@bagelink/auth 1.4.178 → 1.4.180
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +11 -8
- package/dist/index.cjs +461 -34
- package/dist/index.d.cts +291 -8
- package/dist/index.d.mts +291 -8
- package/dist/index.d.ts +291 -8
- package/dist/index.mjs +450 -35
- package/package.json +1 -1
- package/src/api.ts +54 -36
- package/src/index.ts +1 -0
- package/src/sso.ts +565 -0
- package/src/types.ts +33 -2
- package/src/useAuth.ts +87 -5
- package/src/utils.ts +3 -3
package/dist/index.d.mts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { AxiosResponse
|
|
1
|
+
import { AxiosResponse } from 'axios';
|
|
2
2
|
import * as vue from 'vue';
|
|
3
3
|
import { App } from 'vue';
|
|
4
4
|
|
|
@@ -27,6 +27,7 @@ interface AuthEventMap {
|
|
|
27
27
|
}
|
|
28
28
|
type AuthenticationAccountType = 'person' | 'entity' | 'service';
|
|
29
29
|
type AuthenticationMethodType = 'password' | 'email_token' | 'sso' | 'otp';
|
|
30
|
+
type SSOProvider = 'google' | 'microsoft' | 'github' | 'okta' | 'apple' | 'facebook';
|
|
30
31
|
interface AuthenticationAccount {
|
|
31
32
|
created_at?: string;
|
|
32
33
|
updated_at?: string;
|
|
@@ -171,12 +172,33 @@ interface OTPMetadata {
|
|
|
171
172
|
};
|
|
172
173
|
}
|
|
173
174
|
interface SSOMetadata {
|
|
174
|
-
provider:
|
|
175
|
+
provider: SSOProvider;
|
|
175
176
|
sso_user_info: {
|
|
176
177
|
[key: string]: any;
|
|
177
178
|
};
|
|
178
179
|
can_create_account?: boolean;
|
|
179
180
|
}
|
|
181
|
+
interface SSOInitiateRequest {
|
|
182
|
+
provider: SSOProvider;
|
|
183
|
+
redirect_uri?: string;
|
|
184
|
+
state?: string;
|
|
185
|
+
scopes?: string[];
|
|
186
|
+
params?: Record<string, string>;
|
|
187
|
+
code_challenge?: string;
|
|
188
|
+
code_challenge_method?: 'S256' | 'plain';
|
|
189
|
+
}
|
|
190
|
+
interface SSOCallbackRequest {
|
|
191
|
+
provider: SSOProvider;
|
|
192
|
+
code: string;
|
|
193
|
+
state?: string;
|
|
194
|
+
}
|
|
195
|
+
interface SSOLinkRequest {
|
|
196
|
+
provider: SSOProvider;
|
|
197
|
+
code: string;
|
|
198
|
+
}
|
|
199
|
+
interface SSOUnlinkRequest {
|
|
200
|
+
provider: SSOProvider;
|
|
201
|
+
}
|
|
180
202
|
interface AuthenticationResponse {
|
|
181
203
|
success: boolean;
|
|
182
204
|
account_id?: string;
|
|
@@ -215,6 +237,12 @@ type DeleteSessionResponse = AxiosResponse<MessageResponse>;
|
|
|
215
237
|
type DeleteAllSessionsResponse = AxiosResponse<MessageResponse>;
|
|
216
238
|
type CleanupSessionsResponse = AxiosResponse<MessageResponse>;
|
|
217
239
|
type GetMethodsResponse = AxiosResponse<AvailableMethodsResponse>;
|
|
240
|
+
type SSOInitiateResponse = AxiosResponse<{
|
|
241
|
+
authorization_url: string;
|
|
242
|
+
}>;
|
|
243
|
+
type SSOCallbackResponse = AxiosResponse<AuthenticationResponse>;
|
|
244
|
+
type SSOLinkResponse = AxiosResponse<MessageResponse>;
|
|
245
|
+
type SSOUnlinkResponse = AxiosResponse<MessageResponse>;
|
|
218
246
|
/**
|
|
219
247
|
* Extract unified user from account info
|
|
220
248
|
*/
|
|
@@ -222,7 +250,7 @@ declare function accountToUser(account: AccountInfo | null): User | null;
|
|
|
222
250
|
|
|
223
251
|
declare class AuthApi {
|
|
224
252
|
private api;
|
|
225
|
-
constructor(
|
|
253
|
+
constructor(baseURL?: string);
|
|
226
254
|
private setupInterceptors;
|
|
227
255
|
/**
|
|
228
256
|
* Get available authentication methods
|
|
@@ -244,6 +272,23 @@ declare class AuthApi {
|
|
|
244
272
|
* Refresh current session
|
|
245
273
|
*/
|
|
246
274
|
refreshSession(): Promise<RefreshSessionResponse>;
|
|
275
|
+
/**
|
|
276
|
+
* Initiate SSO login flow
|
|
277
|
+
* Returns authorization URL to redirect user to
|
|
278
|
+
*/
|
|
279
|
+
initiateSSO(data: SSOInitiateRequest): Promise<SSOInitiateResponse>;
|
|
280
|
+
/**
|
|
281
|
+
* Complete SSO login after callback from provider
|
|
282
|
+
*/
|
|
283
|
+
ssoCallback(data: SSOCallbackRequest): Promise<SSOCallbackResponse>;
|
|
284
|
+
/**
|
|
285
|
+
* Link an SSO provider to existing account
|
|
286
|
+
*/
|
|
287
|
+
linkSSOProvider(data: SSOLinkRequest): Promise<SSOLinkResponse>;
|
|
288
|
+
/**
|
|
289
|
+
* Unlink an SSO provider from account
|
|
290
|
+
*/
|
|
291
|
+
unlinkSSOProvider(provider: SSOProvider): Promise<SSOUnlinkResponse>;
|
|
247
292
|
/**
|
|
248
293
|
* Get current user account info
|
|
249
294
|
*/
|
|
@@ -318,9 +363,217 @@ declare class AuthApi {
|
|
|
318
363
|
cleanupSessions(): Promise<CleanupSessionsResponse>;
|
|
319
364
|
}
|
|
320
365
|
|
|
321
|
-
|
|
322
|
-
|
|
323
|
-
|
|
366
|
+
/**
|
|
367
|
+
* Set the auth context for SSO operations
|
|
368
|
+
* This is called automatically when using useAuth()
|
|
369
|
+
*/
|
|
370
|
+
declare function setAuthContext(authApi: any): void;
|
|
371
|
+
/**
|
|
372
|
+
* SSO Provider Configuration
|
|
373
|
+
*/
|
|
374
|
+
interface SSOProviderConfig {
|
|
375
|
+
/** Provider identifier */
|
|
376
|
+
id: SSOProvider;
|
|
377
|
+
/** Display name */
|
|
378
|
+
name: string;
|
|
379
|
+
/** Brand color (hex) */
|
|
380
|
+
color: string;
|
|
381
|
+
/** Icon identifier (for UI libraries) */
|
|
382
|
+
icon: string;
|
|
383
|
+
/** Default OAuth scopes */
|
|
384
|
+
defaultScopes: string[];
|
|
385
|
+
/** Provider-specific metadata */
|
|
386
|
+
metadata?: {
|
|
387
|
+
authDomain?: string;
|
|
388
|
+
buttonText?: string;
|
|
389
|
+
[key: string]: any;
|
|
390
|
+
};
|
|
391
|
+
}
|
|
392
|
+
/**
|
|
393
|
+
* OAuth Flow Options
|
|
394
|
+
*/
|
|
395
|
+
interface OAuthFlowOptions {
|
|
396
|
+
/** Custom redirect URI (defaults to current origin + /auth/callback) */
|
|
397
|
+
redirectUri?: string;
|
|
398
|
+
/** State parameter for CSRF protection (auto-generated if not provided) */
|
|
399
|
+
state?: string;
|
|
400
|
+
/** Custom scopes (overrides provider defaults) */
|
|
401
|
+
scopes?: string[];
|
|
402
|
+
/** Additional OAuth parameters (prompt, login_hint, hd, domain, etc.) */
|
|
403
|
+
params?: Record<string, string>;
|
|
404
|
+
/** Popup window dimensions */
|
|
405
|
+
popupDimensions?: {
|
|
406
|
+
width?: number;
|
|
407
|
+
height?: number;
|
|
408
|
+
};
|
|
409
|
+
/** Timeout for popup flow in milliseconds (default: 90000) */
|
|
410
|
+
popupTimeout?: number;
|
|
411
|
+
}
|
|
412
|
+
/**
|
|
413
|
+
* Popup Result
|
|
414
|
+
*/
|
|
415
|
+
interface PopupResult {
|
|
416
|
+
code: string;
|
|
417
|
+
state?: string;
|
|
418
|
+
error?: string;
|
|
419
|
+
}
|
|
420
|
+
/**
|
|
421
|
+
* SSO Error Types
|
|
422
|
+
*/
|
|
423
|
+
declare class SSOError extends Error {
|
|
424
|
+
code: string;
|
|
425
|
+
constructor(message: string, code: string);
|
|
426
|
+
}
|
|
427
|
+
declare class PopupBlockedError extends SSOError {
|
|
428
|
+
constructor();
|
|
429
|
+
}
|
|
430
|
+
declare class PopupClosedError extends SSOError {
|
|
431
|
+
constructor();
|
|
432
|
+
}
|
|
433
|
+
declare class PopupTimeoutError extends SSOError {
|
|
434
|
+
constructor();
|
|
435
|
+
}
|
|
436
|
+
declare class StateMismatchError extends SSOError {
|
|
437
|
+
constructor();
|
|
438
|
+
}
|
|
439
|
+
/**
|
|
440
|
+
* SSO Provider Instance with functional methods
|
|
441
|
+
*/
|
|
442
|
+
interface SSOProviderInstance extends SSOProviderConfig {
|
|
443
|
+
/**
|
|
444
|
+
* Initiate OAuth flow with redirect (most common)
|
|
445
|
+
* User is redirected to provider's authorization page
|
|
446
|
+
*/
|
|
447
|
+
redirect: (options?: OAuthFlowOptions) => Promise<void>;
|
|
448
|
+
/**
|
|
449
|
+
* Initiate OAuth flow in a popup window
|
|
450
|
+
* Returns the authorization code without leaving the page
|
|
451
|
+
*/
|
|
452
|
+
popup: (options?: OAuthFlowOptions) => Promise<AuthenticationResponse>;
|
|
453
|
+
/**
|
|
454
|
+
* Complete OAuth flow after callback
|
|
455
|
+
* Call this on your callback page
|
|
456
|
+
*/
|
|
457
|
+
callback: (code: string, state?: string) => Promise<AuthenticationResponse>;
|
|
458
|
+
/**
|
|
459
|
+
* Link this provider to the current logged-in user
|
|
460
|
+
*/
|
|
461
|
+
link: (code: string) => Promise<void>;
|
|
462
|
+
/**
|
|
463
|
+
* Unlink this provider from the current user
|
|
464
|
+
*/
|
|
465
|
+
unlink: () => Promise<void>;
|
|
466
|
+
/**
|
|
467
|
+
* Get authorization URL without redirecting
|
|
468
|
+
*/
|
|
469
|
+
getAuthUrl: (options?: OAuthFlowOptions) => Promise<string>;
|
|
470
|
+
/**
|
|
471
|
+
* Whether this provider supports popup flow
|
|
472
|
+
* Some providers (like Apple) work better with redirect
|
|
473
|
+
*/
|
|
474
|
+
supportsPopup?: boolean;
|
|
475
|
+
}
|
|
476
|
+
/**
|
|
477
|
+
* SSO Provider Implementations
|
|
478
|
+
*/
|
|
479
|
+
declare const sso: {
|
|
480
|
+
/**
|
|
481
|
+
* Google OAuth Provider
|
|
482
|
+
* https://developers.google.com/identity/protocols/oauth2
|
|
483
|
+
*/
|
|
484
|
+
google: SSOProviderInstance;
|
|
485
|
+
/**
|
|
486
|
+
* Microsoft OAuth Provider (Azure AD / Microsoft Entra ID)
|
|
487
|
+
* https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
|
|
488
|
+
*/
|
|
489
|
+
microsoft: SSOProviderInstance;
|
|
490
|
+
/**
|
|
491
|
+
* GitHub OAuth Provider
|
|
492
|
+
* https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps
|
|
493
|
+
*/
|
|
494
|
+
github: SSOProviderInstance;
|
|
495
|
+
/**
|
|
496
|
+
* Okta OAuth Provider
|
|
497
|
+
* https://developer.okta.com/docs/guides/implement-grant-type/authcode/main/
|
|
498
|
+
*/
|
|
499
|
+
okta: SSOProviderInstance;
|
|
500
|
+
/**
|
|
501
|
+
* Apple Sign In Provider
|
|
502
|
+
* https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api
|
|
503
|
+
* Note: Apple works best with redirect flow on web
|
|
504
|
+
*/
|
|
505
|
+
apple: {
|
|
506
|
+
supportsPopup: boolean;
|
|
507
|
+
popup(options?: OAuthFlowOptions): Promise<any>;
|
|
508
|
+
/**
|
|
509
|
+
* Initiate OAuth flow with redirect (most common)
|
|
510
|
+
* User is redirected to provider's authorization page
|
|
511
|
+
*/
|
|
512
|
+
redirect: (options?: OAuthFlowOptions) => Promise<void>;
|
|
513
|
+
/**
|
|
514
|
+
* Complete OAuth flow after callback
|
|
515
|
+
* Call this on your callback page
|
|
516
|
+
*/
|
|
517
|
+
callback: (code: string, state?: string) => Promise<AuthenticationResponse>;
|
|
518
|
+
/**
|
|
519
|
+
* Link this provider to the current logged-in user
|
|
520
|
+
*/
|
|
521
|
+
link: (code: string) => Promise<void>;
|
|
522
|
+
/**
|
|
523
|
+
* Unlink this provider from the current user
|
|
524
|
+
*/
|
|
525
|
+
unlink: () => Promise<void>;
|
|
526
|
+
/**
|
|
527
|
+
* Get authorization URL without redirecting
|
|
528
|
+
*/
|
|
529
|
+
getAuthUrl: (options?: OAuthFlowOptions) => Promise<string>;
|
|
530
|
+
/** Provider identifier */
|
|
531
|
+
id: SSOProvider;
|
|
532
|
+
/** Display name */
|
|
533
|
+
name: string;
|
|
534
|
+
/** Brand color (hex) */
|
|
535
|
+
color: string;
|
|
536
|
+
/** Icon identifier (for UI libraries) */
|
|
537
|
+
icon: string;
|
|
538
|
+
/** Default OAuth scopes */
|
|
539
|
+
defaultScopes: string[];
|
|
540
|
+
/** Provider-specific metadata */
|
|
541
|
+
metadata?: {
|
|
542
|
+
authDomain?: string;
|
|
543
|
+
buttonText?: string;
|
|
544
|
+
[key: string]: any;
|
|
545
|
+
};
|
|
546
|
+
};
|
|
547
|
+
/**
|
|
548
|
+
* Facebook OAuth Provider
|
|
549
|
+
* https://developers.facebook.com/docs/facebook-login/guides/advanced/manual-flow
|
|
550
|
+
*/
|
|
551
|
+
facebook: SSOProviderInstance;
|
|
552
|
+
};
|
|
553
|
+
/**
|
|
554
|
+
* Array of all SSO providers
|
|
555
|
+
*/
|
|
556
|
+
declare const ssoProviders: readonly SSOProviderInstance[];
|
|
557
|
+
/**
|
|
558
|
+
* Get SSO provider instance by ID
|
|
559
|
+
*/
|
|
560
|
+
declare function getSSOProvider(provider: SSOProvider): SSOProviderInstance | undefined;
|
|
561
|
+
/**
|
|
562
|
+
* Get all available SSO providers
|
|
563
|
+
*/
|
|
564
|
+
declare function getAllSSOProviders(): readonly SSOProviderInstance[];
|
|
565
|
+
/**
|
|
566
|
+
* Check if a provider is supported
|
|
567
|
+
*/
|
|
568
|
+
declare function isSupportedProvider(provider: string): provider is SSOProvider;
|
|
569
|
+
/**
|
|
570
|
+
* Handle OAuth callback from URL
|
|
571
|
+
* Call this on your callback page to automatically detect and process the callback
|
|
572
|
+
*/
|
|
573
|
+
declare function handleOAuthCallback(): Promise<AuthenticationResponse | null>;
|
|
574
|
+
|
|
575
|
+
declare function initAuth({ baseURL, }: {
|
|
576
|
+
baseURL: string;
|
|
324
577
|
}): {
|
|
325
578
|
on<K extends AuthState>(event: K, handler: AuthEventMap[K]): void;
|
|
326
579
|
off<K extends AuthState>(event: K, handler: AuthEventMap[K]): void;
|
|
@@ -384,6 +637,32 @@ declare function useAuth(): {
|
|
|
384
637
|
metadata?: Record<string, any> | undefined;
|
|
385
638
|
} | undefined;
|
|
386
639
|
} | null>;
|
|
640
|
+
sso: {
|
|
641
|
+
google: SSOProviderInstance;
|
|
642
|
+
microsoft: SSOProviderInstance;
|
|
643
|
+
github: SSOProviderInstance;
|
|
644
|
+
okta: SSOProviderInstance;
|
|
645
|
+
apple: {
|
|
646
|
+
supportsPopup: boolean;
|
|
647
|
+
popup(options?: OAuthFlowOptions): Promise<any>;
|
|
648
|
+
redirect: (options?: OAuthFlowOptions) => Promise<void>;
|
|
649
|
+
callback: (code: string, state?: string) => Promise<AuthenticationResponse>;
|
|
650
|
+
link: (code: string) => Promise<void>;
|
|
651
|
+
unlink: () => Promise<void>;
|
|
652
|
+
getAuthUrl: (options?: OAuthFlowOptions) => Promise<string>;
|
|
653
|
+
id: SSOProvider;
|
|
654
|
+
name: string;
|
|
655
|
+
color: string;
|
|
656
|
+
icon: string;
|
|
657
|
+
defaultScopes: string[];
|
|
658
|
+
metadata?: {
|
|
659
|
+
authDomain?: string;
|
|
660
|
+
buttonText?: string;
|
|
661
|
+
[key: string]: any;
|
|
662
|
+
};
|
|
663
|
+
};
|
|
664
|
+
facebook: SSOProviderInstance;
|
|
665
|
+
};
|
|
387
666
|
getFullName: () => string;
|
|
388
667
|
getIsLoggedIn: () => boolean;
|
|
389
668
|
getEmail: () => string;
|
|
@@ -399,6 +678,10 @@ declare function useAuth(): {
|
|
|
399
678
|
signup: (newUser: NewUser) => Promise<AuthenticationResponse>;
|
|
400
679
|
checkAuth: () => Promise<boolean>;
|
|
401
680
|
refreshSession: () => Promise<void>;
|
|
681
|
+
initiateSSO: (params: SSOInitiateRequest) => Promise<string>;
|
|
682
|
+
loginWithSSO: (params: SSOCallbackRequest) => Promise<AuthenticationResponse>;
|
|
683
|
+
linkSSOProvider: (params: SSOLinkRequest) => Promise<void>;
|
|
684
|
+
unlinkSSOProvider: (provider: SSOProvider) => Promise<void>;
|
|
402
685
|
updateProfile: (updates: UpdateAccountRequest) => Promise<void>;
|
|
403
686
|
deleteCurrentUser: () => Promise<void>;
|
|
404
687
|
changePassword: (form: UpdatePasswordForm) => Promise<void>;
|
|
@@ -415,5 +698,5 @@ declare function useAuth(): {
|
|
|
415
698
|
revokeAllSessions: (accountId?: string) => Promise<void>;
|
|
416
699
|
};
|
|
417
700
|
|
|
418
|
-
export { AuthApi, AuthState, accountToUser, initAuth, useAuth };
|
|
419
|
-
export type { AccountInfo, ActivateAccountResponse, AuthEventHandler, AuthEventMap, AuthMethodInfo, AuthStatusResponse, AuthenticationAccount, AuthenticationAccountType, AuthenticationMethodType, AuthenticationResponse, AvailableMethodsResponse, ChangePasswordRequest, ChangePasswordResponse, CleanupSessionsResponse, DeactivateAccountResponse, DeleteAccountResponse, DeleteAllSessionsResponse, DeleteMeResponse, DeleteSessionResponse, EntityInfo, ForgotPasswordRequest, ForgotPasswordResponse, GetAccountResponse, GetMeResponse, GetMethodsResponse, GetSessionsResponse, LoginResponse, LogoutResponse, MessageResponse, NewUser, OTPMetadata, PasswordLoginRequest, PersonInfo, RefreshSessionResponse, RegisterRequest, RegisterResponse, ResetPasswordRequest, ResetPasswordResponse, SSOMetadata, SendVerificationRequest, SendVerificationResponse, SessionInfo, SessionListResponse, UpdateAccountRequest, UpdateAccountResponse, UpdateMeResponse, UpdatePasswordForm, User, VerifyEmailRequest, VerifyEmailResponse, VerifyResetTokenResponse };
|
|
701
|
+
export { AuthApi, AuthState, PopupBlockedError, PopupClosedError, PopupTimeoutError, SSOError, StateMismatchError, accountToUser, getAllSSOProviders, getSSOProvider, handleOAuthCallback, initAuth, isSupportedProvider, setAuthContext, sso, ssoProviders, useAuth };
|
|
702
|
+
export type { AccountInfo, ActivateAccountResponse, AuthEventHandler, AuthEventMap, AuthMethodInfo, AuthStatusResponse, AuthenticationAccount, AuthenticationAccountType, AuthenticationMethodType, AuthenticationResponse, AvailableMethodsResponse, ChangePasswordRequest, ChangePasswordResponse, CleanupSessionsResponse, DeactivateAccountResponse, DeleteAccountResponse, DeleteAllSessionsResponse, DeleteMeResponse, DeleteSessionResponse, EntityInfo, ForgotPasswordRequest, ForgotPasswordResponse, GetAccountResponse, GetMeResponse, GetMethodsResponse, GetSessionsResponse, LoginResponse, LogoutResponse, MessageResponse, NewUser, OAuthFlowOptions, OTPMetadata, PasswordLoginRequest, PersonInfo, PopupResult, RefreshSessionResponse, RegisterRequest, RegisterResponse, ResetPasswordRequest, ResetPasswordResponse, SSOCallbackRequest, SSOCallbackResponse, SSOInitiateRequest, SSOInitiateResponse, SSOLinkRequest, SSOLinkResponse, SSOMetadata, SSOProvider, SSOProviderConfig, SSOProviderInstance, SSOUnlinkRequest, SSOUnlinkResponse, SendVerificationRequest, SendVerificationResponse, SessionInfo, SessionListResponse, UpdateAccountRequest, UpdateAccountResponse, UpdateMeResponse, UpdatePasswordForm, User, VerifyEmailRequest, VerifyEmailResponse, VerifyResetTokenResponse };
|