@codefox-inc/oauth-provider 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +201 -0
- package/README.md +572 -0
- package/dist/client/_generated/_ignore.d.ts +1 -0
- package/dist/client/_generated/_ignore.d.ts.map +1 -0
- package/dist/client/_generated/_ignore.js +3 -0
- package/dist/client/_generated/_ignore.js.map +1 -0
- package/dist/client/auth-config.d.ts +85 -0
- package/dist/client/auth-config.d.ts.map +1 -0
- package/dist/client/auth-config.js +81 -0
- package/dist/client/auth-config.js.map +1 -0
- package/dist/client/auth-helper.d.ts +81 -0
- package/dist/client/auth-helper.d.ts.map +1 -0
- package/dist/client/auth-helper.js +97 -0
- package/dist/client/auth-helper.js.map +1 -0
- package/dist/client/index.d.ts +189 -0
- package/dist/client/index.d.ts.map +1 -0
- package/dist/client/index.js +230 -0
- package/dist/client/index.js.map +1 -0
- package/dist/client/routes.d.ts +94 -0
- package/dist/client/routes.d.ts.map +1 -0
- package/dist/client/routes.js +113 -0
- package/dist/client/routes.js.map +1 -0
- package/dist/component/_generated/api.d.ts +44 -0
- package/dist/component/_generated/api.d.ts.map +1 -0
- package/dist/component/_generated/api.js +31 -0
- package/dist/component/_generated/api.js.map +1 -0
- package/dist/component/_generated/component.d.ts +123 -0
- package/dist/component/_generated/component.d.ts.map +1 -0
- package/dist/component/_generated/component.js +11 -0
- package/dist/component/_generated/component.js.map +1 -0
- package/dist/component/_generated/dataModel.d.ts +46 -0
- package/dist/component/_generated/dataModel.d.ts.map +1 -0
- package/dist/component/_generated/dataModel.js +11 -0
- package/dist/component/_generated/dataModel.js.map +1 -0
- package/dist/component/_generated/server.d.ts +121 -0
- package/dist/component/_generated/server.d.ts.map +1 -0
- package/dist/component/_generated/server.js +78 -0
- package/dist/component/_generated/server.js.map +1 -0
- package/dist/component/clientManagement.d.ts +39 -0
- package/dist/component/clientManagement.d.ts.map +1 -0
- package/dist/component/clientManagement.js +169 -0
- package/dist/component/clientManagement.js.map +1 -0
- package/dist/component/constants.d.ts +31 -0
- package/dist/component/constants.d.ts.map +1 -0
- package/dist/component/constants.js +36 -0
- package/dist/component/constants.js.map +1 -0
- package/dist/component/convex.config.d.ts +3 -0
- package/dist/component/convex.config.d.ts.map +1 -0
- package/dist/component/convex.config.js +3 -0
- package/dist/component/convex.config.js.map +1 -0
- package/dist/component/handlers.d.ts +143 -0
- package/dist/component/handlers.d.ts.map +1 -0
- package/dist/component/handlers.js +624 -0
- package/dist/component/handlers.js.map +1 -0
- package/dist/component/mutations.d.ts +111 -0
- package/dist/component/mutations.d.ts.map +1 -0
- package/dist/component/mutations.js +459 -0
- package/dist/component/mutations.js.map +1 -0
- package/dist/component/queries.d.ts +127 -0
- package/dist/component/queries.d.ts.map +1 -0
- package/dist/component/queries.js +145 -0
- package/dist/component/queries.js.map +1 -0
- package/dist/component/schema.d.ts +116 -0
- package/dist/component/schema.d.ts.map +1 -0
- package/dist/component/schema.js +77 -0
- package/dist/component/schema.js.map +1 -0
- package/dist/component/token_security.d.ts +53 -0
- package/dist/component/token_security.d.ts.map +1 -0
- package/dist/component/token_security.js +91 -0
- package/dist/component/token_security.js.map +1 -0
- package/dist/lib/convex-types.d.ts +21 -0
- package/dist/lib/convex-types.d.ts.map +1 -0
- package/dist/lib/convex-types.js +2 -0
- package/dist/lib/convex-types.js.map +1 -0
- package/dist/lib/oauth.d.ts +123 -0
- package/dist/lib/oauth.d.ts.map +1 -0
- package/dist/lib/oauth.js +295 -0
- package/dist/lib/oauth.js.map +1 -0
- package/dist/react/index.d.ts +2 -0
- package/dist/react/index.d.ts.map +1 -0
- package/dist/react/index.js +6 -0
- package/dist/react/index.js.map +1 -0
- package/package.json +121 -0
- package/src/client/__tests__/auth-config.test.ts +244 -0
- package/src/client/__tests__/auth-helper.test.ts +273 -0
- package/src/client/__tests__/oauth-provider.test.ts +418 -0
- package/src/client/__tests__/routes.test.ts +428 -0
- package/src/client/_generated/_ignore.ts +1 -0
- package/src/client/auth-config.ts +157 -0
- package/src/client/auth-helper.ts +201 -0
- package/src/client/index.ts +326 -0
- package/src/client/routes.ts +251 -0
- package/src/component/__tests__/oauth.test.ts +3310 -0
- package/src/component/__tests__/rfc-compliance.test.ts +788 -0
- package/src/component/__tests__/token-security.test.ts +133 -0
- package/src/component/_generated/api.ts +60 -0
- package/src/component/_generated/component.ts +201 -0
- package/src/component/_generated/dataModel.ts +60 -0
- package/src/component/_generated/server.ts +156 -0
- package/src/component/clientManagement.ts +189 -0
- package/src/component/constants.ts +40 -0
- package/src/component/convex.config.ts +3 -0
- package/src/component/handlers.ts +964 -0
- package/src/component/mutations.ts +531 -0
- package/src/component/queries.ts +165 -0
- package/src/component/schema.ts +92 -0
- package/src/component/token_security.ts +102 -0
- package/src/lib/__tests__/oauth-helpers.test.ts +143 -0
- package/src/lib/__tests__/oauth-jwt.test.ts +405 -0
- package/src/lib/convex-types.ts +37 -0
- package/src/lib/oauth.ts +412 -0
- package/src/react/index.ts +7 -0
- package/src/test.ts +21 -0
|
@@ -0,0 +1,143 @@
|
|
|
1
|
+
import type { ActionCtx } from "./_generated/server";
|
|
2
|
+
import type { OAuthConfig, UserProfile } from "../lib/oauth.js";
|
|
3
|
+
import type { RunQueryCtx, RunMutationCtx } from "../lib/convex-types.js";
|
|
4
|
+
/**
|
|
5
|
+
* Component API references (passed from SDK)
|
|
6
|
+
*
|
|
7
|
+
* Note: Uses RunQueryCtx/RunMutationCtx as the base context types.
|
|
8
|
+
* ActionCtx extends these types, so handlers can pass ActionCtx to these functions.
|
|
9
|
+
*/
|
|
10
|
+
export interface OAuthComponentAPI {
|
|
11
|
+
queries: {
|
|
12
|
+
getClient: (ctx: RunQueryCtx, args: {
|
|
13
|
+
clientId: string;
|
|
14
|
+
}) => Promise<{
|
|
15
|
+
clientId: string;
|
|
16
|
+
type: "confidential" | "public";
|
|
17
|
+
redirectUris: string[];
|
|
18
|
+
allowedScopes: string[];
|
|
19
|
+
} | null>;
|
|
20
|
+
getRefreshToken: (ctx: RunQueryCtx, args: {
|
|
21
|
+
refreshToken: string;
|
|
22
|
+
}) => Promise<{
|
|
23
|
+
refreshToken?: string;
|
|
24
|
+
clientId: string;
|
|
25
|
+
userId: string;
|
|
26
|
+
scopes: string[];
|
|
27
|
+
refreshTokenExpiresAt?: number;
|
|
28
|
+
} | null>;
|
|
29
|
+
getTokensByUser: (ctx: RunQueryCtx, args: {
|
|
30
|
+
userId: string;
|
|
31
|
+
}) => Promise<Array<{
|
|
32
|
+
_id: string;
|
|
33
|
+
clientId: string;
|
|
34
|
+
userId: string;
|
|
35
|
+
scopes: string[];
|
|
36
|
+
accessTokenExpiresAt: number;
|
|
37
|
+
refreshTokenExpiresAt?: number;
|
|
38
|
+
}>>;
|
|
39
|
+
};
|
|
40
|
+
mutations: {
|
|
41
|
+
issueAuthorizationCode: (ctx: RunMutationCtx, args: {
|
|
42
|
+
clientId: string;
|
|
43
|
+
userId: string;
|
|
44
|
+
scopes: string[];
|
|
45
|
+
redirectUri: string;
|
|
46
|
+
codeChallenge: string;
|
|
47
|
+
codeChallengeMethod: string;
|
|
48
|
+
nonce?: string;
|
|
49
|
+
}) => Promise<string>;
|
|
50
|
+
consumeAuthCode: (ctx: RunMutationCtx, args: {
|
|
51
|
+
code: string;
|
|
52
|
+
clientId: string;
|
|
53
|
+
redirectUri?: string;
|
|
54
|
+
codeVerifier: string;
|
|
55
|
+
}) => Promise<{
|
|
56
|
+
userId: string;
|
|
57
|
+
scopes: string[];
|
|
58
|
+
codeChallenge: string;
|
|
59
|
+
codeChallengeMethod: string;
|
|
60
|
+
redirectUri: string;
|
|
61
|
+
nonce?: string;
|
|
62
|
+
codeHash: string;
|
|
63
|
+
}>;
|
|
64
|
+
saveTokens: (ctx: RunMutationCtx, args: {
|
|
65
|
+
accessToken: string;
|
|
66
|
+
refreshToken?: string;
|
|
67
|
+
clientId: string;
|
|
68
|
+
userId: string;
|
|
69
|
+
scopes: string[];
|
|
70
|
+
expiresAt: number;
|
|
71
|
+
refreshTokenExpiresAt?: number;
|
|
72
|
+
authorizationCode?: string;
|
|
73
|
+
}) => Promise<void>;
|
|
74
|
+
rotateRefreshToken: (ctx: RunMutationCtx, args: {
|
|
75
|
+
oldRefreshToken: string;
|
|
76
|
+
accessToken: string;
|
|
77
|
+
refreshToken: string;
|
|
78
|
+
clientId: string;
|
|
79
|
+
userId: string;
|
|
80
|
+
scopes: string[];
|
|
81
|
+
expiresAt: number;
|
|
82
|
+
refreshTokenExpiresAt: number;
|
|
83
|
+
}) => Promise<void>;
|
|
84
|
+
upsertAuthorization: (ctx: RunMutationCtx, args: {
|
|
85
|
+
userId: string;
|
|
86
|
+
clientId: string;
|
|
87
|
+
scopes: string[];
|
|
88
|
+
}) => Promise<string>;
|
|
89
|
+
updateAuthorizationLastUsed: (ctx: RunMutationCtx, args: {
|
|
90
|
+
userId: string;
|
|
91
|
+
clientId: string;
|
|
92
|
+
}) => Promise<void>;
|
|
93
|
+
};
|
|
94
|
+
clientManagement: {
|
|
95
|
+
registerClient: (ctx: RunMutationCtx, args: {
|
|
96
|
+
name: string;
|
|
97
|
+
redirectUris: string[];
|
|
98
|
+
scopes: string[];
|
|
99
|
+
type: "confidential" | "public";
|
|
100
|
+
website?: string;
|
|
101
|
+
logoUrl?: string;
|
|
102
|
+
tosUrl?: string;
|
|
103
|
+
policyUrl?: string;
|
|
104
|
+
}) => Promise<{
|
|
105
|
+
clientId: string;
|
|
106
|
+
clientSecret?: string;
|
|
107
|
+
clientIdIssuedAt: number;
|
|
108
|
+
}>;
|
|
109
|
+
verifyClientSecret: (ctx: RunMutationCtx, args: {
|
|
110
|
+
clientId: string;
|
|
111
|
+
clientSecret: string;
|
|
112
|
+
}) => Promise<boolean>;
|
|
113
|
+
};
|
|
114
|
+
}
|
|
115
|
+
/**
|
|
116
|
+
* Authorization Endpoint
|
|
117
|
+
*/
|
|
118
|
+
export declare function authorizeHandler(ctx: ActionCtx, request: Request, config: OAuthConfig, api: OAuthComponentAPI): Promise<Response>;
|
|
119
|
+
/**
|
|
120
|
+
* OpenID Configuration (Discovery Endpoint)
|
|
121
|
+
*/
|
|
122
|
+
export declare function openIdConfigurationHandler(_ctx: ActionCtx, request: Request, config: OAuthConfig): Promise<Response>;
|
|
123
|
+
/**
|
|
124
|
+
* JWKS Endpoint
|
|
125
|
+
*/
|
|
126
|
+
export declare function jwksHandler(_ctx: ActionCtx, request: Request, config: OAuthConfig): Promise<Response>;
|
|
127
|
+
/**
|
|
128
|
+
* Token Endpoint
|
|
129
|
+
*/
|
|
130
|
+
export declare function tokenHandler(ctx: ActionCtx, request: Request, config: OAuthConfig, api: OAuthComponentAPI): Promise<Response>;
|
|
131
|
+
/**
|
|
132
|
+
* UserInfo Endpoint
|
|
133
|
+
*/
|
|
134
|
+
export declare function userInfoHandler(ctx: ActionCtx, request: Request, config: OAuthConfig, getUserProfile: (userId: string) => Promise<UserProfile | null>): Promise<Response>;
|
|
135
|
+
/**
|
|
136
|
+
* Register Endpoint (Dynamic Client Registration)
|
|
137
|
+
*/
|
|
138
|
+
export declare function registerHandler(ctx: ActionCtx, request: Request, config: OAuthConfig, api: OAuthComponentAPI): Promise<Response>;
|
|
139
|
+
/**
|
|
140
|
+
* Protected Resource Metadata (RFC 9728)
|
|
141
|
+
*/
|
|
142
|
+
export declare function oauthProtectedResourceHandler(_ctx: ActionCtx, request: Request, config: OAuthConfig): Promise<Response>;
|
|
143
|
+
//# sourceMappingURL=handlers.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"handlers.d.ts","sourceRoot":"","sources":["../../src/component/handlers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAerD,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAChE,OAAO,KAAK,EAAgB,WAAW,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAwFxF;;;;;GAKG;AACH,MAAM,WAAW,iBAAiB;IAC9B,OAAO,EAAE;QACL,SAAS,EAAE,CAAC,GAAG,EAAE,WAAW,EAAE,IAAI,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAA;SAAE,KAAK,OAAO,CAAC;YACjE,QAAQ,EAAE,MAAM,CAAC;YACjB,IAAI,EAAE,cAAc,GAAG,QAAQ,CAAC;YAChC,YAAY,EAAE,MAAM,EAAE,CAAC;YACvB,aAAa,EAAE,MAAM,EAAE,CAAC;SAC3B,GAAG,IAAI,CAAC,CAAC;QACV,eAAe,EAAE,CAAC,GAAG,EAAE,WAAW,EAAE,IAAI,EAAE;YAAE,YAAY,EAAE,MAAM,CAAA;SAAE,KAAK,OAAO,CAAC;YAC3E,YAAY,CAAC,EAAE,MAAM,CAAC;YACtB,QAAQ,EAAE,MAAM,CAAC;YACjB,MAAM,EAAE,MAAM,CAAC;YACf,MAAM,EAAE,MAAM,EAAE,CAAC;YACjB,qBAAqB,CAAC,EAAE,MAAM,CAAC;SAClC,GAAG,IAAI,CAAC,CAAC;QACV,eAAe,EAAE,CAAC,GAAG,EAAE,WAAW,EAAE,IAAI,EAAE;YAAE,MAAM,EAAE,MAAM,CAAA;SAAE,KAAK,OAAO,CAAC,KAAK,CAAC;YAC3E,GAAG,EAAE,MAAM,CAAC;YACZ,QAAQ,EAAE,MAAM,CAAC;YACjB,MAAM,EAAE,MAAM,CAAC;YACf,MAAM,EAAE,MAAM,EAAE,CAAC;YACjB,oBAAoB,EAAE,MAAM,CAAC;YAC7B,qBAAqB,CAAC,EAAE,MAAM,CAAC;SAClC,CAAC,CAAC,CAAC;KACP,CAAC;IACF,SAAS,EAAE;QACP,sBAAsB,EAAE,CAAC,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE;YAChD,QAAQ,EAAE,MAAM,CAAC;YACjB,MAAM,EAAE,MAAM,CAAC;YACf,MAAM,EAAE,MAAM,EAAE,CAAC;YACjB,WAAW,EAAE,MAAM,CAAC;YACpB,aAAa,EAAE,MAAM,CAAC;YACtB,mBAAmB,EAAE,MAAM,CAAC;YAC5B,KAAK,CAAC,EAAE,MAAM,CAAC;SAClB,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;QACtB,eAAe,EAAE,CAAC,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE;YACzC,IAAI,EAAE,MAAM,CAAC;YACb,QAAQ,EAAE,MAAM,CAAC;YACjB,WAAW,CAAC,EAAE,MAAM,CAAC;YACrB,YAAY,EAAE,MAAM,CAAC;SACxB,KAAK,OAAO,CAAC;YACV,MAAM,EAAE,MAAM,CAAC;YACf,MAAM,EAAE,MAAM,EAAE,CAAC;YACjB,aAAa,EAAE,MAAM,CAAC;YACtB,mBAAmB,EAAE,MAAM,CAAC;YAC5B,WAAW,EAAE,MAAM,CAAC;YACpB,KAAK,CAAC,EAAE,MAAM,CAAC;YACf,QAAQ,EAAE,MAAM,CAAC;SACpB,CAAC,CAAC;QACH,UAAU,EAAE,CAAC,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE;YACpC,WAAW,EAAE,MAAM,CAAC;YACpB,YAAY,CAAC,EAAE,MAAM,CAAC;YACtB,QAAQ,EAAE,MAAM,CAAC;YACjB,MAAM,EAAE,MAAM,CAAC;YACf,MAAM,EAAE,MAAM,EAAE,CAAC;YACjB,SAAS,EAAE,MAAM,CAAC;YAClB,qBAAqB,CAAC,EAAE,MAAM,CAAC;YAC/B,iBAAiB,CAAC,EAAE,MAAM,CAAC;SAC9B,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;QACpB,kBAAkB,EAAE,CAAC,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE;YAC5C,eAAe,EAAE,MAAM,CAAC;YACxB,WAAW,EAAE,MAAM,CAAC;YACpB,YAAY,EAAE,MAAM,CAAC;YACrB,QAAQ,EAAE,MAAM,CAAC;YACjB,MAAM,EAAE,MAAM,CAAC;YACf,MAAM,EAAE,MAAM,EAAE,CAAC;YACjB,SAAS,EAAE,MAAM,CAAC;YAClB,qBAAqB,EAAE,MAAM,CAAC;SACjC,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;QACpB,mBAAmB,EAAE,CAAC,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE;YAC7C,MAAM,EAAE,MAAM,CAAC;YACf,QAAQ,EAAE,MAAM,CAAC;YACjB,MAAM,EAAE,MAAM,EAAE,CAAC;SACpB,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;QACtB,2BAA2B,EAAE,CAAC,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE;YACrD,MAAM,EAAE,MAAM,CAAC;YACf,QAAQ,EAAE,MAAM,CAAC;SACpB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;KACvB,CAAC;IACF,gBAAgB,EAAE;QACd,cAAc,EAAE,CAAC,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE;YACxC,IAAI,EAAE,MAAM,CAAC;YACb,YAAY,EAAE,MAAM,EAAE,CAAC;YACvB,MAAM,EAAE,MAAM,EAAE,CAAC;YACjB,IAAI,EAAE,cAAc,GAAG,QAAQ,CAAC;YAChC,OAAO,CAAC,EAAE,MAAM,CAAC;YACjB,OAAO,CAAC,EAAE,MAAM,CAAC;YACjB,MAAM,CAAC,EAAE,MAAM,CAAC;YAChB,SAAS,CAAC,EAAE,MAAM,CAAC;SACtB,KAAK,OAAO,CAAC;YACV,QAAQ,EAAE,MAAM,CAAC;YACjB,YAAY,CAAC,EAAE,MAAM,CAAC;YACtB,gBAAgB,EAAE,MAAM,CAAC;SAC5B,CAAC,CAAC;QACH,kBAAkB,EAAE,CAAC,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE;YAC5C,QAAQ,EAAE,MAAM,CAAC;YACjB,YAAY,EAAE,MAAM,CAAC;SACxB,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;KAC1B,CAAC;CACL;AAMD;;GAEG;AACH,wBAAsB,gBAAgB,CAClC,GAAG,EAAE,SAAS,EACd,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,WAAW,EACnB,GAAG,EAAE,iBAAiB,GACvB,OAAO,CAAC,QAAQ,CAAC,CAoInB;AAED;;GAEG;AACH,wBAAsB,0BAA0B,CAC5C,IAAI,EAAE,SAAS,EACf,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,WAAW,GACpB,OAAO,CAAC,QAAQ,CAAC,CAiCnB;AAED;;GAEG;AACH,wBAAsB,WAAW,CAC7B,IAAI,EAAE,SAAS,EACf,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,WAAW,GACpB,OAAO,CAAC,QAAQ,CAAC,CAYnB;AAED;;GAEG;AACH,wBAAsB,YAAY,CAC9B,GAAG,EAAE,SAAS,EACd,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,WAAW,EACnB,GAAG,EAAE,iBAAiB,GACvB,OAAO,CAAC,QAAQ,CAAC,CAmUnB;AAED;;GAEG;AACH,wBAAsB,eAAe,CACjC,GAAG,EAAE,SAAS,EACd,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,WAAW,EACnB,cAAc,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,GAChE,OAAO,CAAC,QAAQ,CAAC,CAgFnB;AAED;;GAEG;AACH,wBAAsB,eAAe,CACjC,GAAG,EAAE,SAAS,EACd,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,WAAW,EACnB,GAAG,EAAE,iBAAiB,GACvB,OAAO,CAAC,QAAQ,CAAC,CAsFnB;AAED;;GAEG;AACH,wBAAsB,6BAA6B,CAC/C,IAAI,EAAE,SAAS,EACf,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,WAAW,GACpB,OAAO,CAAC,QAAQ,CAAC,CAkBnB"}
|