{"version":3,"sources":["../../../src/utilities/authProviders.ts","/home/runner/work/equipped/equipped/dist/cjs/utilities/authProviders.cjs"],"names":[],"mappings":"AAAA,yvBAAkB;AAClB,wGAAgB;AAChB,qFAAuB;AAEvB,+CAA8B;AAEvB,MAAM,iBAAA,EAAmB,MAAA,CAAO,OAAA,EAAA,GAAoB;AAC1D,EAAA,MAAM,QAAA,EAAU,CAAA,iDAAA,EAAoD,OAAO,CAAA,CAAA;AAClB,EAAA;AACiB,IAAA;AACzE,EAAA;AACsB,EAAA;AACD,EAAA;AACf,EAAA;AAQR;AAE0D;AACrD,EAAA;AACgB,IAAA;AACgC,IAAA;AACgB,IAAA;AACzC,IAAA;AAC+C,IAAA;AAIN,IAAA;AACK,IAAA;AACT,IAAA;AACU,IAAA;AACf,IAAA;AAEnD,IAAA;AAMM,EAAA;AAC2D,IAAA;AACzE,EAAA;AACD;AAE0F;AAC7B,EAAA;AAElD,EAAA;AACA,IAAA;AACH,IAAA;AACG,IAAA;AACgB,MAAA;AACT,MAAA;AACf,IAAA;AAEe,EAAA;AAC2D,IAAA;AAC1E,EAAA;AACmD,EAAA;AACX,EAAA;AACpB,EAAA;AACf,EAAA;AASR;AC7B8E;AACA;AACA;AACA;AACA","file":"/home/runner/work/equipped/equipped/dist/cjs/utilities/authProviders.cjs","sourcesContent":["import axios from 'axios'\nimport jwt from 'jsonwebtoken'\nimport jwksClient from 'jwks-rsa'\n\nimport { EquippedError } from '../errors'\n\nexport const signinWithGoogle = async (idToken: string) => {\n\tconst authUrl = `https://oauth2.googleapis.com/tokeninfo?id_token=${idToken}`\n\tconst { data } = await axios.get(authUrl).catch((err) => {\n\t\tthrow new EquippedError('Failed to sign in with google', { idToken }, err)\n\t})\n\tdata.first_name = data.given_name\n\tdata.last_name = data.family_name\n\treturn data as {\n\t\temail: string\n\t\temail_verified: 'true' | 'false'\n\t\tfirst_name: string\n\t\tlast_name: string\n\t\tpicture: string\n\t\tsub: string\n\t} & Record<string, any>\n}\n\nexport const signinWithApple = async (idToken: string) => {\n\ttry {\n\t\tconst APPLE_BASE = 'https://appleid.apple.com'\n\t\tconst json = jwt.decode(idToken, { complete: true })\n\t\tif (!json?.header) throw new EquippedError('Missing JWT header', { idToken, json })\n\t\tconst { kid, alg } = json.header\n\t\tconst publicKey = await jwksClient({ jwksUri: `${APPLE_BASE}/auth/keys`, cache: true })\n\t\t\t.getSigningKey(kid)\n\t\t\t.then((key) => key.getPublicKey())\n\t\t\t.catch(() => null)\n\t\tif (!publicKey) throw new EquippedError('no publicKey', { idToken, publicKey, json })\n\t\tconst data = jwt.verify(idToken, publicKey, { algorithms: [alg as any] }) as Record<string, any>\n\t\tif (!data) throw new EquippedError('no data', { idToken, data })\n\t\tif (data.iss !== APPLE_BASE) throw new EquippedError('iss doesnt match', { idToken, data })\n\t\tif (data.exp * 1000 < Date.now()) throw new EquippedError('expired idToken', { idToken, data })\n\t\t// TODO: Find out how to get profile data from api\n\t\treturn data as {\n\t\t\temail?: string\n\t\t\tsub: string\n\t\t\temail_verified?: 'true' | 'false'\n\t\t\tis_private_email?: 'true' | 'false'\n\t\t} & Record<string, any>\n\t} catch (err) {\n\t\tthrow new EquippedError('Failed to sign in with apple', { idToken }, err)\n\t}\n}\n\nexport const signinWithFacebook = async (accessToken: string, fields = [] as string[]) => {\n\tfields = [...new Set([...fields, 'name', 'picture', 'email'])]\n\tconst { data } = await axios\n\t\t.request({\n\t\t\tmethod: 'get',\n\t\t\turl: 'https://graph.facebook.com/v15.0/me',\n\t\t\tparams: {\n\t\t\t\tfields: fields.join(','),\n\t\t\t\taccess_token: accessToken,\n\t\t\t},\n\t\t})\n\t\t.catch((err) => {\n\t\t\tthrow new EquippedError('Failed to sign in with facebook', { accessToken, fields }, err)\n\t\t})\n\tconst isValidData = fields.every((key) => key in data)\n\tif (!isValidData) throw new EquippedError('Incomplete scope for access token', { accessToken, fields, data })\n\tdata.email_verified = 'true'\n\treturn data as {\n\t\tid: string\n\t\temail: string\n\t\temail_verified: 'true' | 'false'\n\t\tname: string\n\t\tpicture: {\n\t\t\tdata: { height: number; is_silhouette: boolean; url: string; width: number }\n\t\t}\n\t} & Record<string, any>\n}\n",null]}