sst 3.0.36 → 3.0.38

package/dist/src/auth/adapter/github.js

@@ -1,23 +0,0 @@
-import { Issuer } from "openid-client";
-import { OauthAdapter } from "./oauth.js";
-import { OidcAdapter } from "./oidc.js";
-const issuer = new Issuer({
-    issuer: "https://github.com",
-    authorization_endpoint: "https://github.com/login/oauth/authorize",
-    token_endpoint: "https://github.com/login/oauth/access_token",
-});
-export const GithubAdapter = 
-/* @__PURE__ */
-(config) => {
-    if (config.mode === "oauth") {
-        return OauthAdapter({
-            issuer,
-            ...config,
-        });
-    }
-    return OidcAdapter({
-        issuer,
-        scope: "openid email profile",
-        ...config,
-    });
-};

package/dist/src/auth/adapter/google.d.ts

@@ -1,17 +0,0 @@
-import { OidcBasicConfig } from "./oidc.js";
-import { OauthBasicConfig } from "./oauth.js";
-type GooglePrompt = "none" | "consent" | "select_account";
-type GoogleAccessType = "offline" | "online";
-type GoogleConfig = (OauthBasicConfig & {
-    mode: "oauth";
-    prompt?: GooglePrompt;
-    accessType?: GoogleAccessType;
-}) | (OidcBasicConfig & {
-    mode: "oidc";
-    prompt?: GooglePrompt;
-});
-export declare function GoogleAdapter(config: GoogleConfig): (routes: import("./adapter.js").AdapterRoute, ctx: import("./adapter.js").AdapterOptions<{
-    tokenset: import("openid-client").TokenSet;
-    client: import("openid-client").BaseClient;
-}>) => Promise<void>;
-export {};

package/dist/src/auth/adapter/google.js

@@ -1,22 +0,0 @@
-import { Issuer } from "openid-client";
-import { OidcAdapter } from "./oidc.js";
-import { OauthAdapter } from "./oauth.js";
-const issuer = await Issuer.discover("https://accounts.google.com");
-export function GoogleAdapter(config) {
-    /* @__PURE__ */
-    if (config.mode === "oauth") {
-        return OauthAdapter({
-            issuer,
-            ...config,
-            params: {
-                ...(config.accessType && { access_type: config.accessType }),
-                ...config.params,
-            },
-        });
-    }
-    return OidcAdapter({
-        issuer,
-        scope: "openid email profile",
-        ...config,
-    });
-}

package/dist/src/auth/adapter/index.d.ts

@@ -1,11 +0,0 @@
-export * from "./oidc.js";
-export * from "./google.js";
-export * from "./link.js";
-export * from "./github.js";
-export * from "./facebook.js";
-export * from "./microsoft.js";
-export * from "./oauth.js";
-export * from "./spotify.js";
-export * from "./code.js";
-export * from "./apple.js";
-export type { Adapter } from "./adapter.js";

package/dist/src/auth/adapter/index.js

@@ -1,10 +0,0 @@
-export * from "./oidc.js";
-export * from "./google.js";
-export * from "./link.js";
-export * from "./github.js";
-export * from "./facebook.js";
-export * from "./microsoft.js";
-export * from "./oauth.js";
-export * from "./spotify.js";
-export * from "./code.js";
-export * from "./apple.js";

package/dist/src/auth/adapter/link.d.ts

@@ -1,6 +0,0 @@
-/// <reference types="node" resolution-mode="require"/>
-export declare function LinkAdapter(config: {
-    onLink: (link: string, claims: Record<string, any>) => Promise<Response>;
-}): (routes: import("./adapter.js").AdapterRoute, ctx: import("./adapter.js").AdapterOptions<{
-    claims: Record<string, string>;
-}>) => void;

package/dist/src/auth/adapter/link.js

@@ -1,27 +0,0 @@
-import { SignJWT, jwtVerify } from "jose";
-export function LinkAdapter(config) {
-    return function (routes, ctx) {
-        routes.get("/authorize", async (c) => {
-            const token = await new SignJWT(c.req.query())
-                .setProtectedHeader({ alg: ctx.algorithm })
-                .setExpirationTime("10m")
-                .sign(await ctx.signing.privateKey());
-            const url = new URL(new URL(c.req.url).origin);
-            url.pathname = `/${ctx.name}/callback`;
-            for (const key of url.searchParams.keys()) {
-                url.searchParams.delete(key);
-            }
-            url.searchParams.set("token", token);
-            const resp = ctx.forward(c, await config.onLink(url.toString(), c.req.query()));
-            return resp;
-        });
-        routes.get("/callback", async (c) => {
-            const token = c.req.query("token");
-            if (!token)
-                throw new Error("Missing token parameter");
-            const verified = await jwtVerify(token, await ctx.signing.publicKey());
-            const resp = await ctx.success(c, { claims: verified.payload });
-            return resp;
-        });
-    };
-}

package/dist/src/auth/adapter/microsoft.d.ts

@@ -1,11 +0,0 @@
-import { OidcBasicConfig } from "./oidc.js";
-type MicrosoftConfig = OidcBasicConfig & {
-    mode: "oidc";
-    prompt?: "login" | "none" | "consent" | "select_account";
-    tenantID?: string;
-};
-export declare function MicrosoftAdapter(config: MicrosoftConfig): (routes: import("./adapter.js").AdapterRoute, ctx: import("./adapter.js").AdapterOptions<{
-    tokenset: import("openid-client").TokenSet;
-    client: import("openid-client").BaseClient;
-}>) => Promise<void>;
-export {};

package/dist/src/auth/adapter/microsoft.js

@@ -1,16 +0,0 @@
-import { Issuer } from "openid-client";
-import { OidcAdapter } from "./oidc.js";
-export function MicrosoftAdapter(config) {
-    const authority = config?.tenantID ?? "common";
-    const issuer = `https://login.microsoftonline.com/${authority}`;
-    return OidcAdapter({
-        issuer: new Issuer({
-            issuer: `${issuer}/v2.0`,
-            authorization_endpoint: `${issuer}/oauth2/v2.0/authorize`,
-            token_endpoint: `${issuer}/oauth2/v2.0/token`,
-            jwks_uri: `${issuer}/discovery/v2.0/keys`,
-        }),
-        scope: "openid email profile",
-        ...config,
-    });
-}

package/dist/src/auth/adapter/oauth.d.ts

@@ -1,33 +0,0 @@
-import { BaseClient, Issuer, TokenSet } from "openid-client";
-import { AdapterError } from "./adapter.js";
-export interface OauthBasicConfig {
-    /**
-     * The clientID provided by the third party oauth service
-     */
-    clientID: string;
-    /**
-     * The clientSecret provided by the third party oauth service
-     */
-    clientSecret: string;
-    /**
-     * Various scopes requested for the access token
-     */
-    scope: string;
-    /**
-     * Determines whether users will be prompted for reauthentication and consent
-     */
-    prompt?: string;
-    /**
-     * Additional parameters to be passed to the authorization endpoint
-     */
-    params?: Record<string, string>;
-}
-export interface OauthConfig extends OauthBasicConfig {
-    issuer: Issuer;
-}
-export declare class OauthError extends AdapterError {
-}
-export declare const OauthAdapter: (config: OauthConfig) => (routes: import("./adapter.js").AdapterRoute, ctx: import("./adapter.js").AdapterOptions<{
-    tokenset: TokenSet;
-    client: BaseClient;
-}>) => Promise<void>;

package/dist/src/auth/adapter/oauth.js

@@ -1,79 +0,0 @@
-import { generators } from "openid-client";
-import { AdapterError } from "./adapter.js";
-import { getCookie } from "hono/cookie";
-export class OauthError extends AdapterError {
-}
-export const OauthAdapter = 
-/* @__PURE__ */
-(config) => {
-    return async function (routes, ctx) {
-        function getClient(c) {
-            const callback = c.req.url.replace(/authorize\/.*$/, "callback");
-            return [
-                callback,
-                new config.issuer.Client({
-                    client_id: config.clientID,
-                    client_secret: config.clientSecret,
-                    redirect_uris: [callback],
-                    response_types: ["code"],
-                }),
-            ];
-        }
-        routes.get("/authorize", async (c) => {
-            const [_, client] = getClient(c);
-            const code_verifier = generators.codeVerifier();
-            const state = generators.state();
-            const code_challenge = generators.codeChallenge(code_verifier);
-            const url = client.authorizationUrl({
-                scope: config.scope,
-                code_challenge: code_challenge,
-                code_challenge_method: "S256",
-                state,
-                prompt: config.prompt,
-                ...config.params,
-            });
-            ctx.cookie(c, "auth_code_verifier", code_verifier, 60 * 10);
-            ctx.cookie(c, "auth_state", state, 60 * 10);
-            return c.redirect(url);
-        });
-        routes.get("/callback", async (c) => {
-            const [callback, client] = getClient(c);
-            const query = c.req.query();
-            if (query.error) {
-                throw new OauthError(query.error);
-            }
-            const code_verifier = getCookie(c, "auth_code_verifier");
-            const state = getCookie(c, "auth_state");
-            const tokenset = await client[config.issuer.metadata.userinfo_endpoint
-                ? "callback"
-                : "oauthCallback"](callback, query, {
-                code_verifier,
-                state,
-            });
-            return ctx.success(c, {
-                client,
-                tokenset,
-            });
-        });
-        // response_mode=form_post
-        routes.get("/callback", async (c) => {
-            const [callback, client] = getClient(c);
-            const form = await c.req.formData();
-            if (form.get("error")) {
-                throw new OauthError(form.get("error").toString());
-            }
-            const code_verifier = getCookie(c, "auth_code_verifier");
-            const state = getCookie(c, "auth_state");
-            const tokenset = await client[config.issuer.metadata.userinfo_endpoint
-                ? "callback"
-                : "oauthCallback"](callback, Object.fromEntries(form), {
-                code_verifier,
-                state,
-            });
-            return ctx.success(c, {
-                client,
-                tokenset,
-            });
-        });
-    };
-};

package/dist/src/auth/adapter/oidc.d.ts

@@ -1,19 +0,0 @@
-import { BaseClient, Issuer, TokenSet } from "openid-client";
-export interface OidcBasicConfig {
-    /**
-     * The clientID provided by the third party oauth service
-     */
-    clientID: string;
-    /**
-     * Determines whether users will be prompted for reauthentication and consent
-     */
-    prompt?: string;
-}
-export interface OidcConfig extends OidcBasicConfig {
-    issuer: Issuer;
-    scope: string;
-}
-export declare const OidcAdapter: (config: OidcConfig) => (routes: import("./adapter.js").AdapterRoute, ctx: import("./adapter.js").AdapterOptions<{
-    tokenset: TokenSet;
-    client: BaseClient;
-}>) => Promise<void>;

package/dist/src/auth/adapter/oidc.js

@@ -1,45 +0,0 @@
-import { generators } from "openid-client";
-import { getCookie } from "hono/cookie";
-export const OidcAdapter = /* @__PURE__ */ (config) => {
-    return async function (routes, ctx) {
-        routes.get("/authorize", async (c) => {
-            const callback = c.req.url.replace(/authorize\/.*$/, "callback");
-            const client = new config.issuer.Client({
-                client_id: config.clientID,
-                redirect_uris: [callback],
-                response_types: ["id_token"],
-            });
-            const nonce = generators.nonce();
-            const state = generators.state();
-            const url = client.authorizationUrl({
-                scope: config.scope,
-                response_mode: "form_post",
-                nonce,
-                state,
-                prompt: config.prompt,
-            });
-            ctx.cookie(c, "auth_nonce", nonce, 60 * 10);
-            ctx.cookie(c, "auth_state", state, 60 * 10);
-            return c.redirect(url);
-        });
-        routes.post("/callback", async (c) => {
-            const callback = c.req.url.replace(/authorize\/.*$/, "callback");
-            const client = new config.issuer.Client({
-                client_id: config.clientID,
-                redirect_uris: [callback],
-                response_types: ["id_token"],
-            });
-            const form = await c.req.formData();
-            const nonce = getCookie(c, "auth_nonce");
-            const state = getCookie(c, "auth_state");
-            const tokenset = await client.callback(callback, Object.fromEntries(form), {
-                nonce,
-                state,
-            });
-            return ctx.success(c, {
-                tokenset,
-                client,
-            });
-        });
-    };
-};

package/dist/src/auth/adapter/spotify.d.ts

@@ -1,12 +0,0 @@
-import { OauthBasicConfig } from "./oauth.js";
-/**
- * The Spotify Adapter follows the PKCE flow outlined here:
- * https://developer.spotify.com/documentation/web-api/tutorials/code-pkce-flow
- *
- * List of scopes available:
- * https://developer.spotify.com/documentation/web-api/concepts/scopes
- */
-export declare const SpotifyAdapter: (config: OauthBasicConfig) => (routes: import("./adapter.js").AdapterRoute, ctx: import("./adapter.js").AdapterOptions<{
-    tokenset: import("openid-client").TokenSet;
-    client: import("openid-client").BaseClient;
-}>) => Promise<void>;

package/dist/src/auth/adapter/spotify.js

@@ -1,22 +0,0 @@
-import { Issuer } from "openid-client";
-import { OauthAdapter } from "./oauth.js";
-const issuer = new Issuer({
-    issuer: "https://accounts.spotify.com",
-    authorization_endpoint: "https://accounts.spotify.com/authorize",
-    token_endpoint: "https://accounts.spotify.com/api/token",
-});
-/**
- * The Spotify Adapter follows the PKCE flow outlined here:
- * https://developer.spotify.com/documentation/web-api/tutorials/code-pkce-flow
- *
- * List of scopes available:
- * https://developer.spotify.com/documentation/web-api/concepts/scopes
- */
-export const SpotifyAdapter = 
-/* @__PURE__ */
-(config) => {
-    return OauthAdapter({
-        issuer,
-        ...config,
-    });
-};

package/dist/src/auth/example/bun.d.ts

@@ -1,2 +0,0 @@
-declare const _default: import("hono/tiny").Hono<import("hono").Env, import("hono/types").BlankSchema, "/">;
-export default _default;

package/dist/src/auth/example/bun.js

@@ -1,46 +0,0 @@
-import { AuthHandler } from "../handler.js";
-import { LinkAdapter } from "../adapter/link.js";
-import { createSessionBuilder } from "../session.js";
-import { CodeAdapter } from "../adapter/index.js";
-const sessions = createSessionBuilder();
-export default AuthHandler({
-    providers: {
-        link: LinkAdapter({
-            async onLink(link, claims) {
-                return new Response(link, {
-                    status: 200,
-                    headers: { "Content-Type": "text/plain" },
-                });
-            },
-        }),
-        code: CodeAdapter({
-            onCodeRequest: async (code, claims) => {
-                return new Response("Your code is " + code, {
-                    status: 200,
-                    headers: { "Content-Type": "text/plain" },
-                });
-            },
-            onCodeInvalid: async (code, claims) => {
-                return new Response("Code is invalid " + code, {
-                    status: 200,
-                    headers: { "Content-Type": "text/plain" },
-                });
-            },
-        }),
-    },
-    callbacks: {
-        auth: {
-            async allowClient(input) {
-                return true;
-            },
-            async success(ctx, input) {
-                return ctx.session({
-                    type: "user",
-                    properties: {
-                        email: input.claims.email,
-                    },
-                });
-            },
-        },
-    },
-});

package/dist/src/auth/handler.d.ts

@@ -1,58 +0,0 @@
-/// <reference types="node" resolution-mode="require"/>
-import { Adapter } from "./adapter/adapter.js";
-import { JWTPayload } from "jose";
-import { SessionBuilder } from "./session.js";
-import { Hono } from "hono/tiny";
-interface OnSuccessResponder<T extends {
-    type: any;
-    properties: any;
-}> {
-    session(input: T & JWTPayload): Promise<Response>;
-}
-export declare class UnknownProviderError extends Error {
-    provider?: string | undefined;
-    constructor(provider?: string | undefined);
-}
-export declare class MissingParameterError extends Error {
-    parameter: string;
-    constructor(parameter: string);
-}
-export declare class UnknownStateError extends Error {
-    constructor();
-}
-export declare class UnauthorizedClientError extends Error {
-    client: string;
-    redirect_uri: string;
-    constructor(client: string, redirect_uri: string);
-}
-export declare class InvalidSessionError extends Error {
-    constructor();
-}
-export type Prettify<T> = {
-    [K in keyof T]: T[K];
-} & {};
-export declare const aws: <E extends import("hono").Env = import("hono").Env, S extends import("hono").Schema = {}, BasePath extends string = "/">(app: import("hono").Hono<E, S, BasePath>) => (event: import("hono/aws-lambda").LambdaEvent, lambdaContext?: import("hono/aws-lambda").LambdaContext | undefined) => Promise<import("hono/aws-lambda").APIGatewayProxyResult>;
-export declare function AuthHandler<Providers extends Record<string, Adapter<any>>, Sessions extends SessionBuilder = SessionBuilder, Result = {
-    [key in keyof Providers]: Prettify<{
-        provider: key;
-    } & (Providers[key] extends Adapter<infer T> ? T : {})>;
-}[keyof Providers]>(input: {
-    session?: Sessions;
-    providers: Providers;
-    callbacks: {
-        index?(req: Request): Promise<Response>;
-        error?(error: UnknownStateError, req: Request): Promise<Response | undefined>;
-        auth: {
-            error?(error: MissingParameterError | UnauthorizedClientError | UnknownProviderError, req: Request): Promise<Response>;
-            start?(event: Request): Promise<void>;
-            allowClient(clientID: string, redirect: string, req: Request): Promise<boolean>;
-            success(response: OnSuccessResponder<Sessions["$typeValues"]>, input: Result, req: Request): Promise<Response>;
-        };
-        connect?: {
-            error?(error: InvalidSessionError | UnknownProviderError, req: Request): Promise<Response | undefined>;
-            start?(session: Sessions["$typeValues"], req: Request): Promise<void>;
-            success?(session: Sessions["$typeValues"], input: {}): Promise<Response>;
-        };
-    };
-}): Hono<import("hono").Env, import("hono/types").BlankSchema, "/">;
-export {};