OSVNBZ7V.js.map

package/build/chunk-OSVNBZ7V.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/abstract_drivers/oauth2.ts"],"sourcesContent":["/*\n * @adonisjs/ally\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport { Exception } from '@poppinss/utils'\nimport type { HttpContext } from '@adonisjs/core/http'\nimport { Oauth2Client } from '@poppinss/oauth-client/oauth2'\n\nimport {\n  AllyUserContract,\n  Oauth2AccessToken,\n  Oauth2DriverConfig,\n  ApiRequestContract,\n  AllyDriverContract,\n  RedirectRequestContract,\n} from '../types.js'\n\nimport * as errors from '../errors.js'\nimport { RedirectRequest } from '../redirect_request.js'\n\n/**\n * Abstract implementation for an Oauth2 driver\n */\nexport abstract class Oauth2Driver<Token extends Oauth2AccessToken, Scopes extends string>\n  extends Oauth2Client<Token>\n  implements AllyDriverContract<Token, Scopes>\n{\n  /**\n   * Is the authorization process stateless?\n   */\n  protected isStateless: boolean = false\n\n  /**\n   * The cookie name for storing the CSRF token. Must be unique for your\n   * driver. One option is to prefix the driver name. For example:\n   * `gh_oauth_state`\n   */\n  protected abstract stateCookieName: string\n\n  /**\n   * The parameter in which to send the state to the oauth provider. The same\n   * input is used to retrieve the state post redirect as well.\n   *\n   * You must check the auth provider docs to find it\n   */\n  protected abstract stateParamName: string\n\n  /**\n   * The parameter name from which to fetch the error message or error code\n   * post redirect.\n   *\n   * You must check the auth provider docs to find it\n   */\n  protected abstract errorParamName: string\n\n  /**\n   * The parameter name from which to fetch the authorization code. It is usually\n   * named as \"code\".\n   *\n   * You must check the auth provider docs to find it\n   */\n  protected abstract codeParamName: string\n\n  /**\n   * Authorization URL for the auth provider. The user will be redirected\n   * to this URL\n   */\n  protected abstract authorizeUrl: string\n\n  /**\n   * The URL to hit to get an access token\n   */\n  protected abstract accessTokenUrl: string\n\n  /**\n   * The query param name for defining the Authorization scopes.\n   * Mostly it is `scope`\n   */\n  protected abstract scopeParamName: string\n\n  /**\n   * The identifier for joining multiple scopes. Mostly it is a space.\n   */\n  protected abstract scopesSeparator: string\n\n  /**\n   * Returns details for the authorized user\n   */\n  abstract user(callback?: (request: ApiRequestContract) => void): Promise<AllyUserContract<Token>>\n\n  /**\n   * Finds the user by access token\n   */\n  abstract userFromToken(\n    token: string,\n    callback?: (request: ApiRequestContract) => void\n  ): Promise<AllyUserContract<{ token: string; type: 'bearer' }>>\n\n  /**\n   * Find if the current error code is for access denied\n   */\n  abstract accessDenied(): boolean\n\n  /**\n   * Oauth client version\n   */\n  version = 'oauth2' as const\n\n  /**\n   * The value of state read from the cookies.\n   */\n  protected stateCookieValue?: string\n\n  constructor(\n    protected ctx: HttpContext,\n    public config: Oauth2DriverConfig\n  ) {\n    super(config)\n  }\n\n  /**\n   * The Oauth2Client will use the instance returned from this method to\n   * build the redirect url\n   */\n  protected urlBuilder(url: string) {\n    return new RedirectRequest(url, this.scopeParamName, this.scopesSeparator)\n  }\n\n  /**\n   * Loads the value of state from the cookie and removes it right\n   * away. We read the cookie value and clear it during the\n   * current request lifecycle.\n   *\n   * :::::\n   * NOTE\n   * :::::\n   *\n   * This child class must call this method inside the constructor.\n   */\n  protected loadState() {\n    if (this.isStateless) {\n      return\n    }\n\n    this.stateCookieValue = this.ctx.request.encryptedCookie(this.stateCookieName)\n    this.ctx.response.clearCookie(this.stateCookieName)\n  }\n\n  /**\n   * Persists the state inside the cookie\n   */\n  #persistState(): string | undefined {\n    if (this.isStateless) {\n      return\n    }\n\n    const state = this.getState()\n    this.ctx.response.encryptedCookie(this.stateCookieName, state, {\n      sameSite: false,\n      httpOnly: true,\n    })\n\n    return state\n  }\n\n  /**\n   * Perform stateless authentication. Only applicable for Oauth2 client\n   */\n  stateless(): this {\n    this.isStateless = true\n    return this\n  }\n\n  /**\n   * Returns the redirect URL for the request.\n   */\n  async redirectUrl(\n    callback?: (request: RedirectRequestContract<Scopes>) => void\n  ): Promise<string> {\n    const url = this.getRedirectUrl(callback as any)\n    return url\n  }\n\n  /**\n   * Redirect user for authorization.\n   */\n  async redirect(callback?: (request: RedirectRequestContract<Scopes>) => void): Promise<void> {\n    const url = await this.redirectUrl((request) => {\n      const state = this.#persistState()\n      state && request.param(this.stateParamName, state)\n\n      if (typeof callback === 'function') {\n        callback(request)\n      }\n    })\n\n    this.ctx.response.redirect(url)\n  }\n\n  /**\n   * Find if there is a state mismatch\n   */\n  stateMisMatch(): boolean {\n    if (this.isStateless) {\n      return false\n    }\n\n    return this.stateCookieValue !== this.ctx.request.input(this.stateParamName)\n  }\n\n  /**\n   * Find if there is an error post redirect\n   */\n  hasError(): boolean {\n    return !!this.getError()\n  }\n\n  /**\n   * Get the post redirect error\n   */\n  getError(): string | null {\n    const error = this.ctx.request.input(this.errorParamName)\n    if (error) {\n      return error\n    }\n\n    if (!this.hasCode()) {\n      return 'unknown_error'\n    }\n\n    return null\n  }\n\n  /**\n   * Returns the authorization code\n   */\n  getCode(): string | null {\n    return this.ctx.request.input(this.codeParamName, null)\n  }\n\n  /**\n   * Find it the code exists\n   */\n  hasCode(): boolean {\n    return !!this.getCode()\n  }\n\n  /**\n   * Get access token\n   */\n  async accessToken(callback?: (request: ApiRequestContract) => void): Promise<Token> {\n    /**\n     * We expect the user to handle errors before calling this method\n     */\n    if (this.hasError()) {\n      throw new errors.E_OAUTH_MISSING_CODE([this.codeParamName])\n    }\n\n    /**\n     * We expect the user to properly handle the state mis-match use case before\n     * calling this method\n     */\n    if (this.stateMisMatch()) {\n      throw new errors.E_OAUTH_STATE_MISMATCH()\n    }\n\n    /**\n     * Get access token by providing the authorization code\n     */\n    return this.getAccessToken((request) => {\n      request.field(this.codeParamName, this.getCode())\n\n      if (typeof callback === 'function') {\n        callback(request)\n      }\n    })\n  }\n\n  /**\n   * Not applicable with Oauth2\n   */\n  async userFromTokenAndSecret(): Promise<never> {\n    throw new Exception(\n      '\"userFromTokenAndSecret\" is not applicable with Oauth2. Use \"userFromToken\" instead'\n    )\n  }\n}\n"],"mappings":";;;;;;;AASA,SAAS,iBAAiB;AAE1B,SAAS,oBAAoB;AAiBtB,IAAe,eAAf,cACG,aAEV;AAAA,EAuFE,YACY,KACH,QACP;AACA,UAAM,MAAM;AAHF;AACH;AAAA,EAGT;AAAA;AAAA;AAAA;AAAA,EAxFU,cAAuB;AAAA;AAAA;AAAA;AAAA,EA4EjC,UAAU;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,WAAW,KAAa;AAChC,WAAO,IAAI,gBAAgB,KAAK,KAAK,gBAAgB,KAAK,eAAe;AAAA,EAC3E;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaU,YAAY;AACpB,QAAI,KAAK,aAAa;AACpB;AAAA,IACF;AAEA,SAAK,mBAAmB,KAAK,IAAI,QAAQ,gBAAgB,KAAK,eAAe;AAC7E,SAAK,IAAI,SAAS,YAAY,KAAK,eAAe;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,gBAAoC;AAClC,QAAI,KAAK,aAAa;AACpB;AAAA,IACF;AAEA,UAAM,QAAQ,KAAK,SAAS;AAC5B,SAAK,IAAI,SAAS,gBAAgB,KAAK,iBAAiB,OAAO;AAAA,MAC7D,UAAU;AAAA,MACV,UAAU;AAAA,IACZ,CAAC;AAED,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,YAAkB;AAChB,SAAK,cAAc;AACnB,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YACJ,UACiB;AACjB,UAAM,MAAM,KAAK,eAAe,QAAe;AAC/C,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAS,UAA8E;AAC3F,UAAM,MAAM,MAAM,KAAK,YAAY,CAAC,YAAY;AAC9C,YAAM,QAAQ,KAAK,cAAc;AACjC,eAAS,QAAQ,MAAM,KAAK,gBAAgB,KAAK;AAEjD,UAAI,OAAO,aAAa,YAAY;AAClC,iBAAS,OAAO;AAAA,MAClB;AAAA,IACF,CAAC;AAED,SAAK,IAAI,SAAS,SAAS,GAAG;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA,EAKA,gBAAyB;AACvB,QAAI,KAAK,aAAa;AACpB,aAAO;AAAA,IACT;AAEA,WAAO,KAAK,qBAAqB,KAAK,IAAI,QAAQ,MAAM,KAAK,cAAc;AAAA,EAC7E;AAAA;AAAA;AAAA;AAAA,EAKA,WAAoB;AAClB,WAAO,CAAC,CAAC,KAAK,SAAS;AAAA,EACzB;AAAA;AAAA;AAAA;AAAA,EAKA,WAA0B;AACxB,UAAM,QAAQ,KAAK,IAAI,QAAQ,MAAM,KAAK,cAAc;AACxD,QAAI,OAAO;AACT,aAAO;AAAA,IACT;AAEA,QAAI,CAAC,KAAK,QAAQ,GAAG;AACnB,aAAO;AAAA,IACT;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,UAAyB;AACvB,WAAO,KAAK,IAAI,QAAQ,MAAM,KAAK,eAAe,IAAI;AAAA,EACxD;AAAA;AAAA;AAAA;AAAA,EAKA,UAAmB;AACjB,WAAO,CAAC,CAAC,KAAK,QAAQ;AAAA,EACxB;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,UAAkE;AAIlF,QAAI,KAAK,SAAS,GAAG;AACnB,YAAM,IAAW,qBAAqB,CAAC,KAAK,aAAa,CAAC;AAAA,IAC5D;AAMA,QAAI,KAAK,cAAc,GAAG;AACxB,YAAM,IAAW,uBAAuB;AAAA,IAC1C;AAKA,WAAO,KAAK,eAAe,CAAC,YAAY;AACtC,cAAQ,MAAM,KAAK,eAAe,KAAK,QAAQ,CAAC;AAEhD,UAAI,OAAO,aAAa,YAAY;AAClC,iBAAS,OAAO;AAAA,MAClB;AAAA,IACF,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,yBAAyC;AAC7C,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACF;","names":[]}

package/build/chunk-UF7PETXM.js

@@ -0,0 +1,83 @@
+import {
+  __export
+} from "./chunk-CSAU5B4Q.js";
+
+// src/errors.ts
+var errors_exports = {};
+__export(errors_exports, {
+  E_OAUTH_MISSING_CODE: () => E_OAUTH_MISSING_CODE,
+  E_OAUTH_STATE_MISMATCH: () => E_OAUTH_STATE_MISMATCH
+});
+import { createError } from "@poppinss/utils";
+var E_OAUTH_MISSING_CODE = createError(
+  'Cannot request access token. Redirect request is missing the "%s" param',
+  "E_OAUTH_MISSING_CODE",
+  500
+);
+var E_OAUTH_STATE_MISMATCH = createError(
+  "Unable to verify re-redirect state",
+  "E_OAUTH_STATE_MISMATCH",
+  400
+);
+
+// src/redirect_request.ts
+import { UrlBuilder } from "@poppinss/oauth-client";
+var RedirectRequest = class extends UrlBuilder {
+  #scopesTransformer;
+  #scopeParamName;
+  #scopeSeparator;
+  constructor(baseUrl, scopeParamName, scopeSeparator) {
+    super(baseUrl);
+    this.#scopeParamName = scopeParamName;
+    this.#scopeSeparator = scopeSeparator;
+  }
+  /**
+   * Register a custom function to transform scopes. Exposed for drivers
+   * to implement.
+   */
+  transformScopes(callback) {
+    this.#scopesTransformer = callback;
+    return this;
+  }
+  /**
+   * Define an array of scopes.
+   */
+  scopes(scopes) {
+    if (typeof this.#scopesTransformer === "function") {
+      scopes = this.#scopesTransformer(scopes);
+    }
+    this.param(this.#scopeParamName, scopes.join(this.#scopeSeparator));
+    return this;
+  }
+  /**
+   * Merge to existing scopes
+   */
+  mergeScopes(scopes) {
+    if (typeof this.#scopesTransformer === "function") {
+      scopes = this.#scopesTransformer(scopes);
+    }
+    const existingScopes = this.getParams()[this.#scopeParamName];
+    const scopesString = scopes.join(this.#scopeSeparator);
+    if (!existingScopes) {
+      this.param(this.#scopeParamName, scopesString);
+      return this;
+    }
+    this.param(this.#scopeParamName, `${existingScopes}${this.#scopeSeparator}${scopesString}`);
+    return this;
+  }
+  /**
+   * Clear existing scopes
+   */
+  clearScopes() {
+    this.clearParam(this.#scopeParamName);
+    return this;
+  }
+};
+
+export {
+  E_OAUTH_MISSING_CODE,
+  E_OAUTH_STATE_MISMATCH,
+  errors_exports,
+  RedirectRequest
+};
+//# sourceMappingURL=chunk-UF7PETXM.js.map

package/build/chunk-UF7PETXM.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/errors.ts","../src/redirect_request.ts"],"sourcesContent":["/*\n * @adonisjs/ally\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport { createError } from '@poppinss/utils'\n\nexport const E_OAUTH_MISSING_CODE = createError<[string]>(\n  'Cannot request access token. Redirect request is missing the \"%s\" param',\n  'E_OAUTH_MISSING_CODE',\n  500\n)\n\nexport const E_OAUTH_STATE_MISMATCH = createError(\n  'Unable to verify re-redirect state',\n  'E_OAUTH_STATE_MISMATCH',\n  400\n)\n","/*\n * @adonisjs/ally\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport { UrlBuilder } from '@poppinss/oauth-client'\nimport { LiteralStringUnion } from './types.js'\n\n/**\n * Redirect request with first class support for defining scopes.\n */\nexport class RedirectRequest<Scopes extends string> extends UrlBuilder {\n  #scopesTransformer: undefined | ((scopes: LiteralStringUnion<Scopes>[]) => string[])\n  #scopeParamName: string\n  #scopeSeparator: string\n\n  constructor(baseUrl: string, scopeParamName: string, scopeSeparator: string) {\n    super(baseUrl)\n    this.#scopeParamName = scopeParamName\n    this.#scopeSeparator = scopeSeparator\n  }\n\n  /**\n   * Register a custom function to transform scopes. Exposed for drivers\n   * to implement.\n   */\n  transformScopes(callback: (scopes: LiteralStringUnion<Scopes>[]) => string[]): this {\n    this.#scopesTransformer = callback\n    return this\n  }\n\n  /**\n   * Define an array of scopes.\n   */\n  scopes(scopes: LiteralStringUnion<Scopes>[]): this {\n    if (typeof this.#scopesTransformer === 'function') {\n      scopes = this.#scopesTransformer(scopes)\n    }\n\n    this.param(this.#scopeParamName, scopes.join(this.#scopeSeparator))\n    return this\n  }\n\n  /**\n   * Merge to existing scopes\n   */\n  mergeScopes(scopes: LiteralStringUnion<Scopes>[]): this {\n    if (typeof this.#scopesTransformer === 'function') {\n      scopes = this.#scopesTransformer(scopes)\n    }\n\n    const existingScopes = this.getParams()[this.#scopeParamName]\n    const scopesString = scopes.join(this.#scopeSeparator)\n\n    if (!existingScopes) {\n      this.param(this.#scopeParamName, scopesString)\n      return this\n    }\n\n    this.param(this.#scopeParamName, `${existingScopes}${this.#scopeSeparator}${scopesString}`)\n    return this\n  }\n\n  /**\n   * Clear existing scopes\n   */\n  clearScopes(): this {\n    this.clearParam(this.#scopeParamName)\n    return this\n  }\n}\n"],"mappings":";;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AASA,SAAS,mBAAmB;AAErB,IAAM,uBAAuB;AAAA,EAClC;AAAA,EACA;AAAA,EACA;AACF;AAEO,IAAM,yBAAyB;AAAA,EACpC;AAAA,EACA;AAAA,EACA;AACF;;;ACZA,SAAS,kBAAkB;AAMpB,IAAM,kBAAN,cAAqD,WAAW;AAAA,EACrE;AAAA,EACA;AAAA,EACA;AAAA,EAEA,YAAY,SAAiB,gBAAwB,gBAAwB;AAC3E,UAAM,OAAO;AACb,SAAK,kBAAkB;AACvB,SAAK,kBAAkB;AAAA,EACzB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,gBAAgB,UAAoE;AAClF,SAAK,qBAAqB;AAC1B,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,QAA4C;AACjD,QAAI,OAAO,KAAK,uBAAuB,YAAY;AACjD,eAAS,KAAK,mBAAmB,MAAM;AAAA,IACzC;AAEA,SAAK,MAAM,KAAK,iBAAiB,OAAO,KAAK,KAAK,eAAe,CAAC;AAClE,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,YAAY,QAA4C;AACtD,QAAI,OAAO,KAAK,uBAAuB,YAAY;AACjD,eAAS,KAAK,mBAAmB,MAAM;AAAA,IACzC;AAEA,UAAM,iBAAiB,KAAK,UAAU,EAAE,KAAK,eAAe;AAC5D,UAAM,eAAe,OAAO,KAAK,KAAK,eAAe;AAErD,QAAI,CAAC,gBAAgB;AACnB,WAAK,MAAM,KAAK,iBAAiB,YAAY;AAC7C,aAAO;AAAA,IACT;AAEA,SAAK,MAAM,KAAK,iBAAiB,GAAG,cAAc,GAAG,KAAK,eAAe,GAAG,YAAY,EAAE;AAC1F,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,cAAoB;AAClB,SAAK,WAAW,KAAK,eAAe;AACpC,WAAO;AAAA,EACT;AACF;","names":[]}

package/build/chunk-UIZWPBWM.js

@@ -0,0 +1,38 @@
+// src/ally_manager.ts
+import { RuntimeException } from "@poppinss/utils";
+var AllyManager = class {
+  /**
+   * Config with the list of social providers
+   */
+  #config;
+  #ctx;
+  #driversCache = /* @__PURE__ */ new Map();
+  constructor(config, ctx) {
+    this.#ctx = ctx;
+    this.#config = config;
+  }
+  /**
+   * Returns the driver instance of a social provider
+   */
+  use(provider) {
+    if (this.#driversCache.has(provider)) {
+      return this.#driversCache.get(provider);
+    }
+    const driver = this.#config[provider];
+    if (!driver) {
+      throw new RuntimeException(
+        `Unknown ally provider "${String(
+          provider
+        )}". Make sure it is registered inside the config/ally.ts file`
+      );
+    }
+    const driverInstance = driver(this.#ctx);
+    this.#driversCache.set(provider, driverInstance);
+    return driverInstance;
+  }
+};
+
+export {
+  AllyManager
+};
+//# sourceMappingURL=chunk-UIZWPBWM.js.map

package/build/chunk-UIZWPBWM.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/ally_manager.ts"],"sourcesContent":["/*\n * @adonisjs/ally\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport { RuntimeException } from '@poppinss/utils'\nimport type { HttpContext } from '@adonisjs/core/http'\nimport type { AllyDriverContract, AllyManagerDriverFactory } from './types.js'\n\n/**\n * AllyManager is used to create instances of a social drivers during an\n * HTTP request. The drivers are cached during the lifecycle of a request.\n */\nexport class AllyManager<KnownSocialProviders extends Record<string, AllyManagerDriverFactory>> {\n  /**\n   * Config with the list of social providers\n   */\n  #config: KnownSocialProviders\n  #ctx: HttpContext\n  #driversCache: Map<keyof KnownSocialProviders, AllyDriverContract<any, any>> = new Map()\n\n  constructor(config: KnownSocialProviders, ctx: HttpContext) {\n    this.#ctx = ctx\n    this.#config = config\n  }\n\n  /**\n   * Returns the driver instance of a social provider\n   */\n  use<SocialProvider extends keyof KnownSocialProviders>(\n    provider: SocialProvider\n  ): ReturnType<KnownSocialProviders[SocialProvider]> {\n    if (this.#driversCache.has(provider)) {\n      return this.#driversCache.get(provider) as ReturnType<KnownSocialProviders[SocialProvider]>\n    }\n\n    const driver = this.#config[provider]\n    if (!driver) {\n      throw new RuntimeException(\n        `Unknown ally provider \"${String(\n          provider\n        )}\". Make sure it is registered inside the config/ally.ts file`\n      )\n    }\n\n    const driverInstance = driver(this.#ctx) as ReturnType<KnownSocialProviders[SocialProvider]>\n    this.#driversCache.set(provider, driverInstance)\n\n    return driverInstance\n  }\n}\n"],"mappings":";AASA,SAAS,wBAAwB;AAQ1B,IAAM,cAAN,MAAyF;AAAA;AAAA;AAAA;AAAA,EAI9F;AAAA,EACA;AAAA,EACA,gBAA+E,oBAAI,IAAI;AAAA,EAEvF,YAAY,QAA8B,KAAkB;AAC1D,SAAK,OAAO;AACZ,SAAK,UAAU;AAAA,EACjB;AAAA;AAAA;AAAA;AAAA,EAKA,IACE,UACkD;AAClD,QAAI,KAAK,cAAc,IAAI,QAAQ,GAAG;AACpC,aAAO,KAAK,cAAc,IAAI,QAAQ;AAAA,IACxC;AAEA,UAAM,SAAS,KAAK,QAAQ,QAAQ;AACpC,QAAI,CAAC,QAAQ;AACX,YAAM,IAAI;AAAA,QACR,0BAA0B;AAAA,UACxB;AAAA,QACF,CAAC;AAAA,MACH;AAAA,IACF;AAEA,UAAM,iBAAiB,OAAO,KAAK,IAAI;AACvC,SAAK,cAAc,IAAI,UAAU,cAAc;AAE/C,WAAO;AAAA,EACT;AACF;","names":[]}

package/build/chunk-Y3GA4Y2H.js

@@ -0,0 +1,170 @@
+import {
+  E_OAUTH_MISSING_CODE,
+  E_OAUTH_STATE_MISMATCH,
+  RedirectRequest
+} from "./chunk-UF7PETXM.js";
+
+// src/abstract_drivers/oauth1.ts
+import { Exception } from "@poppinss/utils";
+import { Oauth1Client } from "@poppinss/oauth-client/oauth1";
+var Oauth1Driver = class extends Oauth1Client {
+  constructor(ctx, config) {
+    super(config);
+    this.ctx = ctx;
+    this.config = config;
+  }
+  /**
+   * Oauth client version
+   */
+  version = "oauth1";
+  /**
+   * The value of "oauth_token" and "oauth_secret" from the cookies
+   */
+  oauthTokenCookieValue;
+  oauthSecretCookieValue;
+  /**
+   * The cookie name for storing the secret
+   */
+  get oauthSecretCookieName() {
+    return `${this.oauthTokenCookieName}_secret`;
+  }
+  /**
+   * The Oauth1Client will use the instance returned from this method to
+   * build the redirect url
+   */
+  urlBuilder(url) {
+    return new RedirectRequest(url, this.scopeParamName, this.scopesSeparator);
+  }
+  /**
+   * Loads the value of state from the cookie and removes it right
+   * away. We read the cookie value and clear it during the
+   * current request lifecycle.
+   *
+   * :::::
+   * NOTE
+   * :::::
+   *
+   * This child class must call this method inside the constructor.
+   */
+  loadState() {
+    this.oauthTokenCookieValue = this.ctx.request.encryptedCookie(this.oauthTokenCookieName);
+    this.oauthSecretCookieValue = this.ctx.request.encryptedCookie(this.oauthSecretCookieName);
+    this.ctx.response.clearCookie(this.oauthTokenCookieName);
+    this.ctx.response.clearCookie(this.oauthSecretCookieName);
+  }
+  /**
+   * Persists the token (aka state) inside the cookie
+   */
+  #persistToken(token) {
+    this.ctx.response.encryptedCookie(this.oauthTokenCookieName, token, {
+      sameSite: false,
+      httpOnly: true
+    });
+  }
+  /**
+   * Persists the secret inside the cookie
+   */
+  #persistSecret(secret) {
+    this.ctx.response.encryptedCookie(this.oauthSecretCookieName, secret, {
+      sameSite: false,
+      httpOnly: true
+    });
+  }
+  /**
+   * Perform stateless authentication. Only applicable for Oauth1 client
+   */
+  stateless() {
+    throw new Exception("OAuth1 does not support stateless authorization");
+  }
+  /**
+   * Returns the redirect URL for the request.
+   */
+  async redirectUrl(callback) {
+    return this.getRedirectUrl(callback);
+  }
+  /**
+   * Redirect user for authorization.
+   */
+  async redirect(callback) {
+    const { token, secret } = await this.getRequestToken();
+    this.#persistToken(token);
+    this.#persistSecret(secret);
+    const url = await this.redirectUrl((request) => {
+      request.param(this.oauthTokenParamName, token);
+      if (typeof callback === "function") {
+        callback(request);
+      }
+    });
+    this.ctx.response.redirect(url);
+  }
+  /**
+   * Find if there is a state mismatch
+   */
+  stateMisMatch() {
+    return this.oauthTokenCookieValue !== this.ctx.request.input(this.oauthTokenParamName);
+  }
+  /**
+   * Find if there is an error post redirect
+   */
+  hasError() {
+    return !!this.getError();
+  }
+  /**
+   * Get the post redirect error
+   */
+  getError() {
+    const error = this.ctx.request.input(this.errorParamName);
+    if (error) {
+      return error;
+    }
+    if (!this.hasCode()) {
+      return "unknown_error";
+    }
+    return null;
+  }
+  /**
+   * Returns the "oauth_verifier" token
+   */
+  getCode() {
+    return this.ctx.request.input(this.oauthTokenVerifierName, null);
+  }
+  /**
+   * Find it the code exists
+   */
+  hasCode() {
+    return !!this.getCode();
+  }
+  /**
+   * Get access token
+   */
+  async accessToken(callback) {
+    if (this.hasError()) {
+      throw new E_OAUTH_MISSING_CODE([this.oauthTokenVerifierName]);
+    }
+    if (this.stateMisMatch()) {
+      throw new E_OAUTH_STATE_MISMATCH();
+    }
+    return this.getAccessToken(
+      { token: this.oauthTokenCookieValue, secret: this.oauthSecretCookieValue },
+      (request) => {
+        request.oauth1Param(this.oauthTokenVerifierName, this.getCode());
+        if (typeof callback === "function") {
+          callback(request);
+        }
+      }
+    );
+  }
+  /**
+   * Not applicable with Oauth1
+   */
+  async userFromToken() {
+    throw new Exception(
+      '"userFromToken" is not available with Oauth1. Use "userFromTokenAndSecret" instead'
+    );
+  }
+};
+
+export {
+  Oauth1Driver
+};
+//# sourceMappingURL=chunk-Y3GA4Y2H.js.map

package/build/chunk-Y3GA4Y2H.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/abstract_drivers/oauth1.ts"],"sourcesContent":["/*\n * @adonisjs/ally\n *\n * (c) AdonisJS\n *\n * For the full copyright and license information, please view the LICENSE\n * file that was distributed with this source code.\n */\n\nimport { Exception } from '@poppinss/utils'\nimport type { HttpContext } from '@adonisjs/core/http'\nimport { Oauth1Client } from '@poppinss/oauth-client/oauth1'\n\nimport {\n  AllyUserContract,\n  Oauth1AccessToken,\n  Oauth1DriverConfig,\n  ApiRequestContract,\n  AllyDriverContract,\n  RedirectRequestContract,\n} from '../types.js'\n\nimport * as errors from '../errors.js'\nimport { RedirectRequest } from '../redirect_request.js'\n\n/**\n * Abstract implementation for an Oauth1 driver\n */\nexport abstract class Oauth1Driver<Token extends Oauth1AccessToken, Scopes extends string>\n  extends Oauth1Client<Token>\n  implements AllyDriverContract<Token, Scopes>\n{\n  /**\n   * The cookie name for storing the \"oauth_token\". Must be unique for your\n   * driver. One option is to prefix the driver name. For example:\n   * `twitter_oauth_token`\n   */\n  protected abstract oauthTokenCookieName: string\n\n  /**\n   * Name of the \"oauth_token\" param. This is the query string value post\n   * authorization redirect\n   */\n  protected abstract oauthTokenParamName: string\n\n  /**\n   * Name of the \"oauth_verifier\" param. This is the query string value post\n   * authorization redirect\n   */\n  protected abstract oauthTokenVerifierName: string\n\n  /**\n   * The parameter name from which to fetch the error message or error code\n   * post redirect.\n   *\n   * You must check the auth provider docs to find it\n   */\n  protected abstract errorParamName: string\n\n  /**\n   * Request token URL for the auth provider. The initial set of tokens\n   * are generated from this url\n   */\n  protected abstract requestTokenUrl: string\n\n  /**\n   * Authorization URL for the auth provider. The user will be redirected\n   * to this URL\n   */\n  protected abstract authorizeUrl: string\n\n  /**\n   * The URL to hit to get an access token\n   */\n  protected abstract accessTokenUrl: string\n\n  /**\n   * The query param name for defining the Authorization scopes.\n   * Mostly it is `scope`. Leave to empty string when scopes\n   * are not applicable\n   */\n  protected abstract scopeParamName: string\n\n  /**\n   * The identifier for joining multiple scopes. Mostly it is a space.\n   */\n  protected abstract scopesSeparator: string\n\n  /**\n   * Returns details for the authorized user\n   */\n  abstract user(callback?: (request: ApiRequestContract) => void): Promise<AllyUserContract<Token>>\n\n  /**\n   * Finds the user by access token\n   */\n  abstract userFromTokenAndSecret(\n    token: string,\n    secret: string,\n    callback?: (request: ApiRequestContract) => void\n  ): Promise<AllyUserContract<{ token: string; secret: string }>>\n\n  /**\n   * Find if the current error code is for access denied\n   */\n  abstract accessDenied(): boolean\n\n  /**\n   * Oauth client version\n   */\n  version = 'oauth1' as const\n\n  /**\n   * The value of \"oauth_token\" and \"oauth_secret\" from the cookies\n   */\n  protected oauthTokenCookieValue?: string\n  protected oauthSecretCookieValue?: string\n\n  /**\n   * The cookie name for storing the secret\n   */\n  protected get oauthSecretCookieName() {\n    return `${this.oauthTokenCookieName}_secret`\n  }\n\n  constructor(\n    protected ctx: HttpContext,\n    public config: Oauth1DriverConfig\n  ) {\n    super(config)\n  }\n\n  /**\n   * The Oauth1Client will use the instance returned from this method to\n   * build the redirect url\n   */\n  protected urlBuilder(url: string) {\n    return new RedirectRequest(url, this.scopeParamName, this.scopesSeparator)\n  }\n\n  /**\n   * Loads the value of state from the cookie and removes it right\n   * away. We read the cookie value and clear it during the\n   * current request lifecycle.\n   *\n   * :::::\n   * NOTE\n   * :::::\n   *\n   * This child class must call this method inside the constructor.\n   */\n  protected loadState() {\n    /**\n     * Read and cache in-memory\n     */\n    this.oauthTokenCookieValue = this.ctx.request.encryptedCookie(this.oauthTokenCookieName)\n    this.oauthSecretCookieValue = this.ctx.request.encryptedCookie(this.oauthSecretCookieName)\n\n    /**\n     * Clear cookies\n     */\n    this.ctx.response.clearCookie(this.oauthTokenCookieName)\n    this.ctx.response.clearCookie(this.oauthSecretCookieName)\n  }\n\n  /**\n   * Persists the token (aka state) inside the cookie\n   */\n  #persistToken(token: string): void {\n    this.ctx.response.encryptedCookie(this.oauthTokenCookieName, token, {\n      sameSite: false,\n      httpOnly: true,\n    })\n  }\n\n  /**\n   * Persists the secret inside the cookie\n   */\n  #persistSecret(secret: string): void {\n    this.ctx.response.encryptedCookie(this.oauthSecretCookieName, secret, {\n      sameSite: false,\n      httpOnly: true,\n    })\n  }\n\n  /**\n   * Perform stateless authentication. Only applicable for Oauth1 client\n   */\n  stateless(): never {\n    throw new Exception('OAuth1 does not support stateless authorization')\n  }\n\n  /**\n   * Returns the redirect URL for the request.\n   */\n  async redirectUrl(\n    callback?: (request: RedirectRequestContract<Scopes>) => void\n  ): Promise<string> {\n    return this.getRedirectUrl(callback as any)\n  }\n\n  /**\n   * Redirect user for authorization.\n   */\n  async redirect(callback?: (request: RedirectRequestContract<Scopes>) => void): Promise<void> {\n    const { token, secret } = await this.getRequestToken()\n\n    /**\n     * Storing token and secret inside cookies. We need them\n     * later\n     */\n    this.#persistToken(token)\n    this.#persistSecret(secret)\n\n    const url = await this.redirectUrl((request) => {\n      request.param(this.oauthTokenParamName, token)\n\n      if (typeof callback === 'function') {\n        callback(request)\n      }\n    })\n\n    this.ctx.response.redirect(url)\n  }\n\n  /**\n   * Find if there is a state mismatch\n   */\n  stateMisMatch(): boolean {\n    return this.oauthTokenCookieValue !== this.ctx.request.input(this.oauthTokenParamName)\n  }\n\n  /**\n   * Find if there is an error post redirect\n   */\n  hasError(): boolean {\n    return !!this.getError()\n  }\n\n  /**\n   * Get the post redirect error\n   */\n  getError(): string | null {\n    const error = this.ctx.request.input(this.errorParamName)\n    if (error) {\n      return error\n    }\n\n    if (!this.hasCode()) {\n      return 'unknown_error'\n    }\n\n    return null\n  }\n\n  /**\n   * Returns the \"oauth_verifier\" token\n   */\n  getCode(): string | null {\n    return this.ctx.request.input(this.oauthTokenVerifierName, null)\n  }\n\n  /**\n   * Find it the code exists\n   */\n  hasCode(): boolean {\n    return !!this.getCode()\n  }\n\n  /**\n   * Get access token\n   */\n  async accessToken(callback?: (request: ApiRequestContract) => void): Promise<Token> {\n    /**\n     * We expect the user to handle errors before calling this method\n     */\n    if (this.hasError()) {\n      throw new errors.E_OAUTH_MISSING_CODE([this.oauthTokenVerifierName])\n    }\n\n    /**\n     * We expect the user to properly handle the state mis-match use case before\n     * calling this method\n     */\n    if (this.stateMisMatch()) {\n      throw new errors.E_OAUTH_STATE_MISMATCH()\n    }\n\n    /**\n     * Get access token by providing the authorization code\n     */\n    return this.getAccessToken(\n      { token: this.oauthTokenCookieValue!, secret: this.oauthSecretCookieValue! },\n      (request) => {\n        request.oauth1Param(this.oauthTokenVerifierName, this.getCode())\n\n        if (typeof callback === 'function') {\n          callback(request)\n        }\n      }\n    )\n  }\n\n  /**\n   * Not applicable with Oauth1\n   */\n  async userFromToken(): Promise<never> {\n    throw new Exception(\n      '\"userFromToken\" is not available with Oauth1. Use \"userFromTokenAndSecret\" instead'\n    )\n  }\n}\n"],"mappings":";;;;;;;AASA,SAAS,iBAAiB;AAE1B,SAAS,oBAAoB;AAiBtB,IAAe,eAAf,cACG,aAEV;AAAA,EA8FE,YACY,KACH,QACP;AACA,UAAM,MAAM;AAHF;AACH;AAAA,EAGT;AAAA;AAAA;AAAA;AAAA,EApBA,UAAU;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA,EACA;AAAA;AAAA;AAAA;AAAA,EAKV,IAAc,wBAAwB;AACpC,WAAO,GAAG,KAAK,oBAAoB;AAAA,EACrC;AAAA;AAAA;AAAA;AAAA;AAAA,EAaU,WAAW,KAAa;AAChC,WAAO,IAAI,gBAAgB,KAAK,KAAK,gBAAgB,KAAK,eAAe;AAAA,EAC3E;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaU,YAAY;AAIpB,SAAK,wBAAwB,KAAK,IAAI,QAAQ,gBAAgB,KAAK,oBAAoB;AACvF,SAAK,yBAAyB,KAAK,IAAI,QAAQ,gBAAgB,KAAK,qBAAqB;AAKzF,SAAK,IAAI,SAAS,YAAY,KAAK,oBAAoB;AACvD,SAAK,IAAI,SAAS,YAAY,KAAK,qBAAqB;AAAA,EAC1D;AAAA;AAAA;AAAA;AAAA,EAKA,cAAc,OAAqB;AACjC,SAAK,IAAI,SAAS,gBAAgB,KAAK,sBAAsB,OAAO;AAAA,MAClE,UAAU;AAAA,MACV,UAAU;AAAA,IACZ,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,eAAe,QAAsB;AACnC,SAAK,IAAI,SAAS,gBAAgB,KAAK,uBAAuB,QAAQ;AAAA,MACpE,UAAU;AAAA,MACV,UAAU;AAAA,IACZ,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,YAAmB;AACjB,UAAM,IAAI,UAAU,iDAAiD;AAAA,EACvE;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YACJ,UACiB;AACjB,WAAO,KAAK,eAAe,QAAe;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAS,UAA8E;AAC3F,UAAM,EAAE,OAAO,OAAO,IAAI,MAAM,KAAK,gBAAgB;AAMrD,SAAK,cAAc,KAAK;AACxB,SAAK,eAAe,MAAM;AAE1B,UAAM,MAAM,MAAM,KAAK,YAAY,CAAC,YAAY;AAC9C,cAAQ,MAAM,KAAK,qBAAqB,KAAK;AAE7C,UAAI,OAAO,aAAa,YAAY;AAClC,iBAAS,OAAO;AAAA,MAClB;AAAA,IACF,CAAC;AAED,SAAK,IAAI,SAAS,SAAS,GAAG;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA,EAKA,gBAAyB;AACvB,WAAO,KAAK,0BAA0B,KAAK,IAAI,QAAQ,MAAM,KAAK,mBAAmB;AAAA,EACvF;AAAA;AAAA;AAAA;AAAA,EAKA,WAAoB;AAClB,WAAO,CAAC,CAAC,KAAK,SAAS;AAAA,EACzB;AAAA;AAAA;AAAA;AAAA,EAKA,WAA0B;AACxB,UAAM,QAAQ,KAAK,IAAI,QAAQ,MAAM,KAAK,cAAc;AACxD,QAAI,OAAO;AACT,aAAO;AAAA,IACT;AAEA,QAAI,CAAC,KAAK,QAAQ,GAAG;AACnB,aAAO;AAAA,IACT;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,UAAyB;AACvB,WAAO,KAAK,IAAI,QAAQ,MAAM,KAAK,wBAAwB,IAAI;AAAA,EACjE;AAAA;AAAA;AAAA;AAAA,EAKA,UAAmB;AACjB,WAAO,CAAC,CAAC,KAAK,QAAQ;AAAA,EACxB;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,UAAkE;AAIlF,QAAI,KAAK,SAAS,GAAG;AACnB,YAAM,IAAW,qBAAqB,CAAC,KAAK,sBAAsB,CAAC;AAAA,IACrE;AAMA,QAAI,KAAK,cAAc,GAAG;AACxB,YAAM,IAAW,uBAAuB;AAAA,IAC1C;AAKA,WAAO,KAAK;AAAA,MACV,EAAE,OAAO,KAAK,uBAAwB,QAAQ,KAAK,uBAAwB;AAAA,MAC3E,CAAC,YAAY;AACX,gBAAQ,YAAY,KAAK,wBAAwB,KAAK,QAAQ,CAAC;AAE/D,YAAI,OAAO,aAAa,YAAY;AAClC,mBAAS,OAAO;AAAA,QAClB;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgC;AACpC,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACF;","names":[]}

package/build/{stubs/config.stub → config.stub}

@@ -1,17 +1,16 @@
----
-to: {{ app.configPath('ally.ts') }}
----
+{{{
+  exports({ to: app.configPath('ally.ts') })
+}}}
 import env from '#start/env'
-import { defineConfig } from '@adonisjs/ally'
+import { defineConfig, services } from '@adonisjs/ally'
 
 const allyConfig = defineConfig({
 {{#each providers as provider}}
-  {{provider.provider}}: {
-    driver: '{{provider.provider}}',
+  {{provider.provider}}: services.{{provider.provider}}({
     clientId: env.get('{{provider.envPrefix}}_CLIENT_ID'),
     clientSecret: env.get('{{provider.envPrefix}}_CLIENT_SECRET'),
     callbackUrl: '',
-  },
+  }),
 {{/each}}
 })