@better-auth/oauth-provider 1.6.7 → 1.6.9

package/dist/client-resource.d.mts

@@ -1,4 +1,4 @@
-import { a as ResourceServerMetadata } from "./oauth-IpUqx-_N.mjs";
+import { a as ResourceServerMetadata } from "./oauth-DMjvJjmR.mjs";
 import { JWTPayload, JWTVerifyOptions } from "jose";
 import { Auth } from "better-auth/types";
 

package/dist/client-resource.mjs

@@ -1,5 +1,5 @@
 import { a as getJwtPlugin, o as getOAuthProviderPlugin, y as handleMcpErrors } from "./utils-B9Pj9EPf.mjs";
-import { t as PACKAGE_VERSION } from "./version-BWjL4z5q.mjs";
+import { t as PACKAGE_VERSION } from "./version-ittBKKvy.mjs";
 import { verifyAccessToken } from "better-auth/oauth2";
 import { APIError } from "better-call";
 import { logger } from "@better-auth/core/env";

package/dist/client.d.mts

@@ -1,4 +1,4 @@
-import { n as oauthProvider } from "./oauth-DH61OMT6.mjs";
+import { n as oauthProvider } from "./oauth-By0LyEmY.mjs";
 import * as _better_fetch_fetch0 from "@better-fetch/fetch";
 
 //#region src/client.d.ts

package/dist/client.mjs

@@ -1,4 +1,4 @@
-import { t as PACKAGE_VERSION } from "./version-BWjL4z5q.mjs";
+import { t as PACKAGE_VERSION } from "./version-ittBKKvy.mjs";
 import { safeJSONParse } from "@better-auth/core/utils/json";
 //#region src/client.ts
 function parseSignedQuery(search) {

package/dist/index.d.mts

@@ -1,5 +1,5 @@
-import { _ as Awaitable, a as ResourceServerMetadata, c as OAuthConsent, d as OAuthRefreshToken, f as Prompt, g as VerificationValue, h as StoreTokenType, i as OIDCMetadata, l as OAuthOpaqueAccessToken, m as Scope, n as GrantType, o as AuthorizePrompt, p as SchemaClient, r as OAuthClient, s as OAuthAuthorizationQuery, t as AuthServerMetadata, u as OAuthOptions } from "./oauth-IpUqx-_N.mjs";
-import { n as oauthProvider, t as getOAuthProviderState } from "./oauth-DH61OMT6.mjs";
+import { _ as Awaitable, a as ResourceServerMetadata, c as OAuthConsent, d as OAuthRefreshToken, f as Prompt, g as VerificationValue, h as StoreTokenType, i as OIDCMetadata, l as OAuthOpaqueAccessToken, m as Scope, n as GrantType, o as AuthorizePrompt, p as SchemaClient, r as OAuthClient, s as OAuthAuthorizationQuery, t as AuthServerMetadata, u as OAuthOptions } from "./oauth-DMjvJjmR.mjs";
+import { n as oauthProvider, t as getOAuthProviderState } from "./oauth-By0LyEmY.mjs";
 import { verifyAccessToken } from "better-auth/oauth2";
 import { JWSAlgorithms, JwtOptions } from "better-auth/plugins";
 import { JWTPayload } from "jose";

package/dist/index.mjs

@@ -1,5 +1,5 @@
 import { _ as validateClientCredentials, a as getJwtPlugin, b as mcpHandler, c as isPKCERequired, d as parsePrompt, f as resolveSessionAuthTime, g as storeToken, h as storeClientSecret, i as getClient, l as normalizeTimestampValue, m as searchParamsToQuery, n as decryptStoredClientSecret, p as resolveSubjectIdentifier, r as deleteFromPrompt, s as getStoredToken, t as basicToClientCredentials, u as parseClientMetadata, v as verifyOAuthQueryParams } from "./utils-B9Pj9EPf.mjs";
-import { t as PACKAGE_VERSION } from "./version-BWjL4z5q.mjs";
+import { t as PACKAGE_VERSION } from "./version-ittBKKvy.mjs";
 import { APIError, createAuthEndpoint, createAuthMiddleware, getOAuthState, getSessionFromCtx, sessionMiddleware } from "better-auth/api";
 import { generateCodeChallenge, getJwks, verifyJwsAccessToken } from "better-auth/oauth2";
 import { APIError as APIError$1 } from "better-call";
@@ -169,7 +169,7 @@ const oauthAuthorizationQuerySchema = z.object({
 	request_uri: z.string().optional(),
 	redirect_uri: z.string(),
 	scope: z.string().optional(),
-	state: z.string(),
+	state: z.string().optional(),
 	client_id: z.string(),
 	prompt: z.string().optional(),
 	display: z.string().optional(),

package/dist/{oauth-DH61OMT6.d.mts → oauth-By0LyEmY.d.mts}

@@ -1,4 +1,4 @@
-import { c as OAuthConsent, i as OIDCMetadata, m as Scope, r as OAuthClient, t as AuthServerMetadata, u as OAuthOptions } from "./oauth-IpUqx-_N.mjs";
+import { c as OAuthConsent, i as OIDCMetadata, m as Scope, r as OAuthClient, t as AuthServerMetadata, u as OAuthOptions } from "./oauth-DMjvJjmR.mjs";
 import * as better_call0 from "better-call";
 import * as z from "zod";
 import * as better_auth_plugins0 from "better-auth/plugins";

package/dist/{oauth-IpUqx-_N.d.mts → oauth-DMjvJjmR.d.mts}

@@ -1022,10 +1022,12 @@ interface OAuthAuthorizationQuery {
    * Cross-Site Request Forgery (CSRF, XSRF) mitigation is done by cryptographically binding the
    * value of this parameter with a browser cookie.
    *
+   * Recommended for clients, but optional for the authorization server.
+   *
    * Note: Better Auth stores the state in a database instead of a cookie. - This is to minimize
    * the complication with native apps and other clients that may not have access to cookies.
    */
-  state: string;
+  state?: string;
   /**
    * The client ID. Must be the ID of a registered client.
    */

package/dist/{version-BWjL4z5q.mjs → version-ittBKKvy.mjs}

@@ -1,5 +1,5 @@
 //#endregion
 //#region src/version.ts
-const PACKAGE_VERSION = "1.6.7";
+const PACKAGE_VERSION = "1.6.9";
 //#endregion
 export { PACKAGE_VERSION as t };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/oauth-provider",
-  "version": "1.6.7",
+  "version": "1.6.9",
   "description": "An oauth provider plugin for Better Auth",
   "type": "module",
   "license": "MIT",
@@ -64,15 +64,15 @@
     "@modelcontextprotocol/sdk": "^1.27.1",
     "listhen": "^1.9.0",
     "tsdown": "0.21.1",
-    "@better-auth/core": "1.6.7",
-    "better-auth": "1.6.7"
+    "@better-auth/core": "1.6.9",
+    "better-auth": "1.6.9"
   },
   "peerDependencies": {
     "@better-auth/utils": "0.4.0",
     "@better-fetch/fetch": "1.1.21",
     "better-call": "1.3.5",
-    "@better-auth/core": "^1.6.7",
-    "better-auth": "^1.6.7"
+    "@better-auth/core": "^1.6.9",
+    "better-auth": "^1.6.9"
   },
   "scripts": {
     "build": "tsdown",