@skroz/profile-api 1.0.16 → 1.0.17

package/dist/adapters/TypeOrmProfileAdapter.d.ts

@@ -7,8 +7,11 @@ export declare class TypeOrmProfileAdapter implements ProfileDbAdapter {
     findUserById(id: number): Promise<AuthUser | null>;
     findUserByTelegramId(telegramId: string): Promise<AuthUser | null>;
     createUser(data: {
-        email: string;
+        email?: string | null;
         passwordHash: string;
+        isTempPassword?: boolean;
     }): Promise<AuthUser>;
     isEmailTaken(email: string, excludeUserId?: number): Promise<boolean>;
+    findUserByProviderId(provider: string, id: string): Promise<AuthUser | null>;
+    updateUserProviderId(userId: number, provider: string, id: string): Promise<void>;
 }

package/dist/adapters/TypeOrmProfileAdapter.js

@@ -35,10 +35,12 @@ class TypeOrmProfileAdapter {
     }
     createUser(data) {
         return __awaiter(this, void 0, void 0, function* () {
+            var _a;
             const user = this.repo.create({
-                email: data.email.toLowerCase(),
+                email: data.email ? data.email.toLowerCase() : null,
                 password: data.passwordHash,
                 isEmailConfirmed: false,
+                isTempPassword: (_a = data.isTempPassword) !== null && _a !== void 0 ? _a : false,
             });
             return (yield this.repo.save(user));
         });
@@ -53,5 +55,17 @@ class TypeOrmProfileAdapter {
             return count > 0;
         });
     }
+    findUserByProviderId(provider, id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const field = `${provider}Id`;
+            return this.repo.findOne({ where: { [field]: id } });
+        });
+    }
+    updateUserProviderId(userId, provider, id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const field = `${provider}Id`;
+            yield this.repo.update(userId, { [field]: id });
+        });
+    }
 }
 exports.TypeOrmProfileAdapter = TypeOrmProfileAdapter;

package/dist/dto/OauthInput.d.ts

@@ -0,0 +1,14 @@
+export declare class TelegramAuthData {
+    id: string;
+    first_name: string;
+    last_name?: string;
+    username?: string;
+    photo_url?: string;
+    auth_date: string;
+    hash: string;
+}
+export declare class OauthLoginInput {
+    provider: string;
+    code?: string;
+    tgData?: TelegramAuthData;
+}

package/dist/dto/OauthInput.js

@@ -0,0 +1,65 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OauthLoginInput = exports.TelegramAuthData = void 0;
+const type_graphql_1 = require("type-graphql");
+let TelegramAuthData = class TelegramAuthData {
+};
+exports.TelegramAuthData = TelegramAuthData;
+__decorate([
+    (0, type_graphql_1.Field)(),
+    __metadata("design:type", String)
+], TelegramAuthData.prototype, "id", void 0);
+__decorate([
+    (0, type_graphql_1.Field)(),
+    __metadata("design:type", String)
+], TelegramAuthData.prototype, "first_name", void 0);
+__decorate([
+    (0, type_graphql_1.Field)({ nullable: true }),
+    __metadata("design:type", String)
+], TelegramAuthData.prototype, "last_name", void 0);
+__decorate([
+    (0, type_graphql_1.Field)({ nullable: true }),
+    __metadata("design:type", String)
+], TelegramAuthData.prototype, "username", void 0);
+__decorate([
+    (0, type_graphql_1.Field)({ nullable: true }),
+    __metadata("design:type", String)
+], TelegramAuthData.prototype, "photo_url", void 0);
+__decorate([
+    (0, type_graphql_1.Field)(),
+    __metadata("design:type", String)
+], TelegramAuthData.prototype, "auth_date", void 0);
+__decorate([
+    (0, type_graphql_1.Field)(),
+    __metadata("design:type", String)
+], TelegramAuthData.prototype, "hash", void 0);
+exports.TelegramAuthData = TelegramAuthData = __decorate([
+    (0, type_graphql_1.InputType)()
+], TelegramAuthData);
+let OauthLoginInput = class OauthLoginInput {
+};
+exports.OauthLoginInput = OauthLoginInput;
+__decorate([
+    (0, type_graphql_1.Field)(),
+    __metadata("design:type", String)
+], OauthLoginInput.prototype, "provider", void 0);
+__decorate([
+    (0, type_graphql_1.Field)({ nullable: true }),
+    __metadata("design:type", String)
+], OauthLoginInput.prototype, "code", void 0);
+__decorate([
+    (0, type_graphql_1.Field)(() => TelegramAuthData, { nullable: true }),
+    __metadata("design:type", TelegramAuthData)
+], OauthLoginInput.prototype, "tgData", void 0);
+exports.OauthLoginInput = OauthLoginInput = __decorate([
+    (0, type_graphql_1.InputType)()
+], OauthLoginInput);

package/dist/dto/index.d.ts

@@ -9,3 +9,4 @@ export { default as UpdateEmailInput, updateEmailTransformers, updateEmailValida
 export { default as UpdateProfileInput, updateProfileTransformers, updateProfileValidators } from './UpdateProfileInput';
 export { default as SendTokenInput, sendTokenTransformers, sendTokenValidators } from './SendTokenInput';
 export { default as RecoverPasswordInput, recoverPasswordTransformers, recoverPasswordValidators } from './RecoverPasswordInput';
+export { OauthLoginInput, TelegramAuthData } from './OauthInput';

package/dist/dto/index.js

@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.recoverPasswordValidators = exports.recoverPasswordTransformers = exports.RecoverPasswordInput = exports.sendTokenValidators = exports.sendTokenTransformers = exports.SendTokenInput = exports.updateProfileValidators = exports.updateProfileTransformers = exports.UpdateProfileInput = exports.updateEmailValidators = exports.updateEmailTransformers = exports.UpdateEmailInput = exports.updatePasswordValidators = exports.updatePasswordTransformers = exports.UpdatePasswordInput = exports.SendTokenPayload = exports.StatusPayload = exports.confirmEmailValidators = exports.ConfirmEmailInput = exports.forgotPasswordValidators = exports.forgotPasswordTransformers = exports.ForgotPasswordInput = exports.authTransformers = exports.loginValidators = exports.registerValidators = exports.AuthInput = exports.passwordValidators = exports.passwordTransformers = exports.PasswordInput = void 0;
+exports.TelegramAuthData = exports.OauthLoginInput = exports.recoverPasswordValidators = exports.recoverPasswordTransformers = exports.RecoverPasswordInput = exports.sendTokenValidators = exports.sendTokenTransformers = exports.SendTokenInput = exports.updateProfileValidators = exports.updateProfileTransformers = exports.UpdateProfileInput = exports.updateEmailValidators = exports.updateEmailTransformers = exports.UpdateEmailInput = exports.updatePasswordValidators = exports.updatePasswordTransformers = exports.UpdatePasswordInput = exports.SendTokenPayload = exports.StatusPayload = exports.confirmEmailValidators = exports.ConfirmEmailInput = exports.forgotPasswordValidators = exports.forgotPasswordTransformers = exports.ForgotPasswordInput = exports.authTransformers = exports.loginValidators = exports.registerValidators = exports.AuthInput = exports.passwordValidators = exports.passwordTransformers = exports.PasswordInput = void 0;
 var PasswordInput_1 = require("./PasswordInput");
 Object.defineProperty(exports, "PasswordInput", { enumerable: true, get: function () { return __importDefault(PasswordInput_1).default; } });
 Object.defineProperty(exports, "passwordTransformers", { enumerable: true, get: function () { return PasswordInput_1.passwordTransformers; } });
@@ -44,3 +44,6 @@ var RecoverPasswordInput_1 = require("./RecoverPasswordInput");
 Object.defineProperty(exports, "RecoverPasswordInput", { enumerable: true, get: function () { return __importDefault(RecoverPasswordInput_1).default; } });
 Object.defineProperty(exports, "recoverPasswordTransformers", { enumerable: true, get: function () { return RecoverPasswordInput_1.recoverPasswordTransformers; } });
 Object.defineProperty(exports, "recoverPasswordValidators", { enumerable: true, get: function () { return RecoverPasswordInput_1.recoverPasswordValidators; } });
+var OauthInput_1 = require("./OauthInput");
+Object.defineProperty(exports, "OauthLoginInput", { enumerable: true, get: function () { return OauthInput_1.OauthLoginInput; } });
+Object.defineProperty(exports, "TelegramAuthData", { enumerable: true, get: function () { return OauthInput_1.TelegramAuthData; } });

package/dist/entities/TypeOrmBaseUser.d.ts

@@ -17,6 +17,11 @@ export declare abstract class TypeOrmBaseUser extends TypeORMBaseEntity {
     isDeleted: boolean;
     urlSlug?: string;
     telegramId: string | null;
+    googleId?: string | null;
+    vkId?: string | null;
+    yaId?: string | null;
+    mailId?: string | null;
+    appleId?: string | null;
     avatar?: string | null;
     lastSeenAt: Date;
     checkOnline(seconds: number): boolean;

package/dist/entities/TypeOrmBaseUser.js

@@ -92,6 +92,26 @@ __decorate([
     (0, typeorm_1.Column)({ type: 'varchar', nullable: true, unique: true }),
     __metadata("design:type", Object)
 ], TypeOrmBaseUser.prototype, "telegramId", void 0);
+__decorate([
+    (0, typeorm_1.Column)({ type: 'varchar', nullable: true }),
+    __metadata("design:type", Object)
+], TypeOrmBaseUser.prototype, "googleId", void 0);
+__decorate([
+    (0, typeorm_1.Column)({ type: 'varchar', nullable: true }),
+    __metadata("design:type", Object)
+], TypeOrmBaseUser.prototype, "vkId", void 0);
+__decorate([
+    (0, typeorm_1.Column)({ type: 'varchar', nullable: true }),
+    __metadata("design:type", Object)
+], TypeOrmBaseUser.prototype, "yaId", void 0);
+__decorate([
+    (0, typeorm_1.Column)({ type: 'varchar', nullable: true }),
+    __metadata("design:type", Object)
+], TypeOrmBaseUser.prototype, "mailId", void 0);
+__decorate([
+    (0, typeorm_1.Column)({ type: 'varchar', nullable: true }),
+    __metadata("design:type", Object)
+], TypeOrmBaseUser.prototype, "appleId", void 0);
 __decorate([
     (0, type_graphql_1.Field)(() => String, { nullable: true }),
     (0, typeorm_1.Column)({ type: 'varchar', nullable: true }),

package/dist/index.d.ts

@@ -6,3 +6,5 @@ export * from './services/ProfileEmailService';
 export * from './dto';
 export * from './resolvers/AuthResolver';
 export * from './resolvers/ProfileResolver';
+export * from './resolvers/createOauthResolver';
+export * from './oauth';

package/dist/index.js

@@ -22,3 +22,5 @@ __exportStar(require("./services/ProfileEmailService"), exports);
 __exportStar(require("./dto"), exports);
 __exportStar(require("./resolvers/AuthResolver"), exports);
 __exportStar(require("./resolvers/ProfileResolver"), exports);
+__exportStar(require("./resolvers/createOauthResolver"), exports);
+__exportStar(require("./oauth"), exports);

package/dist/oauth/AppleOauth.d.ts

@@ -0,0 +1,13 @@
+import { OAuthProfile, OAuthProvider } from './OAuthProvider';
+interface AppleOauthConfig {
+    clientId: string;
+    teamId: string;
+    keyId: string;
+    privateKey: string;
+}
+export declare class AppleOauth implements OAuthProvider {
+    private config;
+    constructor(config: AppleOauthConfig);
+    exchangeCode(code: string): Promise<OAuthProfile>;
+}
+export {};

package/dist/oauth/AppleOauth.js

@@ -0,0 +1,84 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AppleOauth = void 0;
+const isomorphic_unfetch_1 = __importDefault(require("isomorphic-unfetch"));
+const crypto_1 = __importDefault(require("crypto"));
+function base64urlEncode(str) {
+    const buf = typeof str === 'string' ? Buffer.from(str) : str;
+    return buf.toString('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
+}
+function generateClientSecret(config) {
+    const now = Math.floor(Date.now() / 1000);
+    const header = base64urlEncode(JSON.stringify({ alg: 'ES256', kid: config.keyId }));
+    const payload = base64urlEncode(JSON.stringify({
+        iss: config.teamId,
+        iat: now,
+        exp: now + 15777000, // ~6 months
+        aud: 'https://appleid.apple.com',
+        sub: config.clientId,
+    }));
+    const signingInput = `${header}.${payload}`;
+    const sign = crypto_1.default.createSign('SHA256');
+    sign.update(signingInput);
+    const signature = sign.sign(config.privateKey);
+    // Convert DER to base64url
+    const signatureBase64url = base64urlEncode(signature);
+    return `${signingInput}.${signatureBase64url}`;
+}
+function decodeJwtPayload(token) {
+    const parts = token.split('.');
+    if (parts.length < 2)
+        throw new Error('Invalid JWT');
+    const payload = Buffer.from(parts[1], 'base64').toString('utf8');
+    return JSON.parse(payload);
+}
+class AppleOauth {
+    constructor(config) {
+        this.config = config;
+    }
+    exchangeCode(code) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const clientSecret = generateClientSecret(this.config);
+            const tokenResponse = yield (0, isomorphic_unfetch_1.default)('https://appleid.apple.com/auth/token', {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+                body: new URLSearchParams({
+                    grant_type: 'authorization_code',
+                    client_id: this.config.clientId,
+                    client_secret: clientSecret,
+                    code,
+                }).toString(),
+            });
+            const tokenData = yield tokenResponse.json();
+            if (!tokenData.id_token) {
+                throw new Error(`Apple OAuth error: ${tokenData.error || 'no id_token'}`);
+            }
+            // Apple sends user data only on first authorization — decode from id_token
+            const idTokenPayload = decodeJwtPayload(tokenData.id_token);
+            const appleId = idTokenPayload.sub;
+            if (!appleId) {
+                throw new Error('Apple OAuth: failed to get user ID from id_token');
+            }
+            return {
+                providerId: appleId,
+                // Apple provides email only on first authorization
+                email: idTokenPayload.email || null,
+                name: null, // Apple does not provide name in id_token; handle via front-end form on first login
+                avatarUrl: null, // Apple does not provide avatar
+            };
+        });
+    }
+}
+exports.AppleOauth = AppleOauth;

package/dist/oauth/GoogleOauth.d.ts

@@ -0,0 +1,12 @@
+import { OAuthProfile, OAuthProvider } from './OAuthProvider';
+interface GoogleOauthConfig {
+    clientId: string;
+    clientSecret: string;
+    redirectUri: string;
+}
+export declare class GoogleOauth implements OAuthProvider {
+    private config;
+    constructor(config: GoogleOauthConfig);
+    exchangeCode(code: string): Promise<OAuthProfile>;
+}
+export {};

package/dist/oauth/GoogleOauth.js

@@ -0,0 +1,54 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GoogleOauth = void 0;
+const isomorphic_unfetch_1 = __importDefault(require("isomorphic-unfetch"));
+class GoogleOauth {
+    constructor(config) {
+        this.config = config;
+    }
+    exchangeCode(code) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const tokenResponse = yield (0, isomorphic_unfetch_1.default)('https://oauth2.googleapis.com/token', {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+                body: new URLSearchParams({
+                    grant_type: 'authorization_code',
+                    client_id: this.config.clientId,
+                    client_secret: this.config.clientSecret,
+                    redirect_uri: this.config.redirectUri,
+                    code,
+                }).toString(),
+            });
+            const tokenData = yield tokenResponse.json();
+            if (!tokenData.access_token) {
+                throw new Error(`Google OAuth error: ${tokenData.error_description || tokenData.error}`);
+            }
+            const userResponse = yield (0, isomorphic_unfetch_1.default)('https://www.googleapis.com/oauth2/v3/userinfo', {
+                headers: { Authorization: `Bearer ${tokenData.access_token}` },
+            });
+            const user = yield userResponse.json();
+            if (!user.sub) {
+                throw new Error('Google OAuth: failed to get user profile');
+            }
+            return {
+                providerId: user.sub,
+                email: user.email || null,
+                name: user.name || null,
+                avatarUrl: user.picture || null,
+            };
+        });
+    }
+}
+exports.GoogleOauth = GoogleOauth;

package/dist/oauth/MailOauth.d.ts

@@ -0,0 +1,12 @@
+import { OAuthProfile, OAuthProvider } from './OAuthProvider';
+interface MailOauthConfig {
+    clientId: string;
+    clientSecret: string;
+    redirectUri: string;
+}
+export declare class MailOauth implements OAuthProvider {
+    private config;
+    constructor(config: MailOauthConfig);
+    exchangeCode(code: string): Promise<OAuthProfile>;
+}
+export {};

package/dist/oauth/MailOauth.js

@@ -0,0 +1,53 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MailOauth = void 0;
+const isomorphic_unfetch_1 = __importDefault(require("isomorphic-unfetch"));
+const crypto_1 = __importDefault(require("crypto"));
+class MailOauth {
+    constructor(config) {
+        this.config = config;
+    }
+    exchangeCode(code) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const tokenResponse = yield (0, isomorphic_unfetch_1.default)('https://connect.mail.ru/oauth/token', {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+                body: `grant_type=authorization_code&client_id=${this.config.clientId}&client_secret=${this.config.clientSecret}&code=${code}&redirect_uri=${this.config.redirectUri}`,
+            });
+            const tokenData = yield tokenResponse.json();
+            if (!tokenData.access_token || !tokenData.x_mailru_vid) {
+                throw new Error(`Mail.ru OAuth error: ${tokenData.error_description || tokenData.error || 'no token'}`);
+            }
+            const mailRuId = tokenData.x_mailru_vid;
+            const sig = `app_id=${this.config.clientId}method=users.getInfosecure=1uids=${mailRuId}${this.config.clientSecret}`;
+            const md5Sig = crypto_1.default.createHash('md5').update(sig).digest('hex');
+            const infoUrl = `https://www.appsmail.ru/platform/api?sig=${md5Sig}&app_id=${this.config.clientId}&method=users.getInfo&secure=1&uids=${mailRuId}`;
+            const userResponse = yield (0, isomorphic_unfetch_1.default)(infoUrl);
+            const userData = yield userResponse.json();
+            const user = Array.isArray(userData) ? userData[0] : null;
+            if (!user) {
+                throw new Error('Mail.ru OAuth: failed to get user profile');
+            }
+            const hasAvatar = user.has_pic === 1;
+            return {
+                providerId: String(mailRuId),
+                email: user.email || null,
+                name: user.first_name || null,
+                avatarUrl: hasAvatar ? user.pic_big : null,
+            };
+        });
+    }
+}
+exports.MailOauth = MailOauth;

package/dist/oauth/OAuthProvider.d.ts

@@ -0,0 +1,9 @@
+export interface OAuthProfile {
+    providerId: string;
+    email?: string | null;
+    name?: string | null;
+    avatarUrl?: string | null;
+}
+export interface OAuthProvider {
+    exchangeCode(code: string): Promise<OAuthProfile>;
+}

package/dist/oauth/OAuthProvider.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/oauth/VKOauth.d.ts

@@ -0,0 +1,12 @@
+import { OAuthProfile, OAuthProvider } from './OAuthProvider';
+interface VKOauthConfig {
+    clientId: string;
+    clientSecret: string;
+    redirectUri: string;
+}
+export declare class VKOauth implements OAuthProvider {
+    private config;
+    constructor(config: VKOauthConfig);
+    exchangeCode(code: string): Promise<OAuthProfile>;
+}
+export {};

package/dist/oauth/VKOauth.js

@@ -0,0 +1,47 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.VKOauth = void 0;
+const isomorphic_unfetch_1 = __importDefault(require("isomorphic-unfetch"));
+class VKOauth {
+    constructor(config) {
+        this.config = config;
+    }
+    exchangeCode(code) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            const tokenResponse = yield (0, isomorphic_unfetch_1.default)(`https://oauth.vk.com/access_token?client_id=${this.config.clientId}&client_secret=${this.config.clientSecret}&redirect_uri=${this.config.redirectUri}&code=${code}`);
+            const tokenData = yield tokenResponse.json();
+            if (tokenData.error) {
+                throw new Error(`VK OAuth error: ${tokenData.error_description || tokenData.error}`);
+            }
+            if (!tokenData.access_token || !tokenData.user_id) {
+                throw new Error('VK OAuth: failed to get access token');
+            }
+            const userResponse = yield (0, isomorphic_unfetch_1.default)(`https://api.vk.com/method/users.get?user_ids=${tokenData.user_id}&fields=photo_200&access_token=${tokenData.access_token}&v=5.131`);
+            const userData = yield userResponse.json();
+            const user = (_a = userData.response) === null || _a === void 0 ? void 0 : _a[0];
+            if (!user) {
+                throw new Error('VK OAuth: failed to get user profile');
+            }
+            return {
+                providerId: String(tokenData.user_id),
+                email: tokenData.email || null,
+                name: user.first_name || null,
+                avatarUrl: user.photo_200 || null,
+            };
+        });
+    }
+}
+exports.VKOauth = VKOauth;

package/dist/oauth/YandexOauth.d.ts

@@ -0,0 +1,11 @@
+import { OAuthProfile, OAuthProvider } from './OAuthProvider';
+interface YandexOauthConfig {
+    clientId: string;
+    clientSecret: string;
+}
+export declare class YandexOauth implements OAuthProvider {
+    private config;
+    constructor(config: YandexOauthConfig);
+    exchangeCode(code: string): Promise<OAuthProfile>;
+}
+export {};

package/dist/oauth/YandexOauth.js

@@ -0,0 +1,56 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.YandexOauth = void 0;
+const isomorphic_unfetch_1 = __importDefault(require("isomorphic-unfetch"));
+class YandexOauth {
+    constructor(config) {
+        this.config = config;
+    }
+    exchangeCode(code) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const tokenResponse = yield (0, isomorphic_unfetch_1.default)('https://oauth.yandex.ru/token', {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+                body: `grant_type=authorization_code&client_id=${this.config.clientId}&client_secret=${this.config.clientSecret}&code=${code}`,
+            });
+            const tokenData = yield tokenResponse.json();
+            if (!tokenData.access_token) {
+                throw new Error(`Yandex OAuth error: ${tokenData.error_description || tokenData.error}`);
+            }
+            const userResponse = yield (0, isomorphic_unfetch_1.default)('https://login.yandex.ru/info', {
+                method: 'POST',
+                headers: {
+                    Authorization: `OAuth ${tokenData.access_token}`,
+                    'Content-Type': 'application/x-www-form-urlencoded',
+                },
+                body: 'format=json',
+            });
+            const user = yield userResponse.json();
+            if (!user.id) {
+                throw new Error('Yandex OAuth: failed to get user profile');
+            }
+            const avatarUrl = !user.is_avatar_empty
+                ? `https://avatars.yandex.net/get-yapic/${user.default_avatar_id}/islands-200`
+                : null;
+            return {
+                providerId: String(user.id),
+                email: user.default_email || null,
+                name: user.first_name || null,
+                avatarUrl,
+            };
+        });
+    }
+}
+exports.YandexOauth = YandexOauth;

package/dist/oauth/index.d.ts

@@ -0,0 +1,6 @@
+export * from './OAuthProvider';
+export * from './GoogleOauth';
+export * from './VKOauth';
+export * from './YandexOauth';
+export * from './MailOauth';
+export * from './AppleOauth';

package/dist/oauth/index.js

@@ -0,0 +1,22 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./OAuthProvider"), exports);
+__exportStar(require("./GoogleOauth"), exports);
+__exportStar(require("./VKOauth"), exports);
+__exportStar(require("./YandexOauth"), exports);
+__exportStar(require("./MailOauth"), exports);
+__exportStar(require("./AppleOauth"), exports);

package/dist/resolvers/createOauthResolver.d.ts

@@ -0,0 +1,12 @@
+import { ProfileAuthService } from '../services/ProfileAuthService';
+import { OAuthProvider } from '../oauth/OAuthProvider';
+import { ProfileContext } from '../types';
+export interface OauthResolverDependencies<TContext extends ProfileContext = ProfileContext> {
+    authService: ProfileAuthService | ((ctx: TContext) => ProfileAuthService);
+    userType: any;
+    providers: Record<string, OAuthProvider>;
+    telegramBotToken?: string;
+    onUserCreated?: (user: any, ctx: TContext) => Promise<void>;
+    onLogin?: (user: any, ctx: TContext) => Promise<void>;
+}
+export declare function createOauthResolver<TContext extends ProfileContext = ProfileContext>(deps: OauthResolverDependencies<TContext>): any;