add meta and apple

src/providers/apple.ts

@@ -0,0 +1,64 @@
+import type { TOAuth2Provider } from '..'
+import { env } from '../utils'
+
+/**
+ * @see https://developer.apple.com/documentation/devicemanagement/implementing-the-oauth2-authentication-user-enrollment-flow
+ * @see https://account.apple.com/.well-known/openid-configuration
+ */
+type TAppleParams = {
+	/**
+	 * A string that must be apple-oauth2, defining the authentication protocol.
+	 */
+	method?: string
+	/**
+	 * The OAuth2 protocol authorization endpoint URL, for the initial ASWebAuthenticationSession HTTP request. The URL scheme must be https.
+	 */
+	authorizationUrl?: string
+	/**
+	 * The OAuth2 protocol token endpoint URL, for the token request. The URL scheme must be https.
+	 */
+	tokenUrl?: string
+}
+
+export function apple({
+	method,
+	authorizationUrl,
+	tokenUrl
+}: TAppleParams = {}): TOAuth2Provider {
+	const authParams: TAppleParams = {}
+
+	if (typeof method === 'string') {
+		authParams.method = method
+	}
+
+	if (typeof authorizationUrl === 'string') {
+		if (!authorizationUrl.startsWith('https://')) {
+			throw new Error('authorizationUrl must start with https://')
+		}
+		authParams.authorizationUrl = authorizationUrl
+	}
+
+	if (typeof tokenUrl === 'string') {
+		if (!tokenUrl.startsWith('https://')) {
+			throw new Error('tokenUrl must start with https://')
+		}
+		authParams.tokenUrl = tokenUrl
+	}
+
+	const provider: TOAuth2Provider = {
+		clientId: env('APPLE_OAUTH_CLIENT_ID'),
+		clientSecret: env('APPLE_OAUTH_CLIENT_SECRET'),
+
+		auth: {
+			url: 'https://appleid.apple.com/auth/authorize',
+			params: authParams
+		},
+
+		token: {
+			url: 'https://appleid.apple.com/auth/token',
+			params: {}
+		}
+	}
+
+	return provider
+}

src/providers/index.ts

@@ -1,7 +1,9 @@
+export * from './apple'
 export * from './azure'
 export * from './github'
 export * from './discord'
 export * from './spotify'
+export * from './meta'
 export * from './reddit'
 export * from './google'
-export * from './twitch'
+export * from './twitch'

src/providers/meta.ts

@@ -0,0 +1,67 @@
+import type { TOAuth2Provider } from '..'
+import { env } from '../utils'
+
+/**
+ * @see https://developers.facebook.com/docs/facebook-login/guides/advanced/oidc-token
+ * @see https://www.facebook.com/.well-known/openid-configuration/
+ */
+type TMetaParams<CodeChallengeMethod extends string> = {
+	/**
+	 * Indicates the type of response to be returned. To use the Authorization Code flow, response_type must be set to code.
+	 */
+	response_type?: string
+	/**
+	 * Value generated by the developer to confirm that they originated the request. This value is required to use the PKCE protocol.
+	 */
+	code_challenge?: string
+	/**
+	 * Indicates how the application calculated the code_challenge, defaulting to plain if not included. Values include S256 and plain.
+	 */
+	code_challenge_method?: 'plain' | 'S256' | CodeChallengeMethod
+	/**
+	 * A randomly generated string to further verify the Authentication Token.
+	 */
+	nonce?: string
+}
+
+export function meta<CodeChallengeMethod extends string>({
+	response_type,
+	code_challenge,
+	code_challenge_method,
+	nonce
+}: TMetaParams<CodeChallengeMethod> = {}): TOAuth2Provider {
+	const authParams: TMetaParams<CodeChallengeMethod> = {}
+
+	if (typeof response_type === 'string') {
+		authParams.response_type = response_type
+	}
+
+	if (typeof code_challenge === 'string') {
+		authParams.code_challenge = code_challenge
+	}
+
+	if (typeof code_challenge_method === 'string') {
+		authParams.code_challenge_method = code_challenge_method
+	}
+
+	if (typeof nonce === 'string') {
+		authParams.nonce = nonce
+	}
+
+	const provider: TOAuth2Provider = {
+		clientId: env('META_OAUTH_CLIENT_ID'),
+		clientSecret: env('META_OAUTH_CLIENT_SECRET'),
+
+		auth: {
+			url: 'https://www.facebook.com/v22.0/dialog/oauth',
+			params: authParams
+		},
+
+		token: {
+			url: 'https://graph.facebook.com/v22.0/oauth/access_token',
+			params: {}
+		}
+	}
+
+	return provider
+}