@aura-stack/auth 0.4.0-rc.5 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (201) hide show
  1. package/dist/@types/index.d.ts +8 -3
  2. package/dist/@types/router.d.cjs +0 -17
  3. package/dist/@types/router.d.d.ts +7 -2
  4. package/dist/@types/router.d.js +0 -1
  5. package/dist/actions/callback/access-token.cjs +130 -71
  6. package/dist/actions/callback/access-token.d.ts +9 -4
  7. package/dist/actions/callback/access-token.js +3 -4
  8. package/dist/actions/callback/callback.cjs +428 -152
  9. package/dist/actions/callback/callback.d.ts +11 -3
  10. package/dist/actions/callback/callback.js +12 -10
  11. package/dist/actions/callback/userinfo.cjs +159 -65
  12. package/dist/actions/callback/userinfo.d.ts +8 -3
  13. package/dist/actions/callback/userinfo.js +7 -6
  14. package/dist/actions/csrfToken/csrfToken.cjs +70 -19
  15. package/dist/actions/csrfToken/csrfToken.js +8 -7
  16. package/dist/actions/index.cjs +780 -348
  17. package/dist/actions/index.d.ts +6 -2
  18. package/dist/actions/index.js +23 -18
  19. package/dist/actions/session/session.cjs +107 -26
  20. package/dist/actions/session/session.js +7 -5
  21. package/dist/actions/signIn/authorization-url.cjs +288 -0
  22. package/dist/actions/signIn/authorization-url.d.ts +31 -0
  23. package/dist/actions/signIn/authorization-url.js +16 -0
  24. package/dist/actions/signIn/authorization.cjs +209 -211
  25. package/dist/actions/signIn/authorization.d.ts +32 -21
  26. package/dist/actions/signIn/authorization.js +12 -9
  27. package/dist/actions/signIn/signIn.cjs +470 -235
  28. package/dist/actions/signIn/signIn.d.ts +12 -3
  29. package/dist/actions/signIn/signIn.js +11 -8
  30. package/dist/actions/signOut/signOut.cjs +376 -228
  31. package/dist/actions/signOut/signOut.d.ts +1 -1
  32. package/dist/actions/signOut/signOut.js +10 -9
  33. package/dist/api/createApi.cjs +750 -0
  34. package/dist/api/createApi.d.ts +12 -0
  35. package/dist/api/createApi.js +19 -0
  36. package/dist/api/getSession.cjs +141 -0
  37. package/dist/api/getSession.d.ts +16 -0
  38. package/dist/api/getSession.js +10 -0
  39. package/dist/api/signIn.cjs +549 -0
  40. package/dist/api/signIn.d.ts +26 -0
  41. package/dist/api/signIn.js +15 -0
  42. package/dist/api/signOut.cjs +279 -0
  43. package/dist/api/signOut.d.ts +16 -0
  44. package/dist/api/signOut.js +13 -0
  45. package/dist/assert.cjs +150 -5
  46. package/dist/assert.d.ts +26 -3
  47. package/dist/assert.js +17 -3
  48. package/dist/{chunk-YRCB5FLE.js → chunk-2A5B7GWR.js} +52 -6
  49. package/dist/chunk-2GQLSIJ2.js +40 -0
  50. package/dist/chunk-2IR674WX.js +44 -0
  51. package/dist/chunk-3J5TUH2I.js +50 -0
  52. package/dist/chunk-4RWSYUKX.js +98 -0
  53. package/dist/chunk-4YHJ4IEQ.js +25 -0
  54. package/dist/chunk-54CZPKR4.js +25 -0
  55. package/dist/chunk-5LZ7TOM3.js +25 -0
  56. package/dist/chunk-7BE46WWS.js +88 -0
  57. package/dist/chunk-7YYXFKLR.js +35 -0
  58. package/dist/chunk-C3A37LQC.js +33 -0
  59. package/dist/chunk-CITNGXDA.js +31 -0
  60. package/dist/chunk-CWX724AG.js +78 -0
  61. package/dist/chunk-D2CSIUKP.js +74 -0
  62. package/dist/chunk-E6G5YCI6.js +25 -0
  63. package/dist/chunk-EBAMFRB7.js +34 -0
  64. package/dist/chunk-EEE7UM5T.js +25 -0
  65. package/dist/{chunk-HT4YLL7N.js → chunk-FPCVZUVG.js} +10 -8
  66. package/dist/chunk-FW4W3REU.js +25 -0
  67. package/dist/chunk-GNNBM2WJ.js +83 -0
  68. package/dist/chunk-IPKO6UQN.js +25 -0
  69. package/dist/chunk-JOCGX3RP.js +59 -0
  70. package/dist/chunk-KBXWTD6E.js +94 -0
  71. package/dist/chunk-KMMAZFSJ.js +25 -0
  72. package/dist/chunk-LATR3NIV.js +117 -0
  73. package/dist/chunk-LAYPUDQF.js +39 -0
  74. package/dist/chunk-LDU7A2JE.js +25 -0
  75. package/dist/chunk-LX3TJ2TJ.js +294 -0
  76. package/dist/chunk-NHZBQNRR.js +143 -0
  77. package/dist/chunk-OVHNRULD.js +33 -0
  78. package/dist/chunk-PDP3PHB3.js +127 -0
  79. package/dist/chunk-PHYNROD4.js +47 -0
  80. package/dist/chunk-QQEKY4XP.js +29 -0
  81. package/dist/chunk-U4RK4LKJ.js +348 -0
  82. package/dist/{chunk-RRLIF4PQ.js → chunk-U5663F2U.js} +16 -1
  83. package/dist/chunk-UN7X6SU5.js +53 -0
  84. package/dist/chunk-UZQJJD6A.js +100 -0
  85. package/dist/chunk-V6LLEAR4.js +80 -0
  86. package/dist/chunk-WHNDRO3N.js +50 -0
  87. package/dist/{chunk-W6LG7BFW.js → chunk-XY5R3EHH.js} +30 -23
  88. package/dist/client/client.cjs +135 -0
  89. package/dist/client/client.d.ts +85 -0
  90. package/dist/client/client.js +9 -0
  91. package/dist/client/index.cjs +135 -0
  92. package/dist/client/index.d.ts +14 -0
  93. package/dist/client/index.js +10 -0
  94. package/dist/context.cjs +1237 -0
  95. package/dist/context.d.ts +16 -0
  96. package/dist/context.js +28 -0
  97. package/dist/cookie.cjs +57 -22
  98. package/dist/cookie.d.ts +11 -6
  99. package/dist/cookie.js +3 -2
  100. package/dist/createAuth.cjs +2320 -0
  101. package/dist/createAuth.d.ts +12 -0
  102. package/dist/createAuth.js +48 -0
  103. package/dist/env.cjs +78 -0
  104. package/dist/env.d.ts +10 -0
  105. package/dist/env.js +12 -0
  106. package/dist/errors.cjs +17 -0
  107. package/dist/errors.d.ts +15 -4
  108. package/dist/errors.js +5 -1
  109. package/dist/headers.cjs +28 -2
  110. package/dist/headers.d.ts +25 -1
  111. package/dist/headers.js +9 -3
  112. package/dist/index-_aXtxb_s.d.ts +1377 -0
  113. package/dist/index.cjs +1843 -610
  114. package/dist/index.d.ts +11 -92
  115. package/dist/index.js +53 -85
  116. package/dist/jose.cjs +113 -38
  117. package/dist/jose.d.ts +12 -23
  118. package/dist/jose.js +17 -7
  119. package/dist/logger.cjs +424 -0
  120. package/dist/logger.d.ts +12 -0
  121. package/dist/logger.js +17 -0
  122. package/dist/oauth/atlassian.cjs +57 -0
  123. package/dist/oauth/atlassian.d.ts +12 -0
  124. package/dist/oauth/atlassian.js +6 -0
  125. package/dist/oauth/bitbucket.cjs +19 -15
  126. package/dist/oauth/bitbucket.d.ts +7 -2
  127. package/dist/oauth/bitbucket.js +1 -1
  128. package/dist/oauth/discord.cjs +27 -24
  129. package/dist/oauth/discord.d.ts +7 -2
  130. package/dist/oauth/discord.js +1 -1
  131. package/dist/oauth/dropbox.cjs +53 -0
  132. package/dist/oauth/dropbox.d.ts +12 -0
  133. package/dist/oauth/dropbox.js +6 -0
  134. package/dist/oauth/figma.cjs +19 -16
  135. package/dist/oauth/figma.d.ts +7 -2
  136. package/dist/oauth/figma.js +1 -1
  137. package/dist/oauth/github.cjs +19 -8
  138. package/dist/oauth/github.d.ts +7 -2
  139. package/dist/oauth/github.js +1 -1
  140. package/dist/oauth/gitlab.cjs +19 -16
  141. package/dist/oauth/gitlab.d.ts +7 -2
  142. package/dist/oauth/gitlab.js +1 -1
  143. package/dist/oauth/index.cjs +529 -239
  144. package/dist/oauth/index.d.ts +7 -2
  145. package/dist/oauth/index.js +39 -22
  146. package/dist/oauth/mailchimp.cjs +19 -16
  147. package/dist/oauth/mailchimp.d.ts +7 -2
  148. package/dist/oauth/mailchimp.js +1 -1
  149. package/dist/oauth/notion.cjs +131 -0
  150. package/dist/oauth/notion.d.ts +12 -0
  151. package/dist/oauth/notion.js +9 -0
  152. package/dist/oauth/pinterest.cjs +19 -16
  153. package/dist/oauth/pinterest.d.ts +7 -2
  154. package/dist/oauth/pinterest.js +1 -1
  155. package/dist/oauth/spotify.cjs +19 -16
  156. package/dist/oauth/spotify.d.ts +7 -2
  157. package/dist/oauth/spotify.js +1 -1
  158. package/dist/oauth/strava.cjs +19 -16
  159. package/dist/oauth/strava.d.ts +7 -2
  160. package/dist/oauth/strava.js +1 -1
  161. package/dist/oauth/twitch.cjs +95 -0
  162. package/dist/oauth/twitch.d.ts +12 -0
  163. package/dist/oauth/twitch.js +7 -0
  164. package/dist/oauth/x.cjs +19 -16
  165. package/dist/oauth/x.d.ts +7 -2
  166. package/dist/oauth/x.js +1 -1
  167. package/dist/schemas.cjs +89 -42
  168. package/dist/schemas.d.ts +114 -18
  169. package/dist/schemas.js +5 -3
  170. package/dist/secure.cjs +73 -31
  171. package/dist/secure.d.ts +11 -11
  172. package/dist/secure.js +7 -6
  173. package/dist/utils.cjs +203 -90
  174. package/dist/utils.d.ts +21 -40
  175. package/dist/utils.js +21 -12
  176. package/package.json +9 -6
  177. package/dist/chunk-3EUWD5BB.js +0 -63
  178. package/dist/chunk-42XB3YCW.js +0 -22
  179. package/dist/chunk-6R2YZ4AC.js +0 -22
  180. package/dist/chunk-A3N4PVAT.js +0 -70
  181. package/dist/chunk-B737EUJV.js +0 -22
  182. package/dist/chunk-CXLATHS5.js +0 -143
  183. package/dist/chunk-E3OXBRYF.js +0 -22
  184. package/dist/chunk-EIL2FPSS.js +0 -22
  185. package/dist/chunk-EMKJA2GJ.js +0 -89
  186. package/dist/chunk-FIPU4MLT.js +0 -21
  187. package/dist/chunk-FKRDCWBF.js +0 -22
  188. package/dist/chunk-GA2SMTJO.js +0 -58
  189. package/dist/chunk-HP34YGGJ.js +0 -22
  190. package/dist/chunk-IKHPGFCW.js +0 -14
  191. package/dist/chunk-IUYZQTJV.js +0 -30
  192. package/dist/chunk-IVET23KF.js +0 -58
  193. package/dist/chunk-JVFTCTTE.js +0 -33
  194. package/dist/chunk-KRNOMBXQ.js +0 -22
  195. package/dist/chunk-KSWLO5ZU.js +0 -102
  196. package/dist/chunk-N2APGLXA.js +0 -71
  197. package/dist/chunk-N4SX7TZT.js +0 -96
  198. package/dist/chunk-STHEPPUZ.js +0 -11
  199. package/dist/chunk-TLE4PXY3.js +0 -39
  200. package/dist/index-B8jeIElf.d.ts +0 -679
  201. /package/dist/{chunk-DIVDFNAP.js → chunk-5X7JZMEF.js} +0 -0
@@ -1,7 +1,12 @@
1
1
  import 'zod';
2
+ export { f as APIErrorMap, aA as AccessTokenError, q as AuthAPI, p as AuthClient, l as AuthClientOptions, A as AuthConfig, r as AuthInstance, d as AuthInternalErrorCode, c as AuthRuntimeConfig, e as AuthSecurityErrorCode, aB as AuthorizationError, aC as AuthorizeParams, B as BuiltInOAuthProvider, C as CookieConfig, aD as CookieName, b as CookieStoreConfig, aE as CookieStrategyAttributes, E as ErrorType, F as FunctionAPIContext, aF as GetSessionAPI, G as GetSessionAPIOptions, aG as HostCookie, I as InternalContext, a as InternalLogger, J as JWTPayloadWithToken, aH as JWTStandardClaims, s as JoseInstance, L as LogLevel, t as Logger, aI as OAuthEnv, aJ as OAuthError, k as OAuthProvider, u as OAuthProviderConfig, j as OAuthProviderCredentials, O as OAuthProviderRecord, aK as ResponseType, R as RouterGlobalContext, aL as SecureCookie, m as Session, S as SessionResponse, aM as Severity, g as SignInAPIOptions, n as SignInOptions, h as SignInReturn, i as SignOutAPIOptions, o as SignOutOptions, aN as StandardCookie, aO as SyslogOptions, aP as TokenRevocationError, T as TrustedOrigin, U as User } from '../index-_aXtxb_s.js';
2
3
  import '../schemas.js';
3
4
  import '@aura-stack/router/cookie';
4
- import '@aura-stack/jose';
5
- import '@aura-stack/jose/jose';
6
- export { i as APIErrorMap, a0 as AccessTokenError, d as AuthConfig, f as AuthInstance, b as AuthInternalErrorCode, A as AuthRuntimeConfig, c as AuthSecurityErrorCode, $ as AuthorizationError, C as CookieConfig, Z as CookieName, a as CookieStoreConfig, Y as CookieStrategyAttributes, E as ErrorType, V as HostCookie, J as JWTPayloadWithToken, Q as JWTStandardClaims, e as JoseInstance, a2 as OAuthEnv, _ as OAuthError, O as OAuthProvider, g as OAuthProviderConfig, h as OAuthProviderCredentials, j as OAuthProviderRecord, R as RouterGlobalContext, T as SecureCookie, S as Session, W as StandardCookie, a1 as TokenRevocationError, U as User } from '../index-B8jeIElf.js';
7
5
  export { LiteralUnion, Prettify } from './utility.js';
6
+ import '@aura-stack/router';
7
+ import '@aura-stack/jose/jose';
8
+ import '@aura-stack/jose';
9
+ import '@aura-stack/jose/crypto';
10
+ import 'jose';
11
+ import 'zod/v4/core';
12
+ import 'zod/v4';
@@ -1,18 +1 @@
1
1
  "use strict";
2
- var __defProp = Object.defineProperty;
3
- var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
- var __getOwnPropNames = Object.getOwnPropertyNames;
5
- var __hasOwnProp = Object.prototype.hasOwnProperty;
6
- var __copyProps = (to, from, except, desc) => {
7
- if (from && typeof from === "object" || typeof from === "function") {
8
- for (let key of __getOwnPropNames(from))
9
- if (!__hasOwnProp.call(to, key) && key !== except)
10
- __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
11
- }
12
- return to;
13
- };
14
- var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
15
-
16
- // src/@types/router.d.ts
17
- var router_d_exports = {};
18
- module.exports = __toCommonJS(router_d_exports);
@@ -1,10 +1,15 @@
1
- import { R as RouterGlobalContext } from '../index-B8jeIElf.js';
1
+ import { R as RouterGlobalContext } from '../index-_aXtxb_s.js';
2
2
  import 'zod';
3
3
  import '../schemas.js';
4
- import '@aura-stack/router/cookie';
4
+ import 'zod/v4';
5
5
  import '@aura-stack/jose';
6
6
  import '@aura-stack/jose/jose';
7
+ import '@aura-stack/jose/crypto';
8
+ import '@aura-stack/router/cookie';
7
9
  import './utility.js';
10
+ import 'jose';
11
+ import '@aura-stack/router';
12
+ import 'zod/v4/core';
8
13
 
9
14
  declare module "@aura-stack/router" {
10
15
  interface GlobalContext extends RouterGlobalContext {}
@@ -1 +0,0 @@
1
- import "../chunk-DIVDFNAP.js";
@@ -35,9 +35,6 @@ var fetchAsync = async (url, options2 = {}, timeout = 5e3) => {
35
35
  return response;
36
36
  };
37
37
 
38
- // src/utils.ts
39
- var import_router = require("@aura-stack/router");
40
-
41
38
  // src/errors.ts
42
39
  var OAuthProtocolError = class extends Error {
43
40
  type = "OAUTH_PROTOCOL_ERROR";
@@ -62,46 +59,74 @@ var AuthInternalError = class extends Error {
62
59
  }
63
60
  };
64
61
 
65
- // src/utils.ts
66
- var formatZodError = (error) => {
67
- if (!error.issues || error.issues.length === 0) {
68
- return {};
69
- }
70
- return error.issues.reduce((previous, issue) => {
71
- const key = issue.path.join(".");
72
- return {
73
- ...previous,
74
- [key]: {
75
- code: issue.code,
76
- message: issue.message
77
- }
78
- };
79
- }, {});
80
- };
81
-
82
62
  // src/schemas.ts
83
- var import_zod = require("zod");
84
- var OAuthProviderConfigSchema = (0, import_zod.object)({
85
- authorizeURL: (0, import_zod.string)().url(),
86
- accessToken: (0, import_zod.string)().url(),
87
- scope: (0, import_zod.string)().optional(),
88
- userInfo: (0, import_zod.string)().url(),
89
- responseType: (0, import_zod.enum)(["code", "token", "id_token"]),
90
- clientId: (0, import_zod.string)(),
91
- clientSecret: (0, import_zod.string)()
63
+ var import_v4 = require("zod/v4");
64
+ var AuthorizeConfigSchema = import_v4.z.union([
65
+ (0, import_v4.string)().url(),
66
+ (0, import_v4.object)({
67
+ url: (0, import_v4.string)().url(),
68
+ params: (0, import_v4.object)({
69
+ responseType: (0, import_v4.enum)(["code", "token", "id_token", "refresh_token"]).optional(),
70
+ scope: (0, import_v4.string)().optional()
71
+ })
72
+ })
73
+ ]);
74
+ var AccessTokenConfigSchema = import_v4.z.union([
75
+ (0, import_v4.string)().url(),
76
+ (0, import_v4.object)({
77
+ url: (0, import_v4.string)().url(),
78
+ headers: import_v4.z.record((0, import_v4.string)(), (0, import_v4.string)()).optional()
79
+ })
80
+ ]);
81
+ var UserInfoConfigSchema = import_v4.z.union([
82
+ (0, import_v4.string)().url(),
83
+ (0, import_v4.object)({
84
+ url: (0, import_v4.string)().url(),
85
+ headers: import_v4.z.record((0, import_v4.string)(), (0, import_v4.string)()).optional(),
86
+ method: (0, import_v4.string)().optional()
87
+ })
88
+ ]);
89
+ var OAuthProviderCredentialsSchema = (0, import_v4.object)({
90
+ id: (0, import_v4.string)(),
91
+ name: (0, import_v4.string)(),
92
+ authorize: AuthorizeConfigSchema.optional(),
93
+ /** @deprecated */
94
+ authorizeURL: (0, import_v4.string)().url().optional(),
95
+ accessToken: AccessTokenConfigSchema,
96
+ /** @deprecated */
97
+ scope: (0, import_v4.string)().optional(),
98
+ userInfo: UserInfoConfigSchema,
99
+ /** @deprecated */
100
+ responseType: (0, import_v4.enum)(["code", "token", "id_token", "refresh_token"]).optional(),
101
+ clientId: (0, import_v4.string)(),
102
+ clientSecret: (0, import_v4.string)(),
103
+ profile: import_v4.z.function().optional()
104
+ });
105
+ var OAuthProviderConfigSchema = (0, import_v4.object)({
106
+ authorize: AuthorizeConfigSchema.optional(),
107
+ /** @deprecated */
108
+ authorizeURL: (0, import_v4.string)().url().optional(),
109
+ accessToken: AccessTokenConfigSchema,
110
+ /** @deprecated */
111
+ scope: (0, import_v4.string)().optional(),
112
+ userInfo: UserInfoConfigSchema,
113
+ /** @deprecated */
114
+ responseType: (0, import_v4.enum)(["code", "token", "id_token", "refresh_token"]).optional(),
115
+ clientId: (0, import_v4.string)(),
116
+ clientSecret: (0, import_v4.string)()
92
117
  });
93
118
  var OAuthAuthorization = OAuthProviderConfigSchema.extend({
94
- redirectURI: (0, import_zod.string)(),
95
- state: (0, import_zod.string)(),
96
- codeChallenge: (0, import_zod.string)(),
97
- codeChallengeMethod: (0, import_zod.enum)(["plain", "S256"])
119
+ redirectURI: (0, import_v4.string)(),
120
+ state: (0, import_v4.string)(),
121
+ codeChallenge: (0, import_v4.string)(),
122
+ codeChallengeMethod: (0, import_v4.enum)(["plain", "S256"])
98
123
  });
99
- var OAuthAuthorizationResponse = (0, import_zod.object)({
100
- state: (0, import_zod.string)({ message: "Missing state parameter in the OAuth authorization response." }),
101
- code: (0, import_zod.string)({ message: "Missing code parameter in the OAuth authorization response." })
124
+ var OAuthAuthorizationResponse = (0, import_v4.object)({
125
+ state: (0, import_v4.string)({ message: "Missing state parameter in the OAuth authorization response." }),
126
+ code: (0, import_v4.string)({ message: "Missing code parameter in the OAuth authorization response." })
102
127
  });
103
- var OAuthAuthorizationErrorResponse = (0, import_zod.object)({
104
- error: (0, import_zod.enum)([
128
+ var OAuthAuthorizationErrorResponse = (0, import_v4.object)({
129
+ error: (0, import_v4.enum)([
105
130
  "invalid_request",
106
131
  "unauthorized_client",
107
132
  "access_denied",
@@ -110,24 +135,24 @@ var OAuthAuthorizationErrorResponse = (0, import_zod.object)({
110
135
  "server_error",
111
136
  "temporarily_unavailable"
112
137
  ]),
113
- error_description: (0, import_zod.string)().optional(),
114
- error_uri: (0, import_zod.string)().optional(),
115
- state: (0, import_zod.string)()
138
+ error_description: (0, import_v4.string)().optional(),
139
+ error_uri: (0, import_v4.string)().optional(),
140
+ state: (0, import_v4.string)()
116
141
  });
117
142
  var OAuthAccessToken = OAuthProviderConfigSchema.extend({
118
- redirectURI: (0, import_zod.string)(),
119
- code: (0, import_zod.string)(),
120
- codeVerifier: (0, import_zod.string)().min(43).max(128)
143
+ redirectURI: (0, import_v4.string)(),
144
+ code: (0, import_v4.string)(),
145
+ codeVerifier: (0, import_v4.string)().min(43).max(128)
121
146
  });
122
- var OAuthAccessTokenResponse = (0, import_zod.object)({
123
- access_token: (0, import_zod.string)(),
124
- token_type: (0, import_zod.string)().optional(),
125
- expires_in: (0, import_zod.number)().optional(),
126
- refresh_token: (0, import_zod.string)().optional(),
127
- scope: (0, import_zod.string)().optional().or((0, import_zod.null)())
147
+ var OAuthAccessTokenResponse = (0, import_v4.object)({
148
+ access_token: (0, import_v4.string)(),
149
+ token_type: (0, import_v4.string)().optional(),
150
+ expires_in: (0, import_v4.number)().optional(),
151
+ refresh_token: (0, import_v4.string)().optional(),
152
+ scope: (0, import_v4.union)([(0, import_v4.string)().optional().or((0, import_v4.null)()), (0, import_v4.array)((0, import_v4.string)()).optional()])
128
153
  });
129
- var OAuthAccessTokenErrorResponse = (0, import_zod.object)({
130
- error: (0, import_zod.enum)([
154
+ var OAuthAccessTokenErrorResponse = (0, import_v4.object)({
155
+ error: (0, import_v4.enum)([
131
156
  "invalid_request",
132
157
  "invalid_client",
133
158
  "invalid_grant",
@@ -135,53 +160,87 @@ var OAuthAccessTokenErrorResponse = (0, import_zod.object)({
135
160
  "unsupported_grant_type",
136
161
  "invalid_scope"
137
162
  ]),
138
- error_description: (0, import_zod.string)().optional(),
139
- error_uri: (0, import_zod.string)().optional()
163
+ error_description: (0, import_v4.string)().optional(),
164
+ error_uri: (0, import_v4.string)().optional()
140
165
  });
141
- var OAuthErrorResponse = (0, import_zod.object)({
142
- error: (0, import_zod.string)(),
143
- error_description: (0, import_zod.string)().optional()
166
+ var OAuthErrorResponse = (0, import_v4.object)({
167
+ error: (0, import_v4.string)(),
168
+ error_description: (0, import_v4.string)().optional()
144
169
  });
145
- var OAuthEnvSchema = (0, import_zod.object)({
146
- clientId: import_zod.z.string().min(1, "OAuth Client ID is required in the environment variables."),
147
- clientSecret: import_zod.z.string().min(1, "OAuth Client Secret is required in the environment variables.")
170
+ var OAuthEnvSchema = (0, import_v4.object)({
171
+ clientId: import_v4.z.string().min(1, "OAuth Client ID is required in the environment variables."),
172
+ clientSecret: import_v4.z.string().min(1, "OAuth Client Secret is required in the environment variables.")
148
173
  });
149
174
 
150
175
  // src/actions/callback/access-token.ts
151
- var createAccessToken = async (oauthConfig, redirectURI, code, codeVerifier) => {
152
- const parsed = OAuthAccessToken.safeParse({ ...oauthConfig, redirectURI, code, codeVerifier });
153
- if (!parsed.success) {
154
- const msg = JSON.stringify(formatZodError(parsed.error), null, 2);
155
- throw new AuthInternalError("INVALID_OAUTH_CONFIGURATION", msg);
176
+ var createAccessToken = async (oauthConfig, redirectURI, code, codeVerifier, logger) => {
177
+ const { accessToken, clientId, clientSecret } = oauthConfig;
178
+ if (!clientId || !clientSecret || !redirectURI || !code || !codeVerifier || !accessToken) {
179
+ logger?.log("INVALID_OAUTH_CONFIGURATION", {
180
+ structuredData: {
181
+ has_client_id: Boolean(clientId),
182
+ has_client_secret: Boolean(clientSecret),
183
+ has_access_token: Boolean(accessToken),
184
+ has_redirect_uri: Boolean(redirectURI),
185
+ has_code: Boolean(code),
186
+ has_code_verifier: Boolean(codeVerifier)
187
+ }
188
+ });
189
+ throw new AuthInternalError("INVALID_OAUTH_CONFIGURATION", "The OAuth provider configuration is invalid.");
156
190
  }
157
- const { accessToken, clientId, clientSecret, code: codeParsed, redirectURI: redirectParsed } = parsed.data;
191
+ const tokenURL = typeof accessToken === "string" ? accessToken : accessToken.url;
192
+ const extraHeaders = typeof accessToken === "string" ? void 0 : accessToken.headers;
158
193
  try {
159
- const response = await fetchAsync(accessToken, {
194
+ logger?.log("OAUTH_ACCESS_TOKEN_REQUEST_INITIATED", {
195
+ structuredData: {
196
+ has_client_id: Boolean(clientId),
197
+ redirect_uri: redirectURI,
198
+ grant_type: "authorization_code"
199
+ }
200
+ });
201
+ const response = await fetchAsync(tokenURL, {
160
202
  method: "POST",
161
203
  headers: {
204
+ ...extraHeaders ?? {},
162
205
  Accept: "application/json",
163
206
  "Content-Type": "application/x-www-form-urlencoded"
164
207
  },
165
208
  body: new URLSearchParams({
166
209
  client_id: clientId,
167
210
  client_secret: clientSecret,
168
- code: codeParsed,
169
- redirect_uri: redirectParsed,
211
+ code,
212
+ redirect_uri: redirectURI,
170
213
  grant_type: "authorization_code",
171
214
  code_verifier: codeVerifier
172
215
  }).toString()
173
216
  });
217
+ if (!response.ok) {
218
+ logger?.log("INVALID_OAUTH_ACCESS_TOKEN_RESPONSE");
219
+ throw new OAuthProtocolError("invalid_request", "Invalid access token response");
220
+ }
174
221
  const json = await response.json();
175
222
  const token = OAuthAccessTokenResponse.safeParse(json);
176
223
  if (!token.success) {
177
224
  const { success, data } = OAuthAccessTokenErrorResponse.safeParse(json);
178
225
  if (!success) {
179
- throw new OAuthProtocolError("INVALID_REQUEST", "Invalid access token response format");
226
+ logger?.log("INVALID_OAUTH_ACCESS_TOKEN_RESPONSE");
227
+ throw new OAuthProtocolError("invalid_request", "Invalid access token response format");
180
228
  }
181
- throw new OAuthProtocolError(data.error, data?.error_description ?? "Failed to retrieve access token");
229
+ logger?.log("OAUTH_ACCESS_TOKEN_ERROR", {
230
+ structuredData: {
231
+ error: data.error,
232
+ error_description: data.error_description ?? ""
233
+ }
234
+ });
235
+ throw new OAuthProtocolError("INVALID_ACCESS_TOKEN", "Failed to retrieve access token");
182
236
  }
237
+ logger?.log("OAUTH_ACCESS_TOKEN_SUCCESS");
183
238
  return token.data;
184
239
  } catch (error) {
240
+ logger?.log("OAUTH_ACCESS_TOKEN_REQUEST_FAILED");
241
+ if (error instanceof Error) {
242
+ throw new OAuthProtocolError("server_error", "Failed to communicate with OAuth provider", "", { cause: error });
243
+ }
185
244
  throw error;
186
245
  }
187
246
  };
@@ -1,10 +1,15 @@
1
- import { h as OAuthProviderCredentials } from '../../index-B8jeIElf.js';
1
+ import { j as OAuthProviderCredentials, a as InternalLogger } from '../../index-_aXtxb_s.js';
2
2
  import 'zod';
3
3
  import '../../schemas.js';
4
- import '@aura-stack/router/cookie';
4
+ import 'zod/v4';
5
5
  import '@aura-stack/jose';
6
6
  import '@aura-stack/jose/jose';
7
+ import '@aura-stack/jose/crypto';
8
+ import '@aura-stack/router/cookie';
7
9
  import '../../@types/utility.js';
10
+ import 'jose';
11
+ import '@aura-stack/router';
12
+ import 'zod/v4/core';
8
13
 
9
14
  /**
10
15
  * Make a request to the OAuth provider to the token endpoint to exchange the authorization code provided
@@ -17,12 +22,12 @@ import '../../@types/utility.js';
17
22
  * @param code - The authorization code received from the OAuth server
18
23
  * @returns The access token response from the OAuth server
19
24
  */
20
- declare const createAccessToken: (oauthConfig: OAuthProviderCredentials, redirectURI: string, code: string, codeVerifier: string) => Promise<{
25
+ declare const createAccessToken: (oauthConfig: OAuthProviderCredentials, redirectURI: string, code: string, codeVerifier: string, logger?: InternalLogger) => Promise<{
21
26
  access_token: string;
22
27
  token_type?: string | undefined;
23
28
  expires_in?: number | undefined;
24
29
  refresh_token?: string | undefined;
25
- scope?: string | null | undefined;
30
+ scope?: string | string[] | null | undefined;
26
31
  }>;
27
32
 
28
33
  export { createAccessToken };
@@ -1,10 +1,9 @@
1
1
  import {
2
2
  createAccessToken
3
- } from "../../chunk-GA2SMTJO.js";
4
- import "../../chunk-CXLATHS5.js";
5
- import "../../chunk-RRLIF4PQ.js";
3
+ } from "../../chunk-7BE46WWS.js";
6
4
  import "../../chunk-ZNCZVF6U.js";
7
- import "../../chunk-YRCB5FLE.js";
5
+ import "../../chunk-2A5B7GWR.js";
6
+ import "../../chunk-U5663F2U.js";
8
7
  export {
9
8
  createAccessToken
10
9
  };