@better-auth/core 1.7.0-beta.0 → 1.7.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/context/global.mjs +1 -1
  2. package/dist/instrumentation/tracer.mjs +1 -1
  3. package/dist/oauth2/oauth-provider.d.mts +6 -0
  4. package/dist/social-providers/zoom.d.mts +1 -1
  5. package/package.json +1 -1
  6. package/src/oauth2/oauth-provider.ts +6 -0
package/dist/context/global.mjs CHANGED
@@ -2,7 +2,7 @@
2
2
  const symbol = Symbol.for("better-auth:global");
3
3
  let bind = null;
4
4
  const __context = {};
5
- const __betterAuthVersion = "1.7.0-beta.0";
5
+ const __betterAuthVersion = "1.7.0-beta.1";
6
6
  /**
7
7
  * We store context instance in the globalThis.
8
8
  *
package/dist/instrumentation/tracer.mjs CHANGED
@@ -1,7 +1,7 @@
1
1
  import { ATTR_HTTP_RESPONSE_STATUS_CODE } from "./attributes.mjs";
2
2
  import { SpanStatusCode, trace } from "@opentelemetry/api";
3
3
  //#region src/instrumentation/tracer.ts
4
- const tracer = trace.getTracer("better-auth", "1.7.0-beta.0");
4
+ const tracer = trace.getTracer("better-auth", "1.7.0-beta.1");
5
5
  /**
6
6
  * Better-auth uses `throw ctx.redirect(url)` for flow control (e.g. OAuth
7
7
  * callbacks). These are APIErrors with 3xx status codes and should not be
package/dist/oauth2/oauth-provider.d.mts CHANGED
@@ -66,6 +66,12 @@ interface OAuthProvider<T extends Record<string, any> = Record<string, any>, O e
66
66
  * @returns True if the id token is valid, false otherwise
67
67
  */
68
68
  verifyIdToken?: ((token: string, nonce?: string) => Promise<boolean>) | undefined;
69
+ /**
70
+ * The expected issuer identifier for this provider (RFC 9207).
71
+ * When set, the callback handler validates the `iss` query parameter
72
+ * against this value to prevent authorization server mix-up attacks.
73
+ */
74
+ issuer?: string | undefined;
69
75
  /**
70
76
  * Disable implicit sign up for new users. When set to true for the provider,
71
77
  * sign-in need to be called with with requestSignUp as true to create new users.
package/dist/social-providers/zoom.d.mts CHANGED
@@ -151,7 +151,7 @@ declare const zoom: (userOptions: ZoomOptions) => {
151
151
  user: {
152
152
  id: string;
153
153
  name?: string;
154
- email?: string | null;
154
+ email /** The employee's unique ID. This field only returns when SAML single sign-on (SSO) is enabled. The `login_type` value is `101` (SSO) (Example: "HqDyI037Qjili1kNsSIrIg") */?: string | null;
155
155
  image?: string;
156
156
  emailVerified: boolean;
157
157
  [key: string]: any;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@better-auth/core",
3
- "version": "1.7.0-beta.0",
3
+ "version": "1.7.0-beta.1",
4
4
  "description": "The most comprehensive authentication framework for TypeScript.",
5
5
  "type": "module",
6
6
  "license": "MIT",
package/src/oauth2/oauth-provider.ts CHANGED
@@ -79,6 +79,12 @@ export interface OAuthProvider<
79
79
  verifyIdToken?:
80
80
  | ((token: string, nonce?: string) => Promise<boolean>)
81
81
  | undefined;
82
+ /**
83
+ * The expected issuer identifier for this provider (RFC 9207).
84
+ * When set, the callback handler validates the `iss` query parameter
85
+ * against this value to prevent authorization server mix-up attacks.
86
+ */
87
+ issuer?: string | undefined;
82
88
  /**
83
89
  * Disable implicit sign up for new users. When set to true for the provider,
84
90
  * sign-in need to be called with with requestSignUp as true to create new users.