@robelest/convex-auth 0.0.1

package/dist/server/oauth/lib/utils/customFetch.d.ts

@@ -0,0 +1,9 @@
+import * as o from "oauth4webapi";
+import type { InternalProvider } from "../../types";
+import { OAuthConfig } from "@auth/core/providers/index.js";
+export { customFetch } from "@auth/core";
+type FetchOptResult = {
+    [o.customFetch]: typeof fetch;
+};
+export declare function fetchOpt(providerOrConfig: InternalProvider<"oauth" | "oidc"> | OAuthConfig<any>): FetchOptResult;
+//# sourceMappingURL=customFetch.d.ts.map

package/dist/server/oauth/lib/utils/customFetch.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"customFetch.d.ts","sourceRoot":"","sources":["../../../../../src/server/oauth/lib/utils/customFetch.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,CAAC,MAAM,cAAc,CAAC;AAClC,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEpD,OAAO,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAC;AAE5D,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAEzC,KAAK,cAAc,GAAG;IACpB,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,OAAO,KAAK,CAAC;CAC/B,CAAC;AAIF,wBAAgB,QAAQ,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,OAAO,GAAG,MAAM,CAAC,GAAG,WAAW,CAAC,GAAG,CAAC,GAAG,cAAc,CAEhH"}

package/dist/server/oauth/lib/utils/customFetch.js

@@ -0,0 +1,11 @@
+// This file is adapted from packages/core/src/lib/utils/custom-fetch.ts in the @auth/core package (commit 5af1f30a32e64591abc50ae4d2dba4682e525431).
+import * as o from "oauth4webapi";
+import { customFetch } from "@auth/core";
+// ConvexAuth:re-export the symbol from @auth/core
+export { customFetch } from "@auth/core";
+// ConvexAuth: Expose this internal function so we can use it.
+// ConvexAuth: Make a version that works on InternalProvider and OAuthConfig
+export function fetchOpt(providerOrConfig) {
+    return { [o.customFetch]: providerOrConfig[customFetch] ?? fetch };
+}
+//# sourceMappingURL=customFetch.js.map

package/dist/server/oauth/lib/utils/customFetch.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"customFetch.js","sourceRoot":"","sources":["../../../../../src/server/oauth/lib/utils/customFetch.ts"],"names":[],"mappings":"AAAA,qJAAqJ;AAErJ,OAAO,KAAK,CAAC,MAAM,cAAc,CAAC;AAElC,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAEzC,kDAAkD;AAClD,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAMzC,8DAA8D;AAC9D,4EAA4E;AAC5E,MAAM,UAAU,QAAQ,CAAC,gBAAuE;IAC9F,OAAO,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,gBAAgB,CAAC,WAAW,CAAC,IAAI,KAAK,EAAE,CAAC;AACrE,CAAC"}

package/dist/server/oauth/lib/utils/providers.d.ts

@@ -0,0 +1,3 @@
+import { InternalProvider } from "../../types.js";
+export declare function isOIDCProvider(provider: InternalProvider<"oidc" | "oauth">): provider is InternalProvider<"oidc">;
+//# sourceMappingURL=providers.d.ts.map

package/dist/server/oauth/lib/utils/providers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"providers.d.ts","sourceRoot":"","sources":["../../../../../src/server/oauth/lib/utils/providers.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAElD,wBAAgB,cAAc,CAC5B,QAAQ,EAAE,gBAAgB,CAAC,MAAM,GAAG,OAAO,CAAC,GAC3C,QAAQ,IAAI,gBAAgB,CAAC,MAAM,CAAC,CAEtC"}

package/dist/server/oauth/lib/utils/providers.js

@@ -0,0 +1,7 @@
+// This file maps to packages/core/src/lib/utils/providers.ts in the @auth/core package (commit 5af1f30a32e64591abc50ae4d2dba4682e525431).
+export function isOIDCProvider(provider) {
+    return provider.type === "oidc";
+}
+// ConvexAuth: There are several more functions in the original file which we don't need,
+// and are omitted here.
+//# sourceMappingURL=providers.js.map

package/dist/server/oauth/lib/utils/providers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"providers.js","sourceRoot":"","sources":["../../../../../src/server/oauth/lib/utils/providers.ts"],"names":[],"mappings":"AAAA,0IAA0I;AAI1I,MAAM,UAAU,cAAc,CAC5B,QAA4C;IAE5C,OAAO,QAAQ,CAAC,IAAI,KAAK,MAAM,CAAC;AAClC,CAAC;AAED,yFAAyF;AACzF,wBAAwB"}

package/dist/server/oauth/providers/oauth.d.ts

@@ -0,0 +1,43 @@
+import { OAuth2Config, OAuthConfig, OAuthEndpointType, OIDCConfig, TokenEndpointHandler, UserinfoEndpointHandler } from "@auth/core/providers/index.js";
+import { PrivateKey } from "oauth4webapi";
+/**
+ * We parsed `authorization`, `token` and `userinfo`
+ * to always contain a valid `URL`, with the params
+ * @internal
+ */
+export type OAuthConfigInternal<Profile> = Omit<OAuthConfig<Profile>, OAuthEndpointType | "redirectProxyUrl"> & {
+    authorization?: {
+        url: URL;
+    };
+    token?: {
+        url: URL;
+        request?: TokenEndpointHandler["request"];
+        clientPrivateKey?: CryptoKey | PrivateKey;
+        /**
+         * @internal
+         * @deprecated
+         */
+        conform?: TokenEndpointHandler["conform"];
+    };
+    userinfo?: {
+        url: URL;
+        request?: UserinfoEndpointHandler["request"];
+    };
+    /**
+     * Reconstructed from {@link OAuth2Config.redirectProxyUrl},
+     * adding the callback action and provider id onto the URL.
+     *
+     * If defined, it is favoured over {@link OAuthConfigInternal.callbackUrl} in the authorization request.
+     *
+     * When {@link InternalOptions.isOnRedirectProxy} is set, the actual value is saved in the decoded `state.origin` parameter.
+     *
+     * @example `"https://auth.example.com/api/auth/callback/:provider"`
+     *
+     */
+    redirectProxyUrl?: OAuth2Config<Profile>["redirectProxyUrl"];
+} & Pick<Required<OAuthConfig<Profile>>, "clientId" | "checks" | "profile" | "account">;
+export type OIDCConfigInternal<Profile> = OAuthConfigInternal<Profile> & {
+    checks: OIDCConfig<Profile>["checks"];
+    idToken: OIDCConfig<Profile>["idToken"];
+};
+//# sourceMappingURL=oauth.d.ts.map

package/dist/server/oauth/providers/oauth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../../../../src/server/oauth/providers/oauth.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,YAAY,EACZ,WAAW,EACX,iBAAiB,EACjB,UAAU,EACV,oBAAoB,EACpB,uBAAuB,EACxB,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE1C;;;;GAIG;AACH,MAAM,MAAM,mBAAmB,CAAC,OAAO,IAAI,IAAI,CAC7C,WAAW,CAAC,OAAO,CAAC,EACpB,iBAAiB,GAAG,kBAAkB,CACvC,GAAG;IACF,aAAa,CAAC,EAAE;QAAE,GAAG,EAAE,GAAG,CAAA;KAAE,CAAC;IAC7B,KAAK,CAAC,EAAE;QACN,GAAG,EAAE,GAAG,CAAC;QACT,OAAO,CAAC,EAAE,oBAAoB,CAAC,SAAS,CAAC,CAAC;QAC1C,gBAAgB,CAAC,EAAE,SAAS,GAAG,UAAU,CAAC;QAC1C;;;WAGG;QACH,OAAO,CAAC,EAAE,oBAAoB,CAAC,SAAS,CAAC,CAAC;KAC3C,CAAC;IACF,QAAQ,CAAC,EAAE;QAAE,GAAG,EAAE,GAAG,CAAC;QAAC,OAAO,CAAC,EAAE,uBAAuB,CAAC,SAAS,CAAC,CAAA;KAAE,CAAC;IACtE;;;;;;;;;;OAUG;IACH,gBAAgB,CAAC,EAAE,YAAY,CAAC,OAAO,CAAC,CAAC,kBAAkB,CAAC,CAAC;CAC9D,GAAG,IAAI,CACJ,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,EAC9B,UAAU,GAAG,QAAQ,GAAG,SAAS,GAAG,SAAS,CAC9C,CAAC;AAEJ,MAAM,MAAM,kBAAkB,CAAC,OAAO,IAAI,mBAAmB,CAAC,OAAO,CAAC,GAAG;IACvE,MAAM,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,CAAC;IACtC,OAAO,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,CAAC;CACzC,CAAC"}

package/dist/server/oauth/providers/oauth.js

@@ -0,0 +1,3 @@
+// This maps to packages/core/src/providers/oauth.ts in the @auth/core package (commit 5af1f30a32e64591abc50ae4d2dba4682e525431)
+export {};
+//# sourceMappingURL=oauth.js.map

package/dist/server/oauth/providers/oauth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../../../src/server/oauth/providers/oauth.ts"],"names":[],"mappings":"AAAA,gIAAgI"}

package/dist/server/oauth/types.d.ts

@@ -0,0 +1,24 @@
+import * as AuthCoreJwt from "@auth/core/jwt";
+import { CookieOption, CookiesOptions } from "@auth/core/types.js";
+import { OAuthConfigInternal, OIDCConfigInternal } from "./providers/oauth.js";
+import { ProviderType } from "@auth/core/providers/index.js";
+import * as o from "oauth4webapi";
+export type ConvexAuthProviderType = "oauth" | "oidc";
+export type ConfigSource = "discovered" | "provided";
+export type InternalProvider<T = ProviderType> = (T extends "oauth" ? OAuthConfigInternal<any> : T extends "oidc" ? OIDCConfigInternal<any> : never) & {
+    as: o.AuthorizationServer;
+    configSource: ConfigSource;
+};
+export type JWTOptions = AuthCoreJwt.JWTOptions & {
+    secret: string | string[];
+};
+/** @internal */
+export interface InternalOptions<TProviderType extends ConvexAuthProviderType> {
+    provider: InternalProvider<TProviderType>;
+    /**
+     * `true` if the [Double-submit CSRF check](https://owasp.org/www-chapter-london/assets/slides/David_Johansson-Double_Defeat_of_Double-Submit_Cookie.pdf) was succesful
+     * or [`skipCSRFCheck`](https://authjs.dev/reference/core#skipcsrfcheck) was enabled.
+     */
+    cookies: Record<keyof CookiesOptions, CookieOption>;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/server/oauth/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/server/oauth/types.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,WAAW,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACnE,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC/E,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAC7D,OAAO,KAAK,CAAC,MAAM,cAAc,CAAC;AAElC,MAAM,MAAM,sBAAsB,GAAG,OAAO,GAAG,MAAM,CAAC;AAEtD,MAAM,MAAM,YAAY,GAAG,YAAY,GAAG,UAAU,CAAC;AAGrD,MAAM,MAAM,gBAAgB,CAAC,CAAC,GAAG,YAAY,IAAI,CAAC,CAAC,SAAS,OAAO,GAC/D,mBAAmB,CAAC,GAAG,CAAC,GACxB,CAAC,SAAS,MAAM,GACd,kBAAkB,CAAC,GAAG,CAAC,GACvB,KAAK,CAAC,GAAI;IAAC,EAAE,EAAE,CAAC,CAAC,mBAAmB,CAAC;IAAC,YAAY,EAAE,YAAY,CAAA;CAAC,CAAA;AAIvE,MAAM,MAAM,UAAU,GAAG,WAAW,CAAC,UAAU,GAAG;IAAE,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;CAAE,CAAC;AAEhF,gBAAgB;AAChB,MAAM,WAAW,eAAe,CAAC,aAAa,SAAS,sBAAsB;IAK3E,QAAQ,EAAE,gBAAgB,CAAC,aAAa,CAAC,CAAC;IAE1C;;;OAGG;IAaH,OAAO,EAAE,MAAM,CAAC,MAAM,cAAc,EAAE,YAAY,CAAC,CAAC;CASrD"}

package/dist/server/oauth/types.js

@@ -0,0 +1,5 @@
+// This maps to packages/core/src/types.ts in the @auth/core package (commit 5af1f30a32e64591abc50ae4d2dba4682e525431).
+export {};
+// ConvexAuth: There are several more types in the original file which we don't need,
+// and are omitted here.
+//# sourceMappingURL=types.js.map

package/dist/server/oauth/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/server/oauth/types.ts"],"names":[],"mappings":"AAAA,uHAAuH;;AA0DvH,qFAAqF;AACrF,wBAAwB"}

package/dist/server/provider_utils.d.ts

@@ -0,0 +1,76 @@
+import { OAuth2Config, OAuthConfig, OAuthEndpointType, OIDCConfig } from "@auth/core/providers";
+import { AuthProviderConfig, AuthProviderMaterializedConfig, ConvexAuthConfig } from "./types.js";
+/**
+ * @internal
+ */
+export declare function configDefaults(config_: ConvexAuthConfig): {
+    extraProviders: AuthProviderMaterializedConfig[];
+    theme: import("@auth/core/types.js").Theme;
+    providers: (OIDCConfig<any> | OAuth2Config<any> | import("./types.js").ConvexCredentialsConfig | import("./types.js").EmailConfig<import("convex/server").GenericDataModel> | import("./types.js").PhoneConfig<import("convex/server").GenericDataModel>)[];
+    component?: import("./types.js").AuthComponentApi;
+    session?: {
+        totalDurationMs?: number;
+        inactiveDurationMs?: number;
+    };
+    jwt?: {
+        durationMs?: number;
+    };
+    signIn?: {
+        maxFailedAttempsPerHour?: number;
+    };
+    callbacks?: {
+        redirect?: (params: {
+            redirectTo: string;
+        }) => Promise<string>;
+        createOrUpdateUser?: (ctx: import("convex/server").GenericMutationCtx<import("convex/server").AnyDataModel>, args: {
+            existingUserId: import("convex/values").GenericId<"user"> | null;
+            type: "oauth" | "credentials" | "email" | "phone" | "verification";
+            provider: AuthProviderMaterializedConfig;
+            profile: Record<string, unknown> & {
+                email?: string;
+                phone?: string;
+                emailVerified?: boolean;
+                phoneVerified?: boolean;
+            };
+            shouldLink?: boolean;
+        }) => Promise<import("convex/values").GenericId<"user">>;
+        afterUserCreatedOrUpdated?: (ctx: import("convex/server").GenericMutationCtx<import("convex/server").AnyDataModel>, args: {
+            userId: import("convex/values").GenericId<"user">;
+            existingUserId: import("convex/values").GenericId<"user"> | null;
+            type: "oauth" | "credentials" | "email" | "phone" | "verification";
+            provider: AuthProviderMaterializedConfig;
+            profile: Record<string, unknown> & {
+                email?: string;
+                phone?: string;
+                emailVerified?: boolean;
+                phoneVerified?: boolean;
+            };
+            shouldLink?: boolean;
+        }) => Promise<void>;
+    };
+};
+/**
+ * @internal
+ */
+export declare function materializeProvider(provider: AuthProviderConfig): AuthProviderMaterializedConfig;
+export declare const PLACEHOLDER_URL_HOST = "convexauth.mumbojumbo";
+export declare function normalizeEndpoint(e?: OAuthConfig<any>[OAuthEndpointType], issuer?: string): {
+    url: URL;
+    request?: undefined;
+    conform?: undefined;
+} | {
+    url: URL;
+    request: any;
+    conform: any;
+} | undefined;
+/**
+ * Deep merge two objects
+ *
+ * @internal
+ */
+export declare function merge(target: any, ...sources: any[]): any;
+/**
+ * @internal
+ */
+export declare function listAvailableProviders(config: ReturnType<typeof configDefaults>, allowExtraProviders: boolean): string;
+//# sourceMappingURL=provider_utils.d.ts.map

package/dist/server/provider_utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider_utils.d.ts","sourceRoot":"","sources":["../../src/server/provider_utils.ts"],"names":[],"mappings":"AAmBA,OAAO,EAEL,YAAY,EACZ,WAAW,EACX,iBAAiB,EACjB,UAAU,EAEX,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EACL,kBAAkB,EAClB,8BAA8B,EAC9B,gBAAgB,EACjB,MAAM,YAAY,CAAC;AAEpB;;GAEG;AACH,wBAAgB,cAAc,CAAC,OAAO,EAAE,gBAAgB;;;;;;uBAKjD,CAAC;0BAK6C,CAAC;;;kBAalB,CAAC;;;+BAShB,CAAC;;;gBAuCuB,CAAC;;;0BAoB5C,CAAF;;;;;qBAsCa,CAAA;qBACG,CAAC;6BACf,CAAD;6BACO,CAAC;;sBAG4B,CAAC;;iCAwBS,CAAC;;;;;;qBA0B6gB,CAAC;qBAAyB,CAAC;6BAAiC,CAAC;6BAAkC,CAAC;;sBAAgI,CAAC;;;EAvK7xB;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,kBAAkB,GAGhC,8BAA8B,CAC7D;AAwFD,eAAO,MAAM,oBAAoB,0BAA0B,CAAC;AAI5D,wBAAgB,iBAAiB,CAC/B,CAAC,CAAC,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC,iBAAiB,CAAC,EACvC,MAAM,CAAC,EAAE,MAAM;;;;;;;;cAmBhB;AAID;;;;GAIG;AACH,wBAAgB,KAAK,CAAC,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,EAAE,GAAG,EAAE,GAAG,GAAG,CAgBzD;AAMD;;GAEG;AACH,wBAAgB,sBAAsB,CACpC,MAAM,EAAE,UAAU,CAAC,OAAO,cAAc,CAAC,EACzC,mBAAmB,EAAE,OAAO,UAQ7B"}

package/dist/server/provider_utils.js

@@ -0,0 +1,177 @@
+// Some code adapted from Auth.js. Original license:
+//
+// ISC License
+//
+// Copyright (c) 2022-2024, Balázs Orbán
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+import { setEnvDefaults } from "@auth/core";
+/**
+ * @internal
+ */
+export function configDefaults(config_) {
+    const config = materializeAndDefaultProviders(config_);
+    // Collect extra providers
+    const extraProviders = config.providers
+        .filter((p) => p.type === "credentials")
+        .map((p) => p.extraProviders)
+        .flat()
+        .filter((p) => p !== undefined);
+    return {
+        ...config,
+        extraProviders: materializeProviders(extraProviders),
+        theme: config.theme ?? {
+            colorScheme: "auto",
+            logo: "",
+            brandColor: "",
+            buttonText: "",
+        },
+    };
+}
+/**
+ * @internal
+ */
+export function materializeProvider(provider) {
+    const config = { providers: [provider] };
+    materializeAndDefaultProviders(config);
+    return config.providers[0];
+}
+function materializeProviders(providers) {
+    const config = { providers };
+    materializeAndDefaultProviders(config);
+    return config.providers;
+}
+function materializeAndDefaultProviders(config_) {
+    // Have to materialize first so that the correct env variables are used
+    const providers = config_.providers.map((provider) => providerDefaults(typeof provider === "function" ? provider() : provider));
+    const config = { ...config_, providers };
+    // Unfortunately mutates its argument
+    setEnvDefaults(process.env, config);
+    // Manually do this for new provider type
+    config.providers.forEach((provider) => {
+        if (provider.type === "phone") {
+            const ID = provider.id.toUpperCase().replace(/-/g, "_");
+            // Should not require this env var at push time, as the provider's
+            // implementation might not use it
+            provider.apiKey ??= process.env[`AUTH_${ID}_KEY`];
+        }
+    });
+    return config;
+}
+function providerDefaults(provider) {
+    // TODO: Add `redirectProxyUrl` to oauth providers
+    const merged = merge(provider, provider.options);
+    return merged.type === "oauth" || merged.type === "oidc"
+        ? normalizeOAuth(merged)
+        : merged;
+}
+const defaultProfile = (profile) => {
+    return stripUndefined({
+        id: profile.sub ?? profile.id ?? crypto.randomUUID(),
+        name: profile.name ?? profile.nickname ?? profile.preferred_username,
+        email: profile.email ?? undefined,
+        image: profile.picture ?? undefined,
+    });
+};
+const defaultAccount = (account) => {
+    return stripUndefined({
+        access_token: account.access_token,
+        id_token: account.id_token,
+        refresh_token: account.refresh_token,
+        expires_at: account.expires_at,
+        scope: account.scope,
+        token_type: account.token_type,
+        session_state: account.session_state,
+    });
+};
+function stripUndefined(o) {
+    const result = {};
+    for (const [k, v] of Object.entries(o))
+        v !== undefined && (result[k] = v);
+    return result;
+}
+function normalizeOAuth(c) {
+    if (c.issuer)
+        c.wellKnown ??= `${c.issuer}/.well-known/openid-configuration`;
+    const checks = c.checks ?? ["pkce"];
+    if (c.redirectProxyUrl) {
+        if (!checks.includes("state"))
+            checks.push("state");
+        c.redirectProxyUrl = `${c.redirectProxyUrl}/callback/${c.id}`;
+    }
+    return {
+        ...c,
+        checks,
+        profile: c.profile ?? defaultProfile,
+        account: c.account ?? defaultAccount,
+    };
+}
+export const PLACEHOLDER_URL_HOST = "convexauth.mumbojumbo";
+const PLACEHOLDER_URL = `https://${PLACEHOLDER_URL_HOST}`;
+export function normalizeEndpoint(e, issuer) {
+    if (!e && issuer)
+        return undefined;
+    if (typeof e === "string") {
+        return { url: new URL(e) };
+    }
+    // Placeholder URL is used to pass around the URL object
+    // even if the URL hasn't been specified: the `issuer`
+    // is used instead.
+    const url = new URL(e?.url ?? PLACEHOLDER_URL);
+    if (e?.params != null) {
+        for (const [key, value] of Object.entries(e.params)) {
+            url.searchParams.set(key, String(key === "claims" ? JSON.stringify(value) : value));
+        }
+    }
+    return { url, request: e?.request, conform: e?.conform };
+}
+// Source: https://stackoverflow.com/a/34749873/5364135
+/**
+ * Deep merge two objects
+ *
+ * @internal
+ */
+export function merge(target, ...sources) {
+    if (!sources.length)
+        return target;
+    const source = sources.shift();
+    if (isObject(target) && isObject(source)) {
+        for (const key in source) {
+            if (isObject(source[key])) {
+                if (!target[key])
+                    Object.assign(target, { [key]: {} });
+                merge(target[key], source[key]);
+            }
+            else {
+                Object.assign(target, { [key]: source[key] });
+            }
+        }
+    }
+    return merge(target, ...sources);
+}
+/** Simple object check */
+function isObject(item) {
+    return item && typeof item === "object" && !Array.isArray(item);
+}
+/**
+ * @internal
+ */
+export function listAvailableProviders(config, allowExtraProviders) {
+    const availableProviders = config.providers
+        .concat(allowExtraProviders ? config.extraProviders : [])
+        .map((provider) => `\`${provider.id}\``);
+    return availableProviders.length > 0
+        ? availableProviders.join(", ")
+        : "no providers have been configured";
+}
+//# sourceMappingURL=provider_utils.js.map

package/dist/server/provider_utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider_utils.js","sourceRoot":"","sources":["../../src/server/provider_utils.ts"],"names":[],"mappings":"AAAA,oDAAoD;AACpD,EAAE;AACF,cAAc;AACd,EAAE;AACF,wCAAwC;AACxC,EAAE;AACF,2EAA2E;AAC3E,yEAAyE;AACzE,oEAAoE;AACpE,EAAE;AACF,2EAA2E;AAC3E,mEAAmE;AACnE,0EAA0E;AAC1E,yEAAyE;AACzE,wEAAwE;AACxE,0EAA0E;AAC1E,iEAAiE;AAEjE,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAgB5C;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,OAAyB;IACtD,MAAM,MAAM,GAAG,8BAA8B,CAAC,OAAO,CAAC,CAAC;IACvD,0BAA0B;IAC1B,MAAM,cAAc,GAAG,MAAM,CAAC,SAAS;SACpC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,aAAa,CAAC;SACvC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,CAAC;SAC5B,IAAI,EAAE;SACN,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;IAClC,OAAO;QACL,GAAG,MAAM;QACT,cAAc,EAAE,oBAAoB,CAAC,cAAc,CAAC;QACpD,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI;YACrB,WAAW,EAAE,MAAM;YACnB,IAAI,EAAE,EAAE;YACR,UAAU,EAAE,EAAE;YACd,UAAU,EAAE,EAAE;SACf;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,QAA4B;IAC9D,MAAM,MAAM,GAAG,EAAE,SAAS,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC;IACzC,8BAA8B,CAAC,MAAM,CAAC,CAAC;IACvC,OAAO,MAAM,CAAC,SAAS,CAAC,CAAC,CAAmC,CAAC;AAC/D,CAAC;AAED,SAAS,oBAAoB,CAAC,SAA+B;IAC3D,MAAM,MAAM,GAAG,EAAE,SAAS,EAAE,CAAC;IAC7B,8BAA8B,CAAC,MAAM,CAAC,CAAC;IACvC,OAAO,MAAM,CAAC,SAA6C,CAAC;AAC9D,CAAC;AAED,SAAS,8BAA8B,CAAC,OAAyB;IAC/D,uEAAuE;IACvE,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CACnD,gBAAgB,CACd,OAAO,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAE,QAAgB,CAChE,CACF,CAAC;IACF,MAAM,MAAM,GAAG,EAAE,GAAG,OAAO,EAAE,SAAS,EAAE,CAAC;IAEzC,qCAAqC;IACrC,cAAc,CAAC,OAAO,CAAC,GAAG,EAAE,MAAa,CAAC,CAAC;IAC3C,yCAAyC;IACzC,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;QACpC,IAAI,QAAQ,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;YAC9B,MAAM,EAAE,GAAG,QAAQ,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;YACxD,kEAAkE;YAClE,kCAAkC;YAClC,QAAQ,CAAC,MAAM,KAAK,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACpD,CAAC;IACH,CAAC,CAAC,CAAC;IACH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAwC;IAChE,kDAAkD;IAClD,MAAM,MAAM,GAAG,KAAK,CAClB,QAAQ,EACP,QAAgB,CAAC,OAAO,CACQ,CAAC;IACpC,OAAO,MAAM,CAAC,IAAI,KAAK,OAAO,IAAI,MAAM,CAAC,IAAI,KAAK,MAAM;QACtD,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC;QACxB,CAAC,CAAC,MAAM,CAAC;AACb,CAAC;AAED,MAAM,cAAc,GAA6B,CAAC,OAAO,EAAE,EAAE;IAC3D,OAAO,cAAc,CAAC;QACpB,EAAE,EAAE,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,EAAE,IAAI,MAAM,CAAC,UAAU,EAAE;QACpD,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,kBAAkB;QACpE,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,SAAS;QACjC,KAAK,EAAE,OAAO,CAAC,OAAO,IAAI,SAAS;KACpC,CAAC,CAAC;AACL,CAAC,CAAC;AAEF,MAAM,cAAc,GAAoB,CAAC,OAAO,EAAE,EAAE;IAClD,OAAO,cAAc,CAAC;QACpB,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,aAAa,EAAE,OAAO,CAAC,aAAa;QACpC,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,aAAa,EAAE,OAAO,CAAC,aAAa;KACrC,CAAC,CAAC;AACL,CAAC,CAAC;AAEF,SAAS,cAAc,CAAmB,CAAI;IAC5C,MAAM,MAAM,GAAG,EAAS,CAAC;IACzB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;QAAE,CAAC,KAAK,SAAS,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3E,OAAO,MAAW,CAAC;AACrB,CAAC;AAED,SAAS,cAAc,CACrB,CAAI;IAEJ,IAAI,CAAC,CAAC,MAAM;QAAE,CAAC,CAAC,SAAS,KAAK,GAAG,CAAC,CAAC,MAAM,mCAAmC,CAAC;IAE7E,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,CAAC;IACpC,IAAI,CAAC,CAAC,gBAAgB,EAAE,CAAC;QACvB,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC;YAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACpD,CAAC,CAAC,gBAAgB,GAAG,GAAG,CAAC,CAAC,gBAAgB,aAAa,CAAC,CAAC,EAAE,EAAE,CAAC;IAChE,CAAC;IAED,OAAO;QACL,GAAG,CAAC;QACJ,MAAM;QACN,OAAO,EAAE,CAAC,CAAC,OAAO,IAAI,cAAc;QACpC,OAAO,EAAE,CAAC,CAAC,OAAO,IAAI,cAAc;KACrC,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,oBAAoB,GAAG,uBAAuB,CAAC;AAE5D,MAAM,eAAe,GAAG,WAAW,oBAAoB,EAAE,CAAC;AAE1D,MAAM,UAAU,iBAAiB,CAC/B,CAAuC,EACvC,MAAe;IAEf,IAAI,CAAC,CAAC,IAAI,MAAM;QAAE,OAAO,SAAS,CAAC;IACnC,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;QAC1B,OAAO,EAAE,GAAG,EAAE,IAAI,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IAC7B,CAAC;IACD,wDAAwD;IACxD,sDAAsD;IACtD,mBAAmB;IACnB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,EAAE,GAAG,IAAI,eAAe,CAAC,CAAC;IAC/C,IAAI,CAAC,EAAE,MAAM,IAAI,IAAI,EAAE,CAAC;QACtB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC;YACpD,GAAG,CAAC,YAAY,CAAC,GAAG,CAClB,GAAG,EACH,MAAM,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CACzD,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC;AAC3D,CAAC;AAED,uDAAuD;AAEvD;;;;GAIG;AACH,MAAM,UAAU,KAAK,CAAC,MAAW,EAAE,GAAG,OAAc;IAClD,IAAI,CAAC,OAAO,CAAC,MAAM;QAAE,OAAO,MAAM,CAAC;IACnC,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,EAAE,CAAC;IAE/B,IAAI,QAAQ,CAAC,MAAM,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACzC,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;YACzB,IAAI,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;gBAC1B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;oBAAE,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;gBACvD,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;YAClC,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAChD,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC;AACnC,CAAC;AAED,0BAA0B;AAC1B,SAAS,QAAQ,CAAC,IAAS;IACzB,OAAO,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;AAClE,CAAC;AACD;;GAEG;AACH,MAAM,UAAU,sBAAsB,CACpC,MAAyC,EACzC,mBAA4B;IAE5B,MAAM,kBAAkB,GAAG,MAAM,CAAC,SAAS;SACxC,MAAM,CAAC,mBAAmB,CAAC,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,CAAC;SACxD,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,KAAK,QAAQ,CAAC,EAAE,IAAI,CAAC,CAAC;IAC3C,OAAO,kBAAkB,CAAC,MAAM,GAAG,CAAC;QAClC,CAAC,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC;QAC/B,CAAC,CAAC,mCAAmC,CAAC;AAC1C,CAAC"}