@liflig/cdk-cloudfront-auth 1.9.0 → 1.9.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/dist/check-auth/index.js +4 -4
  2. package/dist/generate-secret/index.js +1 -1
  3. package/dist/http-headers/index.js +2 -2
  4. package/dist/parse-auth/index.js +13 -13
  5. package/dist/refresh-auth/index.js +13 -13
  6. package/dist/sign-out/index.js +6 -6
  7. package/lib/handlers/util/axios.js +1 -3
  8. package/lib/handlers/util/jwt.js +1 -2
  9. package/lib/handlers/util/logger.js +1 -4
  10. package/package.json +3 -3
package/dist/generate-secret/index.js CHANGED
@@ -1 +1 @@
1
- var J=Object.create;var{getPrototypeOf:K,defineProperty:k,getOwnPropertyNames:F,getOwnPropertyDescriptor:L}=Object,G=Object.prototype.hasOwnProperty;function H(f){return this[f]}var M,N,U=(f,g,h)=>{var j=f!=null&&typeof f==="object";if(j){var C=g?M??=new WeakMap:N??=new WeakMap,D=C.get(f);if(D)return D}h=f!=null?J(K(f)):{};let z=g||!f||!f.__esModule?k(h,"default",{value:f,enumerable:!0}):h;for(let A of F(f))if(!G.call(z,A))k(z,A,{get:H.bind(f,A),enumerable:!0});if(j)C.set(f,z);return z},O=(f)=>{var g=(E??=new WeakMap).get(f),h;if(g)return g;if(g=k({},"__esModule",{value:!0}),f&&typeof f==="object"||typeof f==="function"){for(var j of F(f))if(!G.call(g,j))k(g,j,{get:H.bind(f,j),enumerable:!(h=L(f,j))||h.enumerable})}return E.set(f,g),g},E,V=(f,g)=>()=>(g||f((g={exports:{}}).exports,g),g.exports);var P=(f)=>f;function Q(f,g){this[f]=P.bind(null,g)}var R=(f,g)=>{for(var h in g)k(f,h,{get:g[h],enumerable:!0,configurable:!0,set:Q.bind(g,h)})};var T={};R(T,{handler:()=>S});module.exports=O(T);var I=require("node:crypto"),S=async(f)=>{switch(f.RequestType){case"Delete":return{PhysicalResourceId:f.PhysicalResourceId};case"Create":case"Update":return{PhysicalResourceId:"generate-secret",Data:{Value:I.randomBytes(16).toString("hex")}}}};
1
+ var R=Object.create;var{getPrototypeOf:p,defineProperty:a,getOwnPropertyNames:l,getOwnPropertyDescriptor:g}=Object,u=Object.prototype.hasOwnProperty;function y(e){return this[e]}var P,I,E=(e,t,r)=>{var s=e!=null&&typeof e==="object";if(s){var i=t?P??=new WeakMap:I??=new WeakMap,o=i.get(e);if(o)return o}r=e!=null?R(p(e)):{};let c=t||!e||!e.__esModule?a(r,"default",{value:e,enumerable:!0}):r;for(let n of l(e))if(!u.call(c,n))a(c,n,{get:y.bind(e,n),enumerable:!0});if(s)i.set(e,c);return c},m=(e)=>{var t=(d??=new WeakMap).get(e),r;if(t)return t;if(t=a({},"__esModule",{value:!0}),e&&typeof e==="object"||typeof e==="function"){for(var s of l(e))if(!u.call(t,s))a(t,s,{get:y.bind(e,s),enumerable:!(r=g(e,s))||r.enumerable})}return d.set(e,t),t},d,H=(e,t)=>()=>(t||e((t={exports:{}}).exports,t),t.exports);var D=(e)=>e;function q(e,t){this[e]=D.bind(null,t)}var v=(e,t)=>{for(var r in t)a(e,r,{get:t[r],enumerable:!0,configurable:!0,set:q.bind(t,r)})};var C={};v(C,{handler:()=>x});module.exports=m(C);var h=require("node:crypto"),x=async(e)=>{switch(e.RequestType){case"Delete":return{PhysicalResourceId:e.PhysicalResourceId};case"Create":case"Update":return{PhysicalResourceId:"generate-secret",Data:{Value:h.randomBytes(16).toString("hex")}}}};
package/dist/http-headers/index.js CHANGED
@@ -1,4 +1,4 @@
1
- var d=Object.create;var{getPrototypeOf:L,defineProperty:s,getOwnPropertyNames:W,getOwnPropertyDescriptor:m}=Object,Y=Object.prototype.hasOwnProperty;function z(n){return this[n]}var e,c,B=(n,u,r)=>{var t=n!=null&&typeof n==="object";if(t){var l=u?e??=new WeakMap:c??=new WeakMap,f=l.get(n);if(f)return f}r=n!=null?d(L(n)):{};let g=u||!n||!n.__esModule?s(r,"default",{value:n,enumerable:!0}):r;for(let h of W(n))if(!Y.call(g,h))s(g,h,{get:z.bind(n,h),enumerable:!0});if(t)l.set(n,g);return g},S=(n)=>{var u=(G??=new WeakMap).get(n),r;if(u)return u;if(u=s({},"__esModule",{value:!0}),n&&typeof n==="object"||typeof n==="function"){for(var t of W(n))if(!Y.call(u,t))s(u,t,{get:z.bind(n,t),enumerable:!(r=m(n,t))||r.enumerable})}return G.set(n,u),u},G,_=(n,u)=>()=>(u||n((u={exports:{}}).exports,u),u.exports);var v=(n)=>n;function i(n,u){this[n]=v.bind(null,u)}var I=(n,u)=>{for(var r in u)s(n,r,{get:u[r],enumerable:!0,configurable:!0,set:i.bind(u,r)})};var Z=_((R)=>{Object.defineProperty(R,"__esModule",{value:!0});R.parseCookie=Q;R.parse=Q;R.stringifyCookie=rn;R.stringifySetCookie=w;R.serialize=w;R.parseSetCookie=fn;R.stringifySetCookie=w;R.serialize=w;var K=/^[\u0021-\u003A\u003C\u003E-\u007E]+$/,P=/^[\u0021-\u003A\u003C-\u007E]*$/,x=/^([.]?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)([.][a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)*$/i,k=/^[\u0020-\u003A\u003D-\u007E]*$/,nn=/^-?\d+$/,tn=Object.prototype.toString,un=(()=>{let n=function(){};return n.prototype=Object.create(null),n})();function Q(n,u){let r=new un,t=n.length;if(t<2)return r;let l=u?.decode||X,f=0;do{let g=$(n,f,t);if(g===-1)break;let h=T(n,f,t);if(g>h){f=n.lastIndexOf(";",g-1)+1;continue}let y=F(n,f,g);if(r[y]===void 0)r[y]=l(F(n,g+1,h));f=h+1}while(f<t);return r}function rn(n,u){let r=u?.encode||encodeURIComponent,t=[];for(let l of Object.keys(n)){let f=n[l];if(f===void 0)continue;if(!K.test(l))throw TypeError(`cookie name is invalid: ${l}`);let g=r(f);if(!P.test(g))throw TypeError(`cookie val is invalid: ${f}`);t.push(`${l}=${g}`)}return t.join("; ")}function w(n,u,r){let t=typeof n==="object"?n:{...r,name:n,value:String(u)},f=(typeof u==="object"?u:r)?.encode||encodeURIComponent;if(!K.test(t.name))throw TypeError(`argument name is invalid: ${t.name}`);let g=t.value?f(t.value):"";if(!P.test(g))throw TypeError(`argument val is invalid: ${t.value}`);let h=t.name+"="+g;if(t.maxAge!==void 0){if(!Number.isInteger(t.maxAge))throw TypeError(`option maxAge is invalid: ${t.maxAge}`);h+="; Max-Age="+t.maxAge}if(t.domain){if(!x.test(t.domain))throw TypeError(`option domain is invalid: ${t.domain}`);h+="; Domain="+t.domain}if(t.path){if(!k.test(t.path))throw TypeError(`option path is invalid: ${t.path}`);h+="; Path="+t.path}if(t.expires){if(!gn(t.expires)||!Number.isFinite(t.expires.valueOf()))throw TypeError(`option expires is invalid: ${t.expires}`);h+="; Expires="+t.expires.toUTCString()}if(t.httpOnly)h+="; HttpOnly";if(t.secure)h+="; Secure";if(t.partitioned)h+="; Partitioned";if(t.priority)switch(typeof t.priority==="string"?t.priority.toLowerCase():void 0){case"low":h+="; Priority=Low";break;case"medium":h+="; Priority=Medium";break;case"high":h+="; Priority=High";break;default:throw TypeError(`option priority is invalid: ${t.priority}`)}if(t.sameSite)switch(typeof t.sameSite==="string"?t.sameSite.toLowerCase():t.sameSite){case!0:case"strict":h+="; SameSite=Strict";break;case"lax":h+="; SameSite=Lax";break;case"none":h+="; SameSite=None";break;default:throw TypeError(`option sameSite is invalid: ${t.sameSite}`)}return h}function fn(n,u){let r=u?.decode||X,t=n.length,l=T(n,0,t),f=$(n,0,l),g=f===-1?{name:"",value:r(F(n,0,l))}:{name:F(n,0,f),value:r(F(n,f+1,l))},h=l+1;while(h<t){let y=T(n,h,t),p=$(n,h,y),q=p===-1?F(n,h,y):F(n,h,p),H=p===-1?void 0:F(n,p+1,y);switch(q.toLowerCase()){case"httponly":g.httpOnly=!0;break;case"secure":g.secure=!0;break;case"partitioned":g.partitioned=!0;break;case"domain":g.domain=H;break;case"path":g.path=H;break;case"max-age":if(H&&nn.test(H))g.maxAge=Number(H);break;case"expires":if(!H)break;let D=new Date(H);if(Number.isFinite(D.valueOf()))g.expires=D;break;case"priority":if(!H)break;let b=H.toLowerCase();if(b==="low"||b==="medium"||b==="high")g.priority=b;break;case"samesite":if(!H)break;let C=H.toLowerCase();if(C==="lax"||C==="strict"||C==="none")g.sameSite=C;break}h=y+1}return g}function T(n,u,r){let t=n.indexOf(";",u);return t===-1?r:t}function $(n,u,r){let t=n.indexOf("=",u);return t<r?t:-1}function F(n,u,r){let t=u,l=r;do{let f=n.charCodeAt(t);if(f!==32&&f!==9)break}while(++t<l);while(l>t){let f=n.charCodeAt(l-1);if(f!==32&&f!==9)break;l--}return n.slice(t,l)}function X(n){if(n.indexOf("%")===-1)return n;try{return decodeURIComponent(n)}catch(u){return n}}function gn(n){return tn.call(n)==="[object Date]"}});var Fn={};I(Fn,{handler:()=>yn});module.exports=S(Fn);var J=`<!DOCTYPE html>
1
+ var L=Object.create;var{getPrototypeOf:m,defineProperty:C,getOwnPropertyNames:W,getOwnPropertyDescriptor:d}=Object,Y=Object.prototype.hasOwnProperty;function z(u){return this[u]}var S,_,B=(u,t,r)=>{var n=u!=null&&typeof u==="object";if(n){var H=t?S??=new WeakMap:_??=new WeakMap,f=H.get(u);if(f)return f}r=u!=null?L(m(u)):{};let g=t||!u||!u.__esModule?C(r,"default",{value:u,enumerable:!0}):r;for(let h of W(u))if(!Y.call(g,h))C(g,h,{get:z.bind(u,h),enumerable:!0});if(n)H.set(u,g);return g},v=(u)=>{var t=(G??=new WeakMap).get(u),r;if(t)return t;if(t=C({},"__esModule",{value:!0}),u&&typeof u==="object"||typeof u==="function"){for(var n of W(u))if(!Y.call(t,n))C(t,n,{get:z.bind(u,n),enumerable:!(r=d(u,n))||r.enumerable})}return G.set(u,t),t},G,c=(u,t)=>()=>(t||u((t={exports:{}}).exports,t),t.exports);var I=(u)=>u;function e(u,t){this[u]=I.bind(null,t)}var o=(u,t)=>{for(var r in t)C(u,r,{get:t[r],enumerable:!0,configurable:!0,set:e.bind(t,r)})};var Z=c((F)=>{Object.defineProperty(F,"__esModule",{value:!0});F.parseCookie=Q;F.parse=Q;F.stringifyCookie=ru;F.stringifySetCookie=p;F.serialize=p;F.parseSetCookie=fu;F.stringifySetCookie=p;F.serialize=p;var K=/^[\u0021-\u003A\u003C\u003E-\u007E]+$/,P=/^[\u0021-\u003A\u003C-\u007E]*$/,x=/^([.]?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)([.][a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)*$/i,k=/^[\u0020-\u003A\u003D-\u007E]*$/,uu=/^-?\d+$/,nu=Object.prototype.toString,tu=(()=>{let u=function(){};return u.prototype=Object.create(null),u})();function Q(u,t){let r=new tu,n=u.length;if(n<2)return r;let H=t?.decode||X,f=0;do{let g=O(u,f,n);if(g===-1)break;let h=s(u,f,n);if(g>h){f=u.lastIndexOf(";",g-1)+1;continue}let y=l(u,f,g);if(r[y]===void 0)r[y]=H(l(u,g+1,h));f=h+1}while(f<n);return r}function ru(u,t){let r=t?.encode||encodeURIComponent,n=[];for(let H of Object.keys(u)){let f=u[H];if(f===void 0)continue;if(!K.test(H))throw TypeError(`cookie name is invalid: ${H}`);let g=r(f);if(!P.test(g))throw TypeError(`cookie val is invalid: ${f}`);n.push(`${H}=${g}`)}return n.join("; ")}function p(u,t,r){let n=typeof u==="object"?u:{...r,name:u,value:String(t)},f=(typeof t==="object"?t:r)?.encode||encodeURIComponent;if(!K.test(n.name))throw TypeError(`argument name is invalid: ${n.name}`);let g=n.value?f(n.value):"";if(!P.test(g))throw TypeError(`argument val is invalid: ${n.value}`);let h=n.name+"="+g;if(n.maxAge!==void 0){if(!Number.isInteger(n.maxAge))throw TypeError(`option maxAge is invalid: ${n.maxAge}`);h+="; Max-Age="+n.maxAge}if(n.domain){if(!x.test(n.domain))throw TypeError(`option domain is invalid: ${n.domain}`);h+="; Domain="+n.domain}if(n.path){if(!k.test(n.path))throw TypeError(`option path is invalid: ${n.path}`);h+="; Path="+n.path}if(n.expires){if(!gu(n.expires)||!Number.isFinite(n.expires.valueOf()))throw TypeError(`option expires is invalid: ${n.expires}`);h+="; Expires="+n.expires.toUTCString()}if(n.httpOnly)h+="; HttpOnly";if(n.secure)h+="; Secure";if(n.partitioned)h+="; Partitioned";if(n.priority)switch(typeof n.priority==="string"?n.priority.toLowerCase():void 0){case"low":h+="; Priority=Low";break;case"medium":h+="; Priority=Medium";break;case"high":h+="; Priority=High";break;default:throw TypeError(`option priority is invalid: ${n.priority}`)}if(n.sameSite)switch(typeof n.sameSite==="string"?n.sameSite.toLowerCase():n.sameSite){case!0:case"strict":h+="; SameSite=Strict";break;case"lax":h+="; SameSite=Lax";break;case"none":h+="; SameSite=None";break;default:throw TypeError(`option sameSite is invalid: ${n.sameSite}`)}return h}function fu(u,t){let r=t?.decode||X,n=u.length,H=s(u,0,n),f=O(u,0,H),g=f===-1?{name:"",value:r(l(u,0,H))}:{name:l(u,0,f),value:r(l(u,f+1,H))},h=H+1;while(h<n){let y=s(u,h,n),w=O(u,h,y),q=w===-1?l(u,h,y):l(u,h,w),R=w===-1?void 0:l(u,w+1,y);switch(q.toLowerCase()){case"httponly":g.httpOnly=!0;break;case"secure":g.secure=!0;break;case"partitioned":g.partitioned=!0;break;case"domain":g.domain=R;break;case"path":g.path=R;break;case"max-age":if(R&&uu.test(R))g.maxAge=Number(R);break;case"expires":if(!R)break;let D=new Date(R);if(Number.isFinite(D.valueOf()))g.expires=D;break;case"priority":if(!R)break;let b=R.toLowerCase();if(b==="low"||b==="medium"||b==="high")g.priority=b;break;case"samesite":if(!R)break;let T=R.toLowerCase();if(T==="lax"||T==="strict"||T==="none")g.sameSite=T;break}h=y+1}return g}function s(u,t,r){let n=u.indexOf(";",t);return n===-1?r:n}function O(u,t,r){let n=u.indexOf("=",t);return n<r?n:-1}function l(u,t,r){let n=t,H=r;do{let f=u.charCodeAt(n);if(f!==32&&f!==9)break}while(++n<H);while(H>n){let f=u.charCodeAt(H-1);if(f!==32&&f!==9)break;H--}return u.slice(n,H)}function X(u){if(u.indexOf("%")===-1)return u;try{return decodeURIComponent(u)}catch(t){return u}}function gu(u){return nu.call(u)==="[object Date]"}});var lu={};o(lu,{handler:()=>yu});module.exports=v(lu);var J=`<!DOCTYPE html>
2
2
  <html lang="en">
3
3
  <head>
4
4
  <meta charset="utf-8" />
@@ -18,4 +18,4 @@ var d=Object.create;var{getPrototypeOf:L,defineProperty:s,getOwnPropertyNames:W,
18
18
  </p>
19
19
  </body>
20
20
  </html>
21
- `;var A=require("node:fs"),a=B(require("node:path")),M=require("node:url"),N=B(Z(),1);var O;((f)=>{f[f.none=0]="none";f[f.error=10]="error";f[f.warn=20]="warn";f[f.info=30]="info";f[f.debug=40]="debug"})(O||={});class j{logLevel;constructor(n){this.logLevel=n}jsonify(n){return n.map((u)=>{if(typeof u==="object")try{return JSON.stringify(u)}catch{return u}return u})}info(...n){if(this.logLevel>=30)console.log(...this.jsonify(n))}warn(...n){if(this.logLevel>=20)console.warn(...this.jsonify(n))}error(...n){if(this.logLevel>=10)console.error(...this.jsonify(n))}debug(...n){if(this.logLevel>=40)console.trace(...this.jsonify(n))}}var hn=M.fileURLToPath("file:///home/runner/work/cdk-cloudfront-auth/cdk-cloudfront-auth/src/handlers/util/config.ts"),ln=a.dirname(hn);function E(){let u=process.env.LAMBDA_TASK_ROOT||ln,r=a.join(u,"config.json");console.log("Loading config from",r);let t=JSON.parse(A.readFileSync(r,"utf-8")),f=`https://cognito-idp.${/^(\S+?)_\S+$/.exec(t.userPoolId)[1]}.amazonaws.com/${t.userPoolId}`,g=`${f}/.well-known/jwks.json`;return{nonceMaxAge:Number.parseInt(N.parse(t.cookieSettings.nonce.toLowerCase())["max-age"],10)||86400,...t,tokenIssuer:f,tokenJwksUri:g,logger:new j(O[t.logLevel])}}function Hn(n){return Object.entries(n).reduce((u,[r,t])=>Object.assign(u,{[r.toLowerCase()]:[{key:r,value:t}]}),{})}function On(n,u){let r=u?.cookies?{"set-cookie":u.cookies.map((t)=>({key:"set-cookie",value:t}))}:{};return{status:"307",statusDescription:"Temporary Redirect",headers:{location:[{key:"location",value:n}],...r}}}function jn(n){return{body:Rn(n),status:n.statusCode??"500",headers:{"content-type":[{key:"Content-Type",value:"text/html; charset=UTF-8"}]}}}function Rn(n){let u={...n,region:process.env.AWS_REGION};return J.replace(/\${([^}]*)}/g,(r,t)=>u[t]||"")}function U(n,u){if(!u)throw Error("Expected response value");return{...u,headers:{...u.headers??{},...Hn(n.httpHeaders)}}}function En(n){let u;return async(r)=>{if(!u)u=E();u.logger.debug("Handling event:",r);let t=U(u,await n(u,r));return u.logger.debug("Returning response:",t),t}}function V(n){let u;return async(r)=>{if(!u)u=E();u.logger.debug("Handling event:",r);let t=U(u,await n(u,r));return u.logger.debug("Returning response:",t),t}}var yn=V(async(n,u)=>u.Records[0].cf.response);
21
+ `;var A=require("node:fs"),$=B(require("node:path")),M=require("node:url"),N=B(Z(),1);var a;((f)=>{f[f.none=0]="none";f[f.error=10]="error";f[f.warn=20]="warn";f[f.info=30]="info";f[f.debug=40]="debug"})(a||={});class j{logLevel;constructor(u){this.logLevel=u}jsonify(u){return u.map((t)=>{if(typeof t==="object")try{return JSON.stringify(t)}catch{return t}return t})}info(...u){if(this.logLevel>=30)console.log(...this.jsonify(u))}warn(...u){if(this.logLevel>=20)console.warn(...this.jsonify(u))}error(...u){if(this.logLevel>=10)console.error(...this.jsonify(u))}debug(...u){if(this.logLevel>=40)console.trace(...this.jsonify(u))}}var hu=M.fileURLToPath("file:///home/runner/work/cdk-cloudfront-auth/cdk-cloudfront-auth/src/handlers/util/config.ts"),Hu=$.dirname(hu);function E(){let t=process.env.LAMBDA_TASK_ROOT||Hu,r=$.join(t,"config.json");console.log("Loading config from",r);let n=JSON.parse(A.readFileSync(r,"utf-8")),f=`https://cognito-idp.${/^(\S+?)_\S+$/.exec(n.userPoolId)[1]}.amazonaws.com/${n.userPoolId}`,g=`${f}/.well-known/jwks.json`;return{nonceMaxAge:Number.parseInt(N.parse(n.cookieSettings.nonce.toLowerCase())["max-age"],10)||86400,...n,tokenIssuer:f,tokenJwksUri:g,logger:new j(a[n.logLevel])}}function Ru(u){return Object.entries(u).reduce((t,[r,n])=>Object.assign(t,{[r.toLowerCase()]:[{key:r,value:n}]}),{})}function au(u,t){let r=t?.cookies?{"set-cookie":t.cookies.map((n)=>({key:"set-cookie",value:n}))}:{};return{status:"307",statusDescription:"Temporary Redirect",headers:{location:[{key:"location",value:u}],...r}}}function ju(u){return{body:Fu(u),status:u.statusCode??"500",headers:{"content-type":[{key:"Content-Type",value:"text/html; charset=UTF-8"}]}}}function Fu(u){let t={...u,region:process.env.AWS_REGION};return J.replace(/\${([^}]*)}/g,(r,n)=>t[n]||"")}function U(u,t){if(!t)throw Error("Expected response value");return{...t,headers:{...t.headers??{},...Ru(u.httpHeaders)}}}function Eu(u){let t;return async(r)=>{if(!t)t=E();t.logger.debug("Handling event:",r);let n=U(t,await u(t,r));return t.logger.debug("Returning response:",n),n}}function V(u){let t;return async(r)=>{if(!t)t=E();t.logger.debug("Handling event:",r);let n=U(t,await u(t,r));return t.logger.debug("Returning response:",n),n}}var yu=V(async(u,t)=>t.Records[0].cf.response);