npm - @rebasepro/server-core - Versions diffs - 0.0.1-canary.09e5ec5 - Mend

@rebasepro/server-core 0.0.1-canary.09e5ec5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (300) hide show

package/LICENSE +6 -0
package/README.md +40 -0
package/build-errors.txt +52 -0
package/coverage/clover.xml +3739 -0
package/coverage/coverage-final.json +31 -0
package/coverage/lcov-report/base.css +224 -0
package/coverage/lcov-report/block-navigation.js +87 -0
package/coverage/lcov-report/favicon.png +0 -0
package/coverage/lcov-report/index.html +266 -0
package/coverage/lcov-report/prettify.css +1 -0
package/coverage/lcov-report/prettify.js +2 -0
package/coverage/lcov-report/sort-arrow-sprite.png +0 -0
package/coverage/lcov-report/sorter.js +210 -0
package/coverage/lcov-report/src/api/ast-schema-editor.ts.html +952 -0
package/coverage/lcov-report/src/api/errors.ts.html +472 -0
package/coverage/lcov-report/src/api/graphql/graphql-schema-generator.ts.html +1069 -0
package/coverage/lcov-report/src/api/graphql/index.html +116 -0
package/coverage/lcov-report/src/api/index.html +176 -0
package/coverage/lcov-report/src/api/openapi-generator.ts.html +565 -0
package/coverage/lcov-report/src/api/rest/api-generator.ts.html +994 -0
package/coverage/lcov-report/src/api/rest/index.html +131 -0
package/coverage/lcov-report/src/api/rest/query-parser.ts.html +550 -0
package/coverage/lcov-report/src/api/schema-editor-routes.ts.html +202 -0
package/coverage/lcov-report/src/api/server.ts.html +823 -0
package/coverage/lcov-report/src/auth/admin-routes.ts.html +973 -0
package/coverage/lcov-report/src/auth/index.html +176 -0
package/coverage/lcov-report/src/auth/jwt.ts.html +574 -0
package/coverage/lcov-report/src/auth/middleware.ts.html +745 -0
package/coverage/lcov-report/src/auth/password.ts.html +310 -0
package/coverage/lcov-report/src/auth/services.ts.html +2074 -0
package/coverage/lcov-report/src/collections/index.html +116 -0
package/coverage/lcov-report/src/collections/loader.ts.html +232 -0
package/coverage/lcov-report/src/db/auth-schema.ts.html +523 -0
package/coverage/lcov-report/src/db/data-transformer.ts.html +1753 -0
package/coverage/lcov-report/src/db/entityService.ts.html +700 -0
package/coverage/lcov-report/src/db/index.html +146 -0
package/coverage/lcov-report/src/db/services/EntityFetchService.ts.html +4048 -0
package/coverage/lcov-report/src/db/services/EntityPersistService.ts.html +883 -0
package/coverage/lcov-report/src/db/services/RelationService.ts.html +3121 -0
package/coverage/lcov-report/src/db/services/entity-helpers.ts.html +442 -0
package/coverage/lcov-report/src/db/services/index.html +176 -0
package/coverage/lcov-report/src/db/services/index.ts.html +124 -0
package/coverage/lcov-report/src/generate-drizzle-schema-logic.ts.html +1960 -0
package/coverage/lcov-report/src/index.html +116 -0
package/coverage/lcov-report/src/services/driver-registry.ts.html +631 -0
package/coverage/lcov-report/src/services/index.html +131 -0
package/coverage/lcov-report/src/services/postgresDataDriver.ts.html +3025 -0
package/coverage/lcov-report/src/storage/LocalStorageController.ts.html +1189 -0
package/coverage/lcov-report/src/storage/S3StorageController.ts.html +970 -0
package/coverage/lcov-report/src/storage/index.html +161 -0
package/coverage/lcov-report/src/storage/storage-registry.ts.html +646 -0
package/coverage/lcov-report/src/storage/types.ts.html +451 -0
package/coverage/lcov-report/src/utils/drizzle-conditions.ts.html +3082 -0
package/coverage/lcov-report/src/utils/index.html +116 -0
package/coverage/lcov.info +7179 -0
package/dist/common/src/collections/CollectionRegistry.d.ts +56 -0
package/dist/common/src/collections/index.d.ts +1 -0
package/dist/common/src/data/buildRebaseData.d.ts +14 -0
package/dist/common/src/index.d.ts +3 -0
package/dist/common/src/util/builders.d.ts +57 -0
package/dist/common/src/util/callbacks.d.ts +6 -0
package/dist/common/src/util/collections.d.ts +11 -0
package/dist/common/src/util/common.d.ts +2 -0
package/dist/common/src/util/conditions.d.ts +26 -0
package/dist/common/src/util/entities.d.ts +58 -0
package/dist/common/src/util/enums.d.ts +3 -0
package/dist/common/src/util/index.d.ts +16 -0
package/dist/common/src/util/navigation_from_path.d.ts +34 -0
package/dist/common/src/util/navigation_utils.d.ts +20 -0
package/dist/common/src/util/parent_references_from_path.d.ts +6 -0
package/dist/common/src/util/paths.d.ts +14 -0
package/dist/common/src/util/permissions.d.ts +5 -0
package/dist/common/src/util/references.d.ts +2 -0
package/dist/common/src/util/relations.d.ts +22 -0
package/dist/common/src/util/resolutions.d.ts +72 -0
package/dist/common/src/util/storage.d.ts +24 -0
package/dist/index-DXVBFp5V.js +37 -0
package/dist/index-DXVBFp5V.js.map +1 -0
package/dist/index.es.js +49934 -0
package/dist/index.es.js.map +1 -0
package/dist/index.umd.js +49968 -0
package/dist/index.umd.js.map +1 -0
package/dist/server-core/src/api/ast-schema-editor.d.ts +21 -0
package/dist/server-core/src/api/collections_for_test/callbacks_test_collection.d.ts +2 -0
package/dist/server-core/src/api/errors.d.ts +35 -0
package/dist/server-core/src/api/graphql/graphql-schema-generator.d.ts +35 -0
package/dist/server-core/src/api/graphql/index.d.ts +1 -0
package/dist/server-core/src/api/index.d.ts +9 -0
package/dist/server-core/src/api/openapi-generator.d.ts +16 -0
package/dist/server-core/src/api/rest/api-generator.d.ts +64 -0
package/dist/server-core/src/api/rest/index.d.ts +1 -0
package/dist/server-core/src/api/rest/query-parser.d.ts +9 -0
package/dist/server-core/src/api/schema-editor-routes.d.ts +3 -0
package/dist/server-core/src/api/server.d.ts +40 -0
package/dist/server-core/src/api/types.d.ts +90 -0
package/dist/server-core/src/auth/admin-routes.d.ts +16 -0
package/dist/server-core/src/auth/apple-oauth.d.ts +30 -0
package/dist/server-core/src/auth/bitbucket-oauth.d.ts +11 -0
package/dist/server-core/src/auth/discord-oauth.d.ts +14 -0
package/dist/server-core/src/auth/facebook-oauth.d.ts +14 -0
package/dist/server-core/src/auth/github-oauth.d.ts +15 -0
package/dist/server-core/src/auth/gitlab-oauth.d.ts +13 -0
package/dist/server-core/src/auth/google-oauth.d.ts +14 -0
package/dist/server-core/src/auth/index.d.ts +23 -0
package/dist/server-core/src/auth/interfaces.d.ts +309 -0
package/dist/server-core/src/auth/jwt.d.ts +43 -0
package/dist/server-core/src/auth/linkedin-oauth.d.ts +18 -0
package/dist/server-core/src/auth/microsoft-oauth.d.ts +16 -0
package/dist/server-core/src/auth/middleware.d.ts +81 -0
package/dist/server-core/src/auth/password.d.ts +22 -0
package/dist/server-core/src/auth/rate-limiter.d.ts +31 -0
package/dist/server-core/src/auth/routes.d.ts +27 -0
package/dist/server-core/src/auth/slack-oauth.d.ts +12 -0
package/dist/server-core/src/auth/spotify-oauth.d.ts +12 -0
package/dist/server-core/src/auth/twitter-oauth.d.ts +18 -0
package/dist/server-core/src/bootstrappers/index.d.ts +0 -0
package/dist/server-core/src/collections/BackendCollectionRegistry.d.ts +13 -0
package/dist/server-core/src/collections/loader.d.ts +5 -0
package/dist/server-core/src/cron/cron-loader.d.ts +17 -0
package/dist/server-core/src/cron/cron-routes.d.ts +14 -0
package/dist/server-core/src/cron/cron-scheduler.d.ts +61 -0
package/dist/server-core/src/cron/cron-store.d.ts +32 -0
package/dist/server-core/src/cron/index.d.ts +6 -0
package/dist/server-core/src/db/interfaces.d.ts +18 -0
package/dist/server-core/src/email/index.d.ts +6 -0
package/dist/server-core/src/email/smtp-email-service.d.ts +25 -0
package/dist/server-core/src/email/templates.d.ts +42 -0
package/dist/server-core/src/email/types.d.ts +107 -0
package/dist/server-core/src/functions/function-loader.d.ts +17 -0
package/dist/server-core/src/functions/function-routes.d.ts +10 -0
package/dist/server-core/src/functions/index.d.ts +3 -0
package/dist/server-core/src/history/history-routes.d.ts +23 -0
package/dist/server-core/src/history/index.d.ts +1 -0
package/dist/server-core/src/index.d.ts +29 -0
package/dist/server-core/src/init.d.ts +159 -0
package/dist/server-core/src/serve-spa.d.ts +30 -0
package/dist/server-core/src/services/driver-registry.d.ts +78 -0
package/dist/server-core/src/singleton.d.ts +35 -0
package/dist/server-core/src/storage/LocalStorageController.d.ts +46 -0
package/dist/server-core/src/storage/S3StorageController.d.ts +36 -0
package/dist/server-core/src/storage/index.d.ts +25 -0
package/dist/server-core/src/storage/routes.d.ts +38 -0
package/dist/server-core/src/storage/storage-registry.d.ts +78 -0
package/dist/server-core/src/storage/types.d.ts +103 -0
package/dist/server-core/src/types/index.d.ts +11 -0
package/dist/server-core/src/utils/dev-port.d.ts +35 -0
package/dist/server-core/src/utils/logger.d.ts +31 -0
package/dist/server-core/src/utils/logging.d.ts +9 -0
package/dist/server-core/src/utils/request-logger.d.ts +19 -0
package/dist/server-core/src/utils/sql.d.ts +27 -0
package/dist/types/src/controllers/analytics_controller.d.ts +7 -0
package/dist/types/src/controllers/auth.d.ts +119 -0
package/dist/types/src/controllers/client.d.ts +170 -0
package/dist/types/src/controllers/collection_registry.d.ts +45 -0
package/dist/types/src/controllers/customization_controller.d.ts +60 -0
package/dist/types/src/controllers/data.d.ts +168 -0
package/dist/types/src/controllers/data_driver.d.ts +160 -0
package/dist/types/src/controllers/database_admin.d.ts +11 -0
package/dist/types/src/controllers/dialogs_controller.d.ts +36 -0
package/dist/types/src/controllers/effective_role.d.ts +4 -0
package/dist/types/src/controllers/email.d.ts +34 -0
package/dist/types/src/controllers/index.d.ts +18 -0
package/dist/types/src/controllers/local_config_persistence.d.ts +20 -0
package/dist/types/src/controllers/navigation.d.ts +213 -0
package/dist/types/src/controllers/registry.d.ts +54 -0
package/dist/types/src/controllers/side_dialogs_controller.d.ts +67 -0
package/dist/types/src/controllers/side_entity_controller.d.ts +90 -0
package/dist/types/src/controllers/snackbar.d.ts +24 -0
package/dist/types/src/controllers/storage.d.ts +171 -0
package/dist/types/src/index.d.ts +4 -0
package/dist/types/src/rebase_context.d.ts +105 -0
package/dist/types/src/types/backend.d.ts +536 -0
package/dist/types/src/types/builders.d.ts +15 -0
package/dist/types/src/types/chips.d.ts +5 -0
package/dist/types/src/types/collections.d.ts +856 -0
package/dist/types/src/types/cron.d.ts +102 -0
package/dist/types/src/types/data_source.d.ts +64 -0
package/dist/types/src/types/entities.d.ts +145 -0
package/dist/types/src/types/entity_actions.d.ts +98 -0
package/dist/types/src/types/entity_callbacks.d.ts +173 -0
package/dist/types/src/types/entity_link_builder.d.ts +7 -0
package/dist/types/src/types/entity_overrides.d.ts +10 -0
package/dist/types/src/types/entity_views.d.ts +61 -0
package/dist/types/src/types/export_import.d.ts +21 -0
package/dist/types/src/types/index.d.ts +23 -0
package/dist/types/src/types/locales.d.ts +4 -0
package/dist/types/src/types/modify_collections.d.ts +5 -0
package/dist/types/src/types/plugins.d.ts +279 -0
package/dist/types/src/types/properties.d.ts +1176 -0
package/dist/types/src/types/property_config.d.ts +70 -0
package/dist/types/src/types/relations.d.ts +336 -0
package/dist/types/src/types/slots.d.ts +252 -0
package/dist/types/src/types/translations.d.ts +870 -0
package/dist/types/src/types/user_management_delegate.d.ts +121 -0
package/dist/types/src/types/websockets.d.ts +78 -0
package/dist/types/src/users/index.d.ts +2 -0
package/dist/types/src/users/roles.d.ts +22 -0
package/dist/types/src/users/user.d.ts +46 -0
package/history_diff.log +385 -0
package/jest.config.cjs +16 -0
package/package.json +86 -0
package/scratch.ts +9 -0
package/src/api/ast-schema-editor.ts +289 -0
package/src/api/collections_for_test/callbacks_test_collection.ts +60 -0
package/src/api/errors.ts +179 -0
package/src/api/graphql/graphql-schema-generator.ts +336 -0
package/src/api/graphql/index.ts +2 -0
package/src/api/index.ts +11 -0
package/src/api/openapi-generator.ts +715 -0
package/src/api/rest/api-generator.ts +472 -0
package/src/api/rest/index.ts +2 -0
package/src/api/rest/query-parser.ts +155 -0
package/src/api/schema-editor-routes.ts +41 -0
package/src/api/server.ts +248 -0
package/src/api/types.ts +90 -0
package/src/auth/admin-routes.ts +529 -0
package/src/auth/apple-oauth.ts +130 -0
package/src/auth/bitbucket-oauth.ts +82 -0
package/src/auth/discord-oauth.ts +83 -0
package/src/auth/facebook-oauth.ts +72 -0
package/src/auth/github-oauth.ts +110 -0
package/src/auth/gitlab-oauth.ts +70 -0
package/src/auth/google-oauth.ts +48 -0
package/src/auth/index.ts +34 -0
package/src/auth/interfaces.ts +363 -0
package/src/auth/jwt.ts +181 -0
package/src/auth/linkedin-oauth.ts +81 -0
package/src/auth/microsoft-oauth.ts +88 -0
package/src/auth/middleware.ts +384 -0
package/src/auth/password.ts +77 -0
package/src/auth/rate-limiter.ts +129 -0
package/src/auth/routes.ts +788 -0
package/src/auth/slack-oauth.ts +71 -0
package/src/auth/spotify-oauth.ts +67 -0
package/src/auth/twitter-oauth.ts +120 -0
package/src/bootstrappers/index.ts +1 -0
package/src/collections/BackendCollectionRegistry.ts +20 -0
package/src/collections/loader.ts +49 -0
package/src/cron/cron-loader.ts +89 -0
package/src/cron/cron-routes.test.ts +265 -0
package/src/cron/cron-routes.ts +85 -0
package/src/cron/cron-scheduler.test.ts +421 -0
package/src/cron/cron-scheduler.ts +413 -0
package/src/cron/cron-store.ts +163 -0
package/src/cron/index.ts +6 -0
package/src/db/interfaces.ts +60 -0
package/src/email/index.ts +18 -0
package/src/email/smtp-email-service.ts +91 -0
package/src/email/templates.ts +388 -0
package/src/email/types.ts +105 -0
package/src/functions/function-loader.ts +119 -0
package/src/functions/function-routes.ts +31 -0
package/src/functions/index.ts +3 -0
package/src/history/history-routes.ts +129 -0
package/src/history/index.ts +2 -0
package/src/index.ts +66 -0
package/src/init.ts +727 -0
package/src/serve-spa.ts +81 -0
package/src/services/driver-registry.ts +182 -0
package/src/singleton.test.ts +28 -0
package/src/singleton.ts +70 -0
package/src/storage/LocalStorageController.ts +365 -0
package/src/storage/S3StorageController.ts +298 -0
package/src/storage/index.ts +43 -0
package/src/storage/routes.ts +264 -0
package/src/storage/storage-registry.ts +187 -0
package/src/storage/types.ts +134 -0
package/src/types/index.ts +27 -0
package/src/utils/dev-port.ts +176 -0
package/src/utils/logger.ts +143 -0
package/src/utils/logging.ts +38 -0
package/src/utils/request-logger.ts +66 -0
package/src/utils/sql.ts +38 -0
package/test/admin-routes.test.ts +640 -0
package/test/api-generator.test.ts +501 -0
package/test/ast-schema-editor.test.ts +63 -0
package/test/auth-middleware-hono.test.ts +556 -0
package/test/auth-routes.test.ts +1047 -0
package/test/driver-registry.test.ts +282 -0
package/test/error-propagation.test.ts +226 -0
package/test/errors-hono.test.ts +133 -0
package/test/errors.test.ts +155 -0
package/test/jwt-security.test.ts +182 -0
package/test/jwt.test.ts +324 -0
package/test/middleware.test.ts +300 -0
package/test/password.test.ts +165 -0
package/test/query-parser.test.ts +263 -0
package/test/rate-limiter.test.ts +102 -0
package/test/safe-compare.test.ts +66 -0
package/test/singleton.test.ts +59 -0
package/test/storage-local.test.ts +271 -0
package/test/storage-registry.test.ts +282 -0
package/test/storage-routes.test.ts +222 -0
package/test/storage-s3.test.ts +304 -0
package/test-ast.ts +28 -0
package/test.ts +6 -0
package/test_output.txt +1133 -0
package/tsconfig.json +49 -0
package/tsconfig.prod.json +20 -0
package/vite.config.ts +80 -0

package/src/auth/bitbucket-oauth.ts ADDED Viewed

@@ -0,0 +1,82 @@
+import type { OAuthProvider, OAuthProviderProfile } from "./interfaces";
+import { z } from "zod";
+/**
+ * Creates a Bitbucket OAuth Provider integration (OAuth 2.0 consumer).
+ */
+export function createBitbucketProvider(config: { clientId: string; clientSecret: string }): OAuthProvider<{ code: string; redirectUri: string }> {
+    return {
+        id: "bitbucket",
+        schema: z.object({
+            code: z.string().min(1, "Auth code is required"),
+            redirectUri: z.string().url("Valid redirect URI is required")
+        }),
+        verify: async (payload: { code: string; redirectUri: string }): Promise<OAuthProviderProfile | null> => {
+            try {
+                const basicAuth = Buffer.from(`${config.clientId}:${config.clientSecret}`).toString("base64");
+                const tokenResponse = await fetch("https://bitbucket.org/site/oauth2/access_token", {
+                    method: "POST",
+                    headers: {
+                        "Content-Type": "application/x-www-form-urlencoded",
+                        "Authorization": `Basic ${basicAuth}`
+                    },
+                    body: new URLSearchParams({
+                        grant_type: "authorization_code",
+                        code: payload.code,
+                        redirect_uri: payload.redirectUri
+                    })
+                });
+                if (!tokenResponse.ok) {
+                    console.error("Failed to get Bitbucket access token:", await tokenResponse.text());
+                    return null;
+                }
+                const tokenData = await tokenResponse.json() as { access_token: string };
+                const accessToken = tokenData.access_token;
+                const profileResponse = await fetch("https://api.bitbucket.org/2.0/user", {
+                    headers: { "Authorization": `Bearer ${accessToken}` }
+                });
+                if (!profileResponse.ok) {
+                    console.error("Failed to get Bitbucket user info:", await profileResponse.text());
+                    return null;
+                }
+                const p = await profileResponse.json() as {
+                    uuid: string; display_name?: string; username?: string;
+                    links?: { avatar?: { href?: string } };
+                };
+                // Bitbucket doesn't return email in user profile — fetch from /emails endpoint
+                const emailsResponse = await fetch("https://api.bitbucket.org/2.0/user/emails", {
+                    headers: { "Authorization": `Bearer ${accessToken}` }
+                });
+                let email: string | null = null;
+                if (emailsResponse.ok) {
+                    const emailData = await emailsResponse.json() as {
+                        values: Array<{ email: string; is_primary: boolean; is_confirmed: boolean }>;
+                    };
+                    const primary = emailData.values.find(e => e.is_primary && e.is_confirmed)
+                        || emailData.values.find(e => e.is_confirmed);
+                    email = primary?.email || null;
+                }
+                if (!email) { console.error("Bitbucket user has no verified email"); return null; }
+                return {
+                    providerId: p.uuid,
+                    email,
+                    displayName: p.display_name || p.username || null,
+                    photoUrl: p.links?.avatar?.href || null
+                };
+            } catch (error) {
+                console.error("Bitbucket OAuth error:", error);
+                return null;
+            }
+        }
+    };
+}

package/src/auth/discord-oauth.ts ADDED Viewed

@@ -0,0 +1,83 @@
+import type { OAuthProvider, OAuthProviderProfile } from "./interfaces";
+import { z } from "zod";
+/**
+ * Creates a Discord OAuth2 Provider integration.
+ *
+ * Uses the authorization code flow. Requires the "identify" and "email"
+ * scopes to retrieve the user's email and profile information.
+ */
+export function createDiscordProvider(config: { clientId: string; clientSecret: string }): OAuthProvider<{ code: string; redirectUri: string }> {
+    return {
+        id: "discord",
+        schema: z.object({
+            code: z.string().min(1, "Auth code is required"),
+            redirectUri: z.string().url("Valid redirect URI is required")
+        }),
+        verify: async (payload: { code: string; redirectUri: string }): Promise<OAuthProviderProfile | null> => {
+            try {
+                // Exchange code for access token
+                const tokenResponse = await fetch("https://discord.com/api/v10/oauth2/token", {
+                    method: "POST",
+                    headers: { "Content-Type": "application/x-www-form-urlencoded" },
+                    body: new URLSearchParams({
+                        client_id: config.clientId,
+                        client_secret: config.clientSecret,
+                        grant_type: "authorization_code",
+                        code: payload.code,
+                        redirect_uri: payload.redirectUri
+                    })
+                });
+                if (!tokenResponse.ok) {
+                    console.error("Failed to get Discord access token:", await tokenResponse.text());
+                    return null;
+                }
+                const tokenData = await tokenResponse.json() as { access_token: string };
+                const accessToken = tokenData.access_token;
+                // Fetch user profile
+                const profileResponse = await fetch("https://discord.com/api/v10/users/@me", {
+                    headers: { "Authorization": `Bearer ${accessToken}` }
+                });
+                if (!profileResponse.ok) {
+                    console.error("Failed to get Discord user info:", await profileResponse.text());
+                    return null;
+                }
+                const profileData = await profileResponse.json() as {
+                    id: string;
+                    username: string;
+                    global_name?: string | null;
+                    avatar?: string | null;
+                    email?: string | null;
+                    verified?: boolean;
+                };
+                if (!profileData.email) {
+                    console.error("Discord user has no email (email scope may not have been granted)");
+                    return null;
+                }
+                // Build avatar URL
+                let photoUrl: string | null = null;
+                if (profileData.avatar) {
+                    const ext = profileData.avatar.startsWith("a_") ? "gif" : "png";
+                    photoUrl = `https://cdn.discordapp.com/avatars/${profileData.id}/${profileData.avatar}.${ext}?size=256`;
+                }
+                return {
+                    providerId: profileData.id,
+                    email: profileData.email,
+                    displayName: profileData.global_name || profileData.username || null,
+                    photoUrl
+                };
+            } catch (error) {
+                console.error("Discord OAuth error:", error);
+                return null;
+            }
+        }
+    };
+}

package/src/auth/facebook-oauth.ts ADDED Viewed

@@ -0,0 +1,72 @@
+import type { OAuthProvider, OAuthProviderProfile } from "./interfaces";
+import { z } from "zod";
+/**
+ * Creates a Facebook / Meta OAuth Provider integration.
+ *
+ * Uses the authorization code flow to exchange a code for an access token,
+ * then fetches user profile from the Facebook Graph API.
+ */
+export function createFacebookProvider(config: { clientId: string; clientSecret: string }): OAuthProvider<{ code: string; redirectUri: string }> {
+    return {
+        id: "facebook",
+        schema: z.object({
+            code: z.string().min(1, "Auth code is required"),
+            redirectUri: z.string().url("Valid redirect URI is required")
+        }),
+        verify: async (payload: { code: string; redirectUri: string }): Promise<OAuthProviderProfile | null> => {
+            try {
+                // Exchange code for access token
+                const tokenUrl = new URL("https://graph.facebook.com/v19.0/oauth/access_token");
+                tokenUrl.searchParams.set("client_id", config.clientId);
+                tokenUrl.searchParams.set("client_secret", config.clientSecret);
+                tokenUrl.searchParams.set("redirect_uri", payload.redirectUri);
+                tokenUrl.searchParams.set("code", payload.code);
+                const tokenResponse = await fetch(tokenUrl.toString());
+                if (!tokenResponse.ok) {
+                    console.error("Failed to get Facebook access token:", await tokenResponse.text());
+                    return null;
+                }
+                const tokenData = await tokenResponse.json() as { access_token: string };
+                const accessToken = tokenData.access_token;
+                // Fetch user profile with email and profile picture
+                const profileUrl = new URL("https://graph.facebook.com/v19.0/me");
+                profileUrl.searchParams.set("fields", "id,name,email,picture.type(large)");
+                profileUrl.searchParams.set("access_token", accessToken);
+                const profileResponse = await fetch(profileUrl.toString());
+                if (!profileResponse.ok) {
+                    console.error("Failed to get Facebook user info:", await profileResponse.text());
+                    return null;
+                }
+                const profileData = await profileResponse.json() as {
+                    id: string;
+                    name?: string;
+                    email?: string;
+                    picture?: { data?: { url?: string } };
+                };
+                if (!profileData.email) {
+                    console.error("Facebook user has no email (email permission may not have been granted)");
+                    return null;
+                }
+                return {
+                    providerId: profileData.id,
+                    email: profileData.email,
+                    displayName: profileData.name || null,
+                    photoUrl: profileData.picture?.data?.url || null
+                };
+            } catch (error) {
+                console.error("Facebook OAuth error:", error);
+                return null;
+            }
+        }
+    };
+}

package/src/auth/github-oauth.ts ADDED Viewed

@@ -0,0 +1,110 @@
+import type { OAuthProvider, OAuthProviderProfile } from "./interfaces";
+import { z } from "zod";
+/**
+ * Creates a GitHub OAuth Provider integration.
+ *
+ * Flow: Frontend receives an authorization `code` via the GitHub OAuth redirect.
+ * This provider exchanges the code for an access token, then fetches the user's
+ * profile and primary email from the GitHub API.
+ */
+export function createGitHubProvider(config: { clientId: string; clientSecret: string }): OAuthProvider<{ code: string; redirectUri: string }> {
+    return {
+        id: "github",
+        schema: z.object({
+            code: z.string().min(1, "Auth code is required"),
+            redirectUri: z.string().url("Valid redirect URI is required")
+        }),
+        verify: async (payload: { code: string; redirectUri: string }): Promise<OAuthProviderProfile | null> => {
+            try {
+                // Exchange code for access token
+                const tokenResponse = await fetch("https://github.com/login/oauth/access_token", {
+                    method: "POST",
+                    headers: {
+                        "Content-Type": "application/json",
+                        "Accept": "application/json"
+                    },
+                    body: JSON.stringify({
+                        client_id: config.clientId,
+                        client_secret: config.clientSecret,
+                        code: payload.code,
+                        redirect_uri: payload.redirectUri
+                    })
+                });
+                if (!tokenResponse.ok) {
+                    console.error("Failed to get GitHub access token:", await tokenResponse.text());
+                    return null;
+                }
+                const tokenData = await tokenResponse.json() as { access_token?: string; error?: string };
+                if (tokenData.error || !tokenData.access_token) {
+                    console.error("GitHub token exchange error:", tokenData.error);
+                    return null;
+                }
+                const accessToken = tokenData.access_token;
+                // Fetch user profile
+                const profileResponse = await fetch("https://api.github.com/user", {
+                    headers: {
+                        "Authorization": `Bearer ${accessToken}`,
+                        "Accept": "application/vnd.github+json",
+                        "User-Agent": "Rebase-Auth"
+                    }
+                });
+                if (!profileResponse.ok) {
+                    console.error("Failed to get GitHub user info:", await profileResponse.text());
+                    return null;
+                }
+                const profileData = await profileResponse.json() as {
+                    id: number;
+                    login: string;
+                    name?: string | null;
+                    avatar_url?: string | null;
+                    email?: string | null;
+                };
+                // GitHub may not return email in profile if it's private.
+                // Fetch from /user/emails endpoint instead.
+                let email = profileData.email;
+                if (!email) {
+                    const emailsResponse = await fetch("https://api.github.com/user/emails", {
+                        headers: {
+                            "Authorization": `Bearer ${accessToken}`,
+                            "Accept": "application/vnd.github+json",
+                            "User-Agent": "Rebase-Auth"
+                        }
+                    });
+                    if (emailsResponse.ok) {
+                        const emails = await emailsResponse.json() as Array<{
+                            email: string;
+                            primary: boolean;
+                            verified: boolean;
+                        }>;
+                        const primary = emails.find(e => e.primary && e.verified) || emails.find(e => e.verified);
+                        email = primary?.email || null;
+                    }
+                }
+                if (!email) {
+                    console.error("GitHub user has no verified email");
+                    return null;
+                }
+                return {
+                    providerId: String(profileData.id),
+                    email,
+                    displayName: profileData.name || profileData.login || null,
+                    photoUrl: profileData.avatar_url || null
+                };
+            } catch (error) {
+                console.error("GitHub OAuth error:", error);
+                return null;
+            }
+        }
+    };
+}

package/src/auth/gitlab-oauth.ts ADDED Viewed

@@ -0,0 +1,70 @@
+import type { OAuthProvider, OAuthProviderProfile } from "./interfaces";
+import { z } from "zod";
+/**
+ * Creates a GitLab OAuth Provider integration.
+ * Works with both GitLab.com and self-hosted instances.
+ */
+export function createGitLabProvider(config: {
+    clientId: string;
+    clientSecret: string;
+    baseUrl?: string;
+}): OAuthProvider<{ code: string; redirectUri: string }> {
+    const gitlabUrl = (config.baseUrl || "https://gitlab.com").replace(/\/$/, "");
+    return {
+        id: "gitlab",
+        schema: z.object({
+            code: z.string().min(1, "Auth code is required"),
+            redirectUri: z.string().url("Valid redirect URI is required")
+        }),
+        verify: async (payload: { code: string; redirectUri: string }): Promise<OAuthProviderProfile | null> => {
+            try {
+                const tokenResponse = await fetch(`${gitlabUrl}/oauth/token`, {
+                    method: "POST",
+                    headers: { "Content-Type": "application/json" },
+                    body: JSON.stringify({
+                        client_id: config.clientId,
+                        client_secret: config.clientSecret,
+                        code: payload.code,
+                        grant_type: "authorization_code",
+                        redirect_uri: payload.redirectUri
+                    })
+                });
+                if (!tokenResponse.ok) {
+                    console.error("Failed to get GitLab access token:", await tokenResponse.text());
+                    return null;
+                }
+                const tokenData = await tokenResponse.json() as { access_token: string };
+                const profileResponse = await fetch(`${gitlabUrl}/api/v4/user`, {
+                    headers: { "Authorization": `Bearer ${tokenData.access_token}` }
+                });
+                if (!profileResponse.ok) {
+                    console.error("Failed to get GitLab user info:", await profileResponse.text());
+                    return null;
+                }
+                const p = await profileResponse.json() as {
+                    id: number; username: string; name?: string;
+                    email: string; avatar_url?: string | null;
+                };
+                if (!p.email) { console.error("GitLab user has no email"); return null; }
+                return {
+                    providerId: String(p.id),
+                    email: p.email,
+                    displayName: p.name || p.username || null,
+                    photoUrl: p.avatar_url || null
+                };
+            } catch (error) {
+                console.error("GitLab OAuth error:", error);
+                return null;
+            }
+        }
+    };
+}

package/src/auth/google-oauth.ts ADDED Viewed

@@ -0,0 +1,48 @@
+import { OAuth2Client } from "google-auth-library/build/src/index.js";
+import type { OAuthProvider, OAuthProviderProfile } from "./interfaces";
+import { z } from "zod";
+export interface GoogleUserInfo {
+    googleId: string;
+    email: string;
+    displayName: string | null;
+    photoUrl: string | null;
+    emailVerified: boolean;
+}
+/**
+ * Creates a Google OAuth Provider integration
+ */
+export function createGoogleProvider(clientId: string): OAuthProvider<{ idToken: string }> {
+    const googleClient = new OAuth2Client(clientId);
+    return {
+        id: "google",
+        schema: z.object({
+            idToken: z.string().min(1, "ID token is required")
+        }),
+        verify: async (payload: { idToken: string }): Promise<OAuthProviderProfile | null> => {
+            try {
+                const ticket = await googleClient.verifyIdToken({
+                    idToken: payload.idToken,
+                    audience: clientId
+                });
+                const content = ticket.getPayload();
+                if (!content) {
+                    return null;
+                }
+                return {
+                    providerId: content.sub,
+                    email: content.email || "",
+                    displayName: content.name || null,
+                    photoUrl: content.picture || null
+                };
+            } catch (error) {
+                console.error("Failed to verify Google ID token:", error);
+                return null;
+            }
+        }
+    };
+}

package/src/auth/index.ts ADDED Viewed

@@ -0,0 +1,34 @@
+// Auth module exports
+export * from "./interfaces";
+export { configureJwt, generateAccessToken, verifyAccessToken, generateRefreshToken, hashRefreshToken, getRefreshTokenExpiry, getAccessTokenExpiry } from "./jwt";
+export type { JwtConfig, AccessTokenPayload } from "./jwt";
+export { hashPassword, verifyPassword, validatePasswordStrength } from "./password";
+export type { PasswordValidationResult } from "./password";
+// OAuth Providers
+export { createGoogleProvider } from "./google-oauth";
+export { createLinkedinProvider } from "./linkedin-oauth";
+export { createGitHubProvider } from "./github-oauth";
+export { createMicrosoftProvider } from "./microsoft-oauth";
+export { createAppleProvider } from "./apple-oauth";
+export { createFacebookProvider } from "./facebook-oauth";
+export { createTwitterProvider } from "./twitter-oauth";
+export { createDiscordProvider } from "./discord-oauth";
+export { createGitLabProvider } from "./gitlab-oauth";
+export { createBitbucketProvider } from "./bitbucket-oauth";
+export { createSlackProvider } from "./slack-oauth";
+export { createSpotifyProvider } from "./spotify-oauth";
+export { requireAuth, requireAdmin, optionalAuth, extractUserFromToken, createAuthMiddleware } from "./middleware";
+export type { AuthMiddlewareOptions, AuthResult } from "./middleware";
+export { createAuthRoutes } from "./routes";
+export type { AuthModuleConfig } from "./routes";
+export { createAdminRoutes } from "./admin-routes";
+export { createRateLimiter, defaultAuthLimiter, strictAuthLimiter } from "./rate-limiter";