@mulverse/mulguard-core 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +24 -0
- package/adapters.d.ts +522 -0
- package/adapters.d.ts.map +1 -0
- package/adapters.js +170 -0
- package/errors.d.ts +429 -0
- package/errors.d.ts.map +1 -0
- package/errors.js +473 -0
- package/index.d.ts +547 -0
- package/index.d.ts.map +1 -0
- package/index.js +142 -0
- package/jwt.d.ts +132 -0
- package/jwt.d.ts.map +1 -0
- package/jwt.js +123 -0
- package/lib/actions/callback/handle-login.d.ts +35 -0
- package/lib/actions/callback/handle-login.d.ts.map +1 -0
- package/lib/actions/callback/handle-login.js +275 -0
- package/lib/actions/callback/index.d.ts +5 -0
- package/lib/actions/callback/index.d.ts.map +1 -0
- package/lib/actions/callback/index.js +409 -0
- package/lib/actions/callback/oauth/callback.d.ts +36 -0
- package/lib/actions/callback/oauth/callback.d.ts.map +1 -0
- package/lib/actions/callback/oauth/callback.js +248 -0
- package/lib/actions/callback/oauth/checks.d.ts +70 -0
- package/lib/actions/callback/oauth/checks.d.ts.map +1 -0
- package/lib/actions/callback/oauth/checks.js +188 -0
- package/lib/actions/callback/oauth/csrf-token.d.ts +33 -0
- package/lib/actions/callback/oauth/csrf-token.d.ts.map +1 -0
- package/lib/actions/callback/oauth/csrf-token.js +39 -0
- package/lib/actions/index.d.ts +6 -0
- package/lib/actions/index.d.ts.map +1 -0
- package/lib/actions/index.js +5 -0
- package/lib/actions/session.d.ts +5 -0
- package/lib/actions/session.d.ts.map +1 -0
- package/lib/actions/session.js +127 -0
- package/lib/actions/signin/authorization-url.d.ts +12 -0
- package/lib/actions/signin/authorization-url.d.ts.map +1 -0
- package/lib/actions/signin/authorization-url.js +94 -0
- package/lib/actions/signin/index.d.ts +4 -0
- package/lib/actions/signin/index.d.ts.map +1 -0
- package/lib/actions/signin/index.js +22 -0
- package/lib/actions/signin/send-token.d.ts +10 -0
- package/lib/actions/signin/send-token.d.ts.map +1 -0
- package/lib/actions/signin/send-token.js +98 -0
- package/lib/actions/signout.d.ts +11 -0
- package/lib/actions/signout.d.ts.map +1 -0
- package/lib/actions/signout.js +30 -0
- package/lib/actions/webauthn-options.d.ts +8 -0
- package/lib/actions/webauthn-options.d.ts.map +1 -0
- package/lib/actions/webauthn-options.js +60 -0
- package/lib/index.d.ts +2 -0
- package/lib/index.d.ts.map +1 -0
- package/lib/index.js +70 -0
- package/lib/init.d.ts +25 -0
- package/lib/init.d.ts.map +1 -0
- package/lib/init.js +172 -0
- package/lib/pages/error.d.ts +17 -0
- package/lib/pages/error.d.ts.map +1 -0
- package/lib/pages/error.js +40 -0
- package/lib/pages/index.d.ts +42 -0
- package/lib/pages/index.d.ts.map +1 -0
- package/lib/pages/index.js +136 -0
- package/lib/pages/signin.d.ts +10 -0
- package/lib/pages/signin.d.ts.map +1 -0
- package/lib/pages/signin.js +75 -0
- package/lib/pages/signout.d.ts +8 -0
- package/lib/pages/signout.d.ts.map +1 -0
- package/lib/pages/signout.js +17 -0
- package/lib/pages/styles.d.ts +3 -0
- package/lib/pages/styles.d.ts.map +1 -0
- package/lib/pages/styles.js +381 -0
- package/lib/pages/verify-request.d.ts +8 -0
- package/lib/pages/verify-request.d.ts.map +1 -0
- package/lib/pages/verify-request.js +11 -0
- package/lib/symbols.d.ts +50 -0
- package/lib/symbols.d.ts.map +1 -0
- package/lib/symbols.js +57 -0
- package/lib/utils/actions.d.ts +3 -0
- package/lib/utils/actions.d.ts.map +1 -0
- package/lib/utils/actions.js +14 -0
- package/lib/utils/assert.d.ts +14 -0
- package/lib/utils/assert.d.ts.map +1 -0
- package/lib/utils/assert.js +168 -0
- package/lib/utils/callback-url.d.ts +17 -0
- package/lib/utils/callback-url.d.ts.map +1 -0
- package/lib/utils/callback-url.js +27 -0
- package/lib/utils/cookie.d.ts +111 -0
- package/lib/utils/cookie.d.ts.map +1 -0
- package/lib/utils/cookie.js +205 -0
- package/lib/utils/date.d.ts +7 -0
- package/lib/utils/date.d.ts.map +1 -0
- package/lib/utils/date.js +8 -0
- package/lib/utils/email.d.ts +20 -0
- package/lib/utils/email.d.ts.map +1 -0
- package/lib/utils/email.js +57 -0
- package/lib/utils/env.d.ts +9 -0
- package/lib/utils/env.d.ts.map +1 -0
- package/lib/utils/env.js +96 -0
- package/lib/utils/logger.d.ts +18 -0
- package/lib/utils/logger.d.ts.map +1 -0
- package/lib/utils/logger.js +50 -0
- package/lib/utils/merge.d.ts +3 -0
- package/lib/utils/merge.d.ts.map +1 -0
- package/lib/utils/merge.js +23 -0
- package/lib/utils/providers.d.ts +19 -0
- package/lib/utils/providers.d.ts.map +1 -0
- package/lib/utils/providers.js +149 -0
- package/lib/utils/session.d.ts +7 -0
- package/lib/utils/session.d.ts.map +1 -0
- package/lib/utils/session.js +29 -0
- package/lib/utils/web.d.ts +10 -0
- package/lib/utils/web.d.ts.map +1 -0
- package/lib/utils/web.js +109 -0
- package/lib/utils/webauthn-client.d.ts +30 -0
- package/lib/utils/webauthn-client.d.ts.map +1 -0
- package/lib/utils/webauthn-client.js +197 -0
- package/lib/utils/webauthn-utils.d.ts +81 -0
- package/lib/utils/webauthn-utils.d.ts.map +1 -0
- package/lib/utils/webauthn-utils.js +343 -0
- package/lib/vendored/cookie.d.ts +120 -0
- package/lib/vendored/cookie.d.ts.map +1 -0
- package/lib/vendored/cookie.js +237 -0
- package/package.json +118 -0
- package/providers/42-school.d.ts +240 -0
- package/providers/42-school.d.ts.map +1 -0
- package/providers/42-school.js +78 -0
- package/providers/apple.d.ts +149 -0
- package/providers/apple.d.ts.map +1 -0
- package/providers/apple.js +104 -0
- package/providers/asgardeo.d.ts +102 -0
- package/providers/asgardeo.d.ts.map +1 -0
- package/providers/asgardeo.js +93 -0
- package/providers/atlassian.d.ts +94 -0
- package/providers/atlassian.d.ts.map +1 -0
- package/providers/atlassian.js +84 -0
- package/providers/auth0.d.ts +116 -0
- package/providers/auth0.d.ts.map +1 -0
- package/providers/auth0.js +49 -0
- package/providers/authentik.d.ts +90 -0
- package/providers/authentik.d.ts.map +1 -0
- package/providers/authentik.js +65 -0
- package/providers/azure-ad-b2c.d.ts +104 -0
- package/providers/azure-ad-b2c.d.ts.map +1 -0
- package/providers/azure-ad-b2c.js +100 -0
- package/providers/azure-ad.d.ts +19 -0
- package/providers/azure-ad.d.ts.map +1 -0
- package/providers/azure-ad.js +23 -0
- package/providers/azure-devops.d.ts +128 -0
- package/providers/azure-devops.d.ts.map +1 -0
- package/providers/azure-devops.js +158 -0
- package/providers/bankid-no.d.ts +134 -0
- package/providers/bankid-no.d.ts.map +1 -0
- package/providers/bankid-no.js +65 -0
- package/providers/battlenet.d.ts +85 -0
- package/providers/battlenet.d.ts.map +1 -0
- package/providers/battlenet.js +81 -0
- package/providers/beyondidentity.d.ts +77 -0
- package/providers/beyondidentity.d.ts.map +1 -0
- package/providers/beyondidentity.js +84 -0
- package/providers/bitbucket.d.ts +89 -0
- package/providers/bitbucket.d.ts.map +1 -0
- package/providers/bitbucket.js +92 -0
- package/providers/box.d.ts +63 -0
- package/providers/box.d.ts.map +1 -0
- package/providers/box.js +73 -0
- package/providers/boxyhq-saml.d.ts +121 -0
- package/providers/boxyhq-saml.d.ts.map +1 -0
- package/providers/boxyhq-saml.js +127 -0
- package/providers/bungie.d.ts +167 -0
- package/providers/bungie.d.ts.map +1 -0
- package/providers/bungie.js +174 -0
- package/providers/click-up.d.ts +75 -0
- package/providers/click-up.d.ts.map +1 -0
- package/providers/click-up.js +89 -0
- package/providers/cognito.d.ts +81 -0
- package/providers/cognito.d.ts.map +1 -0
- package/providers/cognito.js +73 -0
- package/providers/coinbase.d.ts +69 -0
- package/providers/coinbase.d.ts.map +1 -0
- package/providers/coinbase.js +78 -0
- package/providers/concept2.d.ts +81 -0
- package/providers/concept2.d.ts.map +1 -0
- package/providers/concept2.js +86 -0
- package/providers/credentials.d.ts +132 -0
- package/providers/credentials.d.ts.map +1 -0
- package/providers/credentials.js +74 -0
- package/providers/descope.d.ts +91 -0
- package/providers/descope.d.ts.map +1 -0
- package/providers/descope.js +78 -0
- package/providers/discord.d.ts +139 -0
- package/providers/discord.d.ts.map +1 -0
- package/providers/discord.js +86 -0
- package/providers/dribbble.d.ts +88 -0
- package/providers/dribbble.d.ts.map +1 -0
- package/providers/dribbble.js +85 -0
- package/providers/dropbox.d.ts +65 -0
- package/providers/dropbox.d.ts.map +1 -0
- package/providers/dropbox.js +88 -0
- package/providers/duende-identity-server6.d.ts +91 -0
- package/providers/duende-identity-server6.d.ts.map +1 -0
- package/providers/duende-identity-server6.js +80 -0
- package/providers/email.d.ts +41 -0
- package/providers/email.d.ts.map +1 -0
- package/providers/email.js +18 -0
- package/providers/eventbrite.d.ts +78 -0
- package/providers/eventbrite.d.ts.map +1 -0
- package/providers/eventbrite.js +88 -0
- package/providers/eveonline.d.ts +94 -0
- package/providers/eveonline.d.ts.map +1 -0
- package/providers/eveonline.js +92 -0
- package/providers/facebook.d.ts +84 -0
- package/providers/facebook.d.ts.map +1 -0
- package/providers/facebook.js +93 -0
- package/providers/faceit.d.ts +64 -0
- package/providers/faceit.d.ts.map +1 -0
- package/providers/faceit.js +74 -0
- package/providers/figma.d.ts +75 -0
- package/providers/figma.d.ts.map +1 -0
- package/providers/figma.js +81 -0
- package/providers/forwardemail.d.ts +4 -0
- package/providers/forwardemail.d.ts.map +1 -0
- package/providers/forwardemail.js +32 -0
- package/providers/foursquare.d.ts +71 -0
- package/providers/foursquare.d.ts.map +1 -0
- package/providers/foursquare.js +91 -0
- package/providers/freshbooks.d.ts +66 -0
- package/providers/freshbooks.d.ts.map +1 -0
- package/providers/freshbooks.js +76 -0
- package/providers/frontegg.d.ts +95 -0
- package/providers/frontegg.d.ts.map +1 -0
- package/providers/frontegg.js +88 -0
- package/providers/fusionauth.d.ts +279 -0
- package/providers/fusionauth.d.ts.map +1 -0
- package/providers/fusionauth.js +292 -0
- package/providers/github.d.ts +127 -0
- package/providers/github.d.ts.map +1 -0
- package/providers/github.js +115 -0
- package/providers/gitlab.d.ts +115 -0
- package/providers/gitlab.d.ts.map +1 -0
- package/providers/gitlab.js +75 -0
- package/providers/google.d.ts +138 -0
- package/providers/google.d.ts.map +1 -0
- package/providers/google.js +119 -0
- package/providers/hubspot.d.ts +76 -0
- package/providers/hubspot.d.ts.map +1 -0
- package/providers/hubspot.js +93 -0
- package/providers/huggingface.d.ts +216 -0
- package/providers/huggingface.d.ts.map +1 -0
- package/providers/huggingface.js +101 -0
- package/providers/identity-server4.d.ts +69 -0
- package/providers/identity-server4.d.ts.map +1 -0
- package/providers/identity-server4.js +64 -0
- package/providers/index.d.ts +61 -0
- package/providers/index.d.ts.map +1 -0
- package/providers/index.js +3 -0
- package/providers/instagram.d.ts +74 -0
- package/providers/instagram.d.ts.map +1 -0
- package/providers/instagram.js +87 -0
- package/providers/kakao.d.ts +148 -0
- package/providers/kakao.d.ts.map +1 -0
- package/providers/kakao.js +103 -0
- package/providers/keycloak.d.ts +100 -0
- package/providers/keycloak.d.ts.map +1 -0
- package/providers/keycloak.js +73 -0
- package/providers/kinde.d.ts +73 -0
- package/providers/kinde.d.ts.map +1 -0
- package/providers/kinde.js +51 -0
- package/providers/line.d.ts +83 -0
- package/providers/line.d.ts.map +1 -0
- package/providers/line.js +73 -0
- package/providers/linkedin.d.ts +77 -0
- package/providers/linkedin.d.ts.map +1 -0
- package/providers/linkedin.js +65 -0
- package/providers/logto.d.ts +98 -0
- package/providers/logto.d.ts.map +1 -0
- package/providers/logto.js +81 -0
- package/providers/loops.d.ts +40 -0
- package/providers/loops.d.ts.map +1 -0
- package/providers/loops.js +59 -0
- package/providers/mailchimp.d.ts +66 -0
- package/providers/mailchimp.d.ts.map +1 -0
- package/providers/mailchimp.js +76 -0
- package/providers/mailgun.d.ts +55 -0
- package/providers/mailgun.d.ts.map +1 -0
- package/providers/mailgun.js +74 -0
- package/providers/mailru.d.ts +63 -0
- package/providers/mailru.d.ts.map +1 -0
- package/providers/mailru.js +61 -0
- package/providers/mastodon.d.ts +90 -0
- package/providers/mastodon.d.ts.map +1 -0
- package/providers/mastodon.js +75 -0
- package/providers/mattermost.d.ts +132 -0
- package/providers/mattermost.d.ts.map +1 -0
- package/providers/mattermost.js +83 -0
- package/providers/medium.d.ts +68 -0
- package/providers/medium.d.ts.map +1 -0
- package/providers/medium.js +84 -0
- package/providers/microsoft-entra-id.d.ts +428 -0
- package/providers/microsoft-entra-id.d.ts.map +1 -0
- package/providers/microsoft-entra-id.js +156 -0
- package/providers/naver.d.ts +80 -0
- package/providers/naver.d.ts.map +1 -0
- package/providers/naver.js +79 -0
- package/providers/netlify.d.ts +66 -0
- package/providers/netlify.d.ts.map +1 -0
- package/providers/netlify.js +85 -0
- package/providers/netsuite.d.ts +189 -0
- package/providers/netsuite.d.ts.map +1 -0
- package/providers/netsuite.js +170 -0
- package/providers/nextcloud.d.ts +150 -0
- package/providers/nextcloud.d.ts.map +1 -0
- package/providers/nextcloud.js +99 -0
- package/providers/nodemailer.d.ts +27 -0
- package/providers/nodemailer.d.ts.map +1 -0
- package/providers/nodemailer.js +34 -0
- package/providers/notion.d.ts +99 -0
- package/providers/notion.d.ts.map +1 -0
- package/providers/notion.js +110 -0
- package/providers/oauth.d.ts +188 -0
- package/providers/oauth.d.ts.map +1 -0
- package/providers/oauth.js +1 -0
- package/providers/okta.d.ts +99 -0
- package/providers/okta.d.ts.map +1 -0
- package/providers/okta.js +63 -0
- package/providers/onelogin.d.ts +65 -0
- package/providers/onelogin.d.ts.map +1 -0
- package/providers/onelogin.js +61 -0
- package/providers/ory-hydra.d.ts +79 -0
- package/providers/ory-hydra.d.ts.map +1 -0
- package/providers/ory-hydra.js +67 -0
- package/providers/osso.d.ts +79 -0
- package/providers/osso.d.ts.map +1 -0
- package/providers/osso.js +77 -0
- package/providers/osu.d.ts +116 -0
- package/providers/osu.d.ts.map +1 -0
- package/providers/osu.js +75 -0
- package/providers/passage.d.ts +88 -0
- package/providers/passage.d.ts.map +1 -0
- package/providers/passage.js +75 -0
- package/providers/passkey.d.ts +65 -0
- package/providers/passkey.d.ts.map +1 -0
- package/providers/passkey.js +87 -0
- package/providers/patreon.d.ts +73 -0
- package/providers/patreon.d.ts.map +1 -0
- package/providers/patreon.js +77 -0
- package/providers/ping-id.d.ts +57 -0
- package/providers/ping-id.d.ts.map +1 -0
- package/providers/ping-id.js +40 -0
- package/providers/pinterest.d.ts +79 -0
- package/providers/pinterest.d.ts.map +1 -0
- package/providers/pinterest.js +85 -0
- package/providers/pipedrive.d.ts +99 -0
- package/providers/pipedrive.d.ts.map +1 -0
- package/providers/pipedrive.js +71 -0
- package/providers/postmark.d.ts +4 -0
- package/providers/postmark.d.ts.map +1 -0
- package/providers/postmark.js +36 -0
- package/providers/provider-types.d.ts +3 -0
- package/providers/provider-types.d.ts.map +1 -0
- package/providers/provider-types.js +1 -0
- package/providers/reddit.d.ts +88 -0
- package/providers/reddit.d.ts.map +1 -0
- package/providers/reddit.js +90 -0
- package/providers/resend.d.ts +4 -0
- package/providers/resend.d.ts.map +1 -0
- package/providers/resend.js +32 -0
- package/providers/roblox.d.ts +67 -0
- package/providers/roblox.d.ts.map +1 -0
- package/providers/roblox.js +53 -0
- package/providers/salesforce.d.ts +59 -0
- package/providers/salesforce.d.ts.map +1 -0
- package/providers/salesforce.js +52 -0
- package/providers/sendgrid.d.ts +4 -0
- package/providers/sendgrid.d.ts.map +1 -0
- package/providers/sendgrid.js +35 -0
- package/providers/simplelogin.d.ts +87 -0
- package/providers/simplelogin.d.ts.map +1 -0
- package/providers/simplelogin.js +83 -0
- package/providers/slack.d.ts +102 -0
- package/providers/slack.d.ts.map +1 -0
- package/providers/slack.js +69 -0
- package/providers/spotify.d.ts +75 -0
- package/providers/spotify.d.ts.map +1 -0
- package/providers/spotify.js +73 -0
- package/providers/strava.d.ts +68 -0
- package/providers/strava.d.ts.map +1 -0
- package/providers/strava.js +80 -0
- package/providers/threads.d.ts +108 -0
- package/providers/threads.d.ts.map +1 -0
- package/providers/threads.js +89 -0
- package/providers/tiktok.d.ts +248 -0
- package/providers/tiktok.d.ts.map +1 -0
- package/providers/tiktok.js +195 -0
- package/providers/todoist.d.ts +76 -0
- package/providers/todoist.d.ts.map +1 -0
- package/providers/todoist.js +97 -0
- package/providers/trakt.d.ts +93 -0
- package/providers/trakt.d.ts.map +1 -0
- package/providers/trakt.js +91 -0
- package/providers/twitch.d.ts +71 -0
- package/providers/twitch.d.ts.map +1 -0
- package/providers/twitch.js +96 -0
- package/providers/twitter.d.ts +183 -0
- package/providers/twitter.d.ts.map +1 -0
- package/providers/twitter.js +100 -0
- package/providers/united-effects.d.ts +80 -0
- package/providers/united-effects.d.ts.map +1 -0
- package/providers/united-effects.js +72 -0
- package/providers/vipps.d.ts +71 -0
- package/providers/vipps.d.ts.map +1 -0
- package/providers/vipps.js +33 -0
- package/providers/vk.d.ts +334 -0
- package/providers/vk.d.ts.map +1 -0
- package/providers/vk.js +103 -0
- package/providers/webauthn.d.ts +148 -0
- package/providers/webauthn.d.ts.map +1 -0
- package/providers/webauthn.js +128 -0
- package/providers/webex.d.ts +78 -0
- package/providers/webex.d.ts.map +1 -0
- package/providers/webex.js +73 -0
- package/providers/wechat.d.ts +78 -0
- package/providers/wechat.d.ts.map +1 -0
- package/providers/wechat.js +105 -0
- package/providers/wikimedia.d.ts +99 -0
- package/providers/wikimedia.d.ts.map +1 -0
- package/providers/wikimedia.js +90 -0
- package/providers/wordpress.d.ts +65 -0
- package/providers/wordpress.d.ts.map +1 -0
- package/providers/wordpress.js +71 -0
- package/providers/workos.d.ts +154 -0
- package/providers/workos.d.ts.map +1 -0
- package/providers/workos.js +143 -0
- package/providers/yandex.d.ts +131 -0
- package/providers/yandex.d.ts.map +1 -0
- package/providers/yandex.js +80 -0
- package/providers/zitadel.d.ts +117 -0
- package/providers/zitadel.d.ts.map +1 -0
- package/providers/zitadel.js +95 -0
- package/providers/zoho.d.ts +63 -0
- package/providers/zoho.d.ts.map +1 -0
- package/providers/zoho.js +79 -0
- package/providers/zoom.d.ts +93 -0
- package/providers/zoom.d.ts.map +1 -0
- package/providers/zoom.js +82 -0
- package/src/adapters/server-actions-helpers.ts +126 -0
- package/src/adapters.ts +603 -0
- package/src/errors.ts +551 -0
- package/src/index.ts +689 -0
- package/src/jwt.ts +283 -0
- package/src/lib/actions/callback/handle-login.ts +334 -0
- package/src/lib/actions/callback/index.ts +554 -0
- package/src/lib/actions/callback/oauth/callback.ts +347 -0
- package/src/lib/actions/callback/oauth/checks.ts +258 -0
- package/src/lib/actions/callback/oauth/csrf-token.ts +60 -0
- package/src/lib/actions/index.ts +5 -0
- package/src/lib/actions/session.ts +167 -0
- package/src/lib/actions/signin/authorization-url.ts +123 -0
- package/src/lib/actions/signin/index.ts +37 -0
- package/src/lib/actions/signin/send-token.ts +124 -0
- package/src/lib/actions/signout.ts +38 -0
- package/src/lib/actions/webauthn-options.ts +100 -0
- package/src/lib/index.ts +97 -0
- package/src/lib/init.ts +236 -0
- package/src/lib/pages/error.tsx +106 -0
- package/src/lib/pages/index.ts +181 -0
- package/src/lib/pages/signin.tsx +255 -0
- package/src/lib/pages/signout.tsx +49 -0
- package/src/lib/pages/styles.css +377 -0
- package/src/lib/pages/styles.ts +381 -0
- package/src/lib/pages/verify-request.tsx +36 -0
- package/src/lib/symbols.ts +60 -0
- package/src/lib/utils/actions.ts +17 -0
- package/src/lib/utils/assert.ts +259 -0
- package/src/lib/utils/callback-url.ts +42 -0
- package/src/lib/utils/cookie.ts +248 -0
- package/src/lib/utils/date.ts +8 -0
- package/src/lib/utils/email.ts +65 -0
- package/src/lib/utils/env.ts +113 -0
- package/src/lib/utils/logger.ts +75 -0
- package/src/lib/utils/merge.ts +30 -0
- package/src/lib/utils/providers.ts +203 -0
- package/src/lib/utils/session.ts +41 -0
- package/src/lib/utils/web.ts +151 -0
- package/src/lib/utils/webauthn-client.js +229 -0
- package/src/lib/utils/webauthn-utils.ts +531 -0
- package/src/lib/vendored/cookie.ts +383 -0
- package/src/providers/42-school.ts +256 -0
- package/src/providers/apple.ts +206 -0
- package/src/providers/asgardeo.ts +118 -0
- package/src/providers/atlassian.ts +120 -0
- package/src/providers/auth0.ts +127 -0
- package/src/providers/authentik.ts +100 -0
- package/src/providers/azure-ad-b2c.ts +124 -0
- package/src/providers/azure-ad.ts +30 -0
- package/src/providers/azure-devops.ts +184 -0
- package/src/providers/bankid-no.ts +161 -0
- package/src/providers/battlenet.ts +107 -0
- package/src/providers/beyondidentity.ts +102 -0
- package/src/providers/bitbucket.ts +122 -0
- package/src/providers/box.ts +87 -0
- package/src/providers/boxyhq-saml.ts +148 -0
- package/src/providers/bungie.ts +192 -0
- package/src/providers/click-up.ts +104 -0
- package/src/providers/cognito.ts +94 -0
- package/src/providers/coinbase.ts +93 -0
- package/src/providers/concept2.ts +108 -0
- package/src/providers/credentials.ts +157 -0
- package/src/providers/descope.ts +105 -0
- package/src/providers/discord.ts +176 -0
- package/src/providers/dribbble.ts +122 -0
- package/src/providers/dropbox.ts +102 -0
- package/src/providers/duende-identity-server6.ts +101 -0
- package/src/providers/email.ts +60 -0
- package/src/providers/eventbrite.ts +105 -0
- package/src/providers/eveonline.ts +117 -0
- package/src/providers/facebook.ts +119 -0
- package/src/providers/faceit.ts +90 -0
- package/src/providers/figma.ts +105 -0
- package/src/providers/forwardemail.ts +37 -0
- package/src/providers/foursquare.ts +105 -0
- package/src/providers/freshbooks.ts +90 -0
- package/src/providers/frontegg.ts +111 -0
- package/src/providers/fusionauth.ts +336 -0
- package/src/providers/github.ts +187 -0
- package/src/providers/gitlab.ts +140 -0
- package/src/providers/google.ts +152 -0
- package/src/providers/hubspot.ts +117 -0
- package/src/providers/huggingface.ts +234 -0
- package/src/providers/identity-server4.ts +78 -0
- package/src/providers/index.ts +115 -0
- package/src/providers/instagram.ts +103 -0
- package/src/providers/kakao.ts +184 -0
- package/src/providers/keycloak.ts +111 -0
- package/src/providers/kinde.ts +85 -0
- package/src/providers/line.ts +99 -0
- package/src/providers/linkedin.ts +91 -0
- package/src/providers/logto.ts +122 -0
- package/src/providers/loops.ts +79 -0
- package/src/providers/mailchimp.ts +90 -0
- package/src/providers/mailgun.ts +98 -0
- package/src/providers/mailru.ts +75 -0
- package/src/providers/mastodon.ts +112 -0
- package/src/providers/mattermost.ts +154 -0
- package/src/providers/medium.ts +89 -0
- package/src/providers/microsoft-entra-id.ts +497 -0
- package/src/providers/naver.ts +102 -0
- package/src/providers/netlify.ts +90 -0
- package/src/providers/netsuite.ts +225 -0
- package/src/providers/nextcloud.ts +207 -0
- package/src/providers/nodemailer.ts +84 -0
- package/src/providers/notion.ts +166 -0
- package/src/providers/oauth.ts +310 -0
- package/src/providers/okta.ts +111 -0
- package/src/providers/onelogin.ts +75 -0
- package/src/providers/ory-hydra.ts +93 -0
- package/src/providers/osso.ts +91 -0
- package/src/providers/osu.ts +138 -0
- package/src/providers/passage.ts +103 -0
- package/src/providers/passkey.ts +94 -0
- package/src/providers/patreon.ts +98 -0
- package/src/providers/ping-id.ts +68 -0
- package/src/providers/pinterest.ts +106 -0
- package/src/providers/pipedrive.ts +120 -0
- package/src/providers/postmark.ts +38 -0
- package/src/providers/provider-types.ts +107 -0
- package/src/providers/reddit.ts +104 -0
- package/src/providers/resend.ts +35 -0
- package/src/providers/roblox.ts +94 -0
- package/src/providers/salesforce.ts +73 -0
- package/src/providers/sendgrid.ts +36 -0
- package/src/providers/simplelogin.ts +107 -0
- package/src/providers/slack.ts +115 -0
- package/src/providers/spotify.ts +99 -0
- package/src/providers/strava.ts +101 -0
- package/src/providers/threads.ts +135 -0
- package/src/providers/tiktok.ts +319 -0
- package/src/providers/todoist.ts +122 -0
- package/src/providers/trakt.ts +120 -0
- package/src/providers/twitch.ts +121 -0
- package/src/providers/twitter.ts +207 -0
- package/src/providers/united-effects.ts +89 -0
- package/src/providers/vipps.ts +86 -0
- package/src/providers/vk.ts +401 -0
- package/src/providers/webauthn.ts +296 -0
- package/src/providers/webex.ts +102 -0
- package/src/providers/wechat.ts +141 -0
- package/src/providers/wikimedia.ts +258 -0
- package/src/providers/wordpress.ts +86 -0
- package/src/providers/workos.ts +180 -0
- package/src/providers/yandex.ts +159 -0
- package/src/providers/zitadel.ts +128 -0
- package/src/providers/zoho.ts +84 -0
- package/src/providers/zoom.ts +119 -0
- package/src/types.ts +430 -0
- package/src/warnings.ts +21 -0
- package/types.d.ts +309 -0
- package/types.d.ts.map +1 -0
- package/types.js +53 -0
- package/warnings.d.ts +17 -0
- package/warnings.d.ts.map +1 -0
- package/warnings.js +1 -0
package/src/adapters.ts
ADDED
|
@@ -0,0 +1,603 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Auth.js can be integrated with _any_ data layer (database, ORM, or backend API, HTTP client)
|
|
3
|
+
* in order to automatically create users, handle account linking automatically, support passwordless login,
|
|
4
|
+
* and to store session information.
|
|
5
|
+
*
|
|
6
|
+
* This module contains utility functions and types to create an Auth.js compatible adapter.
|
|
7
|
+
*
|
|
8
|
+
* Auth.js supports 2 session strategies to persist the login state of a user.
|
|
9
|
+
* The default is to use a cookie + {@link https://authjs.dev/concepts/session-strategies#jwt-session JWT}
|
|
10
|
+
* based session store (`strategy: "jwt"`),
|
|
11
|
+
* but you can also use a database adapter to store the session in a database.
|
|
12
|
+
*
|
|
13
|
+
* Before you continue, Auth.js has a list of {@link https://adapters.authjs.dev official database adapters}. If your database is listed there, you
|
|
14
|
+
* probably do not need to create your own. If you are using a data solution that cannot be integrated with an official adapter, this module will help you create a compatible adapter.
|
|
15
|
+
*
|
|
16
|
+
* :::caution Note
|
|
17
|
+
* Although `@mulverse/mulguard-core` _is_ framework/runtime agnostic, an adapter might rely on a client/ORM package,
|
|
18
|
+
* that is not yet compatible with your framework/runtime (e.g. it might rely on [Node.js APIs](https://nodejs.org/docs/latest/api)).
|
|
19
|
+
* Related issues should be reported to the corresponding package maintainers.
|
|
20
|
+
* :::
|
|
21
|
+
*
|
|
22
|
+
* ## Installation
|
|
23
|
+
*
|
|
24
|
+
* ```bash npm2yarn
|
|
25
|
+
* npm install @mulverse/mulguard-core
|
|
26
|
+
* ```
|
|
27
|
+
*
|
|
28
|
+
* Then, you can import this submodule from `@mulverse/mulguard-core/adapters`.
|
|
29
|
+
*
|
|
30
|
+
* ## Usage
|
|
31
|
+
*
|
|
32
|
+
* Each adapter method and its function signature is documented in the {@link Adapter} interface.
|
|
33
|
+
*
|
|
34
|
+
* ```ts title=my-adapter.ts
|
|
35
|
+
* import { type Adapter } from "@mulverse/mulguard-core/adapters"
|
|
36
|
+
*
|
|
37
|
+
* // 1. Simplest form, a plain object.
|
|
38
|
+
* export const MyAdapter: Adapter {
|
|
39
|
+
* // implement the adapter methods here
|
|
40
|
+
* }
|
|
41
|
+
*
|
|
42
|
+
* // or
|
|
43
|
+
*
|
|
44
|
+
* // 2. A function that returns an object. Official adapters use this pattern.
|
|
45
|
+
* export function MyAdapter(config: any): Adapter {
|
|
46
|
+
* // Instantiate a client/ORM here with the provided config, or pass it in as a parameter.
|
|
47
|
+
* // Usually, you might already have a client instance elsewhere in your application,
|
|
48
|
+
* // so you should only create a new instance if you need to or you don't have one.
|
|
49
|
+
*
|
|
50
|
+
* return {
|
|
51
|
+
* // implement the adapter methods
|
|
52
|
+
* }
|
|
53
|
+
* }
|
|
54
|
+
*
|
|
55
|
+
* ```
|
|
56
|
+
*
|
|
57
|
+
* Then, you can pass your adapter to Auth.js as the `adapter` option.
|
|
58
|
+
*
|
|
59
|
+
* ```ts title=index.ts
|
|
60
|
+
* import { MyAdapter } from "./my-adapter"
|
|
61
|
+
*
|
|
62
|
+
* const response = await Auth(..., {
|
|
63
|
+
* adapter: MyAdapter, // 1.
|
|
64
|
+
* // or
|
|
65
|
+
* adapter: MyAdapter({ /* config *\/ }), // 2.
|
|
66
|
+
* ...
|
|
67
|
+
* })
|
|
68
|
+
* ```
|
|
69
|
+
*
|
|
70
|
+
* Note, you might be able to tweak an existing adapter to work with your data layer, instead of creating one from scratch.
|
|
71
|
+
*
|
|
72
|
+
* ```ts title=my-adapter.ts
|
|
73
|
+
* import { type Adapter } from "@mulverse/mulguard-core/adapters"
|
|
74
|
+
* import { PrismaAdapter } from "@auth/prisma-adapter"
|
|
75
|
+
* import { PrismaClient } from "@prisma/client"
|
|
76
|
+
*
|
|
77
|
+
* const prisma = new PrismaClient()
|
|
78
|
+
*
|
|
79
|
+
* const adapter: Adapter = {
|
|
80
|
+
* ...PrismaAdapter(prisma),
|
|
81
|
+
* // Add your custom methods here
|
|
82
|
+
* }
|
|
83
|
+
*
|
|
84
|
+
* const request = new Request("https://example.com")
|
|
85
|
+
* const response = await Auth(request, { adapter, ... })
|
|
86
|
+
* ```
|
|
87
|
+
*
|
|
88
|
+
* ## Models
|
|
89
|
+
*
|
|
90
|
+
* Auth.js can be used with any database. Models tell you what structures Auth.js expects from your database. Models will vary slightly depending on which adapter you use, but in general, will have a similar structure to the graph below. Each model can be extended with additional fields.
|
|
91
|
+
*
|
|
92
|
+
* :::note
|
|
93
|
+
* Auth.js / NextAuth.js uses `camelCase` for its database rows while respecting the conventional `snake_case` formatting for OAuth-related values. If the mixed casing is an issue for you, most adapters have a dedicated documentation section on how to force a casing convention.
|
|
94
|
+
* :::
|
|
95
|
+
*
|
|
96
|
+
* ```mermaid
|
|
97
|
+
* erDiagram
|
|
98
|
+
* User ||--|{ Account : ""
|
|
99
|
+
* User {
|
|
100
|
+
* string id
|
|
101
|
+
* string name
|
|
102
|
+
* string email
|
|
103
|
+
* timestamp emailVerified
|
|
104
|
+
* string image
|
|
105
|
+
* }
|
|
106
|
+
* User ||--|{ Session : ""
|
|
107
|
+
* Session {
|
|
108
|
+
* string id
|
|
109
|
+
* timestamp expires
|
|
110
|
+
* string sessionToken
|
|
111
|
+
* string userId
|
|
112
|
+
* }
|
|
113
|
+
* Account {
|
|
114
|
+
* string id
|
|
115
|
+
* string userId
|
|
116
|
+
* string type
|
|
117
|
+
* string provider
|
|
118
|
+
* string providerAccountId
|
|
119
|
+
* string refresh_token
|
|
120
|
+
* string access_token
|
|
121
|
+
* int expires_at
|
|
122
|
+
* string token_type
|
|
123
|
+
* string scope
|
|
124
|
+
* string id_token
|
|
125
|
+
* string session_state
|
|
126
|
+
* }
|
|
127
|
+
* User ||--|{ VerificationToken : ""
|
|
128
|
+
* VerificationToken {
|
|
129
|
+
* string identifier
|
|
130
|
+
* string token
|
|
131
|
+
* timestamp expires
|
|
132
|
+
* }
|
|
133
|
+
* ```
|
|
134
|
+
*
|
|
135
|
+
* ## Testing
|
|
136
|
+
*
|
|
137
|
+
* There is a test suite [available](https://github.com/nextauthjs/next-auth/blob/main/packages/utils/adapter.ts)
|
|
138
|
+
* to ensure that your adapter is compatible with Auth.js.
|
|
139
|
+
*
|
|
140
|
+
* ## Known issues
|
|
141
|
+
*
|
|
142
|
+
* The following are missing built-in features in Auth.js but can be solved in user land. If you would like to help implement these features, please reach out.
|
|
143
|
+
*
|
|
144
|
+
* ### Token rotation
|
|
145
|
+
*
|
|
146
|
+
* Auth.js _currently_ does not support {@link https://authjs.dev/concepts/oauth `access_token` rotation} out of the box.
|
|
147
|
+
* The necessary information (`refresh_token`, expiry, etc.) is being stored in the database, but the logic to rotate the token is not implemented
|
|
148
|
+
* in the core library.
|
|
149
|
+
* [This guide](https://authjs.dev/guides/refresh-token-rotation#database-strategy) should provide the necessary steps to do this in user land.
|
|
150
|
+
*
|
|
151
|
+
* ### Federated logout
|
|
152
|
+
*
|
|
153
|
+
* Auth.js _currently_ does not support federated logout out of the box.
|
|
154
|
+
* This means that even if an active session is deleted from the database, the user will still be signed in to the identity provider,
|
|
155
|
+
* they will only be signed out of the application.
|
|
156
|
+
* Eg. if you use Google as an identity provider, and you delete the session from the database,
|
|
157
|
+
* the user will still be signed in to Google, but they will be signed out of your application.
|
|
158
|
+
*
|
|
159
|
+
* If your users might be using the application from a publicly shared computer (eg: library), you might want to implement federated logout.
|
|
160
|
+
*
|
|
161
|
+
* @module adapters
|
|
162
|
+
*/
|
|
163
|
+
|
|
164
|
+
import { ProviderType } from "./providers/index.js"
|
|
165
|
+
import type { Account, Authenticator, Awaitable, User } from "./types.js"
|
|
166
|
+
// TODO: Discuss if we should expose methods to serialize and deserialize
|
|
167
|
+
// the data? Many adapters share this logic, so it could be useful to
|
|
168
|
+
// have a common implementation.
|
|
169
|
+
|
|
170
|
+
/**
|
|
171
|
+
* A user represents a person who can sign in to the application.
|
|
172
|
+
* If a user does not exist yet, it will be created when they sign in for the first time,
|
|
173
|
+
* using the information (profile data) returned by the identity provider.
|
|
174
|
+
* A corresponding account is also created and linked to the user.
|
|
175
|
+
*/
|
|
176
|
+
export interface AdapterUser extends User {
|
|
177
|
+
/** A unique identifier for the user. */
|
|
178
|
+
id: string
|
|
179
|
+
/** The user's email address. */
|
|
180
|
+
email: string
|
|
181
|
+
/**
|
|
182
|
+
* Whether the user has verified their email address via an [Email provider](https://authjs.dev/getting-started/authentication/email).
|
|
183
|
+
* It is `null` if the user has not signed in with the Email provider yet, or the date of the first successful signin.
|
|
184
|
+
*/
|
|
185
|
+
emailVerified: Date | null
|
|
186
|
+
}
|
|
187
|
+
|
|
188
|
+
/**
|
|
189
|
+
* The type of account.
|
|
190
|
+
*/
|
|
191
|
+
export type AdapterAccountType = Extract<
|
|
192
|
+
ProviderType,
|
|
193
|
+
"oauth" | "oidc" | "email" | "webauthn"
|
|
194
|
+
>
|
|
195
|
+
|
|
196
|
+
/**
|
|
197
|
+
* An account is a connection between a user and a provider.
|
|
198
|
+
*
|
|
199
|
+
* There are two types of accounts:
|
|
200
|
+
* - OAuth/OIDC accounts, which are created when a user signs in with an OAuth provider.
|
|
201
|
+
* - Email accounts, which are created when a user signs in with an [Email provider](https://authjs.dev/getting-started/authentication/email).
|
|
202
|
+
*
|
|
203
|
+
* One user can have multiple accounts.
|
|
204
|
+
*/
|
|
205
|
+
export interface AdapterAccount extends Account {
|
|
206
|
+
userId: string
|
|
207
|
+
type: AdapterAccountType
|
|
208
|
+
}
|
|
209
|
+
|
|
210
|
+
/**
|
|
211
|
+
* A session holds information about a user's current signin state.
|
|
212
|
+
*/
|
|
213
|
+
export interface AdapterSession {
|
|
214
|
+
/**
|
|
215
|
+
* A randomly generated value that is used to look up the session in the database
|
|
216
|
+
* when using `"database"` `AuthConfig.strategy` option.
|
|
217
|
+
* This value is saved in a secure, HTTP-Only cookie on the client.
|
|
218
|
+
*/
|
|
219
|
+
sessionToken: string
|
|
220
|
+
/** Connects the active session to a user in the database */
|
|
221
|
+
userId: string
|
|
222
|
+
/**
|
|
223
|
+
* The absolute date when the session expires.
|
|
224
|
+
*
|
|
225
|
+
* If a session is accessed prior to its expiry date,
|
|
226
|
+
* it will be extended based on the `maxAge` option as defined in by `SessionOptions.maxAge`.
|
|
227
|
+
* It is never extended more than once in a period defined by `SessionOptions.updateAge`.
|
|
228
|
+
*
|
|
229
|
+
* If a session is accessed past its expiry date,
|
|
230
|
+
* it will be removed from the database to clean up inactive sessions.
|
|
231
|
+
*
|
|
232
|
+
*/
|
|
233
|
+
expires: Date
|
|
234
|
+
}
|
|
235
|
+
|
|
236
|
+
/**
|
|
237
|
+
* A verification token is a temporary token that is used to sign in a user via their email address.
|
|
238
|
+
* It is created when a user signs in with an [Email provider](https://authjs.dev/getting-started/authentication/email).
|
|
239
|
+
* When the user clicks the link in the email, the token and email is sent back to the server
|
|
240
|
+
* where it is hashed and compared to the value in the database.
|
|
241
|
+
* If the tokens and emails match, and the token hasn't expired yet, the user is signed in.
|
|
242
|
+
* The token is then deleted from the database.
|
|
243
|
+
*/
|
|
244
|
+
export interface VerificationToken {
|
|
245
|
+
/** The user's email address. */
|
|
246
|
+
identifier: string
|
|
247
|
+
/** The absolute date when the token expires. */
|
|
248
|
+
expires: Date
|
|
249
|
+
/**
|
|
250
|
+
* A [hashed](https://en.wikipedia.org/wiki/Hash_function) token, using the `AuthConfig.secret` value.
|
|
251
|
+
*/
|
|
252
|
+
token: string
|
|
253
|
+
}
|
|
254
|
+
|
|
255
|
+
/**
|
|
256
|
+
* An authenticator represents a credential authenticator assigned to a user.
|
|
257
|
+
*/
|
|
258
|
+
export interface AdapterAuthenticator extends Authenticator {
|
|
259
|
+
/**
|
|
260
|
+
* User ID of the authenticator.
|
|
261
|
+
*/
|
|
262
|
+
userId: string
|
|
263
|
+
}
|
|
264
|
+
|
|
265
|
+
/**
|
|
266
|
+
* An adapter is an object with function properties (methods) that read and write data from a data source.
|
|
267
|
+
* Think of these methods as a way to normalize the data layer to common interfaces that Auth.js can understand.
|
|
268
|
+
*
|
|
269
|
+
* This is what makes Auth.js very flexible and allows it to be used with any data layer.
|
|
270
|
+
*
|
|
271
|
+
* The adapter methods are used to perform the following operations:
|
|
272
|
+
* - Create/update/delete a user
|
|
273
|
+
* - Link/unlink an account to/from a user
|
|
274
|
+
* - Handle active sessions
|
|
275
|
+
* - Support passwordless authentication across multiple devices
|
|
276
|
+
*
|
|
277
|
+
* :::note
|
|
278
|
+
* If any of the methods are not implemented, but are called by Auth.js,
|
|
279
|
+
* an error will be shown to the user and the operation will fail.
|
|
280
|
+
* :::
|
|
281
|
+
*/
|
|
282
|
+
export interface Adapter {
|
|
283
|
+
/**
|
|
284
|
+
* Creates a user in the database and returns it.
|
|
285
|
+
*
|
|
286
|
+
* See also [User management](https://authjs.dev/guides/creating-a-database-adapter#user-management)
|
|
287
|
+
*/
|
|
288
|
+
createUser?(user: AdapterUser): Awaitable<AdapterUser>
|
|
289
|
+
/**
|
|
290
|
+
* Returns a user from the database via the user id.
|
|
291
|
+
*
|
|
292
|
+
* See also [User management](https://authjs.dev/guides/creating-a-database-adapter#user-management)
|
|
293
|
+
*/
|
|
294
|
+
getUser?(id: string): Awaitable<AdapterUser | null>
|
|
295
|
+
/**
|
|
296
|
+
* Returns a user from the database via the user's email address.
|
|
297
|
+
*
|
|
298
|
+
* See also [Verification tokens](https://authjs.dev/guides/creating-a-database-adapter#verification-tokens)
|
|
299
|
+
*/
|
|
300
|
+
getUserByEmail?(email: string): Awaitable<AdapterUser | null>
|
|
301
|
+
/**
|
|
302
|
+
* Using the provider id and the id of the user for a specific account, get the user.
|
|
303
|
+
*
|
|
304
|
+
* See also [User management](https://authjs.dev/guides/creating-a-database-adapter#user-management)
|
|
305
|
+
*/
|
|
306
|
+
getUserByAccount?(
|
|
307
|
+
providerAccountId: Pick<AdapterAccount, "provider" | "providerAccountId">
|
|
308
|
+
): Awaitable<AdapterUser | null>
|
|
309
|
+
/**
|
|
310
|
+
* Updates a user in the database and returns it.
|
|
311
|
+
*
|
|
312
|
+
* See also [User management](https://authjs.dev/guides/creating-a-database-adapter#user-management)
|
|
313
|
+
*/
|
|
314
|
+
updateUser?(
|
|
315
|
+
user: Partial<AdapterUser> & Pick<AdapterUser, "id">
|
|
316
|
+
): Awaitable<AdapterUser>
|
|
317
|
+
/**
|
|
318
|
+
* @todo This method is currently not invoked yet.
|
|
319
|
+
*
|
|
320
|
+
* See also [User management](https://authjs.dev/guides/creating-a-database-adapter#user-management)
|
|
321
|
+
*/
|
|
322
|
+
deleteUser?(
|
|
323
|
+
userId: string
|
|
324
|
+
): Promise<void> | Awaitable<AdapterUser | null | undefined>
|
|
325
|
+
/**
|
|
326
|
+
* This method is invoked internally (but optionally can be used for manual linking).
|
|
327
|
+
* It creates an [Account](https://authjs.dev/reference/core/adapters#models) in the database.
|
|
328
|
+
*
|
|
329
|
+
* See also [User management](https://authjs.dev/guides/creating-a-database-adapter#user-management)
|
|
330
|
+
*/
|
|
331
|
+
linkAccount?(
|
|
332
|
+
account: AdapterAccount
|
|
333
|
+
): Promise<void> | Awaitable<AdapterAccount | null | undefined>
|
|
334
|
+
/** @todo This method is currently not invoked yet. */
|
|
335
|
+
unlinkAccount?(
|
|
336
|
+
providerAccountId: Pick<AdapterAccount, "provider" | "providerAccountId">
|
|
337
|
+
): Promise<void> | Awaitable<AdapterAccount | undefined>
|
|
338
|
+
/**
|
|
339
|
+
* Creates a session for the user and returns it.
|
|
340
|
+
*
|
|
341
|
+
* See also [Database Session management](https://authjs.dev/guides/creating-a-database-adapter#database-session-management)
|
|
342
|
+
*/
|
|
343
|
+
createSession?(session: {
|
|
344
|
+
sessionToken: string
|
|
345
|
+
userId: string
|
|
346
|
+
expires: Date
|
|
347
|
+
}): Awaitable<AdapterSession>
|
|
348
|
+
/**
|
|
349
|
+
* Returns a session and a userfrom the database in one go.
|
|
350
|
+
*
|
|
351
|
+
* :::tip
|
|
352
|
+
* If the database supports joins, it's recommended to reduce the number of database queries.
|
|
353
|
+
* :::
|
|
354
|
+
*
|
|
355
|
+
* See also [Database Session management](https://authjs.dev/guides/creating-a-database-adapter#database-session-management)
|
|
356
|
+
*/
|
|
357
|
+
getSessionAndUser?(
|
|
358
|
+
sessionToken: string
|
|
359
|
+
): Awaitable<{ session: AdapterSession; user: AdapterUser } | null>
|
|
360
|
+
/**
|
|
361
|
+
* Updates a session in the database and returns it.
|
|
362
|
+
*
|
|
363
|
+
* See also [Database Session management](https://authjs.dev/guides/creating-a-database-adapter#database-session-management)
|
|
364
|
+
*/
|
|
365
|
+
updateSession?(
|
|
366
|
+
session: Partial<AdapterSession> & Pick<AdapterSession, "sessionToken">
|
|
367
|
+
): Awaitable<AdapterSession | null | undefined>
|
|
368
|
+
/**
|
|
369
|
+
* Deletes a session from the database. It is preferred that this method also
|
|
370
|
+
* returns the session that is being deleted for logging purposes.
|
|
371
|
+
*
|
|
372
|
+
* See also [Database Session management](https://authjs.dev/guides/creating-a-database-adapter#database-session-management)
|
|
373
|
+
*/
|
|
374
|
+
deleteSession?(
|
|
375
|
+
sessionToken: string
|
|
376
|
+
): Promise<void> | Awaitable<AdapterSession | null | undefined>
|
|
377
|
+
/**
|
|
378
|
+
* Creates a verification token and returns it.
|
|
379
|
+
*
|
|
380
|
+
* See also [Verification tokens](https://authjs.dev/guides/creating-a-database-adapter#verification-tokens)
|
|
381
|
+
*/
|
|
382
|
+
createVerificationToken?(
|
|
383
|
+
verificationToken: VerificationToken
|
|
384
|
+
): Awaitable<VerificationToken | null | undefined>
|
|
385
|
+
/**
|
|
386
|
+
* Return verification token from the database and deletes it
|
|
387
|
+
* so it can only be used once.
|
|
388
|
+
*
|
|
389
|
+
* See also [Verification tokens](https://authjs.dev/guides/creating-a-database-adapter#verification-tokens)
|
|
390
|
+
*/
|
|
391
|
+
useVerificationToken?(params: {
|
|
392
|
+
identifier: string
|
|
393
|
+
token: string
|
|
394
|
+
}): Awaitable<VerificationToken | null>
|
|
395
|
+
/**
|
|
396
|
+
* Get account by provider account id and provider.
|
|
397
|
+
*
|
|
398
|
+
* If an account is not found, the adapter must return `null`.
|
|
399
|
+
*/
|
|
400
|
+
getAccount?(
|
|
401
|
+
providerAccountId: AdapterAccount["providerAccountId"],
|
|
402
|
+
provider: AdapterAccount["provider"]
|
|
403
|
+
): Awaitable<AdapterAccount | null>
|
|
404
|
+
/**
|
|
405
|
+
* Returns an authenticator from its credentialID.
|
|
406
|
+
*
|
|
407
|
+
* If an authenticator is not found, the adapter must return `null`.
|
|
408
|
+
*/
|
|
409
|
+
getAuthenticator?(
|
|
410
|
+
credentialID: AdapterAuthenticator["credentialID"]
|
|
411
|
+
): Awaitable<AdapterAuthenticator | null>
|
|
412
|
+
/**
|
|
413
|
+
* Create a new authenticator.
|
|
414
|
+
*
|
|
415
|
+
* If the creation fails, the adapter must throw an error.
|
|
416
|
+
*/
|
|
417
|
+
createAuthenticator?(
|
|
418
|
+
authenticator: AdapterAuthenticator
|
|
419
|
+
): Awaitable<AdapterAuthenticator>
|
|
420
|
+
/**
|
|
421
|
+
* Returns all authenticators from a user.
|
|
422
|
+
*
|
|
423
|
+
* If a user is not found, the adapter should still return an empty array.
|
|
424
|
+
* If the retrieval fails for some other reason, the adapter must throw an error.
|
|
425
|
+
*/
|
|
426
|
+
listAuthenticatorsByUserId?(
|
|
427
|
+
userId: AdapterAuthenticator["userId"]
|
|
428
|
+
): Awaitable<AdapterAuthenticator[]>
|
|
429
|
+
/**
|
|
430
|
+
* Updates an authenticator's counter.
|
|
431
|
+
*
|
|
432
|
+
* If the update fails, the adapter must throw an error.
|
|
433
|
+
*/
|
|
434
|
+
updateAuthenticatorCounter?(
|
|
435
|
+
credentialID: AdapterAuthenticator["credentialID"],
|
|
436
|
+
newCounter: AdapterAuthenticator["counter"]
|
|
437
|
+
): Awaitable<AdapterAuthenticator>
|
|
438
|
+
}
|
|
439
|
+
|
|
440
|
+
/**
|
|
441
|
+
* Server Actions Adapter allows you to use server actions instead of database adapters.
|
|
442
|
+
* This enables a backend-first architecture where authentication operations are handled
|
|
443
|
+
* through server actions that can call your backend API.
|
|
444
|
+
*
|
|
445
|
+
* @example
|
|
446
|
+
* ```ts
|
|
447
|
+
* import MulGuard from "mulguard"
|
|
448
|
+
* import { signinApiV1AuthLoginCredentialsPost } from "./authentication"
|
|
449
|
+
*
|
|
450
|
+
* export const { handlers, auth } = NextAuth({
|
|
451
|
+
* serverActions: {
|
|
452
|
+
* getUser: async (id) => {
|
|
453
|
+
* const profile = await getProfileApiV1AuthMeGet()
|
|
454
|
+
* return transformToAdapterUser(profile)
|
|
455
|
+
* },
|
|
456
|
+
* // ... other server actions
|
|
457
|
+
* }
|
|
458
|
+
* })
|
|
459
|
+
* ```
|
|
460
|
+
*/
|
|
461
|
+
export interface ServerActionsAdapter {
|
|
462
|
+
/**
|
|
463
|
+
* Creates a user via server action and returns it.
|
|
464
|
+
*/
|
|
465
|
+
createUser?: (user: AdapterUser) => Awaitable<AdapterUser>
|
|
466
|
+
/**
|
|
467
|
+
* Returns a user from server action via the user id.
|
|
468
|
+
*/
|
|
469
|
+
getUser?: (id: string) => Awaitable<AdapterUser | null>
|
|
470
|
+
/**
|
|
471
|
+
* Returns a user from server action via the user's email address.
|
|
472
|
+
*/
|
|
473
|
+
getUserByEmail?: (email: string) => Awaitable<AdapterUser | null>
|
|
474
|
+
/**
|
|
475
|
+
* Using the provider id and the id of the user for a specific account, get the user.
|
|
476
|
+
*/
|
|
477
|
+
getUserByAccount?: (
|
|
478
|
+
providerAccountId: Pick<AdapterAccount, "provider" | "providerAccountId">
|
|
479
|
+
) => Awaitable<AdapterUser | null>
|
|
480
|
+
/**
|
|
481
|
+
* Updates a user via server action and returns it.
|
|
482
|
+
*/
|
|
483
|
+
updateUser?: (
|
|
484
|
+
user: Partial<AdapterUser> & Pick<AdapterUser, "id">
|
|
485
|
+
) => Awaitable<AdapterUser>
|
|
486
|
+
/**
|
|
487
|
+
* Deletes a user via server action.
|
|
488
|
+
*/
|
|
489
|
+
deleteUser?: (
|
|
490
|
+
userId: string
|
|
491
|
+
) => Promise<void> | Awaitable<AdapterUser | null | undefined>
|
|
492
|
+
/**
|
|
493
|
+
* Creates an Account via server action.
|
|
494
|
+
*/
|
|
495
|
+
linkAccount?: (
|
|
496
|
+
account: AdapterAccount
|
|
497
|
+
) => Promise<void> | Awaitable<AdapterAccount | null | undefined>
|
|
498
|
+
/**
|
|
499
|
+
* Unlinks an account via server action.
|
|
500
|
+
*/
|
|
501
|
+
unlinkAccount?: (
|
|
502
|
+
providerAccountId: Pick<AdapterAccount, "provider" | "providerAccountId">
|
|
503
|
+
) => Promise<void> | Awaitable<AdapterAccount | undefined>
|
|
504
|
+
/**
|
|
505
|
+
* Creates a session via server action and returns it.
|
|
506
|
+
*/
|
|
507
|
+
createSession?: (session: {
|
|
508
|
+
sessionToken: string
|
|
509
|
+
userId: string
|
|
510
|
+
expires: Date
|
|
511
|
+
}) => Awaitable<AdapterSession>
|
|
512
|
+
/**
|
|
513
|
+
* Returns a session and a user from server action in one go.
|
|
514
|
+
*/
|
|
515
|
+
getSessionAndUser?: (
|
|
516
|
+
sessionToken: string
|
|
517
|
+
) => Awaitable<{ session: AdapterSession; user: AdapterUser } | null>
|
|
518
|
+
/**
|
|
519
|
+
* Updates a session via server action and returns it.
|
|
520
|
+
*/
|
|
521
|
+
updateSession?: (
|
|
522
|
+
session: Partial<AdapterSession> & Pick<AdapterSession, "sessionToken">
|
|
523
|
+
) => Awaitable<AdapterSession | null | undefined>
|
|
524
|
+
/**
|
|
525
|
+
* Deletes a session via server action.
|
|
526
|
+
*/
|
|
527
|
+
deleteSession?: (
|
|
528
|
+
sessionToken: string
|
|
529
|
+
) => Promise<void> | Awaitable<AdapterSession | null | undefined>
|
|
530
|
+
/**
|
|
531
|
+
* Creates a verification token via server action and returns it.
|
|
532
|
+
*/
|
|
533
|
+
createVerificationToken?: (
|
|
534
|
+
verificationToken: VerificationToken
|
|
535
|
+
) => Awaitable<VerificationToken | null | undefined>
|
|
536
|
+
/**
|
|
537
|
+
* Return verification token from server action and deletes it
|
|
538
|
+
* so it can only be used once.
|
|
539
|
+
*/
|
|
540
|
+
useVerificationToken?: (params: {
|
|
541
|
+
identifier: string
|
|
542
|
+
token: string
|
|
543
|
+
}) => Awaitable<VerificationToken | null>
|
|
544
|
+
/**
|
|
545
|
+
* Get account by provider account id and provider via server action.
|
|
546
|
+
*/
|
|
547
|
+
getAccount?: (
|
|
548
|
+
providerAccountId: AdapterAccount["providerAccountId"],
|
|
549
|
+
provider: AdapterAccount["provider"]
|
|
550
|
+
) => Awaitable<AdapterAccount | null>
|
|
551
|
+
/**
|
|
552
|
+
* Returns an authenticator from its credentialID via server action.
|
|
553
|
+
*/
|
|
554
|
+
getAuthenticator?: (
|
|
555
|
+
credentialID: AdapterAuthenticator["credentialID"]
|
|
556
|
+
) => Awaitable<AdapterAuthenticator | null>
|
|
557
|
+
/**
|
|
558
|
+
* Create a new authenticator via server action.
|
|
559
|
+
*/
|
|
560
|
+
createAuthenticator?: (
|
|
561
|
+
authenticator: AdapterAuthenticator
|
|
562
|
+
) => Awaitable<AdapterAuthenticator>
|
|
563
|
+
/**
|
|
564
|
+
* Returns all authenticators from a user via server action.
|
|
565
|
+
*/
|
|
566
|
+
listAuthenticatorsByUserId?: (
|
|
567
|
+
userId: AdapterAuthenticator["userId"]
|
|
568
|
+
) => Awaitable<AdapterAuthenticator[]>
|
|
569
|
+
/**
|
|
570
|
+
* Updates an authenticator's counter via server action.
|
|
571
|
+
*/
|
|
572
|
+
updateAuthenticatorCounter?: (
|
|
573
|
+
credentialID: AdapterAuthenticator["credentialID"],
|
|
574
|
+
newCounter: AdapterAuthenticator["counter"]
|
|
575
|
+
) => Awaitable<AdapterAuthenticator>
|
|
576
|
+
}
|
|
577
|
+
|
|
578
|
+
// https://github.com/honeinc/is-iso-date/blob/master/index.js
|
|
579
|
+
const isoDateRE =
|
|
580
|
+
/(\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d:[0-5]\d\.\d+([+-][0-2]\d:[0-5]\d|Z))|(\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d:[0-5]\d([+-][0-2]\d:[0-5]\d|Z))|(\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d([+-][0-2]\d:[0-5]\d|Z))/
|
|
581
|
+
|
|
582
|
+
/** Determines if a given value can be parsed into `Date` */
|
|
583
|
+
export function isDate(value: unknown): value is string {
|
|
584
|
+
return (
|
|
585
|
+
typeof value === "string" &&
|
|
586
|
+
isoDateRE.test(value) &&
|
|
587
|
+
!isNaN(Date.parse(value))
|
|
588
|
+
)
|
|
589
|
+
}
|
|
590
|
+
|
|
591
|
+
// @ts-expect-error For compatibility with older versions of NextAuth.js
|
|
592
|
+
declare module "next-auth/adapters" {
|
|
593
|
+
type JsonObject = {
|
|
594
|
+
[Key in string]?: JsonValue
|
|
595
|
+
}
|
|
596
|
+
type JsonArray = JsonValue[]
|
|
597
|
+
type JsonPrimitive = string | number | boolean | null
|
|
598
|
+
type JsonValue = JsonPrimitive | JsonObject | JsonArray
|
|
599
|
+
interface AdapterAccount {
|
|
600
|
+
type: "oauth" | "email" | "oidc"
|
|
601
|
+
[key: string]: JsonValue | undefined
|
|
602
|
+
}
|
|
603
|
+
}
|