@hazeljs/oauth 0.2.0-beta.49

package/dist/oauth.module.js

@@ -0,0 +1,27 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var OAuthModule_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OAuthModule = void 0;
+const core_1 = require("@hazeljs/core");
+const oauth_controller_1 = require("./oauth.controller");
+const oauth_service_1 = require("./oauth.service");
+let OAuthModule = OAuthModule_1 = class OAuthModule {
+    static forRoot(options) {
+        oauth_service_1.OAuthService.configure(options);
+        return OAuthModule_1;
+    }
+};
+exports.OAuthModule = OAuthModule;
+exports.OAuthModule = OAuthModule = OAuthModule_1 = __decorate([
+    (0, core_1.HazelModule)({
+        controllers: [oauth_controller_1.OAuthController],
+        providers: [oauth_service_1.OAuthService],
+        exports: [oauth_service_1.OAuthService],
+    })
+], OAuthModule);

package/dist/oauth.service.d.ts

@@ -0,0 +1,36 @@
+import type { OAuthModuleOptions, OAuthCallbackResult, OAuthAuthorizationResult, SupportedProvider } from './providers/provider.types';
+export declare class OAuthService {
+    private options;
+    private googleClient;
+    private microsoftClient;
+    private githubClient;
+    private facebookClient;
+    private twitterClient;
+    constructor();
+    private static options;
+    static configure(options: OAuthModuleOptions): void;
+    private static getOptions;
+    private initClients;
+    private getClient;
+    private getDefaultScopes;
+    /**
+     * Get the authorization URL to redirect the user to the OAuth provider.
+     * For PKCE providers (Google, Microsoft), store codeVerifier and pass it to handleCallback.
+     */
+    getAuthorizationUrl(provider: SupportedProvider, state?: string, scopes?: string[]): OAuthAuthorizationResult;
+    /**
+     * Exchange the authorization code for tokens and fetch user profile.
+     * For PKCE providers (Google, Microsoft), codeVerifier is required.
+     */
+    handleCallback(provider: SupportedProvider, code: string, state: string, codeVerifier?: string): Promise<OAuthCallbackResult>;
+    /**
+     * Validate that the state matches (CSRF protection).
+     * Use this when handling the callback to ensure the request originated from your app.
+     */
+    validateState(receivedState: string, storedState: string): boolean;
+    /**
+     * Generate a cryptographically secure state value for OAuth.
+     */
+    generateState(): string;
+}
+//# sourceMappingURL=oauth.service.d.ts.map

package/dist/oauth.service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth.service.d.ts","sourceRoot":"","sources":["../src/oauth.service.ts"],"names":[],"mappings":"AAmBA,OAAO,KAAK,EACV,kBAAkB,EAClB,mBAAmB,EACnB,wBAAwB,EACxB,iBAAiB,EAElB,MAAM,4BAA4B,CAAC;AAIpC,qBACa,YAAY;IACvB,OAAO,CAAC,OAAO,CAAqB;IACpC,OAAO,CAAC,YAAY,CAAwD;IAC5E,OAAO,CAAC,eAAe,CAA2D;IAClF,OAAO,CAAC,YAAY,CAAwD;IAC5E,OAAO,CAAC,cAAc,CAA0D;IAChF,OAAO,CAAC,aAAa,CAAyD;;IAO9E,OAAO,CAAC,MAAM,CAAC,OAAO,CAAmC;IAEzD,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,kBAAkB,GAAG,IAAI;IAInD,OAAO,CAAC,MAAM,CAAC,UAAU;IASzB,OAAO,CAAC,WAAW;IAkBnB,OAAO,CAAC,SAAS;IA8BjB,OAAO,CAAC,gBAAgB;IAmBxB;;;OAGG;IACH,mBAAmB,CACjB,QAAQ,EAAE,iBAAiB,EAC3B,KAAK,CAAC,EAAE,MAAM,EACd,MAAM,CAAC,EAAE,MAAM,EAAE,GAChB,wBAAwB;IA2B3B;;;OAGG;IACG,cAAc,CAClB,QAAQ,EAAE,iBAAiB,EAC3B,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,YAAY,CAAC,EAAE,MAAM,GACpB,OAAO,CAAC,mBAAmB,CAAC;IAuF/B;;;OAGG;IACH,aAAa,CAAC,aAAa,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO;IAIlE;;OAEG;IACH,aAAa,IAAI,MAAM;CAGxB"}

package/dist/oauth.service.js

@@ -0,0 +1,239 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var OAuthService_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OAuthService = void 0;
+const core_1 = require("@hazeljs/core");
+const arctic = __importStar(require("arctic"));
+const providers_1 = require("./providers");
+const PKCE_PROVIDERS = ['google', 'microsoft', 'twitter'];
+let OAuthService = OAuthService_1 = class OAuthService {
+    constructor() {
+        this.googleClient = null;
+        this.microsoftClient = null;
+        this.githubClient = null;
+        this.facebookClient = null;
+        this.twitterClient = null;
+        this.options = OAuthService_1.getOptions();
+        this.initClients();
+    }
+    static configure(options) {
+        OAuthService_1.options = options;
+    }
+    static getOptions() {
+        if (!OAuthService_1.options) {
+            throw new Error('OAuthModule not configured. Call OAuthModule.forRoot({ providers: {...} }) in your app module.');
+        }
+        return OAuthService_1.options;
+    }
+    initClients() {
+        if (this.options.providers.google) {
+            this.googleClient = (0, providers_1.createGoogleProvider)(this.options.providers.google);
+        }
+        if (this.options.providers.microsoft) {
+            this.microsoftClient = (0, providers_1.createMicrosoftProvider)(this.options.providers.microsoft);
+        }
+        if (this.options.providers.github) {
+            this.githubClient = (0, providers_1.createGitHubProvider)(this.options.providers.github);
+        }
+        if (this.options.providers.facebook) {
+            this.facebookClient = (0, providers_1.createFacebookProvider)(this.options.providers.facebook);
+        }
+        if (this.options.providers.twitter) {
+            this.twitterClient = (0, providers_1.createTwitterProvider)(this.options.providers.twitter);
+        }
+    }
+    getClient(provider) {
+        switch (provider) {
+            case 'google':
+                if (!this.googleClient)
+                    throw new Error('Google OAuth is not configured');
+                return this.googleClient;
+            case 'microsoft':
+                if (!this.microsoftClient)
+                    throw new Error('Microsoft OAuth is not configured');
+                return this.microsoftClient;
+            case 'github':
+                if (!this.githubClient)
+                    throw new Error('GitHub OAuth is not configured');
+                return this.githubClient;
+            case 'facebook':
+                if (!this.facebookClient)
+                    throw new Error('Facebook OAuth is not configured');
+                return this.facebookClient;
+            case 'twitter':
+                if (!this.twitterClient)
+                    throw new Error('Twitter OAuth is not configured');
+                return this.twitterClient;
+            default:
+                throw new Error(`Unsupported provider: ${provider}`);
+        }
+    }
+    getDefaultScopes(provider) {
+        const defaults = this.options.defaultScopes?.[provider];
+        if (defaults)
+            return defaults;
+        switch (provider) {
+            case 'google':
+                return (0, providers_1.getGoogleDefaultScopes)();
+            case 'microsoft':
+                return (0, providers_1.getMicrosoftDefaultScopes)();
+            case 'github':
+                return (0, providers_1.getGitHubDefaultScopes)();
+            case 'facebook':
+                return (0, providers_1.getFacebookDefaultScopes)();
+            case 'twitter':
+                return (0, providers_1.getTwitterDefaultScopes)();
+            default:
+                return [];
+        }
+    }
+    /**
+     * Get the authorization URL to redirect the user to the OAuth provider.
+     * For PKCE providers (Google, Microsoft), store codeVerifier and pass it to handleCallback.
+     */
+    getAuthorizationUrl(provider, state, scopes) {
+        const client = this.getClient(provider);
+        const resolvedState = state || arctic.generateState();
+        const resolvedScopes = scopes ?? this.getDefaultScopes(provider);
+        if (PKCE_PROVIDERS.includes(provider)) {
+            const codeVerifier = arctic.generateCodeVerifier();
+            const url = client.createAuthorizationURL(resolvedState, codeVerifier, resolvedScopes);
+            return {
+                url: url.toString(),
+                state: resolvedState,
+                codeVerifier,
+            };
+        }
+        // GitHub, Facebook - no PKCE
+        const url = client.createAuthorizationURL(resolvedState, resolvedScopes);
+        return {
+            url: url.toString(),
+            state: resolvedState,
+        };
+    }
+    /**
+     * Exchange the authorization code for tokens and fetch user profile.
+     * For PKCE providers (Google, Microsoft), codeVerifier is required.
+     */
+    async handleCallback(provider, code, state, codeVerifier) {
+        const client = this.getClient(provider);
+        const needsPkce = PKCE_PROVIDERS.includes(provider);
+        if (needsPkce && !codeVerifier) {
+            throw new Error(`Provider ${provider} requires codeVerifier (PKCE). Pass the codeVerifier from getAuthorizationUrl.`);
+        }
+        let accessToken;
+        let refreshToken;
+        let expiresAt;
+        try {
+            if (needsPkce && codeVerifier) {
+                const tokens = await client.validateAuthorizationCode(code, codeVerifier);
+                accessToken = tokens.accessToken();
+                refreshToken = tokens.hasRefreshToken() ? tokens.refreshToken() : undefined;
+                expiresAt = tokens.accessTokenExpiresAt();
+            }
+            else {
+                const tokens = await client.validateAuthorizationCode(code);
+                accessToken = tokens.accessToken();
+                refreshToken = tokens.hasRefreshToken() ? tokens.refreshToken() : undefined;
+                expiresAt = tokens.accessTokenExpiresAt();
+            }
+        }
+        catch (e) {
+            if (e instanceof arctic.OAuth2RequestError) {
+                throw new Error(`OAuth token exchange failed: ${e.code} - ${e.description || e.message}`);
+            }
+            if (e instanceof arctic.ArcticFetchError) {
+                const cause = e.cause;
+                throw new Error(`OAuth request failed: ${cause?.message || e.message}`);
+            }
+            throw e;
+        }
+        let user;
+        switch (provider) {
+            case 'google':
+                user = await (0, providers_1.fetchGoogleUser)(accessToken);
+                break;
+            case 'microsoft':
+                user = await (0, providers_1.fetchMicrosoftUser)(accessToken);
+                break;
+            case 'github':
+                user = await (0, providers_1.fetchGitHubUser)(accessToken);
+                break;
+            case 'facebook':
+                user = await (0, providers_1.fetchFacebookUser)(accessToken);
+                break;
+            case 'twitter':
+                user = await (0, providers_1.fetchTwitterUser)(accessToken);
+                break;
+            default:
+                throw new Error(`Unsupported provider: ${provider}`);
+        }
+        return {
+            accessToken,
+            refreshToken,
+            expiresAt,
+            user,
+        };
+    }
+    /**
+     * Validate that the state matches (CSRF protection).
+     * Use this when handling the callback to ensure the request originated from your app.
+     */
+    validateState(receivedState, storedState) {
+        return receivedState === storedState && receivedState.length > 0;
+    }
+    /**
+     * Generate a cryptographically secure state value for OAuth.
+     */
+    generateState() {
+        return arctic.generateState();
+    }
+};
+exports.OAuthService = OAuthService;
+OAuthService.options = null;
+exports.OAuthService = OAuthService = OAuthService_1 = __decorate([
+    (0, core_1.Injectable)(),
+    __metadata("design:paramtypes", [])
+], OAuthService);

package/dist/providers/facebook.provider.d.ts

@@ -0,0 +1,11 @@
+import * as arctic from 'arctic';
+import type { FacebookProviderConfig } from './provider.types';
+export declare function createFacebookProvider(config: FacebookProviderConfig): arctic.Facebook;
+export declare function getFacebookDefaultScopes(): string[];
+export declare function fetchFacebookUser(accessToken: string): Promise<{
+    id: string;
+    email: string;
+    name: string | null;
+    picture?: string | null;
+}>;
+//# sourceMappingURL=facebook.provider.d.ts.map

package/dist/providers/facebook.provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"facebook.provider.d.ts","sourceRoot":"","sources":["../../src/providers/facebook.provider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AACjC,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAI/D,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,sBAAsB,GAAG,MAAM,CAAC,QAAQ,CAEtF;AAED,wBAAgB,wBAAwB,IAAI,MAAM,EAAE,CAEnD;AAED,wBAAsB,iBAAiB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC;IACpE,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,CAAC,CAqBD"}

package/dist/providers/facebook.provider.js

@@ -0,0 +1,63 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createFacebookProvider = createFacebookProvider;
+exports.getFacebookDefaultScopes = getFacebookDefaultScopes;
+exports.fetchFacebookUser = fetchFacebookUser;
+const arctic = __importStar(require("arctic"));
+const DEFAULT_SCOPES = ['email', 'public_profile'];
+function createFacebookProvider(config) {
+    return new arctic.Facebook(config.clientId, config.clientSecret, config.redirectUri);
+}
+function getFacebookDefaultScopes() {
+    return [...DEFAULT_SCOPES];
+}
+async function fetchFacebookUser(accessToken) {
+    const params = new URLSearchParams();
+    params.set('access_token', accessToken);
+    params.set('fields', ['id', 'name', 'picture', 'email'].join(','));
+    const res = await fetch(`https://graph.facebook.com/me?${params.toString()}`);
+    if (!res.ok) {
+        throw new Error(`Failed to fetch Facebook user: ${res.status}`);
+    }
+    const data = (await res.json());
+    const pictureUrl = data.picture?.data?.url ?? null;
+    return {
+        id: data.id,
+        email: data.email || '',
+        name: data.name || null,
+        picture: pictureUrl,
+    };
+}

package/dist/providers/github.provider.d.ts

@@ -0,0 +1,11 @@
+import * as arctic from 'arctic';
+import type { GitHubProviderConfig } from './provider.types';
+export declare function createGitHubProvider(config: GitHubProviderConfig): arctic.GitHub;
+export declare function getGitHubDefaultScopes(): string[];
+export declare function fetchGitHubUser(accessToken: string): Promise<{
+    id: string;
+    email: string;
+    name: string | null;
+    picture?: string | null;
+}>;
+//# sourceMappingURL=github.provider.d.ts.map

package/dist/providers/github.provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"github.provider.d.ts","sourceRoot":"","sources":["../../src/providers/github.provider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AACjC,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAI7D,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAEhF;AAED,wBAAgB,sBAAsB,IAAI,MAAM,EAAE,CAEjD;AAED,wBAAsB,eAAe,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC;IAClE,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,CAAC,CAuCD"}

package/dist/providers/github.provider.js

@@ -0,0 +1,79 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createGitHubProvider = createGitHubProvider;
+exports.getGitHubDefaultScopes = getGitHubDefaultScopes;
+exports.fetchGitHubUser = fetchGitHubUser;
+const arctic = __importStar(require("arctic"));
+const DEFAULT_SCOPES = ['user:email'];
+function createGitHubProvider(config) {
+    return new arctic.GitHub(config.clientId, config.clientSecret, config.redirectUri);
+}
+function getGitHubDefaultScopes() {
+    return [...DEFAULT_SCOPES];
+}
+async function fetchGitHubUser(accessToken) {
+    const res = await fetch('https://api.github.com/user', {
+        headers: {
+            Authorization: `Bearer ${accessToken}`,
+            Accept: 'application/vnd.github+json',
+            'X-GitHub-Api-Version': '2022-11-28',
+        },
+    });
+    if (!res.ok) {
+        throw new Error(`Failed to fetch GitHub user: ${res.status}`);
+    }
+    const data = (await res.json());
+    let email = data.email || '';
+    if (!email) {
+        const emailsRes = await fetch('https://api.github.com/user/emails', {
+            headers: {
+                Authorization: `Bearer ${accessToken}`,
+                Accept: 'application/vnd.github+json',
+            },
+        });
+        if (emailsRes.ok) {
+            const emails = (await emailsRes.json());
+            const primary = emails.find((e) => e.primary) || emails[0];
+            email = primary?.email || '';
+        }
+    }
+    return {
+        id: String(data.id),
+        email,
+        name: data.name || null,
+        picture: data.avatar_url ?? null,
+    };
+}

package/dist/providers/google.provider.d.ts

@@ -0,0 +1,11 @@
+import * as arctic from 'arctic';
+import type { GoogleProviderConfig } from './provider.types';
+export declare function createGoogleProvider(config: GoogleProviderConfig): arctic.Google;
+export declare function getGoogleDefaultScopes(): string[];
+export declare function fetchGoogleUser(accessToken: string): Promise<{
+    id: string;
+    email: string;
+    name: string | null;
+    picture?: string | null;
+}>;
+//# sourceMappingURL=google.provider.d.ts.map

package/dist/providers/google.provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"google.provider.d.ts","sourceRoot":"","sources":["../../src/providers/google.provider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AACjC,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAI7D,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAEhF;AAED,wBAAgB,sBAAsB,IAAI,MAAM,EAAE,CAEjD;AAED,wBAAsB,eAAe,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC;IAClE,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,CAAC,CAmBD"}

package/dist/providers/google.provider.js

@@ -0,0 +1,61 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createGoogleProvider = createGoogleProvider;
+exports.getGoogleDefaultScopes = getGoogleDefaultScopes;
+exports.fetchGoogleUser = fetchGoogleUser;
+const arctic = __importStar(require("arctic"));
+const DEFAULT_SCOPES = ['openid', 'profile', 'email'];
+function createGoogleProvider(config) {
+    return new arctic.Google(config.clientId, config.clientSecret, config.redirectUri);
+}
+function getGoogleDefaultScopes() {
+    return [...DEFAULT_SCOPES];
+}
+async function fetchGoogleUser(accessToken) {
+    const res = await fetch('https://openidconnect.googleapis.com/v1/userinfo', {
+        headers: { Authorization: `Bearer ${accessToken}` },
+    });
+    if (!res.ok) {
+        throw new Error(`Failed to fetch Google user: ${res.status}`);
+    }
+    const data = (await res.json());
+    return {
+        id: data.sub,
+        email: data.email || '',
+        name: data.name || null,
+        picture: data.picture ?? null,
+    };
+}

package/dist/providers/index.d.ts

@@ -0,0 +1,7 @@
+export * from './provider.types';
+export * from './google.provider';
+export * from './microsoft.provider';
+export * from './github.provider';
+export * from './facebook.provider';
+export * from './twitter.provider';
+//# sourceMappingURL=index.d.ts.map

package/dist/providers/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/providers/index.ts"],"names":[],"mappings":"AAAA,cAAc,kBAAkB,CAAC;AACjC,cAAc,mBAAmB,CAAC;AAClC,cAAc,sBAAsB,CAAC;AACrC,cAAc,mBAAmB,CAAC;AAClC,cAAc,qBAAqB,CAAC;AACpC,cAAc,oBAAoB,CAAC"}

package/dist/providers/index.js

@@ -0,0 +1,22 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./provider.types"), exports);
+__exportStar(require("./google.provider"), exports);
+__exportStar(require("./microsoft.provider"), exports);
+__exportStar(require("./github.provider"), exports);
+__exportStar(require("./facebook.provider"), exports);
+__exportStar(require("./twitter.provider"), exports);

package/dist/providers/microsoft.provider.d.ts

@@ -0,0 +1,11 @@
+import * as arctic from 'arctic';
+import type { MicrosoftProviderConfig } from './provider.types';
+export declare function createMicrosoftProvider(config: MicrosoftProviderConfig): arctic.MicrosoftEntraId;
+export declare function getMicrosoftDefaultScopes(): string[];
+export declare function fetchMicrosoftUser(accessToken: string): Promise<{
+    id: string;
+    email: string;
+    name: string | null;
+    picture?: string | null;
+}>;
+//# sourceMappingURL=microsoft.provider.d.ts.map

package/dist/providers/microsoft.provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"microsoft.provider.d.ts","sourceRoot":"","sources":["../../src/providers/microsoft.provider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AACjC,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;AAIhE,wBAAgB,uBAAuB,CAAC,MAAM,EAAE,uBAAuB,GAAG,MAAM,CAAC,gBAAgB,CAQhG;AAED,wBAAgB,yBAAyB,IAAI,MAAM,EAAE,CAEpD;AAED,wBAAsB,kBAAkB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC;IACrE,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,CAAC,CAmBD"}