@authly/sdk 1.0.2 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/config.d.ts +1 -0
  2. package/dist/config.js +2 -1
  3. package/dist/globals/clients/AuthlyClient.d.ts +44 -2
  4. package/dist/globals/clients/AuthlyClient.js +22 -2
  5. package/package.json +1 -1
package/dist/config.d.ts CHANGED
@@ -1,2 +1,3 @@
1
1
  export declare const DEFAULT_JWKS_PATH = "/.well-known/jwks.json";
2
+ export declare const DEFAULT_AUTHORIZE_PATH = "/v1/oauth/authorize";
2
3
  export declare const DEFAULT_ALGORITHMS: string[];
package/dist/config.js CHANGED
@@ -1,5 +1,6 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.DEFAULT_ALGORITHMS = exports.DEFAULT_JWKS_PATH = void 0;
3
+ exports.DEFAULT_ALGORITHMS = exports.DEFAULT_AUTHORIZE_PATH = exports.DEFAULT_JWKS_PATH = void 0;
4
4
  exports.DEFAULT_JWKS_PATH = "/.well-known/jwks.json";
5
+ exports.DEFAULT_AUTHORIZE_PATH = "/v1/oauth/authorize";
5
6
  exports.DEFAULT_ALGORITHMS = ["RS256"];
package/dist/globals/clients/AuthlyClient.d.ts CHANGED
@@ -19,22 +19,64 @@ export interface AuthlyClientOptions {
19
19
  * The path to the JWKS endpoint relative to the issuer. Defaults to "/.well-known/jwks.json".
20
20
  */
21
21
  jwksPath?: string;
22
+ /**
23
+ * The path to the authorize endpoint relative to the issuer. Defaults to "/v1/oauth/authorize".
24
+ */
25
+ authorizePath?: string;
22
26
  /**
23
27
  * A list of allowed signing algorithms. If omitted, defaults to ["RS256"].
24
28
  */
25
29
  algorithms?: string[];
26
30
  }
27
31
  /**
28
- * A client for verifying Authly JWT tokens.
32
+ * Options for generating an authorization URL.
33
+ */
34
+ export interface AuthorizeUrlOptions {
35
+ /**
36
+ * The URI to redirect back to after authentication.
37
+ */
38
+ redirectUri: string;
39
+ /**
40
+ * A unique state string to prevent CSRF.
41
+ */
42
+ state: string;
43
+ /**
44
+ * The PKCE code challenge.
45
+ */
46
+ codeChallenge: string;
47
+ /**
48
+ * The PKCE code challenge method. Defaults to "S256".
49
+ */
50
+ codeChallengeMethod?: "S256" | "plain";
51
+ /**
52
+ * The requested scopes. Defaults to "openid profile email".
53
+ */
54
+ scope?: string;
55
+ /**
56
+ * The OAuth2 response type. Defaults to "code".
57
+ */
58
+ responseType?: string;
59
+ }
60
+ /**
61
+ * A client for interacting with Authly.
29
62
  *
30
63
  * This client handles the validation of tokens against a specific issuer and audience,
31
- * fetching the public keys (JWKS) automatically.
64
+ * fetching the public keys (JWKS) automatically, and provides utilities for
65
+ * starting the OAuth2 flow.
32
66
  */
33
67
  export declare class AuthlyClient {
34
68
  private readonly verifier;
35
69
  private readonly serviceId;
36
70
  private readonly issuer;
71
+ private readonly authorizePath;
37
72
  constructor(options: AuthlyClientOptions);
73
+ /**
74
+ * Generate the authorization URL to redirect the user to.
75
+ *
76
+ * @param options - Options for generating the URL.
77
+ * @returns The full authorization URL.
78
+ */
79
+ getAuthorizeUrl(options: AuthorizeUrlOptions): string;
38
80
  /**
39
81
  * Verify a JWT token and return its decoded claims.
40
82
  *
package/dist/globals/clients/AuthlyClient.js CHANGED
@@ -4,19 +4,22 @@ exports.AuthlyClient = void 0;
4
4
  const config_1 = require("../../config");
5
5
  const JWTVerifier_1 = require("./internal/JWTVerifier");
6
6
  /**
7
- * A client for verifying Authly JWT tokens.
7
+ * A client for interacting with Authly.
8
8
  *
9
9
  * This client handles the validation of tokens against a specific issuer and audience,
10
- * fetching the public keys (JWKS) automatically.
10
+ * fetching the public keys (JWKS) automatically, and provides utilities for
11
+ * starting the OAuth2 flow.
11
12
  */
12
13
  class AuthlyClient {
13
14
  verifier;
14
15
  serviceId;
15
16
  issuer;
17
+ authorizePath;
16
18
  constructor(options) {
17
19
  this.issuer = options.issuer.replace(/\/$/, "");
18
20
  this.serviceId = options.serviceId;
19
21
  const jwksPath = options.jwksPath || config_1.DEFAULT_JWKS_PATH;
22
+ this.authorizePath = options.authorizePath || config_1.DEFAULT_AUTHORIZE_PATH;
20
23
  this.verifier = new JWTVerifier_1.JWTVerifier({
21
24
  issuer: this.issuer,
22
25
  audience: options.audience,
@@ -24,6 +27,23 @@ class AuthlyClient {
24
27
  algorithms: options.algorithms,
25
28
  });
26
29
  }
30
+ /**
31
+ * Generate the authorization URL to redirect the user to.
32
+ *
33
+ * @param options - Options for generating the URL.
34
+ * @returns The full authorization URL.
35
+ */
36
+ getAuthorizeUrl(options) {
37
+ const url = new URL(`${this.issuer}${this.authorizePath}`);
38
+ url.searchParams.set("client_id", this.serviceId);
39
+ url.searchParams.set("redirect_uri", options.redirectUri);
40
+ url.searchParams.set("response_type", options.responseType || "code");
41
+ url.searchParams.set("scope", options.scope || "openid profile email");
42
+ url.searchParams.set("state", options.state);
43
+ url.searchParams.set("code_challenge", options.codeChallenge);
44
+ url.searchParams.set("code_challenge_method", options.codeChallengeMethod || "S256");
45
+ return url.toString();
46
+ }
27
47
  /**
28
48
  * Verify a JWT token and return its decoded claims.
29
49
  *
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@authly/sdk",
3
3
  "description": "A library for building authentication systems using Authly.",
4
- "version": "1.0.2",
4
+ "version": "1.1.0",
5
5
  "author": {
6
6
  "name": "Anvoria",
7
7
  "url": "https://github.com/Anvoria"