@atproto/jwk 0.5.0 → 0.7.0-next.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +30 -0
- package/LICENSE.txt +1 -1
- package/dist/alg.d.ts +2 -2
- package/dist/alg.d.ts.map +1 -1
- package/dist/alg.js +19 -16
- package/dist/alg.js.map +1 -1
- package/dist/errors.js +15 -36
- package/dist/errors.js.map +1 -1
- package/dist/index.js +10 -28
- package/dist/index.js.map +1 -1
- package/dist/jwk.d.ts +3725 -1143
- package/dist/jwk.d.ts.map +1 -1
- package/dist/jwk.js +178 -96
- package/dist/jwk.js.map +1 -1
- package/dist/jwks.d.ts +212 -1523
- package/dist/jwks.d.ts.map +1 -1
- package/dist/jwks.js +25 -11
- package/dist/jwks.js.map +1 -1
- package/dist/jwt-decode.js +8 -11
- package/dist/jwt-decode.js.map +1 -1
- package/dist/jwt-verify.js +1 -2
- package/dist/jwt-verify.js.map +1 -1
- package/dist/jwt.d.ts +3937 -1186
- package/dist/jwt.d.ts.map +1 -1
- package/dist/jwt.js +97 -102
- package/dist/jwt.js.map +1 -1
- package/dist/key.d.ts +22 -9
- package/dist/key.d.ts.map +1 -1
- package/dist/key.js +159 -88
- package/dist/key.js.map +1 -1
- package/dist/keyset.d.ts +382 -15
- package/dist/keyset.d.ts.map +1 -1
- package/dist/keyset.js +153 -183
- package/dist/keyset.js.map +1 -1
- package/dist/util.d.ts +1 -6
- package/dist/util.d.ts.map +1 -1
- package/dist/util.js +21 -26
- package/dist/util.js.map +1 -1
- package/package.json +8 -7
- package/src/alg.ts +22 -10
- package/src/jwk.ts +163 -51
- package/src/jwks.ts +23 -6
- package/src/key.ts +137 -27
- package/src/keyset.ts +60 -60
- package/src/util.ts +8 -19
- package/tsconfig.build.tsbuildinfo +1 -1
package/dist/jwks.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwks.d.ts","sourceRoot":"","sources":["../src/jwks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAGvB;;;GAGG;AACH,eAAO,MAAM,UAAU
|
|
1
|
+
{"version":3,"file":"jwks.d.ts","sourceRoot":"","sources":["../src/jwks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAGvB;;;GAGG;AACH,eAAO,MAAM,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAWrB,CAAA;AAEF,MAAM,MAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,UAAU,CAAC,CAAA;AAE9C;;GAEG;AACH,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAWxB,CAAA;AAEF,MAAM,MAAM,OAAO,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,aAAa,CAAC,CAAA"}
|
package/dist/jwks.js
CHANGED
|
@@ -1,20 +1,34 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
exports.jwksPubSchema = exports.jwksSchema = void 0;
|
|
4
|
-
const zod_1 = require("zod");
|
|
5
|
-
const jwk_js_1 = require("./jwk.js");
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
import { jwkPubSchema, jwkSchema } from './jwk.js';
|
|
6
3
|
/**
|
|
7
4
|
* JSON Web Key Set schema. The keys set, in this context, represents a
|
|
8
5
|
* collection of JSON Web Keys (JWKs), that can be both public and private.
|
|
9
6
|
*/
|
|
10
|
-
|
|
11
|
-
keys:
|
|
7
|
+
export const jwksSchema = z.object({
|
|
8
|
+
keys: z.array(z.unknown()).transform((input) => {
|
|
9
|
+
// > Implementations SHOULD ignore JWKs within a JWK Set that use "kty"
|
|
10
|
+
// > (key type) values that are not understood by them, that are missing
|
|
11
|
+
// > required members, or for which values are out of the supported
|
|
12
|
+
// > ranges.
|
|
13
|
+
return input
|
|
14
|
+
.map((item) => jwkSchema.safeParse(item))
|
|
15
|
+
.filter((res) => res.success)
|
|
16
|
+
.map((res) => res.data);
|
|
17
|
+
}),
|
|
12
18
|
});
|
|
13
19
|
/**
|
|
14
|
-
* Public JSON Web Key Set schema.
|
|
15
|
-
* and `use` or `key_ops` defined.
|
|
20
|
+
* Public JSON Web Key Set schema.
|
|
16
21
|
*/
|
|
17
|
-
|
|
18
|
-
keys:
|
|
22
|
+
export const jwksPubSchema = z.object({
|
|
23
|
+
keys: z.array(z.unknown()).transform((input) => {
|
|
24
|
+
// > Implementations SHOULD ignore JWKs within a JWK Set that use "kty"
|
|
25
|
+
// > (key type) values that are not understood by them, that are missing
|
|
26
|
+
// > required members, or for which values are out of the supported
|
|
27
|
+
// > ranges.
|
|
28
|
+
return input
|
|
29
|
+
.map((item) => jwkPubSchema.safeParse(item))
|
|
30
|
+
.filter((res) => res.success)
|
|
31
|
+
.map((res) => res.data);
|
|
32
|
+
}),
|
|
19
33
|
});
|
|
20
34
|
//# sourceMappingURL=jwks.js.map
|
package/dist/jwks.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwks.js","sourceRoot":"","sources":["../src/jwks.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"jwks.js","sourceRoot":"","sources":["../src/jwks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AACvB,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AAElD;;;GAGG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;IACjC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE;QAC7C,uEAAuE;QACvE,wEAAwE;QACxE,mEAAmE;QACnE,YAAY;QACZ,OAAO,KAAK;aACT,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;aACxC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC;aAC5B,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IAC3B,CAAC,CAAC;CACH,CAAC,CAAA;AAIF;;GAEG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,CAAC,MAAM,CAAC;IACpC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE;QAC7C,uEAAuE;QACvE,wEAAwE;QACxE,mEAAmE;QACnE,YAAY;QACZ,OAAO,KAAK;aACT,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,YAAY,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;aAC3C,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC;aAC5B,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IAC3B,CAAC,CAAC;CACH,CAAC,CAAA","sourcesContent":["import { z } from 'zod'\nimport { jwkPubSchema, jwkSchema } from './jwk.js'\n\n/**\n * JSON Web Key Set schema. The keys set, in this context, represents a\n * collection of JSON Web Keys (JWKs), that can be both public and private.\n */\nexport const jwksSchema = z.object({\n keys: z.array(z.unknown()).transform((input) => {\n // > Implementations SHOULD ignore JWKs within a JWK Set that use \"kty\"\n // > (key type) values that are not understood by them, that are missing\n // > required members, or for which values are out of the supported\n // > ranges.\n return input\n .map((item) => jwkSchema.safeParse(item))\n .filter((res) => res.success)\n .map((res) => res.data)\n }),\n})\n\nexport type Jwks = z.output<typeof jwksSchema>\n\n/**\n * Public JSON Web Key Set schema.\n */\nexport const jwksPubSchema = z.object({\n keys: z.array(z.unknown()).transform((input) => {\n // > Implementations SHOULD ignore JWKs within a JWK Set that use \"kty\"\n // > (key type) values that are not understood by them, that are missing\n // > required members, or for which values are out of the supported\n // > ranges.\n return input\n .map((item) => jwkPubSchema.safeParse(item))\n .filter((res) => res.success)\n .map((res) => res.data)\n }),\n})\n\nexport type JwksPub = z.output<typeof jwksPubSchema>\n"]}
|
package/dist/jwt-decode.js
CHANGED
|
@@ -1,19 +1,16 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
const jwt_js_1 = require("./jwt.js");
|
|
6
|
-
const util_js_1 = require("./util.js");
|
|
7
|
-
function unsafeDecodeJwt(jwt) {
|
|
1
|
+
import { ERR_JWT_INVALID, JwtVerifyError } from './errors.js';
|
|
2
|
+
import { jwtHeaderSchema, jwtPayloadSchema, } from './jwt.js';
|
|
3
|
+
import { parseB64uJson } from './util.js';
|
|
4
|
+
export function unsafeDecodeJwt(jwt) {
|
|
8
5
|
const { 0: headerEnc, 1: payloadEnc, length } = jwt.split('.');
|
|
9
6
|
if (length > 3 || length < 2) {
|
|
10
|
-
throw new
|
|
7
|
+
throw new JwtVerifyError(undefined, ERR_JWT_INVALID);
|
|
11
8
|
}
|
|
12
|
-
const header =
|
|
9
|
+
const header = jwtHeaderSchema.parse(parseB64uJson(headerEnc));
|
|
13
10
|
if (length === 2 && header?.alg !== 'none') {
|
|
14
|
-
throw new
|
|
11
|
+
throw new JwtVerifyError(undefined, ERR_JWT_INVALID);
|
|
15
12
|
}
|
|
16
|
-
const payload =
|
|
13
|
+
const payload = jwtPayloadSchema.parse(parseB64uJson(payloadEnc));
|
|
17
14
|
return { header, payload };
|
|
18
15
|
}
|
|
19
16
|
//# sourceMappingURL=jwt-decode.js.map
|
package/dist/jwt-decode.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-decode.js","sourceRoot":"","sources":["../src/jwt-decode.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"jwt-decode.js","sourceRoot":"","sources":["../src/jwt-decode.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAC7D,OAAO,EAGL,eAAe,EACf,gBAAgB,GACjB,MAAM,UAAU,CAAA;AACjB,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAA;AAEzC,MAAM,UAAU,eAAe,CAAC,GAAW;IAIzC,MAAM,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC9D,IAAI,MAAM,GAAG,CAAC,IAAI,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,cAAc,CAAC,SAAS,EAAE,eAAe,CAAC,CAAA;IACtD,CAAC;IAED,MAAM,MAAM,GAAG,eAAe,CAAC,KAAK,CAAC,aAAa,CAAC,SAAU,CAAC,CAAC,CAAA;IAC/D,IAAI,MAAM,KAAK,CAAC,IAAI,MAAM,EAAE,GAAG,KAAK,MAAM,EAAE,CAAC;QAC3C,MAAM,IAAI,cAAc,CAAC,SAAS,EAAE,eAAe,CAAC,CAAA;IACtD,CAAC;IAED,MAAM,OAAO,GAAG,gBAAgB,CAAC,KAAK,CAAC,aAAa,CAAC,UAAW,CAAC,CAAC,CAAA;IAElE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,CAAA;AAC5B,CAAC","sourcesContent":["import { ERR_JWT_INVALID, JwtVerifyError } from './errors.js'\nimport {\n JwtHeader,\n JwtPayload,\n jwtHeaderSchema,\n jwtPayloadSchema,\n} from './jwt.js'\nimport { parseB64uJson } from './util.js'\n\nexport function unsafeDecodeJwt(jwt: string): {\n header: JwtHeader\n payload: JwtPayload\n} {\n const { 0: headerEnc, 1: payloadEnc, length } = jwt.split('.')\n if (length > 3 || length < 2) {\n throw new JwtVerifyError(undefined, ERR_JWT_INVALID)\n }\n\n const header = jwtHeaderSchema.parse(parseB64uJson(headerEnc!))\n if (length === 2 && header?.alg !== 'none') {\n throw new JwtVerifyError(undefined, ERR_JWT_INVALID)\n }\n\n const payload = jwtPayloadSchema.parse(parseB64uJson(payloadEnc!))\n\n return { header, payload }\n}\n"]}
|
package/dist/jwt-verify.js
CHANGED
package/dist/jwt-verify.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-verify.js","sourceRoot":"","sources":["../src/jwt-verify.ts"],"names":[],"mappings":""}
|
|
1
|
+
{"version":3,"file":"jwt-verify.js","sourceRoot":"","sources":["../src/jwt-verify.ts"],"names":[],"mappings":"","sourcesContent":["import { JwtHeader, JwtPayload } from './jwt.js'\nimport { RequiredKey } from './util.js'\n\nexport type VerifyOptions<C extends string = never> = {\n audience?: string | readonly string[]\n /** in seconds */\n clockTolerance?: number\n issuer?: string | readonly string[]\n /** in seconds */\n maxTokenAge?: number\n subject?: string\n typ?: string\n currentDate?: Date\n requiredClaims?: readonly C[]\n}\n\nexport type VerifyResult<C extends string = never> = {\n payload: RequiredKey<JwtPayload, C>\n protectedHeader: JwtHeader\n}\n"]}
|