Updated auth package and made corresponding changes within the code including creating types etc... + separated oauth stuff to it's own folder

package.json

@@ -13,6 +13,10 @@
       "types": "./index.d.ts",
       "default": "./index.js"
     },
+    "./oauth": {
+      "types": "./oauth/index.d.ts",
+      "default": "./oauth/index.js"
+    },
     "./middlewares": {
       "types": "./middlewares/index.d.ts",
       "default": "./middlewares/index.js"
@@ -35,7 +39,7 @@
     "create-ba-web-app": "node ./bin/create-project.js"
   },
   "dependencies": {
-    "@BridgemanAccessible/ba-auth": "^1.0.20",
+    "@BridgemanAccessible/ba-auth": "^1.0.21",
     "@BridgemanAccessible/ba-logging": "^1.0.1",
     "express": "^4.19.2",
     "fs-extra": "^11.2.0",

src/index.ts

@@ -3,15 +3,13 @@ import { Initializer } from './Initializer.js';
 import { Router } from './Router.js';
 import { Renderer } from './Renderer.js';
 import { StaticFileResolver } from './StaticFileResolver.js';
-import { OAuthApp } from './OAuthApp.js';
 
 export {
     App,
     Initializer,
     Router,
     Renderer,
-    StaticFileResolver,
+    StaticFileResolver
-    OAuthApp
 };
 
 export * from './controllers/index.js';

src/oauth/OAuthApp.ts

@@ -4,16 +4,23 @@ import Client from '@BridgemanAccessible/ba-auth/client';
 import type { OnAuthCallback } from '@BridgemanAccessible/ba-auth/client';
 import { logMessage, LogLevel } from '@BridgemanAccessible/ba-logging';
 
-import { App } from './App.js';
+import { App } from '../App.js';
-import { Initializer } from './Initializer.js';
+import { Initializer } from '../Initializer.js';
 
-import { getValueFromEnvironmentVariable } from './utils/env-vars.js';
+import { getValueFromEnvironmentVariable } from '../utils/env-vars.js';
+
+import type { BridgemanAccessibleAppClaims } from './types/BridgemanAccessibleAppClaims.js';
+import type { AppSubscriptionTier } from './types/AppSubscriptionTier.js';
 
 type OAuthAppOptions = {
     /** The base URL of the app */
     baseAppUrl?: URL,
     /** The abbreviation of the app */
     appAbbrv?: string, 
+    /** If a subscription is required */
+    subscriptionRequired?: boolean,
+    /** The subscription tiers available for the app */
+    subscriptionTiers?: AppSubscriptionTier[],
     /** The name of the app */
     appName?: string | {
         /** Localized versions of the app name */
@@ -47,6 +54,8 @@ export class OAuthApp extends App {
 
     private baseAppUrl?: URL;
     private appAbbrv?: string;
+    private subscriptionRequired?: boolean;
+    private subscriptionTiers?: AppSubscriptionTier[];
     private appName?: string | { [language: string]: string };
     private contacts?: string[];
     private scopes?: Scopes[];
@@ -107,6 +116,8 @@ export class OAuthApp extends App {
         if(typeof options !== 'undefined') {
             this.baseAppUrl = options.baseAppUrl;
             this.appAbbrv = options.appAbbrv;
+            this.subscriptionRequired = options.subscriptionRequired;
+            this.subscriptionTiers = options.subscriptionTiers;
             this.appName = options.appName;
             this.contacts = options.contacts;
             this.scopes = options.scopes;
@@ -149,12 +160,16 @@ export class OAuthApp extends App {
             .getRouter()
             .addOutsideFrameworkRoute('/.well-known/jwks.json');
 
-        const client = await Client.setup(
+        const client = await Client.setup<BridgemanAccessibleAppClaims>(
             app.getExpressApp(), 
             baseAppUrl, 
             this.onAuth, 
             this.saveSecret, 
-            appAbbrv, 
+            {
+                client_abbreviation: appAbbrv,
+                subscription_required: this.subscriptionRequired ?? false,
+                subscription_tiers: this.subscriptionTiers
+            }, 
             this.appName, 
             this.scopes, 
             {

src/oauth/index.ts

@@ -0,0 +1,9 @@
+import { OAuthApp } from './OAuthApp.js';
+import { BridgemanAccessibleAppClaims } from './types/BridgemanAccessibleAppClaims.js';
+import { AppSubscriptionTier } from './types/AppSubscriptionTier.js';
+
+export {
+    OAuthApp,
+    BridgemanAccessibleAppClaims,
+    AppSubscriptionTier
+}

src/oauth/types/AppSubscriptionTier.ts

@@ -0,0 +1,9 @@
+/** App subscription tier (mostly for app registration) */
+export interface AppSubscriptionTier {
+    id: string;
+    name: string; // e.g., "Free", "Pro"
+    cost: number; // e.g., 1000 (cents)
+    currency: string; // e.g., "USD"
+    description?: string;
+    // You can add 'features' list here if needed
+}

src/oauth/types/BridgemanAccessibleAppClaims.ts

@@ -0,0 +1,33 @@
+import { ClientCustomClaims } from '@BridgemanAccessible/ba-auth/server';
+
+import { AppSubscriptionTier } from './AppSubscriptionTier.js';
+
+/** 
+ * The custom registration claims (for Bridgeman Accessible apps) as used by this server
+ * 
+ * This allows registering apps to specify very specific things this Authorization Server supports, such as: 
+ * - their subscription tiers 
+ * - and client abbreviation.
+ * 
+ * Which are useful internally to this server and clients/apps registering with it.
+ * But aren't a part of the major OAuth2 standards supported by the Auth library 
+ * (and aren't helpful for other Authorization Server implementations).
+ */
+export interface BridgemanAccessibleAppClaims extends ClientCustomClaims {
+     /**
+     * The abbreviation for the app
+     * 
+     * This is used as a prefix for related user properties associated with the app.
+     * 
+     * For example, take the "Accessible Events Platform", with the abbreviation "aep".
+     * If we want to store some kind of ID for it, the property in the user might be `aepId`.
+     * And all apps would follow this pattern of `<abbreviation><property name>`.
+     */
+    client_abbreviation: string;
+
+    /** Whether a paid subscription is mandatory to use the app */
+    subscription_required: boolean;
+
+    /** The available subscription tiers for this client application */
+    subscription_tiers?: AppSubscriptionTier[];
+}

yarn.lock

@@ -2,10 +2,10 @@
 # yarn lockfile v1
 
 
-"@BridgemanAccessible/ba-auth@^1.0.20":
+"@BridgemanAccessible/ba-auth@^1.0.21":
-  version "1.0.20"
+  version "1.0.21"
-  resolved "https://npm.pkg.bridgemanaccessible.ca/@BridgemanAccessible/ba-auth/-/ba-auth-1.0.20.tgz#3e9c5b5608b1a01fe0d9b70fba27dc9a8dc3e470"
+  resolved "https://npm.pkg.bridgemanaccessible.ca/@BridgemanAccessible/ba-auth/-/ba-auth-1.0.21.tgz#288b72f5f40b634ca34ace34400857e0fe62cb20"
-  integrity sha512-tHNVLc6ZX7uE/6bXpMfHqO6Yw/HQw0eQuP17YxvwJdLO+UTinirtMNJ43UQMAonmxrMkwTK0emfV/R13qiW4HA==
+  integrity sha512-3KkRj1SwYUot64/CoLGOojPLORTTXhqBBJIMVS4bpXOj695TXOluoNAv2dH0n61cfKCbBxbVnwt6h1AQq7cvfw==
   dependencies:
     "@BridgemanAccessible/ba-logging" "^1.0.1"
     "@azure/identity" "^4.0.1"