npm - @infoxchange/make-it-so - Versions diffs - 2.11.0-internal-testing-vdt-199-add-auth-token-verify-function-2.5 → 2.11.0-internal-testing-vdt-199-add-auth-token-verify-function-2.7 - Mend

@infoxchange/make-it-so 2.11.0-internal-testing-vdt-199-add-auth-token-verify-function-2.5 → 2.11.0-internal-testing-vdt-199-add-auth-token-verify-function-2.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/cdk-constructs/SiteOidcAuth/auth-check-handler-body.js CHANGED Viewed

@@ -87,7 +87,24 @@ function _sign(input, key, method) {
     return crypto.createHmac(method, key).update(input).digest("base64url");
 }
 function _base64urlDecode(str) {
-    return Buffer.from(str, "base64url").toString();
+    str = str.replace(/-/g, '+').replace(/_/g, '/');
+    while (str.length % 4)
+        str += '=';
+    const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+    let output = '';
+    let bc = 0, bs = 0, buffer, i = 0;
+    for (; i < str.length; i++) {
+        buffer = chars.indexOf(str.charAt(i));
+        if (buffer === -1)
+            continue;
+        bs = (bs << 6) | buffer;
+        bc += 6;
+        if (bc >= 8) {
+            bc -= 8;
+            output += String.fromCharCode((bs >> bc) & 0xFF);
+        }
+    }
+    return output;
 }
 const jwtToken = request.cookies["auth-token"] && request.cookies["auth-token"].value;
 if (!jwtToken) {

package/dist/cdk-constructs/SiteOidcAuth/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/cdk-constructs/SiteOidcAuth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEvC,OAAO,UAAU,MAAM,4BAA4B,CAAC;AACpD,OAAO,GAAG,MAAM,aAAa,CAAC;AAE9B,OAAO,KAAK,GAAG,MAAM,gBAAgB,CAAC;AAOtC,OAAO,KAAK,EACV,uBAAuB,EACvB,uBAAuB,EACxB,MAAM,2BAA2B,CAAC;AAEnC,KAAK,cAAc,GAAG,qBAAqB,CAAC,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AACjE,KAAK,WAAW,GAAG,qBAAqB,CAAC,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AAE9D,MAAM,MAAM,KAAK,GAAG;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;CACnB,CAAC;AACF,MAAM,MAAM,cAAc,GAAG;IAAE,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAIjD,qBAAa,YAAa,SAAQ,SAAS;IACzC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;gBAER,KAAK,EAAE,cAAc,EAAE,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,KAAK;IAQhE,oBAAoB,CAAC,SAAS,SAAS,uBAAuB,EAC5D,KAAK,EAAE,cAAc,EACrB,SAAS,EAAE,SAAS,EACpB,EAAE,MAA+B,EAAE,GAAE,cAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IA4C1D,iBAAiB,CAAC,SAAS,SAAS,uBAAuB,EACzD,KAAK,EAAE,cAAc,EACrB,SAAS,EAAE,SAAS,EACpB,EAAE,MAA+B,EAAE,GAAE,cAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;~~IAqC1D~~,OAAO,CAAC,eAAe;IAgBvB,OAAO,CAAC,sBAAsB;~~IA+B9B~~,OAAO,CAAC,2BAA2B;~~IAmBnC~~,OAAO,CAAC,yCAAyC;~~IAgBjD~~,OAAO,CAAC,sBAAsB;~~CAiF~~/B"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/cdk-constructs/SiteOidcAuth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEvC,OAAO,UAAU,MAAM,4BAA4B,CAAC;AACpD,OAAO,GAAG,MAAM,aAAa,CAAC;AAE9B,OAAO,KAAK,GAAG,MAAM,gBAAgB,CAAC;AAOtC,OAAO,KAAK,EACV,uBAAuB,EACvB,uBAAuB,EACxB,MAAM,2BAA2B,CAAC;AAEnC,KAAK,cAAc,GAAG,qBAAqB,CAAC,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AACjE,KAAK,WAAW,GAAG,qBAAqB,CAAC,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AAE9D,MAAM,MAAM,KAAK,GAAG;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;CACnB,CAAC;AACF,MAAM,MAAM,cAAc,GAAG;IAAE,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAIjD,qBAAa,YAAa,SAAQ,SAAS;IACzC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;gBAER,KAAK,EAAE,cAAc,EAAE,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,KAAK;IAQhE,oBAAoB,CAAC,SAAS,SAAS,uBAAuB,EAC5D,KAAK,EAAE,cAAc,EACrB,SAAS,EAAE,SAAS,EACpB,EAAE,MAA+B,EAAE,GAAE,cAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IA4C1D,iBAAiB,CAAC,SAAS,SAAS,uBAAuB,EACzD,KAAK,EAAE,cAAc,EACrB,SAAS,EAAE,SAAS,EACpB,EAAE,MAA+B,EAAE,GAAE,cAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAuC1D,OAAO,CAAC,eAAe;IAgBvB,OAAO,CAAC,sBAAsB;IAgC9B,OAAO,CAAC,2BAA2B;IAoBnC,OAAO,CAAC,yCAAyC;IAiBjD,OAAO,CAAC,sBAAsB;CAkF/B"}

package/dist/cdk-constructs/SiteOidcAuth/index.js CHANGED Viewed

@@ -72,7 +72,7 @@ export class SiteOidcAuth extends Construct {
         const jwtSecret = this.createJwtSecret();
         updatedSiteProps.cdk.transform = (plan) => {
             siteProps?.cdk?.transform?.(plan);
-            plan.cloudFrontFunctions?.serverCfFunction.injections.push(this.getAuthCheckHandlerBodyCode(jwtSecret, prefix));
+            plan.cloudFrontFunctions?.serverCfFunction.injections.push(this.convertToCloudFrontFunctionCompatibleCode(this.getAuthCheckHandlerBodyCode(jwtSecret, prefix)));
         };
         updatedSiteProps.cdk.distribution.additionalBehaviors[behaviourName] =
             this.getAuthBehaviorOptions(scope, jwtSecret, prefix);
@@ -100,7 +100,7 @@ export class SiteOidcAuth extends Construct {
               var request = event.request;
               ${this.getAuthCheckHandlerBodyCode(jwtSecret, authRoutePrefix)}
               return request;
-            }`)),
+            }`, { minify: true })),
             // We could specify the JS v2.0 runtime here but for SSR sites SST does the function creation and that currently
             // uses JS v1.0 so no point using v2.0 here as the code has to be compatible with v1.0 anyway.
         });
@@ -115,12 +115,12 @@ export class SiteOidcAuth extends Construct {
             .readFileSync(path.join(import.meta.dirname, "auth-check-handler-body.js"), "utf8")
             .replace("__placeholder-for-jwt-secret__", jwtSecret.secretValue.toString())
             .replace("__placeholder-for-auth-route-prefix__", authRoutePrefix)
-            // When typescript builds the make-it-so code including it may add an "export {}" at the end to make it a module.
-            // This will cause a syntax error in CloudFront Functions so remove it here.
+            // When typescript builds the make-it-so code including "auth-check-handler-body.ts" it will add "export {}" to
+            // the end of the file if it's not already a module. This will cause a syntax error in CloudFront Functions so we
+            // remove it here.
             .replace(/export {};\s*$/g, "");
-        ;
     }
-    convertToCloudFrontFunctionCompatibleCode(sourceCode) {
+    convertToCloudFrontFunctionCompatibleCode(sourceCode, esbuildOptions) {
         // ESBuild doesn't currently support transforming const/let to var, which is required for CloudFront Functions
         // JS runtime 1.0.
         sourceCode = sourceCode
@@ -128,8 +128,8 @@ export class SiteOidcAuth extends Construct {
             .replaceAll(/let /g, "var ");
         console.log("---- 3", sourceCode);
         return transformSync(sourceCode, {
-            minify: true,
             target: "es5",
+            ...esbuildOptions,
         }).code;
     }
     // Get the behavior options for the auth route
@@ -161,7 +161,7 @@ export class SiteOidcAuth extends Construct {
               const request = event.request;
               request.headers["x-forwarded-host"] = { value: request.headers.host.value };
               return request;
-            }`)),
+            }`, { minify: true })),
             runtime: CloudFront.FunctionRuntime.JS_2_0,
         });
         return {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@infoxchange/make-it-so",
-  "version": "2.11.0-internal-testing-vdt-199-add-auth-token-verify-function-2.5",
+  "version": "2.11.0-internal-testing-vdt-199-add-auth-token-verify-function-2.7",
   "description": "Makes deploying services to IX infra easy",
   "repository": "github:infoxchange/make-it-so",
   "type": "module",

package/src/cdk-constructs/SiteOidcAuth/auth-check-handler-body.ts CHANGED Viewed

@@ -116,7 +116,27 @@ function _sign(input: string, key: string, method: string) {
 }
 function _base64urlDecode(str: string) {
-  return Buffer.from(str, "base64url").toString();
+  str = str.replace(/-/g, '+').replace(/_/g, '/');
+  while (str.length % 4) str += '=';
+  const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+  let output = '';
+  let bc = 0, bs = 0, buffer, i = 0;
+  for (; i < str.length; i++) {
+      buffer = chars.indexOf(str.charAt(i));
+      if (buffer === -1) continue;
+      bs = (bs << 6) | buffer;
+      bc += 6;
+      if (bc >= 8) {
+          bc -= 8;
+          output += String.fromCharCode((bs >> bc) & 0xFF);
+      }
+  }
+  return output;
 }
 const jwtToken =

package/src/cdk-constructs/SiteOidcAuth/index.ts CHANGED Viewed

@@ -9,7 +9,7 @@ import { Config as SSTInternalConfig } from "sst/config.js";
 import CloudFrontOrigins from "aws-cdk-lib/aws-cloudfront-origins";
 import path from "node:path";
 import fs from "node:fs";
-import { transformSync } from "esbuild";
+import { TransformOptions, transformSync } from "esbuild";
 import type {
   ExtendedNextjsSiteProps,
   ExtendedStaticSiteProps,
@@ -118,7 +118,9 @@ export class SiteOidcAuth extends Construct {
       siteProps?.cdk?.transform?.(plan);
       plan.cloudFrontFunctions?.serverCfFunction.injections.push(
-        this.getAuthCheckHandlerBodyCode(jwtSecret, prefix),
+        this.convertToCloudFrontFunctionCompatibleCode(
+          this.getAuthCheckHandlerBodyCode(jwtSecret, prefix),
+        ),
       );
     };
@@ -161,6 +163,7 @@ export class SiteOidcAuth extends Construct {
               ${this.getAuthCheckHandlerBodyCode(jwtSecret, authRoutePrefix)}
               return request;
             }`,
+            { minify: true },
           ),
         ),
         // We could specify the JS v2.0 runtime here but for SSR sites SST does the function creation and that currently
@@ -189,13 +192,15 @@ export class SiteOidcAuth extends Construct {
         jwtSecret.secretValue.toString(),
       )
       .replace("__placeholder-for-auth-route-prefix__", authRoutePrefix)
-      // When typescript builds the make-it-so code including it may add an "export {}" at the end to make it a module.
-      // This will cause a syntax error in CloudFront Functions so remove it here.
-      .replace(/export {};\s*$/g, "");;
+      // When typescript builds the make-it-so code including "auth-check-handler-body.ts" it will add "export {}" to
+      // the end of the file if it's not already a module. This will cause a syntax error in CloudFront Functions so we
+      // remove it here.
+      .replace(/export {};\s*$/g, "");
   }
   private convertToCloudFrontFunctionCompatibleCode(
     sourceCode: string,
+    esbuildOptions?: TransformOptions,
   ): string {
     // ESBuild doesn't currently support transforming const/let to var, which is required for CloudFront Functions
     // JS runtime 1.0.
@@ -204,8 +209,8 @@ export class SiteOidcAuth extends Construct {
       .replaceAll(/let /g, "var ");
     console.log("---- 3", sourceCode)
     return transformSync(sourceCode, {
-      minify: true,
       target: "es5",
+      ...esbuildOptions,
     }).code;
   }
@@ -254,6 +259,7 @@ export class SiteOidcAuth extends Construct {
               request.headers["x-forwarded-host"] = { value: request.headers.host.value };
               return request;
             }`,
+            { minify: true },
           ),
         ),
         runtime: CloudFront.FunctionRuntime.JS_2_0,