@aura-stack/auth 0.4.0 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/@types/index.d.ts +6 -2
- package/dist/@types/router.d.d.ts +6 -2
- package/dist/actions/callback/access-token.cjs +103 -59
- package/dist/actions/callback/access-token.d.ts +7 -3
- package/dist/actions/callback/access-token.js +3 -3
- package/dist/actions/callback/callback.cjs +200 -134
- package/dist/actions/callback/callback.d.ts +32 -3
- package/dist/actions/callback/callback.js +11 -12
- package/dist/actions/callback/userinfo.cjs +103 -70
- package/dist/actions/callback/userinfo.d.ts +6 -2
- package/dist/actions/callback/userinfo.js +7 -8
- package/dist/actions/csrfToken/csrfToken.cjs +7 -15
- package/dist/actions/csrfToken/csrfToken.d.ts +3 -1
- package/dist/actions/csrfToken/csrfToken.js +7 -8
- package/dist/actions/index.cjs +502 -295
- package/dist/actions/index.d.ts +5 -2
- package/dist/actions/index.js +23 -20
- package/dist/actions/session/session.cjs +76 -24
- package/dist/actions/session/session.d.ts +3 -1
- package/dist/actions/session/session.js +6 -4
- package/dist/actions/signIn/authorization-url.cjs +288 -0
- package/dist/actions/signIn/authorization-url.d.ts +31 -0
- package/dist/actions/signIn/authorization-url.js +16 -0
- package/dist/actions/signIn/authorization.cjs +91 -132
- package/dist/actions/signIn/authorization.d.ts +17 -16
- package/dist/actions/signIn/authorization.js +8 -7
- package/dist/actions/signIn/signIn.cjs +319 -191
- package/dist/actions/signIn/signIn.d.ts +32 -3
- package/dist/actions/signIn/signIn.js +10 -9
- package/dist/actions/signOut/signOut.cjs +211 -212
- package/dist/actions/signOut/signOut.d.ts +9 -1
- package/dist/actions/signOut/signOut.js +9 -10
- package/dist/api/createApi.cjs +750 -0
- package/dist/api/createApi.d.ts +12 -0
- package/dist/api/createApi.js +19 -0
- package/dist/api/getSession.cjs +141 -0
- package/dist/api/getSession.d.ts +16 -0
- package/dist/api/getSession.js +10 -0
- package/dist/api/signIn.cjs +549 -0
- package/dist/api/signIn.d.ts +26 -0
- package/dist/api/signIn.js +15 -0
- package/dist/api/signOut.cjs +279 -0
- package/dist/api/signOut.d.ts +16 -0
- package/dist/api/signOut.js +13 -0
- package/dist/assert.cjs +42 -9
- package/dist/assert.d.ts +8 -4
- package/dist/assert.js +5 -5
- package/dist/{chunk-KJBAQZX2.js → chunk-2A5B7GWR.js} +44 -11
- package/dist/chunk-2GQLSIJ2.js +40 -0
- package/dist/chunk-2IR674WX.js +44 -0
- package/dist/chunk-3J5TUH2I.js +50 -0
- package/dist/chunk-4RWSYUKX.js +98 -0
- package/dist/chunk-5X7JZMEF.js +0 -0
- package/dist/{chunk-TZB6MUXN.js → chunk-7BE46WWS.js} +21 -11
- package/dist/chunk-7YYXFKLR.js +35 -0
- package/dist/chunk-C3A37LQC.js +33 -0
- package/dist/chunk-CITNGXDA.js +31 -0
- package/dist/chunk-CWX724AG.js +78 -0
- package/dist/chunk-D2CSIUKP.js +74 -0
- package/dist/{chunk-ICAZ4OVS.js → chunk-FPCVZUVG.js} +2 -2
- package/dist/{chunk-XGLBNXL4.js → chunk-GNNBM2WJ.js} +17 -9
- package/dist/chunk-JOCGX3RP.js +59 -0
- package/dist/chunk-KBXWTD6E.js +94 -0
- package/dist/{chunk-XUP6KKNG.js → chunk-LATR3NIV.js} +48 -37
- package/dist/chunk-LAYPUDQF.js +39 -0
- package/dist/chunk-LX3TJ2TJ.js +294 -0
- package/dist/{chunk-6MXFPFR3.js → chunk-NHZBQNRR.js} +19 -19
- package/dist/{chunk-TM5IPSNF.js → chunk-PDP3PHB3.js} +33 -19
- package/dist/chunk-PHYNROD4.js +47 -0
- package/dist/chunk-QQEKY4XP.js +29 -0
- package/dist/{chunk-VNCNJKS2.js → chunk-U4RK4LKJ.js} +82 -1
- package/dist/{chunk-RRLIF4PQ.js → chunk-U5663F2U.js} +16 -1
- package/dist/chunk-UN7X6SU5.js +53 -0
- package/dist/chunk-UZQJJD6A.js +100 -0
- package/dist/{chunk-NUDITUKX.js → chunk-V6LLEAR4.js} +22 -15
- package/dist/{chunk-4MYWAOLG.js → chunk-WHNDRO3N.js} +20 -1
- package/dist/{chunk-5W4BRQYG.js → chunk-XY5R3EHH.js} +6 -3
- package/dist/client/client.cjs +135 -0
- package/dist/client/client.d.ts +85 -0
- package/dist/client/client.js +9 -0
- package/dist/client/index.cjs +135 -0
- package/dist/client/index.d.ts +14 -0
- package/dist/client/index.js +10 -0
- package/dist/context.cjs +1237 -0
- package/dist/context.d.ts +16 -0
- package/dist/context.js +28 -0
- package/dist/cookie.cjs +33 -2
- package/dist/cookie.d.ts +9 -5
- package/dist/cookie.js +3 -2
- package/dist/createAuth.cjs +2320 -0
- package/dist/createAuth.d.ts +12 -0
- package/dist/createAuth.js +48 -0
- package/dist/env.cjs +24 -2
- package/dist/env.d.ts +4 -1
- package/dist/env.js +9 -3
- package/dist/errors.cjs +17 -0
- package/dist/errors.d.ts +13 -3
- package/dist/errors.js +5 -1
- package/dist/{index-CSyIJmCM.d.ts → index-_aXtxb_s.d.ts} +383 -13
- package/dist/index.cjs +2135 -1547
- package/dist/index.d.ts +9 -30
- package/dist/index.js +46 -119
- package/dist/jose.cjs +52 -14
- package/dist/jose.d.ts +12 -25
- package/dist/jose.js +11 -3
- package/dist/logger.cjs +132 -0
- package/dist/logger.d.ts +6 -2
- package/dist/logger.js +10 -1
- package/dist/oauth/atlassian.cjs +57 -0
- package/dist/oauth/atlassian.d.ts +12 -0
- package/dist/oauth/atlassian.js +6 -0
- package/dist/oauth/bitbucket.d.ts +6 -2
- package/dist/oauth/discord.d.ts +6 -2
- package/dist/oauth/dropbox.cjs +53 -0
- package/dist/oauth/dropbox.d.ts +12 -0
- package/dist/oauth/dropbox.js +6 -0
- package/dist/oauth/figma.d.ts +6 -2
- package/dist/oauth/github.d.ts +6 -2
- package/dist/oauth/gitlab.d.ts +6 -2
- package/dist/oauth/index.cjs +278 -88
- package/dist/oauth/index.d.ts +6 -2
- package/dist/oauth/index.js +27 -11
- package/dist/oauth/mailchimp.d.ts +6 -2
- package/dist/oauth/notion.cjs +131 -0
- package/dist/oauth/notion.d.ts +12 -0
- package/dist/oauth/notion.js +9 -0
- package/dist/oauth/pinterest.d.ts +6 -2
- package/dist/oauth/spotify.d.ts +6 -2
- package/dist/oauth/strava.d.ts +6 -2
- package/dist/oauth/twitch.cjs +95 -0
- package/dist/oauth/twitch.d.ts +12 -0
- package/dist/oauth/twitch.js +7 -0
- package/dist/oauth/x.d.ts +6 -2
- package/dist/schemas.cjs +84 -51
- package/dist/schemas.d.ts +103 -23
- package/dist/schemas.js +1 -1
- package/dist/secure.cjs +36 -36
- package/dist/secure.d.ts +10 -4
- package/dist/secure.js +7 -6
- package/dist/utils.cjs +109 -3
- package/dist/utils.d.ts +15 -4
- package/dist/utils.js +11 -4
- package/package.json +9 -5
- package/dist/chunk-4EKY7655.js +0 -123
- package/dist/chunk-7QF22LHP.js +0 -67
- package/dist/chunk-ALG3GIV4.js +0 -95
- package/dist/chunk-FRJFWTOY.js +0 -70
- package/dist/chunk-PHFH2MGS.js +0 -36
- package/dist/chunk-QQVSRXGX.js +0 -149
package/dist/index.d.ts
CHANGED
|
@@ -1,35 +1,14 @@
|
|
|
1
|
-
|
|
2
|
-
export {
|
|
1
|
+
export { q as AuthAPI, p as AuthClient, l as AuthClientOptions, A as AuthConfig, r as AuthInstance, B as BuiltInOAuthProvider, C as CookieConfig, E as ErrorType, G as GetSessionAPIOptions, s as JoseInstance, L as LogLevel, t as Logger, k as OAuthProvider, u as OAuthProviderConfig, j as OAuthProviderCredentials, m as Session, g as SignInAPIOptions, n as SignInOptions, i as SignOutAPIOptions, o as SignOutOptions, T as TrustedOrigin, U as User, v as builtInOAuthProviders, w as createAuth, x as createSyslogMessage } from './index-_aXtxb_s.js';
|
|
2
|
+
export { createAuthClient, createClient } from './client/client.js';
|
|
3
|
+
export { Client, ClientOptions } from '@aura-stack/router/types';
|
|
4
|
+
export { LiteralUnion, Prettify } from './@types/utility.js';
|
|
3
5
|
import 'zod';
|
|
4
6
|
import './schemas.js';
|
|
5
|
-
import '
|
|
7
|
+
import 'zod/v4';
|
|
6
8
|
import '@aura-stack/jose';
|
|
7
9
|
import '@aura-stack/jose/jose';
|
|
10
|
+
import '@aura-stack/jose/crypto';
|
|
8
11
|
import '@aura-stack/router/cookie';
|
|
9
|
-
import '
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
* Creates the authentication instance with the configuration provided for OAuth provider.
|
|
13
|
-
* > NOTE: The handlers returned by this function should be used in the server to handle the authentication routes
|
|
14
|
-
* and within the `/auth` base path
|
|
15
|
-
*
|
|
16
|
-
* @param authConfig - Authentication configuration including OAuth provider
|
|
17
|
-
* @returns Authentication instance with handlers to be used in the server
|
|
18
|
-
* @example
|
|
19
|
-
* const auth = createAuth({
|
|
20
|
-
* oauth: ["github", {
|
|
21
|
-
* id: "custom-oauth",
|
|
22
|
-
* name: "custom-oauth",
|
|
23
|
-
* authorizationURL: "https://custom-oauth.com/oauth/authorize",
|
|
24
|
-
* accessToken: "https://custom-oauth.com/oauth/token",
|
|
25
|
-
* scope: "profile email",
|
|
26
|
-
* responseType: "code",
|
|
27
|
-
* userInfo: "https://custom-oauth.com/api/userinfo",
|
|
28
|
-
* clientId: process.env.AURA_AUTH_CUSTOM_OAUTH_CLIENT_ID!,
|
|
29
|
-
* clientSecret: process.env.AURA_AUTH_CUSTOM_OAUTH_CLIENT_SECRET!,
|
|
30
|
-
* }]
|
|
31
|
-
* })
|
|
32
|
-
*/
|
|
33
|
-
declare const createAuth: (authConfig: AuthConfig) => AuthInstance;
|
|
34
|
-
|
|
35
|
-
export { AuthConfig, AuthInstance, createAuth };
|
|
12
|
+
import 'jose';
|
|
13
|
+
import '@aura-stack/router';
|
|
14
|
+
import 'zod/v4/core';
|
package/dist/index.js
CHANGED
|
@@ -1,132 +1,59 @@
|
|
|
1
|
+
import "./chunk-5X7JZMEF.js";
|
|
1
2
|
import {
|
|
2
|
-
|
|
3
|
-
|
|
3
|
+
createAuthClient,
|
|
4
|
+
createClient
|
|
5
|
+
} from "./chunk-4RWSYUKX.js";
|
|
6
|
+
import {
|
|
7
|
+
createAuth
|
|
8
|
+
} from "./chunk-CWX724AG.js";
|
|
9
|
+
import "./chunk-ITQ7352M.js";
|
|
10
|
+
import "./chunk-NHZBQNRR.js";
|
|
11
|
+
import "./chunk-GNNBM2WJ.js";
|
|
12
|
+
import "./chunk-FPCVZUVG.js";
|
|
13
|
+
import "./chunk-UN7X6SU5.js";
|
|
14
|
+
import "./chunk-7YYXFKLR.js";
|
|
15
|
+
import "./chunk-3J5TUH2I.js";
|
|
16
|
+
import "./chunk-7BE46WWS.js";
|
|
17
|
+
import "./chunk-LAYPUDQF.js";
|
|
18
|
+
import "./chunk-CITNGXDA.js";
|
|
19
|
+
import "./chunk-JOCGX3RP.js";
|
|
20
|
+
import "./chunk-D2CSIUKP.js";
|
|
21
|
+
import "./chunk-LATR3NIV.js";
|
|
22
|
+
import "./chunk-KBXWTD6E.js";
|
|
23
|
+
import "./chunk-ZNCZVF6U.js";
|
|
24
|
+
import "./chunk-V6LLEAR4.js";
|
|
25
|
+
import "./chunk-2IR674WX.js";
|
|
26
|
+
import {
|
|
27
|
+
builtInOAuthProviders
|
|
28
|
+
} from "./chunk-PDP3PHB3.js";
|
|
29
|
+
import "./chunk-LDU7A2JE.js";
|
|
30
|
+
import "./chunk-PHYNROD4.js";
|
|
31
|
+
import "./chunk-E6G5YCI6.js";
|
|
4
32
|
import "./chunk-IPKO6UQN.js";
|
|
5
33
|
import "./chunk-54CZPKR4.js";
|
|
34
|
+
import "./chunk-2GQLSIJ2.js";
|
|
6
35
|
import "./chunk-EEE7UM5T.js";
|
|
36
|
+
import "./chunk-C3A37LQC.js";
|
|
7
37
|
import "./chunk-4YHJ4IEQ.js";
|
|
8
38
|
import "./chunk-OVHNRULD.js";
|
|
39
|
+
import "./chunk-QQEKY4XP.js";
|
|
9
40
|
import "./chunk-KMMAZFSJ.js";
|
|
10
41
|
import "./chunk-FW4W3REU.js";
|
|
11
42
|
import "./chunk-5LZ7TOM3.js";
|
|
12
|
-
import "./chunk-LDU7A2JE.js";
|
|
13
|
-
import "./chunk-E6G5YCI6.js";
|
|
14
|
-
import "./chunk-ITQ7352M.js";
|
|
15
|
-
import {
|
|
16
|
-
signInAction
|
|
17
|
-
} from "./chunk-7QF22LHP.js";
|
|
18
|
-
import {
|
|
19
|
-
csrfTokenAction
|
|
20
|
-
} from "./chunk-ICAZ4OVS.js";
|
|
21
43
|
import {
|
|
22
|
-
|
|
23
|
-
} from "./chunk-
|
|
24
|
-
import
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
import "./chunk-
|
|
28
|
-
import "./chunk-
|
|
29
|
-
import
|
|
30
|
-
sessionAction
|
|
31
|
-
} from "./chunk-PHFH2MGS.js";
|
|
32
|
-
import "./chunk-XUP6KKNG.js";
|
|
33
|
-
import "./chunk-ZNCZVF6U.js";
|
|
34
|
-
import "./chunk-KJBAQZX2.js";
|
|
35
|
-
import "./chunk-NUDITUKX.js";
|
|
36
|
-
import "./chunk-4EKY7655.js";
|
|
37
|
-
import {
|
|
38
|
-
createErrorHandler,
|
|
39
|
-
useSecureCookies
|
|
40
|
-
} from "./chunk-QQVSRXGX.js";
|
|
41
|
-
import {
|
|
42
|
-
createCookieStore
|
|
43
|
-
} from "./chunk-5W4BRQYG.js";
|
|
44
|
+
createSyslogMessage
|
|
45
|
+
} from "./chunk-U4RK4LKJ.js";
|
|
46
|
+
import "./chunk-2A5B7GWR.js";
|
|
47
|
+
import "./chunk-UZQJJD6A.js";
|
|
48
|
+
import "./chunk-LX3TJ2TJ.js";
|
|
49
|
+
import "./chunk-XY5R3EHH.js";
|
|
50
|
+
import "./chunk-WHNDRO3N.js";
|
|
51
|
+
import "./chunk-U5663F2U.js";
|
|
44
52
|
import "./chunk-EBAMFRB7.js";
|
|
45
|
-
import {
|
|
46
|
-
createJoseInstance
|
|
47
|
-
} from "./chunk-FRJFWTOY.js";
|
|
48
|
-
import "./chunk-4MYWAOLG.js";
|
|
49
|
-
import "./chunk-RRLIF4PQ.js";
|
|
50
|
-
import {
|
|
51
|
-
createLogEntry
|
|
52
|
-
} from "./chunk-VNCNJKS2.js";
|
|
53
|
-
|
|
54
|
-
// src/index.ts
|
|
55
|
-
import { createRouter } from "@aura-stack/router";
|
|
56
|
-
var logLevelToSeverity = {
|
|
57
|
-
debug: ["debug", "info", "notice", "warning", "error", "critical", "alert", "emergency"],
|
|
58
|
-
info: ["info", "notice", "warning", "error", "critical", "alert", "emergency"],
|
|
59
|
-
warn: ["warning", "error", "critical", "alert", "emergency"],
|
|
60
|
-
error: ["error", "critical", "alert", "emergency"]
|
|
61
|
-
};
|
|
62
|
-
var createLoggerProxy = (logger) => {
|
|
63
|
-
if (!logger) return void 0;
|
|
64
|
-
const level = logger.level;
|
|
65
|
-
const allowedSeverities = logLevelToSeverity[level] ?? [];
|
|
66
|
-
const internalLogger = {
|
|
67
|
-
level,
|
|
68
|
-
log(key, overrides) {
|
|
69
|
-
const entry = createLogEntry(key, overrides);
|
|
70
|
-
if (!allowedSeverities.includes(entry.severity)) return entry;
|
|
71
|
-
logger.log({
|
|
72
|
-
timestamp: entry.timestamp ?? (/* @__PURE__ */ new Date()).toISOString(),
|
|
73
|
-
appName: entry.appName ?? "aura-auth",
|
|
74
|
-
hostname: entry.hostname ?? "aura-auth",
|
|
75
|
-
...entry
|
|
76
|
-
});
|
|
77
|
-
return entry;
|
|
78
|
-
}
|
|
79
|
-
};
|
|
80
|
-
return internalLogger;
|
|
81
|
-
};
|
|
82
|
-
var createInternalConfig = (authConfig) => {
|
|
83
|
-
const useSecure = authConfig?.trustedProxyHeaders ?? false;
|
|
84
|
-
const logger = authConfig?.logger;
|
|
85
|
-
const internalLogger = createLoggerProxy(logger);
|
|
86
|
-
return {
|
|
87
|
-
basePath: authConfig?.basePath ?? "/auth",
|
|
88
|
-
onError: createErrorHandler(internalLogger),
|
|
89
|
-
context: {
|
|
90
|
-
oauth: createBuiltInOAuthProviders(authConfig?.oauth),
|
|
91
|
-
cookies: createCookieStore(
|
|
92
|
-
useSecure,
|
|
93
|
-
authConfig?.cookies?.prefix,
|
|
94
|
-
authConfig?.cookies?.overrides ?? {},
|
|
95
|
-
internalLogger
|
|
96
|
-
),
|
|
97
|
-
jose: createJoseInstance(authConfig?.secret),
|
|
98
|
-
secret: authConfig?.secret,
|
|
99
|
-
basePath: authConfig?.basePath ?? "/auth",
|
|
100
|
-
trustedProxyHeaders: useSecure,
|
|
101
|
-
trustedOrigins: authConfig?.trustedOrigins,
|
|
102
|
-
logger: internalLogger
|
|
103
|
-
},
|
|
104
|
-
middlewares: [
|
|
105
|
-
(ctx) => {
|
|
106
|
-
const useSecure2 = useSecureCookies(ctx.request, ctx.context.trustedProxyHeaders);
|
|
107
|
-
const cookies = createCookieStore(
|
|
108
|
-
useSecure2,
|
|
109
|
-
authConfig?.cookies?.prefix,
|
|
110
|
-
authConfig?.cookies?.overrides ?? {},
|
|
111
|
-
internalLogger
|
|
112
|
-
);
|
|
113
|
-
ctx.context.cookies = cookies;
|
|
114
|
-
return ctx;
|
|
115
|
-
}
|
|
116
|
-
]
|
|
117
|
-
};
|
|
118
|
-
};
|
|
119
|
-
var createAuth = (authConfig) => {
|
|
120
|
-
const config = createInternalConfig(authConfig);
|
|
121
|
-
const router = createRouter(
|
|
122
|
-
[signInAction(config.context.oauth), callbackAction(config.context.oauth), sessionAction, signOutAction, csrfTokenAction],
|
|
123
|
-
config
|
|
124
|
-
);
|
|
125
|
-
return {
|
|
126
|
-
handlers: router,
|
|
127
|
-
jose: config.context.jose
|
|
128
|
-
};
|
|
129
|
-
};
|
|
130
53
|
export {
|
|
131
|
-
|
|
54
|
+
builtInOAuthProviders,
|
|
55
|
+
createAuth,
|
|
56
|
+
createAuthClient,
|
|
57
|
+
createClient,
|
|
58
|
+
createSyslogMessage
|
|
132
59
|
};
|
package/dist/jose.cjs
CHANGED
|
@@ -20,8 +20,12 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
|
|
|
20
20
|
// src/jose.ts
|
|
21
21
|
var jose_exports = {};
|
|
22
22
|
__export(jose_exports, {
|
|
23
|
+
base64url: () => import_jose2.base64url,
|
|
23
24
|
createJoseInstance: () => createJoseInstance,
|
|
24
25
|
decodeJWTOptions: () => decodeJWTOptions,
|
|
26
|
+
encoder: () => import_crypto.encoder,
|
|
27
|
+
getRandomBytes: () => import_crypto.getRandomBytes,
|
|
28
|
+
getSubtleCrypto: () => import_crypto.getSubtleCrypto,
|
|
25
29
|
jwtVerificationOptions: () => jwtVerificationOptions
|
|
26
30
|
});
|
|
27
31
|
module.exports = __toCommonJS(jose_exports);
|
|
@@ -54,6 +58,10 @@ var env = new Proxy({}, {
|
|
|
54
58
|
}
|
|
55
59
|
}
|
|
56
60
|
});
|
|
61
|
+
var getEnv = (key) => {
|
|
62
|
+
const keys = [`AURA_AUTH_${key.toUpperCase()}`, `AURA_${key.toUpperCase()}`, `AUTH_${key.toUpperCase()}`, key.toUpperCase()];
|
|
63
|
+
return env[keys.find((k) => env[k]) ?? ""];
|
|
64
|
+
};
|
|
57
65
|
|
|
58
66
|
// src/jose.ts
|
|
59
67
|
var import_jose = require("@aura-stack/jose");
|
|
@@ -71,15 +79,17 @@ var AuthInternalError = class extends Error {
|
|
|
71
79
|
};
|
|
72
80
|
|
|
73
81
|
// src/jose.ts
|
|
82
|
+
var import_jose2 = require("@aura-stack/jose/jose");
|
|
83
|
+
var import_crypto = require("@aura-stack/jose/crypto");
|
|
74
84
|
var createJoseInstance = (secret) => {
|
|
75
|
-
secret ??=
|
|
85
|
+
secret ??= getEnv("SECRET");
|
|
76
86
|
if (!secret) {
|
|
77
87
|
throw new AuthInternalError(
|
|
78
88
|
"JOSE_INITIALIZATION_FAILED",
|
|
79
89
|
"AURA_AUTH_SECRET environment variable is not set and no secret was provided."
|
|
80
90
|
);
|
|
81
91
|
}
|
|
82
|
-
const salt =
|
|
92
|
+
const salt = getEnv("SALT");
|
|
83
93
|
if (!salt) {
|
|
84
94
|
throw new AuthInternalError(
|
|
85
95
|
"JOSE_INITIALIZATION_FAILED",
|
|
@@ -95,19 +105,43 @@ var createJoseInstance = (secret) => {
|
|
|
95
105
|
{ cause: error }
|
|
96
106
|
);
|
|
97
107
|
}
|
|
98
|
-
const
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
108
|
+
const jose = (async () => {
|
|
109
|
+
const derivedSigningKey = await (0, import_jose.createDeriveKey)(secret, salt, "signing");
|
|
110
|
+
const derivedEncryptionKey = await (0, import_jose.createDeriveKey)(secret, salt, "encryption");
|
|
111
|
+
const derivedCsrfTokenKey = await (0, import_jose.createDeriveKey)(secret, salt, "csrfToken");
|
|
112
|
+
return {
|
|
113
|
+
jwt: (0, import_jose.createJWT)({ jws: derivedSigningKey, jwe: derivedEncryptionKey }),
|
|
114
|
+
jws: (0, import_jose.createJWS)(derivedCsrfTokenKey),
|
|
115
|
+
jwe: (0, import_jose.createJWE)(derivedEncryptionKey)
|
|
116
|
+
};
|
|
117
|
+
})();
|
|
118
|
+
jose.catch(() => {
|
|
119
|
+
});
|
|
104
120
|
return {
|
|
105
|
-
decodeJWT,
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
121
|
+
decodeJWT: async (token, options) => {
|
|
122
|
+
const { jwt } = await jose;
|
|
123
|
+
return jwt.decodeJWT(token, options);
|
|
124
|
+
},
|
|
125
|
+
encodeJWT: async (payload) => {
|
|
126
|
+
const { jwt } = await jose;
|
|
127
|
+
return jwt.encodeJWT(payload);
|
|
128
|
+
},
|
|
129
|
+
signJWS: async (...args) => {
|
|
130
|
+
const { jws } = await jose;
|
|
131
|
+
return jws.signJWS(...args);
|
|
132
|
+
},
|
|
133
|
+
verifyJWS: async (...args) => {
|
|
134
|
+
const { jws } = await jose;
|
|
135
|
+
return jws.verifyJWS(...args);
|
|
136
|
+
},
|
|
137
|
+
encryptJWE: async (...args) => {
|
|
138
|
+
const { jwe } = await jose;
|
|
139
|
+
return jwe.encryptJWE(...args);
|
|
140
|
+
},
|
|
141
|
+
decryptJWE: async (...args) => {
|
|
142
|
+
const { jwe } = await jose;
|
|
143
|
+
return jwe.decryptJWE(...args);
|
|
144
|
+
}
|
|
111
145
|
};
|
|
112
146
|
};
|
|
113
147
|
var jwtVerificationOptions = {
|
|
@@ -122,7 +156,11 @@ var decodeJWTOptions = {
|
|
|
122
156
|
};
|
|
123
157
|
// Annotate the CommonJS export names for ESM import in node:
|
|
124
158
|
0 && (module.exports = {
|
|
159
|
+
base64url,
|
|
125
160
|
createJoseInstance,
|
|
126
161
|
decodeJWTOptions,
|
|
162
|
+
encoder,
|
|
163
|
+
getRandomBytes,
|
|
164
|
+
getSubtleCrypto,
|
|
127
165
|
jwtVerificationOptions
|
|
128
166
|
});
|
package/dist/jose.d.ts
CHANGED
|
@@ -1,25 +1,12 @@
|
|
|
1
|
-
import
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
export {
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
*/
|
|
14
|
-
declare const createJoseInstance: (secret?: string) => {
|
|
15
|
-
decodeJWT: (token: string) => Promise<_aura_stack_jose_jose.JWTPayload>;
|
|
16
|
-
encodeJWT: (payload: _aura_stack_jose_jose.JWTPayload) => Promise<string>;
|
|
17
|
-
signJWS: (payload: _aura_stack_jose_jose.JWTPayload) => Promise<string>;
|
|
18
|
-
verifyJWS: (payload: string, options?: JWTVerifyOptions) => Promise<_aura_stack_jose_jose.JWTPayload>;
|
|
19
|
-
encryptJWE: (payload: string, options?: _aura_stack_jose.EncryptOptions) => Promise<string>;
|
|
20
|
-
decryptJWE: (payload: string, options?: _aura_stack_jose.JWTDecryptOptions) => Promise<string>;
|
|
21
|
-
};
|
|
22
|
-
declare const jwtVerificationOptions: JWTVerifyOptions;
|
|
23
|
-
declare const decodeJWTOptions: DecodedJWTPayloadOptions;
|
|
24
|
-
|
|
25
|
-
export { createJoseInstance, decodeJWTOptions, jwtVerificationOptions };
|
|
1
|
+
import '@aura-stack/jose';
|
|
2
|
+
export { JWTPayload, base64url } from '@aura-stack/jose/jose';
|
|
3
|
+
export { encoder, getRandomBytes, getSubtleCrypto } from '@aura-stack/jose/crypto';
|
|
4
|
+
export { K as createJoseInstance, M as decodeJWTOptions, N as jwtVerificationOptions } from './index-_aXtxb_s.js';
|
|
5
|
+
import 'zod';
|
|
6
|
+
import './schemas.js';
|
|
7
|
+
import 'zod/v4';
|
|
8
|
+
import '@aura-stack/router/cookie';
|
|
9
|
+
import './@types/utility.js';
|
|
10
|
+
import 'jose';
|
|
11
|
+
import '@aura-stack/router';
|
|
12
|
+
import 'zod/v4/core';
|
package/dist/jose.js
CHANGED
|
@@ -1,12 +1,20 @@
|
|
|
1
1
|
import {
|
|
2
|
+
base64url,
|
|
2
3
|
createJoseInstance,
|
|
3
4
|
decodeJWTOptions,
|
|
5
|
+
encoder,
|
|
6
|
+
getRandomBytes,
|
|
7
|
+
getSubtleCrypto,
|
|
4
8
|
jwtVerificationOptions
|
|
5
|
-
} from "./chunk-
|
|
6
|
-
import "./chunk-
|
|
7
|
-
import "./chunk-
|
|
9
|
+
} from "./chunk-UZQJJD6A.js";
|
|
10
|
+
import "./chunk-WHNDRO3N.js";
|
|
11
|
+
import "./chunk-U5663F2U.js";
|
|
8
12
|
export {
|
|
13
|
+
base64url,
|
|
9
14
|
createJoseInstance,
|
|
10
15
|
decodeJWTOptions,
|
|
16
|
+
encoder,
|
|
17
|
+
getRandomBytes,
|
|
18
|
+
getSubtleCrypto,
|
|
11
19
|
jwtVerificationOptions
|
|
12
20
|
};
|
package/dist/logger.cjs
CHANGED
|
@@ -21,9 +21,68 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
|
|
|
21
21
|
var logger_exports = {};
|
|
22
22
|
__export(logger_exports, {
|
|
23
23
|
createLogEntry: () => createLogEntry,
|
|
24
|
+
createLogger: () => createLogger,
|
|
25
|
+
createProxyLogger: () => createProxyLogger,
|
|
26
|
+
createSyslogMessage: () => createSyslogMessage,
|
|
24
27
|
logMessages: () => logMessages
|
|
25
28
|
});
|
|
26
29
|
module.exports = __toCommonJS(logger_exports);
|
|
30
|
+
|
|
31
|
+
// src/env.ts
|
|
32
|
+
var import_meta = {};
|
|
33
|
+
var env = new Proxy({}, {
|
|
34
|
+
get(_, prop) {
|
|
35
|
+
if (typeof prop !== "string") return void 0;
|
|
36
|
+
const hasProperty = (process2) => {
|
|
37
|
+
return process2 && Object.prototype.hasOwnProperty.call(process2, prop);
|
|
38
|
+
};
|
|
39
|
+
try {
|
|
40
|
+
if (typeof process !== "undefined" && hasProperty(process.env)) {
|
|
41
|
+
return process.env[prop];
|
|
42
|
+
}
|
|
43
|
+
if (typeof import_meta !== "undefined" && hasProperty(import_meta.env)) {
|
|
44
|
+
return import_meta.env[prop];
|
|
45
|
+
}
|
|
46
|
+
if (typeof Deno !== "undefined" && Deno.env?.get) {
|
|
47
|
+
return Deno.env.get(prop);
|
|
48
|
+
}
|
|
49
|
+
if (typeof Bun !== "undefined" && hasProperty(Bun.env)) {
|
|
50
|
+
return Bun.env[prop];
|
|
51
|
+
}
|
|
52
|
+
const globalValue = globalThis[prop];
|
|
53
|
+
return typeof globalValue === "string" ? globalValue : void 0;
|
|
54
|
+
} catch {
|
|
55
|
+
return void 0;
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
});
|
|
59
|
+
var getEnv = (key) => {
|
|
60
|
+
const keys = [`AURA_AUTH_${key.toUpperCase()}`, `AURA_${key.toUpperCase()}`, `AUTH_${key.toUpperCase()}`, key.toUpperCase()];
|
|
61
|
+
return env[keys.find((k) => env[k]) ?? ""];
|
|
62
|
+
};
|
|
63
|
+
var getEnvBoolean = (key) => {
|
|
64
|
+
const value = getEnv(key);
|
|
65
|
+
if (value === void 0) return false;
|
|
66
|
+
const normalized = value.trim().toLowerCase();
|
|
67
|
+
if (["1", "true", "yes", "on", "debug"].includes(normalized)) return true;
|
|
68
|
+
return false;
|
|
69
|
+
};
|
|
70
|
+
|
|
71
|
+
// src/utils.ts
|
|
72
|
+
var import_router = require("@aura-stack/router");
|
|
73
|
+
|
|
74
|
+
// src/assert.ts
|
|
75
|
+
var import_crypto = require("@aura-stack/jose/crypto");
|
|
76
|
+
|
|
77
|
+
// src/utils.ts
|
|
78
|
+
var createStructuredData = (data, sdID = "metadata") => {
|
|
79
|
+
const entries = Object.entries(data);
|
|
80
|
+
if (entries.length === 0) return `[${sdID}]`;
|
|
81
|
+
const values = entries.map(([key, value]) => `${key}="${String(value).replace(/(["\\\]])/g, "\\$1")}"`).join(" ");
|
|
82
|
+
return `[${sdID} ${values}]`;
|
|
83
|
+
};
|
|
84
|
+
|
|
85
|
+
// src/logger.ts
|
|
27
86
|
var logMessages = {
|
|
28
87
|
ROUTER_INTERNAL_ERROR: {
|
|
29
88
|
facility: 10,
|
|
@@ -282,11 +341,84 @@ var createLogEntry = (key, overrides) => {
|
|
|
282
341
|
const message = logMessages[key];
|
|
283
342
|
return {
|
|
284
343
|
...message,
|
|
344
|
+
timestamp: (/* @__PURE__ */ new Date()).toISOString(),
|
|
345
|
+
hostname: "aura-auth",
|
|
346
|
+
procId: typeof process !== "undefined" && process.pid ? process.pid.toString() : "-",
|
|
285
347
|
...overrides
|
|
286
348
|
};
|
|
287
349
|
};
|
|
350
|
+
var logLevelToSeverity = {
|
|
351
|
+
debug: ["debug", "info", "notice", "warning", "error", "critical", "alert", "emergency"],
|
|
352
|
+
info: ["info", "notice", "warning", "error", "critical", "alert", "emergency"],
|
|
353
|
+
warn: ["warning", "error", "critical", "alert", "emergency"],
|
|
354
|
+
error: ["error", "critical", "alert", "emergency"]
|
|
355
|
+
};
|
|
356
|
+
var isValidLogLevel = (value) => {
|
|
357
|
+
return value === "debug" || value === "info" || value === "warn" || value === "error";
|
|
358
|
+
};
|
|
359
|
+
var getSeverityLevel = (severity) => {
|
|
360
|
+
const severities = {
|
|
361
|
+
emergency: 0,
|
|
362
|
+
alert: 1,
|
|
363
|
+
critical: 2,
|
|
364
|
+
error: 3,
|
|
365
|
+
warning: 4,
|
|
366
|
+
notice: 5,
|
|
367
|
+
info: 6,
|
|
368
|
+
debug: 7
|
|
369
|
+
};
|
|
370
|
+
return severities[severity] ?? 6;
|
|
371
|
+
};
|
|
372
|
+
var createSyslogMessage = (options) => {
|
|
373
|
+
const { timestamp, hostname, appName = "aura-auth", procId = "-", msgId, structuredData, message } = options;
|
|
374
|
+
const pri = (options.facility ?? 16) * 8 + getSeverityLevel(options.severity);
|
|
375
|
+
const structuredDataStr = createStructuredData(structuredData ?? {});
|
|
376
|
+
return `<${pri}>1 ${timestamp} ${hostname} ${appName} ${procId} ${msgId} ${structuredDataStr} ${message}`;
|
|
377
|
+
};
|
|
378
|
+
var createLogger = (logger) => {
|
|
379
|
+
if (!logger) return void 0;
|
|
380
|
+
const level = logger.level;
|
|
381
|
+
const allowedSeverities = logLevelToSeverity[level] ?? [];
|
|
382
|
+
return {
|
|
383
|
+
level,
|
|
384
|
+
log(key, overrides) {
|
|
385
|
+
const entry = createLogEntry(key, overrides);
|
|
386
|
+
if (!allowedSeverities.includes(entry.severity)) return entry;
|
|
387
|
+
logger.log({
|
|
388
|
+
timestamp: entry.timestamp,
|
|
389
|
+
appName: entry.appName ?? "aura-auth",
|
|
390
|
+
hostname: entry.hostname ?? "aura-auth",
|
|
391
|
+
...entry
|
|
392
|
+
});
|
|
393
|
+
return entry;
|
|
394
|
+
}
|
|
395
|
+
};
|
|
396
|
+
};
|
|
397
|
+
var createProxyLogger = (config) => {
|
|
398
|
+
const level = getEnv("LOG_LEVEL");
|
|
399
|
+
const debug = getEnvBoolean("DEBUG");
|
|
400
|
+
if (typeof config?.logger === "object") {
|
|
401
|
+
return createLogger({
|
|
402
|
+
log: config.logger?.log || createSyslogMessage,
|
|
403
|
+
level: isValidLogLevel(config.logger?.level) ? config.logger?.level : isValidLogLevel(level) ? level : "error"
|
|
404
|
+
});
|
|
405
|
+
}
|
|
406
|
+
if (debug || config?.logger === true || level) {
|
|
407
|
+
return createLogger({
|
|
408
|
+
level: isValidLogLevel(level) ? level : "debug",
|
|
409
|
+
log: (options) => {
|
|
410
|
+
const message = createSyslogMessage(options);
|
|
411
|
+
console.log(message);
|
|
412
|
+
}
|
|
413
|
+
});
|
|
414
|
+
}
|
|
415
|
+
return void 0;
|
|
416
|
+
};
|
|
288
417
|
// Annotate the CommonJS export names for ESM import in node:
|
|
289
418
|
0 && (module.exports = {
|
|
290
419
|
createLogEntry,
|
|
420
|
+
createLogger,
|
|
421
|
+
createProxyLogger,
|
|
422
|
+
createSyslogMessage,
|
|
291
423
|
logMessages
|
|
292
424
|
});
|
package/dist/logger.d.ts
CHANGED
|
@@ -1,8 +1,12 @@
|
|
|
1
|
-
export {
|
|
1
|
+
export { y as createLogEntry, z as createLogger, D as createProxyLogger, x as createSyslogMessage, H as logMessages } from './index-_aXtxb_s.js';
|
|
2
2
|
import 'zod';
|
|
3
3
|
import './schemas.js';
|
|
4
|
-
import '
|
|
4
|
+
import 'zod/v4';
|
|
5
5
|
import '@aura-stack/jose';
|
|
6
6
|
import '@aura-stack/jose/jose';
|
|
7
|
+
import '@aura-stack/jose/crypto';
|
|
7
8
|
import '@aura-stack/router/cookie';
|
|
8
9
|
import './@types/utility.js';
|
|
10
|
+
import 'jose';
|
|
11
|
+
import '@aura-stack/router';
|
|
12
|
+
import 'zod/v4/core';
|
package/dist/logger.js
CHANGED
|
@@ -1,8 +1,17 @@
|
|
|
1
1
|
import {
|
|
2
2
|
createLogEntry,
|
|
3
|
+
createLogger,
|
|
4
|
+
createProxyLogger,
|
|
5
|
+
createSyslogMessage,
|
|
3
6
|
logMessages
|
|
4
|
-
} from "./chunk-
|
|
7
|
+
} from "./chunk-U4RK4LKJ.js";
|
|
8
|
+
import "./chunk-LX3TJ2TJ.js";
|
|
9
|
+
import "./chunk-WHNDRO3N.js";
|
|
10
|
+
import "./chunk-U5663F2U.js";
|
|
5
11
|
export {
|
|
6
12
|
createLogEntry,
|
|
13
|
+
createLogger,
|
|
14
|
+
createProxyLogger,
|
|
15
|
+
createSyslogMessage,
|
|
7
16
|
logMessages
|
|
8
17
|
};
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __defProp = Object.defineProperty;
|
|
3
|
+
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
4
|
+
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
5
|
+
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
6
|
+
var __export = (target, all) => {
|
|
7
|
+
for (var name in all)
|
|
8
|
+
__defProp(target, name, { get: all[name], enumerable: true });
|
|
9
|
+
};
|
|
10
|
+
var __copyProps = (to, from, except, desc) => {
|
|
11
|
+
if (from && typeof from === "object" || typeof from === "function") {
|
|
12
|
+
for (let key of __getOwnPropNames(from))
|
|
13
|
+
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
14
|
+
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
15
|
+
}
|
|
16
|
+
return to;
|
|
17
|
+
};
|
|
18
|
+
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
19
|
+
|
|
20
|
+
// src/oauth/atlassian.ts
|
|
21
|
+
var atlassian_exports = {};
|
|
22
|
+
__export(atlassian_exports, {
|
|
23
|
+
atlassian: () => atlassian
|
|
24
|
+
});
|
|
25
|
+
module.exports = __toCommonJS(atlassian_exports);
|
|
26
|
+
var atlassian = (options) => {
|
|
27
|
+
return {
|
|
28
|
+
id: "atlassian",
|
|
29
|
+
name: "Atlassian",
|
|
30
|
+
authorize: {
|
|
31
|
+
url: "https://auth.atlassian.com/authorize",
|
|
32
|
+
params: {
|
|
33
|
+
audience: "api.atlassian.com",
|
|
34
|
+
scope: "read:me read:account",
|
|
35
|
+
prompt: "consent"
|
|
36
|
+
}
|
|
37
|
+
},
|
|
38
|
+
authorizeURL: "https://auth.atlassian.com/authorize",
|
|
39
|
+
accessToken: "https://auth.atlassian.com/oauth/token",
|
|
40
|
+
userInfo: "https://api.atlassian.com/me",
|
|
41
|
+
scope: "read:me read:account",
|
|
42
|
+
responseType: "code",
|
|
43
|
+
profile(profile) {
|
|
44
|
+
return {
|
|
45
|
+
sub: profile.account_id,
|
|
46
|
+
name: profile.name,
|
|
47
|
+
email: profile.email,
|
|
48
|
+
image: profile.picture
|
|
49
|
+
};
|
|
50
|
+
},
|
|
51
|
+
...options
|
|
52
|
+
};
|
|
53
|
+
};
|
|
54
|
+
// Annotate the CommonJS export names for ESM import in node:
|
|
55
|
+
0 && (module.exports = {
|
|
56
|
+
atlassian
|
|
57
|
+
});
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
export { P as AtlassianProfile, Q as ExtendedProfile, V as atlassian } from '../index-_aXtxb_s.js';
|
|
2
|
+
import '../@types/utility.js';
|
|
3
|
+
import 'zod';
|
|
4
|
+
import '../schemas.js';
|
|
5
|
+
import 'zod/v4';
|
|
6
|
+
import '@aura-stack/jose';
|
|
7
|
+
import '@aura-stack/jose/jose';
|
|
8
|
+
import '@aura-stack/jose/crypto';
|
|
9
|
+
import '@aura-stack/router/cookie';
|
|
10
|
+
import 'jose';
|
|
11
|
+
import '@aura-stack/router';
|
|
12
|
+
import 'zod/v4/core';
|