@aura-stack/auth 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (149) hide show
  1. package/dist/@types/index.d.ts +6 -2
  2. package/dist/@types/router.d.d.ts +6 -2
  3. package/dist/actions/callback/access-token.cjs +103 -59
  4. package/dist/actions/callback/access-token.d.ts +7 -3
  5. package/dist/actions/callback/access-token.js +3 -3
  6. package/dist/actions/callback/callback.cjs +200 -134
  7. package/dist/actions/callback/callback.d.ts +32 -3
  8. package/dist/actions/callback/callback.js +11 -12
  9. package/dist/actions/callback/userinfo.cjs +103 -70
  10. package/dist/actions/callback/userinfo.d.ts +6 -2
  11. package/dist/actions/callback/userinfo.js +7 -8
  12. package/dist/actions/csrfToken/csrfToken.cjs +7 -15
  13. package/dist/actions/csrfToken/csrfToken.d.ts +3 -1
  14. package/dist/actions/csrfToken/csrfToken.js +7 -8
  15. package/dist/actions/index.cjs +502 -295
  16. package/dist/actions/index.d.ts +5 -2
  17. package/dist/actions/index.js +23 -20
  18. package/dist/actions/session/session.cjs +76 -24
  19. package/dist/actions/session/session.d.ts +3 -1
  20. package/dist/actions/session/session.js +6 -4
  21. package/dist/actions/signIn/authorization-url.cjs +288 -0
  22. package/dist/actions/signIn/authorization-url.d.ts +31 -0
  23. package/dist/actions/signIn/authorization-url.js +16 -0
  24. package/dist/actions/signIn/authorization.cjs +91 -132
  25. package/dist/actions/signIn/authorization.d.ts +17 -16
  26. package/dist/actions/signIn/authorization.js +8 -7
  27. package/dist/actions/signIn/signIn.cjs +319 -191
  28. package/dist/actions/signIn/signIn.d.ts +32 -3
  29. package/dist/actions/signIn/signIn.js +10 -9
  30. package/dist/actions/signOut/signOut.cjs +211 -212
  31. package/dist/actions/signOut/signOut.d.ts +9 -1
  32. package/dist/actions/signOut/signOut.js +9 -10
  33. package/dist/api/createApi.cjs +750 -0
  34. package/dist/api/createApi.d.ts +12 -0
  35. package/dist/api/createApi.js +19 -0
  36. package/dist/api/getSession.cjs +141 -0
  37. package/dist/api/getSession.d.ts +16 -0
  38. package/dist/api/getSession.js +10 -0
  39. package/dist/api/signIn.cjs +549 -0
  40. package/dist/api/signIn.d.ts +26 -0
  41. package/dist/api/signIn.js +15 -0
  42. package/dist/api/signOut.cjs +279 -0
  43. package/dist/api/signOut.d.ts +16 -0
  44. package/dist/api/signOut.js +13 -0
  45. package/dist/assert.cjs +42 -9
  46. package/dist/assert.d.ts +8 -4
  47. package/dist/assert.js +5 -5
  48. package/dist/{chunk-KJBAQZX2.js → chunk-2A5B7GWR.js} +44 -11
  49. package/dist/chunk-2GQLSIJ2.js +40 -0
  50. package/dist/chunk-2IR674WX.js +44 -0
  51. package/dist/chunk-3J5TUH2I.js +50 -0
  52. package/dist/chunk-4RWSYUKX.js +98 -0
  53. package/dist/chunk-5X7JZMEF.js +0 -0
  54. package/dist/{chunk-TZB6MUXN.js → chunk-7BE46WWS.js} +21 -11
  55. package/dist/chunk-7YYXFKLR.js +35 -0
  56. package/dist/chunk-C3A37LQC.js +33 -0
  57. package/dist/chunk-CITNGXDA.js +31 -0
  58. package/dist/chunk-CWX724AG.js +78 -0
  59. package/dist/chunk-D2CSIUKP.js +74 -0
  60. package/dist/{chunk-ICAZ4OVS.js → chunk-FPCVZUVG.js} +2 -2
  61. package/dist/{chunk-XGLBNXL4.js → chunk-GNNBM2WJ.js} +17 -9
  62. package/dist/chunk-JOCGX3RP.js +59 -0
  63. package/dist/chunk-KBXWTD6E.js +94 -0
  64. package/dist/{chunk-XUP6KKNG.js → chunk-LATR3NIV.js} +48 -37
  65. package/dist/chunk-LAYPUDQF.js +39 -0
  66. package/dist/chunk-LX3TJ2TJ.js +294 -0
  67. package/dist/{chunk-6MXFPFR3.js → chunk-NHZBQNRR.js} +19 -19
  68. package/dist/{chunk-TM5IPSNF.js → chunk-PDP3PHB3.js} +33 -19
  69. package/dist/chunk-PHYNROD4.js +47 -0
  70. package/dist/chunk-QQEKY4XP.js +29 -0
  71. package/dist/{chunk-VNCNJKS2.js → chunk-U4RK4LKJ.js} +82 -1
  72. package/dist/{chunk-RRLIF4PQ.js → chunk-U5663F2U.js} +16 -1
  73. package/dist/chunk-UN7X6SU5.js +53 -0
  74. package/dist/chunk-UZQJJD6A.js +100 -0
  75. package/dist/{chunk-NUDITUKX.js → chunk-V6LLEAR4.js} +22 -15
  76. package/dist/{chunk-4MYWAOLG.js → chunk-WHNDRO3N.js} +20 -1
  77. package/dist/{chunk-5W4BRQYG.js → chunk-XY5R3EHH.js} +6 -3
  78. package/dist/client/client.cjs +135 -0
  79. package/dist/client/client.d.ts +85 -0
  80. package/dist/client/client.js +9 -0
  81. package/dist/client/index.cjs +135 -0
  82. package/dist/client/index.d.ts +14 -0
  83. package/dist/client/index.js +10 -0
  84. package/dist/context.cjs +1237 -0
  85. package/dist/context.d.ts +16 -0
  86. package/dist/context.js +28 -0
  87. package/dist/cookie.cjs +33 -2
  88. package/dist/cookie.d.ts +9 -5
  89. package/dist/cookie.js +3 -2
  90. package/dist/createAuth.cjs +2320 -0
  91. package/dist/createAuth.d.ts +12 -0
  92. package/dist/createAuth.js +48 -0
  93. package/dist/env.cjs +24 -2
  94. package/dist/env.d.ts +4 -1
  95. package/dist/env.js +9 -3
  96. package/dist/errors.cjs +17 -0
  97. package/dist/errors.d.ts +13 -3
  98. package/dist/errors.js +5 -1
  99. package/dist/{index-CSyIJmCM.d.ts → index-_aXtxb_s.d.ts} +383 -13
  100. package/dist/index.cjs +2135 -1547
  101. package/dist/index.d.ts +9 -30
  102. package/dist/index.js +46 -119
  103. package/dist/jose.cjs +52 -14
  104. package/dist/jose.d.ts +12 -25
  105. package/dist/jose.js +11 -3
  106. package/dist/logger.cjs +132 -0
  107. package/dist/logger.d.ts +6 -2
  108. package/dist/logger.js +10 -1
  109. package/dist/oauth/atlassian.cjs +57 -0
  110. package/dist/oauth/atlassian.d.ts +12 -0
  111. package/dist/oauth/atlassian.js +6 -0
  112. package/dist/oauth/bitbucket.d.ts +6 -2
  113. package/dist/oauth/discord.d.ts +6 -2
  114. package/dist/oauth/dropbox.cjs +53 -0
  115. package/dist/oauth/dropbox.d.ts +12 -0
  116. package/dist/oauth/dropbox.js +6 -0
  117. package/dist/oauth/figma.d.ts +6 -2
  118. package/dist/oauth/github.d.ts +6 -2
  119. package/dist/oauth/gitlab.d.ts +6 -2
  120. package/dist/oauth/index.cjs +278 -88
  121. package/dist/oauth/index.d.ts +6 -2
  122. package/dist/oauth/index.js +27 -11
  123. package/dist/oauth/mailchimp.d.ts +6 -2
  124. package/dist/oauth/notion.cjs +131 -0
  125. package/dist/oauth/notion.d.ts +12 -0
  126. package/dist/oauth/notion.js +9 -0
  127. package/dist/oauth/pinterest.d.ts +6 -2
  128. package/dist/oauth/spotify.d.ts +6 -2
  129. package/dist/oauth/strava.d.ts +6 -2
  130. package/dist/oauth/twitch.cjs +95 -0
  131. package/dist/oauth/twitch.d.ts +12 -0
  132. package/dist/oauth/twitch.js +7 -0
  133. package/dist/oauth/x.d.ts +6 -2
  134. package/dist/schemas.cjs +84 -51
  135. package/dist/schemas.d.ts +103 -23
  136. package/dist/schemas.js +1 -1
  137. package/dist/secure.cjs +36 -36
  138. package/dist/secure.d.ts +10 -4
  139. package/dist/secure.js +7 -6
  140. package/dist/utils.cjs +109 -3
  141. package/dist/utils.d.ts +15 -4
  142. package/dist/utils.js +11 -4
  143. package/package.json +9 -5
  144. package/dist/chunk-4EKY7655.js +0 -123
  145. package/dist/chunk-7QF22LHP.js +0 -67
  146. package/dist/chunk-ALG3GIV4.js +0 -95
  147. package/dist/chunk-FRJFWTOY.js +0 -70
  148. package/dist/chunk-PHFH2MGS.js +0 -36
  149. package/dist/chunk-QQVSRXGX.js +0 -149
@@ -1,8 +1,12 @@
1
- export { H as BitbucketProfile, K as bitbucket } from '../index-CSyIJmCM.js';
1
+ export { at as BitbucketProfile, au as bitbucket } from '../index-_aXtxb_s.js';
2
2
  import '../@types/utility.js';
3
3
  import 'zod';
4
4
  import '../schemas.js';
5
- import '../jose.js';
5
+ import 'zod/v4';
6
6
  import '@aura-stack/jose';
7
7
  import '@aura-stack/jose/jose';
8
+ import '@aura-stack/jose/crypto';
8
9
  import '@aura-stack/router/cookie';
10
+ import 'jose';
11
+ import '@aura-stack/router';
12
+ import 'zod/v4/core';
@@ -1,8 +1,12 @@
1
- export { D as DiscordProfile, N as Nameplate, z as discord } from '../index-CSyIJmCM.js';
1
+ export { ao as DiscordProfile, ap as Nameplate, aq as discord } from '../index-_aXtxb_s.js';
2
2
  import 'zod';
3
3
  import '../schemas.js';
4
- import '../jose.js';
4
+ import 'zod/v4';
5
5
  import '@aura-stack/jose';
6
6
  import '@aura-stack/jose/jose';
7
+ import '@aura-stack/jose/crypto';
7
8
  import '@aura-stack/router/cookie';
8
9
  import '../@types/utility.js';
10
+ import 'jose';
11
+ import '@aura-stack/router';
12
+ import 'zod/v4/core';
@@ -0,0 +1,53 @@
1
+ "use strict";
2
+ var __defProp = Object.defineProperty;
3
+ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
+ var __getOwnPropNames = Object.getOwnPropertyNames;
5
+ var __hasOwnProp = Object.prototype.hasOwnProperty;
6
+ var __export = (target, all) => {
7
+ for (var name in all)
8
+ __defProp(target, name, { get: all[name], enumerable: true });
9
+ };
10
+ var __copyProps = (to, from, except, desc) => {
11
+ if (from && typeof from === "object" || typeof from === "function") {
12
+ for (let key of __getOwnPropNames(from))
13
+ if (!__hasOwnProp.call(to, key) && key !== except)
14
+ __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
15
+ }
16
+ return to;
17
+ };
18
+ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
19
+
20
+ // src/oauth/dropbox.ts
21
+ var dropbox_exports = {};
22
+ __export(dropbox_exports, {
23
+ dropbox: () => dropbox
24
+ });
25
+ module.exports = __toCommonJS(dropbox_exports);
26
+ var dropbox = (options) => {
27
+ return {
28
+ id: "dropbox",
29
+ name: "Dropbox",
30
+ authorize: {
31
+ url: "https://www.dropbox.com/oauth2/authorize",
32
+ params: { scope: "account_info.read" }
33
+ },
34
+ accessToken: "https://api.dropboxapi.com/oauth2/token",
35
+ userInfo: {
36
+ method: "POST",
37
+ url: "https://api.dropboxapi.com/2/users/get_current_account"
38
+ },
39
+ profile(profile) {
40
+ return {
41
+ sub: profile.account_id,
42
+ name: profile.name.display_name,
43
+ email: profile.email,
44
+ image: profile.profile_photo_url
45
+ };
46
+ },
47
+ ...options
48
+ };
49
+ };
50
+ // Annotate the CommonJS export names for ESM import in node:
51
+ 0 && (module.exports = {
52
+ dropbox
53
+ });
@@ -0,0 +1,12 @@
1
+ export { W as AccountType, X as DropboxProfile, Y as FullTeam, Z as Name, _ as RootInfo, $ as dropbox } from '../index-_aXtxb_s.js';
2
+ import 'zod';
3
+ import '../schemas.js';
4
+ import 'zod/v4';
5
+ import '@aura-stack/jose';
6
+ import '@aura-stack/jose/jose';
7
+ import '@aura-stack/jose/crypto';
8
+ import '@aura-stack/router/cookie';
9
+ import '../@types/utility.js';
10
+ import 'jose';
11
+ import '@aura-stack/router';
12
+ import 'zod/v4/core';
@@ -0,0 +1,6 @@
1
+ import {
2
+ dropbox
3
+ } from "../chunk-QQEKY4XP.js";
4
+ export {
5
+ dropbox
6
+ };
@@ -1,8 +1,12 @@
1
- export { F as FigmaProfile, B as figma } from '../index-CSyIJmCM.js';
1
+ export { ar as FigmaProfile, as as figma } from '../index-_aXtxb_s.js';
2
2
  import 'zod';
3
3
  import '../schemas.js';
4
- import '../jose.js';
4
+ import 'zod/v4';
5
5
  import '@aura-stack/jose';
6
6
  import '@aura-stack/jose/jose';
7
+ import '@aura-stack/jose/crypto';
7
8
  import '@aura-stack/router/cookie';
8
9
  import '../@types/utility.js';
10
+ import 'jose';
11
+ import '@aura-stack/router';
12
+ import 'zod/v4/core';
@@ -1,8 +1,12 @@
1
- export { Q as GitHubProfile, V as github } from '../index-CSyIJmCM.js';
1
+ export { av as GitHubProfile, aw as github } from '../index-_aXtxb_s.js';
2
2
  import 'zod';
3
3
  import '../schemas.js';
4
- import '../jose.js';
4
+ import 'zod/v4';
5
5
  import '@aura-stack/jose';
6
6
  import '@aura-stack/jose/jose';
7
+ import '@aura-stack/jose/crypto';
7
8
  import '@aura-stack/router/cookie';
8
9
  import '../@types/utility.js';
10
+ import 'jose';
11
+ import '@aura-stack/router';
12
+ import 'zod/v4/core';
@@ -1,8 +1,12 @@
1
- export { G as GitLabProfile, y as gitlab } from '../index-CSyIJmCM.js';
1
+ export { am as GitLabProfile, an as gitlab } from '../index-_aXtxb_s.js';
2
2
  import 'zod';
3
3
  import '../schemas.js';
4
- import '../jose.js';
4
+ import 'zod/v4';
5
5
  import '@aura-stack/jose';
6
6
  import '@aura-stack/jose/jose';
7
+ import '@aura-stack/jose/crypto';
7
8
  import '@aura-stack/router/cookie';
8
9
  import '../@types/utility.js';
10
+ import 'jose';
11
+ import '@aura-stack/router';
12
+ import 'zod/v4/core';
@@ -20,17 +20,21 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
20
20
  // src/oauth/index.ts
21
21
  var oauth_exports = {};
22
22
  __export(oauth_exports, {
23
+ atlassian: () => atlassian,
23
24
  bitbucket: () => bitbucket,
24
25
  builtInOAuthProviders: () => builtInOAuthProviders,
25
26
  createBuiltInOAuthProviders: () => createBuiltInOAuthProviders,
26
27
  discord: () => discord,
28
+ dropbox: () => dropbox,
27
29
  figma: () => figma,
28
30
  github: () => github,
29
31
  gitlab: () => gitlab,
30
32
  mailchimp: () => mailchimp,
33
+ notion: () => notion,
31
34
  pinterest: () => pinterest,
32
35
  spotify: () => spotify,
33
36
  strava: () => strava,
37
+ twitch: () => twitch,
34
38
  x: () => x
35
39
  });
36
40
  module.exports = __toCommonJS(oauth_exports);
@@ -63,6 +67,10 @@ var env = new Proxy({}, {
63
67
  }
64
68
  }
65
69
  });
70
+ var getEnv = (key) => {
71
+ const keys = [`AURA_AUTH_${key.toUpperCase()}`, `AURA_${key.toUpperCase()}`, `AUTH_${key.toUpperCase()}`, key.toUpperCase()];
72
+ return env[keys.find((k) => env[k]) ?? ""];
73
+ };
66
74
 
67
75
  // src/oauth/github.ts
68
76
  var github = (options2) => {
@@ -292,85 +300,41 @@ var pinterest = (options2) => {
292
300
  };
293
301
  };
294
302
 
295
- // src/schemas.ts
296
- var import_zod = require("zod");
297
- var OAuthProviderCredentialsSchema = (0, import_zod.object)({
298
- id: (0, import_zod.string)(),
299
- name: (0, import_zod.string)(),
300
- authorizeURL: (0, import_zod.string)().url(),
301
- accessToken: (0, import_zod.string)().url(),
302
- scope: (0, import_zod.string)(),
303
- userInfo: (0, import_zod.string)().url(),
304
- responseType: (0, import_zod.enum)(["code", "token", "id_token"]),
305
- clientId: (0, import_zod.string)(),
306
- clientSecret: (0, import_zod.string)(),
307
- profile: import_zod.z.function().optional()
308
- });
309
- var OAuthProviderConfigSchema = (0, import_zod.object)({
310
- authorizeURL: (0, import_zod.string)().url(),
311
- accessToken: (0, import_zod.string)().url(),
312
- scope: (0, import_zod.string)().optional(),
313
- userInfo: (0, import_zod.string)().url(),
314
- responseType: (0, import_zod.enum)(["code", "token", "id_token"]),
315
- clientId: (0, import_zod.string)(),
316
- clientSecret: (0, import_zod.string)()
317
- });
318
- var OAuthAuthorization = OAuthProviderConfigSchema.extend({
319
- redirectURI: (0, import_zod.string)(),
320
- state: (0, import_zod.string)(),
321
- codeChallenge: (0, import_zod.string)(),
322
- codeChallengeMethod: (0, import_zod.enum)(["plain", "S256"])
323
- });
324
- var OAuthAuthorizationResponse = (0, import_zod.object)({
325
- state: (0, import_zod.string)({ message: "Missing state parameter in the OAuth authorization response." }),
326
- code: (0, import_zod.string)({ message: "Missing code parameter in the OAuth authorization response." })
327
- });
328
- var OAuthAuthorizationErrorResponse = (0, import_zod.object)({
329
- error: (0, import_zod.enum)([
330
- "invalid_request",
331
- "unauthorized_client",
332
- "access_denied",
333
- "unsupported_response_type",
334
- "invalid_scope",
335
- "server_error",
336
- "temporarily_unavailable"
337
- ]),
338
- error_description: (0, import_zod.string)().optional(),
339
- error_uri: (0, import_zod.string)().optional(),
340
- state: (0, import_zod.string)()
341
- });
342
- var OAuthAccessToken = OAuthProviderConfigSchema.extend({
343
- redirectURI: (0, import_zod.string)(),
344
- code: (0, import_zod.string)(),
345
- codeVerifier: (0, import_zod.string)().min(43).max(128)
346
- });
347
- var OAuthAccessTokenResponse = (0, import_zod.object)({
348
- access_token: (0, import_zod.string)(),
349
- token_type: (0, import_zod.string)().optional(),
350
- expires_in: (0, import_zod.number)().optional(),
351
- refresh_token: (0, import_zod.string)().optional(),
352
- scope: (0, import_zod.string)().optional().or((0, import_zod.null)())
353
- });
354
- var OAuthAccessTokenErrorResponse = (0, import_zod.object)({
355
- error: (0, import_zod.enum)([
356
- "invalid_request",
357
- "invalid_client",
358
- "invalid_grant",
359
- "unauthorized_client",
360
- "unsupported_grant_type",
361
- "invalid_scope"
362
- ]),
363
- error_description: (0, import_zod.string)().optional(),
364
- error_uri: (0, import_zod.string)().optional()
365
- });
366
- var OAuthErrorResponse = (0, import_zod.object)({
367
- error: (0, import_zod.string)(),
368
- error_description: (0, import_zod.string)().optional()
369
- });
370
- var OAuthEnvSchema = (0, import_zod.object)({
371
- clientId: import_zod.z.string().min(1, "OAuth Client ID is required in the environment variables."),
372
- clientSecret: import_zod.z.string().min(1, "OAuth Client Secret is required in the environment variables.")
373
- });
303
+ // src/oauth/twitch.ts
304
+ var twitch = (options2) => {
305
+ const clientId = options2?.clientId ?? getEnv("TWITCH_CLIENT_ID");
306
+ return {
307
+ id: "twitch",
308
+ name: "Twitch",
309
+ authorize: {
310
+ url: "https://id.twitch.tv/oauth2/authorize",
311
+ params: { scope: "user:read:email", responseType: "code" }
312
+ },
313
+ accessToken: "https://id.twitch.tv/oauth2/token",
314
+ userInfo: {
315
+ url: "https://api.twitch.tv/helix/users",
316
+ headers: {
317
+ "Client-ID": clientId
318
+ }
319
+ },
320
+ profile(profile) {
321
+ const user = profile.data[0];
322
+ if (!user) {
323
+ throw new Error("No user data found in Twitch profile response");
324
+ }
325
+ return {
326
+ sub: user.id,
327
+ name: user.display_name,
328
+ email: user.email,
329
+ picture: user.profile_image_url
330
+ };
331
+ },
332
+ ...options2
333
+ };
334
+ };
335
+
336
+ // src/utils.ts
337
+ var import_router = require("@aura-stack/router");
374
338
 
375
339
  // src/errors.ts
376
340
  var AuthInternalError = class extends Error {
@@ -384,8 +348,10 @@ var AuthInternalError = class extends Error {
384
348
  }
385
349
  };
386
350
 
351
+ // src/assert.ts
352
+ var import_crypto = require("@aura-stack/jose/crypto");
353
+
387
354
  // src/utils.ts
388
- var import_router = require("@aura-stack/router");
389
355
  var formatZodError = (error) => {
390
356
  if (!error.issues || error.issues.length === 0) {
391
357
  return {};
@@ -401,6 +367,224 @@ var formatZodError = (error) => {
401
367
  };
402
368
  }, {});
403
369
  };
370
+ var createBasicAuthHeader = (username, password) => {
371
+ const getUsername = getEnv(username.toUpperCase()) ?? username;
372
+ const getPassword = getEnv(password.toUpperCase()) ?? password;
373
+ if (!getUsername || !getPassword) {
374
+ throw new AuthInternalError("INVALID_OAUTH_CONFIGURATION", "Missing client credentials for OAuth provider configuration.");
375
+ }
376
+ const credentials = `${getUsername}:${getPassword}`;
377
+ return `Basic ${btoa(credentials)}`;
378
+ };
379
+
380
+ // src/oauth/notion.ts
381
+ var notion = (options2) => {
382
+ return {
383
+ id: "notion",
384
+ name: "Notion",
385
+ authorize: {
386
+ url: "https://api.notion.com/v1/oauth/authorize",
387
+ params: {
388
+ owner: "user",
389
+ scope: "user:read",
390
+ responseType: "code"
391
+ }
392
+ },
393
+ accessToken: {
394
+ url: "https://api.notion.com/v1/oauth/token",
395
+ headers: {
396
+ Authorization: createBasicAuthHeader(
397
+ options2?.clientId ?? "NOTION_CLIENT_ID",
398
+ options2?.clientSecret ?? "NOTION_CLIENT_SECRET"
399
+ )
400
+ }
401
+ },
402
+ userInfo: {
403
+ url: "https://api.notion.com/v1/users/me",
404
+ headers: {
405
+ "Notion-Version": "2022-06-28"
406
+ }
407
+ },
408
+ profile(profile) {
409
+ return {
410
+ sub: profile.id,
411
+ name: profile.name,
412
+ image: profile.avatar_url ?? "",
413
+ email: profile?.bot?.owner?.user?.person?.email
414
+ };
415
+ },
416
+ ...options2
417
+ };
418
+ };
419
+
420
+ // src/oauth/dropbox.ts
421
+ var dropbox = (options2) => {
422
+ return {
423
+ id: "dropbox",
424
+ name: "Dropbox",
425
+ authorize: {
426
+ url: "https://www.dropbox.com/oauth2/authorize",
427
+ params: { scope: "account_info.read" }
428
+ },
429
+ accessToken: "https://api.dropboxapi.com/oauth2/token",
430
+ userInfo: {
431
+ method: "POST",
432
+ url: "https://api.dropboxapi.com/2/users/get_current_account"
433
+ },
434
+ profile(profile) {
435
+ return {
436
+ sub: profile.account_id,
437
+ name: profile.name.display_name,
438
+ email: profile.email,
439
+ image: profile.profile_photo_url
440
+ };
441
+ },
442
+ ...options2
443
+ };
444
+ };
445
+
446
+ // src/oauth/atlassian.ts
447
+ var atlassian = (options2) => {
448
+ return {
449
+ id: "atlassian",
450
+ name: "Atlassian",
451
+ authorize: {
452
+ url: "https://auth.atlassian.com/authorize",
453
+ params: {
454
+ audience: "api.atlassian.com",
455
+ scope: "read:me read:account",
456
+ prompt: "consent"
457
+ }
458
+ },
459
+ authorizeURL: "https://auth.atlassian.com/authorize",
460
+ accessToken: "https://auth.atlassian.com/oauth/token",
461
+ userInfo: "https://api.atlassian.com/me",
462
+ scope: "read:me read:account",
463
+ responseType: "code",
464
+ profile(profile) {
465
+ return {
466
+ sub: profile.account_id,
467
+ name: profile.name,
468
+ email: profile.email,
469
+ image: profile.picture
470
+ };
471
+ },
472
+ ...options2
473
+ };
474
+ };
475
+
476
+ // src/schemas.ts
477
+ var import_v4 = require("zod/v4");
478
+ var AuthorizeConfigSchema = import_v4.z.union([
479
+ (0, import_v4.string)().url(),
480
+ (0, import_v4.object)({
481
+ url: (0, import_v4.string)().url(),
482
+ params: (0, import_v4.object)({
483
+ responseType: (0, import_v4.enum)(["code", "token", "id_token", "refresh_token"]).optional(),
484
+ scope: (0, import_v4.string)().optional()
485
+ })
486
+ })
487
+ ]);
488
+ var AccessTokenConfigSchema = import_v4.z.union([
489
+ (0, import_v4.string)().url(),
490
+ (0, import_v4.object)({
491
+ url: (0, import_v4.string)().url(),
492
+ headers: import_v4.z.record((0, import_v4.string)(), (0, import_v4.string)()).optional()
493
+ })
494
+ ]);
495
+ var UserInfoConfigSchema = import_v4.z.union([
496
+ (0, import_v4.string)().url(),
497
+ (0, import_v4.object)({
498
+ url: (0, import_v4.string)().url(),
499
+ headers: import_v4.z.record((0, import_v4.string)(), (0, import_v4.string)()).optional(),
500
+ method: (0, import_v4.string)().optional()
501
+ })
502
+ ]);
503
+ var OAuthProviderCredentialsSchema = (0, import_v4.object)({
504
+ id: (0, import_v4.string)(),
505
+ name: (0, import_v4.string)(),
506
+ authorize: AuthorizeConfigSchema.optional(),
507
+ /** @deprecated */
508
+ authorizeURL: (0, import_v4.string)().url().optional(),
509
+ accessToken: AccessTokenConfigSchema,
510
+ /** @deprecated */
511
+ scope: (0, import_v4.string)().optional(),
512
+ userInfo: UserInfoConfigSchema,
513
+ /** @deprecated */
514
+ responseType: (0, import_v4.enum)(["code", "token", "id_token", "refresh_token"]).optional(),
515
+ clientId: (0, import_v4.string)(),
516
+ clientSecret: (0, import_v4.string)(),
517
+ profile: import_v4.z.function().optional()
518
+ });
519
+ var OAuthProviderConfigSchema = (0, import_v4.object)({
520
+ authorize: AuthorizeConfigSchema.optional(),
521
+ /** @deprecated */
522
+ authorizeURL: (0, import_v4.string)().url().optional(),
523
+ accessToken: AccessTokenConfigSchema,
524
+ /** @deprecated */
525
+ scope: (0, import_v4.string)().optional(),
526
+ userInfo: UserInfoConfigSchema,
527
+ /** @deprecated */
528
+ responseType: (0, import_v4.enum)(["code", "token", "id_token", "refresh_token"]).optional(),
529
+ clientId: (0, import_v4.string)(),
530
+ clientSecret: (0, import_v4.string)()
531
+ });
532
+ var OAuthAuthorization = OAuthProviderConfigSchema.extend({
533
+ redirectURI: (0, import_v4.string)(),
534
+ state: (0, import_v4.string)(),
535
+ codeChallenge: (0, import_v4.string)(),
536
+ codeChallengeMethod: (0, import_v4.enum)(["plain", "S256"])
537
+ });
538
+ var OAuthAuthorizationResponse = (0, import_v4.object)({
539
+ state: (0, import_v4.string)({ message: "Missing state parameter in the OAuth authorization response." }),
540
+ code: (0, import_v4.string)({ message: "Missing code parameter in the OAuth authorization response." })
541
+ });
542
+ var OAuthAuthorizationErrorResponse = (0, import_v4.object)({
543
+ error: (0, import_v4.enum)([
544
+ "invalid_request",
545
+ "unauthorized_client",
546
+ "access_denied",
547
+ "unsupported_response_type",
548
+ "invalid_scope",
549
+ "server_error",
550
+ "temporarily_unavailable"
551
+ ]),
552
+ error_description: (0, import_v4.string)().optional(),
553
+ error_uri: (0, import_v4.string)().optional(),
554
+ state: (0, import_v4.string)()
555
+ });
556
+ var OAuthAccessToken = OAuthProviderConfigSchema.extend({
557
+ redirectURI: (0, import_v4.string)(),
558
+ code: (0, import_v4.string)(),
559
+ codeVerifier: (0, import_v4.string)().min(43).max(128)
560
+ });
561
+ var OAuthAccessTokenResponse = (0, import_v4.object)({
562
+ access_token: (0, import_v4.string)(),
563
+ token_type: (0, import_v4.string)().optional(),
564
+ expires_in: (0, import_v4.number)().optional(),
565
+ refresh_token: (0, import_v4.string)().optional(),
566
+ scope: (0, import_v4.union)([(0, import_v4.string)().optional().or((0, import_v4.null)()), (0, import_v4.array)((0, import_v4.string)()).optional()])
567
+ });
568
+ var OAuthAccessTokenErrorResponse = (0, import_v4.object)({
569
+ error: (0, import_v4.enum)([
570
+ "invalid_request",
571
+ "invalid_client",
572
+ "invalid_grant",
573
+ "unauthorized_client",
574
+ "unsupported_grant_type",
575
+ "invalid_scope"
576
+ ]),
577
+ error_description: (0, import_v4.string)().optional(),
578
+ error_uri: (0, import_v4.string)().optional()
579
+ });
580
+ var OAuthErrorResponse = (0, import_v4.object)({
581
+ error: (0, import_v4.string)(),
582
+ error_description: (0, import_v4.string)().optional()
583
+ });
584
+ var OAuthEnvSchema = (0, import_v4.object)({
585
+ clientId: import_v4.z.string().min(1, "OAuth Client ID is required in the environment variables."),
586
+ clientSecret: import_v4.z.string().min(1, "OAuth Client Secret is required in the environment variables.")
587
+ });
404
588
 
405
589
  // src/oauth/index.ts
406
590
  var builtInOAuthProviders = {
@@ -413,17 +597,19 @@ var builtInOAuthProviders = {
413
597
  x,
414
598
  strava,
415
599
  mailchimp,
416
- pinterest
600
+ pinterest,
601
+ twitch,
602
+ notion,
603
+ dropbox,
604
+ atlassian
417
605
  };
418
606
  var defineOAuthEnvironment = (oauth) => {
419
- const clientIdSuffix = `${oauth.toUpperCase()}_CLIENT_ID`;
420
- const clientSecretSuffix = `${oauth.toUpperCase()}_CLIENT_SECRET`;
421
607
  const loadEnvs = OAuthEnvSchema.safeParse({
422
- clientId: env[`AURA_AUTH_${clientIdSuffix}`] ?? env[`AUTH_${clientIdSuffix}`] ?? env[`${clientIdSuffix}`],
423
- clientSecret: env[`AURA_AUTH_${clientSecretSuffix}`] ?? env[`AUTH_${clientSecretSuffix}`] ?? env[`${clientSecretSuffix}`]
608
+ clientId: getEnv(`${oauth.toUpperCase()}_CLIENT_ID`),
609
+ clientSecret: getEnv(`${oauth.toUpperCase()}_CLIENT_SECRET`)
424
610
  });
425
611
  if (!loadEnvs.success) {
426
- const msg = JSON.stringify(formatZodError(loadEnvs.error), null, 2);
612
+ const msg = JSON.stringify({ [oauth]: formatZodError(loadEnvs.error) }, null, 2);
427
613
  throw new AuthInternalError("INVALID_ENVIRONMENT_CONFIGURATION", msg);
428
614
  }
429
615
  return loadEnvs.data;
@@ -434,7 +620,7 @@ var defineOAuthProviderConfig = (config) => {
434
620
  const oauthConfig = builtInOAuthProviders[config]();
435
621
  const parsed2 = OAuthProviderCredentialsSchema.safeParse({ ...oauthConfig, ...definition });
436
622
  if (!parsed2.success) {
437
- const details = JSON.stringify(formatZodError(parsed2.error), null, 2);
623
+ const details = JSON.stringify({ [config]: formatZodError(parsed2.error) }, null, 2);
438
624
  throw new AuthInternalError(
439
625
  "INVALID_OAUTH_PROVIDER_CONFIGURATION",
440
626
  `Invalid configuration for OAuth provider "${config}": ${details}`
@@ -446,7 +632,7 @@ var defineOAuthProviderConfig = (config) => {
446
632
  const envConfig = hasCredentials ? {} : defineOAuthEnvironment(config.id);
447
633
  const parsed = OAuthProviderCredentialsSchema.safeParse({ ...envConfig, ...config });
448
634
  if (!parsed.success) {
449
- const details = JSON.stringify(formatZodError(parsed.error), null, 2);
635
+ const details = JSON.stringify({ [config.id]: formatZodError(parsed.error) }, null, 2);
450
636
  throw new AuthInternalError(
451
637
  "INVALID_OAUTH_PROVIDER_CONFIGURATION",
452
638
  `Invalid configuration for OAuth provider "${config.id}": ${details}`
@@ -468,16 +654,20 @@ var createBuiltInOAuthProviders = (oauth = []) => {
468
654
  };
469
655
  // Annotate the CommonJS export names for ESM import in node:
470
656
  0 && (module.exports = {
657
+ atlassian,
471
658
  bitbucket,
472
659
  builtInOAuthProviders,
473
660
  createBuiltInOAuthProviders,
474
661
  discord,
662
+ dropbox,
475
663
  figma,
476
664
  github,
477
665
  gitlab,
478
666
  mailchimp,
667
+ notion,
479
668
  pinterest,
480
669
  spotify,
481
670
  strava,
671
+ twitch,
482
672
  x
483
673
  });
@@ -1,8 +1,12 @@
1
- export { H as BitbucketProfile, Z as BuiltInOAuthProvider, D as DiscordProfile, F as FigmaProfile, Q as GitHubProfile, G as GitLabProfile, n as Login, M as MailchimpProfile, N as Nameplate, P as PinterestProfile, u as SpotifyImage, v as SpotifyProfile, s as StravaProfile, q as SummaryClub, r as SummaryGear, X as XProfile, K as bitbucket, W as builtInOAuthProviders, Y as createBuiltInOAuthProviders, z as discord, B as figma, V as github, y as gitlab, o as mailchimp, p as pinterest, w as spotify, t as strava, x } from '../index-CSyIJmCM.js';
1
+ export { W as AccountType, P as AtlassianProfile, at as BitbucketProfile, a0 as Bot, B as BuiltInOAuthProvider, ao as DiscordProfile, X as DropboxProfile, Q as ExtendedProfile, ar as FigmaProfile, Y as FullTeam, av as GitHubProfile, am as GitLabProfile, aa as Login, ab as MailchimpProfile, Z as Name, ap as Nameplate, a1 as NotionProfile, a2 as Owner, a3 as Person, a8 as PinterestProfile, _ as RootInfo, aj as SpotifyImage, ak as SpotifyProfile, ad as StravaProfile, ae as SummaryClub, af as SummaryGear, a6 as TwitchProfile, a4 as User, ah as XProfile, V as atlassian, au as bitbucket, v as builtInOAuthProviders, ax as createBuiltInOAuthProviders, aq as discord, $ as dropbox, as as figma, aw as github, an as gitlab, ac as mailchimp, a5 as notion, a9 as pinterest, al as spotify, ag as strava, a7 as twitch, ai as x } from '../index-_aXtxb_s.js';
2
2
  import '../@types/utility.js';
3
3
  import 'zod';
4
4
  import '../schemas.js';
5
- import '../jose.js';
5
+ import 'zod/v4';
6
6
  import '@aura-stack/jose';
7
7
  import '@aura-stack/jose/jose';
8
+ import '@aura-stack/jose/crypto';
8
9
  import '@aura-stack/router/cookie';
10
+ import 'jose';
11
+ import '@aura-stack/router';
12
+ import 'zod/v4/core';