@adobe/helix-config-storage 2.2.5 → 2.2.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/CHANGELOG.md +7 -0
  2. package/package.json +2 -2
  3. package/src/config-store.js +3 -4
  4. package/src/utils.js +14 -3
package/CHANGELOG.md CHANGED
@@ -1,3 +1,10 @@
1
+ ## [2.2.6](https://github.com/adobe/helix-config-storage/compare/v2.2.5...v2.2.6) (2025-05-13)
2
+
3
+
4
+ ### Bug Fixes
5
+
6
+ * escape jti correctly ([#125](https://github.com/adobe/helix-config-storage/issues/125)) ([906c4ba](https://github.com/adobe/helix-config-storage/commit/906c4ba771cea525de5985b76a2556fc901a2206))
7
+
1
8
  ## [2.2.5](https://github.com/adobe/helix-config-storage/compare/v2.2.4...v2.2.5) (2025-05-12)
2
9
 
3
10
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@adobe/helix-config-storage",
3
- "version": "2.2.5",
3
+ "version": "2.2.6",
4
4
  "description": "Helix Config Storage",
5
5
  "main": "src/index.js",
6
6
  "types": "src/index.d.ts",
@@ -46,7 +46,7 @@
46
46
  "husky": "9.1.7",
47
47
  "json-schema-to-typescript": "15.0.4",
48
48
  "junit-report-builder": "5.1.1",
49
- "lint-staged": "15.5.1",
49
+ "lint-staged": "16.0.0",
50
50
  "mocha": "11.2.2",
51
51
  "mocha-multi-reporters": "1.5.1",
52
52
  "mocha-suppress-logs": "0.5.1",
package/src/config-store.js CHANGED
@@ -13,14 +13,13 @@
13
13
  import crypto from 'crypto';
14
14
  import { decodeJwt } from 'jose';
15
15
  import { HelixStorage } from '@adobe/helix-shared-storage';
16
- import { sanitizeName } from '@adobe/helix-shared-string';
17
16
  import { StatusCodeError } from './status-code-error.js';
18
17
  import {
19
18
  createToken, createUser,
20
19
  migrateToken,
21
20
  updateCodeSource,
22
21
  updateContentSource,
23
- deepGetOrCreate, deepPut, prune, createSecret, migrateSecret, isDeepEqual,
22
+ deepGetOrCreate, deepPut, prune, createSecret, migrateSecret, isDeepEqual, base64ToBase64Url,
24
23
  } from './utils.js';
25
24
  import { validate as validateSchema } from './config-validator.js';
26
25
  import { getMergedConfig } from './config-merge.js';
@@ -607,7 +606,7 @@ export class ConfigStore {
607
606
  throw new StatusCodeError(400, e.message);
608
607
  }
609
608
  }
610
- frag.name = sanitizeName(data.id);
609
+ frag.name = base64ToBase64Url(data.id);
611
610
  frag.type = 'apiKey';
612
611
  frag.relPath.push(frag.name);
613
612
  }
@@ -618,7 +617,7 @@ export class ConfigStore {
618
617
  const oldData = deepGetOrCreate(old, frag.relPath, true);
619
618
  data.created = oldData.created || new Date().toISOString();
620
619
  // ensure that the name is equal to the sanitized id
621
- if (frag.name !== sanitizeName(data.id)) {
620
+ if (frag.name !== base64ToBase64Url(data.id)) {
622
621
  throw new StatusCodeError(400, 'apiKey id mismatch');
623
622
  }
624
623
  }
package/src/utils.js CHANGED
@@ -194,6 +194,19 @@ export function createUser() {
194
194
  };
195
195
  }
196
196
 
197
+ /**
198
+ * converts a base64 to a base64url string.
199
+ */
200
+ export function base64ToBase64Url(str) {
201
+ if (!str) {
202
+ return str;
203
+ }
204
+ return str
205
+ .replaceAll('+', '-')
206
+ .replaceAll('/', '_')
207
+ .replaceAll('=', '');
208
+ }
209
+
197
210
  /**
198
211
  * migrates an existing jwt token
199
212
  * @param key
@@ -211,9 +224,7 @@ export async function migrateToken(key, jwt) {
211
224
  if (!jti) {
212
225
  throw new StatusCodeError(400, 'unable to migrate jwt: missing jti claim.');
213
226
  }
214
- const id = jti
215
- .replaceAll('/', '_')
216
- .replaceAll('+', '-');
227
+ const id = base64ToBase64Url(jti);
217
228
  const hash = crypto
218
229
  .createHmac('sha512', key)
219
230
  .update(jwt, 'utf-8')