@boxyhq/saml-jackson 1.3.6 → 1.3.7

package/dist/controller/api.d.ts

@@ -56,6 +56,11 @@ export declare class ConnectionAPIController implements IConnectionAPIController
      *     description: Raw XML metadata
      *     in: formData
      *     type: string
+     *   metadataUrlParamPost:
+     *     name: metadataUrl
+     *     description: URL containing raw XML metadata
+     *     in: formData
+     *     type: string
      *   defaultRedirectUrlParamPost:
      *     name: defaultRedirectUrl
      *     description: The redirect URL to use in the IdP login flow
@@ -111,6 +116,7 @@ export declare class ConnectionAPIController implements IConnectionAPIController
      *      - $ref: '#/parameters/descriptionParamPost'
      *      - $ref: '#/parameters/encodedRawMetadataParamPost'
      *      - $ref: '#/parameters/rawMetadataParamPost'
+     *      - $ref: '#/parameters/metadataUrlParamPost'
      *      - $ref: '#/parameters/defaultRedirectUrlParamPost'
      *      - $ref: '#/parameters/redirectUrlParamPost'
      *      - $ref: '#/parameters/tenantParamPost'
@@ -141,6 +147,7 @@ export declare class ConnectionAPIController implements IConnectionAPIController
      *      - $ref: '#/parameters/descriptionParamPost'
      *      - $ref: '#/parameters/encodedRawMetadataParamPost'
      *      - $ref: '#/parameters/rawMetadataParamPost'
+     *      - $ref: '#/parameters/metadataUrlParamPost'
      *      - $ref: '#/parameters/defaultRedirectUrlParamPost'
      *      - $ref: '#/parameters/redirectUrlParamPost'
      *      - $ref: '#/parameters/tenantParamPost'
@@ -199,6 +206,11 @@ export declare class ConnectionAPIController implements IConnectionAPIController
      *     description: Raw XML metadata
      *     in: formData
      *     type: string
+     *   metadataUrlParamPatch:
+     *     name: metadataUrl
+     *     description: URL containing raw XML metadata
+     *     in: formData
+     *     type: string
      *   oidcDiscoveryUrlPatch:
      *     name: oidcDiscoveryUrl
      *     description: well-known URL where the OpenID Provider configuration is exposed
@@ -252,6 +264,7 @@ export declare class ConnectionAPIController implements IConnectionAPIController
      *       - $ref: '#/parameters/descriptionParamPatch'
      *       - $ref: '#/parameters/encodedRawMetadataParamPatch'
      *       - $ref: '#/parameters/rawMetadataParamPatch'
+     *       - $ref: '#/parameters/metadataUrlParamPatch'
      *       - $ref: '#/parameters/defaultRedirectUrlParamPatch'
      *       - $ref: '#/parameters/redirectUrlParamPatch'
      *       - $ref: '#/parameters/tenantParamPatch'
@@ -278,6 +291,7 @@ export declare class ConnectionAPIController implements IConnectionAPIController
      *       - $ref: '#/parameters/descriptionParamPatch'
      *       - $ref: '#/parameters/encodedRawMetadataParamPatch'
      *       - $ref: '#/parameters/rawMetadataParamPatch'
+     *       - $ref: '#/parameters/metadataUrlParamPatch'
      *       - $ref: '#/parameters/oidcDiscoveryUrlPatch'
      *       - $ref: '#/parameters/oidcClientIdPatch'
      *       - $ref: '#/parameters/oidcClientSecretPatch'

package/dist/controller/api.js

@@ -97,6 +97,11 @@ class ConnectionAPIController {
      *     description: Raw XML metadata
      *     in: formData
      *     type: string
+     *   metadataUrlParamPost:
+     *     name: metadataUrl
+     *     description: URL containing raw XML metadata
+     *     in: formData
+     *     type: string
      *   defaultRedirectUrlParamPost:
      *     name: defaultRedirectUrl
      *     description: The redirect URL to use in the IdP login flow
@@ -152,6 +157,7 @@ class ConnectionAPIController {
      *      - $ref: '#/parameters/descriptionParamPost'
      *      - $ref: '#/parameters/encodedRawMetadataParamPost'
      *      - $ref: '#/parameters/rawMetadataParamPost'
+     *      - $ref: '#/parameters/metadataUrlParamPost'
      *      - $ref: '#/parameters/defaultRedirectUrlParamPost'
      *      - $ref: '#/parameters/redirectUrlParamPost'
      *      - $ref: '#/parameters/tenantParamPost'
@@ -182,6 +188,7 @@ class ConnectionAPIController {
      *      - $ref: '#/parameters/descriptionParamPost'
      *      - $ref: '#/parameters/encodedRawMetadataParamPost'
      *      - $ref: '#/parameters/rawMetadataParamPost'
+     *      - $ref: '#/parameters/metadataUrlParamPost'
      *      - $ref: '#/parameters/defaultRedirectUrlParamPost'
      *      - $ref: '#/parameters/redirectUrlParamPost'
      *      - $ref: '#/parameters/tenantParamPost'
@@ -258,6 +265,11 @@ class ConnectionAPIController {
      *     description: Raw XML metadata
      *     in: formData
      *     type: string
+     *   metadataUrlParamPatch:
+     *     name: metadataUrl
+     *     description: URL containing raw XML metadata
+     *     in: formData
+     *     type: string
      *   oidcDiscoveryUrlPatch:
      *     name: oidcDiscoveryUrl
      *     description: well-known URL where the OpenID Provider configuration is exposed
@@ -311,6 +323,7 @@ class ConnectionAPIController {
      *       - $ref: '#/parameters/descriptionParamPatch'
      *       - $ref: '#/parameters/encodedRawMetadataParamPatch'
      *       - $ref: '#/parameters/rawMetadataParamPatch'
+     *       - $ref: '#/parameters/metadataUrlParamPatch'
      *       - $ref: '#/parameters/defaultRedirectUrlParamPatch'
      *       - $ref: '#/parameters/redirectUrlParamPatch'
      *       - $ref: '#/parameters/tenantParamPatch'
@@ -337,6 +350,7 @@ class ConnectionAPIController {
      *       - $ref: '#/parameters/descriptionParamPatch'
      *       - $ref: '#/parameters/encodedRawMetadataParamPatch'
      *       - $ref: '#/parameters/rawMetadataParamPatch'
+     *       - $ref: '#/parameters/metadataUrlParamPatch'
      *       - $ref: '#/parameters/oidcDiscoveryUrlPatch'
      *       - $ref: '#/parameters/oidcClientIdPatch'
      *       - $ref: '#/parameters/oidcClientSecretPatch'

package/dist/controller/connection/saml.js

@@ -51,9 +51,23 @@ const dbutils = __importStar(require("../../db/utils"));
 const utils_1 = require("../utils");
 const saml20_1 = __importDefault(require("@boxyhq/saml20"));
 const error_1 = require("../error");
+const axios_1 = __importDefault(require("axios"));
+function fetchMetadata(resource) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const response = yield (0, axios_1.default)(resource, {
+            maxContentLength: 1000000,
+            maxBodyLength: 1000000,
+            timeout: 8000,
+        }).catch((error) => {
+            var _a;
+            throw new error_1.JacksonError("Couldn't fetch XML data", ((_a = error.response) === null || _a === void 0 ? void 0 : _a.status) || 400);
+        });
+        return response.data;
+    });
+}
 const saml = {
     create: (body, connectionStore) => __awaiter(void 0, void 0, void 0, function* () {
-        const { encodedRawMetadata, rawMetadata, defaultRedirectUrl, redirectUrl, tenant, product, name, description, } = body;
+        const { encodedRawMetadata, rawMetadata, defaultRedirectUrl, redirectUrl, tenant, product, name, description, metadataUrl, } = body;
         const forceAuthn = body.forceAuthn == 'true' || body.forceAuthn == true;
         let connectionClientSecret;
         (0, utils_1.validateSSOConnection)(body, 'saml');
@@ -69,12 +83,14 @@ const saml = {
             clientID: '',
             clientSecret: '',
             forceAuthn,
+            metadataUrl,
         };
-        let metaData = rawMetadata;
+        let metadata = rawMetadata;
         if (encodedRawMetadata) {
-            metaData = Buffer.from(encodedRawMetadata, 'base64').toString();
+            metadata = Buffer.from(encodedRawMetadata, 'base64').toString();
         }
-        const idpMetadata = (yield saml20_1.default.parseMetadata(metaData, {}));
+        metadata = metadataUrl ? yield fetchMetadata(metadataUrl) : metadata;
+        const idpMetadata = (yield saml20_1.default.parseMetadata(metadata, {}));
         if (!idpMetadata.entityID) {
             throw new error_1.JacksonError("Couldn't parse EntityID from SAML metadata", 400);
         }
@@ -107,7 +123,7 @@ const saml = {
     update: (body, connectionStore, connectionsGetter) => __awaiter(void 0, void 0, void 0, function* () {
         const { encodedRawMetadata, // could be empty
         rawMetadata, // could be empty
-        defaultRedirectUrl, redirectUrl, name, description, forceAuthn = false } = body, clientInfo = __rest(body, ["encodedRawMetadata", "rawMetadata", "defaultRedirectUrl", "redirectUrl", "name", "description", "forceAuthn"]);
+        defaultRedirectUrl, redirectUrl, name, description, forceAuthn = false, metadataUrl } = body, clientInfo = __rest(body, ["encodedRawMetadata", "rawMetadata", "defaultRedirectUrl", "redirectUrl", "name", "description", "forceAuthn", "metadataUrl"]);
         if (!(clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientID)) {
             throw new error_1.JacksonError('Please provide clientID', 400);
         }
@@ -129,13 +145,14 @@ const saml = {
         if (_savedConnection.clientSecret !== (clientInfo === null || clientInfo === void 0 ? void 0 : clientInfo.clientSecret)) {
             throw new error_1.JacksonError('clientSecret mismatch', 400);
         }
-        let metaData = rawMetadata;
+        let metadata = rawMetadata;
         if (encodedRawMetadata) {
-            metaData = Buffer.from(encodedRawMetadata, 'base64').toString();
+            metadata = Buffer.from(encodedRawMetadata, 'base64').toString();
         }
+        metadata = metadataUrl ? yield fetchMetadata(metadataUrl) : metadata;
         let newMetadata;
-        if (metaData) {
-            newMetadata = yield saml20_1.default.parseMetadata(metaData, {});
+        if (metadata) {
+            newMetadata = yield saml20_1.default.parseMetadata(metadata, {});
             if (!newMetadata.entityID) {
                 throw new error_1.JacksonError("Couldn't parse EntityID from SAML metadata", 400);
             }

package/dist/controller/oauth.js

@@ -61,6 +61,8 @@ const validateSAMLResponse = (rawResponse, validateOpts) => __awaiter(void 0, vo
         if (!profile.claims.id && profile.claims.email) {
             profile.claims.id = crypto_1.default.createHash('sha256').update(profile.claims.email).digest('hex');
         }
+        // we'll send a ripemd160 hash of the id, this can be used in the case of email missing it can be used as the local part
+        profile.claims.idHash = dbutils.keyDigest(profile.claims.id);
     }
     return profile;
 });
@@ -604,6 +606,7 @@ class OAuthController {
             const idTokenClaims = tokenSet.claims();
             const userinfo = yield oidcClient.userinfo(tokenSet);
             profile.claims.id = idTokenClaims.sub;
+            profile.claims.idHash = dbutils.keyDigest(idTokenClaims.sub);
             profile.claims.email = (_a = idTokenClaims.email) !== null && _a !== void 0 ? _a : userinfo.email;
             profile.claims.firstName = (_b = idTokenClaims.given_name) !== null && _b !== void 0 ? _b : userinfo.given_name;
             profile.claims.lastName = (_c = idTokenClaims.family_name) !== null && _c !== void 0 ? _c : userinfo.family_name;

package/dist/controller/utils.js

@@ -128,12 +128,13 @@ const validateSSOConnection = (body, strategy) => {
     const oidcDiscoveryUrl = 'oidcDiscoveryUrl' in body ? body.oidcDiscoveryUrl : undefined;
     const oidcClientId = 'oidcClientId' in body ? body.oidcClientId : undefined;
     const oidcClientSecret = 'oidcClientSecret' in body ? body.oidcClientSecret : undefined;
+    const metadataUrl = 'metadataUrl' in body ? body.metadataUrl : undefined;
     if (strategy !== 'saml' && strategy !== 'oidc') {
         throw new error_1.JacksonError(`Strategy: ${strategy} not supported`, 400);
     }
     if (strategy === 'saml') {
-        if (!rawMetadata && !encodedRawMetadata) {
-            throw new error_1.JacksonError('Please provide rawMetadata or encodedRawMetadata', 400);
+        if (!rawMetadata && !encodedRawMetadata && !metadataUrl) {
+            throw new error_1.JacksonError('Please provide rawMetadata or encodedRawMetadata or metadataUrl', 400);
         }
     }
     if (strategy === 'oidc') {

package/dist/db/redis.js

@@ -69,7 +69,7 @@ class Redis {
         });
     }
     getAll(namespace, pageOffset, pageLimit) {
-        var e_1, _a;
+        var _a, e_1, _b, _c;
         return __awaiter(this, void 0, void 0, function* () {
             const offsetAndLimitValueCheck = !dbutils.isNumeric(pageOffset) && !dbutils.isNumeric(pageLimit);
             let take = Number(offsetAndLimitValueCheck ? this.options.pageLimit : pageLimit);
@@ -79,21 +79,28 @@ class Redis {
             let count = 0;
             take += skip;
             try {
-                for (var _b = __asyncValues(this.client.zScanIterator(dbutils.keyFromParts(dbutils.createdAtPrefix, namespace), Math.min(take, 1000))), _c; _c = yield _b.next(), !_c.done;) {
-                    const { score, value } = _c.value;
-                    if (count >= take) {
-                        break;
+                for (var _d = true, _e = __asyncValues(this.client.zScanIterator(dbutils.keyFromParts(dbutils.createdAtPrefix, namespace), Math.min(take, 1000))), _f; _f = yield _e.next(), _a = _f.done, !_a;) {
+                    _c = _f.value;
+                    _d = false;
+                    try {
+                        const { score, value } = _c;
+                        if (count >= take) {
+                            break;
+                        }
+                        if (count >= skip) {
+                            keyArray.push(dbutils.keyFromParts(namespace, value));
+                        }
+                        count++;
                     }
-                    if (count >= skip) {
-                        keyArray.push(dbutils.keyFromParts(namespace, value));
+                    finally {
+                        _d = true;
                     }
-                    count++;
                 }
             }
             catch (e_1_1) { e_1 = { error: e_1_1 }; }
             finally {
                 try {
-                    if (_c && !_c.done && (_a = _b.return)) yield _a.call(_b);
+                    if (!_d && !_a && (_b = _e.return)) yield _b.call(_e);
                 }
                 finally { if (e_1) throw e_1.error; }
             }

package/dist/loadConnection.js

@@ -36,6 +36,7 @@ const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const url = __importStar(require("url"));
 const loadConnection = (preLoadedConnection) => __awaiter(void 0, void 0, void 0, function* () {
+    var _a;
     if (preLoadedConnection.startsWith('./')) {
         preLoadedConnection = path.resolve(process.cwd(), preLoadedConnection);
     }
@@ -49,7 +50,7 @@ const loadConnection = (preLoadedConnection) => __awaiter(void 0, void 0, void 0
         if (file.endsWith('.js')) {
             const filePath = path.join(preLoadedConnection, file);
             const fileUrl = preLoadedConnection.startsWith('/') ? filePath : url.pathToFileURL(filePath).toString();
-            const { default: connection, } = yield Promise.resolve().then(() => __importStar(require(/* webpackIgnore: true */ fileUrl)));
+            const { default: connection, } = yield (_a = fileUrl, Promise.resolve().then(() => __importStar(require(_a))));
             if (!('oidcDiscoveryUrl' in connection)) {
                 const rawMetadata = yield fs.promises.readFile(path.join(preLoadedConnection, path.parse(file).name + '.xml'), 'utf8');
                 connection.encodedRawMetadata = Buffer.from(rawMetadata, 'utf8').toString('base64');

package/dist/typings.d.ts

@@ -13,10 +13,12 @@ export interface SAMLSSOConnection extends SSOConnection {
 export interface SAMLSSOConnectionWithRawMetadata extends SAMLSSOConnection {
     rawMetadata: string;
     encodedRawMetadata?: never;
+    metadataUrl?: string;
 }
 export interface SAMLSSOConnectionWithEncodedMetadata extends SAMLSSOConnection {
     rawMetadata?: never;
     encodedRawMetadata: string;
+    metadataUrl?: string;
 }
 export interface OIDCSSOConnection extends SSOConnection {
     oidcDiscoveryUrl: string;
@@ -26,6 +28,7 @@ export interface OIDCSSOConnection extends SSOConnection {
 export interface SAMLSSORecord extends SAMLSSOConnection {
     clientID: string;
     clientSecret: string;
+    metadataUrl?: string;
     idpMetadata: {
         entityID: string;
         loginType?: string;
@@ -52,21 +55,21 @@ export interface OIDCSSORecord extends SSOConnection {
         clientSecret?: string;
     };
 }
-export declare type ConnectionType = 'saml' | 'oidc';
-declare type ClientIDQuery = {
+export type ConnectionType = 'saml' | 'oidc';
+type ClientIDQuery = {
     clientID: string;
 };
-declare type TenantQuery = {
+type TenantQuery = {
     tenant: string;
     product: string;
     strategy?: ConnectionType;
 };
-export declare type GetConnectionsQuery = ClientIDQuery | TenantQuery;
-export declare type DelConnectionsQuery = (ClientIDQuery & {
+export type GetConnectionsQuery = ClientIDQuery | TenantQuery;
+export type DelConnectionsQuery = (ClientIDQuery & {
     clientSecret: string;
 }) | TenantQuery;
-export declare type GetConfigQuery = ClientIDQuery | Omit<TenantQuery, 'strategy'>;
-export declare type DelConfigQuery = (ClientIDQuery & {
+export type GetConfigQuery = ClientIDQuery | Omit<TenantQuery, 'strategy'>;
+export type DelConfigQuery = (ClientIDQuery & {
     clientSecret: string;
 }) | Omit<TenantQuery, 'strategy'>;
 export interface IConnectionAPIController {
@@ -177,7 +180,7 @@ export interface OAuthReqBodyWithResource extends OAuthReqBody {
     client_id: 'dummy';
     resource: string;
 }
-export declare type OAuthReq = OAuthReqBodyWithClientId | OAuthReqBodyWithTenantProduct | OAuthReqBodyWithAccessType | OAuthReqBodyWithResource;
+export type OAuthReq = OAuthReqBodyWithClientId | OAuthReqBodyWithTenantProduct | OAuthReqBodyWithAccessType | OAuthReqBodyWithResource;
 export interface SAMLResponsePayload {
     SAMLResponse: string;
     RelayState: string;
@@ -195,7 +198,7 @@ interface OIDCAuthzResponseError {
     error: OAuthErrorHandlerParams['error'] | OIDCErrorCodes;
     error_description?: string;
 }
-export declare type OIDCAuthzResponsePayload = OIDCAuthzResponseSuccess | OIDCAuthzResponseError;
+export type OIDCAuthzResponsePayload = OIDCAuthzResponseSuccess | OIDCAuthzResponseError;
 interface OAuthTokenReqBody {
     code: string;
     grant_type: 'authorization_code';
@@ -211,7 +214,7 @@ export interface OAuthTokenReqWithCredentials extends OAuthTokenReqBody {
     client_id: string;
     client_secret: string;
 }
-export declare type OAuthTokenReq = OAuthTokenReqWithCodeVerifier | OAuthTokenReqWithCredentials;
+export type OAuthTokenReq = OAuthTokenReqWithCodeVerifier | OAuthTokenReqWithCredentials;
 export interface OAuthTokenRes {
     access_token: string;
     id_token?: string;
@@ -220,6 +223,7 @@ export interface OAuthTokenRes {
 }
 export interface Profile {
     id: string;
+    idHash: string;
     sub?: string;
     email: string;
     firstName: string;
@@ -255,9 +259,9 @@ export interface Encrypted {
     tag?: string;
     value: string;
 }
-export declare type EncryptionKey = any;
-export declare type DatabaseEngine = 'redis' | 'sql' | 'mongo' | 'mem' | 'planetscale';
-export declare type DatabaseType = 'postgres' | 'mysql' | 'mariadb' | 'mssql';
+export type EncryptionKey = any;
+export type DatabaseEngine = 'redis' | 'sql' | 'mongo' | 'mem' | 'planetscale';
+export type DatabaseType = 'postgres' | 'mysql' | 'mariadb' | 'mssql';
 export interface DatabaseOption {
     engine?: DatabaseEngine;
     url?: string;
@@ -318,7 +322,7 @@ export interface OAuthErrorHandlerParams {
     redirect_uri: string;
     state?: string;
 }
-export declare type OIDCErrorCodes = 'interaction_required' | 'login_required' | 'account_selection_required' | 'consent_required' | 'invalid_request_uri' | 'invalid_request_object' | 'request_not_supported' | 'request_uri_not_supported' | 'registration_not_supported';
+export type OIDCErrorCodes = 'interaction_required' | 'login_required' | 'account_selection_required' | 'consent_required' | 'invalid_request_uri' | 'invalid_request_object' | 'request_not_supported' | 'request_uri_not_supported' | 'registration_not_supported';
 export interface ISPSAMLConfig {
     get(): Promise<{
         acsUrl: string;
@@ -332,7 +336,7 @@ export interface ISPSAMLConfig {
     toMarkdown(): string;
     toHTML(): string;
 }
-export declare type DirectorySyncEventType = 'user.created' | 'user.updated' | 'user.deleted' | 'group.created' | 'group.updated' | 'group.deleted' | 'group.user_added' | 'group.user_removed';
+export type DirectorySyncEventType = 'user.created' | 'user.updated' | 'user.deleted' | 'group.created' | 'group.updated' | 'group.deleted' | 'group.user_added' | 'group.user_removed';
 export interface Base {
     store(type: 'groups' | 'members' | 'users'): Storable;
     setTenant(tenant: string): this;
@@ -425,7 +429,7 @@ export interface Groups extends Base {
         error: ApiError | null;
     }>;
 }
-export declare type User = {
+export type User = {
     id: string;
     email: string;
     first_name: string;
@@ -433,7 +437,7 @@ export declare type User = {
     active: boolean;
     raw?: any;
 };
-export declare type Group = {
+export type Group = {
     id: string;
     name: string;
     raw?: any;
@@ -445,9 +449,9 @@ export declare enum DirectorySyncProviders {
     'jumpcloud-scim-v2' = "JumpCloud v2.0",
     'generic-scim-v2' = "SCIM Generic v2.0"
 }
-export declare type DirectoryType = keyof typeof DirectorySyncProviders;
-export declare type HTTPMethod = 'POST' | 'PUT' | 'DELETE' | 'GET' | 'PATCH';
-export declare type Directory = {
+export type DirectoryType = keyof typeof DirectorySyncProviders;
+export type HTTPMethod = 'POST' | 'PUT' | 'DELETE' | 'GET' | 'PATCH';
+export type Directory = {
     id: string;
     name: string;
     tenant: string;
@@ -464,7 +468,7 @@ export declare type Directory = {
         secret: string;
     };
 };
-export declare type DirectorySyncGroupMember = {
+export type DirectorySyncGroupMember = {
     value: string;
     email?: string;
 };
@@ -537,7 +541,7 @@ export interface IWebhookEventsLogger extends Base {
     delete(id: string): Promise<void>;
     updateStatus(log: WebhookEventLog, statusCode: number): Promise<WebhookEventLog>;
 }
-export declare type DirectorySyncResponse = {
+export type DirectorySyncResponse = {
     status: number;
     data?: any;
 };
@@ -560,7 +564,7 @@ export interface DirectorySyncRequest {
         filter?: string;
     };
 }
-export declare type DirectorySync = {
+export type DirectorySync = {
     requests: DirectorySyncRequestHandler;
     directories: DirectoryConfig;
     groups: Groups;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@boxyhq/saml-jackson",
-  "version": "1.3.6",
+  "version": "1.3.7",
   "description": "SAML Jackson library",
   "keywords": [
     "SAML 2.0"
@@ -40,19 +40,19 @@
     "statements": 70
   },
   "dependencies": {
-    "@boxyhq/saml20": "1.0.11",
+    "@boxyhq/saml20": "1.0.14",
     "@opentelemetry/api": "1.0.4",
     "@opentelemetry/api-metrics": "0.27.0",
     "axios": "1.1.3",
-    "jose": "4.10.4",
-    "marked": "4.2.2",
+    "jose": "4.11.0",
+    "marked": "4.2.3",
     "mongodb": "4.11.0",
     "mssql": "9.0.1",
     "mysql2": "2.3.3",
     "node-forge": "1.3.1",
-    "openid-client": "5.2.1",
+    "openid-client": "5.3.0",
     "pg": "8.8.0",
-    "redis": "4.4.0",
+    "redis": "4.5.0",
     "reflect-metadata": "0.1.13",
     "ripemd160": "2.0.2",
     "typeorm": "0.3.10",
@@ -64,17 +64,17 @@
     "@types/node": "18.11.9",
     "@types/sinon": "10.0.13",
     "@types/tap": "15.0.7",
-    "@typescript-eslint/eslint-plugin": "5.42.0",
-    "@typescript-eslint/parser": "5.42.0",
+    "@typescript-eslint/eslint-plugin": "5.43.0",
+    "@typescript-eslint/parser": "5.42.1",
     "cross-env": "7.0.3",
-    "eslint": "8.27.0",
+    "eslint": "8.28.0",
     "eslint-config-prettier": "8.5.0",
     "prettier": "2.7.1",
-    "sinon": "14.0.1",
+    "sinon": "14.0.2",
     "tap": "16.3.0",
     "ts-node": "10.9.1",
     "tsconfig-paths": "4.1.0",
-    "typescript": "4.8.4"
+    "typescript": "4.9.3"
   },
   "engines": {
     "node": ">=14.18.1 <=18.x"