npm - mulguard - Versions diffs - 1.1.7 → 1.1.8 - Mend

mulguard 1.1.7 → 1.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (546) hide show

package/README.md +21 -582
package/adapters.d.ts +2 -0
package/adapters.d.ts.map +1 -0
package/adapters.js +1 -0
package/index.d.ts +329 -0
package/index.d.ts.map +1 -0
package/index.js +145 -0
package/jwt.d.ts +9 -0
package/jwt.d.ts.map +1 -0
package/jwt.js +8 -0
package/lib/actions.d.ts +13 -0
package/lib/actions.d.ts.map +1 -0
package/lib/actions.js +86 -0
package/lib/client.d.ts +104 -0
package/lib/client.d.ts.map +1 -0
package/lib/client.js +95 -0
package/lib/env.d.ts +12 -0
package/lib/env.d.ts.map +1 -0
package/lib/env.js +38 -0
package/lib/index.d.ts +56 -0
package/lib/index.d.ts.map +1 -0
package/lib/index.js +187 -0
package/lib/types.d.ts +24 -0
package/lib/types.d.ts.map +1 -0
package/lib/types.js +1 -0
package/middleware.d.ts +9 -0
package/middleware.d.ts.map +1 -0
package/middleware.js +12 -0
package/next.d.ts +9 -0
package/next.d.ts.map +1 -0
package/next.js +12 -0
package/package.json +117 -126
package/providers/42-school.d.ts +3 -0
package/providers/42-school.d.ts.map +1 -0
package/providers/42-school.js +2 -0
package/providers/apple.d.ts +3 -0
package/providers/apple.d.ts.map +1 -0
package/providers/apple.js +2 -0
package/providers/asgardeo.d.ts +3 -0
package/providers/asgardeo.d.ts.map +1 -0
package/providers/asgardeo.js +2 -0
package/providers/atlassian.d.ts +3 -0
package/providers/atlassian.d.ts.map +1 -0
package/providers/atlassian.js +2 -0
package/providers/auth0.d.ts +3 -0
package/providers/auth0.d.ts.map +1 -0
package/providers/auth0.js +2 -0
package/providers/authentik.d.ts +3 -0
package/providers/authentik.d.ts.map +1 -0
package/providers/authentik.js +2 -0
package/providers/azure-ad-b2c.d.ts +3 -0
package/providers/azure-ad-b2c.d.ts.map +1 -0
package/providers/azure-ad-b2c.js +2 -0
package/providers/azure-ad.d.ts +3 -0
package/providers/azure-ad.d.ts.map +1 -0
package/providers/azure-ad.js +2 -0
package/providers/azure-devops.d.ts +3 -0
package/providers/azure-devops.d.ts.map +1 -0
package/providers/azure-devops.js +2 -0
package/providers/bankid-no.d.ts +3 -0
package/providers/bankid-no.d.ts.map +1 -0
package/providers/bankid-no.js +2 -0
package/providers/battlenet.d.ts +3 -0
package/providers/battlenet.d.ts.map +1 -0
package/providers/battlenet.js +2 -0
package/providers/beyondidentity.d.ts +3 -0
package/providers/beyondidentity.d.ts.map +1 -0
package/providers/beyondidentity.js +2 -0
package/providers/bitbucket.d.ts +3 -0
package/providers/bitbucket.d.ts.map +1 -0
package/providers/bitbucket.js +2 -0
package/providers/box.d.ts +3 -0
package/providers/box.d.ts.map +1 -0
package/providers/box.js +2 -0
package/providers/boxyhq-saml.d.ts +3 -0
package/providers/boxyhq-saml.d.ts.map +1 -0
package/providers/boxyhq-saml.js +2 -0
package/providers/bungie.d.ts +3 -0
package/providers/bungie.d.ts.map +1 -0
package/providers/bungie.js +2 -0
package/providers/click-up.d.ts +3 -0
package/providers/click-up.d.ts.map +1 -0
package/providers/click-up.js +2 -0
package/providers/cognito.d.ts +3 -0
package/providers/cognito.d.ts.map +1 -0
package/providers/cognito.js +2 -0
package/providers/coinbase.d.ts +3 -0
package/providers/coinbase.d.ts.map +1 -0
package/providers/coinbase.js +2 -0
package/providers/concept2.d.ts +3 -0
package/providers/concept2.d.ts.map +1 -0
package/providers/concept2.js +2 -0
package/providers/credentials.d.ts +3 -0
package/providers/credentials.d.ts.map +1 -0
package/providers/credentials.js +2 -0
package/providers/descope.d.ts +3 -0
package/providers/descope.d.ts.map +1 -0
package/providers/descope.js +2 -0
package/providers/discord.d.ts +3 -0
package/providers/discord.d.ts.map +1 -0
package/providers/discord.js +2 -0
package/providers/dribbble.d.ts +3 -0
package/providers/dribbble.d.ts.map +1 -0
package/providers/dribbble.js +2 -0
package/providers/dropbox.d.ts +3 -0
package/providers/dropbox.d.ts.map +1 -0
package/providers/dropbox.js +2 -0
package/providers/duende-identity-server6.d.ts +3 -0
package/providers/duende-identity-server6.d.ts.map +1 -0
package/providers/duende-identity-server6.js +2 -0
package/providers/email.d.ts +3 -0
package/providers/email.d.ts.map +1 -0
package/providers/email.js +2 -0
package/providers/eventbrite.d.ts +3 -0
package/providers/eventbrite.d.ts.map +1 -0
package/providers/eventbrite.js +2 -0
package/providers/eveonline.d.ts +3 -0
package/providers/eveonline.d.ts.map +1 -0
package/providers/eveonline.js +2 -0
package/providers/facebook.d.ts +3 -0
package/providers/facebook.d.ts.map +1 -0
package/providers/facebook.js +2 -0
package/providers/faceit.d.ts +3 -0
package/providers/faceit.d.ts.map +1 -0
package/providers/faceit.js +2 -0
package/providers/figma.d.ts +3 -0
package/providers/figma.d.ts.map +1 -0
package/providers/figma.js +2 -0
package/providers/forwardemail.d.ts +3 -0
package/providers/forwardemail.d.ts.map +1 -0
package/providers/forwardemail.js +2 -0
package/providers/foursquare.d.ts +3 -0
package/providers/foursquare.d.ts.map +1 -0
package/providers/foursquare.js +2 -0
package/providers/freshbooks.d.ts +3 -0
package/providers/freshbooks.d.ts.map +1 -0
package/providers/freshbooks.js +2 -0
package/providers/frontegg.d.ts +3 -0
package/providers/frontegg.d.ts.map +1 -0
package/providers/frontegg.js +2 -0
package/providers/fusionauth.d.ts +3 -0
package/providers/fusionauth.d.ts.map +1 -0
package/providers/fusionauth.js +2 -0
package/providers/github.d.ts +3 -0
package/providers/github.d.ts.map +1 -0
package/providers/github.js +2 -0
package/providers/gitlab.d.ts +3 -0
package/providers/gitlab.d.ts.map +1 -0
package/providers/gitlab.js +2 -0
package/providers/google.d.ts +3 -0
package/providers/google.d.ts.map +1 -0
package/providers/google.js +2 -0
package/providers/hubspot.d.ts +3 -0
package/providers/hubspot.d.ts.map +1 -0
package/providers/hubspot.js +2 -0
package/providers/huggingface.d.ts +3 -0
package/providers/huggingface.d.ts.map +1 -0
package/providers/huggingface.js +2 -0
package/providers/identity-server4.d.ts +3 -0
package/providers/identity-server4.d.ts.map +1 -0
package/providers/identity-server4.js +2 -0
package/providers/index.d.ts +2 -0
package/providers/index.d.ts.map +1 -0
package/providers/index.js +1 -0
package/providers/instagram.d.ts +3 -0
package/providers/instagram.d.ts.map +1 -0
package/providers/instagram.js +2 -0
package/providers/kakao.d.ts +3 -0
package/providers/kakao.d.ts.map +1 -0
package/providers/kakao.js +2 -0
package/providers/keycloak.d.ts +3 -0
package/providers/keycloak.d.ts.map +1 -0
package/providers/keycloak.js +2 -0
package/providers/kinde.d.ts +3 -0
package/providers/kinde.d.ts.map +1 -0
package/providers/kinde.js +2 -0
package/providers/line.d.ts +3 -0
package/providers/line.d.ts.map +1 -0
package/providers/line.js +2 -0
package/providers/linkedin.d.ts +3 -0
package/providers/linkedin.d.ts.map +1 -0
package/providers/linkedin.js +2 -0
package/providers/logto.d.ts +3 -0
package/providers/logto.d.ts.map +1 -0
package/providers/logto.js +2 -0
package/providers/loops.d.ts +3 -0
package/providers/loops.d.ts.map +1 -0
package/providers/loops.js +2 -0
package/providers/mailchimp.d.ts +3 -0
package/providers/mailchimp.d.ts.map +1 -0
package/providers/mailchimp.js +2 -0
package/providers/mailgun.d.ts +3 -0
package/providers/mailgun.d.ts.map +1 -0
package/providers/mailgun.js +2 -0
package/providers/mailru.d.ts +3 -0
package/providers/mailru.d.ts.map +1 -0
package/providers/mailru.js +2 -0
package/providers/mastodon.d.ts +3 -0
package/providers/mastodon.d.ts.map +1 -0
package/providers/mastodon.js +2 -0
package/providers/mattermost.d.ts +3 -0
package/providers/mattermost.d.ts.map +1 -0
package/providers/mattermost.js +2 -0
package/providers/medium.d.ts +3 -0
package/providers/medium.d.ts.map +1 -0
package/providers/medium.js +2 -0
package/providers/microsoft-entra-id.d.ts +3 -0
package/providers/microsoft-entra-id.d.ts.map +1 -0
package/providers/microsoft-entra-id.js +2 -0
package/providers/naver.d.ts +3 -0
package/providers/naver.d.ts.map +1 -0
package/providers/naver.js +2 -0
package/providers/netlify.d.ts +3 -0
package/providers/netlify.d.ts.map +1 -0
package/providers/netlify.js +2 -0
package/providers/netsuite.d.ts +3 -0
package/providers/netsuite.d.ts.map +1 -0
package/providers/netsuite.js +2 -0
package/providers/nextcloud.d.ts +3 -0
package/providers/nextcloud.d.ts.map +1 -0
package/providers/nextcloud.js +2 -0
package/providers/nodemailer.d.ts +3 -0
package/providers/nodemailer.d.ts.map +1 -0
package/providers/nodemailer.js +2 -0
package/providers/notion.d.ts +3 -0
package/providers/notion.d.ts.map +1 -0
package/providers/notion.js +2 -0
package/providers/okta.d.ts +3 -0
package/providers/okta.d.ts.map +1 -0
package/providers/okta.js +2 -0
package/providers/onelogin.d.ts +3 -0
package/providers/onelogin.d.ts.map +1 -0
package/providers/onelogin.js +2 -0
package/providers/ory-hydra.d.ts +3 -0
package/providers/ory-hydra.d.ts.map +1 -0
package/providers/ory-hydra.js +2 -0
package/providers/osso.d.ts +3 -0
package/providers/osso.d.ts.map +1 -0
package/providers/osso.js +2 -0
package/providers/osu.d.ts +3 -0
package/providers/osu.d.ts.map +1 -0
package/providers/osu.js +2 -0
package/providers/passage.d.ts +3 -0
package/providers/passage.d.ts.map +1 -0
package/providers/passage.js +2 -0
package/providers/passkey.d.ts +3 -0
package/providers/passkey.d.ts.map +1 -0
package/providers/passkey.js +2 -0
package/providers/patreon.d.ts +3 -0
package/providers/patreon.d.ts.map +1 -0
package/providers/patreon.js +2 -0
package/providers/ping-id.d.ts +3 -0
package/providers/ping-id.d.ts.map +1 -0
package/providers/ping-id.js +2 -0
package/providers/pinterest.d.ts +3 -0
package/providers/pinterest.d.ts.map +1 -0
package/providers/pinterest.js +2 -0
package/providers/pipedrive.d.ts +3 -0
package/providers/pipedrive.d.ts.map +1 -0
package/providers/pipedrive.js +2 -0
package/providers/postmark.d.ts +3 -0
package/providers/postmark.d.ts.map +1 -0
package/providers/postmark.js +2 -0
package/providers/reddit.d.ts +3 -0
package/providers/reddit.d.ts.map +1 -0
package/providers/reddit.js +2 -0
package/providers/resend.d.ts +3 -0
package/providers/resend.d.ts.map +1 -0
package/providers/resend.js +2 -0
package/providers/roblox.d.ts +3 -0
package/providers/roblox.d.ts.map +1 -0
package/providers/roblox.js +2 -0
package/providers/salesforce.d.ts +3 -0
package/providers/salesforce.d.ts.map +1 -0
package/providers/salesforce.js +2 -0
package/providers/sendgrid.d.ts +3 -0
package/providers/sendgrid.d.ts.map +1 -0
package/providers/sendgrid.js +2 -0
package/providers/simplelogin.d.ts +3 -0
package/providers/simplelogin.d.ts.map +1 -0
package/providers/simplelogin.js +2 -0
package/providers/slack.d.ts +3 -0
package/providers/slack.d.ts.map +1 -0
package/providers/slack.js +2 -0
package/providers/spotify.d.ts +3 -0
package/providers/spotify.d.ts.map +1 -0
package/providers/spotify.js +2 -0
package/providers/strava.d.ts +3 -0
package/providers/strava.d.ts.map +1 -0
package/providers/strava.js +2 -0
package/providers/threads.d.ts +3 -0
package/providers/threads.d.ts.map +1 -0
package/providers/threads.js +2 -0
package/providers/tiktok.d.ts +3 -0
package/providers/tiktok.d.ts.map +1 -0
package/providers/tiktok.js +2 -0
package/providers/todoist.d.ts +3 -0
package/providers/todoist.d.ts.map +1 -0
package/providers/todoist.js +2 -0
package/providers/trakt.d.ts +3 -0
package/providers/trakt.d.ts.map +1 -0
package/providers/trakt.js +2 -0
package/providers/twitch.d.ts +3 -0
package/providers/twitch.d.ts.map +1 -0
package/providers/twitch.js +2 -0
package/providers/twitter.d.ts +3 -0
package/providers/twitter.d.ts.map +1 -0
package/providers/twitter.js +2 -0
package/providers/united-effects.d.ts +3 -0
package/providers/united-effects.d.ts.map +1 -0
package/providers/united-effects.js +2 -0
package/providers/vipps.d.ts +3 -0
package/providers/vipps.d.ts.map +1 -0
package/providers/vipps.js +2 -0
package/providers/vk.d.ts +3 -0
package/providers/vk.d.ts.map +1 -0
package/providers/vk.js +2 -0
package/providers/webauthn.d.ts +3 -0
package/providers/webauthn.d.ts.map +1 -0
package/providers/webauthn.js +2 -0
package/providers/webex.d.ts +3 -0
package/providers/webex.d.ts.map +1 -0
package/providers/webex.js +2 -0
package/providers/wechat.d.ts +3 -0
package/providers/wechat.d.ts.map +1 -0
package/providers/wechat.js +2 -0
package/providers/wikimedia.d.ts +3 -0
package/providers/wikimedia.d.ts.map +1 -0
package/providers/wikimedia.js +2 -0
package/providers/wordpress.d.ts +3 -0
package/providers/wordpress.d.ts.map +1 -0
package/providers/wordpress.js +2 -0
package/providers/workos.d.ts +3 -0
package/providers/workos.d.ts.map +1 -0
package/providers/workos.js +2 -0
package/providers/yandex.d.ts +3 -0
package/providers/yandex.d.ts.map +1 -0
package/providers/yandex.js +2 -0
package/providers/zitadel.d.ts +3 -0
package/providers/zitadel.d.ts.map +1 -0
package/providers/zitadel.js +2 -0
package/providers/zoho.d.ts +3 -0
package/providers/zoho.d.ts.map +1 -0
package/providers/zoho.js +2 -0
package/providers/zoom.d.ts +3 -0
package/providers/zoom.d.ts.map +1 -0
package/providers/zoom.js +2 -0
package/react.d.ts +102 -0
package/react.d.ts.map +1 -0
package/react.js +361 -0
package/src/adapters.ts +1 -0
package/src/index.ts +430 -0
package/src/jwt.ts +9 -0
package/src/lib/actions.ts +144 -0
package/src/lib/client.ts +245 -0
package/src/lib/env.ts +36 -0
package/src/lib/index.ts +313 -0
package/src/lib/types.ts +30 -0
package/src/middleware.ts +16 -0
package/src/next.ts +16 -0
package/src/providers/42-school.ts +2 -0
package/src/providers/apple.ts +2 -0
package/src/providers/asgardeo.ts +2 -0
package/src/providers/atlassian.ts +2 -0
package/src/providers/auth0.ts +2 -0
package/src/providers/authentik.ts +2 -0
package/src/providers/azure-ad-b2c.ts +2 -0
package/src/providers/azure-ad.ts +2 -0
package/src/providers/azure-devops.ts +2 -0
package/src/providers/bankid-no.ts +2 -0
package/src/providers/battlenet.ts +2 -0
package/src/providers/beyondidentity.ts +2 -0
package/src/providers/bitbucket.ts +2 -0
package/src/providers/box.ts +2 -0
package/src/providers/boxyhq-saml.ts +2 -0
package/src/providers/bungie.ts +2 -0
package/src/providers/click-up.ts +2 -0
package/src/providers/cognito.ts +2 -0
package/src/providers/coinbase.ts +2 -0
package/src/providers/concept2.ts +2 -0
package/src/providers/credentials.ts +2 -0
package/src/providers/descope.ts +2 -0
package/src/providers/discord.ts +2 -0
package/src/providers/dribbble.ts +2 -0
package/src/providers/dropbox.ts +2 -0
package/src/providers/duende-identity-server6.ts +2 -0
package/src/providers/email.ts +2 -0
package/src/providers/eventbrite.ts +2 -0
package/src/providers/eveonline.ts +2 -0
package/src/providers/facebook.ts +2 -0
package/src/providers/faceit.ts +2 -0
package/src/providers/figma.ts +2 -0
package/src/providers/forwardemail.ts +2 -0
package/src/providers/foursquare.ts +2 -0
package/src/providers/freshbooks.ts +2 -0
package/src/providers/frontegg.ts +2 -0
package/src/providers/fusionauth.ts +2 -0
package/src/providers/github.ts +2 -0
package/src/providers/gitlab.ts +2 -0
package/src/providers/google.ts +2 -0
package/src/providers/hubspot.ts +2 -0
package/src/providers/huggingface.ts +2 -0
package/src/providers/identity-server4.ts +2 -0
package/src/providers/index.ts +1 -0
package/src/providers/instagram.ts +2 -0
package/src/providers/kakao.ts +2 -0
package/src/providers/keycloak.ts +2 -0
package/src/providers/kinde.ts +2 -0
package/src/providers/line.ts +2 -0
package/src/providers/linkedin.ts +2 -0
package/src/providers/logto.ts +2 -0
package/src/providers/loops.ts +2 -0
package/src/providers/mailchimp.ts +2 -0
package/src/providers/mailgun.ts +2 -0
package/src/providers/mailru.ts +2 -0
package/src/providers/mastodon.ts +2 -0
package/src/providers/mattermost.ts +2 -0
package/src/providers/medium.ts +2 -0
package/src/providers/microsoft-entra-id.ts +2 -0
package/src/providers/naver.ts +2 -0
package/src/providers/netlify.ts +2 -0
package/src/providers/netsuite.ts +2 -0
package/src/providers/nextcloud.ts +2 -0
package/src/providers/nodemailer.ts +2 -0
package/src/providers/notion.ts +2 -0
package/src/providers/okta.ts +2 -0
package/src/providers/onelogin.ts +2 -0
package/src/providers/ory-hydra.ts +2 -0
package/src/providers/osso.ts +2 -0
package/src/providers/osu.ts +2 -0
package/src/providers/passage.ts +2 -0
package/src/providers/passkey.ts +2 -0
package/src/providers/patreon.ts +2 -0
package/src/providers/ping-id.ts +2 -0
package/src/providers/pinterest.ts +2 -0
package/src/providers/pipedrive.ts +2 -0
package/src/providers/postmark.ts +2 -0
package/src/providers/reddit.ts +2 -0
package/src/providers/resend.ts +2 -0
package/src/providers/roblox.ts +2 -0
package/src/providers/salesforce.ts +2 -0
package/src/providers/sendgrid.ts +2 -0
package/src/providers/simplelogin.ts +2 -0
package/src/providers/slack.ts +2 -0
package/src/providers/spotify.ts +2 -0
package/src/providers/strava.ts +2 -0
package/src/providers/threads.ts +2 -0
package/src/providers/tiktok.ts +2 -0
package/src/providers/todoist.ts +2 -0
package/src/providers/trakt.ts +2 -0
package/src/providers/twitch.ts +2 -0
package/src/providers/twitter.ts +2 -0
package/src/providers/united-effects.ts +2 -0
package/src/providers/vipps.ts +2 -0
package/src/providers/vk.ts +2 -0
package/src/providers/webauthn.ts +2 -0
package/src/providers/webex.ts +2 -0
package/src/providers/wechat.ts +2 -0
package/src/providers/wikimedia.ts +2 -0
package/src/providers/wordpress.ts +2 -0
package/src/providers/workos.ts +2 -0
package/src/providers/yandex.ts +2 -0
package/src/providers/zitadel.ts +2 -0
package/src/providers/zoho.ts +2 -0
package/src/providers/zoom.ts +2 -0
package/src/react.tsx +546 -0
package/src/webauthn.ts +152 -0
package/webauthn.d.ts +9 -0
package/webauthn.d.ts.map +1 -0
package/webauthn.js +92 -0
package/LICENSE +0 -70
package/dist/actions-CMtg7FGv.js +0 -1
package/dist/actions-CjQUKaXF.mjs +0 -200
package/dist/client/index.js +0 -1
package/dist/client/index.mjs +0 -484
package/dist/components/AccountPicker.d.ts +0 -11
package/dist/components/OAuthButton.d.ts +0 -11
package/dist/components/PassKeyButton.d.ts +0 -11
package/dist/components/PassKeyRegister.d.ts +0 -10
package/dist/components/TwoFactorSetup.d.ts +0 -8
package/dist/components/TwoFactorVerify.d.ts +0 -9
package/dist/core/account-picker/encryption.d.ts +0 -22
package/dist/core/account-picker/index.d.ts +0 -22
package/dist/core/auth/email-password.d.ts +0 -145
package/dist/core/auth/oauth/index.d.ts +0 -14
package/dist/core/auth/oauth/oauth-handler.d.ts +0 -172
package/dist/core/auth/oauth/pkce.d.ts +0 -168
package/dist/core/auth/oauth/providers.d.ts +0 -198
package/dist/core/auth/oauth/state-store-cookie.d.ts +0 -83
package/dist/core/auth/oauth/state-store-redis.d.ts +0 -25
package/dist/core/auth/oauth/state-store.d.ts +0 -48
package/dist/core/auth/otp.d.ts +0 -184
package/dist/core/auth/passkey.d.ts +0 -35
package/dist/core/auth/password.d.ts +0 -22
package/dist/core/auth/signin-unified.d.ts +0 -33
package/dist/core/auth/two-factor.d.ts +0 -28
package/dist/core/client/index.d.ts +0 -132
package/dist/core/client/token-refresh-manager.d.ts +0 -48
package/dist/core/errors/index.d.ts +0 -269
package/dist/core/index.d.ts +0 -9
package/dist/core/logger/index.d.ts +0 -147
package/dist/core/mulguard/auth-handlers.d.ts +0 -100
package/dist/core/mulguard/defaults.d.ts +0 -58
package/dist/core/mulguard/index.d.ts +0 -9
package/dist/core/mulguard/integration.d.ts +0 -104
package/dist/core/mulguard/oauth-handler.d.ts +0 -93
package/dist/core/mulguard/session-manager.d.ts +0 -94
package/dist/core/security/csrf.d.ts +0 -46
package/dist/core/security/headers.d.ts +0 -24
package/dist/core/security/index.d.ts +0 -132
package/dist/core/security/rate-limit.d.ts +0 -39
package/dist/core/security/security-manager.d.ts +0 -236
package/dist/core/security/validation.d.ts +0 -251
package/dist/core/security/xss.d.ts +0 -20
package/dist/core/session/index.d.ts +0 -35
package/dist/core/session/session-manager.d.ts +0 -235
package/dist/core/types/auth.d.ts +0 -290
package/dist/core/types/errors.d.ts +0 -200
package/dist/core/types/index.d.ts +0 -484
package/dist/core/utils/auth-helpers.d.ts +0 -136
package/dist/core/utils/logger.d.ts +0 -121
package/dist/index/index.js +0 -1
package/dist/index/index.mjs +0 -2736
package/dist/index.d.ts +0 -18
package/dist/mulguard.d.ts +0 -373
package/dist/nextjs/client/hooks.d.ts +0 -122
package/dist/nextjs/client/index.d.ts +0 -13
package/dist/nextjs/client/provider.d.ts +0 -69
package/dist/nextjs/client/server-actions-helper.d.ts +0 -22
package/dist/nextjs/handlers/api.d.ts +0 -10
package/dist/nextjs/handlers/index.d.ts +0 -9
package/dist/nextjs/handlers/route.d.ts +0 -76
package/dist/nextjs/index.d.ts +0 -15
package/dist/nextjs/proxy/index.d.ts +0 -149
package/dist/nextjs/proxy/security.d.ts +0 -9
package/dist/nextjs/server/actions.d.ts +0 -30
package/dist/nextjs/server/auth.d.ts +0 -65
package/dist/nextjs/server/cookies.d.ts +0 -41
package/dist/nextjs/server/index.d.ts +0 -18
package/dist/nextjs/server/oauth-state.d.ts +0 -32
package/dist/nextjs/server/session-helpers.d.ts +0 -24
package/dist/nextjs/server/session.d.ts +0 -144
package/dist/oauth-state-Drwz6fES.js +0 -1
package/dist/oauth-state-pdypStuS.mjs +0 -210
package/dist/server/index.js +0 -1
package/dist/server/index.mjs +0 -29

package/dist/core/auth/email-password.d.ts DELETED Viewed

@@ -1,145 +0,0 @@
-import { EmailCredentials, AuthResult, User, Session } from '../types';
-import { SecurityManager } from '../security/security-manager';
-import { Logger } from '../logger';
-/**
- * Email/password authentication configuration.
- */
-export interface EmailPasswordConfig {
-    readonly security?: SecurityManager;
-    readonly logger?: Logger;
-    readonly requireEmailVerification?: boolean;
-    readonly maxLoginAttempts?: number;
-    readonly lockoutDuration?: number;
-}
-/**
- * Email/password authentication handler.
- *
- * Provides secure email/password authentication with validation,
- * rate limiting, and account lockout protection.
- *
- * @example
- * ```typescript
- * const handler = new EmailPasswordAuth({
- *   security: securityManager,
- *   logger: logger,
- * })
- *
- * const result = await handler.authenticate({
- *   email: 'user@example.com',
- *   password: 'password123',
- * }, async (email) => {
- *   // Your custom user lookup logic
- *   return await db.user.findUnique({ where: { email } })
- * })
- * ```
- */
-export declare class EmailPasswordAuth {
-    private readonly config;
-    private readonly security;
-    private readonly loginAttempts;
-    constructor(config?: EmailPasswordConfig);
-    /**
-     * Authenticates a user with email and password.
-     *
-     * @template TUser - User type
-     * @template TSession - Session type
-     * @param credentials - Email and password credentials
-     * @param userLookup - Function to lookup user by email
-     * @param passwordVerify - Function to verify password (optional, uses comparePassword if not provided)
-     * @param createSession - Function to create session (optional)
-     * @returns Authentication result
-     *
-     * @example
-     * ```typescript
-     * const result = await handler.authenticate(
-     *   { email: 'user@example.com', password: 'password123' },
-     *   async (email) => await db.user.findUnique({ where: { email } }),
-     *   async (password, hash) => await bcrypt.compare(password, hash)
-     * )
-     * ```
-     */
-    authenticate<TUser extends User = User, TSession extends Session<TUser> = Session<TUser>>(credentials: EmailCredentials, userLookup: (email: string) => Promise<TUser | null>, passwordVerify?: (password: string, hash: string) => Promise<boolean>, createSession?: (user: TUser) => Promise<TSession>): Promise<AuthResult<TUser, TSession>>;
-    /**
-     * Checks if account is locked.
-     *
-     * @param email - User email
-     * @returns Lockout status
-     */
-    private checkAccountLockout;
-    /**
-     * Records a failed login attempt.
-     *
-     * @param email - User email
-     */
-    private recordFailedAttempt;
-    /**
-     * Clears failed login attempts for an email.
-     *
-     * @param email - User email
-     */
-    private clearFailedAttempts;
-    /**
-     * Resets login attempts for an email (for admin use).
-     *
-     * @param email - User email
-     */
-    resetLoginAttempts(email: string): void;
-}
-/**
- * Creates an email/password authentication handler.
- *
- * @param config - Email/password authentication configuration
- * @returns Email/password authentication handler
- *
- * @example
- * ```typescript
- * const handler = createEmailPasswordAuth({
- *   security: securityManager,
- *   logger: logger,
- * })
- * ```
- */
-export declare function createEmailPasswordAuth(config?: EmailPasswordConfig): EmailPasswordAuth;
-/**
- * TODO: Performance
- * - [ ] Add password hashing caching
- * - [ ] Optimize user lookup with caching
- * - [ ] Implement async password verification
- * - [ ] Add batch authentication support
- *
- * TODO: Features
- * - [ ] Add password reset functionality
- * - [ ] Implement password change with old password verification
- * - [ ] Add password history tracking
- * - [ ] Create password expiration support
- * - [ ] Add account recovery options
- * - [ ] Implement remember me functionality
- *
- * TODO: Security
- * - [ ] Add password breach checking (Have I Been Pwned)
- * - [ ] Implement password strength requirements
- * - [ ] Add two-factor authentication integration
- * - [ ] Create security event logging
- * - [ ] Add IP-based lockout
- *
- * TODO: Type Safety
- * - [ ] Add branded types for email addresses
- * - [ ] Create type-safe password handling
- * - [ ] Implement compile-time validation rules
- *
- * TODO: Testing
- * - [ ] Add comprehensive unit tests
- * - [ ] Test account lockout mechanism
- * - [ ] Test rate limiting integration
- * - [ ] Add password verification tests
- *
- * TODO: Documentation
- * - [ ] Document authentication flow
- * - [ ] Add password policy guide
- * - [ ] Create security best practices guide
- *
- * TODO: Limitations
- * - [ ] Password verification must be implemented by user
- * - [ ] Account lockout is in-memory (consider persistent storage)
- * - [ ] No password hashing included (use bcrypt, argon2, etc.)
- */

package/dist/core/auth/oauth/index.d.ts DELETED Viewed

@@ -1,14 +0,0 @@
-/**
- * OAuth 2.0 Module for Mulguard Authentication Library.
- *
- * Provides comprehensive OAuth authentication with PKCE support,
- * state management, and provider integrations.
- *
- * @module @mulguard/core/auth/oauth
- */
-export * from './providers';
-export * from './pkce';
-export * from './state-store';
-export * from './state-store-cookie';
-export * from './state-store-redis';
-export * from './oauth-handler';

package/dist/core/auth/oauth/oauth-handler.d.ts DELETED Viewed

@@ -1,172 +0,0 @@
-import { OAuthProvidersConfig, OAuthUserInfo, AuthResult, User, Session } from '../../types';
-import { PKCEStorageAdapter } from './pkce';
-import { OAuthStateStore } from './state-store';
-import { Logger } from '../../logger';
-/**
- * OAuth handler configuration.
- */
-export interface OAuthHandlerConfig {
-    readonly providers: OAuthProvidersConfig;
-    readonly baseUrl: string;
-    readonly pkce?: {
-        readonly enabled: boolean;
-        readonly storage?: PKCEStorageAdapter;
-    };
-    readonly stateStore?: OAuthStateStore;
-    readonly logger?: Logger;
-}
-/**
- * OAuth initiation result with authorization URL and state.
- */
-export interface OAuthInitiationResult {
-    readonly url: string;
-    readonly state: string;
-    readonly codeVerifier?: string;
-}
-/**
- * Comprehensive OAuth 2.0 handler with PKCE support.
- *
- * Provides secure OAuth authentication flow with PKCE protection,
- * state management, and comprehensive error handling.
- *
- * @example
- * ```typescript
- * const handler = new OAuthHandler({
- *   providers: {
- *     google: { clientId: '...', clientSecret: '...' },
- *   },
- *   baseUrl: 'https://example.com',
- *   pkce: { enabled: true },
- * })
- *
- * // Initiate OAuth flow
- * const { url, state, codeVerifier } = await handler.initiate('google')
- *
- * // Handle callback
- * const result = await handler.handleCallback('google', code, state, codeVerifier)
- * ```
- */
-export declare class OAuthHandler {
-    private readonly config;
-    private readonly pkceStorage;
-    constructor(config: OAuthHandlerConfig);
-    /**
-     * Initiates OAuth authentication flow.
-     *
-     * Generates authorization URL with PKCE (if enabled) and CSRF state token.
-     *
-     * @param providerId - OAuth provider identifier
-     * @returns OAuth initiation result with authorization URL and state
-     *
-     * @example
-     * ```typescript
-     * const { url, state, codeVerifier } = await handler.initiate('google')
-     * // Store state and codeVerifier securely
-     * // Redirect user to url
-     * ```
-     */
-    initiate(providerId: string): Promise<OAuthInitiationResult>;
-    /**
-     * Handles OAuth callback and completes authentication.
-     *
-     * Validates state token, verifies PKCE (if enabled), exchanges code for tokens,
-     * retrieves user profile, and creates session.
-     *
-     * @template TUser - User type
-     * @template TSession - Session type
-     * @param providerId - OAuth provider identifier
-     * @param code - Authorization code from OAuth callback
-     * @param state - CSRF state token
-     * @param codeVerifier - PKCE code verifier (required if PKCE is enabled)
-     * @param userLookup - Function to lookup/create user from OAuth profile
-     * @param createSession - Function to create session (optional)
-     * @returns Authentication result
-     *
-     * @example
-     * ```typescript
-     * const result = await handler.handleCallback(
-     *   'google',
-     *   code,
-     *   state,
-     *   storedCodeVerifier,
-     *   async (userInfo) => {
-     *     // Lookup or create user
-     *     return await db.user.findOrCreate({ email: userInfo.email })
-     *   }
-     * )
-     * ```
-     */
-    handleCallback<TUser extends User = User, TSession extends Session<TUser> = Session<TUser>>(providerId: string, code: string, state: string, codeVerifier?: string, userLookup?: (userInfo: OAuthUserInfo) => Promise<TUser>, createSession?: (user: TUser, userInfo: OAuthUserInfo) => Promise<TSession>): Promise<AuthResult<TUser, TSession>>;
-    /**
-     * Validates OAuth state token.
-     *
-     * @param state - State token
-     * @param providerId - Provider identifier
-     * @returns True if state is valid
-     */
-    private validateState;
-}
-/**
- * Creates an OAuth handler instance.
- *
- * @param config - OAuth handler configuration
- * @returns OAuth handler instance
- *
- * @example
- * ```typescript
- * const handler = createOAuthHandler({
- *   providers: {
- *     google: { clientId: '...', clientSecret: '...' },
- *   },
- *   baseUrl: 'https://example.com',
- *   pkce: { enabled: true },
- * })
- * ```
- */
-export declare function createOAuthHandler(config: OAuthHandlerConfig): OAuthHandler;
-export * from './pkce';
-export * from './providers';
-/**
- * TODO: Performance
- * - [ ] Add OAuth token caching
- * - [ ] Optimize user profile retrieval
- * - [ ] Implement token refresh caching
- * - [ ] Add batch OAuth operations support
- *
- * TODO: Features
- * - [ ] Add OAuth token refresh support
- * - [ ] Implement OAuth token revocation
- * - [ ] Add OAuth provider discovery
- * - [ ] Create OAuth provider plugin system
- * - [ ] Add OAuth consent screen customization
- *
- * TODO: Security
- * - [ ] Add OAuth flow rate limiting
- * - [ ] Implement OAuth state encryption
- * - [ ] Add OAuth token validation
- * - [ ] Create security event logging
- * - [ ] Add OAuth flow monitoring
- *
- * TODO: Type Safety
- * - [ ] Add branded types for OAuth tokens
- * - [ ] Create type-safe provider configuration
- * - [ ] Implement compile-time validation
- *
- * TODO: Testing
- * - [ ] Add comprehensive unit tests
- * - [ ] Test PKCE flow end-to-end
- * - [ ] Test state validation
- * - [ ] Add provider-specific tests
- *
- * TODO: Documentation
- * - [ ] Document OAuth flow
- * - [ ] Add PKCE setup guide
- * - [ ] Create provider configuration guide
- * - [ ] Document security best practices
- *
- * TODO: Limitations
- * - [ ] PKCE storage is in-memory (consider Redis for production)
- * - [ ] State storage is in-memory (consider Redis for production)
- * - [ ] Token refresh not implemented yet
- * - [ ] No support for custom OAuth providers yet
- */

package/dist/core/auth/oauth/pkce.d.ts DELETED Viewed

@@ -1,168 +0,0 @@
-/**
- * PKCE (Proof Key for Code Exchange) Implementation for OAuth 2.0.
- *
- * Provides secure PKCE code generation and verification for OAuth flows
- * to prevent authorization code interception attacks.
- *
- * @module @mulguard/core/auth/oauth/pkce
- *
- * @see {@link https://tools.ietf.org/html/rfc7636} RFC 7636 - PKCE
- */
-/**
- * PKCE code challenge method.
- */
-export type PKCECodeChallengeMethod = 'S256' | 'plain';
-/**
- * PKCE code pair (verifier and challenge).
- */
-export interface PKCECodePair {
-    readonly codeVerifier: string;
-    readonly codeChallenge: string;
-    readonly codeChallengeMethod: PKCECodeChallengeMethod;
-}
-/**
- * PKCE verification result.
- */
-export interface PKCEVerificationResult {
-    readonly valid: boolean;
-    readonly error?: string;
-}
-/**
- * Generates a cryptographically secure random string for PKCE code verifier.
- *
- * Uses URL-safe base64 encoding (base64url) as per RFC 7636.
- *
- * @param length - Code verifier length (43-128, default: 43)
- * @returns Base64url-encoded code verifier
- *
- * @example
- * ```typescript
- * const verifier = generateCodeVerifier()
- * // Returns: 'abc123xyz...' (43 characters, base64url encoded)
- * ```
- */
-export declare function generateCodeVerifier(length?: number): string;
-/**
- * Generates PKCE code challenge from verifier using S256 method.
- *
- * Uses SHA256 hash and base64url encoding as per RFC 7636.
- *
- * @param codeVerifier - Code verifier
- * @returns Base64url-encoded code challenge
- *
- * @example
- * ```typescript
- * const verifier = generateCodeVerifier()
- * const challenge = generateCodeChallenge(verifier)
- * // Returns: 'E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM' (base64url encoded SHA256 hash)
- * ```
- */
-export declare function generateCodeChallenge(codeVerifier: string): string;
-/**
- * Generates a complete PKCE code pair (verifier + challenge).
- *
- * @param length - Code verifier length (default: 43)
- * @param method - Code challenge method (default: 'S256')
- * @returns PKCE code pair
- *
- * @example
- * ```typescript
- * const { codeVerifier, codeChallenge } = generatePKCECodePair()
- * // Store codeVerifier securely (e.g., in session)
- * // Use codeChallenge in authorization URL
- * ```
- */
-export declare function generatePKCECodePair(length?: number, method?: PKCECodeChallengeMethod): PKCECodePair;
-/**
- * Verifies PKCE code challenge against code verifier.
- *
- * Uses constant-time comparison to prevent timing attacks.
- *
- * @param codeVerifier - Code verifier (from stored session)
- * @param codeChallenge - Code challenge (from authorization request)
- * @param method - Code challenge method (default: 'S256')
- * @returns Verification result
- *
- * @example
- * ```typescript
- * const result = verifyPKCECode(storedVerifier, receivedChallenge)
- * if (!result.valid) {
- *   throw new Error(result.error)
- * }
- * ```
- */
-export declare function verifyPKCECode(codeVerifier: string, codeChallenge: string, method?: PKCECodeChallengeMethod): PKCEVerificationResult;
-/**
- * PKCE code storage adapter interface.
- */
-export interface PKCEStorageAdapter {
-    /**
-     * Stores PKCE code verifier.
-     *
-     * @param key - Storage key (e.g., state token)
-     * @param codeVerifier - Code verifier to store
-     * @param expiresIn - Expiration time in milliseconds
-     */
-    set(key: string, codeVerifier: string, expiresIn: number): Promise<void>;
-    /**
-     * Gets PKCE code verifier.
-     *
-     * @param key - Storage key
-     * @returns Code verifier or null if not found/expired
-     */
-    get(key: string): Promise<string | null>;
-    /**
-     * Deletes PKCE code verifier.
-     *
-     * @param key - Storage key
-     */
-    delete(key: string): Promise<void>;
-}
-/**
- * In-memory PKCE storage adapter.
- */
-export declare class MemoryPKCEStorage implements PKCEStorageAdapter {
-    private readonly storage;
-    set(key: string, codeVerifier: string, expiresIn: number): Promise<void>;
-    get(key: string): Promise<string | null>;
-    delete(key: string): Promise<void>;
-}
-/**
- * TODO: Performance
- * - [ ] Add PKCE code pair caching
- * - [ ] Optimize SHA256 hashing for high-frequency operations
- * - [ ] Consider Web Crypto API for browser environments
- *
- * TODO: Features
- * - [ ] Add Redis-based PKCE storage adapter
- * - [ ] Implement PKCE code rotation
- * - [ ] Add PKCE code expiration tracking
- * - [ ] Create PKCE code cleanup job
- *
- * TODO: Security
- * - [ ] Add PKCE code generation rate limiting
- * - [ ] Implement PKCE code audit logging
- * - [ ] Add PKCE code strength validation
- * - [ ] Create security event monitoring
- *
- * TODO: Type Safety
- * - [ ] Add branded types for code verifier/challenge
- * - [ ] Create type-safe PKCE storage
- * - [ ] Implement compile-time validation
- *
- * TODO: Testing
- * - [ ] Add comprehensive unit tests
- * - [ ] Test constant-time comparison
- * - [ ] Test code generation randomness
- * - [ ] Add storage adapter tests
- *
- * TODO: Documentation
- * - [ ] Document PKCE flow
- * - [ ] Add security considerations guide
- * - [ ] Create PKCE best practices guide
- *
- * TODO: Limitations
- * - [ ] PKCE storage is in-memory (consider Redis for production)
- * - [ ] Code generation uses Node.js Buffer (consider Web Crypto API for browsers)
- * - [ ] Plain method is supported but not recommended
- */

package/dist/core/auth/oauth/providers.d.ts DELETED Viewed

@@ -1,198 +0,0 @@
-import { OAuthProviderConfig } from '../../types';
-/**
- * OAuth provider identifier.
- */
-export type OAuthProviderId = 'google' | 'github' | 'apple' | 'facebook' | string;
-/**
- * Provider metadata for OAuth endpoints and configuration.
- */
-export interface ProviderMetadata {
-    readonly authorizationUrl: string;
-    readonly tokenUrl: string;
-    readonly userInfoUrl: string;
-    readonly defaultScopes: readonly string[];
-    readonly defaultParams?: Readonly<Record<string, string>>;
-}
-/**
- * Normalized OAuth user profile.
- */
-export interface OAuthUserProfile {
-    readonly id: string;
-    readonly email: string;
-    readonly name: string;
-    readonly avatar?: string;
-    readonly emailVerified?: boolean;
-    readonly rawProfile: Readonly<Record<string, unknown>>;
-}
-/**
- * OAuth token exchange result.
- */
-export interface TokenExchangeResult {
-    readonly access_token: string;
-    readonly refresh_token?: string;
-    readonly expires_in?: number;
-    readonly token_type?: string;
-    readonly id_token?: string;
-    readonly scope?: string;
-}
-/**
- * OAuth error response.
- */
-export interface OAuthErrorResponse {
-    readonly error: string;
-    readonly error_description?: string;
-    readonly error_uri?: string;
-}
-/**
- * Built-in OAuth provider metadata.
- *
- * Contains endpoint URLs, default scopes, and provider-specific parameters.
- */
-declare const PROVIDER_METADATA: Readonly<Record<string, ProviderMetadata>>;
-/**
- * Gets provider metadata for a given provider ID.
- *
- * @param providerId - OAuth provider identifier
- * @returns Provider metadata or null if not found
- *
- * @example
- * ```typescript
- * const metadata = getProviderMetadata('google')
- * if (metadata) {
- *   console.log(metadata.authorizationUrl)
- * }
- * ```
- */
-export declare function getProviderMetadata(providerId: string): ProviderMetadata | null;
-/**
- * Type predicate to check if provider metadata exists.
- *
- * @param providerId - Provider ID to check
- * @returns True if provider is supported
- *
- * @example
- * ```typescript
- * if (isSupportedProvider('google')) {
- *   // Provider is supported
- * }
- * ```
- */
-export declare function isSupportedProvider(providerId: string): providerId is keyof typeof PROVIDER_METADATA;
-/**
- * Builds OAuth authorization URL with proper parameters.
- *
- * @param providerId - OAuth provider identifier
- * @param config - Provider configuration
- * @param baseUrl - Base URL for redirect URI
- * @param state - CSRF state token
- * @returns Authorization URL
- * @throws {Error} If provider is not supported
- *
- * @example
- * ```typescript
- * const url = buildOAuthAuthorizationUrl(
- *   'google',
- *   { clientId: '...' },
- *   'https://example.com',
- *   'state123'
- * )
- * ```
- */
-export declare function buildOAuthAuthorizationUrl(providerId: string, config: OAuthProviderConfig, baseUrl: string, state: string): string;
-/**
- * Exchanges authorization code for access tokens.
- *
- * @param providerId - OAuth provider identifier
- * @param config - Provider configuration
- * @param code - Authorization code from OAuth callback
- * @param redirectUri - Redirect URI used in authorization request
- * @param codeVerifier - PKCE code verifier (optional)
- * @returns Token exchange result
- * @throws {Error} If exchange fails or provider is not supported
- *
- * @example
- * ```typescript
- * const tokens = await exchangeOAuthCode(
- *   'google',
- *   { clientId: '...', clientSecret: '...' },
- *   'code123',
- *   'https://example.com/callback',
- *   'code_verifier'
- * )
- * console.log(tokens.access_token)
- * ```
- */
-export declare function exchangeOAuthCode(providerId: string, config: OAuthProviderConfig, code: string, redirectUri: string, codeVerifier?: string): Promise<TokenExchangeResult>;
-/**
- * Retrieves user information from OAuth provider.
- *
- * @param providerId - OAuth provider identifier
- * @param accessToken - OAuth access token
- * @returns Normalized user profile with raw provider data
- * @throws {Error} If retrieval fails or provider is not supported
- *
- * @example
- * ```typescript
- * const profile = await getUserProfile('google', 'access_token_123')
- * console.log(profile.email, profile.name)
- * ```
- */
-export declare function getUserProfile(providerId: string, accessToken: string): Promise<OAuthUserProfile>;
-/**
- * Type predicate to check if a value is a valid OAuth provider config.
- *
- * @param value - Value to check
- * @returns True if value is a valid OAuth provider config
- */
-export declare function isOAuthProviderConfig(value: unknown): value is OAuthProviderConfig;
-export { getUserProfile as getOAuthUserInfo };
-/**
- * TODO: Performance
- * - [ ] Add token exchange result caching (with TTL)
- * - [ ] Implement request retry logic with exponential backoff
- * - [ ] Add connection pooling for OAuth API calls
- * - [ ] Cache provider metadata lookups
- *
- * TODO: Features
- * - [ ] Implement token refresh flow
- * - [ ] Add support for custom OAuth providers
- * - [ ] Create provider plugin system
- * - [ ] Add OAuth 2.1 compliance
- * - [ ] Support for OpenID Connect
- *
- * TODO: Type Safety
- * - [ ] Add branded types for provider IDs
- * - [ ] Create type-safe provider configuration
- * - [ ] Add compile-time provider validation
- * - [ ] Implement type-level endpoint validation
- *
- * TODO: Security
- * - [ ] Add token validation before use
- * - [ ] Implement token encryption at rest
- * - [ ] Add request signing for OAuth calls
- * - [ ] Create security audit logging
- * - [ ] Add rate limiting for OAuth operations
- *
- * TODO: Error Handling
- * - [ ] Add structured error types for OAuth errors
- * - [ ] Implement error recovery strategies
- * - [ ] Add error retry logic
- * - [ ] Create error reporting
- *
- * TODO: Testing
- * - [ ] Add comprehensive unit tests
- * - [ ] Test all provider normalizations
- * - [ ] Test error handling scenarios
- * - [ ] Add integration tests with mock OAuth servers
- *
- * TODO: Documentation
- * - [ ] Add provider-specific configuration guides
- * - [ ] Document error handling best practices
- * - [ ] Create troubleshooting guide
- *
- * TODO: Limitations
- * - [ ] GitHub email retrieval may fail silently
- * - [ ] Apple profile name only available on first sign-in
- * - [ ] Facebook API version is hardcoded (v18.0)
- * - [ ] No support for OAuth 1.0 providers
- */