@atproto/oauth-client 0.1.4 → 0.1.5
Sign up to get free protection for your applications and to get access to all the features.
- package/CHANGELOG.md +15 -0
- package/dist/fetch-dpop.js +3 -2
- package/dist/fetch-dpop.js.map +1 -1
- package/dist/oauth-client.d.ts +0 -6
- package/dist/oauth-client.d.ts.map +1 -1
- package/dist/oauth-resolver.d.ts +0 -6
- package/dist/oauth-resolver.d.ts.map +1 -1
- package/dist/oauth-server-agent.d.ts.map +1 -1
- package/dist/oauth-server-agent.js +3 -7
- package/dist/oauth-server-agent.js.map +1 -1
- package/dist/types.d.ts +0 -18
- package/dist/types.d.ts.map +1 -1
- package/dist/validate-client-metadata.d.ts.map +1 -1
- package/dist/validate-client-metadata.js +21 -28
- package/dist/validate-client-metadata.js.map +1 -1
- package/package.json +2 -2
- package/src/fetch-dpop.ts +1 -1
- package/src/oauth-server-agent.ts +2 -9
- package/src/validate-client-metadata.ts +28 -37
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,20 @@
|
|
|
1
1
|
# @atproto/oauth-client
|
|
2
2
|
|
|
3
|
+
## 0.1.5
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- [#2729](https://github.com/bluesky-social/atproto/pull/2729) [`35a126429`](https://github.com/bluesky-social/atproto/commit/35a1264297bc22acaa6e5ed3f4aed8c351be8bbb) Thanks [@matthieusieben](https://github.com/matthieusieben)! - The non-standard `introspection_endpoint_auth_method`, and `introspection_endpoint_auth_signing_alg` client metadata properties were removed. The client's `token_endpoint_auth_method`, and `token_endpoint_auth_signing_alg` properties are now used as the only indication of how a client must authenticate at the introspection endpoint.
|
|
8
|
+
|
|
9
|
+
- [#2729](https://github.com/bluesky-social/atproto/pull/2729) [`35a126429`](https://github.com/bluesky-social/atproto/commit/35a1264297bc22acaa6e5ed3f4aed8c351be8bbb) Thanks [@matthieusieben](https://github.com/matthieusieben)! - The non-standard `revocation_endpoint_auth_method`, and `revocation_endpoint_auth_signing_alg` client metadata properties were removed. The client's `token_endpoint_auth_method`, and `token_endpoint_auth_signing_alg` properties are now used as the only indication of how a client must authenticate at the revocation endpoint.
|
|
10
|
+
|
|
11
|
+
- [#2727](https://github.com/bluesky-social/atproto/pull/2727) [`3ebcd4e61`](https://github.com/bluesky-social/atproto/commit/3ebcd4e6161291d3649d7f8a9c5ee4ac26d590a2) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Remove "exp" from dpop proof
|
|
12
|
+
|
|
13
|
+
- [#2729](https://github.com/bluesky-social/atproto/pull/2729) [`35a126429`](https://github.com/bluesky-social/atproto/commit/35a1264297bc22acaa6e5ed3f4aed8c351be8bbb) Thanks [@matthieusieben](https://github.com/matthieusieben)! - The non-standard `pushed_authorization_request_endpoint_auth_method`, and `pushed_authorization_request_endpoint_auth_signing_alg` client metadata properties were removed. The client's `token_endpoint_auth_method`, and `token_endpoint_auth_signing_alg` properties are now used as the only indication of how a client must authenticate at the introspection endpoint.
|
|
14
|
+
|
|
15
|
+
- Updated dependencies [[`35a126429`](https://github.com/bluesky-social/atproto/commit/35a1264297bc22acaa6e5ed3f4aed8c351be8bbb)]:
|
|
16
|
+
- @atproto/oauth-types@0.1.3
|
|
17
|
+
|
|
3
18
|
## 0.1.4
|
|
4
19
|
|
|
5
20
|
### Patch Changes
|
package/dist/fetch-dpop.js
CHANGED
|
@@ -81,14 +81,15 @@ async function buildProof(key, alg, iss, htm, htu, nonce, ath) {
|
|
|
81
81
|
throw new Error('Only asymmetric keys can be used as DPoP proofs');
|
|
82
82
|
}
|
|
83
83
|
const now = Math.floor(Date.now() / 1e3);
|
|
84
|
-
return key.createJwt(
|
|
84
|
+
return key.createJwt(
|
|
85
|
+
// https://datatracker.ietf.org/doc/html/rfc9449#section-4.2
|
|
86
|
+
{
|
|
85
87
|
alg,
|
|
86
88
|
typ: 'dpop+jwt',
|
|
87
89
|
jwk: key.bareJwk,
|
|
88
90
|
}, {
|
|
89
91
|
iss,
|
|
90
92
|
iat: now,
|
|
91
|
-
exp: now + 10,
|
|
92
93
|
// Any collision will cause the request to be rejected by the server. no biggie.
|
|
93
94
|
jti: Math.random().toString(36).slice(2),
|
|
94
95
|
htm,
|
package/dist/fetch-dpop.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"fetch-dpop.js","sourceRoot":"","sources":["../src/fetch-dpop.ts"],"names":[],"mappings":";;;AAAA,+CAA+E;AAG/E,sDAAqD;AAErD,uEAAuE;AACvE,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,EAAE,MAAkC,CAAA;AAEpE,MAAM,cAAc,GAAG,UAAU,CAAC,cAErB,CAAA;AAoBb,SAAgB,gBAAgB,CAAmB,EACjD,GAAG,EACH,GAAG,EACH,aAAa,EACb,MAAM,EACN,MAAM,GAAG,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,EACjE,YAAY,EACZ,KAAK,GAAG,UAAU,CAAC,KAAK,GACG;IAC3B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,SAAS,CACjB,uFAAuF,CACxF,CAAA;IACH,CAAC;IAED,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,EAAE,aAAa,CAAC,CAAA;IAE5C,OAAO,KAAK,WAAoB,KAAK,EAAE,IAAI;QACzC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAClC,MAAM,IAAI,SAAS,CAAC,sCAAsC,GAAG,EAAE,CAAC,CAAA;QAClE,CAAC;QAED,MAAM,OAAO,GACX,IAAI,IAAI,IAAI,IAAI,KAAK,YAAY,OAAO;YACtC,CAAC,CAAC,KAAK;YACP,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QAE9B,MAAM,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAA;QAChE,MAAM,GAAG,GAAG,mBAAmB,EAAE,UAAU,CAAC,OAAO,CAAC;YAClD,CAAC,CAAC,MAAM,MAAM,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC5C,CAAC,CAAC,SAAS,CAAA;QAEb,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAA;QAC/B,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAA;QAE/B,IAAI,SAA6B,CAAA;QACjC,IAAI,CAAC;YACH,SAAS,GAAG,MAAM,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QACtC,CAAC;QAAC,MAAM,CAAC;YACP,mDAAmD;QACrD,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,UAAU,CAChC,GAAG,EACH,GAAG,EACH,GAAG,EACH,MAAM,EACN,GAAG,EACH,SAAS,EACT,GAAG,CACJ,CAAA;QACD,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;QAEtC,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAEpD,0EAA0E;QAC1E,iEAAiE;QAEjE,MAAM,SAAS,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;QACxD,IAAI,CAAC,SAAS,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC1C,yEAAyE;YACzE,gDAAgD;YAChD,OAAO,YAAY,CAAA;QACrB,CAAC;QAED,4CAA4C;QAC5C,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;QACrC,CAAC;QAAC,MAAM,CAAC;YACP,oBAAoB;QACtB,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,mBAAmB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;QACzE,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,6DAA6D;YAC7D,OAAO,YAAY,CAAA;QACrB,CAAC;QAED,2EAA2E;QAC3E,wEAAwE;QACxE,2EAA2E;QAC3E,6EAA6E;QAE7E,IAAI,KAAK,KAAK,OAAO,EAAE,CAAC;YACtB,oEAAoE;YACpE,OAAO,YAAY,CAAA;QACrB,CAAC;QAED,IAAI,cAAc,IAAI,IAAI,EAAE,IAAI,YAAY,cAAc,EAAE,CAAC;YAC3D,2DAA2D;YAC3D,OAAO,YAAY,CAAA;QACrB,CAAC;QAED,sDAAsD;QAEtD,qEAAqE;QACrE,MAAM,IAAA,kBAAU,EAAC,YAAY,EAAE,KAAK,CAAC,CAAA;QAErC,MAAM,SAAS,GAAG,MAAM,UAAU,CAChC,GAAG,EACH,GAAG,EACH,GAAG,EACH,MAAM,EACN,GAAG,EACH,SAAS,EACT,GAAG,CACJ,CAAA;QACD,MAAM,WAAW,GAAG,IAAI,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QAC5C,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;QAE1C,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,WAAW,CAAC,CAAA;IACtC,CAAC,CAAA;AACH,CAAC;AAhHD,4CAgHC;AAED,KAAK,UAAU,UAAU,CACvB,GAAQ,EACR,GAAW,EACX,GAAW,EACX,GAAW,EACX,GAAW,EACX,KAAc,EACd,GAAY;IAEZ,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAA;IACpE,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAA;IAExC,OAAO,GAAG,CAAC,SAAS,
|
|
1
|
+
{"version":3,"file":"fetch-dpop.js","sourceRoot":"","sources":["../src/fetch-dpop.ts"],"names":[],"mappings":";;;AAAA,+CAA+E;AAG/E,sDAAqD;AAErD,uEAAuE;AACvE,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,EAAE,MAAkC,CAAA;AAEpE,MAAM,cAAc,GAAG,UAAU,CAAC,cAErB,CAAA;AAoBb,SAAgB,gBAAgB,CAAmB,EACjD,GAAG,EACH,GAAG,EACH,aAAa,EACb,MAAM,EACN,MAAM,GAAG,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,EACjE,YAAY,EACZ,KAAK,GAAG,UAAU,CAAC,KAAK,GACG;IAC3B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,SAAS,CACjB,uFAAuF,CACxF,CAAA;IACH,CAAC;IAED,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,EAAE,aAAa,CAAC,CAAA;IAE5C,OAAO,KAAK,WAAoB,KAAK,EAAE,IAAI;QACzC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAClC,MAAM,IAAI,SAAS,CAAC,sCAAsC,GAAG,EAAE,CAAC,CAAA;QAClE,CAAC;QAED,MAAM,OAAO,GACX,IAAI,IAAI,IAAI,IAAI,KAAK,YAAY,OAAO;YACtC,CAAC,CAAC,KAAK;YACP,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QAE9B,MAAM,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAA;QAChE,MAAM,GAAG,GAAG,mBAAmB,EAAE,UAAU,CAAC,OAAO,CAAC;YAClD,CAAC,CAAC,MAAM,MAAM,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC5C,CAAC,CAAC,SAAS,CAAA;QAEb,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAA;QAC/B,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAA;QAE/B,IAAI,SAA6B,CAAA;QACjC,IAAI,CAAC;YACH,SAAS,GAAG,MAAM,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QACtC,CAAC;QAAC,MAAM,CAAC;YACP,mDAAmD;QACrD,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,UAAU,CAChC,GAAG,EACH,GAAG,EACH,GAAG,EACH,MAAM,EACN,GAAG,EACH,SAAS,EACT,GAAG,CACJ,CAAA;QACD,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;QAEtC,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAEpD,0EAA0E;QAC1E,iEAAiE;QAEjE,MAAM,SAAS,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;QACxD,IAAI,CAAC,SAAS,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC1C,yEAAyE;YACzE,gDAAgD;YAChD,OAAO,YAAY,CAAA;QACrB,CAAC;QAED,4CAA4C;QAC5C,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;QACrC,CAAC;QAAC,MAAM,CAAC;YACP,oBAAoB;QACtB,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,mBAAmB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;QACzE,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,6DAA6D;YAC7D,OAAO,YAAY,CAAA;QACrB,CAAC;QAED,2EAA2E;QAC3E,wEAAwE;QACxE,2EAA2E;QAC3E,6EAA6E;QAE7E,IAAI,KAAK,KAAK,OAAO,EAAE,CAAC;YACtB,oEAAoE;YACpE,OAAO,YAAY,CAAA;QACrB,CAAC;QAED,IAAI,cAAc,IAAI,IAAI,EAAE,IAAI,YAAY,cAAc,EAAE,CAAC;YAC3D,2DAA2D;YAC3D,OAAO,YAAY,CAAA;QACrB,CAAC;QAED,sDAAsD;QAEtD,qEAAqE;QACrE,MAAM,IAAA,kBAAU,EAAC,YAAY,EAAE,KAAK,CAAC,CAAA;QAErC,MAAM,SAAS,GAAG,MAAM,UAAU,CAChC,GAAG,EACH,GAAG,EACH,GAAG,EACH,MAAM,EACN,GAAG,EACH,SAAS,EACT,GAAG,CACJ,CAAA;QACD,MAAM,WAAW,GAAG,IAAI,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QAC5C,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;QAE1C,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,WAAW,CAAC,CAAA;IACtC,CAAC,CAAA;AACH,CAAC;AAhHD,4CAgHC;AAED,KAAK,UAAU,UAAU,CACvB,GAAQ,EACR,GAAW,EACX,GAAW,EACX,GAAW,EACX,GAAW,EACX,KAAc,EACd,GAAY;IAEZ,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAA;IACpE,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,CAAA;IAExC,OAAO,GAAG,CAAC,SAAS;IAClB,4DAA4D;IAC5D;QACE,GAAG;QACH,GAAG,EAAE,UAAU;QACf,GAAG,EAAE,GAAG,CAAC,OAAO;KACjB,EACD;QACE,GAAG;QACH,GAAG,EAAE,GAAG;QACR,gFAAgF;QAChF,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;QACxC,GAAG;QACH,GAAG;QACH,KAAK;QACL,GAAG;KACJ,CACF,CAAA;AACH,CAAC;AAED,KAAK,UAAU,mBAAmB,CAChC,QAAkB,EAClB,YAAsB;IAEtB,0DAA0D;IAC1D,iFAAiF;IACjF,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,KAAK,EAAE,CAAC;QACzD,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;YACxD,IAAI,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBAChC,OAAO,OAAO,CAAC,QAAQ,CAAC,wBAAwB,CAAC,CAAA;YACnD,CAAC;QACH,CAAC;IACH,CAAC;IAED,iFAAiF;IACjF,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,IAAI,EAAE,CAAC;QACxD,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,IAAA,gBAAQ,EAAC,QAAQ,EAAE,EAAE,GAAG,IAAI,CAAC,CAAA;gBAChD,OAAO,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,EAAE,CAAC,OAAO,CAAC,KAAK,gBAAgB,CAAA;YACzE,CAAC;YAAC,MAAM,CAAC;gBACP,kEAAkE;gBAClE,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED,SAAS,YAAY,CAAC,GAAQ,EAAE,aAAmC;IACjE,IAAI,aAAa,EAAE,CAAC;QAClB,2CAA2C;QAC3C,MAAM,GAAG,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAA;QACjE,IAAI,GAAG;YAAE,OAAO,GAAG,CAAA;IACrB,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,UAAU,CAAA;QAC5B,IAAI,GAAG;YAAE,OAAO,GAAG,CAAA;IACrB,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAA;AACvE,CAAC;AAED,KAAK,UAAU,YAAY,CAAC,KAAa;IACvC,IAAI,MAAM,IAAI,IAAI,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CACb,uFAAuF,CACxF,CAAA;IACH,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IAC7C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAA;IACpD,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAA;IAC1C,OAAO,kBAAS,CAAC,UAAU,CAAC,WAAW,CAAC,CAAA;AAC1C,CAAC"}
|
package/dist/oauth-client.d.ts
CHANGED
|
@@ -47,12 +47,6 @@ export declare class OAuthClient extends CustomEventTarget<OAuthClientEventMap>
|
|
|
47
47
|
scope?: string | undefined;
|
|
48
48
|
token_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
49
49
|
token_endpoint_auth_signing_alg?: string | undefined;
|
|
50
|
-
introspection_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
51
|
-
introspection_endpoint_auth_signing_alg?: string | undefined;
|
|
52
|
-
revocation_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
53
|
-
revocation_endpoint_auth_signing_alg?: string | undefined;
|
|
54
|
-
pushed_authorization_request_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
55
|
-
pushed_authorization_request_endpoint_auth_signing_alg?: string | undefined;
|
|
56
50
|
userinfo_signed_response_alg?: string | undefined;
|
|
57
51
|
userinfo_encrypted_response_alg?: string | undefined;
|
|
58
52
|
jwks_uri?: string | undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-client.d.ts","sourceRoot":"","sources":["../src/oauth-client.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,QAAQ,EAGT,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EAGL,WAAW,EACX,cAAc,EACf,MAAM,+BAA+B,CAAA;AACtC,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAA;AAElE,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AAC1C,OAAO,EACL,yBAAyB,EACzB,mBAAmB,EACnB,wBAAwB,EAExB,iBAAiB,EAClB,MAAM,sBAAsB,CAAA;AAK7B,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAA;AACpD,OAAO,EACL,gCAAgC,EAEjC,MAAM,mDAAmD,CAAA;AAE1D,OAAO,EAEL,8BAA8B,EAC/B,MAAM,iDAAiD,CAAA;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACnD,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAA;AAC1E,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAA;AAC9D,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAA;AACnE,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AACtC,OAAO,EACL,eAAe,EACf,aAAa,EACb,YAAY,EACb,MAAM,qBAAqB,CAAA;AAC5B,OAAO,EAAE,iBAAiB,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAChE,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,YAAY,CAAA;AAC7D,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAA;AAI7C,YAAY,EACV,gCAAgC,EAChC,QAAQ,EACR,cAAc,EACd,KAAK,EACL,WAAW,EACX,cAAc,EACd,iBAAiB,EACjB,GAAG,EACH,MAAM,EACN,mBAAmB,EACnB,wBAAwB,EACxB,iBAAiB,EACjB,8BAA8B,EAC9B,qBAAqB,EACrB,YAAY,EACZ,UAAU,GACX,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAE/B,YAAY,EAAE,iBAAiB,CAAA;IAC/B,cAAc,EAAE,QAAQ,CAAC,wBAAwB,CAAC,CAAA;IAClD,MAAM,CAAC,EAAE,MAAM,GAAG,QAAQ,CAAC,GAAG,GAAG,SAAS,GAAG,IAAI,GAAG,KAAK,CAAC,CAAA;IAG1D,UAAU,EAAE,UAAU,CAAA;IACtB,YAAY,EAAE,YAAY,CAAA;IAC1B,QAAQ,CAAC,EAAE,QAAQ,CAAA;IACnB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,gCAAgC,CAAC,EAAE,gCAAgC,CAAA;IACnE,8BAA8B,CAAC,EAAE,8BAA8B,CAAA;IAC/D,cAAc,CAAC,EAAE,cAAc,CAAA;IAG/B,cAAc,EAAE,cAAc,GAAG,GAAG,GAAG,MAAM,CAAA;IAC7C,eAAe,CAAC,EAAE,GAAG,GAAG,MAAM,CAAA;IAC9B,qBAAqB,EAAE,qBAAqB,CAAA;IAC5C,KAAK,CAAC,EAAE,KAAK,CAAA;CACd,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG,eAAe,CAAA;AAEjD,MAAM,MAAM,+BAA+B,GAAG;IAC5C,QAAQ,EAAE,yBAAyB,CAAA;IACnC,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,MAAM,CAAC,EAAE,WAAW,CAAA;CACrB,CAAA;AAED,qBAAa,WAAY,SAAQ,iBAAiB,CAAC,mBAAmB,CAAC;WACxD,aAAa,CAAC,EACzB,QAAQ,EACR,KAAwB,EACxB,MAAM,GACP,EAAE,+BAA+B
|
|
1
|
+
{"version":3,"file":"oauth-client.d.ts","sourceRoot":"","sources":["../src/oauth-client.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,QAAQ,EAGT,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EAGL,WAAW,EACX,cAAc,EACf,MAAM,+BAA+B,CAAA;AACtC,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAA;AAElE,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AAC1C,OAAO,EACL,yBAAyB,EACzB,mBAAmB,EACnB,wBAAwB,EAExB,iBAAiB,EAClB,MAAM,sBAAsB,CAAA;AAK7B,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAA;AACpD,OAAO,EACL,gCAAgC,EAEjC,MAAM,mDAAmD,CAAA;AAE1D,OAAO,EAEL,8BAA8B,EAC/B,MAAM,iDAAiD,CAAA;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACnD,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAA;AAC1E,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAA;AAC9D,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAA;AACnE,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AACtC,OAAO,EACL,eAAe,EACf,aAAa,EACb,YAAY,EACb,MAAM,qBAAqB,CAAA;AAC5B,OAAO,EAAE,iBAAiB,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAChE,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,YAAY,CAAA;AAC7D,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAA;AAI7C,YAAY,EACV,gCAAgC,EAChC,QAAQ,EACR,cAAc,EACd,KAAK,EACL,WAAW,EACX,cAAc,EACd,iBAAiB,EACjB,GAAG,EACH,MAAM,EACN,mBAAmB,EACnB,wBAAwB,EACxB,iBAAiB,EACjB,8BAA8B,EAC9B,qBAAqB,EACrB,YAAY,EACZ,UAAU,GACX,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAE/B,YAAY,EAAE,iBAAiB,CAAA;IAC/B,cAAc,EAAE,QAAQ,CAAC,wBAAwB,CAAC,CAAA;IAClD,MAAM,CAAC,EAAE,MAAM,GAAG,QAAQ,CAAC,GAAG,GAAG,SAAS,GAAG,IAAI,GAAG,KAAK,CAAC,CAAA;IAG1D,UAAU,EAAE,UAAU,CAAA;IACtB,YAAY,EAAE,YAAY,CAAA;IAC1B,QAAQ,CAAC,EAAE,QAAQ,CAAA;IACnB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,gCAAgC,CAAC,EAAE,gCAAgC,CAAA;IACnE,8BAA8B,CAAC,EAAE,8BAA8B,CAAA;IAC/D,cAAc,CAAC,EAAE,cAAc,CAAA;IAG/B,cAAc,EAAE,cAAc,GAAG,GAAG,GAAG,MAAM,CAAA;IAC7C,eAAe,CAAC,EAAE,GAAG,GAAG,MAAM,CAAA;IAC9B,qBAAqB,EAAE,qBAAqB,CAAA;IAC5C,KAAK,CAAC,EAAE,KAAK,CAAA;CACd,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG,eAAe,CAAA;AAEjD,MAAM,MAAM,+BAA+B,GAAG;IAC5C,QAAQ,EAAE,yBAAyB,CAAA;IACnC,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,MAAM,CAAC,EAAE,WAAW,CAAA;CACrB,CAAA;AAED,qBAAa,WAAY,SAAQ,iBAAiB,CAAC,mBAAmB,CAAC;WACxD,aAAa,CAAC,EACzB,QAAQ,EACR,KAAwB,EACxB,MAAM,GACP,EAAE,+BAA+B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IA6BlC,QAAQ,CAAC,cAAc,EAAE,cAAc,CAAA;IACvC,QAAQ,CAAC,YAAY,EAAE,iBAAiB,CAAA;IACxC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAA;IAGxB,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAA;IACzB,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAA;IACrB,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAA;IACrC,QAAQ,CAAC,aAAa,EAAE,kBAAkB,CAAA;IAG1C,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAA;IACrC,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAA;gBAEnB,EACV,KAAwB,EAExB,UAAU,EACV,YAAY,EAEZ,QAAoB,EACpB,cAA+D,EAC/D,WAAuB,EACvB,gCAGE,EACF,8BAGE,EAEF,YAAY,EACZ,cAAc,EACd,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,MAAM,GACP,EAAE,kBAAkB;IA4DrB,IAAI,gBAAgB,qBAEnB;IAGD,IAAI,WAAW,qHAEd;IAGD,IAAI,cAAc,mBAEjB;IAED,IAAI,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAEP;IAEK,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,OAAO,CAAC,GAAG,CAAC;IAgGxE;;;OAGG;IACG,YAAY,CAAC,YAAY,EAAE,GAAG;IAY9B,QAAQ,CAAC,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC;QAC/C,KAAK,EAAE,aAAa,CAAA;QACpB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;KACrB,CAAC;IAuGF;;;;;OAKG;IACG,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,aAAa,CAAC;IAc/D,MAAM,CAAC,GAAG,EAAE,MAAM;IAiBxB,WAAW,CAAC,MAAM,EAAE,gBAAgB,EAAE,GAAG,EAAE,MAAM,GAAG,aAAa;CAUlE"}
|
package/dist/oauth-resolver.d.ts
CHANGED
|
@@ -57,14 +57,8 @@ export declare class OAuthResolver {
|
|
|
57
57
|
token_endpoint_auth_methods_supported?: string[] | undefined;
|
|
58
58
|
token_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
59
59
|
revocation_endpoint?: string | undefined;
|
|
60
|
-
revocation_endpoint_auth_methods_supported?: string[] | undefined;
|
|
61
|
-
revocation_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
62
60
|
introspection_endpoint?: string | undefined;
|
|
63
|
-
introspection_endpoint_auth_methods_supported?: string[] | undefined;
|
|
64
|
-
introspection_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
65
61
|
pushed_authorization_request_endpoint?: string | undefined;
|
|
66
|
-
pushed_authorization_request_endpoint_auth_methods_supported?: string[] | undefined;
|
|
67
|
-
pushed_authorization_request_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
68
62
|
require_pushed_authorization_requests?: boolean | undefined;
|
|
69
63
|
userinfo_endpoint?: string | undefined;
|
|
70
64
|
end_session_endpoint?: string | undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-resolver.d.ts","sourceRoot":"","sources":["../src/oauth-resolver.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,sBAAsB,EACvB,MAAM,iCAAiC,CAAA;AACxC,OAAO,EACL,gCAAgC,EAEjC,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EACL,gBAAgB,EAChB,wCAAwC,EACzC,MAAM,mDAAmD,CAAA;AAC1D,OAAO,EAAE,sCAAsC,EAAE,MAAM,iDAAiD,CAAA;AAGxG,YAAY,EAAE,gBAAgB,EAAE,CAAA;AAChC,MAAM,MAAM,mBAAmB,GAAG,gBAAgB,GAAG,sBAAsB,CAAA;AAE3E,qBAAa,aAAa;IAEtB,QAAQ,CAAC,gBAAgB,EAAE,gBAAgB;IAC3C,QAAQ,CAAC,iCAAiC,EAAE,sCAAsC;IAClF,QAAQ,CAAC,mCAAmC,EAAE,wCAAwC;gBAF7E,gBAAgB,EAAE,gBAAgB,EAClC,iCAAiC,EAAE,sCAAsC,EACzE,mCAAmC,EAAE,wCAAwC;IAGxF;;OAEG;IACU,OAAO,CAClB,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,mBAAmB,GAC5B,OAAO,CAAC;QACT,QAAQ,CAAC,EAAE,gBAAgB,CAAA;QAC3B,QAAQ,EAAE,gCAAgC,CAAA;KAC3C,CAAC;IASF;;;OAGG;IACU,kBAAkB,CAC7B,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,mBAAmB,GAC5B,OAAO,CAAC;QACT,QAAQ,EAAE,gCAAgC,CAAA;KAC3C,CAAC;IA0BW,mBAAmB,CAC9B,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,mBAAmB,GAC5B,OAAO,CAAC;QACT,QAAQ,EAAE,gBAAgB,CAAA;QAC1B,QAAQ,EAAE,gCAAgC,CAAA;KAC3C,CAAC;IAUW,eAAe,CAC1B,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,sBAAsB,GAC/B,OAAO,CAAC,gBAAgB,CAAC;IAWf,8BAA8B,CACzC,MAAM,EAAE,MAAM,EACd,OAAO,CAAC,EAAE,gBAAgB,GACzB,OAAO,CAAC,gCAAgC,CAAC;IAW/B,yBAAyB,CACpC,MAAM,EAAE,MAAM,GAAG,GAAG,EACpB,OAAO,CAAC,EAAE,gBAAgB
|
|
1
|
+
{"version":3,"file":"oauth-resolver.d.ts","sourceRoot":"","sources":["../src/oauth-resolver.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,sBAAsB,EACvB,MAAM,iCAAiC,CAAA;AACxC,OAAO,EACL,gCAAgC,EAEjC,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EACL,gBAAgB,EAChB,wCAAwC,EACzC,MAAM,mDAAmD,CAAA;AAC1D,OAAO,EAAE,sCAAsC,EAAE,MAAM,iDAAiD,CAAA;AAGxG,YAAY,EAAE,gBAAgB,EAAE,CAAA;AAChC,MAAM,MAAM,mBAAmB,GAAG,gBAAgB,GAAG,sBAAsB,CAAA;AAE3E,qBAAa,aAAa;IAEtB,QAAQ,CAAC,gBAAgB,EAAE,gBAAgB;IAC3C,QAAQ,CAAC,iCAAiC,EAAE,sCAAsC;IAClF,QAAQ,CAAC,mCAAmC,EAAE,wCAAwC;gBAF7E,gBAAgB,EAAE,gBAAgB,EAClC,iCAAiC,EAAE,sCAAsC,EACzE,mCAAmC,EAAE,wCAAwC;IAGxF;;OAEG;IACU,OAAO,CAClB,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,mBAAmB,GAC5B,OAAO,CAAC;QACT,QAAQ,CAAC,EAAE,gBAAgB,CAAA;QAC3B,QAAQ,EAAE,gCAAgC,CAAA;KAC3C,CAAC;IASF;;;OAGG;IACU,kBAAkB,CAC7B,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,mBAAmB,GAC5B,OAAO,CAAC;QACT,QAAQ,EAAE,gCAAgC,CAAA;KAC3C,CAAC;IA0BW,mBAAmB,CAC9B,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,mBAAmB,GAC5B,OAAO,CAAC;QACT,QAAQ,EAAE,gBAAgB,CAAA;QAC1B,QAAQ,EAAE,gCAAgC,CAAA;KAC3C,CAAC;IAUW,eAAe,CAC1B,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,sBAAsB,GAC/B,OAAO,CAAC,gBAAgB,CAAC;IAWf,8BAA8B,CACzC,MAAM,EAAE,MAAM,EACd,OAAO,CAAC,EAAE,gBAAgB,GACzB,OAAO,CAAC,gCAAgC,CAAC;IAW/B,yBAAyB,CACpC,MAAM,EAAE,MAAM,GAAG,GAAG,EACpB,OAAO,CAAC,EAAE,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2C7B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-server-agent.d.ts","sourceRoot":"","sources":["../src/oauth-server-agent.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,IAAI,EAAiC,MAAM,qBAAqB,CAAA;AAChF,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AACxD,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACrD,OAAO,EAEL,gCAAgC,EAChC,yBAAyB,EACzB,iBAAiB,EACjB,gBAAgB,EAChB,kBAAkB,EAClB,cAAc,EAGf,MAAM,sBAAsB,CAAA;AAK7B,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AAEnD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AACtC,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAA;AAG3C,MAAM,MAAM,QAAQ,GAAG;IACrB,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,CAAC,EAAE,MAAM,CAAA;IAEd,QAAQ,CAAC,EAAE,SAAS,CAAA;IACpB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,YAAY,EAAE,MAAM,CAAA;IACpB,UAAU,EAAE,cAAc,CAAA;IAC1B,eAAe;IACf,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG,WAAW,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;AAExD,qBAAa,gBAAgB;IAIzB,QAAQ,CAAC,OAAO,EAAE,GAAG;IACrB,QAAQ,CAAC,cAAc,EAAE,gCAAgC;IACzD,QAAQ,CAAC,cAAc,EAAE,cAAc;IACvC,QAAQ,CAAC,UAAU,EAAE,cAAc;IACnC,QAAQ,CAAC,aAAa,EAAE,aAAa;IACrC,QAAQ,CAAC,OAAO,EAAE,OAAO;IACzB,QAAQ,CAAC,MAAM,CAAC;IATlB,SAAS,CAAC,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,CAAA;gBAGxB,OAAO,EAAE,GAAG,EACZ,cAAc,EAAE,gCAAgC,EAChD,cAAc,EAAE,cAAc,EAC9B,UAAU,EAAE,cAAc,EAC1B,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE,OAAO,EAChB,MAAM,CAAC,yBAAQ,EACxB,KAAK,CAAC,EAAE,KAAK;IAaT,MAAM,CAAC,KAAK,EAAE,MAAM;IAQpB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;IAiBhE,OAAO,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IA6BpD;;;;;;;OAOG;YACW,oBAAoB;IAsC5B,OAAO,CACX,QAAQ,EAAE,OAAO,EACjB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,kBAAkB,CAAC;IACxB,OAAO,CACX,QAAQ,EAAE,8BAA8B,EACxC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,gBAAgB,CAAC;IACtB,OAAO,CACX,QAAQ,EAAE,iBAAiB,EAC3B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,IAAI,CAAC;IA4BV,eAAe,CAAC,QAAQ,EAAE,iBAAiB,GAAG,OAAO,CAAC;QAC1D,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;QAChC,OAAO,EAAE,yBAAyB,CAAA;KACnC,CAAC;
|
|
1
|
+
{"version":3,"file":"oauth-server-agent.d.ts","sourceRoot":"","sources":["../src/oauth-server-agent.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,IAAI,EAAiC,MAAM,qBAAqB,CAAA;AAChF,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AACxD,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACrD,OAAO,EAEL,gCAAgC,EAChC,yBAAyB,EACzB,iBAAiB,EACjB,gBAAgB,EAChB,kBAAkB,EAClB,cAAc,EAGf,MAAM,sBAAsB,CAAA;AAK7B,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AAEnD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AACtC,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAA;AAG3C,MAAM,MAAM,QAAQ,GAAG;IACrB,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,CAAC,EAAE,MAAM,CAAA;IAEd,QAAQ,CAAC,EAAE,SAAS,CAAA;IACpB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,YAAY,EAAE,MAAM,CAAA;IACpB,UAAU,EAAE,cAAc,CAAA;IAC1B,eAAe;IACf,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG,WAAW,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;AAExD,qBAAa,gBAAgB;IAIzB,QAAQ,CAAC,OAAO,EAAE,GAAG;IACrB,QAAQ,CAAC,cAAc,EAAE,gCAAgC;IACzD,QAAQ,CAAC,cAAc,EAAE,cAAc;IACvC,QAAQ,CAAC,UAAU,EAAE,cAAc;IACnC,QAAQ,CAAC,aAAa,EAAE,aAAa;IACrC,QAAQ,CAAC,OAAO,EAAE,OAAO;IACzB,QAAQ,CAAC,MAAM,CAAC;IATlB,SAAS,CAAC,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,CAAA;gBAGxB,OAAO,EAAE,GAAG,EACZ,cAAc,EAAE,gCAAgC,EAChD,cAAc,EAAE,cAAc,EAC9B,UAAU,EAAE,cAAc,EAC1B,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE,OAAO,EAChB,MAAM,CAAC,yBAAQ,EACxB,KAAK,CAAC,EAAE,KAAK;IAaT,MAAM,CAAC,KAAK,EAAE,MAAM;IAQpB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;IAiBhE,OAAO,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IA6BpD;;;;;;;OAOG;YACW,oBAAoB;IAsC5B,OAAO,CACX,QAAQ,EAAE,OAAO,EACjB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,kBAAkB,CAAC;IACxB,OAAO,CACX,QAAQ,EAAE,8BAA8B,EACxC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,gBAAgB,CAAC;IACtB,OAAO,CACX,QAAQ,EAAE,iBAAiB,EAC3B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,IAAI,CAAC;IA4BV,eAAe,CAAC,QAAQ,EAAE,iBAAiB,GAAG,OAAO,CAAC;QAC1D,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;QAChC,OAAO,EAAE,yBAAyB,CAAA;KACnC,CAAC;CA+DH"}
|
|
@@ -231,10 +231,8 @@ class OAuthServerAgent {
|
|
|
231
231
|
}
|
|
232
232
|
}
|
|
233
233
|
async buildClientAuth(endpoint) {
|
|
234
|
-
const methodSupported = this.serverMetadata[
|
|
235
|
-
|
|
236
|
-
const method = this.clientMetadata[`${endpoint}_endpoint_auth_method`] ||
|
|
237
|
-
this.clientMetadata[`token_endpoint_auth_method`];
|
|
234
|
+
const methodSupported = this.serverMetadata[`token_endpoint_auth_methods_supported`];
|
|
235
|
+
const method = this.clientMetadata[`token_endpoint_auth_method`];
|
|
238
236
|
if (method === 'private_key_jwt' ||
|
|
239
237
|
(this.keyset &&
|
|
240
238
|
!method &&
|
|
@@ -242,9 +240,7 @@ class OAuthServerAgent {
|
|
|
242
240
|
if (!this.keyset)
|
|
243
241
|
throw new Error('No keyset available');
|
|
244
242
|
try {
|
|
245
|
-
const alg = this.serverMetadata[
|
|
246
|
-
this.serverMetadata[`token_endpoint_auth_signing_alg_values_supported`] ??
|
|
247
|
-
constants_js_1.FALLBACK_ALG;
|
|
243
|
+
const alg = this.serverMetadata[`token_endpoint_auth_signing_alg_values_supported`] ?? constants_js_1.FALLBACK_ALG;
|
|
248
244
|
// If jwks is defined, make sure to only sign using a key that exists in
|
|
249
245
|
// the jwks. If jwks_uri is defined, we can't be sure that the key we're
|
|
250
246
|
// looking for is in there so we will just assume it is.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-server-agent.js","sourceRoot":"","sources":["../src/oauth-server-agent.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAgF;AAGhF,sDAU6B;AAE7B,iDAA6C;AAC7C,4EAAmE;AACnE,mDAAkD;AAElD,uEAA8D;AAG9D,uCAAyC;AAkBzC,MAAa,gBAAgB;IAG3B,YACW,OAAY,EACZ,cAAgD,EAChD,cAA8B,EAC9B,UAA0B,EAC1B,aAA4B,EAC5B,OAAgB,EAChB,MAAe,EACxB,KAAa;QAPb;;;;mBAAS,OAAO;WAAK;QACrB;;;;mBAAS,cAAc;WAAkC;QACzD;;;;mBAAS,cAAc;WAAgB;QACvC;;;;mBAAS,UAAU;WAAgB;QACnC;;;;mBAAS,aAAa;WAAe;QACrC;;;;mBAAS,OAAO;WAAS;QACzB;;;;mBAAS,MAAM;WAAS;QAThB;;;;;WAAyB;QAYjC,IAAI,CAAC,SAAS,GAAG,IAAA,gCAAgB,EAAO;YACtC,KAAK,EAAE,IAAA,iBAAS,EAAC,KAAK,CAAC;YACvB,GAAG,EAAE,cAAc,CAAC,SAAS;YAC7B,GAAG,EAAE,OAAO;YACZ,aAAa,EAAE,cAAc,CAAC,iCAAiC;YAC/D,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;YACtC,MAAM,EAAE,UAAU;YAClB,YAAY,EAAE,IAAI;SACnB,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,KAAa;QACxB,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;QAC7C,CAAC;QAAC,MAAM,CAAC;YACP,aAAa;QACf,CAAC;IACH,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,IAAY,EAAE,QAAiB;QAChD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;YAChD,UAAU,EAAE,oBAAoB;YAChC,YAAY,EAAE,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,CAAE;YACnD,IAAI;YACJ,aAAa,EAAE,QAAQ;SACxB,CAAC,CAAA;QAEF,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,oBAAoB,CAAC,aAAa,CAAC,CAAA;QACjD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,YAAY,CAAC,CAAA;YAE7C,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,QAAkB;QAC9B,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC;YAC5B,MAAM,IAAI,0CAAiB,CAAC,QAAQ,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAA;QACzE,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;YAChD,UAAU,EAAE,eAAe;YAC3B,aAAa,EAAE,QAAQ,CAAC,aAAa;SACtC,CAAC,CAAA;QAEF,IAAI,CAAC;YACH,IAAI,QAAQ,CAAC,GAAG,KAAK,aAAa,CAAC,GAAG,EAAE,CAAC;gBACvC,MAAM,IAAI,0CAAiB,CACzB,QAAQ,CAAC,GAAG,EACZ,uCAAuC,aAAa,CAAC,GAAG,GAAG,CAC5D,CAAA;YACH,CAAC;YACD,IAAI,QAAQ,CAAC,GAAG,KAAK,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC;gBAChD,MAAM,IAAI,0CAAiB,CAAC,QAAQ,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAA;YAC9D,CAAC;YAED,OAAO,IAAI,CAAC,oBAAoB,CAAC,aAAa,CAAC,CAAA;QACjD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,YAAY,CAAC,CAAA;YAE7C,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACK,KAAK,CAAC,oBAAoB,CAChC,aAAiC;;;YAEjC,MAAM,EAAE,GAAG,EAAE,GAAG,aAAa,CAAA;YAC7B,2EAA2E;YAC3E,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,SAAS,CAAC,iCAAiC,CAAC,CAAA;YAEhE,sCAAsC;YACtC,MAAM,MAAM,kCAAG,IAAA,uBAAa,EAAC,IAAI,CAAC,QAAA,CAAA;YAElC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC,GAAG,EAAE;gBACjE,MAAM;aACP,CAAC,CAAA;YAEF,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,KAAK,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC;gBAC5D,wEAAwE;gBACxE,wEAAwE;gBACxE,yBAAyB;gBACzB,MAAM,IAAI,SAAS,CAAC,iBAAiB,CAAC,CAAA;YACxC,CAAC;YAED,OAAO;gBACL,GAAG;gBACH,GAAG,EAAE,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI;gBAC/B,GAAG,EAAE,QAAQ,CAAC,QAAQ,CAAC,MAAM;gBAE7B,KAAK,EAAE,aAAa,CAAC,KAAK;gBAC1B,QAAQ,EAAE,aAAa,CAAC,QAAQ;gBAChC,aAAa,EAAE,aAAa,CAAC,aAAa;gBAC1C,YAAY,EAAE,aAAa,CAAC,YAAY;gBACxC,UAAU,EAAE,aAAa,CAAC,UAAU,IAAI,QAAQ;gBAChD,UAAU,EACR,OAAO,aAAa,CAAC,UAAU,KAAK,QAAQ;oBAC1C,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,aAAa,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;oBACtE,CAAC,CAAC,SAAS;aAChB,CAAA;;;;;;;;;KACF;IAeD,KAAK,CAAC,OAAO,CAAC,QAA2B,EAAE,OAAgC;QACzE,MAAM,GAAG,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,QAAQ,WAAW,CAAC,CAAA;QACvD,IAAI,CAAC,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,MAAM,QAAQ,qBAAqB,CAAC,CAAA;QAE9D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAA;QAEjD,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE;YACnD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAChE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,OAAO,EAAE,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;SACtD,CAAC,CAAC,IAAI,CAAC,IAAA,0BAAkB,GAAE,CAAC,CAAA;QAE7B,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;YAChB,QAAQ,QAAQ,EAAE,CAAC;gBACjB,KAAK,OAAO;oBACV,OAAO,sCAAwB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;gBAC7C,KAAK,8BAA8B;oBACjC,OAAO,oCAAsB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;gBAC3C;oBACE,OAAO,IAAI,CAAA;YACf,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,4CAAkB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;QAC9C,CAAC;IACH,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,QAA2B;QAI/C,MAAM,eAAe,GACnB,IAAI,CAAC,cAAc,CAAC,
|
|
1
|
+
{"version":3,"file":"oauth-server-agent.js","sourceRoot":"","sources":["../src/oauth-server-agent.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAgF;AAGhF,sDAU6B;AAE7B,iDAA6C;AAC7C,4EAAmE;AACnE,mDAAkD;AAElD,uEAA8D;AAG9D,uCAAyC;AAkBzC,MAAa,gBAAgB;IAG3B,YACW,OAAY,EACZ,cAAgD,EAChD,cAA8B,EAC9B,UAA0B,EAC1B,aAA4B,EAC5B,OAAgB,EAChB,MAAe,EACxB,KAAa;QAPb;;;;mBAAS,OAAO;WAAK;QACrB;;;;mBAAS,cAAc;WAAkC;QACzD;;;;mBAAS,cAAc;WAAgB;QACvC;;;;mBAAS,UAAU;WAAgB;QACnC;;;;mBAAS,aAAa;WAAe;QACrC;;;;mBAAS,OAAO;WAAS;QACzB;;;;mBAAS,MAAM;WAAS;QAThB;;;;;WAAyB;QAYjC,IAAI,CAAC,SAAS,GAAG,IAAA,gCAAgB,EAAO;YACtC,KAAK,EAAE,IAAA,iBAAS,EAAC,KAAK,CAAC;YACvB,GAAG,EAAE,cAAc,CAAC,SAAS;YAC7B,GAAG,EAAE,OAAO;YACZ,aAAa,EAAE,cAAc,CAAC,iCAAiC;YAC/D,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;YACtC,MAAM,EAAE,UAAU;YAClB,YAAY,EAAE,IAAI;SACnB,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,KAAa;QACxB,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;QAC7C,CAAC;QAAC,MAAM,CAAC;YACP,aAAa;QACf,CAAC;IACH,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,IAAY,EAAE,QAAiB;QAChD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;YAChD,UAAU,EAAE,oBAAoB;YAChC,YAAY,EAAE,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,CAAE;YACnD,IAAI;YACJ,aAAa,EAAE,QAAQ;SACxB,CAAC,CAAA;QAEF,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,oBAAoB,CAAC,aAAa,CAAC,CAAA;QACjD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,YAAY,CAAC,CAAA;YAE7C,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,QAAkB;QAC9B,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC;YAC5B,MAAM,IAAI,0CAAiB,CAAC,QAAQ,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAA;QACzE,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;YAChD,UAAU,EAAE,eAAe;YAC3B,aAAa,EAAE,QAAQ,CAAC,aAAa;SACtC,CAAC,CAAA;QAEF,IAAI,CAAC;YACH,IAAI,QAAQ,CAAC,GAAG,KAAK,aAAa,CAAC,GAAG,EAAE,CAAC;gBACvC,MAAM,IAAI,0CAAiB,CACzB,QAAQ,CAAC,GAAG,EACZ,uCAAuC,aAAa,CAAC,GAAG,GAAG,CAC5D,CAAA;YACH,CAAC;YACD,IAAI,QAAQ,CAAC,GAAG,KAAK,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC;gBAChD,MAAM,IAAI,0CAAiB,CAAC,QAAQ,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAA;YAC9D,CAAC;YAED,OAAO,IAAI,CAAC,oBAAoB,CAAC,aAAa,CAAC,CAAA;QACjD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,YAAY,CAAC,CAAA;YAE7C,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACK,KAAK,CAAC,oBAAoB,CAChC,aAAiC;;;YAEjC,MAAM,EAAE,GAAG,EAAE,GAAG,aAAa,CAAA;YAC7B,2EAA2E;YAC3E,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,SAAS,CAAC,iCAAiC,CAAC,CAAA;YAEhE,sCAAsC;YACtC,MAAM,MAAM,kCAAG,IAAA,uBAAa,EAAC,IAAI,CAAC,QAAA,CAAA;YAElC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC,GAAG,EAAE;gBACjE,MAAM;aACP,CAAC,CAAA;YAEF,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,KAAK,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC;gBAC5D,wEAAwE;gBACxE,wEAAwE;gBACxE,yBAAyB;gBACzB,MAAM,IAAI,SAAS,CAAC,iBAAiB,CAAC,CAAA;YACxC,CAAC;YAED,OAAO;gBACL,GAAG;gBACH,GAAG,EAAE,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI;gBAC/B,GAAG,EAAE,QAAQ,CAAC,QAAQ,CAAC,MAAM;gBAE7B,KAAK,EAAE,aAAa,CAAC,KAAK;gBAC1B,QAAQ,EAAE,aAAa,CAAC,QAAQ;gBAChC,aAAa,EAAE,aAAa,CAAC,aAAa;gBAC1C,YAAY,EAAE,aAAa,CAAC,YAAY;gBACxC,UAAU,EAAE,aAAa,CAAC,UAAU,IAAI,QAAQ;gBAChD,UAAU,EACR,OAAO,aAAa,CAAC,UAAU,KAAK,QAAQ;oBAC1C,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,aAAa,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;oBACtE,CAAC,CAAC,SAAS;aAChB,CAAA;;;;;;;;;KACF;IAeD,KAAK,CAAC,OAAO,CAAC,QAA2B,EAAE,OAAgC;QACzE,MAAM,GAAG,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,QAAQ,WAAW,CAAC,CAAA;QACvD,IAAI,CAAC,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,MAAM,QAAQ,qBAAqB,CAAC,CAAA;QAE9D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAA;QAEjD,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE;YACnD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAChE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,OAAO,EAAE,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;SACtD,CAAC,CAAC,IAAI,CAAC,IAAA,0BAAkB,GAAE,CAAC,CAAA;QAE7B,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;YAChB,QAAQ,QAAQ,EAAE,CAAC;gBACjB,KAAK,OAAO;oBACV,OAAO,sCAAwB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;gBAC7C,KAAK,8BAA8B;oBACjC,OAAO,oCAAsB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;gBAC3C;oBACE,OAAO,IAAI,CAAA;YACf,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,4CAAkB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;QAC9C,CAAC;IACH,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,QAA2B;QAI/C,MAAM,eAAe,GACnB,IAAI,CAAC,cAAc,CAAC,uCAAuC,CAAC,CAAA;QAE9D,MAAM,MAAM,GAAG,IAAI,CAAC,cAAc,CAAC,4BAA4B,CAAC,CAAA;QAEhE,IACE,MAAM,KAAK,iBAAiB;YAC5B,CAAC,IAAI,CAAC,MAAM;gBACV,CAAC,MAAM;gBACP,CAAC,eAAe,EAAE,QAAQ,CAAC,iBAAiB,CAAC,IAAI,KAAK,CAAC,CAAC,EAC1D,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,MAAM;gBAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAA;YAExD,IAAI,CAAC;gBACH,MAAM,GAAG,GACP,IAAI,CAAC,cAAc,CACjB,kDAAkD,CACnD,IAAI,2BAAY,CAAA;gBAEnB,wEAAwE;gBACxE,wEAAwE;gBACxE,wDAAwD;gBACxD,MAAM,GAAG,GAAG,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE,IAAI;qBACvC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC;qBACrB,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAA;gBAEpD,OAAO;oBACL,OAAO,EAAE;wBACP,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,SAAS;wBACxC,qBAAqB,EAAE,8CAAgC;wBACvD,gBAAgB,EAAE,MAAM,IAAI,CAAC,MAAM,CAAC,SAAS,CAC3C,EAAE,GAAG,EAAE,GAAG,EAAE,EACZ;4BACE,GAAG,EAAE,IAAI,CAAC,cAAc,CAAC,SAAS;4BAClC,GAAG,EAAE,IAAI,CAAC,cAAc,CAAC,SAAS;4BAClC,GAAG,EAAE,IAAI,CAAC,cAAc,CAAC,MAAM;4BAC/B,GAAG,EAAE,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE;4BACvC,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;yBACnC,CACF;qBACF;iBACF,CAAA;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,MAAM,KAAK,iBAAiB;oBAAE,MAAM,GAAG,CAAA;gBAE3C,uBAAuB;YACzB,CAAC;QACH,CAAC;QAED,IACE,MAAM,KAAK,MAAM;YACjB,CAAC,CAAC,MAAM,IAAI,CAAC,eAAe,EAAE,QAAQ,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,CAAC,EACxD,CAAC;YACD,OAAO;gBACL,OAAO,EAAE;oBACP,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,SAAS;iBACzC;aACF,CAAA;QACH,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,eAAe,QAAQ,wBAAwB,CAAC,CAAA;IAClE,CAAC;CACF;AArOD,4CAqOC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -17,12 +17,6 @@ export declare const clientMetadataSchema: z.ZodObject<z.objectUtil.extendShape<
|
|
|
17
17
|
scope: z.ZodOptional<z.ZodString>;
|
|
18
18
|
token_endpoint_auth_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<["client_secret_basic", "client_secret_jwt", "client_secret_post", "none", "private_key_jwt", "self_signed_tls_client_auth", "tls_client_auth"]>>>;
|
|
19
19
|
token_endpoint_auth_signing_alg: z.ZodOptional<z.ZodString>;
|
|
20
|
-
introspection_endpoint_auth_method: z.ZodOptional<z.ZodEnum<["client_secret_basic", "client_secret_jwt", "client_secret_post", "none", "private_key_jwt", "self_signed_tls_client_auth", "tls_client_auth"]>>;
|
|
21
|
-
introspection_endpoint_auth_signing_alg: z.ZodOptional<z.ZodString>;
|
|
22
|
-
revocation_endpoint_auth_method: z.ZodOptional<z.ZodEnum<["client_secret_basic", "client_secret_jwt", "client_secret_post", "none", "private_key_jwt", "self_signed_tls_client_auth", "tls_client_auth"]>>;
|
|
23
|
-
revocation_endpoint_auth_signing_alg: z.ZodOptional<z.ZodString>;
|
|
24
|
-
pushed_authorization_request_endpoint_auth_method: z.ZodOptional<z.ZodEnum<["client_secret_basic", "client_secret_jwt", "client_secret_post", "none", "private_key_jwt", "self_signed_tls_client_auth", "tls_client_auth"]>>;
|
|
25
|
-
pushed_authorization_request_endpoint_auth_signing_alg: z.ZodOptional<z.ZodString>;
|
|
26
20
|
userinfo_signed_response_alg: z.ZodOptional<z.ZodString>;
|
|
27
21
|
userinfo_encrypted_response_alg: z.ZodOptional<z.ZodString>;
|
|
28
22
|
jwks_uri: z.ZodOptional<z.ZodString>;
|
|
@@ -1318,12 +1312,6 @@ export declare const clientMetadataSchema: z.ZodObject<z.objectUtil.extendShape<
|
|
|
1318
1312
|
scope?: string | undefined;
|
|
1319
1313
|
token_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1320
1314
|
token_endpoint_auth_signing_alg?: string | undefined;
|
|
1321
|
-
introspection_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1322
|
-
introspection_endpoint_auth_signing_alg?: string | undefined;
|
|
1323
|
-
revocation_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1324
|
-
revocation_endpoint_auth_signing_alg?: string | undefined;
|
|
1325
|
-
pushed_authorization_request_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1326
|
-
pushed_authorization_request_endpoint_auth_signing_alg?: string | undefined;
|
|
1327
1315
|
userinfo_signed_response_alg?: string | undefined;
|
|
1328
1316
|
userinfo_encrypted_response_alg?: string | undefined;
|
|
1329
1317
|
jwks_uri?: string | undefined;
|
|
@@ -1451,12 +1439,6 @@ export declare const clientMetadataSchema: z.ZodObject<z.objectUtil.extendShape<
|
|
|
1451
1439
|
scope?: string | undefined;
|
|
1452
1440
|
token_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1453
1441
|
token_endpoint_auth_signing_alg?: string | undefined;
|
|
1454
|
-
introspection_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1455
|
-
introspection_endpoint_auth_signing_alg?: string | undefined;
|
|
1456
|
-
revocation_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1457
|
-
revocation_endpoint_auth_signing_alg?: string | undefined;
|
|
1458
|
-
pushed_authorization_request_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1459
|
-
pushed_authorization_request_endpoint_auth_signing_alg?: string | undefined;
|
|
1460
1442
|
userinfo_signed_response_alg?: string | undefined;
|
|
1461
1443
|
userinfo_encrypted_response_alg?: string | undefined;
|
|
1462
1444
|
jwks_uri?: string | undefined;
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAIA,OAAO,CAAC,MAAM,KAAK,CAAA;AAMnB,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,OAAO,GAAG,KAAK,CAAA;IAC5C,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,MAAM,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,SAAS,GAAG,gBAAgB,CAAA;IACxD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,WAAW,CAAA;IAGpB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,OAAO,CAAC,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,eAAO,MAAM,oBAAoB
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAIA,OAAO,CAAC,MAAM,KAAK,CAAA;AAMnB,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,OAAO,GAAG,KAAK,CAAA;IAC5C,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,MAAM,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,SAAS,GAAG,gBAAgB,CAAA;IACxD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,WAAW,CAAA;IAGpB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,OAAO,CAAC,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAE/B,CAAA;AAEF,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validate-client-metadata.d.ts","sourceRoot":"","sources":["../src/validate-client-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AACrC,OAAO,
|
|
1
|
+
{"version":3,"file":"validate-client-metadata.d.ts","sourceRoot":"","sources":["../src/validate-client-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AACrC,OAAO,EAAE,wBAAwB,EAAE,MAAM,sBAAsB,CAAA;AAE/D,OAAO,EAAE,cAAc,EAAwB,MAAM,YAAY,CAAA;AAKjE,wBAAgB,sBAAsB,CACpC,KAAK,EAAE,wBAAwB,EAC/B,MAAM,CAAC,EAAE,MAAM,GACd,cAAc,CA0DhB"}
|
|
@@ -1,12 +1,9 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.validateClientMetadata = void 0;
|
|
4
|
-
const oauth_types_1 = require("@atproto/oauth-types");
|
|
5
4
|
const types_js_1 = require("./types.js");
|
|
6
|
-
|
|
7
|
-
const
|
|
8
|
-
const _ENDPOINT_AUTH_SIGNING_ALG = '_endpoint_auth_signing_alg';
|
|
9
|
-
const TOKEN_ENDPOINT_AUTH_METHOD = `token${_ENDPOINT_AUTH_METHOD}`;
|
|
5
|
+
const TOKEN_ENDPOINT_AUTH_METHOD = `token_endpoint_auth_method`;
|
|
6
|
+
const TOKEN_ENDPOINT_AUTH_SIGNING_ALG = `token_endpoint_auth_signing_alg`;
|
|
10
7
|
function validateClientMetadata(input, keyset) {
|
|
11
8
|
if (input.jwks) {
|
|
12
9
|
if (!keyset) {
|
|
@@ -33,29 +30,25 @@ function validateClientMetadata(input, keyset) {
|
|
|
33
30
|
catch (cause) {
|
|
34
31
|
throw new TypeError(`client_id must be a valid URL`, { cause });
|
|
35
32
|
}
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
break;
|
|
56
|
-
default:
|
|
57
|
-
throw new TypeError(`Invalid "${endpointName}${_ENDPOINT_AUTH_METHOD}" value: ${method}`);
|
|
58
|
-
}
|
|
33
|
+
const method = metadata[TOKEN_ENDPOINT_AUTH_METHOD];
|
|
34
|
+
switch (method) {
|
|
35
|
+
case undefined:
|
|
36
|
+
throw new TypeError(`${TOKEN_ENDPOINT_AUTH_METHOD} must be provided`);
|
|
37
|
+
case 'none':
|
|
38
|
+
if (metadata[TOKEN_ENDPOINT_AUTH_SIGNING_ALG]) {
|
|
39
|
+
throw new TypeError(`${TOKEN_ENDPOINT_AUTH_SIGNING_ALG} must not be provided when ${TOKEN_ENDPOINT_AUTH_METHOD} is "${method}"`);
|
|
40
|
+
}
|
|
41
|
+
break;
|
|
42
|
+
case 'private_key_jwt':
|
|
43
|
+
if (!keyset?.size) {
|
|
44
|
+
throw new TypeError(`A non-empty keyset must be provided when ${TOKEN_ENDPOINT_AUTH_METHOD} is "${method}"`);
|
|
45
|
+
}
|
|
46
|
+
if (!metadata[TOKEN_ENDPOINT_AUTH_SIGNING_ALG]) {
|
|
47
|
+
throw new TypeError(`${TOKEN_ENDPOINT_AUTH_SIGNING_ALG} must be provided when ${TOKEN_ENDPOINT_AUTH_METHOD} is "${method}"`);
|
|
48
|
+
}
|
|
49
|
+
break;
|
|
50
|
+
default:
|
|
51
|
+
throw new TypeError(`Invalid "token_endpoint_auth_method" value: ${method}`);
|
|
59
52
|
}
|
|
60
53
|
return metadata;
|
|
61
54
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validate-client-metadata.js","sourceRoot":"","sources":["../src/validate-client-metadata.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"validate-client-metadata.js","sourceRoot":"","sources":["../src/validate-client-metadata.ts"],"names":[],"mappings":";;;AAGA,yCAAiE;AAEjE,MAAM,0BAA0B,GAAG,4BAA4B,CAAA;AAC/D,MAAM,+BAA+B,GAAG,iCAAiC,CAAA;AAEzE,SAAgB,sBAAsB,CACpC,KAA+B,EAC/B,MAAe;IAEf,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;QACf,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,SAAS,CAAC,mDAAmD,CAAC,CAAA;QAC1E,CAAC;QACD,KAAK,MAAM,GAAG,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YAClC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,SAAS,CAAC,gCAAgC,CAAC,CAAA;YACvD,CAAC;iBAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBAChC,MAAM,IAAI,SAAS,CAAC,iBAAiB,GAAG,CAAC,GAAG,uBAAuB,CAAC,CAAA;YACtE,CAAC;QACH,CAAC;IACH,CAAC;IAED,+DAA+D;IAC/D,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,IAAI,MAAM,EAAE,IAAI,EAAE,CAAC;QACnD,KAAK,GAAG,EAAE,GAAG,KAAK,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,EAAE,CAAA;IAC7C,CAAC;IAED,MAAM,QAAQ,GAAG,+BAAoB,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;IAElD,yCAAyC;IACzC,IAAI,CAAC;QACH,IAAI,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAA;IAC7B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,SAAS,CAAC,+BAA+B,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;IACjE,CAAC;IAED,MAAM,MAAM,GAAG,QAAQ,CAAC,0BAA0B,CAAC,CAAA;IACnD,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,SAAS;YACZ,MAAM,IAAI,SAAS,CAAC,GAAG,0BAA0B,mBAAmB,CAAC,CAAA;QACvE,KAAK,MAAM;YACT,IAAI,QAAQ,CAAC,+BAA+B,CAAC,EAAE,CAAC;gBAC9C,MAAM,IAAI,SAAS,CACjB,GAAG,+BAA+B,8BAA8B,0BAA0B,QAAQ,MAAM,GAAG,CAC5G,CAAA;YACH,CAAC;YACD,MAAK;QACP,KAAK,iBAAiB;YACpB,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC;gBAClB,MAAM,IAAI,SAAS,CACjB,4CAA4C,0BAA0B,QAAQ,MAAM,GAAG,CACxF,CAAA;YACH,CAAC;YACD,IAAI,CAAC,QAAQ,CAAC,+BAA+B,CAAC,EAAE,CAAC;gBAC/C,MAAM,IAAI,SAAS,CACjB,GAAG,+BAA+B,0BAA0B,0BAA0B,QAAQ,MAAM,GAAG,CACxG,CAAA;YACH,CAAC;YACD,MAAK;QACP;YACE,MAAM,IAAI,SAAS,CACjB,+CAA+C,MAAM,EAAE,CACxD,CAAA;IACL,CAAC;IAED,OAAO,QAAQ,CAAA;AACjB,CAAC;AA7DD,wDA6DC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@atproto/oauth-client",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.5",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"description": "OAuth client for ATPROTO PDS. This package serves as common base for environment-specific implementations (NodeJS, Browser, React-Native).",
|
|
6
6
|
"keywords": [
|
|
@@ -36,7 +36,7 @@
|
|
|
36
36
|
"@atproto/api": "0.13.1",
|
|
37
37
|
"@atproto/did": "0.1.1",
|
|
38
38
|
"@atproto/jwk": "0.1.1",
|
|
39
|
-
"@atproto/oauth-types": "0.1.
|
|
39
|
+
"@atproto/oauth-types": "0.1.3",
|
|
40
40
|
"@atproto/xrpc": "0.6.0"
|
|
41
41
|
},
|
|
42
42
|
"devDependencies": {
|
package/src/fetch-dpop.ts
CHANGED
|
@@ -158,6 +158,7 @@ async function buildProof(
|
|
|
158
158
|
const now = Math.floor(Date.now() / 1e3)
|
|
159
159
|
|
|
160
160
|
return key.createJwt(
|
|
161
|
+
// https://datatracker.ietf.org/doc/html/rfc9449#section-4.2
|
|
161
162
|
{
|
|
162
163
|
alg,
|
|
163
164
|
typ: 'dpop+jwt',
|
|
@@ -166,7 +167,6 @@ async function buildProof(
|
|
|
166
167
|
{
|
|
167
168
|
iss,
|
|
168
169
|
iat: now,
|
|
169
|
-
exp: now + 10,
|
|
170
170
|
// Any collision will cause the request to be rejected by the server. no biggie.
|
|
171
171
|
jti: Math.random().toString(36).slice(2),
|
|
172
172
|
htm,
|
|
@@ -206,12 +206,9 @@ export class OAuthServerAgent {
|
|
|
206
206
|
payload: OAuthClientIdentification
|
|
207
207
|
}> {
|
|
208
208
|
const methodSupported =
|
|
209
|
-
this.serverMetadata[`${endpoint}_endpoint_auth_methods_supported`] ||
|
|
210
209
|
this.serverMetadata[`token_endpoint_auth_methods_supported`]
|
|
211
210
|
|
|
212
|
-
const method =
|
|
213
|
-
this.clientMetadata[`${endpoint}_endpoint_auth_method`] ||
|
|
214
|
-
this.clientMetadata[`token_endpoint_auth_method`]
|
|
211
|
+
const method = this.clientMetadata[`token_endpoint_auth_method`]
|
|
215
212
|
|
|
216
213
|
if (
|
|
217
214
|
method === 'private_key_jwt' ||
|
|
@@ -223,13 +220,9 @@ export class OAuthServerAgent {
|
|
|
223
220
|
|
|
224
221
|
try {
|
|
225
222
|
const alg =
|
|
226
|
-
this.serverMetadata[
|
|
227
|
-
`${endpoint}_endpoint_auth_signing_alg_values_supported`
|
|
228
|
-
] ??
|
|
229
223
|
this.serverMetadata[
|
|
230
224
|
`token_endpoint_auth_signing_alg_values_supported`
|
|
231
|
-
] ??
|
|
232
|
-
FALLBACK_ALG
|
|
225
|
+
] ?? FALLBACK_ALG
|
|
233
226
|
|
|
234
227
|
// If jwks is defined, make sure to only sign using a key that exists in
|
|
235
228
|
// the jwks. If jwks_uri is defined, we can't be sure that the key we're
|
|
@@ -1,16 +1,10 @@
|
|
|
1
1
|
import { Keyset } from '@atproto/jwk'
|
|
2
|
-
import {
|
|
3
|
-
OAUTH_AUTHENTICATED_ENDPOINT_NAMES,
|
|
4
|
-
OAuthClientMetadataInput,
|
|
5
|
-
} from '@atproto/oauth-types'
|
|
2
|
+
import { OAuthClientMetadataInput } from '@atproto/oauth-types'
|
|
6
3
|
|
|
7
4
|
import { ClientMetadata, clientMetadataSchema } from './types.js'
|
|
8
5
|
|
|
9
|
-
|
|
10
|
-
const
|
|
11
|
-
const _ENDPOINT_AUTH_SIGNING_ALG = '_endpoint_auth_signing_alg'
|
|
12
|
-
|
|
13
|
-
const TOKEN_ENDPOINT_AUTH_METHOD = `token${_ENDPOINT_AUTH_METHOD}`
|
|
6
|
+
const TOKEN_ENDPOINT_AUTH_METHOD = `token_endpoint_auth_method`
|
|
7
|
+
const TOKEN_ENDPOINT_AUTH_SIGNING_ALG = `token_endpoint_auth_signing_alg`
|
|
14
8
|
|
|
15
9
|
export function validateClientMetadata(
|
|
16
10
|
input: OAuthClientMetadataInput,
|
|
@@ -43,36 +37,33 @@ export function validateClientMetadata(
|
|
|
43
37
|
throw new TypeError(`client_id must be a valid URL`, { cause })
|
|
44
38
|
}
|
|
45
39
|
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
switch (method) {
|
|
53
|
-
case undefined:
|
|
54
|
-
case 'none':
|
|
55
|
-
if (metadata[`${endpointName}${_ENDPOINT_AUTH_SIGNING_ALG}`]) {
|
|
56
|
-
throw new TypeError(
|
|
57
|
-
`${endpointName}${_ENDPOINT_AUTH_SIGNING_ALG} must not be provided`,
|
|
58
|
-
)
|
|
59
|
-
}
|
|
60
|
-
break
|
|
61
|
-
case 'private_key_jwt':
|
|
62
|
-
if (!keyset) {
|
|
63
|
-
throw new TypeError(`Keyset is required for ${method} method`)
|
|
64
|
-
}
|
|
65
|
-
if (!metadata[`${endpointName}${_ENDPOINT_AUTH_SIGNING_ALG}`]) {
|
|
66
|
-
throw new TypeError(
|
|
67
|
-
`${endpointName}${_ENDPOINT_AUTH_SIGNING_ALG} must be provided`,
|
|
68
|
-
)
|
|
69
|
-
}
|
|
70
|
-
break
|
|
71
|
-
default:
|
|
40
|
+
const method = metadata[TOKEN_ENDPOINT_AUTH_METHOD]
|
|
41
|
+
switch (method) {
|
|
42
|
+
case undefined:
|
|
43
|
+
throw new TypeError(`${TOKEN_ENDPOINT_AUTH_METHOD} must be provided`)
|
|
44
|
+
case 'none':
|
|
45
|
+
if (metadata[TOKEN_ENDPOINT_AUTH_SIGNING_ALG]) {
|
|
72
46
|
throw new TypeError(
|
|
73
|
-
|
|
47
|
+
`${TOKEN_ENDPOINT_AUTH_SIGNING_ALG} must not be provided when ${TOKEN_ENDPOINT_AUTH_METHOD} is "${method}"`,
|
|
74
48
|
)
|
|
75
|
-
|
|
49
|
+
}
|
|
50
|
+
break
|
|
51
|
+
case 'private_key_jwt':
|
|
52
|
+
if (!keyset?.size) {
|
|
53
|
+
throw new TypeError(
|
|
54
|
+
`A non-empty keyset must be provided when ${TOKEN_ENDPOINT_AUTH_METHOD} is "${method}"`,
|
|
55
|
+
)
|
|
56
|
+
}
|
|
57
|
+
if (!metadata[TOKEN_ENDPOINT_AUTH_SIGNING_ALG]) {
|
|
58
|
+
throw new TypeError(
|
|
59
|
+
`${TOKEN_ENDPOINT_AUTH_SIGNING_ALG} must be provided when ${TOKEN_ENDPOINT_AUTH_METHOD} is "${method}"`,
|
|
60
|
+
)
|
|
61
|
+
}
|
|
62
|
+
break
|
|
63
|
+
default:
|
|
64
|
+
throw new TypeError(
|
|
65
|
+
`Invalid "token_endpoint_auth_method" value: ${method}`,
|
|
66
|
+
)
|
|
76
67
|
}
|
|
77
68
|
|
|
78
69
|
return metadata
|