@~lyre/auth 0.0.4 → 0.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-R3JOX2XR.js → chunk-RADVGFYQ.js} +25 -14
- package/dist/index.d.ts +4 -0
- package/dist/index.js +1 -1
- package/dist/sveltekit.js +1 -1
- package/package.json +1 -1
|
@@ -2,11 +2,15 @@
|
|
|
2
2
|
import { createHmac, timingSafeEqual } from "crypto";
|
|
3
3
|
var SESSION_COOKIE_NAME = "platform_session";
|
|
4
4
|
var STATE_COOKIE_NAME = "accounts_auth_state";
|
|
5
|
+
function normalizeOptionalString(value) {
|
|
6
|
+
const trimmed = value?.trim();
|
|
7
|
+
return trimmed ? trimmed : void 0;
|
|
8
|
+
}
|
|
5
9
|
function createAccountsClientConfig(input = {}) {
|
|
6
10
|
return {
|
|
7
|
-
baseUrl: input.baseUrl ?? process.env.ACCOUNTS_BASE_URL,
|
|
11
|
+
baseUrl: normalizeOptionalString(input.baseUrl ?? process.env.ACCOUNTS_BASE_URL),
|
|
8
12
|
clientId: input.clientId ?? process.env.ACCOUNTS_CLIENT_ID ?? "accounts-app",
|
|
9
|
-
clientSecret: input.clientSecret ?? process.env.ACCOUNTS_CLIENT_SECRET,
|
|
13
|
+
clientSecret: normalizeOptionalString(input.clientSecret ?? process.env.ACCOUNTS_CLIENT_SECRET),
|
|
10
14
|
redirectUri: input.redirectUri ?? process.env.ACCOUNTS_REDIRECT_URI ?? "http://localhost:5173/auth/callback",
|
|
11
15
|
logoutRedirectUri: input.logoutRedirectUri ?? process.env.ACCOUNTS_LOGOUT_REDIRECT_URI ?? "http://localhost:5173/",
|
|
12
16
|
useMock: input.useMock ?? (process.env.ACCOUNTS_USE_MOCK === "true" || !process.env.ACCOUNTS_BASE_URL || !process.env.ACCOUNTS_CLIENT_ID)
|
|
@@ -94,18 +98,22 @@ async function exchangeAuthorizationCode(input) {
|
|
|
94
98
|
return createMockTokenResponse(input.code);
|
|
95
99
|
}
|
|
96
100
|
const fetchImpl = input.fetchImpl ?? fetch;
|
|
101
|
+
const clientSecret = normalizeOptionalString(input.config.clientSecret);
|
|
102
|
+
const tokenBody = {
|
|
103
|
+
grant_type: "authorization_code",
|
|
104
|
+
code: input.code,
|
|
105
|
+
redirect_uri: input.config.redirectUri,
|
|
106
|
+
client_id: input.config.clientId
|
|
107
|
+
};
|
|
108
|
+
if (clientSecret) {
|
|
109
|
+
tokenBody.client_secret = clientSecret;
|
|
110
|
+
}
|
|
97
111
|
const response = await fetchImpl(new URL("/api/auth/token", input.config.baseUrl), {
|
|
98
112
|
method: "POST",
|
|
99
113
|
headers: {
|
|
100
114
|
"content-type": "application/json"
|
|
101
115
|
},
|
|
102
|
-
body: JSON.stringify(
|
|
103
|
-
grant_type: "authorization_code",
|
|
104
|
-
code: input.code,
|
|
105
|
-
redirect_uri: input.config.redirectUri,
|
|
106
|
-
client_id: input.config.clientId,
|
|
107
|
-
client_secret: input.config.clientSecret
|
|
108
|
-
})
|
|
116
|
+
body: JSON.stringify(tokenBody)
|
|
109
117
|
});
|
|
110
118
|
if (!response.ok) {
|
|
111
119
|
throw new Error(`Accounts token exchange failed with status ${response.status}.`);
|
|
@@ -196,13 +204,16 @@ function parseAuthorizationState(value) {
|
|
|
196
204
|
}
|
|
197
205
|
}
|
|
198
206
|
function normalizeIdentity(user) {
|
|
207
|
+
const firstName = user.firstName ?? user.first_name;
|
|
208
|
+
const lastName = user.lastName ?? user.last_name;
|
|
199
209
|
return {
|
|
200
210
|
id: user.id,
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
205
|
-
|
|
211
|
+
// Prefer the real address under either key; only synthesize when truly absent.
|
|
212
|
+
email: user.emailAddress ?? user.email ?? `${user.id}@accounts.local`,
|
|
213
|
+
name: user.name ?? ([firstName, lastName].filter(Boolean).join(" ") || "Accounts User"),
|
|
214
|
+
firstName,
|
|
215
|
+
lastName,
|
|
216
|
+
avatarUrl: user.avatarUrl ?? user.avatar_url
|
|
206
217
|
};
|
|
207
218
|
}
|
|
208
219
|
function createMockTokenResponse(code) {
|
package/dist/index.d.ts
CHANGED
|
@@ -69,10 +69,14 @@ type AccountsTokenResponse = {
|
|
|
69
69
|
user: {
|
|
70
70
|
id: string;
|
|
71
71
|
email?: string;
|
|
72
|
+
emailAddress?: string;
|
|
72
73
|
name?: string;
|
|
73
74
|
first_name?: string;
|
|
75
|
+
firstName?: string;
|
|
74
76
|
last_name?: string;
|
|
77
|
+
lastName?: string;
|
|
75
78
|
avatar_url?: string;
|
|
79
|
+
avatarUrl?: string;
|
|
76
80
|
};
|
|
77
81
|
};
|
|
78
82
|
type SyncAccountsUserResult = {
|
package/dist/index.js
CHANGED
package/dist/sveltekit.js
CHANGED
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@~lyre/auth",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.6",
|
|
4
4
|
"description": "Shared Axis Accounts auth SDK — framework-agnostic session/identity core (HMAC-signed cookies, accounts login/callback/logout) plus an optional turnkey SvelteKit adapter.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"sideEffects": false,
|