UNPKG

payload-auth-plugin

Version:
552 lines (532 loc) 14.7 kB
// src/providers/oauth2/apple.ts var authorization_server = { issuer: "https://appleid.apple.com", authorization_endpoint: "https://appleid.apple.com/auth/authorize", token_endpoint: "https://appleid.apple.com/auth/token" }; function AppleOAuth2Provider(config) { const { overrideScope, ...restConfig } = config; return { ...restConfig, id: "apple", scope: overrideScope ?? "name email", authorization_server, name: "Apple", algorithm: "oauth2", params: { ...config.params, response_mode: "form_post" }, kind: "oauth", profile: (profile) => { return { sub: profile.sub, name: profile.name, email: profile.email, picture: profile.picture }; } }; } var apple_default = AppleOAuth2Provider; // src/providers/oauth2/atlassian.ts var algorithm = "oauth2"; var authorization_server2 = { issuer: "https://auth.atlassian.com", authorization_endpoint: "https://auth.atlassian.com/authorize", token_endpoint: "https://auth.atlassian.com/oauth/token", userinfo_endpoint: "https://api.atlassian.com/me" }; function AtlassianAuthProvider(config) { const { overrideScope, ...restConfig } = config; return { ...restConfig, id: "atlassian", authorization_server: authorization_server2, name: "Atlassian", algorithm, scope: overrideScope ?? "read:me read:account", kind: "oauth", profile: (profile) => { return { sub: profile.account_id, name: profile.name, email: profile.email, picture: profile.picture }; } }; } var atlassian_default = AtlassianAuthProvider; // src/providers/oauth2/auth0.ts function Auth0AuthProvider(config) { const { domain, overrideScope, ...restConfig } = config; const authorization_server8 = { issuer: `https://${domain}/`, authorization_endpoint: `https://${domain}/authorize`, token_endpoint: `https://${domain}/oauth/token`, userinfo_endpoint: `https://${domain}/userinfo` }; return { ...restConfig, id: "auth0", scope: overrideScope ?? "openid email profile", authorization_server: authorization_server8, name: "Auth0", algorithm: "oauth2", kind: "oauth", profile: (profile) => { return { sub: profile.sub, name: profile.name, email: profile.email, picture: profile.picture }; } }; } var auth0_default = Auth0AuthProvider; // src/providers/oauth2/discord.ts var authorization_server3 = { issuer: "https://discord.com", authorization_endpoint: "https://discord.com/api/oauth2/authorize", token_endpoint: "https://discord.com/api/oauth2/token", userinfo_endpoint: "https://discord.com/api/users/@me" }; function DiscordAuthProvider(config) { const { overrideScope, ...restConfig } = config; return { ...restConfig, id: "discord", scope: overrideScope ?? "identify email", authorization_server: authorization_server3, name: "Discord", algorithm: "oauth2", kind: "oauth", profile: (profile) => { const format = profile.avatar.toString().startsWith("a_") ? "gif" : "png"; return { sub: profile.id, name: profile.username ?? profile.global_name, email: profile.email, picture: `https://cdn.discordapp.com/avatars/${profile.id}/${profile.avatar}.${format}` }; } }; } var discord_default = DiscordAuthProvider; // src/providers/oauth2/facebook.ts var authorization_server4 = { issuer: "https://www.facebook.com", authorization_endpoint: "https://www.facebook.com/v19.0/dialog/oauth", token_endpoint: "https://graph.facebook.com/oauth/access_token", userinfo_endpoint: "https://graph.facebook.com/me?fields=id,name,email,picture" }; function FacebookAuthProvider(config) { const { overrideScope, ...restConfig } = config; return { ...restConfig, id: "facebook", scope: overrideScope ?? "email", authorization_server: authorization_server4, name: "Facebook", algorithm: "oauth2", kind: "oauth", profile: (profile) => { let picture; if (typeof profile.picture === "object" && profile.picture !== null) { const dataContainer = profile.picture; if ("data" in dataContainer) { picture = dataContainer.data.url; } } return { sub: profile.id, name: profile.name, email: profile.email, picture }; } }; } var facebook_default = FacebookAuthProvider; // src/providers/oauth2/github.ts var authorization_server5 = { issuer: "https://github.com", authorization_endpoint: "https://github.com/login/oauth/authorize", token_endpoint: "https://github.com/login/oauth/access_token", userinfo_endpoint: "https://api.github.com/user" }; function GitHubAuthProvider(config) { const { overrideScope, ...restConfig } = config; return { ...restConfig, id: "github", scope: overrideScope ?? "openid email profile", authorization_server: authorization_server5, name: "GitHub", algorithm: "oauth2", kind: "oauth", profile: (profile) => { return { sub: profile.id, name: profile.name, email: profile.email, picture: profile.picture }; } }; } var github_default = GitHubAuthProvider; // src/providers/oauth2/jumpcloud.ts var authorization_server6 = { issuer: "https://oauth.id.jumpcloud.com/", authorization_endpoint: "https://oauth.id.jumpcloud.com/oauth2/auth", token_endpoint: "https://oauth.id.jumpcloud.com/oauth2/token", userinfo_endpoint: "https://oauth.id.jumpcloud.com/userinfo" }; function JumpCloudAuthProvider(config) { const { overrideScope, ...restConfig } = config; return { ...restConfig, id: "jumpcloud", scope: overrideScope ?? "openid email profile", authorization_server: authorization_server6, name: "Jump Cloud", algorithm: "oauth2", kind: "oauth", profile: (profile) => { return { sub: profile.email, name: profile.name, email: profile.email, picture: profile.picture }; } }; } var jumpcloud_default = JumpCloudAuthProvider; // src/providers/oauth2/twitch.ts var authorization_server7 = { issuer: "https://id.twitch.tv/oauth2", authorization_endpoint: "https://id.twitch.tv/oauth2/authorize", token_endpoint: "https://id.twitch.tv/oauth2/token", userinfo_endpoint: "https://id.twitch.tv/oauth2/userinfo" }; function TwitchAuthProvider(config) { const { overrideScope, ...restConfig } = config; return { ...restConfig, id: "twitch", scope: overrideScope ?? "openid user:read:email", authorization_server: authorization_server7, name: "Twitch", algorithm: "oauth2", kind: "oauth", params: { scope: overrideScope ?? "openid user:read:email", claims: JSON.stringify({ id_token: { email: null, picture: null, preferred_username: null }, userinfo: { email: null, picture: null, preferred_username: null } }) }, profile: (profile) => { return { sub: profile.sub, name: profile.name, email: profile.email, picture: profile.picture }; } }; } var twitch_default = TwitchAuthProvider; // src/providers/oidc/apple.ts function AppleOIDCAuthProvider(config) { const { overrideScope, ...restConfig } = config; return { ...restConfig, id: "apple", scope: overrideScope ?? "openid name email", issuer: "https://appleid.apple.com", name: "Apple", algorithm: "oidc", kind: "oauth", profile: (profile) => { return { sub: profile.sub, name: profile.name, email: profile.email, picture: profile.picture }; } }; } var apple_default2 = AppleOIDCAuthProvider; // src/providers/oidc/cognito.ts function CognitoAuthProvider(config) { const { domain, overrideScope, ...restConfig } = config; return { ...restConfig, id: "cognito", scope: overrideScope ?? "email openid profile", issuer: domain, name: "Congnito", algorithm: "oidc", kind: "oauth", profile: (profile) => { return { sub: profile.sub, name: profile.name, email: profile.email, picture: profile.picture }; } }; } var cognito_default = CognitoAuthProvider; // src/providers/oidc/gitlab.ts function GitLabAuthProvider(config) { const { overrideScope, ...restConfig } = config; return { ...restConfig, id: "gitlab", scope: overrideScope ?? "openid email profile", issuer: "https://gitlab.com", name: "GitLab", algorithm: "oidc", kind: "oauth", profile: (profile) => { return { sub: profile.sub, name: profile.name, email: profile.email, picture: profile.picture }; } }; } var gitlab_default = GitLabAuthProvider; // src/providers/oidc/google.ts function GoogleAuthProvider(config) { const { overrideScope, ...restConfig } = config; return { ...restConfig, id: "google", scope: overrideScope ?? "openid email profile", issuer: "https://accounts.google.com", name: "Google", algorithm: "oidc", kind: "oauth", profile: (profile) => { return { sub: profile.sub, name: profile.name, email: profile.email, picture: profile.picture }; } }; } var google_default = GoogleAuthProvider; // src/providers/oidc/keycloak.ts function KeyCloakAuthProvider(config) { const { realm, domain, identifier, name, overrideScope, ...restConfig } = config; return { ...restConfig, id: identifier, scope: overrideScope ?? "email openid profile", issuer: `https://${domain}/realms/${realm}`, name, algorithm: "oidc", kind: "oauth", profile: (profile) => { return { sub: profile.sub, name: profile.name, email: profile.email, picture: profile.picture }; } }; } var keycloak_default = KeyCloakAuthProvider; // src/providers/oidc/microsoft-entra.ts function MicrosoftEntraAuthProvider(config) { const { overrideScope, ...restConfig } = config; return { ...restConfig, id: "msft-entra", scope: overrideScope ?? "openid profile email offline_access", issuer: `https://${config.tenant_id}.ciamlogin.com/${config.tenant_id}/v2.0`, name: "Microsoft Entra", algorithm: "oidc", kind: "oauth", profile: (profile) => { const email = profile.email; return { sub: profile.sub, name: profile.name, email: email.toLowerCase(), picture: profile.picture }; } }; } var microsoft_entra_default = MicrosoftEntraAuthProvider; // src/providers/oidc/okta.ts function encodeString(s) { let h = 0; const l = s.length; let i = 0; if (l > 0) { while (i < l) { h = (h << 5) - h + s.charCodeAt(i++) | 0; } } return h; } function OktaAuthProvider(config) { const { domain, overrideScope, ...restConfig } = config; const stateCode = encodeString(config.client_id).toString(); return { ...restConfig, id: "okta", scope: overrideScope ?? "email openid profile", issuer: `https://${domain}`, name: "Okta", algorithm: "oidc", kind: "oauth", params: { state: `state-${stateCode}` }, profile: (profile) => { return { sub: profile.sub, name: profile.name, email: profile.email, picture: profile.picture }; } }; } var okta_default = OktaAuthProvider; // src/core/errors/consoleErrors.ts var PluginError = class extends Error { constructor(message, cause) { super(message); this.name = "PAYLOAD_AUTH_PLUGIN_ERROR"; this.message = message; this.cause = cause; this.stack = ""; } }; var InvalidDomain = class extends PluginError { constructor() { super("Invalid domain format"); } }; // src/providers/utils.ts function encodeString2(s) { let h = 0; const l = s.length; let i = 0; if (l > 0) { while (i < l) { h = (h << 5) - h + s.charCodeAt(i++) | 0; } } return h; } // src/providers/oidc/roblox.ts function RobloxAuthProvider(config) { const { overrideScope, ...restConfig } = config; const domainRegex = /^(?!-)(?:[a-zA-Z0-9-]{1,63}\.)+[a-zA-Z]{2,63}$/; const isValidDomain = domainRegex.test(restConfig.emailDomain); if (!isValidDomain) { throw new InvalidDomain(); } const stateCode = encodeString2(config.client_id).toString(); return { ...restConfig, id: "roblox", scope: overrideScope ?? "openid email profile", issuer: "https://apis.roblox.com/oauth/", name: "Roblox", algorithm: "oidc", kind: "oauth", params: { state: `state-${stateCode}` }, profile: (profile) => { return { sub: profile.sub, name: profile.name, email: profile.email, picture: profile.picture }; } }; } var roblox_default = RobloxAuthProvider; // src/providers/oidc/slack.ts function SlackAuthProvider(config) { const { overrideScope, ...restConfig } = config; return { ...restConfig, id: "slack", scope: overrideScope ?? "openid email profile", issuer: "https://slack.com", name: "Slack", algorithm: "oidc", kind: "oauth", profile: (profile) => { return { sub: profile.sub, name: profile.name, email: profile.email, picture: profile.picture }; } }; } var slack_default = SlackAuthProvider; // src/providers/passkey.ts function PasskeyAuthProvider() { return { id: "passkey", kind: "passkey" }; } var passkey_default = PasskeyAuthProvider; // src/providers/password.ts function PasswordProvider(options) { return { id: "password", kind: "password", ...options }; } var password_default = PasswordProvider; export { apple_default as AppleOAuth2Provider, apple_default2 as AppleOIDCAuthProvider, atlassian_default as AtlassianAuthProvider, auth0_default as Auth0AuthProvider, cognito_default as CognitoAuthProvider, discord_default as DiscordAuthProvider, facebook_default as FacebookAuthProvider, github_default as GitHubAuthProvider, gitlab_default as GitLabAuthProvider, google_default as GoogleAuthProvider, jumpcloud_default as JumpCloudAuthProvider, keycloak_default as KeyCloakAuthProvider, microsoft_entra_default as MicrosoftEntraAuthProvider, okta_default as OktaAuthProvider, passkey_default as PasskeyAuthProvider, password_default as PasswordProvider, roblox_default as RobloxAuthProvider, slack_default as SlackAuthProvider, twitch_default as TwitchAuthProvider }; //# sourceMappingURL=index.js.map