@bb-labs/pkce 0.0.2 → 0.0.3

package/README.md

@@ -1,13 +1,6 @@
 # @bb-labs/pkce
 
-A lightweight, zero-dependency PKCE (Proof Key for Code Exchange) library for OAuth 2.0 that works across platforms.
-
-## Features
-
-- 🎯 **Zero Dependencies**: No external crypto libraries required
-- 🔄 **Cross-Platform**: Works in React Native (expo-crypto), Node.js (built-in crypto), and browsers
-- 🚀 **Auto-Detection**: Automatically uses the best available crypto implementation
-- 📦 **Tree-Shakable**: Import only what you need
+A lightweight PKCE (Proof Key for Code Exchange) library using `@noble/hashes` for universal compatibility.
 
 ## Installation
 
@@ -17,8 +10,6 @@ npm install @bb-labs/pkce
 
 ## Usage
 
-### Automatic Environment Detection (Recommended)
-
 ```typescript
 import { generateCodeVerifier, createCodeChallenge } from "@bb-labs/pkce";
 
@@ -26,99 +17,39 @@ import { generateCodeVerifier, createCodeChallenge } from "@bb-labs/pkce";
 const verifier = generateCodeVerifier();
 
 // Create the corresponding code challenge
-const challenge = await createCodeChallenge(verifier);
-
-console.log("Verifier:", verifier);
-console.log("Challenge:", challenge);
-```
-
-### Platform-Specific Imports
-
-#### React Native / Expo
-
-```typescript
-import { generateCodeVerifier, createCodeChallenge } from "@bb-labs/pkce/expo";
-
-// Make sure expo-crypto is installed in your React Native app
-// npm install expo-crypto
-
-const verifier = generateCodeVerifier();
-const challenge = await createCodeChallenge(verifier);
-```
-
-#### Node.js
+const challenge = createCodeChallenge(verifier);
 
-```typescript
-import { generateCodeVerifier, createCodeChallenge } from "@bb-labs/pkce/nodejs";
-
-const verifier = generateCodeVerifier();
-const challenge = await createCodeChallenge(verifier);
+// Use in OAuth flow...
 ```
 
 ## API
 
 ### `generateCodeVerifier(): string`
 
-Generates a cryptographically secure random code verifier (43-128 characters, base64url encoded).
+Generates a cryptographically secure random code verifier (43 characters, base64url encoded).
 
-### `createCodeChallenge(verifier: string): Promise<string>`
+### `createCodeChallenge(verifier: string): string`
 
 Creates a code challenge by SHA-256 hashing the verifier and base64url encoding the result.
 
 ## Requirements
 
-### React Native / Expo Apps
-
-- Install `expo-crypto`: `npm install expo-crypto`
-- The library will automatically detect and use expo-crypto
-
-### Node.js Apps
-
-- Node.js built-in `crypto` module (available in all modern Node.js versions)
-- No additional dependencies required
-
-### Browser Apps
+Depends on [`@noble/hashes`](https://github.com/paulmillr/noble-hashes) for crypto functions.
 
-- Modern browsers with Web Crypto API support
-- Or use a polyfill for older browsers
-
-## PKCE Flow Example
+**React Native Setup:**
 
 ```typescript
-import { generateCodeVerifier, createCodeChallenge } from "@bb-labs/pkce";
-
-// 1. Generate verifier and challenge
-const verifier = generateCodeVerifier();
-const challenge = await createCodeChallenge(verifier);
-
-// 2. Send challenge to authorization server
-const authUrl =
-  `https://auth.example.com/oauth/authorize?` +
-  `client_id=your_client_id&` +
-  `redirect_uri=your_redirect_uri&` +
-  `response_type=code&` +
-  `code_challenge=${challenge}&` +
-  `code_challenge_method=S256`;
-
-// 3. After user authorization, exchange code for tokens using the verifier
-const tokenResponse = await fetch("https://auth.example.com/oauth/token", {
-  method: "POST",
-  body: new URLSearchParams({
-    grant_type: "authorization_code",
-    code: authorizationCode,
-    redirect_uri: redirectUri,
-    client_id: clientId,
-    code_verifier: verifier, // ← Send the original verifier
-  }),
-});
+// In your app/_layout.tsx (Expo) or App.tsx
+import { polyfillWebCrypto } from "expo-standard-web-crypto";
+polyfillWebCrypto();
 ```
 
-## Error Handling
+For bare React Native:
 
-The library will throw descriptive errors if no suitable crypto implementation is found:
-
-- React Native: `"expo-crypto is required for React Native PKCE operations. Install expo-crypto or use a different PKCE implementation."`
-- Node.js: `"Node.js crypto is required for server-side PKCE operations."`
+```bash
+npm install react-native-get-random-values
+import 'react-native-get-random-values';
+```
 
 ## License
 

package/dist/index.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Universal PKCE implementation using @noble/hashes
+ * Works in Node.js, React Native, Expo, and browsers
+ */
+/**
+ * Generates a cryptographically secure random code verifier for PKCE
+ * Uses @noble/hashes randomBytes (works in Node.js, browsers, React Native)
+ */
+export declare function generateCodeVerifier(): string;
+/**
+ * Creates a code challenge from a code verifier using SHA-256
+ * Uses @noble/hashes sha256 (works in Node.js, browsers, React Native)
+ */
+export declare function createCodeChallenge(verifier: string): string;

package/dist/index.js

@@ -1 +1,74 @@
-"use strict";
+/**
+ * Universal PKCE implementation using @noble/hashes
+ * Works in Node.js, React Native, Expo, and browsers
+ */
+import { sha256 } from "@noble/hashes/sha2";
+import { randomBytes } from "@noble/hashes/utils";
+/**
+ * Generates a cryptographically secure random code verifier for PKCE
+ * Uses @noble/hashes randomBytes (works in Node.js, browsers, React Native)
+ */
+export function generateCodeVerifier() {
+    // Generate 32 bytes (256 bits) of random data
+    const randomBytesData = randomBytes(32);
+    // Convert to base64url encoding (RFC 4648)
+    return base64UrlEncode(randomBytesData);
+}
+/**
+ * Creates a code challenge from a code verifier using SHA-256
+ * Uses @noble/hashes sha256 (works in Node.js, browsers, React Native)
+ */
+export function createCodeChallenge(verifier) {
+    // Convert string to bytes
+    const bytes = stringToBytes(verifier);
+    // Hash using SHA-256 from @noble/hashes
+    const hash = sha256(bytes);
+    // Convert to base64url encoding
+    return base64UrlEncode(hash);
+}
+/**
+ * Converts a string to UTF-8 bytes
+ */
+function stringToBytes(str) {
+    const bytes = [];
+    for (let i = 0; i < str.length; i++) {
+        const code = str.charCodeAt(i);
+        if (code < 0x80) {
+            bytes.push(code);
+        }
+        else if (code < 0x800) {
+            bytes.push(0xc0 | (code >> 6), 0x80 | (code & 0x3f));
+        }
+        else if (code < 0xd800 || code >= 0xe000) {
+            bytes.push(0xe0 | (code >> 12), 0x80 | ((code >> 6) & 0x3f), 0x80 | (code & 0x3f));
+        }
+        else {
+            // Surrogate pair
+            i++;
+            const cp = 0x10000 + (((code & 0x3ff) << 10) | (str.charCodeAt(i) & 0x3ff));
+            bytes.push(0xf0 | (cp >> 18), 0x80 | ((cp >> 12) & 0x3f), 0x80 | ((cp >> 6) & 0x3f), 0x80 | (cp & 0x3f));
+        }
+    }
+    return new Uint8Array(bytes);
+}
+/**
+ * Converts Uint8Array to base64url encoding (RFC 4648)
+ */
+function base64UrlEncode(bytes) {
+    const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
+    let result = "";
+    for (let i = 0; i < bytes.length; i += 3) {
+        const b1 = bytes[i];
+        const b2 = i + 1 < bytes.length ? bytes[i + 1] : 0;
+        const b3 = i + 2 < bytes.length ? bytes[i + 2] : 0;
+        result += chars[b1 >> 2];
+        result += chars[((b1 & 0x03) << 4) | (b2 >> 4)];
+        if (i + 1 < bytes.length) {
+            result += chars[((b2 & 0x0f) << 2) | (b3 >> 6)];
+        }
+        if (i + 2 < bytes.length) {
+            result += chars[b3 & 0x3f];
+        }
+    }
+    return result;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bb-labs/pkce",
-  "version": "0.0.2",
+  "version": "0.0.3",
   "description": "A library for PKCE",
   "homepage": "https://github.com/beepbop-labs/pkce",
   "keywords": [
@@ -27,7 +27,10 @@
   "scripts": {
     "clean": "rm -rf dist",
     "build": "npm run clean && tsc -p tsconfig.json",
-    "pack": "npm run build && npm pack --pack-destination ./archive/"
+    "pack": "npm run build && rm -rf archive && mkdir -p archive && bun pm pack --destination ./archive && find ./archive -name '*.tgz' -exec mv {} ./archive/archive2.tgz \\;"
+  },
+  "dependencies": {
+    "@noble/hashes": "^1.3.0"
   },
   "devDependencies": {
     "@types/bun": "latest"

package/dist/expo/index.d.ts

@@ -1,10 +0,0 @@
-/**
- * Generates a cryptographically secure random code verifier for PKCE
- * Uses expo-crypto if available, otherwise throws an error
- */
-export declare function generateCodeVerifier(): string;
-/**
- * Creates a code challenge from a code verifier using SHA-256
- * Uses expo-crypto if available, otherwise throws an error
- */
-export declare function createCodeChallenge(verifier: string): Promise<string>;

package/dist/expo/index.js

@@ -1,55 +0,0 @@
-/**
- * Generates a cryptographically secure random code verifier for PKCE
- * Uses expo-crypto if available, otherwise throws an error
- */
-export function generateCodeVerifier() {
-    try {
-        const Crypto = require("expo-crypto");
-        // Generate 32 bytes (256 bits) of random data
-        const randomBytes = Crypto.getRandomBytes(32);
-        // Convert to base64url encoding (RFC 4648)
-        return base64UrlEncode(randomBytes);
-    }
-    catch (error) {
-        throw new Error("expo-crypto is required for React Native PKCE operations. Install expo-crypto or use a different PKCE implementation.");
-    }
-}
-/**
- * Creates a code challenge from a code verifier using SHA-256
- * Uses expo-crypto if available, otherwise throws an error
- */
-export async function createCodeChallenge(verifier) {
-    try {
-        const Crypto = require("expo-crypto");
-        // Hash the verifier using SHA-256
-        const hashBuffer = await Crypto.digestStringAsync(Crypto.CryptoDigestAlgorithm.SHA256, verifier, {
-            encoding: Crypto.CryptoEncoding.BASE64,
-        });
-        // Return base64url encoded hash
-        return base64UrlEncode(hashBuffer);
-    }
-    catch (error) {
-        throw new Error("expo-crypto is required for React Native PKCE operations. Install expo-crypto or use a different PKCE implementation.");
-    }
-}
-/**
- * Converts input to base64url encoding (RFC 4648)
- * Replaces '+' with '-', '/' with '_', and removes padding
- */
-function base64UrlEncode(input) {
-    let base64;
-    if (typeof input === "string") {
-        // If input is already a base64 string, use it directly
-        base64 = input;
-    }
-    else {
-        // Convert Uint8Array to base64
-        base64 = "";
-        for (let i = 0; i < input.length; i++) {
-            base64 += String.fromCharCode(input[i]);
-        }
-        base64 = btoa(base64);
-    }
-    // Convert to base64url
-    return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
-}

package/dist/node/index.d.ts

@@ -1,10 +0,0 @@
-/**
- * Generates a cryptographically secure random code verifier for PKCE
- * Node.js implementation using built-in crypto
- */
-export declare function generateCodeVerifier(): string;
-/**
- * Creates a code challenge from a code verifier using SHA-256
- * Node.js implementation using built-in crypto
- */
-export declare function createCodeChallenge(verifier: string): Promise<string>;

package/dist/node/index.js

@@ -1,49 +0,0 @@
-/**
- * Generates a cryptographically secure random code verifier for PKCE
- * Node.js implementation using built-in crypto
- */
-export function generateCodeVerifier() {
-    try {
-        const { randomBytes } = require("crypto");
-        // Generate 32 bytes (256 bits) of random data
-        const randomBytesData = randomBytes(32);
-        // Convert to base64url encoding (RFC 4648)
-        return base64UrlEncode(randomBytesData);
-    }
-    catch (error) {
-        throw new Error("Node.js crypto is required for server-side PKCE operations.");
-    }
-}
-/**
- * Creates a code challenge from a code verifier using SHA-256
- * Node.js implementation using built-in crypto
- */
-export async function createCodeChallenge(verifier) {
-    try {
-        const { createHash } = require("crypto");
-        // Hash the verifier using SHA-256
-        const hash = createHash("sha256").update(verifier).digest();
-        // Return base64url encoded hash
-        return base64UrlEncode(hash);
-    }
-    catch (error) {
-        throw new Error("Node.js crypto is required for server-side PKCE operations.");
-    }
-}
-/**
- * Converts input to base64url encoding (RFC 4648)
- * Replaces '+' with '-', '/' with '_', and removes padding
- */
-function base64UrlEncode(input) {
-    let base64;
-    if (typeof input === "string") {
-        // If input is already a base64 string, use it directly
-        base64 = input;
-    }
-    else {
-        // Convert Buffer to base64
-        base64 = input.toString("base64");
-    }
-    // Convert to base64url
-    return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
-}