@atproto/oauth-provider 0.1.3 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- package/CHANGELOG.md +29 -0
- package/dist/account/account.d.ts +6 -2
- package/dist/account/account.d.ts.map +1 -1
- package/dist/assets/app/bundle-manifest.json +3 -3
- package/dist/assets/app/main.css +1 -1
- package/dist/assets/app/main.js +1 -1
- package/dist/assets/app/main.js.map +1 -1
- package/dist/assets/assets-middleware.d.ts +2 -1
- package/dist/assets/assets-middleware.d.ts.map +1 -1
- package/dist/assets/assets-middleware.js +7 -0
- package/dist/assets/assets-middleware.js.map +1 -1
- package/dist/client/client-manager.d.ts +4 -3
- package/dist/client/client-manager.d.ts.map +1 -1
- package/dist/client/client-manager.js +60 -37
- package/dist/client/client-manager.js.map +1 -1
- package/dist/client/client.d.ts.map +1 -1
- package/dist/client/client.js +1 -3
- package/dist/client/client.js.map +1 -1
- package/dist/constants.d.ts +2 -0
- package/dist/constants.d.ts.map +1 -1
- package/dist/constants.js +3 -1
- package/dist/constants.js.map +1 -1
- package/dist/device/device-manager.d.ts +1 -1
- package/dist/device/device-manager.d.ts.map +1 -1
- package/dist/device/device-manager.js +2 -2
- package/dist/device/device-manager.js.map +1 -1
- package/dist/errors/invalid-authorization-details-error.d.ts +4 -3
- package/dist/errors/invalid-authorization-details-error.d.ts.map +1 -1
- package/dist/errors/invalid-authorization-details-error.js +4 -4
- package/dist/errors/invalid-authorization-details-error.js.map +1 -1
- package/dist/lib/http/request.d.ts +3 -0
- package/dist/lib/http/request.d.ts.map +1 -1
- package/dist/lib/http/request.js +24 -12
- package/dist/lib/http/request.js.map +1 -1
- package/dist/metadata/build-metadata.d.ts +0 -1
- package/dist/metadata/build-metadata.d.ts.map +1 -1
- package/dist/metadata/build-metadata.js +9 -35
- package/dist/metadata/build-metadata.js.map +1 -1
- package/dist/oauth-hooks.d.ts +3 -10
- package/dist/oauth-hooks.d.ts.map +1 -1
- package/dist/oauth-provider.d.ts +8 -13
- package/dist/oauth-provider.d.ts.map +1 -1
- package/dist/oauth-provider.js +169 -109
- package/dist/oauth-provider.js.map +1 -1
- package/dist/oauth-verifier.d.ts +1 -2
- package/dist/oauth-verifier.d.ts.map +1 -1
- package/dist/oauth-verifier.js.map +1 -1
- package/dist/output/build-authorize-data.d.ts +6 -0
- package/dist/output/build-authorize-data.d.ts.map +1 -1
- package/dist/output/build-authorize-data.js +1 -0
- package/dist/output/build-authorize-data.js.map +1 -1
- package/dist/replay/replay-manager.d.ts +1 -0
- package/dist/replay/replay-manager.d.ts.map +1 -1
- package/dist/replay/replay-manager.js +3 -0
- package/dist/replay/replay-manager.js.map +1 -1
- package/dist/replay/replay-store.d.ts +1 -1
- package/dist/request/request-info.d.ts +2 -0
- package/dist/request/request-info.d.ts.map +1 -1
- package/dist/request/request-manager.d.ts +3 -9
- package/dist/request/request-manager.d.ts.map +1 -1
- package/dist/request/request-manager.js +52 -77
- package/dist/request/request-manager.js.map +1 -1
- package/dist/request/types.d.ts +10 -10
- package/dist/signer/signed-token-payload.d.ts +85 -85
- package/dist/signer/signer.d.ts +23 -30
- package/dist/signer/signer.d.ts.map +1 -1
- package/dist/signer/signer.js +0 -40
- package/dist/signer/signer.js.map +1 -1
- package/dist/token/token-claims.d.ts +81 -81
- package/dist/token/token-manager.d.ts +1 -2
- package/dist/token/token-manager.d.ts.map +1 -1
- package/dist/token/token-manager.js +10 -37
- package/dist/token/token-manager.js.map +1 -1
- package/dist/token/types.d.ts +10 -10
- package/package.json +2 -3
- package/src/account/account.ts +11 -7
- package/src/assets/app/backend-data.ts +9 -2
- package/src/assets/app/components/accept-form.tsx +65 -51
- package/src/assets/app/components/client-name.tsx +24 -16
- package/src/assets/app/components/url-viewer.tsx +3 -3
- package/src/assets/app/views/accept-view.tsx +7 -4
- package/src/assets/app/views/authorize-view.tsx +2 -1
- package/src/assets/assets-middleware.ts +14 -2
- package/src/client/client-manager.ts +78 -60
- package/src/client/client.ts +1 -4
- package/src/constants.ts +3 -0
- package/src/device/device-manager.ts +7 -1
- package/src/errors/invalid-authorization-details-error.ts +9 -4
- package/src/lib/http/request.ts +61 -15
- package/src/metadata/build-metadata.ts +9 -42
- package/src/oauth-hooks.ts +3 -13
- package/src/oauth-provider.ts +181 -159
- package/src/oauth-verifier.ts +1 -2
- package/src/output/build-authorize-data.ts +8 -0
- package/src/replay/replay-manager.ts +9 -0
- package/src/replay/replay-store.ts +1 -1
- package/src/request/request-info.ts +2 -0
- package/src/request/request-manager.ts +81 -107
- package/src/signer/signer.ts +0 -63
- package/src/token/token-manager.ts +8 -41
- package/dist/oidc/claims.d.ts +0 -16
- package/dist/oidc/claims.d.ts.map +0 -1
- package/dist/oidc/claims.js +0 -29
- package/dist/oidc/claims.js.map +0 -1
- package/dist/oidc/userinfo.d.ts +0 -7
- package/dist/oidc/userinfo.d.ts.map +0 -1
- package/dist/oidc/userinfo.js +0 -3
- package/dist/oidc/userinfo.js.map +0 -1
- package/dist/parameters/claims-requested.d.ts +0 -3
- package/dist/parameters/claims-requested.d.ts.map +0 -1
- package/dist/parameters/claims-requested.js +0 -77
- package/dist/parameters/claims-requested.js.map +0 -1
- package/dist/parameters/oidc-payload.d.ts +0 -31
- package/dist/parameters/oidc-payload.d.ts.map +0 -1
- package/dist/parameters/oidc-payload.js +0 -25
- package/dist/parameters/oidc-payload.js.map +0 -1
- package/src/assets/app/components/client-identifier.tsx +0 -31
- package/src/oidc/claims.ts +0 -35
- package/src/oidc/userinfo.ts +0 -11
- package/src/parameters/claims-requested.ts +0 -106
- package/src/parameters/oidc-payload.ts +0 -28
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-verifier.js","sourceRoot":"","sources":["../src/oauth-verifier.ts"],"names":[],"mappings":";;;AAAA,sCAAuD;
|
|
1
|
+
{"version":3,"file":"oauth-verifier.js","sourceRoot":"","sources":["../src/oauth-verifier.ts"],"names":[],"mappings":";;;AAAA,sCAAuD;AAyErD,uFAzEY,YAAM,OAyEZ;AAxER,sDAI6B;AAG7B,8EAAqE;AA+DnE,gGA/DO,sCAAe,OA+DP;AA9DjB,4DAAwE;AACxE,wDAAgD;AA8D9C,0FA9DO,yBAAS,OA8DP;AA7DX,sFAA4E;AAC5E,4EAAmE;AACnE,8EAAoE;AACpE,kFAAyE;AACzE,gFAA6E;AAE7E,kEAA0D;AAC1D,4EAAmE;AACnE,0EAAiE;AAEjE,kDAA2C;AAC3C,2EAIuC;AAoDvC,MAAa,aAAa;IACR,MAAM,CAAQ;IACd,MAAM,CAAQ;IAEX,eAAe,CAAiB;IAChC,WAAW,CAAa;IACxB,aAAa,CAAe;IAC5B,MAAM,CAAQ;IAEjC,YAAY,EACV,KAAK,EACL,MAAM,EACN,MAAM,EACN,WAAW,GAAG,KAAK,IAAI,IAAI;QACzB,CAAC,CAAC,IAAI,wCAAgB,CAAC,EAAE,KAAK,EAAE,CAAC;QACjC,CAAC,CAAC,IAAI,0CAAiB,EAAE,EAC3B,eAAe,GAAG,sCAAe,CAAC,GAAG,EAErC,GAAG,cAAc,EACI;QACrB,MAAM,YAAY,GAAG,yCAA2B,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;QAC9D,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,CAAA;QAEvC,oCAAoC;QACpC,IAAI,SAAS,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;YAC/B,MAAM,IAAI,SAAS,CACjB,yDAAyD,SAAS,GAAG,CACtE,CAAA;QACH,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,YAAY,CAAA;QAC1B,IAAI,CAAC,MAAM,GAAG,MAAM,YAAY,YAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,YAAM,CAAC,MAAM,CAAC,CAAA;QAEpE,IAAI,CAAC,eAAe,GAAG,eAAe,CAAA;QACtC,IAAI,CAAC,WAAW,GAAG,IAAI,6BAAW,CAAC,cAAc,CAAC,CAAA;QAClD,IAAI,CAAC,aAAa,GAAG,IAAI,iCAAa,CAAC,WAAW,CAAC,CAAA;QACnD,IAAI,CAAC,MAAM,GAAG,IAAI,kBAAM,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,CAAA;IACpD,CAAC;IAEM,aAAa;QAClB,OAAO,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,CAAA;IACrC,CAAC;IAEM,KAAK,CAAC,cAAc,CACzB,KAAc,EACd,GAAW,EACX,GAAiB,EACjB,WAAoB;QAEpB,IAAI,KAAK,KAAK,SAAS;YAAE,OAAO,IAAI,CAAA;QAEpC,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,CACxD,KAAK,EACL,GAAG,EACH,GAAG,EACH,WAAW,CACZ,CAAA;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QAC/D,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,mDAAqB,CAAC,8BAA8B,CAAC,CAAA;QAE5E,OAAO,GAAG,CAAA;IACZ,CAAC;IAES,sBAAsB,CAC9B,SAAyB,EACzB,eAAgC;QAEhC,IACE,IAAI,CAAC,eAAe,KAAK,sCAAe,CAAC,IAAI;YAC7C,IAAI,CAAC,eAAe,KAAK,eAAe,EACxC,CAAC;YACD,MAAM,IAAI,0CAAiB,CAAC,SAAS,EAAE,oBAAoB,CAAC,CAAA;QAC9D,CAAC;IACH,CAAC;IAES,KAAK,CAAC,iBAAiB,CAC/B,SAAyB,EACzB,KAAkB,EAClB,OAAsB,EACtB,aAAwC;QAExC,IAAI,CAAC,IAAA,iBAAW,EAAC,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,0CAAiB,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAA;QAC3D,CAAC;QAED,IAAI,CAAC,sBAAsB,CAAC,SAAS,EAAE,sCAAe,CAAC,GAAG,CAAC,CAAA;QAE3D,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM;aAClC,iBAAiB,CAAC,KAAK,CAAC;aACxB,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACb,MAAM,0CAAiB,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;QAC9C,CAAC,CAAC,CAAA;QAEJ,OAAO,IAAA,0CAAiB,EACtB,KAAK,EACL,OAAO,CAAC,GAAG,EACX,SAAS,EACT,OAAO,EACP,OAAO,EACP,aAAa,CACd,CAAA;IACH,CAAC;IAEM,KAAK,CAAC,mBAAmB,CAC9B,MAAc,EACd,GAAQ,EACR,OAGC,EACD,aAAwC;QAExC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,GAAG,IAAA,kDAAwB,EAAC,OAAO,CAAC,aAAa,CAAC,CAAA;QAC1E,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CACvC,OAAO,CAAC,IAAI,EACZ,MAAM,EACN,GAAG,EACH,KAAK,CACN,CAAA;YAED,IAAI,SAAS,KAAK,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;gBACrC,MAAM,IAAI,mDAAqB,CAAC,qBAAqB,CAAC,CAAA;YACxD,CAAC;YAED,OAAO,MAAM,IAAI,CAAC,iBAAiB,CACjC,SAAS,EACT,KAAK,EACL,OAAO,EACP,aAAa,CACd,CAAA;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,2CAAiB;gBAAE,MAAM,GAAG,CAAC,sBAAsB,EAAE,CAAA;YACxE,IAAI,GAAG,YAAY,gDAAoB;gBAAE,MAAM,GAAG,CAAA;YAElD,MAAM,0CAAiB,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;QAC9C,CAAC;IACH,CAAC;CACF;AA3ID,sCA2IC"}
|
|
@@ -3,12 +3,17 @@ import { DeviceAccountInfo } from '../account/account-store.js';
|
|
|
3
3
|
import { Account } from '../account/account.js';
|
|
4
4
|
import { Client } from '../client/client.js';
|
|
5
5
|
import { RequestUri } from '../request/request-uri.js';
|
|
6
|
+
export type ScopeDetail = {
|
|
7
|
+
scope: string;
|
|
8
|
+
description?: string;
|
|
9
|
+
};
|
|
6
10
|
export type AuthorizationResultAuthorize = {
|
|
7
11
|
issuer: string;
|
|
8
12
|
client: Client;
|
|
9
13
|
parameters: OAuthAuthenticationRequestParameters;
|
|
10
14
|
authorize: {
|
|
11
15
|
uri: RequestUri;
|
|
16
|
+
scopeDetails?: ScopeDetail[];
|
|
12
17
|
sessions: readonly {
|
|
13
18
|
account: Account;
|
|
14
19
|
info: DeviceAccountInfo;
|
|
@@ -32,6 +37,7 @@ export type AuthorizeData = {
|
|
|
32
37
|
requestUri: string;
|
|
33
38
|
csrfCookie: string;
|
|
34
39
|
loginHint?: string;
|
|
40
|
+
scopeDetails?: ScopeDetail[];
|
|
35
41
|
newSessionsRequireConsent: boolean;
|
|
36
42
|
sessions: Session[];
|
|
37
43
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"build-authorize-data.d.ts","sourceRoot":"","sources":["../../src/output/build-authorize-data.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oCAAoC,EACpC,mBAAmB,EACpB,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAA;AAC/D,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAA;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAA;AAEtD,MAAM,MAAM,4BAA4B,GAAG;IACzC,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,UAAU,EAAE,oCAAoC,CAAA;IAChD,SAAS,EAAE;QACT,GAAG,EAAE,UAAU,CAAA;QACf,QAAQ,EAAE,SAAS;YACjB,OAAO,EAAE,OAAO,CAAA;YAChB,IAAI,EAAE,iBAAiB,CAAA;YAEvB,QAAQ,EAAE,OAAO,CAAA;YACjB,aAAa,EAAE,OAAO,CAAA;YACtB,eAAe,EAAE,OAAO,CAAA;SACzB,EAAE,CAAA;KACJ,CAAA;CACF,CAAA;AAKD,KAAK,OAAO,GAAG;IACb,OAAO,EAAE,OAAO,CAAA;IAChB,IAAI,CAAC,EAAE,KAAK,CAAA;IAEZ,QAAQ,EAAE,OAAO,CAAA;IACjB,aAAa,EAAE,OAAO,CAAA;IACtB,eAAe,EAAE,OAAO,CAAA;CACzB,CAAA;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B,QAAQ,EAAE,MAAM,CAAA;IAChB,cAAc,EAAE,mBAAmB,CAAA;IACnC,aAAa,EAAE,OAAO,CAAA;IACtB,UAAU,EAAE,MAAM,CAAA;IAClB,UAAU,EAAE,MAAM,CAAA;IAClB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,yBAAyB,EAAE,OAAO,CAAA;IAClC,QAAQ,EAAE,OAAO,EAAE,CAAA;CACpB,CAAA;AAED,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,4BAA4B,GACjC,aAAa,
|
|
1
|
+
{"version":3,"file":"build-authorize-data.d.ts","sourceRoot":"","sources":["../../src/output/build-authorize-data.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oCAAoC,EACpC,mBAAmB,EACpB,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAA;AAC/D,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAA;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAA;AAEtD,MAAM,MAAM,WAAW,GAAG;IACxB,KAAK,EAAE,MAAM,CAAA;IACb,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB,CAAA;AAED,MAAM,MAAM,4BAA4B,GAAG;IACzC,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,UAAU,EAAE,oCAAoC,CAAA;IAChD,SAAS,EAAE;QACT,GAAG,EAAE,UAAU,CAAA;QACf,YAAY,CAAC,EAAE,WAAW,EAAE,CAAA;QAC5B,QAAQ,EAAE,SAAS;YACjB,OAAO,EAAE,OAAO,CAAA;YAChB,IAAI,EAAE,iBAAiB,CAAA;YAEvB,QAAQ,EAAE,OAAO,CAAA;YACjB,aAAa,EAAE,OAAO,CAAA;YACtB,eAAe,EAAE,OAAO,CAAA;SACzB,EAAE,CAAA;KACJ,CAAA;CACF,CAAA;AAKD,KAAK,OAAO,GAAG;IACb,OAAO,EAAE,OAAO,CAAA;IAChB,IAAI,CAAC,EAAE,KAAK,CAAA;IAEZ,QAAQ,EAAE,OAAO,CAAA;IACjB,aAAa,EAAE,OAAO,CAAA;IACtB,eAAe,EAAE,OAAO,CAAA;CACzB,CAAA;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B,QAAQ,EAAE,MAAM,CAAA;IAChB,cAAc,EAAE,mBAAmB,CAAA;IACnC,aAAa,EAAE,OAAO,CAAA;IACtB,UAAU,EAAE,MAAM,CAAA;IAClB,UAAU,EAAE,MAAM,CAAA;IAClB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,YAAY,CAAC,EAAE,WAAW,EAAE,CAAA;IAC5B,yBAAyB,EAAE,OAAO,CAAA;IAClC,QAAQ,EAAE,OAAO,EAAE,CAAA;CACpB,CAAA;AAED,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,4BAA4B,GACjC,aAAa,CAmBf"}
|
|
@@ -10,6 +10,7 @@ function buildAuthorizeData(data) {
|
|
|
10
10
|
csrfCookie: `csrf-${data.authorize.uri}`,
|
|
11
11
|
loginHint: data.parameters.login_hint,
|
|
12
12
|
newSessionsRequireConsent: data.parameters.prompt === 'consent',
|
|
13
|
+
scopeDetails: data.authorize.scopeDetails,
|
|
13
14
|
sessions: data.authorize.sessions.map((session) => ({
|
|
14
15
|
account: session.account,
|
|
15
16
|
selected: session.selected,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"build-authorize-data.js","sourceRoot":"","sources":["../../src/output/build-authorize-data.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"build-authorize-data.js","sourceRoot":"","sources":["../../src/output/build-authorize-data.ts"],"names":[],"mappings":";;;AAyDA,SAAgB,kBAAkB,CAChC,IAAkC;IAElC,OAAO;QACL,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE;QACxB,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;QACpC,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS;QACzC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG;QAC9B,UAAU,EAAE,QAAQ,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE;QACxC,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,UAAU;QACrC,yBAAyB,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM,KAAK,SAAS;QAC/D,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,YAAY;QACzC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,CACnC,CAAC,OAAO,EAAW,EAAE,CAAC,CAAC;YACrB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,aAAa,EAAE,OAAO,CAAC,aAAa;YACpC,eAAe,EAAE,OAAO,CAAC,eAAe;SACzC,CAAC,CACH;KACF,CAAA;AACH,CAAC;AArBD,gDAqBC"}
|
|
@@ -6,5 +6,6 @@ export declare class ReplayManager {
|
|
|
6
6
|
uniqueAuth(jti: string, clientId: ClientId): Promise<boolean>;
|
|
7
7
|
uniqueJar(jti: string, clientId: ClientId): Promise<boolean>;
|
|
8
8
|
uniqueDpop(jti: string, clientId?: ClientId): Promise<boolean>;
|
|
9
|
+
uniqueCodeChallenge(challenge: string): Promise<boolean>;
|
|
9
10
|
}
|
|
10
11
|
//# sourceMappingURL=replay-manager.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"replay-manager.d.ts","sourceRoot":"","sources":["../../src/replay/replay-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;
|
|
1
|
+
{"version":3,"file":"replay-manager.d.ts","sourceRoot":"","sources":["../../src/replay/replay-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AAOjD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAK/C,qBAAa,aAAa;IACZ,SAAS,CAAC,QAAQ,CAAC,WAAW,EAAE,WAAW;gBAAxB,WAAW,EAAE,WAAW;IAEjD,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC;IAQ7D,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC;IAQ5D,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC;IAQ9D,mBAAmB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAO/D"}
|
|
@@ -18,6 +18,9 @@ class ReplayManager {
|
|
|
18
18
|
async uniqueDpop(jti, clientId) {
|
|
19
19
|
return this.replayStore.unique(clientId ? `DPoP@${clientId}` : `DPoP`, jti, asTimeFrame(constants_js_1.DPOP_NONCE_MAX_AGE));
|
|
20
20
|
}
|
|
21
|
+
async uniqueCodeChallenge(challenge) {
|
|
22
|
+
return this.replayStore.unique('CodeChallenge', challenge, asTimeFrame(constants_js_1.CODE_CHALLENGE_REPLAY_TIMEFRAME));
|
|
23
|
+
}
|
|
21
24
|
}
|
|
22
25
|
exports.ReplayManager = ReplayManager;
|
|
23
26
|
//# sourceMappingURL=replay-manager.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"replay-manager.js","sourceRoot":"","sources":["../../src/replay/replay-manager.ts"],"names":[],"mappings":";;;AACA,
|
|
1
|
+
{"version":3,"file":"replay-manager.js","sourceRoot":"","sources":["../../src/replay/replay-manager.ts"],"names":[],"mappings":";;;AACA,kDAKwB;AAGxB,MAAM,cAAc,GAAG,GAAG,CAAA,CAAC,8BAA8B;AACzD,MAAM,WAAW,GAAG,CAAC,SAAiB,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,GAAG,cAAc,CAAC,CAAA;AAEhF,MAAa,aAAa;IACO;IAA/B,YAA+B,WAAwB;QAAxB,gBAAW,GAAX,WAAW,CAAa;IAAG,CAAC;IAE3D,KAAK,CAAC,UAAU,CAAC,GAAW,EAAE,QAAkB;QAC9C,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,CAC5B,QAAQ,QAAQ,EAAE,EAClB,GAAG,EACH,WAAW,CAAC,uCAAwB,CAAC,CACtC,CAAA;IACH,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,GAAW,EAAE,QAAkB;QAC7C,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,CAC5B,OAAO,QAAQ,EAAE,EACjB,GAAG,EACH,WAAW,CAAC,0BAAW,CAAC,CACzB,CAAA;IACH,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,GAAW,EAAE,QAAmB;QAC/C,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,CAC5B,QAAQ,CAAC,CAAC,CAAC,QAAQ,QAAQ,EAAE,CAAC,CAAC,CAAC,MAAM,EACtC,GAAG,EACH,WAAW,CAAC,iCAAkB,CAAC,CAChC,CAAA;IACH,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,SAAiB;QACzC,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,CAC5B,eAAe,EACf,SAAS,EACT,WAAW,CAAC,8CAA+B,CAAC,CAC7C,CAAA;IACH,CAAC;CACF;AAlCD,sCAkCC"}
|
|
@@ -6,7 +6,7 @@ export interface ReplayStore {
|
|
|
6
6
|
* strictly necessary for security purposes, the namespace should be used to
|
|
7
7
|
* mitigate denial of service attacks from one client to the other.
|
|
8
8
|
*
|
|
9
|
-
* @param timeFrame expressed in milliseconds.
|
|
9
|
+
* @param timeFrame expressed in milliseconds.
|
|
10
10
|
*/
|
|
11
11
|
unique(namespace: string, nonce: string, timeFrame: number): Awaitable<boolean>;
|
|
12
12
|
}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { OAuthAuthenticationRequestParameters } from '@atproto/oauth-types';
|
|
2
|
+
import { ClientId } from '../client/client-id.js';
|
|
2
3
|
import { ClientAuth } from '../client/client-auth.js';
|
|
3
4
|
import { RequestId } from './request-id.js';
|
|
4
5
|
import { RequestUri } from './request-uri.js';
|
|
@@ -7,6 +8,7 @@ export type RequestInfo = {
|
|
|
7
8
|
uri: RequestUri;
|
|
8
9
|
parameters: Readonly<OAuthAuthenticationRequestParameters>;
|
|
9
10
|
expiresAt: Date;
|
|
11
|
+
clientId: ClientId;
|
|
10
12
|
clientAuth: ClientAuth;
|
|
11
13
|
};
|
|
12
14
|
//# sourceMappingURL=request-info.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"request-info.d.ts","sourceRoot":"","sources":["../../src/request/request-info.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oCAAoC,EAAE,MAAM,sBAAsB,CAAA;AAC3E,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AACrD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE7C,MAAM,MAAM,WAAW,GAAG;IACxB,EAAE,EAAE,SAAS,CAAA;IACb,GAAG,EAAE,UAAU,CAAA;IACf,UAAU,EAAE,QAAQ,CAAC,oCAAoC,CAAC,CAAA;IAC1D,SAAS,EAAE,IAAI,CAAA;IACf,UAAU,EAAE,UAAU,CAAA;CACvB,CAAA"}
|
|
1
|
+
{"version":3,"file":"request-info.d.ts","sourceRoot":"","sources":["../../src/request/request-info.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oCAAoC,EAAE,MAAM,sBAAsB,CAAA;AAC3E,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AACrD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE7C,MAAM,MAAM,WAAW,GAAG;IACxB,EAAE,EAAE,SAAS,CAAA;IACb,GAAG,EAAE,UAAU,CAAA;IACf,UAAU,EAAE,QAAQ,CAAC,oCAAoC,CAAC,CAAA;IAC1D,SAAS,EAAE,IAAI,CAAA;IACf,QAAQ,EAAE,QAAQ,CAAA;IAClB,UAAU,EAAE,UAAU,CAAA;CACvB,CAAA"}
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
import { OAuthAuthenticationRequestParameters, OAuthAuthorizationServerMetadata } from '@atproto/oauth-types';
|
|
2
|
-
import { DeviceAccountInfo } from '../account/account-store.js';
|
|
3
2
|
import { Account } from '../account/account.js';
|
|
4
3
|
import { ClientAuth } from '../client/client-auth.js';
|
|
5
4
|
import { ClientId } from '../client/client-id.js';
|
|
@@ -17,19 +16,14 @@ export declare class RequestManager {
|
|
|
17
16
|
protected readonly signer: Signer;
|
|
18
17
|
protected readonly metadata: OAuthAuthorizationServerMetadata;
|
|
19
18
|
protected readonly hooks: OAuthHooks;
|
|
20
|
-
protected readonly pkceRequired: boolean;
|
|
21
19
|
protected readonly tokenMaxAge: number;
|
|
22
|
-
constructor(store: RequestStore, signer: Signer, metadata: OAuthAuthorizationServerMetadata, hooks: OAuthHooks,
|
|
20
|
+
constructor(store: RequestStore, signer: Signer, metadata: OAuthAuthorizationServerMetadata, hooks: OAuthHooks, tokenMaxAge?: number);
|
|
23
21
|
protected createTokenExpiry(): Date;
|
|
24
22
|
createAuthorizationRequest(client: Client, clientAuth: ClientAuth, input: Readonly<OAuthAuthenticationRequestParameters>, deviceId: null | DeviceId, dpopJkt: null | string): Promise<RequestInfo>;
|
|
25
23
|
protected create(client: Client, clientAuth: ClientAuth, parameters: Readonly<OAuthAuthenticationRequestParameters>, deviceId?: null | DeviceId): Promise<RequestInfo>;
|
|
26
|
-
validate(client: Client, clientAuth: ClientAuth, parameters: Readonly<OAuthAuthenticationRequestParameters>, dpopJkt: null | string
|
|
24
|
+
validate(client: Client, clientAuth: ClientAuth, parameters: Readonly<OAuthAuthenticationRequestParameters>, dpopJkt: null | string): Promise<Readonly<OAuthAuthenticationRequestParameters>>;
|
|
27
25
|
get(uri: RequestUri, clientId: ClientId, deviceId: DeviceId): Promise<RequestInfo>;
|
|
28
|
-
setAuthorized(client: Client, uri: RequestUri, deviceId: DeviceId, account: Account
|
|
29
|
-
code?: Code;
|
|
30
|
-
token?: string;
|
|
31
|
-
id_token?: string;
|
|
32
|
-
}>;
|
|
26
|
+
setAuthorized(client: Client, uri: RequestUri, deviceId: DeviceId, account: Account): Promise<Code>;
|
|
33
27
|
/**
|
|
34
28
|
* @note If this method throws an error, any token previously generated from
|
|
35
29
|
* the same `code` **must** me revoked.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"request-manager.d.ts","sourceRoot":"","sources":["../../src/request/request-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,oCAAoC,EACpC,gCAAgC,EACjC,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"request-manager.d.ts","sourceRoot":"","sources":["../../src/request/request-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,oCAAoC,EACpC,gCAAgC,EACjC,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAA;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AACjD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAM5C,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AAQjD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAC5C,OAAO,EAAE,IAAI,EAAgB,MAAM,WAAW,CAAA;AAC9C,OAAO,EAEL,qBAAqB,EACtB,MAAM,mBAAmB,CAAA;AAE1B,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAC/C,OAAO,EAAE,YAAY,EAAqB,MAAM,oBAAoB,CAAA;AACpE,OAAO,EAGL,UAAU,EACX,MAAM,kBAAkB,CAAA;AAEzB,qBAAa,cAAc;IAEvB,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,YAAY;IACtC,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,MAAM;IACjC,SAAS,CAAC,QAAQ,CAAC,QAAQ,EAAE,gCAAgC;IAC7D,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,UAAU;IACpC,SAAS,CAAC,QAAQ,CAAC,WAAW;gBAJX,KAAK,EAAE,YAAY,EACnB,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,gCAAgC,EAC1C,KAAK,EAAE,UAAU,EACjB,WAAW,SAAgB;IAGhD,SAAS,CAAC,iBAAiB;IAIrB,0BAA0B,CAC9B,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,QAAQ,CAAC,oCAAoC,CAAC,EACrD,QAAQ,EAAE,IAAI,GAAG,QAAQ,EACzB,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,WAAW,CAAC;cAKP,MAAM,CACpB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,UAAU,EAAE,QAAQ,CAAC,oCAAoC,CAAC,EAC1D,QAAQ,GAAE,IAAI,GAAG,QAAe,GAC/B,OAAO,CAAC,WAAW,CAAC;IAkBjB,QAAQ,CACZ,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,UAAU,EAAE,QAAQ,CAAC,oCAAoC,CAAC,EAC1D,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,QAAQ,CAAC,oCAAoC,CAAC,CAAC;IA8LpD,GAAG,CACP,GAAG,EAAE,UAAU,EACf,QAAQ,EAAE,QAAQ,EAClB,QAAQ,EAAE,QAAQ,GACjB,OAAO,CAAC,WAAW,CAAC;IA4DjB,aAAa,CACjB,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,UAAU,EACf,QAAQ,EAAE,QAAQ,EAClB,OAAO,EAAE,OAAO,GACf,OAAO,CAAC,IAAI,CAAC;IA+ChB;;;OAGG;IACU,QAAQ,CACnB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,IAAI,EAAE,IAAI,GACT,OAAO,CAAC,qBAAqB,CAAC;IA2C3B,MAAM,CAAC,GAAG,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;CAI7C"}
|
|
@@ -5,11 +5,11 @@ const oauth_types_1 = require("@atproto/oauth-types");
|
|
|
5
5
|
const constants_js_1 = require("../constants.js");
|
|
6
6
|
const access_denied_error_js_1 = require("../errors/access-denied-error.js");
|
|
7
7
|
const consent_required_error_js_1 = require("../errors/consent-required-error.js");
|
|
8
|
+
const invalid_authorization_details_error_js_1 = require("../errors/invalid-authorization-details-error.js");
|
|
8
9
|
const invalid_grant_error_js_1 = require("../errors/invalid-grant-error.js");
|
|
9
10
|
const invalid_parameters_error_js_1 = require("../errors/invalid-parameters-error.js");
|
|
10
11
|
const invalid_request_error_js_1 = require("../errors/invalid-request-error.js");
|
|
11
12
|
const redirect_uri_js_1 = require("../lib/util/redirect-uri.js");
|
|
12
|
-
const claims_js_1 = require("../oidc/claims.js");
|
|
13
13
|
const code_js_1 = require("./code.js");
|
|
14
14
|
const request_data_js_1 = require("./request-data.js");
|
|
15
15
|
const request_id_js_1 = require("./request-id.js");
|
|
@@ -19,14 +19,12 @@ class RequestManager {
|
|
|
19
19
|
signer;
|
|
20
20
|
metadata;
|
|
21
21
|
hooks;
|
|
22
|
-
pkceRequired;
|
|
23
22
|
tokenMaxAge;
|
|
24
|
-
constructor(store, signer, metadata, hooks,
|
|
23
|
+
constructor(store, signer, metadata, hooks, tokenMaxAge = constants_js_1.TOKEN_MAX_AGE) {
|
|
25
24
|
this.store = store;
|
|
26
25
|
this.signer = signer;
|
|
27
26
|
this.metadata = metadata;
|
|
28
27
|
this.hooks = hooks;
|
|
29
|
-
this.pkceRequired = pkceRequired;
|
|
30
28
|
this.tokenMaxAge = tokenMaxAge;
|
|
31
29
|
}
|
|
32
30
|
createTokenExpiry() {
|
|
@@ -49,9 +47,22 @@ class RequestManager {
|
|
|
49
47
|
code: null,
|
|
50
48
|
});
|
|
51
49
|
const uri = (0, request_uri_js_1.encodeRequestUri)(id);
|
|
52
|
-
return { id, uri, expiresAt, parameters, clientAuth };
|
|
50
|
+
return { id, uri, expiresAt, parameters, clientId: client.id, clientAuth };
|
|
53
51
|
}
|
|
54
|
-
async validate(client, clientAuth, parameters, dpopJkt
|
|
52
|
+
async validate(client, clientAuth, parameters, dpopJkt) {
|
|
53
|
+
for (const k of [
|
|
54
|
+
// Known unsupported OIDC parameters
|
|
55
|
+
'claims',
|
|
56
|
+
'id_token_hint',
|
|
57
|
+
'nonce', // note that OIDC "nonce" is redundant with PKCE
|
|
58
|
+
]) {
|
|
59
|
+
if (parameters[k]) {
|
|
60
|
+
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Unsupported "${k}" parameter`);
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
if (parameters.response_type !== 'code') {
|
|
64
|
+
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'Only "code" response type is allowed');
|
|
65
|
+
}
|
|
55
66
|
// https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-10#section-1.4.1
|
|
56
67
|
// > The authorization server MAY fully or partially ignore the scope
|
|
57
68
|
// > requested by the client, based on the authorization server policy or
|
|
@@ -59,36 +70,39 @@ class RequestManager {
|
|
|
59
70
|
// > different from the one requested by the client, the authorization
|
|
60
71
|
// > server MUST include the scope response parameter in the token response
|
|
61
72
|
// > (Section 3.2.3) to inform the client of the actual scope granted.
|
|
62
|
-
const cScopes = client.metadata.scope?.split(' ');
|
|
73
|
+
const cScopes = client.metadata.scope?.split(' ').filter(Boolean);
|
|
63
74
|
const sScopes = this.metadata.scopes_supported;
|
|
64
|
-
const scopes = (parameters.scope ||
|
|
65
|
-
|
|
66
|
-
.
|
|
75
|
+
const scopes = new Set(parameters.scope?.split(' ').filter(Boolean) || cScopes);
|
|
76
|
+
if (scopes.has('openid')) {
|
|
77
|
+
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'OpenID Connect is not supported');
|
|
78
|
+
}
|
|
79
|
+
if (!scopes.has('atproto')) {
|
|
80
|
+
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'The "atproto" scope is required');
|
|
81
|
+
}
|
|
67
82
|
for (const scope of scopes) {
|
|
68
|
-
|
|
83
|
+
// Loopback clients do not define any scope in their metadata
|
|
84
|
+
if (cScopes && !cScopes.includes(scope)) {
|
|
69
85
|
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Scope "${scope}" is not registered for this client`);
|
|
70
86
|
}
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
for
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
if (!scopes?.includes(scope)) {
|
|
77
|
-
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Essential ${claim} claim requires "${scope}" scope`);
|
|
78
|
-
}
|
|
79
|
-
}
|
|
87
|
+
// Currently, the implementation requires all the scopes to be statically
|
|
88
|
+
// defined in the server metadata. In the future, we might add support
|
|
89
|
+
// for dynamic scopes.
|
|
90
|
+
if (!sScopes?.includes(scope)) {
|
|
91
|
+
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Scope "${scope}" is not supported by this server`);
|
|
80
92
|
}
|
|
81
93
|
}
|
|
82
|
-
parameters = { ...parameters, scope: scopes.join(' ') };
|
|
83
|
-
const responseTypes = parameters.response_type.split(' ');
|
|
94
|
+
parameters = { ...parameters, scope: [...scopes].join(' ') || undefined };
|
|
84
95
|
if (parameters.authorization_details) {
|
|
85
96
|
const clientAuthDetailsTypes = client.metadata.authorization_details_types;
|
|
86
97
|
if (!clientAuthDetailsTypes) {
|
|
87
|
-
throw new
|
|
98
|
+
throw new invalid_authorization_details_error_js_1.InvalidAuthorizationDetailsError(parameters, 'Client Metadata does not declare any "authorization_details"');
|
|
88
99
|
}
|
|
89
100
|
for (const detail of parameters.authorization_details) {
|
|
101
|
+
if (!this.metadata.authorization_details_types_supported?.includes(detail.type)) {
|
|
102
|
+
throw new invalid_authorization_details_error_js_1.InvalidAuthorizationDetailsError(parameters, `Unsupported "authorization_details" type "${detail.type}"`);
|
|
103
|
+
}
|
|
90
104
|
if (!clientAuthDetailsTypes?.includes(detail.type)) {
|
|
91
|
-
throw new
|
|
105
|
+
throw new invalid_authorization_details_error_js_1.InvalidAuthorizationDetailsError(parameters, `Client Metadata does not declare any "authorization_details" of type "${detail.type}"`);
|
|
92
106
|
}
|
|
93
107
|
}
|
|
94
108
|
}
|
|
@@ -113,11 +127,9 @@ class RequestManager {
|
|
|
113
127
|
if (!client.metadata.response_types.includes(parameters.response_type)) {
|
|
114
128
|
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Unsupported response_type "${parameters.response_type}"`, 'unsupported_response_type');
|
|
115
129
|
}
|
|
116
|
-
if (pkceRequired && responseTypes.includes('token')) {
|
|
117
|
-
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Response type "${parameters.response_type}" is incompatible with PKCE`, 'unsupported_response_type');
|
|
118
|
-
}
|
|
119
130
|
// https://datatracker.ietf.org/doc/html/rfc7636#section-4.4.1
|
|
120
|
-
|
|
131
|
+
// PKCE is mandatory
|
|
132
|
+
if (!parameters.code_challenge) {
|
|
121
133
|
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'code_challenge is required');
|
|
122
134
|
}
|
|
123
135
|
if (parameters.code_challenge &&
|
|
@@ -129,39 +141,13 @@ class RequestManager {
|
|
|
129
141
|
if (parameters.code_challenge_method && !parameters.code_challenge) {
|
|
130
142
|
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'code_challenge_method requires code_challenge');
|
|
131
143
|
}
|
|
132
|
-
//
|
|
133
|
-
//
|
|
134
|
-
//
|
|
135
|
-
//
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
// > the ID Token. Sufficient entropy MUST be present in the nonce values
|
|
140
|
-
// > used to prevent attackers from guessing values. For implementation
|
|
141
|
-
// > notes, see Section 15.5.2.
|
|
142
|
-
if (responseTypes.includes('id_token') && !parameters.nonce) {
|
|
143
|
-
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'nonce is required for implicit and hybrid flows');
|
|
144
|
-
}
|
|
145
|
-
// Make "expensive" checks after the "cheaper" checks
|
|
146
|
-
if (parameters.id_token_hint != null) {
|
|
147
|
-
const { payload } = await this.signer.verify(parameters.id_token_hint, {
|
|
148
|
-
// these are meant to be outdated when used as a hint
|
|
149
|
-
clockTolerance: Infinity,
|
|
150
|
-
});
|
|
151
|
-
if (!payload.sub) {
|
|
152
|
-
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Unexpected empty id_token_hint "sub"`);
|
|
153
|
-
}
|
|
154
|
-
else if (parameters.login_hint == null) {
|
|
155
|
-
parameters = { ...parameters, login_hint: payload.sub };
|
|
156
|
-
}
|
|
157
|
-
else if (parameters.login_hint !== payload.sub) {
|
|
158
|
-
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'login_hint does not match "sub" of id_token_hint');
|
|
159
|
-
}
|
|
160
|
-
}
|
|
161
|
-
// ATPROTO extension: if the client is not trusted, force users to consent
|
|
162
|
-
// to authorization requests. We do this to avoid unauthenticated clients
|
|
163
|
-
// from being able to silently re-authenticate users.
|
|
164
|
-
if (clientAuth.method === 'none' && !client.info.isFirstParty) {
|
|
144
|
+
// ATPROTO extension: if the client is not trusted, and not authenticated,
|
|
145
|
+
// force users to consent to authorization requests. We do this to avoid
|
|
146
|
+
// unauthenticated clients from being able to silently re-authenticate
|
|
147
|
+
// users.
|
|
148
|
+
if (!client.info.isTrusted &&
|
|
149
|
+
!client.info.isFirstParty &&
|
|
150
|
+
clientAuth.method === 'none') {
|
|
165
151
|
if (parameters.prompt === 'none') {
|
|
166
152
|
throw new consent_required_error_js_1.ConsentRequiredError(parameters, 'Public clients are not allowed to use silent-sign-on');
|
|
167
153
|
}
|
|
@@ -210,10 +196,11 @@ class RequestManager {
|
|
|
210
196
|
uri,
|
|
211
197
|
expiresAt: updates.expiresAt || data.expiresAt,
|
|
212
198
|
parameters: data.parameters,
|
|
199
|
+
clientId: data.clientId,
|
|
213
200
|
clientAuth: data.clientAuth,
|
|
214
201
|
};
|
|
215
202
|
}
|
|
216
|
-
async setAuthorized(client, uri, deviceId, account
|
|
203
|
+
async setAuthorized(client, uri, deviceId, account) {
|
|
217
204
|
const id = (0, request_uri_js_1.decodeRequestUri)(uri);
|
|
218
205
|
const data = await this.store.readRequest(id);
|
|
219
206
|
if (!data)
|
|
@@ -231,13 +218,8 @@ class RequestManager {
|
|
|
231
218
|
if (data.sub || data.code) {
|
|
232
219
|
throw new access_denied_error_js_1.AccessDeniedError(data.parameters, 'This request was already authorized');
|
|
233
220
|
}
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
throw new access_denied_error_js_1.AccessDeniedError(data.parameters, 'Implicit "token" forbidden (use "code" with PKCE instead)');
|
|
237
|
-
}
|
|
238
|
-
const code = responseType.includes('code')
|
|
239
|
-
? await (0, code_js_1.generateCode)()
|
|
240
|
-
: undefined;
|
|
221
|
+
// Only response_type=code is supported
|
|
222
|
+
const code = await (0, code_js_1.generateCode)();
|
|
241
223
|
// Bind the request to the account, preventing it from being used again.
|
|
242
224
|
await this.store.updateRequest(id, {
|
|
243
225
|
sub: account.sub,
|
|
@@ -245,14 +227,7 @@ class RequestManager {
|
|
|
245
227
|
// Allow the client to exchange the code for a token within the next 60 seconds.
|
|
246
228
|
expiresAt: new Date(Date.now() + constants_js_1.AUTHORIZATION_INACTIVITY_TIMEOUT),
|
|
247
229
|
});
|
|
248
|
-
|
|
249
|
-
? await this.signer.idToken(client, data.parameters, account, {
|
|
250
|
-
auth_time: info.authenticatedAt,
|
|
251
|
-
exp: this.createTokenExpiry(),
|
|
252
|
-
code,
|
|
253
|
-
})
|
|
254
|
-
: undefined;
|
|
255
|
-
return { code, id_token };
|
|
230
|
+
return code;
|
|
256
231
|
}
|
|
257
232
|
catch (err) {
|
|
258
233
|
await this.store.deleteRequest(id);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"request-manager.js","sourceRoot":"","sources":["../../src/request/request-manager.ts"],"names":[],"mappings":";;;AAAA,sDAI6B;AAO7B,kDAIwB;AAExB,6EAAoE;AACpE,mFAA0E;AAC1E,6EAAoE;AACpE,uFAA8E;AAC9E,iFAAwE;AACxE,iEAAgE;AAEhE,iDAAqD;AAErD,uCAA8C;AAC9C,uDAG0B;AAC1B,mDAAmD;AAGnD,qDAIyB;AAEzB,MAAa,cAAc;IAEJ;IACA;IACA;IACA;IACA;IACA;IANrB,YACqB,KAAmB,EACnB,MAAc,EACd,QAA0C,EAC1C,KAAiB,EACjB,eAAe,IAAI,EACnB,cAAc,4BAAa;QAL3B,UAAK,GAAL,KAAK,CAAc;QACnB,WAAM,GAAN,MAAM,CAAQ;QACd,aAAQ,GAAR,QAAQ,CAAkC;QAC1C,UAAK,GAAL,KAAK,CAAY;QACjB,iBAAY,GAAZ,YAAY,CAAO;QACnB,gBAAW,GAAX,WAAW,CAAgB;IAC7C,CAAC;IAEM,iBAAiB;QACzB,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,CAAA;IAChD,CAAC;IAED,KAAK,CAAC,0BAA0B,CAC9B,MAAc,EACd,UAAsB,EACtB,KAAqD,EACrD,QAAyB,EACzB,OAAsB;QAEtB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,CAAC,CAAA;QAC1E,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAA;IAC9D,CAAC;IAES,KAAK,CAAC,MAAM,CACpB,MAAc,EACd,UAAsB,EACtB,UAA0D,EAC1D,WAA4B,IAAI;QAEhC,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,6BAAc,CAAC,CAAA;QACvD,MAAM,EAAE,GAAG,MAAM,IAAA,iCAAiB,GAAE,CAAA;QAEpC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE;YACjC,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,UAAU;YACV,UAAU;YACV,SAAS;YACT,QAAQ;YACR,GAAG,EAAE,IAAI;YACT,IAAI,EAAE,IAAI;SACX,CAAC,CAAA;QAEF,MAAM,GAAG,GAAG,IAAA,iCAAgB,EAAC,EAAE,CAAC,CAAA;QAChC,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,UAAU,EAAE,UAAU,EAAE,CAAA;IACvD,CAAC;IAED,KAAK,CAAC,QAAQ,CACZ,MAAc,EACd,UAAsB,EACtB,UAA0D,EAC1D,OAAsB,EACtB,YAAY,GAAG,IAAI,CAAC,YAAY;QAEhC,+EAA+E;QAC/E,qEAAqE;QACrE,yEAAyE;QACzE,2EAA2E;QAC3E,sEAAsE;QACtE,2EAA2E;QAC3E,sEAAsE;QAEtE,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAA;QAE9C,MAAM,MAAM,GACV,CAAC,UAAU,CAAC,KAAK,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC;YACzC,EAAE,KAAK,CAAC,GAAG,CAAC;aACX,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,EAAE,CAAA;QAE3E,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,UAAU,KAAK,qCAAqC,CACrD,CAAA;YACH,CAAC;QACH,CAAC;QAED,KAAK,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,6BAAiB,CAAC,EAAE,CAAC;YAChE,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;gBAC3B,IACE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,KAAK,CAAC,EAAE,SAAS,KAAK,IAAI;oBACzD,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,KAAK,CAAC,EAAE,SAAS,KAAK,IAAI,EACzD,CAAC;oBACD,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;wBAC7B,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,aAAa,KAAK,oBAAoB,KAAK,SAAS,CACrD,CAAA;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAA;QAEvD,MAAM,aAAa,GAAG,UAAU,CAAC,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAEzD,IAAI,UAAU,CAAC,qBAAqB,EAAE,CAAC;YACrC,MAAM,sBAAsB,GAAG,MAAM,CAAC,QAAQ,CAAC,2BAA2B,CAAA;YAC1E,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBAC5B,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,8DAA8D,CAC/D,CAAA;YACH,CAAC;YAED,KAAK,MAAM,MAAM,IAAI,UAAU,CAAC,qBAAqB,EAAE,CAAC;gBACtD,IAAI,CAAC,sBAAsB,EAAE,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBACnD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,6CAA6C,MAAM,CAAC,IAAI,GAAG,CAC5D,CAAA;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,EAAE,YAAY,EAAE,GAAG,UAAU,CAAA;QACnC,IACE,YAAY;YACZ,CAAC,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAC1C,IAAA,oCAAkB,EAAC,GAAG,EAAE,YAAY,CAAC,CACtC,EACD,CAAC;YACD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,wBAAwB,YAAY,cAAc,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAC7F,CAAA;QACH,CAAC;QAED,2DAA2D;QAC3D,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;YACzB,IAAI,OAAO;gBAAE,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAA;QAChE,CAAC;aAAM,IAAI,UAAU,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YAC3C,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,uCAAuC,CACxC,CAAA;QACH,CAAC;QAED,IAAI,UAAU,CAAC,MAAM,KAAK,8CAAgC,EAAE,CAAC;YAC3D,IAAI,UAAU,CAAC,QAAQ,IAAI,UAAU,CAAC,GAAG,KAAK,UAAU,CAAC,QAAQ,EAAE,CAAC;gBAClE,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,8EAA8E,CAC/E,CAAA;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAC,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;YACvE,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,8BAA8B,UAAU,CAAC,aAAa,GAAG,EACzD,2BAA2B,CAC5B,CAAA;QACH,CAAC;QAED,IAAI,YAAY,IAAI,aAAa,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YACpD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,kBAAkB,UAAU,CAAC,aAAa,6BAA6B,EACvE,2BAA2B,CAC5B,CAAA;QACH,CAAC;QAED,8DAA8D;QAC9D,IAAI,YAAY,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;YAC/C,MAAM,IAAI,oDAAsB,CAAC,UAAU,EAAE,4BAA4B,CAAC,CAAA;QAC5E,CAAC;QAED,IACE,UAAU,CAAC,cAAc;YACzB,UAAU,CAAC,MAAM,KAAK,MAAM;YAC5B,CAAC,UAAU,CAAC,qBAAqB,IAAI,OAAO,CAAC,KAAK,OAAO,EACzD,CAAC;YACD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,4DAA4D,CAC7D,CAAA;QACH,CAAC;QAED,4DAA4D;QAC5D,IAAI,UAAU,CAAC,qBAAqB,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;YACnE,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,+CAA+C,CAChD,CAAA;QACH,CAAC;QAED,0EAA0E;QAC1E,EAAE;QACF,8EAA8E;QAC9E,uEAAuE;QACvE,wEAAwE;QACxE,2EAA2E;QAC3E,4EAA4E;QAC5E,2EAA2E;QAC3E,yEAAyE;QACzE,iCAAiC;QACjC,IAAI,aAAa,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;YAC5D,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,iDAAiD,CAClD,CAAA;QACH,CAAC;QAED,qDAAqD;QAErD,IAAI,UAAU,CAAC,aAAa,IAAI,IAAI,EAAE,CAAC;YACrC,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,aAAa,EAAE;gBACrE,qDAAqD;gBACrD,cAAc,EAAE,QAAQ;aACzB,CAAC,CAAA;YAEF,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;gBACjB,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,sCAAsC,CACvC,CAAA;YACH,CAAC;iBAAM,IAAI,UAAU,CAAC,UAAU,IAAI,IAAI,EAAE,CAAC;gBACzC,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,GAAG,EAAE,CAAA;YACzD,CAAC;iBAAM,IAAI,UAAU,CAAC,UAAU,KAAK,OAAO,CAAC,GAAG,EAAE,CAAC;gBACjD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,kDAAkD,CACnD,CAAA;YACH,CAAC;QACH,CAAC;QAED,0EAA0E;QAC1E,yEAAyE;QACzE,qDAAqD;QACrD,IAAI,UAAU,CAAC,MAAM,KAAK,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YAC9D,IAAI,UAAU,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBACjC,MAAM,IAAI,gDAAoB,CAC5B,UAAU,EACV,sDAAsD,CACvD,CAAA;YACH,CAAC;YAED,2DAA2D;YAC3D,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,CAAA;QACnD,CAAC;QAED,OAAO,UAAU,CAAA;IACnB,CAAC;IAED,KAAK,CAAC,GAAG,CACP,GAAe,EACf,QAAkB,EAClB,QAAkB;QAElB,MAAM,EAAE,GAAG,IAAA,iCAAgB,EAAC,GAAG,CAAC,CAAA;QAEhC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,8CAAmB,CAAC,wBAAwB,GAAG,GAAG,CAAC,CAAA;QAExE,MAAM,OAAO,GAAsB,EAAE,CAAA;QAErC,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1B,wEAAwE;gBACxE,wBAAwB;gBACxB,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,qCAAqC,CACtC,CAAA;YACH,CAAC;YAED,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,IAAI,CAAC,UAAU,EAAE,0BAA0B,CAAC,CAAA;YAC1E,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,SAAS,GAAG,IAAI,IAAI,CAC1B,IAAI,CAAC,GAAG,EAAE,GAAG,+CAAgC,CAC9C,CAAA;YACH,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC/B,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,+CAA+C,CAChD,CAAA;YACH,CAAC;YAED,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACnB,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAA;YAC7B,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACtC,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,gDAAgD,CACjD,CAAA;YACH,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;YAClC,MAAM,GAAG,CAAA;QACX,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE,OAAO,CAAC,CAAA;QAC7C,CAAC;QAED,OAAO;YACL,EAAE;YACF,GAAG;YACH,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS;YAC9C,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;SAC5B,CAAA;IACH,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,MAAc,EACd,GAAe,EACf,QAAkB,EAClB,OAAgB,EAChB,IAAuB;QAEvB,MAAM,EAAE,GAAG,IAAA,iCAAgB,EAAC,GAAG,CAAC,CAAA;QAEhC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,8CAAmB,CAAC,wBAAwB,GAAG,GAAG,CAAC,CAAA;QAExE,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,IAAI,CAAC,UAAU,EAAE,0BAA0B,CAAC,CAAA;YAC1E,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACnB,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,gCAAgC,CACjC,CAAA;YACH,CAAC;YACD,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC/B,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,gDAAgD,CACjD,CAAA;YACH,CAAC;YACD,IAAI,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1B,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,qCAAqC,CACtC,CAAA;YACH,CAAC;YAED,MAAM,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAE7D,IAAI,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBACnC,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,2DAA2D,CAC5D,CAAA;YACH,CAAC;YAED,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACxC,CAAC,CAAC,MAAM,IAAA,sBAAY,GAAE;gBACtB,CAAC,CAAC,SAAS,CAAA;YAEb,wEAAwE;YACxE,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE;gBACjC,GAAG,EAAE,OAAO,CAAC,GAAG;gBAChB,IAAI;gBACJ,gFAAgF;gBAChF,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,+CAAgC,CAAC;aACnE,CAAC,CAAA;YAEF,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC;gBAChD,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,EAAE;oBAC1D,SAAS,EAAE,IAAI,CAAC,eAAe;oBAC/B,GAAG,EAAE,IAAI,CAAC,iBAAiB,EAAE;oBAC7B,IAAI;iBACL,CAAC;gBACJ,CAAC,CAAC,SAAS,CAAA;YAEb,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAA;QAC3B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;YAClC,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAc,EACd,UAAsB,EACtB,IAAU;QAEV,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAA;QACvD,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,0CAAiB,CAAC,cAAc,CAAC,CAAA;QAExD,IAAI,CAAC;YACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,CAAA;YAEvB,IAAI,CAAC,IAAA,yCAAuB,EAAC,IAAI,CAAC,EAAE,CAAC;gBACnC,kEAAkE;gBAClE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAA;YAC7C,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,yCAAyC,CAAC,CAAA;YACxE,CAAC;YAED,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,uBAAuB,CAAC,CAAA;YACtD,CAAC;YAED,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBACtC,mEAAmE;gBACnE,uEAAuE;gBACvE,sEAAsE;gBACtE,wEAAwE;gBACxE,sEAAsE;YACxE,CAAC;iBAAM,CAAC;gBACN,IAAI,UAAU,CAAC,MAAM,KAAK,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;oBACjD,MAAM,IAAI,0CAAiB,CAAC,+BAA+B,CAAC,CAAA;gBAC9D,CAAC;gBAED,IAAI,CAAC,CAAC,MAAM,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;oBACxD,MAAM,IAAI,0CAAiB,CAAC,+BAA+B,CAAC,CAAA;gBAC9D,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAA;QACb,CAAC;gBAAS,CAAC;YACT,iCAAiC;YACjC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;QAC3C,CAAC;IACH,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAe;QAC1B,MAAM,EAAE,GAAG,IAAA,iCAAgB,EAAC,GAAG,CAAC,CAAA;QAChC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;IACpC,CAAC;CACF;AAtbD,wCAsbC"}
|
|
1
|
+
{"version":3,"file":"request-manager.js","sourceRoot":"","sources":["../../src/request/request-manager.ts"],"names":[],"mappings":";;;AAAA,sDAI6B;AAM7B,kDAIwB;AAExB,6EAAoE;AACpE,mFAA0E;AAC1E,6GAAmG;AACnG,6EAAoE;AACpE,uFAA8E;AAC9E,iFAAwE;AACxE,iEAAgE;AAGhE,uCAA8C;AAC9C,uDAG0B;AAC1B,mDAAmD;AAGnD,qDAIyB;AAEzB,MAAa,cAAc;IAEJ;IACA;IACA;IACA;IACA;IALrB,YACqB,KAAmB,EACnB,MAAc,EACd,QAA0C,EAC1C,KAAiB,EACjB,cAAc,4BAAa;QAJ3B,UAAK,GAAL,KAAK,CAAc;QACnB,WAAM,GAAN,MAAM,CAAQ;QACd,aAAQ,GAAR,QAAQ,CAAkC;QAC1C,UAAK,GAAL,KAAK,CAAY;QACjB,gBAAW,GAAX,WAAW,CAAgB;IAC7C,CAAC;IAEM,iBAAiB;QACzB,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,CAAA;IAChD,CAAC;IAED,KAAK,CAAC,0BAA0B,CAC9B,MAAc,EACd,UAAsB,EACtB,KAAqD,EACrD,QAAyB,EACzB,OAAsB;QAEtB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,CAAC,CAAA;QAC1E,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAA;IAC9D,CAAC;IAES,KAAK,CAAC,MAAM,CACpB,MAAc,EACd,UAAsB,EACtB,UAA0D,EAC1D,WAA4B,IAAI;QAEhC,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,6BAAc,CAAC,CAAA;QACvD,MAAM,EAAE,GAAG,MAAM,IAAA,iCAAiB,GAAE,CAAA;QAEpC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE;YACjC,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,UAAU;YACV,UAAU;YACV,SAAS;YACT,QAAQ;YACR,GAAG,EAAE,IAAI;YACT,IAAI,EAAE,IAAI;SACX,CAAC,CAAA;QAEF,MAAM,GAAG,GAAG,IAAA,iCAAgB,EAAC,EAAE,CAAC,CAAA;QAChC,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,UAAU,EAAE,CAAA;IAC5E,CAAC;IAED,KAAK,CAAC,QAAQ,CACZ,MAAc,EACd,UAAsB,EACtB,UAA0D,EAC1D,OAAsB;QAEtB,KAAK,MAAM,CAAC,IAAI;YACd,oCAAoC;YACpC,QAAQ;YACR,eAAe;YACf,OAAO,EAAE,gDAAgD;SACjD,EAAE,CAAC;YACX,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;gBAClB,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,gBAAgB,CAAC,aAAa,CAC/B,CAAA;YACH,CAAC;QACH,CAAC;QAED,IAAI,UAAU,CAAC,aAAa,KAAK,MAAM,EAAE,CAAC;YACxC,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,sCAAsC,CACvC,CAAA;QACH,CAAC;QAED,+EAA+E;QAC/E,qEAAqE;QACrE,yEAAyE;QACzE,2EAA2E;QAC3E,sEAAsE;QACtE,2EAA2E;QAC3E,sEAAsE;QAEtE,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;QACjE,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAA;QAE9C,MAAM,MAAM,GAAG,IAAI,GAAG,CACpB,UAAU,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,OAAO,CACxD,CAAA;QAED,IAAI,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,iCAAiC,CAClC,CAAA;QACH,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,iCAAiC,CAClC,CAAA;QACH,CAAC;QAED,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,6DAA6D;YAC7D,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBACxC,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,UAAU,KAAK,qCAAqC,CACrD,CAAA;YACH,CAAC;YAED,yEAAyE;YACzE,sEAAsE;YACtE,sBAAsB;YACtB,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,UAAU,KAAK,mCAAmC,CACnD,CAAA;YACH,CAAC;QACH,CAAC;QAED,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,KAAK,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,SAAS,EAAE,CAAA;QAEzE,IAAI,UAAU,CAAC,qBAAqB,EAAE,CAAC;YACrC,MAAM,sBAAsB,GAAG,MAAM,CAAC,QAAQ,CAAC,2BAA2B,CAAA;YAC1E,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBAC5B,MAAM,IAAI,yEAAgC,CACxC,UAAU,EACV,8DAA8D,CAC/D,CAAA;YACH,CAAC;YAED,KAAK,MAAM,MAAM,IAAI,UAAU,CAAC,qBAAqB,EAAE,CAAC;gBACtD,IACE,CAAC,IAAI,CAAC,QAAQ,CAAC,qCAAqC,EAAE,QAAQ,CAC5D,MAAM,CAAC,IAAI,CACZ,EACD,CAAC;oBACD,MAAM,IAAI,yEAAgC,CACxC,UAAU,EACV,6CAA6C,MAAM,CAAC,IAAI,GAAG,CAC5D,CAAA;gBACH,CAAC;gBACD,IAAI,CAAC,sBAAsB,EAAE,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBACnD,MAAM,IAAI,yEAAgC,CACxC,UAAU,EACV,yEAAyE,MAAM,CAAC,IAAI,GAAG,CACxF,CAAA;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,EAAE,YAAY,EAAE,GAAG,UAAU,CAAA;QACnC,IACE,YAAY;YACZ,CAAC,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAC1C,IAAA,oCAAkB,EAAC,GAAG,EAAE,YAAY,CAAC,CACtC,EACD,CAAC;YACD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,wBAAwB,YAAY,cAAc,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAC7F,CAAA;QACH,CAAC;QAED,2DAA2D;QAC3D,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;YACzB,IAAI,OAAO;gBAAE,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAA;QAChE,CAAC;aAAM,IAAI,UAAU,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YAC3C,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,uCAAuC,CACxC,CAAA;QACH,CAAC;QAED,IAAI,UAAU,CAAC,MAAM,KAAK,8CAAgC,EAAE,CAAC;YAC3D,IAAI,UAAU,CAAC,QAAQ,IAAI,UAAU,CAAC,GAAG,KAAK,UAAU,CAAC,QAAQ,EAAE,CAAC;gBAClE,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,8EAA8E,CAC/E,CAAA;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAC,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;YACvE,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,8BAA8B,UAAU,CAAC,aAAa,GAAG,EACzD,2BAA2B,CAC5B,CAAA;QACH,CAAC;QAED,8DAA8D;QAC9D,oBAAoB;QACpB,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;YAC/B,MAAM,IAAI,oDAAsB,CAAC,UAAU,EAAE,4BAA4B,CAAC,CAAA;QAC5E,CAAC;QAED,IACE,UAAU,CAAC,cAAc;YACzB,UAAU,CAAC,MAAM,KAAK,MAAM;YAC5B,CAAC,UAAU,CAAC,qBAAqB,IAAI,OAAO,CAAC,KAAK,OAAO,EACzD,CAAC;YACD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,4DAA4D,CAC7D,CAAA;QACH,CAAC;QAED,4DAA4D;QAC5D,IAAI,UAAU,CAAC,qBAAqB,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;YACnE,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,+CAA+C,CAChD,CAAA;QACH,CAAC;QAED,0EAA0E;QAC1E,wEAAwE;QACxE,sEAAsE;QACtE,SAAS;QACT,IACE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS;YACtB,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY;YACzB,UAAU,CAAC,MAAM,KAAK,MAAM,EAC5B,CAAC;YACD,IAAI,UAAU,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBACjC,MAAM,IAAI,gDAAoB,CAC5B,UAAU,EACV,sDAAsD,CACvD,CAAA;YACH,CAAC;YAED,2DAA2D;YAC3D,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,CAAA;QACnD,CAAC;QAED,OAAO,UAAU,CAAA;IACnB,CAAC;IAED,KAAK,CAAC,GAAG,CACP,GAAe,EACf,QAAkB,EAClB,QAAkB;QAElB,MAAM,EAAE,GAAG,IAAA,iCAAgB,EAAC,GAAG,CAAC,CAAA;QAEhC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,8CAAmB,CAAC,wBAAwB,GAAG,GAAG,CAAC,CAAA;QAExE,MAAM,OAAO,GAAsB,EAAE,CAAA;QAErC,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1B,wEAAwE;gBACxE,wBAAwB;gBACxB,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,qCAAqC,CACtC,CAAA;YACH,CAAC;YAED,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,IAAI,CAAC,UAAU,EAAE,0BAA0B,CAAC,CAAA;YAC1E,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,SAAS,GAAG,IAAI,IAAI,CAC1B,IAAI,CAAC,GAAG,EAAE,GAAG,+CAAgC,CAC9C,CAAA;YACH,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC/B,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,+CAA+C,CAChD,CAAA;YACH,CAAC;YAED,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACnB,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAA;YAC7B,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACtC,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,gDAAgD,CACjD,CAAA;YACH,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;YAClC,MAAM,GAAG,CAAA;QACX,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE,OAAO,CAAC,CAAA;QAC7C,CAAC;QAED,OAAO;YACL,EAAE;YACF,GAAG;YACH,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS;YAC9C,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,UAAU,EAAE,IAAI,CAAC,UAAU;SAC5B,CAAA;IACH,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,MAAc,EACd,GAAe,EACf,QAAkB,EAClB,OAAgB;QAEhB,MAAM,EAAE,GAAG,IAAA,iCAAgB,EAAC,GAAG,CAAC,CAAA;QAEhC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,8CAAmB,CAAC,wBAAwB,GAAG,GAAG,CAAC,CAAA;QAExE,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,IAAI,CAAC,UAAU,EAAE,0BAA0B,CAAC,CAAA;YAC1E,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACnB,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,gCAAgC,CACjC,CAAA;YACH,CAAC;YACD,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC/B,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,gDAAgD,CACjD,CAAA;YACH,CAAC;YACD,IAAI,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1B,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,qCAAqC,CACtC,CAAA;YACH,CAAC;YAED,uCAAuC;YACvC,MAAM,IAAI,GAAG,MAAM,IAAA,sBAAY,GAAE,CAAA;YAEjC,wEAAwE;YACxE,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE;gBACjC,GAAG,EAAE,OAAO,CAAC,GAAG;gBAChB,IAAI;gBACJ,gFAAgF;gBAChF,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,+CAAgC,CAAC;aACnE,CAAC,CAAA;YAEF,OAAO,IAAI,CAAA;QACb,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;YAClC,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAc,EACd,UAAsB,EACtB,IAAU;QAEV,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAA;QACvD,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,0CAAiB,CAAC,cAAc,CAAC,CAAA;QAExD,IAAI,CAAC;YACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,CAAA;YAEvB,IAAI,CAAC,IAAA,yCAAuB,EAAC,IAAI,CAAC,EAAE,CAAC;gBACnC,kEAAkE;gBAClE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAA;YAC7C,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,yCAAyC,CAAC,CAAA;YACxE,CAAC;YAED,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,uBAAuB,CAAC,CAAA;YACtD,CAAC;YAED,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBACtC,mEAAmE;gBACnE,uEAAuE;gBACvE,sEAAsE;gBACtE,wEAAwE;gBACxE,sEAAsE;YACxE,CAAC;iBAAM,CAAC;gBACN,IAAI,UAAU,CAAC,MAAM,KAAK,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;oBACjD,MAAM,IAAI,0CAAiB,CAAC,+BAA+B,CAAC,CAAA;gBAC9D,CAAC;gBAED,IAAI,CAAC,CAAC,MAAM,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;oBACxD,MAAM,IAAI,0CAAiB,CAAC,+BAA+B,CAAC,CAAA;gBAC9D,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAA;QACb,CAAC;gBAAS,CAAC;YACT,iCAAiC;YACjC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;QAC3C,CAAC;IACH,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAe;QAC1B,MAAM,EAAE,GAAG,IAAA,iCAAgB,EAAC,GAAG,CAAC,CAAA;QAChC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;IACpC,CAAC;CACF;AA7ZD,wCA6ZC"}
|
package/dist/request/types.d.ts
CHANGED
|
@@ -45,7 +45,7 @@ export declare const pushedAuthorizationRequestSchema: z.ZodIntersection<z.ZodUn
|
|
|
45
45
|
state: z.ZodOptional<z.ZodString>;
|
|
46
46
|
nonce: z.ZodOptional<z.ZodString>;
|
|
47
47
|
dpop_jkt: z.ZodOptional<z.ZodString>;
|
|
48
|
-
response_type: z.ZodEnum<["code", "token", "
|
|
48
|
+
response_type: z.ZodEnum<["code", "token", "none", "code id_token token", "code id_token", "code token", "id_token token", "id_token"]>;
|
|
49
49
|
response_mode: z.ZodOptional<z.ZodEnum<["query", "fragment", "form_post"]>>;
|
|
50
50
|
code_challenge: z.ZodOptional<z.ZodString>;
|
|
51
51
|
code_challenge_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<["S256", "plain"]>>>;
|
|
@@ -94,7 +94,7 @@ export declare const pushedAuthorizationRequestSchema: z.ZodIntersection<z.ZodUn
|
|
|
94
94
|
}>, "many">>;
|
|
95
95
|
}, "strip", z.ZodTypeAny, {
|
|
96
96
|
client_id: string;
|
|
97
|
-
response_type: "none" | "code" | "
|
|
97
|
+
response_type: "none" | "code" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
|
|
98
98
|
scope?: string | undefined;
|
|
99
99
|
redirect_uri?: string | undefined;
|
|
100
100
|
nonce?: string | undefined;
|
|
@@ -104,7 +104,7 @@ export declare const pushedAuthorizationRequestSchema: z.ZodIntersection<z.ZodUn
|
|
|
104
104
|
code_challenge?: string | undefined;
|
|
105
105
|
code_challenge_method?: "S256" | "plain" | undefined;
|
|
106
106
|
max_age?: number | undefined;
|
|
107
|
-
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "
|
|
107
|
+
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "preferred_username" | "email" | "email_verified" | "picture" | "acr" | "auth_time" | "family_name" | "given_name" | "middle_name" | "nickname" | "gender" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "phone_number" | "phone_number_verified" | "address", {
|
|
108
108
|
values?: (string | number | boolean)[] | undefined;
|
|
109
109
|
value?: string | number | boolean | undefined;
|
|
110
110
|
essential?: boolean | undefined;
|
|
@@ -124,7 +124,7 @@ export declare const pushedAuthorizationRequestSchema: z.ZodIntersection<z.ZodUn
|
|
|
124
124
|
}[] | undefined;
|
|
125
125
|
}, {
|
|
126
126
|
client_id: string;
|
|
127
|
-
response_type: "none" | "code" | "
|
|
127
|
+
response_type: "none" | "code" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
|
|
128
128
|
scope?: string | undefined;
|
|
129
129
|
redirect_uri?: string | undefined;
|
|
130
130
|
nonce?: string | undefined;
|
|
@@ -134,7 +134,7 @@ export declare const pushedAuthorizationRequestSchema: z.ZodIntersection<z.ZodUn
|
|
|
134
134
|
code_challenge?: string | undefined;
|
|
135
135
|
code_challenge_method?: "S256" | "plain" | undefined;
|
|
136
136
|
max_age?: number | undefined;
|
|
137
|
-
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "
|
|
137
|
+
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "preferred_username" | "email" | "email_verified" | "picture" | "acr" | "auth_time" | "family_name" | "given_name" | "middle_name" | "nickname" | "gender" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "phone_number" | "phone_number_verified" | "address", {
|
|
138
138
|
values?: (string | number | boolean)[] | undefined;
|
|
139
139
|
value?: string | number | boolean | undefined;
|
|
140
140
|
essential?: boolean | undefined;
|
|
@@ -198,7 +198,7 @@ export declare const authorizationRequestQuerySchema: z.ZodIntersection<z.ZodUni
|
|
|
198
198
|
state: z.ZodOptional<z.ZodString>;
|
|
199
199
|
nonce: z.ZodOptional<z.ZodString>;
|
|
200
200
|
dpop_jkt: z.ZodOptional<z.ZodString>;
|
|
201
|
-
response_type: z.ZodEnum<["code", "token", "
|
|
201
|
+
response_type: z.ZodEnum<["code", "token", "none", "code id_token token", "code id_token", "code token", "id_token token", "id_token"]>;
|
|
202
202
|
response_mode: z.ZodOptional<z.ZodEnum<["query", "fragment", "form_post"]>>;
|
|
203
203
|
code_challenge: z.ZodOptional<z.ZodString>;
|
|
204
204
|
code_challenge_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<["S256", "plain"]>>>;
|
|
@@ -247,7 +247,7 @@ export declare const authorizationRequestQuerySchema: z.ZodIntersection<z.ZodUni
|
|
|
247
247
|
}>, "many">>;
|
|
248
248
|
}, "strip", z.ZodTypeAny, {
|
|
249
249
|
client_id: string;
|
|
250
|
-
response_type: "none" | "code" | "
|
|
250
|
+
response_type: "none" | "code" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
|
|
251
251
|
scope?: string | undefined;
|
|
252
252
|
redirect_uri?: string | undefined;
|
|
253
253
|
nonce?: string | undefined;
|
|
@@ -257,7 +257,7 @@ export declare const authorizationRequestQuerySchema: z.ZodIntersection<z.ZodUni
|
|
|
257
257
|
code_challenge?: string | undefined;
|
|
258
258
|
code_challenge_method?: "S256" | "plain" | undefined;
|
|
259
259
|
max_age?: number | undefined;
|
|
260
|
-
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "
|
|
260
|
+
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "preferred_username" | "email" | "email_verified" | "picture" | "acr" | "auth_time" | "family_name" | "given_name" | "middle_name" | "nickname" | "gender" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "phone_number" | "phone_number_verified" | "address", {
|
|
261
261
|
values?: (string | number | boolean)[] | undefined;
|
|
262
262
|
value?: string | number | boolean | undefined;
|
|
263
263
|
essential?: boolean | undefined;
|
|
@@ -277,7 +277,7 @@ export declare const authorizationRequestQuerySchema: z.ZodIntersection<z.ZodUni
|
|
|
277
277
|
}[] | undefined;
|
|
278
278
|
}, {
|
|
279
279
|
client_id: string;
|
|
280
|
-
response_type: "none" | "code" | "
|
|
280
|
+
response_type: "none" | "code" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
|
|
281
281
|
scope?: string | undefined;
|
|
282
282
|
redirect_uri?: string | undefined;
|
|
283
283
|
nonce?: string | undefined;
|
|
@@ -287,7 +287,7 @@ export declare const authorizationRequestQuerySchema: z.ZodIntersection<z.ZodUni
|
|
|
287
287
|
code_challenge?: string | undefined;
|
|
288
288
|
code_challenge_method?: "S256" | "plain" | undefined;
|
|
289
289
|
max_age?: number | undefined;
|
|
290
|
-
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "
|
|
290
|
+
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "preferred_username" | "email" | "email_verified" | "picture" | "acr" | "auth_time" | "family_name" | "given_name" | "middle_name" | "nickname" | "gender" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "phone_number" | "phone_number_verified" | "address", {
|
|
291
291
|
values?: (string | number | boolean)[] | undefined;
|
|
292
292
|
value?: string | number | boolean | undefined;
|
|
293
293
|
essential?: boolean | undefined;
|