npm - @better-auth/core - Versions diffs - 1.7.0-beta.7 → 1.7.0-beta.8 - Mend

@better-auth/core 1.7.0-beta.7 → 1.7.0-beta.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (140) hide show

package/dist/api/index.d.mts +3 -3
package/dist/context/global.mjs +1 -1
package/dist/db/adapter/factory.mjs +1 -1
package/dist/db/get-tables.mjs +3 -3
package/dist/db/schema/account.d.mts +1 -1
package/dist/db/schema/account.mjs +1 -1
package/dist/error/codes.d.mts +0 -5
package/dist/error/codes.mjs +0 -5
package/dist/instrumentation/tracer.mjs +1 -1
package/dist/oauth2/create-authorization-url.d.mts +1 -4
package/dist/oauth2/create-authorization-url.mjs +1 -4
package/dist/oauth2/index.d.mts +3 -4
package/dist/oauth2/index.mjs +2 -3
package/dist/oauth2/oauth-provider.d.mts +12 -50
package/dist/oauth2/refresh-access-token.mjs +2 -1
package/dist/oauth2/utils.d.mts +6 -1
package/dist/oauth2/utils.mjs +24 -2
package/dist/oauth2/verify-id-token.d.mts +6 -5
package/dist/oauth2/verify-id-token.mjs +2 -2
package/dist/social-providers/apple.d.mts +1 -5
package/dist/social-providers/apple.mjs +5 -5
package/dist/social-providers/atlassian.d.mts +1 -5
package/dist/social-providers/atlassian.mjs +4 -4
package/dist/social-providers/cognito.d.mts +1 -5
package/dist/social-providers/cognito.mjs +11 -18
package/dist/social-providers/discord.d.mts +1 -5
package/dist/social-providers/discord.mjs +6 -7
package/dist/social-providers/dropbox.d.mts +1 -5
package/dist/social-providers/dropbox.mjs +5 -5
package/dist/social-providers/facebook.d.mts +1 -5
package/dist/social-providers/facebook.mjs +5 -5
package/dist/social-providers/figma.d.mts +1 -5
package/dist/social-providers/figma.mjs +5 -5
package/dist/social-providers/github.d.mts +1 -5
package/dist/social-providers/github.mjs +4 -4
package/dist/social-providers/gitlab.d.mts +1 -5
package/dist/social-providers/gitlab.mjs +6 -6
package/dist/social-providers/google.d.mts +8 -10
package/dist/social-providers/google.mjs +12 -13
package/dist/social-providers/huggingface.d.mts +1 -5
package/dist/social-providers/huggingface.mjs +8 -8
package/dist/social-providers/index.d.mts +35 -177
package/dist/social-providers/kakao.d.mts +1 -5
package/dist/social-providers/kakao.mjs +8 -8
package/dist/social-providers/kick.d.mts +1 -5
package/dist/social-providers/kick.mjs +4 -4
package/dist/social-providers/line.d.mts +1 -5
package/dist/social-providers/line.mjs +10 -10
package/dist/social-providers/linear.d.mts +1 -5
package/dist/social-providers/linear.mjs +4 -4
package/dist/social-providers/linkedin.d.mts +1 -5
package/dist/social-providers/linkedin.mjs +10 -10
package/dist/social-providers/microsoft-entra-id.d.mts +1 -5
package/dist/social-providers/microsoft-entra-id.mjs +10 -11
package/dist/social-providers/naver.d.mts +1 -5
package/dist/social-providers/naver.mjs +4 -4
package/dist/social-providers/notion.d.mts +1 -5
package/dist/social-providers/notion.mjs +4 -4
package/dist/social-providers/paybin.d.mts +1 -5
package/dist/social-providers/paybin.mjs +10 -10
package/dist/social-providers/paypal.d.mts +1 -5
package/dist/social-providers/paypal.mjs +2 -8
package/dist/social-providers/polar.d.mts +1 -5
package/dist/social-providers/polar.mjs +8 -8
package/dist/social-providers/railway.d.mts +1 -5
package/dist/social-providers/railway.mjs +9 -9
package/dist/social-providers/reddit.d.mts +1 -5
package/dist/social-providers/reddit.mjs +5 -5
package/dist/social-providers/roblox.d.mts +1 -5
package/dist/social-providers/roblox.mjs +5 -5
package/dist/social-providers/salesforce.d.mts +1 -5
package/dist/social-providers/salesforce.mjs +8 -8
package/dist/social-providers/slack.d.mts +1 -5
package/dist/social-providers/slack.mjs +9 -9
package/dist/social-providers/spotify.d.mts +1 -5
package/dist/social-providers/spotify.mjs +5 -5
package/dist/social-providers/tiktok.d.mts +1 -5
package/dist/social-providers/tiktok.mjs +5 -9
package/dist/social-providers/twitch.d.mts +1 -5
package/dist/social-providers/twitch.mjs +4 -4
package/dist/social-providers/twitter.d.mts +1 -5
package/dist/social-providers/twitter.mjs +9 -9
package/dist/social-providers/vercel.d.mts +1 -5
package/dist/social-providers/vercel.mjs +7 -4
package/dist/social-providers/vk.d.mts +1 -5
package/dist/social-providers/vk.mjs +5 -5
package/dist/social-providers/wechat.d.mts +1 -5
package/dist/social-providers/wechat.mjs +5 -9
package/dist/social-providers/zoom.d.mts +1 -6
package/dist/social-providers/zoom.mjs +9 -15
package/dist/types/context.d.mts +6 -2
package/package.json +1 -1
package/src/db/get-tables.ts +3 -8
package/src/db/schema/account.ts +5 -14
package/src/error/codes.ts +0 -5
package/src/oauth2/create-authorization-url.ts +1 -1
package/src/oauth2/index.ts +2 -12
package/src/oauth2/oauth-provider.ts +11 -56
package/src/oauth2/refresh-access-token.ts +3 -2
package/src/oauth2/utils.ts +39 -1
package/src/oauth2/verify-id-token.ts +7 -5
package/src/social-providers/apple.ts +8 -13
package/src/social-providers/atlassian.ts +8 -12
package/src/social-providers/cognito.ts +11 -18
package/src/social-providers/discord.ts +8 -19
package/src/social-providers/dropbox.ts +7 -13
package/src/social-providers/facebook.ts +9 -13
package/src/social-providers/figma.ts +9 -13
package/src/social-providers/github.ts +8 -12
package/src/social-providers/gitlab.ts +8 -14
package/src/social-providers/google.ts +23 -29
package/src/social-providers/huggingface.ts +8 -12
package/src/social-providers/kakao.ts +8 -16
package/src/social-providers/kick.ts +7 -12
package/src/social-providers/line.ts +10 -14
package/src/social-providers/linear.ts +6 -12
package/src/social-providers/linkedin.ts +10 -14
package/src/social-providers/microsoft-entra-id.ts +8 -18
package/src/social-providers/naver.ts +6 -12
package/src/social-providers/notion.ts +6 -12
package/src/social-providers/paybin.ts +11 -14
package/src/social-providers/paypal.ts +8 -6
package/src/social-providers/polar.ts +8 -12
package/src/social-providers/railway.ts +9 -13
package/src/social-providers/reddit.ts +7 -18
package/src/social-providers/roblox.ts +7 -18
package/src/social-providers/salesforce.ts +8 -12
package/src/social-providers/slack.ts +9 -18
package/src/social-providers/spotify.ts +7 -13
package/src/social-providers/tiktok.ts +7 -13
package/src/social-providers/twitch.ts +8 -12
package/src/social-providers/twitter.ts +8 -17
package/src/social-providers/vercel.ts +10 -16
package/src/social-providers/vk.ts +7 -13
package/src/social-providers/wechat.ts +8 -20
package/src/social-providers/zoom.ts +6 -19
package/src/types/context.ts +8 -2
package/dist/oauth2/scopes.d.mts +0 -76
package/dist/oauth2/scopes.mjs +0 -96
package/src/oauth2/scopes.ts +0 -118

package/dist/social-providers/kakao.mjs CHANGED Viewed

@@ -1,26 +1,26 @@
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
 import { betterFetch } from "@better-fetch/fetch";
 //#region src/social-providers/kakao.ts
-const KAKAO_DEFAULT_SCOPES = [
-	"account_email",
-	"profile_image",
-	"profile_nickname"
-];
 const kakao = (options) => {
 	const tokenEndpoint = "https://kauth.kakao.com/oauth/token";
 	return {
 		id: "kakao",
 		name: "Kakao",
-		callbackPath: "/callback/kakao",
 		createAuthorizationURL({ state, scopes, redirectURI, additionalParams }) {
+			const _scopes = options.disableDefaultScope ? [] : [
+				"account_email",
+				"profile_image",
+				"profile_nickname"
+			];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
 			return createAuthorizationURL({
 				id: "kakao",
 				options,
 				authorizationEndpoint: "https://kauth.kakao.com/oauth/authorize",
-				scopes: resolveRequestedScopes(options, KAKAO_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				redirectURI,
 				additionalParams

package/dist/social-providers/kick.d.mts CHANGED Viewed

@@ -24,7 +24,6 @@ interface KickOptions extends ProviderOptions<KickProfile> {
 declare const kick: (options: KickOptions) => {
   id: "kick";
   name: string;
-  callbackPath: string;
   createAuthorizationURL({
     state,
     scopes,
@@ -40,10 +39,7 @@ declare const kick: (options: KickOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }): Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }): Promise<URL>;
   validateAuthorizationCode({
     code,
     redirectURI,

package/dist/social-providers/kick.mjs CHANGED Viewed

@@ -1,22 +1,22 @@
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
 import { betterFetch } from "@better-fetch/fetch";
 //#region src/social-providers/kick.ts
-const KICK_DEFAULT_SCOPES = ["user:read"];
 const kick = (options) => {
 	return {
 		id: "kick",
 		name: "Kick",
-		callbackPath: "/callback/kick",
 		createAuthorizationURL({ state, scopes, redirectURI, codeVerifier, additionalParams }) {
+			const _scopes = options.disableDefaultScope ? [] : ["user:read"];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
 			return createAuthorizationURL({
 				id: "kick",
 				redirectURI,
 				options,
 				authorizationEndpoint: "https://id.kick.com/oauth/authorize",
-				scopes: resolveRequestedScopes(options, KICK_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				codeVerifier,
 				state,
 				additionalParams

package/dist/social-providers/line.d.mts CHANGED Viewed

@@ -33,7 +33,6 @@ interface LineOptions extends ProviderOptions<LineUserInfo | LineIdTokenPayload>
 declare const line: (options: LineOptions) => {
   id: "line";
   name: string;
-  callbackPath: string;
   createAuthorizationURL({
     state,
     scopes,
@@ -50,10 +49,7 @@ declare const line: (options: LineOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }): Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }): Promise<URL>;
   validateAuthorizationCode: ({
     code,
     codeVerifier,

package/dist/social-providers/line.mjs CHANGED Viewed

@@ -1,15 +1,9 @@
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
 import { decodeJwt } from "jose";
 import { betterFetch } from "@better-fetch/fetch";
 //#region src/social-providers/line.ts
-const LINE_DEFAULT_SCOPES = [
-	"openid",
-	"profile",
-	"email"
-];
 /**
 * LINE Login v2.1
 * - Authorization endpoint: https://access.line.me/oauth2/v2.1/authorize
@@ -27,13 +21,19 @@ const line = (options) => {
 	return {
 		id: "line",
 		name: "LINE",
-		callbackPath: "/callback/line",
-		createAuthorizationURL({ state, scopes, codeVerifier, redirectURI, loginHint, additionalParams }) {
-			return createAuthorizationURL({
+		async createAuthorizationURL({ state, scopes, codeVerifier, redirectURI, loginHint, additionalParams }) {
+			const _scopes = options.disableDefaultScope ? [] : [
+				"openid",
+				"profile",
+				"email"
+			];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
+			return await createAuthorizationURL({
 				id: "line",
 				options,
 				authorizationEndpoint,
-				scopes: resolveRequestedScopes(options, LINE_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				codeVerifier,
 				redirectURI,

package/dist/social-providers/linear.d.mts CHANGED Viewed

@@ -20,7 +20,6 @@ interface LinearOptions extends ProviderOptions<LinearUser> {
 declare const linear: (options: LinearOptions) => {
   id: "linear";
   name: string;
-  callbackPath: string;
   createAuthorizationURL({
     state,
     scopes,
@@ -36,10 +35,7 @@ declare const linear: (options: LinearOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }): Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }): Promise<URL>;
   validateAuthorizationCode: ({
     code,
     redirectURI

package/dist/social-providers/linear.mjs CHANGED Viewed

@@ -1,22 +1,22 @@
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
 import { betterFetch } from "@better-fetch/fetch";
 //#region src/social-providers/linear.ts
-const LINEAR_DEFAULT_SCOPES = ["read"];
 const linear = (options) => {
 	const tokenEndpoint = "https://api.linear.app/oauth/token";
 	return {
 		id: "linear",
 		name: "Linear",
-		callbackPath: "/callback/linear",
 		createAuthorizationURL({ state, scopes, loginHint, redirectURI, additionalParams }) {
+			const _scopes = options.disableDefaultScope ? [] : ["read"];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
 			return createAuthorizationURL({
 				id: "linear",
 				options,
 				authorizationEndpoint: "https://linear.app/oauth/authorize",
-				scopes: resolveRequestedScopes(options, LINEAR_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				redirectURI,
 				loginHint,

package/dist/social-providers/linkedin.d.mts CHANGED Viewed

@@ -19,7 +19,6 @@ interface LinkedInOptions extends ProviderOptions<LinkedInProfile> {
 declare const linkedin: (options: LinkedInOptions) => {
   id: "linkedin";
   name: string;
-  callbackPath: string;
   createAuthorizationURL: ({
     state,
     scopes,
@@ -35,10 +34,7 @@ declare const linkedin: (options: LinkedInOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }) => Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }) => Promise<URL>;
   validateAuthorizationCode: ({
     code,
     redirectURI

package/dist/social-providers/linkedin.mjs CHANGED Viewed

@@ -1,27 +1,27 @@
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
 import { betterFetch } from "@better-fetch/fetch";
 //#region src/social-providers/linkedin.ts
-const LINKEDIN_DEFAULT_SCOPES = [
-	"profile",
-	"email",
-	"openid"
-];
 const linkedin = (options) => {
 	const authorizationEndpoint = "https://www.linkedin.com/oauth/v2/authorization";
 	const tokenEndpoint = "https://www.linkedin.com/oauth/v2/accessToken";
 	return {
 		id: "linkedin",
 		name: "Linkedin",
-		callbackPath: "/callback/linkedin",
-		createAuthorizationURL: ({ state, scopes, redirectURI, loginHint, additionalParams }) => {
-			return createAuthorizationURL({
+		createAuthorizationURL: async ({ state, scopes, redirectURI, loginHint, additionalParams }) => {
+			const _scopes = options.disableDefaultScope ? [] : [
+				"profile",
+				"email",
+				"openid"
+			];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
+			return await createAuthorizationURL({
 				id: "linkedin",
 				options,
 				authorizationEndpoint,
-				scopes: resolveRequestedScopes(options, LINKEDIN_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				loginHint,
 				redirectURI,

package/dist/social-providers/microsoft-entra-id.d.mts CHANGED Viewed

@@ -139,7 +139,6 @@ interface MicrosoftOptions extends ProviderOptions<MicrosoftEntraIDProfile> {
 declare const microsoft: (options: MicrosoftOptions) => {
   id: "microsoft";
   name: string;
-  callbackPath: string;
   createAuthorizationURL(data: {
     state: string;
     codeVerifier: string;
@@ -149,10 +148,7 @@ declare const microsoft: (options: MicrosoftOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }): Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }): Promise<URL>;
   validateAuthorizationCode({
     code,
     codeVerifier,

package/dist/social-providers/microsoft-entra-id.mjs CHANGED Viewed

@@ -1,6 +1,5 @@
 import { APIError, BetterAuthError } from "../error/index.mjs";
 import { logger } from "../env/logger.mjs";
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { getPrimaryClientId } from "../oauth2/utils.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
@@ -16,13 +15,6 @@ import { betterFetch } from "@better-fetch/fetch";
 * @see https://learn.microsoft.com/en-us/entra/identity-platform/id-token-claims-reference
 */
 const MICROSOFT_CONSUMER_TENANT_ID = "9188040d-6c67-4c5b-b112-36a304b66dad";
-const MICROSOFT_ENTRA_ID_DEFAULT_SCOPES = [
-	"openid",
-	"profile",
-	"email",
-	"User.Read",
-	"offline_access"
-];
 const microsoft = (options) => {
 	const tenant = options.tenantId || "common";
 	let authority = options.authority || "https://login.microsoftonline.com";
@@ -37,20 +29,27 @@ const microsoft = (options) => {
 	return {
 		id: "microsoft",
 		name: "Microsoft EntraID",
-		callbackPath: "/callback/microsoft",
 		createAuthorizationURL(data) {
 			if (!getPrimaryClientId(options.clientId)) {
 				logger.error("Client Id is required for Microsoft Entra ID. Make sure to provide it in the options.");
 				throw new BetterAuthError("CLIENT_ID_AND_SECRET_REQUIRED");
 			}
-			const requestedScopes = resolveRequestedScopes(options, MICROSOFT_ENTRA_ID_DEFAULT_SCOPES, data.scopes);
+			const scopes = options.disableDefaultScope ? [] : [
+				"openid",
+				"profile",
+				"email",
+				"User.Read",
+				"offline_access"
+			];
+			if (options.scope) scopes.push(...options.scope);
+			if (data.scopes) scopes.push(...data.scopes);
 			return createAuthorizationURL({
 				id: "microsoft",
 				options,
 				authorizationEndpoint,
 				state: data.state,
 				codeVerifier: data.codeVerifier,
-				scopes: requestedScopes,
+				scopes,
 				redirectURI: data.redirectURI,
 				prompt: options.prompt,
 				loginHint: data.loginHint,

package/dist/social-providers/naver.d.mts CHANGED Viewed

@@ -24,7 +24,6 @@ interface NaverOptions extends ProviderOptions<NaverProfile> {
 declare const naver: (options: NaverOptions) => {
   id: "naver";
   name: string;
-  callbackPath: string;
   createAuthorizationURL({
     state,
     scopes,
@@ -39,10 +38,7 @@ declare const naver: (options: NaverOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }): Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }): Promise<URL>;
   validateAuthorizationCode: ({
     code,
     redirectURI

package/dist/social-providers/naver.mjs CHANGED Viewed

@@ -1,22 +1,22 @@
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
 import { betterFetch } from "@better-fetch/fetch";
 //#region src/social-providers/naver.ts
-const NAVER_DEFAULT_SCOPES = ["profile", "email"];
 const naver = (options) => {
 	const tokenEndpoint = "https://nid.naver.com/oauth2.0/token";
 	return {
 		id: "naver",
 		name: "Naver",
-		callbackPath: "/callback/naver",
 		createAuthorizationURL({ state, scopes, redirectURI, additionalParams }) {
+			const _scopes = options.disableDefaultScope ? [] : ["profile", "email"];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
 			return createAuthorizationURL({
 				id: "naver",
 				options,
 				authorizationEndpoint: "https://nid.naver.com/oauth2.0/authorize",
-				scopes: resolveRequestedScopes(options, NAVER_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				redirectURI,
 				additionalParams

package/dist/social-providers/notion.d.mts CHANGED Viewed

@@ -16,7 +16,6 @@ interface NotionOptions extends ProviderOptions<NotionProfile> {
 declare const notion: (options: NotionOptions) => {
   id: "notion";
   name: string;
-  callbackPath: string;
   createAuthorizationURL({
     state,
     scopes,
@@ -32,10 +31,7 @@ declare const notion: (options: NotionOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }): Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }): Promise<URL>;
   validateAuthorizationCode: ({
     code,
     redirectURI

package/dist/social-providers/notion.mjs CHANGED Viewed

@@ -1,22 +1,22 @@
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
 import { betterFetch } from "@better-fetch/fetch";
 //#region src/social-providers/notion.ts
-const NOTION_DEFAULT_SCOPES = [];
 const notion = (options) => {
 	const tokenEndpoint = "https://api.notion.com/v1/oauth/token";
 	return {
 		id: "notion",
 		name: "Notion",
-		callbackPath: "/callback/notion",
 		createAuthorizationURL({ state, scopes, loginHint, redirectURI, additionalParams }) {
+			const _scopes = options.disableDefaultScope ? [] : [];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
 			return createAuthorizationURL({
 				id: "notion",
 				options,
 				authorizationEndpoint: "https://api.notion.com/v1/oauth/authorize",
-				scopes: resolveRequestedScopes(options, NOTION_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				redirectURI,
 				loginHint,

package/dist/social-providers/paybin.d.mts CHANGED Viewed

@@ -21,7 +21,6 @@ interface PaybinOptions extends ProviderOptions<PaybinProfile> {
 declare const paybin: (options: PaybinOptions) => {
   id: "paybin";
   name: string;
-  callbackPath: string;
   createAuthorizationURL({
     state,
     scopes,
@@ -38,10 +37,7 @@ declare const paybin: (options: PaybinOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }): Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }): Promise<URL>;
   validateAuthorizationCode: ({
     code,
     codeVerifier,

package/dist/social-providers/paybin.mjs CHANGED Viewed

@@ -1,16 +1,10 @@
 import { BetterAuthError } from "../error/index.mjs";
 import { logger } from "../env/logger.mjs";
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
 import { decodeJwt } from "jose";
 //#region src/social-providers/paybin.ts
-const PAYBIN_DEFAULT_SCOPES = [
-	"openid",
-	"email",
-	"profile"
-];
 const paybin = (options) => {
 	const issuer = options.issuer || "https://idp.paybin.io";
 	const authorizationEndpoint = `${issuer}/oauth2/authorize`;
@@ -18,18 +12,24 @@ const paybin = (options) => {
 	return {
 		id: "paybin",
 		name: "Paybin",
-		callbackPath: "/callback/paybin",
-		createAuthorizationURL({ state, scopes, codeVerifier, redirectURI, loginHint, additionalParams }) {
+		async createAuthorizationURL({ state, scopes, codeVerifier, redirectURI, loginHint, additionalParams }) {
 			if (!options.clientId || !options.clientSecret) {
 				logger.error("Client Id and Client Secret is required for Paybin. Make sure to provide them in the options.");
 				throw new BetterAuthError("CLIENT_ID_AND_SECRET_REQUIRED");
 			}
 			if (!codeVerifier) throw new BetterAuthError("codeVerifier is required for Paybin");
-			return createAuthorizationURL({
+			const _scopes = options.disableDefaultScope ? [] : [
+				"openid",
+				"email",
+				"profile"
+			];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
+			return await createAuthorizationURL({
 				id: "paybin",
 				options,
 				authorizationEndpoint,
-				scopes: resolveRequestedScopes(options, PAYBIN_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				codeVerifier,
 				redirectURI,

package/dist/social-providers/paypal.d.mts CHANGED Viewed

@@ -51,7 +51,6 @@ interface PayPalOptions extends ProviderOptions<PayPalProfile> {
 declare const paypal: (options: PayPalOptions) => {
   id: "paypal";
   name: string;
-  callbackPath: string;
   createAuthorizationURL({
     state,
     codeVerifier,
@@ -66,10 +65,7 @@ declare const paypal: (options: PayPalOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }): Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }): Promise<URL>;
   validateAuthorizationCode: ({
     code,
     redirectURI

package/dist/social-providers/paypal.mjs CHANGED Viewed

@@ -12,18 +12,12 @@ const paypal = (options) => {
 	return {
 		id: "paypal",
 		name: "PayPal",
-		callbackPath: "/callback/paypal",
-		createAuthorizationURL({ state, codeVerifier, redirectURI, additionalParams }) {
+		async createAuthorizationURL({ state, codeVerifier, redirectURI, additionalParams }) {
 			if (!options.clientId || !options.clientSecret) {
 				logger.error("Client Id and Client Secret is required for PayPal. Make sure to provide them in the options.");
 				throw new BetterAuthError("CLIENT_ID_AND_SECRET_REQUIRED");
 			}
-			/**
-			* Log in with PayPal doesn't use traditional OAuth2 scopes
-			* Instead, permissions are configured in the PayPal Developer Dashboard
-			* We don't pass any scopes to avoid "invalid scope" errors
-			**/
-			return createAuthorizationURL({
+			return await createAuthorizationURL({
 				id: "paypal",
 				options,
 				authorizationEndpoint,

package/dist/social-providers/polar.d.mts CHANGED Viewed

@@ -25,7 +25,6 @@ interface PolarOptions extends ProviderOptions<PolarProfile> {}
 declare const polar: (options: PolarOptions) => {
   id: "polar";
   name: string;
-  callbackPath: string;
   createAuthorizationURL({
     state,
     scopes,
@@ -41,10 +40,7 @@ declare const polar: (options: PolarOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }): Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }): Promise<URL>;
   validateAuthorizationCode: ({
     code,
     codeVerifier,

package/dist/social-providers/polar.mjs CHANGED Viewed

@@ -1,26 +1,26 @@
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
 import { betterFetch } from "@better-fetch/fetch";
 //#region src/social-providers/polar.ts
-const POLAR_DEFAULT_SCOPES = [
-	"openid",
-	"profile",
-	"email"
-];
 const polar = (options) => {
 	const tokenEndpoint = "https://api.polar.sh/v1/oauth2/token";
 	return {
 		id: "polar",
 		name: "Polar",
-		callbackPath: "/callback/polar",
 		createAuthorizationURL({ state, scopes, codeVerifier, redirectURI, additionalParams }) {
+			const _scopes = options.disableDefaultScope ? [] : [
+				"openid",
+				"profile",
+				"email"
+			];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
 			return createAuthorizationURL({
 				id: "polar",
 				options,
 				authorizationEndpoint: "https://polar.sh/oauth2/authorize",
-				scopes: resolveRequestedScopes(options, POLAR_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				codeVerifier,
 				redirectURI,

package/dist/social-providers/railway.d.mts CHANGED Viewed

@@ -16,7 +16,6 @@ interface RailwayOptions extends ProviderOptions<RailwayProfile> {
 declare const railway: (options: RailwayOptions) => {
   id: "railway";
   name: string;
-  callbackPath: string;
   createAuthorizationURL({
     state,
     scopes,
@@ -32,10 +31,7 @@ declare const railway: (options: RailwayOptions) => {
     loginHint?: string | undefined;
     idTokenNonce?: string | undefined;
     additionalParams?: Record<string, string> | undefined;
-  }): Promise<{
-    url: URL;
-    requestedScopes: string[];
-  }>;
+  }): Promise<URL>;
   validateAuthorizationCode: ({
     code,
     codeVerifier,

package/dist/social-providers/railway.mjs CHANGED Viewed

@@ -1,4 +1,3 @@
-import { resolveRequestedScopes } from "../oauth2/scopes.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
@@ -7,22 +6,23 @@ import { betterFetch } from "@better-fetch/fetch";
 const authorizationEndpoint = "https://backboard.railway.com/oauth/auth";
 const tokenEndpoint = "https://backboard.railway.com/oauth/token";
 const userinfoEndpoint = "https://backboard.railway.com/oauth/me";
-const RAILWAY_DEFAULT_SCOPES = [
-	"openid",
-	"email",
-	"profile"
-];
 const railway = (options) => {
 	return {
 		id: "railway",
 		name: "Railway",
-		callbackPath: "/callback/railway",
-		async createAuthorizationURL({ state, scopes, codeVerifier, redirectURI, additionalParams }) {
+		createAuthorizationURL({ state, scopes, codeVerifier, redirectURI, additionalParams }) {
+			const _scopes = options.disableDefaultScope ? [] : [
+				"openid",
+				"email",
+				"profile"
+			];
+			if (options.scope) _scopes.push(...options.scope);
+			if (scopes) _scopes.push(...scopes);
 			return createAuthorizationURL({
 				id: "railway",
 				options,
 				authorizationEndpoint,
-				scopes: resolveRequestedScopes(options, RAILWAY_DEFAULT_SCOPES, scopes),
+				scopes: _scopes,
 				state,
 				codeVerifier,
 				redirectURI,