@aura-stack/auth 0.4.0-rc.5 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/@types/index.d.ts +8 -3
- package/dist/@types/router.d.cjs +0 -17
- package/dist/@types/router.d.d.ts +7 -2
- package/dist/@types/router.d.js +0 -1
- package/dist/actions/callback/access-token.cjs +130 -71
- package/dist/actions/callback/access-token.d.ts +9 -4
- package/dist/actions/callback/access-token.js +3 -4
- package/dist/actions/callback/callback.cjs +428 -152
- package/dist/actions/callback/callback.d.ts +11 -3
- package/dist/actions/callback/callback.js +12 -10
- package/dist/actions/callback/userinfo.cjs +159 -65
- package/dist/actions/callback/userinfo.d.ts +8 -3
- package/dist/actions/callback/userinfo.js +7 -6
- package/dist/actions/csrfToken/csrfToken.cjs +70 -19
- package/dist/actions/csrfToken/csrfToken.js +8 -7
- package/dist/actions/index.cjs +780 -348
- package/dist/actions/index.d.ts +6 -2
- package/dist/actions/index.js +23 -18
- package/dist/actions/session/session.cjs +107 -26
- package/dist/actions/session/session.js +7 -5
- package/dist/actions/signIn/authorization-url.cjs +288 -0
- package/dist/actions/signIn/authorization-url.d.ts +31 -0
- package/dist/actions/signIn/authorization-url.js +16 -0
- package/dist/actions/signIn/authorization.cjs +209 -211
- package/dist/actions/signIn/authorization.d.ts +32 -21
- package/dist/actions/signIn/authorization.js +12 -9
- package/dist/actions/signIn/signIn.cjs +470 -235
- package/dist/actions/signIn/signIn.d.ts +12 -3
- package/dist/actions/signIn/signIn.js +11 -8
- package/dist/actions/signOut/signOut.cjs +376 -228
- package/dist/actions/signOut/signOut.d.ts +1 -1
- package/dist/actions/signOut/signOut.js +10 -9
- package/dist/api/createApi.cjs +750 -0
- package/dist/api/createApi.d.ts +12 -0
- package/dist/api/createApi.js +19 -0
- package/dist/api/getSession.cjs +141 -0
- package/dist/api/getSession.d.ts +16 -0
- package/dist/api/getSession.js +10 -0
- package/dist/api/signIn.cjs +549 -0
- package/dist/api/signIn.d.ts +26 -0
- package/dist/api/signIn.js +15 -0
- package/dist/api/signOut.cjs +279 -0
- package/dist/api/signOut.d.ts +16 -0
- package/dist/api/signOut.js +13 -0
- package/dist/assert.cjs +150 -5
- package/dist/assert.d.ts +26 -3
- package/dist/assert.js +17 -3
- package/dist/{chunk-YRCB5FLE.js → chunk-2A5B7GWR.js} +52 -6
- package/dist/chunk-2GQLSIJ2.js +40 -0
- package/dist/chunk-2IR674WX.js +44 -0
- package/dist/chunk-3J5TUH2I.js +50 -0
- package/dist/chunk-4RWSYUKX.js +98 -0
- package/dist/chunk-4YHJ4IEQ.js +25 -0
- package/dist/chunk-54CZPKR4.js +25 -0
- package/dist/chunk-5LZ7TOM3.js +25 -0
- package/dist/chunk-7BE46WWS.js +88 -0
- package/dist/chunk-7YYXFKLR.js +35 -0
- package/dist/chunk-C3A37LQC.js +33 -0
- package/dist/chunk-CITNGXDA.js +31 -0
- package/dist/chunk-CWX724AG.js +78 -0
- package/dist/chunk-D2CSIUKP.js +74 -0
- package/dist/chunk-E6G5YCI6.js +25 -0
- package/dist/chunk-EBAMFRB7.js +34 -0
- package/dist/chunk-EEE7UM5T.js +25 -0
- package/dist/{chunk-HT4YLL7N.js → chunk-FPCVZUVG.js} +10 -8
- package/dist/chunk-FW4W3REU.js +25 -0
- package/dist/chunk-GNNBM2WJ.js +83 -0
- package/dist/chunk-IPKO6UQN.js +25 -0
- package/dist/chunk-JOCGX3RP.js +59 -0
- package/dist/chunk-KBXWTD6E.js +94 -0
- package/dist/chunk-KMMAZFSJ.js +25 -0
- package/dist/chunk-LATR3NIV.js +117 -0
- package/dist/chunk-LAYPUDQF.js +39 -0
- package/dist/chunk-LDU7A2JE.js +25 -0
- package/dist/chunk-LX3TJ2TJ.js +294 -0
- package/dist/chunk-NHZBQNRR.js +143 -0
- package/dist/chunk-OVHNRULD.js +33 -0
- package/dist/chunk-PDP3PHB3.js +127 -0
- package/dist/chunk-PHYNROD4.js +47 -0
- package/dist/chunk-QQEKY4XP.js +29 -0
- package/dist/chunk-U4RK4LKJ.js +348 -0
- package/dist/{chunk-RRLIF4PQ.js → chunk-U5663F2U.js} +16 -1
- package/dist/chunk-UN7X6SU5.js +53 -0
- package/dist/chunk-UZQJJD6A.js +100 -0
- package/dist/chunk-V6LLEAR4.js +80 -0
- package/dist/chunk-WHNDRO3N.js +50 -0
- package/dist/{chunk-W6LG7BFW.js → chunk-XY5R3EHH.js} +30 -23
- package/dist/client/client.cjs +135 -0
- package/dist/client/client.d.ts +85 -0
- package/dist/client/client.js +9 -0
- package/dist/client/index.cjs +135 -0
- package/dist/client/index.d.ts +14 -0
- package/dist/client/index.js +10 -0
- package/dist/context.cjs +1237 -0
- package/dist/context.d.ts +16 -0
- package/dist/context.js +28 -0
- package/dist/cookie.cjs +57 -22
- package/dist/cookie.d.ts +11 -6
- package/dist/cookie.js +3 -2
- package/dist/createAuth.cjs +2320 -0
- package/dist/createAuth.d.ts +12 -0
- package/dist/createAuth.js +48 -0
- package/dist/env.cjs +78 -0
- package/dist/env.d.ts +10 -0
- package/dist/env.js +12 -0
- package/dist/errors.cjs +17 -0
- package/dist/errors.d.ts +15 -4
- package/dist/errors.js +5 -1
- package/dist/headers.cjs +28 -2
- package/dist/headers.d.ts +25 -1
- package/dist/headers.js +9 -3
- package/dist/index-_aXtxb_s.d.ts +1377 -0
- package/dist/index.cjs +1843 -610
- package/dist/index.d.ts +11 -92
- package/dist/index.js +53 -85
- package/dist/jose.cjs +113 -38
- package/dist/jose.d.ts +12 -23
- package/dist/jose.js +17 -7
- package/dist/logger.cjs +424 -0
- package/dist/logger.d.ts +12 -0
- package/dist/logger.js +17 -0
- package/dist/oauth/atlassian.cjs +57 -0
- package/dist/oauth/atlassian.d.ts +12 -0
- package/dist/oauth/atlassian.js +6 -0
- package/dist/oauth/bitbucket.cjs +19 -15
- package/dist/oauth/bitbucket.d.ts +7 -2
- package/dist/oauth/bitbucket.js +1 -1
- package/dist/oauth/discord.cjs +27 -24
- package/dist/oauth/discord.d.ts +7 -2
- package/dist/oauth/discord.js +1 -1
- package/dist/oauth/dropbox.cjs +53 -0
- package/dist/oauth/dropbox.d.ts +12 -0
- package/dist/oauth/dropbox.js +6 -0
- package/dist/oauth/figma.cjs +19 -16
- package/dist/oauth/figma.d.ts +7 -2
- package/dist/oauth/figma.js +1 -1
- package/dist/oauth/github.cjs +19 -8
- package/dist/oauth/github.d.ts +7 -2
- package/dist/oauth/github.js +1 -1
- package/dist/oauth/gitlab.cjs +19 -16
- package/dist/oauth/gitlab.d.ts +7 -2
- package/dist/oauth/gitlab.js +1 -1
- package/dist/oauth/index.cjs +529 -239
- package/dist/oauth/index.d.ts +7 -2
- package/dist/oauth/index.js +39 -22
- package/dist/oauth/mailchimp.cjs +19 -16
- package/dist/oauth/mailchimp.d.ts +7 -2
- package/dist/oauth/mailchimp.js +1 -1
- package/dist/oauth/notion.cjs +131 -0
- package/dist/oauth/notion.d.ts +12 -0
- package/dist/oauth/notion.js +9 -0
- package/dist/oauth/pinterest.cjs +19 -16
- package/dist/oauth/pinterest.d.ts +7 -2
- package/dist/oauth/pinterest.js +1 -1
- package/dist/oauth/spotify.cjs +19 -16
- package/dist/oauth/spotify.d.ts +7 -2
- package/dist/oauth/spotify.js +1 -1
- package/dist/oauth/strava.cjs +19 -16
- package/dist/oauth/strava.d.ts +7 -2
- package/dist/oauth/strava.js +1 -1
- package/dist/oauth/twitch.cjs +95 -0
- package/dist/oauth/twitch.d.ts +12 -0
- package/dist/oauth/twitch.js +7 -0
- package/dist/oauth/x.cjs +19 -16
- package/dist/oauth/x.d.ts +7 -2
- package/dist/oauth/x.js +1 -1
- package/dist/schemas.cjs +89 -42
- package/dist/schemas.d.ts +114 -18
- package/dist/schemas.js +5 -3
- package/dist/secure.cjs +73 -31
- package/dist/secure.d.ts +11 -11
- package/dist/secure.js +7 -6
- package/dist/utils.cjs +203 -90
- package/dist/utils.d.ts +21 -40
- package/dist/utils.js +21 -12
- package/package.json +9 -6
- package/dist/chunk-3EUWD5BB.js +0 -63
- package/dist/chunk-42XB3YCW.js +0 -22
- package/dist/chunk-6R2YZ4AC.js +0 -22
- package/dist/chunk-A3N4PVAT.js +0 -70
- package/dist/chunk-B737EUJV.js +0 -22
- package/dist/chunk-CXLATHS5.js +0 -143
- package/dist/chunk-E3OXBRYF.js +0 -22
- package/dist/chunk-EIL2FPSS.js +0 -22
- package/dist/chunk-EMKJA2GJ.js +0 -89
- package/dist/chunk-FIPU4MLT.js +0 -21
- package/dist/chunk-FKRDCWBF.js +0 -22
- package/dist/chunk-GA2SMTJO.js +0 -58
- package/dist/chunk-HP34YGGJ.js +0 -22
- package/dist/chunk-IKHPGFCW.js +0 -14
- package/dist/chunk-IUYZQTJV.js +0 -30
- package/dist/chunk-IVET23KF.js +0 -58
- package/dist/chunk-JVFTCTTE.js +0 -33
- package/dist/chunk-KRNOMBXQ.js +0 -22
- package/dist/chunk-KSWLO5ZU.js +0 -102
- package/dist/chunk-N2APGLXA.js +0 -71
- package/dist/chunk-N4SX7TZT.js +0 -96
- package/dist/chunk-STHEPPUZ.js +0 -11
- package/dist/chunk-TLE4PXY3.js +0 -39
- package/dist/index-B8jeIElf.d.ts +0 -679
- /package/dist/{chunk-DIVDFNAP.js → chunk-5X7JZMEF.js} +0 -0
package/dist/oauth/index.cjs
CHANGED
|
@@ -20,233 +20,527 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
|
|
|
20
20
|
// src/oauth/index.ts
|
|
21
21
|
var oauth_exports = {};
|
|
22
22
|
__export(oauth_exports, {
|
|
23
|
+
atlassian: () => atlassian,
|
|
23
24
|
bitbucket: () => bitbucket,
|
|
24
25
|
builtInOAuthProviders: () => builtInOAuthProviders,
|
|
25
26
|
createBuiltInOAuthProviders: () => createBuiltInOAuthProviders,
|
|
26
27
|
discord: () => discord,
|
|
28
|
+
dropbox: () => dropbox,
|
|
27
29
|
figma: () => figma,
|
|
28
30
|
github: () => github,
|
|
29
31
|
gitlab: () => gitlab,
|
|
30
32
|
mailchimp: () => mailchimp,
|
|
33
|
+
notion: () => notion,
|
|
31
34
|
pinterest: () => pinterest,
|
|
32
35
|
spotify: () => spotify,
|
|
33
36
|
strava: () => strava,
|
|
37
|
+
twitch: () => twitch,
|
|
34
38
|
x: () => x
|
|
35
39
|
});
|
|
36
40
|
module.exports = __toCommonJS(oauth_exports);
|
|
37
41
|
|
|
42
|
+
// src/env.ts
|
|
43
|
+
var import_meta = {};
|
|
44
|
+
var env = new Proxy({}, {
|
|
45
|
+
get(_, prop) {
|
|
46
|
+
if (typeof prop !== "string") return void 0;
|
|
47
|
+
const hasProperty = (process2) => {
|
|
48
|
+
return process2 && Object.prototype.hasOwnProperty.call(process2, prop);
|
|
49
|
+
};
|
|
50
|
+
try {
|
|
51
|
+
if (typeof process !== "undefined" && hasProperty(process.env)) {
|
|
52
|
+
return process.env[prop];
|
|
53
|
+
}
|
|
54
|
+
if (typeof import_meta !== "undefined" && hasProperty(import_meta.env)) {
|
|
55
|
+
return import_meta.env[prop];
|
|
56
|
+
}
|
|
57
|
+
if (typeof Deno !== "undefined" && Deno.env?.get) {
|
|
58
|
+
return Deno.env.get(prop);
|
|
59
|
+
}
|
|
60
|
+
if (typeof Bun !== "undefined" && hasProperty(Bun.env)) {
|
|
61
|
+
return Bun.env[prop];
|
|
62
|
+
}
|
|
63
|
+
const globalValue = globalThis[prop];
|
|
64
|
+
return typeof globalValue === "string" ? globalValue : void 0;
|
|
65
|
+
} catch {
|
|
66
|
+
return void 0;
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
});
|
|
70
|
+
var getEnv = (key) => {
|
|
71
|
+
const keys = [`AURA_AUTH_${key.toUpperCase()}`, `AURA_${key.toUpperCase()}`, `AUTH_${key.toUpperCase()}`, key.toUpperCase()];
|
|
72
|
+
return env[keys.find((k) => env[k]) ?? ""];
|
|
73
|
+
};
|
|
74
|
+
|
|
38
75
|
// src/oauth/github.ts
|
|
39
|
-
var github = {
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
76
|
+
var github = (options2) => {
|
|
77
|
+
return {
|
|
78
|
+
id: "github",
|
|
79
|
+
name: "GitHub",
|
|
80
|
+
authorizeURL: "https://github.com/login/oauth/authorize",
|
|
81
|
+
accessToken: "https://github.com/login/oauth/access_token",
|
|
82
|
+
userInfo: "https://api.github.com/user",
|
|
83
|
+
scope: "read:user user:email",
|
|
84
|
+
responseType: "code",
|
|
85
|
+
profile: (profile) => {
|
|
86
|
+
return {
|
|
87
|
+
sub: profile.id.toString(),
|
|
88
|
+
name: profile.name ?? profile.login,
|
|
89
|
+
email: profile.email ?? void 0,
|
|
90
|
+
image: profile.avatar_url
|
|
91
|
+
};
|
|
92
|
+
},
|
|
93
|
+
...options2
|
|
94
|
+
};
|
|
47
95
|
};
|
|
48
96
|
|
|
49
97
|
// src/oauth/bitbucket.ts
|
|
50
|
-
var bitbucket = {
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
98
|
+
var bitbucket = (options2) => {
|
|
99
|
+
return {
|
|
100
|
+
id: "bitbucket",
|
|
101
|
+
name: "Bitbucket",
|
|
102
|
+
authorizeURL: "https://bitbucket.org/site/oauth2/authorize",
|
|
103
|
+
accessToken: "https://bitbucket.org/site/oauth2/access_token",
|
|
104
|
+
userInfo: "https://api.bitbucket.org/2.0/user",
|
|
105
|
+
scope: "account email",
|
|
106
|
+
responseType: "code",
|
|
107
|
+
profile(profile) {
|
|
108
|
+
return {
|
|
109
|
+
sub: profile.uuid ?? profile.account_id,
|
|
110
|
+
name: profile.display_name ?? profile.nickname,
|
|
111
|
+
image: profile.links.avatar?.href,
|
|
112
|
+
email: void 0
|
|
113
|
+
};
|
|
114
|
+
},
|
|
115
|
+
...options2
|
|
116
|
+
};
|
|
65
117
|
};
|
|
66
118
|
|
|
67
119
|
// src/oauth/figma.ts
|
|
68
|
-
var figma = {
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
120
|
+
var figma = (options2) => {
|
|
121
|
+
return {
|
|
122
|
+
id: "figma",
|
|
123
|
+
name: "Figma",
|
|
124
|
+
authorizeURL: "https://www.figma.com/oauth",
|
|
125
|
+
accessToken: "https://api.figma.com/v1/oauth/token",
|
|
126
|
+
userInfo: "https://api.figma.com/v1/me",
|
|
127
|
+
scope: "current_user:read",
|
|
128
|
+
responseType: "code",
|
|
129
|
+
profile(profile) {
|
|
130
|
+
return {
|
|
131
|
+
sub: profile.id,
|
|
132
|
+
name: profile.handle,
|
|
133
|
+
email: profile.email,
|
|
134
|
+
image: profile.img_url
|
|
135
|
+
};
|
|
136
|
+
},
|
|
137
|
+
...options2
|
|
138
|
+
};
|
|
84
139
|
};
|
|
85
140
|
|
|
86
141
|
// src/oauth/discord.ts
|
|
87
|
-
var discord = {
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
142
|
+
var discord = (options2) => {
|
|
143
|
+
return {
|
|
144
|
+
id: "discord",
|
|
145
|
+
name: "Discord",
|
|
146
|
+
authorizeURL: "https://discord.com/oauth2/authorize",
|
|
147
|
+
accessToken: "https://discord.com/api/oauth2/token",
|
|
148
|
+
userInfo: "https://discord.com/api/users/@me",
|
|
149
|
+
scope: "identify email",
|
|
150
|
+
responseType: "code",
|
|
151
|
+
profile(profile) {
|
|
152
|
+
let image = "";
|
|
153
|
+
if (profile.avatar === null) {
|
|
154
|
+
const index = profile.discriminator === "0" ? (BigInt(profile.id) >> 22n) % 6n : Number(profile.discriminator) % 5;
|
|
155
|
+
image = `https://cdn.discordapp.com/embed/avatars/${index}.png`;
|
|
156
|
+
} else {
|
|
157
|
+
const format = profile.avatar.startsWith("a_") ? "gif" : "png";
|
|
158
|
+
image = `https://cdn.discordapp.com/avatars/${profile.id}/${profile.avatar}.${format}`;
|
|
159
|
+
}
|
|
160
|
+
return {
|
|
161
|
+
sub: profile.id,
|
|
162
|
+
name: profile.global_name ?? profile.username,
|
|
163
|
+
email: profile.email ?? "",
|
|
164
|
+
image
|
|
165
|
+
};
|
|
166
|
+
},
|
|
167
|
+
...options2
|
|
168
|
+
};
|
|
111
169
|
};
|
|
112
170
|
|
|
113
171
|
// src/oauth/gitlab.ts
|
|
114
|
-
var gitlab = {
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
172
|
+
var gitlab = (options2) => {
|
|
173
|
+
return {
|
|
174
|
+
id: "gitlab",
|
|
175
|
+
name: "GitLab",
|
|
176
|
+
authorizeURL: "https://gitlab.com/oauth/authorize",
|
|
177
|
+
accessToken: "https://gitlab.com/oauth/token",
|
|
178
|
+
userInfo: "https://gitlab.com/api/v4/user",
|
|
179
|
+
scope: "read_user",
|
|
180
|
+
responseType: "code",
|
|
181
|
+
profile(profile) {
|
|
182
|
+
return {
|
|
183
|
+
sub: profile.id.toString(),
|
|
184
|
+
name: profile.name ?? profile.username,
|
|
185
|
+
email: profile.email,
|
|
186
|
+
image: profile.avatar_url
|
|
187
|
+
};
|
|
188
|
+
},
|
|
189
|
+
...options2
|
|
190
|
+
};
|
|
130
191
|
};
|
|
131
192
|
|
|
132
193
|
// src/oauth/spotify.ts
|
|
133
|
-
var spotify = {
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
194
|
+
var spotify = (options2) => {
|
|
195
|
+
return {
|
|
196
|
+
id: "spotify",
|
|
197
|
+
name: "Spotify",
|
|
198
|
+
authorizeURL: "https://accounts.spotify.com/authorize",
|
|
199
|
+
accessToken: "https://accounts.spotify.com/api/token",
|
|
200
|
+
userInfo: "https://api.spotify.com/v1/me",
|
|
201
|
+
scope: "user-read-private user-read-email",
|
|
202
|
+
responseType: "code",
|
|
203
|
+
profile(profile) {
|
|
204
|
+
return {
|
|
205
|
+
sub: profile.id,
|
|
206
|
+
name: profile.display_name,
|
|
207
|
+
email: profile.email,
|
|
208
|
+
image: profile.images[0]?.url ?? void 0
|
|
209
|
+
};
|
|
210
|
+
},
|
|
211
|
+
...options2
|
|
212
|
+
};
|
|
149
213
|
};
|
|
150
214
|
|
|
151
215
|
// src/oauth/x.ts
|
|
152
|
-
var x = {
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
216
|
+
var x = (options2) => {
|
|
217
|
+
return {
|
|
218
|
+
id: "x",
|
|
219
|
+
name: "X",
|
|
220
|
+
authorizeURL: "https://twitter.com/i/oauth2/authorize",
|
|
221
|
+
accessToken: "https://api.twitter.com/2/oauth2/token",
|
|
222
|
+
userInfo: "https://api.twitter.com/2/users/me?user.fields=profile_image_url",
|
|
223
|
+
scope: "tweet.read users.read offline.access",
|
|
224
|
+
responseType: "code",
|
|
225
|
+
profile(profile) {
|
|
226
|
+
return {
|
|
227
|
+
sub: profile.data.id,
|
|
228
|
+
name: profile.data.name,
|
|
229
|
+
image: profile.data.profile_image_url,
|
|
230
|
+
email: void 0
|
|
231
|
+
};
|
|
232
|
+
},
|
|
233
|
+
...options2
|
|
234
|
+
};
|
|
168
235
|
};
|
|
169
236
|
|
|
170
237
|
// src/oauth/strava.ts
|
|
171
|
-
var strava = {
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
238
|
+
var strava = (options2) => {
|
|
239
|
+
return {
|
|
240
|
+
id: "strava",
|
|
241
|
+
name: "Strava",
|
|
242
|
+
authorizeURL: "https://www.strava.com/oauth/authorize",
|
|
243
|
+
accessToken: "https://www.strava.com/oauth/token",
|
|
244
|
+
userInfo: "https://www.strava.com/api/v3/athlete",
|
|
245
|
+
scope: "read",
|
|
246
|
+
responseType: "code",
|
|
247
|
+
profile(profile) {
|
|
248
|
+
return {
|
|
249
|
+
sub: profile.id.toString(),
|
|
250
|
+
name: `${profile.firstname} ${profile.lastname}`,
|
|
251
|
+
image: profile.profile,
|
|
252
|
+
email: void 0
|
|
253
|
+
};
|
|
254
|
+
},
|
|
255
|
+
...options2
|
|
256
|
+
};
|
|
187
257
|
};
|
|
188
258
|
|
|
189
259
|
// src/oauth/mailchimp.ts
|
|
190
|
-
var mailchimp = {
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
205
|
-
|
|
260
|
+
var mailchimp = (options2) => {
|
|
261
|
+
return {
|
|
262
|
+
id: "mailchimp",
|
|
263
|
+
name: "Mailchimp",
|
|
264
|
+
authorizeURL: "https://login.mailchimp.com/oauth2/authorize",
|
|
265
|
+
accessToken: "https://login.mailchimp.com/oauth2/token",
|
|
266
|
+
userInfo: "https://login.mailchimp.com/oauth2/metadata",
|
|
267
|
+
scope: "",
|
|
268
|
+
responseType: "code",
|
|
269
|
+
profile(profile) {
|
|
270
|
+
return {
|
|
271
|
+
sub: profile.user_id,
|
|
272
|
+
name: profile.accountname,
|
|
273
|
+
email: profile.login.email,
|
|
274
|
+
image: profile.login.avatar
|
|
275
|
+
};
|
|
276
|
+
},
|
|
277
|
+
...options2
|
|
278
|
+
};
|
|
206
279
|
};
|
|
207
280
|
|
|
208
281
|
// src/oauth/pinterest.ts
|
|
209
|
-
var pinterest = {
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
|
|
215
|
-
|
|
216
|
-
|
|
217
|
-
|
|
282
|
+
var pinterest = (options2) => {
|
|
283
|
+
return {
|
|
284
|
+
id: "pinterest",
|
|
285
|
+
name: "Pinterest",
|
|
286
|
+
authorizeURL: "https://www.pinterest.com/oauth",
|
|
287
|
+
accessToken: "https://api.pinterest.com/v5/oauth/token",
|
|
288
|
+
userInfo: "https://api.pinterest.com/v5/user_account",
|
|
289
|
+
scope: "user_accounts:read",
|
|
290
|
+
responseType: "code",
|
|
291
|
+
profile(profile) {
|
|
292
|
+
return {
|
|
293
|
+
sub: profile.id,
|
|
294
|
+
name: profile.username,
|
|
295
|
+
image: profile.profile_image,
|
|
296
|
+
email: void 0
|
|
297
|
+
};
|
|
298
|
+
},
|
|
299
|
+
...options2
|
|
300
|
+
};
|
|
301
|
+
};
|
|
302
|
+
|
|
303
|
+
// src/oauth/twitch.ts
|
|
304
|
+
var twitch = (options2) => {
|
|
305
|
+
const clientId = options2?.clientId ?? getEnv("TWITCH_CLIENT_ID");
|
|
306
|
+
return {
|
|
307
|
+
id: "twitch",
|
|
308
|
+
name: "Twitch",
|
|
309
|
+
authorize: {
|
|
310
|
+
url: "https://id.twitch.tv/oauth2/authorize",
|
|
311
|
+
params: { scope: "user:read:email", responseType: "code" }
|
|
312
|
+
},
|
|
313
|
+
accessToken: "https://id.twitch.tv/oauth2/token",
|
|
314
|
+
userInfo: {
|
|
315
|
+
url: "https://api.twitch.tv/helix/users",
|
|
316
|
+
headers: {
|
|
317
|
+
"Client-ID": clientId
|
|
318
|
+
}
|
|
319
|
+
},
|
|
320
|
+
profile(profile) {
|
|
321
|
+
const user = profile.data[0];
|
|
322
|
+
if (!user) {
|
|
323
|
+
throw new Error("No user data found in Twitch profile response");
|
|
324
|
+
}
|
|
325
|
+
return {
|
|
326
|
+
sub: user.id,
|
|
327
|
+
name: user.display_name,
|
|
328
|
+
email: user.email,
|
|
329
|
+
picture: user.profile_image_url
|
|
330
|
+
};
|
|
331
|
+
},
|
|
332
|
+
...options2
|
|
333
|
+
};
|
|
334
|
+
};
|
|
335
|
+
|
|
336
|
+
// src/utils.ts
|
|
337
|
+
var import_router = require("@aura-stack/router");
|
|
338
|
+
|
|
339
|
+
// src/errors.ts
|
|
340
|
+
var AuthInternalError = class extends Error {
|
|
341
|
+
type = "AUTH_INTERNAL_ERROR";
|
|
342
|
+
code;
|
|
343
|
+
constructor(code, message, options2) {
|
|
344
|
+
super(message, options2);
|
|
345
|
+
this.code = code;
|
|
346
|
+
this.name = new.target.name;
|
|
347
|
+
Error.captureStackTrace(this, new.target);
|
|
348
|
+
}
|
|
349
|
+
};
|
|
350
|
+
|
|
351
|
+
// src/assert.ts
|
|
352
|
+
var import_crypto = require("@aura-stack/jose/crypto");
|
|
353
|
+
|
|
354
|
+
// src/utils.ts
|
|
355
|
+
var formatZodError = (error) => {
|
|
356
|
+
if (!error.issues || error.issues.length === 0) {
|
|
357
|
+
return {};
|
|
358
|
+
}
|
|
359
|
+
return error.issues.reduce((previous, issue) => {
|
|
360
|
+
const key = issue.path.join(".");
|
|
218
361
|
return {
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
|
|
362
|
+
...previous,
|
|
363
|
+
[key]: {
|
|
364
|
+
code: issue.code,
|
|
365
|
+
message: issue.message
|
|
366
|
+
}
|
|
223
367
|
};
|
|
368
|
+
}, {});
|
|
369
|
+
};
|
|
370
|
+
var createBasicAuthHeader = (username, password) => {
|
|
371
|
+
const getUsername = getEnv(username.toUpperCase()) ?? username;
|
|
372
|
+
const getPassword = getEnv(password.toUpperCase()) ?? password;
|
|
373
|
+
if (!getUsername || !getPassword) {
|
|
374
|
+
throw new AuthInternalError("INVALID_OAUTH_CONFIGURATION", "Missing client credentials for OAuth provider configuration.");
|
|
224
375
|
}
|
|
376
|
+
const credentials = `${getUsername}:${getPassword}`;
|
|
377
|
+
return `Basic ${btoa(credentials)}`;
|
|
378
|
+
};
|
|
379
|
+
|
|
380
|
+
// src/oauth/notion.ts
|
|
381
|
+
var notion = (options2) => {
|
|
382
|
+
return {
|
|
383
|
+
id: "notion",
|
|
384
|
+
name: "Notion",
|
|
385
|
+
authorize: {
|
|
386
|
+
url: "https://api.notion.com/v1/oauth/authorize",
|
|
387
|
+
params: {
|
|
388
|
+
owner: "user",
|
|
389
|
+
scope: "user:read",
|
|
390
|
+
responseType: "code"
|
|
391
|
+
}
|
|
392
|
+
},
|
|
393
|
+
accessToken: {
|
|
394
|
+
url: "https://api.notion.com/v1/oauth/token",
|
|
395
|
+
headers: {
|
|
396
|
+
Authorization: createBasicAuthHeader(
|
|
397
|
+
options2?.clientId ?? "NOTION_CLIENT_ID",
|
|
398
|
+
options2?.clientSecret ?? "NOTION_CLIENT_SECRET"
|
|
399
|
+
)
|
|
400
|
+
}
|
|
401
|
+
},
|
|
402
|
+
userInfo: {
|
|
403
|
+
url: "https://api.notion.com/v1/users/me",
|
|
404
|
+
headers: {
|
|
405
|
+
"Notion-Version": "2022-06-28"
|
|
406
|
+
}
|
|
407
|
+
},
|
|
408
|
+
profile(profile) {
|
|
409
|
+
return {
|
|
410
|
+
sub: profile.id,
|
|
411
|
+
name: profile.name,
|
|
412
|
+
image: profile.avatar_url ?? "",
|
|
413
|
+
email: profile?.bot?.owner?.user?.person?.email
|
|
414
|
+
};
|
|
415
|
+
},
|
|
416
|
+
...options2
|
|
417
|
+
};
|
|
418
|
+
};
|
|
419
|
+
|
|
420
|
+
// src/oauth/dropbox.ts
|
|
421
|
+
var dropbox = (options2) => {
|
|
422
|
+
return {
|
|
423
|
+
id: "dropbox",
|
|
424
|
+
name: "Dropbox",
|
|
425
|
+
authorize: {
|
|
426
|
+
url: "https://www.dropbox.com/oauth2/authorize",
|
|
427
|
+
params: { scope: "account_info.read" }
|
|
428
|
+
},
|
|
429
|
+
accessToken: "https://api.dropboxapi.com/oauth2/token",
|
|
430
|
+
userInfo: {
|
|
431
|
+
method: "POST",
|
|
432
|
+
url: "https://api.dropboxapi.com/2/users/get_current_account"
|
|
433
|
+
},
|
|
434
|
+
profile(profile) {
|
|
435
|
+
return {
|
|
436
|
+
sub: profile.account_id,
|
|
437
|
+
name: profile.name.display_name,
|
|
438
|
+
email: profile.email,
|
|
439
|
+
image: profile.profile_photo_url
|
|
440
|
+
};
|
|
441
|
+
},
|
|
442
|
+
...options2
|
|
443
|
+
};
|
|
444
|
+
};
|
|
445
|
+
|
|
446
|
+
// src/oauth/atlassian.ts
|
|
447
|
+
var atlassian = (options2) => {
|
|
448
|
+
return {
|
|
449
|
+
id: "atlassian",
|
|
450
|
+
name: "Atlassian",
|
|
451
|
+
authorize: {
|
|
452
|
+
url: "https://auth.atlassian.com/authorize",
|
|
453
|
+
params: {
|
|
454
|
+
audience: "api.atlassian.com",
|
|
455
|
+
scope: "read:me read:account",
|
|
456
|
+
prompt: "consent"
|
|
457
|
+
}
|
|
458
|
+
},
|
|
459
|
+
authorizeURL: "https://auth.atlassian.com/authorize",
|
|
460
|
+
accessToken: "https://auth.atlassian.com/oauth/token",
|
|
461
|
+
userInfo: "https://api.atlassian.com/me",
|
|
462
|
+
scope: "read:me read:account",
|
|
463
|
+
responseType: "code",
|
|
464
|
+
profile(profile) {
|
|
465
|
+
return {
|
|
466
|
+
sub: profile.account_id,
|
|
467
|
+
name: profile.name,
|
|
468
|
+
email: profile.email,
|
|
469
|
+
image: profile.picture
|
|
470
|
+
};
|
|
471
|
+
},
|
|
472
|
+
...options2
|
|
473
|
+
};
|
|
225
474
|
};
|
|
226
475
|
|
|
227
476
|
// src/schemas.ts
|
|
228
|
-
var
|
|
229
|
-
var
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
|
|
477
|
+
var import_v4 = require("zod/v4");
|
|
478
|
+
var AuthorizeConfigSchema = import_v4.z.union([
|
|
479
|
+
(0, import_v4.string)().url(),
|
|
480
|
+
(0, import_v4.object)({
|
|
481
|
+
url: (0, import_v4.string)().url(),
|
|
482
|
+
params: (0, import_v4.object)({
|
|
483
|
+
responseType: (0, import_v4.enum)(["code", "token", "id_token", "refresh_token"]).optional(),
|
|
484
|
+
scope: (0, import_v4.string)().optional()
|
|
485
|
+
})
|
|
486
|
+
})
|
|
487
|
+
]);
|
|
488
|
+
var AccessTokenConfigSchema = import_v4.z.union([
|
|
489
|
+
(0, import_v4.string)().url(),
|
|
490
|
+
(0, import_v4.object)({
|
|
491
|
+
url: (0, import_v4.string)().url(),
|
|
492
|
+
headers: import_v4.z.record((0, import_v4.string)(), (0, import_v4.string)()).optional()
|
|
493
|
+
})
|
|
494
|
+
]);
|
|
495
|
+
var UserInfoConfigSchema = import_v4.z.union([
|
|
496
|
+
(0, import_v4.string)().url(),
|
|
497
|
+
(0, import_v4.object)({
|
|
498
|
+
url: (0, import_v4.string)().url(),
|
|
499
|
+
headers: import_v4.z.record((0, import_v4.string)(), (0, import_v4.string)()).optional(),
|
|
500
|
+
method: (0, import_v4.string)().optional()
|
|
501
|
+
})
|
|
502
|
+
]);
|
|
503
|
+
var OAuthProviderCredentialsSchema = (0, import_v4.object)({
|
|
504
|
+
id: (0, import_v4.string)(),
|
|
505
|
+
name: (0, import_v4.string)(),
|
|
506
|
+
authorize: AuthorizeConfigSchema.optional(),
|
|
507
|
+
/** @deprecated */
|
|
508
|
+
authorizeURL: (0, import_v4.string)().url().optional(),
|
|
509
|
+
accessToken: AccessTokenConfigSchema,
|
|
510
|
+
/** @deprecated */
|
|
511
|
+
scope: (0, import_v4.string)().optional(),
|
|
512
|
+
userInfo: UserInfoConfigSchema,
|
|
513
|
+
/** @deprecated */
|
|
514
|
+
responseType: (0, import_v4.enum)(["code", "token", "id_token", "refresh_token"]).optional(),
|
|
515
|
+
clientId: (0, import_v4.string)(),
|
|
516
|
+
clientSecret: (0, import_v4.string)(),
|
|
517
|
+
profile: import_v4.z.function().optional()
|
|
518
|
+
});
|
|
519
|
+
var OAuthProviderConfigSchema = (0, import_v4.object)({
|
|
520
|
+
authorize: AuthorizeConfigSchema.optional(),
|
|
521
|
+
/** @deprecated */
|
|
522
|
+
authorizeURL: (0, import_v4.string)().url().optional(),
|
|
523
|
+
accessToken: AccessTokenConfigSchema,
|
|
524
|
+
/** @deprecated */
|
|
525
|
+
scope: (0, import_v4.string)().optional(),
|
|
526
|
+
userInfo: UserInfoConfigSchema,
|
|
527
|
+
/** @deprecated */
|
|
528
|
+
responseType: (0, import_v4.enum)(["code", "token", "id_token", "refresh_token"]).optional(),
|
|
529
|
+
clientId: (0, import_v4.string)(),
|
|
530
|
+
clientSecret: (0, import_v4.string)()
|
|
237
531
|
});
|
|
238
532
|
var OAuthAuthorization = OAuthProviderConfigSchema.extend({
|
|
239
|
-
redirectURI: (0,
|
|
240
|
-
state: (0,
|
|
241
|
-
codeChallenge: (0,
|
|
242
|
-
codeChallengeMethod: (0,
|
|
533
|
+
redirectURI: (0, import_v4.string)(),
|
|
534
|
+
state: (0, import_v4.string)(),
|
|
535
|
+
codeChallenge: (0, import_v4.string)(),
|
|
536
|
+
codeChallengeMethod: (0, import_v4.enum)(["plain", "S256"])
|
|
243
537
|
});
|
|
244
|
-
var OAuthAuthorizationResponse = (0,
|
|
245
|
-
state: (0,
|
|
246
|
-
code: (0,
|
|
538
|
+
var OAuthAuthorizationResponse = (0, import_v4.object)({
|
|
539
|
+
state: (0, import_v4.string)({ message: "Missing state parameter in the OAuth authorization response." }),
|
|
540
|
+
code: (0, import_v4.string)({ message: "Missing code parameter in the OAuth authorization response." })
|
|
247
541
|
});
|
|
248
|
-
var OAuthAuthorizationErrorResponse = (0,
|
|
249
|
-
error: (0,
|
|
542
|
+
var OAuthAuthorizationErrorResponse = (0, import_v4.object)({
|
|
543
|
+
error: (0, import_v4.enum)([
|
|
250
544
|
"invalid_request",
|
|
251
545
|
"unauthorized_client",
|
|
252
546
|
"access_denied",
|
|
@@ -255,24 +549,24 @@ var OAuthAuthorizationErrorResponse = (0, import_zod.object)({
|
|
|
255
549
|
"server_error",
|
|
256
550
|
"temporarily_unavailable"
|
|
257
551
|
]),
|
|
258
|
-
error_description: (0,
|
|
259
|
-
error_uri: (0,
|
|
260
|
-
state: (0,
|
|
552
|
+
error_description: (0, import_v4.string)().optional(),
|
|
553
|
+
error_uri: (0, import_v4.string)().optional(),
|
|
554
|
+
state: (0, import_v4.string)()
|
|
261
555
|
});
|
|
262
556
|
var OAuthAccessToken = OAuthProviderConfigSchema.extend({
|
|
263
|
-
redirectURI: (0,
|
|
264
|
-
code: (0,
|
|
265
|
-
codeVerifier: (0,
|
|
557
|
+
redirectURI: (0, import_v4.string)(),
|
|
558
|
+
code: (0, import_v4.string)(),
|
|
559
|
+
codeVerifier: (0, import_v4.string)().min(43).max(128)
|
|
266
560
|
});
|
|
267
|
-
var OAuthAccessTokenResponse = (0,
|
|
268
|
-
access_token: (0,
|
|
269
|
-
token_type: (0,
|
|
270
|
-
expires_in: (0,
|
|
271
|
-
refresh_token: (0,
|
|
272
|
-
scope: (0,
|
|
561
|
+
var OAuthAccessTokenResponse = (0, import_v4.object)({
|
|
562
|
+
access_token: (0, import_v4.string)(),
|
|
563
|
+
token_type: (0, import_v4.string)().optional(),
|
|
564
|
+
expires_in: (0, import_v4.number)().optional(),
|
|
565
|
+
refresh_token: (0, import_v4.string)().optional(),
|
|
566
|
+
scope: (0, import_v4.union)([(0, import_v4.string)().optional().or((0, import_v4.null)()), (0, import_v4.array)((0, import_v4.string)()).optional()])
|
|
273
567
|
});
|
|
274
|
-
var OAuthAccessTokenErrorResponse = (0,
|
|
275
|
-
error: (0,
|
|
568
|
+
var OAuthAccessTokenErrorResponse = (0, import_v4.object)({
|
|
569
|
+
error: (0, import_v4.enum)([
|
|
276
570
|
"invalid_request",
|
|
277
571
|
"invalid_client",
|
|
278
572
|
"invalid_grant",
|
|
@@ -280,48 +574,18 @@ var OAuthAccessTokenErrorResponse = (0, import_zod.object)({
|
|
|
280
574
|
"unsupported_grant_type",
|
|
281
575
|
"invalid_scope"
|
|
282
576
|
]),
|
|
283
|
-
error_description: (0,
|
|
284
|
-
error_uri: (0,
|
|
577
|
+
error_description: (0, import_v4.string)().optional(),
|
|
578
|
+
error_uri: (0, import_v4.string)().optional()
|
|
285
579
|
});
|
|
286
|
-
var OAuthErrorResponse = (0,
|
|
287
|
-
error: (0,
|
|
288
|
-
error_description: (0,
|
|
580
|
+
var OAuthErrorResponse = (0, import_v4.object)({
|
|
581
|
+
error: (0, import_v4.string)(),
|
|
582
|
+
error_description: (0, import_v4.string)().optional()
|
|
289
583
|
});
|
|
290
|
-
var OAuthEnvSchema = (0,
|
|
291
|
-
clientId:
|
|
292
|
-
clientSecret:
|
|
584
|
+
var OAuthEnvSchema = (0, import_v4.object)({
|
|
585
|
+
clientId: import_v4.z.string().min(1, "OAuth Client ID is required in the environment variables."),
|
|
586
|
+
clientSecret: import_v4.z.string().min(1, "OAuth Client Secret is required in the environment variables.")
|
|
293
587
|
});
|
|
294
588
|
|
|
295
|
-
// src/errors.ts
|
|
296
|
-
var AuthInternalError = class extends Error {
|
|
297
|
-
type = "AUTH_INTERNAL_ERROR";
|
|
298
|
-
code;
|
|
299
|
-
constructor(code, message, options2) {
|
|
300
|
-
super(message, options2);
|
|
301
|
-
this.code = code;
|
|
302
|
-
this.name = new.target.name;
|
|
303
|
-
Error.captureStackTrace(this, new.target);
|
|
304
|
-
}
|
|
305
|
-
};
|
|
306
|
-
|
|
307
|
-
// src/utils.ts
|
|
308
|
-
var import_router = require("@aura-stack/router");
|
|
309
|
-
var formatZodError = (error) => {
|
|
310
|
-
if (!error.issues || error.issues.length === 0) {
|
|
311
|
-
return {};
|
|
312
|
-
}
|
|
313
|
-
return error.issues.reduce((previous, issue) => {
|
|
314
|
-
const key = issue.path.join(".");
|
|
315
|
-
return {
|
|
316
|
-
...previous,
|
|
317
|
-
[key]: {
|
|
318
|
-
code: issue.code,
|
|
319
|
-
message: issue.message
|
|
320
|
-
}
|
|
321
|
-
};
|
|
322
|
-
}, {});
|
|
323
|
-
};
|
|
324
|
-
|
|
325
589
|
// src/oauth/index.ts
|
|
326
590
|
var builtInOAuthProviders = {
|
|
327
591
|
github,
|
|
@@ -333,18 +597,19 @@ var builtInOAuthProviders = {
|
|
|
333
597
|
x,
|
|
334
598
|
strava,
|
|
335
599
|
mailchimp,
|
|
336
|
-
pinterest
|
|
600
|
+
pinterest,
|
|
601
|
+
twitch,
|
|
602
|
+
notion,
|
|
603
|
+
dropbox,
|
|
604
|
+
atlassian
|
|
337
605
|
};
|
|
338
606
|
var defineOAuthEnvironment = (oauth) => {
|
|
339
|
-
const env = process.env;
|
|
340
|
-
const clientIdSuffix = `${oauth.toUpperCase()}_CLIENT_ID`;
|
|
341
|
-
const clientSecretSuffix = `${oauth.toUpperCase()}_CLIENT_SECRET`;
|
|
342
607
|
const loadEnvs = OAuthEnvSchema.safeParse({
|
|
343
|
-
clientId:
|
|
344
|
-
clientSecret:
|
|
608
|
+
clientId: getEnv(`${oauth.toUpperCase()}_CLIENT_ID`),
|
|
609
|
+
clientSecret: getEnv(`${oauth.toUpperCase()}_CLIENT_SECRET`)
|
|
345
610
|
});
|
|
346
611
|
if (!loadEnvs.success) {
|
|
347
|
-
const msg = JSON.stringify(formatZodError(loadEnvs.error), null, 2);
|
|
612
|
+
const msg = JSON.stringify({ [oauth]: formatZodError(loadEnvs.error) }, null, 2);
|
|
348
613
|
throw new AuthInternalError("INVALID_ENVIRONMENT_CONFIGURATION", msg);
|
|
349
614
|
}
|
|
350
615
|
return loadEnvs.data;
|
|
@@ -352,32 +617,57 @@ var defineOAuthEnvironment = (oauth) => {
|
|
|
352
617
|
var defineOAuthProviderConfig = (config) => {
|
|
353
618
|
if (typeof config === "string") {
|
|
354
619
|
const definition = defineOAuthEnvironment(config);
|
|
355
|
-
const oauthConfig = builtInOAuthProviders[config];
|
|
356
|
-
|
|
357
|
-
|
|
358
|
-
|
|
359
|
-
|
|
620
|
+
const oauthConfig = builtInOAuthProviders[config]();
|
|
621
|
+
const parsed2 = OAuthProviderCredentialsSchema.safeParse({ ...oauthConfig, ...definition });
|
|
622
|
+
if (!parsed2.success) {
|
|
623
|
+
const details = JSON.stringify({ [config]: formatZodError(parsed2.error) }, null, 2);
|
|
624
|
+
throw new AuthInternalError(
|
|
625
|
+
"INVALID_OAUTH_PROVIDER_CONFIGURATION",
|
|
626
|
+
`Invalid configuration for OAuth provider "${config}": ${details}`
|
|
627
|
+
);
|
|
628
|
+
}
|
|
629
|
+
return parsed2.data;
|
|
630
|
+
}
|
|
631
|
+
const hasCredentials = config.clientId && config.clientSecret;
|
|
632
|
+
const envConfig = hasCredentials ? {} : defineOAuthEnvironment(config.id);
|
|
633
|
+
const parsed = OAuthProviderCredentialsSchema.safeParse({ ...envConfig, ...config });
|
|
634
|
+
if (!parsed.success) {
|
|
635
|
+
const details = JSON.stringify({ [config.id]: formatZodError(parsed.error) }, null, 2);
|
|
636
|
+
throw new AuthInternalError(
|
|
637
|
+
"INVALID_OAUTH_PROVIDER_CONFIGURATION",
|
|
638
|
+
`Invalid configuration for OAuth provider "${config.id}": ${details}`
|
|
639
|
+
);
|
|
360
640
|
}
|
|
361
|
-
return
|
|
641
|
+
return parsed.data;
|
|
362
642
|
};
|
|
363
643
|
var createBuiltInOAuthProviders = (oauth = []) => {
|
|
364
644
|
return oauth.reduce((previous, config) => {
|
|
365
645
|
const oauthConfig = defineOAuthProviderConfig(config);
|
|
646
|
+
if (oauthConfig.id in previous) {
|
|
647
|
+
throw new AuthInternalError(
|
|
648
|
+
"DUPLICATED_OAUTH_PROVIDER_ID",
|
|
649
|
+
`Duplicate OAuth provider id "${oauthConfig.id}" found. Each provider must have a unique id.`
|
|
650
|
+
);
|
|
651
|
+
}
|
|
366
652
|
return { ...previous, [oauthConfig.id]: oauthConfig };
|
|
367
653
|
}, {});
|
|
368
654
|
};
|
|
369
655
|
// Annotate the CommonJS export names for ESM import in node:
|
|
370
656
|
0 && (module.exports = {
|
|
657
|
+
atlassian,
|
|
371
658
|
bitbucket,
|
|
372
659
|
builtInOAuthProviders,
|
|
373
660
|
createBuiltInOAuthProviders,
|
|
374
661
|
discord,
|
|
662
|
+
dropbox,
|
|
375
663
|
figma,
|
|
376
664
|
github,
|
|
377
665
|
gitlab,
|
|
378
666
|
mailchimp,
|
|
667
|
+
notion,
|
|
379
668
|
pinterest,
|
|
380
669
|
spotify,
|
|
381
670
|
strava,
|
|
671
|
+
twitch,
|
|
382
672
|
x
|
|
383
673
|
});
|