@cloudbase/auth 1.7.2-alpha.0 → 2.0.0-alpha.2

package/src/index.ts

@@ -1,81 +1,79 @@
 import { ICloudbase } from '@cloudbase/types';
-import { events, adapters, utils, constants, helpers } from '@cloudbase/utilities';
+import { utils, constants, helpers, events } from '@cloudbase/utilities';
 import { ICloudbaseCache } from '@cloudbase/types/cache';
 import { ICloudbaseRequest } from '@cloudbase/types/request';
-import { ICloudbaseAuthConfig, ICredential, IUser, IUserInfo, IAuthProvider, ILoginState } from '@cloudbase/types/auth';
+import { ICloudbaseAuthConfig, IUser, IUserInfo, ILoginState } from '@cloudbase/types/auth';
 import { ICloudbaseComponent } from '@cloudbase/types/component';
 
-import { LOGINTYPE, OAUTH2_LOGINTYPE_PREFIX } from './constants';
-
-import { AuthProvider } from './providers/base';
-
-import { OAuth2AuthProvider, IOAuth2AuthProviderOptions } from './providers/oauth2AuthProvider';
-
-import { AnonymousAuthProvider } from './providers/anonymousAuthProvider';
-import { CustomAuthProvider } from './providers/customAuthProvider';
-import { EmailAuthProvider } from './providers/emailAuthProvider';
-import { PhoneAuthProvider, SIGN_METHOD } from './providers/phoneAuthProvider'
-import { UsernameAuthProvider } from './providers/usernameAuthProvider';
-import { WeixinAuthProvider } from './providers/weixinAuthProvider';
+import { authModels, CloudbaseOAuth } from '@cloudbase/oauth'
 
 declare const cloudbase: ICloudbase;
 
-const { CloudbaseEventEmitter } = events;
-const { RUNTIME } = adapters;
-const { printWarn, throwError, transformPhone } = utils;
+const { printWarn, throwError } = utils;
 const { ERRORS, COMMUNITY_SITE_URL } = constants;
 const { catchErrorsDecorator } = helpers;
+const { CloudbaseEventEmitter } = events;
 
 const COMPONENT_NAME = 'auth';
 
+const EVENTS = {
+  // 登录态改变后触发
+  LOGIN_STATE_CHANGED: 'loginStateChanged',
+};
+
 interface UserInfo {
-  openid: string;
-  nickname?: string;
-  sex?: number;
-  province?: string;
-  city?: string;
-  country?: string;
-  headimgurl?: string;
-  privilege?: [string];
-  unionid?: string;
+  uid?: string;
+  gender?: string;
+  avatarUrl?: string;
+  picture?: string;
+  email?: string;
+  email_verified?: boolean;
+  phone_number?: string;
+  username?: string;
+  name?: string;
+  birthdate?: string;
+  zoneinfo?: string;
+  locale?: string;
+  sub?: string;
+  created_from?: string;
 }
 
 const eventBus = new CloudbaseEventEmitter();
 
 interface IUserOptions {
   cache: ICloudbaseCache;
-  request: ICloudbaseRequest;
+  // request: ICloudbaseRequest;
+  oauthInstance: CloudbaseOAuth
 }
 
 class User implements IUser {
-  public uid: string;
-  public loginType: string;
-  public openid: string;
-  public wxOpenId: string;
-  public wxPublicId: string;
-  public unionId: string;
-  public qqMiniOpenId: string;
-  public customUserId: string;
-  public nickName: string;
-  public gender: string;
-  public avatarUrl: string;
-  public email: string;
-  public hasPassword: boolean;
-  public phone?: string;
+  public uid?: string;
+  public gender?: string;
+  public avatarUrl?: string;
+  public picture?: string;
+  public email?: string;
+  public email_verified?: boolean;
+  public phone_number?: string;
   public username?: string;
-  public location?: {
-    country?: string;
-    province?: string;
-    city?: string;
-  };
+  public name?: string;
+  public providers?: {
+    id?: string;
+    provider_user_id?: string;
+    name?: string;
+  }[]
+  public birthdate?: string;
+  public zoneinfo?: string;
+  public locale?: string;
+  public sub?: string;
+  public created_from?: string;
 
   private _cache: ICloudbaseCache;
-  private _request: ICloudbaseRequest;
+  private _oauthInstance: CloudbaseOAuth // CloudbaseOAuth 类型
 
   constructor(options: IUserOptions) {
-    const { cache, request } = options;
+    const { cache, oauthInstance } = options;
     this._cache = cache;
-    this._request = request;
+    this._oauthInstance = oauthInstance
 
     this._setUserInfo();
   }
@@ -83,149 +81,44 @@ class User implements IUser {
    * 获取本地用户信息-同步
    */
   public async checkLocalInfo() {
-    this.uid = this._getLocalUserInfo('uid');
-    this.loginType = this._getLocalUserInfo('loginType');
-    this.openid = this._getLocalUserInfo('wxOpenId');
-    this.wxOpenId = this._getLocalUserInfo('wxOpenId');
-    this.wxPublicId = this._getLocalUserInfo('wxPublicId');
-    this.unionId = this._getLocalUserInfo('wxUnionId');
-    this.qqMiniOpenId = this._getLocalUserInfo('qqMiniOpenId');
-    this.customUserId = this._getLocalUserInfo('customUserId');
-    this.nickName = this._getLocalUserInfo('nickName');
-    this.gender = this._getLocalUserInfo('gender');
-    this.avatarUrl = this._getLocalUserInfo('avatarUrl');
-    this.email = this._getLocalUserInfo('email');
-    this.hasPassword = Boolean(this._getLocalUserInfo('hasPassword'));
-    this.phone = this._getLocalUserInfo('phone')
-    this.username = this._getLocalUserInfo('username')
-    this.location = {
-      country: this._getLocalUserInfo('country'),
-      province: this._getLocalUserInfo('province'),
-      city: this._getLocalUserInfo('city')
-    };
+    this.uid = this._getLocalUserInfo('uid') as string;
+    this.gender = this._getLocalUserInfo('gender') as string;
+    this.picture = this._getLocalUserInfo('picture') as string;
+    this.avatarUrl = this._getLocalUserInfo('avatarUrl') as string;
+    this.email = this._getLocalUserInfo('email') as string;
+    this.email_verified = this._getLocalUserInfo('email_verified') as boolean;
+    this.phone_number = this._getLocalUserInfo('phone_number') as string
+    this.username = this._getLocalUserInfo('username') as string
+    this.name = this._getLocalUserInfo('name') as string
+    this.birthdate = this._getLocalUserInfo('birthdate') as string
+    this.zoneinfo = this._getLocalUserInfo('zoneinfo') as string
+    this.locale = this._getLocalUserInfo('locale') as string
+    this.sub = this._getLocalUserInfo('sub') as string
+    this.created_from = this._getLocalUserInfo('created_from') as string
+    this.providers = this._getLocalUserInfo('providers') as any
   }
   /**
    * 获取本地用户信息-异步
    */
   public async checkLocalInfoAsync() {
     this.uid = await this._getLocalUserInfoAsync('uid');
-    this.loginType = await this._getLocalUserInfoAsync('loginType');
-    this.openid = await this._getLocalUserInfoAsync('wxOpenId');
-    this.wxOpenId = await this._getLocalUserInfoAsync('wxOpenId');
-    this.wxPublicId = await this._getLocalUserInfoAsync('wxPublicId');
-    this.unionId = await this._getLocalUserInfoAsync('wxUnionId');
-    this.qqMiniOpenId = await this._getLocalUserInfoAsync('qqMiniOpenId');
-    this.customUserId = await this._getLocalUserInfoAsync('customUserId');
-    this.nickName = await this._getLocalUserInfoAsync('nickName');
     this.gender = await this._getLocalUserInfoAsync('gender');
+    this.picture = this._getLocalUserInfo('picture') as string;
     this.avatarUrl = await this._getLocalUserInfoAsync('avatarUrl');
     this.email = await this._getLocalUserInfoAsync('email');
-    this.hasPassword = Boolean(await this._getLocalUserInfoAsync('hasPassword'));
-    this.phone = await this._getLocalUserInfoAsync('phone')
+    this.email_verified = this._getLocalUserInfo('email_verified') as boolean;
+    this.phone_number = this._getLocalUserInfo('phone_number') as string
     this.username = await this._getLocalUserInfoAsync('username')
-    this.location = {
-      country: await this._getLocalUserInfoAsync('country'),
-      province: await this._getLocalUserInfoAsync('province'),
-      city: await this._getLocalUserInfoAsync('city')
-    };
+    this.name = this._getLocalUserInfo('name') as string
+    this.birthdate = this._getLocalUserInfo('birthdate') as string
+    this.zoneinfo = this._getLocalUserInfo('zoneinfo') as string
+    this.locale = this._getLocalUserInfo('locale') as string
+    this.sub = this._getLocalUserInfo('sub') as string
+    this.created_from = this._getLocalUserInfo('created_from') as string
+    this.providers = this._getLocalUserInfo('providers') as any
   }
 
-  /**
-   * 将当前账户与自定义登录 Ticket 进行绑定，绑定之后便可以通过自定义登录登录当前云开发账户。
-   * @param {string} ticket 自定义登录ticket
-   */
-  @catchErrorsDecorator({
-    title: '绑定自定义登录失败',
-    messages: [
-      '请确认以下各项：',
-      '  1 - 调用 User.linkWithTicket() 的语法或参数是否正确',
-      '  2 - 此账户是否已经绑定自定义登录',
-      '  3 - ticket 参数是否归属当前环境',
-      '  4 - 创建 ticket 的自定义登录私钥是否过期',
-      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
-    ]
-  })
-  public linkWithTicket(ticket: string): Promise<void> {
-    if (typeof ticket !== 'string') {
-      throw new Error('ticket must be string');
-    }
-    return this._request.send('auth.linkWithTicket', { ticket });
-  }
-  /**
-   * 将当前账户与第三方鉴权提供方，以重定向的形式，进行绑定，绑定之后便可以通过第三方鉴权提供方登录当前的云开发账户。
-   * @param provider 特定登录方式的provider，必须具备signInWithRedirect方法
-   */
-  @catchErrorsDecorator({
-    title: '绑定第三方登录方式失败',
-    messages: [
-      '请确认以下各项：',
-      '  1 - 调用 User.linkWithRedirect() 的语法或参数是否正确',
-      '  2 - 此账户是否已经绑定此第三方',
-      '  3 - 此第三方是否已经授权',
-      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
-    ]
-  })
-  public linkWithRedirect(provider: IAuthProvider): void {
-    provider.signInWithRedirect();
-  }
-  /**
-   * 获取当前账户的微信 UnionID 绑定的云开发账户列表。如果当前账户不存在 UnionID，会返回错误。
-   */
-  @catchErrorsDecorator({
-    title: '获取账户列表失败',
-    messages: [
-      '请确认以下各项：',
-      '  1 - 调用 User.getLinkedUidList() 的语法或参数是否正确',
-      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
-    ]
-  })
-  public async getLinkedUidList() {
-    const { data } = await this._request.send('auth.getLinkedUidList', {});
-    let hasPrimaryUid = false;
-    const users = data.users as IUserInfo[];
-    for (const user of users) {
-      if (user.wxOpenId && user.wxPublicId) {
-        hasPrimaryUid = true;
-        break;
-      }
-    }
-    return {
-      users,
-      hasPrimaryUid
-    };
-  }
-  /**
-   * 设置微信主账号，通常搭配和 User.getLinkedUidList() 使用，用于在同个微信 UnionID 对应的多个云开发账号中，设置其中一个为主账号
-   * 设置之后，通过 UnionID 登录便会登录至主账号之上。
-   * @param uid
-   */
-  @catchErrorsDecorator({
-    title: '设置微信主账号失败',
-    messages: [
-      '请确认以下各项：',
-      '  1 - 调用 User.setPrimaryUid() 的语法或参数是否正确',
-      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
-    ]
-  })
-  public setPrimaryUid(uid: string) {
-    return this._request.send('auth.setPrimaryUid', { uid });
-  }
-  /**
-   * 解绑某个登录方式
-   * @param loginType
-   */
-  @catchErrorsDecorator({
-    title: '接触绑定失败',
-    messages: [
-      '请确认以下各项：',
-      '  1 - 调用 User.unlink() 的语法或参数是否正确',
-      '  2 - 当前账户是否已经与此登录方式解绑',
-      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
-    ]
-  })
-  public unlink(loginType: 'CUSTOM' | 'WECHAT-OPEN' | 'WECHAT-PUBLIC' | 'WECHAT-UNION' | 'PHONE') {
-    return this._request.send('auth.unlink', { platform: loginType });
-  }
+
   /**
    * 更新用户信息
    * @param userInfo
@@ -239,9 +132,10 @@ class User implements IUser {
       `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
     ]
   })
-  public async update(userInfo: IUserInfo): Promise<void> {
-    const { nickName, gender, avatarUrl, province, country, city } = userInfo;
-    const { data: newUserInfo } = await this._request.send('auth.updateUserInfo', { nickName, gender, avatarUrl, province, country, city });
+  public async update(userInfo: authModels.UserProfile): Promise<void> {
+    // const { name, gender, avatarUrl, province, country, city } = userInfo;
+    const newUserInfo = await this._oauthInstance.authApi.setUserProfile({ ...userInfo })
+
     this._setLocalUserInfo(newUserInfo);
   }
   /**
@@ -259,30 +153,12 @@ class User implements IUser {
     ]
   })
   public updatePassword(newPassword: string, oldPassword: string) {
-    return this._request.send('auth.updatePassword', {
-      oldPassword,
-      newPassword
-    });
-  }
-  /**
-   * 更新邮箱地址
-   * @param newEmail
-   */
-  @catchErrorsDecorator({
-    title: '更新邮箱地址失败',
-    messages: [
-      '请确认以下各项：',
-      '  1 - 调用 User.updateEmail() 的语法或参数是否正确',
-      '  2 - 当前环境是否开通了邮箱密码登录',
-      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
-    ]
-  })
-  public updateEmail(newEmail: string, password?: string) {
-    return this._request.send('auth.updateEmail', {
-      newEmail,
-      password
-    });
+    return this._oauthInstance.authApi.updatePasswordByOld({
+      old_password: oldPassword,
+      new_password: newPassword
+    })
   }
+
   /**
    * 更新用户名
    * @param username
@@ -301,10 +177,11 @@ class User implements IUser {
       throwError(ERRORS.INVALID_PARAMS, 'username must be a string');
     }
 
-    return this._request.send('auth.updateUsername', {
+    return this.update({
       username
-    });
+    })
   }
+
   /**
    * 刷新本地用户信息。当用户在其他客户端更新用户信息之后，可以调用此接口同步更新之后的信息。
    */
@@ -317,54 +194,12 @@ class User implements IUser {
     ]
   })
   public async refresh(): Promise<IUserInfo> {
-    const action = 'auth.getUserInfo';
-    const { data: userInfo } = await this._request.send(action, {});
-    this._setLocalUserInfo(userInfo);
-    return userInfo;
-  }
-
-  /**
- * 绑定手机号
- * @param phoneNumber
- * @param phoneCode
- */
-  @catchErrorsDecorator({
-    title: '绑定手机号失败',
-    messages: [
-      '请确认以下各项：',
-      '  1 - 调用 auth().linkWithPhoneNumber() 的语法或参数是否正确',
-      '  2 - 当前环境是否开通了短信验证码登录',
-      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
-    ]
-  })
-  public async linkWithPhoneNumber(phoneNumber: string, phoneCode: string) {
-    return this._request.send('auth.linkOrUpdatePhoneNumber', {
-      phoneNumber: transformPhone(phoneNumber),
-      phoneCode
-    });
-  }
-  /**
-   * 更新手机号
-   * @param phoneNumber
-   * @param phoneCode
-   */
-  @catchErrorsDecorator({
-    title: '更新手机号失败',
-    messages: [
-      '请确认以下各项：',
-      '  1 - 调用语法或参数是否正确',
-      '  2 - 当前环境是否开通了短信验证码登录',
-      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
-    ]
-  })
-  public async updatePhoneNumber(phoneNumber: string, phoneCode: string) {
-    return this._request.send('auth.linkOrUpdatePhoneNumber', {
-      phoneNumber: transformPhone(phoneNumber),
-      phoneCode
-    });
+    const newUserInfo = await this._oauthInstance.authApi.getUserInfo()
+    this._setLocalUserInfo(newUserInfo);
+    return newUserInfo;
   }
 
-  private _getLocalUserInfo(key: string): string {
+  private _getLocalUserInfo(key: string): string | boolean {
     const { userInfoKey } = this._cache.keys;
     const userInfo = this._cache.getStore(userInfoKey);
     return userInfo[key];
@@ -381,29 +216,24 @@ class User implements IUser {
     const userInfo = this._cache.getStore(userInfoKey);
     [
       'uid',
-      'loginType',
-      'openid',
-      'wxOpenId',
-      'wxPublicId',
-      'unionId',
-      'qqMiniOpenId',
       'email',
-      'hasPassword',
-      'customUserId',
-      'nickName',
+      'name',
       'gender',
+      'picture',
       'avatarUrl',
       'phone',
+      'email_verified',
+      'phone_number',
+      'birthdate',
+      'zoneinfo',
+      'locale',
+      'sub',
+      'created_from',
+      'providers',
       'username'
     ].forEach(infoKey => {
       this[infoKey] = userInfo[infoKey];
     });
-
-    this.location = {
-      country: userInfo['country'],
-      province: userInfo['province'],
-      city: userInfo['city']
-    };
   }
 
   private _setLocalUserInfo(userInfo: any) {
@@ -416,106 +246,143 @@ interface ILoginStateOptions extends IUserOptions {
   envId: string;
 }
 export class LoginState implements ILoginState {
-  public credential: ICredential;
   public user: IUser;
+  public oauthLoginState: any
 
+  private _oauthInstance: CloudbaseOAuth
   private _cache: ICloudbaseCache;
-  private _loginType: string;
 
   constructor(options: ILoginStateOptions) {
-    const { envId, cache, request } = options;
+    const { envId, cache, oauthInstance } = options;
     if (!envId) {
       throwError(ERRORS.INVALID_PARAMS, 'envId is not defined');
     }
     this._cache = cache;
+    this._oauthInstance = oauthInstance
 
     this.user = new User({
-      cache,
-      request
+      cache: this._cache,
+      oauthInstance
     });
   }
 
-
-  public async checkLocalState() {
-    const { refreshTokenKey, accessTokenKey, accessTokenExpireKey } = this._cache.keys;
-    const refreshToken = this._cache.getStore(refreshTokenKey);
-    const accessToken = this._cache.getStore(accessTokenKey);
-    const accessTokenExpire = this._cache.getStore(accessTokenExpireKey);
-
-    this.credential = {
-      refreshToken,
-      accessToken,
-      accessTokenExpire
-    };
-
-    this._loginType = this._cache.getStore(this._cache.keys.loginTypeKey);
-
+  public checkLocalState() {
+    this.oauthLoginState = this._oauthInstance?.authApi.hasLoginStateSync()
     this.user.checkLocalInfo();
   }
-  public async checkLocalStateAsync() {
-    const { refreshTokenKey, accessTokenKey, accessTokenExpireKey } = this._cache.keys;
-    const refreshToken = await this._cache.getStoreAsync(refreshTokenKey);
-    const accessToken = await this._cache.getStoreAsync(accessTokenKey);
-    const accessTokenExpire = await this._cache.getStoreAsync(accessTokenExpireKey);
-
-    this.credential = {
-      refreshToken,
-      accessToken,
-      accessTokenExpire
-    };
-
-    this._loginType = await this._cache.getStoreAsync(this._cache.keys.loginTypeKey);
-
 
+  public async checkLocalStateAsync() {
+    await this._oauthInstance?.authApi.getLoginState()
     await this.user.checkLocalInfoAsync();
   }
+}
 
-  get isAnonymousAuth() {
-    return this.loginType === LOGINTYPE.ANONYMOUS;
-  }
+class Auth {
+  private readonly _config: ICloudbaseAuthConfig;
+  private readonly _cache: ICloudbaseCache
+  // private readonly _request: ICloudbaseRequest;
 
-  get isCustomAuth() {
-    return this.loginType === LOGINTYPE.CUSTOM;
-  }
+  private _oauthInstance: CloudbaseOAuth
 
-  get isWeixinAuth() {
-    return this.loginType === LOGINTYPE.WECHAT || this.loginType === LOGINTYPE.WECHAT_OPEN || this.loginType === LOGINTYPE.WECHAT_PUBLIC;
+  constructor(config: ICloudbaseAuthConfig & { cache: ICloudbaseCache, request?: ICloudbaseRequest, runtime?: string }) {
+    this._config = config;
+    this._cache = config.cache;
+    // this._request = config.request;
+    this._oauthInstance = config.oauthInstance
   }
 
-  get isUsernameAuth() {
-    return this.loginType === LOGINTYPE.USERNAME;
+  /**
+  * 绑定手机号
+  * @param phoneNumber
+  * @param phoneCode
+  */
+  @catchErrorsDecorator({
+    title: '绑定手机号失败',
+    messages: [
+      '请确认以下各项：',
+      '  1 - 调用 auth().bindPhoneNumber() 的语法或参数是否正确',
+      '  2 - 当前环境是否开通了短信验证码登录',
+      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
+    ]
+  })
+  public async bindPhoneNumber(params: authModels.BindPhoneRequest) {
+    return this._oauthInstance.authApi.bindPhone(params)
   }
 
-  get loginType() {
-    return this._loginType
+  /**
+   * 解绑三方绑定
+   * @param loginType
+   */
+  @catchErrorsDecorator({
+    title: '解除三方绑定失败',
+    messages: [
+      '请确认以下各项：',
+      '  1 - 调用 auth().unbindProvider() 的语法或参数是否正确',
+      '  2 - 当前账户是否已经与此登录方式解绑',
+      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
+    ]
+  })
+  public async unbindProvider(params: authModels.UnbindProviderRequest): Promise<void> {
+    return this._oauthInstance.authApi.unbindProvider(params)
   }
 
-  get isPhoneAuth() {
-    return this.loginType === LOGINTYPE.PHONE
+  /**
+ * 更新邮箱地址
+ * @param email
+ * @param sudo_token
+ * @param verification_token
+ */
+  @catchErrorsDecorator({
+    title: '绑定邮箱地址失败',
+    messages: [
+      '请确认以下各项：',
+      '  1 - 调用 auth().bindEmail() 的语法或参数是否正确',
+      '  2 - 当前环境是否开通了邮箱密码登录',
+      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
+    ]
+  })
+  public bindEmail(params: authModels.BindEmailRequest) {
+    return this._oauthInstance.authApi.bindEmail(params)
   }
-}
 
-class Auth {
-  private readonly _config: ICloudbaseAuthConfig;
-  private readonly _cache: ICloudbaseCache
-  private readonly _request: ICloudbaseRequest;
-  private readonly _runtime: string;
-  private _anonymousAuthProvider: AnonymousAuthProvider;
-  private _customAuthProvider: CustomAuthProvider;
-  private _weixinAuthProvider: WeixinAuthProvider;
-  private _emailAuthProvider: EmailAuthProvider;
-  private _usernameAuthProvider: UsernameAuthProvider;
-  private _phoneAuthProvider: PhoneAuthProvider;
-
-  private _oAuth2AuthProvider: OAuth2AuthProvider;
-
-  constructor(config: ICloudbaseAuthConfig & { cache: ICloudbaseCache, request: ICloudbaseRequest, runtime?: string }) {
-    this._config = config;
-    this._cache = config.cache;
-    this._request = config.request;
-    this._runtime = config.runtime || RUNTIME.WEB
+  /**
+   * verify
+   * @param {authModels.VerifyRequest} params
+   * @returns {Promise<authModels.VerifyResponse>}
+   * @memberof User
+   */
+  @catchErrorsDecorator({
+    title: '验证码验证失败',
+    messages: [
+      '请确认以下各项：',
+      '  1 - 调用 auth().verify() 的语法或参数是否正确',
+      '  2 - 当前环境是否开通了手机验证码/邮箱登录',
+      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
+    ]
+  })
+  public async verify(params: authModels.VerifyRequest): Promise<authModels.VerifyResponse> {
+    return this._oauthInstance.authApi.verify(params)
+  }
 
-    eventBus.on(EVENTS.LOGIN_TYPE_CHANGED, this._onLoginTypeChanged.bind(this));
+  /**
+   * 获取验证码
+   * @param {authModels.GetVerificationRequest} params
+   * @returns {Promise<authModels.GetVerificationResponse>}
+   * @memberof User
+   */
+  @catchErrorsDecorator({
+    title: '获取验证码失败',
+    messages: [
+      '请确认以下各项：',
+      '  1 - 调用 auth().getVerification() 的语法或参数是否正确',
+      '  2 - 当前环境是否开通了手机验证码/邮箱登录',
+      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
+    ]
+  })
+  public async getVerification(
+    params: authModels.GetVerificationRequest,
+  ): Promise<authModels.GetVerificationResponse> {
+    return this._oauthInstance.authApi.getVerification(params)
   }
 
   /**
@@ -524,7 +391,7 @@ class Auth {
   get currentUser() {
     if (this._cache.mode === 'async') {
       // async storage的平台调用此API提示
-      printWarn(ERRORS.INVALID_OPERATION, 'current platform\'s storage is asynchronous, please use getCurrenUser insteed');
+      printWarn(ERRORS.INVALID_OPERATION, 'current platform\'s storage is asynchronous, please use getCurrentUser insteed');
       return;
     }
 
@@ -537,13 +404,6 @@ class Auth {
     }
   }
 
-  /**
- * 获取当前登录类型-同步
- */
-  get loginType(): LOGINTYPE {
-    return this._cache.getStore(this._cache.keys.loginTypeKey);
-  }
-
   /**
    * 获取当前登录的用户信息-异步
    */
@@ -555,7 +415,7 @@ class Auth {
       `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
     ]
   })
-  public async getCurrenUser() {
+  public async getCurrentUser() {
     const loginState = await this.getLoginState();
     if (loginState) {
       await loginState.user.checkLocalInfoAsync();
@@ -564,130 +424,99 @@ class Auth {
       return null;
     }
   }
+
+
   /**
-   * 获取当前登录类型-异步
+   * 匿名登录
+   * @returns {Promise<LoginState>}
+   * @memberof Auth
    */
-  public async getLoginType(): Promise<LOGINTYPE> {
-    return await this._cache.getStoreAsync(this._cache.keys.loginTypeKey) as LOGINTYPE;
-  }
-  public async getAccessToken() {
-    return {
-      accessToken: (await this._request.getAccessToken()).accessToken,
-      env: this._config.env
-    };
-  }
-  public weixinAuthProvider({ appid, scope, state }): WeixinAuthProvider {
-    if (!this._weixinAuthProvider) {
-      this._weixinAuthProvider = new WeixinAuthProvider({
-        ...this._config,
-        cache: this._cache,
-        request: this._request,
-        runtime: this._runtime
-      }, appid, scope, state);
-    }
-    return this._weixinAuthProvider;
-  }
-  public anonymousAuthProvider(): AnonymousAuthProvider {
-    if (!this._anonymousAuthProvider) {
-      this._anonymousAuthProvider = new AnonymousAuthProvider({
-        ...this._config,
-        cache: this._cache,
-        request: this._request
-      });
-    }
-    return this._anonymousAuthProvider;
-  }
-  public customAuthProvider(): CustomAuthProvider {
-    if (!this._customAuthProvider) {
-      this._customAuthProvider = new CustomAuthProvider({
-        ...this._config,
-        cache: this._cache,
-        request: this._request
-      });
-    }
-    return this._customAuthProvider;
-  }
-  public emailAuthProvider(): EmailAuthProvider {
-    if (!this._emailAuthProvider) {
-      this._emailAuthProvider = new EmailAuthProvider({
-        ...this._config,
-        cache: this._cache,
-        request: this._request
-      });
-    }
-    return this._emailAuthProvider;
-  }
-  public usernameAuthProvider(): UsernameAuthProvider {
-    if (!this._usernameAuthProvider) {
-      this._usernameAuthProvider = new UsernameAuthProvider({
-        ...this._config,
-        cache: this._cache,
-        request: this._request
-      });
-    }
-    return this._usernameAuthProvider;
+  @catchErrorsDecorator({
+    title: '匿名登录失败',
+    messages: [
+      '请确认以下各项：',
+      '  1 - 当前环境是否开启了匿名登录',
+      '  2 - 调用 auth().signInAnonymously() 的语法或参数是否正确',
+      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
+    ]
+  })
+  public async signInAnonymously(): Promise<LoginState> {
+    await this._oauthInstance.authApi.signInAnonymously()
+    return this.createLoginState()
   }
 
-  public phoneAuthProvider(): PhoneAuthProvider {
-    if (!this._phoneAuthProvider) {
-      this._phoneAuthProvider = new PhoneAuthProvider({
-        ...this._config,
-        cache: this._cache,
-        request: this._request
-      });
-    }
-    return this._phoneAuthProvider;
+  /**
+   * 设置获取自定义登录 ticket 函数
+   * @param {authModels.GetCustomSignTicketFn} getTickFn
+   * @memberof Auth
+   */
+  public setCustomSignFunc(getTickFn: authModels.GetCustomSignTicketFn): void {
+    this._oauthInstance.authApi.setCustomSignFunc(getTickFn)
   }
 
   /**
-   * oAuth2AuthProvider
-   * options
-   * {
-   *   providerId: 'google',
-   *   scope: 'openid+email+profile',
-   *   redirectUri: 'https://'
-   * }
-   * @param {Object}  options 
-   * @param {string}  options.providerId            - 供应商Id，如 WeChat、Google、Github 等
-   * @param {string}  options.clientId              - 客户端Id，平台提供的客户端标识Id
-   * @param {string}  [options.responseType=token]  - 响应类型：token、code
-   * @param {string}  options.scope                 - 权限范围
-   * @param {string}  options.redirectUri           - 授权成功回调地址
-   * @param {boolean} options.syncProfile           - 是否同步用户 Profile 信息
-   * @param {boolean} options.forceDisableSignUp    - 是否强制关闭用户注册
-   * @returns 
+   *
+   * @returns {Promise<LoginState>}
+   * @memberof Auth
    */
-  public oAuth2AuthProvider(options: IOAuth2AuthProviderOptions = {}): OAuth2AuthProvider {
-    if (!this._oAuth2AuthProvider) {
-      this._oAuth2AuthProvider = new OAuth2AuthProvider({
-        ...this._config,
-        cache: this._cache,
-        request: this._request,
-        runtime: this._runtime
-      }, options)
-    }
-    return this._oAuth2AuthProvider
+  @catchErrorsDecorator({
+    title: '自定义登录失败',
+    messages: [
+      '请确认以下各项：',
+      '  1 - 当前环境是否开启了自定义登录',
+      '  2 - 调用 auth().signInWithCustomTicket() 的语法或参数是否正确',
+      '  3 - ticket 是否归属于当前环境',
+      '  4 - 创建 ticket 的自定义登录私钥是否过期',
+      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
+    ]
+  })
+  public async signInWithCustomTicket(): Promise<LoginState> {
+    await this._oauthInstance.authApi.signInWithCustomTicket()
+    return this.createLoginState()
   }
 
   /**
-   * signWithOAuth2Popup - OAuth2弹窗登录
+   *
+   * @param {authModels.SignInRequest} params
+   * @returns {Promise<LoginState>}
+   * @memberof Auth
    */
-  public signWithOAuth2Popup() {
-    this._oAuth2AuthProvider.signInWithPopup()
+  public async signIn(params: authModels.SignInRequest): Promise<LoginState> {
+    await this._oauthInstance.authApi.signIn(params)
+    return this.createLoginState()
   }
 
-  public signInWithOAuth2Modal(elemId: string) {
-    this._oAuth2AuthProvider.signInWithModal(elemId)
+  /**
+   *
+   * @param {authModels.SignUpRequest} params
+   * @returns {Promise<LoginState>}
+   * @memberof Auth
+   */
+  @catchErrorsDecorator({
+    title: '注册失败',
+    messages: [
+      '请确认以下各项：',
+      '  1 - 当前环境是否开启了指定登录方式',
+      '  2 - 调用 auth().signUp() 的语法或参数是否正确',
+      `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
+    ]
+  })
+  public async signUp(params: authModels.SignUpRequest): Promise<LoginState> {
+    console.log('ggg')
+    await this._oauthInstance.authApi.signUp(params)
+    return this.createLoginState()
   }
 
   /**
-   * 用户名密码登录
-   * @param username
-   * @param password
+   * 设置密码
+   * @param {authModels.SetPasswordRequest} params
+   * @returns {Promise<void>}
+   * @memberof Auth
    */
-  public async signInWithUsernameAndPassword(username: string, password: string) {
-    return this.usernameAuthProvider().signIn(username, password);
+  public async setPassword(params: authModels.SetPasswordRequest): Promise<void> {
+    return this._oauthInstance.authApi.setPassword(params)
   }
+
   /**
    * 检测用户名是否已经占用
    * @param username
@@ -705,34 +534,10 @@ class Auth {
       throwError(ERRORS.INVALID_PARAMS, 'username must be a string');
     }
 
-    const { data } = await this._request.send('auth.isUsernameRegistered', {
-      username
-    });
-    return data?.isRegistered;
-  }
-  /**
-   * 邮箱密码登录
-   * @param email
-   * @param password
-   */
-  public async signInWithEmailAndPassword(email: string, password: string) {
-    return this.emailAuthProvider().signIn(email, password);
-  }
-  /**
-   * 邮箱密码注册
-   * @param email
-   * @param password
-   */
-  public async signUpWithEmailAndPassword(email: string, password: string) {
-    return this.emailAuthProvider().signUp(email, password);
-  }
-  /**
-   * 重置邮箱密码
-   * @param email
-   */
-  public async sendPasswordResetEmail(email: string) {
-    return this.emailAuthProvider().resetPassword(email);
+    const { exist } = await this._oauthInstance.authApi.checkIfUserExist({ username })
+    return exist
   }
+
   /**
    * 登出
    */
@@ -746,120 +551,35 @@ class Auth {
     ]
   })
   public async signOut() {
-    const loginType = await this.getLoginType()
-    // if (loginType === LOGINTYPE.ANONYMOUS) {
-    //   throw new Error(JSON.stringify({
-    //     code: ERRORS.INVALID_OPERATION,
-    //     msg: 'anonymous user doesn\'t support signOut action'
-    //   }))
-    // }
-    const { refreshTokenKey, accessTokenKey, accessTokenExpireKey } = this._cache.keys
-
-    const refresh_token = await this._cache.getStoreAsync(refreshTokenKey);
-    if (!refresh_token) {
-      return
-    }
-
-    if (loginType.startsWith(OAUTH2_LOGINTYPE_PREFIX)) {
-      const accessToken = await this._cache.getStoreAsync(accessTokenKey)
-      const accessTokenExpire = Number(await this._cache.getStoreAsync(accessTokenExpireKey))
-      if (accessToken) {
-        if (Date.now() < accessTokenExpire) {
-          const resp = await this._request.fetch('/auth/v1/revoke', {
-            method: 'POST',
-            headers: {
-              'Accept': 'application/json',
-              'Content-Type': 'application/json'
-            },
-            body: JSON.stringify({
-              token: accessToken
-            })
-          })
-          const seqIdFromHeader = resp.headers.get('SeqId') || resp.headers.get('RequestId')
-          if (resp.status >= 400 && resp.status < 500) {
-            const body: any = await resp.json()
-            const seqId = body.request_id || seqIdFromHeader
-            throw new Error(`[OAuth2AuthProvider][status:${resp.status}][${body.error}(${body.error_code})] ${body.error_description} (${seqId})`)
-          }
-          else if (resp.status >= 500) {
-            const body: any = await resp.json()
-            const seqId = body.request_id || seqIdFromHeader
-            throw new Error(`[OAuth2AuthProvider][status:${resp.status}][${body.error}(${body.error_code})] ${body.error_description} (${seqId})`)
-          }
-        }
-        else {
-          // console.warn(`[SignOut] accesstoken expired`)
-        }
-      }
-      else {
-        // console.warn(`[SignOut] accesstoken not exists`)
-      }
-    }
-    else {
-      await this._request.send('auth.logout', { refresh_token })
-    }
-
-    this._cache.removeStoreAsync(refreshTokenKey)
-    this._cache.removeStoreAsync(accessTokenKey)
-    this._cache.removeStoreAsync(accessTokenExpireKey)
-
+    const { userInfoKey } = this._cache.keys;
+    await this._oauthInstance.authApi.signOut()
+    await this._cache.removeStoreAsync(userInfoKey)
     eventBus.fire(EVENTS.LOGIN_STATE_CHANGED)
-    eventBus.fire(EVENTS.LOGIN_TYPE_CHANGED, {
-      env: this._config.env,
-      loginType: LOGINTYPE.NULL,
-      persistence: this._config.persistence
-    })
-
-    return true
-  }
-  public async onLoginStateChanged(callback: Function) {
-    eventBus.on(EVENTS.LOGIN_STATE_CHANGED, async () => {
-      const loginState = await this.getLoginState();
-      callback.call(this, loginState);
-    });
-    // 立刻执行一次回调
-    const loginState = await this.getLoginState();
-    callback.call(this, loginState);
-  }
-  public onLoginStateExpired(callback: Function) {
-    eventBus.on(EVENTS.LOGIN_STATE_EXPIRED, callback.bind(this));
-  }
-  public onAccessTokenRefreshed(callback: Function) {
-    eventBus.on(EVENTS.ACCESS_TOKEN_REFRESHD, callback.bind(this));
-  }
-  public onAnonymousConverted(callback: Function) {
-    eventBus.on(EVENTS.ANONYMOUS_CONVERTED, callback.bind(this));
-  }
-  public onLoginTypeChanged(callback: Function) {
-    eventBus.on(EVENTS.LOGIN_TYPE_CHANGED, async () => {
-      const loginState = await this.getLoginState();
-      callback.call(this, loginState);
-    });
   }
+
   /**
    * 获取本地登录态-同步
    */
-  public hasLoginState(): ILoginState | null {
+  public hasLoginState(): LoginState | null {
     if (this._cache.mode === 'async') {
       // async storage的平台调用此API提示
       printWarn(ERRORS.INVALID_OPERATION, 'current platform\'s storage is asynchronous, please use getLoginState insteed');
       return;
     }
-    const { refreshTokenKey } = this._cache.keys;
-    const refreshToken = this._cache.getStore(refreshTokenKey);
 
-    if (refreshToken) {
+    const oauthLoginState = this._oauthInstance?.authApi.hasLoginStateSync()
+    if (oauthLoginState) {
       const loginState = new LoginState({
         envId: this._config.env,
         cache: this._cache,
-        request: this._request
-      });
-      loginState.checkLocalState();
-      return loginState;
+        oauthInstance: this._oauthInstance,
+      })
+      return loginState
     } else {
-      return null;
+      return null
     }
   }
+
   /**
    * 获取本地登录态-异步
    * 此API为兼容异步storage的平台
@@ -873,25 +593,19 @@ class Auth {
     ]
   })
   public async getLoginState() {
-    const { refreshTokenKey } = this._cache.keys;
-    const refreshToken = await this._cache.getStoreAsync(refreshTokenKey);
-    if (refreshToken) {
+    const oauthLoginState = await this._oauthInstance.authApi.getLoginState()
+    if (oauthLoginState) {
       const loginState = new LoginState({
         envId: this._config.env,
         cache: this._cache,
-        request: this._request
-      });
-      await loginState.checkLocalStateAsync();
-      return loginState;
-    } else {
-      return null;
+        oauthInstance: this._oauthInstance,
+      })
+      return loginState
     }
-  }
 
-  public shouldRefreshAccessToken(hook) {
-    // @ts-ignore
-    this._request._shouldRefreshAccessTokenHook = hook.bind(this);
+    return null
   }
+
   @catchErrorsDecorator({
     title: '获取用户信息失败',
     messages: [
@@ -901,159 +615,152 @@ class Auth {
       `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
     ]
   })
-  public async getUserInfo(): Promise<any> {
-    const action = 'auth.getUserInfo';
-
-    const res = await this._request.send(action, {});
-    if (res.code) {
-      return res;
-    } else {
-      return {
-        ...res.data,
-        requestId: res.seqId
-      };
-    }
+  public async getUserInfo(): Promise<IUserInfo> {
+    return this._oauthInstance.authApi.getUserInfo()
   }
-  /**
-   * 获取Http鉴权header，用于云接入 HTTP 访问云函数时的鉴权
-   */
-  public getAuthHeader() {
-    const { refreshTokenKey, accessTokenKey } = this._cache.keys;
-    const refreshToken = this._cache.getStore(refreshTokenKey);
-    const accessToken = this._cache.getStore(accessTokenKey);
-    return {
-      'x-cloudbase-credentials': accessToken + '/@@/' + refreshToken
-    };
-  }
-  /**
-   * 异步模式获取Http鉴权header，用于云接入 HTTP 访问云函数时的鉴权
-   * 调用此API会刷新登录态
-   */
-  public async getAuthHeaderAsync() {
-    await this._request.refreshAccessToken();
 
-    const { refreshTokenKey, accessTokenKey } = this._cache.keys;
-    const refreshToken = await this._cache.getStoreAsync(refreshTokenKey);
-    const accessToken = await this._cache.getStoreAsync(accessTokenKey);
-    return {
-      'x-cloudbase-credentials': accessToken + '/@@/' + refreshToken
-    };
-  }
 
   /**
- * 发送验证码
- * @param phoneNumber
- * @param phoneCode
- */
+   * 为已有账户绑第三方账户
+   * @param {authModels.BindWithProviderRequest} params
+   * @returns {Promise<void>}
+   * @memberof Auth
+   */
   @catchErrorsDecorator({
-    title: '发送短信验证码失败',
+    title: '绑定第三方登录方式失败',
     messages: [
       '请确认以下各项：',
-      '  1 - 调用语法或参数是否正确',
-      '  2 - 当前环境是否开通了短信验证码登录',
+      '  1 - 调用 auth().bindWithProvider() 的语法或参数是否正确',
+      '  2 - 此账户是否已经绑定此第三方',
       `如果问题依然存在，建议到官方问答社区提问或寻找帮助：${COMMUNITY_SITE_URL}`
     ]
   })
-  public async sendPhoneCode(phoneNumber: string): Promise<boolean> {
-    const { data } = await this._request.send('auth.sendPhoneCode', {
-      phoneNumber: transformPhone(phoneNumber)
-    });
-    return data.SendStatus === 'Ok'
+  public async bindWithProvider(
+    params: authModels.BindWithProviderRequest,
+  ): Promise<void> {
+    return this._oauthInstance.authApi.bindWithProvider(params)
   }
 
   /**
-   * 手机短信注册
-   * @param email
-   * @param password
+   * 查询用户
+   * @param {authModels.QueryUserProfileRequest} appended_params
+   * @returns {Promise<authModels.UserProfile>}
+   * @memberof Auth
    */
-  public async signUpWithPhoneCode(phoneNumber: string, phoneCode: string, password: string) {
-    return this.phoneAuthProvider().signUp(phoneNumber, phoneCode, password);
+  public async queryUser(
+    queryObj: authModels.QueryUserProfileRequest,
+  ): Promise<authModels.QueryUserProfileResponse> {
+    return this._oauthInstance.authApi.queryUserProfile(queryObj)
   }
 
-  /**
-   * 手机验证码 or 密码登录
-   * @param email
-   * @param password
-   */
-  public async signInWithPhoneCodeOrPassword(param: {
-    phoneNumber: string
-    phoneCode?: string
-    password?: string
-    signMethod?: string
-  }) {
-    return this.phoneAuthProvider().signIn(param);
+  public async getAccessToken() {
+    const oauthAccessTokenRes = await this._oauthInstance.oauth2client.getAccessToken()
+    return {
+      accessToken: oauthAccessTokenRes,
+      env: this._config.env
+    };
+  }
+
+  public async grantProviderToken(
+    params: authModels.GrantProviderTokenRequest,
+  ): Promise<authModels.GrantProviderTokenResponse> {
+    return this._oauthInstance.authApi.grantProviderToken(params)
+  }
+
+  public async signInWithProvider(
+    params: authModels.SignInWithProviderRequest,
+  ): Promise<LoginState> {
+    await this._oauthInstance.authApi.signInWithProvider(params)
+    return this.createLoginState()
+  }
+
+  public async grantToken(params: authModels.GrantTokenRequest): Promise<LoginState> {
+    await this._oauthInstance.authApi.grantToken(params)
+    return this.createLoginState()
+  }
+
+  public async genProviderRedirectUri(
+    params: authModels.GenProviderRedirectUriRequest,
+  ): Promise<authModels.GenProviderRedirectUriResponse> {
+    return this._oauthInstance.authApi.genProviderRedirectUri(params)
   }
 
-  public async forceResetPwdByPhoneCode(param: {
-    phoneNumber: string
-    phoneCode: string
-    password: string
-  }) {
-    return this.phoneAuthProvider().signIn({
-      ...param,
-      signMethod: SIGN_METHOD.FORCERESETPWD
+  public async resetPassword(params: authModels.ResetPasswordRequest): Promise<void> {
+    return this._oauthInstance.authApi.resetPassword(params)
+  }
+
+  public async deviceAuthorize(params: authModels.DeviceAuthorizeRequest): Promise<authModels.DeviceAuthorizeResponse> {
+    return this._oauthInstance.authApi.deviceAuthorize(params)
+  }
+
+  public async sudo(params: authModels.SudoRequest): Promise<authModels.SudoResponse> {
+    return this._oauthInstance.authApi.sudo(params)
+  }
+
+  public async loginScope(): Promise<string> {
+    return this._oauthInstance.authApi.loginScope()
+  }
+
+  public async onLoginStateChanged(callback: Function) {
+    eventBus.on(EVENTS.LOGIN_STATE_CHANGED, async () => {
+      const loginState = await this.getLoginState();
+      callback.call(this, loginState);
     });
+    // 立刻执行一次回调
+    const loginState = await this.getLoginState();
+    callback.call(this, loginState);
   }
 
-  private async _onLoginTypeChanged(ev) {
-    const { loginType, persistence, env } = ev.data;
-    if (env !== this._config.env) {
-      return;
-    }
-    // 登录态转变后迁移cache，防止在匿名登录状态下cache混用
-    await this._cache.updatePersistenceAsync(persistence);
-    await this._cache.setStoreAsync(this._cache.keys.loginTypeKey, loginType);
+  private async createLoginState(): Promise<LoginState> {
+    const loginState = new LoginState({
+      envId: this._config.env,
+      cache: this._cache,
+      oauthInstance: this._oauthInstance,
+    })
+
+    await loginState.checkLocalStateAsync();
+    await loginState.user.refresh();
+    eventBus.fire(EVENTS.LOGIN_STATE_CHANGED);
+    return loginState
   }
 }
 
-const EVENTS = {
-  // 登录态改变后触发
-  LOGIN_STATE_CHANGED: 'loginStateChanged',
-  // 登录态过期后触发
-  LOGIN_STATE_EXPIRED: 'loginStateExpire',
-  // 登录类型改变后触发
-  LOGIN_TYPE_CHANGED: 'loginTypeChanged',
-  // 匿名账户被转正后触发
-  ANONYMOUS_CONVERTED: 'anonymousConverted',
-  // access token刷新后触发
-  ACCESS_TOKEN_REFRESHD: 'refreshAccessToken'
-};
-
 const component: ICloudbaseComponent = {
   name: COMPONENT_NAME,
   namespace: 'auth',
-  injectEvents: {
-    bus: eventBus,
-    events: [
-      EVENTS.LOGIN_TYPE_CHANGED,
-      EVENTS.LOGIN_STATE_EXPIRED,
-      EVENTS.LOGIN_STATE_CHANGED,
-      EVENTS.ACCESS_TOKEN_REFRESHD,
-      EVENTS.ANONYMOUS_CONVERTED
-    ]
-  },
   entity: function (config: Pick<ICloudbaseAuthConfig, 'region' | 'persistence'> = { region: '', persistence: 'local' }) {
     if (this.authInstance) {
       printWarn(ERRORS.INVALID_OPERATION, 'every cloudbase instance should has only one auth object');
       return this.authInstance;
     }
     const { adapter, runtime } = this.platform;
-    // 如不明确指定persistence则优先取各平台adapter首选，其次session
+    // 如不明确指定persistence则优先取各平台adapter首选，其次localStorage
     const newPersistence = config.persistence || adapter.primaryStorage;
     if (newPersistence && (newPersistence !== this.config.persistence)) {
       this.updateConfig({ persistence: newPersistence })
     }
 
-    const { env, persistence, debug } = this.config;
+    const { env, persistence, debug, clientId } = this.config;
+    const oauthInstance = new CloudbaseOAuth({
+      clientId: clientId,
+      apiOrigin: this.request.getBaseEndPoint(),
+    })
+
+    this.oauthInstance = oauthInstance
+
     this.authInstance = new Auth({
       env,
       region: config.region,
       persistence,
       debug,
       cache: this.cache,
-      request: this.request,
-      runtime: runtime
+      // request: this.request,
+      runtime: runtime,
+      _fromApp: this,
+      // oauthInstance: this.oauthInstance || (this as any).oauth()
+      oauthInstance
     });
+
     return this.authInstance;
   }
 }
@@ -1067,9 +774,6 @@ try {
 export {
   UserInfo,
   Auth,
-  AuthProvider,
-  EVENTS,
-  eventBus
 };
 /**
  * @api 手动注册至cloudbase app
@@ -1082,29 +786,3 @@ export function registerAuth(app: Pick<ICloudbase, 'registerComponent'>) {
   }
 }
 
-type IProvider = new (...args: any[]) => any;
-/**
- * 注册provider，如果
- * @param name
- * @param provider
- * @example
- * // 注册
- * registerProvider('emailAuthProvider',function(){
- *   // ...
- * });
- * // 使用新provider登录
- * cloudbase.auth().emailAuthProvider().signIn();
- */
-export function registerProvider(name: string, provider: IProvider) {
-  const proto = Auth.prototype;
-  proto[name] = function (options: object) {
-    const privateName = `_${name}`;
-    if (!this[privateName]) {
-      this[privateName] = new provider({
-        ...options,
-        ...this._config
-      });
-    }
-    return this[privateName];
-  };
-}