npm - @better-auth/oauth-provider - Versions diffs - 1.7.0-beta.6 → 1.7.0-beta.8 - Mend

@better-auth/oauth-provider 1.7.0-beta.6 → 1.7.0-beta.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/client-resource.d.mts +1 -1
package/dist/client-resource.mjs +1 -1
package/dist/client.d.mts +1 -1
package/dist/client.mjs +1 -1
package/dist/index.d.mts +2 -2
package/dist/index.mjs +2 -2
package/dist/{introspect-BXqKFUQZ.mjs → introspect-BXNvkz8S.mjs} +5 -1
package/dist/{oauth-CaXmZpoL.d.mts → oauth-CPWY2Few.d.mts} +7 -0
package/dist/{oauth-CAeemjD7.d.mts → oauth-CqOygaZd.d.mts} +1 -1
package/dist/{version-CUu3vBtU.mjs → version-bmpg6tAD.mjs} +1 -1
package/package.json +5 -5

package/dist/client-resource.d.mts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { c as ResourceServerMetadata } from "./oauth-CaXmZpoL.mjs";
+import { c as ResourceServerMetadata } from "./oauth-CPWY2Few.mjs";
 import { ResourceRequestInput, VerifyAccessTokenRequestOptions } from "better-auth/oauth2";
 import { JWTPayload, JWTVerifyOptions } from "jose";
 import { BetterAuthOptions } from "better-auth/types";

package/dist/client-resource.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
 import { o as getJwtPlugin, s as getOAuthProviderPlugin } from "./utils-Baq6atYN.mjs";
-import { t as PACKAGE_VERSION } from "./version-CUu3vBtU.mjs";
+import { t as PACKAGE_VERSION } from "./version-bmpg6tAD.mjs";
 import { t as raiseResourceServerChallenge } from "./resource-challenge-B-cqv4ur.mjs";
 import { APIError } from "better-call";
 import { logger } from "@better-auth/core/env";

package/dist/client.d.mts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { r as oauthProvider } from "./oauth-CAeemjD7.mjs";
+import { r as oauthProvider } from "./oauth-CqOygaZd.mjs";
 import * as _better_fetch_fetch0 from "@better-fetch/fetch";
 //#region src/client.d.ts

package/dist/client.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
 import { t as buildSignedOAuthQuery } from "./signed-query-CFv2jNMT.mjs";
-import { t as PACKAGE_VERSION } from "./version-CUu3vBtU.mjs";
+import { t as PACKAGE_VERSION } from "./version-bmpg6tAD.mjs";
 import { safeJSONParse } from "@better-auth/core/utils/json";
 //#region src/client.ts
 const oauthProviderClient = () => {

package/dist/index.d.mts CHANGED Viewed

@@ -1,5 +1,5 @@
-import { A as OAuthProviderExtension, B as StoreTokenType, C as OAuthConsent, D as OAuthOpaqueAccessToken, E as OAuthMetadataExtensionInput, F as OAuthTokenResponse, H as ClientRegistrationRequest, I as OAuthUserInfoExtensionInput, L as Prompt, M as OAuthResource, N as OAuthResourceInput, O as OAuthOptions, P as OAuthTokenIssueParams, R as SchemaClient, S as OAuthClientResource, T as OAuthExtensionGrantHandlerInput, U as ResourceUriSchema, V as VerificationValue, _ as OAuthClaimExtensionInput, a as GrantType, b as OAuthClientAuthenticationResult, c as ResourceServerMetadata, d as ActiveAccessTokenPayload, f as AuthorizePrompt, g as OAuthAuthorizationQuery, h as OAuthAuthenticatedClient, i as Confirmation, j as OAuthRefreshToken, k as OAuthProviderApi, l as TokenEndpointAuthMethod, m as InitialAccessTokenAuthorization, n as AuthServerMetadata, o as OAuthClient, p as ClientDiscovery, r as BearerMethodsSupported, s as OIDCMetadata, t as AuthMethod, u as TokenType, v as OAuthClientAuthenticationInput, w as OAuthExtensionGrantHandler, x as OAuthClientAuthenticationStrategy, y as OAuthClientAuthenticationRequest, z as Scope } from "./oauth-CaXmZpoL.mjs";
-import { a as OAuthEndpointErrorResult, c as OAuthFieldErrorCode, i as getIssuer, l as OAuthFieldErrorCodeMap, n as getOAuthProviderState, o as OAuthEndpointRedirectContext, r as oauthProvider, s as OAuthErrorCode, t as DEFAULT_OAUTH_SCOPES, u as OAuthRedirectOnError } from "./oauth-CAeemjD7.mjs";
+import { A as OAuthProviderExtension, B as StoreTokenType, C as OAuthConsent, D as OAuthOpaqueAccessToken, E as OAuthMetadataExtensionInput, F as OAuthTokenResponse, H as ClientRegistrationRequest, I as OAuthUserInfoExtensionInput, L as Prompt, M as OAuthResource, N as OAuthResourceInput, O as OAuthOptions, P as OAuthTokenIssueParams, R as SchemaClient, S as OAuthClientResource, T as OAuthExtensionGrantHandlerInput, U as ResourceUriSchema, V as VerificationValue, _ as OAuthClaimExtensionInput, a as GrantType, b as OAuthClientAuthenticationResult, c as ResourceServerMetadata, d as ActiveAccessTokenPayload, f as AuthorizePrompt, g as OAuthAuthorizationQuery, h as OAuthAuthenticatedClient, i as Confirmation, j as OAuthRefreshToken, k as OAuthProviderApi, l as TokenEndpointAuthMethod, m as InitialAccessTokenAuthorization, n as AuthServerMetadata, o as OAuthClient, p as ClientDiscovery, r as BearerMethodsSupported, s as OIDCMetadata, t as AuthMethod, u as TokenType, v as OAuthClientAuthenticationInput, w as OAuthExtensionGrantHandler, x as OAuthClientAuthenticationStrategy, y as OAuthClientAuthenticationRequest, z as Scope } from "./oauth-CPWY2Few.mjs";
+import { a as OAuthEndpointErrorResult, c as OAuthFieldErrorCode, i as getIssuer, l as OAuthFieldErrorCodeMap, n as getOAuthProviderState, o as OAuthEndpointRedirectContext, r as oauthProvider, s as OAuthErrorCode, t as DEFAULT_OAUTH_SCOPES, u as OAuthRedirectOnError } from "./oauth-CqOygaZd.mjs";
 import { getSessionFromCtx } from "better-auth/api";
 import { JWSAlgorithms, JwtOptions } from "better-auth/plugins";
 import { AuthContext, GenericEndpointContext } from "@better-auth/core";

package/dist/index.mjs CHANGED Viewed

@@ -1,8 +1,8 @@
 import { D as applyOAuthProviderMetadataExtensions, E as verifyOAuthQueryParams, F as getSupportedGrantTypes, L as isExtensionTokenEndpointAuthMethod, M as getClientDiscoveries, P as getSupportedAuthMethods, R as validateOAuthProviderExtensions, S as storeToken, T as validateClientCredentials, _ as removePromptFromQuery, a as getClient, b as searchParamsToQuery, c as getStoredToken, d as mergeDiscoveryMetadata, g as removeMaxAgeFromQuery, h as parsePrompt, i as extractClientCredentials, j as extendOAuthProvider, l as isPKCERequired, m as parseClientMetadata, n as decryptStoredClientSecret, o as getJwtPlugin, p as parseBearerToken, r as destructureCredentials, t as clientAllowsGrant, u as isSessionFreshForSignedQuery, w as toResourceList, x as storeClientSecret, y as resolveSubjectIdentifier } from "./utils-Baq6atYN.mjs";
 import { a as setSignedOAuthQueryParameterNames, i as postLoginClearedParam, n as canonicalizeOAuthQueryParams, o as signedQueryIssuedAtParam, r as getSignedQueryIssuedAt } from "./signed-query-CFv2jNMT.mjs";
-import { _ as invalidateResourceCache, a as invalidateRefreshFamily, b as resolveResourcePolicy, c as ResourceUriSchema, d as clientRegistrationRequestSchema, f as JWS_ALGORITHMS, g as getResource, h as extractRepeatedResourceFromForm, i as getOAuthProviderApi, l as SafeUrlSchema, m as buildClientResourceLinkId, o as tokenEndpoint, p as assertIdentifierValid, r as decodeRefreshToken, s as userInfoEndpoint, t as introspectEndpoint, u as authorizationQuerySchema, v as isAudienceClaimAllowed, x as seedResources, y as logEnforcePerClientResourcesResolution } from "./introspect-BXqKFUQZ.mjs";
+import { _ as invalidateResourceCache, a as invalidateRefreshFamily, b as resolveResourcePolicy, c as ResourceUriSchema, d as clientRegistrationRequestSchema, f as JWS_ALGORITHMS, g as getResource, h as extractRepeatedResourceFromForm, i as getOAuthProviderApi, l as SafeUrlSchema, m as buildClientResourceLinkId, o as tokenEndpoint, p as assertIdentifierValid, r as decodeRefreshToken, s as userInfoEndpoint, t as introspectEndpoint, u as authorizationQuerySchema, v as isAudienceClaimAllowed, x as seedResources, y as logEnforcePerClientResourcesResolution } from "./introspect-BXNvkz8S.mjs";
 import { n as consumeClientAssertion, r as isPrivateHostname } from "./client-assertion-CctbJywV.mjs";
-import { t as PACKAGE_VERSION } from "./version-CUu3vBtU.mjs";
+import { t as PACKAGE_VERSION } from "./version-bmpg6tAD.mjs";
 import { t as raiseResourceServerChallenge } from "./resource-challenge-B-cqv4ur.mjs";
 import { isBrowserFetchRequest } from "@better-auth/core/utils/fetch-metadata";
 import { isLoopbackHost, isLoopbackIP } from "@better-auth/core/utils/host";

package/dist/{introspect-BXqKFUQZ.mjs → introspect-BXNvkz8S.mjs} RENAMED Viewed

@@ -72,7 +72,7 @@ function stripReservedClaims(claims) {
 * always win.
 */
 async function resolveAccessTokenClaims(input) {
-	const { ctx, opts, user, client, scopes, resources, referenceId, metadata, grantType, perRequestClaims, resourcePolicyClaims } = input;
+	const { ctx, opts, user, client, scopes, resources, referenceId, metadata, grantType, sessionId, perRequestClaims, resourcePolicyClaims } = input;
 	const extensionClaims = await collectExtensionAccessTokenClaims(opts, {
 		ctx,
 		opts,
@@ -81,6 +81,7 @@ async function resolveAccessTokenClaims(input) {
 		scopes,
 		grantType,
 		referenceId,
+		sessionId,
 		resources,
 		metadata
 	});
@@ -1452,6 +1453,7 @@ async function createUserTokens(ctx, opts, params) {
 			scopes: effectiveScopes,
 			grantType,
 			referenceId,
+			sessionId,
 			resources: params.resources,
 			metadata
 		}),
@@ -1483,6 +1485,7 @@ async function createUserTokens(ctx, opts, params) {
 		client,
 		scopes: effectiveScopes,
 		grantType,
+		sessionId,
 		resources: params.resources,
 		referenceId,
 		metadata,
@@ -1940,6 +1943,7 @@ async function validateOpaqueAccessToken(ctx, opts, token, clientId) {
 		client,
 		scopes: accessToken.scopes ?? [],
 		grantType: void 0,
+		sessionId: void 0,
 		resources,
 		referenceId: accessToken.referenceId,
 		metadata: parseClientMetadata(client.metadata),

package/dist/{oauth-CaXmZpoL.d.mts → oauth-CPWY2Few.d.mts} RENAMED Viewed

@@ -849,6 +849,13 @@ interface OAuthClaimExtensionInput {
   scopes: string[];
   grantType?: GrantType;
   referenceId?: string;
+  /**
+   * Session the tokens are issued for, when one is available. Best-effort:
+   * set on the session-backed grants (authorization_code, refresh_token),
+   * undefined otherwise (client_credentials, introspection, or a session that
+   * was deleted or unlinked). Treat as possibly undefined.
+   */
+  sessionId?: string;
   resources?: string[];
   /** Parsed client metadata, as returned by `parseClientMetadata`. */
   metadata?: Record<string, unknown>;

package/dist/{oauth-CAeemjD7.d.mts → oauth-CqOygaZd.d.mts} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { C as OAuthConsent, F as OAuthTokenResponse, L as Prompt, M as OAuthResource, O as OAuthOptions, a as GrantType, l as TokenEndpointAuthMethod, n as AuthServerMetadata, o as OAuthClient, z as Scope } from "./oauth-CaXmZpoL.mjs";
+import { C as OAuthConsent, F as OAuthTokenResponse, L as Prompt, M as OAuthResource, O as OAuthOptions, a as GrantType, l as TokenEndpointAuthMethod, n as AuthServerMetadata, o as OAuthClient, z as Scope } from "./oauth-CPWY2Few.mjs";
 import * as better_call0 from "better-call";
 import * as z from "zod";
 import * as jose from "jose";

package/dist/{version-CUu3vBtU.mjs → version-bmpg6tAD.mjs} RENAMED Viewed

@@ -1,5 +1,5 @@
 //#endregion
 //#region src/version.ts
-const PACKAGE_VERSION = "1.7.0-beta.6";
+const PACKAGE_VERSION = "1.7.0-beta.8";
 //#endregion
 export { PACKAGE_VERSION as t };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/oauth-provider",
-  "version": "1.7.0-beta.6",
+  "version": "1.7.0-beta.8",
   "description": "An oauth provider plugin for Better Auth",
   "type": "module",
   "license": "MIT",
@@ -63,15 +63,15 @@
   "devDependencies": {
     "listhen": "^1.9.0",
     "tsdown": "0.21.1",
-    "@better-auth/core": "1.7.0-beta.6",
-    "better-auth": "1.7.0-beta.6"
+    "@better-auth/core": "1.7.0-beta.8",
+    "better-auth": "1.7.0-beta.8"
   },
   "peerDependencies": {
     "@better-auth/utils": "0.4.2",
     "@better-fetch/fetch": "1.3.1",
     "better-call": "1.3.6",
-    "@better-auth/core": "^1.7.0-beta.6",
-    "better-auth": "^1.7.0-beta.6"
+    "@better-auth/core": "^1.7.0-beta.8",
+    "better-auth": "^1.7.0-beta.8"
   },
   "scripts": {
     "build": "tsdown",