@qlover/oauth-wrapper 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +11 -0
- package/dist/core.cjs +6 -6
- package/dist/core.d.ts +27 -26
- package/dist/core.js +6 -6
- package/dist/index.cjs +6 -6
- package/dist/index.d.ts +10 -9
- package/dist/index.js +6 -6
- package/package.json +3 -3
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,16 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## 0.2.1
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
#### ♻️ Refactors
|
|
8
|
+
|
|
9
|
+
- **oauth-wrapper:** change userId type from number to string across interfaces and schemas ([bfe85fa](https://github.com/qlover/fe-base/commit/bfe85fa6e82561164a936dca7e8a9d8e1ca6b7e3)) ([#618](https://github.com/qlover/fe-base/pull/618))
|
|
10
|
+
- Updated the `ownerUserId` and `userId` parameters in various interfaces and schemas to use `string` instead of `number` for better compatibility with string-based identifiers.
|
|
11
|
+
- Adjusted related service methods to reflect the new type, ensuring consistency across the OAuth wrapper implementation.
|
|
12
|
+
- Enhanced the `OAuthClientRowSchema` and other schemas to align with the updated user ID type, improving data validation and integrity.
|
|
13
|
+
|
|
3
14
|
## 0.2.0
|
|
4
15
|
|
|
5
16
|
### Minor Changes
|
package/dist/core.cjs
CHANGED
|
@@ -64,7 +64,7 @@ function isOAuthRedirectUri(value) {
|
|
|
64
64
|
}
|
|
65
65
|
var oauthRedirectUriSchema = import_zod.z.string().min(1).refine(isOAuthRedirectUri, { message: "Invalid redirect URI" });
|
|
66
66
|
var OAuthClientRowSchema = import_zod.z.object({
|
|
67
|
-
id: import_zod.z.
|
|
67
|
+
id: import_zod.z.string(),
|
|
68
68
|
client_id: import_zod.z.string(),
|
|
69
69
|
client_secret_hash: import_zod.z.string().nullable().optional(),
|
|
70
70
|
client_name: import_zod.z.string(),
|
|
@@ -74,7 +74,7 @@ var OAuthClientRowSchema = import_zod.z.object({
|
|
|
74
74
|
grant_types: import_zod.z.array(import_zod.z.string()),
|
|
75
75
|
scopes: import_zod.z.array(import_zod.z.string()),
|
|
76
76
|
confidential: import_zod.z.boolean(),
|
|
77
|
-
owner_user_id: import_zod.z.
|
|
77
|
+
owner_user_id: import_zod.z.string(),
|
|
78
78
|
created_at: import_zod.z.string(),
|
|
79
79
|
updated_at: import_zod.z.string()
|
|
80
80
|
});
|
|
@@ -147,7 +147,7 @@ var OAuthConsentBodySchema = import_zod.z.object({
|
|
|
147
147
|
var OAuthAuthorizationCodeRowSchema = import_zod.z.object({
|
|
148
148
|
code: import_zod.z.string(),
|
|
149
149
|
client_id: import_zod.z.string(),
|
|
150
|
-
user_id: import_zod.z.
|
|
150
|
+
user_id: import_zod.z.string(),
|
|
151
151
|
redirect_uri: import_zod.z.string(),
|
|
152
152
|
scope: import_zod.z.string().nullable().optional(),
|
|
153
153
|
code_challenge: import_zod.z.string().nullable().optional(),
|
|
@@ -160,16 +160,16 @@ var OAuthAuthorizationCodeRowSchema = import_zod.z.object({
|
|
|
160
160
|
// src/core/schema/OAuthClientSchema.ts
|
|
161
161
|
var import_zod2 = require("zod");
|
|
162
162
|
var OAuthUserCredentialsSchema = import_zod2.z.object({
|
|
163
|
-
user_id: import_zod2.z.
|
|
163
|
+
user_id: import_zod2.z.string(),
|
|
164
164
|
provider_refresh_token: import_zod2.z.string().nullable().optional(),
|
|
165
165
|
provider_session_token: import_zod2.z.string().nullable().optional(),
|
|
166
166
|
updated_at: import_zod2.z.string()
|
|
167
167
|
});
|
|
168
168
|
var OAuthRefreshTokenSchema = import_zod2.z.object({
|
|
169
|
-
id: import_zod2.z.
|
|
169
|
+
id: import_zod2.z.string(),
|
|
170
170
|
refresh_token: import_zod2.z.string(),
|
|
171
171
|
client_id: import_zod2.z.string(),
|
|
172
|
-
user_id: import_zod2.z.
|
|
172
|
+
user_id: import_zod2.z.string(),
|
|
173
173
|
expires_at: import_zod2.z.string(),
|
|
174
174
|
revoked: import_zod2.z.boolean(),
|
|
175
175
|
created_at: import_zod2.z.string()
|
package/dist/core.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { z } from 'zod';
|
|
2
|
+
import { LoginParams } from '@qlover/corekit-bridge/core';
|
|
2
3
|
import { ValueOf } from '@qlover/fe-corekit';
|
|
3
4
|
|
|
4
5
|
/**
|
|
@@ -6,7 +7,7 @@ import { ValueOf } from '@qlover/fe-corekit';
|
|
|
6
7
|
*/
|
|
7
8
|
declare function isOAuthRedirectUri(value: string): boolean;
|
|
8
9
|
declare const OAuthClientRowSchema: z.ZodObject<{
|
|
9
|
-
id: z.
|
|
10
|
+
id: z.ZodString;
|
|
10
11
|
client_id: z.ZodString;
|
|
11
12
|
client_secret_hash: z.ZodOptional<z.ZodNullable<z.ZodString>>;
|
|
12
13
|
client_name: z.ZodString;
|
|
@@ -16,7 +17,7 @@ declare const OAuthClientRowSchema: z.ZodObject<{
|
|
|
16
17
|
grant_types: z.ZodArray<z.ZodString>;
|
|
17
18
|
scopes: z.ZodArray<z.ZodString>;
|
|
18
19
|
confidential: z.ZodBoolean;
|
|
19
|
-
owner_user_id: z.
|
|
20
|
+
owner_user_id: z.ZodString;
|
|
20
21
|
created_at: z.ZodString;
|
|
21
22
|
updated_at: z.ZodString;
|
|
22
23
|
}, z.core.$strip>;
|
|
@@ -100,7 +101,7 @@ type OAuthConsentBody = z.infer<typeof OAuthConsentBodySchema>;
|
|
|
100
101
|
declare const OAuthAuthorizationCodeRowSchema: z.ZodObject<{
|
|
101
102
|
code: z.ZodString;
|
|
102
103
|
client_id: z.ZodString;
|
|
103
|
-
user_id: z.
|
|
104
|
+
user_id: z.ZodString;
|
|
104
105
|
redirect_uri: z.ZodString;
|
|
105
106
|
scope: z.ZodOptional<z.ZodNullable<z.ZodString>>;
|
|
106
107
|
code_challenge: z.ZodOptional<z.ZodNullable<z.ZodString>>;
|
|
@@ -112,12 +113,12 @@ declare const OAuthAuthorizationCodeRowSchema: z.ZodObject<{
|
|
|
112
113
|
type OAuthAuthorizationCodeRow = z.infer<typeof OAuthAuthorizationCodeRowSchema>;
|
|
113
114
|
|
|
114
115
|
interface OAuthClientsInterface {
|
|
115
|
-
listForOwner(ownerUserId:
|
|
116
|
-
getByClientId(ownerUserId:
|
|
117
|
-
create(ownerUserId:
|
|
118
|
-
update(ownerUserId:
|
|
119
|
-
rotateSecret(ownerUserId:
|
|
120
|
-
delete(ownerUserId:
|
|
116
|
+
listForOwner(ownerUserId: string): Promise<OAuthClientListItem[]>;
|
|
117
|
+
getByClientId(ownerUserId: string, clientId: string): Promise<OAuthClientDetail>;
|
|
118
|
+
create(ownerUserId: string, input: OAuthClientCreate): Promise<OAuthClientCreateResponse>;
|
|
119
|
+
update(ownerUserId: string, clientId: string, input: OAuthClientUpdate): Promise<OAuthClientDetail>;
|
|
120
|
+
rotateSecret(ownerUserId: string, clientId: string): Promise<OAuthClientSecretRotateResponse>;
|
|
121
|
+
delete(ownerUserId: string, clientId: string): Promise<void>;
|
|
121
122
|
}
|
|
122
123
|
|
|
123
124
|
/**
|
|
@@ -125,21 +126,21 @@ interface OAuthClientsInterface {
|
|
|
125
126
|
*/
|
|
126
127
|
interface OAuthClientsRepositoryInterface {
|
|
127
128
|
findClientById(clientId: string): Promise<OAuthClientRow | null>;
|
|
128
|
-
listClientByOwner(ownerUserId:
|
|
129
|
-
createClient(ownerUserId:
|
|
129
|
+
listClientByOwner(ownerUserId: string): Promise<OAuthClientListItem[]>;
|
|
130
|
+
createClient(ownerUserId: string, input: OAuthClientCreate): Promise<{
|
|
130
131
|
client: OAuthClientRow;
|
|
131
132
|
clientSecret?: string;
|
|
132
133
|
}>;
|
|
133
|
-
updateClient(ownerUserId:
|
|
134
|
-
rotateClientSecret(ownerUserId:
|
|
134
|
+
updateClient(ownerUserId: string, clientId: string, input: OAuthClientUpdate): Promise<OAuthClientDetail>;
|
|
135
|
+
rotateClientSecret(ownerUserId: string, clientId: string): Promise<{
|
|
135
136
|
clientSecret: string;
|
|
136
137
|
}>;
|
|
137
|
-
deleteClient(ownerUserId:
|
|
138
|
+
deleteClient(ownerUserId: string, clientId: string): Promise<void>;
|
|
138
139
|
verifyClientCredentials(clientId: string, clientSecret: string | undefined): Promise<OAuthClientRow>;
|
|
139
140
|
}
|
|
140
141
|
|
|
141
142
|
type OAuthSessionPayload = {
|
|
142
|
-
userId:
|
|
143
|
+
userId: string;
|
|
143
144
|
email: string;
|
|
144
145
|
name: string;
|
|
145
146
|
providerSessionToken: string;
|
|
@@ -270,7 +271,7 @@ interface OAuthUserAdapterInterface {
|
|
|
270
271
|
* @param password - Plain credential submitted by the login form.
|
|
271
272
|
* @returns Provider credentials containing a session token.
|
|
272
273
|
*/
|
|
273
|
-
login(
|
|
274
|
+
login(params: LoginParams): Promise<OAuthUserCredentials>;
|
|
274
275
|
/**
|
|
275
276
|
* Exchanges a provider session token for a provider access token.
|
|
276
277
|
*
|
|
@@ -298,17 +299,17 @@ interface OAuthUserAdapterInterface {
|
|
|
298
299
|
}
|
|
299
300
|
|
|
300
301
|
declare const OAuthUserCredentialsSchema: z.ZodObject<{
|
|
301
|
-
user_id: z.
|
|
302
|
+
user_id: z.ZodString;
|
|
302
303
|
provider_refresh_token: z.ZodOptional<z.ZodNullable<z.ZodString>>;
|
|
303
304
|
provider_session_token: z.ZodOptional<z.ZodNullable<z.ZodString>>;
|
|
304
305
|
updated_at: z.ZodString;
|
|
305
306
|
}, z.core.$strip>;
|
|
306
307
|
type OAuthUserCredentialsRow = z.infer<typeof OAuthUserCredentialsSchema>;
|
|
307
308
|
declare const OAuthRefreshTokenSchema: z.ZodObject<{
|
|
308
|
-
id: z.
|
|
309
|
+
id: z.ZodString;
|
|
309
310
|
refresh_token: z.ZodString;
|
|
310
311
|
client_id: z.ZodString;
|
|
311
|
-
user_id: z.
|
|
312
|
+
user_id: z.ZodString;
|
|
312
313
|
expires_at: z.ZodString;
|
|
313
314
|
revoked: z.ZodBoolean;
|
|
314
315
|
created_at: z.ZodString;
|
|
@@ -326,7 +327,7 @@ type OAuthTokenResponse = z.infer<typeof OAuthTokenResponseSchema>;
|
|
|
326
327
|
type CreateAuthorizationCodeInput = {
|
|
327
328
|
code: string;
|
|
328
329
|
client_id: string;
|
|
329
|
-
user_id:
|
|
330
|
+
user_id: string;
|
|
330
331
|
redirect_uri: string;
|
|
331
332
|
scope: string | null;
|
|
332
333
|
code_challenge: string | null;
|
|
@@ -336,14 +337,14 @@ type CreateAuthorizationCodeInput = {
|
|
|
336
337
|
type CreateOAuthRefreshTokenInput = {
|
|
337
338
|
refresh_token: string;
|
|
338
339
|
client_id: string;
|
|
339
|
-
user_id:
|
|
340
|
+
user_id: string;
|
|
340
341
|
expires_at: string;
|
|
341
342
|
};
|
|
342
343
|
interface OAuthWrapperRepositoryInterface extends OAuthClientsRepositoryInterface {
|
|
343
344
|
create(input: CreateAuthorizationCodeInput): Promise<void>;
|
|
344
345
|
consumeCode(code: string): Promise<OAuthAuthorizationCodeRow | null>;
|
|
345
|
-
getUserCredentials(userId:
|
|
346
|
-
upsertUserCredentials(userId:
|
|
346
|
+
getUserCredentials(userId: string): Promise<OAuthUserCredentialsRow | null>;
|
|
347
|
+
upsertUserCredentials(userId: string, fields: {
|
|
347
348
|
provider_refresh_token?: string | null;
|
|
348
349
|
provider_session_token?: string | null;
|
|
349
350
|
}): Promise<void>;
|
|
@@ -351,7 +352,7 @@ interface OAuthWrapperRepositoryInterface extends OAuthClientsRepositoryInterfac
|
|
|
351
352
|
upsertRefreshToken(input: {
|
|
352
353
|
refresh_token: string;
|
|
353
354
|
client_id: string;
|
|
354
|
-
user_id:
|
|
355
|
+
user_id: string;
|
|
355
356
|
expires_at: string;
|
|
356
357
|
}): Promise<void>;
|
|
357
358
|
revokeRefreshToken(tokenHash: string): Promise<void>;
|
|
@@ -359,7 +360,7 @@ interface OAuthWrapperRepositoryInterface extends OAuthClientsRepositoryInterfac
|
|
|
359
360
|
createRefreshToken(input: CreateOAuthRefreshTokenInput): Promise<void>;
|
|
360
361
|
revokeByTokenHash(tokenHash: string): Promise<void>;
|
|
361
362
|
/** Revoke all active refresh tokens issued for the given user. */
|
|
362
|
-
revokeRefreshTokensByUserId(userId:
|
|
363
|
+
revokeRefreshTokensByUserId(userId: string): Promise<void>;
|
|
363
364
|
}
|
|
364
365
|
|
|
365
366
|
declare const OAuthUserInfoResponseSchema: z.ZodObject<{
|
|
@@ -432,7 +433,7 @@ interface OAuthServiceInterface<SessionPayload extends OAuthSessionPayload> exte
|
|
|
432
433
|
* Application logout: revoke issued refresh tokens, clear stored provider
|
|
433
434
|
* credentials, and clear the authorization-server session cookie.
|
|
434
435
|
*/
|
|
435
|
-
logoutUser(userId:
|
|
436
|
+
logoutUser(userId: string): Promise<void>;
|
|
436
437
|
}
|
|
437
438
|
|
|
438
439
|
declare const OAuthRfcCodes: {
|
package/dist/core.js
CHANGED
|
@@ -14,7 +14,7 @@ function isOAuthRedirectUri(value) {
|
|
|
14
14
|
}
|
|
15
15
|
var oauthRedirectUriSchema = z.string().min(1).refine(isOAuthRedirectUri, { message: "Invalid redirect URI" });
|
|
16
16
|
var OAuthClientRowSchema = z.object({
|
|
17
|
-
id: z.
|
|
17
|
+
id: z.string(),
|
|
18
18
|
client_id: z.string(),
|
|
19
19
|
client_secret_hash: z.string().nullable().optional(),
|
|
20
20
|
client_name: z.string(),
|
|
@@ -24,7 +24,7 @@ var OAuthClientRowSchema = z.object({
|
|
|
24
24
|
grant_types: z.array(z.string()),
|
|
25
25
|
scopes: z.array(z.string()),
|
|
26
26
|
confidential: z.boolean(),
|
|
27
|
-
owner_user_id: z.
|
|
27
|
+
owner_user_id: z.string(),
|
|
28
28
|
created_at: z.string(),
|
|
29
29
|
updated_at: z.string()
|
|
30
30
|
});
|
|
@@ -97,7 +97,7 @@ var OAuthConsentBodySchema = z.object({
|
|
|
97
97
|
var OAuthAuthorizationCodeRowSchema = z.object({
|
|
98
98
|
code: z.string(),
|
|
99
99
|
client_id: z.string(),
|
|
100
|
-
user_id: z.
|
|
100
|
+
user_id: z.string(),
|
|
101
101
|
redirect_uri: z.string(),
|
|
102
102
|
scope: z.string().nullable().optional(),
|
|
103
103
|
code_challenge: z.string().nullable().optional(),
|
|
@@ -110,16 +110,16 @@ var OAuthAuthorizationCodeRowSchema = z.object({
|
|
|
110
110
|
// src/core/schema/OAuthClientSchema.ts
|
|
111
111
|
import { z as z2 } from "zod";
|
|
112
112
|
var OAuthUserCredentialsSchema = z2.object({
|
|
113
|
-
user_id: z2.
|
|
113
|
+
user_id: z2.string(),
|
|
114
114
|
provider_refresh_token: z2.string().nullable().optional(),
|
|
115
115
|
provider_session_token: z2.string().nullable().optional(),
|
|
116
116
|
updated_at: z2.string()
|
|
117
117
|
});
|
|
118
118
|
var OAuthRefreshTokenSchema = z2.object({
|
|
119
|
-
id: z2.
|
|
119
|
+
id: z2.string(),
|
|
120
120
|
refresh_token: z2.string(),
|
|
121
121
|
client_id: z2.string(),
|
|
122
|
-
user_id: z2.
|
|
122
|
+
user_id: z2.string(),
|
|
123
123
|
expires_at: z2.string(),
|
|
124
124
|
revoked: z2.boolean(),
|
|
125
125
|
created_at: z2.string()
|
package/dist/index.cjs
CHANGED
|
@@ -192,7 +192,7 @@ function isOAuthRedirectUri(value) {
|
|
|
192
192
|
}
|
|
193
193
|
var oauthRedirectUriSchema = import_zod.z.string().min(1).refine(isOAuthRedirectUri, { message: "Invalid redirect URI" });
|
|
194
194
|
var OAuthClientRowSchema = import_zod.z.object({
|
|
195
|
-
id: import_zod.z.
|
|
195
|
+
id: import_zod.z.string(),
|
|
196
196
|
client_id: import_zod.z.string(),
|
|
197
197
|
client_secret_hash: import_zod.z.string().nullable().optional(),
|
|
198
198
|
client_name: import_zod.z.string(),
|
|
@@ -202,7 +202,7 @@ var OAuthClientRowSchema = import_zod.z.object({
|
|
|
202
202
|
grant_types: import_zod.z.array(import_zod.z.string()),
|
|
203
203
|
scopes: import_zod.z.array(import_zod.z.string()),
|
|
204
204
|
confidential: import_zod.z.boolean(),
|
|
205
|
-
owner_user_id: import_zod.z.
|
|
205
|
+
owner_user_id: import_zod.z.string(),
|
|
206
206
|
created_at: import_zod.z.string(),
|
|
207
207
|
updated_at: import_zod.z.string()
|
|
208
208
|
});
|
|
@@ -275,7 +275,7 @@ var OAuthConsentBodySchema = import_zod.z.object({
|
|
|
275
275
|
var OAuthAuthorizationCodeRowSchema = import_zod.z.object({
|
|
276
276
|
code: import_zod.z.string(),
|
|
277
277
|
client_id: import_zod.z.string(),
|
|
278
|
-
user_id: import_zod.z.
|
|
278
|
+
user_id: import_zod.z.string(),
|
|
279
279
|
redirect_uri: import_zod.z.string(),
|
|
280
280
|
scope: import_zod.z.string().nullable().optional(),
|
|
281
281
|
code_challenge: import_zod.z.string().nullable().optional(),
|
|
@@ -288,16 +288,16 @@ var OAuthAuthorizationCodeRowSchema = import_zod.z.object({
|
|
|
288
288
|
// src/core/schema/OAuthClientSchema.ts
|
|
289
289
|
var import_zod2 = require("zod");
|
|
290
290
|
var OAuthUserCredentialsSchema = import_zod2.z.object({
|
|
291
|
-
user_id: import_zod2.z.
|
|
291
|
+
user_id: import_zod2.z.string(),
|
|
292
292
|
provider_refresh_token: import_zod2.z.string().nullable().optional(),
|
|
293
293
|
provider_session_token: import_zod2.z.string().nullable().optional(),
|
|
294
294
|
updated_at: import_zod2.z.string()
|
|
295
295
|
});
|
|
296
296
|
var OAuthRefreshTokenSchema = import_zod2.z.object({
|
|
297
|
-
id: import_zod2.z.
|
|
297
|
+
id: import_zod2.z.string(),
|
|
298
298
|
refresh_token: import_zod2.z.string(),
|
|
299
299
|
client_id: import_zod2.z.string(),
|
|
300
|
-
user_id: import_zod2.z.
|
|
300
|
+
user_id: import_zod2.z.string(),
|
|
301
301
|
expires_at: import_zod2.z.string(),
|
|
302
302
|
revoked: import_zod2.z.boolean(),
|
|
303
303
|
created_at: import_zod2.z.string()
|
package/dist/index.d.ts
CHANGED
|
@@ -2,6 +2,7 @@ import { OAuthClientsInterface, OAuthClientsRepositoryInterface, OAuthClientList
|
|
|
2
2
|
export { CreateAuthorizationCodeInput, CreateOAuthRefreshTokenInput, OAuthAuthorizationCodeRow, OAuthAuthorizationCodeRowSchema, OAuthAuthorizeQuerySchema, OAuthClientCreateResponseSchema, OAuthClientCreateSchema, OAuthClientDetailSchema, OAuthClientListItemSchema, OAuthClientRowSchema, OAuthClientSecretRotateResponseSchema, OAuthClientUpdateSchema, OAuthConsentBodySchema, OAuthRefreshTokenRow, OAuthRefreshTokenSchema, OAuthRfcCodes, OAuthRfcErrorCodesType, OAuthTokenAuthorizationCodeRequest, OAuthTokenAuthorizationCodeSchema, OAuthTokenErrorResponse, OAuthTokenErrorResponseSchema, OAuthTokenRefreshRequest, OAuthTokenRefreshSchema, OAuthTokenRequestSchema, OAuthTokenResponseSchema, OAuthTokenRevokeRequest, OAuthTokenRevokeSchema, OAuthUserAccessToken, OAuthUserCredentials, OAuthUserCredentialsRow, OAuthUserCredentialsSchema, OAuthUserInfoErrorResponse, OAuthUserInfoErrorResponseSchema, OAuthUserInfoResponseSchema, computePkceS256Challenge, generatePkceVerifier, isOAuthRedirectUri, randomOAuthState } from './core.js';
|
|
3
3
|
import { EncryptorInterface, ExecutorError } from '@qlover/fe-corekit';
|
|
4
4
|
import 'zod';
|
|
5
|
+
import '@qlover/corekit-bridge/core';
|
|
5
6
|
|
|
6
7
|
/**
|
|
7
8
|
* Business logic for OAuth client management in developer console.
|
|
@@ -13,32 +14,32 @@ declare class OAuthClientsService implements OAuthClientsInterface {
|
|
|
13
14
|
* List all OAuth clients owned by a user
|
|
14
15
|
* @override
|
|
15
16
|
*/
|
|
16
|
-
listForOwner(ownerUserId:
|
|
17
|
+
listForOwner(ownerUserId: string): Promise<OAuthClientListItem[]>;
|
|
17
18
|
/**
|
|
18
19
|
* Get detailed information about a specific OAuth client
|
|
19
20
|
* @override
|
|
20
21
|
*/
|
|
21
|
-
getByClientId(ownerUserId:
|
|
22
|
+
getByClientId(ownerUserId: string, clientId: string): Promise<OAuthClientDetail>;
|
|
22
23
|
/**
|
|
23
24
|
* Create a new OAuth client
|
|
24
25
|
* @override
|
|
25
26
|
*/
|
|
26
|
-
create(ownerUserId:
|
|
27
|
+
create(ownerUserId: string, input: OAuthClientCreate): Promise<OAuthClientCreateResponse>;
|
|
27
28
|
/**
|
|
28
29
|
* Update an existing OAuth client
|
|
29
30
|
* @override
|
|
30
31
|
*/
|
|
31
|
-
update(ownerUserId:
|
|
32
|
+
update(ownerUserId: string, clientId: string, input: OAuthClientUpdate): Promise<OAuthClientDetail>;
|
|
32
33
|
/**
|
|
33
34
|
* Rotate the client secret
|
|
34
35
|
* @override
|
|
35
36
|
*/
|
|
36
|
-
rotateSecret(ownerUserId:
|
|
37
|
+
rotateSecret(ownerUserId: string, clientId: string): Promise<OAuthClientSecretRotateResponse>;
|
|
37
38
|
/**
|
|
38
39
|
* Delete an OAuth client
|
|
39
40
|
* @override
|
|
40
41
|
*/
|
|
41
|
-
delete(ownerUserId:
|
|
42
|
+
delete(ownerUserId: string, clientId: string): Promise<void>;
|
|
42
43
|
private mapToDetail;
|
|
43
44
|
}
|
|
44
45
|
|
|
@@ -74,11 +75,11 @@ declare class OAuthTokenService implements OAuthTokenServiceInterface {
|
|
|
74
75
|
protected exchangeRefreshToken(request: Extract<OAuthTokenRequest, {
|
|
75
76
|
grant_type: 'refresh_token';
|
|
76
77
|
}>, verifiedClientId: string): Promise<OAuthTokenResponse>;
|
|
77
|
-
protected fetchProviderAccessToken(userId:
|
|
78
|
+
protected fetchProviderAccessToken(userId: string): Promise<{
|
|
78
79
|
access_token: string;
|
|
79
80
|
expires_in: number;
|
|
80
81
|
}>;
|
|
81
|
-
protected issueMiddlewareRefreshToken(clientId: string, userId:
|
|
82
|
+
protected issueMiddlewareRefreshToken(clientId: string, userId: string): Promise<string>;
|
|
82
83
|
/**
|
|
83
84
|
* @override
|
|
84
85
|
* RFC 7009 — revoke middleware refresh tokens. Idempotent: unknown tokens are ignored.
|
|
@@ -135,7 +136,7 @@ declare class OAuthWrapperService<SessionPayload extends OAuthSessionPayload = O
|
|
|
135
136
|
/**
|
|
136
137
|
* @override
|
|
137
138
|
*/
|
|
138
|
-
logoutUser(userId:
|
|
139
|
+
logoutUser(userId: string): Promise<void>;
|
|
139
140
|
/**
|
|
140
141
|
* @override
|
|
141
142
|
*/
|
package/dist/index.js
CHANGED
|
@@ -127,7 +127,7 @@ function isOAuthRedirectUri(value) {
|
|
|
127
127
|
}
|
|
128
128
|
var oauthRedirectUriSchema = z.string().min(1).refine(isOAuthRedirectUri, { message: "Invalid redirect URI" });
|
|
129
129
|
var OAuthClientRowSchema = z.object({
|
|
130
|
-
id: z.
|
|
130
|
+
id: z.string(),
|
|
131
131
|
client_id: z.string(),
|
|
132
132
|
client_secret_hash: z.string().nullable().optional(),
|
|
133
133
|
client_name: z.string(),
|
|
@@ -137,7 +137,7 @@ var OAuthClientRowSchema = z.object({
|
|
|
137
137
|
grant_types: z.array(z.string()),
|
|
138
138
|
scopes: z.array(z.string()),
|
|
139
139
|
confidential: z.boolean(),
|
|
140
|
-
owner_user_id: z.
|
|
140
|
+
owner_user_id: z.string(),
|
|
141
141
|
created_at: z.string(),
|
|
142
142
|
updated_at: z.string()
|
|
143
143
|
});
|
|
@@ -210,7 +210,7 @@ var OAuthConsentBodySchema = z.object({
|
|
|
210
210
|
var OAuthAuthorizationCodeRowSchema = z.object({
|
|
211
211
|
code: z.string(),
|
|
212
212
|
client_id: z.string(),
|
|
213
|
-
user_id: z.
|
|
213
|
+
user_id: z.string(),
|
|
214
214
|
redirect_uri: z.string(),
|
|
215
215
|
scope: z.string().nullable().optional(),
|
|
216
216
|
code_challenge: z.string().nullable().optional(),
|
|
@@ -223,16 +223,16 @@ var OAuthAuthorizationCodeRowSchema = z.object({
|
|
|
223
223
|
// src/core/schema/OAuthClientSchema.ts
|
|
224
224
|
import { z as z2 } from "zod";
|
|
225
225
|
var OAuthUserCredentialsSchema = z2.object({
|
|
226
|
-
user_id: z2.
|
|
226
|
+
user_id: z2.string(),
|
|
227
227
|
provider_refresh_token: z2.string().nullable().optional(),
|
|
228
228
|
provider_session_token: z2.string().nullable().optional(),
|
|
229
229
|
updated_at: z2.string()
|
|
230
230
|
});
|
|
231
231
|
var OAuthRefreshTokenSchema = z2.object({
|
|
232
|
-
id: z2.
|
|
232
|
+
id: z2.string(),
|
|
233
233
|
refresh_token: z2.string(),
|
|
234
234
|
client_id: z2.string(),
|
|
235
|
-
user_id: z2.
|
|
235
|
+
user_id: z2.string(),
|
|
236
236
|
expires_at: z2.string(),
|
|
237
237
|
revoked: z2.boolean(),
|
|
238
238
|
created_at: z2.string()
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@qlover/oauth-wrapper",
|
|
3
3
|
"description": "Provider-agnostic OAuth 2.0 authorization server core (authorization code, PKCE, token exchange, userinfo)",
|
|
4
|
-
"version": "0.2.
|
|
4
|
+
"version": "0.2.1",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"private": false,
|
|
7
7
|
"sideEffects": false,
|
|
@@ -53,8 +53,8 @@
|
|
|
53
53
|
},
|
|
54
54
|
"dependencies": {
|
|
55
55
|
"@qlover/fe-corekit": "3.3.0",
|
|
56
|
-
"@qlover/
|
|
57
|
-
"@qlover/
|
|
56
|
+
"@qlover/corekit-bridge": "3.2.1",
|
|
57
|
+
"@qlover/logger": "1.2.0"
|
|
58
58
|
},
|
|
59
59
|
"peerDependencies": {
|
|
60
60
|
"zod": "^3.0.0 || ^4.0.0"
|