better-auth 1.2.6-beta.7 → 1.2.7-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (273) hide show
  1. package/dist/adapters/drizzle-adapter/index.cjs +186 -249
  2. package/dist/adapters/drizzle-adapter/index.d.cts +11 -49
  3. package/dist/adapters/drizzle-adapter/index.d.mts +11 -49
  4. package/dist/adapters/drizzle-adapter/index.d.ts +11 -49
  5. package/dist/adapters/drizzle-adapter/index.mjs +186 -249
  6. package/dist/adapters/index.cjs +26 -0
  7. package/dist/adapters/index.d.cts +17 -0
  8. package/dist/adapters/index.d.mts +17 -0
  9. package/dist/adapters/index.d.ts +17 -0
  10. package/dist/adapters/index.mjs +20 -0
  11. package/dist/adapters/kysely-adapter/index.cjs +7 -7
  12. package/dist/adapters/kysely-adapter/index.d.cts +17 -49
  13. package/dist/adapters/kysely-adapter/index.d.mts +17 -49
  14. package/dist/adapters/kysely-adapter/index.d.ts +17 -49
  15. package/dist/adapters/kysely-adapter/index.mjs +8 -8
  16. package/dist/adapters/memory-adapter/index.cjs +7 -8
  17. package/dist/adapters/memory-adapter/index.d.cts +9 -49
  18. package/dist/adapters/memory-adapter/index.d.mts +9 -49
  19. package/dist/adapters/memory-adapter/index.d.ts +9 -49
  20. package/dist/adapters/memory-adapter/index.mjs +8 -9
  21. package/dist/adapters/mongodb-adapter/index.cjs +2 -2
  22. package/dist/adapters/mongodb-adapter/index.d.cts +4 -4
  23. package/dist/adapters/mongodb-adapter/index.d.mts +4 -4
  24. package/dist/adapters/mongodb-adapter/index.d.ts +4 -4
  25. package/dist/adapters/mongodb-adapter/index.mjs +3 -3
  26. package/dist/adapters/prisma-adapter/index.cjs +130 -203
  27. package/dist/adapters/prisma-adapter/index.d.cts +17 -49
  28. package/dist/adapters/prisma-adapter/index.d.mts +17 -49
  29. package/dist/adapters/prisma-adapter/index.d.ts +17 -49
  30. package/dist/adapters/prisma-adapter/index.mjs +131 -204
  31. package/dist/adapters/test.cjs +710 -377
  32. package/dist/adapters/test.d.cts +64 -5
  33. package/dist/adapters/test.d.mts +64 -5
  34. package/dist/adapters/test.d.ts +64 -5
  35. package/dist/adapters/test.mjs +712 -380
  36. package/dist/api/index.cjs +61 -25
  37. package/dist/api/index.d.cts +3 -3
  38. package/dist/api/index.d.mts +3 -3
  39. package/dist/api/index.d.ts +3 -3
  40. package/dist/api/index.mjs +63 -27
  41. package/dist/client/index.d.cts +3 -3
  42. package/dist/client/index.d.mts +3 -3
  43. package/dist/client/index.d.ts +3 -3
  44. package/dist/client/plugins/index.cjs +13 -15
  45. package/dist/client/plugins/index.d.cts +80 -19
  46. package/dist/client/plugins/index.d.mts +80 -19
  47. package/dist/client/plugins/index.d.ts +80 -19
  48. package/dist/client/plugins/index.mjs +13 -16
  49. package/dist/client/react/index.cjs +4 -4
  50. package/dist/client/react/index.d.cts +3 -3
  51. package/dist/client/react/index.d.mts +3 -3
  52. package/dist/client/react/index.d.ts +3 -3
  53. package/dist/client/solid/index.d.cts +3 -3
  54. package/dist/client/solid/index.d.mts +3 -3
  55. package/dist/client/solid/index.d.ts +3 -3
  56. package/dist/client/svelte/index.d.cts +3 -3
  57. package/dist/client/svelte/index.d.mts +3 -3
  58. package/dist/client/svelte/index.d.ts +3 -3
  59. package/dist/client/vue/index.d.cts +3 -3
  60. package/dist/client/vue/index.d.mts +3 -3
  61. package/dist/client/vue/index.d.ts +3 -3
  62. package/dist/cookies/index.cjs +13 -2
  63. package/dist/cookies/index.d.cts +3 -3
  64. package/dist/cookies/index.d.mts +3 -3
  65. package/dist/cookies/index.d.ts +3 -3
  66. package/dist/cookies/index.mjs +13 -2
  67. package/dist/db/index.cjs +6 -5
  68. package/dist/db/index.d.cts +4 -4
  69. package/dist/db/index.d.mts +4 -4
  70. package/dist/db/index.d.ts +4 -4
  71. package/dist/db/index.mjs +7 -6
  72. package/dist/index.cjs +11 -7
  73. package/dist/index.d.cts +4 -4
  74. package/dist/index.d.mts +4 -4
  75. package/dist/index.d.ts +4 -4
  76. package/dist/index.mjs +14 -10
  77. package/dist/integrations/next-js.cjs +4 -5
  78. package/dist/integrations/next-js.d.cts +3 -3
  79. package/dist/integrations/next-js.d.mts +3 -3
  80. package/dist/integrations/next-js.d.ts +3 -3
  81. package/dist/integrations/next-js.mjs +5 -6
  82. package/dist/integrations/node.d.cts +3 -3
  83. package/dist/integrations/node.d.mts +3 -3
  84. package/dist/integrations/node.d.ts +3 -3
  85. package/dist/integrations/react-start.cjs +5 -6
  86. package/dist/integrations/react-start.d.cts +3 -3
  87. package/dist/integrations/react-start.d.mts +3 -3
  88. package/dist/integrations/react-start.d.ts +3 -3
  89. package/dist/integrations/react-start.mjs +6 -7
  90. package/dist/integrations/svelte-kit.d.cts +3 -3
  91. package/dist/integrations/svelte-kit.d.mts +3 -3
  92. package/dist/integrations/svelte-kit.d.ts +3 -3
  93. package/dist/oauth2/index.d.cts +5 -5
  94. package/dist/oauth2/index.d.mts +5 -5
  95. package/dist/oauth2/index.d.ts +5 -5
  96. package/dist/plugins/access/index.d.cts +1 -1
  97. package/dist/plugins/access/index.d.mts +1 -1
  98. package/dist/plugins/access/index.d.ts +1 -1
  99. package/dist/plugins/admin/access/index.d.cts +1 -1
  100. package/dist/plugins/admin/access/index.d.mts +1 -1
  101. package/dist/plugins/admin/access/index.d.ts +1 -1
  102. package/dist/plugins/admin/index.cjs +4 -4
  103. package/dist/plugins/admin/index.d.cts +74 -14
  104. package/dist/plugins/admin/index.d.mts +74 -14
  105. package/dist/plugins/admin/index.d.ts +74 -14
  106. package/dist/plugins/admin/index.mjs +5 -5
  107. package/dist/plugins/anonymous/index.cjs +4 -5
  108. package/dist/plugins/anonymous/index.d.cts +3 -3
  109. package/dist/plugins/anonymous/index.d.mts +3 -3
  110. package/dist/plugins/anonymous/index.d.ts +3 -3
  111. package/dist/plugins/anonymous/index.mjs +5 -6
  112. package/dist/plugins/bearer/index.cjs +2 -2
  113. package/dist/plugins/bearer/index.d.cts +3 -3
  114. package/dist/plugins/bearer/index.d.mts +3 -3
  115. package/dist/plugins/bearer/index.d.ts +3 -3
  116. package/dist/plugins/bearer/index.mjs +3 -3
  117. package/dist/plugins/captcha/index.cjs +110 -45
  118. package/dist/plugins/captcha/index.d.cts +26 -6
  119. package/dist/plugins/captcha/index.d.mts +26 -6
  120. package/dist/plugins/captcha/index.d.ts +26 -6
  121. package/dist/plugins/captcha/index.mjs +110 -45
  122. package/dist/plugins/custom-session/index.cjs +24 -5
  123. package/dist/plugins/custom-session/index.d.cts +25 -6
  124. package/dist/plugins/custom-session/index.d.mts +25 -6
  125. package/dist/plugins/custom-session/index.d.ts +25 -6
  126. package/dist/plugins/custom-session/index.mjs +25 -6
  127. package/dist/plugins/email-otp/index.cjs +96 -30
  128. package/dist/plugins/email-otp/index.d.cts +33 -10
  129. package/dist/plugins/email-otp/index.d.mts +33 -10
  130. package/dist/plugins/email-otp/index.d.ts +33 -10
  131. package/dist/plugins/email-otp/index.mjs +97 -31
  132. package/dist/plugins/generic-oauth/index.cjs +81 -20
  133. package/dist/plugins/generic-oauth/index.d.cts +46 -3
  134. package/dist/plugins/generic-oauth/index.d.mts +46 -3
  135. package/dist/plugins/generic-oauth/index.d.ts +46 -3
  136. package/dist/plugins/generic-oauth/index.mjs +82 -21
  137. package/dist/plugins/haveibeenpwned/index.cjs +98 -0
  138. package/dist/plugins/haveibeenpwned/index.d.cts +36 -0
  139. package/dist/plugins/haveibeenpwned/index.d.mts +36 -0
  140. package/dist/plugins/haveibeenpwned/index.d.ts +36 -0
  141. package/dist/plugins/haveibeenpwned/index.mjs +96 -0
  142. package/dist/plugins/index.cjs +583 -19
  143. package/dist/plugins/index.d.cts +7 -5
  144. package/dist/plugins/index.d.mts +7 -5
  145. package/dist/plugins/index.d.ts +7 -5
  146. package/dist/plugins/index.mjs +583 -21
  147. package/dist/plugins/jwt/index.cjs +45 -21
  148. package/dist/plugins/jwt/index.d.cts +52 -6
  149. package/dist/plugins/jwt/index.d.mts +52 -6
  150. package/dist/plugins/jwt/index.d.ts +52 -6
  151. package/dist/plugins/jwt/index.mjs +46 -22
  152. package/dist/plugins/magic-link/index.cjs +3 -3
  153. package/dist/plugins/magic-link/index.mjs +4 -4
  154. package/dist/plugins/multi-session/index.cjs +3 -3
  155. package/dist/plugins/multi-session/index.d.cts +3 -3
  156. package/dist/plugins/multi-session/index.d.mts +3 -3
  157. package/dist/plugins/multi-session/index.d.ts +3 -3
  158. package/dist/plugins/multi-session/index.mjs +4 -4
  159. package/dist/plugins/oauth-proxy/index.cjs +4 -4
  160. package/dist/plugins/oauth-proxy/index.d.cts +3 -3
  161. package/dist/plugins/oauth-proxy/index.d.mts +3 -3
  162. package/dist/plugins/oauth-proxy/index.d.ts +3 -3
  163. package/dist/plugins/oauth-proxy/index.mjs +5 -5
  164. package/dist/plugins/oidc-provider/index.cjs +227 -8
  165. package/dist/plugins/oidc-provider/index.d.cts +215 -3
  166. package/dist/plugins/oidc-provider/index.d.mts +215 -3
  167. package/dist/plugins/oidc-provider/index.d.ts +215 -3
  168. package/dist/plugins/oidc-provider/index.mjs +228 -9
  169. package/dist/plugins/one-tap/index.cjs +5 -5
  170. package/dist/plugins/one-tap/index.mjs +6 -6
  171. package/dist/plugins/one-time-token/index.cjs +119 -0
  172. package/dist/plugins/one-time-token/index.d.cts +134 -0
  173. package/dist/plugins/one-time-token/index.d.mts +134 -0
  174. package/dist/plugins/one-time-token/index.d.ts +134 -0
  175. package/dist/plugins/one-time-token/index.mjs +117 -0
  176. package/dist/plugins/open-api/index.cjs +3 -3
  177. package/dist/plugins/open-api/index.d.cts +3 -3
  178. package/dist/plugins/open-api/index.d.mts +3 -3
  179. package/dist/plugins/open-api/index.d.ts +3 -3
  180. package/dist/plugins/open-api/index.mjs +4 -4
  181. package/dist/plugins/organization/access/index.d.cts +1 -1
  182. package/dist/plugins/organization/access/index.d.mts +1 -1
  183. package/dist/plugins/organization/access/index.d.ts +1 -1
  184. package/dist/plugins/organization/index.cjs +4 -4
  185. package/dist/plugins/organization/index.d.cts +708 -55
  186. package/dist/plugins/organization/index.d.mts +708 -55
  187. package/dist/plugins/organization/index.d.ts +708 -55
  188. package/dist/plugins/organization/index.mjs +5 -5
  189. package/dist/plugins/passkey/index.cjs +82 -8
  190. package/dist/plugins/passkey/index.d.cts +72 -3
  191. package/dist/plugins/passkey/index.d.mts +72 -3
  192. package/dist/plugins/passkey/index.d.ts +72 -3
  193. package/dist/plugins/passkey/index.mjs +83 -9
  194. package/dist/plugins/phone-number/index.cjs +194 -26
  195. package/dist/plugins/phone-number/index.d.cts +132 -8
  196. package/dist/plugins/phone-number/index.d.mts +132 -8
  197. package/dist/plugins/phone-number/index.d.ts +132 -8
  198. package/dist/plugins/phone-number/index.mjs +195 -27
  199. package/dist/plugins/sso/index.cjs +190 -7
  200. package/dist/plugins/sso/index.d.cts +181 -15
  201. package/dist/plugins/sso/index.d.mts +181 -15
  202. package/dist/plugins/sso/index.d.ts +181 -15
  203. package/dist/plugins/sso/index.mjs +191 -8
  204. package/dist/plugins/two-factor/index.cjs +443 -92
  205. package/dist/plugins/two-factor/index.d.cts +230 -396
  206. package/dist/plugins/two-factor/index.d.mts +230 -396
  207. package/dist/plugins/two-factor/index.d.ts +230 -396
  208. package/dist/plugins/two-factor/index.mjs +431 -80
  209. package/dist/plugins/username/index.cjs +34 -31
  210. package/dist/plugins/username/index.d.cts +15 -12
  211. package/dist/plugins/username/index.d.mts +15 -12
  212. package/dist/plugins/username/index.d.ts +15 -12
  213. package/dist/plugins/username/index.mjs +35 -32
  214. package/dist/shared/better-auth.1DR6suCQ.mjs +307 -0
  215. package/dist/shared/{better-auth.BSsp73pg.cjs → better-auth.B7cZ2juS.cjs} +15 -14
  216. package/dist/shared/{better-auth.bKwabe3I.d.mts → better-auth.B88xucNq.d.mts} +529 -39
  217. package/dist/shared/{better-auth.CApEjVDP.cjs → better-auth.BW8BpneG.cjs} +4 -1
  218. package/dist/shared/{better-auth.BiQsvaIP.d.cts → better-auth.BcU1Kjyq.d.cts} +2051 -518
  219. package/dist/shared/better-auth.BfG24BjZ.cjs +118 -0
  220. package/dist/shared/{better-auth.A3TjrU8G.mjs → better-auth.Bk5IMdhM.mjs} +32 -12
  221. package/dist/shared/{better-auth.D9VnBkRI.mjs → better-auth.Bm9HxIzE.mjs} +47 -24
  222. package/dist/shared/{better-auth.BRf6Iynu.d.ts → better-auth.Bwc-6kOr.d.ts} +1 -1
  223. package/dist/shared/{better-auth.D-oLmHIj.d.mts → better-auth.CA2hFK4N.d.ts} +2051 -518
  224. package/dist/shared/{better-auth.Dmhe30iW.d.mts → better-auth.CGukGrxT.d.cts} +1 -1
  225. package/dist/shared/{better-auth.CsSpq0zL.cjs → better-auth.CHUzBidy.cjs} +46 -23
  226. package/dist/shared/{better-auth.DWRligF8.d.cts → better-auth.CT9J6rD-.d.cts} +539 -7
  227. package/dist/shared/better-auth.CVCo5Z2T.cjs +310 -0
  228. package/dist/shared/{better-auth.D4jH-sJA.mjs → better-auth.CWwVo_61.mjs} +458 -118
  229. package/dist/shared/{better-auth.Bi8FQwDD.d.cts → better-auth.CYegVoq1.d.cts} +1 -1
  230. package/dist/shared/{better-auth.Bi8FQwDD.d.mts → better-auth.CYegVoq1.d.mts} +1 -1
  231. package/dist/shared/{better-auth.Bi8FQwDD.d.ts → better-auth.CYegVoq1.d.ts} +1 -1
  232. package/dist/shared/{better-auth.CepcSj5H.mjs → better-auth.Cc72UxUH.mjs} +1 -2
  233. package/dist/shared/{better-auth.BWp5dztg.d.ts → better-auth.CmN4mlPh.d.ts} +539 -7
  234. package/dist/shared/{better-auth.DH3YjMQH.mjs → better-auth.Cqykj82J.mjs} +1 -1
  235. package/dist/shared/{better-auth.wcdMj2cT.d.mts → better-auth.DIt2e3lu.d.mts} +539 -7
  236. package/dist/shared/{better-auth.BANAxdkL.d.ts → better-auth.DNTAFSt1.d.ts} +529 -39
  237. package/dist/shared/{better-auth.DU2QNVc_.d.ts → better-auth.DQ7OSJbI.d.mts} +2051 -518
  238. package/dist/shared/{better-auth.DLTzKoOS.cjs → better-auth.DSVbLSt7.cjs} +4 -1
  239. package/dist/shared/{better-auth.B2Fw1vhH.d.cts → better-auth.DTiSPWEk.d.cts} +529 -39
  240. package/dist/shared/better-auth.DURsStt9.mjs +116 -0
  241. package/dist/shared/{better-auth.BIjcZ_vt.cjs → better-auth.DYoLD99C.cjs} +31 -11
  242. package/dist/shared/{better-auth.CV1L7TPV.cjs → better-auth.D_ZIX1O8.cjs} +317 -47
  243. package/dist/shared/{better-auth.C5H9XEzZ.cjs → better-auth.DcWKCjjf.cjs} +1 -2
  244. package/dist/shared/{better-auth.BDYXUcLv.cjs → better-auth.Dg0siV5C.cjs} +457 -117
  245. package/dist/shared/better-auth.DjryM8pE.cjs +760 -0
  246. package/dist/shared/{better-auth.DPBQN9Fs.mjs → better-auth.Dn_Ms1Uf.mjs} +318 -48
  247. package/dist/shared/{better-auth.DiG4KL2x.mjs → better-auth.OuYYTHC7.mjs} +4 -1
  248. package/dist/shared/{better-auth.DtC8i3pf.d.cts → better-auth.S1jimRbX.d.mts} +1 -1
  249. package/dist/shared/better-auth.SPmq4a4z.d.mts +344 -0
  250. package/dist/shared/{better-auth.cOCrlspr.mjs → better-auth.bkwPl2G4.mjs} +4 -1
  251. package/dist/shared/better-auth.cp2rC2iM.d.ts +344 -0
  252. package/dist/shared/better-auth.eVy4DZvP.d.cts +344 -0
  253. package/dist/shared/{better-auth.BrOpzmqo.mjs → better-auth.iKoUsdFE.mjs} +15 -14
  254. package/dist/shared/better-auth.rSYJCd3o.mjs +758 -0
  255. package/dist/social-providers/index.cjs +75 -3
  256. package/dist/social-providers/index.d.cts +2 -2
  257. package/dist/social-providers/index.d.mts +2 -2
  258. package/dist/social-providers/index.d.ts +2 -2
  259. package/dist/social-providers/index.mjs +77 -6
  260. package/dist/types/index.d.cts +4 -4
  261. package/dist/types/index.d.mts +4 -4
  262. package/dist/types/index.d.ts +4 -4
  263. package/package.json +42 -5
  264. package/dist/chunks/server.cjs +0 -905
  265. package/dist/chunks/server.mjs +0 -895
  266. package/dist/shared/better-auth.BcoSd9tC.mjs +0 -10
  267. package/dist/shared/better-auth.BnRFp-t0.mjs +0 -405
  268. package/dist/shared/better-auth.C1-vpKly.cjs +0 -12
  269. package/dist/shared/better-auth.ClTSOgiD.mjs +0 -140
  270. package/dist/shared/better-auth.DC8JQbiE.mjs +0 -173
  271. package/dist/shared/better-auth.DWHWPllD.cjs +0 -175
  272. package/dist/shared/better-auth.DqLjzBlO.cjs +0 -408
  273. package/dist/shared/better-auth.m575EIBC.cjs +0 -144
@@ -1,8 +1,8 @@
1
1
  import * as better_call from 'better-call';
2
2
  import { z } from 'zod';
3
- import { O as OAuth2Tokens } from '../../shared/better-auth.BANAxdkL.js';
4
- import { U as User } from '../../shared/better-auth.DU2QNVc_.js';
5
- import '../../shared/better-auth.Bi8FQwDD.js';
3
+ import { O as OAuth2Tokens } from '../../shared/better-auth.DNTAFSt1.js';
4
+ import { U as User } from '../../shared/better-auth.CA2hFK4N.js';
5
+ import '../../shared/better-auth.CYegVoq1.js';
6
6
  import 'jose';
7
7
  import 'kysely';
8
8
  import 'better-sqlite3';
@@ -56,9 +56,14 @@ interface SSOOptions {
56
56
  };
57
57
  /**
58
58
  * Disable implicit sign up for new users. When set to true for the provider,
59
- * sign-in need to be calle dwith with requestSignUp as true to create new users.
59
+ * sign-in need to be called with with requestSignUp as true to create new users.
60
60
  */
61
61
  disableImplicitSignUp?: boolean;
62
+ /**
63
+ * Override user info with the provider info.
64
+ * @default false
65
+ */
66
+ defaultOverrideUserInfo?: boolean;
62
67
  }
63
68
  declare const sso: (options?: SSOOptions) => {
64
69
  id: "sso";
@@ -74,6 +79,7 @@ declare const sso: (options?: SSOOptions) => {
74
79
  authorizationEndpoint?: string | undefined;
75
80
  scopes?: string[] | undefined;
76
81
  tokenEndpoint?: string | undefined;
82
+ overrideUserInfo?: boolean | undefined;
77
83
  organizationId?: string | undefined;
78
84
  pkce?: boolean | undefined;
79
85
  userInfoEndpoint?: string | undefined;
@@ -112,20 +118,10 @@ declare const sso: (options?: SSOOptions) => {
112
118
  response: {
113
119
  oidcConfig: OIDCConfig;
114
120
  redirectURI: string;
115
- issuer: string;
116
- domain: string;
117
- organizationId: string | undefined;
118
- userId: string;
119
- providerId: string;
120
121
  };
121
122
  } : {
122
123
  oidcConfig: OIDCConfig;
123
124
  redirectURI: string;
124
- issuer: string;
125
- domain: string;
126
- organizationId: string | undefined;
127
- userId: string;
128
- providerId: string;
129
125
  }>;
130
126
  options: {
131
127
  method: "POST";
@@ -166,6 +162,7 @@ declare const sso: (options?: SSOOptions) => {
166
162
  extraFields?: Record<string, string> | undefined;
167
163
  }>>;
168
164
  organizationId: z.ZodOptional<z.ZodString>;
165
+ overrideUserInfo: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
169
166
  }, "strip", z.ZodTypeAny, {
170
167
  providerId: string;
171
168
  issuer: string;
@@ -175,6 +172,7 @@ declare const sso: (options?: SSOOptions) => {
175
172
  authorizationEndpoint?: string | undefined;
176
173
  scopes?: string[] | undefined;
177
174
  tokenEndpoint?: string | undefined;
175
+ overrideUserInfo?: boolean | undefined;
178
176
  organizationId?: string | undefined;
179
177
  pkce?: boolean | undefined;
180
178
  userInfoEndpoint?: string | undefined;
@@ -198,6 +196,7 @@ declare const sso: (options?: SSOOptions) => {
198
196
  authorizationEndpoint?: string | undefined;
199
197
  scopes?: string[] | undefined;
200
198
  tokenEndpoint?: string | undefined;
199
+ overrideUserInfo?: boolean | undefined;
201
200
  organizationId?: string | undefined;
202
201
  pkce?: boolean | undefined;
203
202
  userInfoEndpoint?: string | undefined;
@@ -243,6 +242,147 @@ declare const sso: (options?: SSOOptions) => {
243
242
  responses: {
244
243
  "200": {
245
244
  description: string;
245
+ content: {
246
+ "application/json": {
247
+ schema: {
248
+ type: "object";
249
+ properties: {
250
+ issuer: {
251
+ type: string;
252
+ format: string;
253
+ description: string;
254
+ };
255
+ domain: {
256
+ type: string;
257
+ description: string;
258
+ };
259
+ oidcConfig: {
260
+ type: string;
261
+ properties: {
262
+ issuer: {
263
+ type: string;
264
+ format: string;
265
+ description: string;
266
+ };
267
+ pkce: {
268
+ type: string;
269
+ description: string;
270
+ };
271
+ clientId: {
272
+ type: string;
273
+ description: string;
274
+ };
275
+ clientSecret: {
276
+ type: string;
277
+ description: string;
278
+ };
279
+ authorizationEndpoint: {
280
+ type: string;
281
+ format: string;
282
+ nullable: boolean;
283
+ description: string;
284
+ };
285
+ discoveryEndpoint: {
286
+ type: string;
287
+ format: string;
288
+ description: string;
289
+ };
290
+ userInfoEndpoint: {
291
+ type: string;
292
+ format: string;
293
+ nullable: boolean;
294
+ description: string;
295
+ };
296
+ scopes: {
297
+ type: string;
298
+ items: {
299
+ type: string;
300
+ };
301
+ nullable: boolean;
302
+ description: string;
303
+ };
304
+ tokenEndpoint: {
305
+ type: string;
306
+ format: string;
307
+ nullable: boolean;
308
+ description: string;
309
+ };
310
+ tokenEndpointAuthentication: {
311
+ type: string;
312
+ enum: string[];
313
+ nullable: boolean;
314
+ description: string;
315
+ };
316
+ jwksEndpoint: {
317
+ type: string;
318
+ format: string;
319
+ nullable: boolean;
320
+ description: string;
321
+ };
322
+ mapping: {
323
+ type: string;
324
+ nullable: boolean;
325
+ properties: {
326
+ id: {
327
+ type: string;
328
+ description: string;
329
+ };
330
+ email: {
331
+ type: string;
332
+ description: string;
333
+ };
334
+ emailVerified: {
335
+ type: string;
336
+ nullable: boolean;
337
+ description: string;
338
+ };
339
+ name: {
340
+ type: string;
341
+ description: string;
342
+ };
343
+ image: {
344
+ type: string;
345
+ nullable: boolean;
346
+ description: string;
347
+ };
348
+ extraFields: {
349
+ type: string;
350
+ additionalProperties: {
351
+ type: string;
352
+ };
353
+ nullable: boolean;
354
+ description: string;
355
+ };
356
+ };
357
+ required: string[];
358
+ };
359
+ };
360
+ required: string[];
361
+ description: string;
362
+ };
363
+ organizationId: {
364
+ type: string;
365
+ nullable: boolean;
366
+ description: string;
367
+ };
368
+ userId: {
369
+ type: string;
370
+ description: string;
371
+ };
372
+ providerId: {
373
+ type: string;
374
+ description: string;
375
+ };
376
+ redirectURI: {
377
+ type: string;
378
+ format: string;
379
+ description: string;
380
+ };
381
+ };
382
+ required: string[];
383
+ };
384
+ };
385
+ };
246
386
  };
247
387
  };
248
388
  };
@@ -366,6 +506,31 @@ declare const sso: (options?: SSOOptions) => {
366
506
  };
367
507
  };
368
508
  };
509
+ responses: {
510
+ "200": {
511
+ description: string;
512
+ content: {
513
+ "application/json": {
514
+ schema: {
515
+ type: "object";
516
+ properties: {
517
+ url: {
518
+ type: string;
519
+ format: string;
520
+ description: string;
521
+ };
522
+ redirect: {
523
+ type: string;
524
+ description: string;
525
+ enum: boolean[];
526
+ };
527
+ };
528
+ required: string[];
529
+ };
530
+ };
531
+ };
532
+ };
533
+ };
369
534
  };
370
535
  };
371
536
  } & {
@@ -496,6 +661,7 @@ interface OIDCConfig {
496
661
  discoveryEndpoint: string;
497
662
  userInfoEndpoint?: string;
498
663
  scopes?: string[];
664
+ overrideUserInfo?: boolean;
499
665
  tokenEndpoint?: string;
500
666
  tokenEndpointAuthentication?: "client_secret_post" | "client_secret_basic";
501
667
  jwksEndpoint?: string;
@@ -509,4 +675,4 @@ interface OIDCConfig {
509
675
  };
510
676
  }
511
677
 
512
- export { sso };
678
+ export { type OIDCConfig, type SSOOptions, type SSOProvider, sso };
@@ -1,10 +1,10 @@
1
1
  import { z } from 'zod';
2
2
  import { APIError } from 'better-call';
3
- import { a as createAuthEndpoint, h as handleOAuthUserInfo, s as sessionMiddleware } from '../../shared/better-auth.D4jH-sJA.mjs';
3
+ import { a as createAuthEndpoint, h as handleOAuthUserInfo, s as sessionMiddleware } from '../../shared/better-auth.CWwVo_61.mjs';
4
4
  import { setSessionCookie } from '../../cookies/index.mjs';
5
- import '../../shared/better-auth.CepcSj5H.mjs';
5
+ import '../../shared/better-auth.Cc72UxUH.mjs';
6
6
  import '../../shared/better-auth.8zoxzg-F.mjs';
7
- import '../../shared/better-auth.DH3YjMQH.mjs';
7
+ import '../../shared/better-auth.Cqykj82J.mjs';
8
8
  import 'defu';
9
9
  import { v as validateAuthorizationCode, a as validateToken, c as createAuthorizationURL } from '../../shared/better-auth.DCVeP5-W.mjs';
10
10
  import { betterFetch, BetterFetchError } from '@better-fetch/fetch';
@@ -23,13 +23,13 @@ import '@noble/hashes/utils';
23
23
  import '../../shared/better-auth.B4Qoxdgc.mjs';
24
24
  import '@better-auth/utils/random';
25
25
  import '../../shared/better-auth.DdzSJf-n.mjs';
26
+ import '../../shared/better-auth.tB5eU6EY.mjs';
26
27
  import '../../shared/better-auth.CW6D9eSx.mjs';
27
28
  import '../../shared/better-auth.BUPPRXfK.mjs';
28
29
  import '@better-auth/utils/hmac';
29
30
  import '../../shared/better-auth.DDEbWX-S.mjs';
30
31
  import '../../shared/better-auth.VTXNLFMT.mjs';
31
32
  import 'jose/errors';
32
- import '../../shared/better-auth.tB5eU6EY.mjs';
33
33
  import '@better-auth/utils/binary';
34
34
 
35
35
  const sso = (options) => {
@@ -96,7 +96,10 @@ const sso = (options) => {
96
96
  }).optional(),
97
97
  organizationId: z.string({
98
98
  description: "If organization plugin is enabled, the organization id to link the provider to"
99
- }).optional()
99
+ }).optional(),
100
+ overrideUserInfo: z.boolean({
101
+ description: "Override user info with the provider info. Defaults to false"
102
+ }).default(false).optional()
100
103
  }),
101
104
  use: [sessionMiddleware],
102
105
  metadata: {
@@ -105,7 +108,160 @@ const sso = (options) => {
105
108
  description: "This endpoint is used to register an OIDC provider. This is used to configure the provider and link it to an organization",
106
109
  responses: {
107
110
  "200": {
108
- description: "The created provider"
111
+ description: "OIDC provider created successfully",
112
+ content: {
113
+ "application/json": {
114
+ schema: {
115
+ type: "object",
116
+ properties: {
117
+ issuer: {
118
+ type: "string",
119
+ format: "uri",
120
+ description: "The issuer URL of the provider"
121
+ },
122
+ domain: {
123
+ type: "string",
124
+ description: "The domain of the provider, used for email matching"
125
+ },
126
+ oidcConfig: {
127
+ type: "object",
128
+ properties: {
129
+ issuer: {
130
+ type: "string",
131
+ format: "uri",
132
+ description: "The issuer URL of the provider"
133
+ },
134
+ pkce: {
135
+ type: "boolean",
136
+ description: "Whether PKCE is enabled for the authorization flow"
137
+ },
138
+ clientId: {
139
+ type: "string",
140
+ description: "The client ID for the provider"
141
+ },
142
+ clientSecret: {
143
+ type: "string",
144
+ description: "The client secret for the provider"
145
+ },
146
+ authorizationEndpoint: {
147
+ type: "string",
148
+ format: "uri",
149
+ nullable: true,
150
+ description: "The authorization endpoint URL"
151
+ },
152
+ discoveryEndpoint: {
153
+ type: "string",
154
+ format: "uri",
155
+ description: "The discovery endpoint URL"
156
+ },
157
+ userInfoEndpoint: {
158
+ type: "string",
159
+ format: "uri",
160
+ nullable: true,
161
+ description: "The user info endpoint URL"
162
+ },
163
+ scopes: {
164
+ type: "array",
165
+ items: { type: "string" },
166
+ nullable: true,
167
+ description: "The scopes requested from the provider"
168
+ },
169
+ tokenEndpoint: {
170
+ type: "string",
171
+ format: "uri",
172
+ nullable: true,
173
+ description: "The token endpoint URL"
174
+ },
175
+ tokenEndpointAuthentication: {
176
+ type: "string",
177
+ enum: [
178
+ "client_secret_post",
179
+ "client_secret_basic"
180
+ ],
181
+ nullable: true,
182
+ description: "Authentication method for the token endpoint"
183
+ },
184
+ jwksEndpoint: {
185
+ type: "string",
186
+ format: "uri",
187
+ nullable: true,
188
+ description: "The JWKS endpoint URL"
189
+ },
190
+ mapping: {
191
+ type: "object",
192
+ nullable: true,
193
+ properties: {
194
+ id: {
195
+ type: "string",
196
+ description: "Field mapping for user ID (defaults to 'sub')"
197
+ },
198
+ email: {
199
+ type: "string",
200
+ description: "Field mapping for email (defaults to 'email')"
201
+ },
202
+ emailVerified: {
203
+ type: "string",
204
+ nullable: true,
205
+ description: "Field mapping for email verification (defaults to 'email_verified')"
206
+ },
207
+ name: {
208
+ type: "string",
209
+ description: "Field mapping for name (defaults to 'name')"
210
+ },
211
+ image: {
212
+ type: "string",
213
+ nullable: true,
214
+ description: "Field mapping for image (defaults to 'picture')"
215
+ },
216
+ extraFields: {
217
+ type: "object",
218
+ additionalProperties: { type: "string" },
219
+ nullable: true,
220
+ description: "Additional field mappings"
221
+ }
222
+ },
223
+ required: ["id", "email", "name"]
224
+ }
225
+ },
226
+ required: [
227
+ "issuer",
228
+ "pkce",
229
+ "clientId",
230
+ "clientSecret",
231
+ "discoveryEndpoint"
232
+ ],
233
+ description: "OIDC configuration for the provider"
234
+ },
235
+ organizationId: {
236
+ type: "string",
237
+ nullable: true,
238
+ description: "ID of the linked organization, if any"
239
+ },
240
+ userId: {
241
+ type: "string",
242
+ description: "ID of the user who registered the provider"
243
+ },
244
+ providerId: {
245
+ type: "string",
246
+ description: "Unique identifier for the provider"
247
+ },
248
+ redirectURI: {
249
+ type: "string",
250
+ format: "uri",
251
+ description: "The redirect URI for the provider callback"
252
+ }
253
+ },
254
+ required: [
255
+ "issuer",
256
+ "domain",
257
+ "oidcConfig",
258
+ "userId",
259
+ "providerId",
260
+ "redirectURI"
261
+ ]
262
+ }
263
+ }
264
+ }
109
265
  }
110
266
  }
111
267
  }
@@ -136,7 +292,8 @@ const sso = (options) => {
136
292
  discoveryEndpoint: body.discoveryEndpoint || `${body.issuer}/.well-known/openid-configuration`,
137
293
  mapping: body.mapping,
138
294
  scopes: body.scopes,
139
- userinfoEndpoint: body.userInfoEndpoint
295
+ userinfoEndpoint: body.userInfoEndpoint,
296
+ overrideUserInfo: ctx.body.overrideUserInfo || options?.defaultOverrideUserInfo || false
140
297
  }),
141
298
  organizationId: body.organizationId,
142
299
  userId: ctx.context.session.user.id,
@@ -222,6 +379,31 @@ const sso = (options) => {
222
379
  }
223
380
  }
224
381
  }
382
+ },
383
+ responses: {
384
+ "200": {
385
+ description: "Authorization URL generated successfully for SSO sign-in",
386
+ content: {
387
+ "application/json": {
388
+ schema: {
389
+ type: "object",
390
+ properties: {
391
+ url: {
392
+ type: "string",
393
+ format: "uri",
394
+ description: "The authorization URL to redirect the user to for SSO sign-in"
395
+ },
396
+ redirect: {
397
+ type: "boolean",
398
+ description: "Indicates that the client should redirect to the provided URL",
399
+ enum: [true]
400
+ }
401
+ },
402
+ required: ["url", "redirect"]
403
+ }
404
+ }
405
+ }
406
+ }
225
407
  }
226
408
  }
227
409
  }
@@ -477,7 +659,8 @@ const sso = (options) => {
477
659
  refreshTokenExpiresAt: tokenResponse.refreshTokenExpiresAt,
478
660
  scope: tokenResponse.scopes?.join(",")
479
661
  },
480
- disableSignUp: options?.disableImplicitSignUp && !requestSignUp
662
+ disableSignUp: options?.disableImplicitSignUp && !requestSignUp,
663
+ overrideUserInfo: config.overrideUserInfo
481
664
  });
482
665
  if (linked.error) {
483
666
  throw ctx.redirect(