@aura-stack/auth 0.1.0-rc.9 → 0.2.0-rc.1

package/dist/actions/callback/callback.d.ts

@@ -1,14 +1,12 @@
-import * as _aura_stack_router from "@aura-stack/router"
-import { A as AuthRuntimeConfig } from "../../index-DpfbvTZ_.js"
-import "zod/v4"
-import "@aura-stack/jose/jose"
-import "../../schemas.js"
-import "zod/v4/core"
-import "cookie"
-import "../../@types/utility.js"
+import * as _aura_stack_router from '@aura-stack/router';
+import { j as OAuthProviderRecord } from '../../index-DkaLJFn8.js';
+import 'zod';
+import '../../schemas.js';
+import '@aura-stack/router/cookie';
+import '@aura-stack/jose';
+import '@aura-stack/jose/jose';
+import '../../@types/utility.js';
 
-declare const callbackAction: (
-    oauth: AuthRuntimeConfig["oauth"]
-) => _aura_stack_router.RouteEndpoint<"GET", "/callback/:oauth", {}>
+declare const callbackAction: (oauth: OAuthProviderRecord) => _aura_stack_router.RouteEndpoint<"GET", "/callback/:oauth", {}>;
 
-export { callbackAction }
+export { callbackAction };

package/dist/actions/callback/callback.js

@@ -1,12 +1,16 @@
-import { callbackAction } from "../../chunk-HGJ4TXY4.js"
-import "../../chunk-RLT4RFKV.js"
-import "../../chunk-UJJ7R56J.js"
-import "../../chunk-ZV4BH47P.js"
-import "../../chunk-6SM22VVJ.js"
-import "../../chunk-STHEPPUZ.js"
-import "../../chunk-GZU3RBTB.js"
-import "../../chunk-256KIVJL.js"
-import "../../chunk-FJUDBLCP.js"
-import "../../chunk-JAPMIE6S.js"
-import "../../chunk-HMRKN75I.js"
-export { callbackAction }
+import {
+  callbackAction
+} from "../../chunk-KSWLO5ZU.js";
+import "../../chunk-GA2SMTJO.js";
+import "../../chunk-IVET23KF.js";
+import "../../chunk-W6LG7BFW.js";
+import "../../chunk-STHEPPUZ.js";
+import "../../chunk-N2APGLXA.js";
+import "../../chunk-CXLATHS5.js";
+import "../../chunk-EIL2FPSS.js";
+import "../../chunk-RRLIF4PQ.js";
+import "../../chunk-ZNCZVF6U.js";
+import "../../chunk-YRCB5FLE.js";
+export {
+  callbackAction
+};

package/dist/actions/callback/userinfo.cjs

@@ -1,168 +1,189 @@
-"use strict"
-var __create = Object.create
-var __defProp = Object.defineProperty
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor
-var __getOwnPropNames = Object.getOwnPropertyNames
-var __getProtoOf = Object.getPrototypeOf
-var __hasOwnProp = Object.prototype.hasOwnProperty
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
-    for (var name in all) __defProp(target, name, { get: all[name], enumerable: true })
-}
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
 var __copyProps = (to, from, except, desc) => {
-    if ((from && typeof from === "object") || typeof from === "function") {
-        for (let key of __getOwnPropNames(from))
-            if (!__hasOwnProp.call(to, key) && key !== except)
-                __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable })
-    }
-    return to
-}
-var __toESM = (mod, isNodeMode, target) => (
-    (target = mod != null ? __create(__getProtoOf(mod)) : {}),
-    __copyProps(
-        // If the importer is in node compatibility mode or this is not an ESM
-        // file that has been converted to a CommonJS file using a Babel-
-        // compatible transform (i.e. "__esModule" has not been set), then set
-        // "default" to the CommonJS "module.exports" for node compatibility.
-        isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-        mod
-    )
-)
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod)
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 
 // src/actions/callback/userinfo.ts
-var userinfo_exports = {}
+var userinfo_exports = {};
 __export(userinfo_exports, {
-    getUserInfo: () => getUserInfo,
-})
-module.exports = __toCommonJS(userinfo_exports)
+  getUserInfo: () => getUserInfo
+});
+module.exports = __toCommonJS(userinfo_exports);
+
+// src/request.ts
+var fetchAsync = async (url, options2 = {}, timeout = 5e3) => {
+  const controller = new AbortController();
+  const timeoutId = setTimeout(() => controller.abort(), timeout);
+  const response = await fetch(url, {
+    ...options2,
+    signal: controller.signal
+  }).finally(() => clearTimeout(timeoutId));
+  return response;
+};
 
 // src/secure.ts
-var import_node_crypto = __toESM(require("crypto"), 1)
+var import_crypto = __toESM(require("crypto"), 1);
 
 // src/utils.ts
-var import_router = require("@aura-stack/router")
+var import_router = require("@aura-stack/router");
 
-// src/error.ts
-var AuthError = class extends Error {
-    constructor(type, message) {
-        super(message)
-        this.type = type
-        this.name = "AuthError"
-    }
-}
-var isAuthError = (error) => {
-    return error instanceof AuthError
-}
-var throwAuthError = (error, message) => {
-    if (error instanceof Error) {
-        if (isAuthError(error)) {
-            throw error
-        }
-        throw new AuthError("invalid_request", error.message ?? message)
-    }
-}
+// src/errors.ts
+var OAuthProtocolError = class extends Error {
+  type = "OAUTH_PROTOCOL_ERROR";
+  error;
+  errorURI;
+  constructor(error, description, errorURI, options2) {
+    super(description, options2);
+    this.error = error;
+    this.errorURI = errorURI;
+    this.name = new.target.name;
+    Error.captureStackTrace(this, new.target);
+  }
+};
+var isNativeError = (error) => {
+  return error instanceof Error;
+};
+var isOAuthProtocolError = (error) => {
+  return error instanceof OAuthProtocolError;
+};
 
 // src/secure.ts
 var generateSecure = (length = 32) => {
-    return import_node_crypto.default.randomBytes(length).toString("base64url")
-}
+  return import_crypto.default.randomBytes(length).toString("base64url");
+};
 
 // src/schemas.ts
-var import_v4 = require("zod/v4")
-var OAuthProviderConfigSchema = (0, import_v4.object)({
-    authorizeURL: (0, import_v4.url)(),
-    accessToken: (0, import_v4.url)(),
-    scope: (0, import_v4.string)().optional(),
-    userInfo: (0, import_v4.url)(),
-    responseType: (0, import_v4.enum)(["code", "token", "id_token"]),
-    clientId: (0, import_v4.string)(),
-    clientSecret: (0, import_v4.string)(),
-})
+var import_zod = require("zod");
+var OAuthProviderConfigSchema = (0, import_zod.object)({
+  authorizeURL: (0, import_zod.string)().url(),
+  accessToken: (0, import_zod.string)().url(),
+  scope: (0, import_zod.string)().optional(),
+  userInfo: (0, import_zod.string)().url(),
+  responseType: (0, import_zod.enum)(["code", "token", "id_token"]),
+  clientId: (0, import_zod.string)(),
+  clientSecret: (0, import_zod.string)()
+});
 var OAuthAuthorization = OAuthProviderConfigSchema.extend({
-    redirectURI: (0, import_v4.string)(),
-    state: (0, import_v4.string)(),
-    codeChallenge: (0, import_v4.string)(),
-    codeChallengeMethod: (0, import_v4.enum)(["plain", "S256"]),
-})
-var OAuthAuthorizationResponse = (0, import_v4.object)({
-    state: (0, import_v4.string)(),
-    code: (0, import_v4.string)(),
-})
-var OAuthAuthorizationErrorResponse = (0, import_v4.object)({
-    error: (0, import_v4.enum)([
-        "invalid_request",
-        "unauthorized_client",
-        "access_denied",
-        "unsupported_response_type",
-        "invalid_scope",
-        "server_error",
-        "temporarily_unavailable",
-    ]),
-    error_description: (0, import_v4.string)().optional(),
-    error_uri: (0, import_v4.string)().optional(),
-    state: (0, import_v4.string)(),
-})
+  redirectURI: (0, import_zod.string)(),
+  state: (0, import_zod.string)(),
+  codeChallenge: (0, import_zod.string)(),
+  codeChallengeMethod: (0, import_zod.enum)(["plain", "S256"])
+});
+var OAuthAuthorizationResponse = (0, import_zod.object)({
+  state: (0, import_zod.string)({ message: "Missing state parameter in the OAuth authorization response." }),
+  code: (0, import_zod.string)({ message: "Missing code parameter in the OAuth authorization response." })
+});
+var OAuthAuthorizationErrorResponse = (0, import_zod.object)({
+  error: (0, import_zod.enum)([
+    "invalid_request",
+    "unauthorized_client",
+    "access_denied",
+    "unsupported_response_type",
+    "invalid_scope",
+    "server_error",
+    "temporarily_unavailable"
+  ]),
+  error_description: (0, import_zod.string)().optional(),
+  error_uri: (0, import_zod.string)().optional(),
+  state: (0, import_zod.string)()
+});
 var OAuthAccessToken = OAuthProviderConfigSchema.extend({
-    redirectURI: (0, import_v4.string)(),
-    code: (0, import_v4.string)(),
-    codeVerifier: (0, import_v4.string)().min(43).max(128),
-})
-var OAuthAccessTokenResponse = (0, import_v4.object)({
-    access_token: (0, import_v4.string)(),
-    token_type: (0, import_v4.string)(),
-    expires_in: (0, import_v4.number)().optional(),
-    refresh_token: (0, import_v4.string)().optional(),
-    scope: (0, import_v4.string)().optional(),
-})
-var OAuthAccessTokenErrorResponse = (0, import_v4.object)({
-    error: (0, import_v4.enum)([
-        "invalid_request",
-        "invalid_client",
-        "invalid_grant",
-        "unauthorized_client",
-        "unsupported_grant_type",
-        "invalid_scope",
-    ]),
-    error_description: (0, import_v4.string)().optional(),
-    error_uri: (0, import_v4.string)().optional(),
-})
-var OAuthErrorResponse = (0, import_v4.object)({
-    error: (0, import_v4.string)(),
-    error_description: (0, import_v4.string)().optional(),
-})
+  redirectURI: (0, import_zod.string)(),
+  code: (0, import_zod.string)(),
+  codeVerifier: (0, import_zod.string)().min(43).max(128)
+});
+var OAuthAccessTokenResponse = (0, import_zod.object)({
+  access_token: (0, import_zod.string)(),
+  token_type: (0, import_zod.string)().optional(),
+  expires_in: (0, import_zod.number)().optional(),
+  refresh_token: (0, import_zod.string)().optional(),
+  scope: (0, import_zod.string)().optional().or((0, import_zod.null)())
+});
+var OAuthAccessTokenErrorResponse = (0, import_zod.object)({
+  error: (0, import_zod.enum)([
+    "invalid_request",
+    "invalid_client",
+    "invalid_grant",
+    "unauthorized_client",
+    "unsupported_grant_type",
+    "invalid_scope"
+  ]),
+  error_description: (0, import_zod.string)().optional(),
+  error_uri: (0, import_zod.string)().optional()
+});
+var OAuthErrorResponse = (0, import_zod.object)({
+  error: (0, import_zod.string)(),
+  error_description: (0, import_zod.string)().optional()
+});
+var OAuthEnvSchema = (0, import_zod.object)({
+  clientId: import_zod.z.string().min(1, "OAuth Client ID is required in the environment variables."),
+  clientSecret: import_zod.z.string().min(1, "OAuth Client Secret is required in the environment variables.")
+});
 
 // src/actions/callback/userinfo.ts
 var getDefaultUserInfo = (profile) => {
-    const sub = generateSecure(16)
-    return {
-        sub: profile?.id ?? profile?.sub ?? sub,
-        email: profile?.email,
-        name: profile?.name ?? profile?.username ?? profile?.nickname,
-        image: profile?.image ?? profile?.picture,
-    }
-}
+  const sub = generateSecure(16);
+  return {
+    sub: profile?.id ?? profile?.sub ?? sub,
+    email: profile?.email,
+    name: profile?.name ?? profile?.username ?? profile?.nickname,
+    image: profile?.image ?? profile?.picture
+  };
+};
 var getUserInfo = async (oauthConfig, accessToken) => {
-    const userinfoEndpoint = oauthConfig.userInfo
-    try {
-        const response = await fetch(userinfoEndpoint, {
-            method: "GET",
-            headers: {
-                Accept: "application/json",
-                Authorization: `Bearer ${accessToken}`,
-            },
-        })
-        const json = await response.json()
-        const { success, data } = OAuthErrorResponse.safeParse(json)
-        if (success) {
-            throw new AuthError(data.error, data?.error_description ?? "An error occurred while fetching user information.")
-        }
-        return oauthConfig?.profile ? oauthConfig.profile(json) : getDefaultUserInfo(json)
-    } catch (error) {
-        throw throwAuthError(error, "Failed to retrieve userinfo")
+  const userinfoEndpoint = oauthConfig.userInfo;
+  try {
+    const response = await fetchAsync(userinfoEndpoint, {
+      method: "GET",
+      headers: {
+        Accept: "application/json",
+        Authorization: `Bearer ${accessToken}`
+      }
+    });
+    const json = await response.json();
+    const { success, data } = OAuthErrorResponse.safeParse(json);
+    if (success) {
+      throw new OAuthProtocolError(
+        data.error,
+        data?.error_description ?? "An error occurred while fetching user information."
+      );
+    }
+    return oauthConfig?.profile ? oauthConfig.profile(json) : getDefaultUserInfo(json);
+  } catch (error) {
+    if (isOAuthProtocolError(error)) {
+      throw error;
+    }
+    if (isNativeError(error)) {
+      throw new OAuthProtocolError("invalid_request", error.message, "", { cause: error });
     }
-}
+    throw new OAuthProtocolError("invalid_request", "Failed to fetch user information.", "", { cause: error });
+  }
+};
 // Annotate the CommonJS export names for ESM import in node:
-0 &&
-    (module.exports = {
-        getUserInfo,
-    })
+0 && (module.exports = {
+  getUserInfo
+});

package/dist/actions/callback/userinfo.d.ts

@@ -1,10 +1,10 @@
-import { f as OAuthProviderCredentials, U as User } from "../../index-DpfbvTZ_.js"
-import "zod/v4"
-import "@aura-stack/jose/jose"
-import "../../schemas.js"
-import "zod/v4/core"
-import "cookie"
-import "../../@types/utility.js"
+import { h as OAuthProviderCredentials, U as User } from '../../index-DkaLJFn8.js';
+import 'zod';
+import '../../schemas.js';
+import '@aura-stack/router/cookie';
+import '@aura-stack/jose';
+import '@aura-stack/jose/jose';
+import '../../@types/utility.js';
 
 /**
  * Get user information from the OAuth provider's userinfo endpoint using the provided access token.
@@ -15,6 +15,6 @@ import "../../@types/utility.js"
  * @param accessToken - Access Token to access the userinfo endpoint
  * @returns The user information retrieved from the userinfo endpoint
  */
-declare const getUserInfo: (oauthConfig: OAuthProviderCredentials, accessToken: string) => Promise<User>
+declare const getUserInfo: (oauthConfig: OAuthProviderCredentials, accessToken: string) => Promise<User>;
 
-export { getUserInfo }
+export { getUserInfo };

package/dist/actions/callback/userinfo.js

@@ -1,6 +1,12 @@
-import { getUserInfo } from "../../chunk-RLT4RFKV.js"
-import "../../chunk-GZU3RBTB.js"
-import "../../chunk-256KIVJL.js"
-import "../../chunk-FJUDBLCP.js"
-import "../../chunk-HMRKN75I.js"
-export { getUserInfo }
+import {
+  getUserInfo
+} from "../../chunk-IVET23KF.js";
+import "../../chunk-N2APGLXA.js";
+import "../../chunk-CXLATHS5.js";
+import "../../chunk-EIL2FPSS.js";
+import "../../chunk-RRLIF4PQ.js";
+import "../../chunk-ZNCZVF6U.js";
+import "../../chunk-YRCB5FLE.js";
+export {
+  getUserInfo
+};