@authup/server-kit 1.0.0-beta.4 → 1.0.0-beta.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (33) hide show
  1. package/dist/crypto/hash/hash.d.ts +1 -1
  2. package/dist/crypto/hash/hash.d.ts.map +1 -1
  3. package/dist/crypto/json-web-token/extract.d.ts +11 -0
  4. package/dist/crypto/json-web-token/extract.d.ts.map +1 -0
  5. package/dist/crypto/json-web-token/index.d.ts +1 -1
  6. package/dist/crypto/json-web-token/index.d.ts.map +1 -1
  7. package/dist/crypto/json-web-token/sign/index.d.ts +3 -0
  8. package/dist/crypto/json-web-token/sign/index.d.ts.map +1 -0
  9. package/dist/crypto/json-web-token/sign/module.d.ts +4 -0
  10. package/dist/crypto/json-web-token/sign/module.d.ts.map +1 -0
  11. package/dist/crypto/json-web-token/sign/types.d.ts +24 -0
  12. package/dist/crypto/json-web-token/sign/types.d.ts.map +1 -0
  13. package/dist/crypto/json-web-token/type.d.ts +4 -33
  14. package/dist/crypto/json-web-token/type.d.ts.map +1 -1
  15. package/dist/crypto/json-web-token/utils.d.ts +4 -1
  16. package/dist/crypto/json-web-token/utils.d.ts.map +1 -1
  17. package/dist/crypto/json-web-token/verify/index.d.ts +3 -0
  18. package/dist/crypto/json-web-token/verify/index.d.ts.map +1 -0
  19. package/dist/crypto/json-web-token/verify/module.d.ts +12 -0
  20. package/dist/crypto/json-web-token/verify/module.d.ts.map +1 -0
  21. package/dist/crypto/json-web-token/verify/types.d.ts +21 -0
  22. package/dist/crypto/json-web-token/verify/types.d.ts.map +1 -0
  23. package/dist/index.cjs +182 -79
  24. package/dist/index.cjs.map +1 -1
  25. package/dist/index.mjs +182 -80
  26. package/dist/index.mjs.map +1 -1
  27. package/package.json +6 -7
  28. package/dist/crypto/json-web-token/decode.d.ts +0 -15
  29. package/dist/crypto/json-web-token/decode.d.ts.map +0 -1
  30. package/dist/crypto/json-web-token/sign.d.ts +0 -4
  31. package/dist/crypto/json-web-token/sign.d.ts.map +0 -1
  32. package/dist/crypto/json-web-token/verify.d.ts +0 -15
  33. package/dist/crypto/json-web-token/verify.d.ts.map +0 -1
package/dist/crypto/hash/hash.d.ts CHANGED
@@ -1,2 +1,2 @@
1
- export declare function hash(str: string, saltOrRounds?: number | string): Promise<string>;
1
+ export declare function hash(str: string, rounds?: number): Promise<string>;
2
2
  //# sourceMappingURL=hash.d.ts.map
package/dist/crypto/hash/hash.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"hash.d.ts","sourceRoot":"","sources":["../../../src/crypto/hash/hash.ts"],"names":[],"mappings":"AASA,wBAAsB,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,YAAY,GAAE,MAAM,GAAG,MAAW,GAAI,OAAO,CAAC,MAAM,CAAC,CAE5F"}
1
+ {"version":3,"file":"hash.d.ts","sourceRoot":"","sources":["../../../src/crypto/hash/hash.ts"],"names":[],"mappings":"AASA,wBAAsB,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,GAAE,MAAW,GAAI,OAAO,CAAC,MAAM,CAAC,CAE7E"}
package/dist/crypto/json-web-token/extract.d.ts ADDED
@@ -0,0 +1,11 @@
1
+ import type { JWTClaims, JWTHeader } from '@authup/core';
2
+ /**
3
+ * Decode a JWT token with no verification.
4
+ *
5
+ * @param token
6
+ *
7
+ * @throws TokenError
8
+ */
9
+ export declare function extractTokenHeader(token: string): JWTHeader;
10
+ export declare function extractTokenPayload(token: string): JWTClaims;
11
+ //# sourceMappingURL=extract.d.ts.map
package/dist/crypto/json-web-token/extract.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"extract.d.ts","sourceRoot":"","sources":["../../../src/crypto/json-web-token/extract.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAGzD;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAC9B,KAAK,EAAE,MAAM,GACb,SAAS,CA6BZ;AAED,wBAAgB,mBAAmB,CAC/B,KAAK,EAAE,MAAM,GACb,SAAS,CAeZ"}
package/dist/crypto/json-web-token/index.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- export * from './decode';
1
+ export * from './extract';
2
2
  export * from './sign';
3
3
  export * from './type';
4
4
  export * from './verify';
package/dist/crypto/json-web-token/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/crypto/json-web-token/index.ts"],"names":[],"mappings":"AAOA,cAAc,UAAU,CAAC;AACzB,cAAc,QAAQ,CAAC;AACvB,cAAc,QAAQ,CAAC;AACvB,cAAc,UAAU,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/crypto/json-web-token/index.ts"],"names":[],"mappings":"AAOA,cAAc,WAAW,CAAC;AAC1B,cAAc,QAAQ,CAAC;AACvB,cAAc,QAAQ,CAAC;AACvB,cAAc,UAAU,CAAC"}
package/dist/crypto/json-web-token/sign/index.d.ts ADDED
@@ -0,0 +1,3 @@
1
+ export * from './module';
2
+ export * from './types';
3
+ //# sourceMappingURL=index.d.ts.map
package/dist/crypto/json-web-token/sign/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/crypto/json-web-token/sign/index.ts"],"names":[],"mappings":"AAOA,cAAc,UAAU,CAAC;AACzB,cAAc,SAAS,CAAC"}
package/dist/crypto/json-web-token/sign/module.d.ts ADDED
@@ -0,0 +1,4 @@
1
+ import type { JWTClaims } from '@authup/core';
2
+ import type { TokenSignOptions } from './types';
3
+ export declare function signToken(claims: JWTClaims, context: TokenSignOptions): Promise<string>;
4
+ //# sourceMappingURL=module.d.ts.map
package/dist/crypto/json-web-token/sign/module.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"module.d.ts","sourceRoot":"","sources":["../../../../src/crypto/json-web-token/sign/module.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAK9C,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,SAAS,CAAC;AAIhD,wBAAsB,SAAS,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,MAAM,CAAC,CA6C7F"}
package/dist/crypto/json-web-token/sign/types.d.ts ADDED
@@ -0,0 +1,24 @@
1
+ /// <reference types="node" />
2
+ import type { KeyType } from '@authup/core';
3
+ import type { KeyPair, KeyPairOptions } from '../../key-pair';
4
+ import type { TokenECAlgorithm, TokenOCTAlgorithm, TokenRSAAlgorithm } from '../type';
5
+ export type TokenSignBaseOptions = {
6
+ keyId?: string;
7
+ };
8
+ export type TokenSignRSAOptions = TokenSignBaseOptions & {
9
+ type: `${KeyType.RSA}` | KeyType.RSA;
10
+ algorithm?: TokenRSAAlgorithm;
11
+ keyPair: KeyPair | Partial<KeyPairOptions> | string;
12
+ };
13
+ export type TokenSignECOptions = TokenSignBaseOptions & {
14
+ type: `${KeyType.EC}` | KeyType.EC;
15
+ algorithm?: TokenECAlgorithm;
16
+ keyPair: KeyPair | Partial<KeyPairOptions> | string;
17
+ };
18
+ export type TokenSignOCTOptions = TokenSignBaseOptions & {
19
+ type: `${KeyType.OCT}` | KeyType.OCT;
20
+ algorithm?: TokenOCTAlgorithm;
21
+ key: string | Buffer;
22
+ };
23
+ export type TokenSignOptions = TokenSignRSAOptions | TokenSignECOptions | TokenSignOCTOptions;
24
+ //# sourceMappingURL=types.d.ts.map
package/dist/crypto/json-web-token/sign/types.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/crypto/json-web-token/sign/types.ts"],"names":[],"mappings":";AAOA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAE5C,OAAO,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAC9D,OAAO,KAAK,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAC;AAEtF,MAAM,MAAM,oBAAoB,GAAG;IAC/B,KAAK,CAAC,EAAE,MAAM,CAAC;CAClB,CAAC;AACF,MAAM,MAAM,mBAAmB,GAAG,oBAAoB,GAAG;IACrD,IAAI,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC;IACrC,SAAS,CAAC,EAAE,iBAAiB,CAAC;IAC9B,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,cAAc,CAAC,GAAG,MAAM,CAAA;CACtD,CAAC;AACF,MAAM,MAAM,kBAAkB,GAAG,oBAAoB,GAAG;IACpD,IAAI,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,CAAC;IACnC,SAAS,CAAC,EAAE,gBAAgB,CAAC;IAC7B,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,cAAc,CAAC,GAAG,MAAM,CAAA;CACtD,CAAC;AACF,MAAM,MAAM,mBAAmB,GAAG,oBAAoB,GAAG;IACrD,IAAI,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC;IACrC,SAAS,CAAC,EAAE,iBAAiB,CAAC;IAC9B,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;CACvB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG,mBAAmB,GAAG,kBAAkB,GAAG,mBAAmB,CAAC"}
package/dist/crypto/json-web-token/type.d.ts CHANGED
@@ -1,34 +1,5 @@
1
- /// <reference types="node" />
2
- import type { DecodeOptions, Jwt, SignOptions, VerifyOptions } from 'jsonwebtoken';
3
- import type { KeyType } from '@authup/core';
4
- import type { KeyPair, KeyPairOptions } from '../key-pair';
5
- export { Jwt, };
6
- export type TokenSignOptions = ({
7
- type: `${KeyType.RSA}` | KeyType.RSA;
8
- algorithm?: 'RS256' | 'RS384' | 'RS512' | 'PS256' | 'PS384' | 'PS512';
9
- keyPair: KeyPair | Partial<KeyPairOptions> | string;
10
- } | {
11
- type: `${KeyType.EC}` | KeyType.EC;
12
- algorithm?: 'ES256' | 'ES384' | 'ES512';
13
- keyPair: KeyPair | Partial<KeyPairOptions> | string;
14
- } | {
15
- type: `${KeyType.OCT}` | KeyType.OCT;
16
- algorithm?: 'HS256' | 'HS384' | 'HS512';
17
- secret: string | Buffer;
18
- }) & Omit<SignOptions, 'algorithm'>;
19
- export type TokenVerifyRSAlgorithm = 'RS256' | 'RS384' | 'RS512' | 'PS256' | 'PS384' | 'PS512';
20
- export type TokenVerifyOptions = ({
21
- type: `${KeyType.RSA}` | KeyType.RSA;
22
- algorithms?: TokenVerifyRSAlgorithm[];
23
- keyPair: Omit<KeyPair, 'privateKey'> | KeyPair | Partial<KeyPairOptions> | string;
24
- } | {
25
- type: `${KeyType.EC}` | KeyType.EC;
26
- algorithms?: ('ES256' | 'ES384' | 'ES512')[];
27
- keyPair: Omit<KeyPair, 'privateKey'> | KeyPair | Partial<KeyPairOptions> | string;
28
- } | {
29
- type: `${KeyType.OCT}` | KeyType.OCT;
30
- algorithms?: ('HS256' | 'HS384' | 'HS512')[];
31
- secret: string | Buffer;
32
- }) & Omit<VerifyOptions, 'algorithms'>;
33
- export type TokenDecodeOptions = DecodeOptions;
1
+ import type { JWTAlgorithm } from '@authup/core';
2
+ export type TokenRSAAlgorithm = `${JWTAlgorithm.RS256}` | `${JWTAlgorithm.RS384}` | `${JWTAlgorithm.RS512}` | `${JWTAlgorithm.PS256}` | `${JWTAlgorithm.PS384}` | `${JWTAlgorithm.PS512}`;
3
+ export type TokenECAlgorithm = `${JWTAlgorithm.ES256}` | `${JWTAlgorithm.ES384}`;
4
+ export type TokenOCTAlgorithm = `${JWTAlgorithm.HS256}` | `${JWTAlgorithm.HS384}` | `${JWTAlgorithm.HS512}`;
34
5
  //# sourceMappingURL=type.d.ts.map
package/dist/crypto/json-web-token/type.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"type.d.ts","sourceRoot":"","sources":["../../../src/crypto/json-web-token/type.ts"],"names":[],"mappings":";AAQA,OAAO,KAAK,EACR,aAAa,EAAE,GAAG,EAAE,WAAW,EAAE,aAAa,EACjD,MAAM,cAAc,CAAC;AACtB,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAE3D,OAAO,EACH,GAAG,GACN,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG,CAAC;IAC5B,IAAI,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC;IACrC,SAAS,CAAC,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,GACvC,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;IAC5B,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,cAAc,CAAC,GAAG,MAAM,CAAA;CACtD,GAAG;IACA,IAAI,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,CAAC;IACnC,SAAS,CAAC,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;IACxC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,cAAc,CAAC,GAAG,MAAM,CAAA;CACtD,GAAG;IACA,IAAI,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC;IACrC,SAAS,CAAC,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;IACxC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAA;CAC1B,CAAC,GAAG,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;AAEpC,MAAM,MAAM,sBAAsB,GAAG,OAAO,GAAG,OAAO,GAAG,OAAO,GAChE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;AAE5B,MAAM,MAAM,kBAAkB,GAAG,CAAC;IAC9B,IAAI,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC;IACrC,UAAU,CAAC,EAAE,sBAAsB,EAAE,CAAC;IACtC,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,GAAG,OAAO,GAAG,OAAO,CAAC,cAAc,CAAC,GAAG,MAAM,CAAA;CACpF,GAAG;IACA,IAAI,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,CAAC;IACnC,UAAU,CAAC,EAAE,CAAC,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC,EAAE,CAAC;IAC7C,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,GAAG,OAAO,GAAG,OAAO,CAAC,cAAc,CAAC,GAAG,MAAM,CAAA;CACpF,GAAG;IACA,IAAI,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC;IACrC,UAAU,CAAC,EAAE,CAAC,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC,EAAE,CAAC;IAC7C,MAAM,EAAE,MAAM,GAAG,MAAM,CAAA;CAC1B,CAAC,GAAG,IAAI,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;AAEvC,MAAM,MAAM,kBAAkB,GAAG,aAAa,CAAC"}
1
+ {"version":3,"file":"type.d.ts","sourceRoot":"","sources":["../../../src/crypto/json-web-token/type.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAEjD,MAAM,MAAM,iBAAiB,GAAG,GAAG,YAAY,CAAC,KAAK,EAAE,GACnD,GAAG,YAAY,CAAC,KAAK,EAAE,GACvB,GAAG,YAAY,CAAC,KAAK,EAAE,GACvB,GAAG,YAAY,CAAC,KAAK,EAAE,GACvB,GAAG,YAAY,CAAC,KAAK,EAAE,GACvB,GAAG,YAAY,CAAC,KAAK,EAAE,CAAC;AAE5B,MAAM,MAAM,gBAAgB,GAAG,GAAG,YAAY,CAAC,KAAK,EAAE,GAClD,GAAG,YAAY,CAAC,KAAK,EAAE,CAAC;AAE5B,MAAM,MAAM,iBAAiB,GAAG,GAAG,YAAY,CAAC,KAAK,EAAE,GACnD,GAAG,YAAY,CAAC,KAAK,EAAE,GACvB,GAAG,YAAY,CAAC,KAAK,EAAE,CAAC"}
package/dist/crypto/json-web-token/utils.d.ts CHANGED
@@ -1,3 +1,6 @@
1
- import { TokenError } from '@authup/core';
1
+ import { JWTAlgorithm, TokenError } from '@authup/core';
2
+ import { Algorithm } from '@node-rs/jsonwebtoken';
2
3
  export declare function createErrorForJWTError(e: unknown): TokenError;
4
+ export declare function transformJWTAlgorithmToInternal(algorithm: `${JWTAlgorithm}`): Algorithm;
5
+ export declare function transformInternalToJWTAlgorithm(input: Algorithm): JWTAlgorithm;
3
6
  //# sourceMappingURL=utils.d.ts.map
package/dist/crypto/json-web-token/utils.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/crypto/json-web-token/utils.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAG1C,wBAAgB,sBAAsB,CAAC,CAAC,EAAE,OAAO,GAAI,UAAU,CA8B9D"}
1
+ {"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/crypto/json-web-token/utils.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAGlD,wBAAgB,sBAAsB,CAAC,CAAC,EAAE,OAAO,GAAI,UAAU,CA2C9D;AAED,wBAAgB,+BAA+B,CAAC,SAAS,EAAE,GAAG,YAAY,EAAE,GAAI,SAAS,CAsCxF;AAED,wBAAgB,+BAA+B,CAAC,KAAK,EAAE,SAAS,GAAI,YAAY,CA2B/E"}
package/dist/crypto/json-web-token/verify/index.d.ts ADDED
@@ -0,0 +1,3 @@
1
+ export * from './module';
2
+ export * from './types';
3
+ //# sourceMappingURL=index.d.ts.map
package/dist/crypto/json-web-token/verify/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/crypto/json-web-token/verify/index.ts"],"names":[],"mappings":"AAOA,cAAc,UAAU,CAAC;AACzB,cAAc,SAAS,CAAC"}
package/dist/crypto/json-web-token/verify/module.d.ts ADDED
@@ -0,0 +1,12 @@
1
+ import type { OAuth2TokenPayload } from '@authup/core';
2
+ import type { TokenVerifyOptions } from './types';
3
+ /**
4
+ * Verify JWT.
5
+ *
6
+ * @param token
7
+ * @param context
8
+ *
9
+ * @throws TokenError
10
+ */
11
+ export declare function verifyToken(token: string, context: TokenVerifyOptions): Promise<OAuth2TokenPayload>;
12
+ //# sourceMappingURL=module.d.ts.map
package/dist/crypto/json-web-token/verify/module.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"module.d.ts","sourceRoot":"","sources":["../../../../src/crypto/json-web-token/verify/module.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAa,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAIlE,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAC;AAElD;;;;;;;GAOG;AACH,wBAAsB,WAAW,CAC7B,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,kBAAkB,GAC3B,OAAO,CAAC,kBAAkB,CAAC,CAmE9B"}
package/dist/crypto/json-web-token/verify/types.d.ts ADDED
@@ -0,0 +1,21 @@
1
+ /// <reference types="node" />
2
+ import type { KeyType } from '@authup/core';
3
+ import type { KeyPair, KeyPairOptions } from '../../key-pair';
4
+ import type { TokenECAlgorithm, TokenOCTAlgorithm, TokenRSAAlgorithm } from '../type';
5
+ export type TokenVerifyRSAOptions = {
6
+ type: `${KeyType.RSA}` | KeyType.RSA;
7
+ algorithms?: TokenRSAAlgorithm[];
8
+ keyPair: Omit<KeyPair, 'privateKey'> | KeyPair | Partial<KeyPairOptions> | string;
9
+ };
10
+ export type TokenVerifyECOptions = {
11
+ type: `${KeyType.EC}` | KeyType.EC;
12
+ algorithms?: TokenECAlgorithm[];
13
+ keyPair: Omit<KeyPair, 'privateKey'> | KeyPair | Partial<KeyPairOptions> | string;
14
+ };
15
+ export type TokenVerifyOCTOptions = {
16
+ type: `${KeyType.OCT}` | KeyType.OCT;
17
+ algorithms?: TokenOCTAlgorithm[];
18
+ key: string | Buffer;
19
+ };
20
+ export type TokenVerifyOptions = TokenVerifyRSAOptions | TokenVerifyECOptions | TokenVerifyOCTOptions;
21
+ //# sourceMappingURL=types.d.ts.map
package/dist/crypto/json-web-token/verify/types.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/crypto/json-web-token/verify/types.ts"],"names":[],"mappings":";AAOA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAE5C,OAAO,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAC9D,OAAO,KAAK,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAC;AAEtF,MAAM,MAAM,qBAAqB,GAAG;IAChC,IAAI,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC;IACrC,UAAU,CAAC,EAAE,iBAAiB,EAAE,CAAC;IACjC,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,GAAG,OAAO,GAAG,OAAO,CAAC,cAAc,CAAC,GAAG,MAAM,CAAC;CACrF,CAAC;AACF,MAAM,MAAM,oBAAoB,GAAG;IAC/B,IAAI,EAAE,GAAG,OAAO,CAAC,EAAE,EAAE,GAAG,OAAO,CAAC,EAAE,CAAC;IACnC,UAAU,CAAC,EAAE,gBAAgB,EAAE,CAAC;IAChC,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,GAAG,OAAO,GAAG,OAAO,CAAC,cAAc,CAAC,GAAG,MAAM,CAAC;CACrF,CAAC;AACF,MAAM,MAAM,qBAAqB,GAAG;IAChC,IAAI,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC;IACrC,UAAU,CAAC,EAAE,iBAAiB,EAAE,CAAC;IACjC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;CACvB,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG,qBAAqB,GAAG,oBAAoB,GAAG,qBAAqB,CAAC"}
package/dist/index.cjs CHANGED
@@ -1,11 +1,11 @@
1
1
  'use strict';
2
2
 
3
- var bcrypt = require('bcrypt');
3
+ var bcrypt = require('@node-rs/bcrypt');
4
4
  var node_crypto = require('node:crypto');
5
5
  var core = require('@authup/core');
6
6
  var path = require('node:path');
7
7
  var fs = require('node:fs');
8
- var jsonwebtoken = require('jsonwebtoken');
8
+ var jsonwebtoken = require('@node-rs/jsonwebtoken');
9
9
  var smob = require('smob');
10
10
  var redisExtension = require('redis-extension');
11
11
  var redisEmitter = require('@socket.io/redis-emitter');
@@ -15,8 +15,8 @@ async function compare(value, hashedValue) {
15
15
  return bcrypt.compare(value, hashedValue);
16
16
  }
17
17
 
18
- async function hash(str, saltOrRounds = 10) {
19
- return bcrypt.hash(str, saltOrRounds);
18
+ async function hash(str, rounds = 10) {
19
+ return bcrypt.hash(str, rounds);
20
20
  }
21
21
 
22
22
  /*
@@ -261,26 +261,89 @@ async function useKeyPair(value) {
261
261
  return keyPair;
262
262
  }
263
263
 
264
+ /**
265
+ * Decode a JWT token with no verification.
266
+ *
267
+ * @param token
268
+ *
269
+ * @throws TokenError
270
+ */ function extractTokenHeader(token) {
271
+ const parts = token.split('.');
272
+ if (parts.length !== 3) {
273
+ throw core.TokenError.payloadInvalid('The token format is not valid.');
274
+ }
275
+ const [headerBase64] = parts;
276
+ try {
277
+ const payload = atob(headerBase64);
278
+ return JSON.parse(payload);
279
+ /*
280
+ return {
281
+ typ: 'JWT',
282
+ alg: transformInternalToJWTAlgorithm(header.algorithm),
283
+ cty: header.contentType,
284
+ jku: header.jsonKeyUrl,
285
+ kid: header.keyId,
286
+ x5u: header.x5Url,
287
+ x5c: header.x5CertChain,
288
+ x5t: header.x5CertThumbprint,
289
+ 'x5t#S256': header.x5TS256CertThumbprint,
290
+ };
291
+ */ } catch (e) {
292
+ throw core.TokenError.headerInvalid('The token header could not be extracted.');
293
+ }
294
+ }
295
+ function extractTokenPayload(token) {
296
+ const parts = token.split('.');
297
+ if (parts.length !== 3) {
298
+ throw core.TokenError.payloadInvalid('The token format is not valid.');
299
+ }
300
+ const [, payloadBase64] = parts;
301
+ try {
302
+ const payload = atob(payloadBase64);
303
+ return JSON.parse(payload);
304
+ } catch (e) {
305
+ throw core.TokenError.payloadInvalid('The token payload could not be extracted.');
306
+ }
307
+ }
308
+
264
309
  function createErrorForJWTError(e) {
265
- if (smob.isObject(e) && typeof e.name === 'string') {
266
- switch(e.name){
267
- case 'TokenExpiredError':
310
+ if (smob.isObject(e)) {
311
+ if (typeof e.name === 'string') {
312
+ switch(e.name){
313
+ case 'TokenExpiredError':
314
+ {
315
+ return core.TokenError.expired();
316
+ }
317
+ case 'NotBeforeError':
318
+ {
319
+ if (typeof e.date === 'string' || e.date instanceof Date) {
320
+ return core.TokenError.notActiveBefore(e.date);
321
+ }
322
+ break;
323
+ }
324
+ case 'JsonWebTokenError':
325
+ {
326
+ if (typeof e.message === 'string') {
327
+ return core.TokenError.payloadInvalid(e.message);
328
+ }
329
+ break;
330
+ }
331
+ }
332
+ }
333
+ // @see https://github.com/Keats/jsonwebtoken/blob/master/src/errors.rs
334
+ switch(e.message){
335
+ case 'ExpiredSignature':
268
336
  {
269
337
  return core.TokenError.expired();
270
338
  }
271
- case 'NotBeforeError':
339
+ case 'ImmatureSignature':
272
340
  {
273
- if (typeof e.date === 'string' || e.date instanceof Date) {
274
- return core.TokenError.notActiveBefore(e.date);
275
- }
276
- break;
341
+ return core.TokenError.notActiveBefore();
277
342
  }
278
- case 'JsonWebTokenError':
343
+ case 'InvalidToken':
344
+ case 'InvalidSignature':
279
345
  {
280
- if (typeof e.message === 'string') {
281
- return core.TokenError.payloadInvalid(e.message);
282
- }
283
- break;
346
+ return core.TokenError.payloadInvalid();
284
347
  }
285
348
  }
286
349
  }
@@ -290,49 +353,100 @@ function createErrorForJWTError(e) {
290
353
  message: 'The JWT error could not be determined.'
291
354
  });
292
355
  }
293
-
294
- function decodeToken(token, options) {
295
- options ?? (options = {});
296
- let output;
297
- try {
298
- output = jsonwebtoken.decode(token, {
299
- ...options
300
- });
301
- } catch (e) {
302
- throw createErrorForJWTError(e);
303
- }
304
- if (output === null) {
305
- throw core.TokenError.payloadInvalid('The token could not be decoded.');
356
+ function transformJWTAlgorithmToInternal(algorithm) {
357
+ switch(algorithm){
358
+ case core.JWTAlgorithm.HS256:
359
+ {
360
+ return jsonwebtoken.Algorithm.HS256;
361
+ }
362
+ case core.JWTAlgorithm.HS384:
363
+ {
364
+ return jsonwebtoken.Algorithm.HS384;
365
+ }
366
+ case core.JWTAlgorithm.HS512:
367
+ {
368
+ return jsonwebtoken.Algorithm.HS512;
369
+ }
370
+ case core.JWTAlgorithm.RS256:
371
+ {
372
+ return jsonwebtoken.Algorithm.RS256;
373
+ }
374
+ case core.JWTAlgorithm.RS384:
375
+ {
376
+ return jsonwebtoken.Algorithm.RS384;
377
+ }
378
+ case core.JWTAlgorithm.RS512:
379
+ {
380
+ return jsonwebtoken.Algorithm.RS512;
381
+ }
382
+ case core.JWTAlgorithm.ES256:
383
+ {
384
+ return jsonwebtoken.Algorithm.ES256;
385
+ }
386
+ case core.JWTAlgorithm.ES384:
387
+ {
388
+ return jsonwebtoken.Algorithm.ES384;
389
+ }
390
+ case core.JWTAlgorithm.PS256:
391
+ {
392
+ return jsonwebtoken.Algorithm.PS256;
393
+ }
394
+ case core.JWTAlgorithm.PS384:
395
+ {
396
+ return jsonwebtoken.Algorithm.PS384;
397
+ }
398
+ case core.JWTAlgorithm.PS512:
399
+ {
400
+ return jsonwebtoken.Algorithm.PS512;
401
+ }
306
402
  }
307
- return output;
403
+ throw new Error(`The algorithm ${algorithm} is not supported.`);
308
404
  }
309
405
 
310
- async function signToken(payload, context) {
311
- context.expiresIn = context.expiresIn || 3600;
406
+ const getUtcTimestamp = ()=>Math.floor(new Date().getTime() / 1000);
407
+ async function signToken(claims, context) {
408
+ if (typeof claims.exp !== 'number') {
409
+ claims.exp = getUtcTimestamp() + 3600;
410
+ }
411
+ if (typeof claims.iat !== 'number') {
412
+ claims.iat = getUtcTimestamp();
413
+ }
312
414
  switch(context.type){
313
415
  case core.KeyType.RSA:
314
416
  case core.KeyType.EC:
315
417
  {
316
- const { type, keyPair, ...options } = context;
317
- const { privateKey } = isKeyPair(keyPair) ? keyPair : await useKeyPair(keyPair);
318
- if (type === core.KeyType.RSA) {
319
- options.algorithm = options.algorithm || 'RS256';
418
+ const { privateKey } = isKeyPair(context.keyPair) ? context.keyPair : await useKeyPair(context.keyPair);
419
+ let algorithm;
420
+ if (context.type === core.KeyType.RSA) {
421
+ algorithm = context.algorithm ? transformJWTAlgorithmToInternal(context.algorithm) : jsonwebtoken.Algorithm.RS256;
320
422
  } else {
321
- options.algorithm = options.algorithm || 'ES256';
423
+ algorithm = context.algorithm ? transformJWTAlgorithmToInternal(context.algorithm) : jsonwebtoken.Algorithm.ES256;
322
424
  }
323
- return jsonwebtoken.sign(payload, privateKey, options);
425
+ return jsonwebtoken.sign(claims, privateKey, {
426
+ algorithm,
427
+ keyId: context.keyId
428
+ });
324
429
  }
325
430
  case core.KeyType.OCT:
326
431
  {
327
- const { type, secret, ...options } = context;
328
- options.algorithm = options.algorithm || 'HS256';
329
- return jsonwebtoken.sign(payload, secret, options);
432
+ const algorithm = context.algorithm ? transformJWTAlgorithmToInternal(context.algorithm) : jsonwebtoken.Algorithm.HS256;
433
+ return jsonwebtoken.sign(claims, context.key, {
434
+ algorithm,
435
+ keyId: context.keyId
436
+ });
330
437
  }
331
438
  }
332
439
  throw new core.TokenError();
333
440
  }
334
441
 
335
- async function verifyToken(token, context) {
442
+ /**
443
+ * Verify JWT.
444
+ *
445
+ * @param token
446
+ * @param context
447
+ *
448
+ * @throws TokenError
449
+ */ async function verifyToken(token, context) {
336
450
  let promise;
337
451
  let output;
338
452
  try {
@@ -340,51 +454,39 @@ async function verifyToken(token, context) {
340
454
  case core.KeyType.RSA:
341
455
  case core.KeyType.EC:
342
456
  {
343
- const { type, keyPair, ...options } = context;
344
- const { publicKey } = isKeyPairWithPublicKey(keyPair) ? keyPair : await useKeyPair(keyPair);
345
- if (type === core.KeyType.RSA) {
346
- options.algorithms = options.algorithms || [
347
- 'RS256',
348
- 'RS384',
349
- 'RS512',
350
- 'PS256',
351
- 'PS384',
352
- 'PS512'
457
+ const { publicKey } = isKeyPairWithPublicKey(context.keyPair) ? context.keyPair : await useKeyPair(context.keyPair);
458
+ let algorithms;
459
+ if (context.type === core.KeyType.RSA) {
460
+ algorithms = context.algorithms ? context.algorithms.map((algorithm)=>transformJWTAlgorithmToInternal(algorithm)) : [
461
+ jsonwebtoken.Algorithm.RS256,
462
+ jsonwebtoken.Algorithm.RS384,
463
+ jsonwebtoken.Algorithm.RS512,
464
+ jsonwebtoken.Algorithm.PS256,
465
+ jsonwebtoken.Algorithm.PS384,
466
+ jsonwebtoken.Algorithm.PS512
353
467
  ];
354
468
  } else {
355
- options.algorithms = options.algorithms || [
356
- 'ES256',
357
- 'ES384',
358
- 'ES512'
469
+ algorithms = context.algorithms ? context.algorithms.map((algorithm)=>transformJWTAlgorithmToInternal(algorithm)) : [
470
+ jsonwebtoken.Algorithm.ES256,
471
+ jsonwebtoken.Algorithm.ES384
359
472
  ];
360
473
  }
361
- promise = new Promise((resolve, reject)=>{
362
- jsonwebtoken.verify(token, publicKey, options, (err, decoded)=>{
363
- if (err) {
364
- reject(err);
365
- return;
366
- }
367
- resolve(decoded);
368
- });
474
+ promise = jsonwebtoken.verify(token, publicKey, {
475
+ algorithms,
476
+ validateNbf: true
369
477
  });
370
478
  break;
371
479
  }
372
480
  case core.KeyType.OCT:
373
481
  {
374
- const { type, secret, ...options } = context;
375
- options.algorithms = options.algorithms || [
376
- 'HS256',
377
- 'HS384',
378
- 'HS512'
482
+ const algorithms = context.algorithms ? context.algorithms.map((algorithm)=>transformJWTAlgorithmToInternal(algorithm)) : [
483
+ jsonwebtoken.Algorithm.HS256,
484
+ jsonwebtoken.Algorithm.HS384,
485
+ jsonwebtoken.Algorithm.HS512
379
486
  ];
380
- promise = new Promise((resolve, reject)=>{
381
- jsonwebtoken.verify(token, secret, options, (err, decoded)=>{
382
- if (err) {
383
- reject(err);
384
- return;
385
- }
386
- resolve(decoded);
387
- });
487
+ promise = jsonwebtoken.verify(token, context.key, {
488
+ algorithms,
489
+ validateNbf: true
388
490
  });
389
491
  }
390
492
  }
@@ -616,10 +718,11 @@ exports.buildKeyFileName = buildKeyFileName;
616
718
  exports.compare = compare;
617
719
  exports.createKeyPair = createKeyPair;
618
720
  exports.createSmtpClient = createSmtpClient;
619
- exports.decodeToken = decodeToken;
620
721
  exports.decryptRSAPrivateKey = decryptRSAPrivateKey;
621
722
  exports.deleteKeyPair = deleteKeyPair;
622
723
  exports.extendKeyPairOptions = extendKeyPairOptions;
724
+ exports.extractTokenHeader = extractTokenHeader;
725
+ exports.extractTokenPayload = extractTokenPayload;
623
726
  exports.hasOwnProperty = hasOwnProperty;
624
727
  exports.hasSmtpConfig = hasSmtpConfig;
625
728
  exports.hash = hash;