@aura-stack/auth 0.5.0 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +36 -1
- package/dist/@types/index.cjs +0 -18
- package/dist/@types/index.d.ts +2 -12
- package/dist/@types/index.js +0 -1
- package/dist/assert-B3iQSYlK.js +3 -0
- package/dist/assert-NJGroSJd.cjs +3 -0
- package/dist/client/index.cjs +1 -135
- package/dist/client/index.d.ts +11 -14
- package/dist/client/index.js +1 -10
- package/dist/crypto-Bz8nIciY.js +1 -0
- package/dist/crypto-CoXA5w_4.cjs +1 -0
- package/dist/env-bq387KyP.cjs +1 -0
- package/dist/env-nvh8QBNz.js +1 -0
- package/dist/errors-CCYPHuBO.cjs +1 -0
- package/dist/errors-DFWHOho6.js +1 -0
- package/dist/index-BkpwQ0l4.d.cts +2279 -0
- package/dist/index-nqLV2t91.d.ts +2279 -0
- package/dist/index.cjs +1 -2427
- package/dist/index.d.cts +2 -0
- package/dist/index.d.ts +2 -14
- package/dist/index.js +1 -59
- package/dist/logger-C59_CDMk.js +1 -0
- package/dist/logger-UnUhYL2V.cjs +1 -0
- package/dist/oauth/atlassian.cjs +1 -57
- package/dist/oauth/atlassian.d.ts +2 -12
- package/dist/oauth/atlassian.js +1 -6
- package/dist/oauth/bitbucket.cjs +1 -49
- package/dist/oauth/bitbucket.d.ts +2 -12
- package/dist/oauth/bitbucket.js +1 -6
- package/dist/oauth/discord.cjs +1 -57
- package/dist/oauth/discord.d.ts +2 -12
- package/dist/oauth/discord.js +1 -6
- package/dist/oauth/dropbox.cjs +1 -53
- package/dist/oauth/dropbox.d.ts +2 -12
- package/dist/oauth/dropbox.js +1 -6
- package/dist/oauth/figma.cjs +1 -49
- package/dist/oauth/figma.d.ts +2 -12
- package/dist/oauth/figma.js +1 -6
- package/dist/oauth/github.cjs +1 -49
- package/dist/oauth/github.d.ts +2 -12
- package/dist/oauth/github.js +1 -6
- package/dist/oauth/gitlab.cjs +1 -49
- package/dist/oauth/gitlab.d.ts +2 -12
- package/dist/oauth/gitlab.js +1 -6
- package/dist/oauth/index.cjs +1 -673
- package/dist/oauth/index.d.ts +2 -12
- package/dist/oauth/index.js +1 -68
- package/dist/oauth/mailchimp.cjs +1 -49
- package/dist/oauth/mailchimp.d.ts +2 -12
- package/dist/oauth/mailchimp.js +1 -6
- package/dist/oauth/notion.cjs +1 -131
- package/dist/oauth/notion.d.ts +2 -12
- package/dist/oauth/notion.js +1 -9
- package/dist/oauth/pinterest.cjs +1 -49
- package/dist/oauth/pinterest.d.ts +2 -12
- package/dist/oauth/pinterest.js +1 -6
- package/dist/oauth/spotify.cjs +1 -49
- package/dist/oauth/spotify.d.ts +2 -12
- package/dist/oauth/spotify.js +1 -6
- package/dist/oauth/strava.cjs +1 -49
- package/dist/oauth/strava.d.ts +2 -12
- package/dist/oauth/strava.js +1 -6
- package/dist/oauth/twitch.cjs +1 -95
- package/dist/oauth/twitch.d.ts +2 -12
- package/dist/oauth/twitch.js +1 -7
- package/dist/oauth/x.cjs +1 -49
- package/dist/oauth/x.d.ts +2 -12
- package/dist/oauth/x.js +1 -6
- package/dist/oauth-BntNm6aE.cjs +1 -0
- package/dist/oauth-DmHy9VrB.js +1 -0
- package/dist/shared/crypto.cjs +1 -0
- package/dist/shared/crypto.d.ts +47 -0
- package/dist/shared/crypto.js +1 -0
- package/dist/shared/identity.cjs +1 -0
- package/dist/shared/identity.d.ts +2 -0
- package/dist/shared/identity.js +1 -0
- package/dist/shared/index.cjs +1 -0
- package/dist/shared/index.d.ts +5 -0
- package/dist/shared/index.js +1 -0
- package/package.json +32 -9
- package/dist/@types/router.d.cjs +0 -1
- package/dist/@types/router.d.d.ts +0 -16
- package/dist/@types/router.d.js +0 -0
- package/dist/@types/utility.cjs +0 -18
- package/dist/@types/utility.d.ts +0 -6
- package/dist/@types/utility.js +0 -1
- package/dist/actions/callback/access-token.cjs +0 -250
- package/dist/actions/callback/access-token.d.ts +0 -33
- package/dist/actions/callback/access-token.js +0 -9
- package/dist/actions/callback/callback.cjs +0 -715
- package/dist/actions/callback/callback.d.ts +0 -42
- package/dist/actions/callback/callback.js +0 -18
- package/dist/actions/callback/userinfo.cjs +0 -283
- package/dist/actions/callback/userinfo.d.ts +0 -25
- package/dist/actions/callback/userinfo.js +0 -13
- package/dist/actions/csrfToken/csrfToken.cjs +0 -189
- package/dist/actions/csrfToken/csrfToken.d.ts +0 -7
- package/dist/actions/csrfToken/csrfToken.js +0 -13
- package/dist/actions/index.cjs +0 -1161
- package/dist/actions/index.d.ts +0 -17
- package/dist/actions/index.js +0 -39
- package/dist/actions/session/session.cjs +0 -188
- package/dist/actions/session/session.d.ts +0 -7
- package/dist/actions/session/session.js +0 -12
- package/dist/actions/signIn/authorization-url.cjs +0 -288
- package/dist/actions/signIn/authorization-url.d.ts +0 -31
- package/dist/actions/signIn/authorization-url.js +0 -16
- package/dist/actions/signIn/authorization.cjs +0 -281
- package/dist/actions/signIn/authorization.d.ts +0 -54
- package/dist/actions/signIn/authorization.js +0 -19
- package/dist/actions/signIn/signIn.cjs +0 -595
- package/dist/actions/signIn/signIn.d.ts +0 -42
- package/dist/actions/signIn/signIn.js +0 -16
- package/dist/actions/signOut/signOut.cjs +0 -492
- package/dist/actions/signOut/signOut.d.ts +0 -16
- package/dist/actions/signOut/signOut.js +0 -15
- package/dist/api/createApi.cjs +0 -750
- package/dist/api/createApi.d.ts +0 -12
- package/dist/api/createApi.js +0 -19
- package/dist/api/getSession.cjs +0 -141
- package/dist/api/getSession.d.ts +0 -16
- package/dist/api/getSession.js +0 -10
- package/dist/api/signIn.cjs +0 -549
- package/dist/api/signIn.d.ts +0 -26
- package/dist/api/signIn.js +0 -15
- package/dist/api/signOut.cjs +0 -279
- package/dist/api/signOut.d.ts +0 -16
- package/dist/api/signOut.js +0 -13
- package/dist/assert.cjs +0 -194
- package/dist/assert.d.ts +0 -37
- package/dist/assert.js +0 -26
- package/dist/chunk-2A5B7GWR.js +0 -125
- package/dist/chunk-2GQLSIJ2.js +0 -40
- package/dist/chunk-2IR674WX.js +0 -44
- package/dist/chunk-3J5TUH2I.js +0 -50
- package/dist/chunk-4RWSYUKX.js +0 -98
- package/dist/chunk-4YHJ4IEQ.js +0 -25
- package/dist/chunk-54CZPKR4.js +0 -25
- package/dist/chunk-5LZ7TOM3.js +0 -25
- package/dist/chunk-5X7JZMEF.js +0 -0
- package/dist/chunk-7BE46WWS.js +0 -88
- package/dist/chunk-7YYXFKLR.js +0 -35
- package/dist/chunk-C3A37LQC.js +0 -33
- package/dist/chunk-CITNGXDA.js +0 -31
- package/dist/chunk-CWX724AG.js +0 -78
- package/dist/chunk-D2CSIUKP.js +0 -74
- package/dist/chunk-E6G5YCI6.js +0 -25
- package/dist/chunk-EBAMFRB7.js +0 -34
- package/dist/chunk-EEE7UM5T.js +0 -25
- package/dist/chunk-FPCVZUVG.js +0 -37
- package/dist/chunk-FW4W3REU.js +0 -25
- package/dist/chunk-GNNBM2WJ.js +0 -83
- package/dist/chunk-IPKO6UQN.js +0 -25
- package/dist/chunk-ITQ7352M.js +0 -0
- package/dist/chunk-JOCGX3RP.js +0 -59
- package/dist/chunk-KBXWTD6E.js +0 -94
- package/dist/chunk-KMMAZFSJ.js +0 -25
- package/dist/chunk-LATR3NIV.js +0 -117
- package/dist/chunk-LAYPUDQF.js +0 -39
- package/dist/chunk-LDU7A2JE.js +0 -25
- package/dist/chunk-LX3TJ2TJ.js +0 -294
- package/dist/chunk-NHZBQNRR.js +0 -143
- package/dist/chunk-OVHNRULD.js +0 -33
- package/dist/chunk-PDP3PHB3.js +0 -127
- package/dist/chunk-PG7UYFG5.js +0 -0
- package/dist/chunk-PHYNROD4.js +0 -47
- package/dist/chunk-QQEKY4XP.js +0 -29
- package/dist/chunk-U4RK4LKJ.js +0 -348
- package/dist/chunk-U5663F2U.js +0 -70
- package/dist/chunk-UN7X6SU5.js +0 -53
- package/dist/chunk-UZQJJD6A.js +0 -100
- package/dist/chunk-V6LLEAR4.js +0 -80
- package/dist/chunk-WHNDRO3N.js +0 -50
- package/dist/chunk-XY5R3EHH.js +0 -204
- package/dist/chunk-ZNCZVF6U.js +0 -14
- package/dist/client/client.cjs +0 -135
- package/dist/client/client.d.ts +0 -85
- package/dist/client/client.js +0 -9
- package/dist/context.cjs +0 -1237
- package/dist/context.d.ts +0 -16
- package/dist/context.js +0 -28
- package/dist/cookie.cjs +0 -277
- package/dist/cookie.d.ts +0 -89
- package/dist/cookie.js +0 -30
- package/dist/createAuth.cjs +0 -2320
- package/dist/createAuth.d.ts +0 -12
- package/dist/createAuth.js +0 -48
- package/dist/env.cjs +0 -78
- package/dist/env.d.ts +0 -10
- package/dist/env.js +0 -12
- package/dist/errors.cjs +0 -102
- package/dist/errors.d.ts +0 -60
- package/dist/errors.js +0 -22
- package/dist/headers.cjs +0 -61
- package/dist/headers.d.ts +0 -33
- package/dist/headers.js +0 -12
- package/dist/index-_aXtxb_s.d.ts +0 -1377
- package/dist/jose.cjs +0 -166
- package/dist/jose.d.ts +0 -12
- package/dist/jose.js +0 -20
- package/dist/logger.cjs +0 -424
- package/dist/logger.d.ts +0 -12
- package/dist/logger.js +0 -17
- package/dist/request.cjs +0 -38
- package/dist/request.d.ts +0 -13
- package/dist/request.js +0 -6
- package/dist/schemas.cjs +0 -158
- package/dist/schemas.d.ts +0 -229
- package/dist/schemas.js +0 -24
- package/dist/secure.cjs +0 -170
- package/dist/secure.d.ts +0 -41
- package/dist/secure.js +0 -20
- package/dist/utils.cjs +0 -329
- package/dist/utils.d.ts +0 -35
- package/dist/utils.js +0 -36
package/dist/chunk-2GQLSIJ2.js
DELETED
|
@@ -1,40 +0,0 @@
|
|
|
1
|
-
import {
|
|
2
|
-
getEnv
|
|
3
|
-
} from "./chunk-WHNDRO3N.js";
|
|
4
|
-
|
|
5
|
-
// src/oauth/twitch.ts
|
|
6
|
-
var twitch = (options) => {
|
|
7
|
-
const clientId = options?.clientId ?? getEnv("TWITCH_CLIENT_ID");
|
|
8
|
-
return {
|
|
9
|
-
id: "twitch",
|
|
10
|
-
name: "Twitch",
|
|
11
|
-
authorize: {
|
|
12
|
-
url: "https://id.twitch.tv/oauth2/authorize",
|
|
13
|
-
params: { scope: "user:read:email", responseType: "code" }
|
|
14
|
-
},
|
|
15
|
-
accessToken: "https://id.twitch.tv/oauth2/token",
|
|
16
|
-
userInfo: {
|
|
17
|
-
url: "https://api.twitch.tv/helix/users",
|
|
18
|
-
headers: {
|
|
19
|
-
"Client-ID": clientId
|
|
20
|
-
}
|
|
21
|
-
},
|
|
22
|
-
profile(profile) {
|
|
23
|
-
const user = profile.data[0];
|
|
24
|
-
if (!user) {
|
|
25
|
-
throw new Error("No user data found in Twitch profile response");
|
|
26
|
-
}
|
|
27
|
-
return {
|
|
28
|
-
sub: user.id,
|
|
29
|
-
name: user.display_name,
|
|
30
|
-
email: user.email,
|
|
31
|
-
picture: user.profile_image_url
|
|
32
|
-
};
|
|
33
|
-
},
|
|
34
|
-
...options
|
|
35
|
-
};
|
|
36
|
-
};
|
|
37
|
-
|
|
38
|
-
export {
|
|
39
|
-
twitch
|
|
40
|
-
};
|
package/dist/chunk-2IR674WX.js
DELETED
|
@@ -1,44 +0,0 @@
|
|
|
1
|
-
import {
|
|
2
|
-
createBuiltInOAuthProviders
|
|
3
|
-
} from "./chunk-PDP3PHB3.js";
|
|
4
|
-
import {
|
|
5
|
-
createProxyLogger
|
|
6
|
-
} from "./chunk-U4RK4LKJ.js";
|
|
7
|
-
import {
|
|
8
|
-
createJoseInstance
|
|
9
|
-
} from "./chunk-UZQJJD6A.js";
|
|
10
|
-
import {
|
|
11
|
-
createCookieStore
|
|
12
|
-
} from "./chunk-XY5R3EHH.js";
|
|
13
|
-
import {
|
|
14
|
-
getEnv,
|
|
15
|
-
getEnvArray,
|
|
16
|
-
getEnvBoolean
|
|
17
|
-
} from "./chunk-WHNDRO3N.js";
|
|
18
|
-
|
|
19
|
-
// src/context.ts
|
|
20
|
-
var createContext = (config) => {
|
|
21
|
-
const trustedProxyHeadersEnv = getEnv("TRUSTED_PROXY_HEADERS");
|
|
22
|
-
const useProxyHeaders = trustedProxyHeadersEnv === void 0 ? config?.trustedProxyHeaders ?? false : getEnvBoolean("TRUSTED_PROXY_HEADERS");
|
|
23
|
-
const logger = createProxyLogger(config);
|
|
24
|
-
const cookiePrefix = config?.cookies?.prefix;
|
|
25
|
-
const cookieOverrides = config?.cookies?.overrides ?? {};
|
|
26
|
-
const secureCookieStore = createCookieStore(true, cookiePrefix, cookieOverrides, logger);
|
|
27
|
-
const standardCookieStore = createCookieStore(false, cookiePrefix, cookieOverrides, logger);
|
|
28
|
-
return {
|
|
29
|
-
oauth: createBuiltInOAuthProviders(config?.oauth),
|
|
30
|
-
cookies: standardCookieStore,
|
|
31
|
-
jose: createJoseInstance(config?.secret),
|
|
32
|
-
secret: config?.secret,
|
|
33
|
-
basePath: config?.basePath ?? "/auth",
|
|
34
|
-
trustedProxyHeaders: useProxyHeaders,
|
|
35
|
-
trustedOrigins: getEnvArray("TRUSTED_ORIGINS").length > 0 ? getEnvArray("TRUSTED_ORIGINS") : config?.trustedOrigins,
|
|
36
|
-
logger,
|
|
37
|
-
cookieConfig: { secure: secureCookieStore, standard: standardCookieStore },
|
|
38
|
-
baseURL: config?.baseURL
|
|
39
|
-
};
|
|
40
|
-
};
|
|
41
|
-
|
|
42
|
-
export {
|
|
43
|
-
createContext
|
|
44
|
-
};
|
package/dist/chunk-3J5TUH2I.js
DELETED
|
@@ -1,50 +0,0 @@
|
|
|
1
|
-
import {
|
|
2
|
-
createRedirectTo
|
|
3
|
-
} from "./chunk-LATR3NIV.js";
|
|
4
|
-
import {
|
|
5
|
-
signOut
|
|
6
|
-
} from "./chunk-KBXWTD6E.js";
|
|
7
|
-
import {
|
|
8
|
-
getBaseURL
|
|
9
|
-
} from "./chunk-LX3TJ2TJ.js";
|
|
10
|
-
|
|
11
|
-
// src/actions/signOut/signOut.ts
|
|
12
|
-
import { z } from "zod/v4";
|
|
13
|
-
import { createEndpoint, createEndpointConfig } from "@aura-stack/router";
|
|
14
|
-
var config = createEndpointConfig({
|
|
15
|
-
schemas: {
|
|
16
|
-
searchParams: z.object({
|
|
17
|
-
token_type_hint: z.literal("session_token"),
|
|
18
|
-
redirectTo: z.string().optional()
|
|
19
|
-
})
|
|
20
|
-
}
|
|
21
|
-
});
|
|
22
|
-
var signOutAction = createEndpoint(
|
|
23
|
-
"POST",
|
|
24
|
-
"/signOut",
|
|
25
|
-
async (ctx) => {
|
|
26
|
-
const {
|
|
27
|
-
request,
|
|
28
|
-
searchParams: { redirectTo },
|
|
29
|
-
context
|
|
30
|
-
} = ctx;
|
|
31
|
-
const baseURL = getBaseURL(request);
|
|
32
|
-
const location = await createRedirectTo(
|
|
33
|
-
new Request(baseURL, {
|
|
34
|
-
headers: request.headers
|
|
35
|
-
}),
|
|
36
|
-
redirectTo,
|
|
37
|
-
context
|
|
38
|
-
);
|
|
39
|
-
return await signOut({
|
|
40
|
-
ctx: context,
|
|
41
|
-
headers: request.headers,
|
|
42
|
-
redirectTo: location
|
|
43
|
-
});
|
|
44
|
-
},
|
|
45
|
-
config
|
|
46
|
-
);
|
|
47
|
-
|
|
48
|
-
export {
|
|
49
|
-
signOutAction
|
|
50
|
-
};
|
package/dist/chunk-4RWSYUKX.js
DELETED
|
@@ -1,98 +0,0 @@
|
|
|
1
|
-
import {
|
|
2
|
-
AuthClientError,
|
|
3
|
-
isNativeError
|
|
4
|
-
} from "./chunk-U5663F2U.js";
|
|
5
|
-
|
|
6
|
-
// src/client/client.ts
|
|
7
|
-
import { createClient as createClientAPI } from "@aura-stack/router";
|
|
8
|
-
var createClient = createClientAPI;
|
|
9
|
-
var createAuthClient = (options) => {
|
|
10
|
-
if (typeof window === "undefined" && !options.baseURL) {
|
|
11
|
-
throw new AuthClientError("`baseURL` is required when createAuthClient is used outside the browser.");
|
|
12
|
-
}
|
|
13
|
-
const client = createClient({
|
|
14
|
-
cache: "no-store",
|
|
15
|
-
credentials: "include",
|
|
16
|
-
baseURL: options.baseURL ?? window.location.origin,
|
|
17
|
-
...options
|
|
18
|
-
});
|
|
19
|
-
const getCSRFToken = async () => {
|
|
20
|
-
try {
|
|
21
|
-
const response = await client.get("/csrfToken");
|
|
22
|
-
if (!response.ok) return null;
|
|
23
|
-
const data = await response.json();
|
|
24
|
-
return data.csrfToken;
|
|
25
|
-
} catch (error) {
|
|
26
|
-
console.error("Error fetching CSRF token:", error);
|
|
27
|
-
return null;
|
|
28
|
-
}
|
|
29
|
-
};
|
|
30
|
-
const getSession = async () => {
|
|
31
|
-
try {
|
|
32
|
-
const response = await client.get("/session");
|
|
33
|
-
if (!response.ok) return null;
|
|
34
|
-
const session = await response.json();
|
|
35
|
-
if (!session?.authenticated) return null;
|
|
36
|
-
return session.session;
|
|
37
|
-
} catch (error) {
|
|
38
|
-
console.error("Error fetching session:", error);
|
|
39
|
-
return null;
|
|
40
|
-
}
|
|
41
|
-
};
|
|
42
|
-
const signIn = async (oauth, options2) => {
|
|
43
|
-
try {
|
|
44
|
-
const response = await client.get("/signIn/:oauth", {
|
|
45
|
-
params: {
|
|
46
|
-
oauth
|
|
47
|
-
},
|
|
48
|
-
searchParams: {
|
|
49
|
-
...options2,
|
|
50
|
-
redirect: false
|
|
51
|
-
}
|
|
52
|
-
});
|
|
53
|
-
const json = await response.json();
|
|
54
|
-
if ((options2?.redirect ?? true) && typeof window !== "undefined" && json?.signInURL) {
|
|
55
|
-
window.location.assign(json.signInURL);
|
|
56
|
-
}
|
|
57
|
-
return json;
|
|
58
|
-
} catch (error) {
|
|
59
|
-
console.error("Error during sign-in:", error);
|
|
60
|
-
return { redirect: false, signInURL: "/" };
|
|
61
|
-
}
|
|
62
|
-
};
|
|
63
|
-
const signOut = async (options2) => {
|
|
64
|
-
try {
|
|
65
|
-
const csrfToken = await getCSRFToken();
|
|
66
|
-
if (!csrfToken) {
|
|
67
|
-
throw new AuthClientError("Failed to fetch CSRF token for sign-out.");
|
|
68
|
-
}
|
|
69
|
-
const response = await client.post("/signOut", {
|
|
70
|
-
searchParams: {
|
|
71
|
-
redirectTo: options2?.redirectTo ?? "/",
|
|
72
|
-
token_type_hint: "session_token"
|
|
73
|
-
},
|
|
74
|
-
headers: {
|
|
75
|
-
"X-CSRF-Token": csrfToken
|
|
76
|
-
}
|
|
77
|
-
});
|
|
78
|
-
const json = await response.json();
|
|
79
|
-
if ((options2?.redirect ?? true) && typeof window !== "undefined" && json?.url) {
|
|
80
|
-
window.location.assign(json.url);
|
|
81
|
-
}
|
|
82
|
-
return json;
|
|
83
|
-
} catch (error) {
|
|
84
|
-
console.error("Error during sign-out:", error);
|
|
85
|
-
throw isNativeError(error) ? error : new AuthClientError("Sign-out failed.", "The sign-out request failed.", { cause: error });
|
|
86
|
-
}
|
|
87
|
-
};
|
|
88
|
-
return {
|
|
89
|
-
getSession,
|
|
90
|
-
signIn,
|
|
91
|
-
signOut
|
|
92
|
-
};
|
|
93
|
-
};
|
|
94
|
-
|
|
95
|
-
export {
|
|
96
|
-
createClient,
|
|
97
|
-
createAuthClient
|
|
98
|
-
};
|
package/dist/chunk-4YHJ4IEQ.js
DELETED
|
@@ -1,25 +0,0 @@
|
|
|
1
|
-
// src/oauth/bitbucket.ts
|
|
2
|
-
var bitbucket = (options) => {
|
|
3
|
-
return {
|
|
4
|
-
id: "bitbucket",
|
|
5
|
-
name: "Bitbucket",
|
|
6
|
-
authorizeURL: "https://bitbucket.org/site/oauth2/authorize",
|
|
7
|
-
accessToken: "https://bitbucket.org/site/oauth2/access_token",
|
|
8
|
-
userInfo: "https://api.bitbucket.org/2.0/user",
|
|
9
|
-
scope: "account email",
|
|
10
|
-
responseType: "code",
|
|
11
|
-
profile(profile) {
|
|
12
|
-
return {
|
|
13
|
-
sub: profile.uuid ?? profile.account_id,
|
|
14
|
-
name: profile.display_name ?? profile.nickname,
|
|
15
|
-
image: profile.links.avatar?.href,
|
|
16
|
-
email: void 0
|
|
17
|
-
};
|
|
18
|
-
},
|
|
19
|
-
...options
|
|
20
|
-
};
|
|
21
|
-
};
|
|
22
|
-
|
|
23
|
-
export {
|
|
24
|
-
bitbucket
|
|
25
|
-
};
|
package/dist/chunk-54CZPKR4.js
DELETED
|
@@ -1,25 +0,0 @@
|
|
|
1
|
-
// src/oauth/strava.ts
|
|
2
|
-
var strava = (options) => {
|
|
3
|
-
return {
|
|
4
|
-
id: "strava",
|
|
5
|
-
name: "Strava",
|
|
6
|
-
authorizeURL: "https://www.strava.com/oauth/authorize",
|
|
7
|
-
accessToken: "https://www.strava.com/oauth/token",
|
|
8
|
-
userInfo: "https://www.strava.com/api/v3/athlete",
|
|
9
|
-
scope: "read",
|
|
10
|
-
responseType: "code",
|
|
11
|
-
profile(profile) {
|
|
12
|
-
return {
|
|
13
|
-
sub: profile.id.toString(),
|
|
14
|
-
name: `${profile.firstname} ${profile.lastname}`,
|
|
15
|
-
image: profile.profile,
|
|
16
|
-
email: void 0
|
|
17
|
-
};
|
|
18
|
-
},
|
|
19
|
-
...options
|
|
20
|
-
};
|
|
21
|
-
};
|
|
22
|
-
|
|
23
|
-
export {
|
|
24
|
-
strava
|
|
25
|
-
};
|
package/dist/chunk-5LZ7TOM3.js
DELETED
|
@@ -1,25 +0,0 @@
|
|
|
1
|
-
// src/oauth/gitlab.ts
|
|
2
|
-
var gitlab = (options) => {
|
|
3
|
-
return {
|
|
4
|
-
id: "gitlab",
|
|
5
|
-
name: "GitLab",
|
|
6
|
-
authorizeURL: "https://gitlab.com/oauth/authorize",
|
|
7
|
-
accessToken: "https://gitlab.com/oauth/token",
|
|
8
|
-
userInfo: "https://gitlab.com/api/v4/user",
|
|
9
|
-
scope: "read_user",
|
|
10
|
-
responseType: "code",
|
|
11
|
-
profile(profile) {
|
|
12
|
-
return {
|
|
13
|
-
sub: profile.id.toString(),
|
|
14
|
-
name: profile.name ?? profile.username,
|
|
15
|
-
email: profile.email,
|
|
16
|
-
image: profile.avatar_url
|
|
17
|
-
};
|
|
18
|
-
},
|
|
19
|
-
...options
|
|
20
|
-
};
|
|
21
|
-
};
|
|
22
|
-
|
|
23
|
-
export {
|
|
24
|
-
gitlab
|
|
25
|
-
};
|
package/dist/chunk-5X7JZMEF.js
DELETED
|
File without changes
|
package/dist/chunk-7BE46WWS.js
DELETED
|
@@ -1,88 +0,0 @@
|
|
|
1
|
-
import {
|
|
2
|
-
fetchAsync
|
|
3
|
-
} from "./chunk-ZNCZVF6U.js";
|
|
4
|
-
import {
|
|
5
|
-
OAuthAccessTokenErrorResponse,
|
|
6
|
-
OAuthAccessTokenResponse
|
|
7
|
-
} from "./chunk-2A5B7GWR.js";
|
|
8
|
-
import {
|
|
9
|
-
AuthInternalError,
|
|
10
|
-
OAuthProtocolError
|
|
11
|
-
} from "./chunk-U5663F2U.js";
|
|
12
|
-
|
|
13
|
-
// src/actions/callback/access-token.ts
|
|
14
|
-
var createAccessToken = async (oauthConfig, redirectURI, code, codeVerifier, logger) => {
|
|
15
|
-
const { accessToken, clientId, clientSecret } = oauthConfig;
|
|
16
|
-
if (!clientId || !clientSecret || !redirectURI || !code || !codeVerifier || !accessToken) {
|
|
17
|
-
logger?.log("INVALID_OAUTH_CONFIGURATION", {
|
|
18
|
-
structuredData: {
|
|
19
|
-
has_client_id: Boolean(clientId),
|
|
20
|
-
has_client_secret: Boolean(clientSecret),
|
|
21
|
-
has_access_token: Boolean(accessToken),
|
|
22
|
-
has_redirect_uri: Boolean(redirectURI),
|
|
23
|
-
has_code: Boolean(code),
|
|
24
|
-
has_code_verifier: Boolean(codeVerifier)
|
|
25
|
-
}
|
|
26
|
-
});
|
|
27
|
-
throw new AuthInternalError("INVALID_OAUTH_CONFIGURATION", "The OAuth provider configuration is invalid.");
|
|
28
|
-
}
|
|
29
|
-
const tokenURL = typeof accessToken === "string" ? accessToken : accessToken.url;
|
|
30
|
-
const extraHeaders = typeof accessToken === "string" ? void 0 : accessToken.headers;
|
|
31
|
-
try {
|
|
32
|
-
logger?.log("OAUTH_ACCESS_TOKEN_REQUEST_INITIATED", {
|
|
33
|
-
structuredData: {
|
|
34
|
-
has_client_id: Boolean(clientId),
|
|
35
|
-
redirect_uri: redirectURI,
|
|
36
|
-
grant_type: "authorization_code"
|
|
37
|
-
}
|
|
38
|
-
});
|
|
39
|
-
const response = await fetchAsync(tokenURL, {
|
|
40
|
-
method: "POST",
|
|
41
|
-
headers: {
|
|
42
|
-
...extraHeaders ?? {},
|
|
43
|
-
Accept: "application/json",
|
|
44
|
-
"Content-Type": "application/x-www-form-urlencoded"
|
|
45
|
-
},
|
|
46
|
-
body: new URLSearchParams({
|
|
47
|
-
client_id: clientId,
|
|
48
|
-
client_secret: clientSecret,
|
|
49
|
-
code,
|
|
50
|
-
redirect_uri: redirectURI,
|
|
51
|
-
grant_type: "authorization_code",
|
|
52
|
-
code_verifier: codeVerifier
|
|
53
|
-
}).toString()
|
|
54
|
-
});
|
|
55
|
-
if (!response.ok) {
|
|
56
|
-
logger?.log("INVALID_OAUTH_ACCESS_TOKEN_RESPONSE");
|
|
57
|
-
throw new OAuthProtocolError("invalid_request", "Invalid access token response");
|
|
58
|
-
}
|
|
59
|
-
const json = await response.json();
|
|
60
|
-
const token = OAuthAccessTokenResponse.safeParse(json);
|
|
61
|
-
if (!token.success) {
|
|
62
|
-
const { success, data } = OAuthAccessTokenErrorResponse.safeParse(json);
|
|
63
|
-
if (!success) {
|
|
64
|
-
logger?.log("INVALID_OAUTH_ACCESS_TOKEN_RESPONSE");
|
|
65
|
-
throw new OAuthProtocolError("invalid_request", "Invalid access token response format");
|
|
66
|
-
}
|
|
67
|
-
logger?.log("OAUTH_ACCESS_TOKEN_ERROR", {
|
|
68
|
-
structuredData: {
|
|
69
|
-
error: data.error,
|
|
70
|
-
error_description: data.error_description ?? ""
|
|
71
|
-
}
|
|
72
|
-
});
|
|
73
|
-
throw new OAuthProtocolError("INVALID_ACCESS_TOKEN", "Failed to retrieve access token");
|
|
74
|
-
}
|
|
75
|
-
logger?.log("OAUTH_ACCESS_TOKEN_SUCCESS");
|
|
76
|
-
return token.data;
|
|
77
|
-
} catch (error) {
|
|
78
|
-
logger?.log("OAUTH_ACCESS_TOKEN_REQUEST_FAILED");
|
|
79
|
-
if (error instanceof Error) {
|
|
80
|
-
throw new OAuthProtocolError("server_error", "Failed to communicate with OAuth provider", "", { cause: error });
|
|
81
|
-
}
|
|
82
|
-
throw error;
|
|
83
|
-
}
|
|
84
|
-
};
|
|
85
|
-
|
|
86
|
-
export {
|
|
87
|
-
createAccessToken
|
|
88
|
-
};
|
package/dist/chunk-7YYXFKLR.js
DELETED
|
@@ -1,35 +0,0 @@
|
|
|
1
|
-
import {
|
|
2
|
-
getSession
|
|
3
|
-
} from "./chunk-CITNGXDA.js";
|
|
4
|
-
import {
|
|
5
|
-
expiredCookieAttributes
|
|
6
|
-
} from "./chunk-XY5R3EHH.js";
|
|
7
|
-
import {
|
|
8
|
-
AuthInternalError
|
|
9
|
-
} from "./chunk-U5663F2U.js";
|
|
10
|
-
import {
|
|
11
|
-
secureApiHeaders
|
|
12
|
-
} from "./chunk-EBAMFRB7.js";
|
|
13
|
-
|
|
14
|
-
// src/actions/session/session.ts
|
|
15
|
-
import { createEndpoint, HeadersBuilder } from "@aura-stack/router";
|
|
16
|
-
var sessionAction = createEndpoint("GET", "/session", async (ctx) => {
|
|
17
|
-
const {
|
|
18
|
-
request,
|
|
19
|
-
context: { cookies }
|
|
20
|
-
} = ctx;
|
|
21
|
-
try {
|
|
22
|
-
const session = await getSession({ ctx: ctx.context, headers: request.headers });
|
|
23
|
-
if (!session.authenticated) {
|
|
24
|
-
throw new AuthInternalError("INVALID_JWT_TOKEN", "Session not authenticated");
|
|
25
|
-
}
|
|
26
|
-
return Response.json(session, { headers: secureApiHeaders });
|
|
27
|
-
} catch (error) {
|
|
28
|
-
const headers = new HeadersBuilder(secureApiHeaders).setCookie(cookies.sessionToken.name, "", expiredCookieAttributes).toHeaders();
|
|
29
|
-
return Response.json({ session: null, authenticated: false }, { status: 401, headers });
|
|
30
|
-
}
|
|
31
|
-
});
|
|
32
|
-
|
|
33
|
-
export {
|
|
34
|
-
sessionAction
|
|
35
|
-
};
|
package/dist/chunk-C3A37LQC.js
DELETED
|
@@ -1,33 +0,0 @@
|
|
|
1
|
-
// src/oauth/atlassian.ts
|
|
2
|
-
var atlassian = (options) => {
|
|
3
|
-
return {
|
|
4
|
-
id: "atlassian",
|
|
5
|
-
name: "Atlassian",
|
|
6
|
-
authorize: {
|
|
7
|
-
url: "https://auth.atlassian.com/authorize",
|
|
8
|
-
params: {
|
|
9
|
-
audience: "api.atlassian.com",
|
|
10
|
-
scope: "read:me read:account",
|
|
11
|
-
prompt: "consent"
|
|
12
|
-
}
|
|
13
|
-
},
|
|
14
|
-
authorizeURL: "https://auth.atlassian.com/authorize",
|
|
15
|
-
accessToken: "https://auth.atlassian.com/oauth/token",
|
|
16
|
-
userInfo: "https://api.atlassian.com/me",
|
|
17
|
-
scope: "read:me read:account",
|
|
18
|
-
responseType: "code",
|
|
19
|
-
profile(profile) {
|
|
20
|
-
return {
|
|
21
|
-
sub: profile.account_id,
|
|
22
|
-
name: profile.name,
|
|
23
|
-
email: profile.email,
|
|
24
|
-
image: profile.picture
|
|
25
|
-
};
|
|
26
|
-
},
|
|
27
|
-
...options
|
|
28
|
-
};
|
|
29
|
-
};
|
|
30
|
-
|
|
31
|
-
export {
|
|
32
|
-
atlassian
|
|
33
|
-
};
|
package/dist/chunk-CITNGXDA.js
DELETED
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
import {
|
|
2
|
-
getErrorName,
|
|
3
|
-
toISOString
|
|
4
|
-
} from "./chunk-LX3TJ2TJ.js";
|
|
5
|
-
import {
|
|
6
|
-
getCookie
|
|
7
|
-
} from "./chunk-XY5R3EHH.js";
|
|
8
|
-
|
|
9
|
-
// src/api/getSession.ts
|
|
10
|
-
var getSession = async ({ ctx, headers }) => {
|
|
11
|
-
try {
|
|
12
|
-
const session = getCookie(new Headers(headers), ctx.cookies.sessionToken.name);
|
|
13
|
-
const decoded = await ctx.jose.decodeJWT(session);
|
|
14
|
-
ctx?.logger?.log("AUTH_SESSION_VALID");
|
|
15
|
-
const { exp, iat, jti, nbf, aud, iss, ...user } = decoded;
|
|
16
|
-
return {
|
|
17
|
-
session: {
|
|
18
|
-
user,
|
|
19
|
-
expires: toISOString(exp * 1e3)
|
|
20
|
-
},
|
|
21
|
-
authenticated: true
|
|
22
|
-
};
|
|
23
|
-
} catch (error) {
|
|
24
|
-
ctx?.logger?.log("AUTH_SESSION_INVALID", { structuredData: { error_type: getErrorName(error) } });
|
|
25
|
-
return { session: null, authenticated: false };
|
|
26
|
-
}
|
|
27
|
-
};
|
|
28
|
-
|
|
29
|
-
export {
|
|
30
|
-
getSession
|
|
31
|
-
};
|
package/dist/chunk-CWX724AG.js
DELETED
|
@@ -1,78 +0,0 @@
|
|
|
1
|
-
import {
|
|
2
|
-
callbackAction
|
|
3
|
-
} from "./chunk-NHZBQNRR.js";
|
|
4
|
-
import {
|
|
5
|
-
csrfTokenAction
|
|
6
|
-
} from "./chunk-FPCVZUVG.js";
|
|
7
|
-
import {
|
|
8
|
-
signInAction
|
|
9
|
-
} from "./chunk-UN7X6SU5.js";
|
|
10
|
-
import {
|
|
11
|
-
sessionAction
|
|
12
|
-
} from "./chunk-7YYXFKLR.js";
|
|
13
|
-
import {
|
|
14
|
-
signOutAction
|
|
15
|
-
} from "./chunk-3J5TUH2I.js";
|
|
16
|
-
import {
|
|
17
|
-
createAuthAPI
|
|
18
|
-
} from "./chunk-LAYPUDQF.js";
|
|
19
|
-
import {
|
|
20
|
-
createContext
|
|
21
|
-
} from "./chunk-2IR674WX.js";
|
|
22
|
-
import {
|
|
23
|
-
createErrorHandler,
|
|
24
|
-
useSecureCookies
|
|
25
|
-
} from "./chunk-LX3TJ2TJ.js";
|
|
26
|
-
|
|
27
|
-
// src/createAuth.ts
|
|
28
|
-
import { createRouter } from "@aura-stack/router";
|
|
29
|
-
var createInternalConfig = (authConfig) => {
|
|
30
|
-
const context = createContext(authConfig);
|
|
31
|
-
return {
|
|
32
|
-
basePath: authConfig?.basePath ?? "/auth",
|
|
33
|
-
onError: createErrorHandler(context.logger),
|
|
34
|
-
context,
|
|
35
|
-
use: [
|
|
36
|
-
(ctx) => {
|
|
37
|
-
const useSecure = useSecureCookies(ctx.request, ctx.context.trustedProxyHeaders);
|
|
38
|
-
ctx.context.cookies = useSecure ? context.cookieConfig.secure : context.cookieConfig.standard;
|
|
39
|
-
return ctx;
|
|
40
|
-
}
|
|
41
|
-
]
|
|
42
|
-
};
|
|
43
|
-
};
|
|
44
|
-
var createAuthInstance = (authConfig) => {
|
|
45
|
-
const config = createInternalConfig(authConfig);
|
|
46
|
-
const router = createRouter(
|
|
47
|
-
[signInAction(config.context.oauth), callbackAction(config.context.oauth), sessionAction, signOutAction, csrfTokenAction],
|
|
48
|
-
config
|
|
49
|
-
);
|
|
50
|
-
return {
|
|
51
|
-
handlers: router,
|
|
52
|
-
jose: config.context.jose,
|
|
53
|
-
api: createAuthAPI(config.context)
|
|
54
|
-
};
|
|
55
|
-
};
|
|
56
|
-
var createAuth = (config) => {
|
|
57
|
-
const authInstance = createAuthInstance(config);
|
|
58
|
-
authInstance.handlers.ALL = async (request) => {
|
|
59
|
-
const method = request.method.toUpperCase();
|
|
60
|
-
const methodHandlers = {
|
|
61
|
-
GET: authInstance.handlers.GET,
|
|
62
|
-
POST: authInstance.handlers.POST
|
|
63
|
-
};
|
|
64
|
-
if (method in methodHandlers) {
|
|
65
|
-
return await methodHandlers[method](request);
|
|
66
|
-
}
|
|
67
|
-
return new Response("Method Not Allowed", {
|
|
68
|
-
status: 405,
|
|
69
|
-
headers: { Allow: Object.keys(methodHandlers).join(", ") }
|
|
70
|
-
});
|
|
71
|
-
};
|
|
72
|
-
return authInstance;
|
|
73
|
-
};
|
|
74
|
-
|
|
75
|
-
export {
|
|
76
|
-
createAuthInstance,
|
|
77
|
-
createAuth
|
|
78
|
-
};
|
package/dist/chunk-D2CSIUKP.js
DELETED
|
@@ -1,74 +0,0 @@
|
|
|
1
|
-
import {
|
|
2
|
-
createPKCE,
|
|
3
|
-
createSecretValue
|
|
4
|
-
} from "./chunk-V6LLEAR4.js";
|
|
5
|
-
import {
|
|
6
|
-
OAuthAuthorization
|
|
7
|
-
} from "./chunk-2A5B7GWR.js";
|
|
8
|
-
import {
|
|
9
|
-
AuthInternalError
|
|
10
|
-
} from "./chunk-U5663F2U.js";
|
|
11
|
-
|
|
12
|
-
// src/actions/signIn/authorization-url.ts
|
|
13
|
-
var setSearchParams = (url, params) => {
|
|
14
|
-
for (const [key, value] of Object.entries(params)) {
|
|
15
|
-
if (value !== void 0 && value !== "") {
|
|
16
|
-
url.searchParams.set(key, value);
|
|
17
|
-
}
|
|
18
|
-
}
|
|
19
|
-
};
|
|
20
|
-
var buildAuthorizationURL = (oauth, redirect_uri, state, code_challenge, code_challenge_method) => {
|
|
21
|
-
const authorizeConfig = oauth.authorize;
|
|
22
|
-
const baseURL = typeof authorizeConfig === "string" ? authorizeConfig : authorizeConfig?.url ?? oauth.authorizeURL;
|
|
23
|
-
if (!baseURL) {
|
|
24
|
-
throw new AuthInternalError("INVALID_OAUTH_CONFIGURATION", "Missing authorization URL in OAuth provider configuration.");
|
|
25
|
-
}
|
|
26
|
-
const url = new URL(baseURL);
|
|
27
|
-
const authorizeParams = typeof authorizeConfig === "string" ? void 0 : authorizeConfig?.params;
|
|
28
|
-
setSearchParams(url, {
|
|
29
|
-
response_type: authorizeParams?.responseType ?? oauth.responseType ?? "code",
|
|
30
|
-
client_id: oauth.clientId,
|
|
31
|
-
redirect_uri,
|
|
32
|
-
state,
|
|
33
|
-
code_challenge,
|
|
34
|
-
code_challenge_method,
|
|
35
|
-
scope: authorizeParams?.scope ?? oauth.scope,
|
|
36
|
-
prompt: authorizeParams?.prompt,
|
|
37
|
-
response_mode: authorizeParams?.responseMode,
|
|
38
|
-
login_hint: authorizeParams?.loginHint,
|
|
39
|
-
nonce: authorizeParams?.nonce,
|
|
40
|
-
display: authorizeParams?.display,
|
|
41
|
-
audience: authorizeParams?.audience
|
|
42
|
-
});
|
|
43
|
-
return url.toString();
|
|
44
|
-
};
|
|
45
|
-
var createAuthorizationURL = async (oauth, redirectURI, ctx) => {
|
|
46
|
-
const state = createSecretValue();
|
|
47
|
-
const { codeVerifier, codeChallenge, method } = await createPKCE();
|
|
48
|
-
const authorization = buildAuthorizationURL(oauth, redirectURI, state, codeChallenge, method);
|
|
49
|
-
const parsed = OAuthAuthorization.safeParse({ ...oauth, redirectURI, state, codeChallenge, codeChallengeMethod: method });
|
|
50
|
-
if (!parsed.success) {
|
|
51
|
-
ctx?.logger?.log("INVALID_OAUTH_CONFIGURATION", {
|
|
52
|
-
structuredData: {
|
|
53
|
-
scope: oauth?.scope ?? "",
|
|
54
|
-
redirect_uri: redirectURI,
|
|
55
|
-
has_state: Boolean(state),
|
|
56
|
-
has_code_challenge: Boolean(codeChallenge),
|
|
57
|
-
code_challenge_method: method
|
|
58
|
-
}
|
|
59
|
-
});
|
|
60
|
-
throw new AuthInternalError("INVALID_OAUTH_CONFIGURATION", "The OAuth provider configuration is invalid.");
|
|
61
|
-
}
|
|
62
|
-
return {
|
|
63
|
-
authorization,
|
|
64
|
-
state,
|
|
65
|
-
codeVerifier,
|
|
66
|
-
method
|
|
67
|
-
};
|
|
68
|
-
};
|
|
69
|
-
|
|
70
|
-
export {
|
|
71
|
-
setSearchParams,
|
|
72
|
-
buildAuthorizationURL,
|
|
73
|
-
createAuthorizationURL
|
|
74
|
-
};
|
package/dist/chunk-E6G5YCI6.js
DELETED
|
@@ -1,25 +0,0 @@
|
|
|
1
|
-
// src/oauth/pinterest.ts
|
|
2
|
-
var pinterest = (options) => {
|
|
3
|
-
return {
|
|
4
|
-
id: "pinterest",
|
|
5
|
-
name: "Pinterest",
|
|
6
|
-
authorizeURL: "https://www.pinterest.com/oauth",
|
|
7
|
-
accessToken: "https://api.pinterest.com/v5/oauth/token",
|
|
8
|
-
userInfo: "https://api.pinterest.com/v5/user_account",
|
|
9
|
-
scope: "user_accounts:read",
|
|
10
|
-
responseType: "code",
|
|
11
|
-
profile(profile) {
|
|
12
|
-
return {
|
|
13
|
-
sub: profile.id,
|
|
14
|
-
name: profile.username,
|
|
15
|
-
image: profile.profile_image,
|
|
16
|
-
email: void 0
|
|
17
|
-
};
|
|
18
|
-
},
|
|
19
|
-
...options
|
|
20
|
-
};
|
|
21
|
-
};
|
|
22
|
-
|
|
23
|
-
export {
|
|
24
|
-
pinterest
|
|
25
|
-
};
|