@eduzz/miau-client 0.0.16 → 0.0.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/.turbo/turbo-build$colon$types.log +1 -1
  2. package/.turbo/turbo-build.log +3 -3
  3. package/.turbo/turbo-prepublish.log +1 -1
  4. package/dist/index.js +28 -28
  5. package/dist/index.js.map +3 -3
  6. package/package.json +1 -1
  7. package/src/MiauClient.ts +4 -1
  8. package/src/middleware.ts +0 -2
package/.turbo/turbo-build$colon$types.log CHANGED
@@ -1,4 +1,4 @@
1
1
 
2
- > @eduzz/miau-client@0.0.16 build:types /home/runner/work/eduzz-miau/eduzz-miau/packages/client
2
+ > @eduzz/miau-client@0.0.18 build:types /home/runner/work/eduzz-miau/eduzz-miau/packages/client
3
3
  > tsc --emitDeclarationOnly --outDir dist
4
4
 
package/.turbo/turbo-build.log CHANGED
@@ -1,9 +1,9 @@
1
1
 
2
- > @eduzz/miau-client@0.0.16 build /home/runner/work/eduzz-miau/eduzz-miau/packages/client
2
+ > @eduzz/miau-client@0.0.18 build /home/runner/work/eduzz-miau/eduzz-miau/packages/client
3
3
  > esbuild src/index.ts --bundle --sourcemap --platform=node --target=es2020 --outfile=dist/index.js
4
4
 
5
5
 
6
6
  dist/index.js 438.6kb
7
- dist/index.js.map 735.5kb
7
+ dist/index.js.map 735.6kb
8
8
 
9
- ⚡ Done in 515ms
9
+ ⚡ Done in 583ms
package/.turbo/turbo-prepublish.log CHANGED
@@ -1,4 +1,4 @@
1
1
 
2
- > @eduzz/miau-client@0.0.16 prepublish /home/runner/work/eduzz-miau/eduzz-miau/packages/client
2
+ > @eduzz/miau-client@0.0.18 prepublish /home/runner/work/eduzz-miau/eduzz-miau/packages/client
3
3
  > sh ./scripts/prepare-publish.sh
4
4
 
package/dist/index.js CHANGED
@@ -338,14 +338,14 @@ var require_buffer_equal_constant_time = __commonJS({
338
338
  var require_jwa = __commonJS({
339
339
  "../../node_modules/.pnpm/jwa@1.4.2/node_modules/jwa/index.js"(exports2, module2) {
340
340
  var Buffer2 = require_safe_buffer().Buffer;
341
- var crypto = require("crypto");
341
+ var crypto2 = require("crypto");
342
342
  var formatEcdsa = require_ecdsa_sig_formatter();
343
343
  var util = require("util");
344
344
  var MSG_INVALID_ALGORITHM = '"%s" is not a valid algorithm.\n Supported algorithms are:\n "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "PS256", "PS384", "PS512", "ES256", "ES384", "ES512" and "none".';
345
345
  var MSG_INVALID_SECRET = "secret must be a string or buffer";
346
346
  var MSG_INVALID_VERIFIER_KEY = "key must be a string or a buffer";
347
347
  var MSG_INVALID_SIGNER_KEY = "key must be a string, a buffer or an object";
348
- var supportsKeyObjects = typeof crypto.createPublicKey === "function";
348
+ var supportsKeyObjects = typeof crypto2.createPublicKey === "function";
349
349
  if (supportsKeyObjects) {
350
350
  MSG_INVALID_VERIFIER_KEY += " or a KeyObject";
351
351
  MSG_INVALID_SECRET += "or a KeyObject";
@@ -435,17 +435,17 @@ var require_jwa = __commonJS({
435
435
  return function sign(thing, secret) {
436
436
  checkIsSecretKey(secret);
437
437
  thing = normalizeInput(thing);
438
- var hmac = crypto.createHmac("sha" + bits, secret);
438
+ var hmac = crypto2.createHmac("sha" + bits, secret);
439
439
  var sig = (hmac.update(thing), hmac.digest("base64"));
440
440
  return fromBase64(sig);
441
441
  };
442
442
  }
443
443
  var bufferEqual;
444
- var timingSafeEqual = "timingSafeEqual" in crypto ? function timingSafeEqual2(a, b) {
444
+ var timingSafeEqual = "timingSafeEqual" in crypto2 ? function timingSafeEqual2(a, b) {
445
445
  if (a.byteLength !== b.byteLength) {
446
446
  return false;
447
447
  }
448
- return crypto.timingSafeEqual(a, b);
448
+ return crypto2.timingSafeEqual(a, b);
449
449
  } : function timingSafeEqual2(a, b) {
450
450
  if (!bufferEqual) {
451
451
  bufferEqual = require_buffer_equal_constant_time();
@@ -462,7 +462,7 @@ var require_jwa = __commonJS({
462
462
  return function sign(thing, privateKey) {
463
463
  checkIsPrivateKey(privateKey);
464
464
  thing = normalizeInput(thing);
465
- var signer = crypto.createSign("RSA-SHA" + bits);
465
+ var signer = crypto2.createSign("RSA-SHA" + bits);
466
466
  var sig = (signer.update(thing), signer.sign(privateKey, "base64"));
467
467
  return fromBase64(sig);
468
468
  };
@@ -472,7 +472,7 @@ var require_jwa = __commonJS({
472
472
  checkIsPublicKey(publicKey);
473
473
  thing = normalizeInput(thing);
474
474
  signature = toBase64(signature);
475
- var verifier = crypto.createVerify("RSA-SHA" + bits);
475
+ var verifier = crypto2.createVerify("RSA-SHA" + bits);
476
476
  verifier.update(thing);
477
477
  return verifier.verify(publicKey, signature, "base64");
478
478
  };
@@ -481,11 +481,11 @@ var require_jwa = __commonJS({
481
481
  return function sign(thing, privateKey) {
482
482
  checkIsPrivateKey(privateKey);
483
483
  thing = normalizeInput(thing);
484
- var signer = crypto.createSign("RSA-SHA" + bits);
484
+ var signer = crypto2.createSign("RSA-SHA" + bits);
485
485
  var sig = (signer.update(thing), signer.sign({
486
486
  key: privateKey,
487
- padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
488
- saltLength: crypto.constants.RSA_PSS_SALTLEN_DIGEST
487
+ padding: crypto2.constants.RSA_PKCS1_PSS_PADDING,
488
+ saltLength: crypto2.constants.RSA_PSS_SALTLEN_DIGEST
489
489
  }, "base64"));
490
490
  return fromBase64(sig);
491
491
  };
@@ -495,12 +495,12 @@ var require_jwa = __commonJS({
495
495
  checkIsPublicKey(publicKey);
496
496
  thing = normalizeInput(thing);
497
497
  signature = toBase64(signature);
498
- var verifier = crypto.createVerify("RSA-SHA" + bits);
498
+ var verifier = crypto2.createVerify("RSA-SHA" + bits);
499
499
  verifier.update(thing);
500
500
  return verifier.verify({
501
501
  key: publicKey,
502
- padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
503
- saltLength: crypto.constants.RSA_PSS_SALTLEN_DIGEST
502
+ padding: crypto2.constants.RSA_PKCS1_PSS_PADDING,
503
+ saltLength: crypto2.constants.RSA_PSS_SALTLEN_DIGEST
504
504
  }, signature, "base64");
505
505
  };
506
506
  }
@@ -4946,9 +4946,9 @@ var require_webcrypto = __commonJS({
4946
4946
  "use strict";
4947
4947
  Object.defineProperty(exports2, "__esModule", { value: true });
4948
4948
  exports2.isCryptoKey = void 0;
4949
- var crypto = require("crypto");
4949
+ var crypto2 = require("crypto");
4950
4950
  var util = require("util");
4951
- var webcrypto = crypto.webcrypto;
4951
+ var webcrypto = crypto2.webcrypto;
4952
4952
  exports2.default = webcrypto;
4953
4953
  exports2.isCryptoKey = util.types.isCryptoKey ? (key) => util.types.isCryptoKey(key) : (key) => false;
4954
4954
  }
@@ -7599,22 +7599,22 @@ var require_sign2 = __commonJS({
7599
7599
  "../../node_modules/.pnpm/jose@4.15.9/node_modules/jose/dist/node/cjs/runtime/sign.js"(exports2) {
7600
7600
  "use strict";
7601
7601
  Object.defineProperty(exports2, "__esModule", { value: true });
7602
- var crypto = require("crypto");
7602
+ var crypto2 = require("crypto");
7603
7603
  var util_1 = require("util");
7604
7604
  var dsa_digest_js_1 = require_dsa_digest();
7605
7605
  var hmac_digest_js_1 = require_hmac_digest();
7606
7606
  var node_key_js_1 = require_node_key();
7607
7607
  var get_sign_verify_key_js_1 = require_get_sign_verify_key();
7608
7608
  var oneShotSign;
7609
- if (crypto.sign.length > 3) {
7610
- oneShotSign = (0, util_1.promisify)(crypto.sign);
7609
+ if (crypto2.sign.length > 3) {
7610
+ oneShotSign = (0, util_1.promisify)(crypto2.sign);
7611
7611
  } else {
7612
- oneShotSign = crypto.sign;
7612
+ oneShotSign = crypto2.sign;
7613
7613
  }
7614
7614
  var sign = async (alg, key, data) => {
7615
7615
  const keyObject = (0, get_sign_verify_key_js_1.default)(alg, key, "sign");
7616
7616
  if (alg.startsWith("HS")) {
7617
- const hmac = crypto.createHmac((0, hmac_digest_js_1.default)(alg), keyObject);
7617
+ const hmac = crypto2.createHmac((0, hmac_digest_js_1.default)(alg), keyObject);
7618
7618
  hmac.update(data);
7619
7619
  return hmac.digest();
7620
7620
  }
@@ -7629,7 +7629,7 @@ var require_verify2 = __commonJS({
7629
7629
  "../../node_modules/.pnpm/jose@4.15.9/node_modules/jose/dist/node/cjs/runtime/verify.js"(exports2) {
7630
7630
  "use strict";
7631
7631
  Object.defineProperty(exports2, "__esModule", { value: true });
7632
- var crypto = require("crypto");
7632
+ var crypto2 = require("crypto");
7633
7633
  var util_1 = require("util");
7634
7634
  var dsa_digest_js_1 = require_dsa_digest();
7635
7635
  var node_key_js_1 = require_node_key();
@@ -7637,10 +7637,10 @@ var require_verify2 = __commonJS({
7637
7637
  var get_sign_verify_key_js_1 = require_get_sign_verify_key();
7638
7638
  var flags_js_1 = require_flags();
7639
7639
  var oneShotVerify;
7640
- if (crypto.verify.length > 4 && flags_js_1.oneShotCallback) {
7641
- oneShotVerify = (0, util_1.promisify)(crypto.verify);
7640
+ if (crypto2.verify.length > 4 && flags_js_1.oneShotCallback) {
7641
+ oneShotVerify = (0, util_1.promisify)(crypto2.verify);
7642
7642
  } else {
7643
- oneShotVerify = crypto.verify;
7643
+ oneShotVerify = crypto2.verify;
7644
7644
  }
7645
7645
  var verify = async (alg, key, signature, data) => {
7646
7646
  const keyObject = (0, get_sign_verify_key_js_1.default)(alg, key, "verify");
@@ -7648,7 +7648,7 @@ var require_verify2 = __commonJS({
7648
7648
  const expected = await (0, sign_js_1.default)(alg, keyObject, data);
7649
7649
  const actual = signature;
7650
7650
  try {
7651
- return crypto.timingSafeEqual(actual, expected);
7651
+ return crypto2.timingSafeEqual(actual, expected);
7652
7652
  } catch {
7653
7653
  return false;
7654
7654
  }
@@ -11724,6 +11724,7 @@ var ResourceProtocols = ["http", "websocket", "grpc"];
11724
11724
  var HttpMethods = ["GET", "POST", "PUT", "DELETE", "PATCH", "HEAD", "OPTIONS"];
11725
11725
 
11726
11726
  // src/MiauClient.ts
11727
+ var import_node_crypto = __toESM(require("node:crypto"));
11727
11728
  var import_jsonwebtoken2 = __toESM(require_jsonwebtoken());
11728
11729
  var import_jwks_rsa = __toESM(require_src2());
11729
11730
 
@@ -11773,13 +11774,11 @@ var miauMiddleware = (miauClient, requestAugmentation, fallbackMidlleware) => {
11773
11774
  req.miauApplication = { id: appToken?.id, name: appToken?.name };
11774
11775
  req.miauMetadata = permission?.metadata || {};
11775
11776
  if (requestAugmentation) {
11776
- console.log("Request augmentation is being applied");
11777
11777
  requestAugmentation({ req, app: req.miauApplication, meta: req.miauMetadata });
11778
11778
  }
11779
11779
  next();
11780
11780
  } catch (err) {
11781
11781
  if (err instanceof HttpError && err.status == 400 && fallbackMidlleware) {
11782
- console.log("Using fallback middleware for 400 error");
11783
11782
  return fallbackMidlleware(req, res, next);
11784
11783
  }
11785
11784
  const errorStatus = err.status || 403;
@@ -11817,7 +11816,8 @@ var MiauClient = class {
11817
11816
  };
11818
11817
  this.apiUrl = props.apiUrl;
11819
11818
  const apiKey = props.appSecret.substring(7, 32);
11820
- this.basicAuthToken = Buffer.from(`${apiKey}:${props.appSecret}`).toString("base64");
11819
+ const hashedSecret = import_node_crypto.default.createHash("sha256").update(props.appSecret).digest("hex");
11820
+ this.basicAuthToken = Buffer.from(`${apiKey}:${hashedSecret}`).toString("base64");
11821
11821
  }
11822
11822
  async getPublicKey(kid) {
11823
11823
  if (!this.jwksClient) {