npm - @better-auth/sso - Versions diffs - 1.4.0-beta.24 → 1.4.0-beta.27 - Mend

@better-auth/sso 1.4.0-beta.24 → 1.4.0-beta.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/.turbo/turbo-build.log +6 -6
package/dist/client.d.mts +1 -1
package/dist/{index-BdGHTkZi.d.mts → index-D-JmJR9N.d.mts} +4 -3
package/dist/index.d.mts +1 -1
package/dist/index.mjs +12 -1
package/package.json +4 -4
package/src/routes/sso.ts +32 -1

package/.turbo/turbo-build.log CHANGED Viewed

@@ -1,5 +1,5 @@
-> @better-auth/sso@1.4.0-beta.24 build /home/runner/work/better-auth/better-auth/packages/sso
+> @better-auth/sso@1.4.0-beta.27 build /home/runner/work/better-auth/better-auth/packages/sso
 > tsdown
 [34mℹ[39m tsdown [2mv0.16.5[22m powered by rolldown [2mv1.0.0-beta.50[22m
@@ -7,10 +7,10 @@
 [34mℹ[39m entry: [34msrc/index.ts, src/client.ts[39m
 [34mℹ[39m tsconfig: [34mtsconfig.json[39m
 [34mℹ[39m Build start
-[34mℹ[39m [2mdist/[22m[1mindex.mjs[22m             [2m57.85 kB[22m [2m│ gzip: 10.36 kB[22m
+[34mℹ[39m [2mdist/[22m[1mindex.mjs[22m             [2m58.49 kB[22m [2m│ gzip: 10.33 kB[22m
 [34mℹ[39m [2mdist/[22m[1mclient.mjs[22m            [2m 0.15 kB[22m [2m│ gzip:  0.14 kB[22m
-[34mℹ[39m [2mdist/[22m[32m[1mclient.d.mts[22m[39m          [2m 0.49 kB[22m [2m│ gzip:  0.29 kB[22m
+[34mℹ[39m [2mdist/[22m[32m[1mclient.d.mts[22m[39m          [2m 0.49 kB[22m [2m│ gzip:  0.30 kB[22m
 [34mℹ[39m [2mdist/[22m[32m[1mindex.d.mts[22m[39m           [2m 0.21 kB[22m [2m│ gzip:  0.15 kB[22m
-[34mℹ[39m [2mdist/[22m[32mindex-BdGHTkZi.d.mts[39m  [2m25.39 kB[22m [2m│ gzip:  3.95 kB[22m
-[34mℹ[39m 5 files, total: 84.10 kB
-[32m✔[39m Build complete in [32m11149ms[39m
+[34mℹ[39m [2mdist/[22m[32mindex-D-JmJR9N.d.mts[39m  [2m25.42 kB[22m [2m│ gzip:  3.95 kB[22m
+[34mℹ[39m 5 files, total: 84.77 kB
+[32m✔[39m Build complete in [32m11560ms[39m

package/dist/client.d.mts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { t as SSOPlugin } from "./index-BdGHTkZi.mjs";
+import { t as SSOPlugin } from "./index-D-JmJR9N.mjs";
 //#region src/client.d.ts
 interface SSOClientOptions {

package/dist/{index-BdGHTkZi.d.mts → index-D-JmJR9N.d.mts} RENAMED Viewed

@@ -743,7 +743,7 @@ declare const callbackSSO: (options?: SSOOptions) => better_call0.StrictEndpoint
   }, z.core.$strip>;
   allowedMediaTypes: string[];
   metadata: {
-    isAction: boolean;
+    isAction: false;
     openapi: {
       operationId: string;
       summary: string;
@@ -765,7 +765,8 @@ declare const callbackSSOSAML: (options?: SSOOptions) => better_call0.StrictEndp
     RelayState: z.ZodOptional<z.ZodString>;
   }, z.core.$strip>;
   metadata: {
-    isAction: boolean;
+    isAction: false;
+    allowedMediaTypes: string[];
     openapi: {
       operationId: string;
       summary: string;
@@ -796,7 +797,7 @@ declare const acsEndpoint: (options?: SSOOptions) => better_call0.StrictEndpoint
     RelayState: z.ZodOptional<z.ZodString>;
   }, z.core.$strip>;
   metadata: {
-    isAction: boolean;
+    isAction: false;
     allowedMediaTypes: string[];
     openapi: {
       operationId: string;

package/dist/index.d.mts CHANGED Viewed

@@ -1,2 +1,2 @@
-import { a as SSOOptions, i as SAMLConfig, n as sso, o as SSOProvider, r as OIDCConfig, t as SSOPlugin } from "./index-BdGHTkZi.mjs";
+import { a as SSOOptions, i as SAMLConfig, n as sso, o as SSOProvider, r as OIDCConfig, t as SSOPlugin } from "./index-D-JmJR9N.mjs";
 export { OIDCConfig, SAMLConfig, SSOOptions, SSOPlugin, SSOProvider, sso };

package/dist/index.mjs CHANGED Viewed

@@ -751,8 +751,18 @@ const signInSSO = (options) => {
 		if (provider.samlConfig) {
 			const parsedSamlConfig = typeof provider.samlConfig === "object" ? provider.samlConfig : safeJsonParse(provider.samlConfig);
 			if (!parsedSamlConfig) throw new APIError("BAD_REQUEST", { message: "Invalid SAML configuration" });
+			let metadata = parsedSamlConfig.spMetadata.metadata;
+			if (!metadata) metadata = saml.SPMetadata({
+				entityID: parsedSamlConfig.spMetadata?.entityID || parsedSamlConfig.issuer,
+				assertionConsumerService: [{
+					Binding: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
+					Location: parsedSamlConfig.callbackUrl || `${ctx.context.baseURL}/sso/saml2/sp/acs/${provider.providerId}`
+				}],
+				wantMessageSigned: parsedSamlConfig.wantAssertionsSigned || false,
+				nameIDFormat: parsedSamlConfig.identifierFormat ? [parsedSamlConfig.identifierFormat] : void 0
+			}).getMetadata() || "";
 			const sp = saml.ServiceProvider({
-				metadata: parsedSamlConfig.spMetadata.metadata,
+				metadata,
 				allowCreate: true
 			});
 			const idp = saml.IdentityProvider({
@@ -965,6 +975,7 @@ const callbackSSOSAML = (options) => {
 		}),
 		metadata: {
 			isAction: false,
+			allowedMediaTypes: ["application/x-www-form-urlencoded", "application/json"],
 			openapi: {
 				operationId: "handleSAMLCallback",
 				summary: "Callback URL for SAML provider",

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@better-auth/sso",
   "author": "Bereket Engida",
-  "version": "1.4.0-beta.24",
+  "version": "1.4.0-beta.27",
   "type": "module",
   "main": "dist/index.mjs",
   "homepage": "https://www.better-auth.com/docs/plugins/sso",
@@ -60,15 +60,15 @@
   "devDependencies": {
     "@types/body-parser": "^1.19.6",
     "@types/express": "^5.0.5",
-    "better-call": "1.0.28",
+    "better-call": "1.1.0",
     "body-parser": "^2.2.0",
     "express": "^5.1.0",
     "oauth2-mock-server": "^7.2.1",
     "tsdown": "^0.16.0",
-    "better-auth": "1.4.0-beta.24"
+    "better-auth": "1.4.0-beta.27"
   },
   "peerDependencies": {
-    "better-auth": "1.4.0-beta.24"
+    "better-auth": "1.4.0-beta.27"
   },
   "scripts": {
     "test": "vitest",

package/src/routes/sso.ts CHANGED Viewed

@@ -1039,8 +1039,35 @@ export const signInSSO = (options?: SSOOptions) => {
 						message: "Invalid SAML configuration",
 					});
 				}
+				let metadata = parsedSamlConfig.spMetadata.metadata;
+				if (!metadata) {
+					metadata =
+						saml
+							.SPMetadata({
+								entityID:
+									parsedSamlConfig.spMetadata?.entityID ||
+									parsedSamlConfig.issuer,
+								assertionConsumerService: [
+									{
+										Binding: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
+										Location:
+											parsedSamlConfig.callbackUrl ||
+											`${ctx.context.baseURL}/sso/saml2/sp/acs/${provider.providerId}`,
+									},
+								],
+								wantMessageSigned:
+									parsedSamlConfig.wantAssertionsSigned || false,
+								nameIDFormat: parsedSamlConfig.identifierFormat
+									? [parsedSamlConfig.identifierFormat]
+									: undefined,
+							})
+							.getMetadata() || "";
+				}
 				const sp = saml.ServiceProvider({
-					metadata: parsedSamlConfig.spMetadata.metadata,
+					metadata: metadata,
 					allowCreate: true,
 				});
@@ -1452,6 +1479,10 @@ export const callbackSSOSAML = (options?: SSOOptions) => {
 			}),
 			metadata: {
 				isAction: false,
+				allowedMediaTypes: [
+					"application/x-www-form-urlencoded",
+					"application/json",
+				],
 				openapi: {
 					operationId: "handleSAMLCallback",
 					summary: "Callback URL for SAML provider",