@vynelix/nestjs-multi-auth 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (226) hide show
  1. package/README.md +760 -0
  2. package/bin/cli.js +152 -0
  3. package/dist/auth/auth-type.enum.d.ts +22 -0
  4. package/dist/auth/auth-type.enum.js +32 -0
  5. package/dist/auth/auth-type.enum.js.map +1 -0
  6. package/dist/auth/auth.controller.d.ts +70 -0
  7. package/dist/auth/auth.controller.js +434 -0
  8. package/dist/auth/auth.controller.js.map +1 -0
  9. package/dist/auth/auth.module.d.ts +9 -0
  10. package/dist/auth/auth.module.js +193 -0
  11. package/dist/auth/auth.module.js.map +1 -0
  12. package/dist/auth/auth.service.d.ts +180 -0
  13. package/dist/auth/auth.service.js +695 -0
  14. package/dist/auth/auth.service.js.map +1 -0
  15. package/dist/auth/core/auth-mapper.d.ts +6 -0
  16. package/dist/auth/core/auth-mapper.js +17 -0
  17. package/dist/auth/core/auth-mapper.js.map +1 -0
  18. package/dist/auth/core/jwt.strategy.d.ts +13 -0
  19. package/dist/auth/core/jwt.strategy.js +59 -0
  20. package/dist/auth/core/jwt.strategy.js.map +1 -0
  21. package/dist/auth/core/registration.d.ts +3 -0
  22. package/dist/auth/core/registration.js +60 -0
  23. package/dist/auth/core/registration.js.map +1 -0
  24. package/dist/auth/current-user-interface.d.ts +4 -0
  25. package/dist/auth/current-user-interface.js +4 -0
  26. package/dist/auth/current-user-interface.js.map +1 -0
  27. package/dist/auth/current-user.decorator.d.ts +2 -0
  28. package/dist/auth/current-user.decorator.js +16 -0
  29. package/dist/auth/current-user.decorator.js.map +1 -0
  30. package/dist/auth/decorator/current-user.decorator.d.ts +2 -0
  31. package/dist/auth/decorator/current-user.decorator.js +13 -0
  32. package/dist/auth/decorator/current-user.decorator.js.map +1 -0
  33. package/dist/auth/decorator/email-or-phone.decorator.d.ts +2 -0
  34. package/dist/auth/decorator/email-or-phone.decorator.js +26 -0
  35. package/dist/auth/decorator/email-or-phone.decorator.js.map +1 -0
  36. package/dist/auth/decorator/optional.decorator.d.ts +2 -0
  37. package/dist/auth/decorator/optional.decorator.js +9 -0
  38. package/dist/auth/decorator/optional.decorator.js.map +1 -0
  39. package/dist/auth/decorator/public.decorator.d.ts +2 -0
  40. package/dist/auth/decorator/public.decorator.js +9 -0
  41. package/dist/auth/decorator/public.decorator.js.map +1 -0
  42. package/dist/auth/dto/auth-response.dto.d.ts +17 -0
  43. package/dist/auth/dto/auth-response.dto.js +83 -0
  44. package/dist/auth/dto/auth-response.dto.js.map +1 -0
  45. package/dist/auth/dto/identifier-response.dto.d.ts +8 -0
  46. package/dist/auth/dto/identifier-response.dto.js +46 -0
  47. package/dist/auth/dto/identifier-response.dto.js.map +1 -0
  48. package/dist/auth/dto/login.dto.d.ts +11 -0
  49. package/dist/auth/dto/login.dto.js +68 -0
  50. package/dist/auth/dto/login.dto.js.map +1 -0
  51. package/dist/auth/dto/mfa.dto.d.ts +8 -0
  52. package/dist/auth/dto/mfa.dto.js +51 -0
  53. package/dist/auth/dto/mfa.dto.js.map +1 -0
  54. package/dist/auth/dto/oauth-provider-response.dto.d.ts +5 -0
  55. package/dist/auth/dto/oauth-provider-response.dto.js +30 -0
  56. package/dist/auth/dto/oauth-provider-response.dto.js.map +1 -0
  57. package/dist/auth/dto/refresh-token.dto.d.ts +3 -0
  58. package/dist/auth/dto/refresh-token.dto.js +28 -0
  59. package/dist/auth/dto/refresh-token.dto.js.map +1 -0
  60. package/dist/auth/dto/requests/forgot-password.dto.d.ts +5 -0
  61. package/dist/auth/dto/requests/forgot-password.dto.js +36 -0
  62. package/dist/auth/dto/requests/forgot-password.dto.js.map +1 -0
  63. package/dist/auth/dto/requests/login.dto.d.ts +11 -0
  64. package/dist/auth/dto/requests/login.dto.js +68 -0
  65. package/dist/auth/dto/requests/login.dto.js.map +1 -0
  66. package/dist/auth/dto/requests/magic-link.dto.d.ts +6 -0
  67. package/dist/auth/dto/requests/magic-link.dto.js +33 -0
  68. package/dist/auth/dto/requests/magic-link.dto.js.map +1 -0
  69. package/dist/auth/dto/requests/mfa.dto.d.ts +8 -0
  70. package/dist/auth/dto/requests/mfa.dto.js +51 -0
  71. package/dist/auth/dto/requests/mfa.dto.js.map +1 -0
  72. package/dist/auth/dto/requests/refresh-token.dto.d.ts +3 -0
  73. package/dist/auth/dto/requests/refresh-token.dto.js +29 -0
  74. package/dist/auth/dto/requests/refresh-token.dto.js.map +1 -0
  75. package/dist/auth/dto/requests/reset-password.dto.d.ts +5 -0
  76. package/dist/auth/dto/requests/reset-password.dto.js +36 -0
  77. package/dist/auth/dto/requests/reset-password.dto.js.map +1 -0
  78. package/dist/auth/dto/requests/secure-account.dto.d.ts +3 -0
  79. package/dist/auth/dto/requests/secure-account.dto.js +24 -0
  80. package/dist/auth/dto/requests/secure-account.dto.js.map +1 -0
  81. package/dist/auth/dto/requests/signup.dto.d.ts +13 -0
  82. package/dist/auth/dto/requests/signup.dto.js +70 -0
  83. package/dist/auth/dto/requests/signup.dto.js.map +1 -0
  84. package/dist/auth/dto/requests/update-password.dto.d.ts +4 -0
  85. package/dist/auth/dto/requests/update-password.dto.js +30 -0
  86. package/dist/auth/dto/requests/update-password.dto.js.map +1 -0
  87. package/dist/auth/dto/requests/verify.dto.d.ts +7 -0
  88. package/dist/auth/dto/requests/verify.dto.js +48 -0
  89. package/dist/auth/dto/requests/verify.dto.js.map +1 -0
  90. package/dist/auth/dto/responses/auth-response.dto.d.ts +17 -0
  91. package/dist/auth/dto/responses/auth-response.dto.js +83 -0
  92. package/dist/auth/dto/responses/auth-response.dto.js.map +1 -0
  93. package/dist/auth/dto/responses/identifier-response.dto.d.ts +10 -0
  94. package/dist/auth/dto/responses/identifier-response.dto.js +56 -0
  95. package/dist/auth/dto/responses/identifier-response.dto.js.map +1 -0
  96. package/dist/auth/dto/responses/oauth-provider-response.dto.d.ts +10 -0
  97. package/dist/auth/dto/responses/oauth-provider-response.dto.js +55 -0
  98. package/dist/auth/dto/responses/oauth-provider-response.dto.js.map +1 -0
  99. package/dist/auth/dto/signup.dto.d.ts +13 -0
  100. package/dist/auth/dto/signup.dto.js +70 -0
  101. package/dist/auth/dto/signup.dto.js.map +1 -0
  102. package/dist/auth/dto/verify.dto.d.ts +7 -0
  103. package/dist/auth/dto/verify.dto.js +48 -0
  104. package/dist/auth/dto/verify.dto.js.map +1 -0
  105. package/dist/auth/entities/auth-identify.entity.d.ts +33 -0
  106. package/dist/auth/entities/auth-identify.entity.js +73 -0
  107. package/dist/auth/entities/auth-identify.entity.js.map +1 -0
  108. package/dist/auth/entities/auth.entity.d.ts +45 -0
  109. package/dist/auth/entities/auth.entity.js +129 -0
  110. package/dist/auth/entities/auth.entity.js.map +1 -0
  111. package/dist/auth/entities/base.entity.d.ts +6 -0
  112. package/dist/auth/entities/base.entity.js +41 -0
  113. package/dist/auth/entities/base.entity.js.map +1 -0
  114. package/dist/auth/entities/mfa-method.entity.d.ts +23 -0
  115. package/dist/auth/entities/mfa-method.entity.js +69 -0
  116. package/dist/auth/entities/mfa-method.entity.js.map +1 -0
  117. package/dist/auth/entities/oauth-provider.entity.d.ts +38 -0
  118. package/dist/auth/entities/oauth-provider.entity.js +88 -0
  119. package/dist/auth/entities/oauth-provider.entity.js.map +1 -0
  120. package/dist/auth/entities/otp-token.entity.d.ts +22 -0
  121. package/dist/auth/entities/otp-token.entity.js +61 -0
  122. package/dist/auth/entities/otp-token.entity.js.map +1 -0
  123. package/dist/auth/entities/session.entity.d.ts +19 -0
  124. package/dist/auth/entities/session.entity.js +65 -0
  125. package/dist/auth/entities/session.entity.js.map +1 -0
  126. package/dist/auth/enums/auth-type.enum.d.ts +23 -0
  127. package/dist/auth/enums/auth-type.enum.js +34 -0
  128. package/dist/auth/enums/auth-type.enum.js.map +1 -0
  129. package/dist/auth/guards/jwt-auth.guard.d.ts +10 -0
  130. package/dist/auth/guards/jwt-auth.guard.js +68 -0
  131. package/dist/auth/guards/jwt-auth.guard.js.map +1 -0
  132. package/dist/auth/guards/optional-auth.guard.d.ts +8 -0
  133. package/dist/auth/guards/optional-auth.guard.js +45 -0
  134. package/dist/auth/guards/optional-auth.guard.js.map +1 -0
  135. package/dist/auth/guards/ws-jwt-auth.guard.d.ts +0 -0
  136. package/dist/auth/guards/ws-jwt-auth.guard.js +31 -0
  137. package/dist/auth/guards/ws-jwt-auth.guard.js.map +1 -0
  138. package/dist/auth/interfaces/auth-module-async-options.interface.d.ts +7 -0
  139. package/dist/auth/interfaces/auth-module-async-options.interface.js +3 -0
  140. package/dist/auth/interfaces/auth-module-async-options.interface.js.map +1 -0
  141. package/dist/auth/interfaces/auth-module-options.interface.d.ts +132 -0
  142. package/dist/auth/interfaces/auth-module-options.interface.js +5 -0
  143. package/dist/auth/interfaces/auth-module-options.interface.js.map +1 -0
  144. package/dist/auth/interfaces/auth-notification-provider.interface.d.ts +29 -0
  145. package/dist/auth/interfaces/auth-notification-provider.interface.js +5 -0
  146. package/dist/auth/interfaces/auth-notification-provider.interface.js.map +1 -0
  147. package/dist/auth/interfaces/auth-user-service.interface.d.ts +13 -0
  148. package/dist/auth/interfaces/auth-user-service.interface.js +7 -0
  149. package/dist/auth/interfaces/auth-user-service.interface.js.map +1 -0
  150. package/dist/auth/interfaces/current-user-interface.d.ts +4 -0
  151. package/dist/auth/interfaces/current-user-interface.js +4 -0
  152. package/dist/auth/interfaces/current-user-interface.js.map +1 -0
  153. package/dist/auth/interfaces/current-user.decorator.d.ts +2 -0
  154. package/dist/auth/interfaces/current-user.decorator.js +16 -0
  155. package/dist/auth/interfaces/current-user.decorator.js.map +1 -0
  156. package/dist/auth/interfaces/jwt-payload-interface.d.ts +4 -0
  157. package/dist/auth/interfaces/jwt-payload-interface.js +3 -0
  158. package/dist/auth/interfaces/jwt-payload-interface.js.map +1 -0
  159. package/dist/auth/interfaces/oauth-strategy.interface.d.ts +14 -0
  160. package/dist/auth/interfaces/oauth-strategy.interface.js +3 -0
  161. package/dist/auth/interfaces/oauth-strategy.interface.js.map +1 -0
  162. package/dist/auth/jwt-payload-interface.d.ts +4 -0
  163. package/dist/auth/jwt-payload-interface.js +3 -0
  164. package/dist/auth/jwt-payload-interface.js.map +1 -0
  165. package/dist/auth/jwt.strategy.d.ts +13 -0
  166. package/dist/auth/jwt.strategy.js +60 -0
  167. package/dist/auth/jwt.strategy.js.map +1 -0
  168. package/dist/auth/strategies/company.strategy.d.ts +0 -0
  169. package/dist/auth/strategies/company.strategy.js +1 -0
  170. package/dist/auth/strategies/company.strategy.js.map +1 -0
  171. package/dist/auth/strategies/google.strategy.d.ts +7 -0
  172. package/dist/auth/strategies/google.strategy.js +23 -0
  173. package/dist/auth/strategies/google.strategy.js.map +1 -0
  174. package/dist/auth/strategies/local-auth.strategy.d.ts +24 -0
  175. package/dist/auth/strategies/local-auth.strategy.js +244 -0
  176. package/dist/auth/strategies/local-auth.strategy.js.map +1 -0
  177. package/dist/auth/strategies/oauth/apple.strategy.d.ts +27 -0
  178. package/dist/auth/strategies/oauth/apple.strategy.js +176 -0
  179. package/dist/auth/strategies/oauth/apple.strategy.js.map +1 -0
  180. package/dist/auth/strategies/oauth/facebook.strategy.d.ts +24 -0
  181. package/dist/auth/strategies/oauth/facebook.strategy.js +150 -0
  182. package/dist/auth/strategies/oauth/facebook.strategy.js.map +1 -0
  183. package/dist/auth/strategies/oauth/google.strategy.d.ts +25 -0
  184. package/dist/auth/strategies/oauth/google.strategy.js +225 -0
  185. package/dist/auth/strategies/oauth/google.strategy.js.map +1 -0
  186. package/dist/auth/strategies/oauth/oauth-strategy.interface.d.ts +14 -0
  187. package/dist/auth/strategies/oauth/oauth-strategy.interface.js +3 -0
  188. package/dist/auth/strategies/oauth/oauth-strategy.interface.js.map +1 -0
  189. package/dist/auth/strategies/oauth/oauth.strategy.d.ts +25 -0
  190. package/dist/auth/strategies/oauth/oauth.strategy.js +70 -0
  191. package/dist/auth/strategies/oauth/oauth.strategy.js.map +1 -0
  192. package/dist/auth/strategies/otp.strategy.d.ts +7 -0
  193. package/dist/auth/strategies/otp.strategy.js +23 -0
  194. package/dist/auth/strategies/otp.strategy.js.map +1 -0
  195. package/dist/auth/strategies/password.strategy.d.ts +14 -0
  196. package/dist/auth/strategies/password.strategy.js +130 -0
  197. package/dist/auth/strategies/password.strategy.js.map +1 -0
  198. package/dist/auth/utils/duration.util.d.ts +8 -0
  199. package/dist/auth/utils/duration.util.js +29 -0
  200. package/dist/auth/utils/duration.util.js.map +1 -0
  201. package/dist/index.d.ts +21 -0
  202. package/dist/index.js +39 -0
  203. package/dist/index.js.map +1 -0
  204. package/dist/migrations/auth-entities.d.ts +7 -0
  205. package/dist/migrations/auth-entities.js +18 -0
  206. package/dist/migrations/auth-entities.js.map +1 -0
  207. package/dist/migrations/auth-schema.initializer.d.ts +9 -0
  208. package/dist/migrations/auth-schema.initializer.js +36 -0
  209. package/dist/migrations/auth-schema.initializer.js.map +1 -0
  210. package/dist/migrations/auth.migration.v1.d.ts +12 -0
  211. package/dist/migrations/auth.migration.v1.js +157 -0
  212. package/dist/migrations/auth.migration.v1.js.map +1 -0
  213. package/dist/migrations/auth.migration.v2.d.ts +8 -0
  214. package/dist/migrations/auth.migration.v2.js +39 -0
  215. package/dist/migrations/auth.migration.v2.js.map +1 -0
  216. package/dist/migrations/auth.migrations.d.ts +2 -0
  217. package/dist/migrations/auth.migrations.js +8 -0
  218. package/dist/migrations/auth.migrations.js.map +1 -0
  219. package/dist/migrations/migration.runner.d.ts +9 -0
  220. package/dist/migrations/migration.runner.js +67 -0
  221. package/dist/migrations/migration.runner.js.map +1 -0
  222. package/dist/migrations/migration.service.d.ts +9 -0
  223. package/dist/migrations/migration.service.js +71 -0
  224. package/dist/migrations/migration.service.js.map +1 -0
  225. package/dist/tsconfig.tsbuildinfo +1 -0
  226. package/package.json +82 -0
@@ -0,0 +1 @@
1
+ {"version":3,"file":"jwt-payload-interface.js","sourceRoot":"","sources":["../../src/auth/jwt-payload-interface.ts"],"names":[],"mappings":""}
@@ -0,0 +1,13 @@
1
+ import { Strategy } from 'passport-jwt';
2
+ import { AuthModuleOptions } from './interfaces/auth-module-options.interface';
3
+ import { JwtPayload } from './jwt-payload-interface';
4
+ declare const JwtStrategy_base: new (...args: [opt: import("passport-jwt").StrategyOptionsWithoutRequest] | [opt: import("passport-jwt").StrategyOptionsWithRequest]) => Strategy & {
5
+ validate(...args: any[]): unknown;
6
+ };
7
+ export declare class JwtStrategy extends JwtStrategy_base {
8
+ private options;
9
+ private readonly logger;
10
+ constructor(options: AuthModuleOptions);
11
+ validate(payload: JwtPayload): Promise<any>;
12
+ }
13
+ export {};
@@ -0,0 +1,60 @@
1
+ "use strict";
2
+ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
+ var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
+ if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
5
+ else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
6
+ return c > 3 && r && Object.defineProperty(target, key, r), r;
7
+ };
8
+ var __metadata = (this && this.__metadata) || function (k, v) {
9
+ if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
+ };
11
+ var __param = (this && this.__param) || function (paramIndex, decorator) {
12
+ return function (target, key) { decorator(target, key, paramIndex); }
13
+ };
14
+ var JwtStrategy_1;
15
+ Object.defineProperty(exports, "__esModule", { value: true });
16
+ exports.JwtStrategy = void 0;
17
+ // src/auth/jwt.strategy.ts
18
+ const common_1 = require("@nestjs/common");
19
+ const passport_1 = require("@nestjs/passport");
20
+ const passport_jwt_1 = require("passport-jwt");
21
+ const auth_module_options_interface_1 = require("./interfaces/auth-module-options.interface");
22
+ const common_2 = require("@nestjs/common");
23
+ let JwtStrategy = JwtStrategy_1 = class JwtStrategy extends (0, passport_1.PassportStrategy)(passport_jwt_1.Strategy) {
24
+ constructor(options) {
25
+ const cookieExtractor = (req) => {
26
+ if (!req || !req.cookies) {
27
+ return null;
28
+ }
29
+ const cookies = req.cookies;
30
+ const token = cookies?.access_token ?? null;
31
+ return typeof token === 'string' ? token : null;
32
+ };
33
+ super({
34
+ jwtFromRequest: passport_jwt_1.ExtractJwt.fromExtractors([
35
+ cookieExtractor,
36
+ passport_jwt_1.ExtractJwt.fromAuthHeaderAsBearerToken(),
37
+ ]),
38
+ ignoreExpiration: false,
39
+ secretOrKey: options.jwtSecret || process.env.JWT_SECRET || 'changeme',
40
+ });
41
+ this.options = options;
42
+ this.logger = new common_1.Logger(JwtStrategy_1.name);
43
+ }
44
+ async validate(payload) {
45
+ this.logger.log(`JWT payload: ${JSON.stringify(payload)}`);
46
+ // In Identity-Only mode, req.user is the token payload.
47
+ // The application uses the 'sub' (uid) to link to its own user record.
48
+ return {
49
+ uid: payload.sub,
50
+ sessionId: payload.sessionId,
51
+ };
52
+ }
53
+ };
54
+ exports.JwtStrategy = JwtStrategy;
55
+ exports.JwtStrategy = JwtStrategy = JwtStrategy_1 = __decorate([
56
+ (0, common_1.Injectable)(),
57
+ __param(0, (0, common_2.Inject)(auth_module_options_interface_1.AUTH_MODULE_OPTIONS)),
58
+ __metadata("design:paramtypes", [Object])
59
+ ], JwtStrategy);
60
+ //# sourceMappingURL=jwt.strategy.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"jwt.strategy.js","sourceRoot":"","sources":["../../src/auth/jwt.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2BAA2B;AAC3B,2CAAoD;AACpD,+CAAoD;AACpD,+CAAoD;AACpD,8FAAoG;AACpG,2CAAwC;AAKjC,IAAM,WAAW,mBAAjB,MAAM,WAAY,SAAQ,IAAA,2BAAgB,EAAC,uBAAQ,CAAC;IAGzD,YAC+B,OAAkC;QAE/D,MAAM,eAAe,GAAG,CAAC,GAAY,EAAiB,EAAE;YACtD,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;gBACzB,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,OAAO,GAAG,GAAG,CAAC,OAAwC,CAAC;YAC7D,MAAM,KAAK,GAAG,OAAO,EAAE,YAAY,IAAI,IAAI,CAAC;YAC5C,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;QAClD,CAAC,CAAC;QACF,KAAK,CAAC;YACJ,cAAc,EAAE,yBAAU,CAAC,cAAc,CAAC;gBACxC,eAAe;gBACf,yBAAU,CAAC,2BAA2B,EAAE;aACzC,CAAC;YACF,gBAAgB,EAAE,KAAK;YACvB,WAAW,EAAE,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,UAAU;SACvE,CAAC,CAAC;QAlBkC,YAAO,GAAP,OAAO,CAAmB;QAHhD,WAAM,GAAG,IAAI,eAAM,CAAC,aAAW,CAAC,IAAI,CAAC,CAAC;IAsBvD,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,OAAmB;QAChC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAE3D,wDAAwD;QACxD,uEAAuE;QACvE,OAAO;YACL,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,SAAS,EAAE,OAAO,CAAC,SAAS;SAC7B,CAAC;IACJ,CAAC;CACF,CAAA;AAnCY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;IAKR,WAAA,IAAA,eAAM,EAAC,mDAAmB,CAAC,CAAA;;GAJnB,WAAW,CAmCvB"}
File without changes
@@ -0,0 +1 @@
1
+ //# sourceMappingURL=company.strategy.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"company.strategy.js","sourceRoot":"","sources":["../../../src/auth/strategies/company.strategy.ts"],"names":[],"mappings":""}
@@ -0,0 +1,7 @@
1
+ import { LoginDto } from '../dto/login.dto';
2
+ import { SignupDto } from '../dto/signup.dto';
3
+ import { Auth } from '../entities/auth.entity';
4
+ export declare class GoogleAuthStrategy {
5
+ registerCredentials(dto: SignupDto, uid?: string): Promise<Auth>;
6
+ login(dto: LoginDto): Promise<Auth>;
7
+ }
@@ -0,0 +1,23 @@
1
+ "use strict";
2
+ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
+ var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
+ if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
5
+ else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
6
+ return c > 3 && r && Object.defineProperty(target, key, r), r;
7
+ };
8
+ Object.defineProperty(exports, "__esModule", { value: true });
9
+ exports.GoogleAuthStrategy = void 0;
10
+ const common_1 = require("@nestjs/common");
11
+ let GoogleAuthStrategy = class GoogleAuthStrategy {
12
+ async registerCredentials(dto, uid) {
13
+ throw new Error('Not implemented');
14
+ }
15
+ async login(dto) {
16
+ throw new Error('Not implemented');
17
+ }
18
+ };
19
+ exports.GoogleAuthStrategy = GoogleAuthStrategy;
20
+ exports.GoogleAuthStrategy = GoogleAuthStrategy = __decorate([
21
+ (0, common_1.Injectable)()
22
+ ], GoogleAuthStrategy);
23
+ //# sourceMappingURL=google.strategy.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"google.strategy.js","sourceRoot":"","sources":["../../../src/auth/strategies/google.strategy.ts"],"names":[],"mappings":";;;;;;;;;AAEA,2CAA4C;AAMrC,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IAC7B,KAAK,CAAC,mBAAmB,CAAC,GAAc,EAAE,GAAY;QAGpD,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,GAAa;QAEvB,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACrC,CAAC;CACF,CAAA;AAXY,gDAAkB;6BAAlB,kBAAkB;IAD9B,IAAA,mBAAU,GAAE;GACA,kBAAkB,CAW9B"}
@@ -0,0 +1,24 @@
1
+ import { DataSource, Repository } from 'typeorm';
2
+ import { LoginDto } from '../dto/requests/login.dto';
3
+ import { SignupDto } from '../dto/requests/signup.dto';
4
+ import { AuthModuleOptions } from '../interfaces/auth-module-options.interface';
5
+ import { Auth } from '../entities/auth.entity';
6
+ import { AuthIdentifier } from '../entities/auth-identify.entity';
7
+ export declare class LocalAuthStrategy {
8
+ private readonly dataSource;
9
+ private authRepo;
10
+ private identifierRepo;
11
+ private options;
12
+ constructor(dataSource: DataSource, authRepo: Repository<Auth>, identifierRepo: Repository<AuthIdentifier>, options: AuthModuleOptions);
13
+ private readonly logger;
14
+ private validatePhoneFormat;
15
+ private requiresPassword;
16
+ registerCredentials(dto: SignupDto, uid?: string): Promise<{
17
+ auth: Auth;
18
+ identifier?: AuthIdentifier;
19
+ }>;
20
+ login(dto: LoginDto): Promise<{
21
+ auth: Auth;
22
+ identifier?: AuthIdentifier;
23
+ }>;
24
+ }
@@ -0,0 +1,244 @@
1
+ "use strict";
2
+ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
+ var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
+ if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
5
+ else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
6
+ return c > 3 && r && Object.defineProperty(target, key, r), r;
7
+ };
8
+ var __metadata = (this && this.__metadata) || function (k, v) {
9
+ if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
+ };
11
+ var __param = (this && this.__param) || function (paramIndex, decorator) {
12
+ return function (target, key) { decorator(target, key, paramIndex); }
13
+ };
14
+ var LocalAuthStrategy_1;
15
+ Object.defineProperty(exports, "__esModule", { value: true });
16
+ exports.LocalAuthStrategy = void 0;
17
+ const common_1 = require("@nestjs/common");
18
+ const typeorm_1 = require("typeorm");
19
+ const typeorm_2 = require("@nestjs/typeorm");
20
+ const bcrypt = require("bcrypt");
21
+ const crypto = require("crypto");
22
+ const auth_module_options_interface_1 = require("../interfaces/auth-module-options.interface");
23
+ const common_2 = require("@nestjs/common");
24
+ // Entities
25
+ const auth_entity_1 = require("../entities/auth.entity");
26
+ const auth_identify_entity_1 = require("../entities/auth-identify.entity");
27
+ // Enums
28
+ const auth_type_enum_1 = require("../enums/auth-type.enum"); // Ensure this path is correct
29
+ // Services / DTOs
30
+ let LocalAuthStrategy = LocalAuthStrategy_1 = class LocalAuthStrategy {
31
+ constructor(dataSource, authRepo, identifierRepo, options) {
32
+ this.dataSource = dataSource;
33
+ this.authRepo = authRepo;
34
+ this.identifierRepo = identifierRepo;
35
+ this.options = options;
36
+ this.logger = new common_1.Logger(LocalAuthStrategy_1.name);
37
+ }
38
+ validatePhoneFormat(phone) {
39
+ const prefixes = this.options.allowedPhonePrefixes;
40
+ if (!prefixes || prefixes.length === 0)
41
+ return;
42
+ const matches = prefixes.some((prefix) => phone.startsWith(prefix));
43
+ if (!matches) {
44
+ throw new common_1.BadRequestException(`Phone number must start with ${prefixes.length > 1 ? 'one of these prefixes' : 'this prefix'}: ${prefixes.join(', ')}`);
45
+ }
46
+ }
47
+ requiresPassword(type) {
48
+ switch (type) {
49
+ case auth_identify_entity_1.IdentifierType.EMAIL:
50
+ case 'EMAIL':
51
+ return this.options.emailRequiresPassword ?? true;
52
+ case auth_identify_entity_1.IdentifierType.PHONE:
53
+ case 'PHONE':
54
+ return this.options.phoneRequiresPassword ?? false;
55
+ case auth_identify_entity_1.IdentifierType.USERNAME:
56
+ case 'USERNAME':
57
+ return this.options.usernameRequiresPassword ?? true;
58
+ default:
59
+ return true;
60
+ }
61
+ }
62
+ async registerCredentials(dto, uid) {
63
+ const enabledStrategies = this.options.enabledStrategies || Object.values(auth_type_enum_1.AuthStrategy);
64
+ // 1. Validation of identifiers against enabled strategies
65
+ if (dto.email && !enabledStrategies.includes(auth_type_enum_1.AuthStrategy.EMAIL) && !enabledStrategies.includes(auth_type_enum_1.AuthStrategy.LOCAL)) {
66
+ throw new common_1.BadRequestException('Email authentication is currently disabled.');
67
+ }
68
+ if (dto.phone && !enabledStrategies.includes(auth_type_enum_1.AuthStrategy.PHONE) && !enabledStrategies.includes(auth_type_enum_1.AuthStrategy.LOCAL)) {
69
+ throw new common_1.BadRequestException('Phone authentication is currently disabled.');
70
+ }
71
+ if (dto.username && !enabledStrategies.includes(auth_type_enum_1.AuthStrategy.USERNAME) && !enabledStrategies.includes(auth_type_enum_1.AuthStrategy.LOCAL)) {
72
+ throw new common_1.BadRequestException('Username authentication is currently disabled.');
73
+ }
74
+ if (!dto.email && !dto.phone && !dto.username) {
75
+ throw new common_1.BadRequestException('Email, phone or username is required');
76
+ }
77
+ if (dto.phone) {
78
+ this.validatePhoneFormat(dto.phone);
79
+ }
80
+ const emailReq = dto.email ? this.requiresPassword('EMAIL') : false;
81
+ const phoneReq = dto.phone ? this.requiresPassword('PHONE') : false;
82
+ const userReq = dto.username ? this.requiresPassword('USERNAME') : false;
83
+ const passwordRequired = emailReq || phoneReq || userReq;
84
+ if (!dto.password && passwordRequired) {
85
+ throw new common_1.BadRequestException('Password is required');
86
+ }
87
+ // 2. Prepare the list of identifiers we want to claim
88
+ const identifiersToCheck = [];
89
+ if (dto.email)
90
+ identifiersToCheck.push(dto.email.toLowerCase());
91
+ if (dto.phone)
92
+ identifiersToCheck.push(dto.phone);
93
+ if (dto.username)
94
+ identifiersToCheck.push(dto.username.toLowerCase());
95
+ return this.dataSource.transaction(async (manager) => {
96
+ const authIdentifierRepo = manager.getRepository(auth_identify_entity_1.AuthIdentifier);
97
+ const authRepo = manager.getRepository(auth_entity_1.Auth);
98
+ // 3. 🔒 Check uniqueness
99
+ const existing = await authIdentifierRepo.findOne({
100
+ where: { value: (0, typeorm_1.In)(identifiersToCheck) },
101
+ });
102
+ if (existing) {
103
+ if (existing.type === auth_identify_entity_1.IdentifierType.PHONE) {
104
+ throw new common_1.BadRequestException('Unable to signup with those credentials. Try changing phone number');
105
+ }
106
+ if (existing.type === auth_identify_entity_1.IdentifierType.EMAIL) {
107
+ throw new common_1.BadRequestException('Unable to signup with those credentials. Try changing email');
108
+ }
109
+ if (existing.type === auth_identify_entity_1.IdentifierType.USERNAME) {
110
+ throw new common_1.BadRequestException('Unable to signup with those credentials. Try changing username');
111
+ }
112
+ }
113
+ // 4. Hash Password (if provided)
114
+ const hash = dto.password ? await bcrypt.hash(dto.password, 10) : undefined;
115
+ // 5. Create the Auth Identity
116
+ // If no uid is provided, this is a completely new account.
117
+ // Generation will happen here or in AuthService if we want more control.
118
+ // Let's generate it here if missing.
119
+ const identityUid = uid || crypto.randomUUID();
120
+ const newAuth = authRepo.create({
121
+ uid: identityUid,
122
+ strategy: dto.method || auth_type_enum_1.AuthStrategy.LOCAL,
123
+ secretHash: hash,
124
+ isActive: true,
125
+ isPrimary: true,
126
+ });
127
+ // 7. Create the Identifiers (The "Lookups")
128
+ const newIdentifiers = [];
129
+ if (dto.email) {
130
+ newIdentifiers.push(authIdentifierRepo.create({
131
+ type: auth_identify_entity_1.IdentifierType.EMAIL,
132
+ value: dto.email.toLowerCase(),
133
+ }));
134
+ }
135
+ if (dto.phone) {
136
+ newIdentifiers.push(authIdentifierRepo.create({
137
+ type: auth_identify_entity_1.IdentifierType.PHONE,
138
+ value: dto.phone,
139
+ }));
140
+ }
141
+ if (dto.username) {
142
+ newIdentifiers.push(authIdentifierRepo.create({
143
+ type: auth_identify_entity_1.IdentifierType.USERNAME,
144
+ value: dto.username.toLowerCase(),
145
+ }));
146
+ }
147
+ // Attach identifiers to auth to save them together (Cascade)
148
+ newAuth.identifiers = newIdentifiers;
149
+ // 8. Save (Cascade will save Auth + Identifiers)
150
+ const auth = await authRepo.save(newAuth);
151
+ return { auth, identifier: auth.identifiers?.[0] };
152
+ });
153
+ }
154
+ async login(dto) {
155
+ const enabledStrategies = this.options.enabledStrategies || Object.values(auth_type_enum_1.AuthStrategy);
156
+ const identifierValue = dto.emailOrPhone || dto.email || dto.phone || dto.username;
157
+ if (!identifierValue) {
158
+ throw new common_1.BadRequestException('Email, phone or username is required');
159
+ }
160
+ // Validate identifier type against enabled strategies
161
+ const isEmail = !!dto.email || (!!dto.emailOrPhone && dto.emailOrPhone.includes('@'));
162
+ const isPhone = !!dto.phone || (!!dto.emailOrPhone && /^\+?[0-9]+$/.test(dto.emailOrPhone));
163
+ const isUsername = !!dto.username || (!isEmail && !isPhone);
164
+ const passwordRequired = (isEmail && this.requiresPassword('EMAIL')) ||
165
+ (isPhone && this.requiresPassword('PHONE')) ||
166
+ (isUsername && this.requiresPassword('USERNAME'));
167
+ if (!dto.password && passwordRequired) {
168
+ throw new common_1.BadRequestException('Password is required');
169
+ }
170
+ if (isEmail && !enabledStrategies.includes(auth_type_enum_1.AuthStrategy.EMAIL) && !enabledStrategies.includes(auth_type_enum_1.AuthStrategy.LOCAL)) {
171
+ throw new common_1.BadRequestException('Email authentication is currently disabled.');
172
+ }
173
+ if (isPhone && !enabledStrategies.includes(auth_type_enum_1.AuthStrategy.PHONE) && !enabledStrategies.includes(auth_type_enum_1.AuthStrategy.LOCAL)) {
174
+ throw new common_1.BadRequestException('Phone authentication is currently disabled.');
175
+ }
176
+ if (isPhone) {
177
+ this.validatePhoneFormat(identifierValue);
178
+ }
179
+ if (isUsername && !enabledStrategies.includes(auth_type_enum_1.AuthStrategy.USERNAME) && !enabledStrategies.includes(auth_type_enum_1.AuthStrategy.LOCAL)) {
180
+ throw new common_1.BadRequestException('Username authentication is currently disabled.');
181
+ }
182
+ // 1. Look up the Identifier first (e.g., find row where value = "john@gmail.com")
183
+ // We join 'auth' and 'auth.user' so we have everything we need.
184
+ const identifier = await this.identifierRepo.findOne({
185
+ where: { value: identifierValue.toLowerCase() },
186
+ relations: ['auth'],
187
+ });
188
+ if (!identifier || !identifier.auth) {
189
+ throw new common_1.UnauthorizedException('Invalid credentials');
190
+ }
191
+ const auth = identifier.auth;
192
+ // 2. Safety Check: Ensure this identifier is actually linked to a Password/Local account
193
+ const localStrategies = [
194
+ auth_type_enum_1.AuthStrategy.EMAIL,
195
+ auth_type_enum_1.AuthStrategy.PHONE,
196
+ auth_type_enum_1.AuthStrategy.USERNAME,
197
+ auth_type_enum_1.AuthStrategy.LOCAL,
198
+ ];
199
+ if (!localStrategies.includes(auth.strategy)) {
200
+ throw new common_1.UnauthorizedException('Please login with your Social Account');
201
+ }
202
+ // 3. Retrieve the password hash
203
+ // (Since select: false, it wasn't loaded in the relation above. We must explicitly fetch it)
204
+ const authWithSecret = await this.authRepo.findOne({
205
+ where: { id: auth.id },
206
+ select: ['id', 'secretHash'], // Explicitly select the hidden column
207
+ });
208
+ if (!authWithSecret) {
209
+ throw new common_1.UnauthorizedException('Invalid credentials');
210
+ }
211
+ // 4. Verify password (if password was provided or required)
212
+ if (dto.password && authWithSecret.secretHash) {
213
+ const valid = await bcrypt.compare(dto.password, authWithSecret.secretHash);
214
+ if (!valid) {
215
+ throw new common_1.UnauthorizedException('Invalid credentials');
216
+ }
217
+ }
218
+ else if (dto.password && !authWithSecret.secretHash) {
219
+ // Identity has no password, but one was provided
220
+ throw new common_1.UnauthorizedException('This account does not have a password set. Please use another method.');
221
+ }
222
+ else if (!dto.password && authWithSecret.secretHash) {
223
+ // Identity has a password, but none was provided
224
+ throw new common_1.UnauthorizedException('Password is required for this account');
225
+ }
226
+ // If neither has a password, it's a password-less login (allowed for phone if verified elsewhere/contextually)
227
+ // 5. Update usage stats
228
+ // We update the original 'auth' object which has the User loaded, to return full context
229
+ auth.lastUsedAt = new Date();
230
+ await this.authRepo.save(auth);
231
+ return { auth, identifier };
232
+ }
233
+ };
234
+ exports.LocalAuthStrategy = LocalAuthStrategy;
235
+ exports.LocalAuthStrategy = LocalAuthStrategy = LocalAuthStrategy_1 = __decorate([
236
+ (0, common_1.Injectable)(),
237
+ __param(1, (0, typeorm_2.InjectRepository)(auth_entity_1.Auth)),
238
+ __param(2, (0, typeorm_2.InjectRepository)(auth_identify_entity_1.AuthIdentifier)),
239
+ __param(3, (0, common_2.Inject)(auth_module_options_interface_1.AUTH_MODULE_OPTIONS)),
240
+ __metadata("design:paramtypes", [typeorm_1.DataSource,
241
+ typeorm_1.Repository,
242
+ typeorm_1.Repository, Object])
243
+ ], LocalAuthStrategy);
244
+ //# sourceMappingURL=local-auth.strategy.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"local-auth.strategy.js","sourceRoot":"","sources":["../../../src/auth/strategies/local-auth.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAKwB;AACxB,qCAAqD;AACrD,6CAAmD;AACnD,iCAAiC;AAGjC,iCAAiC;AACjC,+FAAqG;AACrG,2CAAwC;AAExC,WAAW;AACX,yDAA+C;AAC/C,2EAG0C;AAE1C,QAAQ;AACR,4DAAuD,CAAC,8BAA8B;AAEtF,kBAAkB;AAIX,IAAM,iBAAiB,yBAAvB,MAAM,iBAAiB;IAC5B,YACmB,UAAsB,EACf,QAAkC,EAE1D,cAAkD,EACrB,OAAkC;QAJ9C,eAAU,GAAV,UAAU,CAAY;QACP,aAAQ,GAAR,QAAQ,CAAkB;QAElD,mBAAc,GAAd,cAAc,CAA4B;QACb,YAAO,GAAP,OAAO,CAAmB;QAGhD,WAAM,GAAW,IAAI,eAAM,CAAC,mBAAiB,CAAC,IAAI,CAAC,CAAC;IAFjE,CAAC;IAIG,mBAAmB,CAAC,KAAa;QACvC,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,oBAAoB,CAAC;QACnD,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO;QAE/C,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;QACpE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,4BAAmB,CAC3B,gCAAgC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,aAAa,KAAK,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACxH,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,gBAAgB,CAAC,IAAqD;QAC5E,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,qCAAc,CAAC,KAAK,CAAC;YAC1B,KAAK,OAAO;gBACV,OAAO,IAAI,CAAC,OAAO,CAAC,qBAAqB,IAAI,IAAI,CAAC;YACpD,KAAK,qCAAc,CAAC,KAAK,CAAC;YAC1B,KAAK,OAAO;gBACV,OAAO,IAAI,CAAC,OAAO,CAAC,qBAAqB,IAAI,KAAK,CAAC;YACrD,KAAK,qCAAc,CAAC,QAAQ,CAAC;YAC7B,KAAK,UAAU;gBACb,OAAO,IAAI,CAAC,OAAO,CAAC,wBAAwB,IAAI,IAAI,CAAC;YACvD;gBACE,OAAO,IAAI,CAAC;QAChB,CAAC;IACH,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,GAAc,EAAE,GAAY;QACpD,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,IAAI,MAAM,CAAC,MAAM,CAAC,6BAAY,CAAC,CAAC;QAExF,0DAA0D;QAC1D,IAAI,GAAG,CAAC,KAAK,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,6BAAY,CAAC,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,6BAAY,CAAC,KAAK,CAAC,EAAE,CAAC;YACpH,MAAM,IAAI,4BAAmB,CAAC,6CAA6C,CAAC,CAAC;QAC/E,CAAC;QACD,IAAI,GAAG,CAAC,KAAK,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,6BAAY,CAAC,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,6BAAY,CAAC,KAAK,CAAC,EAAE,CAAC;YACpH,MAAM,IAAI,4BAAmB,CAAC,6CAA6C,CAAC,CAAC;QAC/E,CAAC;QACD,IAAI,GAAG,CAAC,QAAQ,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,6BAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,6BAAY,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1H,MAAM,IAAI,4BAAmB,CAAC,gDAAgD,CAAC,CAAC;QAClF,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;YAC9C,MAAM,IAAI,4BAAmB,CAAC,sCAAsC,CAAC,CAAC;QACxE,CAAC;QAED,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;YACd,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACtC,CAAC;QAED,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;QACpE,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;QACpE,MAAM,OAAO,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;QAEzE,MAAM,gBAAgB,GAAG,QAAQ,IAAI,QAAQ,IAAI,OAAO,CAAC;QAEzD,IAAI,CAAC,GAAG,CAAC,QAAQ,IAAI,gBAAgB,EAAE,CAAC;YACtC,MAAM,IAAI,4BAAmB,CAAC,sBAAsB,CAAC,CAAC;QACxD,CAAC;QAED,sDAAsD;QACtD,MAAM,kBAAkB,GAAa,EAAE,CAAC;QACxC,IAAI,GAAG,CAAC,KAAK;YAAE,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;QAChE,IAAI,GAAG,CAAC,KAAK;YAAE,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAClD,IAAI,GAAG,CAAC,QAAQ;YAAE,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;QAEtE,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;YACnD,MAAM,kBAAkB,GAAG,OAAO,CAAC,aAAa,CAAC,qCAAc,CAAC,CAAC;YACjE,MAAM,QAAQ,GAAG,OAAO,CAAC,aAAa,CAAC,kBAAI,CAAC,CAAC;YAE7C,yBAAyB;YACzB,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,OAAO,CAAC;gBAChD,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,YAAE,EAAC,kBAAkB,CAAC,EAAE;aACzC,CAAC,CAAC;YAEH,IAAI,QAAQ,EAAE,CAAC;gBACb,IAAI,QAAQ,CAAC,IAAI,KAAK,qCAAc,CAAC,KAAK,EAAE,CAAC;oBAC3C,MAAM,IAAI,4BAAmB,CAC3B,oEAAoE,CACrE,CAAC;gBACJ,CAAC;gBACD,IAAI,QAAQ,CAAC,IAAI,KAAK,qCAAc,CAAC,KAAK,EAAE,CAAC;oBAC3C,MAAM,IAAI,4BAAmB,CAC3B,6DAA6D,CAC9D,CAAC;gBACJ,CAAC;gBACD,IAAI,QAAQ,CAAC,IAAI,KAAK,qCAAc,CAAC,QAAQ,EAAE,CAAC;oBAC9C,MAAM,IAAI,4BAAmB,CAC3B,gEAAgE,CACjE,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,iCAAiC;YACjC,MAAM,IAAI,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAE5E,8BAA8B;YAC9B,2DAA2D;YAC3D,yEAAyE;YACzE,qCAAqC;YACrC,MAAM,WAAW,GAAG,GAAG,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;YAE/C,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC;gBAC9B,GAAG,EAAE,WAAW;gBAChB,QAAQ,EAAE,GAAG,CAAC,MAAM,IAAI,6BAAY,CAAC,KAAK;gBAC1C,UAAU,EAAE,IAAI;gBAChB,QAAQ,EAAE,IAAI;gBACd,SAAS,EAAE,IAAI;aAChB,CAAC,CAAC;YAEH,4CAA4C;YAC5C,MAAM,cAAc,GAAqB,EAAE,CAAC;YAE5C,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;gBACd,cAAc,CAAC,IAAI,CACjB,kBAAkB,CAAC,MAAM,CAAC;oBACxB,IAAI,EAAE,qCAAc,CAAC,KAAK;oBAC1B,KAAK,EAAE,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE;iBAC/B,CAAC,CACH,CAAC;YACJ,CAAC;YAED,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;gBACd,cAAc,CAAC,IAAI,CACjB,kBAAkB,CAAC,MAAM,CAAC;oBACxB,IAAI,EAAE,qCAAc,CAAC,KAAK;oBAC1B,KAAK,EAAE,GAAG,CAAC,KAAK;iBACjB,CAAC,CACH,CAAC;YACJ,CAAC;YAED,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;gBACjB,cAAc,CAAC,IAAI,CACjB,kBAAkB,CAAC,MAAM,CAAC;oBACxB,IAAI,EAAE,qCAAc,CAAC,QAAQ;oBAC7B,KAAK,EAAE,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE;iBAClC,CAAC,CACH,CAAC;YACJ,CAAC;YAED,6DAA6D;YAC7D,OAAO,CAAC,WAAW,GAAG,cAAc,CAAC;YAErC,iDAAiD;YACjD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC1C,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACrD,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,GAAa;QACvB,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,IAAI,MAAM,CAAC,MAAM,CAAC,6BAAY,CAAC,CAAC;QACxF,MAAM,eAAe,GAAG,GAAG,CAAC,YAAY,IAAI,GAAG,CAAC,KAAK,IAAI,GAAG,CAAC,KAAK,IAAI,GAAG,CAAC,QAAQ,CAAC;QAEnF,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,MAAM,IAAI,4BAAmB,CAAC,sCAAsC,CAAC,CAAC;QACxE,CAAC;QAED,sDAAsD;QACtD,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,YAAY,IAAI,GAAG,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;QACtF,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,YAAY,IAAI,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC;QAC5F,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,IAAI,CAAC,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,CAAC;QAE5D,MAAM,gBAAgB,GACpB,CAAC,OAAO,IAAI,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YAC3C,CAAC,OAAO,IAAI,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YAC3C,CAAC,UAAU,IAAI,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC,CAAC;QAEpD,IAAI,CAAC,GAAG,CAAC,QAAQ,IAAI,gBAAgB,EAAE,CAAC;YACtC,MAAM,IAAI,4BAAmB,CAAC,sBAAsB,CAAC,CAAC;QACxD,CAAC;QAED,IAAI,OAAO,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,6BAAY,CAAC,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,6BAAY,CAAC,KAAK,CAAC,EAAE,CAAC;YAClH,MAAM,IAAI,4BAAmB,CAAC,6CAA6C,CAAC,CAAC;QAC/E,CAAC;QACD,IAAI,OAAO,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,6BAAY,CAAC,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,6BAAY,CAAC,KAAK,CAAC,EAAE,CAAC;YAClH,MAAM,IAAI,4BAAmB,CAAC,6CAA6C,CAAC,CAAC;QAC/E,CAAC;QACD,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC,mBAAmB,CAAC,eAAe,CAAC,CAAC;QAC5C,CAAC;QACD,IAAI,UAAU,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,6BAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,6BAAY,CAAC,KAAK,CAAC,EAAE,CAAC;YACxH,MAAM,IAAI,4BAAmB,CAAC,gDAAgD,CAAC,CAAC;QAClF,CAAC;QAED,kFAAkF;QAClF,gEAAgE;QAChE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YACnD,KAAK,EAAE,EAAE,KAAK,EAAE,eAAe,CAAC,WAAW,EAAE,EAAE;YAC/C,SAAS,EAAE,CAAC,MAAM,CAAC;SACpB,CAAC,CAAC;QAEH,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,CAAC;QAE7B,yFAAyF;QACzF,MAAM,eAAe,GAAG;YACtB,6BAAY,CAAC,KAAK;YAClB,6BAAY,CAAC,KAAK;YAClB,6BAAY,CAAC,QAAQ;YACrB,6BAAY,CAAC,KAAK;SACnB,CAAC;QAEF,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,8BAAqB,CAAC,uCAAuC,CAAC,CAAC;QAC3E,CAAC;QAED,gCAAgC;QAChC,6FAA6F;QAC7F,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;YACjD,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;YACtB,MAAM,EAAE,CAAC,IAAI,EAAE,YAAY,CAAC,EAAE,sCAAsC;SACrE,CAAC,CAAC;QAEH,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;QACzD,CAAC;QAED,4DAA4D;QAC5D,IAAI,GAAG,CAAC,QAAQ,IAAI,cAAc,CAAC,UAAU,EAAE,CAAC;YAC9C,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,cAAc,CAAC,UAAU,CAAC,CAAC;YAC5E,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;aAAM,IAAI,GAAG,CAAC,QAAQ,IAAI,CAAC,cAAc,CAAC,UAAU,EAAE,CAAC;YACtD,iDAAiD;YACjD,MAAM,IAAI,8BAAqB,CAAC,uEAAuE,CAAC,CAAC;QAC3G,CAAC;aAAM,IAAI,CAAC,GAAG,CAAC,QAAQ,IAAI,cAAc,CAAC,UAAU,EAAE,CAAC;YACtD,iDAAiD;YACjD,MAAM,IAAI,8BAAqB,CAAC,uCAAuC,CAAC,CAAC;QAC3E,CAAC;QACD,+GAA+G;QAE/G,wBAAwB;QACxB,yFAAyF;QACzF,IAAI,CAAC,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC;QAC7B,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE/B,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;IAC9B,CAAC;CACF,CAAA;AA7PY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;IAIR,WAAA,IAAA,0BAAgB,EAAC,kBAAI,CAAC,CAAA;IACtB,WAAA,IAAA,0BAAgB,EAAC,qCAAc,CAAC,CAAA;IAEhC,WAAA,IAAA,eAAM,EAAC,mDAAmB,CAAC,CAAA;qCAJC,oBAAU;QACG,oBAAU;QAE5B,oBAAU;GALzB,iBAAiB,CA6P7B"}
@@ -0,0 +1,27 @@
1
+ import { DataSource, Repository } from 'typeorm';
2
+ import { LoginDto } from '../../dto/requests/login.dto';
3
+ import { SignupDto } from '../../dto/requests/signup.dto';
4
+ import { Auth } from '../../entities/auth.entity';
5
+ import { OAuthProvider } from '../../entities/oauth-provider.entity';
6
+ import { AuthIdentifier } from '../../entities/auth-identify.entity';
7
+ import { AuthModuleOptions } from '../../interfaces/auth-module-options.interface';
8
+ import { IOAuthStrategy } from '../../interfaces/oauth-strategy.interface';
9
+ export declare class AppleAuthStrategy implements IOAuthStrategy {
10
+ private readonly dataSource;
11
+ private authRepo;
12
+ private oauthProviderRepo;
13
+ private options;
14
+ private applePublicKeys;
15
+ private lastKeysFetch;
16
+ constructor(dataSource: DataSource, authRepo: Repository<Auth>, oauthProviderRepo: Repository<OAuthProvider>, options: AuthModuleOptions);
17
+ private getApplePublicKeys;
18
+ private verifyToken;
19
+ registerCredentials(dto: SignupDto, uid?: string): Promise<{
20
+ auth: Auth;
21
+ identifier?: AuthIdentifier;
22
+ }>;
23
+ login(dto: LoginDto): Promise<{
24
+ auth: Auth;
25
+ identifier?: AuthIdentifier;
26
+ }>;
27
+ }
@@ -0,0 +1,176 @@
1
+ "use strict";
2
+ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
+ var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
+ if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
5
+ else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
6
+ return c > 3 && r && Object.defineProperty(target, key, r), r;
7
+ };
8
+ var __metadata = (this && this.__metadata) || function (k, v) {
9
+ if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
+ };
11
+ var __param = (this && this.__param) || function (paramIndex, decorator) {
12
+ return function (target, key) { decorator(target, key, paramIndex); }
13
+ };
14
+ Object.defineProperty(exports, "__esModule", { value: true });
15
+ exports.AppleAuthStrategy = void 0;
16
+ const common_1 = require("@nestjs/common");
17
+ const typeorm_1 = require("typeorm");
18
+ const typeorm_2 = require("@nestjs/typeorm");
19
+ const auth_entity_1 = require("../../entities/auth.entity");
20
+ const oauth_provider_entity_1 = require("../../entities/oauth-provider.entity");
21
+ const auth_identify_entity_1 = require("../../entities/auth-identify.entity");
22
+ const auth_type_enum_1 = require("../../enums/auth-type.enum");
23
+ const auth_module_options_interface_1 = require("../../interfaces/auth-module-options.interface");
24
+ const crypto_1 = require("crypto");
25
+ const jwt = require("jsonwebtoken");
26
+ let AppleAuthStrategy = class AppleAuthStrategy {
27
+ constructor(dataSource, authRepo, oauthProviderRepo, options) {
28
+ this.dataSource = dataSource;
29
+ this.authRepo = authRepo;
30
+ this.oauthProviderRepo = oauthProviderRepo;
31
+ this.options = options;
32
+ this.applePublicKeys = [];
33
+ this.lastKeysFetch = 0;
34
+ }
35
+ async getApplePublicKeys() {
36
+ // Cache keys for 24 hours
37
+ const now = Date.now();
38
+ if (this.applePublicKeys.length > 0 && now - this.lastKeysFetch < 24 * 60 * 60 * 1000) {
39
+ return this.applePublicKeys;
40
+ }
41
+ try {
42
+ const response = await fetch('https://appleid.apple.com/auth/keys');
43
+ const data = await response.json();
44
+ this.applePublicKeys = data.keys;
45
+ this.lastKeysFetch = now;
46
+ return this.applePublicKeys;
47
+ }
48
+ catch (error) {
49
+ throw new common_1.BadRequestException('Failed to fetch Apple public keys');
50
+ }
51
+ }
52
+ async verifyToken(token) {
53
+ try {
54
+ const decoded = jwt.decode(token, { complete: true });
55
+ if (!decoded || !decoded.header || !decoded.header.kid) {
56
+ throw new common_1.BadRequestException('Invalid Apple token header');
57
+ }
58
+ const keys = await this.getApplePublicKeys();
59
+ const jwk = keys.find(k => k.kid === decoded.header.kid);
60
+ if (!jwk) {
61
+ throw new common_1.BadRequestException('Apple public key not found');
62
+ }
63
+ // Using Node.js native crypto to convert JWK to PublicKey object
64
+ const publicKey = (0, crypto_1.createPublicKey)({
65
+ key: jwk,
66
+ format: 'jwk',
67
+ });
68
+ const payload = jwt.verify(token, publicKey, {
69
+ algorithms: ['RS256'],
70
+ audience: this.options.appleClientId,
71
+ issuer: 'https://appleid.apple.com',
72
+ });
73
+ if (!payload || !payload.sub) {
74
+ throw new common_1.BadRequestException('Invalid Apple token payload');
75
+ }
76
+ return payload;
77
+ }
78
+ catch (error) {
79
+ if (error instanceof common_1.BadRequestException)
80
+ throw error;
81
+ throw new common_1.BadRequestException(`Apple token verification failed: ${error.message}`);
82
+ }
83
+ }
84
+ async registerCredentials(dto, uid) {
85
+ if (!dto.token) {
86
+ throw new common_1.BadRequestException('Apple ID token is required');
87
+ }
88
+ const payload = await this.verifyToken(dto.token);
89
+ const appleId = payload.sub;
90
+ const email = payload.email?.toLowerCase();
91
+ return this.dataSource.transaction(async (manager) => {
92
+ const authRepo = manager.getRepository(auth_entity_1.Auth);
93
+ const oauthProviderRepo = manager.getRepository(oauth_provider_entity_1.OAuthProvider);
94
+ const identifierRepo = manager.getRepository(auth_identify_entity_1.AuthIdentifier);
95
+ // Check if this Apple account is already linked
96
+ const existingProvider = await oauthProviderRepo.findOne({
97
+ where: { provider: auth_type_enum_1.OAuthProviderType.APPLE, providerUserId: appleId },
98
+ relations: ['auth'],
99
+ });
100
+ if (existingProvider) {
101
+ throw new common_1.BadRequestException('This Apple account is already linked to a user');
102
+ }
103
+ // Check if email identifier is already taken
104
+ if (email) {
105
+ const existingIdentifier = await identifierRepo.findOne({
106
+ where: { value: email, type: auth_identify_entity_1.IdentifierType.EMAIL },
107
+ });
108
+ if (existingIdentifier) {
109
+ throw new common_1.BadRequestException('A user with this email already exists');
110
+ }
111
+ }
112
+ const identityUid = uid || (0, crypto_1.randomUUID)();
113
+ const newAuth = authRepo.create({
114
+ uid: identityUid,
115
+ strategy: auth_type_enum_1.AuthStrategy.OAUTH,
116
+ isActive: true,
117
+ isVerified: payload.email_verified === 'true' || payload.email_verified === true,
118
+ isPrimary: true,
119
+ });
120
+ const identifiers = [];
121
+ if (email) {
122
+ identifiers.push(identifierRepo.create({
123
+ type: auth_identify_entity_1.IdentifierType.EMAIL,
124
+ value: email,
125
+ isVerified: payload.email_verified === 'true' || payload.email_verified === true,
126
+ source: auth_identify_entity_1.IdentifierSource.APPLE,
127
+ verifiedBy: payload.email_verified ? 'PROVIDER' : undefined,
128
+ }));
129
+ }
130
+ newAuth.identifiers = identifiers;
131
+ const oauthProvider = oauthProviderRepo.create({
132
+ provider: auth_type_enum_1.OAuthProviderType.APPLE,
133
+ providerUserId: appleId,
134
+ expiresAt: payload.exp ? new Date(payload.exp * 1000) : undefined,
135
+ rawProfile: payload,
136
+ emailVerified: payload.email_verified === 'true' || payload.email_verified === true,
137
+ displayName: payload.name?.displayName,
138
+ avatarUrl: payload.picture,
139
+ });
140
+ newAuth.oauthProviders = [...(newAuth.oauthProviders || []), oauthProvider];
141
+ const savedAuth = await authRepo.save(newAuth);
142
+ return { auth: savedAuth, identifier: savedAuth.identifiers?.[0] };
143
+ });
144
+ }
145
+ async login(dto) {
146
+ if (!dto.token) {
147
+ throw new common_1.BadRequestException('Apple ID token is required');
148
+ }
149
+ const payload = await this.verifyToken(dto.token);
150
+ const appleId = payload.sub;
151
+ const oauthProvider = await this.oauthProviderRepo.findOne({
152
+ where: { provider: auth_type_enum_1.OAuthProviderType.APPLE, providerUserId: appleId },
153
+ relations: ['auth', 'auth.identifiers'],
154
+ });
155
+ if (!oauthProvider || !oauthProvider.auth) {
156
+ throw new common_1.BadRequestException('No account found linked to this Apple account');
157
+ }
158
+ const auth = oauthProvider.auth;
159
+ auth.lastUsedAt = new Date();
160
+ await this.authRepo.save(auth);
161
+ const email = payload.email?.toLowerCase();
162
+ const identifier = auth.identifiers?.find(id => id.value === email);
163
+ return { auth, identifier };
164
+ }
165
+ };
166
+ exports.AppleAuthStrategy = AppleAuthStrategy;
167
+ exports.AppleAuthStrategy = AppleAuthStrategy = __decorate([
168
+ (0, common_1.Injectable)(),
169
+ __param(1, (0, typeorm_2.InjectRepository)(auth_entity_1.Auth)),
170
+ __param(2, (0, typeorm_2.InjectRepository)(oauth_provider_entity_1.OAuthProvider)),
171
+ __param(3, (0, common_1.Inject)(auth_module_options_interface_1.AUTH_MODULE_OPTIONS)),
172
+ __metadata("design:paramtypes", [typeorm_1.DataSource,
173
+ typeorm_1.Repository,
174
+ typeorm_1.Repository, Object])
175
+ ], AppleAuthStrategy);
176
+ //# sourceMappingURL=apple.strategy.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"apple.strategy.js","sourceRoot":"","sources":["../../../../src/auth/strategies/oauth/apple.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAyE;AACzE,qCAAiD;AACjD,6CAAmD;AAGnD,4DAAkD;AAClD,gFAAqE;AACrE,8EAAuG;AACvG,+DAA6E;AAC7E,kGAAwG;AAExG,mCAAqD;AACrD,oCAAoC;AAG7B,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAI1B,YACqB,UAAsB,EACf,QAAkC,EACzB,iBAAoD,EACxD,OAAkC;QAH9C,eAAU,GAAV,UAAU,CAAY;QACP,aAAQ,GAAR,QAAQ,CAAkB;QACjB,sBAAiB,GAAjB,iBAAiB,CAA2B;QAChD,YAAO,GAAP,OAAO,CAAmB;QAP3D,oBAAe,GAAU,EAAE,CAAC;QAC5B,kBAAa,GAAG,CAAC,CAAC;IAOtB,CAAC;IAEG,KAAK,CAAC,kBAAkB;QAC5B,0BAA0B;QAC1B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,GAAG,IAAI,CAAC,aAAa,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;YACpF,OAAO,IAAI,CAAC,eAAe,CAAC;QAChC,CAAC;QAED,IAAI,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,qCAAqC,CAAC,CAAC;YACpE,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC;YACjC,IAAI,CAAC,aAAa,GAAG,GAAG,CAAC;YACzB,OAAO,IAAI,CAAC,eAAe,CAAC;QAChC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,4BAAmB,CAAC,mCAAmC,CAAC,CAAC;QACvE,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,WAAW,CAAC,KAAa;QACnC,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;YACtD,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;gBACrD,MAAM,IAAI,4BAAmB,CAAC,4BAA4B,CAAC,CAAC;YAChE,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC7C,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAEzD,IAAI,CAAC,GAAG,EAAE,CAAC;gBACP,MAAM,IAAI,4BAAmB,CAAC,4BAA4B,CAAC,CAAC;YAChE,CAAC;YAED,iEAAiE;YACjE,MAAM,SAAS,GAAG,IAAA,wBAAe,EAAC;gBAC9B,GAAG,EAAE,GAAG;gBACR,MAAM,EAAE,KAAK;aAChB,CAAC,CAAC;YAEH,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,SAAS,EAAE;gBACzC,UAAU,EAAE,CAAC,OAAO,CAAC;gBACrB,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,aAAa;gBACpC,MAAM,EAAE,2BAA2B;aACtC,CAAQ,CAAC;YAEV,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;gBAC3B,MAAM,IAAI,4BAAmB,CAAC,6BAA6B,CAAC,CAAC;YACjE,CAAC;YAED,OAAO,OAAO,CAAC;QACnB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,KAAK,YAAY,4BAAmB;gBAAE,MAAM,KAAK,CAAC;YACtD,MAAM,IAAI,4BAAmB,CAAC,oCAAoC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QACvF,CAAC;IACL,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,GAAc,EAAE,GAAY;QAClD,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,4BAAmB,CAAC,4BAA4B,CAAC,CAAC;QAChE,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAClD,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC;QAC5B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,EAAE,WAAW,EAAE,CAAC;QAE3C,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;YACjD,MAAM,QAAQ,GAAG,OAAO,CAAC,aAAa,CAAC,kBAAI,CAAC,CAAC;YAC7C,MAAM,iBAAiB,GAAG,OAAO,CAAC,aAAa,CAAC,qCAAa,CAAC,CAAC;YAC/D,MAAM,cAAc,GAAG,OAAO,CAAC,aAAa,CAAC,qCAAc,CAAC,CAAC;YAE7D,gDAAgD;YAChD,MAAM,gBAAgB,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC;gBACrD,KAAK,EAAE,EAAE,QAAQ,EAAE,kCAAiB,CAAC,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE;gBACrE,SAAS,EAAE,CAAC,MAAM,CAAC;aACtB,CAAC,CAAC;YAEH,IAAI,gBAAgB,EAAE,CAAC;gBACnB,MAAM,IAAI,4BAAmB,CAAC,gDAAgD,CAAC,CAAC;YACpF,CAAC;YAED,6CAA6C;YAC7C,IAAI,KAAK,EAAE,CAAC;gBACR,MAAM,kBAAkB,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC;oBACpD,KAAK,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,qCAAc,CAAC,KAAK,EAAE;iBACtD,CAAC,CAAC;gBACH,IAAI,kBAAkB,EAAE,CAAC;oBACrB,MAAM,IAAI,4BAAmB,CAAC,uCAAuC,CAAC,CAAC;gBAC3E,CAAC;YACL,CAAC;YAED,MAAM,WAAW,GAAG,GAAG,IAAI,IAAA,mBAAU,GAAE,CAAC;YAExC,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC;gBAC5B,GAAG,EAAE,WAAW;gBAChB,QAAQ,EAAE,6BAAY,CAAC,KAAK;gBAC5B,QAAQ,EAAE,IAAI;gBACd,UAAU,EAAE,OAAO,CAAC,cAAc,KAAK,MAAM,IAAI,OAAO,CAAC,cAAc,KAAK,IAAI;gBAChF,SAAS,EAAE,IAAI;aAClB,CAAC,CAAC;YAEH,MAAM,WAAW,GAAqB,EAAE,CAAC;YACzC,IAAI,KAAK,EAAE,CAAC;gBACR,WAAW,CAAC,IAAI,CACZ,cAAc,CAAC,MAAM,CAAC;oBAClB,IAAI,EAAE,qCAAc,CAAC,KAAK;oBAC1B,KAAK,EAAE,KAAK;oBACZ,UAAU,EAAE,OAAO,CAAC,cAAc,KAAK,MAAM,IAAI,OAAO,CAAC,cAAc,KAAK,IAAI;oBAChF,MAAM,EAAE,uCAAgB,CAAC,KAAK;oBAC9B,UAAU,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;iBAC9D,CAAC,CACL,CAAC;YACN,CAAC;YAED,OAAO,CAAC,WAAW,GAAG,WAAW,CAAC;YAElC,MAAM,aAAa,GAAG,iBAAiB,CAAC,MAAM,CAAC;gBAC3C,QAAQ,EAAE,kCAAiB,CAAC,KAAK;gBACjC,cAAc,EAAE,OAAO;gBACvB,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;gBACjE,UAAU,EAAE,OAAO;gBACnB,aAAa,EAAE,OAAO,CAAC,cAAc,KAAK,MAAM,IAAI,OAAO,CAAC,cAAc,KAAK,IAAI;gBACnF,WAAW,EAAE,OAAO,CAAC,IAAI,EAAE,WAAW;gBACtC,SAAS,EAAE,OAAO,CAAC,OAAO;aAC7B,CAAC,CAAC;YAEH,OAAO,CAAC,cAAc,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,cAAc,IAAI,EAAE,CAAC,EAAE,aAAa,CAAC,CAAC;YAE5E,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC/C,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,CAAC,CAAC,CAAC;IACP,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,GAAa;QACrB,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,4BAAmB,CAAC,4BAA4B,CAAC,CAAC;QAChE,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAClD,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC;QAE5B,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC;YACvD,KAAK,EAAE,EAAE,QAAQ,EAAE,kCAAiB,CAAC,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE;YACrE,SAAS,EAAE,CAAC,MAAM,EAAE,kBAAkB,CAAC;SAC1C,CAAC,CAAC;QAEH,IAAI,CAAC,aAAa,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;YACxC,MAAM,IAAI,4BAAmB,CAAC,+CAA+C,CAAC,CAAC;QACnF,CAAC;QAED,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAAC;QAChC,IAAI,CAAC,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC;QAC7B,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE/B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,EAAE,WAAW,EAAE,CAAC;QAC3C,MAAM,UAAU,GAAG,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,KAAK,KAAK,CAAC,CAAC;QAEpE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;IAChC,CAAC;CACJ,CAAA;AAxKY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;IAOJ,WAAA,IAAA,0BAAgB,EAAC,kBAAI,CAAC,CAAA;IACtB,WAAA,IAAA,0BAAgB,EAAC,qCAAa,CAAC,CAAA;IAC/B,WAAA,IAAA,eAAM,EAAC,mDAAmB,CAAC,CAAA;qCAHC,oBAAU;QACG,oBAAU;QACQ,oBAAU;GAPjE,iBAAiB,CAwK7B"}