@atproto/oauth-types 0.1.4 → 0.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +26 -0
- package/dist/atproto-loopback-client-metadata.d.ts.map +1 -1
- package/dist/atproto-loopback-client-metadata.js +3 -14
- package/dist/atproto-loopback-client-metadata.js.map +1 -1
- package/dist/index.d.ts +18 -5
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +18 -5
- package/dist/index.js.map +1 -1
- package/dist/oauth-access-token.d.ts +4 -0
- package/dist/oauth-access-token.d.ts.map +1 -0
- package/dist/oauth-access-token.js +6 -0
- package/dist/oauth-access-token.js.map +1 -0
- package/dist/oauth-authorization-code-grant-token-request.d.ts +20 -0
- package/dist/oauth-authorization-code-grant-token-request.d.ts.map +1 -0
- package/dist/oauth-authorization-code-grant-token-request.js +17 -0
- package/dist/oauth-authorization-code-grant-token-request.js.map +1 -0
- package/dist/oauth-authorization-request-jar.d.ts +16 -0
- package/dist/oauth-authorization-request-jar.d.ts.map +1 -0
- package/dist/oauth-authorization-request-jar.js +15 -0
- package/dist/oauth-authorization-request-jar.js.map +1 -0
- package/dist/oauth-authorization-request-par.d.ts +122 -0
- package/dist/oauth-authorization-request-par.d.ts.map +1 -0
- package/dist/oauth-authorization-request-par.js +11 -0
- package/dist/oauth-authorization-request-par.js.map +1 -0
- package/dist/{oauth-authentication-request-parameters.d.ts → oauth-authorization-request-parameters.d.ts} +15 -15
- package/dist/oauth-authorization-request-parameters.d.ts.map +1 -0
- package/dist/{oauth-authentication-request-parameters.js → oauth-authorization-request-parameters.js} +15 -16
- package/dist/oauth-authorization-request-parameters.js.map +1 -0
- package/dist/oauth-authorization-request-query.d.ts +128 -0
- package/dist/oauth-authorization-request-query.d.ts.map +1 -0
- package/dist/oauth-authorization-request-query.js +13 -0
- package/dist/oauth-authorization-request-query.js.map +1 -0
- package/dist/oauth-authorization-request-uri.d.ts +10 -0
- package/dist/oauth-authorization-request-uri.d.ts.map +1 -0
- package/dist/oauth-authorization-request-uri.js +9 -0
- package/dist/oauth-authorization-request-uri.js.map +1 -0
- package/dist/oauth-authorization-server-metadata.d.ts +10 -10
- package/dist/oauth-authorization-server-metadata.d.ts.map +1 -1
- package/dist/oauth-authorization-server-metadata.js +5 -1
- package/dist/oauth-authorization-server-metadata.js.map +1 -1
- package/dist/oauth-client-credentials-grant-token-request.d.ts +10 -0
- package/dist/oauth-client-credentials-grant-token-request.d.ts.map +1 -0
- package/dist/oauth-client-credentials-grant-token-request.js +8 -0
- package/dist/oauth-client-credentials-grant-token-request.js.map +1 -0
- package/dist/oauth-client-credentials.d.ts +18 -2
- package/dist/oauth-client-credentials.d.ts.map +1 -1
- package/dist/oauth-client-credentials.js +8 -2
- package/dist/oauth-client-credentials.js.map +1 -1
- package/dist/oauth-client-id-discoverable.d.ts +3 -2
- package/dist/oauth-client-id-discoverable.d.ts.map +1 -1
- package/dist/oauth-client-id-discoverable.js +21 -18
- package/dist/oauth-client-id-discoverable.js.map +1 -1
- package/dist/oauth-client-id-loopback.d.ts +10 -3
- package/dist/oauth-client-id-loopback.d.ts.map +1 -1
- package/dist/oauth-client-id-loopback.js +58 -21
- package/dist/oauth-client-id-loopback.js.map +1 -1
- package/dist/oauth-client-metadata.d.ts +1 -1
- package/dist/oauth-client-metadata.d.ts.map +1 -1
- package/dist/oauth-client-metadata.js +2 -1
- package/dist/oauth-client-metadata.js.map +1 -1
- package/dist/oauth-code-challenge-method.d.ts +3 -0
- package/dist/oauth-code-challenge-method.d.ts.map +1 -0
- package/dist/oauth-code-challenge-method.js +6 -0
- package/dist/oauth-code-challenge-method.js.map +1 -0
- package/dist/oauth-introspection-response.d.ts +20 -0
- package/dist/oauth-introspection-response.d.ts.map +1 -0
- package/dist/oauth-introspection-response.js +3 -0
- package/dist/oauth-introspection-response.js.map +1 -0
- package/dist/oauth-par-response.d.ts +3 -0
- package/dist/oauth-par-response.d.ts.map +1 -1
- package/dist/oauth-par-response.js +1 -0
- package/dist/oauth-par-response.js.map +1 -1
- package/dist/oauth-password-grant-token-request.d.ts +16 -0
- package/dist/oauth-password-grant-token-request.d.ts.map +1 -0
- package/dist/oauth-password-grant-token-request.js +10 -0
- package/dist/oauth-password-grant-token-request.js.map +1 -0
- package/dist/oauth-refresh-token-grant-token-request.d.ts +16 -0
- package/dist/oauth-refresh-token-grant-token-request.d.ts.map +1 -0
- package/dist/oauth-refresh-token-grant-token-request.js +12 -0
- package/dist/oauth-refresh-token-grant-token-request.js.map +1 -0
- package/dist/oauth-refresh-token.d.ts +4 -0
- package/dist/oauth-refresh-token.d.ts.map +1 -0
- package/dist/oauth-refresh-token.js +6 -0
- package/dist/oauth-refresh-token.js.map +1 -0
- package/dist/oauth-request-uri.d.ts +4 -0
- package/dist/oauth-request-uri.d.ts.map +1 -0
- package/dist/oauth-request-uri.js +6 -0
- package/dist/oauth-request-uri.js.map +1 -0
- package/dist/oauth-scope.d.ts +10 -0
- package/dist/oauth-scope.d.ts.map +1 -0
- package/dist/oauth-scope.js +16 -0
- package/dist/oauth-scope.js.map +1 -0
- package/dist/oauth-token-identification.d.ts +13 -0
- package/dist/oauth-token-identification.d.ts.map +1 -0
- package/dist/oauth-token-identification.js +11 -0
- package/dist/oauth-token-identification.js.map +1 -0
- package/dist/oauth-token-request.d.ts +49 -0
- package/dist/oauth-token-request.d.ts.map +1 -0
- package/dist/oauth-token-request.js +15 -0
- package/dist/oauth-token-request.js.map +1 -0
- package/dist/util.d.ts +2 -1
- package/dist/util.d.ts.map +1 -1
- package/dist/util.js +34 -3
- package/dist/util.js.map +1 -1
- package/package.json +1 -1
- package/src/atproto-loopback-client-metadata.ts +7 -20
- package/src/index.ts +18 -5
- package/src/oauth-access-token.ts +4 -0
- package/src/oauth-authorization-code-grant-token-request.ts +18 -0
- package/src/oauth-authorization-request-jar.ts +16 -0
- package/src/oauth-authorization-request-par.ts +13 -0
- package/src/{oauth-authentication-request-parameters.ts → oauth-authorization-request-parameters.ts} +20 -21
- package/src/oauth-authorization-request-query.ts +15 -0
- package/src/oauth-authorization-request-uri.ts +11 -0
- package/src/oauth-authorization-server-metadata.ts +5 -1
- package/src/oauth-client-credentials-grant-token-request.ts +9 -0
- package/src/oauth-client-credentials.ts +21 -1
- package/src/oauth-client-id-discoverable.ts +29 -26
- package/src/oauth-client-id-loopback.ts +78 -30
- package/src/oauth-client-metadata.ts +2 -1
- package/src/oauth-code-challenge-method.ts +3 -0
- package/src/oauth-introspection-response.ts +23 -0
- package/src/oauth-par-response.ts +1 -0
- package/src/oauth-password-grant-token-request.ts +11 -0
- package/src/oauth-refresh-token-grant-token-request.ts +13 -0
- package/src/oauth-refresh-token.ts +4 -0
- package/src/oauth-request-uri.ts +5 -0
- package/src/oauth-scope.ts +15 -0
- package/src/oauth-token-identification.ts +12 -0
- package/src/oauth-token-request.ts +14 -0
- package/src/util.ts +41 -1
- package/dist/access-token.d.ts +0 -4
- package/dist/access-token.d.ts.map +0 -1
- package/dist/access-token.js +0 -6
- package/dist/access-token.js.map +0 -1
- package/dist/oauth-authentication-request-parameters.d.ts.map +0 -1
- package/dist/oauth-authentication-request-parameters.js.map +0 -1
- package/dist/oauth-client-id-url.d.ts +0 -3
- package/dist/oauth-client-id-url.d.ts.map +0 -1
- package/dist/oauth-client-id-url.js +0 -21
- package/dist/oauth-client-id-url.js.map +0 -1
- package/dist/oauth-client-identification.d.ts +0 -31
- package/dist/oauth-client-identification.d.ts.map +0 -1
- package/dist/oauth-client-identification.js +0 -12
- package/dist/oauth-client-identification.js.map +0 -1
- package/src/access-token.ts +0 -4
- package/src/oauth-client-id-url.ts +0 -25
- package/src/oauth-client-identification.ts +0 -14
|
@@ -0,0 +1,128 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
export declare const oauthAuthorizationRequestQuerySchema: z.ZodUnion<[z.ZodObject<{
|
|
3
|
+
client_id: z.ZodString;
|
|
4
|
+
state: z.ZodOptional<z.ZodString>;
|
|
5
|
+
redirect_uri: z.ZodOptional<z.ZodString>;
|
|
6
|
+
scope: z.ZodOptional<z.ZodString>;
|
|
7
|
+
response_type: z.ZodEnum<["code", "token", "none", "code id_token token", "code id_token", "code token", "id_token token", "id_token"]>;
|
|
8
|
+
code_challenge: z.ZodOptional<z.ZodString>;
|
|
9
|
+
code_challenge_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<["S256", "plain"]>>>;
|
|
10
|
+
dpop_jkt: z.ZodOptional<z.ZodString>;
|
|
11
|
+
response_mode: z.ZodOptional<z.ZodEnum<["query", "fragment", "form_post"]>>;
|
|
12
|
+
nonce: z.ZodOptional<z.ZodString>;
|
|
13
|
+
max_age: z.ZodOptional<z.ZodNumber>;
|
|
14
|
+
claims: z.ZodOptional<z.ZodRecord<z.ZodEnum<["userinfo", "id_token"]>, z.ZodRecord<z.ZodEnum<["auth_time", "nonce", "acr", "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "gender", "picture", "profile", "website", "birthdate", "zoneinfo", "locale", "updated_at", "email", "email_verified", "phone_number", "phone_number_verified", "address"]>, z.ZodUnion<[z.ZodLiteral<null>, z.ZodObject<{
|
|
15
|
+
essential: z.ZodOptional<z.ZodBoolean>;
|
|
16
|
+
value: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodNumber, z.ZodBoolean]>>;
|
|
17
|
+
values: z.ZodOptional<z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodNumber, z.ZodBoolean]>, "many">>;
|
|
18
|
+
}, "strip", z.ZodTypeAny, {
|
|
19
|
+
values?: (string | number | boolean)[] | undefined;
|
|
20
|
+
value?: string | number | boolean | undefined;
|
|
21
|
+
essential?: boolean | undefined;
|
|
22
|
+
}, {
|
|
23
|
+
values?: (string | number | boolean)[] | undefined;
|
|
24
|
+
value?: string | number | boolean | undefined;
|
|
25
|
+
essential?: boolean | undefined;
|
|
26
|
+
}>]>>>>;
|
|
27
|
+
login_hint: z.ZodOptional<z.ZodString>;
|
|
28
|
+
ui_locales: z.ZodOptional<z.ZodString>;
|
|
29
|
+
id_token_hint: z.ZodOptional<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>>;
|
|
30
|
+
display: z.ZodOptional<z.ZodEnum<["page", "popup", "touch"]>>;
|
|
31
|
+
prompt: z.ZodOptional<z.ZodEnum<["none", "login", "consent", "select_account"]>>;
|
|
32
|
+
authorization_details: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
33
|
+
type: z.ZodString;
|
|
34
|
+
locations: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
35
|
+
actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
36
|
+
datatypes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
37
|
+
identifier: z.ZodOptional<z.ZodString>;
|
|
38
|
+
privileges: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
39
|
+
}, "strip", z.ZodTypeAny, {
|
|
40
|
+
type: string;
|
|
41
|
+
locations?: string[] | undefined;
|
|
42
|
+
actions?: string[] | undefined;
|
|
43
|
+
datatypes?: string[] | undefined;
|
|
44
|
+
identifier?: string | undefined;
|
|
45
|
+
privileges?: string[] | undefined;
|
|
46
|
+
}, {
|
|
47
|
+
type: string;
|
|
48
|
+
locations?: string[] | undefined;
|
|
49
|
+
actions?: string[] | undefined;
|
|
50
|
+
datatypes?: string[] | undefined;
|
|
51
|
+
identifier?: string | undefined;
|
|
52
|
+
privileges?: string[] | undefined;
|
|
53
|
+
}>, "many">>;
|
|
54
|
+
}, "strip", z.ZodTypeAny, {
|
|
55
|
+
client_id: string;
|
|
56
|
+
response_type: "code" | "none" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
|
|
57
|
+
redirect_uri?: string | undefined;
|
|
58
|
+
scope?: string | undefined;
|
|
59
|
+
nonce?: string | undefined;
|
|
60
|
+
state?: string | undefined;
|
|
61
|
+
code_challenge?: string | undefined;
|
|
62
|
+
code_challenge_method?: "S256" | "plain" | undefined;
|
|
63
|
+
dpop_jkt?: string | undefined;
|
|
64
|
+
response_mode?: "query" | "fragment" | "form_post" | undefined;
|
|
65
|
+
max_age?: number | undefined;
|
|
66
|
+
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"auth_time" | "nonce" | "acr" | "name" | "family_name" | "given_name" | "middle_name" | "nickname" | "preferred_username" | "gender" | "picture" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "email" | "email_verified" | "phone_number" | "phone_number_verified" | "address", {
|
|
67
|
+
values?: (string | number | boolean)[] | undefined;
|
|
68
|
+
value?: string | number | boolean | undefined;
|
|
69
|
+
essential?: boolean | undefined;
|
|
70
|
+
} | null>>>> | undefined;
|
|
71
|
+
login_hint?: string | undefined;
|
|
72
|
+
ui_locales?: string | undefined;
|
|
73
|
+
id_token_hint?: `${string}.${string}.${string}` | undefined;
|
|
74
|
+
display?: "page" | "popup" | "touch" | undefined;
|
|
75
|
+
prompt?: "none" | "login" | "consent" | "select_account" | undefined;
|
|
76
|
+
authorization_details?: {
|
|
77
|
+
type: string;
|
|
78
|
+
locations?: string[] | undefined;
|
|
79
|
+
actions?: string[] | undefined;
|
|
80
|
+
datatypes?: string[] | undefined;
|
|
81
|
+
identifier?: string | undefined;
|
|
82
|
+
privileges?: string[] | undefined;
|
|
83
|
+
}[] | undefined;
|
|
84
|
+
}, {
|
|
85
|
+
client_id: string;
|
|
86
|
+
response_type: "code" | "none" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
|
|
87
|
+
redirect_uri?: string | undefined;
|
|
88
|
+
scope?: string | undefined;
|
|
89
|
+
nonce?: string | undefined;
|
|
90
|
+
state?: string | undefined;
|
|
91
|
+
code_challenge?: string | undefined;
|
|
92
|
+
code_challenge_method?: "S256" | "plain" | undefined;
|
|
93
|
+
dpop_jkt?: string | undefined;
|
|
94
|
+
response_mode?: "query" | "fragment" | "form_post" | undefined;
|
|
95
|
+
max_age?: number | undefined;
|
|
96
|
+
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"auth_time" | "nonce" | "acr" | "name" | "family_name" | "given_name" | "middle_name" | "nickname" | "preferred_username" | "gender" | "picture" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "email" | "email_verified" | "phone_number" | "phone_number_verified" | "address", {
|
|
97
|
+
values?: (string | number | boolean)[] | undefined;
|
|
98
|
+
value?: string | number | boolean | undefined;
|
|
99
|
+
essential?: boolean | undefined;
|
|
100
|
+
} | null>>>> | undefined;
|
|
101
|
+
login_hint?: string | undefined;
|
|
102
|
+
ui_locales?: string | undefined;
|
|
103
|
+
id_token_hint?: string | undefined;
|
|
104
|
+
display?: "page" | "popup" | "touch" | undefined;
|
|
105
|
+
prompt?: "none" | "login" | "consent" | "select_account" | undefined;
|
|
106
|
+
authorization_details?: {
|
|
107
|
+
type: string;
|
|
108
|
+
locations?: string[] | undefined;
|
|
109
|
+
actions?: string[] | undefined;
|
|
110
|
+
datatypes?: string[] | undefined;
|
|
111
|
+
identifier?: string | undefined;
|
|
112
|
+
privileges?: string[] | undefined;
|
|
113
|
+
}[] | undefined;
|
|
114
|
+
}>, z.ZodObject<{
|
|
115
|
+
request: z.ZodUnion<[z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}`, string>]>;
|
|
116
|
+
}, "strip", z.ZodTypeAny, {
|
|
117
|
+
request: `${string}.${string}.${string}` | `${string}.${string}`;
|
|
118
|
+
}, {
|
|
119
|
+
request: string;
|
|
120
|
+
}>, z.ZodObject<{
|
|
121
|
+
request_uri: z.ZodString;
|
|
122
|
+
}, "strip", z.ZodTypeAny, {
|
|
123
|
+
request_uri: string;
|
|
124
|
+
}, {
|
|
125
|
+
request_uri: string;
|
|
126
|
+
}>]>;
|
|
127
|
+
export type OAuthAuthorizationRequestQuery = z.infer<typeof oauthAuthorizationRequestQuerySchema>;
|
|
128
|
+
//# sourceMappingURL=oauth-authorization-request-query.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth-authorization-request-query.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-request-query.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAMvB,eAAO,MAAM,oCAAoC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAI/C,CAAA;AAEF,MAAM,MAAM,8BAA8B,GAAG,CAAC,CAAC,KAAK,CAClD,OAAO,oCAAoC,CAC5C,CAAA"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.oauthAuthorizationRequestQuerySchema = void 0;
|
|
4
|
+
const zod_1 = require("zod");
|
|
5
|
+
const oauth_authorization_request_jar_js_1 = require("./oauth-authorization-request-jar.js");
|
|
6
|
+
const oauth_authorization_request_parameters_js_1 = require("./oauth-authorization-request-parameters.js");
|
|
7
|
+
const oauth_authorization_request_uri_js_1 = require("./oauth-authorization-request-uri.js");
|
|
8
|
+
exports.oauthAuthorizationRequestQuerySchema = zod_1.z.union([
|
|
9
|
+
oauth_authorization_request_parameters_js_1.oauthAuthorizationRequestParametersSchema,
|
|
10
|
+
oauth_authorization_request_jar_js_1.oauthAuthorizationRequestJarSchema,
|
|
11
|
+
oauth_authorization_request_uri_js_1.oauthAuthorizationRequestUriSchema,
|
|
12
|
+
]);
|
|
13
|
+
//# sourceMappingURL=oauth-authorization-request-query.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth-authorization-request-query.js","sourceRoot":"","sources":["../src/oauth-authorization-request-query.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEvB,6FAAyF;AACzF,2GAAuG;AACvG,6FAAyF;AAE5E,QAAA,oCAAoC,GAAG,OAAC,CAAC,KAAK,CAAC;IAC1D,qFAAyC;IACzC,uEAAkC;IAClC,uEAAkC;CACnC,CAAC,CAAA"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
export declare const oauthAuthorizationRequestUriSchema: z.ZodObject<{
|
|
3
|
+
request_uri: z.ZodString;
|
|
4
|
+
}, "strip", z.ZodTypeAny, {
|
|
5
|
+
request_uri: string;
|
|
6
|
+
}, {
|
|
7
|
+
request_uri: string;
|
|
8
|
+
}>;
|
|
9
|
+
export type OAuthAuthorizationRequestUri = z.infer<typeof oauthAuthorizationRequestUriSchema>;
|
|
10
|
+
//# sourceMappingURL=oauth-authorization-request-uri.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth-authorization-request-uri.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-request-uri.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAIvB,eAAO,MAAM,kCAAkC;;;;;;EAE7C,CAAA;AAEF,MAAM,MAAM,4BAA4B,GAAG,CAAC,CAAC,KAAK,CAChD,OAAO,kCAAkC,CAC1C,CAAA"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.oauthAuthorizationRequestUriSchema = void 0;
|
|
4
|
+
const zod_1 = require("zod");
|
|
5
|
+
const oauth_request_uri_js_1 = require("./oauth-request-uri.js");
|
|
6
|
+
exports.oauthAuthorizationRequestUriSchema = zod_1.z.object({
|
|
7
|
+
request_uri: oauth_request_uri_js_1.oauthRequestUriSchema,
|
|
8
|
+
});
|
|
9
|
+
//# sourceMappingURL=oauth-authorization-request-uri.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth-authorization-request-uri.js","sourceRoot":"","sources":["../src/oauth-authorization-request-uri.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEvB,iEAA8D;AAEjD,QAAA,kCAAkC,GAAG,OAAC,CAAC,MAAM,CAAC;IACzD,WAAW,EAAE,4CAAqB;CACnC,CAAC,CAAA"}
|
|
@@ -15,7 +15,7 @@ export declare const oauthAuthorizationServerMetadataSchema: z.ZodObject<{
|
|
|
15
15
|
response_types_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
16
16
|
response_modes_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
17
17
|
grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
18
|
-
code_challenge_methods_supported: z.ZodOptional<z.ZodArray<z.
|
|
18
|
+
code_challenge_methods_supported: z.ZodOptional<z.ZodArray<z.ZodEnum<["S256", "plain"]>, "many">>;
|
|
19
19
|
ui_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
20
20
|
id_token_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
21
21
|
display_values_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
@@ -55,7 +55,7 @@ export declare const oauthAuthorizationServerMetadataSchema: z.ZodObject<{
|
|
|
55
55
|
response_types_supported?: string[] | undefined;
|
|
56
56
|
response_modes_supported?: string[] | undefined;
|
|
57
57
|
grant_types_supported?: string[] | undefined;
|
|
58
|
-
code_challenge_methods_supported?:
|
|
58
|
+
code_challenge_methods_supported?: ("S256" | "plain")[] | undefined;
|
|
59
59
|
ui_locales_supported?: string[] | undefined;
|
|
60
60
|
id_token_signing_alg_values_supported?: string[] | undefined;
|
|
61
61
|
display_values_supported?: string[] | undefined;
|
|
@@ -92,7 +92,7 @@ export declare const oauthAuthorizationServerMetadataSchema: z.ZodObject<{
|
|
|
92
92
|
response_types_supported?: string[] | undefined;
|
|
93
93
|
response_modes_supported?: string[] | undefined;
|
|
94
94
|
grant_types_supported?: string[] | undefined;
|
|
95
|
-
code_challenge_methods_supported?:
|
|
95
|
+
code_challenge_methods_supported?: ("S256" | "plain")[] | undefined;
|
|
96
96
|
ui_locales_supported?: string[] | undefined;
|
|
97
97
|
id_token_signing_alg_values_supported?: string[] | undefined;
|
|
98
98
|
display_values_supported?: string[] | undefined;
|
|
@@ -128,7 +128,7 @@ export declare const oauthAuthorizationServerMetadataValidator: z.ZodEffects<z.Z
|
|
|
128
128
|
response_types_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
129
129
|
response_modes_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
130
130
|
grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
131
|
-
code_challenge_methods_supported: z.ZodOptional<z.ZodArray<z.
|
|
131
|
+
code_challenge_methods_supported: z.ZodOptional<z.ZodArray<z.ZodEnum<["S256", "plain"]>, "many">>;
|
|
132
132
|
ui_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
133
133
|
id_token_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
134
134
|
display_values_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
@@ -168,7 +168,7 @@ export declare const oauthAuthorizationServerMetadataValidator: z.ZodEffects<z.Z
|
|
|
168
168
|
response_types_supported?: string[] | undefined;
|
|
169
169
|
response_modes_supported?: string[] | undefined;
|
|
170
170
|
grant_types_supported?: string[] | undefined;
|
|
171
|
-
code_challenge_methods_supported?:
|
|
171
|
+
code_challenge_methods_supported?: ("S256" | "plain")[] | undefined;
|
|
172
172
|
ui_locales_supported?: string[] | undefined;
|
|
173
173
|
id_token_signing_alg_values_supported?: string[] | undefined;
|
|
174
174
|
display_values_supported?: string[] | undefined;
|
|
@@ -205,7 +205,7 @@ export declare const oauthAuthorizationServerMetadataValidator: z.ZodEffects<z.Z
|
|
|
205
205
|
response_types_supported?: string[] | undefined;
|
|
206
206
|
response_modes_supported?: string[] | undefined;
|
|
207
207
|
grant_types_supported?: string[] | undefined;
|
|
208
|
-
code_challenge_methods_supported?:
|
|
208
|
+
code_challenge_methods_supported?: ("S256" | "plain")[] | undefined;
|
|
209
209
|
ui_locales_supported?: string[] | undefined;
|
|
210
210
|
id_token_signing_alg_values_supported?: string[] | undefined;
|
|
211
211
|
display_values_supported?: string[] | undefined;
|
|
@@ -242,7 +242,7 @@ export declare const oauthAuthorizationServerMetadataValidator: z.ZodEffects<z.Z
|
|
|
242
242
|
response_types_supported?: string[] | undefined;
|
|
243
243
|
response_modes_supported?: string[] | undefined;
|
|
244
244
|
grant_types_supported?: string[] | undefined;
|
|
245
|
-
code_challenge_methods_supported?:
|
|
245
|
+
code_challenge_methods_supported?: ("S256" | "plain")[] | undefined;
|
|
246
246
|
ui_locales_supported?: string[] | undefined;
|
|
247
247
|
id_token_signing_alg_values_supported?: string[] | undefined;
|
|
248
248
|
display_values_supported?: string[] | undefined;
|
|
@@ -279,7 +279,7 @@ export declare const oauthAuthorizationServerMetadataValidator: z.ZodEffects<z.Z
|
|
|
279
279
|
response_types_supported?: string[] | undefined;
|
|
280
280
|
response_modes_supported?: string[] | undefined;
|
|
281
281
|
grant_types_supported?: string[] | undefined;
|
|
282
|
-
code_challenge_methods_supported?:
|
|
282
|
+
code_challenge_methods_supported?: ("S256" | "plain")[] | undefined;
|
|
283
283
|
ui_locales_supported?: string[] | undefined;
|
|
284
284
|
id_token_signing_alg_values_supported?: string[] | undefined;
|
|
285
285
|
display_values_supported?: string[] | undefined;
|
|
@@ -316,7 +316,7 @@ export declare const oauthAuthorizationServerMetadataValidator: z.ZodEffects<z.Z
|
|
|
316
316
|
response_types_supported?: string[] | undefined;
|
|
317
317
|
response_modes_supported?: string[] | undefined;
|
|
318
318
|
grant_types_supported?: string[] | undefined;
|
|
319
|
-
code_challenge_methods_supported?:
|
|
319
|
+
code_challenge_methods_supported?: ("S256" | "plain")[] | undefined;
|
|
320
320
|
ui_locales_supported?: string[] | undefined;
|
|
321
321
|
id_token_signing_alg_values_supported?: string[] | undefined;
|
|
322
322
|
display_values_supported?: string[] | undefined;
|
|
@@ -353,7 +353,7 @@ export declare const oauthAuthorizationServerMetadataValidator: z.ZodEffects<z.Z
|
|
|
353
353
|
response_types_supported?: string[] | undefined;
|
|
354
354
|
response_modes_supported?: string[] | undefined;
|
|
355
355
|
grant_types_supported?: string[] | undefined;
|
|
356
|
-
code_challenge_methods_supported?:
|
|
356
|
+
code_challenge_methods_supported?: ("S256" | "plain")[] | undefined;
|
|
357
357
|
ui_locales_supported?: string[] | undefined;
|
|
358
358
|
id_token_signing_alg_values_supported?: string[] | undefined;
|
|
359
359
|
display_values_supported?: string[] | undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-authorization-server-metadata.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-server-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;
|
|
1
|
+
{"version":3,"file":"oauth-authorization-server-metadata.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-server-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAKvB;;GAEG;AACH,eAAO,MAAM,sCAAsC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2DjD,CAAA;AAEF,MAAM,MAAM,gCAAgC,GAAG,CAAC,CAAC,KAAK,CACpD,OAAO,sCAAsC,CAC9C,CAAA;AAED,eAAO,MAAM,yCAAyC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAuBhD,CAAA"}
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.oauthAuthorizationServerMetadataValidator = exports.oauthAuthorizationServerMetadataSchema = void 0;
|
|
4
4
|
const zod_1 = require("zod");
|
|
5
|
+
const oauth_code_challenge_method_js_1 = require("./oauth-code-challenge-method.js");
|
|
5
6
|
const oauth_issuer_identifier_js_1 = require("./oauth-issuer-identifier.js");
|
|
6
7
|
/**
|
|
7
8
|
* @see {@link https://datatracker.ietf.org/doc/html/rfc8414}
|
|
@@ -19,7 +20,10 @@ exports.oauthAuthorizationServerMetadataSchema = zod_1.z.object({
|
|
|
19
20
|
response_types_supported: zod_1.z.array(zod_1.z.string()).optional(),
|
|
20
21
|
response_modes_supported: zod_1.z.array(zod_1.z.string()).optional(),
|
|
21
22
|
grant_types_supported: zod_1.z.array(zod_1.z.string()).optional(),
|
|
22
|
-
code_challenge_methods_supported: zod_1.z
|
|
23
|
+
code_challenge_methods_supported: zod_1.z
|
|
24
|
+
.array(oauth_code_challenge_method_js_1.oauthCodeChallengeMethodSchema)
|
|
25
|
+
.min(1)
|
|
26
|
+
.optional(),
|
|
23
27
|
ui_locales_supported: zod_1.z.array(zod_1.z.string()).optional(),
|
|
24
28
|
id_token_signing_alg_values_supported: zod_1.z.array(zod_1.z.string()).optional(),
|
|
25
29
|
display_values_supported: zod_1.z.array(zod_1.z.string()).optional(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-authorization-server-metadata.js","sourceRoot":"","sources":["../src/oauth-authorization-server-metadata.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEvB,6EAA0E;AAE1E;;GAEG;AACU,QAAA,sCAAsC,GAAG,OAAC,CAAC,MAAM,CAAC;IAC7D,MAAM,EAAE,wDAA2B;IAEnC,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAChD,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,0BAA0B,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAClD,2BAA2B,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACnD,+BAA+B,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACvD,gCAAgC,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACxD,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAChD,uBAAuB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACvD,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,qBAAqB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACrD,gCAAgC,EAAE,OAAC,
|
|
1
|
+
{"version":3,"file":"oauth-authorization-server-metadata.js","sourceRoot":"","sources":["../src/oauth-authorization-server-metadata.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEvB,qFAAiF;AACjF,6EAA0E;AAE1E;;GAEG;AACU,QAAA,sCAAsC,GAAG,OAAC,CAAC,MAAM,CAAC;IAC7D,MAAM,EAAE,wDAA2B;IAEnC,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAChD,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,0BAA0B,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAClD,2BAA2B,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACnD,+BAA+B,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACvD,gCAAgC,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACxD,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAChD,uBAAuB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACvD,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,qBAAqB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACrD,gCAAgC,EAAE,OAAC;SAChC,KAAK,CAAC,+DAA8B,CAAC;SACrC,GAAG,CAAC,CAAC,CAAC;SACN,QAAQ,EAAE;IACb,oBAAoB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACpD,qCAAqC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACrE,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxD,2CAA2C,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC3E,8CAA8C,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACtE,qCAAqC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACrE,8CAA8C,EAAE,OAAC;SAC9C,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;SACjB,QAAQ,EAAE;IACb,8CAA8C,EAAE,OAAC;SAC9C,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;SACjB,QAAQ,EAAE;IAEb,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAErC,sBAAsB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,eAAe;IAEzD,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,eAAe;IACjD,qCAAqC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACrE,gDAAgD,EAAE,OAAC;SAChD,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;SACjB,QAAQ,EAAE;IAEb,mBAAmB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAChD,sBAAsB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACnD,qCAAqC,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAElE,qCAAqC,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAE7D,iBAAiB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAC9C,oBAAoB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACjD,qBAAqB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAElD,4DAA4D;IAC5D,iCAAiC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAEjE,wFAAwF;IACxF,mBAAmB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,QAAQ,EAAE;IAEzD,kIAAkI;IAClI,qCAAqC,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;CAC9D,CAAC,CAAA;AAMW,QAAA,yCAAyC,GACpD,8CAAsC;KACnC,WAAW,CAAC,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;IACzB,IACE,IAAI,CAAC,qCAAqC;QAC1C,CAAC,IAAI,CAAC,qCAAqC,EAC3C,CAAC;QACD,GAAG,CAAC,QAAQ,CAAC;YACX,IAAI,EAAE,OAAC,CAAC,YAAY,CAAC,MAAM;YAC3B,OAAO,EACL,uGAAuG;SAC1G,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAC;KACD,WAAW,CAAC,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;IACzB,IAAI,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAClC,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACpD,GAAG,CAAC,QAAQ,CAAC;gBACX,IAAI,EAAE,OAAC,CAAC,YAAY,CAAC,MAAM;gBAC3B,OAAO,EAAE,kCAAkC;aAC5C,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAA"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
export declare const oauthClientCredentialsGrantTokenRequestSchema: z.ZodObject<{
|
|
3
|
+
grant_type: z.ZodLiteral<"client_credentials">;
|
|
4
|
+
}, "strip", z.ZodTypeAny, {
|
|
5
|
+
grant_type: "client_credentials";
|
|
6
|
+
}, {
|
|
7
|
+
grant_type: "client_credentials";
|
|
8
|
+
}>;
|
|
9
|
+
export type OAuthClientCredentialsGrantTokenRequest = z.infer<typeof oauthClientCredentialsGrantTokenRequestSchema>;
|
|
10
|
+
//# sourceMappingURL=oauth-client-credentials-grant-token-request.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth-client-credentials-grant-token-request.d.ts","sourceRoot":"","sources":["../src/oauth-client-credentials-grant-token-request.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,6CAA6C;;;;;;EAExD,CAAA;AAEF,MAAM,MAAM,uCAAuC,GAAG,CAAC,CAAC,KAAK,CAC3D,OAAO,6CAA6C,CACrD,CAAA"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.oauthClientCredentialsGrantTokenRequestSchema = void 0;
|
|
4
|
+
const zod_1 = require("zod");
|
|
5
|
+
exports.oauthClientCredentialsGrantTokenRequestSchema = zod_1.z.object({
|
|
6
|
+
grant_type: zod_1.z.literal('client_credentials'),
|
|
7
|
+
});
|
|
8
|
+
//# sourceMappingURL=oauth-client-credentials-grant-token-request.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth-client-credentials-grant-token-request.js","sourceRoot":"","sources":["../src/oauth-client-credentials-grant-token-request.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEV,QAAA,6CAA6C,GAAG,OAAC,CAAC,MAAM,CAAC;IACpE,UAAU,EAAE,OAAC,CAAC,OAAO,CAAC,oBAAoB,CAAC;CAC5C,CAAC,CAAA"}
|
|
@@ -9,7 +9,7 @@ export declare const oauthClientCredentialsJwtBearerSchema: z.ZodObject<{
|
|
|
9
9
|
* - The JWT MAY contain a "jti" (JWT ID) claim that provides a unique identifier for the token.
|
|
10
10
|
* - Note that the authorization server may reject JWTs with an "exp" claim value that is unreasonably far in the future.
|
|
11
11
|
*
|
|
12
|
-
* @see {@link https://datatracker.ietf.org/doc/html/
|
|
12
|
+
* @see {@link https://datatracker.ietf.org/doc/html/rfc7523#section-3}
|
|
13
13
|
*/
|
|
14
14
|
client_assertion: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>;
|
|
15
15
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -21,6 +21,7 @@ export declare const oauthClientCredentialsJwtBearerSchema: z.ZodObject<{
|
|
|
21
21
|
client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer";
|
|
22
22
|
client_assertion: string;
|
|
23
23
|
}>;
|
|
24
|
+
export type OAuthClientCredentialsJwtBearer = z.infer<typeof oauthClientCredentialsJwtBearerSchema>;
|
|
24
25
|
export declare const oauthClientCredentialsSecretPostSchema: z.ZodObject<{
|
|
25
26
|
client_id: z.ZodString;
|
|
26
27
|
client_secret: z.ZodString;
|
|
@@ -31,6 +32,15 @@ export declare const oauthClientCredentialsSecretPostSchema: z.ZodObject<{
|
|
|
31
32
|
client_id: string;
|
|
32
33
|
client_secret: string;
|
|
33
34
|
}>;
|
|
35
|
+
export type OAuthClientCredentialsSecretPost = z.infer<typeof oauthClientCredentialsSecretPostSchema>;
|
|
36
|
+
export declare const oauthClientCredentialsNoneSchema: z.ZodObject<{
|
|
37
|
+
client_id: z.ZodString;
|
|
38
|
+
}, "strip", z.ZodTypeAny, {
|
|
39
|
+
client_id: string;
|
|
40
|
+
}, {
|
|
41
|
+
client_id: string;
|
|
42
|
+
}>;
|
|
43
|
+
export type OAuthClientCredentialsNone = z.infer<typeof oauthClientCredentialsNoneSchema>;
|
|
34
44
|
export declare const oauthClientCredentialsSchema: z.ZodUnion<[z.ZodObject<{
|
|
35
45
|
client_id: z.ZodString;
|
|
36
46
|
client_assertion_type: z.ZodLiteral<"urn:ietf:params:oauth:client-assertion-type:jwt-bearer">;
|
|
@@ -41,7 +51,7 @@ export declare const oauthClientCredentialsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
41
51
|
* - The JWT MAY contain a "jti" (JWT ID) claim that provides a unique identifier for the token.
|
|
42
52
|
* - Note that the authorization server may reject JWTs with an "exp" claim value that is unreasonably far in the future.
|
|
43
53
|
*
|
|
44
|
-
* @see {@link https://datatracker.ietf.org/doc/html/
|
|
54
|
+
* @see {@link https://datatracker.ietf.org/doc/html/rfc7523#section-3}
|
|
45
55
|
*/
|
|
46
56
|
client_assertion: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>;
|
|
47
57
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -61,6 +71,12 @@ export declare const oauthClientCredentialsSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
61
71
|
}, {
|
|
62
72
|
client_id: string;
|
|
63
73
|
client_secret: string;
|
|
74
|
+
}>, z.ZodObject<{
|
|
75
|
+
client_id: z.ZodString;
|
|
76
|
+
}, "strip", z.ZodTypeAny, {
|
|
77
|
+
client_id: string;
|
|
78
|
+
}, {
|
|
79
|
+
client_id: string;
|
|
64
80
|
}>]>;
|
|
65
81
|
export type OAuthClientCredentials = z.infer<typeof oauthClientCredentialsSchema>;
|
|
66
82
|
//# sourceMappingURL=oauth-client-credentials.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-client-credentials.d.ts","sourceRoot":"","sources":["../src/oauth-client-credentials.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAMvB,eAAO,MAAM,qCAAqC;;;IAGhD;;;;;;;;OAQG;;;;;;;;;;EAEH,CAAA;AAEF,eAAO,MAAM,sCAAsC;;;;;;;;;EAGjD,CAAA;AAEF,eAAO,MAAM,4BAA4B;;;
|
|
1
|
+
{"version":3,"file":"oauth-client-credentials.d.ts","sourceRoot":"","sources":["../src/oauth-client-credentials.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAMvB,eAAO,MAAM,qCAAqC;;;IAGhD;;;;;;;;OAQG;;;;;;;;;;EAEH,CAAA;AAEF,MAAM,MAAM,+BAA+B,GAAG,CAAC,CAAC,KAAK,CACnD,OAAO,qCAAqC,CAC7C,CAAA;AAED,eAAO,MAAM,sCAAsC;;;;;;;;;EAGjD,CAAA;AAEF,MAAM,MAAM,gCAAgC,GAAG,CAAC,CAAC,KAAK,CACpD,OAAO,sCAAsC,CAC9C,CAAA;AAED,eAAO,MAAM,gCAAgC;;;;;;EAE3C,CAAA;AAEF,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAC9C,OAAO,gCAAgC,CACxC,CAAA;AAID,eAAO,MAAM,4BAA4B;;;IAnCvC;;;;;;;;OAQG;;;;;;;;;;;;;;;;;;;;;;;;;IAgCH,CAAA;AAEF,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAC1C,OAAO,4BAA4B,CACpC,CAAA"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.oauthClientCredentialsSchema = exports.oauthClientCredentialsSecretPostSchema = exports.oauthClientCredentialsJwtBearerSchema = void 0;
|
|
3
|
+
exports.oauthClientCredentialsSchema = exports.oauthClientCredentialsNoneSchema = exports.oauthClientCredentialsSecretPostSchema = exports.oauthClientCredentialsJwtBearerSchema = void 0;
|
|
4
4
|
const zod_1 = require("zod");
|
|
5
5
|
const jwk_1 = require("@atproto/jwk");
|
|
6
6
|
const oauth_client_id_js_1 = require("./oauth-client-id.js");
|
|
@@ -15,7 +15,7 @@ exports.oauthClientCredentialsJwtBearerSchema = zod_1.z.object({
|
|
|
15
15
|
* - The JWT MAY contain a "jti" (JWT ID) claim that provides a unique identifier for the token.
|
|
16
16
|
* - Note that the authorization server may reject JWTs with an "exp" claim value that is unreasonably far in the future.
|
|
17
17
|
*
|
|
18
|
-
* @see {@link https://datatracker.ietf.org/doc/html/
|
|
18
|
+
* @see {@link https://datatracker.ietf.org/doc/html/rfc7523#section-3}
|
|
19
19
|
*/
|
|
20
20
|
client_assertion: jwk_1.signedJwtSchema,
|
|
21
21
|
});
|
|
@@ -23,8 +23,14 @@ exports.oauthClientCredentialsSecretPostSchema = zod_1.z.object({
|
|
|
23
23
|
client_id: oauth_client_id_js_1.oauthClientIdSchema,
|
|
24
24
|
client_secret: zod_1.z.string(),
|
|
25
25
|
});
|
|
26
|
+
exports.oauthClientCredentialsNoneSchema = zod_1.z.object({
|
|
27
|
+
client_id: oauth_client_id_js_1.oauthClientIdSchema,
|
|
28
|
+
});
|
|
29
|
+
//
|
|
26
30
|
exports.oauthClientCredentialsSchema = zod_1.z.union([
|
|
27
31
|
exports.oauthClientCredentialsJwtBearerSchema,
|
|
28
32
|
exports.oauthClientCredentialsSecretPostSchema,
|
|
33
|
+
// Must be last since it is less specific
|
|
34
|
+
exports.oauthClientCredentialsNoneSchema,
|
|
29
35
|
]);
|
|
30
36
|
//# sourceMappingURL=oauth-client-credentials.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-client-credentials.js","sourceRoot":"","sources":["../src/oauth-client-credentials.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,sCAA8C;AAE9C,6DAA0D;AAC1D,iDAAiE;AAEpD,QAAA,qCAAqC,GAAG,OAAC,CAAC,MAAM,CAAC;IAC5D,SAAS,EAAE,wCAAmB;IAC9B,qBAAqB,EAAE,OAAC,CAAC,OAAO,CAAC,+CAAgC,CAAC;IAClE;;;;;;;;OAQG;IACH,gBAAgB,EAAE,qBAAe;CAClC,CAAC,CAAA;
|
|
1
|
+
{"version":3,"file":"oauth-client-credentials.js","sourceRoot":"","sources":["../src/oauth-client-credentials.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,sCAA8C;AAE9C,6DAA0D;AAC1D,iDAAiE;AAEpD,QAAA,qCAAqC,GAAG,OAAC,CAAC,MAAM,CAAC;IAC5D,SAAS,EAAE,wCAAmB;IAC9B,qBAAqB,EAAE,OAAC,CAAC,OAAO,CAAC,+CAAgC,CAAC;IAClE;;;;;;;;OAQG;IACH,gBAAgB,EAAE,qBAAe;CAClC,CAAC,CAAA;AAMW,QAAA,sCAAsC,GAAG,OAAC,CAAC,MAAM,CAAC;IAC7D,SAAS,EAAE,wCAAmB;IAC9B,aAAa,EAAE,OAAC,CAAC,MAAM,EAAE;CAC1B,CAAC,CAAA;AAMW,QAAA,gCAAgC,GAAG,OAAC,CAAC,MAAM,CAAC;IACvD,SAAS,EAAE,wCAAmB;CAC/B,CAAC,CAAA;AAMF,EAAE;AAEW,QAAA,4BAA4B,GAAG,OAAC,CAAC,KAAK,CAAC;IAClD,6CAAqC;IACrC,8CAAsC;IACtC,yCAAyC;IACzC,wCAAgC;CACjC,CAAC,CAAA"}
|
|
@@ -3,6 +3,7 @@ import { OAuthClientId } from './oauth-client-id.js';
|
|
|
3
3
|
* @see {@link https://drafts.aaronpk.com/draft-parecki-oauth-client-id-metadata-document/draft-parecki-oauth-client-id-metadata-document.html}
|
|
4
4
|
*/
|
|
5
5
|
export type OAuthClientIdDiscoverable = OAuthClientId & `https://${string}`;
|
|
6
|
-
export declare function isOAuthClientIdDiscoverable
|
|
7
|
-
export declare function
|
|
6
|
+
export declare function isOAuthClientIdDiscoverable(clientId: string): clientId is OAuthClientIdDiscoverable;
|
|
7
|
+
export declare function assertOAuthDiscoverableClientId(value: string): asserts value is OAuthClientIdDiscoverable;
|
|
8
|
+
export declare function parseOAuthDiscoverableClientId(clientId: string): URL;
|
|
8
9
|
//# sourceMappingURL=oauth-client-id-discoverable.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-client-id-discoverable.d.ts","sourceRoot":"","sources":["../src/oauth-client-id-discoverable.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"oauth-client-id-discoverable.d.ts","sourceRoot":"","sources":["../src/oauth-client-id-discoverable.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAA;AAGpD;;GAEG;AACH,MAAM,MAAM,yBAAyB,GAAG,aAAa,GAAG,WAAW,MAAM,EAAE,CAAA;AAE3E,wBAAgB,2BAA2B,CACzC,QAAQ,EAAE,MAAM,GACf,QAAQ,IAAI,yBAAyB,CAOvC;AAED,wBAAgB,+BAA+B,CAC7C,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,KAAK,IAAI,yBAAyB,CAE5C;AAED,wBAAgB,8BAA8B,CAAC,QAAQ,EAAE,MAAM,GAAG,GAAG,CA2CpE"}
|
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.parseOAuthDiscoverableClientId = exports.isOAuthClientIdDiscoverable = void 0;
|
|
4
|
-
const oauth_client_id_url_js_1 = require("./oauth-client-id-url.js");
|
|
3
|
+
exports.parseOAuthDiscoverableClientId = exports.assertOAuthDiscoverableClientId = exports.isOAuthClientIdDiscoverable = void 0;
|
|
5
4
|
const util_js_1 = require("./util.js");
|
|
6
5
|
function isOAuthClientIdDiscoverable(clientId) {
|
|
7
6
|
try {
|
|
@@ -13,34 +12,38 @@ function isOAuthClientIdDiscoverable(clientId) {
|
|
|
13
12
|
}
|
|
14
13
|
}
|
|
15
14
|
exports.isOAuthClientIdDiscoverable = isOAuthClientIdDiscoverable;
|
|
15
|
+
function assertOAuthDiscoverableClientId(value) {
|
|
16
|
+
void parseOAuthDiscoverableClientId(value);
|
|
17
|
+
}
|
|
18
|
+
exports.assertOAuthDiscoverableClientId = assertOAuthDiscoverableClientId;
|
|
16
19
|
function parseOAuthDiscoverableClientId(clientId) {
|
|
17
|
-
const url =
|
|
18
|
-
// Optimization: cheap checks first
|
|
19
|
-
if (url.hostname === 'localhost') {
|
|
20
|
-
throw new TypeError('ClientID must not be a loopback hostname');
|
|
21
|
-
}
|
|
20
|
+
const url = new URL(clientId);
|
|
22
21
|
if (url.protocol !== 'https:') {
|
|
23
22
|
throw new TypeError('ClientID must use the "https:" protocol');
|
|
24
23
|
}
|
|
24
|
+
if (url.username || url.password) {
|
|
25
|
+
throw new TypeError('ClientID must not contain credentials');
|
|
26
|
+
}
|
|
25
27
|
if (url.hash) {
|
|
26
28
|
throw new TypeError('ClientID must not contain a fragment');
|
|
27
29
|
}
|
|
28
|
-
if (url.
|
|
29
|
-
throw new TypeError('ClientID must not
|
|
30
|
+
if (url.hostname === 'localhost') {
|
|
31
|
+
throw new TypeError('ClientID hostname must not be "localhost"');
|
|
30
32
|
}
|
|
31
33
|
if (url.pathname === '/') {
|
|
32
|
-
throw new TypeError('ClientID must contain a path (e.g. "/client-metadata")');
|
|
34
|
+
throw new TypeError('ClientID must contain a path component (e.g. "/client-metadata.json")');
|
|
33
35
|
}
|
|
34
|
-
if (url.pathname
|
|
35
|
-
throw new TypeError('ClientID must not end with a trailing slash');
|
|
36
|
+
if (url.pathname.endsWith('/')) {
|
|
37
|
+
throw new TypeError('ClientID path must not end with a trailing slash');
|
|
36
38
|
}
|
|
37
|
-
if (url.
|
|
38
|
-
throw new TypeError(
|
|
39
|
+
if ((0, util_js_1.isHostnameIP)(url.hostname)) {
|
|
40
|
+
throw new TypeError('ClientID hostname must not be an IP address');
|
|
39
41
|
}
|
|
40
|
-
//
|
|
41
|
-
//
|
|
42
|
-
|
|
43
|
-
|
|
42
|
+
// URL constructor normalizes the URL, so we extract the path manually to
|
|
43
|
+
// avoid normalization, then compare it to the normalized path to ensure
|
|
44
|
+
// that the URL does not contain path traversal or other unexpected characters
|
|
45
|
+
if ((0, util_js_1.extractUrlPath)(clientId) !== url.pathname) {
|
|
46
|
+
throw new TypeError(`ClientID must be in canonical form ("${url.href}", got "${clientId}")`);
|
|
44
47
|
}
|
|
45
48
|
return url;
|
|
46
49
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-client-id-discoverable.js","sourceRoot":"","sources":["../src/oauth-client-id-discoverable.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"oauth-client-id-discoverable.js","sourceRoot":"","sources":["../src/oauth-client-id-discoverable.ts"],"names":[],"mappings":";;;AACA,uCAAwD;AAOxD,SAAgB,2BAA2B,CACzC,QAAgB;IAEhB,IAAI,CAAC;QACH,8BAA8B,CAAC,QAAQ,CAAC,CAAA;QACxC,OAAO,IAAI,CAAA;IACb,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AATD,kEASC;AAED,SAAgB,+BAA+B,CAC7C,KAAa;IAEb,KAAK,8BAA8B,CAAC,KAAK,CAAC,CAAA;AAC5C,CAAC;AAJD,0EAIC;AAED,SAAgB,8BAA8B,CAAC,QAAgB;IAC7D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAA;IAE7B,IAAI,GAAG,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC9B,MAAM,IAAI,SAAS,CAAC,yCAAyC,CAAC,CAAA;IAChE,CAAC;IAED,IAAI,GAAG,CAAC,QAAQ,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;QACjC,MAAM,IAAI,SAAS,CAAC,uCAAuC,CAAC,CAAA;IAC9D,CAAC;IAED,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;QACb,MAAM,IAAI,SAAS,CAAC,sCAAsC,CAAC,CAAA;IAC7D,CAAC;IAED,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,EAAE,CAAC;QACjC,MAAM,IAAI,SAAS,CAAC,2CAA2C,CAAC,CAAA;IAClE,CAAC;IAED,IAAI,GAAG,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;QACzB,MAAM,IAAI,SAAS,CACjB,uEAAuE,CACxE,CAAA;IACH,CAAC;IAED,IAAI,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,SAAS,CAAC,kDAAkD,CAAC,CAAA;IACzE,CAAC;IAED,IAAI,IAAA,sBAAY,EAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,SAAS,CAAC,6CAA6C,CAAC,CAAA;IACpE,CAAC;IAED,yEAAyE;IACzE,wEAAwE;IACxE,8EAA8E;IAC9E,IAAI,IAAA,wBAAc,EAAC,QAAQ,CAAC,KAAK,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9C,MAAM,IAAI,SAAS,CACjB,wCAAwC,GAAG,CAAC,IAAI,WAAW,QAAQ,IAAI,CACxE,CAAA;IACH,CAAC;IAED,OAAO,GAAG,CAAA;AACZ,CAAC;AA3CD,wEA2CC"}
|
|
@@ -1,5 +1,12 @@
|
|
|
1
1
|
import { OAuthClientId } from './oauth-client-id.js';
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
export
|
|
2
|
+
import { OAuthScope } from './oauth-scope.js';
|
|
3
|
+
declare const OAUTH_CLIENT_ID_LOOPBACK_URL = "http://localhost";
|
|
4
|
+
export type OAuthClientIdLoopback = OAuthClientId & `${typeof OAUTH_CLIENT_ID_LOOPBACK_URL}${'' | '/'}${'' | `?${string}`}`;
|
|
5
|
+
export declare function isOAuthClientIdLoopback(clientId: string): clientId is OAuthClientIdLoopback;
|
|
6
|
+
export declare function assertOAuthLoopbackClientId(clientId: string): asserts clientId is OAuthClientIdLoopback;
|
|
7
|
+
export declare function parseOAuthLoopbackClientId(clientId: string): {
|
|
8
|
+
scope?: OAuthScope;
|
|
9
|
+
redirect_uris?: [string, ...string[]];
|
|
10
|
+
};
|
|
11
|
+
export {};
|
|
5
12
|
//# sourceMappingURL=oauth-client-id-loopback.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-client-id-loopback.d.ts","sourceRoot":"","sources":["../src/oauth-client-id-loopback.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"oauth-client-id-loopback.d.ts","sourceRoot":"","sources":["../src/oauth-client-id-loopback.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAA;AACpD,OAAO,EAAE,UAAU,EAAoB,MAAM,kBAAkB,CAAA;AAG/D,QAAA,MAAM,4BAA4B,qBAAqB,CAAA;AAEvD,MAAM,MAAM,qBAAqB,GAAG,aAAa,GAC/C,GAAG,OAAO,4BAA4B,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,IAAI,MAAM,EAAE,EAAE,CAAA;AAEzE,wBAAgB,uBAAuB,CACrC,QAAQ,EAAE,MAAM,GACf,QAAQ,IAAI,qBAAqB,CAOnC;AAED,wBAAgB,2BAA2B,CACzC,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,QAAQ,IAAI,qBAAqB,CAE3C;AAID,wBAAgB,0BAA0B,CAAC,QAAQ,EAAE,MAAM,GAAG;IAC5D,KAAK,CAAC,EAAE,UAAU,CAAA;IAClB,aAAa,CAAC,EAAE,CAAC,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC,CAAA;CACtC,CA0EA"}
|