@nauth-toolkit/core 0.1.21 → 0.1.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bootstrap.js +1 -1
- package/dist/bootstrap.js.map +1 -1
- package/dist/dto/auth-response.dto.d.ts +14 -0
- package/dist/dto/auth-response.dto.d.ts.map +1 -1
- package/dist/dto/auth-response.dto.js +14 -0
- package/dist/dto/auth-response.dto.js.map +1 -1
- package/dist/dto/social-auth.dto.d.ts +24 -0
- package/dist/dto/social-auth.dto.d.ts.map +1 -1
- package/dist/dto/social-auth.dto.js +37 -1
- package/dist/dto/social-auth.dto.js.map +1 -1
- package/dist/entities/user.entity.d.ts +8 -0
- package/dist/entities/user.entity.d.ts.map +1 -1
- package/dist/entities/user.entity.js +8 -0
- package/dist/entities/user.entity.js.map +1 -1
- package/dist/handlers/auth.handler.d.ts +3 -8
- package/dist/handlers/auth.handler.d.ts.map +1 -1
- package/dist/handlers/auth.handler.js +10 -55
- package/dist/handlers/auth.handler.js.map +1 -1
- package/dist/handlers/social-redirect.handler.d.ts +12 -2
- package/dist/handlers/social-redirect.handler.d.ts.map +1 -1
- package/dist/handlers/social-redirect.handler.js +27 -9
- package/dist/handlers/social-redirect.handler.js.map +1 -1
- package/dist/interfaces/entities.interface.d.ts +6 -0
- package/dist/interfaces/entities.interface.d.ts.map +1 -1
- package/dist/services/auth-challenge-helper.service.d.ts +1 -1
- package/dist/services/auth-challenge-helper.service.d.ts.map +1 -1
- package/dist/services/auth-challenge-helper.service.js +9 -4
- package/dist/services/auth-challenge-helper.service.js.map +1 -1
- package/dist/services/auth.service.d.ts +20 -3
- package/dist/services/auth.service.d.ts.map +1 -1
- package/dist/services/auth.service.js +59 -41
- package/dist/services/auth.service.js.map +1 -1
- package/dist/services/geo-location.service.js +2 -2
- package/dist/services/geo-location.service.js.map +1 -1
- package/dist/services/password-reset.service.d.ts.map +1 -1
- package/dist/services/password-reset.service.js.map +1 -1
- package/dist/services/phone-verification.service.js.map +1 -1
- package/dist/services/social-auth-base.service.d.ts.map +1 -1
- package/dist/services/social-auth-base.service.js +20 -3
- package/dist/services/social-auth-base.service.js.map +1 -1
- package/dist/templates/sms-template.engine.d.ts.map +1 -1
- package/dist/templates/sms-template.engine.js +1 -2
- package/dist/templates/sms-template.engine.js.map +1 -1
- package/package.json +1 -1
package/dist/bootstrap.js
CHANGED
|
@@ -117,7 +117,7 @@ class NAuth {
|
|
|
117
117
|
// 5. Create Handlers
|
|
118
118
|
// ========================================================================
|
|
119
119
|
const clientInfoHandler = new client_info_handler_1.ClientInfoHandler(services.clientInfoService, services.geoLocationService, logger);
|
|
120
|
-
const authHandler = new auth_handler_1.AuthHandler(services.jwtService, services.sessionService,
|
|
120
|
+
const authHandler = new auth_handler_1.AuthHandler(services.jwtService, services.sessionService, services.authService, config, logger);
|
|
121
121
|
const tokenDeliveryHandler = new token_delivery_handler_1.TokenDeliveryHandler(config, logger);
|
|
122
122
|
// CSRF service (only for cookies/hybrid delivery)
|
|
123
123
|
const csrfService = config.tokenDelivery?.method === 'cookies' || config.tokenDelivery?.method === 'hybrid'
|
package/dist/bootstrap.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bootstrap.js","sourceRoot":"","sources":["../src/bootstrap.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;;;AAIH,uDAAmD;AACnD,kEAA8D;AAC9D,+DAAyD;AAEzD,gEAA4D;AAC5D,6DAAyD;AAEzD,WAAW;AACX,wEAAmE;AACnE,0DAAsD;AACtD,8EAAyE;AACzE,0DAAsD;AACtD,0DAAsD;AAEtD,gBAAgB;AAChB,qEAAiE;AACjE,6DAAyD;AACzD,+DAA0E;AAC1E,6DAAkE;AAClE,2DAAiF;AACjF,6EAAiF;AACjF,yCAAiF;AAGjF,gGAAkF;AA4ElF,+EAA+E;AAC/E,wBAAwB;AACxB,+EAA+E;AAE/E;;;;GAIG;AACH,MAAa,KAAK;IAChB;;;;;;;;;;;;;;OAcG;IACH,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,OAAqB;QACvC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,OAAO,CAAC;QACvC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,IAAI,gCAAc,EAAE,CAAC;QAExD,MAAM,MAAM,GAAG,IAAI,0BAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC9C,MAAM,CAAC,GAAG,CAAC,2BAA2B,OAAO,CAAC,IAAI,KAAK,CAAC,CAAC;QAEzD,2EAA2E;QAC3E,2EAA2E;QAC3E,2EAA2E;QAC3E,MAAM,IAAA,kDAA2B,EAAC,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;QAE9D,2EAA2E;QAC3E,uCAAuC;QACvC,2EAA2E;QAC3E,MAAM,KAAK,GAAG,IAAA,kCAAe,EAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,OAAO,GAAG,MAAM,IAAA,0BAAW,EAAC,MAAM,EAAE,KAAK,CAAC,mBAAmB,EAAE,KAAK,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;QAE1G,2EAA2E;QAC3E,yBAAyB;QACzB,2EAA2E;QAC3E,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,CAAC;QAC3C,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;QACvC,MAAM,QAAQ,GAAkB,IAAA,4BAAY,EAAC,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC;QAEzG,2EAA2E;QAC3E,wCAAwC;QACxC,2EAA2E;QAC3E,MAAM,cAAc,GAAG,IAAI,iCAAsB,CAC/C,QAAQ,CAAC,oBAAoB,EAC7B,QAAQ,CAAC,0BAA0B,EACnC,QAAQ,CAAC,iBAAiB,EAC1B,MAAM,CACP,CAAC;QACF,MAAM,YAAY,GAAG,IAAI,sCAA2B,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QAE7E,IAAI,QAAQ,CAAC,0BAA0B,EAAE,CAAC;YACvC,QAAQ,CAAC,0BAAiE,CAAC,YAAY,GAAG,YAAY,CAAC;YACvG,QAAQ,CAAC,0BAAiE,CAAC,cAAc,GAAG,cAAc,CAAC;QAC9G,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,cAAc,EAAE,6CAA6C,CAAC,CAAC;QACxG,CAAC;QAED,2EAA2E;QAC3E,qCAAqC;QACrC,2EAA2E;QAC3E,MAAM,oBAAoB,GAAG,IAAI,sDAAoB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAEvE,IAAI,MAAM,CAAC,GAAG,EAAE,OAAO,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC;YAC/C,MAAM,IAAA,mCAAoB,EACxB,MAAM,EACN,QAAQ,CAAC,UAAU,EACnB,KAAK,CAAC,mBAAoB,EAC1B,KAAK,CAAC,cAAc,EACpB,MAAM,EACN,QAAQ,CAAC,eAAe,EACxB,QAAQ,CAAC,wBAAwB,EACjC,QAAQ,CAAC,wBAAwB,EACjC,QAAQ,CAAC,gBAAgB,EACzB,QAAQ,CAAC,YAAY,EACrB,QAAQ,CAAC,iBAAiB,CAC3B,CAAC;QACJ,CAAC;QAED,MAAM,eAAe,GAAyB,MAAM,IAAA,4BAAc,EAChE,MAAM,EACN,QAAQ,CAAC,sBAAsB,EAC/B,QAAQ,CAAC,WAAW,EACpB,QAAQ,CAAC,iBAAiB,EAC1B,QAAQ,CAAC,UAAU,EACnB,QAAQ,CAAC,cAAc,EACvB,QAAQ,CAAC,0BAA0B,EACnC,QAAQ,CAAC,iBAAiB,EAC1B,MAAM,EACN,oBAAoB,EACpB,KAAK,CAAC,cAAc,EACpB,QAAQ,CAAC,wBAAwB,EACjC,QAAQ,CAAC,YAAY,EACrB,QAAQ,CAAC,oBAAoB,CAC9B,CAAC;QAEF,2EAA2E;QAC3E,qBAAqB;QACrB,2EAA2E;QAC3E,MAAM,iBAAiB,GAAG,IAAI,uCAAiB,CAAC,QAAQ,CAAC,iBAAiB,EAAE,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC;QAEjH,MAAM,WAAW,GAAG,IAAI,0BAAW,CACjC,QAAQ,CAAC,UAAU,EACnB,QAAQ,CAAC,cAAc,EACvB,
|
|
1
|
+
{"version":3,"file":"bootstrap.js","sourceRoot":"","sources":["../src/bootstrap.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;;;AAIH,uDAAmD;AACnD,kEAA8D;AAC9D,+DAAyD;AAEzD,gEAA4D;AAC5D,6DAAyD;AAEzD,WAAW;AACX,wEAAmE;AACnE,0DAAsD;AACtD,8EAAyE;AACzE,0DAAsD;AACtD,0DAAsD;AAEtD,gBAAgB;AAChB,qEAAiE;AACjE,6DAAyD;AACzD,+DAA0E;AAC1E,6DAAkE;AAClE,2DAAiF;AACjF,6EAAiF;AACjF,yCAAiF;AAGjF,gGAAkF;AA4ElF,+EAA+E;AAC/E,wBAAwB;AACxB,+EAA+E;AAE/E;;;;GAIG;AACH,MAAa,KAAK;IAChB;;;;;;;;;;;;;;OAcG;IACH,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,OAAqB;QACvC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,OAAO,CAAC;QACvC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,IAAI,gCAAc,EAAE,CAAC;QAExD,MAAM,MAAM,GAAG,IAAI,0BAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC9C,MAAM,CAAC,GAAG,CAAC,2BAA2B,OAAO,CAAC,IAAI,KAAK,CAAC,CAAC;QAEzD,2EAA2E;QAC3E,2EAA2E;QAC3E,2EAA2E;QAC3E,MAAM,IAAA,kDAA2B,EAAC,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;QAE9D,2EAA2E;QAC3E,uCAAuC;QACvC,2EAA2E;QAC3E,MAAM,KAAK,GAAG,IAAA,kCAAe,EAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,OAAO,GAAG,MAAM,IAAA,0BAAW,EAAC,MAAM,EAAE,KAAK,CAAC,mBAAmB,EAAE,KAAK,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;QAE1G,2EAA2E;QAC3E,yBAAyB;QACzB,2EAA2E;QAC3E,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,CAAC;QAC3C,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;QACvC,MAAM,QAAQ,GAAkB,IAAA,4BAAY,EAAC,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC;QAEzG,2EAA2E;QAC3E,wCAAwC;QACxC,2EAA2E;QAC3E,MAAM,cAAc,GAAG,IAAI,iCAAsB,CAC/C,QAAQ,CAAC,oBAAoB,EAC7B,QAAQ,CAAC,0BAA0B,EACnC,QAAQ,CAAC,iBAAiB,EAC1B,MAAM,CACP,CAAC;QACF,MAAM,YAAY,GAAG,IAAI,sCAA2B,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QAE7E,IAAI,QAAQ,CAAC,0BAA0B,EAAE,CAAC;YACvC,QAAQ,CAAC,0BAAiE,CAAC,YAAY,GAAG,YAAY,CAAC;YACvG,QAAQ,CAAC,0BAAiE,CAAC,cAAc,GAAG,cAAc,CAAC;QAC9G,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,cAAc,EAAE,6CAA6C,CAAC,CAAC;QACxG,CAAC;QAED,2EAA2E;QAC3E,qCAAqC;QACrC,2EAA2E;QAC3E,MAAM,oBAAoB,GAAG,IAAI,sDAAoB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAEvE,IAAI,MAAM,CAAC,GAAG,EAAE,OAAO,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC;YAC/C,MAAM,IAAA,mCAAoB,EACxB,MAAM,EACN,QAAQ,CAAC,UAAU,EACnB,KAAK,CAAC,mBAAoB,EAC1B,KAAK,CAAC,cAAc,EACpB,MAAM,EACN,QAAQ,CAAC,eAAe,EACxB,QAAQ,CAAC,wBAAwB,EACjC,QAAQ,CAAC,wBAAwB,EACjC,QAAQ,CAAC,gBAAgB,EACzB,QAAQ,CAAC,YAAY,EACrB,QAAQ,CAAC,iBAAiB,CAC3B,CAAC;QACJ,CAAC;QAED,MAAM,eAAe,GAAyB,MAAM,IAAA,4BAAc,EAChE,MAAM,EACN,QAAQ,CAAC,sBAAsB,EAC/B,QAAQ,CAAC,WAAW,EACpB,QAAQ,CAAC,iBAAiB,EAC1B,QAAQ,CAAC,UAAU,EACnB,QAAQ,CAAC,cAAc,EACvB,QAAQ,CAAC,0BAA0B,EACnC,QAAQ,CAAC,iBAAiB,EAC1B,MAAM,EACN,oBAAoB,EACpB,KAAK,CAAC,cAAc,EACpB,QAAQ,CAAC,wBAAwB,EACjC,QAAQ,CAAC,YAAY,EACrB,QAAQ,CAAC,oBAAoB,CAC9B,CAAC;QAEF,2EAA2E;QAC3E,qBAAqB;QACrB,2EAA2E;QAC3E,MAAM,iBAAiB,GAAG,IAAI,uCAAiB,CAAC,QAAQ,CAAC,iBAAiB,EAAE,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC;QAEjH,MAAM,WAAW,GAAG,IAAI,0BAAW,CACjC,QAAQ,CAAC,UAAU,EACnB,QAAQ,CAAC,cAAc,EACvB,QAAQ,CAAC,WAAW,EACpB,MAAM,EACN,MAAM,CACP,CAAC;QAEF,MAAM,oBAAoB,GAAG,IAAI,6CAAoB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEtE,kDAAkD;QAClD,MAAM,WAAW,GACf,MAAM,CAAC,aAAa,EAAE,MAAM,KAAK,SAAS,IAAI,MAAM,CAAC,aAAa,EAAE,MAAM,KAAK,QAAQ;YACrF,CAAC,CAAC,IAAI,0BAAW,CAAC,MAAM,CAAC;YACzB,CAAC,CAAC,SAAS,CAAC;QAEhB,MAAM,WAAW,GAAG,WAAW,CAAC,CAAC,CAAC,IAAI,0BAAW,CAAC,WAAW,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAEtF,2EAA2E;QAC3E,sCAAsC;QACtC,2EAA2E;QAC3E,MAAM,UAAU,GAAG;YACjB,iDAAiD;YACjD,UAAU,EAAE,OAAO,CAAC,kBAAkB,CAAC,YAAY,EAAE,iBAAiB,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE;gBACrG,kBAAkB,EAAE,IAAI;aACzB,CAAC;YAEF,eAAe;YACf,IAAI,EAAE,OAAO,CAAC,kBAAkB,CAAC,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YAE9E,mCAAmC;YACnC,IAAI,EAAE,WAAW;gBACf,CAAC,CAAC,OAAO,CAAC,kBAAkB,CAAC,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;gBAC1E,CAAC,CAAC,OAAO,CAAC,kBAAkB,CAAC,MAAM,EAAE,KAAK,EAAE,IAAkB,EAAE,IAAmB,EAAE,IAAgB,EAAE,EAAE;oBACrG,MAAM,IAAI,EAAE,CAAC;gBACf,CAAC,CAAC;YAEN,wCAAwC;YACxC,aAAa,EAAE,OAAO,CAAC,2BAA2B,CAChD,oBAAoB,CAAC,cAAc,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAC/D;SACF,CAAC;QAEF,2EAA2E;QAC3E,oBAAoB;QACpB,2EAA2E;QAC3E,MAAM,OAAO,GAAG;YACd;;eAEG;YACH,MAAM,EAAE,GAAG,EAAE,CACX,OAAO,CAAC,kBAAkB,CAAC,QAAQ,EAAE,CAAC,GAAiB,EAAE,IAAmB,EAAE,IAAgB,EAAE,EAAE;gBAChG,GAAG,CAAC,UAAU,CAAC,WAAW,GAAG,IAAI,CAAC;gBAClC,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC,CAAC;YAEJ;;;;eAIG;YACH,WAAW,EAAE,CAAC,OAA4B,EAAE,EAAE,CAC5C,OAAO,CAAC,kBAAkB,CAAC,aAAa,EAAE,CAAC,GAAiB,EAAE,GAAkB,EAAE,IAAgB,EAAE,EAAE;gBACpG,gDAAgD;gBAChD,IAAI,OAAO,EAAE,IAAI,KAAK,KAAK,IAAI,GAAG,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;oBAC7D,MAAM,GAAG,CAAC,UAAU,CAAC,cAAc,CAAC;gBACtC,CAAC;gBAED,yBAAyB;gBACzB,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;oBACzB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,UAAU,EAAE,GAAG;wBACf,KAAK,EAAE,cAAc;wBACrB,OAAO,EAAE,yBAAyB;wBAClC,IAAI,EAAE,eAAe;qBACtB,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC,CAAC;YAEJ;;;;;eAKG;YACH,YAAY,EAAE,GAAG,EAAE,CACjB,OAAO,CAAC,kBAAkB,CAAC,cAAc,EAAE,CAAC,IAAkB,EAAE,IAAmB,EAAE,IAAgB,EAAE,EAAE;gBACvG,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC,CAAC;YAEJ;;eAEG;YACH,aAAa,EAAE,CAAC,IAAwB,EAAE,EAAE,CAC1C,OAAO,CAAC,kBAAkB,CACxB,qBAAqB,EACrB,CAAC,GAAiB,EAAE,IAAmB,EAAE,IAAgB,EAAE,EAAE;gBAC3D,GAAG,CAAC,UAAU,CAAC,kBAAkB,GAAG,IAAI,CAAC;gBACzC,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC,CACF;YAEH,6CAA6C;YAC7C,cAAc,EAAE,GAAG,EAAE,CAAC,gCAAc,CAAC,GAAG,CAAQ,cAAc,CAAC;YAC/D,iBAAiB,EAAE,GAAG,EAAE,CAAC,gCAAc,CAAC,GAAG,CAAkB,iBAAiB,CAAC;YAC/E,aAAa,EAAE,GAAG,EAAE,CAAC,gCAAc,CAAC,GAAG,CAAa,aAAa,CAAC;SACnE,CAAC;QAEF,2EAA2E;QAC3E,+BAA+B;QAC/B,2EAA2E;QAE3E,4CAA4C;QAC5C,MAAM,EAAE,gBAAgB,EAAE,0BAA0B,EAAE,GAAG,cAAc,EAAE,GAAG,QAAQ,CAAC;QAErF,MAAM,CAAC,GAAG,CAAC,uCAAuC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QAElE,OAAO;YACL,GAAG,cAAc;YACjB,GAAG,eAAe;YAClB,UAAU;YACV,OAAO;YACP,OAAO;YACP,MAAM;YACN,MAAM;YACN,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB;YAC7C,WAAW;SACZ,CAAC;IACJ,CAAC;CACF;AA1OD,sBA0OC"}
|
|
@@ -61,6 +61,20 @@ export declare class AuthResponseDTO {
|
|
|
61
61
|
* NOTE: Only present when authentication is complete (no pending challenges)
|
|
62
62
|
*/
|
|
63
63
|
refreshTokenExpiresAt?: number;
|
|
64
|
+
/**
|
|
65
|
+
* Authentication method used to create the current session (when authentication succeeds).
|
|
66
|
+
*
|
|
67
|
+
* Semantics:
|
|
68
|
+
* - `password`: email/username/phone + password login, or password-first flows
|
|
69
|
+
* - `<provider>`: social login provider that created the session (e.g., `google`, `apple`, `facebook`)
|
|
70
|
+
*
|
|
71
|
+
* Notes:
|
|
72
|
+
* - This is session-scoped state (not account capability). Account capabilities are expressed via:
|
|
73
|
+
* - `user.hasPasswordHash`
|
|
74
|
+
* - `user.socialProviders`
|
|
75
|
+
* - Only present when authentication is complete (no pending challenges).
|
|
76
|
+
*/
|
|
77
|
+
authMethod?: string;
|
|
64
78
|
/**
|
|
65
79
|
* Whether the current device is already trusted
|
|
66
80
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-response.dto.d.ts","sourceRoot":"","sources":["../../src/dto/auth-response.dto.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAErD;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,qBAAa,eAAe;IAC1B;;;;;OAKG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;;;OAKG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;;;;;;OAOG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAE9B;;;;;;;OAOG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAE/B;;;;;;;;;;;;OAYG;IACH,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;;;OAKG;IACH,IAAI,CAAC,EAAE;QACL;;;WAGG;QACH,GAAG,EAAE,MAAM,CAAC;QAEZ;;WAEG;QACH,KAAK,EAAE,MAAM,CAAC;QAEd;;WAEG;QACH,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAE1B;;WAEG;QACH,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAEzB;;;WAGG;QACH,KAAK,CAAC,EAAE,MAAM,CAAC;QAEf;;WAEG;QACH,eAAe,EAAE,OAAO,CAAC;QAEzB;;WAEG;QACH,eAAe,CAAC,EAAE,OAAO,CAAC;QAE1B;;;WAGG;QACH,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;QAE3B;;;;WAIG;QACH,eAAe,CAAC,EAAE,OAAO,CAAC;KAC3B,CAAC;IAMF;;;;;;;;;OASG;IACH,aAAa,CAAC,EAAE,aAAa,CAAC;IAE9B;;;;;;;;;;OAUG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;;;;;;;;;;;;;;;;OAiBG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAE9C;;;;;;OAMG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;;;GAKG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,oBAAoB,EAAE,MAAM,CAAC;IAE7B;;OAEG;IACH,qBAAqB,EAAE,MAAM,CAAC;CAC/B"}
|
|
1
|
+
{"version":3,"file":"auth-response.dto.d.ts","sourceRoot":"","sources":["../../src/dto/auth-response.dto.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAErD;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,qBAAa,eAAe;IAC1B;;;;;OAKG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;;;OAKG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;;;;;;OAOG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAE9B;;;;;;;OAOG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAE/B;;;;;;;;;;;;OAYG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;;;;;;;;;;;OAYG;IACH,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;;;OAKG;IACH,IAAI,CAAC,EAAE;QACL;;;WAGG;QACH,GAAG,EAAE,MAAM,CAAC;QAEZ;;WAEG;QACH,KAAK,EAAE,MAAM,CAAC;QAEd;;WAEG;QACH,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAE1B;;WAEG;QACH,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAEzB;;;WAGG;QACH,KAAK,CAAC,EAAE,MAAM,CAAC;QAEf;;WAEG;QACH,eAAe,EAAE,OAAO,CAAC;QAEzB;;WAEG;QACH,eAAe,CAAC,EAAE,OAAO,CAAC;QAE1B;;;WAGG;QACH,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;QAE3B;;;;WAIG;QACH,eAAe,CAAC,EAAE,OAAO,CAAC;KAC3B,CAAC;IAMF;;;;;;;;;OASG;IACH,aAAa,CAAC,EAAE,aAAa,CAAC;IAE9B;;;;;;;;;;OAUG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;;;;;;;;;;;;;;;;OAiBG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAE9C;;;;;;OAMG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;;;GAKG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,oBAAoB,EAAE,MAAM,CAAC;IAE7B;;OAEG;IACH,qBAAqB,EAAE,MAAM,CAAC;CAC/B"}
|
|
@@ -63,6 +63,20 @@ class AuthResponseDTO {
|
|
|
63
63
|
* NOTE: Only present when authentication is complete (no pending challenges)
|
|
64
64
|
*/
|
|
65
65
|
refreshTokenExpiresAt;
|
|
66
|
+
/**
|
|
67
|
+
* Authentication method used to create the current session (when authentication succeeds).
|
|
68
|
+
*
|
|
69
|
+
* Semantics:
|
|
70
|
+
* - `password`: email/username/phone + password login, or password-first flows
|
|
71
|
+
* - `<provider>`: social login provider that created the session (e.g., `google`, `apple`, `facebook`)
|
|
72
|
+
*
|
|
73
|
+
* Notes:
|
|
74
|
+
* - This is session-scoped state (not account capability). Account capabilities are expressed via:
|
|
75
|
+
* - `user.hasPasswordHash`
|
|
76
|
+
* - `user.socialProviders`
|
|
77
|
+
* - Only present when authentication is complete (no pending challenges).
|
|
78
|
+
*/
|
|
79
|
+
authMethod;
|
|
66
80
|
/**
|
|
67
81
|
* Whether the current device is already trusted
|
|
68
82
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-response.dto.js","sourceRoot":"","sources":["../../src/dto/auth-response.dto.ts"],"names":[],"mappings":";;;AAEA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAa,eAAe;IAC1B;;;;;OAKG;IACH,WAAW,CAAU;IAErB;;;;;OAKG;IACH,YAAY,CAAU;IAEtB;;;;;;;OAOG;IACH,oBAAoB,CAAU;IAE9B;;;;;;;OAOG;IACH,qBAAqB,CAAU;IAE/B;;;;;;;;;;;;OAYG;IACH,OAAO,CAAW;IAElB;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,WAAW,CAAU;IAErB;;;;;OAKG;IACH,IAAI,CAkDF;IAEF,+EAA+E;IAC/E,4CAA4C;IAC5C,+EAA+E;IAE/E;;;;;;;;;OASG;IACH,aAAa,CAAiB;IAE9B;;;;;;;;;;OAUG;IACH,OAAO,CAAU;IAEjB;;;;;;;;;;;;;;;;;OAiBG;IACH,mBAAmB,CAA2B;IAE9C;;;;;;OAMG;IACH,OAAO,CAAU;CAClB;
|
|
1
|
+
{"version":3,"file":"auth-response.dto.js","sourceRoot":"","sources":["../../src/dto/auth-response.dto.ts"],"names":[],"mappings":";;;AAEA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAa,eAAe;IAC1B;;;;;OAKG;IACH,WAAW,CAAU;IAErB;;;;;OAKG;IACH,YAAY,CAAU;IAEtB;;;;;;;OAOG;IACH,oBAAoB,CAAU;IAE9B;;;;;;;OAOG;IACH,qBAAqB,CAAU;IAE/B;;;;;;;;;;;;OAYG;IACH,UAAU,CAAU;IAEpB;;;;;;;;;;;;OAYG;IACH,OAAO,CAAW;IAElB;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,WAAW,CAAU;IAErB;;;;;OAKG;IACH,IAAI,CAkDF;IAEF,+EAA+E;IAC/E,4CAA4C;IAC5C,+EAA+E;IAE/E;;;;;;;;;OASG;IACH,aAAa,CAAiB;IAE9B;;;;;;;;;;OAUG;IACH,OAAO,CAAU;IAEjB;;;;;;;;;;;;;;;;;OAiBG;IACH,mBAAmB,CAA2B;IAE9C;;;;;;OAMG;IACH,OAAO,CAAU;CAClB;AAhND,0CAgNC"}
|
|
@@ -285,4 +285,28 @@ export declare class SetPasswordForSocialUserResponseDTO {
|
|
|
285
285
|
*/
|
|
286
286
|
message: string;
|
|
287
287
|
}
|
|
288
|
+
/**
|
|
289
|
+
* DTO for exchanging a social redirect exchange token
|
|
290
|
+
*
|
|
291
|
+
* Used in redirect-first social login flow. The backend redirects back to the frontend
|
|
292
|
+
* with an `exchangeToken` in the URL, and the frontend exchanges it for an AuthResponse.
|
|
293
|
+
*
|
|
294
|
+
* Security:
|
|
295
|
+
* - Exchange token validated for length
|
|
296
|
+
* - One-time use (consumed immediately)
|
|
297
|
+
* - Short TTL (default: 60 seconds)
|
|
298
|
+
*/
|
|
299
|
+
export declare class SocialExchangeDTO {
|
|
300
|
+
/**
|
|
301
|
+
* One-time exchange token from callback redirect URL
|
|
302
|
+
*
|
|
303
|
+
* Validation:
|
|
304
|
+
* - Must be non-empty string
|
|
305
|
+
* - Max 500 characters
|
|
306
|
+
*
|
|
307
|
+
* Sanitization:
|
|
308
|
+
* - Trimmed
|
|
309
|
+
*/
|
|
310
|
+
exchangeToken: string;
|
|
311
|
+
}
|
|
288
312
|
//# sourceMappingURL=social-auth.dto.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"social-auth.dto.d.ts","sourceRoot":"","sources":["../../src/dto/social-auth.dto.ts"],"names":[],"mappings":"AAGA;;;;;;GAMG;AACH,qBAAa,mBAAmB;IAC9B;;;;;;;;;OASG;IASH,QAAQ,EAAG,MAAM,CAAC;IAElB;;;;;;;;;OASG;IAUH,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,qBAAa,2BAA2B;IACtC;;OAEG;IACH,GAAG,EAAG,MAAM,CAAC;CACd;AAED;;;;;;;GAOG;AACH,qBAAa,uBAAuB;IAClC;;;;;;;;;OASG;IASH,QAAQ,EAAG,MAAM,CAAC;IAElB;;;;;;;;;OASG;IASH,IAAI,EAAG,MAAM,CAAC;IAEd;;;;;;;;;OASG;IASH,KAAK,EAAG,MAAM,CAAC;CAChB;AAED;;;;;;;GAOG;AACH,qBAAa,oBAAoB;IAC/B;;;;;;;;OAQG;IAQH,MAAM,EAAG,MAAM,CAAC;IAEhB;;;;;;;;;OASG;IASH,QAAQ,EAAG,MAAM,CAAC;IAElB;;;;;;;;;OASG;IASH,IAAI,EAAG,MAAM,CAAC;IAEd;;;;;;;;;OASG;IASH,KAAK,EAAG,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,qBAAa,4BAA4B;IACvC;;OAEG;IACH,OAAO,EAAG,MAAM,CAAC;IAEjB;;OAEG;IACH,QAAQ,EAAG,MAAM,CAAC;CACnB;AAED;;;;;GAKG;AACH,qBAAa,oBAAoB;IAC/B;;;;;;;;OAQG;IAQH,MAAM,EAAG,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,qBAAa,4BAA4B;IACvC;;OAEG;IACH,QAAQ,EAAG,KAAK,CAAC;QACf,QAAQ,EAAE,MAAM,CAAC;QACjB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,QAAQ,EAAE,IAAI,CAAC;QACf,UAAU,CAAC,EAAE,IAAI,CAAC;KACnB,CAAC,CAAC;CACJ;AAED;;;;;;GAMG;AACH,qBAAa,sBAAsB;IACjC;;;;;;;;OAQG;IAQH,MAAM,EAAG,MAAM,CAAC;IAEhB;;;;;;;;;OASG;IASH,QAAQ,EAAG,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,qBAAa,8BAA8B;IACzC;;OAEG;IACH,OAAO,EAAG,MAAM,CAAC;CAClB;AAED;;;;;GAKG;AACH,qBAAa,iBAAiB;IAC5B;;;;;;;;OAQG;IAQH,MAAM,EAAG,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,qBAAa,yBAAyB;IACpC;;OAEG;IACH,cAAc,EAAG,OAAO,CAAC;CAC1B;AAED;;;;;;GAMG;AACH,qBAAa,2BAA2B;IACtC;;;;;;;;OAQG;IAQH,MAAM,EAAG,MAAM,CAAC;IAEhB;;;;;;;;;;OAUG;IAIH,QAAQ,EAAG,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,qBAAa,mCAAmC;IAC9C;;OAEG;IACH,OAAO,EAAG,MAAM,CAAC;CAClB"}
|
|
1
|
+
{"version":3,"file":"social-auth.dto.d.ts","sourceRoot":"","sources":["../../src/dto/social-auth.dto.ts"],"names":[],"mappings":"AAGA;;;;;;GAMG;AACH,qBAAa,mBAAmB;IAC9B;;;;;;;;;OASG;IASH,QAAQ,EAAG,MAAM,CAAC;IAElB;;;;;;;;;OASG;IAUH,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,qBAAa,2BAA2B;IACtC;;OAEG;IACH,GAAG,EAAG,MAAM,CAAC;CACd;AAED;;;;;;;GAOG;AACH,qBAAa,uBAAuB;IAClC;;;;;;;;;OASG;IASH,QAAQ,EAAG,MAAM,CAAC;IAElB;;;;;;;;;OASG;IASH,IAAI,EAAG,MAAM,CAAC;IAEd;;;;;;;;;OASG;IASH,KAAK,EAAG,MAAM,CAAC;CAChB;AAED;;;;;;;GAOG;AACH,qBAAa,oBAAoB;IAC/B;;;;;;;;OAQG;IAQH,MAAM,EAAG,MAAM,CAAC;IAEhB;;;;;;;;;OASG;IASH,QAAQ,EAAG,MAAM,CAAC;IAElB;;;;;;;;;OASG;IASH,IAAI,EAAG,MAAM,CAAC;IAEd;;;;;;;;;OASG;IASH,KAAK,EAAG,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,qBAAa,4BAA4B;IACvC;;OAEG;IACH,OAAO,EAAG,MAAM,CAAC;IAEjB;;OAEG;IACH,QAAQ,EAAG,MAAM,CAAC;CACnB;AAED;;;;;GAKG;AACH,qBAAa,oBAAoB;IAC/B;;;;;;;;OAQG;IAQH,MAAM,EAAG,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,qBAAa,4BAA4B;IACvC;;OAEG;IACH,QAAQ,EAAG,KAAK,CAAC;QACf,QAAQ,EAAE,MAAM,CAAC;QACjB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,QAAQ,EAAE,IAAI,CAAC;QACf,UAAU,CAAC,EAAE,IAAI,CAAC;KACnB,CAAC,CAAC;CACJ;AAED;;;;;;GAMG;AACH,qBAAa,sBAAsB;IACjC;;;;;;;;OAQG;IAQH,MAAM,EAAG,MAAM,CAAC;IAEhB;;;;;;;;;OASG;IASH,QAAQ,EAAG,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,qBAAa,8BAA8B;IACzC;;OAEG;IACH,OAAO,EAAG,MAAM,CAAC;CAClB;AAED;;;;;GAKG;AACH,qBAAa,iBAAiB;IAC5B;;;;;;;;OAQG;IAQH,MAAM,EAAG,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,qBAAa,yBAAyB;IACpC;;OAEG;IACH,cAAc,EAAG,OAAO,CAAC;CAC1B;AAED;;;;;;GAMG;AACH,qBAAa,2BAA2B;IACtC;;;;;;;;OAQG;IAQH,MAAM,EAAG,MAAM,CAAC;IAEhB;;;;;;;;;;OAUG;IAIH,QAAQ,EAAG,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,qBAAa,mCAAmC;IAC9C;;OAEG;IACH,OAAO,EAAG,MAAM,CAAC;CAClB;AAED;;;;;;;;;;GAUG;AACH,qBAAa,iBAAiB;IAC5B;;;;;;;;;OASG;IASH,aAAa,EAAG,MAAM,CAAC;CACxB"}
|
|
@@ -9,7 +9,7 @@ var __metadata = (this && this.__metadata) || function (k, v) {
|
|
|
9
9
|
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
10
|
};
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
-
exports.SetPasswordForSocialUserResponseDTO = exports.SetPasswordForSocialUserDTO = exports.CanSetPasswordResponseDTO = exports.CanSetPasswordDTO = exports.UnlinkSocialAccountResponseDTO = exports.UnlinkSocialAccountDTO = exports.GetLinkedAccountsResponseDTO = exports.GetLinkedAccountsDTO = exports.LinkSocialAccountResponseDTO = exports.LinkSocialAccountDTO = exports.HandleSocialCallbackDTO = exports.GetSocialAuthUrlResponseDTO = exports.GetSocialAuthUrlDTO = void 0;
|
|
12
|
+
exports.SocialExchangeDTO = exports.SetPasswordForSocialUserResponseDTO = exports.SetPasswordForSocialUserDTO = exports.CanSetPasswordResponseDTO = exports.CanSetPasswordDTO = exports.UnlinkSocialAccountResponseDTO = exports.UnlinkSocialAccountDTO = exports.GetLinkedAccountsResponseDTO = exports.GetLinkedAccountsDTO = exports.LinkSocialAccountResponseDTO = exports.LinkSocialAccountDTO = exports.HandleSocialCallbackDTO = exports.GetSocialAuthUrlResponseDTO = exports.GetSocialAuthUrlDTO = void 0;
|
|
13
13
|
const class_validator_1 = require("class-validator");
|
|
14
14
|
const class_transformer_1 = require("class-transformer");
|
|
15
15
|
/**
|
|
@@ -463,4 +463,40 @@ class SetPasswordForSocialUserResponseDTO {
|
|
|
463
463
|
message;
|
|
464
464
|
}
|
|
465
465
|
exports.SetPasswordForSocialUserResponseDTO = SetPasswordForSocialUserResponseDTO;
|
|
466
|
+
/**
|
|
467
|
+
* DTO for exchanging a social redirect exchange token
|
|
468
|
+
*
|
|
469
|
+
* Used in redirect-first social login flow. The backend redirects back to the frontend
|
|
470
|
+
* with an `exchangeToken` in the URL, and the frontend exchanges it for an AuthResponse.
|
|
471
|
+
*
|
|
472
|
+
* Security:
|
|
473
|
+
* - Exchange token validated for length
|
|
474
|
+
* - One-time use (consumed immediately)
|
|
475
|
+
* - Short TTL (default: 60 seconds)
|
|
476
|
+
*/
|
|
477
|
+
class SocialExchangeDTO {
|
|
478
|
+
/**
|
|
479
|
+
* One-time exchange token from callback redirect URL
|
|
480
|
+
*
|
|
481
|
+
* Validation:
|
|
482
|
+
* - Must be non-empty string
|
|
483
|
+
* - Max 500 characters
|
|
484
|
+
*
|
|
485
|
+
* Sanitization:
|
|
486
|
+
* - Trimmed
|
|
487
|
+
*/
|
|
488
|
+
exchangeToken;
|
|
489
|
+
}
|
|
490
|
+
exports.SocialExchangeDTO = SocialExchangeDTO;
|
|
491
|
+
__decorate([
|
|
492
|
+
(0, class_validator_1.IsString)({ message: 'exchangeToken must be a string' }),
|
|
493
|
+
(0, class_validator_1.MaxLength)(500, { message: 'exchangeToken must not exceed 500 characters' }),
|
|
494
|
+
(0, class_transformer_1.Transform)(({ value }) => {
|
|
495
|
+
if (typeof value === 'string') {
|
|
496
|
+
return value.trim();
|
|
497
|
+
}
|
|
498
|
+
return value;
|
|
499
|
+
}),
|
|
500
|
+
__metadata("design:type", String)
|
|
501
|
+
], SocialExchangeDTO.prototype, "exchangeToken", void 0);
|
|
466
502
|
//# sourceMappingURL=social-auth.dto.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"social-auth.dto.js","sourceRoot":"","sources":["../../src/dto/social-auth.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qDAAqF;AACrF,yDAA8C;AAE9C;;;;;;GAMG;AACH,MAAa,mBAAmB;IAC9B;;;;;;;;;OASG;IASH,QAAQ,CAAU;IAElB;;;;;;;;;OASG;IAUH,KAAK,CAAU;CAChB;AAzCD,kDAyCC;AAtBC;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC;IAClD,IAAA,2BAAS,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAE,CAAC;IACzE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;qDACgB;AAqBlB;IATC,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC;IAC/C,IAAA,2BAAS,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,sCAAsC,EAAE,CAAC;IACnE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;kDACa;AAGjB;;GAEG;AACH,MAAa,2BAA2B;IACtC;;OAEG;IACH,GAAG,CAAU;CACd;AALD,kEAKC;AAED;;;;;;;GAOG;AACH,MAAa,uBAAuB;IAClC;;;;;;;;;OASG;IASH,QAAQ,CAAU;IAElB;;;;;;;;;OASG;IASH,IAAI,CAAU;IAEd;;;;;;;;;OASG;IASH,KAAK,CAAU;CAChB;AA5DD,0DA4DC;AAzCC;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC;IAClD,IAAA,2BAAS,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAE,CAAC;IACzE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;yDACgB;AAoBlB;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,uBAAuB,EAAE,CAAC;IAC9C,IAAA,2BAAS,EAAC,IAAI,EAAE,EAAE,OAAO,EAAE,oDAAoD,EAAE,CAAC;IAClF,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;qDACY;AAoBd;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC;IAC/C,IAAA,2BAAS,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,sCAAsC,EAAE,CAAC;IACnE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;sDACa;AAGjB;;;;;;;GAOG;AACH,MAAa,oBAAoB;IAC/B;;;;;;;;OAQG;IAQH,MAAM,CAAU;IAEhB;;;;;;;;;OASG;IASH,QAAQ,CAAU;IAElB;;;;;;;;;OASG;IASH,IAAI,CAAU;IAEd;;;;;;;;;OASG;IASH,KAAK,CAAU;CAChB;AA9ED,oDA8EC;AA7DC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;IAClE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;oDACc;AAoBhB;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC;IAClD,IAAA,2BAAS,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAE,CAAC;IACzE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;sDACgB;AAoBlB;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,uBAAuB,EAAE,CAAC;IAC9C,IAAA,2BAAS,EAAC,IAAI,EAAE,EAAE,OAAO,EAAE,oDAAoD,EAAE,CAAC;IAClF,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;kDACY;AAoBd;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC;IAC/C,IAAA,2BAAS,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,sCAAsC,EAAE,CAAC;IACnE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;mDACa;AAGjB;;GAEG;AACH,MAAa,4BAA4B;IACvC;;OAEG;IACH,OAAO,CAAU;IAEjB;;OAEG;IACH,QAAQ,CAAU;CACnB;AAVD,oEAUC;AAED;;;;;GAKG;AACH,MAAa,oBAAoB;IAC/B;;;;;;;;OAQG;IAQH,MAAM,CAAU;CACjB;AAlBD,oDAkBC;AADC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;IAClE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;oDACc;AAGlB;;GAEG;AACH,MAAa,4BAA4B;IACvC;;OAEG;IACH,QAAQ,CAKL;CACJ;AAVD,oEAUC;AAED;;;;;;GAMG;AACH,MAAa,sBAAsB;IACjC;;;;;;;;OAQG;IAQH,MAAM,CAAU;IAEhB;;;;;;;;;OASG;IASH,QAAQ,CAAU;CACnB;AAtCD,wDAsCC;AArBC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;IAClE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;sDACc;AAoBhB;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC;IAClD,IAAA,2BAAS,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAE,CAAC;IACzE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;wDACgB;AAGpB;;GAEG;AACH,MAAa,8BAA8B;IACzC;;OAEG;IACH,OAAO,CAAU;CAClB;AALD,wEAKC;AAED;;;;;GAKG;AACH,MAAa,iBAAiB;IAC5B;;;;;;;;OAQG;IAQH,MAAM,CAAU;CACjB;AAlBD,8CAkBC;AADC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;IAClE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;iDACc;AAGlB;;GAEG;AACH,MAAa,yBAAyB;IACpC;;OAEG;IACH,cAAc,CAAW;CAC1B;AALD,8DAKC;AAED;;;;;;GAMG;AACH,MAAa,2BAA2B;IACtC;;;;;;;;OAQG;IAQH,MAAM,CAAU;IAEhB;;;;;;;;;;OAUG;IAIH,QAAQ,CAAU;CACnB;AAlCD,kEAkCC;AAjBC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;IAClE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;2DACc;AAgBhB;IAHC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC;IAClD,IAAA,2BAAS,EAAC,CAAC,EAAE,EAAE,OAAO,EAAE,sBAAsB,EAAE,CAAC;IACjD,IAAA,2BAAS,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,yCAAyC,EAAE,CAAC;;6DACrD;AAGpB;;GAEG;AACH,MAAa,mCAAmC;IAC9C;;OAEG;IACH,OAAO,CAAU;CAClB;AALD,kFAKC"}
|
|
1
|
+
{"version":3,"file":"social-auth.dto.js","sourceRoot":"","sources":["../../src/dto/social-auth.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qDAAqF;AACrF,yDAA8C;AAE9C;;;;;;GAMG;AACH,MAAa,mBAAmB;IAC9B;;;;;;;;;OASG;IASH,QAAQ,CAAU;IAElB;;;;;;;;;OASG;IAUH,KAAK,CAAU;CAChB;AAzCD,kDAyCC;AAtBC;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC;IAClD,IAAA,2BAAS,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAE,CAAC;IACzE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;qDACgB;AAqBlB;IATC,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC;IAC/C,IAAA,2BAAS,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,sCAAsC,EAAE,CAAC;IACnE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;kDACa;AAGjB;;GAEG;AACH,MAAa,2BAA2B;IACtC;;OAEG;IACH,GAAG,CAAU;CACd;AALD,kEAKC;AAED;;;;;;;GAOG;AACH,MAAa,uBAAuB;IAClC;;;;;;;;;OASG;IASH,QAAQ,CAAU;IAElB;;;;;;;;;OASG;IASH,IAAI,CAAU;IAEd;;;;;;;;;OASG;IASH,KAAK,CAAU;CAChB;AA5DD,0DA4DC;AAzCC;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC;IAClD,IAAA,2BAAS,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAE,CAAC;IACzE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;yDACgB;AAoBlB;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,uBAAuB,EAAE,CAAC;IAC9C,IAAA,2BAAS,EAAC,IAAI,EAAE,EAAE,OAAO,EAAE,oDAAoD,EAAE,CAAC;IAClF,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;qDACY;AAoBd;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC;IAC/C,IAAA,2BAAS,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,sCAAsC,EAAE,CAAC;IACnE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;sDACa;AAGjB;;;;;;;GAOG;AACH,MAAa,oBAAoB;IAC/B;;;;;;;;OAQG;IAQH,MAAM,CAAU;IAEhB;;;;;;;;;OASG;IASH,QAAQ,CAAU;IAElB;;;;;;;;;OASG;IASH,IAAI,CAAU;IAEd;;;;;;;;;OASG;IASH,KAAK,CAAU;CAChB;AA9ED,oDA8EC;AA7DC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;IAClE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;oDACc;AAoBhB;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC;IAClD,IAAA,2BAAS,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAE,CAAC;IACzE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;sDACgB;AAoBlB;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,uBAAuB,EAAE,CAAC;IAC9C,IAAA,2BAAS,EAAC,IAAI,EAAE,EAAE,OAAO,EAAE,oDAAoD,EAAE,CAAC;IAClF,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;kDACY;AAoBd;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC;IAC/C,IAAA,2BAAS,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,sCAAsC,EAAE,CAAC;IACnE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;mDACa;AAGjB;;GAEG;AACH,MAAa,4BAA4B;IACvC;;OAEG;IACH,OAAO,CAAU;IAEjB;;OAEG;IACH,QAAQ,CAAU;CACnB;AAVD,oEAUC;AAED;;;;;GAKG;AACH,MAAa,oBAAoB;IAC/B;;;;;;;;OAQG;IAQH,MAAM,CAAU;CACjB;AAlBD,oDAkBC;AADC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;IAClE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;oDACc;AAGlB;;GAEG;AACH,MAAa,4BAA4B;IACvC;;OAEG;IACH,QAAQ,CAKL;CACJ;AAVD,oEAUC;AAED;;;;;;GAMG;AACH,MAAa,sBAAsB;IACjC;;;;;;;;OAQG;IAQH,MAAM,CAAU;IAEhB;;;;;;;;;OASG;IASH,QAAQ,CAAU;CACnB;AAtCD,wDAsCC;AArBC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;IAClE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;sDACc;AAoBhB;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC;IAClD,IAAA,2BAAS,EAAC,EAAE,EAAE,EAAE,OAAO,EAAE,6CAA6C,EAAE,CAAC;IACzE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;wDACgB;AAGpB;;GAEG;AACH,MAAa,8BAA8B;IACzC;;OAEG;IACH,OAAO,CAAU;CAClB;AALD,wEAKC;AAED;;;;;GAKG;AACH,MAAa,iBAAiB;IAC5B;;;;;;;;OAQG;IAQH,MAAM,CAAU;CACjB;AAlBD,8CAkBC;AADC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;IAClE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;iDACc;AAGlB;;GAEG;AACH,MAAa,yBAAyB;IACpC;;OAEG;IACH,cAAc,CAAW;CAC1B;AALD,8DAKC;AAED;;;;;;GAMG;AACH,MAAa,2BAA2B;IACtC;;;;;;;;OAQG;IAQH,MAAM,CAAU;IAEhB;;;;;;;;;;OAUG;IAIH,QAAQ,CAAU;CACnB;AAlCD,kEAkCC;AAjBC;IAPC,IAAA,wBAAM,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;IAClE,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;2DACc;AAgBhB;IAHC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC;IAClD,IAAA,2BAAS,EAAC,CAAC,EAAE,EAAE,OAAO,EAAE,sBAAsB,EAAE,CAAC;IACjD,IAAA,2BAAS,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,yCAAyC,EAAE,CAAC;;6DACrD;AAGpB;;GAEG;AACH,MAAa,mCAAmC;IAC9C;;OAEG;IACH,OAAO,CAAU;CAClB;AALD,kFAKC;AAED;;;;;;;;;;GAUG;AACH,MAAa,iBAAiB;IAC5B;;;;;;;;;OASG;IASH,aAAa,CAAU;CACxB;AApBD,8CAoBC;AADC;IARC,IAAA,0BAAQ,EAAC,EAAE,OAAO,EAAE,gCAAgC,EAAE,CAAC;IACvD,IAAA,2BAAS,EAAC,GAAG,EAAE,EAAE,OAAO,EAAE,8CAA8C,EAAE,CAAC;IAC3E,IAAA,6BAAS,EAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;QACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;;wDACqB"}
|
|
@@ -44,8 +44,16 @@ export declare class BaseUser {
|
|
|
44
44
|
/**
|
|
45
45
|
* Hashed password (Argon2)
|
|
46
46
|
* NULL for social-only accounts
|
|
47
|
+
* SECURITY: This field should be excluded from select queries when returning user objects.
|
|
48
|
+
* Use hasPasswordHash boolean flag instead.
|
|
47
49
|
*/
|
|
48
50
|
passwordHash: string | null;
|
|
51
|
+
/**
|
|
52
|
+
* Whether this user has a password set
|
|
53
|
+
* Computed field - derived from passwordHash at runtime via @AfterLoad hook
|
|
54
|
+
* Never expose passwordHash directly; use this boolean flag instead
|
|
55
|
+
*/
|
|
56
|
+
hasPasswordHash?: boolean;
|
|
49
57
|
/**
|
|
50
58
|
* When password was last changed
|
|
51
59
|
* Used for password expiry policies
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"user.entity.d.ts","sourceRoot":"","sources":["../../src/entities/user.entity.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,qBAAa,QAAQ;IACnB;;;;OAIG;IACH,EAAE,EAAG,MAAM,CAAC;IAEZ;;;;OAIG;IACH,GAAG,EAAG,MAAM,CAAC;IAEb;;OAEG;IACH,QAAQ,EAAG,MAAM,GAAG,IAAI,CAAC;IAEzB;;OAEG;IACH,SAAS,EAAG,MAAM,GAAG,IAAI,CAAC;IAE1B;;OAEG;IACH,QAAQ,EAAG,MAAM,GAAG,IAAI,CAAC;IAEzB;;OAEG;IACH,KAAK,EAAG,MAAM,CAAC;IAEf;;OAEG;IACH,KAAK,EAAG,MAAM,GAAG,IAAI,CAAC;IAEtB
|
|
1
|
+
{"version":3,"file":"user.entity.d.ts","sourceRoot":"","sources":["../../src/entities/user.entity.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,qBAAa,QAAQ;IACnB;;;;OAIG;IACH,EAAE,EAAG,MAAM,CAAC;IAEZ;;;;OAIG;IACH,GAAG,EAAG,MAAM,CAAC;IAEb;;OAEG;IACH,QAAQ,EAAG,MAAM,GAAG,IAAI,CAAC;IAEzB;;OAEG;IACH,SAAS,EAAG,MAAM,GAAG,IAAI,CAAC;IAE1B;;OAEG;IACH,QAAQ,EAAG,MAAM,GAAG,IAAI,CAAC;IAEzB;;OAEG;IACH,KAAK,EAAG,MAAM,CAAC;IAEf;;OAEG;IACH,KAAK,EAAG,MAAM,GAAG,IAAI,CAAC;IAEtB;;;;;OAKG;IACH,YAAY,EAAG,MAAM,GAAG,IAAI,CAAC;IAE7B;;;;OAIG;IACH,eAAe,CAAC,EAAE,OAAO,CAAC;IAE1B;;;OAGG;IACH,iBAAiB,EAAG,IAAI,GAAG,IAAI,CAAC;IAEhC;;;OAGG;IACH,eAAe,EAAG,MAAM,EAAE,GAAG,IAAI,CAAC;IAElC;;;;OAIG;IACH,kBAAkB,EAAG,OAAO,CAAC;IAE7B;;OAEG;IACH,eAAe,EAAG,OAAO,CAAC;IAE1B;;OAEG;IACH,eAAe,EAAG,OAAO,CAAC;IAE1B;;;OAGG;IACH,QAAQ,EAAG,OAAO,CAAC;IAEnB;;;OAGG;IACH,QAAQ,EAAG,OAAO,CAAC;IAEnB;;OAEG;IACH,UAAU,EAAG,MAAM,GAAG,IAAI,CAAC;IAE3B;;OAEG;IACH,QAAQ,EAAG,IAAI,GAAG,IAAI,CAAC;IAEvB;;OAEG;IACH,WAAW,EAAG,IAAI,GAAG,IAAI,CAAC;IAE1B;;OAEG;IACH,mBAAmB,EAAG,MAAM,CAAC;IAE7B;;OAEG;IACH,iBAAiB,EAAG,IAAI,GAAG,IAAI,CAAC;IAEhC;;OAEG;IACH,WAAW,EAAG,IAAI,GAAG,IAAI,CAAC;IAE1B;;OAEG;IACH,WAAW,EAAG,MAAM,GAAG,IAAI,CAAC;IAE5B;;OAEG;IACH,UAAU,EAAG,OAAO,CAAC;IAErB;;;OAGG;IACH,UAAU,EAAG,MAAM,EAAE,GAAG,IAAI,CAAC;IAE7B;;OAEG;IACH,aAAa,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAE5B;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE3B;;;OAGG;IACH,WAAW,EAAG,MAAM,EAAE,GAAG,IAAI,CAAC;IAE9B;;;OAGG;IACH,kBAAkB,EAAG,MAAM,GAAG,IAAI,CAAC;IAEnC;;;;;;;;;;OAUG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC;IAEpB;;;;;;;OAOG;IACH,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEhC;;;;;;OAMG;IACH,kBAAkB,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAEjC;;;;;;OAMG;IACH,kBAAkB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEnC;;;;OAIG;IACH,aAAa,EAAG,OAAO,CAAC;IAExB;;;;OAIG;IACH,eAAe,EAAG,MAAM,EAAE,GAAG,IAAI,CAAC;IAElC;;;OAGG;IACH,QAAQ,EAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAE1C;;OAEG;IACH,SAAS,EAAG,IAAI,CAAC;IAEjB;;OAEG;IACH,SAAS,EAAG,IAAI,CAAC;IAEjB;;;OAGG;IACH,SAAS,EAAG,IAAI,GAAG,IAAI,CAAC;CACzB"}
|
|
@@ -47,8 +47,16 @@ class BaseUser {
|
|
|
47
47
|
/**
|
|
48
48
|
* Hashed password (Argon2)
|
|
49
49
|
* NULL for social-only accounts
|
|
50
|
+
* SECURITY: This field should be excluded from select queries when returning user objects.
|
|
51
|
+
* Use hasPasswordHash boolean flag instead.
|
|
50
52
|
*/
|
|
51
53
|
passwordHash;
|
|
54
|
+
/**
|
|
55
|
+
* Whether this user has a password set
|
|
56
|
+
* Computed field - derived from passwordHash at runtime via @AfterLoad hook
|
|
57
|
+
* Never expose passwordHash directly; use this boolean flag instead
|
|
58
|
+
*/
|
|
59
|
+
hasPasswordHash;
|
|
52
60
|
/**
|
|
53
61
|
* When password was last changed
|
|
54
62
|
* Used for password expiry policies
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"user.entity.js","sourceRoot":"","sources":["../../src/entities/user.entity.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;;GASG;AACH,MAAa,QAAQ;IACnB;;;;OAIG;IACH,EAAE,CAAU;IAEZ;;;;OAIG;IACH,GAAG,CAAU;IAEb;;OAEG;IACH,QAAQ,CAAiB;IAEzB;;OAEG;IACH,SAAS,CAAiB;IAE1B;;OAEG;IACH,QAAQ,CAAiB;IAEzB;;OAEG;IACH,KAAK,CAAU;IAEf;;OAEG;IACH,KAAK,CAAiB;IAEtB
|
|
1
|
+
{"version":3,"file":"user.entity.js","sourceRoot":"","sources":["../../src/entities/user.entity.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;;GASG;AACH,MAAa,QAAQ;IACnB;;;;OAIG;IACH,EAAE,CAAU;IAEZ;;;;OAIG;IACH,GAAG,CAAU;IAEb;;OAEG;IACH,QAAQ,CAAiB;IAEzB;;OAEG;IACH,SAAS,CAAiB;IAE1B;;OAEG;IACH,QAAQ,CAAiB;IAEzB;;OAEG;IACH,KAAK,CAAU;IAEf;;OAEG;IACH,KAAK,CAAiB;IAEtB;;;;;OAKG;IACH,YAAY,CAAiB;IAE7B;;;;OAIG;IACH,eAAe,CAAW;IAE1B;;;OAGG;IACH,iBAAiB,CAAe;IAEhC;;;OAGG;IACH,eAAe,CAAmB;IAElC;;;;OAIG;IACH,kBAAkB,CAAW;IAE7B;;OAEG;IACH,eAAe,CAAW;IAE1B;;OAEG;IACH,eAAe,CAAW;IAE1B;;;OAGG;IACH,QAAQ,CAAW;IAEnB;;;OAGG;IACH,QAAQ,CAAW;IAEnB;;OAEG;IACH,UAAU,CAAiB;IAE3B;;OAEG;IACH,QAAQ,CAAe;IAEvB;;OAEG;IACH,WAAW,CAAe;IAE1B;;OAEG;IACH,mBAAmB,CAAU;IAE7B;;OAEG;IACH,iBAAiB,CAAe;IAEhC;;OAEG;IACH,WAAW,CAAe;IAE1B;;OAEG;IACH,WAAW,CAAiB;IAE5B;;OAEG;IACH,UAAU,CAAW;IAErB;;;OAGG;IACH,UAAU,CAAmB;IAE7B;;OAEG;IACH,aAAa,CAAe;IAE5B;;;OAGG;IACH,UAAU,CAAiB;IAE3B;;;OAGG;IACH,WAAW,CAAmB;IAE9B;;;OAGG;IACH,kBAAkB,CAAiB;IAEnC;;;;;;;;;;OAUG;IACH,SAAS,CAAW;IAEpB;;;;;;;OAOG;IACH,eAAe,CAAiB;IAEhC;;;;;;OAMG;IACH,kBAAkB,CAAe;IAEjC;;;;;;OAMG;IACH,kBAAkB,CAAiB;IAEnC;;;;OAIG;IACH,aAAa,CAAW;IAExB;;;;OAIG;IACH,eAAe,CAAmB;IAElC;;;OAGG;IACH,QAAQ,CAAkC;IAE1C;;OAEG;IACH,SAAS,CAAQ;IAEjB;;OAEG;IACH,SAAS,CAAQ;IAEjB;;;OAGG;IACH,SAAS,CAAe;CACzB;AAjPD,4BAiPC"}
|
|
@@ -7,8 +7,7 @@
|
|
|
7
7
|
* This handler operates purely on NAuthRequest interface.
|
|
8
8
|
* Context is managed by the adapter, not this handler.
|
|
9
9
|
*/
|
|
10
|
-
import {
|
|
11
|
-
import { NAuthConfig, BaseUser, NAuthLogger } from '../index';
|
|
10
|
+
import { NAuthConfig, NAuthLogger, AuthService } from '../index';
|
|
12
11
|
import { JwtService, SessionService } from '../internal';
|
|
13
12
|
import { NAuthRequest, NAuthResponse } from '../platform/interfaces';
|
|
14
13
|
/**
|
|
@@ -20,10 +19,10 @@ import { NAuthRequest, NAuthResponse } from '../platform/interfaces';
|
|
|
20
19
|
export declare class AuthHandler {
|
|
21
20
|
private jwtService;
|
|
22
21
|
private sessionService;
|
|
23
|
-
private
|
|
22
|
+
private authService;
|
|
24
23
|
private config;
|
|
25
24
|
private logger?;
|
|
26
|
-
constructor(jwtService: JwtService, sessionService: SessionService,
|
|
25
|
+
constructor(jwtService: JwtService, sessionService: SessionService, authService: AuthService, config: NAuthConfig, logger?: NAuthLogger | undefined);
|
|
27
26
|
/**
|
|
28
27
|
* Handle request - validate token and attach user
|
|
29
28
|
*
|
|
@@ -42,9 +41,5 @@ export declare class AuthHandler {
|
|
|
42
41
|
* Update CLIENT_INFO with user ID from token
|
|
43
42
|
*/
|
|
44
43
|
private updateClientInfoUserId;
|
|
45
|
-
/**
|
|
46
|
-
* Get fields to select when loading user
|
|
47
|
-
*/
|
|
48
|
-
private getUserSelectFields;
|
|
49
44
|
}
|
|
50
45
|
//# sourceMappingURL=auth.handler.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.handler.d.ts","sourceRoot":"","sources":["../../src/handlers/auth.handler.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,
|
|
1
|
+
{"version":3,"file":"auth.handler.d.ts","sourceRoot":"","sources":["../../src/handlers/auth.handler.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EACL,WAAW,EAKX,WAAW,EAGX,WAAW,EACZ,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAErE;;;;;GAKG;AACH,qBAAa,WAAW;IAEpB,OAAO,CAAC,UAAU;IAClB,OAAO,CAAC,cAAc;IACtB,OAAO,CAAC,WAAW;IACnB,OAAO,CAAC,MAAM;IACd,OAAO,CAAC,MAAM,CAAC;gBAJP,UAAU,EAAE,UAAU,EACtB,cAAc,EAAE,cAAc,EAC9B,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE,WAAW,EACnB,MAAM,CAAC,EAAE,WAAW,YAAA;IAG9B;;;;OAIG;IACU,MAAM,CAAC,GAAG,EAAE,YAAY,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IA2F5G;;OAEG;IACH,OAAO,CAAC,YAAY;IA2CpB;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAYjC;;OAEG;IACH,OAAO,CAAC,sBAAsB;CAW/B"}
|
|
@@ -20,13 +20,13 @@ const index_1 = require("../index");
|
|
|
20
20
|
class AuthHandler {
|
|
21
21
|
jwtService;
|
|
22
22
|
sessionService;
|
|
23
|
-
|
|
23
|
+
authService;
|
|
24
24
|
config;
|
|
25
25
|
logger;
|
|
26
|
-
constructor(jwtService, sessionService,
|
|
26
|
+
constructor(jwtService, sessionService, authService, config, logger) {
|
|
27
27
|
this.jwtService = jwtService;
|
|
28
28
|
this.sessionService = sessionService;
|
|
29
|
-
this.
|
|
29
|
+
this.authService = authService;
|
|
30
30
|
this.config = config;
|
|
31
31
|
this.logger = logger;
|
|
32
32
|
}
|
|
@@ -74,21 +74,13 @@ class AuthHandler {
|
|
|
74
74
|
await next();
|
|
75
75
|
return;
|
|
76
76
|
}
|
|
77
|
-
// Load user
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
await next();
|
|
85
|
-
return;
|
|
86
|
-
}
|
|
87
|
-
if (!user.isActive) {
|
|
88
|
-
this.logger?.warn?.('Account is not active:', user.sub);
|
|
89
|
-
await next();
|
|
90
|
-
return;
|
|
91
|
-
}
|
|
77
|
+
// Load user via AuthService (service-first architecture)
|
|
78
|
+
// AuthService.getUserForAuthContext handles:
|
|
79
|
+
// - User lookup by sub
|
|
80
|
+
// - Active status check
|
|
81
|
+
// - Computing hasPasswordHash from passwordHash
|
|
82
|
+
// - Removing sensitive fields (passwordHash, totpSecret, backupCodes, passwordHistory)
|
|
83
|
+
const user = await this.authService.getUserForAuthContext(validation.payload.sub);
|
|
92
84
|
// Optimistic locking check - ensure session wasn't modified during request
|
|
93
85
|
const revalidated = await this.sessionService.findByIdLight(sessionId);
|
|
94
86
|
if (!revalidated || revalidated.version !== initialVersion || revalidated.isRevoked) {
|
|
@@ -177,43 +169,6 @@ class AuthHandler {
|
|
|
177
169
|
}
|
|
178
170
|
}
|
|
179
171
|
}
|
|
180
|
-
/**
|
|
181
|
-
* Get fields to select when loading user
|
|
182
|
-
*/
|
|
183
|
-
getUserSelectFields() {
|
|
184
|
-
return [
|
|
185
|
-
'id',
|
|
186
|
-
'sub',
|
|
187
|
-
'username',
|
|
188
|
-
'firstName',
|
|
189
|
-
'lastName',
|
|
190
|
-
'email',
|
|
191
|
-
'phone',
|
|
192
|
-
'isEmailVerified',
|
|
193
|
-
'isPhoneVerified',
|
|
194
|
-
'isActive',
|
|
195
|
-
'mustChangePassword',
|
|
196
|
-
'isLocked',
|
|
197
|
-
'lockReason',
|
|
198
|
-
'lockedAt',
|
|
199
|
-
'lockedUntil',
|
|
200
|
-
'failedLoginAttempts',
|
|
201
|
-
'lastFailedLoginAt',
|
|
202
|
-
'lastLoginAt',
|
|
203
|
-
'lastLoginIp',
|
|
204
|
-
'hasSocialAuth',
|
|
205
|
-
'socialProviders',
|
|
206
|
-
'mfaEnabled',
|
|
207
|
-
'mfaMethods',
|
|
208
|
-
'preferredMfaMethod',
|
|
209
|
-
'mfaExempt',
|
|
210
|
-
'mfaExemptReason',
|
|
211
|
-
'mfaExemptGrantedAt',
|
|
212
|
-
'metadata',
|
|
213
|
-
'createdAt',
|
|
214
|
-
'updatedAt',
|
|
215
|
-
];
|
|
216
|
-
}
|
|
217
172
|
}
|
|
218
173
|
exports.AuthHandler = AuthHandler;
|
|
219
174
|
//# sourceMappingURL=auth.handler.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.handler.js","sourceRoot":"","sources":["../../src/handlers/auth.handler.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;
|
|
1
|
+
{"version":3,"file":"auth.handler.js","sourceRoot":"","sources":["../../src/handlers/auth.handler.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAEH,oCAUkB;AAIlB;;;;;GAKG;AACH,MAAa,WAAW;IAEZ;IACA;IACA;IACA;IACA;IALV,YACU,UAAsB,EACtB,cAA8B,EAC9B,WAAwB,EACxB,MAAmB,EACnB,MAAoB;QAJpB,eAAU,GAAV,UAAU,CAAY;QACtB,mBAAc,GAAd,cAAc,CAAgB;QAC9B,gBAAW,GAAX,WAAW,CAAa;QACxB,WAAM,GAAN,MAAM,CAAa;QACnB,WAAM,GAAN,MAAM,CAAc;IAC3B,CAAC;IAEJ;;;;OAIG;IACI,KAAK,CAAC,MAAM,CAAC,GAAiB,EAAE,IAAmB,EAAE,IAAgC;QAC1F,IAAI,CAAC;YACH,oCAAoC;YACpC,IAAI,GAAG,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC;gBAC/B,MAAM,IAAI,EAAE,CAAC;gBACb,OAAO;YACT,CAAC;YAED,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;YAErC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,6DAA6D;gBAC7D,MAAM,IAAI,EAAE,CAAC;gBACb,OAAO;YACT,CAAC;YAED,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAEpE,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;gBACtB,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,gBAAgB,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC;gBACzD,MAAM,IAAI,EAAE,CAAC;gBACb,OAAO;YACT,CAAC;YAED,mBAAmB;YACnB,MAAM,SAAS,GAAG,UAAU,CAAC,OAAQ,CAAC,SAAS,CAAC;YAChD,MAAM,MAAM,GAAG,UAAU,CAAC,OAAQ,CAAC,GAAG,CAAC,CAAC,sCAAsC;YAC9E,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;YAEnE,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,oBAAoB,EAAE,SAAS,CAAC,CAAC;gBACtD,MAAM,IAAI,EAAE,CAAC;gBACb,OAAO;YACT,CAAC;YAED,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC;YAEvC,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;gBACtB,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,2BAA2B,EAAE,SAAS,CAAC,CAAC;gBAC5D,MAAM,IAAI,EAAE,CAAC;gBACb,OAAO;YACT,CAAC;YAED,IAAI,OAAO,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBACnC,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,sBAAsB,EAAE,SAAS,CAAC,CAAC;gBACxD,MAAM,IAAI,EAAE,CAAC;gBACb,OAAO;YACT,CAAC;YAED,yDAAyD;YACzD,6CAA6C;YAC7C,uBAAuB;YACvB,wBAAwB;YACxB,gDAAgD;YAChD,uFAAuF;YACvF,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,qBAAqB,CAAC,UAAU,CAAC,OAAQ,CAAC,GAAG,CAAC,CAAC;YAEnF,2EAA2E;YAC3E,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;YACvE,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,OAAO,KAAK,cAAc,IAAI,WAAW,CAAC,SAAS,EAAE,CAAC;gBACpF,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,gEAAgE,CAAC,CAAC;gBACvF,MAAM,IAAI,EAAE,CAAC;gBACb,OAAO;YACT,CAAC;YAED,+BAA+B;YAC/B,GAAG,CAAC,UAAU,CAAC,IAAI,GAAG,IAAI,CAAC;YAC3B,GAAG,CAAC,UAAU,CAAC,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC;YAE1C,6CAA6C;YAC7C,sBAAc,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;YACzC,sBAAc,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC;YACtD,sBAAc,CAAC,GAAG,CAAC,iBAAiB,EAAE,SAAS,CAAC,CAAC;YAEjD,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,QAAQ,IAAI,CAAC,GAAG,6BAA6B,CAAC,CAAC;YAEpE,+CAA+C;YAC/C,IAAI,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAC;YAC1C,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC;YAEpC,MAAM,IAAI,EAAE,CAAC;QACf,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAClB,wBAAwB,EACxB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EACtD,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CACjD,CAAC;YACF,MAAM,IAAI,EAAE,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACK,YAAY,CAAC,GAAiB;QACpC,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,MAAM,IAAI,MAAM,CAAC;QAE3D,wBAAwB;QACxB,MAAM,UAAU,GAAG,GAAG,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;QAClD,MAAM,WAAW,GAAG,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAEvF,wBAAwB;QACxB,MAAM,qBAAqB,GAAG,IAAA,gCAAwB,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACpE,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC;QAEvD,iCAAiC;QACjC,MAAM,SAAS,GAAG,GAAG,CAAC,UAAU,CAAC,kBAAkB,CAAC;QAEpD,IAAI,SAAS,GAAuB,MAAM,CAAC;QAE3C,IAAI,SAAS,EAAE,CAAC;YACd,SAAS,GAAG,SAAS,CAAC;QACxB,CAAC;aAAM,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,kDAAkD;YAClD,SAAS,GAAG,IAAA,iCAAyB,EAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;QAC1F,CAAC;aAAM,CAAC;YACN,SAAS,GAAG,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC;QACxD,CAAC;QAED,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,+CAA+C;YAC/C,IAAI,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;gBAChC,MAAM,IAAI,sBAAc,CACtB,qBAAa,CAAC,kBAAkB,EAChC,oDAAoD,CACrD,CAAC;YACJ,CAAC;YACD,OAAO,WAAW,IAAI,IAAI,CAAC;QAC7B,CAAC;QAED,sCAAsC;QACtC,IAAI,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;YAChC,MAAM,IAAI,sBAAc,CAAC,qBAAa,CAAC,mBAAmB,EAAE,kDAAkD,CAAC,CAAC;QAClH,CAAC;QACD,OAAO,WAAW,IAAI,IAAI,CAAC;IAC7B,CAAC;IAED;;OAEG;IACK,yBAAyB,CAAC,SAA0B;QAC1D,MAAM,UAAU,GAAG,sBAAc,CAAC,GAAG,CAAc,aAAa,CAAC,CAAC;QAClE,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,eAAe,GAAG,OAAO,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC,CAAC;YAEpG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,eAAe,GAAG,CAAC,EAAE,CAAC;gBACnD,UAAU,CAAC,SAAS,GAAG,eAAe,CAAC;gBACvC,sBAAc,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;YAChD,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACK,sBAAsB,CAAC,MAAuB;QACpD,MAAM,UAAU,GAAG,sBAAc,CAAC,GAAG,CAAc,aAAa,CAAC,CAAC;QAClE,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,YAAY,GAAG,OAAO,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC;YAExF,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;gBAC7C,UAAU,CAAC,MAAM,GAAG,YAAY,CAAC;gBACjC,sBAAc,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;YAChD,CAAC;QACH,CAAC;IACH,CAAC;CACF;AApLD,kCAoLC"}
|
|
@@ -70,6 +70,7 @@ export declare class SocialRedirectHandler {
|
|
|
70
70
|
private buildFrontendRedirectUrl;
|
|
71
71
|
private appendQuery;
|
|
72
72
|
private resolveEffectiveDelivery;
|
|
73
|
+
private getRouteDeliveryOverrideFromRequest;
|
|
73
74
|
private normalizeProvider;
|
|
74
75
|
private getExchangeKey;
|
|
75
76
|
private safeParseExchangePayload;
|
|
@@ -86,8 +87,6 @@ export interface SocialRedirectStartInput {
|
|
|
86
87
|
appState?: string;
|
|
87
88
|
/** Optional action (default: `login`) */
|
|
88
89
|
action?: 'login' | 'link';
|
|
89
|
-
/** Optional delivery preference */
|
|
90
|
-
delivery?: 'cookies' | 'json';
|
|
91
90
|
/** Request object for hybrid origin-based delivery */
|
|
92
91
|
req?: unknown;
|
|
93
92
|
}
|
|
@@ -122,5 +121,16 @@ export interface SocialRedirectStartResult {
|
|
|
122
121
|
export interface SocialRedirectCallbackResult {
|
|
123
122
|
redirectUrl: string;
|
|
124
123
|
cookies?: SocialRedirectCookie[];
|
|
124
|
+
/**
|
|
125
|
+
* AuthResponse payload, only populated when:
|
|
126
|
+
* - effective delivery is `cookies`, AND
|
|
127
|
+
* - the social callback produced tokens
|
|
128
|
+
*
|
|
129
|
+
* This enables frameworks with automatic cookie delivery (e.g., NestJS interceptor + `@TokenDelivery()`)
|
|
130
|
+
* to set cookies without consumer code manually iterating over `cookies`.
|
|
131
|
+
*
|
|
132
|
+
* ⚠️ WARNING: Do not log this value (contains tokens).
|
|
133
|
+
*/
|
|
134
|
+
authResponse?: AuthResponseDTO;
|
|
125
135
|
}
|
|
126
136
|
//# sourceMappingURL=social-redirect.handler.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"social-redirect.handler.d.ts","sourceRoot":"","sources":["../../src/handlers/social-redirect.handler.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAE3D,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAC7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,iDAAiD,CAAC;AACxF,OAAO,EAAE,cAAc,EAAE,MAAM,yCAAyC,CAAC;AACzE,OAAO,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;
|
|
1
|
+
{"version":3,"file":"social-redirect.handler.d.ts","sourceRoot":"","sources":["../../src/handlers/social-redirect.handler.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAE3D,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAC7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,iDAAiD,CAAC;AACxF,OAAO,EAAE,cAAc,EAAE,MAAM,yCAAyC,CAAC;AACzE,OAAO,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AAQpE,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAEpD;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,qBAAa,qBAAqB;IAK9B,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,iBAAiB;IAClC,OAAO,CAAC,QAAQ,CAAC,gBAAgB;IACjC,OAAO,CAAC,QAAQ,CAAC,OAAO;IACxB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;IAR1B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAc;IAC1C,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAS;gBAGzB,MAAM,EAAE,WAAW,EACnB,iBAAiB,EAAE,iBAAiB,EACpC,gBAAgB,EAAE,qBAAqB,EACvC,OAAO,EAAE,cAAc,EACvB,MAAM,CAAC,EAAE,WAAW,YAAA,EACrC,kBAAkB,GAAE,MAAW;IAMjC;;;;;;OAMG;IACG,KAAK,CAAC,KAAK,EAAE,wBAAwB,GAAG,OAAO,CAAC,yBAAyB,CAAC;IAuBhF;;;;;;OAMG;IACG,QAAQ,CAAC,KAAK,EAAE,2BAA2B,GAAG,OAAO,CAAC,4BAA4B,CAAC;IA2DzF;;;;;;OAMG;IACG,QAAQ,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC;IAyB/D,OAAO,CAAC,gBAAgB;IAyDxB,OAAO,CAAC,eAAe;IA0BvB,OAAO,CAAC,kBAAkB;IAU1B,OAAO,CAAC,wBAAwB;IAyBhC,OAAO,CAAC,WAAW;IAYnB,OAAO,CAAC,wBAAwB;IAiChC,OAAO,CAAC,mCAAmC;IAM3C,OAAO,CAAC,iBAAiB;IAWzB,OAAO,CAAC,cAAc;IAItB,OAAO,CAAC,wBAAwB;CAYjC;AAED;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACvC,6CAA6C;IAC7C,QAAQ,EAAE,MAAM,CAAC;IACjB,oEAAoE;IACpE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,gEAAgE;IAChE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,yCAAyC;IACzC,MAAM,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;IAC1B,sDAAsD;IACtD,GAAG,CAAC,EAAE,OAAO,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,2BAA2B;IAC1C,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,GAAG,CAAC,EAAE,OAAO,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,kBAAkB,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC3C,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,oBAAoB,EAAE,CAAC;IACjC;;;;;;;;;OASG;IACH,YAAY,CAAC,EAAE,eAAe,CAAC;CAChC"}
|
|
@@ -94,7 +94,7 @@ class SocialRedirectHandler {
|
|
|
94
94
|
const provider = this.normalizeProvider(input.provider);
|
|
95
95
|
const returnTo = input.returnTo || '/auth/callback';
|
|
96
96
|
const action = input.action || 'login';
|
|
97
|
-
const delivery = this.resolveEffectiveDelivery(input.req,
|
|
97
|
+
const delivery = this.resolveEffectiveDelivery(input.req, undefined);
|
|
98
98
|
const csrfState = await this.socialStateStore.createCsrfState(provider);
|
|
99
99
|
await this.socialStateStore.setRedirectContext(csrfState, {
|
|
100
100
|
returnTo,
|
|
@@ -154,6 +154,7 @@ class SocialRedirectHandler {
|
|
|
154
154
|
return {
|
|
155
155
|
redirectUrl: this.appendQuery(frontendUrl, { appState: ctx?.appState }),
|
|
156
156
|
cookies,
|
|
157
|
+
authResponse,
|
|
157
158
|
};
|
|
158
159
|
}
|
|
159
160
|
// json/hybrid OR cookies-with-challenge: store payload and redirect with exchangeToken
|
|
@@ -173,7 +174,9 @@ class SocialRedirectHandler {
|
|
|
173
174
|
async exchange(exchangeToken) {
|
|
174
175
|
const token = typeof exchangeToken === 'string' ? exchangeToken.trim() : '';
|
|
175
176
|
if (!token) {
|
|
176
|
-
throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, 'exchangeToken is required', {
|
|
177
|
+
throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, 'exchangeToken is required', {
|
|
178
|
+
field: 'exchangeToken',
|
|
179
|
+
});
|
|
177
180
|
}
|
|
178
181
|
const key = this.getExchangeKey(token);
|
|
179
182
|
const raw = await this.storage.get(key);
|
|
@@ -262,7 +265,9 @@ class SocialRedirectHandler {
|
|
|
262
265
|
getFrontendBaseUrl() {
|
|
263
266
|
const baseUrl = this.config.social?.redirect?.frontendBaseUrl;
|
|
264
267
|
if (typeof baseUrl !== 'string' || baseUrl.trim() === '') {
|
|
265
|
-
throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, 'Missing config.social.redirect.frontendBaseUrl', {
|
|
268
|
+
throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, 'Missing config.social.redirect.frontendBaseUrl', {
|
|
269
|
+
field: 'social.redirect.frontendBaseUrl',
|
|
270
|
+
});
|
|
266
271
|
}
|
|
267
272
|
return baseUrl.trim();
|
|
268
273
|
}
|
|
@@ -271,7 +276,9 @@ class SocialRedirectHandler {
|
|
|
271
276
|
const originAllowlist = this.config.social?.redirect?.allowedReturnToOrigins || [];
|
|
272
277
|
if (!allowAbsolute) {
|
|
273
278
|
if (!returnTo.startsWith('/')) {
|
|
274
|
-
throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, 'returnTo must be a relative path', {
|
|
279
|
+
throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, 'returnTo must be a relative path', {
|
|
280
|
+
field: 'returnTo',
|
|
281
|
+
});
|
|
275
282
|
}
|
|
276
283
|
const u = new URL(returnTo, frontendBaseUrl);
|
|
277
284
|
u.hash = '';
|
|
@@ -280,7 +287,9 @@ class SocialRedirectHandler {
|
|
|
280
287
|
const u = new URL(returnTo, frontendBaseUrl);
|
|
281
288
|
u.hash = '';
|
|
282
289
|
if (originAllowlist.length > 0 && !originAllowlist.includes(u.origin)) {
|
|
283
|
-
throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, 'returnTo origin is not allowed', {
|
|
290
|
+
throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, 'returnTo origin is not allowed', {
|
|
291
|
+
field: 'returnTo',
|
|
292
|
+
});
|
|
284
293
|
}
|
|
285
294
|
return u.toString();
|
|
286
295
|
}
|
|
@@ -298,23 +307,32 @@ class SocialRedirectHandler {
|
|
|
298
307
|
}
|
|
299
308
|
resolveEffectiveDelivery(req, routeMode) {
|
|
300
309
|
const method = this.config.tokenDelivery?.method || 'json';
|
|
310
|
+
// Route-level override from framework adapters (e.g. NestJS @TokenDelivery()).
|
|
311
|
+
// This avoids relying on `Origin` for hybrid deployments (provider callbacks often omit it).
|
|
312
|
+
const requestOverride = this.getRouteDeliveryOverrideFromRequest(req);
|
|
313
|
+
const effectiveRouteMode = routeMode ?? requestOverride;
|
|
301
314
|
// Validate explicit preference against global configuration
|
|
302
|
-
if (
|
|
315
|
+
if (effectiveRouteMode === 'cookies' && method === 'json') {
|
|
303
316
|
throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.COOKIES_NOT_ALLOWED, "Cookie delivery requested, but tokenDelivery.method is 'json' (cookies disabled)");
|
|
304
317
|
}
|
|
305
|
-
if (
|
|
318
|
+
if (effectiveRouteMode === 'json' && method === 'cookies') {
|
|
306
319
|
// NOTE: We still allow JSON for challenge-only responses (no tokens),
|
|
307
320
|
// but a consumer explicitly requesting JSON tokens in cookies-only mode is a misconfiguration.
|
|
308
321
|
throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.BEARER_NOT_ALLOWED, "JSON delivery requested, but tokenDelivery.method is 'cookies' (JSON/Bearer tokens disabled)");
|
|
309
322
|
}
|
|
310
|
-
if (
|
|
311
|
-
return
|
|
323
|
+
if (effectiveRouteMode) {
|
|
324
|
+
return effectiveRouteMode;
|
|
312
325
|
}
|
|
313
326
|
if (method === 'hybrid') {
|
|
314
327
|
return (0, token_delivery_policy_1.resolveDeliveryForRequest)(req, this.config.tokenDelivery?.hybridPolicy);
|
|
315
328
|
}
|
|
316
329
|
return method === 'cookies' ? 'cookies' : 'json';
|
|
317
330
|
}
|
|
331
|
+
getRouteDeliveryOverrideFromRequest(req) {
|
|
332
|
+
const r = req;
|
|
333
|
+
const v = r?.__nauthRouteDelivery;
|
|
334
|
+
return v === 'cookies' || v === 'json' ? v : undefined;
|
|
335
|
+
}
|
|
318
336
|
normalizeProvider(provider) {
|
|
319
337
|
if (typeof provider !== 'string') {
|
|
320
338
|
throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, 'Provider must be a string', { field: 'provider' });
|