@hammadj/better-auth 1.5.0-beta.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE.md +20 -0
- package/README.md +33 -0
- package/dist/_virtual/rolldown_runtime.mjs +36 -0
- package/dist/adapters/drizzle-adapter/index.d.mts +1 -0
- package/dist/adapters/drizzle-adapter/index.mjs +3 -0
- package/dist/adapters/index.d.mts +23 -0
- package/dist/adapters/index.mjs +13 -0
- package/dist/adapters/index.mjs.map +1 -0
- package/dist/adapters/kysely-adapter/index.d.mts +1 -0
- package/dist/adapters/kysely-adapter/index.mjs +3 -0
- package/dist/adapters/memory-adapter/index.d.mts +1 -0
- package/dist/adapters/memory-adapter/index.mjs +3 -0
- package/dist/adapters/mongodb-adapter/index.d.mts +1 -0
- package/dist/adapters/mongodb-adapter/index.mjs +3 -0
- package/dist/adapters/prisma-adapter/index.d.mts +1 -0
- package/dist/adapters/prisma-adapter/index.mjs +3 -0
- package/dist/api/index.d.mts +40 -0
- package/dist/api/index.mjs +205 -0
- package/dist/api/index.mjs.map +1 -0
- package/dist/api/middlewares/index.d.mts +1 -0
- package/dist/api/middlewares/index.mjs +3 -0
- package/dist/api/middlewares/origin-check.d.mts +17 -0
- package/dist/api/middlewares/origin-check.mjs +140 -0
- package/dist/api/middlewares/origin-check.mjs.map +1 -0
- package/dist/api/rate-limiter/index.mjs +177 -0
- package/dist/api/rate-limiter/index.mjs.map +1 -0
- package/dist/api/routes/account.d.mts +10 -0
- package/dist/api/routes/account.mjs +493 -0
- package/dist/api/routes/account.mjs.map +1 -0
- package/dist/api/routes/callback.d.mts +5 -0
- package/dist/api/routes/callback.mjs +178 -0
- package/dist/api/routes/callback.mjs.map +1 -0
- package/dist/api/routes/email-verification.d.mts +29 -0
- package/dist/api/routes/email-verification.mjs +301 -0
- package/dist/api/routes/email-verification.mjs.map +1 -0
- package/dist/api/routes/error.d.mts +5 -0
- package/dist/api/routes/error.mjs +386 -0
- package/dist/api/routes/error.mjs.map +1 -0
- package/dist/api/routes/index.d.mts +11 -0
- package/dist/api/routes/index.mjs +13 -0
- package/dist/api/routes/ok.d.mts +5 -0
- package/dist/api/routes/ok.mjs +30 -0
- package/dist/api/routes/ok.mjs.map +1 -0
- package/dist/api/routes/password.d.mts +8 -0
- package/dist/api/routes/password.mjs +198 -0
- package/dist/api/routes/password.mjs.map +1 -0
- package/dist/api/routes/session.d.mts +52 -0
- package/dist/api/routes/session.mjs +478 -0
- package/dist/api/routes/session.mjs.map +1 -0
- package/dist/api/routes/sign-in.d.mts +8 -0
- package/dist/api/routes/sign-in.mjs +262 -0
- package/dist/api/routes/sign-in.mjs.map +1 -0
- package/dist/api/routes/sign-out.d.mts +5 -0
- package/dist/api/routes/sign-out.mjs +33 -0
- package/dist/api/routes/sign-out.mjs.map +1 -0
- package/dist/api/routes/sign-up.d.mts +7 -0
- package/dist/api/routes/sign-up.mjs +227 -0
- package/dist/api/routes/sign-up.mjs.map +1 -0
- package/dist/api/routes/update-user.d.mts +12 -0
- package/dist/api/routes/update-user.mjs +493 -0
- package/dist/api/routes/update-user.mjs.map +1 -0
- package/dist/api/state/oauth.d.mts +5 -0
- package/dist/api/state/oauth.mjs +8 -0
- package/dist/api/state/oauth.mjs.map +1 -0
- package/dist/api/state/should-session-refresh.d.mts +13 -0
- package/dist/api/state/should-session-refresh.mjs +16 -0
- package/dist/api/state/should-session-refresh.mjs.map +1 -0
- package/dist/api/to-auth-endpoints.mjs +197 -0
- package/dist/api/to-auth-endpoints.mjs.map +1 -0
- package/dist/auth/base.mjs +44 -0
- package/dist/auth/base.mjs.map +1 -0
- package/dist/auth/full.d.mts +30 -0
- package/dist/auth/full.mjs +32 -0
- package/dist/auth/full.mjs.map +1 -0
- package/dist/auth/minimal.d.mts +12 -0
- package/dist/auth/minimal.mjs +14 -0
- package/dist/auth/minimal.mjs.map +1 -0
- package/dist/auth/trusted-origins.mjs +31 -0
- package/dist/auth/trusted-origins.mjs.map +1 -0
- package/dist/client/broadcast-channel.d.mts +20 -0
- package/dist/client/broadcast-channel.mjs +46 -0
- package/dist/client/broadcast-channel.mjs.map +1 -0
- package/dist/client/config.mjs +90 -0
- package/dist/client/config.mjs.map +1 -0
- package/dist/client/fetch-plugins.mjs +18 -0
- package/dist/client/fetch-plugins.mjs.map +1 -0
- package/dist/client/focus-manager.d.mts +11 -0
- package/dist/client/focus-manager.mjs +32 -0
- package/dist/client/focus-manager.mjs.map +1 -0
- package/dist/client/index.d.mts +30 -0
- package/dist/client/index.mjs +21 -0
- package/dist/client/index.mjs.map +1 -0
- package/dist/client/lynx/index.d.mts +62 -0
- package/dist/client/lynx/index.mjs +24 -0
- package/dist/client/lynx/index.mjs.map +1 -0
- package/dist/client/lynx/lynx-store.d.mts +47 -0
- package/dist/client/lynx/lynx-store.mjs +47 -0
- package/dist/client/lynx/lynx-store.mjs.map +1 -0
- package/dist/client/online-manager.d.mts +12 -0
- package/dist/client/online-manager.mjs +35 -0
- package/dist/client/online-manager.mjs.map +1 -0
- package/dist/client/parser.mjs +73 -0
- package/dist/client/parser.mjs.map +1 -0
- package/dist/client/path-to-object.d.mts +57 -0
- package/dist/client/plugins/index.d.mts +58 -0
- package/dist/client/plugins/index.mjs +33 -0
- package/dist/client/plugins/infer-plugin.d.mts +9 -0
- package/dist/client/plugins/infer-plugin.mjs +11 -0
- package/dist/client/plugins/infer-plugin.mjs.map +1 -0
- package/dist/client/proxy.mjs +79 -0
- package/dist/client/proxy.mjs.map +1 -0
- package/dist/client/query.d.mts +23 -0
- package/dist/client/query.mjs +98 -0
- package/dist/client/query.mjs.map +1 -0
- package/dist/client/react/index.d.mts +63 -0
- package/dist/client/react/index.mjs +24 -0
- package/dist/client/react/index.mjs.map +1 -0
- package/dist/client/react/react-store.d.mts +47 -0
- package/dist/client/react/react-store.mjs +47 -0
- package/dist/client/react/react-store.mjs.map +1 -0
- package/dist/client/session-atom.mjs +29 -0
- package/dist/client/session-atom.mjs.map +1 -0
- package/dist/client/session-refresh.d.mts +28 -0
- package/dist/client/session-refresh.mjs +140 -0
- package/dist/client/session-refresh.mjs.map +1 -0
- package/dist/client/solid/index.d.mts +57 -0
- package/dist/client/solid/index.mjs +22 -0
- package/dist/client/solid/index.mjs.map +1 -0
- package/dist/client/solid/solid-store.mjs +24 -0
- package/dist/client/solid/solid-store.mjs.map +1 -0
- package/dist/client/svelte/index.d.mts +63 -0
- package/dist/client/svelte/index.mjs +20 -0
- package/dist/client/svelte/index.mjs.map +1 -0
- package/dist/client/types.d.mts +58 -0
- package/dist/client/vanilla.d.mts +62 -0
- package/dist/client/vanilla.mjs +20 -0
- package/dist/client/vanilla.mjs.map +1 -0
- package/dist/client/vue/index.d.mts +86 -0
- package/dist/client/vue/index.mjs +38 -0
- package/dist/client/vue/index.mjs.map +1 -0
- package/dist/client/vue/vue-store.mjs +26 -0
- package/dist/client/vue/vue-store.mjs.map +1 -0
- package/dist/context/create-context.mjs +211 -0
- package/dist/context/create-context.mjs.map +1 -0
- package/dist/context/helpers.mjs +62 -0
- package/dist/context/helpers.mjs.map +1 -0
- package/dist/context/init-minimal.mjs +20 -0
- package/dist/context/init-minimal.mjs.map +1 -0
- package/dist/context/init.mjs +22 -0
- package/dist/context/init.mjs.map +1 -0
- package/dist/cookies/cookie-utils.d.mts +29 -0
- package/dist/cookies/cookie-utils.mjs +105 -0
- package/dist/cookies/cookie-utils.mjs.map +1 -0
- package/dist/cookies/index.d.mts +67 -0
- package/dist/cookies/index.mjs +264 -0
- package/dist/cookies/index.mjs.map +1 -0
- package/dist/cookies/session-store.d.mts +36 -0
- package/dist/cookies/session-store.mjs +200 -0
- package/dist/cookies/session-store.mjs.map +1 -0
- package/dist/crypto/buffer.d.mts +8 -0
- package/dist/crypto/buffer.mjs +18 -0
- package/dist/crypto/buffer.mjs.map +1 -0
- package/dist/crypto/index.d.mts +27 -0
- package/dist/crypto/index.mjs +38 -0
- package/dist/crypto/index.mjs.map +1 -0
- package/dist/crypto/jwt.d.mts +8 -0
- package/dist/crypto/jwt.mjs +95 -0
- package/dist/crypto/jwt.mjs.map +1 -0
- package/dist/crypto/password.d.mts +12 -0
- package/dist/crypto/password.mjs +36 -0
- package/dist/crypto/password.mjs.map +1 -0
- package/dist/crypto/random.d.mts +5 -0
- package/dist/crypto/random.mjs +8 -0
- package/dist/crypto/random.mjs.map +1 -0
- package/dist/db/adapter-base.d.mts +8 -0
- package/dist/db/adapter-base.mjs +28 -0
- package/dist/db/adapter-base.mjs.map +1 -0
- package/dist/db/adapter-kysely.d.mts +8 -0
- package/dist/db/adapter-kysely.mjs +21 -0
- package/dist/db/adapter-kysely.mjs.map +1 -0
- package/dist/db/field-converter.d.mts +8 -0
- package/dist/db/field-converter.mjs +21 -0
- package/dist/db/field-converter.mjs.map +1 -0
- package/dist/db/field.d.mts +55 -0
- package/dist/db/field.mjs +11 -0
- package/dist/db/field.mjs.map +1 -0
- package/dist/db/get-migration.d.mts +23 -0
- package/dist/db/get-migration.mjs +339 -0
- package/dist/db/get-migration.mjs.map +1 -0
- package/dist/db/get-schema.d.mts +11 -0
- package/dist/db/get-schema.mjs +39 -0
- package/dist/db/get-schema.mjs.map +1 -0
- package/dist/db/index.d.mts +9 -0
- package/dist/db/index.mjs +36 -0
- package/dist/db/index.mjs.map +1 -0
- package/dist/db/internal-adapter.d.mts +14 -0
- package/dist/db/internal-adapter.mjs +616 -0
- package/dist/db/internal-adapter.mjs.map +1 -0
- package/dist/db/schema.d.mts +26 -0
- package/dist/db/schema.mjs +118 -0
- package/dist/db/schema.mjs.map +1 -0
- package/dist/db/to-zod.d.mts +36 -0
- package/dist/db/to-zod.mjs +26 -0
- package/dist/db/to-zod.mjs.map +1 -0
- package/dist/db/verification-token-storage.mjs +28 -0
- package/dist/db/verification-token-storage.mjs.map +1 -0
- package/dist/db/with-hooks.d.mts +33 -0
- package/dist/db/with-hooks.mjs +159 -0
- package/dist/db/with-hooks.mjs.map +1 -0
- package/dist/index.d.mts +52 -0
- package/dist/index.mjs +26 -0
- package/dist/integrations/next-js.d.mts +14 -0
- package/dist/integrations/next-js.mjs +78 -0
- package/dist/integrations/next-js.mjs.map +1 -0
- package/dist/integrations/node.d.mts +13 -0
- package/dist/integrations/node.mjs +16 -0
- package/dist/integrations/node.mjs.map +1 -0
- package/dist/integrations/solid-start.d.mts +23 -0
- package/dist/integrations/solid-start.mjs +17 -0
- package/dist/integrations/solid-start.mjs.map +1 -0
- package/dist/integrations/svelte-kit.d.mts +29 -0
- package/dist/integrations/svelte-kit.mjs +57 -0
- package/dist/integrations/svelte-kit.mjs.map +1 -0
- package/dist/integrations/tanstack-start-solid.d.mts +22 -0
- package/dist/integrations/tanstack-start-solid.mjs +61 -0
- package/dist/integrations/tanstack-start-solid.mjs.map +1 -0
- package/dist/integrations/tanstack-start.d.mts +22 -0
- package/dist/integrations/tanstack-start.mjs +61 -0
- package/dist/integrations/tanstack-start.mjs.map +1 -0
- package/dist/oauth2/index.d.mts +5 -0
- package/dist/oauth2/index.mjs +7 -0
- package/dist/oauth2/link-account.d.mts +31 -0
- package/dist/oauth2/link-account.mjs +144 -0
- package/dist/oauth2/link-account.mjs.map +1 -0
- package/dist/oauth2/state.d.mts +26 -0
- package/dist/oauth2/state.mjs +51 -0
- package/dist/oauth2/state.mjs.map +1 -0
- package/dist/oauth2/utils.d.mts +8 -0
- package/dist/oauth2/utils.mjs +31 -0
- package/dist/oauth2/utils.mjs.map +1 -0
- package/dist/plugins/access/access.d.mts +30 -0
- package/dist/plugins/access/access.mjs +46 -0
- package/dist/plugins/access/access.mjs.map +1 -0
- package/dist/plugins/access/index.d.mts +3 -0
- package/dist/plugins/access/index.mjs +3 -0
- package/dist/plugins/access/types.d.mts +17 -0
- package/dist/plugins/additional-fields/client.d.mts +14 -0
- package/dist/plugins/additional-fields/client.mjs +11 -0
- package/dist/plugins/additional-fields/client.mjs.map +1 -0
- package/dist/plugins/admin/access/index.d.mts +2 -0
- package/dist/plugins/admin/access/index.mjs +3 -0
- package/dist/plugins/admin/access/statement.d.mts +118 -0
- package/dist/plugins/admin/access/statement.mjs +53 -0
- package/dist/plugins/admin/access/statement.mjs.map +1 -0
- package/dist/plugins/admin/admin.d.mts +14 -0
- package/dist/plugins/admin/admin.mjs +95 -0
- package/dist/plugins/admin/admin.mjs.map +1 -0
- package/dist/plugins/admin/client.d.mts +14 -0
- package/dist/plugins/admin/client.mjs +36 -0
- package/dist/plugins/admin/client.mjs.map +1 -0
- package/dist/plugins/admin/error-codes.d.mts +5 -0
- package/dist/plugins/admin/error-codes.mjs +30 -0
- package/dist/plugins/admin/error-codes.mjs.map +1 -0
- package/dist/plugins/admin/has-permission.mjs +16 -0
- package/dist/plugins/admin/has-permission.mjs.map +1 -0
- package/dist/plugins/admin/index.d.mts +3 -0
- package/dist/plugins/admin/index.mjs +3 -0
- package/dist/plugins/admin/routes.mjs +855 -0
- package/dist/plugins/admin/routes.mjs.map +1 -0
- package/dist/plugins/admin/schema.d.mts +6 -0
- package/dist/plugins/admin/schema.mjs +34 -0
- package/dist/plugins/admin/schema.mjs.map +1 -0
- package/dist/plugins/admin/types.d.mts +89 -0
- package/dist/plugins/anonymous/client.d.mts +9 -0
- package/dist/plugins/anonymous/client.mjs +22 -0
- package/dist/plugins/anonymous/client.mjs.map +1 -0
- package/dist/plugins/anonymous/error-codes.d.mts +5 -0
- package/dist/plugins/anonymous/error-codes.mjs +16 -0
- package/dist/plugins/anonymous/error-codes.mjs.map +1 -0
- package/dist/plugins/anonymous/index.d.mts +14 -0
- package/dist/plugins/anonymous/index.mjs +163 -0
- package/dist/plugins/anonymous/index.mjs.map +1 -0
- package/dist/plugins/anonymous/schema.d.mts +5 -0
- package/dist/plugins/anonymous/schema.mjs +11 -0
- package/dist/plugins/anonymous/schema.mjs.map +1 -0
- package/dist/plugins/anonymous/types.d.mts +68 -0
- package/dist/plugins/api-key/adapter.mjs +468 -0
- package/dist/plugins/api-key/adapter.mjs.map +1 -0
- package/dist/plugins/api-key/client.d.mts +9 -0
- package/dist/plugins/api-key/client.mjs +19 -0
- package/dist/plugins/api-key/client.mjs.map +1 -0
- package/dist/plugins/api-key/error-codes.d.mts +5 -0
- package/dist/plugins/api-key/error-codes.mjs +34 -0
- package/dist/plugins/api-key/error-codes.mjs.map +1 -0
- package/dist/plugins/api-key/index.d.mts +17 -0
- package/dist/plugins/api-key/index.mjs +134 -0
- package/dist/plugins/api-key/index.mjs.map +1 -0
- package/dist/plugins/api-key/rate-limit.mjs +74 -0
- package/dist/plugins/api-key/rate-limit.mjs.map +1 -0
- package/dist/plugins/api-key/routes/create-api-key.mjs +252 -0
- package/dist/plugins/api-key/routes/create-api-key.mjs.map +1 -0
- package/dist/plugins/api-key/routes/delete-all-expired-api-keys.mjs +24 -0
- package/dist/plugins/api-key/routes/delete-all-expired-api-keys.mjs.map +1 -0
- package/dist/plugins/api-key/routes/delete-api-key.mjs +74 -0
- package/dist/plugins/api-key/routes/delete-api-key.mjs.map +1 -0
- package/dist/plugins/api-key/routes/get-api-key.mjs +158 -0
- package/dist/plugins/api-key/routes/get-api-key.mjs.map +1 -0
- package/dist/plugins/api-key/routes/index.mjs +71 -0
- package/dist/plugins/api-key/routes/index.mjs.map +1 -0
- package/dist/plugins/api-key/routes/list-api-keys.mjs +194 -0
- package/dist/plugins/api-key/routes/list-api-keys.mjs.map +1 -0
- package/dist/plugins/api-key/routes/update-api-key.mjs +248 -0
- package/dist/plugins/api-key/routes/update-api-key.mjs.map +1 -0
- package/dist/plugins/api-key/routes/verify-api-key.mjs +223 -0
- package/dist/plugins/api-key/routes/verify-api-key.mjs.map +1 -0
- package/dist/plugins/api-key/schema.d.mts +11 -0
- package/dist/plugins/api-key/schema.mjs +130 -0
- package/dist/plugins/api-key/schema.mjs.map +1 -0
- package/dist/plugins/api-key/types.d.mts +346 -0
- package/dist/plugins/bearer/index.d.mts +25 -0
- package/dist/plugins/bearer/index.mjs +66 -0
- package/dist/plugins/bearer/index.mjs.map +1 -0
- package/dist/plugins/captcha/constants.d.mts +10 -0
- package/dist/plugins/captcha/constants.mjs +22 -0
- package/dist/plugins/captcha/constants.mjs.map +1 -0
- package/dist/plugins/captcha/error-codes.mjs +16 -0
- package/dist/plugins/captcha/error-codes.mjs.map +1 -0
- package/dist/plugins/captcha/index.d.mts +14 -0
- package/dist/plugins/captcha/index.mjs +60 -0
- package/dist/plugins/captcha/index.mjs.map +1 -0
- package/dist/plugins/captcha/types.d.mts +28 -0
- package/dist/plugins/captcha/utils.mjs +11 -0
- package/dist/plugins/captcha/utils.mjs.map +1 -0
- package/dist/plugins/captcha/verify-handlers/captchafox.mjs +27 -0
- package/dist/plugins/captcha/verify-handlers/captchafox.mjs.map +1 -0
- package/dist/plugins/captcha/verify-handlers/cloudflare-turnstile.mjs +25 -0
- package/dist/plugins/captcha/verify-handlers/cloudflare-turnstile.mjs.map +1 -0
- package/dist/plugins/captcha/verify-handlers/google-recaptcha.mjs +29 -0
- package/dist/plugins/captcha/verify-handlers/google-recaptcha.mjs.map +1 -0
- package/dist/plugins/captcha/verify-handlers/h-captcha.mjs +27 -0
- package/dist/plugins/captcha/verify-handlers/h-captcha.mjs.map +1 -0
- package/dist/plugins/captcha/verify-handlers/index.mjs +6 -0
- package/dist/plugins/custom-session/client.d.mts +10 -0
- package/dist/plugins/custom-session/client.mjs +11 -0
- package/dist/plugins/custom-session/client.mjs.map +1 -0
- package/dist/plugins/custom-session/index.d.mts +26 -0
- package/dist/plugins/custom-session/index.mjs +70 -0
- package/dist/plugins/custom-session/index.mjs.map +1 -0
- package/dist/plugins/device-authorization/client.d.mts +5 -0
- package/dist/plugins/device-authorization/client.mjs +18 -0
- package/dist/plugins/device-authorization/client.mjs.map +1 -0
- package/dist/plugins/device-authorization/error-codes.mjs +21 -0
- package/dist/plugins/device-authorization/error-codes.mjs.map +1 -0
- package/dist/plugins/device-authorization/index.d.mts +28 -0
- package/dist/plugins/device-authorization/index.mjs +50 -0
- package/dist/plugins/device-authorization/index.mjs.map +1 -0
- package/dist/plugins/device-authorization/routes.mjs +510 -0
- package/dist/plugins/device-authorization/routes.mjs.map +1 -0
- package/dist/plugins/device-authorization/schema.mjs +57 -0
- package/dist/plugins/device-authorization/schema.mjs.map +1 -0
- package/dist/plugins/email-otp/client.d.mts +7 -0
- package/dist/plugins/email-otp/client.mjs +18 -0
- package/dist/plugins/email-otp/client.mjs.map +1 -0
- package/dist/plugins/email-otp/error-codes.d.mts +5 -0
- package/dist/plugins/email-otp/error-codes.mjs +12 -0
- package/dist/plugins/email-otp/error-codes.mjs.map +1 -0
- package/dist/plugins/email-otp/index.d.mts +14 -0
- package/dist/plugins/email-otp/index.mjs +108 -0
- package/dist/plugins/email-otp/index.mjs.map +1 -0
- package/dist/plugins/email-otp/otp-token.mjs +29 -0
- package/dist/plugins/email-otp/otp-token.mjs.map +1 -0
- package/dist/plugins/email-otp/routes.mjs +564 -0
- package/dist/plugins/email-otp/routes.mjs.map +1 -0
- package/dist/plugins/email-otp/types.d.mts +74 -0
- package/dist/plugins/email-otp/utils.mjs +17 -0
- package/dist/plugins/email-otp/utils.mjs.map +1 -0
- package/dist/plugins/generic-oauth/client.d.mts +19 -0
- package/dist/plugins/generic-oauth/client.mjs +14 -0
- package/dist/plugins/generic-oauth/client.mjs.map +1 -0
- package/dist/plugins/generic-oauth/error-codes.d.mts +5 -0
- package/dist/plugins/generic-oauth/error-codes.mjs +15 -0
- package/dist/plugins/generic-oauth/error-codes.mjs.map +1 -0
- package/dist/plugins/generic-oauth/index.d.mts +34 -0
- package/dist/plugins/generic-oauth/index.mjs +137 -0
- package/dist/plugins/generic-oauth/index.mjs.map +1 -0
- package/dist/plugins/generic-oauth/providers/auth0.d.mts +37 -0
- package/dist/plugins/generic-oauth/providers/auth0.mjs +62 -0
- package/dist/plugins/generic-oauth/providers/auth0.mjs.map +1 -0
- package/dist/plugins/generic-oauth/providers/gumroad.d.mts +32 -0
- package/dist/plugins/generic-oauth/providers/gumroad.mjs +60 -0
- package/dist/plugins/generic-oauth/providers/gumroad.mjs.map +1 -0
- package/dist/plugins/generic-oauth/providers/hubspot.d.mts +37 -0
- package/dist/plugins/generic-oauth/providers/hubspot.mjs +60 -0
- package/dist/plugins/generic-oauth/providers/hubspot.mjs.map +1 -0
- package/dist/plugins/generic-oauth/providers/index.d.mts +9 -0
- package/dist/plugins/generic-oauth/providers/index.mjs +11 -0
- package/dist/plugins/generic-oauth/providers/keycloak.d.mts +37 -0
- package/dist/plugins/generic-oauth/providers/keycloak.mjs +62 -0
- package/dist/plugins/generic-oauth/providers/keycloak.mjs.map +1 -0
- package/dist/plugins/generic-oauth/providers/line.d.mts +55 -0
- package/dist/plugins/generic-oauth/providers/line.mjs +91 -0
- package/dist/plugins/generic-oauth/providers/line.mjs.map +1 -0
- package/dist/plugins/generic-oauth/providers/microsoft-entra-id.d.mts +37 -0
- package/dist/plugins/generic-oauth/providers/microsoft-entra-id.mjs +66 -0
- package/dist/plugins/generic-oauth/providers/microsoft-entra-id.mjs.map +1 -0
- package/dist/plugins/generic-oauth/providers/okta.d.mts +37 -0
- package/dist/plugins/generic-oauth/providers/okta.mjs +62 -0
- package/dist/plugins/generic-oauth/providers/okta.mjs.map +1 -0
- package/dist/plugins/generic-oauth/providers/patreon.d.mts +30 -0
- package/dist/plugins/generic-oauth/providers/patreon.mjs +59 -0
- package/dist/plugins/generic-oauth/providers/patreon.mjs.map +1 -0
- package/dist/plugins/generic-oauth/providers/slack.d.mts +30 -0
- package/dist/plugins/generic-oauth/providers/slack.mjs +61 -0
- package/dist/plugins/generic-oauth/providers/slack.mjs.map +1 -0
- package/dist/plugins/generic-oauth/routes.mjs +394 -0
- package/dist/plugins/generic-oauth/routes.mjs.map +1 -0
- package/dist/plugins/generic-oauth/types.d.mts +145 -0
- package/dist/plugins/haveibeenpwned/index.d.mts +21 -0
- package/dist/plugins/haveibeenpwned/index.mjs +56 -0
- package/dist/plugins/haveibeenpwned/index.mjs.map +1 -0
- package/dist/plugins/index.d.mts +68 -0
- package/dist/plugins/index.mjs +51 -0
- package/dist/plugins/jwt/adapter.mjs +27 -0
- package/dist/plugins/jwt/adapter.mjs.map +1 -0
- package/dist/plugins/jwt/client.d.mts +18 -0
- package/dist/plugins/jwt/client.mjs +19 -0
- package/dist/plugins/jwt/client.mjs.map +1 -0
- package/dist/plugins/jwt/index.d.mts +17 -0
- package/dist/plugins/jwt/index.mjs +202 -0
- package/dist/plugins/jwt/index.mjs.map +1 -0
- package/dist/plugins/jwt/schema.d.mts +5 -0
- package/dist/plugins/jwt/schema.mjs +23 -0
- package/dist/plugins/jwt/schema.mjs.map +1 -0
- package/dist/plugins/jwt/sign.d.mts +57 -0
- package/dist/plugins/jwt/sign.mjs +66 -0
- package/dist/plugins/jwt/sign.mjs.map +1 -0
- package/dist/plugins/jwt/types.d.mts +194 -0
- package/dist/plugins/jwt/utils.d.mts +42 -0
- package/dist/plugins/jwt/utils.mjs +64 -0
- package/dist/plugins/jwt/utils.mjs.map +1 -0
- package/dist/plugins/jwt/verify.d.mts +12 -0
- package/dist/plugins/jwt/verify.mjs +46 -0
- package/dist/plugins/jwt/verify.mjs.map +1 -0
- package/dist/plugins/last-login-method/client.d.mts +18 -0
- package/dist/plugins/last-login-method/client.mjs +32 -0
- package/dist/plugins/last-login-method/client.mjs.map +1 -0
- package/dist/plugins/last-login-method/index.d.mts +52 -0
- package/dist/plugins/last-login-method/index.mjs +77 -0
- package/dist/plugins/last-login-method/index.mjs.map +1 -0
- package/dist/plugins/magic-link/client.d.mts +5 -0
- package/dist/plugins/magic-link/client.mjs +11 -0
- package/dist/plugins/magic-link/client.mjs.map +1 -0
- package/dist/plugins/magic-link/index.d.mts +61 -0
- package/dist/plugins/magic-link/index.mjs +167 -0
- package/dist/plugins/magic-link/index.mjs.map +1 -0
- package/dist/plugins/magic-link/utils.mjs +12 -0
- package/dist/plugins/magic-link/utils.mjs.map +1 -0
- package/dist/plugins/mcp/authorize.mjs +133 -0
- package/dist/plugins/mcp/authorize.mjs.map +1 -0
- package/dist/plugins/mcp/index.d.mts +46 -0
- package/dist/plugins/mcp/index.mjs +717 -0
- package/dist/plugins/mcp/index.mjs.map +1 -0
- package/dist/plugins/multi-session/client.d.mts +8 -0
- package/dist/plugins/multi-session/client.mjs +20 -0
- package/dist/plugins/multi-session/client.mjs.map +1 -0
- package/dist/plugins/multi-session/error-codes.d.mts +5 -0
- package/dist/plugins/multi-session/error-codes.mjs +8 -0
- package/dist/plugins/multi-session/error-codes.mjs.map +1 -0
- package/dist/plugins/multi-session/index.d.mts +22 -0
- package/dist/plugins/multi-session/index.mjs +172 -0
- package/dist/plugins/multi-session/index.mjs.map +1 -0
- package/dist/plugins/oauth-proxy/index.d.mts +39 -0
- package/dist/plugins/oauth-proxy/index.mjs +305 -0
- package/dist/plugins/oauth-proxy/index.mjs.map +1 -0
- package/dist/plugins/oauth-proxy/utils.mjs +44 -0
- package/dist/plugins/oauth-proxy/utils.mjs.map +1 -0
- package/dist/plugins/oidc-provider/authorize.mjs +194 -0
- package/dist/plugins/oidc-provider/authorize.mjs.map +1 -0
- package/dist/plugins/oidc-provider/client.d.mts +8 -0
- package/dist/plugins/oidc-provider/client.mjs +11 -0
- package/dist/plugins/oidc-provider/client.mjs.map +1 -0
- package/dist/plugins/oidc-provider/error.mjs +17 -0
- package/dist/plugins/oidc-provider/error.mjs.map +1 -0
- package/dist/plugins/oidc-provider/index.d.mts +32 -0
- package/dist/plugins/oidc-provider/index.mjs +1093 -0
- package/dist/plugins/oidc-provider/index.mjs.map +1 -0
- package/dist/plugins/oidc-provider/schema.d.mts +26 -0
- package/dist/plugins/oidc-provider/schema.mjs +132 -0
- package/dist/plugins/oidc-provider/schema.mjs.map +1 -0
- package/dist/plugins/oidc-provider/types.d.mts +517 -0
- package/dist/plugins/oidc-provider/utils/prompt.mjs +19 -0
- package/dist/plugins/oidc-provider/utils/prompt.mjs.map +1 -0
- package/dist/plugins/oidc-provider/utils.mjs +15 -0
- package/dist/plugins/oidc-provider/utils.mjs.map +1 -0
- package/dist/plugins/one-tap/client.d.mts +159 -0
- package/dist/plugins/one-tap/client.mjs +214 -0
- package/dist/plugins/one-tap/client.mjs.map +1 -0
- package/dist/plugins/one-tap/index.d.mts +27 -0
- package/dist/plugins/one-tap/index.mjs +96 -0
- package/dist/plugins/one-tap/index.mjs.map +1 -0
- package/dist/plugins/one-time-token/client.d.mts +7 -0
- package/dist/plugins/one-time-token/client.mjs +11 -0
- package/dist/plugins/one-time-token/client.mjs.map +1 -0
- package/dist/plugins/one-time-token/index.d.mts +53 -0
- package/dist/plugins/one-time-token/index.mjs +82 -0
- package/dist/plugins/one-time-token/index.mjs.map +1 -0
- package/dist/plugins/one-time-token/utils.mjs +12 -0
- package/dist/plugins/one-time-token/utils.mjs.map +1 -0
- package/dist/plugins/open-api/generator.d.mts +115 -0
- package/dist/plugins/open-api/generator.mjs +315 -0
- package/dist/plugins/open-api/generator.mjs.map +1 -0
- package/dist/plugins/open-api/index.d.mts +45 -0
- package/dist/plugins/open-api/index.mjs +67 -0
- package/dist/plugins/open-api/index.mjs.map +1 -0
- package/dist/plugins/open-api/logo.mjs +15 -0
- package/dist/plugins/open-api/logo.mjs.map +1 -0
- package/dist/plugins/organization/access/index.d.mts +2 -0
- package/dist/plugins/organization/access/index.mjs +3 -0
- package/dist/plugins/organization/access/statement.d.mts +249 -0
- package/dist/plugins/organization/access/statement.mjs +81 -0
- package/dist/plugins/organization/access/statement.mjs.map +1 -0
- package/dist/plugins/organization/adapter.d.mts +205 -0
- package/dist/plugins/organization/adapter.mjs +624 -0
- package/dist/plugins/organization/adapter.mjs.map +1 -0
- package/dist/plugins/organization/call.mjs +19 -0
- package/dist/plugins/organization/call.mjs.map +1 -0
- package/dist/plugins/organization/client.d.mts +151 -0
- package/dist/plugins/organization/client.mjs +107 -0
- package/dist/plugins/organization/client.mjs.map +1 -0
- package/dist/plugins/organization/error-codes.d.mts +5 -0
- package/dist/plugins/organization/error-codes.mjs +65 -0
- package/dist/plugins/organization/error-codes.mjs.map +1 -0
- package/dist/plugins/organization/has-permission.mjs +35 -0
- package/dist/plugins/organization/has-permission.mjs.map +1 -0
- package/dist/plugins/organization/index.d.mts +5 -0
- package/dist/plugins/organization/index.mjs +4 -0
- package/dist/plugins/organization/organization.d.mts +252 -0
- package/dist/plugins/organization/organization.mjs +428 -0
- package/dist/plugins/organization/organization.mjs.map +1 -0
- package/dist/plugins/organization/permission.d.mts +26 -0
- package/dist/plugins/organization/permission.mjs +16 -0
- package/dist/plugins/organization/permission.mjs.map +1 -0
- package/dist/plugins/organization/routes/crud-access-control.d.mts +11 -0
- package/dist/plugins/organization/routes/crud-access-control.mjs +656 -0
- package/dist/plugins/organization/routes/crud-access-control.mjs.map +1 -0
- package/dist/plugins/organization/routes/crud-invites.d.mts +16 -0
- package/dist/plugins/organization/routes/crud-invites.mjs +555 -0
- package/dist/plugins/organization/routes/crud-invites.mjs.map +1 -0
- package/dist/plugins/organization/routes/crud-members.d.mts +13 -0
- package/dist/plugins/organization/routes/crud-members.mjs +473 -0
- package/dist/plugins/organization/routes/crud-members.mjs.map +1 -0
- package/dist/plugins/organization/routes/crud-org.d.mts +13 -0
- package/dist/plugins/organization/routes/crud-org.mjs +447 -0
- package/dist/plugins/organization/routes/crud-org.mjs.map +1 -0
- package/dist/plugins/organization/routes/crud-team.d.mts +15 -0
- package/dist/plugins/organization/routes/crud-team.mjs +676 -0
- package/dist/plugins/organization/routes/crud-team.mjs.map +1 -0
- package/dist/plugins/organization/schema.d.mts +376 -0
- package/dist/plugins/organization/schema.mjs +68 -0
- package/dist/plugins/organization/schema.mjs.map +1 -0
- package/dist/plugins/organization/types.d.mts +733 -0
- package/dist/plugins/phone-number/client.d.mts +8 -0
- package/dist/plugins/phone-number/client.mjs +20 -0
- package/dist/plugins/phone-number/client.mjs.map +1 -0
- package/dist/plugins/phone-number/error-codes.d.mts +5 -0
- package/dist/plugins/phone-number/error-codes.mjs +21 -0
- package/dist/plugins/phone-number/error-codes.mjs.map +1 -0
- package/dist/plugins/phone-number/index.d.mts +14 -0
- package/dist/plugins/phone-number/index.mjs +49 -0
- package/dist/plugins/phone-number/index.mjs.map +1 -0
- package/dist/plugins/phone-number/routes.mjs +459 -0
- package/dist/plugins/phone-number/routes.mjs.map +1 -0
- package/dist/plugins/phone-number/schema.d.mts +5 -0
- package/dist/plugins/phone-number/schema.mjs +20 -0
- package/dist/plugins/phone-number/schema.mjs.map +1 -0
- package/dist/plugins/phone-number/types.d.mts +118 -0
- package/dist/plugins/siwe/client.d.mts +5 -0
- package/dist/plugins/siwe/client.mjs +11 -0
- package/dist/plugins/siwe/client.mjs.map +1 -0
- package/dist/plugins/siwe/error-codes.mjs +13 -0
- package/dist/plugins/siwe/error-codes.mjs.map +1 -0
- package/dist/plugins/siwe/index.d.mts +26 -0
- package/dist/plugins/siwe/index.mjs +261 -0
- package/dist/plugins/siwe/index.mjs.map +1 -0
- package/dist/plugins/siwe/schema.d.mts +5 -0
- package/dist/plugins/siwe/schema.mjs +32 -0
- package/dist/plugins/siwe/schema.mjs.map +1 -0
- package/dist/plugins/siwe/types.d.mts +44 -0
- package/dist/plugins/two-factor/backup-codes/index.d.mts +91 -0
- package/dist/plugins/two-factor/backup-codes/index.mjs +277 -0
- package/dist/plugins/two-factor/backup-codes/index.mjs.map +1 -0
- package/dist/plugins/two-factor/client.d.mts +17 -0
- package/dist/plugins/two-factor/client.mjs +37 -0
- package/dist/plugins/two-factor/client.mjs.map +1 -0
- package/dist/plugins/two-factor/constant.mjs +8 -0
- package/dist/plugins/two-factor/constant.mjs.map +1 -0
- package/dist/plugins/two-factor/error-code.d.mts +5 -0
- package/dist/plugins/two-factor/error-code.mjs +18 -0
- package/dist/plugins/two-factor/error-code.mjs.map +1 -0
- package/dist/plugins/two-factor/index.d.mts +19 -0
- package/dist/plugins/two-factor/index.mjs +207 -0
- package/dist/plugins/two-factor/index.mjs.map +1 -0
- package/dist/plugins/two-factor/otp/index.d.mts +96 -0
- package/dist/plugins/two-factor/otp/index.mjs +199 -0
- package/dist/plugins/two-factor/otp/index.mjs.map +1 -0
- package/dist/plugins/two-factor/schema.d.mts +5 -0
- package/dist/plugins/two-factor/schema.mjs +36 -0
- package/dist/plugins/two-factor/schema.mjs.map +1 -0
- package/dist/plugins/two-factor/totp/index.d.mts +81 -0
- package/dist/plugins/two-factor/totp/index.mjs +157 -0
- package/dist/plugins/two-factor/totp/index.mjs.map +1 -0
- package/dist/plugins/two-factor/types.d.mts +65 -0
- package/dist/plugins/two-factor/utils.mjs +12 -0
- package/dist/plugins/two-factor/utils.mjs.map +1 -0
- package/dist/plugins/two-factor/verify-two-factor.mjs +76 -0
- package/dist/plugins/two-factor/verify-two-factor.mjs.map +1 -0
- package/dist/plugins/username/client.d.mts +7 -0
- package/dist/plugins/username/client.mjs +18 -0
- package/dist/plugins/username/client.mjs.map +1 -0
- package/dist/plugins/username/error-codes.d.mts +5 -0
- package/dist/plugins/username/error-codes.mjs +17 -0
- package/dist/plugins/username/error-codes.mjs.map +1 -0
- package/dist/plugins/username/index.d.mts +74 -0
- package/dist/plugins/username/index.mjs +237 -0
- package/dist/plugins/username/index.mjs.map +1 -0
- package/dist/plugins/username/schema.d.mts +9 -0
- package/dist/plugins/username/schema.mjs +26 -0
- package/dist/plugins/username/schema.mjs.map +1 -0
- package/dist/social-providers/index.d.mts +1 -0
- package/dist/social-providers/index.mjs +3 -0
- package/dist/state.d.mts +42 -0
- package/dist/state.mjs +107 -0
- package/dist/state.mjs.map +1 -0
- package/dist/test-utils/headers.d.mts +9 -0
- package/dist/test-utils/headers.mjs +24 -0
- package/dist/test-utils/headers.mjs.map +1 -0
- package/dist/test-utils/index.d.mts +3 -0
- package/dist/test-utils/index.mjs +4 -0
- package/dist/test-utils/test-instance.d.mts +181 -0
- package/dist/test-utils/test-instance.mjs +210 -0
- package/dist/test-utils/test-instance.mjs.map +1 -0
- package/dist/types/adapter.d.mts +24 -0
- package/dist/types/api.d.mts +29 -0
- package/dist/types/auth.d.mts +30 -0
- package/dist/types/helper.d.mts +21 -0
- package/dist/types/index.d.mts +11 -0
- package/dist/types/index.mjs +1 -0
- package/dist/types/models.d.mts +17 -0
- package/dist/types/plugins.d.mts +16 -0
- package/dist/utils/boolean.mjs +8 -0
- package/dist/utils/boolean.mjs.map +1 -0
- package/dist/utils/constants.mjs +6 -0
- package/dist/utils/constants.mjs.map +1 -0
- package/dist/utils/date.mjs +8 -0
- package/dist/utils/date.mjs.map +1 -0
- package/dist/utils/get-request-ip.d.mts +7 -0
- package/dist/utils/get-request-ip.mjs +23 -0
- package/dist/utils/get-request-ip.mjs.map +1 -0
- package/dist/utils/hashing.mjs +21 -0
- package/dist/utils/hashing.mjs.map +1 -0
- package/dist/utils/hide-metadata.d.mts +7 -0
- package/dist/utils/hide-metadata.mjs +6 -0
- package/dist/utils/hide-metadata.mjs.map +1 -0
- package/dist/utils/index.d.mts +3 -0
- package/dist/utils/index.mjs +5 -0
- package/dist/utils/is-api-error.d.mts +7 -0
- package/dist/utils/is-api-error.mjs +11 -0
- package/dist/utils/is-api-error.mjs.map +1 -0
- package/dist/utils/is-atom.mjs +8 -0
- package/dist/utils/is-atom.mjs.map +1 -0
- package/dist/utils/is-promise.mjs +8 -0
- package/dist/utils/is-promise.mjs.map +1 -0
- package/dist/utils/middleware-response.mjs +6 -0
- package/dist/utils/middleware-response.mjs.map +1 -0
- package/dist/utils/password.mjs +26 -0
- package/dist/utils/password.mjs.map +1 -0
- package/dist/utils/plugin-helper.mjs +17 -0
- package/dist/utils/plugin-helper.mjs.map +1 -0
- package/dist/utils/shim.mjs +24 -0
- package/dist/utils/shim.mjs.map +1 -0
- package/dist/utils/time.d.mts +49 -0
- package/dist/utils/time.mjs +100 -0
- package/dist/utils/time.mjs.map +1 -0
- package/dist/utils/url.mjs +92 -0
- package/dist/utils/url.mjs.map +1 -0
- package/dist/utils/wildcard.mjs +108 -0
- package/dist/utils/wildcard.mjs.map +1 -0
- package/package.json +601 -0
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
import { betterFetch } from "@better-fetch/fetch";
|
|
2
|
+
|
|
3
|
+
//#region src/plugins/generic-oauth/providers/patreon.ts
|
|
4
|
+
/**
|
|
5
|
+
* Patreon OAuth provider helper
|
|
6
|
+
*
|
|
7
|
+
* @example
|
|
8
|
+
* ```ts
|
|
9
|
+
* import { genericOAuth, patreon } from "better-auth/plugins/generic-oauth";
|
|
10
|
+
*
|
|
11
|
+
* export const auth = betterAuth({
|
|
12
|
+
* plugins: [
|
|
13
|
+
* genericOAuth({
|
|
14
|
+
* config: [
|
|
15
|
+
* patreon({
|
|
16
|
+
* clientId: process.env.PATREON_CLIENT_ID,
|
|
17
|
+
* clientSecret: process.env.PATREON_CLIENT_SECRET,
|
|
18
|
+
* }),
|
|
19
|
+
* ],
|
|
20
|
+
* }),
|
|
21
|
+
* ],
|
|
22
|
+
* });
|
|
23
|
+
* ```
|
|
24
|
+
*/
|
|
25
|
+
function patreon(options) {
|
|
26
|
+
const defaultScopes = ["identity[email]"];
|
|
27
|
+
const getUserInfo = async (tokens) => {
|
|
28
|
+
const { data: profile, error } = await betterFetch("https://www.patreon.com/api/oauth2/v2/identity?fields[user]=email,full_name,image_url,is_email_verified", {
|
|
29
|
+
method: "GET",
|
|
30
|
+
headers: { Authorization: `Bearer ${tokens.accessToken}` }
|
|
31
|
+
});
|
|
32
|
+
if (error || !profile) return null;
|
|
33
|
+
return {
|
|
34
|
+
id: profile.data.id,
|
|
35
|
+
name: profile.data.attributes.full_name,
|
|
36
|
+
email: profile.data.attributes.email,
|
|
37
|
+
image: profile.data.attributes.image_url,
|
|
38
|
+
emailVerified: profile.data.attributes.is_email_verified
|
|
39
|
+
};
|
|
40
|
+
};
|
|
41
|
+
return {
|
|
42
|
+
providerId: "patreon",
|
|
43
|
+
authorizationUrl: "https://www.patreon.com/oauth2/authorize",
|
|
44
|
+
tokenUrl: "https://www.patreon.com/api/oauth2/token",
|
|
45
|
+
clientId: options.clientId,
|
|
46
|
+
clientSecret: options.clientSecret,
|
|
47
|
+
scopes: options.scopes ?? defaultScopes,
|
|
48
|
+
redirectURI: options.redirectURI,
|
|
49
|
+
pkce: options.pkce,
|
|
50
|
+
disableImplicitSignUp: options.disableImplicitSignUp,
|
|
51
|
+
disableSignUp: options.disableSignUp,
|
|
52
|
+
overrideUserInfo: options.overrideUserInfo,
|
|
53
|
+
getUserInfo
|
|
54
|
+
};
|
|
55
|
+
}
|
|
56
|
+
|
|
57
|
+
//#endregion
|
|
58
|
+
export { patreon };
|
|
59
|
+
//# sourceMappingURL=patreon.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"patreon.mjs","names":[],"sources":["../../../../src/plugins/generic-oauth/providers/patreon.ts"],"sourcesContent":["import type { OAuth2Tokens, OAuth2UserInfo } from \"@better-auth/core/oauth2\";\nimport { betterFetch } from \"@better-fetch/fetch\";\nimport type { BaseOAuthProviderOptions, GenericOAuthConfig } from \"../index\";\n\nexport interface PatreonOptions extends BaseOAuthProviderOptions {}\n\ninterface PatreonProfile {\n\tdata: {\n\t\tid: string;\n\t\tattributes: {\n\t\t\tfull_name: string;\n\t\t\temail: string;\n\t\t\timage_url: string;\n\t\t\tis_email_verified: boolean;\n\t\t};\n\t};\n}\n\n/**\n * Patreon OAuth provider helper\n *\n * @example\n * ```ts\n * import { genericOAuth, patreon } from \"better-auth/plugins/generic-oauth\";\n *\n * export const auth = betterAuth({\n * plugins: [\n * genericOAuth({\n * config: [\n * patreon({\n * clientId: process.env.PATREON_CLIENT_ID,\n * clientSecret: process.env.PATREON_CLIENT_SECRET,\n * }),\n * ],\n * }),\n * ],\n * });\n * ```\n */\nexport function patreon(options: PatreonOptions): GenericOAuthConfig {\n\tconst defaultScopes = [\"identity[email]\"];\n\n\tconst getUserInfo = async (\n\t\ttokens: OAuth2Tokens,\n\t): Promise<OAuth2UserInfo | null> => {\n\t\tconst { data: profile, error } = await betterFetch<PatreonProfile>(\n\t\t\t\"https://www.patreon.com/api/oauth2/v2/identity?fields[user]=email,full_name,image_url,is_email_verified\",\n\t\t\t{\n\t\t\t\tmethod: \"GET\",\n\t\t\t\theaders: {\n\t\t\t\t\tAuthorization: `Bearer ${tokens.accessToken}`,\n\t\t\t\t},\n\t\t\t},\n\t\t);\n\n\t\tif (error || !profile) {\n\t\t\treturn null;\n\t\t}\n\n\t\treturn {\n\t\t\tid: profile.data.id,\n\t\t\tname: profile.data.attributes.full_name,\n\t\t\temail: profile.data.attributes.email,\n\t\t\timage: profile.data.attributes.image_url,\n\t\t\temailVerified: profile.data.attributes.is_email_verified,\n\t\t};\n\t};\n\n\treturn {\n\t\tproviderId: \"patreon\",\n\t\tauthorizationUrl: \"https://www.patreon.com/oauth2/authorize\",\n\t\ttokenUrl: \"https://www.patreon.com/api/oauth2/token\",\n\t\tclientId: options.clientId,\n\t\tclientSecret: options.clientSecret,\n\t\tscopes: options.scopes ?? defaultScopes,\n\t\tredirectURI: options.redirectURI,\n\t\tpkce: options.pkce,\n\t\tdisableImplicitSignUp: options.disableImplicitSignUp,\n\t\tdisableSignUp: options.disableSignUp,\n\t\toverrideUserInfo: options.overrideUserInfo,\n\t\tgetUserInfo,\n\t};\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAuCA,SAAgB,QAAQ,SAA6C;CACpE,MAAM,gBAAgB,CAAC,kBAAkB;CAEzC,MAAM,cAAc,OACnB,WACoC;EACpC,MAAM,EAAE,MAAM,SAAS,UAAU,MAAM,YACtC,2GACA;GACC,QAAQ;GACR,SAAS,EACR,eAAe,UAAU,OAAO,eAChC;GACD,CACD;AAED,MAAI,SAAS,CAAC,QACb,QAAO;AAGR,SAAO;GACN,IAAI,QAAQ,KAAK;GACjB,MAAM,QAAQ,KAAK,WAAW;GAC9B,OAAO,QAAQ,KAAK,WAAW;GAC/B,OAAO,QAAQ,KAAK,WAAW;GAC/B,eAAe,QAAQ,KAAK,WAAW;GACvC;;AAGF,QAAO;EACN,YAAY;EACZ,kBAAkB;EAClB,UAAU;EACV,UAAU,QAAQ;EAClB,cAAc,QAAQ;EACtB,QAAQ,QAAQ,UAAU;EAC1B,aAAa,QAAQ;EACrB,MAAM,QAAQ;EACd,uBAAuB,QAAQ;EAC/B,eAAe,QAAQ;EACvB,kBAAkB,QAAQ;EAC1B;EACA"}
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
import { GenericOAuthConfig } from "../types.mjs";
|
|
2
|
+
import { BaseOAuthProviderOptions } from "../index.mjs";
|
|
3
|
+
|
|
4
|
+
//#region src/plugins/generic-oauth/providers/slack.d.ts
|
|
5
|
+
interface SlackOptions extends BaseOAuthProviderOptions {}
|
|
6
|
+
/**
|
|
7
|
+
* Slack OAuth provider helper
|
|
8
|
+
*
|
|
9
|
+
* @example
|
|
10
|
+
* ```ts
|
|
11
|
+
* import { genericOAuth, slack } from "better-auth/plugins/generic-oauth";
|
|
12
|
+
*
|
|
13
|
+
* export const auth = betterAuth({
|
|
14
|
+
* plugins: [
|
|
15
|
+
* genericOAuth({
|
|
16
|
+
* config: [
|
|
17
|
+
* slack({
|
|
18
|
+
* clientId: process.env.SLACK_CLIENT_ID,
|
|
19
|
+
* clientSecret: process.env.SLACK_CLIENT_SECRET,
|
|
20
|
+
* }),
|
|
21
|
+
* ],
|
|
22
|
+
* }),
|
|
23
|
+
* ],
|
|
24
|
+
* });
|
|
25
|
+
* ```
|
|
26
|
+
*/
|
|
27
|
+
declare function slack(options: SlackOptions): GenericOAuthConfig;
|
|
28
|
+
//#endregion
|
|
29
|
+
export { SlackOptions, slack };
|
|
30
|
+
//# sourceMappingURL=slack.d.mts.map
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
import { betterFetch } from "@better-fetch/fetch";
|
|
2
|
+
|
|
3
|
+
//#region src/plugins/generic-oauth/providers/slack.ts
|
|
4
|
+
/**
|
|
5
|
+
* Slack OAuth provider helper
|
|
6
|
+
*
|
|
7
|
+
* @example
|
|
8
|
+
* ```ts
|
|
9
|
+
* import { genericOAuth, slack } from "better-auth/plugins/generic-oauth";
|
|
10
|
+
*
|
|
11
|
+
* export const auth = betterAuth({
|
|
12
|
+
* plugins: [
|
|
13
|
+
* genericOAuth({
|
|
14
|
+
* config: [
|
|
15
|
+
* slack({
|
|
16
|
+
* clientId: process.env.SLACK_CLIENT_ID,
|
|
17
|
+
* clientSecret: process.env.SLACK_CLIENT_SECRET,
|
|
18
|
+
* }),
|
|
19
|
+
* ],
|
|
20
|
+
* }),
|
|
21
|
+
* ],
|
|
22
|
+
* });
|
|
23
|
+
* ```
|
|
24
|
+
*/
|
|
25
|
+
function slack(options) {
|
|
26
|
+
const defaultScopes = [
|
|
27
|
+
"openid",
|
|
28
|
+
"profile",
|
|
29
|
+
"email"
|
|
30
|
+
];
|
|
31
|
+
const getUserInfo = async (tokens) => {
|
|
32
|
+
const { data: profile, error } = await betterFetch("https://slack.com/api/openid.connect.userInfo", { headers: { Authorization: `Bearer ${tokens.accessToken}` } });
|
|
33
|
+
if (error || !profile) return null;
|
|
34
|
+
return {
|
|
35
|
+
id: profile["https://slack.com/user_id"] ?? profile.sub,
|
|
36
|
+
name: profile.name,
|
|
37
|
+
email: profile.email,
|
|
38
|
+
image: profile.picture ?? profile["https://slack.com/user_image_512"],
|
|
39
|
+
emailVerified: profile.email_verified ?? false
|
|
40
|
+
};
|
|
41
|
+
};
|
|
42
|
+
return {
|
|
43
|
+
providerId: "slack",
|
|
44
|
+
authorizationUrl: "https://slack.com/openid/connect/authorize",
|
|
45
|
+
tokenUrl: "https://slack.com/api/openid.connect.token",
|
|
46
|
+
userInfoUrl: "https://slack.com/api/openid.connect.userInfo",
|
|
47
|
+
clientId: options.clientId,
|
|
48
|
+
clientSecret: options.clientSecret,
|
|
49
|
+
scopes: options.scopes ?? defaultScopes,
|
|
50
|
+
redirectURI: options.redirectURI,
|
|
51
|
+
pkce: options.pkce,
|
|
52
|
+
disableImplicitSignUp: options.disableImplicitSignUp,
|
|
53
|
+
disableSignUp: options.disableSignUp,
|
|
54
|
+
overrideUserInfo: options.overrideUserInfo,
|
|
55
|
+
getUserInfo
|
|
56
|
+
};
|
|
57
|
+
}
|
|
58
|
+
|
|
59
|
+
//#endregion
|
|
60
|
+
export { slack };
|
|
61
|
+
//# sourceMappingURL=slack.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"slack.mjs","names":[],"sources":["../../../../src/plugins/generic-oauth/providers/slack.ts"],"sourcesContent":["import type { OAuth2Tokens, OAuth2UserInfo } from \"@better-auth/core/oauth2\";\nimport { betterFetch } from \"@better-fetch/fetch\";\nimport type { BaseOAuthProviderOptions, GenericOAuthConfig } from \"../index\";\n\nexport interface SlackOptions extends BaseOAuthProviderOptions {}\n\ninterface SlackProfile {\n\tsub: string;\n\t\"https://slack.com/user_id\": string;\n\t\"https://slack.com/team_id\": string;\n\temail: string;\n\temail_verified: boolean;\n\tname: string;\n\tpicture?: string;\n\tgiven_name?: string;\n\tfamily_name?: string;\n\tlocale?: string;\n\t\"https://slack.com/team_name\"?: string;\n\t\"https://slack.com/team_domain\"?: string;\n\t\"https://slack.com/user_image_512\"?: string;\n\t[key: string]: any;\n}\n\n/**\n * Slack OAuth provider helper\n *\n * @example\n * ```ts\n * import { genericOAuth, slack } from \"better-auth/plugins/generic-oauth\";\n *\n * export const auth = betterAuth({\n * plugins: [\n * genericOAuth({\n * config: [\n * slack({\n * clientId: process.env.SLACK_CLIENT_ID,\n * clientSecret: process.env.SLACK_CLIENT_SECRET,\n * }),\n * ],\n * }),\n * ],\n * });\n * ```\n */\nexport function slack(options: SlackOptions): GenericOAuthConfig {\n\tconst defaultScopes = [\"openid\", \"profile\", \"email\"];\n\n\tconst getUserInfo = async (\n\t\ttokens: OAuth2Tokens,\n\t): Promise<OAuth2UserInfo | null> => {\n\t\tconst { data: profile, error } = await betterFetch<SlackProfile>(\n\t\t\t\"https://slack.com/api/openid.connect.userInfo\",\n\t\t\t{\n\t\t\t\theaders: {\n\t\t\t\t\tAuthorization: `Bearer ${tokens.accessToken}`,\n\t\t\t\t},\n\t\t\t},\n\t\t);\n\n\t\tif (error || !profile) {\n\t\t\treturn null;\n\t\t}\n\n\t\treturn {\n\t\t\tid: profile[\"https://slack.com/user_id\"] ?? profile.sub,\n\t\t\tname: profile.name,\n\t\t\temail: profile.email,\n\t\t\timage: profile.picture ?? profile[\"https://slack.com/user_image_512\"],\n\t\t\temailVerified: profile.email_verified ?? false,\n\t\t};\n\t};\n\n\treturn {\n\t\tproviderId: \"slack\",\n\t\tauthorizationUrl: \"https://slack.com/openid/connect/authorize\",\n\t\ttokenUrl: \"https://slack.com/api/openid.connect.token\",\n\t\tuserInfoUrl: \"https://slack.com/api/openid.connect.userInfo\",\n\t\tclientId: options.clientId,\n\t\tclientSecret: options.clientSecret,\n\t\tscopes: options.scopes ?? defaultScopes,\n\t\tredirectURI: options.redirectURI,\n\t\tpkce: options.pkce,\n\t\tdisableImplicitSignUp: options.disableImplicitSignUp,\n\t\tdisableSignUp: options.disableSignUp,\n\t\toverrideUserInfo: options.overrideUserInfo,\n\t\tgetUserInfo,\n\t};\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AA4CA,SAAgB,MAAM,SAA2C;CAChE,MAAM,gBAAgB;EAAC;EAAU;EAAW;EAAQ;CAEpD,MAAM,cAAc,OACnB,WACoC;EACpC,MAAM,EAAE,MAAM,SAAS,UAAU,MAAM,YACtC,iDACA,EACC,SAAS,EACR,eAAe,UAAU,OAAO,eAChC,EACD,CACD;AAED,MAAI,SAAS,CAAC,QACb,QAAO;AAGR,SAAO;GACN,IAAI,QAAQ,gCAAgC,QAAQ;GACpD,MAAM,QAAQ;GACd,OAAO,QAAQ;GACf,OAAO,QAAQ,WAAW,QAAQ;GAClC,eAAe,QAAQ,kBAAkB;GACzC;;AAGF,QAAO;EACN,YAAY;EACZ,kBAAkB;EAClB,UAAU;EACV,aAAa;EACb,UAAU,QAAQ;EAClB,cAAc,QAAQ;EACtB,QAAQ,QAAQ,UAAU;EAC1B,aAAa,QAAQ;EACrB,MAAM,QAAQ;EACd,uBAAuB,QAAQ;EAC/B,eAAe,QAAQ;EACvB,kBAAkB,QAAQ;EAC1B;EACA"}
|
|
@@ -0,0 +1,394 @@
|
|
|
1
|
+
import { setSessionCookie } from "../../cookies/index.mjs";
|
|
2
|
+
import { generateState, parseState } from "../../oauth2/state.mjs";
|
|
3
|
+
import { setTokenUtil } from "../../oauth2/utils.mjs";
|
|
4
|
+
import { sessionMiddleware } from "../../api/routes/session.mjs";
|
|
5
|
+
import { handleOAuthUserInfo } from "../../oauth2/link-account.mjs";
|
|
6
|
+
import { HIDE_METADATA } from "../../utils/hide-metadata.mjs";
|
|
7
|
+
import "../../utils/index.mjs";
|
|
8
|
+
import { APIError as APIError$1 } from "../../api/index.mjs";
|
|
9
|
+
import { GENERIC_OAUTH_ERROR_CODES } from "./error-codes.mjs";
|
|
10
|
+
import { BASE_ERROR_CODES } from "@better-auth/core/error";
|
|
11
|
+
import { createAuthorizationURL, validateAuthorizationCode } from "@better-auth/core/oauth2";
|
|
12
|
+
import { createAuthEndpoint } from "@better-auth/core/api";
|
|
13
|
+
import * as z from "zod";
|
|
14
|
+
import { decodeJwt } from "jose";
|
|
15
|
+
import { betterFetch } from "@better-fetch/fetch";
|
|
16
|
+
|
|
17
|
+
//#region src/plugins/generic-oauth/routes.ts
|
|
18
|
+
const signInWithOAuth2BodySchema = z.object({
|
|
19
|
+
providerId: z.string().meta({ description: "The provider ID for the OAuth provider" }),
|
|
20
|
+
callbackURL: z.string().meta({ description: "The URL to redirect to after sign in" }).optional(),
|
|
21
|
+
errorCallbackURL: z.string().meta({ description: "The URL to redirect to if an error occurs" }).optional(),
|
|
22
|
+
newUserCallbackURL: z.string().meta({ description: "The URL to redirect to after login if the user is new. Eg: \"/welcome\"" }).optional(),
|
|
23
|
+
disableRedirect: z.boolean().meta({ description: "Disable redirect" }).optional(),
|
|
24
|
+
scopes: z.array(z.string()).meta({ description: "Scopes to be passed to the provider authorization request." }).optional(),
|
|
25
|
+
requestSignUp: z.boolean().meta({ description: "Explicitly request sign-up. Useful when disableImplicitSignUp is true for this provider. Eg: false" }).optional(),
|
|
26
|
+
additionalData: z.record(z.string(), z.any()).optional()
|
|
27
|
+
});
|
|
28
|
+
/**
|
|
29
|
+
* ### Endpoint
|
|
30
|
+
*
|
|
31
|
+
* POST `/sign-in/oauth2`
|
|
32
|
+
*
|
|
33
|
+
* ### API Methods
|
|
34
|
+
*
|
|
35
|
+
* **server:**
|
|
36
|
+
* `auth.api.signInWithOAuth2`
|
|
37
|
+
*
|
|
38
|
+
* **client:**
|
|
39
|
+
* `authClient.signIn.oauth2`
|
|
40
|
+
*
|
|
41
|
+
* @see [Read our docs to learn more.](https://better-auth.com/docs/plugins/sign-in#api-method-sign-in-oauth2)
|
|
42
|
+
*/
|
|
43
|
+
const signInWithOAuth2 = (options) => createAuthEndpoint("/sign-in/oauth2", {
|
|
44
|
+
method: "POST",
|
|
45
|
+
body: signInWithOAuth2BodySchema,
|
|
46
|
+
metadata: { openapi: {
|
|
47
|
+
description: "Sign in with OAuth2",
|
|
48
|
+
responses: { 200: {
|
|
49
|
+
description: "Sign in with OAuth2",
|
|
50
|
+
content: { "application/json": { schema: {
|
|
51
|
+
type: "object",
|
|
52
|
+
properties: {
|
|
53
|
+
url: { type: "string" },
|
|
54
|
+
redirect: { type: "boolean" }
|
|
55
|
+
}
|
|
56
|
+
} } }
|
|
57
|
+
} }
|
|
58
|
+
} }
|
|
59
|
+
}, async (ctx) => {
|
|
60
|
+
const { providerId } = ctx.body;
|
|
61
|
+
const config = options.config.find((c) => c.providerId === providerId);
|
|
62
|
+
if (!config) throw APIError$1.fromStatus("BAD_REQUEST", { message: `${GENERIC_OAUTH_ERROR_CODES.PROVIDER_CONFIG_NOT_FOUND} ${providerId}` });
|
|
63
|
+
const { discoveryUrl, authorizationUrl, tokenUrl, clientId, clientSecret, scopes, redirectURI, responseType, pkce, prompt, accessType, authorizationUrlParams, responseMode } = config;
|
|
64
|
+
let finalAuthUrl = authorizationUrl;
|
|
65
|
+
let finalTokenUrl = tokenUrl;
|
|
66
|
+
if (discoveryUrl) {
|
|
67
|
+
const discovery = await betterFetch(discoveryUrl, {
|
|
68
|
+
method: "GET",
|
|
69
|
+
headers: config.discoveryHeaders,
|
|
70
|
+
onError(context) {
|
|
71
|
+
ctx.context.logger.error(context.error.message, context.error, { discoveryUrl });
|
|
72
|
+
}
|
|
73
|
+
});
|
|
74
|
+
if (discovery.data) {
|
|
75
|
+
finalAuthUrl = discovery.data.authorization_endpoint;
|
|
76
|
+
finalTokenUrl = discovery.data.token_endpoint;
|
|
77
|
+
}
|
|
78
|
+
}
|
|
79
|
+
if (!finalAuthUrl || !finalTokenUrl) throw APIError$1.from("BAD_REQUEST", GENERIC_OAUTH_ERROR_CODES.INVALID_OAUTH_CONFIGURATION);
|
|
80
|
+
if (authorizationUrlParams) {
|
|
81
|
+
const withAdditionalParams = new URL(finalAuthUrl);
|
|
82
|
+
for (const [paramName, paramValue] of Object.entries(authorizationUrlParams)) withAdditionalParams.searchParams.set(paramName, paramValue);
|
|
83
|
+
finalAuthUrl = withAdditionalParams.toString();
|
|
84
|
+
}
|
|
85
|
+
const additionalParams = typeof authorizationUrlParams === "function" ? authorizationUrlParams(ctx) : authorizationUrlParams;
|
|
86
|
+
const { state, codeVerifier } = await generateState(ctx, void 0, ctx.body.additionalData);
|
|
87
|
+
const authUrl = await createAuthorizationURL({
|
|
88
|
+
id: providerId,
|
|
89
|
+
options: {
|
|
90
|
+
clientId,
|
|
91
|
+
clientSecret,
|
|
92
|
+
redirectURI
|
|
93
|
+
},
|
|
94
|
+
authorizationEndpoint: finalAuthUrl,
|
|
95
|
+
state,
|
|
96
|
+
codeVerifier: pkce ? codeVerifier : void 0,
|
|
97
|
+
scopes: ctx.body.scopes ? [...ctx.body.scopes, ...scopes || []] : scopes || [],
|
|
98
|
+
redirectURI: `${ctx.context.baseURL}/oauth2/callback/${providerId}`,
|
|
99
|
+
prompt,
|
|
100
|
+
accessType,
|
|
101
|
+
responseType,
|
|
102
|
+
responseMode,
|
|
103
|
+
additionalParams
|
|
104
|
+
});
|
|
105
|
+
return ctx.json({
|
|
106
|
+
url: authUrl.toString(),
|
|
107
|
+
redirect: !ctx.body.disableRedirect
|
|
108
|
+
});
|
|
109
|
+
});
|
|
110
|
+
const OAuth2CallbackQuerySchema = z.object({
|
|
111
|
+
code: z.string().meta({ description: "The OAuth2 code" }).optional(),
|
|
112
|
+
error: z.string().meta({ description: "The error message, if any" }).optional(),
|
|
113
|
+
error_description: z.string().meta({ description: "The error description, if any" }).optional(),
|
|
114
|
+
state: z.string().meta({ description: "The state parameter from the OAuth2 request" }).optional()
|
|
115
|
+
});
|
|
116
|
+
const oAuth2Callback = (options) => createAuthEndpoint("/oauth2/callback/:providerId", {
|
|
117
|
+
method: "GET",
|
|
118
|
+
query: OAuth2CallbackQuerySchema,
|
|
119
|
+
metadata: {
|
|
120
|
+
...HIDE_METADATA,
|
|
121
|
+
allowedMediaTypes: ["application/x-www-form-urlencoded", "application/json"],
|
|
122
|
+
openapi: {
|
|
123
|
+
description: "OAuth2 callback",
|
|
124
|
+
responses: { 200: {
|
|
125
|
+
description: "OAuth2 callback",
|
|
126
|
+
content: { "application/json": { schema: {
|
|
127
|
+
type: "object",
|
|
128
|
+
properties: { url: { type: "string" } }
|
|
129
|
+
} } }
|
|
130
|
+
} }
|
|
131
|
+
}
|
|
132
|
+
}
|
|
133
|
+
}, async (ctx) => {
|
|
134
|
+
const defaultErrorURL = ctx.context.options.onAPIError?.errorURL || `${ctx.context.baseURL}/error`;
|
|
135
|
+
if (ctx.query.error || !ctx.query.code) throw ctx.redirect(`${defaultErrorURL}?error=${ctx.query.error || "oAuth_code_missing"}&error_description=${ctx.query.error_description}`);
|
|
136
|
+
const providerId = ctx.params?.providerId;
|
|
137
|
+
if (!providerId) throw APIError$1.from("BAD_REQUEST", GENERIC_OAUTH_ERROR_CODES.PROVIDER_ID_REQUIRED);
|
|
138
|
+
const providerConfig = options.config.find((p) => p.providerId === providerId);
|
|
139
|
+
if (!providerConfig) throw APIError$1.fromStatus("BAD_REQUEST", { message: `${GENERIC_OAUTH_ERROR_CODES.PROVIDER_CONFIG_NOT_FOUND} ${providerId}` });
|
|
140
|
+
let tokens = void 0;
|
|
141
|
+
const { callbackURL, codeVerifier, errorURL, requestSignUp, newUserURL, link } = await parseState(ctx);
|
|
142
|
+
const code = ctx.query.code;
|
|
143
|
+
function redirectOnError(error) {
|
|
144
|
+
const defaultErrorURL = ctx.context.options.onAPIError?.errorURL || `${ctx.context.baseURL}/error`;
|
|
145
|
+
let url = errorURL || defaultErrorURL;
|
|
146
|
+
if (url.includes("?")) url = `${url}&error=${error}`;
|
|
147
|
+
else url = `${url}?error=${error}`;
|
|
148
|
+
throw ctx.redirect(url);
|
|
149
|
+
}
|
|
150
|
+
let finalTokenUrl = providerConfig.tokenUrl;
|
|
151
|
+
let finalUserInfoUrl = providerConfig.userInfoUrl;
|
|
152
|
+
if (providerConfig.discoveryUrl) {
|
|
153
|
+
const discovery = await betterFetch(providerConfig.discoveryUrl, {
|
|
154
|
+
method: "GET",
|
|
155
|
+
headers: providerConfig.discoveryHeaders
|
|
156
|
+
});
|
|
157
|
+
if (discovery.data) {
|
|
158
|
+
finalTokenUrl = discovery.data.token_endpoint;
|
|
159
|
+
finalUserInfoUrl = discovery.data.userinfo_endpoint;
|
|
160
|
+
}
|
|
161
|
+
}
|
|
162
|
+
try {
|
|
163
|
+
if (providerConfig.getToken) tokens = await providerConfig.getToken({
|
|
164
|
+
code,
|
|
165
|
+
redirectURI: `${ctx.context.baseURL}/oauth2/callback/${providerConfig.providerId}`,
|
|
166
|
+
codeVerifier: providerConfig.pkce ? codeVerifier : void 0
|
|
167
|
+
});
|
|
168
|
+
else {
|
|
169
|
+
if (!finalTokenUrl) throw APIError$1.from("BAD_REQUEST", GENERIC_OAUTH_ERROR_CODES.INVALID_OAUTH_CONFIG);
|
|
170
|
+
const additionalParams = typeof providerConfig.tokenUrlParams === "function" ? providerConfig.tokenUrlParams(ctx) : providerConfig.tokenUrlParams;
|
|
171
|
+
tokens = await validateAuthorizationCode({
|
|
172
|
+
headers: providerConfig.authorizationHeaders,
|
|
173
|
+
code,
|
|
174
|
+
codeVerifier: providerConfig.pkce ? codeVerifier : void 0,
|
|
175
|
+
redirectURI: `${ctx.context.baseURL}/oauth2/callback/${providerConfig.providerId}`,
|
|
176
|
+
options: {
|
|
177
|
+
clientId: providerConfig.clientId,
|
|
178
|
+
clientSecret: providerConfig.clientSecret,
|
|
179
|
+
redirectURI: providerConfig.redirectURI
|
|
180
|
+
},
|
|
181
|
+
tokenEndpoint: finalTokenUrl,
|
|
182
|
+
authentication: providerConfig.authentication,
|
|
183
|
+
additionalParams
|
|
184
|
+
});
|
|
185
|
+
}
|
|
186
|
+
} catch (e) {
|
|
187
|
+
ctx.context.logger.error(e && typeof e === "object" && "name" in e ? e.name : "", e);
|
|
188
|
+
throw redirectOnError("oauth_code_verification_failed");
|
|
189
|
+
}
|
|
190
|
+
if (!tokens) throw APIError$1.from("BAD_REQUEST", GENERIC_OAUTH_ERROR_CODES.INVALID_OAUTH_CONFIG);
|
|
191
|
+
const userInfo = await (async function handleUserInfo() {
|
|
192
|
+
const userInfo = providerConfig.getUserInfo ? await providerConfig.getUserInfo(tokens) : await getUserInfo(tokens, finalUserInfoUrl);
|
|
193
|
+
if (!userInfo) throw redirectOnError("user_info_is_missing");
|
|
194
|
+
const mapUser = providerConfig.mapProfileToUser ? await providerConfig.mapProfileToUser(userInfo) : userInfo;
|
|
195
|
+
const email = mapUser.email ? mapUser.email.toLowerCase() : userInfo.email?.toLowerCase();
|
|
196
|
+
if (!email) {
|
|
197
|
+
ctx.context.logger.error("Unable to get user info", userInfo);
|
|
198
|
+
throw redirectOnError("email_is_missing");
|
|
199
|
+
}
|
|
200
|
+
const id = mapUser.id ? String(mapUser.id) : String(userInfo.id);
|
|
201
|
+
const name = mapUser.name ? mapUser.name : userInfo.name;
|
|
202
|
+
if (!name) {
|
|
203
|
+
ctx.context.logger.error("Unable to get user info", userInfo);
|
|
204
|
+
throw redirectOnError("name_is_missing");
|
|
205
|
+
}
|
|
206
|
+
return {
|
|
207
|
+
...userInfo,
|
|
208
|
+
...mapUser,
|
|
209
|
+
email,
|
|
210
|
+
id,
|
|
211
|
+
name
|
|
212
|
+
};
|
|
213
|
+
})();
|
|
214
|
+
if (link) {
|
|
215
|
+
if (ctx.context.options.account?.accountLinking?.allowDifferentEmails !== true && link.email !== userInfo.email) return redirectOnError("email_doesn't_match");
|
|
216
|
+
const existingAccount = await ctx.context.internalAdapter.findAccountByProviderId(String(userInfo.id), providerConfig.providerId);
|
|
217
|
+
if (existingAccount) {
|
|
218
|
+
if (existingAccount.userId !== link.userId) return redirectOnError("account_already_linked_to_different_user");
|
|
219
|
+
const updateData = Object.fromEntries(Object.entries({
|
|
220
|
+
accessToken: await setTokenUtil(tokens.accessToken, ctx.context),
|
|
221
|
+
idToken: tokens.idToken,
|
|
222
|
+
refreshToken: await setTokenUtil(tokens.refreshToken, ctx.context),
|
|
223
|
+
accessTokenExpiresAt: tokens.accessTokenExpiresAt,
|
|
224
|
+
refreshTokenExpiresAt: tokens.refreshTokenExpiresAt,
|
|
225
|
+
scope: tokens.scopes?.join(",")
|
|
226
|
+
}).filter(([_, value]) => value !== void 0));
|
|
227
|
+
await ctx.context.internalAdapter.updateAccount(existingAccount.id, updateData);
|
|
228
|
+
} else if (!await ctx.context.internalAdapter.createAccount({
|
|
229
|
+
userId: link.userId,
|
|
230
|
+
providerId: providerConfig.providerId,
|
|
231
|
+
accountId: userInfo.id,
|
|
232
|
+
accessToken: await setTokenUtil(tokens.accessToken, ctx.context),
|
|
233
|
+
accessTokenExpiresAt: tokens.accessTokenExpiresAt,
|
|
234
|
+
refreshTokenExpiresAt: tokens.refreshTokenExpiresAt,
|
|
235
|
+
scope: tokens.scopes?.join(","),
|
|
236
|
+
refreshToken: await setTokenUtil(tokens.refreshToken, ctx.context),
|
|
237
|
+
idToken: tokens.idToken
|
|
238
|
+
})) return redirectOnError("unable_to_link_account");
|
|
239
|
+
let toRedirectTo;
|
|
240
|
+
try {
|
|
241
|
+
toRedirectTo = callbackURL.toString();
|
|
242
|
+
} catch {
|
|
243
|
+
toRedirectTo = callbackURL;
|
|
244
|
+
}
|
|
245
|
+
throw ctx.redirect(toRedirectTo);
|
|
246
|
+
}
|
|
247
|
+
const result = await handleOAuthUserInfo(ctx, {
|
|
248
|
+
userInfo,
|
|
249
|
+
account: {
|
|
250
|
+
providerId: providerConfig.providerId,
|
|
251
|
+
accountId: userInfo.id,
|
|
252
|
+
...tokens,
|
|
253
|
+
scope: tokens.scopes?.join(",")
|
|
254
|
+
},
|
|
255
|
+
callbackURL,
|
|
256
|
+
disableSignUp: providerConfig.disableImplicitSignUp && !requestSignUp || providerConfig.disableSignUp,
|
|
257
|
+
overrideUserInfo: providerConfig.overrideUserInfo
|
|
258
|
+
});
|
|
259
|
+
if (result.error) return redirectOnError(result.error.split(" ").join("_"));
|
|
260
|
+
const { session, user } = result.data;
|
|
261
|
+
await setSessionCookie(ctx, {
|
|
262
|
+
session,
|
|
263
|
+
user
|
|
264
|
+
});
|
|
265
|
+
let toRedirectTo;
|
|
266
|
+
try {
|
|
267
|
+
toRedirectTo = (result.isRegister ? newUserURL || callbackURL : callbackURL).toString();
|
|
268
|
+
} catch {
|
|
269
|
+
toRedirectTo = result.isRegister ? newUserURL || callbackURL : callbackURL;
|
|
270
|
+
}
|
|
271
|
+
throw ctx.redirect(toRedirectTo);
|
|
272
|
+
});
|
|
273
|
+
const OAuth2LinkAccountBodySchema = z.object({
|
|
274
|
+
providerId: z.string(),
|
|
275
|
+
callbackURL: z.string(),
|
|
276
|
+
scopes: z.array(z.string()).meta({ description: "Additional scopes to request when linking the account" }).optional(),
|
|
277
|
+
errorCallbackURL: z.string().meta({ description: "The URL to redirect to if there is an error during the link process" }).optional()
|
|
278
|
+
});
|
|
279
|
+
/**
|
|
280
|
+
* ### Endpoint
|
|
281
|
+
*
|
|
282
|
+
* POST `/oauth2/link`
|
|
283
|
+
*
|
|
284
|
+
* ### API Methods
|
|
285
|
+
*
|
|
286
|
+
* **server:**
|
|
287
|
+
* `auth.api.oAuth2LinkAccount`
|
|
288
|
+
*
|
|
289
|
+
* **client:**
|
|
290
|
+
* `authClient.oauth2.link`
|
|
291
|
+
*
|
|
292
|
+
* @see [Read our docs to learn more.](https://better-auth.com/docs/plugins/generic-oauth#api-method-oauth2-link)
|
|
293
|
+
*/
|
|
294
|
+
const oAuth2LinkAccount = (options) => createAuthEndpoint("/oauth2/link", {
|
|
295
|
+
method: "POST",
|
|
296
|
+
body: OAuth2LinkAccountBodySchema,
|
|
297
|
+
use: [sessionMiddleware],
|
|
298
|
+
metadata: { openapi: {
|
|
299
|
+
description: "Link an OAuth2 account to the current user session",
|
|
300
|
+
responses: { "200": {
|
|
301
|
+
description: "Authorization URL generated successfully for linking an OAuth2 account",
|
|
302
|
+
content: { "application/json": { schema: {
|
|
303
|
+
type: "object",
|
|
304
|
+
properties: {
|
|
305
|
+
url: {
|
|
306
|
+
type: "string",
|
|
307
|
+
format: "uri",
|
|
308
|
+
description: "The authorization URL to redirect the user to for linking the OAuth2 account"
|
|
309
|
+
},
|
|
310
|
+
redirect: {
|
|
311
|
+
type: "boolean",
|
|
312
|
+
description: "Indicates that the client should redirect to the provided URL",
|
|
313
|
+
enum: [true]
|
|
314
|
+
}
|
|
315
|
+
},
|
|
316
|
+
required: ["url", "redirect"]
|
|
317
|
+
} } }
|
|
318
|
+
} }
|
|
319
|
+
} }
|
|
320
|
+
}, async (c) => {
|
|
321
|
+
const session = c.context.session;
|
|
322
|
+
if (!session) throw APIError$1.from("UNAUTHORIZED", GENERIC_OAUTH_ERROR_CODES.SESSION_REQUIRED);
|
|
323
|
+
const provider = options.config.find((p) => p.providerId === c.body.providerId);
|
|
324
|
+
if (!provider) throw APIError$1.from("NOT_FOUND", BASE_ERROR_CODES.PROVIDER_NOT_FOUND);
|
|
325
|
+
const { providerId, clientId, clientSecret, redirectURI, authorizationUrl, discoveryUrl, pkce, scopes, prompt, accessType, authorizationUrlParams } = provider;
|
|
326
|
+
let finalAuthUrl = authorizationUrl;
|
|
327
|
+
if (!finalAuthUrl) {
|
|
328
|
+
if (!discoveryUrl) throw APIError$1.from("BAD_REQUEST", GENERIC_OAUTH_ERROR_CODES.INVALID_OAUTH_CONFIGURATION);
|
|
329
|
+
const discovery = await betterFetch(discoveryUrl, {
|
|
330
|
+
method: "GET",
|
|
331
|
+
headers: provider.discoveryHeaders,
|
|
332
|
+
onError(context) {
|
|
333
|
+
c.context.logger.error(context.error.message, context.error, { discoveryUrl });
|
|
334
|
+
}
|
|
335
|
+
});
|
|
336
|
+
if (discovery.data) finalAuthUrl = discovery.data.authorization_endpoint;
|
|
337
|
+
}
|
|
338
|
+
if (!finalAuthUrl) throw APIError$1.from("BAD_REQUEST", GENERIC_OAUTH_ERROR_CODES.INVALID_OAUTH_CONFIGURATION);
|
|
339
|
+
const state = await generateState(c, {
|
|
340
|
+
userId: session.user.id,
|
|
341
|
+
email: session.user.email
|
|
342
|
+
}, void 0);
|
|
343
|
+
const additionalParams = typeof authorizationUrlParams === "function" ? authorizationUrlParams(c) : authorizationUrlParams;
|
|
344
|
+
const url = await createAuthorizationURL({
|
|
345
|
+
id: providerId,
|
|
346
|
+
options: {
|
|
347
|
+
clientId,
|
|
348
|
+
clientSecret,
|
|
349
|
+
redirectURI: redirectURI || `${c.context.baseURL}/oauth2/callback/${providerId}`
|
|
350
|
+
},
|
|
351
|
+
authorizationEndpoint: finalAuthUrl,
|
|
352
|
+
state: state.state,
|
|
353
|
+
codeVerifier: pkce ? state.codeVerifier : void 0,
|
|
354
|
+
scopes: c.body.scopes || scopes || [],
|
|
355
|
+
redirectURI: redirectURI || `${c.context.baseURL}/oauth2/callback/${providerId}`,
|
|
356
|
+
prompt,
|
|
357
|
+
accessType,
|
|
358
|
+
additionalParams
|
|
359
|
+
});
|
|
360
|
+
return c.json({
|
|
361
|
+
url: url.toString(),
|
|
362
|
+
redirect: true
|
|
363
|
+
});
|
|
364
|
+
});
|
|
365
|
+
async function getUserInfo(tokens, finalUserInfoUrl) {
|
|
366
|
+
if (tokens.idToken) {
|
|
367
|
+
const decoded = decodeJwt(tokens.idToken);
|
|
368
|
+
if (decoded) {
|
|
369
|
+
if (decoded.sub && decoded.email) return {
|
|
370
|
+
id: decoded.sub,
|
|
371
|
+
emailVerified: decoded.email_verified,
|
|
372
|
+
image: decoded.picture,
|
|
373
|
+
...decoded
|
|
374
|
+
};
|
|
375
|
+
}
|
|
376
|
+
}
|
|
377
|
+
if (!finalUserInfoUrl) return null;
|
|
378
|
+
const userInfo = await betterFetch(finalUserInfoUrl, {
|
|
379
|
+
method: "GET",
|
|
380
|
+
headers: { Authorization: `Bearer ${tokens.accessToken}` }
|
|
381
|
+
});
|
|
382
|
+
return {
|
|
383
|
+
id: userInfo.data?.sub ?? "",
|
|
384
|
+
emailVerified: userInfo.data?.email_verified ?? false,
|
|
385
|
+
email: userInfo.data?.email,
|
|
386
|
+
image: userInfo.data?.picture,
|
|
387
|
+
name: userInfo.data?.name,
|
|
388
|
+
...userInfo.data
|
|
389
|
+
};
|
|
390
|
+
}
|
|
391
|
+
|
|
392
|
+
//#endregion
|
|
393
|
+
export { getUserInfo, oAuth2Callback, oAuth2LinkAccount, signInWithOAuth2 };
|
|
394
|
+
//# sourceMappingURL=routes.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"routes.mjs","names":["APIError"],"sources":["../../../src/plugins/generic-oauth/routes.ts"],"sourcesContent":["import type { GenericEndpointContext } from \"@better-auth/core\";\nimport { createAuthEndpoint } from \"@better-auth/core/api\";\nimport { BASE_ERROR_CODES } from \"@better-auth/core/error\";\nimport type { OAuth2Tokens, OAuth2UserInfo } from \"@better-auth/core/oauth2\";\nimport {\n\tcreateAuthorizationURL,\n\tvalidateAuthorizationCode,\n} from \"@better-auth/core/oauth2\";\nimport { betterFetch } from \"@better-fetch/fetch\";\nimport { decodeJwt } from \"jose\";\nimport * as z from \"zod\";\nimport { APIError, sessionMiddleware } from \"../../api\";\nimport { setSessionCookie } from \"../../cookies\";\nimport { handleOAuthUserInfo } from \"../../oauth2/link-account\";\nimport { generateState, parseState } from \"../../oauth2/state\";\nimport { setTokenUtil } from \"../../oauth2/utils\";\nimport type { User } from \"../../types\";\nimport { HIDE_METADATA } from \"../../utils\";\nimport { GENERIC_OAUTH_ERROR_CODES } from \"./error-codes\";\nimport type { GenericOAuthOptions } from \"./types\";\n\nconst signInWithOAuth2BodySchema = z.object({\n\tproviderId: z.string().meta({\n\t\tdescription: \"The provider ID for the OAuth provider\",\n\t}),\n\tcallbackURL: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription: \"The URL to redirect to after sign in\",\n\t\t})\n\t\t.optional(),\n\terrorCallbackURL: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription: \"The URL to redirect to if an error occurs\",\n\t\t})\n\t\t.optional(),\n\tnewUserCallbackURL: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t'The URL to redirect to after login if the user is new. Eg: \"/welcome\"',\n\t\t})\n\t\t.optional(),\n\tdisableRedirect: z\n\t\t.boolean()\n\t\t.meta({\n\t\t\tdescription: \"Disable redirect\",\n\t\t})\n\t\t.optional(),\n\tscopes: z\n\t\t.array(z.string())\n\t\t.meta({\n\t\t\tdescription: \"Scopes to be passed to the provider authorization request.\",\n\t\t})\n\t\t.optional(),\n\trequestSignUp: z\n\t\t.boolean()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t\"Explicitly request sign-up. Useful when disableImplicitSignUp is true for this provider. Eg: false\",\n\t\t})\n\t\t.optional(),\n\t/**\n\t * Any additional data to pass through the oauth flow.\n\t */\n\tadditionalData: z.record(z.string(), z.any()).optional(),\n});\n\n/**\n * ### Endpoint\n *\n * POST `/sign-in/oauth2`\n *\n * ### API Methods\n *\n * **server:**\n * `auth.api.signInWithOAuth2`\n *\n * **client:**\n * `authClient.signIn.oauth2`\n *\n * @see [Read our docs to learn more.](https://better-auth.com/docs/plugins/sign-in#api-method-sign-in-oauth2)\n */\nexport const signInWithOAuth2 = (options: GenericOAuthOptions) =>\n\tcreateAuthEndpoint(\n\t\t\"/sign-in/oauth2\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\tbody: signInWithOAuth2BodySchema,\n\t\t\tmetadata: {\n\t\t\t\topenapi: {\n\t\t\t\t\tdescription: \"Sign in with OAuth2\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t200: {\n\t\t\t\t\t\t\tdescription: \"Sign in with OAuth2\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\turl: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tredirect: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"boolean\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx: GenericEndpointContext) => {\n\t\t\tconst { providerId } = ctx.body;\n\t\t\tconst config = options.config.find((c) => c.providerId === providerId);\n\t\t\tif (!config) {\n\t\t\t\tthrow APIError.fromStatus(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: `${GENERIC_OAUTH_ERROR_CODES.PROVIDER_CONFIG_NOT_FOUND} ${providerId}`,\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst {\n\t\t\t\tdiscoveryUrl,\n\t\t\t\tauthorizationUrl,\n\t\t\t\ttokenUrl,\n\t\t\t\tclientId,\n\t\t\t\tclientSecret,\n\t\t\t\tscopes,\n\t\t\t\tredirectURI,\n\t\t\t\tresponseType,\n\t\t\t\tpkce,\n\t\t\t\tprompt,\n\t\t\t\taccessType,\n\t\t\t\tauthorizationUrlParams,\n\t\t\t\tresponseMode,\n\t\t\t} = config;\n\t\t\tlet finalAuthUrl = authorizationUrl;\n\t\t\tlet finalTokenUrl = tokenUrl;\n\t\t\tif (discoveryUrl) {\n\t\t\t\tconst discovery = await betterFetch<{\n\t\t\t\t\tauthorization_endpoint: string;\n\t\t\t\t\ttoken_endpoint: string;\n\t\t\t\t}>(discoveryUrl, {\n\t\t\t\t\tmethod: \"GET\",\n\t\t\t\t\theaders: config.discoveryHeaders,\n\t\t\t\t\tonError(context) {\n\t\t\t\t\t\tctx.context.logger.error(context.error.message, context.error, {\n\t\t\t\t\t\t\tdiscoveryUrl,\n\t\t\t\t\t\t});\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t\tif (discovery.data) {\n\t\t\t\t\tfinalAuthUrl = discovery.data.authorization_endpoint;\n\t\t\t\t\tfinalTokenUrl = discovery.data.token_endpoint;\n\t\t\t\t}\n\t\t\t}\n\t\t\tif (!finalAuthUrl || !finalTokenUrl) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tGENERIC_OAUTH_ERROR_CODES.INVALID_OAUTH_CONFIGURATION,\n\t\t\t\t);\n\t\t\t}\n\t\t\tif (authorizationUrlParams) {\n\t\t\t\tconst withAdditionalParams = new URL(finalAuthUrl);\n\t\t\t\tfor (const [paramName, paramValue] of Object.entries(\n\t\t\t\t\tauthorizationUrlParams,\n\t\t\t\t)) {\n\t\t\t\t\twithAdditionalParams.searchParams.set(paramName, paramValue);\n\t\t\t\t}\n\t\t\t\tfinalAuthUrl = withAdditionalParams.toString();\n\t\t\t}\n\t\t\tconst additionalParams =\n\t\t\t\ttypeof authorizationUrlParams === \"function\"\n\t\t\t\t\t? authorizationUrlParams(ctx)\n\t\t\t\t\t: authorizationUrlParams;\n\n\t\t\tconst { state, codeVerifier } = await generateState(\n\t\t\t\tctx,\n\t\t\t\tundefined,\n\t\t\t\tctx.body.additionalData,\n\t\t\t);\n\t\t\tconst authUrl = await createAuthorizationURL({\n\t\t\t\tid: providerId,\n\t\t\t\toptions: {\n\t\t\t\t\tclientId,\n\t\t\t\t\tclientSecret,\n\t\t\t\t\tredirectURI,\n\t\t\t\t},\n\t\t\t\tauthorizationEndpoint: finalAuthUrl,\n\t\t\t\tstate,\n\t\t\t\tcodeVerifier: pkce ? codeVerifier : undefined,\n\t\t\t\tscopes: ctx.body.scopes\n\t\t\t\t\t? [...ctx.body.scopes, ...(scopes || [])]\n\t\t\t\t\t: scopes || [],\n\t\t\t\tredirectURI: `${ctx.context.baseURL}/oauth2/callback/${providerId}`,\n\t\t\t\tprompt,\n\t\t\t\taccessType,\n\t\t\t\tresponseType,\n\t\t\t\tresponseMode,\n\t\t\t\tadditionalParams,\n\t\t\t});\n\t\t\treturn ctx.json({\n\t\t\t\turl: authUrl.toString(),\n\t\t\t\tredirect: !ctx.body.disableRedirect,\n\t\t\t});\n\t\t},\n\t);\n\nconst OAuth2CallbackQuerySchema = z.object({\n\tcode: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription: \"The OAuth2 code\",\n\t\t})\n\t\t.optional(),\n\terror: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription: \"The error message, if any\",\n\t\t})\n\t\t.optional(),\n\terror_description: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription: \"The error description, if any\",\n\t\t})\n\t\t.optional(),\n\tstate: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription: \"The state parameter from the OAuth2 request\",\n\t\t})\n\t\t.optional(),\n});\n\nexport const oAuth2Callback = (options: GenericOAuthOptions) =>\n\tcreateAuthEndpoint(\n\t\t\"/oauth2/callback/:providerId\",\n\t\t{\n\t\t\tmethod: \"GET\",\n\t\t\tquery: OAuth2CallbackQuerySchema,\n\t\t\tmetadata: {\n\t\t\t\t...HIDE_METADATA,\n\t\t\t\tallowedMediaTypes: [\n\t\t\t\t\t\"application/x-www-form-urlencoded\",\n\t\t\t\t\t\"application/json\",\n\t\t\t\t],\n\t\t\t\topenapi: {\n\t\t\t\t\tdescription: \"OAuth2 callback\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t200: {\n\t\t\t\t\t\t\tdescription: \"OAuth2 callback\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\turl: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx: GenericEndpointContext) => {\n\t\t\tconst defaultErrorURL =\n\t\t\t\tctx.context.options.onAPIError?.errorURL ||\n\t\t\t\t`${ctx.context.baseURL}/error`;\n\t\t\tif (ctx.query.error || !ctx.query.code) {\n\t\t\t\tthrow ctx.redirect(\n\t\t\t\t\t`${defaultErrorURL}?error=${\n\t\t\t\t\t\tctx.query.error || \"oAuth_code_missing\"\n\t\t\t\t\t}&error_description=${ctx.query.error_description}`,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst providerId = ctx.params?.providerId;\n\t\t\tif (!providerId) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tGENERIC_OAUTH_ERROR_CODES.PROVIDER_ID_REQUIRED,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst providerConfig = options.config.find(\n\t\t\t\t(p) => p.providerId === providerId,\n\t\t\t);\n\n\t\t\tif (!providerConfig) {\n\t\t\t\tthrow APIError.fromStatus(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: `${GENERIC_OAUTH_ERROR_CODES.PROVIDER_CONFIG_NOT_FOUND} ${providerId}`,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tlet tokens: OAuth2Tokens | undefined = undefined;\n\t\t\tconst parsedState = await parseState(ctx);\n\t\t\tconst {\n\t\t\t\tcallbackURL,\n\t\t\t\tcodeVerifier,\n\t\t\t\terrorURL,\n\t\t\t\trequestSignUp,\n\t\t\t\tnewUserURL,\n\t\t\t\tlink,\n\t\t\t} = parsedState;\n\t\t\tconst code = ctx.query.code;\n\n\t\t\tfunction redirectOnError(error: string) {\n\t\t\t\tconst defaultErrorURL =\n\t\t\t\t\tctx.context.options.onAPIError?.errorURL ||\n\t\t\t\t\t`${ctx.context.baseURL}/error`;\n\t\t\t\tlet url = errorURL || defaultErrorURL;\n\t\t\t\tif (url.includes(\"?\")) {\n\t\t\t\t\turl = `${url}&error=${error}`;\n\t\t\t\t} else {\n\t\t\t\t\turl = `${url}?error=${error}`;\n\t\t\t\t}\n\t\t\t\tthrow ctx.redirect(url);\n\t\t\t}\n\n\t\t\tlet finalTokenUrl = providerConfig.tokenUrl;\n\t\t\tlet finalUserInfoUrl = providerConfig.userInfoUrl;\n\t\t\tif (providerConfig.discoveryUrl) {\n\t\t\t\tconst discovery = await betterFetch<{\n\t\t\t\t\ttoken_endpoint: string;\n\t\t\t\t\tuserinfo_endpoint: string;\n\t\t\t\t}>(providerConfig.discoveryUrl, {\n\t\t\t\t\tmethod: \"GET\",\n\t\t\t\t\theaders: providerConfig.discoveryHeaders,\n\t\t\t\t});\n\t\t\t\tif (discovery.data) {\n\t\t\t\t\tfinalTokenUrl = discovery.data.token_endpoint;\n\t\t\t\t\tfinalUserInfoUrl = discovery.data.userinfo_endpoint;\n\t\t\t\t}\n\t\t\t}\n\t\t\ttry {\n\t\t\t\t// Use custom getToken if provided\n\t\t\t\tif (providerConfig.getToken) {\n\t\t\t\t\ttokens = await providerConfig.getToken({\n\t\t\t\t\t\tcode,\n\t\t\t\t\t\tredirectURI: `${ctx.context.baseURL}/oauth2/callback/${providerConfig.providerId}`,\n\t\t\t\t\t\tcodeVerifier: providerConfig.pkce ? codeVerifier : undefined,\n\t\t\t\t\t});\n\t\t\t\t} else {\n\t\t\t\t\t// Standard token exchange with tokenUrlParams support\n\t\t\t\t\tif (!finalTokenUrl) {\n\t\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\t\tGENERIC_OAUTH_ERROR_CODES.INVALID_OAUTH_CONFIG,\n\t\t\t\t\t\t);\n\t\t\t\t\t}\n\t\t\t\t\tconst additionalParams =\n\t\t\t\t\t\ttypeof providerConfig.tokenUrlParams === \"function\"\n\t\t\t\t\t\t\t? providerConfig.tokenUrlParams(ctx)\n\t\t\t\t\t\t\t: providerConfig.tokenUrlParams;\n\t\t\t\t\ttokens = await validateAuthorizationCode({\n\t\t\t\t\t\theaders: providerConfig.authorizationHeaders,\n\t\t\t\t\t\tcode,\n\t\t\t\t\t\tcodeVerifier: providerConfig.pkce ? codeVerifier : undefined,\n\t\t\t\t\t\tredirectURI: `${ctx.context.baseURL}/oauth2/callback/${providerConfig.providerId}`,\n\t\t\t\t\t\toptions: {\n\t\t\t\t\t\t\tclientId: providerConfig.clientId,\n\t\t\t\t\t\t\tclientSecret: providerConfig.clientSecret,\n\t\t\t\t\t\t\tredirectURI: providerConfig.redirectURI,\n\t\t\t\t\t\t},\n\t\t\t\t\t\ttokenEndpoint: finalTokenUrl,\n\t\t\t\t\t\tauthentication: providerConfig.authentication,\n\t\t\t\t\t\tadditionalParams,\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t} catch (e) {\n\t\t\t\tctx.context.logger.error(\n\t\t\t\t\te && typeof e === \"object\" && \"name\" in e ? (e.name as string) : \"\",\n\t\t\t\t\te,\n\t\t\t\t);\n\t\t\t\tthrow redirectOnError(\"oauth_code_verification_failed\");\n\t\t\t}\n\t\t\tif (!tokens) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tGENERIC_OAUTH_ERROR_CODES.INVALID_OAUTH_CONFIG,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst userInfo: Omit<User, \"createdAt\" | \"updatedAt\"> =\n\t\t\t\tawait (async function handleUserInfo() {\n\t\t\t\t\tconst userInfo = (\n\t\t\t\t\t\tproviderConfig.getUserInfo\n\t\t\t\t\t\t\t? await providerConfig.getUserInfo(tokens)\n\t\t\t\t\t\t\t: await getUserInfo(tokens, finalUserInfoUrl)\n\t\t\t\t\t) as OAuth2UserInfo | null;\n\t\t\t\t\tif (!userInfo) {\n\t\t\t\t\t\tthrow redirectOnError(\"user_info_is_missing\");\n\t\t\t\t\t}\n\t\t\t\t\tconst mapUser = providerConfig.mapProfileToUser\n\t\t\t\t\t\t? await providerConfig.mapProfileToUser(userInfo)\n\t\t\t\t\t\t: userInfo;\n\t\t\t\t\tconst email = mapUser.email\n\t\t\t\t\t\t? mapUser.email.toLowerCase()\n\t\t\t\t\t\t: userInfo.email?.toLowerCase();\n\t\t\t\t\tif (!email) {\n\t\t\t\t\t\tctx.context.logger.error(\"Unable to get user info\", userInfo);\n\t\t\t\t\t\tthrow redirectOnError(\"email_is_missing\");\n\t\t\t\t\t}\n\t\t\t\t\tconst id = mapUser.id ? String(mapUser.id) : String(userInfo.id);\n\t\t\t\t\tconst name = mapUser.name ? mapUser.name : userInfo.name;\n\t\t\t\t\tif (!name) {\n\t\t\t\t\t\tctx.context.logger.error(\"Unable to get user info\", userInfo);\n\t\t\t\t\t\tthrow redirectOnError(\"name_is_missing\");\n\t\t\t\t\t}\n\t\t\t\t\treturn {\n\t\t\t\t\t\t...userInfo,\n\t\t\t\t\t\t...mapUser,\n\t\t\t\t\t\temail,\n\t\t\t\t\t\tid,\n\t\t\t\t\t\tname,\n\t\t\t\t\t};\n\t\t\t\t})();\n\t\t\tif (link) {\n\t\t\t\tif (\n\t\t\t\t\tctx.context.options.account?.accountLinking?.allowDifferentEmails !==\n\t\t\t\t\t\ttrue &&\n\t\t\t\t\tlink.email !== userInfo.email\n\t\t\t\t) {\n\t\t\t\t\treturn redirectOnError(\"email_doesn't_match\");\n\t\t\t\t}\n\t\t\t\tconst existingAccount =\n\t\t\t\t\tawait ctx.context.internalAdapter.findAccountByProviderId(\n\t\t\t\t\t\tString(userInfo.id),\n\t\t\t\t\t\tproviderConfig.providerId,\n\t\t\t\t\t);\n\t\t\t\tif (existingAccount) {\n\t\t\t\t\tif (existingAccount.userId !== link.userId) {\n\t\t\t\t\t\treturn redirectOnError(\"account_already_linked_to_different_user\");\n\t\t\t\t\t}\n\t\t\t\t\tconst updateData = Object.fromEntries(\n\t\t\t\t\t\tObject.entries({\n\t\t\t\t\t\t\taccessToken: await setTokenUtil(tokens.accessToken, ctx.context),\n\t\t\t\t\t\t\tidToken: tokens.idToken,\n\t\t\t\t\t\t\trefreshToken: await setTokenUtil(\n\t\t\t\t\t\t\t\ttokens.refreshToken,\n\t\t\t\t\t\t\t\tctx.context,\n\t\t\t\t\t\t\t),\n\t\t\t\t\t\t\taccessTokenExpiresAt: tokens.accessTokenExpiresAt,\n\t\t\t\t\t\t\trefreshTokenExpiresAt: tokens.refreshTokenExpiresAt,\n\t\t\t\t\t\t\tscope: tokens.scopes?.join(\",\"),\n\t\t\t\t\t\t}).filter(([_, value]) => value !== undefined),\n\t\t\t\t\t);\n\t\t\t\t\tawait ctx.context.internalAdapter.updateAccount(\n\t\t\t\t\t\texistingAccount.id,\n\t\t\t\t\t\tupdateData,\n\t\t\t\t\t);\n\t\t\t\t} else {\n\t\t\t\t\tconst newAccount = await ctx.context.internalAdapter.createAccount({\n\t\t\t\t\t\tuserId: link.userId,\n\t\t\t\t\t\tproviderId: providerConfig.providerId,\n\t\t\t\t\t\taccountId: userInfo.id,\n\t\t\t\t\t\taccessToken: await setTokenUtil(tokens.accessToken, ctx.context),\n\t\t\t\t\t\taccessTokenExpiresAt: tokens.accessTokenExpiresAt,\n\t\t\t\t\t\trefreshTokenExpiresAt: tokens.refreshTokenExpiresAt,\n\t\t\t\t\t\tscope: tokens.scopes?.join(\",\"),\n\t\t\t\t\t\trefreshToken: await setTokenUtil(tokens.refreshToken, ctx.context),\n\t\t\t\t\t\tidToken: tokens.idToken,\n\t\t\t\t\t});\n\t\t\t\t\tif (!newAccount) {\n\t\t\t\t\t\treturn redirectOnError(\"unable_to_link_account\");\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tlet toRedirectTo: string;\n\t\t\t\ttry {\n\t\t\t\t\tconst url = callbackURL;\n\t\t\t\t\ttoRedirectTo = url.toString();\n\t\t\t\t} catch {\n\t\t\t\t\ttoRedirectTo = callbackURL;\n\t\t\t\t}\n\t\t\t\tthrow ctx.redirect(toRedirectTo);\n\t\t\t}\n\n\t\t\tconst result = await handleOAuthUserInfo(ctx, {\n\t\t\t\tuserInfo,\n\t\t\t\taccount: {\n\t\t\t\t\tproviderId: providerConfig.providerId,\n\t\t\t\t\taccountId: userInfo.id,\n\t\t\t\t\t...tokens,\n\t\t\t\t\tscope: tokens.scopes?.join(\",\"),\n\t\t\t\t},\n\t\t\t\tcallbackURL: callbackURL,\n\t\t\t\tdisableSignUp:\n\t\t\t\t\t(providerConfig.disableImplicitSignUp && !requestSignUp) ||\n\t\t\t\t\tproviderConfig.disableSignUp,\n\t\t\t\toverrideUserInfo: providerConfig.overrideUserInfo,\n\t\t\t});\n\n\t\t\tif (result.error) {\n\t\t\t\treturn redirectOnError(result.error.split(\" \").join(\"_\"));\n\t\t\t}\n\t\t\tconst { session, user } = result.data!;\n\t\t\tawait setSessionCookie(ctx, {\n\t\t\t\tsession,\n\t\t\t\tuser,\n\t\t\t});\n\t\t\tlet toRedirectTo: string;\n\t\t\ttry {\n\t\t\t\tconst url = result.isRegister ? newUserURL || callbackURL : callbackURL;\n\t\t\t\ttoRedirectTo = url.toString();\n\t\t\t} catch {\n\t\t\t\ttoRedirectTo = result.isRegister\n\t\t\t\t\t? newUserURL || callbackURL\n\t\t\t\t\t: callbackURL;\n\t\t\t}\n\t\t\tthrow ctx.redirect(toRedirectTo);\n\t\t},\n\t);\n\nconst OAuth2LinkAccountBodySchema = z.object({\n\tproviderId: z.string(),\n\t/**\n\t * Callback URL to redirect to after the user has signed in.\n\t */\n\tcallbackURL: z.string(),\n\t/**\n\t * Additional scopes to request when linking the account.\n\t * This is useful for requesting additional permissions when\n\t * linking a social account compared to the initial authentication.\n\t */\n\tscopes: z\n\t\t.array(z.string())\n\t\t.meta({\n\t\t\tdescription: \"Additional scopes to request when linking the account\",\n\t\t})\n\t\t.optional(),\n\t/**\n\t * The URL to redirect to if there is an error during the link process.\n\t */\n\terrorCallbackURL: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t\"The URL to redirect to if there is an error during the link process\",\n\t\t})\n\t\t.optional(),\n});\n/**\n * ### Endpoint\n *\n * POST `/oauth2/link`\n *\n * ### API Methods\n *\n * **server:**\n * `auth.api.oAuth2LinkAccount`\n *\n * **client:**\n * `authClient.oauth2.link`\n *\n * @see [Read our docs to learn more.](https://better-auth.com/docs/plugins/generic-oauth#api-method-oauth2-link)\n */\nexport const oAuth2LinkAccount = (options: GenericOAuthOptions) =>\n\tcreateAuthEndpoint(\n\t\t\"/oauth2/link\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\tbody: OAuth2LinkAccountBodySchema,\n\t\t\tuse: [sessionMiddleware],\n\t\t\tmetadata: {\n\t\t\t\topenapi: {\n\t\t\t\t\tdescription: \"Link an OAuth2 account to the current user session\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\"Authorization URL generated successfully for linking an OAuth2 account\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\turl: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\tformat: \"uri\",\n\t\t\t\t\t\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\t\t\t\t\t\"The authorization URL to redirect the user to for linking the OAuth2 account\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tredirect: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"boolean\",\n\t\t\t\t\t\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\t\t\t\t\t\"Indicates that the client should redirect to the provided URL\",\n\t\t\t\t\t\t\t\t\t\t\t\tenum: [true],\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\trequired: [\"url\", \"redirect\"],\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (c: GenericEndpointContext) => {\n\t\t\tconst session = c.context.session;\n\t\t\tif (!session) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"UNAUTHORIZED\",\n\t\t\t\t\tGENERIC_OAUTH_ERROR_CODES.SESSION_REQUIRED,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst provider = options.config.find(\n\t\t\t\t(p) => p.providerId === c.body.providerId,\n\t\t\t);\n\t\t\tif (!provider) {\n\t\t\t\tthrow APIError.from(\"NOT_FOUND\", BASE_ERROR_CODES.PROVIDER_NOT_FOUND);\n\t\t\t}\n\t\t\tconst {\n\t\t\t\tproviderId,\n\t\t\t\tclientId,\n\t\t\t\tclientSecret,\n\t\t\t\tredirectURI,\n\t\t\t\tauthorizationUrl,\n\t\t\t\tdiscoveryUrl,\n\t\t\t\tpkce,\n\t\t\t\tscopes,\n\t\t\t\tprompt,\n\t\t\t\taccessType,\n\t\t\t\tauthorizationUrlParams,\n\t\t\t} = provider;\n\n\t\t\tlet finalAuthUrl = authorizationUrl;\n\t\t\tif (!finalAuthUrl) {\n\t\t\t\tif (!discoveryUrl) {\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\tGENERIC_OAUTH_ERROR_CODES.INVALID_OAUTH_CONFIGURATION,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t\tconst discovery = await betterFetch<{\n\t\t\t\t\tauthorization_endpoint: string;\n\t\t\t\t\ttoken_endpoint: string;\n\t\t\t\t}>(discoveryUrl, {\n\t\t\t\t\tmethod: \"GET\",\n\t\t\t\t\theaders: provider.discoveryHeaders,\n\t\t\t\t\tonError(context) {\n\t\t\t\t\t\tc.context.logger.error(context.error.message, context.error, {\n\t\t\t\t\t\t\tdiscoveryUrl,\n\t\t\t\t\t\t});\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t\tif (discovery.data) {\n\t\t\t\t\tfinalAuthUrl = discovery.data.authorization_endpoint;\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (!finalAuthUrl) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tGENERIC_OAUTH_ERROR_CODES.INVALID_OAUTH_CONFIGURATION,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst state = await generateState(\n\t\t\t\tc,\n\t\t\t\t{\n\t\t\t\t\tuserId: session.user.id,\n\t\t\t\t\temail: session.user.email,\n\t\t\t\t},\n\t\t\t\tundefined,\n\t\t\t);\n\n\t\t\tconst additionalParams =\n\t\t\t\ttypeof authorizationUrlParams === \"function\"\n\t\t\t\t\t? authorizationUrlParams(c)\n\t\t\t\t\t: authorizationUrlParams;\n\n\t\t\tconst url = await createAuthorizationURL({\n\t\t\t\tid: providerId,\n\t\t\t\toptions: {\n\t\t\t\t\tclientId,\n\t\t\t\t\tclientSecret,\n\t\t\t\t\tredirectURI:\n\t\t\t\t\t\tredirectURI || `${c.context.baseURL}/oauth2/callback/${providerId}`,\n\t\t\t\t},\n\t\t\t\tauthorizationEndpoint: finalAuthUrl,\n\t\t\t\tstate: state.state,\n\t\t\t\tcodeVerifier: pkce ? state.codeVerifier : undefined,\n\t\t\t\tscopes: c.body.scopes || scopes || [],\n\t\t\t\tredirectURI:\n\t\t\t\t\tredirectURI || `${c.context.baseURL}/oauth2/callback/${providerId}`,\n\t\t\t\tprompt,\n\t\t\t\taccessType,\n\t\t\t\tadditionalParams,\n\t\t\t});\n\n\t\t\treturn c.json({\n\t\t\t\turl: url.toString(),\n\t\t\t\tredirect: true,\n\t\t\t});\n\t\t},\n\t);\n\nexport async function getUserInfo(\n\ttokens: OAuth2Tokens,\n\tfinalUserInfoUrl: string | undefined,\n): Promise<OAuth2UserInfo | null> {\n\tif (tokens.idToken) {\n\t\tconst decoded = decodeJwt(tokens.idToken) as {\n\t\t\tsub: string;\n\t\t\temail_verified: boolean;\n\t\t\temail: string;\n\t\t\tname: string;\n\t\t\tpicture: string;\n\t\t};\n\t\tif (decoded) {\n\t\t\tif (decoded.sub && decoded.email) {\n\t\t\t\treturn {\n\t\t\t\t\tid: decoded.sub,\n\t\t\t\t\temailVerified: decoded.email_verified,\n\t\t\t\t\timage: decoded.picture,\n\t\t\t\t\t...decoded,\n\t\t\t\t};\n\t\t\t}\n\t\t}\n\t}\n\n\tif (!finalUserInfoUrl) {\n\t\treturn null;\n\t}\n\n\tconst userInfo = await betterFetch<{\n\t\temail: string;\n\t\tsub?: string | undefined;\n\t\tname: string;\n\t\temail_verified: boolean;\n\t\tpicture: string;\n\t}>(finalUserInfoUrl, {\n\t\tmethod: \"GET\",\n\t\theaders: {\n\t\t\tAuthorization: `Bearer ${tokens.accessToken}`,\n\t\t},\n\t});\n\treturn {\n\t\tid: userInfo.data?.sub ?? \"\",\n\t\temailVerified: userInfo.data?.email_verified ?? false,\n\t\temail: userInfo.data?.email,\n\t\timage: userInfo.data?.picture,\n\t\tname: userInfo.data?.name,\n\t\t...userInfo.data,\n\t};\n}\n"],"mappings":";;;;;;;;;;;;;;;;;AAqBA,MAAM,6BAA6B,EAAE,OAAO;CAC3C,YAAY,EAAE,QAAQ,CAAC,KAAK,EAC3B,aAAa,0CACb,CAAC;CACF,aAAa,EACX,QAAQ,CACR,KAAK,EACL,aAAa,wCACb,CAAC,CACD,UAAU;CACZ,kBAAkB,EAChB,QAAQ,CACR,KAAK,EACL,aAAa,6CACb,CAAC,CACD,UAAU;CACZ,oBAAoB,EAClB,QAAQ,CACR,KAAK,EACL,aACC,2EACD,CAAC,CACD,UAAU;CACZ,iBAAiB,EACf,SAAS,CACT,KAAK,EACL,aAAa,oBACb,CAAC,CACD,UAAU;CACZ,QAAQ,EACN,MAAM,EAAE,QAAQ,CAAC,CACjB,KAAK,EACL,aAAa,8DACb,CAAC,CACD,UAAU;CACZ,eAAe,EACb,SAAS,CACT,KAAK,EACL,aACC,sGACD,CAAC,CACD,UAAU;CAIZ,gBAAgB,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC,UAAU;CACxD,CAAC;;;;;;;;;;;;;;;;AAiBF,MAAa,oBAAoB,YAChC,mBACC,mBACA;CACC,QAAQ;CACR,MAAM;CACN,UAAU,EACT,SAAS;EACR,aAAa;EACb,WAAW,EACV,KAAK;GACJ,aAAa;GACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;IACP,MAAM;IACN,YAAY;KACX,KAAK,EACJ,MAAM,UACN;KACD,UAAU,EACT,MAAM,WACN;KACD;IACD,EACD,EACD;GACD,EACD;EACD,EACD;CACD,EACD,OAAO,QAAgC;CACtC,MAAM,EAAE,eAAe,IAAI;CAC3B,MAAM,SAAS,QAAQ,OAAO,MAAM,MAAM,EAAE,eAAe,WAAW;AACtE,KAAI,CAAC,OACJ,OAAMA,WAAS,WAAW,eAAe,EACxC,SAAS,GAAG,0BAA0B,0BAA0B,GAAG,cACnE,CAAC;CAEH,MAAM,EACL,cACA,kBACA,UACA,UACA,cACA,QACA,aACA,cACA,MACA,QACA,YACA,wBACA,iBACG;CACJ,IAAI,eAAe;CACnB,IAAI,gBAAgB;AACpB,KAAI,cAAc;EACjB,MAAM,YAAY,MAAM,YAGrB,cAAc;GAChB,QAAQ;GACR,SAAS,OAAO;GAChB,QAAQ,SAAS;AAChB,QAAI,QAAQ,OAAO,MAAM,QAAQ,MAAM,SAAS,QAAQ,OAAO,EAC9D,cACA,CAAC;;GAEH,CAAC;AACF,MAAI,UAAU,MAAM;AACnB,kBAAe,UAAU,KAAK;AAC9B,mBAAgB,UAAU,KAAK;;;AAGjC,KAAI,CAAC,gBAAgB,CAAC,cACrB,OAAMA,WAAS,KACd,eACA,0BAA0B,4BAC1B;AAEF,KAAI,wBAAwB;EAC3B,MAAM,uBAAuB,IAAI,IAAI,aAAa;AAClD,OAAK,MAAM,CAAC,WAAW,eAAe,OAAO,QAC5C,uBACA,CACA,sBAAqB,aAAa,IAAI,WAAW,WAAW;AAE7D,iBAAe,qBAAqB,UAAU;;CAE/C,MAAM,mBACL,OAAO,2BAA2B,aAC/B,uBAAuB,IAAI,GAC3B;CAEJ,MAAM,EAAE,OAAO,iBAAiB,MAAM,cACrC,KACA,QACA,IAAI,KAAK,eACT;CACD,MAAM,UAAU,MAAM,uBAAuB;EAC5C,IAAI;EACJ,SAAS;GACR;GACA;GACA;GACA;EACD,uBAAuB;EACvB;EACA,cAAc,OAAO,eAAe;EACpC,QAAQ,IAAI,KAAK,SACd,CAAC,GAAG,IAAI,KAAK,QAAQ,GAAI,UAAU,EAAE,CAAE,GACvC,UAAU,EAAE;EACf,aAAa,GAAG,IAAI,QAAQ,QAAQ,mBAAmB;EACvD;EACA;EACA;EACA;EACA;EACA,CAAC;AACF,QAAO,IAAI,KAAK;EACf,KAAK,QAAQ,UAAU;EACvB,UAAU,CAAC,IAAI,KAAK;EACpB,CAAC;EAEH;AAEF,MAAM,4BAA4B,EAAE,OAAO;CAC1C,MAAM,EACJ,QAAQ,CACR,KAAK,EACL,aAAa,mBACb,CAAC,CACD,UAAU;CACZ,OAAO,EACL,QAAQ,CACR,KAAK,EACL,aAAa,6BACb,CAAC,CACD,UAAU;CACZ,mBAAmB,EACjB,QAAQ,CACR,KAAK,EACL,aAAa,iCACb,CAAC,CACD,UAAU;CACZ,OAAO,EACL,QAAQ,CACR,KAAK,EACL,aAAa,+CACb,CAAC,CACD,UAAU;CACZ,CAAC;AAEF,MAAa,kBAAkB,YAC9B,mBACC,gCACA;CACC,QAAQ;CACR,OAAO;CACP,UAAU;EACT,GAAG;EACH,mBAAmB,CAClB,qCACA,mBACA;EACD,SAAS;GACR,aAAa;GACb,WAAW,EACV,KAAK;IACJ,aAAa;IACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;KACP,MAAM;KACN,YAAY,EACX,KAAK,EACJ,MAAM,UACN,EACD;KACD,EACD,EACD;IACD,EACD;GACD;EACD;CACD,EACD,OAAO,QAAgC;CACtC,MAAM,kBACL,IAAI,QAAQ,QAAQ,YAAY,YAChC,GAAG,IAAI,QAAQ,QAAQ;AACxB,KAAI,IAAI,MAAM,SAAS,CAAC,IAAI,MAAM,KACjC,OAAM,IAAI,SACT,GAAG,gBAAgB,SAClB,IAAI,MAAM,SAAS,qBACnB,qBAAqB,IAAI,MAAM,oBAChC;CAEF,MAAM,aAAa,IAAI,QAAQ;AAC/B,KAAI,CAAC,WACJ,OAAMA,WAAS,KACd,eACA,0BAA0B,qBAC1B;CAEF,MAAM,iBAAiB,QAAQ,OAAO,MACpC,MAAM,EAAE,eAAe,WACxB;AAED,KAAI,CAAC,eACJ,OAAMA,WAAS,WAAW,eAAe,EACxC,SAAS,GAAG,0BAA0B,0BAA0B,GAAG,cACnE,CAAC;CAGH,IAAI,SAAmC;CAEvC,MAAM,EACL,aACA,cACA,UACA,eACA,YACA,SAPmB,MAAM,WAAW,IAAI;CASzC,MAAM,OAAO,IAAI,MAAM;CAEvB,SAAS,gBAAgB,OAAe;EACvC,MAAM,kBACL,IAAI,QAAQ,QAAQ,YAAY,YAChC,GAAG,IAAI,QAAQ,QAAQ;EACxB,IAAI,MAAM,YAAY;AACtB,MAAI,IAAI,SAAS,IAAI,CACpB,OAAM,GAAG,IAAI,SAAS;MAEtB,OAAM,GAAG,IAAI,SAAS;AAEvB,QAAM,IAAI,SAAS,IAAI;;CAGxB,IAAI,gBAAgB,eAAe;CACnC,IAAI,mBAAmB,eAAe;AACtC,KAAI,eAAe,cAAc;EAChC,MAAM,YAAY,MAAM,YAGrB,eAAe,cAAc;GAC/B,QAAQ;GACR,SAAS,eAAe;GACxB,CAAC;AACF,MAAI,UAAU,MAAM;AACnB,mBAAgB,UAAU,KAAK;AAC/B,sBAAmB,UAAU,KAAK;;;AAGpC,KAAI;AAEH,MAAI,eAAe,SAClB,UAAS,MAAM,eAAe,SAAS;GACtC;GACA,aAAa,GAAG,IAAI,QAAQ,QAAQ,mBAAmB,eAAe;GACtE,cAAc,eAAe,OAAO,eAAe;GACnD,CAAC;OACI;AAEN,OAAI,CAAC,cACJ,OAAMA,WAAS,KACd,eACA,0BAA0B,qBAC1B;GAEF,MAAM,mBACL,OAAO,eAAe,mBAAmB,aACtC,eAAe,eAAe,IAAI,GAClC,eAAe;AACnB,YAAS,MAAM,0BAA0B;IACxC,SAAS,eAAe;IACxB;IACA,cAAc,eAAe,OAAO,eAAe;IACnD,aAAa,GAAG,IAAI,QAAQ,QAAQ,mBAAmB,eAAe;IACtE,SAAS;KACR,UAAU,eAAe;KACzB,cAAc,eAAe;KAC7B,aAAa,eAAe;KAC5B;IACD,eAAe;IACf,gBAAgB,eAAe;IAC/B;IACA,CAAC;;UAEK,GAAG;AACX,MAAI,QAAQ,OAAO,MAClB,KAAK,OAAO,MAAM,YAAY,UAAU,IAAK,EAAE,OAAkB,IACjE,EACA;AACD,QAAM,gBAAgB,iCAAiC;;AAExD,KAAI,CAAC,OACJ,OAAMA,WAAS,KACd,eACA,0BAA0B,qBAC1B;CAEF,MAAM,WACL,OAAO,eAAe,iBAAiB;EACtC,MAAM,WACL,eAAe,cACZ,MAAM,eAAe,YAAY,OAAO,GACxC,MAAM,YAAY,QAAQ,iBAAiB;AAE/C,MAAI,CAAC,SACJ,OAAM,gBAAgB,uBAAuB;EAE9C,MAAM,UAAU,eAAe,mBAC5B,MAAM,eAAe,iBAAiB,SAAS,GAC/C;EACH,MAAM,QAAQ,QAAQ,QACnB,QAAQ,MAAM,aAAa,GAC3B,SAAS,OAAO,aAAa;AAChC,MAAI,CAAC,OAAO;AACX,OAAI,QAAQ,OAAO,MAAM,2BAA2B,SAAS;AAC7D,SAAM,gBAAgB,mBAAmB;;EAE1C,MAAM,KAAK,QAAQ,KAAK,OAAO,QAAQ,GAAG,GAAG,OAAO,SAAS,GAAG;EAChE,MAAM,OAAO,QAAQ,OAAO,QAAQ,OAAO,SAAS;AACpD,MAAI,CAAC,MAAM;AACV,OAAI,QAAQ,OAAO,MAAM,2BAA2B,SAAS;AAC7D,SAAM,gBAAgB,kBAAkB;;AAEzC,SAAO;GACN,GAAG;GACH,GAAG;GACH;GACA;GACA;GACA;KACE;AACL,KAAI,MAAM;AACT,MACC,IAAI,QAAQ,QAAQ,SAAS,gBAAgB,yBAC5C,QACD,KAAK,UAAU,SAAS,MAExB,QAAO,gBAAgB,sBAAsB;EAE9C,MAAM,kBACL,MAAM,IAAI,QAAQ,gBAAgB,wBACjC,OAAO,SAAS,GAAG,EACnB,eAAe,WACf;AACF,MAAI,iBAAiB;AACpB,OAAI,gBAAgB,WAAW,KAAK,OACnC,QAAO,gBAAgB,2CAA2C;GAEnE,MAAM,aAAa,OAAO,YACzB,OAAO,QAAQ;IACd,aAAa,MAAM,aAAa,OAAO,aAAa,IAAI,QAAQ;IAChE,SAAS,OAAO;IAChB,cAAc,MAAM,aACnB,OAAO,cACP,IAAI,QACJ;IACD,sBAAsB,OAAO;IAC7B,uBAAuB,OAAO;IAC9B,OAAO,OAAO,QAAQ,KAAK,IAAI;IAC/B,CAAC,CAAC,QAAQ,CAAC,GAAG,WAAW,UAAU,OAAU,CAC9C;AACD,SAAM,IAAI,QAAQ,gBAAgB,cACjC,gBAAgB,IAChB,WACA;aAaG,CAXe,MAAM,IAAI,QAAQ,gBAAgB,cAAc;GAClE,QAAQ,KAAK;GACb,YAAY,eAAe;GAC3B,WAAW,SAAS;GACpB,aAAa,MAAM,aAAa,OAAO,aAAa,IAAI,QAAQ;GAChE,sBAAsB,OAAO;GAC7B,uBAAuB,OAAO;GAC9B,OAAO,OAAO,QAAQ,KAAK,IAAI;GAC/B,cAAc,MAAM,aAAa,OAAO,cAAc,IAAI,QAAQ;GAClE,SAAS,OAAO;GAChB,CAAC,CAED,QAAO,gBAAgB,yBAAyB;EAGlD,IAAI;AACJ,MAAI;AAEH,kBADY,YACO,UAAU;UACtB;AACP,kBAAe;;AAEhB,QAAM,IAAI,SAAS,aAAa;;CAGjC,MAAM,SAAS,MAAM,oBAAoB,KAAK;EAC7C;EACA,SAAS;GACR,YAAY,eAAe;GAC3B,WAAW,SAAS;GACpB,GAAG;GACH,OAAO,OAAO,QAAQ,KAAK,IAAI;GAC/B;EACY;EACb,eACE,eAAe,yBAAyB,CAAC,iBAC1C,eAAe;EAChB,kBAAkB,eAAe;EACjC,CAAC;AAEF,KAAI,OAAO,MACV,QAAO,gBAAgB,OAAO,MAAM,MAAM,IAAI,CAAC,KAAK,IAAI,CAAC;CAE1D,MAAM,EAAE,SAAS,SAAS,OAAO;AACjC,OAAM,iBAAiB,KAAK;EAC3B;EACA;EACA,CAAC;CACF,IAAI;AACJ,KAAI;AAEH,kBADY,OAAO,aAAa,cAAc,cAAc,aACzC,UAAU;SACtB;AACP,iBAAe,OAAO,aACnB,cAAc,cACd;;AAEJ,OAAM,IAAI,SAAS,aAAa;EAEjC;AAEF,MAAM,8BAA8B,EAAE,OAAO;CAC5C,YAAY,EAAE,QAAQ;CAItB,aAAa,EAAE,QAAQ;CAMvB,QAAQ,EACN,MAAM,EAAE,QAAQ,CAAC,CACjB,KAAK,EACL,aAAa,yDACb,CAAC,CACD,UAAU;CAIZ,kBAAkB,EAChB,QAAQ,CACR,KAAK,EACL,aACC,uEACD,CAAC,CACD,UAAU;CACZ,CAAC;;;;;;;;;;;;;;;;AAgBF,MAAa,qBAAqB,YACjC,mBACC,gBACA;CACC,QAAQ;CACR,MAAM;CACN,KAAK,CAAC,kBAAkB;CACxB,UAAU,EACT,SAAS;EACR,aAAa;EACb,WAAW,EACV,OAAO;GACN,aACC;GACD,SAAS,EACR,oBAAoB,EACnB,QAAQ;IACP,MAAM;IACN,YAAY;KACX,KAAK;MACJ,MAAM;MACN,QAAQ;MACR,aACC;MACD;KACD,UAAU;MACT,MAAM;MACN,aACC;MACD,MAAM,CAAC,KAAK;MACZ;KACD;IACD,UAAU,CAAC,OAAO,WAAW;IAC7B,EACD,EACD;GACD,EACD;EACD,EACD;CACD,EACD,OAAO,MAA8B;CACpC,MAAM,UAAU,EAAE,QAAQ;AAC1B,KAAI,CAAC,QACJ,OAAMA,WAAS,KACd,gBACA,0BAA0B,iBAC1B;CAEF,MAAM,WAAW,QAAQ,OAAO,MAC9B,MAAM,EAAE,eAAe,EAAE,KAAK,WAC/B;AACD,KAAI,CAAC,SACJ,OAAMA,WAAS,KAAK,aAAa,iBAAiB,mBAAmB;CAEtE,MAAM,EACL,YACA,UACA,cACA,aACA,kBACA,cACA,MACA,QACA,QACA,YACA,2BACG;CAEJ,IAAI,eAAe;AACnB,KAAI,CAAC,cAAc;AAClB,MAAI,CAAC,aACJ,OAAMA,WAAS,KACd,eACA,0BAA0B,4BAC1B;EAEF,MAAM,YAAY,MAAM,YAGrB,cAAc;GAChB,QAAQ;GACR,SAAS,SAAS;GAClB,QAAQ,SAAS;AAChB,MAAE,QAAQ,OAAO,MAAM,QAAQ,MAAM,SAAS,QAAQ,OAAO,EAC5D,cACA,CAAC;;GAEH,CAAC;AACF,MAAI,UAAU,KACb,gBAAe,UAAU,KAAK;;AAIhC,KAAI,CAAC,aACJ,OAAMA,WAAS,KACd,eACA,0BAA0B,4BAC1B;CAGF,MAAM,QAAQ,MAAM,cACnB,GACA;EACC,QAAQ,QAAQ,KAAK;EACrB,OAAO,QAAQ,KAAK;EACpB,EACD,OACA;CAED,MAAM,mBACL,OAAO,2BAA2B,aAC/B,uBAAuB,EAAE,GACzB;CAEJ,MAAM,MAAM,MAAM,uBAAuB;EACxC,IAAI;EACJ,SAAS;GACR;GACA;GACA,aACC,eAAe,GAAG,EAAE,QAAQ,QAAQ,mBAAmB;GACxD;EACD,uBAAuB;EACvB,OAAO,MAAM;EACb,cAAc,OAAO,MAAM,eAAe;EAC1C,QAAQ,EAAE,KAAK,UAAU,UAAU,EAAE;EACrC,aACC,eAAe,GAAG,EAAE,QAAQ,QAAQ,mBAAmB;EACxD;EACA;EACA;EACA,CAAC;AAEF,QAAO,EAAE,KAAK;EACb,KAAK,IAAI,UAAU;EACnB,UAAU;EACV,CAAC;EAEH;AAEF,eAAsB,YACrB,QACA,kBACiC;AACjC,KAAI,OAAO,SAAS;EACnB,MAAM,UAAU,UAAU,OAAO,QAAQ;AAOzC,MAAI,SACH;OAAI,QAAQ,OAAO,QAAQ,MAC1B,QAAO;IACN,IAAI,QAAQ;IACZ,eAAe,QAAQ;IACvB,OAAO,QAAQ;IACf,GAAG;IACH;;;AAKJ,KAAI,CAAC,iBACJ,QAAO;CAGR,MAAM,WAAW,MAAM,YAMpB,kBAAkB;EACpB,QAAQ;EACR,SAAS,EACR,eAAe,UAAU,OAAO,eAChC;EACD,CAAC;AACF,QAAO;EACN,IAAI,SAAS,MAAM,OAAO;EAC1B,eAAe,SAAS,MAAM,kBAAkB;EAChD,OAAO,SAAS,MAAM;EACtB,OAAO,SAAS,MAAM;EACtB,MAAM,SAAS,MAAM;EACrB,GAAG,SAAS;EACZ"}
|