@warriorteam/redai-zalo-sdk 1.10.1 → 1.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +32 -0
- package/dist/services/auth.service.d.ts +11 -5
- package/dist/services/auth.service.d.ts.map +1 -1
- package/dist/services/auth.service.js +30 -8
- package/dist/services/auth.service.js.map +1 -1
- package/dist/types/auth.d.ts +14 -1
- package/dist/types/auth.d.ts.map +1 -1
- package/dist/zalo-sdk.d.ts +11 -1
- package/dist/zalo-sdk.d.ts.map +1 -1
- package/dist/zalo-sdk.js +21 -2
- package/dist/zalo-sdk.js.map +1 -1
- package/docs/AUTHENTICATION.md +141 -19
- package/examples/oa-auth-with-pkce.ts +155 -0
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -5,6 +5,38 @@ All notable changes to this project will be documented in this file.
|
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
7
7
|
|
|
8
|
+
## [1.11.0] - 2025-01-11
|
|
9
|
+
|
|
10
|
+
### 🔐 SECURITY ENHANCEMENTS
|
|
11
|
+
|
|
12
|
+
#### PKCE Support for Official Account Authentication
|
|
13
|
+
- **ADDED**: PKCE (Proof Key for Code Exchange) support cho Official Account OAuth flow
|
|
14
|
+
- **ENHANCED**: `createOAAuthUrl()` method với PKCE parameters và auto-generated state
|
|
15
|
+
- **ADDED**: `generatePKCE()` method để tạo code_verifier và code_challenge
|
|
16
|
+
- **UPDATED**: `getOAAccessToken()` method hỗ trợ code_verifier cho token exchange
|
|
17
|
+
- **ADDED**: `OAAuthResult` type với url và state information
|
|
18
|
+
- **ADDED**: `createSecureOAAuthUrl()` method với full PKCE support
|
|
19
|
+
|
|
20
|
+
#### Security Best Practices
|
|
21
|
+
- **ENHANCED**: Auto-generated state với prefix 'zalo_oa_' nếu không được cung cấp
|
|
22
|
+
- **ADDED**: Comprehensive PKCE documentation và security guidelines
|
|
23
|
+
- **IMPROVED**: Type safety cho PKCE flow với proper TypeScript interfaces
|
|
24
|
+
|
|
25
|
+
### 📚 DOCUMENTATION
|
|
26
|
+
|
|
27
|
+
#### Authentication Guide Updates
|
|
28
|
+
- **UPDATED**: AUTHENTICATION.md với PKCE implementation guide
|
|
29
|
+
- **ADDED**: Security benefits và best practices cho PKCE
|
|
30
|
+
- **ADDED**: Complete examples cho PKCE flow
|
|
31
|
+
- **ADDED**: oa-auth-with-pkce.ts example file
|
|
32
|
+
|
|
33
|
+
### 🔧 TECHNICAL IMPROVEMENTS
|
|
34
|
+
|
|
35
|
+
#### API Compatibility
|
|
36
|
+
- **MAINTAINED**: Backward compatibility cho existing createOAAuthUrl() method
|
|
37
|
+
- **ADDED**: Deprecation notice cho old method signature
|
|
38
|
+
- **ENHANCED**: getAuthUrls() method với PKCE support
|
|
39
|
+
|
|
8
40
|
## [1.10.1] - 2025-01-11
|
|
9
41
|
|
|
10
42
|
### 🚀 NEW FEATURES
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
* Authentication service for Zalo API
|
|
3
3
|
*/
|
|
4
4
|
import { ZaloClient } from "../clients/zalo-client";
|
|
5
|
-
import { AccessToken, RefreshTokenResponse, AuthCodeParams, RefreshTokenParams, SocialUserInfo, TokenValidation, AuthScope, PKCEConfig, AuthUrls } from "../types/auth";
|
|
5
|
+
import { AccessToken, RefreshTokenResponse, AuthCodeParams, RefreshTokenParams, SocialUserInfo, TokenValidation, AuthScope, PKCEConfig, AuthUrls, OAAuthResult } from "../types/auth";
|
|
6
6
|
/**
|
|
7
7
|
* Authentication service for handling OAuth flows and token management
|
|
8
8
|
*/
|
|
@@ -17,15 +17,21 @@ export declare class AuthService {
|
|
|
17
17
|
*/
|
|
18
18
|
generatePKCE(): PKCEConfig;
|
|
19
19
|
/**
|
|
20
|
-
* Create OAuth authorization URL for Official Account
|
|
20
|
+
* Create OAuth authorization URL for Official Account with PKCE support
|
|
21
|
+
*
|
|
22
|
+
* @param redirectUri - The redirect URI after authorization
|
|
23
|
+
* @param state - Optional state parameter for security. If not provided, auto-generates with 'zalo_oa_' prefix
|
|
24
|
+
* @param pkce - Optional PKCE configuration for enhanced security
|
|
25
|
+
* @returns Object containing the authorization URL and the state used
|
|
21
26
|
*/
|
|
22
|
-
createOAAuthUrl(redirectUri: string, state?: string):
|
|
27
|
+
createOAAuthUrl(redirectUri: string, state?: string, pkce?: PKCEConfig): OAAuthResult;
|
|
23
28
|
/**
|
|
24
29
|
* Create OAuth authorization URL for Social API
|
|
25
30
|
*/
|
|
26
31
|
createSocialAuthUrl(redirectUri: string, state?: string, pkce?: PKCEConfig): string;
|
|
27
32
|
/**
|
|
28
33
|
* Exchange authorization code for Official Account access token
|
|
34
|
+
* Now supports PKCE code_verifier for enhanced security
|
|
29
35
|
*/
|
|
30
36
|
getOAAccessToken(params: AuthCodeParams): Promise<AccessToken>;
|
|
31
37
|
/**
|
|
@@ -49,8 +55,8 @@ export declare class AuthService {
|
|
|
49
55
|
*/
|
|
50
56
|
validateAccessToken(accessToken: string, scope?: AuthScope): Promise<TokenValidation>;
|
|
51
57
|
/**
|
|
52
|
-
* Get all authentication URLs
|
|
58
|
+
* Get all authentication URLs with optional PKCE support
|
|
53
59
|
*/
|
|
54
|
-
getAuthUrls(redirectUri: string): AuthUrls;
|
|
60
|
+
getAuthUrls(redirectUri: string, pkce?: PKCEConfig): AuthUrls;
|
|
55
61
|
}
|
|
56
62
|
//# sourceMappingURL=auth.service.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EACL,WAAW,EACX,oBAAoB,EACpB,cAAc,EACd,kBAAkB,EAClB,cAAc,EACd,eAAe,EACf,SAAS,EACT,UAAU,EACV,QAAQ,
|
|
1
|
+
{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EACL,WAAW,EACX,oBAAoB,EACpB,cAAc,EACd,kBAAkB,EAClB,cAAc,EACd,eAAe,EACf,SAAS,EACT,UAAU,EACV,QAAQ,EACR,YAAY,EACb,MAAM,eAAe,CAAC;AAIvB;;GAEG;AACH,qBAAa,WAAW;IAiBpB,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,KAAK;IACtB,OAAO,CAAC,QAAQ,CAAC,SAAS;IAjB5B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAYf;gBAGQ,MAAM,EAAE,UAAU,EAClB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM;IAGpC;;OAEG;IACI,YAAY,IAAI,UAAU;IAajC;;;;;;;OAOG;IACI,eAAe,CAAC,WAAW,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,UAAU,GAAG,YAAY;IAwB5F;;OAEG;IACI,mBAAmB,CACxB,WAAW,EAAE,MAAM,EACnB,KAAK,CAAC,EAAE,MAAM,EACd,IAAI,CAAC,EAAE,UAAU,GAChB,MAAM;IAeT;;;OAGG;IACU,gBAAgB,CAAC,MAAM,EAAE,cAAc,GAAG,OAAO,CAAC,WAAW,CAAC;IA8D3E;;OAEG;IACU,oBAAoB,CAC/B,MAAM,EAAE,cAAc,GACrB,OAAO,CAAC,WAAW,CAAC;IA0DvB;;OAEG;IACU,oBAAoB,CAC/B,MAAM,EAAE,kBAAkB,GACzB,OAAO,CAAC,WAAW,CAAC;IA2CvB;;OAEG;IACU,wBAAwB,CACnC,MAAM,EAAE,kBAAkB,GACzB,OAAO,CAAC,oBAAoB,CAAC;IAyChC;;OAEG;IACU,iBAAiB,CAC5B,WAAW,EAAE,MAAM,EACnB,MAAM,GAAE,MAA0B,GACjC,OAAO,CAAC,cAAc,CAAC;IAuC1B;;OAEG;IACU,mBAAmB,CAC9B,WAAW,EAAE,MAAM,EACnB,KAAK,GAAE,SAA4B,GAClC,OAAO,CAAC,eAAe,CAAC;IAkB3B;;OAEG;IACI,WAAW,CAAC,WAAW,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,UAAU,GAAG,QAAQ;CAUrE"}
|
|
@@ -45,15 +45,31 @@ class AuthService {
|
|
|
45
45
|
};
|
|
46
46
|
}
|
|
47
47
|
/**
|
|
48
|
-
* Create OAuth authorization URL for Official Account
|
|
48
|
+
* Create OAuth authorization URL for Official Account with PKCE support
|
|
49
|
+
*
|
|
50
|
+
* @param redirectUri - The redirect URI after authorization
|
|
51
|
+
* @param state - Optional state parameter for security. If not provided, auto-generates with 'zalo_oa_' prefix
|
|
52
|
+
* @param pkce - Optional PKCE configuration for enhanced security
|
|
53
|
+
* @returns Object containing the authorization URL and the state used
|
|
49
54
|
*/
|
|
50
|
-
createOAAuthUrl(redirectUri, state) {
|
|
55
|
+
createOAAuthUrl(redirectUri, state, pkce) {
|
|
56
|
+
// Generate state with zalo_oa_ prefix if not provided
|
|
57
|
+
const finalState = state || `zalo_oa_${(0, crypto_1.randomBytes)(16).toString('hex')}`;
|
|
51
58
|
const params = new URLSearchParams({
|
|
52
59
|
app_id: this.appId,
|
|
53
60
|
redirect_uri: redirectUri,
|
|
54
|
-
state:
|
|
61
|
+
state: finalState,
|
|
55
62
|
});
|
|
56
|
-
|
|
63
|
+
// Add PKCE parameters if provided
|
|
64
|
+
if (pkce) {
|
|
65
|
+
params.append("code_challenge", pkce.code_challenge);
|
|
66
|
+
params.append("code_challenge_method", pkce.code_challenge_method);
|
|
67
|
+
}
|
|
68
|
+
const url = `${this.endpoints.auth.oaPermission}?${params.toString()}`;
|
|
69
|
+
return {
|
|
70
|
+
url,
|
|
71
|
+
state: finalState
|
|
72
|
+
};
|
|
57
73
|
}
|
|
58
74
|
/**
|
|
59
75
|
* Create OAuth authorization URL for Social API
|
|
@@ -72,6 +88,7 @@ class AuthService {
|
|
|
72
88
|
}
|
|
73
89
|
/**
|
|
74
90
|
* Exchange authorization code for Official Account access token
|
|
91
|
+
* Now supports PKCE code_verifier for enhanced security
|
|
75
92
|
*/
|
|
76
93
|
async getOAAccessToken(params) {
|
|
77
94
|
try {
|
|
@@ -83,6 +100,10 @@ class AuthService {
|
|
|
83
100
|
grant_type: "authorization_code",
|
|
84
101
|
redirect_uri: params.redirect_uri,
|
|
85
102
|
};
|
|
103
|
+
// Add code_verifier if provided (for PKCE)
|
|
104
|
+
if (params.code_verifier) {
|
|
105
|
+
requestParams.code_verifier = params.code_verifier;
|
|
106
|
+
}
|
|
86
107
|
await this.client.oauthRequestWithUrl("POST", url, null, {
|
|
87
108
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
88
109
|
});
|
|
@@ -268,12 +289,13 @@ class AuthService {
|
|
|
268
289
|
}
|
|
269
290
|
}
|
|
270
291
|
/**
|
|
271
|
-
* Get all authentication URLs
|
|
292
|
+
* Get all authentication URLs with optional PKCE support
|
|
272
293
|
*/
|
|
273
|
-
getAuthUrls(redirectUri) {
|
|
294
|
+
getAuthUrls(redirectUri, pkce) {
|
|
295
|
+
const oaAuthResult = this.createOAAuthUrl(redirectUri, undefined, pkce);
|
|
274
296
|
return {
|
|
275
|
-
oa_auth_url:
|
|
276
|
-
social_auth_url: this.createSocialAuthUrl(redirectUri),
|
|
297
|
+
oa_auth_url: oaAuthResult.url,
|
|
298
|
+
social_auth_url: this.createSocialAuthUrl(redirectUri, undefined, pkce),
|
|
277
299
|
token_url: this.endpoints.auth.socialToken,
|
|
278
300
|
refresh_url: this.endpoints.auth.refreshOaToken,
|
|
279
301
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAGH,
|
|
1
|
+
{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAGH,wCAWuB;AACvB,4CAA+C;AAC/C,mCAAiD;AAEjD;;GAEG;AACH,MAAa,WAAW;IAgBtB,YACmB,MAAkB,EAClB,KAAa,EACb,SAAiB;QAFjB,WAAM,GAAN,MAAM,CAAY;QAClB,UAAK,GAAL,KAAK,CAAQ;QACb,cAAS,GAAT,SAAS,CAAQ;QAlBpC,4DAA4D;QAC3C,cAAS,GAAG;YAC3B,IAAI,EAAE;gBACJ,YAAY,EAAE,4CAA4C;gBAC1D,gBAAgB,EAAE,yCAAyC;gBAC3D,OAAO,EAAE,oDAAoD;gBAC7D,WAAW,EAAE,2CAA2C;gBACxD,cAAc,EAAE,8CAA8C;gBAC9D,kBAAkB,EAAE,iDAAiD;aACtE;YACD,MAAM,EAAE;gBACN,EAAE,EAAE,4DAA4D;aACjE;SACO,CAAC;IAMR,CAAC;IAEJ;;OAEG;IACI,YAAY;QACjB,MAAM,YAAY,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QAC3D,MAAM,aAAa,GAAG,IAAA,mBAAU,EAAC,QAAQ,CAAC;aACvC,MAAM,CAAC,YAAY,CAAC;aACpB,MAAM,CAAC,WAAW,CAAC,CAAC;QAEvB,OAAO;YACL,aAAa,EAAE,YAAY;YAC3B,cAAc,EAAE,aAAa;YAC7B,qBAAqB,EAAE,MAAM;SAC9B,CAAC;IACJ,CAAC;IAED;;;;;;;OAOG;IACI,eAAe,CAAC,WAAmB,EAAE,KAAc,EAAE,IAAiB;QAC3E,sDAAsD;QACtD,MAAM,UAAU,GAAG,KAAK,IAAI,WAAW,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QAEzE,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,MAAM,EAAE,IAAI,CAAC,KAAK;YAClB,YAAY,EAAE,WAAW;YACzB,KAAK,EAAE,UAAU;SAClB,CAAC,CAAC;QAEH,kCAAkC;QAClC,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;YACrD,MAAM,CAAC,MAAM,CAAC,uBAAuB,EAAE,IAAI,CAAC,qBAAqB,CAAC,CAAC;QACrE,CAAC;QAED,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,YAAY,IAAI,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;QAEvE,OAAO;YACL,GAAG;YACH,KAAK,EAAE,UAAU;SAClB,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,mBAAmB,CACxB,WAAmB,EACnB,KAAc,EACd,IAAiB;QAEjB,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,MAAM,EAAE,IAAI,CAAC,KAAK;YAClB,YAAY,EAAE,WAAW;YACzB,KAAK,EAAE,KAAK,IAAI,aAAa;SAC9B,CAAC,CAAC;QAEH,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;YACrD,MAAM,CAAC,MAAM,CAAC,uBAAuB,EAAE,IAAI,CAAC,qBAAqB,CAAC,CAAC;QACrE,CAAC;QAED,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,gBAAgB,IAAI,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;IACxE,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,gBAAgB,CAAC,MAAsB;QAClD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC;YACxC,MAAM,aAAa,GAA2B;gBAC5C,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,UAAU,EAAE,oBAAoB;gBAChC,YAAY,EAAE,MAAM,CAAC,YAAY;aAClC,CAAC;YAEF,2CAA2C;YAC3C,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;gBACzB,aAAa,CAAC,aAAa,GAAG,MAAM,CAAC,aAAa,CAAC;YACrD,CAAC;YAED,MAAM,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE;gBACvD,cAAc,EAAE,mCAAmC;aACpD,CAAC,CAAC;YAEH,2CAA2C;YAC3C,MAAM,QAAQ,GAAG,IAAI,eAAe,EAAE,CAAC;YACvC,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;gBACrD,QAAQ,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAC9B,CAAC,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAClD,MAAM,EACN,GAAG,EACH,QAAQ,CAAC,QAAQ,EAAE,EACnB;gBACE,cAAc,EAAE,mCAAmC;aACpD,CACF,CAAC;YAEF,IAAI,MAAM,CAAC,KAAK,KAAK,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,qBAAY,CACpB,MAAM,CAAC,iBAAiB;oBACtB,MAAM,CAAC,OAAO;oBACd,+BAA+B,EACjC,MAAM,CAAC,KAAK,EACZ,MAAM,CACP,CAAC;YACJ,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;gBACjB,MAAM,IAAI,qBAAY,CAAC,gCAAgC,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/D,CAAC;YAED,OAAO,MAAM,CAAC,IAAI,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,qBAAY,EAAE,CAAC;gBAClC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,qBAAY,CACpB,kCAAmC,KAAe,CAAC,OAAO,EAAE,EAC5D,CAAC,CAAC,EACF,KAAK,CACN,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,MAAsB;QAEtB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC;YAE5C,MAAM,QAAQ,GAAG,IAAI,eAAe,EAAE,CAAC;YACvC,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;YACrC,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;YACzC,QAAQ,CAAC,MAAM,CAAC,YAAY,EAAE,oBAAoB,CAAC,CAAC;YAEpD,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;gBACzB,QAAQ,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;YACzD,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAClD,MAAM,EACN,GAAG,EACH,QAAQ,CAAC,QAAQ,EAAE,EACnB;gBACE,cAAc,EAAE,mCAAmC;gBACnD,UAAU,EAAE,MAAM,CAAC,UAAU;aAC9B,CACF,CAAC;YAEF,oCAAoC;YACpC,IAAI,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,KAAK,KAAK,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,qBAAY,CACpB,MAAM,CAAC,iBAAiB;oBACtB,MAAM,CAAC,OAAO;oBACd,mCAAmC,EACrC,MAAM,CAAC,KAAK,EACZ,MAAM,CACP,CAAC;YACJ,CAAC;YAED,8CAA8C;YAC9C,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;gBAChB,OAAO,MAAM,CAAC,IAAI,CAAC;YACrB,CAAC;iBAAM,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;gBAC/B,OAAO;oBACL,YAAY,EAAE,MAAM,CAAC,YAAY;oBACjC,UAAU,EAAE,MAAM,CAAC,UAAU;oBAC7B,aAAa,EAAE,MAAM,CAAC,aAAa;iBACpC,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,qBAAY,CAAC,wCAAwC,EAAE,CAAC,CAAC,CAAC,CAAC;YACvE,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,qBAAY,EAAE,CAAC;gBAClC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,qBAAY,CACpB,sCAAuC,KAAe,CAAC,OAAO,EAAE,EAChE,CAAC,CAAC,EACF,KAAK,CACN,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,MAA0B;QAE1B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC;YAE/C,MAAM,QAAQ,GAAG,IAAI,eAAe,EAAE,CAAC;YACvC,QAAQ,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;YACvD,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;YACzC,QAAQ,CAAC,MAAM,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;YAE/C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAClD,MAAM,EACN,GAAG,EACH,QAAQ,CAAC,QAAQ,EAAE,EACnB;gBACE,cAAc,EAAE,mCAAmC;gBACnD,UAAU,EAAE,MAAM,CAAC,UAAU;aAC9B,CACF,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;gBACzB,MAAM,IAAI,qBAAY,CACpB,mDAAmD,EACnD,CAAC,CAAC,CACH,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,YAAY,EAAE,MAAM,CAAC,YAAY;gBACjC,aAAa,EAAE,MAAM,CAAC,aAAa;gBACnC,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC;aACxC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,qBAAY,EAAE,CAAC;gBAClC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,qBAAY,CACpB,sCAAuC,KAAe,CAAC,OAAO,EAAE,EAChE,CAAC,CAAC,EACF,KAAK,CACN,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,wBAAwB,CACnC,MAA0B;QAE1B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,kBAAkB,CAAC;YACxD,MAAM,aAAa,GAAG;gBACpB,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,UAAU,EAAE,eAAe;gBAC3B,aAAa,EAAE,MAAM,CAAC,aAAa;aACpC,CAAC;YAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,EAAE,EAAE,aAAa,CAAC,CAAC;YAErE,IAAI,MAAM,CAAC,KAAK,KAAK,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,qBAAY,CACpB,MAAM,CAAC,iBAAiB;oBACtB,MAAM,CAAC,OAAO;oBACd,uCAAuC,EACzC,MAAM,CAAC,KAAK,EACZ,MAAM,CACP,CAAC;YACJ,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;gBACjB,MAAM,IAAI,qBAAY,CACpB,+CAA+C,EAC/C,CAAC,CAAC,CACH,CAAC;YACJ,CAAC;YAED,OAAO,MAAM,CAAC,IAAI,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,qBAAY,EAAE,CAAC;gBAClC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,qBAAY,CACpB,0CAA2C,KAAe,CAAC,OAAO,EAAE,EACpE,CAAC,CAAC,EACF,KAAK,CACN,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,iBAAiB,CAC5B,WAAmB,EACnB,SAAiB,iBAAiB;QAElC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC;YACrC,MAAM,MAAM,GAAG,EAAE,MAAM,EAAE,CAAC;YAE1B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE;gBACvE,YAAY,EAAE,WAAW;aAC1B,CAAC,CAAC;YAEH,IAAI,MAAM,CAAC,KAAK,KAAK,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,qBAAY,CACpB,MAAM,CAAC,OAAO,IAAI,gCAAgC,EAClD,MAAM,CAAC,KAAK,EACZ,MAAM,CACP,CAAC;YACJ,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;gBACf,MAAM,IAAI,qBAAY,CAAC,uCAAuC,EAAE,CAAC,CAAC,CAAC,CAAC;YACtE,CAAC;YAED,OAAO;gBACL,EAAE,EAAE,MAAM,CAAC,EAAE;gBACb,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,YAAY,EAAE,MAAM,CAAC,YAAY;aAClC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,qBAAY,EAAE,CAAC;gBAClC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,qBAAY,CACpB,mCAAoC,KAAe,CAAC,OAAO,EAAE,EAC7D,CAAC,CAAC,EACF,KAAK,CACN,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,mBAAmB,CAC9B,WAAmB,EACnB,QAAmB,gBAAS,CAAC,MAAM;QAEnC,IAAI,CAAC;YACH,IAAI,KAAK,KAAK,gBAAS,CAAC,MAAM,EAAE,CAAC;gBAC/B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;gBACjE,OAAO;oBACL,KAAK,EAAE,IAAI;oBACX,SAAS,EAAE,QAAQ;iBACpB,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,6CAA6C;gBAC7C,kCAAkC;gBAClC,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;YACzB,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;QAC1B,CAAC;IACH,CAAC;IAED;;OAEG;IACI,WAAW,CAAC,WAAmB,EAAE,IAAiB;QACvD,MAAM,YAAY,GAAG,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;QAExE,OAAO;YACL,WAAW,EAAE,YAAY,CAAC,GAAG;YAC7B,eAAe,EAAE,IAAI,CAAC,mBAAmB,CAAC,WAAW,EAAE,SAAS,EAAE,IAAI,CAAC;YACvE,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,WAAW;YAC1C,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc;SAChD,CAAC;IACJ,CAAC;CACF;AA7YD,kCA6YC"}
|
package/dist/types/auth.d.ts
CHANGED
|
@@ -85,7 +85,7 @@ export interface AuthCodeParams {
|
|
|
85
85
|
*/
|
|
86
86
|
redirect_uri: string;
|
|
87
87
|
/**
|
|
88
|
-
* Code verifier for PKCE (Social API
|
|
88
|
+
* Code verifier for PKCE (supports both Social API and Official Account API)
|
|
89
89
|
*/
|
|
90
90
|
code_verifier?: string;
|
|
91
91
|
}
|
|
@@ -230,4 +230,17 @@ export interface AuthUrls {
|
|
|
230
230
|
*/
|
|
231
231
|
refresh_url: string;
|
|
232
232
|
}
|
|
233
|
+
/**
|
|
234
|
+
* Official Account authorization result
|
|
235
|
+
*/
|
|
236
|
+
export interface OAAuthResult {
|
|
237
|
+
/**
|
|
238
|
+
* Authorization URL
|
|
239
|
+
*/
|
|
240
|
+
url: string;
|
|
241
|
+
/**
|
|
242
|
+
* State parameter used (auto-generated if not provided)
|
|
243
|
+
*/
|
|
244
|
+
state: string;
|
|
245
|
+
}
|
|
233
246
|
//# sourceMappingURL=auth.d.ts.map
|
package/dist/types/auth.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/types/auth.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;CAC1C;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,IAAI,EAAE,MAAM,CAAC;IAEb;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,EAAE,EAAE,MAAM,CAAC;IAEX;;OAEG;IACH,IAAI,EAAE,MAAM,CAAC;IAEb;;OAEG;IACH,OAAO,CAAC,EAAE;QACR,IAAI,EAAE;YACJ,GAAG,EAAE,MAAM,CAAC;SACb,CAAC;KACH,CAAC;IAEF;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,QAAQ,CAAC,EAAE;QACT,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IAEF;;OAEG;IACH,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,KAAK,EAAE,OAAO,CAAC;IAEf;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,SAAS,CAAC,EAAE,cAAc,CAAC;CAC5B;AAED;;GAEG;AACH,oBAAY,SAAS;IACnB;;OAEG;IACH,EAAE,OAAO;IAET;;OAEG;IACH,MAAM,WAAW;IAEjB;;OAEG;IACH,GAAG,QAAQ;CACZ;AAED;;GAEG;AACH,oBAAY,UAAU;IACpB;;OAEG;IACH,kBAAkB,uBAAuB;IAEzC;;OAEG;IACH,aAAa,kBAAkB;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,cAAc,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,qBAAqB,EAAE,MAAM,GAAG,OAAO,CAAC;CACzC;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,eAAe,EAAE,MAAM,CAAC;IAExB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;CACrB"}
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/types/auth.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;CAC1C;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,IAAI,EAAE,MAAM,CAAC;IAEb;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,EAAE,EAAE,MAAM,CAAC;IAEX;;OAEG;IACH,IAAI,EAAE,MAAM,CAAC;IAEb;;OAEG;IACH,OAAO,CAAC,EAAE;QACR,IAAI,EAAE;YACJ,GAAG,EAAE,MAAM,CAAC;SACb,CAAC;KACH,CAAC;IAEF;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,QAAQ,CAAC,EAAE;QACT,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IAEF;;OAEG;IACH,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,KAAK,EAAE,OAAO,CAAC;IAEf;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,SAAS,CAAC,EAAE,cAAc,CAAC;CAC5B;AAED;;GAEG;AACH,oBAAY,SAAS;IACnB;;OAEG;IACH,EAAE,OAAO;IAET;;OAEG;IACH,MAAM,WAAW;IAEjB;;OAEG;IACH,GAAG,QAAQ;CACZ;AAED;;GAEG;AACH,oBAAY,UAAU;IACpB;;OAEG;IACH,kBAAkB,uBAAuB;IAEzC;;OAEG;IACH,aAAa,kBAAkB;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,cAAc,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,qBAAqB,EAAE,MAAM,GAAG,OAAO,CAAC;CACzC;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,eAAe,EAAE,MAAM,CAAC;IAExB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IAEZ;;OAEG;IACH,KAAK,EAAE,MAAM,CAAC;CACf"}
|
package/dist/zalo-sdk.d.ts
CHANGED
|
@@ -91,9 +91,19 @@ export declare class ZaloSDK {
|
|
|
91
91
|
* Quick method to process webhook
|
|
92
92
|
*/
|
|
93
93
|
/**
|
|
94
|
-
* Create OA authorization URL
|
|
94
|
+
* Create OA authorization URL with PKCE support
|
|
95
|
+
* @deprecated Use auth.createOAAuthUrl() directly for full control over PKCE and state
|
|
95
96
|
*/
|
|
96
97
|
createOAAuthUrl(redirectUri: string, state?: string): string;
|
|
98
|
+
/**
|
|
99
|
+
* Create OA authorization URL with full PKCE support
|
|
100
|
+
* Returns both URL and state for enhanced security
|
|
101
|
+
*/
|
|
102
|
+
createSecureOAAuthUrl(redirectUri: string, state?: string, enablePKCE?: boolean): import("./types/auth").OAAuthResult | {
|
|
103
|
+
pkce: import("./types/auth").PKCEConfig;
|
|
104
|
+
url: string;
|
|
105
|
+
state: string;
|
|
106
|
+
};
|
|
97
107
|
/**
|
|
98
108
|
* Create Social authorization URL
|
|
99
109
|
*/
|
package/dist/zalo-sdk.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"zalo-sdk.d.ts","sourceRoot":"","sources":["../src/zalo-sdk.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAElD,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAEtD,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AACvE,OAAO,EAAE,sBAAsB,EAAE,MAAM,qCAAqC,CAAC;AAC7E,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAGrE,OAAO,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AACtE,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAC;AACpE,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAC;AAC3E,OAAO,EAAE,wBAAwB,EAAE,MAAM,uCAAuC,CAAC;AACjF,OAAO,EACL,aAAa,EAId,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,WAAW,EAGX,cAAc,EACf,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAG3E;;GAEG;AACH,qBAAa,OAAO;IAClB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAa;IACpC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAGhC,SAAgB,IAAI,EAAE,WAAW,CAAC;IAClC,SAAgB,EAAE,EAAE,SAAS,CAAC;IAE9B,SAAgB,IAAI,EAAE,WAAW,CAAC;IAElC,SAAgB,GAAG,EAAE,UAAU,CAAC;IAChC,SAAgB,YAAY,EAAE,mBAAmB,CAAC;IAClD,SAAgB,eAAe,EAAE,sBAAsB,CAAC;IACxD,SAAgB,OAAO,EAAE,cAAc,CAAC;IACxC,SAAgB,WAAW,EAAE,kBAAkB,CAAC;IAGhD,SAAgB,YAAY,EAAE,mBAAmB,CAAC;IAClD,SAAgB,WAAW,EAAE,kBAAkB,CAAC;IAChD,SAAgB,SAAS,EAAE,gBAAgB,CAAC;IAC5C,SAAgB,cAAc,EAAE,qBAAqB,CAAC;IACtD,SAAgB,iBAAiB,EAAE,wBAAwB,CAAC;IAG5D,SAAgB,MAAM,EAAE,QAAQ,CAAC,aAAa,CAAC,CAAC;gBAEpC,MAAM,EAAE,aAAa;IAwDjC;;OAEG;IACU,gBAAgB,CAC3B,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,WAAW,CAAC;IAWvB;;OAEG;IACU,oBAAoB,CAC/B,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,EACnB,YAAY,CAAC,EAAE,MAAM,GACpB,OAAO,CAAC,WAAW,CAAC;IAYvB;;OAEG;IACU,oBAAoB,CAC/B,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,WAAW,CAAC;IAUvB;;OAEG;IACU,wBAAwB,CACnC,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,WAAW,CAAC;IAUvB;;OAEG;IACU,SAAS,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAI5D;;OAEG;IACU,eAAe,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IAIxE;;OAEG;IACU,iBAAiB,CAC5B,WAAW,EAAE,MAAM,EACnB,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,cAAc,CAAC;IAI1B;;OAEG;IACU,oBAAoB,CAC/B,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,mBAAmB,CAAC;IAQ/B;;OAEG;IACU,WAAW,CACtB,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,QAAQ,CAAC;IAIpB;;OAEG;IACU,WAAW,CACtB,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,eAAe,GACvB,OAAO,CAAC,gBAAgB,CAAC;IAI5B;;OAEG;IACU,YAAY,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAIzE;;OAEG;IAKH;;OAEG;IASH
|
|
1
|
+
{"version":3,"file":"zalo-sdk.d.ts","sourceRoot":"","sources":["../src/zalo-sdk.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAElD,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAEtD,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AACvE,OAAO,EAAE,sBAAsB,EAAE,MAAM,qCAAqC,CAAC;AAC7E,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAGrE,OAAO,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AACtE,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAC;AACpE,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAC;AAC3E,OAAO,EAAE,wBAAwB,EAAE,MAAM,uCAAuC,CAAC;AACjF,OAAO,EACL,aAAa,EAId,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,WAAW,EAGX,cAAc,EACf,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAG3E;;GAEG;AACH,qBAAa,OAAO;IAClB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAa;IACpC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAGhC,SAAgB,IAAI,EAAE,WAAW,CAAC;IAClC,SAAgB,EAAE,EAAE,SAAS,CAAC;IAE9B,SAAgB,IAAI,EAAE,WAAW,CAAC;IAElC,SAAgB,GAAG,EAAE,UAAU,CAAC;IAChC,SAAgB,YAAY,EAAE,mBAAmB,CAAC;IAClD,SAAgB,eAAe,EAAE,sBAAsB,CAAC;IACxD,SAAgB,OAAO,EAAE,cAAc,CAAC;IACxC,SAAgB,WAAW,EAAE,kBAAkB,CAAC;IAGhD,SAAgB,YAAY,EAAE,mBAAmB,CAAC;IAClD,SAAgB,WAAW,EAAE,kBAAkB,CAAC;IAChD,SAAgB,SAAS,EAAE,gBAAgB,CAAC;IAC5C,SAAgB,cAAc,EAAE,qBAAqB,CAAC;IACtD,SAAgB,iBAAiB,EAAE,wBAAwB,CAAC;IAG5D,SAAgB,MAAM,EAAE,QAAQ,CAAC,aAAa,CAAC,CAAC;gBAEpC,MAAM,EAAE,aAAa;IAwDjC;;OAEG;IACU,gBAAgB,CAC3B,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,WAAW,CAAC;IAWvB;;OAEG;IACU,oBAAoB,CAC/B,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,EACnB,YAAY,CAAC,EAAE,MAAM,GACpB,OAAO,CAAC,WAAW,CAAC;IAYvB;;OAEG;IACU,oBAAoB,CAC/B,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,WAAW,CAAC;IAUvB;;OAEG;IACU,wBAAwB,CACnC,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,WAAW,CAAC;IAUvB;;OAEG;IACU,SAAS,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAI5D;;OAEG;IACU,eAAe,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IAIxE;;OAEG;IACU,iBAAiB,CAC5B,WAAW,EAAE,MAAM,EACnB,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,cAAc,CAAC;IAI1B;;OAEG;IACU,oBAAoB,CAC/B,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,mBAAmB,CAAC;IAQ/B;;OAEG;IACU,WAAW,CACtB,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,QAAQ,CAAC;IAIpB;;OAEG;IACU,WAAW,CACtB,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,eAAe,GACvB,OAAO,CAAC,gBAAgB,CAAC;IAI5B;;OAEG;IACU,YAAY,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAIzE;;OAEG;IAKH;;OAEG;IASH;;;OAGG;IACI,eAAe,CAAC,WAAW,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM;IAKnE;;;OAGG;IACI,qBAAqB,CAAC,WAAW,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,EAAE,UAAU,GAAE,OAAc;;;;;IAa5F;;OAEG;IACI,mBAAmB,CAAC,WAAW,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM;IAIvE;;OAEG;IACI,YAAY;IAInB;;OAEG;IACU,mBAAmB,CAC9B,WAAW,EAAE,MAAM,EACnB,KAAK,GAAE,IAAI,GAAG,QAAmB,GAChC,OAAO,CAAC,OAAO,CAAC;IAcnB;;OAEG;IACI,UAAU,IAAI,MAAM;IAI3B;;OAEG;IACI,SAAS,IAAI,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,WAAW,CAAC;IAK9D;;OAEG;IACI,QAAQ,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAQvC;;OAEG;IACU,cAAc,IAAI,OAAO,CAAC,OAAO,CAAC;IAqB/C;;OAEG;IACU,aAAa,CAAC,CAAC,GAAG,GAAG,EAChC,MAAM,EAAE,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,EACzC,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,MAAM,EACnB,IAAI,CAAC,EAAE,GAAG,EACV,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAC3B,OAAO,CAAC,CAAC,CAAC;IAeb;;OAEG;IACU,UAAU,CAAC,CAAC,GAAG,GAAG,EAC7B,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE,MAAM,GAAG,MAAM,CAAC,cAAc,EACpC,QAAQ,EAAE,MAAM,EAChB,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GACrC,OAAO,CAAC,CAAC,CAAC;IAUb;;OAEG;IACI,OAAO,IAAI,IAAI;CAGvB"}
|
package/dist/zalo-sdk.js
CHANGED
|
@@ -179,10 +179,29 @@ class ZaloSDK {
|
|
|
179
179
|
// return this.webhook.processWebhook(payload, signature, timestamp);
|
|
180
180
|
// }
|
|
181
181
|
/**
|
|
182
|
-
* Create OA authorization URL
|
|
182
|
+
* Create OA authorization URL with PKCE support
|
|
183
|
+
* @deprecated Use auth.createOAAuthUrl() directly for full control over PKCE and state
|
|
183
184
|
*/
|
|
184
185
|
createOAAuthUrl(redirectUri, state) {
|
|
185
|
-
|
|
186
|
+
const result = this.auth.createOAAuthUrl(redirectUri, state);
|
|
187
|
+
return result.url;
|
|
188
|
+
}
|
|
189
|
+
/**
|
|
190
|
+
* Create OA authorization URL with full PKCE support
|
|
191
|
+
* Returns both URL and state for enhanced security
|
|
192
|
+
*/
|
|
193
|
+
createSecureOAAuthUrl(redirectUri, state, enablePKCE = true) {
|
|
194
|
+
if (enablePKCE) {
|
|
195
|
+
const pkce = this.auth.generatePKCE();
|
|
196
|
+
const result = this.auth.createOAAuthUrl(redirectUri, state, pkce);
|
|
197
|
+
return {
|
|
198
|
+
...result,
|
|
199
|
+
pkce
|
|
200
|
+
};
|
|
201
|
+
}
|
|
202
|
+
else {
|
|
203
|
+
return this.auth.createOAAuthUrl(redirectUri, state);
|
|
204
|
+
}
|
|
186
205
|
}
|
|
187
206
|
/**
|
|
188
207
|
* Create Social authorization URL
|
package/dist/zalo-sdk.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"zalo-sdk.js","sourceRoot":"","sources":["../src/zalo-sdk.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,uDAAmD;AACnD,0DAAsD;AACtD,sDAAkD;AAClD,mGAAmG;AACnG,0DAAsD;AACtD,+DAA+D;AAC/D,wDAAoD;AACpD,4EAAuE;AACvE,kFAA6E;AAC7E,gEAA4D;AAC5D,0EAAqE;AAErE,mBAAmB;AACnB,0EAAsE;AACtE,wEAAoE;AACpE,oEAAgE;AAChE,gFAA2E;AAC3E,sFAAiF;AACjF,2CAKwB;AAUxB,qDAAqD;AAErD;;GAEG;AACH,MAAa,OAAO;IA0BlB,YAAY,MAAqB;QAC/B,kCAAkC;QAClC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YAClB,MAAM,IAAI,qBAAY,CAAC,wCAAwC,CAAC,CAAC;QACnE,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YACtB,MAAM,IAAI,qBAAY,CAAC,4CAA4C,CAAC,CAAC;QACvE,CAAC;QAED,4BAA4B;QAC5B,IAAI,CAAC,MAAM,GAAG;YACZ,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,KAAK;YAChC,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,KAAK;YAC5B,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,yBAAyB;YAC1D,KAAK,EAAE;gBACL,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,QAAQ,IAAI,CAAC;gBACrC,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,KAAK,IAAI,IAAI;gBAClC,GAAG,MAAM,CAAC,KAAK;aAChB;SACF,CAAC;QAEF,IAAI,CAAC,MAAM,GAAG,IAAI,sBAAa,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,IAAI,wBAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAE1C,sBAAsB;QACtB,IAAI,CAAC,IAAI,GAAG,IAAI,0BAAW,CACzB,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,MAAM,CAAC,KAAK,EACjB,IAAI,CAAC,MAAM,CAAC,SAAS,CACtB,CAAC;QACF,IAAI,CAAC,EAAE,GAAG,IAAI,sBAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACrC,8FAA8F;QAC9F,IAAI,CAAC,IAAI,GAAG,IAAI,0BAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzC,+EAA+E;QAC/E,IAAI,CAAC,GAAG,GAAG,IAAI,wBAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,CAAC,YAAY,GAAG,IAAI,2CAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzD,IAAI,CAAC,eAAe,GAAG,IAAI,iDAAsB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC/D,IAAI,CAAC,OAAO,GAAG,IAAI,gCAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC/C,IAAI,CAAC,WAAW,GAAG,IAAI,yCAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAEvD,8BAA8B;QAC9B,IAAI,CAAC,YAAY,GAAG,IAAI,0CAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzD,IAAI,CAAC,WAAW,GAAG,IAAI,wCAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvD,IAAI,CAAC,SAAS,GAAG,IAAI,oCAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnD,IAAI,CAAC,cAAc,GAAG,IAAI,+CAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7D,IAAI,CAAC,iBAAiB,GAAG,IAAI,qDAAwB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAEnE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sBAAsB,EAAE;YACvC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACxB,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACxB,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;SAC7B,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,gBAAgB,CAC3B,IAAY,EACZ,WAAmB;QAEnB,MAAM,MAAM,GAAmB;YAC7B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,IAAI;YACJ,YAAY,EAAE,WAAW;SAC1B,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAC5C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,IAAY,EACZ,WAAmB,EACnB,YAAqB;QAErB,MAAM,MAAM,GAAmB;YAC7B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,IAAI;YACJ,YAAY,EAAE,WAAW;YACzB,aAAa,EAAE,YAAY,IAAI,EAAE;SAClC,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,YAAoB;QAEpB,MAAM,MAAM,GAAuB;YACjC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,aAAa,EAAE,YAAY;SAC5B,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,wBAAwB,CACnC,YAAoB;QAEpB,MAAM,MAAM,GAAuB;YACjC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,aAAa,EAAE,YAAY;SAC5B,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,SAAS,CAAC,WAAmB;QACxC,OAAO,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;IACxC,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,eAAe,CAAC,WAAmB;QAC9C,OAAO,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC;IAC9C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,iBAAiB,CAC5B,WAAmB,EACnB,MAAe;QAEf,OAAO,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IAC1D,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,WAAmB,EACnB,MAAc,EACd,IAAY;QAEZ,OAAO,IAAI,CAAC,YAAY,CAAC,eAAe,CACtC,WAAW,EACX,EAAE,OAAO,EAAE,MAAM,EAAE,EACnB,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CACvB,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,WAAW,CACtB,WAAmB,EACnB,MAAc;QAEd,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,WAAW,CACtB,WAAmB,EACnB,OAAwB;QAExB,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACrD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,YAAY,CAAC,WAAmB;QAC3C,OAAO,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,oEAAoE;IACpE,6CAA6C;IAC7C,IAAI;IAEJ;;OAEG;IACH,+BAA+B;IAC/B,qBAAqB;IACrB,wBAAwB;IACxB,uBAAuB;IACvB,qBAAqB;IACrB,uEAAuE;IACvE,IAAI;IAEJ
|
|
1
|
+
{"version":3,"file":"zalo-sdk.js","sourceRoot":"","sources":["../src/zalo-sdk.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,uDAAmD;AACnD,0DAAsD;AACtD,sDAAkD;AAClD,mGAAmG;AACnG,0DAAsD;AACtD,+DAA+D;AAC/D,wDAAoD;AACpD,4EAAuE;AACvE,kFAA6E;AAC7E,gEAA4D;AAC5D,0EAAqE;AAErE,mBAAmB;AACnB,0EAAsE;AACtE,wEAAoE;AACpE,oEAAgE;AAChE,gFAA2E;AAC3E,sFAAiF;AACjF,2CAKwB;AAUxB,qDAAqD;AAErD;;GAEG;AACH,MAAa,OAAO;IA0BlB,YAAY,MAAqB;QAC/B,kCAAkC;QAClC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YAClB,MAAM,IAAI,qBAAY,CAAC,wCAAwC,CAAC,CAAC;QACnE,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YACtB,MAAM,IAAI,qBAAY,CAAC,4CAA4C,CAAC,CAAC;QACvE,CAAC;QAED,4BAA4B;QAC5B,IAAI,CAAC,MAAM,GAAG;YACZ,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,KAAK;YAChC,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,KAAK;YAC5B,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,yBAAyB;YAC1D,KAAK,EAAE;gBACL,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,QAAQ,IAAI,CAAC;gBACrC,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,KAAK,IAAI,IAAI;gBAClC,GAAG,MAAM,CAAC,KAAK;aAChB;SACF,CAAC;QAEF,IAAI,CAAC,MAAM,GAAG,IAAI,sBAAa,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,IAAI,wBAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAE1C,sBAAsB;QACtB,IAAI,CAAC,IAAI,GAAG,IAAI,0BAAW,CACzB,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,MAAM,CAAC,KAAK,EACjB,IAAI,CAAC,MAAM,CAAC,SAAS,CACtB,CAAC;QACF,IAAI,CAAC,EAAE,GAAG,IAAI,sBAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACrC,8FAA8F;QAC9F,IAAI,CAAC,IAAI,GAAG,IAAI,0BAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzC,+EAA+E;QAC/E,IAAI,CAAC,GAAG,GAAG,IAAI,wBAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,CAAC,YAAY,GAAG,IAAI,2CAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzD,IAAI,CAAC,eAAe,GAAG,IAAI,iDAAsB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC/D,IAAI,CAAC,OAAO,GAAG,IAAI,gCAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC/C,IAAI,CAAC,WAAW,GAAG,IAAI,yCAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAEvD,8BAA8B;QAC9B,IAAI,CAAC,YAAY,GAAG,IAAI,0CAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzD,IAAI,CAAC,WAAW,GAAG,IAAI,wCAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvD,IAAI,CAAC,SAAS,GAAG,IAAI,oCAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnD,IAAI,CAAC,cAAc,GAAG,IAAI,+CAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7D,IAAI,CAAC,iBAAiB,GAAG,IAAI,qDAAwB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAEnE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sBAAsB,EAAE;YACvC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACxB,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACxB,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;SAC7B,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,gBAAgB,CAC3B,IAAY,EACZ,WAAmB;QAEnB,MAAM,MAAM,GAAmB;YAC7B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,IAAI;YACJ,YAAY,EAAE,WAAW;SAC1B,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAC5C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,IAAY,EACZ,WAAmB,EACnB,YAAqB;QAErB,MAAM,MAAM,GAAmB;YAC7B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,IAAI;YACJ,YAAY,EAAE,WAAW;YACzB,aAAa,EAAE,YAAY,IAAI,EAAE;SAClC,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,YAAoB;QAEpB,MAAM,MAAM,GAAuB;YACjC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,aAAa,EAAE,YAAY;SAC5B,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,wBAAwB,CACnC,YAAoB;QAEpB,MAAM,MAAM,GAAuB;YACjC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,aAAa,EAAE,YAAY;SAC5B,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,SAAS,CAAC,WAAmB;QACxC,OAAO,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;IACxC,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,eAAe,CAAC,WAAmB;QAC9C,OAAO,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC;IAC9C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,iBAAiB,CAC5B,WAAmB,EACnB,MAAe;QAEf,OAAO,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IAC1D,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,WAAmB,EACnB,MAAc,EACd,IAAY;QAEZ,OAAO,IAAI,CAAC,YAAY,CAAC,eAAe,CACtC,WAAW,EACX,EAAE,OAAO,EAAE,MAAM,EAAE,EACnB,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CACvB,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,WAAW,CACtB,WAAmB,EACnB,MAAc;QAEd,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,WAAW,CACtB,WAAmB,EACnB,OAAwB;QAExB,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACrD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,YAAY,CAAC,WAAmB;QAC3C,OAAO,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,oEAAoE;IACpE,6CAA6C;IAC7C,IAAI;IAEJ;;OAEG;IACH,+BAA+B;IAC/B,qBAAqB;IACrB,wBAAwB;IACxB,uBAAuB;IACvB,qBAAqB;IACrB,uEAAuE;IACvE,IAAI;IAEJ;;;OAGG;IACI,eAAe,CAAC,WAAmB,EAAE,KAAc;QACxD,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;QAC7D,OAAO,MAAM,CAAC,GAAG,CAAC;IACpB,CAAC;IAED;;;OAGG;IACI,qBAAqB,CAAC,WAAmB,EAAE,KAAc,EAAE,aAAsB,IAAI;QAC1F,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACtC,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;YACnE,OAAO;gBACL,GAAG,MAAM;gBACT,IAAI;aACL,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;QACvD,CAAC;IACH,CAAC;IAED;;OAEG;IACI,mBAAmB,CAAC,WAAmB,EAAE,KAAc;QAC5D,OAAO,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;IAC3D,CAAC;IAED;;OAEG;IACI,YAAY;QACjB,OAAO,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;IAClC,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,mBAAmB,CAC9B,WAAmB,EACnB,QAAyB,QAAQ;QAEjC,IAAI,CAAC;YACH,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;gBACnB,OAAO,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC;YAC9C,CAAC;iBAAM,CAAC;gBACN,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC;gBACpE,OAAO,UAAU,CAAC,KAAK,CAAC;YAC1B,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA6B,KAAe,CAAC,OAAO,EAAE,CAAC,CAAC;YACzE,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACI,UAAU;QACf,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACI,SAAS;QACd,MAAM,EAAE,SAAS,EAAE,GAAG,UAAU,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC;QACjD,OAAO,UAAU,CAAC;IACpB,CAAC;IAED;;OAEG;IACI,QAAQ,CAAC,OAAgB;QAC7B,IAAI,CAAC,MAAc,CAAC,KAAK,GAAG,OAAO,CAAC;QACrC,8EAA8E;QAC9E,IAAI,OAAO,KAAK,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YAClC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,cAAc;QACzB,IAAI,CAAC;YACH,oDAAoD;YACpD,MAAM,OAAO,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,gBAAgB,CAAC;YAC1D,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;YAChD,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,sEAAsE;YACtE,IACG,KAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC;gBAChD,KAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,EACxC,CAAC;gBACD,OAAO,IAAI,CAAC,CAAC,mDAAmD;YAClE,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2BAA4B,KAAe,CAAC,OAAO,EAAE,CAAC,CAAC;YACzE,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAID;;OAEG;IACI,KAAK,CAAC,aAAa,CACxB,MAAyC,EACzC,QAAgB,EAChB,WAAmB,EACnB,IAAU,EACV,MAA4B;QAE5B,QAAQ,MAAM,EAAE,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAI,QAAQ,EAAE,WAAW,EAAE,MAAM,CAAC,CAAC;YAC9D,KAAK,MAAM;gBACT,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAI,QAAQ,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;YACrE,KAAK,KAAK;gBACR,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAI,QAAQ,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;YACpE,KAAK,QAAQ;gBACX,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAI,QAAQ,EAAE,WAAW,EAAE,MAAM,CAAC,CAAC;YACjE;gBACE,MAAM,IAAI,qBAAY,CAAC,4BAA4B,MAAM,EAAE,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,UAAU,CACrB,QAAgB,EAChB,WAAmB,EACnB,IAAoC,EACpC,QAAgB,EAChB,gBAAsC;QAEtC,OAAO,IAAI,CAAC,MAAM,CAAC,aAAa,CAC9B,QAAQ,EACR,WAAW,EACX,IAAI,EACJ,QAAQ,EACR,gBAAgB,CACjB,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,OAAO;QACZ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACxC,CAAC;CACF;AAvYD,0BAuYC"}
|
package/docs/AUTHENTICATION.md
CHANGED
|
@@ -4,10 +4,10 @@
|
|
|
4
4
|
|
|
5
5
|
RedAI Zalo SDK hỗ trợ đầy đủ các authentication flows của Zalo, bao gồm:
|
|
6
6
|
|
|
7
|
-
- **Official Account (OA) Authentication** - Để truy cập OA APIs
|
|
8
|
-
- **Social API Authentication** - Để truy cập thông tin user social
|
|
7
|
+
- **Official Account (OA) Authentication** - Để truy cập OA APIs (hỗ trợ PKCE)
|
|
8
|
+
- **Social API Authentication** - Để truy cập thông tin user social (hỗ trợ PKCE)
|
|
9
9
|
- **Token Management** - Refresh và validate tokens
|
|
10
|
-
- **PKCE Support** - Security enhancement cho Social API
|
|
10
|
+
- **PKCE Support** - Security enhancement cho cả OA và Social API
|
|
11
11
|
|
|
12
12
|
---
|
|
13
13
|
|
|
@@ -15,6 +15,8 @@ RedAI Zalo SDK hỗ trợ đầy đủ các authentication flows của Zalo, bao
|
|
|
15
15
|
|
|
16
16
|
### 1. Tạo Authorization URL
|
|
17
17
|
|
|
18
|
+
#### Cách 1: Basic Authentication (không PKCE)
|
|
19
|
+
|
|
18
20
|
```typescript
|
|
19
21
|
import { ZaloSDK } from "@warriorteam/redai-zalo-sdk";
|
|
20
22
|
|
|
@@ -23,37 +25,76 @@ const zalo = new ZaloSDK({
|
|
|
23
25
|
appSecret: "your-oa-app-secret"
|
|
24
26
|
});
|
|
25
27
|
|
|
26
|
-
// Tạo authorization URL cho OA
|
|
27
|
-
const
|
|
28
|
-
"https://your-app.com/auth/callback"
|
|
29
|
-
"optional-state-parameter" // state (tùy chọn)
|
|
28
|
+
// Tạo authorization URL cho OA - state sẽ được tự động sinh với prefix 'zalo_oa_'
|
|
29
|
+
const authResult = zalo.auth.createOAAuthUrl(
|
|
30
|
+
"https://your-app.com/auth/callback" // redirect_uri
|
|
30
31
|
);
|
|
31
32
|
|
|
32
|
-
console.log("Redirect user to:",
|
|
33
|
-
|
|
33
|
+
console.log("Redirect user to:", authResult.url);
|
|
34
|
+
console.log("Generated state:", authResult.state);
|
|
35
|
+
// Output:
|
|
36
|
+
// - url: https://oauth.zaloapp.com/v4/oa/permission?app_id=xxx&redirect_uri=xxx&state=zalo_oa_abc123...
|
|
37
|
+
// - state: zalo_oa_abc123def456...
|
|
38
|
+
|
|
39
|
+
// Hoặc với custom state
|
|
40
|
+
const customAuthResult = zalo.auth.createOAAuthUrl(
|
|
41
|
+
"https://your-app.com/auth/callback",
|
|
42
|
+
"my-custom-state"
|
|
43
|
+
);
|
|
44
|
+
```
|
|
45
|
+
|
|
46
|
+
#### Cách 2: Enhanced Security với PKCE (Khuyến nghị)
|
|
47
|
+
|
|
48
|
+
```typescript
|
|
49
|
+
// Bước 1: Tạo PKCE configuration
|
|
50
|
+
const pkce = zalo.auth.generatePKCE();
|
|
51
|
+
console.log("PKCE Config:", {
|
|
52
|
+
code_verifier: pkce.code_verifier, // Lưu trữ an toàn - cần cho bước exchange token
|
|
53
|
+
code_challenge: pkce.code_challenge, // Sẽ được gửi trong URL
|
|
54
|
+
code_challenge_method: pkce.code_challenge_method // "S256"
|
|
55
|
+
});
|
|
56
|
+
|
|
57
|
+
// Bước 2: Tạo authorization URL với PKCE
|
|
58
|
+
const authResult = zalo.auth.createOAAuthUrl(
|
|
59
|
+
"https://your-app.com/auth/callback",
|
|
60
|
+
"my-secure-state", // optional custom state
|
|
61
|
+
pkce // PKCE config
|
|
62
|
+
);
|
|
63
|
+
|
|
64
|
+
console.log("Secure auth URL:", authResult.url);
|
|
65
|
+
console.log("State to verify:", authResult.state);
|
|
66
|
+
|
|
67
|
+
// ⚠️ QUAN TRỌNG: Lưu trữ code_verifier và state để sử dụng ở bước exchange token
|
|
68
|
+
// Ví dụ: lưu vào session, database, hoặc secure storage
|
|
69
|
+
sessionStorage.setItem('pkce_code_verifier', pkce.code_verifier);
|
|
70
|
+
sessionStorage.setItem('auth_state', authResult.state);
|
|
34
71
|
```
|
|
35
72
|
|
|
36
73
|
### 2. Xử lý Callback và Lấy Access Token
|
|
37
74
|
|
|
75
|
+
#### Cách 1: Basic Token Exchange
|
|
76
|
+
|
|
38
77
|
```typescript
|
|
39
78
|
// Trong route callback của bạn
|
|
40
79
|
app.get('/auth/callback', async (req, res) => {
|
|
41
80
|
const { code, state } = req.query;
|
|
42
|
-
|
|
81
|
+
|
|
43
82
|
try {
|
|
44
83
|
// Lấy access token từ authorization code
|
|
45
|
-
const tokenResponse = await zalo.getOAAccessToken(
|
|
46
|
-
|
|
47
|
-
"
|
|
48
|
-
|
|
49
|
-
|
|
84
|
+
const tokenResponse = await zalo.auth.getOAAccessToken({
|
|
85
|
+
app_id: "your-oa-app-id",
|
|
86
|
+
app_secret: "your-oa-app-secret",
|
|
87
|
+
code: code as string,
|
|
88
|
+
redirect_uri: "https://your-app.com/auth/callback"
|
|
89
|
+
});
|
|
90
|
+
|
|
50
91
|
console.log("OA Access Token:", tokenResponse.access_token);
|
|
51
92
|
console.log("Refresh Token:", tokenResponse.refresh_token);
|
|
52
93
|
console.log("Expires In:", tokenResponse.expires_in); // seconds
|
|
53
|
-
|
|
94
|
+
|
|
54
95
|
// Lưu tokens vào database/session
|
|
55
96
|
await saveTokens(tokenResponse);
|
|
56
|
-
|
|
97
|
+
|
|
57
98
|
res.redirect('/dashboard');
|
|
58
99
|
} catch (error) {
|
|
59
100
|
console.error("Auth error:", error);
|
|
@@ -62,7 +103,88 @@ app.get('/auth/callback', async (req, res) => {
|
|
|
62
103
|
});
|
|
63
104
|
```
|
|
64
105
|
|
|
65
|
-
|
|
106
|
+
#### Cách 2: Secure Token Exchange với PKCE
|
|
107
|
+
|
|
108
|
+
```typescript
|
|
109
|
+
app.get('/auth/callback', async (req, res) => {
|
|
110
|
+
const { code, state } = req.query;
|
|
111
|
+
|
|
112
|
+
try {
|
|
113
|
+
// Bước 1: Verify state để chống CSRF attack
|
|
114
|
+
const storedState = sessionStorage.getItem('auth_state');
|
|
115
|
+
if (state !== storedState) {
|
|
116
|
+
throw new Error('State mismatch - possible CSRF attack');
|
|
117
|
+
}
|
|
118
|
+
|
|
119
|
+
// Bước 2: Lấy code_verifier đã lưu trữ
|
|
120
|
+
const codeVerifier = sessionStorage.getItem('pkce_code_verifier');
|
|
121
|
+
if (!codeVerifier) {
|
|
122
|
+
throw new Error('Code verifier not found');
|
|
123
|
+
}
|
|
124
|
+
|
|
125
|
+
// Bước 3: Exchange authorization code với PKCE
|
|
126
|
+
const tokenResponse = await zalo.auth.getOAAccessToken({
|
|
127
|
+
app_id: "your-oa-app-id",
|
|
128
|
+
app_secret: "your-oa-app-secret",
|
|
129
|
+
code: code as string,
|
|
130
|
+
redirect_uri: "https://your-app.com/auth/callback",
|
|
131
|
+
code_verifier: codeVerifier // 🔐 PKCE code verifier
|
|
132
|
+
});
|
|
133
|
+
|
|
134
|
+
console.log("Secure OA Access Token:", tokenResponse.access_token);
|
|
135
|
+
|
|
136
|
+
// Bước 4: Xóa temporary data
|
|
137
|
+
sessionStorage.removeItem('auth_state');
|
|
138
|
+
sessionStorage.removeItem('pkce_code_verifier');
|
|
139
|
+
|
|
140
|
+
// Lưu tokens
|
|
141
|
+
await saveTokens(tokenResponse);
|
|
142
|
+
|
|
143
|
+
res.redirect('/dashboard');
|
|
144
|
+
} catch (error) {
|
|
145
|
+
console.error("Secure auth error:", error);
|
|
146
|
+
res.redirect('/auth/error');
|
|
147
|
+
}
|
|
148
|
+
});
|
|
149
|
+
```
|
|
150
|
+
|
|
151
|
+
### 3. PKCE Security Benefits
|
|
152
|
+
|
|
153
|
+
PKCE (Proof Key for Code Exchange) cung cấp các lợi ích bảo mật quan trọng:
|
|
154
|
+
|
|
155
|
+
#### 🔐 Tại sao nên sử dụng PKCE?
|
|
156
|
+
|
|
157
|
+
1. **Chống Authorization Code Interception**:
|
|
158
|
+
- Ngay cả khi authorization code bị đánh cắp, attacker không thể sử dụng mà không có `code_verifier`
|
|
159
|
+
|
|
160
|
+
2. **Không cần lưu trữ App Secret ở client**:
|
|
161
|
+
- PKCE cho phép public clients (mobile apps, SPAs) thực hiện OAuth flow an toàn
|
|
162
|
+
|
|
163
|
+
3. **Chống CSRF và Replay Attacks**:
|
|
164
|
+
- Mỗi request có unique `code_verifier` và `code_challenge`
|
|
165
|
+
|
|
166
|
+
#### 🛡️ PKCE Flow Security
|
|
167
|
+
|
|
168
|
+
```
|
|
169
|
+
1. Client tạo code_verifier (random string)
|
|
170
|
+
2. Client tạo code_challenge = SHA256(code_verifier)
|
|
171
|
+
3. Client gửi code_challenge trong authorization request
|
|
172
|
+
4. Authorization server lưu code_challenge
|
|
173
|
+
5. Client nhận authorization code
|
|
174
|
+
6. Client gửi code + code_verifier để exchange token
|
|
175
|
+
7. Server verify: SHA256(code_verifier) == stored code_challenge
|
|
176
|
+
8. Nếu match → trả về access token
|
|
177
|
+
```
|
|
178
|
+
|
|
179
|
+
#### ⚠️ Best Practices
|
|
180
|
+
|
|
181
|
+
- **Luôn sử dụng PKCE** cho production applications
|
|
182
|
+
- **Lưu trữ code_verifier an toàn** (session, secure storage)
|
|
183
|
+
- **Verify state parameter** để chống CSRF
|
|
184
|
+
- **Sử dụng HTTPS** cho tất cả OAuth endpoints
|
|
185
|
+
- **Set proper expiration** cho stored PKCE data
|
|
186
|
+
|
|
187
|
+
### 5. Token Response Structure
|
|
66
188
|
|
|
67
189
|
```typescript
|
|
68
190
|
interface AccessToken {
|
|
@@ -74,7 +196,7 @@ interface AccessToken {
|
|
|
74
196
|
}
|
|
75
197
|
```
|
|
76
198
|
|
|
77
|
-
###
|
|
199
|
+
### 6. Sử dụng Access Token
|
|
78
200
|
|
|
79
201
|
```typescript
|
|
80
202
|
// Lấy thông tin OA
|
|
@@ -0,0 +1,155 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Example: Official Account Authentication with PKCE
|
|
3
|
+
* Demonstrates how to use the updated createOAAuthUrl method with PKCE support
|
|
4
|
+
*/
|
|
5
|
+
|
|
6
|
+
import { ZaloSDK } from '../src';
|
|
7
|
+
|
|
8
|
+
// Initialize SDK
|
|
9
|
+
const sdk = new ZaloSDK({
|
|
10
|
+
appId: 'your_app_id',
|
|
11
|
+
appSecret: 'your_app_secret',
|
|
12
|
+
});
|
|
13
|
+
|
|
14
|
+
// Example 1: Basic OA Auth without PKCE
|
|
15
|
+
async function basicOAAuth() {
|
|
16
|
+
console.log('=== Basic OA Auth (without PKCE) ===');
|
|
17
|
+
|
|
18
|
+
const redirectUri = 'https://your-app.com/callback';
|
|
19
|
+
|
|
20
|
+
// Create auth URL - state will be auto-generated with 'zalo_oa_' prefix
|
|
21
|
+
const authResult = sdk.auth.createOAAuthUrl(redirectUri);
|
|
22
|
+
|
|
23
|
+
console.log('Authorization URL:', authResult.url);
|
|
24
|
+
console.log('Generated State:', authResult.state);
|
|
25
|
+
|
|
26
|
+
// You can also provide custom state
|
|
27
|
+
const customAuthResult = sdk.auth.createOAAuthUrl(redirectUri, 'my_custom_state');
|
|
28
|
+
console.log('Custom State URL:', customAuthResult.url);
|
|
29
|
+
console.log('Custom State:', customAuthResult.state);
|
|
30
|
+
}
|
|
31
|
+
|
|
32
|
+
// Example 2: OA Auth with PKCE for enhanced security
|
|
33
|
+
async function oaAuthWithPKCE() {
|
|
34
|
+
console.log('\n=== OA Auth with PKCE ===');
|
|
35
|
+
|
|
36
|
+
const redirectUri = 'https://your-app.com/callback';
|
|
37
|
+
|
|
38
|
+
// Step 1: Generate PKCE configuration
|
|
39
|
+
const pkce = sdk.auth.generatePKCE();
|
|
40
|
+
console.log('Generated PKCE:');
|
|
41
|
+
console.log('- Code Verifier:', pkce.code_verifier);
|
|
42
|
+
console.log('- Code Challenge:', pkce.code_challenge);
|
|
43
|
+
console.log('- Challenge Method:', pkce.code_challenge_method);
|
|
44
|
+
|
|
45
|
+
// Step 2: Create auth URL with PKCE
|
|
46
|
+
const authResult = sdk.auth.createOAAuthUrl(redirectUri, undefined, pkce);
|
|
47
|
+
|
|
48
|
+
console.log('\nAuthorization URL with PKCE:', authResult.url);
|
|
49
|
+
console.log('Generated State:', authResult.state);
|
|
50
|
+
|
|
51
|
+
// IMPORTANT: Store the code_verifier and state for later use
|
|
52
|
+
// You'll need these when exchanging the authorization code for access token
|
|
53
|
+
console.log('\n⚠️ IMPORTANT: Store these values for token exchange:');
|
|
54
|
+
console.log('- Code Verifier:', pkce.code_verifier);
|
|
55
|
+
console.log('- State:', authResult.state);
|
|
56
|
+
|
|
57
|
+
return { pkce, state: authResult.state };
|
|
58
|
+
}
|
|
59
|
+
|
|
60
|
+
// Example 3: Complete flow - Authorization + Token Exchange
|
|
61
|
+
async function completeOAFlow() {
|
|
62
|
+
console.log('\n=== Complete OA Flow with PKCE ===');
|
|
63
|
+
|
|
64
|
+
const redirectUri = 'https://your-app.com/callback';
|
|
65
|
+
|
|
66
|
+
// Step 1: Generate PKCE and create auth URL
|
|
67
|
+
const pkce = sdk.auth.generatePKCE();
|
|
68
|
+
const authResult = sdk.auth.createOAAuthUrl(redirectUri, 'my_oa_flow', pkce);
|
|
69
|
+
|
|
70
|
+
console.log('1. Redirect user to:', authResult.url);
|
|
71
|
+
console.log('2. Store state and code_verifier:', {
|
|
72
|
+
state: authResult.state,
|
|
73
|
+
code_verifier: pkce.code_verifier
|
|
74
|
+
});
|
|
75
|
+
|
|
76
|
+
// Step 2: After user authorizes and returns with code
|
|
77
|
+
// (This would happen in your callback handler)
|
|
78
|
+
const simulateCallback = async (authorizationCode: string, returnedState: string) => {
|
|
79
|
+
console.log('\n3. User returned with authorization code');
|
|
80
|
+
|
|
81
|
+
// Verify state matches
|
|
82
|
+
if (returnedState !== authResult.state) {
|
|
83
|
+
throw new Error('State mismatch - possible CSRF attack');
|
|
84
|
+
}
|
|
85
|
+
|
|
86
|
+
// Step 3: Exchange code for access token with PKCE
|
|
87
|
+
try {
|
|
88
|
+
const tokenResult = await sdk.auth.getOAAccessToken({
|
|
89
|
+
app_id: 'your_app_id',
|
|
90
|
+
app_secret: 'your_app_secret',
|
|
91
|
+
code: authorizationCode,
|
|
92
|
+
redirect_uri: redirectUri,
|
|
93
|
+
code_verifier: pkce.code_verifier, // Include code_verifier for PKCE
|
|
94
|
+
});
|
|
95
|
+
|
|
96
|
+
console.log('4. Successfully obtained access token:', {
|
|
97
|
+
access_token: tokenResult.access_token.substring(0, 20) + '...',
|
|
98
|
+
expires_in: tokenResult.expires_in,
|
|
99
|
+
has_refresh_token: !!tokenResult.refresh_token
|
|
100
|
+
});
|
|
101
|
+
|
|
102
|
+
return tokenResult;
|
|
103
|
+
} catch (error) {
|
|
104
|
+
console.error('Failed to exchange code for token:', error);
|
|
105
|
+
throw error;
|
|
106
|
+
}
|
|
107
|
+
};
|
|
108
|
+
|
|
109
|
+
// Simulate the callback (in real app, this would be handled by your callback endpoint)
|
|
110
|
+
console.log('\n--- Simulating callback ---');
|
|
111
|
+
// await simulateCallback('simulated_auth_code', authResult.state);
|
|
112
|
+
}
|
|
113
|
+
|
|
114
|
+
// Example 4: Using getAuthUrls method
|
|
115
|
+
async function getAuthUrlsExample() {
|
|
116
|
+
console.log('\n=== Get Auth URLs ===');
|
|
117
|
+
|
|
118
|
+
const redirectUri = 'https://your-app.com/callback';
|
|
119
|
+
const pkce = sdk.auth.generatePKCE();
|
|
120
|
+
|
|
121
|
+
const authUrls = sdk.auth.getAuthUrls(redirectUri, pkce);
|
|
122
|
+
|
|
123
|
+
console.log('All auth URLs:', {
|
|
124
|
+
oa_auth_url: authUrls.oa_auth_url,
|
|
125
|
+
social_auth_url: authUrls.social_auth_url,
|
|
126
|
+
token_url: authUrls.token_url,
|
|
127
|
+
refresh_url: authUrls.refresh_url
|
|
128
|
+
});
|
|
129
|
+
}
|
|
130
|
+
|
|
131
|
+
// Run examples
|
|
132
|
+
async function runExamples() {
|
|
133
|
+
try {
|
|
134
|
+
await basicOAAuth();
|
|
135
|
+
await oaAuthWithPKCE();
|
|
136
|
+
await completeOAFlow();
|
|
137
|
+
await getAuthUrlsExample();
|
|
138
|
+
} catch (error) {
|
|
139
|
+
console.error('Example error:', error);
|
|
140
|
+
}
|
|
141
|
+
}
|
|
142
|
+
|
|
143
|
+
// Export for use in other files
|
|
144
|
+
export {
|
|
145
|
+
basicOAAuth,
|
|
146
|
+
oaAuthWithPKCE,
|
|
147
|
+
completeOAFlow,
|
|
148
|
+
getAuthUrlsExample,
|
|
149
|
+
runExamples
|
|
150
|
+
};
|
|
151
|
+
|
|
152
|
+
// Run if this file is executed directly
|
|
153
|
+
if (require.main === module) {
|
|
154
|
+
runExamples();
|
|
155
|
+
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@warriorteam/redai-zalo-sdk",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.11.0",
|
|
4
4
|
"description": "Comprehensive TypeScript/JavaScript SDK for Zalo APIs - Official Account, ZNS, Consultation Service, Group Messaging, and Social APIs",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|