remix-auth-github
Version:
A strategy to implement login with GitHub in Remix Auth.
86 lines (85 loc) • 4.37 kB
TypeScript
import { type SetCookieInit } from "@mjackson/headers";
import { GitHub, OAuth2RequestError, type OAuth2Tokens, UnexpectedErrorResponseBodyError, UnexpectedResponseError } from "arctic";
import { Strategy } from "remix-auth/strategy";
type URLConstructor = ConstructorParameters<typeof URL>[0];
export { OAuth2RequestError, UnexpectedResponseError, UnexpectedErrorResponseBodyError, };
export declare class GitHubStrategy<User> extends Strategy<User, GitHubStrategy.VerifyOptions> {
protected options: GitHubStrategy.ConstructorOptions;
name: string;
protected client: GitHub;
constructor(options: GitHubStrategy.ConstructorOptions, verify: Strategy.VerifyFunction<User, GitHubStrategy.VerifyOptions>);
private get cookieName();
private get cookieOptions();
authenticate(request: Request): Promise<User>;
/**
* Return extra parameters to be included in the authorization request.
*
* Some OAuth 2.0 providers allow additional, non-standard parameters to be
* included when requesting authorization. Since these parameters are not
* standardized by the OAuth 2.0 specification, OAuth 2.0-based authentication
* strategies can override this function in order to populate these
* parameters as required by the provider.
*/
protected authorizationParams(params: URLSearchParams, request: Request): URLSearchParams;
/**
* Get a new OAuth2 Tokens object using the refresh token once the previous
* access token has expired.
* @param refreshToken The refresh token to use to get a new access token
* @returns The new OAuth2 tokens object
* @example
* ```ts
* let tokens = await strategy.refreshToken(refreshToken);
* console.log(tokens.accessToken());
* ```
*/
refreshToken(refreshToken: string): Promise<OAuth2Tokens>;
}
export declare namespace GitHubStrategy {
interface VerifyOptions {
/** The request that triggered the verification flow */
request: Request;
/** The OAuth2 tokens retrivied from the identity provider */
tokens: OAuth2Tokens;
}
interface ConstructorOptions {
/**
* The name of the cookie used to keep state and code verifier around.
*
* The OAuth2 flow requires generating a random state and code verifier, and
* then checking that the state matches when the user is redirected back to
* the application. This is done to prevent CSRF attacks.
*
* The state and code verifier are stored in a cookie, and this option
* allows you to customize the name of that cookie if needed.
* @default "github"
*/
cookie?: string | (Omit<SetCookieInit, "value"> & {
name: string;
});
/**
* This is the Client ID of your application, provided to you by the Identity
* Provider you're using to authenticate users.
*/
clientId: string;
/**
* This is the Client Secret of your application, provided to you by the
* Identity Provider you're using to authenticate users.
*/
clientSecret: string;
/**
* The URL of your application where the Identity Provider will redirect the
* user after they've logged in or authorized your application.
*/
redirectURI: URLConstructor;
/**
* The scopes you want to request from the Identity Provider, this is a list
* of strings that represent the permissions you want to request from the
* user.
*/
scopes?: Scope[];
}
/**
* @see https://docs.github.com/en/developers/apps/building-oauth-apps/scopes-for-oauth-apps#available-scopes
*/
type Scope = "repo" | "repo:status" | "repo_deployment" | "public_repo" | "repo:invite" | "security_events" | "admin:repo_hook" | "write:repo_hook" | "read:repo_hook" | "admin:org" | "write:org" | "read:org" | "admin:public_key" | "write:public_key" | "read:public_key" | "admin:org_hook" | "gist" | "notifications" | "user" | "read:user" | "user:email" | "user:follow" | "project" | "read:project" | "delete_repo" | "write:packages" | "read:packages" | "delete:packages" | "write:discussion" | "read:discussion" | "admin:gpg_key" | "write:gpg_key" | "read:gpg_key" | "codespace" | "workflow";
}