@keycardai/oauth 0.8.3 → 0.8.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/keyring.d.ts +2 -0
- package/dist/cjs/keyring.d.ts.map +1 -1
- package/dist/cjs/keyring.js +14 -2
- package/dist/cjs/keyring.js.map +1 -1
- package/dist/esm/keyring.d.ts +2 -0
- package/dist/esm/keyring.d.ts.map +1 -1
- package/dist/esm/keyring.js +14 -2
- package/dist/esm/keyring.js.map +1 -1
- package/package.json +1 -1
package/dist/cjs/keyring.d.ts
CHANGED
|
@@ -16,6 +16,8 @@ export interface JWKSOAuthKeyringOptions {
|
|
|
16
16
|
discoveryTtlMs?: number;
|
|
17
17
|
/** Timeout for both discovery and JWKS fetch requests. Default: 10 seconds. */
|
|
18
18
|
fetchTimeoutMs?: number;
|
|
19
|
+
/** Maximum number of cached keys before the oldest is evicted. Default: 256. */
|
|
20
|
+
keyCacheMaxEntries?: number;
|
|
19
21
|
}
|
|
20
22
|
export declare class JWKSOAuthKeyring implements OAuthKeyring {
|
|
21
23
|
#private;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"keyring.d.ts","sourceRoot":"","sources":["../../src/keyring.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,YAAY;IAC3B,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CAAA;CACrD;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,GAAG,EAAE,SAAS,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEF,MAAM,WAAW,cAAc;IAC7B,GAAG,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC,CAAA;CAC7C;AAED,MAAM,WAAW,uBAAuB;IACtC,qDAAqD;IACrD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,8EAA8E;IAC9E,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,+EAA+E;IAC/E,cAAc,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"keyring.d.ts","sourceRoot":"","sources":["../../src/keyring.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,YAAY;IAC3B,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CAAA;CACrD;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,GAAG,EAAE,SAAS,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEF,MAAM,WAAW,cAAc;IAC7B,GAAG,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC,CAAA;CAC7C;AAED,MAAM,WAAW,uBAAuB;IACtC,qDAAqD;IACrD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,8EAA8E;IAC9E,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,+EAA+E;IAC/E,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,gFAAgF;IAChF,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAwDD,qBAAa,gBAAiB,YAAW,YAAY;;gBAYvC,OAAO,CAAC,EAAE,uBAAuB;IAQvC,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;IAW1D,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,IAAI;IAQ7C;;;;OAIG;IACH,KAAK,IAAI,IAAI;CAyId"}
|
package/dist/cjs/keyring.js
CHANGED
|
@@ -10,7 +10,7 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
|
|
|
10
10
|
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
|
|
11
11
|
return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
|
|
12
12
|
};
|
|
13
|
-
var _JWKSOAuthKeyring_instances, _JWKSOAuthKeyring_keyTtlMs, _JWKSOAuthKeyring_discoveryTtlMs, _JWKSOAuthKeyring_fetchTimeoutMs, _JWKSOAuthKeyring_discoveryCache, _JWKSOAuthKeyring_keyCache, _JWKSOAuthKeyring_discoveryInflight, _JWKSOAuthKeyring_keyInflight, _JWKSOAuthKeyring_resolveJwksUri, _JWKSOAuthKeyring_resolveKey, _JWKSOAuthKeyring_getCached;
|
|
13
|
+
var _JWKSOAuthKeyring_instances, _JWKSOAuthKeyring_keyTtlMs, _JWKSOAuthKeyring_discoveryTtlMs, _JWKSOAuthKeyring_fetchTimeoutMs, _JWKSOAuthKeyring_discoveryCache, _JWKSOAuthKeyring_keyCache, _JWKSOAuthKeyring_keyCacheMaxEntries, _JWKSOAuthKeyring_discoveryInflight, _JWKSOAuthKeyring_keyInflight, _JWKSOAuthKeyring_resolveJwksUri, _JWKSOAuthKeyring_resolveKey, _JWKSOAuthKeyring_getCached, _JWKSOAuthKeyring_evictKeysIfNeeded;
|
|
14
14
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
15
|
exports.JWKSOAuthKeyring = void 0;
|
|
16
16
|
const zod_1 = require("zod");
|
|
@@ -36,6 +36,7 @@ const JWKSetSchema = zod_1.z.object({
|
|
|
36
36
|
const DEFAULT_KEY_TTL_MS = 5 * 60 * 1000; // 5 minutes
|
|
37
37
|
const DEFAULT_DISCOVERY_TTL_MS = 60 * 60 * 1000; // 1 hour
|
|
38
38
|
const DEFAULT_FETCH_TIMEOUT_MS = 10_000; // 10 seconds
|
|
39
|
+
const DEFAULT_KEY_CACHE_MAX_ENTRIES = 256; // bound the key cache
|
|
39
40
|
function assertSameOrigin(issuer, jwksUri) {
|
|
40
41
|
const issuerOrigin = new URL(issuer).origin;
|
|
41
42
|
const jwksOrigin = new URL(jwksUri).origin;
|
|
@@ -57,11 +58,13 @@ class JWKSOAuthKeyring {
|
|
|
57
58
|
_JWKSOAuthKeyring_fetchTimeoutMs.set(this, void 0);
|
|
58
59
|
_JWKSOAuthKeyring_discoveryCache.set(this, new Map());
|
|
59
60
|
_JWKSOAuthKeyring_keyCache.set(this, new Map());
|
|
61
|
+
_JWKSOAuthKeyring_keyCacheMaxEntries.set(this, void 0);
|
|
60
62
|
_JWKSOAuthKeyring_discoveryInflight.set(this, new Map());
|
|
61
63
|
_JWKSOAuthKeyring_keyInflight.set(this, new Map());
|
|
62
64
|
__classPrivateFieldSet(this, _JWKSOAuthKeyring_keyTtlMs, options?.keyTtlMs ?? DEFAULT_KEY_TTL_MS, "f");
|
|
63
65
|
__classPrivateFieldSet(this, _JWKSOAuthKeyring_discoveryTtlMs, options?.discoveryTtlMs ?? DEFAULT_DISCOVERY_TTL_MS, "f");
|
|
64
66
|
__classPrivateFieldSet(this, _JWKSOAuthKeyring_fetchTimeoutMs, options?.fetchTimeoutMs ?? DEFAULT_FETCH_TIMEOUT_MS, "f");
|
|
67
|
+
__classPrivateFieldSet(this, _JWKSOAuthKeyring_keyCacheMaxEntries, options?.keyCacheMaxEntries ?? DEFAULT_KEY_CACHE_MAX_ENTRIES, "f");
|
|
65
68
|
}
|
|
66
69
|
async key(issuer, kid) {
|
|
67
70
|
const cacheKey = keyCacheKey(issuer, kid);
|
|
@@ -92,7 +95,7 @@ class JWKSOAuthKeyring {
|
|
|
92
95
|
}
|
|
93
96
|
}
|
|
94
97
|
exports.JWKSOAuthKeyring = JWKSOAuthKeyring;
|
|
95
|
-
_JWKSOAuthKeyring_keyTtlMs = new WeakMap(), _JWKSOAuthKeyring_discoveryTtlMs = new WeakMap(), _JWKSOAuthKeyring_fetchTimeoutMs = new WeakMap(), _JWKSOAuthKeyring_discoveryCache = new WeakMap(), _JWKSOAuthKeyring_keyCache = new WeakMap(), _JWKSOAuthKeyring_discoveryInflight = new WeakMap(), _JWKSOAuthKeyring_keyInflight = new WeakMap(), _JWKSOAuthKeyring_instances = new WeakSet(), _JWKSOAuthKeyring_resolveJwksUri =
|
|
98
|
+
_JWKSOAuthKeyring_keyTtlMs = new WeakMap(), _JWKSOAuthKeyring_discoveryTtlMs = new WeakMap(), _JWKSOAuthKeyring_fetchTimeoutMs = new WeakMap(), _JWKSOAuthKeyring_discoveryCache = new WeakMap(), _JWKSOAuthKeyring_keyCache = new WeakMap(), _JWKSOAuthKeyring_keyCacheMaxEntries = new WeakMap(), _JWKSOAuthKeyring_discoveryInflight = new WeakMap(), _JWKSOAuthKeyring_keyInflight = new WeakMap(), _JWKSOAuthKeyring_instances = new WeakSet(), _JWKSOAuthKeyring_resolveJwksUri =
|
|
96
99
|
// -------------------------------------------------------
|
|
97
100
|
// Discovery resolution with cache + dedup
|
|
98
101
|
// -------------------------------------------------------
|
|
@@ -158,6 +161,7 @@ async function _JWKSOAuthKeyring_resolveKey(issuer, kid, jwksUri, cacheKey) {
|
|
|
158
161
|
value: key,
|
|
159
162
|
expiresAt: Date.now() + __classPrivateFieldGet(this, _JWKSOAuthKeyring_keyTtlMs, "f"),
|
|
160
163
|
});
|
|
164
|
+
__classPrivateFieldGet(this, _JWKSOAuthKeyring_instances, "m", _JWKSOAuthKeyring_evictKeysIfNeeded).call(this);
|
|
161
165
|
return key;
|
|
162
166
|
}
|
|
163
167
|
finally {
|
|
@@ -176,5 +180,13 @@ async function _JWKSOAuthKeyring_resolveKey(issuer, kid, jwksUri, cacheKey) {
|
|
|
176
180
|
return undefined;
|
|
177
181
|
}
|
|
178
182
|
return entry.value;
|
|
183
|
+
}, _JWKSOAuthKeyring_evictKeysIfNeeded = function _JWKSOAuthKeyring_evictKeysIfNeeded() {
|
|
184
|
+
while (__classPrivateFieldGet(this, _JWKSOAuthKeyring_keyCache, "f").size > __classPrivateFieldGet(this, _JWKSOAuthKeyring_keyCacheMaxEntries, "f")) {
|
|
185
|
+
const oldest = __classPrivateFieldGet(this, _JWKSOAuthKeyring_keyCache, "f").keys().next().value;
|
|
186
|
+
if (oldest === undefined) {
|
|
187
|
+
break;
|
|
188
|
+
}
|
|
189
|
+
__classPrivateFieldGet(this, _JWKSOAuthKeyring_keyCache, "f").delete(oldest);
|
|
190
|
+
}
|
|
179
191
|
};
|
|
180
192
|
//# sourceMappingURL=keyring.js.map
|
package/dist/cjs/keyring.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"keyring.js","sourceRoot":"","sources":["../../src/keyring.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,6BAAwB;AACxB,iDAAkE;
|
|
1
|
+
{"version":3,"file":"keyring.js","sourceRoot":"","sources":["../../src/keyring.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,6BAAwB;AACxB,iDAAkE;AA2BlE,MAAM,SAAS,GAAG,OAAC,CAAC,MAAM,CAAC;IACzB,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE;IACf,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC1B,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC1B,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CAC3B,CAAC,CAAC;AAEH,MAAM,YAAY,GAAG,SAAS,CAAC,MAAM,CAAC;IACpC,CAAC,EAAE,OAAC,CAAC,MAAM,EAAE;IACb,CAAC,EAAE,OAAC,CAAC,MAAM,EAAE;CACd,CAAC,CAAC;AAEH,MAAM,WAAW,GAAG,SAAS,CAAC,MAAM,CAAC;IACnC,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE;IACf,CAAC,EAAE,OAAC,CAAC,MAAM,EAAE;IACb,CAAC,EAAE,OAAC,CAAC,MAAM,EAAE;CACd,CAAC,CAAC;AAEH,MAAM,YAAY,GAAG,OAAC,CAAC,MAAM,CAAC;IAC5B,IAAI,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,KAAK,CAAC,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC,CAAC;CACpD,CAAC,CAAC;AAWH,MAAM,kBAAkB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAQ,YAAY;AAC7D,MAAM,wBAAwB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAE,SAAS;AAC3D,MAAM,wBAAwB,GAAG,MAAM,CAAC,CAAW,aAAa;AAChE,MAAM,6BAA6B,GAAG,GAAG,CAAC,CAAS,sBAAsB;AAEzE,SAAS,gBAAgB,CAAC,MAAc,EAAE,OAAe;IACvD,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;IAC5C,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;IAC3C,IAAI,YAAY,KAAK,UAAU,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CACb,oBAAoB,UAAU,mCAAmC,YAAY,UAAU,MAAM,GAAG,CACjG,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,MAAc,EAAE,GAAW;IAC9C,OAAO,GAAG,MAAM,KAAK,GAAG,EAAE,CAAC;AAC7B,CAAC;AAED,8EAA8E;AAC9E,8CAA8C;AAC9C,8EAA8E;AAE9E,MAAa,gBAAgB;IAY3B,YAAY,OAAiC;;QAX7C,6CAAkB;QAClB,mDAAwB;QACxB,mDAAwB;QAExB,2CAAkB,IAAI,GAAG,EAA8B,EAAC;QACxD,qCAAY,IAAI,GAAG,EAAiC,EAAC;QACrD,uDAA4B;QAE5B,8CAAqB,IAAI,GAAG,EAA2B,EAAC;QACxD,wCAAe,IAAI,GAAG,EAA8B,EAAC;QAGnD,uBAAA,IAAI,8BAAa,OAAO,EAAE,QAAQ,IAAI,kBAAkB,MAAA,CAAC;QACzD,uBAAA,IAAI,oCAAmB,OAAO,EAAE,cAAc,IAAI,wBAAwB,MAAA,CAAC;QAC3E,uBAAA,IAAI,oCAAmB,OAAO,EAAE,cAAc,IAAI,wBAAwB,MAAA,CAAC;QAC3E,uBAAA,IAAI,wCACF,OAAO,EAAE,kBAAkB,IAAI,6BAA6B,MAAA,CAAC;IACjE,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,MAAc,EAAE,GAAW;QACnC,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAC1C,MAAM,MAAM,GAAG,uBAAA,IAAI,gEAAW,MAAf,IAAI,EAAY,uBAAA,IAAI,kCAAU,EAAE,QAAQ,CAAC,CAAC;QACzD,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,qEAAgB,MAApB,IAAI,EAAiB,MAAM,CAAC,CAAC;QACnD,OAAO,uBAAA,IAAI,iEAAY,MAAhB,IAAI,EAAa,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;IAC1D,CAAC;IAED,UAAU,CAAC,MAAc,EAAE,GAAW;QACpC,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAC1C,uBAAA,IAAI,kCAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAChC,uBAAA,IAAI,qCAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACnC,uBAAA,IAAI,wCAAgB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACpC,uBAAA,IAAI,2CAAmB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACH,KAAK;QACH,uBAAA,IAAI,kCAAU,CAAC,KAAK,EAAE,CAAC;QACvB,uBAAA,IAAI,qCAAa,CAAC,KAAK,EAAE,CAAC;QAC1B,uBAAA,IAAI,wCAAgB,CAAC,KAAK,EAAE,CAAC;QAC7B,uBAAA,IAAI,2CAAmB,CAAC,KAAK,EAAE,CAAC;IAClC,CAAC;CAoIF;AArLD,4CAqLC;;AAlIC,0DAA0D;AAC1D,0CAA0C;AAC1C,0DAA0D;AAE1D,KAAK,2CAAiB,MAAc;IAClC,MAAM,MAAM,GAAG,uBAAA,IAAI,gEAAW,MAAf,IAAI,EAAY,uBAAA,IAAI,wCAAgB,EAAE,MAAM,CAAC,CAAC;IAC7D,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM,QAAQ,GAAG,uBAAA,IAAI,2CAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrD,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,OAAO,GAAG,CAAC,KAAK,IAAI,EAAE;QAC1B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAA,+CAAgC,EAAC,MAAM,EAAE;gBAC9D,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,uBAAA,IAAI,wCAAgB,CAAC;aAClD,CAAC,CAAC;YACH,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,sCAAsC,MAAM,GAAG,CAAC,CAAC;YACnE,CAAC;YAED,gBAAgB,CAAC,MAAM,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAE5C,uBAAA,IAAI,wCAAgB,CAAC,GAAG,CAAC,MAAM,EAAE;gBAC/B,KAAK,EAAE,QAAQ,CAAC,QAAQ;gBACxB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,uBAAA,IAAI,wCAAgB;aAC7C,CAAC,CAAC;YAEH,OAAO,QAAQ,CAAC,QAAQ,CAAC;QAC3B,CAAC;gBAAS,CAAC;YACT,uBAAA,IAAI,2CAAmB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACzC,CAAC;IACH,CAAC,CAAC,EAAE,CAAC;IAEL,uBAAA,IAAI,2CAAmB,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC7C,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,0DAA0D;AAC1D,oCAAoC;AACpC,0DAA0D;AAE1D,KAAK,uCACH,MAAc,EACd,GAAW,EACX,OAAe,EACf,QAAgB;IAEhB,MAAM,QAAQ,GAAG,uBAAA,IAAI,qCAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACjD,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,OAAO,GAAG,CAAC,KAAK,IAAI,EAAE;QAC1B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE;gBACpC,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,uBAAA,IAAI,wCAAgB,CAAC;aAClD,CAAC,CAAC;YACH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CACb,8BAA8B,OAAO,UAAU,MAAM,WAAW,QAAQ,CAAC,MAAM,GAAG,CACnF,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACxC,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC;YACvD,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,SAAS,MAAM,GAAG,CAAC,CAAC;YAChE,CAAC;YAED,+CAA+C;YAC/C,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CACvC,KAAK,EACL,GAAG,EACH;gBACE,IAAI,EAAE,mBAAmB;gBACzB,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;aAC1B,EACD,IAAI,EACJ,CAAC,QAAQ,CAAC,CACX,CAAC;YAEF,uBAAA,IAAI,kCAAU,CAAC,GAAG,CAAC,QAAQ,EAAE;gBAC3B,KAAK,EAAE,GAAG;gBACV,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,uBAAA,IAAI,kCAAU;aACvC,CAAC,CAAC;YACH,uBAAA,IAAI,wEAAmB,MAAvB,IAAI,CAAqB,CAAC;YAE1B,OAAO,GAAG,CAAC;QACb,CAAC;gBAAS,CAAC;YACT,uBAAA,IAAI,qCAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,CAAC;IACH,CAAC,CAAC,EAAE,CAAC;IAEL,uBAAA,IAAI,qCAAa,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACzC,OAAO,OAAO,CAAC;AACjB,CAAC,qEAMa,KAAiC,EAAE,GAAW;IAC1D,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;QAClC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAClB,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO,KAAK,CAAC,KAAK,CAAC;AACrB,CAAC;IAMC,OAAO,uBAAA,IAAI,kCAAU,CAAC,IAAI,GAAG,uBAAA,IAAI,4CAAoB,EAAE,CAAC;QACtD,MAAM,MAAM,GAAG,uBAAA,IAAI,kCAAU,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;QAClD,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,MAAM;QACR,CAAC;QACD,uBAAA,IAAI,kCAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAChC,CAAC;AACH,CAAC"}
|
package/dist/esm/keyring.d.ts
CHANGED
|
@@ -16,6 +16,8 @@ export interface JWKSOAuthKeyringOptions {
|
|
|
16
16
|
discoveryTtlMs?: number;
|
|
17
17
|
/** Timeout for both discovery and JWKS fetch requests. Default: 10 seconds. */
|
|
18
18
|
fetchTimeoutMs?: number;
|
|
19
|
+
/** Maximum number of cached keys before the oldest is evicted. Default: 256. */
|
|
20
|
+
keyCacheMaxEntries?: number;
|
|
19
21
|
}
|
|
20
22
|
export declare class JWKSOAuthKeyring implements OAuthKeyring {
|
|
21
23
|
#private;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"keyring.d.ts","sourceRoot":"","sources":["../../src/keyring.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,YAAY;IAC3B,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CAAA;CACrD;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,GAAG,EAAE,SAAS,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEF,MAAM,WAAW,cAAc;IAC7B,GAAG,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC,CAAA;CAC7C;AAED,MAAM,WAAW,uBAAuB;IACtC,qDAAqD;IACrD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,8EAA8E;IAC9E,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,+EAA+E;IAC/E,cAAc,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"keyring.d.ts","sourceRoot":"","sources":["../../src/keyring.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,YAAY;IAC3B,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CAAA;CACrD;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,GAAG,EAAE,SAAS,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEF,MAAM,WAAW,cAAc;IAC7B,GAAG,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC,CAAA;CAC7C;AAED,MAAM,WAAW,uBAAuB;IACtC,qDAAqD;IACrD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,8EAA8E;IAC9E,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,+EAA+E;IAC/E,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,gFAAgF;IAChF,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAwDD,qBAAa,gBAAiB,YAAW,YAAY;;gBAYvC,OAAO,CAAC,EAAE,uBAAuB;IAQvC,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;IAW1D,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,IAAI;IAQ7C;;;;OAIG;IACH,KAAK,IAAI,IAAI;CAyId"}
|
package/dist/esm/keyring.js
CHANGED
|
@@ -9,7 +9,7 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
|
|
|
9
9
|
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
|
|
10
10
|
return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
|
|
11
11
|
};
|
|
12
|
-
var _JWKSOAuthKeyring_instances, _JWKSOAuthKeyring_keyTtlMs, _JWKSOAuthKeyring_discoveryTtlMs, _JWKSOAuthKeyring_fetchTimeoutMs, _JWKSOAuthKeyring_discoveryCache, _JWKSOAuthKeyring_keyCache, _JWKSOAuthKeyring_discoveryInflight, _JWKSOAuthKeyring_keyInflight, _JWKSOAuthKeyring_resolveJwksUri, _JWKSOAuthKeyring_resolveKey, _JWKSOAuthKeyring_getCached;
|
|
12
|
+
var _JWKSOAuthKeyring_instances, _JWKSOAuthKeyring_keyTtlMs, _JWKSOAuthKeyring_discoveryTtlMs, _JWKSOAuthKeyring_fetchTimeoutMs, _JWKSOAuthKeyring_discoveryCache, _JWKSOAuthKeyring_keyCache, _JWKSOAuthKeyring_keyCacheMaxEntries, _JWKSOAuthKeyring_discoveryInflight, _JWKSOAuthKeyring_keyInflight, _JWKSOAuthKeyring_resolveJwksUri, _JWKSOAuthKeyring_resolveKey, _JWKSOAuthKeyring_getCached, _JWKSOAuthKeyring_evictKeysIfNeeded;
|
|
13
13
|
import { z } from "zod";
|
|
14
14
|
import { fetchAuthorizationServerMetadata } from "./discovery.js";
|
|
15
15
|
const JWKSchema = z.object({
|
|
@@ -33,6 +33,7 @@ const JWKSetSchema = z.object({
|
|
|
33
33
|
const DEFAULT_KEY_TTL_MS = 5 * 60 * 1000; // 5 minutes
|
|
34
34
|
const DEFAULT_DISCOVERY_TTL_MS = 60 * 60 * 1000; // 1 hour
|
|
35
35
|
const DEFAULT_FETCH_TIMEOUT_MS = 10_000; // 10 seconds
|
|
36
|
+
const DEFAULT_KEY_CACHE_MAX_ENTRIES = 256; // bound the key cache
|
|
36
37
|
function assertSameOrigin(issuer, jwksUri) {
|
|
37
38
|
const issuerOrigin = new URL(issuer).origin;
|
|
38
39
|
const jwksOrigin = new URL(jwksUri).origin;
|
|
@@ -54,11 +55,13 @@ export class JWKSOAuthKeyring {
|
|
|
54
55
|
_JWKSOAuthKeyring_fetchTimeoutMs.set(this, void 0);
|
|
55
56
|
_JWKSOAuthKeyring_discoveryCache.set(this, new Map());
|
|
56
57
|
_JWKSOAuthKeyring_keyCache.set(this, new Map());
|
|
58
|
+
_JWKSOAuthKeyring_keyCacheMaxEntries.set(this, void 0);
|
|
57
59
|
_JWKSOAuthKeyring_discoveryInflight.set(this, new Map());
|
|
58
60
|
_JWKSOAuthKeyring_keyInflight.set(this, new Map());
|
|
59
61
|
__classPrivateFieldSet(this, _JWKSOAuthKeyring_keyTtlMs, options?.keyTtlMs ?? DEFAULT_KEY_TTL_MS, "f");
|
|
60
62
|
__classPrivateFieldSet(this, _JWKSOAuthKeyring_discoveryTtlMs, options?.discoveryTtlMs ?? DEFAULT_DISCOVERY_TTL_MS, "f");
|
|
61
63
|
__classPrivateFieldSet(this, _JWKSOAuthKeyring_fetchTimeoutMs, options?.fetchTimeoutMs ?? DEFAULT_FETCH_TIMEOUT_MS, "f");
|
|
64
|
+
__classPrivateFieldSet(this, _JWKSOAuthKeyring_keyCacheMaxEntries, options?.keyCacheMaxEntries ?? DEFAULT_KEY_CACHE_MAX_ENTRIES, "f");
|
|
62
65
|
}
|
|
63
66
|
async key(issuer, kid) {
|
|
64
67
|
const cacheKey = keyCacheKey(issuer, kid);
|
|
@@ -88,7 +91,7 @@ export class JWKSOAuthKeyring {
|
|
|
88
91
|
__classPrivateFieldGet(this, _JWKSOAuthKeyring_discoveryInflight, "f").clear();
|
|
89
92
|
}
|
|
90
93
|
}
|
|
91
|
-
_JWKSOAuthKeyring_keyTtlMs = new WeakMap(), _JWKSOAuthKeyring_discoveryTtlMs = new WeakMap(), _JWKSOAuthKeyring_fetchTimeoutMs = new WeakMap(), _JWKSOAuthKeyring_discoveryCache = new WeakMap(), _JWKSOAuthKeyring_keyCache = new WeakMap(), _JWKSOAuthKeyring_discoveryInflight = new WeakMap(), _JWKSOAuthKeyring_keyInflight = new WeakMap(), _JWKSOAuthKeyring_instances = new WeakSet(), _JWKSOAuthKeyring_resolveJwksUri =
|
|
94
|
+
_JWKSOAuthKeyring_keyTtlMs = new WeakMap(), _JWKSOAuthKeyring_discoveryTtlMs = new WeakMap(), _JWKSOAuthKeyring_fetchTimeoutMs = new WeakMap(), _JWKSOAuthKeyring_discoveryCache = new WeakMap(), _JWKSOAuthKeyring_keyCache = new WeakMap(), _JWKSOAuthKeyring_keyCacheMaxEntries = new WeakMap(), _JWKSOAuthKeyring_discoveryInflight = new WeakMap(), _JWKSOAuthKeyring_keyInflight = new WeakMap(), _JWKSOAuthKeyring_instances = new WeakSet(), _JWKSOAuthKeyring_resolveJwksUri =
|
|
92
95
|
// -------------------------------------------------------
|
|
93
96
|
// Discovery resolution with cache + dedup
|
|
94
97
|
// -------------------------------------------------------
|
|
@@ -154,6 +157,7 @@ async function _JWKSOAuthKeyring_resolveKey(issuer, kid, jwksUri, cacheKey) {
|
|
|
154
157
|
value: key,
|
|
155
158
|
expiresAt: Date.now() + __classPrivateFieldGet(this, _JWKSOAuthKeyring_keyTtlMs, "f"),
|
|
156
159
|
});
|
|
160
|
+
__classPrivateFieldGet(this, _JWKSOAuthKeyring_instances, "m", _JWKSOAuthKeyring_evictKeysIfNeeded).call(this);
|
|
157
161
|
return key;
|
|
158
162
|
}
|
|
159
163
|
finally {
|
|
@@ -172,5 +176,13 @@ async function _JWKSOAuthKeyring_resolveKey(issuer, kid, jwksUri, cacheKey) {
|
|
|
172
176
|
return undefined;
|
|
173
177
|
}
|
|
174
178
|
return entry.value;
|
|
179
|
+
}, _JWKSOAuthKeyring_evictKeysIfNeeded = function _JWKSOAuthKeyring_evictKeysIfNeeded() {
|
|
180
|
+
while (__classPrivateFieldGet(this, _JWKSOAuthKeyring_keyCache, "f").size > __classPrivateFieldGet(this, _JWKSOAuthKeyring_keyCacheMaxEntries, "f")) {
|
|
181
|
+
const oldest = __classPrivateFieldGet(this, _JWKSOAuthKeyring_keyCache, "f").keys().next().value;
|
|
182
|
+
if (oldest === undefined) {
|
|
183
|
+
break;
|
|
184
|
+
}
|
|
185
|
+
__classPrivateFieldGet(this, _JWKSOAuthKeyring_keyCache, "f").delete(oldest);
|
|
186
|
+
}
|
|
175
187
|
};
|
|
176
188
|
//# sourceMappingURL=keyring.js.map
|
package/dist/esm/keyring.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"keyring.js","sourceRoot":"","sources":["../../src/keyring.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,gCAAgC,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"keyring.js","sourceRoot":"","sources":["../../src/keyring.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,gCAAgC,EAAE,MAAM,gBAAgB,CAAC;AA2BlE,MAAM,SAAS,GAAG,CAAC,CAAC,MAAM,CAAC;IACzB,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE;IACf,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC1B,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC1B,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CAC3B,CAAC,CAAC;AAEH,MAAM,YAAY,GAAG,SAAS,CAAC,MAAM,CAAC;IACpC,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE;IACb,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE;CACd,CAAC,CAAC;AAEH,MAAM,WAAW,GAAG,SAAS,CAAC,MAAM,CAAC;IACnC,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE;IACf,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE;IACb,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE;CACd,CAAC,CAAC;AAEH,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC;IAC5B,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC,CAAC;CACpD,CAAC,CAAC;AAWH,MAAM,kBAAkB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAQ,YAAY;AAC7D,MAAM,wBAAwB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAE,SAAS;AAC3D,MAAM,wBAAwB,GAAG,MAAM,CAAC,CAAW,aAAa;AAChE,MAAM,6BAA6B,GAAG,GAAG,CAAC,CAAS,sBAAsB;AAEzE,SAAS,gBAAgB,CAAC,MAAc,EAAE,OAAe;IACvD,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;IAC5C,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;IAC3C,IAAI,YAAY,KAAK,UAAU,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CACb,oBAAoB,UAAU,mCAAmC,YAAY,UAAU,MAAM,GAAG,CACjG,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,MAAc,EAAE,GAAW;IAC9C,OAAO,GAAG,MAAM,KAAK,GAAG,EAAE,CAAC;AAC7B,CAAC;AAED,8EAA8E;AAC9E,8CAA8C;AAC9C,8EAA8E;AAE9E,MAAM,OAAO,gBAAgB;IAY3B,YAAY,OAAiC;;QAX7C,6CAAkB;QAClB,mDAAwB;QACxB,mDAAwB;QAExB,2CAAkB,IAAI,GAAG,EAA8B,EAAC;QACxD,qCAAY,IAAI,GAAG,EAAiC,EAAC;QACrD,uDAA4B;QAE5B,8CAAqB,IAAI,GAAG,EAA2B,EAAC;QACxD,wCAAe,IAAI,GAAG,EAA8B,EAAC;QAGnD,uBAAA,IAAI,8BAAa,OAAO,EAAE,QAAQ,IAAI,kBAAkB,MAAA,CAAC;QACzD,uBAAA,IAAI,oCAAmB,OAAO,EAAE,cAAc,IAAI,wBAAwB,MAAA,CAAC;QAC3E,uBAAA,IAAI,oCAAmB,OAAO,EAAE,cAAc,IAAI,wBAAwB,MAAA,CAAC;QAC3E,uBAAA,IAAI,wCACF,OAAO,EAAE,kBAAkB,IAAI,6BAA6B,MAAA,CAAC;IACjE,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,MAAc,EAAE,GAAW;QACnC,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAC1C,MAAM,MAAM,GAAG,uBAAA,IAAI,gEAAW,MAAf,IAAI,EAAY,uBAAA,IAAI,kCAAU,EAAE,QAAQ,CAAC,CAAC;QACzD,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,qEAAgB,MAApB,IAAI,EAAiB,MAAM,CAAC,CAAC;QACnD,OAAO,uBAAA,IAAI,iEAAY,MAAhB,IAAI,EAAa,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;IAC1D,CAAC;IAED,UAAU,CAAC,MAAc,EAAE,GAAW;QACpC,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAC1C,uBAAA,IAAI,kCAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAChC,uBAAA,IAAI,qCAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACnC,uBAAA,IAAI,wCAAgB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACpC,uBAAA,IAAI,2CAAmB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACH,KAAK;QACH,uBAAA,IAAI,kCAAU,CAAC,KAAK,EAAE,CAAC;QACvB,uBAAA,IAAI,qCAAa,CAAC,KAAK,EAAE,CAAC;QAC1B,uBAAA,IAAI,wCAAgB,CAAC,KAAK,EAAE,CAAC;QAC7B,uBAAA,IAAI,2CAAmB,CAAC,KAAK,EAAE,CAAC;IAClC,CAAC;CAoIF;;AAlIC,0DAA0D;AAC1D,0CAA0C;AAC1C,0DAA0D;AAE1D,KAAK,2CAAiB,MAAc;IAClC,MAAM,MAAM,GAAG,uBAAA,IAAI,gEAAW,MAAf,IAAI,EAAY,uBAAA,IAAI,wCAAgB,EAAE,MAAM,CAAC,CAAC;IAC7D,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM,QAAQ,GAAG,uBAAA,IAAI,2CAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrD,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,OAAO,GAAG,CAAC,KAAK,IAAI,EAAE;QAC1B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,gCAAgC,CAAC,MAAM,EAAE;gBAC9D,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,uBAAA,IAAI,wCAAgB,CAAC;aAClD,CAAC,CAAC;YACH,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,sCAAsC,MAAM,GAAG,CAAC,CAAC;YACnE,CAAC;YAED,gBAAgB,CAAC,MAAM,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAE5C,uBAAA,IAAI,wCAAgB,CAAC,GAAG,CAAC,MAAM,EAAE;gBAC/B,KAAK,EAAE,QAAQ,CAAC,QAAQ;gBACxB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,uBAAA,IAAI,wCAAgB;aAC7C,CAAC,CAAC;YAEH,OAAO,QAAQ,CAAC,QAAQ,CAAC;QAC3B,CAAC;gBAAS,CAAC;YACT,uBAAA,IAAI,2CAAmB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACzC,CAAC;IACH,CAAC,CAAC,EAAE,CAAC;IAEL,uBAAA,IAAI,2CAAmB,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC7C,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,0DAA0D;AAC1D,oCAAoC;AACpC,0DAA0D;AAE1D,KAAK,uCACH,MAAc,EACd,GAAW,EACX,OAAe,EACf,QAAgB;IAEhB,MAAM,QAAQ,GAAG,uBAAA,IAAI,qCAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACjD,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,OAAO,GAAG,CAAC,KAAK,IAAI,EAAE;QAC1B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE;gBACpC,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,uBAAA,IAAI,wCAAgB,CAAC;aAClD,CAAC,CAAC;YACH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CACb,8BAA8B,OAAO,UAAU,MAAM,WAAW,QAAQ,CAAC,MAAM,GAAG,CACnF,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACxC,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC;YACvD,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,SAAS,MAAM,GAAG,CAAC,CAAC;YAChE,CAAC;YAED,+CAA+C;YAC/C,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CACvC,KAAK,EACL,GAAG,EACH;gBACE,IAAI,EAAE,mBAAmB;gBACzB,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;aAC1B,EACD,IAAI,EACJ,CAAC,QAAQ,CAAC,CACX,CAAC;YAEF,uBAAA,IAAI,kCAAU,CAAC,GAAG,CAAC,QAAQ,EAAE;gBAC3B,KAAK,EAAE,GAAG;gBACV,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,uBAAA,IAAI,kCAAU;aACvC,CAAC,CAAC;YACH,uBAAA,IAAI,wEAAmB,MAAvB,IAAI,CAAqB,CAAC;YAE1B,OAAO,GAAG,CAAC;QACb,CAAC;gBAAS,CAAC;YACT,uBAAA,IAAI,qCAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,CAAC;IACH,CAAC,CAAC,EAAE,CAAC;IAEL,uBAAA,IAAI,qCAAa,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACzC,OAAO,OAAO,CAAC;AACjB,CAAC,qEAMa,KAAiC,EAAE,GAAW;IAC1D,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;QAClC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAClB,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO,KAAK,CAAC,KAAK,CAAC;AACrB,CAAC;IAMC,OAAO,uBAAA,IAAI,kCAAU,CAAC,IAAI,GAAG,uBAAA,IAAI,4CAAoB,EAAE,CAAC;QACtD,MAAM,MAAM,GAAG,uBAAA,IAAI,kCAAU,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;QAClD,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,MAAM;QACR,CAAC;QACD,uBAAA,IAAI,kCAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAChC,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@keycardai/oauth",
|
|
3
|
-
"version": "0.8.
|
|
3
|
+
"version": "0.8.4",
|
|
4
4
|
"description": "[Preview] OAuth 2.0 primitives for Keycard: JWKS keyring, JWT signing/verification, server-tier token verifier, AccessContext, ClientSecret credentials, and impersonation via RFC 8693 token exchange",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"repository": {
|