@better-auth/core 1.5.4 → 1.5.6

package/src/instrumentation/instrumentation.test.ts

@@ -0,0 +1,139 @@
+import { trace } from "@opentelemetry/api";
+import {
+	InMemorySpanExporter,
+	SimpleSpanProcessor,
+} from "@opentelemetry/sdk-trace-base";
+import { NodeTracerProvider } from "@opentelemetry/sdk-trace-node";
+import { afterAll, beforeAll, beforeEach, describe, expect, it } from "vitest";
+import { withSpan } from ".";
+import { ATTR_DB_COLLECTION_NAME, ATTR_DB_OPERATION_NAME } from "./attributes";
+
+describe("instrumentation", () => {
+	let provider: NodeTracerProvider;
+	let exporter: InMemorySpanExporter;
+
+	beforeAll(async () => {
+		exporter = new InMemorySpanExporter();
+		provider = new NodeTracerProvider({
+			spanProcessors: [new SimpleSpanProcessor(exporter)],
+		});
+		trace.setGlobalTracerProvider(provider);
+	});
+
+	afterAll(async () => {
+		await provider.shutdown();
+	});
+
+	beforeEach(() => {
+		exporter.reset();
+	});
+
+	it("creates a span with name and attributes for sync function", () => {
+		const result = withSpan(
+			"test.sync",
+			{
+				[ATTR_DB_OPERATION_NAME]: "findOne",
+				[ATTR_DB_COLLECTION_NAME]: "user",
+			},
+			() => 42,
+		);
+
+		expect(result).toBe(42);
+
+		const spans = exporter.getFinishedSpans();
+		expect(spans).toHaveLength(1);
+		expect(spans[0]?.name).toBe("test.sync");
+		expect(spans[0]?.attributes).toMatchObject({
+			[ATTR_DB_OPERATION_NAME]: "findOne",
+			[ATTR_DB_COLLECTION_NAME]: "user",
+		});
+	});
+
+	it("creates a span for async function", async () => {
+		const result = await withSpan(
+			"test.async",
+			{ endpoint: "getSession" },
+			async () => {
+				await new Promise((r) => setTimeout(r, 5));
+				return "session-id";
+			},
+		);
+
+		expect(result).toBe("session-id");
+
+		const spans = exporter.getFinishedSpans();
+		expect(spans).toHaveLength(1);
+		expect(spans[0]?.name).toBe("test.async");
+		expect(spans[0]?.attributes).toMatchObject({ endpoint: "getSession" });
+	});
+
+	it("records error status and exception when sync function throws", () => {
+		const err = new Error("sync failure");
+
+		expect(() =>
+			withSpan("test.sync.error", { foo: "bar" }, () => {
+				throw err;
+			}),
+		).toThrow("sync failure");
+
+		const spans = exporter.getFinishedSpans();
+		expect(spans).toHaveLength(1);
+		expect(spans[0]?.name).toBe("test.sync.error");
+		expect(spans[0]?.status).toMatchObject({
+			code: 2,
+			message: "sync failure",
+		});
+	});
+
+	it("records error status and exception when async function rejects", async () => {
+		const err = new Error("async failure");
+
+		await expect(
+			withSpan("test.async.error", { baz: 1 }, async () => {
+				await Promise.resolve();
+				throw err;
+			}),
+		).rejects.toThrow("async failure");
+
+		const spans = exporter.getFinishedSpans();
+		expect(spans).toHaveLength(1);
+		expect(spans[0]?.name).toBe("test.async.error");
+		expect(spans[0]?.status).toMatchObject({
+			code: 2,
+			message: "async failure",
+		});
+	});
+
+	it("creates multiple sequential spans", () => {
+		void withSpan("first", { order: 1 }, () => 1);
+		void withSpan("second", { order: 2 }, () => 2);
+
+		const spans = exporter.getFinishedSpans();
+		expect(spans).toHaveLength(2);
+		expect(spans.map((s) => s.name)).toEqual(
+			expect.arrayContaining(["first", "second"]),
+		);
+	});
+
+	it("creates nested spans when withSpan is composed", () => {
+		const result = withSpan("outer", { depth: 0 }, () => {
+			return withSpan("inner", { depth: 1 }, () => "ok");
+		});
+
+		expect(result).toBe("ok");
+
+		const spans = exporter.getFinishedSpans();
+		expect(spans).toHaveLength(2);
+		expect(spans.map((s) => s.name).sort()).toEqual(["inner", "outer"]);
+	});
+
+	it("uses better-auth instrumentation scope", () => {
+		void withSpan("scope.check", {}, () => undefined);
+
+		const spans = exporter.getFinishedSpans();
+		expect(spans).toHaveLength(1);
+
+		const span = spans[0];
+		expect(span?.instrumentationLibrary?.name).toBe("better-auth");
+	});
+});

package/src/instrumentation/tracer.ts

@@ -0,0 +1,62 @@
+import { SpanStatusCode, trace } from "@opentelemetry/api";
+
+const INSTRUMENTATION_SCOPE = "better-auth";
+const INSTRUMENTATION_VERSION = import.meta.env?.BETTER_AUTH_VERSION ?? "1.0.0";
+
+const tracer = trace.getTracer(INSTRUMENTATION_SCOPE, INSTRUMENTATION_VERSION);
+
+/**
+ * Creates a child span whose lifetime is bound to the execution of the given function
+ *
+ * @param name - The name of the span.
+ * @param attributes - The attributes of the span.
+ * @param fn - The function to execute within the span.
+ * @returns The result of the function.
+ */
+export function withSpan<T>(
+	name: string,
+	attributes: Record<string, string | number | boolean>,
+	fn: () => T,
+): T;
+export function withSpan<T>(
+	name: string,
+	attributes: Record<string, string | number | boolean>,
+	fn: () => Promise<T>,
+): Promise<T>;
+export function withSpan<T>(
+	name: string,
+	attributes: Record<string, string | number | boolean>,
+	fn: () => T | Promise<T>,
+): T | Promise<T> {
+	return tracer.startActiveSpan(name, { attributes }, (span) => {
+		try {
+			const result = fn();
+			if (result instanceof Promise) {
+				return result
+					.then((value) => {
+						span.end();
+						return value;
+					})
+					.catch((err) => {
+						span.recordException(err);
+						span.setStatus({
+							code: SpanStatusCode.ERROR,
+							message: String(err.message ?? err),
+						});
+						span.end();
+						throw err;
+					}) as Promise<T>;
+			}
+			span.end();
+			return result;
+		} catch (err) {
+			span.recordException(err as Error);
+			span.setStatus({
+				code: SpanStatusCode.ERROR,
+				message: String((err as Error)?.message ?? err),
+			});
+			span.end();
+			throw err;
+		}
+	});
+}

package/src/social-providers/apple.ts

@@ -147,7 +147,7 @@ export const apple = (options: AppleOptions) => {
 					return refreshAccessToken({
 						refreshToken,
 						options,
-						tokenEndpoint: "https://appleid.apple.com/auth/token",
+						tokenEndpoint,
 					});
 				},
 		async getUserInfo(token) {

package/src/social-providers/atlassian.ts

@@ -30,6 +30,7 @@ export interface AtlassianOptions extends ProviderOptions<AtlassianProfile> {
 }
 
 export const atlassian = (options: AtlassianOptions) => {
+	const tokenEndpoint = "https://auth.atlassian.com/oauth/token";
 	return {
 		id: "atlassian",
 		name: "Atlassian",
@@ -70,7 +71,7 @@ export const atlassian = (options: AtlassianOptions) => {
 				codeVerifier,
 				redirectURI,
 				options,
-				tokenEndpoint: "https://auth.atlassian.com/oauth/token",
+				tokenEndpoint,
 			});
 		},
 
@@ -83,7 +84,7 @@ export const atlassian = (options: AtlassianOptions) => {
 							clientId: options.clientId,
 							clientSecret: options.clientSecret,
 						},
-						tokenEndpoint: "https://auth.atlassian.com/oauth/token",
+						tokenEndpoint,
 					});
 				},
 

package/src/social-providers/discord.ts

@@ -80,6 +80,7 @@ export interface DiscordOptions extends ProviderOptions<DiscordProfile> {
 }
 
 export const discord = (options: DiscordOptions) => {
+	const tokenEndpoint = "https://discord.com/api/oauth2/token";
 	return {
 		id: "discord",
 		name: "Discord",
@@ -109,7 +110,7 @@ export const discord = (options: DiscordOptions) => {
 				code,
 				redirectURI,
 				options,
-				tokenEndpoint: "https://discord.com/api/oauth2/token",
+				tokenEndpoint,
 			});
 		},
 		refreshAccessToken: options.refreshAccessToken
@@ -122,7 +123,7 @@ export const discord = (options: DiscordOptions) => {
 							clientKey: options.clientKey,
 							clientSecret: options.clientSecret,
 						},
-						tokenEndpoint: "https://discord.com/api/oauth2/token",
+						tokenEndpoint,
 					});
 				},
 		async getUserInfo(token) {

package/src/social-providers/figma.ts

@@ -20,6 +20,7 @@ export interface FigmaOptions extends ProviderOptions<FigmaProfile> {
 }
 
 export const figma = (options: FigmaOptions) => {
+	const tokenEndpoint = "https://api.figma.com/v1/oauth/token";
 	return {
 		id: "figma",
 		name: "Figma",
@@ -56,7 +57,7 @@ export const figma = (options: FigmaOptions) => {
 				codeVerifier,
 				redirectURI,
 				options,
-				tokenEndpoint: "https://api.figma.com/v1/oauth/token",
+				tokenEndpoint,
 				authentication: "basic",
 			});
 		},
@@ -70,7 +71,7 @@ export const figma = (options: FigmaOptions) => {
 							clientKey: options.clientKey,
 							clientSecret: options.clientSecret,
 						},
-						tokenEndpoint: "https://api.figma.com/v1/oauth/token",
+						tokenEndpoint,
 						authentication: "basic",
 					});
 				},

package/src/social-providers/github.ts

@@ -126,7 +126,7 @@ export const github = (options: GithubOptions) => {
 							clientKey: options.clientKey,
 							clientSecret: options.clientSecret,
 						},
-						tokenEndpoint: "https://github.com/login/oauth/access_token",
+						tokenEndpoint,
 					});
 				},
 		async getUserInfo(token) {

package/src/social-providers/huggingface.ts

@@ -43,6 +43,7 @@ export interface HuggingFaceOptions
 }
 
 export const huggingface = (options: HuggingFaceOptions) => {
+	const tokenEndpoint = "https://huggingface.co/oauth/token";
 	return {
 		id: "huggingface",
 		name: "Hugging Face",
@@ -68,7 +69,7 @@ export const huggingface = (options: HuggingFaceOptions) => {
 				codeVerifier,
 				redirectURI,
 				options,
-				tokenEndpoint: "https://huggingface.co/oauth/token",
+				tokenEndpoint,
 			});
 		},
 		refreshAccessToken: options.refreshAccessToken
@@ -81,7 +82,7 @@ export const huggingface = (options: HuggingFaceOptions) => {
 							clientKey: options.clientKey,
 							clientSecret: options.clientSecret,
 						},
-						tokenEndpoint: "https://huggingface.co/oauth/token",
+						tokenEndpoint,
 					});
 				},
 		async getUserInfo(token) {

package/src/social-providers/index.ts

@@ -33,6 +33,7 @@ import { twitch } from "./twitch";
 import { twitter } from "./twitter";
 import { vercel } from "./vercel";
 import { vk } from "./vk";
+import { wechat } from "./wechat";
 import { zoom } from "./zoom";
 
 export const socialProviders = {
@@ -70,6 +71,7 @@ export const socialProviders = {
 	polar,
 	railway,
 	vercel,
+	wechat,
 };
 
 export const socialProviderList = Object.keys(socialProviders) as [
@@ -126,6 +128,7 @@ export * from "./twitch";
 export * from "./twitter";
 export * from "./vercel";
 export * from "./vk";
+export * from "./wechat";
 export * from "./zoom";
 
 export type SocialProviderList = typeof socialProviderList;

package/src/social-providers/kakao.ts

@@ -102,6 +102,7 @@ export interface KakaoOptions extends ProviderOptions<KakaoProfile> {
 }
 
 export const kakao = (options: KakaoOptions) => {
+	const tokenEndpoint = "https://kauth.kakao.com/oauth/token";
 	return {
 		id: "kakao",
 		name: "Kakao",
@@ -125,7 +126,7 @@ export const kakao = (options: KakaoOptions) => {
 				code,
 				redirectURI,
 				options,
-				tokenEndpoint: "https://kauth.kakao.com/oauth/token",
+				tokenEndpoint,
 			});
 		},
 		refreshAccessToken: options.refreshAccessToken
@@ -138,7 +139,7 @@ export const kakao = (options: KakaoOptions) => {
 							clientKey: options.clientKey,
 							clientSecret: options.clientSecret,
 						},
-						tokenEndpoint: "https://kauth.kakao.com/oauth/token",
+						tokenEndpoint,
 					});
 				},
 		async getUserInfo(token) {

package/src/social-providers/naver.ts

@@ -40,6 +40,7 @@ export interface NaverOptions extends ProviderOptions<NaverProfile> {
 }
 
 export const naver = (options: NaverOptions) => {
+	const tokenEndpoint = "https://nid.naver.com/oauth2.0/token";
 	return {
 		id: "naver",
 		name: "Naver",
@@ -61,7 +62,7 @@ export const naver = (options: NaverOptions) => {
 				code,
 				redirectURI,
 				options,
-				tokenEndpoint: "https://nid.naver.com/oauth2.0/token",
+				tokenEndpoint,
 			});
 		},
 		refreshAccessToken: options.refreshAccessToken
@@ -74,7 +75,7 @@ export const naver = (options: NaverOptions) => {
 							clientKey: options.clientKey,
 							clientSecret: options.clientSecret,
 						},
-						tokenEndpoint: "https://nid.naver.com/oauth2.0/token",
+						tokenEndpoint,
 					});
 				},
 		async getUserInfo(token) {

package/src/social-providers/polar.ts

@@ -33,6 +33,7 @@ export interface PolarProfile {
 export interface PolarOptions extends ProviderOptions<PolarProfile> {}
 
 export const polar = (options: PolarOptions) => {
+	const tokenEndpoint = "https://api.polar.sh/v1/oauth2/token";
 	return {
 		id: "polar",
 		name: "Polar",
@@ -59,7 +60,7 @@ export const polar = (options: PolarOptions) => {
 				codeVerifier,
 				redirectURI,
 				options,
-				tokenEndpoint: "https://api.polar.sh/v1/oauth2/token",
+				tokenEndpoint,
 			});
 		},
 		refreshAccessToken: options.refreshAccessToken
@@ -72,7 +73,7 @@ export const polar = (options: PolarOptions) => {
 							clientKey: options.clientKey,
 							clientSecret: options.clientSecret,
 						},
-						tokenEndpoint: "https://api.polar.sh/v1/oauth2/token",
+						tokenEndpoint,
 					});
 				},
 		async getUserInfo(token) {

package/src/social-providers/roblox.ts

@@ -33,6 +33,7 @@ export interface RobloxOptions extends ProviderOptions<RobloxProfile> {
 }
 
 export const roblox = (options: RobloxOptions) => {
+	const tokenEndpoint = "https://apis.roblox.com/oauth/v1/token";
 	return {
 		id: "roblox",
 		name: "Roblox",
@@ -55,7 +56,7 @@ export const roblox = (options: RobloxOptions) => {
 				code,
 				redirectURI: options.redirectURI || redirectURI,
 				options,
-				tokenEndpoint: "https://apis.roblox.com/oauth/v1/token",
+				tokenEndpoint,
 				authentication: "post",
 			});
 		},
@@ -69,7 +70,7 @@ export const roblox = (options: RobloxOptions) => {
 							clientKey: options.clientKey,
 							clientSecret: options.clientSecret,
 						},
-						tokenEndpoint: "https://apis.roblox.com/oauth/v1/token",
+						tokenEndpoint,
 					});
 				},
 		async getUserInfo(token) {

package/src/social-providers/slack.ts

@@ -38,6 +38,7 @@ export interface SlackOptions extends ProviderOptions<SlackProfile> {
 }
 
 export const slack = (options: SlackOptions) => {
+	const tokenEndpoint = "https://slack.com/api/openid.connect.token";
 	return {
 		id: "slack",
 		name: "Slack",
@@ -60,7 +61,7 @@ export const slack = (options: SlackOptions) => {
 				code,
 				redirectURI,
 				options,
-				tokenEndpoint: "https://slack.com/api/openid.connect.token",
+				tokenEndpoint,
 			});
 		},
 		refreshAccessToken: options.refreshAccessToken
@@ -73,7 +74,7 @@ export const slack = (options: SlackOptions) => {
 							clientKey: options.clientKey,
 							clientSecret: options.clientSecret,
 						},
-						tokenEndpoint: "https://slack.com/api/openid.connect.token",
+						tokenEndpoint,
 					});
 				},
 		async getUserInfo(token) {

package/src/social-providers/spotify.ts

@@ -20,6 +20,7 @@ export interface SpotifyOptions extends ProviderOptions<SpotifyProfile> {
 }
 
 export const spotify = (options: SpotifyOptions) => {
+	const tokenEndpoint = "https://accounts.spotify.com/api/token";
 	return {
 		id: "spotify",
 		name: "Spotify",
@@ -43,7 +44,7 @@ export const spotify = (options: SpotifyOptions) => {
 				codeVerifier,
 				redirectURI,
 				options,
-				tokenEndpoint: "https://accounts.spotify.com/api/token",
+				tokenEndpoint,
 			});
 		},
 		refreshAccessToken: options.refreshAccessToken
@@ -56,7 +57,7 @@ export const spotify = (options: SpotifyOptions) => {
 							clientKey: options.clientKey,
 							clientSecret: options.clientSecret,
 						},
-						tokenEndpoint: "https://accounts.spotify.com/api/token",
+						tokenEndpoint,
 					});
 				},
 		async getUserInfo(token) {

package/src/social-providers/tiktok.ts

@@ -127,6 +127,7 @@ export interface TiktokOptions extends ProviderOptions {
 }
 
 export const tiktok = (options: TiktokOptions) => {
+	const tokenEndpoint = "https://open.tiktokapis.com/v2/oauth/token/";
 	return {
 		id: "tiktok",
 		name: "TikTok",
@@ -151,7 +152,7 @@ export const tiktok = (options: TiktokOptions) => {
 					clientKey: options.clientKey,
 					clientSecret: options.clientSecret,
 				},
-				tokenEndpoint: "https://open.tiktokapis.com/v2/oauth/token/",
+				tokenEndpoint,
 			});
 		},
 		refreshAccessToken: options.refreshAccessToken
@@ -162,7 +163,7 @@ export const tiktok = (options: TiktokOptions) => {
 						options: {
 							clientSecret: options.clientSecret,
 						},
-						tokenEndpoint: "https://open.tiktokapis.com/v2/oauth/token/",
+						tokenEndpoint,
 						authentication: "post",
 						extraParams: {
 							client_key: options.clientKey,

package/src/social-providers/twitch.ts

@@ -38,6 +38,7 @@ export interface TwitchOptions extends ProviderOptions<TwitchProfile> {
 	claims?: string[] | undefined;
 }
 export const twitch = (options: TwitchOptions) => {
+	const tokenEndpoint = "https://id.twitch.tv/oauth2/token";
 	return {
 		id: "twitch",
 		name: "Twitch",
@@ -67,7 +68,7 @@ export const twitch = (options: TwitchOptions) => {
 				code,
 				redirectURI,
 				options,
-				tokenEndpoint: "https://id.twitch.tv/oauth2/token",
+				tokenEndpoint,
 			});
 		},
 		refreshAccessToken: options.refreshAccessToken
@@ -80,7 +81,7 @@ export const twitch = (options: TwitchOptions) => {
 							clientKey: options.clientKey,
 							clientSecret: options.clientSecret,
 						},
-						tokenEndpoint: "https://id.twitch.tv/oauth2/token",
+						tokenEndpoint,
 					});
 				},
 		async getUserInfo(token) {

package/src/social-providers/twitter.ts

@@ -104,6 +104,7 @@ export interface TwitterOption extends ProviderOptions<TwitterProfile> {
 }
 
 export const twitter = (options: TwitterOption) => {
+	const tokenEndpoint = "https://api.x.com/2/oauth2/token";
 	return {
 		id: "twitter",
 		name: "Twitter",
@@ -130,7 +131,7 @@ export const twitter = (options: TwitterOption) => {
 				authentication: "basic",
 				redirectURI,
 				options,
-				tokenEndpoint: "https://api.x.com/2/oauth2/token",
+				tokenEndpoint,
 			});
 		},
 
@@ -145,7 +146,7 @@ export const twitter = (options: TwitterOption) => {
 							clientSecret: options.clientSecret,
 						},
 						authentication: "basic",
-						tokenEndpoint: "https://api.x.com/2/oauth2/token",
+						tokenEndpoint,
 					});
 				},
 		async getUserInfo(token) {

package/src/social-providers/vk.ts

@@ -26,6 +26,7 @@ export interface VkOption extends ProviderOptions {
 }
 
 export const vk = (options: VkOption) => {
+	const tokenEndpoint = "https://id.vk.com/oauth2/auth";
 	return {
 		id: "vk",
 		name: "VK",
@@ -57,7 +58,7 @@ export const vk = (options: VkOption) => {
 				redirectURI: options.redirectURI || redirectURI,
 				options,
 				deviceId,
-				tokenEndpoint: "https://id.vk.com/oauth2/auth",
+				tokenEndpoint,
 			});
 		},
 		refreshAccessToken: options.refreshAccessToken
@@ -70,7 +71,7 @@ export const vk = (options: VkOption) => {
 							clientKey: options.clientKey,
 							clientSecret: options.clientSecret,
 						},
-						tokenEndpoint: "https://id.vk.com/oauth2/auth",
+						tokenEndpoint,
 					});
 				},
 		async getUserInfo(data) {