@nauth-toolkit/social-facebook 0.1.13 → 0.1.17

package/dist/src/facebook-social-auth.service.js

@@ -1,24 +1,68 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.FacebookSocialAuthService = void 0;
+// Public API imports
 const core_1 = require("@nauth-toolkit/core");
+// Internal API imports (for provider implementations)
 const internal_1 = require("@nauth-toolkit/core/internal");
 const facebook_oauth_client_1 = require("./facebook-oauth.client");
 const token_verifier_service_1 = require("./token-verifier.service");
+/**
+ * Facebook Social Authentication Service (Platform-Agnostic)
+ *
+ * Handles Facebook OAuth flow including:
+ * - OAuth web flow (redirect-based)
+ * - Native mobile token verification
+ * - Account linking
+ *
+ * This is a plain TypeScript class with no framework dependencies.
+ * Use `@nauth-toolkit/social-facebook/nestjs` for NestJS integration.
+ *
+ * @example
+ * ```typescript
+ * // Direct instantiation (platform-agnostic)
+ * const facebookAuth = new FacebookSocialAuthService(
+ *   config,
+ *   logger,
+ *   authService,
+ *   socialAuthService,
+ *   jwtService,
+ *   sessionService,
+ *   challengeHelper,
+ *   clientInfoService,
+ *   auditService,
+ *   stateStore,
+ *   phoneVerificationService,
+ *   tokenVerifier
+ * );
+ * ```
+ */
 class FacebookSocialAuthService extends internal_1.BaseSocialAuthProviderService {
     providerName = 'facebook';
     oauthClient;
     tokenVerifier;
-    constructor(config, logger, authService, socialAuthService, jwtService, sessionService, challengeHelper, clientInfoService, stateStore, userRepository, phoneVerificationService, auditService, trustedDeviceService, tokenVerifier) {
+    constructor(config, logger, authService, socialAuthService, jwtService, sessionService, challengeHelper, clientInfoService, 
+    // State store shared across all providers
+    stateStore, userRepository, 
+    // Phone verification service (optional - only available when SMS provider is configured)
+    phoneVerificationService, 
+    // Audit service (optional - only available when auditLogs.enabled is true)
+    auditService, 
+    // Trusted device service (optional - only available when rememberDevices is enabled)
+    trustedDeviceService, 
+    // Facebook-specific token verifier (optional, fallback to default)
+    tokenVerifier) {
         super(config, logger, authService, socialAuthService, jwtService, sessionService, challengeHelper, clientInfoService, stateStore, userRepository, phoneVerificationService, auditService, trustedDeviceService);
+        // Initialize Facebook OAuth client
         const providerConfig = this.getProviderConfig();
         if (!providerConfig || !providerConfig.enabled) {
             this.oauthClient = null;
             this.tokenVerifier = null;
-            return;
+            return; // Exit constructor early if disabled
         }
         const webClientId = Array.isArray(providerConfig.clientId) ? providerConfig.clientId[0] : providerConfig.clientId;
         if (!webClientId || !providerConfig.clientSecret) {
+            // Schema validation should catch this, but handle gracefully
             this.oauthClient = null;
             this.tokenVerifier = null;
             return;
@@ -29,6 +73,7 @@ class FacebookSocialAuthService extends internal_1.BaseSocialAuthProviderService
             redirectUri: providerConfig.callbackUrl || '',
             scopes: providerConfig.scopes || ['email', 'public_profile'],
         });
+        // Use provided token verifier or create default one
         this.tokenVerifier =
             tokenVerifier ||
                 new token_verifier_service_1.TokenVerifierService(config) ||
@@ -36,6 +81,12 @@ class FacebookSocialAuthService extends internal_1.BaseSocialAuthProviderService
                 null;
         this.logger?.debug?.('FacebookSocialAuthService initialized');
     }
+    /**
+     * Generate OAuth authorization URL for Facebook
+     *
+     * @param state - Optional state parameter for CSRF protection
+     * @returns Authorization URL for redirecting user to Facebook
+     */
     async getAuthUrl(state) {
         if (!this.oauthClient) {
             throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_CONFIG_MISSING, 'Facebook OAuth is not enabled');
@@ -43,6 +94,16 @@ class FacebookSocialAuthService extends internal_1.BaseSocialAuthProviderService
         const finalState = state || this.generateState();
         return this.oauthClient.getAuthorizationUrl(finalState);
     }
+    /**
+     * Get OAuth user profile from callback
+     *
+     * Exchanges authorization code for access token and fetches user profile.
+     *
+     * @param code - Authorization code from Facebook OAuth callback
+     * @param _state - State parameter (validated by base class)
+     * @returns User profile from Facebook
+     * @protected
+     */
     async getOAuthProfile(code, _state) {
         if (!this.oauthClient) {
             throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_CONFIG_MISSING, 'Facebook OAuth is not enabled');
@@ -51,9 +112,22 @@ class FacebookSocialAuthService extends internal_1.BaseSocialAuthProviderService
         if (!providerConfig || !providerConfig.callbackUrl) {
             throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_CONFIG_MISSING, 'Facebook OAuth callback URL is not configured');
         }
+        // Exchange code for access token
         const tokens = await this.oauthClient.exchangeCodeForToken(code, providerConfig.callbackUrl);
+        // Get user profile from Facebook
         return await this.oauthClient.getUserProfile(tokens.accessToken);
     }
+    /**
+     * Verify Facebook access token from native mobile apps
+     *
+     * Facebook uses access tokens (not ID tokens) from native SDKs
+     *
+     * @param accessToken - Facebook access token from native SDK (passed as idToken parameter)
+     * @param _idToken - Not used for Facebook (Facebook uses access tokens)
+     * @param profileData - Optional profile data from native SDK
+     * @returns User profile from verified token
+     * @protected
+     */
     async verifyNativeToken(idToken, _accessToken, profileData) {
         if (!this.tokenVerifier) {
             throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_CONFIG_MISSING, 'Facebook OAuth is not enabled');
@@ -67,12 +141,17 @@ class FacebookSocialAuthService extends internal_1.BaseSocialAuthProviderService
         if (!this.tokenVerifier.verifyFacebookToken) {
             throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_CONFIG_MISSING, 'Facebook token verifier is not available');
         }
+        // For Facebook, the idToken parameter actually contains the access token
+        // Facebook native SDKs return access tokens, not ID tokens
         const accessToken = idToken;
+        // Verify access token with Facebook's Graph API
         const verified = (await this.tokenVerifier.verifyFacebookToken(accessToken, appId, appSecret));
         this.logger?.debug?.(`Verified Facebook token for: ${verified.email || verified.id}`);
+        // CRITICAL: Require email from all social providers for signup
         if (!verified.email) {
             throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_EMAIL_REQUIRED, 'Email is required from Facebook. Please grant email permissions.');
         }
+        // Handle profile data from native SDK if available
         const profileDataTyped = profileData;
         return {
             id: verified.id,
@@ -80,7 +159,7 @@ class FacebookSocialAuthService extends internal_1.BaseSocialAuthProviderService
             firstName: verified.first_name || profileDataTyped?.firstName || null,
             lastName: verified.last_name || profileDataTyped?.lastName || null,
             picture: verified.picture?.data?.url || profileDataTyped?.picture || null,
-            verified: true,
+            verified: true, // Email is verified if provided by Facebook
             raw: {
                 id: verified.id,
                 email: verified.email,

package/dist/src/facebook-social-auth.service.js.map

@@ -1 +1 @@
-{"version":3,"file":"facebook-social-auth.service.js","sourceRoot":"","sources":["../../src/facebook-social-auth.service.ts"],"names":[],"mappings":";;;AACA,8CAa6B;AAE7B,2DAOsC;AAEtC,mEAA8D;AAC9D,qEAAgG;AAiChG,MAAa,yBAA0B,SAAQ,wCAA6B;IACjE,YAAY,GAAG,UAAU,CAAC;IAClB,WAAW,CAA6B;IACxC,aAAa,CAA+B;IAE7D,YACE,MAAmB,EACnB,MAAmB,EACnB,WAAwB,EACxB,iBAAoC,EACpC,UAAsB,EACtB,cAA8B,EAC9B,eAA2C,EAC3C,iBAAoC,EAEpC,UAAgE,EAChE,cAAoC,EAEpC,wBAAmD,EAEnD,YAA+B,EAE/B,oBAA2C,EAE3C,aAAqC;QAErC,KAAK,CACH,MAAM,EACN,MAAM,EACN,WAAW,EACX,iBAAiB,EACjB,UAAU,EACV,cAAc,EACd,eAAe,EACf,iBAAiB,EACjB,UAAU,EACV,cAAc,EACd,wBAAwB,EACxB,YAAY,EACZ,oBAAoB,CACrB,CAAC;QAGF,MAAM,cAAc,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAChD,IAAI,CAAC,cAAc,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;YAC/C,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;YACxB,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;YAC1B,OAAO;QACT,CAAC;QAED,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC;QAClH,IAAI,CAAC,WAAW,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;YAEjD,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;YACxB,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;YAC1B,OAAO;QACT,CAAC;QAED,IAAI,CAAC,WAAW,GAAG,IAAI,2CAAmB,CAAC;YACzC,QAAQ,EAAE,WAAW;YACrB,YAAY,EAAE,cAAc,CAAC,YAAY;YACzC,WAAW,EAAE,cAAc,CAAC,WAAW,IAAI,EAAE;YAC7C,MAAM,EAAE,cAAc,CAAC,MAAM,IAAI,CAAC,OAAO,EAAE,gBAAgB,CAAC;SAC7D,CAAC,CAAC;QAGH,IAAI,CAAC,aAAa;YAChB,aAAa;gBACb,IAAI,6CAA4B,CAAC,MAAM,CAAC;gBACvC,IAAI,CAAC,MAAoD,CAAC,aAAa;gBACxE,IAAI,CAAC;QAEP,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,uCAAuC,CAAC,CAAC;IAChE,CAAC;IAQD,KAAK,CAAC,UAAU,CAAC,KAAc;QAC7B,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,+BAA+B,CAAC,CAAC;QACjG,CAAC;QACD,MAAM,UAAU,GAAG,KAAK,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QACjD,OAAO,IAAI,CAAC,WAAW,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC;IAC1D,CAAC;IAYS,KAAK,CAAC,eAAe,CAAC,IAAY,EAAE,MAAc;QAC1D,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,+BAA+B,CAAC,CAAC;QACjG,CAAC;QACD,MAAM,cAAc,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAChD,IAAI,CAAC,cAAc,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,CAAC;YACnD,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,+CAA+C,CAAC,CAAC;QACjH,CAAC;QAGD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,oBAAoB,CAAC,IAAI,EAAE,cAAc,CAAC,WAAW,CAAC,CAAC;QAG7F,OAAO,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IACnE,CAAC;IAaS,KAAK,CAAC,iBAAiB,CAC/B,OAAe,EACf,YAAqB,EACrB,WAAqB;QAErB,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,+BAA+B,CAAC,CAAC;QACjG,CAAC;QACD,MAAM,cAAc,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAChD,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,kCAAkC,CAAC,CAAC;QACpG,CAAC;QAED,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,QAAQ,IAAI,EAAE,CAAC;QAClH,MAAM,SAAS,GAAG,cAAc,CAAC,YAAY,IAAI,EAAE,CAAC;QAEpD,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,mBAAmB,EAAE,CAAC;YAC5C,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,0CAA0C,CAAC,CAAC;QAC5G,CAAC;QAID,MAAM,WAAW,GAAG,OAAO,CAAC;QAG5B,MAAM,QAAQ,GAAG,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAC5D,WAAW,EACX,KAAK,EACL,SAAS,CACV,CAAiC,CAAC;QACnC,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,gCAAgC,QAAQ,CAAC,KAAK,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;QAGtF,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;YACpB,MAAM,IAAI,qBAAc,CACtB,oBAAa,CAAC,qBAAqB,EACnC,kEAAkE,CACnE,CAAC;QACJ,CAAC;QAGD,MAAM,gBAAgB,GAAG,WAAsF,CAAC;QAChH,OAAO;YACL,EAAE,EAAE,QAAQ,CAAC,EAAE;YACf,KAAK,EAAE,QAAQ,CAAC,KAAK,IAAI,EAAE;YAC3B,SAAS,EAAE,QAAQ,CAAC,UAAU,IAAI,gBAAgB,EAAE,SAAS,IAAI,IAAI;YACrE,QAAQ,EAAE,QAAQ,CAAC,SAAS,IAAI,gBAAgB,EAAE,QAAQ,IAAI,IAAI;YAClE,OAAO,EAAE,QAAQ,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,IAAI,gBAAgB,EAAE,OAAO,IAAI,IAAI;YACzE,QAAQ,EAAE,IAAI;YACd,GAAG,EAAE;gBACH,EAAE,EAAE,QAAQ,CAAC,EAAE;gBACf,KAAK,EAAE,QAAQ,CAAC,KAAK;gBACrB,UAAU,EAAE,QAAQ,CAAC,UAAU;gBAC/B,SAAS,EAAE,QAAQ,CAAC,SAAS;gBAC7B,OAAO,EAAE,QAAQ,CAAC,OAAO;aACY;SACxC,CAAC;IACJ,CAAC;CACF;AAxLD,8DAwLC"}
+{"version":3,"file":"facebook-social-auth.service.js","sourceRoot":"","sources":["../../src/facebook-social-auth.service.ts"],"names":[],"mappings":";;;AAAA,qBAAqB;AACrB,8CAa6B;AAC7B,sDAAsD;AACtD,2DAOsC;AAEtC,mEAA8D;AAC9D,qEAAgG;AAGhG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,MAAa,yBAA0B,SAAQ,wCAA6B;IACjE,YAAY,GAAG,UAAU,CAAC;IAClB,WAAW,CAA6B;IACxC,aAAa,CAA+B;IAE7D,YACE,MAAmB,EACnB,MAAmB,EACnB,WAAwB,EACxB,iBAAoC,EACpC,UAAsB,EACtB,cAA8B,EAC9B,eAA2C,EAC3C,iBAAoC;IACpC,0CAA0C;IAC1C,UAAgE,EAChE,cAAoC;IACpC,yFAAyF;IACzF,wBAAmD;IACnD,2EAA2E;IAC3E,YAA+B;IAC/B,qFAAqF;IACrF,oBAA2C;IAC3C,mEAAmE;IACnE,aAAqC;QAErC,KAAK,CACH,MAAM,EACN,MAAM,EACN,WAAW,EACX,iBAAiB,EACjB,UAAU,EACV,cAAc,EACd,eAAe,EACf,iBAAiB,EACjB,UAAU,EACV,cAAc,EACd,wBAAwB,EACxB,YAAY,EACZ,oBAAoB,CACrB,CAAC;QAEF,mCAAmC;QACnC,MAAM,cAAc,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAChD,IAAI,CAAC,cAAc,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;YAC/C,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;YACxB,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;YAC1B,OAAO,CAAC,qCAAqC;QAC/C,CAAC;QAED,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC;QAClH,IAAI,CAAC,WAAW,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;YACjD,6DAA6D;YAC7D,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;YACxB,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;YAC1B,OAAO;QACT,CAAC;QAED,IAAI,CAAC,WAAW,GAAG,IAAI,2CAAmB,CAAC;YACzC,QAAQ,EAAE,WAAW;YACrB,YAAY,EAAE,cAAc,CAAC,YAAY;YACzC,WAAW,EAAE,cAAc,CAAC,WAAW,IAAI,EAAE;YAC7C,MAAM,EAAE,cAAc,CAAC,MAAM,IAAI,CAAC,OAAO,EAAE,gBAAgB,CAAC;SAC7D,CAAC,CAAC;QAEH,oDAAoD;QACpD,IAAI,CAAC,aAAa;YAChB,aAAa;gBACb,IAAI,6CAA4B,CAAC,MAAM,CAAC;gBACvC,IAAI,CAAC,MAAoD,CAAC,aAAa;gBACxE,IAAI,CAAC;QAEP,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,uCAAuC,CAAC,CAAC;IAChE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,UAAU,CAAC,KAAc;QAC7B,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,+BAA+B,CAAC,CAAC;QACjG,CAAC;QACD,MAAM,UAAU,GAAG,KAAK,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QACjD,OAAO,IAAI,CAAC,WAAW,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC;IAC1D,CAAC;IAED;;;;;;;;;OASG;IACO,KAAK,CAAC,eAAe,CAAC,IAAY,EAAE,MAAc;QAC1D,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,+BAA+B,CAAC,CAAC;QACjG,CAAC;QACD,MAAM,cAAc,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAChD,IAAI,CAAC,cAAc,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,CAAC;YACnD,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,+CAA+C,CAAC,CAAC;QACjH,CAAC;QAED,iCAAiC;QACjC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,oBAAoB,CAAC,IAAI,EAAE,cAAc,CAAC,WAAW,CAAC,CAAC;QAE7F,iCAAiC;QACjC,OAAO,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IACnE,CAAC;IAED;;;;;;;;;;OAUG;IACO,KAAK,CAAC,iBAAiB,CAC/B,OAAe,EACf,YAAqB,EACrB,WAAqB;QAErB,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,+BAA+B,CAAC,CAAC;QACjG,CAAC;QACD,MAAM,cAAc,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAChD,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,kCAAkC,CAAC,CAAC;QACpG,CAAC;QAED,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,QAAQ,IAAI,EAAE,CAAC;QAClH,MAAM,SAAS,GAAG,cAAc,CAAC,YAAY,IAAI,EAAE,CAAC;QAEpD,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,mBAAmB,EAAE,CAAC;YAC5C,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,0CAA0C,CAAC,CAAC;QAC5G,CAAC;QAED,yEAAyE;QACzE,2DAA2D;QAC3D,MAAM,WAAW,GAAG,OAAO,CAAC;QAE5B,gDAAgD;QAChD,MAAM,QAAQ,GAAG,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAC5D,WAAW,EACX,KAAK,EACL,SAAS,CACV,CAAiC,CAAC;QACnC,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,gCAAgC,QAAQ,CAAC,KAAK,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;QAEtF,+DAA+D;QAC/D,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;YACpB,MAAM,IAAI,qBAAc,CACtB,oBAAa,CAAC,qBAAqB,EACnC,kEAAkE,CACnE,CAAC;QACJ,CAAC;QAED,mDAAmD;QACnD,MAAM,gBAAgB,GAAG,WAAsF,CAAC;QAChH,OAAO;YACL,EAAE,EAAE,QAAQ,CAAC,EAAE;YACf,KAAK,EAAE,QAAQ,CAAC,KAAK,IAAI,EAAE;YAC3B,SAAS,EAAE,QAAQ,CAAC,UAAU,IAAI,gBAAgB,EAAE,SAAS,IAAI,IAAI;YACrE,QAAQ,EAAE,QAAQ,CAAC,SAAS,IAAI,gBAAgB,EAAE,QAAQ,IAAI,IAAI;YAClE,OAAO,EAAE,QAAQ,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,IAAI,gBAAgB,EAAE,OAAO,IAAI,IAAI;YACzE,QAAQ,EAAE,IAAI,EAAE,4CAA4C;YAC5D,GAAG,EAAE;gBACH,EAAE,EAAE,QAAQ,CAAC,EAAE;gBACf,KAAK,EAAE,QAAQ,CAAC,KAAK;gBACrB,UAAU,EAAE,QAAQ,CAAC,UAAU;gBAC/B,SAAS,EAAE,QAAQ,CAAC,SAAS;gBAC7B,OAAO,EAAE,QAAQ,CAAC,OAAO;aACY;SACxC,CAAC;IACJ,CAAC;CACF;AAxLD,8DAwLC"}

package/dist/src/index.d.ts

@@ -1,3 +1,9 @@
+/**
+ * @nauth-toolkit/social-facebook
+ *
+ * Platform-agnostic Facebook OAuth provider for nauth-toolkit.
+ * For NestJS integration, use '@nauth-toolkit/social-facebook/nestjs'
+ */
 export { FacebookOAuthClient } from './facebook-oauth.client';
 export { TokenVerifierService } from './token-verifier.service';
 export { FacebookSocialAuthService } from './facebook-social-auth.service';

package/dist/src/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,EAAE,4BAA4B,EAAE,MAAM,oCAAoC,CAAC;AAClF,cAAc,wBAAwB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,EAAE,4BAA4B,EAAE,MAAM,oCAAoC,CAAC;AAClF,cAAc,wBAAwB,CAAC"}

package/dist/src/index.js

@@ -1,4 +1,10 @@
 "use strict";
+/**
+ * @nauth-toolkit/social-facebook
+ *
+ * Platform-agnostic Facebook OAuth provider for nauth-toolkit.
+ * For NestJS integration, use '@nauth-toolkit/social-facebook/nestjs'
+ */
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     var desc = Object.getOwnPropertyDescriptor(m, k);

package/dist/src/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAOA,iEAA8D;AAArD,4HAAA,mBAAmB,OAAA;AAC5B,mEAAgE;AAAvD,8HAAA,oBAAoB,OAAA;AAC7B,+EAA2E;AAAlE,yIAAA,yBAAyB,OAAA;AAElC,yDAAuC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;;;;;;;;;;;;;;;AAEH,iEAA8D;AAArD,4HAAA,mBAAmB,OAAA;AAC5B,mEAAgE;AAAvD,8HAAA,oBAAoB,OAAA;AAC7B,+EAA2E;AAAlE,yIAAA,yBAAyB,OAAA;AAElC,yDAAuC"}

package/dist/src/token-verifier.service.d.ts

@@ -1,8 +1,48 @@
 import { NAuthConfig, ITokenVerifierService } from '@nauth-toolkit/core';
 import { VerifiedFacebookTokenProfile } from './verified-token-profile.interface';
+/**
+ * Token Verifier Service for Facebook OAuth (Platform-Agnostic)
+ *
+ * Handles secure verification of Facebook access tokens via Graph API.
+ * Validates tokens by calling Facebook's debug_token endpoint.
+ *
+ * Security Features:
+ * - Facebook: Validates access tokens via Facebook Graph API
+ *
+ * This is a plain TypeScript class with no framework dependencies.
+ *
+ * @example
+ * ```typescript
+ * const verifier = new TokenVerifierService(config);
+ * const profile = await verifier.verifyFacebookToken(accessToken, appId, appSecret);
+ * console.log(profile.id); // Verified Facebook user ID
+ * ```
+ */
 export declare class TokenVerifierService implements ITokenVerifierService {
     private readonly logger;
     constructor(config: NAuthConfig);
+    /**
+     * Verify Facebook access token via Graph API
+     *
+     * Validates the access token by calling Facebook's debug_token endpoint,
+     * which checks the token's validity and returns user information.
+     *
+     * @param accessToken - Access token from Facebook OAuth
+     * @param appId - Facebook App ID
+     * @param appSecret - Facebook App Secret (server-side only)
+     * @returns Verified user profile data
+     * @throws {BadRequestException} When token is invalid or API call fails
+     *
+     * @example
+     * ```typescript
+     * try {
+     *   const profile = await verifier.verifyFacebookToken(accessToken, appId, appSecret);
+     *   console.log(`Verified Facebook user: ${profile.id}`);
+     * } catch (error) {
+     *   console.error('Token verification failed:', error.message);
+     * }
+     * ```
+     */
     verifyFacebookToken(accessToken: string, appId: string, appSecret: string): Promise<VerifiedFacebookTokenProfile>;
 }
 //# sourceMappingURL=token-verifier.service.d.ts.map

package/dist/src/token-verifier.service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"token-verifier.service.d.ts","sourceRoot":"","sources":["../../src/token-verifier.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAA8C,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AACrH,OAAO,EAAE,4BAA4B,EAAE,MAAM,oCAAoC,CAAC;AAoBlF,qBAAa,oBAAqB,YAAW,qBAAqB;IAChE,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAc;gBAEzB,MAAM,EAAE,WAAW;IA0BzB,mBAAmB,CACvB,WAAW,EAAE,MAAM,EACnB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,4BAA4B,CAAC;CAoDzC"}
+{"version":3,"file":"token-verifier.service.d.ts","sourceRoot":"","sources":["../../src/token-verifier.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAA8C,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AACrH,OAAO,EAAE,4BAA4B,EAAE,MAAM,oCAAoC,CAAC;AAElF;;;;;;;;;;;;;;;;;GAiBG;AACH,qBAAa,oBAAqB,YAAW,qBAAqB;IAChE,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAc;gBAEzB,MAAM,EAAE,WAAW;IAI/B;;;;;;;;;;;;;;;;;;;;;OAqBG;IACG,mBAAmB,CACvB,WAAW,EAAE,MAAM,EACnB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,4BAA4B,CAAC;CAoDzC"}

package/dist/src/token-verifier.service.js

@@ -2,26 +2,70 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.TokenVerifierService = void 0;
 const core_1 = require("@nauth-toolkit/core");
+/**
+ * Token Verifier Service for Facebook OAuth (Platform-Agnostic)
+ *
+ * Handles secure verification of Facebook access tokens via Graph API.
+ * Validates tokens by calling Facebook's debug_token endpoint.
+ *
+ * Security Features:
+ * - Facebook: Validates access tokens via Facebook Graph API
+ *
+ * This is a plain TypeScript class with no framework dependencies.
+ *
+ * @example
+ * ```typescript
+ * const verifier = new TokenVerifierService(config);
+ * const profile = await verifier.verifyFacebookToken(accessToken, appId, appSecret);
+ * console.log(profile.id); // Verified Facebook user ID
+ * ```
+ */
 class TokenVerifierService {
     logger;
     constructor(config) {
         this.logger = config.logger;
     }
+    /**
+     * Verify Facebook access token via Graph API
+     *
+     * Validates the access token by calling Facebook's debug_token endpoint,
+     * which checks the token's validity and returns user information.
+     *
+     * @param accessToken - Access token from Facebook OAuth
+     * @param appId - Facebook App ID
+     * @param appSecret - Facebook App Secret (server-side only)
+     * @returns Verified user profile data
+     * @throws {BadRequestException} When token is invalid or API call fails
+     *
+     * @example
+     * ```typescript
+     * try {
+     *   const profile = await verifier.verifyFacebookToken(accessToken, appId, appSecret);
+     *   console.log(`Verified Facebook user: ${profile.id}`);
+     * } catch (error) {
+     *   console.error('Token verification failed:', error.message);
+     * }
+     * ```
+     */
     async verifyFacebookToken(accessToken, appId, appSecret) {
         try {
             this.logger?.debug?.('[TokenVerifier] Verifying Facebook token with Graph API');
+            // Step 1: Verify token with debug_token endpoint
             const debugUrl = `https://graph.facebook.com/debug_token?input_token=${accessToken}&access_token=${appId}|${appSecret}`;
             const debugResponse = await fetch(debugUrl);
             if (!debugResponse.ok) {
                 throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_TOKEN_INVALID, 'Facebook token validation failed');
             }
             const debugData = (await debugResponse.json());
+            // Check if token is valid
             if (!debugData.data || !debugData.data.is_valid) {
                 throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_TOKEN_INVALID, 'Invalid Facebook access token');
             }
+            // Check if token belongs to the correct app
             if (debugData.data.app_id !== appId) {
                 throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_TOKEN_INVALID, 'Token does not belong to this app');
             }
+            // Step 2: Get user profile
             const profileUrl = `https://graph.facebook.com/me?fields=id,email,first_name,last_name,picture&access_token=${accessToken}`;
             const profileResponse = await fetch(profileUrl);
             if (!profileResponse.ok) {

package/dist/src/token-verifier.service.js.map

@@ -1 +1 @@
-{"version":3,"file":"token-verifier.service.js","sourceRoot":"","sources":["../../src/token-verifier.service.ts"],"names":[],"mappings":";;;AAAA,8CAAqH;AAqBrH,MAAa,oBAAoB;IACd,MAAM,CAAc;IAErC,YAAY,MAAmB;QAC7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAqB,CAAC;IAC7C,CAAC;IAwBD,KAAK,CAAC,mBAAmB,CACvB,WAAmB,EACnB,KAAa,EACb,SAAiB;QAEjB,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,yDAAyD,CAAC,CAAC;YAGhF,MAAM,QAAQ,GAAG,sDAAsD,WAAW,iBAAiB,KAAK,IAAI,SAAS,EAAE,CAAC;YACxH,MAAM,aAAa,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,CAAC;YAE5C,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE,CAAC;gBACtB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,oBAAoB,EAAE,kCAAkC,CAAC,CAAC;YACnG,CAAC;YAED,MAAM,SAAS,GAAG,CAAC,MAAM,aAAa,CAAC,IAAI,EAAE,CAAQ,CAAC;YAGtD,IAAI,CAAC,SAAS,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAChD,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,oBAAoB,EAAE,+BAA+B,CAAC,CAAC;YAChG,CAAC;YAGD,IAAI,SAAS,CAAC,IAAI,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;gBACpC,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,oBAAoB,EAAE,mCAAmC,CAAC,CAAC;YACpG,CAAC;YAGD,MAAM,UAAU,GAAG,2FAA2F,WAAW,EAAE,CAAC;YAC5H,MAAM,eAAe,GAAG,MAAM,KAAK,CAAC,UAAU,CAAC,CAAC;YAEhD,IAAI,CAAC,eAAe,CAAC,EAAE,EAAE,CAAC;gBACxB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,oBAAoB,EAAE,uCAAuC,CAAC,CAAC;YACxG,CAAC;YAED,MAAM,OAAO,GAAG,CAAC,MAAM,eAAe,CAAC,IAAI,EAAE,CAAQ,CAAC;YAEtD,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,qDAAqD,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC;YAEvG,OAAO;gBACL,EAAE,EAAE,OAAO,CAAC,EAAE;gBACd,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,OAAO,EAAE,OAAO,CAAC,OAAO;aACzB,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;YAC9E,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,uDAAuD,YAAY,EAAE,CAAC,CAAC;YAC5F,MAAM,IAAI,qBAAc,CACtB,oBAAa,CAAC,oBAAoB,EAClC,uCAAuC,YAAY,EAAE,CACtD,CAAC;QACJ,CAAC;IACH,CAAC;CACF;AArFD,oDAqFC"}
+{"version":3,"file":"token-verifier.service.js","sourceRoot":"","sources":["../../src/token-verifier.service.ts"],"names":[],"mappings":";;;AAAA,8CAAqH;AAGrH;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAa,oBAAoB;IACd,MAAM,CAAc;IAErC,YAAY,MAAmB;QAC7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAqB,CAAC;IAC7C,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;OAqBG;IACH,KAAK,CAAC,mBAAmB,CACvB,WAAmB,EACnB,KAAa,EACb,SAAiB;QAEjB,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,yDAAyD,CAAC,CAAC;YAEhF,iDAAiD;YACjD,MAAM,QAAQ,GAAG,sDAAsD,WAAW,iBAAiB,KAAK,IAAI,SAAS,EAAE,CAAC;YACxH,MAAM,aAAa,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,CAAC;YAE5C,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE,CAAC;gBACtB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,oBAAoB,EAAE,kCAAkC,CAAC,CAAC;YACnG,CAAC;YAED,MAAM,SAAS,GAAG,CAAC,MAAM,aAAa,CAAC,IAAI,EAAE,CAAQ,CAAC;YAEtD,0BAA0B;YAC1B,IAAI,CAAC,SAAS,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAChD,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,oBAAoB,EAAE,+BAA+B,CAAC,CAAC;YAChG,CAAC;YAED,4CAA4C;YAC5C,IAAI,SAAS,CAAC,IAAI,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;gBACpC,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,oBAAoB,EAAE,mCAAmC,CAAC,CAAC;YACpG,CAAC;YAED,2BAA2B;YAC3B,MAAM,UAAU,GAAG,2FAA2F,WAAW,EAAE,CAAC;YAC5H,MAAM,eAAe,GAAG,MAAM,KAAK,CAAC,UAAU,CAAC,CAAC;YAEhD,IAAI,CAAC,eAAe,CAAC,EAAE,EAAE,CAAC;gBACxB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,oBAAoB,EAAE,uCAAuC,CAAC,CAAC;YACxG,CAAC;YAED,MAAM,OAAO,GAAG,CAAC,MAAM,eAAe,CAAC,IAAI,EAAE,CAAQ,CAAC;YAEtD,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,qDAAqD,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC;YAEvG,OAAO;gBACL,EAAE,EAAE,OAAO,CAAC,EAAE;gBACd,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,OAAO,EAAE,OAAO,CAAC,OAAO;aACzB,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;YAC9E,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,uDAAuD,YAAY,EAAE,CAAC,CAAC;YAC5F,MAAM,IAAI,qBAAc,CACtB,oBAAa,CAAC,oBAAoB,EAClC,uCAAuC,YAAY,EAAE,CACtD,CAAC;QACJ,CAAC;IACH,CAAC;CACF;AArFD,oDAqFC"}

package/dist/src/verified-token-profile.interface.d.ts

@@ -1,8 +1,29 @@
+/**
+ * Verified Token Profile - Facebook OAuth
+ *
+ * Standardized return type for Facebook token verification.
+ * This is provider-specific and should not be in core.
+ */
 export interface VerifiedFacebookTokenProfile {
+    /**
+     * Facebook user ID
+     */
     id: string;
+    /**
+     * User's email address
+     */
     email?: string;
+    /**
+     * User's first name
+     */
     first_name?: string;
+    /**
+     * User's last name
+     */
     last_name?: string;
+    /**
+     * User's profile picture data
+     */
     picture?: {
         data: {
             url: string;

package/dist/src/verified-token-profile.interface.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"verified-token-profile.interface.d.ts","sourceRoot":"","sources":["../../src/verified-token-profile.interface.ts"],"names":[],"mappings":"AAMA,MAAM,WAAW,4BAA4B;IAI3C,EAAE,EAAE,MAAM,CAAC;IAKX,KAAK,CAAC,EAAE,MAAM,CAAC;IAKf,UAAU,CAAC,EAAE,MAAM,CAAC;IAKpB,SAAS,CAAC,EAAE,MAAM,CAAC;IAKnB,OAAO,CAAC,EAAE;QACR,IAAI,EAAE;YACJ,GAAG,EAAE,MAAM,CAAC;SACb,CAAC;KACH,CAAC;CACH"}
+{"version":3,"file":"verified-token-profile.interface.d.ts","sourceRoot":"","sources":["../../src/verified-token-profile.interface.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,MAAM,WAAW,4BAA4B;IAC3C;;OAEG;IACH,EAAE,EAAE,MAAM,CAAC;IAEX;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,OAAO,CAAC,EAAE;QACR,IAAI,EAAE;YACJ,GAAG,EAAE,MAAM,CAAC;SACb,CAAC;KACH,CAAC;CACH"}