@qlover/oauth-wrapper 0.2.3 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/core.cjs CHANGED
@@ -44,7 +44,9 @@ __export(core_exports, {
44
44
  computePkceS256Challenge: () => computePkceS256Challenge,
45
45
  generatePkceVerifier: () => generatePkceVerifier,
46
46
  isOAuthRedirectUri: () => isOAuthRedirectUri,
47
- randomOAuthState: () => randomOAuthState
47
+ randomOAuthState: () => randomOAuthState,
48
+ signWithEmailOtpSchema: () => signWithEmailOtpSchema,
49
+ signWithPhoneOtpSchema: () => signWithPhoneOtpSchema
48
50
  });
49
51
  module.exports = __toCommonJS(core_exports);
50
52
 
@@ -156,6 +158,18 @@ var OAuthAuthorizationCodeRowSchema = import_zod.z.object({
156
158
  used: import_zod.z.boolean(),
157
159
  created_at: import_zod.z.string()
158
160
  });
161
+ var signWithPhoneOtpSchema = import_zod.z.object({
162
+ /** The user's phone number. */
163
+ phone: import_zod.z.string(),
164
+ /** The otp sent to the user's phone number. */
165
+ token: import_zod.z.string().optional()
166
+ });
167
+ var signWithEmailOtpSchema = import_zod.z.object({
168
+ /** The user's email address. */
169
+ email: import_zod.z.email(),
170
+ /** The otp sent to the user's email address. */
171
+ token: import_zod.z.string().optional()
172
+ });
159
173
 
160
174
  // src/core/schema/OAuthClientSchema.ts
161
175
  var import_zod2 = require("zod");
@@ -297,5 +311,7 @@ function randomOAuthState() {
297
311
  computePkceS256Challenge,
298
312
  generatePkceVerifier,
299
313
  isOAuthRedirectUri,
300
- randomOAuthState
314
+ randomOAuthState,
315
+ signWithEmailOtpSchema,
316
+ signWithPhoneOtpSchema
301
317
  });
package/dist/core.d.ts CHANGED
@@ -111,6 +111,17 @@ declare const OAuthAuthorizationCodeRowSchema: z.ZodObject<{
111
111
  created_at: z.ZodString;
112
112
  }, z.core.$strip>;
113
113
  type OAuthAuthorizationCodeRow = z.infer<typeof OAuthAuthorizationCodeRowSchema>;
114
+ declare const signWithPhoneOtpSchema: z.ZodObject<{
115
+ phone: z.ZodString;
116
+ token: z.ZodOptional<z.ZodString>;
117
+ }, z.core.$strip>;
118
+ declare const signWithEmailOtpSchema: z.ZodObject<{
119
+ email: z.ZodEmail;
120
+ token: z.ZodOptional<z.ZodString>;
121
+ }, z.core.$strip>;
122
+ type SignWithPhoneOtpSchema = z.infer<typeof signWithPhoneOtpSchema>;
123
+ type SignWithEmailOtpSchema = z.infer<typeof signWithEmailOtpSchema>;
124
+ type SignWithOtpSchema = SignWithPhoneOtpSchema | SignWithEmailOtpSchema;
114
125
 
115
126
  interface OAuthClientsInterface {
116
127
  listForOwner(ownerUserId: string): Promise<OAuthClientListItem[]>;
@@ -352,6 +363,53 @@ interface OAuthProviderInterface<SessionPayload extends OAuthSessionPayload> ext
352
363
  processConsent(requestBody: unknown): Promise<OAuthConsentResult>;
353
364
  getUserInfoWithAccessToken(accessToken: string): Promise<OAuthUserInfoResponse>;
354
365
  }
366
+ type SignWithOtpParams = {
367
+ email: string;
368
+ } | {
369
+ phone: string;
370
+ };
371
+ interface VerifyMobileOtpParams {
372
+ /** The user's phone number. */
373
+ phone: string;
374
+ /** The otp sent to the user's phone number. */
375
+ token: string;
376
+ }
377
+ interface VerifyEmailOtpParams {
378
+ /** The user's email address. */
379
+ email: string;
380
+ /** The otp sent to the user's email address. */
381
+ token: string;
382
+ }
383
+ type VerifyOtpParams = SignWithOtpSchema;
384
+ type SignOtpResult = {
385
+ expired: number;
386
+ messageId?: string;
387
+ };
388
+ /**
389
+ * Interface for OAuth providers that support OTP-based authentication.
390
+ *
391
+ * This interface extends the base OAuthProviderInterface with methods specific to OTP flows.
392
+ * It allows for signing in with OTP and verifying OTP tokens to establish sessions.
393
+ *
394
+ * The generic SessionPayload type parameter allows implementations to define their own session data structure.
395
+ */
396
+ interface OAuthOTPProviderInterface {
397
+ /**
398
+ * Sign in using OTP. The params can be either email-based or phone-based.
399
+ * The implementation should handle sending the OTP to the user.
400
+ *
401
+ * @param params - Parameters for signing in with OTP, either email or phone.
402
+ * @returns A promise that resolves to the session payload after successful OTP initiation.
403
+ */
404
+ signWithOtp(params: SignWithOtpParams): Promise<SignOtpResult>;
405
+ /**
406
+ * Verify the OTP token provided by the user. This method should validate the OTP and establish a session if valid.
407
+ *
408
+ * @param params - Parameters for verifying the OTP, including the identifier (email or phone) and the OTP token.
409
+ * @returns A promise that resolves to the session payload after successful OTP verification.
410
+ */
411
+ verifyOtp(params: VerifyOtpParams): Promise<SignOtpResult>;
412
+ }
355
413
 
356
414
  declare const OAuthRfcCodes: {
357
415
  readonly INVALID_REQUEST: "invalid_request";
@@ -375,4 +433,4 @@ declare function generatePkceVerifier(length?: number): string;
375
433
  declare function computePkceS256Challenge(verifier: string): Promise<string>;
376
434
  declare function randomOAuthState(): string;
377
435
 
378
- export { type CreateAuthorizationCodeInput, type CreateOAuthRefreshTokenInput, type OAuthAuthorizationCodeRow, OAuthAuthorizationCodeRowSchema, type OAuthAuthorizePageData, type OAuthAuthorizeQuery, OAuthAuthorizeQuerySchema, type OAuthAuthorizeValidationError, type OAuthClientCreate, type OAuthClientCreateResponse, OAuthClientCreateResponseSchema, OAuthClientCreateSchema, type OAuthClientDetail, OAuthClientDetailSchema, type OAuthClientListItem, OAuthClientListItemSchema, type OAuthClientRow, OAuthClientRowSchema, type OAuthClientSecretRotateResponse, OAuthClientSecretRotateResponseSchema, type OAuthClientUpdate, OAuthClientUpdateSchema, type OAuthClientsInterface, type OAuthClientsRepositoryInterface, type OAuthConsentBody, OAuthConsentBodySchema, type OAuthConsentResult, type OAuthProviderInterface, type OAuthRefreshTokenRow, OAuthRefreshTokenSchema, type OAuthRfcCodeType, OAuthRfcCodes, type OAuthRfcErrorCodesType, type OAuthSessionInterface, type OAuthSessionPayload, type OAuthTokenAuthorizationCodeRequest, OAuthTokenAuthorizationCodeSchema, type OAuthTokenErrorResponse, OAuthTokenErrorResponseSchema, type OAuthTokenRefreshRequest, OAuthTokenRefreshSchema, type OAuthTokenRequest, OAuthTokenRequestSchema, type OAuthTokenResponse, OAuthTokenResponseSchema, type OAuthTokenRevokeRequest, OAuthTokenRevokeSchema, type OAuthTokenServiceInterface, type OAuthUserCredentialsRow, OAuthUserCredentialsSchema, type OAuthUserInfoErrorResponse, OAuthUserInfoErrorResponseSchema, type OAuthUserInfoResponse, OAuthUserInfoResponseSchema, type OAuthWrapperRepositoryInterface, type ResolveAuthorizePageResult, computePkceS256Challenge, generatePkceVerifier, isOAuthRedirectUri, randomOAuthState };
436
+ export { type CreateAuthorizationCodeInput, type CreateOAuthRefreshTokenInput, type OAuthAuthorizationCodeRow, OAuthAuthorizationCodeRowSchema, type OAuthAuthorizePageData, type OAuthAuthorizeQuery, OAuthAuthorizeQuerySchema, type OAuthAuthorizeValidationError, type OAuthClientCreate, type OAuthClientCreateResponse, OAuthClientCreateResponseSchema, OAuthClientCreateSchema, type OAuthClientDetail, OAuthClientDetailSchema, type OAuthClientListItem, OAuthClientListItemSchema, type OAuthClientRow, OAuthClientRowSchema, type OAuthClientSecretRotateResponse, OAuthClientSecretRotateResponseSchema, type OAuthClientUpdate, OAuthClientUpdateSchema, type OAuthClientsInterface, type OAuthClientsRepositoryInterface, type OAuthConsentBody, OAuthConsentBodySchema, type OAuthConsentResult, type OAuthOTPProviderInterface, type OAuthProviderInterface, type OAuthRefreshTokenRow, OAuthRefreshTokenSchema, type OAuthRfcCodeType, OAuthRfcCodes, type OAuthRfcErrorCodesType, type OAuthSessionInterface, type OAuthSessionPayload, type OAuthTokenAuthorizationCodeRequest, OAuthTokenAuthorizationCodeSchema, type OAuthTokenErrorResponse, OAuthTokenErrorResponseSchema, type OAuthTokenRefreshRequest, OAuthTokenRefreshSchema, type OAuthTokenRequest, OAuthTokenRequestSchema, type OAuthTokenResponse, OAuthTokenResponseSchema, type OAuthTokenRevokeRequest, OAuthTokenRevokeSchema, type OAuthTokenServiceInterface, type OAuthUserCredentialsRow, OAuthUserCredentialsSchema, type OAuthUserInfoErrorResponse, OAuthUserInfoErrorResponseSchema, type OAuthUserInfoResponse, OAuthUserInfoResponseSchema, type OAuthWrapperRepositoryInterface, type ResolveAuthorizePageResult, type SignOtpResult, type SignWithEmailOtpSchema, type SignWithOtpParams, type SignWithOtpSchema, type SignWithPhoneOtpSchema, type VerifyEmailOtpParams, type VerifyMobileOtpParams, type VerifyOtpParams, computePkceS256Challenge, generatePkceVerifier, isOAuthRedirectUri, randomOAuthState, signWithEmailOtpSchema, signWithPhoneOtpSchema };
package/dist/core.js CHANGED
@@ -106,6 +106,18 @@ var OAuthAuthorizationCodeRowSchema = z.object({
106
106
  used: z.boolean(),
107
107
  created_at: z.string()
108
108
  });
109
+ var signWithPhoneOtpSchema = z.object({
110
+ /** The user's phone number. */
111
+ phone: z.string(),
112
+ /** The otp sent to the user's phone number. */
113
+ token: z.string().optional()
114
+ });
115
+ var signWithEmailOtpSchema = z.object({
116
+ /** The user's email address. */
117
+ email: z.email(),
118
+ /** The otp sent to the user's email address. */
119
+ token: z.string().optional()
120
+ });
109
121
 
110
122
  // src/core/schema/OAuthClientSchema.ts
111
123
  import { z as z2 } from "zod";
@@ -246,5 +258,7 @@ export {
246
258
  computePkceS256Challenge,
247
259
  generatePkceVerifier,
248
260
  isOAuthRedirectUri,
249
- randomOAuthState
261
+ randomOAuthState,
262
+ signWithEmailOtpSchema,
263
+ signWithPhoneOtpSchema
250
264
  };
package/dist/index.cjs CHANGED
@@ -58,6 +58,8 @@ __export(server_exports, {
58
58
  normalizeQuery: () => normalizeQuery,
59
59
  parseScopeList: () => parseScopeList,
60
60
  randomOAuthState: () => randomOAuthState,
61
+ signWithEmailOtpSchema: () => signWithEmailOtpSchema,
62
+ signWithPhoneOtpSchema: () => signWithPhoneOtpSchema,
61
63
  validatePkceParams: () => validatePkceParams,
62
64
  verifyClientSecret: () => verifyClientSecret,
63
65
  verifyPkceS256: () => verifyPkceS256
@@ -172,6 +174,18 @@ var OAuthAuthorizationCodeRowSchema = import_zod.z.object({
172
174
  used: import_zod.z.boolean(),
173
175
  created_at: import_zod.z.string()
174
176
  });
177
+ var signWithPhoneOtpSchema = import_zod.z.object({
178
+ /** The user's phone number. */
179
+ phone: import_zod.z.string(),
180
+ /** The otp sent to the user's phone number. */
181
+ token: import_zod.z.string().optional()
182
+ });
183
+ var signWithEmailOtpSchema = import_zod.z.object({
184
+ /** The user's email address. */
185
+ email: import_zod.z.email(),
186
+ /** The otp sent to the user's email address. */
187
+ token: import_zod.z.string().optional()
188
+ });
175
189
 
176
190
  // src/core/schema/OAuthClientSchema.ts
177
191
  var import_zod2 = require("zod");
@@ -1087,6 +1101,8 @@ async function verifyClientSecret(secret, storedHash) {
1087
1101
  normalizeQuery,
1088
1102
  parseScopeList,
1089
1103
  randomOAuthState,
1104
+ signWithEmailOtpSchema,
1105
+ signWithPhoneOtpSchema,
1090
1106
  validatePkceParams,
1091
1107
  verifyClientSecret,
1092
1108
  verifyPkceS256
package/dist/index.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  import { LoginParams } from '@qlover/corekit-bridge/core';
2
2
  import { OAuthSessionPayload, OAuthProviderInterface, OAuthTokenRequest, OAuthTokenResponse, OAuthWrapperRepositoryInterface, OAuthUserInfoResponse, OAuthAuthorizeQuery, OAuthConsentBody, OAuthAuthorizePageData, OAuthAuthorizeValidationError, OAuthConsentResult, OAuthClientsInterface, OAuthClientsRepositoryInterface, OAuthClientListItem, OAuthClientDetail, OAuthClientCreate, OAuthClientCreateResponse, OAuthClientUpdate, OAuthClientSecretRotateResponse, OAuthTokenServiceInterface, OAuthSessionInterface, OAuthRfcCodeType, OAuthClientRow } from './core.js';
3
- export { CreateAuthorizationCodeInput, CreateOAuthRefreshTokenInput, OAuthAuthorizationCodeRow, OAuthAuthorizationCodeRowSchema, OAuthAuthorizeQuerySchema, OAuthClientCreateResponseSchema, OAuthClientCreateSchema, OAuthClientDetailSchema, OAuthClientListItemSchema, OAuthClientRowSchema, OAuthClientSecretRotateResponseSchema, OAuthClientUpdateSchema, OAuthConsentBodySchema, OAuthRefreshTokenRow, OAuthRefreshTokenSchema, OAuthRfcCodes, OAuthRfcErrorCodesType, OAuthTokenAuthorizationCodeRequest, OAuthTokenAuthorizationCodeSchema, OAuthTokenErrorResponse, OAuthTokenErrorResponseSchema, OAuthTokenRefreshRequest, OAuthTokenRefreshSchema, OAuthTokenRequestSchema, OAuthTokenResponseSchema, OAuthTokenRevokeRequest, OAuthTokenRevokeSchema, OAuthUserCredentialsRow, OAuthUserCredentialsSchema, OAuthUserInfoErrorResponse, OAuthUserInfoErrorResponseSchema, OAuthUserInfoResponseSchema, ResolveAuthorizePageResult, computePkceS256Challenge, generatePkceVerifier, isOAuthRedirectUri, randomOAuthState } from './core.js';
3
+ export { CreateAuthorizationCodeInput, CreateOAuthRefreshTokenInput, OAuthAuthorizationCodeRow, OAuthAuthorizationCodeRowSchema, OAuthAuthorizeQuerySchema, OAuthClientCreateResponseSchema, OAuthClientCreateSchema, OAuthClientDetailSchema, OAuthClientListItemSchema, OAuthClientRowSchema, OAuthClientSecretRotateResponseSchema, OAuthClientUpdateSchema, OAuthConsentBodySchema, OAuthOTPProviderInterface, OAuthRefreshTokenRow, OAuthRefreshTokenSchema, OAuthRfcCodes, OAuthRfcErrorCodesType, OAuthTokenAuthorizationCodeRequest, OAuthTokenAuthorizationCodeSchema, OAuthTokenErrorResponse, OAuthTokenErrorResponseSchema, OAuthTokenRefreshRequest, OAuthTokenRefreshSchema, OAuthTokenRequestSchema, OAuthTokenResponseSchema, OAuthTokenRevokeRequest, OAuthTokenRevokeSchema, OAuthUserCredentialsRow, OAuthUserCredentialsSchema, OAuthUserInfoErrorResponse, OAuthUserInfoErrorResponseSchema, OAuthUserInfoResponseSchema, ResolveAuthorizePageResult, SignOtpResult, SignWithEmailOtpSchema, SignWithOtpParams, SignWithOtpSchema, SignWithPhoneOtpSchema, VerifyEmailOtpParams, VerifyMobileOtpParams, VerifyOtpParams, computePkceS256Challenge, generatePkceVerifier, isOAuthRedirectUri, randomOAuthState, signWithEmailOtpSchema, signWithPhoneOtpSchema } from './core.js';
4
4
  import { EncryptorInterface, ExecutorError } from '@qlover/fe-corekit';
5
5
  import 'zod';
6
6
 
package/dist/index.js CHANGED
@@ -106,6 +106,18 @@ var OAuthAuthorizationCodeRowSchema = z.object({
106
106
  used: z.boolean(),
107
107
  created_at: z.string()
108
108
  });
109
+ var signWithPhoneOtpSchema = z.object({
110
+ /** The user's phone number. */
111
+ phone: z.string(),
112
+ /** The otp sent to the user's phone number. */
113
+ token: z.string().optional()
114
+ });
115
+ var signWithEmailOtpSchema = z.object({
116
+ /** The user's email address. */
117
+ email: z.email(),
118
+ /** The otp sent to the user's email address. */
119
+ token: z.string().optional()
120
+ });
109
121
 
110
122
  // src/core/schema/OAuthClientSchema.ts
111
123
  import { z as z2 } from "zod";
@@ -1020,6 +1032,8 @@ export {
1020
1032
  normalizeQuery,
1021
1033
  parseScopeList,
1022
1034
  randomOAuthState,
1035
+ signWithEmailOtpSchema,
1036
+ signWithPhoneOtpSchema,
1023
1037
  validatePkceParams,
1024
1038
  verifyClientSecret,
1025
1039
  verifyPkceS256
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@qlover/oauth-wrapper",
3
3
  "description": "Provider-agnostic OAuth 2.0 authorization server core (authorization code, PKCE, token exchange, userinfo)",
4
- "version": "0.2.3",
4
+ "version": "0.4.0",
5
5
  "type": "module",
6
6
  "private": false,
7
7
  "sideEffects": false,
@@ -53,7 +53,7 @@
53
53
  },
54
54
  "dependencies": {
55
55
  "@qlover/fe-corekit": "3.3.0",
56
- "@qlover/corekit-bridge": "3.2.1",
56
+ "@qlover/corekit-bridge": "3.3.0",
57
57
  "@qlover/logger": "1.2.0"
58
58
  },
59
59
  "peerDependencies": {