npm - @better-auth/core - Versions diffs - 1.7.0-beta.7 → 1.7.0-beta.8 - Mend

@better-auth/core 1.7.0-beta.7 → 1.7.0-beta.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (140) hide show

package/dist/api/index.d.mts +3 -3
package/dist/context/global.mjs +1 -1
package/dist/db/adapter/factory.mjs +1 -1
package/dist/db/get-tables.mjs +3 -3
package/dist/db/schema/account.d.mts +1 -1
package/dist/db/schema/account.mjs +1 -1
package/dist/error/codes.d.mts +0 -5
package/dist/error/codes.mjs +0 -5
package/dist/instrumentation/tracer.mjs +1 -1
package/dist/oauth2/create-authorization-url.d.mts +1 -4
package/dist/oauth2/create-authorization-url.mjs +1 -4
package/dist/oauth2/index.d.mts +3 -4
package/dist/oauth2/index.mjs +2 -3
package/dist/oauth2/oauth-provider.d.mts +12 -50
package/dist/oauth2/refresh-access-token.mjs +2 -1
package/dist/oauth2/utils.d.mts +6 -1
package/dist/oauth2/utils.mjs +24 -2
package/dist/oauth2/verify-id-token.d.mts +6 -5
package/dist/oauth2/verify-id-token.mjs +2 -2
package/dist/social-providers/apple.d.mts +1 -5
package/dist/social-providers/apple.mjs +5 -5
package/dist/social-providers/atlassian.d.mts +1 -5
package/dist/social-providers/atlassian.mjs +4 -4
package/dist/social-providers/cognito.d.mts +1 -5
package/dist/social-providers/cognito.mjs +11 -18
package/dist/social-providers/discord.d.mts +1 -5
package/dist/social-providers/discord.mjs +6 -7
package/dist/social-providers/dropbox.d.mts +1 -5
package/dist/social-providers/dropbox.mjs +5 -5
package/dist/social-providers/facebook.d.mts +1 -5
package/dist/social-providers/facebook.mjs +5 -5
package/dist/social-providers/figma.d.mts +1 -5
package/dist/social-providers/figma.mjs +5 -5
package/dist/social-providers/github.d.mts +1 -5
package/dist/social-providers/github.mjs +4 -4
package/dist/social-providers/gitlab.d.mts +1 -5
package/dist/social-providers/gitlab.mjs +6 -6
package/dist/social-providers/google.d.mts +8 -10
package/dist/social-providers/google.mjs +12 -13
package/dist/social-providers/huggingface.d.mts +1 -5
package/dist/social-providers/huggingface.mjs +8 -8
package/dist/social-providers/index.d.mts +35 -177
package/dist/social-providers/kakao.d.mts +1 -5
package/dist/social-providers/kakao.mjs +8 -8
package/dist/social-providers/kick.d.mts +1 -5
package/dist/social-providers/kick.mjs +4 -4
package/dist/social-providers/line.d.mts +1 -5
package/dist/social-providers/line.mjs +10 -10
package/dist/social-providers/linear.d.mts +1 -5
package/dist/social-providers/linear.mjs +4 -4
package/dist/social-providers/linkedin.d.mts +1 -5
package/dist/social-providers/linkedin.mjs +10 -10
package/dist/social-providers/microsoft-entra-id.d.mts +1 -5
package/dist/social-providers/microsoft-entra-id.mjs +10 -11
package/dist/social-providers/naver.d.mts +1 -5
package/dist/social-providers/naver.mjs +4 -4
package/dist/social-providers/notion.d.mts +1 -5
package/dist/social-providers/notion.mjs +4 -4
package/dist/social-providers/paybin.d.mts +1 -5
package/dist/social-providers/paybin.mjs +10 -10
package/dist/social-providers/paypal.d.mts +1 -5
package/dist/social-providers/paypal.mjs +2 -8
package/dist/social-providers/polar.d.mts +1 -5
package/dist/social-providers/polar.mjs +8 -8
package/dist/social-providers/railway.d.mts +1 -5
package/dist/social-providers/railway.mjs +9 -9
package/dist/social-providers/reddit.d.mts +1 -5
package/dist/social-providers/reddit.mjs +5 -5
package/dist/social-providers/roblox.d.mts +1 -5
package/dist/social-providers/roblox.mjs +5 -5
package/dist/social-providers/salesforce.d.mts +1 -5
package/dist/social-providers/salesforce.mjs +8 -8
package/dist/social-providers/slack.d.mts +1 -5
package/dist/social-providers/slack.mjs +9 -9
package/dist/social-providers/spotify.d.mts +1 -5
package/dist/social-providers/spotify.mjs +5 -5
package/dist/social-providers/tiktok.d.mts +1 -5
package/dist/social-providers/tiktok.mjs +5 -9
package/dist/social-providers/twitch.d.mts +1 -5
package/dist/social-providers/twitch.mjs +4 -4
package/dist/social-providers/twitter.d.mts +1 -5
package/dist/social-providers/twitter.mjs +9 -9
package/dist/social-providers/vercel.d.mts +1 -5
package/dist/social-providers/vercel.mjs +7 -4
package/dist/social-providers/vk.d.mts +1 -5
package/dist/social-providers/vk.mjs +5 -5
package/dist/social-providers/wechat.d.mts +1 -5
package/dist/social-providers/wechat.mjs +5 -9
package/dist/social-providers/zoom.d.mts +1 -6
package/dist/social-providers/zoom.mjs +9 -15
package/dist/types/context.d.mts +6 -2
package/package.json +1 -1
package/src/db/get-tables.ts +3 -8
package/src/db/schema/account.ts +5 -14
package/src/error/codes.ts +0 -5
package/src/oauth2/create-authorization-url.ts +1 -1
package/src/oauth2/index.ts +2 -12
package/src/oauth2/oauth-provider.ts +11 -56
package/src/oauth2/refresh-access-token.ts +3 -2
package/src/oauth2/utils.ts +39 -1
package/src/oauth2/verify-id-token.ts +7 -5
package/src/social-providers/apple.ts +8 -13
package/src/social-providers/atlassian.ts +8 -12
package/src/social-providers/cognito.ts +11 -18
package/src/social-providers/discord.ts +8 -19
package/src/social-providers/dropbox.ts +7 -13
package/src/social-providers/facebook.ts +9 -13
package/src/social-providers/figma.ts +9 -13
package/src/social-providers/github.ts +8 -12
package/src/social-providers/gitlab.ts +8 -14
package/src/social-providers/google.ts +23 -29
package/src/social-providers/huggingface.ts +8 -12
package/src/social-providers/kakao.ts +8 -16
package/src/social-providers/kick.ts +7 -12
package/src/social-providers/line.ts +10 -14
package/src/social-providers/linear.ts +6 -12
package/src/social-providers/linkedin.ts +10 -14
package/src/social-providers/microsoft-entra-id.ts +8 -18
package/src/social-providers/naver.ts +6 -12
package/src/social-providers/notion.ts +6 -12
package/src/social-providers/paybin.ts +11 -14
package/src/social-providers/paypal.ts +8 -6
package/src/social-providers/polar.ts +8 -12
package/src/social-providers/railway.ts +9 -13
package/src/social-providers/reddit.ts +7 -18
package/src/social-providers/roblox.ts +7 -18
package/src/social-providers/salesforce.ts +8 -12
package/src/social-providers/slack.ts +9 -18
package/src/social-providers/spotify.ts +7 -13
package/src/social-providers/tiktok.ts +7 -13
package/src/social-providers/twitch.ts +8 -12
package/src/social-providers/twitter.ts +8 -17
package/src/social-providers/vercel.ts +10 -16
package/src/social-providers/vk.ts +7 -13
package/src/social-providers/wechat.ts +8 -20
package/src/social-providers/zoom.ts +6 -19
package/src/types/context.ts +8 -2
package/dist/oauth2/scopes.d.mts +0 -76
package/dist/oauth2/scopes.mjs +0 -96
package/src/oauth2/scopes.ts +0 -118

package/dist/social-providers/discord.mjs CHANGED Viewed

@@ -1,24 +1,23 @@
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
 import { betterFetch } from "@better-fetch/fetch";
 //#region src/social-providers/discord.ts
-const DISCORD_DEFAULT_SCOPES = ["identify", "email"];
 const discord = (options) => {
 	const tokenEndpoint = "https://discord.com/api/oauth2/token";
 	return {
 		id: "discord",
 		name: "Discord",
-		callbackPath: "/callback/discord",
-		async createAuthorizationURL({ state, scopes, redirectURI, additionalParams }) {
-			const requestedScopes = resolveRequestedScopes(options, DISCORD_DEFAULT_SCOPES, scopes);
-			const hasBotScope = requestedScopes.includes("bot");
+		createAuthorizationURL({ state, scopes, redirectURI, additionalParams }) {
+			const _scopes = options.disableDefaultScope ? [] : ["identify", "email"];
+			if (scopes) _scopes.push(...scopes);
+			if (options.scope) _scopes.push(...options.scope);
+			const hasBotScope = _scopes.includes("bot");
 			return createAuthorizationURL({
 				id: "discord",
 				options,
 				authorizationEndpoint: "https://discord.com/api/oauth2/authorize",
-				scopes: requestedScopes,
+				scopes: _scopes,
 				state,
 				redirectURI,
 				prompt: options.prompt || "none",

package/dist/social-providers/dropbox.d.mts CHANGED Viewed

@@ -20,7 +20,6 @@ interface DropboxOptions extends ProviderOptions<DropboxProfile> {
 declare const dropbox: (options: DropboxOptions) => {
   id: "dropbox";
   name: string;
-  callbackPath: string;
   createAuthorizationURL: ({
     state,
     scopes,
@@ -36,10 +35,7 @@ declare const dropbox: (options: DropboxOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }) => Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }) => Promise<URL>;
   validateAuthorizationCode: ({
     code,
     codeVerifier,

package/dist/social-providers/dropbox.mjs CHANGED Viewed

@@ -1,22 +1,22 @@
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
 import { betterFetch } from "@better-fetch/fetch";
 //#region src/social-providers/dropbox.ts
-const DROPBOX_DEFAULT_SCOPES = ["account_info.read"];
 const dropbox = (options) => {
 	const tokenEndpoint = "https://api.dropboxapi.com/oauth2/token";
 	return {
 		id: "dropbox",
 		name: "Dropbox",
-		callbackPath: "/callback/dropbox",
 		createAuthorizationURL: async ({ state, scopes, codeVerifier, redirectURI, additionalParams }) => {
-			return createAuthorizationURL({
+			const _scopes = options.disableDefaultScope ? [] : ["account_info.read"];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
+			return await createAuthorizationURL({
 				id: "dropbox",
 				options,
 				authorizationEndpoint: "https://www.dropbox.com/oauth2/authorize",
-				scopes: resolveRequestedScopes(options, DROPBOX_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				redirectURI,
 				codeVerifier,

package/dist/social-providers/facebook.d.mts CHANGED Viewed

@@ -32,7 +32,6 @@ interface FacebookOptions extends ProviderOptions<FacebookProfile> {
 declare const facebook: (options: FacebookOptions) => {
   id: "facebook";
   name: string;
-  callbackPath: string;
   createAuthorizationURL({
     state,
     scopes,
@@ -48,10 +47,7 @@ declare const facebook: (options: FacebookOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }): Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }): Promise<URL>;
   validateAuthorizationCode: ({
     code,
     redirectURI

package/dist/social-providers/facebook.mjs CHANGED Viewed

@@ -1,6 +1,5 @@
 import { BetterAuthError } from "../error/index.mjs";
 import { logger } from "../env/logger.mjs";
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { getPrimaryClientId } from "../oauth2/utils.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
@@ -36,22 +35,23 @@ async function verifyFacebookAccessToken(accessToken, options) {
 	if (is_valid !== true || !app_id || !clientIds.includes(app_id) || !user_id) return null;
 	return user_id;
 }
-const FACEBOOK_DEFAULT_SCOPES = ["email", "public_profile"];
 const facebook = (options) => {
 	return {
 		id: "facebook",
 		name: "Facebook",
-		callbackPath: "/callback/facebook",
 		async createAuthorizationURL({ state, scopes, redirectURI, loginHint, additionalParams }) {
 			if (!getPrimaryClientId(options.clientId) || !options.clientSecret) {
 				logger.error("Client ID and client secret are required for Facebook. Make sure to provide them in the options.");
 				throw new BetterAuthError("CLIENT_ID_AND_SECRET_REQUIRED");
 			}
-			return createAuthorizationURL({
+			const _scopes = options.disableDefaultScope ? [] : ["email", "public_profile"];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
+			return await createAuthorizationURL({
 				id: "facebook",
 				options,
 				authorizationEndpoint: "https://www.facebook.com/v24.0/dialog/oauth",
-				scopes: resolveRequestedScopes(options, FACEBOOK_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				redirectURI,
 				loginHint,

package/dist/social-providers/figma.d.mts CHANGED Viewed

@@ -12,7 +12,6 @@ interface FigmaOptions extends ProviderOptions<FigmaProfile> {
 declare const figma: (options: FigmaOptions) => {
   id: "figma";
   name: string;
-  callbackPath: string;
   createAuthorizationURL({
     state,
     scopes,
@@ -28,10 +27,7 @@ declare const figma: (options: FigmaOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }): Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }): Promise<URL>;
   validateAuthorizationCode: ({
     code,
     codeVerifier,

package/dist/social-providers/figma.mjs CHANGED Viewed

@@ -1,29 +1,29 @@
 import { BetterAuthError } from "../error/index.mjs";
 import { logger } from "../env/logger.mjs";
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
 import { betterFetch } from "@better-fetch/fetch";
 //#region src/social-providers/figma.ts
-const FIGMA_DEFAULT_SCOPES = ["current_user:read"];
 const figma = (options) => {
 	const tokenEndpoint = "https://api.figma.com/v1/oauth/token";
 	return {
 		id: "figma",
 		name: "Figma",
-		callbackPath: "/callback/figma",
 		async createAuthorizationURL({ state, scopes, codeVerifier, redirectURI, additionalParams }) {
 			if (!options.clientId || !options.clientSecret) {
 				logger.error("Client Id and Client Secret are required for Figma. Make sure to provide them in the options.");
 				throw new BetterAuthError("CLIENT_ID_AND_SECRET_REQUIRED");
 			}
 			if (!codeVerifier) throw new BetterAuthError("codeVerifier is required for Figma");
-			return createAuthorizationURL({
+			const _scopes = options.disableDefaultScope ? [] : ["current_user:read"];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
+			return await createAuthorizationURL({
 				id: "figma",
 				options,
 				authorizationEndpoint: "https://www.figma.com/oauth",
-				scopes: resolveRequestedScopes(options, FIGMA_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				codeVerifier,
 				redirectURI,

package/dist/social-providers/github.d.mts CHANGED Viewed

@@ -52,7 +52,6 @@ interface GithubOptions extends ProviderOptions<GithubProfile> {
 declare const github: (options: GithubOptions) => {
   id: "github";
   name: string;
-  callbackPath: string;
   createAuthorizationURL({
     state,
     scopes,
@@ -69,10 +68,7 @@ declare const github: (options: GithubOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }): Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }): Promise<URL>;
   validateAuthorizationCode: ({
     code,
     codeVerifier,

package/dist/social-providers/github.mjs CHANGED Viewed

@@ -1,24 +1,24 @@
 import { logger } from "../env/logger.mjs";
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { getOAuth2Tokens } from "../oauth2/utils.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { authorizationCodeRequest } from "../oauth2/validate-authorization-code.mjs";
 import { betterFetch } from "@better-fetch/fetch";
 //#region src/social-providers/github.ts
-const GITHUB_DEFAULT_SCOPES = ["read:user", "user:email"];
 const github = (options) => {
 	const tokenEndpoint = "https://github.com/login/oauth/access_token";
 	return {
 		id: "github",
 		name: "GitHub",
-		callbackPath: "/callback/github",
 		createAuthorizationURL({ state, scopes, loginHint, codeVerifier, redirectURI, additionalParams }) {
+			const _scopes = options.disableDefaultScope ? [] : ["read:user", "user:email"];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
 			return createAuthorizationURL({
 				id: "github",
 				options,
 				authorizationEndpoint: "https://github.com/login/oauth/authorize",
-				scopes: resolveRequestedScopes(options, GITHUB_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				codeVerifier,
 				redirectURI,

package/dist/social-providers/gitlab.d.mts CHANGED Viewed

@@ -52,7 +52,6 @@ interface GitlabOptions extends ProviderOptions<GitlabProfile> {
 declare const gitlab: (options: GitlabOptions) => {
   id: "gitlab";
   name: string;
-  callbackPath: string;
   createAuthorizationURL: ({
     state,
     scopes,
@@ -69,10 +68,7 @@ declare const gitlab: (options: GitlabOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }) => Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }) => Promise<URL>;
   validateAuthorizationCode: ({
     code,
     redirectURI,

package/dist/social-providers/gitlab.mjs CHANGED Viewed

@@ -1,4 +1,3 @@
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
@@ -15,20 +14,21 @@ const issuerToEndpoints = (issuer) => {
 		userinfoEndpoint: cleanDoubleSlashes(`${baseUrl}/api/v4/user`)
 	};
 };
-const GITLAB_DEFAULT_SCOPES = ["read_user"];
 const gitlab = (options) => {
 	const { authorizationEndpoint, tokenEndpoint, userinfoEndpoint } = issuerToEndpoints(options.issuer);
 	const issuerId = "gitlab";
 	return {
 		id: issuerId,
 		name: "Gitlab",
-		callbackPath: "/callback/gitlab",
-		createAuthorizationURL: ({ state, scopes, codeVerifier, loginHint, redirectURI, additionalParams }) => {
-			return createAuthorizationURL({
+		createAuthorizationURL: async ({ state, scopes, codeVerifier, loginHint, redirectURI, additionalParams }) => {
+			const _scopes = options.disableDefaultScope ? [] : ["read_user"];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
+			return await createAuthorizationURL({
 				id: issuerId,
 				options,
 				authorizationEndpoint,
-				scopes: resolveRequestedScopes(options, GITLAB_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				redirectURI,
 				codeVerifier,

package/dist/social-providers/google.d.mts CHANGED Viewed

@@ -48,19 +48,20 @@ interface GoogleOptions extends ProviderOptions<GoogleProfile> {
    */
   hd?: string | undefined;
   /**
-   * Enable incremental authorization via Google's `include_granted_scopes`
-   * parameter. When enabled, Google reports the user's full granted scope set
-   * in the token response.
+   * Whether to send `include_granted_scopes=true` to Google's authorization
+   * endpoint, which lets new access tokens cover scopes from prior grants
+   * in addition to the ones requested for this flow. Set to `false` when
+   * each OAuth flow should request only its own scopes.
    *
-   * @default true
+   * Defaults to `true`.
+   *
+   * @see https://developers.google.com/identity/protocols/oauth2/web-server#incrementalAuth
    */
   includeGrantedScopes?: boolean | undefined;
 }
 declare const google: (options: GoogleOptions) => {
   id: "google";
   name: string;
-  callbackPath: string;
-  grantAuthority: "full-grant" | "projection";
   createAuthorizationURL({
     state,
     scopes,
@@ -78,10 +79,7 @@ declare const google: (options: GoogleOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }): Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }): Promise<URL>;
   validateAuthorizationCode: ({
     code,
     codeVerifier,

package/dist/social-providers/google.mjs CHANGED Viewed

@@ -1,6 +1,5 @@
 import { APIError, BetterAuthError } from "../error/index.mjs";
 import { logger } from "../env/logger.mjs";
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { getPrimaryClientId } from "../oauth2/utils.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
@@ -8,28 +7,28 @@ import { validateAuthorizationCode } from "../oauth2/validate-authorization-code
 import { decodeJwt, importJWK } from "jose";
 import { betterFetch } from "@better-fetch/fetch";
 //#region src/social-providers/google.ts
-const GOOGLE_DEFAULT_SCOPES = [
-	"email",
-	"profile",
-	"openid"
-];
 const google = (options) => {
 	return {
 		id: "google",
 		name: "Google",
-		callbackPath: "/callback/google",
-		grantAuthority: options.includeGrantedScopes !== false ? "full-grant" : "projection",
 		async createAuthorizationURL({ state, scopes, codeVerifier, redirectURI, loginHint, display, additionalParams }) {
 			if (!getPrimaryClientId(options.clientId) || !options.clientSecret) {
 				logger.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options.");
 				throw new BetterAuthError("CLIENT_ID_AND_SECRET_REQUIRED");
 			}
 			if (!codeVerifier) throw new BetterAuthError("codeVerifier is required for Google");
-			return createAuthorizationURL({
+			const _scopes = options.disableDefaultScope ? [] : [
+				"email",
+				"profile",
+				"openid"
+			];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
+			return await createAuthorizationURL({
 				id: "google",
 				options,
 				authorizationEndpoint: "https://accounts.google.com/o/oauth2/v2/auth",
-				scopes: resolveRequestedScopes(options, GOOGLE_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				codeVerifier,
 				redirectURI,
@@ -38,9 +37,9 @@ const google = (options) => {
 				display: display || options.display,
 				loginHint,
 				hd: options.hd,
-				additionalParams: options.includeGrantedScopes === false ? { ...additionalParams ?? {} } : {
-					...additionalParams ?? {},
-					include_granted_scopes: "true"
+				additionalParams: {
+					...options.includeGrantedScopes === false ? {} : { include_granted_scopes: "true" },
+					...additionalParams ?? {}
 				}
 			});
 		},

package/dist/social-providers/huggingface.d.mts CHANGED Viewed

@@ -34,7 +34,6 @@ interface HuggingFaceOptions extends ProviderOptions<HuggingFaceProfile> {
 declare const huggingface: (options: HuggingFaceOptions) => {
   id: "huggingface";
   name: string;
-  callbackPath: string;
   createAuthorizationURL({
     state,
     scopes,
@@ -50,10 +49,7 @@ declare const huggingface: (options: HuggingFaceOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }): Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }): Promise<URL>;
   validateAuthorizationCode: ({
     code,
     codeVerifier,

package/dist/social-providers/huggingface.mjs CHANGED Viewed

@@ -1,26 +1,26 @@
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
 import { betterFetch } from "@better-fetch/fetch";
 //#region src/social-providers/huggingface.ts
-const HUGGINGFACE_DEFAULT_SCOPES = [
-	"openid",
-	"profile",
-	"email"
-];
 const huggingface = (options) => {
 	const tokenEndpoint = "https://huggingface.co/oauth/token";
 	return {
 		id: "huggingface",
 		name: "Hugging Face",
-		callbackPath: "/callback/huggingface",
 		createAuthorizationURL({ state, scopes, codeVerifier, redirectURI, additionalParams }) {
+			const _scopes = options.disableDefaultScope ? [] : [
+				"openid",
+				"profile",
+				"email"
+			];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
 			return createAuthorizationURL({
 				id: "huggingface",
 				options,
 				authorizationEndpoint: "https://huggingface.co/oauth/authorize",
-				scopes: resolveRequestedScopes(options, HUGGINGFACE_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				codeVerifier,
 				redirectURI,