jcc-express-mvc 1.8.8 → 1.8.21

package/lib/Session/SessionManager.d.ts

@@ -1,12 +1,26 @@
+import type { RequestHandler } from "express";
 import { Session } from "./index";
 import { SessionConfig } from "../Interface";
+/**
+ * Laravel-style session manager: resolves a store by `driver` and exposes
+ * `express-session` middleware backed by that store.
+ */
 export declare class SessionManager {
-    private config;
-    private store;
+    private readonly store;
+    private readonly expressStore;
+    private readonly config;
     constructor(config: SessionConfig);
+    getConfig(): SessionConfig;
     private createStore;
-    getExpressMiddleware(): import("express").RequestHandler<import("express-serve-static-core").ParamsDictionary, any, any, import("qs").ParsedQs, Record<string, any>>;
-    private createExpressStore;
+    static buildRedisUrl(r: NonNullable<SessionConfig["redis"]>): string;
+    /**
+     * `express-session` middleware using the configured driver store.
+     */
+    getExpressMiddleware(): RequestHandler;
+    private buildExpressStore;
+    /**
+     * Optional: standalone {@link Session} instances backed by the same store (advanced use).
+     */
     createSession(sessionId: string): Promise<Session>;
 }
 //# sourceMappingURL=SessionManager.d.ts.map

package/lib/Session/SessionManager.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"SessionManager.d.ts","sourceRoot":"","sources":["../../../jcc-express-mvc/lib/Session/SessionManager.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,aAAa,EAAgB,MAAM,cAAc,CAAC;AAK3D,qBAAa,cAAc;IACzB,OAAO,CAAC,MAAM,CAAgB;IAC9B,OAAO,CAAC,KAAK,CAAe;gBAEhB,MAAM,EAAE,aAAa;IAKjC,OAAO,CAAC,WAAW;IAgBnB,oBAAoB;IAcpB,OAAO,CAAC,kBAAkB;IAqDpB,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CASzD"}
+{"version":3,"file":"SessionManager.d.ts","sourceRoot":"","sources":["../../../jcc-express-mvc/lib/Session/SessionManager.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAC9C,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,aAAa,EAA6B,MAAM,cAAc,CAAC;AAIxE;;;GAGG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAe;IACrC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAgB;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAgB;gBAE3B,MAAM,EAAE,aAAa;IAMjC,SAAS,IAAI,aAAa;IAI1B,OAAO,CAAC,WAAW;IA0BnB,MAAM,CAAC,aAAa,CAAC,CAAC,EAAE,WAAW,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,GAAG,MAAM;IAUpE;;OAEG;IACH,oBAAoB,IAAI,cAAc;IAqBtC,OAAO,CAAC,iBAAiB;IAsDzB;;OAEG;IACG,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAKzD"}

package/lib/Session/SessionManager.js

@@ -8,56 +8,89 @@ const uuid_1 = require("uuid");
 const express_session_1 = __importDefault(require("express-session"));
 const index_1 = require("./index");
 const FileSession_1 = require("./FileSession");
-const RedisSession_1 = require("./RedisSession");
 const DatabaseSession_1 = require("./DatabaseSession");
+/**
+ * Laravel-style session manager: resolves a store by `driver` and exposes
+ * `express-session` middleware backed by that store.
+ */
 class SessionManager {
     constructor(config) {
         this.config = config;
         this.store = this.createStore();
+        this.expressStore = this.buildExpressStore();
+    }
+    getConfig() {
+        return this.config;
     }
     createStore() {
         switch (this.config.driver) {
             case "file":
                 return new FileSession_1.FileSessionStore(this.config.files?.path);
             case "database":
-                // You'll need to pass the database connection
-                return new DatabaseSession_1.DatabaseSessionStore();
-                throw new Error("Database store requires connection setup");
-            case "redis":
-                const redisUrl = `redis://${this.config.redis?.host}:${this.config.redis?.port}`;
-                return new RedisSession_1.RedisSessionStore(redisUrl);
+                return new DatabaseSession_1.DatabaseSessionStore(this.config.database?.table ?? "sessions");
+            case "redis": {
+                const r = this.config.redis;
+                if (!r?.host) {
+                    throw new Error("Session driver redis requires config.redis.host (and port). Set SESSION_DRIVER=file or configure redis in app config.");
+                }
+                const url = SessionManager.buildRedisUrl(r);
+                // Lazy-load so apps using file/database sessions do not need the `redis` package
+                // eslint-disable-next-line @typescript-eslint/no-require-imports
+                const { RedisSessionStore } = require("./RedisSession");
+                return new RedisSessionStore(url, r.prefix ?? "session:");
+            }
             default:
                 throw new Error(`Unsupported session driver: ${this.config.driver}`);
         }
     }
+    static buildRedisUrl(r) {
+        const host = r.host;
+        const port = r.port ?? 6379;
+        const db = r.database ?? 0;
+        if (r.password) {
+            return `redis://:${encodeURIComponent(r.password)}@${host}:${port}/${db}`;
+        }
+        return `redis://${host}:${port}/${db}`;
+    }
+    /**
+     * `express-session` middleware using the configured driver store.
+     */
     getExpressMiddleware() {
+        const c = this.config.cookie;
         return (0, express_session_1.default)({
             genid: () => (0, uuid_1.v4)(),
-            secret: process.env.SESSION_SECRET || "your-secret-key",
+            name: c.name,
+            secret: process.env.SESSION_SECRET || process.env.APP_SESSION_SECTRET || "your-secret-key",
             resave: false,
             saveUninitialized: false,
+            rolling: false,
+            store: this.expressStore,
             cookie: {
-                ...this.config.cookie,
-                maxAge: this.config.lifetime,
+                maxAge: c.maxAge,
+                httpOnly: c.httpOnly,
+                secure: c.secure,
+                sameSite: c.sameSite,
+                path: c.path ?? "/",
+                ...(c.domain ? { domain: c.domain } : {}),
             },
-            store: this.createExpressStore(),
         });
     }
-    createExpressStore() {
+    buildExpressStore() {
         const store = this.store;
+        const lifetime = this.config.lifetime;
         return new (class extends express_session_1.default.Store {
             async get(sid, callback) {
                 try {
                     const data = (await store.get(sid));
-                    callback(null, data);
+                    callback(null, data ?? undefined);
                 }
                 catch (error) {
                     callback(error);
                 }
             }
-            async set(sid, session, callback) {
+            async set(sid, sess, callback) {
                 try {
-                    await store.set(sid, session);
+                    await store.set(sid, sess, lifetime);
                     callback?.();
                 }
                 catch (error) {
@@ -73,9 +106,9 @@ class SessionManager {
                     callback?.(error);
                 }
             }
-            async touch(sid, session, callback) {
+            async touch(sid, sess, callback) {
                 try {
-                    await store.touch(sid);
+                    await store.touch(sid, lifetime);
                     callback?.();
                 }
                 catch (error) {
@@ -84,6 +117,9 @@ class SessionManager {
             }
         })();
     }
+    /**
+     * Optional: standalone {@link Session} instances backed by the same store (advanced use).
+     */
     async createSession(sessionId) {
         const sessionInstance = new index_1.Session(sessionId, this.store, this.config.lifetime);
         await sessionInstance.load();

package/lib/Socialite/AbstractProvider.d.ts

@@ -0,0 +1,60 @@
+import type { AppRequest, AppResponse } from "../Interface";
+import { SocialUser } from "./SocialUser";
+import type { OAuthAuthorizeContext, OAuthProviderConfig } from "./types";
+/**
+ * Base OAuth2 provider — fluent API similar to Laravel Socialite:
+ * `scopes()`, `setScopes()`, `redirect()`, `user()`.
+ *
+ * OAuth CSRF state and PKCE verifier are stored in {@link AppRequest.jccSession}
+ * (no Socialite-managed cookies; enable session middleware in your app).
+ * SocialUser exposes only profile fields — not provider access tokens.
+ */
+export declare abstract class AbstractProvider {
+    protected readonly oauthConfig: OAuthProviderConfig;
+    protected readonly driverName: string;
+    /** Accumulated scopes for `scopes()` / `setScopes()` (field kept separate from method name). */
+    protected scopeList: string[];
+    constructor(oauthConfig: OAuthProviderConfig, driverName: string);
+    protected abstract getDefaultScopes(): string[];
+    abstract buildAuthorizeUrl(state: string, pkce?: OAuthAuthorizeContext): string;
+    abstract fetchAccessToken(code: string, ctx?: {
+        codeVerifier?: string;
+    }): Promise<Record<string, unknown>>;
+    abstract fetchUserFromToken(accessToken: string): Promise<Record<string, unknown>>;
+    abstract mapUser(raw: Record<string, unknown>): SocialUser;
+    /**
+     * Twitter OAuth 2 uses PKCE; other drivers return false.
+     */
+    protected requiresPkce(): boolean;
+    protected createPkce(): {
+        verifier: string;
+        challenge: string;
+    };
+    protected sessionKey(): string;
+    /**
+     * Merge additional scopes (Laravel `->scopes([...])`).
+     */
+    scopes(...scopes: string[]): this;
+    /**
+     * Replace all scopes (Laravel `->setScopes([...])`).
+     */
+    setScopes(scopes: string[]): this;
+    protected formatScopes(): string;
+    private readOAuthSession;
+    private writeOAuthSession;
+    private clearOAuthSession;
+    /**
+     * Redirect to the provider consent screen (Laravel `->redirect()`).
+     * Uses global `request` / `response` if arguments omitted.
+     */
+    redirect(req?: AppRequest, res?: AppResponse): void;
+    /**
+     * Complete OAuth on the callback route (Laravel `->user()`).
+     */
+    user(req?: AppRequest, _res?: AppResponse): Promise<SocialUser>;
+    /**
+     * Default: top-level `access_token`. Override for providers that nest tokens (e.g. Slack).
+     */
+    protected extractAccessToken(tokens: Record<string, unknown>): string | null;
+}
+//# sourceMappingURL=AbstractProvider.d.ts.map

package/lib/Socialite/AbstractProvider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AbstractProvider.d.ts","sourceRoot":"","sources":["../../../jcc-express-mvc/lib/Socialite/AbstractProvider.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAC5D,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE1C,OAAO,KAAK,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,SAAS,CAAC;AAI1E;;;;;;;GAOG;AACH,8BAAsB,gBAAgB;IAKlC,SAAS,CAAC,QAAQ,CAAC,WAAW,EAAE,mBAAmB;IACnD,SAAS,CAAC,QAAQ,CAAC,UAAU,EAAE,MAAM;IALvC,gGAAgG;IAChG,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,CAAM;gBAGd,WAAW,EAAE,mBAAmB,EAChC,UAAU,EAAE,MAAM;IAGvC,SAAS,CAAC,QAAQ,CAAC,gBAAgB,IAAI,MAAM,EAAE;IAE/C,QAAQ,CAAC,iBAAiB,CACxB,KAAK,EAAE,MAAM,EACb,IAAI,CAAC,EAAE,qBAAqB,GAC3B,MAAM;IAET,QAAQ,CAAC,gBAAgB,CACvB,IAAI,EAAE,MAAM,EACZ,GAAG,CAAC,EAAE;QAAE,YAAY,CAAC,EAAE,MAAM,CAAA;KAAE,GAC9B,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEnC,QAAQ,CAAC,kBAAkB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAElF,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,UAAU;IAE1D;;OAEG;IACH,SAAS,CAAC,YAAY,IAAI,OAAO;IAIjC,SAAS,CAAC,UAAU,IAAI;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE;IAS/D,SAAS,CAAC,UAAU,IAAI,MAAM;IAI9B;;OAEG;IACH,MAAM,CAAC,GAAG,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI;IAKjC;;OAEG;IACH,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI;IAKjC,SAAS,CAAC,YAAY,IAAI,MAAM;IAMhC,OAAO,CAAC,gBAAgB;IAQxB,OAAO,CAAC,iBAAiB;IAczB,OAAO,CAAC,iBAAiB;IAIzB;;;OAGG;IACH,QAAQ,CAAC,GAAG,CAAC,EAAE,UAAU,EAAE,GAAG,CAAC,EAAE,WAAW,GAAG,IAAI;IAuBnD;;OAEG;IACG,IAAI,CAAC,GAAG,CAAC,EAAE,UAAU,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC;IA+CrE;;OAEG;IACH,SAAS,CAAC,kBAAkB,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,GAAG,IAAI;CAI7E"}

package/lib/Socialite/AbstractProvider.js

@@ -0,0 +1,136 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AbstractProvider = void 0;
+const crypto_1 = __importDefault(require("crypto"));
+const SocialiteAuthError_1 = require("../Error/SocialiteAuthError/SocialiteAuthError");
+/**
+ * Base OAuth2 provider — fluent API similar to Laravel Socialite:
+ * `scopes()`, `setScopes()`, `redirect()`, `user()`.
+ *
+ * OAuth CSRF state and PKCE verifier are stored in {@link AppRequest.jccSession}
+ * (no Socialite-managed cookies; enable session middleware in your app).
+ * SocialUser exposes only profile fields — not provider access tokens.
+ */
+class AbstractProvider {
+    constructor(oauthConfig, driverName) {
+        this.oauthConfig = oauthConfig;
+        this.driverName = driverName;
+        /** Accumulated scopes for `scopes()` / `setScopes()` (field kept separate from method name). */
+        this.scopeList = [];
+    }
+    /**
+     * Twitter OAuth 2 uses PKCE; other drivers return false.
+     */
+    requiresPkce() {
+        return false;
+    }
+    createPkce() {
+        const verifier = crypto_1.default.randomBytes(32).toString("base64url");
+        const challenge = crypto_1.default
+            .createHash("sha256")
+            .update(verifier)
+            .digest("base64url");
+        return { verifier, challenge };
+    }
+    sessionKey() {
+        return `_socialite.oauth.${this.driverName}`;
+    }
+    /**
+     * Merge additional scopes (Laravel `->scopes([...])`).
+     */
+    scopes(...scopes) {
+        this.scopeList.push(...scopes);
+        return this;
+    }
+    /**
+     * Replace all scopes (Laravel `->setScopes([...])`).
+     */
+    setScopes(scopes) {
+        this.scopeList = [...scopes];
+        return this;
+    }
+    formatScopes() {
+        const list = this.scopeList.length > 0 ? this.scopeList : this.getDefaultScopes();
+        return list.join(" ");
+    }
+    readOAuthSession(req) {
+        const sess = req.jccSession;
+        if (!sess) {
+            return undefined;
+        }
+        return sess.get(this.sessionKey());
+    }
+    writeOAuthSession(req, payload) {
+        const sess = req.jccSession;
+        if (!sess) {
+            throw new SocialiteAuthError_1.SocialiteAuthError("OAuth requires session middleware (jccSession on the request). Enable your app session bridge before Socialite.redirect().", this.driverName);
+        }
+        sess.put(this.sessionKey(), payload);
+    }
+    clearOAuthSession(req) {
+        req.jccSession?.forget(this.sessionKey());
+    }
+    /**
+     * Redirect to the provider consent screen (Laravel `->redirect()`).
+     * Uses global `request` / `response` if arguments omitted.
+     */
+    redirect(req, res) {
+        const r = req ?? request();
+        const s = res ?? response();
+        if (!this.oauthConfig.clientId || !this.oauthConfig.clientSecret) {
+            throw new SocialiteAuthError_1.SocialiteAuthError(`OAuth not configured for [${this.driverName}]. Set ${this.driverName.toUpperCase()}_CLIENT_ID and _CLIENT_SECRET.`, this.driverName);
+        }
+        const state = crypto_1.default.randomBytes(20).toString("hex");
+        let codeVerifier;
+        let pkceCtx;
+        if (this.requiresPkce()) {
+            const pk = this.createPkce();
+            codeVerifier = pk.verifier;
+            pkceCtx = { codeChallenge: pk.challenge, codeChallengeMethod: "S256" };
+        }
+        this.writeOAuthSession(r, { state, codeVerifier });
+        const url = this.buildAuthorizeUrl(state, pkceCtx);
+        s.redirect(302, url);
+    }
+    /**
+     * Complete OAuth on the callback route (Laravel `->user()`).
+     */
+    async user(req, _res) {
+        const r = req ?? request();
+        const q = r.query;
+        const code = q.code;
+        const state = q.state;
+        const error = q.error;
+        const errorDescription = q.error_description;
+        if (error) {
+            throw new SocialiteAuthError_1.SocialiteAuthError(String(errorDescription || error), this.driverName);
+        }
+        if (!code || typeof code !== "string") {
+            throw new SocialiteAuthError_1.SocialiteAuthError("Missing authorization code.", this.driverName);
+        }
+        const payload = this.readOAuthSession(r);
+        if (!payload?.state || payload.state !== state || typeof state !== "string") {
+            throw new SocialiteAuthError_1.SocialiteAuthError("Invalid or expired OAuth state. Try signing in again.", this.driverName);
+        }
+        const codeVerifier = payload.codeVerifier;
+        this.clearOAuthSession(r);
+        const tokens = await this.fetchAccessToken(code, codeVerifier ? { codeVerifier } : undefined);
+        const accessToken = this.extractAccessToken(tokens);
+        if (!accessToken) {
+            throw new SocialiteAuthError_1.SocialiteAuthError("No access token in provider response.", this.driverName);
+        }
+        const raw = await this.fetchUserFromToken(accessToken);
+        return this.mapUser(raw);
+    }
+    /**
+     * Default: top-level `access_token`. Override for providers that nest tokens (e.g. Slack).
+     */
+    extractAccessToken(tokens) {
+        const t = tokens.access_token;
+        return typeof t === "string" ? t : null;
+    }
+}
+exports.AbstractProvider = AbstractProvider;

package/lib/Socialite/Drivers/facebook/FacebookDriver.d.ts

@@ -0,0 +1,9 @@
+import type { OAuthProviderConfig } from "../../types";
+export declare class FacebookDriver {
+    private readonly cfg;
+    constructor(cfg: OAuthProviderConfig);
+    getAuthorizationUrl(state: string, scope: string): string;
+    exchangeAuthorizationCode(code: string): Promise<Record<string, unknown>>;
+    getUser(accessToken: string): Promise<Record<string, unknown>>;
+}
+//# sourceMappingURL=FacebookDriver.d.ts.map

package/lib/Socialite/Drivers/facebook/FacebookDriver.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"FacebookDriver.d.ts","sourceRoot":"","sources":["../../../../../jcc-express-mvc/lib/Socialite/Drivers/facebook/FacebookDriver.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAIvD,qBAAa,cAAc;IACb,OAAO,CAAC,QAAQ,CAAC,GAAG;gBAAH,GAAG,EAAE,mBAAmB;IAErD,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM;IAWnD,yBAAyB,CAC7B,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAW7B,OAAO,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAQrE"}

package/lib/Socialite/Drivers/facebook/FacebookDriver.js

@@ -0,0 +1,40 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FacebookDriver = void 0;
+const Http_1 = require("../../../Http");
+const constant_1 = require("../../constant");
+const ME_FIELDS = "id,name,email,picture.type(large)";
+class FacebookDriver {
+    constructor(cfg) {
+        this.cfg = cfg;
+    }
+    getAuthorizationUrl(state, scope) {
+        const params = new URLSearchParams({
+            client_id: this.cfg.clientId,
+            redirect_uri: this.cfg.redirectUri,
+            state,
+            scope,
+            response_type: "code",
+        });
+        return `${constant_1.FACEBOOK_AUTHORIZE}?${params.toString()}`;
+    }
+    async exchangeAuthorizationCode(code) {
+        Http_1.Http.reset().withQueryParameters({
+            client_id: this.cfg.clientId,
+            client_secret: this.cfg.clientSecret,
+            redirect_uri: this.cfg.redirectUri,
+            code,
+        });
+        const { data } = await Http_1.Http.get(constant_1.FACEBOOK_TOKEN);
+        return data;
+    }
+    async getUser(accessToken) {
+        Http_1.Http.reset().withQueryParameters({
+            fields: ME_FIELDS,
+            access_token: accessToken,
+        });
+        const { data } = await Http_1.Http.get("https://graph.facebook.com/me");
+        return data;
+    }
+}
+exports.FacebookDriver = FacebookDriver;

package/lib/Socialite/Drivers/facebook/FacebookProvider.d.ts

@@ -0,0 +1,15 @@
+import { AbstractProvider } from "../../AbstractProvider";
+import { SocialUser } from "../../SocialUser";
+import type { OAuthAuthorizeContext, OAuthProviderConfig } from "../../types";
+export declare class FacebookProvider extends AbstractProvider {
+    private readonly client;
+    constructor(cfg: OAuthProviderConfig);
+    getDefaultScopes(): string[];
+    buildAuthorizeUrl(state: string, _pkce?: OAuthAuthorizeContext): string;
+    fetchAccessToken(code: string, _ctx?: {
+        codeVerifier?: string;
+    }): Promise<Record<string, unknown>>;
+    fetchUserFromToken(accessToken: string): Promise<Record<string, unknown>>;
+    mapUser(raw: Record<string, unknown>): SocialUser;
+}
+//# sourceMappingURL=FacebookProvider.d.ts.map

package/lib/Socialite/Drivers/facebook/FacebookProvider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"FacebookProvider.d.ts","sourceRoot":"","sources":["../../../../../jcc-express-mvc/lib/Socialite/Drivers/facebook/FacebookProvider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE1D,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,KAAK,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAE9E,qBAAa,gBAAiB,SAAQ,gBAAgB;IACpD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAiB;gBAE5B,GAAG,EAAE,mBAAmB;IAKpC,gBAAgB,IAAI,MAAM,EAAE;IAI5B,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,qBAAqB,GAAG,MAAM;IAIvE,gBAAgB,CACd,IAAI,EAAE,MAAM,EACZ,IAAI,CAAC,EAAE;QAAE,YAAY,CAAC,EAAE,MAAM,CAAA;KAAE,GAC/B,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAInC,kBAAkB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAIzE,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,UAAU;CAGlD"}

package/lib/Socialite/Drivers/facebook/FacebookProvider.js

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FacebookProvider = void 0;
+const AbstractProvider_1 = require("../../AbstractProvider");
+const FacebookDriver_1 = require("./FacebookDriver");
+const SocialUser_1 = require("../../SocialUser");
+class FacebookProvider extends AbstractProvider_1.AbstractProvider {
+    constructor(cfg) {
+        super(cfg, "facebook");
+        this.client = new FacebookDriver_1.FacebookDriver(cfg);
+    }
+    getDefaultScopes() {
+        return ["email", "public_profile"];
+    }
+    buildAuthorizeUrl(state, _pkce) {
+        return this.client.getAuthorizationUrl(state, this.formatScopes());
+    }
+    fetchAccessToken(code, _ctx) {
+        return this.client.exchangeAuthorizationCode(code);
+    }
+    fetchUserFromToken(accessToken) {
+        return this.client.getUser(accessToken);
+    }
+    mapUser(raw) {
+        return SocialUser_1.SocialUser.fromFacebook(raw);
+    }
+}
+exports.FacebookProvider = FacebookProvider;

package/lib/Socialite/Drivers/github/GitHubDriver.d.ts

@@ -0,0 +1,9 @@
+import type { OAuthProviderConfig } from "../../types";
+export declare class GitHubDriver {
+    private readonly cfg;
+    constructor(cfg: OAuthProviderConfig);
+    getAuthorizationUrl(state: string, scope: string): string;
+    exchangeAuthorizationCode(code: string): Promise<Record<string, unknown>>;
+    getUser(accessToken: string): Promise<Record<string, unknown>>;
+}
+//# sourceMappingURL=GitHubDriver.d.ts.map

package/lib/Socialite/Drivers/github/GitHubDriver.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"GitHubDriver.d.ts","sourceRoot":"","sources":["../../../../../jcc-express-mvc/lib/Socialite/Drivers/github/GitHubDriver.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAEvD,qBAAa,YAAY;IACX,OAAO,CAAC,QAAQ,CAAC,GAAG;gBAAH,GAAG,EAAE,mBAAmB;IAErD,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM;IAUnD,yBAAyB,CAC7B,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAc7B,OAAO,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAqBrE"}

package/lib/Socialite/Drivers/github/GitHubDriver.js

@@ -0,0 +1,54 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GitHubDriver = void 0;
+const Http_1 = require("../../../Http");
+const constant_1 = require("../../constant");
+class GitHubDriver {
+    constructor(cfg) {
+        this.cfg = cfg;
+    }
+    getAuthorizationUrl(state, scope) {
+        const params = new URLSearchParams({
+            client_id: this.cfg.clientId,
+            redirect_uri: this.cfg.redirectUri,
+            state,
+            scope,
+        });
+        return `${constant_1.GITHUB_AUTHORIZE}?${params.toString()}`;
+    }
+    async exchangeAuthorizationCode(code) {
+        Http_1.Http.reset().withHeaders({
+            Accept: "application/json",
+            "Content-Type": "application/json",
+        });
+        const { data } = await Http_1.Http.post(constant_1.GITHUB_TOKEN, {
+            client_id: this.cfg.clientId,
+            client_secret: this.cfg.clientSecret,
+            code,
+            redirect_uri: this.cfg.redirectUri,
+        });
+        return data;
+    }
+    async getUser(accessToken) {
+        const githubHeaders = {
+            Authorization: `Bearer ${accessToken}`,
+            Accept: "application/vnd.github+json",
+            "X-GitHub-Api-Version": "2022-11-28",
+        };
+        Http_1.Http.reset().withHeaders(githubHeaders);
+        const { data: user } = await Http_1.Http.get(constant_1.GITHUB_USER);
+        if (!user.email) {
+            Http_1.Http.reset().withHeaders(githubHeaders);
+            const { data: emails } = await Http_1.Http.get(constant_1.GITHUB_EMAILS);
+            let primary;
+            if (Array.isArray(emails) && emails.length > 0) {
+                primary = emails.find((e) => e.primary) ?? emails[0];
+            }
+            if (primary?.email) {
+                user.email = primary.email;
+            }
+        }
+        return user;
+    }
+}
+exports.GitHubDriver = GitHubDriver;

package/lib/Socialite/Drivers/github/GitHubProvider.d.ts

@@ -0,0 +1,15 @@
+import { AbstractProvider } from "../../AbstractProvider";
+import { SocialUser } from "../../SocialUser";
+import type { OAuthAuthorizeContext, OAuthProviderConfig } from "../../types";
+export declare class GitHubProvider extends AbstractProvider {
+    private readonly client;
+    constructor(cfg: OAuthProviderConfig);
+    getDefaultScopes(): string[];
+    buildAuthorizeUrl(state: string, _pkce?: OAuthAuthorizeContext): string;
+    fetchAccessToken(code: string, _ctx?: {
+        codeVerifier?: string;
+    }): Promise<Record<string, unknown>>;
+    fetchUserFromToken(accessToken: string): Promise<Record<string, unknown>>;
+    mapUser(raw: Record<string, unknown>): SocialUser;
+}
+//# sourceMappingURL=GitHubProvider.d.ts.map

package/lib/Socialite/Drivers/github/GitHubProvider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"GitHubProvider.d.ts","sourceRoot":"","sources":["../../../../../jcc-express-mvc/lib/Socialite/Drivers/github/GitHubProvider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE1D,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,KAAK,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAE9E,qBAAa,cAAe,SAAQ,gBAAgB;IAClD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAe;gBAE1B,GAAG,EAAE,mBAAmB;IAKpC,gBAAgB,IAAI,MAAM,EAAE;IAI5B,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,qBAAqB,GAAG,MAAM;IAIvE,gBAAgB,CACd,IAAI,EAAE,MAAM,EACZ,IAAI,CAAC,EAAE;QAAE,YAAY,CAAC,EAAE,MAAM,CAAA;KAAE,GAC/B,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAInC,kBAAkB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAIzE,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,UAAU;CAGlD"}

package/lib/Socialite/Drivers/github/GitHubProvider.js

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GitHubProvider = void 0;
+const AbstractProvider_1 = require("../../AbstractProvider");
+const GitHubDriver_1 = require("./GitHubDriver");
+const SocialUser_1 = require("../../SocialUser");
+class GitHubProvider extends AbstractProvider_1.AbstractProvider {
+    constructor(cfg) {
+        super(cfg, "github");
+        this.client = new GitHubDriver_1.GitHubDriver(cfg);
+    }
+    getDefaultScopes() {
+        return ["read:user", "user:email"];
+    }
+    buildAuthorizeUrl(state, _pkce) {
+        return this.client.getAuthorizationUrl(state, this.formatScopes());
+    }
+    fetchAccessToken(code, _ctx) {
+        return this.client.exchangeAuthorizationCode(code);
+    }
+    fetchUserFromToken(accessToken) {
+        return this.client.getUser(accessToken);
+    }
+    mapUser(raw) {
+        return SocialUser_1.SocialUser.fromGitHub(raw);
+    }
+}
+exports.GitHubProvider = GitHubProvider;

package/lib/Socialite/Drivers/gitlab/GitLabDriver.d.ts

@@ -0,0 +1,10 @@
+import type { OAuthProviderConfig } from "../../types";
+export declare class GitLabDriver {
+    private readonly cfg;
+    private readonly base;
+    constructor(cfg: OAuthProviderConfig);
+    getAuthorizationUrl(state: string, scope: string): string;
+    exchangeAuthorizationCode(code: string): Promise<Record<string, unknown>>;
+    getUser(accessToken: string): Promise<Record<string, unknown>>;
+}
+//# sourceMappingURL=GitLabDriver.d.ts.map

package/lib/Socialite/Drivers/gitlab/GitLabDriver.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"GitLabDriver.d.ts","sourceRoot":"","sources":["../../../../../jcc-express-mvc/lib/Socialite/Drivers/gitlab/GitLabDriver.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAEvD,qBAAa,YAAY;IAGX,OAAO,CAAC,QAAQ,CAAC,GAAG;IAFhC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAS;gBAED,GAAG,EAAE,mBAAmB;IAIrD,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM;IAWnD,yBAAyB,CAC7B,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAe7B,OAAO,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAKrE"}

package/lib/Socialite/Drivers/gitlab/GitLabDriver.js

@@ -0,0 +1,37 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GitLabDriver = void 0;
+const Http_1 = require("../../../Http");
+class GitLabDriver {
+    constructor(cfg) {
+        this.cfg = cfg;
+        this.base = (cfg.gitlabUrl ?? "https://gitlab.com").replace(/\/$/, "");
+    }
+    getAuthorizationUrl(state, scope) {
+        const params = new URLSearchParams({
+            client_id: this.cfg.clientId,
+            redirect_uri: this.cfg.redirectUri,
+            response_type: "code",
+            state,
+            scope,
+        });
+        return `${this.base}/oauth/authorize?${params.toString()}`;
+    }
+    async exchangeAuthorizationCode(code) {
+        Http_1.Http.reset().asForm();
+        const { data } = await Http_1.Http.post(`${this.base}/oauth/token`, new URLSearchParams({
+            client_id: this.cfg.clientId,
+            client_secret: this.cfg.clientSecret,
+            code,
+            grant_type: "authorization_code",
+            redirect_uri: this.cfg.redirectUri,
+        }).toString());
+        return data;
+    }
+    async getUser(accessToken) {
+        Http_1.Http.reset().withHeaders({ Authorization: `Bearer ${accessToken}` });
+        const { data } = await Http_1.Http.get(`${this.base}/api/v4/user`);
+        return data;
+    }
+}
+exports.GitLabDriver = GitLabDriver;