@atcute/oauth-browser-client 1.0.15 → 1.0.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/dpop.js +3 -2
- package/dist/dpop.js.map +1 -1
- package/dist/utils/runtime.d.ts +1 -3
- package/dist/utils/runtime.js +5 -25
- package/dist/utils/runtime.js.map +1 -1
- package/lib/dpop.ts +4 -2
- package/lib/utils/runtime.ts +6 -30
- package/package.json +4 -2
package/dist/dpop.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
|
+
import { fromBase64Url, toBase64Url } from '@atcute/multibase';
|
|
1
2
|
import { database } from './environment.js';
|
|
2
3
|
import { extractContentType } from './utils/response.js';
|
|
3
|
-
import { encoder,
|
|
4
|
+
import { encoder, generateJti, stringToSha256 } from './utils/runtime.js';
|
|
4
5
|
const ES256_ALG = { name: 'ECDSA', namedCurve: 'P-256' };
|
|
5
6
|
export const createES256Key = async () => {
|
|
6
7
|
const pair = await crypto.subtle.generateKey(ES256_ALG, true, ['sign', 'verify']);
|
|
@@ -42,7 +43,7 @@ export const createDPoPFetch = (issuer, dpopKey, isAuthServer) => {
|
|
|
42
43
|
const request = init == null && input instanceof Request ? input : new Request(input, init);
|
|
43
44
|
const authorizationHeader = request.headers.get('authorization');
|
|
44
45
|
const ath = authorizationHeader?.startsWith('DPoP ')
|
|
45
|
-
? await
|
|
46
|
+
? await stringToSha256(authorizationHeader.slice(5))
|
|
46
47
|
: undefined;
|
|
47
48
|
const { method, url } = request;
|
|
48
49
|
const { origin } = new URL(url);
|
package/dist/dpop.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dpop.js","sourceRoot":"","sources":["../lib/dpop.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"dpop.js","sourceRoot":"","sources":["../lib/dpop.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAE/D,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAE1E,MAAM,SAAS,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAW,CAAC;AAElE,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,IAAsB,EAAE;IAC1D,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;IAElF,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;IACpE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,GAAG,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;IAEvG,OAAO;QACN,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,WAAW,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;QACrC,GAAG,EAAE,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;KAC7F,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,MAAc,EAAE,OAAgB,EAAE,EAAE;IACrE,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC;IACjC,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IAE3G,MAAM,gBAAgB,GAAG,CACxB,MAAc,EACd,GAAW,EACX,KAAyB,EACzB,GAAuB,EACtB,EAAE;QACH,MAAM,OAAO,GAAG;YACf,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;YACnC,GAAG,EAAE,WAAW,EAAE;YAClB,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,GAAG;YACR,KAAK,EAAE,KAAK;YACZ,GAAG,EAAE,GAAG;SACR,CAAC;QAEF,OAAO,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAC7D,CAAC,CAAC;IAEF,OAAO,KAAK,EAAE,MAAc,EAAE,GAAW,EAAE,KAAyB,EAAE,GAAuB,EAAE,EAAE;QAChG,MAAM,aAAa,GAAG,gBAAgB,CAAC,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;QAEhE,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CACtC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAC5C,MAAM,UAAU,EAChB,OAAO,CAAC,MAAM,CAAC,YAAY,GAAG,GAAG,GAAG,aAAa,CAAC,CAClD,CAAC;QAEF,MAAM,eAAe,GAAG,WAAW,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;QAE5D,OAAO,YAAY,GAAG,GAAG,GAAG,aAAa,GAAG,GAAG,GAAG,eAAe,CAAC;IACnE,CAAC,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,MAAc,EAAE,OAAgB,EAAE,YAAsB,EAAgB,EAAE;IACzG,MAAM,MAAM,GAAG,QAAQ,CAAC,UAAU,CAAC;IACnC,MAAM,OAAO,GAAG,QAAQ,CAAC,YAAY,CAAC;IAEtC,MAAM,IAAI,GAAG,iBAAiB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEhD,OAAO,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAY,IAAI,IAAI,IAAI,IAAI,KAAK,YAAY,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAErG,MAAM,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QACjE,MAAM,GAAG,GAAG,mBAAmB,EAAE,UAAU,CAAC,OAAO,CAAC;YACnD,CAAC,CAAC,MAAM,cAAc,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACpD,CAAC,CAAC,SAAS,CAAC;QAEb,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;QAChC,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAEhC,uEAAuE;QACvE,wEAAwE;QACxE,kBAAkB;QAClB,IAAI,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACnC,IAAI,QAAQ,EAAE,CAAC;YACd,MAAM,QAAQ,CAAC,OAAO,CAAC;YACvB,QAAQ,GAAG,SAAS,CAAC;QACtB,CAAC;QAED,gDAAgD;QAChD,IAAI,SAA6B,CAAC;QAClC,IAAI,gBAAgB,GAAG,KAAK,CAAC;QAC7B,IAAI,CAAC;YACJ,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;YAErD,SAAS,GAAG,KAAK,CAAC;YAElB,wEAAwE;YACxE,4DAA4D;YAC5D,EAAE;YACF,0EAA0E;YAC1E,0EAA0E;YAC1E,wBAAwB;YACxB,EAAE;YACF,uEAAuE;YACvE,uEAAuE;YACvE,wEAAwE;YACxE,eAAe;YACf,EAAE;YACF,0EAA0E;YAC1E,kBAAkB;YAClB,gBAAgB,GAAG,MAAM,GAAG,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;YACR,iEAAiE;QAClE,CAAC;QAED,IAAI,gBAAgB,EAAE,CAAC;YACtB,mDAAmD;YACnD,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;QAC3D,CAAC;QAED,IAAI,SAAwB,CAAC;QAC7B,IAAI,CAAC;YACJ,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;YAC1D,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;YAEvC,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,CAAC;YAE1C,SAAS,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YACnD,IAAI,SAAS,KAAK,IAAI,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;gBACnD,yEAAyE;gBACzE,gDAAgD;gBAEhD,OAAO,YAAY,CAAC;YACrB,CAAC;YAED,4CAA4C;YAC5C,IAAI,CAAC;gBACJ,MAAM,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;YAC/B,CAAC;YAAC,MAAM,CAAC;gBACR,sBAAsB;YACvB,CAAC;YAED,MAAM,WAAW,GAAG,MAAM,mBAAmB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;YAC1E,IAAI,CAAC,WAAW,EAAE,CAAC;gBAClB,6DAA6D;gBAE7D,OAAO,YAAY,CAAC;YACrB,CAAC;YAED,IAAI,KAAK,KAAK,OAAO,IAAI,IAAI,EAAE,IAAI,YAAY,cAAc,EAAE,CAAC;gBAC/D,2EAA2E;gBAC3E,wEAAwE;gBACxE,2EAA2E;gBAC3E,6EAA6E;gBAE7E,OAAO,YAAY,CAAC;YACrB,CAAC;QACF,CAAC;gBAAS,CAAC;YACV,oCAAoC;YACpC,IAAI,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;gBACvB,QAAQ,CAAC,OAAO,EAAE,CAAC;YACpB,CAAC;QACF,CAAC;QAED,yEAAyE;QACzE,yDAAyD;QACzD,CAAC;YACA,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;YAC1D,MAAM,WAAW,GAAG,IAAI,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;YAC7C,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;YAE3C,OAAO,MAAM,KAAK,CAAC,WAAW,CAAC,CAAC;QACjC,CAAC;IACF,CAAC,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,mBAAmB,GAAG,KAAK,EAAE,QAAkB,EAAE,YAAsB,EAAoB,EAAE;IAClG,0DAA0D;IAC1D,iFAAiF;IACjF,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,KAAK,EAAE,CAAC;QAC1D,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC7B,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;YACzD,IAAI,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjC,OAAO,OAAO,CAAC,QAAQ,CAAC,wBAAwB,CAAC,CAAC;YACnD,CAAC;QACF,CAAC;IACF,CAAC;IAED,iFAAiF;IACjF,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,IAAI,EAAE,CAAC;QACzD,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,IAAI,kBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,kBAAkB,EAAE,CAAC;YAC5F,IAAI,CAAC;gBACJ,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,CAAC;gBAC3C,OAAO,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,EAAE,CAAC,OAAO,CAAC,KAAK,gBAAgB,CAAC;YACzE,CAAC;YAAC,MAAM,CAAC;gBACR,kEAAkE;gBAClE,OAAO,KAAK,CAAC;YACd,CAAC;QACF,CAAC;IACF,CAAC;IAED,OAAO,KAAK,CAAC;AACd,CAAC,CAAC"}
|
package/dist/utils/runtime.d.ts
CHANGED
|
@@ -1,8 +1,6 @@
|
|
|
1
1
|
export declare const encoder: TextEncoder;
|
|
2
2
|
export declare const locks: LockManager | undefined;
|
|
3
|
-
export declare const
|
|
4
|
-
export declare const fromBase64Url: (input: string) => Uint8Array;
|
|
5
|
-
export declare const toSha256: (input: string) => Promise<string>;
|
|
3
|
+
export declare const stringToSha256: (input: string) => Promise<string>;
|
|
6
4
|
export declare const randomBytes: (length: number) => string;
|
|
7
5
|
export declare const generateState: () => string;
|
|
8
6
|
export declare const generatePKCE: () => Promise<{
|
package/dist/utils/runtime.js
CHANGED
|
@@ -1,30 +1,10 @@
|
|
|
1
|
+
import { toBase64Url } from '@atcute/multibase';
|
|
2
|
+
import { toSha256 } from '@atcute/uint8array';
|
|
1
3
|
export const encoder = new TextEncoder();
|
|
2
4
|
export const locks = typeof navigator !== 'undefined' ? navigator.locks : undefined;
|
|
3
|
-
export const
|
|
4
|
-
const CHUNK_SIZE = 0x8000;
|
|
5
|
-
const arr = [];
|
|
6
|
-
for (let i = 0; i < input.byteLength; i += CHUNK_SIZE) {
|
|
7
|
-
// @ts-expect-error
|
|
8
|
-
arr.push(String.fromCharCode.apply(null, input.subarray(i, i + CHUNK_SIZE)));
|
|
9
|
-
}
|
|
10
|
-
return btoa(arr.join('')).replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_');
|
|
11
|
-
};
|
|
12
|
-
export const fromBase64Url = (input) => {
|
|
13
|
-
try {
|
|
14
|
-
const binary = atob(input.replace(/-/g, '+').replace(/_/g, '/').replace(/\s/g, ''));
|
|
15
|
-
const bytes = new Uint8Array(binary.length);
|
|
16
|
-
for (let i = 0; i < binary.length; i++) {
|
|
17
|
-
bytes[i] = binary.charCodeAt(i);
|
|
18
|
-
}
|
|
19
|
-
return bytes;
|
|
20
|
-
}
|
|
21
|
-
catch (err) {
|
|
22
|
-
throw new TypeError(`invalid base64url`, { cause: err });
|
|
23
|
-
}
|
|
24
|
-
};
|
|
25
|
-
export const toSha256 = async (input) => {
|
|
5
|
+
export const stringToSha256 = async (input) => {
|
|
26
6
|
const bytes = encoder.encode(input);
|
|
27
|
-
const digest = await
|
|
7
|
+
const digest = await toSha256(bytes);
|
|
28
8
|
return toBase64Url(new Uint8Array(digest));
|
|
29
9
|
};
|
|
30
10
|
export const randomBytes = (length) => {
|
|
@@ -37,7 +17,7 @@ export const generatePKCE = async () => {
|
|
|
37
17
|
const verifier = randomBytes(32);
|
|
38
18
|
return {
|
|
39
19
|
verifier: verifier,
|
|
40
|
-
challenge: await
|
|
20
|
+
challenge: await stringToSha256(verifier),
|
|
41
21
|
method: 'S256',
|
|
42
22
|
};
|
|
43
23
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"runtime.js","sourceRoot":"","sources":["../../lib/utils/runtime.ts"],"names":[],"mappings":"AAAA,
|
|
1
|
+
{"version":3,"file":"runtime.js","sourceRoot":"","sources":["../../lib/utils/runtime.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAE9C,MAAM,CAAC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;AAEzC,MAAM,CAAC,MAAM,KAAK,GAA4B,OAAO,SAAS,KAAK,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AAE7G,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,EAAE,KAAa,EAAmB,EAAE;IACtE,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACpC,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,CAAC;IAErC,OAAO,WAAW,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;AAC5C,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,MAAc,EAAU,EAAE;IACrD,OAAO,WAAW,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AACpE,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,aAAa,GAAG,GAAW,EAAE;IACzC,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC;AACxB,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,YAAY,GAAG,KAAK,IAAsE,EAAE;IACxG,MAAM,QAAQ,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;IAEjC,OAAO;QACN,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,MAAM,cAAc,CAAC,QAAQ,CAAC;QACzC,MAAM,EAAE,MAAM;KACd,CAAC;AACH,CAAC,CAAC;AAEF,IAAI,aAAa,GAAG,CAAC,CAAC;AACtB,IAAI,YAAgC,CAAC;AACrC,MAAM,CAAC,MAAM,WAAW,GAAG,GAAW,EAAE;IACvC,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;QAChC,MAAM,MAAM,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC;QAC7D,YAAY,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACvC,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAAE,aAAa,CAAC,CAAC;IAC9D,aAAa,GAAG,SAAS,GAAG,CAAC,CAAC;IAE9B,OAAO,GAAG,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,YAAY,EAAE,CAAC;AACpD,CAAC,CAAC"}
|
package/lib/dpop.ts
CHANGED
|
@@ -1,7 +1,9 @@
|
|
|
1
|
+
import { fromBase64Url, toBase64Url } from '@atcute/multibase';
|
|
2
|
+
|
|
1
3
|
import { database } from './environment.js';
|
|
2
4
|
import type { DPoPKey } from './types/dpop.js';
|
|
3
5
|
import { extractContentType } from './utils/response.js';
|
|
4
|
-
import { encoder,
|
|
6
|
+
import { encoder, generateJti, stringToSha256 } from './utils/runtime.js';
|
|
5
7
|
|
|
6
8
|
const ES256_ALG = { name: 'ECDSA', namedCurve: 'P-256' } as const;
|
|
7
9
|
|
|
@@ -67,7 +69,7 @@ export const createDPoPFetch = (issuer: string, dpopKey: DPoPKey, isAuthServer?:
|
|
|
67
69
|
|
|
68
70
|
const authorizationHeader = request.headers.get('authorization');
|
|
69
71
|
const ath = authorizationHeader?.startsWith('DPoP ')
|
|
70
|
-
? await
|
|
72
|
+
? await stringToSha256(authorizationHeader.slice(5))
|
|
71
73
|
: undefined;
|
|
72
74
|
|
|
73
75
|
const { method, url } = request;
|
package/lib/utils/runtime.ts
CHANGED
|
@@ -1,37 +1,13 @@
|
|
|
1
|
+
import { toBase64Url } from '@atcute/multibase';
|
|
2
|
+
import { toSha256 } from '@atcute/uint8array';
|
|
3
|
+
|
|
1
4
|
export const encoder = new TextEncoder();
|
|
2
5
|
|
|
3
6
|
export const locks: LockManager | undefined = typeof navigator !== 'undefined' ? navigator.locks : undefined;
|
|
4
7
|
|
|
5
|
-
export const
|
|
6
|
-
const CHUNK_SIZE = 0x8000;
|
|
7
|
-
const arr = [];
|
|
8
|
-
|
|
9
|
-
for (let i = 0; i < input.byteLength; i += CHUNK_SIZE) {
|
|
10
|
-
// @ts-expect-error
|
|
11
|
-
arr.push(String.fromCharCode.apply(null, input.subarray(i, i + CHUNK_SIZE)));
|
|
12
|
-
}
|
|
13
|
-
|
|
14
|
-
return btoa(arr.join('')).replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_');
|
|
15
|
-
};
|
|
16
|
-
|
|
17
|
-
export const fromBase64Url = (input: string): Uint8Array => {
|
|
18
|
-
try {
|
|
19
|
-
const binary = atob(input.replace(/-/g, '+').replace(/_/g, '/').replace(/\s/g, ''));
|
|
20
|
-
const bytes = new Uint8Array(binary.length);
|
|
21
|
-
|
|
22
|
-
for (let i = 0; i < binary.length; i++) {
|
|
23
|
-
bytes[i] = binary.charCodeAt(i);
|
|
24
|
-
}
|
|
25
|
-
|
|
26
|
-
return bytes;
|
|
27
|
-
} catch (err) {
|
|
28
|
-
throw new TypeError(`invalid base64url`, { cause: err });
|
|
29
|
-
}
|
|
30
|
-
};
|
|
31
|
-
|
|
32
|
-
export const toSha256 = async (input: string): Promise<string> => {
|
|
8
|
+
export const stringToSha256 = async (input: string): Promise<string> => {
|
|
33
9
|
const bytes = encoder.encode(input);
|
|
34
|
-
const digest = await
|
|
10
|
+
const digest = await toSha256(bytes);
|
|
35
11
|
|
|
36
12
|
return toBase64Url(new Uint8Array(digest));
|
|
37
13
|
};
|
|
@@ -49,7 +25,7 @@ export const generatePKCE = async (): Promise<{ verifier: string; challenge: str
|
|
|
49
25
|
|
|
50
26
|
return {
|
|
51
27
|
verifier: verifier,
|
|
52
|
-
challenge: await
|
|
28
|
+
challenge: await stringToSha256(verifier),
|
|
53
29
|
method: 'S256',
|
|
54
30
|
};
|
|
55
31
|
};
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"type": "module",
|
|
3
3
|
"name": "@atcute/oauth-browser-client",
|
|
4
|
-
"version": "1.0.
|
|
4
|
+
"version": "1.0.16",
|
|
5
5
|
"description": "minimal OAuth browser client implementation for AT Protocol",
|
|
6
6
|
"license": "MIT",
|
|
7
7
|
"repository": {
|
|
@@ -19,7 +19,9 @@
|
|
|
19
19
|
},
|
|
20
20
|
"sideEffects": false,
|
|
21
21
|
"dependencies": {
|
|
22
|
-
"@atcute/
|
|
22
|
+
"@atcute/uint8array": "^1.0.1",
|
|
23
|
+
"@atcute/multibase": "^1.1.2",
|
|
24
|
+
"@atcute/client": "^2.0.9"
|
|
23
25
|
},
|
|
24
26
|
"devDependencies": {
|
|
25
27
|
"@types/bun": "^1.2.1"
|