{"version":3,"sources":["../../../src/utilities/authProviders.ts"],"sourcesContent":["import axios from 'axios'\nimport jwt from 'jsonwebtoken'\nimport jwksClient from 'jwks-rsa'\n\nimport { EquippedError } from '../errors'\n\nexport const signinWithGoogle = async (idToken: string) => {\n\tconst authUrl = `https://oauth2.googleapis.com/tokeninfo?id_token=${idToken}`\n\tconst { data } = await axios.get(authUrl).catch((err) => {\n\t\tthrow new EquippedError('Failed to sign in with google', { idToken }, err)\n\t})\n\tdata.first_name = data.given_name\n\tdata.last_name = data.family_name\n\treturn data as {\n\t\temail: string\n\t\temail_verified: 'true' | 'false'\n\t\tfirst_name: string\n\t\tlast_name: string\n\t\tpicture: string\n\t\tsub: string\n\t} & Record<string, any>\n}\n\nexport const signinWithApple = async (idToken: string) => {\n\ttry {\n\t\tconst APPLE_BASE = 'https://appleid.apple.com'\n\t\tconst json = jwt.decode(idToken, { complete: true })\n\t\tif (!json?.header) throw new EquippedError('Missing JWT header', { idToken, json })\n\t\tconst { kid, alg } = json.header\n\t\tconst publicKey = await jwksClient({ jwksUri: `${APPLE_BASE}/auth/keys`, cache: true })\n\t\t\t.getSigningKey(kid)\n\t\t\t.then((key) => key.getPublicKey())\n\t\t\t.catch(() => null)\n\t\tif (!publicKey) throw new EquippedError('no publicKey', { idToken, publicKey, json })\n\t\tconst data = jwt.verify(idToken, publicKey, { algorithms: [alg as any] }) as Record<string, any>\n\t\tif (!data) throw new EquippedError('no data', { idToken, data })\n\t\tif (data.iss !== APPLE_BASE) throw new EquippedError('iss doesnt match', { idToken, data })\n\t\tif (data.exp * 1000 < Date.now()) throw new EquippedError('expired idToken', { idToken, data })\n\t\t// TODO: Find out how to get profile data from api\n\t\treturn data as {\n\t\t\temail?: string\n\t\t\tsub: string\n\t\t\temail_verified?: 'true' | 'false'\n\t\t\tis_private_email?: 'true' | 'false'\n\t\t} & Record<string, any>\n\t} catch (err) {\n\t\tthrow new EquippedError('Failed to sign in with apple', { idToken }, err)\n\t}\n}\n\nexport const signinWithFacebook = async (accessToken: string, fields = [] as string[]) => {\n\tfields = [...new Set([...fields, 'name', 'picture', 'email'])]\n\tconst { data } = await axios\n\t\t.request({\n\t\t\tmethod: 'get',\n\t\t\turl: 'https://graph.facebook.com/v15.0/me',\n\t\t\tparams: {\n\t\t\t\tfields: fields.join(','),\n\t\t\t\taccess_token: accessToken,\n\t\t\t},\n\t\t})\n\t\t.catch((err) => {\n\t\t\tthrow new EquippedError('Failed to sign in with facebook', { accessToken, fields }, err)\n\t\t})\n\tconst isValidData = fields.every((key) => key in data)\n\tif (!isValidData) throw new EquippedError('Incomplete scope for access token', { accessToken, fields, data })\n\tdata.email_verified = 'true'\n\treturn data as {\n\t\tid: string\n\t\temail: string\n\t\temail_verified: 'true' | 'false'\n\t\tname: string\n\t\tpicture: {\n\t\t\tdata: { height: number; is_silhouette: boolean; url: string; width: number }\n\t\t}\n\t} & Record<string, any>\n}\n"],"mappings":"AAAA,OAAOA,MAAW,QAClB,OAAOC,MAAS,eAChB,OAAOC,MAAgB,WAEvB,OAAS,iBAAAC,MAAqB,YAEvB,MAAMC,EAAmB,MAAOC,GAAoB,CAC1D,MAAMC,EAAU,oDAAoDD,CAAO,GACrE,CAAE,KAAAE,CAAK,EAAI,MAAMP,EAAM,IAAIM,CAAO,EAAE,MAAOE,GAAQ,CACxD,MAAM,IAAIL,EAAc,gCAAiC,CAAE,QAAAE,CAAQ,EAAGG,CAAG,CAC1E,CAAC,EACD,OAAAD,EAAK,WAAaA,EAAK,WACvBA,EAAK,UAAYA,EAAK,YACfA,CAQR,EAEaE,EAAkB,MAAOJ,GAAoB,CACzD,GAAI,CACH,MAAMK,EAAa,4BACbC,EAAOV,EAAI,OAAOI,EAAS,CAAE,SAAU,EAAK,CAAC,EACnD,GAAI,CAACM,GAAM,OAAQ,MAAM,IAAIR,EAAc,qBAAsB,CAAE,QAAAE,EAAS,KAAAM,CAAK,CAAC,EAClF,KAAM,CAAE,IAAAC,EAAK,IAAAC,CAAI,EAAIF,EAAK,OACpBG,EAAY,MAAMZ,EAAW,CAAE,QAAS,GAAGQ,CAAU,aAAc,MAAO,EAAK,CAAC,EACpF,cAAcE,CAAG,EACjB,KAAMG,GAAQA,EAAI,aAAa,CAAC,EAChC,MAAM,IAAM,IAAI,EAClB,GAAI,CAACD,EAAW,MAAM,IAAIX,EAAc,eAAgB,CAAE,QAAAE,EAAS,UAAAS,EAAW,KAAAH,CAAK,CAAC,EACpF,MAAMJ,EAAON,EAAI,OAAOI,EAASS,EAAW,CAAE,WAAY,CAACD,CAAU,CAAE,CAAC,EACxE,GAAI,CAACN,EAAM,MAAM,IAAIJ,EAAc,UAAW,CAAE,QAAAE,EAAS,KAAAE,CAAK,CAAC,EAC/D,GAAIA,EAAK,MAAQG,EAAY,MAAM,IAAIP,EAAc,mBAAoB,CAAE,QAAAE,EAAS,KAAAE,CAAK,CAAC,EAC1F,GAAIA,EAAK,IAAM,IAAO,KAAK,IAAI,EAAG,MAAM,IAAIJ,EAAc,kBAAmB,CAAE,QAAAE,EAAS,KAAAE,CAAK,CAAC,EAE9F,OAAOA,CAMR,OAASC,EAAK,CACb,MAAM,IAAIL,EAAc,+BAAgC,CAAE,QAAAE,CAAQ,EAAGG,CAAG,CACzE,CACD,EAEaQ,EAAqB,MAAOC,EAAqBC,EAAS,CAAC,IAAkB,CACzFA,EAAS,CAAC,GAAG,IAAI,IAAI,CAAC,GAAGA,EAAQ,OAAQ,UAAW,OAAO,CAAC,CAAC,EAC7D,KAAM,CAAE,KAAAX,CAAK,EAAI,MAAMP,EACrB,QAAQ,CACR,OAAQ,MACR,IAAK,sCACL,OAAQ,CACP,OAAQkB,EAAO,KAAK,GAAG,EACvB,aAAcD,CACf,CACD,CAAC,EACA,MAAOT,GAAQ,CACf,MAAM,IAAIL,EAAc,kCAAmC,CAAE,YAAAc,EAAa,OAAAC,CAAO,EAAGV,CAAG,CACxF,CAAC,EAEF,GAAI,CADgBU,EAAO,MAAOH,GAAQA,KAAOR,CAAI,EACnC,MAAM,IAAIJ,EAAc,oCAAqC,CAAE,YAAAc,EAAa,OAAAC,EAAQ,KAAAX,CAAK,CAAC,EAC5G,OAAAA,EAAK,eAAiB,OACfA,CASR","names":["axios","jwt","jwksClient","EquippedError","signinWithGoogle","idToken","authUrl","data","err","signinWithApple","APPLE_BASE","json","kid","alg","publicKey","key","signinWithFacebook","accessToken","fields"]}