@better-auth/core 1.4.8-beta.7 → 1.4.8

package/.turbo/turbo-build.log

@@ -1,5 +1,5 @@
 
-> @better-auth/core@1.4.8-beta.7 build /home/runner/work/better-auth/better-auth/packages/core
+> @better-auth/core@1.4.8 build /home/runner/work/better-auth/better-auth/packages/core
 > tsdown
 
 ℹ tsdown v0.17.2 powered by rolldown v1.0.0-beta.53
@@ -7,7 +7,7 @@
 ℹ entry: src/index.ts, src/db/index.ts, src/db/adapter/index.ts, src/async_hooks/index.ts, src/async_hooks/pure.index.ts, src/context/index.ts, src/env/index.ts, src/oauth2/index.ts, src/api/index.ts, src/social-providers/index.ts, src/utils/index.ts, src/error/index.ts
 ℹ tsconfig: tsconfig.json
 ℹ Build start
-ℹ dist/social-providers/index.mjs     80.60 kB │ gzip: 10.30 kB
+ℹ dist/social-providers/index.mjs     80.96 kB │ gzip: 10.43 kB
 ℹ dist/db/adapter/index.mjs           38.55 kB │ gzip:  7.86 kB
 ℹ dist/db/index.mjs                    1.66 kB │ gzip:  0.54 kB
 ℹ dist/api/index.mjs                   1.23 kB │ gzip:  0.48 kB
@@ -37,7 +37,7 @@
 ℹ dist/api/index.d.mts                 0.26 kB │ gzip:  0.14 kB
 ℹ dist/async_hooks/index.d.mts         0.24 kB │ gzip:  0.16 kB
 ℹ dist/async_hooks/pure.index.d.mts    0.22 kB │ gzip:  0.16 kB
-ℹ dist/index-Zbo6xPkd.d.mts          221.47 kB │ gzip: 35.34 kB
+ℹ dist/index-CBdZH5fV.d.mts          221.21 kB │ gzip: 35.26 kB
 ℹ dist/index-BRBu0-5h.d.mts            3.31 kB │ gzip:  1.11 kB
-ℹ 32 files, total: 400.40 kB
-✔ Build complete in 4875ms
+ℹ 32 files, total: 400.50 kB
+✔ Build complete in 4838ms

package/dist/api/index.d.mts

@@ -1,2 +1,2 @@
-import { a as optionsMiddleware, i as createAuthMiddleware, n as AuthMiddleware, r as createAuthEndpoint, t as AuthEndpoint } from "../index-Zbo6xPkd.mjs";
+import { a as optionsMiddleware, i as createAuthMiddleware, n as AuthMiddleware, r as createAuthEndpoint, t as AuthEndpoint } from "../index-CBdZH5fV.mjs";
 export { AuthEndpoint, AuthMiddleware, createAuthEndpoint, createAuthMiddleware, optionsMiddleware };

package/dist/context/index.d.mts

@@ -1,4 +1,4 @@
-import { Yn as DBAdapter, er as DBTransactionAdapter, f as AuthContext } from "../index-Zbo6xPkd.mjs";
+import { Yn as DBAdapter, er as DBTransactionAdapter, f as AuthContext } from "../index-CBdZH5fV.mjs";
 import { AsyncLocalStorage } from "@better-auth/core/async_hooks";
 import { EndpointContext, InputContext } from "better-call";
 

package/dist/db/adapter/index.d.mts

@@ -1,2 +1,2 @@
-import { $n as DBAdapterSchemaCreation, Cr as initGetFieldName, Er as initGetDefaultFieldName, Jn as CustomAdapter, Qn as DBAdapterInstance, Sr as initGetIdField, Tr as initGetDefaultModelName, Xn as DBAdapterDebugLogOption, Yn as DBAdapter, Zn as DBAdapterFactoryConfig, ar as withApplyDefault, cr as createAdapterFactory, dr as AdapterFactoryCustomizeAdapterCreator, er as DBTransactionAdapter, fr as AdapterFactoryOptions, hr as CreateCustomAdapter, ir as deepmerge, lr as AdapterConfig, mr as CreateAdapterOptions, nr as JoinOption, or as AdapterFactory, pr as AdapterTestDebugLogs, qn as CleanedWhere, rr as Where, sr as createAdapter, tr as JoinConfig, ur as AdapterFactoryConfig, wr as initGetFieldAttributes, xr as initGetModelName } from "../../index-Zbo6xPkd.mjs";
+import { $n as DBAdapterSchemaCreation, Cr as initGetFieldName, Er as initGetDefaultFieldName, Jn as CustomAdapter, Qn as DBAdapterInstance, Sr as initGetIdField, Tr as initGetDefaultModelName, Xn as DBAdapterDebugLogOption, Yn as DBAdapter, Zn as DBAdapterFactoryConfig, ar as withApplyDefault, cr as createAdapterFactory, dr as AdapterFactoryCustomizeAdapterCreator, er as DBTransactionAdapter, fr as AdapterFactoryOptions, hr as CreateCustomAdapter, ir as deepmerge, lr as AdapterConfig, mr as CreateAdapterOptions, nr as JoinOption, or as AdapterFactory, pr as AdapterTestDebugLogs, qn as CleanedWhere, rr as Where, sr as createAdapter, tr as JoinConfig, ur as AdapterFactoryConfig, wr as initGetFieldAttributes, xr as initGetModelName } from "../../index-CBdZH5fV.mjs";
 export { AdapterConfig, AdapterFactory, AdapterFactoryConfig, AdapterFactoryCustomizeAdapterCreator, AdapterFactoryOptions, AdapterTestDebugLogs, CleanedWhere, CreateAdapterOptions, CreateCustomAdapter, CustomAdapter, DBAdapter, DBAdapterDebugLogOption, DBAdapterFactoryConfig, DBAdapterInstance, DBAdapterSchemaCreation, DBTransactionAdapter, JoinConfig, JoinOption, Where, createAdapter, createAdapterFactory, deepmerge, initGetDefaultFieldName, initGetDefaultModelName, initGetFieldAttributes, initGetFieldName, initGetIdField, initGetModelName, withApplyDefault };

package/dist/db/index.d.mts

@@ -1,2 +1,2 @@
-import { Ar as userSchema, Br as BaseModelNames, Dr as Verification, Fr as rateLimitSchema, Gr as DBPrimitive, Hr as DBFieldAttribute, Ir as Account, Kr as ModelNames, Lr as accountSchema, Mr as Session, Nr as sessionSchema, Or as verificationSchema, Pr as RateLimit, Rr as BetterAuthPluginDBSchema, Ur as DBFieldAttributeConfig, Vr as BetterAuthDBSchema, Wr as DBFieldType, jr as coreSchema, kr as User, qr as SecondaryStorage, zr as getAuthTables } from "../index-Zbo6xPkd.mjs";
+import { Ar as userSchema, Br as BaseModelNames, Dr as Verification, Fr as rateLimitSchema, Gr as DBPrimitive, Hr as DBFieldAttribute, Ir as Account, Kr as ModelNames, Lr as accountSchema, Mr as Session, Nr as sessionSchema, Or as verificationSchema, Pr as RateLimit, Rr as BetterAuthPluginDBSchema, Ur as DBFieldAttributeConfig, Vr as BetterAuthDBSchema, Wr as DBFieldType, jr as coreSchema, kr as User, qr as SecondaryStorage, zr as getAuthTables } from "../index-CBdZH5fV.mjs";
 export { Account, BaseModelNames, BetterAuthDBSchema, BetterAuthPluginDBSchema, DBFieldAttribute, DBFieldAttributeConfig, DBFieldType, DBPrimitive, ModelNames, RateLimit, SecondaryStorage, Session, User, Verification, accountSchema, coreSchema, getAuthTables, rateLimitSchema, sessionSchema, userSchema, verificationSchema };

package/dist/{index-Zbo6xPkd.d.mts → index-CBdZH5fV.d.mts}

@@ -7188,16 +7188,8 @@ type BetterAuthOptions = {
   } | undefined;
   /**
    * List of trusted origins.
-   *
-   * @param request - The request object.
-   * It'll be undefined if no request was
-   * made. Like during a create context call
-   * or `auth.api` call.
-   *
-   * Trusted origins will be dynamically
-   * calculated based on the request.
    */
-  trustedOrigins?: (string[] | ((request?: Request | undefined) => Awaitable<string[]>)) | undefined;
+  trustedOrigins?: (string[] | ((request: Request) => Awaitable<string[]>)) | undefined;
   /**
    * Rate limiting configuration
    */

package/dist/index.d.mts

@@ -1,2 +1,2 @@
-import { _ as BetterAuthRateLimitOptions, _r as LiteralString, b as HookEndpointContext, br as Primitive, c as BetterAuthClientPlugin, d as ClientStore, f as AuthContext, g as BetterAuthOptions, gr as Awaitable, h as BetterAuthAdvancedOptions, kn as BetterAuthCookies, l as ClientAtomListener, m as InternalAdapter, o as StandardSchemaV1, p as GenericEndpointContext, s as BetterAuthClientOptions, u as ClientFetchOption, v as GenerateIdFn, vr as LiteralUnion, y as BetterAuthPlugin, yr as Prettify } from "./index-Zbo6xPkd.mjs";
+import { _ as BetterAuthRateLimitOptions, _r as LiteralString, b as HookEndpointContext, br as Primitive, c as BetterAuthClientPlugin, d as ClientStore, f as AuthContext, g as BetterAuthOptions, gr as Awaitable, h as BetterAuthAdvancedOptions, kn as BetterAuthCookies, l as ClientAtomListener, m as InternalAdapter, o as StandardSchemaV1, p as GenericEndpointContext, s as BetterAuthClientOptions, u as ClientFetchOption, v as GenerateIdFn, vr as LiteralUnion, y as BetterAuthPlugin, yr as Prettify } from "./index-CBdZH5fV.mjs";
 export { AuthContext, Awaitable, BetterAuthAdvancedOptions, BetterAuthClientOptions, BetterAuthClientPlugin, BetterAuthCookies, BetterAuthOptions, BetterAuthPlugin, BetterAuthRateLimitOptions, ClientAtomListener, ClientFetchOption, ClientStore, GenerateIdFn, GenericEndpointContext, HookEndpointContext, InternalAdapter, LiteralString, LiteralUnion, Prettify, Primitive, StandardSchemaV1 };

package/dist/oauth2/index.d.mts

@@ -1,2 +1,2 @@
-import { An as getJwks, Bn as createAuthorizationURL, Fn as validateToken, Gn as OAuthProvider, Hn as createClientCredentialsTokenRequest, In as generateCodeChallenge, Kn as ProviderOptions, Ln as getOAuth2Tokens, Mn as verifyJwsAccessToken, Nn as createAuthorizationCodeRequest, Pn as validateAuthorizationCode, Rn as createRefreshAccessTokenRequest, Un as OAuth2Tokens, Vn as clientCredentialsToken, Wn as OAuth2UserInfo, jn as verifyAccessToken, zn as refreshAccessToken } from "../index-Zbo6xPkd.mjs";
+import { An as getJwks, Bn as createAuthorizationURL, Fn as validateToken, Gn as OAuthProvider, Hn as createClientCredentialsTokenRequest, In as generateCodeChallenge, Kn as ProviderOptions, Ln as getOAuth2Tokens, Mn as verifyJwsAccessToken, Nn as createAuthorizationCodeRequest, Pn as validateAuthorizationCode, Rn as createRefreshAccessTokenRequest, Un as OAuth2Tokens, Vn as clientCredentialsToken, Wn as OAuth2UserInfo, jn as verifyAccessToken, zn as refreshAccessToken } from "../index-CBdZH5fV.mjs";
 export { OAuth2Tokens, OAuth2UserInfo, OAuthProvider, ProviderOptions, clientCredentialsToken, createAuthorizationCodeRequest, createAuthorizationURL, createClientCredentialsTokenRequest, createRefreshAccessTokenRequest, generateCodeChallenge, getJwks, getOAuth2Tokens, refreshAccessToken, validateAuthorizationCode, validateToken, verifyAccessToken, verifyJwsAccessToken };

package/dist/social-providers/index.d.mts

@@ -1,2 +1,2 @@
-import { $ as AccountStatus, $t as GoogleProfile, A as PolarOptions, At as linear, B as LineIdTokenPayload, Bt as TwitchOptions, C as SocialProviderListEnum, Cn as atlassian, Ct as gitlab, D as VercelOptions, Dn as apple, Dt as LinearOptions, E as socialProviders, En as AppleProfile, Et as linkedin, F as PayPalTokenResponse, Ft as DropboxProfile, G as NaverProfile, Gt as spotify, H as LineUserInfo, Ht as twitch, I as paypal, It as dropbox, J as KakaoProfile, Jt as slack, K as naver, Kt as SlackOptions, L as PaybinOptions, Lt as TwitterOption, M as polar, Mt as KickProfile, N as PayPalOptions, Nt as kick, O as VercelProfile, On as getApplePublicKey, Ot as LinearProfile, P as PayPalProfile, Pt as DropboxOptions, Q as notion, Qt as GoogleOptions, R as PaybinProfile, Rt as TwitterProfile, S as SocialProviderList, Sn as AtlassianProfile, St as GitlabProfile, T as socialProviderList, Tn as AppleOptions, Tt as LinkedInProfile, U as line, Ut as SpotifyOptions, V as LineOptions, Vt as TwitchProfile, W as NaverOptions, Wt as SpotifyProfile, X as NotionOptions, Xt as HuggingFaceProfile, Y as kakao, Yt as HuggingFaceOptions, Z as NotionProfile, Zt as huggingface, _n as CognitoOptions, _t as reddit, an as GithubOptions, at as zoom, bn as getCognitoPublicKey, bt as tiktok, cn as FigmaOptions, ct as vk, dn as FacebookOptions, dt as salesforce, en as getGooglePublicKey, et as LoginType, fn as FacebookProfile, ft as RobloxOptions, gn as discord, gt as RedditProfile, hn as DiscordProfile, ht as RedditOptions, in as microsoft, it as ZoomProfile, j as PolarProfile, jt as KickOptions, k as vercel, kt as LinearUser, ln as FigmaProfile, lt as SalesforceOptions, mn as DiscordOptions, mt as roblox, nn as MicrosoftEntraIDProfile, nt as PronounOption, on as GithubProfile, ot as VkOption, pn as facebook, pt as RobloxProfile, q as KakaoOptions, qt as SlackProfile, rn as MicrosoftOptions, rt as ZoomOptions, sn as github, st as VkProfile, tn as google, tt as PhoneNumber, un as figma, ut as SalesforceProfile, vn as CognitoProfile, vt as TiktokOptions, w as SocialProviders, wn as AppleNonConformUser, wt as LinkedInOptions, x as SocialProvider, xn as AtlassianOptions, xt as GitlabOptions, yn as cognito, yt as TiktokProfile, z as paybin, zt as twitter } from "../index-Zbo6xPkd.mjs";
+import { $ as AccountStatus, $t as GoogleProfile, A as PolarOptions, At as linear, B as LineIdTokenPayload, Bt as TwitchOptions, C as SocialProviderListEnum, Cn as atlassian, Ct as gitlab, D as VercelOptions, Dn as apple, Dt as LinearOptions, E as socialProviders, En as AppleProfile, Et as linkedin, F as PayPalTokenResponse, Ft as DropboxProfile, G as NaverProfile, Gt as spotify, H as LineUserInfo, Ht as twitch, I as paypal, It as dropbox, J as KakaoProfile, Jt as slack, K as naver, Kt as SlackOptions, L as PaybinOptions, Lt as TwitterOption, M as polar, Mt as KickProfile, N as PayPalOptions, Nt as kick, O as VercelProfile, On as getApplePublicKey, Ot as LinearProfile, P as PayPalProfile, Pt as DropboxOptions, Q as notion, Qt as GoogleOptions, R as PaybinProfile, Rt as TwitterProfile, S as SocialProviderList, Sn as AtlassianProfile, St as GitlabProfile, T as socialProviderList, Tn as AppleOptions, Tt as LinkedInProfile, U as line, Ut as SpotifyOptions, V as LineOptions, Vt as TwitchProfile, W as NaverOptions, Wt as SpotifyProfile, X as NotionOptions, Xt as HuggingFaceProfile, Y as kakao, Yt as HuggingFaceOptions, Z as NotionProfile, Zt as huggingface, _n as CognitoOptions, _t as reddit, an as GithubOptions, at as zoom, bn as getCognitoPublicKey, bt as tiktok, cn as FigmaOptions, ct as vk, dn as FacebookOptions, dt as salesforce, en as getGooglePublicKey, et as LoginType, fn as FacebookProfile, ft as RobloxOptions, gn as discord, gt as RedditProfile, hn as DiscordProfile, ht as RedditOptions, in as microsoft, it as ZoomProfile, j as PolarProfile, jt as KickOptions, k as vercel, kt as LinearUser, ln as FigmaProfile, lt as SalesforceOptions, mn as DiscordOptions, mt as roblox, nn as MicrosoftEntraIDProfile, nt as PronounOption, on as GithubProfile, ot as VkOption, pn as facebook, pt as RobloxProfile, q as KakaoOptions, qt as SlackProfile, rn as MicrosoftOptions, rt as ZoomOptions, sn as github, st as VkProfile, tn as google, tt as PhoneNumber, un as figma, ut as SalesforceProfile, vn as CognitoProfile, vt as TiktokOptions, w as SocialProviders, wn as AppleNonConformUser, wt as LinkedInOptions, x as SocialProvider, xn as AtlassianOptions, xt as GitlabOptions, yn as cognito, yt as TiktokProfile, z as paybin, zt as twitter } from "../index-CBdZH5fV.mjs";
 export { AccountStatus, AppleNonConformUser, AppleOptions, AppleProfile, AtlassianOptions, AtlassianProfile, CognitoOptions, CognitoProfile, DiscordOptions, DiscordProfile, DropboxOptions, DropboxProfile, FacebookOptions, FacebookProfile, FigmaOptions, FigmaProfile, GithubOptions, GithubProfile, GitlabOptions, GitlabProfile, GoogleOptions, GoogleProfile, HuggingFaceOptions, HuggingFaceProfile, KakaoOptions, KakaoProfile, KickOptions, KickProfile, LineIdTokenPayload, LineOptions, LineUserInfo, LinearOptions, LinearProfile, LinearUser, LinkedInOptions, LinkedInProfile, LoginType, MicrosoftEntraIDProfile, MicrosoftOptions, NaverOptions, NaverProfile, NotionOptions, NotionProfile, PayPalOptions, PayPalProfile, PayPalTokenResponse, PaybinOptions, PaybinProfile, PhoneNumber, PolarOptions, PolarProfile, PronounOption, RedditOptions, RedditProfile, RobloxOptions, RobloxProfile, SalesforceOptions, SalesforceProfile, SlackOptions, SlackProfile, SocialProvider, SocialProviderList, SocialProviderListEnum, SocialProviders, SpotifyOptions, SpotifyProfile, TiktokOptions, TiktokProfile, TwitchOptions, TwitchProfile, TwitterOption, TwitterProfile, VercelOptions, VercelProfile, VkOption, VkProfile, ZoomOptions, ZoomProfile, apple, atlassian, cognito, discord, dropbox, facebook, figma, getApplePublicKey, getCognitoPublicKey, getGooglePublicKey, github, gitlab, google, huggingface, kakao, kick, line, linear, linkedin, microsoft, naver, notion, paybin, paypal, polar, reddit, roblox, salesforce, slack, socialProviderList, socialProviders, spotify, tiktok, twitch, twitter, vercel, vk, zoom };

package/dist/social-providers/index.mjs

@@ -203,7 +203,7 @@ const cognito = (options) => {
 			];
 			if (options.scope) _scopes.push(...options.scope);
 			if (scopes) _scopes.push(...scopes);
-			return await createAuthorizationURL({
+			const url = await createAuthorizationURL({
 				id: "cognito",
 				options: { ...options },
 				authorizationEndpoint,
@@ -213,6 +213,15 @@ const cognito = (options) => {
 				redirectURI,
 				prompt: options.prompt
 			});
+			const scopeValue = url.searchParams.get("scope");
+			if (scopeValue) {
+				url.searchParams.delete("scope");
+				const encodedScope = encodeURIComponent(scopeValue);
+				const urlString = url.toString();
+				const separator = urlString.includes("?") ? "&" : "?";
+				return new URL(`${urlString}${separator}scope=${encodedScope}`);
+			}
+			return url;
 		},
 		validateAuthorizationCode: async ({ code, codeVerifier, redirectURI }) => {
 			return validateAuthorizationCode({

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/core",
-  "version": "1.4.8-beta.7",
+  "version": "1.4.8",
   "description": "The most comprehensive authentication framework for TypeScript.",
   "type": "module",
   "repository": {

package/src/social-providers/cognito.ts

@@ -92,6 +92,17 @@ export const cognito = (options: CognitoOptions) => {
 				redirectURI,
 				prompt: options.prompt,
 			});
+			// AWS Cognito requires scopes to be encoded with %20 instead of +
+			// URLSearchParams encodes spaces as + by default, so we need to fix this
+			const scopeValue = url.searchParams.get("scope");
+			if (scopeValue) {
+				url.searchParams.delete("scope");
+				const encodedScope = encodeURIComponent(scopeValue);
+				// Manually append the scope with proper encoding to the URL
+				const urlString = url.toString();
+				const separator = urlString.includes("?") ? "&" : "?";
+				return new URL(`${urlString}${separator}scope=${encodedScope}`);
+			}
 			return url;
 		},
 

package/src/types/init-options.ts

@@ -994,17 +994,9 @@ export type BetterAuthOptions = {
 		| undefined;
 	/**
 	 * List of trusted origins.
-	 *
-	 * @param request - The request object.
-	 * It'll be undefined if no request was
-	 * made. Like during a create context call
-	 * or `auth.api` call.
-	 *
-	 * Trusted origins will be dynamically
-	 * calculated based on the request.
 	 */
 	trustedOrigins?:
-		| (string[] | ((request?: Request | undefined) => Awaitable<string[]>))
+		| (string[] | ((request: Request) => Awaitable<string[]>))
 		| undefined;
 	/**
 	 * Rate limiting configuration