oauth-callback 1.2.0 → 1.2.2

package/dist/server.d.ts

@@ -5,7 +5,7 @@
  * SPDX-License-Identifier: MIT
  */
 /**
- * Result object returned from OAuth callback containing authorization code or error details
+ * Result object returned from OAuth callback containing authorization code or error details.
  */
 export interface CallbackResult {
     /** Authorization code returned by OAuth provider */
@@ -22,7 +22,7 @@ export interface CallbackResult {
     [key: string]: string | undefined;
 }
 /**
- * Configuration options for the OAuth callback server
+ * Configuration options for the OAuth callback server.
  */
 export interface ServerOptions {
     /** Port number to bind the server to */
@@ -39,7 +39,7 @@ export interface ServerOptions {
     onRequest?: (req: Request) => void;
 }
 /**
- * Interface for OAuth callback server implementations across different runtimes
+ * Interface for OAuth callback server implementations across different runtimes.
  */
 export interface CallbackServer {
     /** Start the HTTP server with the given options */
@@ -50,9 +50,9 @@ export interface CallbackServer {
     stop(): Promise<void>;
 }
 /**
- * Create a callback server for the current runtime (Bun, Deno, or Node.js)
- * Automatically detects the runtime and returns appropriate server implementation
- * @returns CallbackServer instance optimized for the current runtime
+ * Create a callback server for the current runtime (Bun, Deno, or Node.js).
+ * Automatically detects the runtime and returns the appropriate server implementation.
+ * @returns CallbackServer instance optimized for the current runtime.
  */
 export declare function createCallbackServer(): CallbackServer;
 //# sourceMappingURL=server.d.ts.map

package/dist/server.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,oDAAoD;IACpD,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,0CAA0C;IAC1C,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kEAAkE;IAClE,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,uCAAuC;IACvC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,4CAA4C;IAC5C,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,sDAAsD;IACtD,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,wCAAwC;IACxC,IAAI,EAAE,MAAM,CAAC;IACb,4DAA4D;IAC5D,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,uDAAuD;IACvD,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,mHAAmH;IACnH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,sDAAsD;IACtD,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,oFAAoF;IACpF,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,IAAI,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,mDAAmD;IACnD,KAAK,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7C,iEAAiE;IACjE,eAAe,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IACxE,4CAA4C;IAC5C,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CACvB;AAuhBD;;;;GAIG;AACH,wBAAgB,oBAAoB,IAAI,cAAc,CAarD"}
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,oDAAoD;IACpD,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,0CAA0C;IAC1C,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kEAAkE;IAClE,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,uCAAuC;IACvC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,4CAA4C;IAC5C,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,sDAAsD;IACtD,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,wCAAwC;IACxC,IAAI,EAAE,MAAM,CAAC;IACb,4DAA4D;IAC5D,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,uDAAuD;IACvD,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,mHAAmH;IACnH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,sDAAsD;IACtD,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,oFAAoF;IACpF,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,IAAI,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,mDAAmD;IACnD,KAAK,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7C,iEAAiE;IACjE,eAAe,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IACxE,4CAA4C;IAC5C,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CACvB;AAyRD;;;;GAIG;AACH,wBAAgB,oBAAoB,IAAI,cAAc,CAKrD"}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "oauth-callback",
-  "version": "1.2.0",
-  "description": "Lightweight OAuth 2.0 callback handler for Node.js, Deno, and Bun with built-in browser flow, MCP support, and zero dependencies",
+  "version": "1.2.2",
+  "description": "Lightweight OAuth 2.0 callback handler for Node.js, Deno, and Bun with built-in browser flow and MCP SDK integration",
   "keywords": [
     "oauth",
     "oauth2",
@@ -35,7 +35,7 @@
     "type": "git",
     "url": "git+https://github.com/kriasoft/oauth-callback.git"
   },
-  "homepage": "https://github.com/kriasoft/oauth-callback",
+  "homepage": "https://kriasoft.com/oauth-callback",
   "bugs": {
     "url": "https://github.com/kriasoft/oauth-callback/issues"
   },
@@ -64,7 +64,7 @@
     "./package.json": "./package.json"
   },
   "dependencies": {
-    "open": "^10.2.0"
+    "open": "^11.0.0"
   },
   "peerDependencies": {
     "@modelcontextprotocol/sdk": ">=1.17.0 <2",
@@ -79,11 +79,18 @@
     }
   },
   "devDependencies": {
-    "@modelcontextprotocol/sdk": "^1.17.3",
-    "@types/bun": "^1.2.20",
-    "prettier": "^3.6.2",
-    "publint": "^0.3.12",
-    "typescript": "^5.9.2"
+    "@modelcontextprotocol/sdk": "^1.25.2",
+    "@types/bun": "^1.3.6",
+    "@types/deno": "^2.5.0",
+    "@types/node": "^24.10.9",
+    "@types/open": "^6.2.1",
+    "bun-types": "^1.2.20",
+    "mermaid": "^11.12.2",
+    "prettier": "^3.8.0",
+    "publint": "^0.3.16",
+    "typescript": "^5.9.3",
+    "vitepress": "^1.6.4",
+    "vitepress-plugin-mermaid": "^2.0.17"
   },
   "prettier": {
     "trailingComma": "all",
@@ -106,6 +113,10 @@
     "example:github": "bun run examples/github.ts",
     "example:notion": "bun run examples/notion.ts",
     "example:mcp-auth": "bun run examples/mcp-auth.ts",
-    "prepublishOnly": "bun run build && bun run lint:package"
+    "prepublishOnly": "bun run build && bun run lint:package",
+    "docs:dev": "vitepress dev docs",
+    "docs:build": "vitepress build docs",
+    "docs:preview": "vitepress preview docs",
+    "docs:publish": "bunx gh-pages -d docs/.vitepress/dist"
   }
 }

package/src/error.test.ts

@@ -0,0 +1,204 @@
+import { expect, test, describe } from "bun:test";
+import { OAuthError, TimeoutError } from "./errors";
+
+describe("OAuthError", () => {
+  describe("constructor", () => {
+    test("sets all properties correctly", () => {
+      const e = new OAuthError(
+        "access_denied",
+        "User denied access",
+        "https://ex.com/e",
+      );
+      expect(e).toBeInstanceOf(OAuthError);
+      expect(e).toBeInstanceOf(Error);
+      expect(e.name).toBe("OAuthError");
+      expect(e.error).toBe("access_denied");
+      expect(e.error_description).toBe("User denied access");
+      expect(e.error_uri).toBe("https://ex.com/e");
+      expect(typeof e.stack).toBe("string");
+      expect(e.stack!.startsWith("OAuthError")).toBeTrue();
+    });
+
+    test("uses error code as message when description is not provided", () => {
+      const error = new OAuthError("server_error");
+      expect(error.message).toBe("server_error");
+      expect(error.error_description).toBeUndefined();
+    });
+
+    test("sets optional parameters correctly", () => {
+      const error1 = new OAuthError("invalid_request", "Bad request");
+      expect(error1.error_description).toBe("Bad request");
+      expect(error1.error_uri).toBeUndefined();
+
+      const error2 = new OAuthError("invalid_request");
+      expect(error2.error_description).toBeUndefined();
+      expect(error2.error_uri).toBeUndefined();
+    });
+  });
+
+  describe("inheritance", () => {
+    test("extends native Error class", () => {
+      const error = new OAuthError("invalid_request");
+      expect(error instanceof Error).toBe(true);
+      expect(error instanceof OAuthError).toBe(true);
+    });
+
+    test("has correct name property", () => {
+      const error = new OAuthError("any_error");
+      expect(error.name).toBe("OAuthError");
+    });
+
+    test("maintains proper stack trace", () => {
+      const error = new OAuthError("unauthorized_client");
+      expect(typeof error.stack).toBe("string");
+      expect(error.stack!.includes("OAuthError")).toBe(true);
+      expect(error.stack!.includes(error.message)).toBe(true);
+    });
+  });
+
+  describe("edge cases", () => {
+    test("handles empty string parameters", () => {
+      const error = new OAuthError("", "", "");
+      expect(error.error).toBe("");
+      expect(error.message).toBe("");
+      expect(error.error_description).toBe("");
+      expect(error.error_uri).toBe("");
+    });
+
+    test("handles very long strings", () => {
+      const longString = "x".repeat(10000);
+      const error = new OAuthError(longString, longString, longString);
+      expect(error.error).toBe(longString);
+      expect(error.error_description).toBe(longString);
+      expect(error.error_uri).toBe(longString);
+      expect(error.message).toBe(longString);
+    });
+
+    test("handles special characters and unicode", () => {
+      const special = "错误 🚨 <script>alert('xss')</script>";
+      const error = new OAuthError(special, special, special);
+      expect(error.error).toBe(special);
+      expect(error.error_description).toBe(special);
+      expect(error.error_uri).toBe(special);
+    });
+  });
+
+  describe("serialization", () => {
+    test("JSON.stringify includes custom properties and name", () => {
+      const error = new OAuthError(
+        "access_denied",
+        "User denied access",
+        "https://example.com/error",
+      );
+      const json = JSON.stringify(error);
+      const parsed = JSON.parse(json);
+
+      expect(parsed.error).toBe("access_denied");
+      expect(parsed.error_description).toBe("User denied access");
+      expect(parsed.error_uri).toBe("https://example.com/error");
+      expect(parsed.name).toBe("OAuthError");
+      expect(parsed.message).toBeUndefined();
+      expect(parsed.stack).toBeUndefined();
+    });
+
+    test("JSON.stringify with minimal properties", () => {
+      const error = new OAuthError("invalid_grant");
+      const json = JSON.stringify(error);
+      const parsed = JSON.parse(json);
+
+      expect(parsed.error).toBe("invalid_grant");
+      expect(parsed.error_description).toBeUndefined();
+      expect(parsed.error_uri).toBeUndefined();
+      expect(parsed.name).toBe("OAuthError");
+    });
+  });
+
+  describe("comparison", () => {
+    test("two errors with same properties are not equal by reference", () => {
+      const e1 = new OAuthError("same", "desc", "uri");
+      const e2 = new OAuthError("same", "desc", "uri");
+      expect(e1 === e2).toBe(false);
+      expect(e1).not.toBe(e2);
+    });
+
+    test("errors have different stack traces even with same properties", () => {
+      const e1 = new OAuthError("same");
+      const e2 = new OAuthError("same");
+      expect(e1.stack).not.toBe(e2.stack);
+    });
+  });
+});
+
+describe("TimeoutError", () => {
+  describe("constructor", () => {
+    test("has correct name property", () => {
+      const error = new TimeoutError();
+      expect(error.name).toBe("TimeoutError");
+    });
+
+    test("uses default message when not provided", () => {
+      const error = new TimeoutError();
+      expect(error.message).toBe("OAuth callback timed out");
+    });
+
+    test("uses custom message when provided", () => {
+      const error = new TimeoutError("It took too long, please try again.");
+      expect(error.message).toBe("It took too long, please try again.");
+    });
+  });
+
+  describe("inheritance", () => {
+    test("extends native Error class", () => {
+      const error = new TimeoutError();
+      expect(error instanceof Error).toBe(true);
+      expect(error instanceof TimeoutError).toBe(true);
+    });
+
+    test("maintains proper stack trace", () => {
+      const error = new TimeoutError("Custom timeout message");
+      expect(typeof error.stack).toBe("string");
+      expect(error.stack!.includes("TimeoutError")).toBe(true);
+      expect(error.stack!.includes(error.message)).toBe(true);
+    });
+  });
+
+  describe("edge cases", () => {
+    test("handles empty string message", () => {
+      const error = new TimeoutError("");
+      expect(error.message).toBe("");
+    });
+
+    test("handles very long message", () => {
+      const longMessage = "Timeout: " + "x".repeat(10000);
+      const error = new TimeoutError(longMessage);
+      expect(error.message).toBe(longMessage);
+    });
+  });
+
+  describe("serialization", () => {
+    test("JSON.stringify only includes name property", () => {
+      const error = new TimeoutError("Custom message");
+      const json = JSON.stringify(error);
+      const parsed = JSON.parse(json);
+
+      expect(parsed).toEqual({ name: "TimeoutError" });
+      expect(parsed.message).toBeUndefined();
+      expect(parsed.stack).toBeUndefined();
+    });
+  });
+
+  describe("comparison", () => {
+    test("two errors with same message are not equal by reference", () => {
+      const e1 = new TimeoutError("Same message");
+      const e2 = new TimeoutError("Same message");
+      expect(e1 === e2).toBe(false);
+      expect(e1).not.toBe(e2);
+    });
+
+    test("errors have different stack traces even with same message", () => {
+      const e1 = new TimeoutError();
+      const e2 = new TimeoutError();
+      expect(e1.stack).not.toBe(e2.stack);
+    });
+  });
+});