@atproto/oauth-types 0.1.2 → 0.1.4
Sign up to get free protection for your applications and to get access to all the features.
- package/CHANGELOG.md +16 -0
- package/dist/atproto-loopback-client-metadata.d.ts.map +1 -1
- package/dist/atproto-loopback-client-metadata.js +2 -3
- package/dist/atproto-loopback-client-metadata.js.map +1 -1
- package/dist/constants.d.ts +0 -1
- package/dist/constants.d.ts.map +1 -1
- package/dist/constants.js +1 -7
- package/dist/constants.js.map +1 -1
- package/dist/oauth-authentication-request-parameters.d.ts +1 -1
- package/dist/oauth-authentication-request-parameters.d.ts.map +1 -1
- package/dist/oauth-authentication-request-parameters.js +7 -14
- package/dist/oauth-authentication-request-parameters.js.map +1 -1
- package/dist/oauth-authorization-server-metadata.d.ts +0 -60
- package/dist/oauth-authorization-server-metadata.d.ts.map +1 -1
- package/dist/oauth-authorization-server-metadata.js +0 -14
- package/dist/oauth-authorization-server-metadata.js.map +1 -1
- package/dist/oauth-client-metadata.d.ts +0 -18
- package/dist/oauth-client-metadata.d.ts.map +1 -1
- package/dist/oauth-client-metadata.js +0 -6
- package/dist/oauth-client-metadata.js.map +1 -1
- package/dist/oauth-endpoint-name.d.ts +2 -1
- package/dist/oauth-endpoint-name.d.ts.map +1 -1
- package/dist/oauth-endpoint-name.js +7 -0
- package/dist/oauth-endpoint-name.js.map +1 -1
- package/dist/oauth-response-type.js +2 -2
- package/dist/oauth-response-type.js.map +1 -1
- package/dist/oauth-token-response.d.ts +0 -3
- package/dist/oauth-token-response.d.ts.map +1 -1
- package/dist/oauth-token-response.js +0 -1
- package/dist/oauth-token-response.js.map +1 -1
- package/package.json +1 -1
- package/src/atproto-loopback-client-metadata.ts +2 -3
- package/src/constants.ts +0 -7
- package/src/oauth-authentication-request-parameters.ts +7 -15
- package/src/oauth-authorization-server-metadata.ts +0 -16
- package/src/oauth-client-metadata.ts +0 -7
- package/src/oauth-endpoint-name.ts +8 -5
- package/src/oauth-response-type.ts +2 -2
- package/src/oauth-token-response.ts +0 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,21 @@
|
|
|
1
1
|
# @atproto/oauth-types
|
|
2
2
|
|
|
3
|
+
## 0.1.4
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- [#2734](https://github.com/bluesky-social/atproto/pull/2734) [`dee817b6e`](https://github.com/bluesky-social/atproto/commit/dee817b6e0fc02351d51ce310b5e65239b7c5ed7) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Validate scopes characters according to OAuth 2.1 spec
|
|
8
|
+
|
|
9
|
+
- [#2734](https://github.com/bluesky-social/atproto/pull/2734) [`dee817b6e`](https://github.com/bluesky-social/atproto/commit/dee817b6e0fc02351d51ce310b5e65239b7c5ed7) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Re-use code definition of oauthResponseTypeSchema
|
|
10
|
+
|
|
11
|
+
- [#2734](https://github.com/bluesky-social/atproto/pull/2734) [`dee817b6e`](https://github.com/bluesky-social/atproto/commit/dee817b6e0fc02351d51ce310b5e65239b7c5ed7) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Remove non-standard "sub" from OAuthTokenResponse
|
|
12
|
+
|
|
13
|
+
## 0.1.3
|
|
14
|
+
|
|
15
|
+
### Patch Changes
|
|
16
|
+
|
|
17
|
+
- [#2729](https://github.com/bluesky-social/atproto/pull/2729) [`35a126429`](https://github.com/bluesky-social/atproto/commit/35a1264297bc22acaa6e5ed3f4aed8c351be8bbb) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Avoid code duplication in the definition of OAuthEndpointName
|
|
18
|
+
|
|
3
19
|
## 0.1.2
|
|
4
20
|
|
|
5
21
|
### Patch Changes
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"atproto-loopback-client-metadata.d.ts","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAA;AAGrE,wBAAgB,6BAA6B,CAC3C,QAAQ,EAAE,MAAM,GACf,wBAAwB,
|
|
1
|
+
{"version":3,"file":"atproto-loopback-client-metadata.d.ts","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAA;AAGrE,wBAAgB,6BAA6B,CAC3C,QAAQ,EAAE,MAAM,GACf,wBAAwB,CA6B1B"}
|
|
@@ -17,9 +17,8 @@ function atprotoLoopbackClientMetadata(clientId) {
|
|
|
17
17
|
return {
|
|
18
18
|
client_id: clientId,
|
|
19
19
|
client_name: 'Loopback client',
|
|
20
|
-
response_types: ['code
|
|
21
|
-
grant_types: ['authorization_code', '
|
|
22
|
-
scope: 'openid profile offline_access',
|
|
20
|
+
response_types: ['code'],
|
|
21
|
+
grant_types: ['authorization_code', 'refresh_token'],
|
|
23
22
|
redirect_uris: (redirectUris.length
|
|
24
23
|
? redirectUris
|
|
25
24
|
: ['127.0.0.1', '[::1]'].map((ip) => Object.assign(new URL(pathname, origin), { hostname: ip }).href)),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"atproto-loopback-client-metadata.js","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":";;;AAAA,+EAAuE;AAEvE,qEAAgE;AAEhE,SAAgB,6BAA6B,CAC3C,QAAgB;IAEhB,IAAI,CAAC,IAAA,qDAAuB,EAAC,QAAQ,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,SAAS,CAAC,8BAA8B,QAAQ,EAAE,CAAC,CAAA;IAC/D,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,IAAA,8CAAqB,EAAC,QAAQ,CAAC,CAAA;IAE1E,KAAK,MAAM,IAAI,IAAI,YAAY,CAAC,IAAI,EAAE,EAAE,CAAC;QACvC,IAAI,IAAI,KAAK,cAAc,EAAE,CAAC;YAC5B,MAAM,IAAI,SAAS,CAAC,2BAA2B,IAAI,eAAe,CAAC,CAAA;QACrE,CAAC;IACH,CAAC;IACD,MAAM,YAAY,GAAG,YAAY,CAAC,MAAM,CAAC,cAAc,CAAC,CAAA;IAExD,OAAO;QACL,SAAS,EAAE,QAAQ;QACnB,WAAW,EAAE,iBAAiB;QAC9B,cAAc,EAAE,CAAC,
|
|
1
|
+
{"version":3,"file":"atproto-loopback-client-metadata.js","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":";;;AAAA,+EAAuE;AAEvE,qEAAgE;AAEhE,SAAgB,6BAA6B,CAC3C,QAAgB;IAEhB,IAAI,CAAC,IAAA,qDAAuB,EAAC,QAAQ,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,SAAS,CAAC,8BAA8B,QAAQ,EAAE,CAAC,CAAA;IAC/D,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,IAAA,8CAAqB,EAAC,QAAQ,CAAC,CAAA;IAE1E,KAAK,MAAM,IAAI,IAAI,YAAY,CAAC,IAAI,EAAE,EAAE,CAAC;QACvC,IAAI,IAAI,KAAK,cAAc,EAAE,CAAC;YAC5B,MAAM,IAAI,SAAS,CAAC,2BAA2B,IAAI,eAAe,CAAC,CAAA;QACrE,CAAC;IACH,CAAC;IACD,MAAM,YAAY,GAAG,YAAY,CAAC,MAAM,CAAC,cAAc,CAAC,CAAA;IAExD,OAAO;QACL,SAAS,EAAE,QAAQ;QACnB,WAAW,EAAE,iBAAiB;QAC9B,cAAc,EAAE,CAAC,MAAM,CAAC;QACxB,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QACpD,aAAa,EAAE,CAAC,YAAY,CAAC,MAAM;YACjC,CAAC,CAAC,YAAY;YACd,CAAC,CAAE,CAAC,WAAW,EAAE,OAAO,CAAW,CAAC,GAAG,CACnC,CAAC,EAAE,EAAE,EAAE,CACL,MAAM,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC,IAAI,CAClE,CAA0B;QAC/B,0BAA0B,EAAE,MAAM;QAClC,gBAAgB,EAAE,QAAQ;QAC1B,wBAAwB,EAAE,IAAI;KAC/B,CAAA;AACH,CAAC;AA/BD,sEA+BC"}
|
package/dist/constants.d.ts
CHANGED
|
@@ -5,5 +5,4 @@
|
|
|
5
5
|
*/
|
|
6
6
|
export declare const ALLOW_UNSECURE_ORIGINS: boolean;
|
|
7
7
|
export declare const CLIENT_ASSERTION_TYPE_JWT_BEARER = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer";
|
|
8
|
-
export declare const OAUTH_AUTHENTICATED_ENDPOINT_NAMES: readonly ["token", "revocation", "introspection", "pushed_authorization_request"];
|
|
9
8
|
//# sourceMappingURL=constants.d.ts.map
|
package/dist/constants.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,eAAO,MAAM,sBAAsB,SAS/B,CAAA;AAEJ,eAAO,MAAM,gCAAgC,2DACa,CAAA
|
|
1
|
+
{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,eAAO,MAAM,sBAAsB,SAS/B,CAAA;AAEJ,eAAO,MAAM,gCAAgC,2DACa,CAAA"}
|
package/dist/constants.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.CLIENT_ASSERTION_TYPE_JWT_BEARER = exports.ALLOW_UNSECURE_ORIGINS = void 0;
|
|
4
4
|
/**
|
|
5
5
|
* A variable that allows to determine if unsecure origins should be allowed
|
|
6
6
|
* in OAuth related URI's. This variable is only set to `true` when NODE_ENV
|
|
@@ -18,10 +18,4 @@ exports.ALLOW_UNSECURE_ORIGINS = (() => {
|
|
|
18
18
|
}
|
|
19
19
|
})();
|
|
20
20
|
exports.CLIENT_ASSERTION_TYPE_JWT_BEARER = 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer';
|
|
21
|
-
exports.OAUTH_AUTHENTICATED_ENDPOINT_NAMES = [
|
|
22
|
-
'token',
|
|
23
|
-
'revocation',
|
|
24
|
-
'introspection',
|
|
25
|
-
'pushed_authorization_request',
|
|
26
|
-
];
|
|
27
21
|
//# sourceMappingURL=constants.js.map
|
package/dist/constants.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":";;;AAAA;;;;GAIG;AACU,QAAA,sBAAsB,GAAG,CAAC,GAAG,EAAE;IAC1C,2EAA2E;IAC3E,4BAA4B;IAC5B,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAA;QAChC,OAAO,GAAG,KAAK,aAAa,IAAI,GAAG,KAAK,MAAM,CAAA;IAChD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC,CAAC,EAAE,CAAA;AAES,QAAA,gCAAgC,GAC3C,wDAAwD,CAAA
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":";;;AAAA;;;;GAIG;AACU,QAAA,sBAAsB,GAAG,CAAC,GAAG,EAAE;IAC1C,2EAA2E;IAC3E,4BAA4B;IAC5B,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAA;QAChC,OAAO,GAAG,KAAK,aAAa,IAAI,GAAG,KAAK,MAAM,CAAA;IAChD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC,CAAC,EAAE,CAAA;AAES,QAAA,gCAAgC,GAC3C,wDAAwD,CAAA"}
|
|
@@ -7,7 +7,7 @@ export declare const oauthAuthenticationRequestParametersSchema: z.ZodObject<{
|
|
|
7
7
|
state: z.ZodOptional<z.ZodString>;
|
|
8
8
|
nonce: z.ZodOptional<z.ZodString>;
|
|
9
9
|
dpop_jkt: z.ZodOptional<z.ZodString>;
|
|
10
|
-
response_type: z.ZodEnum<["code", "token", "
|
|
10
|
+
response_type: z.ZodEnum<["code", "token", "none", "code id_token token", "code id_token", "code token", "id_token token", "id_token"]>;
|
|
11
11
|
response_mode: z.ZodOptional<z.ZodEnum<["query", "fragment", "form_post"]>>;
|
|
12
12
|
code_challenge: z.ZodOptional<z.ZodString>;
|
|
13
13
|
code_challenge_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<["S256", "plain"]>>>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-authentication-request-parameters.d.ts","sourceRoot":"","sources":["../src/oauth-authentication-request-parameters.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;
|
|
1
|
+
{"version":3,"file":"oauth-authentication-request-parameters.d.ts","sourceRoot":"","sources":["../src/oauth-authentication-request-parameters.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AASvB;;GAEG;AACH,eAAO,MAAM,0CAA0C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAiErD;;;;;OAKG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAKH,CAAA;AAEF;;GAEG;AACH,MAAM,MAAM,oCAAoC,GAAG,CAAC,CAAC,KAAK,CACxD,OAAO,0CAA0C,CAClD,CAAA"}
|
|
@@ -5,6 +5,7 @@ const jwk_1 = require("@atproto/jwk");
|
|
|
5
5
|
const zod_1 = require("zod");
|
|
6
6
|
const oauth_authorization_details_js_1 = require("./oauth-authorization-details.js");
|
|
7
7
|
const oauth_client_id_js_1 = require("./oauth-client-id.js");
|
|
8
|
+
const oauth_response_type_js_1 = require("./oauth-response-type.js");
|
|
8
9
|
const oidc_claims_parameter_js_1 = require("./oidc-claims-parameter.js");
|
|
9
10
|
const oidc_claims_properties_js_1 = require("./oidc-claims-properties.js");
|
|
10
11
|
const oidc_entity_type_js_1 = require("./oidc-entity-type.js");
|
|
@@ -16,28 +17,20 @@ exports.oauthAuthenticationRequestParametersSchema = zod_1.z.object({
|
|
|
16
17
|
state: zod_1.z.string().optional(),
|
|
17
18
|
nonce: zod_1.z.string().optional(),
|
|
18
19
|
dpop_jkt: zod_1.z.string().optional(),
|
|
19
|
-
response_type:
|
|
20
|
-
// OAuth2 (https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-10#section-4.1.1)
|
|
21
|
-
'code',
|
|
22
|
-
'token',
|
|
23
|
-
// OIDC (https://openid.net/specs/oauth-v2-multiple-response-types-1_0.html)
|
|
24
|
-
'id_token',
|
|
25
|
-
'none',
|
|
26
|
-
'code token',
|
|
27
|
-
'code id_token',
|
|
28
|
-
'id_token token',
|
|
29
|
-
'code id_token token',
|
|
30
|
-
]),
|
|
20
|
+
response_type: oauth_response_type_js_1.oauthResponseTypeSchema,
|
|
31
21
|
// Default depend on response_type
|
|
32
22
|
response_mode: zod_1.z.enum(['query', 'fragment', 'form_post']).optional(),
|
|
33
23
|
// PKCE
|
|
34
24
|
code_challenge: zod_1.z.string().optional(),
|
|
35
25
|
code_challenge_method: zod_1.z.enum(['S256', 'plain']).default('S256').optional(),
|
|
36
26
|
redirect_uri: zod_1.z.string().url().optional(),
|
|
37
|
-
//
|
|
27
|
+
// https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-11#section-1.4.1
|
|
28
|
+
// scope = scope-token *( SP scope-token )
|
|
29
|
+
// scope-token = 1*( %x21 / %x23-5B / %x5D-7E )
|
|
30
|
+
// = Basically most ASCII characters except backslash and double quote
|
|
38
31
|
scope: zod_1.z
|
|
39
32
|
.string()
|
|
40
|
-
.regex(/^[
|
|
33
|
+
.regex(/^[!\x23-\x5B\x5D-\x7E]+( [!\x23-\x5B\x5D-\x7E]+)*$/)
|
|
41
34
|
.optional(),
|
|
42
35
|
// OIDC
|
|
43
36
|
// Specifies the allowable elapsed time in seconds since the last time the
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-authentication-request-parameters.js","sourceRoot":"","sources":["../src/oauth-authentication-request-parameters.ts"],"names":[],"mappings":";;;AAAA,sCAA8C;AAC9C,6BAAuB;AAEvB,qFAAkF;AAClF,6DAA0D;AAC1D,yEAAsE;AACtE,2EAAwE;AACxE,+DAA4D;AAE5D;;GAEG;AACU,QAAA,0CAA0C,GAAG,OAAC,CAAC,MAAM,CAAC;IACjE,SAAS,EAAE,wCAAmB;IAE9B,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAE/B,aAAa,EAAE,
|
|
1
|
+
{"version":3,"file":"oauth-authentication-request-parameters.js","sourceRoot":"","sources":["../src/oauth-authentication-request-parameters.ts"],"names":[],"mappings":";;;AAAA,sCAA8C;AAC9C,6BAAuB;AAEvB,qFAAkF;AAClF,6DAA0D;AAC1D,qEAAkE;AAClE,yEAAsE;AACtE,2EAAwE;AACxE,+DAA4D;AAE5D;;GAEG;AACU,QAAA,0CAA0C,GAAG,OAAC,CAAC,MAAM,CAAC;IACjE,SAAS,EAAE,wCAAmB;IAE9B,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAE/B,aAAa,EAAE,gDAAuB;IAEtC,kCAAkC;IAClC,aAAa,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC,QAAQ,EAAE;IAEpE,OAAO;IACP,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACrC,qBAAqB,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE;IAE3E,YAAY,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAEzC,+EAA+E;IAC/E,gDAAgD;IAChD,+CAA+C;IAC/C,sEAAsE;IACtE,KAAK,EAAE,OAAC;SACL,MAAM,EAAE;SACR,KAAK,CAAC,oDAAoD,CAAC;SAC3D,QAAQ,EAAE;IAEb,OAAO;IAEP,0EAA0E;IAC1E,wEAAwE;IACxE,2EAA2E;IAC3E,6EAA6E;IAC7E,4EAA4E;IAC5E,yEAAyE;IACzE,2CAA2C;IAC3C,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAE3C,MAAM,EAAE,OAAC;SACN,MAAM,CACL,0CAAoB,EACpB,OAAC,CAAC,MAAM,CACN,oDAAyB,EACzB,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,sDAA0B,CAAC,CAAC,CACvD,CACF;SACA,QAAQ,EAAE;IAEb,8EAA8E;IAC9E,uCAAuC;IACvC,iDAAiD;IAEjD,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAExC,UAAU,EAAE,OAAC;SACV,MAAM,EAAE;SACR,KAAK,CAAC,gDAAgD,CAAC,CAAC,cAAc;SACtE,QAAQ,EAAE;IAEb,iEAAiE;IACjE,aAAa,EAAE,qBAAe,CAAC,QAAQ,EAAE;IAEzC,oCAAoC;IACpC,OAAO,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE;IAEtD;;;;;OAKG;IACH,MAAM,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,gBAAgB,CAAC,CAAC,CAAC,QAAQ,EAAE;IAEzE,gDAAgD;IAChD,qBAAqB,EAAE,gEAA+B,CAAC,QAAQ,EAAE;CAClE,CAAC,CAAA"}
|
|
@@ -30,14 +30,8 @@ export declare const oauthAuthorizationServerMetadataSchema: z.ZodObject<{
|
|
|
30
30
|
token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
31
31
|
token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
32
32
|
revocation_endpoint: z.ZodOptional<z.ZodString>;
|
|
33
|
-
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
34
|
-
revocation_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
35
33
|
introspection_endpoint: z.ZodOptional<z.ZodString>;
|
|
36
|
-
introspection_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
37
|
-
introspection_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
38
34
|
pushed_authorization_request_endpoint: z.ZodOptional<z.ZodString>;
|
|
39
|
-
pushed_authorization_request_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
40
|
-
pushed_authorization_request_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
41
35
|
require_pushed_authorization_requests: z.ZodOptional<z.ZodBoolean>;
|
|
42
36
|
userinfo_endpoint: z.ZodOptional<z.ZodString>;
|
|
43
37
|
end_session_endpoint: z.ZodOptional<z.ZodString>;
|
|
@@ -73,14 +67,8 @@ export declare const oauthAuthorizationServerMetadataSchema: z.ZodObject<{
|
|
|
73
67
|
token_endpoint_auth_methods_supported?: string[] | undefined;
|
|
74
68
|
token_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
75
69
|
revocation_endpoint?: string | undefined;
|
|
76
|
-
revocation_endpoint_auth_methods_supported?: string[] | undefined;
|
|
77
|
-
revocation_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
78
70
|
introspection_endpoint?: string | undefined;
|
|
79
|
-
introspection_endpoint_auth_methods_supported?: string[] | undefined;
|
|
80
|
-
introspection_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
81
71
|
pushed_authorization_request_endpoint?: string | undefined;
|
|
82
|
-
pushed_authorization_request_endpoint_auth_methods_supported?: string[] | undefined;
|
|
83
|
-
pushed_authorization_request_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
84
72
|
require_pushed_authorization_requests?: boolean | undefined;
|
|
85
73
|
userinfo_endpoint?: string | undefined;
|
|
86
74
|
end_session_endpoint?: string | undefined;
|
|
@@ -116,14 +104,8 @@ export declare const oauthAuthorizationServerMetadataSchema: z.ZodObject<{
|
|
|
116
104
|
token_endpoint_auth_methods_supported?: string[] | undefined;
|
|
117
105
|
token_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
118
106
|
revocation_endpoint?: string | undefined;
|
|
119
|
-
revocation_endpoint_auth_methods_supported?: string[] | undefined;
|
|
120
|
-
revocation_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
121
107
|
introspection_endpoint?: string | undefined;
|
|
122
|
-
introspection_endpoint_auth_methods_supported?: string[] | undefined;
|
|
123
|
-
introspection_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
124
108
|
pushed_authorization_request_endpoint?: string | undefined;
|
|
125
|
-
pushed_authorization_request_endpoint_auth_methods_supported?: string[] | undefined;
|
|
126
|
-
pushed_authorization_request_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
127
109
|
require_pushed_authorization_requests?: boolean | undefined;
|
|
128
110
|
userinfo_endpoint?: string | undefined;
|
|
129
111
|
end_session_endpoint?: string | undefined;
|
|
@@ -161,14 +143,8 @@ export declare const oauthAuthorizationServerMetadataValidator: z.ZodEffects<z.Z
|
|
|
161
143
|
token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
162
144
|
token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
163
145
|
revocation_endpoint: z.ZodOptional<z.ZodString>;
|
|
164
|
-
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
165
|
-
revocation_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
166
146
|
introspection_endpoint: z.ZodOptional<z.ZodString>;
|
|
167
|
-
introspection_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
168
|
-
introspection_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
169
147
|
pushed_authorization_request_endpoint: z.ZodOptional<z.ZodString>;
|
|
170
|
-
pushed_authorization_request_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
171
|
-
pushed_authorization_request_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
172
148
|
require_pushed_authorization_requests: z.ZodOptional<z.ZodBoolean>;
|
|
173
149
|
userinfo_endpoint: z.ZodOptional<z.ZodString>;
|
|
174
150
|
end_session_endpoint: z.ZodOptional<z.ZodString>;
|
|
@@ -204,14 +180,8 @@ export declare const oauthAuthorizationServerMetadataValidator: z.ZodEffects<z.Z
|
|
|
204
180
|
token_endpoint_auth_methods_supported?: string[] | undefined;
|
|
205
181
|
token_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
206
182
|
revocation_endpoint?: string | undefined;
|
|
207
|
-
revocation_endpoint_auth_methods_supported?: string[] | undefined;
|
|
208
|
-
revocation_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
209
183
|
introspection_endpoint?: string | undefined;
|
|
210
|
-
introspection_endpoint_auth_methods_supported?: string[] | undefined;
|
|
211
|
-
introspection_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
212
184
|
pushed_authorization_request_endpoint?: string | undefined;
|
|
213
|
-
pushed_authorization_request_endpoint_auth_methods_supported?: string[] | undefined;
|
|
214
|
-
pushed_authorization_request_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
215
185
|
require_pushed_authorization_requests?: boolean | undefined;
|
|
216
186
|
userinfo_endpoint?: string | undefined;
|
|
217
187
|
end_session_endpoint?: string | undefined;
|
|
@@ -247,14 +217,8 @@ export declare const oauthAuthorizationServerMetadataValidator: z.ZodEffects<z.Z
|
|
|
247
217
|
token_endpoint_auth_methods_supported?: string[] | undefined;
|
|
248
218
|
token_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
249
219
|
revocation_endpoint?: string | undefined;
|
|
250
|
-
revocation_endpoint_auth_methods_supported?: string[] | undefined;
|
|
251
|
-
revocation_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
252
220
|
introspection_endpoint?: string | undefined;
|
|
253
|
-
introspection_endpoint_auth_methods_supported?: string[] | undefined;
|
|
254
|
-
introspection_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
255
221
|
pushed_authorization_request_endpoint?: string | undefined;
|
|
256
|
-
pushed_authorization_request_endpoint_auth_methods_supported?: string[] | undefined;
|
|
257
|
-
pushed_authorization_request_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
258
222
|
require_pushed_authorization_requests?: boolean | undefined;
|
|
259
223
|
userinfo_endpoint?: string | undefined;
|
|
260
224
|
end_session_endpoint?: string | undefined;
|
|
@@ -290,14 +254,8 @@ export declare const oauthAuthorizationServerMetadataValidator: z.ZodEffects<z.Z
|
|
|
290
254
|
token_endpoint_auth_methods_supported?: string[] | undefined;
|
|
291
255
|
token_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
292
256
|
revocation_endpoint?: string | undefined;
|
|
293
|
-
revocation_endpoint_auth_methods_supported?: string[] | undefined;
|
|
294
|
-
revocation_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
295
257
|
introspection_endpoint?: string | undefined;
|
|
296
|
-
introspection_endpoint_auth_methods_supported?: string[] | undefined;
|
|
297
|
-
introspection_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
298
258
|
pushed_authorization_request_endpoint?: string | undefined;
|
|
299
|
-
pushed_authorization_request_endpoint_auth_methods_supported?: string[] | undefined;
|
|
300
|
-
pushed_authorization_request_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
301
259
|
require_pushed_authorization_requests?: boolean | undefined;
|
|
302
260
|
userinfo_endpoint?: string | undefined;
|
|
303
261
|
end_session_endpoint?: string | undefined;
|
|
@@ -333,14 +291,8 @@ export declare const oauthAuthorizationServerMetadataValidator: z.ZodEffects<z.Z
|
|
|
333
291
|
token_endpoint_auth_methods_supported?: string[] | undefined;
|
|
334
292
|
token_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
335
293
|
revocation_endpoint?: string | undefined;
|
|
336
|
-
revocation_endpoint_auth_methods_supported?: string[] | undefined;
|
|
337
|
-
revocation_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
338
294
|
introspection_endpoint?: string | undefined;
|
|
339
|
-
introspection_endpoint_auth_methods_supported?: string[] | undefined;
|
|
340
|
-
introspection_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
341
295
|
pushed_authorization_request_endpoint?: string | undefined;
|
|
342
|
-
pushed_authorization_request_endpoint_auth_methods_supported?: string[] | undefined;
|
|
343
|
-
pushed_authorization_request_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
344
296
|
require_pushed_authorization_requests?: boolean | undefined;
|
|
345
297
|
userinfo_endpoint?: string | undefined;
|
|
346
298
|
end_session_endpoint?: string | undefined;
|
|
@@ -376,14 +328,8 @@ export declare const oauthAuthorizationServerMetadataValidator: z.ZodEffects<z.Z
|
|
|
376
328
|
token_endpoint_auth_methods_supported?: string[] | undefined;
|
|
377
329
|
token_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
378
330
|
revocation_endpoint?: string | undefined;
|
|
379
|
-
revocation_endpoint_auth_methods_supported?: string[] | undefined;
|
|
380
|
-
revocation_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
381
331
|
introspection_endpoint?: string | undefined;
|
|
382
|
-
introspection_endpoint_auth_methods_supported?: string[] | undefined;
|
|
383
|
-
introspection_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
384
332
|
pushed_authorization_request_endpoint?: string | undefined;
|
|
385
|
-
pushed_authorization_request_endpoint_auth_methods_supported?: string[] | undefined;
|
|
386
|
-
pushed_authorization_request_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
387
333
|
require_pushed_authorization_requests?: boolean | undefined;
|
|
388
334
|
userinfo_endpoint?: string | undefined;
|
|
389
335
|
end_session_endpoint?: string | undefined;
|
|
@@ -419,14 +365,8 @@ export declare const oauthAuthorizationServerMetadataValidator: z.ZodEffects<z.Z
|
|
|
419
365
|
token_endpoint_auth_methods_supported?: string[] | undefined;
|
|
420
366
|
token_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
421
367
|
revocation_endpoint?: string | undefined;
|
|
422
|
-
revocation_endpoint_auth_methods_supported?: string[] | undefined;
|
|
423
|
-
revocation_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
424
368
|
introspection_endpoint?: string | undefined;
|
|
425
|
-
introspection_endpoint_auth_methods_supported?: string[] | undefined;
|
|
426
|
-
introspection_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
427
369
|
pushed_authorization_request_endpoint?: string | undefined;
|
|
428
|
-
pushed_authorization_request_endpoint_auth_methods_supported?: string[] | undefined;
|
|
429
|
-
pushed_authorization_request_endpoint_auth_signing_alg_values_supported?: string[] | undefined;
|
|
430
370
|
require_pushed_authorization_requests?: boolean | undefined;
|
|
431
371
|
userinfo_endpoint?: string | undefined;
|
|
432
372
|
end_session_endpoint?: string | undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-authorization-server-metadata.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-server-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAIvB;;GAEG;AACH,eAAO,MAAM,sCAAsC
|
|
1
|
+
{"version":3,"file":"oauth-authorization-server-metadata.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-server-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAIvB;;GAEG;AACH,eAAO,MAAM,sCAAsC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAwDjD,CAAA;AAEF,MAAM,MAAM,gCAAgC,GAAG,CAAC,CAAC,KAAK,CACpD,OAAO,sCAAsC,CAC9C,CAAA;AAED,eAAO,MAAM,yCAAyC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAuBhD,CAAA"}
|
|
@@ -40,22 +40,8 @@ exports.oauthAuthorizationServerMetadataSchema = zod_1.z.object({
|
|
|
40
40
|
.array(zod_1.z.string())
|
|
41
41
|
.optional(),
|
|
42
42
|
revocation_endpoint: zod_1.z.string().url().optional(),
|
|
43
|
-
revocation_endpoint_auth_methods_supported: zod_1.z.array(zod_1.z.string()).optional(),
|
|
44
|
-
revocation_endpoint_auth_signing_alg_values_supported: zod_1.z
|
|
45
|
-
.array(zod_1.z.string())
|
|
46
|
-
.optional(),
|
|
47
43
|
introspection_endpoint: zod_1.z.string().url().optional(),
|
|
48
|
-
introspection_endpoint_auth_methods_supported: zod_1.z.array(zod_1.z.string()).optional(),
|
|
49
|
-
introspection_endpoint_auth_signing_alg_values_supported: zod_1.z
|
|
50
|
-
.array(zod_1.z.string())
|
|
51
|
-
.optional(),
|
|
52
44
|
pushed_authorization_request_endpoint: zod_1.z.string().url().optional(),
|
|
53
|
-
pushed_authorization_request_endpoint_auth_methods_supported: zod_1.z
|
|
54
|
-
.array(zod_1.z.string())
|
|
55
|
-
.optional(),
|
|
56
|
-
pushed_authorization_request_endpoint_auth_signing_alg_values_supported: zod_1.z
|
|
57
|
-
.array(zod_1.z.string())
|
|
58
|
-
.optional(),
|
|
59
45
|
require_pushed_authorization_requests: zod_1.z.boolean().optional(),
|
|
60
46
|
userinfo_endpoint: zod_1.z.string().url().optional(),
|
|
61
47
|
end_session_endpoint: zod_1.z.string().url().optional(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-authorization-server-metadata.js","sourceRoot":"","sources":["../src/oauth-authorization-server-metadata.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEvB,6EAA0E;AAE1E;;GAEG;AACU,QAAA,sCAAsC,GAAG,OAAC,CAAC,MAAM,CAAC;IAC7D,MAAM,EAAE,wDAA2B;IAEnC,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAChD,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,0BAA0B,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAClD,2BAA2B,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACnD,+BAA+B,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACvD,gCAAgC,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACxD,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAChD,uBAAuB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACvD,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,qBAAqB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACrD,gCAAgC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACvE,oBAAoB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACpD,qCAAqC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACrE,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,2CAA2C,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC3E,8CAA8C,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACtE,qCAAqC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACrE,8CAA8C,EAAE,OAAC;SAC9C,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;SACjB,QAAQ,EAAE;IACb,8CAA8C,EAAE,OAAC;SAC9C,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;SACjB,QAAQ,EAAE;IAEb,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAErC,sBAAsB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,eAAe;IAEzD,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,eAAe;IACjD,qCAAqC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACrE,gDAAgD,EAAE,OAAC;SAChD,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;SACjB,QAAQ,EAAE;IAEb,mBAAmB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAChD,
|
|
1
|
+
{"version":3,"file":"oauth-authorization-server-metadata.js","sourceRoot":"","sources":["../src/oauth-authorization-server-metadata.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEvB,6EAA0E;AAE1E;;GAEG;AACU,QAAA,sCAAsC,GAAG,OAAC,CAAC,MAAM,CAAC;IAC7D,MAAM,EAAE,wDAA2B;IAEnC,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAChD,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,0BAA0B,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAClD,2BAA2B,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACnD,+BAA+B,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACvD,gCAAgC,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACxD,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAChD,uBAAuB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACvD,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,qBAAqB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACrD,gCAAgC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACvE,oBAAoB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACpD,qCAAqC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACrE,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,2CAA2C,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC3E,8CAA8C,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACtE,qCAAqC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACrE,8CAA8C,EAAE,OAAC;SAC9C,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;SACjB,QAAQ,EAAE;IACb,8CAA8C,EAAE,OAAC;SAC9C,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;SACjB,QAAQ,EAAE;IAEb,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAErC,sBAAsB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,eAAe;IAEzD,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,eAAe;IACjD,qCAAqC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACrE,gDAAgD,EAAE,OAAC;SAChD,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;SACjB,QAAQ,EAAE;IAEb,mBAAmB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAChD,sBAAsB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACnD,qCAAqC,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAElE,qCAAqC,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAE7D,iBAAiB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAC9C,oBAAoB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACjD,qBAAqB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAElD,4DAA4D;IAC5D,iCAAiC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAEjE,wFAAwF;IACxF,mBAAmB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,QAAQ,EAAE;IAEzD,kIAAkI;IAClI,qCAAqC,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;CAC9D,CAAC,CAAA;AAMW,QAAA,yCAAyC,GACpD,8CAAsC;KACnC,WAAW,CAAC,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;IACzB,IACE,IAAI,CAAC,qCAAqC;QAC1C,CAAC,IAAI,CAAC,qCAAqC,EAC3C,CAAC;QACD,GAAG,CAAC,QAAQ,CAAC;YACX,IAAI,EAAE,OAAC,CAAC,YAAY,CAAC,MAAM;YAC3B,OAAO,EACL,uGAAuG;SAC1G,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAC;KACD,WAAW,CAAC,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;IACzB,IAAI,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAClC,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACpD,GAAG,CAAC,QAAQ,CAAC;gBACX,IAAI,EAAE,OAAC,CAAC,YAAY,CAAC,MAAM;gBAC3B,OAAO,EAAE,kCAAkC;aAC5C,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAA"}
|
|
@@ -6,12 +6,6 @@ export declare const oauthClientMetadataSchema: z.ZodObject<{
|
|
|
6
6
|
scope: z.ZodOptional<z.ZodString>;
|
|
7
7
|
token_endpoint_auth_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<["client_secret_basic", "client_secret_jwt", "client_secret_post", "none", "private_key_jwt", "self_signed_tls_client_auth", "tls_client_auth"]>>>;
|
|
8
8
|
token_endpoint_auth_signing_alg: z.ZodOptional<z.ZodString>;
|
|
9
|
-
introspection_endpoint_auth_method: z.ZodOptional<z.ZodEnum<["client_secret_basic", "client_secret_jwt", "client_secret_post", "none", "private_key_jwt", "self_signed_tls_client_auth", "tls_client_auth"]>>;
|
|
10
|
-
introspection_endpoint_auth_signing_alg: z.ZodOptional<z.ZodString>;
|
|
11
|
-
revocation_endpoint_auth_method: z.ZodOptional<z.ZodEnum<["client_secret_basic", "client_secret_jwt", "client_secret_post", "none", "private_key_jwt", "self_signed_tls_client_auth", "tls_client_auth"]>>;
|
|
12
|
-
revocation_endpoint_auth_signing_alg: z.ZodOptional<z.ZodString>;
|
|
13
|
-
pushed_authorization_request_endpoint_auth_method: z.ZodOptional<z.ZodEnum<["client_secret_basic", "client_secret_jwt", "client_secret_post", "none", "private_key_jwt", "self_signed_tls_client_auth", "tls_client_auth"]>>;
|
|
14
|
-
pushed_authorization_request_endpoint_auth_signing_alg: z.ZodOptional<z.ZodString>;
|
|
15
9
|
userinfo_signed_response_alg: z.ZodOptional<z.ZodString>;
|
|
16
10
|
userinfo_encrypted_response_alg: z.ZodOptional<z.ZodString>;
|
|
17
11
|
jwks_uri: z.ZodOptional<z.ZodString>;
|
|
@@ -1311,12 +1305,6 @@ export declare const oauthClientMetadataSchema: z.ZodObject<{
|
|
|
1311
1305
|
scope?: string | undefined;
|
|
1312
1306
|
token_endpoint_auth_method?: "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "none" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1313
1307
|
token_endpoint_auth_signing_alg?: string | undefined;
|
|
1314
|
-
introspection_endpoint_auth_method?: "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "none" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1315
|
-
introspection_endpoint_auth_signing_alg?: string | undefined;
|
|
1316
|
-
revocation_endpoint_auth_method?: "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "none" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1317
|
-
revocation_endpoint_auth_signing_alg?: string | undefined;
|
|
1318
|
-
pushed_authorization_request_endpoint_auth_method?: "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "none" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1319
|
-
pushed_authorization_request_endpoint_auth_signing_alg?: string | undefined;
|
|
1320
1308
|
userinfo_signed_response_alg?: string | undefined;
|
|
1321
1309
|
userinfo_encrypted_response_alg?: string | undefined;
|
|
1322
1310
|
jwks_uri?: string | undefined;
|
|
@@ -1444,12 +1432,6 @@ export declare const oauthClientMetadataSchema: z.ZodObject<{
|
|
|
1444
1432
|
scope?: string | undefined;
|
|
1445
1433
|
token_endpoint_auth_method?: "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "none" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1446
1434
|
token_endpoint_auth_signing_alg?: string | undefined;
|
|
1447
|
-
introspection_endpoint_auth_method?: "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "none" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1448
|
-
introspection_endpoint_auth_signing_alg?: string | undefined;
|
|
1449
|
-
revocation_endpoint_auth_method?: "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "none" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1450
|
-
revocation_endpoint_auth_signing_alg?: string | undefined;
|
|
1451
|
-
pushed_authorization_request_endpoint_auth_method?: "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "none" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
|
1452
|
-
pushed_authorization_request_endpoint_auth_signing_alg?: string | undefined;
|
|
1453
1435
|
userinfo_signed_response_alg?: string | undefined;
|
|
1454
1436
|
userinfo_encrypted_response_alg?: string | undefined;
|
|
1455
1437
|
jwks_uri?: string | undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-client-metadata.d.ts","sourceRoot":"","sources":["../src/oauth-client-metadata.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AASvB,eAAO,MAAM,yBAAyB
|
|
1
|
+
{"version":3,"file":"oauth-client-metadata.d.ts","sourceRoot":"","sources":["../src/oauth-client-metadata.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AASvB,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAqCpC;;;;;;OAMG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAWH,CAAA;AAEF,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAA;AAC3E,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAA"}
|
|
@@ -28,12 +28,6 @@ exports.oauthClientMetadataSchema = zod_1.z.object({
|
|
|
28
28
|
.default('none')
|
|
29
29
|
.optional(),
|
|
30
30
|
token_endpoint_auth_signing_alg: zod_1.z.string().optional(),
|
|
31
|
-
introspection_endpoint_auth_method: oauth_endpoint_auth_method_js_1.oauthEndpointAuthMethod.optional(),
|
|
32
|
-
introspection_endpoint_auth_signing_alg: zod_1.z.string().optional(),
|
|
33
|
-
revocation_endpoint_auth_method: oauth_endpoint_auth_method_js_1.oauthEndpointAuthMethod.optional(),
|
|
34
|
-
revocation_endpoint_auth_signing_alg: zod_1.z.string().optional(),
|
|
35
|
-
pushed_authorization_request_endpoint_auth_method: oauth_endpoint_auth_method_js_1.oauthEndpointAuthMethod.optional(),
|
|
36
|
-
pushed_authorization_request_endpoint_auth_signing_alg: zod_1.z.string().optional(),
|
|
37
31
|
userinfo_signed_response_alg: zod_1.z.string().optional(),
|
|
38
32
|
userinfo_encrypted_response_alg: zod_1.z.string().optional(),
|
|
39
33
|
jwks_uri: zod_1.z.string().url().optional(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-client-metadata.js","sourceRoot":"","sources":["../src/oauth-client-metadata.ts"],"names":[],"mappings":";;;AAAA,sCAA4C;AAC5C,6BAAuB;AAEvB,6DAA0D;AAC1D,mFAAyE;AACzE,+DAA4D;AAC5D,qEAAkE;AAElE,gEAAgE;AAChE,gDAAgD;AACnC,QAAA,yBAAyB,GAAG,OAAC,CAAC,MAAM,CAAC;IAChD,aAAa,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,QAAQ,EAAE;IACnD,cAAc,EAAE,OAAC;SACd,KAAK,CAAC,gDAAuB,CAAC;SAC9B,QAAQ,EAAE;QACX,wEAAwE;QACxE,mBAAmB;SAClB,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC;IACpB,WAAW,EAAE,OAAC;SACX,KAAK,CAAC,0CAAoB,CAAC;SAC3B,QAAQ,EAAE;QACX,0EAA0E;QAC1E,qCAAqC;SACpC,OAAO,CAAC,CAAC,oBAAoB,CAAC,CAAC;IAClC,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,0BAA0B,EAAE,uDAAuB;SAChD,OAAO,CAAC,MAAM,CAAC;SACf,QAAQ,EAAE;IACb,+BAA+B,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACtD,
|
|
1
|
+
{"version":3,"file":"oauth-client-metadata.js","sourceRoot":"","sources":["../src/oauth-client-metadata.ts"],"names":[],"mappings":";;;AAAA,sCAA4C;AAC5C,6BAAuB;AAEvB,6DAA0D;AAC1D,mFAAyE;AACzE,+DAA4D;AAC5D,qEAAkE;AAElE,gEAAgE;AAChE,gDAAgD;AACnC,QAAA,yBAAyB,GAAG,OAAC,CAAC,MAAM,CAAC;IAChD,aAAa,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,QAAQ,EAAE;IACnD,cAAc,EAAE,OAAC;SACd,KAAK,CAAC,gDAAuB,CAAC;SAC9B,QAAQ,EAAE;QACX,wEAAwE;QACxE,mBAAmB;SAClB,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC;IACpB,WAAW,EAAE,OAAC;SACX,KAAK,CAAC,0CAAoB,CAAC;SAC3B,QAAQ,EAAE;QACX,0EAA0E;QAC1E,qCAAqC;SACpC,OAAO,CAAC,CAAC,oBAAoB,CAAC,CAAC;IAClC,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,0BAA0B,EAAE,uDAAuB;SAChD,OAAO,CAAC,MAAM,CAAC;SACf,QAAQ,EAAE;IACb,+BAA+B,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACtD,4BAA4B,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACnD,+BAA+B,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACtD,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACrC,IAAI,EAAE,mBAAa,CAAC,QAAQ,EAAE;IAC9B,gBAAgB,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,EAAE,EAAE,8BAA8B;IACrG,YAAY,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,QAAQ,EAAE;IACzE,0BAA0B,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACjD,4BAA4B,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACnD,iCAAiC,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE;IACzE,oCAAoC,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,QAAQ,EAAE;IAC1E,oCAAoC,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3D,SAAS,EAAE,wCAAmB,CAAC,QAAQ,EAAE;IACzC,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACvC,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACvC,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACpC,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAErC;;;;;;OAMG;IACH,eAAe,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACtC,iBAAiB,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACzC,QAAQ,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC,CAAC,QAAQ,EAAE;IAChD,0CAA0C,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAElE,4DAA4D;IAC5D,wBAAwB,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAEhD,6DAA6D;IAC7D,2BAA2B,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CAC5D,CAAC,CAAA"}
|
|
@@ -1,2 +1,3 @@
|
|
|
1
|
-
export
|
|
1
|
+
export declare const OAUTH_ENDPOINT_NAMES: readonly ["token", "revocation", "introspection", "pushed_authorization_request"];
|
|
2
|
+
export type OAuthEndpointName = (typeof OAUTH_ENDPOINT_NAMES)[number];
|
|
2
3
|
//# sourceMappingURL=oauth-endpoint-name.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-endpoint-name.d.ts","sourceRoot":"","sources":["../src/oauth-endpoint-name.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,iBAAiB,
|
|
1
|
+
{"version":3,"file":"oauth-endpoint-name.d.ts","sourceRoot":"","sources":["../src/oauth-endpoint-name.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,oBAAoB,mFAKvB,CAAA;AAEV,MAAM,MAAM,iBAAiB,GAAG,CAAC,OAAO,oBAAoB,CAAC,CAAC,MAAM,CAAC,CAAA"}
|
|
@@ -1,3 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.OAUTH_ENDPOINT_NAMES = void 0;
|
|
4
|
+
exports.OAUTH_ENDPOINT_NAMES = [
|
|
5
|
+
'token',
|
|
6
|
+
'revocation',
|
|
7
|
+
'introspection',
|
|
8
|
+
'pushed_authorization_request',
|
|
9
|
+
];
|
|
3
10
|
//# sourceMappingURL=oauth-endpoint-name.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-endpoint-name.js","sourceRoot":"","sources":["../src/oauth-endpoint-name.ts"],"names":[],"mappings":""}
|
|
1
|
+
{"version":3,"file":"oauth-endpoint-name.js","sourceRoot":"","sources":["../src/oauth-endpoint-name.ts"],"names":[],"mappings":";;;AAAa,QAAA,oBAAoB,GAAG;IAClC,OAAO;IACP,YAAY;IACZ,eAAe;IACf,8BAA8B;CACtB,CAAA"}
|
|
@@ -3,10 +3,10 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.oauthResponseTypeSchema = void 0;
|
|
4
4
|
const zod_1 = require("zod");
|
|
5
5
|
exports.oauthResponseTypeSchema = zod_1.z.enum([
|
|
6
|
-
//
|
|
6
|
+
// OAuth2 (https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-10#section-4.1.1)
|
|
7
7
|
'code', // Authorization Code Grant
|
|
8
8
|
'token', // Implicit Grant
|
|
9
|
-
//
|
|
9
|
+
// OIDC (https://openid.net/specs/oauth-v2-multiple-response-types-1_0.html)
|
|
10
10
|
'none',
|
|
11
11
|
'code id_token token',
|
|
12
12
|
'code id_token',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-response-type.js","sourceRoot":"","sources":["../src/oauth-response-type.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEV,QAAA,uBAAuB,GAAG,OAAC,CAAC,IAAI,CAAC;IAC5C,
|
|
1
|
+
{"version":3,"file":"oauth-response-type.js","sourceRoot":"","sources":["../src/oauth-response-type.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEV,QAAA,uBAAuB,GAAG,OAAC,CAAC,IAAI,CAAC;IAC5C,wFAAwF;IACxF,MAAM,EAAE,2BAA2B;IACnC,OAAO,EAAE,iBAAiB;IAE1B,4EAA4E;IAC5E,MAAM;IACN,qBAAqB;IACrB,eAAe;IACf,YAAY;IACZ,gBAAgB;IAChB,UAAU;CACX,CAAC,CAAA"}
|
|
@@ -6,7 +6,6 @@ export declare const oauthTokenResponseSchema: z.ZodObject<{
|
|
|
6
6
|
access_token: z.ZodString;
|
|
7
7
|
token_type: z.ZodUnion<[z.ZodEffects<z.ZodString, "DPoP", string>, z.ZodEffects<z.ZodString, "Bearer", string>]>;
|
|
8
8
|
issuer: z.ZodOptional<z.ZodString>;
|
|
9
|
-
sub: z.ZodOptional<z.ZodString>;
|
|
10
9
|
scope: z.ZodOptional<z.ZodString>;
|
|
11
10
|
id_token: z.ZodOptional<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>>;
|
|
12
11
|
refresh_token: z.ZodOptional<z.ZodString>;
|
|
@@ -37,7 +36,6 @@ export declare const oauthTokenResponseSchema: z.ZodObject<{
|
|
|
37
36
|
access_token: z.ZodString;
|
|
38
37
|
token_type: z.ZodUnion<[z.ZodEffects<z.ZodString, "DPoP", string>, z.ZodEffects<z.ZodString, "Bearer", string>]>;
|
|
39
38
|
issuer: z.ZodOptional<z.ZodString>;
|
|
40
|
-
sub: z.ZodOptional<z.ZodString>;
|
|
41
39
|
scope: z.ZodOptional<z.ZodString>;
|
|
42
40
|
id_token: z.ZodOptional<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>>;
|
|
43
41
|
refresh_token: z.ZodOptional<z.ZodString>;
|
|
@@ -68,7 +66,6 @@ export declare const oauthTokenResponseSchema: z.ZodObject<{
|
|
|
68
66
|
access_token: z.ZodString;
|
|
69
67
|
token_type: z.ZodUnion<[z.ZodEffects<z.ZodString, "DPoP", string>, z.ZodEffects<z.ZodString, "Bearer", string>]>;
|
|
70
68
|
issuer: z.ZodOptional<z.ZodString>;
|
|
71
|
-
sub: z.ZodOptional<z.ZodString>;
|
|
72
69
|
scope: z.ZodOptional<z.ZodString>;
|
|
73
70
|
id_token: z.ZodOptional<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>>;
|
|
74
71
|
refresh_token: z.ZodOptional<z.ZodString>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-token-response.d.ts","sourceRoot":"","sources":["../src/oauth-token-response.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAKvB;;GAEG;AACH,eAAO,MAAM,wBAAwB
|
|
1
|
+
{"version":3,"file":"oauth-token-response.d.ts","sourceRoot":"","sources":["../src/oauth-token-response.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAKvB;;GAEG;AACH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;gCAarB,CAAA;AAEhB;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAA"}
|
|
@@ -13,7 +13,6 @@ exports.oauthTokenResponseSchema = zod_1.z
|
|
|
13
13
|
access_token: zod_1.z.string(),
|
|
14
14
|
token_type: oauth_token_type_js_1.oauthTokenTypeSchema,
|
|
15
15
|
issuer: zod_1.z.string().url().optional(),
|
|
16
|
-
sub: zod_1.z.string().optional(),
|
|
17
16
|
scope: zod_1.z.string().optional(),
|
|
18
17
|
id_token: jwk_1.signedJwtSchema.optional(),
|
|
19
18
|
refresh_token: zod_1.z.string().optional(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-token-response.js","sourceRoot":"","sources":["../src/oauth-token-response.ts"],"names":[],"mappings":";;;AAAA,sCAA8C;AAC9C,6BAAuB;AAEvB,qFAAkF;AAClF,+DAA4D;AAE5D;;GAEG;AACU,QAAA,wBAAwB,GAAG,OAAC;KACtC,MAAM,CAAC;IACN,YAAY,EAAE,OAAC,CAAC,MAAM,EAAE;IACxB,UAAU,EAAE,0CAAoB;IAChC,MAAM,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACnC,
|
|
1
|
+
{"version":3,"file":"oauth-token-response.js","sourceRoot":"","sources":["../src/oauth-token-response.ts"],"names":[],"mappings":";;;AAAA,sCAA8C;AAC9C,6BAAuB;AAEvB,qFAAkF;AAClF,+DAA4D;AAE5D;;GAEG;AACU,QAAA,wBAAwB,GAAG,OAAC;KACtC,MAAM,CAAC;IACN,YAAY,EAAE,OAAC,CAAC,MAAM,EAAE;IACxB,UAAU,EAAE,0CAAoB;IAChC,MAAM,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACnC,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,QAAQ,EAAE,qBAAe,CAAC,QAAQ,EAAE;IACpC,aAAa,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACpC,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACjC,qBAAqB,EAAE,gEAA+B,CAAC,QAAQ,EAAE;CAClE,CAAC;IACF,0DAA0D;IAC1D,qEAAqE;KACpE,WAAW,EAAE,CAAA"}
|
package/package.json
CHANGED
|
@@ -21,9 +21,8 @@ export function atprotoLoopbackClientMetadata(
|
|
|
21
21
|
return {
|
|
22
22
|
client_id: clientId,
|
|
23
23
|
client_name: 'Loopback client',
|
|
24
|
-
response_types: ['code
|
|
25
|
-
grant_types: ['authorization_code', '
|
|
26
|
-
scope: 'openid profile offline_access',
|
|
24
|
+
response_types: ['code'],
|
|
25
|
+
grant_types: ['authorization_code', 'refresh_token'],
|
|
27
26
|
redirect_uris: (redirectUris.length
|
|
28
27
|
? redirectUris
|
|
29
28
|
: (['127.0.0.1', '[::1]'] as const).map(
|
package/src/constants.ts
CHANGED
|
@@ -16,10 +16,3 @@ export const ALLOW_UNSECURE_ORIGINS = (() => {
|
|
|
16
16
|
|
|
17
17
|
export const CLIENT_ASSERTION_TYPE_JWT_BEARER =
|
|
18
18
|
'urn:ietf:params:oauth:client-assertion-type:jwt-bearer'
|
|
19
|
-
|
|
20
|
-
export const OAUTH_AUTHENTICATED_ENDPOINT_NAMES = [
|
|
21
|
-
'token',
|
|
22
|
-
'revocation',
|
|
23
|
-
'introspection',
|
|
24
|
-
'pushed_authorization_request',
|
|
25
|
-
] as const
|
|
@@ -3,6 +3,7 @@ import { z } from 'zod'
|
|
|
3
3
|
|
|
4
4
|
import { oauthAuthorizationDetailsSchema } from './oauth-authorization-details.js'
|
|
5
5
|
import { oauthClientIdSchema } from './oauth-client-id.js'
|
|
6
|
+
import { oauthResponseTypeSchema } from './oauth-response-type.js'
|
|
6
7
|
import { oidcClaimsParameterSchema } from './oidc-claims-parameter.js'
|
|
7
8
|
import { oidcClaimsPropertiesSchema } from './oidc-claims-properties.js'
|
|
8
9
|
import { oidcEntityTypeSchema } from './oidc-entity-type.js'
|
|
@@ -17,19 +18,7 @@ export const oauthAuthenticationRequestParametersSchema = z.object({
|
|
|
17
18
|
nonce: z.string().optional(),
|
|
18
19
|
dpop_jkt: z.string().optional(),
|
|
19
20
|
|
|
20
|
-
response_type:
|
|
21
|
-
// OAuth2 (https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-10#section-4.1.1)
|
|
22
|
-
'code',
|
|
23
|
-
'token',
|
|
24
|
-
|
|
25
|
-
// OIDC (https://openid.net/specs/oauth-v2-multiple-response-types-1_0.html)
|
|
26
|
-
'id_token',
|
|
27
|
-
'none',
|
|
28
|
-
'code token',
|
|
29
|
-
'code id_token',
|
|
30
|
-
'id_token token',
|
|
31
|
-
'code id_token token',
|
|
32
|
-
]),
|
|
21
|
+
response_type: oauthResponseTypeSchema,
|
|
33
22
|
|
|
34
23
|
// Default depend on response_type
|
|
35
24
|
response_mode: z.enum(['query', 'fragment', 'form_post']).optional(),
|
|
@@ -40,10 +29,13 @@ export const oauthAuthenticationRequestParametersSchema = z.object({
|
|
|
40
29
|
|
|
41
30
|
redirect_uri: z.string().url().optional(),
|
|
42
31
|
|
|
43
|
-
//
|
|
32
|
+
// https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-11#section-1.4.1
|
|
33
|
+
// scope = scope-token *( SP scope-token )
|
|
34
|
+
// scope-token = 1*( %x21 / %x23-5B / %x5D-7E )
|
|
35
|
+
// = Basically most ASCII characters except backslash and double quote
|
|
44
36
|
scope: z
|
|
45
37
|
.string()
|
|
46
|
-
.regex(/^[
|
|
38
|
+
.regex(/^[!\x23-\x5B\x5D-\x7E]+( [!\x23-\x5B\x5D-\x7E]+)*$/)
|
|
47
39
|
.optional(),
|
|
48
40
|
|
|
49
41
|
// OIDC
|
|
@@ -44,24 +44,8 @@ export const oauthAuthorizationServerMetadataSchema = z.object({
|
|
|
44
44
|
.optional(),
|
|
45
45
|
|
|
46
46
|
revocation_endpoint: z.string().url().optional(),
|
|
47
|
-
revocation_endpoint_auth_methods_supported: z.array(z.string()).optional(),
|
|
48
|
-
revocation_endpoint_auth_signing_alg_values_supported: z
|
|
49
|
-
.array(z.string())
|
|
50
|
-
.optional(),
|
|
51
|
-
|
|
52
47
|
introspection_endpoint: z.string().url().optional(),
|
|
53
|
-
introspection_endpoint_auth_methods_supported: z.array(z.string()).optional(),
|
|
54
|
-
introspection_endpoint_auth_signing_alg_values_supported: z
|
|
55
|
-
.array(z.string())
|
|
56
|
-
.optional(),
|
|
57
|
-
|
|
58
48
|
pushed_authorization_request_endpoint: z.string().url().optional(),
|
|
59
|
-
pushed_authorization_request_endpoint_auth_methods_supported: z
|
|
60
|
-
.array(z.string())
|
|
61
|
-
.optional(),
|
|
62
|
-
pushed_authorization_request_endpoint_auth_signing_alg_values_supported: z
|
|
63
|
-
.array(z.string())
|
|
64
|
-
.optional(),
|
|
65
49
|
|
|
66
50
|
require_pushed_authorization_requests: z.boolean().optional(),
|
|
67
51
|
|
|
@@ -27,13 +27,6 @@ export const oauthClientMetadataSchema = z.object({
|
|
|
27
27
|
.default('none')
|
|
28
28
|
.optional(),
|
|
29
29
|
token_endpoint_auth_signing_alg: z.string().optional(),
|
|
30
|
-
introspection_endpoint_auth_method: oauthEndpointAuthMethod.optional(),
|
|
31
|
-
introspection_endpoint_auth_signing_alg: z.string().optional(),
|
|
32
|
-
revocation_endpoint_auth_method: oauthEndpointAuthMethod.optional(),
|
|
33
|
-
revocation_endpoint_auth_signing_alg: z.string().optional(),
|
|
34
|
-
pushed_authorization_request_endpoint_auth_method:
|
|
35
|
-
oauthEndpointAuthMethod.optional(),
|
|
36
|
-
pushed_authorization_request_endpoint_auth_signing_alg: z.string().optional(),
|
|
37
30
|
userinfo_signed_response_alg: z.string().optional(),
|
|
38
31
|
userinfo_encrypted_response_alg: z.string().optional(),
|
|
39
32
|
jwks_uri: z.string().url().optional(),
|
|
@@ -1,5 +1,8 @@
|
|
|
1
|
-
export
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
1
|
+
export const OAUTH_ENDPOINT_NAMES = [
|
|
2
|
+
'token',
|
|
3
|
+
'revocation',
|
|
4
|
+
'introspection',
|
|
5
|
+
'pushed_authorization_request',
|
|
6
|
+
] as const
|
|
7
|
+
|
|
8
|
+
export type OAuthEndpointName = (typeof OAUTH_ENDPOINT_NAMES)[number]
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
import { z } from 'zod'
|
|
2
2
|
|
|
3
3
|
export const oauthResponseTypeSchema = z.enum([
|
|
4
|
-
//
|
|
4
|
+
// OAuth2 (https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-10#section-4.1.1)
|
|
5
5
|
'code', // Authorization Code Grant
|
|
6
6
|
'token', // Implicit Grant
|
|
7
7
|
|
|
8
|
-
//
|
|
8
|
+
// OIDC (https://openid.net/specs/oauth-v2-multiple-response-types-1_0.html)
|
|
9
9
|
'none',
|
|
10
10
|
'code id_token token',
|
|
11
11
|
'code id_token',
|
|
@@ -12,7 +12,6 @@ export const oauthTokenResponseSchema = z
|
|
|
12
12
|
access_token: z.string(),
|
|
13
13
|
token_type: oauthTokenTypeSchema,
|
|
14
14
|
issuer: z.string().url().optional(),
|
|
15
|
-
sub: z.string().optional(),
|
|
16
15
|
scope: z.string().optional(),
|
|
17
16
|
id_token: signedJwtSchema.optional(),
|
|
18
17
|
refresh_token: z.string().optional(),
|