@atproto/jwk-jose 0.1.9 → 0.1.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -1,5 +1,19 @@
1
1
  # @atproto/jwk-jose
2
2
 
3
+ ## 0.1.11
4
+
5
+ ### Patch Changes
6
+
7
+ - Updated dependencies [[`f560cf226`](https://github.com/bluesky-social/atproto/commit/f560cf2266715666ce5852ab095fcfb3876ae815), [`fefe70126`](https://github.com/bluesky-social/atproto/commit/fefe70126d0ea82507ac750f669b3478290f186b), [`f560cf226`](https://github.com/bluesky-social/atproto/commit/f560cf2266715666ce5852ab095fcfb3876ae815), [`f560cf226`](https://github.com/bluesky-social/atproto/commit/f560cf2266715666ce5852ab095fcfb3876ae815), [`f560cf226`](https://github.com/bluesky-social/atproto/commit/f560cf2266715666ce5852ab095fcfb3876ae815)]:
8
+ - @atproto/jwk@0.6.0
9
+
10
+ ## 0.1.10
11
+
12
+ ### Patch Changes
13
+
14
+ - Updated dependencies [[`8a88e2c15`](https://github.com/bluesky-social/atproto/commit/8a88e2c15451f5e8239400eeb277ad31d178b8e6), [`8a88e2c15`](https://github.com/bluesky-social/atproto/commit/8a88e2c15451f5e8239400eeb277ad31d178b8e6)]:
15
+ - @atproto/jwk@0.5.0
16
+
3
17
  ## 0.1.9
4
18
 
5
19
  ### Patch Changes
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,gDAA6B"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,gDAA6B","sourcesContent":["export * from './jose-key.js'\n"]}
@@ -12,102 +12,7 @@ export declare class JoseKey<J extends Jwk = Jwk> extends Key<J> {
12
12
  createJwt(header: JwtHeader, payload: JwtPayload): Promise<SignedJwt>;
13
13
  verifyJwt<C extends string = never>(token: SignedJwt, options?: VerifyOptions<C>): Promise<VerifyResult<C>>;
14
14
  static generateKeyPair(allowedAlgos?: readonly string[], options?: GenerateKeyPairOptions): Promise<GenerateKeyPairResult<KeyLike>>;
15
- static generate(allowedAlgos?: string[], kid?: string, options?: Omit<GenerateKeyPairOptions, 'extractable'>): Promise<JoseKey<{
16
- kty: string;
17
- alg?: string | undefined;
18
- kid?: string | undefined;
19
- ext?: boolean | undefined;
20
- use?: "sig" | "enc" | undefined;
21
- key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
22
- x5c?: string[] | undefined;
23
- x5t?: string | undefined;
24
- 'x5t#S256'?: string | undefined;
25
- x5u?: string | undefined;
26
- } | {
27
- kty: "RSA";
28
- n: string;
29
- e: string;
30
- alg?: "RS256" | "RS384" | "RS512" | "PS256" | "PS384" | "PS512" | undefined;
31
- kid?: string | undefined;
32
- ext?: boolean | undefined;
33
- use?: "sig" | "enc" | undefined;
34
- key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
35
- x5c?: string[] | undefined;
36
- x5t?: string | undefined;
37
- 'x5t#S256'?: string | undefined;
38
- x5u?: string | undefined;
39
- d?: string | undefined;
40
- p?: string | undefined;
41
- q?: string | undefined;
42
- dp?: string | undefined;
43
- dq?: string | undefined;
44
- qi?: string | undefined;
45
- oth?: [{
46
- d?: string | undefined;
47
- r?: string | undefined;
48
- t?: string | undefined;
49
- }, ...{
50
- d?: string | undefined;
51
- r?: string | undefined;
52
- t?: string | undefined;
53
- }[]] | undefined;
54
- } | {
55
- kty: "EC";
56
- crv: "P-256" | "P-384" | "P-521";
57
- x: string;
58
- y: string;
59
- alg?: "ES256" | "ES384" | "ES512" | undefined;
60
- kid?: string | undefined;
61
- ext?: boolean | undefined;
62
- use?: "sig" | "enc" | undefined;
63
- key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
64
- x5c?: string[] | undefined;
65
- x5t?: string | undefined;
66
- 'x5t#S256'?: string | undefined;
67
- x5u?: string | undefined;
68
- d?: string | undefined;
69
- } | {
70
- kty: "EC";
71
- crv: "secp256k1";
72
- x: string;
73
- y: string;
74
- alg?: "ES256K" | undefined;
75
- kid?: string | undefined;
76
- ext?: boolean | undefined;
77
- use?: "sig" | "enc" | undefined;
78
- key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
79
- x5c?: string[] | undefined;
80
- x5t?: string | undefined;
81
- 'x5t#S256'?: string | undefined;
82
- x5u?: string | undefined;
83
- d?: string | undefined;
84
- } | {
85
- kty: "OKP";
86
- crv: "Ed25519" | "Ed448";
87
- x: string;
88
- alg?: "EdDSA" | undefined;
89
- kid?: string | undefined;
90
- ext?: boolean | undefined;
91
- use?: "sig" | "enc" | undefined;
92
- key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
93
- x5c?: string[] | undefined;
94
- x5t?: string | undefined;
95
- 'x5t#S256'?: string | undefined;
96
- x5u?: string | undefined;
97
- d?: string | undefined;
98
- } | {
99
- kty: "oct";
100
- k: string;
101
- alg?: "HS256" | "HS384" | "HS512" | undefined;
102
- kid?: string | undefined;
103
- ext?: boolean | undefined;
104
- use?: "sig" | "enc" | undefined;
105
- key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
106
- x5c?: string[] | undefined;
107
- x5t?: string | undefined;
108
- 'x5t#S256'?: string | undefined;
109
- x5u?: string | undefined;
110
- }>>;
15
+ static generate(allowedAlgos?: string[], kid?: string, options?: Omit<GenerateKeyPairOptions, 'extractable'>): Promise<JoseKey>;
111
16
  static fromImportable(input: string | KeyLike | Jwk, kid?: string): Promise<JoseKey>;
112
17
  /**
113
18
  * @see {@link exportJWK}
@@ -1 +1 @@
1
- {"version":3,"file":"jose-key.d.ts","sourceRoot":"","sources":["../src/jose-key.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,sBAAsB,EAC3B,KAAK,qBAAqB,EAG1B,KAAK,OAAO,EAQb,MAAM,MAAM,CAAA;AACb,OAAO,EACL,GAAG,EAGH,SAAS,EACT,UAAU,EAEV,GAAG,EACH,SAAS,EACT,aAAa,EACb,YAAY,EAIb,MAAM,cAAc,CAAA;AAKrB,OAAO,EACL,KAAK,sBAAsB,EAC3B,KAAK,qBAAqB,EAC1B,KAAK,GAAG,EACR,KAAK,SAAS,EACd,KAAK,UAAU,EACf,KAAK,OAAO,EACZ,KAAK,SAAS,EACd,KAAK,aAAa,GACnB,CAAA;AAED,qBAAa,OAAO,CAAC,CAAC,SAAS,GAAG,GAAG,GAAG,CAAE,SAAQ,GAAG,CAAC,CAAC,CAAC;IACtD;;;;;OAKG;cACa,SAAS,CAAC,GAAG,EAAE,MAAM;IAW/B,SAAS,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,SAAS,CAAC;IAiCrE,SAAS,CAAC,CAAC,SAAS,MAAM,GAAG,KAAK,EACtC,KAAK,EAAE,SAAS,EAChB,OAAO,CAAC,EAAE,aAAa,CAAC,CAAC,CAAC,GACzB,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;WAyCd,eAAe,CAC1B,YAAY,GAAE,SAAS,MAAM,EAAc,EAC3C,OAAO,CAAC,EAAE,sBAAsB;WAoBrB,QAAQ,CACnB,YAAY,GAAE,MAAM,EAAc,EAClC,GAAG,CAAC,EAAE,MAAM,EACZ,OAAO,CAAC,EAAE,IAAI,CAAC,sBAAsB,EAAE,aAAa,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;aAkFmmV,CAAC;aAA+B,CAAC;aAA+B,CAAC;;aAA2C,CAAC;aAA+B,CAAC;aAA+B,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;WAzE1zV,cAAc,CACzB,KAAK,EAAE,MAAM,GAAG,OAAO,GAAG,GAAG,EAC7B,GAAG,CAAC,EAAE,MAAM,GACX,OAAO,CAAC,OAAO,CAAC;IA6BnB;;OAEG;WACU,WAAW,CACtB,OAAO,EAAE,OAAO,GAAG,UAAU,EAC7B,GAAG,CAAC,EAAE,MAAM,EACZ,GAAG,CAAC,EAAE,MAAM,GACX,OAAO,CAAC,OAAO,CAAC;IASnB;;OAEG;WACU,SAAS,CACpB,GAAG,EAAE,MAAM,EACX,GAAG,EAAE,MAAM,EACX,GAAG,CAAC,EAAE,MAAM,GACX,OAAO,CAAC,OAAO,CAAC;WAKN,OAAO,CAClB,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACvC,QAAQ,CAAC,EAAE,MAAM,GAChB,OAAO,CAAC,OAAO,CAAC;CASpB"}
1
+ {"version":3,"file":"jose-key.d.ts","sourceRoot":"","sources":["../src/jose-key.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,sBAAsB,EAC3B,KAAK,qBAAqB,EAG1B,KAAK,OAAO,EAQb,MAAM,MAAM,CAAA;AACb,OAAO,EACL,GAAG,EAGH,SAAS,EACT,UAAU,EAEV,GAAG,EACH,SAAS,EACT,aAAa,EACb,YAAY,EAKb,MAAM,cAAc,CAAA;AAKrB,OAAO,EACL,KAAK,sBAAsB,EAC3B,KAAK,qBAAqB,EAC1B,KAAK,GAAG,EACR,KAAK,SAAS,EACd,KAAK,UAAU,EACf,KAAK,OAAO,EACZ,KAAK,SAAS,EACd,KAAK,aAAa,GACnB,CAAA;AAED,qBAAa,OAAO,CAAC,CAAC,SAAS,GAAG,GAAG,GAAG,CAAE,SAAQ,GAAG,CAAC,CAAC,CAAC;IACtD;;;;;OAKG;cACa,SAAS,CAAC,GAAG,EAAE,MAAM;IAW/B,SAAS,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,SAAS,CAAC;IAiCrE,SAAS,CAAC,CAAC,SAAS,MAAM,GAAG,KAAK,EACtC,KAAK,EAAE,SAAS,EAChB,OAAO,CAAC,EAAE,aAAa,CAAC,CAAC,CAAC,GACzB,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;WAyCd,eAAe,CAC1B,YAAY,GAAE,SAAS,MAAM,EAAc,EAC3C,OAAO,CAAC,EAAE,sBAAsB;WAoBrB,QAAQ,CACnB,YAAY,GAAE,MAAM,EAAc,EAClC,GAAG,CAAC,EAAE,MAAM,EACZ,OAAO,CAAC,EAAE,IAAI,CAAC,sBAAsB,EAAE,aAAa,CAAC,GACpD,OAAO,CAAC,OAAO,CAAC;WAQN,cAAc,CACzB,KAAK,EAAE,MAAM,GAAG,OAAO,GAAG,GAAG,EAC7B,GAAG,CAAC,EAAE,MAAM,GACX,OAAO,CAAC,OAAO,CAAC;IA6BnB;;OAEG;WACU,WAAW,CACtB,OAAO,EAAE,OAAO,GAAG,UAAU,EAC7B,GAAG,CAAC,EAAE,MAAM,EACZ,GAAG,CAAC,EAAE,MAAM,GACX,OAAO,CAAC,OAAO,CAAC;IASnB;;OAEG;WACU,SAAS,CACpB,GAAG,EAAE,MAAM,EACX,GAAG,EAAE,MAAM,EACX,GAAG,CAAC,EAAE,MAAM,GACX,OAAO,CAAC,OAAO,CAAC;WAKN,OAAO,CAClB,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACvC,QAAQ,CAAC,EAAE,MAAM,GAChB,OAAO,CAAC,OAAO,CAAC;CAiBpB"}
package/dist/jose-key.js CHANGED
@@ -108,7 +108,7 @@ class JoseKey extends jwk_1.Key {
108
108
  ...options,
109
109
  extractable: true,
110
110
  });
111
- return this.fromImportable(kp.privateKey, kid);
111
+ return this.fromKeyLike(kp.privateKey, kid);
112
112
  }
113
113
  static async fromImportable(input, kid) {
114
114
  if (typeof input === 'string') {
@@ -158,8 +158,13 @@ class JoseKey extends jwk_1.Key {
158
158
  if (!jwk || typeof jwk !== 'object')
159
159
  throw new jwk_1.JwkError('Invalid JWK');
160
160
  const kid = (0, util_js_1.either)(jwk.kid, inputKid);
161
- const use = jwk.use || 'sig';
162
- return new JoseKey(jwk_1.jwkValidator.parse({ ...jwk, kid, use }));
161
+ // Backwards compatibility with old behavior
162
+ if (jwk.use != null && (0, jwk_1.isPrivateJwk)(jwk)) {
163
+ console.warn('Deprecation warning: Private JWK with a "use" property will be rejected in the future. Please remove replace "use" with (valid) "key_ops".');
164
+ jwk.key_ops ??= jwk.use === 'sig' ? ['sign'] : ['encrypt'];
165
+ delete jwk.use;
166
+ }
167
+ return new JoseKey(jwk_1.jwkSchema.parse({ ...jwk, kid }));
163
168
  }
164
169
  }
165
170
  exports.JoseKey = JoseKey;
@@ -1 +1 @@
1
- {"version":3,"file":"jose-key.js","sourceRoot":"","sources":["../src/jose-key.ts"],"names":[],"mappings":";;;AAAA,+BAaa;AACb,sCAcqB;AACrB,uCAA+C;AAE/C,MAAM,EAAE,SAAS,EAAE,GAAG,aAAM,CAAA;AAa5B,MAAa,OAA6B,SAAQ,SAAM;IACtD;;;;;OAKG;IACO,KAAK,CAAC,SAAS,CAAC,GAAW;QACnC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACnC,MAAM,IAAI,cAAQ,CAAC,sCAAsC,GAAG,GAAG,CAAC,CAAA;QAClE,CAAC;QACD,IAAI,CAAC;YACH,OAAO,MAAM,IAAA,gBAAS,EAAC,IAAI,CAAC,GAAU,EAAE,GAAG,CAAC,CAAA;QAC9C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,cAAQ,CAAC,sBAAsB,EAAE,SAAS,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;QAClE,CAAC;IACH,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,MAAiB,EAAE,OAAmB;QACpD,IAAI,CAAC;YACH,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,CAAA;YACtB,IAAI,GAAG,IAAI,GAAG,KAAK,IAAI,CAAC,GAAG,EAAE,CAAC;gBAC5B,MAAM,IAAI,oBAAc,CACtB,kBAAkB,GAAG,4BAA4B,IAAI,CAAC,GAAG,GAAG,CAC7D,CAAA;YACH,CAAC;YAED,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,CAAA;YACtB,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,oBAAc,CAAC,6BAA6B,CAAC,CAAA;YACzD,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;YACxC,MAAM,UAAU,GAAG,IAAI,cAAO,CAAC,OAAO,CAAC,CAAC,kBAAkB,CAAC;gBACzD,GAAG,MAAM;gBACT,GAAG;gBACH,GAAG,EAAE,IAAI,CAAC,GAAG;aACd,CAAC,CAAA;YAEF,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;YAE/C,OAAO,SAAsB,CAAA;QAC/B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,SAAS,EAAE,CAAC;gBAC/B,MAAM,IAAI,oBAAc,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;YAChE,CAAC;iBAAM,CAAC;gBACN,MAAM,oBAAc,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAClC,CAAC;QACH,CAAC;IACH,CAAC;IAED,KAAK,CAAC,SAAS,CACb,KAAgB,EAChB,OAA0B;QAE1B,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAA,gBAAS,EAC5B,KAAK,EACL,KAAK,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EACtC,EAAE,GAAG,OAAO,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAsB,CAChE,CAAA;YAED,uEAAuE;YACvE,qEAAqE;YACrE,wEAAwE;YACxE,wEAAwE;YACxE,QAAQ;YACR,MAAM,YAAY,GAAG,qBAAe,CAAC,SAAS,CAAC,MAAM,CAAC,eAAe,CAAC,CAAA;YACtE,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC;gBAC1B,MAAM,IAAI,oBAAc,CAAC,oBAAoB,EAAE,SAAS,EAAE;oBACxD,KAAK,EAAE,YAAY,CAAC,KAAK;iBAC1B,CAAC,CAAA;YACJ,CAAC;YAED,MAAM,aAAa,GAAG,sBAAgB,CAAC,SAAS,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;YAChE,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;gBAC3B,MAAM,IAAI,oBAAc,CAAC,qBAAqB,EAAE,SAAS,EAAE;oBACzD,KAAK,EAAE,aAAa,CAAC,KAAK;iBAC3B,CAAC,CAAA;YACJ,CAAC;YAED,OAAO;gBACL,eAAe,EAAE,YAAY,CAAC,IAAI;gBAClC,2CAA2C;gBAC3C,OAAO,EAAE,aAAa,CAAC,IAAkC;aAC1D,CAAA;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,SAAS,EAAE,CAAC;gBAC/B,MAAM,IAAI,oBAAc,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;YAChE,CAAC;iBAAM,CAAC;gBACN,MAAM,oBAAc,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAClC,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,eAAe,CAC1B,eAAkC,CAAC,OAAO,CAAC,EAC3C,OAAgC;QAEhC,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;YACzB,MAAM,IAAI,cAAQ,CAAC,2CAA2C,CAAC,CAAA;QACjE,CAAC;QAED,MAAM,MAAM,GAAc,EAAE,CAAA;QAC5B,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;YAC/B,IAAI,CAAC;gBACH,OAAO,MAAM,IAAA,sBAAe,EAAC,GAAG,EAAE,OAAO,CAAC,CAAA;YAC5C,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAClB,CAAC;QACH,CAAC;QAED,MAAM,IAAI,cAAQ,CAAC,6BAA6B,EAAE,SAAS,EAAE;YAC3D,KAAK,EAAE,IAAI,cAAc,CAAC,MAAM,EAAE,+BAA+B,CAAC;SACnE,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,QAAQ,CACnB,eAAyB,CAAC,OAAO,CAAC,EAClC,GAAY,EACZ,OAAqD;QAErD,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,YAAY,EAAE;YAClD,GAAG,OAAO;YACV,WAAW,EAAE,IAAI;SAClB,CAAC,CAAA;QACF,OAAO,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC,UAAU,EAAE,GAAG,CAAC,CAAA;IAChD,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,cAAc,CACzB,KAA6B,EAC7B,GAAY;QAEZ,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,QAAQ;YACR,IAAI,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC9B,8DAA8D;gBAC9D,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,GAAG,CAAC,CAAA;YACvC,CAAC;YAED,eAAe;YACf,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC1B,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;YACjC,CAAC;YAED,MAAM,IAAI,cAAQ,CAAC,eAAe,CAAC,CAAA;QACrC,CAAC;QAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM;YACN,IAAI,KAAK,IAAI,KAAK,IAAI,KAAK,IAAI,KAAK,EAAE,CAAC;gBACrC,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;YACjC,CAAC;YAED,UAAU;YACV,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;QACrC,CAAC;QAED,MAAM,IAAI,cAAQ,CAAC,eAAe,CAAC,CAAA;IACrC,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,WAAW,CACtB,OAA6B,EAC7B,GAAY,EACZ,GAAY;QAEZ,MAAM,GAAG,GAAG,MAAM,IAAA,gBAAS,EAAC,OAAO,CAAC,CAAA;QACpC,IAAI,GAAG,EAAE,CAAC;YACR,IAAI,CAAC,GAAG,CAAC,GAAG;gBAAE,GAAG,CAAC,GAAG,GAAG,GAAG,CAAA;iBACtB,IAAI,GAAG,CAAC,GAAG,KAAK,GAAG;gBAAE,MAAM,IAAI,cAAQ,CAAC,sBAAsB,CAAC,CAAA;QACtE,CAAC;QACD,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;IAC/B,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,SAAS,CACpB,GAAW,EACX,GAAW,EACX,GAAY;QAEZ,MAAM,OAAO,GAAG,MAAM,IAAA,kBAAW,EAAC,GAAG,EAAE,GAAG,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;QAClE,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;IACvC,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,OAAO,CAClB,KAAuC,EACvC,QAAiB;QAEjB,MAAM,GAAG,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;QACjE,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;YAAE,MAAM,IAAI,cAAQ,CAAC,aAAa,CAAC,CAAA;QAEtE,MAAM,GAAG,GAAG,IAAA,gBAAM,EAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QACrC,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,IAAI,KAAK,CAAA;QAE5B,OAAO,IAAI,OAAO,CAAC,kBAAY,CAAC,KAAK,CAAC,EAAE,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAA;IAC9D,CAAC;CACF;AAzMD,0BAyMC"}
1
+ {"version":3,"file":"jose-key.js","sourceRoot":"","sources":["../src/jose-key.ts"],"names":[],"mappings":";;;AAAA,+BAaa;AACb,sCAeqB;AACrB,uCAA+C;AAE/C,MAAM,EAAE,SAAS,EAAE,GAAG,aAAM,CAAA;AAa5B,MAAa,OAA6B,SAAQ,SAAM;IACtD;;;;;OAKG;IACO,KAAK,CAAC,SAAS,CAAC,GAAW;QACnC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACnC,MAAM,IAAI,cAAQ,CAAC,sCAAsC,GAAG,GAAG,CAAC,CAAA;QAClE,CAAC;QACD,IAAI,CAAC;YACH,OAAO,MAAM,IAAA,gBAAS,EAAC,IAAI,CAAC,GAAU,EAAE,GAAG,CAAC,CAAA;QAC9C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,cAAQ,CAAC,sBAAsB,EAAE,SAAS,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;QAClE,CAAC;IACH,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,MAAiB,EAAE,OAAmB;QACpD,IAAI,CAAC;YACH,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,CAAA;YACtB,IAAI,GAAG,IAAI,GAAG,KAAK,IAAI,CAAC,GAAG,EAAE,CAAC;gBAC5B,MAAM,IAAI,oBAAc,CACtB,kBAAkB,GAAG,4BAA4B,IAAI,CAAC,GAAG,GAAG,CAC7D,CAAA;YACH,CAAC;YAED,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,CAAA;YACtB,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,oBAAc,CAAC,6BAA6B,CAAC,CAAA;YACzD,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;YACxC,MAAM,UAAU,GAAG,IAAI,cAAO,CAAC,OAAO,CAAC,CAAC,kBAAkB,CAAC;gBACzD,GAAG,MAAM;gBACT,GAAG;gBACH,GAAG,EAAE,IAAI,CAAC,GAAG;aACd,CAAC,CAAA;YAEF,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;YAE/C,OAAO,SAAsB,CAAA;QAC/B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,SAAS,EAAE,CAAC;gBAC/B,MAAM,IAAI,oBAAc,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;YAChE,CAAC;iBAAM,CAAC;gBACN,MAAM,oBAAc,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAClC,CAAC;QACH,CAAC;IACH,CAAC;IAED,KAAK,CAAC,SAAS,CACb,KAAgB,EAChB,OAA0B;QAE1B,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAA,gBAAS,EAC5B,KAAK,EACL,KAAK,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EACtC,EAAE,GAAG,OAAO,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAsB,CAChE,CAAA;YAED,uEAAuE;YACvE,qEAAqE;YACrE,wEAAwE;YACxE,wEAAwE;YACxE,QAAQ;YACR,MAAM,YAAY,GAAG,qBAAe,CAAC,SAAS,CAAC,MAAM,CAAC,eAAe,CAAC,CAAA;YACtE,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC;gBAC1B,MAAM,IAAI,oBAAc,CAAC,oBAAoB,EAAE,SAAS,EAAE;oBACxD,KAAK,EAAE,YAAY,CAAC,KAAK;iBAC1B,CAAC,CAAA;YACJ,CAAC;YAED,MAAM,aAAa,GAAG,sBAAgB,CAAC,SAAS,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;YAChE,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;gBAC3B,MAAM,IAAI,oBAAc,CAAC,qBAAqB,EAAE,SAAS,EAAE;oBACzD,KAAK,EAAE,aAAa,CAAC,KAAK;iBAC3B,CAAC,CAAA;YACJ,CAAC;YAED,OAAO;gBACL,eAAe,EAAE,YAAY,CAAC,IAAI;gBAClC,2CAA2C;gBAC3C,OAAO,EAAE,aAAa,CAAC,IAAkC;aAC1D,CAAA;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,SAAS,EAAE,CAAC;gBAC/B,MAAM,IAAI,oBAAc,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;YAChE,CAAC;iBAAM,CAAC;gBACN,MAAM,oBAAc,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAClC,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,eAAe,CAC1B,eAAkC,CAAC,OAAO,CAAC,EAC3C,OAAgC;QAEhC,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;YACzB,MAAM,IAAI,cAAQ,CAAC,2CAA2C,CAAC,CAAA;QACjE,CAAC;QAED,MAAM,MAAM,GAAc,EAAE,CAAA;QAC5B,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;YAC/B,IAAI,CAAC;gBACH,OAAO,MAAM,IAAA,sBAAe,EAAC,GAAG,EAAE,OAAO,CAAC,CAAA;YAC5C,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAClB,CAAC;QACH,CAAC;QAED,MAAM,IAAI,cAAQ,CAAC,6BAA6B,EAAE,SAAS,EAAE;YAC3D,KAAK,EAAE,IAAI,cAAc,CAAC,MAAM,EAAE,+BAA+B,CAAC;SACnE,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,QAAQ,CACnB,eAAyB,CAAC,OAAO,CAAC,EAClC,GAAY,EACZ,OAAqD;QAErD,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,YAAY,EAAE;YAClD,GAAG,OAAO;YACV,WAAW,EAAE,IAAI;SAClB,CAAC,CAAA;QACF,OAAO,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,UAAU,EAAE,GAAG,CAAC,CAAA;IAC7C,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,cAAc,CACzB,KAA6B,EAC7B,GAAY;QAEZ,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,QAAQ;YACR,IAAI,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC9B,8DAA8D;gBAC9D,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,GAAG,CAAC,CAAA;YACvC,CAAC;YAED,eAAe;YACf,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC1B,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;YACjC,CAAC;YAED,MAAM,IAAI,cAAQ,CAAC,eAAe,CAAC,CAAA;QACrC,CAAC;QAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM;YACN,IAAI,KAAK,IAAI,KAAK,IAAI,KAAK,IAAI,KAAK,EAAE,CAAC;gBACrC,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;YACjC,CAAC;YAED,UAAU;YACV,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;QACrC,CAAC;QAED,MAAM,IAAI,cAAQ,CAAC,eAAe,CAAC,CAAA;IACrC,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,WAAW,CACtB,OAA6B,EAC7B,GAAY,EACZ,GAAY;QAEZ,MAAM,GAAG,GAAG,MAAM,IAAA,gBAAS,EAAC,OAAO,CAAC,CAAA;QACpC,IAAI,GAAG,EAAE,CAAC;YACR,IAAI,CAAC,GAAG,CAAC,GAAG;gBAAE,GAAG,CAAC,GAAG,GAAG,GAAG,CAAA;iBACtB,IAAI,GAAG,CAAC,GAAG,KAAK,GAAG;gBAAE,MAAM,IAAI,cAAQ,CAAC,sBAAsB,CAAC,CAAA;QACtE,CAAC;QACD,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;IAC/B,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,SAAS,CACpB,GAAW,EACX,GAAW,EACX,GAAY;QAEZ,MAAM,OAAO,GAAG,MAAM,IAAA,kBAAW,EAAC,GAAG,EAAE,GAAG,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;QAClE,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;IACvC,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,OAAO,CAClB,KAAuC,EACvC,QAAiB;QAEjB,MAAM,GAAG,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;QACjE,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;YAAE,MAAM,IAAI,cAAQ,CAAC,aAAa,CAAC,CAAA;QAEtE,MAAM,GAAG,GAAG,IAAA,gBAAM,EAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QAErC,4CAA4C;QAC5C,IAAI,GAAG,CAAC,GAAG,IAAI,IAAI,IAAI,IAAA,kBAAY,EAAC,GAAG,CAAC,EAAE,CAAC;YACzC,OAAO,CAAC,IAAI,CACV,4IAA4I,CAC7I,CAAA;YACD,GAAG,CAAC,OAAO,KAAK,GAAG,CAAC,GAAG,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;YAC1D,OAAO,GAAG,CAAC,GAAG,CAAA;QAChB,CAAC;QAED,OAAO,IAAI,OAAO,CAAM,eAAS,CAAC,KAAK,CAAC,EAAE,GAAG,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAA;IAC3D,CAAC;CACF;AAjND,0BAiNC","sourcesContent":["import {\n type GenerateKeyPairOptions,\n type GenerateKeyPairResult,\n type JWK,\n type JWTVerifyOptions,\n type KeyLike,\n SignJWT,\n errors,\n exportJWK,\n generateKeyPair,\n importJWK,\n importPKCS8,\n jwtVerify,\n} from 'jose'\nimport {\n Jwk,\n JwkError,\n JwtCreateError,\n JwtHeader,\n JwtPayload,\n JwtVerifyError,\n Key,\n SignedJwt,\n VerifyOptions,\n VerifyResult,\n isPrivateJwk,\n jwkSchema,\n jwtHeaderSchema,\n jwtPayloadSchema,\n} from '@atproto/jwk'\nimport { RequiredKey, either } from './util.js'\n\nconst { JOSEError } = errors\n\nexport {\n type GenerateKeyPairOptions,\n type GenerateKeyPairResult,\n type Jwk,\n type JwtHeader,\n type JwtPayload,\n type KeyLike,\n type SignedJwt,\n type VerifyOptions,\n}\n\nexport class JoseKey<J extends Jwk = Jwk> extends Key<J> {\n /**\n * Some runtimes (e.g. Bun) require an `alg` second argument to be set when\n * invoking `importJWK`. In order to be compatible with these runtimes, we\n * provide the following method to ensure the `alg` is always set. We also\n * take the opportunity to ensure that the `alg` is compatible with this key.\n */\n protected async getKeyObj(alg: string) {\n if (!this.algorithms.includes(alg)) {\n throw new JwkError(`Key cannot be used with algorithm \"${alg}\"`)\n }\n try {\n return await importJWK(this.jwk as JWK, alg)\n } catch (cause) {\n throw new JwkError('Failed to import JWK', undefined, { cause })\n }\n }\n\n async createJwt(header: JwtHeader, payload: JwtPayload): Promise<SignedJwt> {\n try {\n const { kid } = header\n if (kid && kid !== this.kid) {\n throw new JwtCreateError(\n `Invalid \"kid\" (${kid}) used to sign with key \"${this.kid}\"`,\n )\n }\n\n const { alg } = header\n if (!alg) {\n throw new JwtCreateError('Missing \"alg\" in JWT header')\n }\n\n const keyObj = await this.getKeyObj(alg)\n const jwtBuilder = new SignJWT(payload).setProtectedHeader({\n ...header,\n alg,\n kid: this.kid,\n })\n\n const signedJwt = await jwtBuilder.sign(keyObj)\n\n return signedJwt as SignedJwt\n } catch (cause) {\n if (cause instanceof JOSEError) {\n throw new JwtCreateError(cause.message, cause.code, { cause })\n } else {\n throw JwtCreateError.from(cause)\n }\n }\n }\n\n async verifyJwt<C extends string = never>(\n token: SignedJwt,\n options?: VerifyOptions<C>,\n ): Promise<VerifyResult<C>> {\n try {\n const result = await jwtVerify(\n token,\n async ({ alg }) => this.getKeyObj(alg),\n { ...options, algorithms: this.algorithms } as JWTVerifyOptions,\n )\n\n // @NOTE if all tokens are signed exclusively through createJwt(), then\n // there should be no need to parse the payload and headers here. But\n // since the JWT could have been signed with the same key from somewhere\n // else, let's parse it to ensure the integrity (and type safety) of the\n // data.\n const headerParsed = jwtHeaderSchema.safeParse(result.protectedHeader)\n if (!headerParsed.success) {\n throw new JwtVerifyError('Invalid JWT header', undefined, {\n cause: headerParsed.error,\n })\n }\n\n const payloadParsed = jwtPayloadSchema.safeParse(result.payload)\n if (!payloadParsed.success) {\n throw new JwtVerifyError('Invalid JWT payload', undefined, {\n cause: payloadParsed.error,\n })\n }\n\n return {\n protectedHeader: headerParsed.data,\n // \"requiredClaims\" enforced by jwtVerify()\n payload: payloadParsed.data as RequiredKey<JwtPayload, C>,\n }\n } catch (cause) {\n if (cause instanceof JOSEError) {\n throw new JwtVerifyError(cause.message, cause.code, { cause })\n } else {\n throw JwtVerifyError.from(cause)\n }\n }\n }\n\n static async generateKeyPair(\n allowedAlgos: readonly string[] = ['ES256'],\n options?: GenerateKeyPairOptions,\n ) {\n if (!allowedAlgos.length) {\n throw new JwkError('No algorithms provided for key generation')\n }\n\n const errors: unknown[] = []\n for (const alg of allowedAlgos) {\n try {\n return await generateKeyPair(alg, options)\n } catch (err) {\n errors.push(err)\n }\n }\n\n throw new JwkError('Failed to generate key pair', undefined, {\n cause: new AggregateError(errors, 'None of the algorithms worked'),\n })\n }\n\n static async generate(\n allowedAlgos: string[] = ['ES256'],\n kid?: string,\n options?: Omit<GenerateKeyPairOptions, 'extractable'>,\n ): Promise<JoseKey> {\n const kp = await this.generateKeyPair(allowedAlgos, {\n ...options,\n extractable: true,\n })\n return this.fromKeyLike(kp.privateKey, kid)\n }\n\n static async fromImportable(\n input: string | KeyLike | Jwk,\n kid?: string,\n ): Promise<JoseKey> {\n if (typeof input === 'string') {\n // PKCS8\n if (input.startsWith('-----')) {\n // The \"alg\" is only needed in WebCrypto (NodeJS will be fine)\n return this.fromPKCS8(input, '', kid)\n }\n\n // Jwk (string)\n if (input.startsWith('{')) {\n return this.fromJWK(input, kid)\n }\n\n throw new JwkError('Invalid input')\n }\n\n if (typeof input === 'object') {\n // Jwk\n if ('kty' in input || 'alg' in input) {\n return this.fromJWK(input, kid)\n }\n\n // KeyLike\n return this.fromKeyLike(input, kid)\n }\n\n throw new JwkError('Invalid input')\n }\n\n /**\n * @see {@link exportJWK}\n */\n static async fromKeyLike(\n keyLike: KeyLike | Uint8Array,\n kid?: string,\n alg?: string,\n ): Promise<JoseKey> {\n const jwk = await exportJWK(keyLike)\n if (alg) {\n if (!jwk.alg) jwk.alg = alg\n else if (jwk.alg !== alg) throw new JwkError('Invalid \"alg\" in JWK')\n }\n return this.fromJWK(jwk, kid)\n }\n\n /**\n * @see {@link importPKCS8}\n */\n static async fromPKCS8(\n pem: string,\n alg: string,\n kid?: string,\n ): Promise<JoseKey> {\n const keyLike = await importPKCS8(pem, alg, { extractable: true })\n return this.fromKeyLike(keyLike, kid)\n }\n\n static async fromJWK(\n input: string | Record<string, unknown>,\n inputKid?: string,\n ): Promise<JoseKey> {\n const jwk = typeof input === 'string' ? JSON.parse(input) : input\n if (!jwk || typeof jwk !== 'object') throw new JwkError('Invalid JWK')\n\n const kid = either(jwk.kid, inputKid)\n\n // Backwards compatibility with old behavior\n if (jwk.use != null && isPrivateJwk(jwk)) {\n console.warn(\n 'Deprecation warning: Private JWK with a \"use\" property will be rejected in the future. Please remove replace \"use\" with (valid) \"key_ops\".',\n )\n jwk.key_ops ??= jwk.use === 'sig' ? ['sign'] : ['encrypt']\n delete jwk.use\n }\n\n return new JoseKey<Jwk>(jwkSchema.parse({ ...jwk, kid }))\n }\n}\n"]}
package/dist/util.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":";;AAWA,wBAQC;AARD,SAAgB,MAAM,CACpB,CAAK,EACL,CAAK;IAEL,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QACtC,MAAM,IAAI,SAAS,CAAC,aAAa,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;IACpD,CAAC;IACD,OAAO,CAAC,IAAI,CAAC,IAAI,SAAS,CAAA;AAC5B,CAAC"}
1
+ {"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":";;AAWA,wBAQC;AARD,SAAgB,MAAM,CACpB,CAAK,EACL,CAAK;IAEL,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QACtC,MAAM,IAAI,SAAS,CAAC,aAAa,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;IACpD,CAAC;IACD,OAAO,CAAC,IAAI,CAAC,IAAI,SAAS,CAAA;AAC5B,CAAC","sourcesContent":["// eslint-disable-next-line @typescript-eslint/ban-types\nexport type Simplify<T> = { [K in keyof T]: T[K] } & {}\n\nexport type RequiredKey<T, K extends keyof T = never> = Simplify<\n T & {\n [L in K]-?: unknown extends T[L]\n ? NonNullable<unknown> | null\n : Exclude<T[L], undefined>\n }\n>\n\nexport function either<T extends string | number | boolean>(\n a?: T,\n b?: T,\n): T | undefined {\n if (a != null && b != null && a !== b) {\n throw new TypeError(`Expected \"${b}\", got \"${a}\"`)\n }\n return a ?? b ?? undefined\n}\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@atproto/jwk-jose",
3
- "version": "0.1.9",
3
+ "version": "0.1.11",
4
4
  "license": "MIT",
5
5
  "description": "`jose` based implementation of @atproto/jwk Key's",
6
6
  "keywords": [
@@ -25,12 +25,12 @@
25
25
  },
26
26
  "dependencies": {
27
27
  "jose": "^5.2.0",
28
- "@atproto/jwk": "0.4.0"
28
+ "@atproto/jwk": "0.6.0"
29
29
  },
30
30
  "devDependencies": {
31
31
  "typescript": "^5.6.3"
32
32
  },
33
33
  "scripts": {
34
- "build": "tsc --build tsconfig.json"
34
+ "build": "tsc --build tsconfig.build.json"
35
35
  }
36
36
  }
package/src/jose-key.ts CHANGED
@@ -23,7 +23,8 @@ import {
23
23
  SignedJwt,
24
24
  VerifyOptions,
25
25
  VerifyResult,
26
- jwkValidator,
26
+ isPrivateJwk,
27
+ jwkSchema,
27
28
  jwtHeaderSchema,
28
29
  jwtPayloadSchema,
29
30
  } from '@atproto/jwk'
@@ -163,12 +164,12 @@ export class JoseKey<J extends Jwk = Jwk> extends Key<J> {
163
164
  allowedAlgos: string[] = ['ES256'],
164
165
  kid?: string,
165
166
  options?: Omit<GenerateKeyPairOptions, 'extractable'>,
166
- ) {
167
+ ): Promise<JoseKey> {
167
168
  const kp = await this.generateKeyPair(allowedAlgos, {
168
169
  ...options,
169
170
  extractable: true,
170
171
  })
171
- return this.fromImportable(kp.privateKey, kid)
172
+ return this.fromKeyLike(kp.privateKey, kid)
172
173
  }
173
174
 
174
175
  static async fromImportable(
@@ -239,8 +240,16 @@ export class JoseKey<J extends Jwk = Jwk> extends Key<J> {
239
240
  if (!jwk || typeof jwk !== 'object') throw new JwkError('Invalid JWK')
240
241
 
241
242
  const kid = either(jwk.kid, inputKid)
242
- const use = jwk.use || 'sig'
243
243
 
244
- return new JoseKey(jwkValidator.parse({ ...jwk, kid, use }))
244
+ // Backwards compatibility with old behavior
245
+ if (jwk.use != null && isPrivateJwk(jwk)) {
246
+ console.warn(
247
+ 'Deprecation warning: Private JWK with a "use" property will be rejected in the future. Please remove replace "use" with (valid) "key_ops".',
248
+ )
249
+ jwk.key_ops ??= jwk.use === 'sig' ? ['sign'] : ['encrypt']
250
+ delete jwk.use
251
+ }
252
+
253
+ return new JoseKey<Jwk>(jwkSchema.parse({ ...jwk, kid }))
245
254
  }
246
255
  }