Add Salesforce OAuth provider (#1011)

.auri/$4tvios4d.md

@@ -0,0 +1,6 @@
+---
+package: "@lucia-auth/oauth" # package name
+type: "minor" # "major", "minor", "patch"
+---
+
+Add Salesforce provider

.auri/$zr0k9t3z.md

@@ -3,4 +3,4 @@ package: "@lucia-auth/oauth" # package name
 type: "minor" # "major", "minor", "patch"
 ---
 
-Add Slack OAuth providers
+Add Slack provider

documentation/content/oauth/index.md

@@ -43,6 +43,7 @@ We also have framework specific guides.
 - osu!
 - Patreon
 - Reddit
+- Salesforce
 - Slack
 - Spotify
 - Twitch

documentation/content/oauth/providers/salesforce.md

@@ -0,0 +1,131 @@
+---
+title: "Salesforce"
+description: "Learn how to use the Salesforce OAuth provider"
+---
+
+OAuth 2.0 (Authorization code) integration for Salesforce. Provider id is `salesforce`.
+
+```ts
+import { salesforce } from "@lucia-auth/oauth/providers";
+import { auth } from "./lucia.js";
+
+const salesforceAuth = salesforce(auth, configs);
+```
+
+## `salesforce()`
+
+Scopes `oidc`, `profile`, and `id` are always included.
+
+```ts
+const salesforce: (
+	auth: Auth,
+	configs: {
+		clientId: string;
+		clientSecret: string;
+		redirectUri: string;
+		scope?: string[];
+	}
+) => SalesforceProvider;
+```
+
+##### Parameters
+
+| name                   | type                                       | description                        | optional |
+| ---------------------- | ------------------------------------------ | ---------------------------------- | :------: |
+| `auth`                 | [`Auth`](/reference/lucia/interfaces/auth) | Lucia instance                     |          |
+| `configs.clientId`     | `string`                                   | Salesforce OAuth app client id     |          |
+| `configs.clientSecret` | `string`                                   | Salesforce OAuth app client secret |          |
+| `configs.redirectUri`  | `string`                                   | an authorized redirect URI         |          |
+| `configs.scope`        | `string[]`                                 | an array of scopes                 |    ✓     |
+
+##### Returns
+
+| type                                        | description         |
+| ------------------------------------------- | ------------------- |
+| [`SalesforceProvider`](#salesforceprovider) | Salesforce provider |
+
+## Interfaces
+
+### `SalesforceAuth`
+
+See [`OAuth2ProviderAuth`](/reference/oauth/interfaces/oauth2providerauth).
+
+```ts
+// implements OAuth2ProviderAuth<SalesforceAuth<_Auth>>
+interface SalesforceAuth<_Auth extends Auth> {
+	getAuthorizationUrl: () => Promise<readonly [url: URL, state: string]>;
+	validateCallback: (code: string) => Promise<SalesforceUserAuth<_Auth>>;
+}
+```
+
+| type                                        |
+| ------------------------------------------- |
+| [`SalesforceUserAuth`](#salesforceuserauth) |
+
+##### Generics
+
+| name    | extends    | default |
+| ------- | ---------- | ------- |
+| `_Auth` | [`Auth`]() | `Auth`  |
+
+### `SalesforceTokens`
+
+```ts
+type SalesforceTokens = {
+	accessToken: string;
+	idToken: string;
+	refreshToken: string | null;
+};
+```
+
+### `SalesforceUser`
+
+```ts
+type SalesforceUser = {
+	sub: string; // URL
+	user_id: string;
+	organization_id: string;
+	name: string;
+	email?: string;
+	email_verified: boolean;
+	given_name: string;
+	family_name: string;
+	zoneinfo: string;
+	photos: {
+		picture: string;
+		thumbnail: string;
+	};
+	profile: string;
+	picture: string;
+	address?: Record<string, string>;
+	urls: Record<string, string>;
+	active: boolean;
+	user_type: string;
+	language: string;
+	locale: string;
+	utcOffset: number;
+	updated_at: string;
+};
+```
+
+### `SalesforceUserAuth`
+
+Extends [`ProviderUserAuth`](/reference/oauth/interfaces/provideruserauth).
+
+```ts
+interface Auth0UserAuth<_Auth extends Auth> extends ProviderUserAuth<_Auth> {
+	salesforceUser: SalesforceUser;
+	salesforceTokens: SalesforceTokens;
+}
+```
+
+| properties         | type                                    | description       |
+| ------------------ | --------------------------------------- | ----------------- |
+| `salesforceUser`   | [`SalesforceUser`](#salesforceuser)     | Salesforce user   |
+| `salesforceTokens` | [`SalesforceTokens`](#salesforcetokens) | Access tokens etc |
+
+##### Generics
+
+| name    | extends    |
+| ------- | ---------- |
+| `_Auth` | [`Auth`]() |

documentation/content/reference/oauth/interfaces/oauth2providerauthwithpkce.md

@@ -3,15 +3,17 @@ title: "`OAuth2ProviderAuthWithPKCE`"
 ---
 
 ```ts
-interface OAuth2ProviderAuthWithPKCE<_ProviderUserAuth extends ProviderUserAuth> {
+interface OAuth2ProviderAuthWithPKCE<
+	_ProviderUserAuth extends ProviderUserAuth
+> {
 	getAuthorizationUrl: () => Promise<
 		readonly [url: URL, codeVerifier: string, state: string | null]
 	>;
 	validateCallback: (
 		code: string,
 		codeVerifier: string
 	) => Promise<_ProviderUserAuth>;
-};
+}
 ```
 
 ##### Generics

documentation/content/reference/oauth/modules/providers.md

@@ -46,6 +46,10 @@ See [Patreon](/oauth/providers/patreon) provider.
 
 See [Reddit](/oauth/providers/reddit) provider.
 
+## `salesforce()`
+
+See [Salesforce](/oauth/providers/salesforce) provider.
+
 ## `slack()`
 
 See [Slack](/oauth/providers/slack) provider.

documentation/src/components/menus/OAuthMenu.astro

@@ -31,6 +31,7 @@ import Menu from "./Menu.astro";
 				["osu!", "/oauth/providers/osu"],
 				["Patreon", "/oauth/providers/patreon"],
 				["Reddit", "/oauth/providers/reddit"],
+				["Salesforce", "/oauth/providers/salesforce"],
 				["Slack", "/oauth/providers/slack"],
 				["Spotify", "/oauth/providers/spotify"],
 				["Twitch", "/oauth/providers/twitch"],

packages/oauth/src/index.ts

@@ -1,11 +1,14 @@
 export {
 	createOAuth2AuthorizationUrl,
 	createOAuth2AuthorizationUrlWithPKCE,
-	validateOAuth2AuthorizationCode,
+	validateOAuth2AuthorizationCode
 } from "./core/oauth2.js";
 export { decodeIdToken } from "./core/oidc.js";
 export { providerUserAuth } from "./core/provider.js";
 export { OAuthRequestError } from "./core/request.js";
 
 export type { ProviderUserAuth } from "./core/provider.js";
-export type { OAuth2ProviderAuth, OAuth2ProviderAuthWithPKCE } from "./core/oauth2.js";
+export type {
+	OAuth2ProviderAuth,
+	OAuth2ProviderAuthWithPKCE
+} from "./core/oauth2.js";

packages/oauth/src/lucia.ts

@@ -14,4 +14,4 @@ export type LuciaUser<_Auth extends Auth> = ReturnType<
 
 export type LuciaDatabaseUserAttributes<_Auth extends Auth> = Parameters<
 	_Auth["createUser"]
->[0]["attributes"];
+>[0]["attributes"];

packages/oauth/src/providers/apple.ts

@@ -52,7 +52,7 @@ export class AppleAuth<_Auth extends Auth = Auth> extends OAuth2ProviderAuth<
 		url.searchParams.set("response_mode", "query");
 		return [url, state];
 	};
-	
+
 	public validateCallback = async (
 		code: string
 	): Promise<AppleUserAuth<_Auth>> => {

packages/oauth/src/providers/auth0.ts

@@ -48,7 +48,7 @@ export class Auth0Auth<_Auth extends Auth = Auth> extends OAuth2ProviderAuth<
 			}
 		);
 	};
-	
+
 	public validateCallback = async (
 		code: string
 	): Promise<Auth0UserAuth<_Auth>> => {

packages/oauth/src/providers/azure-ad.ts

@@ -4,7 +4,6 @@ import {
 	createOAuth2AuthorizationUrlWithPKCE,
 	validateOAuth2AuthorizationCode
 } from "../core/oauth2.js";
-import { decodeIdToken } from "../core/oidc.js";
 import { ProviderUserAuth } from "../core/provider.js";
 
 import type { Auth } from "lucia";

packages/oauth/src/providers/discord.ts

@@ -48,7 +48,7 @@ export class DiscordAuth<_Auth extends Auth = Auth> extends OAuth2ProviderAuth<
 			}
 		);
 	};
-	
+
 	public validateCallback = async (
 		code: string
 	): Promise<DiscordUserAuth<_Auth>> => {

packages/oauth/src/providers/index.ts

@@ -89,6 +89,14 @@ export type {
 	RedditUserAuth
 } from "./reddit.js";
 
+export { salesforce } from "./salesforce.js";
+export type {
+	SalesforceAuth,
+	SalesforceTokens,
+	SalesforceUser,
+	SalesforceUserAuth
+} from "./salesforce.js";
+
 export { slack } from "./slack.js";
 export type {
 	SlackAuth,