@mulverse/mulguard-core 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +24 -0
- package/adapters.d.ts +522 -0
- package/adapters.d.ts.map +1 -0
- package/adapters.js +170 -0
- package/errors.d.ts +429 -0
- package/errors.d.ts.map +1 -0
- package/errors.js +473 -0
- package/index.d.ts +547 -0
- package/index.d.ts.map +1 -0
- package/index.js +142 -0
- package/jwt.d.ts +132 -0
- package/jwt.d.ts.map +1 -0
- package/jwt.js +123 -0
- package/lib/actions/callback/handle-login.d.ts +35 -0
- package/lib/actions/callback/handle-login.d.ts.map +1 -0
- package/lib/actions/callback/handle-login.js +275 -0
- package/lib/actions/callback/index.d.ts +5 -0
- package/lib/actions/callback/index.d.ts.map +1 -0
- package/lib/actions/callback/index.js +409 -0
- package/lib/actions/callback/oauth/callback.d.ts +36 -0
- package/lib/actions/callback/oauth/callback.d.ts.map +1 -0
- package/lib/actions/callback/oauth/callback.js +248 -0
- package/lib/actions/callback/oauth/checks.d.ts +70 -0
- package/lib/actions/callback/oauth/checks.d.ts.map +1 -0
- package/lib/actions/callback/oauth/checks.js +188 -0
- package/lib/actions/callback/oauth/csrf-token.d.ts +33 -0
- package/lib/actions/callback/oauth/csrf-token.d.ts.map +1 -0
- package/lib/actions/callback/oauth/csrf-token.js +39 -0
- package/lib/actions/index.d.ts +6 -0
- package/lib/actions/index.d.ts.map +1 -0
- package/lib/actions/index.js +5 -0
- package/lib/actions/session.d.ts +5 -0
- package/lib/actions/session.d.ts.map +1 -0
- package/lib/actions/session.js +127 -0
- package/lib/actions/signin/authorization-url.d.ts +12 -0
- package/lib/actions/signin/authorization-url.d.ts.map +1 -0
- package/lib/actions/signin/authorization-url.js +94 -0
- package/lib/actions/signin/index.d.ts +4 -0
- package/lib/actions/signin/index.d.ts.map +1 -0
- package/lib/actions/signin/index.js +22 -0
- package/lib/actions/signin/send-token.d.ts +10 -0
- package/lib/actions/signin/send-token.d.ts.map +1 -0
- package/lib/actions/signin/send-token.js +98 -0
- package/lib/actions/signout.d.ts +11 -0
- package/lib/actions/signout.d.ts.map +1 -0
- package/lib/actions/signout.js +30 -0
- package/lib/actions/webauthn-options.d.ts +8 -0
- package/lib/actions/webauthn-options.d.ts.map +1 -0
- package/lib/actions/webauthn-options.js +60 -0
- package/lib/index.d.ts +2 -0
- package/lib/index.d.ts.map +1 -0
- package/lib/index.js +70 -0
- package/lib/init.d.ts +25 -0
- package/lib/init.d.ts.map +1 -0
- package/lib/init.js +172 -0
- package/lib/pages/error.d.ts +17 -0
- package/lib/pages/error.d.ts.map +1 -0
- package/lib/pages/error.js +40 -0
- package/lib/pages/index.d.ts +42 -0
- package/lib/pages/index.d.ts.map +1 -0
- package/lib/pages/index.js +136 -0
- package/lib/pages/signin.d.ts +10 -0
- package/lib/pages/signin.d.ts.map +1 -0
- package/lib/pages/signin.js +75 -0
- package/lib/pages/signout.d.ts +8 -0
- package/lib/pages/signout.d.ts.map +1 -0
- package/lib/pages/signout.js +17 -0
- package/lib/pages/styles.d.ts +3 -0
- package/lib/pages/styles.d.ts.map +1 -0
- package/lib/pages/styles.js +381 -0
- package/lib/pages/verify-request.d.ts +8 -0
- package/lib/pages/verify-request.d.ts.map +1 -0
- package/lib/pages/verify-request.js +11 -0
- package/lib/symbols.d.ts +50 -0
- package/lib/symbols.d.ts.map +1 -0
- package/lib/symbols.js +57 -0
- package/lib/utils/actions.d.ts +3 -0
- package/lib/utils/actions.d.ts.map +1 -0
- package/lib/utils/actions.js +14 -0
- package/lib/utils/assert.d.ts +14 -0
- package/lib/utils/assert.d.ts.map +1 -0
- package/lib/utils/assert.js +168 -0
- package/lib/utils/callback-url.d.ts +17 -0
- package/lib/utils/callback-url.d.ts.map +1 -0
- package/lib/utils/callback-url.js +27 -0
- package/lib/utils/cookie.d.ts +111 -0
- package/lib/utils/cookie.d.ts.map +1 -0
- package/lib/utils/cookie.js +205 -0
- package/lib/utils/date.d.ts +7 -0
- package/lib/utils/date.d.ts.map +1 -0
- package/lib/utils/date.js +8 -0
- package/lib/utils/email.d.ts +20 -0
- package/lib/utils/email.d.ts.map +1 -0
- package/lib/utils/email.js +57 -0
- package/lib/utils/env.d.ts +9 -0
- package/lib/utils/env.d.ts.map +1 -0
- package/lib/utils/env.js +96 -0
- package/lib/utils/logger.d.ts +18 -0
- package/lib/utils/logger.d.ts.map +1 -0
- package/lib/utils/logger.js +50 -0
- package/lib/utils/merge.d.ts +3 -0
- package/lib/utils/merge.d.ts.map +1 -0
- package/lib/utils/merge.js +23 -0
- package/lib/utils/providers.d.ts +19 -0
- package/lib/utils/providers.d.ts.map +1 -0
- package/lib/utils/providers.js +149 -0
- package/lib/utils/session.d.ts +7 -0
- package/lib/utils/session.d.ts.map +1 -0
- package/lib/utils/session.js +29 -0
- package/lib/utils/web.d.ts +10 -0
- package/lib/utils/web.d.ts.map +1 -0
- package/lib/utils/web.js +109 -0
- package/lib/utils/webauthn-client.d.ts +30 -0
- package/lib/utils/webauthn-client.d.ts.map +1 -0
- package/lib/utils/webauthn-client.js +197 -0
- package/lib/utils/webauthn-utils.d.ts +81 -0
- package/lib/utils/webauthn-utils.d.ts.map +1 -0
- package/lib/utils/webauthn-utils.js +343 -0
- package/lib/vendored/cookie.d.ts +120 -0
- package/lib/vendored/cookie.d.ts.map +1 -0
- package/lib/vendored/cookie.js +237 -0
- package/package.json +118 -0
- package/providers/42-school.d.ts +240 -0
- package/providers/42-school.d.ts.map +1 -0
- package/providers/42-school.js +78 -0
- package/providers/apple.d.ts +149 -0
- package/providers/apple.d.ts.map +1 -0
- package/providers/apple.js +104 -0
- package/providers/asgardeo.d.ts +102 -0
- package/providers/asgardeo.d.ts.map +1 -0
- package/providers/asgardeo.js +93 -0
- package/providers/atlassian.d.ts +94 -0
- package/providers/atlassian.d.ts.map +1 -0
- package/providers/atlassian.js +84 -0
- package/providers/auth0.d.ts +116 -0
- package/providers/auth0.d.ts.map +1 -0
- package/providers/auth0.js +49 -0
- package/providers/authentik.d.ts +90 -0
- package/providers/authentik.d.ts.map +1 -0
- package/providers/authentik.js +65 -0
- package/providers/azure-ad-b2c.d.ts +104 -0
- package/providers/azure-ad-b2c.d.ts.map +1 -0
- package/providers/azure-ad-b2c.js +100 -0
- package/providers/azure-ad.d.ts +19 -0
- package/providers/azure-ad.d.ts.map +1 -0
- package/providers/azure-ad.js +23 -0
- package/providers/azure-devops.d.ts +128 -0
- package/providers/azure-devops.d.ts.map +1 -0
- package/providers/azure-devops.js +158 -0
- package/providers/bankid-no.d.ts +134 -0
- package/providers/bankid-no.d.ts.map +1 -0
- package/providers/bankid-no.js +65 -0
- package/providers/battlenet.d.ts +85 -0
- package/providers/battlenet.d.ts.map +1 -0
- package/providers/battlenet.js +81 -0
- package/providers/beyondidentity.d.ts +77 -0
- package/providers/beyondidentity.d.ts.map +1 -0
- package/providers/beyondidentity.js +84 -0
- package/providers/bitbucket.d.ts +89 -0
- package/providers/bitbucket.d.ts.map +1 -0
- package/providers/bitbucket.js +92 -0
- package/providers/box.d.ts +63 -0
- package/providers/box.d.ts.map +1 -0
- package/providers/box.js +73 -0
- package/providers/boxyhq-saml.d.ts +121 -0
- package/providers/boxyhq-saml.d.ts.map +1 -0
- package/providers/boxyhq-saml.js +127 -0
- package/providers/bungie.d.ts +167 -0
- package/providers/bungie.d.ts.map +1 -0
- package/providers/bungie.js +174 -0
- package/providers/click-up.d.ts +75 -0
- package/providers/click-up.d.ts.map +1 -0
- package/providers/click-up.js +89 -0
- package/providers/cognito.d.ts +81 -0
- package/providers/cognito.d.ts.map +1 -0
- package/providers/cognito.js +73 -0
- package/providers/coinbase.d.ts +69 -0
- package/providers/coinbase.d.ts.map +1 -0
- package/providers/coinbase.js +78 -0
- package/providers/concept2.d.ts +81 -0
- package/providers/concept2.d.ts.map +1 -0
- package/providers/concept2.js +86 -0
- package/providers/credentials.d.ts +132 -0
- package/providers/credentials.d.ts.map +1 -0
- package/providers/credentials.js +74 -0
- package/providers/descope.d.ts +91 -0
- package/providers/descope.d.ts.map +1 -0
- package/providers/descope.js +78 -0
- package/providers/discord.d.ts +139 -0
- package/providers/discord.d.ts.map +1 -0
- package/providers/discord.js +86 -0
- package/providers/dribbble.d.ts +88 -0
- package/providers/dribbble.d.ts.map +1 -0
- package/providers/dribbble.js +85 -0
- package/providers/dropbox.d.ts +65 -0
- package/providers/dropbox.d.ts.map +1 -0
- package/providers/dropbox.js +88 -0
- package/providers/duende-identity-server6.d.ts +91 -0
- package/providers/duende-identity-server6.d.ts.map +1 -0
- package/providers/duende-identity-server6.js +80 -0
- package/providers/email.d.ts +41 -0
- package/providers/email.d.ts.map +1 -0
- package/providers/email.js +18 -0
- package/providers/eventbrite.d.ts +78 -0
- package/providers/eventbrite.d.ts.map +1 -0
- package/providers/eventbrite.js +88 -0
- package/providers/eveonline.d.ts +94 -0
- package/providers/eveonline.d.ts.map +1 -0
- package/providers/eveonline.js +92 -0
- package/providers/facebook.d.ts +84 -0
- package/providers/facebook.d.ts.map +1 -0
- package/providers/facebook.js +93 -0
- package/providers/faceit.d.ts +64 -0
- package/providers/faceit.d.ts.map +1 -0
- package/providers/faceit.js +74 -0
- package/providers/figma.d.ts +75 -0
- package/providers/figma.d.ts.map +1 -0
- package/providers/figma.js +81 -0
- package/providers/forwardemail.d.ts +4 -0
- package/providers/forwardemail.d.ts.map +1 -0
- package/providers/forwardemail.js +32 -0
- package/providers/foursquare.d.ts +71 -0
- package/providers/foursquare.d.ts.map +1 -0
- package/providers/foursquare.js +91 -0
- package/providers/freshbooks.d.ts +66 -0
- package/providers/freshbooks.d.ts.map +1 -0
- package/providers/freshbooks.js +76 -0
- package/providers/frontegg.d.ts +95 -0
- package/providers/frontegg.d.ts.map +1 -0
- package/providers/frontegg.js +88 -0
- package/providers/fusionauth.d.ts +279 -0
- package/providers/fusionauth.d.ts.map +1 -0
- package/providers/fusionauth.js +292 -0
- package/providers/github.d.ts +127 -0
- package/providers/github.d.ts.map +1 -0
- package/providers/github.js +115 -0
- package/providers/gitlab.d.ts +115 -0
- package/providers/gitlab.d.ts.map +1 -0
- package/providers/gitlab.js +75 -0
- package/providers/google.d.ts +138 -0
- package/providers/google.d.ts.map +1 -0
- package/providers/google.js +119 -0
- package/providers/hubspot.d.ts +76 -0
- package/providers/hubspot.d.ts.map +1 -0
- package/providers/hubspot.js +93 -0
- package/providers/huggingface.d.ts +216 -0
- package/providers/huggingface.d.ts.map +1 -0
- package/providers/huggingface.js +101 -0
- package/providers/identity-server4.d.ts +69 -0
- package/providers/identity-server4.d.ts.map +1 -0
- package/providers/identity-server4.js +64 -0
- package/providers/index.d.ts +61 -0
- package/providers/index.d.ts.map +1 -0
- package/providers/index.js +3 -0
- package/providers/instagram.d.ts +74 -0
- package/providers/instagram.d.ts.map +1 -0
- package/providers/instagram.js +87 -0
- package/providers/kakao.d.ts +148 -0
- package/providers/kakao.d.ts.map +1 -0
- package/providers/kakao.js +103 -0
- package/providers/keycloak.d.ts +100 -0
- package/providers/keycloak.d.ts.map +1 -0
- package/providers/keycloak.js +73 -0
- package/providers/kinde.d.ts +73 -0
- package/providers/kinde.d.ts.map +1 -0
- package/providers/kinde.js +51 -0
- package/providers/line.d.ts +83 -0
- package/providers/line.d.ts.map +1 -0
- package/providers/line.js +73 -0
- package/providers/linkedin.d.ts +77 -0
- package/providers/linkedin.d.ts.map +1 -0
- package/providers/linkedin.js +65 -0
- package/providers/logto.d.ts +98 -0
- package/providers/logto.d.ts.map +1 -0
- package/providers/logto.js +81 -0
- package/providers/loops.d.ts +40 -0
- package/providers/loops.d.ts.map +1 -0
- package/providers/loops.js +59 -0
- package/providers/mailchimp.d.ts +66 -0
- package/providers/mailchimp.d.ts.map +1 -0
- package/providers/mailchimp.js +76 -0
- package/providers/mailgun.d.ts +55 -0
- package/providers/mailgun.d.ts.map +1 -0
- package/providers/mailgun.js +74 -0
- package/providers/mailru.d.ts +63 -0
- package/providers/mailru.d.ts.map +1 -0
- package/providers/mailru.js +61 -0
- package/providers/mastodon.d.ts +90 -0
- package/providers/mastodon.d.ts.map +1 -0
- package/providers/mastodon.js +75 -0
- package/providers/mattermost.d.ts +132 -0
- package/providers/mattermost.d.ts.map +1 -0
- package/providers/mattermost.js +83 -0
- package/providers/medium.d.ts +68 -0
- package/providers/medium.d.ts.map +1 -0
- package/providers/medium.js +84 -0
- package/providers/microsoft-entra-id.d.ts +428 -0
- package/providers/microsoft-entra-id.d.ts.map +1 -0
- package/providers/microsoft-entra-id.js +156 -0
- package/providers/naver.d.ts +80 -0
- package/providers/naver.d.ts.map +1 -0
- package/providers/naver.js +79 -0
- package/providers/netlify.d.ts +66 -0
- package/providers/netlify.d.ts.map +1 -0
- package/providers/netlify.js +85 -0
- package/providers/netsuite.d.ts +189 -0
- package/providers/netsuite.d.ts.map +1 -0
- package/providers/netsuite.js +170 -0
- package/providers/nextcloud.d.ts +150 -0
- package/providers/nextcloud.d.ts.map +1 -0
- package/providers/nextcloud.js +99 -0
- package/providers/nodemailer.d.ts +27 -0
- package/providers/nodemailer.d.ts.map +1 -0
- package/providers/nodemailer.js +34 -0
- package/providers/notion.d.ts +99 -0
- package/providers/notion.d.ts.map +1 -0
- package/providers/notion.js +110 -0
- package/providers/oauth.d.ts +188 -0
- package/providers/oauth.d.ts.map +1 -0
- package/providers/oauth.js +1 -0
- package/providers/okta.d.ts +99 -0
- package/providers/okta.d.ts.map +1 -0
- package/providers/okta.js +63 -0
- package/providers/onelogin.d.ts +65 -0
- package/providers/onelogin.d.ts.map +1 -0
- package/providers/onelogin.js +61 -0
- package/providers/ory-hydra.d.ts +79 -0
- package/providers/ory-hydra.d.ts.map +1 -0
- package/providers/ory-hydra.js +67 -0
- package/providers/osso.d.ts +79 -0
- package/providers/osso.d.ts.map +1 -0
- package/providers/osso.js +77 -0
- package/providers/osu.d.ts +116 -0
- package/providers/osu.d.ts.map +1 -0
- package/providers/osu.js +75 -0
- package/providers/passage.d.ts +88 -0
- package/providers/passage.d.ts.map +1 -0
- package/providers/passage.js +75 -0
- package/providers/passkey.d.ts +65 -0
- package/providers/passkey.d.ts.map +1 -0
- package/providers/passkey.js +87 -0
- package/providers/patreon.d.ts +73 -0
- package/providers/patreon.d.ts.map +1 -0
- package/providers/patreon.js +77 -0
- package/providers/ping-id.d.ts +57 -0
- package/providers/ping-id.d.ts.map +1 -0
- package/providers/ping-id.js +40 -0
- package/providers/pinterest.d.ts +79 -0
- package/providers/pinterest.d.ts.map +1 -0
- package/providers/pinterest.js +85 -0
- package/providers/pipedrive.d.ts +99 -0
- package/providers/pipedrive.d.ts.map +1 -0
- package/providers/pipedrive.js +71 -0
- package/providers/postmark.d.ts +4 -0
- package/providers/postmark.d.ts.map +1 -0
- package/providers/postmark.js +36 -0
- package/providers/provider-types.d.ts +3 -0
- package/providers/provider-types.d.ts.map +1 -0
- package/providers/provider-types.js +1 -0
- package/providers/reddit.d.ts +88 -0
- package/providers/reddit.d.ts.map +1 -0
- package/providers/reddit.js +90 -0
- package/providers/resend.d.ts +4 -0
- package/providers/resend.d.ts.map +1 -0
- package/providers/resend.js +32 -0
- package/providers/roblox.d.ts +67 -0
- package/providers/roblox.d.ts.map +1 -0
- package/providers/roblox.js +53 -0
- package/providers/salesforce.d.ts +59 -0
- package/providers/salesforce.d.ts.map +1 -0
- package/providers/salesforce.js +52 -0
- package/providers/sendgrid.d.ts +4 -0
- package/providers/sendgrid.d.ts.map +1 -0
- package/providers/sendgrid.js +35 -0
- package/providers/simplelogin.d.ts +87 -0
- package/providers/simplelogin.d.ts.map +1 -0
- package/providers/simplelogin.js +83 -0
- package/providers/slack.d.ts +102 -0
- package/providers/slack.d.ts.map +1 -0
- package/providers/slack.js +69 -0
- package/providers/spotify.d.ts +75 -0
- package/providers/spotify.d.ts.map +1 -0
- package/providers/spotify.js +73 -0
- package/providers/strava.d.ts +68 -0
- package/providers/strava.d.ts.map +1 -0
- package/providers/strava.js +80 -0
- package/providers/threads.d.ts +108 -0
- package/providers/threads.d.ts.map +1 -0
- package/providers/threads.js +89 -0
- package/providers/tiktok.d.ts +248 -0
- package/providers/tiktok.d.ts.map +1 -0
- package/providers/tiktok.js +195 -0
- package/providers/todoist.d.ts +76 -0
- package/providers/todoist.d.ts.map +1 -0
- package/providers/todoist.js +97 -0
- package/providers/trakt.d.ts +93 -0
- package/providers/trakt.d.ts.map +1 -0
- package/providers/trakt.js +91 -0
- package/providers/twitch.d.ts +71 -0
- package/providers/twitch.d.ts.map +1 -0
- package/providers/twitch.js +96 -0
- package/providers/twitter.d.ts +183 -0
- package/providers/twitter.d.ts.map +1 -0
- package/providers/twitter.js +100 -0
- package/providers/united-effects.d.ts +80 -0
- package/providers/united-effects.d.ts.map +1 -0
- package/providers/united-effects.js +72 -0
- package/providers/vipps.d.ts +71 -0
- package/providers/vipps.d.ts.map +1 -0
- package/providers/vipps.js +33 -0
- package/providers/vk.d.ts +334 -0
- package/providers/vk.d.ts.map +1 -0
- package/providers/vk.js +103 -0
- package/providers/webauthn.d.ts +148 -0
- package/providers/webauthn.d.ts.map +1 -0
- package/providers/webauthn.js +128 -0
- package/providers/webex.d.ts +78 -0
- package/providers/webex.d.ts.map +1 -0
- package/providers/webex.js +73 -0
- package/providers/wechat.d.ts +78 -0
- package/providers/wechat.d.ts.map +1 -0
- package/providers/wechat.js +105 -0
- package/providers/wikimedia.d.ts +99 -0
- package/providers/wikimedia.d.ts.map +1 -0
- package/providers/wikimedia.js +90 -0
- package/providers/wordpress.d.ts +65 -0
- package/providers/wordpress.d.ts.map +1 -0
- package/providers/wordpress.js +71 -0
- package/providers/workos.d.ts +154 -0
- package/providers/workos.d.ts.map +1 -0
- package/providers/workos.js +143 -0
- package/providers/yandex.d.ts +131 -0
- package/providers/yandex.d.ts.map +1 -0
- package/providers/yandex.js +80 -0
- package/providers/zitadel.d.ts +117 -0
- package/providers/zitadel.d.ts.map +1 -0
- package/providers/zitadel.js +95 -0
- package/providers/zoho.d.ts +63 -0
- package/providers/zoho.d.ts.map +1 -0
- package/providers/zoho.js +79 -0
- package/providers/zoom.d.ts +93 -0
- package/providers/zoom.d.ts.map +1 -0
- package/providers/zoom.js +82 -0
- package/src/adapters/server-actions-helpers.ts +126 -0
- package/src/adapters.ts +603 -0
- package/src/errors.ts +551 -0
- package/src/index.ts +689 -0
- package/src/jwt.ts +283 -0
- package/src/lib/actions/callback/handle-login.ts +334 -0
- package/src/lib/actions/callback/index.ts +554 -0
- package/src/lib/actions/callback/oauth/callback.ts +347 -0
- package/src/lib/actions/callback/oauth/checks.ts +258 -0
- package/src/lib/actions/callback/oauth/csrf-token.ts +60 -0
- package/src/lib/actions/index.ts +5 -0
- package/src/lib/actions/session.ts +167 -0
- package/src/lib/actions/signin/authorization-url.ts +123 -0
- package/src/lib/actions/signin/index.ts +37 -0
- package/src/lib/actions/signin/send-token.ts +124 -0
- package/src/lib/actions/signout.ts +38 -0
- package/src/lib/actions/webauthn-options.ts +100 -0
- package/src/lib/index.ts +97 -0
- package/src/lib/init.ts +236 -0
- package/src/lib/pages/error.tsx +106 -0
- package/src/lib/pages/index.ts +181 -0
- package/src/lib/pages/signin.tsx +255 -0
- package/src/lib/pages/signout.tsx +49 -0
- package/src/lib/pages/styles.css +377 -0
- package/src/lib/pages/styles.ts +381 -0
- package/src/lib/pages/verify-request.tsx +36 -0
- package/src/lib/symbols.ts +60 -0
- package/src/lib/utils/actions.ts +17 -0
- package/src/lib/utils/assert.ts +259 -0
- package/src/lib/utils/callback-url.ts +42 -0
- package/src/lib/utils/cookie.ts +248 -0
- package/src/lib/utils/date.ts +8 -0
- package/src/lib/utils/email.ts +65 -0
- package/src/lib/utils/env.ts +113 -0
- package/src/lib/utils/logger.ts +75 -0
- package/src/lib/utils/merge.ts +30 -0
- package/src/lib/utils/providers.ts +203 -0
- package/src/lib/utils/session.ts +41 -0
- package/src/lib/utils/web.ts +151 -0
- package/src/lib/utils/webauthn-client.js +229 -0
- package/src/lib/utils/webauthn-utils.ts +531 -0
- package/src/lib/vendored/cookie.ts +383 -0
- package/src/providers/42-school.ts +256 -0
- package/src/providers/apple.ts +206 -0
- package/src/providers/asgardeo.ts +118 -0
- package/src/providers/atlassian.ts +120 -0
- package/src/providers/auth0.ts +127 -0
- package/src/providers/authentik.ts +100 -0
- package/src/providers/azure-ad-b2c.ts +124 -0
- package/src/providers/azure-ad.ts +30 -0
- package/src/providers/azure-devops.ts +184 -0
- package/src/providers/bankid-no.ts +161 -0
- package/src/providers/battlenet.ts +107 -0
- package/src/providers/beyondidentity.ts +102 -0
- package/src/providers/bitbucket.ts +122 -0
- package/src/providers/box.ts +87 -0
- package/src/providers/boxyhq-saml.ts +148 -0
- package/src/providers/bungie.ts +192 -0
- package/src/providers/click-up.ts +104 -0
- package/src/providers/cognito.ts +94 -0
- package/src/providers/coinbase.ts +93 -0
- package/src/providers/concept2.ts +108 -0
- package/src/providers/credentials.ts +157 -0
- package/src/providers/descope.ts +105 -0
- package/src/providers/discord.ts +176 -0
- package/src/providers/dribbble.ts +122 -0
- package/src/providers/dropbox.ts +102 -0
- package/src/providers/duende-identity-server6.ts +101 -0
- package/src/providers/email.ts +60 -0
- package/src/providers/eventbrite.ts +105 -0
- package/src/providers/eveonline.ts +117 -0
- package/src/providers/facebook.ts +119 -0
- package/src/providers/faceit.ts +90 -0
- package/src/providers/figma.ts +105 -0
- package/src/providers/forwardemail.ts +37 -0
- package/src/providers/foursquare.ts +105 -0
- package/src/providers/freshbooks.ts +90 -0
- package/src/providers/frontegg.ts +111 -0
- package/src/providers/fusionauth.ts +336 -0
- package/src/providers/github.ts +187 -0
- package/src/providers/gitlab.ts +140 -0
- package/src/providers/google.ts +152 -0
- package/src/providers/hubspot.ts +117 -0
- package/src/providers/huggingface.ts +234 -0
- package/src/providers/identity-server4.ts +78 -0
- package/src/providers/index.ts +115 -0
- package/src/providers/instagram.ts +103 -0
- package/src/providers/kakao.ts +184 -0
- package/src/providers/keycloak.ts +111 -0
- package/src/providers/kinde.ts +85 -0
- package/src/providers/line.ts +99 -0
- package/src/providers/linkedin.ts +91 -0
- package/src/providers/logto.ts +122 -0
- package/src/providers/loops.ts +79 -0
- package/src/providers/mailchimp.ts +90 -0
- package/src/providers/mailgun.ts +98 -0
- package/src/providers/mailru.ts +75 -0
- package/src/providers/mastodon.ts +112 -0
- package/src/providers/mattermost.ts +154 -0
- package/src/providers/medium.ts +89 -0
- package/src/providers/microsoft-entra-id.ts +497 -0
- package/src/providers/naver.ts +102 -0
- package/src/providers/netlify.ts +90 -0
- package/src/providers/netsuite.ts +225 -0
- package/src/providers/nextcloud.ts +207 -0
- package/src/providers/nodemailer.ts +84 -0
- package/src/providers/notion.ts +166 -0
- package/src/providers/oauth.ts +310 -0
- package/src/providers/okta.ts +111 -0
- package/src/providers/onelogin.ts +75 -0
- package/src/providers/ory-hydra.ts +93 -0
- package/src/providers/osso.ts +91 -0
- package/src/providers/osu.ts +138 -0
- package/src/providers/passage.ts +103 -0
- package/src/providers/passkey.ts +94 -0
- package/src/providers/patreon.ts +98 -0
- package/src/providers/ping-id.ts +68 -0
- package/src/providers/pinterest.ts +106 -0
- package/src/providers/pipedrive.ts +120 -0
- package/src/providers/postmark.ts +38 -0
- package/src/providers/provider-types.ts +107 -0
- package/src/providers/reddit.ts +104 -0
- package/src/providers/resend.ts +35 -0
- package/src/providers/roblox.ts +94 -0
- package/src/providers/salesforce.ts +73 -0
- package/src/providers/sendgrid.ts +36 -0
- package/src/providers/simplelogin.ts +107 -0
- package/src/providers/slack.ts +115 -0
- package/src/providers/spotify.ts +99 -0
- package/src/providers/strava.ts +101 -0
- package/src/providers/threads.ts +135 -0
- package/src/providers/tiktok.ts +319 -0
- package/src/providers/todoist.ts +122 -0
- package/src/providers/trakt.ts +120 -0
- package/src/providers/twitch.ts +121 -0
- package/src/providers/twitter.ts +207 -0
- package/src/providers/united-effects.ts +89 -0
- package/src/providers/vipps.ts +86 -0
- package/src/providers/vk.ts +401 -0
- package/src/providers/webauthn.ts +296 -0
- package/src/providers/webex.ts +102 -0
- package/src/providers/wechat.ts +141 -0
- package/src/providers/wikimedia.ts +258 -0
- package/src/providers/wordpress.ts +86 -0
- package/src/providers/workos.ts +180 -0
- package/src/providers/yandex.ts +159 -0
- package/src/providers/zitadel.ts +128 -0
- package/src/providers/zoho.ts +84 -0
- package/src/providers/zoom.ts +119 -0
- package/src/types.ts +430 -0
- package/src/warnings.ts +21 -0
- package/types.d.ts +309 -0
- package/types.d.ts.map +1 -0
- package/types.js +53 -0
- package/warnings.d.ts +17 -0
- package/warnings.d.ts.map +1 -0
- package/warnings.js +1 -0
package/errors.js
ADDED
|
@@ -0,0 +1,473 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Base error class for all Auth.js errors.
|
|
3
|
+
* It's optimized to be printed in the server logs in a nicely formatted way
|
|
4
|
+
* via the [`logger.error`](https://authjs.dev/reference/core#logger) option.
|
|
5
|
+
* @noInheritDoc
|
|
6
|
+
*/
|
|
7
|
+
export class AuthError extends Error {
|
|
8
|
+
/** @internal */
|
|
9
|
+
constructor(message, errorOptions) {
|
|
10
|
+
if (message instanceof Error) {
|
|
11
|
+
super(undefined, {
|
|
12
|
+
cause: { err: message, ...message.cause, ...errorOptions },
|
|
13
|
+
});
|
|
14
|
+
}
|
|
15
|
+
else if (typeof message === "string") {
|
|
16
|
+
if (errorOptions instanceof Error) {
|
|
17
|
+
errorOptions = { err: errorOptions, ...errorOptions.cause };
|
|
18
|
+
}
|
|
19
|
+
super(message, errorOptions);
|
|
20
|
+
}
|
|
21
|
+
else {
|
|
22
|
+
super(undefined, message);
|
|
23
|
+
}
|
|
24
|
+
this.name = this.constructor.name;
|
|
25
|
+
// @ts-expect-error https://github.com/microsoft/TypeScript/issues/3841
|
|
26
|
+
this.type = this.constructor.type ?? "AuthError";
|
|
27
|
+
// @ts-expect-error https://github.com/microsoft/TypeScript/issues/3841
|
|
28
|
+
this.kind = this.constructor.kind ?? "error";
|
|
29
|
+
Error.captureStackTrace?.(this, this.constructor);
|
|
30
|
+
const url = `https://errors.authjs.dev#${this.type.toLowerCase()}`;
|
|
31
|
+
this.message += `${this.message ? ". " : ""}Read more at ${url}`;
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
/**
|
|
35
|
+
* Thrown when the user's sign-in attempt failed.
|
|
36
|
+
* @noInheritDoc
|
|
37
|
+
*/
|
|
38
|
+
export class SignInError extends AuthError {
|
|
39
|
+
}
|
|
40
|
+
/** @internal */
|
|
41
|
+
SignInError.kind = "signIn";
|
|
42
|
+
/**
|
|
43
|
+
* One of the database [`Adapter` methods](https://authjs.dev/reference/core/adapters#methods)
|
|
44
|
+
* failed during execution.
|
|
45
|
+
*
|
|
46
|
+
* :::tip
|
|
47
|
+
* If `debug: true` is set, you can check out `[auth][debug]` in the logs to learn more about the failed adapter method execution.
|
|
48
|
+
* @example
|
|
49
|
+
* ```sh
|
|
50
|
+
* [auth][debug]: adapter_getUserByEmail
|
|
51
|
+
* { "args": [undefined] }
|
|
52
|
+
* ```
|
|
53
|
+
* :::
|
|
54
|
+
* @noInheritDoc
|
|
55
|
+
*/
|
|
56
|
+
export class AdapterError extends AuthError {
|
|
57
|
+
}
|
|
58
|
+
AdapterError.type = "AdapterError";
|
|
59
|
+
/**
|
|
60
|
+
* Thrown when the execution of the [`signIn` callback](https://authjs.dev/reference/core/types#signin) fails
|
|
61
|
+
* or if it returns `false`.
|
|
62
|
+
* @noInheritDoc
|
|
63
|
+
*/
|
|
64
|
+
export class AccessDenied extends AuthError {
|
|
65
|
+
}
|
|
66
|
+
AccessDenied.type = "AccessDenied";
|
|
67
|
+
/**
|
|
68
|
+
* This error occurs when the user cannot finish login.
|
|
69
|
+
* Depending on the provider type, this could have happened for multiple reasons.
|
|
70
|
+
*
|
|
71
|
+
* :::tip
|
|
72
|
+
* Check out `[auth][details]` in the logs to know which provider failed.
|
|
73
|
+
* @example
|
|
74
|
+
* ```sh
|
|
75
|
+
* [auth][details]: { "provider": "github" }
|
|
76
|
+
* ```
|
|
77
|
+
* :::
|
|
78
|
+
*
|
|
79
|
+
* For an [OAuth provider](https://authjs.dev/getting-started/authentication/oauth), possible causes are:
|
|
80
|
+
* - The user denied access to the application
|
|
81
|
+
* - There was an error parsing the OAuth Profile:
|
|
82
|
+
* Check out the provider's `profile` or `userinfo.request` method to make sure
|
|
83
|
+
* it correctly fetches the user's profile.
|
|
84
|
+
* - The `signIn` or `jwt` callback methods threw an uncaught error:
|
|
85
|
+
* Check the callback method implementations.
|
|
86
|
+
*
|
|
87
|
+
* For an [Email provider](https://authjs.dev/getting-started/authentication/email), possible causes are:
|
|
88
|
+
* - The provided email/token combination was invalid/missing:
|
|
89
|
+
* Check if the provider's `sendVerificationRequest` method correctly sends the email.
|
|
90
|
+
* - The provided email/token combination has expired:
|
|
91
|
+
* Ask the user to log in again.
|
|
92
|
+
* - There was an error with the database:
|
|
93
|
+
* Check the database logs.
|
|
94
|
+
*
|
|
95
|
+
* For a [Credentials provider](https://authjs.dev/getting-started/authentication/credentials), possible causes are:
|
|
96
|
+
* - The `authorize` method threw an uncaught error:
|
|
97
|
+
* Check the provider's `authorize` method.
|
|
98
|
+
* - The `signIn` or `jwt` callback methods threw an uncaught error:
|
|
99
|
+
* Check the callback method implementations.
|
|
100
|
+
*
|
|
101
|
+
* :::tip
|
|
102
|
+
* Check out `[auth][cause]` in the error message for more details.
|
|
103
|
+
* It will show the original stack trace.
|
|
104
|
+
* :::
|
|
105
|
+
* @noInheritDoc
|
|
106
|
+
*/
|
|
107
|
+
export class CallbackRouteError extends AuthError {
|
|
108
|
+
}
|
|
109
|
+
CallbackRouteError.type = "CallbackRouteError";
|
|
110
|
+
/**
|
|
111
|
+
* Thrown when Auth.js is misconfigured and accidentally tried to require authentication on a custom error page.
|
|
112
|
+
* To prevent an infinite loop, Auth.js will instead render its default error page.
|
|
113
|
+
*
|
|
114
|
+
* To fix this, make sure that the `error` page does not require authentication.
|
|
115
|
+
*
|
|
116
|
+
* Learn more at [Guide: Error pages](https://authjs.dev/guides/pages/error)
|
|
117
|
+
* @noInheritDoc
|
|
118
|
+
*/
|
|
119
|
+
export class ErrorPageLoop extends AuthError {
|
|
120
|
+
}
|
|
121
|
+
ErrorPageLoop.type = "ErrorPageLoop";
|
|
122
|
+
/**
|
|
123
|
+
* One of the [`events` methods](https://authjs.dev/reference/core/types#eventcallbacks)
|
|
124
|
+
* failed during execution.
|
|
125
|
+
*
|
|
126
|
+
* Make sure that the `events` methods are implemented correctly and uncaught errors are handled.
|
|
127
|
+
*
|
|
128
|
+
* Learn more at [`events`](https://authjs.dev/reference/core/types#eventcallbacks)
|
|
129
|
+
* @noInheritDoc
|
|
130
|
+
*/
|
|
131
|
+
export class EventError extends AuthError {
|
|
132
|
+
}
|
|
133
|
+
EventError.type = "EventError";
|
|
134
|
+
/**
|
|
135
|
+
* Thrown when Auth.js is unable to verify a `callbackUrl` value.
|
|
136
|
+
* The browser either disabled cookies or the `callbackUrl` is not a valid URL.
|
|
137
|
+
*
|
|
138
|
+
* Somebody might have tried to manipulate the callback URL that Auth.js uses to redirect the user back to the configured `callbackUrl`/page.
|
|
139
|
+
* This could be a malicious hacker trying to redirect the user to a phishing site.
|
|
140
|
+
* To prevent this, Auth.js checks if the callback URL is valid and throws this error if it is not.
|
|
141
|
+
*
|
|
142
|
+
* There is no action required, but it might be an indicator that somebody is trying to attack your application.
|
|
143
|
+
* @noInheritDoc
|
|
144
|
+
*/
|
|
145
|
+
export class InvalidCallbackUrl extends AuthError {
|
|
146
|
+
}
|
|
147
|
+
InvalidCallbackUrl.type = "InvalidCallbackUrl";
|
|
148
|
+
/**
|
|
149
|
+
* Can be thrown from the `authorize` callback of the Credentials provider.
|
|
150
|
+
* When an error occurs during the `authorize` callback, two things can happen:
|
|
151
|
+
* 1. The user is redirected to the signin page, with `error=CredentialsSignin&code=credentials` in the URL. `code` is configurable.
|
|
152
|
+
* 2. If you throw this error in a framework that handles form actions server-side, this error is thrown, instead of redirecting the user, so you'll need to handle.
|
|
153
|
+
* @noInheritDoc
|
|
154
|
+
*/
|
|
155
|
+
export class CredentialsSignin extends SignInError {
|
|
156
|
+
constructor() {
|
|
157
|
+
super(...arguments);
|
|
158
|
+
/**
|
|
159
|
+
* The error code that is set in the `code` query parameter of the redirect URL.
|
|
160
|
+
*
|
|
161
|
+
*
|
|
162
|
+
* ⚠ NOTE: This property is going to be included in the URL, so make sure it does not hint at sensitive errors.
|
|
163
|
+
*
|
|
164
|
+
* The full error is always logged on the server, if you need to debug.
|
|
165
|
+
*
|
|
166
|
+
* Generally, we don't recommend hinting specifically if the user had either a wrong username or password specifically,
|
|
167
|
+
* try rather something like "Invalid credentials".
|
|
168
|
+
*/
|
|
169
|
+
this.code = "credentials";
|
|
170
|
+
}
|
|
171
|
+
}
|
|
172
|
+
CredentialsSignin.type = "CredentialsSignin";
|
|
173
|
+
/**
|
|
174
|
+
* One of the configured OAuth or OIDC providers is missing the `authorization`, `token` or `userinfo`, or `issuer` configuration.
|
|
175
|
+
* To perform OAuth or OIDC sign in, at least one of these endpoints is required.
|
|
176
|
+
*
|
|
177
|
+
* Learn more at [`OAuth2Config`](https://authjs.dev/reference/core/providers#oauth2configprofile) or [Guide: OAuth Provider](https://authjs.dev/guides/configuring-oauth-providers)
|
|
178
|
+
* @noInheritDoc
|
|
179
|
+
*/
|
|
180
|
+
export class InvalidEndpoints extends AuthError {
|
|
181
|
+
}
|
|
182
|
+
InvalidEndpoints.type = "InvalidEndpoints";
|
|
183
|
+
/**
|
|
184
|
+
* Thrown when a PKCE, state or nonce OAuth check could not be performed.
|
|
185
|
+
* This could happen if the OAuth provider is configured incorrectly or if the browser is blocking cookies.
|
|
186
|
+
*
|
|
187
|
+
* Learn more at [`checks`](https://authjs.dev/reference/core/providers#checks)
|
|
188
|
+
* @noInheritDoc
|
|
189
|
+
*/
|
|
190
|
+
export class InvalidCheck extends AuthError {
|
|
191
|
+
}
|
|
192
|
+
InvalidCheck.type = "InvalidCheck";
|
|
193
|
+
/**
|
|
194
|
+
* Logged on the server when Auth.js could not decode or encode a JWT-based (`strategy: "jwt"`) session.
|
|
195
|
+
*
|
|
196
|
+
* Possible causes are either a misconfigured `secret` or a malformed JWT or `encode/decode` methods.
|
|
197
|
+
*
|
|
198
|
+
* :::note
|
|
199
|
+
* When this error is logged, the session cookie is destroyed.
|
|
200
|
+
* :::
|
|
201
|
+
*
|
|
202
|
+
* Learn more at [`secret`](https://authjs.dev/reference/core#secret), [`jwt.encode`](https://authjs.dev/reference/core/jwt#encode-1) or [`jwt.decode`](https://authjs.dev/reference/core/jwt#decode-2) for more information.
|
|
203
|
+
* @noInheritDoc
|
|
204
|
+
*/
|
|
205
|
+
export class JWTSessionError extends AuthError {
|
|
206
|
+
}
|
|
207
|
+
JWTSessionError.type = "JWTSessionError";
|
|
208
|
+
/**
|
|
209
|
+
* Thrown if Auth.js is misconfigured. This could happen if you configured an Email provider but did not set up a database adapter,
|
|
210
|
+
* or tried using a `strategy: "database"` session without a database adapter.
|
|
211
|
+
* In both cases, make sure you either remove the configuration or add the missing adapter.
|
|
212
|
+
*
|
|
213
|
+
* Learn more at [Database Adapters](https://authjs.dev/getting-started/database), [Email provider](https://authjs.dev/getting-started/authentication/email) or [Concept: Database session strategy](https://authjs.dev/concepts/session-strategies#database-session)
|
|
214
|
+
* @noInheritDoc
|
|
215
|
+
*/
|
|
216
|
+
export class MissingAdapter extends AuthError {
|
|
217
|
+
}
|
|
218
|
+
MissingAdapter.type = "MissingAdapter";
|
|
219
|
+
/**
|
|
220
|
+
* Thrown similarily to [`MissingAdapter`](https://authjs.dev/reference/core/errors#missingadapter), but only some required methods were missing.
|
|
221
|
+
*
|
|
222
|
+
* Make sure you either remove the configuration or add the missing methods to the adapter.
|
|
223
|
+
*
|
|
224
|
+
* Learn more at [Database Adapters](https://authjs.dev/getting-started/database)
|
|
225
|
+
* @noInheritDoc
|
|
226
|
+
*/
|
|
227
|
+
export class MissingAdapterMethods extends AuthError {
|
|
228
|
+
}
|
|
229
|
+
MissingAdapterMethods.type = "MissingAdapterMethods";
|
|
230
|
+
/**
|
|
231
|
+
* Thrown when a Credentials provider is missing the `authorize` configuration.
|
|
232
|
+
* To perform credentials sign in, the `authorize` method is required.
|
|
233
|
+
*
|
|
234
|
+
* Learn more at [Credentials provider](https://authjs.dev/getting-started/authentication/credentials)
|
|
235
|
+
* @noInheritDoc
|
|
236
|
+
*/
|
|
237
|
+
export class MissingAuthorize extends AuthError {
|
|
238
|
+
}
|
|
239
|
+
MissingAuthorize.type = "MissingAuthorize";
|
|
240
|
+
/**
|
|
241
|
+
* Auth.js requires a secret or multiple secrets to be set, but none was not found. This is used to encrypt cookies, JWTs and other sensitive data.
|
|
242
|
+
*
|
|
243
|
+
* :::note
|
|
244
|
+
* If you are using a framework like Next.js, we try to automatically infer the secret from the `AUTH_SECRET`, `AUTH_SECRET_1`, etc. environment variables.
|
|
245
|
+
* Alternatively, you can also explicitly set the [`AuthConfig.secret`](https://authjs.dev/reference/core#secret) option.
|
|
246
|
+
* :::
|
|
247
|
+
*
|
|
248
|
+
*
|
|
249
|
+
* :::tip
|
|
250
|
+
* To generate a random string, you can use the Auth.js CLI: `npx auth secret`
|
|
251
|
+
* :::
|
|
252
|
+
* @noInheritDoc
|
|
253
|
+
*/
|
|
254
|
+
export class MissingSecret extends AuthError {
|
|
255
|
+
}
|
|
256
|
+
MissingSecret.type = "MissingSecret";
|
|
257
|
+
/**
|
|
258
|
+
* Thrown when an Email address is already associated with an account
|
|
259
|
+
* but the user is trying an OAuth account that is not linked to it.
|
|
260
|
+
*
|
|
261
|
+
* For security reasons, Auth.js does not automatically link OAuth accounts to existing accounts if the user is not signed in.
|
|
262
|
+
*
|
|
263
|
+
* :::tip
|
|
264
|
+
* If you trust the OAuth provider to have verified the user's email address,
|
|
265
|
+
* you can enable automatic account linking by setting [`allowDangerousEmailAccountLinking: true`](https://authjs.dev/reference/core/providers#allowdangerousemailaccountlinking)
|
|
266
|
+
* in the provider configuration.
|
|
267
|
+
* :::
|
|
268
|
+
* @noInheritDoc
|
|
269
|
+
*/
|
|
270
|
+
export class OAuthAccountNotLinked extends SignInError {
|
|
271
|
+
}
|
|
272
|
+
OAuthAccountNotLinked.type = "OAuthAccountNotLinked";
|
|
273
|
+
/**
|
|
274
|
+
* Thrown when an OAuth provider returns an error during the sign in process.
|
|
275
|
+
* This could happen for example if the user denied access to the application or there was a configuration error.
|
|
276
|
+
*
|
|
277
|
+
* For a full list of possible reasons, check out the specification [Authorization Code Grant: Error Response](https://www.rfc-editor.org/rfc/rfc6749#section-4.1.2.1)
|
|
278
|
+
* @noInheritDoc
|
|
279
|
+
*/
|
|
280
|
+
export class OAuthCallbackError extends SignInError {
|
|
281
|
+
}
|
|
282
|
+
OAuthCallbackError.type = "OAuthCallbackError";
|
|
283
|
+
/**
|
|
284
|
+
* This error occurs during an OAuth sign in attempt when the provider's
|
|
285
|
+
* response could not be parsed. This could for example happen if the provider's API
|
|
286
|
+
* changed, or the [`OAuth2Config.profile`](https://authjs.dev/reference/core/providers#oauth2configprofile) method is not implemented correctly.
|
|
287
|
+
* @noInheritDoc
|
|
288
|
+
*/
|
|
289
|
+
export class OAuthProfileParseError extends AuthError {
|
|
290
|
+
}
|
|
291
|
+
OAuthProfileParseError.type = "OAuthProfileParseError";
|
|
292
|
+
/**
|
|
293
|
+
* Logged on the server when Auth.js could not retrieve a session from the database (`strategy: "database"`).
|
|
294
|
+
*
|
|
295
|
+
* The database adapter might be misconfigured or the database is not reachable.
|
|
296
|
+
*
|
|
297
|
+
* Learn more at [Concept: Database session strategy](https://authjs.dev/concepts/session-strategies#database)
|
|
298
|
+
* @noInheritDoc
|
|
299
|
+
*/
|
|
300
|
+
export class SessionTokenError extends AuthError {
|
|
301
|
+
}
|
|
302
|
+
SessionTokenError.type = "SessionTokenError";
|
|
303
|
+
/**
|
|
304
|
+
* Happens when login by [OAuth](https://authjs.dev/getting-started/authentication/oauth) could not be started.
|
|
305
|
+
*
|
|
306
|
+
* Possible causes are:
|
|
307
|
+
* - The Authorization Server is not compliant with the [OAuth 2.0](https://www.ietf.org/rfc/rfc6749.html) or the [OIDC](https://openid.net/specs/openid-connect-core-1_0.html) specification.
|
|
308
|
+
* Check the details in the error message.
|
|
309
|
+
*
|
|
310
|
+
* :::tip
|
|
311
|
+
* Check out `[auth][details]` in the logs to know which provider failed.
|
|
312
|
+
* @example
|
|
313
|
+
* ```sh
|
|
314
|
+
* [auth][details]: { "provider": "github" }
|
|
315
|
+
* ```
|
|
316
|
+
* :::
|
|
317
|
+
* @noInheritDoc
|
|
318
|
+
*/
|
|
319
|
+
export class OAuthSignInError extends SignInError {
|
|
320
|
+
}
|
|
321
|
+
OAuthSignInError.type = "OAuthSignInError";
|
|
322
|
+
/**
|
|
323
|
+
* Happens when the login by an [Email provider](https://authjs.dev/getting-started/authentication/email) could not be started.
|
|
324
|
+
*
|
|
325
|
+
* Possible causes are:
|
|
326
|
+
* - The email sent from the client is invalid, could not be normalized by [`EmailConfig.normalizeIdentifier`](https://authjs.dev/reference/core/providers/email#normalizeidentifier)
|
|
327
|
+
* - The provided email/token combination has expired:
|
|
328
|
+
* Ask the user to log in again.
|
|
329
|
+
* - There was an error with the database:
|
|
330
|
+
* Check the database logs.
|
|
331
|
+
* @noInheritDoc
|
|
332
|
+
*/
|
|
333
|
+
export class EmailSignInError extends SignInError {
|
|
334
|
+
}
|
|
335
|
+
EmailSignInError.type = "EmailSignInError";
|
|
336
|
+
/**
|
|
337
|
+
* Represents an error that occurs during the sign-out process. This error
|
|
338
|
+
* is logged when there are issues in terminating a user's session, either
|
|
339
|
+
* by failing to delete the session from the database (in database session
|
|
340
|
+
* strategies) or encountering issues during other parts of the sign-out
|
|
341
|
+
* process, such as emitting sign-out events or clearing session cookies.
|
|
342
|
+
*
|
|
343
|
+
* The session cookie(s) are emptied even if this error is logged.
|
|
344
|
+
* @noInheritDoc
|
|
345
|
+
*/
|
|
346
|
+
export class SignOutError extends AuthError {
|
|
347
|
+
}
|
|
348
|
+
SignOutError.type = "SignOutError";
|
|
349
|
+
/**
|
|
350
|
+
* Auth.js was requested to handle an operation that it does not support.
|
|
351
|
+
*
|
|
352
|
+
* See [`AuthAction`](https://authjs.dev/reference/core/types#authaction) for the supported actions.
|
|
353
|
+
* @noInheritDoc
|
|
354
|
+
*/
|
|
355
|
+
export class UnknownAction extends AuthError {
|
|
356
|
+
}
|
|
357
|
+
UnknownAction.type = "UnknownAction";
|
|
358
|
+
/**
|
|
359
|
+
* Thrown when a Credentials provider is present but the JWT strategy (`strategy: "jwt"`) is not enabled.
|
|
360
|
+
*
|
|
361
|
+
* Learn more at [`strategy`](https://authjs.dev/reference/core#strategy) or [Credentials provider](https://authjs.dev/getting-started/authentication/credentials)
|
|
362
|
+
* @noInheritDoc
|
|
363
|
+
*/
|
|
364
|
+
export class UnsupportedStrategy extends AuthError {
|
|
365
|
+
}
|
|
366
|
+
UnsupportedStrategy.type = "UnsupportedStrategy";
|
|
367
|
+
/**
|
|
368
|
+
* Thrown when an endpoint was incorrectly called without a provider, or with an unsupported provider.
|
|
369
|
+
* @noInheritDoc
|
|
370
|
+
*/
|
|
371
|
+
export class InvalidProvider extends AuthError {
|
|
372
|
+
}
|
|
373
|
+
InvalidProvider.type = "InvalidProvider";
|
|
374
|
+
/**
|
|
375
|
+
* Thrown when the `trustHost` option was not set to `true`.
|
|
376
|
+
*
|
|
377
|
+
* Auth.js requires the `trustHost` option to be set to `true` since it's relying on the request headers' `host` value.
|
|
378
|
+
*
|
|
379
|
+
* :::note
|
|
380
|
+
* Official Auth.js libraries might attempt to automatically set the `trustHost` option to `true` if the request is coming from a trusted host on a trusted platform.
|
|
381
|
+
* :::
|
|
382
|
+
*
|
|
383
|
+
* Learn more at [`trustHost`](https://authjs.dev/reference/core#trusthost) or [Guide: Deployment](https://authjs.dev/getting-started/deployment)
|
|
384
|
+
* @noInheritDoc
|
|
385
|
+
*/
|
|
386
|
+
export class UntrustedHost extends AuthError {
|
|
387
|
+
}
|
|
388
|
+
UntrustedHost.type = "UntrustedHost";
|
|
389
|
+
/**
|
|
390
|
+
* The user's email/token combination was invalid.
|
|
391
|
+
* This could be because the email/token combination was not found in the database,
|
|
392
|
+
* or because the token has expired. Ask the user to log in again.
|
|
393
|
+
* @noInheritDoc
|
|
394
|
+
*/
|
|
395
|
+
export class Verification extends AuthError {
|
|
396
|
+
}
|
|
397
|
+
Verification.type = "Verification";
|
|
398
|
+
/**
|
|
399
|
+
* Error for missing CSRF tokens in client-side actions (`signIn`, `signOut`, `useSession#update`).
|
|
400
|
+
* Thrown when actions lack the double submit cookie, essential for CSRF protection.
|
|
401
|
+
*
|
|
402
|
+
* CSRF ([Cross-Site Request Forgery](https://owasp.org/www-community/attacks/csrf))
|
|
403
|
+
* is an attack leveraging authenticated user credentials for unauthorized actions.
|
|
404
|
+
*
|
|
405
|
+
* Double submit cookie pattern, a CSRF defense, requires matching values in a cookie
|
|
406
|
+
* and request parameter. More on this at [MDN Web Docs](https://developer.mozilla.org/en-US/docs/Glossary/CSRF).
|
|
407
|
+
* @noInheritDoc
|
|
408
|
+
*/
|
|
409
|
+
export class MissingCSRF extends SignInError {
|
|
410
|
+
}
|
|
411
|
+
MissingCSRF.type = "MissingCSRF";
|
|
412
|
+
const clientErrors = new Set([
|
|
413
|
+
"CredentialsSignin",
|
|
414
|
+
"OAuthAccountNotLinked",
|
|
415
|
+
"OAuthCallbackError",
|
|
416
|
+
"AccessDenied",
|
|
417
|
+
"Verification",
|
|
418
|
+
"MissingCSRF",
|
|
419
|
+
"AccountNotLinked",
|
|
420
|
+
"WebAuthnVerificationError",
|
|
421
|
+
]);
|
|
422
|
+
/**
|
|
423
|
+
* Used to only allow sending a certain subset of errors to the client.
|
|
424
|
+
* Errors are always logged on the server, but to prevent leaking sensitive information,
|
|
425
|
+
* only a subset of errors are sent to the client as-is.
|
|
426
|
+
* @internal
|
|
427
|
+
*/
|
|
428
|
+
export function isClientError(error) {
|
|
429
|
+
if (error instanceof AuthError)
|
|
430
|
+
return clientErrors.has(error.type);
|
|
431
|
+
return false;
|
|
432
|
+
}
|
|
433
|
+
/**
|
|
434
|
+
* Thrown when multiple providers have `enableConditionalUI` set to `true`.
|
|
435
|
+
* Only one provider can have this option enabled at a time.
|
|
436
|
+
* @noInheritDoc
|
|
437
|
+
*/
|
|
438
|
+
export class DuplicateConditionalUI extends AuthError {
|
|
439
|
+
}
|
|
440
|
+
DuplicateConditionalUI.type = "DuplicateConditionalUI";
|
|
441
|
+
/**
|
|
442
|
+
* Thrown when a WebAuthn provider has `enableConditionalUI` set to `true` but no formField has `webauthn` in its autocomplete param.
|
|
443
|
+
*
|
|
444
|
+
* The `webauthn` autocomplete param is required for conditional UI to work.
|
|
445
|
+
* @noInheritDoc
|
|
446
|
+
*/
|
|
447
|
+
export class MissingWebAuthnAutocomplete extends AuthError {
|
|
448
|
+
}
|
|
449
|
+
MissingWebAuthnAutocomplete.type = "MissingWebAuthnAutocomplete";
|
|
450
|
+
/**
|
|
451
|
+
* Thrown when a WebAuthn provider fails to verify a client response.
|
|
452
|
+
* @noInheritDoc
|
|
453
|
+
*/
|
|
454
|
+
export class WebAuthnVerificationError extends AuthError {
|
|
455
|
+
}
|
|
456
|
+
WebAuthnVerificationError.type = "WebAuthnVerificationError";
|
|
457
|
+
/**
|
|
458
|
+
* Thrown when an Email address is already associated with an account
|
|
459
|
+
* but the user is trying an account that is not linked to it.
|
|
460
|
+
*
|
|
461
|
+
* For security reasons, Auth.js does not automatically link accounts to existing accounts if the user is not signed in.
|
|
462
|
+
* @noInheritDoc
|
|
463
|
+
*/
|
|
464
|
+
export class AccountNotLinked extends SignInError {
|
|
465
|
+
}
|
|
466
|
+
AccountNotLinked.type = "AccountNotLinked";
|
|
467
|
+
/**
|
|
468
|
+
* Thrown when an experimental feature is used but not enabled.
|
|
469
|
+
* @noInheritDoc
|
|
470
|
+
*/
|
|
471
|
+
export class ExperimentalFeatureNotEnabled extends AuthError {
|
|
472
|
+
}
|
|
473
|
+
ExperimentalFeatureNotEnabled.type = "ExperimentalFeatureNotEnabled";
|