@rttnd/gau 0.4.3 → 0.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/chunk-AXVL3CPR.js +1 -0
- package/dist/chunk-AXVL3CPR.js.map +1 -0
- package/dist/chunk-PJCHBT42.js +1 -0
- package/dist/chunk-PJCHBT42.js.map +1 -0
- package/dist/chunk-YL3QRKSH.js +1 -0
- package/dist/chunk-YL3QRKSH.js.map +1 -0
- package/dist/src/adapters/drizzle/index.d.ts.map +1 -1
- package/dist/src/adapters/drizzle/index.js +1 -1
- package/dist/src/adapters/drizzle/mysql.d.ts +0 -1
- package/dist/src/adapters/drizzle/mysql.d.ts.map +1 -1
- package/dist/src/adapters/drizzle/pg.d.ts +27 -2
- package/dist/src/adapters/drizzle/pg.d.ts.map +1 -1
- package/dist/src/adapters/drizzle/sqlite.d.ts +8 -6
- package/dist/src/adapters/drizzle/sqlite.d.ts.map +1 -1
- package/dist/src/adapters/index.js +1 -1
- package/dist/src/client/solid/index.d.ts +5 -3
- package/dist/src/client/solid/index.d.ts.map +1 -1
- package/dist/src/client/solid/index.jsx +37 -17
- package/dist/src/client/svelte/index.svelte.d.ts +5 -3
- package/dist/src/client/svelte/index.svelte.d.ts.map +1 -1
- package/dist/src/client/svelte/index.svelte.js +3 -1
- package/dist/src/client/svelte/index.svelte.js.map +1 -1
- package/dist/src/core/cookies.d.ts +2 -1
- package/dist/src/core/cookies.d.ts.map +1 -1
- package/dist/src/core/createAuth.d.ts +25 -5
- package/dist/src/core/createAuth.d.ts.map +1 -1
- package/dist/src/core/handlers/callback.d.ts.map +1 -1
- package/dist/src/core/handlers/index.js +1 -1
- package/dist/src/core/handlers/login.d.ts.map +1 -1
- package/dist/src/core/handlers/utils.d.ts.map +1 -1
- package/dist/src/core/hooks.d.ts +0 -1
- package/dist/src/core/hooks.d.ts.map +1 -1
- package/dist/src/core/index.d.ts +2 -2
- package/dist/src/core/index.d.ts.map +1 -1
- package/dist/src/core/index.js +1 -1
- package/dist/src/index.js +1 -1
- package/dist/src/jwt/index.js +1 -1
- package/dist/src/oauth/index.d.ts +11 -2
- package/dist/src/oauth/index.d.ts.map +1 -1
- package/dist/src/oauth/index.js +1 -1
- package/dist/src/oauth/index.js.map +1 -1
- package/dist/src/oauth/providers/discord.d.ts +3 -0
- package/dist/src/oauth/providers/discord.d.ts.map +1 -0
- package/dist/src/oauth/providers/facebook.d.ts +3 -0
- package/dist/src/oauth/providers/facebook.d.ts.map +1 -0
- package/dist/src/oauth/providers/github.d.ts +1 -1
- package/dist/src/oauth/providers/github.d.ts.map +1 -1
- package/dist/src/oauth/providers/google.d.ts.map +1 -1
- package/dist/src/oauth/providers/microsoft.d.ts +3 -2
- package/dist/src/oauth/providers/microsoft.d.ts.map +1 -1
- package/dist/src/runtimes/index.js +1 -1
- package/dist/src/runtimes/tauri/index.d.ts +2 -2
- package/dist/src/runtimes/tauri/index.d.ts.map +1 -1
- package/dist/src/runtimes/tauri/index.js +1 -1
- package/dist/src/solidstart/index.d.ts +1 -1
- package/dist/src/solidstart/index.d.ts.map +1 -1
- package/dist/src/solidstart/index.js +1 -1
- package/dist/src/sveltekit/index.js +1 -1
- package/package.json +17 -11
- package/dist/chunk-GV4FQQFM.js +0 -1
- package/dist/chunk-GV4FQQFM.js.map +0 -1
- package/dist/chunk-LGCVPXHE.js +0 -1
- package/dist/chunk-LGCVPXHE.js.map +0 -1
- package/dist/chunk-ZKRGIT5Z.js +0 -1
- package/dist/chunk-ZKRGIT5Z.js.map +0 -1
|
@@ -58,11 +58,11 @@ function clearSessionToken() {
|
|
|
58
58
|
function isTauri() {
|
|
59
59
|
return BROWSER2 && "__TAURI_INTERNALS__" in globalThis;
|
|
60
60
|
}
|
|
61
|
-
async function signInWithTauri(provider, baseUrl, scheme = "gau", redirectOverride) {
|
|
61
|
+
async function signInWithTauri(provider, baseUrl, scheme = "gau", redirectOverride, profile) {
|
|
62
62
|
if (!isTauri())
|
|
63
63
|
return;
|
|
64
64
|
const { platform } = await import("@tauri-apps/plugin-os");
|
|
65
|
-
const {
|
|
65
|
+
const { openUrl } = await import("@tauri-apps/plugin-opener");
|
|
66
66
|
const currentPlatform = platform();
|
|
67
67
|
let redirectTo;
|
|
68
68
|
if (redirectOverride)
|
|
@@ -71,8 +71,12 @@ async function signInWithTauri(provider, baseUrl, scheme = "gau", redirectOverri
|
|
|
71
71
|
redirectTo = new URL(baseUrl).origin;
|
|
72
72
|
else
|
|
73
73
|
redirectTo = `${scheme}://oauth/callback`;
|
|
74
|
-
const
|
|
75
|
-
|
|
74
|
+
const params = new URLSearchParams();
|
|
75
|
+
params.set("redirectTo", redirectTo);
|
|
76
|
+
if (profile)
|
|
77
|
+
params.set("profile", profile);
|
|
78
|
+
const authUrl = `${baseUrl}/${provider}?${params.toString()}`;
|
|
79
|
+
await openUrl(authUrl);
|
|
76
80
|
}
|
|
77
81
|
async function setupTauriListener(handler) {
|
|
78
82
|
if (!isTauri())
|
|
@@ -96,11 +100,11 @@ function handleTauriDeepLink(url, baseUrl, scheme, onToken) {
|
|
|
96
100
|
if (token)
|
|
97
101
|
onToken(token);
|
|
98
102
|
}
|
|
99
|
-
async function linkAccountWithTauri(provider, baseUrl, scheme = "gau", redirectOverride) {
|
|
103
|
+
async function linkAccountWithTauri(provider, baseUrl, scheme = "gau", redirectOverride, profile) {
|
|
100
104
|
if (!isTauri())
|
|
101
105
|
return;
|
|
102
106
|
const { platform } = await import("@tauri-apps/plugin-os");
|
|
103
|
-
const {
|
|
107
|
+
const { openUrl } = await import("@tauri-apps/plugin-opener");
|
|
104
108
|
const currentPlatform = platform();
|
|
105
109
|
let redirectTo;
|
|
106
110
|
if (redirectOverride)
|
|
@@ -114,9 +118,13 @@ async function linkAccountWithTauri(provider, baseUrl, scheme = "gau", redirectO
|
|
|
114
118
|
console.error("No session token found, cannot link account.");
|
|
115
119
|
return;
|
|
116
120
|
}
|
|
117
|
-
const
|
|
118
|
-
|
|
119
|
-
|
|
121
|
+
const params = new URLSearchParams();
|
|
122
|
+
params.set("redirectTo", redirectTo);
|
|
123
|
+
params.set("token", token);
|
|
124
|
+
if (profile)
|
|
125
|
+
params.set("profile", profile);
|
|
126
|
+
const linkUrl = `${baseUrl}/link/${provider}?${params.toString()}`;
|
|
127
|
+
await openUrl(linkUrl);
|
|
120
128
|
}
|
|
121
129
|
|
|
122
130
|
// src/client/solid/index.tsx
|
|
@@ -139,28 +147,38 @@ function AuthProvider(props) {
|
|
|
139
147
|
fetchSession,
|
|
140
148
|
{ initialValue: { ...NULL_SESSION, providers: [] } }
|
|
141
149
|
);
|
|
142
|
-
async function signIn(provider, { redirectTo } = {}) {
|
|
150
|
+
async function signIn(provider, { redirectTo, profile } = {}) {
|
|
143
151
|
let finalRedirectTo = redirectTo ?? props.redirectTo;
|
|
144
152
|
if (isTauri()) {
|
|
145
|
-
await signInWithTauri(provider, baseUrl, scheme, finalRedirectTo);
|
|
153
|
+
await signInWithTauri(provider, baseUrl, scheme, finalRedirectTo, profile);
|
|
146
154
|
} else {
|
|
147
155
|
if (!finalRedirectTo && !isServer)
|
|
148
156
|
finalRedirectTo = window.location.origin;
|
|
149
|
-
const
|
|
150
|
-
|
|
157
|
+
const params = new URLSearchParams();
|
|
158
|
+
if (finalRedirectTo)
|
|
159
|
+
params.set("redirectTo", finalRedirectTo);
|
|
160
|
+
if (profile)
|
|
161
|
+
params.set("profile", String(profile));
|
|
162
|
+
const q = params.toString();
|
|
163
|
+
const authUrl = `${baseUrl}/${provider}${q ? `?${q}` : ""}`;
|
|
151
164
|
window.location.href = authUrl;
|
|
152
165
|
}
|
|
153
166
|
}
|
|
154
|
-
async function linkAccount(provider, { redirectTo } = {}) {
|
|
167
|
+
async function linkAccount(provider, { redirectTo, profile } = {}) {
|
|
155
168
|
if (isTauri()) {
|
|
156
|
-
await linkAccountWithTauri(provider, baseUrl, scheme, redirectTo);
|
|
169
|
+
await linkAccountWithTauri(provider, baseUrl, scheme, redirectTo, profile);
|
|
157
170
|
return;
|
|
158
171
|
}
|
|
159
172
|
let finalRedirectTo = redirectTo ?? props.redirectTo;
|
|
160
173
|
if (!finalRedirectTo && !isServer)
|
|
161
174
|
finalRedirectTo = window.location.href;
|
|
162
|
-
const
|
|
163
|
-
|
|
175
|
+
const params = new URLSearchParams();
|
|
176
|
+
if (finalRedirectTo)
|
|
177
|
+
params.set("redirectTo", finalRedirectTo);
|
|
178
|
+
if (profile)
|
|
179
|
+
params.set("profile", String(profile));
|
|
180
|
+
params.set("redirect", "false");
|
|
181
|
+
const linkUrl = `${baseUrl}/link/${provider}?${params.toString()}`;
|
|
164
182
|
const token = getSessionToken();
|
|
165
183
|
const fetchOptions = token ? { headers: { Authorization: `Bearer ${token}` } } : { credentials: "include" };
|
|
166
184
|
const res = await fetch(linkUrl, fetchOptions);
|
|
@@ -193,6 +211,8 @@ function AuthProvider(props) {
|
|
|
193
211
|
};
|
|
194
212
|
onMount(() => {
|
|
195
213
|
if (!isTauri()) {
|
|
214
|
+
if (window.location.hash === "#_=_")
|
|
215
|
+
window.history.replaceState(null, "", window.location.pathname + window.location.search);
|
|
196
216
|
const hash = new URL(window.location.href).hash.substring(1);
|
|
197
217
|
const params = new URLSearchParams(hash);
|
|
198
218
|
const tokenParam = params.get("token");
|
|
@@ -1,11 +1,13 @@
|
|
|
1
|
-
import type { GauSession, ProviderIds } from '../../core';
|
|
1
|
+
import type { GauSession, ProfileName, ProviderIds } from '../../core';
|
|
2
2
|
interface AuthContextValue<TAuth = unknown> {
|
|
3
3
|
session: GauSession<ProviderIds<TAuth>>;
|
|
4
|
-
signIn:
|
|
4
|
+
signIn: <P extends ProviderIds<TAuth>>(provider: P, options?: {
|
|
5
5
|
redirectTo?: string;
|
|
6
|
+
profile?: ProfileName<TAuth, P>;
|
|
6
7
|
}) => Promise<void>;
|
|
7
|
-
linkAccount:
|
|
8
|
+
linkAccount: <P extends ProviderIds<TAuth>>(provider: P, options?: {
|
|
8
9
|
redirectTo?: string;
|
|
10
|
+
profile?: ProfileName<TAuth, P>;
|
|
9
11
|
}) => Promise<void>;
|
|
10
12
|
unlinkAccount: (provider: ProviderIds<TAuth>) => Promise<void>;
|
|
11
13
|
signOut: () => Promise<void>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.svelte.d.ts","sourceRoot":"","sources":["../../../../src/client/svelte/index.svelte.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;
|
|
1
|
+
{"version":3,"file":"index.svelte.d.ts","sourceRoot":"","sources":["../../../../src/client/svelte/index.svelte.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAOtE,UAAU,gBAAgB,CAAC,KAAK,GAAG,OAAO;IACxC,OAAO,EAAE,UAAU,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAA;IACvC,MAAM,EAAE,CAAC,CAAC,SAAS,WAAW,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,OAAO,CAAC,EAAE;QAAE,UAAU,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;KAAE,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IACxI,WAAW,EAAE,CAAC,CAAC,SAAS,WAAW,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,OAAO,CAAC,EAAE;QAAE,UAAU,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;KAAE,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAC7I,aAAa,EAAE,CAAC,QAAQ,EAAE,WAAW,CAAC,KAAK,CAAC,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAC9D,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;CAC7B;AAID,wBAAgB,gBAAgB,CAAC,KAAK,CAAC,KAAK,GAAG,OAAO,EAAE,EACtD,OAAqB,EACrB,MAAc,EACd,UAAU,EAAE,iBAAiB,EAC9B,GAAE;IACD,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,UAAU,CAAC,EAAE,MAAM,CAAA;CACf,QAiLL;AAED,wBAAgB,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,OAAO,KAAK,gBAAgB,CAAC,KAAK,CAAC,CAMxE"}
|
|
@@ -1 +1,3 @@
|
|
|
1
|
-
import{BROWSER as t}from"esm-env";import{getContext as n,setContext as o}from"svelte";import{parse as e,serialize as i}from"cookie";import{createJWTSignatureMessage as a,encodeJWT as r,JWSRegisteredHeaders as
|
|
1
|
+
import{BROWSER as t}from"esm-env";import{getContext as n,setContext as o}from"svelte";import{parse as e,serialize as i}from"cookie";import{createJWTSignatureMessage as a,encodeJWT as r,JWSRegisteredHeaders as s,JWTRegisteredClaims as c,parseJWT as l}from"@oslojs/jwt";import{generateCodeVerifier as u,generateState as w}from"arctic";var p={user:null,session:null,accounts:null};import{BROWSER as d}from"esm-env";import{BROWSER as f}from"esm-env";function h(t){if(f)try{localStorage.setItem("gau-token",t),document.cookie=`__gau-session-token=${t}; path=/; max-age=31536000; samesite=lax; secure`}catch{}}function m(){return f?localStorage.getItem("gau-token"):null}function g(){return d&&"__TAURI_INTERNALS__"in globalThis}var k=Symbol("gau-auth");function S({baseUrl:n="/api/auth",scheme:e="gau",redirectTo:i}={}){let a=$state({...p,providers:[]});async function r(t){let n=t=>window.history.replaceState(null,"",t);try{const t="$app/navigation",{replaceState:o}=await import(
|
|
2
|
+
/* @vite-ignore */
|
|
3
|
+
t);n=t=>o(t,{})}catch{}n(t)}async function s(){if(!t)return void(a={...p,providers:[]});const o=m(),e=o?{Authorization:`Bearer ${o}`}:void 0,i=await fetch(`${n}/session`,o?{headers:e}:{credentials:"include"}),r=i.headers.get("content-type");a=r?.includes("application/json")?await i.json():{...p,providers:[]}}if(t){"#_=_"===window.location.hash&&r(window.location.pathname+window.location.search);const t=new URL(window.location.href).hash.substring(1),n=new URLSearchParams(t).get("token");n?(h(n),(async()=>{await r(window.location.pathname+window.location.search),await s()})()):s()}$effect(()=>{if(!t||!g())return;let o,i=!1;return async function(t){if(!g())return;const{listen:n}=await import("@tauri-apps/api/event");try{return await n("deep-link",async n=>{await t(n.payload)})}catch(t){console.error(t)}}(async t=>{!function(t,n,o,e){const i=new URL(t);if(i.protocol!==`${o}:`&&i.origin!==new URL(n).origin)return;const a=new URLSearchParams(i.hash.substring(1)).get("token");a&&e(a)}(t,n,e,async t=>{h(t),await s()})}).then(t=>{i?t?.():o=t}),()=>{i=!0,o?.()}});const c={get session(){return a},signIn:async function(o,{redirectTo:a,profile:r}={}){let s=a??i;if(g())await async function(t,n,o="gau",e,i){if(!g())return;const{platform:a}=await import("@tauri-apps/plugin-os"),{openUrl:r}=await import("@tauri-apps/plugin-opener"),s=a();let c;c=e||("android"===s||"ios"===s?new URL(n).origin:`${o}://oauth/callback`);const l=new URLSearchParams;l.set("redirectTo",c),i&&l.set("profile",i);const u=`${n}/${t}?${l.toString()}`;await r(u)}(o,n,e,s,r);else{!s&&t&&(s=window.location.origin);const e=new URLSearchParams;s&&e.set("redirectTo",s),r&&e.set("profile",String(r));const i=e.toString();window.location.href=`${n}/${o}${i?`?${i}`:""}`}},linkAccount:async function(o,{redirectTo:a,profile:r}={}){if(g())return void await async function(t,n,o="gau",e,i){if(!g())return;const{platform:a}=await import("@tauri-apps/plugin-os"),{openUrl:r}=await import("@tauri-apps/plugin-opener"),s=a();let c;c=e||("android"===s||"ios"===s?new URL(n).origin:`${o}://oauth/callback`);const l=m();if(!l)return void console.error("No session token found, cannot link account.");const u=new URLSearchParams;u.set("redirectTo",c),u.set("token",l),i&&u.set("profile",i);const w=`${n}/link/${t}?${u.toString()}`;await r(w)}(o,n,e,a,r);let s=a??i;!s&&t&&(s=window.location.href);const c=new URLSearchParams;s&&c.set("redirectTo",s),r&&c.set("profile",String(r)),c.set("redirect","false");const l=`${n}/link/${o}?${c.toString()}`,u=m(),w=u?{headers:{Authorization:`Bearer ${u}`}}:{credentials:"include"},p=await fetch(l,w);if(p.redirected)window.location.href=p.url;else try{const t=await p.json();t.url&&(window.location.href=t.url)}catch(t){console.error("Failed to parse response from link endpoint",t)}},unlinkAccount:async function(t){const o=m(),e=o?{headers:{Authorization:`Bearer ${o}`}}:{credentials:"include"},i=await fetch(`${n}/unlink/${t}`,{method:"POST",...e});i.ok?await s():console.error("Failed to unlink account",await i.json())},signOut:async function(){!function(){if(f)try{localStorage.removeItem("gau-token"),document.cookie="__gau-session-token=; path=/; max-age=0"}catch{}}();const t=m(),o=t?{Authorization:`Bearer ${t}`}:void 0;await fetch(`${n}/signout`,t?{method:"POST",headers:o}:{method:"POST",credentials:"include"}),await s()}};o(k,c)}function y(){const t=n(k);if(!t)throw new Error("useAuth must be used within an AuthProvider");return t}export{S as createSvelteAuth,y as useAuth};//# sourceMappingURL=index.svelte.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/client/svelte/index.svelte.ts","../../../../src/core/cookies.ts","../../../../src/jwt/jwt.ts","../../../../src/oauth/utils.ts","../../../../src/core/index.ts","../../../../src/runtimes/tauri/index.ts","../../../../src/client/token.ts"],"sourcesContent":["import type { GauSession, ProviderIds } from '../../core'\nimport { BROWSER } from 'esm-env'\nimport { getContext, setContext } from 'svelte'\nimport { NULL_SESSION } from '../../core'\nimport { handleTauriDeepLink, isTauri, linkAccountWithTauri, setupTauriListener, signInWithTauri } from '../../runtimes/tauri'\nimport { clearSessionToken, getSessionToken, storeSessionToken } from '../token'\n\ninterface AuthContextValue<TAuth = unknown> {\n session: GauSession<ProviderIds<TAuth>>\n signIn: (provider: ProviderIds<TAuth>, options?: { redirectTo?: string }) => Promise<void>\n linkAccount: (provider: ProviderIds<TAuth>, options?: { redirectTo?: string }) => Promise<void>\n unlinkAccount: (provider: ProviderIds<TAuth>) => Promise<void>\n signOut: () => Promise<void>\n}\n\nconst AUTH_CONTEXT_KEY = Symbol('gau-auth')\n\nexport function createSvelteAuth<const TAuth = unknown>({\n baseUrl = '/api/auth',\n scheme = 'gau',\n redirectTo: defaultRedirectTo,\n}: {\n baseUrl?: string\n scheme?: string\n redirectTo?: string\n} = {}) {\n type CurrentSession = GauSession<ProviderIds<TAuth>>\n let session = $state<CurrentSession>({ ...NULL_SESSION, providers: [] })\n\n async function fetchSession() {\n if (!BROWSER) {\n session = { ...NULL_SESSION, providers: [] }\n return\n }\n\n const token = getSessionToken()\n const headers = token ? { Authorization: `Bearer ${token}` } : undefined\n const res = await fetch(`${baseUrl}/session`, token ? { headers } : { credentials: 'include' })\n\n const contentType = res.headers.get('content-type')\n if (contentType?.includes('application/json')) {\n session = await res.json()\n }\n else {\n session = {\n ...NULL_SESSION,\n providers: [] as ProviderIds<TAuth>[],\n }\n }\n }\n\n async function signIn(provider: ProviderIds<TAuth>, { redirectTo }: { redirectTo?: string } = {}) {\n let finalRedirectTo = redirectTo ?? defaultRedirectTo\n if (isTauri()) {\n await signInWithTauri(provider as string, baseUrl, scheme, finalRedirectTo)\n }\n else {\n if (!finalRedirectTo && BROWSER)\n finalRedirectTo = window.location.origin\n\n const query = finalRedirectTo ? `?redirectTo=${encodeURIComponent(finalRedirectTo)}` : ''\n window.location.href = `${baseUrl}/${provider as string}${query}`\n }\n }\n\n async function linkAccount(provider: ProviderIds<TAuth>, { redirectTo }: { redirectTo?: string } = {}) {\n if (isTauri()) {\n await linkAccountWithTauri(provider as string, baseUrl, scheme, redirectTo)\n return\n }\n\n let finalRedirectTo = redirectTo ?? defaultRedirectTo\n if (!finalRedirectTo && BROWSER)\n finalRedirectTo = window.location.href\n\n const query = finalRedirectTo ? `?redirectTo=${encodeURIComponent(finalRedirectTo)}` : ''\n const linkUrl = `${baseUrl}/link/${provider as string}${query}${query ? '&' : '?'}redirect=false`\n\n const token = getSessionToken()\n\n const fetchOptions: RequestInit = token\n ? { headers: { Authorization: `Bearer ${token}` } }\n : { credentials: 'include' }\n\n const res = await fetch(linkUrl, fetchOptions)\n if (res.redirected) {\n window.location.href = res.url\n }\n else {\n try {\n const data = await res.json()\n if (data.url)\n window.location.href = data.url\n }\n catch (e) {\n console.error('Failed to parse response from link endpoint', e)\n }\n }\n }\n\n async function unlinkAccount(provider: ProviderIds<TAuth>) {\n const token = getSessionToken()\n const fetchOptions: RequestInit = token\n ? { headers: { Authorization: `Bearer ${token}` } }\n : { credentials: 'include' }\n\n const res = await fetch(`${baseUrl}/unlink/${provider as string}`, {\n method: 'POST',\n ...fetchOptions,\n })\n\n if (res.ok)\n await fetchSession()\n else\n console.error('Failed to unlink account', await res.json())\n }\n\n async function signOut() {\n clearSessionToken()\n const token = getSessionToken()\n const headers = token ? { Authorization: `Bearer ${token}` } : undefined\n await fetch(`${baseUrl}/signout`, token ? { method: 'POST', headers } : { method: 'POST', credentials: 'include' })\n await fetchSession()\n }\n\n if (BROWSER) {\n const hash = new URL(window.location.href).hash.substring(1)\n const params = new URLSearchParams(hash)\n const tokenFromUrl = params.get('token')\n\n if (tokenFromUrl) {\n storeSessionToken(tokenFromUrl)\n void (async () => {\n let replaceUrl: (url: string) => void = url => window.history.replaceState(null, '', url)\n try {\n const navPath = '$' + 'app/navigation'\n const { replaceState } = await import(navPath)\n replaceUrl = url => replaceState(url, {})\n }\n catch {}\n\n replaceUrl(window.location.pathname + window.location.search)\n await fetchSession()\n })()\n }\n else {\n fetchSession()\n }\n }\n\n $effect(() => {\n if (!BROWSER || !isTauri())\n return\n\n let cleanup: (() => void) | void\n let disposed = false\n\n setupTauriListener(async (url) => {\n handleTauriDeepLink(url, baseUrl, scheme, async (token) => {\n storeSessionToken(token)\n await fetchSession()\n })\n }).then((unlisten) => {\n if (disposed)\n unlisten?.()\n else\n cleanup = unlisten\n })\n\n return () => {\n disposed = true\n cleanup?.()\n }\n })\n\n const contextValue: AuthContextValue<TAuth> = {\n get session() {\n return session\n },\n signIn: signIn as (provider: ProviderIds<TAuth>, options?: { redirectTo?: string }) => Promise<void>,\n linkAccount: linkAccount as (provider: ProviderIds<TAuth>, options?: { redirectTo?: string }) => Promise<void>,\n unlinkAccount: unlinkAccount as (provider: ProviderIds<TAuth>) => Promise<void>,\n signOut,\n }\n\n setContext(AUTH_CONTEXT_KEY, contextValue)\n}\n\nexport function useAuth<const TAuth = unknown>(): AuthContextValue<TAuth> {\n const context = getContext<AuthContextValue<TAuth>>(AUTH_CONTEXT_KEY)\n if (!context)\n throw new Error('useAuth must be used within an AuthProvider')\n\n return context\n}\n","import type { SerializeOptions } from 'cookie'\nimport { parse, serialize } from 'cookie'\n\nexport const DEFAULT_COOKIE_SERIALIZE_OPTIONS: SerializeOptions = {\n path: '/',\n sameSite: 'lax',\n secure: true,\n httpOnly: true,\n}\n\nexport type Cookie = [string, string, SerializeOptions]\n\nexport function parseCookies(cookieHeader: string | null | undefined): Map<string, string> {\n const cookies = new Map<string, string>()\n if (cookieHeader) {\n const parsed = parse(cookieHeader)\n for (const name in parsed)\n cookies.set(name, parsed[name]!)\n }\n return cookies\n}\n\nexport class Cookies {\n #new: Cookie[] = []\n\n constructor(\n private readonly requestCookies: Map<string, string>,\n private readonly defaultOptions: SerializeOptions,\n ) {}\n\n get(name: string): string | undefined {\n return this.requestCookies.get(name)\n }\n\n set(name: string, value: string, options?: SerializeOptions): void {\n const combinedOptions = { ...this.defaultOptions, ...options }\n this.#new.push([name, value, combinedOptions])\n }\n\n delete(name: string, options?: Omit<SerializeOptions, 'expires' | 'maxAge'>): void {\n this.set(name, '', { ...options, expires: new Date(0), maxAge: 0 })\n }\n\n toHeaders(): Headers {\n const headers = new Headers()\n for (const [name, value, options] of this.#new)\n headers.append('Set-Cookie', serialize(name, value, options))\n\n return headers\n }\n}\n\nexport const CSRF_COOKIE_NAME = '__gau-csrf-token'\nexport const SESSION_COOKIE_NAME = '__gau-session-token'\nexport const SESSION_STRATEGY_COOKIE_NAME = '__gau-session-strategy'\nexport const LINKING_TOKEN_COOKIE_NAME = '__gau-linking-token'\nexport const PKCE_COOKIE_NAME = '__gau-pkce-code-verifier'\nexport const CALLBACK_URI_COOKIE_NAME = '__gau-callback-uri'\n\nexport const CSRF_MAX_AGE = 60 * 10 // 10 minutes\n","/// <reference types=\"node\" />\nimport {\n createJWTSignatureMessage,\n encodeJWT,\n JWSRegisteredHeaders,\n JWTRegisteredClaims,\n parseJWT,\n} from '@oslojs/jwt'\nimport { AuthError } from '../core/index'\nimport { constantTimeEqual, deriveKeysFromSecret, rawToDer } from './utils'\n\nexport type SupportedAlgorithm = 'ES256' | 'HS256'\n\ninterface CommonSignOptions {\n /** Time-to-live in seconds (exp claim). If omitted the token will not expire. */\n ttl?: number\n}\n\nexport type SignOptions\n = | ({ algorithm?: 'ES256', privateKey?: CryptoKey, secret?: string }\n & CommonSignOptions & { iss?: string, aud?: string | string[], sub?: string })\n | ({ algorithm: 'HS256', secret?: string | Uint8Array, privateKey?: never }\n & CommonSignOptions & { iss?: string, aud?: string | string[], sub?: string })\n\n/**\n * Create a signed JWT.\n * Defaults to ES256 when a privateKey is supplied. Falls back to HS256 when a secret is supplied.\n */\nexport async function sign<T extends Record<string, unknown>>(payload: T, options: SignOptions = {}): Promise<string> {\n let { algorithm = 'ES256', ttl, iss, aud, sub, privateKey, secret } = options\n\n if (algorithm === 'ES256') {\n if (!privateKey) {\n if (typeof secret !== 'string')\n throw new AuthError('Missing secret for ES256 signing. It must be a base64url-encoded string.');\n\n ({ privateKey } = await deriveKeysFromSecret(secret))\n }\n }\n else if (algorithm === 'HS256' && !secret) {\n throw new AuthError('Missing secret for HS256 signing')\n }\n\n const now = Math.floor(Date.now() / 1000)\n\n const jwtPayload: Record<string, unknown> = { iat: now, iss, aud, sub, ...payload }\n\n if (ttl != null && ttl > 0)\n jwtPayload.exp = now + ttl\n\n const isHS256 = algorithm === 'HS256'\n const alg: SupportedAlgorithm = isHS256 ? 'HS256' : 'ES256'\n\n const headerJSON = JSON.stringify({ alg, typ: 'JWT' })\n const payloadJSON = JSON.stringify(jwtPayload)\n\n const signatureMessage = createJWTSignatureMessage(headerJSON, payloadJSON)\n\n let signature: Uint8Array\n\n if (isHS256) {\n // HS256 (HMAC-SHA256)\n const secretBytes = typeof secret === 'string'\n ? new TextEncoder().encode(secret)\n : secret\n\n const cryptoKey = await crypto.subtle.importKey(\n 'raw',\n secretBytes as BufferSource,\n { name: 'HMAC', hash: 'SHA-256' },\n false,\n ['sign'],\n )\n\n signature = new Uint8Array(await crypto.subtle.sign('HMAC', cryptoKey, signatureMessage as BufferSource))\n }\n else {\n // ES256 (ECDSA-SHA256)\n // Runtimes like Bun's return the raw (r||s) signature directly, not DER-encoded.\n signature = new Uint8Array(\n await crypto.subtle.sign(\n { name: 'ECDSA', hash: 'SHA-256' },\n privateKey!,\n signatureMessage as BufferSource,\n ),\n )\n }\n\n return encodeJWT(headerJSON, payloadJSON, signature)\n}\n\nexport type VerifyOptions\n = | { algorithm?: 'ES256', publicKey?: CryptoKey, secret?: string, iss?: string, aud?: string | string[] }\n | { algorithm: 'HS256', secret?: string | Uint8Array, publicKey?: never, iss?: string, aud?: string | string[] }\n\n/**\n * Verify a JWT and return its payload when the signature is valid.\n * The algorithm is inferred from options – ES256 by default.\n * Throws when verification fails or the token is expired.\n */\nexport async function verify<T = Record<string, unknown>>(token: string, options: VerifyOptions): Promise<T> {\n let { algorithm = 'ES256', publicKey, secret, iss, aud } = options\n\n if (algorithm === 'ES256') {\n if (!publicKey) {\n if (typeof secret !== 'string')\n throw new AuthError('Missing secret for ES256 verification. Must be a base64url-encoded string.');\n\n ({ publicKey } = await deriveKeysFromSecret(secret))\n }\n }\n\n if (algorithm === 'HS256' && !secret)\n throw new AuthError('Missing secret for HS256 verification')\n\n const [header, payload, signature, signatureMessage] = parseJWT(token)\n\n const headerParams = new JWSRegisteredHeaders(header)\n const headerAlg = headerParams.algorithm()\n\n let validSignature = false\n\n // HS256 verification path\n if (algorithm === 'HS256') {\n if (headerAlg !== 'HS256')\n throw new Error(`JWT algorithm is \"${headerAlg}\", but verifier was configured for \"HS256\"`)\n\n const secretBytes = typeof secret === 'string'\n ? new TextEncoder().encode(secret)\n : secret\n\n const cryptoKey = await crypto.subtle.importKey(\n 'raw',\n secretBytes as BufferSource,\n { name: 'HMAC', hash: 'SHA-256' },\n false,\n ['sign'],\n )\n\n const expectedSig = new Uint8Array(await crypto.subtle.sign('HMAC', cryptoKey, signatureMessage as BufferSource))\n validSignature = constantTimeEqual(expectedSig, new Uint8Array(signature))\n }\n // ES256 verification path (default)\n else {\n if (headerAlg !== 'ES256')\n throw new AuthError(`JWT algorithm is \"${headerAlg}\", but verifier was configured for \"ES256\"`)\n\n const signatureBytes = new Uint8Array(signature)\n\n // Runtimes like Node.js return DER-encoded signatures. Others (Bun) return raw (r||s).\n // We try DER first, as it's more common in Node environments.\n validSignature = await crypto.subtle.verify(\n { name: 'ECDSA', hash: 'SHA-256' },\n publicKey!,\n signatureBytes as BufferSource,\n signatureMessage as BufferSource,\n )\n\n if (!validSignature && signatureBytes.length === 64) {\n // If DER verification fails and the signature is 64 bytes, it might be a raw signature.\n // Convert it to DER and try again.\n try {\n const derSig = rawToDer(signatureBytes)\n validSignature = await crypto.subtle.verify(\n { name: 'ECDSA', hash: 'SHA-256' },\n publicKey!,\n derSig as BufferSource,\n signatureMessage as BufferSource,\n )\n }\n catch {\n // rawToDer can throw if the signature is not 64 bytes, but we already checked.\n // This catch is for other unexpected errors.\n validSignature = false\n }\n }\n }\n\n if (!validSignature)\n throw new AuthError('Invalid JWT signature')\n\n const claims = new JWTRegisteredClaims(payload)\n if (claims.hasExpiration() && !claims.verifyExpiration())\n throw new AuthError('JWT expired')\n if (claims.hasNotBefore() && !claims.verifyNotBefore())\n throw new AuthError('JWT not yet valid')\n if (iss && (payload as any).iss !== iss)\n throw new AuthError('Invalid JWT issuer')\n\n if (aud) {\n const expectedAudience = Array.isArray(aud) ? aud : [aud]\n const tokenAudience = (payload as any).aud\n ? (Array.isArray((payload as any).aud) ? (payload as any).aud : [(payload as any).aud])\n : []\n\n if (!expectedAudience.some(audValue => tokenAudience.includes(audValue)))\n throw new AuthError('Invalid JWT audience')\n }\n\n return payload as T\n}\n","import { generateCodeVerifier, generateState } from 'arctic'\n\nexport function createOAuthUris() {\n const state = generateState()\n const codeVerifier = generateCodeVerifier()\n\n return {\n state,\n codeVerifier,\n }\n}\n","export interface User {\n id: string\n name?: string | null\n email?: string | null\n emailVerified?: boolean | null\n image?: string | null\n role?: string | null\n}\n\nexport interface Session {\n id: string\n sub: string\n [key: string]: unknown\n}\n\nexport interface GauSession<TProviders extends string = string> {\n user: User | null\n session: Session | null\n accounts?: Account[] | null\n providers?: TProviders[]\n}\n\nexport const NULL_SESSION = {\n user: null,\n session: null,\n accounts: null,\n} as const\n\nexport interface NewUser extends Omit<User, 'id' | 'accounts'> {\n id?: string\n}\n\nexport interface Account {\n userId: string\n provider: string\n providerAccountId: string\n type?: string // e.g. \"oauth\"\n accessToken?: string | null\n refreshToken?: string | null\n expiresAt?: number | null // epoch seconds\n idToken?: string | null\n scope?: string | null\n tokenType?: string | null\n sessionState?: string | null\n}\n\nexport interface NewAccount extends Account {}\n\nexport interface Adapter {\n getUser: (id: string) => Promise<User | null>\n getUserByEmail: (email: string) => Promise<User | null>\n getUserByAccount: (provider: string, providerAccountId: string) => Promise<User | null>\n getAccounts: (userId: string) => Promise<Account[]>\n getUserAndAccounts: (userId: string) => Promise<{ user: User, accounts: Account[] } | null>\n createUser: (data: NewUser) => Promise<User>\n linkAccount: (data: NewAccount) => Promise<void>\n unlinkAccount: (provider: string, providerAccountId: string) => Promise<void>\n updateAccount?: (data: Partial<Account> & { userId: string, provider: string, providerAccountId: string }) => Promise<void>\n updateUser: (data: Partial<User> & { id: string }) => Promise<User>\n deleteUser: (id: string) => Promise<void>\n}\n\nexport class AuthError extends Error {\n override readonly cause?: unknown\n constructor(message: string, cause?: unknown) {\n super(message)\n this.name = 'AuthError'\n this.cause = cause\n }\n}\n\nexport function json<T>(data: T, init: ResponseInit = {}): Response {\n const headers = new Headers(init.headers)\n if (!headers.has('Content-Type'))\n headers.set('Content-Type', 'application/json; charset=utf-8')\n return new Response(JSON.stringify(data), { ...init, headers })\n}\n\nexport function redirect(url: string, status: 302 | 303 = 302): Response {\n return new Response(null, {\n status,\n headers: {\n Location: url,\n },\n })\n}\n\nexport * from './cookies'\nexport * from './createAuth'\nexport * from './handler'\n","import { BROWSER } from 'esm-env'\nimport { getSessionToken } from '../../client/token'\n\nexport function isTauri(): boolean {\n return BROWSER && '__TAURI_INTERNALS__' in (globalThis as any)\n}\n\nexport async function signInWithTauri(\n provider: string,\n baseUrl: string,\n scheme: string = 'gau',\n redirectOverride?: string,\n) {\n if (!isTauri())\n return\n\n const { platform } = await import('@tauri-apps/plugin-os')\n const { open } = await import('@tauri-apps/plugin-shell')\n\n const currentPlatform = platform() // platform is NO LONGER an async function\n let redirectTo: string\n\n if (redirectOverride)\n redirectTo = redirectOverride\n else if (currentPlatform === 'android' || currentPlatform === 'ios')\n redirectTo = new URL(baseUrl).origin\n else\n redirectTo = `${scheme}://oauth/callback`\n\n const authUrl = `${baseUrl}/${provider}?redirectTo=${encodeURIComponent(redirectTo)}`\n await open(authUrl)\n}\n\nexport async function setupTauriListener(\n handler: (url: string) => Promise<void>,\n): Promise<(() => void) | void> {\n if (!isTauri())\n return\n\n const { listen } = await import('@tauri-apps/api/event')\n try {\n const unlisten = await listen<string>('deep-link', async (event) => {\n await handler(event.payload)\n })\n return unlisten\n }\n catch (err) {\n console.error(err)\n }\n}\n\nexport function handleTauriDeepLink(url: string, baseUrl: string, scheme: string, onToken: (token: string) => void) {\n const parsed = new URL(url)\n if (parsed.protocol !== `${scheme}:` && parsed.origin !== new URL(baseUrl).origin)\n return\n\n const params = new URLSearchParams(parsed.hash.substring(1))\n const token = params.get('token')\n if (token)\n onToken(token)\n}\n\nexport async function linkAccountWithTauri(\n provider: string,\n baseUrl: string,\n scheme: string = 'gau',\n redirectOverride?: string,\n) {\n if (!isTauri())\n return\n\n const { platform } = await import('@tauri-apps/plugin-os')\n const { open } = await import('@tauri-apps/plugin-shell')\n\n const currentPlatform = platform()\n let redirectTo: string\n\n if (redirectOverride)\n redirectTo = redirectOverride\n else if (currentPlatform === 'android' || currentPlatform === 'ios')\n redirectTo = new URL(baseUrl).origin\n else\n redirectTo = `${scheme}://oauth/callback`\n\n const token = getSessionToken()\n if (!token) {\n console.error('No session token found, cannot link account.')\n return\n }\n\n const query = `?redirectTo=${encodeURIComponent(redirectTo)}&token=${encodeURIComponent(token)}`\n const linkUrl = `${baseUrl}/link/${provider}${query}`\n await open(linkUrl)\n}\n","import { BROWSER } from 'esm-env'\n\nexport function storeSessionToken(token: string) {\n if (!BROWSER)\n return\n try {\n localStorage.setItem('gau-token', token)\n document.cookie = `__gau-session-token=${token}; path=/; max-age=31536000; samesite=lax; secure`\n }\n catch {}\n}\n\nexport function getSessionToken(): string | null {\n if (!BROWSER)\n return null\n return localStorage.getItem('gau-token')\n}\n\nexport function clearSessionToken() {\n if (!BROWSER)\n return\n try {\n localStorage.removeItem('gau-token')\n document.cookie = `__gau-session-token=; path=/; max-age=0`\n }\n catch {}\n}\n"],"mappings":";AACA,SAAS,WAAAA,gBAAe;AACxB,SAAS,YAAY,kBAAkB;;;ACDvC,SAAS,OAAO,iBAAiB;AA0D1B,IAAM,eAAe,KAAK;;;AC1DjC;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;;;ACPP,SAAS,sBAAsB,qBAAqB;;;ACsB7C,IAAM,eAAe;AAAA,EAC1B,MAAM;AAAA,EACN,SAAS;AAAA,EACT,UAAU;AACZ;;;AC1BA,SAAS,WAAAC,gBAAe;;;ACAxB,SAAS,eAAe;AAEjB,SAAS,kBAAkB,OAAe;AAC/C,MAAI,CAAC;AACH;AACF,MAAI;AACF,iBAAa,QAAQ,aAAa,KAAK;AACvC,aAAS,SAAS,uBAAuB,KAAK;AAAA,EAChD,QACM;AAAA,EAAC;AACT;AAEO,SAAS,kBAAiC;AAC/C,MAAI,CAAC;AACH,WAAO;AACT,SAAO,aAAa,QAAQ,WAAW;AACzC;AAEO,SAAS,oBAAoB;AAClC,MAAI,CAAC;AACH;AACF,MAAI;AACF,iBAAa,WAAW,WAAW;AACnC,aAAS,SAAS;AAAA,EACpB,QACM;AAAA,EAAC;AACT;;;ADvBO,SAAS,UAAmB;AACjC,SAAOC,YAAW,yBAA0B;AAC9C;AAEA,eAAsB,gBACpB,UACA,SACA,SAAiB,OACjB,kBACA;AACA,MAAI,CAAC,QAAQ;AACX;AAEF,QAAM,EAAE,SAAS,IAAI,MAAM,OAAO,uBAAuB;AACzD,QAAM,EAAE,KAAK,IAAI,MAAM,OAAO,0BAA0B;AAExD,QAAM,kBAAkB,SAAS;AACjC,MAAI;AAEJ,MAAI;AACF,iBAAa;AAAA,WACN,oBAAoB,aAAa,oBAAoB;AAC5D,iBAAa,IAAI,IAAI,OAAO,EAAE;AAAA;AAE9B,iBAAa,GAAG,MAAM;AAExB,QAAM,UAAU,GAAG,OAAO,IAAI,QAAQ,eAAe,mBAAmB,UAAU,CAAC;AACnF,QAAM,KAAK,OAAO;AACpB;AAEA,eAAsB,mBACpB,SAC8B;AAC9B,MAAI,CAAC,QAAQ;AACX;AAEF,QAAM,EAAE,OAAO,IAAI,MAAM,OAAO,uBAAuB;AACvD,MAAI;AACF,UAAM,WAAW,MAAM,OAAe,aAAa,OAAO,UAAU;AAClE,YAAM,QAAQ,MAAM,OAAO;AAAA,IAC7B,CAAC;AACD,WAAO;AAAA,EACT,SACO,KAAK;AACV,YAAQ,MAAM,GAAG;AAAA,EACnB;AACF;AAEO,SAAS,oBAAoB,KAAa,SAAiB,QAAgB,SAAkC;AAClH,QAAM,SAAS,IAAI,IAAI,GAAG;AAC1B,MAAI,OAAO,aAAa,GAAG,MAAM,OAAO,OAAO,WAAW,IAAI,IAAI,OAAO,EAAE;AACzE;AAEF,QAAM,SAAS,IAAI,gBAAgB,OAAO,KAAK,UAAU,CAAC,CAAC;AAC3D,QAAM,QAAQ,OAAO,IAAI,OAAO;AAChC,MAAI;AACF,YAAQ,KAAK;AACjB;AAEA,eAAsB,qBACpB,UACA,SACA,SAAiB,OACjB,kBACA;AACA,MAAI,CAAC,QAAQ;AACX;AAEF,QAAM,EAAE,SAAS,IAAI,MAAM,OAAO,uBAAuB;AACzD,QAAM,EAAE,KAAK,IAAI,MAAM,OAAO,0BAA0B;AAExD,QAAM,kBAAkB,SAAS;AACjC,MAAI;AAEJ,MAAI;AACF,iBAAa;AAAA,WACN,oBAAoB,aAAa,oBAAoB;AAC5D,iBAAa,IAAI,IAAI,OAAO,EAAE;AAAA;AAE9B,iBAAa,GAAG,MAAM;AAExB,QAAM,QAAQ,gBAAgB;AAC9B,MAAI,CAAC,OAAO;AACV,YAAQ,MAAM,8CAA8C;AAC5D;AAAA,EACF;AAEA,QAAM,QAAQ,eAAe,mBAAmB,UAAU,CAAC,UAAU,mBAAmB,KAAK,CAAC;AAC9F,QAAM,UAAU,GAAG,OAAO,SAAS,QAAQ,GAAG,KAAK;AACnD,QAAM,KAAK,OAAO;AACpB;;;AL9EA,IAAM,mBAAmB,OAAO,UAAU;AAEnC,SAAS,iBAAwC;AAAA,EACtD,UAAU;AAAA,EACV,SAAS;AAAA,EACT,YAAY;AACd,IAII,CAAC,GAAG;AAEN,MAAI,UAAU,OAAuB,EAAE,GAAG,cAAc,WAAW,CAAC,EAAE,CAAC;AAEvE,iBAAe,eAAe;AAC5B,QAAI,CAACC,UAAS;AACZ,gBAAU,EAAE,GAAG,cAAc,WAAW,CAAC,EAAE;AAC3C;AAAA,IACF;AAEA,UAAM,QAAQ,gBAAgB;AAC9B,UAAM,UAAU,QAAQ,EAAE,eAAe,UAAU,KAAK,GAAG,IAAI;AAC/D,UAAM,MAAM,MAAM,MAAM,GAAG,OAAO,YAAY,QAAQ,EAAE,QAAQ,IAAI,EAAE,aAAa,UAAU,CAAC;AAE9F,UAAM,cAAc,IAAI,QAAQ,IAAI,cAAc;AAClD,QAAI,aAAa,SAAS,kBAAkB,GAAG;AAC7C,gBAAU,MAAM,IAAI,KAAK;AAAA,IAC3B,OACK;AACH,gBAAU;AAAA,QACR,GAAG;AAAA,QACH,WAAW,CAAC;AAAA,MACd;AAAA,IACF;AAAA,EACF;AAEA,iBAAe,OAAO,UAA8B,EAAE,WAAW,IAA6B,CAAC,GAAG;AAChG,QAAI,kBAAkB,cAAc;AACpC,QAAI,QAAQ,GAAG;AACb,YAAM,gBAAgB,UAAoB,SAAS,QAAQ,eAAe;AAAA,IAC5E,OACK;AACH,UAAI,CAAC,mBAAmBA;AACtB,0BAAkB,OAAO,SAAS;AAEpC,YAAM,QAAQ,kBAAkB,eAAe,mBAAmB,eAAe,CAAC,KAAK;AACvF,aAAO,SAAS,OAAO,GAAG,OAAO,IAAI,QAAkB,GAAG,KAAK;AAAA,IACjE;AAAA,EACF;AAEA,iBAAe,YAAY,UAA8B,EAAE,WAAW,IAA6B,CAAC,GAAG;AACrG,QAAI,QAAQ,GAAG;AACb,YAAM,qBAAqB,UAAoB,SAAS,QAAQ,UAAU;AAC1E;AAAA,IACF;AAEA,QAAI,kBAAkB,cAAc;AACpC,QAAI,CAAC,mBAAmBA;AACtB,wBAAkB,OAAO,SAAS;AAEpC,UAAM,QAAQ,kBAAkB,eAAe,mBAAmB,eAAe,CAAC,KAAK;AACvF,UAAM,UAAU,GAAG,OAAO,SAAS,QAAkB,GAAG,KAAK,GAAG,QAAQ,MAAM,GAAG;AAEjF,UAAM,QAAQ,gBAAgB;AAE9B,UAAM,eAA4B,QAC9B,EAAE,SAAS,EAAE,eAAe,UAAU,KAAK,GAAG,EAAE,IAChD,EAAE,aAAa,UAAU;AAE7B,UAAM,MAAM,MAAM,MAAM,SAAS,YAAY;AAC7C,QAAI,IAAI,YAAY;AAClB,aAAO,SAAS,OAAO,IAAI;AAAA,IAC7B,OACK;AACH,UAAI;AACF,cAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,YAAI,KAAK;AACP,iBAAO,SAAS,OAAO,KAAK;AAAA,MAChC,SACO,GAAG;AACR,gBAAQ,MAAM,+CAA+C,CAAC;AAAA,MAChE;AAAA,IACF;AAAA,EACF;AAEA,iBAAe,cAAc,UAA8B;AACzD,UAAM,QAAQ,gBAAgB;AAC9B,UAAM,eAA4B,QAC9B,EAAE,SAAS,EAAE,eAAe,UAAU,KAAK,GAAG,EAAE,IAChD,EAAE,aAAa,UAAU;AAE7B,UAAM,MAAM,MAAM,MAAM,GAAG,OAAO,WAAW,QAAkB,IAAI;AAAA,MACjE,QAAQ;AAAA,MACR,GAAG;AAAA,IACL,CAAC;AAED,QAAI,IAAI;AACN,YAAM,aAAa;AAAA;AAEnB,cAAQ,MAAM,4BAA4B,MAAM,IAAI,KAAK,CAAC;AAAA,EAC9D;AAEA,iBAAe,UAAU;AACvB,sBAAkB;AAClB,UAAM,QAAQ,gBAAgB;AAC9B,UAAM,UAAU,QAAQ,EAAE,eAAe,UAAU,KAAK,GAAG,IAAI;AAC/D,UAAM,MAAM,GAAG,OAAO,YAAY,QAAQ,EAAE,QAAQ,QAAQ,QAAQ,IAAI,EAAE,QAAQ,QAAQ,aAAa,UAAU,CAAC;AAClH,UAAM,aAAa;AAAA,EACrB;AAEA,MAAIA,UAAS;AACX,UAAM,OAAO,IAAI,IAAI,OAAO,SAAS,IAAI,EAAE,KAAK,UAAU,CAAC;AAC3D,UAAM,SAAS,IAAI,gBAAgB,IAAI;AACvC,UAAM,eAAe,OAAO,IAAI,OAAO;AAEvC,QAAI,cAAc;AAChB,wBAAkB,YAAY;AAC9B,YAAM,YAAY;AAChB,YAAI,aAAoC,SAAO,OAAO,QAAQ,aAAa,MAAM,IAAI,GAAG;AACxF,YAAI;AACF,gBAAM,UAAU;AAChB,gBAAM,EAAE,aAAa,IAAI,MAAM,OAAO;AACtC,uBAAa,SAAO,aAAa,KAAK,CAAC,CAAC;AAAA,QAC1C,QACM;AAAA,QAAC;AAEP,mBAAW,OAAO,SAAS,WAAW,OAAO,SAAS,MAAM;AAC5D,cAAM,aAAa;AAAA,MACrB,GAAG;AAAA,IACL,OACK;AACH,mBAAa;AAAA,IACf;AAAA,EACF;AAEA,UAAQ,MAAM;AACZ,QAAI,CAACA,YAAW,CAAC,QAAQ;AACvB;AAEF,QAAI;AACJ,QAAI,WAAW;AAEf,uBAAmB,OAAO,QAAQ;AAChC,0BAAoB,KAAK,SAAS,QAAQ,OAAO,UAAU;AACzD,0BAAkB,KAAK;AACvB,cAAM,aAAa;AAAA,MACrB,CAAC;AAAA,IACH,CAAC,EAAE,KAAK,CAAC,aAAa;AACpB,UAAI;AACF,mBAAW;AAAA;AAEX,kBAAU;AAAA,IACd,CAAC;AAED,WAAO,MAAM;AACX,iBAAW;AACX,gBAAU;AAAA,IACZ;AAAA,EACF,CAAC;AAED,QAAM,eAAwC;AAAA,IAC5C,IAAI,UAAU;AACZ,aAAO;AAAA,IACT;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,aAAW,kBAAkB,YAAY;AAC3C;AAEO,SAAS,UAA0D;AACxE,QAAM,UAAU,WAAoC,gBAAgB;AACpE,MAAI,CAAC;AACH,UAAM,IAAI,MAAM,6CAA6C;AAE/D,SAAO;AACT;","names":["BROWSER","BROWSER","BROWSER","BROWSER"]}
|
|
1
|
+
{"version":3,"sources":["../../../../src/client/svelte/index.svelte.ts","../../../../src/core/cookies.ts","../../../../src/jwt/jwt.ts","../../../../src/oauth/utils.ts","../../../../src/core/index.ts","../../../../src/runtimes/tauri/index.ts","../../../../src/client/token.ts"],"sourcesContent":["import type { GauSession, ProfileName, ProviderIds } from '../../core'\nimport { BROWSER } from 'esm-env'\nimport { getContext, setContext } from 'svelte'\nimport { NULL_SESSION } from '../../core'\nimport { handleTauriDeepLink, isTauri, linkAccountWithTauri, setupTauriListener, signInWithTauri } from '../../runtimes/tauri'\nimport { clearSessionToken, getSessionToken, storeSessionToken } from '../token'\n\ninterface AuthContextValue<TAuth = unknown> {\n session: GauSession<ProviderIds<TAuth>>\n signIn: <P extends ProviderIds<TAuth>>(provider: P, options?: { redirectTo?: string, profile?: ProfileName<TAuth, P> }) => Promise<void>\n linkAccount: <P extends ProviderIds<TAuth>>(provider: P, options?: { redirectTo?: string, profile?: ProfileName<TAuth, P> }) => Promise<void>\n unlinkAccount: (provider: ProviderIds<TAuth>) => Promise<void>\n signOut: () => Promise<void>\n}\n\nconst AUTH_CONTEXT_KEY = Symbol('gau-auth')\n\nexport function createSvelteAuth<const TAuth = unknown>({\n baseUrl = '/api/auth',\n scheme = 'gau',\n redirectTo: defaultRedirectTo,\n}: {\n baseUrl?: string\n scheme?: string\n redirectTo?: string\n} = {}) {\n type CurrentSession = GauSession<ProviderIds<TAuth>>\n let session = $state<CurrentSession>({ ...NULL_SESSION, providers: [] })\n\n async function replaceUrlSafe(url: string) {\n let replaceUrl: (url: string) => void = u => window.history.replaceState(null, '', u)\n try {\n const navPath = '$' + 'app/navigation'\n const { replaceState } = await import(/* @vite-ignore */ navPath)\n replaceUrl = u => replaceState(u, {})\n }\n catch {}\n replaceUrl(url)\n }\n\n async function fetchSession() {\n if (!BROWSER) {\n session = { ...NULL_SESSION, providers: [] }\n return\n }\n\n const token = getSessionToken()\n const headers = token ? { Authorization: `Bearer ${token}` } : undefined\n const res = await fetch(`${baseUrl}/session`, token ? { headers } : { credentials: 'include' })\n\n const contentType = res.headers.get('content-type')\n if (contentType?.includes('application/json')) {\n session = await res.json()\n }\n else {\n session = {\n ...NULL_SESSION,\n providers: [] as ProviderIds<TAuth>[],\n }\n }\n }\n\n async function signIn<P extends ProviderIds<TAuth>>(provider: P, { redirectTo, profile }: { redirectTo?: string, profile?: ProfileName<TAuth, P> } = {}) {\n let finalRedirectTo = redirectTo ?? defaultRedirectTo\n if (isTauri()) {\n await signInWithTauri(provider as string, baseUrl, scheme, finalRedirectTo, profile as string | undefined)\n }\n else {\n if (!finalRedirectTo && BROWSER)\n finalRedirectTo = window.location.origin\n\n const params = new URLSearchParams()\n if (finalRedirectTo)\n params.set('redirectTo', finalRedirectTo)\n if (profile)\n params.set('profile', String(profile))\n const q = params.toString()\n window.location.href = `${baseUrl}/${provider as string}${q ? `?${q}` : ''}`\n }\n }\n\n async function linkAccount<P extends ProviderIds<TAuth>>(provider: P, { redirectTo, profile }: { redirectTo?: string, profile?: ProfileName<TAuth, P> } = {}) {\n if (isTauri()) {\n await linkAccountWithTauri(provider as string, baseUrl, scheme, redirectTo, profile as string | undefined)\n return\n }\n\n let finalRedirectTo = redirectTo ?? defaultRedirectTo\n if (!finalRedirectTo && BROWSER)\n finalRedirectTo = window.location.href\n\n const params = new URLSearchParams()\n if (finalRedirectTo)\n params.set('redirectTo', finalRedirectTo)\n if (profile)\n params.set('profile', String(profile))\n params.set('redirect', 'false')\n const linkUrl = `${baseUrl}/link/${provider as string}?${params.toString()}`\n\n const token = getSessionToken()\n\n const fetchOptions: RequestInit = token\n ? { headers: { Authorization: `Bearer ${token}` } }\n : { credentials: 'include' }\n\n const res = await fetch(linkUrl, fetchOptions)\n if (res.redirected) {\n window.location.href = res.url\n }\n else {\n try {\n const data = await res.json()\n if (data.url)\n window.location.href = data.url\n }\n catch (e) {\n console.error('Failed to parse response from link endpoint', e)\n }\n }\n }\n\n async function unlinkAccount(provider: ProviderIds<TAuth>) {\n const token = getSessionToken()\n const fetchOptions: RequestInit = token\n ? { headers: { Authorization: `Bearer ${token}` } }\n : { credentials: 'include' }\n\n const res = await fetch(`${baseUrl}/unlink/${provider as string}`, {\n method: 'POST',\n ...fetchOptions,\n })\n\n if (res.ok)\n await fetchSession()\n else\n console.error('Failed to unlink account', await res.json())\n }\n\n async function signOut() {\n clearSessionToken()\n const token = getSessionToken()\n const headers = token ? { Authorization: `Bearer ${token}` } : undefined\n await fetch(`${baseUrl}/signout`, token ? { method: 'POST', headers } : { method: 'POST', credentials: 'include' })\n await fetchSession()\n }\n\n if (BROWSER) {\n if (window.location.hash === '#_=_')\n void replaceUrlSafe(window.location.pathname + window.location.search)\n\n const hash = new URL(window.location.href).hash.substring(1)\n const params = new URLSearchParams(hash)\n const tokenFromUrl = params.get('token')\n\n if (tokenFromUrl) {\n storeSessionToken(tokenFromUrl)\n void (async () => {\n await replaceUrlSafe(window.location.pathname + window.location.search)\n await fetchSession()\n })()\n }\n else {\n fetchSession()\n }\n }\n\n $effect(() => {\n if (!BROWSER || !isTauri())\n return\n\n let cleanup: (() => void) | void\n let disposed = false\n\n setupTauriListener(async (url) => {\n handleTauriDeepLink(url, baseUrl, scheme, async (token) => {\n storeSessionToken(token)\n await fetchSession()\n })\n }).then((unlisten) => {\n if (disposed)\n unlisten?.()\n else\n cleanup = unlisten\n })\n\n return () => {\n disposed = true\n cleanup?.()\n }\n })\n\n const contextValue: AuthContextValue<TAuth> = {\n get session() {\n return session\n },\n signIn,\n linkAccount,\n unlinkAccount: unlinkAccount as (provider: ProviderIds<TAuth>) => Promise<void>,\n signOut,\n }\n\n setContext(AUTH_CONTEXT_KEY, contextValue)\n}\n\nexport function useAuth<const TAuth = unknown>(): AuthContextValue<TAuth> {\n const context = getContext<AuthContextValue<TAuth>>(AUTH_CONTEXT_KEY)\n if (!context)\n throw new Error('useAuth must be used within an AuthProvider')\n\n return context\n}\n","import type { SerializeOptions } from 'cookie'\nimport { parse, serialize } from 'cookie'\n\nexport const DEFAULT_COOKIE_SERIALIZE_OPTIONS: SerializeOptions = {\n path: '/',\n sameSite: 'lax',\n secure: true,\n httpOnly: true,\n}\n\nexport type Cookie = [string, string, SerializeOptions]\n\nexport function parseCookies(cookieHeader: string | null | undefined): Map<string, string> {\n const cookies = new Map<string, string>()\n if (cookieHeader) {\n const parsed = parse(cookieHeader)\n for (const name in parsed)\n cookies.set(name, parsed[name]!)\n }\n return cookies\n}\n\nexport class Cookies {\n #new: Cookie[] = []\n\n constructor(\n private readonly requestCookies: Map<string, string>,\n private readonly defaultOptions: SerializeOptions,\n ) {}\n\n get(name: string): string | undefined {\n return this.requestCookies.get(name)\n }\n\n set(name: string, value: string, options?: SerializeOptions): void {\n const combinedOptions = { ...this.defaultOptions, ...options }\n this.#new.push([name, value, combinedOptions])\n }\n\n delete(name: string, options?: Omit<SerializeOptions, 'expires' | 'maxAge'>): void {\n this.set(name, '', { ...options, expires: new Date(0), maxAge: 0 })\n }\n\n toHeaders(): Headers {\n const headers = new Headers()\n for (const [name, value, options] of this.#new)\n headers.append('Set-Cookie', serialize(name, value, options))\n\n return headers\n }\n}\n\nexport const CSRF_COOKIE_NAME = '__gau-csrf-token'\nexport const SESSION_COOKIE_NAME = '__gau-session-token'\nexport const SESSION_STRATEGY_COOKIE_NAME = '__gau-session-strategy'\nexport const LINKING_TOKEN_COOKIE_NAME = '__gau-linking-token'\nexport const PKCE_COOKIE_NAME = '__gau-pkce-code-verifier'\nexport const CALLBACK_URI_COOKIE_NAME = '__gau-callback-uri'\nexport const PROVIDER_OPTIONS_COOKIE_NAME = '__gau-provider-options'\n\nexport const CSRF_MAX_AGE = 60 * 10 // 10 minutes\n","/// <reference types=\"node\" />\nimport {\n createJWTSignatureMessage,\n encodeJWT,\n JWSRegisteredHeaders,\n JWTRegisteredClaims,\n parseJWT,\n} from '@oslojs/jwt'\nimport { AuthError } from '../core/index'\nimport { constantTimeEqual, deriveKeysFromSecret, rawToDer } from './utils'\n\nexport type SupportedAlgorithm = 'ES256' | 'HS256'\n\ninterface CommonSignOptions {\n /** Time-to-live in seconds (exp claim). If omitted the token will not expire. */\n ttl?: number\n}\n\nexport type SignOptions\n = | ({ algorithm?: 'ES256', privateKey?: CryptoKey, secret?: string }\n & CommonSignOptions & { iss?: string, aud?: string | string[], sub?: string })\n | ({ algorithm: 'HS256', secret?: string | Uint8Array, privateKey?: never }\n & CommonSignOptions & { iss?: string, aud?: string | string[], sub?: string })\n\n/**\n * Create a signed JWT.\n * Defaults to ES256 when a privateKey is supplied. Falls back to HS256 when a secret is supplied.\n */\nexport async function sign<T extends Record<string, unknown>>(payload: T, options: SignOptions = {}): Promise<string> {\n let { algorithm = 'ES256', ttl, iss, aud, sub, privateKey, secret } = options\n\n if (algorithm === 'ES256') {\n if (!privateKey) {\n if (typeof secret !== 'string')\n throw new AuthError('Missing secret for ES256 signing. It must be a base64url-encoded string.');\n\n ({ privateKey } = await deriveKeysFromSecret(secret))\n }\n }\n else if (algorithm === 'HS256' && !secret) {\n throw new AuthError('Missing secret for HS256 signing')\n }\n\n const now = Math.floor(Date.now() / 1000)\n\n const jwtPayload: Record<string, unknown> = { iat: now, iss, aud, sub, ...payload }\n\n if (ttl != null && ttl > 0)\n jwtPayload.exp = now + ttl\n\n const isHS256 = algorithm === 'HS256'\n const alg: SupportedAlgorithm = isHS256 ? 'HS256' : 'ES256'\n\n const headerJSON = JSON.stringify({ alg, typ: 'JWT' })\n const payloadJSON = JSON.stringify(jwtPayload)\n\n const signatureMessage = createJWTSignatureMessage(headerJSON, payloadJSON)\n\n let signature: Uint8Array\n\n if (isHS256) {\n // HS256 (HMAC-SHA256)\n const secretBytes = typeof secret === 'string'\n ? new TextEncoder().encode(secret)\n : secret\n\n const cryptoKey = await crypto.subtle.importKey(\n 'raw',\n secretBytes as BufferSource,\n { name: 'HMAC', hash: 'SHA-256' },\n false,\n ['sign'],\n )\n\n signature = new Uint8Array(await crypto.subtle.sign('HMAC', cryptoKey, signatureMessage as BufferSource))\n }\n else {\n // ES256 (ECDSA-SHA256)\n // Runtimes like Bun's return the raw (r||s) signature directly, not DER-encoded.\n signature = new Uint8Array(\n await crypto.subtle.sign(\n { name: 'ECDSA', hash: 'SHA-256' },\n privateKey!,\n signatureMessage as BufferSource,\n ),\n )\n }\n\n return encodeJWT(headerJSON, payloadJSON, signature)\n}\n\nexport type VerifyOptions\n = | { algorithm?: 'ES256', publicKey?: CryptoKey, secret?: string, iss?: string, aud?: string | string[] }\n | { algorithm: 'HS256', secret?: string | Uint8Array, publicKey?: never, iss?: string, aud?: string | string[] }\n\n/**\n * Verify a JWT and return its payload when the signature is valid.\n * The algorithm is inferred from options – ES256 by default.\n * Throws when verification fails or the token is expired.\n */\nexport async function verify<T = Record<string, unknown>>(token: string, options: VerifyOptions): Promise<T> {\n let { algorithm = 'ES256', publicKey, secret, iss, aud } = options\n\n if (algorithm === 'ES256') {\n if (!publicKey) {\n if (typeof secret !== 'string')\n throw new AuthError('Missing secret for ES256 verification. Must be a base64url-encoded string.');\n\n ({ publicKey } = await deriveKeysFromSecret(secret))\n }\n }\n\n if (algorithm === 'HS256' && !secret)\n throw new AuthError('Missing secret for HS256 verification')\n\n const [header, payload, signature, signatureMessage] = parseJWT(token)\n\n const headerParams = new JWSRegisteredHeaders(header)\n const headerAlg = headerParams.algorithm()\n\n let validSignature = false\n\n // HS256 verification path\n if (algorithm === 'HS256') {\n if (headerAlg !== 'HS256')\n throw new Error(`JWT algorithm is \"${headerAlg}\", but verifier was configured for \"HS256\"`)\n\n const secretBytes = typeof secret === 'string'\n ? new TextEncoder().encode(secret)\n : secret\n\n const cryptoKey = await crypto.subtle.importKey(\n 'raw',\n secretBytes as BufferSource,\n { name: 'HMAC', hash: 'SHA-256' },\n false,\n ['sign'],\n )\n\n const expectedSig = new Uint8Array(await crypto.subtle.sign('HMAC', cryptoKey, signatureMessage as BufferSource))\n validSignature = constantTimeEqual(expectedSig, new Uint8Array(signature))\n }\n // ES256 verification path (default)\n else {\n if (headerAlg !== 'ES256')\n throw new AuthError(`JWT algorithm is \"${headerAlg}\", but verifier was configured for \"ES256\"`)\n\n const signatureBytes = new Uint8Array(signature)\n\n // Runtimes like Node.js return DER-encoded signatures. Others (Bun) return raw (r||s).\n // We try DER first, as it's more common in Node environments.\n validSignature = await crypto.subtle.verify(\n { name: 'ECDSA', hash: 'SHA-256' },\n publicKey!,\n signatureBytes as BufferSource,\n signatureMessage as BufferSource,\n )\n\n if (!validSignature && signatureBytes.length === 64) {\n // If DER verification fails and the signature is 64 bytes, it might be a raw signature.\n // Convert it to DER and try again.\n try {\n const derSig = rawToDer(signatureBytes)\n validSignature = await crypto.subtle.verify(\n { name: 'ECDSA', hash: 'SHA-256' },\n publicKey!,\n derSig as BufferSource,\n signatureMessage as BufferSource,\n )\n }\n catch {\n // rawToDer can throw if the signature is not 64 bytes, but we already checked.\n // This catch is for other unexpected errors.\n validSignature = false\n }\n }\n }\n\n if (!validSignature)\n throw new AuthError('Invalid JWT signature')\n\n const claims = new JWTRegisteredClaims(payload)\n if (claims.hasExpiration() && !claims.verifyExpiration())\n throw new AuthError('JWT expired')\n if (claims.hasNotBefore() && !claims.verifyNotBefore())\n throw new AuthError('JWT not yet valid')\n if (iss && (payload as any).iss !== iss)\n throw new AuthError('Invalid JWT issuer')\n\n if (aud) {\n const expectedAudience = Array.isArray(aud) ? aud : [aud]\n const tokenAudience = (payload as any).aud\n ? (Array.isArray((payload as any).aud) ? (payload as any).aud : [(payload as any).aud])\n : []\n\n if (!expectedAudience.some(audValue => tokenAudience.includes(audValue)))\n throw new AuthError('Invalid JWT audience')\n }\n\n return payload as T\n}\n","import { generateCodeVerifier, generateState } from 'arctic'\n\nexport function createOAuthUris() {\n const state = generateState()\n const codeVerifier = generateCodeVerifier()\n\n return {\n state,\n codeVerifier,\n }\n}\n","export interface User {\n id: string\n name?: string | null\n email?: string | null\n emailVerified?: boolean | null\n image?: string | null\n role?: string | null\n}\n\nexport interface Session {\n id: string\n sub: string\n [key: string]: unknown\n}\n\nexport interface GauSession<TProviders extends string = string> {\n user: User | null\n session: Session | null\n accounts?: Account[] | null\n providers?: TProviders[]\n}\n\nexport const NULL_SESSION = {\n user: null,\n session: null,\n accounts: null,\n} as const\n\nexport interface NewUser extends Omit<User, 'id' | 'accounts'> {\n id?: string\n}\n\nexport interface Account {\n userId: string\n provider: string\n providerAccountId: string\n type?: string // e.g. \"oauth\"\n accessToken?: string | null\n refreshToken?: string | null\n expiresAt?: number | null // epoch seconds\n idToken?: string | null\n scope?: string | null\n tokenType?: string | null\n sessionState?: string | null\n}\n\nexport interface NewAccount extends Account {}\n\nexport interface Adapter {\n getUser: (id: string) => Promise<User | null>\n getUserByEmail: (email: string) => Promise<User | null>\n getUserByAccount: (provider: string, providerAccountId: string) => Promise<User | null>\n getAccounts: (userId: string) => Promise<Account[]>\n getUserAndAccounts: (userId: string) => Promise<{ user: User, accounts: Account[] } | null>\n createUser: (data: NewUser) => Promise<User>\n linkAccount: (data: NewAccount) => Promise<void>\n unlinkAccount: (provider: string, providerAccountId: string) => Promise<void>\n updateAccount?: (data: Partial<Account> & { userId: string, provider: string, providerAccountId: string }) => Promise<void>\n updateUser: (data: Partial<User> & { id: string }) => Promise<User>\n deleteUser: (id: string) => Promise<void>\n}\n\nexport class AuthError extends Error {\n override readonly cause?: unknown\n constructor(message: string, cause?: unknown) {\n super(message)\n this.name = 'AuthError'\n this.cause = cause\n }\n}\n\nexport function json<T>(data: T, init: ResponseInit = {}): Response {\n const headers = new Headers(init.headers)\n if (!headers.has('Content-Type'))\n headers.set('Content-Type', 'application/json; charset=utf-8')\n return new Response(JSON.stringify(data), { ...init, headers })\n}\n\nexport function redirect(url: string, status: 302 | 303 = 302): Response {\n return new Response(null, {\n status,\n headers: {\n Location: url,\n },\n })\n}\n\nexport * from './cookies'\nexport * from './createAuth'\nexport * from './handler'\n","import { BROWSER } from 'esm-env'\nimport { getSessionToken } from '../../client/token'\n\nexport function isTauri(): boolean {\n return BROWSER && '__TAURI_INTERNALS__' in (globalThis as any)\n}\n\nexport async function signInWithTauri(\n provider: string,\n baseUrl: string,\n scheme: string = 'gau',\n redirectOverride?: string,\n profile?: string,\n) {\n if (!isTauri())\n return\n\n const { platform } = await import('@tauri-apps/plugin-os')\n const { openUrl } = await import('@tauri-apps/plugin-opener')\n\n const currentPlatform = platform() // platform is NO LONGER an async function\n let redirectTo: string\n\n if (redirectOverride)\n redirectTo = redirectOverride\n else if (currentPlatform === 'android' || currentPlatform === 'ios')\n redirectTo = new URL(baseUrl).origin\n else\n redirectTo = `${scheme}://oauth/callback`\n\n const params = new URLSearchParams()\n params.set('redirectTo', redirectTo)\n if (profile)\n params.set('profile', profile)\n const authUrl = `${baseUrl}/${provider}?${params.toString()}`\n await openUrl(authUrl)\n}\n\nexport async function setupTauriListener(\n handler: (url: string) => Promise<void>,\n): Promise<(() => void) | void> {\n if (!isTauri())\n return\n\n const { listen } = await import('@tauri-apps/api/event')\n try {\n const unlisten = await listen<string>('deep-link', async (event) => {\n await handler(event.payload)\n })\n return unlisten\n }\n catch (err) {\n console.error(err)\n }\n}\n\nexport function handleTauriDeepLink(url: string, baseUrl: string, scheme: string, onToken: (token: string) => void) {\n const parsed = new URL(url)\n if (parsed.protocol !== `${scheme}:` && parsed.origin !== new URL(baseUrl).origin)\n return\n\n const params = new URLSearchParams(parsed.hash.substring(1))\n const token = params.get('token')\n if (token)\n onToken(token)\n}\n\nexport async function linkAccountWithTauri(\n provider: string,\n baseUrl: string,\n scheme: string = 'gau',\n redirectOverride?: string,\n profile?: string,\n) {\n if (!isTauri())\n return\n\n const { platform } = await import('@tauri-apps/plugin-os')\n const { openUrl } = await import('@tauri-apps/plugin-opener')\n\n const currentPlatform = platform()\n let redirectTo: string\n\n if (redirectOverride)\n redirectTo = redirectOverride\n else if (currentPlatform === 'android' || currentPlatform === 'ios')\n redirectTo = new URL(baseUrl).origin\n else\n redirectTo = `${scheme}://oauth/callback`\n\n const token = getSessionToken()\n if (!token) {\n console.error('No session token found, cannot link account.')\n return\n }\n\n const params = new URLSearchParams()\n params.set('redirectTo', redirectTo)\n params.set('token', token)\n if (profile)\n params.set('profile', profile)\n const linkUrl = `${baseUrl}/link/${provider}?${params.toString()}`\n await openUrl(linkUrl)\n}\n","import { BROWSER } from 'esm-env'\n\nexport function storeSessionToken(token: string) {\n if (!BROWSER)\n return\n try {\n localStorage.setItem('gau-token', token)\n document.cookie = `__gau-session-token=${token}; path=/; max-age=31536000; samesite=lax; secure`\n }\n catch {}\n}\n\nexport function getSessionToken(): string | null {\n if (!BROWSER)\n return null\n return localStorage.getItem('gau-token')\n}\n\nexport function clearSessionToken() {\n if (!BROWSER)\n return\n try {\n localStorage.removeItem('gau-token')\n document.cookie = `__gau-session-token=; path=/; max-age=0`\n }\n catch {}\n}\n"],"mappings":";AACA,SAAS,WAAAA,gBAAe;AACxB,SAAS,YAAY,kBAAkB;;;ACDvC,SAAS,OAAO,iBAAiB;AA2D1B,IAAM,eAAe,KAAK;;;AC3DjC;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;;;ACPP,SAAS,sBAAsB,qBAAqB;;;ACsB7C,IAAM,eAAe;AAAA,EAC1B,MAAM;AAAA,EACN,SAAS;AAAA,EACT,UAAU;AACZ;;;AC1BA,SAAS,WAAAC,gBAAe;;;ACAxB,SAAS,eAAe;AAEjB,SAAS,kBAAkB,OAAe;AAC/C,MAAI,CAAC;AACH;AACF,MAAI;AACF,iBAAa,QAAQ,aAAa,KAAK;AACvC,aAAS,SAAS,uBAAuB,KAAK;AAAA,EAChD,QACM;AAAA,EAAC;AACT;AAEO,SAAS,kBAAiC;AAC/C,MAAI,CAAC;AACH,WAAO;AACT,SAAO,aAAa,QAAQ,WAAW;AACzC;AAEO,SAAS,oBAAoB;AAClC,MAAI,CAAC;AACH;AACF,MAAI;AACF,iBAAa,WAAW,WAAW;AACnC,aAAS,SAAS;AAAA,EACpB,QACM;AAAA,EAAC;AACT;;;ADvBO,SAAS,UAAmB;AACjC,SAAOC,YAAW,yBAA0B;AAC9C;AAEA,eAAsB,gBACpB,UACA,SACA,SAAiB,OACjB,kBACA,SACA;AACA,MAAI,CAAC,QAAQ;AACX;AAEF,QAAM,EAAE,SAAS,IAAI,MAAM,OAAO,uBAAuB;AACzD,QAAM,EAAE,QAAQ,IAAI,MAAM,OAAO,2BAA2B;AAE5D,QAAM,kBAAkB,SAAS;AACjC,MAAI;AAEJ,MAAI;AACF,iBAAa;AAAA,WACN,oBAAoB,aAAa,oBAAoB;AAC5D,iBAAa,IAAI,IAAI,OAAO,EAAE;AAAA;AAE9B,iBAAa,GAAG,MAAM;AAExB,QAAM,SAAS,IAAI,gBAAgB;AACnC,SAAO,IAAI,cAAc,UAAU;AACnC,MAAI;AACF,WAAO,IAAI,WAAW,OAAO;AAC/B,QAAM,UAAU,GAAG,OAAO,IAAI,QAAQ,IAAI,OAAO,SAAS,CAAC;AAC3D,QAAM,QAAQ,OAAO;AACvB;AAEA,eAAsB,mBACpB,SAC8B;AAC9B,MAAI,CAAC,QAAQ;AACX;AAEF,QAAM,EAAE,OAAO,IAAI,MAAM,OAAO,uBAAuB;AACvD,MAAI;AACF,UAAM,WAAW,MAAM,OAAe,aAAa,OAAO,UAAU;AAClE,YAAM,QAAQ,MAAM,OAAO;AAAA,IAC7B,CAAC;AACD,WAAO;AAAA,EACT,SACO,KAAK;AACV,YAAQ,MAAM,GAAG;AAAA,EACnB;AACF;AAEO,SAAS,oBAAoB,KAAa,SAAiB,QAAgB,SAAkC;AAClH,QAAM,SAAS,IAAI,IAAI,GAAG;AAC1B,MAAI,OAAO,aAAa,GAAG,MAAM,OAAO,OAAO,WAAW,IAAI,IAAI,OAAO,EAAE;AACzE;AAEF,QAAM,SAAS,IAAI,gBAAgB,OAAO,KAAK,UAAU,CAAC,CAAC;AAC3D,QAAM,QAAQ,OAAO,IAAI,OAAO;AAChC,MAAI;AACF,YAAQ,KAAK;AACjB;AAEA,eAAsB,qBACpB,UACA,SACA,SAAiB,OACjB,kBACA,SACA;AACA,MAAI,CAAC,QAAQ;AACX;AAEF,QAAM,EAAE,SAAS,IAAI,MAAM,OAAO,uBAAuB;AACzD,QAAM,EAAE,QAAQ,IAAI,MAAM,OAAO,2BAA2B;AAE5D,QAAM,kBAAkB,SAAS;AACjC,MAAI;AAEJ,MAAI;AACF,iBAAa;AAAA,WACN,oBAAoB,aAAa,oBAAoB;AAC5D,iBAAa,IAAI,IAAI,OAAO,EAAE;AAAA;AAE9B,iBAAa,GAAG,MAAM;AAExB,QAAM,QAAQ,gBAAgB;AAC9B,MAAI,CAAC,OAAO;AACV,YAAQ,MAAM,8CAA8C;AAC5D;AAAA,EACF;AAEA,QAAM,SAAS,IAAI,gBAAgB;AACnC,SAAO,IAAI,cAAc,UAAU;AACnC,SAAO,IAAI,SAAS,KAAK;AACzB,MAAI;AACF,WAAO,IAAI,WAAW,OAAO;AAC/B,QAAM,UAAU,GAAG,OAAO,SAAS,QAAQ,IAAI,OAAO,SAAS,CAAC;AAChE,QAAM,QAAQ,OAAO;AACvB;;;ALxFA,IAAM,mBAAmB,OAAO,UAAU;AAEnC,SAAS,iBAAwC;AAAA,EACtD,UAAU;AAAA,EACV,SAAS;AAAA,EACT,YAAY;AACd,IAII,CAAC,GAAG;AAEN,MAAI,UAAU,OAAuB,EAAE,GAAG,cAAc,WAAW,CAAC,EAAE,CAAC;AAEvE,iBAAe,eAAe,KAAa;AACzC,QAAI,aAAoC,OAAK,OAAO,QAAQ,aAAa,MAAM,IAAI,CAAC;AACpF,QAAI;AACF,YAAM,UAAU;AAChB,YAAM,EAAE,aAAa,IAAI,MAAM;AAAA;AAAA,QAA0B;AAAA;AACzD,mBAAa,OAAK,aAAa,GAAG,CAAC,CAAC;AAAA,IACtC,QACM;AAAA,IAAC;AACP,eAAW,GAAG;AAAA,EAChB;AAEA,iBAAe,eAAe;AAC5B,QAAI,CAACC,UAAS;AACZ,gBAAU,EAAE,GAAG,cAAc,WAAW,CAAC,EAAE;AAC3C;AAAA,IACF;AAEA,UAAM,QAAQ,gBAAgB;AAC9B,UAAM,UAAU,QAAQ,EAAE,eAAe,UAAU,KAAK,GAAG,IAAI;AAC/D,UAAM,MAAM,MAAM,MAAM,GAAG,OAAO,YAAY,QAAQ,EAAE,QAAQ,IAAI,EAAE,aAAa,UAAU,CAAC;AAE9F,UAAM,cAAc,IAAI,QAAQ,IAAI,cAAc;AAClD,QAAI,aAAa,SAAS,kBAAkB,GAAG;AAC7C,gBAAU,MAAM,IAAI,KAAK;AAAA,IAC3B,OACK;AACH,gBAAU;AAAA,QACR,GAAG;AAAA,QACH,WAAW,CAAC;AAAA,MACd;AAAA,IACF;AAAA,EACF;AAEA,iBAAe,OAAqC,UAAa,EAAE,YAAY,QAAQ,IAA8D,CAAC,GAAG;AACvJ,QAAI,kBAAkB,cAAc;AACpC,QAAI,QAAQ,GAAG;AACb,YAAM,gBAAgB,UAAoB,SAAS,QAAQ,iBAAiB,OAA6B;AAAA,IAC3G,OACK;AACH,UAAI,CAAC,mBAAmBA;AACtB,0BAAkB,OAAO,SAAS;AAEpC,YAAM,SAAS,IAAI,gBAAgB;AACnC,UAAI;AACF,eAAO,IAAI,cAAc,eAAe;AAC1C,UAAI;AACF,eAAO,IAAI,WAAW,OAAO,OAAO,CAAC;AACvC,YAAM,IAAI,OAAO,SAAS;AAC1B,aAAO,SAAS,OAAO,GAAG,OAAO,IAAI,QAAkB,GAAG,IAAI,IAAI,CAAC,KAAK,EAAE;AAAA,IAC5E;AAAA,EACF;AAEA,iBAAe,YAA0C,UAAa,EAAE,YAAY,QAAQ,IAA8D,CAAC,GAAG;AAC5J,QAAI,QAAQ,GAAG;AACb,YAAM,qBAAqB,UAAoB,SAAS,QAAQ,YAAY,OAA6B;AACzG;AAAA,IACF;AAEA,QAAI,kBAAkB,cAAc;AACpC,QAAI,CAAC,mBAAmBA;AACtB,wBAAkB,OAAO,SAAS;AAEpC,UAAM,SAAS,IAAI,gBAAgB;AACnC,QAAI;AACF,aAAO,IAAI,cAAc,eAAe;AAC1C,QAAI;AACF,aAAO,IAAI,WAAW,OAAO,OAAO,CAAC;AACvC,WAAO,IAAI,YAAY,OAAO;AAC9B,UAAM,UAAU,GAAG,OAAO,SAAS,QAAkB,IAAI,OAAO,SAAS,CAAC;AAE1E,UAAM,QAAQ,gBAAgB;AAE9B,UAAM,eAA4B,QAC9B,EAAE,SAAS,EAAE,eAAe,UAAU,KAAK,GAAG,EAAE,IAChD,EAAE,aAAa,UAAU;AAE7B,UAAM,MAAM,MAAM,MAAM,SAAS,YAAY;AAC7C,QAAI,IAAI,YAAY;AAClB,aAAO,SAAS,OAAO,IAAI;AAAA,IAC7B,OACK;AACH,UAAI;AACF,cAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,YAAI,KAAK;AACP,iBAAO,SAAS,OAAO,KAAK;AAAA,MAChC,SACO,GAAG;AACR,gBAAQ,MAAM,+CAA+C,CAAC;AAAA,MAChE;AAAA,IACF;AAAA,EACF;AAEA,iBAAe,cAAc,UAA8B;AACzD,UAAM,QAAQ,gBAAgB;AAC9B,UAAM,eAA4B,QAC9B,EAAE,SAAS,EAAE,eAAe,UAAU,KAAK,GAAG,EAAE,IAChD,EAAE,aAAa,UAAU;AAE7B,UAAM,MAAM,MAAM,MAAM,GAAG,OAAO,WAAW,QAAkB,IAAI;AAAA,MACjE,QAAQ;AAAA,MACR,GAAG;AAAA,IACL,CAAC;AAED,QAAI,IAAI;AACN,YAAM,aAAa;AAAA;AAEnB,cAAQ,MAAM,4BAA4B,MAAM,IAAI,KAAK,CAAC;AAAA,EAC9D;AAEA,iBAAe,UAAU;AACvB,sBAAkB;AAClB,UAAM,QAAQ,gBAAgB;AAC9B,UAAM,UAAU,QAAQ,EAAE,eAAe,UAAU,KAAK,GAAG,IAAI;AAC/D,UAAM,MAAM,GAAG,OAAO,YAAY,QAAQ,EAAE,QAAQ,QAAQ,QAAQ,IAAI,EAAE,QAAQ,QAAQ,aAAa,UAAU,CAAC;AAClH,UAAM,aAAa;AAAA,EACrB;AAEA,MAAIA,UAAS;AACX,QAAI,OAAO,SAAS,SAAS;AAC3B,WAAK,eAAe,OAAO,SAAS,WAAW,OAAO,SAAS,MAAM;AAEvE,UAAM,OAAO,IAAI,IAAI,OAAO,SAAS,IAAI,EAAE,KAAK,UAAU,CAAC;AAC3D,UAAM,SAAS,IAAI,gBAAgB,IAAI;AACvC,UAAM,eAAe,OAAO,IAAI,OAAO;AAEvC,QAAI,cAAc;AAChB,wBAAkB,YAAY;AAC9B,YAAM,YAAY;AAChB,cAAM,eAAe,OAAO,SAAS,WAAW,OAAO,SAAS,MAAM;AACtE,cAAM,aAAa;AAAA,MACrB,GAAG;AAAA,IACL,OACK;AACH,mBAAa;AAAA,IACf;AAAA,EACF;AAEA,UAAQ,MAAM;AACZ,QAAI,CAACA,YAAW,CAAC,QAAQ;AACvB;AAEF,QAAI;AACJ,QAAI,WAAW;AAEf,uBAAmB,OAAO,QAAQ;AAChC,0BAAoB,KAAK,SAAS,QAAQ,OAAO,UAAU;AACzD,0BAAkB,KAAK;AACvB,cAAM,aAAa;AAAA,MACrB,CAAC;AAAA,IACH,CAAC,EAAE,KAAK,CAAC,aAAa;AACpB,UAAI;AACF,mBAAW;AAAA;AAEX,kBAAU;AAAA,IACd,CAAC;AAED,WAAO,MAAM;AACX,iBAAW;AACX,gBAAU;AAAA,IACZ;AAAA,EACF,CAAC;AAED,QAAM,eAAwC;AAAA,IAC5C,IAAI,UAAU;AACZ,aAAO;AAAA,IACT;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,aAAW,kBAAkB,YAAY;AAC3C;AAEO,SAAS,UAA0D;AACxE,QAAM,UAAU,WAAoC,gBAAgB;AACpE,MAAI,CAAC;AACH,UAAM,IAAI,MAAM,6CAA6C;AAE/D,SAAO;AACT;","names":["BROWSER","BROWSER","BROWSER","BROWSER"]}
|
|
@@ -18,5 +18,6 @@ export declare const SESSION_STRATEGY_COOKIE_NAME = "__gau-session-strategy";
|
|
|
18
18
|
export declare const LINKING_TOKEN_COOKIE_NAME = "__gau-linking-token";
|
|
19
19
|
export declare const PKCE_COOKIE_NAME = "__gau-pkce-code-verifier";
|
|
20
20
|
export declare const CALLBACK_URI_COOKIE_NAME = "__gau-callback-uri";
|
|
21
|
-
export declare const
|
|
21
|
+
export declare const PROVIDER_OPTIONS_COOKIE_NAME = "__gau-provider-options";
|
|
22
|
+
export declare const CSRF_MAX_AGE: number;
|
|
22
23
|
//# sourceMappingURL=cookies.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cookies.d.ts","sourceRoot":"","sources":["../../../src/core/cookies.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAA;AAG9C,eAAO,MAAM,gCAAgC,EAAE,gBAK9C,CAAA;AAED,MAAM,MAAM,MAAM,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,gBAAgB,CAAC,CAAA;AAEvD,wBAAgB,YAAY,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAQzF;AAED,qBAAa,OAAO;;IAIhB,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAFjC,YACmB,cAAc,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,EACnC,cAAc,EAAE,gBAAgB,EAC/C;IAEJ,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAEpC;IAED,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,IAAI,CAGjE;IAED,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,CAAC,gBAAgB,EAAE,SAAS,GAAG,QAAQ,CAAC,GAAG,IAAI,CAEjF;IAED,SAAS,IAAI,OAAO,CAMnB;CACF;AAED,eAAO,MAAM,gBAAgB,qBAAqB,CAAA;AAClD,eAAO,MAAM,mBAAmB,wBAAwB,CAAA;AACxD,eAAO,MAAM,4BAA4B,2BAA2B,CAAA;AACpE,eAAO,MAAM,yBAAyB,wBAAwB,CAAA;AAC9D,eAAO,MAAM,gBAAgB,6BAA6B,CAAA;AAC1D,eAAO,MAAM,wBAAwB,uBAAuB,CAAA;
|
|
1
|
+
{"version":3,"file":"cookies.d.ts","sourceRoot":"","sources":["../../../src/core/cookies.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAA;AAG9C,eAAO,MAAM,gCAAgC,EAAE,gBAK9C,CAAA;AAED,MAAM,MAAM,MAAM,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,gBAAgB,CAAC,CAAA;AAEvD,wBAAgB,YAAY,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAQzF;AAED,qBAAa,OAAO;;IAIhB,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAFjC,YACmB,cAAc,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,EACnC,cAAc,EAAE,gBAAgB,EAC/C;IAEJ,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAEpC;IAED,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,IAAI,CAGjE;IAED,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,CAAC,gBAAgB,EAAE,SAAS,GAAG,QAAQ,CAAC,GAAG,IAAI,CAEjF;IAED,SAAS,IAAI,OAAO,CAMnB;CACF;AAED,eAAO,MAAM,gBAAgB,qBAAqB,CAAA;AAClD,eAAO,MAAM,mBAAmB,wBAAwB,CAAA;AACxD,eAAO,MAAM,4BAA4B,2BAA2B,CAAA;AACpE,eAAO,MAAM,yBAAyB,wBAAwB,CAAA;AAC9D,eAAO,MAAM,gBAAgB,6BAA6B,CAAA;AAC1D,eAAO,MAAM,wBAAwB,uBAAuB,CAAA;AAC5D,eAAO,MAAM,4BAA4B,2BAA2B,CAAA;AAEpE,eAAO,MAAM,YAAY,QAAU,CAAA"}
|
|
@@ -1,13 +1,16 @@
|
|
|
1
1
|
import type { OAuth2Tokens } from 'arctic';
|
|
2
2
|
import type { SerializeOptions } from 'cookie';
|
|
3
3
|
import type { SignOptions, VerifyOptions } from '../jwt';
|
|
4
|
-
import type { AuthUser, OAuthProvider } from '../oauth';
|
|
4
|
+
import type { AuthUser, OAuthProvider, OAuthProviderConfig, ProviderProfileOverrides } from '../oauth';
|
|
5
5
|
import type { Cookies } from './cookies';
|
|
6
6
|
import type { Adapter, GauSession } from './index';
|
|
7
7
|
type ProviderId<P> = P extends OAuthProvider<infer T> ? T : never;
|
|
8
8
|
export type ProviderIds<T> = T extends {
|
|
9
9
|
providerMap: Map<infer K extends string, any>;
|
|
10
10
|
} ? K : string;
|
|
11
|
+
export type ProfileName<T, P extends string> = T extends {
|
|
12
|
+
profiles: infer R;
|
|
13
|
+
} ? P extends keyof R ? keyof R[P] : never : never;
|
|
11
14
|
export interface CreateAuthOptions<TProviders extends OAuthProvider[]> {
|
|
12
15
|
/** The database adapter to use for storing users and accounts. */
|
|
13
16
|
adapter: Adapter;
|
|
@@ -59,8 +62,6 @@ export interface CreateAuthOptions<TProviders extends OAuthProvider[]> {
|
|
|
59
62
|
} | {
|
|
60
63
|
handled: false;
|
|
61
64
|
}>;
|
|
62
|
-
/** Force some providers to be link-only (no standalone sign-in). */
|
|
63
|
-
linkOnlyProviders?: string[];
|
|
64
65
|
/** Map/override the provider's profile right after token exchange. */
|
|
65
66
|
mapExternalProfile?: (context: {
|
|
66
67
|
request: Request;
|
|
@@ -140,6 +141,11 @@ export interface CreateAuthOptions<TProviders extends OAuthProvider[]> {
|
|
|
140
141
|
/** Preflight max age in seconds (optional). */
|
|
141
142
|
maxAge?: number;
|
|
142
143
|
};
|
|
144
|
+
/**
|
|
145
|
+
* Named, server-defined profiles that group provider specific settings.
|
|
146
|
+
* Clients can reference a profile by name (e.g. signIn('github', { profile: 'myprofile' })).
|
|
147
|
+
*/
|
|
148
|
+
profiles?: ProfilesConfig<TProviders>;
|
|
143
149
|
}
|
|
144
150
|
export type Auth<TProviders extends OAuthProvider[] = any> = Adapter & {
|
|
145
151
|
providerMap: Map<ProviderId<TProviders[number]>, TProviders[number]>;
|
|
@@ -149,7 +155,6 @@ export type Auth<TProviders extends OAuthProvider[] = any> = Adapter & {
|
|
|
149
155
|
ttl: number;
|
|
150
156
|
};
|
|
151
157
|
onOAuthExchange?: CreateAuthOptions<TProviders>['onOAuthExchange'];
|
|
152
|
-
linkOnlyProviders: string[];
|
|
153
158
|
mapExternalProfile?: CreateAuthOptions<TProviders>['mapExternalProfile'];
|
|
154
159
|
onBeforeLinkAccount?: CreateAuthOptions<TProviders>['onBeforeLinkAccount'];
|
|
155
160
|
onAfterLinkAccount?: CreateAuthOptions<TProviders>['onAfterLinkAccount'];
|
|
@@ -189,7 +194,22 @@ export type Auth<TProviders extends OAuthProvider[] = any> = Adapter & {
|
|
|
189
194
|
exposeHeaders?: string[];
|
|
190
195
|
maxAge?: number;
|
|
191
196
|
};
|
|
197
|
+
profiles: ResolvedProfiles<TProviders>;
|
|
192
198
|
};
|
|
193
|
-
export
|
|
199
|
+
export interface ProfileDefinition {
|
|
200
|
+
scopes?: string[];
|
|
201
|
+
redirectUri?: string;
|
|
202
|
+
/** When true, this profile can only be linked to an existing session; standalone sign-in is disabled. */
|
|
203
|
+
linkOnly?: boolean;
|
|
204
|
+
/** Additional provider-specific authorization params. */
|
|
205
|
+
params?: Record<string, string>;
|
|
206
|
+
}
|
|
207
|
+
type ProviderIdOfArray<TProviders extends OAuthProvider[]> = ProviderId<TProviders[number]>;
|
|
208
|
+
type ProviderConfigFor<TProviders extends OAuthProvider[], K extends string> = Extract<TProviders[number], OAuthProvider<K, any>> extends OAuthProvider<any, infer C> ? C : OAuthProviderConfig;
|
|
209
|
+
export type ProfilesConfig<TProviders extends OAuthProvider[]> = Partial<{
|
|
210
|
+
[K in ProviderIdOfArray<TProviders>]: Record<string, ProfileDefinition & ProviderProfileOverrides<ProviderConfigFor<TProviders, K>>>;
|
|
211
|
+
}>;
|
|
212
|
+
export type ResolvedProfiles<TProviders extends OAuthProvider[]> = ProfilesConfig<TProviders>;
|
|
213
|
+
export declare function createAuth<const TProviders extends OAuthProvider[]>({ adapter, providers, basePath, jwt: jwtConfig, session: sessionConfig, cookies: cookieConfig, onOAuthExchange, mapExternalProfile, onBeforeLinkAccount, onAfterLinkAccount, trustHosts, autoLink, allowDifferentEmails, updateUserInfoOnLink, roles: rolesConfig, cors, profiles: profilesConfig }: CreateAuthOptions<TProviders>): Auth<TProviders>;
|
|
194
214
|
export {};
|
|
195
215
|
//# sourceMappingURL=createAuth.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"createAuth.d.ts","sourceRoot":"","sources":["../../../src/core/createAuth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAA;AAC1C,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAA;AAC9C,OAAO,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAA;AACxD,OAAO,KAAK,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;
|
|
1
|
+
{"version":3,"file":"createAuth.d.ts","sourceRoot":"","sources":["../../../src/core/createAuth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAA;AAC1C,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAA;AAC9C,OAAO,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAA;AACxD,OAAO,KAAK,EAAE,QAAQ,EAAE,aAAa,EAAE,mBAAmB,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAA;AACtG,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACxC,OAAO,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAA;AAKlD,KAAK,UAAU,CAAC,CAAC,IAAI,CAAC,SAAS,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,KAAK,CAAA;AACjE,MAAM,MAAM,WAAW,CAAC,CAAC,IAAI,CAAC,SAAS;IAAE,WAAW,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,MAAM,EAAE,GAAG,CAAC,CAAA;CAAE,GAAG,CAAC,GAAG,MAAM,CAAA;AAErG,MAAM,MAAM,WAAW,CAAC,CAAC,EAAE,CAAC,SAAS,MAAM,IAAI,CAAC,SAAS;IAAE,QAAQ,EAAE,MAAM,CAAC,CAAA;CAAE,GAC1E,CAAC,SAAS,MAAM,CAAC,GACf,MAAM,CAAC,CAAC,CAAC,CAAC,GACV,KAAK,GACP,KAAK,CAAA;AAET,MAAM,WAAW,iBAAiB,CAAC,UAAU,SAAS,aAAa,EAAE;IACnE,kEAAkE;IAClE,OAAO,EAAE,OAAO,CAAA;IAChB,2CAA2C;IAC3C,SAAS,EAAE,UAAU,CAAA;IACrB,qEAAqE;IACrE,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,iCAAiC;IACjC,OAAO,CAAC,EAAE;QACR,4EAA4E;QAC5E,QAAQ,CAAC,EAAE,MAAM,GAAG,QAAQ,GAAG,OAAO,CAAA;KACvC,CAAA;IACD,sDAAsD;IACtD,GAAG,CAAC,EAAE;QACJ,uDAAuD;QACvD,SAAS,CAAC,EAAE,OAAO,GAAG,OAAO,CAAA;QAC7B,2FAA2F;QAC3F,MAAM,CAAC,EAAE,MAAM,CAAA;QACf,mCAAmC;QACnC,GAAG,CAAC,EAAE,MAAM,CAAA;QACZ,qCAAqC;QACrC,GAAG,CAAC,EAAE,MAAM,CAAA;QACZ,oEAAoE;QACpE,GAAG,CAAC,EAAE,MAAM,CAAA;KACb,CAAA;IACD,0CAA0C;IAC1C,OAAO,CAAC,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;IACnC;;;;OAIG;IACH,eAAe,CAAC,EAAE,CAAC,OAAO,EAAE;QAC1B,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,MAAM,CAAA;QAClB,KAAK,EAAE,MAAM,CAAA;QACb,IAAI,EAAE,MAAM,CAAA;QACZ,YAAY,EAAE,MAAM,CAAA;QACpB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;QAC3B,UAAU,EAAE,MAAM,CAAA;QAClB,OAAO,EAAE,OAAO,CAAA;QAChB,YAAY,EAAE,QAAQ,CAAA;QACtB,MAAM,EAAE,YAAY,CAAA;QACpB,SAAS,EAAE,OAAO,CAAA;QAClB,aAAa,CAAC,EAAE,MAAM,CAAA;KACvB,KAAK,OAAO,CAAC;QAAE,OAAO,EAAE,IAAI,CAAC;QAAC,QAAQ,EAAE,QAAQ,CAAA;KAAE,GAAG;QAAE,OAAO,EAAE,KAAK,CAAA;KAAE,CAAC,CAAA;IACzE,sEAAsE;IACtE,kBAAkB,CAAC,EAAE,CAAC,OAAO,EAAE;QAC7B,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,MAAM,CAAA;QAClB,YAAY,EAAE,QAAQ,CAAA;QACtB,MAAM,EAAE,YAAY,CAAA;QACpB,SAAS,EAAE,OAAO,CAAA;KACnB,KAAK,OAAO,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,GAAG,IAAI,GAAG,SAAS,CAAC,CAAA;IAC9D,8DAA8D;IAC9D,mBAAmB,CAAC,EAAE,CAAC,OAAO,EAAE;QAC9B,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,MAAM,CAAA;QAClB,MAAM,EAAE,MAAM,CAAA;QACd,YAAY,EAAE,QAAQ,CAAA;QACtB,MAAM,EAAE,YAAY,CAAA;KACrB,KAAK,OAAO,CAAC;QAAE,KAAK,EAAE,IAAI,CAAA;KAAE,GAAG;QAAE,KAAK,EAAE,KAAK,CAAC;QAAC,QAAQ,CAAC,EAAE,QAAQ,CAAA;KAAE,CAAC,CAAA;IACtE,mDAAmD;IACnD,kBAAkB,CAAC,EAAE,CAAC,OAAO,EAAE;QAC7B,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,MAAM,CAAA;QAClB,MAAM,EAAE,MAAM,CAAA;QACd,YAAY,EAAE,QAAQ,CAAA;QACtB,MAAM,EAAE,YAAY,CAAA;QACpB,MAAM,EAAE,MAAM,GAAG,QAAQ,CAAA;KAC1B,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IACnB,uFAAuF;IACvF,UAAU,CAAC,EAAE,KAAK,GAAG,MAAM,EAAE,CAAA;IAC7B,+EAA+E;IAC/E,QAAQ,CAAC,EAAE,eAAe,GAAG,QAAQ,GAAG,KAAK,CAAA;IAC7C,mHAAmH;IACnH,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAC9B,iIAAiI;IACjI,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAC9B,4DAA4D;IAC5D,KAAK,CAAC,EAAE;QACN,4CAA4C;QAC5C,WAAW,CAAC,EAAE,MAAM,CAAA;QACpB,iHAAiH;QACjH,eAAe,CAAC,EAAE,CAAC,OAAO,EAAE;YAAE,UAAU,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,GAAG,CAAC;YAAC,OAAO,EAAE,OAAO,CAAA;SAAE,KAAK,MAAM,GAAG,SAAS,CAAA;QACzG,kEAAkE;QAClE,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;QACrB,oEAAoE;QACpE,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;KACxB,CAAA;IACD;;;;OAIG;IACH,IAAI,CAAC,EAAE,IAAI,GAAG,KAAK,GAAG;QACpB;;;;;;;WAOG;QACH,cAAc,CAAC,EAAE,KAAK,GAAG,OAAO,GAAG,MAAM,EAAE,CAAA;QAC3C,2EAA2E;QAC3E,gBAAgB,CAAC,EAAE,OAAO,CAAA;QAC1B,+EAA+E;QAC/E,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;QACzB,8DAA8D;QAC9D,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;QACzB,kCAAkC;QAClC,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;QACxB,+CAA+C;QAC/C,MAAM,CAAC,EAAE,MAAM,CAAA;KAChB,CAAA;IACD;;;OAGG;IACH,QAAQ,CAAC,EAAE,cAAc,CAAC,UAAU,CAAC,CAAA;CACtC;AAED,MAAM,MAAM,IAAI,CAAC,UAAU,SAAS,aAAa,EAAE,GAAG,GAAG,IAAI,OAAO,GAAG;IACrE,WAAW,EAAE,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC,CAAA;IACpE,QAAQ,EAAE,MAAM,CAAA;IAChB,aAAa,EAAE,gBAAgB,CAAA;IAC/B,GAAG,EAAE;QAAE,GAAG,EAAE,MAAM,CAAA;KAAE,CAAA;IACpB,eAAe,CAAC,EAAE,iBAAiB,CAAC,UAAU,CAAC,CAAC,iBAAiB,CAAC,CAAA;IAClE,kBAAkB,CAAC,EAAE,iBAAiB,CAAC,UAAU,CAAC,CAAC,oBAAoB,CAAC,CAAA;IACxE,mBAAmB,CAAC,EAAE,iBAAiB,CAAC,UAAU,CAAC,CAAC,qBAAqB,CAAC,CAAA;IAC1E,kBAAkB,CAAC,EAAE,iBAAiB,CAAC,UAAU,CAAC,CAAC,oBAAoB,CAAC,CAAA;IACxE,OAAO,EAAE,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,aAAa,CAAC,EAAE,OAAO,CAAC,WAAW,CAAC,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;IACjH,SAAS,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC,KAAK,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAA;IACpH,aAAa,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;IAChG,eAAe,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAAA;IAC9D;;;OAGG;IACH,cAAc,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,KAAK,OAAO,CAAC;QAAE,WAAW,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;KAAE,GAAG,IAAI,CAAC,CAAA;IAC1H,UAAU,EAAE,KAAK,GAAG,MAAM,EAAE,CAAA;IAC5B,QAAQ,EAAE,eAAe,GAAG,QAAQ,GAAG,KAAK,CAAA;IAC5C,oBAAoB,EAAE,OAAO,CAAA;IAC7B,oBAAoB,EAAE,OAAO,CAAA;IAC7B,eAAe,EAAE,MAAM,GAAG,QAAQ,GAAG,OAAO,CAAA;IAC5C,WAAW,EAAE,OAAO,CAAA;IACpB,KAAK,EAAE;QACL,WAAW,EAAE,MAAM,CAAA;QACnB,eAAe,CAAC,EAAE,CAAC,OAAO,EAAE;YAAE,UAAU,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,GAAG,CAAC;YAAC,OAAO,EAAE,OAAO,CAAA;SAAE,KAAK,MAAM,GAAG,SAAS,CAAA;QACzG,UAAU,EAAE,MAAM,EAAE,CAAA;QACpB,YAAY,EAAE,MAAM,EAAE,CAAA;KACvB,CAAA;IACD,IAAI,EAAE,KAAK,GAAG;QACZ,cAAc,EAAE,KAAK,GAAG,OAAO,GAAG,MAAM,EAAE,CAAA;QAC1C,gBAAgB,EAAE,OAAO,CAAA;QACzB,cAAc,EAAE,MAAM,EAAE,CAAA;QACxB,cAAc,EAAE,MAAM,EAAE,CAAA;QACxB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;QACxB,MAAM,CAAC,EAAE,MAAM,CAAA;KAChB,CAAA;IACD,QAAQ,EAAE,gBAAgB,CAAC,UAAU,CAAC,CAAA;CACvC,CAAA;AAED,MAAM,WAAW,iBAAiB;IAChC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;IACjB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,yGAAyG;IACzG,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,yDAAyD;IACzD,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAChC;AAED,KAAK,iBAAiB,CAAC,UAAU,SAAS,aAAa,EAAE,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAA;AAC3F,KAAK,iBAAiB,CAAC,UAAU,SAAS,aAAa,EAAE,EAAE,CAAC,SAAS,MAAM,IACvE,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,aAAa,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,SAAS,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,mBAAmB,CAAA;AAEpH,MAAM,MAAM,cAAc,CAAC,UAAU,SAAS,aAAa,EAAE,IAAI,OAAO,CAAC;KACtE,CAAC,IAAI,iBAAiB,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,iBAAiB,GAAG,wBAAwB,CAAC,iBAAiB,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC;CACrI,CAAC,CAAA;AACF,MAAM,MAAM,gBAAgB,CAAC,UAAU,SAAS,aAAa,EAAE,IAAI,cAAc,CAAC,UAAU,CAAC,CAAA;AAE7F,wBAAgB,UAAU,CAAC,KAAK,CAAC,UAAU,SAAS,aAAa,EAAE,EAAE,EACnE,OAAO,EACP,SAAS,EACT,QAAsB,EACtB,GAAG,EAAE,SAAc,EACnB,OAAO,EAAE,aAAkB,EAC3B,OAAO,EAAE,YAAiB,EAC1B,eAAe,EACf,kBAAkB,EAClB,mBAAmB,EACnB,kBAAkB,EAClB,UAAe,EACf,QAA0B,EAC1B,oBAA2B,EAC3B,oBAA4B,EAC5B,KAAK,EAAE,WAAgB,EACvB,IAAW,EACX,QAAQ,EAAE,cAAc,EACzB,EAAE,iBAAiB,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,CA2JlD"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"callback.d.ts","sourceRoot":"","sources":["../../../../src/core/handlers/callback.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAA;
|
|
1
|
+
{"version":3,"file":"callback.d.ts","sourceRoot":"","sources":["../../../../src/core/handlers/callback.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAA;AAezC,wBAAsB,cAAc,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CA2hBxG"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
import{applyCors as o,handleCallback as r,handleLink as m,handlePreflight as p,handleSession as t,handleSignIn as
|
|
1
|
+
import{applyCors as o,handleCallback as r,handleLink as m,handlePreflight as p,handleSession as t,handleSignIn as c,handleSignOut as e,handleUnlink as f,verifyRequestOrigin as h}from"../../../chunk-PJCHBT42.js";export{o as applyCors,r as handleCallback,m as handleLink,p as handlePreflight,t as handleSession,c as handleSignIn,e as handleSignOut,f as handleUnlink,h as verifyRequestOrigin};//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../../../src/core/handlers/login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAA;AAMzC,wBAAsB,YAAY,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAEtG;AAED,wBAAsB,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,
|
|
1
|
+
{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../../../src/core/handlers/login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAA;AAMzC,wBAAsB,YAAY,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAEtG;AAED,wBAAsB,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,CAkBnF"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../../src/core/handlers/utils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAA;
|
|
1
|
+
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../../src/core/handlers/utils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAA;AAczC,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,GAAG,MAAM,EAAE,EAAE,WAAW,EAAE,OAAO,GAAG,OAAO,CA+BjH;AAED,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,IAAI,EACV,UAAU,EAAE,MAAM,EAClB,YAAY,EAAE,MAAM,GAAG,IAAI,GAC1B,OAAO,CAAC,QAAQ,CAAC,CA6HnB"}
|
package/dist/src/core/hooks.d.ts
CHANGED
|
@@ -47,5 +47,4 @@ export interface AfterLinkAccountContext extends BeforeLinkAccountContext {
|
|
|
47
47
|
action: 'link' | 'update';
|
|
48
48
|
}
|
|
49
49
|
export declare function runOnAfterLinkAccount(auth: Auth | undefined, ctx: AfterLinkAccountContext): Promise<void>;
|
|
50
|
-
export declare function isLinkOnlyProvider(auth: Auth, providerId: string): boolean;
|
|
51
50
|
//# sourceMappingURL=hooks.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hooks.d.ts","sourceRoot":"","sources":["../../../src/core/hooks.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAA;AAC1C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACxC,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AAExC,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,KAAK,EAAE,MAAM,CAAA;IACb,IAAI,EAAE,MAAM,CAAA;IACZ,YAAY,EAAE,MAAM,CAAA;IACpB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC3B,UAAU,EAAE,MAAM,CAAA;IAClB,OAAO,EAAE,OAAO,CAAA;IAChB,YAAY,EAAE,GAAG,CAAA;IACjB,MAAM,EAAE,YAAY,CAAA;IACpB,SAAS,EAAE,OAAO,CAAA;IAClB,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB;AAED,MAAM,MAAM,mBAAmB,GAAG;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,QAAQ,EAAE,QAAQ,CAAA;CAAE,GAAG;IAAE,OAAO,EAAE,KAAK,CAAA;CAAE,CAAA;AAE5F,wBAAsB,kBAAkB,CAAC,IAAI,EAAE,IAAI,GAAG,SAAS,EAAE,GAAG,EAAE,oBAAoB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAaxH;AAED,MAAM,WAAW,yBAAyB;IACxC,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,YAAY,EAAE,GAAG,CAAA;IACjB,MAAM,EAAE,YAAY,CAAA;IACpB,SAAS,EAAE,OAAO,CAAA;CACnB;AAED,wBAAsB,uBAAuB,CAAC,IAAI,EAAE,IAAI,GAAG,SAAS,EAAE,GAAG,EAAE,yBAAyB,GAAG,OAAO,CAAC,GAAG,CAAC,CAalH;AAED,MAAM,WAAW,wBAAwB;IACvC,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,MAAM,EAAE,MAAM,CAAA;IACd,YAAY,EAAE,GAAG,CAAA;IACjB,MAAM,EAAE,YAAY,CAAA;CACrB;AAED,wBAAsB,sBAAsB,CAAC,IAAI,EAAE,IAAI,GAAG,SAAS,EAAE,GAAG,EAAE,wBAAwB,GAAG,OAAO,CAAC;IAAE,KAAK,EAAE,IAAI,CAAA;CAAE,GAAG;IAAE,KAAK,EAAE,KAAK,CAAC;IAAC,QAAQ,CAAC,EAAE,QAAQ,CAAA;CAAE,CAAC,CAapK;AAED,MAAM,WAAW,uBAAwB,SAAQ,wBAAwB;IAAG,MAAM,EAAE,MAAM,GAAG,QAAQ,CAAA;CAAE;AAEvG,wBAAsB,qBAAqB,CAAC,IAAI,EAAE,IAAI,GAAG,SAAS,EAAE,GAAG,EAAE,uBAAuB,GAAG,OAAO,CAAC,IAAI,CAAC,CAS/G
|
|
1
|
+
{"version":3,"file":"hooks.d.ts","sourceRoot":"","sources":["../../../src/core/hooks.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAA;AAC1C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACxC,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AAExC,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,KAAK,EAAE,MAAM,CAAA;IACb,IAAI,EAAE,MAAM,CAAA;IACZ,YAAY,EAAE,MAAM,CAAA;IACpB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC3B,UAAU,EAAE,MAAM,CAAA;IAClB,OAAO,EAAE,OAAO,CAAA;IAChB,YAAY,EAAE,GAAG,CAAA;IACjB,MAAM,EAAE,YAAY,CAAA;IACpB,SAAS,EAAE,OAAO,CAAA;IAClB,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB;AAED,MAAM,MAAM,mBAAmB,GAAG;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,QAAQ,EAAE,QAAQ,CAAA;CAAE,GAAG;IAAE,OAAO,EAAE,KAAK,CAAA;CAAE,CAAA;AAE5F,wBAAsB,kBAAkB,CAAC,IAAI,EAAE,IAAI,GAAG,SAAS,EAAE,GAAG,EAAE,oBAAoB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAaxH;AAED,MAAM,WAAW,yBAAyB;IACxC,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,YAAY,EAAE,GAAG,CAAA;IACjB,MAAM,EAAE,YAAY,CAAA;IACpB,SAAS,EAAE,OAAO,CAAA;CACnB;AAED,wBAAsB,uBAAuB,CAAC,IAAI,EAAE,IAAI,GAAG,SAAS,EAAE,GAAG,EAAE,yBAAyB,GAAG,OAAO,CAAC,GAAG,CAAC,CAalH;AAED,MAAM,WAAW,wBAAwB;IACvC,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,MAAM,EAAE,MAAM,CAAA;IACd,YAAY,EAAE,GAAG,CAAA;IACjB,MAAM,EAAE,YAAY,CAAA;CACrB;AAED,wBAAsB,sBAAsB,CAAC,IAAI,EAAE,IAAI,GAAG,SAAS,EAAE,GAAG,EAAE,wBAAwB,GAAG,OAAO,CAAC;IAAE,KAAK,EAAE,IAAI,CAAA;CAAE,GAAG;IAAE,KAAK,EAAE,KAAK,CAAC;IAAC,QAAQ,CAAC,EAAE,QAAQ,CAAA;CAAE,CAAC,CAapK;AAED,MAAM,WAAW,uBAAwB,SAAQ,wBAAwB;IAAG,MAAM,EAAE,MAAM,GAAG,QAAQ,CAAA;CAAE;AAEvG,wBAAsB,qBAAqB,CAAC,IAAI,EAAE,IAAI,GAAG,SAAS,EAAE,GAAG,EAAE,uBAAuB,GAAG,OAAO,CAAC,IAAI,CAAC,CAS/G"}
|
package/dist/src/core/index.d.ts
CHANGED
|
@@ -29,10 +29,10 @@ export interface Account {
|
|
|
29
29
|
userId: string;
|
|
30
30
|
provider: string;
|
|
31
31
|
providerAccountId: string;
|
|
32
|
-
type?: string;
|
|
32
|
+
type?: string;
|
|
33
33
|
accessToken?: string | null;
|
|
34
34
|
refreshToken?: string | null;
|
|
35
|
-
expiresAt?: number | null;
|
|
35
|
+
expiresAt?: number | null;
|
|
36
36
|
idToken?: string | null;
|
|
37
37
|
scope?: string | null;
|
|
38
38
|
tokenType?: string | null;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/core/index.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,IAAI;IACnB,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACrB,aAAa,CAAC,EAAE,OAAO,GAAG,IAAI,CAAA;IAC9B,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACrB,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CACrB;AAED,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAA;IACV,GAAG,EAAE,MAAM,CAAA;IACX,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;CACvB;AAED,MAAM,WAAW,UAAU,CAAC,UAAU,SAAS,MAAM,GAAG,MAAM;IAC5D,IAAI,EAAE,IAAI,GAAG,IAAI,CAAA;IACjB,OAAO,EAAE,OAAO,GAAG,IAAI,CAAA;IACvB,QAAQ,CAAC,EAAE,OAAO,EAAE,GAAG,IAAI,CAAA;IAC3B,SAAS,CAAC,EAAE,UAAU,EAAE,CAAA;CACzB;AAED,eAAO,MAAM,YAAY;;;;CAIf,CAAA;AAEV,MAAM,WAAW,OAAQ,SAAQ,IAAI,CAAC,IAAI,EAAE,IAAI,GAAG,UAAU,CAAC;IAC5D,EAAE,CAAC,EAAE,MAAM,CAAA;CACZ;AAED,MAAM,WAAW,OAAO;IACtB,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,EAAE,MAAM,CAAA;IAChB,iBAAiB,EAAE,MAAM,CAAA;IACzB,IAAI,CAAC,EAAE,MAAM,CAAA
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/core/index.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,IAAI;IACnB,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACrB,aAAa,CAAC,EAAE,OAAO,GAAG,IAAI,CAAA;IAC9B,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACrB,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CACrB;AAED,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAA;IACV,GAAG,EAAE,MAAM,CAAA;IACX,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;CACvB;AAED,MAAM,WAAW,UAAU,CAAC,UAAU,SAAS,MAAM,GAAG,MAAM;IAC5D,IAAI,EAAE,IAAI,GAAG,IAAI,CAAA;IACjB,OAAO,EAAE,OAAO,GAAG,IAAI,CAAA;IACvB,QAAQ,CAAC,EAAE,OAAO,EAAE,GAAG,IAAI,CAAA;IAC3B,SAAS,CAAC,EAAE,UAAU,EAAE,CAAA;CACzB;AAED,eAAO,MAAM,YAAY;;;;CAIf,CAAA;AAEV,MAAM,WAAW,OAAQ,SAAQ,IAAI,CAAC,IAAI,EAAE,IAAI,GAAG,UAAU,CAAC;IAC5D,EAAE,CAAC,EAAE,MAAM,CAAA;CACZ;AAED,MAAM,WAAW,OAAO;IACtB,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,EAAE,MAAM,CAAA;IAChB,iBAAiB,EAAE,MAAM,CAAA;IACzB,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC3B,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC5B,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACzB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACrB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACzB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CAC7B;AAED,MAAM,WAAW,UAAW,SAAQ,OAAO;CAAG;AAE9C,MAAM,WAAW,OAAO;IACtB,OAAO,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,CAAA;IAC7C,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,CAAA;IACvD,gBAAgB,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,iBAAiB,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,CAAA;IACvF,WAAW,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,EAAE,CAAC,CAAA;IACnD,kBAAkB,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC;QAAE,IAAI,EAAE,IAAI,CAAC;QAAC,QAAQ,EAAE,OAAO,EAAE,CAAA;KAAE,GAAG,IAAI,CAAC,CAAA;IAC3F,UAAU,EAAE,CAAC,IAAI,EAAE,OAAO,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAC5C,WAAW,EAAE,CAAC,IAAI,EAAE,UAAU,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAChD,aAAa,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,iBAAiB,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAC7E,aAAa,CAAC,EAAE,CAAC,IAAI,EAAE,OAAO,CAAC,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,iBAAiB,EAAE,MAAM,CAAA;KAAE,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAC3H,UAAU,EAAE,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,GAAG;QAAE,EAAE,EAAE,MAAM,CAAA;KAAE,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IACnE,UAAU,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;CAC1C;AAED,qBAAa,SAAU,SAAQ,KAAK;IAClC,SAAkB,KAAK,CAAC,EAAE,OAAO,CAAA;IACjC,YAAY,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,OAAO,EAI3C;CACF;AAED,wBAAgB,IAAI,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,GAAE,YAAiB,GAAG,QAAQ,CAKlE;AAED,wBAAgB,QAAQ,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,GAAE,GAAG,GAAG,GAAS,GAAG,QAAQ,CAOvE;AAED,cAAc,WAAW,CAAA;AACzB,cAAc,cAAc,CAAA;AAC5B,cAAc,WAAW,CAAA"}
|
package/dist/src/core/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{AuthError as o,CALLBACK_URI_COOKIE_NAME as r,CSRF_COOKIE_NAME as m,CSRF_MAX_AGE as p,Cookies as t,DEFAULT_COOKIE_SERIALIZE_OPTIONS as
|
|
1
|
+
import{AuthError as o,CALLBACK_URI_COOKIE_NAME as r,CSRF_COOKIE_NAME as m,CSRF_MAX_AGE as p,Cookies as t,DEFAULT_COOKIE_SERIALIZE_OPTIONS as c,LINKING_TOKEN_COOKIE_NAME as e,NULL_SESSION as f,PKCE_COOKIE_NAME as h,PROVIDER_OPTIONS_COOKIE_NAME as i,SESSION_COOKIE_NAME as j,SESSION_STRATEGY_COOKIE_NAME as k,createAuth as n,createHandler as s,json as u,parseCookies as x,redirect as B}from"../../chunk-PJCHBT42.js";export{o as AuthError,r as CALLBACK_URI_COOKIE_NAME,m as CSRF_COOKIE_NAME,p as CSRF_MAX_AGE,t as Cookies,c as DEFAULT_COOKIE_SERIALIZE_OPTIONS,e as LINKING_TOKEN_COOKIE_NAME,f as NULL_SESSION,h as PKCE_COOKIE_NAME,i as PROVIDER_OPTIONS_COOKIE_NAME,j as SESSION_COOKIE_NAME,k as SESSION_STRATEGY_COOKIE_NAME,n as createAuth,s as createHandler,u as json,x as parseCookies,B as redirect};//# sourceMappingURL=index.js.map
|
package/dist/src/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{AuthError as o,CALLBACK_URI_COOKIE_NAME as r,CSRF_COOKIE_NAME as m,CSRF_MAX_AGE as p,Cookies as t,DEFAULT_COOKIE_SERIALIZE_OPTIONS as
|
|
1
|
+
import{AuthError as o,CALLBACK_URI_COOKIE_NAME as r,CSRF_COOKIE_NAME as m,CSRF_MAX_AGE as p,Cookies as t,DEFAULT_COOKIE_SERIALIZE_OPTIONS as c,LINKING_TOKEN_COOKIE_NAME as e,NULL_SESSION as f,PKCE_COOKIE_NAME as h,PROVIDER_OPTIONS_COOKIE_NAME as i,SESSION_COOKIE_NAME as j,SESSION_STRATEGY_COOKIE_NAME as k,createAuth as n,createHandler as s,json as u,parseCookies as x,redirect as B}from"../chunk-PJCHBT42.js";export{o as AuthError,r as CALLBACK_URI_COOKIE_NAME,m as CSRF_COOKIE_NAME,p as CSRF_MAX_AGE,t as Cookies,c as DEFAULT_COOKIE_SERIALIZE_OPTIONS,e as LINKING_TOKEN_COOKIE_NAME,f as NULL_SESSION,h as PKCE_COOKIE_NAME,i as PROVIDER_OPTIONS_COOKIE_NAME,j as SESSION_COOKIE_NAME,k as SESSION_STRATEGY_COOKIE_NAME,n as createAuth,s as createHandler,u as json,x as parseCookies,B as redirect};//# sourceMappingURL=index.js.map
|
package/dist/src/jwt/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{sign as o,verify as r}from"../../chunk-
|
|
1
|
+
import{sign as o,verify as r}from"../../chunk-PJCHBT42.js";export{o as sign,r as verify};//# sourceMappingURL=index.js.map
|
|
@@ -1,4 +1,6 @@
|
|
|
1
1
|
import type { OAuth2Tokens } from 'arctic';
|
|
2
|
+
export { Discord } from './providers/discord';
|
|
3
|
+
export { Facebook } from './providers/facebook';
|
|
2
4
|
export { GitHub } from './providers/github';
|
|
3
5
|
export { Google } from './providers/google';
|
|
4
6
|
export { Microsoft } from './providers/microsoft';
|
|
@@ -7,6 +9,8 @@ export interface OAuthProviderConfig {
|
|
|
7
9
|
clientSecret: string;
|
|
8
10
|
redirectUri?: string;
|
|
9
11
|
scope?: string[];
|
|
12
|
+
linkOnly?: boolean;
|
|
13
|
+
params?: Record<string, string>;
|
|
10
14
|
}
|
|
11
15
|
export interface RefreshedTokens {
|
|
12
16
|
accessToken: string;
|
|
@@ -24,20 +28,25 @@ export interface AuthUser {
|
|
|
24
28
|
avatar: string | null;
|
|
25
29
|
raw: Record<string, unknown>;
|
|
26
30
|
}
|
|
27
|
-
export
|
|
31
|
+
export type ProviderProfileOverrides<C> = Partial<Pick<C, Extract<keyof C, 'tenant' | 'prompt'>>>;
|
|
32
|
+
export interface OAuthProvider<T extends string = string, C = OAuthProviderConfig> {
|
|
28
33
|
id: T;
|
|
29
34
|
requiresRedirectUri?: boolean;
|
|
35
|
+
linkOnly?: boolean;
|
|
30
36
|
getAuthorizationUrl: (state: string, codeVerifier: string, options?: {
|
|
31
37
|
scopes?: string[];
|
|
32
38
|
redirectUri?: string;
|
|
39
|
+
params?: Record<string, string>;
|
|
40
|
+
overrides?: ProviderProfileOverrides<C>;
|
|
33
41
|
}) => Promise<URL>;
|
|
34
|
-
validateCallback: (code: string, codeVerifier: string, redirectUri?: string) => Promise<{
|
|
42
|
+
validateCallback: (code: string, codeVerifier: string, redirectUri?: string, overrides?: ProviderProfileOverrides<C>) => Promise<{
|
|
35
43
|
tokens: OAuth2Tokens;
|
|
36
44
|
user: AuthUser;
|
|
37
45
|
}>;
|
|
38
46
|
refreshAccessToken?: (refreshToken: string, options?: {
|
|
39
47
|
redirectUri?: string;
|
|
40
48
|
scopes?: string[];
|
|
49
|
+
overrides?: ProviderProfileOverrides<C>;
|
|
41
50
|
}) => Promise<RefreshedTokens>;
|
|
42
51
|
}
|
|
43
52
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/oauth/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAA;AAE1C,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAC3C,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAC3C,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAA;AAEjD,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,MAAM,CAAA;IAChB,YAAY,EAAE,MAAM,CAAA;IACpB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/oauth/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAA;AAE1C,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAA;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAC3C,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAC3C,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAA;AAEjD,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,MAAM,CAAA;IAChB,YAAY,EAAE,MAAM,CAAA;IACpB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAChC;AAED,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,MAAM,CAAA;IACnB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC5B,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACzB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACzB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CACtB;AAED,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,EAAE,MAAM,CAAA;IACZ,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,aAAa,EAAE,OAAO,GAAG,IAAI,CAAA;IAC7B,MAAM,EAAE,MAAM,GAAG,IAAI,CAAA;IACrB,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAC7B;AAED,MAAM,MAAM,wBAAwB,CAAC,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,CAAC,MAAM,CAAC,EAAE,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAA;AAEjG,MAAM,WAAW,aAAa,CAAC,CAAC,SAAS,MAAM,GAAG,MAAM,EAAE,CAAC,GAAG,mBAAmB;IAC/E,EAAE,EAAE,CAAC,CAAA;IACL,mBAAmB,CAAC,EAAE,OAAO,CAAA;IAC7B,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,mBAAmB,EAAE,CACnB,KAAK,EAAE,MAAM,EACb,YAAY,EAAE,MAAM,EACpB,OAAO,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAAC,WAAW,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAAC,SAAS,CAAC,EAAE,wBAAwB,CAAC,CAAC,CAAC,CAAA;KAAE,KAC5H,OAAO,CAAC,GAAG,CAAC,CAAA;IACjB,gBAAgB,EAAE,CAChB,IAAI,EAAE,MAAM,EACZ,YAAY,EAAE,MAAM,EACpB,WAAW,CAAC,EAAE,MAAM,EACpB,SAAS,CAAC,EAAE,wBAAwB,CAAC,CAAC,CAAC,KACpC,OAAO,CAAC;QAAE,MAAM,EAAE,YAAY,CAAC;QAAC,IAAI,EAAE,QAAQ,CAAA;KAAE,CAAC,CAAA;IACtD,kBAAkB,CAAC,EAAE,CACnB,YAAY,EAAE,MAAM,EACpB,OAAO,CAAC,EAAE;QAAE,WAAW,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAAC,SAAS,CAAC,EAAE,wBAAwB,CAAC,CAAC,CAAC,CAAA;KAAE,KAC3F,OAAO,CAAC,eAAe,CAAC,CAAA;CAC9B"}
|