@atcute/oauth-types 0.1.0 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +6 -5
- package/dist/build-client-metadata.d.ts +18 -160
- package/dist/build-client-metadata.d.ts.map +1 -1
- package/dist/build-client-metadata.js +73 -3
- package/dist/build-client-metadata.js.map +1 -1
- package/dist/index.d.ts +31 -30
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -1
- package/dist/index.js.map +1 -1
- package/dist/schemas/atcute-client-shared.d.ts +8 -0
- package/dist/schemas/atcute-client-shared.d.ts.map +1 -0
- package/dist/schemas/atcute-client-shared.js +15 -0
- package/dist/schemas/atcute-client-shared.js.map +1 -0
- package/dist/schemas/atcute-confidential-client-metadata.d.ts +228 -4
- package/dist/schemas/atcute-confidential-client-metadata.d.ts.map +1 -1
- package/dist/schemas/atcute-confidential-client-metadata.js +48 -88
- package/dist/schemas/atcute-confidential-client-metadata.js.map +1 -1
- package/dist/schemas/atcute-public-client-metadata.d.ts +95 -0
- package/dist/schemas/atcute-public-client-metadata.d.ts.map +1 -0
- package/dist/schemas/atcute-public-client-metadata.js +74 -0
- package/dist/schemas/atcute-public-client-metadata.js.map +1 -0
- package/dist/schemas/atproto-authorization-server-metadata.d.ts +786 -4
- package/dist/schemas/atproto-authorization-server-metadata.d.ts.map +1 -1
- package/dist/schemas/atproto-authorization-server-metadata.js +2 -18
- package/dist/schemas/atproto-authorization-server-metadata.js.map +1 -1
- package/dist/schemas/atproto-oauth-scope.d.ts +3 -3
- package/dist/schemas/atproto-oauth-scope.d.ts.map +1 -1
- package/dist/schemas/atproto-oauth-scope.js +2 -2
- package/dist/schemas/atproto-oauth-scope.js.map +1 -1
- package/dist/schemas/atproto-oauth-token-response.d.ts +17 -17
- package/dist/schemas/atproto-oauth-token-response.d.ts.map +1 -1
- package/dist/schemas/atproto-oauth-token-response.js +6 -6
- package/dist/schemas/atproto-oauth-token-response.js.map +1 -1
- package/dist/schemas/atproto-protected-resource-metadata.d.ts +100 -4
- package/dist/schemas/atproto-protected-resource-metadata.d.ts.map +1 -1
- package/dist/schemas/atproto-protected-resource-metadata.js +2 -11
- package/dist/schemas/atproto-protected-resource-metadata.js.map +1 -1
- package/dist/schemas/jwk.d.ts +4289 -42
- package/dist/schemas/jwk.d.ts.map +1 -1
- package/dist/schemas/jwk.js +58 -91
- package/dist/schemas/jwk.js.map +1 -1
- package/dist/schemas/jwks.d.ts +87 -42
- package/dist/schemas/jwks.d.ts.map +1 -1
- package/dist/schemas/jwks.js +13 -29
- package/dist/schemas/jwks.js.map +1 -1
- package/dist/schemas/oauth-authorization-details.d.ts +18 -18
- package/dist/schemas/oauth-authorization-details.d.ts.map +1 -1
- package/dist/schemas/oauth-authorization-details.js +7 -7
- package/dist/schemas/oauth-authorization-details.js.map +1 -1
- package/dist/schemas/oauth-authorization-server-metadata.d.ts +462 -48
- package/dist/schemas/oauth-authorization-server-metadata.d.ts.map +1 -1
- package/dist/schemas/oauth-authorization-server-metadata.js +46 -65
- package/dist/schemas/oauth-authorization-server-metadata.js.map +1 -1
- package/dist/schemas/oauth-client-id-discoverable.d.ts +2 -2
- package/dist/schemas/oauth-client-id-discoverable.d.ts.map +1 -1
- package/dist/schemas/oauth-client-id-discoverable.js +20 -22
- package/dist/schemas/oauth-client-id-discoverable.js.map +1 -1
- package/dist/schemas/oauth-client-id.d.ts +3 -3
- package/dist/schemas/oauth-client-id.d.ts.map +1 -1
- package/dist/schemas/oauth-client-id.js +2 -2
- package/dist/schemas/oauth-client-id.js.map +1 -1
- package/dist/schemas/oauth-client-metadata.d.ts +73 -51
- package/dist/schemas/oauth-client-metadata.d.ts.map +1 -1
- package/dist/schemas/oauth-client-metadata.js +33 -40
- package/dist/schemas/oauth-client-metadata.js.map +1 -1
- package/dist/schemas/oauth-code-challenge-method.d.ts +3 -3
- package/dist/schemas/oauth-code-challenge-method.d.ts.map +1 -1
- package/dist/schemas/oauth-code-challenge-method.js +2 -2
- package/dist/schemas/oauth-code-challenge-method.js.map +1 -1
- package/dist/schemas/oauth-endpoint-auth-method.d.ts +3 -3
- package/dist/schemas/oauth-endpoint-auth-method.d.ts.map +1 -1
- package/dist/schemas/oauth-endpoint-auth-method.js +10 -2
- package/dist/schemas/oauth-endpoint-auth-method.js.map +1 -1
- package/dist/schemas/oauth-grant-type.d.ts +3 -3
- package/dist/schemas/oauth-grant-type.d.ts.map +1 -1
- package/dist/schemas/oauth-grant-type.js +10 -3
- package/dist/schemas/oauth-grant-type.js.map +1 -1
- package/dist/schemas/oauth-issuer-identifier.d.ts +3 -3
- package/dist/schemas/oauth-issuer-identifier.d.ts.map +1 -1
- package/dist/schemas/oauth-issuer-identifier.js +16 -9
- package/dist/schemas/oauth-issuer-identifier.js.map +1 -1
- package/dist/schemas/oauth-par-response.d.ts +5 -5
- package/dist/schemas/oauth-par-response.d.ts.map +1 -1
- package/dist/schemas/oauth-par-response.js +3 -3
- package/dist/schemas/oauth-par-response.js.map +1 -1
- package/dist/schemas/oauth-prompt.d.ts +3 -3
- package/dist/schemas/oauth-prompt.d.ts.map +1 -1
- package/dist/schemas/oauth-prompt.js +2 -2
- package/dist/schemas/oauth-prompt.js.map +1 -1
- package/dist/schemas/oauth-protected-resource-metadata.d.ts +88 -16
- package/dist/schemas/oauth-protected-resource-metadata.d.ts.map +1 -1
- package/dist/schemas/oauth-protected-resource-metadata.js +14 -26
- package/dist/schemas/oauth-protected-resource-metadata.js.map +1 -1
- package/dist/schemas/oauth-redirect-uri.d.ts +5 -5
- package/dist/schemas/oauth-redirect-uri.d.ts.map +1 -1
- package/dist/schemas/oauth-redirect-uri.js +3 -16
- package/dist/schemas/oauth-redirect-uri.js.map +1 -1
- package/dist/schemas/oauth-response-mode.d.ts +3 -3
- package/dist/schemas/oauth-response-mode.d.ts.map +1 -1
- package/dist/schemas/oauth-response-mode.js +2 -2
- package/dist/schemas/oauth-response-mode.js.map +1 -1
- package/dist/schemas/oauth-response-type.d.ts +3 -3
- package/dist/schemas/oauth-response-type.d.ts.map +1 -1
- package/dist/schemas/oauth-response-type.js +13 -7
- package/dist/schemas/oauth-response-type.js.map +1 -1
- package/dist/schemas/oauth-scope.d.ts +3 -3
- package/dist/schemas/oauth-scope.d.ts.map +1 -1
- package/dist/schemas/oauth-scope.js +2 -2
- package/dist/schemas/oauth-scope.js.map +1 -1
- package/dist/schemas/oauth-token-response.d.ts +17 -17
- package/dist/schemas/oauth-token-response.d.ts.map +1 -1
- package/dist/schemas/oauth-token-response.js +7 -7
- package/dist/schemas/oauth-token-response.js.map +1 -1
- package/dist/schemas/oauth-token-type.d.ts +3 -3
- package/dist/schemas/oauth-token-type.d.ts.map +1 -1
- package/dist/schemas/oauth-token-type.js +8 -7
- package/dist/schemas/oauth-token-type.js.map +1 -1
- package/dist/schemas/uri.d.ts +7 -7
- package/dist/schemas/uri.d.ts.map +1 -1
- package/dist/schemas/uri.js +44 -44
- package/dist/schemas/uri.js.map +1 -1
- package/dist/schemas/utils.d.ts.map +1 -1
- package/dist/schemas/utils.js.map +1 -1
- package/dist/scope.d.ts.map +1 -1
- package/dist/scope.js.map +1 -1
- package/lib/build-client-metadata.ts +92 -6
- package/lib/index.ts +38 -30
- package/lib/schemas/atcute-client-shared.ts +25 -0
- package/lib/schemas/atcute-confidential-client-metadata.ts +81 -111
- package/lib/schemas/atcute-public-client-metadata.ts +101 -0
- package/lib/schemas/atproto-authorization-server-metadata.ts +22 -23
- package/lib/schemas/atproto-oauth-scope.ts +8 -5
- package/lib/schemas/atproto-oauth-token-response.ts +10 -9
- package/lib/schemas/atproto-protected-resource-metadata.ts +15 -15
- package/lib/schemas/jwk.ts +104 -120
- package/lib/schemas/jwks.ts +28 -40
- package/lib/schemas/oauth-authorization-details.ts +10 -10
- package/lib/schemas/oauth-authorization-server-metadata.ts +72 -74
- package/lib/schemas/oauth-client-id-discoverable.ts +43 -48
- package/lib/schemas/oauth-client-id.ts +3 -3
- package/lib/schemas/oauth-client-metadata.ts +45 -49
- package/lib/schemas/oauth-code-challenge-method.ts +3 -3
- package/lib/schemas/oauth-endpoint-auth-method.ts +11 -11
- package/lib/schemas/oauth-grant-type.ts +11 -11
- package/lib/schemas/oauth-issuer-identifier.ts +35 -27
- package/lib/schemas/oauth-par-response.ts +4 -4
- package/lib/schemas/oauth-prompt.ts +3 -9
- package/lib/schemas/oauth-protected-resource-metadata.ts +26 -35
- package/lib/schemas/oauth-redirect-uri.ts +15 -23
- package/lib/schemas/oauth-response-mode.ts +3 -7
- package/lib/schemas/oauth-response-type.ts +12 -12
- package/lib/schemas/oauth-scope.ts +3 -3
- package/lib/schemas/oauth-token-response.ts +10 -10
- package/lib/schemas/oauth-token-type.ts +16 -12
- package/lib/schemas/uri.ts +89 -76
- package/package.json +9 -8
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwk.d.ts","sourceRoot":"","sources":["../../lib/schemas/jwk.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,
|
|
1
|
+
{"version":3,"file":"jwk.d.ts","sourceRoot":"","sources":["../../lib/schemas/jwk.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAsB7B,eAAO,MAAM,cAAc,mIAAwB,CAAC;AAEpD,eAAO,MAAM,oBAAoB,wEAA+B,CAAC;AAiGjE,qCAAqC;AACrC,eAAO,MAAM,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MA6BrB,CAAC;AAEF,wDAAwD;AACxD,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAcxB,CAAC;AAEF,MAAM,MAAM,QAAQ,GAAG,CAAC,CAAC,WAAW,CAAC,OAAO,cAAc,CAAC,CAAC;AAC5D,MAAM,MAAM,GAAG,GAAG,CAAC,CAAC,WAAW,CAAC,OAAO,SAAS,CAAC,CAAC;AAClD,MAAM,MAAM,MAAM,GAAG,CAAC,CAAC,WAAW,CAAC,OAAO,YAAY,CAAC,CAAC"}
|
package/dist/schemas/jwk.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import * as v from '
|
|
1
|
+
import * as v from 'valibot';
|
|
2
2
|
import { isLastOccurrence } from './utils.js';
|
|
3
3
|
// key usage constants
|
|
4
4
|
const PUBLIC_KEY_USAGE = ['verify', 'encrypt', 'wrapKey'];
|
|
@@ -12,79 +12,78 @@ const isPrivateKeyUsage = (usage) => {
|
|
|
12
12
|
};
|
|
13
13
|
const isSigKeyUsage = (v) => v === 'verify';
|
|
14
14
|
const isEncKeyUsage = (v) => v === 'encrypt' || v === 'wrapKey';
|
|
15
|
-
export const keyUsageSchema = v.
|
|
16
|
-
export const publicKeyUsageSchema = v.
|
|
17
|
-
const
|
|
15
|
+
export const keyUsageSchema = v.picklist(KEY_USAGE);
|
|
16
|
+
export const publicKeyUsageSchema = v.picklist(PUBLIC_KEY_USAGE);
|
|
17
|
+
const jwkBaseEntries = {
|
|
18
18
|
kty: v.string(),
|
|
19
|
-
alg: v.
|
|
20
|
-
kid: v.
|
|
21
|
-
use: v.
|
|
22
|
-
key_ops: v.array(keyUsageSchema)
|
|
19
|
+
alg: v.optional(v.string()),
|
|
20
|
+
kid: v.optional(v.string()),
|
|
21
|
+
use: v.optional(v.picklist(['sig', 'enc'])),
|
|
22
|
+
key_ops: v.optional(v.array(keyUsageSchema)),
|
|
23
23
|
// X.509
|
|
24
|
-
x5c: v.array(v.string())
|
|
25
|
-
x5t: v.
|
|
26
|
-
'x5t#S256': v.
|
|
27
|
-
x5u: v.
|
|
24
|
+
x5c: v.optional(v.array(v.string())),
|
|
25
|
+
x5t: v.optional(v.string()),
|
|
26
|
+
'x5t#S256': v.optional(v.string()),
|
|
27
|
+
x5u: v.optional(v.string()),
|
|
28
28
|
// WebCrypto
|
|
29
|
-
ext: v.
|
|
29
|
+
ext: v.optional(v.boolean()),
|
|
30
30
|
// Federation Historical Keys Response
|
|
31
|
-
iat: v.
|
|
32
|
-
exp: v.
|
|
33
|
-
nbf: v.
|
|
34
|
-
revoked: v
|
|
35
|
-
.object({
|
|
31
|
+
iat: v.optional(v.number()),
|
|
32
|
+
exp: v.optional(v.number()),
|
|
33
|
+
nbf: v.optional(v.number()),
|
|
34
|
+
revoked: v.optional(v.looseObject({
|
|
36
35
|
revoked_at: v.number(),
|
|
37
|
-
reason: v.
|
|
38
|
-
})
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
36
|
+
reason: v.optional(v.string()),
|
|
37
|
+
})),
|
|
38
|
+
};
|
|
39
|
+
const jwkRsaKeySchema = v.looseObject({
|
|
40
|
+
...jwkBaseEntries,
|
|
42
41
|
kty: v.literal('RSA'),
|
|
43
|
-
alg: v
|
|
44
|
-
.union(v.literal('RS256'), v.literal('RS384'), v.literal('RS512'), v.literal('PS256'), v.literal('PS384'), v.literal('PS512'))
|
|
45
|
-
.optional(),
|
|
42
|
+
alg: v.optional(v.picklist(['RS256', 'RS384', 'RS512', 'PS256', 'PS384', 'PS512'])),
|
|
46
43
|
n: v.string(),
|
|
47
44
|
e: v.string(),
|
|
48
|
-
d: v.
|
|
49
|
-
p: v.
|
|
50
|
-
q: v.
|
|
51
|
-
dp: v.
|
|
52
|
-
dq: v.
|
|
53
|
-
qi: v.
|
|
54
|
-
oth: v
|
|
55
|
-
.
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
}))
|
|
60
|
-
.optional(),
|
|
45
|
+
d: v.optional(v.string()),
|
|
46
|
+
p: v.optional(v.string()),
|
|
47
|
+
q: v.optional(v.string()),
|
|
48
|
+
dp: v.optional(v.string()),
|
|
49
|
+
dq: v.optional(v.string()),
|
|
50
|
+
qi: v.optional(v.string()),
|
|
51
|
+
oth: v.optional(v.array(v.looseObject({
|
|
52
|
+
r: v.optional(v.string()),
|
|
53
|
+
d: v.optional(v.string()),
|
|
54
|
+
t: v.optional(v.string()),
|
|
55
|
+
}))),
|
|
61
56
|
});
|
|
62
|
-
const jwkEcKeySchema =
|
|
57
|
+
const jwkEcKeySchema = v.looseObject({
|
|
58
|
+
...jwkBaseEntries,
|
|
63
59
|
kty: v.literal('EC'),
|
|
64
|
-
alg: v.
|
|
65
|
-
crv: v.
|
|
60
|
+
alg: v.optional(v.picklist(['ES256', 'ES384', 'ES512'])),
|
|
61
|
+
crv: v.picklist(['P-256', 'P-384', 'P-521']),
|
|
66
62
|
x: v.string(),
|
|
67
63
|
y: v.string(),
|
|
68
|
-
d: v.
|
|
64
|
+
d: v.optional(v.string()),
|
|
69
65
|
});
|
|
70
|
-
const jwkEcSecp256k1KeySchema =
|
|
66
|
+
const jwkEcSecp256k1KeySchema = v.looseObject({
|
|
67
|
+
...jwkBaseEntries,
|
|
71
68
|
kty: v.literal('EC'),
|
|
72
|
-
alg: v.literal('ES256K')
|
|
69
|
+
alg: v.optional(v.literal('ES256K')),
|
|
73
70
|
crv: v.literal('secp256k1'),
|
|
74
71
|
x: v.string(),
|
|
75
72
|
y: v.string(),
|
|
76
|
-
d: v.
|
|
73
|
+
d: v.optional(v.string()),
|
|
77
74
|
});
|
|
78
|
-
const jwkOkpKeySchema =
|
|
75
|
+
const jwkOkpKeySchema = v.looseObject({
|
|
76
|
+
...jwkBaseEntries,
|
|
79
77
|
kty: v.literal('OKP'),
|
|
80
|
-
alg: v.literal('EdDSA')
|
|
81
|
-
crv: v.
|
|
78
|
+
alg: v.optional(v.literal('EdDSA')),
|
|
79
|
+
crv: v.picklist(['Ed25519', 'Ed448']),
|
|
82
80
|
x: v.string(),
|
|
83
|
-
d: v.
|
|
81
|
+
d: v.optional(v.string()),
|
|
84
82
|
});
|
|
85
|
-
const jwkSymKeySchema =
|
|
83
|
+
const jwkSymKeySchema = v.looseObject({
|
|
84
|
+
...jwkBaseEntries,
|
|
86
85
|
kty: v.literal('oct'),
|
|
87
|
-
alg: v.
|
|
86
|
+
alg: v.optional(v.picklist(['HS256', 'HS384', 'HS512'])),
|
|
88
87
|
k: v.string(),
|
|
89
88
|
});
|
|
90
89
|
const hasPrivateSecret = (jwk) => {
|
|
@@ -94,45 +93,13 @@ const isPublicJwk = (jwk) => {
|
|
|
94
93
|
return !hasPrivateSecret(jwk);
|
|
95
94
|
};
|
|
96
95
|
/** JWK schema for known key types */
|
|
97
|
-
export const jwkSchema = v
|
|
98
|
-
.
|
|
99
|
-
|
|
100
|
-
// "use" can only be used with public keys
|
|
101
|
-
if (k.use != null && !isPublicJwk(k)) {
|
|
102
|
-
return v.err({ message: `"use" can only be used with public keys`, path: ['use'] });
|
|
103
|
-
}
|
|
104
|
-
// private key usage not allowed for public keys
|
|
105
|
-
if (k.key_ops?.some(isPrivateKeyUsage) && isPublicJwk(k)) {
|
|
106
|
-
return v.err({ message: `private key usage not allowed for public keys`, path: ['key_ops'] });
|
|
107
|
-
}
|
|
108
|
-
// key_ops must not contain duplicates
|
|
109
|
-
if (k.key_ops && !k.key_ops.every(isLastOccurrence)) {
|
|
110
|
-
return v.err({ message: `key_ops must not contain duplicates`, path: ['key_ops'] });
|
|
111
|
-
}
|
|
112
|
-
// "use" and "key_ops" must be consistent
|
|
113
|
-
if (k.use != null && k.key_ops != null) {
|
|
114
|
-
const consistent = (k.use === 'sig' && k.key_ops.every(isSigKeyUsage)) ||
|
|
115
|
-
(k.use === 'enc' && k.key_ops.every(isEncKeyUsage));
|
|
116
|
-
if (!consistent) {
|
|
117
|
-
return v.err({ message: `"key_ops" must be consistent with "use"`, path: ['key_ops'] });
|
|
118
|
-
}
|
|
96
|
+
export const jwkSchema = v.pipe(v.union([jwkRsaKeySchema, jwkEcKeySchema, jwkEcSecp256k1KeySchema, jwkOkpKeySchema, jwkSymKeySchema]), v.forward(v.check((k) => k.use == null || isPublicJwk(k), `"use" can only be used with public keys`), ['use']), v.forward(v.check((k) => !(k.key_ops?.some(isPrivateKeyUsage) && isPublicJwk(k)), `private key usage not allowed for public keys`), ['key_ops']), v.forward(v.check((k) => !k.key_ops || k.key_ops.every(isLastOccurrence), `key_ops must not contain duplicates`), ['key_ops']), v.forward(v.check((k) => {
|
|
97
|
+
if (k.use == null || k.key_ops == null) {
|
|
98
|
+
return true;
|
|
119
99
|
}
|
|
120
|
-
return
|
|
121
|
-
|
|
100
|
+
return ((k.use === 'sig' && k.key_ops.every(isSigKeyUsage)) ||
|
|
101
|
+
(k.use === 'enc' && k.key_ops.every(isEncKeyUsage)));
|
|
102
|
+
}, `"key_ops" must be consistent with "use"`), ['key_ops']));
|
|
122
103
|
/** public JWK schema (kid required, no private keys) */
|
|
123
|
-
export const jwkPubSchema = jwkSchema.
|
|
124
|
-
if (k.kid == null) {
|
|
125
|
-
return v.err({ message: `"kid" is required`, path: ['kid'] });
|
|
126
|
-
}
|
|
127
|
-
if (!isPublicJwk(k)) {
|
|
128
|
-
return v.err({ message: `private key not allowed` });
|
|
129
|
-
}
|
|
130
|
-
if (k.key_ops && !k.key_ops.every(isPublicKeyUsage)) {
|
|
131
|
-
return v.err({
|
|
132
|
-
message: `"key_ops" must not contain private key usage for public keys`,
|
|
133
|
-
path: ['key_ops'],
|
|
134
|
-
});
|
|
135
|
-
}
|
|
136
|
-
return v.ok(k);
|
|
137
|
-
});
|
|
104
|
+
export const jwkPubSchema = v.pipe(jwkSchema, v.forward(v.check((k) => k.kid != null, `"kid" is required`), ['kid']), v.check((k) => isPublicJwk(k), `private key not allowed`), v.forward(v.check((k) => !k.key_ops || k.key_ops.every(isPublicKeyUsage), `"key_ops" must not contain private key usage for public keys`), ['key_ops']));
|
|
138
105
|
//# sourceMappingURL=jwk.js.map
|
package/dist/schemas/jwk.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwk.js","sourceRoot":"","sources":["../../lib/schemas/jwk.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,
|
|
1
|
+
{"version":3,"file":"jwk.js","sourceRoot":"","sources":["../../lib/schemas/jwk.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAE7B,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAE9C,sBAAsB;AACtB,MAAM,gBAAgB,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,SAAS,CAAU,CAAC;AACnE,MAAM,iBAAiB,GAAG,CAAC,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY,CAAU,CAAC;AAC/F,MAAM,SAAS,GAAG,CAAC,GAAG,iBAAiB,EAAE,GAAG,gBAAgB,CAAU,CAAC;AAIvE,MAAM,gBAAgB,GAAG,CAAC,KAAc,EAA8C,EAAE;IACvF,OAAQ,gBAAuC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACjE,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,CAAC,KAAc,EAA+C,EAAE;IACzF,OAAQ,iBAAwC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAClE,CAAC,CAAC;AAEF,MAAM,aAAa,GAAG,CAAC,CAAmB,EAAW,EAAE,CAAC,CAAC,KAAK,QAAQ,CAAC;AACvE,MAAM,aAAa,GAAG,CAAC,CAAmB,EAAW,EAAE,CAAC,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,SAAS,CAAC;AAE3F,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;AAEpD,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC;AAEjE,MAAM,cAAc,GAAG;IACtB,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE;IACf,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC3B,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC3B,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;IAC3C,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;IAE5C,QAAQ;IACR,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IACpC,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC3B,UAAU,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAClC,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAE3B,YAAY;IACZ,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IAE5B,sCAAsC;IACtC,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC3B,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC3B,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC3B,OAAO,EAAE,CAAC,CAAC,QAAQ,CAClB,CAAC,CAAC,WAAW,CAAC;QACb,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE;QACtB,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;KAC9B,CAAC,CACF;CACD,CAAC;AAEF,MAAM,eAAe,GAAG,CAAC,CAAC,WAAW,CAAC;IACrC,GAAG,cAAc;IACjB,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;IACrB,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IACnF,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE;IACb,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE;IACb,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACzB,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACzB,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACzB,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC1B,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC1B,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC1B,GAAG,EAAE,CAAC,CAAC,QAAQ,CACd,CAAC,CAAC,KAAK,CACN,CAAC,CAAC,WAAW,CAAC;QACb,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;QACzB,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;QACzB,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;KACzB,CAAC,CACF,CACD;CACD,CAAC,CAAC;AAEH,MAAM,cAAc,GAAG,CAAC,CAAC,WAAW,CAAC;IACpC,GAAG,cAAc;IACjB,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC;IACpB,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IACxD,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC5C,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE;IACb,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE;IACb,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;CACzB,CAAC,CAAC;AAEH,MAAM,uBAAuB,GAAG,CAAC,CAAC,WAAW,CAAC;IAC7C,GAAG,cAAc;IACjB,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC;IACpB,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACpC,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;IAC3B,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE;IACb,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE;IACb,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;CACzB,CAAC,CAAC;AAEH,MAAM,eAAe,GAAG,CAAC,CAAC,WAAW,CAAC;IACrC,GAAG,cAAc;IACjB,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;IACrB,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IACnC,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IACrC,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE;IACb,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;CACzB,CAAC,CAAC;AAEH,MAAM,eAAe,GAAG,CAAC,CAAC,WAAW,CAAC;IACrC,GAAG,cAAc;IACjB,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;IACrB,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IACxD,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE;CACb,CAAC,CAAC;AAEH,MAAM,gBAAgB,GAAG,CAAmB,GAAM,EAAW,EAAE;IAC9D,OAAO,CAAC,GAAG,IAAI,GAAG,IAAI,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,GAAG,IAAI,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC;AACvE,CAAC,CAAC;AAEF,MAAM,WAAW,GAAG,CAAmB,GAAM,EAAW,EAAE;IACzD,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;AAC/B,CAAC,CAAC;AAEF,qCAAqC;AACrC,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,CAAC,IAAI,CAC9B,CAAC,CAAC,KAAK,CAAC,CAAC,eAAe,EAAE,cAAc,EAAE,uBAAuB,EAAE,eAAe,EAAE,eAAe,CAAC,CAAC,EACrG,CAAC,CAAC,OAAO,CACR,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,IAAI,IAAI,IAAI,WAAW,CAAC,CAAC,CAAC,EAAE,yCAAyC,CAAC,EAC1F,CAAC,KAAK,CAAC,CACP,EACD,CAAC,CAAC,OAAO,CACR,CAAC,CAAC,KAAK,CACN,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,IAAI,CAAC,iBAAiB,CAAC,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC,EAC9D,+CAA+C,CAC/C,EACD,CAAC,SAAS,CAAC,CACX,EACD,CAAC,CAAC,OAAO,CACR,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,EAAE,qCAAqC,CAAC,EACtG,CAAC,SAAS,CAAC,CACX,EACD,CAAC,CAAC,OAAO,CACR,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IACb,IAAI,CAAC,CAAC,GAAG,IAAI,IAAI,IAAI,CAAC,CAAC,OAAO,IAAI,IAAI,EAAE,CAAC;QACxC,OAAO,IAAI,CAAC;IACb,CAAC;IACD,OAAO,CACN,CAAC,CAAC,CAAC,GAAG,KAAK,KAAK,IAAI,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC,GAAG,KAAK,KAAK,IAAI,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CACnD,CAAC;AACH,CAAC,EAAE,yCAAyC,CAAC,EAC7C,CAAC,SAAS,CAAC,CACX,CACD,CAAC;AAEF,wDAAwD;AACxD,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,CAAC,IAAI,CACjC,SAAS,EACT,CAAC,CAAC,OAAO,CACR,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,IAAI,IAAI,EAAE,mBAAmB,CAAC,EAClD,CAAC,KAAK,CAAC,CACP,EACD,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,yBAAyB,CAAC,EACzD,CAAC,CAAC,OAAO,CACR,CAAC,CAAC,KAAK,CACN,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,EACtD,8DAA8D,CAC9D,EACD,CAAC,SAAS,CAAC,CACX,CACD,CAAC"}
|
package/dist/schemas/jwks.d.ts
CHANGED
|
@@ -1,7 +1,8 @@
|
|
|
1
|
-
import * as v from '
|
|
2
|
-
/** JWKS (JSON Web Key Set)
|
|
3
|
-
|
|
4
|
-
|
|
1
|
+
import * as v from 'valibot';
|
|
2
|
+
/** JWKS (JSON Web Key Set). implementations SHOULD ignore JWKs within a JWK Set that use unknown
|
|
3
|
+
* `kty` values, are missing required members, or have values out of the supported ranges. */
|
|
4
|
+
export declare const jwksSchema: v.LooseObjectSchema<{
|
|
5
|
+
readonly keys: v.SchemaWithPipe<readonly [v.ArraySchema<v.UnknownSchema, undefined>, v.TransformAction<unknown[], (({
|
|
5
6
|
kid?: string | undefined;
|
|
6
7
|
use?: "enc" | "sig" | undefined;
|
|
7
8
|
key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
|
|
@@ -13,10 +14,12 @@ export declare const jwksSchema: v.ObjectType<{
|
|
|
13
14
|
iat?: number | undefined;
|
|
14
15
|
exp?: number | undefined;
|
|
15
16
|
nbf?: number | undefined;
|
|
16
|
-
revoked?: {
|
|
17
|
+
revoked?: ({
|
|
17
18
|
revoked_at: number;
|
|
18
19
|
reason?: string | undefined;
|
|
19
|
-
}
|
|
20
|
+
} & {
|
|
21
|
+
[key: string]: unknown;
|
|
22
|
+
}) | undefined;
|
|
20
23
|
kty: "RSA";
|
|
21
24
|
alg?: "PS256" | "PS384" | "PS512" | "RS256" | "RS384" | "RS512" | undefined;
|
|
22
25
|
n: string;
|
|
@@ -27,12 +30,16 @@ export declare const jwksSchema: v.ObjectType<{
|
|
|
27
30
|
dp?: string | undefined;
|
|
28
31
|
dq?: string | undefined;
|
|
29
32
|
qi?: string | undefined;
|
|
30
|
-
oth?: {
|
|
33
|
+
oth?: ({
|
|
31
34
|
r?: string | undefined;
|
|
32
35
|
d?: string | undefined;
|
|
33
36
|
t?: string | undefined;
|
|
34
|
-
}
|
|
35
|
-
|
|
37
|
+
} & {
|
|
38
|
+
[key: string]: unknown;
|
|
39
|
+
})[] | undefined;
|
|
40
|
+
} & {
|
|
41
|
+
[key: string]: unknown;
|
|
42
|
+
}) | ({
|
|
36
43
|
kid?: string | undefined;
|
|
37
44
|
use?: "enc" | "sig" | undefined;
|
|
38
45
|
key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
|
|
@@ -44,17 +51,21 @@ export declare const jwksSchema: v.ObjectType<{
|
|
|
44
51
|
iat?: number | undefined;
|
|
45
52
|
exp?: number | undefined;
|
|
46
53
|
nbf?: number | undefined;
|
|
47
|
-
revoked?: {
|
|
54
|
+
revoked?: ({
|
|
48
55
|
revoked_at: number;
|
|
49
56
|
reason?: string | undefined;
|
|
50
|
-
}
|
|
57
|
+
} & {
|
|
58
|
+
[key: string]: unknown;
|
|
59
|
+
}) | undefined;
|
|
51
60
|
kty: "EC";
|
|
52
61
|
alg?: "ES256" | "ES384" | "ES512" | undefined;
|
|
53
62
|
crv: "P-256" | "P-384" | "P-521";
|
|
54
63
|
x: string;
|
|
55
64
|
y: string;
|
|
56
65
|
d?: string | undefined;
|
|
57
|
-
}
|
|
66
|
+
} & {
|
|
67
|
+
[key: string]: unknown;
|
|
68
|
+
}) | ({
|
|
58
69
|
kid?: string | undefined;
|
|
59
70
|
use?: "enc" | "sig" | undefined;
|
|
60
71
|
key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
|
|
@@ -66,17 +77,21 @@ export declare const jwksSchema: v.ObjectType<{
|
|
|
66
77
|
iat?: number | undefined;
|
|
67
78
|
exp?: number | undefined;
|
|
68
79
|
nbf?: number | undefined;
|
|
69
|
-
revoked?: {
|
|
80
|
+
revoked?: ({
|
|
70
81
|
revoked_at: number;
|
|
71
82
|
reason?: string | undefined;
|
|
72
|
-
}
|
|
83
|
+
} & {
|
|
84
|
+
[key: string]: unknown;
|
|
85
|
+
}) | undefined;
|
|
73
86
|
kty: "EC";
|
|
74
87
|
alg?: "ES256K" | undefined;
|
|
75
88
|
crv: "secp256k1";
|
|
76
89
|
x: string;
|
|
77
90
|
y: string;
|
|
78
91
|
d?: string | undefined;
|
|
79
|
-
}
|
|
92
|
+
} & {
|
|
93
|
+
[key: string]: unknown;
|
|
94
|
+
}) | ({
|
|
80
95
|
kid?: string | undefined;
|
|
81
96
|
use?: "enc" | "sig" | undefined;
|
|
82
97
|
key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
|
|
@@ -88,16 +103,20 @@ export declare const jwksSchema: v.ObjectType<{
|
|
|
88
103
|
iat?: number | undefined;
|
|
89
104
|
exp?: number | undefined;
|
|
90
105
|
nbf?: number | undefined;
|
|
91
|
-
revoked?: {
|
|
106
|
+
revoked?: ({
|
|
92
107
|
revoked_at: number;
|
|
93
108
|
reason?: string | undefined;
|
|
94
|
-
}
|
|
109
|
+
} & {
|
|
110
|
+
[key: string]: unknown;
|
|
111
|
+
}) | undefined;
|
|
95
112
|
kty: "OKP";
|
|
96
113
|
alg?: "EdDSA" | undefined;
|
|
97
114
|
crv: "Ed25519" | "Ed448";
|
|
98
115
|
x: string;
|
|
99
116
|
d?: string | undefined;
|
|
100
|
-
}
|
|
117
|
+
} & {
|
|
118
|
+
[key: string]: unknown;
|
|
119
|
+
}) | ({
|
|
101
120
|
kid?: string | undefined;
|
|
102
121
|
use?: "enc" | "sig" | undefined;
|
|
103
122
|
key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
|
|
@@ -109,18 +128,22 @@ export declare const jwksSchema: v.ObjectType<{
|
|
|
109
128
|
iat?: number | undefined;
|
|
110
129
|
exp?: number | undefined;
|
|
111
130
|
nbf?: number | undefined;
|
|
112
|
-
revoked?: {
|
|
131
|
+
revoked?: ({
|
|
113
132
|
revoked_at: number;
|
|
114
133
|
reason?: string | undefined;
|
|
115
|
-
}
|
|
134
|
+
} & {
|
|
135
|
+
[key: string]: unknown;
|
|
136
|
+
}) | undefined;
|
|
116
137
|
kty: "oct";
|
|
117
138
|
alg?: "HS256" | "HS384" | "HS512" | undefined;
|
|
118
139
|
k: string;
|
|
119
|
-
}
|
|
140
|
+
} & {
|
|
141
|
+
[key: string]: unknown;
|
|
142
|
+
}))[]>]>;
|
|
120
143
|
}, undefined>;
|
|
121
144
|
/** public JWKS (JSON Web Key Set with only public keys) */
|
|
122
|
-
export declare const jwksPubSchema: v.
|
|
123
|
-
keys: v.
|
|
145
|
+
export declare const jwksPubSchema: v.LooseObjectSchema<{
|
|
146
|
+
readonly keys: v.SchemaWithPipe<readonly [v.ArraySchema<v.UnknownSchema, undefined>, v.TransformAction<unknown[], (({
|
|
124
147
|
kid?: string | undefined;
|
|
125
148
|
use?: "enc" | "sig" | undefined;
|
|
126
149
|
key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
|
|
@@ -132,10 +155,12 @@ export declare const jwksPubSchema: v.ObjectType<{
|
|
|
132
155
|
iat?: number | undefined;
|
|
133
156
|
exp?: number | undefined;
|
|
134
157
|
nbf?: number | undefined;
|
|
135
|
-
revoked?: {
|
|
158
|
+
revoked?: ({
|
|
136
159
|
revoked_at: number;
|
|
137
160
|
reason?: string | undefined;
|
|
138
|
-
}
|
|
161
|
+
} & {
|
|
162
|
+
[key: string]: unknown;
|
|
163
|
+
}) | undefined;
|
|
139
164
|
kty: "RSA";
|
|
140
165
|
alg?: "PS256" | "PS384" | "PS512" | "RS256" | "RS384" | "RS512" | undefined;
|
|
141
166
|
n: string;
|
|
@@ -146,12 +171,16 @@ export declare const jwksPubSchema: v.ObjectType<{
|
|
|
146
171
|
dp?: string | undefined;
|
|
147
172
|
dq?: string | undefined;
|
|
148
173
|
qi?: string | undefined;
|
|
149
|
-
oth?: {
|
|
174
|
+
oth?: ({
|
|
150
175
|
r?: string | undefined;
|
|
151
176
|
d?: string | undefined;
|
|
152
177
|
t?: string | undefined;
|
|
153
|
-
}
|
|
154
|
-
|
|
178
|
+
} & {
|
|
179
|
+
[key: string]: unknown;
|
|
180
|
+
})[] | undefined;
|
|
181
|
+
} & {
|
|
182
|
+
[key: string]: unknown;
|
|
183
|
+
}) | ({
|
|
155
184
|
kid?: string | undefined;
|
|
156
185
|
use?: "enc" | "sig" | undefined;
|
|
157
186
|
key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
|
|
@@ -163,17 +192,21 @@ export declare const jwksPubSchema: v.ObjectType<{
|
|
|
163
192
|
iat?: number | undefined;
|
|
164
193
|
exp?: number | undefined;
|
|
165
194
|
nbf?: number | undefined;
|
|
166
|
-
revoked?: {
|
|
195
|
+
revoked?: ({
|
|
167
196
|
revoked_at: number;
|
|
168
197
|
reason?: string | undefined;
|
|
169
|
-
}
|
|
198
|
+
} & {
|
|
199
|
+
[key: string]: unknown;
|
|
200
|
+
}) | undefined;
|
|
170
201
|
kty: "EC";
|
|
171
202
|
alg?: "ES256" | "ES384" | "ES512" | undefined;
|
|
172
203
|
crv: "P-256" | "P-384" | "P-521";
|
|
173
204
|
x: string;
|
|
174
205
|
y: string;
|
|
175
206
|
d?: string | undefined;
|
|
176
|
-
}
|
|
207
|
+
} & {
|
|
208
|
+
[key: string]: unknown;
|
|
209
|
+
}) | ({
|
|
177
210
|
kid?: string | undefined;
|
|
178
211
|
use?: "enc" | "sig" | undefined;
|
|
179
212
|
key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
|
|
@@ -185,17 +218,21 @@ export declare const jwksPubSchema: v.ObjectType<{
|
|
|
185
218
|
iat?: number | undefined;
|
|
186
219
|
exp?: number | undefined;
|
|
187
220
|
nbf?: number | undefined;
|
|
188
|
-
revoked?: {
|
|
221
|
+
revoked?: ({
|
|
189
222
|
revoked_at: number;
|
|
190
223
|
reason?: string | undefined;
|
|
191
|
-
}
|
|
224
|
+
} & {
|
|
225
|
+
[key: string]: unknown;
|
|
226
|
+
}) | undefined;
|
|
192
227
|
kty: "EC";
|
|
193
228
|
alg?: "ES256K" | undefined;
|
|
194
229
|
crv: "secp256k1";
|
|
195
230
|
x: string;
|
|
196
231
|
y: string;
|
|
197
232
|
d?: string | undefined;
|
|
198
|
-
}
|
|
233
|
+
} & {
|
|
234
|
+
[key: string]: unknown;
|
|
235
|
+
}) | ({
|
|
199
236
|
kid?: string | undefined;
|
|
200
237
|
use?: "enc" | "sig" | undefined;
|
|
201
238
|
key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
|
|
@@ -207,16 +244,20 @@ export declare const jwksPubSchema: v.ObjectType<{
|
|
|
207
244
|
iat?: number | undefined;
|
|
208
245
|
exp?: number | undefined;
|
|
209
246
|
nbf?: number | undefined;
|
|
210
|
-
revoked?: {
|
|
247
|
+
revoked?: ({
|
|
211
248
|
revoked_at: number;
|
|
212
249
|
reason?: string | undefined;
|
|
213
|
-
}
|
|
250
|
+
} & {
|
|
251
|
+
[key: string]: unknown;
|
|
252
|
+
}) | undefined;
|
|
214
253
|
kty: "OKP";
|
|
215
254
|
alg?: "EdDSA" | undefined;
|
|
216
255
|
crv: "Ed25519" | "Ed448";
|
|
217
256
|
x: string;
|
|
218
257
|
d?: string | undefined;
|
|
219
|
-
}
|
|
258
|
+
} & {
|
|
259
|
+
[key: string]: unknown;
|
|
260
|
+
}) | ({
|
|
220
261
|
kid?: string | undefined;
|
|
221
262
|
use?: "enc" | "sig" | undefined;
|
|
222
263
|
key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
|
|
@@ -228,15 +269,19 @@ export declare const jwksPubSchema: v.ObjectType<{
|
|
|
228
269
|
iat?: number | undefined;
|
|
229
270
|
exp?: number | undefined;
|
|
230
271
|
nbf?: number | undefined;
|
|
231
|
-
revoked?: {
|
|
272
|
+
revoked?: ({
|
|
232
273
|
revoked_at: number;
|
|
233
274
|
reason?: string | undefined;
|
|
234
|
-
}
|
|
275
|
+
} & {
|
|
276
|
+
[key: string]: unknown;
|
|
277
|
+
}) | undefined;
|
|
235
278
|
kty: "oct";
|
|
236
279
|
alg?: "HS256" | "HS384" | "HS512" | undefined;
|
|
237
280
|
k: string;
|
|
238
|
-
}
|
|
281
|
+
} & {
|
|
282
|
+
[key: string]: unknown;
|
|
283
|
+
}))[]>]>;
|
|
239
284
|
}, undefined>;
|
|
240
|
-
export type Jwks = v.
|
|
241
|
-
export type JwksPub = v.
|
|
285
|
+
export type Jwks = v.InferOutput<typeof jwksSchema>;
|
|
286
|
+
export type JwksPub = v.InferOutput<typeof jwksPubSchema>;
|
|
242
287
|
//# sourceMappingURL=jwks.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwks.d.ts","sourceRoot":"","sources":["../../lib/schemas/jwks.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,
|
|
1
|
+
{"version":3,"file":"jwks.d.ts","sourceRoot":"","sources":["../../lib/schemas/jwks.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAI7B;6FAC6F;AAC7F,eAAO,MAAM,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;aAUrB,CAAC;AAEH,2DAA2D;AAC3D,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;aAUxB,CAAC;AAEH,MAAM,MAAM,IAAI,GAAG,CAAC,CAAC,WAAW,CAAC,OAAO,UAAU,CAAC,CAAC;AACpD,MAAM,MAAM,OAAO,GAAG,CAAC,CAAC,WAAW,CAAC,OAAO,aAAa,CAAC,CAAC"}
|
package/dist/schemas/jwks.js
CHANGED
|
@@ -1,34 +1,18 @@
|
|
|
1
|
-
import * as v from '
|
|
1
|
+
import * as v from 'valibot';
|
|
2
2
|
import { jwkPubSchema, jwkSchema } from './jwk.js';
|
|
3
|
-
/** JWKS (JSON Web Key Set)
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
for (const item of input) {
|
|
11
|
-
const result = jwkSchema.try(item, options);
|
|
12
|
-
if (!result.ok) {
|
|
13
|
-
continue;
|
|
14
|
-
}
|
|
15
|
-
keys.push(result.value);
|
|
16
|
-
}
|
|
17
|
-
return v.ok(keys);
|
|
18
|
-
}),
|
|
3
|
+
/** JWKS (JSON Web Key Set). implementations SHOULD ignore JWKs within a JWK Set that use unknown
|
|
4
|
+
* `kty` values, are missing required members, or have values out of the supported ranges. */
|
|
5
|
+
export const jwksSchema = v.looseObject({
|
|
6
|
+
keys: v.pipe(v.array(v.unknown()), v.transform((input) => input.flatMap((entry) => {
|
|
7
|
+
const result = v.safeParse(jwkSchema, entry);
|
|
8
|
+
return result.success ? [result.output] : [];
|
|
9
|
+
}))),
|
|
19
10
|
});
|
|
20
11
|
/** public JWKS (JSON Web Key Set with only public keys) */
|
|
21
|
-
export const jwksPubSchema = v.
|
|
22
|
-
keys: v.array(v.unknown()).
|
|
23
|
-
const
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
if (!result.ok) {
|
|
27
|
-
continue;
|
|
28
|
-
}
|
|
29
|
-
keys.push(result.value);
|
|
30
|
-
}
|
|
31
|
-
return v.ok(keys);
|
|
32
|
-
}),
|
|
12
|
+
export const jwksPubSchema = v.looseObject({
|
|
13
|
+
keys: v.pipe(v.array(v.unknown()), v.transform((input) => input.flatMap((entry) => {
|
|
14
|
+
const result = v.safeParse(jwkPubSchema, entry);
|
|
15
|
+
return result.success ? [result.output] : [];
|
|
16
|
+
}))),
|
|
33
17
|
});
|
|
34
18
|
//# sourceMappingURL=jwks.js.map
|
package/dist/schemas/jwks.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwks.js","sourceRoot":"","sources":["../../lib/schemas/jwks.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,
|
|
1
|
+
{"version":3,"file":"jwks.js","sourceRoot":"","sources":["../../lib/schemas/jwks.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAE7B,OAAO,EAAE,YAAY,EAAE,SAAS,EAAyB,MAAM,UAAU,CAAC;AAE1E;6FAC6F;AAC7F,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,CAAC,WAAW,CAAC;IACvC,IAAI,EAAE,CAAC,CAAC,IAAI,CACX,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,EACpB,CAAC,CAAC,SAAS,CAAC,CAAC,KAAK,EAAS,EAAE,CAC5B,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;QACvB,MAAM,MAAM,GAAG,CAAC,CAAC,SAAS,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QAC7C,OAAO,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC9C,CAAC,CAAC,CACF,CACD;CACD,CAAC,CAAC;AAEH,2DAA2D;AAC3D,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,CAAC,WAAW,CAAC;IAC1C,IAAI,EAAE,CAAC,CAAC,IAAI,CACX,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,EACpB,CAAC,CAAC,SAAS,CAAC,CAAC,KAAK,EAAY,EAAE,CAC/B,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;QACvB,MAAM,MAAM,GAAG,CAAC,CAAC,SAAS,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;QAChD,OAAO,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC9C,CAAC,CAAC,CACF,CACD;CACD,CAAC,CAAC"}
|