@logto/js 1.1.0 → 1.1.2

package/lib/consts/index.d.ts

@@ -0,0 +1,74 @@
+export declare const ContentType: {
+    formUrlEncoded: {
+        'Content-Type': string;
+    };
+};
+export declare enum TokenGrantType {
+    AuthorizationCode = "authorization_code",
+    RefreshToken = "refresh_token"
+}
+export declare enum QueryKey {
+    ClientId = "client_id",
+    Code = "code",
+    CodeChallenge = "code_challenge",
+    CodeChallengeMethod = "code_challenge_method",
+    CodeVerifier = "code_verifier",
+    Error = "error",
+    ErrorDescription = "error_description",
+    GrantType = "grant_type",
+    IdToken = "id_token",
+    IdTokenHint = "id_token_hint",
+    PostLogoutRedirectUri = "post_logout_redirect_uri",
+    Prompt = "prompt",
+    RedirectUri = "redirect_uri",
+    RefreshToken = "refresh_token",
+    Resource = "resource",
+    ResponseType = "response_type",
+    Scope = "scope",
+    State = "state",
+    Token = "token",
+    InteractionMode = "interaction_mode"
+}
+export declare enum Prompt {
+    Consent = "consent",
+    Login = "login"
+}
+export declare enum ReservedScope {
+    OpenId = "openid",
+    OfflineAccess = "offline_access"
+}
+/**
+ * Scopes for ID Token and Userinfo Endpoint.
+ */
+export declare enum UserScope {
+    /**
+     * Scope for basic user info.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    Profile = "profile",
+    /**
+     * Scope for user email address.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    Email = "email",
+    /**
+     * Scope for user phone number.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    Phone = "phone",
+    /**
+     * Scope for user's custom data.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    CustomData = "custom_data",
+    /**
+     * Scope for user's social identity details.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    Identities = "identities"
+}

package/lib/consts/index.js

@@ -0,0 +1,83 @@
+'use strict';
+
+const ContentType = {
+    formUrlEncoded: { 'Content-Type': 'application/x-www-form-urlencoded' },
+};
+exports.TokenGrantType = void 0;
+(function (TokenGrantType) {
+    TokenGrantType["AuthorizationCode"] = "authorization_code";
+    TokenGrantType["RefreshToken"] = "refresh_token";
+})(exports.TokenGrantType || (exports.TokenGrantType = {}));
+exports.QueryKey = void 0;
+(function (QueryKey) {
+    QueryKey["ClientId"] = "client_id";
+    QueryKey["Code"] = "code";
+    QueryKey["CodeChallenge"] = "code_challenge";
+    QueryKey["CodeChallengeMethod"] = "code_challenge_method";
+    QueryKey["CodeVerifier"] = "code_verifier";
+    QueryKey["Error"] = "error";
+    QueryKey["ErrorDescription"] = "error_description";
+    QueryKey["GrantType"] = "grant_type";
+    QueryKey["IdToken"] = "id_token";
+    QueryKey["IdTokenHint"] = "id_token_hint";
+    QueryKey["PostLogoutRedirectUri"] = "post_logout_redirect_uri";
+    QueryKey["Prompt"] = "prompt";
+    QueryKey["RedirectUri"] = "redirect_uri";
+    QueryKey["RefreshToken"] = "refresh_token";
+    QueryKey["Resource"] = "resource";
+    QueryKey["ResponseType"] = "response_type";
+    QueryKey["Scope"] = "scope";
+    QueryKey["State"] = "state";
+    QueryKey["Token"] = "token";
+    // Need to align with the OIDC extraParams settings in core
+    QueryKey["InteractionMode"] = "interaction_mode";
+})(exports.QueryKey || (exports.QueryKey = {}));
+exports.Prompt = void 0;
+(function (Prompt) {
+    Prompt["Consent"] = "consent";
+    Prompt["Login"] = "login";
+})(exports.Prompt || (exports.Prompt = {}));
+// TODO: @sijie @charles find a proper way to sync scopes constants with core
+exports.ReservedScope = void 0;
+(function (ReservedScope) {
+    ReservedScope["OpenId"] = "openid";
+    ReservedScope["OfflineAccess"] = "offline_access";
+})(exports.ReservedScope || (exports.ReservedScope = {}));
+/**
+ * Scopes for ID Token and Userinfo Endpoint.
+ */
+exports.UserScope = void 0;
+(function (UserScope) {
+    /**
+     * Scope for basic user info.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["Profile"] = "profile";
+    /**
+     * Scope for user email address.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["Email"] = "email";
+    /**
+     * Scope for user phone number.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["Phone"] = "phone";
+    /**
+     * Scope for user's custom data.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["CustomData"] = "custom_data";
+    /**
+     * Scope for user's social identity details.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["Identities"] = "identities";
+})(exports.UserScope || (exports.UserScope = {}));
+
+exports.ContentType = ContentType;

package/lib/consts/index.mjs

@@ -0,0 +1,81 @@
+const ContentType = {
+    formUrlEncoded: { 'Content-Type': 'application/x-www-form-urlencoded' },
+};
+var TokenGrantType;
+(function (TokenGrantType) {
+    TokenGrantType["AuthorizationCode"] = "authorization_code";
+    TokenGrantType["RefreshToken"] = "refresh_token";
+})(TokenGrantType || (TokenGrantType = {}));
+var QueryKey;
+(function (QueryKey) {
+    QueryKey["ClientId"] = "client_id";
+    QueryKey["Code"] = "code";
+    QueryKey["CodeChallenge"] = "code_challenge";
+    QueryKey["CodeChallengeMethod"] = "code_challenge_method";
+    QueryKey["CodeVerifier"] = "code_verifier";
+    QueryKey["Error"] = "error";
+    QueryKey["ErrorDescription"] = "error_description";
+    QueryKey["GrantType"] = "grant_type";
+    QueryKey["IdToken"] = "id_token";
+    QueryKey["IdTokenHint"] = "id_token_hint";
+    QueryKey["PostLogoutRedirectUri"] = "post_logout_redirect_uri";
+    QueryKey["Prompt"] = "prompt";
+    QueryKey["RedirectUri"] = "redirect_uri";
+    QueryKey["RefreshToken"] = "refresh_token";
+    QueryKey["Resource"] = "resource";
+    QueryKey["ResponseType"] = "response_type";
+    QueryKey["Scope"] = "scope";
+    QueryKey["State"] = "state";
+    QueryKey["Token"] = "token";
+    // Need to align with the OIDC extraParams settings in core
+    QueryKey["InteractionMode"] = "interaction_mode";
+})(QueryKey || (QueryKey = {}));
+var Prompt;
+(function (Prompt) {
+    Prompt["Consent"] = "consent";
+    Prompt["Login"] = "login";
+})(Prompt || (Prompt = {}));
+// TODO: @sijie @charles find a proper way to sync scopes constants with core
+var ReservedScope;
+(function (ReservedScope) {
+    ReservedScope["OpenId"] = "openid";
+    ReservedScope["OfflineAccess"] = "offline_access";
+})(ReservedScope || (ReservedScope = {}));
+/**
+ * Scopes for ID Token and Userinfo Endpoint.
+ */
+var UserScope;
+(function (UserScope) {
+    /**
+     * Scope for basic user info.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["Profile"] = "profile";
+    /**
+     * Scope for user email address.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["Email"] = "email";
+    /**
+     * Scope for user phone number.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["Phone"] = "phone";
+    /**
+     * Scope for user's custom data.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["CustomData"] = "custom_data";
+    /**
+     * Scope for user's social identity details.
+     *
+     * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
+     */
+    UserScope["Identities"] = "identities";
+})(UserScope || (UserScope = {}));
+
+export { ContentType, Prompt, QueryKey, ReservedScope, TokenGrantType, UserScope };

package/lib/core/fetch-token.d.ts

@@ -0,0 +1,36 @@
+import type { KeysToCamelCase } from '@silverhand/essentials';
+import type { Requester } from '../types';
+export type FetchTokenByAuthorizationCodeParameters = {
+    clientId: string;
+    tokenEndpoint: string;
+    redirectUri: string;
+    codeVerifier: string;
+    code: string;
+    resource?: string;
+};
+export type FetchTokenByRefreshTokenParameters = {
+    clientId: string;
+    tokenEndpoint: string;
+    refreshToken: string;
+    resource?: string;
+    scopes?: string[];
+};
+type SnakeCaseCodeTokenResponse = {
+    access_token: string;
+    refresh_token?: string;
+    id_token: string;
+    scope: string;
+    expires_in: number;
+};
+export type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;
+type SnakeCaseRefreshTokenTokenResponse = {
+    access_token: string;
+    refresh_token: string;
+    id_token?: string;
+    scope: string;
+    expires_in: number;
+};
+export type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;
+export declare const fetchTokenByAuthorizationCode: ({ clientId, tokenEndpoint, redirectUri, codeVerifier, code, resource, }: FetchTokenByAuthorizationCodeParameters, requester: Requester) => Promise<CodeTokenResponse>;
+export declare const fetchTokenByRefreshToken: ({ clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters, requester: Requester) => Promise<RefreshTokenTokenResponse>;
+export {};

package/lib/core/fetch-token.js

@@ -0,0 +1,47 @@
+'use strict';
+
+var camelcaseKeys = require('camelcase-keys');
+var index = require('../consts/index.js');
+
+function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
+
+var camelcaseKeys__default = /*#__PURE__*/_interopDefault(camelcaseKeys);
+
+const fetchTokenByAuthorizationCode = async ({ clientId, tokenEndpoint, redirectUri, codeVerifier, code, resource, }, requester) => {
+    const parameters = new URLSearchParams();
+    parameters.append(index.QueryKey.ClientId, clientId);
+    parameters.append(index.QueryKey.Code, code);
+    parameters.append(index.QueryKey.CodeVerifier, codeVerifier);
+    parameters.append(index.QueryKey.RedirectUri, redirectUri);
+    parameters.append(index.QueryKey.GrantType, index.TokenGrantType.AuthorizationCode);
+    if (resource) {
+        parameters.append(index.QueryKey.Resource, resource);
+    }
+    const snakeCaseCodeTokenResponse = await requester(tokenEndpoint, {
+        method: 'POST',
+        headers: index.ContentType.formUrlEncoded,
+        body: parameters,
+    });
+    return camelcaseKeys__default.default(snakeCaseCodeTokenResponse);
+};
+const fetchTokenByRefreshToken = async ({ clientId, tokenEndpoint, refreshToken, resource, scopes }, requester) => {
+    const parameters = new URLSearchParams();
+    parameters.append(index.QueryKey.ClientId, clientId);
+    parameters.append(index.QueryKey.RefreshToken, refreshToken);
+    parameters.append(index.QueryKey.GrantType, index.TokenGrantType.RefreshToken);
+    if (resource) {
+        parameters.append(index.QueryKey.Resource, resource);
+    }
+    if (scopes?.length) {
+        parameters.append(index.QueryKey.Scope, scopes.join(' '));
+    }
+    const snakeCaseRefreshTokenTokenResponse = await requester(tokenEndpoint, {
+        method: 'POST',
+        headers: index.ContentType.formUrlEncoded,
+        body: parameters,
+    });
+    return camelcaseKeys__default.default(snakeCaseRefreshTokenTokenResponse);
+};
+
+exports.fetchTokenByAuthorizationCode = fetchTokenByAuthorizationCode;
+exports.fetchTokenByRefreshToken = fetchTokenByRefreshToken;

package/lib/core/fetch-token.mjs

@@ -0,0 +1,40 @@
+import camelcaseKeys from 'camelcase-keys';
+import { QueryKey, TokenGrantType, ContentType } from '../consts/index.mjs';
+
+const fetchTokenByAuthorizationCode = async ({ clientId, tokenEndpoint, redirectUri, codeVerifier, code, resource, }, requester) => {
+    const parameters = new URLSearchParams();
+    parameters.append(QueryKey.ClientId, clientId);
+    parameters.append(QueryKey.Code, code);
+    parameters.append(QueryKey.CodeVerifier, codeVerifier);
+    parameters.append(QueryKey.RedirectUri, redirectUri);
+    parameters.append(QueryKey.GrantType, TokenGrantType.AuthorizationCode);
+    if (resource) {
+        parameters.append(QueryKey.Resource, resource);
+    }
+    const snakeCaseCodeTokenResponse = await requester(tokenEndpoint, {
+        method: 'POST',
+        headers: ContentType.formUrlEncoded,
+        body: parameters,
+    });
+    return camelcaseKeys(snakeCaseCodeTokenResponse);
+};
+const fetchTokenByRefreshToken = async ({ clientId, tokenEndpoint, refreshToken, resource, scopes }, requester) => {
+    const parameters = new URLSearchParams();
+    parameters.append(QueryKey.ClientId, clientId);
+    parameters.append(QueryKey.RefreshToken, refreshToken);
+    parameters.append(QueryKey.GrantType, TokenGrantType.RefreshToken);
+    if (resource) {
+        parameters.append(QueryKey.Resource, resource);
+    }
+    if (scopes?.length) {
+        parameters.append(QueryKey.Scope, scopes.join(' '));
+    }
+    const snakeCaseRefreshTokenTokenResponse = await requester(tokenEndpoint, {
+        method: 'POST',
+        headers: ContentType.formUrlEncoded,
+        body: parameters,
+    });
+    return camelcaseKeys(snakeCaseRefreshTokenTokenResponse);
+};
+
+export { fetchTokenByAuthorizationCode, fetchTokenByRefreshToken };

package/lib/core/fetch-token.test.d.ts

@@ -0,0 +1 @@
+export {};

package/lib/core/index.d.ts

@@ -0,0 +1,6 @@
+export * from './fetch-token';
+export * from './oidc-config';
+export * from './revoke';
+export * from './sign-in';
+export * from './sign-out';
+export * from './user-info';

package/lib/core/oidc-config.d.ts

@@ -0,0 +1,15 @@
+import type { KeysToCamelCase } from '@silverhand/essentials';
+import type { Requester } from '../types';
+type OidcConfigSnakeCaseResponse = {
+    authorization_endpoint: string;
+    token_endpoint: string;
+    userinfo_endpoint: string;
+    end_session_endpoint: string;
+    revocation_endpoint: string;
+    jwks_uri: string;
+    issuer: string;
+};
+export declare const discoveryPath = "/oidc/.well-known/openid-configuration";
+export type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;
+export declare const fetchOidcConfig: (endpoint: string, requester: Requester) => Promise<OidcConfigResponse>;
+export {};

package/lib/core/oidc-config.js

@@ -0,0 +1,13 @@
+'use strict';
+
+var camelcaseKeys = require('camelcase-keys');
+
+function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
+
+var camelcaseKeys__default = /*#__PURE__*/_interopDefault(camelcaseKeys);
+
+const discoveryPath = '/oidc/.well-known/openid-configuration';
+const fetchOidcConfig = async (endpoint, requester) => camelcaseKeys__default.default(await requester(endpoint));
+
+exports.discoveryPath = discoveryPath;
+exports.fetchOidcConfig = fetchOidcConfig;

package/lib/core/oidc-config.mjs

@@ -0,0 +1,6 @@
+import camelcaseKeys from 'camelcase-keys';
+
+const discoveryPath = '/oidc/.well-known/openid-configuration';
+const fetchOidcConfig = async (endpoint, requester) => camelcaseKeys(await requester(endpoint));
+
+export { discoveryPath, fetchOidcConfig };

package/lib/core/oidc-config.test.d.ts

@@ -0,0 +1 @@
+export {};

package/lib/core/revoke.d.ts

@@ -0,0 +1,2 @@
+import type { Requester } from '../types';
+export declare const revoke: (revocationEndpoint: string, clientId: string, token: string, requester: Requester) => Promise<void>;

package/lib/core/revoke.js

@@ -0,0 +1,14 @@
+'use strict';
+
+var index = require('../consts/index.js');
+
+const revoke = async (revocationEndpoint, clientId, token, requester) => requester(revocationEndpoint, {
+    method: 'POST',
+    headers: index.ContentType.formUrlEncoded,
+    body: new URLSearchParams({
+        [index.QueryKey.ClientId]: clientId,
+        [index.QueryKey.Token]: token,
+    }),
+});
+
+exports.revoke = revoke;

package/lib/core/revoke.mjs

@@ -0,0 +1,12 @@
+import { ContentType, QueryKey } from '../consts/index.mjs';
+
+const revoke = async (revocationEndpoint, clientId, token, requester) => requester(revocationEndpoint, {
+    method: 'POST',
+    headers: ContentType.formUrlEncoded,
+    body: new URLSearchParams({
+        [QueryKey.ClientId]: clientId,
+        [QueryKey.Token]: token,
+    }),
+});
+
+export { revoke };

package/lib/core/revoke.test.d.ts

@@ -0,0 +1 @@
+export {};

package/lib/core/sign-in.d.ts

@@ -0,0 +1,14 @@
+import { Prompt } from '../consts';
+import type { InteractionMode } from '../types';
+export type SignInUriParameters = {
+    authorizationEndpoint: string;
+    clientId: string;
+    redirectUri: string;
+    codeChallenge: string;
+    state: string;
+    scopes?: string[];
+    resources?: string[];
+    prompt?: Prompt;
+    interactionMode?: InteractionMode;
+};
+export declare const generateSignInUri: ({ authorizationEndpoint, clientId, redirectUri, codeChallenge, state, scopes, resources, prompt, interactionMode, }: SignInUriParameters) => string;

package/lib/core/sign-in.js

@@ -0,0 +1,32 @@
+'use strict';
+
+var index = require('../consts/index.js');
+require('@silverhand/essentials');
+require('lodash.get');
+require('jose');
+var scopes = require('../utils/scopes.js');
+
+const codeChallengeMethod = 'S256';
+const responseType = 'code';
+const generateSignInUri = ({ authorizationEndpoint, clientId, redirectUri, codeChallenge, state, scopes: scopes$1, resources, prompt, interactionMode, }) => {
+    const urlSearchParameters = new URLSearchParams({
+        [index.QueryKey.ClientId]: clientId,
+        [index.QueryKey.RedirectUri]: redirectUri,
+        [index.QueryKey.CodeChallenge]: codeChallenge,
+        [index.QueryKey.CodeChallengeMethod]: codeChallengeMethod,
+        [index.QueryKey.State]: state,
+        [index.QueryKey.ResponseType]: responseType,
+        [index.QueryKey.Prompt]: prompt ?? index.Prompt.Consent,
+        [index.QueryKey.Scope]: scopes.withDefaultScopes(scopes$1),
+    });
+    for (const resource of resources ?? []) {
+        urlSearchParameters.append(index.QueryKey.Resource, resource);
+    }
+    // Set interactionMode to signUp for a create account user experience
+    if (interactionMode) {
+        urlSearchParameters.append(index.QueryKey.InteractionMode, interactionMode);
+    }
+    return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;
+};
+
+exports.generateSignInUri = generateSignInUri;

package/lib/core/sign-in.mjs

@@ -0,0 +1,30 @@
+import { QueryKey, Prompt } from '../consts/index.mjs';
+import '@silverhand/essentials';
+import 'lodash.get';
+import 'jose';
+import { withDefaultScopes } from '../utils/scopes.mjs';
+
+const codeChallengeMethod = 'S256';
+const responseType = 'code';
+const generateSignInUri = ({ authorizationEndpoint, clientId, redirectUri, codeChallenge, state, scopes, resources, prompt, interactionMode, }) => {
+    const urlSearchParameters = new URLSearchParams({
+        [QueryKey.ClientId]: clientId,
+        [QueryKey.RedirectUri]: redirectUri,
+        [QueryKey.CodeChallenge]: codeChallenge,
+        [QueryKey.CodeChallengeMethod]: codeChallengeMethod,
+        [QueryKey.State]: state,
+        [QueryKey.ResponseType]: responseType,
+        [QueryKey.Prompt]: prompt ?? Prompt.Consent,
+        [QueryKey.Scope]: withDefaultScopes(scopes),
+    });
+    for (const resource of resources ?? []) {
+        urlSearchParameters.append(QueryKey.Resource, resource);
+    }
+    // Set interactionMode to signUp for a create account user experience
+    if (interactionMode) {
+        urlSearchParameters.append(QueryKey.InteractionMode, interactionMode);
+    }
+    return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;
+};
+
+export { generateSignInUri };

package/lib/core/sign-in.test.d.ts

@@ -0,0 +1 @@
+export {};

package/lib/core/sign-out.d.ts

@@ -0,0 +1,7 @@
+type SignOutUriParameters = {
+    endSessionEndpoint: string;
+    clientId: string;
+    postLogoutRedirectUri?: string;
+};
+export declare const generateSignOutUri: ({ endSessionEndpoint, clientId, postLogoutRedirectUri, }: SignOutUriParameters) => string;
+export {};

package/lib/core/sign-out.js

@@ -0,0 +1,13 @@
+'use strict';
+
+var index = require('../consts/index.js');
+
+const generateSignOutUri = ({ endSessionEndpoint, clientId, postLogoutRedirectUri, }) => {
+    const urlSearchParameters = new URLSearchParams({ [index.QueryKey.ClientId]: clientId });
+    if (postLogoutRedirectUri) {
+        urlSearchParameters.append(index.QueryKey.PostLogoutRedirectUri, postLogoutRedirectUri);
+    }
+    return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;
+};
+
+exports.generateSignOutUri = generateSignOutUri;

package/lib/core/sign-out.mjs

@@ -0,0 +1,11 @@
+import { QueryKey } from '../consts/index.mjs';
+
+const generateSignOutUri = ({ endSessionEndpoint, clientId, postLogoutRedirectUri, }) => {
+    const urlSearchParameters = new URLSearchParams({ [QueryKey.ClientId]: clientId });
+    if (postLogoutRedirectUri) {
+        urlSearchParameters.append(QueryKey.PostLogoutRedirectUri, postLogoutRedirectUri);
+    }
+    return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;
+};
+
+export { generateSignOutUri };

package/lib/core/sign-out.test.d.ts

@@ -0,0 +1 @@
+export {};

package/lib/core/user-info.d.ts

@@ -0,0 +1,20 @@
+import type { Nullable } from '@silverhand/essentials';
+import type { Requester } from '../types';
+type Identity = {
+    userId: string;
+    details?: Record<string, unknown>;
+};
+export type UserInfoResponse = {
+    sub: string;
+    name?: Nullable<string>;
+    username?: Nullable<string>;
+    picture?: Nullable<string>;
+    email?: Nullable<string>;
+    email_verified?: boolean;
+    phone_number?: Nullable<string>;
+    phone_number_verified?: boolean;
+    custom_data?: unknown;
+    identities?: Record<string, Identity>;
+};
+export declare const fetchUserInfo: (userInfoEndpoint: string, accessToken: string, requester: Requester) => Promise<UserInfoResponse>;
+export {};

package/lib/core/user-info.js

@@ -0,0 +1,7 @@
+'use strict';
+
+const fetchUserInfo = async (userInfoEndpoint, accessToken, requester) => requester(userInfoEndpoint, {
+    headers: { Authorization: `Bearer ${accessToken}` },
+});
+
+exports.fetchUserInfo = fetchUserInfo;

package/lib/core/user-info.mjs

@@ -0,0 +1,5 @@
+const fetchUserInfo = async (userInfoEndpoint, accessToken, requester) => requester(userInfoEndpoint, {
+    headers: { Authorization: `Bearer ${accessToken}` },
+});
+
+export { fetchUserInfo };

package/lib/core/user-info.test.d.ts

@@ -0,0 +1 @@
+export {};