@atproto/oauth-types 0.1.4 → 0.1.5
Sign up to get free protection for your applications and to get access to all the features.
- package/CHANGELOG.md +26 -0
- package/dist/atproto-loopback-client-metadata.d.ts.map +1 -1
- package/dist/atproto-loopback-client-metadata.js +3 -14
- package/dist/atproto-loopback-client-metadata.js.map +1 -1
- package/dist/index.d.ts +18 -5
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +18 -5
- package/dist/index.js.map +1 -1
- package/dist/oauth-access-token.d.ts +4 -0
- package/dist/oauth-access-token.d.ts.map +1 -0
- package/dist/oauth-access-token.js +6 -0
- package/dist/oauth-access-token.js.map +1 -0
- package/dist/oauth-authorization-code-grant-token-request.d.ts +20 -0
- package/dist/oauth-authorization-code-grant-token-request.d.ts.map +1 -0
- package/dist/oauth-authorization-code-grant-token-request.js +17 -0
- package/dist/oauth-authorization-code-grant-token-request.js.map +1 -0
- package/dist/oauth-authorization-request-jar.d.ts +16 -0
- package/dist/oauth-authorization-request-jar.d.ts.map +1 -0
- package/dist/oauth-authorization-request-jar.js +15 -0
- package/dist/oauth-authorization-request-jar.js.map +1 -0
- package/dist/oauth-authorization-request-par.d.ts +122 -0
- package/dist/oauth-authorization-request-par.d.ts.map +1 -0
- package/dist/oauth-authorization-request-par.js +11 -0
- package/dist/oauth-authorization-request-par.js.map +1 -0
- package/dist/{oauth-authentication-request-parameters.d.ts → oauth-authorization-request-parameters.d.ts} +15 -15
- package/dist/oauth-authorization-request-parameters.d.ts.map +1 -0
- package/dist/{oauth-authentication-request-parameters.js → oauth-authorization-request-parameters.js} +15 -16
- package/dist/oauth-authorization-request-parameters.js.map +1 -0
- package/dist/oauth-authorization-request-query.d.ts +128 -0
- package/dist/oauth-authorization-request-query.d.ts.map +1 -0
- package/dist/oauth-authorization-request-query.js +13 -0
- package/dist/oauth-authorization-request-query.js.map +1 -0
- package/dist/oauth-authorization-request-uri.d.ts +10 -0
- package/dist/oauth-authorization-request-uri.d.ts.map +1 -0
- package/dist/oauth-authorization-request-uri.js +9 -0
- package/dist/oauth-authorization-request-uri.js.map +1 -0
- package/dist/oauth-authorization-server-metadata.d.ts +10 -10
- package/dist/oauth-authorization-server-metadata.d.ts.map +1 -1
- package/dist/oauth-authorization-server-metadata.js +5 -1
- package/dist/oauth-authorization-server-metadata.js.map +1 -1
- package/dist/oauth-client-credentials-grant-token-request.d.ts +10 -0
- package/dist/oauth-client-credentials-grant-token-request.d.ts.map +1 -0
- package/dist/oauth-client-credentials-grant-token-request.js +8 -0
- package/dist/oauth-client-credentials-grant-token-request.js.map +1 -0
- package/dist/oauth-client-credentials.d.ts +18 -2
- package/dist/oauth-client-credentials.d.ts.map +1 -1
- package/dist/oauth-client-credentials.js +8 -2
- package/dist/oauth-client-credentials.js.map +1 -1
- package/dist/oauth-client-id-discoverable.d.ts +3 -2
- package/dist/oauth-client-id-discoverable.d.ts.map +1 -1
- package/dist/oauth-client-id-discoverable.js +21 -18
- package/dist/oauth-client-id-discoverable.js.map +1 -1
- package/dist/oauth-client-id-loopback.d.ts +10 -3
- package/dist/oauth-client-id-loopback.d.ts.map +1 -1
- package/dist/oauth-client-id-loopback.js +58 -21
- package/dist/oauth-client-id-loopback.js.map +1 -1
- package/dist/oauth-client-metadata.d.ts +1 -1
- package/dist/oauth-client-metadata.d.ts.map +1 -1
- package/dist/oauth-client-metadata.js +2 -1
- package/dist/oauth-client-metadata.js.map +1 -1
- package/dist/oauth-code-challenge-method.d.ts +3 -0
- package/dist/oauth-code-challenge-method.d.ts.map +1 -0
- package/dist/oauth-code-challenge-method.js +6 -0
- package/dist/oauth-code-challenge-method.js.map +1 -0
- package/dist/oauth-introspection-response.d.ts +20 -0
- package/dist/oauth-introspection-response.d.ts.map +1 -0
- package/dist/oauth-introspection-response.js +3 -0
- package/dist/oauth-introspection-response.js.map +1 -0
- package/dist/oauth-par-response.d.ts +3 -0
- package/dist/oauth-par-response.d.ts.map +1 -1
- package/dist/oauth-par-response.js +1 -0
- package/dist/oauth-par-response.js.map +1 -1
- package/dist/oauth-password-grant-token-request.d.ts +16 -0
- package/dist/oauth-password-grant-token-request.d.ts.map +1 -0
- package/dist/oauth-password-grant-token-request.js +10 -0
- package/dist/oauth-password-grant-token-request.js.map +1 -0
- package/dist/oauth-refresh-token-grant-token-request.d.ts +16 -0
- package/dist/oauth-refresh-token-grant-token-request.d.ts.map +1 -0
- package/dist/oauth-refresh-token-grant-token-request.js +12 -0
- package/dist/oauth-refresh-token-grant-token-request.js.map +1 -0
- package/dist/oauth-refresh-token.d.ts +4 -0
- package/dist/oauth-refresh-token.d.ts.map +1 -0
- package/dist/oauth-refresh-token.js +6 -0
- package/dist/oauth-refresh-token.js.map +1 -0
- package/dist/oauth-request-uri.d.ts +4 -0
- package/dist/oauth-request-uri.d.ts.map +1 -0
- package/dist/oauth-request-uri.js +6 -0
- package/dist/oauth-request-uri.js.map +1 -0
- package/dist/oauth-scope.d.ts +10 -0
- package/dist/oauth-scope.d.ts.map +1 -0
- package/dist/oauth-scope.js +16 -0
- package/dist/oauth-scope.js.map +1 -0
- package/dist/oauth-token-identification.d.ts +13 -0
- package/dist/oauth-token-identification.d.ts.map +1 -0
- package/dist/oauth-token-identification.js +11 -0
- package/dist/oauth-token-identification.js.map +1 -0
- package/dist/oauth-token-request.d.ts +49 -0
- package/dist/oauth-token-request.d.ts.map +1 -0
- package/dist/oauth-token-request.js +15 -0
- package/dist/oauth-token-request.js.map +1 -0
- package/dist/util.d.ts +2 -1
- package/dist/util.d.ts.map +1 -1
- package/dist/util.js +34 -3
- package/dist/util.js.map +1 -1
- package/package.json +1 -1
- package/src/atproto-loopback-client-metadata.ts +7 -20
- package/src/index.ts +18 -5
- package/src/oauth-access-token.ts +4 -0
- package/src/oauth-authorization-code-grant-token-request.ts +18 -0
- package/src/oauth-authorization-request-jar.ts +16 -0
- package/src/oauth-authorization-request-par.ts +13 -0
- package/src/{oauth-authentication-request-parameters.ts → oauth-authorization-request-parameters.ts} +20 -21
- package/src/oauth-authorization-request-query.ts +15 -0
- package/src/oauth-authorization-request-uri.ts +11 -0
- package/src/oauth-authorization-server-metadata.ts +5 -1
- package/src/oauth-client-credentials-grant-token-request.ts +9 -0
- package/src/oauth-client-credentials.ts +21 -1
- package/src/oauth-client-id-discoverable.ts +29 -26
- package/src/oauth-client-id-loopback.ts +78 -30
- package/src/oauth-client-metadata.ts +2 -1
- package/src/oauth-code-challenge-method.ts +3 -0
- package/src/oauth-introspection-response.ts +23 -0
- package/src/oauth-par-response.ts +1 -0
- package/src/oauth-password-grant-token-request.ts +11 -0
- package/src/oauth-refresh-token-grant-token-request.ts +13 -0
- package/src/oauth-refresh-token.ts +4 -0
- package/src/oauth-request-uri.ts +5 -0
- package/src/oauth-scope.ts +15 -0
- package/src/oauth-token-identification.ts +12 -0
- package/src/oauth-token-request.ts +14 -0
- package/src/util.ts +41 -1
- package/dist/access-token.d.ts +0 -4
- package/dist/access-token.d.ts.map +0 -1
- package/dist/access-token.js +0 -6
- package/dist/access-token.js.map +0 -1
- package/dist/oauth-authentication-request-parameters.d.ts.map +0 -1
- package/dist/oauth-authentication-request-parameters.js.map +0 -1
- package/dist/oauth-client-id-url.d.ts +0 -3
- package/dist/oauth-client-id-url.d.ts.map +0 -1
- package/dist/oauth-client-id-url.js +0 -21
- package/dist/oauth-client-id-url.js.map +0 -1
- package/dist/oauth-client-identification.d.ts +0 -31
- package/dist/oauth-client-identification.d.ts.map +0 -1
- package/dist/oauth-client-identification.js +0 -12
- package/dist/oauth-client-identification.js.map +0 -1
- package/src/access-token.ts +0 -4
- package/src/oauth-client-id-url.ts +0 -25
- package/src/oauth-client-identification.ts +0 -14
@@ -1,7 +1,9 @@
|
|
1
1
|
"use strict";
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
3
|
-
exports.parseOAuthLoopbackClientId = exports.isOAuthClientIdLoopback = void 0;
|
4
|
-
const
|
3
|
+
exports.parseOAuthLoopbackClientId = exports.assertOAuthLoopbackClientId = exports.isOAuthClientIdLoopback = void 0;
|
4
|
+
const oauth_scope_js_1 = require("./oauth-scope.js");
|
5
|
+
const util_js_1 = require("./util.js");
|
6
|
+
const OAUTH_CLIENT_ID_LOOPBACK_URL = 'http://localhost';
|
5
7
|
function isOAuthClientIdLoopback(clientId) {
|
6
8
|
try {
|
7
9
|
parseOAuthLoopbackClientId(clientId);
|
@@ -12,33 +14,68 @@ function isOAuthClientIdLoopback(clientId) {
|
|
12
14
|
}
|
13
15
|
}
|
14
16
|
exports.isOAuthClientIdLoopback = isOAuthClientIdLoopback;
|
17
|
+
function assertOAuthLoopbackClientId(clientId) {
|
18
|
+
void parseOAuthLoopbackClientId(clientId);
|
19
|
+
}
|
20
|
+
exports.assertOAuthLoopbackClientId = assertOAuthLoopbackClientId;
|
21
|
+
// @TODO: should we turn this into a zod schema? (more coherent error with other
|
22
|
+
// validation functions)
|
15
23
|
function parseOAuthLoopbackClientId(clientId) {
|
16
|
-
|
17
|
-
|
18
|
-
if (url.protocol !== 'http:') {
|
19
|
-
throw new TypeError('Loopback ClientID must use the "http:" protocol');
|
24
|
+
if (!clientId.startsWith(OAUTH_CLIENT_ID_LOOPBACK_URL)) {
|
25
|
+
throw new TypeError(`Loopback ClientID must start with "${OAUTH_CLIENT_ID_LOOPBACK_URL}"`);
|
20
26
|
}
|
21
|
-
if (
|
22
|
-
throw new TypeError('Loopback ClientID must
|
27
|
+
else if (clientId.includes('#', OAUTH_CLIENT_ID_LOOPBACK_URL.length)) {
|
28
|
+
throw new TypeError('Loopback ClientID must not contain a hash component');
|
23
29
|
}
|
24
|
-
|
25
|
-
|
30
|
+
const queryStringIdx = clientId.length > OAUTH_CLIENT_ID_LOOPBACK_URL.length &&
|
31
|
+
clientId[OAUTH_CLIENT_ID_LOOPBACK_URL.length] === '/'
|
32
|
+
? OAUTH_CLIENT_ID_LOOPBACK_URL.length + 1
|
33
|
+
: OAUTH_CLIENT_ID_LOOPBACK_URL.length;
|
34
|
+
if (clientId.length === queryStringIdx) {
|
35
|
+
return {}; // no query string to parse
|
26
36
|
}
|
27
|
-
if (
|
28
|
-
throw new TypeError('Loopback ClientID must not contain
|
37
|
+
if (clientId[queryStringIdx] !== '?') {
|
38
|
+
throw new TypeError('Loopback ClientID must not contain a path component');
|
29
39
|
}
|
30
|
-
|
31
|
-
|
40
|
+
const searchParams = new URLSearchParams(clientId.slice(queryStringIdx + 1));
|
41
|
+
for (const name of searchParams.keys()) {
|
42
|
+
if (name !== 'redirect_uri' && name !== 'scope') {
|
43
|
+
throw new TypeError(`Invalid query parameter "${name}" in client ID`);
|
44
|
+
}
|
32
45
|
}
|
33
|
-
|
34
|
-
if (
|
35
|
-
|
46
|
+
const scope = searchParams.get('scope') ?? undefined;
|
47
|
+
if (scope != null) {
|
48
|
+
if (searchParams.getAll('scope').length > 1) {
|
49
|
+
throw new TypeError('Loopback ClientID must contain at most one scope query parameter');
|
50
|
+
}
|
51
|
+
else if (!oauth_scope_js_1.oauthScopeSchema.safeParse(scope).success) {
|
52
|
+
throw new TypeError('Invalid scope query parameter in client ID');
|
53
|
+
}
|
36
54
|
}
|
37
|
-
|
38
|
-
|
55
|
+
const redirect_uris = searchParams.has('redirect_uri')
|
56
|
+
? searchParams.getAll('redirect_uri')
|
57
|
+
: undefined;
|
58
|
+
if (redirect_uris) {
|
59
|
+
for (const uri of redirect_uris) {
|
60
|
+
const url = (0, util_js_1.safeUrl)(uri);
|
61
|
+
if (!url) {
|
62
|
+
throw new TypeError(`Invalid redirect_uri in client ID: ${uri}`);
|
63
|
+
}
|
64
|
+
if (url.protocol !== 'http:') {
|
65
|
+
throw new TypeError(`Loopback ClientID must use "http:" redirect_uri's (got ${uri})`);
|
66
|
+
}
|
67
|
+
if (url.hostname === 'localhost') {
|
68
|
+
throw new TypeError(`Loopback ClientID must not use "localhost" as redirect_uri hostname (got ${uri})`);
|
69
|
+
}
|
70
|
+
if (!(0, util_js_1.isLoopbackHost)(url.hostname)) {
|
71
|
+
throw new TypeError(`Loopback ClientID must use loopback addresses as redirect_uri's (got ${uri})`);
|
72
|
+
}
|
73
|
+
}
|
39
74
|
}
|
40
|
-
|
41
|
-
|
75
|
+
return {
|
76
|
+
scope,
|
77
|
+
redirect_uris,
|
78
|
+
};
|
42
79
|
}
|
43
80
|
exports.parseOAuthLoopbackClientId = parseOAuthLoopbackClientId;
|
44
81
|
//# sourceMappingURL=oauth-client-id-loopback.js.map
|
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"file":"oauth-client-id-loopback.js","sourceRoot":"","sources":["../src/oauth-client-id-loopback.ts"],"names":[],"mappings":";;;
|
1
|
+
{"version":3,"file":"oauth-client-id-loopback.js","sourceRoot":"","sources":["../src/oauth-client-id-loopback.ts"],"names":[],"mappings":";;;AACA,qDAA+D;AAC/D,uCAAmD;AAEnD,MAAM,4BAA4B,GAAG,kBAAkB,CAAA;AAKvD,SAAgB,uBAAuB,CACrC,QAAgB;IAEhB,IAAI,CAAC;QACH,0BAA0B,CAAC,QAAQ,CAAC,CAAA;QACpC,OAAO,IAAI,CAAA;IACb,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AATD,0DASC;AAED,SAAgB,2BAA2B,CACzC,QAAgB;IAEhB,KAAK,0BAA0B,CAAC,QAAQ,CAAC,CAAA;AAC3C,CAAC;AAJD,kEAIC;AAED,gFAAgF;AAChF,wBAAwB;AACxB,SAAgB,0BAA0B,CAAC,QAAgB;IAIzD,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,4BAA4B,CAAC,EAAE,CAAC;QACvD,MAAM,IAAI,SAAS,CACjB,sCAAsC,4BAA4B,GAAG,CACtE,CAAA;IACH,CAAC;SAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,EAAE,4BAA4B,CAAC,MAAM,CAAC,EAAE,CAAC;QACvE,MAAM,IAAI,SAAS,CAAC,qDAAqD,CAAC,CAAA;IAC5E,CAAC;IAED,MAAM,cAAc,GAClB,QAAQ,CAAC,MAAM,GAAG,4BAA4B,CAAC,MAAM;QACrD,QAAQ,CAAC,4BAA4B,CAAC,MAAM,CAAC,KAAK,GAAG;QACnD,CAAC,CAAC,4BAA4B,CAAC,MAAM,GAAG,CAAC;QACzC,CAAC,CAAC,4BAA4B,CAAC,MAAM,CAAA;IAEzC,IAAI,QAAQ,CAAC,MAAM,KAAK,cAAc,EAAE,CAAC;QACvC,OAAO,EAAE,CAAA,CAAC,2BAA2B;IACvC,CAAC;IAED,IAAI,QAAQ,CAAC,cAAc,CAAC,KAAK,GAAG,EAAE,CAAC;QACrC,MAAM,IAAI,SAAS,CAAC,qDAAqD,CAAC,CAAA;IAC5E,CAAC;IAED,MAAM,YAAY,GAAG,IAAI,eAAe,CAAC,QAAQ,CAAC,KAAK,CAAC,cAAc,GAAG,CAAC,CAAC,CAAC,CAAA;IAE5E,KAAK,MAAM,IAAI,IAAI,YAAY,CAAC,IAAI,EAAE,EAAE,CAAC;QACvC,IAAI,IAAI,KAAK,cAAc,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;YAChD,MAAM,IAAI,SAAS,CAAC,4BAA4B,IAAI,gBAAgB,CAAC,CAAA;QACvE,CAAC;IACH,CAAC;IAED,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAA;IACpD,IAAI,KAAK,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5C,MAAM,IAAI,SAAS,CACjB,kEAAkE,CACnE,CAAA;QACH,CAAC;aAAM,IAAI,CAAC,iCAAgB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC;YACtD,MAAM,IAAI,SAAS,CAAC,4CAA4C,CAAC,CAAA;QACnE,CAAC;IACH,CAAC;IAED,MAAM,aAAa,GAAG,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC;QACpD,CAAC,CAAE,YAAY,CAAC,MAAM,CAAC,cAAc,CAA2B;QAChE,CAAC,CAAC,SAAS,CAAA;IAEb,IAAI,aAAa,EAAE,CAAC;QAClB,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;YAChC,MAAM,GAAG,GAAG,IAAA,iBAAO,EAAC,GAAG,CAAC,CAAA;YACxB,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,SAAS,CAAC,sCAAsC,GAAG,EAAE,CAAC,CAAA;YAClE,CAAC;YACD,IAAI,GAAG,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;gBAC7B,MAAM,IAAI,SAAS,CACjB,0DAA0D,GAAG,GAAG,CACjE,CAAA;YACH,CAAC;YACD,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,EAAE,CAAC;gBACjC,MAAM,IAAI,SAAS,CACjB,4EAA4E,GAAG,GAAG,CACnF,CAAA;YACH,CAAC;YACD,IAAI,CAAC,IAAA,wBAAc,EAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAClC,MAAM,IAAI,SAAS,CACjB,wEAAwE,GAAG,GAAG,CAC/E,CAAA;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK;QACL,aAAa;KACd,CAAA;AACH,CAAC;AA7ED,gEA6EC"}
|
@@ -1427,9 +1427,9 @@ export declare const oauthClientMetadataSchema: z.ZodObject<{
|
|
1427
1427
|
authorization_details_types?: string[] | undefined;
|
1428
1428
|
}, {
|
1429
1429
|
redirect_uris: [string, ...string[]];
|
1430
|
+
scope?: string | undefined;
|
1430
1431
|
response_types?: ["code" | "none" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token", ...("code" | "none" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token")[]] | undefined;
|
1431
1432
|
grant_types?: ["authorization_code" | "implicit" | "refresh_token" | "password" | "client_credentials" | "urn:ietf:params:oauth:grant-type:jwt-bearer" | "urn:ietf:params:oauth:grant-type:saml2-bearer", ...("authorization_code" | "implicit" | "refresh_token" | "password" | "client_credentials" | "urn:ietf:params:oauth:grant-type:jwt-bearer" | "urn:ietf:params:oauth:grant-type:saml2-bearer")[]] | undefined;
|
1432
|
-
scope?: string | undefined;
|
1433
1433
|
token_endpoint_auth_method?: "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "none" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
|
1434
1434
|
token_endpoint_auth_signing_alg?: string | undefined;
|
1435
1435
|
userinfo_signed_response_alg?: string | undefined;
|
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"file":"oauth-client-metadata.d.ts","sourceRoot":"","sources":["../src/oauth-client-metadata.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;
|
1
|
+
{"version":3,"file":"oauth-client-metadata.d.ts","sourceRoot":"","sources":["../src/oauth-client-metadata.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAUvB,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAqCpC;;;;;;OAMG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAWH,CAAA;AAEF,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAA;AAC3E,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAA"}
|
@@ -7,6 +7,7 @@ const oauth_client_id_js_1 = require("./oauth-client-id.js");
|
|
7
7
|
const oauth_endpoint_auth_method_js_1 = require("./oauth-endpoint-auth-method.js");
|
8
8
|
const oauth_grant_type_js_1 = require("./oauth-grant-type.js");
|
9
9
|
const oauth_response_type_js_1 = require("./oauth-response-type.js");
|
10
|
+
const oauth_scope_js_1 = require("./oauth-scope.js");
|
10
11
|
// https://openid.net/specs/openid-connect-registration-1_0.html
|
11
12
|
// https://datatracker.ietf.org/doc/html/rfc7591
|
12
13
|
exports.oauthClientMetadataSchema = zod_1.z.object({
|
@@ -23,7 +24,7 @@ exports.oauthClientMetadataSchema = zod_1.z.object({
|
|
23
24
|
// > If omitted, the default behavior is that the client will use only the
|
24
25
|
// > "authorization_code" Grant Type.
|
25
26
|
.default(['authorization_code']),
|
26
|
-
scope:
|
27
|
+
scope: oauth_scope_js_1.oauthScopeSchema.optional(),
|
27
28
|
token_endpoint_auth_method: oauth_endpoint_auth_method_js_1.oauthEndpointAuthMethod
|
28
29
|
.default('none')
|
29
30
|
.optional(),
|
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"file":"oauth-client-metadata.js","sourceRoot":"","sources":["../src/oauth-client-metadata.ts"],"names":[],"mappings":";;;AAAA,sCAA4C;AAC5C,6BAAuB;AAEvB,6DAA0D;AAC1D,mFAAyE;AACzE,+DAA4D;AAC5D,qEAAkE;
|
1
|
+
{"version":3,"file":"oauth-client-metadata.js","sourceRoot":"","sources":["../src/oauth-client-metadata.ts"],"names":[],"mappings":";;;AAAA,sCAA4C;AAC5C,6BAAuB;AAEvB,6DAA0D;AAC1D,mFAAyE;AACzE,+DAA4D;AAC5D,qEAAkE;AAClE,qDAAmD;AAEnD,gEAAgE;AAChE,gDAAgD;AACnC,QAAA,yBAAyB,GAAG,OAAC,CAAC,MAAM,CAAC;IAChD,aAAa,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,QAAQ,EAAE;IACnD,cAAc,EAAE,OAAC;SACd,KAAK,CAAC,gDAAuB,CAAC;SAC9B,QAAQ,EAAE;QACX,wEAAwE;QACxE,mBAAmB;SAClB,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC;IACpB,WAAW,EAAE,OAAC;SACX,KAAK,CAAC,0CAAoB,CAAC;SAC3B,QAAQ,EAAE;QACX,0EAA0E;QAC1E,qCAAqC;SACpC,OAAO,CAAC,CAAC,oBAAoB,CAAC,CAAC;IAClC,KAAK,EAAE,iCAAgB,CAAC,QAAQ,EAAE;IAClC,0BAA0B,EAAE,uDAAuB;SAChD,OAAO,CAAC,MAAM,CAAC;SACf,QAAQ,EAAE;IACb,+BAA+B,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACtD,4BAA4B,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACnD,+BAA+B,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACtD,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACrC,IAAI,EAAE,mBAAa,CAAC,QAAQ,EAAE;IAC9B,gBAAgB,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,EAAE,EAAE,8BAA8B;IACrG,YAAY,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,QAAQ,EAAE;IACzE,0BAA0B,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACjD,4BAA4B,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACnD,iCAAiC,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE;IACzE,oCAAoC,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,QAAQ,EAAE;IAC1E,oCAAoC,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3D,SAAS,EAAE,wCAAmB,CAAC,QAAQ,EAAE;IACzC,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACvC,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACvC,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACpC,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAErC;;;;;;OAMG;IACH,eAAe,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACtC,iBAAiB,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACzC,QAAQ,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC,CAAC,QAAQ,EAAE;IAChD,0CAA0C,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAElE,4DAA4D;IAC5D,wBAAwB,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAEhD,6DAA6D;IAC7D,2BAA2B,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CAC5D,CAAC,CAAA"}
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-code-challenge-method.d.ts","sourceRoot":"","sources":["../src/oauth-code-challenge-method.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,8BAA8B,8BAA4B,CAAA"}
|
@@ -0,0 +1,6 @@
|
|
1
|
+
"use strict";
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
3
|
+
exports.oauthCodeChallengeMethodSchema = void 0;
|
4
|
+
const zod_1 = require("zod");
|
5
|
+
exports.oauthCodeChallengeMethodSchema = zod_1.z.enum(['S256', 'plain']);
|
6
|
+
//# sourceMappingURL=oauth-code-challenge-method.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-code-challenge-method.js","sourceRoot":"","sources":["../src/oauth-code-challenge-method.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEV,QAAA,8BAA8B,GAAG,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAA"}
|
@@ -0,0 +1,20 @@
|
|
1
|
+
import { OAuthAuthorizationDetails } from './oauth-authorization-details.js';
|
2
|
+
import { OAuthTokenType } from './oauth-token-type.js';
|
3
|
+
export type OAuthIntrospectionResponse = {
|
4
|
+
active: false;
|
5
|
+
} | {
|
6
|
+
active: true;
|
7
|
+
scope?: string;
|
8
|
+
client_id?: string;
|
9
|
+
username?: string;
|
10
|
+
token_type?: OAuthTokenType;
|
11
|
+
authorization_details?: OAuthAuthorizationDetails;
|
12
|
+
aud?: string | [string, ...string[]];
|
13
|
+
exp?: number;
|
14
|
+
iat?: number;
|
15
|
+
iss?: string;
|
16
|
+
jti?: string;
|
17
|
+
nbf?: number;
|
18
|
+
sub?: string;
|
19
|
+
};
|
20
|
+
//# sourceMappingURL=oauth-introspection-response.d.ts.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-introspection-response.d.ts","sourceRoot":"","sources":["../src/oauth-introspection-response.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,yBAAyB,EAAE,MAAM,kCAAkC,CAAA;AAC5E,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAA;AAGtD,MAAM,MAAM,0BAA0B,GAClC;IAAE,MAAM,EAAE,KAAK,CAAA;CAAE,GACjB;IACE,MAAM,EAAE,IAAI,CAAA;IAEZ,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,UAAU,CAAC,EAAE,cAAc,CAAA;IAC3B,qBAAqB,CAAC,EAAE,yBAAyB,CAAA;IAEjD,GAAG,CAAC,EAAE,MAAM,GAAG,CAAC,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC,CAAA;IACpC,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,GAAG,CAAC,EAAE,MAAM,CAAA;CACb,CAAA"}
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-introspection-response.js","sourceRoot":"","sources":["../src/oauth-introspection-response.ts"],"names":[],"mappings":""}
|
@@ -1,10 +1,13 @@
|
|
1
1
|
import { z } from 'zod';
|
2
2
|
export declare const oauthParResponseSchema: z.ZodObject<{
|
3
3
|
request_uri: z.ZodString;
|
4
|
+
expires_in: z.ZodNumber;
|
4
5
|
}, "strip", z.ZodTypeAny, {
|
5
6
|
request_uri: string;
|
7
|
+
expires_in: number;
|
6
8
|
}, {
|
7
9
|
request_uri: string;
|
10
|
+
expires_in: number;
|
8
11
|
}>;
|
9
12
|
export type OAuthParResponse = z.infer<typeof oauthParResponseSchema>;
|
10
13
|
//# sourceMappingURL=oauth-par-response.d.ts.map
|
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"file":"oauth-par-response.d.ts","sourceRoot":"","sources":["../src/oauth-par-response.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,sBAAsB
|
1
|
+
{"version":3,"file":"oauth-par-response.d.ts","sourceRoot":"","sources":["../src/oauth-par-response.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,sBAAsB;;;;;;;;;EAGjC,CAAA;AAEF,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAA"}
|
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"file":"oauth-par-response.js","sourceRoot":"","sources":["../src/oauth-par-response.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEV,QAAA,sBAAsB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC7C,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE;
|
1
|
+
{"version":3,"file":"oauth-par-response.js","sourceRoot":"","sources":["../src/oauth-par-response.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEV,QAAA,sBAAsB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC7C,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE;IACvB,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;CACxC,CAAC,CAAA"}
|
@@ -0,0 +1,16 @@
|
|
1
|
+
import { z } from 'zod';
|
2
|
+
export declare const oauthPasswordGrantTokenRequestSchema: z.ZodObject<{
|
3
|
+
grant_type: z.ZodLiteral<"password">;
|
4
|
+
username: z.ZodString;
|
5
|
+
password: z.ZodString;
|
6
|
+
}, "strip", z.ZodTypeAny, {
|
7
|
+
password: string;
|
8
|
+
grant_type: "password";
|
9
|
+
username: string;
|
10
|
+
}, {
|
11
|
+
password: string;
|
12
|
+
grant_type: "password";
|
13
|
+
username: string;
|
14
|
+
}>;
|
15
|
+
export type OAuthPasswordGrantTokenRequest = z.infer<typeof oauthPasswordGrantTokenRequestSchema>;
|
16
|
+
//# sourceMappingURL=oauth-password-grant-token-request.d.ts.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-password-grant-token-request.d.ts","sourceRoot":"","sources":["../src/oauth-password-grant-token-request.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,oCAAoC;;;;;;;;;;;;EAI/C,CAAA;AAEF,MAAM,MAAM,8BAA8B,GAAG,CAAC,CAAC,KAAK,CAClD,OAAO,oCAAoC,CAC5C,CAAA"}
|
@@ -0,0 +1,10 @@
|
|
1
|
+
"use strict";
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
3
|
+
exports.oauthPasswordGrantTokenRequestSchema = void 0;
|
4
|
+
const zod_1 = require("zod");
|
5
|
+
exports.oauthPasswordGrantTokenRequestSchema = zod_1.z.object({
|
6
|
+
grant_type: zod_1.z.literal('password'),
|
7
|
+
username: zod_1.z.string(),
|
8
|
+
password: zod_1.z.string(),
|
9
|
+
});
|
10
|
+
//# sourceMappingURL=oauth-password-grant-token-request.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-password-grant-token-request.js","sourceRoot":"","sources":["../src/oauth-password-grant-token-request.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEV,QAAA,oCAAoC,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3D,UAAU,EAAE,OAAC,CAAC,OAAO,CAAC,UAAU,CAAC;IACjC,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE;IACpB,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE;CACrB,CAAC,CAAA"}
|
@@ -0,0 +1,16 @@
|
|
1
|
+
import { z } from 'zod';
|
2
|
+
export declare const oauthRefreshTokenGrantTokenRequestSchema: z.ZodObject<{
|
3
|
+
grant_type: z.ZodLiteral<"refresh_token">;
|
4
|
+
refresh_token: z.ZodString;
|
5
|
+
client_id: z.ZodString;
|
6
|
+
}, "strip", z.ZodTypeAny, {
|
7
|
+
refresh_token: string;
|
8
|
+
client_id: string;
|
9
|
+
grant_type: "refresh_token";
|
10
|
+
}, {
|
11
|
+
refresh_token: string;
|
12
|
+
client_id: string;
|
13
|
+
grant_type: "refresh_token";
|
14
|
+
}>;
|
15
|
+
export type OAuthRefreshTokenGrantTokenRequest = z.infer<typeof oauthRefreshTokenGrantTokenRequestSchema>;
|
16
|
+
//# sourceMappingURL=oauth-refresh-token-grant-token-request.d.ts.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-refresh-token-grant-token-request.d.ts","sourceRoot":"","sources":["../src/oauth-refresh-token-grant-token-request.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAIvB,eAAO,MAAM,wCAAwC;;;;;;;;;;;;EAInD,CAAA;AAEF,MAAM,MAAM,kCAAkC,GAAG,CAAC,CAAC,KAAK,CACtD,OAAO,wCAAwC,CAChD,CAAA"}
|
@@ -0,0 +1,12 @@
|
|
1
|
+
"use strict";
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
3
|
+
exports.oauthRefreshTokenGrantTokenRequestSchema = void 0;
|
4
|
+
const zod_1 = require("zod");
|
5
|
+
const oauth_client_id_js_1 = require("./oauth-client-id.js");
|
6
|
+
const oauth_refresh_token_js_1 = require("./oauth-refresh-token.js");
|
7
|
+
exports.oauthRefreshTokenGrantTokenRequestSchema = zod_1.z.object({
|
8
|
+
grant_type: zod_1.z.literal('refresh_token'),
|
9
|
+
refresh_token: oauth_refresh_token_js_1.oauthRefreshTokenSchema,
|
10
|
+
client_id: oauth_client_id_js_1.oauthClientIdSchema,
|
11
|
+
});
|
12
|
+
//# sourceMappingURL=oauth-refresh-token-grant-token-request.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-refresh-token-grant-token-request.js","sourceRoot":"","sources":["../src/oauth-refresh-token-grant-token-request.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,6DAA0D;AAC1D,qEAAkE;AAErD,QAAA,wCAAwC,GAAG,OAAC,CAAC,MAAM,CAAC;IAC/D,UAAU,EAAE,OAAC,CAAC,OAAO,CAAC,eAAe,CAAC;IACtC,aAAa,EAAE,gDAAuB;IACtC,SAAS,EAAE,wCAAmB;CAC/B,CAAC,CAAA"}
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-refresh-token.d.ts","sourceRoot":"","sources":["../src/oauth-refresh-token.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,uBAAuB,aAAoB,CAAA;AACxD,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,uBAAuB,CAAC,CAAA"}
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-refresh-token.js","sourceRoot":"","sources":["../src/oauth-refresh-token.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEV,QAAA,uBAAuB,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA"}
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-request-uri.d.ts","sourceRoot":"","sources":["../src/oauth-request-uri.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,qBAAqB,aAAa,CAAA;AAE/C,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAA"}
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-request-uri.js","sourceRoot":"","sources":["../src/oauth-request-uri.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEV,QAAA,qBAAqB,GAAG,OAAC,CAAC,MAAM,EAAE,CAAA"}
|
@@ -0,0 +1,10 @@
|
|
1
|
+
import { z } from 'zod';
|
2
|
+
/**
|
3
|
+
* A space separated list of most non-control ASCII characters except backslash
|
4
|
+
* and double quote.
|
5
|
+
*
|
6
|
+
* @see {@link https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-11#section-1.4.1}
|
7
|
+
*/
|
8
|
+
export declare const oauthScopeSchema: z.ZodString;
|
9
|
+
export type OAuthScope = z.infer<typeof oauthScopeSchema>;
|
10
|
+
//# sourceMappingURL=oauth-scope.d.ts.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-scope.d.ts","sourceRoot":"","sources":["../src/oauth-scope.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB;;;;;GAKG;AACH,eAAO,MAAM,gBAAgB,aAIyC,CAAA;AAEtE,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAA"}
|
@@ -0,0 +1,16 @@
|
|
1
|
+
"use strict";
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
3
|
+
exports.oauthScopeSchema = void 0;
|
4
|
+
const zod_1 = require("zod");
|
5
|
+
/**
|
6
|
+
* A space separated list of most non-control ASCII characters except backslash
|
7
|
+
* and double quote.
|
8
|
+
*
|
9
|
+
* @see {@link https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-11#section-1.4.1}
|
10
|
+
*/
|
11
|
+
exports.oauthScopeSchema = zod_1.z
|
12
|
+
.string()
|
13
|
+
// scope = scope-token *( SP scope-token )
|
14
|
+
// scope-token = 1*( %x21 / %x23-5B / %x5D-7E )
|
15
|
+
.regex(/^[\x21\x23-\x5B\x5D-\x7E]+(?: [\x21\x23-\x5B\x5D-\x7E]+)*$/);
|
16
|
+
//# sourceMappingURL=oauth-scope.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-scope.js","sourceRoot":"","sources":["../src/oauth-scope.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEvB;;;;;GAKG;AACU,QAAA,gBAAgB,GAAG,OAAC;KAC9B,MAAM,EAAE;IACT,gDAAgD;IAChD,+CAA+C;KAC9C,KAAK,CAAC,4DAA4D,CAAC,CAAA"}
|
@@ -0,0 +1,13 @@
|
|
1
|
+
import { z } from 'zod';
|
2
|
+
export declare const oauthTokenIdentificationSchema: z.ZodObject<{
|
3
|
+
token: z.ZodUnion<[z.ZodString, z.ZodString]>;
|
4
|
+
token_type_hint: z.ZodOptional<z.ZodEnum<["access_token", "refresh_token"]>>;
|
5
|
+
}, "strip", z.ZodTypeAny, {
|
6
|
+
token: string;
|
7
|
+
token_type_hint?: "refresh_token" | "access_token" | undefined;
|
8
|
+
}, {
|
9
|
+
token: string;
|
10
|
+
token_type_hint?: "refresh_token" | "access_token" | undefined;
|
11
|
+
}>;
|
12
|
+
export type OAuthTokenIdentification = z.infer<typeof oauthTokenIdentificationSchema>;
|
13
|
+
//# sourceMappingURL=oauth-token-identification.d.ts.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-token-identification.d.ts","sourceRoot":"","sources":["../src/oauth-token-identification.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAIvB,eAAO,MAAM,8BAA8B;;;;;;;;;EAGzC,CAAA;AAEF,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAC5C,OAAO,8BAA8B,CACtC,CAAA"}
|
@@ -0,0 +1,11 @@
|
|
1
|
+
"use strict";
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
3
|
+
exports.oauthTokenIdentificationSchema = void 0;
|
4
|
+
const zod_1 = require("zod");
|
5
|
+
const oauth_access_token_js_1 = require("./oauth-access-token.js");
|
6
|
+
const oauth_refresh_token_js_1 = require("./oauth-refresh-token.js");
|
7
|
+
exports.oauthTokenIdentificationSchema = zod_1.z.object({
|
8
|
+
token: zod_1.z.union([oauth_access_token_js_1.oauthAccessTokenSchema, oauth_refresh_token_js_1.oauthRefreshTokenSchema]),
|
9
|
+
token_type_hint: zod_1.z.enum(['access_token', 'refresh_token']).optional(),
|
10
|
+
});
|
11
|
+
//# sourceMappingURL=oauth-token-identification.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-token-identification.js","sourceRoot":"","sources":["../src/oauth-token-identification.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,mEAAgE;AAChE,qEAAkE;AAErD,QAAA,8BAA8B,GAAG,OAAC,CAAC,MAAM,CAAC;IACrD,KAAK,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,8CAAsB,EAAE,gDAAuB,CAAC,CAAC;IACjE,eAAe,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,cAAc,EAAE,eAAe,CAAC,CAAC,CAAC,QAAQ,EAAE;CACtE,CAAC,CAAA"}
|
@@ -0,0 +1,49 @@
|
|
1
|
+
import { z } from 'zod';
|
2
|
+
export declare const oauthTokenRequestSchema: z.ZodDiscriminatedUnion<"grant_type", [z.ZodObject<{
|
3
|
+
grant_type: z.ZodLiteral<"authorization_code">;
|
4
|
+
code: z.ZodString;
|
5
|
+
redirect_uri: z.ZodString;
|
6
|
+
code_verifier: z.ZodOptional<z.ZodString>;
|
7
|
+
}, "strip", z.ZodTypeAny, {
|
8
|
+
code: string;
|
9
|
+
redirect_uri: string;
|
10
|
+
grant_type: "authorization_code";
|
11
|
+
code_verifier?: string | undefined;
|
12
|
+
}, {
|
13
|
+
code: string;
|
14
|
+
redirect_uri: string;
|
15
|
+
grant_type: "authorization_code";
|
16
|
+
code_verifier?: string | undefined;
|
17
|
+
}>, z.ZodObject<{
|
18
|
+
grant_type: z.ZodLiteral<"refresh_token">;
|
19
|
+
refresh_token: z.ZodString;
|
20
|
+
client_id: z.ZodString;
|
21
|
+
}, "strip", z.ZodTypeAny, {
|
22
|
+
refresh_token: string;
|
23
|
+
client_id: string;
|
24
|
+
grant_type: "refresh_token";
|
25
|
+
}, {
|
26
|
+
refresh_token: string;
|
27
|
+
client_id: string;
|
28
|
+
grant_type: "refresh_token";
|
29
|
+
}>, z.ZodObject<{
|
30
|
+
grant_type: z.ZodLiteral<"password">;
|
31
|
+
username: z.ZodString;
|
32
|
+
password: z.ZodString;
|
33
|
+
}, "strip", z.ZodTypeAny, {
|
34
|
+
password: string;
|
35
|
+
grant_type: "password";
|
36
|
+
username: string;
|
37
|
+
}, {
|
38
|
+
password: string;
|
39
|
+
grant_type: "password";
|
40
|
+
username: string;
|
41
|
+
}>, z.ZodObject<{
|
42
|
+
grant_type: z.ZodLiteral<"client_credentials">;
|
43
|
+
}, "strip", z.ZodTypeAny, {
|
44
|
+
grant_type: "client_credentials";
|
45
|
+
}, {
|
46
|
+
grant_type: "client_credentials";
|
47
|
+
}>]>;
|
48
|
+
export type OAuthTokenRequest = z.infer<typeof oauthTokenRequestSchema>;
|
49
|
+
//# sourceMappingURL=oauth-token-request.d.ts.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-token-request.d.ts","sourceRoot":"","sources":["../src/oauth-token-request.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAMvB,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAKlC,CAAA;AAEF,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,uBAAuB,CAAC,CAAA"}
|
@@ -0,0 +1,15 @@
|
|
1
|
+
"use strict";
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
3
|
+
exports.oauthTokenRequestSchema = void 0;
|
4
|
+
const zod_1 = require("zod");
|
5
|
+
const oauth_authorization_code_grant_token_request_js_1 = require("./oauth-authorization-code-grant-token-request.js");
|
6
|
+
const oauth_client_credentials_grant_token_request_js_1 = require("./oauth-client-credentials-grant-token-request.js");
|
7
|
+
const oauth_password_grant_token_request_js_1 = require("./oauth-password-grant-token-request.js");
|
8
|
+
const oauth_refresh_token_grant_token_request_js_1 = require("./oauth-refresh-token-grant-token-request.js");
|
9
|
+
exports.oauthTokenRequestSchema = zod_1.z.discriminatedUnion('grant_type', [
|
10
|
+
oauth_authorization_code_grant_token_request_js_1.oauthAuthorizationCodeGrantTokenRequestSchema,
|
11
|
+
oauth_refresh_token_grant_token_request_js_1.oauthRefreshTokenGrantTokenRequestSchema,
|
12
|
+
oauth_password_grant_token_request_js_1.oauthPasswordGrantTokenRequestSchema,
|
13
|
+
oauth_client_credentials_grant_token_request_js_1.oauthClientCredentialsGrantTokenRequestSchema,
|
14
|
+
]);
|
15
|
+
//# sourceMappingURL=oauth-token-request.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"oauth-token-request.js","sourceRoot":"","sources":["../src/oauth-token-request.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,uHAAiH;AACjH,uHAAiH;AACjH,mGAA8F;AAC9F,6GAAuG;AAE1F,QAAA,uBAAuB,GAAG,OAAC,CAAC,kBAAkB,CAAC,YAAY,EAAE;IACxE,+FAA6C;IAC7C,qFAAwC;IACxC,4EAAoC;IACpC,+FAA6C;CAC9C,CAAC,CAAA"}
|
package/dist/util.d.ts
CHANGED
@@ -1,6 +1,7 @@
|
|
1
|
-
export declare function
|
1
|
+
export declare function isHostnameIP(hostname: string): boolean;
|
2
2
|
export type LoopbackHost = 'localhost' | '127.0.0.1' | '[::1]';
|
3
3
|
export declare function isLoopbackHost(host: unknown): host is LoopbackHost;
|
4
4
|
export declare function isLoopbackUrl(input: URL | string): boolean;
|
5
5
|
export declare function safeUrl(input: URL | string): URL | null;
|
6
|
+
export declare function extractUrlPath(url: any): any;
|
6
7
|
//# sourceMappingURL=util.d.ts.map
|
package/dist/util.d.ts.map
CHANGED
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":"AAAA,wBAAgB,
|
1
|
+
{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":"AAAA,wBAAgB,YAAY,CAAC,QAAQ,EAAE,MAAM,WAQ5C;AAED,MAAM,MAAM,YAAY,GAAG,WAAW,GAAG,WAAW,GAAG,OAAO,CAAA;AAE9D,wBAAgB,cAAc,CAAC,IAAI,EAAE,OAAO,GAAG,IAAI,IAAI,YAAY,CAElE;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,GAAG,GAAG,MAAM,GAAG,OAAO,CAG1D;AAED,wBAAgB,OAAO,CAAC,KAAK,EAAE,GAAG,GAAG,MAAM,GAAG,GAAG,GAAG,IAAI,CAMvD;AAED,wBAAgB,cAAc,CAAC,GAAG,KAAA,OAsCjC"}
|
package/dist/util.js
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
"use strict";
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
3
|
-
exports.safeUrl = exports.isLoopbackUrl = exports.isLoopbackHost = exports.
|
4
|
-
function
|
3
|
+
exports.extractUrlPath = exports.safeUrl = exports.isLoopbackUrl = exports.isLoopbackHost = exports.isHostnameIP = void 0;
|
4
|
+
function isHostnameIP(hostname) {
|
5
5
|
// IPv4
|
6
6
|
if (hostname.match(/^\d+\.\d+\.\d+\.\d+$/))
|
7
7
|
return true;
|
@@ -10,7 +10,7 @@ function isIP(hostname) {
|
|
10
10
|
return true;
|
11
11
|
return false;
|
12
12
|
}
|
13
|
-
exports.
|
13
|
+
exports.isHostnameIP = isHostnameIP;
|
14
14
|
function isLoopbackHost(host) {
|
15
15
|
return host === 'localhost' || host === '127.0.0.1' || host === '[::1]';
|
16
16
|
}
|
@@ -29,4 +29,35 @@ function safeUrl(input) {
|
|
29
29
|
}
|
30
30
|
}
|
31
31
|
exports.safeUrl = safeUrl;
|
32
|
+
function extractUrlPath(url) {
|
33
|
+
// Extracts the path from a URL, without relying on the URL constructor
|
34
|
+
// (because it normalizes the URL)
|
35
|
+
const endOfProtocol = url.startsWith('https://')
|
36
|
+
? 8
|
37
|
+
: url.startsWith('http://')
|
38
|
+
? 7
|
39
|
+
: -1;
|
40
|
+
if (endOfProtocol === -1) {
|
41
|
+
throw new TypeError('URL must use the "https:" or "http:" protocol');
|
42
|
+
}
|
43
|
+
const hashIdx = url.indexOf('#', endOfProtocol);
|
44
|
+
const questionIdx = url.indexOf('?', endOfProtocol);
|
45
|
+
const queryStrIdx = questionIdx !== -1 && (hashIdx === -1 || questionIdx < hashIdx)
|
46
|
+
? questionIdx
|
47
|
+
: -1;
|
48
|
+
const pathEnd = hashIdx === -1
|
49
|
+
? queryStrIdx === -1
|
50
|
+
? url.length
|
51
|
+
: queryStrIdx
|
52
|
+
: queryStrIdx === -1
|
53
|
+
? hashIdx
|
54
|
+
: Math.min(hashIdx, queryStrIdx);
|
55
|
+
const slashIdx = url.indexOf('/', endOfProtocol);
|
56
|
+
const pathStart = slashIdx === -1 || slashIdx > pathEnd ? pathEnd : slashIdx;
|
57
|
+
if (endOfProtocol === pathStart) {
|
58
|
+
throw new TypeError('URL must contain a host');
|
59
|
+
}
|
60
|
+
return url.substring(pathStart, pathEnd);
|
61
|
+
}
|
62
|
+
exports.extractUrlPath = extractUrlPath;
|
32
63
|
//# sourceMappingURL=util.js.map
|
package/dist/util.js.map
CHANGED
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":";;;AAAA,SAAgB,
|
1
|
+
{"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":";;;AAAA,SAAgB,YAAY,CAAC,QAAgB;IAC3C,OAAO;IACP,IAAI,QAAQ,CAAC,KAAK,CAAC,sBAAsB,CAAC;QAAE,OAAO,IAAI,CAAA;IAEvD,OAAO;IACP,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAA;IAEnE,OAAO,KAAK,CAAA;AACd,CAAC;AARD,oCAQC;AAID,SAAgB,cAAc,CAAC,IAAa;IAC1C,OAAO,IAAI,KAAK,WAAW,IAAI,IAAI,KAAK,WAAW,IAAI,IAAI,KAAK,OAAO,CAAA;AACzE,CAAC;AAFD,wCAEC;AAED,SAAgB,aAAa,CAAC,KAAmB;IAC/C,MAAM,GAAG,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAC9D,OAAO,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;AACrC,CAAC;AAHD,sCAGC;AAED,SAAgB,OAAO,CAAC,KAAmB;IACzC,IAAI,CAAC;QACH,OAAO,IAAI,GAAG,CAAC,KAAK,CAAC,CAAA;IACvB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC;AAND,0BAMC;AAED,SAAgB,cAAc,CAAC,GAAG;IAChC,uEAAuE;IACvE,kCAAkC;IAClC,MAAM,aAAa,GAAG,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC;QAC9C,CAAC,CAAC,CAAC;QACH,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC;YACzB,CAAC,CAAC,CAAC;YACH,CAAC,CAAC,CAAC,CAAC,CAAA;IACR,IAAI,aAAa,KAAK,CAAC,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,SAAS,CAAC,+CAA+C,CAAC,CAAA;IACtE,CAAC;IAED,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,aAAa,CAAC,CAAA;IAC/C,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,aAAa,CAAC,CAAA;IAEnD,MAAM,WAAW,GACf,WAAW,KAAK,CAAC,CAAC,IAAI,CAAC,OAAO,KAAK,CAAC,CAAC,IAAI,WAAW,GAAG,OAAO,CAAC;QAC7D,CAAC,CAAC,WAAW;QACb,CAAC,CAAC,CAAC,CAAC,CAAA;IAER,MAAM,OAAO,GACX,OAAO,KAAK,CAAC,CAAC;QACZ,CAAC,CAAC,WAAW,KAAK,CAAC,CAAC;YAClB,CAAC,CAAC,GAAG,CAAC,MAAM;YACZ,CAAC,CAAC,WAAW;QACf,CAAC,CAAC,WAAW,KAAK,CAAC,CAAC;YAClB,CAAC,CAAC,OAAO;YACT,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAA;IAEtC,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,aAAa,CAAC,CAAA;IAEhD,MAAM,SAAS,GAAG,QAAQ,KAAK,CAAC,CAAC,IAAI,QAAQ,GAAG,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAA;IAE5E,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;QAChC,MAAM,IAAI,SAAS,CAAC,yBAAyB,CAAC,CAAA;IAChD,CAAC;IAED,OAAO,GAAG,CAAC,SAAS,CAAC,SAAS,EAAE,OAAO,CAAC,CAAA;AAC1C,CAAC;AAtCD,wCAsCC"}
|