@constructive-io/oauth 0.2.0

package/esm/providers/google.d.ts

@@ -0,0 +1,2 @@
+import { OAuthProviderConfig } from '../types';
+export declare const googleProvider: OAuthProviderConfig;

package/esm/providers/google.js

@@ -0,0 +1,20 @@
+export const googleProvider = {
+    id: 'google',
+    name: 'Google',
+    authorizationUrl: 'https://accounts.google.com/o/oauth2/v2/auth',
+    tokenUrl: 'https://oauth2.googleapis.com/token',
+    userInfoUrl: 'https://openidconnect.googleapis.com/v1/userinfo',
+    scopes: ['openid', 'email', 'profile'],
+    tokenRequestContentType: 'form',
+    mapProfile: (data) => {
+        const profile = data;
+        return {
+            provider: 'google',
+            providerId: profile.sub,
+            email: profile.email || null,
+            name: profile.name || null,
+            picture: profile.picture || null,
+            raw: data,
+        };
+    },
+};

package/esm/providers/index.d.ts

@@ -0,0 +1,9 @@
+import { OAuthProviderConfig } from '../types';
+import { googleProvider } from './google';
+import { githubProvider, GITHUB_EMAILS_URL, extractPrimaryEmail } from './github';
+import { facebookProvider } from './facebook';
+import { linkedinProvider } from './linkedin';
+export declare const providers: Record<string, OAuthProviderConfig>;
+export declare function getProvider(id: string): OAuthProviderConfig | undefined;
+export declare function getProviderIds(): string[];
+export { googleProvider, githubProvider, facebookProvider, linkedinProvider, GITHUB_EMAILS_URL, extractPrimaryEmail, };

package/esm/providers/index.js

@@ -0,0 +1,17 @@
+import { googleProvider } from './google';
+import { githubProvider, GITHUB_EMAILS_URL, extractPrimaryEmail } from './github';
+import { facebookProvider } from './facebook';
+import { linkedinProvider } from './linkedin';
+export const providers = {
+    google: googleProvider,
+    github: githubProvider,
+    facebook: facebookProvider,
+    linkedin: linkedinProvider,
+};
+export function getProvider(id) {
+    return providers[id];
+}
+export function getProviderIds() {
+    return Object.keys(providers);
+}
+export { googleProvider, githubProvider, facebookProvider, linkedinProvider, GITHUB_EMAILS_URL, extractPrimaryEmail, };

package/esm/providers/linkedin.d.ts

@@ -0,0 +1,2 @@
+import { OAuthProviderConfig } from '../types';
+export declare const linkedinProvider: OAuthProviderConfig;

package/esm/providers/linkedin.js

@@ -0,0 +1,20 @@
+export const linkedinProvider = {
+    id: 'linkedin',
+    name: 'LinkedIn',
+    authorizationUrl: 'https://www.linkedin.com/oauth/v2/authorization',
+    tokenUrl: 'https://www.linkedin.com/oauth/v2/accessToken',
+    userInfoUrl: 'https://api.linkedin.com/v2/userinfo',
+    scopes: ['openid', 'profile', 'email'],
+    tokenRequestContentType: 'form',
+    mapProfile: (data) => {
+        const profile = data;
+        return {
+            provider: 'linkedin',
+            providerId: profile.sub,
+            email: profile.email || null,
+            name: profile.name || null,
+            picture: profile.picture || null,
+            raw: data,
+        };
+    },
+};

package/esm/types.d.ts

@@ -0,0 +1,55 @@
+export interface OAuthProviderConfig {
+    id: string;
+    name: string;
+    authorizationUrl: string;
+    tokenUrl: string;
+    userInfoUrl: string;
+    scopes: string[];
+    tokenRequestContentType?: 'json' | 'form';
+    userInfoMethod?: 'GET' | 'POST';
+    mapProfile: (data: unknown) => OAuthProfile;
+}
+export interface OAuthProfile {
+    provider: string;
+    providerId: string;
+    email: string | null;
+    name: string | null;
+    picture: string | null;
+    raw: unknown;
+}
+export interface OAuthCredentials {
+    clientId: string;
+    clientSecret: string;
+    redirectUri?: string;
+}
+export interface OAuthClientConfig {
+    providers: Record<string, OAuthCredentials>;
+    baseUrl: string;
+    callbackPath?: string;
+    stateCookieName?: string;
+    stateCookieMaxAge?: number;
+}
+export interface TokenResponse {
+    access_token: string;
+    token_type: string;
+    expires_in?: number;
+    refresh_token?: string;
+    scope?: string;
+}
+export interface AuthorizationUrlParams {
+    provider: string;
+    state?: string;
+    redirectUri?: string;
+    scopes?: string[];
+}
+export interface CallbackParams {
+    provider: string;
+    code: string;
+    redirectUri?: string;
+}
+export interface OAuthError extends Error {
+    code: string;
+    provider?: string;
+    statusCode?: number;
+}
+export declare function createOAuthError(message: string, code: string, provider?: string, statusCode?: number): OAuthError;

package/esm/types.js

@@ -0,0 +1,7 @@
+export function createOAuthError(message, code, provider, statusCode) {
+    const error = new Error(message);
+    error.code = code;
+    error.provider = provider;
+    error.statusCode = statusCode;
+    return error;
+}

package/esm/utils/state.d.ts

@@ -0,0 +1 @@
+export { generateToken as generateState, verifyToken as verifyState } from '@constructive-io/csrf';

package/esm/utils/state.js

@@ -0,0 +1 @@
+export { generateToken as generateState, verifyToken as verifyState } from '@constructive-io/csrf';

package/index.d.ts

@@ -0,0 +1,4 @@
+export { OAuthProviderConfig, OAuthProfile, OAuthCredentials, OAuthClientConfig, TokenResponse, AuthorizationUrlParams, CallbackParams, OAuthError, createOAuthError, } from './types';
+export { OAuthClient, createOAuthClient } from './oauth-client';
+export { providers, getProvider, getProviderIds, googleProvider, githubProvider, facebookProvider, linkedinProvider, } from './providers';
+export { createOAuthMiddleware, OAuthMiddlewareConfig, OAuthCallbackContext, OAuthErrorContext, OAuthRouteHandlers, generateState, verifyState, } from './middleware/express';

package/index.js

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyState = exports.generateState = exports.createOAuthMiddleware = exports.linkedinProvider = exports.facebookProvider = exports.githubProvider = exports.googleProvider = exports.getProviderIds = exports.getProvider = exports.providers = exports.createOAuthClient = exports.OAuthClient = exports.createOAuthError = void 0;
+var types_1 = require("./types");
+Object.defineProperty(exports, "createOAuthError", { enumerable: true, get: function () { return types_1.createOAuthError; } });
+var oauth_client_1 = require("./oauth-client");
+Object.defineProperty(exports, "OAuthClient", { enumerable: true, get: function () { return oauth_client_1.OAuthClient; } });
+Object.defineProperty(exports, "createOAuthClient", { enumerable: true, get: function () { return oauth_client_1.createOAuthClient; } });
+var providers_1 = require("./providers");
+Object.defineProperty(exports, "providers", { enumerable: true, get: function () { return providers_1.providers; } });
+Object.defineProperty(exports, "getProvider", { enumerable: true, get: function () { return providers_1.getProvider; } });
+Object.defineProperty(exports, "getProviderIds", { enumerable: true, get: function () { return providers_1.getProviderIds; } });
+Object.defineProperty(exports, "googleProvider", { enumerable: true, get: function () { return providers_1.googleProvider; } });
+Object.defineProperty(exports, "githubProvider", { enumerable: true, get: function () { return providers_1.githubProvider; } });
+Object.defineProperty(exports, "facebookProvider", { enumerable: true, get: function () { return providers_1.facebookProvider; } });
+Object.defineProperty(exports, "linkedinProvider", { enumerable: true, get: function () { return providers_1.linkedinProvider; } });
+var express_1 = require("./middleware/express");
+Object.defineProperty(exports, "createOAuthMiddleware", { enumerable: true, get: function () { return express_1.createOAuthMiddleware; } });
+Object.defineProperty(exports, "generateState", { enumerable: true, get: function () { return express_1.generateState; } });
+Object.defineProperty(exports, "verifyState", { enumerable: true, get: function () { return express_1.verifyState; } });

package/middleware/express.d.ts

@@ -0,0 +1,51 @@
+import { OAuthClientConfig, OAuthProfile } from '../types';
+import { generateState, verifyState } from '../utils/state';
+export interface OAuthMiddlewareConfig extends OAuthClientConfig {
+    onSuccess: (profile: OAuthProfile, context: OAuthCallbackContext) => Promise<unknown>;
+    onError?: (error: Error, context: OAuthErrorContext) => void;
+    successRedirect?: string;
+    errorRedirect?: string;
+}
+export interface OAuthCallbackContext {
+    provider: string;
+    profile: OAuthProfile;
+    query: Record<string, string>;
+}
+export interface OAuthErrorContext {
+    provider?: string;
+    error: Error;
+    query: Record<string, string>;
+}
+export interface OAuthRouteHandlers {
+    initiateAuth: (req: {
+        params: {
+            provider: string;
+        };
+        query: Record<string, unknown>;
+    }, res: {
+        redirect: (url: string) => void;
+        cookie: (name: string, value: string, options: Record<string, unknown>) => void;
+        status: (code: number) => {
+            json: (data: unknown) => void;
+        };
+    }) => void;
+    handleCallback: (req: {
+        params: {
+            provider: string;
+        };
+        query: Record<string, unknown>;
+        cookies: Record<string, string>;
+    }, res: {
+        redirect: (url: string) => void;
+        clearCookie: (name: string) => void;
+        status: (code: number) => {
+            json: (data: unknown) => void;
+        };
+        json: (data: unknown) => void;
+    }) => Promise<void>;
+    getProviders: (req: unknown, res: {
+        json: (data: unknown) => void;
+    }) => void;
+}
+export declare function createOAuthMiddleware(config: OAuthMiddlewareConfig): OAuthRouteHandlers;
+export { generateState, verifyState };

package/middleware/express.js

@@ -0,0 +1,177 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyState = exports.generateState = void 0;
+exports.createOAuthMiddleware = createOAuthMiddleware;
+const oauth_client_1 = require("../oauth-client");
+const types_1 = require("../types");
+const state_1 = require("../utils/state");
+Object.defineProperty(exports, "generateState", { enumerable: true, get: function () { return state_1.generateState; } });
+Object.defineProperty(exports, "verifyState", { enumerable: true, get: function () { return state_1.verifyState; } });
+const providers_1 = require("../providers");
+function createOAuthMiddleware(config) {
+    const client = new oauth_client_1.OAuthClient(config);
+    const clientConfig = client.getConfig();
+    const initiateAuth = (req, res) => {
+        const { provider } = req.params;
+        try {
+            const { url, state } = client.getAuthorizationUrl({ provider });
+            res.cookie(clientConfig.stateCookieName, state, {
+                httpOnly: true,
+                secure: process.env.NODE_ENV === 'production',
+                maxAge: (clientConfig.stateCookieMaxAge || 600) * 1000,
+                sameSite: 'lax',
+            });
+            res.redirect(url);
+        }
+        catch (error) {
+            if (config.onError) {
+                config.onError(error, {
+                    provider,
+                    error: error,
+                    query: req.query,
+                });
+            }
+            if (config.errorRedirect) {
+                const errorUrl = new URL(config.errorRedirect);
+                errorUrl.searchParams.set('error', error.message);
+                errorUrl.searchParams.set('provider', provider);
+                res.redirect(errorUrl.toString());
+            }
+            else {
+                res.status(400).json({
+                    error: 'oauth_error',
+                    message: error.message,
+                    provider,
+                });
+            }
+        }
+    };
+    const handleCallback = async (req, res) => {
+        const { provider } = req.params;
+        const { code, state, error: oauthError, error_description } = req.query;
+        const storedState = req.cookies[clientConfig.stateCookieName];
+        res.clearCookie(clientConfig.stateCookieName);
+        if (oauthError) {
+            const error = (0, types_1.createOAuthError)(error_description || oauthError, 'OAUTH_PROVIDER_ERROR', provider);
+            if (config.onError) {
+                config.onError(error, {
+                    provider,
+                    error,
+                    query: req.query,
+                });
+            }
+            if (config.errorRedirect) {
+                const errorUrl = new URL(config.errorRedirect);
+                errorUrl.searchParams.set('error', oauthError);
+                if (error_description) {
+                    errorUrl.searchParams.set('error_description', error_description);
+                }
+                errorUrl.searchParams.set('provider', provider);
+                res.redirect(errorUrl.toString());
+            }
+            else {
+                res.status(400).json({
+                    error: 'oauth_error',
+                    message: error_description || oauthError,
+                    provider,
+                });
+            }
+            return;
+        }
+        if (!(0, state_1.verifyState)(storedState, state)) {
+            const error = (0, types_1.createOAuthError)('Invalid state parameter', 'INVALID_STATE', provider);
+            if (config.onError) {
+                config.onError(error, {
+                    provider,
+                    error,
+                    query: req.query,
+                });
+            }
+            if (config.errorRedirect) {
+                const errorUrl = new URL(config.errorRedirect);
+                errorUrl.searchParams.set('error', 'invalid_state');
+                errorUrl.searchParams.set('provider', provider);
+                res.redirect(errorUrl.toString());
+            }
+            else {
+                res.status(400).json({
+                    error: 'invalid_state',
+                    message: 'Invalid state parameter',
+                    provider,
+                });
+            }
+            return;
+        }
+        if (!code) {
+            const error = (0, types_1.createOAuthError)('Missing authorization code', 'MISSING_CODE', provider);
+            if (config.onError) {
+                config.onError(error, {
+                    provider,
+                    error,
+                    query: req.query,
+                });
+            }
+            if (config.errorRedirect) {
+                const errorUrl = new URL(config.errorRedirect);
+                errorUrl.searchParams.set('error', 'missing_code');
+                errorUrl.searchParams.set('provider', provider);
+                res.redirect(errorUrl.toString());
+            }
+            else {
+                res.status(400).json({
+                    error: 'missing_code',
+                    message: 'Missing authorization code',
+                    provider,
+                });
+            }
+            return;
+        }
+        try {
+            const profile = await client.handleCallback({ provider, code });
+            const result = await config.onSuccess(profile, {
+                provider,
+                profile,
+                query: req.query,
+            });
+            if (config.successRedirect) {
+                res.redirect(config.successRedirect);
+            }
+            else {
+                res.json({ success: true, data: result });
+            }
+        }
+        catch (error) {
+            if (config.onError) {
+                config.onError(error, {
+                    provider,
+                    error: error,
+                    query: req.query,
+                });
+            }
+            if (config.errorRedirect) {
+                const errorUrl = new URL(config.errorRedirect);
+                errorUrl.searchParams.set('error', 'callback_failed');
+                errorUrl.searchParams.set('message', error.message);
+                errorUrl.searchParams.set('provider', provider);
+                res.redirect(errorUrl.toString());
+            }
+            else {
+                res.status(500).json({
+                    error: 'callback_failed',
+                    message: error.message,
+                    provider,
+                });
+            }
+        }
+    };
+    const getProviders = (_req, res) => {
+        const configuredProviders = Object.keys(config.providers);
+        const availableProviders = (0, providers_1.getProviderIds)().filter((id) => configuredProviders.includes(id));
+        res.json({ providers: availableProviders });
+    };
+    return {
+        initiateAuth,
+        handleCallback,
+        getProviders,
+    };
+}

package/oauth-client.d.ts

@@ -0,0 +1,16 @@
+import { OAuthClientConfig, OAuthProfile, TokenResponse, AuthorizationUrlParams, CallbackParams } from './types';
+export declare class OAuthClient {
+    private config;
+    constructor(config: OAuthClientConfig);
+    getAuthorizationUrl(params: AuthorizationUrlParams): {
+        url: string;
+        state: string;
+    };
+    exchangeCode(params: CallbackParams): Promise<TokenResponse>;
+    getUserProfile(providerId: string, accessToken: string): Promise<OAuthProfile>;
+    handleCallback(params: CallbackParams): Promise<OAuthProfile>;
+    private fetchGitHubEmail;
+    private getCallbackUrl;
+    getConfig(): OAuthClientConfig;
+}
+export declare function createOAuthClient(config: OAuthClientConfig): OAuthClient;

package/oauth-client.js

@@ -0,0 +1,151 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OAuthClient = void 0;
+exports.createOAuthClient = createOAuthClient;
+const types_1 = require("./types");
+const providers_1 = require("./providers");
+const state_1 = require("./utils/state");
+class OAuthClient {
+    config;
+    constructor(config) {
+        this.config = {
+            callbackPath: '/auth/{provider}/callback',
+            stateCookieName: 'oauth_state',
+            stateCookieMaxAge: 600,
+            ...config,
+        };
+    }
+    getAuthorizationUrl(params) {
+        const { provider: providerId, state: customState, redirectUri, scopes } = params;
+        const provider = (0, providers_1.getProvider)(providerId);
+        if (!provider) {
+            throw (0, types_1.createOAuthError)(`Unknown provider: ${providerId}`, 'UNKNOWN_PROVIDER', providerId);
+        }
+        const credentials = this.config.providers[providerId];
+        if (!credentials) {
+            throw (0, types_1.createOAuthError)(`No credentials configured for provider: ${providerId}`, 'MISSING_CREDENTIALS', providerId);
+        }
+        const state = customState || (0, state_1.generateState)();
+        const callbackUrl = this.getCallbackUrl(providerId, redirectUri || credentials.redirectUri);
+        const effectiveScopes = scopes || provider.scopes;
+        const url = new URL(provider.authorizationUrl);
+        url.searchParams.set('client_id', credentials.clientId);
+        url.searchParams.set('redirect_uri', callbackUrl);
+        url.searchParams.set('response_type', 'code');
+        url.searchParams.set('scope', effectiveScopes.join(' '));
+        url.searchParams.set('state', state);
+        return { url: url.toString(), state };
+    }
+    async exchangeCode(params) {
+        const { provider: providerId, code, redirectUri } = params;
+        const provider = (0, providers_1.getProvider)(providerId);
+        if (!provider) {
+            throw (0, types_1.createOAuthError)(`Unknown provider: ${providerId}`, 'UNKNOWN_PROVIDER', providerId);
+        }
+        const credentials = this.config.providers[providerId];
+        if (!credentials) {
+            throw (0, types_1.createOAuthError)(`No credentials configured for provider: ${providerId}`, 'MISSING_CREDENTIALS', providerId);
+        }
+        const callbackUrl = this.getCallbackUrl(providerId, redirectUri || credentials.redirectUri);
+        const body = {
+            client_id: credentials.clientId,
+            client_secret: credentials.clientSecret,
+            code,
+            redirect_uri: callbackUrl,
+            grant_type: 'authorization_code',
+        };
+        const headers = {
+            Accept: 'application/json',
+        };
+        let requestBody;
+        if (provider.tokenRequestContentType === 'json') {
+            headers['Content-Type'] = 'application/json';
+            requestBody = JSON.stringify(body);
+        }
+        else {
+            headers['Content-Type'] = 'application/x-www-form-urlencoded';
+            requestBody = new URLSearchParams(body).toString();
+        }
+        const response = await fetch(provider.tokenUrl, {
+            method: 'POST',
+            headers,
+            body: requestBody,
+        });
+        if (!response.ok) {
+            const errorText = await response.text();
+            throw (0, types_1.createOAuthError)(`Token exchange failed: ${errorText}`, 'TOKEN_EXCHANGE_FAILED', providerId, response.status);
+        }
+        const data = await response.json();
+        if (data.error) {
+            throw (0, types_1.createOAuthError)(`Token exchange error: ${data.error_description || data.error}`, 'TOKEN_EXCHANGE_ERROR', providerId);
+        }
+        return data;
+    }
+    async getUserProfile(providerId, accessToken) {
+        const provider = (0, providers_1.getProvider)(providerId);
+        if (!provider) {
+            throw (0, types_1.createOAuthError)(`Unknown provider: ${providerId}`, 'UNKNOWN_PROVIDER', providerId);
+        }
+        const headers = {
+            Authorization: `Bearer ${accessToken}`,
+            Accept: 'application/json',
+        };
+        if (providerId === 'github') {
+            headers['User-Agent'] = 'Constructive-OAuth';
+        }
+        const response = await fetch(provider.userInfoUrl, {
+            method: provider.userInfoMethod || 'GET',
+            headers,
+        });
+        if (!response.ok) {
+            const errorText = await response.text();
+            throw (0, types_1.createOAuthError)(`Failed to fetch user profile: ${errorText}`, 'USER_PROFILE_FAILED', providerId, response.status);
+        }
+        const data = await response.json();
+        let profile = provider.mapProfile(data);
+        if (providerId === 'github' && !profile.email) {
+            profile = await this.fetchGitHubEmail(accessToken, profile);
+        }
+        return profile;
+    }
+    async handleCallback(params) {
+        const tokens = await this.exchangeCode(params);
+        return this.getUserProfile(params.provider, tokens.access_token);
+    }
+    async fetchGitHubEmail(accessToken, profile) {
+        try {
+            const response = await fetch(providers_1.GITHUB_EMAILS_URL, {
+                headers: {
+                    Authorization: `Bearer ${accessToken}`,
+                    Accept: 'application/json',
+                    'User-Agent': 'Constructive-OAuth',
+                },
+            });
+            if (response.ok) {
+                const emails = await response.json();
+                const email = (0, providers_1.extractPrimaryEmail)(emails);
+                if (email) {
+                    return { ...profile, email };
+                }
+            }
+        }
+        catch {
+            // Ignore email fetch errors, return profile without email
+        }
+        return profile;
+    }
+    getCallbackUrl(providerId, customRedirectUri) {
+        if (customRedirectUri) {
+            return customRedirectUri;
+        }
+        const path = this.config.callbackPath.replace('{provider}', providerId);
+        return `${this.config.baseUrl}${path}`;
+    }
+    getConfig() {
+        return this.config;
+    }
+}
+exports.OAuthClient = OAuthClient;
+function createOAuthClient(config) {
+    return new OAuthClient(config);
+}

package/package.json

@@ -0,0 +1,51 @@
+{
+  "name": "@constructive-io/oauth",
+  "version": "0.2.0",
+  "author": "Constructive <developers@constructive.io>",
+  "description": "OAuth 2.0 client for social authentication (Google, GitHub, Facebook, LinkedIn)",
+  "main": "index.js",
+  "module": "esm/index.js",
+  "types": "index.d.ts",
+  "homepage": "https://github.com/constructive-io/constructive",
+  "license": "MIT",
+  "publishConfig": {
+    "access": "public",
+    "directory": "dist"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/constructive-io/constructive"
+  },
+  "bugs": {
+    "url": "https://github.com/constructive-io/constructive/issues"
+  },
+  "scripts": {
+    "clean": "makage clean",
+    "prepack": "npm run build",
+    "build": "makage build",
+    "build:dev": "makage build --dev",
+    "lint": "eslint . --fix",
+    "test": "jest --passWithNoTests",
+    "test:watch": "jest --watch"
+  },
+  "dependencies": {
+    "@constructive-io/csrf": "^0.2.0"
+  },
+  "devDependencies": {
+    "@types/node": "^20.12.7",
+    "makage": "^0.1.10",
+    "ts-node": "^10.9.2"
+  },
+  "keywords": [
+    "oauth",
+    "oauth2",
+    "authentication",
+    "google",
+    "github",
+    "facebook",
+    "linkedin",
+    "social-login",
+    "constructive"
+  ],
+  "gitHead": "2f09348be8b309eba14b5ed16d391986ecff3296"
+}

package/providers/facebook.d.ts

@@ -0,0 +1,2 @@
+import { OAuthProviderConfig } from '../types';
+export declare const facebookProvider: OAuthProviderConfig;

package/providers/facebook.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.facebookProvider = void 0;
+const FACEBOOK_API_VERSION = 'v18.0';
+exports.facebookProvider = {
+    id: 'facebook',
+    name: 'Facebook',
+    authorizationUrl: `https://www.facebook.com/${FACEBOOK_API_VERSION}/dialog/oauth`,
+    tokenUrl: `https://graph.facebook.com/${FACEBOOK_API_VERSION}/oauth/access_token`,
+    userInfoUrl: `https://graph.facebook.com/me?fields=id,name,email,picture`,
+    scopes: ['email', 'public_profile'],
+    tokenRequestContentType: 'form',
+    mapProfile: (data) => {
+        const profile = data;
+        return {
+            provider: 'facebook',
+            providerId: profile.id,
+            email: profile.email || null,
+            name: profile.name || null,
+            picture: profile.picture?.data?.url || null,
+            raw: data,
+        };
+    },
+};

package/providers/github.d.ts

@@ -0,0 +1,10 @@
+import { OAuthProviderConfig } from '../types';
+interface GitHubEmail {
+    email: string;
+    primary: boolean;
+    verified: boolean;
+}
+export declare const githubProvider: OAuthProviderConfig;
+export declare const GITHUB_EMAILS_URL = "https://api.github.com/user/emails";
+export declare function extractPrimaryEmail(emails: GitHubEmail[]): string | null;
+export {};