npm - @better-auth/sso - Versions diffs - 1.5.0-beta.18 → 1.5.0-beta.19 - Mend

@better-auth/sso 1.5.0-beta.18 → 1.5.0-beta.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (38) hide show

package/README.md +17 -0
package/package.json +22 -19
package/.turbo/turbo-build.log +0 -20
package/src/client.ts +0 -29
package/src/constants.ts +0 -79
package/src/domain-verification.test.ts +0 -592
package/src/index.ts +0 -306
package/src/linking/index.ts +0 -2
package/src/linking/org-assignment.test.ts +0 -325
package/src/linking/org-assignment.ts +0 -176
package/src/linking/types.ts +0 -10
package/src/oidc/discovery.test.ts +0 -1152
package/src/oidc/discovery.ts +0 -494
package/src/oidc/errors.ts +0 -92
package/src/oidc/index.ts +0 -31
package/src/oidc/types.ts +0 -219
package/src/oidc.test.ts +0 -987
package/src/providers.test.ts +0 -1320
package/src/routes/domain-verification.ts +0 -297
package/src/routes/helpers.ts +0 -126
package/src/routes/providers.ts +0 -567
package/src/routes/schemas.ts +0 -96
package/src/routes/sso.ts +0 -3361
package/src/saml/algorithms.test.ts +0 -441
package/src/saml/algorithms.ts +0 -338
package/src/saml/assertions.test.ts +0 -239
package/src/saml/assertions.ts +0 -62
package/src/saml/error-codes.ts +0 -11
package/src/saml/index.ts +0 -13
package/src/saml/parser.ts +0 -56
package/src/saml-state.ts +0 -78
package/src/saml.test.ts +0 -5140
package/src/types.ts +0 -416
package/src/utils.test.ts +0 -106
package/src/utils.ts +0 -81
package/tsconfig.json +0 -14
package/tsdown.config.ts +0 -8
package/vitest.config.ts +0 -8

package/README.md ADDED Viewed

@@ -0,0 +1,17 @@
+# Better Auth SSO Plugin
+Single Sign-On plugin for [Better Auth](https://www.better-auth.com) — add SAML and OIDC enterprise SSO to your application.
+## Installation
+```bash
+npm install @better-auth/sso
+```
+## Documentation
+For full documentation, visit [better-auth.com/docs/plugins/sso](https://www.better-auth.com/docs/plugins/sso).
+## License
+MIT

package/package.json CHANGED Viewed

@@ -1,34 +1,37 @@
 {
   "name": "@better-auth/sso",
-  "author": "Bereket Engida",
-  "version": "1.5.0-beta.18",
+  "version": "1.5.0-beta.19",
+  "description": "SSO plugin for Better Auth",
   "type": "module",
-  "main": "dist/index.mjs",
-  "types": "dist/index.d.mts",
+  "license": "MIT",
   "homepage": "https://www.better-auth.com/docs/plugins/sso",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/better-auth/better-auth.git",
     "directory": "packages/sso"
   },
-  "license": "MIT",
+  "author": "Bereket Engida",
   "keywords": [
     "sso",
     "auth",
-    "sso",
     "saml",
     "oauth",
     "oidc",
     "openid",
     "openid connect",
-    "openid connect",
-    "single sign on"
+    "single sign on",
+    "typescript",
+    "better-auth"
   ],
   "publishConfig": {
     "access": "public"
   },
-  "module": "dist/index.mjs",
-  "description": "SSO plugin for Better Auth",
+  "files": [
+    "dist"
+  ],
+  "main": "./dist/index.mjs",
+  "module": "./dist/index.mjs",
+  "types": "./dist/index.d.mts",
   "exports": {
     ".": {
       "dev-source": "./src/index.ts",
@@ -67,22 +70,22 @@
     "express": "^5.2.1",
     "oauth2-mock-server": "^8.2.1",
     "tsdown": "^0.20.3",
-    "@better-auth/core": "1.5.0-beta.18",
-    "better-auth": "1.5.0-beta.18"
+    "@better-auth/core": "1.5.0-beta.19",
+    "better-auth": "1.5.0-beta.19"
   },
   "peerDependencies": {
     "@better-auth/utils": "0.3.1",
     "better-call": "1.3.2",
-    "@better-auth/core": "1.5.0-beta.18",
-    "better-auth": "1.5.0-beta.18"
+    "@better-auth/core": "1.5.0-beta.19",
+    "better-auth": "1.5.0-beta.19"
   },
   "scripts": {
-    "test": "vitest",
-    "coverage": "vitest run --coverage --coverage.provider=istanbul",
-    "lint:package": "publint run --strict",
-    "lint:types": "attw --profile esm-only --pack .",
     "build": "tsdown",
     "dev": "tsdown --watch",
-    "typecheck": "tsc --project tsconfig.json"
+    "lint:package": "publint run --strict",
+    "lint:types": "attw --profile esm-only --pack .",
+    "typecheck": "tsc --project tsconfig.json",
+    "test": "vitest",
+    "coverage": "vitest run --coverage --coverage.provider=istanbul"
   }
 }

package/.turbo/turbo-build.log DELETED Viewed

@@ -1,20 +0,0 @@
-> @better-auth/sso@1.5.0-beta.18 build /home/runner/work/better-auth/better-auth/packages/sso
-> tsdown
-[34mℹ[39m tsdown [2mv0.20.3[22m powered by rolldown [2mv1.0.0-rc.3[22m
-[34mℹ[39m config file: [4m/home/runner/work/better-auth/better-auth/packages/sso/tsdown.config.ts[24m
-[34mℹ[39m entry: [34msrc/index.ts, src/client.ts[39m
-[34mℹ[39m tsconfig: [34mtsconfig.json[39m
-[34mℹ[39m Build start
-[34mℹ[39m [2mdist/[22m[1mindex.mjs[22m             [2m139.98 kB[22m [2m│ gzip: 27.81 kB[22m
-[34mℹ[39m [2mdist/[22m[1mclient.mjs[22m            [2m  0.27 kB[22m [2m│ gzip:  0.21 kB[22m
-[34mℹ[39m [2mdist/[22mindex.mjs.map         [2m280.84 kB[22m [2m│ gzip: 53.93 kB[22m
-[34mℹ[39m [2mdist/[22mclient.mjs.map        [2m  0.93 kB[22m [2m│ gzip:  0.50 kB[22m
-[34mℹ[39m [2mdist/[22m[32m[1mindex.d.mts[22m[39m           [2m  3.79 kB[22m [2m│ gzip:  1.20 kB[22m
-[34mℹ[39m [2mdist/[22m[32m[1mclient.d.mts[22m[39m          [2m  0.63 kB[22m [2m│ gzip:  0.36 kB[22m
-[34mℹ[39m [2mdist/[22m[32mindex-CbKvQr9M.d.mts[39m  [2m 58.40 kB[22m [2m│ gzip: 10.28 kB[22m
-[34mℹ[39m 7 files, total: 484.83 kB
-[33m[PLUGIN_TIMINGS] Warning:[0m Your build spent significant time in plugin `rolldown-plugin-dts:generate`. See https://rolldown.rs/options/checks#plugintimings for more details.
-[32m✔[39m Build complete in [32m34748ms[39m

package/src/client.ts DELETED Viewed

@@ -1,29 +0,0 @@
-import type { BetterAuthClientPlugin } from "better-auth/client";
-import type { SSOPlugin } from "./index";
-interface SSOClientOptions {
-	domainVerification?:
-		| {
-				enabled: boolean;
-		  }
-		| undefined;
-}
-export const ssoClient = <CO extends SSOClientOptions>(
-	options?: CO | undefined,
-) => {
-	return {
-		id: "sso-client",
-		$InferServerPlugin: {} as SSOPlugin<{
-			domainVerification: {
-				enabled: CO["domainVerification"] extends { enabled: true }
-					? true
-					: false;
-			};
-		}>,
-		pathMethods: {
-			"/sso/providers": "GET",
-			"/sso/get-provider": "GET",
-		},
-	} satisfies BetterAuthClientPlugin;
-};

package/src/constants.ts DELETED Viewed

@@ -1,79 +0,0 @@
-/**
- * SAML Constants
- *
- * Centralized constants for SAML SSO functionality.
- */
-// ============================================================================
-// Key Prefixes (for verification table storage)
-// ============================================================================
-/** Prefix for AuthnRequest IDs used in InResponseTo validation */
-export const AUTHN_REQUEST_KEY_PREFIX = "saml-authn-request:";
-/** Prefix for used Assertion IDs used in replay protection */
-export const USED_ASSERTION_KEY_PREFIX = "saml-used-assertion:";
-/** Prefix for SAML session data (NameID + SessionIndex) for SLO */
-export const SAML_SESSION_KEY_PREFIX = "saml-session:";
-/** Prefix for reverse lookup of SAML session by Better Auth session ID */
-export const SAML_SESSION_BY_ID_PREFIX = "saml-session-by-id:";
-/** Prefix for LogoutRequest IDs used in SP-initiated SLO validation */
-export const LOGOUT_REQUEST_KEY_PREFIX = "saml-logout-request:";
-// ============================================================================
-// Time-To-Live (TTL) Defaults
-// ============================================================================
-/**
- * Default TTL for AuthnRequest records (5 minutes).
- * This should be sufficient for most IdPs while protecting against stale requests.
- */
-export const DEFAULT_AUTHN_REQUEST_TTL_MS = 5 * 60 * 1000;
-/**
- * Default TTL for used assertion records (15 minutes).
- * This should match the maximum expected NotOnOrAfter window plus clock skew.
- */
-export const DEFAULT_ASSERTION_TTL_MS = 15 * 60 * 1000;
-/**
- * Default TTL for LogoutRequest records (5 minutes).
- * Should be sufficient for IdP to process and respond.
- */
-export const DEFAULT_LOGOUT_REQUEST_TTL_MS = 5 * 60 * 1000;
-/**
- * Default clock skew tolerance (5 minutes).
- * Allows for minor time differences between IdP and SP servers.
- *
- * Accommodates:
- * - Network latency and processing time
- * - Clock synchronization differences (NTP drift)
- * - Distributed systems across timezones
- */
-export const DEFAULT_CLOCK_SKEW_MS = 5 * 60 * 1000;
-// ============================================================================
-// Size Limits (DoS Protection)
-// ============================================================================
-/**
- * Default maximum size for SAML responses (256 KB).
- * Protects against memory exhaustion from oversized SAML payloads.
- */
-export const DEFAULT_MAX_SAML_RESPONSE_SIZE = 256 * 1024;
-/**
- * Default maximum size for IdP metadata (100 KB).
- * Protects against oversized metadata documents.
- */
-export const DEFAULT_MAX_SAML_METADATA_SIZE = 100 * 1024;
-// ============================================================================
-// SAML Status Codes
-// ============================================================================
-export const SAML_STATUS_SUCCESS = "urn:oasis:names:tc:SAML:2.0:status:Success";