@better-auth/oauth-provider 1.5.0-beta.6 → 1.5.0-beta.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,4 +1,4 @@
1
- import { a as getJwtPlugin, o as getOAuthProviderPlugin, p as handleMcpErrors } from "./utils-CAYiYjbw.mjs";
1
+ import { a as getJwtPlugin, o as getOAuthProviderPlugin, p as handleMcpErrors } from "./utils-CUVT0Bep.mjs";
2
2
  import { verifyAccessToken } from "better-auth/oauth2";
3
3
  import { APIError } from "better-call";
4
4
  import { BetterAuthError } from "@better-auth/core/error";
package/dist/index.mjs CHANGED
@@ -1,4 +1,4 @@
1
- import { a as getJwtPlugin, c as parseClientMetadata, d as storeToken, f as validateClientCredentials, i as getClient, l as parsePrompt, m as mcpHandler, n as decryptStoredClientSecret, r as deleteFromPrompt, s as getStoredToken, t as basicToClientCredentials, u as storeClientSecret } from "./utils-CAYiYjbw.mjs";
1
+ import { a as getJwtPlugin, c as parseClientMetadata, d as storeToken, f as validateClientCredentials, i as getClient, l as parsePrompt, m as mcpHandler, n as decryptStoredClientSecret, r as deleteFromPrompt, s as getStoredToken, t as basicToClientCredentials, u as storeClientSecret } from "./utils-CUVT0Bep.mjs";
2
2
  import { generateCodeChallenge, getJwks, verifyJwsAccessToken } from "better-auth/oauth2";
3
3
  import { APIError } from "better-call";
4
4
  import { BetterAuthError } from "@better-auth/core/error";
@@ -643,7 +643,7 @@ async function createRefreshToken(ctx, opts, user, referenceId, client, scopes,
643
643
  * and returns a valid audience based on the request
644
644
  */
645
645
  async function checkResource(ctx, opts, scopes) {
646
- let resource = ctx.body.resource;
646
+ const resource = ctx.body.resource;
647
647
  const audience = typeof resource === "string" ? [resource] : resource ? [...resource] : void 0;
648
648
  if (audience) {
649
649
  if (scopes.includes("openid")) audience.push(`${ctx.context.baseURL}/oauth2/userinfo`);
@@ -1007,7 +1007,7 @@ async function validateJwtAccessToken(ctx, opts, token, clientId) {
1007
1007
  if (!client || client?.disabled) return { active: false };
1008
1008
  if (clientId && jwtPayload.azp !== clientId) return { active: false };
1009
1009
  }
1010
- let sessionId = jwtPayload.sid;
1010
+ const sessionId = jwtPayload.sid;
1011
1011
  if (sessionId) {
1012
1012
  const session = await ctx.context.adapter.findOne({
1013
1013
  model: "session",
@@ -1385,7 +1385,7 @@ async function createOAuthClientEndpoint(ctx, opts, settings) {
1385
1385
  user: session?.user,
1386
1386
  session: session?.session
1387
1387
  }) : void 0;
1388
- let schema$1 = oauthToSchema({
1388
+ const schema$1 = oauthToSchema({
1389
1389
  ...body ?? {},
1390
1390
  disabled: void 0,
1391
1391
  jwks: void 0,
@@ -1524,9 +1524,9 @@ const SafeUrlSchema = z.url().superRefine((val, ctx) => {
1524
1524
  async function getClientEndpoint(ctx, opts) {
1525
1525
  const session = await getSessionFromCtx(ctx);
1526
1526
  if (!session) throw new APIError$1("UNAUTHORIZED");
1527
- if (!ctx.request) throw new APIError$1("BAD_REQUEST");
1527
+ if (!ctx.headers) throw new APIError$1("BAD_REQUEST");
1528
1528
  if (opts.clientPrivileges && !await opts.clientPrivileges({
1529
- headers: ctx.request.headers,
1529
+ headers: ctx.headers,
1530
1530
  action: "read",
1531
1531
  session: session.session,
1532
1532
  user: session.user
@@ -1572,9 +1572,9 @@ async function getClientPublicEndpoint(ctx, opts) {
1572
1572
  async function getClientsEndpoint(ctx, opts) {
1573
1573
  const session = await getSessionFromCtx(ctx);
1574
1574
  if (!session) throw new APIError$1("UNAUTHORIZED");
1575
- if (!ctx.request) throw new APIError$1("BAD_REQUEST");
1575
+ if (!ctx.headers) throw new APIError$1("BAD_REQUEST");
1576
1576
  if (opts.clientPrivileges && !await opts.clientPrivileges({
1577
- headers: ctx.request.headers,
1577
+ headers: ctx.headers,
1578
1578
  action: "list",
1579
1579
  session: session.session,
1580
1580
  user: session.user
@@ -1613,9 +1613,9 @@ async function getClientsEndpoint(ctx, opts) {
1613
1613
  async function deleteClientEndpoint(ctx, opts) {
1614
1614
  const session = await getSessionFromCtx(ctx);
1615
1615
  if (!session) throw new APIError$1("UNAUTHORIZED");
1616
- if (!ctx.request) throw new APIError$1("BAD_REQUEST");
1616
+ if (!ctx.headers) throw new APIError$1("BAD_REQUEST");
1617
1617
  if (opts.clientPrivileges && !await opts.clientPrivileges({
1618
- headers: ctx.request.headers,
1618
+ headers: ctx.headers,
1619
1619
  action: "delete",
1620
1620
  session: session.session,
1621
1621
  user: session.user
@@ -1646,9 +1646,9 @@ async function deleteClientEndpoint(ctx, opts) {
1646
1646
  async function updateClientEndpoint(ctx, opts) {
1647
1647
  const session = await getSessionFromCtx(ctx);
1648
1648
  if (!session) throw new APIError$1("UNAUTHORIZED");
1649
- if (!ctx.request) throw new APIError$1("BAD_REQUEST");
1649
+ if (!ctx.headers) throw new APIError$1("BAD_REQUEST");
1650
1650
  if (opts.clientPrivileges && !await opts.clientPrivileges({
1651
- headers: ctx.request.headers,
1651
+ headers: ctx.headers,
1652
1652
  action: "update",
1653
1653
  session: session.session,
1654
1654
  user: session.user
@@ -1697,9 +1697,9 @@ async function updateClientEndpoint(ctx, opts) {
1697
1697
  async function rotateClientSecretEndpoint(ctx, opts) {
1698
1698
  const session = await getSessionFromCtx(ctx);
1699
1699
  if (!session) throw new APIError$1("UNAUTHORIZED");
1700
- if (!ctx.request) throw new APIError$1("BAD_REQUEST");
1700
+ if (!ctx.headers) throw new APIError$1("BAD_REQUEST");
1701
1701
  if (opts.clientPrivileges && !await opts.clientPrivileges({
1702
- headers: ctx.request.headers,
1702
+ headers: ctx.headers,
1703
1703
  action: "rotate",
1704
1704
  session: session.session,
1705
1705
  user: session.user
@@ -283,7 +283,7 @@ function parsePrompt(prompt) {
283
283
  * @param prompt - the prompt value to delete
284
284
  */
285
285
  function deleteFromPrompt(query, prompt) {
286
- let prompts = query.get("prompt")?.split(" ");
286
+ const prompts = query.get("prompt")?.split(" ");
287
287
  const foundPrompt = prompts?.findIndex((v) => v === prompt) ?? -1;
288
288
  if (foundPrompt >= 0) {
289
289
  prompts?.splice(foundPrompt, 1);
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@better-auth/oauth-provider",
3
- "version": "1.5.0-beta.6",
3
+ "version": "1.5.0-beta.8",
4
4
  "type": "module",
5
5
  "description": "An oauth provider plugin for Better Auth",
6
6
  "main": "dist/index.mjs",
@@ -42,8 +42,8 @@
42
42
  "@modelcontextprotocol/sdk": "^1.25.2",
43
43
  "listhen": "^1.9.0",
44
44
  "tsdown": "^0.19.0",
45
- "@better-auth/core": "1.5.0-beta.6",
46
- "better-auth": "1.5.0-beta.6"
45
+ "@better-auth/core": "1.5.0-beta.8",
46
+ "better-auth": "1.5.0-beta.8"
47
47
  },
48
48
  "dependencies": {
49
49
  "jose": "^6.1.0",
@@ -53,8 +53,8 @@
53
53
  "@better-auth/utils": "0.3.0",
54
54
  "@better-fetch/fetch": "1.1.21",
55
55
  "better-call": "1.1.8",
56
- "@better-auth/core": "1.5.0-beta.6",
57
- "better-auth": "1.5.0-beta.6"
56
+ "@better-auth/core": "1.5.0-beta.8",
57
+ "better-auth": "1.5.0-beta.8"
58
58
  },
59
59
  "files": [
60
60
  "dist"