npm - @spfn/auth - Versions diffs - 0.2.0-beta.62 → 0.2.0-beta.64 - Mend

@spfn/auth 0.2.0-beta.62 → 0.2.0-beta.64

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/{authenticate-DcOkuB7d.d.ts → authenticate-mfVRzeIK.d.ts} +121 -2
package/dist/index.d.ts +33 -3
package/dist/index.js +3 -0
package/dist/index.js.map +1 -1
package/dist/server.d.ts +177 -259
package/dist/server.js +90 -3
package/dist/server.js.map +1 -1
package/package.json +1 -1

package/dist/server.js CHANGED Viewed

@@ -9158,7 +9158,13 @@ var userRouter = defineRouter3({
 init_esm();
 init_types();
 import { Transactional as Transactional2 } from "@spfn/core/db";
+import { ValidationError as ValidationError4 } from "@spfn/core/errors";
 import { defineRouter as defineRouter4, route as route4 } from "@spfn/core/route";
+var providerParams = Type.Object({
+  provider: Type.Union(SOCIAL_PROVIDERS.map((p) => Type.Literal(p)), {
+    description: "OAuth provider id (google, github, kakao, naver, superself)"
+  })
+});
 var oauthGoogleStart = route4.get("/_auth/oauth/google").input({
   query: Type.Object({
     state: Type.String({
@@ -9255,10 +9261,12 @@ var getGoogleOAuthUrl = route4.post("/_auth/oauth/google/url").input({
 }).skip(["auth"]).handler(async (c) => {
   const { body } = await c.data();
   if (!isGoogleOAuthEnabled()) {
-    throw new Error("Google OAuth is not configured");
+    throw new ValidationError4({ message: "Google OAuth is not configured" });
   }
   if (!body.state) {
-    throw new Error("OAuth state is required. Ensure the OAuth interceptor is configured.");
+    throw new ValidationError4({
+      message: "OAuth state is required. Ensure the OAuth interceptor is configured."
+    });
   }
   return { authUrl: getGoogleAuthUrl(body.state) };
 });
@@ -9277,13 +9285,88 @@ var oauthFinalize = route4.post("/_auth/oauth/finalize").input({
     returnUrl: body.returnUrl || "/"
   };
 });
+var oauthProviderStart = route4.get("/_auth/oauth/:provider").input({
+  params: providerParams,
+  query: Type.Object({
+    state: Type.String({
+      description: "Encrypted OAuth state (returnUrl, publicKey, keyId, fingerprint, algorithm)"
+    })
+  })
+}).skip(["auth"]).handler(async (c) => {
+  const { params, query } = await c.data();
+  const provider = getOAuthProvider(params.provider);
+  if (!provider?.isEnabled()) {
+    return c.redirect(buildOAuthErrorUrl(`OAuth provider '${params.provider}' is not configured`));
+  }
+  return c.redirect(provider.getAuthUrl(query.state));
+});
+var oauthProviderCallback = route4.get("/_auth/oauth/:provider/callback").input({
+  params: providerParams,
+  query: Type.Object({
+    code: Type.Optional(Type.String({
+      description: "Authorization code from provider"
+    })),
+    state: Type.Optional(Type.String({
+      description: "OAuth state parameter"
+    })),
+    error: Type.Optional(Type.String({
+      description: "Error code from provider"
+    })),
+    error_description: Type.Optional(Type.String({
+      description: "Error description from provider"
+    }))
+  })
+}).use([Transactional2()]).skip(["auth"]).handler(async (c) => {
+  const { params, query } = await c.data();
+  if (query.error) {
+    const errorMessage = query.error_description || query.error;
+    return c.redirect(buildOAuthErrorUrl(errorMessage));
+  }
+  if (!query.code || !query.state) {
+    return c.redirect(buildOAuthErrorUrl("Missing authorization code or state"));
+  }
+  try {
+    const result = await oauthCallbackService({
+      provider: params.provider,
+      code: query.code,
+      state: query.state
+    });
+    return c.redirect(result.redirectUrl);
+  } catch (err) {
+    const message = err instanceof Error ? err.message : "OAuth callback failed";
+    return c.redirect(buildOAuthErrorUrl(message));
+  }
+});
+var getProviderOAuthUrl = route4.post("/_auth/oauth/:provider/url").input({
+  params: providerParams,
+  body: Type.Object({
+    returnUrl: Type.Optional(Type.String({
+      description: "URL to redirect after OAuth success"
+    })),
+    state: Type.Optional(Type.String({
+      description: "Encrypted OAuth state (injected by interceptor)"
+    }))
+  })
+}).skip(["auth"]).handler(async (c) => {
+  const { params, body } = await c.data();
+  const provider = requireEnabledProvider(params.provider);
+  if (!body.state) {
+    throw new ValidationError4({
+      message: "OAuth state is required. Ensure the OAuth interceptor is configured."
+    });
+  }
+  return { authUrl: provider.getAuthUrl(body.state) };
+});
 var oauthRouter = defineRouter4({
   oauthGoogleStart,
   oauthGoogleCallback,
   oauthStart,
   oauthProviders,
   getGoogleOAuthUrl,
-  oauthFinalize
+  oauthFinalize,
+  oauthProviderStart,
+  oauthProviderCallback,
+  getProviderOAuthUrl
 });
 // src/server/routes/admin/index.ts
@@ -9403,6 +9486,9 @@ var mainAuthRouter = defineRouter5({
   oauthProviders,
   getGoogleOAuthUrl,
   oauthFinalize,
+  oauthProviderStart,
+  oauthProviderCallback,
+  getProviderOAuthUrl,
   // Invitation routes
   getInvitation,
   acceptInvitation: acceptInvitation2,
@@ -9876,6 +9962,7 @@ export {
   registerService,
   removePermissionFromRole,
   requireAnyPermission,
+  requireEnabledProvider,
   requirePermissions,
   requireRole,
   resendInvitation,