@devoven/oauth 0.1.0

package/README.md

@@ -0,0 +1,281 @@
+# @devoven/oauth
+
+OAuth 2.0 / OIDC module for multi-provider authentication in NestJS. Wire up Google, LINE, or any custom provider with a single import.
+
+## Installation
+
+```bash
+npm install @devoven/oauth
+# or
+pnpm add @devoven/oauth
+```
+
+## Peer Dependencies
+
+Install the standard NestJS validation stack if your app does not already have it:
+
+```bash
+npm install class-validator class-transformer
+```
+
+`@nestjs/common`, `@nestjs/core`, `rxjs`, and `reflect-metadata` are expected to already be present in any NestJS application.
+
+`google-auth-library` is bundled with this package and does not need to be installed separately.
+
+## Quick Start
+
+```typescript
+import { OAuthModule, GoogleOAuthProvider } from '@devoven/oauth';
+
+@Module({
+  imports: [
+    OAuthModule.register({
+      providers: [
+        {
+          name: 'google',
+          provider: GoogleOAuthProvider,
+          clientId: process.env.GOOGLE_CLIENT_ID,
+          clientSecret: process.env.GOOGLE_CLIENT_SECRET,
+          callbackUrl: 'https://example.com/oauth/google/callback',
+        },
+      ],
+    }),
+  ],
+})
+export class AppModule {}
+```
+
+This registers the `OAuthController` at `/oauth`, giving you:
+
+- `GET /oauth/google` — redirects the user to Google's consent screen
+- `GET /oauth/google/callback` — handles the code exchange and returns the resolved profile
+
+## Module Options
+
+| Option | Type | Default | Description |
+|--------|------|---------|-------------|
+| `providers` | `Array<OAuthProviderOption \| OAuthProviderPort>` | — (required) | Provider configs or pre-constructed provider instances |
+| `stateStore` | Class or instance of `OAuthStateStorePort` | `InMemoryStateStore` | CSRF state store. Default TTL is 5 minutes |
+| `controller` | `boolean` | `true` | Mount `OAuthController`. Set to `false` to handle routes yourself |
+| `callbackSuccessUrl` | `string` | `undefined` | When set, the callback endpoint redirects to this URL with profile fields as query parameters instead of returning JSON |
+
+### OAuthProviderOption
+
+| Field | Type | Description |
+|-------|------|-------------|
+| `name` | `string` | Key used in the URL path (e.g. `'google'` → `/oauth/google`) |
+| `provider` | Constructor | A class implementing `OAuthProviderPort` (e.g. `GoogleOAuthProvider`) |
+| `clientId` | `string` | OAuth app client ID |
+| `clientSecret` | `string` | OAuth app client secret |
+| `callbackUrl` | `string` | Absolute URL registered with the provider |
+| `scopes` | `string[]` | Optional scope list. Defaults to the provider's built-in defaults |
+
+Alternatively, pass a pre-constructed `OAuthProviderPort` instance directly in the `providers` array.
+
+## Async Registration
+
+```typescript
+import { OAuthModule, GoogleOAuthProvider, LineOAuthProvider } from '@devoven/oauth';
+import { ConfigService } from '@nestjs/config';
+
+@Module({
+  imports: [
+    OAuthModule.registerAsync({
+      useFactory: (config: ConfigService) => ({
+        callbackSuccessUrl: config.get('OAUTH_SUCCESS_URL'),
+        providers: [
+          {
+            name: 'google',
+            provider: GoogleOAuthProvider,
+            clientId: config.get('GOOGLE_CLIENT_ID'),
+            clientSecret: config.get('GOOGLE_CLIENT_SECRET'),
+            callbackUrl: config.get('GOOGLE_CALLBACK_URL'),
+          },
+          {
+            name: 'line',
+            provider: LineOAuthProvider,
+            clientId: config.get('LINE_CLIENT_ID'),
+            clientSecret: config.get('LINE_CLIENT_SECRET'),
+            callbackUrl: config.get('LINE_CALLBACK_URL'),
+          },
+        ],
+      }),
+      inject: [ConfigService],
+    }),
+  ],
+})
+export class AppModule {}
+```
+
+## REST API
+
+All endpoints are served under the `/oauth` prefix.
+
+### Redirect to provider
+
+```
+GET /oauth/:provider
+```
+
+Generates a CSRF state token, stores it, and issues a `302` redirect to the provider's authorization URL.
+
+| Parameter | Where | Description |
+|-----------|-------|-------------|
+| `provider` | path | Provider name as registered in `providers` (e.g. `google`, `line`) |
+
+**Response:** `302 Found` — Location header points to the provider's authorization URL.
+
+### Handle callback
+
+```
+GET /oauth/:provider/callback?code=...&state=...
+```
+
+Verifies the state, exchanges the authorization code for tokens, fetches the user profile, and returns it.
+
+| Parameter | Where | Description |
+|-----------|-------|-------------|
+| `provider` | path | Provider name |
+| `code` | query | Authorization code from the provider |
+| `state` | query | CSRF state value returned by the provider |
+
+**Response without `callbackSuccessUrl`:** `200 OK`
+
+```json
+{
+  "provider": "google",
+  "providerId": "1234567890",
+  "email": "user@example.com",
+  "name": "Jane Doe",
+  "avatarUrl": "https://example.com/avatar.jpg"
+}
+```
+
+Fields `email`, `name`, and `avatarUrl` may be `null` depending on the scopes granted and the provider's response.
+
+**Response with `callbackSuccessUrl`:** `302 Found` — redirects to `callbackSuccessUrl` with the profile fields appended as query parameters (`provider`, `providerId`, `email`, `name`, `avatarUrl`).
+
+## Built-in Providers
+
+### GoogleOAuthProvider
+
+Default scopes: `openid profile email`
+
+Verifies the `id_token` using the Google auth library when present; falls back to the UserInfo endpoint otherwise.
+
+### LineOAuthProvider
+
+Default scopes: `openid profile`
+
+Verifies the `id_token` via LINE's `/oauth2/v2.1/verify` endpoint when present; falls back to the UserInfo endpoint otherwise.
+
+Both classes accept a custom `scopes` array to override the defaults.
+
+## Architecture
+
+### Port / Token Mapping
+
+| DI Token | Interface | Default Implementation | Purpose |
+|----------|-----------|------------------------|---------|
+| `'GetAuthorizationUrlPort'` | `GetAuthorizationUrlPort` | `GetAuthorizationUrlUseCase` | Generate a provider authorization URL with a fresh state token |
+| `'HandleCallbackPort'` | `HandleCallbackPort` | `HandleCallbackUseCase` | Verify state, exchange code, return `OAuthProfile` |
+| `'OAuthProviderRegistry'` | `OAuthProviderRegistry` (`Map<string, OAuthProviderPort>`) | Built from `providers` option | Registry of provider name → provider instance |
+| `'OAuthStateStorePort'` | `OAuthStateStorePort` | `InMemoryStateStore` | Generate and verify CSRF state tokens |
+
+`GetAuthorizationUrlPort` and `HandleCallbackPort` are exported from the module.
+
+## Domain Model
+
+### OAuthProfile
+
+| Property | Type | Description |
+|----------|------|-------------|
+| `provider` | `string` | Provider name (e.g. `'google'`) |
+| `providerId` | `string` | Provider-scoped user ID |
+| `email` | `string \| null` | User email, if available |
+| `name` | `string \| null` | Display name, if available |
+| `avatarUrl` | `string \| null` | Profile picture URL, if available |
+| `id` | `string` | Composite key: `provider:providerId` |
+
+### OAuthToken
+
+| Property | Type | Description |
+|----------|------|-------------|
+| `accessToken` | `string` | Bearer token for API calls |
+| `refreshToken` | `string \| null` | Refresh token, if issued |
+| `expiresAt` | `Date \| null` | Computed from `expiresIn` when not provided directly |
+| `idToken` | `string \| null` | OIDC ID token, if present |
+| `isExpired` | `boolean` | `true` when `expiresAt` is in the past |
+
+## Custom Adapters
+
+### Custom state store
+
+Provide a class or instance that implements `OAuthStateStorePort` for persistent CSRF state (e.g. Redis):
+
+```typescript
+import { Injectable } from '@nestjs/common';
+import { OAuthStateStorePort } from '@devoven/oauth';
+
+@Injectable()
+export class RedisStateStore implements OAuthStateStorePort {
+  async generate(): Promise<string> {
+    const state = crypto.randomUUID();
+    await redis.set(`oauth:state:${state}`, '1', 'EX', 300);
+    return state;
+  }
+
+  async verify(state: string): Promise<boolean> {
+    const key = `oauth:state:${state}`;
+    const exists = await redis.del(key);
+    return exists === 1;
+  }
+}
+```
+
+```typescript
+OAuthModule.register({
+  providers: [...],
+  stateStore: RedisStateStore,
+})
+```
+
+### Custom provider
+
+Implement `OAuthProviderPort` to add any OAuth 2.0 / OIDC provider:
+
+```typescript
+import { OAuthProviderPort, OAuthProviderConfig, OAuthProfile, OAuthToken } from '@devoven/oauth';
+
+export class GitHubOAuthProvider implements OAuthProviderPort {
+  readonly name = 'github';
+
+  constructor(private readonly config: OAuthProviderConfig) {}
+
+  async getAuthorizationUrl(state: string): Promise<string> { /* ... */ }
+  async exchangeCode(code: string): Promise<OAuthToken> { /* ... */ }
+  async getProfile(token: OAuthToken): Promise<OAuthProfile> { /* ... */ }
+}
+```
+
+Pass it either as a config object (the module will construct it) or as an already-instantiated object:
+
+```typescript
+// Config object — module constructs the instance
+OAuthModule.register({
+  providers: [
+    {
+      name: 'github',
+      provider: GitHubOAuthProvider,
+      clientId: '...',
+      clientSecret: '...',
+      callbackUrl: 'https://example.com/oauth/github/callback',
+    },
+  ],
+})
+
+// Pre-constructed instance
+OAuthModule.register({
+  providers: [new GitHubOAuthProvider({ clientId: '...', clientSecret: '...', callbackUrl: '...', scopes: [] })],
+})
+```

package/dist/application/ports/get-auth-url.port.d.ts

@@ -0,0 +1,3 @@
+export interface GetAuthorizationUrlPort {
+    execute(provider: string): Promise<string>;
+}

package/dist/application/ports/get-auth-url.port.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=get-auth-url.port.js.map

package/dist/application/ports/get-auth-url.port.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-auth-url.port.js","sourceRoot":"","sources":["../../../src/application/ports/get-auth-url.port.ts"],"names":[],"mappings":""}

package/dist/application/ports/handle-callback.port.d.ts

@@ -0,0 +1,4 @@
+import { OAuthProfile } from "../../domain/entities/oauth-profile.entity";
+export interface HandleCallbackPort {
+    execute(provider: string, code: string, state: string): Promise<OAuthProfile>;
+}

package/dist/application/ports/handle-callback.port.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=handle-callback.port.js.map

package/dist/application/ports/handle-callback.port.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"handle-callback.port.js","sourceRoot":"","sources":["../../../src/application/ports/handle-callback.port.ts"],"names":[],"mappings":""}

package/dist/application/ports/oauth-provider.port.d.ts

@@ -0,0 +1,15 @@
+import { OAuthProfile } from "../../domain/entities/oauth-profile.entity";
+import { OAuthToken } from "../../domain/value-objects/oauth-token.vo";
+export interface OAuthProviderPort {
+    readonly name: string;
+    getAuthorizationUrl(state: string): Promise<string>;
+    exchangeCode(code: string): Promise<OAuthToken>;
+    getProfile(token: OAuthToken): Promise<OAuthProfile>;
+}
+export interface OAuthProviderConfig {
+    clientId: string;
+    clientSecret: string;
+    callbackUrl: string;
+    scopes: string[];
+}
+export type OAuthProviderRegistry = Map<string, OAuthProviderPort>;

package/dist/application/ports/oauth-provider.port.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=oauth-provider.port.js.map

package/dist/application/ports/oauth-provider.port.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-provider.port.js","sourceRoot":"","sources":["../../../src/application/ports/oauth-provider.port.ts"],"names":[],"mappings":""}

package/dist/application/ports/oauth-state-store.port.d.ts

@@ -0,0 +1,4 @@
+export interface OAuthStateStorePort {
+    generate(): Promise<string>;
+    verify(state: string): Promise<boolean>;
+}

package/dist/application/ports/oauth-state-store.port.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=oauth-state-store.port.js.map

package/dist/application/ports/oauth-state-store.port.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-state-store.port.js","sourceRoot":"","sources":["../../../src/application/ports/oauth-state-store.port.ts"],"names":[],"mappings":""}

package/dist/application/use-cases/get-auth-url.use-case.d.ts

@@ -0,0 +1,9 @@
+import { OAuthProviderRegistry } from '../ports/oauth-provider.port';
+import { OAuthStateStorePort } from '../ports/oauth-state-store.port';
+import { GetAuthorizationUrlPort } from '../ports/get-auth-url.port';
+export declare class GetAuthorizationUrlUseCase implements GetAuthorizationUrlPort {
+    private readonly providers;
+    private readonly stateStore;
+    constructor(providers: OAuthProviderRegistry, stateStore: OAuthStateStorePort);
+    execute(provider: string): Promise<string>;
+}

package/dist/application/use-cases/get-auth-url.use-case.js

@@ -0,0 +1,38 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GetAuthorizationUrlUseCase = void 0;
+const common_1 = require("@nestjs/common");
+let GetAuthorizationUrlUseCase = class GetAuthorizationUrlUseCase {
+    constructor(providers, stateStore) {
+        this.providers = providers;
+        this.stateStore = stateStore;
+    }
+    async execute(provider) {
+        const oauthProvider = this.providers.get(provider);
+        if (!oauthProvider) {
+            throw new Error(`Unknown OAuth provider: ${provider}`);
+        }
+        const state = await this.stateStore.generate();
+        return oauthProvider.getAuthorizationUrl(state);
+    }
+};
+exports.GetAuthorizationUrlUseCase = GetAuthorizationUrlUseCase;
+exports.GetAuthorizationUrlUseCase = GetAuthorizationUrlUseCase = __decorate([
+    (0, common_1.Injectable)(),
+    __param(0, (0, common_1.Inject)('OAuthProviderRegistry')),
+    __param(1, (0, common_1.Inject)('OAuthStateStorePort')),
+    __metadata("design:paramtypes", [Object, Object])
+], GetAuthorizationUrlUseCase);
+//# sourceMappingURL=get-auth-url.use-case.js.map

package/dist/application/use-cases/get-auth-url.use-case.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-auth-url.use-case.js","sourceRoot":"","sources":["../../../src/application/use-cases/get-auth-url.use-case.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAmD;AAM5C,IAAM,0BAA0B,GAAhC,MAAM,0BAA0B;IACnC,YAEqB,SAAgC,EAGhC,UAA+B;QAH/B,cAAS,GAAT,SAAS,CAAuB;QAGhC,eAAU,GAAV,UAAU,CAAqB;IAChD,CAAC;IAEL,KAAK,CAAC,OAAO,CAAC,QAAgB;QAC1B,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;QAElD,IAAI,CAAC,aAAa,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,2BAA2B,QAAQ,EAAE,CAAC,CAAA;QAC1D,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAA;QAE9C,OAAO,aAAa,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAA;IACnD,CAAC;CACJ,CAAA;AApBY,gEAA0B;qCAA1B,0BAA0B;IADtC,IAAA,mBAAU,GAAE;IAGJ,WAAA,IAAA,eAAM,EAAC,uBAAuB,CAAC,CAAA;IAG/B,WAAA,IAAA,eAAM,EAAC,qBAAqB,CAAC,CAAA;;GALzB,0BAA0B,CAoBtC"}

package/dist/application/use-cases/handle-callback.use-case.d.ts

@@ -0,0 +1,10 @@
+import { HandleCallbackPort } from "../ports/handle-callback.port";
+import { OAuthProviderRegistry } from "../ports/oauth-provider.port";
+import { OAuthStateStorePort } from "../ports/oauth-state-store.port";
+import { OAuthProfile } from "../../domain/entities/oauth-profile.entity";
+export declare class HandleCallbackUseCase implements HandleCallbackPort {
+    private readonly providers;
+    private readonly stateStore;
+    constructor(providers: OAuthProviderRegistry, stateStore: OAuthStateStorePort);
+    execute(provider: string, code: string, state: string): Promise<OAuthProfile>;
+}

package/dist/application/use-cases/handle-callback.use-case.js

@@ -0,0 +1,42 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HandleCallbackUseCase = void 0;
+const common_1 = require("@nestjs/common");
+let HandleCallbackUseCase = class HandleCallbackUseCase {
+    constructor(providers, stateStore) {
+        this.providers = providers;
+        this.stateStore = stateStore;
+    }
+    async execute(provider, code, state) {
+        const valid = await this.stateStore.verify(state);
+        if (!valid) {
+            throw new common_1.BadRequestException('Invalid or expired OAuth state');
+        }
+        const oauthProvider = this.providers.get(provider);
+        if (!oauthProvider) {
+            throw new common_1.BadRequestException(`Unknown OAuth provider: ${provider}`);
+        }
+        const token = await oauthProvider.exchangeCode(code);
+        return oauthProvider.getProfile(token);
+    }
+};
+exports.HandleCallbackUseCase = HandleCallbackUseCase;
+exports.HandleCallbackUseCase = HandleCallbackUseCase = __decorate([
+    (0, common_1.Injectable)(),
+    __param(0, (0, common_1.Inject)('OAuthProviderRegistry')),
+    __param(1, (0, common_1.Inject)('OAuthStateStorePort')),
+    __metadata("design:paramtypes", [Object, Object])
+], HandleCallbackUseCase);
+//# sourceMappingURL=handle-callback.use-case.js.map

package/dist/application/use-cases/handle-callback.use-case.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"handle-callback.use-case.js","sourceRoot":"","sources":["../../../src/application/use-cases/handle-callback.use-case.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAyE;AAOlE,IAAM,qBAAqB,GAA3B,MAAM,qBAAqB;IAC9B,YAEqB,SAAgC,EAGhC,UAA+B;QAH/B,cAAS,GAAT,SAAS,CAAuB;QAGhC,eAAU,GAAV,UAAU,CAAqB;IAChD,CAAC;IAEL,KAAK,CAAC,OAAO,CAAC,QAAgB,EAAE,IAAY,EAAE,KAAa;QACvD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QAEjD,IAAI,CAAC,KAAK,EAAE,CAAC;YACT,MAAM,IAAI,4BAAmB,CAAC,gCAAgC,CAAC,CAAA;QACnE,CAAC;QAED,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;QAElD,IAAI,CAAC,aAAa,EAAE,CAAC;YACjB,MAAM,IAAI,4BAAmB,CAAC,2BAA2B,QAAQ,EAAE,CAAC,CAAA;QACxE,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,YAAY,CAAC,IAAI,CAAC,CAAA;QAEpD,OAAO,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;IAC1C,CAAC;CACJ,CAAA;AA1BY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,mBAAU,GAAE;IAGJ,WAAA,IAAA,eAAM,EAAC,uBAAuB,CAAC,CAAA;IAG/B,WAAA,IAAA,eAAM,EAAC,qBAAqB,CAAC,CAAA;;GALzB,qBAAqB,CA0BjC"}

package/dist/domain/entities/oauth-profile.entity.d.ts

@@ -0,0 +1,16 @@
+export declare class OAuthProfile {
+    readonly providerId: string;
+    readonly provider: string;
+    readonly email: string | null;
+    readonly name: string | null;
+    readonly avatarUrl: string | null;
+    private constructor();
+    static create(params: {
+        providerId: string;
+        provider: string;
+        email: string | null;
+        name: string | null;
+        avatarUrl: string | null;
+    }): OAuthProfile;
+    get id(): string;
+}

package/dist/domain/entities/oauth-profile.entity.js

@@ -0,0 +1,26 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OAuthProfile = void 0;
+class OAuthProfile {
+    constructor(params) {
+        this.provider = params.provider;
+        this.providerId = params.providerId;
+        this.email = params.email;
+        this.name = params.name;
+        this.avatarUrl = params.avatarUrl;
+    }
+    static create(params) {
+        if (!params.providerId) {
+            throw new Error('providerId is required');
+        }
+        if (!params.provider || params.provider.trim().length === 0) {
+            throw new Error('provider cannot be empty');
+        }
+        return new OAuthProfile(params);
+    }
+    get id() {
+        return `${this.provider}:${this.providerId}`;
+    }
+}
+exports.OAuthProfile = OAuthProfile;
+//# sourceMappingURL=oauth-profile.entity.js.map

package/dist/domain/entities/oauth-profile.entity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-profile.entity.js","sourceRoot":"","sources":["../../../src/domain/entities/oauth-profile.entity.ts"],"names":[],"mappings":";;;AAAA,MAAa,YAAY;IAOrB,YAAoB,MAMnB;QACG,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAA;QAC/B,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAA;QACnC,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAA;QACzB,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAA;QACvB,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAA;IACrC,CAAC;IAED,MAAM,CAAC,MAAM,CAAC,MAMb;QACG,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAA;QAC7C,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1D,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAA;QAC/C,CAAC;QAED,OAAO,IAAI,YAAY,CAAC,MAAM,CAAC,CAAA;IACnC,CAAC;IAED,IAAI,EAAE;QACF,OAAO,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,UAAU,EAAE,CAAA;IAChD,CAAC;CACJ;AA1CD,oCA0CC"}

package/dist/domain/value-objects/oauth-token.vo.d.ts

@@ -0,0 +1,15 @@
+export declare class OAuthToken {
+    readonly accessToken: string;
+    readonly refreshToken: string | null;
+    readonly expiresAt: Date | null;
+    readonly idToken: string | null;
+    private constructor();
+    get isExpired(): boolean;
+    static create(params: {
+        accessToken: string;
+        refreshToken: string | null;
+        expiresIn: number | null;
+        expiresAt: Date | null;
+        idToken: string | null;
+    }): OAuthToken;
+}

package/dist/domain/value-objects/oauth-token.vo.js

@@ -0,0 +1,26 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OAuthToken = void 0;
+class OAuthToken {
+    constructor(accessToken, refreshToken, expiresAt, idToken) {
+        this.accessToken = accessToken;
+        this.refreshToken = refreshToken;
+        this.expiresAt = expiresAt;
+        this.idToken = idToken;
+    }
+    get isExpired() {
+        return this.expiresAt ? Date.now() > this.expiresAt.getTime() : false;
+    }
+    static create(params) {
+        if (!params.accessToken) {
+            throw new Error("accessToken is required");
+        }
+        const expiresAt = params.expiresAt ??
+            (params.expiresIn
+                ? new Date(Date.now() + params.expiresIn * 1000)
+                : null);
+        return new OAuthToken(params.accessToken, params.refreshToken, expiresAt, params.idToken);
+    }
+}
+exports.OAuthToken = OAuthToken;
+//# sourceMappingURL=oauth-token.vo.js.map

package/dist/domain/value-objects/oauth-token.vo.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-token.vo.js","sourceRoot":"","sources":["../../../src/domain/value-objects/oauth-token.vo.ts"],"names":[],"mappings":";;;AAAA,MAAa,UAAU;IAMnB,YACI,WAAmB,EACnB,YAA2B,EAC3B,SAAsB,EACtB,OAAsB;QAEtB,IAAI,CAAC,WAAW,GAAG,WAAW,CAAA;QAC9B,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;QAC1B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;IAC1B,CAAC;IAED,IAAI,SAAS;QACT,OAAO,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC;IAC1E,CAAC;IAED,MAAM,CAAC,MAAM,CAAC,MAMb;QACG,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAA;QAC9C,CAAC;QAED,MAAM,SAAS,GACX,MAAM,CAAC,SAAS;YAChB,CAAC,MAAM,CAAC,SAAS;gBACb,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC;gBAChD,CAAC,CAAC,IAAI,CAAC,CAAA;QAEf,OAAO,IAAI,UAAU,CACjB,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,YAAY,EACnB,SAAS,EACT,MAAM,CAAC,OAAO,CACjB,CAAA;IACL,CAAC;CACJ;AA9CD,gCA8CC"}

package/dist/index.d.ts

@@ -0,0 +1,13 @@
+export { OAuthModule } from './oauth.module';
+export { OAuthModuleOptions, OAuthProviderOption } from './oauth.module-definition';
+export { OAuthProfile } from './domain/entities/oauth-profile.entity';
+export { OAuthToken } from './domain/value-objects/oauth-token.vo';
+export { GetAuthorizationUrlPort } from './application/ports/get-auth-url.port';
+export { HandleCallbackPort } from './application/ports/handle-callback.port';
+export { OAuthProviderPort, OAuthProviderConfig, OAuthProviderRegistry, } from './application/ports/oauth-provider.port';
+export { OAuthStateStorePort } from './application/ports/oauth-state-store.port';
+export { OAuthCallbackQueryDto } from './presentation/dto/oauth-callback-query.dto';
+export { OAuthProfileResponseDto } from './presentation/dto/oauth-profile-response.dto';
+export { GoogleOAuthProvider } from './infrastructure/providers/google-oauth.provider';
+export { LineOAuthProvider } from './infrastructure/providers/line-oauth.provider';
+export { InMemoryStateStore } from './infrastructure/state/in-memory-state-store';

package/dist/index.js

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.InMemoryStateStore = exports.LineOAuthProvider = exports.GoogleOAuthProvider = exports.OAuthProfileResponseDto = exports.OAuthCallbackQueryDto = exports.OAuthToken = exports.OAuthProfile = exports.OAuthModule = void 0;
+var oauth_module_1 = require("./oauth.module");
+Object.defineProperty(exports, "OAuthModule", { enumerable: true, get: function () { return oauth_module_1.OAuthModule; } });
+var oauth_profile_entity_1 = require("./domain/entities/oauth-profile.entity");
+Object.defineProperty(exports, "OAuthProfile", { enumerable: true, get: function () { return oauth_profile_entity_1.OAuthProfile; } });
+var oauth_token_vo_1 = require("./domain/value-objects/oauth-token.vo");
+Object.defineProperty(exports, "OAuthToken", { enumerable: true, get: function () { return oauth_token_vo_1.OAuthToken; } });
+var oauth_callback_query_dto_1 = require("./presentation/dto/oauth-callback-query.dto");
+Object.defineProperty(exports, "OAuthCallbackQueryDto", { enumerable: true, get: function () { return oauth_callback_query_dto_1.OAuthCallbackQueryDto; } });
+var oauth_profile_response_dto_1 = require("./presentation/dto/oauth-profile-response.dto");
+Object.defineProperty(exports, "OAuthProfileResponseDto", { enumerable: true, get: function () { return oauth_profile_response_dto_1.OAuthProfileResponseDto; } });
+var google_oauth_provider_1 = require("./infrastructure/providers/google-oauth.provider");
+Object.defineProperty(exports, "GoogleOAuthProvider", { enumerable: true, get: function () { return google_oauth_provider_1.GoogleOAuthProvider; } });
+var line_oauth_provider_1 = require("./infrastructure/providers/line-oauth.provider");
+Object.defineProperty(exports, "LineOAuthProvider", { enumerable: true, get: function () { return line_oauth_provider_1.LineOAuthProvider; } });
+var in_memory_state_store_1 = require("./infrastructure/state/in-memory-state-store");
+Object.defineProperty(exports, "InMemoryStateStore", { enumerable: true, get: function () { return in_memory_state_store_1.InMemoryStateStore; } });
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAAA,+CAA4C;AAAnC,2GAAA,WAAW,OAAA;AAGpB,+EAAqE;AAA5D,oHAAA,YAAY,OAAA;AACrB,wEAAkE;AAAzD,4GAAA,UAAU,OAAA;AAWnB,wFAAmF;AAA1E,iIAAA,qBAAqB,OAAA;AAC9B,4FAAuF;AAA9E,qIAAA,uBAAuB,OAAA;AAEhC,0FAAsF;AAA7E,4HAAA,mBAAmB,OAAA;AAC5B,sFAAkF;AAAzE,wHAAA,iBAAiB,OAAA;AAC1B,sFAAiF;AAAxE,2HAAA,kBAAkB,OAAA"}

package/dist/infrastructure/providers/google-oauth.provider.d.ts

@@ -0,0 +1,15 @@
+import { OAuthProviderConfig, OAuthProviderPort } from "../../application/ports/oauth-provider.port";
+import { OAuthProfile } from "../../domain/entities/oauth-profile.entity";
+import { OAuthToken } from "../../domain/value-objects/oauth-token.vo";
+export declare class GoogleOAuthProvider<T extends OAuthProviderConfig = OAuthProviderConfig> implements OAuthProviderPort {
+    readonly name = "google";
+    private readonly AUTHORIZE_URL;
+    private readonly TOKEN_URL;
+    private readonly USERINFO_URL;
+    private readonly authClient;
+    protected readonly props: T;
+    constructor(props: T);
+    getAuthorizationUrl(state: string): Promise<string>;
+    exchangeCode(code: string): Promise<OAuthToken>;
+    getProfile(token: OAuthToken): Promise<OAuthProfile>;
+}