oauth-callback 1.2.1 → 1.2.3

package/README.md

@@ -4,6 +4,7 @@
 [![npm downloads](https://img.shields.io/npm/dm/oauth-callback.svg)](https://npmjs.com/package/oauth-callback)
 [![MIT License](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/kriasoft/oauth-callback/blob/main/LICENSE)
 [![TypeScript](https://img.shields.io/badge/TypeScript-Ready-blue.svg)](https://www.typescriptlang.org/)
+[![Run on Replit](https://img.shields.io/badge/Run%20on-Replit-orange.svg)](https://replit.com/@kriasoft/oauth-callback)
 
 A lightweight OAuth 2.0 callback handler for Node.js, Deno, and Bun with built-in browser flow and MCP SDK integration. Perfect for CLI tools, desktop applications, and development environments that need to capture OAuth authorization codes.
 
@@ -16,7 +17,7 @@ A lightweight OAuth 2.0 callback handler for Node.js, Deno, and Bun with built-i
 - 🚀 **Multi-runtime support** - Works with Node.js 18+, Deno, and Bun
 - 🔒 **Secure localhost-only server** for OAuth callbacks
 - 🤖 **MCP SDK integration** - Built-in OAuth provider for Model Context Protocol
-- ⚡ **Minimal dependencies** - Only requires `open` package
+- ⚡ **Single dependency** - Only requires `open` for browser launching
 - 🎯 **TypeScript support** out of the box
 - 🛡️ **Comprehensive OAuth error handling** with detailed error classes
 - 🔄 **Automatic server cleanup** after callback
@@ -106,34 +107,6 @@ const result = await getAuthCode({
 });
 ```
 
-### Handling Different OAuth Providers
-
-```typescript
-// Google OAuth
-const googleAuth = await getAuthCode(
-  "https://accounts.google.com/o/oauth2/v2/auth?" +
-    new URLSearchParams({
-      client_id: process.env.GOOGLE_CLIENT_ID,
-      redirect_uri: "http://localhost:3000/callback",
-      response_type: "code",
-      scope: "openid email profile",
-      access_type: "offline",
-    }),
-);
-
-// Microsoft OAuth
-const microsoftAuth = await getAuthCode(
-  "https://login.microsoftonline.com/common/oauth2/v2.0/authorize?" +
-    new URLSearchParams({
-      client_id: process.env.MICROSOFT_CLIENT_ID,
-      redirect_uri: "http://localhost:3000/callback",
-      response_type: "code",
-      scope: "user.read",
-      response_mode: "query",
-    }),
-);
-```
-
 ### MCP SDK Integration
 
 The `browserAuth()` function provides a drop-in OAuth provider for the Model Context Protocol SDK:
@@ -327,18 +300,30 @@ TokenStore implementation for persistent token storage.
 
 ## How It Works
 
-1. **Server Creation**: Creates a temporary HTTP server on the specified port
-2. **Browser Launch**: Opens the authorization URL in the user's default browser
-3. **Callback Handling**: Waits for the OAuth provider to redirect back with the authorization code
-4. **Cleanup**: Automatically closes the server after receiving the callback
-5. **Result**: Returns the authorization code and any additional parameters
+```
+┌─────────────┐     ┌─────────────┐     ┌─────────────┐     ┌─────────────┐
+│  Your App   │────▶│Local Server │────▶│   Browser   │────▶│OAuth Server │
+│             │     │ :3000       │     │             │     │             │
+│ getAuthCode │     │             │◀────│  Callback   │◀────│  Redirect   │
+│     ▼       │◀────│ Returns     │     │ /callback   │     │  with code  │
+│   {code}    │     │ auth code   │     │             │     │             │
+└─────────────┘     └─────────────┘     └─────────────┘     └─────────────┘
+```
+
+1. **Server Creation** — Spins up a temporary localhost HTTP server
+2. **Browser Launch** — Opens the authorization URL in the default browser
+3. **User Authorization** — User grants permission on the OAuth provider's page
+4. **Callback Capture** — Provider redirects to localhost with the authorization code
+5. **Cleanup** — Server closes automatically, code is returned to your app
 
 ## Security Considerations
 
-- The server only accepts connections from localhost
-- Server is closed immediately after receiving the callback
-- No data is stored persistently
-- State parameter validation should be implemented by the application
+- **Localhost-only binding** — Server rejects non-local connections
+- **Ephemeral server** — Shuts down immediately after receiving the callback
+- **No credential logging** — Tokens and codes are never written to logs
+- **State parameter support** — Pass and validate state to prevent CSRF attacks
+- **Configurable timeouts** — Server auto-terminates if callback isn't received
+- **PKCE compatible** — Works with authorization servers that require PKCE
 
 ## Running the Examples
 

package/dist/error.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=error.test.d.ts.map

package/dist/error.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"error.test.d.ts","sourceRoot":"","sources":["../src/error.test.ts"],"names":[],"mappings":""}

package/dist/index.js

@@ -27,16 +27,15 @@ var __export = (target, all) => {
 var __require = /* @__PURE__ */ createRequire(import.meta.url);
 
 // node_modules/open/index.js
-import process6 from "node:process";
-import { Buffer } from "node:buffer";
+import process7 from "node:process";
 import path from "node:path";
 import { fileURLToPath } from "node:url";
-import { promisify as promisify5 } from "node:util";
-import childProcess from "node:child_process";
+import childProcess3 from "node:child_process";
 import fs5, { constants as fsConstants2 } from "node:fs/promises";
 
 // node_modules/wsl-utils/index.js
-import process2 from "node:process";
+import { promisify as promisify2 } from "node:util";
+import childProcess2 from "node:child_process";
 import fs4, { constants as fsConstants } from "node:fs/promises";
 
 // node_modules/is-wsl/index.js
@@ -108,7 +107,54 @@ var isWsl = () => {
 };
 var is_wsl_default = process.env.__IS_WSL_TEST__ ? isWsl : isWsl();
 
+// node_modules/powershell-utils/index.js
+import process2 from "node:process";
+import { Buffer } from "node:buffer";
+import { promisify } from "node:util";
+import childProcess from "node:child_process";
+var execFile = promisify(childProcess.execFile);
+var powerShellPath = () => `${process2.env.SYSTEMROOT || process2.env.windir || String.raw`C:\Windows`}\\System32\\WindowsPowerShell\\v1.0\\powershell.exe`;
+var executePowerShell = async (command, options = {}) => {
+  const {
+    powerShellPath: psPath,
+    ...execFileOptions
+  } = options;
+  const encodedCommand = executePowerShell.encodeCommand(command);
+  return execFile(psPath ?? powerShellPath(), [
+    ...executePowerShell.argumentsPrefix,
+    encodedCommand
+  ], {
+    encoding: "utf8",
+    ...execFileOptions
+  });
+};
+executePowerShell.argumentsPrefix = [
+  "-NoProfile",
+  "-NonInteractive",
+  "-ExecutionPolicy",
+  "Bypass",
+  "-EncodedCommand"
+];
+executePowerShell.encodeCommand = (command) => Buffer.from(command, "utf16le").toString("base64");
+executePowerShell.escapeArgument = (value) => `'${String(value).replaceAll("'", "''")}'`;
+
+// node_modules/wsl-utils/utilities.js
+function parseMountPointFromConfig(content) {
+  for (const line of content.split(`
+`)) {
+    if (/^\s*#/.test(line)) {
+      continue;
+    }
+    const match = /^\s*root\s*=\s*(?<mountPoint>"[^"]*"|'[^']*'|[^#]*)/.exec(line);
+    if (!match) {
+      continue;
+    }
+    return match.groups.mountPoint.trim().replaceAll(/^["']|["']$/g, "");
+  }
+}
+
 // node_modules/wsl-utils/index.js
+var execFile2 = promisify2(childProcess2.execFile);
 var wslDrivesMountPoint = (() => {
   const defaultMountPoint = "/mnt/";
   let mountPoint;
@@ -126,11 +172,11 @@ var wslDrivesMountPoint = (() => {
       return defaultMountPoint;
     }
     const configContent = await fs4.readFile(configFilePath, { encoding: "utf8" });
-    const configMountPoint = /(?<!#.*)root\s*=\s*(?<mountPoint>.*)/g.exec(configContent);
-    if (!configMountPoint) {
+    const parsedMountPoint = parseMountPointFromConfig(configContent);
+    if (parsedMountPoint === undefined) {
       return defaultMountPoint;
     }
-    mountPoint = configMountPoint.groups.mountPoint.trim();
+    mountPoint = parsedMountPoint;
     mountPoint = mountPoint.endsWith("/") ? mountPoint : `${mountPoint}/`;
     return mountPoint;
   };
@@ -139,11 +185,36 @@ var powerShellPathFromWsl = async () => {
   const mountPoint = await wslDrivesMountPoint();
   return `${mountPoint}c/Windows/System32/WindowsPowerShell/v1.0/powershell.exe`;
 };
-var powerShellPath = async () => {
-  if (is_wsl_default) {
-    return powerShellPathFromWsl();
+var powerShellPath2 = is_wsl_default ? powerShellPathFromWsl : powerShellPath;
+var canAccessPowerShellPromise;
+var canAccessPowerShell = async () => {
+  canAccessPowerShellPromise ??= (async () => {
+    try {
+      const psPath = await powerShellPath2();
+      await fs4.access(psPath, fsConstants.X_OK);
+      return true;
+    } catch {
+      return false;
+    }
+  })();
+  return canAccessPowerShellPromise;
+};
+var wslDefaultBrowser = async () => {
+  const psPath = await powerShellPath2();
+  const command = String.raw`(Get-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice").ProgId`;
+  const { stdout } = await executePowerShell(command, { powerShellPath: psPath });
+  return stdout.trim();
+};
+var convertWslPathToWindows = async (path) => {
+  if (/^[a-z]+:\/\//i.test(path)) {
+    return path;
+  }
+  try {
+    const { stdout } = await execFile2("wslpath", ["-aw", path], { encoding: "utf8" });
+    return stdout.trim();
+  } catch {
+    return path;
   }
-  return `${process2.env.SYSTEMROOT || process2.env.windir || String.raw`C:\Windows`}\\System32\\WindowsPowerShell\\v1.0\\powershell.exe`;
 };
 
 // node_modules/define-lazy-prop/index.js
@@ -165,15 +236,15 @@ function defineLazyProperty(object, propertyName, valueGetter) {
 }
 
 // node_modules/default-browser/index.js
-import { promisify as promisify4 } from "node:util";
+import { promisify as promisify6 } from "node:util";
 import process5 from "node:process";
-import { execFile as execFile4 } from "node:child_process";
+import { execFile as execFile6 } from "node:child_process";
 
 // node_modules/default-browser-id/index.js
-import { promisify } from "node:util";
+import { promisify as promisify3 } from "node:util";
 import process3 from "node:process";
-import { execFile } from "node:child_process";
-var execFileAsync = promisify(execFile);
+import { execFile as execFile3 } from "node:child_process";
+var execFileAsync = promisify3(execFile3);
 async function defaultBrowserId() {
   if (process3.platform !== "darwin") {
     throw new Error("macOS only");
@@ -185,9 +256,9 @@ async function defaultBrowserId() {
 
 // node_modules/run-applescript/index.js
 import process4 from "node:process";
-import { promisify as promisify2 } from "node:util";
-import { execFile as execFile2, execFileSync } from "node:child_process";
-var execFileAsync2 = promisify2(execFile2);
+import { promisify as promisify4 } from "node:util";
+import { execFile as execFile4, execFileSync } from "node:child_process";
+var execFileAsync2 = promisify4(execFile4);
 async function runAppleScript(script, { humanReadableOutput = true } = {}) {
   if (process4.platform !== "darwin") {
     throw new Error("macOS only");
@@ -204,20 +275,28 @@ tell application "System Events" to get value of property list item "CFBundleNam
 }
 
 // node_modules/default-browser/windows.js
-import { promisify as promisify3 } from "node:util";
-import { execFile as execFile3 } from "node:child_process";
-var execFileAsync3 = promisify3(execFile3);
+import { promisify as promisify5 } from "node:util";
+import { execFile as execFile5 } from "node:child_process";
+var execFileAsync3 = promisify5(execFile5);
 var windowsBrowserProgIds = {
-  AppXq0fevzme2pys62n3e0fbqa7peapykr8v: { name: "Edge", id: "com.microsoft.edge.old" },
-  MSEdgeDHTML: { name: "Edge", id: "com.microsoft.edge" },
   MSEdgeHTM: { name: "Edge", id: "com.microsoft.edge" },
-  "IE.HTTP": { name: "Internet Explorer", id: "com.microsoft.ie" },
-  FirefoxURL: { name: "Firefox", id: "org.mozilla.firefox" },
+  MSEdgeBHTML: { name: "Edge Beta", id: "com.microsoft.edge.beta" },
+  MSEdgeDHTML: { name: "Edge Dev", id: "com.microsoft.edge.dev" },
+  AppXq0fevzme2pys62n3e0fbqa7peapykr8v: { name: "Edge", id: "com.microsoft.edge.old" },
   ChromeHTML: { name: "Chrome", id: "com.google.chrome" },
+  ChromeBHTML: { name: "Chrome Beta", id: "com.google.chrome.beta" },
+  ChromeDHTML: { name: "Chrome Dev", id: "com.google.chrome.dev" },
+  ChromiumHTM: { name: "Chromium", id: "org.chromium.Chromium" },
   BraveHTML: { name: "Brave", id: "com.brave.Browser" },
   BraveBHTML: { name: "Brave Beta", id: "com.brave.Browser.beta" },
-  BraveSSHTM: { name: "Brave Nightly", id: "com.brave.Browser.nightly" }
+  BraveDHTML: { name: "Brave Dev", id: "com.brave.Browser.dev" },
+  BraveSSHTM: { name: "Brave Nightly", id: "com.brave.Browser.nightly" },
+  FirefoxURL: { name: "Firefox", id: "org.mozilla.firefox" },
+  OperaStable: { name: "Opera", id: "com.operasoftware.Opera" },
+  VivaldiHTM: { name: "Vivaldi", id: "com.vivaldi.Vivaldi" },
+  "IE.HTTP": { name: "Internet Explorer", id: "com.microsoft.ie" }
 };
+var _windowsBrowserProgIdMap = new Map(Object.entries(windowsBrowserProgIds));
 
 class UnknownBrowserError extends Error {
 }
@@ -241,7 +320,7 @@ async function defaultBrowser(_execFileAsync = execFileAsync3) {
 }
 
 // node_modules/default-browser/index.js
-var execFileAsync4 = promisify4(execFile4);
+var execFileAsync4 = promisify6(execFile6);
 var titleize = (string) => string.toLowerCase().replaceAll(/(?:^|\s|-)\S/g, (x) => x.toUpperCase());
 async function defaultBrowser2() {
   if (process5.platform === "darwin") {
@@ -261,42 +340,29 @@ async function defaultBrowser2() {
   throw new Error("Only macOS, Linux, and Windows are supported");
 }
 
+// node_modules/is-in-ssh/index.js
+import process6 from "node:process";
+var isInSsh = Boolean(process6.env.SSH_CONNECTION || process6.env.SSH_CLIENT || process6.env.SSH_TTY);
+var is_in_ssh_default = isInSsh;
+
 // node_modules/open/index.js
-var execFile5 = promisify5(childProcess.execFile);
-var __dirname2 = path.dirname(fileURLToPath(import.meta.url));
+var fallbackAttemptSymbol = Symbol("fallbackAttempt");
+var __dirname2 = import.meta.url ? path.dirname(fileURLToPath(import.meta.url)) : "";
 var localXdgOpenPath = path.join(__dirname2, "xdg-open");
-var { platform, arch } = process6;
-async function getWindowsDefaultBrowserFromWsl() {
-  const powershellPath = await powerShellPath();
-  const rawCommand = String.raw`(Get-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice").ProgId`;
-  const encodedCommand = Buffer.from(rawCommand, "utf16le").toString("base64");
-  const { stdout } = await execFile5(powershellPath, [
-    "-NoProfile",
-    "-NonInteractive",
-    "-ExecutionPolicy",
-    "Bypass",
-    "-EncodedCommand",
-    encodedCommand
-  ], { encoding: "utf8" });
-  const progId = stdout.trim();
-  const browserMap = {
-    ChromeHTML: "com.google.chrome",
-    BraveHTML: "com.brave.Browser",
-    MSEdgeHTM: "com.microsoft.edge",
-    FirefoxURL: "org.mozilla.firefox"
-  };
-  return browserMap[progId] ? { id: browserMap[progId] } : {};
-}
-var pTryEach = async (array, mapper) => {
-  let latestError;
-  for (const item of array) {
+var { platform, arch } = process7;
+var tryEachApp = async (apps, opener) => {
+  if (apps.length === 0) {
+    return;
+  }
+  const errors = [];
+  for (const app of apps) {
     try {
-      return await mapper(item);
+      return await opener(app);
     } catch (error) {
-      latestError = error;
+      errors.push(error);
     }
   }
-  throw latestError;
+  throw new AggregateError(errors, "Failed to open in all supported apps");
 };
 var baseOpen = async (options) => {
   options = {
@@ -306,34 +372,39 @@ var baseOpen = async (options) => {
     allowNonzeroExitCode: false,
     ...options
   };
+  const isFallbackAttempt = options[fallbackAttemptSymbol] === true;
+  delete options[fallbackAttemptSymbol];
   if (Array.isArray(options.app)) {
-    return pTryEach(options.app, (singleApp) => baseOpen({
+    return tryEachApp(options.app, (singleApp) => baseOpen({
       ...options,
-      app: singleApp
+      app: singleApp,
+      [fallbackAttemptSymbol]: true
     }));
   }
   let { name: app, arguments: appArguments = [] } = options.app ?? {};
   appArguments = [...appArguments];
   if (Array.isArray(app)) {
-    return pTryEach(app, (appName) => baseOpen({
+    return tryEachApp(app, (appName) => baseOpen({
       ...options,
       app: {
         name: appName,
         arguments: appArguments
-      }
+      },
+      [fallbackAttemptSymbol]: true
     }));
   }
   if (app === "browser" || app === "browserPrivate") {
     const ids = {
       "com.google.chrome": "chrome",
       "google-chrome.desktop": "chrome",
-      "com.brave.Browser": "brave",
+      "com.brave.browser": "brave",
       "org.mozilla.firefox": "firefox",
       "firefox.desktop": "firefox",
       "com.microsoft.msedge": "edge",
       "com.microsoft.edge": "edge",
       "com.microsoft.edgemac": "edge",
-      "microsoft-edge.desktop": "edge"
+      "microsoft-edge.desktop": "edge",
+      "com.apple.safari": "safari"
     };
     const flags = {
       chrome: "--incognito",
@@ -341,10 +412,20 @@ var baseOpen = async (options) => {
       firefox: "--private-window",
       edge: "--inPrivate"
     };
-    const browser = is_wsl_default ? await getWindowsDefaultBrowserFromWsl() : await defaultBrowser2();
+    let browser;
+    if (is_wsl_default) {
+      const progId = await wslDefaultBrowser();
+      const browserInfo = _windowsBrowserProgIdMap.get(progId);
+      browser = browserInfo ?? {};
+    } else {
+      browser = await defaultBrowser2();
+    }
     if (browser.id in ids) {
-      const browserName = ids[browser.id];
+      const browserName = ids[browser.id.toLowerCase()];
       if (app === "browserPrivate") {
+        if (browserName === "safari") {
+          throw new Error("Safari doesn't support opening in private mode via command line");
+        }
         appArguments.push(flags[browserName]);
       }
       return baseOpen({
@@ -360,6 +441,10 @@ var baseOpen = async (options) => {
   let command;
   const cliArguments = [];
   const childProcessOptions = {};
+  let shouldUseWindowsInWsl = false;
+  if (is_wsl_default && !isInsideContainer() && !is_in_ssh_default && !app) {
+    shouldUseWindowsInWsl = await canAccessPowerShell();
+  }
   if (platform === "darwin") {
     command = "open";
     if (options.wait) {
@@ -374,29 +459,35 @@ var baseOpen = async (options) => {
     if (app) {
       cliArguments.push("-a", app);
     }
-  } else if (platform === "win32" || is_wsl_default && !isInsideContainer() && !app) {
-    command = await powerShellPath();
-    cliArguments.push("-NoProfile", "-NonInteractive", "-ExecutionPolicy", "Bypass", "-EncodedCommand");
+  } else if (platform === "win32" || shouldUseWindowsInWsl) {
+    command = await powerShellPath2();
+    cliArguments.push(...executePowerShell.argumentsPrefix);
     if (!is_wsl_default) {
       childProcessOptions.windowsVerbatimArguments = true;
     }
-    const encodedArguments = ["Start"];
+    if (is_wsl_default && options.target) {
+      options.target = await convertWslPathToWindows(options.target);
+    }
+    const encodedArguments = ["$ProgressPreference = 'SilentlyContinue';", "Start"];
     if (options.wait) {
       encodedArguments.push("-Wait");
     }
     if (app) {
-      encodedArguments.push(`"\`"${app}\`""`);
+      encodedArguments.push(executePowerShell.escapeArgument(app));
       if (options.target) {
         appArguments.push(options.target);
       }
     } else if (options.target) {
-      encodedArguments.push(`"${options.target}"`);
+      encodedArguments.push(executePowerShell.escapeArgument(options.target));
     }
     if (appArguments.length > 0) {
-      appArguments = appArguments.map((argument) => `"\`"${argument}\`""`);
+      appArguments = appArguments.map((argument) => executePowerShell.escapeArgument(argument));
       encodedArguments.push("-ArgumentList", appArguments.join(","));
     }
-    options.target = Buffer.from(encodedArguments.join(" "), "utf16le").toString("base64");
+    options.target = executePowerShell.encodeCommand(encodedArguments.join(" "));
+    if (!options.wait) {
+      childProcessOptions.stdio = "ignore";
+    }
   } else {
     if (app) {
       command = app;
@@ -407,7 +498,7 @@ var baseOpen = async (options) => {
         await fs5.access(localXdgOpenPath, fsConstants2.X_OK);
         exeLocalXdgOpen = true;
       } catch {}
-      const useSystemXdgOpen = process6.versions.electron ?? (platform === "android" || isBundled || !exeLocalXdgOpen);
+      const useSystemXdgOpen = process7.versions.electron ?? (platform === "android" || isBundled || !exeLocalXdgOpen);
       command = useSystemXdgOpen ? "xdg-open" : localXdgOpenPath;
     }
     if (appArguments.length > 0) {
@@ -424,12 +515,12 @@ var baseOpen = async (options) => {
   if (options.target) {
     cliArguments.push(options.target);
   }
-  const subprocess = childProcess.spawn(command, cliArguments, childProcessOptions);
+  const subprocess = childProcess3.spawn(command, cliArguments, childProcessOptions);
   if (options.wait) {
     return new Promise((resolve, reject) => {
       subprocess.once("error", reject);
       subprocess.once("close", (exitCode) => {
-        if (!options.allowNonzeroExitCode && exitCode > 0) {
+        if (!options.allowNonzeroExitCode && exitCode !== 0) {
           reject(new Error(`Exited with code ${exitCode}`));
           return;
         }
@@ -437,8 +528,30 @@ var baseOpen = async (options) => {
       });
     });
   }
+  if (isFallbackAttempt) {
+    return new Promise((resolve, reject) => {
+      subprocess.once("error", reject);
+      subprocess.once("spawn", () => {
+        subprocess.once("close", (exitCode) => {
+          subprocess.off("error", reject);
+          if (exitCode !== 0) {
+            reject(new Error(`Exited with code ${exitCode}`));
+            return;
+          }
+          subprocess.unref();
+          resolve(subprocess);
+        });
+      });
+    });
+  }
   subprocess.unref();
-  return subprocess;
+  return new Promise((resolve, reject) => {
+    subprocess.once("error", reject);
+    subprocess.once("spawn", () => {
+      subprocess.off("error", reject);
+      resolve(subprocess);
+    });
+  });
 };
 var open = (target, options) => {
   if (typeof target !== "string") {
@@ -459,7 +572,7 @@ function detectArchBinary(binary) {
   }
   return archBinary;
 }
-function detectPlatformBinary({ [platform]: platformBinary }, { wsl }) {
+function detectPlatformBinary({ [platform]: platformBinary }, { wsl } = {}) {
   if (wsl && is_wsl_default) {
     return detectArchBinary(wsl);
   }
@@ -468,11 +581,14 @@ function detectPlatformBinary({ [platform]: platformBinary }, { wsl }) {
   }
   return detectArchBinary(platformBinary);
 }
-var apps = {};
+var apps = {
+  browser: "browser",
+  browserPrivate: "browserPrivate"
+};
 defineLazyProperty(apps, "chrome", () => detectPlatformBinary({
   darwin: "google chrome",
   win32: "chrome",
-  linux: ["google-chrome", "google-chrome-stable", "chromium"]
+  linux: ["google-chrome", "google-chrome-stable", "chromium", "chromium-browser"]
 }, {
   wsl: {
     ia32: "/mnt/c/Program Files (x86)/Google/Chrome/Application/chrome.exe",
@@ -503,8 +619,9 @@ defineLazyProperty(apps, "edge", () => detectPlatformBinary({
 }, {
   wsl: "/mnt/c/Program Files (x86)/Microsoft/Edge/Application/msedge.exe"
 }));
-defineLazyProperty(apps, "browser", () => "browser");
-defineLazyProperty(apps, "browserPrivate", () => "browserPrivate");
+defineLazyProperty(apps, "safari", () => detectPlatformBinary({
+  darwin: "Safari"
+}));
 var open_default = open;
 
 // src/errors.ts
@@ -675,6 +792,10 @@ class BunCallbackServer extends BaseCallbackServer {
   async stopServer() {
     if (!this.server)
       return;
+    while (this.server.pendingRequests > 0) {
+      await new Promise((resolve) => setTimeout(resolve, 10));
+    }
+    await new Promise((resolve) => setTimeout(resolve, 100));
     this.server.stop();
     this.server = undefined;
   }
@@ -725,6 +846,7 @@ class NodeCallbackServer extends BaseCallbackServer {
   async stopServer() {
     if (!this.server)
       return;
+    this.server.closeAllConnections();
     return new Promise((resolve) => {
       this.server?.close(() => {
         this.server = undefined;