@qlover/oauth-wrapper 0.2.0 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -1,5 +1,16 @@
1
1
  # Changelog
2
2
 
3
+ ## 0.2.1
4
+
5
+ ### Patch Changes
6
+
7
+ #### ♻️ Refactors
8
+
9
+ - **oauth-wrapper:** change userId type from number to string across interfaces and schemas ([bfe85fa](https://github.com/qlover/fe-base/commit/bfe85fa6e82561164a936dca7e8a9d8e1ca6b7e3)) ([#618](https://github.com/qlover/fe-base/pull/618))
10
+ - Updated the `ownerUserId` and `userId` parameters in various interfaces and schemas to use `string` instead of `number` for better compatibility with string-based identifiers.
11
+ - Adjusted related service methods to reflect the new type, ensuring consistency across the OAuth wrapper implementation.
12
+ - Enhanced the `OAuthClientRowSchema` and other schemas to align with the updated user ID type, improving data validation and integrity.
13
+
3
14
  ## 0.2.0
4
15
 
5
16
  ### Minor Changes
package/dist/client.cjs CHANGED
@@ -300,6 +300,7 @@ var OAuthGateway = class {
300
300
  constructor(options) {
301
301
  this.options = options;
302
302
  }
303
+ options;
303
304
  callbackInflight = /* @__PURE__ */ new Map();
304
305
  get localeOptions() {
305
306
  return {
@@ -742,7 +743,8 @@ var OAuthClient = class {
742
743
  locale: this.config.locale,
743
744
  redirectUri,
744
745
  statePreview: `${state.slice(0, 8)}\u2026`,
745
- pkceSaved: this.pkceStore.loadPkceSession() != null
746
+ pkceSaved: this.pkceStore.loadPkceSession() != null,
747
+ authorizeUrl: url
746
748
  });
747
749
  if (params?.target === "_blank") {
748
750
  window.open(url, "_blank", "noopener,noreferrer");
package/dist/client.d.ts CHANGED
@@ -296,7 +296,7 @@ declare class OAuthClient<T extends OAuthUserInfo = OAuthUserInfo> implements OA
296
296
  /**
297
297
  * @override
298
298
  */
299
- startOAuthLogin(params?: OAuthGatewayAuthorizeParams): Promise<void>;
299
+ startOAuthLogin(params?: Partial<OAuthGatewayAuthorizeParams>): Promise<void>;
300
300
  completeOAuthCallback(params?: Parameters<OAuthGateway<T>['oAuthWrapperCallback']>[0]): Promise<T>;
301
301
  parseOAuthCallbackSearchParams(searchParams: URLSearchParams): Parameters<OAuthGateway<T>['oAuthWrapperCallback']>[0];
302
302
  /**
package/dist/client.js CHANGED
@@ -257,6 +257,7 @@ var OAuthGateway = class {
257
257
  constructor(options) {
258
258
  this.options = options;
259
259
  }
260
+ options;
260
261
  callbackInflight = /* @__PURE__ */ new Map();
261
262
  get localeOptions() {
262
263
  return {
@@ -699,7 +700,8 @@ var OAuthClient = class {
699
700
  locale: this.config.locale,
700
701
  redirectUri,
701
702
  statePreview: `${state.slice(0, 8)}\u2026`,
702
- pkceSaved: this.pkceStore.loadPkceSession() != null
703
+ pkceSaved: this.pkceStore.loadPkceSession() != null,
704
+ authorizeUrl: url
703
705
  });
704
706
  if (params?.target === "_blank") {
705
707
  window.open(url, "_blank", "noopener,noreferrer");
package/dist/core.cjs CHANGED
@@ -64,7 +64,7 @@ function isOAuthRedirectUri(value) {
64
64
  }
65
65
  var oauthRedirectUriSchema = import_zod.z.string().min(1).refine(isOAuthRedirectUri, { message: "Invalid redirect URI" });
66
66
  var OAuthClientRowSchema = import_zod.z.object({
67
- id: import_zod.z.number(),
67
+ id: import_zod.z.string(),
68
68
  client_id: import_zod.z.string(),
69
69
  client_secret_hash: import_zod.z.string().nullable().optional(),
70
70
  client_name: import_zod.z.string(),
@@ -74,7 +74,7 @@ var OAuthClientRowSchema = import_zod.z.object({
74
74
  grant_types: import_zod.z.array(import_zod.z.string()),
75
75
  scopes: import_zod.z.array(import_zod.z.string()),
76
76
  confidential: import_zod.z.boolean(),
77
- owner_user_id: import_zod.z.number(),
77
+ owner_user_id: import_zod.z.string(),
78
78
  created_at: import_zod.z.string(),
79
79
  updated_at: import_zod.z.string()
80
80
  });
@@ -147,7 +147,7 @@ var OAuthConsentBodySchema = import_zod.z.object({
147
147
  var OAuthAuthorizationCodeRowSchema = import_zod.z.object({
148
148
  code: import_zod.z.string(),
149
149
  client_id: import_zod.z.string(),
150
- user_id: import_zod.z.number(),
150
+ user_id: import_zod.z.string(),
151
151
  redirect_uri: import_zod.z.string(),
152
152
  scope: import_zod.z.string().nullable().optional(),
153
153
  code_challenge: import_zod.z.string().nullable().optional(),
@@ -160,16 +160,16 @@ var OAuthAuthorizationCodeRowSchema = import_zod.z.object({
160
160
  // src/core/schema/OAuthClientSchema.ts
161
161
  var import_zod2 = require("zod");
162
162
  var OAuthUserCredentialsSchema = import_zod2.z.object({
163
- user_id: import_zod2.z.number(),
163
+ user_id: import_zod2.z.string(),
164
164
  provider_refresh_token: import_zod2.z.string().nullable().optional(),
165
165
  provider_session_token: import_zod2.z.string().nullable().optional(),
166
166
  updated_at: import_zod2.z.string()
167
167
  });
168
168
  var OAuthRefreshTokenSchema = import_zod2.z.object({
169
- id: import_zod2.z.number(),
169
+ id: import_zod2.z.string(),
170
170
  refresh_token: import_zod2.z.string(),
171
171
  client_id: import_zod2.z.string(),
172
- user_id: import_zod2.z.number(),
172
+ user_id: import_zod2.z.string(),
173
173
  expires_at: import_zod2.z.string(),
174
174
  revoked: import_zod2.z.boolean(),
175
175
  created_at: import_zod2.z.string()
@@ -186,12 +186,12 @@ var OAuthTokenResponseSchema = import_zod2.z.object({
186
186
  var import_zod3 = require("zod");
187
187
  var OAuthUserInfoResponseSchema = import_zod3.z.object({
188
188
  sub: import_zod3.z.string(),
189
- email: import_zod3.z.string().email(),
189
+ email: import_zod3.z.email(),
190
190
  name: import_zod3.z.string(),
191
191
  roles: import_zod3.z.array(import_zod3.z.string()).optional()
192
192
  });
193
193
  var OAuthUserInfoErrorResponseSchema = import_zod3.z.object({
194
- error: import_zod3.z.literal("invalid_token"),
194
+ error: import_zod3.z.string(),
195
195
  error_id: import_zod3.z.string().optional()
196
196
  });
197
197
 
package/dist/core.d.ts CHANGED
@@ -1,4 +1,5 @@
1
1
  import { z } from 'zod';
2
+ import { LoginParams } from '@qlover/corekit-bridge/core';
2
3
  import { ValueOf } from '@qlover/fe-corekit';
3
4
 
4
5
  /**
@@ -6,7 +7,7 @@ import { ValueOf } from '@qlover/fe-corekit';
6
7
  */
7
8
  declare function isOAuthRedirectUri(value: string): boolean;
8
9
  declare const OAuthClientRowSchema: z.ZodObject<{
9
- id: z.ZodNumber;
10
+ id: z.ZodString;
10
11
  client_id: z.ZodString;
11
12
  client_secret_hash: z.ZodOptional<z.ZodNullable<z.ZodString>>;
12
13
  client_name: z.ZodString;
@@ -16,7 +17,7 @@ declare const OAuthClientRowSchema: z.ZodObject<{
16
17
  grant_types: z.ZodArray<z.ZodString>;
17
18
  scopes: z.ZodArray<z.ZodString>;
18
19
  confidential: z.ZodBoolean;
19
- owner_user_id: z.ZodNumber;
20
+ owner_user_id: z.ZodString;
20
21
  created_at: z.ZodString;
21
22
  updated_at: z.ZodString;
22
23
  }, z.core.$strip>;
@@ -100,7 +101,7 @@ type OAuthConsentBody = z.infer<typeof OAuthConsentBodySchema>;
100
101
  declare const OAuthAuthorizationCodeRowSchema: z.ZodObject<{
101
102
  code: z.ZodString;
102
103
  client_id: z.ZodString;
103
- user_id: z.ZodNumber;
104
+ user_id: z.ZodString;
104
105
  redirect_uri: z.ZodString;
105
106
  scope: z.ZodOptional<z.ZodNullable<z.ZodString>>;
106
107
  code_challenge: z.ZodOptional<z.ZodNullable<z.ZodString>>;
@@ -112,12 +113,12 @@ declare const OAuthAuthorizationCodeRowSchema: z.ZodObject<{
112
113
  type OAuthAuthorizationCodeRow = z.infer<typeof OAuthAuthorizationCodeRowSchema>;
113
114
 
114
115
  interface OAuthClientsInterface {
115
- listForOwner(ownerUserId: number): Promise<OAuthClientListItem[]>;
116
- getByClientId(ownerUserId: number, clientId: string): Promise<OAuthClientDetail>;
117
- create(ownerUserId: number, input: OAuthClientCreate): Promise<OAuthClientCreateResponse>;
118
- update(ownerUserId: number, clientId: string, input: OAuthClientUpdate): Promise<OAuthClientDetail>;
119
- rotateSecret(ownerUserId: number, clientId: string): Promise<OAuthClientSecretRotateResponse>;
120
- delete(ownerUserId: number, clientId: string): Promise<void>;
116
+ listForOwner(ownerUserId: string): Promise<OAuthClientListItem[]>;
117
+ getByClientId(ownerUserId: string, clientId: string): Promise<OAuthClientDetail>;
118
+ create(ownerUserId: string, input: OAuthClientCreate): Promise<OAuthClientCreateResponse>;
119
+ update(ownerUserId: string, clientId: string, input: OAuthClientUpdate): Promise<OAuthClientDetail>;
120
+ rotateSecret(ownerUserId: string, clientId: string): Promise<OAuthClientSecretRotateResponse>;
121
+ delete(ownerUserId: string, clientId: string): Promise<void>;
121
122
  }
122
123
 
123
124
  /**
@@ -125,21 +126,21 @@ interface OAuthClientsInterface {
125
126
  */
126
127
  interface OAuthClientsRepositoryInterface {
127
128
  findClientById(clientId: string): Promise<OAuthClientRow | null>;
128
- listClientByOwner(ownerUserId: number): Promise<OAuthClientListItem[]>;
129
- createClient(ownerUserId: number, input: OAuthClientCreate): Promise<{
129
+ listClientByOwner(ownerUserId: string): Promise<OAuthClientListItem[]>;
130
+ createClient(ownerUserId: string, input: OAuthClientCreate): Promise<{
130
131
  client: OAuthClientRow;
131
132
  clientSecret?: string;
132
133
  }>;
133
- updateClient(ownerUserId: number, clientId: string, input: OAuthClientUpdate): Promise<OAuthClientDetail>;
134
- rotateClientSecret(ownerUserId: number, clientId: string): Promise<{
134
+ updateClient(ownerUserId: string, clientId: string, input: OAuthClientUpdate): Promise<OAuthClientDetail>;
135
+ rotateClientSecret(ownerUserId: string, clientId: string): Promise<{
135
136
  clientSecret: string;
136
137
  }>;
137
- deleteClient(ownerUserId: number, clientId: string): Promise<void>;
138
+ deleteClient(ownerUserId: string, clientId: string): Promise<void>;
138
139
  verifyClientCredentials(clientId: string, clientSecret: string | undefined): Promise<OAuthClientRow>;
139
140
  }
140
141
 
141
142
  type OAuthSessionPayload = {
142
- userId: number;
143
+ userId: string;
143
144
  email: string;
144
145
  name: string;
145
146
  providerSessionToken: string;
@@ -199,116 +200,18 @@ declare const OAuthTokenRevokeSchema: z.ZodObject<{
199
200
  }, z.core.$strip>;
200
201
  type OAuthTokenRevokeRequest = z.infer<typeof OAuthTokenRevokeSchema>;
201
202
 
202
- /**
203
- * OAuth user adapter profile shape.
204
- *
205
- * Significance: Keeps OAuth services independent from provider SDK user models.
206
- * Core idea: Represent only the profile fields required by OAuth login and userinfo.
207
- * Main function: Provide a canonical user profile contract for adapters.
208
- * Main purpose: Let the OAuth wrapper switch user providers without changing services.
209
- *
210
- * @example
211
- * const sub = String(profile.id);
212
- */
213
- type OAuthUserProfile = {
214
- id: string | number;
215
- email?: string | null;
216
- name?: string | null;
217
- first_name?: string | null;
218
- last_name?: string | null;
219
- roles?: string[];
220
- [key: string]: unknown;
221
- };
222
- /**
223
- * OAuth provider login credentials result.
224
- *
225
- * Significance: Normalizes provider login responses for middleware sessions.
226
- * Core idea: Require a session token while allowing provider-specific metadata.
227
- * Main function: Carry the provider session token after credential verification.
228
- * Main purpose: Persist the token needed to mint OAuth access tokens later.
229
- *
230
- * @example
231
- * const sessionToken = credentials.token;
232
- */
233
- type OAuthUserCredentials = {
234
- token: string;
235
- [key: string]: unknown;
236
- };
237
- /**
238
- * OAuth provider access token result.
239
- *
240
- * Significance: Normalizes provider token exchange responses.
241
- * Core idea: OAuth token services only need access, expiry, and optional refresh token.
242
- * Main function: Return a provider access token for third-party OAuth clients.
243
- * Main purpose: Hide provider SDK response details behind the adapter contract.
244
- *
245
- * @example
246
- * return { access_token: token.access_token, expires_in: token.expires_in };
247
- */
248
- type OAuthUserAccessToken = {
249
- access_token: string;
250
- expires_in: number;
251
- refresh_token?: string | null;
252
- [key: string]: unknown;
253
- };
254
- /**
255
- * User adapter contract for the OAuth wrapper.
256
- *
257
- * Significance: Defines the boundary between OAuth core services and user providers.
258
- * Core idea: Keep provider-specific login, token exchange, and profile lookup behind one port.
259
- * Main function: Verify credentials, exchange provider tokens, and load user profiles.
260
- * Main purpose: Allow any upstream user API to be swapped without changing OAuth services.
261
- *
262
- * @example
263
- * const access = await adapter.exchangeAccessToken({ token: sessionToken });
264
- */
265
- interface OAuthUserAdapterInterface {
266
- /**
267
- * Verifies user credentials with the backing user provider.
268
- *
269
- * @param email - User email or username accepted by the provider.
270
- * @param password - Plain credential submitted by the login form.
271
- * @returns Provider credentials containing a session token.
272
- */
273
- login(email: string, password: string): Promise<OAuthUserCredentials>;
274
- /**
275
- * Exchanges a provider session token for a provider access token.
276
- *
277
- * @param params - Session token and optional language preference.
278
- * @returns Provider access token payload used as the OAuth access token response.
279
- */
280
- exchangeAccessToken(params: {
281
- token: string;
282
- lang?: string;
283
- }): Promise<OAuthUserAccessToken>;
284
- /**
285
- * Loads profile information using a provider session token.
286
- *
287
- * @param sessionToken - Provider session token from a successful login.
288
- * @returns Canonical user profile for session creation.
289
- */
290
- getUserInfo(sessionToken: string): Promise<OAuthUserProfile>;
291
- /**
292
- * Loads profile information using a provider access token.
293
- *
294
- * @param accessToken - Bearer access token presented to the userinfo endpoint.
295
- * @returns Canonical user profile for OIDC userinfo claims.
296
- */
297
- getUserInfoByAccessToken(accessToken: string): Promise<OAuthUserProfile>;
298
- }
299
-
300
203
  declare const OAuthUserCredentialsSchema: z.ZodObject<{
301
- user_id: z.ZodNumber;
204
+ user_id: z.ZodString;
302
205
  provider_refresh_token: z.ZodOptional<z.ZodNullable<z.ZodString>>;
303
206
  provider_session_token: z.ZodOptional<z.ZodNullable<z.ZodString>>;
304
207
  updated_at: z.ZodString;
305
208
  }, z.core.$strip>;
306
209
  type OAuthUserCredentialsRow = z.infer<typeof OAuthUserCredentialsSchema>;
307
210
  declare const OAuthRefreshTokenSchema: z.ZodObject<{
308
- id: z.ZodNumber;
211
+ id: z.ZodString;
309
212
  refresh_token: z.ZodString;
310
213
  client_id: z.ZodString;
311
- user_id: z.ZodNumber;
214
+ user_id: z.ZodString;
312
215
  expires_at: z.ZodString;
313
216
  revoked: z.ZodBoolean;
314
217
  created_at: z.ZodString;
@@ -326,7 +229,7 @@ type OAuthTokenResponse = z.infer<typeof OAuthTokenResponseSchema>;
326
229
  type CreateAuthorizationCodeInput = {
327
230
  code: string;
328
231
  client_id: string;
329
- user_id: number;
232
+ user_id: string;
330
233
  redirect_uri: string;
331
234
  scope: string | null;
332
235
  code_challenge: string | null;
@@ -336,14 +239,14 @@ type CreateAuthorizationCodeInput = {
336
239
  type CreateOAuthRefreshTokenInput = {
337
240
  refresh_token: string;
338
241
  client_id: string;
339
- user_id: number;
242
+ user_id: string;
340
243
  expires_at: string;
341
244
  };
342
245
  interface OAuthWrapperRepositoryInterface extends OAuthClientsRepositoryInterface {
343
246
  create(input: CreateAuthorizationCodeInput): Promise<void>;
344
247
  consumeCode(code: string): Promise<OAuthAuthorizationCodeRow | null>;
345
- getUserCredentials(userId: number): Promise<OAuthUserCredentialsRow | null>;
346
- upsertUserCredentials(userId: number, fields: {
248
+ getUserCredentials(userId: string): Promise<OAuthUserCredentialsRow | null>;
249
+ upsertUserCredentials(userId: string, fields: {
347
250
  provider_refresh_token?: string | null;
348
251
  provider_session_token?: string | null;
349
252
  }): Promise<void>;
@@ -351,7 +254,7 @@ interface OAuthWrapperRepositoryInterface extends OAuthClientsRepositoryInterfac
351
254
  upsertRefreshToken(input: {
352
255
  refresh_token: string;
353
256
  client_id: string;
354
- user_id: number;
257
+ user_id: string;
355
258
  expires_at: string;
356
259
  }): Promise<void>;
357
260
  revokeRefreshToken(tokenHash: string): Promise<void>;
@@ -359,18 +262,18 @@ interface OAuthWrapperRepositoryInterface extends OAuthClientsRepositoryInterfac
359
262
  createRefreshToken(input: CreateOAuthRefreshTokenInput): Promise<void>;
360
263
  revokeByTokenHash(tokenHash: string): Promise<void>;
361
264
  /** Revoke all active refresh tokens issued for the given user. */
362
- revokeRefreshTokensByUserId(userId: number): Promise<void>;
265
+ revokeRefreshTokensByUserId(userId: string): Promise<void>;
363
266
  }
364
267
 
365
268
  declare const OAuthUserInfoResponseSchema: z.ZodObject<{
366
269
  sub: z.ZodString;
367
- email: z.ZodString;
270
+ email: z.ZodEmail;
368
271
  name: z.ZodString;
369
272
  roles: z.ZodOptional<z.ZodArray<z.ZodString>>;
370
273
  }, z.core.$strip>;
371
274
  type OAuthUserInfoResponse = z.infer<typeof OAuthUserInfoResponseSchema>;
372
275
  declare const OAuthUserInfoErrorResponseSchema: z.ZodObject<{
373
- error: z.ZodLiteral<"invalid_token">;
276
+ error: z.ZodString;
374
277
  error_id: z.ZodOptional<z.ZodString>;
375
278
  }, z.core.$strip>;
376
279
  type OAuthUserInfoErrorResponse = z.infer<typeof OAuthUserInfoErrorResponseSchema>;
@@ -414,25 +317,40 @@ interface OAuthTokenServiceInterface {
414
317
  */
415
318
  revokeToken(rawFields: Record<string, string>): Promise<void>;
416
319
  }
417
- interface OAuthServiceInterface<SessionPayload extends OAuthSessionPayload> extends OAuthTokenServiceInterface {
418
- resolveAuthorizePage(rawQuery: Record<string, string | string[] | undefined>): Promise<{
419
- ok: true;
420
- data: OAuthAuthorizePageData;
421
- } | {
422
- ok: false;
423
- error: OAuthAuthorizeValidationError;
424
- }>;
425
- processConsent(requestBody: unknown): Promise<OAuthConsentResult>;
426
- getUserInfo(accessToken: string): Promise<OAuthUserInfoResponse>;
427
- getOAuthSession(): OAuthSessionInterface<SessionPayload>;
428
- getOAuthAdapter(): OAuthUserAdapterInterface;
429
- getOAuthTokenService(): OAuthTokenServiceInterface;
320
+ type ResolveAuthorizePageResult = {
321
+ ok: true;
322
+ data: OAuthAuthorizePageData;
323
+ } | {
324
+ ok: false;
325
+ error: OAuthAuthorizeValidationError;
326
+ };
327
+ interface OAuthProviderInterface<SessionPayload extends OAuthSessionPayload> extends OAuthTokenServiceInterface {
328
+ login(params: LoginParams): Promise<SessionPayload>;
329
+ /**
330
+ * Get the OAuth repository
331
+ */
430
332
  getOAuthRepo(): OAuthWrapperRepositoryInterface;
431
333
  /**
432
- * Application logout: revoke issued refresh tokens, clear stored provider
433
- * credentials, and clear the authorization-server session cookie.
334
+ * Clear the session
335
+ */
336
+ clearSession(): Promise<void>;
337
+ /**
338
+ * Get the session
339
+ */
340
+ getSession(): Promise<SessionPayload | null>;
341
+ /**
342
+ * Logout the user
343
+ */
344
+ logout(userId: string): Promise<void>;
345
+ /**
346
+ * Resolve the authorize page
434
347
  */
435
- logoutUser(userId: number): Promise<void>;
348
+ resolveAuthorizePage(rawQuery: Record<string, string | string[] | undefined>): Promise<ResolveAuthorizePageResult>;
349
+ /**
350
+ * Process the consent
351
+ */
352
+ processConsent(requestBody: unknown): Promise<OAuthConsentResult>;
353
+ getUserInfoWithAccessToken(accessToken: string): Promise<OAuthUserInfoResponse>;
436
354
  }
437
355
 
438
356
  declare const OAuthRfcCodes: {
@@ -457,4 +375,4 @@ declare function generatePkceVerifier(length?: number): string;
457
375
  declare function computePkceS256Challenge(verifier: string): Promise<string>;
458
376
  declare function randomOAuthState(): string;
459
377
 
460
- export { type CreateAuthorizationCodeInput, type CreateOAuthRefreshTokenInput, type OAuthAuthorizationCodeRow, OAuthAuthorizationCodeRowSchema, type OAuthAuthorizePageData, type OAuthAuthorizeQuery, OAuthAuthorizeQuerySchema, type OAuthAuthorizeValidationError, type OAuthClientCreate, type OAuthClientCreateResponse, OAuthClientCreateResponseSchema, OAuthClientCreateSchema, type OAuthClientDetail, OAuthClientDetailSchema, type OAuthClientListItem, OAuthClientListItemSchema, type OAuthClientRow, OAuthClientRowSchema, type OAuthClientSecretRotateResponse, OAuthClientSecretRotateResponseSchema, type OAuthClientUpdate, OAuthClientUpdateSchema, type OAuthClientsInterface, type OAuthClientsRepositoryInterface, type OAuthConsentBody, OAuthConsentBodySchema, type OAuthConsentResult, type OAuthRefreshTokenRow, OAuthRefreshTokenSchema, type OAuthRfcCodeType, OAuthRfcCodes, type OAuthRfcErrorCodesType, type OAuthServiceInterface, type OAuthSessionInterface, type OAuthSessionPayload, type OAuthTokenAuthorizationCodeRequest, OAuthTokenAuthorizationCodeSchema, type OAuthTokenErrorResponse, OAuthTokenErrorResponseSchema, type OAuthTokenRefreshRequest, OAuthTokenRefreshSchema, type OAuthTokenRequest, OAuthTokenRequestSchema, type OAuthTokenResponse, OAuthTokenResponseSchema, type OAuthTokenRevokeRequest, OAuthTokenRevokeSchema, type OAuthTokenServiceInterface, type OAuthUserAccessToken, type OAuthUserAdapterInterface, type OAuthUserCredentials, type OAuthUserCredentialsRow, OAuthUserCredentialsSchema, type OAuthUserInfoErrorResponse, OAuthUserInfoErrorResponseSchema, type OAuthUserInfoResponse, OAuthUserInfoResponseSchema, type OAuthUserProfile, type OAuthWrapperRepositoryInterface, computePkceS256Challenge, generatePkceVerifier, isOAuthRedirectUri, randomOAuthState };
378
+ export { type CreateAuthorizationCodeInput, type CreateOAuthRefreshTokenInput, type OAuthAuthorizationCodeRow, OAuthAuthorizationCodeRowSchema, type OAuthAuthorizePageData, type OAuthAuthorizeQuery, OAuthAuthorizeQuerySchema, type OAuthAuthorizeValidationError, type OAuthClientCreate, type OAuthClientCreateResponse, OAuthClientCreateResponseSchema, OAuthClientCreateSchema, type OAuthClientDetail, OAuthClientDetailSchema, type OAuthClientListItem, OAuthClientListItemSchema, type OAuthClientRow, OAuthClientRowSchema, type OAuthClientSecretRotateResponse, OAuthClientSecretRotateResponseSchema, type OAuthClientUpdate, OAuthClientUpdateSchema, type OAuthClientsInterface, type OAuthClientsRepositoryInterface, type OAuthConsentBody, OAuthConsentBodySchema, type OAuthConsentResult, type OAuthProviderInterface, type OAuthRefreshTokenRow, OAuthRefreshTokenSchema, type OAuthRfcCodeType, OAuthRfcCodes, type OAuthRfcErrorCodesType, type OAuthSessionInterface, type OAuthSessionPayload, type OAuthTokenAuthorizationCodeRequest, OAuthTokenAuthorizationCodeSchema, type OAuthTokenErrorResponse, OAuthTokenErrorResponseSchema, type OAuthTokenRefreshRequest, OAuthTokenRefreshSchema, type OAuthTokenRequest, OAuthTokenRequestSchema, type OAuthTokenResponse, OAuthTokenResponseSchema, type OAuthTokenRevokeRequest, OAuthTokenRevokeSchema, type OAuthTokenServiceInterface, type OAuthUserCredentialsRow, OAuthUserCredentialsSchema, type OAuthUserInfoErrorResponse, OAuthUserInfoErrorResponseSchema, type OAuthUserInfoResponse, OAuthUserInfoResponseSchema, type OAuthWrapperRepositoryInterface, type ResolveAuthorizePageResult, computePkceS256Challenge, generatePkceVerifier, isOAuthRedirectUri, randomOAuthState };
package/dist/core.js CHANGED
@@ -14,7 +14,7 @@ function isOAuthRedirectUri(value) {
14
14
  }
15
15
  var oauthRedirectUriSchema = z.string().min(1).refine(isOAuthRedirectUri, { message: "Invalid redirect URI" });
16
16
  var OAuthClientRowSchema = z.object({
17
- id: z.number(),
17
+ id: z.string(),
18
18
  client_id: z.string(),
19
19
  client_secret_hash: z.string().nullable().optional(),
20
20
  client_name: z.string(),
@@ -24,7 +24,7 @@ var OAuthClientRowSchema = z.object({
24
24
  grant_types: z.array(z.string()),
25
25
  scopes: z.array(z.string()),
26
26
  confidential: z.boolean(),
27
- owner_user_id: z.number(),
27
+ owner_user_id: z.string(),
28
28
  created_at: z.string(),
29
29
  updated_at: z.string()
30
30
  });
@@ -97,7 +97,7 @@ var OAuthConsentBodySchema = z.object({
97
97
  var OAuthAuthorizationCodeRowSchema = z.object({
98
98
  code: z.string(),
99
99
  client_id: z.string(),
100
- user_id: z.number(),
100
+ user_id: z.string(),
101
101
  redirect_uri: z.string(),
102
102
  scope: z.string().nullable().optional(),
103
103
  code_challenge: z.string().nullable().optional(),
@@ -110,16 +110,16 @@ var OAuthAuthorizationCodeRowSchema = z.object({
110
110
  // src/core/schema/OAuthClientSchema.ts
111
111
  import { z as z2 } from "zod";
112
112
  var OAuthUserCredentialsSchema = z2.object({
113
- user_id: z2.number(),
113
+ user_id: z2.string(),
114
114
  provider_refresh_token: z2.string().nullable().optional(),
115
115
  provider_session_token: z2.string().nullable().optional(),
116
116
  updated_at: z2.string()
117
117
  });
118
118
  var OAuthRefreshTokenSchema = z2.object({
119
- id: z2.number(),
119
+ id: z2.string(),
120
120
  refresh_token: z2.string(),
121
121
  client_id: z2.string(),
122
- user_id: z2.number(),
122
+ user_id: z2.string(),
123
123
  expires_at: z2.string(),
124
124
  revoked: z2.boolean(),
125
125
  created_at: z2.string()
@@ -136,12 +136,12 @@ var OAuthTokenResponseSchema = z2.object({
136
136
  import { z as z3 } from "zod";
137
137
  var OAuthUserInfoResponseSchema = z3.object({
138
138
  sub: z3.string(),
139
- email: z3.string().email(),
139
+ email: z3.email(),
140
140
  name: z3.string(),
141
141
  roles: z3.array(z3.string()).optional()
142
142
  });
143
143
  var OAuthUserInfoErrorResponseSchema = z3.object({
144
- error: z3.literal("invalid_token"),
144
+ error: z3.string(),
145
145
  error_id: z3.string().optional()
146
146
  });
147
147