@equinor/fusion-framework-module-msal-node 2.0.4-msal-v5.0 → 3.0.1

package/CHANGELOG.md

@@ -1,13 +1,21 @@
 # @equinor/fusion-framework-module-msal-node
 
-## 2.0.4-msal-v5.0
+## 3.0.1
 
 ### Patch Changes
 
-- [#3944](https://github.com/equinor/fusion-framework/pull/3944) [`312755f`](https://github.com/equinor/fusion-framework/commit/312755f01c7592329aec847ee4956fe9bf58458f) Thanks [@dependabot](https://github.com/apps/dependabot)! - pre-release msal v5
+- [#4157](https://github.com/equinor/fusion-framework/pull/4157) [`6aa8e1f`](https://github.com/equinor/fusion-framework/commit/6aa8e1f5c9d852b25e97aa7d98a63008c64d4581) Thanks [@Noggling](https://github.com/Noggling)! - Internal: patch release to align TypeScript types across packages for consistent type compatibility.
 
-- Updated dependencies [[`312755f`](https://github.com/equinor/fusion-framework/commit/312755f01c7592329aec847ee4956fe9bf58458f)]:
-  - @equinor/fusion-framework-module@5.0.6-msal-v5.0
+- Updated dependencies [[`6aa8e1f`](https://github.com/equinor/fusion-framework/commit/6aa8e1f5c9d852b25e97aa7d98a63008c64d4581)]:
+  - @equinor/fusion-framework-module@5.0.6
+
+## 3.0.0
+
+### Major Changes
+
+- [#3929](https://github.com/equinor/fusion-framework/pull/3929) [`46a1c71`](https://github.com/equinor/fusion-framework/commit/46a1c710d9cd2ed20946932ceab2a5e8c0fb8a2b) Thanks [@dependabot](https://github.com/apps/dependabot)! - Require Node.js >= 20 for `@equinor/fusion-framework-module-msal-node` due to upgrading `@azure/msal-node` and `@azure/msal-node-extensions` to v5.
+
+  Migration: upgrade runtimes to Node.js 20+.
 
 ## 2.0.3
 

package/dist/esm/AuthProviderInteractive.js

@@ -1,7 +1,29 @@
-import { CryptoProvider, } from '@azure/msal-node';
+import { createHash, randomBytes } from 'node:crypto';
 import openBrowser from 'open';
 import { createAuthServer } from './create-auth-server.js';
 import { AuthProvider } from './AuthProvider.js';
+/**
+ * Encodes a byte buffer to Base64 URL encoding (RFC 4648 §5) without padding.
+ *
+ * Used for PKCE code verifier/challenge values (RFC 7636).
+ *
+ * @param buffer - Bytes to encode.
+ * @returns Base64url-encoded string without trailing `=` padding.
+ */
+const base64UrlEncode = (buffer) => buffer.toString('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/g, '');
+/**
+ * Generates PKCE verifier and challenge for the authorization code flow.
+ *
+ * Uses a 32-octet cryptographically random verifier (recommended by RFC 7636)
+ * and derives the S256 challenge as `BASE64URL-ENCODE(SHA256(ASCII(verifier)))`.
+ *
+ * @returns PKCE verifier and S256 challenge.
+ */
+const generatePkceCodes = () => {
+    const verifier = base64UrlEncode(randomBytes(32));
+    const challenge = base64UrlEncode(createHash('sha256').update(verifier).digest());
+    return { verifier, challenge };
+};
 /**
  * Implementation of an interactive authentication provider for the Fusion MSAL Node module.
  *
@@ -43,8 +65,7 @@ export class AuthProviderInteractive extends AuthProvider {
         // Generate a new PKCE code verifier and challenge
         // This is used to enhance security in the authorization code flow
         // by preventing authorization code interception attacks.
-        const cryptoProvider = new CryptoProvider();
-        const { verifier, challenge } = await cryptoProvider.generatePkceCodes();
+        const { verifier, challenge } = generatePkceCodes();
         const authCodeUrl = await this._client.getAuthCodeUrl({
             scopes,
             redirectUri: `http://localhost:${port}`,

package/dist/esm/AuthProviderInteractive.js.map

@@ -1 +1 @@
-{"version":3,"file":"AuthProviderInteractive.js","sourceRoot":"","sources":["../../src/AuthProviderInteractive.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,cAAc,GAGf,MAAM,kBAAkB,CAAC;AAE1B,OAAO,WAAW,MAAM,MAAM,CAAC;AAC/B,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAkBjD;;;;;;;;;;;;;GAaG;AACH,MAAM,OAAO,uBAAwB,SAAQ,YAAY;IACvD,QAAQ,CAAsB;IAE9B,YAAY,MAA+B,EAAE,OAA4B;QACvE,KAAK,CAAC,MAAM,CAAC,CAAC;QACd,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;IAC1B,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACI,KAAK,CAAC,KAAK,CAAC,OAA0C;QAC3D,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;QACnC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;QAE9C,kDAAkD;QAClD,kEAAkE;QAClE,yDAAyD;QACzD,MAAM,cAAc,GAAG,IAAI,cAAc,EAAE,CAAC;QAC5C,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,MAAM,cAAc,CAAC,iBAAiB,EAAE,CAAC;QACzE,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC;YACpD,MAAM;YACN,WAAW,EAAE,oBAAoB,IAAI,EAAE;YACvC,aAAa,EAAE,SAAS;YACxB,mBAAmB,EAAE,MAAM;SAC5B,CAAC,CAAC;QAEH,uCAAuC;QACvC,MAAM,WAAW,CAAC,WAAW,CAAC,CAAC;QAE/B,qCAAqC;QACrC,IAAI,MAAM;YAAE,MAAM,CAAC,WAAW,CAAC,CAAC;QAEhC,OAAO,gBAAgB,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE;YAC5C,YAAY,EAAE,QAAQ;YACtB,IAAI;SACL,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACI,KAAK,CAAC,YAAY,CAAC,OAEzB;QACC,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;QACrD,IAAI,CAAC,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC;YACvC,OAAO,IAAI,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;QAC7C,CAAC;QACD,OAAO,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;IACrC,CAAC;CACF"}
+{"version":3,"file":"AuthProviderInteractive.js","sourceRoot":"","sources":["../../src/AuthProviderInteractive.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAEtD,OAAO,WAAW,MAAM,MAAM,CAAC;AAC/B,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEjD;;;;;;;GAOG;AACH,MAAM,eAAe,GAAG,CAAC,MAAc,EAAU,EAAE,CACjD,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AAExF;;;;;;;GAOG;AACH,MAAM,iBAAiB,GAAG,GAA4C,EAAE;IACtE,MAAM,QAAQ,GAAG,eAAe,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAClD,MAAM,SAAS,GAAG,eAAe,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAClF,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;AACjC,CAAC,CAAC;AAkBF;;;;;;;;;;;;;GAaG;AACH,MAAM,OAAO,uBAAwB,SAAQ,YAAY;IACvD,QAAQ,CAAsB;IAE9B,YAAY,MAA+B,EAAE,OAA4B;QACvE,KAAK,CAAC,MAAM,CAAC,CAAC;QACd,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;IAC1B,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACI,KAAK,CAAC,KAAK,CAAC,OAA0C;QAC3D,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;QACnC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;QAE9C,kDAAkD;QAClD,kEAAkE;QAClE,yDAAyD;QACzD,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,iBAAiB,EAAE,CAAC;QACpD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC;YACpD,MAAM;YACN,WAAW,EAAE,oBAAoB,IAAI,EAAE;YACvC,aAAa,EAAE,SAAS;YACxB,mBAAmB,EAAE,MAAM;SAC5B,CAAC,CAAC;QAEH,uCAAuC;QACvC,MAAM,WAAW,CAAC,WAAW,CAAC,CAAC;QAE/B,qCAAqC;QACrC,IAAI,MAAM;YAAE,MAAM,CAAC,WAAW,CAAC,CAAC;QAEhC,OAAO,gBAAgB,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE;YAC5C,YAAY,EAAE,QAAQ;YACtB,IAAI;SACL,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACI,KAAK,CAAC,YAAY,CAAC,OAEzB;QACC,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;QACrD,IAAI,CAAC,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC;YACvC,OAAO,IAAI,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;QAC7C,CAAC;QACD,OAAO,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;IACrC,CAAC;CACF"}

package/dist/esm/version.js

@@ -1,3 +1,3 @@
 // Generated by genversion.
-export const version = '2.0.4-msal-v5.0';
+export const version = '3.0.1';
 //# sourceMappingURL=version.js.map

package/dist/esm/version.js.map

@@ -1 +1 @@
-{"version":3,"file":"version.js","sourceRoot":"","sources":["../../src/version.ts"],"names":[],"mappings":"AAAA,2BAA2B;AAC3B,MAAM,CAAC,MAAM,OAAO,GAAG,iBAAiB,CAAC"}
+{"version":3,"file":"version.js","sourceRoot":"","sources":["../../src/version.ts"],"names":[],"mappings":"AAAA,2BAA2B;AAC3B,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC"}