@nauth-toolkit/social-facebook 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +90 -0
- package/README.md +30 -0
- package/dist/nestjs/facebook-social-auth.module.d.ts +10 -0
- package/dist/nestjs/facebook-social-auth.module.d.ts.map +1 -0
- package/dist/nestjs/facebook-social-auth.module.js +72 -0
- package/dist/nestjs/facebook-social-auth.module.js.map +1 -0
- package/dist/nestjs/index.d.ts +7 -0
- package/dist/nestjs/index.d.ts.map +1 -0
- package/dist/nestjs/index.js +25 -0
- package/dist/nestjs/index.js.map +1 -0
- package/dist/src/dto/social-login.dto.d.ts +47 -0
- package/dist/src/dto/social-login.dto.d.ts.map +1 -0
- package/dist/src/dto/social-login.dto.js +131 -0
- package/dist/src/dto/social-login.dto.js.map +1 -0
- package/dist/src/facebook-oauth.client.d.ts +15 -0
- package/dist/src/facebook-oauth.client.d.ts.map +1 -0
- package/dist/src/facebook-oauth.client.js +95 -0
- package/dist/src/facebook-oauth.client.js.map +1 -0
- package/dist/src/facebook-social-auth.service.d.ts +16 -0
- package/dist/src/facebook-social-auth.service.d.ts.map +1 -0
- package/dist/src/facebook-social-auth.service.js +94 -0
- package/dist/src/facebook-social-auth.service.js.map +1 -0
- package/dist/src/index.d.ts +6 -0
- package/dist/src/index.d.ts.map +1 -0
- package/dist/src/index.js +25 -0
- package/dist/src/index.js.map +1 -0
- package/dist/src/token-verifier.service.d.ts +8 -0
- package/dist/src/token-verifier.service.d.ts.map +1 -0
- package/dist/src/token-verifier.service.js +48 -0
- package/dist/src/token-verifier.service.js.map +1 -0
- package/dist/src/verified-token-profile.interface.d.ts +12 -0
- package/dist/src/verified-token-profile.interface.d.ts.map +1 -0
- package/dist/src/verified-token-profile.interface.js +3 -0
- package/dist/src/verified-token-profile.interface.js.map +1 -0
- package/dist/tsconfig.tsbuildinfo +1 -0
- package/package.json +64 -0
|
@@ -0,0 +1,94 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.FacebookSocialAuthService = void 0;
|
|
4
|
+
const core_1 = require("@nauth-toolkit/core");
|
|
5
|
+
const internal_1 = require("@nauth-toolkit/core/internal");
|
|
6
|
+
const facebook_oauth_client_1 = require("./facebook-oauth.client");
|
|
7
|
+
const token_verifier_service_1 = require("./token-verifier.service");
|
|
8
|
+
class FacebookSocialAuthService extends internal_1.BaseSocialAuthProviderService {
|
|
9
|
+
providerName = 'facebook';
|
|
10
|
+
oauthClient;
|
|
11
|
+
tokenVerifier;
|
|
12
|
+
constructor(config, logger, authService, socialAuthService, jwtService, sessionService, challengeHelper, clientInfoService, stateStore, userRepository, phoneVerificationService, auditService, trustedDeviceService, tokenVerifier) {
|
|
13
|
+
super(config, logger, authService, socialAuthService, jwtService, sessionService, challengeHelper, clientInfoService, stateStore, userRepository, phoneVerificationService, auditService, trustedDeviceService);
|
|
14
|
+
const providerConfig = this.getProviderConfig();
|
|
15
|
+
if (!providerConfig || !providerConfig.enabled) {
|
|
16
|
+
this.oauthClient = null;
|
|
17
|
+
this.tokenVerifier = null;
|
|
18
|
+
return;
|
|
19
|
+
}
|
|
20
|
+
if (!providerConfig.clientId || !providerConfig.clientSecret) {
|
|
21
|
+
this.oauthClient = null;
|
|
22
|
+
this.tokenVerifier = null;
|
|
23
|
+
return;
|
|
24
|
+
}
|
|
25
|
+
this.oauthClient = new facebook_oauth_client_1.FacebookOAuthClient({
|
|
26
|
+
clientId: providerConfig.clientId,
|
|
27
|
+
clientSecret: providerConfig.clientSecret,
|
|
28
|
+
redirectUri: providerConfig.callbackUrl || '',
|
|
29
|
+
scopes: providerConfig.scopes || ['email', 'public_profile'],
|
|
30
|
+
});
|
|
31
|
+
this.tokenVerifier =
|
|
32
|
+
tokenVerifier ||
|
|
33
|
+
new token_verifier_service_1.TokenVerifierService(config) ||
|
|
34
|
+
this.config.tokenVerifier ||
|
|
35
|
+
null;
|
|
36
|
+
this.logger?.debug?.('FacebookSocialAuthService initialized');
|
|
37
|
+
}
|
|
38
|
+
async getAuthUrl(state) {
|
|
39
|
+
if (!this.oauthClient) {
|
|
40
|
+
throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_CONFIG_MISSING, 'Facebook OAuth is not enabled');
|
|
41
|
+
}
|
|
42
|
+
const finalState = state || this.generateState();
|
|
43
|
+
return this.oauthClient.getAuthorizationUrl(finalState);
|
|
44
|
+
}
|
|
45
|
+
async getOAuthProfile(code, _state) {
|
|
46
|
+
if (!this.oauthClient) {
|
|
47
|
+
throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_CONFIG_MISSING, 'Facebook OAuth is not enabled');
|
|
48
|
+
}
|
|
49
|
+
const providerConfig = this.getProviderConfig();
|
|
50
|
+
if (!providerConfig || !providerConfig.callbackUrl) {
|
|
51
|
+
throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_CONFIG_MISSING, 'Facebook OAuth callback URL is not configured');
|
|
52
|
+
}
|
|
53
|
+
const tokens = await this.oauthClient.exchangeCodeForToken(code, providerConfig.callbackUrl);
|
|
54
|
+
return await this.oauthClient.getUserProfile(tokens.accessToken);
|
|
55
|
+
}
|
|
56
|
+
async verifyNativeToken(idToken, _accessToken, profileData) {
|
|
57
|
+
if (!this.tokenVerifier) {
|
|
58
|
+
throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_CONFIG_MISSING, 'Facebook OAuth is not enabled');
|
|
59
|
+
}
|
|
60
|
+
const providerConfig = this.getProviderConfig();
|
|
61
|
+
if (!providerConfig) {
|
|
62
|
+
throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_CONFIG_MISSING, 'Facebook OAuth is not configured');
|
|
63
|
+
}
|
|
64
|
+
const appId = providerConfig.clientId || '';
|
|
65
|
+
const appSecret = providerConfig.clientSecret || '';
|
|
66
|
+
if (!this.tokenVerifier.verifyFacebookToken) {
|
|
67
|
+
throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_CONFIG_MISSING, 'Facebook token verifier is not available');
|
|
68
|
+
}
|
|
69
|
+
const accessToken = idToken;
|
|
70
|
+
const verified = (await this.tokenVerifier.verifyFacebookToken(accessToken, appId, appSecret));
|
|
71
|
+
this.logger?.debug?.(`Verified Facebook token for: ${verified.email || verified.id}`);
|
|
72
|
+
if (!verified.email) {
|
|
73
|
+
throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_EMAIL_REQUIRED, 'Email is required from Facebook. Please grant email permissions.');
|
|
74
|
+
}
|
|
75
|
+
const profileDataTyped = profileData;
|
|
76
|
+
return {
|
|
77
|
+
id: verified.id,
|
|
78
|
+
email: verified.email || '',
|
|
79
|
+
firstName: verified.first_name || profileDataTyped?.firstName || null,
|
|
80
|
+
lastName: verified.last_name || profileDataTyped?.lastName || null,
|
|
81
|
+
picture: verified.picture?.data?.url || profileDataTyped?.picture || null,
|
|
82
|
+
verified: true,
|
|
83
|
+
raw: {
|
|
84
|
+
id: verified.id,
|
|
85
|
+
email: verified.email,
|
|
86
|
+
first_name: verified.first_name,
|
|
87
|
+
last_name: verified.last_name,
|
|
88
|
+
picture: verified.picture,
|
|
89
|
+
},
|
|
90
|
+
};
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
exports.FacebookSocialAuthService = FacebookSocialAuthService;
|
|
94
|
+
//# sourceMappingURL=facebook-social-auth.service.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"facebook-social-auth.service.js","sourceRoot":"","sources":["../../src/facebook-social-auth.service.ts"],"names":[],"mappings":";;;AACA,8CAa6B;AAE7B,2DAOsC;AAEtC,mEAA8D;AAC9D,qEAAgG;AAiChG,MAAa,yBAA0B,SAAQ,wCAA6B;IACjE,YAAY,GAAG,UAAU,CAAC;IAClB,WAAW,CAA6B;IACxC,aAAa,CAA+B;IAE7D,YACE,MAAmB,EACnB,MAAmB,EACnB,WAAwB,EACxB,iBAAoC,EACpC,UAAsB,EACtB,cAA8B,EAC9B,eAA2C,EAC3C,iBAAoC,EAEpC,UAAgE,EAChE,cAAoC,EAEpC,wBAAmD,EAEnD,YAA+B,EAE/B,oBAA2C,EAE3C,aAAqC;QAErC,KAAK,CACH,MAAM,EACN,MAAM,EACN,WAAW,EACX,iBAAiB,EACjB,UAAU,EACV,cAAc,EACd,eAAe,EACf,iBAAiB,EACjB,UAAU,EACV,cAAc,EACd,wBAAwB,EACxB,YAAY,EACZ,oBAAoB,CACrB,CAAC;QAGF,MAAM,cAAc,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAChD,IAAI,CAAC,cAAc,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;YAC/C,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;YACxB,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;YAC1B,OAAO;QACT,CAAC;QAED,IAAI,CAAC,cAAc,CAAC,QAAQ,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;YAE7D,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;YACxB,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;YAC1B,OAAO;QACT,CAAC;QAED,IAAI,CAAC,WAAW,GAAG,IAAI,2CAAmB,CAAC;YACzC,QAAQ,EAAE,cAAc,CAAC,QAAQ;YACjC,YAAY,EAAE,cAAc,CAAC,YAAY;YACzC,WAAW,EAAE,cAAc,CAAC,WAAW,IAAI,EAAE;YAC7C,MAAM,EAAE,cAAc,CAAC,MAAM,IAAI,CAAC,OAAO,EAAE,gBAAgB,CAAC;SAC7D,CAAC,CAAC;QAGH,IAAI,CAAC,aAAa;YAChB,aAAa;gBACb,IAAI,6CAA4B,CAAC,MAAM,CAAC;gBACvC,IAAI,CAAC,MAAoD,CAAC,aAAa;gBACxE,IAAI,CAAC;QAEP,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,uCAAuC,CAAC,CAAC;IAChE,CAAC;IAQD,KAAK,CAAC,UAAU,CAAC,KAAc;QAC7B,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,+BAA+B,CAAC,CAAC;QACjG,CAAC;QACD,MAAM,UAAU,GAAG,KAAK,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QACjD,OAAO,IAAI,CAAC,WAAW,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC;IAC1D,CAAC;IAYS,KAAK,CAAC,eAAe,CAAC,IAAY,EAAE,MAAc;QAC1D,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,+BAA+B,CAAC,CAAC;QACjG,CAAC;QACD,MAAM,cAAc,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAChD,IAAI,CAAC,cAAc,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,CAAC;YACnD,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,+CAA+C,CAAC,CAAC;QACjH,CAAC;QAGD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,oBAAoB,CAAC,IAAI,EAAE,cAAc,CAAC,WAAW,CAAC,CAAC;QAG7F,OAAO,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IACnE,CAAC;IAaS,KAAK,CAAC,iBAAiB,CAC/B,OAAe,EACf,YAAqB,EACrB,WAAqB;QAErB,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,+BAA+B,CAAC,CAAC;QACjG,CAAC;QACD,MAAM,cAAc,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAChD,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,kCAAkC,CAAC,CAAC;QACpG,CAAC;QAED,MAAM,KAAK,GAAG,cAAc,CAAC,QAAQ,IAAI,EAAE,CAAC;QAC5C,MAAM,SAAS,GAAG,cAAc,CAAC,YAAY,IAAI,EAAE,CAAC;QAEpD,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,mBAAmB,EAAE,CAAC;YAC5C,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,qBAAqB,EAAE,0CAA0C,CAAC,CAAC;QAC5G,CAAC;QAID,MAAM,WAAW,GAAG,OAAO,CAAC;QAG5B,MAAM,QAAQ,GAAG,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAC5D,WAAW,EACX,KAAK,EACL,SAAS,CACV,CAAiC,CAAC;QACnC,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,gCAAgC,QAAQ,CAAC,KAAK,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;QAGtF,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;YACpB,MAAM,IAAI,qBAAc,CACtB,oBAAa,CAAC,qBAAqB,EACnC,kEAAkE,CACnE,CAAC;QACJ,CAAC;QAGD,MAAM,gBAAgB,GAAG,WAAsF,CAAC;QAChH,OAAO;YACL,EAAE,EAAE,QAAQ,CAAC,EAAE;YACf,KAAK,EAAE,QAAQ,CAAC,KAAK,IAAI,EAAE;YAC3B,SAAS,EAAE,QAAQ,CAAC,UAAU,IAAI,gBAAgB,EAAE,SAAS,IAAI,IAAI;YACrE,QAAQ,EAAE,QAAQ,CAAC,SAAS,IAAI,gBAAgB,EAAE,QAAQ,IAAI,IAAI;YAClE,OAAO,EAAE,QAAQ,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,IAAI,gBAAgB,EAAE,OAAO,IAAI,IAAI;YACzE,QAAQ,EAAE,IAAI;YACd,GAAG,EAAE;gBACH,EAAE,EAAE,QAAQ,CAAC,EAAE;gBACf,KAAK,EAAE,QAAQ,CAAC,KAAK;gBACrB,UAAU,EAAE,QAAQ,CAAC,UAAU;gBAC/B,SAAS,EAAE,QAAQ,CAAC,SAAS;gBAC7B,OAAO,EAAE,QAAQ,CAAC,OAAO;aACY;SACxC,CAAC;IACJ,CAAC;CACF;AAvLD,8DAuLC"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
export { FacebookOAuthClient } from './facebook-oauth.client';
|
|
2
|
+
export { TokenVerifierService } from './token-verifier.service';
|
|
3
|
+
export { FacebookSocialAuthService } from './facebook-social-auth.service';
|
|
4
|
+
export { VerifiedFacebookTokenProfile } from './verified-token-profile.interface';
|
|
5
|
+
export * from './dto/social-login.dto';
|
|
6
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,EAAE,4BAA4B,EAAE,MAAM,oCAAoC,CAAC;AAClF,cAAc,wBAAwB,CAAC"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
exports.FacebookSocialAuthService = exports.TokenVerifierService = exports.FacebookOAuthClient = void 0;
|
|
18
|
+
var facebook_oauth_client_1 = require("./facebook-oauth.client");
|
|
19
|
+
Object.defineProperty(exports, "FacebookOAuthClient", { enumerable: true, get: function () { return facebook_oauth_client_1.FacebookOAuthClient; } });
|
|
20
|
+
var token_verifier_service_1 = require("./token-verifier.service");
|
|
21
|
+
Object.defineProperty(exports, "TokenVerifierService", { enumerable: true, get: function () { return token_verifier_service_1.TokenVerifierService; } });
|
|
22
|
+
var facebook_social_auth_service_1 = require("./facebook-social-auth.service");
|
|
23
|
+
Object.defineProperty(exports, "FacebookSocialAuthService", { enumerable: true, get: function () { return facebook_social_auth_service_1.FacebookSocialAuthService; } });
|
|
24
|
+
__exportStar(require("./dto/social-login.dto"), exports);
|
|
25
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAOA,iEAA8D;AAArD,4HAAA,mBAAmB,OAAA;AAC5B,mEAAgE;AAAvD,8HAAA,oBAAoB,OAAA;AAC7B,+EAA2E;AAAlE,yIAAA,yBAAyB,OAAA;AAElC,yDAAuC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { NAuthConfig, ITokenVerifierService } from '@nauth-toolkit/core';
|
|
2
|
+
import { VerifiedFacebookTokenProfile } from './verified-token-profile.interface';
|
|
3
|
+
export declare class TokenVerifierService implements ITokenVerifierService {
|
|
4
|
+
private readonly logger;
|
|
5
|
+
constructor(config: NAuthConfig);
|
|
6
|
+
verifyFacebookToken(accessToken: string, appId: string, appSecret: string): Promise<VerifiedFacebookTokenProfile>;
|
|
7
|
+
}
|
|
8
|
+
//# sourceMappingURL=token-verifier.service.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-verifier.service.d.ts","sourceRoot":"","sources":["../../src/token-verifier.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAA8C,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AACrH,OAAO,EAAE,4BAA4B,EAAE,MAAM,oCAAoC,CAAC;AAoBlF,qBAAa,oBAAqB,YAAW,qBAAqB;IAChE,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAc;gBAEzB,MAAM,EAAE,WAAW;IA0BzB,mBAAmB,CACvB,WAAW,EAAE,MAAM,EACnB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,4BAA4B,CAAC;CAoDzC"}
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.TokenVerifierService = void 0;
|
|
4
|
+
const core_1 = require("@nauth-toolkit/core");
|
|
5
|
+
class TokenVerifierService {
|
|
6
|
+
logger;
|
|
7
|
+
constructor(config) {
|
|
8
|
+
this.logger = config.logger;
|
|
9
|
+
}
|
|
10
|
+
async verifyFacebookToken(accessToken, appId, appSecret) {
|
|
11
|
+
try {
|
|
12
|
+
this.logger?.debug?.('[TokenVerifier] Verifying Facebook token with Graph API');
|
|
13
|
+
const debugUrl = `https://graph.facebook.com/debug_token?input_token=${accessToken}&access_token=${appId}|${appSecret}`;
|
|
14
|
+
const debugResponse = await fetch(debugUrl);
|
|
15
|
+
if (!debugResponse.ok) {
|
|
16
|
+
throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_TOKEN_INVALID, 'Facebook token validation failed');
|
|
17
|
+
}
|
|
18
|
+
const debugData = (await debugResponse.json());
|
|
19
|
+
if (!debugData.data || !debugData.data.is_valid) {
|
|
20
|
+
throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_TOKEN_INVALID, 'Invalid Facebook access token');
|
|
21
|
+
}
|
|
22
|
+
if (debugData.data.app_id !== appId) {
|
|
23
|
+
throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_TOKEN_INVALID, 'Token does not belong to this app');
|
|
24
|
+
}
|
|
25
|
+
const profileUrl = `https://graph.facebook.com/me?fields=id,email,first_name,last_name,picture&access_token=${accessToken}`;
|
|
26
|
+
const profileResponse = await fetch(profileUrl);
|
|
27
|
+
if (!profileResponse.ok) {
|
|
28
|
+
throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_TOKEN_INVALID, 'Failed to fetch Facebook user profile');
|
|
29
|
+
}
|
|
30
|
+
const profile = (await profileResponse.json());
|
|
31
|
+
this.logger?.log?.(`[TokenVerifier] Facebook token verified (secure): ${profile.email || profile.id}`);
|
|
32
|
+
return {
|
|
33
|
+
id: profile.id,
|
|
34
|
+
email: profile.email,
|
|
35
|
+
first_name: profile.first_name,
|
|
36
|
+
last_name: profile.last_name,
|
|
37
|
+
picture: profile.picture,
|
|
38
|
+
};
|
|
39
|
+
}
|
|
40
|
+
catch (error) {
|
|
41
|
+
const errorMessage = error instanceof Error ? error.message : 'Unknown error';
|
|
42
|
+
this.logger?.error?.(`[TokenVerifier] Facebook token verification FAILED: ${errorMessage}`);
|
|
43
|
+
throw new core_1.NAuthException(core_1.AuthErrorCode.SOCIAL_TOKEN_INVALID, `Facebook token verification failed: ${errorMessage}`);
|
|
44
|
+
}
|
|
45
|
+
}
|
|
46
|
+
}
|
|
47
|
+
exports.TokenVerifierService = TokenVerifierService;
|
|
48
|
+
//# sourceMappingURL=token-verifier.service.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-verifier.service.js","sourceRoot":"","sources":["../../src/token-verifier.service.ts"],"names":[],"mappings":";;;AAAA,8CAAqH;AAqBrH,MAAa,oBAAoB;IACd,MAAM,CAAc;IAErC,YAAY,MAAmB;QAC7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAqB,CAAC;IAC7C,CAAC;IAwBD,KAAK,CAAC,mBAAmB,CACvB,WAAmB,EACnB,KAAa,EACb,SAAiB;QAEjB,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,yDAAyD,CAAC,CAAC;YAGhF,MAAM,QAAQ,GAAG,sDAAsD,WAAW,iBAAiB,KAAK,IAAI,SAAS,EAAE,CAAC;YACxH,MAAM,aAAa,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,CAAC;YAE5C,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE,CAAC;gBACtB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,oBAAoB,EAAE,kCAAkC,CAAC,CAAC;YACnG,CAAC;YAED,MAAM,SAAS,GAAG,CAAC,MAAM,aAAa,CAAC,IAAI,EAAE,CAAQ,CAAC;YAGtD,IAAI,CAAC,SAAS,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAChD,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,oBAAoB,EAAE,+BAA+B,CAAC,CAAC;YAChG,CAAC;YAGD,IAAI,SAAS,CAAC,IAAI,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;gBACpC,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,oBAAoB,EAAE,mCAAmC,CAAC,CAAC;YACpG,CAAC;YAGD,MAAM,UAAU,GAAG,2FAA2F,WAAW,EAAE,CAAC;YAC5H,MAAM,eAAe,GAAG,MAAM,KAAK,CAAC,UAAU,CAAC,CAAC;YAEhD,IAAI,CAAC,eAAe,CAAC,EAAE,EAAE,CAAC;gBACxB,MAAM,IAAI,qBAAc,CAAC,oBAAa,CAAC,oBAAoB,EAAE,uCAAuC,CAAC,CAAC;YACxG,CAAC;YAED,MAAM,OAAO,GAAG,CAAC,MAAM,eAAe,CAAC,IAAI,EAAE,CAAQ,CAAC;YAEtD,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,qDAAqD,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC;YAEvG,OAAO;gBACL,EAAE,EAAE,OAAO,CAAC,EAAE;gBACd,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,OAAO,EAAE,OAAO,CAAC,OAAO;aACzB,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;YAC9E,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,uDAAuD,YAAY,EAAE,CAAC,CAAC;YAC5F,MAAM,IAAI,qBAAc,CACtB,oBAAa,CAAC,oBAAoB,EAClC,uCAAuC,YAAY,EAAE,CACtD,CAAC;QACJ,CAAC;IACH,CAAC;CACF;AArFD,oDAqFC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verified-token-profile.interface.d.ts","sourceRoot":"","sources":["../../src/verified-token-profile.interface.ts"],"names":[],"mappings":"AAMA,MAAM,WAAW,4BAA4B;IAI3C,EAAE,EAAE,MAAM,CAAC;IAKX,KAAK,CAAC,EAAE,MAAM,CAAC;IAKf,UAAU,CAAC,EAAE,MAAM,CAAC;IAKpB,SAAS,CAAC,EAAE,MAAM,CAAC;IAKnB,OAAO,CAAC,EAAE;QACR,IAAI,EAAE;YACJ,GAAG,EAAE,MAAM,CAAC;SACb,CAAC;KACH,CAAC;CACH"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verified-token-profile.interface.js","sourceRoot":"","sources":["../../src/verified-token-profile.interface.ts"],"names":[],"mappings":""}
|