Export src/utils

[Uninen]

Is your feature request related to a problem? Please describe.

I'm trying to build a custom oauth scheme based on the provided oauth scheme but none of the utils imports are available in the dist build.

Namely, in src/schemes/oauth2.ts:

import {
  encodeQuery,
  getProp,
  normalizePath,
  parseQuery,
  removeTokenPrefix,
  urlJoin,
  randomString
} from '../utils'

Describe the solution you'd like to see

Export all src/utils to end users.

Describe alternatives you've considered

One could always implement these themselves but it's kind of pointless, right?

[Uninen]

As a workaround, I ended up copying the code into my project for the time being. In case someone is interested in implementing a custom oauth2 scheme, here's my working code that integrates MongoDB Realm Google auth with Nuxt Auth:

It

• extends the Oauth2Scheme
• reimplements _handleCallback method which requires a ton of copy-paste and few util functions that have to be implemented as well because they aren't currently exported (hence this ticket)
• adds a few lines to the end of the method to instantiate a Mongo Realm app and log the user in using the same data

It's not pretty but it works. (I didn't bother to fix any of the TS issues, wanted to keep the code as close to the original as possible.) It would be nice if there were an easier way to hook into the oauth2 login flow in a way that one could get the URL params after the initial oauth redirect but before the final redirect, for example in a plugin or router, that would be much nicer. Duplicating this much code is just not very nice.

import { App as RealmApp, Credentials } from 'realm-web'

import { Oauth2Scheme } from '~auth/runtime'
import { encodeQuery, getProp, normalizePath, parseQuery } from './utils'

export default class MongoOauthScheme extends Oauth2Scheme {
  async _handleCallback(): Promise<boolean | void> {
    // Handle callback only for specified route
    if (
      this.$auth.options.redirect &&
      normalizePath(this.$auth.ctx.route.path, this.$auth.ctx) !==
        normalizePath(this.$auth.options.redirect.callback, this.$auth.ctx)
    ) {
      return
    }
    // Callback flow is not supported in server side
    if (process.server) {
      return
    }

    const hash = parseQuery(this.$auth.ctx.route.hash.substr(1))
    const parsedQuery = Object.assign({}, this.$auth.ctx.route.query, hash)
    // accessToken/idToken
    let token: string = parsedQuery[this.options.token.property] as string
    // refresh token
    let refreshToken: string

    if (this.options.refreshToken.property) {
      refreshToken = parsedQuery[this.options.refreshToken.property] as string
    }

    // Validate state
    const state = this.$auth.$storage.getUniversal(this.name + '.state')
    this.$auth.$storage.setUniversal(this.name + '.state', null)
    if (state && parsedQuery.state !== state) {
      return
    }

    // -- Authorization Code Grant --
    if (this.options.responseType === 'code' && parsedQuery.code) {
      let codeVerifier

      // Retrieve code verifier and remove it from storage
      if (
        this.options.codeChallengeMethod &&
        this.options.codeChallengeMethod !== 'implicit'
      ) {
        codeVerifier = this.$auth.$storage.getUniversal(
          this.name + '.pkce_code_verifier'
        )
        this.$auth.$storage.setUniversal(
          this.name + '.pkce_code_verifier',
          null
        )
      }

      const response = await this.$auth.request({
        method: 'post',
        url: this.options.endpoints.token,
        baseURL: '',
        data: encodeQuery({
          code: parsedQuery.code as string,
          client_id: this.options.clientId + '',
          redirect_uri: this.redirectURI,
          response_type: this.options.responseType,
          audience: this.options.audience,
          grant_type: this.options.grantType,
          // @ts-expect-error
          code_verifier: codeVerifier,
        }),
      })

      token =
        (getProp(response.data, this.options.token.property) as string) || token
      refreshToken =
        (getProp(
          response.data,
          this.options.refreshToken.property
          // @ts-expect-error
        ) as string) || refreshToken
    }

    if (!token || !token.length) {
      return
    }

    // Set token
    this.token.set(token)

    // Store refresh token
    // @ts-expect-error
    if (refreshToken && refreshToken.length) {
      this.refreshToken.set(refreshToken)
    }

    // After successful redirect from Google oauth2 login, reuse the data for Mongo
    const app = new RealmApp({ id: this.$auth.ctx.$config.realmAppId })
    // @ts-ignore
    const credentials = Credentials.google({ idToken: hash.id_token })
    await app.logIn(credentials)

    // Redirect to home
    this.$auth.redirect('home', true)
    return true // True means a redirect happened
  }
}