@warriorteam/redai-zalo-sdk 1.10.1 → 1.11.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +48 -0
- package/dist/services/auth.service.d.ts +12 -5
- package/dist/services/auth.service.d.ts.map +1 -1
- package/dist/services/auth.service.js +37 -8
- package/dist/services/auth.service.js.map +1 -1
- package/dist/types/auth.d.ts +18 -1
- package/dist/types/auth.d.ts.map +1 -1
- package/dist/zalo-sdk.d.ts +7 -1
- package/dist/zalo-sdk.d.ts.map +1 -1
- package/dist/zalo-sdk.js +12 -2
- package/dist/zalo-sdk.js.map +1 -1
- package/docs/AUTHENTICATION.md +164 -19
- package/examples/oa-auth-with-pkce.ts +179 -0
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -5,6 +5,54 @@ All notable changes to this project will be documented in this file.
|
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
7
7
|
|
|
8
|
+
## [1.11.1] - 2025-01-11
|
|
9
|
+
|
|
10
|
+
### 🔧 API IMPROVEMENTS
|
|
11
|
+
|
|
12
|
+
#### Method Signature Enhancement
|
|
13
|
+
- **IMPROVED**: `createOAAuthUrl()` method signature với better parameter order
|
|
14
|
+
- Changed from: `(redirectUri, state?, usePkce?, pkce?)`
|
|
15
|
+
- Changed to: `(redirectUri, state?, pkce?, usePkce?)`
|
|
16
|
+
- **ENHANCED**: More intuitive API design với PKCE config trước usePkce flag
|
|
17
|
+
- **UPDATED**: All examples và documentation để phù hợp với signature mới
|
|
18
|
+
- **ADDED**: Comprehensive test coverage cho new signature
|
|
19
|
+
|
|
20
|
+
#### Developer Experience
|
|
21
|
+
- **IMPROVED**: Better IntelliSense support với clearer parameter ordering
|
|
22
|
+
- **ENHANCED**: More logical API flow cho PKCE implementation
|
|
23
|
+
|
|
24
|
+
## [1.11.0] - 2025-01-11
|
|
25
|
+
|
|
26
|
+
### 🔐 SECURITY ENHANCEMENTS
|
|
27
|
+
|
|
28
|
+
#### PKCE Support for Official Account Authentication
|
|
29
|
+
- **ADDED**: PKCE (Proof Key for Code Exchange) support cho Official Account OAuth flow
|
|
30
|
+
- **ENHANCED**: `createOAAuthUrl()` method với PKCE parameters và auto-generated state
|
|
31
|
+
- **ADDED**: `generatePKCE()` method để tạo code_verifier và code_challenge
|
|
32
|
+
- **UPDATED**: `getOAAccessToken()` method hỗ trợ code_verifier cho token exchange
|
|
33
|
+
- **ADDED**: `OAAuthResult` type với url và state information
|
|
34
|
+
- **ADDED**: `createSecureOAAuthUrl()` method với full PKCE support
|
|
35
|
+
|
|
36
|
+
#### Security Best Practices
|
|
37
|
+
- **ENHANCED**: Auto-generated state với prefix 'zalo_oa_' nếu không được cung cấp
|
|
38
|
+
- **ADDED**: Comprehensive PKCE documentation và security guidelines
|
|
39
|
+
- **IMPROVED**: Type safety cho PKCE flow với proper TypeScript interfaces
|
|
40
|
+
|
|
41
|
+
### 📚 DOCUMENTATION
|
|
42
|
+
|
|
43
|
+
#### Authentication Guide Updates
|
|
44
|
+
- **UPDATED**: AUTHENTICATION.md với PKCE implementation guide
|
|
45
|
+
- **ADDED**: Security benefits và best practices cho PKCE
|
|
46
|
+
- **ADDED**: Complete examples cho PKCE flow
|
|
47
|
+
- **ADDED**: oa-auth-with-pkce.ts example file
|
|
48
|
+
|
|
49
|
+
### 🔧 TECHNICAL IMPROVEMENTS
|
|
50
|
+
|
|
51
|
+
#### API Compatibility
|
|
52
|
+
- **MAINTAINED**: Backward compatibility cho existing createOAAuthUrl() method
|
|
53
|
+
- **ADDED**: Deprecation notice cho old method signature
|
|
54
|
+
- **ENHANCED**: getAuthUrls() method với PKCE support
|
|
55
|
+
|
|
8
56
|
## [1.10.1] - 2025-01-11
|
|
9
57
|
|
|
10
58
|
### 🚀 NEW FEATURES
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
* Authentication service for Zalo API
|
|
3
3
|
*/
|
|
4
4
|
import { ZaloClient } from "../clients/zalo-client";
|
|
5
|
-
import { AccessToken, RefreshTokenResponse, AuthCodeParams, RefreshTokenParams, SocialUserInfo, TokenValidation, AuthScope, PKCEConfig, AuthUrls } from "../types/auth";
|
|
5
|
+
import { AccessToken, RefreshTokenResponse, AuthCodeParams, RefreshTokenParams, SocialUserInfo, TokenValidation, AuthScope, PKCEConfig, AuthUrls, OAAuthResult } from "../types/auth";
|
|
6
6
|
/**
|
|
7
7
|
* Authentication service for handling OAuth flows and token management
|
|
8
8
|
*/
|
|
@@ -17,15 +17,22 @@ export declare class AuthService {
|
|
|
17
17
|
*/
|
|
18
18
|
generatePKCE(): PKCEConfig;
|
|
19
19
|
/**
|
|
20
|
-
* Create OAuth authorization URL for Official Account
|
|
20
|
+
* Create OAuth authorization URL for Official Account with PKCE support
|
|
21
|
+
*
|
|
22
|
+
* @param redirectUri - The redirect URI after authorization
|
|
23
|
+
* @param state - Optional state parameter for security. If not provided, auto-generates with 'zalo_oa_' prefix
|
|
24
|
+
* @param usePkce - Whether to use PKCE for enhanced security. If true and pkce not provided, will auto-generate
|
|
25
|
+
* @param pkce - Optional PKCE configuration for enhanced security. If usePkce=true and this is not provided, will be auto-generated
|
|
26
|
+
* @returns Object containing the authorization URL, state, and PKCE config (if used)
|
|
21
27
|
*/
|
|
22
|
-
createOAAuthUrl(redirectUri: string, state?: string):
|
|
28
|
+
createOAAuthUrl(redirectUri: string, state?: string, pkce?: PKCEConfig, usePkce?: boolean): OAAuthResult;
|
|
23
29
|
/**
|
|
24
30
|
* Create OAuth authorization URL for Social API
|
|
25
31
|
*/
|
|
26
32
|
createSocialAuthUrl(redirectUri: string, state?: string, pkce?: PKCEConfig): string;
|
|
27
33
|
/**
|
|
28
34
|
* Exchange authorization code for Official Account access token
|
|
35
|
+
* Now supports PKCE code_verifier for enhanced security
|
|
29
36
|
*/
|
|
30
37
|
getOAAccessToken(params: AuthCodeParams): Promise<AccessToken>;
|
|
31
38
|
/**
|
|
@@ -49,8 +56,8 @@ export declare class AuthService {
|
|
|
49
56
|
*/
|
|
50
57
|
validateAccessToken(accessToken: string, scope?: AuthScope): Promise<TokenValidation>;
|
|
51
58
|
/**
|
|
52
|
-
* Get all authentication URLs
|
|
59
|
+
* Get all authentication URLs with optional PKCE support
|
|
53
60
|
*/
|
|
54
|
-
getAuthUrls(redirectUri: string): AuthUrls;
|
|
61
|
+
getAuthUrls(redirectUri: string, usePkce?: boolean, pkce?: PKCEConfig): AuthUrls;
|
|
55
62
|
}
|
|
56
63
|
//# sourceMappingURL=auth.service.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EACL,WAAW,EACX,oBAAoB,EACpB,cAAc,EACd,kBAAkB,EAClB,cAAc,EACd,eAAe,EACf,SAAS,EACT,UAAU,EACV,QAAQ,
|
|
1
|
+
{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EACL,WAAW,EACX,oBAAoB,EACpB,cAAc,EACd,kBAAkB,EAClB,cAAc,EACd,eAAe,EACf,SAAS,EACT,UAAU,EACV,QAAQ,EACR,YAAY,EACb,MAAM,eAAe,CAAC;AAIvB;;GAEG;AACH,qBAAa,WAAW;IAiBpB,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,KAAK;IACtB,OAAO,CAAC,QAAQ,CAAC,SAAS;IAjB5B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAYf;gBAGQ,MAAM,EAAE,UAAU,EAClB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM;IAGpC;;OAEG;IACI,YAAY,IAAI,UAAU;IAajC;;;;;;;;OAQG;IACI,eAAe,CACpB,WAAW,EAAE,MAAM,EACnB,KAAK,CAAC,EAAE,MAAM,EACd,IAAI,CAAC,EAAE,UAAU,EACjB,OAAO,GAAE,OAAe,GACvB,YAAY;IA+Bf;;OAEG;IACI,mBAAmB,CACxB,WAAW,EAAE,MAAM,EACnB,KAAK,CAAC,EAAE,MAAM,EACd,IAAI,CAAC,EAAE,UAAU,GAChB,MAAM;IAeT;;;OAGG;IACU,gBAAgB,CAAC,MAAM,EAAE,cAAc,GAAG,OAAO,CAAC,WAAW,CAAC;IA8D3E;;OAEG;IACU,oBAAoB,CAC/B,MAAM,EAAE,cAAc,GACrB,OAAO,CAAC,WAAW,CAAC;IA0DvB;;OAEG;IACU,oBAAoB,CAC/B,MAAM,EAAE,kBAAkB,GACzB,OAAO,CAAC,WAAW,CAAC;IA2CvB;;OAEG;IACU,wBAAwB,CACnC,MAAM,EAAE,kBAAkB,GACzB,OAAO,CAAC,oBAAoB,CAAC;IAyChC;;OAEG;IACU,iBAAiB,CAC5B,WAAW,EAAE,MAAM,EACnB,MAAM,GAAE,MAA0B,GACjC,OAAO,CAAC,cAAc,CAAC;IAuC1B;;OAEG;IACU,mBAAmB,CAC9B,WAAW,EAAE,MAAM,EACnB,KAAK,GAAE,SAA4B,GAClC,OAAO,CAAC,eAAe,CAAC;IAkB3B;;OAEG;IACI,WAAW,CAChB,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE,OAAe,EACxB,IAAI,CAAC,EAAE,UAAU,GAChB,QAAQ;CAeZ"}
|
|
@@ -45,15 +45,38 @@ class AuthService {
|
|
|
45
45
|
};
|
|
46
46
|
}
|
|
47
47
|
/**
|
|
48
|
-
* Create OAuth authorization URL for Official Account
|
|
48
|
+
* Create OAuth authorization URL for Official Account with PKCE support
|
|
49
|
+
*
|
|
50
|
+
* @param redirectUri - The redirect URI after authorization
|
|
51
|
+
* @param state - Optional state parameter for security. If not provided, auto-generates with 'zalo_oa_' prefix
|
|
52
|
+
* @param usePkce - Whether to use PKCE for enhanced security. If true and pkce not provided, will auto-generate
|
|
53
|
+
* @param pkce - Optional PKCE configuration for enhanced security. If usePkce=true and this is not provided, will be auto-generated
|
|
54
|
+
* @returns Object containing the authorization URL, state, and PKCE config (if used)
|
|
49
55
|
*/
|
|
50
|
-
createOAAuthUrl(redirectUri, state) {
|
|
56
|
+
createOAAuthUrl(redirectUri, state, pkce, usePkce = false) {
|
|
57
|
+
// Generate state with zalo_oa_ prefix if not provided
|
|
58
|
+
const finalState = state || `zalo_oa_${(0, crypto_1.randomBytes)(16).toString("hex")}`;
|
|
59
|
+
// Auto-generate PKCE if usePkce is true but pkce is not provided
|
|
60
|
+
let finalPkce = pkce;
|
|
61
|
+
if (usePkce && !pkce) {
|
|
62
|
+
finalPkce = this.generatePKCE();
|
|
63
|
+
}
|
|
51
64
|
const params = new URLSearchParams({
|
|
52
65
|
app_id: this.appId,
|
|
53
66
|
redirect_uri: redirectUri,
|
|
54
|
-
state:
|
|
67
|
+
state: finalState,
|
|
55
68
|
});
|
|
56
|
-
|
|
69
|
+
// Add PKCE parameters if PKCE is being used
|
|
70
|
+
if (usePkce && finalPkce) {
|
|
71
|
+
params.append("code_challenge", finalPkce.code_challenge);
|
|
72
|
+
params.append("code_challenge_method", finalPkce.code_challenge_method);
|
|
73
|
+
}
|
|
74
|
+
const url = `${this.endpoints.auth.oaPermission}?${params.toString()}`;
|
|
75
|
+
return {
|
|
76
|
+
url,
|
|
77
|
+
state: finalState,
|
|
78
|
+
pkce: usePkce ? finalPkce : undefined,
|
|
79
|
+
};
|
|
57
80
|
}
|
|
58
81
|
/**
|
|
59
82
|
* Create OAuth authorization URL for Social API
|
|
@@ -72,6 +95,7 @@ class AuthService {
|
|
|
72
95
|
}
|
|
73
96
|
/**
|
|
74
97
|
* Exchange authorization code for Official Account access token
|
|
98
|
+
* Now supports PKCE code_verifier for enhanced security
|
|
75
99
|
*/
|
|
76
100
|
async getOAAccessToken(params) {
|
|
77
101
|
try {
|
|
@@ -83,6 +107,10 @@ class AuthService {
|
|
|
83
107
|
grant_type: "authorization_code",
|
|
84
108
|
redirect_uri: params.redirect_uri,
|
|
85
109
|
};
|
|
110
|
+
// Add code_verifier if provided (for PKCE)
|
|
111
|
+
if (params.code_verifier) {
|
|
112
|
+
requestParams.code_verifier = params.code_verifier;
|
|
113
|
+
}
|
|
86
114
|
await this.client.oauthRequestWithUrl("POST", url, null, {
|
|
87
115
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
88
116
|
});
|
|
@@ -268,12 +296,13 @@ class AuthService {
|
|
|
268
296
|
}
|
|
269
297
|
}
|
|
270
298
|
/**
|
|
271
|
-
* Get all authentication URLs
|
|
299
|
+
* Get all authentication URLs with optional PKCE support
|
|
272
300
|
*/
|
|
273
|
-
getAuthUrls(redirectUri) {
|
|
301
|
+
getAuthUrls(redirectUri, usePkce = false, pkce) {
|
|
302
|
+
const oaAuthResult = this.createOAAuthUrl(redirectUri, undefined, pkce, usePkce);
|
|
274
303
|
return {
|
|
275
|
-
oa_auth_url:
|
|
276
|
-
social_auth_url: this.createSocialAuthUrl(redirectUri),
|
|
304
|
+
oa_auth_url: oaAuthResult.url,
|
|
305
|
+
social_auth_url: this.createSocialAuthUrl(redirectUri, undefined, pkce),
|
|
277
306
|
token_url: this.endpoints.auth.socialToken,
|
|
278
307
|
refresh_url: this.endpoints.auth.refreshOaToken,
|
|
279
308
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAGH,
|
|
1
|
+
{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAGH,wCAWuB;AACvB,4CAA+C;AAC/C,mCAAiD;AAEjD;;GAEG;AACH,MAAa,WAAW;IAgBtB,YACmB,MAAkB,EAClB,KAAa,EACb,SAAiB;QAFjB,WAAM,GAAN,MAAM,CAAY;QAClB,UAAK,GAAL,KAAK,CAAQ;QACb,cAAS,GAAT,SAAS,CAAQ;QAlBpC,4DAA4D;QAC3C,cAAS,GAAG;YAC3B,IAAI,EAAE;gBACJ,YAAY,EAAE,4CAA4C;gBAC1D,gBAAgB,EAAE,yCAAyC;gBAC3D,OAAO,EAAE,oDAAoD;gBAC7D,WAAW,EAAE,2CAA2C;gBACxD,cAAc,EAAE,8CAA8C;gBAC9D,kBAAkB,EAAE,iDAAiD;aACtE;YACD,MAAM,EAAE;gBACN,EAAE,EAAE,4DAA4D;aACjE;SACO,CAAC;IAMR,CAAC;IAEJ;;OAEG;IACI,YAAY;QACjB,MAAM,YAAY,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QAC3D,MAAM,aAAa,GAAG,IAAA,mBAAU,EAAC,QAAQ,CAAC;aACvC,MAAM,CAAC,YAAY,CAAC;aACpB,MAAM,CAAC,WAAW,CAAC,CAAC;QAEvB,OAAO;YACL,aAAa,EAAE,YAAY;YAC3B,cAAc,EAAE,aAAa;YAC7B,qBAAqB,EAAE,MAAM;SAC9B,CAAC;IACJ,CAAC;IAED;;;;;;;;OAQG;IACI,eAAe,CACpB,WAAmB,EACnB,KAAc,EACd,IAAiB,EACjB,UAAmB,KAAK;QAExB,sDAAsD;QACtD,MAAM,UAAU,GAAG,KAAK,IAAI,WAAW,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QAEzE,iEAAiE;QACjE,IAAI,SAAS,GAA2B,IAAI,CAAC;QAC7C,IAAI,OAAO,IAAI,CAAC,IAAI,EAAE,CAAC;YACrB,SAAS,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QAClC,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,MAAM,EAAE,IAAI,CAAC,KAAK;YAClB,YAAY,EAAE,WAAW;YACzB,KAAK,EAAE,UAAU;SAClB,CAAC,CAAC;QAEH,4CAA4C;QAC5C,IAAI,OAAO,IAAI,SAAS,EAAE,CAAC;YACzB,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE,SAAS,CAAC,cAAc,CAAC,CAAC;YAC1D,MAAM,CAAC,MAAM,CAAC,uBAAuB,EAAE,SAAS,CAAC,qBAAqB,CAAC,CAAC;QAC1E,CAAC;QAED,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,YAAY,IAAI,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;QAEvE,OAAO;YACL,GAAG;YACH,KAAK,EAAE,UAAU;YACjB,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;SACtC,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,mBAAmB,CACxB,WAAmB,EACnB,KAAc,EACd,IAAiB;QAEjB,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,MAAM,EAAE,IAAI,CAAC,KAAK;YAClB,YAAY,EAAE,WAAW;YACzB,KAAK,EAAE,KAAK,IAAI,aAAa;SAC9B,CAAC,CAAC;QAEH,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;YACrD,MAAM,CAAC,MAAM,CAAC,uBAAuB,EAAE,IAAI,CAAC,qBAAqB,CAAC,CAAC;QACrE,CAAC;QAED,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,gBAAgB,IAAI,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;IACxE,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,gBAAgB,CAAC,MAAsB;QAClD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC;YACxC,MAAM,aAAa,GAA2B;gBAC5C,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,UAAU,EAAE,oBAAoB;gBAChC,YAAY,EAAE,MAAM,CAAC,YAAY;aAClC,CAAC;YAEF,2CAA2C;YAC3C,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;gBACzB,aAAa,CAAC,aAAa,GAAG,MAAM,CAAC,aAAa,CAAC;YACrD,CAAC;YAED,MAAM,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE;gBACvD,cAAc,EAAE,mCAAmC;aACpD,CAAC,CAAC;YAEH,2CAA2C;YAC3C,MAAM,QAAQ,GAAG,IAAI,eAAe,EAAE,CAAC;YACvC,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;gBACrD,QAAQ,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAC9B,CAAC,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAClD,MAAM,EACN,GAAG,EACH,QAAQ,CAAC,QAAQ,EAAE,EACnB;gBACE,cAAc,EAAE,mCAAmC;aACpD,CACF,CAAC;YAEF,IAAI,MAAM,CAAC,KAAK,KAAK,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,qBAAY,CACpB,MAAM,CAAC,iBAAiB;oBACtB,MAAM,CAAC,OAAO;oBACd,+BAA+B,EACjC,MAAM,CAAC,KAAK,EACZ,MAAM,CACP,CAAC;YACJ,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;gBACjB,MAAM,IAAI,qBAAY,CAAC,gCAAgC,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/D,CAAC;YAED,OAAO,MAAM,CAAC,IAAI,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,qBAAY,EAAE,CAAC;gBAClC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,qBAAY,CACpB,kCAAmC,KAAe,CAAC,OAAO,EAAE,EAC5D,CAAC,CAAC,EACF,KAAK,CACN,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,MAAsB;QAEtB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC;YAE5C,MAAM,QAAQ,GAAG,IAAI,eAAe,EAAE,CAAC;YACvC,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;YACrC,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;YACzC,QAAQ,CAAC,MAAM,CAAC,YAAY,EAAE,oBAAoB,CAAC,CAAC;YAEpD,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;gBACzB,QAAQ,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;YACzD,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAClD,MAAM,EACN,GAAG,EACH,QAAQ,CAAC,QAAQ,EAAE,EACnB;gBACE,cAAc,EAAE,mCAAmC;gBACnD,UAAU,EAAE,MAAM,CAAC,UAAU;aAC9B,CACF,CAAC;YAEF,oCAAoC;YACpC,IAAI,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,KAAK,KAAK,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,qBAAY,CACpB,MAAM,CAAC,iBAAiB;oBACtB,MAAM,CAAC,OAAO;oBACd,mCAAmC,EACrC,MAAM,CAAC,KAAK,EACZ,MAAM,CACP,CAAC;YACJ,CAAC;YAED,8CAA8C;YAC9C,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;gBAChB,OAAO,MAAM,CAAC,IAAI,CAAC;YACrB,CAAC;iBAAM,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;gBAC/B,OAAO;oBACL,YAAY,EAAE,MAAM,CAAC,YAAY;oBACjC,UAAU,EAAE,MAAM,CAAC,UAAU;oBAC7B,aAAa,EAAE,MAAM,CAAC,aAAa;iBACpC,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,qBAAY,CAAC,wCAAwC,EAAE,CAAC,CAAC,CAAC,CAAC;YACvE,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,qBAAY,EAAE,CAAC;gBAClC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,qBAAY,CACpB,sCAAuC,KAAe,CAAC,OAAO,EAAE,EAChE,CAAC,CAAC,EACF,KAAK,CACN,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,MAA0B;QAE1B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC;YAE/C,MAAM,QAAQ,GAAG,IAAI,eAAe,EAAE,CAAC;YACvC,QAAQ,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;YACvD,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;YACzC,QAAQ,CAAC,MAAM,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;YAE/C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAClD,MAAM,EACN,GAAG,EACH,QAAQ,CAAC,QAAQ,EAAE,EACnB;gBACE,cAAc,EAAE,mCAAmC;gBACnD,UAAU,EAAE,MAAM,CAAC,UAAU;aAC9B,CACF,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;gBACzB,MAAM,IAAI,qBAAY,CACpB,mDAAmD,EACnD,CAAC,CAAC,CACH,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,YAAY,EAAE,MAAM,CAAC,YAAY;gBACjC,aAAa,EAAE,MAAM,CAAC,aAAa;gBACnC,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC;aACxC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,qBAAY,EAAE,CAAC;gBAClC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,qBAAY,CACpB,sCAAuC,KAAe,CAAC,OAAO,EAAE,EAChE,CAAC,CAAC,EACF,KAAK,CACN,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,wBAAwB,CACnC,MAA0B;QAE1B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,kBAAkB,CAAC;YACxD,MAAM,aAAa,GAAG;gBACpB,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,UAAU,EAAE,eAAe;gBAC3B,aAAa,EAAE,MAAM,CAAC,aAAa;aACpC,CAAC;YAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,EAAE,EAAE,aAAa,CAAC,CAAC;YAErE,IAAI,MAAM,CAAC,KAAK,KAAK,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,qBAAY,CACpB,MAAM,CAAC,iBAAiB;oBACtB,MAAM,CAAC,OAAO;oBACd,uCAAuC,EACzC,MAAM,CAAC,KAAK,EACZ,MAAM,CACP,CAAC;YACJ,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;gBACjB,MAAM,IAAI,qBAAY,CACpB,+CAA+C,EAC/C,CAAC,CAAC,CACH,CAAC;YACJ,CAAC;YAED,OAAO,MAAM,CAAC,IAAI,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,qBAAY,EAAE,CAAC;gBAClC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,qBAAY,CACpB,0CAA2C,KAAe,CAAC,OAAO,EAAE,EACpE,CAAC,CAAC,EACF,KAAK,CACN,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,iBAAiB,CAC5B,WAAmB,EACnB,SAAiB,iBAAiB;QAElC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC;YACrC,MAAM,MAAM,GAAG,EAAE,MAAM,EAAE,CAAC;YAE1B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE;gBACvE,YAAY,EAAE,WAAW;aAC1B,CAAC,CAAC;YAEH,IAAI,MAAM,CAAC,KAAK,KAAK,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,qBAAY,CACpB,MAAM,CAAC,OAAO,IAAI,gCAAgC,EAClD,MAAM,CAAC,KAAK,EACZ,MAAM,CACP,CAAC;YACJ,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;gBACf,MAAM,IAAI,qBAAY,CAAC,uCAAuC,EAAE,CAAC,CAAC,CAAC,CAAC;YACtE,CAAC;YAED,OAAO;gBACL,EAAE,EAAE,MAAM,CAAC,EAAE;gBACb,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,YAAY,EAAE,MAAM,CAAC,YAAY;aAClC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,qBAAY,EAAE,CAAC;gBAClC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,qBAAY,CACpB,mCAAoC,KAAe,CAAC,OAAO,EAAE,EAC7D,CAAC,CAAC,EACF,KAAK,CACN,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,mBAAmB,CAC9B,WAAmB,EACnB,QAAmB,gBAAS,CAAC,MAAM;QAEnC,IAAI,CAAC;YACH,IAAI,KAAK,KAAK,gBAAS,CAAC,MAAM,EAAE,CAAC;gBAC/B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;gBACjE,OAAO;oBACL,KAAK,EAAE,IAAI;oBACX,SAAS,EAAE,QAAQ;iBACpB,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,6CAA6C;gBAC7C,kCAAkC;gBAClC,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;YACzB,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;QAC1B,CAAC;IACH,CAAC;IAED;;OAEG;IACI,WAAW,CAChB,WAAmB,EACnB,UAAmB,KAAK,EACxB,IAAiB;QAEjB,MAAM,YAAY,GAAG,IAAI,CAAC,eAAe,CACvC,WAAW,EACX,SAAS,EACT,IAAI,EACJ,OAAO,CACR,CAAC;QAEF,OAAO;YACL,WAAW,EAAE,YAAY,CAAC,GAAG;YAC7B,eAAe,EAAE,IAAI,CAAC,mBAAmB,CAAC,WAAW,EAAE,SAAS,EAAE,IAAI,CAAC;YACvE,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,WAAW;YAC1C,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc;SAChD,CAAC;IACJ,CAAC;CACF;AAnaD,kCAmaC"}
|
package/dist/types/auth.d.ts
CHANGED
|
@@ -85,7 +85,7 @@ export interface AuthCodeParams {
|
|
|
85
85
|
*/
|
|
86
86
|
redirect_uri: string;
|
|
87
87
|
/**
|
|
88
|
-
* Code verifier for PKCE (Social API
|
|
88
|
+
* Code verifier for PKCE (supports both Social API and Official Account API)
|
|
89
89
|
*/
|
|
90
90
|
code_verifier?: string;
|
|
91
91
|
}
|
|
@@ -230,4 +230,21 @@ export interface AuthUrls {
|
|
|
230
230
|
*/
|
|
231
231
|
refresh_url: string;
|
|
232
232
|
}
|
|
233
|
+
/**
|
|
234
|
+
* Official Account authorization result
|
|
235
|
+
*/
|
|
236
|
+
export interface OAAuthResult {
|
|
237
|
+
/**
|
|
238
|
+
* Authorization URL
|
|
239
|
+
*/
|
|
240
|
+
url: string;
|
|
241
|
+
/**
|
|
242
|
+
* State parameter used (auto-generated if not provided)
|
|
243
|
+
*/
|
|
244
|
+
state: string;
|
|
245
|
+
/**
|
|
246
|
+
* PKCE configuration used (if PKCE was enabled)
|
|
247
|
+
*/
|
|
248
|
+
pkce?: PKCEConfig;
|
|
249
|
+
}
|
|
233
250
|
//# sourceMappingURL=auth.d.ts.map
|
package/dist/types/auth.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/types/auth.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;CAC1C;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,IAAI,EAAE,MAAM,CAAC;IAEb;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,EAAE,EAAE,MAAM,CAAC;IAEX;;OAEG;IACH,IAAI,EAAE,MAAM,CAAC;IAEb;;OAEG;IACH,OAAO,CAAC,EAAE;QACR,IAAI,EAAE;YACJ,GAAG,EAAE,MAAM,CAAC;SACb,CAAC;KACH,CAAC;IAEF;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,QAAQ,CAAC,EAAE;QACT,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IAEF;;OAEG;IACH,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,KAAK,EAAE,OAAO,CAAC;IAEf;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,SAAS,CAAC,EAAE,cAAc,CAAC;CAC5B;AAED;;GAEG;AACH,oBAAY,SAAS;IACnB;;OAEG;IACH,EAAE,OAAO;IAET;;OAEG;IACH,MAAM,WAAW;IAEjB;;OAEG;IACH,GAAG,QAAQ;CACZ;AAED;;GAEG;AACH,oBAAY,UAAU;IACpB;;OAEG;IACH,kBAAkB,uBAAuB;IAEzC;;OAEG;IACH,aAAa,kBAAkB;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,cAAc,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,qBAAqB,EAAE,MAAM,GAAG,OAAO,CAAC;CACzC;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,eAAe,EAAE,MAAM,CAAC;IAExB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;CACrB"}
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/types/auth.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;CAC1C;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,IAAI,EAAE,MAAM,CAAC;IAEb;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,EAAE,EAAE,MAAM,CAAC;IAEX;;OAEG;IACH,IAAI,EAAE,MAAM,CAAC;IAEb;;OAEG;IACH,OAAO,CAAC,EAAE;QACR,IAAI,EAAE;YACJ,GAAG,EAAE,MAAM,CAAC;SACb,CAAC;KACH,CAAC;IAEF;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,QAAQ,CAAC,EAAE;QACT,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IAEF;;OAEG;IACH,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,KAAK,EAAE,OAAO,CAAC;IAEf;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,SAAS,CAAC,EAAE,cAAc,CAAC;CAC5B;AAED;;GAEG;AACH,oBAAY,SAAS;IACnB;;OAEG;IACH,EAAE,OAAO;IAET;;OAEG;IACH,MAAM,WAAW;IAEjB;;OAEG;IACH,GAAG,QAAQ;CACZ;AAED;;GAEG;AACH,oBAAY,UAAU;IACpB;;OAEG;IACH,kBAAkB,uBAAuB;IAEzC;;OAEG;IACH,aAAa,kBAAkB;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,cAAc,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,qBAAqB,EAAE,MAAM,GAAG,OAAO,CAAC;CACzC;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,eAAe,EAAE,MAAM,CAAC;IAExB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IAEZ;;OAEG;IACH,KAAK,EAAE,MAAM,CAAC;IAEd;;OAEG;IACH,IAAI,CAAC,EAAE,UAAU,CAAC;CACnB"}
|
package/dist/zalo-sdk.d.ts
CHANGED
|
@@ -91,9 +91,15 @@ export declare class ZaloSDK {
|
|
|
91
91
|
* Quick method to process webhook
|
|
92
92
|
*/
|
|
93
93
|
/**
|
|
94
|
-
* Create OA authorization URL
|
|
94
|
+
* Create OA authorization URL with PKCE support
|
|
95
|
+
* @deprecated Use auth.createOAAuthUrl() directly for full control over PKCE and state
|
|
95
96
|
*/
|
|
96
97
|
createOAAuthUrl(redirectUri: string, state?: string): string;
|
|
98
|
+
/**
|
|
99
|
+
* Create OA authorization URL with full PKCE support
|
|
100
|
+
* Returns both URL and state for enhanced security
|
|
101
|
+
*/
|
|
102
|
+
createSecureOAAuthUrl(redirectUri: string, state?: string, enablePKCE?: boolean): import("./types/auth").OAAuthResult;
|
|
97
103
|
/**
|
|
98
104
|
* Create Social authorization URL
|
|
99
105
|
*/
|
package/dist/zalo-sdk.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"zalo-sdk.d.ts","sourceRoot":"","sources":["../src/zalo-sdk.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAElD,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAEtD,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AACvE,OAAO,EAAE,sBAAsB,EAAE,MAAM,qCAAqC,CAAC;AAC7E,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAGrE,OAAO,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AACtE,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAC;AACpE,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAC;AAC3E,OAAO,EAAE,wBAAwB,EAAE,MAAM,uCAAuC,CAAC;AACjF,OAAO,EACL,aAAa,EAId,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,WAAW,EAGX,cAAc,EACf,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAG3E;;GAEG;AACH,qBAAa,OAAO;IAClB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAa;IACpC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAGhC,SAAgB,IAAI,EAAE,WAAW,CAAC;IAClC,SAAgB,EAAE,EAAE,SAAS,CAAC;IAE9B,SAAgB,IAAI,EAAE,WAAW,CAAC;IAElC,SAAgB,GAAG,EAAE,UAAU,CAAC;IAChC,SAAgB,YAAY,EAAE,mBAAmB,CAAC;IAClD,SAAgB,eAAe,EAAE,sBAAsB,CAAC;IACxD,SAAgB,OAAO,EAAE,cAAc,CAAC;IACxC,SAAgB,WAAW,EAAE,kBAAkB,CAAC;IAGhD,SAAgB,YAAY,EAAE,mBAAmB,CAAC;IAClD,SAAgB,WAAW,EAAE,kBAAkB,CAAC;IAChD,SAAgB,SAAS,EAAE,gBAAgB,CAAC;IAC5C,SAAgB,cAAc,EAAE,qBAAqB,CAAC;IACtD,SAAgB,iBAAiB,EAAE,wBAAwB,CAAC;IAG5D,SAAgB,MAAM,EAAE,QAAQ,CAAC,aAAa,CAAC,CAAC;gBAEpC,MAAM,EAAE,aAAa;IAwDjC;;OAEG;IACU,gBAAgB,CAC3B,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,WAAW,CAAC;IAWvB;;OAEG;IACU,oBAAoB,CAC/B,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,EACnB,YAAY,CAAC,EAAE,MAAM,GACpB,OAAO,CAAC,WAAW,CAAC;IAYvB;;OAEG;IACU,oBAAoB,CAC/B,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,WAAW,CAAC;IAUvB;;OAEG;IACU,wBAAwB,CACnC,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,WAAW,CAAC;IAUvB;;OAEG;IACU,SAAS,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAI5D;;OAEG;IACU,eAAe,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IAIxE;;OAEG;IACU,iBAAiB,CAC5B,WAAW,EAAE,MAAM,EACnB,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,cAAc,CAAC;IAI1B;;OAEG;IACU,oBAAoB,CAC/B,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,mBAAmB,CAAC;IAQ/B;;OAEG;IACU,WAAW,CACtB,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,QAAQ,CAAC;IAIpB;;OAEG;IACU,WAAW,CACtB,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,eAAe,GACvB,OAAO,CAAC,gBAAgB,CAAC;IAI5B;;OAEG;IACU,YAAY,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAIzE;;OAEG;IAKH;;OAEG;IASH
|
|
1
|
+
{"version":3,"file":"zalo-sdk.d.ts","sourceRoot":"","sources":["../src/zalo-sdk.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAElD,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAEtD,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AACvE,OAAO,EAAE,sBAAsB,EAAE,MAAM,qCAAqC,CAAC;AAC7E,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAGrE,OAAO,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AACtE,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAC;AACpE,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAC;AAC3E,OAAO,EAAE,wBAAwB,EAAE,MAAM,uCAAuC,CAAC;AACjF,OAAO,EACL,aAAa,EAId,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,WAAW,EAGX,cAAc,EACf,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAG3E;;GAEG;AACH,qBAAa,OAAO;IAClB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAa;IACpC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAGhC,SAAgB,IAAI,EAAE,WAAW,CAAC;IAClC,SAAgB,EAAE,EAAE,SAAS,CAAC;IAE9B,SAAgB,IAAI,EAAE,WAAW,CAAC;IAElC,SAAgB,GAAG,EAAE,UAAU,CAAC;IAChC,SAAgB,YAAY,EAAE,mBAAmB,CAAC;IAClD,SAAgB,eAAe,EAAE,sBAAsB,CAAC;IACxD,SAAgB,OAAO,EAAE,cAAc,CAAC;IACxC,SAAgB,WAAW,EAAE,kBAAkB,CAAC;IAGhD,SAAgB,YAAY,EAAE,mBAAmB,CAAC;IAClD,SAAgB,WAAW,EAAE,kBAAkB,CAAC;IAChD,SAAgB,SAAS,EAAE,gBAAgB,CAAC;IAC5C,SAAgB,cAAc,EAAE,qBAAqB,CAAC;IACtD,SAAgB,iBAAiB,EAAE,wBAAwB,CAAC;IAG5D,SAAgB,MAAM,EAAE,QAAQ,CAAC,aAAa,CAAC,CAAC;gBAEpC,MAAM,EAAE,aAAa;IAwDjC;;OAEG;IACU,gBAAgB,CAC3B,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,WAAW,CAAC;IAWvB;;OAEG;IACU,oBAAoB,CAC/B,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,EACnB,YAAY,CAAC,EAAE,MAAM,GACpB,OAAO,CAAC,WAAW,CAAC;IAYvB;;OAEG;IACU,oBAAoB,CAC/B,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,WAAW,CAAC;IAUvB;;OAEG;IACU,wBAAwB,CACnC,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,WAAW,CAAC;IAUvB;;OAEG;IACU,SAAS,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAI5D;;OAEG;IACU,eAAe,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IAIxE;;OAEG;IACU,iBAAiB,CAC5B,WAAW,EAAE,MAAM,EACnB,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,cAAc,CAAC;IAI1B;;OAEG;IACU,oBAAoB,CAC/B,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,mBAAmB,CAAC;IAQ/B;;OAEG;IACU,WAAW,CACtB,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,QAAQ,CAAC;IAIpB;;OAEG;IACU,WAAW,CACtB,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,eAAe,GACvB,OAAO,CAAC,gBAAgB,CAAC;IAI5B;;OAEG;IACU,YAAY,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAIzE;;OAEG;IAKH;;OAEG;IASH;;;OAGG;IACI,eAAe,CAAC,WAAW,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM;IAKnE;;;OAGG;IACI,qBAAqB,CAAC,WAAW,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,EAAE,UAAU,GAAE,OAAc;IAK5F;;OAEG;IACI,mBAAmB,CAAC,WAAW,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM;IAIvE;;OAEG;IACI,YAAY;IAInB;;OAEG;IACU,mBAAmB,CAC9B,WAAW,EAAE,MAAM,EACnB,KAAK,GAAE,IAAI,GAAG,QAAmB,GAChC,OAAO,CAAC,OAAO,CAAC;IAcnB;;OAEG;IACI,UAAU,IAAI,MAAM;IAI3B;;OAEG;IACI,SAAS,IAAI,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,WAAW,CAAC;IAK9D;;OAEG;IACI,QAAQ,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAQvC;;OAEG;IACU,cAAc,IAAI,OAAO,CAAC,OAAO,CAAC;IAqB/C;;OAEG;IACU,aAAa,CAAC,CAAC,GAAG,GAAG,EAChC,MAAM,EAAE,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,EACzC,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,MAAM,EACnB,IAAI,CAAC,EAAE,GAAG,EACV,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAC3B,OAAO,CAAC,CAAC,CAAC;IAeb;;OAEG;IACU,UAAU,CAAC,CAAC,GAAG,GAAG,EAC7B,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE,MAAM,GAAG,MAAM,CAAC,cAAc,EACpC,QAAQ,EAAE,MAAM,EAChB,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GACrC,OAAO,CAAC,CAAC,CAAC;IAUb;;OAEG;IACI,OAAO,IAAI,IAAI;CAGvB"}
|
package/dist/zalo-sdk.js
CHANGED
|
@@ -179,10 +179,20 @@ class ZaloSDK {
|
|
|
179
179
|
// return this.webhook.processWebhook(payload, signature, timestamp);
|
|
180
180
|
// }
|
|
181
181
|
/**
|
|
182
|
-
* Create OA authorization URL
|
|
182
|
+
* Create OA authorization URL with PKCE support
|
|
183
|
+
* @deprecated Use auth.createOAAuthUrl() directly for full control over PKCE and state
|
|
183
184
|
*/
|
|
184
185
|
createOAAuthUrl(redirectUri, state) {
|
|
185
|
-
|
|
186
|
+
const result = this.auth.createOAAuthUrl(redirectUri, state, undefined, false);
|
|
187
|
+
return result.url;
|
|
188
|
+
}
|
|
189
|
+
/**
|
|
190
|
+
* Create OA authorization URL with full PKCE support
|
|
191
|
+
* Returns both URL and state for enhanced security
|
|
192
|
+
*/
|
|
193
|
+
createSecureOAAuthUrl(redirectUri, state, enablePKCE = true) {
|
|
194
|
+
const result = this.auth.createOAAuthUrl(redirectUri, state, undefined, enablePKCE);
|
|
195
|
+
return result;
|
|
186
196
|
}
|
|
187
197
|
/**
|
|
188
198
|
* Create Social authorization URL
|
package/dist/zalo-sdk.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"zalo-sdk.js","sourceRoot":"","sources":["../src/zalo-sdk.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,uDAAmD;AACnD,0DAAsD;AACtD,sDAAkD;AAClD,mGAAmG;AACnG,0DAAsD;AACtD,+DAA+D;AAC/D,wDAAoD;AACpD,4EAAuE;AACvE,kFAA6E;AAC7E,gEAA4D;AAC5D,0EAAqE;AAErE,mBAAmB;AACnB,0EAAsE;AACtE,wEAAoE;AACpE,oEAAgE;AAChE,gFAA2E;AAC3E,sFAAiF;AACjF,2CAKwB;AAUxB,qDAAqD;AAErD;;GAEG;AACH,MAAa,OAAO;IA0BlB,YAAY,MAAqB;QAC/B,kCAAkC;QAClC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YAClB,MAAM,IAAI,qBAAY,CAAC,wCAAwC,CAAC,CAAC;QACnE,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YACtB,MAAM,IAAI,qBAAY,CAAC,4CAA4C,CAAC,CAAC;QACvE,CAAC;QAED,4BAA4B;QAC5B,IAAI,CAAC,MAAM,GAAG;YACZ,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,KAAK;YAChC,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,KAAK;YAC5B,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,yBAAyB;YAC1D,KAAK,EAAE;gBACL,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,QAAQ,IAAI,CAAC;gBACrC,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,KAAK,IAAI,IAAI;gBAClC,GAAG,MAAM,CAAC,KAAK;aAChB;SACF,CAAC;QAEF,IAAI,CAAC,MAAM,GAAG,IAAI,sBAAa,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,IAAI,wBAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAE1C,sBAAsB;QACtB,IAAI,CAAC,IAAI,GAAG,IAAI,0BAAW,CACzB,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,MAAM,CAAC,KAAK,EACjB,IAAI,CAAC,MAAM,CAAC,SAAS,CACtB,CAAC;QACF,IAAI,CAAC,EAAE,GAAG,IAAI,sBAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACrC,8FAA8F;QAC9F,IAAI,CAAC,IAAI,GAAG,IAAI,0BAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzC,+EAA+E;QAC/E,IAAI,CAAC,GAAG,GAAG,IAAI,wBAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,CAAC,YAAY,GAAG,IAAI,2CAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzD,IAAI,CAAC,eAAe,GAAG,IAAI,iDAAsB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC/D,IAAI,CAAC,OAAO,GAAG,IAAI,gCAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC/C,IAAI,CAAC,WAAW,GAAG,IAAI,yCAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAEvD,8BAA8B;QAC9B,IAAI,CAAC,YAAY,GAAG,IAAI,0CAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzD,IAAI,CAAC,WAAW,GAAG,IAAI,wCAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvD,IAAI,CAAC,SAAS,GAAG,IAAI,oCAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnD,IAAI,CAAC,cAAc,GAAG,IAAI,+CAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7D,IAAI,CAAC,iBAAiB,GAAG,IAAI,qDAAwB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAEnE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sBAAsB,EAAE;YACvC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACxB,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACxB,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;SAC7B,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,gBAAgB,CAC3B,IAAY,EACZ,WAAmB;QAEnB,MAAM,MAAM,GAAmB;YAC7B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,IAAI;YACJ,YAAY,EAAE,WAAW;SAC1B,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAC5C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,IAAY,EACZ,WAAmB,EACnB,YAAqB;QAErB,MAAM,MAAM,GAAmB;YAC7B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,IAAI;YACJ,YAAY,EAAE,WAAW;YACzB,aAAa,EAAE,YAAY,IAAI,EAAE;SAClC,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,YAAoB;QAEpB,MAAM,MAAM,GAAuB;YACjC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,aAAa,EAAE,YAAY;SAC5B,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,wBAAwB,CACnC,YAAoB;QAEpB,MAAM,MAAM,GAAuB;YACjC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,aAAa,EAAE,YAAY;SAC5B,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,SAAS,CAAC,WAAmB;QACxC,OAAO,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;IACxC,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,eAAe,CAAC,WAAmB;QAC9C,OAAO,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC;IAC9C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,iBAAiB,CAC5B,WAAmB,EACnB,MAAe;QAEf,OAAO,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IAC1D,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,WAAmB,EACnB,MAAc,EACd,IAAY;QAEZ,OAAO,IAAI,CAAC,YAAY,CAAC,eAAe,CACtC,WAAW,EACX,EAAE,OAAO,EAAE,MAAM,EAAE,EACnB,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CACvB,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,WAAW,CACtB,WAAmB,EACnB,MAAc;QAEd,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,WAAW,CACtB,WAAmB,EACnB,OAAwB;QAExB,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACrD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,YAAY,CAAC,WAAmB;QAC3C,OAAO,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,oEAAoE;IACpE,6CAA6C;IAC7C,IAAI;IAEJ;;OAEG;IACH,+BAA+B;IAC/B,qBAAqB;IACrB,wBAAwB;IACxB,uBAAuB;IACvB,qBAAqB;IACrB,uEAAuE;IACvE,IAAI;IAEJ
|
|
1
|
+
{"version":3,"file":"zalo-sdk.js","sourceRoot":"","sources":["../src/zalo-sdk.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,uDAAmD;AACnD,0DAAsD;AACtD,sDAAkD;AAClD,mGAAmG;AACnG,0DAAsD;AACtD,+DAA+D;AAC/D,wDAAoD;AACpD,4EAAuE;AACvE,kFAA6E;AAC7E,gEAA4D;AAC5D,0EAAqE;AAErE,mBAAmB;AACnB,0EAAsE;AACtE,wEAAoE;AACpE,oEAAgE;AAChE,gFAA2E;AAC3E,sFAAiF;AACjF,2CAKwB;AAUxB,qDAAqD;AAErD;;GAEG;AACH,MAAa,OAAO;IA0BlB,YAAY,MAAqB;QAC/B,kCAAkC;QAClC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YAClB,MAAM,IAAI,qBAAY,CAAC,wCAAwC,CAAC,CAAC;QACnE,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YACtB,MAAM,IAAI,qBAAY,CAAC,4CAA4C,CAAC,CAAC;QACvE,CAAC;QAED,4BAA4B;QAC5B,IAAI,CAAC,MAAM,GAAG;YACZ,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,KAAK;YAChC,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,KAAK;YAC5B,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,yBAAyB;YAC1D,KAAK,EAAE;gBACL,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,QAAQ,IAAI,CAAC;gBACrC,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,KAAK,IAAI,IAAI;gBAClC,GAAG,MAAM,CAAC,KAAK;aAChB;SACF,CAAC;QAEF,IAAI,CAAC,MAAM,GAAG,IAAI,sBAAa,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,IAAI,wBAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAE1C,sBAAsB;QACtB,IAAI,CAAC,IAAI,GAAG,IAAI,0BAAW,CACzB,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,MAAM,CAAC,KAAK,EACjB,IAAI,CAAC,MAAM,CAAC,SAAS,CACtB,CAAC;QACF,IAAI,CAAC,EAAE,GAAG,IAAI,sBAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACrC,8FAA8F;QAC9F,IAAI,CAAC,IAAI,GAAG,IAAI,0BAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzC,+EAA+E;QAC/E,IAAI,CAAC,GAAG,GAAG,IAAI,wBAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,CAAC,YAAY,GAAG,IAAI,2CAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzD,IAAI,CAAC,eAAe,GAAG,IAAI,iDAAsB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC/D,IAAI,CAAC,OAAO,GAAG,IAAI,gCAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC/C,IAAI,CAAC,WAAW,GAAG,IAAI,yCAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAEvD,8BAA8B;QAC9B,IAAI,CAAC,YAAY,GAAG,IAAI,0CAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzD,IAAI,CAAC,WAAW,GAAG,IAAI,wCAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvD,IAAI,CAAC,SAAS,GAAG,IAAI,oCAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnD,IAAI,CAAC,cAAc,GAAG,IAAI,+CAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7D,IAAI,CAAC,iBAAiB,GAAG,IAAI,qDAAwB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAEnE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sBAAsB,EAAE;YACvC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACxB,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACxB,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;SAC7B,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,gBAAgB,CAC3B,IAAY,EACZ,WAAmB;QAEnB,MAAM,MAAM,GAAmB;YAC7B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,IAAI;YACJ,YAAY,EAAE,WAAW;SAC1B,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAC5C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,IAAY,EACZ,WAAmB,EACnB,YAAqB;QAErB,MAAM,MAAM,GAAmB;YAC7B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,IAAI;YACJ,YAAY,EAAE,WAAW;YACzB,aAAa,EAAE,YAAY,IAAI,EAAE;SAClC,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,YAAoB;QAEpB,MAAM,MAAM,GAAuB;YACjC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,aAAa,EAAE,YAAY;SAC5B,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,wBAAwB,CACnC,YAAoB;QAEpB,MAAM,MAAM,GAAuB;YACjC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACzB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACjC,aAAa,EAAE,YAAY;SAC5B,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,SAAS,CAAC,WAAmB;QACxC,OAAO,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;IACxC,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,eAAe,CAAC,WAAmB;QAC9C,OAAO,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC;IAC9C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,iBAAiB,CAC5B,WAAmB,EACnB,MAAe;QAEf,OAAO,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IAC1D,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAC/B,WAAmB,EACnB,MAAc,EACd,IAAY;QAEZ,OAAO,IAAI,CAAC,YAAY,CAAC,eAAe,CACtC,WAAW,EACX,EAAE,OAAO,EAAE,MAAM,EAAE,EACnB,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CACvB,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,WAAW,CACtB,WAAmB,EACnB,MAAc;QAEd,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,WAAW,CACtB,WAAmB,EACnB,OAAwB;QAExB,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACrD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,YAAY,CAAC,WAAmB;QAC3C,OAAO,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,oEAAoE;IACpE,6CAA6C;IAC7C,IAAI;IAEJ;;OAEG;IACH,+BAA+B;IAC/B,qBAAqB;IACrB,wBAAwB;IACxB,uBAAuB;IACvB,qBAAqB;IACrB,uEAAuE;IACvE,IAAI;IAEJ;;;OAGG;IACI,eAAe,CAAC,WAAmB,EAAE,KAAc;QACxD,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;QAC/E,OAAO,MAAM,CAAC,GAAG,CAAC;IACpB,CAAC;IAED;;;OAGG;IACI,qBAAqB,CAAC,WAAmB,EAAE,KAAc,EAAE,aAAsB,IAAI;QAC1F,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,KAAK,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;QACpF,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACI,mBAAmB,CAAC,WAAmB,EAAE,KAAc;QAC5D,OAAO,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;IAC3D,CAAC;IAED;;OAEG;IACI,YAAY;QACjB,OAAO,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;IAClC,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,mBAAmB,CAC9B,WAAmB,EACnB,QAAyB,QAAQ;QAEjC,IAAI,CAAC;YACH,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;gBACnB,OAAO,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC;YAC9C,CAAC;iBAAM,CAAC;gBACN,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC;gBACpE,OAAO,UAAU,CAAC,KAAK,CAAC;YAC1B,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA6B,KAAe,CAAC,OAAO,EAAE,CAAC,CAAC;YACzE,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACI,UAAU;QACf,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACI,SAAS;QACd,MAAM,EAAE,SAAS,EAAE,GAAG,UAAU,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC;QACjD,OAAO,UAAU,CAAC;IACpB,CAAC;IAED;;OAEG;IACI,QAAQ,CAAC,OAAgB;QAC7B,IAAI,CAAC,MAAc,CAAC,KAAK,GAAG,OAAO,CAAC;QACrC,8EAA8E;QAC9E,IAAI,OAAO,KAAK,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YAClC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,cAAc;QACzB,IAAI,CAAC;YACH,oDAAoD;YACpD,MAAM,OAAO,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,gBAAgB,CAAC;YAC1D,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;YAChD,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,sEAAsE;YACtE,IACG,KAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC;gBAChD,KAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,EACxC,CAAC;gBACD,OAAO,IAAI,CAAC,CAAC,mDAAmD;YAClE,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2BAA4B,KAAe,CAAC,OAAO,EAAE,CAAC,CAAC;YACzE,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAID;;OAEG;IACI,KAAK,CAAC,aAAa,CACxB,MAAyC,EACzC,QAAgB,EAChB,WAAmB,EACnB,IAAU,EACV,MAA4B;QAE5B,QAAQ,MAAM,EAAE,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAI,QAAQ,EAAE,WAAW,EAAE,MAAM,CAAC,CAAC;YAC9D,KAAK,MAAM;gBACT,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAI,QAAQ,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;YACrE,KAAK,KAAK;gBACR,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAI,QAAQ,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;YACpE,KAAK,QAAQ;gBACX,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAI,QAAQ,EAAE,WAAW,EAAE,MAAM,CAAC,CAAC;YACjE;gBACE,MAAM,IAAI,qBAAY,CAAC,4BAA4B,MAAM,EAAE,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,UAAU,CACrB,QAAgB,EAChB,WAAmB,EACnB,IAAoC,EACpC,QAAgB,EAChB,gBAAsC;QAEtC,OAAO,IAAI,CAAC,MAAM,CAAC,aAAa,CAC9B,QAAQ,EACR,WAAW,EACX,IAAI,EACJ,QAAQ,EACR,gBAAgB,CACjB,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,OAAO;QACZ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACxC,CAAC;CACF;AA/XD,0BA+XC"}
|
package/docs/AUTHENTICATION.md
CHANGED
|
@@ -4,10 +4,10 @@
|
|
|
4
4
|
|
|
5
5
|
RedAI Zalo SDK hỗ trợ đầy đủ các authentication flows của Zalo, bao gồm:
|
|
6
6
|
|
|
7
|
-
- **Official Account (OA) Authentication** - Để truy cập OA APIs
|
|
8
|
-
- **Social API Authentication** - Để truy cập thông tin user social
|
|
7
|
+
- **Official Account (OA) Authentication** - Để truy cập OA APIs (hỗ trợ PKCE)
|
|
8
|
+
- **Social API Authentication** - Để truy cập thông tin user social (hỗ trợ PKCE)
|
|
9
9
|
- **Token Management** - Refresh và validate tokens
|
|
10
|
-
- **PKCE Support** - Security enhancement cho Social API
|
|
10
|
+
- **PKCE Support** - Security enhancement cho cả OA và Social API
|
|
11
11
|
|
|
12
12
|
---
|
|
13
13
|
|
|
@@ -15,6 +15,8 @@ RedAI Zalo SDK hỗ trợ đầy đủ các authentication flows của Zalo, bao
|
|
|
15
15
|
|
|
16
16
|
### 1. Tạo Authorization URL
|
|
17
17
|
|
|
18
|
+
#### Cách 1: Basic Authentication (không PKCE)
|
|
19
|
+
|
|
18
20
|
```typescript
|
|
19
21
|
import { ZaloSDK } from "@warriorteam/redai-zalo-sdk";
|
|
20
22
|
|
|
@@ -23,37 +25,99 @@ const zalo = new ZaloSDK({
|
|
|
23
25
|
appSecret: "your-oa-app-secret"
|
|
24
26
|
});
|
|
25
27
|
|
|
26
|
-
// Tạo authorization URL cho OA
|
|
27
|
-
const
|
|
28
|
-
"https://your-app.com/auth/callback"
|
|
29
|
-
"optional-state-parameter" // state (tùy chọn)
|
|
28
|
+
// Tạo authorization URL cho OA - state sẽ được tự động sinh với prefix 'zalo_oa_'
|
|
29
|
+
const authResult = zalo.auth.createOAAuthUrl(
|
|
30
|
+
"https://your-app.com/auth/callback" // redirect_uri
|
|
30
31
|
);
|
|
31
32
|
|
|
32
|
-
console.log("Redirect user to:",
|
|
33
|
-
|
|
33
|
+
console.log("Redirect user to:", authResult.url);
|
|
34
|
+
console.log("Generated state:", authResult.state);
|
|
35
|
+
// Output:
|
|
36
|
+
// - url: https://oauth.zaloapp.com/v4/oa/permission?app_id=xxx&redirect_uri=xxx&state=zalo_oa_abc123...
|
|
37
|
+
// - state: zalo_oa_abc123def456...
|
|
38
|
+
|
|
39
|
+
// Hoặc với custom state
|
|
40
|
+
const customAuthResult = zalo.auth.createOAAuthUrl(
|
|
41
|
+
"https://your-app.com/auth/callback",
|
|
42
|
+
"my-custom-state"
|
|
43
|
+
);
|
|
44
|
+
```
|
|
45
|
+
|
|
46
|
+
#### Cách 2: Enhanced Security với PKCE (Khuyến nghị)
|
|
47
|
+
|
|
48
|
+
##### Option A: Manual PKCE Configuration
|
|
49
|
+
|
|
50
|
+
```typescript
|
|
51
|
+
// Bước 1: Tạo PKCE configuration
|
|
52
|
+
const pkce = zalo.auth.generatePKCE();
|
|
53
|
+
console.log("PKCE Config:", {
|
|
54
|
+
code_verifier: pkce.code_verifier, // Lưu trữ an toàn - cần cho bước exchange token
|
|
55
|
+
code_challenge: pkce.code_challenge, // Sẽ được gửi trong URL
|
|
56
|
+
code_challenge_method: pkce.code_challenge_method // "S256"
|
|
57
|
+
});
|
|
58
|
+
|
|
59
|
+
// Bước 2: Tạo authorization URL với manual PKCE
|
|
60
|
+
const authResult = zalo.auth.createOAAuthUrl(
|
|
61
|
+
"https://your-app.com/auth/callback",
|
|
62
|
+
"my-secure-state", // optional custom state
|
|
63
|
+
pkce, // manual PKCE config
|
|
64
|
+
true // usePkce = true
|
|
65
|
+
);
|
|
66
|
+
|
|
67
|
+
console.log("Secure auth URL:", authResult.url);
|
|
68
|
+
console.log("State to verify:", authResult.state);
|
|
69
|
+
console.log("PKCE used:", authResult.pkce);
|
|
70
|
+
|
|
71
|
+
// ⚠️ QUAN TRỌNG: Lưu trữ code_verifier và state để sử dụng ở bước exchange token
|
|
72
|
+
sessionStorage.setItem('pkce_code_verifier', pkce.code_verifier);
|
|
73
|
+
sessionStorage.setItem('auth_state', authResult.state);
|
|
74
|
+
```
|
|
75
|
+
|
|
76
|
+
##### Option B: Auto-Generated PKCE (Đơn giản nhất)
|
|
77
|
+
|
|
78
|
+
```typescript
|
|
79
|
+
// Tạo authorization URL với auto-generated PKCE
|
|
80
|
+
const authResult = zalo.auth.createOAAuthUrl(
|
|
81
|
+
"https://your-app.com/auth/callback",
|
|
82
|
+
undefined, // state sẽ được auto-generate
|
|
83
|
+
undefined, // pkce sẽ được auto-generate
|
|
84
|
+
true // usePkce = true
|
|
85
|
+
);
|
|
86
|
+
|
|
87
|
+
console.log("Secure auth URL:", authResult.url);
|
|
88
|
+
console.log("Auto-generated state:", authResult.state);
|
|
89
|
+
console.log("Auto-generated PKCE:", authResult.pkce);
|
|
90
|
+
|
|
91
|
+
// ⚠️ QUAN TRỌNG: Lưu trữ auto-generated values
|
|
92
|
+
sessionStorage.setItem('pkce_code_verifier', authResult.pkce!.code_verifier);
|
|
93
|
+
sessionStorage.setItem('auth_state', authResult.state);
|
|
34
94
|
```
|
|
35
95
|
|
|
36
96
|
### 2. Xử lý Callback và Lấy Access Token
|
|
37
97
|
|
|
98
|
+
#### Cách 1: Basic Token Exchange
|
|
99
|
+
|
|
38
100
|
```typescript
|
|
39
101
|
// Trong route callback của bạn
|
|
40
102
|
app.get('/auth/callback', async (req, res) => {
|
|
41
103
|
const { code, state } = req.query;
|
|
42
|
-
|
|
104
|
+
|
|
43
105
|
try {
|
|
44
106
|
// Lấy access token từ authorization code
|
|
45
|
-
const tokenResponse = await zalo.getOAAccessToken(
|
|
46
|
-
|
|
47
|
-
"
|
|
48
|
-
|
|
49
|
-
|
|
107
|
+
const tokenResponse = await zalo.auth.getOAAccessToken({
|
|
108
|
+
app_id: "your-oa-app-id",
|
|
109
|
+
app_secret: "your-oa-app-secret",
|
|
110
|
+
code: code as string,
|
|
111
|
+
redirect_uri: "https://your-app.com/auth/callback"
|
|
112
|
+
});
|
|
113
|
+
|
|
50
114
|
console.log("OA Access Token:", tokenResponse.access_token);
|
|
51
115
|
console.log("Refresh Token:", tokenResponse.refresh_token);
|
|
52
116
|
console.log("Expires In:", tokenResponse.expires_in); // seconds
|
|
53
|
-
|
|
117
|
+
|
|
54
118
|
// Lưu tokens vào database/session
|
|
55
119
|
await saveTokens(tokenResponse);
|
|
56
|
-
|
|
120
|
+
|
|
57
121
|
res.redirect('/dashboard');
|
|
58
122
|
} catch (error) {
|
|
59
123
|
console.error("Auth error:", error);
|
|
@@ -62,7 +126,88 @@ app.get('/auth/callback', async (req, res) => {
|
|
|
62
126
|
});
|
|
63
127
|
```
|
|
64
128
|
|
|
65
|
-
|
|
129
|
+
#### Cách 2: Secure Token Exchange với PKCE
|
|
130
|
+
|
|
131
|
+
```typescript
|
|
132
|
+
app.get('/auth/callback', async (req, res) => {
|
|
133
|
+
const { code, state } = req.query;
|
|
134
|
+
|
|
135
|
+
try {
|
|
136
|
+
// Bước 1: Verify state để chống CSRF attack
|
|
137
|
+
const storedState = sessionStorage.getItem('auth_state');
|
|
138
|
+
if (state !== storedState) {
|
|
139
|
+
throw new Error('State mismatch - possible CSRF attack');
|
|
140
|
+
}
|
|
141
|
+
|
|
142
|
+
// Bước 2: Lấy code_verifier đã lưu trữ
|
|
143
|
+
const codeVerifier = sessionStorage.getItem('pkce_code_verifier');
|
|
144
|
+
if (!codeVerifier) {
|
|
145
|
+
throw new Error('Code verifier not found');
|
|
146
|
+
}
|
|
147
|
+
|
|
148
|
+
// Bước 3: Exchange authorization code với PKCE
|
|
149
|
+
const tokenResponse = await zalo.auth.getOAAccessToken({
|
|
150
|
+
app_id: "your-oa-app-id",
|
|
151
|
+
app_secret: "your-oa-app-secret",
|
|
152
|
+
code: code as string,
|
|
153
|
+
redirect_uri: "https://your-app.com/auth/callback",
|
|
154
|
+
code_verifier: codeVerifier // 🔐 PKCE code verifier
|
|
155
|
+
});
|
|
156
|
+
|
|
157
|
+
console.log("Secure OA Access Token:", tokenResponse.access_token);
|
|
158
|
+
|
|
159
|
+
// Bước 4: Xóa temporary data
|
|
160
|
+
sessionStorage.removeItem('auth_state');
|
|
161
|
+
sessionStorage.removeItem('pkce_code_verifier');
|
|
162
|
+
|
|
163
|
+
// Lưu tokens
|
|
164
|
+
await saveTokens(tokenResponse);
|
|
165
|
+
|
|
166
|
+
res.redirect('/dashboard');
|
|
167
|
+
} catch (error) {
|
|
168
|
+
console.error("Secure auth error:", error);
|
|
169
|
+
res.redirect('/auth/error');
|
|
170
|
+
}
|
|
171
|
+
});
|
|
172
|
+
```
|
|
173
|
+
|
|
174
|
+
### 3. PKCE Security Benefits
|
|
175
|
+
|
|
176
|
+
PKCE (Proof Key for Code Exchange) cung cấp các lợi ích bảo mật quan trọng:
|
|
177
|
+
|
|
178
|
+
#### 🔐 Tại sao nên sử dụng PKCE?
|
|
179
|
+
|
|
180
|
+
1. **Chống Authorization Code Interception**:
|
|
181
|
+
- Ngay cả khi authorization code bị đánh cắp, attacker không thể sử dụng mà không có `code_verifier`
|
|
182
|
+
|
|
183
|
+
2. **Không cần lưu trữ App Secret ở client**:
|
|
184
|
+
- PKCE cho phép public clients (mobile apps, SPAs) thực hiện OAuth flow an toàn
|
|
185
|
+
|
|
186
|
+
3. **Chống CSRF và Replay Attacks**:
|
|
187
|
+
- Mỗi request có unique `code_verifier` và `code_challenge`
|
|
188
|
+
|
|
189
|
+
#### 🛡️ PKCE Flow Security
|
|
190
|
+
|
|
191
|
+
```
|
|
192
|
+
1. Client tạo code_verifier (random string)
|
|
193
|
+
2. Client tạo code_challenge = SHA256(code_verifier)
|
|
194
|
+
3. Client gửi code_challenge trong authorization request
|
|
195
|
+
4. Authorization server lưu code_challenge
|
|
196
|
+
5. Client nhận authorization code
|
|
197
|
+
6. Client gửi code + code_verifier để exchange token
|
|
198
|
+
7. Server verify: SHA256(code_verifier) == stored code_challenge
|
|
199
|
+
8. Nếu match → trả về access token
|
|
200
|
+
```
|
|
201
|
+
|
|
202
|
+
#### ⚠️ Best Practices
|
|
203
|
+
|
|
204
|
+
- **Luôn sử dụng PKCE** cho production applications
|
|
205
|
+
- **Lưu trữ code_verifier an toàn** (session, secure storage)
|
|
206
|
+
- **Verify state parameter** để chống CSRF
|
|
207
|
+
- **Sử dụng HTTPS** cho tất cả OAuth endpoints
|
|
208
|
+
- **Set proper expiration** cho stored PKCE data
|
|
209
|
+
|
|
210
|
+
### 5. Token Response Structure
|
|
66
211
|
|
|
67
212
|
```typescript
|
|
68
213
|
interface AccessToken {
|
|
@@ -74,7 +219,7 @@ interface AccessToken {
|
|
|
74
219
|
}
|
|
75
220
|
```
|
|
76
221
|
|
|
77
|
-
###
|
|
222
|
+
### 6. Sử dụng Access Token
|
|
78
223
|
|
|
79
224
|
```typescript
|
|
80
225
|
// Lấy thông tin OA
|
|
@@ -0,0 +1,179 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Example: Official Account Authentication with PKCE
|
|
3
|
+
* Demonstrates how to use the updated createOAAuthUrl method with PKCE support
|
|
4
|
+
*/
|
|
5
|
+
|
|
6
|
+
import { ZaloSDK } from '../src';
|
|
7
|
+
|
|
8
|
+
// Initialize SDK
|
|
9
|
+
const sdk = new ZaloSDK({
|
|
10
|
+
appId: 'your_app_id',
|
|
11
|
+
appSecret: 'your_app_secret',
|
|
12
|
+
});
|
|
13
|
+
|
|
14
|
+
// Example 1: Basic OA Auth without PKCE
|
|
15
|
+
async function basicOAAuth() {
|
|
16
|
+
console.log('=== Basic OA Auth (without PKCE) ===');
|
|
17
|
+
|
|
18
|
+
const redirectUri = 'https://your-app.com/callback';
|
|
19
|
+
|
|
20
|
+
// Create auth URL - state will be auto-generated with 'zalo_oa_' prefix
|
|
21
|
+
const authResult = sdk.auth.createOAAuthUrl(redirectUri);
|
|
22
|
+
|
|
23
|
+
console.log('Authorization URL:', authResult.url);
|
|
24
|
+
console.log('Generated State:', authResult.state);
|
|
25
|
+
|
|
26
|
+
// You can also provide custom state
|
|
27
|
+
const customAuthResult = sdk.auth.createOAAuthUrl(redirectUri, 'my_custom_state');
|
|
28
|
+
console.log('Custom State URL:', customAuthResult.url);
|
|
29
|
+
console.log('Custom State:', customAuthResult.state);
|
|
30
|
+
}
|
|
31
|
+
|
|
32
|
+
// Example 2: OA Auth with PKCE for enhanced security (Manual PKCE)
|
|
33
|
+
async function oaAuthWithPKCE() {
|
|
34
|
+
console.log('\n=== OA Auth with Manual PKCE ===');
|
|
35
|
+
|
|
36
|
+
const redirectUri = 'https://your-app.com/callback';
|
|
37
|
+
|
|
38
|
+
// Step 1: Generate PKCE configuration
|
|
39
|
+
const pkce = sdk.auth.generatePKCE();
|
|
40
|
+
console.log('Generated PKCE:');
|
|
41
|
+
console.log('- Code Verifier:', pkce.code_verifier);
|
|
42
|
+
console.log('- Code Challenge:', pkce.code_challenge);
|
|
43
|
+
console.log('- Challenge Method:', pkce.code_challenge_method);
|
|
44
|
+
|
|
45
|
+
// Step 2: Create auth URL with manual PKCE
|
|
46
|
+
const authResult = sdk.auth.createOAAuthUrl(redirectUri, undefined, pkce, true);
|
|
47
|
+
|
|
48
|
+
console.log('\nAuthorization URL with PKCE:', authResult.url);
|
|
49
|
+
console.log('Generated State:', authResult.state);
|
|
50
|
+
console.log('Used PKCE:', authResult.pkce);
|
|
51
|
+
|
|
52
|
+
// IMPORTANT: Store the code_verifier and state for later use
|
|
53
|
+
// You'll need these when exchanging the authorization code for access token
|
|
54
|
+
console.log('\n⚠️ IMPORTANT: Store these values for token exchange:');
|
|
55
|
+
console.log('- Code Verifier:', pkce.code_verifier);
|
|
56
|
+
console.log('- State:', authResult.state);
|
|
57
|
+
|
|
58
|
+
return { pkce, state: authResult.state };
|
|
59
|
+
}
|
|
60
|
+
|
|
61
|
+
// Example 2b: OA Auth with Auto-Generated PKCE
|
|
62
|
+
async function oaAuthWithAutoPKCE() {
|
|
63
|
+
console.log('\n=== OA Auth with Auto-Generated PKCE ===');
|
|
64
|
+
|
|
65
|
+
const redirectUri = 'https://your-app.com/callback';
|
|
66
|
+
|
|
67
|
+
// Create auth URL with auto-generated PKCE (pkce=undefined, usePkce=true)
|
|
68
|
+
const authResult = sdk.auth.createOAAuthUrl(redirectUri, undefined, undefined, true);
|
|
69
|
+
|
|
70
|
+
console.log('Authorization URL with Auto PKCE:', authResult.url);
|
|
71
|
+
console.log('Generated State:', authResult.state);
|
|
72
|
+
console.log('Auto-Generated PKCE:', authResult.pkce);
|
|
73
|
+
|
|
74
|
+
// IMPORTANT: Store the auto-generated PKCE and state
|
|
75
|
+
console.log('\n⚠️ IMPORTANT: Store these auto-generated values:');
|
|
76
|
+
console.log('- Code Verifier:', authResult.pkce?.code_verifier);
|
|
77
|
+
console.log('- State:', authResult.state);
|
|
78
|
+
|
|
79
|
+
return authResult;
|
|
80
|
+
}
|
|
81
|
+
|
|
82
|
+
// Example 3: Complete flow - Authorization + Token Exchange
|
|
83
|
+
async function completeOAFlow() {
|
|
84
|
+
console.log('\n=== Complete OA Flow with PKCE ===');
|
|
85
|
+
|
|
86
|
+
const redirectUri = 'https://your-app.com/callback';
|
|
87
|
+
|
|
88
|
+
// Step 1: Generate PKCE and create auth URL
|
|
89
|
+
const pkce = sdk.auth.generatePKCE();
|
|
90
|
+
const authResult = sdk.auth.createOAAuthUrl(redirectUri, 'my_oa_flow', pkce);
|
|
91
|
+
|
|
92
|
+
console.log('1. Redirect user to:', authResult.url);
|
|
93
|
+
console.log('2. Store state and code_verifier:', {
|
|
94
|
+
state: authResult.state,
|
|
95
|
+
code_verifier: pkce.code_verifier
|
|
96
|
+
});
|
|
97
|
+
|
|
98
|
+
// Step 2: After user authorizes and returns with code
|
|
99
|
+
// (This would happen in your callback handler)
|
|
100
|
+
const simulateCallback = async (authorizationCode: string, returnedState: string) => {
|
|
101
|
+
console.log('\n3. User returned with authorization code');
|
|
102
|
+
|
|
103
|
+
// Verify state matches
|
|
104
|
+
if (returnedState !== authResult.state) {
|
|
105
|
+
throw new Error('State mismatch - possible CSRF attack');
|
|
106
|
+
}
|
|
107
|
+
|
|
108
|
+
// Step 3: Exchange code for access token with PKCE
|
|
109
|
+
try {
|
|
110
|
+
const tokenResult = await sdk.auth.getOAAccessToken({
|
|
111
|
+
app_id: 'your_app_id',
|
|
112
|
+
app_secret: 'your_app_secret',
|
|
113
|
+
code: authorizationCode,
|
|
114
|
+
redirect_uri: redirectUri,
|
|
115
|
+
code_verifier: pkce.code_verifier, // Include code_verifier for PKCE
|
|
116
|
+
});
|
|
117
|
+
|
|
118
|
+
console.log('4. Successfully obtained access token:', {
|
|
119
|
+
access_token: tokenResult.access_token.substring(0, 20) + '...',
|
|
120
|
+
expires_in: tokenResult.expires_in,
|
|
121
|
+
has_refresh_token: !!tokenResult.refresh_token
|
|
122
|
+
});
|
|
123
|
+
|
|
124
|
+
return tokenResult;
|
|
125
|
+
} catch (error) {
|
|
126
|
+
console.error('Failed to exchange code for token:', error);
|
|
127
|
+
throw error;
|
|
128
|
+
}
|
|
129
|
+
};
|
|
130
|
+
|
|
131
|
+
// Simulate the callback (in real app, this would be handled by your callback endpoint)
|
|
132
|
+
console.log('\n--- Simulating callback ---');
|
|
133
|
+
// await simulateCallback('simulated_auth_code', authResult.state);
|
|
134
|
+
}
|
|
135
|
+
|
|
136
|
+
// Example 4: Using getAuthUrls method
|
|
137
|
+
async function getAuthUrlsExample() {
|
|
138
|
+
console.log('\n=== Get Auth URLs ===');
|
|
139
|
+
|
|
140
|
+
const redirectUri = 'https://your-app.com/callback';
|
|
141
|
+
const pkce = sdk.auth.generatePKCE();
|
|
142
|
+
|
|
143
|
+
const authUrls = sdk.auth.getAuthUrls(redirectUri, pkce);
|
|
144
|
+
|
|
145
|
+
console.log('All auth URLs:', {
|
|
146
|
+
oa_auth_url: authUrls.oa_auth_url,
|
|
147
|
+
social_auth_url: authUrls.social_auth_url,
|
|
148
|
+
token_url: authUrls.token_url,
|
|
149
|
+
refresh_url: authUrls.refresh_url
|
|
150
|
+
});
|
|
151
|
+
}
|
|
152
|
+
|
|
153
|
+
// Run examples
|
|
154
|
+
async function runExamples() {
|
|
155
|
+
try {
|
|
156
|
+
await basicOAAuth();
|
|
157
|
+
await oaAuthWithPKCE();
|
|
158
|
+
await oaAuthWithAutoPKCE();
|
|
159
|
+
await completeOAFlow();
|
|
160
|
+
await getAuthUrlsExample();
|
|
161
|
+
} catch (error) {
|
|
162
|
+
console.error('Example error:', error);
|
|
163
|
+
}
|
|
164
|
+
}
|
|
165
|
+
|
|
166
|
+
// Export for use in other files
|
|
167
|
+
export {
|
|
168
|
+
basicOAAuth,
|
|
169
|
+
oaAuthWithPKCE,
|
|
170
|
+
oaAuthWithAutoPKCE,
|
|
171
|
+
completeOAFlow,
|
|
172
|
+
getAuthUrlsExample,
|
|
173
|
+
runExamples
|
|
174
|
+
};
|
|
175
|
+
|
|
176
|
+
// Run if this file is executed directly
|
|
177
|
+
if (require.main === module) {
|
|
178
|
+
runExamples();
|
|
179
|
+
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@warriorteam/redai-zalo-sdk",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.11.1",
|
|
4
4
|
"description": "Comprehensive TypeScript/JavaScript SDK for Zalo APIs - Official Account, ZNS, Consultation Service, Group Messaging, and Social APIs",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|