@flink-app/oauth-plugin 0.14.1 → 2.0.0-alpha.100

package/CHANGELOG.md

@@ -1,11 +1,398 @@
 # @flink-app/oauth-plugin
 
+## 2.0.0-alpha.100
+
+### Patch Changes
+
+-   Updated dependencies [6e8166a]
+    -   @flink-app/flink@2.0.0-alpha.100
+
+## 2.0.0-alpha.99
+
+### Patch Changes
+
+-   Updated dependencies [ed9cd2c]
+    -   @flink-app/flink@2.0.0-alpha.99
+
+## 2.0.0-alpha.98
+
+### Patch Changes
+
+-   Updated dependencies [2f4a132]
+    -   @flink-app/flink@2.0.0-alpha.98
+
+## 2.0.0-alpha.97
+
+### Patch Changes
+
+-   Updated dependencies [eed6bc1]
+    -   @flink-app/flink@2.0.0-alpha.97
+
+## 2.0.0-alpha.96
+
+### Patch Changes
+
+-   Updated dependencies
+    -   @flink-app/flink@2.0.0-alpha.96
+
+## 2.0.0-alpha.95
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.95
+
+## 2.0.0-alpha.94
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.94
+
+## 2.0.0-alpha.93
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.93
+
+## 2.0.0-alpha.92
+
+### Patch Changes
+
+-   Updated dependencies [8d23d56]
+    -   @flink-app/flink@2.0.0-alpha.92
+
+## 2.0.0-alpha.91
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.91
+
+## 2.0.0-alpha.90
+
+### Patch Changes
+
+-   Updated dependencies [0d84b5f]
+    -   @flink-app/flink@2.0.0-alpha.90
+
+## 2.0.0-alpha.89
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.89
+
+## 2.0.0-alpha.88
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.88
+
+## 2.0.0-alpha.87
+
+### Patch Changes
+
+-   Updated dependencies
+    -   @flink-app/flink@2.0.0-alpha.87
+
+## 2.0.0-alpha.86
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.86
+
+## 2.0.0-alpha.85
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.85
+
+## 2.0.0-alpha.84
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.84
+
+## 2.0.0-alpha.83
+
+### Patch Changes
+
+-   Updated dependencies
+    -   @flink-app/flink@2.0.0-alpha.83
+
+## 2.0.0-alpha.82
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.82
+
+## 2.0.0-alpha.81
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.81
+
+## 2.0.0-alpha.80
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.80
+
+## 2.0.0-alpha.79
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.79
+
+## 2.0.0-alpha.78
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.78
+
+## 2.0.0-alpha.77
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.77
+
+## 2.0.0-alpha.76
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.76
+
+## 2.0.0-alpha.75
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.75
+
+## 2.0.0-alpha.74
+
+### Patch Changes
+
+-   Updated dependencies
+-   Updated dependencies
+    -   @flink-app/flink@2.0.0-alpha.74
+
+## 2.0.0-alpha.73
+
+### Patch Changes
+
+-   Updated dependencies
+    -   @flink-app/flink@2.0.0-alpha.73
+
+## 2.0.0-alpha.72
+
+### Patch Changes
+
+-   Updated dependencies
+    -   @flink-app/flink@2.0.0-alpha.72
+
+## 2.0.0-alpha.71
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.71
+
+## 2.0.0-alpha.70
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.70
+
+## 2.0.0-alpha.69
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.69
+
+## 2.0.0-alpha.68
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.68
+
+## 2.0.0-alpha.67
+
+### Patch Changes
+
+-   Updated dependencies [418cb54]
+-   Updated dependencies [70d574c]
+    -   @flink-app/flink@2.0.0-alpha.67
+
+## 2.0.0-alpha.66
+
+### Patch Changes
+
+-   Updated dependencies [5593d26]
+    -   @flink-app/flink@2.0.0-alpha.66
+
+## 2.0.0-alpha.65
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.65
+
+## 2.0.0-alpha.64
+
+### Patch Changes
+
+-   Updated dependencies [95b99ee]
+    -   @flink-app/flink@2.0.0-alpha.64
+
+## 2.0.0-alpha.63
+
+### Patch Changes
+
+-   Updated dependencies [810df2c]
+-   Updated dependencies [8dd0752]
+    -   @flink-app/flink@2.0.0-alpha.63
+
+## 2.0.0-alpha.62
+
+### Patch Changes
+
+-   Updated dependencies
+    -   @flink-app/flink@2.0.0-alpha.62
+
+## 2.0.0-alpha.61
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.61
+
+## 2.0.0-alpha.60
+
+### Patch Changes
+
+-   @flink-app/flink@2.0.0-alpha.60
+
+## 2.0.0-alpha.59
+
+### Patch Changes
+
+-   Updated dependencies [dbc2119]
+    -   @flink-app/flink@2.0.0-alpha.59
+
+## 2.0.0-alpha.58
+
+### Patch Changes
+
+-   Updated dependencies
+    -   @flink-app/flink@2.0.0-alpha.58
+
+## 2.0.0-alpha.57
+
+### Patch Changes
+
+-   Updated dependencies [ef7f495]
+-   Updated dependencies [2d53aa4]
+-   Updated dependencies [b3cc5d1]
+-   Updated dependencies [d377fac]
+-   Updated dependencies [4ad44c0]
+-   Updated dependencies [90f80c7]
+-   Updated dependencies [f0887e7]
+-   Updated dependencies [68c46d3]
+-   Updated dependencies [4ad44c0]
+-   Updated dependencies
+    -   @flink-app/flink@2.0.0-alpha.57
+
+## 2.0.0-alpha.56
+
+### Patch Changes
+
+-   Zod 3.x compat
+-   Updated dependencies
+-   Updated dependencies [0203256]
+    -   @flink-app/flink@2.0.0-alpha.56
+
+## 2.0.0-alpha.55
+
+### Patch Changes
+
+-   Updated dependencies [3267206]
+-   Updated dependencies [497b7c2]
+-   Updated dependencies [3267206]
+    -   @flink-app/flink@2.0.0-alpha.55
+
+## 2.0.0-alpha.53
+
+### Patch Changes
+
+-   Updated dependencies [669c806]
+    -   @flink-app/flink@2.0.0-alpha.53
+
+## 2.0.0-alpha.52
+
+### Patch Changes
+
+-   Updated dependencies [fe9f8f2]
+    -   @flink-app/flink@2.0.0-alpha.52
+
+## 2.0.0-alpha.51
+
+### Patch Changes
+
+-   fix: add peerDependencies to all plugins and adapters
+
+    **Breaking Change Prevention:**
+
+    -   Added "@flink-app/flink": ">=2.0.0-alpha.0" as peerDependency to all plugins
+    -   Fixed oidc-plugin peerDependencies from "workspace:\*" to proper version ranges
+    -   Fixed oauth-plugin to include @flink-app/flink peerDependency
+
+    **JWT Auth Plugin Interface Fix:**
+
+    -   Removed redundant createToken declaration from JwtAuthPlugin interface
+    -   The method is already inherited from FlinkAuthPlugin, this fixes TypeScript type checking issues
+
+    **Why this matters:**
+
+    -   Ensures only one version of @flink-app/flink exists in node_modules
+    -   Prevents type conflicts when TypeScript resolves interfaces across packages
+    -   Follows standard plugin architecture best practices (same pattern as React, Webpack, etc.)
+    -   Package managers now warn if incompatible versions are installed
+    -   @flink-app/flink@2.0.0-alpha.51
+
+## 2.0.0-alpha.50
+
+## 2.0.0-alpha.49
+
+### Patch Changes
+
+-   Typescript include fix
+
+## 2.0.0-alpha.48
+
+## 1.0.0
+
+### Minor Changes
+
+-   Align minor version, from now all packages in monorepo will have same version
+
+### Patch Changes
+
+-   ee21c29: Normalize query parameters to predictable string types
+
+    Query parameters are now automatically normalized to `string | string[]` types before reaching handlers:
+
+    -   Single values: converted to strings (e.g., `?page=1` → `{ page: "1" }`)
+    -   Repeated parameters: converted to string arrays (e.g., `?tag=a&tag=b` → `{ tag: ["a", "b"] }`)
+    -   All types (numbers, booleans, etc.) from Express parser are converted to strings
+
+    **Breaking Change (Minor):**
+
+    -   `Query` type changed from `{ [x: string]: string | string[] | undefined }` to `Record<string, string | string[]>`
+    -   `Params` type changed from `Request["params"]` to explicit `Record<string, string>`
+    -   Removed `undefined` from query/param types since normalization ensures values are never undefined
+    -   Updated OAuth and OIDC plugin query type definitions to satisfy new Query constraint
+
+    This ensures predictable query and path parameter handling regardless of Express parser configuration. Handlers can reliably parse string values as needed using `Number()`, `parseInt()`, boolean comparisons, etc.
 
 ## 0.14.1
 
 ### Patch Changes
 
-- fix: restore compatibility between core framework and plugins after 0.14.0 release
+-   fix: restore compatibility between core framework and plugins after 0.14.0 release
 
 ## 0.13.1
 

package/README.md

@@ -107,7 +107,7 @@ const app = new FlinkApp<Context>({
                     });
                 } else {
                     // Link provider to existing user
-                    await ctx.repos.userRepo.updateOne(user._id, {
+                    await ctx.repos.userRepo.updateById(user._id, {
                         oauthProviders: [...user.oauthProviders, { provider, providerId: profile.id }],
                     });
                 }
@@ -664,7 +664,7 @@ onAuthSuccess: async ({ profile, provider }, ctx) => {
         const isAlreadyLinked = existingProviders.some((p) => p.provider === provider && p.providerId === profile.id);
 
         if (!isAlreadyLinked) {
-            await ctx.repos.userRepo.updateOne(user._id, {
+            await ctx.repos.userRepo.updateById(user._id, {
                 oauthProviders: [...existingProviders, { provider, providerId: profile.id }],
             });
         }

package/dist/handlers/CallbackOAuth.js

@@ -142,7 +142,7 @@ const CallbackOAuth = async ({ ctx, req }) => {
             // Create or update OAuth connection
             const existingConnection = await ctx.repos.oauthConnectionRepo.findByUserAndProvider(user._id, provider);
             if (existingConnection) {
-                await ctx.repos.oauthConnectionRepo.updateOne(existingConnection._id, {
+                await ctx.repos.oauthConnectionRepo.updateById(existingConnection._id, {
                     accessToken: encryptedAccessToken,
                     refreshToken: encryptedRefreshToken,
                     scope: tokens.scope || "",

package/dist/schemas/CallbackRequest.d.ts

@@ -1,15 +1,18 @@
 /**
  * Query parameters for OAuth callback request
+ *
+ * Note: All query parameters are normalized to strings or string arrays by Flink.
+ * Providers may send additional query parameters beyond those listed here.
  */
-export default interface CallbackRequest {
+type CallbackRequest = Record<string, string | string[]> & {
     /**
      * Authorization code from OAuth provider
      */
-    code: string;
+    code?: string;
     /**
      * CSRF protection state parameter
      */
-    state: string;
+    state?: string;
     /**
      * Optional error from OAuth provider
      * Common values: access_denied, invalid_request, unauthorized_client, etc.
@@ -26,7 +29,7 @@ export default interface CallbackRequest {
     /**
      * Response type - 'json' returns JSON instead of redirect
      */
-    response_type?: "json";
+    response_type?: "json" | string;
     /**
      * Granted scopes (provider-specific)
      * May be sent by GitHub, Google, and other providers
@@ -49,5 +52,5 @@ export default interface CallbackRequest {
      * Session state or other provider-specific parameters
      */
     session_state?: string;
-    [key: string]: string | undefined;
-}
+};
+export default CallbackRequest;

package/dist/schemas/InitiateRequest.d.ts

@@ -1,10 +1,12 @@
 /**
  * Query parameters for OAuth initiate request
+ *
+ * Note: All query parameters are normalized to strings or string arrays by Flink.
  */
-export default interface InitiateRequest {
+type InitiateRequest = Record<string, string | string[]> & {
     /**
      * Optional redirect URI to return to after OAuth flow completes
      */
     redirectUri?: string;
-    [key: string]: string | undefined;
-}
+};
+export default InitiateRequest;

package/examples/basic-auth.ts

@@ -138,7 +138,7 @@ async function start() {
             if (!isLinked) {
               // Link new provider to existing user
               console.log(`Linking ${provider} to existing user:`, user.email);
-              user = await ctx.repos.userRepo.updateOne(user._id!, {
+              user = await ctx.repos.userRepo.updateById(user._id!, {
                 oauthProviders: [
                   ...user.oauthProviders,
                   { provider, providerId: profile.id },

package/examples/multi-provider.ts

@@ -134,7 +134,7 @@ async function start() {
                   `WARNING: Provider ID changed for ${provider}. Updating...`
                 );
                 // Update provider ID (rare case where user's provider ID changed)
-                user = await ctx.repos.userRepo.updateOne(user._id!, {
+                user = await ctx.repos.userRepo.updateById(user._id!, {
                   oauthProviders: user.oauthProviders.map((p) =>
                     p.provider === provider
                       ? { ...p, providerId: profile.id }
@@ -149,7 +149,7 @@ async function start() {
               // Link new provider to existing user
               console.log(`Linking ${provider} to existing user ${user.email}`);
 
-              user = await ctx.repos.userRepo.updateOne(user._id!, {
+              user = await ctx.repos.userRepo.updateById(user._id!, {
                 oauthProviders: [
                   ...user.oauthProviders,
                   {
@@ -350,7 +350,7 @@ const DeleteProviderHandler: Handler<
       ? updatedProviders[0].provider
       : user.primaryProvider;
 
-  await ctx.repos.userRepo.updateOne(userId, {
+  await ctx.repos.userRepo.updateById(userId, {
     oauthProviders: updatedProviders,
     primaryProvider: newPrimaryProvider,
     updatedAt: new Date(),

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@flink-app/oauth-plugin",
-  "version": "0.14.1",
+  "version": "2.0.0-alpha.100",
   "description": "Flink plugin for OAuth 2.0 authentication with GitHub and Google providers",
   "author": "joel@frost.se",
   "license": "MIT",
@@ -10,6 +10,7 @@
     "access": "public"
   },
   "peerDependencies": {
+    "@flink-app/flink": ">=2.0.0-alpha.100",
     "mongodb": "^6.15.0"
   },
   "devDependencies": {
@@ -19,9 +20,9 @@
     "jwt-simple": "^0.5.6",
     "ts-node": "^10.9.2",
     "tsc-watch": "^4.2.9",
-    "@flink-app/test-utils": "0.14.1",
-    "@flink-app/flink": "0.14.1",
-    "@flink-app/jwt-auth-plugin": "0.14.1"
+    "@flink-app/flink": "2.0.0-alpha.100",
+    "@flink-app/jwt-auth-plugin": "2.0.0-alpha.100",
+    "@flink-app/test-utils": "2.0.0-alpha.100"
   },
   "gitHead": "4243e3b3cd6d4e1ca001a61baa8436bf2bbe4113",
   "scripts": {

package/src/handlers/CallbackOAuth.ts

@@ -177,7 +177,7 @@ const CallbackOAuth: GetHandler<any, any, PathParams, CallbackRequest> = async (
             const existingConnection = await ctx.repos.oauthConnectionRepo.findByUserAndProvider(user._id, provider);
 
             if (existingConnection) {
-                await ctx.repos.oauthConnectionRepo.updateOne(existingConnection._id!, {
+                await ctx.repos.oauthConnectionRepo.updateById(existingConnection._id!, {
                     accessToken: encryptedAccessToken,
                     refreshToken: encryptedRefreshToken,
                     scope: tokens.scope || "",

package/src/schemas/CallbackRequest.ts

@@ -1,16 +1,19 @@
 /**
  * Query parameters for OAuth callback request
+ *
+ * Note: All query parameters are normalized to strings or string arrays by Flink.
+ * Providers may send additional query parameters beyond those listed here.
  */
-export default interface CallbackRequest {
+type CallbackRequest = Record<string, string | string[]> & {
     /**
      * Authorization code from OAuth provider
      */
-    code: string;
+    code?: string;
 
     /**
      * CSRF protection state parameter
      */
-    state: string;
+    state?: string;
 
     /**
      * Optional error from OAuth provider
@@ -31,7 +34,7 @@ export default interface CallbackRequest {
     /**
      * Response type - 'json' returns JSON instead of redirect
      */
-    response_type?: "json";
+    response_type?: "json" | string;
 
     /**
      * Granted scopes (provider-specific)
@@ -59,6 +62,6 @@ export default interface CallbackRequest {
      * Session state or other provider-specific parameters
      */
     session_state?: string;
+};
 
-    [key: string]: string | undefined;
-}
+export default CallbackRequest;

package/src/schemas/InitiateRequest.ts

@@ -1,10 +1,13 @@
 /**
  * Query parameters for OAuth initiate request
+ *
+ * Note: All query parameters are normalized to strings or string arrays by Flink.
  */
-export default interface InitiateRequest {
+type InitiateRequest = Record<string, string | string[]> & {
     /**
      * Optional redirect URI to return to after OAuth flow completes
      */
     redirectUri?: string;
-    [key: string]: string | undefined;
-}
+};
+
+export default InitiateRequest;