diff --git a/biome.json b/biome.json index 740cbbb8cc..61e59c471c 100644 --- a/biome.json +++ b/biome.json @@ -32,7 +32,9 @@ "style": "separatedType" } }, - "useNodejsImportProtocol": "error" + "useNodejsImportProtocol": "error", + "noRestrictedTypes": "off", + "noRestrictedGlobals": "off" }, "recommended": false, "suspicious": { @@ -76,6 +78,50 @@ "indentStyle": "space", "indentWidth": 2 } + }, + { + "includes": ["packages/**/src/**"], + "linter": { + "rules": { + "style": { + "noRestrictedTypes": { + "level": "error", + "options": { + "types": { + "Buffer": { + "message": "Buffer is deprecated. Use `Uint8Array` instead.", + "use": "Uint8Array" + } + } + } + }, + "noRestrictedGlobals": { + "level": "error", + "options": { + "deniedGlobals": { + "Buffer": "Buffer is deprecated. Use `Uint8Array` instead." + } + } + } + } + } + } + }, + { + "includes": [ + "**/*.test.*", + "**/*.spec.*", + "**/test/**", + "**/__tests__/**" + ], + "linter": { + "rules": { + "style": { + "noRestrictedTypes": "off", + "noRestrictedGlobals": "off" + } + } + } } ], "files": { diff --git a/packages/sso/package.json b/packages/sso/package.json index 83ae318176..dac0c0db42 100644 --- a/packages/sso/package.json +++ b/packages/sso/package.json @@ -61,6 +61,7 @@ } }, "dependencies": { + "@better-auth/utils": "0.3.0", "@better-fetch/fetch": "catalog:", "fast-xml-parser": "^5.2.5", "jose": "^6.1.0", @@ -70,8 +71,8 @@ "devDependencies": { "@types/body-parser": "^1.19.6", "@types/express": "^5.0.5", - "better-call": "catalog:", "better-auth": "workspace:*", + "better-call": "catalog:", "body-parser": "^2.2.1", "express": "^5.1.0", "oauth2-mock-server": "^8.2.0", diff --git a/packages/sso/src/routes/sso.ts b/packages/sso/src/routes/sso.ts index 739a265c57..8928f77945 100644 --- a/packages/sso/src/routes/sso.ts +++ b/packages/sso/src/routes/sso.ts @@ -1,3 +1,4 @@ +import { base64 } from "@better-auth/utils/base64"; import { BetterFetchError, betterFetch } from "@better-fetch/fetch"; import type { User, Verification } from "better-auth"; import { @@ -1815,8 +1816,8 @@ export const callbackSSOSAML = (options?: SSOOptions) => { } catch (error) { ctx.context.logger.error("SAML response validation failed", { error, - decodedResponse: Buffer.from(SAMLResponse, "base64").toString( - "utf-8", + decodedResponse: new TextDecoder().decode( + base64.decode(SAMLResponse), ), }); throw new APIError("BAD_REQUEST", { @@ -2245,8 +2246,8 @@ export const acsEndpoint = (options?: SSOOptions) => { } catch (error) { ctx.context.logger.error("SAML response validation failed", { error, - decodedResponse: Buffer.from(SAMLResponse, "base64").toString( - "utf-8", + decodedResponse: new TextDecoder().decode( + base64.decode(SAMLResponse), ), }); throw new APIError("BAD_REQUEST", { @@ -2342,8 +2343,8 @@ export const acsEndpoint = (options?: SSOOptions) => { } // Assertion Replay Protection - const samlContentAcs = Buffer.from(SAMLResponse, "base64").toString( - "utf-8", + const samlContentAcs = new TextDecoder().decode( + base64.decode(SAMLResponse), ); const assertionIdAcs = extractAssertionId(samlContentAcs); diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 7acb918794..a115a2b09a 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -398,7 +398,7 @@ importers: version: 12.23.12(react-dom@19.2.3(react@19.2.3))(react@19.2.3) geist: specifier: ^1.4.2 - version: 1.4.2(next@16.0.10(@babel/core@7.28.4)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(babel-plugin-react-compiler@1.0.0)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(sass@1.90.0)) + version: 1.4.2(next@16.0.10(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(babel-plugin-react-compiler@1.0.0)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(sass@1.90.0)) input-otp: specifier: ^1.4.2 version: 1.4.2(react-dom@19.2.3(react@19.2.3))(react@19.2.3) @@ -510,7 +510,7 @@ importers: version: 2.1.1 geist: specifier: ^1.4.2 - version: 1.4.2(next@16.0.10(@babel/core@7.28.4)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(babel-plugin-react-compiler@1.0.0)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(sass@1.90.0)) + version: 1.4.2(next@16.0.10(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(babel-plugin-react-compiler@1.0.0)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(sass@1.90.0)) lucide-react: specifier: ^0.542.0 version: 0.542.0(react@19.2.3) @@ -752,7 +752,7 @@ importers: version: 15.8.3(@oramacloud/client@2.1.4)(@tanstack/react-router@1.139.7(react-dom@19.2.3(react@19.2.3))(react@19.2.3))(@types/react-dom@19.2.2(@types/react@19.2.2))(@types/react@19.2.2)(algoliasearch@5.36.0)(lucide-react@0.542.0(react@19.2.3))(next@16.0.10(@babel/core@7.28.4)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(babel-plugin-react-compiler@1.0.0)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(sass@1.90.0))(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(tailwindcss@4.1.18) geist: specifier: ^1.4.2 - version: 1.4.2(next@16.0.10(@babel/core@7.28.4)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(babel-plugin-react-compiler@1.0.0)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(sass@1.90.0)) + version: 1.4.2(next@16.0.10(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(babel-plugin-react-compiler@1.0.0)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(sass@1.90.0)) gray-matter: specifier: ^4.0.3 version: 4.0.3 @@ -1450,6 +1450,9 @@ importers: packages/sso: dependencies: + '@better-auth/utils': + specifier: 0.3.0 + version: 0.3.0 '@better-fetch/fetch': specifier: 'catalog:' version: 1.1.21 @@ -16649,7 +16652,7 @@ snapshots: postcss: 8.4.49 resolve-from: 5.0.0 optionalDependencies: - expo: 54.0.21(@babel/core@7.28.4)(@expo/metro-runtime@6.1.2)(@modelcontextprotocol/sdk@1.25.1(hono@4.10.2)(zod@3.25.76))(expo-router@6.0.14)(graphql@16.12.0)(react-native@0.81.5(@babel/core@7.28.4)(@react-native-community/cli@20.0.1(typescript@5.9.3))(@react-native/metro-config@0.81.0(@babel/core@7.28.4))(@types/react@19.2.2)(react@19.2.3))(react@19.2.3) + expo: 54.0.21(@babel/core@7.28.4)(@expo/metro-runtime@6.1.2)(@modelcontextprotocol/sdk@1.25.1(hono@4.10.2)(zod@4.1.13))(expo-router@6.0.14)(graphql@16.12.0)(react-native@0.80.2(@babel/core@7.28.4)(@react-native-community/cli@20.0.1(typescript@5.9.3))(@types/react@19.2.2)(react@19.2.3))(react@19.2.3) transitivePeerDependencies: - bufferutil - supports-color @@ -16734,7 +16737,7 @@ snapshots: '@expo/json-file': 10.0.7 '@react-native/normalize-colors': 0.81.5 debug: 4.4.3 - expo: 54.0.21(@babel/core@7.28.4)(@expo/metro-runtime@6.1.2)(@modelcontextprotocol/sdk@1.25.1(hono@4.10.2)(zod@3.25.76))(expo-router@6.0.14)(graphql@16.12.0)(react-native@0.81.5(@babel/core@7.28.4)(@react-native-community/cli@20.0.1(typescript@5.9.3))(@react-native/metro-config@0.81.0(@babel/core@7.28.4))(@types/react@19.2.2)(react@19.2.3))(react@19.2.3) + expo: 54.0.21(@babel/core@7.28.4)(@expo/metro-runtime@6.1.2)(@modelcontextprotocol/sdk@1.25.1(hono@4.10.2)(zod@4.1.13))(expo-router@6.0.14)(graphql@16.12.0)(react-native@0.80.2(@babel/core@7.28.4)(@react-native-community/cli@20.0.1(typescript@5.9.3))(@types/react@19.2.2)(react@19.2.3))(react@19.2.3) resolve-from: 5.0.0 semver: 7.7.3 xml2js: 0.6.0 @@ -19101,7 +19104,9 @@ snapshots: metro-runtime: 0.83.3 transitivePeerDependencies: - '@babel/core' + - bufferutil - supports-color + - utf-8-validate optional: true '@react-native/normalize-colors@0.74.89': {} @@ -21065,7 +21070,7 @@ snapshots: resolve-from: 5.0.0 optionalDependencies: '@babel/runtime': 7.28.4 - expo: 54.0.21(@babel/core@7.28.4)(@expo/metro-runtime@6.1.2)(@modelcontextprotocol/sdk@1.25.1(hono@4.10.2)(zod@3.25.76))(expo-router@6.0.14)(graphql@16.12.0)(react-native@0.81.5(@babel/core@7.28.4)(@react-native-community/cli@20.0.1(typescript@5.9.3))(@react-native/metro-config@0.81.0(@babel/core@7.28.4))(@types/react@19.2.2)(react@19.2.3))(react@19.2.3) + expo: 54.0.21(@babel/core@7.28.4)(@expo/metro-runtime@6.1.2)(@modelcontextprotocol/sdk@1.25.1(hono@4.10.2)(zod@4.1.13))(expo-router@6.0.14)(graphql@16.12.0)(react-native@0.80.2(@babel/core@7.28.4)(@react-native-community/cli@20.0.1(typescript@5.9.3))(@types/react@19.2.2)(react@19.2.3))(react@19.2.3) transitivePeerDependencies: - '@babel/core' - supports-color @@ -22701,7 +22706,7 @@ snapshots: expo-keep-awake@15.0.7(expo@54.0.21)(react@19.2.3): dependencies: - expo: 54.0.21(@babel/core@7.28.4)(@expo/metro-runtime@6.1.2)(@modelcontextprotocol/sdk@1.25.1(hono@4.10.2)(zod@3.25.76))(expo-router@6.0.14)(graphql@16.12.0)(react-native@0.81.5(@babel/core@7.28.4)(@react-native-community/cli@20.0.1(typescript@5.9.3))(@react-native/metro-config@0.81.0(@babel/core@7.28.4))(@types/react@19.2.2)(react@19.2.3))(react@19.2.3) + expo: 54.0.21(@babel/core@7.28.4)(@expo/metro-runtime@6.1.2)(@modelcontextprotocol/sdk@1.25.1(hono@4.10.2)(zod@4.1.13))(expo-router@6.0.14)(graphql@16.12.0)(react-native@0.80.2(@babel/core@7.28.4)(@react-native-community/cli@20.0.1(typescript@5.9.3))(@types/react@19.2.2)(react@19.2.3))(react@19.2.3) react: 19.2.3 expo-linking@7.1.7(expo@54.0.21)(react-native@0.80.2(@babel/core@7.28.4)(@react-native-community/cli@20.0.1(typescript@5.9.3))(@types/react@19.2.2)(react@19.2.3))(react@19.2.3): @@ -23393,7 +23398,7 @@ snapshots: function-bind@1.1.2: {} - geist@1.4.2(next@16.0.10(@babel/core@7.28.4)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(babel-plugin-react-compiler@1.0.0)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(sass@1.90.0)): + geist@1.4.2(next@16.0.10(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(babel-plugin-react-compiler@1.0.0)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(sass@1.90.0)): dependencies: next: 16.0.10(@babel/core@7.28.4)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(babel-plugin-react-compiler@1.0.0)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(sass@1.90.0)