npm - @bagelink/auth - Versions diffs - 1.4.178 → 1.4.182 - Mend

@bagelink/auth 1.4.178 → 1.4.182

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/dist/index.d.cts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { AxiosResponse, AxiosInstance } from 'axios';
+import { AxiosResponse } from 'axios';
 import * as vue from 'vue';
 import { App } from 'vue';
@@ -27,6 +27,7 @@ interface AuthEventMap {
 }
 type AuthenticationAccountType = 'person' | 'entity' | 'service';
 type AuthenticationMethodType = 'password' | 'email_token' | 'sso' | 'otp';
+type SSOProvider = 'google' | 'microsoft' | 'github' | 'okta' | 'apple' | 'facebook';
 interface AuthenticationAccount {
     created_at?: string;
     updated_at?: string;
@@ -55,6 +56,8 @@ interface AuthMethodInfo {
     is_verified: boolean;
     last_used?: string;
     use_count: number;
+    provider?: SSOProvider;
+    provider_user_id?: string;
 }
 interface AccountInfo {
     id: string;
@@ -171,12 +174,33 @@ interface OTPMetadata {
     };
 }
 interface SSOMetadata {
-    provider: string;
+    provider: SSOProvider;
     sso_user_info: {
         [key: string]: any;
     };
     can_create_account?: boolean;
 }
+interface SSOInitiateRequest {
+    provider: SSOProvider;
+    redirect_uri?: string;
+    state?: string;
+    scopes?: string[];
+    params?: Record<string, string>;
+    code_challenge?: string;
+    code_challenge_method?: 'S256' | 'plain';
+}
+interface SSOCallbackRequest {
+    provider: SSOProvider;
+    code: string;
+    state?: string;
+}
+interface SSOLinkRequest {
+    provider: SSOProvider;
+    code: string;
+}
+interface SSOUnlinkRequest {
+    provider: SSOProvider;
+}
 interface AuthenticationResponse {
     success: boolean;
     account_id?: string;
@@ -215,6 +239,12 @@ type DeleteSessionResponse = AxiosResponse<MessageResponse>;
 type DeleteAllSessionsResponse = AxiosResponse<MessageResponse>;
 type CleanupSessionsResponse = AxiosResponse<MessageResponse>;
 type GetMethodsResponse = AxiosResponse<AvailableMethodsResponse>;
+type SSOInitiateResponse = AxiosResponse<{
+    authorization_url: string;
+}>;
+type SSOCallbackResponse = AxiosResponse<AuthenticationResponse>;
+type SSOLinkResponse = AxiosResponse<MessageResponse>;
+type SSOUnlinkResponse = AxiosResponse<MessageResponse>;
 /**
  * Extract unified user from account info
  */
@@ -222,7 +252,7 @@ declare function accountToUser(account: AccountInfo | null): User | null;
 declare class AuthApi {
     private api;
-    constructor(axiosInstance?: AxiosInstance, baseURL?: string);
+    constructor(baseURL?: string);
     private setupInterceptors;
     /**
      * Get available authentication methods
@@ -244,6 +274,23 @@ declare class AuthApi {
      * Refresh current session
      */
     refreshSession(): Promise<RefreshSessionResponse>;
+    /**
+     * Initiate SSO login flow
+     * Returns authorization URL to redirect user to
+     */
+    initiateSSO(data: SSOInitiateRequest): Promise<SSOInitiateResponse>;
+    /**
+     * Complete SSO login after callback from provider
+     */
+    ssoCallback(data: SSOCallbackRequest): Promise<SSOCallbackResponse>;
+    /**
+     * Link an SSO provider to existing account
+     */
+    linkSSOProvider(data: SSOLinkRequest): Promise<SSOLinkResponse>;
+    /**
+     * Unlink an SSO provider from account
+     */
+    unlinkSSOProvider(provider: SSOProvider): Promise<SSOUnlinkResponse>;
     /**
      * Get current user account info
      */
@@ -318,9 +365,217 @@ declare class AuthApi {
     cleanupSessions(): Promise<CleanupSessionsResponse>;
 }
-declare function initAuth({ axios, baseURL, }: {
-    axios: AxiosInstance;
-    baseURL?: string;
+/**
+ * Set the auth context for SSO operations
+ * This is called automatically when using useAuth()
+ */
+declare function setAuthContext(authApi: any): void;
+/**
+ * SSO Provider Configuration
+ */
+interface SSOProviderConfig {
+    /** Provider identifier */
+    id: SSOProvider;
+    /** Display name */
+    name: string;
+    /** Brand color (hex) */
+    color: string;
+    /** Icon identifier (for UI libraries) */
+    icon: string;
+    /** Default OAuth scopes */
+    defaultScopes: string[];
+    /** Provider-specific metadata */
+    metadata?: {
+        authDomain?: string;
+        buttonText?: string;
+        [key: string]: any;
+    };
+}
+/**
+ * OAuth Flow Options
+ */
+interface OAuthFlowOptions {
+    /** Custom redirect URI (defaults to current origin + /auth/callback) */
+    redirectUri?: string;
+    /** State parameter for CSRF protection (auto-generated if not provided) */
+    state?: string;
+    /** Custom scopes (overrides provider defaults) */
+    scopes?: string[];
+    /** Additional OAuth parameters (prompt, login_hint, hd, domain, etc.) */
+    params?: Record<string, string>;
+    /** Popup window dimensions */
+    popupDimensions?: {
+        width?: number;
+        height?: number;
+    };
+    /** Timeout for popup flow in milliseconds (default: 90000) */
+    popupTimeout?: number;
+}
+/**
+ * Popup Result
+ */
+interface PopupResult {
+    code: string;
+    state?: string;
+    error?: string;
+}
+/**
+ * SSO Error Types
+ */
+declare class SSOError extends Error {
+    code: string;
+    constructor(message: string, code: string);
+}
+declare class PopupBlockedError extends SSOError {
+    constructor();
+}
+declare class PopupClosedError extends SSOError {
+    constructor();
+}
+declare class PopupTimeoutError extends SSOError {
+    constructor();
+}
+declare class StateMismatchError extends SSOError {
+    constructor();
+}
+/**
+ * SSO Provider Instance with functional methods
+ */
+interface SSOProviderInstance extends SSOProviderConfig {
+    /**
+     * Initiate OAuth flow with redirect (most common)
+     * User is redirected to provider's authorization page
+     */
+    redirect: (options?: OAuthFlowOptions) => Promise<void>;
+    /**
+     * Initiate OAuth flow in a popup window
+     * Returns the authorization code without leaving the page
+     */
+    popup: (options?: OAuthFlowOptions) => Promise<AuthenticationResponse>;
+    /**
+     * Complete OAuth flow after callback
+     * Call this on your callback page
+     */
+    callback: (code: string, state?: string) => Promise<AuthenticationResponse>;
+    /**
+     * Link this provider to the current logged-in user
+     */
+    link: (code: string) => Promise<void>;
+    /**
+     * Unlink this provider from the current user
+     */
+    unlink: () => Promise<void>;
+    /**
+     * Get authorization URL without redirecting
+     */
+    getAuthUrl: (options?: OAuthFlowOptions) => Promise<string>;
+    /**
+     * Whether this provider supports popup flow
+     * Some providers (like Apple) work better with redirect
+     */
+    supportsPopup?: boolean;
+}
+/**
+ * SSO Provider Implementations
+ */
+declare const sso: {
+    /**
+     * Google OAuth Provider
+     * https://developers.google.com/identity/protocols/oauth2
+     */
+    google: SSOProviderInstance;
+    /**
+     * Microsoft OAuth Provider (Azure AD / Microsoft Entra ID)
+     * https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
+     */
+    microsoft: SSOProviderInstance;
+    /**
+     * GitHub OAuth Provider
+     * https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps
+     */
+    github: SSOProviderInstance;
+    /**
+     * Okta OAuth Provider
+     * https://developer.okta.com/docs/guides/implement-grant-type/authcode/main/
+     */
+    okta: SSOProviderInstance;
+    /**
+     * Apple Sign In Provider
+     * https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api
+     * Note: Apple works best with redirect flow on web
+     */
+    apple: {
+        supportsPopup: boolean;
+        popup(options?: OAuthFlowOptions): Promise<any>;
+        /**
+         * Initiate OAuth flow with redirect (most common)
+         * User is redirected to provider's authorization page
+         */
+        redirect: (options?: OAuthFlowOptions) => Promise<void>;
+        /**
+         * Complete OAuth flow after callback
+         * Call this on your callback page
+         */
+        callback: (code: string, state?: string) => Promise<AuthenticationResponse>;
+        /**
+         * Link this provider to the current logged-in user
+         */
+        link: (code: string) => Promise<void>;
+        /**
+         * Unlink this provider from the current user
+         */
+        unlink: () => Promise<void>;
+        /**
+         * Get authorization URL without redirecting
+         */
+        getAuthUrl: (options?: OAuthFlowOptions) => Promise<string>;
+        /** Provider identifier */
+        id: SSOProvider;
+        /** Display name */
+        name: string;
+        /** Brand color (hex) */
+        color: string;
+        /** Icon identifier (for UI libraries) */
+        icon: string;
+        /** Default OAuth scopes */
+        defaultScopes: string[];
+        /** Provider-specific metadata */
+        metadata?: {
+            authDomain?: string;
+            buttonText?: string;
+            [key: string]: any;
+        };
+    };
+    /**
+     * Facebook OAuth Provider
+     * https://developers.facebook.com/docs/facebook-login/guides/advanced/manual-flow
+     */
+    facebook: SSOProviderInstance;
+};
+/**
+ * Array of all SSO providers
+ */
+declare const ssoProviders: readonly SSOProviderInstance[];
+/**
+ * Get SSO provider instance by ID
+ */
+declare function getSSOProvider(provider: SSOProvider): SSOProviderInstance | undefined;
+/**
+ * Get all available SSO providers
+ */
+declare function getAllSSOProviders(): readonly SSOProviderInstance[];
+/**
+ * Check if a provider is supported
+ */
+declare function isSupportedProvider(provider: string): provider is SSOProvider;
+/**
+ * Handle OAuth callback from URL
+ * Call this on your callback page to automatically detect and process the callback
+ */
+declare function handleOAuthCallback(): Promise<AuthenticationResponse | null>;
+declare function initAuth({ baseURL, }: {
+    baseURL: string;
 }): {
     on<K extends AuthState>(event: K, handler: AuthEventMap[K]): void;
     off<K extends AuthState>(event: K, handler: AuthEventMap[K]): void;
@@ -343,6 +598,8 @@ declare function useAuth(): {
             is_verified: boolean;
             last_used?: string | undefined;
             use_count: number;
+            provider?: SSOProvider | undefined;
+            provider_user_id?: string | undefined;
         }[];
         person?: {
             id: string;
@@ -370,6 +627,8 @@ declare function useAuth(): {
             is_verified: boolean;
             last_used?: string | undefined;
             use_count: number;
+            provider?: SSOProvider | undefined;
+            provider_user_id?: string | undefined;
         }[];
         person?: {
             id: string;
@@ -384,6 +643,32 @@ declare function useAuth(): {
             metadata?: Record<string, any> | undefined;
         } | undefined;
     } | null>;
+    sso: {
+        google: SSOProviderInstance;
+        microsoft: SSOProviderInstance;
+        github: SSOProviderInstance;
+        okta: SSOProviderInstance;
+        apple: {
+            supportsPopup: boolean;
+            popup(options?: OAuthFlowOptions): Promise<any>;
+            redirect: (options?: OAuthFlowOptions) => Promise<void>;
+            callback: (code: string, state?: string) => Promise<AuthenticationResponse>;
+            link: (code: string) => Promise<void>;
+            unlink: () => Promise<void>;
+            getAuthUrl: (options?: OAuthFlowOptions) => Promise<string>;
+            id: SSOProvider;
+            name: string;
+            color: string;
+            icon: string;
+            defaultScopes: string[];
+            metadata?: {
+                authDomain?: string;
+                buttonText?: string;
+                [key: string]: any;
+            };
+        };
+        facebook: SSOProviderInstance;
+    };
     getFullName: () => string;
     getIsLoggedIn: () => boolean;
     getEmail: () => string;
@@ -399,6 +684,10 @@ declare function useAuth(): {
     signup: (newUser: NewUser) => Promise<AuthenticationResponse>;
     checkAuth: () => Promise<boolean>;
     refreshSession: () => Promise<void>;
+    initiateSSO: (params: SSOInitiateRequest) => Promise<string>;
+    loginWithSSO: (params: SSOCallbackRequest) => Promise<AuthenticationResponse>;
+    linkSSOProvider: (params: SSOLinkRequest) => Promise<void>;
+    unlinkSSOProvider: (provider: SSOProvider) => Promise<void>;
     updateProfile: (updates: UpdateAccountRequest) => Promise<void>;
     deleteCurrentUser: () => Promise<void>;
     changePassword: (form: UpdatePasswordForm) => Promise<void>;
@@ -415,5 +704,5 @@ declare function useAuth(): {
     revokeAllSessions: (accountId?: string) => Promise<void>;
 };
-export { AuthApi, AuthState, accountToUser, initAuth, useAuth };
-export type { AccountInfo, ActivateAccountResponse, AuthEventHandler, AuthEventMap, AuthMethodInfo, AuthStatusResponse, AuthenticationAccount, AuthenticationAccountType, AuthenticationMethodType, AuthenticationResponse, AvailableMethodsResponse, ChangePasswordRequest, ChangePasswordResponse, CleanupSessionsResponse, DeactivateAccountResponse, DeleteAccountResponse, DeleteAllSessionsResponse, DeleteMeResponse, DeleteSessionResponse, EntityInfo, ForgotPasswordRequest, ForgotPasswordResponse, GetAccountResponse, GetMeResponse, GetMethodsResponse, GetSessionsResponse, LoginResponse, LogoutResponse, MessageResponse, NewUser, OTPMetadata, PasswordLoginRequest, PersonInfo, RefreshSessionResponse, RegisterRequest, RegisterResponse, ResetPasswordRequest, ResetPasswordResponse, SSOMetadata, SendVerificationRequest, SendVerificationResponse, SessionInfo, SessionListResponse, UpdateAccountRequest, UpdateAccountResponse, UpdateMeResponse, UpdatePasswordForm, User, VerifyEmailRequest, VerifyEmailResponse, VerifyResetTokenResponse };
+export { AuthApi, AuthState, PopupBlockedError, PopupClosedError, PopupTimeoutError, SSOError, StateMismatchError, accountToUser, getAllSSOProviders, getSSOProvider, handleOAuthCallback, initAuth, isSupportedProvider, setAuthContext, sso, ssoProviders, useAuth };
+export type { AccountInfo, ActivateAccountResponse, AuthEventHandler, AuthEventMap, AuthMethodInfo, AuthStatusResponse, AuthenticationAccount, AuthenticationAccountType, AuthenticationMethodType, AuthenticationResponse, AvailableMethodsResponse, ChangePasswordRequest, ChangePasswordResponse, CleanupSessionsResponse, DeactivateAccountResponse, DeleteAccountResponse, DeleteAllSessionsResponse, DeleteMeResponse, DeleteSessionResponse, EntityInfo, ForgotPasswordRequest, ForgotPasswordResponse, GetAccountResponse, GetMeResponse, GetMethodsResponse, GetSessionsResponse, LoginResponse, LogoutResponse, MessageResponse, NewUser, OAuthFlowOptions, OTPMetadata, PasswordLoginRequest, PersonInfo, PopupResult, RefreshSessionResponse, RegisterRequest, RegisterResponse, ResetPasswordRequest, ResetPasswordResponse, SSOCallbackRequest, SSOCallbackResponse, SSOInitiateRequest, SSOInitiateResponse, SSOLinkRequest, SSOLinkResponse, SSOMetadata, SSOProvider, SSOProviderConfig, SSOProviderInstance, SSOUnlinkRequest, SSOUnlinkResponse, SendVerificationRequest, SendVerificationResponse, SessionInfo, SessionListResponse, UpdateAccountRequest, UpdateAccountResponse, UpdateMeResponse, UpdatePasswordForm, User, VerifyEmailRequest, VerifyEmailResponse, VerifyResetTokenResponse };