UNPKG

authrix

Version:

Lightweight, flexible authentication library for Node.js and TypeScript.

github.com/Grenish/authrix

Grenish/authrix

2 lines • 5.05 kB

JavaScript

'use strict';var a={AUTH:"https://www.linkedin.com/oauth/v2/authorization",TOKEN:"https://www.linkedin.com/oauth/v2/accessToken",USER_INFO:"https://api.linkedin.com/v2/userinfo",INTROSPECT:"https://www.linkedin.com/oauth/v2/introspectToken",REVOKE:"https://www.linkedin.com/oauth/v2/revoke"},p=["openid","profile","email"],d=null;function c(){if(d)return d;let t=process.env.LINKEDIN_CLIENT_ID,e=process.env.LINKEDIN_CLIENT_SECRET,n=process.env.LINKEDIN_REDIRECT_URI||process.env.LINKEDIN_OAUTH_REDIRECT_URI;if(!t||!e||!n){let r=[];throw t||r.push("LINKEDIN_CLIENT_ID"),e||r.push("LINKEDIN_CLIENT_SECRET"),n||r.push("LINKEDIN_REDIRECT_URI"),new Error(`Missing LinkedIn OAuth environment variables: ${r.join(", ")}. These are required when using LinkedIn OAuth functionality. Visit https://www.linkedin.com/developers/apps to obtain these values.`)}return d={clientId:t,clientSecret:e,redirectUri:n},d}function f(t){try{let[,e]=t.split(".");if(!e)return null;let n=e+"=".repeat((4-e.length%4)%4),r=atob(n.replace(/-/g,"+").replace(/_/g,"/"));return JSON.parse(r)}catch{return null}}function k(t={}){let e=c(),n=new URLSearchParams({response_type:"code",client_id:e.clientId,redirect_uri:t.redirectUri||e.redirectUri,scope:(t.scopes||p).join(" ")});return t.state&&n.set("state",t.state),t.loginHint&&n.set("login_hint",t.loginHint),t.prompt&&n.set("prompt",t.prompt),`${a.AUTH}?${n.toString()}`}async function g(t,e={}){let n=c();try{let r=await fetch(a.TOKEN,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded",Accept:"application/json"},body:new URLSearchParams({grant_type:"authorization_code",code:t,client_id:n.clientId,client_secret:n.clientSecret,redirect_uri:e.redirectUri||n.redirectUri}).toString()});if(!r.ok){let s=await r.text();throw new Error(`Token exchange failed: ${r.status} - ${s}`)}let i=await r.json(),o;if(i.id_token){let s=f(i.id_token);if(!s)throw new Error("Failed to decode ID token");if(s.aud!==n.clientId)throw new Error("Token audience mismatch");if(s.iss!=="https://www.linkedin.com")throw new Error("Invalid token issuer");let l=Math.floor(Date.now()/1e3);if(s.exp<l)throw new Error("ID token has expired");o=s;}if(i.access_token){let s=await fetch(a.USER_INFO,{headers:{Authorization:`Bearer ${i.access_token}`,Accept:"application/json"}});if(s.ok){let l=await s.json();o=i.id_token?{...o,...l}:l;}else if(!i.id_token)throw new Error("Failed to fetch user information from LinkedIn")}else if(!i.id_token)throw new Error("No access token or ID token received from LinkedIn");if(!e.skipEmailVerification&&o.email_verified!==!0)throw new Error("Email address is not verified");let u={id:o.sub,email:o.email,name:o.name,avatar:o.picture,provider:"linkedin",emailVerified:o.email_verified,metadata:{givenName:o.given_name,familyName:o.family_name,locale:o.locale}};return e.includeTokens?{...u,tokens:{access:i.access_token,refresh:i.refresh_token,idToken:i.id_token}}:u}catch(r){throw r instanceof Error?r.message.includes("fetch")?new Error("Network error during LinkedIn authentication. Please try again."):r.message.includes("audience")||r.message.includes("issuer")?new Error("Security validation failed. Please try again."):new Error(`LinkedIn authentication failed: ${r.message}`):new Error("An unexpected error occurred during LinkedIn authentication.")}}async function h(t){try{let e=c();return (await fetch(a.REVOKE,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:new URLSearchParams({token:t,client_id:e.clientId,client_secret:e.clientSecret}).toString()})).ok}catch{return false}}async function I(t){try{let e=c(),n=await fetch(a.INTROSPECT,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded",Accept:"application/json"},body:new URLSearchParams({token:t,client_id:e.clientId,client_secret:e.clientSecret}).toString()});return n.ok?await n.json():null}catch{return null}}async function w(t){try{let e=c(),n=await fetch(a.TOKEN,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded",Accept:"application/json"},body:new URLSearchParams({grant_type:"refresh_token",refresh_token:t,client_id:e.clientId,client_secret:e.clientSecret}).toString()});return n.ok?await n.json():null}catch{return null}}async function m(t){try{let e=f(t);if(!e)return null;let n=c();if(e.aud!==n.clientId||e.iss!=="https://www.linkedin.com")return null;let r=Math.floor(Date.now()/1e3);return e.exp<r?null:e}catch{return null}}function _(t){let e=crypto.getRandomValues(new Uint8Array(32)),n=Array.from(e,r=>r.toString(16).padStart(2,"0")).join("");if(t){let r=JSON.stringify(t),i=btoa(r).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"");return `${n}.${i}`}return n}function E(t){let e=t.split(".");if(e.length===1)return {token:e[0]};try{let n=e[1],r=n+"=".repeat((4-n.length%4)%4),i=atob(r.replace(/-/g,"+").replace(/_/g,"/")),o=JSON.parse(i);return {token:e[0],data:o}}catch{return {token:e[0]}}}function L(){d=null;} exports.a=k;exports.b=g;exports.c=h;exports.d=I;exports.e=w;exports.f=m;exports.g=_;exports.h=E;exports.i=L;