@carlonicora/nextjs-jsonapi 1.24.3 → 1.25.0

package/dist/{chunk-5U4NJJOF.mjs → chunk-LNBT2YPZ.mjs}

@@ -4882,6 +4882,287 @@ var UserModule = /* @__PURE__ */ __name((factory) => factory({
   }
 }), "UserModule");
 
+// src/features/oauth/data/oauth.ts
+var OAuthClient = class extends AbstractApiData {
+  static {
+    __name(this, "OAuthClient");
+  }
+  _clientId;
+  _name;
+  _description;
+  _redirectUris = [];
+  _allowedScopes = [];
+  _allowedGrantTypes = [];
+  _isConfidential = true;
+  _isActive = true;
+  get clientId() {
+    return this._clientId ?? this.id;
+  }
+  get name() {
+    if (!this._name) throw new Error("Name is not defined");
+    return this._name;
+  }
+  get description() {
+    return this._description;
+  }
+  get redirectUris() {
+    return this._redirectUris;
+  }
+  get allowedScopes() {
+    return this._allowedScopes;
+  }
+  get allowedGrantTypes() {
+    return this._allowedGrantTypes;
+  }
+  get isConfidential() {
+    return this._isConfidential;
+  }
+  get isActive() {
+    return this._isActive;
+  }
+  rehydrate(data) {
+    super.rehydrate(data);
+    const attrs = data.jsonApi.attributes || {};
+    this._clientId = attrs.clientId ?? this._id;
+    this._name = attrs.name;
+    this._description = attrs.description;
+    this._redirectUris = attrs.redirectUris ?? [];
+    this._allowedScopes = attrs.allowedScopes ?? [];
+    this._allowedGrantTypes = attrs.allowedGrantTypes ?? [];
+    this._isConfidential = attrs.isConfidential ?? true;
+    this._isActive = attrs.isActive ?? true;
+    return this;
+  }
+  createJsonApi(data) {
+    const response = {
+      data: {
+        type: "oauth-clients",
+        attributes: {}
+      }
+    };
+    if (data.id) response.data.id = data.id;
+    if (data.name !== void 0) response.data.attributes.name = data.name;
+    if (data.description !== void 0) response.data.attributes.description = data.description;
+    if (data.redirectUris !== void 0) response.data.attributes.redirectUris = data.redirectUris;
+    if (data.allowedScopes !== void 0) response.data.attributes.allowedScopes = data.allowedScopes;
+    if (data.allowedGrantTypes !== void 0) response.data.attributes.allowedGrantTypes = data.allowedGrantTypes;
+    if (data.isConfidential !== void 0) response.data.attributes.isConfidential = data.isConfidential;
+    if (data.isActive !== void 0) response.data.attributes.isActive = data.isActive;
+    return response;
+  }
+};
+
+// src/features/oauth/oauth.module.ts
+var OAuthModule = /* @__PURE__ */ __name((factory) => factory({
+  pageUrl: "/oauth",
+  name: "oauth-clients",
+  model: OAuthClient
+}), "OAuthModule");
+
+// src/features/oauth/data/oauth.service.ts
+var OAuthService = class extends AbstractService {
+  static {
+    __name(this, "OAuthService");
+  }
+  // ==========================================
+  // CLIENT MANAGEMENT
+  // ==========================================
+  /**
+   * List all OAuth clients for the current user
+   */
+  static async listClients(params) {
+    return this.callApi({
+      type: Modules.OAuth,
+      method: "GET" /* GET */,
+      endpoint: new EndpointCreator({ endpoint: "oauth/clients" }).generate(),
+      next: params?.next
+    });
+  }
+  /**
+   * Get a single OAuth client by ID
+   */
+  static async getClient(params) {
+    return this.callApi({
+      type: Modules.OAuth,
+      method: "GET" /* GET */,
+      endpoint: new EndpointCreator({ endpoint: "oauth/clients", id: params.clientId }).generate()
+    });
+  }
+  /**
+   * Create a new OAuth client
+   * @returns The created client AND the client secret (shown only once!)
+   */
+  static async createClient(data) {
+    const result = await this.callApiWithMeta({
+      type: Modules.OAuth,
+      method: "POST" /* POST */,
+      endpoint: new EndpointCreator({ endpoint: "oauth/clients" }).generate(),
+      input: data
+    });
+    return {
+      client: result.data,
+      clientSecret: result.meta?.clientSecret
+    };
+  }
+  /**
+   * Update an existing OAuth client
+   */
+  static async updateClient(params) {
+    return this.callApi({
+      type: Modules.OAuth,
+      method: "PATCH" /* PATCH */,
+      endpoint: new EndpointCreator({ endpoint: "oauth/clients", id: params.clientId }).generate(),
+      input: { id: params.clientId, ...params.data }
+    });
+  }
+  /**
+   * Delete an OAuth client
+   */
+  static async deleteClient(params) {
+    await this.callApi({
+      type: Modules.OAuth,
+      method: "DELETE" /* DELETE */,
+      endpoint: new EndpointCreator({ endpoint: "oauth/clients", id: params.clientId }).generate()
+    });
+  }
+  /**
+   * Regenerate the client secret
+   * @returns The new client secret (shown only once!)
+   */
+  static async regenerateSecret(params) {
+    const result = await this.callApiWithMeta({
+      type: Modules.OAuth,
+      method: "POST" /* POST */,
+      endpoint: new EndpointCreator({
+        endpoint: "oauth/clients",
+        id: params.clientId,
+        childEndpoint: "regenerate-secret"
+      }).generate()
+    });
+    return {
+      clientSecret: result.meta?.clientSecret
+    };
+  }
+  // ==========================================
+  // CONSENT FLOW
+  // ==========================================
+  /**
+   * Get client information for the consent screen
+   * Called when user is redirected to /oauth/authorize
+   */
+  static async getAuthorizationInfo(params) {
+    const endpoint = new EndpointCreator({ endpoint: "oauth/authorize/info" });
+    endpoint.addAdditionalParam("client_id", params.clientId);
+    endpoint.addAdditionalParam("redirect_uri", params.redirectUri);
+    endpoint.addAdditionalParam("scope", params.scope);
+    if (params.state) endpoint.addAdditionalParam("state", params.state);
+    if (params.codeChallenge) endpoint.addAdditionalParam("code_challenge", params.codeChallenge);
+    if (params.codeChallengeMethod) endpoint.addAdditionalParam("code_challenge_method", params.codeChallengeMethod);
+    return this.callApi({
+      type: Modules.OAuth,
+      method: "GET" /* GET */,
+      endpoint: endpoint.generate()
+    });
+  }
+  /**
+   * Approve the authorization request
+   * @returns Redirect URL with authorization code
+   */
+  static async approveAuthorization(params) {
+    const result = await this.callApiWithMeta({
+      type: Modules.OAuth,
+      method: "POST" /* POST */,
+      endpoint: new EndpointCreator({ endpoint: "oauth/authorize/approve" }).generate(),
+      input: {
+        client_id: params.clientId,
+        redirect_uri: params.redirectUri,
+        scope: params.scope,
+        state: params.state,
+        code_challenge: params.codeChallenge,
+        code_challenge_method: params.codeChallengeMethod
+      },
+      overridesJsonApiCreation: true
+    });
+    return {
+      redirectUrl: result.meta?.redirectUrl
+    };
+  }
+  /**
+   * Deny the authorization request
+   * @returns Redirect URL with error=access_denied
+   */
+  static async denyAuthorization(params) {
+    const result = await this.callApiWithMeta({
+      type: Modules.OAuth,
+      method: "POST" /* POST */,
+      endpoint: new EndpointCreator({ endpoint: "oauth/authorize/deny" }).generate(),
+      input: {
+        client_id: params.clientId,
+        redirect_uri: params.redirectUri,
+        state: params.state
+      },
+      overridesJsonApiCreation: true
+    });
+    return {
+      redirectUrl: result.meta?.redirectUrl
+    };
+  }
+};
+
+// src/features/oauth/interfaces/oauth.interface.ts
+var OAUTH_SCOPE_DISPLAY = {
+  read: {
+    scope: "read",
+    name: "Read Access",
+    description: "Read access to your data",
+    icon: "eye"
+  },
+  write: {
+    scope: "write",
+    name: "Write Access",
+    description: "Write access to your data",
+    icon: "pencil"
+  },
+  "photographs:read": {
+    scope: "photographs:read",
+    name: "View Photographs",
+    description: "Access and download your photo library",
+    icon: "image"
+  },
+  "photographs:write": {
+    scope: "photographs:write",
+    name: "Upload Photographs",
+    description: "Add new photos to your rolls",
+    icon: "upload"
+  },
+  "rolls:read": {
+    scope: "rolls:read",
+    name: "View Rolls",
+    description: "See your film rolls and collections",
+    icon: "film"
+  },
+  "rolls:write": {
+    scope: "rolls:write",
+    name: "Manage Rolls",
+    description: "Create and modify film rolls",
+    icon: "folder-plus"
+  },
+  profile: {
+    scope: "profile",
+    name: "View Profile",
+    description: "Access your name and email",
+    icon: "user"
+  },
+  admin: {
+    scope: "admin",
+    name: "Administrative Access",
+    description: "Full administrative access to your account",
+    icon: "shield"
+  }
+};
+var AVAILABLE_OAUTH_SCOPES = Object.values(OAUTH_SCOPE_DISPLAY);
+var DEFAULT_GRANT_TYPES = ["authorization_code", "refresh_token"];
+
 export {
   RehydrationFactory,
   AbstractApiData,
@@ -4994,6 +5275,12 @@ export {
   UserFields,
   UserService,
   AuthorModule,
-  UserModule
+  UserModule,
+  OAuthClient,
+  OAuthModule,
+  OAuthService,
+  OAUTH_SCOPE_DISPLAY,
+  AVAILABLE_OAUTH_SCOPES,
+  DEFAULT_GRANT_TYPES
 };
-//# sourceMappingURL=chunk-5U4NJJOF.mjs.map
+//# sourceMappingURL=chunk-LNBT2YPZ.mjs.map