@qlover/oauth-wrapper 0.2.1 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.d.ts CHANGED
@@ -1,8 +1,80 @@
1
- import { OAuthClientsInterface, OAuthClientsRepositoryInterface, OAuthClientListItem, OAuthClientDetail, OAuthClientCreate, OAuthClientCreateResponse, OAuthClientUpdate, OAuthClientSecretRotateResponse, OAuthTokenServiceInterface, OAuthUserAdapterInterface, OAuthWrapperRepositoryInterface, OAuthTokenResponse, OAuthTokenRequest, OAuthSessionPayload, OAuthServiceInterface, OAuthSessionInterface, OAuthAuthorizeQuery, OAuthConsentBody, OAuthAuthorizePageData, OAuthAuthorizeValidationError, OAuthConsentResult, OAuthUserInfoResponse, OAuthUserProfile, OAuthRfcCodeType, OAuthClientRow } from './core.js';
2
- export { CreateAuthorizationCodeInput, CreateOAuthRefreshTokenInput, OAuthAuthorizationCodeRow, OAuthAuthorizationCodeRowSchema, OAuthAuthorizeQuerySchema, OAuthClientCreateResponseSchema, OAuthClientCreateSchema, OAuthClientDetailSchema, OAuthClientListItemSchema, OAuthClientRowSchema, OAuthClientSecretRotateResponseSchema, OAuthClientUpdateSchema, OAuthConsentBodySchema, OAuthRefreshTokenRow, OAuthRefreshTokenSchema, OAuthRfcCodes, OAuthRfcErrorCodesType, OAuthTokenAuthorizationCodeRequest, OAuthTokenAuthorizationCodeSchema, OAuthTokenErrorResponse, OAuthTokenErrorResponseSchema, OAuthTokenRefreshRequest, OAuthTokenRefreshSchema, OAuthTokenRequestSchema, OAuthTokenResponseSchema, OAuthTokenRevokeRequest, OAuthTokenRevokeSchema, OAuthUserAccessToken, OAuthUserCredentials, OAuthUserCredentialsRow, OAuthUserCredentialsSchema, OAuthUserInfoErrorResponse, OAuthUserInfoErrorResponseSchema, OAuthUserInfoResponseSchema, computePkceS256Challenge, generatePkceVerifier, isOAuthRedirectUri, randomOAuthState } from './core.js';
1
+ import { LoginParams } from '@qlover/corekit-bridge/core';
2
+ import { OAuthSessionPayload, OAuthProviderInterface, OAuthTokenRequest, OAuthTokenResponse, OAuthWrapperRepositoryInterface, OAuthUserInfoResponse, OAuthAuthorizeQuery, OAuthConsentBody, OAuthAuthorizePageData, OAuthAuthorizeValidationError, OAuthConsentResult, OAuthClientsInterface, OAuthClientsRepositoryInterface, OAuthClientListItem, OAuthClientDetail, OAuthClientCreate, OAuthClientCreateResponse, OAuthClientUpdate, OAuthClientSecretRotateResponse, OAuthTokenServiceInterface, OAuthSessionInterface, OAuthRfcCodeType, OAuthClientRow } from './core.js';
3
+ export { CreateAuthorizationCodeInput, CreateOAuthRefreshTokenInput, OAuthAuthorizationCodeRow, OAuthAuthorizationCodeRowSchema, OAuthAuthorizeQuerySchema, OAuthClientCreateResponseSchema, OAuthClientCreateSchema, OAuthClientDetailSchema, OAuthClientListItemSchema, OAuthClientRowSchema, OAuthClientSecretRotateResponseSchema, OAuthClientUpdateSchema, OAuthConsentBodySchema, OAuthOTPProviderInterface, OAuthRefreshTokenRow, OAuthRefreshTokenSchema, OAuthRfcCodes, OAuthRfcErrorCodesType, OAuthTokenAuthorizationCodeRequest, OAuthTokenAuthorizationCodeSchema, OAuthTokenErrorResponse, OAuthTokenErrorResponseSchema, OAuthTokenRefreshRequest, OAuthTokenRefreshSchema, OAuthTokenRequestSchema, OAuthTokenResponseSchema, OAuthTokenRevokeRequest, OAuthTokenRevokeSchema, OAuthUserCredentialsRow, OAuthUserCredentialsSchema, OAuthUserInfoErrorResponse, OAuthUserInfoErrorResponseSchema, OAuthUserInfoResponseSchema, ResolveAuthorizePageResult, SignOtpResult, SignWithEmailOtpSchema, SignWithOtpParams, SignWithOtpSchema, SignWithPhoneOtpSchema, VerifyEmailOtpParams, VerifyMobileOtpParams, VerifyOtpParams, computePkceS256Challenge, generatePkceVerifier, isOAuthRedirectUri, randomOAuthState, signWithEmailOtpSchema, signWithPhoneOtpSchema } from './core.js';
3
4
  import { EncryptorInterface, ExecutorError } from '@qlover/fe-corekit';
4
5
  import 'zod';
5
- import '@qlover/corekit-bridge/core';
6
+
7
+ type OAuthUserProfile = {
8
+ id: string | number;
9
+ email?: string | null;
10
+ name?: string | null;
11
+ roles?: string[];
12
+ [key: string]: unknown;
13
+ };
14
+ type OAuthUserCredentials = {
15
+ token: string;
16
+ [key: string]: unknown;
17
+ };
18
+ type OAuthUserAccessToken = {
19
+ access_token: string;
20
+ expires_in: number;
21
+ refresh_token?: string | null;
22
+ [key: string]: unknown;
23
+ };
24
+ declare abstract class OAuthAbstractProvider<SessionPayload extends OAuthSessionPayload> implements OAuthProviderInterface<SessionPayload> {
25
+ protected authCodeTTLMs: number;
26
+ /**
27
+ * @override
28
+ */
29
+ abstract exchangeToken(_rawFields: Record<string, string> | OAuthTokenRequest): Promise<OAuthTokenResponse>;
30
+ /**
31
+ * @override
32
+ */
33
+ abstract revokeToken(_rawFields: Record<string, string>): Promise<void>;
34
+ /**
35
+ * @override
36
+ */
37
+ abstract getOAuthRepo(): OAuthWrapperRepositoryInterface;
38
+ /**
39
+ * @override
40
+ */
41
+ abstract clearSession(): Promise<void>;
42
+ /**
43
+ * @override
44
+ */
45
+ abstract getSession(): Promise<SessionPayload | null>;
46
+ /**
47
+ * @override
48
+ */
49
+ abstract login(params: LoginParams): Promise<SessionPayload>;
50
+ /**
51
+ * @override
52
+ */
53
+ abstract getUserInfoWithAccessToken(accessToken: string): Promise<OAuthUserInfoResponse>;
54
+ protected isQuery(query: unknown): query is OAuthAuthorizeQuery;
55
+ protected isValidateConsent(value: unknown): value is OAuthConsentBody;
56
+ protected generageSessionPayload(userInfo: OAuthUserProfile & {
57
+ sessionToken: string;
58
+ }): SessionPayload;
59
+ /**
60
+ * @override
61
+ */
62
+ logout(userId: string): Promise<void>;
63
+ /**
64
+ * @override
65
+ */
66
+ resolveAuthorizePage(rawQuery: Record<string, string | string[] | undefined>): Promise<{
67
+ ok: true;
68
+ data: OAuthAuthorizePageData;
69
+ } | {
70
+ ok: false;
71
+ error: OAuthAuthorizeValidationError;
72
+ }>;
73
+ /**
74
+ * @override
75
+ */
76
+ processConsent(requestBody: unknown): Promise<OAuthConsentResult>;
77
+ }
6
78
 
7
79
  /**
8
80
  * Business logic for OAuth client management in developer console.
@@ -43,6 +115,10 @@ declare class OAuthClientsService implements OAuthClientsInterface {
43
115
  private mapToDetail;
44
116
  }
45
117
 
118
+ type ExchangeProviderAccessToken = (params: {
119
+ token: string;
120
+ lang?: string;
121
+ }) => Promise<OAuthUserAccessToken>;
46
122
  /**
47
123
  * OAuth 2.0 token endpoint (`POST /oauth/token`).
48
124
  *
@@ -55,10 +131,10 @@ declare class OAuthClientsService implements OAuthClientsInterface {
55
131
  */
56
132
  declare class OAuthTokenService implements OAuthTokenServiceInterface {
57
133
  protected tokenEncryption: EncryptorInterface<string, string>;
58
- protected userAdapter: OAuthUserAdapterInterface;
134
+ protected exchangeProviderAccessToken: ExchangeProviderAccessToken;
59
135
  protected oauthRepo: OAuthWrapperRepositoryInterface;
60
136
  protected static REFRESH_TOKEN_TTL_MS: number;
61
- constructor(tokenEncryption: EncryptorInterface<string, string>, userAdapter: OAuthUserAdapterInterface, oauthRepo: OAuthWrapperRepositoryInterface);
137
+ constructor(tokenEncryption: EncryptorInterface<string, string>, exchangeProviderAccessToken: ExchangeProviderAccessToken, oauthRepo: OAuthWrapperRepositoryInterface);
62
138
  /**
63
139
  * @override
64
140
  */
@@ -87,60 +163,47 @@ declare class OAuthTokenService implements OAuthTokenServiceInterface {
87
163
  revokeToken(rawFields: Record<string, string>): Promise<void>;
88
164
  }
89
165
 
90
- declare class OAuthWrapperService<SessionPayload extends OAuthSessionPayload = OAuthSessionPayload> implements OAuthServiceInterface<SessionPayload> {
166
+ declare abstract class OAuthWrapperService<SessionPayload extends OAuthSessionPayload = OAuthSessionPayload> extends OAuthAbstractProvider<SessionPayload> {
91
167
  protected oauthSession: OAuthSessionInterface<SessionPayload>;
92
- protected userAdapter: OAuthUserAdapterInterface;
93
- protected tokenService: OAuthTokenServiceInterface;
94
168
  protected oauthRepo: OAuthWrapperRepositoryInterface;
95
- constructor(oauthSession: OAuthSessionInterface<SessionPayload>, userAdapter: OAuthUserAdapterInterface, tokenService: OAuthTokenServiceInterface, oauthRepo: OAuthWrapperRepositoryInterface);
96
- /**
97
- * @override
98
- */
99
- getOAuthSession(): OAuthSessionInterface<SessionPayload>;
100
- /**
101
- * @override
102
- */
103
- getOAuthAdapter(): OAuthUserAdapterInterface;
169
+ protected tokenService: OAuthTokenServiceInterface;
170
+ constructor(oauthSession: OAuthSessionInterface<SessionPayload>, tokenEncryption: EncryptorInterface<string, string>, oauthRepo: OAuthWrapperRepositoryInterface);
171
+ protected abstract providerLogin(params: LoginParams): Promise<OAuthUserCredentials>;
172
+ protected abstract providerExchangeAccessToken(params: {
173
+ token: string;
174
+ lang?: string;
175
+ }): Promise<OAuthUserAccessToken>;
176
+ protected abstract providerGetUserInfo(sessionToken: string): Promise<OAuthUserProfile>;
177
+ protected abstract providerGetUserInfoByAccessToken(accessToken: string): Promise<OAuthUserProfile>;
104
178
  /**
105
179
  * @override
106
180
  */
107
- getOAuthTokenService(): OAuthTokenServiceInterface;
181
+ login(params: LoginParams): Promise<SessionPayload>;
108
182
  /**
109
183
  * @override
110
184
  */
111
185
  getOAuthRepo(): OAuthWrapperRepositoryInterface;
112
- protected isQuery(query: unknown): query is OAuthAuthorizeQuery;
113
- protected isValidateConsent(value: unknown): value is OAuthConsentBody;
114
186
  /**
115
187
  * @override
116
188
  */
117
- resolveAuthorizePage(rawQuery: Record<string, string | string[] | undefined>): Promise<{
118
- ok: true;
119
- data: OAuthAuthorizePageData;
120
- } | {
121
- ok: false;
122
- error: OAuthAuthorizeValidationError;
123
- }>;
189
+ exchangeToken(rawFields: Record<string, string>): Promise<OAuthTokenResponse>;
124
190
  /**
125
191
  * @override
126
192
  */
127
- processConsent(requestBody: unknown): Promise<OAuthConsentResult>;
193
+ getSession(): Promise<SessionPayload | null>;
128
194
  /**
129
195
  * @override
130
196
  */
131
- exchangeToken(rawFields: Record<string, string>): Promise<OAuthTokenResponse>;
197
+ clearSession(): Promise<void>;
132
198
  /**
133
199
  * @override
134
200
  */
135
201
  revokeToken(rawFields: Record<string, string>): Promise<void>;
136
- /**
137
- * @override
138
- */
139
202
  logoutUser(userId: string): Promise<void>;
140
203
  /**
141
204
  * @override
142
205
  */
143
- getUserInfo(accessToken: string): Promise<OAuthUserInfoResponse>;
206
+ getUserInfoWithAccessToken(accessToken: string): Promise<OAuthUserInfoResponse>;
144
207
  protected toUserInfoResponse(profile: OAuthUserProfile): OAuthUserInfoResponse;
145
208
  }
146
209
 
@@ -192,4 +255,4 @@ declare function computeS256CodeChallenge(verifier: string): string;
192
255
  */
193
256
  declare function verifyPkceS256(verifier: string, challenge: string): boolean;
194
257
 
195
- export { OAuthAuthorizePageData, OAuthAuthorizeQuery, OAuthAuthorizeValidationError, OAuthClientCreate, OAuthClientCreateResponse, OAuthClientDetail, OAuthClientListItem, OAuthClientRow, OAuthClientSecretRotateResponse, OAuthClientUpdate, OAuthClientsInterface, OAuthClientsRepositoryInterface, OAuthClientsService, OAuthConsentBody, OAuthConsentResult, OAuthRfcCodeType, OAuthServiceInterface, OAuthSessionInterface, OAuthSessionPayload, OAuthTokenRequest, OAuthTokenResponse, OAuthTokenService, OAuthTokenServiceInterface, OAuthUserAdapterInterface, OAuthUserInfoResponse, OAuthUserProfile, OAuthWrapperError, OAuthWrapperRepositoryInterface, OAuthWrapperService, buildOAuthRedirectUrl, computeS256CodeChallenge, hashClientSecret, isRedirectUriAllowed, isValidCodeChallenge, isValidCodeVerifier, normalizeQuery, parseScopeList, validatePkceParams, verifyClientSecret, verifyPkceS256 };
258
+ export { type ExchangeProviderAccessToken, OAuthAbstractProvider, OAuthAuthorizePageData, OAuthAuthorizeQuery, OAuthAuthorizeValidationError, OAuthClientCreate, OAuthClientCreateResponse, OAuthClientDetail, OAuthClientListItem, OAuthClientRow, OAuthClientSecretRotateResponse, OAuthClientUpdate, OAuthClientsInterface, OAuthClientsRepositoryInterface, OAuthClientsService, OAuthConsentBody, OAuthConsentResult, OAuthProviderInterface, OAuthRfcCodeType, OAuthSessionInterface, OAuthSessionPayload, OAuthTokenRequest, OAuthTokenResponse, OAuthTokenService, OAuthTokenServiceInterface, type OAuthUserAccessToken, type OAuthUserCredentials, OAuthUserInfoResponse, type OAuthUserProfile, OAuthWrapperError, OAuthWrapperRepositoryInterface, OAuthWrapperService, buildOAuthRedirectUrl, computeS256CodeChallenge, hashClientSecret, isRedirectUriAllowed, isValidCodeChallenge, isValidCodeVerifier, normalizeQuery, parseScopeList, validatePkceParams, verifyClientSecret, verifyPkceS256 };