npm - @boxyhq/saml-jackson - Versions diffs - 1.33.1-beta.1 → 1.34.0 - Mend

@boxyhq/saml-jackson 1.33.1-beta.1 → 1.34.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (278) hide show

package/dist/typings.d.ts +1 -1
package/package.json +1 -1
package/dist/controller/oauth/oidc-issuer.d.ts +0 -2
package/dist/controller/oauth/oidc-issuer.js +0 -25
package/dist/controller/oauth/oidc-issuer.js.map +0 -1
package/dist/src/controller/admin.d.ts +0 -27
package/dist/src/controller/admin.js +0 -60
package/dist/src/controller/admin.js.map +0 -1
package/dist/src/controller/analytics.d.ts +0 -16
package/dist/src/controller/analytics.js +0 -79
package/dist/src/controller/analytics.js.map +0 -1
package/dist/src/controller/api.d.ts +0 -557
package/dist/src/controller/api.js +0 -806
package/dist/src/controller/api.js.map +0 -1
package/dist/src/controller/connection/oidc.d.ts +0 -7
package/dist/src/controller/connection/oidc.js +0 -181
package/dist/src/controller/connection/oidc.js.map +0 -1
package/dist/src/controller/connection/saml.d.ts +0 -7
package/dist/src/controller/connection/saml.js +0 -250
package/dist/src/controller/connection/saml.js.map +0 -1
package/dist/src/controller/error.d.ts +0 -10
package/dist/src/controller/error.js +0 -13
package/dist/src/controller/error.js.map +0 -1
package/dist/src/controller/health-check.d.ts +0 -11
package/dist/src/controller/health-check.js +0 -51
package/dist/src/controller/health-check.js.map +0 -1
package/dist/src/controller/logout.d.ts +0 -18
package/dist/src/controller/logout.js +0 -132
package/dist/src/controller/logout.js.map +0 -1
package/dist/src/controller/oauth/allowed.d.ts +0 -1
package/dist/src/controller/oauth/allowed.js +0 -30
package/dist/src/controller/oauth/allowed.js.map +0 -1
package/dist/src/controller/oauth/code-verifier.d.ts +0 -1
package/dist/src/controller/oauth/code-verifier.js +0 -8
package/dist/src/controller/oauth/code-verifier.js.map +0 -1
package/dist/src/controller/oauth/oidc-client.d.ts +0 -12
package/dist/src/controller/oauth/oidc-client.js +0 -89
package/dist/src/controller/oauth/oidc-client.js.map +0 -1
package/dist/src/controller/oauth/redirect.d.ts +0 -1
package/dist/src/controller/oauth/redirect.js +0 -13
package/dist/src/controller/oauth/redirect.js.map +0 -1
package/dist/src/controller/oauth.d.ts +0 -142
package/dist/src/controller/oauth.js +0 -1112
package/dist/src/controller/oauth.js.map +0 -1
package/dist/src/controller/oidc-discovery.d.ts +0 -22
package/dist/src/controller/oidc-discovery.js +0 -47
package/dist/src/controller/oidc-discovery.js.map +0 -1
package/dist/src/controller/setup-link.d.ts +0 -307
package/dist/src/controller/setup-link.js +0 -462
package/dist/src/controller/setup-link.js.map +0 -1
package/dist/src/controller/sp-config.d.ts +0 -22
package/dist/src/controller/sp-config.js +0 -89
package/dist/src/controller/sp-config.js.map +0 -1
package/dist/src/controller/sso-handler.d.ts +0 -66
package/dist/src/controller/sso-handler.js +0 -306
package/dist/src/controller/sso-handler.js.map +0 -1
package/dist/src/controller/utils.d.ts +0 -84
package/dist/src/controller/utils.js +0 -328
package/dist/src/controller/utils.js.map +0 -1
package/dist/src/cron/lock.d.ts +0 -18
package/dist/src/cron/lock.js +0 -98
package/dist/src/cron/lock.js.map +0 -1
package/dist/src/db/db.d.ts +0 -5
package/dist/src/db/db.js +0 -178
package/dist/src/db/db.js.map +0 -1
package/dist/src/db/defaultDb.d.ts +0 -2
package/dist/src/db/defaultDb.js +0 -18
package/dist/src/db/defaultDb.js.map +0 -1
package/dist/src/db/dynamoDb.d.ts +0 -19
package/dist/src/db/dynamoDb.js +0 -320
package/dist/src/db/dynamoDb.js.map +0 -1
package/dist/src/db/encrypter.d.ts +0 -3
package/dist/src/db/encrypter.js +0 -22
package/dist/src/db/encrypter.js.map +0 -1
package/dist/src/db/mem.d.ts +0 -23
package/dist/src/db/mem.js +0 -186
package/dist/src/db/mem.js.map +0 -1
package/dist/src/db/mongo.d.ts +0 -22
package/dist/src/db/mongo.js +0 -177
package/dist/src/db/mongo.js.map +0 -1
package/dist/src/db/planetscale/entity/JacksonIndex.d.ts +0 -5
package/dist/src/db/planetscale/entity/JacksonIndex.js +0 -32
package/dist/src/db/planetscale/entity/JacksonIndex.js.map +0 -1
package/dist/src/db/planetscale/entity/JacksonStore.d.ts +0 -9
package/dist/src/db/planetscale/entity/JacksonStore.js +0 -63
package/dist/src/db/planetscale/entity/JacksonStore.js.map +0 -1
package/dist/src/db/planetscale/entity/JacksonTTL.d.ts +0 -4
package/dist/src/db/planetscale/entity/JacksonTTL.js +0 -27
package/dist/src/db/planetscale/entity/JacksonTTL.js.map +0 -1
package/dist/src/db/redis.d.ts +0 -18
package/dist/src/db/redis.js +0 -214
package/dist/src/db/redis.js.map +0 -1
package/dist/src/db/sql/entity/JacksonIndex.d.ts +0 -7
package/dist/src/db/sql/entity/JacksonIndex.js +0 -39
package/dist/src/db/sql/entity/JacksonIndex.js.map +0 -1
package/dist/src/db/sql/entity/JacksonStore.d.ts +0 -9
package/dist/src/db/sql/entity/JacksonStore.js +0 -61
package/dist/src/db/sql/entity/JacksonStore.js.map +0 -1
package/dist/src/db/sql/entity/JacksonTTL.d.ts +0 -4
package/dist/src/db/sql/entity/JacksonTTL.js +0 -27
package/dist/src/db/sql/entity/JacksonTTL.js.map +0 -1
package/dist/src/db/sql/mariadb/entity/JacksonIndex.d.ts +0 -7
package/dist/src/db/sql/mariadb/entity/JacksonIndex.js +0 -39
package/dist/src/db/sql/mariadb/entity/JacksonIndex.js.map +0 -1
package/dist/src/db/sql/mariadb/entity/JacksonStore.d.ts +0 -9
package/dist/src/db/sql/mariadb/entity/JacksonStore.js +0 -63
package/dist/src/db/sql/mariadb/entity/JacksonStore.js.map +0 -1
package/dist/src/db/sql/mariadb/entity/JacksonTTL.d.ts +0 -4
package/dist/src/db/sql/mariadb/entity/JacksonTTL.js +0 -27
package/dist/src/db/sql/mariadb/entity/JacksonTTL.js.map +0 -1
package/dist/src/db/sql/mssql/entity/JacksonIndex.d.ts +0 -7
package/dist/src/db/sql/mssql/entity/JacksonIndex.js +0 -39
package/dist/src/db/sql/mssql/entity/JacksonIndex.js.map +0 -1
package/dist/src/db/sql/mssql/entity/JacksonStore.d.ts +0 -9
package/dist/src/db/sql/mssql/entity/JacksonStore.js +0 -61
package/dist/src/db/sql/mssql/entity/JacksonStore.js.map +0 -1
package/dist/src/db/sql/mssql/entity/JacksonTTL.d.ts +0 -4
package/dist/src/db/sql/mssql/entity/JacksonTTL.js +0 -27
package/dist/src/db/sql/mssql/entity/JacksonTTL.js.map +0 -1
package/dist/src/db/sql/mssql.d.ts +0 -1
package/dist/src/db/sql/mssql.js +0 -44
package/dist/src/db/sql/mssql.js.map +0 -1
package/dist/src/db/sql/sql.d.ts +0 -32
package/dist/src/db/sql/sql.js +0 -318
package/dist/src/db/sql/sql.js.map +0 -1
package/dist/src/db/sql/sqlite/entity/JacksonIndex.d.ts +0 -7
package/dist/src/db/sql/sqlite/entity/JacksonIndex.js +0 -39
package/dist/src/db/sql/sqlite/entity/JacksonIndex.js.map +0 -1
package/dist/src/db/sql/sqlite/entity/JacksonStore.d.ts +0 -9
package/dist/src/db/sql/sqlite/entity/JacksonStore.js +0 -61
package/dist/src/db/sql/sqlite/entity/JacksonStore.js.map +0 -1
package/dist/src/db/sql/sqlite/entity/JacksonTTL.d.ts +0 -4
package/dist/src/db/sql/sqlite/entity/JacksonTTL.js +0 -27
package/dist/src/db/sql/sqlite/entity/JacksonTTL.js.map +0 -1
package/dist/src/db/store.d.ts +0 -5
package/dist/src/db/store.js +0 -65
package/dist/src/db/store.js.map +0 -1
package/dist/src/db/utils.d.ts +0 -16
package/dist/src/db/utils.js +0 -28
package/dist/src/db/utils.js.map +0 -1
package/dist/src/directory-sync/batch-events/queue.d.ts +0 -40
package/dist/src/directory-sync/batch-events/queue.js +0 -225
package/dist/src/directory-sync/batch-events/queue.js.map +0 -1
package/dist/src/directory-sync/index.d.ts +0 -27
package/dist/src/directory-sync/index.js +0 -97
package/dist/src/directory-sync/index.js.map +0 -1
package/dist/src/directory-sync/non-scim/google/api.d.ts +0 -36
package/dist/src/directory-sync/non-scim/google/api.js +0 -143
package/dist/src/directory-sync/non-scim/google/api.js.map +0 -1
package/dist/src/directory-sync/non-scim/google/index.d.ts +0 -12
package/dist/src/directory-sync/non-scim/google/index.js +0 -10
package/dist/src/directory-sync/non-scim/google/index.js.map +0 -1
package/dist/src/directory-sync/non-scim/google/oauth.d.ts +0 -27
package/dist/src/directory-sync/non-scim/google/oauth.js +0 -105
package/dist/src/directory-sync/non-scim/google/oauth.js.map +0 -1
package/dist/src/directory-sync/non-scim/index.d.ts +0 -24
package/dist/src/directory-sync/non-scim/index.js +0 -85
package/dist/src/directory-sync/non-scim/index.js.map +0 -1
package/dist/src/directory-sync/non-scim/syncGroupMembers.d.ts +0 -23
package/dist/src/directory-sync/non-scim/syncGroupMembers.js +0 -105
package/dist/src/directory-sync/non-scim/syncGroupMembers.js.map +0 -1
package/dist/src/directory-sync/non-scim/syncGroups.d.ts +0 -24
package/dist/src/directory-sync/non-scim/syncGroups.js +0 -120
package/dist/src/directory-sync/non-scim/syncGroups.js.map +0 -1
package/dist/src/directory-sync/non-scim/syncUsers.d.ts +0 -24
package/dist/src/directory-sync/non-scim/syncUsers.js +0 -120
package/dist/src/directory-sync/non-scim/syncUsers.js.map +0 -1
package/dist/src/directory-sync/non-scim/utils.d.ts +0 -36
package/dist/src/directory-sync/non-scim/utils.js +0 -109
package/dist/src/directory-sync/non-scim/utils.js.map +0 -1
package/dist/src/directory-sync/request.d.ts +0 -14
package/dist/src/directory-sync/request.js +0 -29
package/dist/src/directory-sync/request.js.map +0 -1
package/dist/src/directory-sync/scim/Base.d.ts +0 -12
package/dist/src/directory-sync/scim/Base.js +0 -23
package/dist/src/directory-sync/scim/Base.js.map +0 -1
package/dist/src/directory-sync/scim/DirectoryConfig.d.ts +0 -343
package/dist/src/directory-sync/scim/DirectoryConfig.js +0 -580
package/dist/src/directory-sync/scim/DirectoryConfig.js.map +0 -1
package/dist/src/directory-sync/scim/DirectoryGroups.d.ts +0 -28
package/dist/src/directory-sync/scim/DirectoryGroups.js +0 -252
package/dist/src/directory-sync/scim/DirectoryGroups.js.map +0 -1
package/dist/src/directory-sync/scim/DirectoryUsers.d.ts +0 -25
package/dist/src/directory-sync/scim/DirectoryUsers.js +0 -193
package/dist/src/directory-sync/scim/DirectoryUsers.js.map +0 -1
package/dist/src/directory-sync/scim/Groups.d.ts +0 -166
package/dist/src/directory-sync/scim/Groups.js +0 -348
package/dist/src/directory-sync/scim/Groups.js.map +0 -1
package/dist/src/directory-sync/scim/Users.d.ts +0 -99
package/dist/src/directory-sync/scim/Users.js +0 -215
package/dist/src/directory-sync/scim/Users.js.map +0 -1
package/dist/src/directory-sync/scim/WebhookEventsLogger.d.ts +0 -101
package/dist/src/directory-sync/scim/WebhookEventsLogger.js +0 -165
package/dist/src/directory-sync/scim/WebhookEventsLogger.js.map +0 -1
package/dist/src/directory-sync/scim/transform.d.ts +0 -6
package/dist/src/directory-sync/scim/transform.js +0 -37
package/dist/src/directory-sync/scim/transform.js.map +0 -1
package/dist/src/directory-sync/scim/utils.d.ts +0 -33
package/dist/src/directory-sync/scim/utils.js +0 -129
package/dist/src/directory-sync/scim/utils.js.map +0 -1
package/dist/src/directory-sync/types.d.ts +0 -195
package/dist/src/directory-sync/types.js +0 -10
package/dist/src/directory-sync/types.js.map +0 -1
package/dist/src/directory-sync/utils.d.ts +0 -19
package/dist/src/directory-sync/utils.js +0 -56
package/dist/src/directory-sync/utils.js.map +0 -1
package/dist/src/ee/branding/index.d.ts +0 -17
package/dist/src/ee/branding/index.js +0 -49
package/dist/src/ee/branding/index.js.map +0 -1
package/dist/src/ee/common/checkLicense.d.ts +0 -3
package/dist/src/ee/common/checkLicense.js +0 -23
package/dist/src/ee/common/checkLicense.js.map +0 -1
package/dist/src/ee/identity-federation/app.d.ts +0 -328
package/dist/src/ee/identity-federation/app.js +0 -532
package/dist/src/ee/identity-federation/app.js.map +0 -1
package/dist/src/ee/identity-federation/idp-login.d.ts +0 -18
package/dist/src/ee/identity-federation/idp-login.js +0 -98
package/dist/src/ee/identity-federation/idp-login.js.map +0 -1
package/dist/src/ee/identity-federation/index.d.ts +0 -15
package/dist/src/ee/identity-federation/index.js +0 -43
package/dist/src/ee/identity-federation/index.js.map +0 -1
package/dist/src/ee/identity-federation/sso.d.ts +0 -24
package/dist/src/ee/identity-federation/sso.js +0 -124
package/dist/src/ee/identity-federation/sso.js.map +0 -1
package/dist/src/ee/identity-federation/types.d.ts +0 -38
package/dist/src/ee/identity-federation/types.js +0 -2
package/dist/src/ee/identity-federation/types.js.map +0 -1
package/dist/src/ee/ory/ory.d.ts +0 -18
package/dist/src/ee/ory/ory.js +0 -195
package/dist/src/ee/ory/ory.js.map +0 -1
package/dist/src/ee/product/index.d.ts +0 -14
package/dist/src/ee/product/index.js +0 -45
package/dist/src/ee/product/index.js.map +0 -1
package/dist/src/event/axios.d.ts +0 -2
package/dist/src/event/axios.js +0 -27
package/dist/src/event/axios.js.map +0 -1
package/dist/src/event/index.d.ts +0 -11
package/dist/src/event/index.js +0 -53
package/dist/src/event/index.js.map +0 -1
package/dist/src/event/types.d.ts +0 -21
package/dist/src/event/types.js +0 -2
package/dist/src/event/types.js.map +0 -1
package/dist/src/event/utils.d.ts +0 -4
package/dist/src/event/utils.js +0 -33
package/dist/src/event/utils.js.map +0 -1
package/dist/src/event/webhook.d.ts +0 -3
package/dist/src/event/webhook.js +0 -34
package/dist/src/event/webhook.js.map +0 -1
package/dist/src/index.d.ts +0 -35
package/dist/src/index.js +0 -161
package/dist/src/index.js.map +0 -1
package/dist/src/loadConnection.d.ts +0 -4
package/dist/src/loadConnection.js +0 -38
package/dist/src/loadConnection.js.map +0 -1
package/dist/src/opentelemetry/metrics.d.ts +0 -14
package/dist/src/opentelemetry/metrics.js +0 -64
package/dist/src/opentelemetry/metrics.js.map +0 -1
package/dist/src/saml/claims.d.ts +0 -12
package/dist/src/saml/claims.js +0 -57
package/dist/src/saml/claims.js.map +0 -1
package/dist/src/saml/lib.d.ts +0 -8
package/dist/src/saml/lib.js +0 -29
package/dist/src/saml/lib.js.map +0 -1
package/dist/src/saml/x509.d.ts +0 -9
package/dist/src/saml/x509.js +0 -93
package/dist/src/saml/x509.js.map +0 -1
package/dist/src/sso-traces/index.d.ts +0 -114
package/dist/src/sso-traces/index.js +0 -229
package/dist/src/sso-traces/index.js.map +0 -1
package/dist/src/sso-traces/types.d.ts +0 -44
package/dist/src/sso-traces/types.js +0 -2
package/dist/src/sso-traces/types.js.map +0 -1
package/dist/src/typings.d.ts +0 -540
package/dist/src/typings.js +0 -5
package/dist/src/typings.js.map +0 -1
package/dist/typeorm.d.ts +0 -3
package/dist/typeorm.js +0 -58
package/dist/typeorm.js.map +0 -1

package/dist/src/controller/logout.js DELETED Viewed

@@ -1,132 +0,0 @@
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-import crypto from 'crypto';
-import { promisify } from 'util';
-import { deflateRaw } from 'zlib';
-import * as dbutils from '../db/utils';
-import saml from '@boxyhq/saml20';
-import { JacksonError } from './error';
-import * as redirect from './oauth/redirect';
-import { IndexNames } from './utils';
-import { getDefaultCertificate } from '../saml/x509';
-const deflateRawAsync = promisify(deflateRaw);
-const relayStatePrefix = 'boxyhq_jackson_';
-const logoutXPath = "/*[local-name(.)='LogoutRequest']";
-export class LogoutController {
-    constructor({ connectionStore, sessionStore, opts }) {
-        this.opts = opts;
-        this.connectionStore = connectionStore;
-        this.sessionStore = sessionStore;
-    }
-    // Create SLO Request
-    createRequest(_a) {
-        return __awaiter(this, arguments, void 0, function* ({ nameId, tenant, product, redirectUrl }) {
-            let samlConnection = null;
-            if (tenant && product) {
-                const samlConnections = (yield this.connectionStore.getByIndex({
-                    name: IndexNames.TenantProduct,
-                    value: dbutils.keyFromParts(tenant, product),
-                })).data;
-                if (!samlConnections || samlConnections.length === 0) {
-                    throw new JacksonError('SAML connection not found.', 403);
-                }
-                samlConnection = samlConnections[0];
-            }
-            if (!samlConnection) {
-                throw new JacksonError('SAML connection not found.', 403);
-            }
-            const { idpMetadata: { slo, provider }, } = samlConnection;
-            const { privateKey, publicKey } = yield getDefaultCertificate();
-            if ('redirectUrl' in slo === false && 'postUrl' in slo === false) {
-                throw new JacksonError(`${provider} doesn't support SLO or disabled by IdP.`, 400);
-            }
-            const { id, xml } = saml.createLogoutRequest({
-                nameId,
-                providerName: this.opts.samlAudience,
-                sloUrl: slo.redirectUrl,
-            });
-            const sessionId = crypto.randomBytes(16).toString('hex');
-            let logoutUrl = null;
-            let logoutForm = null;
-            const relayState = relayStatePrefix + sessionId;
-            const signedXML = yield signXML(xml, privateKey, publicKey);
-            yield this.sessionStore.put(sessionId, {
-                id,
-                redirectUrl,
-            });
-            // HTTP-Redirect binding
-            if ('redirectUrl' in slo) {
-                logoutUrl = redirect.success(slo.redirectUrl, {
-                    SAMLRequest: Buffer.from(yield deflateRawAsync(signedXML)).toString('base64'),
-                    RelayState: relayState,
-                });
-            }
-            // HTTP-POST binding
-            if ('postUrl' in slo) {
-                logoutForm = saml.createPostForm(slo.postUrl, [
-                    {
-                        name: 'RelayState',
-                        value: relayState,
-                    },
-                    {
-                        name: 'SAMLRequest',
-                        value: Buffer.from(signedXML).toString('base64'),
-                    },
-                ]);
-            }
-            return { logoutUrl, logoutForm };
-        });
-    }
-    // Handle SLO Response
-    handleResponse(_a) {
-        return __awaiter(this, arguments, void 0, function* ({ SAMLResponse, RelayState }) {
-            var _b;
-            const rawResponse = Buffer.from(SAMLResponse, 'base64').toString();
-            const sessionId = RelayState.replace(relayStatePrefix, '');
-            const session = yield this.sessionStore.get(sessionId);
-            if (!session) {
-                throw new JacksonError('Unable to validate state from the origin request.', 403);
-            }
-            const parsedResponse = yield saml.parseLogoutResponse(rawResponse);
-            if (parsedResponse.status !== 'urn:oasis:names:tc:SAML:2.0:status:Success') {
-                throw new JacksonError(`SLO failed with status ${parsedResponse.status}.`, 400);
-            }
-            if (parsedResponse.inResponseTo !== session.id) {
-                throw new JacksonError(`SLO failed with mismatched request ID.`, 400);
-            }
-            const samlConnections = (yield this.connectionStore.getByIndex({
-                name: IndexNames.EntityID,
-                value: parsedResponse.issuer,
-            })).data;
-            if (!samlConnections || samlConnections.length === 0) {
-                throw new JacksonError('SAML connection not found.', 403);
-            }
-            const { idpMetadata, defaultRedirectUrl } = samlConnections[0];
-            if (!(yield saml.validateSignature(rawResponse, null, idpMetadata.thumbprint))) {
-                throw new JacksonError('Invalid signature.', 403);
-            }
-            try {
-                yield this.sessionStore.delete(sessionId);
-                // eslint-disable-next-line @typescript-eslint/no-unused-vars
-            }
-            catch (_err) {
-                // Ignore
-            }
-            return {
-                redirectUrl: (_b = session.redirectUrl) !== null && _b !== void 0 ? _b : defaultRedirectUrl,
-            };
-        });
-    }
-}
-// Sign the XML
-const signXML = (xml, signingKey, publicKey) => __awaiter(void 0, void 0, void 0, function* () {
-    return yield saml.sign(xml, signingKey, publicKey, logoutXPath);
-});
-//# sourceMappingURL=logout.js.map

package/dist/src/controller/logout.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"logout.js","sourceRoot":"","sources":["../../../src/controller/logout.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AACjC,OAAO,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAClC,OAAO,KAAK,OAAO,MAAM,aAAa,CAAC;AAEvC,OAAO,IAAI,MAAM,gBAAgB,CAAC;AAElC,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,KAAK,QAAQ,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAErD,MAAM,eAAe,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;AAE9C,MAAM,gBAAgB,GAAG,iBAAiB,CAAC;AAC3C,MAAM,WAAW,GAAG,mCAAmC,CAAC;AAExD,MAAM,OAAO,gBAAgB;IAK3B,YAAY,EAAE,eAAe,EAAE,YAAY,EAAE,IAAI,EAAE;QACjD,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QACvC,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;IACnC,CAAC;IAED,qBAAqB;IACR,aAAa;6DAAC,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,EAAoB;YACnF,IAAI,cAAc,GAA0B,IAAI,CAAC;YAEjD,IAAI,MAAM,IAAI,OAAO,EAAE,CAAC;gBACtB,MAAM,eAAe,GAAG,CACtB,MAAM,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC;oBACpC,IAAI,EAAE,UAAU,CAAC,aAAa;oBAC9B,KAAK,EAAE,OAAO,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC;iBAC7C,CAAC,CACH,CAAC,IAAI,CAAC;gBAEP,IAAI,CAAC,eAAe,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBACrD,MAAM,IAAI,YAAY,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC;gBAC5D,CAAC;gBAED,cAAc,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,IAAI,CAAC,cAAc,EAAE,CAAC;gBACpB,MAAM,IAAI,YAAY,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC;YAC5D,CAAC;YAED,MAAM,EACJ,WAAW,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,GAC/B,GAAG,cAAc,CAAC;YAEnB,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,MAAM,qBAAqB,EAAE,CAAC;YAEhE,IAAI,aAAa,IAAI,GAAG,KAAK,KAAK,IAAI,SAAS,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;gBACjE,MAAM,IAAI,YAAY,CAAC,GAAG,QAAQ,0CAA0C,EAAE,GAAG,CAAC,CAAC;YACrF,CAAC;YAED,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,mBAAmB,CAAC;gBAC3C,MAAM;gBACN,YAAY,EAAE,IAAI,CAAC,IAAI,CAAC,YAAa;gBACrC,MAAM,EAAE,GAAG,CAAC,WAAqB;aAClC,CAAC,CAAC;YACH,MAAM,SAAS,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YAEzD,IAAI,SAAS,GAAkB,IAAI,CAAC;YACpC,IAAI,UAAU,GAAkB,IAAI,CAAC;YAErC,MAAM,UAAU,GAAG,gBAAgB,GAAG,SAAS,CAAC;YAChD,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,GAAG,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;YAE5D,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,EAAE;gBACrC,EAAE;gBACF,WAAW;aACZ,CAAC,CAAC;YAEH,wBAAwB;YACxB,IAAI,aAAa,IAAI,GAAG,EAAE,CAAC;gBACzB,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,WAAqB,EAAE;oBACtD,WAAW,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,eAAe,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;oBAC7E,UAAU,EAAE,UAAU;iBACvB,CAAC,CAAC;YACL,CAAC;YAED,oBAAoB;YACpB,IAAI,SAAS,IAAI,GAAG,EAAE,CAAC;gBACrB,UAAU,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,OAAiB,EAAE;oBACtD;wBACE,IAAI,EAAE,YAAY;wBAClB,KAAK,EAAE,UAAU;qBAClB;oBACD;wBACE,IAAI,EAAE,aAAa;wBACnB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;qBACjD;iBACF,CAAC,CAAC;YACL,CAAC;YAED,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,CAAC;QACnC,CAAC;KAAA;IAED,sBAAsB;IACT,cAAc;6DAAC,EAAE,YAAY,EAAE,UAAU,EAAuB;;YAC3E,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;YAEnE,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC;YAC3D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YAEvD,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,YAAY,CAAC,mDAAmD,EAAE,GAAG,CAAC,CAAC;YACnF,CAAC;YAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC;YAEnE,IAAI,cAAc,CAAC,MAAM,KAAK,4CAA4C,EAAE,CAAC;gBAC3E,MAAM,IAAI,YAAY,CAAC,0BAA0B,cAAc,CAAC,MAAM,GAAG,EAAE,GAAG,CAAC,CAAC;YAClF,CAAC;YAED,IAAI,cAAc,CAAC,YAAY,KAAK,OAAO,CAAC,EAAE,EAAE,CAAC;gBAC/C,MAAM,IAAI,YAAY,CAAC,wCAAwC,EAAE,GAAG,CAAC,CAAC;YACxE,CAAC;YAED,MAAM,eAAe,GAAG,CACtB,MAAM,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC;gBACpC,IAAI,EAAE,UAAU,CAAC,QAAQ;gBACzB,KAAK,EAAE,cAAc,CAAC,MAAM;aAC7B,CAAC,CACH,CAAC,IAAI,CAAC;YAEP,IAAI,CAAC,eAAe,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACrD,MAAM,IAAI,YAAY,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC;YAC5D,CAAC;YAED,MAAM,EAAE,WAAW,EAAE,kBAAkB,EAAE,GAAmB,eAAe,CAAC,CAAC,CAAC,CAAC;YAE/E,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,IAAI,EAAE,WAAW,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;gBAC/E,MAAM,IAAI,YAAY,CAAC,oBAAoB,EAAE,GAAG,CAAC,CAAC;YACpD,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;gBAC1C,6DAA6D;YAC/D,CAAC;YAAC,OAAO,IAAI,EAAE,CAAC;gBACd,SAAS;YACX,CAAC;YAED,OAAO;gBACL,WAAW,EAAE,MAAA,OAAO,CAAC,WAAW,mCAAI,kBAAkB;aACvD,CAAC;QACJ,CAAC;KAAA;CACF;AAED,eAAe;AACf,MAAM,OAAO,GAAG,CAAO,GAAW,EAAE,UAAkB,EAAE,SAAiB,EAAmB,EAAE;IAC5F,OAAO,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;AAClE,CAAC,CAAA,CAAC"}

package/dist/src/controller/oauth/allowed.d.ts DELETED Viewed

	@@ -1 +0,0 @@
1	- export declare const redirect: (redirectUrl: string, redirectUrls: string[]) => boolean;

package/dist/src/controller/oauth/allowed.js DELETED Viewed

@@ -1,30 +0,0 @@
-const redirectUrlPlaceholder = 'http://_boxyhq_redirect_not_in_use';
-export const redirect = (redirectUrl, redirectUrls) => {
-    // Don't allow redirect to URL placeholder
-    if (redirectUrl === redirectUrlPlaceholder) {
-        return false;
-    }
-    const url = new URL(redirectUrl);
-    for (const idx in redirectUrls) {
-        const rUrl = new URL(redirectUrls[idx]);
-        let hostname = url.hostname;
-        let hostNameAllowed = rUrl.hostname;
-        // allow subdomain globbing *.example.com only
-        try {
-            if (rUrl.hostname.startsWith('*.')) {
-                hostNameAllowed = rUrl.hostname.slice(2);
-                hostname = hostname.slice(hostname.indexOf('.') + 1);
-            }
-            // eslint-disable-next-line @typescript-eslint/no-unused-vars
-        }
-        catch (e) {
-            // no-op
-        }
-        // TODO: Check pathname, for now pathname is ignored
-        if (rUrl.protocol === url.protocol && hostNameAllowed === hostname && rUrl.port === url.port) {
-            return true;
-        }
-    }
-    return false;
-};
-//# sourceMappingURL=allowed.js.map

package/dist/src/controller/oauth/allowed.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"allowed.js","sourceRoot":"","sources":["../../../../src/controller/oauth/allowed.ts"],"names":[],"mappings":"AAAA,MAAM,sBAAsB,GAAG,oCAAoC,CAAC;AAEpE,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,WAAmB,EAAE,YAAsB,EAAW,EAAE;IAC/E,0CAA0C;IAC1C,IAAI,WAAW,KAAK,sBAAsB,EAAE,CAAC;QAC3C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,GAAG,GAAQ,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;IAEtC,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;QAC/B,MAAM,IAAI,GAAQ,IAAI,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC;QAE7C,IAAI,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;QAC5B,IAAI,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC;QAEpC,8CAA8C;QAC9C,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;gBACnC,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBACzC,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;YACvD,CAAC;YACD,6DAA6D;QAC/D,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,QAAQ;QACV,CAAC;QAED,oDAAoD;QAEpD,IAAI,IAAI,CAAC,QAAQ,KAAK,GAAG,CAAC,QAAQ,IAAI,eAAe,KAAK,QAAQ,IAAI,IAAI,CAAC,IAAI,KAAK,GAAG,CAAC,IAAI,EAAE,CAAC;YAC7F,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC,CAAC"}

package/dist/src/controller/oauth/code-verifier.d.ts DELETED Viewed

	@@ -1 +0,0 @@
1	- export declare const encode: (code_challenge: string) => string;

package/dist/src/controller/oauth/code-verifier.js DELETED Viewed

@@ -1,8 +0,0 @@
-import crypto from 'crypto';
-const transformBase64 = (input) => {
-    return input.replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_');
-};
-export const encode = (code_challenge) => {
-    return transformBase64(crypto.createHash('sha256').update(code_challenge).digest('base64'));
-};
-//# sourceMappingURL=code-verifier.js.map

package/dist/src/controller/oauth/code-verifier.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"code-verifier.js","sourceRoot":"","sources":["../../../../src/controller/oauth/code-verifier.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAE5B,MAAM,eAAe,GAAG,CAAC,KAAa,EAAU,EAAE;IAChD,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AACzE,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,MAAM,GAAG,CAAC,cAAsB,EAAU,EAAE;IACvD,OAAO,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;AAC9F,CAAC,CAAC"}

package/dist/src/controller/oauth/oidc-client.d.ts DELETED Viewed

@@ -1,12 +0,0 @@
-import type { ServerMetadata, Configuration } from 'openid-client' with { 'resolution-mode': 'import' };
-import { SSOTrace, SSOTracesInstance } from '../../typings';
-export declare const oidcClientConfig: ({ discoveryUrl, metadata, clientId, clientSecret, ssoTraces, }: {
-    discoveryUrl?: string;
-    metadata?: ServerMetadata;
-    clientId: string;
-    clientSecret: string;
-    ssoTraces: {
-        instance: SSOTracesInstance;
-        context: SSOTrace["context"];
-    };
-}) => Promise<Configuration>;

package/dist/src/controller/oauth/oidc-client.js DELETED Viewed

@@ -1,89 +0,0 @@
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-import * as http from 'http';
-import * as https from 'https';
-import { JacksonError } from '../error';
-import { URL } from 'url';
-const createCustomFetch = (ssoTraces) => {
-    return (url, options) => __awaiter(void 0, void 0, void 0, function* () {
-        return new Promise((resolve, reject) => {
-            const parsedUrl = new URL(url);
-            const requestOptions = {
-                hostname: parsedUrl.hostname,
-                port: parsedUrl.port,
-                path: parsedUrl.pathname + parsedUrl.search,
-                method: options.method || 'GET',
-                headers: options.headers,
-            };
-            const request = parsedUrl.protocol === 'https:' ? https.request : http.request;
-            const req = request(requestOptions, (res) => {
-                let data = '';
-                res.on('data', (chunk) => {
-                    data += chunk;
-                });
-                res.on('end', () => {
-                    const response = new Response(data, {
-                        status: res.statusCode,
-                        statusText: res.statusMessage,
-                        headers: new Headers(res.headers),
-                    });
-                    resolve(response);
-                });
-            });
-            req.on('error', (error) => {
-                ssoTraces.instance.saveTrace({
-                    error: `Fetch failed for OIDC IdP endpoint: ${parsedUrl.toString()}`,
-                    context: ssoTraces.context,
-                });
-                reject(error);
-            });
-            if (options.body) {
-                let body;
-                let contentType;
-                if (options.body instanceof URLSearchParams) {
-                    body = options.body.toString();
-                    contentType = 'application/x-www-form-urlencoded';
-                }
-                else {
-                    body = options.body;
-                }
-                if (contentType) {
-                    req.setHeader('content-type', contentType);
-                }
-                req.write(body);
-            }
-            req.end();
-        });
-    });
-};
-export const oidcClientConfig = (_a) => __awaiter(void 0, [_a], void 0, function* ({ discoveryUrl, metadata, clientId, clientSecret, ssoTraces, }) {
-    const url = discoveryUrl ? new URL(discoveryUrl) : new URL(metadata.issuer);
-    const isLocalhost = url.hostname === 'localhost';
-    const customFetchWithSsoTraces = createCustomFetch(ssoTraces);
-    const client = yield import('openid-client');
-    if (discoveryUrl) {
-        return yield client.discovery(url, clientId, clientSecret, undefined, isLocalhost
-            ? {
-                execute: [client.allowInsecureRequests],
-                [client.customFetch]: customFetchWithSsoTraces,
-            }
-            : { [client.customFetch]: customFetchWithSsoTraces });
-    }
-    if (metadata) {
-        const config = new client.Configuration(metadata, clientId, clientSecret);
-        config[client.customFetch] = customFetchWithSsoTraces;
-        if (isLocalhost) {
-            client.allowInsecureRequests(config);
-        }
-        return config;
-    }
-    throw new JacksonError('Neither "discoveryUrl" nor "metadata" set for the OIDC provider', 500);
-});
-//# sourceMappingURL=oidc-client.js.map

package/dist/src/controller/oauth/oidc-client.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"oidc-client.js","sourceRoot":"","sources":["../../../../src/controller/oauth/oidc-client.ts"],"names":[],"mappings":";;;;;;;;;AACA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,KAAK,KAAK,MAAM,OAAO,CAAC;AAC/B,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AACxC,OAAO,EAAE,GAAG,EAAE,MAAM,KAAK,CAAC;AAG1B,MAAM,iBAAiB,GAAG,CAAC,SAAwE,EAAE,EAAE;IACrG,OAAO,CAAO,GAAgB,EAAE,OAAoB,EAAqB,EAAE;QACzE,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YAE/B,MAAM,cAAc,GAAyB;gBAC3C,QAAQ,EAAE,SAAS,CAAC,QAAQ;gBAC5B,IAAI,EAAE,SAAS,CAAC,IAAI;gBACpB,IAAI,EAAE,SAAS,CAAC,QAAQ,GAAG,SAAS,CAAC,MAAM;gBAC3C,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,KAAK;gBAC/B,OAAO,EAAE,OAAO,CAAC,OAAmC;aACrD,CAAC;YACF,MAAM,OAAO,GAAG,SAAS,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC;YAE/E,MAAM,GAAG,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC,GAAG,EAAE,EAAE;gBAC1C,IAAI,IAAI,GAAG,EAAE,CAAC;gBAEd,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE;oBACvB,IAAI,IAAI,KAAK,CAAC;gBAChB,CAAC,CAAC,CAAC;gBAEH,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;oBACjB,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,IAAI,EAAE;wBAClC,MAAM,EAAE,GAAG,CAAC,UAAU;wBACtB,UAAU,EAAE,GAAG,CAAC,aAAa;wBAC7B,OAAO,EAAE,IAAI,OAAO,CAAC,GAAG,CAAC,OAAsB,CAAC;qBACjD,CAAC,CAAC;oBAEH,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACpB,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;gBACxB,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC;oBAC3B,KAAK,EAAE,uCAAuC,SAAS,CAAC,QAAQ,EAAE,EAAE;oBACpE,OAAO,EAAE,SAAS,CAAC,OAAO;iBAC3B,CAAC,CAAC;gBACH,MAAM,CAAC,KAAK,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;YAEH,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;gBACjB,IAAI,IAAI,CAAC;gBACT,IAAI,WAA+B,CAAC;gBAEpC,IAAI,OAAO,CAAC,IAAI,YAAY,eAAe,EAAE,CAAC;oBAC5C,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;oBAC/B,WAAW,GAAG,mCAAmC,CAAC;gBACpD,CAAC;qBAAM,CAAC;oBACN,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;gBACtB,CAAC;gBAED,IAAI,WAAW,EAAE,CAAC;oBAChB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;gBAC7C,CAAC;gBACD,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAClB,CAAC;YACD,GAAG,CAAC,GAAG,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC,CAAA,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAYL,EAAE,4CAZU,EACrC,YAAY,EACZ,QAAQ,EACR,QAAQ,EACR,YAAY,EACZ,SAAS,GAOV;IACC,MAAM,GAAG,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,QAAS,CAAC,MAAM,CAAC,CAAC;IAC7E,MAAM,WAAW,GAAG,GAAG,CAAC,QAAQ,KAAK,WAAW,CAAC;IACjD,MAAM,wBAAwB,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;IAC9D,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,CAAC;IAE7C,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,MAAM,MAAM,CAAC,SAAS,CAC3B,GAAG,EACH,QAAQ,EACR,YAAY,EACZ,SAAS,EACT,WAAW;YACT,CAAC,CAAC;gBACE,OAAO,EAAE,CAAC,MAAM,CAAC,qBAAqB,CAAC;gBACvC,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,wBAAwB;aAC/C;YACH,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,wBAAwB,EAAE,CACvD,CAAC;IACJ,CAAC;IACD,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC,aAAa,CAAC,QAAQ,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QAC1E,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,wBAAwB,CAAC;QACtD,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,CAAC,qBAAqB,CAAC,MAAM,CAAC,CAAC;QACvC,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,MAAM,IAAI,YAAY,CAAC,iEAAiE,EAAE,GAAG,CAAC,CAAC;AACjG,CAAC,CAAA,CAAC"}

package/dist/src/controller/oauth/redirect.d.ts DELETED Viewed

	@@ -1 +0,0 @@
1	- export declare const success: (redirectUrl: string, params: Record<string, string \| string[] \| undefined>) => string;

package/dist/src/controller/oauth/redirect.js DELETED Viewed

@@ -1,13 +0,0 @@
-export const success = (redirectUrl, params) => {
-    const url = new URL(redirectUrl);
-    for (const [key, value] of Object.entries(params)) {
-        if (Array.isArray(value)) {
-            value.forEach((v) => url.searchParams.append(key, v));
-        }
-        else if (value !== undefined) {
-            url.searchParams.set(key, value);
-        }
-    }
-    return url.href;
-};
-//# sourceMappingURL=redirect.js.map

package/dist/src/controller/oauth/redirect.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"redirect.js","sourceRoot":"","sources":["../../../../src/controller/oauth/redirect.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,OAAO,GAAG,CACrB,WAAmB,EACnB,MAAqD,EAC7C,EAAE;IACV,MAAM,GAAG,GAAQ,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;IAEtC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACxD,CAAC;aAAM,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YAC/B,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAED,OAAO,GAAG,CAAC,IAAI,CAAC;AAClB,CAAC,CAAC"}

package/dist/src/controller/oauth.d.ts DELETED Viewed

@@ -1,142 +0,0 @@
-import type { IOAuthController, OAuthReq, OAuthTokenReq, OAuthTokenRes, Profile, SAMLResponsePayload, OIDCAuthzResponsePayload } from '../typings';
-export declare class OAuthController implements IOAuthController {
-    private connectionStore;
-    private sessionStore;
-    private codeStore;
-    private tokenStore;
-    private ssoTraces;
-    private opts;
-    private ssoHandler;
-    private idFedApp;
-    constructor({ connectionStore, sessionStore, codeStore, tokenStore, ssoTraces, opts, idFedApp }: {
-        connectionStore: any;
-        sessionStore: any;
-        codeStore: any;
-        tokenStore: any;
-        ssoTraces: any;
-        opts: any;
-        idFedApp: any;
-    });
-    authorize(body: OAuthReq): Promise<{
-        redirect_url?: string;
-        authorize_form?: string;
-    }>;
-    samlResponse(body: SAMLResponsePayload): Promise<{
-        redirect_url?: string;
-        app_select_form?: string;
-        response_form?: string;
-    }>;
-    oidcAuthzResponse(body: OIDCAuthzResponsePayload): Promise<{
-        redirect_url?: string;
-        response_form?: string;
-    }>;
-    private _buildAuthorizationCode;
-    /**
-     * @swagger
-     *
-     * /oauth/token:
-     *   post:
-     *     summary: Code exchange
-     *     operationId: oauth-code-exchange
-     *     tags:
-     *       - OAuth
-     *     consumes:
-     *       - application/x-www-form-urlencoded
-     *     parameters:
-     *       - name: grant_type
-     *         in: formData
-     *         type: string
-     *         description: Grant type should be 'authorization_code'
-     *         default: authorization_code
-     *         required: true
-     *       - name: client_id
-     *         in: formData
-     *         type: string
-     *         description: Use the client_id returned by the SAML connection API
-     *         required: true
-     *       - name: client_secret
-     *         in: formData
-     *         type: string
-     *         description: Use the client_secret returned by the SAML connection API
-     *         required: true
-     *       - name: code_verifier
-     *         in: formData
-     *         type: string
-     *         description: code_verifier against the code_challenge in the authz request (relevant to PKCE flow)
-     *       - name: redirect_uri
-     *         in: formData
-     *         type: string
-     *         description: Redirect URI
-     *         required: true
-     *       - name: code
-     *         in: formData
-     *         type: string
-     *         description: Code
-     *         required: true
-     *     responses:
-     *       '200':
-     *         description: Success
-     *         schema:
-     *           type: object
-     *           properties:
-     *             access_token:
-     *               type: string
-     *             token_type:
-     *               type: string
-     *             expires_in:
-     *               type: string
-     *           example:
-     *             access_token: 8958e13053832b5af58fdf2ee83f35f5d013dc74
-     *             token_type: bearer
-     *             expires_in: 300
-     */
-    token(body: OAuthTokenReq, authHeader?: string | null): Promise<OAuthTokenRes>;
-    /**
-     * @swagger
-     *
-     * /oauth/userinfo:
-     *   get:
-     *     summary: Get profile
-     *     operationId: oauth-get-profile
-     *     tags:
-     *       - OAuth
-     *     responses:
-     *       '200':
-     *         description: Success
-     *         schema:
-     *           type: object
-     *           properties:
-     *             id:
-     *               type: string
-     *             email:
-     *               type: string
-     *             firstName:
-     *               type: string
-     *             lastName:
-     *               type: string
-     *             roles:
-     *               type: array
-     *               items:
-     *                 type: string
-     *             groups:
-     *               type: array
-     *               items:
-     *                 type: string
-     *             raw:
-     *               type: object
-     *             requested:
-     *               type: object
-     *           example:
-     *             id: 32b5af58fdf
-     *             email: jackson@coolstartup.com
-     *             firstName: SAML
-     *             lastName: Jackson
-     *             raw: {
-     *
-     *             }
-     *             requested: {
-     *
-     *             }
-     */
-    userInfo(token: string): Promise<Profile>;
-}