@aooth/auth-moost 0.1.18 → 0.1.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/atscript/index.d.mts +449 -1
- package/dist/atscript/index.mjs +1 -1
- package/dist/{forms-D7ZfanKT.mjs → forms-uqegc32h.mjs} +1 -1
- package/dist/index.d.mts +314 -19
- package/dist/index.mjs +434 -60
- package/package.json +19 -19
- package/src/atscript/models/forms.as +8 -3
- package/src/atscript/models/forms.as.d.ts +1 -1
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@aooth/auth-moost",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.20",
|
|
4
4
|
"description": "Moost auth integration for aoothjs — AuthGuard interceptor, useAuth composable, REST endpoints, workflows",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"aoothjs",
|
|
@@ -57,33 +57,33 @@
|
|
|
57
57
|
"access": "public"
|
|
58
58
|
},
|
|
59
59
|
"dependencies": {
|
|
60
|
-
"@atscript/moost-wf": "^0.1.
|
|
60
|
+
"@atscript/moost-wf": "^0.1.99",
|
|
61
61
|
"@wooksjs/http-body": "^0.7.19",
|
|
62
|
-
"@aooth/
|
|
63
|
-
"@aooth/
|
|
64
|
-
"@aooth/
|
|
65
|
-
"@aooth/
|
|
62
|
+
"@aooth/auth": "0.1.20",
|
|
63
|
+
"@aooth/arbac-moost": "^0.1.20",
|
|
64
|
+
"@aooth/user": "0.1.20",
|
|
65
|
+
"@aooth/idp": "0.1.20"
|
|
66
66
|
},
|
|
67
67
|
"devDependencies": {
|
|
68
|
-
"@atscript/core": "^0.1.
|
|
69
|
-
"@atscript/typescript": "^0.1.
|
|
70
|
-
"@atscript/ui": "^0.1.
|
|
71
|
-
"@atscript/ui-fns": "^0.1.
|
|
72
|
-
"@moostjs/event-http": "^0.6.
|
|
73
|
-
"@moostjs/event-wf": "^0.6.
|
|
74
|
-
"moost": "^0.6.
|
|
75
|
-
"unplugin-atscript": "^0.1.
|
|
68
|
+
"@atscript/core": "^0.1.76",
|
|
69
|
+
"@atscript/typescript": "^0.1.76",
|
|
70
|
+
"@atscript/ui": "^0.1.99",
|
|
71
|
+
"@atscript/ui-fns": "^0.1.99",
|
|
72
|
+
"@moostjs/event-http": "^0.6.27",
|
|
73
|
+
"@moostjs/event-wf": "^0.6.27",
|
|
74
|
+
"moost": "^0.6.27",
|
|
75
|
+
"unplugin-atscript": "^0.1.76",
|
|
76
76
|
"wooks": "^0.7.19"
|
|
77
77
|
},
|
|
78
78
|
"peerDependencies": {
|
|
79
|
-
"@atscript/moost-wf": "^0.1.
|
|
80
|
-
"@atscript/typescript": "^0.1.
|
|
81
|
-
"@moostjs/event-http": "^0.6.
|
|
82
|
-
"@moostjs/event-wf": "^0.6.
|
|
79
|
+
"@atscript/moost-wf": "^0.1.99",
|
|
80
|
+
"@atscript/typescript": "^0.1.76",
|
|
81
|
+
"@moostjs/event-http": "^0.6.27",
|
|
82
|
+
"@moostjs/event-wf": "^0.6.27",
|
|
83
83
|
"@wooksjs/event-core": "^0.7.19",
|
|
84
84
|
"@wooksjs/event-http": "^0.7.19",
|
|
85
85
|
"@wooksjs/http-body": "^0.7.19",
|
|
86
|
-
"moost": "^0.6.
|
|
86
|
+
"moost": "^0.6.27"
|
|
87
87
|
},
|
|
88
88
|
"peerDependenciesMeta": {
|
|
89
89
|
"@atscript/typescript": {
|
|
@@ -991,15 +991,20 @@ export interface ProveControlOtpForm {
|
|
|
991
991
|
* client it never approved. Fieldless apart from the explanatory paragraph; the
|
|
992
992
|
* primary submit ('Authorize') records consent and proceeds to the mint, the
|
|
993
993
|
* 'Deny' action 302s the client back with `error=access_denied`. The requesting
|
|
994
|
-
* client + scope ride the `@wf.context.pass 'public'`
|
|
995
|
-
* whitelist (display-only — the handle / approval gate stay
|
|
994
|
+
* client + scope + validated redirect host ride the `@wf.context.pass 'public'`
|
|
995
|
+
* `ctx.public.authz` whitelist (display-only — the handle / approval gate stay
|
|
996
|
+
* server-side). `clientName` is REGISTRANT-SUPPLIED text (a DCR client names
|
|
997
|
+
* itself), so the copy pairs it with the validated redirect host — where the
|
|
998
|
+
* code is actually delivered, which a self-chosen name can't fake — and the
|
|
999
|
+
* `ui.paragraph` renderer emits a TEXT node (never markup/links), so a
|
|
1000
|
+
* malicious name can't become a clickable phish.
|
|
996
1001
|
*/
|
|
997
1002
|
@meta.label 'Authorize access'
|
|
998
1003
|
@wf.context.pass 'public'
|
|
999
1004
|
@ui.form.submit.text 'Authorize'
|
|
1000
1005
|
export interface AuthorizeConsentForm {
|
|
1001
1006
|
@ui.form.order 1
|
|
1002
|
-
@ui.form.fn.value '(_, _d, ctx) => { const a = ctx.public?.authz; const who = a?.clientName ? "“" + a.clientName + "”" : "A local application"; const sc = a?.scope ? " It is requesting access to: " + a.scope + "." : ""; return who + " wants to sign in to your account." + sc + " Authorize this only if you started it."; }'
|
|
1007
|
+
@ui.form.fn.value '(_, _d, ctx) => { const a = ctx.public?.authz; const host = a?.clientName && a?.redirectHost ? " (" + a.redirectHost + ")" : ""; const who = a?.clientName ? "“" + a.clientName + "”" + host : "A local application"; const sc = a?.scope ? " It is requesting access to: " + a.scope + "." : ""; return who + " wants to sign in to your account." + sc + " Authorize this only if you started it."; }'
|
|
1003
1008
|
notice: ui.paragraph
|
|
1004
1009
|
|
|
1005
1010
|
@ui.form.order 10
|
|
@@ -474,7 +474,7 @@ export declare class ProveControlOtpForm {
|
|
|
474
474
|
|
|
475
475
|
/**
|
|
476
476
|
* Atscript interface **AuthorizeConsentForm**
|
|
477
|
-
* @see {@link ./forms.as:
|
|
477
|
+
* @see {@link ./forms.as:1005:18}
|
|
478
478
|
*/
|
|
479
479
|
export declare class AuthorizeConsentForm {
|
|
480
480
|
// notice: ui.paragraph
|