@aura-stack/auth 0.4.0-rc.5 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/@types/index.d.ts +8 -3
- package/dist/@types/router.d.cjs +0 -17
- package/dist/@types/router.d.d.ts +7 -2
- package/dist/@types/router.d.js +0 -1
- package/dist/actions/callback/access-token.cjs +130 -71
- package/dist/actions/callback/access-token.d.ts +9 -4
- package/dist/actions/callback/access-token.js +3 -4
- package/dist/actions/callback/callback.cjs +428 -152
- package/dist/actions/callback/callback.d.ts +11 -3
- package/dist/actions/callback/callback.js +12 -10
- package/dist/actions/callback/userinfo.cjs +159 -65
- package/dist/actions/callback/userinfo.d.ts +8 -3
- package/dist/actions/callback/userinfo.js +7 -6
- package/dist/actions/csrfToken/csrfToken.cjs +70 -19
- package/dist/actions/csrfToken/csrfToken.js +8 -7
- package/dist/actions/index.cjs +780 -348
- package/dist/actions/index.d.ts +6 -2
- package/dist/actions/index.js +23 -18
- package/dist/actions/session/session.cjs +107 -26
- package/dist/actions/session/session.js +7 -5
- package/dist/actions/signIn/authorization-url.cjs +288 -0
- package/dist/actions/signIn/authorization-url.d.ts +31 -0
- package/dist/actions/signIn/authorization-url.js +16 -0
- package/dist/actions/signIn/authorization.cjs +209 -211
- package/dist/actions/signIn/authorization.d.ts +32 -21
- package/dist/actions/signIn/authorization.js +12 -9
- package/dist/actions/signIn/signIn.cjs +470 -235
- package/dist/actions/signIn/signIn.d.ts +12 -3
- package/dist/actions/signIn/signIn.js +11 -8
- package/dist/actions/signOut/signOut.cjs +376 -228
- package/dist/actions/signOut/signOut.d.ts +1 -1
- package/dist/actions/signOut/signOut.js +10 -9
- package/dist/api/createApi.cjs +750 -0
- package/dist/api/createApi.d.ts +12 -0
- package/dist/api/createApi.js +19 -0
- package/dist/api/getSession.cjs +141 -0
- package/dist/api/getSession.d.ts +16 -0
- package/dist/api/getSession.js +10 -0
- package/dist/api/signIn.cjs +549 -0
- package/dist/api/signIn.d.ts +26 -0
- package/dist/api/signIn.js +15 -0
- package/dist/api/signOut.cjs +279 -0
- package/dist/api/signOut.d.ts +16 -0
- package/dist/api/signOut.js +13 -0
- package/dist/assert.cjs +150 -5
- package/dist/assert.d.ts +26 -3
- package/dist/assert.js +17 -3
- package/dist/{chunk-YRCB5FLE.js → chunk-2A5B7GWR.js} +52 -6
- package/dist/chunk-2GQLSIJ2.js +40 -0
- package/dist/chunk-2IR674WX.js +44 -0
- package/dist/chunk-3J5TUH2I.js +50 -0
- package/dist/chunk-4RWSYUKX.js +98 -0
- package/dist/chunk-4YHJ4IEQ.js +25 -0
- package/dist/chunk-54CZPKR4.js +25 -0
- package/dist/chunk-5LZ7TOM3.js +25 -0
- package/dist/chunk-7BE46WWS.js +88 -0
- package/dist/chunk-7YYXFKLR.js +35 -0
- package/dist/chunk-C3A37LQC.js +33 -0
- package/dist/chunk-CITNGXDA.js +31 -0
- package/dist/chunk-CWX724AG.js +78 -0
- package/dist/chunk-D2CSIUKP.js +74 -0
- package/dist/chunk-E6G5YCI6.js +25 -0
- package/dist/chunk-EBAMFRB7.js +34 -0
- package/dist/chunk-EEE7UM5T.js +25 -0
- package/dist/{chunk-HT4YLL7N.js → chunk-FPCVZUVG.js} +10 -8
- package/dist/chunk-FW4W3REU.js +25 -0
- package/dist/chunk-GNNBM2WJ.js +83 -0
- package/dist/chunk-IPKO6UQN.js +25 -0
- package/dist/chunk-JOCGX3RP.js +59 -0
- package/dist/chunk-KBXWTD6E.js +94 -0
- package/dist/chunk-KMMAZFSJ.js +25 -0
- package/dist/chunk-LATR3NIV.js +117 -0
- package/dist/chunk-LAYPUDQF.js +39 -0
- package/dist/chunk-LDU7A2JE.js +25 -0
- package/dist/chunk-LX3TJ2TJ.js +294 -0
- package/dist/chunk-NHZBQNRR.js +143 -0
- package/dist/chunk-OVHNRULD.js +33 -0
- package/dist/chunk-PDP3PHB3.js +127 -0
- package/dist/chunk-PHYNROD4.js +47 -0
- package/dist/chunk-QQEKY4XP.js +29 -0
- package/dist/chunk-U4RK4LKJ.js +348 -0
- package/dist/{chunk-RRLIF4PQ.js → chunk-U5663F2U.js} +16 -1
- package/dist/chunk-UN7X6SU5.js +53 -0
- package/dist/chunk-UZQJJD6A.js +100 -0
- package/dist/chunk-V6LLEAR4.js +80 -0
- package/dist/chunk-WHNDRO3N.js +50 -0
- package/dist/{chunk-W6LG7BFW.js → chunk-XY5R3EHH.js} +30 -23
- package/dist/client/client.cjs +135 -0
- package/dist/client/client.d.ts +85 -0
- package/dist/client/client.js +9 -0
- package/dist/client/index.cjs +135 -0
- package/dist/client/index.d.ts +14 -0
- package/dist/client/index.js +10 -0
- package/dist/context.cjs +1237 -0
- package/dist/context.d.ts +16 -0
- package/dist/context.js +28 -0
- package/dist/cookie.cjs +57 -22
- package/dist/cookie.d.ts +11 -6
- package/dist/cookie.js +3 -2
- package/dist/createAuth.cjs +2320 -0
- package/dist/createAuth.d.ts +12 -0
- package/dist/createAuth.js +48 -0
- package/dist/env.cjs +78 -0
- package/dist/env.d.ts +10 -0
- package/dist/env.js +12 -0
- package/dist/errors.cjs +17 -0
- package/dist/errors.d.ts +15 -4
- package/dist/errors.js +5 -1
- package/dist/headers.cjs +28 -2
- package/dist/headers.d.ts +25 -1
- package/dist/headers.js +9 -3
- package/dist/index-_aXtxb_s.d.ts +1377 -0
- package/dist/index.cjs +1843 -610
- package/dist/index.d.ts +11 -92
- package/dist/index.js +53 -85
- package/dist/jose.cjs +113 -38
- package/dist/jose.d.ts +12 -23
- package/dist/jose.js +17 -7
- package/dist/logger.cjs +424 -0
- package/dist/logger.d.ts +12 -0
- package/dist/logger.js +17 -0
- package/dist/oauth/atlassian.cjs +57 -0
- package/dist/oauth/atlassian.d.ts +12 -0
- package/dist/oauth/atlassian.js +6 -0
- package/dist/oauth/bitbucket.cjs +19 -15
- package/dist/oauth/bitbucket.d.ts +7 -2
- package/dist/oauth/bitbucket.js +1 -1
- package/dist/oauth/discord.cjs +27 -24
- package/dist/oauth/discord.d.ts +7 -2
- package/dist/oauth/discord.js +1 -1
- package/dist/oauth/dropbox.cjs +53 -0
- package/dist/oauth/dropbox.d.ts +12 -0
- package/dist/oauth/dropbox.js +6 -0
- package/dist/oauth/figma.cjs +19 -16
- package/dist/oauth/figma.d.ts +7 -2
- package/dist/oauth/figma.js +1 -1
- package/dist/oauth/github.cjs +19 -8
- package/dist/oauth/github.d.ts +7 -2
- package/dist/oauth/github.js +1 -1
- package/dist/oauth/gitlab.cjs +19 -16
- package/dist/oauth/gitlab.d.ts +7 -2
- package/dist/oauth/gitlab.js +1 -1
- package/dist/oauth/index.cjs +529 -239
- package/dist/oauth/index.d.ts +7 -2
- package/dist/oauth/index.js +39 -22
- package/dist/oauth/mailchimp.cjs +19 -16
- package/dist/oauth/mailchimp.d.ts +7 -2
- package/dist/oauth/mailchimp.js +1 -1
- package/dist/oauth/notion.cjs +131 -0
- package/dist/oauth/notion.d.ts +12 -0
- package/dist/oauth/notion.js +9 -0
- package/dist/oauth/pinterest.cjs +19 -16
- package/dist/oauth/pinterest.d.ts +7 -2
- package/dist/oauth/pinterest.js +1 -1
- package/dist/oauth/spotify.cjs +19 -16
- package/dist/oauth/spotify.d.ts +7 -2
- package/dist/oauth/spotify.js +1 -1
- package/dist/oauth/strava.cjs +19 -16
- package/dist/oauth/strava.d.ts +7 -2
- package/dist/oauth/strava.js +1 -1
- package/dist/oauth/twitch.cjs +95 -0
- package/dist/oauth/twitch.d.ts +12 -0
- package/dist/oauth/twitch.js +7 -0
- package/dist/oauth/x.cjs +19 -16
- package/dist/oauth/x.d.ts +7 -2
- package/dist/oauth/x.js +1 -1
- package/dist/schemas.cjs +89 -42
- package/dist/schemas.d.ts +114 -18
- package/dist/schemas.js +5 -3
- package/dist/secure.cjs +73 -31
- package/dist/secure.d.ts +11 -11
- package/dist/secure.js +7 -6
- package/dist/utils.cjs +203 -90
- package/dist/utils.d.ts +21 -40
- package/dist/utils.js +21 -12
- package/package.json +9 -6
- package/dist/chunk-3EUWD5BB.js +0 -63
- package/dist/chunk-42XB3YCW.js +0 -22
- package/dist/chunk-6R2YZ4AC.js +0 -22
- package/dist/chunk-A3N4PVAT.js +0 -70
- package/dist/chunk-B737EUJV.js +0 -22
- package/dist/chunk-CXLATHS5.js +0 -143
- package/dist/chunk-E3OXBRYF.js +0 -22
- package/dist/chunk-EIL2FPSS.js +0 -22
- package/dist/chunk-EMKJA2GJ.js +0 -89
- package/dist/chunk-FIPU4MLT.js +0 -21
- package/dist/chunk-FKRDCWBF.js +0 -22
- package/dist/chunk-GA2SMTJO.js +0 -58
- package/dist/chunk-HP34YGGJ.js +0 -22
- package/dist/chunk-IKHPGFCW.js +0 -14
- package/dist/chunk-IUYZQTJV.js +0 -30
- package/dist/chunk-IVET23KF.js +0 -58
- package/dist/chunk-JVFTCTTE.js +0 -33
- package/dist/chunk-KRNOMBXQ.js +0 -22
- package/dist/chunk-KSWLO5ZU.js +0 -102
- package/dist/chunk-N2APGLXA.js +0 -71
- package/dist/chunk-N4SX7TZT.js +0 -96
- package/dist/chunk-STHEPPUZ.js +0 -11
- package/dist/chunk-TLE4PXY3.js +0 -39
- package/dist/index-B8jeIElf.d.ts +0 -679
- /package/dist/{chunk-DIVDFNAP.js → chunk-5X7JZMEF.js} +0 -0
package/dist/@types/index.d.ts
CHANGED
|
@@ -1,7 +1,12 @@
|
|
|
1
1
|
import 'zod';
|
|
2
|
+
export { f as APIErrorMap, aA as AccessTokenError, q as AuthAPI, p as AuthClient, l as AuthClientOptions, A as AuthConfig, r as AuthInstance, d as AuthInternalErrorCode, c as AuthRuntimeConfig, e as AuthSecurityErrorCode, aB as AuthorizationError, aC as AuthorizeParams, B as BuiltInOAuthProvider, C as CookieConfig, aD as CookieName, b as CookieStoreConfig, aE as CookieStrategyAttributes, E as ErrorType, F as FunctionAPIContext, aF as GetSessionAPI, G as GetSessionAPIOptions, aG as HostCookie, I as InternalContext, a as InternalLogger, J as JWTPayloadWithToken, aH as JWTStandardClaims, s as JoseInstance, L as LogLevel, t as Logger, aI as OAuthEnv, aJ as OAuthError, k as OAuthProvider, u as OAuthProviderConfig, j as OAuthProviderCredentials, O as OAuthProviderRecord, aK as ResponseType, R as RouterGlobalContext, aL as SecureCookie, m as Session, S as SessionResponse, aM as Severity, g as SignInAPIOptions, n as SignInOptions, h as SignInReturn, i as SignOutAPIOptions, o as SignOutOptions, aN as StandardCookie, aO as SyslogOptions, aP as TokenRevocationError, T as TrustedOrigin, U as User } from '../index-_aXtxb_s.js';
|
|
2
3
|
import '../schemas.js';
|
|
3
4
|
import '@aura-stack/router/cookie';
|
|
4
|
-
import '@aura-stack/jose';
|
|
5
|
-
import '@aura-stack/jose/jose';
|
|
6
|
-
export { i as APIErrorMap, a0 as AccessTokenError, d as AuthConfig, f as AuthInstance, b as AuthInternalErrorCode, A as AuthRuntimeConfig, c as AuthSecurityErrorCode, $ as AuthorizationError, C as CookieConfig, Z as CookieName, a as CookieStoreConfig, Y as CookieStrategyAttributes, E as ErrorType, V as HostCookie, J as JWTPayloadWithToken, Q as JWTStandardClaims, e as JoseInstance, a2 as OAuthEnv, _ as OAuthError, O as OAuthProvider, g as OAuthProviderConfig, h as OAuthProviderCredentials, j as OAuthProviderRecord, R as RouterGlobalContext, T as SecureCookie, S as Session, W as StandardCookie, a1 as TokenRevocationError, U as User } from '../index-B8jeIElf.js';
|
|
7
5
|
export { LiteralUnion, Prettify } from './utility.js';
|
|
6
|
+
import '@aura-stack/router';
|
|
7
|
+
import '@aura-stack/jose/jose';
|
|
8
|
+
import '@aura-stack/jose';
|
|
9
|
+
import '@aura-stack/jose/crypto';
|
|
10
|
+
import 'jose';
|
|
11
|
+
import 'zod/v4/core';
|
|
12
|
+
import 'zod/v4';
|
package/dist/@types/router.d.cjs
CHANGED
|
@@ -1,18 +1 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __defProp = Object.defineProperty;
|
|
3
|
-
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
4
|
-
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
5
|
-
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
6
|
-
var __copyProps = (to, from, except, desc) => {
|
|
7
|
-
if (from && typeof from === "object" || typeof from === "function") {
|
|
8
|
-
for (let key of __getOwnPropNames(from))
|
|
9
|
-
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
10
|
-
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
11
|
-
}
|
|
12
|
-
return to;
|
|
13
|
-
};
|
|
14
|
-
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
15
|
-
|
|
16
|
-
// src/@types/router.d.ts
|
|
17
|
-
var router_d_exports = {};
|
|
18
|
-
module.exports = __toCommonJS(router_d_exports);
|
|
@@ -1,10 +1,15 @@
|
|
|
1
|
-
import { R as RouterGlobalContext } from '../index-
|
|
1
|
+
import { R as RouterGlobalContext } from '../index-_aXtxb_s.js';
|
|
2
2
|
import 'zod';
|
|
3
3
|
import '../schemas.js';
|
|
4
|
-
import '
|
|
4
|
+
import 'zod/v4';
|
|
5
5
|
import '@aura-stack/jose';
|
|
6
6
|
import '@aura-stack/jose/jose';
|
|
7
|
+
import '@aura-stack/jose/crypto';
|
|
8
|
+
import '@aura-stack/router/cookie';
|
|
7
9
|
import './utility.js';
|
|
10
|
+
import 'jose';
|
|
11
|
+
import '@aura-stack/router';
|
|
12
|
+
import 'zod/v4/core';
|
|
8
13
|
|
|
9
14
|
declare module "@aura-stack/router" {
|
|
10
15
|
interface GlobalContext extends RouterGlobalContext {}
|
package/dist/@types/router.d.js
CHANGED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import "../chunk-DIVDFNAP.js";
|
|
@@ -35,9 +35,6 @@ var fetchAsync = async (url, options2 = {}, timeout = 5e3) => {
|
|
|
35
35
|
return response;
|
|
36
36
|
};
|
|
37
37
|
|
|
38
|
-
// src/utils.ts
|
|
39
|
-
var import_router = require("@aura-stack/router");
|
|
40
|
-
|
|
41
38
|
// src/errors.ts
|
|
42
39
|
var OAuthProtocolError = class extends Error {
|
|
43
40
|
type = "OAUTH_PROTOCOL_ERROR";
|
|
@@ -62,46 +59,74 @@ var AuthInternalError = class extends Error {
|
|
|
62
59
|
}
|
|
63
60
|
};
|
|
64
61
|
|
|
65
|
-
// src/utils.ts
|
|
66
|
-
var formatZodError = (error) => {
|
|
67
|
-
if (!error.issues || error.issues.length === 0) {
|
|
68
|
-
return {};
|
|
69
|
-
}
|
|
70
|
-
return error.issues.reduce((previous, issue) => {
|
|
71
|
-
const key = issue.path.join(".");
|
|
72
|
-
return {
|
|
73
|
-
...previous,
|
|
74
|
-
[key]: {
|
|
75
|
-
code: issue.code,
|
|
76
|
-
message: issue.message
|
|
77
|
-
}
|
|
78
|
-
};
|
|
79
|
-
}, {});
|
|
80
|
-
};
|
|
81
|
-
|
|
82
62
|
// src/schemas.ts
|
|
83
|
-
var
|
|
84
|
-
var
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
63
|
+
var import_v4 = require("zod/v4");
|
|
64
|
+
var AuthorizeConfigSchema = import_v4.z.union([
|
|
65
|
+
(0, import_v4.string)().url(),
|
|
66
|
+
(0, import_v4.object)({
|
|
67
|
+
url: (0, import_v4.string)().url(),
|
|
68
|
+
params: (0, import_v4.object)({
|
|
69
|
+
responseType: (0, import_v4.enum)(["code", "token", "id_token", "refresh_token"]).optional(),
|
|
70
|
+
scope: (0, import_v4.string)().optional()
|
|
71
|
+
})
|
|
72
|
+
})
|
|
73
|
+
]);
|
|
74
|
+
var AccessTokenConfigSchema = import_v4.z.union([
|
|
75
|
+
(0, import_v4.string)().url(),
|
|
76
|
+
(0, import_v4.object)({
|
|
77
|
+
url: (0, import_v4.string)().url(),
|
|
78
|
+
headers: import_v4.z.record((0, import_v4.string)(), (0, import_v4.string)()).optional()
|
|
79
|
+
})
|
|
80
|
+
]);
|
|
81
|
+
var UserInfoConfigSchema = import_v4.z.union([
|
|
82
|
+
(0, import_v4.string)().url(),
|
|
83
|
+
(0, import_v4.object)({
|
|
84
|
+
url: (0, import_v4.string)().url(),
|
|
85
|
+
headers: import_v4.z.record((0, import_v4.string)(), (0, import_v4.string)()).optional(),
|
|
86
|
+
method: (0, import_v4.string)().optional()
|
|
87
|
+
})
|
|
88
|
+
]);
|
|
89
|
+
var OAuthProviderCredentialsSchema = (0, import_v4.object)({
|
|
90
|
+
id: (0, import_v4.string)(),
|
|
91
|
+
name: (0, import_v4.string)(),
|
|
92
|
+
authorize: AuthorizeConfigSchema.optional(),
|
|
93
|
+
/** @deprecated */
|
|
94
|
+
authorizeURL: (0, import_v4.string)().url().optional(),
|
|
95
|
+
accessToken: AccessTokenConfigSchema,
|
|
96
|
+
/** @deprecated */
|
|
97
|
+
scope: (0, import_v4.string)().optional(),
|
|
98
|
+
userInfo: UserInfoConfigSchema,
|
|
99
|
+
/** @deprecated */
|
|
100
|
+
responseType: (0, import_v4.enum)(["code", "token", "id_token", "refresh_token"]).optional(),
|
|
101
|
+
clientId: (0, import_v4.string)(),
|
|
102
|
+
clientSecret: (0, import_v4.string)(),
|
|
103
|
+
profile: import_v4.z.function().optional()
|
|
104
|
+
});
|
|
105
|
+
var OAuthProviderConfigSchema = (0, import_v4.object)({
|
|
106
|
+
authorize: AuthorizeConfigSchema.optional(),
|
|
107
|
+
/** @deprecated */
|
|
108
|
+
authorizeURL: (0, import_v4.string)().url().optional(),
|
|
109
|
+
accessToken: AccessTokenConfigSchema,
|
|
110
|
+
/** @deprecated */
|
|
111
|
+
scope: (0, import_v4.string)().optional(),
|
|
112
|
+
userInfo: UserInfoConfigSchema,
|
|
113
|
+
/** @deprecated */
|
|
114
|
+
responseType: (0, import_v4.enum)(["code", "token", "id_token", "refresh_token"]).optional(),
|
|
115
|
+
clientId: (0, import_v4.string)(),
|
|
116
|
+
clientSecret: (0, import_v4.string)()
|
|
92
117
|
});
|
|
93
118
|
var OAuthAuthorization = OAuthProviderConfigSchema.extend({
|
|
94
|
-
redirectURI: (0,
|
|
95
|
-
state: (0,
|
|
96
|
-
codeChallenge: (0,
|
|
97
|
-
codeChallengeMethod: (0,
|
|
119
|
+
redirectURI: (0, import_v4.string)(),
|
|
120
|
+
state: (0, import_v4.string)(),
|
|
121
|
+
codeChallenge: (0, import_v4.string)(),
|
|
122
|
+
codeChallengeMethod: (0, import_v4.enum)(["plain", "S256"])
|
|
98
123
|
});
|
|
99
|
-
var OAuthAuthorizationResponse = (0,
|
|
100
|
-
state: (0,
|
|
101
|
-
code: (0,
|
|
124
|
+
var OAuthAuthorizationResponse = (0, import_v4.object)({
|
|
125
|
+
state: (0, import_v4.string)({ message: "Missing state parameter in the OAuth authorization response." }),
|
|
126
|
+
code: (0, import_v4.string)({ message: "Missing code parameter in the OAuth authorization response." })
|
|
102
127
|
});
|
|
103
|
-
var OAuthAuthorizationErrorResponse = (0,
|
|
104
|
-
error: (0,
|
|
128
|
+
var OAuthAuthorizationErrorResponse = (0, import_v4.object)({
|
|
129
|
+
error: (0, import_v4.enum)([
|
|
105
130
|
"invalid_request",
|
|
106
131
|
"unauthorized_client",
|
|
107
132
|
"access_denied",
|
|
@@ -110,24 +135,24 @@ var OAuthAuthorizationErrorResponse = (0, import_zod.object)({
|
|
|
110
135
|
"server_error",
|
|
111
136
|
"temporarily_unavailable"
|
|
112
137
|
]),
|
|
113
|
-
error_description: (0,
|
|
114
|
-
error_uri: (0,
|
|
115
|
-
state: (0,
|
|
138
|
+
error_description: (0, import_v4.string)().optional(),
|
|
139
|
+
error_uri: (0, import_v4.string)().optional(),
|
|
140
|
+
state: (0, import_v4.string)()
|
|
116
141
|
});
|
|
117
142
|
var OAuthAccessToken = OAuthProviderConfigSchema.extend({
|
|
118
|
-
redirectURI: (0,
|
|
119
|
-
code: (0,
|
|
120
|
-
codeVerifier: (0,
|
|
143
|
+
redirectURI: (0, import_v4.string)(),
|
|
144
|
+
code: (0, import_v4.string)(),
|
|
145
|
+
codeVerifier: (0, import_v4.string)().min(43).max(128)
|
|
121
146
|
});
|
|
122
|
-
var OAuthAccessTokenResponse = (0,
|
|
123
|
-
access_token: (0,
|
|
124
|
-
token_type: (0,
|
|
125
|
-
expires_in: (0,
|
|
126
|
-
refresh_token: (0,
|
|
127
|
-
scope: (0,
|
|
147
|
+
var OAuthAccessTokenResponse = (0, import_v4.object)({
|
|
148
|
+
access_token: (0, import_v4.string)(),
|
|
149
|
+
token_type: (0, import_v4.string)().optional(),
|
|
150
|
+
expires_in: (0, import_v4.number)().optional(),
|
|
151
|
+
refresh_token: (0, import_v4.string)().optional(),
|
|
152
|
+
scope: (0, import_v4.union)([(0, import_v4.string)().optional().or((0, import_v4.null)()), (0, import_v4.array)((0, import_v4.string)()).optional()])
|
|
128
153
|
});
|
|
129
|
-
var OAuthAccessTokenErrorResponse = (0,
|
|
130
|
-
error: (0,
|
|
154
|
+
var OAuthAccessTokenErrorResponse = (0, import_v4.object)({
|
|
155
|
+
error: (0, import_v4.enum)([
|
|
131
156
|
"invalid_request",
|
|
132
157
|
"invalid_client",
|
|
133
158
|
"invalid_grant",
|
|
@@ -135,53 +160,87 @@ var OAuthAccessTokenErrorResponse = (0, import_zod.object)({
|
|
|
135
160
|
"unsupported_grant_type",
|
|
136
161
|
"invalid_scope"
|
|
137
162
|
]),
|
|
138
|
-
error_description: (0,
|
|
139
|
-
error_uri: (0,
|
|
163
|
+
error_description: (0, import_v4.string)().optional(),
|
|
164
|
+
error_uri: (0, import_v4.string)().optional()
|
|
140
165
|
});
|
|
141
|
-
var OAuthErrorResponse = (0,
|
|
142
|
-
error: (0,
|
|
143
|
-
error_description: (0,
|
|
166
|
+
var OAuthErrorResponse = (0, import_v4.object)({
|
|
167
|
+
error: (0, import_v4.string)(),
|
|
168
|
+
error_description: (0, import_v4.string)().optional()
|
|
144
169
|
});
|
|
145
|
-
var OAuthEnvSchema = (0,
|
|
146
|
-
clientId:
|
|
147
|
-
clientSecret:
|
|
170
|
+
var OAuthEnvSchema = (0, import_v4.object)({
|
|
171
|
+
clientId: import_v4.z.string().min(1, "OAuth Client ID is required in the environment variables."),
|
|
172
|
+
clientSecret: import_v4.z.string().min(1, "OAuth Client Secret is required in the environment variables.")
|
|
148
173
|
});
|
|
149
174
|
|
|
150
175
|
// src/actions/callback/access-token.ts
|
|
151
|
-
var createAccessToken = async (oauthConfig, redirectURI, code, codeVerifier) => {
|
|
152
|
-
const
|
|
153
|
-
if (!
|
|
154
|
-
|
|
155
|
-
|
|
176
|
+
var createAccessToken = async (oauthConfig, redirectURI, code, codeVerifier, logger) => {
|
|
177
|
+
const { accessToken, clientId, clientSecret } = oauthConfig;
|
|
178
|
+
if (!clientId || !clientSecret || !redirectURI || !code || !codeVerifier || !accessToken) {
|
|
179
|
+
logger?.log("INVALID_OAUTH_CONFIGURATION", {
|
|
180
|
+
structuredData: {
|
|
181
|
+
has_client_id: Boolean(clientId),
|
|
182
|
+
has_client_secret: Boolean(clientSecret),
|
|
183
|
+
has_access_token: Boolean(accessToken),
|
|
184
|
+
has_redirect_uri: Boolean(redirectURI),
|
|
185
|
+
has_code: Boolean(code),
|
|
186
|
+
has_code_verifier: Boolean(codeVerifier)
|
|
187
|
+
}
|
|
188
|
+
});
|
|
189
|
+
throw new AuthInternalError("INVALID_OAUTH_CONFIGURATION", "The OAuth provider configuration is invalid.");
|
|
156
190
|
}
|
|
157
|
-
const
|
|
191
|
+
const tokenURL = typeof accessToken === "string" ? accessToken : accessToken.url;
|
|
192
|
+
const extraHeaders = typeof accessToken === "string" ? void 0 : accessToken.headers;
|
|
158
193
|
try {
|
|
159
|
-
|
|
194
|
+
logger?.log("OAUTH_ACCESS_TOKEN_REQUEST_INITIATED", {
|
|
195
|
+
structuredData: {
|
|
196
|
+
has_client_id: Boolean(clientId),
|
|
197
|
+
redirect_uri: redirectURI,
|
|
198
|
+
grant_type: "authorization_code"
|
|
199
|
+
}
|
|
200
|
+
});
|
|
201
|
+
const response = await fetchAsync(tokenURL, {
|
|
160
202
|
method: "POST",
|
|
161
203
|
headers: {
|
|
204
|
+
...extraHeaders ?? {},
|
|
162
205
|
Accept: "application/json",
|
|
163
206
|
"Content-Type": "application/x-www-form-urlencoded"
|
|
164
207
|
},
|
|
165
208
|
body: new URLSearchParams({
|
|
166
209
|
client_id: clientId,
|
|
167
210
|
client_secret: clientSecret,
|
|
168
|
-
code
|
|
169
|
-
redirect_uri:
|
|
211
|
+
code,
|
|
212
|
+
redirect_uri: redirectURI,
|
|
170
213
|
grant_type: "authorization_code",
|
|
171
214
|
code_verifier: codeVerifier
|
|
172
215
|
}).toString()
|
|
173
216
|
});
|
|
217
|
+
if (!response.ok) {
|
|
218
|
+
logger?.log("INVALID_OAUTH_ACCESS_TOKEN_RESPONSE");
|
|
219
|
+
throw new OAuthProtocolError("invalid_request", "Invalid access token response");
|
|
220
|
+
}
|
|
174
221
|
const json = await response.json();
|
|
175
222
|
const token = OAuthAccessTokenResponse.safeParse(json);
|
|
176
223
|
if (!token.success) {
|
|
177
224
|
const { success, data } = OAuthAccessTokenErrorResponse.safeParse(json);
|
|
178
225
|
if (!success) {
|
|
179
|
-
|
|
226
|
+
logger?.log("INVALID_OAUTH_ACCESS_TOKEN_RESPONSE");
|
|
227
|
+
throw new OAuthProtocolError("invalid_request", "Invalid access token response format");
|
|
180
228
|
}
|
|
181
|
-
|
|
229
|
+
logger?.log("OAUTH_ACCESS_TOKEN_ERROR", {
|
|
230
|
+
structuredData: {
|
|
231
|
+
error: data.error,
|
|
232
|
+
error_description: data.error_description ?? ""
|
|
233
|
+
}
|
|
234
|
+
});
|
|
235
|
+
throw new OAuthProtocolError("INVALID_ACCESS_TOKEN", "Failed to retrieve access token");
|
|
182
236
|
}
|
|
237
|
+
logger?.log("OAUTH_ACCESS_TOKEN_SUCCESS");
|
|
183
238
|
return token.data;
|
|
184
239
|
} catch (error) {
|
|
240
|
+
logger?.log("OAUTH_ACCESS_TOKEN_REQUEST_FAILED");
|
|
241
|
+
if (error instanceof Error) {
|
|
242
|
+
throw new OAuthProtocolError("server_error", "Failed to communicate with OAuth provider", "", { cause: error });
|
|
243
|
+
}
|
|
185
244
|
throw error;
|
|
186
245
|
}
|
|
187
246
|
};
|
|
@@ -1,10 +1,15 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { j as OAuthProviderCredentials, a as InternalLogger } from '../../index-_aXtxb_s.js';
|
|
2
2
|
import 'zod';
|
|
3
3
|
import '../../schemas.js';
|
|
4
|
-
import '
|
|
4
|
+
import 'zod/v4';
|
|
5
5
|
import '@aura-stack/jose';
|
|
6
6
|
import '@aura-stack/jose/jose';
|
|
7
|
+
import '@aura-stack/jose/crypto';
|
|
8
|
+
import '@aura-stack/router/cookie';
|
|
7
9
|
import '../../@types/utility.js';
|
|
10
|
+
import 'jose';
|
|
11
|
+
import '@aura-stack/router';
|
|
12
|
+
import 'zod/v4/core';
|
|
8
13
|
|
|
9
14
|
/**
|
|
10
15
|
* Make a request to the OAuth provider to the token endpoint to exchange the authorization code provided
|
|
@@ -17,12 +22,12 @@ import '../../@types/utility.js';
|
|
|
17
22
|
* @param code - The authorization code received from the OAuth server
|
|
18
23
|
* @returns The access token response from the OAuth server
|
|
19
24
|
*/
|
|
20
|
-
declare const createAccessToken: (oauthConfig: OAuthProviderCredentials, redirectURI: string, code: string, codeVerifier: string) => Promise<{
|
|
25
|
+
declare const createAccessToken: (oauthConfig: OAuthProviderCredentials, redirectURI: string, code: string, codeVerifier: string, logger?: InternalLogger) => Promise<{
|
|
21
26
|
access_token: string;
|
|
22
27
|
token_type?: string | undefined;
|
|
23
28
|
expires_in?: number | undefined;
|
|
24
29
|
refresh_token?: string | undefined;
|
|
25
|
-
scope?: string | null | undefined;
|
|
30
|
+
scope?: string | string[] | null | undefined;
|
|
26
31
|
}>;
|
|
27
32
|
|
|
28
33
|
export { createAccessToken };
|
|
@@ -1,10 +1,9 @@
|
|
|
1
1
|
import {
|
|
2
2
|
createAccessToken
|
|
3
|
-
} from "../../chunk-
|
|
4
|
-
import "../../chunk-CXLATHS5.js";
|
|
5
|
-
import "../../chunk-RRLIF4PQ.js";
|
|
3
|
+
} from "../../chunk-7BE46WWS.js";
|
|
6
4
|
import "../../chunk-ZNCZVF6U.js";
|
|
7
|
-
import "../../chunk-
|
|
5
|
+
import "../../chunk-2A5B7GWR.js";
|
|
6
|
+
import "../../chunk-U5663F2U.js";
|
|
8
7
|
export {
|
|
9
8
|
createAccessToken
|
|
10
9
|
};
|