@adonisjs/ally 6.0.0-next.0 → 6.1.0

package/build/src/drivers/facebook.d.ts

@@ -36,8 +36,17 @@ import { Oauth2Driver } from '../abstract_drivers/oauth2.ts';
  */
 export declare class FacebookDriver extends Oauth2Driver<FacebookToken, FacebookScopes> {
     config: FacebookDriverConfig;
+    /**
+     * Facebook token endpoint URL.
+     */
     protected accessTokenUrl: string;
+    /**
+     * Facebook authorization endpoint URL.
+     */
     protected authorizeUrl: string;
+    /**
+     * Facebook profile endpoint URL.
+     */
     protected userInfoUrl: string;
     /**
      * The default set of fields to query for the user request

package/build/src/drivers/facebook.js

@@ -1,8 +1,8 @@
 import {
   Oauth2Driver
-} from "../../chunk-WM3V3APX.js";
-import "../../chunk-KSJ4CFTC.js";
-import "../../chunk-MLKGABMK.js";
+} from "../../chunk-46TOMXWK.js";
+import "../../chunk-NK6X76EQ.js";
+import "../../chunk-6BP2DK5A.js";
 
 // src/drivers/facebook.ts
 var FacebookDriver = class extends Oauth2Driver {
@@ -15,8 +15,18 @@ var FacebookDriver = class extends Oauth2Driver {
     this.config = config;
     this.loadState();
   }
+  config;
+  /**
+   * Facebook token endpoint URL.
+   */
   accessTokenUrl = "https://graph.facebook.com/v10.0/oauth/access_token";
+  /**
+   * Facebook authorization endpoint URL.
+   */
   authorizeUrl = "https://www.facebook.com/v10.0/dialog/oauth";
+  /**
+   * Facebook profile endpoint URL.
+   */
   userInfoUrl = "https://graph.facebook.com/v10.0/me";
   /**
    * The default set of fields to query for the user request

package/build/src/drivers/github.d.ts

@@ -36,9 +36,21 @@ import { Oauth2Driver } from '../abstract_drivers/oauth2.ts';
  */
 export declare class GithubDriver extends Oauth2Driver<GithubToken, GithubScopes> {
     config: GithubDriverConfig;
+    /**
+     * GitHub token endpoint URL.
+     */
     protected accessTokenUrl: string;
+    /**
+     * GitHub authorization endpoint URL.
+     */
     protected authorizeUrl: string;
+    /**
+     * GitHub profile endpoint URL.
+     */
     protected userInfoUrl: string;
+    /**
+     * GitHub email endpoint URL.
+     */
     protected userEmailUrl: string;
     /**
      * The param name for the authorization code

package/build/src/drivers/github.js

@@ -1,8 +1,8 @@
 import {
   Oauth2Driver
-} from "../../chunk-WM3V3APX.js";
-import "../../chunk-KSJ4CFTC.js";
-import "../../chunk-MLKGABMK.js";
+} from "../../chunk-46TOMXWK.js";
+import "../../chunk-NK6X76EQ.js";
+import "../../chunk-6BP2DK5A.js";
 
 // src/drivers/github.ts
 var GithubDriver = class extends Oauth2Driver {
@@ -15,9 +15,22 @@ var GithubDriver = class extends Oauth2Driver {
     this.config = config;
     this.loadState();
   }
+  config;
+  /**
+   * GitHub token endpoint URL.
+   */
   accessTokenUrl = "https://github.com/login/oauth/access_token";
+  /**
+   * GitHub authorization endpoint URL.
+   */
   authorizeUrl = "https://github.com/login/oauth/authorize";
+  /**
+   * GitHub profile endpoint URL.
+   */
   userInfoUrl = "https://api.github.com/user";
+  /**
+   * GitHub email endpoint URL.
+   */
   userEmailUrl = "https://api.github.com/user/emails";
   /**
    * The param name for the authorization code
@@ -137,7 +150,7 @@ var GithubDriver = class extends Oauth2Driver {
       }
       return mainEmail;
     } catch (error) {
-      if (error && error.response && error.response.statusCode === 404) {
+      if (error && typeof error === "object" && "response" in error && error.response && typeof error.response === "object" && "statusCode" in error.response && error.response.statusCode === 404) {
         return;
       }
       throw error;

package/build/src/drivers/google.d.ts

@@ -37,8 +37,17 @@ import { Oauth2Driver } from '../abstract_drivers/oauth2.ts';
  */
 export declare class GoogleDriver extends Oauth2Driver<GoogleToken, GoogleScopes> {
     config: GoogleDriverConfig;
+    /**
+     * Google token endpoint URL.
+     */
     protected accessTokenUrl: string;
+    /**
+     * Google authorization endpoint URL.
+     */
     protected authorizeUrl: string;
+    /**
+     * Google user profile endpoint URL.
+     */
     protected userInfoUrl: string;
     /**
      * The param name for the authorization code

package/build/src/drivers/google.js

@@ -1,8 +1,8 @@
 import {
   Oauth2Driver
-} from "../../chunk-WM3V3APX.js";
-import "../../chunk-KSJ4CFTC.js";
-import "../../chunk-MLKGABMK.js";
+} from "../../chunk-46TOMXWK.js";
+import "../../chunk-NK6X76EQ.js";
+import "../../chunk-6BP2DK5A.js";
 
 // src/drivers/google.ts
 var SCOPE_PREFIXES = {
@@ -52,8 +52,18 @@ var GoogleDriver = class extends Oauth2Driver {
     this.config = config;
     this.loadState();
   }
+  config;
+  /**
+   * Google token endpoint URL.
+   */
   accessTokenUrl = "https://oauth2.googleapis.com/token";
+  /**
+   * Google authorization endpoint URL.
+   */
   authorizeUrl = "https://accounts.google.com/o/oauth2/v2/auth";
+  /**
+   * Google user profile endpoint URL.
+   */
   userInfoUrl = "https://www.googleapis.com/oauth2/v3/userinfo";
   /**
    * The param name for the authorization code

package/build/src/drivers/linked_in.d.ts

@@ -37,9 +37,21 @@ import { Oauth2Driver } from '../abstract_drivers/oauth2.ts';
  */
 export declare class LinkedInDriver extends Oauth2Driver<LinkedInToken, LinkedInScopes> {
     config: LinkedInDriverConfig;
+    /**
+     * LinkedIn token endpoint URL.
+     */
     protected accessTokenUrl: string;
+    /**
+     * LinkedIn authorization endpoint URL.
+     */
     protected authorizeUrl: string;
+    /**
+     * LinkedIn profile endpoint URL.
+     */
     protected userInfoUrl: string;
+    /**
+     * LinkedIn email endpoint URL.
+     */
     protected userEmailUrl: string;
     /**
      * The param name for the authorization code

package/build/src/drivers/linked_in.js

@@ -1,8 +1,8 @@
 import {
   Oauth2Driver
-} from "../../chunk-WM3V3APX.js";
-import "../../chunk-KSJ4CFTC.js";
-import "../../chunk-MLKGABMK.js";
+} from "../../chunk-46TOMXWK.js";
+import "../../chunk-NK6X76EQ.js";
+import "../../chunk-6BP2DK5A.js";
 
 // src/drivers/linked_in.ts
 import { Exception } from "@adonisjs/core/exceptions";
@@ -16,9 +16,22 @@ var LinkedInDriver = class extends Oauth2Driver {
     this.config = config;
     this.loadState();
   }
+  config;
+  /**
+   * LinkedIn token endpoint URL.
+   */
   accessTokenUrl = "https://www.linkedin.com/oauth/v2/accessToken";
+  /**
+   * LinkedIn authorization endpoint URL.
+   */
   authorizeUrl = "https://www.linkedin.com/oauth/v2/authorization";
+  /**
+   * LinkedIn profile endpoint URL.
+   */
   userInfoUrl = "https://api.linkedin.com/v2/me";
+  /**
+   * LinkedIn email endpoint URL.
+   */
   userEmailUrl = "https://api.linkedin.com/v2/clientAwareMemberHandles";
   /**
    * The param name for the authorization code

package/build/src/drivers/linked_in_openid_connect.d.ts

@@ -1,7 +1,7 @@
 import type { HttpContext } from '@adonisjs/core/http';
 import type { HttpClient } from '@poppinss/oauth-client';
 import { Oauth2Driver } from '../abstract_drivers/oauth2.ts';
-import type { ApiRequestContract, LinkedInOpenidConnectAccessToken, LinkedInOpenidConnectDriverConfig, LinkedInOpenidConnectScopes, RedirectRequestContract } from '../types.ts';
+import type { ApiRequestContract, LinkedInOpenidConnectAccessToken, LinkedInOpenidConnectDriverConfig, LinkedInOpenidConnectScopes, Oauth2AccessToken, RedirectRequestContract } from '../types.ts';
 /**
  * LinkedIn OpenID Connect OAuth2 driver for authenticating users via LinkedIn.
  * This driver uses the OpenID Connect protocol for authentication.
@@ -37,8 +37,17 @@ import type { ApiRequestContract, LinkedInOpenidConnectAccessToken, LinkedInOpen
  */
 export declare class LinkedInOpenidConnectDriver extends Oauth2Driver<LinkedInOpenidConnectAccessToken, LinkedInOpenidConnectScopes> {
     config: LinkedInOpenidConnectDriverConfig;
+    /**
+     * LinkedIn OpenID authorization endpoint URL.
+     */
     protected authorizeUrl: string;
+    /**
+     * LinkedIn OpenID token endpoint URL.
+     */
     protected accessTokenUrl: string;
+    /**
+     * LinkedIn OpenID userinfo endpoint URL.
+     */
     protected userInfoUrl: string;
     /**
      * The param name for the authorization code
@@ -97,7 +106,7 @@ export declare class LinkedInOpenidConnectDriver extends Oauth2Driver<LinkedInOp
         name: any;
         avatarUrl: any;
         email: any;
-        emailVerificationState: "verified" | "unverified";
+        emailVerificationState: "unsupported";
         original: any;
     }>;
     /**
@@ -122,14 +131,14 @@ export declare class LinkedInOpenidConnectDriver extends Oauth2Driver<LinkedInOp
             token: string;
             type: "bearer";
             expiresIn: number;
-            expiresAt: Exclude<import("@poppinss/oauth-client/types").Oauth2AccessToken["expiresAt"], undefined>;
+            expiresAt: Exclude<Oauth2AccessToken["expiresAt"], undefined>;
         };
         id: any;
         nickName: any;
         name: any;
         avatarUrl: any;
         email: any;
-        emailVerificationState: "verified" | "unverified";
+        emailVerificationState: "unsupported";
         original: any;
     }>;
     /**
@@ -154,7 +163,7 @@ export declare class LinkedInOpenidConnectDriver extends Oauth2Driver<LinkedInOp
         name: any;
         avatarUrl: any;
         email: any;
-        emailVerificationState: "verified" | "unverified";
+        emailVerificationState: "unsupported";
         original: any;
     }>;
 }

package/build/src/drivers/linked_in_openid_connect.js

@@ -1,8 +1,8 @@
 import {
   Oauth2Driver
-} from "../../chunk-WM3V3APX.js";
-import "../../chunk-KSJ4CFTC.js";
-import "../../chunk-MLKGABMK.js";
+} from "../../chunk-46TOMXWK.js";
+import "../../chunk-NK6X76EQ.js";
+import "../../chunk-6BP2DK5A.js";
 
 // src/drivers/linked_in_openid_connect.ts
 var LinkedInOpenidConnectDriver = class extends Oauth2Driver {
@@ -15,8 +15,18 @@ var LinkedInOpenidConnectDriver = class extends Oauth2Driver {
     this.config = config;
     this.loadState();
   }
+  config;
+  /**
+   * LinkedIn OpenID authorization endpoint URL.
+   */
   authorizeUrl = "https://www.linkedin.com/oauth/v2/authorization";
+  /**
+   * LinkedIn OpenID token endpoint URL.
+   */
   accessTokenUrl = "https://www.linkedin.com/oauth/v2/accessToken";
+  /**
+   * LinkedIn OpenID userinfo endpoint URL.
+   */
   userInfoUrl = "https://api.linkedin.com/v2/userinfo";
   /**
    * The param name for the authorization code
@@ -80,14 +90,13 @@ var LinkedInOpenidConnectDriver = class extends Oauth2Driver {
       callback(request);
     }
     const body = await request.get();
-    const emailVerificationState = body.email_verified ? "verified" : "unverified";
     return {
       id: body.sub,
       nickName: body.given_name,
       name: body.family_name,
       avatarUrl: body.picture,
       email: body.email,
-      emailVerificationState,
+      emailVerificationState: "unsupported",
       original: body
     };
   }

package/build/src/drivers/spotify.d.ts

@@ -36,8 +36,17 @@ import { Oauth2Driver } from '../abstract_drivers/oauth2.ts';
  */
 export declare class SpotifyDriver extends Oauth2Driver<SpotifyToken, SpotifyScopes> {
     config: SpotifyDriverConfig;
+    /**
+     * Spotify token endpoint URL.
+     */
     protected accessTokenUrl: string;
+    /**
+     * Spotify authorization endpoint URL.
+     */
     protected authorizeUrl: string;
+    /**
+     * Spotify profile endpoint URL.
+     */
     protected userInfoUrl: string;
     /**
      * The param name for the authorization code
@@ -104,6 +113,8 @@ export declare class SpotifyDriver extends Oauth2Driver<SpotifyToken, SpotifySco
     /**
      * Check if the error from the callback indicates that the user
      * denied authorization.
+     *
+     * @returns `true` when the provider reported an access-denied error.
      */
     accessDenied(): boolean;
     /**

package/build/src/drivers/spotify.js

@@ -1,8 +1,8 @@
 import {
   Oauth2Driver
-} from "../../chunk-WM3V3APX.js";
-import "../../chunk-KSJ4CFTC.js";
-import "../../chunk-MLKGABMK.js";
+} from "../../chunk-46TOMXWK.js";
+import "../../chunk-NK6X76EQ.js";
+import "../../chunk-6BP2DK5A.js";
 
 // src/drivers/spotify.ts
 var SpotifyDriver = class extends Oauth2Driver {
@@ -15,8 +15,18 @@ var SpotifyDriver = class extends Oauth2Driver {
     this.config = config;
     this.loadState();
   }
+  config;
+  /**
+   * Spotify token endpoint URL.
+   */
   accessTokenUrl = "https://accounts.spotify.com/api/token";
+  /**
+   * Spotify authorization endpoint URL.
+   */
   authorizeUrl = "https://accounts.spotify.com/authorize";
+  /**
+   * Spotify profile endpoint URL.
+   */
   userInfoUrl = "https://api.spotify.com/v1/me";
   /**
    * The param name for the authorization code
@@ -98,6 +108,8 @@ var SpotifyDriver = class extends Oauth2Driver {
   /**
    * Check if the error from the callback indicates that the user
    * denied authorization.
+   *
+   * @returns `true` when the provider reported an access-denied error.
    */
   accessDenied() {
     const error = this.getError();

package/build/src/drivers/twitter.d.ts

@@ -35,9 +35,21 @@ import { Oauth1Driver } from '../abstract_drivers/oauth1.ts';
 export declare class TwitterDriver extends Oauth1Driver<TwitterToken, string> {
     protected ctx: HttpContext;
     config: TwitterDriverConfig;
+    /**
+     * Twitter request-token endpoint URL.
+     */
     protected requestTokenUrl: string;
+    /**
+     * Twitter authorization endpoint URL.
+     */
     protected authorizeUrl: string;
+    /**
+     * Twitter access-token endpoint URL.
+     */
     protected accessTokenUrl: string;
+    /**
+     * Twitter profile endpoint URL.
+     */
     protected userInfoUrl: string;
     /**
      * The query string param name for the error.
@@ -65,6 +77,9 @@ export declare class TwitterDriver extends Oauth1Driver<TwitterToken, string> {
      * Twitter doesn't support scopes
      */
     protected scopeParamName: string;
+    /**
+     * Scope separator placeholder maintained for OAuth1 compatibility.
+     */
     protected scopesSeparator: string;
     /**
      * @param ctx - The HTTP context
@@ -131,6 +146,8 @@ export declare class TwitterDriver extends Oauth1Driver<TwitterToken, string> {
     /**
      * Check if the error from the callback indicates that the user
      * denied authorization.
+     *
+     * @returns `true` when the request contains the denial marker.
      */
     accessDenied(): boolean;
 }

package/build/src/drivers/twitter.js

@@ -1,8 +1,8 @@
 import {
   Oauth1Driver
-} from "../../chunk-KWRXS6EG.js";
-import "../../chunk-KSJ4CFTC.js";
-import "../../chunk-MLKGABMK.js";
+} from "../../chunk-SBQAXPUK.js";
+import "../../chunk-NK6X76EQ.js";
+import "../../chunk-6BP2DK5A.js";
 
 // src/drivers/twitter.ts
 var TwitterDriver = class extends Oauth1Driver {
@@ -16,9 +16,23 @@ var TwitterDriver = class extends Oauth1Driver {
     this.config = config;
     this.loadState();
   }
+  ctx;
+  config;
+  /**
+   * Twitter request-token endpoint URL.
+   */
   requestTokenUrl = "https://api.twitter.com/oauth/request_token";
+  /**
+   * Twitter authorization endpoint URL.
+   */
   authorizeUrl = "https://api.twitter.com/oauth/authenticate";
+  /**
+   * Twitter access-token endpoint URL.
+   */
   accessTokenUrl = "https://api.twitter.com/oauth/access_token";
+  /**
+   * Twitter profile endpoint URL.
+   */
   userInfoUrl = "https://api.twitter.com/1.1/account/verify_credentials.json";
   /**
    * The query string param name for the error.
@@ -46,6 +60,9 @@ var TwitterDriver = class extends Oauth1Driver {
    * Twitter doesn't support scopes
    */
   scopeParamName = "";
+  /**
+   * Scope separator placeholder maintained for OAuth1 compatibility.
+   */
   scopesSeparator = " ";
   /**
    * Fetches the authenticated user's profile information from the Twitter API.
@@ -119,6 +136,8 @@ var TwitterDriver = class extends Oauth1Driver {
   /**
    * Check if the error from the callback indicates that the user
    * denied authorization.
+   *
+   * @returns `true` when the request contains the denial marker.
    */
   accessDenied() {
     return this.ctx.request.input("denied");

package/build/src/drivers/twitter_x.d.ts

@@ -0,0 +1,137 @@
+import type { HttpContext } from '@adonisjs/core/http';
+import type { HttpClient } from '@poppinss/oauth-client';
+import type { TwitterXToken, TwitterXScopes, ApiRequestContract, TwitterXDriverConfig, RedirectRequestContract } from '../types.ts';
+import { Oauth2Driver } from '../abstract_drivers/oauth2.ts';
+/**
+ * X OAuth2 driver for authenticating users via the OAuth 2.0 authorization
+ * code flow with PKCE.
+ */
+export declare class TwitterXDriver extends Oauth2Driver<TwitterXToken, TwitterXScopes> {
+    config: TwitterXDriverConfig;
+    /**
+     * X token endpoint URL.
+     */
+    protected accessTokenUrl: string;
+    /**
+     * X authorization endpoint URL.
+     */
+    protected authorizeUrl: string;
+    /**
+     * X user profile endpoint URL.
+     */
+    protected userInfoUrl: string;
+    /**
+     * The param name for the authorization code
+     */
+    protected codeParamName: string;
+    /**
+     * The param name for the error
+     */
+    protected errorParamName: string;
+    /**
+     * Cookie name for storing the "twitter_x_oauth_state"
+     */
+    protected stateCookieName: string;
+    /**
+     * Cookie name for storing the PKCE code verifier
+     */
+    protected codeVerifierCookieName: string;
+    /**
+     * Parameter name to be used for sending and receiving the state from X
+     */
+    protected stateParamName: string;
+    /**
+     * Parameter name for defining the scopes
+     */
+    protected scopeParamName: string;
+    /**
+     * Scopes separator
+     */
+    protected scopesSeparator: string;
+    /**
+     * Create a new X driver instance.
+     *
+     * @param ctx - The current HTTP context.
+     * @param config - X driver configuration.
+     */
+    constructor(ctx: HttpContext, config: TwitterXDriverConfig);
+    /**
+     * Configures the redirect request with X-specific requirements.
+     *
+     * @param request - The redirect request to configure.
+     */
+    protected configureRedirectRequest(request: RedirectRequestContract<TwitterXScopes>): void;
+    /**
+     * Configures the token request with the PKCE verifier and the Basic auth
+     * header required for confidential X clients.
+     *
+     * @param request - The token request to configure.
+     */
+    protected configureAccessTokenRequest(request: ApiRequestContract): void;
+    /**
+     * Creates an authenticated request for X API calls.
+     *
+     * @param url - The API endpoint URL.
+     * @param token - The access token to send.
+     * @returns A configured HTTP client instance.
+     */
+    protected getAuthenticatedRequest(url: string, token: string): HttpClient;
+    /**
+     * Fetches the authenticated user's profile from /2/users/me.
+     *
+     * @param token - The access token to use.
+     * @param includeConfirmedEmail - Whether to request the confirmed email field.
+     * @param callback - Optional callback to customize the API request.
+     */
+    protected getUserInfo(token: string, includeConfirmedEmail: boolean, callback?: (request: ApiRequestContract) => void): Promise<{
+        id: any;
+        nickName: any;
+        name: any;
+        email: any;
+        emailVerificationState: "unsupported";
+        avatarUrl: any;
+        original: any;
+    }>;
+    /**
+     * Check if the error from the callback indicates that the user denied
+     * authorization.
+     *
+     * @returns `true` when the provider reported an access-denied error.
+     */
+    accessDenied(): boolean;
+    /**
+     * Fetches the authenticated user using the authorization code from the
+     * callback request.
+     *
+     * @param callback - Optional callback to customize the API request.
+     */
+    user(callback?: (request: ApiRequestContract) => void): Promise<{
+        token: TwitterXToken;
+        id: any;
+        nickName: any;
+        name: any;
+        email: any;
+        emailVerificationState: "unsupported";
+        avatarUrl: any;
+        original: any;
+    }>;
+    /**
+     * Fetches the user profile using an existing access token.
+     *
+     * @param token - The access token to use.
+     * @param callback - Optional callback to customize the API request.
+     */
+    userFromToken(token: string, callback?: (request: ApiRequestContract) => void): Promise<{
+        token: {
+            token: string;
+            type: "bearer";
+        };
+        id: any;
+        nickName: any;
+        name: any;
+        email: any;
+        emailVerificationState: "unsupported";
+        avatarUrl: any;
+        original: any;
+    }>;
+}