@cloudbase/auth 2.25.1 → 2.25.3

package/src/sbaseApi.ts

@@ -1,1500 +0,0 @@
-import type { ICloudbaseAuthConfig } from '@cloudbase/types/auth'
-import type { authModels, CloudbaseOAuth, Credentials } from '@cloudbase/oauth'
-import type { ICloudbaseCache } from '@cloudbase/types/cache'
-import {
-  weappJwtDecodeAll,
-  EVENTS,
-  AUTH_STATE_CHANGED_TYPE,
-  AuthError,
-  OAUTH_TYPE,
-  LOGIN_STATE_CHANGED_TYPE,
-} from '@cloudbase/oauth'
-import {
-  CommonRes,
-  DeleteMeReq,
-  GetClaimsRes,
-  GetUserIdentitiesRes,
-  GetUserRes,
-  LinkIdentityReq,
-  LinkIdentityRes,
-  OnAuthStateChangeCallback,
-  ReauthenticateRes,
-  ResendReq,
-  ResendRes,
-  ResetPasswordForEmailRes,
-  ResetPasswordForOldReq,
-  SetSessionReq,
-  SignInAnonymouslyReq,
-  SignInOAuthRes,
-  SignInRes,
-  SignInWithIdTokenReq,
-  SignInWithOAuthReq,
-  SignInWithOtpReq,
-  SignInWithOtpRes,
-  SignInWithPasswordReq,
-  SignUpRes,
-  UnlinkIdentityReq,
-  UpdateUserAttributes,
-  UpdateUserReq,
-  UpdateUserWithVerificationRes,
-  VerifyOAuthReq,
-  VerifyOtpReq,
-} from './type'
-import { LoginState, User } from '.'
-import { saveToBrowserSession, getBrowserSession, removeBrowserSession, addUrlSearch } from './utils'
-import { utils } from '@cloudbase/utilities'
-import { adapterForWxMp } from './utilities'
-export const isBrowser = () => typeof window !== 'undefined' && typeof document !== 'undefined'
-
-declare const wx: any
-
-export class SbaseApi {
-  readonly config: ICloudbaseAuthConfig
-  oauthInstance: CloudbaseOAuth
-  readonly cache: ICloudbaseCache
-  private listeners: Map<string, Set<OnAuthStateChangeCallback>> = new Map()
-  private hasListenerSetUp = false
-
-  constructor(config: ICloudbaseAuthConfig & { cache: ICloudbaseCache }) {
-    this.config = config
-    this.oauthInstance = config.oauthInstance
-    this.cache = config.cache
-    this.init()
-  }
-
-  /**
-   * 获取当前登录的用户信息-同步
-   */
-  get currentUser() {
-    const loginState = this.hasLoginState()
-
-    if (loginState) {
-      return loginState.user || null
-    }
-    return null
-  }
-
-  hasLoginState(): LoginState | null {
-    throw new Error('Auth.hasLoginState() is not implemented')
-  }
-
-  async setAccessKey() {
-    throw new Error('Auth.setAccessKey() is not implemented')
-  }
-
-  async signIn(_params: authModels.SignInRequest): Promise<LoginState> {
-    throw new Error('Auth.signIn() is not implemented')
-  }
-
-  async signInWithProvider(_params: authModels.SignInWithProviderRequest): Promise<LoginState> {
-    throw new Error('Auth.signInWithProvider() is not implemented')
-  }
-
-  async genProviderRedirectUri(_params: authModels.GenProviderRedirectUriRequest,): Promise<authModels.GenProviderRedirectUriResponse> {
-    throw new Error('Auth.genProviderRedirectUri() is not implemented')
-  }
-
-  async getAccessToken(): Promise<{
-    accessToken: any
-    env: string
-  }> {
-    throw new Error('Auth.getAccessToken() is not implemented')
-  }
-
-  async getUserInfo(): Promise<(authModels.UserInfo & Partial<User>) | null> {
-    throw new Error('Auth.getUserInfo() is not implemented')
-  }
-
-  async updateUserBasicInfo(_params: authModels.ModifyUserBasicInfoRequest) {
-    throw new Error('Auth.updateUserBasicInfo() is not implemented')
-  }
-
-  setCustomSignFunc(_getTickFn: authModels.GetCustomSignTicketFn): void {
-    throw new Error('Auth.setCustomSignFunc() is not implemented')
-  }
-
-  async grantProviderToken(_params: authModels.GrantProviderTokenRequest,): Promise<authModels.GrantProviderTokenResponse> {
-    throw new Error('Auth.grantProviderToken() is not implemented')
-  }
-
-  async bindWithProvider(_params: authModels.BindWithProviderRequest): Promise<void> {
-    throw new Error('Auth.bindWithProvider() is not implemented')
-  }
-
-  async signInWithUsername(_params: {
-    verificationInfo?: { verification_id: string; is_user: boolean }
-    verificationCode?: string
-    username?: string // 用户名称，长度 5-24 位，支持字符中英文、数字、特殊字符（仅支持_-），不支持中文
-    bindInfo?: any
-    loginType?: string
-    autoSignUp?: boolean
-  }): Promise<LoginState> {
-    throw new Error('Auth.signInWithUsername() is not implemented')
-  }
-
-  async getVerification(
-    _params: authModels.GetVerificationRequest,
-    _options?: { withCaptcha: boolean },
-  ): Promise<authModels.GetVerificationResponse> {
-    throw new Error('Auth.getVerification() is not implemented')
-  }
-
-  async createLoginState(
-    _params?: { version?: string; query?: any },
-    _options?: { asyncRefreshUser?: boolean },
-  ): Promise<LoginState> {
-    throw new Error('Auth.createLoginState() is not implemented')
-  }
-
-  async verify(_params: authModels.VerifyRequest): Promise<authModels.VerifyResponse> {
-    throw new Error('Auth.verify() is not implemented')
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-signinanonymously
-   * Sign in a user anonymously.
-   * const { data, error } = await auth.signInAnonymously();
-   * @param params
-   * @returns  Promise<SignInRes>
-   */
-  async signInAnonymously(params: SignInAnonymouslyReq): Promise<SignInRes> {
-    try {
-      await this.oauthInstance.authApi.signInAnonymously(params)
-      const loginState = await this.createLoginState()
-
-      const { data: { session } = {} } = await this.getSession()
-
-      // loginState返回是为了兼容v2版本
-      return { ...(loginState as any), data: { user: session.user, session }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-signup
-   * Sign up a new user with email or phone using a one-time password (OTP). If the account not exist, a new account will be created.
-   * let signUpResolve = null;
-    const res = await app.auth.signUp({
-      phone: "xxxxxx",
-    });
-
-    signUpResolve = res.data.verify
-
-    const res = await signUpResolve(code);
-
-    // res.data.callback支持 messageId 参数用于重新发送验证码进行验证，messageId 可以从 resend() 方法中获取
-    const { data } = await app.auth.resend({
-      type: "signup",
-      phone: "xxxxxx",
-    })
-    const res = await signUpResolve(code, data.messageId);
-   * @param params
-   * @returns Promise<SignUpRes>
-   */
-  async signUp(params: authModels.SignUpRequest): Promise<SignUpRes> {
-    if (params.phone_number || params.verification_code || params.verification_token || params.provider_token) {
-      await this.oauthInstance.authApi.signUp(params)
-      return this.createLoginState() as any
-    }
-    try {
-      // 参数校验：email或phone必填其一
-      this.validateAtLeastOne(params, [['email'], ['phone']], 'You must provide either an email or phone number')
-
-      // 第一步：发送验证码并存储 verificationInfo
-      const verificationInfo = await this.getVerification(params.email ? { email: params.email } : { phone_number: this.formatPhone(params.phone) },)
-
-      return {
-        data: {
-          // 第二步：等待用户输入验证码（通过 Promise 包装用户输入事件）
-          verifyOtp: async ({ token, messageId = verificationInfo.verification_id }): Promise<SignInRes> => {
-            try {
-              // 第三步：待用户输入完验证码之后，验证短信验证码
-              const verificationTokenRes = await this.verify({
-                verification_id: messageId || verificationInfo.verification_id,
-                verification_code: token,
-              })
-
-              // 第四步：注册并登录或直接登录
-              // 如果用户已经存在，直接登录
-              if (verificationInfo.is_user) {
-                await this.signIn({
-                  username: params.email || this.formatPhone(params.phone),
-                  verification_token: verificationTokenRes.verification_token,
-                })
-              } else {
-                // 如果用户不存在，注册用户
-                const data = JSON.parse(JSON.stringify(params))
-                delete data.email
-                delete data.phone
-
-                await this.oauthInstance.authApi.signUp({
-                  ...data,
-                  ...(params.email ? { email: params.email } : { phone_number: this.formatPhone(params.phone) }),
-                  verification_token: verificationTokenRes.verification_token,
-                  verification_code: token,
-                })
-                await this.createLoginState()
-              }
-
-              const { data: { session } = {} } = await this.getSession()
-
-              return { data: { user: session.user, session }, error: null }
-            } catch (error) {
-              return { data: {}, error: new AuthError(error) }
-            }
-          },
-        },
-        error: null,
-      }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-signout
-   * const result = await auth.signOut();
-   *
-   * @param params
-   */
-  async signOut(params?: authModels.SignoutRequest): Promise<void | authModels.SignoutReponse> {
-    try {
-      const { userInfoKey } = this.cache.keys
-      const res = await this.oauthInstance.authApi.signOut(params)
-      await this.cache.removeStoreAsync(userInfoKey)
-      this.setAccessKey()
-
-      this.config.eventBus?.fire(EVENTS.LOGIN_STATE_CHANGED, { eventType: LOGIN_STATE_CHANGED_TYPE.SIGN_OUT })
-
-      this.config.eventBus?.fire(EVENTS.AUTH_STATE_CHANGED, { event: AUTH_STATE_CHANGED_TYPE.SIGNED_OUT })
-
-      // res返回是为了兼容v2版本
-      return { ...res, data: {}, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-onauthstatechange
-   * Receive a notification every time an auth event happens. Safe to use without an async function as callback.
-   * const { data } = app.auth.onAuthStateChange((event, session) => {
-      console.log(event, session);
-      if (event === "INITIAL_SESSION") {
-        // handle initial session
-      } else if (event === "SIGNED_IN") {
-        // handle sign in event
-      } else if (event === "SIGNED_OUT") {
-        // handle sign out event
-      } else if (event === "PASSWORD_RECOVERY") {
-        // handle password recovery event
-      } else if (event === "TOKEN_REFRESHED") {
-        // handle token refreshed event
-      } else if (event === "USER_UPDATED") {
-        // handle user updated event
-      }
-    });
-    // call unsubscribe to remove the callback
-    data.subscription.unsubscribe();
-   * @param callback
-   * @returns Promise<{ data: { subscription: Subscription }, error: Error | null }>
-   */
-  onAuthStateChange(callback: OnAuthStateChangeCallback) {
-    if (!this.hasListenerSetUp) {
-      this.setupListeners()
-      this.hasListenerSetUp = true
-    }
-
-    const id = Math.random().toString(36)
-
-    if (!this.listeners.has(id)) {
-      this.listeners.set(id, new Set())
-    }
-
-    this.listeners.get(id)!.add(callback)
-
-    // 返回 Subscription 对象
-    const subscription = {
-      id,
-      callback,
-      unsubscribe: () => {
-        const callbacks = this.listeners.get(id)
-        if (callbacks) {
-          callbacks.delete(callback)
-          if (callbacks.size === 0) {
-            this.listeners.delete(id)
-          }
-        }
-      },
-    }
-
-    return {
-      data: { subscription },
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-signinwithpassword
-   * Log in an existing user with an email and password or phone and password or username and password.
-   * const { data } = await app.auth.signInWithPassword({
-      username: "xxx",
-      password: "xxx",
-    })
-   * @param params
-   * @returns Promise<SignInRes>
-   */
-  async signInWithPassword(params: SignInWithPasswordReq): Promise<SignInRes> {
-    try {
-      // 参数校验：username/email/phone三选一，password必填
-      this.validateAtLeastOne(
-        params,
-        [['username'], ['email'], ['phone']],
-        'You must provide either username, email, or phone',
-      )
-      this.validateParams(params, {
-        password: { required: true, message: 'Password is required' },
-      })
-
-      await this.signIn({
-        username: params.username || params.email || this.formatPhone(params.phone),
-        password: params.password,
-        ...(params.is_encrypt ? { isEncrypt: true, version: 'v2' } : {}),
-      })
-      const { data: { session } = {} } = await this.getSession()
-
-      return { data: { user: session.user, session }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-signinwithidtoken
-   * 第三方平台登录。如果用户不存在，会根据云开发平台-登录方式中对应身份源的登录模式配置，判断是否自动注册
-   * @param params
-   * @returns Promise<SignInRes>
-   */
-  async signInWithIdToken(params: SignInWithIdTokenReq): Promise<SignInRes> {
-    try {
-      // 参数校验：token必填
-      this.validateParams(params, {
-        token: { required: true, message: 'Token is required' },
-      })
-
-      await this.signInWithProvider({
-        provider_token: params.token,
-      })
-      const { data: { session } = {} } = await this.getSession()
-
-      return { data: { user: session.user, session }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-signinwithotp
-   * Log in a user using a one-time password (OTP).
-   * let signResolve = null;
-    const res = await app.auth.signInWithOtp({
-      phone: "xxxxxx",
-    });
-
-    signResolve = res.data.verify
-
-    const res = await signResolve(code);
-
-    // res.data.callback支持 messageId 参数用于重新发送验证码进行验证，messageId 可以从 resend() 方法中获取
-    const { data } = await app.auth.resend({
-      type: "signup",
-      phone: "xxxxxx",
-    })
-    const res = await signUpResolve(code, data.messageId);
-   * @param params
-   * @returns Promise<SignInWithOtpRes>
-   */
-  async signInWithOtp(params: SignInWithOtpReq): Promise<SignInWithOtpRes> {
-    try {
-      // 参数校验：email或phone必填其一
-      this.validateAtLeastOne(params, [['email'], ['phone']], 'You must provide either an email or phone number')
-
-      // 第一步：发送验证码并存储 verificationInfo
-      const verificationInfo = await this.getVerification(params.email ? { email: params.email } : { phone_number: this.formatPhone(params.phone) },)
-
-      return {
-        data: {
-          user: null,
-          session: null,
-          // 第二步：等待用户输入验证码（通过 Promise 包装用户输入事件）
-          verifyOtp: async ({ token, messageId = verificationInfo.verification_id }): Promise<SignInRes> => this.verifyOtp({
-            email: params.email,
-            phone: params.phone,
-            token,
-            messageId,
-          }),
-        },
-        error: null,
-      }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * 校验第三方平台授权登录回调，需先调用 signInWithOAuth 生成第三方平台授权 Uri，访问该 Uri 后，会跳转到第三方平台授权页面，授权完成后回调回来再调用该方法，不传参数则从 url query 和 sessionStorage 中获取
-   * // 1. 获取第三方平台授权页地址
-    const { data } = app.auth.signInWithOAuth({
-      provider: 'string'
-      options: {
-        redirectTo: 'https://example.com/callback'
-        state: 'string'
-      }
-    })
-
-    // 2. 访问uri （如 location.href = uri）
-
-    // 3. 校验第三方平台授权回调
-    const { data } = await app.auth.verifyOAuth()
-   * @param params
-   * @returns Promise<SignInRes>
-   */
-  async verifyOAuth(params?: VerifyOAuthReq): Promise<SignInRes | LinkIdentityRes> {
-    const data: any = {}
-    try {
-      // 回调至 provider_redirect_uri 地址（url query中携带 授权code，state等参数），此时检查 state 是否符合预期（如 自己设置的 wx_open)
-      const code = params?.code || utils.getQuery('code')
-      const state = params?.state || utils.getQuery('state')
-
-      // 参数校验：code和state必填
-      if (!code) {
-        return { data: {}, error: new AuthError({ message: 'Code is required' }) }
-      }
-
-      if (!state) {
-        return { data: {}, error: new AuthError({ message: 'State is required' }) }
-      }
-
-      const cacheData = getBrowserSession(state)
-      data.type = cacheData?.type
-
-      const provider = params?.provider || cacheData?.provider || utils.getQuery('provider')
-
-      if (!provider) {
-        return { data, error: new AuthError({ message: 'Provider is required' }) }
-      }
-
-      // state符合预期，则获取该三方平台token
-      const { provider_token: token } = await this.grantProviderToken({
-        provider_id: provider,
-        provider_redirect_uri: location.origin + location.pathname, // 指定三方平台跳回的 url 地址
-        provider_code: code, // 第三方平台跳转回页面时，url param 中携带的 code 参数
-      })
-
-      let res: SignInRes | LinkIdentityRes
-
-      if (cacheData.type === OAUTH_TYPE.BIND_IDENTITY) {
-        res = await this.oauthInstance.authApi.toBindIdentity({ provider_token: token, provider, fireEvent: true })
-      } else {
-        // 通过 provider_token 仅登录或登录并注册（与云开发平台-登录方式-身份源登录模式配置有关）
-        res = await this.signInWithIdToken({
-          token,
-        })
-        res.data = { ...data, ...res.data }
-      }
-
-      const localSearch = new URLSearchParams(location?.search)
-      localSearch.delete('code')
-      localSearch.delete('state')
-      addUrlSearch(
-        cacheData?.search === undefined ? `?${localSearch.toString()}` : cacheData?.search,
-        cacheData?.hash || location.hash,
-      )
-      removeBrowserSession(state)
-
-      return res
-    } catch (error) {
-      return { data, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-signinwithoauth
-   * 生成第三方平台授权 Uri （如微信二维码扫码授权网页）
-   * @param params
-   * @returns Promise<SignInOAuthRes>
-   */
-  async signInWithOAuth(params: SignInWithOAuthReq): Promise<SignInOAuthRes> {
-    try {
-      // 参数校验：provider必填
-      this.validateParams(params, {
-        provider: { required: true, message: 'Provider is required' },
-      })
-
-      const href = params.options?.redirectTo || location.href
-
-      const urlObject = new URL(href)
-
-      const provider_redirect_uri = urlObject.origin + urlObject.pathname
-
-      const state = params.options?.state || `prd-${params.provider}-${Math.random().toString(36)
-        .slice(2)}`
-
-      const { uri } = await this.genProviderRedirectUri({
-        provider_id: params.provider,
-        provider_redirect_uri,
-        state,
-      })
-
-      // 对 URL 进行解码
-      const decodedUri = decodeURIComponent(uri)
-
-      // 合并额外的查询参数
-      let finalUri = decodedUri
-
-      if (params.options?.queryParams) {
-        const url = new URL(decodedUri)
-        Object.entries(params.options.queryParams).forEach(([key, value]) => {
-          url.searchParams.set(key, value)
-        })
-        finalUri = url.toString()
-      }
-
-      saveToBrowserSession(state, {
-        provider: params.provider,
-        search: urlObject.search,
-        hash: urlObject.hash,
-        type: params.options?.type || OAUTH_TYPE.SIGN_IN,
-      })
-
-      if (isBrowser() && !params.options?.skipBrowserRedirect) {
-        window.location.assign(finalUri)
-      }
-
-      return { data: { url: finalUri, provider: params.provider }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  // https://supabase.com/docs/reference/javascript/auth-signinwithsso
-  async signInWithSSO() {
-    //
-  }
-
-  // https://supabase.com/docs/reference/javascript/auth-signinwithweb3
-  async signInWithWeb3() {
-    //
-  }
-
-  // https://supabase.com/docs/reference/javascript/auth-getclaims
-  async getClaims(): Promise<GetClaimsRes> {
-    try {
-      const { accessToken } = await this.getAccessToken()
-      const parsedToken = weappJwtDecodeAll(accessToken)
-      return { data: parsedToken, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-resetpasswordforemail
-   * 通过 email 或手机号重置密码
-   * const { data } = await app.auth.resetPasswordForEmail("xxx@xx.com");
-   * const { data } = await app.auth.resetPasswordForEmail("13800138000");
-
-     await data.updateUser(code, newPassWord);
-   *
-   * @param emailOrPhone 邮箱或手机号
-   * @returns Promise<ResetPasswordForEmailRes>
-   */
-  async resetPasswordForEmail(
-    emailOrPhone: string,
-    options?: { redirectTo?: string },
-  ): Promise<ResetPasswordForEmailRes> {
-    try {
-      // 参数校验：emailOrPhone必填
-      this.validateParams(
-        { emailOrPhone },
-        {
-          emailOrPhone: { required: true, message: 'Email or phone is required' },
-        },
-      )
-
-      const { redirectTo } = options || {}
-
-      // 判断是邮箱还是手机号
-      const isEmail = emailOrPhone.includes('@')
-      let verificationParams: { email?: string; phone_number?: string }
-
-      if (isEmail) {
-        verificationParams = { email: emailOrPhone }
-      } else {
-        // 正规化手机号
-        const formattedPhone = this.formatPhone(emailOrPhone)
-        verificationParams = { phone_number: formattedPhone }
-      }
-
-      // 第一步：发送验证码并存储 verificationInfo
-      const verificationInfo = await this.getVerification(verificationParams)
-
-      return {
-        data: {
-          // 第二步：等待用户输入验证码（通过 Promise 包装用户输入事件）
-          updateUser: async (attributes: UpdateUserAttributes): Promise<SignInRes> => {
-            this.validateParams(attributes, {
-              nonce: { required: true, message: 'Nonce is required' },
-              password: { required: true, message: 'Password is required' },
-            })
-            try {
-              // 第三步：待用户输入完验证码之后，验证验证码
-              const verificationTokenRes = await this.verify({
-                verification_id: verificationInfo.verification_id,
-                verification_code: attributes.nonce,
-              })
-
-              await this.oauthInstance.authApi.resetPassword({
-                email: isEmail ? emailOrPhone : undefined,
-                phone: !isEmail ? emailOrPhone : undefined,
-                new_password: attributes.password,
-                verification_token: verificationTokenRes.verification_token,
-              })
-
-              this.config.eventBus?.fire(EVENTS.AUTH_STATE_CHANGED, { event: AUTH_STATE_CHANGED_TYPE.PASSWORD_RECOVERY })
-
-              const res = await this.signInWithPassword({
-                email: isEmail ? emailOrPhone : undefined,
-                phone: !isEmail ? emailOrPhone : undefined,
-                password: attributes.password,
-              })
-
-              if (redirectTo && isBrowser()) {
-                window.location.assign(redirectTo)
-              }
-
-              return res
-            } catch (error) {
-              return { data: {}, error: new AuthError(error) }
-            }
-          },
-        },
-        error: null,
-      }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * 通过旧密码重置密码
-   * @param new_password
-   * @param old_password
-   * @returns
-   */
-  async resetPasswordForOld(params: ResetPasswordForOldReq) {
-    try {
-      await this.oauthInstance.authApi.updatePasswordByOld({
-        old_password: params.old_password,
-        new_password: params.new_password,
-      })
-
-      const { data: { session } = {} } = await this.getSession()
-
-      return { data: { user: session.user, session }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-verifyotp
-   * Log in a user given a User supplied OTP and verificationId received through mobile or email.
-   * const verificationInfo = await app.auth.getVerification({
-      phone: "xxxxxx",
-    });
-
-    const data = await app.auth.verifyOtp({
-      type: "sms",
-      phone: "xxxxxx",
-      token: "xxxxxx",
-      verificationInfo,
-    })
-   * @param params
-   * @returns Promise<SignInRes>
-   */
-  async verifyOtp(params: VerifyOtpReq): Promise<SignInRes> {
-    try {
-      const { type } = params
-      // 参数校验：token和verificationInfo必填
-      this.validateParams(params, {
-        token: { required: true, message: 'Token is required' },
-        messageId: { required: true, message: 'messageId is required' },
-      })
-
-      if (['phone_change', 'email_change'].includes(type)) {
-        await this.verify({
-          verification_id: params.messageId,
-          verification_code: params.token,
-        })
-      } else {
-        await this.signInWithUsername({
-          verificationInfo: { verification_id: params.messageId, is_user: true },
-          verificationCode: params.token,
-          username: params.email || this.formatPhone(params.phone) || '',
-          loginType: params.email ? 'email' : 'phone',
-        })
-      }
-
-      const { data: { session } = {} } = await this.getSession()
-
-      return { data: { user: session.user, session }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-getSession
-   * Returns the session, refreshing it if necessary.
-   * The session returned can be null if the session is not detected which can happen in the event a user is not signed-in or has logged out.
-   * const { data } = await app.auth.getSession()
-   * @returns Promise<SignInRes>
-   */
-  async getSession(): Promise<SignInRes> {
-    try {
-      const credentials: Credentials = await this.oauthInstance.oauth2client.getCredentials()
-
-      if (!credentials || credentials.scope === 'accessKey') {
-        return { data: { session: null }, error: null }
-      }
-
-      const { data: { user } = {} } = await this.getUser()
-
-      return { data: { session: { ...credentials, user } }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-refreshsession
-   * 无论过期状态如何，都返回一个新的会话。接受一个可选的refresh_token。如果未传入当前会话，则refreshSession()将尝试从getSession()中检索它。如果当前会话的刷新令牌无效，则会抛出一个错误。
-   * const { data } = await app.auth.refreshSession()
-   * @param refresh_token
-   * @returns Promise<SignInRes>
-   */
-  async refreshSession(refresh_token?: string): Promise<SignInRes> {
-    try {
-      const credentials: Credentials = await this.oauthInstance.oauth2client.localCredentials.getCredentials()
-      credentials.refresh_token = refresh_token || credentials.refresh_token
-      const newTokens = await this.oauthInstance.oauth2client.refreshToken(credentials)
-      const { data: { user } = {} } = await this.getUser()
-
-      return { data: { user, session: { ...newTokens, user } }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-getuser
-   * 如果存在现有会话，则获取当前用户详细信息。此方法会向服务器发起网络请求，因此返回的值是真实的，可用于制定授权规则。
-   * const { data } = await app.auth.getUser()
-   * @returns Promise<GetUserRes>
-   */
-  async getUser(): Promise<GetUserRes> {
-    try {
-      const user = this.convertToUser(await this.getUserInfo())
-      return { data: { user }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * 刷新用户信息
-   * @returns Promise<CommonRes>
-   */
-  async refreshUser(): Promise<CommonRes> {
-    try {
-      await this.currentUser.refresh()
-
-      const { data: { session } = {} } = await this.getSession()
-      return { data: { user: session.user, session }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-updateuser
-   * 更新用户信息
-   * - 不支持更新密码，更新密码请使用 resetPasswordForEmail 或 reauthenticate
-   * - 如果更新 email 或 phone，需要先发送验证码，然后调用返回的 verifyOtp 回调进行验证
-   *
-   * // 更新不需要验证的字段
-   * const { data } = await app.auth.updateUser({
-      username: "xxx",
-      description: "xxx",
-      avatar_url: "xxx",
-      nickname: "xxx",
-      gender: 'MALE'
-    })
-   *
-   * // 更新 email 或 phone（需要验证）
-   * const { data } = await app.auth.updateUser({
-      email: "new@example.com"
-    })
-   * // 调用 verifyOtp 回调验证
-   * await data.verifyOtp({ email: "new@example.com", token: "123456" })
-   *
-   * @param params
-   * @returns Promise<GetUserRes | UpdateUserWithVerificationRes>
-   */
-  async updateUser(params: UpdateUserReq): Promise<GetUserRes | UpdateUserWithVerificationRes> {
-    try {
-      // 参数校验：至少有一个更新字段被提供
-      const hasValue = Object.keys(params).some(key => params[key] !== undefined && params[key] !== null && params[key] !== '',)
-      if (!hasValue) {
-        throw new AuthError({ message: 'At least one field must be provided for update' })
-      }
-
-      const { email, phone, ...restParams } = params
-
-      // 检查是否需要更新 email 或 phone
-      const needsEmailVerification = email !== undefined
-      const needsPhoneVerification = phone !== undefined
-
-      let extraRes = {}
-
-      if (needsEmailVerification || needsPhoneVerification) {
-        // 需要发送验证码
-        let verificationParams: { email?: string; phone_number?: string }
-        let verificationType: 'email_change' | 'phone_change'
-
-        if (needsEmailVerification) {
-          verificationParams = { email: params.email }
-          verificationType = 'email_change'
-        } else {
-          // 正规化手机号
-          const formattedPhone = this.formatPhone(params.phone)
-          verificationParams = { phone_number: formattedPhone }
-          verificationType = 'phone_change'
-        }
-
-        // 发送验证码
-        const verificationInfo = await this.getVerification(verificationParams)
-
-        Object.keys(restParams).length > 0 && await this.updateUserBasicInfo(restParams)
-
-        extraRes = {
-          messageId: verificationInfo.verification_id,
-          verifyOtp: async (verifyParams: { email?: string; phone?: string; token: string }): Promise<GetUserRes> => {
-            try {
-              if (verifyParams.email && params.email === verifyParams.email) {
-                // 验证码验证
-                await this.verifyOtp({
-                  type: 'email_change',
-                  email: params.email,
-                  token: verifyParams.token,
-                  messageId: verificationInfo.verification_id,
-                })
-                await this.updateUserBasicInfo({ email: params.email })
-              } else if (verifyParams.phone && params.phone === verifyParams.phone) {
-                // 验证码验证
-                await this.verifyOtp({
-                  type: 'phone_change',
-                  phone: params.phone,
-                  token: verifyParams.token,
-                  messageId: verificationInfo.verification_id,
-                })
-                await this.updateUserBasicInfo({ phone: this.formatPhone(params.phone) })
-              } else {
-                await this.verifyOtp({
-                  type: verificationType,
-                  email: needsEmailVerification ? params.email : undefined,
-                  phone: !needsEmailVerification ? params.phone : undefined,
-                  token: verifyParams.token,
-                  messageId: verificationInfo.verification_id,
-                })
-                // 验证成功后更新用户信息
-                await this.updateUserBasicInfo(params)
-              }
-
-              const {
-                data: { user },
-              } = await this.getUser()
-              this.config.eventBus?.fire(EVENTS.AUTH_STATE_CHANGED, { event: AUTH_STATE_CHANGED_TYPE.USER_UPDATED })
-
-              return { data: { user }, error: null }
-            } catch (error) {
-              return { data: {}, error: new AuthError(error) }
-            }
-          },
-        }
-      } else {
-        // 不需要验证，直接更新
-        await this.updateUserBasicInfo(params)
-      }
-      const {
-        data: { user },
-      } = await this.getUser()
-      this.config.eventBus?.fire(EVENTS.AUTH_STATE_CHANGED, { event: AUTH_STATE_CHANGED_TYPE.USER_UPDATED })
-
-      return { data: { user, ...extraRes }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-getuseridentities
-   * 获取所有身份源
-   * const { data } = await app.auth.getUserIdentities()
-   * @returns Promise<GetUserIdentitiesRes>
-   */
-  async getUserIdentities(): Promise<GetUserIdentitiesRes> {
-    try {
-      const providers = await this.oauthInstance.authApi.getProviders()
-
-      return { data: { identities: providers?.data?.filter(v => !!v.bind) }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-linkidentity
-   * 绑定身份源到当前用户，如果已有用户绑定该身份源，会抛出错误
-   * const { data } = await app.auth.linkIdentity({
-      provider: 'string'
-    })
-   * @param params
-   * @returns Promise<LinkIdentityRes>
-   */
-  async linkIdentity(params: LinkIdentityReq): Promise<LinkIdentityRes> {
-    try {
-      // 参数校验：provider必填
-      this.validateParams(params, {
-        provider: { required: true, message: 'Provider is required' },
-      })
-
-      await this.signInWithOAuth({
-        provider: params.provider,
-        options: {
-          type: OAUTH_TYPE.BIND_IDENTITY,
-        },
-      })
-
-      return { data: { provider: params.provider }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-unlinkidentity
-   * 解绑身份源
-   * const { data } = await app.auth.unlinkIdentity({
-      provider: "xxx"
-    })
-   * @param params
-   * @returns Promise<CommonRes>
-   */
-  async unlinkIdentity(params: UnlinkIdentityReq): Promise<CommonRes> {
-    try {
-      // 参数校验：provider必填
-      this.validateParams(params, {
-        provider: { required: true, message: 'Provider is required' },
-      })
-
-      await this.oauthInstance.authApi.unbindProvider({ provider_id: params.provider })
-
-      return { data: {}, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-reauthentication
-   * 重新认证。通过发送验证码来重新认证用户身份，支持更新密码
-   * const { data } = await app.auth.reauthenticate()
-
-     await data.updateUser(code, newPassWord)
-   *
-   * @returns Promise<ReauthenticateRes>
-   */
-  async reauthenticate(): Promise<ReauthenticateRes> {
-    try {
-      const {
-        data: { user },
-      } = await this.getUser()
-
-      this.validateAtLeastOne(user, [['email', 'phone']], 'You must provide either an email or phone number')
-      const userInfo = user.email ? { email: user.email } : { phone_number: this.formatPhone(user.phone) }
-
-      // 第一步：发送验证码并存储 verificationInfo
-      const verificationInfo = await this.getVerification(userInfo)
-
-      return {
-        data: {
-          // 第二步：等待用户输入验证码（通过 Promise 包装用户输入事件）
-          updateUser: async (attributes: UpdateUserAttributes): Promise<SignInRes> => {
-            this.validateParams(attributes, {
-              nonce: { required: true, message: 'Nonce is required' },
-            })
-            try {
-              if (attributes.password) {
-                // 第三步：待用户输入完验证码之后，验证验证码
-                const verificationTokenRes = await this.verify({
-                  verification_id: verificationInfo.verification_id,
-                  verification_code: attributes.nonce,
-                })
-
-                // 第四步：获取 sudo_token
-                const sudoRes = await this.oauthInstance.authApi.sudo({
-                  verification_token: verificationTokenRes.verification_token,
-                })
-
-                await this.oauthInstance.authApi.setPassword({
-                  new_password: attributes.password,
-                  sudo_token: sudoRes.sudo_token,
-                })
-              } else {
-                await this.signInWithUsername({
-                  verificationInfo,
-                  verificationCode: attributes.nonce,
-                  ...userInfo,
-                  loginType: userInfo.email ? 'email' : 'phone',
-                })
-              }
-
-              const { data: { session } = {} } = await this.getSession()
-
-              return { data: { user: session.user, session }, error: null }
-            } catch (error) {
-              return { data: {}, error: new AuthError(error) }
-            }
-          },
-        },
-        error: null,
-      }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-resend
-   * 重新发送验证码
-   * - 向用户重新发送邮箱、手机号注册或登录的验证码。
-   * - 可以通过再次调用 signInWithOtp() 方法来重新发送验证码登录。
-   * - 可以通过再次调用 signUp() 方法来重新发送验证码注册。
-   * - 此方法仅在调用 signInWithOtp() 或 signUp() 后，重新发送验证码，收到验证码后再继续调用 signInWithOtp() 或 signUp() 的callback参数，将messageId传入callback。
-   * const result = await app.auth.signInWithOtp({ phone: "xxx" });
-
-    let signResolve = result.data.verify
-
-    const { data } = await app.auth.resend({
-      type: "signup",
-      phone: "xxx",
-    })
-
-    const res = await signResolve(code, data.messageId);
-   * @param params
-   * @returns Promise<ResendRes>
-   */
-  async resend(params: ResendReq): Promise<ResendRes> {
-    try {
-      // 参数校验：email或phone必填其一
-      this.validateAtLeastOne(params, [['email'], ['phone']], 'You must provide either an email or phone number')
-
-      const target = params.type === 'signup' ? 'ANY' : 'USER'
-      const data: { email?: string; phone_number?: string; target: 'USER' | 'ANY' } = { target }
-      if ('email' in params) {
-        data.email = params.email
-      }
-
-      if ('phone' in params) {
-        data.phone_number = this.formatPhone(params.phone)
-      }
-
-      // 重新发送验证码
-      const { verification_id: verificationId } = await this.oauthInstance.authApi.getVerification(data)
-
-      return {
-        data: { messageId: verificationId },
-        error: null,
-      }
-    } catch (error: any) {
-      return {
-        data: {},
-        error: new AuthError(error),
-      }
-    }
-  }
-
-  /**
-   * https://supabase.com/docs/reference/javascript/auth-setsession
-   * 使用access_token和refresh_token来设置会话
-   * 如果成功，则会触发一个SIGNED_IN事件
-   * const { data, error } = await app.auth.setSession({
-      access_token,
-      refresh_token
-    })
-   * @param params
-   * @returns Promise<SignInRes>
-   */
-  async setSession(params: SetSessionReq): Promise<SignInRes> {
-    try {
-      this.validateParams(params, {
-        access_token: { required: true, message: 'Access token is required' },
-        refresh_token: { required: true, message: 'Refresh token is required' },
-      })
-
-      await this.oauthInstance.oauth2client.refreshToken(params, { throwOnError: true })
-
-      const { data: { session } = {} } = await this.getSession()
-
-      this.config.eventBus?.fire(EVENTS.AUTH_STATE_CHANGED, { event: AUTH_STATE_CHANGED_TYPE.SIGNED_IN })
-
-      return { data: { user: session.user, session }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  // https://supabase.com/docs/reference/javascript/auth-exchangecodeforsession
-  async exchangeCodeForSession() {
-    //
-  }
-
-  /**
-   * 删除当前用户
-   * @param params
-   * @returns
-   */
-  async deleteUser(params: DeleteMeReq): Promise<CommonRes> {
-    try {
-      this.validateParams(params, {
-        password: { required: true, message: 'Password is required' },
-      })
-
-      const { sudo_token } = await this.oauthInstance.authApi.sudo(params)
-
-      await this.oauthInstance.authApi.deleteMe({ sudo_token })
-
-      return { data: {}, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * 跳转系统默认登录页
-   * @returns {Promise<authModels.ToDefaultLoginPage>}
-   * @memberof Auth
-   */
-  async toDefaultLoginPage(params: authModels.ToDefaultLoginPage = {}): Promise<CommonRes> {
-    try {
-      const configVersion = params.config_version || 'env'
-      const query = Object.keys(params.query || {})
-        .map(key => `${key}=${params.query[key]}`)
-        .join('&')
-
-      if (adapterForWxMp.isMatch()) {
-        wx.navigateTo({ url: `/packages/$wd_system/pages/login/index${query ? `?${query}` : ''}` })
-      } else {
-        const redirectUri = params.redirect_uri || window.location.href
-        const urlObj = new URL(redirectUri)
-        const loginPage = `${urlObj.origin}/__auth/?app_id=${params.app_id || ''}&env_id=${this.config.env}&client_id=${
-          this.config.clientId || this.config.env
-        }&config_version=${configVersion}&redirect_uri=${encodeURIComponent(redirectUri)}${query ? `&${query}` : ''}`
-        window.location.href = loginPage
-      }
-      return { data: {}, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * 自定义登录
-   * @param getTickFn () => Promise<string>, 获取自定义登录 ticket 的函数
-   * @returns
-   */
-  async signInWithCustomTicket(getTickFn?: authModels.GetCustomSignTicketFn): Promise<SignInRes> {
-    if (getTickFn) {
-      this.setCustomSignFunc(getTickFn)
-    }
-
-    try {
-      await this.oauthInstance.authApi.signInWithCustomTicket()
-      const loginState = await this.createLoginState()
-
-      const { data: { session } = {} } = await this.getSession()
-
-      // loginState返回是为了兼容v2版本
-      return { ...(loginState as any), data: { user: session.user, session }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * 小程序openId静默登录
-   * @param params
-   * @returns Promise<SignInRes>
-   */
-  async signInWithOpenId({ useWxCloud = true } = {}): Promise<SignInRes> {
-    if (!adapterForWxMp.isMatch()) {
-      throw Error('wx api undefined')
-    }
-    const wxInfo = wx.getAccountInfoSync().miniProgram
-
-    const mainFunc = async (code) => {
-      let result: authModels.GrantProviderTokenResponse | undefined = undefined
-      let credentials: Credentials | undefined = undefined
-
-      try {
-        result = await this.oauthInstance.authApi.grantProviderToken(
-          {
-            provider_id: wxInfo?.appId,
-            provider_code: code,
-            provider_params: {
-              provider_code_type: 'open_id',
-              appid: wxInfo?.appId,
-            },
-          },
-          useWxCloud,
-        )
-
-        if ((result as any)?.error_code || !result.provider_token) {
-          throw result
-        }
-
-        credentials = await this.oauthInstance.authApi.signInWithProvider(
-          { provider_token: result.provider_token },
-          useWxCloud,
-        )
-
-        if ((credentials as any)?.error_code) {
-          throw credentials
-        }
-      } catch (error) {
-        throw error
-      }
-      await this.oauthInstance.oauth2client.setCredentials(credentials as Credentials)
-    }
-
-    try {
-      await new Promise((resolve, reject) => {
-        wx.login({
-          success: async (res: { code: string }) => {
-            try {
-              await mainFunc(res.code)
-              resolve(true)
-            } catch (error) {
-              reject(error)
-            }
-          },
-          fail: (res: any) => {
-            const error = new Error(res?.errMsg)
-            ;(error as any).code = res?.errno
-            reject(error)
-          },
-        })
-      })
-
-      const loginState = await this.createLoginState()
-
-      const { data: { session } = {} } = await this.getSession()
-
-      // loginState返回是为了兼容v2版本
-      return { ...(loginState as any), data: { user: session.user, session }, error: null }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-  }
-
-  /**
-   * 小程序手机号授权登录，目前只支持全托管手机号授权登录
-   * @param params
-   * @returns Promise<SignInRes>
-   */
-  async signInWithPhoneAuth({ phoneCode = '' }): Promise<SignInRes> {
-    if (!adapterForWxMp.isMatch()) {
-      return { data: {}, error: new AuthError({ message: 'wx api undefined' }) }
-    }
-    const wxInfo = wx.getAccountInfoSync().miniProgram
-    const providerInfo = {
-      provider_params: { provider_code_type: 'phone' },
-      provider_id: wxInfo.appId,
-    }
-
-    const { code } = await wx.login()
-    ;(providerInfo as any).provider_code = code
-
-    try {
-      let providerToken = await this.oauthInstance.authApi.grantProviderToken(providerInfo)
-      if (providerToken.error_code) {
-        throw providerToken
-      }
-
-      providerToken = await this.oauthInstance.authApi.patchProviderToken({
-        provider_token: providerToken.provider_token,
-        provider_id: wxInfo.appId,
-        provider_params: {
-          code: phoneCode,
-          provider_code_type: 'phone',
-        },
-      })
-      if (providerToken.error_code) {
-        throw providerToken
-      }
-
-      const signInRes = await this.oauthInstance.authApi.signInWithProvider({
-        provider_token: providerToken.provider_token,
-      })
-
-      if ((signInRes as any)?.error_code) {
-        throw signInRes
-      }
-    } catch (error) {
-      return { data: {}, error: new AuthError(error) }
-    }
-
-    const loginState = await this.createLoginState()
-
-    const { data: { session } = {} } = await this.getSession()
-
-    // loginState返回是为了兼容v2版本
-    return { ...(loginState as any), data: { user: session.user, session }, error: null }
-  }
-
-  private formatPhone(phone: string) {
-    if (!/\s+/.test(phone) && /^\+\d{1,3}\d+/.test(phone)) {
-      return phone.replace(/^(\+\d{1,2})(\d+)$/, '$1 $2')
-    }
-    return /^\+\d{1,3}\s+/.test(phone) ? phone : `+86 ${phone}`
-  }
-
-  private notifyListeners(event, session, info): OnAuthStateChangeCallback {
-    this.listeners.forEach((callbacks) => {
-      callbacks.forEach((callback) => {
-        try {
-          callback(event, session, info)
-        } catch (error) {
-          console.error('Error in auth state change callback:', error)
-        }
-      })
-    })
-    return
-  }
-
-  private async init(): Promise<{ error: Error | null }> {
-    try {
-      const credentials: Credentials = await this.oauthInstance.oauth2client.localCredentials.getCredentials()
-      if (credentials) {
-        this.config.eventBus?.fire(EVENTS.AUTH_STATE_CHANGED, { event: AUTH_STATE_CHANGED_TYPE.INITIAL_SESSION })
-      }
-    } catch (error) {
-      // Ignore errors when checking for existing credentials
-    }
-
-    return { error: null }
-  }
-
-  private setupListeners() {
-    this.config.eventBus?.on(EVENTS.AUTH_STATE_CHANGED, async (params) => {
-      const event = params?.data?.event
-      const info = params?.data?.info
-      const {
-        data: { session },
-      } = await this.getSession()
-
-      this.notifyListeners(event, session, info)
-    })
-  }
-
-  private convertToUser(userInfo: authModels.UserInfo & Partial<User>) {
-    if (!userInfo) return null
-
-    // 优先使用 userInfo 中的数据（V3 API）
-    const email = userInfo?.email || userInfo?.username
-    const phone = userInfo?.phone_number
-    const userId = userInfo?.sub || userInfo?.uid || ''
-
-    return {
-      id: userId,
-      aud: 'authenticated',
-      role: userInfo.groups,
-      email: email || '',
-      email_confirmed_at: userInfo?.email_verified ? userInfo.created_at : userInfo.created_at,
-      phone,
-      phone_confirmed_at: phone ? userInfo.created_at : undefined,
-      confirmed_at: userInfo.created_at,
-      last_sign_in_at: userInfo.last_sign_in_at,
-      app_metadata: {
-        provider: userInfo.loginType?.toLowerCase() || 'cloudbase',
-        providers: [userInfo.loginType?.toLowerCase() || 'cloudbase'],
-      },
-      user_metadata: {
-        // V3 API 用户信息
-        name: userInfo?.name,
-        picture: userInfo?.picture,
-        username: userInfo?.username, // 用户名称，长度 5-24 位，支持字符中英文、数字、特殊字符（仅支持_-），不支持中文
-        gender: userInfo?.gender,
-        locale: userInfo?.locale,
-        // V2 API 兼容（使用 any 避免类型错误）
-        uid: userInfo.uid,
-        nickName: userInfo.nickName,
-        avatarUrl: userInfo.avatarUrl || userInfo.picture,
-        location: userInfo.location,
-        hasPassword: userInfo.hasPassword,
-      },
-      identities:
-        userInfo?.providers?.map(p => ({
-          id: p.id || '',
-          identity_id: p.id || '',
-          user_id: userId,
-          identity_data: {
-            provider_id: p.id,
-            provider_user_id: p.provider_user_id,
-            name: p.name,
-          },
-          provider: p.id || 'cloudbase',
-          created_at: userInfo.created_at,
-          updated_at: userInfo.updated_at,
-          last_sign_in_at: userInfo.last_sign_in_at,
-        })) || [],
-      created_at: userInfo.created_at,
-      updated_at: userInfo.updated_at,
-      is_anonymous: userInfo.name === 'anonymous',
-    }
-  }
-
-  /**
-   * 参数校验辅助方法
-   */
-  private validateParams(params: any, rules: { [key: string]: { required?: boolean; message: string } }): void {
-    for (const [key, rule] of Object.entries(rules)) {
-      if (rule.required && (params?.[key] === undefined || params?.[key] === null || params?.[key] === '')) {
-        throw new AuthError({ message: rule.message })
-      }
-    }
-  }
-
-  /**
-   * 校验必填参数组（至少有一个参数必须有值）
-   */
-  private validateAtLeastOne(params: any, fieldGroups: string[][], message: string): void {
-    const hasValue = fieldGroups.some(group => group.some(field => params?.[field] !== undefined && params?.[field] !== null && params?.[field] !== ''),)
-
-    if (!hasValue) {
-      throw new AuthError({ message })
-    }
-  }
-}