@checkstack/auth-common 0.5.6 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +18 -0
- package/package.json +8 -5
- package/src/rpc-contract.ts +29 -4
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,23 @@
|
|
|
1
1
|
# @checkstack/auth-common
|
|
2
2
|
|
|
3
|
+
## 0.6.0
|
|
4
|
+
|
|
5
|
+
### Minor Changes
|
|
6
|
+
|
|
7
|
+
- c0c0ed2: Introduce generic "Login Flows" to allow authentication strategies to define their own interaction patterns (form, redirect, or oauth) during registration. This fixes an issue where LDAP login attempts were incorrectly routed through the standard social login flow by instead providing a dedicated credential collection form for LDAP.
|
|
8
|
+
|
|
9
|
+
### Patch Changes
|
|
10
|
+
|
|
11
|
+
- c0c0ed2: Refactor manual session creation to use a secure, bridged oRPC endpoint. This ensures that custom authentication strategies (LDAP, SAML) leverage Better-Auth's native session establishment utilities, including cryptographic signing and reliable cookie attribute management.
|
|
12
|
+
|
|
13
|
+
## 0.5.7
|
|
14
|
+
|
|
15
|
+
### Patch Changes
|
|
16
|
+
|
|
17
|
+
- 67158e2: Standardize package metadata, unify AJV versions to 8.18.0, and enforce monorepo architecture rules via updated ESLint configuration. This ensures consistent package discovery and runtime dependency safety across the platform.
|
|
18
|
+
- Updated dependencies [67158e2]
|
|
19
|
+
- @checkstack/common@0.6.4
|
|
20
|
+
|
|
3
21
|
## 0.5.6
|
|
4
22
|
|
|
5
23
|
### Patch Changes
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@checkstack/auth-common",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.6.0",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"exports": {
|
|
6
6
|
".": {
|
|
@@ -9,18 +9,21 @@
|
|
|
9
9
|
}
|
|
10
10
|
},
|
|
11
11
|
"dependencies": {
|
|
12
|
-
"@checkstack/common": "0.6.
|
|
13
|
-
"@orpc/contract": "^1.13.
|
|
12
|
+
"@checkstack/common": "0.6.4",
|
|
13
|
+
"@orpc/contract": "^1.13.14",
|
|
14
14
|
"zod": "^4.0.0"
|
|
15
15
|
},
|
|
16
16
|
"devDependencies": {
|
|
17
|
-
"@checkstack/tsconfig": "0.0.
|
|
17
|
+
"@checkstack/tsconfig": "0.0.4",
|
|
18
18
|
"typescript": "^5.7.2",
|
|
19
|
-
"@checkstack/scripts": "0.1.
|
|
19
|
+
"@checkstack/scripts": "0.1.2"
|
|
20
20
|
},
|
|
21
21
|
"scripts": {
|
|
22
22
|
"typecheck": "tsc --noEmit",
|
|
23
23
|
"lint": "bun run lint:code",
|
|
24
24
|
"lint:code": "eslint . --max-warnings 0"
|
|
25
|
+
},
|
|
26
|
+
"checkstack": {
|
|
27
|
+
"type": "common"
|
|
25
28
|
}
|
|
26
29
|
}
|
package/src/rpc-contract.ts
CHANGED
|
@@ -45,9 +45,28 @@ const EnabledStrategyDtoSchema = z.object({
|
|
|
45
45
|
id: z.string(),
|
|
46
46
|
displayName: z.string(),
|
|
47
47
|
description: z.string().optional(),
|
|
48
|
-
type: z.enum(["credential", "social"]),
|
|
48
|
+
type: z.enum(["credential", "social", "ldap", "saml"]), // Kept for backward compatibility, but we should use clientFlow
|
|
49
49
|
icon: lucideIconSchema.optional(),
|
|
50
50
|
requiresManualRegistration: z.boolean(),
|
|
51
|
+
clientFlow: z
|
|
52
|
+
.discriminatedUnion("type", [
|
|
53
|
+
z.object({ type: z.literal("oauth") }),
|
|
54
|
+
z.object({ type: z.literal("redirect"), target: z.string() }),
|
|
55
|
+
z.object({
|
|
56
|
+
type: z.literal("form"),
|
|
57
|
+
target: z.string(),
|
|
58
|
+
fields: z.array(
|
|
59
|
+
z.object({
|
|
60
|
+
name: z.string(),
|
|
61
|
+
label: z.string(),
|
|
62
|
+
type: z.enum(["text", "password"]),
|
|
63
|
+
placeholder: z.string().optional(),
|
|
64
|
+
}),
|
|
65
|
+
),
|
|
66
|
+
}),
|
|
67
|
+
z.object({ type: z.literal("credential") }),
|
|
68
|
+
])
|
|
69
|
+
.optional(),
|
|
51
70
|
});
|
|
52
71
|
|
|
53
72
|
const RegistrationStatusSchema = z.object({
|
|
@@ -81,8 +100,8 @@ const UpsertExternalUserOutputSchema = z.object({
|
|
|
81
100
|
|
|
82
101
|
const CreateSessionInputSchema = z.object({
|
|
83
102
|
userId: z.string(),
|
|
84
|
-
|
|
85
|
-
|
|
103
|
+
ipAddress: z.string().optional().nullable(),
|
|
104
|
+
userAgent: z.string().optional().nullable(),
|
|
86
105
|
});
|
|
87
106
|
|
|
88
107
|
const CreateCredentialUserInputSchema = z.object({
|
|
@@ -337,7 +356,7 @@ export const authContract = {
|
|
|
337
356
|
access: [],
|
|
338
357
|
})
|
|
339
358
|
.input(CreateSessionInputSchema)
|
|
340
|
-
.output(z.object({ sessionId: z.string() })),
|
|
359
|
+
.output(z.object({ sessionId: z.string(), setCookie: z.string() })),
|
|
341
360
|
|
|
342
361
|
getUserById: proc({
|
|
343
362
|
operationType: "query",
|
|
@@ -669,6 +688,12 @@ export const authContract = {
|
|
|
669
688
|
})
|
|
670
689
|
.input(z.object({ resourceType: z.string(), resourceId: z.string() }))
|
|
671
690
|
.output(z.void()),
|
|
691
|
+
|
|
692
|
+
getOwnStrategyConfig: proc({
|
|
693
|
+
operationType: "query",
|
|
694
|
+
userType: "service",
|
|
695
|
+
access: [],
|
|
696
|
+
}).output(z.object({ config: z.record(z.string(), z.unknown()) })),
|
|
672
697
|
};
|
|
673
698
|
|
|
674
699
|
// Export contract type
|