@better-auth/core 1.4.17 → 1.4.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (261) hide show
  1. package/.turbo/turbo-build.log +253 -176
  2. package/dist/api/index.d.mts +11 -5
  3. package/dist/api/index.mjs +2 -1
  4. package/dist/api/index.mjs.map +1 -0
  5. package/dist/async_hooks/index.d.mts +2 -1
  6. package/dist/async_hooks/index.mjs +2 -1
  7. package/dist/async_hooks/index.mjs.map +1 -0
  8. package/dist/async_hooks/pure.index.d.mts +2 -1
  9. package/dist/async_hooks/pure.index.mjs +2 -1
  10. package/dist/async_hooks/pure.index.mjs.map +1 -0
  11. package/dist/context/endpoint-context.d.mts +2 -1
  12. package/dist/context/endpoint-context.mjs +2 -1
  13. package/dist/context/endpoint-context.mjs.map +1 -0
  14. package/dist/context/global.d.mts +2 -1
  15. package/dist/context/global.mjs +3 -2
  16. package/dist/context/global.mjs.map +1 -0
  17. package/dist/context/request-state.d.mts +2 -1
  18. package/dist/context/request-state.mjs +2 -1
  19. package/dist/context/request-state.mjs.map +1 -0
  20. package/dist/context/transaction.d.mts +2 -1
  21. package/dist/context/transaction.mjs +2 -1
  22. package/dist/context/transaction.mjs.map +1 -0
  23. package/dist/db/adapter/factory.d.mts +2 -1
  24. package/dist/db/adapter/factory.mjs +9 -27
  25. package/dist/db/adapter/factory.mjs.map +1 -0
  26. package/dist/db/adapter/get-default-field-name.d.mts +2 -1
  27. package/dist/db/adapter/get-default-field-name.mjs +2 -1
  28. package/dist/db/adapter/get-default-field-name.mjs.map +1 -0
  29. package/dist/db/adapter/get-default-model-name.d.mts +2 -1
  30. package/dist/db/adapter/get-default-model-name.mjs +2 -1
  31. package/dist/db/adapter/get-default-model-name.mjs.map +1 -0
  32. package/dist/db/adapter/get-field-attributes.d.mts +2 -1
  33. package/dist/db/adapter/get-field-attributes.mjs +2 -1
  34. package/dist/db/adapter/get-field-attributes.mjs.map +1 -0
  35. package/dist/db/adapter/get-field-name.d.mts +2 -1
  36. package/dist/db/adapter/get-field-name.mjs +2 -1
  37. package/dist/db/adapter/get-field-name.mjs.map +1 -0
  38. package/dist/db/adapter/get-id-field.d.mts +2 -1
  39. package/dist/db/adapter/get-id-field.mjs +2 -1
  40. package/dist/db/adapter/get-id-field.mjs.map +1 -0
  41. package/dist/db/adapter/get-model-name.d.mts +2 -1
  42. package/dist/db/adapter/get-model-name.mjs +2 -1
  43. package/dist/db/adapter/get-model-name.mjs.map +1 -0
  44. package/dist/db/adapter/index.d.mts +5 -1
  45. package/dist/db/adapter/types.d.mts +2 -1
  46. package/dist/db/adapter/utils.d.mts +2 -1
  47. package/dist/db/adapter/utils.mjs +2 -1
  48. package/dist/db/adapter/utils.mjs.map +1 -0
  49. package/dist/db/get-tables.d.mts +2 -1
  50. package/dist/db/get-tables.mjs +8 -2
  51. package/dist/db/get-tables.mjs.map +1 -0
  52. package/dist/db/plugin.d.mts +2 -1
  53. package/dist/db/schema/account.d.mts +2 -1
  54. package/dist/db/schema/account.mjs +2 -1
  55. package/dist/db/schema/account.mjs.map +1 -0
  56. package/dist/db/schema/rate-limit.d.mts +2 -1
  57. package/dist/db/schema/rate-limit.mjs +2 -1
  58. package/dist/db/schema/rate-limit.mjs.map +1 -0
  59. package/dist/db/schema/session.d.mts +2 -1
  60. package/dist/db/schema/session.mjs +2 -1
  61. package/dist/db/schema/session.mjs.map +1 -0
  62. package/dist/db/schema/shared.d.mts +2 -1
  63. package/dist/db/schema/shared.mjs +2 -1
  64. package/dist/db/schema/shared.mjs.map +1 -0
  65. package/dist/db/schema/user.d.mts +2 -1
  66. package/dist/db/schema/user.mjs +2 -1
  67. package/dist/db/schema/user.mjs.map +1 -0
  68. package/dist/db/schema/verification.d.mts +2 -1
  69. package/dist/db/schema/verification.mjs +2 -1
  70. package/dist/db/schema/verification.mjs.map +1 -0
  71. package/dist/db/type.d.mts +2 -1
  72. package/dist/env/color-depth.d.mts +2 -1
  73. package/dist/env/color-depth.mjs +2 -1
  74. package/dist/env/color-depth.mjs.map +1 -0
  75. package/dist/env/env-impl.d.mts +3 -2
  76. package/dist/env/env-impl.mjs +3 -2
  77. package/dist/env/env-impl.mjs.map +1 -0
  78. package/dist/env/logger.d.mts +2 -1
  79. package/dist/env/logger.mjs +3 -2
  80. package/dist/env/logger.mjs.map +1 -0
  81. package/dist/error/codes.d.mts +2 -1
  82. package/dist/error/codes.mjs +2 -1
  83. package/dist/error/codes.mjs.map +1 -0
  84. package/dist/error/index.d.mts +2 -1
  85. package/dist/error/index.mjs +2 -1
  86. package/dist/error/index.mjs.map +1 -0
  87. package/dist/index.d.mts +2 -2
  88. package/dist/oauth2/client-credentials-token.d.mts +2 -1
  89. package/dist/oauth2/client-credentials-token.mjs +2 -1
  90. package/dist/oauth2/client-credentials-token.mjs.map +1 -0
  91. package/dist/oauth2/create-authorization-url.d.mts +2 -1
  92. package/dist/oauth2/create-authorization-url.mjs +2 -1
  93. package/dist/oauth2/create-authorization-url.mjs.map +1 -0
  94. package/dist/oauth2/oauth-provider.d.mts +3 -2
  95. package/dist/oauth2/refresh-access-token.d.mts +2 -1
  96. package/dist/oauth2/refresh-access-token.mjs +2 -1
  97. package/dist/oauth2/refresh-access-token.mjs.map +1 -0
  98. package/dist/oauth2/utils.d.mts +2 -1
  99. package/dist/oauth2/utils.mjs +2 -1
  100. package/dist/oauth2/utils.mjs.map +1 -0
  101. package/dist/oauth2/validate-authorization-code.d.mts +6 -2
  102. package/dist/oauth2/validate-authorization-code.mjs +7 -12
  103. package/dist/oauth2/validate-authorization-code.mjs.map +1 -0
  104. package/dist/oauth2/verify.d.mts +2 -1
  105. package/dist/oauth2/verify.mjs +2 -1
  106. package/dist/oauth2/verify.mjs.map +1 -0
  107. package/dist/social-providers/apple.d.mts +2 -1
  108. package/dist/social-providers/apple.mjs +22 -15
  109. package/dist/social-providers/apple.mjs.map +1 -0
  110. package/dist/social-providers/atlassian.d.mts +2 -1
  111. package/dist/social-providers/atlassian.mjs +2 -1
  112. package/dist/social-providers/atlassian.mjs.map +1 -0
  113. package/dist/social-providers/cognito.d.mts +2 -1
  114. package/dist/social-providers/cognito.mjs +2 -1
  115. package/dist/social-providers/cognito.mjs.map +1 -0
  116. package/dist/social-providers/discord.d.mts +2 -1
  117. package/dist/social-providers/discord.mjs +2 -1
  118. package/dist/social-providers/discord.mjs.map +1 -0
  119. package/dist/social-providers/dropbox.d.mts +2 -1
  120. package/dist/social-providers/dropbox.mjs +2 -1
  121. package/dist/social-providers/dropbox.mjs.map +1 -0
  122. package/dist/social-providers/facebook.d.mts +2 -1
  123. package/dist/social-providers/facebook.mjs +5 -4
  124. package/dist/social-providers/facebook.mjs.map +1 -0
  125. package/dist/social-providers/figma.d.mts +2 -1
  126. package/dist/social-providers/figma.mjs +2 -1
  127. package/dist/social-providers/figma.mjs.map +1 -0
  128. package/dist/social-providers/github.d.mts +3 -2
  129. package/dist/social-providers/github.mjs +22 -5
  130. package/dist/social-providers/github.mjs.map +1 -0
  131. package/dist/social-providers/gitlab.d.mts +2 -1
  132. package/dist/social-providers/gitlab.mjs +2 -1
  133. package/dist/social-providers/gitlab.mjs.map +1 -0
  134. package/dist/social-providers/google.d.mts +2 -1
  135. package/dist/social-providers/google.mjs +18 -13
  136. package/dist/social-providers/google.mjs.map +1 -0
  137. package/dist/social-providers/huggingface.d.mts +2 -1
  138. package/dist/social-providers/huggingface.mjs +2 -1
  139. package/dist/social-providers/huggingface.mjs.map +1 -0
  140. package/dist/social-providers/index.d.mts +5 -3
  141. package/dist/social-providers/index.mjs +3 -2
  142. package/dist/social-providers/index.mjs.map +1 -0
  143. package/dist/social-providers/kakao.d.mts +2 -1
  144. package/dist/social-providers/kakao.mjs +2 -1
  145. package/dist/social-providers/kakao.mjs.map +1 -0
  146. package/dist/social-providers/kick.d.mts +2 -1
  147. package/dist/social-providers/kick.mjs +2 -1
  148. package/dist/social-providers/kick.mjs.map +1 -0
  149. package/dist/social-providers/line.d.mts +2 -1
  150. package/dist/social-providers/line.mjs +2 -1
  151. package/dist/social-providers/line.mjs.map +1 -0
  152. package/dist/social-providers/linear.d.mts +2 -1
  153. package/dist/social-providers/linear.mjs +2 -1
  154. package/dist/social-providers/linear.mjs.map +1 -0
  155. package/dist/social-providers/linkedin.d.mts +2 -1
  156. package/dist/social-providers/linkedin.mjs +2 -1
  157. package/dist/social-providers/linkedin.mjs.map +1 -0
  158. package/dist/social-providers/microsoft-entra-id.d.mts +4 -1
  159. package/dist/social-providers/microsoft-entra-id.mjs +36 -2
  160. package/dist/social-providers/microsoft-entra-id.mjs.map +1 -0
  161. package/dist/social-providers/naver.d.mts +2 -1
  162. package/dist/social-providers/naver.mjs +2 -1
  163. package/dist/social-providers/naver.mjs.map +1 -0
  164. package/dist/social-providers/notion.d.mts +2 -1
  165. package/dist/social-providers/notion.mjs +2 -1
  166. package/dist/social-providers/notion.mjs.map +1 -0
  167. package/dist/social-providers/paybin.d.mts +2 -1
  168. package/dist/social-providers/paybin.mjs +2 -1
  169. package/dist/social-providers/paybin.mjs.map +1 -0
  170. package/dist/social-providers/paypal.d.mts +2 -1
  171. package/dist/social-providers/paypal.mjs +2 -1
  172. package/dist/social-providers/paypal.mjs.map +1 -0
  173. package/dist/social-providers/polar.d.mts +2 -1
  174. package/dist/social-providers/polar.mjs +2 -1
  175. package/dist/social-providers/polar.mjs.map +1 -0
  176. package/dist/social-providers/reddit.d.mts +2 -1
  177. package/dist/social-providers/reddit.mjs +2 -1
  178. package/dist/social-providers/reddit.mjs.map +1 -0
  179. package/dist/social-providers/roblox.d.mts +2 -1
  180. package/dist/social-providers/roblox.mjs +2 -1
  181. package/dist/social-providers/roblox.mjs.map +1 -0
  182. package/dist/social-providers/salesforce.d.mts +2 -1
  183. package/dist/social-providers/salesforce.mjs +2 -1
  184. package/dist/social-providers/salesforce.mjs.map +1 -0
  185. package/dist/social-providers/slack.d.mts +2 -1
  186. package/dist/social-providers/slack.mjs +2 -1
  187. package/dist/social-providers/slack.mjs.map +1 -0
  188. package/dist/social-providers/spotify.d.mts +2 -1
  189. package/dist/social-providers/spotify.mjs +2 -1
  190. package/dist/social-providers/spotify.mjs.map +1 -0
  191. package/dist/social-providers/tiktok.d.mts +2 -1
  192. package/dist/social-providers/tiktok.mjs +2 -1
  193. package/dist/social-providers/tiktok.mjs.map +1 -0
  194. package/dist/social-providers/twitch.d.mts +2 -1
  195. package/dist/social-providers/twitch.mjs +2 -1
  196. package/dist/social-providers/twitch.mjs.map +1 -0
  197. package/dist/social-providers/twitter.d.mts +3 -2
  198. package/dist/social-providers/twitter.mjs +2 -1
  199. package/dist/social-providers/twitter.mjs.map +1 -0
  200. package/dist/social-providers/vercel.d.mts +2 -1
  201. package/dist/social-providers/vercel.mjs +2 -1
  202. package/dist/social-providers/vercel.mjs.map +1 -0
  203. package/dist/social-providers/vk.d.mts +2 -1
  204. package/dist/social-providers/vk.mjs +2 -1
  205. package/dist/social-providers/vk.mjs.map +1 -0
  206. package/dist/social-providers/zoom.d.mts +3 -3
  207. package/dist/social-providers/zoom.mjs +2 -1
  208. package/dist/social-providers/zoom.mjs.map +1 -0
  209. package/dist/types/context.d.mts +7 -3
  210. package/dist/types/cookie.d.mts +2 -1
  211. package/dist/types/helper.d.mts +2 -1
  212. package/dist/types/index.d.mts +1 -1
  213. package/dist/types/init-options.d.mts +36 -33
  214. package/dist/types/plugin-client.d.mts +2 -1
  215. package/dist/types/plugin.d.mts +2 -1
  216. package/dist/utils/db.d.mts +13 -0
  217. package/dist/utils/db.mjs +17 -0
  218. package/dist/utils/db.mjs.map +1 -0
  219. package/dist/utils/deprecate.d.mts +2 -1
  220. package/dist/utils/deprecate.mjs +2 -1
  221. package/dist/utils/deprecate.mjs.map +1 -0
  222. package/dist/utils/error-codes.d.mts +2 -1
  223. package/dist/utils/error-codes.mjs +2 -1
  224. package/dist/utils/error-codes.mjs.map +1 -0
  225. package/dist/utils/id.d.mts +2 -1
  226. package/dist/utils/id.mjs +2 -1
  227. package/dist/utils/id.mjs.map +1 -0
  228. package/dist/utils/index.d.mts +2 -1
  229. package/dist/utils/index.mjs +2 -1
  230. package/dist/utils/ip.d.mts +2 -1
  231. package/dist/utils/ip.mjs +2 -1
  232. package/dist/utils/ip.mjs.map +1 -0
  233. package/dist/utils/json.d.mts +2 -1
  234. package/dist/utils/json.mjs +2 -1
  235. package/dist/utils/json.mjs.map +1 -0
  236. package/dist/utils/string.d.mts +2 -1
  237. package/dist/utils/string.mjs +2 -1
  238. package/dist/utils/string.mjs.map +1 -0
  239. package/dist/utils/url.d.mts +2 -1
  240. package/dist/utils/url.mjs +2 -1
  241. package/dist/utils/url.mjs.map +1 -0
  242. package/package.json +1 -1
  243. package/src/db/adapter/factory.ts +5 -41
  244. package/src/db/adapter/index.ts +3 -0
  245. package/src/db/get-tables.ts +5 -0
  246. package/src/env/env-impl.ts +2 -2
  247. package/src/env/logger.ts +1 -1
  248. package/src/oauth2/oauth-provider.ts +1 -1
  249. package/src/oauth2/validate-authorization-code.ts +13 -26
  250. package/src/oauth2/validate-token.test.ts +241 -0
  251. package/src/social-providers/apple.ts +37 -24
  252. package/src/social-providers/facebook.ts +3 -3
  253. package/src/social-providers/github.ts +25 -3
  254. package/src/social-providers/google.ts +18 -14
  255. package/src/social-providers/microsoft-entra-id.ts +84 -1
  256. package/src/types/context.ts +6 -3
  257. package/src/types/index.ts +6 -1
  258. package/src/types/init-options.ts +44 -36
  259. package/src/utils/db.ts +20 -0
  260. package/src/utils/index.ts +1 -0
  261. package/tsdown.config.ts +3 -0
package/dist/social-providers/roblox.mjs CHANGED
@@ -56,4 +56,5 @@ const roblox = (options) => {
56
56
  };
57
57
 
58
58
  //#endregion
59
- export { roblox };
59
+ export { roblox };
60
+ //# sourceMappingURL=roblox.mjs.map
package/dist/social-providers/roblox.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"roblox.mjs","names":[],"sources":["../../src/social-providers/roblox.ts"],"sourcesContent":["import { betterFetch } from \"@better-fetch/fetch\";\nimport type { OAuthProvider, ProviderOptions } from \"../oauth2\";\nimport { refreshAccessToken, validateAuthorizationCode } from \"../oauth2\";\n\nexport interface RobloxProfile extends Record<string, any> {\n\t/** the user's id */\n\tsub: string;\n\t/** the user's username */\n\tpreferred_username: string;\n\t/** the user's display name, will return the same value as the preferred_username if not set */\n\tnickname: string;\n\t/** the user's display name, again, will return the same value as the preferred_username if not set */\n\tname: string;\n\t/** the account creation date as a unix timestamp in seconds */\n\tcreated_at: number;\n\t/** the user's profile URL */\n\tprofile: string;\n\t/** the user's avatar URL */\n\tpicture: string;\n}\n\nexport interface RobloxOptions extends ProviderOptions<RobloxProfile> {\n\tclientId: string;\n\tprompt?:\n\t\t| (\n\t\t\t\t| \"none\"\n\t\t\t\t| \"consent\"\n\t\t\t\t| \"login\"\n\t\t\t\t| \"select_account\"\n\t\t\t\t| \"select_account consent\"\n\t\t )\n\t\t| undefined;\n}\n\nexport const roblox = (options: RobloxOptions) => {\n\treturn {\n\t\tid: \"roblox\",\n\t\tname: \"Roblox\",\n\t\tcreateAuthorizationURL({ state, scopes, redirectURI }) {\n\t\t\tconst _scopes = options.disableDefaultScope ? [] : [\"openid\", \"profile\"];\n\t\t\tif (options.scope) _scopes.push(...options.scope);\n\t\t\tif (scopes) _scopes.push(...scopes);\n\t\t\treturn new URL(\n\t\t\t\t`https://apis.roblox.com/oauth/v1/authorize?scope=${_scopes.join(\n\t\t\t\t\t\"+\",\n\t\t\t\t)}&response_type=code&client_id=${\n\t\t\t\t\toptions.clientId\n\t\t\t\t}&redirect_uri=${encodeURIComponent(\n\t\t\t\t\toptions.redirectURI || redirectURI,\n\t\t\t\t)}&state=${state}&prompt=${options.prompt || \"select_account consent\"}`,\n\t\t\t);\n\t\t},\n\t\tvalidateAuthorizationCode: async ({ code, redirectURI }) => {\n\t\t\treturn validateAuthorizationCode({\n\t\t\t\tcode,\n\t\t\t\tredirectURI: options.redirectURI || redirectURI,\n\t\t\t\toptions,\n\t\t\t\ttokenEndpoint: \"https://apis.roblox.com/oauth/v1/token\",\n\t\t\t\tauthentication: \"post\",\n\t\t\t});\n\t\t},\n\t\trefreshAccessToken: options.refreshAccessToken\n\t\t\t? options.refreshAccessToken\n\t\t\t: async (refreshToken) => {\n\t\t\t\t\treturn refreshAccessToken({\n\t\t\t\t\t\trefreshToken,\n\t\t\t\t\t\toptions: {\n\t\t\t\t\t\t\tclientId: options.clientId,\n\t\t\t\t\t\t\tclientKey: options.clientKey,\n\t\t\t\t\t\t\tclientSecret: options.clientSecret,\n\t\t\t\t\t\t},\n\t\t\t\t\t\ttokenEndpoint: \"https://apis.roblox.com/oauth/v1/token\",\n\t\t\t\t\t});\n\t\t\t\t},\n\t\tasync getUserInfo(token) {\n\t\t\tif (options.getUserInfo) {\n\t\t\t\treturn options.getUserInfo(token);\n\t\t\t}\n\t\t\tconst { data: profile, error } = await betterFetch<RobloxProfile>(\n\t\t\t\t\"https://apis.roblox.com/oauth/v1/userinfo\",\n\t\t\t\t{\n\t\t\t\t\theaders: {\n\t\t\t\t\t\tauthorization: `Bearer ${token.accessToken}`,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t);\n\n\t\t\tif (error) {\n\t\t\t\treturn null;\n\t\t\t}\n\n\t\t\tconst userMap = await options.mapProfileToUser?.(profile);\n\t\t\t// Roblox does not provide email or email_verified claim.\n\t\t\t// We default to false for security consistency.\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: profile.sub,\n\t\t\t\t\tname: profile.nickname || profile.preferred_username || \"\",\n\t\t\t\t\timage: profile.picture,\n\t\t\t\t\temail: profile.preferred_username || null, // Roblox does not provide email\n\t\t\t\t\temailVerified: false,\n\t\t\t\t\t...userMap,\n\t\t\t\t},\n\t\t\t\tdata: {\n\t\t\t\t\t...profile,\n\t\t\t\t},\n\t\t\t};\n\t\t},\n\t\toptions,\n\t} satisfies OAuthProvider<RobloxProfile>;\n};\n"],"mappings":";;;;;;AAkCA,MAAa,UAAU,YAA2B;AACjD,QAAO;EACN,IAAI;EACJ,MAAM;EACN,uBAAuB,EAAE,OAAO,QAAQ,eAAe;GACtD,MAAM,UAAU,QAAQ,sBAAsB,EAAE,GAAG,CAAC,UAAU,UAAU;AACxE,OAAI,QAAQ,MAAO,SAAQ,KAAK,GAAG,QAAQ,MAAM;AACjD,OAAI,OAAQ,SAAQ,KAAK,GAAG,OAAO;AACnC,UAAO,IAAI,IACV,oDAAoD,QAAQ,KAC3D,IACA,CAAC,gCACD,QAAQ,SACR,gBAAgB,mBAChB,QAAQ,eAAe,YACvB,CAAC,SAAS,MAAM,UAAU,QAAQ,UAAU,2BAC7C;;EAEF,2BAA2B,OAAO,EAAE,MAAM,kBAAkB;AAC3D,UAAO,0BAA0B;IAChC;IACA,aAAa,QAAQ,eAAe;IACpC;IACA,eAAe;IACf,gBAAgB;IAChB,CAAC;;EAEH,oBAAoB,QAAQ,qBACzB,QAAQ,qBACR,OAAO,iBAAiB;AACxB,UAAO,mBAAmB;IACzB;IACA,SAAS;KACR,UAAU,QAAQ;KAClB,WAAW,QAAQ;KACnB,cAAc,QAAQ;KACtB;IACD,eAAe;IACf,CAAC;;EAEL,MAAM,YAAY,OAAO;AACxB,OAAI,QAAQ,YACX,QAAO,QAAQ,YAAY,MAAM;GAElC,MAAM,EAAE,MAAM,SAAS,UAAU,MAAM,YACtC,6CACA,EACC,SAAS,EACR,eAAe,UAAU,MAAM,eAC/B,EACD,CACD;AAED,OAAI,MACH,QAAO;GAGR,MAAM,UAAU,MAAM,QAAQ,mBAAmB,QAAQ;AAGzD,UAAO;IACN,MAAM;KACL,IAAI,QAAQ;KACZ,MAAM,QAAQ,YAAY,QAAQ,sBAAsB;KACxD,OAAO,QAAQ;KACf,OAAO,QAAQ,sBAAsB;KACrC,eAAe;KACf,GAAG;KACH;IACD,MAAM,EACL,GAAG,SACH;IACD;;EAEF;EACA"}
package/dist/social-providers/salesforce.d.mts CHANGED
@@ -78,4 +78,5 @@ declare const salesforce: (options: SalesforceOptions) => {
78
78
  options: SalesforceOptions;
79
79
  };
80
80
  //#endregion
81
- export { SalesforceOptions, SalesforceProfile, salesforce };
81
+ export { SalesforceOptions, SalesforceProfile, salesforce };
82
+ //# sourceMappingURL=salesforce.d.mts.map
package/dist/social-providers/salesforce.mjs CHANGED
@@ -88,4 +88,5 @@ const salesforce = (options) => {
88
88
  };
89
89
 
90
90
  //#endregion
91
- export { salesforce };
91
+ export { salesforce };
92
+ //# sourceMappingURL=salesforce.mjs.map
package/dist/social-providers/salesforce.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"salesforce.mjs","names":[],"sources":["../../src/social-providers/salesforce.ts"],"sourcesContent":["import { betterFetch } from \"@better-fetch/fetch\";\nimport { logger } from \"../env\";\nimport { BetterAuthError } from \"../error\";\nimport type { OAuthProvider, ProviderOptions } from \"../oauth2\";\nimport {\n\tcreateAuthorizationURL,\n\trefreshAccessToken,\n\tvalidateAuthorizationCode,\n} from \"../oauth2\";\n\nexport interface SalesforceProfile {\n\tsub: string;\n\tuser_id: string;\n\torganization_id: string;\n\tpreferred_username?: string | undefined;\n\temail: string;\n\temail_verified?: boolean | undefined;\n\tname: string;\n\tgiven_name?: string | undefined;\n\tfamily_name?: string | undefined;\n\tzoneinfo?: string | undefined;\n\tphotos?:\n\t\t| {\n\t\t\t\tpicture?: string;\n\t\t\t\tthumbnail?: string;\n\t\t }\n\t\t| undefined;\n}\n\nexport interface SalesforceOptions extends ProviderOptions<SalesforceProfile> {\n\tclientId: string;\n\tenvironment?: (\"sandbox\" | \"production\") | undefined;\n\tloginUrl?: string | undefined;\n\t/**\n\t * Override the redirect URI if auto-detection fails.\n\t * Should match the Callback URL configured in your Salesforce Connected App.\n\t * @example \"http://localhost:3000/api/auth/callback/salesforce\"\n\t */\n\tredirectURI?: string | undefined;\n}\n\nexport const salesforce = (options: SalesforceOptions) => {\n\tconst environment = options.environment ?? \"production\";\n\tconst isSandbox = environment === \"sandbox\";\n\tconst authorizationEndpoint = options.loginUrl\n\t\t? `https://${options.loginUrl}/services/oauth2/authorize`\n\t\t: isSandbox\n\t\t\t? \"https://test.salesforce.com/services/oauth2/authorize\"\n\t\t\t: \"https://login.salesforce.com/services/oauth2/authorize\";\n\n\tconst tokenEndpoint = options.loginUrl\n\t\t? `https://${options.loginUrl}/services/oauth2/token`\n\t\t: isSandbox\n\t\t\t? \"https://test.salesforce.com/services/oauth2/token\"\n\t\t\t: \"https://login.salesforce.com/services/oauth2/token\";\n\n\tconst userInfoEndpoint = options.loginUrl\n\t\t? `https://${options.loginUrl}/services/oauth2/userinfo`\n\t\t: isSandbox\n\t\t\t? \"https://test.salesforce.com/services/oauth2/userinfo\"\n\t\t\t: \"https://login.salesforce.com/services/oauth2/userinfo\";\n\n\treturn {\n\t\tid: \"salesforce\",\n\t\tname: \"Salesforce\",\n\n\t\tasync createAuthorizationURL({ state, scopes, codeVerifier, redirectURI }) {\n\t\t\tif (!options.clientId || !options.clientSecret) {\n\t\t\t\tlogger.error(\n\t\t\t\t\t\"Client Id and Client Secret are required for Salesforce. Make sure to provide them in the options.\",\n\t\t\t\t);\n\t\t\t\tthrow new BetterAuthError(\"CLIENT_ID_AND_SECRET_REQUIRED\");\n\t\t\t}\n\t\t\tif (!codeVerifier) {\n\t\t\t\tthrow new BetterAuthError(\"codeVerifier is required for Salesforce\");\n\t\t\t}\n\n\t\t\tconst _scopes = options.disableDefaultScope\n\t\t\t\t? []\n\t\t\t\t: [\"openid\", \"email\", \"profile\"];\n\t\t\tif (options.scope) _scopes.push(...options.scope);\n\t\t\tif (scopes) _scopes.push(...scopes);\n\n\t\t\treturn createAuthorizationURL({\n\t\t\t\tid: \"salesforce\",\n\t\t\t\toptions,\n\t\t\t\tauthorizationEndpoint,\n\t\t\t\tscopes: _scopes,\n\t\t\t\tstate,\n\t\t\t\tcodeVerifier,\n\t\t\t\tredirectURI: options.redirectURI || redirectURI,\n\t\t\t});\n\t\t},\n\n\t\tvalidateAuthorizationCode: async ({ code, codeVerifier, redirectURI }) => {\n\t\t\treturn validateAuthorizationCode({\n\t\t\t\tcode,\n\t\t\t\tcodeVerifier,\n\t\t\t\tredirectURI: options.redirectURI || redirectURI,\n\t\t\t\toptions,\n\t\t\t\ttokenEndpoint,\n\t\t\t});\n\t\t},\n\n\t\trefreshAccessToken: options.refreshAccessToken\n\t\t\t? options.refreshAccessToken\n\t\t\t: async (refreshToken) => {\n\t\t\t\t\treturn refreshAccessToken({\n\t\t\t\t\t\trefreshToken,\n\t\t\t\t\t\toptions: {\n\t\t\t\t\t\t\tclientId: options.clientId,\n\t\t\t\t\t\t\tclientSecret: options.clientSecret,\n\t\t\t\t\t\t},\n\t\t\t\t\t\ttokenEndpoint,\n\t\t\t\t\t});\n\t\t\t\t},\n\n\t\tasync getUserInfo(token) {\n\t\t\tif (options.getUserInfo) {\n\t\t\t\treturn options.getUserInfo(token);\n\t\t\t}\n\n\t\t\ttry {\n\t\t\t\tconst { data: user } = await betterFetch<SalesforceProfile>(\n\t\t\t\t\tuserInfoEndpoint,\n\t\t\t\t\t{\n\t\t\t\t\t\theaders: {\n\t\t\t\t\t\t\tAuthorization: `Bearer ${token.accessToken}`,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t);\n\n\t\t\t\tif (!user) {\n\t\t\t\t\tlogger.error(\"Failed to fetch user info from Salesforce\");\n\t\t\t\t\treturn null;\n\t\t\t\t}\n\n\t\t\t\tconst userMap = await options.mapProfileToUser?.(user);\n\n\t\t\t\treturn {\n\t\t\t\t\tuser: {\n\t\t\t\t\t\tid: user.user_id,\n\t\t\t\t\t\tname: user.name,\n\t\t\t\t\t\temail: user.email,\n\t\t\t\t\t\timage: user.photos?.picture || user.photos?.thumbnail,\n\t\t\t\t\t\temailVerified: user.email_verified ?? false,\n\t\t\t\t\t\t...userMap,\n\t\t\t\t\t},\n\t\t\t\t\tdata: user,\n\t\t\t\t};\n\t\t\t} catch (error) {\n\t\t\t\tlogger.error(\"Failed to fetch user info from Salesforce:\", error);\n\t\t\t\treturn null;\n\t\t\t}\n\t\t},\n\n\t\toptions,\n\t} satisfies OAuthProvider<SalesforceProfile>;\n};\n"],"mappings":";;;;;;;;;;AAyCA,MAAa,cAAc,YAA+B;CAEzD,MAAM,aADc,QAAQ,eAAe,kBACT;CAClC,MAAM,wBAAwB,QAAQ,WACnC,WAAW,QAAQ,SAAS,8BAC5B,YACC,0DACA;CAEJ,MAAM,gBAAgB,QAAQ,WAC3B,WAAW,QAAQ,SAAS,0BAC5B,YACC,sDACA;CAEJ,MAAM,mBAAmB,QAAQ,WAC9B,WAAW,QAAQ,SAAS,6BAC5B,YACC,yDACA;AAEJ,QAAO;EACN,IAAI;EACJ,MAAM;EAEN,MAAM,uBAAuB,EAAE,OAAO,QAAQ,cAAc,eAAe;AAC1E,OAAI,CAAC,QAAQ,YAAY,CAAC,QAAQ,cAAc;AAC/C,WAAO,MACN,qGACA;AACD,UAAM,IAAI,gBAAgB,gCAAgC;;AAE3D,OAAI,CAAC,aACJ,OAAM,IAAI,gBAAgB,0CAA0C;GAGrE,MAAM,UAAU,QAAQ,sBACrB,EAAE,GACF;IAAC;IAAU;IAAS;IAAU;AACjC,OAAI,QAAQ,MAAO,SAAQ,KAAK,GAAG,QAAQ,MAAM;AACjD,OAAI,OAAQ,SAAQ,KAAK,GAAG,OAAO;AAEnC,UAAO,uBAAuB;IAC7B,IAAI;IACJ;IACA;IACA,QAAQ;IACR;IACA;IACA,aAAa,QAAQ,eAAe;IACpC,CAAC;;EAGH,2BAA2B,OAAO,EAAE,MAAM,cAAc,kBAAkB;AACzE,UAAO,0BAA0B;IAChC;IACA;IACA,aAAa,QAAQ,eAAe;IACpC;IACA;IACA,CAAC;;EAGH,oBAAoB,QAAQ,qBACzB,QAAQ,qBACR,OAAO,iBAAiB;AACxB,UAAO,mBAAmB;IACzB;IACA,SAAS;KACR,UAAU,QAAQ;KAClB,cAAc,QAAQ;KACtB;IACD;IACA,CAAC;;EAGL,MAAM,YAAY,OAAO;AACxB,OAAI,QAAQ,YACX,QAAO,QAAQ,YAAY,MAAM;AAGlC,OAAI;IACH,MAAM,EAAE,MAAM,SAAS,MAAM,YAC5B,kBACA,EACC,SAAS,EACR,eAAe,UAAU,MAAM,eAC/B,EACD,CACD;AAED,QAAI,CAAC,MAAM;AACV,YAAO,MAAM,4CAA4C;AACzD,YAAO;;IAGR,MAAM,UAAU,MAAM,QAAQ,mBAAmB,KAAK;AAEtD,WAAO;KACN,MAAM;MACL,IAAI,KAAK;MACT,MAAM,KAAK;MACX,OAAO,KAAK;MACZ,OAAO,KAAK,QAAQ,WAAW,KAAK,QAAQ;MAC5C,eAAe,KAAK,kBAAkB;MACtC,GAAG;MACH;KACD,MAAM;KACN;YACO,OAAO;AACf,WAAO,MAAM,8CAA8C,MAAM;AACjE,WAAO;;;EAIT;EACA"}
package/dist/social-providers/slack.d.mts CHANGED
@@ -82,4 +82,5 @@ declare const slack: (options: SlackOptions) => {
82
82
  options: SlackOptions;
83
83
  };
84
84
  //#endregion
85
- export { SlackOptions, SlackProfile, slack };
85
+ export { SlackOptions, SlackProfile, slack };
86
+ //# sourceMappingURL=slack.d.mts.map
package/dist/social-providers/slack.mjs CHANGED
@@ -65,4 +65,5 @@ const slack = (options) => {
65
65
  };
66
66
 
67
67
  //#endregion
68
- export { slack };
68
+ export { slack };
69
+ //# sourceMappingURL=slack.mjs.map
package/dist/social-providers/slack.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"slack.mjs","names":[],"sources":["../../src/social-providers/slack.ts"],"sourcesContent":["import { betterFetch } from \"@better-fetch/fetch\";\nimport type { OAuthProvider, ProviderOptions } from \"../oauth2\";\nimport { refreshAccessToken, validateAuthorizationCode } from \"../oauth2\";\n\nexport interface SlackProfile extends Record<string, any> {\n\tok: boolean;\n\tsub: string;\n\t\"https://slack.com/user_id\": string;\n\t\"https://slack.com/team_id\": string;\n\temail: string;\n\temail_verified: boolean;\n\tdate_email_verified: number;\n\tname: string;\n\tpicture: string;\n\tgiven_name: string;\n\tfamily_name: string;\n\tlocale: string;\n\t\"https://slack.com/team_name\": string;\n\t\"https://slack.com/team_domain\": string;\n\t\"https://slack.com/user_image_24\": string;\n\t\"https://slack.com/user_image_32\": string;\n\t\"https://slack.com/user_image_48\": string;\n\t\"https://slack.com/user_image_72\": string;\n\t\"https://slack.com/user_image_192\": string;\n\t\"https://slack.com/user_image_512\": string;\n\t\"https://slack.com/team_image_34\": string;\n\t\"https://slack.com/team_image_44\": string;\n\t\"https://slack.com/team_image_68\": string;\n\t\"https://slack.com/team_image_88\": string;\n\t\"https://slack.com/team_image_102\": string;\n\t\"https://slack.com/team_image_132\": string;\n\t\"https://slack.com/team_image_230\": string;\n\t\"https://slack.com/team_image_default\": boolean;\n}\n\nexport interface SlackOptions extends ProviderOptions<SlackProfile> {\n\tclientId: string;\n}\n\nexport const slack = (options: SlackOptions) => {\n\treturn {\n\t\tid: \"slack\",\n\t\tname: \"Slack\",\n\t\tcreateAuthorizationURL({ state, scopes, redirectURI }) {\n\t\t\tconst _scopes = options.disableDefaultScope\n\t\t\t\t? []\n\t\t\t\t: [\"openid\", \"profile\", \"email\"];\n\t\t\tif (scopes) _scopes.push(...scopes);\n\t\t\tif (options.scope) _scopes.push(...options.scope);\n\t\t\tconst url = new URL(\"https://slack.com/openid/connect/authorize\");\n\t\t\turl.searchParams.set(\"scope\", _scopes.join(\" \"));\n\t\t\turl.searchParams.set(\"response_type\", \"code\");\n\t\t\turl.searchParams.set(\"client_id\", options.clientId);\n\t\t\turl.searchParams.set(\"redirect_uri\", options.redirectURI || redirectURI);\n\t\t\turl.searchParams.set(\"state\", state);\n\t\t\treturn url;\n\t\t},\n\t\tvalidateAuthorizationCode: async ({ code, redirectURI }) => {\n\t\t\treturn validateAuthorizationCode({\n\t\t\t\tcode,\n\t\t\t\tredirectURI,\n\t\t\t\toptions,\n\t\t\t\ttokenEndpoint: \"https://slack.com/api/openid.connect.token\",\n\t\t\t});\n\t\t},\n\t\trefreshAccessToken: options.refreshAccessToken\n\t\t\t? options.refreshAccessToken\n\t\t\t: async (refreshToken) => {\n\t\t\t\t\treturn refreshAccessToken({\n\t\t\t\t\t\trefreshToken,\n\t\t\t\t\t\toptions: {\n\t\t\t\t\t\t\tclientId: options.clientId,\n\t\t\t\t\t\t\tclientKey: options.clientKey,\n\t\t\t\t\t\t\tclientSecret: options.clientSecret,\n\t\t\t\t\t\t},\n\t\t\t\t\t\ttokenEndpoint: \"https://slack.com/api/openid.connect.token\",\n\t\t\t\t\t});\n\t\t\t\t},\n\t\tasync getUserInfo(token) {\n\t\t\tif (options.getUserInfo) {\n\t\t\t\treturn options.getUserInfo(token);\n\t\t\t}\n\t\t\tconst { data: profile, error } = await betterFetch<SlackProfile>(\n\t\t\t\t\"https://slack.com/api/openid.connect.userInfo\",\n\t\t\t\t{\n\t\t\t\t\theaders: {\n\t\t\t\t\t\tauthorization: `Bearer ${token.accessToken}`,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t);\n\n\t\t\tif (error) {\n\t\t\t\treturn null;\n\t\t\t}\n\n\t\t\tconst userMap = await options.mapProfileToUser?.(profile);\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: profile[\"https://slack.com/user_id\"],\n\t\t\t\t\tname: profile.name || \"\",\n\t\t\t\t\temail: profile.email,\n\t\t\t\t\temailVerified: profile.email_verified,\n\t\t\t\t\timage: profile.picture || profile[\"https://slack.com/user_image_512\"],\n\t\t\t\t\t...userMap,\n\t\t\t\t},\n\t\t\t\tdata: profile,\n\t\t\t};\n\t\t},\n\t\toptions,\n\t} satisfies OAuthProvider<SlackProfile>;\n};\n"],"mappings":";;;;;;AAuCA,MAAa,SAAS,YAA0B;AAC/C,QAAO;EACN,IAAI;EACJ,MAAM;EACN,uBAAuB,EAAE,OAAO,QAAQ,eAAe;GACtD,MAAM,UAAU,QAAQ,sBACrB,EAAE,GACF;IAAC;IAAU;IAAW;IAAQ;AACjC,OAAI,OAAQ,SAAQ,KAAK,GAAG,OAAO;AACnC,OAAI,QAAQ,MAAO,SAAQ,KAAK,GAAG,QAAQ,MAAM;GACjD,MAAM,MAAM,IAAI,IAAI,6CAA6C;AACjE,OAAI,aAAa,IAAI,SAAS,QAAQ,KAAK,IAAI,CAAC;AAChD,OAAI,aAAa,IAAI,iBAAiB,OAAO;AAC7C,OAAI,aAAa,IAAI,aAAa,QAAQ,SAAS;AACnD,OAAI,aAAa,IAAI,gBAAgB,QAAQ,eAAe,YAAY;AACxE,OAAI,aAAa,IAAI,SAAS,MAAM;AACpC,UAAO;;EAER,2BAA2B,OAAO,EAAE,MAAM,kBAAkB;AAC3D,UAAO,0BAA0B;IAChC;IACA;IACA;IACA,eAAe;IACf,CAAC;;EAEH,oBAAoB,QAAQ,qBACzB,QAAQ,qBACR,OAAO,iBAAiB;AACxB,UAAO,mBAAmB;IACzB;IACA,SAAS;KACR,UAAU,QAAQ;KAClB,WAAW,QAAQ;KACnB,cAAc,QAAQ;KACtB;IACD,eAAe;IACf,CAAC;;EAEL,MAAM,YAAY,OAAO;AACxB,OAAI,QAAQ,YACX,QAAO,QAAQ,YAAY,MAAM;GAElC,MAAM,EAAE,MAAM,SAAS,UAAU,MAAM,YACtC,iDACA,EACC,SAAS,EACR,eAAe,UAAU,MAAM,eAC/B,EACD,CACD;AAED,OAAI,MACH,QAAO;GAGR,MAAM,UAAU,MAAM,QAAQ,mBAAmB,QAAQ;AACzD,UAAO;IACN,MAAM;KACL,IAAI,QAAQ;KACZ,MAAM,QAAQ,QAAQ;KACtB,OAAO,QAAQ;KACf,eAAe,QAAQ;KACvB,OAAO,QAAQ,WAAW,QAAQ;KAClC,GAAG;KACH;IACD,MAAM;IACN;;EAEF;EACA"}
package/dist/social-providers/spotify.d.mts CHANGED
@@ -62,4 +62,5 @@ declare const spotify: (options: SpotifyOptions) => {
62
62
  options: SpotifyOptions;
63
63
  };
64
64
  //#endregion
65
- export { SpotifyOptions, SpotifyProfile, spotify };
65
+ export { SpotifyOptions, SpotifyProfile, spotify };
66
+ //# sourceMappingURL=spotify.d.mts.map
package/dist/social-providers/spotify.mjs CHANGED
@@ -68,4 +68,5 @@ const spotify = (options) => {
68
68
  };
69
69
 
70
70
  //#endregion
71
- export { spotify };
71
+ export { spotify };
72
+ //# sourceMappingURL=spotify.mjs.map
package/dist/social-providers/spotify.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"spotify.mjs","names":[],"sources":["../../src/social-providers/spotify.ts"],"sourcesContent":["import { betterFetch } from \"@better-fetch/fetch\";\nimport type { OAuthProvider, ProviderOptions } from \"../oauth2\";\nimport {\n\tcreateAuthorizationURL,\n\trefreshAccessToken,\n\tvalidateAuthorizationCode,\n} from \"../oauth2\";\n\nexport interface SpotifyProfile {\n\tid: string;\n\tdisplay_name: string;\n\temail: string;\n\timages: {\n\t\turl: string;\n\t}[];\n}\n\nexport interface SpotifyOptions extends ProviderOptions<SpotifyProfile> {\n\tclientId: string;\n}\n\nexport const spotify = (options: SpotifyOptions) => {\n\treturn {\n\t\tid: \"spotify\",\n\t\tname: \"Spotify\",\n\t\tcreateAuthorizationURL({ state, scopes, codeVerifier, redirectURI }) {\n\t\t\tconst _scopes = options.disableDefaultScope ? [] : [\"user-read-email\"];\n\t\t\tif (options.scope) _scopes.push(...options.scope);\n\t\t\tif (scopes) _scopes.push(...scopes);\n\t\t\treturn createAuthorizationURL({\n\t\t\t\tid: \"spotify\",\n\t\t\t\toptions,\n\t\t\t\tauthorizationEndpoint: \"https://accounts.spotify.com/authorize\",\n\t\t\t\tscopes: _scopes,\n\t\t\t\tstate,\n\t\t\t\tcodeVerifier,\n\t\t\t\tredirectURI,\n\t\t\t});\n\t\t},\n\t\tvalidateAuthorizationCode: async ({ code, codeVerifier, redirectURI }) => {\n\t\t\treturn validateAuthorizationCode({\n\t\t\t\tcode,\n\t\t\t\tcodeVerifier,\n\t\t\t\tredirectURI,\n\t\t\t\toptions,\n\t\t\t\ttokenEndpoint: \"https://accounts.spotify.com/api/token\",\n\t\t\t});\n\t\t},\n\t\trefreshAccessToken: options.refreshAccessToken\n\t\t\t? options.refreshAccessToken\n\t\t\t: async (refreshToken) => {\n\t\t\t\t\treturn refreshAccessToken({\n\t\t\t\t\t\trefreshToken,\n\t\t\t\t\t\toptions: {\n\t\t\t\t\t\t\tclientId: options.clientId,\n\t\t\t\t\t\t\tclientKey: options.clientKey,\n\t\t\t\t\t\t\tclientSecret: options.clientSecret,\n\t\t\t\t\t\t},\n\t\t\t\t\t\ttokenEndpoint: \"https://accounts.spotify.com/api/token\",\n\t\t\t\t\t});\n\t\t\t\t},\n\t\tasync getUserInfo(token) {\n\t\t\tif (options.getUserInfo) {\n\t\t\t\treturn options.getUserInfo(token);\n\t\t\t}\n\t\t\tconst { data: profile, error } = await betterFetch<SpotifyProfile>(\n\t\t\t\t\"https://api.spotify.com/v1/me\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"GET\",\n\t\t\t\t\theaders: {\n\t\t\t\t\t\tAuthorization: `Bearer ${token.accessToken}`,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t);\n\t\t\tif (error) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\tconst userMap = await options.mapProfileToUser?.(profile);\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: profile.id,\n\t\t\t\t\tname: profile.display_name,\n\t\t\t\t\temail: profile.email,\n\t\t\t\t\timage: profile.images[0]?.url,\n\t\t\t\t\temailVerified: false,\n\t\t\t\t\t...userMap,\n\t\t\t\t},\n\t\t\t\tdata: profile,\n\t\t\t};\n\t\t},\n\t\toptions,\n\t} satisfies OAuthProvider<SpotifyProfile>;\n};\n"],"mappings":";;;;;;;AAqBA,MAAa,WAAW,YAA4B;AACnD,QAAO;EACN,IAAI;EACJ,MAAM;EACN,uBAAuB,EAAE,OAAO,QAAQ,cAAc,eAAe;GACpE,MAAM,UAAU,QAAQ,sBAAsB,EAAE,GAAG,CAAC,kBAAkB;AACtE,OAAI,QAAQ,MAAO,SAAQ,KAAK,GAAG,QAAQ,MAAM;AACjD,OAAI,OAAQ,SAAQ,KAAK,GAAG,OAAO;AACnC,UAAO,uBAAuB;IAC7B,IAAI;IACJ;IACA,uBAAuB;IACvB,QAAQ;IACR;IACA;IACA;IACA,CAAC;;EAEH,2BAA2B,OAAO,EAAE,MAAM,cAAc,kBAAkB;AACzE,UAAO,0BAA0B;IAChC;IACA;IACA;IACA;IACA,eAAe;IACf,CAAC;;EAEH,oBAAoB,QAAQ,qBACzB,QAAQ,qBACR,OAAO,iBAAiB;AACxB,UAAO,mBAAmB;IACzB;IACA,SAAS;KACR,UAAU,QAAQ;KAClB,WAAW,QAAQ;KACnB,cAAc,QAAQ;KACtB;IACD,eAAe;IACf,CAAC;;EAEL,MAAM,YAAY,OAAO;AACxB,OAAI,QAAQ,YACX,QAAO,QAAQ,YAAY,MAAM;GAElC,MAAM,EAAE,MAAM,SAAS,UAAU,MAAM,YACtC,iCACA;IACC,QAAQ;IACR,SAAS,EACR,eAAe,UAAU,MAAM,eAC/B;IACD,CACD;AACD,OAAI,MACH,QAAO;GAER,MAAM,UAAU,MAAM,QAAQ,mBAAmB,QAAQ;AACzD,UAAO;IACN,MAAM;KACL,IAAI,QAAQ;KACZ,MAAM,QAAQ;KACd,OAAO,QAAQ;KACf,OAAO,QAAQ,OAAO,IAAI;KAC1B,eAAe;KACf,GAAG;KACH;IACD,MAAM;IACN;;EAEF;EACA"}
package/dist/social-providers/tiktok.d.mts CHANGED
@@ -168,4 +168,5 @@ declare const tiktok: (options: TiktokOptions) => {
168
168
  options: TiktokOptions;
169
169
  };
170
170
  //#endregion
171
- export { TiktokOptions, TiktokProfile, tiktok };
171
+ export { TiktokOptions, TiktokProfile, tiktok };
172
+ //# sourceMappingURL=tiktok.d.mts.map
package/dist/social-providers/tiktok.mjs CHANGED
@@ -59,4 +59,5 @@ const tiktok = (options) => {
59
59
  };
60
60
 
61
61
  //#endregion
62
- export { tiktok };
62
+ export { tiktok };
63
+ //# sourceMappingURL=tiktok.mjs.map
package/dist/social-providers/tiktok.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"tiktok.mjs","names":[],"sources":["../../src/social-providers/tiktok.ts"],"sourcesContent":["import { betterFetch } from \"@better-fetch/fetch\";\nimport type { OAuthProvider, ProviderOptions } from \"../oauth2\";\nimport { refreshAccessToken, validateAuthorizationCode } from \"../oauth2\";\n\n/**\n * [More info](https://developers.tiktok.com/doc/tiktok-api-v2-get-user-info/)\n */\nexport interface TiktokProfile extends Record<string, any> {\n\tdata: {\n\t\tuser: {\n\t\t\t/**\n\t\t\t * The unique identification of the user in the current application.Open id\n\t\t\t * for the client.\n\t\t\t *\n\t\t\t * To return this field, add `fields=open_id` in the user profile request's query parameter.\n\t\t\t */\n\t\t\topen_id: string;\n\t\t\t/**\n\t\t\t * The unique identification of the user across different apps for the same developer.\n\t\t\t * For example, if a partner has X number of clients,\n\t\t\t * it will get X number of open_id for the same TikTok user,\n\t\t\t * but one persistent union_id for the particular user.\n\t\t\t *\n\t\t\t * To return this field, add `fields=union_id` in the user profile request's query parameter.\n\t\t\t */\n\t\t\tunion_id?: string | undefined;\n\t\t\t/**\n\t\t\t * User's profile image.\n\t\t\t *\n\t\t\t * To return this field, add `fields=avatar_url` in the user profile request's query parameter.\n\t\t\t */\n\t\t\tavatar_url?: string | undefined;\n\t\t\t/**\n\t\t\t * User`s profile image in 100x100 size.\n\t\t\t *\n\t\t\t * To return this field, add `fields=avatar_url_100` in the user profile request's query parameter.\n\t\t\t */\n\t\t\tavatar_url_100?: string | undefined;\n\t\t\t/**\n\t\t\t * User's profile image with higher resolution\n\t\t\t *\n\t\t\t * To return this field, add `fields=avatar_url_100` in the user profile request's query parameter.\n\t\t\t */\n\t\t\tavatar_large_url: string;\n\t\t\t/**\n\t\t\t * User's profile name\n\t\t\t *\n\t\t\t * To return this field, add `fields=display_name` in the user profile request's query parameter.\n\t\t\t */\n\t\t\tdisplay_name: string;\n\t\t\t/**\n\t\t\t * User's username.\n\t\t\t *\n\t\t\t * To return this field, add `fields=username` in the user profile request's query parameter.\n\t\t\t */\n\t\t\tusername: string;\n\t\t\t/** @note Email is currently unsupported by TikTok */\n\t\t\temail?: string | undefined;\n\t\t\t/**\n\t\t\t * User's bio description if there is a valid one.\n\t\t\t *\n\t\t\t * To return this field, add `fields=bio_description` in the user profile request's query parameter.\n\t\t\t */\n\t\t\tbio_description?: string | undefined;\n\t\t\t/**\n\t\t\t * The link to user's TikTok profile page.\n\t\t\t *\n\t\t\t * To return this field, add `fields=profile_deep_link` in the user profile request's query parameter.\n\t\t\t */\n\t\t\tprofile_deep_link?: string | undefined;\n\t\t\t/**\n\t\t\t * Whether TikTok has provided a verified badge to the account after confirming\n\t\t\t * that it belongs to the user it represents.\n\t\t\t *\n\t\t\t * To return this field, add `fields=is_verified` in the user profile request's query parameter.\n\t\t\t */\n\t\t\tis_verified?: boolean | undefined;\n\t\t\t/**\n\t\t\t * User's followers count.\n\t\t\t *\n\t\t\t * To return this field, add `fields=follower_count` in the user profile request's query parameter.\n\t\t\t */\n\t\t\tfollower_count?: number | undefined;\n\t\t\t/**\n\t\t\t * The number of accounts that the user is following.\n\t\t\t *\n\t\t\t * To return this field, add `fields=following_count` in the user profile request's query parameter.\n\t\t\t */\n\t\t\tfollowing_count?: number | undefined;\n\t\t\t/**\n\t\t\t * The total number of likes received by the user across all of their videos.\n\t\t\t *\n\t\t\t * To return this field, add `fields=likes_count` in the user profile request's query parameter.\n\t\t\t */\n\t\t\tlikes_count?: number | undefined;\n\t\t\t/**\n\t\t\t * The total number of publicly posted videos by the user.\n\t\t\t *\n\t\t\t * To return this field, add `fields=video_count` in the user profile request's query parameter.\n\t\t\t */\n\t\t\tvideo_count?: number | undefined;\n\t\t};\n\t};\n\terror?:\n\t\t| {\n\t\t\t\t/**\n\t\t\t\t * The error category in string.\n\t\t\t\t */\n\t\t\t\tcode?: string;\n\t\t\t\t/**\n\t\t\t\t * The error message in string.\n\t\t\t\t */\n\t\t\t\tmessage?: string;\n\t\t\t\t/**\n\t\t\t\t * The error message in string.\n\t\t\t\t */\n\t\t\t\tlog_id?: string;\n\t\t }\n\t\t| undefined;\n}\n\nexport interface TiktokOptions extends ProviderOptions {\n\t// Client ID is not used in TikTok, we delete it from the options\n\tclientId?: never | undefined;\n\tclientSecret: string;\n\tclientKey: string;\n}\n\nexport const tiktok = (options: TiktokOptions) => {\n\treturn {\n\t\tid: \"tiktok\",\n\t\tname: \"TikTok\",\n\t\tcreateAuthorizationURL({ state, scopes, redirectURI }) {\n\t\t\tconst _scopes = options.disableDefaultScope ? [] : [\"user.info.profile\"];\n\t\t\tif (options.scope) _scopes.push(...options.scope);\n\t\t\tif (scopes) _scopes.push(...scopes);\n\t\t\treturn new URL(\n\t\t\t\t`https://www.tiktok.com/v2/auth/authorize?scope=${_scopes.join(\n\t\t\t\t\t\",\",\n\t\t\t\t)}&response_type=code&client_key=${options.clientKey}&redirect_uri=${encodeURIComponent(\n\t\t\t\t\toptions.redirectURI || redirectURI,\n\t\t\t\t)}&state=${state}`,\n\t\t\t);\n\t\t},\n\n\t\tvalidateAuthorizationCode: async ({ code, redirectURI }) => {\n\t\t\treturn validateAuthorizationCode({\n\t\t\t\tcode,\n\t\t\t\tredirectURI: options.redirectURI || redirectURI,\n\t\t\t\toptions: {\n\t\t\t\t\tclientKey: options.clientKey,\n\t\t\t\t\tclientSecret: options.clientSecret,\n\t\t\t\t},\n\t\t\t\ttokenEndpoint: \"https://open.tiktokapis.com/v2/oauth/token/\",\n\t\t\t});\n\t\t},\n\t\trefreshAccessToken: options.refreshAccessToken\n\t\t\t? options.refreshAccessToken\n\t\t\t: async (refreshToken) => {\n\t\t\t\t\treturn refreshAccessToken({\n\t\t\t\t\t\trefreshToken,\n\t\t\t\t\t\toptions: {\n\t\t\t\t\t\t\tclientSecret: options.clientSecret,\n\t\t\t\t\t\t},\n\t\t\t\t\t\ttokenEndpoint: \"https://open.tiktokapis.com/v2/oauth/token/\",\n\t\t\t\t\t\tauthentication: \"post\",\n\t\t\t\t\t\textraParams: {\n\t\t\t\t\t\t\tclient_key: options.clientKey,\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\t\t\t\t},\n\t\tasync getUserInfo(token) {\n\t\t\tif (options.getUserInfo) {\n\t\t\t\treturn options.getUserInfo(token);\n\t\t\t}\n\n\t\t\tconst fields = [\n\t\t\t\t\"open_id\",\n\t\t\t\t\"avatar_large_url\",\n\t\t\t\t\"display_name\",\n\t\t\t\t\"username\",\n\t\t\t];\n\t\t\tconst { data: profile, error } = await betterFetch<TiktokProfile>(\n\t\t\t\t`https://open.tiktokapis.com/v2/user/info/?fields=${fields.join(\",\")}`,\n\t\t\t\t{\n\t\t\t\t\theaders: {\n\t\t\t\t\t\tauthorization: `Bearer ${token.accessToken}`,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t);\n\n\t\t\tif (error) {\n\t\t\t\treturn null;\n\t\t\t}\n\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\temail: profile.data.user.email || profile.data.user.username,\n\t\t\t\t\tid: profile.data.user.open_id,\n\t\t\t\t\tname: profile.data.user.display_name || profile.data.user.username,\n\t\t\t\t\timage: profile.data.user.avatar_large_url,\n\t\t\t\t\temailVerified: false,\n\t\t\t\t},\n\t\t\t\tdata: profile,\n\t\t\t};\n\t\t},\n\t\toptions,\n\t} satisfies OAuthProvider<TiktokProfile, TiktokOptions>;\n};\n"],"mappings":";;;;;;AAgIA,MAAa,UAAU,YAA2B;AACjD,QAAO;EACN,IAAI;EACJ,MAAM;EACN,uBAAuB,EAAE,OAAO,QAAQ,eAAe;GACtD,MAAM,UAAU,QAAQ,sBAAsB,EAAE,GAAG,CAAC,oBAAoB;AACxE,OAAI,QAAQ,MAAO,SAAQ,KAAK,GAAG,QAAQ,MAAM;AACjD,OAAI,OAAQ,SAAQ,KAAK,GAAG,OAAO;AACnC,UAAO,IAAI,IACV,kDAAkD,QAAQ,KACzD,IACA,CAAC,iCAAiC,QAAQ,UAAU,gBAAgB,mBACpE,QAAQ,eAAe,YACvB,CAAC,SAAS,QACX;;EAGF,2BAA2B,OAAO,EAAE,MAAM,kBAAkB;AAC3D,UAAO,0BAA0B;IAChC;IACA,aAAa,QAAQ,eAAe;IACpC,SAAS;KACR,WAAW,QAAQ;KACnB,cAAc,QAAQ;KACtB;IACD,eAAe;IACf,CAAC;;EAEH,oBAAoB,QAAQ,qBACzB,QAAQ,qBACR,OAAO,iBAAiB;AACxB,UAAO,mBAAmB;IACzB;IACA,SAAS,EACR,cAAc,QAAQ,cACtB;IACD,eAAe;IACf,gBAAgB;IAChB,aAAa,EACZ,YAAY,QAAQ,WACpB;IACD,CAAC;;EAEL,MAAM,YAAY,OAAO;AACxB,OAAI,QAAQ,YACX,QAAO,QAAQ,YAAY,MAAM;GASlC,MAAM,EAAE,MAAM,SAAS,UAAU,MAAM,YACtC,oDAPc;IACd;IACA;IACA;IACA;IACA,CAE2D,KAAK,IAAI,IACpE,EACC,SAAS,EACR,eAAe,UAAU,MAAM,eAC/B,EACD,CACD;AAED,OAAI,MACH,QAAO;AAGR,UAAO;IACN,MAAM;KACL,OAAO,QAAQ,KAAK,KAAK,SAAS,QAAQ,KAAK,KAAK;KACpD,IAAI,QAAQ,KAAK,KAAK;KACtB,MAAM,QAAQ,KAAK,KAAK,gBAAgB,QAAQ,KAAK,KAAK;KAC1D,OAAO,QAAQ,KAAK,KAAK;KACzB,eAAe;KACf;IACD,MAAM;IACN;;EAEF;EACA"}
package/dist/social-providers/twitch.d.mts CHANGED
@@ -78,4 +78,5 @@ declare const twitch: (options: TwitchOptions) => {
78
78
  options: TwitchOptions;
79
79
  };
80
80
  //#endregion
81
- export { TwitchOptions, TwitchProfile, twitch };
81
+ export { TwitchOptions, TwitchProfile, twitch };
82
+ //# sourceMappingURL=twitch.d.mts.map
package/dist/social-providers/twitch.mjs CHANGED
@@ -75,4 +75,5 @@ const twitch = (options) => {
75
75
  };
76
76
 
77
77
  //#endregion
78
- export { twitch };
78
+ export { twitch };
79
+ //# sourceMappingURL=twitch.mjs.map
package/dist/social-providers/twitch.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"twitch.mjs","names":[],"sources":["../../src/social-providers/twitch.ts"],"sourcesContent":["import { decodeJwt } from \"jose\";\nimport { logger } from \"../env\";\nimport type { OAuthProvider, ProviderOptions } from \"../oauth2\";\nimport {\n\tcreateAuthorizationURL,\n\trefreshAccessToken,\n\tvalidateAuthorizationCode,\n} from \"../oauth2\";\n\n/**\n * @see https://dev.twitch.tv/docs/authentication/getting-tokens-oidc/#requesting-claims\n */\nexport interface TwitchProfile {\n\t/**\n\t * The sub of the user\n\t */\n\tsub: string;\n\t/**\n\t * The preferred username of the user\n\t */\n\tpreferred_username: string;\n\t/**\n\t * The email of the user\n\t */\n\temail: string;\n\t/**\n\t * Indicate if this user has a verified email.\n\t */\n\temail_verified: boolean;\n\t/**\n\t * The picture of the user\n\t */\n\tpicture: string;\n}\n\nexport interface TwitchOptions extends ProviderOptions<TwitchProfile> {\n\tclientId: string;\n\tclaims?: string[] | undefined;\n}\nexport const twitch = (options: TwitchOptions) => {\n\treturn {\n\t\tid: \"twitch\",\n\t\tname: \"Twitch\",\n\t\tcreateAuthorizationURL({ state, scopes, redirectURI }) {\n\t\t\tconst _scopes = options.disableDefaultScope\n\t\t\t\t? []\n\t\t\t\t: [\"user:read:email\", \"openid\"];\n\t\t\tif (options.scope) _scopes.push(...options.scope);\n\t\t\tif (scopes) _scopes.push(...scopes);\n\t\t\treturn createAuthorizationURL({\n\t\t\t\tid: \"twitch\",\n\t\t\t\tredirectURI,\n\t\t\t\toptions,\n\t\t\t\tauthorizationEndpoint: \"https://id.twitch.tv/oauth2/authorize\",\n\t\t\t\tscopes: _scopes,\n\t\t\t\tstate,\n\t\t\t\tclaims: options.claims || [\n\t\t\t\t\t\"email\",\n\t\t\t\t\t\"email_verified\",\n\t\t\t\t\t\"preferred_username\",\n\t\t\t\t\t\"picture\",\n\t\t\t\t],\n\t\t\t});\n\t\t},\n\t\tvalidateAuthorizationCode: async ({ code, redirectURI }) => {\n\t\t\treturn validateAuthorizationCode({\n\t\t\t\tcode,\n\t\t\t\tredirectURI,\n\t\t\t\toptions,\n\t\t\t\ttokenEndpoint: \"https://id.twitch.tv/oauth2/token\",\n\t\t\t});\n\t\t},\n\t\trefreshAccessToken: options.refreshAccessToken\n\t\t\t? options.refreshAccessToken\n\t\t\t: async (refreshToken) => {\n\t\t\t\t\treturn refreshAccessToken({\n\t\t\t\t\t\trefreshToken,\n\t\t\t\t\t\toptions: {\n\t\t\t\t\t\t\tclientId: options.clientId,\n\t\t\t\t\t\t\tclientKey: options.clientKey,\n\t\t\t\t\t\t\tclientSecret: options.clientSecret,\n\t\t\t\t\t\t},\n\t\t\t\t\t\ttokenEndpoint: \"https://id.twitch.tv/oauth2/token\",\n\t\t\t\t\t});\n\t\t\t\t},\n\t\tasync getUserInfo(token) {\n\t\t\tif (options.getUserInfo) {\n\t\t\t\treturn options.getUserInfo(token);\n\t\t\t}\n\t\t\tconst idToken = token.idToken;\n\t\t\tif (!idToken) {\n\t\t\t\tlogger.error(\"No idToken found in token\");\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\tconst profile = decodeJwt(idToken) as TwitchProfile;\n\t\t\tconst userMap = await options.mapProfileToUser?.(profile);\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: profile.sub,\n\t\t\t\t\tname: profile.preferred_username,\n\t\t\t\t\temail: profile.email,\n\t\t\t\t\timage: profile.picture,\n\t\t\t\t\temailVerified: profile.email_verified,\n\t\t\t\t\t...userMap,\n\t\t\t\t},\n\t\t\t\tdata: profile,\n\t\t\t};\n\t\t},\n\t\toptions,\n\t} satisfies OAuthProvider<TwitchProfile>;\n};\n"],"mappings":";;;;;;;;;AAuCA,MAAa,UAAU,YAA2B;AACjD,QAAO;EACN,IAAI;EACJ,MAAM;EACN,uBAAuB,EAAE,OAAO,QAAQ,eAAe;GACtD,MAAM,UAAU,QAAQ,sBACrB,EAAE,GACF,CAAC,mBAAmB,SAAS;AAChC,OAAI,QAAQ,MAAO,SAAQ,KAAK,GAAG,QAAQ,MAAM;AACjD,OAAI,OAAQ,SAAQ,KAAK,GAAG,OAAO;AACnC,UAAO,uBAAuB;IAC7B,IAAI;IACJ;IACA;IACA,uBAAuB;IACvB,QAAQ;IACR;IACA,QAAQ,QAAQ,UAAU;KACzB;KACA;KACA;KACA;KACA;IACD,CAAC;;EAEH,2BAA2B,OAAO,EAAE,MAAM,kBAAkB;AAC3D,UAAO,0BAA0B;IAChC;IACA;IACA;IACA,eAAe;IACf,CAAC;;EAEH,oBAAoB,QAAQ,qBACzB,QAAQ,qBACR,OAAO,iBAAiB;AACxB,UAAO,mBAAmB;IACzB;IACA,SAAS;KACR,UAAU,QAAQ;KAClB,WAAW,QAAQ;KACnB,cAAc,QAAQ;KACtB;IACD,eAAe;IACf,CAAC;;EAEL,MAAM,YAAY,OAAO;AACxB,OAAI,QAAQ,YACX,QAAO,QAAQ,YAAY,MAAM;GAElC,MAAM,UAAU,MAAM;AACtB,OAAI,CAAC,SAAS;AACb,WAAO,MAAM,4BAA4B;AACzC,WAAO;;GAER,MAAM,UAAU,UAAU,QAAQ;GAClC,MAAM,UAAU,MAAM,QAAQ,mBAAmB,QAAQ;AACzD,UAAO;IACN,MAAM;KACL,IAAI,QAAQ;KACZ,MAAM,QAAQ;KACd,OAAO,QAAQ;KACf,OAAO,QAAQ;KACf,eAAe,QAAQ;KACvB,GAAG;KACH;IACD,MAAM;IACN;;EAEF;EACA"}
package/dist/social-providers/twitter.d.mts CHANGED
@@ -117,7 +117,7 @@ declare const twitter: (options: TwitterOption) => {
117
117
  refreshAccessToken: (refreshToken: string) => Promise<OAuth2Tokens>;
118
118
  getUserInfo(token: OAuth2Tokens & {
119
119
  user?: {
120
- name?: {
120
+ name? /** The start position (zero-based) of the recognized user's profile website. All start indices are inclusive. */: {
121
121
  firstName?: string;
122
122
  lastName?: string;
123
123
  };
@@ -137,4 +137,5 @@ declare const twitter: (options: TwitterOption) => {
137
137
  options: TwitterOption;
138
138
  };
139
139
  //#endregion
140
- export { TwitterOption, TwitterProfile, twitter };
140
+ export { TwitterOption, TwitterProfile, twitter };
141
+ //# sourceMappingURL=twitter.d.mts.map
package/dist/social-providers/twitter.mjs CHANGED
@@ -84,4 +84,5 @@ const twitter = (options) => {
84
84
  };
85
85
 
86
86
  //#endregion
87
- export { twitter };
87
+ export { twitter };
88
+ //# sourceMappingURL=twitter.mjs.map
package/dist/social-providers/twitter.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"twitter.mjs","names":[],"sources":["../../src/social-providers/twitter.ts"],"sourcesContent":["import { betterFetch } from \"@better-fetch/fetch\";\nimport type { OAuthProvider, ProviderOptions } from \"../oauth2\";\nimport {\n\tcreateAuthorizationURL,\n\trefreshAccessToken,\n\tvalidateAuthorizationCode,\n} from \"../oauth2\";\n\nexport interface TwitterProfile {\n\tdata: {\n\t\t/**\n\t\t * Unique identifier of this user. This is returned as a string in order to avoid complications with languages and tools\n\t\t * that cannot handle large integers.\n\t\t */\n\t\tid: string;\n\t\t/** The friendly name of this user, as shown on their profile. */\n\t\tname: string;\n\t\t/** The email address of this user. */\n\t\temail?: string | undefined;\n\t\t/** The Twitter handle (screen name) of this user. */\n\t\tusername: string;\n\t\t/**\n\t\t * The location specified in the user's profile, if the user provided one.\n\t\t * As this is a freeform value, it may not indicate a valid location, but it may be fuzzily evaluated when performing searches with location queries.\n\t\t *\n\t\t * To return this field, add `user.fields=location` in the authorization request's query parameter.\n\t\t */\n\t\tlocation?: string | undefined;\n\t\t/**\n\t\t * This object and its children fields contain details about text that has a special meaning in the user's description.\n\t\t *\n\t\t *To return this field, add `user.fields=entities` in the authorization request's query parameter.\n\t\t */\n\t\tentities?:\n\t\t\t| {\n\t\t\t\t\t/** Contains details about the user's profile website. */\n\t\t\t\t\turl: {\n\t\t\t\t\t\t/** Contains details about the user's profile website. */\n\t\t\t\t\t\turls: Array<{\n\t\t\t\t\t\t\t/** The start position (zero-based) of the recognized user's profile website. All start indices are inclusive. */\n\t\t\t\t\t\t\tstart: number;\n\t\t\t\t\t\t\t/** The end position (zero-based) of the recognized user's profile website. This end index is exclusive. */\n\t\t\t\t\t\t\tend: number;\n\t\t\t\t\t\t\t/** The URL in the format entered by the user. */\n\t\t\t\t\t\t\turl: string;\n\t\t\t\t\t\t\t/** The fully resolved URL. */\n\t\t\t\t\t\t\texpanded_url: string;\n\t\t\t\t\t\t\t/** The URL as displayed in the user's profile. */\n\t\t\t\t\t\t\tdisplay_url: string;\n\t\t\t\t\t\t}>;\n\t\t\t\t\t};\n\t\t\t\t\t/** Contains details about URLs, Hashtags, Cashtags, or mentions located within a user's description. */\n\t\t\t\t\tdescription: {\n\t\t\t\t\t\thashtags: Array<{\n\t\t\t\t\t\t\tstart: number;\n\t\t\t\t\t\t\tend: number;\n\t\t\t\t\t\t\ttag: string;\n\t\t\t\t\t\t}>;\n\t\t\t\t\t};\n\t\t\t }\n\t\t\t| undefined;\n\t\t/**\n\t\t * Indicate if this user is a verified Twitter user.\n\t\t *\n\t\t * To return this field, add `user.fields=verified` in the authorization request's query parameter.\n\t\t */\n\t\tverified?: boolean | undefined;\n\t\t/**\n\t\t * The text of this user's profile description (also known as bio), if the user provided one.\n\t\t *\n\t\t * To return this field, add `user.fields=description` in the authorization request's query parameter.\n\t\t */\n\t\tdescription?: string | undefined;\n\t\t/**\n\t\t * The URL specified in the user's profile, if present.\n\t\t *\n\t\t * To return this field, add `user.fields=url` in the authorization request's query parameter.\n\t\t */\n\t\turl?: string | undefined;\n\t\t/** The URL to the profile image for this user, as shown on the user's profile. */\n\t\tprofile_image_url?: string | undefined;\n\t\tprotected?: boolean | undefined;\n\t\t/**\n\t\t * Unique identifier of this user's pinned Tweet.\n\t\t *\n\t\t * You can obtain the expanded object in `includes.tweets` by adding `expansions=pinned_tweet_id` in the authorization request's query parameter.\n\t\t */\n\t\tpinned_tweet_id?: string | undefined;\n\t\tcreated_at?: string | undefined;\n\t};\n\tincludes?:\n\t\t| {\n\t\t\t\ttweets?: Array<{\n\t\t\t\t\tid: string;\n\t\t\t\t\ttext: string;\n\t\t\t\t}>;\n\t\t }\n\t\t| undefined;\n\t[claims: string]: unknown;\n}\n\nexport interface TwitterOption extends ProviderOptions<TwitterProfile> {\n\tclientId: string;\n}\n\nexport const twitter = (options: TwitterOption) => {\n\treturn {\n\t\tid: \"twitter\",\n\t\tname: \"Twitter\",\n\t\tcreateAuthorizationURL(data) {\n\t\t\tconst _scopes = options.disableDefaultScope\n\t\t\t\t? []\n\t\t\t\t: [\"users.read\", \"tweet.read\", \"offline.access\", \"users.email\"];\n\t\t\tif (options.scope) _scopes.push(...options.scope);\n\t\t\tif (data.scopes) _scopes.push(...data.scopes);\n\t\t\treturn createAuthorizationURL({\n\t\t\t\tid: \"twitter\",\n\t\t\t\toptions,\n\t\t\t\tauthorizationEndpoint: \"https://x.com/i/oauth2/authorize\",\n\t\t\t\tscopes: _scopes,\n\t\t\t\tstate: data.state,\n\t\t\t\tcodeVerifier: data.codeVerifier,\n\t\t\t\tredirectURI: data.redirectURI,\n\t\t\t});\n\t\t},\n\t\tvalidateAuthorizationCode: async ({ code, codeVerifier, redirectURI }) => {\n\t\t\treturn validateAuthorizationCode({\n\t\t\t\tcode,\n\t\t\t\tcodeVerifier,\n\t\t\t\tauthentication: \"basic\",\n\t\t\t\tredirectURI,\n\t\t\t\toptions,\n\t\t\t\ttokenEndpoint: \"https://api.x.com/2/oauth2/token\",\n\t\t\t});\n\t\t},\n\n\t\trefreshAccessToken: options.refreshAccessToken\n\t\t\t? options.refreshAccessToken\n\t\t\t: async (refreshToken) => {\n\t\t\t\t\treturn refreshAccessToken({\n\t\t\t\t\t\trefreshToken,\n\t\t\t\t\t\toptions: {\n\t\t\t\t\t\t\tclientId: options.clientId,\n\t\t\t\t\t\t\tclientKey: options.clientKey,\n\t\t\t\t\t\t\tclientSecret: options.clientSecret,\n\t\t\t\t\t\t},\n\t\t\t\t\t\tauthentication: \"basic\",\n\t\t\t\t\t\ttokenEndpoint: \"https://api.x.com/2/oauth2/token\",\n\t\t\t\t\t});\n\t\t\t\t},\n\t\tasync getUserInfo(token) {\n\t\t\tif (options.getUserInfo) {\n\t\t\t\treturn options.getUserInfo(token);\n\t\t\t}\n\t\t\tconst { data: profile, error: profileError } =\n\t\t\t\tawait betterFetch<TwitterProfile>(\n\t\t\t\t\t\"https://api.x.com/2/users/me?user.fields=profile_image_url\",\n\t\t\t\t\t{\n\t\t\t\t\t\tmethod: \"GET\",\n\t\t\t\t\t\theaders: {\n\t\t\t\t\t\t\tAuthorization: `Bearer ${token.accessToken}`,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t);\n\n\t\t\tif (profileError) {\n\t\t\t\treturn null;\n\t\t\t}\n\n\t\t\tconst { data: emailData, error: emailError } = await betterFetch<{\n\t\t\t\tdata: { confirmed_email: string };\n\t\t\t}>(\"https://api.x.com/2/users/me?user.fields=confirmed_email\", {\n\t\t\t\tmethod: \"GET\",\n\t\t\t\theaders: {\n\t\t\t\t\tAuthorization: `Bearer ${token.accessToken}`,\n\t\t\t\t},\n\t\t\t});\n\t\t\tlet emailVerified = false;\n\t\t\tif (!emailError && emailData?.data?.confirmed_email) {\n\t\t\t\tprofile.data.email = emailData.data.confirmed_email;\n\t\t\t\temailVerified = true;\n\t\t\t}\n\t\t\tconst userMap = await options.mapProfileToUser?.(profile);\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: profile.data.id,\n\t\t\t\t\tname: profile.data.name,\n\t\t\t\t\temail: profile.data.email || profile.data.username || null,\n\t\t\t\t\timage: profile.data.profile_image_url,\n\t\t\t\t\temailVerified: emailVerified,\n\t\t\t\t\t...userMap,\n\t\t\t\t},\n\t\t\t\tdata: profile,\n\t\t\t};\n\t\t},\n\t\toptions,\n\t} satisfies OAuthProvider<TwitterProfile>;\n};\n"],"mappings":";;;;;;;AAyGA,MAAa,WAAW,YAA2B;AAClD,QAAO;EACN,IAAI;EACJ,MAAM;EACN,uBAAuB,MAAM;GAC5B,MAAM,UAAU,QAAQ,sBACrB,EAAE,GACF;IAAC;IAAc;IAAc;IAAkB;IAAc;AAChE,OAAI,QAAQ,MAAO,SAAQ,KAAK,GAAG,QAAQ,MAAM;AACjD,OAAI,KAAK,OAAQ,SAAQ,KAAK,GAAG,KAAK,OAAO;AAC7C,UAAO,uBAAuB;IAC7B,IAAI;IACJ;IACA,uBAAuB;IACvB,QAAQ;IACR,OAAO,KAAK;IACZ,cAAc,KAAK;IACnB,aAAa,KAAK;IAClB,CAAC;;EAEH,2BAA2B,OAAO,EAAE,MAAM,cAAc,kBAAkB;AACzE,UAAO,0BAA0B;IAChC;IACA;IACA,gBAAgB;IAChB;IACA;IACA,eAAe;IACf,CAAC;;EAGH,oBAAoB,QAAQ,qBACzB,QAAQ,qBACR,OAAO,iBAAiB;AACxB,UAAO,mBAAmB;IACzB;IACA,SAAS;KACR,UAAU,QAAQ;KAClB,WAAW,QAAQ;KACnB,cAAc,QAAQ;KACtB;IACD,gBAAgB;IAChB,eAAe;IACf,CAAC;;EAEL,MAAM,YAAY,OAAO;AACxB,OAAI,QAAQ,YACX,QAAO,QAAQ,YAAY,MAAM;GAElC,MAAM,EAAE,MAAM,SAAS,OAAO,iBAC7B,MAAM,YACL,8DACA;IACC,QAAQ;IACR,SAAS,EACR,eAAe,UAAU,MAAM,eAC/B;IACD,CACD;AAEF,OAAI,aACH,QAAO;GAGR,MAAM,EAAE,MAAM,WAAW,OAAO,eAAe,MAAM,YAElD,4DAA4D;IAC9D,QAAQ;IACR,SAAS,EACR,eAAe,UAAU,MAAM,eAC/B;IACD,CAAC;GACF,IAAI,gBAAgB;AACpB,OAAI,CAAC,cAAc,WAAW,MAAM,iBAAiB;AACpD,YAAQ,KAAK,QAAQ,UAAU,KAAK;AACpC,oBAAgB;;GAEjB,MAAM,UAAU,MAAM,QAAQ,mBAAmB,QAAQ;AACzD,UAAO;IACN,MAAM;KACL,IAAI,QAAQ,KAAK;KACjB,MAAM,QAAQ,KAAK;KACnB,OAAO,QAAQ,KAAK,SAAS,QAAQ,KAAK,YAAY;KACtD,OAAO,QAAQ,KAAK;KACL;KACf,GAAG;KACH;IACD,MAAM;IACN;;EAEF;EACA"}
package/dist/social-providers/vercel.d.mts CHANGED
@@ -61,4 +61,5 @@ declare const vercel: (options: VercelOptions) => {
61
61
  options: VercelOptions;
62
62
  };
63
63
  //#endregion
64
- export { VercelOptions, VercelProfile, vercel };
64
+ export { VercelOptions, VercelProfile, vercel };
65
+ //# sourceMappingURL=vercel.d.mts.map
package/dist/social-providers/vercel.mjs CHANGED
@@ -58,4 +58,5 @@ const vercel = (options) => {
58
58
  };
59
59
 
60
60
  //#endregion
61
- export { vercel };
61
+ export { vercel };
62
+ //# sourceMappingURL=vercel.mjs.map
package/dist/social-providers/vercel.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"vercel.mjs","names":["_scopes: string[] | undefined"],"sources":["../../src/social-providers/vercel.ts"],"sourcesContent":["import { betterFetch } from \"@better-fetch/fetch\";\nimport { BetterAuthError } from \"../error\";\nimport type { OAuthProvider, ProviderOptions } from \"../oauth2\";\nimport { createAuthorizationURL, validateAuthorizationCode } from \"../oauth2\";\n\nexport interface VercelProfile {\n\tsub: string;\n\tname?: string;\n\tpreferred_username?: string;\n\temail?: string;\n\temail_verified?: boolean;\n\tpicture?: string;\n}\n\nexport interface VercelOptions extends ProviderOptions<VercelProfile> {\n\tclientId: string;\n}\n\nexport const vercel = (options: VercelOptions) => {\n\treturn {\n\t\tid: \"vercel\",\n\t\tname: \"Vercel\",\n\t\tcreateAuthorizationURL({ state, scopes, codeVerifier, redirectURI }) {\n\t\t\tif (!codeVerifier) {\n\t\t\t\tthrow new BetterAuthError(\"codeVerifier is required for Vercel\");\n\t\t\t}\n\n\t\t\tlet _scopes: string[] | undefined = undefined;\n\t\t\tif (options.scope !== undefined || scopes !== undefined) {\n\t\t\t\t_scopes = [];\n\t\t\t\tif (options.scope) _scopes.push(...options.scope);\n\t\t\t\tif (scopes) _scopes.push(...scopes);\n\t\t\t}\n\n\t\t\treturn createAuthorizationURL({\n\t\t\t\tid: \"vercel\",\n\t\t\t\toptions,\n\t\t\t\tauthorizationEndpoint: \"https://vercel.com/oauth/authorize\",\n\t\t\t\tscopes: _scopes,\n\t\t\t\tstate,\n\t\t\t\tcodeVerifier,\n\t\t\t\tredirectURI,\n\t\t\t});\n\t\t},\n\t\tvalidateAuthorizationCode: async ({ code, codeVerifier, redirectURI }) => {\n\t\t\treturn validateAuthorizationCode({\n\t\t\t\tcode,\n\t\t\t\tcodeVerifier,\n\t\t\t\tredirectURI,\n\t\t\t\toptions,\n\t\t\t\ttokenEndpoint: \"https://api.vercel.com/login/oauth/token\",\n\t\t\t});\n\t\t},\n\t\tasync getUserInfo(token) {\n\t\t\tif (options.getUserInfo) {\n\t\t\t\treturn options.getUserInfo(token);\n\t\t\t}\n\n\t\t\tconst { data: profile, error } = await betterFetch<VercelProfile>(\n\t\t\t\t\"https://api.vercel.com/login/oauth/userinfo\",\n\t\t\t\t{\n\t\t\t\t\theaders: {\n\t\t\t\t\t\tAuthorization: `Bearer ${token.accessToken}`,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t);\n\n\t\t\tif (error || !profile) {\n\t\t\t\treturn null;\n\t\t\t}\n\n\t\t\tconst userMap = await options.mapProfileToUser?.(profile);\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: profile.sub,\n\t\t\t\t\tname: profile.name ?? profile.preferred_username,\n\t\t\t\t\temail: profile.email,\n\t\t\t\t\timage: profile.picture,\n\t\t\t\t\temailVerified: profile.email_verified ?? false,\n\t\t\t\t\t...userMap,\n\t\t\t\t},\n\t\t\t\tdata: profile,\n\t\t\t};\n\t\t},\n\t\toptions,\n\t} satisfies OAuthProvider<VercelProfile>;\n};\n"],"mappings":";;;;;;;AAkBA,MAAa,UAAU,YAA2B;AACjD,QAAO;EACN,IAAI;EACJ,MAAM;EACN,uBAAuB,EAAE,OAAO,QAAQ,cAAc,eAAe;AACpE,OAAI,CAAC,aACJ,OAAM,IAAI,gBAAgB,sCAAsC;GAGjE,IAAIA,UAAgC;AACpC,OAAI,QAAQ,UAAU,UAAa,WAAW,QAAW;AACxD,cAAU,EAAE;AACZ,QAAI,QAAQ,MAAO,SAAQ,KAAK,GAAG,QAAQ,MAAM;AACjD,QAAI,OAAQ,SAAQ,KAAK,GAAG,OAAO;;AAGpC,UAAO,uBAAuB;IAC7B,IAAI;IACJ;IACA,uBAAuB;IACvB,QAAQ;IACR;IACA;IACA;IACA,CAAC;;EAEH,2BAA2B,OAAO,EAAE,MAAM,cAAc,kBAAkB;AACzE,UAAO,0BAA0B;IAChC;IACA;IACA;IACA;IACA,eAAe;IACf,CAAC;;EAEH,MAAM,YAAY,OAAO;AACxB,OAAI,QAAQ,YACX,QAAO,QAAQ,YAAY,MAAM;GAGlC,MAAM,EAAE,MAAM,SAAS,UAAU,MAAM,YACtC,+CACA,EACC,SAAS,EACR,eAAe,UAAU,MAAM,eAC/B,EACD,CACD;AAED,OAAI,SAAS,CAAC,QACb,QAAO;GAGR,MAAM,UAAU,MAAM,QAAQ,mBAAmB,QAAQ;AACzD,UAAO;IACN,MAAM;KACL,IAAI,QAAQ;KACZ,MAAM,QAAQ,QAAQ,QAAQ;KAC9B,OAAO,QAAQ;KACf,OAAO,QAAQ;KACf,eAAe,QAAQ,kBAAkB;KACzC,GAAG;KACH;IACD,MAAM;IACN;;EAEF;EACA"}
package/dist/social-providers/vk.d.mts CHANGED
@@ -69,4 +69,5 @@ declare const vk: (options: VkOption) => {
69
69
  options: VkOption;
70
70
  };
71
71
  //#endregion
72
- export { VkOption, VkProfile, vk };
72
+ export { VkOption, VkProfile, vk };
73
+ //# sourceMappingURL=vk.d.mts.map
package/dist/social-providers/vk.mjs CHANGED
@@ -80,4 +80,5 @@ const vk = (options) => {
80
80
  };
81
81
 
82
82
  //#endregion
83
- export { vk };
83
+ export { vk };
84
+ //# sourceMappingURL=vk.mjs.map
package/dist/social-providers/vk.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"vk.mjs","names":[],"sources":["../../src/social-providers/vk.ts"],"sourcesContent":["import { betterFetch } from \"@better-fetch/fetch\";\nimport type { OAuthProvider, ProviderOptions } from \"../oauth2\";\nimport {\n\tcreateAuthorizationURL,\n\trefreshAccessToken,\n\tvalidateAuthorizationCode,\n} from \"../oauth2\";\n\nexport interface VkProfile {\n\tuser: {\n\t\tuser_id: string;\n\t\tfirst_name: string;\n\t\tlast_name: string;\n\t\temail?: string | undefined;\n\t\tphone?: number | undefined;\n\t\tavatar?: string | undefined;\n\t\tsex?: number | undefined;\n\t\tverified?: boolean | undefined;\n\t\tbirthday: string;\n\t};\n}\n\nexport interface VkOption extends ProviderOptions {\n\tclientId: string;\n\tscheme?: (\"light\" | \"dark\") | undefined;\n}\n\nexport const vk = (options: VkOption) => {\n\treturn {\n\t\tid: \"vk\",\n\t\tname: \"VK\",\n\t\tasync createAuthorizationURL({ state, scopes, codeVerifier, redirectURI }) {\n\t\t\tconst _scopes = options.disableDefaultScope ? [] : [\"email\", \"phone\"];\n\t\t\tif (options.scope) _scopes.push(...options.scope);\n\t\t\tif (scopes) _scopes.push(...scopes);\n\t\t\tconst authorizationEndpoint = \"https://id.vk.com/authorize\";\n\n\t\t\treturn createAuthorizationURL({\n\t\t\t\tid: \"vk\",\n\t\t\t\toptions,\n\t\t\t\tauthorizationEndpoint,\n\t\t\t\tscopes: _scopes,\n\t\t\t\tstate,\n\t\t\t\tredirectURI,\n\t\t\t\tcodeVerifier,\n\t\t\t});\n\t\t},\n\t\tvalidateAuthorizationCode: async ({\n\t\t\tcode,\n\t\t\tcodeVerifier,\n\t\t\tredirectURI,\n\t\t\tdeviceId,\n\t\t}) => {\n\t\t\treturn validateAuthorizationCode({\n\t\t\t\tcode,\n\t\t\t\tcodeVerifier,\n\t\t\t\tredirectURI: options.redirectURI || redirectURI,\n\t\t\t\toptions,\n\t\t\t\tdeviceId,\n\t\t\t\ttokenEndpoint: \"https://id.vk.com/oauth2/auth\",\n\t\t\t});\n\t\t},\n\t\trefreshAccessToken: options.refreshAccessToken\n\t\t\t? options.refreshAccessToken\n\t\t\t: async (refreshToken) => {\n\t\t\t\t\treturn refreshAccessToken({\n\t\t\t\t\t\trefreshToken,\n\t\t\t\t\t\toptions: {\n\t\t\t\t\t\t\tclientId: options.clientId,\n\t\t\t\t\t\t\tclientKey: options.clientKey,\n\t\t\t\t\t\t\tclientSecret: options.clientSecret,\n\t\t\t\t\t\t},\n\t\t\t\t\t\ttokenEndpoint: \"https://id.vk.com/oauth2/auth\",\n\t\t\t\t\t});\n\t\t\t\t},\n\t\tasync getUserInfo(data) {\n\t\t\tif (options.getUserInfo) {\n\t\t\t\treturn options.getUserInfo(data);\n\t\t\t}\n\t\t\tif (!data.accessToken) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\tconst formBody = new URLSearchParams({\n\t\t\t\taccess_token: data.accessToken,\n\t\t\t\tclient_id: options.clientId,\n\t\t\t}).toString();\n\t\t\tconst { data: profile, error } = await betterFetch<VkProfile>(\n\t\t\t\t\"https://id.vk.com/oauth2/user_info\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\theaders: {\n\t\t\t\t\t\t\"Content-Type\": \"application/x-www-form-urlencoded\",\n\t\t\t\t\t},\n\t\t\t\t\tbody: formBody,\n\t\t\t\t},\n\t\t\t);\n\t\t\tif (error) {\n\t\t\t\treturn null;\n\t\t\t}\n\n\t\t\tconst userMap = await options.mapProfileToUser?.(profile);\n\t\t\tif (!profile.user.email && !userMap?.email) {\n\t\t\t\treturn null;\n\t\t\t}\n\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: profile.user.user_id,\n\t\t\t\t\tfirst_name: profile.user.first_name,\n\t\t\t\t\tlast_name: profile.user.last_name,\n\t\t\t\t\temail: profile.user.email,\n\t\t\t\t\timage: profile.user.avatar,\n\t\t\t\t\temailVerified: false,\n\t\t\t\t\tbirthday: profile.user.birthday,\n\t\t\t\t\tsex: profile.user.sex,\n\t\t\t\t\tname: `${profile.user.first_name} ${profile.user.last_name}`,\n\t\t\t\t\t...userMap,\n\t\t\t\t},\n\t\t\t\tdata: profile,\n\t\t\t};\n\t\t},\n\t\toptions,\n\t} satisfies OAuthProvider<VkProfile>;\n};\n"],"mappings":";;;;;;;AA2BA,MAAa,MAAM,YAAsB;AACxC,QAAO;EACN,IAAI;EACJ,MAAM;EACN,MAAM,uBAAuB,EAAE,OAAO,QAAQ,cAAc,eAAe;GAC1E,MAAM,UAAU,QAAQ,sBAAsB,EAAE,GAAG,CAAC,SAAS,QAAQ;AACrE,OAAI,QAAQ,MAAO,SAAQ,KAAK,GAAG,QAAQ,MAAM;AACjD,OAAI,OAAQ,SAAQ,KAAK,GAAG,OAAO;AAGnC,UAAO,uBAAuB;IAC7B,IAAI;IACJ;IACA,uBAL6B;IAM7B,QAAQ;IACR;IACA;IACA;IACA,CAAC;;EAEH,2BAA2B,OAAO,EACjC,MACA,cACA,aACA,eACK;AACL,UAAO,0BAA0B;IAChC;IACA;IACA,aAAa,QAAQ,eAAe;IACpC;IACA;IACA,eAAe;IACf,CAAC;;EAEH,oBAAoB,QAAQ,qBACzB,QAAQ,qBACR,OAAO,iBAAiB;AACxB,UAAO,mBAAmB;IACzB;IACA,SAAS;KACR,UAAU,QAAQ;KAClB,WAAW,QAAQ;KACnB,cAAc,QAAQ;KACtB;IACD,eAAe;IACf,CAAC;;EAEL,MAAM,YAAY,MAAM;AACvB,OAAI,QAAQ,YACX,QAAO,QAAQ,YAAY,KAAK;AAEjC,OAAI,CAAC,KAAK,YACT,QAAO;GAER,MAAM,WAAW,IAAI,gBAAgB;IACpC,cAAc,KAAK;IACnB,WAAW,QAAQ;IACnB,CAAC,CAAC,UAAU;GACb,MAAM,EAAE,MAAM,SAAS,UAAU,MAAM,YACtC,sCACA;IACC,QAAQ;IACR,SAAS,EACR,gBAAgB,qCAChB;IACD,MAAM;IACN,CACD;AACD,OAAI,MACH,QAAO;GAGR,MAAM,UAAU,MAAM,QAAQ,mBAAmB,QAAQ;AACzD,OAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,SAAS,MACpC,QAAO;AAGR,UAAO;IACN,MAAM;KACL,IAAI,QAAQ,KAAK;KACjB,YAAY,QAAQ,KAAK;KACzB,WAAW,QAAQ,KAAK;KACxB,OAAO,QAAQ,KAAK;KACpB,OAAO,QAAQ,KAAK;KACpB,eAAe;KACf,UAAU,QAAQ,KAAK;KACvB,KAAK,QAAQ,KAAK;KAClB,MAAM,GAAG,QAAQ,KAAK,WAAW,GAAG,QAAQ,KAAK;KACjD,GAAG;KACH;IACD,MAAM;IACN;;EAEF;EACA"}
package/dist/social-providers/zoom.d.mts CHANGED
@@ -150,8 +150,7 @@ declare const zoom: (userOptions: ZoomOptions) => {
150
150
  refreshAccessToken: (refreshToken: string) => Promise<OAuth2Tokens>;
151
151
  getUserInfo(token: OAuth2Tokens & {
152
152
  user?: {
153
- name
154
- /** The user's cluster (Example: "us04") */? /** The user's cluster (Example: "us04") */: {
153
+ name?: {
155
154
  firstName?: string;
156
155
  lastName?: string;
157
156
  };
@@ -170,4 +169,5 @@ declare const zoom: (userOptions: ZoomOptions) => {
170
169
  } | null>;
171
170
  };
172
171
  //#endregion
173
- export { AccountStatus, LoginType, PhoneNumber, PronounOption, ZoomOptions, ZoomProfile, zoom };
172
+ export { AccountStatus, LoginType, PhoneNumber, PronounOption, ZoomOptions, ZoomProfile, zoom };
173
+ //# sourceMappingURL=zoom.d.mts.map
package/dist/social-providers/zoom.mjs CHANGED
@@ -69,4 +69,5 @@ const zoom = (userOptions) => {
69
69
  };
70
70
 
71
71
  //#endregion
72
- export { zoom };
72
+ export { zoom };
73
+ //# sourceMappingURL=zoom.mjs.map
package/dist/social-providers/zoom.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"zoom.mjs","names":[],"sources":["../../src/social-providers/zoom.ts"],"sourcesContent":["import { betterFetch } from \"@better-fetch/fetch\";\nimport type { OAuthProvider, ProviderOptions } from \"../oauth2\";\nimport {\n\tgenerateCodeChallenge,\n\trefreshAccessToken,\n\tvalidateAuthorizationCode,\n} from \"../oauth2\";\n\nexport type LoginType =\n\t| 0 /** Facebook OAuth */\n\t| 1 /** Google OAuth */\n\t| 24 /** Apple OAuth */\n\t| 27 /** Microsoft OAuth */\n\t| 97 /** Mobile device */\n\t| 98 /** RingCentral OAuth */\n\t| 99 /** API user */\n\t| 100 /** Zoom Work email */\n\t| 101; /** Single Sign-On (SSO) */\n\nexport type AccountStatus = \"pending\" | \"active\" | \"inactive\";\n\nexport type PronounOption =\n\t| 1 /** Ask the user every time */\n\t| 2 /** Always display */\n\t| 3; /** Do not display */\n\nexport interface PhoneNumber {\n\t/** The country code of the phone number (Example: \"+1\") */\n\tcode: string;\n\n\t/** The country of the phone number (Example: \"US\") */\n\tcountry: string;\n\n\t/** The label for the phone number (Example: \"Mobile\") */\n\tlabel: string;\n\n\t/** The phone number itself (Example: \"800000000\") */\n\tnumber: string;\n\n\t/** Whether the phone number has been verified (Example: true) */\n\tverified: boolean;\n}\n\n/**\n * See the full documentation below:\n * https://developers.zoom.us/docs/api/users/#tag/users/GET/users/{userId}\n */\nexport interface ZoomProfile extends Record<string, any> {\n\t/* cspell:disable-next-line */\n\t/** The user's account ID (Example: \"q6gBJVO5TzexKYTb_I2rpg\") */\n\taccount_id: string;\n\t/** The user's account number (Example: 10009239) */\n\taccount_number: number;\n\t/** The user's cluster (Example: \"us04\") */\n\tcluster: string;\n\t/** The user's CMS ID. Only enabled for Kaltura integration (Example: \"KDcuGIm1QgePTO8WbOqwIQ\") */\n\tcms_user_id: string;\n\t/** The user's cost center (Example: \"cost center\") */\n\tcost_center: string;\n\t/** User create time (Example: \"2018-10-31T04:32:37Z\") */\n\tcreated_at: string;\n\t/** Department (Example: \"Developers\") */\n\tdept: string;\n\t/** User's display name (Example: \"Jill Chill\") */\n\tdisplay_name: string;\n\t/** User's email address (Example: \"jchill@example.com\") */\n\temail: string;\n\t/** User's first name (Example: \"Jill\") */\n\tfirst_name: string;\n\t/* cspell:disable-next-line */\n\t/** IDs of the web groups that the user belongs to (Example: [\"RSMaSp8sTEGK0_oamiA2_w\"]) */\n\tgroup_ids: string[];\n\t/* cspell:disable-next-line */\n\t/** User ID (Example: \"zJKyaiAyTNC-MWjiWC18KQ\") */\n\tid: string;\n\t/* cspell:disable-next-line */\n\t/** IM IDs of the groups that the user belongs to (Example: [\"t-_-d56CSWG-7BF15LLrOw\"]) */\n\tim_group_ids: string[];\n\t/** The user's JID (Example: \"jchill@example.com\") */\n\tjid: string;\n\t/** The user's job title (Example: \"API Developer\") */\n\tjob_title: string;\n\t/** Default language for the Zoom Web Portal (Example: \"en-US\") */\n\tlanguage: string;\n\t/** User last login client version (Example: \"5.9.6.4993(mac)\") */\n\tlast_client_version: string;\n\t/** User last login time (Example: \"2021-05-05T20:40:30Z\") */\n\tlast_login_time: string;\n\t/** User's last name (Example: \"Chill\") */\n\tlast_name: string;\n\t/** The time zone of the user (Example: \"Asia/Shanghai\") */\n\ttimezone: string;\n\t/** User's location (Example: \"Paris\") */\n\tlocation: string;\n\t/** The user's login method (Example: 101) */\n\tlogin_types: LoginType[];\n\t/** User's personal meeting URL (Example: \"example.com\") */\n\tpersonal_meeting_url: string;\n\t/** This field has been deprecated and will not be supported in the future.\n\t * Use the phone_numbers field instead of this field.\n\t * The user's phone number (Example: \"+1 800000000\") */\n\t// @deprecated true\n\tphone_number?: string | undefined;\n\t/** The URL for user's profile picture (Example: \"example.com\") */\n\tpic_url: string;\n\t/** Personal Meeting ID (PMI) (Example: 3542471135) */\n\tpmi: number;\n\t/** Unique identifier of the user's assigned role (Example: \"0\") */\n\trole_id: string;\n\t/** User's role name (Example: \"Admin\") */\n\trole_name: string;\n\t/** Status of user's account (Example: \"pending\") */\n\tstatus: AccountStatus;\n\t/** Use the personal meeting ID (PMI) for instant meetings (Example: false) */\n\tuse_pmi: boolean;\n\t/** The time and date when the user was created (Example: \"2018-10-31T04:32:37Z\") */\n\tuser_created_at: string;\n\t/** Displays whether user is verified or not (Example: 1) */\n\tverified: number;\n\t/** The user's Zoom Workplace plan option (Example: 64) */\n\tzoom_one_type: number;\n\t/** The user's company (Example: \"Jill\") */\n\tcompany?: string | undefined;\n\t/* cspell:disable-next-line */\n\t/** Custom attributes that have been assigned to the user (Example: [{ \"key\": \"cbf_cywdkexrtqc73f97gd4w6g\", \"name\": \"A1\", \"value\": \"1\" }]) */\n\tcustom_attributes?:\n\t\t| { key: string; name: string; value: string }[]\n\t\t| undefined;\n\t/* cspell:disable-next-line */\n\t/** The employee's unique ID. This field only returns when SAML single sign-on (SSO) is enabled. The `login_type` value is `101` (SSO) (Example: \"HqDyI037Qjili1kNsSIrIg\") */\n\temployee_unique_id?: string | undefined;\n\t/** The manager for the user (Example: \"thill@example.com\") */\n\tmanager?: string | undefined;\n\t/** The user's country for the company phone number (Example: \"US\")\n\t * @deprecated true */\n\tphone_country?: string | undefined;\n\t/** The phone number's ISO country code (Example: \"+1\") */\n\tphone_numbers?: PhoneNumber[] | undefined;\n\t/** The user's plan type (Example: \"1\") */\n\tplan_united_type?: string | undefined;\n\t/** The user's pronouns (Example: \"3123\") */\n\tpronouns?: string | undefined;\n\t/** The user's display pronouns setting (Example: 1) */\n\tpronouns_option?: PronounOption | undefined;\n\t/** Personal meeting room URL, if the user has one (Example: \"example.com\") */\n\tvanity_url?: string | undefined;\n}\n\nexport interface ZoomOptions extends ProviderOptions<ZoomProfile> {\n\tclientId: string;\n\tpkce?: boolean | undefined;\n}\n\nexport const zoom = (userOptions: ZoomOptions) => {\n\tconst options = {\n\t\tpkce: true,\n\t\t...userOptions,\n\t};\n\n\treturn {\n\t\tid: \"zoom\",\n\t\tname: \"Zoom\",\n\t\tcreateAuthorizationURL: async ({ state, redirectURI, codeVerifier }) => {\n\t\t\tconst params = new URLSearchParams({\n\t\t\t\tresponse_type: \"code\",\n\t\t\t\tredirect_uri: options.redirectURI ? options.redirectURI : redirectURI,\n\t\t\t\tclient_id: options.clientId,\n\t\t\t\tstate,\n\t\t\t});\n\n\t\t\tif (options.pkce) {\n\t\t\t\tconst codeChallenge = await generateCodeChallenge(codeVerifier);\n\t\t\t\tparams.set(\"code_challenge_method\", \"S256\");\n\t\t\t\tparams.set(\"code_challenge\", codeChallenge);\n\t\t\t}\n\n\t\t\tconst url = new URL(\"https://zoom.us/oauth/authorize\");\n\t\t\turl.search = params.toString();\n\n\t\t\treturn url;\n\t\t},\n\t\tvalidateAuthorizationCode: async ({ code, redirectURI, codeVerifier }) => {\n\t\t\treturn validateAuthorizationCode({\n\t\t\t\tcode,\n\t\t\t\tredirectURI: options.redirectURI || redirectURI,\n\t\t\t\tcodeVerifier,\n\t\t\t\toptions,\n\t\t\t\ttokenEndpoint: \"https://zoom.us/oauth/token\",\n\t\t\t\tauthentication: \"post\",\n\t\t\t});\n\t\t},\n\t\trefreshAccessToken: options.refreshAccessToken\n\t\t\t? options.refreshAccessToken\n\t\t\t: async (refreshToken) =>\n\t\t\t\t\trefreshAccessToken({\n\t\t\t\t\t\trefreshToken,\n\t\t\t\t\t\toptions: {\n\t\t\t\t\t\t\tclientId: options.clientId,\n\t\t\t\t\t\t\tclientKey: options.clientKey,\n\t\t\t\t\t\t\tclientSecret: options.clientSecret,\n\t\t\t\t\t\t},\n\t\t\t\t\t\ttokenEndpoint: \"https://zoom.us/oauth/token\",\n\t\t\t\t\t}),\n\t\tasync getUserInfo(token) {\n\t\t\tif (options.getUserInfo) {\n\t\t\t\treturn options.getUserInfo(token);\n\t\t\t}\n\t\t\tconst { data: profile, error } = await betterFetch<ZoomProfile>(\n\t\t\t\t\"https://api.zoom.us/v2/users/me\",\n\t\t\t\t{\n\t\t\t\t\theaders: {\n\t\t\t\t\t\tauthorization: `Bearer ${token.accessToken}`,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t);\n\n\t\t\tif (error) {\n\t\t\t\treturn null;\n\t\t\t}\n\n\t\t\tconst userMap = await options.mapProfileToUser?.(profile);\n\n\t\t\treturn {\n\t\t\t\tuser: {\n\t\t\t\t\tid: profile.id,\n\t\t\t\t\tname: profile.display_name,\n\t\t\t\t\timage: profile.pic_url,\n\t\t\t\t\temail: profile.email,\n\t\t\t\t\temailVerified: Boolean(profile.verified),\n\t\t\t\t\t...userMap,\n\t\t\t\t},\n\t\t\t\tdata: {\n\t\t\t\t\t...profile,\n\t\t\t\t},\n\t\t\t};\n\t\t},\n\t} satisfies OAuthProvider<ZoomProfile>;\n};\n"],"mappings":";;;;;;;AAyJA,MAAa,QAAQ,gBAA6B;CACjD,MAAM,UAAU;EACf,MAAM;EACN,GAAG;EACH;AAED,QAAO;EACN,IAAI;EACJ,MAAM;EACN,wBAAwB,OAAO,EAAE,OAAO,aAAa,mBAAmB;GACvE,MAAM,SAAS,IAAI,gBAAgB;IAClC,eAAe;IACf,cAAc,QAAQ,cAAc,QAAQ,cAAc;IAC1D,WAAW,QAAQ;IACnB;IACA,CAAC;AAEF,OAAI,QAAQ,MAAM;IACjB,MAAM,gBAAgB,MAAM,sBAAsB,aAAa;AAC/D,WAAO,IAAI,yBAAyB,OAAO;AAC3C,WAAO,IAAI,kBAAkB,cAAc;;GAG5C,MAAM,MAAM,IAAI,IAAI,kCAAkC;AACtD,OAAI,SAAS,OAAO,UAAU;AAE9B,UAAO;;EAER,2BAA2B,OAAO,EAAE,MAAM,aAAa,mBAAmB;AACzE,UAAO,0BAA0B;IAChC;IACA,aAAa,QAAQ,eAAe;IACpC;IACA;IACA,eAAe;IACf,gBAAgB;IAChB,CAAC;;EAEH,oBAAoB,QAAQ,qBACzB,QAAQ,qBACR,OAAO,iBACP,mBAAmB;GAClB;GACA,SAAS;IACR,UAAU,QAAQ;IAClB,WAAW,QAAQ;IACnB,cAAc,QAAQ;IACtB;GACD,eAAe;GACf,CAAC;EACL,MAAM,YAAY,OAAO;AACxB,OAAI,QAAQ,YACX,QAAO,QAAQ,YAAY,MAAM;GAElC,MAAM,EAAE,MAAM,SAAS,UAAU,MAAM,YACtC,mCACA,EACC,SAAS,EACR,eAAe,UAAU,MAAM,eAC/B,EACD,CACD;AAED,OAAI,MACH,QAAO;GAGR,MAAM,UAAU,MAAM,QAAQ,mBAAmB,QAAQ;AAEzD,UAAO;IACN,MAAM;KACL,IAAI,QAAQ;KACZ,MAAM,QAAQ;KACd,OAAO,QAAQ;KACf,OAAO,QAAQ;KACf,eAAe,QAAQ,QAAQ,SAAS;KACxC,GAAG;KACH;IACD,MAAM,EACL,GAAG,SACH;IACD;;EAEF"}
package/dist/types/context.d.mts CHANGED
@@ -4,6 +4,7 @@ import { Session } from "../db/schema/session.mjs";
4
4
  import { User } from "../db/schema/user.mjs";
5
5
  import { Verification } from "../db/schema/verification.mjs";
6
6
  import "../db/index.mjs";
7
+ import { Awaitable } from "./helper.mjs";
7
8
  import { DBAdapter, Where } from "../db/adapter/index.mjs";
8
9
  import { createLogger } from "../env/logger.mjs";
9
10
  import { OAuthProvider } from "../oauth2/oauth-provider.mjs";
@@ -84,6 +85,8 @@ type InfoContext = {
84
85
  };
85
86
  type AuthContext<Options extends BetterAuthOptions = BetterAuthOptions> = PluginContext & InfoContext & {
86
87
  options: Options;
88
+ appName: string;
89
+ baseURL: string;
87
90
  trustedOrigins: string[];
88
91
  /**
89
92
  * Verifies whether url is a trusted origin according to the "trustedOrigins" configuration
@@ -201,7 +204,7 @@ type AuthContext<Options extends BetterAuthOptions = BetterAuthOptions> = Plugin
201
204
  * This is inferred from the `options.advanced?.backgroundTasks?.handler` option.
202
205
  * Defaults to a no-op that just runs the promise.
203
206
  */
204
- runInBackground: (promise: Promise<void>) => void;
207
+ runInBackground: (promise: Promise<unknown>) => void;
205
208
  /**
206
209
  * Runs a task in the background if `runInBackground` is configured,
207
210
  * otherwise awaits the task directly.
@@ -210,7 +213,8 @@ type AuthContext<Options extends BetterAuthOptions = BetterAuthOptions> = Plugin
210
213
  * to avoid blocking the response when possible (for timing attack
211
214
  * mitigation), but still ensure the operation completes.
212
215
  */
213
- runInBackgroundOrAwait: (promise: Promise<unknown> | Promise<void> | void | unknown) => Promise<unknown>;
216
+ runInBackgroundOrAwait: (promise: Promise<unknown> | void) => Awaitable<unknown>;
214
217
  };
215
218
  //#endregion
216
- export { AuthContext, GenericEndpointContext, InfoContext, InternalAdapter, PluginContext };
219
+ export { AuthContext, GenericEndpointContext, InfoContext, InternalAdapter, PluginContext };
220
+ //# sourceMappingURL=context.d.mts.map
package/dist/types/cookie.d.mts CHANGED
@@ -12,4 +12,5 @@ type BetterAuthCookies = {
12
12
  dontRememberToken: BetterAuthCookie;
13
13
  };
14
14
  //#endregion
15
- export { BetterAuthCookie, BetterAuthCookies };
15
+ export { BetterAuthCookie, BetterAuthCookies };
16
+ //# sourceMappingURL=cookie.d.mts.map
package/dist/types/helper.d.mts CHANGED
@@ -5,4 +5,5 @@ type LiteralString = "" | (string & Record<never, never>);
5
5
  type LiteralUnion<LiteralType, BaseType extends Primitive> = LiteralType | (BaseType & Record<never, never>);
6
6
  type Prettify<T> = { [K in keyof T]: T[K] } & {};
7
7
  //#endregion
8
- export { Awaitable, LiteralString, LiteralUnion, Prettify, Primitive };
8
+ export { Awaitable, LiteralString, LiteralUnion, Prettify, Primitive };
9
+ //# sourceMappingURL=helper.d.mts.map
package/dist/types/index.d.mts CHANGED
@@ -1,7 +1,7 @@
1
1
  import { Awaitable, LiteralString, LiteralUnion, Prettify, Primitive } from "./helper.mjs";
2
2
  import { BetterAuthCookie, BetterAuthCookies } from "./cookie.mjs";
3
3
  import { BetterAuthPlugin, HookEndpointContext } from "./plugin.mjs";
4
- import { BetterAuthAdvancedOptions, BetterAuthOptions, BetterAuthRateLimitOptions, GenerateIdFn } from "./init-options.mjs";
4
+ import { BetterAuthAdvancedOptions, BetterAuthOptions, BetterAuthRateLimitOptions, BetterAuthRateLimitRule, BetterAuthRateLimitStorage, GenerateIdFn } from "./init-options.mjs";
5
5
  import { AuthContext, GenericEndpointContext, InfoContext, InternalAdapter, PluginContext } from "./context.mjs";
6
6
  import { BetterAuthClientOptions, BetterAuthClientPlugin, ClientAtomListener, ClientFetchOption, ClientStore } from "./plugin-client.mjs";
7
7
  import { StandardSchemaV1 as StandardSchemaV1$1 } from "@standard-schema/spec";
package/dist/types/init-options.d.mts CHANGED
@@ -27,46 +27,37 @@ type GenerateIdFn = (options: {
27
27
  model: ModelNames;
28
28
  size?: number | undefined;
29
29
  }) => string | false;
30
- type BetterAuthRateLimitOptions = {
31
- /**
32
- * By default, rate limiting is only
33
- * enabled on production.
34
- */
35
- enabled?: boolean | undefined;
30
+ interface BetterAuthRateLimitStorage {
31
+ get: (key: string) => Promise<RateLimit | null | undefined>;
32
+ set: (key: string, value: RateLimit, update?: boolean | undefined) => Promise<void>;
33
+ }
34
+ type BetterAuthRateLimitRule = {
36
35
  /**
37
36
  * Default window to use for rate limiting. The value
38
37
  * should be in seconds.
39
38
  *
40
39
  * @default 10 seconds
41
40
  */
42
- window?: number | undefined;
41
+ window: number;
43
42
  /**
44
43
  * The default maximum number of requests allowed within the window.
45
44
  *
46
45
  * @default 100 requests
47
46
  */
48
- max?: number | undefined;
47
+ max: number;
48
+ };
49
+ type BetterAuthRateLimitOptions = Optional<BetterAuthRateLimitRule> & {
50
+ /**
51
+ * By default, rate limiting is only
52
+ * enabled on production.
53
+ */
54
+ enabled?: boolean | undefined;
49
55
  /**
50
56
  * Custom rate limit rules to apply to
51
57
  * specific paths.
52
58
  */
53
59
  customRules?: {
54
- [key: string]: {
55
- /**
56
- * The window to use for the custom rule.
57
- */
58
- window: number;
59
- /**
60
- * The maximum number of requests allowed within the window.
61
- */
62
- max: number;
63
- } | false | ((request: Request) => {
64
- window: number;
65
- max: number;
66
- } | false | Promise<{
67
- window: number;
68
- max: number;
69
- } | false>);
60
+ [key: string]: BetterAuthRateLimitRule | false | ((request: Request, currentRule: BetterAuthRateLimitRule) => Awaitable<false | BetterAuthRateLimitRule>);
70
61
  } | undefined;
71
62
  /**
72
63
  * Storage configuration
@@ -95,10 +86,7 @@ type BetterAuthRateLimitOptions = {
95
86
  * NOTE: If custom storage is used storage
96
87
  * is ignored
97
88
  */
98
- customStorage?: {
99
- get: (key: string) => Promise<RateLimit | undefined>;
100
- set: (key: string, value: RateLimit) => Promise<void>;
101
- };
89
+ customStorage?: BetterAuthRateLimitStorage;
102
90
  };
103
91
  type BetterAuthAdvancedOptions = {
104
92
  /**
@@ -289,7 +277,7 @@ type BetterAuthAdvancedOptions = {
289
277
  * }
290
278
  */
291
279
  backgroundTasks?: {
292
- handler: (promise: Promise<void>) => void;
280
+ handler: (promise: Promise<unknown>) => void;
293
281
  };
294
282
  /**
295
283
  * Skip trailing slash validation in route matching
@@ -437,10 +425,13 @@ type BetterAuthOptions = {
437
425
  */
438
426
  request?: Request) => Promise<void>;
439
427
  /**
440
- * Send a verification email automatically
441
- * after sign up
428
+ * Send a verification email automatically after sign up.
442
429
  *
443
- * @default false
430
+ * - `true`: Always send verification email on sign up
431
+ * - `false`: Never send verification email on sign up
432
+ * - `undefined`: Follows `requireEmailVerification` behavior
433
+ *
434
+ * @default undefined
444
435
  */
445
436
  sendOnSignUp?: boolean;
446
437
  /**
@@ -861,6 +852,17 @@ type BetterAuthOptions = {
861
852
  * @default true
862
853
  */
863
854
  enabled?: boolean;
855
+ /**
856
+ * Disable implicit account linking on sign-in.
857
+ *
858
+ * When enabled, accounts will not be automatically linked
859
+ * during OAuth sign-in, even if the email is verified or
860
+ * the provider is trusted. Users must explicitly link
861
+ * accounts using `linkSocial()` while authenticated.
862
+ *
863
+ * @default false
864
+ */
865
+ disableImplicitLinking?: boolean;
864
866
  /**
865
867
  * List of trusted providers
866
868
  */
@@ -1288,4 +1290,5 @@ type BetterAuthOptions = {
1288
1290
  };
1289
1291
  };
1290
1292
  //#endregion
1291
- export { BetterAuthAdvancedOptions, BetterAuthOptions, BetterAuthRateLimitOptions, GenerateIdFn };
1293
+ export { BetterAuthAdvancedOptions, BetterAuthOptions, BetterAuthRateLimitOptions, BetterAuthRateLimitRule, BetterAuthRateLimitStorage, GenerateIdFn };
1294
+ //# sourceMappingURL=init-options.d.mts.map
package/dist/types/plugin-client.d.mts CHANGED
@@ -100,4 +100,5 @@ interface BetterAuthClientPlugin {
100
100
  atomListeners?: ClientAtomListener[] | undefined;
101
101
  }
102
102
  //#endregion
103
- export { BetterAuthClientOptions, BetterAuthClientPlugin, ClientAtomListener, ClientFetchOption, ClientStore };
103
+ export { BetterAuthClientOptions, BetterAuthClientPlugin, ClientAtomListener, ClientFetchOption, ClientStore };
104
+ //# sourceMappingURL=plugin-client.d.mts.map
package/dist/types/plugin.d.mts CHANGED
@@ -118,4 +118,5 @@ type BetterAuthPlugin = {
118
118
  };
119
119
  };
120
120
  //#endregion
121
- export { BetterAuthPlugin, HookEndpointContext };
121
+ export { BetterAuthPlugin, HookEndpointContext };
122
+ //# sourceMappingURL=plugin.d.mts.map
package/dist/utils/db.d.mts ADDED
@@ -0,0 +1,13 @@
1
+ import { DBFieldAttribute } from "../db/type.mjs";
2
+ import "../db/index.mjs";
3
+
4
+ //#region src/utils/db.d.ts
5
+
6
+ /**
7
+ * Filters output data by removing fields with the `returned: false` attribute.
8
+ * This ensures sensitive fields are not exposed in API responses.
9
+ */
10
+ declare function filterOutputFields<T extends Record<string, unknown> | null>(data: T, additionalFields: Record<string, DBFieldAttribute> | undefined): T;
11
+ //#endregion
12
+ export { filterOutputFields };
13
+ //# sourceMappingURL=db.d.mts.map
package/dist/utils/db.mjs ADDED
@@ -0,0 +1,17 @@
1
+ //#region src/utils/db.ts
2
+ /**
3
+ * Filters output data by removing fields with the `returned: false` attribute.
4
+ * This ensures sensitive fields are not exposed in API responses.
5
+ */
6
+ function filterOutputFields(data, additionalFields) {
7
+ if (!data || !additionalFields) return data;
8
+ const returnFiltered = Object.entries(additionalFields).filter(([, { returned }]) => returned === false).map(([key]) => key);
9
+ return Object.entries(structuredClone(data)).filter(([key]) => !returnFiltered.includes(key)).reduce((acc, [key, value]) => ({
10
+ ...acc,
11
+ [key]: value
12
+ }), {});
13
+ }
14
+
15
+ //#endregion
16
+ export { filterOutputFields };
17
+ //# sourceMappingURL=db.mjs.map
package/dist/utils/db.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"db.mjs","names":[],"sources":["../../src/utils/db.ts"],"sourcesContent":["import type { DBFieldAttribute } from \"../db\";\n\n/**\n * Filters output data by removing fields with the `returned: false` attribute.\n * This ensures sensitive fields are not exposed in API responses.\n */\nexport function filterOutputFields<T extends Record<string, unknown> | null>(\n\tdata: T,\n\tadditionalFields: Record<string, DBFieldAttribute> | undefined,\n): T {\n\tif (!data || !additionalFields) {\n\t\treturn data;\n\t}\n\tconst returnFiltered = Object.entries(additionalFields)\n\t\t.filter(([, { returned }]) => returned === false)\n\t\t.map(([key]) => key);\n\treturn Object.entries(structuredClone(data))\n\t\t.filter(([key]) => !returnFiltered.includes(key))\n\t\t.reduce((acc, [key, value]) => ({ ...acc, [key]: value }), {} as T);\n}\n"],"mappings":";;;;;AAMA,SAAgB,mBACf,MACA,kBACI;AACJ,KAAI,CAAC,QAAQ,CAAC,iBACb,QAAO;CAER,MAAM,iBAAiB,OAAO,QAAQ,iBAAiB,CACrD,QAAQ,GAAG,EAAE,gBAAgB,aAAa,MAAM,CAChD,KAAK,CAAC,SAAS,IAAI;AACrB,QAAO,OAAO,QAAQ,gBAAgB,KAAK,CAAC,CAC1C,QAAQ,CAAC,SAAS,CAAC,eAAe,SAAS,IAAI,CAAC,CAChD,QAAQ,KAAK,CAAC,KAAK,YAAY;EAAE,GAAG;GAAM,MAAM;EAAO,GAAG,EAAE,CAAM"}
package/dist/utils/deprecate.d.mts CHANGED
@@ -7,4 +7,5 @@ import { InternalLogger } from "../env/logger.mjs";
7
7
  */
8
8
  declare function deprecate<T extends (...args: any[]) => any>(fn: T, message: string, logger?: InternalLogger): T;
9
9
  //#endregion
10
- export { deprecate };
10
+ export { deprecate };
11
+ //# sourceMappingURL=deprecate.d.mts.map
package/dist/utils/deprecate.mjs CHANGED
@@ -14,4 +14,5 @@ function deprecate(fn, message, logger) {
14
14
  }
15
15
 
16
16
  //#endregion
17
- export { deprecate };
17
+ export { deprecate };
18
+ //# sourceMappingURL=deprecate.mjs.map
package/dist/utils/deprecate.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"deprecate.mjs","names":[],"sources":["../../src/utils/deprecate.ts"],"sourcesContent":["import type { InternalLogger } from \"../env\";\n\n/**\n * Wraps a function to log a deprecation warning at once.\n */\nexport function deprecate<T extends (...args: any[]) => any>(\n\tfn: T,\n\tmessage: string,\n\tlogger?: InternalLogger,\n): T {\n\tlet warned = false;\n\n\treturn function (this: any, ...args: Parameters<T>): ReturnType<T> {\n\t\tif (!warned) {\n\t\t\tconst warn = logger?.warn ?? console.warn;\n\t\t\twarn(`[Deprecation] ${message}`);\n\t\t\twarned = true;\n\t\t}\n\t\treturn fn.apply(this, args);\n\t} as T;\n}\n"],"mappings":";;;;AAKA,SAAgB,UACf,IACA,SACA,QACI;CACJ,IAAI,SAAS;AAEb,QAAO,SAAqB,GAAG,MAAoC;AAClE,MAAI,CAAC,QAAQ;AAEZ,IADa,QAAQ,QAAQ,QAAQ,MAChC,iBAAiB,UAAU;AAChC,YAAS;;AAEV,SAAO,GAAG,MAAM,MAAM,KAAK"}