@lindorm/aegis 0.1.1 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +13 -0
- package/dist/classes/Aegis.d.ts +1 -1
- package/dist/classes/Aegis.d.ts.map +1 -1
- package/dist/classes/Aegis.js +4 -4
- package/dist/classes/Aegis.js.map +1 -1
- package/dist/classes/JweKit.d.ts.map +1 -1
- package/dist/classes/JweKit.js +17 -15
- package/dist/classes/JweKit.js.map +1 -1
- package/dist/classes/JwsKit.d.ts +0 -1
- package/dist/classes/JwsKit.d.ts.map +1 -1
- package/dist/classes/JwsKit.js +14 -10
- package/dist/classes/JwsKit.js.map +1 -1
- package/dist/classes/JwtKit.d.ts +1 -1
- package/dist/classes/JwtKit.d.ts.map +1 -1
- package/dist/classes/JwtKit.js +23 -16
- package/dist/classes/JwtKit.js.map +1 -1
- package/dist/classes/index.d.ts +0 -1
- package/dist/classes/index.d.ts.map +1 -1
- package/dist/classes/index.js +0 -1
- package/dist/classes/index.js.map +1 -1
- package/dist/constants/private/format.d.ts +1 -1
- package/dist/constants/private/format.d.ts.map +1 -1
- package/dist/constants/private/format.js +2 -2
- package/dist/constants/private/format.js.map +1 -1
- package/dist/errors/index.d.ts +0 -1
- package/dist/errors/index.d.ts.map +1 -1
- package/dist/errors/index.js +0 -1
- package/dist/errors/index.js.map +1 -1
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/mocks/create-mock-aegis.d.ts +3 -0
- package/dist/mocks/create-mock-aegis.d.ts.map +1 -0
- package/dist/mocks/create-mock-aegis.js +41 -0
- package/dist/mocks/create-mock-aegis.js.map +1 -0
- package/dist/mocks/index.d.ts +2 -0
- package/dist/mocks/index.d.ts.map +1 -0
- package/dist/mocks/index.js +18 -0
- package/dist/mocks/index.js.map +1 -0
- package/dist/types/aegis.d.ts +3 -3
- package/dist/types/aegis.d.ts.map +1 -1
- package/dist/types/header.d.ts +0 -1
- package/dist/types/header.d.ts.map +1 -1
- package/dist/types/index.d.ts +0 -2
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js +0 -2
- package/dist/types/index.js.map +1 -1
- package/dist/types/interfaces/index.d.ts +0 -1
- package/dist/types/interfaces/index.d.ts.map +1 -1
- package/dist/types/interfaces/index.js +0 -1
- package/dist/types/interfaces/index.js.map +1 -1
- package/dist/types/jwe/jwe-decrypt.d.ts +2 -1
- package/dist/types/jwe/jwe-decrypt.d.ts.map +1 -1
- package/dist/types/jws/jws-kit.d.ts +0 -1
- package/dist/types/jws/jws-kit.d.ts.map +1 -1
- package/dist/types/jws/jws-verify.d.ts +2 -2
- package/dist/types/jws/jws-verify.d.ts.map +1 -1
- package/dist/types/jwt/jwt-kit.d.ts +1 -1
- package/dist/types/jwt/jwt-kit.d.ts.map +1 -1
- package/dist/types/jwt/jwt-validate.d.ts +1 -4
- package/dist/types/jwt/jwt-validate.d.ts.map +1 -1
- package/dist/types/jwt/jwt-verify.d.ts +2 -1
- package/dist/types/jwt/jwt-verify.d.ts.map +1 -1
- package/dist/utils/private/create-hash.d.ts +4 -4
- package/dist/utils/private/create-hash.d.ts.map +1 -1
- package/dist/utils/private/create-hash.js +16 -16
- package/dist/utils/private/create-hash.js.map +1 -1
- package/dist/utils/private/create-token-signature.d.ts +1 -1
- package/dist/utils/private/create-token-signature.d.ts.map +1 -1
- package/dist/utils/private/create-token-signature.js +14 -14
- package/dist/utils/private/create-token-signature.js.map +1 -1
- package/dist/utils/private/jwt-payload.d.ts +3 -3
- package/dist/utils/private/jwt-payload.d.ts.map +1 -1
- package/dist/utils/private/jwt-payload.js +11 -11
- package/dist/utils/private/jwt-payload.js.map +1 -1
- package/dist/utils/private/jwt-validate.d.ts +1 -1
- package/dist/utils/private/jwt-validate.d.ts.map +1 -1
- package/dist/utils/private/jwt-validate.js +6 -6
- package/dist/utils/private/jwt-validate.js.map +1 -1
- package/dist/utils/private/jwt-verify.d.ts +1 -1
- package/dist/utils/private/jwt-verify.d.ts.map +1 -1
- package/dist/utils/private/jwt-verify.js +8 -8
- package/dist/utils/private/jwt-verify.js.map +1 -1
- package/dist/utils/private/token-header.d.ts +3 -3
- package/dist/utils/private/token-header.d.ts.map +1 -1
- package/dist/utils/private/token-header.js +8 -8
- package/dist/utils/private/token-header.js.map +1 -1
- package/dist/utils/private/token-type.d.ts +1 -1
- package/dist/utils/private/token-type.d.ts.map +1 -1
- package/dist/utils/private/token-type.js +4 -4
- package/dist/utils/private/token-type.js.map +1 -1
- package/dist/utils/private/validate-value.d.ts +1 -1
- package/dist/utils/private/validate-value.d.ts.map +1 -1
- package/dist/utils/private/validate-value.js +5 -5
- package/dist/utils/private/validate-value.js.map +1 -1
- package/dist/utils/private/validate.d.ts +1 -1
- package/dist/utils/private/validate.d.ts.map +1 -1
- package/dist/utils/private/validate.js +4 -4
- package/dist/utils/private/validate.js.map +1 -1
- package/dist/utils/private/verify-token-signature.d.ts +1 -1
- package/dist/utils/private/verify-token-signature.d.ts.map +1 -1
- package/dist/utils/private/verify-token-signature.js +14 -14
- package/dist/utils/private/verify-token-signature.js.map +1 -1
- package/package.json +17 -16
- package/dist/classes/AegisVault.d.ts +0 -24
- package/dist/classes/AegisVault.d.ts.map +0 -1
- package/dist/classes/AegisVault.js +0 -141
- package/dist/classes/AegisVault.js.map +0 -1
- package/dist/errors/AegisVaultError.d.ts +0 -4
- package/dist/errors/AegisVaultError.d.ts.map +0 -1
- package/dist/errors/AegisVaultError.js +0 -8
- package/dist/errors/AegisVaultError.js.map +0 -1
- package/dist/types/aegis-vault.d.ts +0 -29
- package/dist/types/aegis-vault.d.ts.map +0 -1
- package/dist/types/aegis-vault.js +0 -3
- package/dist/types/aegis-vault.js.map +0 -1
- package/dist/types/interfaces/aegis-vault.d.ts +0 -12
- package/dist/types/interfaces/aegis-vault.d.ts.map +0 -1
- package/dist/types/interfaces/aegis-vault.js +0 -3
- package/dist/types/interfaces/aegis-vault.js.map +0 -1
- package/dist/types/oidc.d.ts +0 -27
- package/dist/types/oidc.d.ts.map +0 -1
- package/dist/types/oidc.js +0 -3
- package/dist/types/oidc.js.map +0 -1
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { KryptosAlgorithm } from "@lindorm/kryptos";
|
|
2
2
|
import { Dict } from "@lindorm/types";
|
|
3
3
|
import { Operators, VerifyJwtOptions } from "../../types";
|
|
4
|
-
export declare const
|
|
4
|
+
export declare const createJwtVerify: (algorithm: KryptosAlgorithm, verify: VerifyJwtOptions, clockTolerance: number) => Dict<Operators>;
|
|
5
5
|
//# sourceMappingURL=jwt-verify.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-verify.d.ts","sourceRoot":"","sources":["../../../src/utils/private/jwt-verify.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AACtC,OAAO,EAAa,SAAS,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAwDrE,eAAO,MAAM,
|
|
1
|
+
{"version":3,"file":"jwt-verify.d.ts","sourceRoot":"","sources":["../../../src/utils/private/jwt-verify.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AACtC,OAAO,EAAa,SAAS,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAwDrE,eAAO,MAAM,eAAe,cACf,gBAAgB,UACnB,gBAAgB,kBACR,MAAM,KACrB,IAAI,CAAC,SAAS,CAoDhB,CAAC"}
|
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.createJwtVerify = void 0;
|
|
4
4
|
const date_1 = require("@lindorm/date");
|
|
5
5
|
const is_1 = require("@lindorm/is");
|
|
6
6
|
const create_hash_1 = require("./create-hash");
|
|
7
|
-
const
|
|
7
|
+
const mapVerify = (key) => {
|
|
8
8
|
switch (key) {
|
|
9
9
|
case "accessToken":
|
|
10
10
|
return "at_hash";
|
|
@@ -56,7 +56,7 @@ const _mapVerify = (key) => {
|
|
|
56
56
|
throw new Error(`Unsupported key: ${key}`);
|
|
57
57
|
}
|
|
58
58
|
};
|
|
59
|
-
const
|
|
59
|
+
const createJwtVerify = (algorithm, verify, clockTolerance) => {
|
|
60
60
|
const ops = {
|
|
61
61
|
iat: {
|
|
62
62
|
$or: [{ $exists: false }, { $beforeOrEq: (0, date_1.addSeconds)(new Date(), clockTolerance) }],
|
|
@@ -72,17 +72,17 @@ const _createJwtVerify = (algorithm, verify, clockTolerance) => {
|
|
|
72
72
|
},
|
|
73
73
|
};
|
|
74
74
|
for (const [key, value] of Object.entries(verify)) {
|
|
75
|
-
const mapped =
|
|
75
|
+
const mapped = mapVerify(key);
|
|
76
76
|
if (mapped === "at_hash" && (0, is_1.isString)(value)) {
|
|
77
|
-
ops[mapped] = { $eq: (0, create_hash_1.
|
|
77
|
+
ops[mapped] = { $eq: (0, create_hash_1.createAccessTokenHash)(algorithm, value) };
|
|
78
78
|
continue;
|
|
79
79
|
}
|
|
80
80
|
if (mapped === "c_hash" && (0, is_1.isString)(value)) {
|
|
81
|
-
ops[mapped] = { $eq: (0, create_hash_1.
|
|
81
|
+
ops[mapped] = { $eq: (0, create_hash_1.createCodeHash)(algorithm, value) };
|
|
82
82
|
continue;
|
|
83
83
|
}
|
|
84
84
|
if (mapped === "s_hash" && (0, is_1.isString)(value)) {
|
|
85
|
-
ops[mapped] = { $eq: (0, create_hash_1.
|
|
85
|
+
ops[mapped] = { $eq: (0, create_hash_1.createStateHash)(algorithm, value) };
|
|
86
86
|
continue;
|
|
87
87
|
}
|
|
88
88
|
if ((0, is_1.isArray)(value)) {
|
|
@@ -105,5 +105,5 @@ const _createJwtVerify = (algorithm, verify, clockTolerance) => {
|
|
|
105
105
|
}
|
|
106
106
|
return ops;
|
|
107
107
|
};
|
|
108
|
-
exports.
|
|
108
|
+
exports.createJwtVerify = createJwtVerify;
|
|
109
109
|
//# sourceMappingURL=jwt-verify.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-verify.js","sourceRoot":"","sources":["../../../src/utils/private/jwt-verify.ts"],"names":[],"mappings":";;;AAAA,wCAAuD;AACvD,oCAAoE;AAIpE,+
|
|
1
|
+
{"version":3,"file":"jwt-verify.js","sourceRoot":"","sources":["../../../src/utils/private/jwt-verify.ts"],"names":[],"mappings":";;;AAAA,wCAAuD;AACvD,oCAAoE;AAIpE,+CAAuF;AAEvF,MAAM,SAAS,GAAG,CAAC,GAA2B,EAAmB,EAAE;IACjE,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,aAAa;YAChB,OAAO,SAAS,CAAC;QACnB,KAAK,qBAAqB;YACxB,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,QAAQ,CAAC;QAClB,KAAK,kBAAkB;YACrB,OAAO,KAAK,CAAC;QACf,KAAK,YAAY;YACf,OAAO,KAAK,CAAC;QACf,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,iBAAiB;YACpB,OAAO,KAAK,CAAC;QACf,KAAK,WAAW;YACd,OAAO,QAAQ,CAAC;QAClB,KAAK,UAAU;YACb,OAAO,WAAW,CAAC;QACrB,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,WAAW;YACd,OAAO,KAAK,CAAC;QACf,KAAK,QAAQ;YACX,OAAO,KAAK,CAAC;QACf,KAAK,kBAAkB;YACrB,OAAO,KAAK,CAAC;QACf,KAAK,OAAO;YACV,OAAO,OAAO,CAAC;QACjB,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,OAAO;YACV,OAAO,KAAK,CAAC;QACf,KAAK,OAAO;YACV,OAAO,KAAK,CAAC;QACf,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,SAAS;YACZ,OAAO,KAAK,CAAC;QACf,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,WAAW;YACd,OAAO,YAAY,CAAC;QACtB;YACE,MAAM,IAAI,KAAK,CAAC,oBAAoB,GAAG,EAAE,CAAC,CAAC;IAC/C,CAAC;AACH,CAAC,CAAC;AAEK,MAAM,eAAe,GAAG,CAC7B,SAA2B,EAC3B,MAAwB,EACxB,cAAsB,EACL,EAAE;IACnB,MAAM,GAAG,GAAgD;QACvD,GAAG,EAAE;YACH,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,WAAW,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SACnF;QACD,GAAG,EAAE;YACH,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,WAAW,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SACnF;QACD,GAAG,EAAE;YACH,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,UAAU,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAClF;QACD,SAAS,EAAE;YACT,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,WAAW,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SACnF;KACF,CAAC;IAEF,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,MAAM,MAAM,GAAG,SAAS,CAAC,GAA6B,CAAC,CAAC;QAExD,IAAI,MAAM,KAAK,SAAS,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAC5C,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,IAAA,mCAAqB,EAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAC/D,SAAS;QACX,CAAC;QACD,IAAI,MAAM,KAAK,QAAQ,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAC3C,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,IAAA,4BAAc,EAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YACxD,SAAS;QACX,CAAC;QACD,IAAI,MAAM,KAAK,QAAQ,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAC3C,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,IAAA,6BAAe,EAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YACzD,SAAS;QACX,CAAC;QACD,IAAI,IAAA,YAAO,EAAS,KAAK,CAAC,EAAE,CAAC;YAC3B,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;YAC9B,SAAS;QACX,CAAC;QACD,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACpB,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;YAC7B,SAAS;QACX,CAAC;QACD,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACpB,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;YAC7B,SAAS;QACX,CAAC;QACD,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACpB,GAAG,CAAC,MAAM,CAAC,GAAG,KAAkB,CAAC;YACjC,SAAS;QACX,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,sBAAsB,KAAK,aAAa,GAAG,EAAE,CAAC,CAAC;IACjE,CAAC;IAED,OAAO,GAAG,CAAC;AACb,CAAC,CAAC;AAxDW,QAAA,eAAe,mBAwD1B"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { DecodedTokenHeader, ParsedTokenHeader, TokenHeaderSignOptions } from "../../types";
|
|
2
|
-
export declare const
|
|
3
|
-
export declare const
|
|
4
|
-
export declare const
|
|
2
|
+
export declare const encodeTokenHeader: (header: TokenHeaderSignOptions) => string;
|
|
3
|
+
export declare const decodeTokenHeader: (header: string) => DecodedTokenHeader;
|
|
4
|
+
export declare const parseTokenHeader: <T extends ParsedTokenHeader = ParsedTokenHeader>(decoded: DecodedTokenHeader) => T;
|
|
5
5
|
//# sourceMappingURL=token-header.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token-header.d.ts","sourceRoot":"","sources":["../../../src/utils/private/token-header.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,kBAAkB,EAClB,iBAAiB,EAGjB,sBAAsB,EAEvB,MAAM,aAAa,CAAC;AAsCrB,eAAO,MAAM,
|
|
1
|
+
{"version":3,"file":"token-header.d.ts","sourceRoot":"","sources":["../../../src/utils/private/token-header.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,kBAAkB,EAClB,iBAAiB,EAGjB,sBAAsB,EAEvB,MAAM,aAAa,CAAC;AAsCrB,eAAO,MAAM,iBAAiB,WAAY,sBAAsB,KAAG,MAyFlE,CAAC;AAEF,eAAO,MAAM,iBAAiB,WAAY,MAAM,KAAG,kBAkBlD,CAAC;AAEF,eAAO,MAAM,gBAAgB,GAAI,CAAC,SAAS,iBAAiB,+BACjD,kBAAkB,KAC1B,CAoEF,CAAC"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.parseTokenHeader = exports.decodeTokenHeader = exports.encodeTokenHeader = void 0;
|
|
4
4
|
const b64_1 = require("@lindorm/b64");
|
|
5
5
|
const is_1 = require("@lindorm/is");
|
|
6
6
|
const utils_1 = require("@lindorm/utils");
|
|
@@ -39,7 +39,7 @@ const ALGS = [
|
|
|
39
39
|
"RSA-OAEP-512",
|
|
40
40
|
];
|
|
41
41
|
const TYPES = ["JWE", "JWS", "JWT"];
|
|
42
|
-
const
|
|
42
|
+
const encodeTokenHeader = (header) => {
|
|
43
43
|
if (!header.algorithm) {
|
|
44
44
|
throw new Error("Algorithm is required");
|
|
45
45
|
}
|
|
@@ -124,10 +124,10 @@ const _encodeTokenHeader = (header) => {
|
|
|
124
124
|
x5u: (0, is_1.isString)(header.x5u) ? header.x5u : undefined,
|
|
125
125
|
"x5t#S256": (0, is_1.isString)(header.x5tS256) ? header.x5tS256 : undefined,
|
|
126
126
|
});
|
|
127
|
-
return b64_1.B64.encode(JSON.stringify(claims), format_1.
|
|
127
|
+
return b64_1.B64.encode(JSON.stringify(claims), format_1.B64U);
|
|
128
128
|
};
|
|
129
|
-
exports.
|
|
130
|
-
const
|
|
129
|
+
exports.encodeTokenHeader = encodeTokenHeader;
|
|
130
|
+
const decodeTokenHeader = (header) => {
|
|
131
131
|
const string = b64_1.B64.toString(header);
|
|
132
132
|
const json = JSON.parse(string);
|
|
133
133
|
if (!json.alg) {
|
|
@@ -144,8 +144,8 @@ const _decodeTokenHeader = (header) => {
|
|
|
144
144
|
}
|
|
145
145
|
return json;
|
|
146
146
|
};
|
|
147
|
-
exports.
|
|
148
|
-
const
|
|
147
|
+
exports.decodeTokenHeader = decodeTokenHeader;
|
|
148
|
+
const parseTokenHeader = (decoded) => {
|
|
149
149
|
const critical = decoded.crit
|
|
150
150
|
?.map((key) => {
|
|
151
151
|
switch (key) {
|
|
@@ -212,5 +212,5 @@ const _parseTokenHeader = (decoded) => {
|
|
|
212
212
|
x5tS256: decoded["x5t#S256"],
|
|
213
213
|
};
|
|
214
214
|
};
|
|
215
|
-
exports.
|
|
215
|
+
exports.parseTokenHeader = parseTokenHeader;
|
|
216
216
|
//# sourceMappingURL=token-header.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token-header.js","sourceRoot":"","sources":["../../../src/utils/private/token-header.ts"],"names":[],"mappings":";;;AAAA,sCAAmC;AACnC,oCAAgF;AAChF,0CAAiD;AACjD,
|
|
1
|
+
{"version":3,"file":"token-header.js","sourceRoot":"","sources":["../../../src/utils/private/token-header.ts"],"names":[],"mappings":";;;AAAA,sCAAmC;AACnC,oCAAgF;AAChF,0CAAiD;AACjD,2DAAsD;AAUtD,MAAM,IAAI,GAAgC;IACxC,KAAK;IACL,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,WAAW;IACX,WAAW;IACX,WAAW;IACX,SAAS;IACT,gBAAgB;IAChB,gBAAgB;IAChB,gBAAgB;IAChB,mBAAmB;IACnB,mBAAmB;IACnB,mBAAmB;IACnB,OAAO;IACP,OAAO;IACP,OAAO;IACP,OAAO;IACP,OAAO;IACP,OAAO;IACP,OAAO;IACP,oBAAoB;IACpB,oBAAoB;IACpB,oBAAoB;IACpB,OAAO;IACP,OAAO;IACP,OAAO;IACP,UAAU;IACV,cAAc;IACd,cAAc;IACd,cAAc;CACN,CAAC;AAEX,MAAM,KAAK,GAA2B,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,CAAU,CAAC;AAE9D,MAAM,iBAAiB,GAAG,CAAC,MAA8B,EAAU,EAAE;IAC1E,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAC3C,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CAAC,sBAAsB,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;IAC5D,CAAC;IACD,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IACD,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,wBAAwB,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;IAC/D,CAAC;IACD,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACxC,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ;QAC1B,EAAE,GAAG,CAAC,CAAC,GAAG,EAAwD,EAAE;QAClE,QAAQ,GAAG,EAAE,CAAC;YACZ,KAAK,WAAW;gBACd,OAAO,KAAK,CAAC;YACf,KAAK,aAAa;gBAChB,OAAO,KAAK,CAAC;YACf,KAAK,YAAY;gBACf,OAAO,KAAK,CAAC;YACf,KAAK,YAAY;gBACf,OAAO,KAAK,CAAC;YACf,KAAK,UAAU;gBACb,OAAO,WAAW,CAAC;YACrB,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,SAAS;gBACZ,OAAO,KAAK,CAAC;YACf,KAAK,OAAO;gBACV,OAAO,KAAK,CAAC;YACf,KAAK,UAAU;gBACb,OAAO,KAAK,CAAC;YACf,KAAK,iBAAiB;gBACpB,OAAO,KAAK,CAAC;YACf,KAAK,WAAW;gBACd,OAAO,KAAK,CAAC;YACf,KAAK,oBAAoB;gBACvB,OAAO,IAAI,CAAC;YACd,KAAK,qBAAqB;gBACxB,OAAO,KAAK,CAAC;YACf,KAAK,qBAAqB;gBACxB,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,SAAS;gBACZ,OAAO,UAAU,CAAC;YACpB;gBACE,OAAO,SAAS,CAAC;QACrB,CAAC;IACH,CAAC,CAAC;SACD,MAAM,CAAC,aAAQ,CAA8B,CAAC;IAEjD,MAAM,MAAM,GAAsB,IAAA,uBAAe,EAAC;QAChD,GAAG,EAAE,MAAM,CAAC,SAAS;QACrB,IAAI;QACJ,GAAG,EAAE,MAAM,CAAC,WAAW;QACvB,GAAG,EAAE,IAAA,aAAQ,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;QAChE,GAAG,EAAE,IAAA,aAAQ,EAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS;QAClF,SAAS,EAAE,IAAA,aAAQ,EAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAG,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;QAC9E,EAAE,EAAE,IAAA,aAAQ,EAAC,MAAM,CAAC,kBAAkB,CAAC;YACrC,CAAC,CAAC,SAAG,CAAC,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC;YACvC,CAAC,CAAC,SAAS;QACb,GAAG,EAAE,IAAA,cAAS,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;QAC3D,GAAG,EAAE,IAAA,aAAQ,EAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QAClD,GAAG,EAAE,MAAM,CAAC,KAAK;QACjB,GAAG,EAAE,IAAA,aAAQ,EAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;QAC5D,GAAG,EAAE,IAAA,aAAQ,EAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS;QAC1E,GAAG,EAAE,IAAA,aAAQ,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAG,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS;QAC1E,GAAG,EAAE,IAAA,aAAQ,EAAC,MAAM,CAAC,mBAAmB,CAAC;YACvC,CAAC,CAAC,SAAG,CAAC,MAAM,CAAC,MAAM,CAAC,mBAAmB,CAAC;YACxC,CAAC,CAAC,SAAS;QACb,GAAG,EAAE,MAAM,CAAC,UAAU;QACtB,GAAG,EAAE,IAAA,aAAQ,EAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QAClD,GAAG,EAAE,IAAA,aAAQ,EAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QAClD,GAAG,EAAE,IAAA,aAAQ,EAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QAClD,UAAU,EAAE,IAAA,aAAQ,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;KAClE,CAAC,CAAC;IAEH,OAAO,SAAG,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,aAAI,CAAC,CAAC;AAClD,CAAC,CAAC;AAzFW,QAAA,iBAAiB,qBAyF5B;AAEK,MAAM,iBAAiB,GAAG,CAAC,MAAc,EAAsB,EAAE;IACtE,MAAM,MAAM,GAAG,SAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACpC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAA+B,CAAC;IAE9D,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/C,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAC5D,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/C,CAAC;IACD,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAC5D,CAAC;IAED,OAAO,IAA0B,CAAC;AACpC,CAAC,CAAC;AAlBW,QAAA,iBAAiB,qBAkB5B;AAEK,MAAM,gBAAgB,GAAG,CAC9B,OAA2B,EACxB,EAAE;IACL,MAAM,QAAQ,GACX,OAAO,CAAC,IAAI;QACX,EAAE,GAAG,CAAC,CAAC,GAAG,EAAwD,EAAE;QAClE,QAAQ,GAAG,EAAE,CAAC;YACZ,KAAK,KAAK;gBACR,OAAO,WAAW,CAAC;YACrB,KAAK,KAAK;gBACR,OAAO,aAAa,CAAC;YACvB,KAAK,KAAK;gBACR,OAAO,YAAY,CAAC;YACtB,KAAK,KAAK;gBACR,OAAO,qBAAqB,CAAC;YAC/B,KAAK,WAAW;gBACd,OAAO,UAAU,CAAC;YACpB,KAAK,IAAI;gBACP,OAAO,oBAAoB,CAAC;YAC9B,KAAK,KAAK;gBACR,OAAO,SAAS,CAAC;YACnB,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,OAAO,CAAC;YACjB,KAAK,KAAK;gBACR,OAAO,UAAU,CAAC;YACpB,KAAK,KAAK;gBACR,OAAO,iBAAiB,CAAC;YAC3B,KAAK,KAAK;gBACR,OAAO,WAAW,CAAC;YACrB,KAAK,KAAK;gBACR,OAAO,qBAAqB,CAAC;YAC/B,KAAK,KAAK;gBACR,OAAO,YAAY,CAAC;YACtB,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,UAAU;gBACb,OAAO,SAAS,CAAC;YACnB;gBACE,OAAO,SAAS,CAAC;QACrB,CAAC;IACH,CAAC,CAAC;SACD,MAAM,CAAC,aAAQ,CAAmC,IAAI,EAAE,CAAC;IAE9D,OAAO;QACL,SAAS,EAAE,OAAO,CAAC,GAAG;QACtB,WAAW,EAAE,OAAO,CAAC,GAAG;QACxB,QAAQ;QACR,UAAU,EAAE,OAAO,CAAC,GAAG;QACvB,UAAU,EAAE,OAAO,CAAC,GAAG;QACvB,QAAQ,EAAE,OAAO,CAAC,SAAS;QAC3B,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,OAAO,EAAE,OAAO,CAAC,GAAG;QACpB,KAAK,EAAE,OAAO,CAAC,GAAG;QAClB,QAAQ,EAAE,OAAO,CAAC,GAAG;QACrB,eAAe,EAAE,OAAO,CAAC,GAAG;QAC5B,SAAS,EAAE,OAAO,CAAC,GAAG;QACtB,kBAAkB,EAAE,OAAO,CAAC,EAAE;QAC9B,mBAAmB,EAAE,OAAO,CAAC,GAAG;QAChC,mBAAmB,EAAE,OAAO,CAAC,GAAG;QAChC,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,OAAO,EAAE,OAAO,CAAC,UAAU,CAAC;KACxB,CAAC;AACT,CAAC,CAAC;AAtEW,QAAA,gBAAgB,oBAsE3B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token-type.d.ts","sourceRoot":"","sources":["../../../src/utils/private/token-type.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAG9C,eAAO,MAAM,
|
|
1
|
+
{"version":3,"file":"token-type.d.ts","sourceRoot":"","sources":["../../../src/utils/private/token-type.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAG9C,eAAO,MAAM,eAAe,UAAW,MAAM,KAAG,eAI/C,CAAC"}
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.decodeTokenType = void 0;
|
|
4
4
|
const token_header_1 = require("./token-header");
|
|
5
|
-
const
|
|
5
|
+
const decodeTokenType = (token) => {
|
|
6
6
|
const [head] = token.split(".");
|
|
7
|
-
const header = (0, token_header_1.
|
|
7
|
+
const header = (0, token_header_1.decodeTokenHeader)(head);
|
|
8
8
|
return header.typ;
|
|
9
9
|
};
|
|
10
|
-
exports.
|
|
10
|
+
exports.decodeTokenType = decodeTokenType;
|
|
11
11
|
//# sourceMappingURL=token-type.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token-type.js","sourceRoot":"","sources":["../../../src/utils/private/token-type.ts"],"names":[],"mappings":";;;AACA,
|
|
1
|
+
{"version":3,"file":"token-type.js","sourceRoot":"","sources":["../../../src/utils/private/token-type.ts"],"names":[],"mappings":";;;AACA,iDAAmD;AAE5C,MAAM,eAAe,GAAG,CAAC,KAAa,EAAmB,EAAE;IAChE,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAChC,MAAM,MAAM,GAAG,IAAA,gCAAiB,EAAC,IAAI,CAAC,CAAC;IACvC,OAAO,MAAM,CAAC,GAAG,CAAC;AACpB,CAAC,CAAC;AAJW,QAAA,eAAe,mBAI1B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validate-value.d.ts","sourceRoot":"","sources":["../../../src/utils/private/validate-value.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAExC,eAAO,MAAM,
|
|
1
|
+
{"version":3,"file":"validate-value.d.ts","sourceRoot":"","sources":["../../../src/utils/private/validate-value.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAExC,eAAO,MAAM,aAAa,UAAW,GAAG,aAAa,SAAS,KAAG,OA2HhE,CAAC"}
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.validateValue = void 0;
|
|
4
4
|
const date_1 = require("@lindorm/date");
|
|
5
5
|
const is_1 = require("@lindorm/is");
|
|
6
|
-
const
|
|
6
|
+
const validateValue = (value, operators) => {
|
|
7
7
|
if (operators.$exists === true && !value) {
|
|
8
8
|
return false;
|
|
9
9
|
}
|
|
@@ -79,13 +79,13 @@ const _validateValue = (value, operators) => {
|
|
|
79
79
|
(!(0, is_1.isString)(value) || !new RegExp(operators.$regex).test(value))) {
|
|
80
80
|
return false;
|
|
81
81
|
}
|
|
82
|
-
if (operators.$and && !operators.$and.every((op) => (0, exports.
|
|
82
|
+
if (operators.$and && !operators.$and.every((op) => (0, exports.validateValue)(value, op))) {
|
|
83
83
|
return false;
|
|
84
84
|
}
|
|
85
|
-
if (operators.$or && !operators.$or.some((op) => (0, exports.
|
|
85
|
+
if (operators.$or && !operators.$or.some((op) => (0, exports.validateValue)(value, op))) {
|
|
86
86
|
return false;
|
|
87
87
|
}
|
|
88
88
|
return true;
|
|
89
89
|
};
|
|
90
|
-
exports.
|
|
90
|
+
exports.validateValue = validateValue;
|
|
91
91
|
//# sourceMappingURL=validate-value.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validate-value.js","sourceRoot":"","sources":["../../../src/utils/private/validate-value.ts"],"names":[],"mappings":";;;AAAA,wCAA2D;AAC3D,oCAAkE;AAG3D,MAAM,
|
|
1
|
+
{"version":3,"file":"validate-value.js","sourceRoot":"","sources":["../../../src/utils/private/validate-value.ts"],"names":[],"mappings":";;;AAAA,wCAA2D;AAC3D,oCAAkE;AAG3D,MAAM,aAAa,GAAG,CAAC,KAAU,EAAE,SAAoB,EAAW,EAAE;IACzE,IAAI,SAAS,CAAC,OAAO,KAAK,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACzC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,SAAS,CAAC,OAAO,KAAK,KAAK,IAAI,KAAK,EAAE,CAAC;QACzC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,SAAS,CAAC,GAAG,EAAE,CAAC;QAClB,IAAI,IAAA,WAAM,EAAC,KAAK,CAAC,IAAI,CAAC,IAAA,cAAO,EAAC,KAAK,EAAE,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC;YACpD,OAAO,KAAK,CAAC;QACf,CAAC;aAAM,IAAI,KAAK,KAAK,SAAS,CAAC,GAAG,EAAE,CAAC;YACnC,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,IAAI,SAAS,CAAC,GAAG,EAAE,CAAC;QAClB,IAAI,IAAA,WAAM,EAAC,KAAK,CAAC,IAAI,IAAA,cAAO,EAAC,KAAK,EAAE,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC;YACnD,OAAO,KAAK,CAAC;QACf,CAAC;aAAM,IAAI,KAAK,KAAK,SAAS,CAAC,GAAG,EAAE,CAAC;YACnC,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,IAAI,SAAS,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACpD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACrD,OAAO,KAAK,CAAC;IACf,CAAC;IAID,IAAI,SAAS,CAAC,IAAI,IAAI,CAAC,CAAC,IAAA,YAAO,EAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;QAC3E,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,SAAS,CAAC,IAAI,IAAI,CAAC,CAAC,IAAA,YAAO,EAAC,KAAK,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;QAC1E,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IACE,SAAS,CAAC,IAAI;QACd,CAAC,CAAC,IAAA,YAAO,EAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,EACpE,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IACE,SAAS,CAAC,IAAI;QACd,CAAC,CAAC,IAAA,YAAO,EAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,EACnE,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IACE,SAAS,CAAC,KAAK;QACf,CAAC,CAAC,IAAA,YAAO,EAAC,KAAK,CAAC,IAAI,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,EACnE,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAID,IAAI,SAAS,CAAC,OAAO,IAAI,CAAC,CAAC,IAAA,WAAM,EAAC,KAAK,CAAC,IAAI,CAAC,IAAA,eAAQ,EAAC,KAAK,EAAE,SAAS,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;QACjF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IACE,SAAS,CAAC,WAAW;QACrB,CAAC,CAAC,IAAA,WAAM,EAAC,KAAK,CAAC,IAAI,IAAA,cAAO,EAAC,KAAK,EAAE,SAAS,CAAC,WAAW,CAAC,CAAC,EACzD,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,SAAS,CAAC,MAAM,IAAI,CAAC,CAAC,IAAA,WAAM,EAAC,KAAK,CAAC,IAAI,CAAC,IAAA,cAAO,EAAC,KAAK,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;QAC9E,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,SAAS,CAAC,UAAU,IAAI,CAAC,CAAC,IAAA,WAAM,EAAC,KAAK,CAAC,IAAI,IAAA,eAAQ,EAAC,KAAK,EAAE,SAAS,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;QACtF,OAAO,KAAK,CAAC;IACf,CAAC;IAID,IAAI,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,IAAA,aAAQ,EAAC,KAAK,CAAC,IAAI,SAAS,CAAC,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC;QAClE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,SAAS,CAAC,IAAI,IAAI,CAAC,CAAC,IAAA,aAAQ,EAAC,KAAK,CAAC,IAAI,SAAS,CAAC,IAAI,GAAG,KAAK,CAAC,EAAE,CAAC;QACnE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,IAAA,aAAQ,EAAC,KAAK,CAAC,IAAI,SAAS,CAAC,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC;QAClE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,SAAS,CAAC,IAAI,IAAI,CAAC,CAAC,IAAA,aAAQ,EAAC,KAAK,CAAC,IAAI,SAAS,CAAC,IAAI,GAAG,KAAK,CAAC,EAAE,CAAC;QACnE,OAAO,KAAK,CAAC;IACf,CAAC;IAID,IACE,SAAS,CAAC,MAAM;QAChB,CAAC,CAAC,IAAA,aAAQ,EAAC,KAAK,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAC/D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAID,IAAI,SAAS,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAA,qBAAa,EAAC,KAAK,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC;QAC9E,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,SAAS,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAA,qBAAa,EAAC,KAAK,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC;QAC3E,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AA3HW,QAAA,aAAa,iBA2HxB"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
1
|
import { Dict } from "@lindorm/types";
|
|
2
2
|
import { Operators } from "../../types";
|
|
3
|
-
export declare const
|
|
3
|
+
export declare const validate: <C extends Dict = Dict>(dict: C, operators: Dict<Operators>) => void;
|
|
4
4
|
//# sourceMappingURL=validate.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../../src/utils/private/validate.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AACtC,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAGxC,eAAO,MAAM,SAAS,
|
|
1
|
+
{"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../../src/utils/private/validate.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AACtC,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAGxC,eAAO,MAAM,QAAQ,GAAI,CAAC,SAAS,IAAI,eAC/B,CAAC,aACI,IAAI,CAAC,SAAS,CAAC,KACzB,IAcF,CAAC"}
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.validate = void 0;
|
|
4
4
|
const errors_1 = require("@lindorm/errors");
|
|
5
5
|
const validate_value_1 = require("./validate-value");
|
|
6
|
-
const
|
|
6
|
+
const validate = (dict, operators) => {
|
|
7
7
|
const invalid = [];
|
|
8
8
|
for (const [key, ops] of Object.entries(operators)) {
|
|
9
9
|
const value = dict[key];
|
|
10
|
-
if ((0, validate_value_1.
|
|
10
|
+
if ((0, validate_value_1.validateValue)(value, ops))
|
|
11
11
|
continue;
|
|
12
12
|
invalid.push({ key, value, ops });
|
|
13
13
|
}
|
|
@@ -15,5 +15,5 @@ const _validate = (dict, operators) => {
|
|
|
15
15
|
throw new errors_1.LindormError("Invalid token", { data: { invalid } });
|
|
16
16
|
}
|
|
17
17
|
};
|
|
18
|
-
exports.
|
|
18
|
+
exports.validate = validate;
|
|
19
19
|
//# sourceMappingURL=validate.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../src/utils/private/validate.ts"],"names":[],"mappings":";;;AAAA,4CAA+C;AAG/C,
|
|
1
|
+
{"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../src/utils/private/validate.ts"],"names":[],"mappings":";;;AAAA,4CAA+C;AAG/C,qDAAiD;AAE1C,MAAM,QAAQ,GAAG,CACtB,IAAO,EACP,SAA0B,EACpB,EAAE;IACR,MAAM,OAAO,GAAuD,EAAE,CAAC;IAEvE,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QACnD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;QAExB,IAAI,IAAA,8BAAa,EAAC,KAAK,EAAE,GAAG,CAAC;YAAE,SAAS;QAExC,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;IACpC,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,MAAM,IAAI,qBAAY,CAAC,eAAe,EAAE,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,EAAE,CAAC,CAAC;IACjE,CAAC;AACH,CAAC,CAAC;AAjBW,QAAA,QAAQ,YAiBnB"}
|
|
@@ -1,3 +1,3 @@
|
|
|
1
1
|
import { IKryptos } from "@lindorm/kryptos";
|
|
2
|
-
export declare const
|
|
2
|
+
export declare const verifyTokenSignature: (kryptos: IKryptos, token: string) => boolean;
|
|
3
3
|
//# sourceMappingURL=verify-token-signature.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify-token-signature.d.ts","sourceRoot":"","sources":["../../../src/utils/private/verify-token-signature.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AA2B5C,eAAO,MAAM,
|
|
1
|
+
{"version":3,"file":"verify-token-signature.d.ts","sourceRoot":"","sources":["../../../src/utils/private/verify-token-signature.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AA2B5C,eAAO,MAAM,oBAAoB,YAAa,QAAQ,SAAS,MAAM,KAAG,OAoBvE,CAAC"}
|
|
@@ -1,43 +1,43 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.verifyTokenSignature = void 0;
|
|
4
4
|
const ec_1 = require("@lindorm/ec");
|
|
5
5
|
const oct_1 = require("@lindorm/oct");
|
|
6
6
|
const okp_1 = require("@lindorm/okp");
|
|
7
7
|
const rsa_1 = require("@lindorm/rsa");
|
|
8
8
|
const format_1 = require("../../constants/private/format");
|
|
9
9
|
const errors_1 = require("../../errors");
|
|
10
|
-
const
|
|
10
|
+
const verifyEc = (kryptos, data, signature) => {
|
|
11
11
|
const kit = new ec_1.EcKit({ kryptos, format: "raw" });
|
|
12
12
|
return kit.verify(data, signature);
|
|
13
13
|
};
|
|
14
|
-
const
|
|
15
|
-
const kit = new oct_1.OctKit({ kryptos, format: format_1.
|
|
14
|
+
const verifyOct = (kryptos, data, signature) => {
|
|
15
|
+
const kit = new oct_1.OctKit({ kryptos, format: format_1.B64U });
|
|
16
16
|
return kit.verify(data, signature);
|
|
17
17
|
};
|
|
18
|
-
const
|
|
19
|
-
const kit = new okp_1.OkpKit({ kryptos, format: format_1.
|
|
18
|
+
const verifyOkp = (kryptos, data, signature) => {
|
|
19
|
+
const kit = new okp_1.OkpKit({ kryptos, format: format_1.B64U });
|
|
20
20
|
return kit.verify(data, signature);
|
|
21
21
|
};
|
|
22
|
-
const
|
|
23
|
-
const kit = new rsa_1.RsaKit({ kryptos, format: format_1.
|
|
22
|
+
const verifyRsa = (kryptos, data, signature) => {
|
|
23
|
+
const kit = new rsa_1.RsaKit({ kryptos, format: format_1.B64U });
|
|
24
24
|
return kit.verify(data, signature);
|
|
25
25
|
};
|
|
26
|
-
const
|
|
26
|
+
const verifyTokenSignature = (kryptos, token) => {
|
|
27
27
|
const [header, payload, signature] = token.split(".");
|
|
28
28
|
const data = `${header}.${payload}`;
|
|
29
29
|
switch (kryptos.type) {
|
|
30
30
|
case "EC":
|
|
31
|
-
return
|
|
31
|
+
return verifyEc(kryptos, data, signature);
|
|
32
32
|
case "oct":
|
|
33
|
-
return
|
|
33
|
+
return verifyOct(kryptos, data, signature);
|
|
34
34
|
case "OKP":
|
|
35
|
-
return
|
|
35
|
+
return verifyOkp(kryptos, data, signature);
|
|
36
36
|
case "RSA":
|
|
37
|
-
return
|
|
37
|
+
return verifyRsa(kryptos, data, signature);
|
|
38
38
|
default:
|
|
39
39
|
throw new errors_1.JwtError("Unsupported algorithm");
|
|
40
40
|
}
|
|
41
41
|
};
|
|
42
|
-
exports.
|
|
42
|
+
exports.verifyTokenSignature = verifyTokenSignature;
|
|
43
43
|
//# sourceMappingURL=verify-token-signature.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify-token-signature.js","sourceRoot":"","sources":["../../../src/utils/private/verify-token-signature.ts"],"names":[],"mappings":";;;AAAA,oCAAoC;AAEpC,sCAAsC;AACtC,sCAAsC;AACtC,sCAAsC;AACtC,
|
|
1
|
+
{"version":3,"file":"verify-token-signature.js","sourceRoot":"","sources":["../../../src/utils/private/verify-token-signature.ts"],"names":[],"mappings":";;;AAAA,oCAAoC;AAEpC,sCAAsC;AACtC,sCAAsC;AACtC,sCAAsC;AACtC,2DAAsD;AACtD,yCAAwC;AAExC,MAAM,QAAQ,GAAG,CAAC,OAAiB,EAAE,IAAY,EAAE,SAAiB,EAAW,EAAE;IAC/E,MAAM,GAAG,GAAG,IAAI,UAAK,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IAClD,OAAO,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;AACrC,CAAC,CAAC;AAEF,MAAM,SAAS,GAAG,CAAC,OAAiB,EAAE,IAAY,EAAE,SAAiB,EAAW,EAAE;IAChF,MAAM,GAAG,GAAG,IAAI,YAAM,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,aAAI,EAAE,CAAC,CAAC;IAClD,OAAO,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;AACrC,CAAC,CAAC;AAEF,MAAM,SAAS,GAAG,CAAC,OAAiB,EAAE,IAAY,EAAE,SAAiB,EAAW,EAAE;IAChF,MAAM,GAAG,GAAG,IAAI,YAAM,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,aAAI,EAAE,CAAC,CAAC;IAClD,OAAO,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;AACrC,CAAC,CAAC;AAEF,MAAM,SAAS,GAAG,CAAC,OAAiB,EAAE,IAAY,EAAE,SAAiB,EAAW,EAAE;IAChF,MAAM,GAAG,GAAG,IAAI,YAAM,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,aAAI,EAAE,CAAC,CAAC;IAClD,OAAO,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;AACrC,CAAC,CAAC;AAEK,MAAM,oBAAoB,GAAG,CAAC,OAAiB,EAAE,KAAa,EAAW,EAAE;IAChF,MAAM,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACtD,MAAM,IAAI,GAAG,GAAG,MAAM,IAAI,OAAO,EAAE,CAAC;IAEpC,QAAQ,OAAO,CAAC,IAAI,EAAE,CAAC;QACrB,KAAK,IAAI;YACP,OAAO,QAAQ,CAAC,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QAE5C,KAAK,KAAK;YACR,OAAO,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QAE7C,KAAK,KAAK;YACR,OAAO,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QAE7C,KAAK,KAAK;YACR,OAAO,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QAE7C;YACE,MAAM,IAAI,iBAAQ,CAAC,uBAAuB,CAAC,CAAC;IAChD,CAAC;AACH,CAAC,CAAC;AApBW,QAAA,oBAAoB,wBAoB/B"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@lindorm/aegis",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.2.1",
|
|
4
4
|
"license": "AGPL-3.0-or-later",
|
|
5
5
|
"author": "Jonn Nilsson",
|
|
6
6
|
"repository": {
|
|
@@ -26,24 +26,25 @@
|
|
|
26
26
|
"update": "ncu -u"
|
|
27
27
|
},
|
|
28
28
|
"dependencies": {
|
|
29
|
-
"@lindorm/aes": "^0.3.
|
|
30
|
-
"@lindorm/
|
|
31
|
-
"@lindorm/
|
|
32
|
-
"@lindorm/
|
|
33
|
-
"@lindorm/
|
|
34
|
-
"@lindorm/
|
|
35
|
-
"@lindorm/
|
|
36
|
-
"@lindorm/
|
|
37
|
-
"@lindorm/
|
|
38
|
-
"@lindorm/
|
|
39
|
-
"@lindorm/
|
|
40
|
-
"@lindorm/
|
|
29
|
+
"@lindorm/aes": "^0.3.1",
|
|
30
|
+
"@lindorm/amphora": "^0.1.2",
|
|
31
|
+
"@lindorm/b64": "^0.1.3",
|
|
32
|
+
"@lindorm/conduit": "^0.1.5",
|
|
33
|
+
"@lindorm/date": "^0.1.4",
|
|
34
|
+
"@lindorm/ec": "^0.1.3",
|
|
35
|
+
"@lindorm/errors": "^0.1.6",
|
|
36
|
+
"@lindorm/is": "^0.1.6",
|
|
37
|
+
"@lindorm/kryptos": "^0.3.2",
|
|
38
|
+
"@lindorm/oct": "^0.1.3",
|
|
39
|
+
"@lindorm/okp": "^0.1.3",
|
|
40
|
+
"@lindorm/rsa": "^0.1.4",
|
|
41
|
+
"@lindorm/utils": "^0.2.0"
|
|
41
42
|
},
|
|
42
43
|
"devDependencies": {
|
|
43
|
-
"@lindorm/logger": "^0.
|
|
44
|
-
"@lindorm/types": "^0.
|
|
44
|
+
"@lindorm/logger": "^0.2.0",
|
|
45
|
+
"@lindorm/types": "^0.2.0",
|
|
45
46
|
"@types/jsonwebtoken": "^9.0.6",
|
|
46
47
|
"jsonwebtoken": "^9.0.2"
|
|
47
48
|
},
|
|
48
|
-
"gitHead": "
|
|
49
|
+
"gitHead": "bad333c98cd6f093412f0a7116c2f79e486dc996"
|
|
49
50
|
}
|
|
@@ -1,24 +0,0 @@
|
|
|
1
|
-
import { IKryptos } from "@lindorm/kryptos";
|
|
2
|
-
import { AegisVaultOptions, AegisVaultQuery, IAegisVault, VaultConfig } from "../types";
|
|
3
|
-
export declare class AegisVault implements IAegisVault {
|
|
4
|
-
private readonly _conduit;
|
|
5
|
-
private readonly _config;
|
|
6
|
-
private readonly _external;
|
|
7
|
-
private readonly _logger;
|
|
8
|
-
private _vault;
|
|
9
|
-
constructor(options: AegisVaultOptions);
|
|
10
|
-
get config(): Array<VaultConfig>;
|
|
11
|
-
get vault(): Array<IKryptos>;
|
|
12
|
-
setup(): Promise<void>;
|
|
13
|
-
refresh(): Promise<void>;
|
|
14
|
-
add(kryptos: Array<IKryptos> | IKryptos): void;
|
|
15
|
-
find(query: AegisVaultQuery): Promise<IKryptos>;
|
|
16
|
-
filter(query: AegisVaultQuery): Promise<Array<IKryptos>>;
|
|
17
|
-
private addExternalConfig;
|
|
18
|
-
private filteredKeys;
|
|
19
|
-
private getJwks;
|
|
20
|
-
private issuerConfig;
|
|
21
|
-
private loadExternalConfig;
|
|
22
|
-
private refreshExternal;
|
|
23
|
-
}
|
|
24
|
-
//# sourceMappingURL=AegisVault.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"AegisVault.d.ts","sourceRoot":"","sources":["../../src/classes/AegisVault.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,QAAQ,EAAW,MAAM,kBAAkB,CAAC;AAGrD,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,WAAW,EAGX,WAAW,EAEZ,MAAM,UAAU,CAAC;AAElB,qBAAa,UAAW,YAAW,WAAW;IAC5C,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAU;IACnC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAqB;IAC7C,OAAO,CAAC,QAAQ,CAAC,SAAS,CAA6B;IACvD,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAU;IAElC,OAAO,CAAC,MAAM,CAAkB;gBAEb,OAAO,EAAE,iBAAiB;IAmB7C,IAAW,MAAM,IAAI,KAAK,CAAC,WAAW,CAAC,CAEtC;IAED,IAAW,KAAK,IAAI,KAAK,CAAC,QAAQ,CAAC,CAElC;IAIY,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAKtB,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAQ9B,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,QAAQ,CAAC,GAAG,QAAQ,GAAG,IAAI;IAoBxC,IAAI,CAAC,KAAK,EAAE,eAAe,GAAG,OAAO,CAAC,QAAQ,CAAC;IAO/C,MAAM,CAAC,KAAK,EAAE,eAAe,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAgBvD,iBAAiB;IAmB/B,OAAO,CAAC,YAAY;YAoBN,OAAO;YAyBP,YAAY;YAcZ,kBAAkB;YAQlB,eAAe;CAK9B"}
|
|
@@ -1,141 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.AegisVault = void 0;
|
|
4
|
-
const conduit_1 = require("@lindorm/conduit");
|
|
5
|
-
const is_1 = require("@lindorm/is");
|
|
6
|
-
const kryptos_1 = require("@lindorm/kryptos");
|
|
7
|
-
const errors_1 = require("../errors");
|
|
8
|
-
class AegisVault {
|
|
9
|
-
_conduit;
|
|
10
|
-
_config;
|
|
11
|
-
_external;
|
|
12
|
-
_logger;
|
|
13
|
-
_vault;
|
|
14
|
-
constructor(options) {
|
|
15
|
-
this._logger = options.logger.child(["AegisVault"]);
|
|
16
|
-
this._conduit = new conduit_1.Conduit({
|
|
17
|
-
alias: "AegisVault",
|
|
18
|
-
logger: this._logger,
|
|
19
|
-
middleware: [(0, conduit_1.conduitChangeResponseDataMiddleware)()],
|
|
20
|
-
retryOptions: {
|
|
21
|
-
maxAttempts: 10,
|
|
22
|
-
},
|
|
23
|
-
});
|
|
24
|
-
this._external = options.external ?? [];
|
|
25
|
-
this._config = [];
|
|
26
|
-
this._vault = [];
|
|
27
|
-
}
|
|
28
|
-
get config() {
|
|
29
|
-
return this._config;
|
|
30
|
-
}
|
|
31
|
-
get vault() {
|
|
32
|
-
return this._vault;
|
|
33
|
-
}
|
|
34
|
-
async setup() {
|
|
35
|
-
await this.loadExternalConfig();
|
|
36
|
-
await this.refresh();
|
|
37
|
-
}
|
|
38
|
-
async refresh() {
|
|
39
|
-
this._logger.verbose("Refreshing vault");
|
|
40
|
-
for (const config of this._config) {
|
|
41
|
-
await this.refreshExternal(config);
|
|
42
|
-
}
|
|
43
|
-
}
|
|
44
|
-
add(kryptos) {
|
|
45
|
-
const array = (0, is_1.isArray)(kryptos) ? kryptos : [kryptos];
|
|
46
|
-
for (const item of array) {
|
|
47
|
-
if (!item.id) {
|
|
48
|
-
throw new errors_1.AegisVaultError("Id is required when adding Kryptos");
|
|
49
|
-
}
|
|
50
|
-
if (!item.issuer) {
|
|
51
|
-
throw new errors_1.AegisVaultError("Issuer is required when adding Kryptos");
|
|
52
|
-
}
|
|
53
|
-
if (item.isExpired) {
|
|
54
|
-
throw new errors_1.AegisVaultError("Kryptos is expired");
|
|
55
|
-
}
|
|
56
|
-
this._vault = this._vault.filter((i) => i.id !== item.id).concat(item);
|
|
57
|
-
}
|
|
58
|
-
}
|
|
59
|
-
async find(query) {
|
|
60
|
-
const [key] = await this.filter(query);
|
|
61
|
-
if (key)
|
|
62
|
-
return key;
|
|
63
|
-
throw new errors_1.AegisVaultError("Kryptos not found using query");
|
|
64
|
-
}
|
|
65
|
-
async filter(query) {
|
|
66
|
-
const filtered = this.filteredKeys(query);
|
|
67
|
-
if (filtered.length)
|
|
68
|
-
return filtered;
|
|
69
|
-
if (!query.issuer) {
|
|
70
|
-
throw new errors_1.AegisVaultError("Unable to find Kryptos without issuer");
|
|
71
|
-
}
|
|
72
|
-
const config = await this.issuerConfig(query.issuer);
|
|
73
|
-
await this.refreshExternal(config);
|
|
74
|
-
return this.filteredKeys(query);
|
|
75
|
-
}
|
|
76
|
-
async addExternalConfig(options) {
|
|
77
|
-
if ((0, is_1.isUrlLike)(options.issuer) && (0, is_1.isUrlLike)(options.jwksUri)) {
|
|
78
|
-
this._config.push({ issuer: options.issuer, jwksUri: options.jwksUri });
|
|
79
|
-
return;
|
|
80
|
-
}
|
|
81
|
-
if (!(0, is_1.isUrlLike)(options.openIdConfigurationUri)) {
|
|
82
|
-
throw new errors_1.AegisVaultError("Invalid issuer options");
|
|
83
|
-
}
|
|
84
|
-
const { data: { issuer, jwksUri }, } = await this._conduit.get(options.openIdConfigurationUri);
|
|
85
|
-
this._config.push({ issuer, jwksUri });
|
|
86
|
-
}
|
|
87
|
-
filteredKeys(query) {
|
|
88
|
-
return this._vault
|
|
89
|
-
.filter((i) => i.isActive)
|
|
90
|
-
.filter((i) => ((0, is_1.isString)(query.issuer) ? query.issuer === i.issuer : true))
|
|
91
|
-
.filter((i) => ((0, is_1.isString)(query.id) ? i.id === query.id : true))
|
|
92
|
-
.filter((i) => ((0, is_1.isString)(query.algorithm) ? i.algorithm === query.algorithm : true))
|
|
93
|
-
.filter((i) => ((0, is_1.isBoolean)(query.external) ? i.isExternal === query.external : true))
|
|
94
|
-
.filter((i) => (0, is_1.isString)(query.operation) && i.operations.length
|
|
95
|
-
? i.operations.includes(query.operation)
|
|
96
|
-
: true)
|
|
97
|
-
.filter((i) => ((0, is_1.isString)(query.ownerId) ? i.ownerId === query.ownerId : true))
|
|
98
|
-
.filter((i) => ((0, is_1.isBoolean)(query.private) ? i.hasPrivateKey : true))
|
|
99
|
-
.filter((i) => ((0, is_1.isBoolean)(query.public) ? i.hasPublicKey : true))
|
|
100
|
-
.filter((i) => ((0, is_1.isString)(query.type) ? i.type === query.type : true))
|
|
101
|
-
.filter((i) => ((0, is_1.isString)(query.use) ? i.use === query.use : true))
|
|
102
|
-
.sort((a, b) => b.createdAt.getTime() - a.createdAt.getTime());
|
|
103
|
-
}
|
|
104
|
-
async getJwks(issuer) {
|
|
105
|
-
this._logger.verbose("Finding JWKS", { issuer });
|
|
106
|
-
const config = await this.issuerConfig(issuer);
|
|
107
|
-
const { data: { keys }, } = await this._conduit.get(config.jwksUri);
|
|
108
|
-
const result = [];
|
|
109
|
-
for (const jwk of keys) {
|
|
110
|
-
const iss = jwk.iss ?? config.issuer;
|
|
111
|
-
const jku = jwk.jku ?? config.jwksUri;
|
|
112
|
-
const kryptos = kryptos_1.Kryptos.make({ ...jwk, iss, jku });
|
|
113
|
-
if (kryptos.isExpired)
|
|
114
|
-
continue;
|
|
115
|
-
result.push(kryptos);
|
|
116
|
-
}
|
|
117
|
-
return result;
|
|
118
|
-
}
|
|
119
|
-
async issuerConfig(issuer) {
|
|
120
|
-
if (this._external.length && !this._config.length) {
|
|
121
|
-
await this.loadExternalConfig();
|
|
122
|
-
}
|
|
123
|
-
const config = this._config.find((c) => c.issuer === issuer);
|
|
124
|
-
if (!config) {
|
|
125
|
-
throw new errors_1.AegisVaultError("Issuer not found in config");
|
|
126
|
-
}
|
|
127
|
-
return config;
|
|
128
|
-
}
|
|
129
|
-
async loadExternalConfig() {
|
|
130
|
-
this._logger.verbose("Loading external config");
|
|
131
|
-
for (const options of this._external) {
|
|
132
|
-
await this.addExternalConfig(options);
|
|
133
|
-
}
|
|
134
|
-
}
|
|
135
|
-
async refreshExternal(config) {
|
|
136
|
-
const keys = await this.getJwks(config.issuer);
|
|
137
|
-
this._vault = this._vault.filter((i) => i.issuer !== config.issuer).concat(keys);
|
|
138
|
-
}
|
|
139
|
-
}
|
|
140
|
-
exports.AegisVault = AegisVault;
|
|
141
|
-
//# sourceMappingURL=AegisVault.js.map
|