diff --git a/src/providers/apple.ts b/src/providers/apple.ts new file mode 100644 index 0000000..25f4719 --- /dev/null +++ b/src/providers/apple.ts @@ -0,0 +1,64 @@ +import type { TOAuth2Provider } from '..' +import { env } from '../utils' + +/** + * @see https://developer.apple.com/documentation/devicemanagement/implementing-the-oauth2-authentication-user-enrollment-flow + * @see https://account.apple.com/.well-known/openid-configuration + */ +type TAppleParams = { + /** + * A string that must be apple-oauth2, defining the authentication protocol. + */ + method?: string + /** + * The OAuth2 protocol authorization endpoint URL, for the initial ASWebAuthenticationSession HTTP request. The URL scheme must be https. + */ + authorizationUrl?: string + /** + * The OAuth2 protocol token endpoint URL, for the token request. The URL scheme must be https. + */ + tokenUrl?: string +} + +export function apple({ + method, + authorizationUrl, + tokenUrl +}: TAppleParams = {}): TOAuth2Provider { + const authParams: TAppleParams = {} + + if (typeof method === 'string') { + authParams.method = method + } + + if (typeof authorizationUrl === 'string') { + if (!authorizationUrl.startsWith('https://')) { + throw new Error('authorizationUrl must start with https://') + } + authParams.authorizationUrl = authorizationUrl + } + + if (typeof tokenUrl === 'string') { + if (!tokenUrl.startsWith('https://')) { + throw new Error('tokenUrl must start with https://') + } + authParams.tokenUrl = tokenUrl + } + + const provider: TOAuth2Provider = { + clientId: env('APPLE_OAUTH_CLIENT_ID'), + clientSecret: env('APPLE_OAUTH_CLIENT_SECRET'), + + auth: { + url: 'https://appleid.apple.com/auth/authorize', + params: authParams + }, + + token: { + url: 'https://appleid.apple.com/auth/token', + params: {} + } + } + + return provider +} diff --git a/src/providers/index.ts b/src/providers/index.ts index fe57dd4..ea902e0 100644 --- a/src/providers/index.ts +++ b/src/providers/index.ts @@ -1,7 +1,9 @@ +export * from './apple' export * from './azure' export * from './github' export * from './discord' export * from './spotify' +export * from './meta' export * from './reddit' export * from './google' -export * from './twitch' +export * from './twitch' \ No newline at end of file diff --git a/src/providers/meta.ts b/src/providers/meta.ts new file mode 100644 index 0000000..2d9f0d0 --- /dev/null +++ b/src/providers/meta.ts @@ -0,0 +1,67 @@ +import type { TOAuth2Provider } from '..' +import { env } from '../utils' + +/** + * @see https://developers.facebook.com/docs/facebook-login/guides/advanced/oidc-token + * @see https://www.facebook.com/.well-known/openid-configuration/ + */ +type TMetaParams = { + /** + * Indicates the type of response to be returned. To use the Authorization Code flow, response_type must be set to code. + */ + response_type?: string + /** + * Value generated by the developer to confirm that they originated the request. This value is required to use the PKCE protocol. + */ + code_challenge?: string + /** + * Indicates how the application calculated the code_challenge, defaulting to plain if not included. Values include S256 and plain. + */ + code_challenge_method?: 'plain' | 'S256' | CodeChallengeMethod + /** + * A randomly generated string to further verify the Authentication Token. + */ + nonce?: string +} + +export function meta({ + response_type, + code_challenge, + code_challenge_method, + nonce +}: TMetaParams = {}): TOAuth2Provider { + const authParams: TMetaParams = {} + + if (typeof response_type === 'string') { + authParams.response_type = response_type + } + + if (typeof code_challenge === 'string') { + authParams.code_challenge = code_challenge + } + + if (typeof code_challenge_method === 'string') { + authParams.code_challenge_method = code_challenge_method + } + + if (typeof nonce === 'string') { + authParams.nonce = nonce + } + + const provider: TOAuth2Provider = { + clientId: env('META_OAUTH_CLIENT_ID'), + clientSecret: env('META_OAUTH_CLIENT_SECRET'), + + auth: { + url: 'https://www.facebook.com/v22.0/dialog/oauth', + params: authParams + }, + + token: { + url: 'https://graph.facebook.com/v22.0/oauth/access_token', + params: {} + } + } + + return provider +}