@qlover/oauth-wrapper 0.4.0 → 0.6.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/client.cjs +1 -1
- package/dist/client.d.ts +1 -1
- package/dist/client.js +1 -1
- package/dist/core.cjs +1 -1
- package/dist/core.d.ts +64 -23
- package/dist/core.js +1 -1
- package/dist/index.cjs +392 -414
- package/dist/index.d.ts +65 -92
- package/dist/index.js +389 -410
- package/package.json +3 -3
package/dist/client.cjs
CHANGED
|
@@ -48,7 +48,7 @@ var OAuthWrapperEndpoints = {
|
|
|
48
48
|
authorize: "/oauth/authorize",
|
|
49
49
|
token: "/oauth/token",
|
|
50
50
|
revoke: "/oauth/revoke",
|
|
51
|
-
userinfo: "/userinfo"
|
|
51
|
+
userinfo: "/oauth/userinfo"
|
|
52
52
|
};
|
|
53
53
|
var DEFAULT_OAUTH_AUTHORIZE_PATH = OAuthWrapperEndpoints.authorize;
|
|
54
54
|
var DEFAULT_PKCE_STORAGE_KEY = "oauth-wrapper-pkcesession";
|
package/dist/client.d.ts
CHANGED
|
@@ -116,7 +116,7 @@ declare const OAuthWrapperEndpoints: {
|
|
|
116
116
|
readonly authorize: "/oauth/authorize";
|
|
117
117
|
readonly token: "/oauth/token";
|
|
118
118
|
readonly revoke: "/oauth/revoke";
|
|
119
|
-
readonly userinfo: "/userinfo";
|
|
119
|
+
readonly userinfo: "/oauth/userinfo";
|
|
120
120
|
};
|
|
121
121
|
declare const DEFAULT_OAUTH_AUTHORIZE_PATH: "/oauth/authorize";
|
|
122
122
|
type OAuthAuthorizationConfig = {
|
package/dist/client.js
CHANGED
|
@@ -3,7 +3,7 @@ var OAuthWrapperEndpoints = {
|
|
|
3
3
|
authorize: "/oauth/authorize",
|
|
4
4
|
token: "/oauth/token",
|
|
5
5
|
revoke: "/oauth/revoke",
|
|
6
|
-
userinfo: "/userinfo"
|
|
6
|
+
userinfo: "/oauth/userinfo"
|
|
7
7
|
};
|
|
8
8
|
var DEFAULT_OAUTH_AUTHORIZE_PATH = OAuthWrapperEndpoints.authorize;
|
|
9
9
|
var DEFAULT_PKCE_STORAGE_KEY = "oauth-wrapper-pkcesession";
|
package/dist/core.cjs
CHANGED
|
@@ -190,7 +190,7 @@ var OAuthRefreshTokenSchema = import_zod2.z.object({
|
|
|
190
190
|
});
|
|
191
191
|
var OAuthTokenResponseSchema = import_zod2.z.object({
|
|
192
192
|
access_token: import_zod2.z.string(),
|
|
193
|
-
token_type: import_zod2.z.
|
|
193
|
+
token_type: import_zod2.z.string(),
|
|
194
194
|
expires_in: import_zod2.z.number(),
|
|
195
195
|
refresh_token: import_zod2.z.string().optional(),
|
|
196
196
|
scope: import_zod2.z.string().optional()
|
package/dist/core.d.ts
CHANGED
|
@@ -150,16 +150,34 @@ interface OAuthClientsRepositoryInterface {
|
|
|
150
150
|
verifyClientCredentials(clientId: string, clientSecret: string | undefined): Promise<OAuthClientRow>;
|
|
151
151
|
}
|
|
152
152
|
|
|
153
|
-
|
|
153
|
+
/**
|
|
154
|
+
* 基础会话载荷,包含 OAuth 核心所需的最少字段。
|
|
155
|
+
* 子类可以扩展此类型,添加任意额外字段(如 avatar, phone, roles 等)。
|
|
156
|
+
*/
|
|
157
|
+
interface OAuthSessionPayload {
|
|
158
|
+
/**
|
|
159
|
+
* 用户唯一标识
|
|
160
|
+
*/
|
|
154
161
|
userId: string;
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
162
|
+
/**
|
|
163
|
+
* 外部提供方的会话 token
|
|
164
|
+
*/
|
|
165
|
+
providerRefreshToken: string;
|
|
166
|
+
}
|
|
167
|
+
type WithUserSession<SessionPayload extends OAuthSessionPayload, User> = SessionPayload & {
|
|
168
|
+
/**
|
|
169
|
+
* 可以额外携带一个用户信息
|
|
170
|
+
*/
|
|
171
|
+
user?: User;
|
|
158
172
|
};
|
|
159
|
-
|
|
173
|
+
/**
|
|
174
|
+
* 会话管理接口,泛型参数必须满足 OAuthSessionPayload 约束。
|
|
175
|
+
* 实现类可以返回更具体的子类型(包含额外字段)。
|
|
176
|
+
*/
|
|
177
|
+
interface OAuthSessionInterface<Payload extends OAuthSessionPayload, User> {
|
|
160
178
|
getSession(): Promise<Payload | null>;
|
|
161
179
|
hasSession(): Promise<boolean>;
|
|
162
|
-
setSession(payload: Payload): Promise<void>;
|
|
180
|
+
setSession(payload: WithUserSession<Payload, User>): Promise<void>;
|
|
163
181
|
clearSession(): Promise<void>;
|
|
164
182
|
}
|
|
165
183
|
|
|
@@ -230,7 +248,7 @@ declare const OAuthRefreshTokenSchema: z.ZodObject<{
|
|
|
230
248
|
type OAuthRefreshTokenRow = z.infer<typeof OAuthRefreshTokenSchema>;
|
|
231
249
|
declare const OAuthTokenResponseSchema: z.ZodObject<{
|
|
232
250
|
access_token: z.ZodString;
|
|
233
|
-
token_type: z.
|
|
251
|
+
token_type: z.ZodString;
|
|
234
252
|
expires_in: z.ZodNumber;
|
|
235
253
|
refresh_token: z.ZodOptional<z.ZodString>;
|
|
236
254
|
scope: z.ZodOptional<z.ZodString>;
|
|
@@ -276,19 +294,6 @@ interface OAuthWrapperRepositoryInterface extends OAuthClientsRepositoryInterfac
|
|
|
276
294
|
revokeRefreshTokensByUserId(userId: string): Promise<void>;
|
|
277
295
|
}
|
|
278
296
|
|
|
279
|
-
declare const OAuthUserInfoResponseSchema: z.ZodObject<{
|
|
280
|
-
sub: z.ZodString;
|
|
281
|
-
email: z.ZodEmail;
|
|
282
|
-
name: z.ZodString;
|
|
283
|
-
roles: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
284
|
-
}, z.core.$strip>;
|
|
285
|
-
type OAuthUserInfoResponse = z.infer<typeof OAuthUserInfoResponseSchema>;
|
|
286
|
-
declare const OAuthUserInfoErrorResponseSchema: z.ZodObject<{
|
|
287
|
-
error: z.ZodString;
|
|
288
|
-
error_id: z.ZodOptional<z.ZodString>;
|
|
289
|
-
}, z.core.$strip>;
|
|
290
|
-
type OAuthUserInfoErrorResponse = z.infer<typeof OAuthUserInfoErrorResponseSchema>;
|
|
291
|
-
|
|
292
297
|
/**
|
|
293
298
|
* OAuth authorize page data shared by server rendering and client UI.
|
|
294
299
|
*
|
|
@@ -335,7 +340,7 @@ type ResolveAuthorizePageResult = {
|
|
|
335
340
|
ok: false;
|
|
336
341
|
error: OAuthAuthorizeValidationError;
|
|
337
342
|
};
|
|
338
|
-
interface OAuthProviderInterface<SessionPayload extends OAuthSessionPayload> extends OAuthTokenServiceInterface {
|
|
343
|
+
interface OAuthProviderInterface<User, SessionPayload extends OAuthSessionPayload> extends OAuthTokenServiceInterface {
|
|
339
344
|
login(params: LoginParams): Promise<SessionPayload>;
|
|
340
345
|
/**
|
|
341
346
|
* Get the OAuth repository
|
|
@@ -361,7 +366,18 @@ interface OAuthProviderInterface<SessionPayload extends OAuthSessionPayload> ext
|
|
|
361
366
|
* Process the consent
|
|
362
367
|
*/
|
|
363
368
|
processConsent(requestBody: unknown): Promise<OAuthConsentResult>;
|
|
364
|
-
|
|
369
|
+
/**
|
|
370
|
+
* 使用 access_token 获取用户信息
|
|
371
|
+
* @param accessToken
|
|
372
|
+
*/
|
|
373
|
+
getUserInfoWithAccessToken(accessToken: string): Promise<User>;
|
|
374
|
+
/**
|
|
375
|
+
* 刷新会话数据
|
|
376
|
+
* @param params
|
|
377
|
+
*/
|
|
378
|
+
refreshUser(params?: {
|
|
379
|
+
refresh_token: string;
|
|
380
|
+
}): Promise<WithUserSession<SessionPayload, User>>;
|
|
365
381
|
}
|
|
366
382
|
type SignWithOtpParams = {
|
|
367
383
|
email: string;
|
|
@@ -411,6 +427,31 @@ interface OAuthOTPProviderInterface {
|
|
|
411
427
|
verifyOtp(params: VerifyOtpParams): Promise<SignOtpResult>;
|
|
412
428
|
}
|
|
413
429
|
|
|
430
|
+
/**
|
|
431
|
+
* @deprecated
|
|
432
|
+
*/
|
|
433
|
+
declare const OAuthUserInfoResponseSchema: z.ZodObject<{
|
|
434
|
+
sub: z.ZodString;
|
|
435
|
+
email: z.ZodEmail;
|
|
436
|
+
name: z.ZodString;
|
|
437
|
+
roles: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
438
|
+
}, z.core.$strip>;
|
|
439
|
+
/**
|
|
440
|
+
* @deprecated
|
|
441
|
+
*/
|
|
442
|
+
type OAuthUserInfoResponse = z.infer<typeof OAuthUserInfoResponseSchema>;
|
|
443
|
+
/**
|
|
444
|
+
* @deprecated
|
|
445
|
+
*/
|
|
446
|
+
declare const OAuthUserInfoErrorResponseSchema: z.ZodObject<{
|
|
447
|
+
error: z.ZodString;
|
|
448
|
+
error_id: z.ZodOptional<z.ZodString>;
|
|
449
|
+
}, z.core.$strip>;
|
|
450
|
+
/**
|
|
451
|
+
* @deprecated
|
|
452
|
+
*/
|
|
453
|
+
type OAuthUserInfoErrorResponse = z.infer<typeof OAuthUserInfoErrorResponseSchema>;
|
|
454
|
+
|
|
414
455
|
declare const OAuthRfcCodes: {
|
|
415
456
|
readonly INVALID_REQUEST: "invalid_request";
|
|
416
457
|
readonly INVALID_CLIENT: "invalid_client";
|
|
@@ -433,4 +474,4 @@ declare function generatePkceVerifier(length?: number): string;
|
|
|
433
474
|
declare function computePkceS256Challenge(verifier: string): Promise<string>;
|
|
434
475
|
declare function randomOAuthState(): string;
|
|
435
476
|
|
|
436
|
-
export { type CreateAuthorizationCodeInput, type CreateOAuthRefreshTokenInput, type OAuthAuthorizationCodeRow, OAuthAuthorizationCodeRowSchema, type OAuthAuthorizePageData, type OAuthAuthorizeQuery, OAuthAuthorizeQuerySchema, type OAuthAuthorizeValidationError, type OAuthClientCreate, type OAuthClientCreateResponse, OAuthClientCreateResponseSchema, OAuthClientCreateSchema, type OAuthClientDetail, OAuthClientDetailSchema, type OAuthClientListItem, OAuthClientListItemSchema, type OAuthClientRow, OAuthClientRowSchema, type OAuthClientSecretRotateResponse, OAuthClientSecretRotateResponseSchema, type OAuthClientUpdate, OAuthClientUpdateSchema, type OAuthClientsInterface, type OAuthClientsRepositoryInterface, type OAuthConsentBody, OAuthConsentBodySchema, type OAuthConsentResult, type OAuthOTPProviderInterface, type OAuthProviderInterface, type OAuthRefreshTokenRow, OAuthRefreshTokenSchema, type OAuthRfcCodeType, OAuthRfcCodes, type OAuthRfcErrorCodesType, type OAuthSessionInterface, type OAuthSessionPayload, type OAuthTokenAuthorizationCodeRequest, OAuthTokenAuthorizationCodeSchema, type OAuthTokenErrorResponse, OAuthTokenErrorResponseSchema, type OAuthTokenRefreshRequest, OAuthTokenRefreshSchema, type OAuthTokenRequest, OAuthTokenRequestSchema, type OAuthTokenResponse, OAuthTokenResponseSchema, type OAuthTokenRevokeRequest, OAuthTokenRevokeSchema, type OAuthTokenServiceInterface, type OAuthUserCredentialsRow, OAuthUserCredentialsSchema, type OAuthUserInfoErrorResponse, OAuthUserInfoErrorResponseSchema, type OAuthUserInfoResponse, OAuthUserInfoResponseSchema, type OAuthWrapperRepositoryInterface, type ResolveAuthorizePageResult, type SignOtpResult, type SignWithEmailOtpSchema, type SignWithOtpParams, type SignWithOtpSchema, type SignWithPhoneOtpSchema, type VerifyEmailOtpParams, type VerifyMobileOtpParams, type VerifyOtpParams, computePkceS256Challenge, generatePkceVerifier, isOAuthRedirectUri, randomOAuthState, signWithEmailOtpSchema, signWithPhoneOtpSchema };
|
|
477
|
+
export { type CreateAuthorizationCodeInput, type CreateOAuthRefreshTokenInput, type OAuthAuthorizationCodeRow, OAuthAuthorizationCodeRowSchema, type OAuthAuthorizePageData, type OAuthAuthorizeQuery, OAuthAuthorizeQuerySchema, type OAuthAuthorizeValidationError, type OAuthClientCreate, type OAuthClientCreateResponse, OAuthClientCreateResponseSchema, OAuthClientCreateSchema, type OAuthClientDetail, OAuthClientDetailSchema, type OAuthClientListItem, OAuthClientListItemSchema, type OAuthClientRow, OAuthClientRowSchema, type OAuthClientSecretRotateResponse, OAuthClientSecretRotateResponseSchema, type OAuthClientUpdate, OAuthClientUpdateSchema, type OAuthClientsInterface, type OAuthClientsRepositoryInterface, type OAuthConsentBody, OAuthConsentBodySchema, type OAuthConsentResult, type OAuthOTPProviderInterface, type OAuthProviderInterface, type OAuthRefreshTokenRow, OAuthRefreshTokenSchema, type OAuthRfcCodeType, OAuthRfcCodes, type OAuthRfcErrorCodesType, type OAuthSessionInterface, type OAuthSessionPayload, type OAuthTokenAuthorizationCodeRequest, OAuthTokenAuthorizationCodeSchema, type OAuthTokenErrorResponse, OAuthTokenErrorResponseSchema, type OAuthTokenRefreshRequest, OAuthTokenRefreshSchema, type OAuthTokenRequest, OAuthTokenRequestSchema, type OAuthTokenResponse, OAuthTokenResponseSchema, type OAuthTokenRevokeRequest, OAuthTokenRevokeSchema, type OAuthTokenServiceInterface, type OAuthUserCredentialsRow, OAuthUserCredentialsSchema, type OAuthUserInfoErrorResponse, OAuthUserInfoErrorResponseSchema, type OAuthUserInfoResponse, OAuthUserInfoResponseSchema, type OAuthWrapperRepositoryInterface, type ResolveAuthorizePageResult, type SignOtpResult, type SignWithEmailOtpSchema, type SignWithOtpParams, type SignWithOtpSchema, type SignWithPhoneOtpSchema, type VerifyEmailOtpParams, type VerifyMobileOtpParams, type VerifyOtpParams, type WithUserSession, computePkceS256Challenge, generatePkceVerifier, isOAuthRedirectUri, randomOAuthState, signWithEmailOtpSchema, signWithPhoneOtpSchema };
|
package/dist/core.js
CHANGED
|
@@ -138,7 +138,7 @@ var OAuthRefreshTokenSchema = z2.object({
|
|
|
138
138
|
});
|
|
139
139
|
var OAuthTokenResponseSchema = z2.object({
|
|
140
140
|
access_token: z2.string(),
|
|
141
|
-
token_type: z2.
|
|
141
|
+
token_type: z2.string(),
|
|
142
142
|
expires_in: z2.number(),
|
|
143
143
|
refresh_token: z2.string().optional(),
|
|
144
144
|
scope: z2.string().optional()
|