@draftlab/auth 0.15.0 → 0.16.0

package/dist/esm/ui/password.js

@@ -0,0 +1,435 @@
+// src/ui/password.tsx
+import { run } from "../util";
+import { Layout } from "./base";
+import { FormAlert } from "./form";
+import { jsxDEV, Fragment } from "hono/jsx/jsx-dev-runtime";
+var DEFAULT_COPY = {
+  error_email_taken: "There is already an account with this email.",
+  error_invalid_code: "Code is incorrect.",
+  error_invalid_email: "Email is not valid.",
+  error_invalid_password: "Password is incorrect.",
+  error_password_mismatch: "Passwords do not match.",
+  register: "Register",
+  register_prompt: "Don't have an account?",
+  login_prompt: "Already have an account?",
+  login: "Login",
+  change_prompt: "Forgot password?",
+  code_resend: "Resend code",
+  code_return: "Back to",
+  input_email: "Email",
+  input_password: "Password",
+  input_code: "Code",
+  input_repeat: "Repeat password",
+  button_continue: "Continue",
+  logo: "A"
+};
+var PasswordUI = (options) => {
+  const copy = {
+    ...DEFAULT_COPY,
+    ...options.copy
+  };
+  const getErrorMessage = (error) => {
+    if (!error?.type)
+      return;
+    if (error.type === "validation_error" && "message" in error && error.message) {
+      return error.message;
+    }
+    const errorKey = `error_${error.type}`;
+    return copy[errorKey];
+  };
+  return {
+    validatePassword: options.validatePassword,
+    sendCode: options.sendCode,
+    login: async (_req, form, error) => {
+      const jsx = /* @__PURE__ */ jsxDEV(Layout, {
+        children: /* @__PURE__ */ jsxDEV("form", {
+          "data-component": "form",
+          method: "post",
+          children: [
+            /* @__PURE__ */ jsxDEV(FormAlert, {
+              message: getErrorMessage(error)
+            }, undefined, false, undefined, this),
+            /* @__PURE__ */ jsxDEV("input", {
+              type: "email",
+              name: "email",
+              placeholder: copy.input_email,
+              value: form?.get("email")?.toString() || "",
+              autoComplete: "email",
+              "data-component": "input",
+              required: true
+            }, undefined, false, undefined, this),
+            /* @__PURE__ */ jsxDEV("input", {
+              type: "password",
+              name: "password",
+              placeholder: copy.input_password,
+              autoComplete: "current-password",
+              "data-component": "input",
+              required: true
+            }, undefined, false, undefined, this),
+            /* @__PURE__ */ jsxDEV("button", {
+              "data-component": "button",
+              type: "submit",
+              children: copy.button_continue
+            }, undefined, false, undefined, this),
+            /* @__PURE__ */ jsxDEV("div", {
+              "data-component": "form-footer",
+              children: [
+                /* @__PURE__ */ jsxDEV("span", {
+                  children: [
+                    copy.register_prompt,
+                    " ",
+                    /* @__PURE__ */ jsxDEV("a", {
+                      "data-component": "link",
+                      href: "./register",
+                      children: copy.register
+                    }, undefined, false, undefined, this)
+                  ]
+                }, undefined, true, undefined, this),
+                /* @__PURE__ */ jsxDEV("a", {
+                  "data-component": "link",
+                  href: "./change",
+                  children: copy.change_prompt
+                }, undefined, false, undefined, this)
+              ]
+            }, undefined, true, undefined, this)
+          ]
+        }, undefined, true, undefined, this)
+      }, undefined, false, undefined, this);
+      return new Response(jsx.toString(), {
+        status: error ? 401 : 200,
+        headers: { "Content-Type": "text/html" }
+      });
+    },
+    register: async (_req, state, form, error) => {
+      const emailError = ["invalid_email", "email_taken"].includes(error?.type || "");
+      const passwordError = [
+        "invalid_password",
+        "password_mismatch",
+        "validation_error"
+      ].includes(error?.type || "");
+      const jsx = /* @__PURE__ */ jsxDEV(Layout, {
+        children: run(() => {
+          if (state.type === "start") {
+            return /* @__PURE__ */ jsxDEV("form", {
+              "data-component": "form",
+              method: "post",
+              children: [
+                /* @__PURE__ */ jsxDEV(FormAlert, {
+                  message: getErrorMessage(error)
+                }, undefined, false, undefined, this),
+                /* @__PURE__ */ jsxDEV("input", {
+                  name: "action",
+                  type: "hidden",
+                  value: "register"
+                }, undefined, false, undefined, this),
+                /* @__PURE__ */ jsxDEV("input", {
+                  type: "email",
+                  name: "email",
+                  placeholder: copy.input_email,
+                  value: emailError ? "" : form?.get("email")?.toString() || "",
+                  autoComplete: "email",
+                  "data-component": "input",
+                  required: true
+                }, undefined, false, undefined, this),
+                /* @__PURE__ */ jsxDEV("input", {
+                  type: "password",
+                  name: "password",
+                  placeholder: copy.input_password,
+                  value: passwordError ? "" : form?.get("password")?.toString() || "",
+                  autoComplete: "new-password",
+                  "data-component": "input",
+                  required: true
+                }, undefined, false, undefined, this),
+                /* @__PURE__ */ jsxDEV("input", {
+                  type: "password",
+                  name: "repeat",
+                  placeholder: copy.input_repeat,
+                  autoComplete: "new-password",
+                  "data-component": "input",
+                  required: true
+                }, undefined, false, undefined, this),
+                /* @__PURE__ */ jsxDEV("button", {
+                  "data-component": "button",
+                  type: "submit",
+                  children: copy.button_continue
+                }, undefined, false, undefined, this),
+                /* @__PURE__ */ jsxDEV("div", {
+                  "data-component": "form-footer",
+                  children: /* @__PURE__ */ jsxDEV("span", {
+                    children: [
+                      copy.login_prompt,
+                      " ",
+                      /* @__PURE__ */ jsxDEV("a", {
+                        "data-component": "link",
+                        href: "./authorize",
+                        children: copy.login
+                      }, undefined, false, undefined, this)
+                    ]
+                  }, undefined, true, undefined, this)
+                }, undefined, false, undefined, this)
+              ]
+            }, undefined, true, undefined, this);
+          }
+          return /* @__PURE__ */ jsxDEV(Fragment, {
+            children: [
+              /* @__PURE__ */ jsxDEV("form", {
+                "data-component": "form",
+                method: "post",
+                children: [
+                  /* @__PURE__ */ jsxDEV(FormAlert, {
+                    message: getErrorMessage(error)
+                  }, undefined, false, undefined, this),
+                  /* @__PURE__ */ jsxDEV("input", {
+                    name: "action",
+                    type: "hidden",
+                    value: "verify"
+                  }, undefined, false, undefined, this),
+                  /* @__PURE__ */ jsxDEV("input", {
+                    type: "text",
+                    name: "code",
+                    placeholder: copy.input_code,
+                    "aria-label": "6-digit verification code",
+                    autoComplete: "one-time-code",
+                    "data-component": "input",
+                    inputMode: "numeric",
+                    maxLength: 6,
+                    minLength: 6,
+                    pattern: "[0-9]{6}",
+                    required: true
+                  }, undefined, false, undefined, this),
+                  /* @__PURE__ */ jsxDEV("button", {
+                    "data-component": "button",
+                    type: "submit",
+                    children: copy.button_continue
+                  }, undefined, false, undefined, this)
+                ]
+              }, undefined, true, undefined, this),
+              /* @__PURE__ */ jsxDEV("form", {
+                method: "post",
+                children: [
+                  /* @__PURE__ */ jsxDEV("input", {
+                    name: "action",
+                    type: "hidden",
+                    value: "register"
+                  }, undefined, false, undefined, this),
+                  /* @__PURE__ */ jsxDEV("input", {
+                    name: "email",
+                    type: "hidden",
+                    value: state.email
+                  }, undefined, false, undefined, this),
+                  /* @__PURE__ */ jsxDEV("input", {
+                    name: "password",
+                    type: "hidden",
+                    value: ""
+                  }, undefined, false, undefined, this),
+                  /* @__PURE__ */ jsxDEV("input", {
+                    name: "repeat",
+                    type: "hidden",
+                    value: ""
+                  }, undefined, false, undefined, this),
+                  /* @__PURE__ */ jsxDEV("div", {
+                    "data-component": "form-footer",
+                    children: [
+                      /* @__PURE__ */ jsxDEV("span", {
+                        children: [
+                          copy.code_return,
+                          " ",
+                          /* @__PURE__ */ jsxDEV("a", {
+                            "data-component": "link",
+                            href: "./authorize",
+                            children: copy.login
+                          }, undefined, false, undefined, this)
+                        ]
+                      }, undefined, true, undefined, this),
+                      /* @__PURE__ */ jsxDEV("button", {
+                        type: "submit",
+                        "data-component": "link",
+                        children: copy.code_resend
+                      }, undefined, false, undefined, this)
+                    ]
+                  }, undefined, true, undefined, this)
+                ]
+              }, undefined, true, undefined, this)
+            ]
+          }, undefined, true, undefined, this);
+        })
+      }, undefined, false, undefined, this);
+      return new Response(jsx.toString(), {
+        headers: { "Content-Type": "text/html" }
+      });
+    },
+    change: async (_req, state, form, error) => {
+      const passwordError = [
+        "invalid_password",
+        "password_mismatch",
+        "validation_error"
+      ].includes(error?.type || "");
+      const jsx = /* @__PURE__ */ jsxDEV(Layout, {
+        children: run(() => {
+          if (state.type === "start") {
+            return /* @__PURE__ */ jsxDEV("form", {
+              "data-component": "form",
+              method: "post",
+              children: [
+                /* @__PURE__ */ jsxDEV(FormAlert, {
+                  message: getErrorMessage(error)
+                }, undefined, false, undefined, this),
+                /* @__PURE__ */ jsxDEV("input", {
+                  name: "action",
+                  type: "hidden",
+                  value: "code"
+                }, undefined, false, undefined, this),
+                /* @__PURE__ */ jsxDEV("input", {
+                  type: "email",
+                  name: "email",
+                  placeholder: copy.input_email,
+                  value: form?.get("email")?.toString() || "",
+                  autoComplete: "email",
+                  "data-component": "input",
+                  required: true
+                }, undefined, false, undefined, this),
+                /* @__PURE__ */ jsxDEV("button", {
+                  "data-component": "button",
+                  type: "submit",
+                  children: copy.button_continue
+                }, undefined, false, undefined, this),
+                /* @__PURE__ */ jsxDEV("div", {
+                  "data-component": "form-footer",
+                  children: /* @__PURE__ */ jsxDEV("span", {
+                    children: [
+                      copy.code_return,
+                      " ",
+                      /* @__PURE__ */ jsxDEV("a", {
+                        "data-component": "link",
+                        href: "./authorize",
+                        children: copy.login
+                      }, undefined, false, undefined, this)
+                    ]
+                  }, undefined, true, undefined, this)
+                }, undefined, false, undefined, this)
+              ]
+            }, undefined, true, undefined, this);
+          }
+          if (state.type === "code") {
+            return /* @__PURE__ */ jsxDEV(Fragment, {
+              children: [
+                /* @__PURE__ */ jsxDEV("form", {
+                  "data-component": "form",
+                  method: "post",
+                  children: [
+                    /* @__PURE__ */ jsxDEV(FormAlert, {
+                      message: getErrorMessage(error)
+                    }, undefined, false, undefined, this),
+                    /* @__PURE__ */ jsxDEV("input", {
+                      name: "action",
+                      type: "hidden",
+                      value: "verify"
+                    }, undefined, false, undefined, this),
+                    /* @__PURE__ */ jsxDEV("input", {
+                      type: "text",
+                      name: "code",
+                      placeholder: copy.input_code,
+                      "aria-label": "6-digit verification code",
+                      autoComplete: "one-time-code",
+                      inputMode: "numeric",
+                      maxLength: 6,
+                      minLength: 6,
+                      "data-component": "input",
+                      pattern: "[0-9]{6}",
+                      required: true
+                    }, undefined, false, undefined, this),
+                    /* @__PURE__ */ jsxDEV("button", {
+                      "data-component": "button",
+                      type: "submit",
+                      children: copy.button_continue
+                    }, undefined, false, undefined, this)
+                  ]
+                }, undefined, true, undefined, this),
+                /* @__PURE__ */ jsxDEV("form", {
+                  method: "post",
+                  children: [
+                    /* @__PURE__ */ jsxDEV("input", {
+                      name: "action",
+                      type: "hidden",
+                      value: "code"
+                    }, undefined, false, undefined, this),
+                    /* @__PURE__ */ jsxDEV("input", {
+                      name: "email",
+                      type: "hidden",
+                      value: state.email
+                    }, undefined, false, undefined, this),
+                    /* @__PURE__ */ jsxDEV("div", {
+                      "data-component": "form-footer",
+                      children: [
+                        /* @__PURE__ */ jsxDEV("span", {
+                          children: [
+                            copy.code_return,
+                            " ",
+                            /* @__PURE__ */ jsxDEV("a", {
+                              "data-component": "link",
+                              href: "./authorize",
+                              children: copy.login
+                            }, undefined, false, undefined, this)
+                          ]
+                        }, undefined, true, undefined, this),
+                        /* @__PURE__ */ jsxDEV("button", {
+                          type: "submit",
+                          "data-component": "link",
+                          children: copy.code_resend
+                        }, undefined, false, undefined, this)
+                      ]
+                    }, undefined, true, undefined, this)
+                  ]
+                }, undefined, true, undefined, this)
+              ]
+            }, undefined, true, undefined, this);
+          }
+          return /* @__PURE__ */ jsxDEV("form", {
+            "data-component": "form",
+            method: "post",
+            children: [
+              /* @__PURE__ */ jsxDEV(FormAlert, {
+                message: getErrorMessage(error)
+              }, undefined, false, undefined, this),
+              /* @__PURE__ */ jsxDEV("input", {
+                name: "action",
+                type: "hidden",
+                value: "update"
+              }, undefined, false, undefined, this),
+              /* @__PURE__ */ jsxDEV("input", {
+                type: "password",
+                name: "password",
+                placeholder: copy.input_password,
+                value: passwordError ? "" : form?.get("password")?.toString() || "",
+                autoComplete: "new-password",
+                "data-component": "input",
+                required: true
+              }, undefined, false, undefined, this),
+              /* @__PURE__ */ jsxDEV("input", {
+                type: "password",
+                name: "repeat",
+                placeholder: copy.input_repeat,
+                value: passwordError ? "" : form?.get("repeat")?.toString() || "",
+                autoComplete: "new-password",
+                "data-component": "input",
+                required: true
+              }, undefined, false, undefined, this),
+              /* @__PURE__ */ jsxDEV("button", {
+                "data-component": "button",
+                type: "submit",
+                children: copy.button_continue
+              }, undefined, false, undefined, this)
+            ]
+          }, undefined, true, undefined, this);
+        })
+      }, undefined, false, undefined, this);
+      return new Response(jsx.toString(), {
+        status: error ? 400 : 200,
+        headers: { "Content-Type": "text/html" }
+      });
+    }
+  };
+};
+export {
+  PasswordUI
+};

package/dist/esm/ui/select.js

@@ -0,0 +1,102 @@
+// src/ui/select.tsx
+import { Layout } from "./base";
+import {
+  ICON_APPLE,
+  ICON_DISCORD,
+  ICON_EMAIL,
+  ICON_FACEBOOK,
+  ICON_GITHUB,
+  ICON_GITLAB,
+  ICON_GOOGLE,
+  ICON_LINKEDIN,
+  ICON_MICROSOFT,
+  ICON_REDDIT,
+  ICON_SLACK,
+  ICON_SPOTIFY,
+  ICON_TWITCH
+} from "./icon";
+import { jsxDEV } from "hono/jsx/jsx-dev-runtime";
+var PROVIDER_ICONS = {
+  apple: ICON_APPLE,
+  code: ICON_EMAIL,
+  discord: ICON_DISCORD,
+  email: ICON_EMAIL,
+  facebook: ICON_FACEBOOK,
+  github: ICON_GITHUB,
+  gitlab: ICON_GITLAB,
+  google: ICON_GOOGLE,
+  linkedin: ICON_LINKEDIN,
+  magiclink: ICON_EMAIL,
+  microsoft: ICON_MICROSOFT,
+  password: ICON_EMAIL,
+  reddit: ICON_REDDIT,
+  slack: ICON_SLACK,
+  spotify: ICON_SPOTIFY,
+  twitch: ICON_TWITCH
+};
+var DEFAULT_DISPLAYS = {
+  apple: "Apple",
+  code: "Code",
+  discord: "Discord",
+  facebook: "Facebook",
+  github: "GitHub",
+  gitlab: "GitLab",
+  google: "Google",
+  linkedin: "LinkedIn",
+  microsoft: "Microsoft",
+  password: "Password",
+  reddit: "Reddit",
+  slack: "Slack",
+  spotify: "Spotify",
+  twitch: "Twitch"
+};
+var ProviderSelect = ({
+  providers,
+  config = {},
+  theme
+}) => {
+  const buttonText = config.copy?.button_provider || "Continue with";
+  const displays = { ...DEFAULT_DISPLAYS, ...config.displays };
+  const visibleProviders = Object.entries(providers).filter(([key]) => !config.providers?.[key]?.hide);
+  return /* @__PURE__ */ jsxDEV(Layout, {
+    theme,
+    title: "Sign In",
+    children: /* @__PURE__ */ jsxDEV("div", {
+      "data-component": "form",
+      children: visibleProviders.map(([key, type]) => {
+        const displayName = config.providers?.[key]?.display || displays[type] || DEFAULT_DISPLAYS[type] || type;
+        const IconComponent = PROVIDER_ICONS[key] || PROVIDER_ICONS[type];
+        return /* @__PURE__ */ jsxDEV("a", {
+          href: `./${key}/authorize`,
+          "data-component": "button",
+          "data-color": "ghost",
+          "aria-label": `${buttonText} ${displayName}`,
+          children: [
+            IconComponent && /* @__PURE__ */ jsxDEV("i", {
+              "data-slot": "icon",
+              children: IconComponent()
+            }, undefined, false, undefined, this),
+            buttonText,
+            " ",
+            displayName
+          ]
+        }, key, true, undefined, this);
+      })
+    }, undefined, false, undefined, this)
+  }, undefined, false, undefined, this);
+};
+var Select = (props = {}) => {
+  return async (providers) => {
+    const jsx = /* @__PURE__ */ jsxDEV(ProviderSelect, {
+      providers,
+      config: props,
+      theme: props.theme
+    }, undefined, false, undefined, this);
+    return new Response(jsx.toString(), {
+      headers: { "Content-Type": "text/html" }
+    });
+  };
+};
+export {
+  Select
+};

package/dist/esm/util.js

@@ -0,0 +1,59 @@
+// src/util.ts
+var getRelativeUrl = (c, path) => {
+  const result = new URL(path, c.req.url);
+  result.host = c.req.header("x-forwarded-host") || result.host;
+  result.protocol = c.req.header("x-forwarded-proto") || result.protocol;
+  result.port = c.req.header("x-forwarded-port") || result.port;
+  return result.toString();
+};
+var twoPartTlds = [
+  "co.uk",
+  "co.jp",
+  "co.kr",
+  "co.nz",
+  "co.za",
+  "co.in",
+  "com.au",
+  "com.br",
+  "com.cn",
+  "com.mx",
+  "com.tw",
+  "net.au",
+  "org.uk",
+  "ne.jp",
+  "ac.uk",
+  "gov.uk",
+  "edu.au",
+  "gov.au"
+];
+var isDomainMatch = (a, b) => {
+  if (a === b) {
+    return true;
+  }
+  const partsA = a.split(".");
+  const partsB = b.split(".");
+  const hasTwoPartTld = twoPartTlds.some((tld) => a.endsWith(`.${tld}`) || b.endsWith(`.${tld}`));
+  const numParts = hasTwoPartTld ? -3 : -2;
+  const min = Math.min(partsA.length, partsB.length, numParts);
+  const tailA = partsA.slice(min).join(".");
+  const tailB = partsB.slice(min).join(".");
+  return tailA === tailB;
+};
+var lazy = (fn) => {
+  let value;
+  let hasValue = false;
+  return () => {
+    if (!hasValue) {
+      value = fn();
+      hasValue = true;
+    }
+    return value;
+  };
+};
+var run = (fn) => fn();
+export {
+  run,
+  lazy,
+  isDomainMatch,
+  getRelativeUrl
+};

package/dist/{allow.d.mts → types/allow.d.ts}

@@ -1,4 +1,3 @@
-//#region src/allow.d.ts
 /**
  * Client authorization validation utilities.
  * Provides security checks to determine if OAuth authorization requests should be permitted
@@ -8,13 +7,13 @@
  * Input parameters for authorization allow checks.
  * Contains all necessary information to validate if a client request should be permitted.
  */
-interface AllowCheckInput {
-  /** The client ID of the application requesting authorization */
-  readonly clientID: string;
-  /** The redirect URI where the user will be sent after authorization */
-  readonly redirectURI: string;
-  /** Optional audience parameter for the authorization request */
-  readonly audience?: string;
+export interface AllowCheckInput {
+    /** The client ID of the application requesting authorization */
+    readonly clientID: string;
+    /** The redirect URI where the user will be sent after authorization */
+    readonly redirectURI: string;
+    /** Optional audience parameter for the authorization request */
+    readonly audience?: string;
 }
 /**
  * Default authorization check that validates client requests based on redirect URI security.
@@ -54,6 +53,5 @@ interface AllowCheckInput {
  * }, request) // → false
  * ```
  */
-declare const defaultAllowCheck: (input: AllowCheckInput, req: Request) => Promise<boolean>;
-//#endregion
-export { AllowCheckInput, defaultAllowCheck };
+export declare const defaultAllowCheck: (input: AllowCheckInput, req: Request) => Promise<boolean>;
+//# sourceMappingURL=allow.d.ts.map

package/dist/types/allow.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"allow.d.ts","sourceRoot":"","sources":["../../src/allow.ts"],"names":[],"mappings":"AAEA;;;;GAIG;AAEH;;;GAGG;AACH,MAAM,WAAW,eAAe;IAC/B,gEAAgE;IAChE,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;IACzB,uEAAuE;IACvE,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAA;IAC5B,gEAAgE;IAChE,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;CAC1B;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AACH,eAAO,MAAM,iBAAiB,GAAI,OAAO,eAAe,EAAE,KAAK,OAAO,KAAG,OAAO,CAAC,OAAO,CA+BvF,CAAA"}