@mulverse/mulguard-core 1.0.0

package/src/providers/netsuite.ts

@@ -0,0 +1,225 @@
+/**
+ * <div class="provider" style={{backgroundColor: "#24292f", display: "flex", justifyContent: "space-between", color: "#fff", padding: 16}}>
+ * <span>Built-in <b>NetSuite</b> integration.</span>
+ * <a href="https://system.netsuite.com">
+ *   <img style={{display: "block"}} src="https://authjs.dev/img/providers/netsuite.svg" height="48" width="48"/>
+ * </a>
+ * </div>
+ *
+ * @module providers/netsuite
+ */
+
+/*
+ * This NetSuite provider uses OAuth 2 Features. Ensure you have an integration record and access token set up in order to use this provider.
+ * Read more about OAuth 2 setup here: https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_157771281570.html
+ */
+
+import type { OAuthConfig, OAuthUserConfig } from "./index.js"
+
+export interface OAuthNetSuiteOptions {
+  /**
+   *  The prompt options - also viewable below
+   *
+   *  @link https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_160855585734.html
+   *
+   * 	authorization.params.prompt
+   *
+   * The optional prompt parameter provides additional control of when the login/consent screen appears. Following are the values you can use with the prompt parameter:
+   * "none" - the consent screen does not appear. If there is no active session, the application returns an error.
+   * "login" - the user must authenticate even if there is an active session.
+   * This option only works if the application sends the request to the account-specific domain.
+   * "consent" - the consent screen appears every time. The user must authenticate if there is no active session.
+   * login consent or consent login - the consent screen appears every time, and the user must authenticate even if there is an active session and allow the connection to the NetSuite. Similar to GitHub, Google, and Facebook data consent screens.
+   */
+  prompt: string | "none" | "login" | "consent"
+  /**
+   * EX: TSTDRV1234567 or 81555 for prod
+   */
+  accountID: string
+  /**
+   * restlets rest_webservices or restlets or rest_webservices suiteanalytics_connect restlets
+   */
+  scope: string
+  /**
+   * Either a restlet or suitelet returning runtime info or record info -> RESTlet recommended
+   */
+  userinfo: string
+}
+
+export interface NetSuiteProfile {
+  // Main N/runtime.getCurrentUser() object return
+  id: number
+  name: string
+  email: string
+  location: number
+  role: number
+  roleId?: string
+  roleCenter?: string
+  contact?: number
+  subsidiary?: number
+  department?: number
+}
+
+/**
+ * Add Netsuite login to your page and make requests to:
+ * - [NetSuite RESTLets](https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_4567507062.html#Tracking-RESTlet-Calls-Made-with-TBA-and-OAuth-2.0).
+ * - [NetSuite REST Web Services](https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/book_1559132836.html#SuiteTalk-REST-Web-Services-API-Guide).
+ *
+ * ### Setup
+ *
+ * #### Disclaimer
+ * By using this provider, you consent to sharing your data with NetSuite.
+ * By using this provider we assume you comply with NetSuite's [Terms of Service](https://www.netsuite.com/portal/assets/pdf/terms_of_service.pdf) and [Privacy Policy](https://www.oracle.com/legal/privacy).
+ * The author of this provider is not affiliated with NetSuite. Proceeding with this provider you must be a NetSuite customer and have a NetSuite account (Full access user).
+ * **Ensure the OAuth 2.0 Feature is enabled in your NetSuite account with the proper permissions set up on the current role/user**
+ *
+ * Before setting up the provider, you will need to:
+ * - [Create an Integration Record](https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_157771733782.html#procedure_157838925981)
+ *   - Uncheck the TBA Auth Flow checkbox.
+ *   - Check OAuth 2.0 Auth Flow checkbox.
+ *   - Copy and paste the `Callback URL` below into the `Redirect URI` field.
+ *   - Then select the scope(s) you want to use.
+ *     - **REST Web Services** (`rest_webservices`) - Access to REST Web Services.
+ *     - **RESTlets**(`restlets`) - Access to RESTLets.
+ *     - **SuiteAnalytics Connect** (`suiteanalytics_connect`) - Access to SuiteAnalytics Connect.
+ *   - Add any policies you want to use.
+ *     - Application Logo (_Optional_) (Shown to users when they are asked to grant access to your application). - Consent Screen
+ *     - Application Terms of Use (_Optional_) - A PDF file that contains the terms of use for your application. - Consent Screen
+ *     - Application Privacy Policy (_Optional_) - A PDF file that contains the privacy policy for your application. - Consent Screen
+ *   - OAuth 2.0 Consent Policy Preference - This setting determines whether the user is asked to grant access to your application **every time** they sign in or only the **first time** they sign in or **never**.
+ *   - **Save** the Integration record.
+ *   - The Integration record will be used to generate the `clientId` and `clientSecret` for the provider. **Save the generated values for later**
+ *
+ * #### Callback URL
+ *
+ * :::tip
+ * When setting the Redirect URI in the Integration record, you must use the `https` protocol.
+ * Otherwise, you will get an error when trying to sign in. (_INVALID_LOGIN_ATTEMPT_).
+ * If you are testing locally, you can use a service like [ngrok](https://ngrok.com/) to create a secure tunnel to your localhost.
+ * :::
+ *
+ * ```
+ * https://example.com/api/auth/callback/netsuite
+ * ```
+ *
+ * :::tip
+ * Our `userinfo` needs to compose of a suitelet or RESTLet url that gives us the information about the user. This has to be very fast in which the handshake profile gather execution can't take long.
+ * The best bet is to use the `N/runtime` module to get the basics first. - Here is an example of a RESTlet below. Be sure to deploy and enable access to "All Roles".
+ * :::
+ *
+ * #### Example RESTLet Callback Handler
+ * Be sure to deploy and use the **external** RESTLet url of any usage of the URIs.
+ *
+ * ```js
+ * * /**
+ * * @NApiVersion 2.1
+ * * @NScriptType Restlet
+ * *\/
+ * define(["N/runtime"], /**
+ *  @param{runtime} runtimee
+ * \/ (runtime) => {
+ *  /**
+ *   * Defines the function that is executed when a GET request is sent to a RESTlet.
+ *   * @param {Object} requestParams - Parameters from HTTP request URL; parameters passed as an Object (for all supported
+ *   *     content types)
+ *   * @returns {string | Object} HTTP response body; returns a string when request Content-Type is 'text/plain'; returns an
+ *   *     Object when request Content-Type is 'application/json' or 'application/xml'
+ *   * @since 2015.2
+ *   *\/
+ *   const get = (requestParams) => {
+ *     let userObject = runtime.getCurrentUser();
+ *
+ *     try {
+ *       log.debug({ title: "Payload received:", details: requestParams });
+ *
+ *       const { id, name, role, location, email, contact } = userObject;
+ *
+ *       log.audit({ title: "Current User Ran", details: name });
+ *
+ *       let user = {
+ *         id,
+ *         name,
+ *         role,
+ *         location,
+ *         email,
+ *         contact,
+ *       };
+ *
+ *       log.debug({ title: "Returning user", details: user });
+ *
+ *       return JSON.stringify(user);
+ *     } catch (e) {
+ *       log.error({ title: "Error grabbing current user:", details: e });
+ *     }
+ *   };
+ *
+ *   return {
+ *     get,
+ *   };
+ * );
+ * ```
+ *
+ * > **Note**: Above is an example of returning the basic runtime information. Be sure to create a new script record and deployment record. Upon saving the deployment record. We will get our URLs for our RESTlet.
+ *
+ * ### Configuration
+ *
+ * ```ts
+ * import { Auth } from "@auth/core"
+ * import Netsuite from "@auth/core/providers/netsuite"
+ *
+ * const request = new Request(origin)
+ * const response = await Auth(request, {
+ *   providers: [
+ *       NetSuite({
+ *         accountID: NETSUITE_ACCOUNT_ID, // EX: TSTDRV1234567 or 81555 for prod, and 1234567-SB1 for Sandbox accounts not "_" use "-".
+ *        // Returns the current user using the N/runtime module. This url can be a suitelet or RESTlet (Recommended)
+ *        // Using getCurrentUser(); So we match this schema returned from this RESTlet in the profile callback. (Required)
+ *         userinfo: "https://1234567.restlets.api.netsuite.com/app/site/hosting/restlet.nl?script=123&deploy=1",
+ *       })
+ *   ],
+ * })
+ * ```
+ *
+ * ### Resources
+ *
+ * - [NetSuite - Creating an Integration Record (OAuth 2.0)](https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_157771733782.html#Related-Topics)
+ * - [NetSuite - Authorizing OAuth Requests](https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps)
+ * - [NetSuite - Configure OAuth Roles](https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_157771510070.html#Set-Up-OAuth-2.0-Roles)
+ * - [Learn more about NetSuite OAuth 2.0](https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/chapter_157769826287.html#OAuth-2.0)
+ *
+ * ### Notes
+ *
+ * :::tip
+ * Make sure the `userinfo` matches the return type of the profile callback to ensure the user session gets read correctly.
+ * To override the defaults for your use case, check out [customizing a built-in OAuth provider](https://authjs.dev/guides/providers/custom-provider#override-default-options).
+ * :::
+ *
+ */
+export default function NetSuite<P extends NetSuiteProfile>(
+  config: OAuthUserConfig<P> & OAuthNetSuiteOptions
+): OAuthConfig<P> {
+  const { accountID } = config
+
+  return {
+    id: "netsuite",
+    name: "NetSuite",
+    type: "oauth",
+    checks: ["state"],
+    authorization: {
+      url: `https://${accountID}.app.netsuite.com/app/login/oauth2/authorize.nl`,
+      params: { scope: "restlets rest_webservices" },
+    },
+    token: `https://${accountID}.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token`,
+    profile(profile) {
+      // This is the default runtime.getCurrentUser() object returned from the RESTlet or SUITELet
+      return {
+        id: profile.id.toString(),
+        name: profile.name,
+        email: profile.email,
+        image: null,
+      }
+    },
+    style: { logo: "/netsuite.svg", bg: "#181a1b", text: "#fbfbfb" },
+    options: config,
+  }
+}

package/src/providers/nextcloud.ts

@@ -0,0 +1,207 @@
+/**
+ * <div class="provider" style={{backgroundColor: "#0082C9", display: "flex", justifyContent: "space-between", color: "#fff", padding: 16}}>
+ * <span>Built-in <b>Nextcloud</b> integration.</span>
+ * <a href="https://nextcloud.com">
+ *   <img style={{display: "block"}} src="https://authjs.dev/img/providers/nextcloud.svg" height="48" width="48"/>
+ * </a>
+ * </div>
+ *
+ * @module providers/nextcloud
+ */
+
+import type { OAuthConfig, OAuthUserConfig } from "./index.js"
+
+/**
+ * Represents the Nextcloud user profile data returned from the `/ocs/v1.php/cloud/users/`.
+ * @see [Check out the documentation for more details](https://docs.nextcloud.com/server/latest/admin_manual/configuration_user/instruction_set_for_users.html#get-data-of-a-single-user)
+ */
+export interface NextcloudProfile extends Record<string, any> {
+  /**
+   * The user's username.
+   * @example "frank"
+   */
+  id: string
+
+  /**
+   * The email address associated with the user.
+   * @example "frank@domain.tld"
+   */
+  email: string | null
+
+  /**
+   * The display name of the user.
+   * @example "Frank K."
+   */
+  displayname: string
+
+  /**
+   * The phone number of the user.
+   */
+  phone: string
+
+  /**
+   * The address of the user.
+   * @example "Foobar 12, 12345 Town"
+   */
+  address: string
+
+  /**
+   * The website URL of the user.
+   * @example "https://nextcloud.com"
+   */
+  website: string
+
+  /**
+   * The user's Twitter handle.
+   * @example "Nextcloud"
+   */
+  twitter: string
+
+  /**
+   * The user's Fediverse handle.
+   */
+  fediverse: string
+
+  /**
+   * The organization associated with the user.
+   */
+  organisation: string
+
+  /**
+   * The role or position of the user.
+   */
+  role: string
+
+  /**
+   * The headline or brief description of the user.
+   */
+  headline: string
+
+  /**
+   * The biography or detailed description of the user.
+   */
+  biography: string
+
+  /**
+   * An array of group names that the user belongs to.
+   * @example ["admin", "group1", "group2"]
+   */
+  groups: string[]
+
+  /**
+   * The language preference of the user.
+   * @example "en"
+   */
+  language: string
+
+  /**
+   * The locale or language locale of the user.
+   * @example "en_US"
+   */
+  locale: string
+
+  /**
+   * Indicates whether the user account is enabled or disabled.
+   * @example true
+   */
+  enabled: boolean
+
+  /**
+   * The storage location of the user's files.
+   * @example "/path/to/nextcloud/data/frank"
+   */
+  storageLocation: string
+}
+
+/**
+ * Add Nextcloud login to your page.
+ *
+ * ### Setup
+ *
+ * #### Callback URL
+ * ```
+ * https://example.com/auth/callback/nextcloud
+ * ```
+ *
+ * #### Configuration
+ * ```ts
+ * import { Auth } from "@auth/core"
+ * import Nextcloud from "@auth/core/providers/nextcloud"
+ *
+ * const request = new Request(origin)
+ * const response = await Auth(request, {
+ *   providers: [
+ *     Nextcloud({ clientId: AUTH_NEXTCLOUD_ID, clientSecret: AUTH_NEXTCLOUD_SECRET, issuer: AUTH_NEXTCLOUD_ISSUER }),
+ *   ],
+ * })
+ * ```
+ *
+ * ### Resources
+ *
+ * - [Nextcloud Documentation](https://docs.nextcloud.com/)
+ * - [Nextcloud OAuth 2](https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/oauth2.html)
+ * - [Nextcloud Clients and Client APIs](https://docs.nextcloud.com/server/latest/developer_manual/client_apis/index.html)
+ * - [Nextcloud User provisioning API](https://docs.nextcloud.com/server/latest/admin_manual/configuration_user/user_provisioning_api.html)
+ *
+ * ### Notes
+ *
+ * By default, Auth.js assumes that the Nextcloud provider is
+ * based on the [OAuth 2](https://www.rfc-editor.org/rfc/rfc6749.html) specification.
+ *
+ * :::tip
+ *
+ * The Nextcloud provider comes with a [default configuration](https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/providers/nextcloud.ts).
+ * To override the defaults for your use case, check out [customizing a built-in OAuth provider](https://authjs.dev/guides/configuring-oauth-providers).
+ *
+ * :::
+ *
+ * :::info **Disclaimer**
+ *
+ * If you think you found a bug in the default configuration, you can [open an issue](https://authjs.dev/new/provider-issue).
+ *
+ * Auth.js strictly adheres to the specification and it cannot take responsibility for any deviation from
+ * the spec by the provider. You can open an issue, but if the problem is non-compliance with the spec,
+ * we might not pursue a resolution. You can ask for more help in [Discussions](https://authjs.dev/new/github-discussions).
+ *
+ * :::
+ */
+export default function Nextcloud(
+  options: OAuthUserConfig<NextcloudProfile>
+): OAuthConfig<NextcloudProfile> {
+  return {
+    id: "nextcloud",
+    name: "Nextcloud",
+    type: "oauth",
+    authorization: `${options.issuer}/apps/oauth2/authorize`,
+    token: `${options.issuer}/apps/oauth2/api/v1/token`,
+    userinfo: {
+      url: `${options.issuer}/ocs/v1.php/cloud/users`,
+      async request({ tokens, provider }) {
+        const url = `${provider.userinfo?.url}/${tokens.user_id}`
+
+        const res = await fetch(url, {
+          headers: {
+            "OCS-APIRequest": "true",
+            Authorization: `Bearer ${tokens.access_token}`,
+            Accept: "application/json",
+          },
+        }).then((res) => res.json())
+        return res.ocs.data
+      },
+    },
+    profile(profile) {
+      return {
+        id: profile.id,
+        name: profile.displayname,
+        email: profile.email,
+        image: `${options.issuer}/avatar/${profile.id}/512`,
+      }
+    },
+    style: {
+      logo: "/nextcloud.svg",
+      bg: "#fff",
+      text: "#0082C9",
+    },
+    options,
+  }
+}

package/src/providers/nodemailer.ts

@@ -0,0 +1,84 @@
+import { createTransport } from "nodemailer"
+import { AuthError } from "../errors.js"
+import { html, text } from "../lib/utils/email.js"
+
+import type { Transport, TransportOptions } from "nodemailer"
+import * as JSONTransport from "nodemailer/lib/json-transport/index.js"
+import * as SendmailTransport from "nodemailer/lib/sendmail-transport/index.js"
+import * as SESTransport from "nodemailer/lib/ses-transport/index.js"
+import * as SMTPPool from "nodemailer/lib/smtp-pool/index.js"
+import * as SMTPTransport from "nodemailer/lib/smtp-transport/index.js"
+import * as StreamTransport from "nodemailer/lib/stream-transport/index.js"
+import type { Awaitable, Theme } from "../types.js"
+import type { EmailConfig } from "./email.js"
+
+type AllTransportOptions =
+  | string
+  | SMTPTransport
+  | SMTPTransport.Options
+  | SMTPPool
+  | SMTPPool.Options
+  | SendmailTransport
+  | SendmailTransport.Options
+  | StreamTransport
+  | StreamTransport.Options
+  | JSONTransport
+  | JSONTransport.Options
+  | SESTransport
+  | SESTransport.Options
+  | Transport<any>
+  | TransportOptions
+
+export interface NodemailerConfig extends EmailConfig {
+  server?: AllTransportOptions
+  sendVerificationRequest: (params: {
+    identifier: string
+    url: string
+    expires: Date
+    provider: NodemailerConfig
+    token: string
+    theme: Theme
+    request: Request
+  }) => Awaitable<void>
+  options?: NodemailerUserConfig
+}
+
+export type NodemailerUserConfig = Omit<
+  Partial<NodemailerConfig>,
+  "options" | "type"
+>
+
+export default function Nodemailer(
+  config: NodemailerUserConfig
+): NodemailerConfig {
+  if (!config.server)
+    throw new AuthError("Nodemailer requires a `server` configuration")
+
+  return {
+    id: "nodemailer",
+    type: "email",
+    name: "Nodemailer",
+    server: { host: "localhost", port: 25, auth: { user: "", pass: "" } },
+    from: "Auth.js <no-reply@authjs.dev>",
+    maxAge: 24 * 60 * 60,
+    async sendVerificationRequest(params) {
+      const { identifier, url, provider, theme } = params
+      const { host } = new URL(url)
+      const transport = createTransport(provider.server)
+      const result = await transport.sendMail({
+        to: identifier,
+        from: provider.from,
+        subject: `Sign in to ${host}`,
+        text: text({ url, host }),
+        html: html({ url, host, theme }),
+      })
+      const rejected = result.rejected || []
+      const pending = result.pending || []
+      const failed = rejected.concat(pending).filter(Boolean)
+      if (failed.length) {
+        throw new Error(`Email (${failed.join(", ")}) could not be sent`)
+      }
+    },
+    options: config,
+  }
+}

package/src/providers/notion.ts

@@ -0,0 +1,166 @@
+/**
+ * <div class="provider" style={{backgroundColor: "#000", display: "flex", justifyContent: "space-between", color: "#fff", padding: 16}}>
+ * <span>Built-in <b>Notion</b> integration.</span>
+ * <a href="https://notion.so">
+ *   <img style={{display: "block"}} src="https://authjs.dev/img/providers/notion.svg" height="48" width="48"/>
+ * </a>
+ * </div>
+ *
+ * @module providers/notion
+ */
+
+import type { OAuthConfig, OAuthUserConfig } from "./oauth.js"
+
+export interface Person extends Record<string, any> {
+  email: string
+}
+
+// https://developers.notion.com/reference/user
+export interface User extends Record<string, any> {
+  object: "user" | "bot"
+  id: string
+  type: string
+  name: string
+  avatar_url: null | string
+  person: Person
+  owner?: {
+    type: "workspace" | "user"
+    workspace: string
+  }
+  workspace_name?: string | null
+}
+
+export interface Owner {
+  type: string
+  user: User
+}
+
+// Notion responds with an access_token + some additional information, which we define here
+// More info -  https://developers.notion.com/docs/authorization#step-4-notion-responds-with-an-access_token-and-some-additional-information
+export interface NotionProfile extends Record<string, any> {
+  access_token: string
+  bot_id: string
+  duplicated_template_id: string
+  owner?: Owner
+  workspace_icon: string
+  workspace_id: number
+  workspace_name: string
+}
+
+// Any config required that isn't part of the `OAuthUserConfig` spec should belong here
+// For example, we must pass a `redirectUri` to the Notion API when requesting tokens, therefore we add it here
+interface AdditionalConfig {
+  redirectUri: string
+}
+
+const NOTION_HOST = "https://api.notion.com"
+const NOTION_API_VERSION = "2022-06-28"
+
+/**
+ * Add Notion login to your page.
+ *
+ * ### Setup
+ *
+ * #### Callback URL
+ * ```
+ * https://example.com/api/auth/callback/notion
+ * ```
+ *
+ * #### Configuration
+ *```ts
+ * import { Auth } from "@auth/core"
+ * import Notion from "@auth/core/providers/notion"
+ *
+ * const request = new Request(origin)
+ * const response = await Auth(request, {
+ *   providers: [
+ *     Notion({
+ *       clientId: NOTION_CLIENT_ID,
+ *       clientSecret: NOTION_CLIENT_SECRET,
+ *       redirectUri: NOTION_CLIENT_REDIRECT_URI,
+ *     }),
+ *   ],
+ * })
+ * ```
+ *
+ * ### Resources
+ * - [Notion Docs](https://developers.notion.com/docs)
+ * - [Notion Authorization Docs](https://developers.notion.com/docs/authorization)
+ * - [Notion Integrations](https://www.notion.so/my-integrations)
+ *
+ * ### Notes
+ * You need to select "Public Integration" on the configuration page to get an `oauth_id` and `oauth_secret`. Private integrations do not provide these details.
+ * You must provide a `clientId` and `clientSecret` to use this provider, as-well as a redirect URI (due to this being required by Notion endpoint to fetch tokens).
+ *
+ * :::tip
+ *
+ * The Notion provider comes with a [default configuration](https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/providers/notion.ts).
+ * To override the defaults for your use case, check out [customizing a built-in OAuth provider](https://authjs.dev/guides/configuring-oauth-providers).
+ *
+ * :::
+ *
+ * :::info **Disclaimer**
+ *
+ * If you think you found a bug in the default configuration, you can [open an issue](https://authjs.dev/new/provider-issue).
+ *
+ * Auth.js strictly adheres to the specification and it cannot take responsibility for any deviation from
+ * the spec by the provider. You can open an issue, but if the problem is non-compliance with the spec,
+ * we might not pursue a resolution. You can ask for more help in [Discussions](https://authjs.dev/new/github-discussions).
+ *
+ * :::
+ */
+export default function NotionProvider<P extends NotionProfile>(
+  options: OAuthUserConfig<P> & AdditionalConfig
+): OAuthConfig<P> {
+  return {
+    id: "notion",
+    name: "Notion",
+    type: "oauth",
+    token: {
+      url: `${NOTION_HOST}/v1/oauth/token`,
+    },
+    userinfo: {
+      url: `${NOTION_HOST}/v1/users`,
+
+      // The result of this method will be the input to the `profile` callback.
+      // We use a custom request handler, since we need to do things such as pass the "Notion-Version" header
+      // More info: https://authjs.dev/getting-started/providers/notion
+      async request(context) {
+        const profile = await fetch(`${NOTION_HOST}/v1/users/me`, {
+          headers: {
+            Authorization: `Bearer ${context.tokens.access_token}`,
+            "Notion-Version": NOTION_API_VERSION,
+          },
+        })
+
+        const {
+          bot: {
+            owner: { user },
+          },
+        } = await profile.json()
+
+        return user
+      },
+    },
+    authorization: {
+      params: {
+        client_id: options.clientId,
+        response_type: "code",
+        owner: "user",
+        redirect_uri: options.redirectUri,
+      },
+      url: `${NOTION_HOST}/v1/oauth/authorize`,
+    },
+
+    async profile(profile) {
+      return {
+        id: profile.id,
+        name: profile.name,
+        email: profile.person.email,
+        image: profile.avatar_url,
+      }
+    },
+    style: { bg: "#fff", text: "#000" },
+    options,
+  }
+}