@draftlab/auth 0.4.1 → 0.6.0

package/dist/provider/reddit.d.mts

@@ -0,0 +1,101 @@
+import { Provider } from "./provider.mjs";
+import { Oauth2UserData, Oauth2WrappedConfig } from "./oauth2.mjs";
+
+//#region src/provider/reddit.d.ts
+
+/**
+ * Configuration options for Reddit OAuth 2.0 provider.
+ * Extends the base OAuth 2.0 configuration with Reddit-specific documentation.
+ */
+interface RedditConfig extends Oauth2WrappedConfig {
+  /**
+   * Reddit app client ID.
+   * Get this from your Reddit application preferences at https://www.reddit.com/prefs/apps
+   *
+   * @example
+   * ```ts
+   * {
+   *   clientID: "abcdef123456"
+   * }
+   * ```
+   */
+  readonly clientID: string;
+  /**
+   * Reddit app client secret.
+   * Keep this secure and never expose it to client-side code.
+   *
+   * @example
+   * ```ts
+   * {
+   *   clientSecret: process.env.REDDIT_CLIENT_SECRET
+   * }
+   * ```
+   */
+  readonly clientSecret: string;
+  /**
+   * Reddit OAuth scopes to request access for.
+   * Determines what data and actions your app can access.
+   *
+   * @example
+   * ```ts
+   * {
+   *   scopes: [
+   *     "identity",           // Access user identity
+   *     "read"                // Read private data
+   *   ]
+   * }
+   * ```
+   */
+  readonly scopes: string[];
+}
+/**
+ * Creates a Reddit OAuth 2.0 authentication provider.
+ * Allows users to authenticate using their Reddit accounts.
+ *
+ * @param config - Reddit OAuth 2.0 configuration
+ * @returns OAuth 2.0 provider configured for Reddit
+ *
+ * @example
+ * ```ts
+ * // Basic Reddit authentication
+ * const basicReddit = RedditProvider({
+ *   clientID: process.env.REDDIT_CLIENT_ID,
+ *   clientSecret: process.env.REDDIT_CLIENT_SECRET
+ * })
+ *
+ * // Reddit with identity scope
+ * const redditWithIdentity = RedditProvider({
+ *   clientID: process.env.REDDIT_CLIENT_ID,
+ *   clientSecret: process.env.REDDIT_CLIENT_SECRET,
+ *   scopes: ["identity"]
+ * })
+ *
+ * // Using the access token to fetch user data
+ * export default issuer({
+ *   providers: { reddit: redditWithIdentity },
+ *   success: async (ctx, value) => {
+ *     if (value.provider === "reddit") {
+ *       const token = value.tokenset.access
+ *
+ *       const userRes = await fetch('https://oauth.reddit.com/api/v1/me', {
+ *         headers: {
+ *           'Authorization': `Bearer ${token}`,
+ *           'User-Agent': 'YourApp/1.0'
+ *         }
+ *       })
+ *       const user = await userRes.json()
+ *
+ *       return ctx.subject("user", {
+ *         redditId: user.id,
+ *         username: user.name,
+ *         linkKarma: user.link_karma,
+ *         commentKarma: user.comment_karma
+ *       })
+ *     }
+ *   }
+ * })
+ * ```
+ */
+declare const RedditProvider: (config: RedditConfig) => Provider<Oauth2UserData>;
+//#endregion
+export { RedditConfig, RedditProvider };

package/dist/provider/reddit.mjs

@@ -0,0 +1,114 @@
+import { Oauth2Provider } from "./oauth2.mjs";
+
+//#region src/provider/reddit.ts
+/**
+* Reddit authentication provider for Draft Auth.
+* Implements OAuth 2.0 flow for authenticating users with their Reddit accounts.
+*
+* ## Quick Setup
+*
+* ```ts
+* import { RedditProvider } from "@draftlab/auth/provider/reddit"
+*
+* export default issuer({
+*   providers: {
+*     reddit: RedditProvider({
+*       clientID: process.env.REDDIT_CLIENT_ID,
+*       clientSecret: process.env.REDDIT_CLIENT_SECRET,
+*       scopes: ["identity"]
+*     })
+*   }
+* })
+* ```
+*
+* ## Common Scopes
+*
+* - `identity` - Access user's identity information
+* - `read` - Access user's private data (saved posts, hidden posts, etc.)
+* - `submit` - Submit links and posts
+* - `modposts` - Moderate posts
+* - `privatemessages` - Access private messages
+* - `subscribe` - Subscribe to subreddits
+* - `wikiread` - Read wiki pages
+*
+* ## User Data Access
+*
+* ```ts
+* success: async (ctx, value) => {
+*   if (value.provider === "reddit") {
+*     const accessToken = value.tokenset.access
+*
+*     // Fetch user information
+*     const userResponse = await fetch('https://oauth.reddit.com/api/v1/me', {
+*       headers: { Authorization: `Bearer ${accessToken}` }
+*     })
+*     const user = await userResponse.json()
+*
+*     // User info: id, name, created_utc, link_karma, comment_karma
+*   }
+* }
+* ```
+*
+* @packageDocumentation
+*/
+/**
+* Creates a Reddit OAuth 2.0 authentication provider.
+* Allows users to authenticate using their Reddit accounts.
+*
+* @param config - Reddit OAuth 2.0 configuration
+* @returns OAuth 2.0 provider configured for Reddit
+*
+* @example
+* ```ts
+* // Basic Reddit authentication
+* const basicReddit = RedditProvider({
+*   clientID: process.env.REDDIT_CLIENT_ID,
+*   clientSecret: process.env.REDDIT_CLIENT_SECRET
+* })
+*
+* // Reddit with identity scope
+* const redditWithIdentity = RedditProvider({
+*   clientID: process.env.REDDIT_CLIENT_ID,
+*   clientSecret: process.env.REDDIT_CLIENT_SECRET,
+*   scopes: ["identity"]
+* })
+*
+* // Using the access token to fetch user data
+* export default issuer({
+*   providers: { reddit: redditWithIdentity },
+*   success: async (ctx, value) => {
+*     if (value.provider === "reddit") {
+*       const token = value.tokenset.access
+*
+*       const userRes = await fetch('https://oauth.reddit.com/api/v1/me', {
+*         headers: {
+*           'Authorization': `Bearer ${token}`,
+*           'User-Agent': 'YourApp/1.0'
+*         }
+*       })
+*       const user = await userRes.json()
+*
+*       return ctx.subject("user", {
+*         redditId: user.id,
+*         username: user.name,
+*         linkKarma: user.link_karma,
+*         commentKarma: user.comment_karma
+*       })
+*     }
+*   }
+* })
+* ```
+*/
+const RedditProvider = (config) => {
+	return Oauth2Provider({
+		...config,
+		type: "reddit",
+		endpoint: {
+			authorization: "https://www.reddit.com/api/v1/authorize",
+			token: "https://www.reddit.com/api/v1/access_token"
+		}
+	});
+};
+
+//#endregion
+export { RedditProvider };

package/dist/provider/slack.d.mts

@@ -0,0 +1,108 @@
+import { Provider } from "./provider.mjs";
+import { Oauth2UserData, Oauth2WrappedConfig } from "./oauth2.mjs";
+
+//#region src/provider/slack.d.ts
+
+/**
+ * Configuration options for Slack OAuth 2.0 provider.
+ * Extends the base OAuth 2.0 configuration with Slack-specific documentation.
+ */
+interface SlackConfig extends Oauth2WrappedConfig {
+  /**
+   * Slack app client ID.
+   * Get this from your Slack App settings at https://api.slack.com/apps
+   *
+   * @example
+   * ```ts
+   * {
+   *   clientID: "123456789.1234567890"
+   * }
+   * ```
+   */
+  readonly clientID: string;
+  /**
+   * Slack app client secret.
+   * Keep this secure and never expose it to client-side code.
+   *
+   * @example
+   * ```ts
+   * {
+   *   clientSecret: process.env.SLACK_CLIENT_SECRET
+   * }
+   * ```
+   */
+  readonly clientSecret: string;
+  /**
+   * Slack OAuth scopes to request access for.
+   * Determines what data and actions your app can access.
+   *
+   * @example
+   * ```ts
+   * {
+   *   scopes: [
+   *     "users:read",           // Access to user profiles
+   *     "users:read.email",     // Access user emails
+   *     "team:read"             // Access team information
+   *   ]
+   * }
+   * ```
+   */
+  readonly scopes: string[];
+}
+/**
+ * Creates a Slack OAuth 2.0 authentication provider.
+ * Allows users to authenticate using their Slack accounts.
+ *
+ * @param config - Slack OAuth 2.0 configuration
+ * @returns OAuth 2.0 provider configured for Slack
+ *
+ * @example
+ * ```ts
+ * // Basic Slack authentication
+ * const basicSlack = SlackProvider({
+ *   clientID: process.env.SLACK_CLIENT_ID,
+ *   clientSecret: process.env.SLACK_CLIENT_SECRET
+ * })
+ *
+ * // Slack with user scopes
+ * const slackWithScopes = SlackProvider({
+ *   clientID: process.env.SLACK_CLIENT_ID,
+ *   clientSecret: process.env.SLACK_CLIENT_SECRET,
+ *   scopes: ["users:read", "users:read.email", "team:read"]
+ * })
+ *
+ * // Using the access token to fetch user data
+ * export default issuer({
+ *   providers: { slack: slackWithScopes },
+ *   success: async (ctx, value) => {
+ *     if (value.provider === "slack") {
+ *       const token = value.tokenset.access
+ *
+ *       // Get basic user info
+ *       const authRes = await fetch('https://slack.com/api/auth.test', {
+ *         headers: { Authorization: `Bearer ${token}` }
+ *       })
+ *       const authInfo = await authRes.json()
+ *
+ *       // Get detailed user info
+ *       const userRes = await fetch(
+ *         `https://slack.com/api/users.info?user=${authInfo.user_id}`,
+ *         { headers: { Authorization: `Bearer ${token}` } }
+ *       )
+ *       const { user } = await userRes.json()
+ *
+ *       return ctx.subject("user", {
+ *         slackId: user.id,
+ *         username: user.name,
+ *         realName: user.real_name,
+ *         email: user.profile?.email,
+ *         workspace: authInfo.team_id
+ *       })
+ *     }
+ *   }
+ * })
+ * ```
+ */
+declare const SlackProvider: (config: SlackConfig) => Provider<Oauth2UserData>;
+//#endregion
+export { SlackConfig, SlackProvider };

package/dist/provider/slack.mjs

@@ -0,0 +1,125 @@
+import { Oauth2Provider } from "./oauth2.mjs";
+
+//#region src/provider/slack.ts
+/**
+* Slack authentication provider for Draft Auth.
+* Implements OAuth 2.0 flow for authenticating users with their Slack accounts.
+*
+* ## Quick Setup
+*
+* ```ts
+* import { SlackProvider } from "@draftlab/auth/provider/slack"
+*
+* export default issuer({
+*   providers: {
+*     slack: SlackProvider({
+*       clientID: process.env.SLACK_CLIENT_ID,
+*       clientSecret: process.env.SLACK_CLIENT_SECRET,
+*       scopes: ["users:read", "users:read.email"]
+*     })
+*   }
+* })
+* ```
+*
+* ## Common Scopes
+*
+* - `users:read` - Access to user profiles
+* - `users:read.email` - Access user email addresses
+* - `team:read` - Access team information
+* - `channels:read` - View channels
+* - `groups:read` - View private channels
+* - `im:read` - View direct messages
+* - `mpim:read` - View group direct messages
+*
+* ## User Data Access
+*
+* ```ts
+* success: async (ctx, value) => {
+*   if (value.provider === "slack") {
+*     const accessToken = value.tokenset.access
+*
+*     // Fetch user information
+*     const userResponse = await fetch('https://slack.com/api/auth.test', {
+*       headers: { Authorization: `Bearer ${accessToken}` }
+*     })
+*     const userInfo = await userResponse.json()
+*
+*     // Get user details
+*     const userDetailsResponse = await fetch(
+*       `https://slack.com/api/users.info?user=${userInfo.user_id}`,
+*       { headers: { Authorization: `Bearer ${accessToken}` } }
+*     )
+*     const { user } = await userDetailsResponse.json()
+*   }
+* }
+* ```
+*
+* @packageDocumentation
+*/
+/**
+* Creates a Slack OAuth 2.0 authentication provider.
+* Allows users to authenticate using their Slack accounts.
+*
+* @param config - Slack OAuth 2.0 configuration
+* @returns OAuth 2.0 provider configured for Slack
+*
+* @example
+* ```ts
+* // Basic Slack authentication
+* const basicSlack = SlackProvider({
+*   clientID: process.env.SLACK_CLIENT_ID,
+*   clientSecret: process.env.SLACK_CLIENT_SECRET
+* })
+*
+* // Slack with user scopes
+* const slackWithScopes = SlackProvider({
+*   clientID: process.env.SLACK_CLIENT_ID,
+*   clientSecret: process.env.SLACK_CLIENT_SECRET,
+*   scopes: ["users:read", "users:read.email", "team:read"]
+* })
+*
+* // Using the access token to fetch user data
+* export default issuer({
+*   providers: { slack: slackWithScopes },
+*   success: async (ctx, value) => {
+*     if (value.provider === "slack") {
+*       const token = value.tokenset.access
+*
+*       // Get basic user info
+*       const authRes = await fetch('https://slack.com/api/auth.test', {
+*         headers: { Authorization: `Bearer ${token}` }
+*       })
+*       const authInfo = await authRes.json()
+*
+*       // Get detailed user info
+*       const userRes = await fetch(
+*         `https://slack.com/api/users.info?user=${authInfo.user_id}`,
+*         { headers: { Authorization: `Bearer ${token}` } }
+*       )
+*       const { user } = await userRes.json()
+*
+*       return ctx.subject("user", {
+*         slackId: user.id,
+*         username: user.name,
+*         realName: user.real_name,
+*         email: user.profile?.email,
+*         workspace: authInfo.team_id
+*       })
+*     }
+*   }
+* })
+* ```
+*/
+const SlackProvider = (config) => {
+	return Oauth2Provider({
+		...config,
+		type: "slack",
+		endpoint: {
+			authorization: "https://slack.com/oauth_authorize",
+			token: "https://slack.com/api/oauth.v2.access"
+		}
+	});
+};
+
+//#endregion
+export { SlackProvider };

package/dist/provider/spotify.d.mts

@@ -0,0 +1,107 @@
+import { Provider } from "./provider.mjs";
+import { Oauth2UserData, Oauth2WrappedConfig } from "./oauth2.mjs";
+
+//#region src/provider/spotify.d.ts
+
+/**
+ * Configuration options for Spotify OAuth 2.0 provider.
+ * Extends the base OAuth 2.0 configuration with Spotify-specific documentation.
+ */
+interface SpotifyConfig extends Oauth2WrappedConfig {
+  /**
+   * Spotify app client ID.
+   * Get this from your Spotify App at https://developer.spotify.com/dashboard
+   *
+   * @example
+   * ```ts
+   * {
+   *   clientID: "abcdef123456"
+   * }
+   * ```
+   */
+  readonly clientID: string;
+  /**
+   * Spotify app client secret.
+   * Keep this secure and never expose it to client-side code.
+   *
+   * @example
+   * ```ts
+   * {
+   *   clientSecret: process.env.SPOTIFY_CLIENT_SECRET
+   * }
+   * ```
+   */
+  readonly clientSecret: string;
+  /**
+   * Spotify OAuth scopes to request access for.
+   * Determines what data and actions your app can access.
+   *
+   * @example
+   * ```ts
+   * {
+   *   scopes: [
+   *     "user-read-private",   // Access private user data
+   *     "user-read-email",     // Access user email
+   *     "user-top-read"        // Read top artists and tracks
+   *   ]
+   * }
+   * ```
+   */
+  readonly scopes: string[];
+}
+/**
+ * Creates a Spotify OAuth 2.0 authentication provider.
+ * Allows users to authenticate using their Spotify accounts.
+ *
+ * @param config - Spotify OAuth 2.0 configuration
+ * @returns OAuth 2.0 provider configured for Spotify
+ *
+ * @example
+ * ```ts
+ * // Basic Spotify authentication
+ * const basicSpotify = SpotifyProvider({
+ *   clientID: process.env.SPOTIFY_CLIENT_ID,
+ *   clientSecret: process.env.SPOTIFY_CLIENT_SECRET
+ * })
+ *
+ * // Spotify with user data access
+ * const spotifyWithScopes = SpotifyProvider({
+ *   clientID: process.env.SPOTIFY_CLIENT_ID,
+ *   clientSecret: process.env.SPOTIFY_CLIENT_SECRET,
+ *   scopes: ["user-read-private", "user-read-email", "user-top-read"]
+ * })
+ *
+ * // Using the access token to fetch user data
+ * export default issuer({
+ *   providers: { spotify: spotifyWithScopes },
+ *   success: async (ctx, value) => {
+ *     if (value.provider === "spotify") {
+ *       const token = value.tokenset.access
+ *
+ *       const userRes = await fetch('https://api.spotify.com/v1/me', {
+ *         headers: { Authorization: `Bearer ${token}` }
+ *       })
+ *       const user = await userRes.json()
+ *
+ *       // Optionally fetch top tracks
+ *       const topRes = await fetch('https://api.spotify.com/v1/me/top/tracks?limit=5', {
+ *         headers: { Authorization: `Bearer ${token}` }
+ *       })
+ *       const { items: topTracks } = await topRes.json()
+ *
+ *       return ctx.subject("user", {
+ *         spotifyId: user.id,
+ *         email: user.email,
+ *         displayName: user.display_name,
+ *         profileUrl: user.external_urls?.spotify,
+ *         followers: user.followers?.total,
+ *         topTracks: topTracks.map(t => t.name)
+ *       })
+ *     }
+ *   }
+ * })
+ * ```
+ */
+declare const SpotifyProvider: (config: SpotifyConfig) => Provider<Oauth2UserData>;
+//#endregion
+export { SpotifyConfig, SpotifyProvider };

package/dist/provider/spotify.mjs

@@ -0,0 +1,122 @@
+import { Oauth2Provider } from "./oauth2.mjs";
+
+//#region src/provider/spotify.ts
+/**
+* Spotify authentication provider for Draft Auth.
+* Implements OAuth 2.0 flow for authenticating users with their Spotify accounts.
+*
+* ## Quick Setup
+*
+* ```ts
+* import { SpotifyProvider } from "@draftlab/auth/provider/spotify"
+*
+* export default issuer({
+*   providers: {
+*     spotify: SpotifyProvider({
+*       clientID: process.env.SPOTIFY_CLIENT_ID,
+*       clientSecret: process.env.SPOTIFY_CLIENT_SECRET,
+*       scopes: ["user-read-private", "user-read-email"]
+*     })
+*   }
+* })
+* ```
+*
+* ## Common Scopes
+*
+* - `user-read-private` - Access user's private data
+* - `user-read-email` - Access user's email address
+* - `user-top-read` - Read user's top artists and tracks
+* - `user-read-playback-state` - Read current playback state
+* - `user-modify-playback-state` - Modify playback state
+* - `user-read-currently-playing` - Read currently playing track
+* - `playlist-read-private` - Access private playlists
+* - `playlist-read-public` - Access public playlists
+* - `user-library-read` - Read user's library
+* - `user-follow-read` - Read followed artists and users
+*
+* ## User Data Access
+*
+* ```ts
+* success: async (ctx, value) => {
+*   if (value.provider === "spotify") {
+*     const accessToken = value.tokenset.access
+*
+*     // Fetch user profile
+*     const userResponse = await fetch('https://api.spotify.com/v1/me', {
+*       headers: { Authorization: `Bearer ${accessToken}` }
+*     })
+*     const user = await userResponse.json()
+*
+*     // User info: id, email, display_name, external_urls, images, followers
+*   }
+* }
+* ```
+*
+* @packageDocumentation
+*/
+/**
+* Creates a Spotify OAuth 2.0 authentication provider.
+* Allows users to authenticate using their Spotify accounts.
+*
+* @param config - Spotify OAuth 2.0 configuration
+* @returns OAuth 2.0 provider configured for Spotify
+*
+* @example
+* ```ts
+* // Basic Spotify authentication
+* const basicSpotify = SpotifyProvider({
+*   clientID: process.env.SPOTIFY_CLIENT_ID,
+*   clientSecret: process.env.SPOTIFY_CLIENT_SECRET
+* })
+*
+* // Spotify with user data access
+* const spotifyWithScopes = SpotifyProvider({
+*   clientID: process.env.SPOTIFY_CLIENT_ID,
+*   clientSecret: process.env.SPOTIFY_CLIENT_SECRET,
+*   scopes: ["user-read-private", "user-read-email", "user-top-read"]
+* })
+*
+* // Using the access token to fetch user data
+* export default issuer({
+*   providers: { spotify: spotifyWithScopes },
+*   success: async (ctx, value) => {
+*     if (value.provider === "spotify") {
+*       const token = value.tokenset.access
+*
+*       const userRes = await fetch('https://api.spotify.com/v1/me', {
+*         headers: { Authorization: `Bearer ${token}` }
+*       })
+*       const user = await userRes.json()
+*
+*       // Optionally fetch top tracks
+*       const topRes = await fetch('https://api.spotify.com/v1/me/top/tracks?limit=5', {
+*         headers: { Authorization: `Bearer ${token}` }
+*       })
+*       const { items: topTracks } = await topRes.json()
+*
+*       return ctx.subject("user", {
+*         spotifyId: user.id,
+*         email: user.email,
+*         displayName: user.display_name,
+*         profileUrl: user.external_urls?.spotify,
+*         followers: user.followers?.total,
+*         topTracks: topTracks.map(t => t.name)
+*       })
+*     }
+*   }
+* })
+* ```
+*/
+const SpotifyProvider = (config) => {
+	return Oauth2Provider({
+		...config,
+		type: "spotify",
+		endpoint: {
+			authorization: "https://accounts.spotify.com/authorize",
+			token: "https://accounts.spotify.com/api/token"
+		}
+	});
+};
+
+//#endregion
+export { SpotifyProvider };

package/dist/provider/{totp.d.ts → totp.d.mts}

@@ -1,4 +1,4 @@
-import { Provider } from "./provider.js";
+import { Provider } from "./provider.mjs";
 
 //#region src/provider/totp.d.ts