@atcute/oauth-browser-client 1.0.10 → 1.0.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/dpop.js +14 -7
- package/dist/dpop.js.map +1 -1
- package/lib/dpop.ts +16 -9
- package/package.json +1 -1
package/dist/dpop.js
CHANGED
|
@@ -48,13 +48,15 @@ export const createDPoPFetch = (issuer, dpopKey, isAuthServer) => {
|
|
|
48
48
|
: undefined;
|
|
49
49
|
const { method, url } = request;
|
|
50
50
|
const { origin } = new URL(url);
|
|
51
|
-
//
|
|
52
|
-
//
|
|
51
|
+
// See if we have a pending promise for this origin, we'll await before
|
|
52
|
+
// proceeding with this request, next comment describes what the promise
|
|
53
|
+
// is meant to be.
|
|
53
54
|
let deferred = pending.get(origin);
|
|
54
55
|
if (deferred) {
|
|
55
56
|
await deferred.promise;
|
|
56
57
|
deferred = undefined;
|
|
57
58
|
}
|
|
59
|
+
// Get our persisted nonce value for this origin
|
|
58
60
|
let initNonce;
|
|
59
61
|
try {
|
|
60
62
|
initNonce = nonces.get(origin);
|
|
@@ -67,11 +69,12 @@ export const createDPoPFetch = (issuer, dpopKey, isAuthServer) => {
|
|
|
67
69
|
// up with multiple failing requests.
|
|
68
70
|
pending.set(origin, (deferred = Promise.withResolvers()));
|
|
69
71
|
}
|
|
72
|
+
let nextNonce;
|
|
70
73
|
try {
|
|
71
74
|
const initProof = await sign(method, url, initNonce, ath);
|
|
72
75
|
request.headers.set('dpop', initProof);
|
|
73
76
|
const initResponse = await fetch(request);
|
|
74
|
-
|
|
77
|
+
nextNonce = initResponse.headers.get('dpop-nonce');
|
|
75
78
|
if (nextNonce === null || nextNonce === initNonce) {
|
|
76
79
|
// No nonce was returned or it is the same as the one we sent. No need to
|
|
77
80
|
// update the nonce store, or retry the request.
|
|
@@ -96,10 +99,6 @@ export const createDPoPFetch = (issuer, dpopKey, isAuthServer) => {
|
|
|
96
99
|
// will return the original response and let the calling code handle retries.
|
|
97
100
|
return initResponse;
|
|
98
101
|
}
|
|
99
|
-
const nextProof = await sign(method, url, nextNonce, ath);
|
|
100
|
-
const nextRequest = new Request(input, init);
|
|
101
|
-
nextRequest.headers.set('dpop', nextProof);
|
|
102
|
-
return await fetch(nextRequest);
|
|
103
102
|
}
|
|
104
103
|
finally {
|
|
105
104
|
// Now everyone can have their turn.
|
|
@@ -108,6 +107,14 @@ export const createDPoPFetch = (issuer, dpopKey, isAuthServer) => {
|
|
|
108
107
|
deferred.resolve();
|
|
109
108
|
}
|
|
110
109
|
}
|
|
110
|
+
// We got here because we were asked to retry the request (due to missing
|
|
111
|
+
// nonce value in the first request), let's do just that.
|
|
112
|
+
{
|
|
113
|
+
const nextProof = await sign(method, url, nextNonce, ath);
|
|
114
|
+
const nextRequest = new Request(input, init);
|
|
115
|
+
nextRequest.headers.set('dpop', nextProof);
|
|
116
|
+
return await fetch(nextRequest);
|
|
117
|
+
}
|
|
111
118
|
};
|
|
112
119
|
};
|
|
113
120
|
const isUseDpopNonceError = async (response, isAuthServer) => {
|
package/dist/dpop.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dpop.js","sourceRoot":"","sources":["../lib/dpop.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAEhG,MAAM,SAAS,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAW,CAAC;AAElE,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,IAAsB,EAAE;IAC1D,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;IAElF,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;IACpE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,GAAG,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;IAEvG,OAAO;QACN,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,WAAW,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;QACrC,GAAG,EAAE,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;KAC7F,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,MAAc,EAAE,OAAgB,EAAE,EAAE;IACrE,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC;IACjC,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IAE3G,MAAM,gBAAgB,GAAG,CACxB,MAAc,EACd,GAAW,EACX,KAAyB,EACzB,GAAuB,EACtB,EAAE;QACH,+EAA+E;QAC/E,MAAM,GAAG,GAAG,WAAW,CAAC,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QAEvD,MAAM,OAAO,GAAG;YACf,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,KAAK,CAAC;YAC5B,GAAG,EAAE,WAAW,CAAC,GAAG,CAAC;YACrB,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,GAAG;YACR,KAAK,EAAE,KAAK;YACZ,GAAG,EAAE,GAAG;SACR,CAAC;QAEF,OAAO,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAC7D,CAAC,CAAC;IAEF,OAAO,KAAK,EAAE,MAAc,EAAE,GAAW,EAAE,KAAyB,EAAE,GAAuB,EAAE,EAAE;QAChG,MAAM,aAAa,GAAG,gBAAgB,CAAC,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;QAEhE,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CACtC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAC5C,MAAM,UAAU,EAChB,OAAO,CAAC,MAAM,CAAC,YAAY,GAAG,GAAG,GAAG,aAAa,CAAC,CAClD,CAAC;QAEF,MAAM,eAAe,GAAG,WAAW,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;QAE5D,OAAO,YAAY,GAAG,GAAG,GAAG,aAAa,GAAG,GAAG,GAAG,eAAe,CAAC;IACnE,CAAC,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,MAAc,EAAE,OAAgB,EAAE,YAAsB,EAAgB,EAAE;IACzG,MAAM,MAAM,GAAG,QAAQ,CAAC,UAAU,CAAC;IACnC,MAAM,OAAO,GAAG,QAAQ,CAAC,YAAY,CAAC;IAEtC,MAAM,IAAI,GAAG,iBAAiB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEhD,OAAO,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAY,IAAI,IAAI,IAAI,IAAI,KAAK,YAAY,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAErG,MAAM,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QACjE,MAAM,GAAG,GAAG,mBAAmB,EAAE,UAAU,CAAC,OAAO,CAAC;YACnD,CAAC,CAAC,MAAM,QAAQ,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC9C,CAAC,CAAC,SAAS,CAAC;QAEb,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;QAChC,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAEhC,
|
|
1
|
+
{"version":3,"file":"dpop.js","sourceRoot":"","sources":["../lib/dpop.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAEhG,MAAM,SAAS,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAW,CAAC;AAElE,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,IAAsB,EAAE;IAC1D,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;IAElF,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;IACpE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,GAAG,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;IAEvG,OAAO;QACN,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,WAAW,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;QACrC,GAAG,EAAE,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;KAC7F,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,MAAc,EAAE,OAAgB,EAAE,EAAE;IACrE,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC;IACjC,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IAE3G,MAAM,gBAAgB,GAAG,CACxB,MAAc,EACd,GAAW,EACX,KAAyB,EACzB,GAAuB,EACtB,EAAE;QACH,+EAA+E;QAC/E,MAAM,GAAG,GAAG,WAAW,CAAC,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QAEvD,MAAM,OAAO,GAAG;YACf,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,KAAK,CAAC;YAC5B,GAAG,EAAE,WAAW,CAAC,GAAG,CAAC;YACrB,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,GAAG;YACR,KAAK,EAAE,KAAK;YACZ,GAAG,EAAE,GAAG;SACR,CAAC;QAEF,OAAO,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAC7D,CAAC,CAAC;IAEF,OAAO,KAAK,EAAE,MAAc,EAAE,GAAW,EAAE,KAAyB,EAAE,GAAuB,EAAE,EAAE;QAChG,MAAM,aAAa,GAAG,gBAAgB,CAAC,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;QAEhE,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CACtC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAC5C,MAAM,UAAU,EAChB,OAAO,CAAC,MAAM,CAAC,YAAY,GAAG,GAAG,GAAG,aAAa,CAAC,CAClD,CAAC;QAEF,MAAM,eAAe,GAAG,WAAW,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;QAE5D,OAAO,YAAY,GAAG,GAAG,GAAG,aAAa,GAAG,GAAG,GAAG,eAAe,CAAC;IACnE,CAAC,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,MAAc,EAAE,OAAgB,EAAE,YAAsB,EAAgB,EAAE;IACzG,MAAM,MAAM,GAAG,QAAQ,CAAC,UAAU,CAAC;IACnC,MAAM,OAAO,GAAG,QAAQ,CAAC,YAAY,CAAC;IAEtC,MAAM,IAAI,GAAG,iBAAiB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEhD,OAAO,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAY,IAAI,IAAI,IAAI,IAAI,KAAK,YAAY,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAErG,MAAM,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QACjE,MAAM,GAAG,GAAG,mBAAmB,EAAE,UAAU,CAAC,OAAO,CAAC;YACnD,CAAC,CAAC,MAAM,QAAQ,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC9C,CAAC,CAAC,SAAS,CAAC;QAEb,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;QAChC,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAEhC,uEAAuE;QACvE,wEAAwE;QACxE,kBAAkB;QAClB,IAAI,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACnC,IAAI,QAAQ,EAAE,CAAC;YACd,MAAM,QAAQ,CAAC,OAAO,CAAC;YACvB,QAAQ,GAAG,SAAS,CAAC;QACtB,CAAC;QAED,gDAAgD;QAChD,IAAI,SAA6B,CAAC;QAClC,IAAI,CAAC;YACJ,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAChC,CAAC;QAAC,MAAM,CAAC;YACR,iEAAiE;QAClE,CAAC;QAED,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC7B,yEAAyE;YACzE,qCAAqC;YAErC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;QAC3D,CAAC;QAED,IAAI,SAAwB,CAAC;QAC7B,IAAI,CAAC;YACJ,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;YAC1D,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;YAEvC,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,CAAC;YAE1C,SAAS,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YACnD,IAAI,SAAS,KAAK,IAAI,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;gBACnD,yEAAyE;gBACzE,gDAAgD;gBAEhD,OAAO,YAAY,CAAC;YACrB,CAAC;YAED,4CAA4C;YAC5C,IAAI,CAAC;gBACJ,MAAM,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;YAC/B,CAAC;YAAC,MAAM,CAAC;gBACR,sBAAsB;YACvB,CAAC;YAED,MAAM,WAAW,GAAG,MAAM,mBAAmB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;YAC1E,IAAI,CAAC,WAAW,EAAE,CAAC;gBAClB,6DAA6D;gBAE7D,OAAO,YAAY,CAAC;YACrB,CAAC;YAED,IAAI,KAAK,KAAK,OAAO,IAAI,IAAI,EAAE,IAAI,YAAY,cAAc,EAAE,CAAC;gBAC/D,2EAA2E;gBAC3E,wEAAwE;gBACxE,2EAA2E;gBAC3E,6EAA6E;gBAE7E,OAAO,YAAY,CAAC;YACrB,CAAC;QACF,CAAC;gBAAS,CAAC;YACV,oCAAoC;YACpC,IAAI,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;gBACvB,QAAQ,CAAC,OAAO,EAAE,CAAC;YACpB,CAAC;QACF,CAAC;QAED,yEAAyE;QACzE,yDAAyD;QACzD,CAAC;YACA,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;YAC1D,MAAM,WAAW,GAAG,IAAI,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;YAC7C,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;YAE3C,OAAO,MAAM,KAAK,CAAC,WAAW,CAAC,CAAC;QACjC,CAAC;IACF,CAAC,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,mBAAmB,GAAG,KAAK,EAAE,QAAkB,EAAE,YAAsB,EAAoB,EAAE;IAClG,0DAA0D;IAC1D,iFAAiF;IACjF,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,KAAK,EAAE,CAAC;QAC1D,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC7B,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;YACzD,IAAI,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjC,OAAO,OAAO,CAAC,QAAQ,CAAC,wBAAwB,CAAC,CAAC;YACnD,CAAC;QACF,CAAC;IACF,CAAC;IAED,iFAAiF;IACjF,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,IAAI,EAAE,CAAC;QACzD,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,IAAI,kBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,kBAAkB,EAAE,CAAC;YAC5F,IAAI,CAAC;gBACJ,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,CAAC;gBAC3C,OAAO,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,EAAE,CAAC,OAAO,CAAC,KAAK,gBAAgB,CAAC;YACzE,CAAC;YAAC,MAAM,CAAC;gBACR,kEAAkE;gBAClE,OAAO,KAAK,CAAC;YACd,CAAC;QACF,CAAC;IACF,CAAC;IAED,OAAO,KAAK,CAAC;AACd,CAAC,CAAC"}
|
package/lib/dpop.ts
CHANGED
|
@@ -76,14 +76,16 @@ export const createDPoPFetch = (issuer: string, dpopKey: DPoPKey, isAuthServer?:
|
|
|
76
76
|
const { method, url } = request;
|
|
77
77
|
const { origin } = new URL(url);
|
|
78
78
|
|
|
79
|
-
//
|
|
80
|
-
//
|
|
79
|
+
// See if we have a pending promise for this origin, we'll await before
|
|
80
|
+
// proceeding with this request, next comment describes what the promise
|
|
81
|
+
// is meant to be.
|
|
81
82
|
let deferred = pending.get(origin);
|
|
82
83
|
if (deferred) {
|
|
83
84
|
await deferred.promise;
|
|
84
85
|
deferred = undefined;
|
|
85
86
|
}
|
|
86
87
|
|
|
88
|
+
// Get our persisted nonce value for this origin
|
|
87
89
|
let initNonce: string | undefined;
|
|
88
90
|
try {
|
|
89
91
|
initNonce = nonces.get(origin);
|
|
@@ -98,13 +100,14 @@ export const createDPoPFetch = (issuer: string, dpopKey: DPoPKey, isAuthServer?:
|
|
|
98
100
|
pending.set(origin, (deferred = Promise.withResolvers()));
|
|
99
101
|
}
|
|
100
102
|
|
|
103
|
+
let nextNonce: string | null;
|
|
101
104
|
try {
|
|
102
105
|
const initProof = await sign(method, url, initNonce, ath);
|
|
103
106
|
request.headers.set('dpop', initProof);
|
|
104
107
|
|
|
105
108
|
const initResponse = await fetch(request);
|
|
106
109
|
|
|
107
|
-
|
|
110
|
+
nextNonce = initResponse.headers.get('dpop-nonce');
|
|
108
111
|
if (nextNonce === null || nextNonce === initNonce) {
|
|
109
112
|
// No nonce was returned or it is the same as the one we sent. No need to
|
|
110
113
|
// update the nonce store, or retry the request.
|
|
@@ -134,12 +137,6 @@ export const createDPoPFetch = (issuer: string, dpopKey: DPoPKey, isAuthServer?:
|
|
|
134
137
|
|
|
135
138
|
return initResponse;
|
|
136
139
|
}
|
|
137
|
-
|
|
138
|
-
const nextProof = await sign(method, url, nextNonce, ath);
|
|
139
|
-
const nextRequest = new Request(input, init);
|
|
140
|
-
nextRequest.headers.set('dpop', nextProof);
|
|
141
|
-
|
|
142
|
-
return await fetch(nextRequest);
|
|
143
140
|
} finally {
|
|
144
141
|
// Now everyone can have their turn.
|
|
145
142
|
if (deferred) {
|
|
@@ -147,6 +144,16 @@ export const createDPoPFetch = (issuer: string, dpopKey: DPoPKey, isAuthServer?:
|
|
|
147
144
|
deferred.resolve();
|
|
148
145
|
}
|
|
149
146
|
}
|
|
147
|
+
|
|
148
|
+
// We got here because we were asked to retry the request (due to missing
|
|
149
|
+
// nonce value in the first request), let's do just that.
|
|
150
|
+
{
|
|
151
|
+
const nextProof = await sign(method, url, nextNonce, ath);
|
|
152
|
+
const nextRequest = new Request(input, init);
|
|
153
|
+
nextRequest.headers.set('dpop', nextProof);
|
|
154
|
+
|
|
155
|
+
return await fetch(nextRequest);
|
|
156
|
+
}
|
|
150
157
|
};
|
|
151
158
|
};
|
|
152
159
|
|