// pkg/dist-src/index.js import { getUserAgent } from "universal-user-agent"; import { request as octokitRequest } from "@octokit/request"; // pkg/dist-src/version.js var VERSION = "0.0.0-development"; // pkg/dist-src/get-authentication.js import { createOAuthDeviceAuth } from "@octokit/auth-oauth-device"; import { exchangeWebFlowCode } from "@octokit/oauth-methods"; async function getAuthentication(state) { if ("code" in state.strategyOptions) { const { authentication } = await exchangeWebFlowCode({ clientId: state.clientId, clientSecret: state.clientSecret, clientType: state.clientType, onTokenCreated: state.onTokenCreated, ...state.strategyOptions, request: state.request }); return { type: "token", tokenType: "oauth", ...authentication }; } if ("onVerification" in state.strategyOptions) { const deviceAuth = createOAuthDeviceAuth({ clientType: state.clientType, clientId: state.clientId, onTokenCreated: state.onTokenCreated, ...state.strategyOptions, request: state.request }); const authentication = await deviceAuth({ type: "oauth" }); return { clientSecret: state.clientSecret, ...authentication }; } if ("token" in state.strategyOptions) { return { type: "token", tokenType: "oauth", clientId: state.clientId, clientSecret: state.clientSecret, clientType: state.clientType, onTokenCreated: state.onTokenCreated, ...state.strategyOptions }; } throw new Error("[@octokit/auth-oauth-user] Invalid strategy options"); } // pkg/dist-src/auth.js import { checkToken, deleteAuthorization, deleteToken, refreshToken, resetToken } from "@octokit/oauth-methods"; async function auth(state, options = {}) { if (!state.authentication) { state.authentication = state.clientType === "oauth-app" ? await getAuthentication(state) : await getAuthentication(state); } if (state.authentication.invalid) { throw new Error("[@octokit/auth-oauth-user] Token is invalid"); } const currentAuthentication = state.authentication; if ("expiresAt" in currentAuthentication) { if (options.type === "refresh" || new Date(currentAuthentication.expiresAt) < /* @__PURE__ */ new Date()) { const { authentication } = await refreshToken({ clientType: "github-app", clientId: state.clientId, clientSecret: state.clientSecret, refreshToken: currentAuthentication.refreshToken, request: state.request }); state.authentication = { tokenType: "oauth", type: "token", ...authentication }; } } if (options.type === "refresh") { if (state.clientType === "oauth-app") { throw new Error( "[@octokit/auth-oauth-user] OAuth Apps do not support expiring tokens" ); } if (!currentAuthentication.hasOwnProperty("expiresAt")) { throw new Error("[@octokit/auth-oauth-user] Refresh token missing"); } await state.onTokenCreated?.(state.authentication, { type: options.type }); } if (options.type === "check" || options.type === "reset") { const method = options.type === "check" ? checkToken : resetToken; try { const { authentication } = await method({ // @ts-expect-error making TS happy would require unnecessary code so no clientType: state.clientType, clientId: state.clientId, clientSecret: state.clientSecret, token: state.authentication.token, request: state.request }); state.authentication = { tokenType: "oauth", type: "token", // @ts-expect-error TBD ...authentication }; if (options.type === "reset") { await state.onTokenCreated?.(state.authentication, { type: options.type }); } return state.authentication; } catch (error) { if (error.status === 404) { error.message = "[@octokit/auth-oauth-user] Token is invalid"; state.authentication.invalid = true; } throw error; } } if (options.type === "delete" || options.type === "deleteAuthorization") { const method = options.type === "delete" ? deleteToken : deleteAuthorization; try { await method({ // @ts-expect-error making TS happy would require unnecessary code so no clientType: state.clientType, clientId: state.clientId, clientSecret: state.clientSecret, token: state.authentication.token, request: state.request }); } catch (error) { if (error.status !== 404) throw error; } state.authentication.invalid = true; return state.authentication; } return state.authentication; } // pkg/dist-src/requires-basic-auth.js var ROUTES_REQUIRING_BASIC_AUTH = /\/applications\/[^/]+\/(token|grant)s?/; function requiresBasicAuth(url) { return url && ROUTES_REQUIRING_BASIC_AUTH.test(url); } // pkg/dist-src/hook.js async function hook(state, request, route, parameters = {}) { const endpoint = request.endpoint.merge( route, parameters ); if (/\/login\/(oauth\/access_token|device\/code)$/.test(endpoint.url)) { return request(endpoint); } if (requiresBasicAuth(endpoint.url)) { const credentials = btoa(`${state.clientId}:${state.clientSecret}`); endpoint.headers.authorization = `basic ${credentials}`; return request(endpoint); } const { token } = state.clientType === "oauth-app" ? await auth({ ...state, request }) : await auth({ ...state, request }); endpoint.headers.authorization = "token " + token; return request(endpoint); } // pkg/dist-src/index.js function createOAuthUserAuth({ clientId, clientSecret, clientType = "oauth-app", request = octokitRequest.defaults({ headers: { "user-agent": `octokit-auth-oauth-app.js/${VERSION} ${getUserAgent()}` } }), onTokenCreated, ...strategyOptions }) { const state = Object.assign({ clientType, clientId, clientSecret, onTokenCreated, strategyOptions, request }); return Object.assign(auth.bind(null, state), { // @ts-expect-error not worth the extra code needed to appease TS hook: hook.bind(null, state) }); } createOAuthUserAuth.VERSION = VERSION; export { createOAuthUserAuth, requiresBasicAuth };