npm - @hammadj/better-auth - Versions diffs - 1.5.0-beta.9 - Mend

@hammadj/better-auth 1.5.0-beta.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (688) hide show

package/LICENSE.md +20 -0
package/README.md +33 -0
package/dist/_virtual/rolldown_runtime.mjs +36 -0
package/dist/adapters/drizzle-adapter/index.d.mts +1 -0
package/dist/adapters/drizzle-adapter/index.mjs +3 -0
package/dist/adapters/index.d.mts +23 -0
package/dist/adapters/index.mjs +13 -0
package/dist/adapters/index.mjs.map +1 -0
package/dist/adapters/kysely-adapter/index.d.mts +1 -0
package/dist/adapters/kysely-adapter/index.mjs +3 -0
package/dist/adapters/memory-adapter/index.d.mts +1 -0
package/dist/adapters/memory-adapter/index.mjs +3 -0
package/dist/adapters/mongodb-adapter/index.d.mts +1 -0
package/dist/adapters/mongodb-adapter/index.mjs +3 -0
package/dist/adapters/prisma-adapter/index.d.mts +1 -0
package/dist/adapters/prisma-adapter/index.mjs +3 -0
package/dist/api/index.d.mts +40 -0
package/dist/api/index.mjs +205 -0
package/dist/api/index.mjs.map +1 -0
package/dist/api/middlewares/index.d.mts +1 -0
package/dist/api/middlewares/index.mjs +3 -0
package/dist/api/middlewares/origin-check.d.mts +17 -0
package/dist/api/middlewares/origin-check.mjs +140 -0
package/dist/api/middlewares/origin-check.mjs.map +1 -0
package/dist/api/rate-limiter/index.mjs +177 -0
package/dist/api/rate-limiter/index.mjs.map +1 -0
package/dist/api/routes/account.d.mts +10 -0
package/dist/api/routes/account.mjs +493 -0
package/dist/api/routes/account.mjs.map +1 -0
package/dist/api/routes/callback.d.mts +5 -0
package/dist/api/routes/callback.mjs +178 -0
package/dist/api/routes/callback.mjs.map +1 -0
package/dist/api/routes/email-verification.d.mts +29 -0
package/dist/api/routes/email-verification.mjs +301 -0
package/dist/api/routes/email-verification.mjs.map +1 -0
package/dist/api/routes/error.d.mts +5 -0
package/dist/api/routes/error.mjs +386 -0
package/dist/api/routes/error.mjs.map +1 -0
package/dist/api/routes/index.d.mts +11 -0
package/dist/api/routes/index.mjs +13 -0
package/dist/api/routes/ok.d.mts +5 -0
package/dist/api/routes/ok.mjs +30 -0
package/dist/api/routes/ok.mjs.map +1 -0
package/dist/api/routes/password.d.mts +8 -0
package/dist/api/routes/password.mjs +198 -0
package/dist/api/routes/password.mjs.map +1 -0
package/dist/api/routes/session.d.mts +52 -0
package/dist/api/routes/session.mjs +478 -0
package/dist/api/routes/session.mjs.map +1 -0
package/dist/api/routes/sign-in.d.mts +8 -0
package/dist/api/routes/sign-in.mjs +262 -0
package/dist/api/routes/sign-in.mjs.map +1 -0
package/dist/api/routes/sign-out.d.mts +5 -0
package/dist/api/routes/sign-out.mjs +33 -0
package/dist/api/routes/sign-out.mjs.map +1 -0
package/dist/api/routes/sign-up.d.mts +7 -0
package/dist/api/routes/sign-up.mjs +227 -0
package/dist/api/routes/sign-up.mjs.map +1 -0
package/dist/api/routes/update-user.d.mts +12 -0
package/dist/api/routes/update-user.mjs +493 -0
package/dist/api/routes/update-user.mjs.map +1 -0
package/dist/api/state/oauth.d.mts +5 -0
package/dist/api/state/oauth.mjs +8 -0
package/dist/api/state/oauth.mjs.map +1 -0
package/dist/api/state/should-session-refresh.d.mts +13 -0
package/dist/api/state/should-session-refresh.mjs +16 -0
package/dist/api/state/should-session-refresh.mjs.map +1 -0
package/dist/api/to-auth-endpoints.mjs +197 -0
package/dist/api/to-auth-endpoints.mjs.map +1 -0
package/dist/auth/base.mjs +44 -0
package/dist/auth/base.mjs.map +1 -0
package/dist/auth/full.d.mts +30 -0
package/dist/auth/full.mjs +32 -0
package/dist/auth/full.mjs.map +1 -0
package/dist/auth/minimal.d.mts +12 -0
package/dist/auth/minimal.mjs +14 -0
package/dist/auth/minimal.mjs.map +1 -0
package/dist/auth/trusted-origins.mjs +31 -0
package/dist/auth/trusted-origins.mjs.map +1 -0
package/dist/client/broadcast-channel.d.mts +20 -0
package/dist/client/broadcast-channel.mjs +46 -0
package/dist/client/broadcast-channel.mjs.map +1 -0
package/dist/client/config.mjs +90 -0
package/dist/client/config.mjs.map +1 -0
package/dist/client/fetch-plugins.mjs +18 -0
package/dist/client/fetch-plugins.mjs.map +1 -0
package/dist/client/focus-manager.d.mts +11 -0
package/dist/client/focus-manager.mjs +32 -0
package/dist/client/focus-manager.mjs.map +1 -0
package/dist/client/index.d.mts +30 -0
package/dist/client/index.mjs +21 -0
package/dist/client/index.mjs.map +1 -0
package/dist/client/lynx/index.d.mts +62 -0
package/dist/client/lynx/index.mjs +24 -0
package/dist/client/lynx/index.mjs.map +1 -0
package/dist/client/lynx/lynx-store.d.mts +47 -0
package/dist/client/lynx/lynx-store.mjs +47 -0
package/dist/client/lynx/lynx-store.mjs.map +1 -0
package/dist/client/online-manager.d.mts +12 -0
package/dist/client/online-manager.mjs +35 -0
package/dist/client/online-manager.mjs.map +1 -0
package/dist/client/parser.mjs +73 -0
package/dist/client/parser.mjs.map +1 -0
package/dist/client/path-to-object.d.mts +57 -0
package/dist/client/plugins/index.d.mts +58 -0
package/dist/client/plugins/index.mjs +33 -0
package/dist/client/plugins/infer-plugin.d.mts +9 -0
package/dist/client/plugins/infer-plugin.mjs +11 -0
package/dist/client/plugins/infer-plugin.mjs.map +1 -0
package/dist/client/proxy.mjs +79 -0
package/dist/client/proxy.mjs.map +1 -0
package/dist/client/query.d.mts +23 -0
package/dist/client/query.mjs +98 -0
package/dist/client/query.mjs.map +1 -0
package/dist/client/react/index.d.mts +63 -0
package/dist/client/react/index.mjs +24 -0
package/dist/client/react/index.mjs.map +1 -0
package/dist/client/react/react-store.d.mts +47 -0
package/dist/client/react/react-store.mjs +47 -0
package/dist/client/react/react-store.mjs.map +1 -0
package/dist/client/session-atom.mjs +29 -0
package/dist/client/session-atom.mjs.map +1 -0
package/dist/client/session-refresh.d.mts +28 -0
package/dist/client/session-refresh.mjs +140 -0
package/dist/client/session-refresh.mjs.map +1 -0
package/dist/client/solid/index.d.mts +57 -0
package/dist/client/solid/index.mjs +22 -0
package/dist/client/solid/index.mjs.map +1 -0
package/dist/client/solid/solid-store.mjs +24 -0
package/dist/client/solid/solid-store.mjs.map +1 -0
package/dist/client/svelte/index.d.mts +63 -0
package/dist/client/svelte/index.mjs +20 -0
package/dist/client/svelte/index.mjs.map +1 -0
package/dist/client/types.d.mts +58 -0
package/dist/client/vanilla.d.mts +62 -0
package/dist/client/vanilla.mjs +20 -0
package/dist/client/vanilla.mjs.map +1 -0
package/dist/client/vue/index.d.mts +86 -0
package/dist/client/vue/index.mjs +38 -0
package/dist/client/vue/index.mjs.map +1 -0
package/dist/client/vue/vue-store.mjs +26 -0
package/dist/client/vue/vue-store.mjs.map +1 -0
package/dist/context/create-context.mjs +211 -0
package/dist/context/create-context.mjs.map +1 -0
package/dist/context/helpers.mjs +62 -0
package/dist/context/helpers.mjs.map +1 -0
package/dist/context/init-minimal.mjs +20 -0
package/dist/context/init-minimal.mjs.map +1 -0
package/dist/context/init.mjs +22 -0
package/dist/context/init.mjs.map +1 -0
package/dist/cookies/cookie-utils.d.mts +29 -0
package/dist/cookies/cookie-utils.mjs +105 -0
package/dist/cookies/cookie-utils.mjs.map +1 -0
package/dist/cookies/index.d.mts +67 -0
package/dist/cookies/index.mjs +264 -0
package/dist/cookies/index.mjs.map +1 -0
package/dist/cookies/session-store.d.mts +36 -0
package/dist/cookies/session-store.mjs +200 -0
package/dist/cookies/session-store.mjs.map +1 -0
package/dist/crypto/buffer.d.mts +8 -0
package/dist/crypto/buffer.mjs +18 -0
package/dist/crypto/buffer.mjs.map +1 -0
package/dist/crypto/index.d.mts +27 -0
package/dist/crypto/index.mjs +38 -0
package/dist/crypto/index.mjs.map +1 -0
package/dist/crypto/jwt.d.mts +8 -0
package/dist/crypto/jwt.mjs +95 -0
package/dist/crypto/jwt.mjs.map +1 -0
package/dist/crypto/password.d.mts +12 -0
package/dist/crypto/password.mjs +36 -0
package/dist/crypto/password.mjs.map +1 -0
package/dist/crypto/random.d.mts +5 -0
package/dist/crypto/random.mjs +8 -0
package/dist/crypto/random.mjs.map +1 -0
package/dist/db/adapter-base.d.mts +8 -0
package/dist/db/adapter-base.mjs +28 -0
package/dist/db/adapter-base.mjs.map +1 -0
package/dist/db/adapter-kysely.d.mts +8 -0
package/dist/db/adapter-kysely.mjs +21 -0
package/dist/db/adapter-kysely.mjs.map +1 -0
package/dist/db/field-converter.d.mts +8 -0
package/dist/db/field-converter.mjs +21 -0
package/dist/db/field-converter.mjs.map +1 -0
package/dist/db/field.d.mts +55 -0
package/dist/db/field.mjs +11 -0
package/dist/db/field.mjs.map +1 -0
package/dist/db/get-migration.d.mts +23 -0
package/dist/db/get-migration.mjs +339 -0
package/dist/db/get-migration.mjs.map +1 -0
package/dist/db/get-schema.d.mts +11 -0
package/dist/db/get-schema.mjs +39 -0
package/dist/db/get-schema.mjs.map +1 -0
package/dist/db/index.d.mts +9 -0
package/dist/db/index.mjs +36 -0
package/dist/db/index.mjs.map +1 -0
package/dist/db/internal-adapter.d.mts +14 -0
package/dist/db/internal-adapter.mjs +616 -0
package/dist/db/internal-adapter.mjs.map +1 -0
package/dist/db/schema.d.mts +26 -0
package/dist/db/schema.mjs +118 -0
package/dist/db/schema.mjs.map +1 -0
package/dist/db/to-zod.d.mts +36 -0
package/dist/db/to-zod.mjs +26 -0
package/dist/db/to-zod.mjs.map +1 -0
package/dist/db/verification-token-storage.mjs +28 -0
package/dist/db/verification-token-storage.mjs.map +1 -0
package/dist/db/with-hooks.d.mts +33 -0
package/dist/db/with-hooks.mjs +159 -0
package/dist/db/with-hooks.mjs.map +1 -0
package/dist/index.d.mts +52 -0
package/dist/index.mjs +26 -0
package/dist/integrations/next-js.d.mts +14 -0
package/dist/integrations/next-js.mjs +78 -0
package/dist/integrations/next-js.mjs.map +1 -0
package/dist/integrations/node.d.mts +13 -0
package/dist/integrations/node.mjs +16 -0
package/dist/integrations/node.mjs.map +1 -0
package/dist/integrations/solid-start.d.mts +23 -0
package/dist/integrations/solid-start.mjs +17 -0
package/dist/integrations/solid-start.mjs.map +1 -0
package/dist/integrations/svelte-kit.d.mts +29 -0
package/dist/integrations/svelte-kit.mjs +57 -0
package/dist/integrations/svelte-kit.mjs.map +1 -0
package/dist/integrations/tanstack-start-solid.d.mts +22 -0
package/dist/integrations/tanstack-start-solid.mjs +61 -0
package/dist/integrations/tanstack-start-solid.mjs.map +1 -0
package/dist/integrations/tanstack-start.d.mts +22 -0
package/dist/integrations/tanstack-start.mjs +61 -0
package/dist/integrations/tanstack-start.mjs.map +1 -0
package/dist/oauth2/index.d.mts +5 -0
package/dist/oauth2/index.mjs +7 -0
package/dist/oauth2/link-account.d.mts +31 -0
package/dist/oauth2/link-account.mjs +144 -0
package/dist/oauth2/link-account.mjs.map +1 -0
package/dist/oauth2/state.d.mts +26 -0
package/dist/oauth2/state.mjs +51 -0
package/dist/oauth2/state.mjs.map +1 -0
package/dist/oauth2/utils.d.mts +8 -0
package/dist/oauth2/utils.mjs +31 -0
package/dist/oauth2/utils.mjs.map +1 -0
package/dist/plugins/access/access.d.mts +30 -0
package/dist/plugins/access/access.mjs +46 -0
package/dist/plugins/access/access.mjs.map +1 -0
package/dist/plugins/access/index.d.mts +3 -0
package/dist/plugins/access/index.mjs +3 -0
package/dist/plugins/access/types.d.mts +17 -0
package/dist/plugins/additional-fields/client.d.mts +14 -0
package/dist/plugins/additional-fields/client.mjs +11 -0
package/dist/plugins/additional-fields/client.mjs.map +1 -0
package/dist/plugins/admin/access/index.d.mts +2 -0
package/dist/plugins/admin/access/index.mjs +3 -0
package/dist/plugins/admin/access/statement.d.mts +118 -0
package/dist/plugins/admin/access/statement.mjs +53 -0
package/dist/plugins/admin/access/statement.mjs.map +1 -0
package/dist/plugins/admin/admin.d.mts +14 -0
package/dist/plugins/admin/admin.mjs +95 -0
package/dist/plugins/admin/admin.mjs.map +1 -0
package/dist/plugins/admin/client.d.mts +14 -0
package/dist/plugins/admin/client.mjs +36 -0
package/dist/plugins/admin/client.mjs.map +1 -0
package/dist/plugins/admin/error-codes.d.mts +5 -0
package/dist/plugins/admin/error-codes.mjs +30 -0
package/dist/plugins/admin/error-codes.mjs.map +1 -0
package/dist/plugins/admin/has-permission.mjs +16 -0
package/dist/plugins/admin/has-permission.mjs.map +1 -0
package/dist/plugins/admin/index.d.mts +3 -0
package/dist/plugins/admin/index.mjs +3 -0
package/dist/plugins/admin/routes.mjs +855 -0
package/dist/plugins/admin/routes.mjs.map +1 -0
package/dist/plugins/admin/schema.d.mts +6 -0
package/dist/plugins/admin/schema.mjs +34 -0
package/dist/plugins/admin/schema.mjs.map +1 -0
package/dist/plugins/admin/types.d.mts +89 -0
package/dist/plugins/anonymous/client.d.mts +9 -0
package/dist/plugins/anonymous/client.mjs +22 -0
package/dist/plugins/anonymous/client.mjs.map +1 -0
package/dist/plugins/anonymous/error-codes.d.mts +5 -0
package/dist/plugins/anonymous/error-codes.mjs +16 -0
package/dist/plugins/anonymous/error-codes.mjs.map +1 -0
package/dist/plugins/anonymous/index.d.mts +14 -0
package/dist/plugins/anonymous/index.mjs +163 -0
package/dist/plugins/anonymous/index.mjs.map +1 -0
package/dist/plugins/anonymous/schema.d.mts +5 -0
package/dist/plugins/anonymous/schema.mjs +11 -0
package/dist/plugins/anonymous/schema.mjs.map +1 -0
package/dist/plugins/anonymous/types.d.mts +68 -0
package/dist/plugins/api-key/adapter.mjs +468 -0
package/dist/plugins/api-key/adapter.mjs.map +1 -0
package/dist/plugins/api-key/client.d.mts +9 -0
package/dist/plugins/api-key/client.mjs +19 -0
package/dist/plugins/api-key/client.mjs.map +1 -0
package/dist/plugins/api-key/error-codes.d.mts +5 -0
package/dist/plugins/api-key/error-codes.mjs +34 -0
package/dist/plugins/api-key/error-codes.mjs.map +1 -0
package/dist/plugins/api-key/index.d.mts +17 -0
package/dist/plugins/api-key/index.mjs +134 -0
package/dist/plugins/api-key/index.mjs.map +1 -0
package/dist/plugins/api-key/rate-limit.mjs +74 -0
package/dist/plugins/api-key/rate-limit.mjs.map +1 -0
package/dist/plugins/api-key/routes/create-api-key.mjs +252 -0
package/dist/plugins/api-key/routes/create-api-key.mjs.map +1 -0
package/dist/plugins/api-key/routes/delete-all-expired-api-keys.mjs +24 -0
package/dist/plugins/api-key/routes/delete-all-expired-api-keys.mjs.map +1 -0
package/dist/plugins/api-key/routes/delete-api-key.mjs +74 -0
package/dist/plugins/api-key/routes/delete-api-key.mjs.map +1 -0
package/dist/plugins/api-key/routes/get-api-key.mjs +158 -0
package/dist/plugins/api-key/routes/get-api-key.mjs.map +1 -0
package/dist/plugins/api-key/routes/index.mjs +71 -0
package/dist/plugins/api-key/routes/index.mjs.map +1 -0
package/dist/plugins/api-key/routes/list-api-keys.mjs +194 -0
package/dist/plugins/api-key/routes/list-api-keys.mjs.map +1 -0
package/dist/plugins/api-key/routes/update-api-key.mjs +248 -0
package/dist/plugins/api-key/routes/update-api-key.mjs.map +1 -0
package/dist/plugins/api-key/routes/verify-api-key.mjs +223 -0
package/dist/plugins/api-key/routes/verify-api-key.mjs.map +1 -0
package/dist/plugins/api-key/schema.d.mts +11 -0
package/dist/plugins/api-key/schema.mjs +130 -0
package/dist/plugins/api-key/schema.mjs.map +1 -0
package/dist/plugins/api-key/types.d.mts +346 -0
package/dist/plugins/bearer/index.d.mts +25 -0
package/dist/plugins/bearer/index.mjs +66 -0
package/dist/plugins/bearer/index.mjs.map +1 -0
package/dist/plugins/captcha/constants.d.mts +10 -0
package/dist/plugins/captcha/constants.mjs +22 -0
package/dist/plugins/captcha/constants.mjs.map +1 -0
package/dist/plugins/captcha/error-codes.mjs +16 -0
package/dist/plugins/captcha/error-codes.mjs.map +1 -0
package/dist/plugins/captcha/index.d.mts +14 -0
package/dist/plugins/captcha/index.mjs +60 -0
package/dist/plugins/captcha/index.mjs.map +1 -0
package/dist/plugins/captcha/types.d.mts +28 -0
package/dist/plugins/captcha/utils.mjs +11 -0
package/dist/plugins/captcha/utils.mjs.map +1 -0
package/dist/plugins/captcha/verify-handlers/captchafox.mjs +27 -0
package/dist/plugins/captcha/verify-handlers/captchafox.mjs.map +1 -0
package/dist/plugins/captcha/verify-handlers/cloudflare-turnstile.mjs +25 -0
package/dist/plugins/captcha/verify-handlers/cloudflare-turnstile.mjs.map +1 -0
package/dist/plugins/captcha/verify-handlers/google-recaptcha.mjs +29 -0
package/dist/plugins/captcha/verify-handlers/google-recaptcha.mjs.map +1 -0
package/dist/plugins/captcha/verify-handlers/h-captcha.mjs +27 -0
package/dist/plugins/captcha/verify-handlers/h-captcha.mjs.map +1 -0
package/dist/plugins/captcha/verify-handlers/index.mjs +6 -0
package/dist/plugins/custom-session/client.d.mts +10 -0
package/dist/plugins/custom-session/client.mjs +11 -0
package/dist/plugins/custom-session/client.mjs.map +1 -0
package/dist/plugins/custom-session/index.d.mts +26 -0
package/dist/plugins/custom-session/index.mjs +70 -0
package/dist/plugins/custom-session/index.mjs.map +1 -0
package/dist/plugins/device-authorization/client.d.mts +5 -0
package/dist/plugins/device-authorization/client.mjs +18 -0
package/dist/plugins/device-authorization/client.mjs.map +1 -0
package/dist/plugins/device-authorization/error-codes.mjs +21 -0
package/dist/plugins/device-authorization/error-codes.mjs.map +1 -0
package/dist/plugins/device-authorization/index.d.mts +28 -0
package/dist/plugins/device-authorization/index.mjs +50 -0
package/dist/plugins/device-authorization/index.mjs.map +1 -0
package/dist/plugins/device-authorization/routes.mjs +510 -0
package/dist/plugins/device-authorization/routes.mjs.map +1 -0
package/dist/plugins/device-authorization/schema.mjs +57 -0
package/dist/plugins/device-authorization/schema.mjs.map +1 -0
package/dist/plugins/email-otp/client.d.mts +7 -0
package/dist/plugins/email-otp/client.mjs +18 -0
package/dist/plugins/email-otp/client.mjs.map +1 -0
package/dist/plugins/email-otp/error-codes.d.mts +5 -0
package/dist/plugins/email-otp/error-codes.mjs +12 -0
package/dist/plugins/email-otp/error-codes.mjs.map +1 -0
package/dist/plugins/email-otp/index.d.mts +14 -0
package/dist/plugins/email-otp/index.mjs +108 -0
package/dist/plugins/email-otp/index.mjs.map +1 -0
package/dist/plugins/email-otp/otp-token.mjs +29 -0
package/dist/plugins/email-otp/otp-token.mjs.map +1 -0
package/dist/plugins/email-otp/routes.mjs +564 -0
package/dist/plugins/email-otp/routes.mjs.map +1 -0
package/dist/plugins/email-otp/types.d.mts +74 -0
package/dist/plugins/email-otp/utils.mjs +17 -0
package/dist/plugins/email-otp/utils.mjs.map +1 -0
package/dist/plugins/generic-oauth/client.d.mts +19 -0
package/dist/plugins/generic-oauth/client.mjs +14 -0
package/dist/plugins/generic-oauth/client.mjs.map +1 -0
package/dist/plugins/generic-oauth/error-codes.d.mts +5 -0
package/dist/plugins/generic-oauth/error-codes.mjs +15 -0
package/dist/plugins/generic-oauth/error-codes.mjs.map +1 -0
package/dist/plugins/generic-oauth/index.d.mts +34 -0
package/dist/plugins/generic-oauth/index.mjs +137 -0
package/dist/plugins/generic-oauth/index.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/auth0.d.mts +37 -0
package/dist/plugins/generic-oauth/providers/auth0.mjs +62 -0
package/dist/plugins/generic-oauth/providers/auth0.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/gumroad.d.mts +32 -0
package/dist/plugins/generic-oauth/providers/gumroad.mjs +60 -0
package/dist/plugins/generic-oauth/providers/gumroad.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/hubspot.d.mts +37 -0
package/dist/plugins/generic-oauth/providers/hubspot.mjs +60 -0
package/dist/plugins/generic-oauth/providers/hubspot.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/index.d.mts +9 -0
package/dist/plugins/generic-oauth/providers/index.mjs +11 -0
package/dist/plugins/generic-oauth/providers/keycloak.d.mts +37 -0
package/dist/plugins/generic-oauth/providers/keycloak.mjs +62 -0
package/dist/plugins/generic-oauth/providers/keycloak.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/line.d.mts +55 -0
package/dist/plugins/generic-oauth/providers/line.mjs +91 -0
package/dist/plugins/generic-oauth/providers/line.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/microsoft-entra-id.d.mts +37 -0
package/dist/plugins/generic-oauth/providers/microsoft-entra-id.mjs +66 -0
package/dist/plugins/generic-oauth/providers/microsoft-entra-id.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/okta.d.mts +37 -0
package/dist/plugins/generic-oauth/providers/okta.mjs +62 -0
package/dist/plugins/generic-oauth/providers/okta.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/patreon.d.mts +30 -0
package/dist/plugins/generic-oauth/providers/patreon.mjs +59 -0
package/dist/plugins/generic-oauth/providers/patreon.mjs.map +1 -0
package/dist/plugins/generic-oauth/providers/slack.d.mts +30 -0
package/dist/plugins/generic-oauth/providers/slack.mjs +61 -0
package/dist/plugins/generic-oauth/providers/slack.mjs.map +1 -0
package/dist/plugins/generic-oauth/routes.mjs +394 -0
package/dist/plugins/generic-oauth/routes.mjs.map +1 -0
package/dist/plugins/generic-oauth/types.d.mts +145 -0
package/dist/plugins/haveibeenpwned/index.d.mts +21 -0
package/dist/plugins/haveibeenpwned/index.mjs +56 -0
package/dist/plugins/haveibeenpwned/index.mjs.map +1 -0
package/dist/plugins/index.d.mts +68 -0
package/dist/plugins/index.mjs +51 -0
package/dist/plugins/jwt/adapter.mjs +27 -0
package/dist/plugins/jwt/adapter.mjs.map +1 -0
package/dist/plugins/jwt/client.d.mts +18 -0
package/dist/plugins/jwt/client.mjs +19 -0
package/dist/plugins/jwt/client.mjs.map +1 -0
package/dist/plugins/jwt/index.d.mts +17 -0
package/dist/plugins/jwt/index.mjs +202 -0
package/dist/plugins/jwt/index.mjs.map +1 -0
package/dist/plugins/jwt/schema.d.mts +5 -0
package/dist/plugins/jwt/schema.mjs +23 -0
package/dist/plugins/jwt/schema.mjs.map +1 -0
package/dist/plugins/jwt/sign.d.mts +57 -0
package/dist/plugins/jwt/sign.mjs +66 -0
package/dist/plugins/jwt/sign.mjs.map +1 -0
package/dist/plugins/jwt/types.d.mts +194 -0
package/dist/plugins/jwt/utils.d.mts +42 -0
package/dist/plugins/jwt/utils.mjs +64 -0
package/dist/plugins/jwt/utils.mjs.map +1 -0
package/dist/plugins/jwt/verify.d.mts +12 -0
package/dist/plugins/jwt/verify.mjs +46 -0
package/dist/plugins/jwt/verify.mjs.map +1 -0
package/dist/plugins/last-login-method/client.d.mts +18 -0
package/dist/plugins/last-login-method/client.mjs +32 -0
package/dist/plugins/last-login-method/client.mjs.map +1 -0
package/dist/plugins/last-login-method/index.d.mts +52 -0
package/dist/plugins/last-login-method/index.mjs +77 -0
package/dist/plugins/last-login-method/index.mjs.map +1 -0
package/dist/plugins/magic-link/client.d.mts +5 -0
package/dist/plugins/magic-link/client.mjs +11 -0
package/dist/plugins/magic-link/client.mjs.map +1 -0
package/dist/plugins/magic-link/index.d.mts +61 -0
package/dist/plugins/magic-link/index.mjs +167 -0
package/dist/plugins/magic-link/index.mjs.map +1 -0
package/dist/plugins/magic-link/utils.mjs +12 -0
package/dist/plugins/magic-link/utils.mjs.map +1 -0
package/dist/plugins/mcp/authorize.mjs +133 -0
package/dist/plugins/mcp/authorize.mjs.map +1 -0
package/dist/plugins/mcp/index.d.mts +46 -0
package/dist/plugins/mcp/index.mjs +717 -0
package/dist/plugins/mcp/index.mjs.map +1 -0
package/dist/plugins/multi-session/client.d.mts +8 -0
package/dist/plugins/multi-session/client.mjs +20 -0
package/dist/plugins/multi-session/client.mjs.map +1 -0
package/dist/plugins/multi-session/error-codes.d.mts +5 -0
package/dist/plugins/multi-session/error-codes.mjs +8 -0
package/dist/plugins/multi-session/error-codes.mjs.map +1 -0
package/dist/plugins/multi-session/index.d.mts +22 -0
package/dist/plugins/multi-session/index.mjs +172 -0
package/dist/plugins/multi-session/index.mjs.map +1 -0
package/dist/plugins/oauth-proxy/index.d.mts +39 -0
package/dist/plugins/oauth-proxy/index.mjs +305 -0
package/dist/plugins/oauth-proxy/index.mjs.map +1 -0
package/dist/plugins/oauth-proxy/utils.mjs +44 -0
package/dist/plugins/oauth-proxy/utils.mjs.map +1 -0
package/dist/plugins/oidc-provider/authorize.mjs +194 -0
package/dist/plugins/oidc-provider/authorize.mjs.map +1 -0
package/dist/plugins/oidc-provider/client.d.mts +8 -0
package/dist/plugins/oidc-provider/client.mjs +11 -0
package/dist/plugins/oidc-provider/client.mjs.map +1 -0
package/dist/plugins/oidc-provider/error.mjs +17 -0
package/dist/plugins/oidc-provider/error.mjs.map +1 -0
package/dist/plugins/oidc-provider/index.d.mts +32 -0
package/dist/plugins/oidc-provider/index.mjs +1093 -0
package/dist/plugins/oidc-provider/index.mjs.map +1 -0
package/dist/plugins/oidc-provider/schema.d.mts +26 -0
package/dist/plugins/oidc-provider/schema.mjs +132 -0
package/dist/plugins/oidc-provider/schema.mjs.map +1 -0
package/dist/plugins/oidc-provider/types.d.mts +517 -0
package/dist/plugins/oidc-provider/utils/prompt.mjs +19 -0
package/dist/plugins/oidc-provider/utils/prompt.mjs.map +1 -0
package/dist/plugins/oidc-provider/utils.mjs +15 -0
package/dist/plugins/oidc-provider/utils.mjs.map +1 -0
package/dist/plugins/one-tap/client.d.mts +159 -0
package/dist/plugins/one-tap/client.mjs +214 -0
package/dist/plugins/one-tap/client.mjs.map +1 -0
package/dist/plugins/one-tap/index.d.mts +27 -0
package/dist/plugins/one-tap/index.mjs +96 -0
package/dist/plugins/one-tap/index.mjs.map +1 -0
package/dist/plugins/one-time-token/client.d.mts +7 -0
package/dist/plugins/one-time-token/client.mjs +11 -0
package/dist/plugins/one-time-token/client.mjs.map +1 -0
package/dist/plugins/one-time-token/index.d.mts +53 -0
package/dist/plugins/one-time-token/index.mjs +82 -0
package/dist/plugins/one-time-token/index.mjs.map +1 -0
package/dist/plugins/one-time-token/utils.mjs +12 -0
package/dist/plugins/one-time-token/utils.mjs.map +1 -0
package/dist/plugins/open-api/generator.d.mts +115 -0
package/dist/plugins/open-api/generator.mjs +315 -0
package/dist/plugins/open-api/generator.mjs.map +1 -0
package/dist/plugins/open-api/index.d.mts +45 -0
package/dist/plugins/open-api/index.mjs +67 -0
package/dist/plugins/open-api/index.mjs.map +1 -0
package/dist/plugins/open-api/logo.mjs +15 -0
package/dist/plugins/open-api/logo.mjs.map +1 -0
package/dist/plugins/organization/access/index.d.mts +2 -0
package/dist/plugins/organization/access/index.mjs +3 -0
package/dist/plugins/organization/access/statement.d.mts +249 -0
package/dist/plugins/organization/access/statement.mjs +81 -0
package/dist/plugins/organization/access/statement.mjs.map +1 -0
package/dist/plugins/organization/adapter.d.mts +205 -0
package/dist/plugins/organization/adapter.mjs +624 -0
package/dist/plugins/organization/adapter.mjs.map +1 -0
package/dist/plugins/organization/call.mjs +19 -0
package/dist/plugins/organization/call.mjs.map +1 -0
package/dist/plugins/organization/client.d.mts +151 -0
package/dist/plugins/organization/client.mjs +107 -0
package/dist/plugins/organization/client.mjs.map +1 -0
package/dist/plugins/organization/error-codes.d.mts +5 -0
package/dist/plugins/organization/error-codes.mjs +65 -0
package/dist/plugins/organization/error-codes.mjs.map +1 -0
package/dist/plugins/organization/has-permission.mjs +35 -0
package/dist/plugins/organization/has-permission.mjs.map +1 -0
package/dist/plugins/organization/index.d.mts +5 -0
package/dist/plugins/organization/index.mjs +4 -0
package/dist/plugins/organization/organization.d.mts +252 -0
package/dist/plugins/organization/organization.mjs +428 -0
package/dist/plugins/organization/organization.mjs.map +1 -0
package/dist/plugins/organization/permission.d.mts +26 -0
package/dist/plugins/organization/permission.mjs +16 -0
package/dist/plugins/organization/permission.mjs.map +1 -0
package/dist/plugins/organization/routes/crud-access-control.d.mts +11 -0
package/dist/plugins/organization/routes/crud-access-control.mjs +656 -0
package/dist/plugins/organization/routes/crud-access-control.mjs.map +1 -0
package/dist/plugins/organization/routes/crud-invites.d.mts +16 -0
package/dist/plugins/organization/routes/crud-invites.mjs +555 -0
package/dist/plugins/organization/routes/crud-invites.mjs.map +1 -0
package/dist/plugins/organization/routes/crud-members.d.mts +13 -0
package/dist/plugins/organization/routes/crud-members.mjs +473 -0
package/dist/plugins/organization/routes/crud-members.mjs.map +1 -0
package/dist/plugins/organization/routes/crud-org.d.mts +13 -0
package/dist/plugins/organization/routes/crud-org.mjs +447 -0
package/dist/plugins/organization/routes/crud-org.mjs.map +1 -0
package/dist/plugins/organization/routes/crud-team.d.mts +15 -0
package/dist/plugins/organization/routes/crud-team.mjs +676 -0
package/dist/plugins/organization/routes/crud-team.mjs.map +1 -0
package/dist/plugins/organization/schema.d.mts +376 -0
package/dist/plugins/organization/schema.mjs +68 -0
package/dist/plugins/organization/schema.mjs.map +1 -0
package/dist/plugins/organization/types.d.mts +733 -0
package/dist/plugins/phone-number/client.d.mts +8 -0
package/dist/plugins/phone-number/client.mjs +20 -0
package/dist/plugins/phone-number/client.mjs.map +1 -0
package/dist/plugins/phone-number/error-codes.d.mts +5 -0
package/dist/plugins/phone-number/error-codes.mjs +21 -0
package/dist/plugins/phone-number/error-codes.mjs.map +1 -0
package/dist/plugins/phone-number/index.d.mts +14 -0
package/dist/plugins/phone-number/index.mjs +49 -0
package/dist/plugins/phone-number/index.mjs.map +1 -0
package/dist/plugins/phone-number/routes.mjs +459 -0
package/dist/plugins/phone-number/routes.mjs.map +1 -0
package/dist/plugins/phone-number/schema.d.mts +5 -0
package/dist/plugins/phone-number/schema.mjs +20 -0
package/dist/plugins/phone-number/schema.mjs.map +1 -0
package/dist/plugins/phone-number/types.d.mts +118 -0
package/dist/plugins/siwe/client.d.mts +5 -0
package/dist/plugins/siwe/client.mjs +11 -0
package/dist/plugins/siwe/client.mjs.map +1 -0
package/dist/plugins/siwe/error-codes.mjs +13 -0
package/dist/plugins/siwe/error-codes.mjs.map +1 -0
package/dist/plugins/siwe/index.d.mts +26 -0
package/dist/plugins/siwe/index.mjs +261 -0
package/dist/plugins/siwe/index.mjs.map +1 -0
package/dist/plugins/siwe/schema.d.mts +5 -0
package/dist/plugins/siwe/schema.mjs +32 -0
package/dist/plugins/siwe/schema.mjs.map +1 -0
package/dist/plugins/siwe/types.d.mts +44 -0
package/dist/plugins/two-factor/backup-codes/index.d.mts +91 -0
package/dist/plugins/two-factor/backup-codes/index.mjs +277 -0
package/dist/plugins/two-factor/backup-codes/index.mjs.map +1 -0
package/dist/plugins/two-factor/client.d.mts +17 -0
package/dist/plugins/two-factor/client.mjs +37 -0
package/dist/plugins/two-factor/client.mjs.map +1 -0
package/dist/plugins/two-factor/constant.mjs +8 -0
package/dist/plugins/two-factor/constant.mjs.map +1 -0
package/dist/plugins/two-factor/error-code.d.mts +5 -0
package/dist/plugins/two-factor/error-code.mjs +18 -0
package/dist/plugins/two-factor/error-code.mjs.map +1 -0
package/dist/plugins/two-factor/index.d.mts +19 -0
package/dist/plugins/two-factor/index.mjs +207 -0
package/dist/plugins/two-factor/index.mjs.map +1 -0
package/dist/plugins/two-factor/otp/index.d.mts +96 -0
package/dist/plugins/two-factor/otp/index.mjs +199 -0
package/dist/plugins/two-factor/otp/index.mjs.map +1 -0
package/dist/plugins/two-factor/schema.d.mts +5 -0
package/dist/plugins/two-factor/schema.mjs +36 -0
package/dist/plugins/two-factor/schema.mjs.map +1 -0
package/dist/plugins/two-factor/totp/index.d.mts +81 -0
package/dist/plugins/two-factor/totp/index.mjs +157 -0
package/dist/plugins/two-factor/totp/index.mjs.map +1 -0
package/dist/plugins/two-factor/types.d.mts +65 -0
package/dist/plugins/two-factor/utils.mjs +12 -0
package/dist/plugins/two-factor/utils.mjs.map +1 -0
package/dist/plugins/two-factor/verify-two-factor.mjs +76 -0
package/dist/plugins/two-factor/verify-two-factor.mjs.map +1 -0
package/dist/plugins/username/client.d.mts +7 -0
package/dist/plugins/username/client.mjs +18 -0
package/dist/plugins/username/client.mjs.map +1 -0
package/dist/plugins/username/error-codes.d.mts +5 -0
package/dist/plugins/username/error-codes.mjs +17 -0
package/dist/plugins/username/error-codes.mjs.map +1 -0
package/dist/plugins/username/index.d.mts +74 -0
package/dist/plugins/username/index.mjs +237 -0
package/dist/plugins/username/index.mjs.map +1 -0
package/dist/plugins/username/schema.d.mts +9 -0
package/dist/plugins/username/schema.mjs +26 -0
package/dist/plugins/username/schema.mjs.map +1 -0
package/dist/social-providers/index.d.mts +1 -0
package/dist/social-providers/index.mjs +3 -0
package/dist/state.d.mts +42 -0
package/dist/state.mjs +107 -0
package/dist/state.mjs.map +1 -0
package/dist/test-utils/headers.d.mts +9 -0
package/dist/test-utils/headers.mjs +24 -0
package/dist/test-utils/headers.mjs.map +1 -0
package/dist/test-utils/index.d.mts +3 -0
package/dist/test-utils/index.mjs +4 -0
package/dist/test-utils/test-instance.d.mts +181 -0
package/dist/test-utils/test-instance.mjs +210 -0
package/dist/test-utils/test-instance.mjs.map +1 -0
package/dist/types/adapter.d.mts +24 -0
package/dist/types/api.d.mts +29 -0
package/dist/types/auth.d.mts +30 -0
package/dist/types/helper.d.mts +21 -0
package/dist/types/index.d.mts +11 -0
package/dist/types/index.mjs +1 -0
package/dist/types/models.d.mts +17 -0
package/dist/types/plugins.d.mts +16 -0
package/dist/utils/boolean.mjs +8 -0
package/dist/utils/boolean.mjs.map +1 -0
package/dist/utils/constants.mjs +6 -0
package/dist/utils/constants.mjs.map +1 -0
package/dist/utils/date.mjs +8 -0
package/dist/utils/date.mjs.map +1 -0
package/dist/utils/get-request-ip.d.mts +7 -0
package/dist/utils/get-request-ip.mjs +23 -0
package/dist/utils/get-request-ip.mjs.map +1 -0
package/dist/utils/hashing.mjs +21 -0
package/dist/utils/hashing.mjs.map +1 -0
package/dist/utils/hide-metadata.d.mts +7 -0
package/dist/utils/hide-metadata.mjs +6 -0
package/dist/utils/hide-metadata.mjs.map +1 -0
package/dist/utils/index.d.mts +3 -0
package/dist/utils/index.mjs +5 -0
package/dist/utils/is-api-error.d.mts +7 -0
package/dist/utils/is-api-error.mjs +11 -0
package/dist/utils/is-api-error.mjs.map +1 -0
package/dist/utils/is-atom.mjs +8 -0
package/dist/utils/is-atom.mjs.map +1 -0
package/dist/utils/is-promise.mjs +8 -0
package/dist/utils/is-promise.mjs.map +1 -0
package/dist/utils/middleware-response.mjs +6 -0
package/dist/utils/middleware-response.mjs.map +1 -0
package/dist/utils/password.mjs +26 -0
package/dist/utils/password.mjs.map +1 -0
package/dist/utils/plugin-helper.mjs +17 -0
package/dist/utils/plugin-helper.mjs.map +1 -0
package/dist/utils/shim.mjs +24 -0
package/dist/utils/shim.mjs.map +1 -0
package/dist/utils/time.d.mts +49 -0
package/dist/utils/time.mjs +100 -0
package/dist/utils/time.mjs.map +1 -0
package/dist/utils/url.mjs +92 -0
package/dist/utils/url.mjs.map +1 -0
package/dist/utils/wildcard.mjs +108 -0
package/dist/utils/wildcard.mjs.map +1 -0
package/package.json +601 -0

package/dist/plugins/magic-link/utils.mjs ADDED Viewed

@@ -0,0 +1,12 @@
+import { createHash } from "@better-auth/utils/hash";
+import { base64Url } from "@better-auth/utils/base64";
+//#region src/plugins/magic-link/utils.ts
+const defaultKeyHasher = async (otp) => {
+	const hash = await createHash("SHA-256").digest(new TextEncoder().encode(otp));
+	return base64Url.encode(new Uint8Array(hash), { padding: false });
+};
+//#endregion
+export { defaultKeyHasher };
+//# sourceMappingURL=utils.mjs.map

package/dist/plugins/magic-link/utils.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"utils.mjs","names":[],"sources":["../../../src/plugins/magic-link/utils.ts"],"sourcesContent":["import { base64Url } from \"@better-auth/utils/base64\";\nimport { createHash } from \"@better-auth/utils/hash\";\n\nexport const defaultKeyHasher = async (otp: string) => {\n\tconst hash = await createHash(\"SHA-256\").digest(\n\t\tnew TextEncoder().encode(otp),\n\t);\n\tconst hashed = base64Url.encode(new Uint8Array(hash), {\n\t\tpadding: false,\n\t});\n\treturn hashed;\n};\n"],"mappings":";;;;AAGA,MAAa,mBAAmB,OAAO,QAAgB;CACtD,MAAM,OAAO,MAAM,WAAW,UAAU,CAAC,OACxC,IAAI,aAAa,CAAC,OAAO,IAAI,CAC7B;AAID,QAHe,UAAU,OAAO,IAAI,WAAW,KAAK,EAAE,EACrD,SAAS,OACT,CAAC"}

package/dist/plugins/mcp/authorize.mjs ADDED Viewed

@@ -0,0 +1,133 @@
+import { generateRandomString } from "../../crypto/random.mjs";
+import "../../crypto/index.mjs";
+import { getSessionFromCtx } from "../../api/routes/session.mjs";
+import "../../api/index.mjs";
+import { APIError } from "@better-auth/core/error";
+//#region src/plugins/mcp/authorize.ts
+function redirectErrorURL(url, error, description) {
+	return `${url.includes("?") ? "&" : "?"}error=${error}&error_description=${description}`;
+}
+async function authorizeMCPOAuth(ctx, options) {
+	ctx.setHeader("Access-Control-Allow-Origin", "*");
+	ctx.setHeader("Access-Control-Allow-Methods", "POST, OPTIONS");
+	ctx.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
+	ctx.setHeader("Access-Control-Max-Age", "86400");
+	const opts = {
+		codeExpiresIn: 600,
+		defaultScope: "openid",
+		...options,
+		scopes: [
+			"openid",
+			"profile",
+			"email",
+			"offline_access",
+			...options?.scopes || []
+		]
+	};
+	if (!ctx.request) throw new APIError("UNAUTHORIZED", {
+		error_description: "request not found",
+		error: "invalid_request"
+	});
+	const session = await getSessionFromCtx(ctx);
+	if (!session) {
+		/**
+		* If the user is not logged in, we need to redirect them to the
+		* login page.
+		*/
+		await ctx.setSignedCookie("oidc_login_prompt", JSON.stringify(ctx.query), ctx.context.secret, {
+			maxAge: 600,
+			path: "/",
+			sameSite: "lax"
+		});
+		const queryFromURL = ctx.request.url?.split("?")[1];
+		throw ctx.redirect(`${options.loginPage}?${queryFromURL}`);
+	}
+	const query = ctx.query;
+	if (!query.client_id) throw ctx.redirect(`${ctx.context.baseURL}/error?error=invalid_client`);
+	if (!query.response_type) throw ctx.redirect(redirectErrorURL(`${ctx.context.baseURL}/error`, "invalid_request", "response_type is required"));
+	const client = await ctx.context.adapter.findOne({
+		model: "oauthApplication",
+		where: [{
+			field: "clientId",
+			value: ctx.query.client_id
+		}]
+	}).then((res) => {
+		if (!res) return null;
+		return {
+			...res,
+			redirectUrls: res.redirectUrls.split(","),
+			metadata: res.metadata ? JSON.parse(res.metadata) : {}
+		};
+	});
+	if (!client) throw ctx.redirect(`${ctx.context.baseURL}/error?error=invalid_client`);
+	const redirectURI = client.redirectUrls.find((url) => url === ctx.query.redirect_uri);
+	if (!redirectURI || !query.redirect_uri)
+ /**
+	* show UI error here warning the user that the redirect URI is invalid
+	*/
+	throw new APIError("BAD_REQUEST", { message: "Invalid redirect URI" });
+	if (client.disabled) throw ctx.redirect(`${ctx.context.baseURL}/error?error=client_disabled`);
+	if (query.response_type !== "code") throw ctx.redirect(`${ctx.context.baseURL}/error?error=unsupported_response_type`);
+	const requestScope = query.scope?.split(" ").filter((s) => s) || opts.defaultScope.split(" ");
+	const invalidScopes = requestScope.filter((scope) => {
+		return !opts.scopes.includes(scope);
+	});
+	if (invalidScopes.length) throw ctx.redirect(redirectErrorURL(query.redirect_uri, "invalid_scope", `The following scopes are invalid: ${invalidScopes.join(", ")}`));
+	if ((!query.code_challenge || !query.code_challenge_method) && options.requirePKCE) throw ctx.redirect(redirectErrorURL(query.redirect_uri, "invalid_request", "pkce is required"));
+	if (!query.code_challenge_method) query.code_challenge_method = "plain";
+	if (!["s256", options.allowPlainCodeChallengeMethod ? "plain" : "s256"].includes(query.code_challenge_method?.toLowerCase() || "")) throw ctx.redirect(redirectErrorURL(query.redirect_uri, "invalid_request", "invalid code_challenge method"));
+	const code = generateRandomString(32, "a-z", "A-Z", "0-9");
+	const codeExpiresInMs = opts.codeExpiresIn * 1e3;
+	const expiresAt = new Date(Date.now() + codeExpiresInMs);
+	try {
+		/**
+		* Save the code in the database
+		*/
+		await ctx.context.internalAdapter.createVerificationValue({
+			value: JSON.stringify({
+				clientId: client.clientId,
+				redirectURI: query.redirect_uri,
+				scope: requestScope,
+				userId: session.user.id,
+				authTime: new Date(session.session.createdAt).getTime(),
+				requireConsent: query.prompt === "consent",
+				state: query.prompt === "consent" ? query.state : null,
+				codeChallenge: query.code_challenge,
+				codeChallengeMethod: query.code_challenge_method,
+				nonce: query.nonce
+			}),
+			identifier: code,
+			expiresAt
+		});
+	} catch {
+		throw ctx.redirect(redirectErrorURL(query.redirect_uri, "server_error", "An error occurred while processing the request"));
+	}
+	if (query.prompt !== "consent") {
+		const redirectURIWithCode = new URL(redirectURI);
+		redirectURIWithCode.searchParams.set("code", code);
+		if (ctx.query.state) redirectURIWithCode.searchParams.set("state", ctx.query.state);
+		throw ctx.redirect(redirectURIWithCode.toString());
+	}
+	if (options?.consentPage) {
+		await ctx.setSignedCookie("oidc_consent_prompt", code, ctx.context.secret, {
+			maxAge: 600,
+			path: "/",
+			sameSite: "lax"
+		});
+		const urlParams = new URLSearchParams();
+		urlParams.set("consent_code", code);
+		urlParams.set("client_id", client.clientId);
+		urlParams.set("scope", requestScope.join(" "));
+		const consentURI = `${options.consentPage}?${urlParams.toString()}`;
+		throw ctx.redirect(consentURI);
+	}
+	const redirectURIWithCode = new URL(redirectURI);
+	redirectURIWithCode.searchParams.set("code", code);
+	if (ctx.query.state) redirectURIWithCode.searchParams.set("state", ctx.query.state);
+	throw ctx.redirect(redirectURIWithCode.toString());
+}
+//#endregion
+export { authorizeMCPOAuth };
+//# sourceMappingURL=authorize.mjs.map

package/dist/plugins/mcp/authorize.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"authorize.mjs","names":[],"sources":["../../../src/plugins/mcp/authorize.ts"],"sourcesContent":["import type { GenericEndpointContext } from \"@better-auth/core\";\nimport { APIError } from \"@better-auth/core/error\";\nimport { getSessionFromCtx } from \"../../api\";\nimport { generateRandomString } from \"../../crypto\";\nimport type { OAuthApplication } from \"../oidc-provider/schema\";\nimport type {\n\tAuthorizationQuery,\n\tClient,\n\tOIDCOptions,\n} from \"../oidc-provider/types\";\n\nfunction redirectErrorURL(url: string, error: string, description: string) {\n\treturn `${\n\t\turl.includes(\"?\") ? \"&\" : \"?\"\n\t}error=${error}&error_description=${description}`;\n}\n\nexport async function authorizeMCPOAuth(\n\tctx: GenericEndpointContext,\n\toptions: OIDCOptions,\n) {\n\tctx.setHeader(\"Access-Control-Allow-Origin\", \"*\");\n\tctx.setHeader(\"Access-Control-Allow-Methods\", \"POST, OPTIONS\");\n\tctx.setHeader(\"Access-Control-Allow-Headers\", \"Content-Type, Authorization\");\n\tctx.setHeader(\"Access-Control-Max-Age\", \"86400\");\n\tconst opts = {\n\t\tcodeExpiresIn: 600,\n\t\tdefaultScope: \"openid\",\n\t\t...options,\n\t\tscopes: [\n\t\t\t\"openid\",\n\t\t\t\"profile\",\n\t\t\t\"email\",\n\t\t\t\"offline_access\",\n\t\t\t...(options?.scopes || []),\n\t\t],\n\t};\n\tif (!ctx.request) {\n\t\tthrow new APIError(\"UNAUTHORIZED\", {\n\t\t\terror_description: \"request not found\",\n\t\t\terror: \"invalid_request\",\n\t\t});\n\t}\n\tconst session = await getSessionFromCtx(ctx);\n\tif (!session) {\n\t\t/**\n\t\t * If the user is not logged in, we need to redirect them to the\n\t\t * login page.\n\t\t */\n\t\tawait ctx.setSignedCookie(\n\t\t\t\"oidc_login_prompt\",\n\t\t\tJSON.stringify(ctx.query),\n\t\t\tctx.context.secret,\n\t\t\t{\n\t\t\t\tmaxAge: 600,\n\t\t\t\tpath: \"/\",\n\t\t\t\tsameSite: \"lax\",\n\t\t\t},\n\t\t);\n\t\tconst queryFromURL = ctx.request.url?.split(\"?\")[1]!;\n\t\tthrow ctx.redirect(`${options.loginPage}?${queryFromURL}`);\n\t}\n\n\tconst query = ctx.query as AuthorizationQuery;\n\tif (!query.client_id) {\n\t\tthrow ctx.redirect(`${ctx.context.baseURL}/error?error=invalid_client`);\n\t}\n\n\tif (!query.response_type) {\n\t\tthrow ctx.redirect(\n\t\t\tredirectErrorURL(\n\t\t\t\t`${ctx.context.baseURL}/error`,\n\t\t\t\t\"invalid_request\",\n\t\t\t\t\"response_type is required\",\n\t\t\t),\n\t\t);\n\t}\n\n\tconst client = await ctx.context.adapter\n\t\t.findOne<OAuthApplication>({\n\t\t\tmodel: \"oauthApplication\",\n\t\t\twhere: [\n\t\t\t\t{\n\t\t\t\t\tfield: \"clientId\",\n\t\t\t\t\tvalue: ctx.query.client_id,\n\t\t\t\t},\n\t\t\t],\n\t\t})\n\t\t.then((res) => {\n\t\t\tif (!res) {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\treturn {\n\t\t\t\t...res,\n\t\t\t\tredirectUrls: res.redirectUrls.split(\",\"),\n\t\t\t\tmetadata: res.metadata ? JSON.parse(res.metadata) : {},\n\t\t\t} as Client;\n\t\t});\n\tif (!client) {\n\t\tthrow ctx.redirect(`${ctx.context.baseURL}/error?error=invalid_client`);\n\t}\n\tconst redirectURI = client.redirectUrls.find(\n\t\t(url) => url === ctx.query.redirect_uri,\n\t);\n\n\tif (!redirectURI || !query.redirect_uri) {\n\t\t/**\n\t\t * show UI error here warning the user that the redirect URI is invalid\n\t\t */\n\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\tmessage: \"Invalid redirect URI\",\n\t\t});\n\t}\n\tif (client.disabled) {\n\t\tthrow ctx.redirect(`${ctx.context.baseURL}/error?error=client_disabled`);\n\t}\n\n\tif (query.response_type !== \"code\") {\n\t\tthrow ctx.redirect(\n\t\t\t`${ctx.context.baseURL}/error?error=unsupported_response_type`,\n\t\t);\n\t}\n\n\tconst requestScope =\n\t\tquery.scope?.split(\" \").filter((s) => s) || opts.defaultScope.split(\" \");\n\tconst invalidScopes = requestScope.filter((scope) => {\n\t\treturn !opts.scopes.includes(scope);\n\t});\n\tif (invalidScopes.length) {\n\t\tthrow ctx.redirect(\n\t\t\tredirectErrorURL(\n\t\t\t\tquery.redirect_uri,\n\t\t\t\t\"invalid_scope\",\n\t\t\t\t`The following scopes are invalid: ${invalidScopes.join(\", \")}`,\n\t\t\t),\n\t\t);\n\t}\n\n\tif (\n\t\t(!query.code_challenge || !query.code_challenge_method) &&\n\t\toptions.requirePKCE\n\t) {\n\t\tthrow ctx.redirect(\n\t\t\tredirectErrorURL(\n\t\t\t\tquery.redirect_uri,\n\t\t\t\t\"invalid_request\",\n\t\t\t\t\"pkce is required\",\n\t\t\t),\n\t\t);\n\t}\n\n\tif (!query.code_challenge_method) {\n\t\tquery.code_challenge_method = \"plain\";\n\t}\n\n\tif (\n\t\t![\n\t\t\t\"s256\",\n\t\t\toptions.allowPlainCodeChallengeMethod ? \"plain\" : \"s256\",\n\t\t].includes(query.code_challenge_method?.toLowerCase() || \"\")\n\t) {\n\t\tthrow ctx.redirect(\n\t\t\tredirectErrorURL(\n\t\t\t\tquery.redirect_uri,\n\t\t\t\t\"invalid_request\",\n\t\t\t\t\"invalid code_challenge method\",\n\t\t\t),\n\t\t);\n\t}\n\n\tconst code = generateRandomString(32, \"a-z\", \"A-Z\", \"0-9\");\n\tconst codeExpiresInMs = opts.codeExpiresIn * 1000;\n\tconst expiresAt = new Date(Date.now() + codeExpiresInMs);\n\ttry {\n\t\t/**\n\t\t * Save the code in the database\n\t\t */\n\t\tawait ctx.context.internalAdapter.createVerificationValue({\n\t\t\tvalue: JSON.stringify({\n\t\t\t\tclientId: client.clientId,\n\t\t\t\tredirectURI: query.redirect_uri,\n\t\t\t\tscope: requestScope,\n\t\t\t\tuserId: session.user.id,\n\t\t\t\tauthTime: new Date(session.session.createdAt).getTime(),\n\t\t\t\t/**\n\t\t\t\t * If the prompt is set to `consent`, then we need\n\t\t\t\t * to require the user to consent to the scopes.\n\t\t\t\t *\n\t\t\t\t * This means the code now needs to be treated as a\n\t\t\t\t * consent request.\n\t\t\t\t *\n\t\t\t\t * once the user consents, the code will be updated\n\t\t\t\t * with the actual code. This is to prevent the\n\t\t\t\t * client from using the code before the user\n\t\t\t\t * consents.\n\t\t\t\t */\n\t\t\t\trequireConsent: query.prompt === \"consent\",\n\t\t\t\tstate: query.prompt === \"consent\" ? query.state : null,\n\t\t\t\tcodeChallenge: query.code_challenge,\n\t\t\t\tcodeChallengeMethod: query.code_challenge_method,\n\t\t\t\tnonce: query.nonce,\n\t\t\t}),\n\t\t\tidentifier: code,\n\t\t\texpiresAt,\n\t\t});\n\t} catch {\n\t\tthrow ctx.redirect(\n\t\t\tredirectErrorURL(\n\t\t\t\tquery.redirect_uri,\n\t\t\t\t\"server_error\",\n\t\t\t\t\"An error occurred while processing the request\",\n\t\t\t),\n\t\t);\n\t}\n\n\t// Consent is NOT required - redirect with the code immediately\n\tif (query.prompt !== \"consent\") {\n\t\tconst redirectURIWithCode = new URL(redirectURI);\n\t\tredirectURIWithCode.searchParams.set(\"code\", code);\n\t\tif (ctx.query.state) {\n\t\t\tredirectURIWithCode.searchParams.set(\"state\", ctx.query.state);\n\t\t}\n\t\tthrow ctx.redirect(redirectURIWithCode.toString());\n\t}\n\n\t// Consent is REQUIRED - redirect to consent page or show consent HTML\n\tif (options?.consentPage) {\n\t\t// Set cookie to support cookie-based consent flows\n\t\tawait ctx.setSignedCookie(\"oidc_consent_prompt\", code, ctx.context.secret, {\n\t\t\tmaxAge: 600,\n\t\t\tpath: \"/\",\n\t\t\tsameSite: \"lax\",\n\t\t});\n\n\t\t// Pass the consent code as a URL parameter to support URL-BASED consent flows\n\t\tconst urlParams = new URLSearchParams();\n\t\turlParams.set(\"consent_code\", code);\n\t\turlParams.set(\"client_id\", client.clientId);\n\t\turlParams.set(\"scope\", requestScope.join(\" \"));\n\t\tconst consentURI = `${options.consentPage}?${urlParams.toString()}`;\n\n\t\tthrow ctx.redirect(consentURI);\n\t}\n\n\t// No consent page configured - fall back to direct redirect with code\n\tconst redirectURIWithCode = new URL(redirectURI);\n\tredirectURIWithCode.searchParams.set(\"code\", code);\n\tif (ctx.query.state) {\n\t\tredirectURIWithCode.searchParams.set(\"state\", ctx.query.state);\n\t}\n\tthrow ctx.redirect(redirectURIWithCode.toString());\n}\n"],"mappings":";;;;;;;AAWA,SAAS,iBAAiB,KAAa,OAAe,aAAqB;AAC1E,QAAO,GACN,IAAI,SAAS,IAAI,GAAG,MAAM,IAC1B,QAAQ,MAAM,qBAAqB;;AAGrC,eAAsB,kBACrB,KACA,SACC;AACD,KAAI,UAAU,+BAA+B,IAAI;AACjD,KAAI,UAAU,gCAAgC,gBAAgB;AAC9D,KAAI,UAAU,gCAAgC,8BAA8B;AAC5E,KAAI,UAAU,0BAA0B,QAAQ;CAChD,MAAM,OAAO;EACZ,eAAe;EACf,cAAc;EACd,GAAG;EACH,QAAQ;GACP;GACA;GACA;GACA;GACA,GAAI,SAAS,UAAU,EAAE;GACzB;EACD;AACD,KAAI,CAAC,IAAI,QACR,OAAM,IAAI,SAAS,gBAAgB;EAClC,mBAAmB;EACnB,OAAO;EACP,CAAC;CAEH,MAAM,UAAU,MAAM,kBAAkB,IAAI;AAC5C,KAAI,CAAC,SAAS;;;;;AAKb,QAAM,IAAI,gBACT,qBACA,KAAK,UAAU,IAAI,MAAM,EACzB,IAAI,QAAQ,QACZ;GACC,QAAQ;GACR,MAAM;GACN,UAAU;GACV,CACD;EACD,MAAM,eAAe,IAAI,QAAQ,KAAK,MAAM,IAAI,CAAC;AACjD,QAAM,IAAI,SAAS,GAAG,QAAQ,UAAU,GAAG,eAAe;;CAG3D,MAAM,QAAQ,IAAI;AAClB,KAAI,CAAC,MAAM,UACV,OAAM,IAAI,SAAS,GAAG,IAAI,QAAQ,QAAQ,6BAA6B;AAGxE,KAAI,CAAC,MAAM,cACV,OAAM,IAAI,SACT,iBACC,GAAG,IAAI,QAAQ,QAAQ,SACvB,mBACA,4BACA,CACD;CAGF,MAAM,SAAS,MAAM,IAAI,QAAQ,QAC/B,QAA0B;EAC1B,OAAO;EACP,OAAO,CACN;GACC,OAAO;GACP,OAAO,IAAI,MAAM;GACjB,CACD;EACD,CAAC,CACD,MAAM,QAAQ;AACd,MAAI,CAAC,IACJ,QAAO;AAER,SAAO;GACN,GAAG;GACH,cAAc,IAAI,aAAa,MAAM,IAAI;GACzC,UAAU,IAAI,WAAW,KAAK,MAAM,IAAI,SAAS,GAAG,EAAE;GACtD;GACA;AACH,KAAI,CAAC,OACJ,OAAM,IAAI,SAAS,GAAG,IAAI,QAAQ,QAAQ,6BAA6B;CAExE,MAAM,cAAc,OAAO,aAAa,MACtC,QAAQ,QAAQ,IAAI,MAAM,aAC3B;AAED,KAAI,CAAC,eAAe,CAAC,MAAM;;;;AAI1B,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,wBACT,CAAC;AAEH,KAAI,OAAO,SACV,OAAM,IAAI,SAAS,GAAG,IAAI,QAAQ,QAAQ,8BAA8B;AAGzE,KAAI,MAAM,kBAAkB,OAC3B,OAAM,IAAI,SACT,GAAG,IAAI,QAAQ,QAAQ,wCACvB;CAGF,MAAM,eACL,MAAM,OAAO,MAAM,IAAI,CAAC,QAAQ,MAAM,EAAE,IAAI,KAAK,aAAa,MAAM,IAAI;CACzE,MAAM,gBAAgB,aAAa,QAAQ,UAAU;AACpD,SAAO,CAAC,KAAK,OAAO,SAAS,MAAM;GAClC;AACF,KAAI,cAAc,OACjB,OAAM,IAAI,SACT,iBACC,MAAM,cACN,iBACA,qCAAqC,cAAc,KAAK,KAAK,GAC7D,CACD;AAGF,MACE,CAAC,MAAM,kBAAkB,CAAC,MAAM,0BACjC,QAAQ,YAER,OAAM,IAAI,SACT,iBACC,MAAM,cACN,mBACA,mBACA,CACD;AAGF,KAAI,CAAC,MAAM,sBACV,OAAM,wBAAwB;AAG/B,KACC,CAAC,CACA,QACA,QAAQ,gCAAgC,UAAU,OAClD,CAAC,SAAS,MAAM,uBAAuB,aAAa,IAAI,GAAG,CAE5D,OAAM,IAAI,SACT,iBACC,MAAM,cACN,mBACA,gCACA,CACD;CAGF,MAAM,OAAO,qBAAqB,IAAI,OAAO,OAAO,MAAM;CAC1D,MAAM,kBAAkB,KAAK,gBAAgB;CAC7C,MAAM,YAAY,IAAI,KAAK,KAAK,KAAK,GAAG,gBAAgB;AACxD,KAAI;;;;AAIH,QAAM,IAAI,QAAQ,gBAAgB,wBAAwB;GACzD,OAAO,KAAK,UAAU;IACrB,UAAU,OAAO;IACjB,aAAa,MAAM;IACnB,OAAO;IACP,QAAQ,QAAQ,KAAK;IACrB,UAAU,IAAI,KAAK,QAAQ,QAAQ,UAAU,CAAC,SAAS;IAavD,gBAAgB,MAAM,WAAW;IACjC,OAAO,MAAM,WAAW,YAAY,MAAM,QAAQ;IAClD,eAAe,MAAM;IACrB,qBAAqB,MAAM;IAC3B,OAAO,MAAM;IACb,CAAC;GACF,YAAY;GACZ;GACA,CAAC;SACK;AACP,QAAM,IAAI,SACT,iBACC,MAAM,cACN,gBACA,iDACA,CACD;;AAIF,KAAI,MAAM,WAAW,WAAW;EAC/B,MAAM,sBAAsB,IAAI,IAAI,YAAY;AAChD,sBAAoB,aAAa,IAAI,QAAQ,KAAK;AAClD,MAAI,IAAI,MAAM,MACb,qBAAoB,aAAa,IAAI,SAAS,IAAI,MAAM,MAAM;AAE/D,QAAM,IAAI,SAAS,oBAAoB,UAAU,CAAC;;AAInD,KAAI,SAAS,aAAa;AAEzB,QAAM,IAAI,gBAAgB,uBAAuB,MAAM,IAAI,QAAQ,QAAQ;GAC1E,QAAQ;GACR,MAAM;GACN,UAAU;GACV,CAAC;EAGF,MAAM,YAAY,IAAI,iBAAiB;AACvC,YAAU,IAAI,gBAAgB,KAAK;AACnC,YAAU,IAAI,aAAa,OAAO,SAAS;AAC3C,YAAU,IAAI,SAAS,aAAa,KAAK,IAAI,CAAC;EAC9C,MAAM,aAAa,GAAG,QAAQ,YAAY,GAAG,UAAU,UAAU;AAEjE,QAAM,IAAI,SAAS,WAAW;;CAI/B,MAAM,sBAAsB,IAAI,IAAI,YAAY;AAChD,qBAAoB,aAAa,IAAI,QAAQ,KAAK;AAClD,KAAI,IAAI,MAAM,MACb,qBAAoB,aAAa,IAAI,SAAS,IAAI,MAAM,MAAM;AAE/D,OAAM,IAAI,SAAS,oBAAoB,UAAU,CAAC"}

package/dist/plugins/mcp/index.d.mts ADDED Viewed

@@ -0,0 +1,46 @@
+import { OAuthAccessToken, OIDCMetadata, OIDCOptions } from "../oidc-provider/types.mjs";
+import "../oidc-provider/index.mjs";
+import { BetterAuthOptions, GenericEndpointContext } from "@better-auth/core";
+//#region src/plugins/mcp/index.d.ts
+declare module "@better-auth/core" {
+  interface BetterAuthPluginRegistry<AuthOptions, Options> {
+    mcp: {
+      creator: typeof mcp;
+    };
+  }
+}
+interface MCPOptions {
+  loginPage: string;
+  resource?: string | undefined;
+  oidcConfig?: OIDCOptions | undefined;
+}
+declare const getMCPProviderMetadata: (ctx: GenericEndpointContext, options?: OIDCOptions | undefined) => OIDCMetadata;
+declare const getMCPProtectedResourceMetadata: (ctx: GenericEndpointContext, options?: MCPOptions | undefined) => {
+  resource: string;
+  authorization_servers: string[];
+  jwks_uri: string;
+  scopes_supported: string[];
+  bearer_methods_supported: string[];
+  resource_signing_alg_values_supported: string[];
+};
+declare const mcp: (options: MCPOptions) => BetterAuthPlugin;
+declare const withMcpAuth: <Auth extends {
+  api: {
+    getMcpSession: (...args: any) => Promise<OAuthAccessToken | null>;
+  };
+  options: BetterAuthOptions;
+}>(auth: Auth, handler: (req: Request, session: OAuthAccessToken) => Response | Promise<Response>) => (req: Request) => Promise<Response>;
+declare const oAuthDiscoveryMetadata: <Auth extends {
+  api: {
+    getMcpOAuthConfig: (...args: any) => any;
+  };
+}>(auth: Auth) => (request: Request) => Promise<Response>;
+declare const oAuthProtectedResourceMetadata: <Auth extends {
+  api: {
+    getMCPProtectedResource: (...args: any) => any;
+  };
+}>(auth: Auth) => (request: Request) => Promise<Response>;
+//#endregion
+export { getMCPProtectedResourceMetadata, getMCPProviderMetadata, mcp, oAuthDiscoveryMetadata, oAuthProtectedResourceMetadata, withMcpAuth };
+//# sourceMappingURL=index.d.mts.map