@hfunlabs/hypurr-connect 0.1.23 → 0.1.24
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -3
- package/dist/index.d.ts +0 -2
- package/dist/index.js +44 -13
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
- package/src/HypurrConnectProvider.tsx +52 -12
- package/src/types.ts +0 -2
package/package.json
CHANGED
|
@@ -375,19 +375,63 @@ function takeTelegramAuthSession(state: string):
|
|
|
375
375
|
return { codeVerifier, returnTo };
|
|
376
376
|
}
|
|
377
377
|
|
|
378
|
-
function
|
|
379
|
-
const configuredTokenUrl = tokenUrl?.trim();
|
|
380
|
-
if (configuredTokenUrl) return configuredTokenUrl;
|
|
381
|
-
|
|
378
|
+
function fallbackAuthTokenUrl(authHubUrl?: string): string {
|
|
382
379
|
const url = new URL(authHubUrl || DEFAULT_AUTH_HUB_URL);
|
|
383
|
-
|
|
384
|
-
const basePath = pathWithoutTrailingSlash.replace(/\/[^/]*$/, "");
|
|
385
|
-
url.pathname = `${basePath}/token`;
|
|
380
|
+
url.pathname = "/oauth/token";
|
|
386
381
|
url.search = "";
|
|
387
382
|
url.hash = "";
|
|
388
383
|
return url.toString();
|
|
389
384
|
}
|
|
390
385
|
|
|
386
|
+
function authMetadataUrls(authHubUrl?: string): string[] {
|
|
387
|
+
const authUrl = new URL(authHubUrl || DEFAULT_AUTH_HUB_URL);
|
|
388
|
+
const urls = [
|
|
389
|
+
new URL("/.well-known/oauth-authorization-server", authUrl).toString(),
|
|
390
|
+
new URL("/.well-known/openid-configuration", authUrl).toString(),
|
|
391
|
+
];
|
|
392
|
+
|
|
393
|
+
const authPath = authUrl.pathname.replace(/\/+$/, "");
|
|
394
|
+
const basePath = authPath.replace(/\/[^/]*$/, "");
|
|
395
|
+
if (basePath) {
|
|
396
|
+
urls.push(
|
|
397
|
+
new URL(
|
|
398
|
+
`/.well-known/oauth-authorization-server${basePath}`,
|
|
399
|
+
authUrl,
|
|
400
|
+
).toString(),
|
|
401
|
+
);
|
|
402
|
+
}
|
|
403
|
+
|
|
404
|
+
return Array.from(new Set(urls));
|
|
405
|
+
}
|
|
406
|
+
|
|
407
|
+
async function tokenUrlFromMetadata(
|
|
408
|
+
authHubUrl?: string,
|
|
409
|
+
): Promise<string | undefined> {
|
|
410
|
+
for (const metadataUrl of authMetadataUrls(authHubUrl)) {
|
|
411
|
+
try {
|
|
412
|
+
const response = await fetch(metadataUrl, {
|
|
413
|
+
headers: { accept: "application/json" },
|
|
414
|
+
});
|
|
415
|
+
if (!response.ok) continue;
|
|
416
|
+
const metadata = (await response.json()) as { token_endpoint?: unknown };
|
|
417
|
+
const tokenEndpoint = metadata.token_endpoint;
|
|
418
|
+
if (typeof tokenEndpoint === "string" && tokenEndpoint.trim()) {
|
|
419
|
+
return tokenEndpoint.trim();
|
|
420
|
+
}
|
|
421
|
+
} catch {
|
|
422
|
+
// Metadata discovery is best effort; fall back to the conventional route.
|
|
423
|
+
}
|
|
424
|
+
}
|
|
425
|
+
|
|
426
|
+
return undefined;
|
|
427
|
+
}
|
|
428
|
+
|
|
429
|
+
async function resolveAuthTokenUrl(authHubUrl?: string): Promise<string> {
|
|
430
|
+
return (
|
|
431
|
+
(await tokenUrlFromMetadata(authHubUrl)) || fallbackAuthTokenUrl(authHubUrl)
|
|
432
|
+
);
|
|
433
|
+
}
|
|
434
|
+
|
|
391
435
|
function getTokenFromExchangeResponse(data: unknown): string | null {
|
|
392
436
|
if (typeof data === "string") {
|
|
393
437
|
const token = data.trim();
|
|
@@ -412,14 +456,12 @@ async function exchangeTelegramAuthCode({
|
|
|
412
456
|
code,
|
|
413
457
|
codeVerifier,
|
|
414
458
|
returnTo,
|
|
415
|
-
tokenUrl,
|
|
416
459
|
}: {
|
|
417
460
|
authHubUrl?: string;
|
|
418
461
|
clientId: string;
|
|
419
462
|
code: string;
|
|
420
463
|
codeVerifier: string;
|
|
421
464
|
returnTo: string;
|
|
422
|
-
tokenUrl?: string;
|
|
423
465
|
}): Promise<string> {
|
|
424
466
|
const body = new URLSearchParams({
|
|
425
467
|
client_id: clientId,
|
|
@@ -429,7 +471,7 @@ async function exchangeTelegramAuthCode({
|
|
|
429
471
|
return_to: returnTo,
|
|
430
472
|
});
|
|
431
473
|
|
|
432
|
-
const response = await fetch(resolveAuthTokenUrl(authHubUrl
|
|
474
|
+
const response = await fetch(await resolveAuthTokenUrl(authHubUrl), {
|
|
433
475
|
method: "POST",
|
|
434
476
|
headers: {
|
|
435
477
|
accept: "application/json",
|
|
@@ -599,7 +641,6 @@ export function HypurrConnectProvider({
|
|
|
599
641
|
code: callback.code,
|
|
600
642
|
codeVerifier: authSession.codeVerifier,
|
|
601
643
|
returnTo: authSession.returnTo || currentReturnTo(),
|
|
602
|
-
tokenUrl: config.telegram?.tokenUrl,
|
|
603
644
|
})
|
|
604
645
|
.then(acceptTelegramToken)
|
|
605
646
|
.catch((err) =>
|
|
@@ -620,7 +661,6 @@ export function HypurrConnectProvider({
|
|
|
620
661
|
acceptTelegramToken,
|
|
621
662
|
config.clientId,
|
|
622
663
|
config.telegram?.authHubUrl,
|
|
623
|
-
config.telegram?.tokenUrl,
|
|
624
664
|
],
|
|
625
665
|
);
|
|
626
666
|
|
package/src/types.ts
CHANGED
|
@@ -33,8 +33,6 @@ export interface HypurrConnectConfig {
|
|
|
33
33
|
telegram?: {
|
|
34
34
|
/** Auth hub login URL. Defaults to https://auth.hypurr.fun/login. */
|
|
35
35
|
authHubUrl?: string;
|
|
36
|
-
/** Auth hub token exchange URL. Defaults to the auth hub login URL with `/login` replaced by `/token`. */
|
|
37
|
-
tokenUrl?: string;
|
|
38
36
|
/** Optional callback URL. Defaults to the current page without auth query params. */
|
|
39
37
|
returnTo?: string | (() => string);
|
|
40
38
|
/** Requested hub scopes. Defaults to the scopes required by this SDK. */
|