@qlover/oauth-wrapper 0.2.3 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core.cjs +18 -2
- package/dist/core.d.ts +59 -1
- package/dist/core.js +15 -1
- package/dist/index.cjs +16 -0
- package/dist/index.d.ts +1 -1
- package/dist/index.js +14 -0
- package/package.json +3 -3
package/dist/core.cjs
CHANGED
|
@@ -44,7 +44,9 @@ __export(core_exports, {
|
|
|
44
44
|
computePkceS256Challenge: () => computePkceS256Challenge,
|
|
45
45
|
generatePkceVerifier: () => generatePkceVerifier,
|
|
46
46
|
isOAuthRedirectUri: () => isOAuthRedirectUri,
|
|
47
|
-
randomOAuthState: () => randomOAuthState
|
|
47
|
+
randomOAuthState: () => randomOAuthState,
|
|
48
|
+
signWithEmailOtpSchema: () => signWithEmailOtpSchema,
|
|
49
|
+
signWithPhoneOtpSchema: () => signWithPhoneOtpSchema
|
|
48
50
|
});
|
|
49
51
|
module.exports = __toCommonJS(core_exports);
|
|
50
52
|
|
|
@@ -156,6 +158,18 @@ var OAuthAuthorizationCodeRowSchema = import_zod.z.object({
|
|
|
156
158
|
used: import_zod.z.boolean(),
|
|
157
159
|
created_at: import_zod.z.string()
|
|
158
160
|
});
|
|
161
|
+
var signWithPhoneOtpSchema = import_zod.z.object({
|
|
162
|
+
/** The user's phone number. */
|
|
163
|
+
phone: import_zod.z.string(),
|
|
164
|
+
/** The otp sent to the user's phone number. */
|
|
165
|
+
token: import_zod.z.string().optional()
|
|
166
|
+
});
|
|
167
|
+
var signWithEmailOtpSchema = import_zod.z.object({
|
|
168
|
+
/** The user's email address. */
|
|
169
|
+
email: import_zod.z.email(),
|
|
170
|
+
/** The otp sent to the user's email address. */
|
|
171
|
+
token: import_zod.z.string().optional()
|
|
172
|
+
});
|
|
159
173
|
|
|
160
174
|
// src/core/schema/OAuthClientSchema.ts
|
|
161
175
|
var import_zod2 = require("zod");
|
|
@@ -297,5 +311,7 @@ function randomOAuthState() {
|
|
|
297
311
|
computePkceS256Challenge,
|
|
298
312
|
generatePkceVerifier,
|
|
299
313
|
isOAuthRedirectUri,
|
|
300
|
-
randomOAuthState
|
|
314
|
+
randomOAuthState,
|
|
315
|
+
signWithEmailOtpSchema,
|
|
316
|
+
signWithPhoneOtpSchema
|
|
301
317
|
});
|
package/dist/core.d.ts
CHANGED
|
@@ -111,6 +111,17 @@ declare const OAuthAuthorizationCodeRowSchema: z.ZodObject<{
|
|
|
111
111
|
created_at: z.ZodString;
|
|
112
112
|
}, z.core.$strip>;
|
|
113
113
|
type OAuthAuthorizationCodeRow = z.infer<typeof OAuthAuthorizationCodeRowSchema>;
|
|
114
|
+
declare const signWithPhoneOtpSchema: z.ZodObject<{
|
|
115
|
+
phone: z.ZodString;
|
|
116
|
+
token: z.ZodOptional<z.ZodString>;
|
|
117
|
+
}, z.core.$strip>;
|
|
118
|
+
declare const signWithEmailOtpSchema: z.ZodObject<{
|
|
119
|
+
email: z.ZodEmail;
|
|
120
|
+
token: z.ZodOptional<z.ZodString>;
|
|
121
|
+
}, z.core.$strip>;
|
|
122
|
+
type SignWithPhoneOtpSchema = z.infer<typeof signWithPhoneOtpSchema>;
|
|
123
|
+
type SignWithEmailOtpSchema = z.infer<typeof signWithEmailOtpSchema>;
|
|
124
|
+
type SignWithOtpSchema = SignWithPhoneOtpSchema | SignWithEmailOtpSchema;
|
|
114
125
|
|
|
115
126
|
interface OAuthClientsInterface {
|
|
116
127
|
listForOwner(ownerUserId: string): Promise<OAuthClientListItem[]>;
|
|
@@ -352,6 +363,53 @@ interface OAuthProviderInterface<SessionPayload extends OAuthSessionPayload> ext
|
|
|
352
363
|
processConsent(requestBody: unknown): Promise<OAuthConsentResult>;
|
|
353
364
|
getUserInfoWithAccessToken(accessToken: string): Promise<OAuthUserInfoResponse>;
|
|
354
365
|
}
|
|
366
|
+
type SignWithOtpParams = {
|
|
367
|
+
email: string;
|
|
368
|
+
} | {
|
|
369
|
+
phone: string;
|
|
370
|
+
};
|
|
371
|
+
interface VerifyMobileOtpParams {
|
|
372
|
+
/** The user's phone number. */
|
|
373
|
+
phone: string;
|
|
374
|
+
/** The otp sent to the user's phone number. */
|
|
375
|
+
token: string;
|
|
376
|
+
}
|
|
377
|
+
interface VerifyEmailOtpParams {
|
|
378
|
+
/** The user's email address. */
|
|
379
|
+
email: string;
|
|
380
|
+
/** The otp sent to the user's email address. */
|
|
381
|
+
token: string;
|
|
382
|
+
}
|
|
383
|
+
type VerifyOtpParams = SignWithOtpSchema;
|
|
384
|
+
type SignOtpResult = {
|
|
385
|
+
expired: number;
|
|
386
|
+
messageId?: string;
|
|
387
|
+
};
|
|
388
|
+
/**
|
|
389
|
+
* Interface for OAuth providers that support OTP-based authentication.
|
|
390
|
+
*
|
|
391
|
+
* This interface extends the base OAuthProviderInterface with methods specific to OTP flows.
|
|
392
|
+
* It allows for signing in with OTP and verifying OTP tokens to establish sessions.
|
|
393
|
+
*
|
|
394
|
+
* The generic SessionPayload type parameter allows implementations to define their own session data structure.
|
|
395
|
+
*/
|
|
396
|
+
interface OAuthOTPProviderInterface {
|
|
397
|
+
/**
|
|
398
|
+
* Sign in using OTP. The params can be either email-based or phone-based.
|
|
399
|
+
* The implementation should handle sending the OTP to the user.
|
|
400
|
+
*
|
|
401
|
+
* @param params - Parameters for signing in with OTP, either email or phone.
|
|
402
|
+
* @returns A promise that resolves to the session payload after successful OTP initiation.
|
|
403
|
+
*/
|
|
404
|
+
signWithOtp(params: SignWithOtpParams): Promise<SignOtpResult>;
|
|
405
|
+
/**
|
|
406
|
+
* Verify the OTP token provided by the user. This method should validate the OTP and establish a session if valid.
|
|
407
|
+
*
|
|
408
|
+
* @param params - Parameters for verifying the OTP, including the identifier (email or phone) and the OTP token.
|
|
409
|
+
* @returns A promise that resolves to the session payload after successful OTP verification.
|
|
410
|
+
*/
|
|
411
|
+
verifyOtp(params: VerifyOtpParams): Promise<SignOtpResult>;
|
|
412
|
+
}
|
|
355
413
|
|
|
356
414
|
declare const OAuthRfcCodes: {
|
|
357
415
|
readonly INVALID_REQUEST: "invalid_request";
|
|
@@ -375,4 +433,4 @@ declare function generatePkceVerifier(length?: number): string;
|
|
|
375
433
|
declare function computePkceS256Challenge(verifier: string): Promise<string>;
|
|
376
434
|
declare function randomOAuthState(): string;
|
|
377
435
|
|
|
378
|
-
export { type CreateAuthorizationCodeInput, type CreateOAuthRefreshTokenInput, type OAuthAuthorizationCodeRow, OAuthAuthorizationCodeRowSchema, type OAuthAuthorizePageData, type OAuthAuthorizeQuery, OAuthAuthorizeQuerySchema, type OAuthAuthorizeValidationError, type OAuthClientCreate, type OAuthClientCreateResponse, OAuthClientCreateResponseSchema, OAuthClientCreateSchema, type OAuthClientDetail, OAuthClientDetailSchema, type OAuthClientListItem, OAuthClientListItemSchema, type OAuthClientRow, OAuthClientRowSchema, type OAuthClientSecretRotateResponse, OAuthClientSecretRotateResponseSchema, type OAuthClientUpdate, OAuthClientUpdateSchema, type OAuthClientsInterface, type OAuthClientsRepositoryInterface, type OAuthConsentBody, OAuthConsentBodySchema, type OAuthConsentResult, type OAuthProviderInterface, type OAuthRefreshTokenRow, OAuthRefreshTokenSchema, type OAuthRfcCodeType, OAuthRfcCodes, type OAuthRfcErrorCodesType, type OAuthSessionInterface, type OAuthSessionPayload, type OAuthTokenAuthorizationCodeRequest, OAuthTokenAuthorizationCodeSchema, type OAuthTokenErrorResponse, OAuthTokenErrorResponseSchema, type OAuthTokenRefreshRequest, OAuthTokenRefreshSchema, type OAuthTokenRequest, OAuthTokenRequestSchema, type OAuthTokenResponse, OAuthTokenResponseSchema, type OAuthTokenRevokeRequest, OAuthTokenRevokeSchema, type OAuthTokenServiceInterface, type OAuthUserCredentialsRow, OAuthUserCredentialsSchema, type OAuthUserInfoErrorResponse, OAuthUserInfoErrorResponseSchema, type OAuthUserInfoResponse, OAuthUserInfoResponseSchema, type OAuthWrapperRepositoryInterface, type ResolveAuthorizePageResult, computePkceS256Challenge, generatePkceVerifier, isOAuthRedirectUri, randomOAuthState };
|
|
436
|
+
export { type CreateAuthorizationCodeInput, type CreateOAuthRefreshTokenInput, type OAuthAuthorizationCodeRow, OAuthAuthorizationCodeRowSchema, type OAuthAuthorizePageData, type OAuthAuthorizeQuery, OAuthAuthorizeQuerySchema, type OAuthAuthorizeValidationError, type OAuthClientCreate, type OAuthClientCreateResponse, OAuthClientCreateResponseSchema, OAuthClientCreateSchema, type OAuthClientDetail, OAuthClientDetailSchema, type OAuthClientListItem, OAuthClientListItemSchema, type OAuthClientRow, OAuthClientRowSchema, type OAuthClientSecretRotateResponse, OAuthClientSecretRotateResponseSchema, type OAuthClientUpdate, OAuthClientUpdateSchema, type OAuthClientsInterface, type OAuthClientsRepositoryInterface, type OAuthConsentBody, OAuthConsentBodySchema, type OAuthConsentResult, type OAuthOTPProviderInterface, type OAuthProviderInterface, type OAuthRefreshTokenRow, OAuthRefreshTokenSchema, type OAuthRfcCodeType, OAuthRfcCodes, type OAuthRfcErrorCodesType, type OAuthSessionInterface, type OAuthSessionPayload, type OAuthTokenAuthorizationCodeRequest, OAuthTokenAuthorizationCodeSchema, type OAuthTokenErrorResponse, OAuthTokenErrorResponseSchema, type OAuthTokenRefreshRequest, OAuthTokenRefreshSchema, type OAuthTokenRequest, OAuthTokenRequestSchema, type OAuthTokenResponse, OAuthTokenResponseSchema, type OAuthTokenRevokeRequest, OAuthTokenRevokeSchema, type OAuthTokenServiceInterface, type OAuthUserCredentialsRow, OAuthUserCredentialsSchema, type OAuthUserInfoErrorResponse, OAuthUserInfoErrorResponseSchema, type OAuthUserInfoResponse, OAuthUserInfoResponseSchema, type OAuthWrapperRepositoryInterface, type ResolveAuthorizePageResult, type SignOtpResult, type SignWithEmailOtpSchema, type SignWithOtpParams, type SignWithOtpSchema, type SignWithPhoneOtpSchema, type VerifyEmailOtpParams, type VerifyMobileOtpParams, type VerifyOtpParams, computePkceS256Challenge, generatePkceVerifier, isOAuthRedirectUri, randomOAuthState, signWithEmailOtpSchema, signWithPhoneOtpSchema };
|
package/dist/core.js
CHANGED
|
@@ -106,6 +106,18 @@ var OAuthAuthorizationCodeRowSchema = z.object({
|
|
|
106
106
|
used: z.boolean(),
|
|
107
107
|
created_at: z.string()
|
|
108
108
|
});
|
|
109
|
+
var signWithPhoneOtpSchema = z.object({
|
|
110
|
+
/** The user's phone number. */
|
|
111
|
+
phone: z.string(),
|
|
112
|
+
/** The otp sent to the user's phone number. */
|
|
113
|
+
token: z.string().optional()
|
|
114
|
+
});
|
|
115
|
+
var signWithEmailOtpSchema = z.object({
|
|
116
|
+
/** The user's email address. */
|
|
117
|
+
email: z.email(),
|
|
118
|
+
/** The otp sent to the user's email address. */
|
|
119
|
+
token: z.string().optional()
|
|
120
|
+
});
|
|
109
121
|
|
|
110
122
|
// src/core/schema/OAuthClientSchema.ts
|
|
111
123
|
import { z as z2 } from "zod";
|
|
@@ -246,5 +258,7 @@ export {
|
|
|
246
258
|
computePkceS256Challenge,
|
|
247
259
|
generatePkceVerifier,
|
|
248
260
|
isOAuthRedirectUri,
|
|
249
|
-
randomOAuthState
|
|
261
|
+
randomOAuthState,
|
|
262
|
+
signWithEmailOtpSchema,
|
|
263
|
+
signWithPhoneOtpSchema
|
|
250
264
|
};
|
package/dist/index.cjs
CHANGED
|
@@ -58,6 +58,8 @@ __export(server_exports, {
|
|
|
58
58
|
normalizeQuery: () => normalizeQuery,
|
|
59
59
|
parseScopeList: () => parseScopeList,
|
|
60
60
|
randomOAuthState: () => randomOAuthState,
|
|
61
|
+
signWithEmailOtpSchema: () => signWithEmailOtpSchema,
|
|
62
|
+
signWithPhoneOtpSchema: () => signWithPhoneOtpSchema,
|
|
61
63
|
validatePkceParams: () => validatePkceParams,
|
|
62
64
|
verifyClientSecret: () => verifyClientSecret,
|
|
63
65
|
verifyPkceS256: () => verifyPkceS256
|
|
@@ -172,6 +174,18 @@ var OAuthAuthorizationCodeRowSchema = import_zod.z.object({
|
|
|
172
174
|
used: import_zod.z.boolean(),
|
|
173
175
|
created_at: import_zod.z.string()
|
|
174
176
|
});
|
|
177
|
+
var signWithPhoneOtpSchema = import_zod.z.object({
|
|
178
|
+
/** The user's phone number. */
|
|
179
|
+
phone: import_zod.z.string(),
|
|
180
|
+
/** The otp sent to the user's phone number. */
|
|
181
|
+
token: import_zod.z.string().optional()
|
|
182
|
+
});
|
|
183
|
+
var signWithEmailOtpSchema = import_zod.z.object({
|
|
184
|
+
/** The user's email address. */
|
|
185
|
+
email: import_zod.z.email(),
|
|
186
|
+
/** The otp sent to the user's email address. */
|
|
187
|
+
token: import_zod.z.string().optional()
|
|
188
|
+
});
|
|
175
189
|
|
|
176
190
|
// src/core/schema/OAuthClientSchema.ts
|
|
177
191
|
var import_zod2 = require("zod");
|
|
@@ -1087,6 +1101,8 @@ async function verifyClientSecret(secret, storedHash) {
|
|
|
1087
1101
|
normalizeQuery,
|
|
1088
1102
|
parseScopeList,
|
|
1089
1103
|
randomOAuthState,
|
|
1104
|
+
signWithEmailOtpSchema,
|
|
1105
|
+
signWithPhoneOtpSchema,
|
|
1090
1106
|
validatePkceParams,
|
|
1091
1107
|
verifyClientSecret,
|
|
1092
1108
|
verifyPkceS256
|
package/dist/index.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { LoginParams } from '@qlover/corekit-bridge/core';
|
|
2
2
|
import { OAuthSessionPayload, OAuthProviderInterface, OAuthTokenRequest, OAuthTokenResponse, OAuthWrapperRepositoryInterface, OAuthUserInfoResponse, OAuthAuthorizeQuery, OAuthConsentBody, OAuthAuthorizePageData, OAuthAuthorizeValidationError, OAuthConsentResult, OAuthClientsInterface, OAuthClientsRepositoryInterface, OAuthClientListItem, OAuthClientDetail, OAuthClientCreate, OAuthClientCreateResponse, OAuthClientUpdate, OAuthClientSecretRotateResponse, OAuthTokenServiceInterface, OAuthSessionInterface, OAuthRfcCodeType, OAuthClientRow } from './core.js';
|
|
3
|
-
export { CreateAuthorizationCodeInput, CreateOAuthRefreshTokenInput, OAuthAuthorizationCodeRow, OAuthAuthorizationCodeRowSchema, OAuthAuthorizeQuerySchema, OAuthClientCreateResponseSchema, OAuthClientCreateSchema, OAuthClientDetailSchema, OAuthClientListItemSchema, OAuthClientRowSchema, OAuthClientSecretRotateResponseSchema, OAuthClientUpdateSchema, OAuthConsentBodySchema, OAuthRefreshTokenRow, OAuthRefreshTokenSchema, OAuthRfcCodes, OAuthRfcErrorCodesType, OAuthTokenAuthorizationCodeRequest, OAuthTokenAuthorizationCodeSchema, OAuthTokenErrorResponse, OAuthTokenErrorResponseSchema, OAuthTokenRefreshRequest, OAuthTokenRefreshSchema, OAuthTokenRequestSchema, OAuthTokenResponseSchema, OAuthTokenRevokeRequest, OAuthTokenRevokeSchema, OAuthUserCredentialsRow, OAuthUserCredentialsSchema, OAuthUserInfoErrorResponse, OAuthUserInfoErrorResponseSchema, OAuthUserInfoResponseSchema, ResolveAuthorizePageResult, computePkceS256Challenge, generatePkceVerifier, isOAuthRedirectUri, randomOAuthState } from './core.js';
|
|
3
|
+
export { CreateAuthorizationCodeInput, CreateOAuthRefreshTokenInput, OAuthAuthorizationCodeRow, OAuthAuthorizationCodeRowSchema, OAuthAuthorizeQuerySchema, OAuthClientCreateResponseSchema, OAuthClientCreateSchema, OAuthClientDetailSchema, OAuthClientListItemSchema, OAuthClientRowSchema, OAuthClientSecretRotateResponseSchema, OAuthClientUpdateSchema, OAuthConsentBodySchema, OAuthOTPProviderInterface, OAuthRefreshTokenRow, OAuthRefreshTokenSchema, OAuthRfcCodes, OAuthRfcErrorCodesType, OAuthTokenAuthorizationCodeRequest, OAuthTokenAuthorizationCodeSchema, OAuthTokenErrorResponse, OAuthTokenErrorResponseSchema, OAuthTokenRefreshRequest, OAuthTokenRefreshSchema, OAuthTokenRequestSchema, OAuthTokenResponseSchema, OAuthTokenRevokeRequest, OAuthTokenRevokeSchema, OAuthUserCredentialsRow, OAuthUserCredentialsSchema, OAuthUserInfoErrorResponse, OAuthUserInfoErrorResponseSchema, OAuthUserInfoResponseSchema, ResolveAuthorizePageResult, SignOtpResult, SignWithEmailOtpSchema, SignWithOtpParams, SignWithOtpSchema, SignWithPhoneOtpSchema, VerifyEmailOtpParams, VerifyMobileOtpParams, VerifyOtpParams, computePkceS256Challenge, generatePkceVerifier, isOAuthRedirectUri, randomOAuthState, signWithEmailOtpSchema, signWithPhoneOtpSchema } from './core.js';
|
|
4
4
|
import { EncryptorInterface, ExecutorError } from '@qlover/fe-corekit';
|
|
5
5
|
import 'zod';
|
|
6
6
|
|
package/dist/index.js
CHANGED
|
@@ -106,6 +106,18 @@ var OAuthAuthorizationCodeRowSchema = z.object({
|
|
|
106
106
|
used: z.boolean(),
|
|
107
107
|
created_at: z.string()
|
|
108
108
|
});
|
|
109
|
+
var signWithPhoneOtpSchema = z.object({
|
|
110
|
+
/** The user's phone number. */
|
|
111
|
+
phone: z.string(),
|
|
112
|
+
/** The otp sent to the user's phone number. */
|
|
113
|
+
token: z.string().optional()
|
|
114
|
+
});
|
|
115
|
+
var signWithEmailOtpSchema = z.object({
|
|
116
|
+
/** The user's email address. */
|
|
117
|
+
email: z.email(),
|
|
118
|
+
/** The otp sent to the user's email address. */
|
|
119
|
+
token: z.string().optional()
|
|
120
|
+
});
|
|
109
121
|
|
|
110
122
|
// src/core/schema/OAuthClientSchema.ts
|
|
111
123
|
import { z as z2 } from "zod";
|
|
@@ -1020,6 +1032,8 @@ export {
|
|
|
1020
1032
|
normalizeQuery,
|
|
1021
1033
|
parseScopeList,
|
|
1022
1034
|
randomOAuthState,
|
|
1035
|
+
signWithEmailOtpSchema,
|
|
1036
|
+
signWithPhoneOtpSchema,
|
|
1023
1037
|
validatePkceParams,
|
|
1024
1038
|
verifyClientSecret,
|
|
1025
1039
|
verifyPkceS256
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@qlover/oauth-wrapper",
|
|
3
3
|
"description": "Provider-agnostic OAuth 2.0 authorization server core (authorization code, PKCE, token exchange, userinfo)",
|
|
4
|
-
"version": "0.
|
|
4
|
+
"version": "0.3.0",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"private": false,
|
|
7
7
|
"sideEffects": false,
|
|
@@ -53,8 +53,8 @@
|
|
|
53
53
|
},
|
|
54
54
|
"dependencies": {
|
|
55
55
|
"@qlover/fe-corekit": "3.3.0",
|
|
56
|
-
"@qlover/
|
|
57
|
-
"@qlover/
|
|
56
|
+
"@qlover/logger": "1.2.0",
|
|
57
|
+
"@qlover/corekit-bridge": "3.2.1"
|
|
58
58
|
},
|
|
59
59
|
"peerDependencies": {
|
|
60
60
|
"zod": "^3.0.0 || ^4.0.0"
|