@lindorm/aegis 0.3.6 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +21 -0
- package/README.md +247 -163
- package/__tests__/__mocks__/cbor.ts +17 -0
- package/__tests__/cose-interop.test.ts +1127 -0
- package/__tests__/jwe-interop.test.ts +331 -0
- package/__tests__/jwt-interop.test.ts +183 -0
- package/dist/classes/Aegis.d.ts.map +1 -1
- package/dist/classes/Aegis.js +8 -5
- package/dist/classes/Aegis.js.map +1 -1
- package/dist/classes/CweKit.d.ts.map +1 -1
- package/dist/classes/CweKit.js +31 -37
- package/dist/classes/CweKit.js.map +1 -1
- package/dist/classes/CwsKit.d.ts.map +1 -1
- package/dist/classes/CwsKit.js +8 -3
- package/dist/classes/CwsKit.js.map +1 -1
- package/dist/classes/CwtKit.d.ts.map +1 -1
- package/dist/classes/CwtKit.js +10 -14
- package/dist/classes/CwtKit.js.map +1 -1
- package/dist/classes/JweKit.d.ts.map +1 -1
- package/dist/classes/JweKit.js +24 -47
- package/dist/classes/JweKit.js.map +1 -1
- package/dist/classes/JwsKit.d.ts.map +1 -1
- package/dist/classes/JwsKit.js +9 -2
- package/dist/classes/JwsKit.js.map +1 -1
- package/dist/classes/JwtKit.d.ts.map +1 -1
- package/dist/classes/JwtKit.js +10 -9
- package/dist/classes/JwtKit.js.map +1 -1
- package/dist/classes/SignatureKit.d.ts.map +1 -1
- package/dist/classes/SignatureKit.js +2 -1
- package/dist/classes/SignatureKit.js.map +1 -1
- package/dist/constants/private/cose.d.ts +0 -1
- package/dist/constants/private/cose.d.ts.map +1 -1
- package/dist/constants/private/cose.js +5 -23
- package/dist/constants/private/cose.js.map +1 -1
- package/dist/types/cose-target.d.ts +2 -0
- package/dist/types/cose-target.d.ts.map +1 -0
- package/dist/types/{operators.js → cose-target.js} +1 -1
- package/dist/types/cose-target.js.map +1 -0
- package/dist/types/cwe/cwe-decode.d.ts +6 -2
- package/dist/types/cwe/cwe-decode.d.ts.map +1 -1
- package/dist/types/cwe/cwe-decrypt.d.ts +2 -2
- package/dist/types/cwe/cwe-decrypt.d.ts.map +1 -1
- package/dist/types/cwe/cwe-encrypt.d.ts +2 -0
- package/dist/types/cwe/cwe-encrypt.d.ts.map +1 -1
- package/dist/types/cws/cws-sign.d.ts +2 -0
- package/dist/types/cws/cws-sign.d.ts.map +1 -1
- package/dist/types/cwt/cwt-sign.d.ts +4 -1
- package/dist/types/cwt/cwt-sign.d.ts.map +1 -1
- package/dist/types/header.d.ts +6 -10
- package/dist/types/header.d.ts.map +1 -1
- package/dist/types/index.d.ts +1 -1
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js +1 -1
- package/dist/types/index.js.map +1 -1
- package/dist/types/jwt/jwt-validate.d.ts +21 -21
- package/dist/types/jwt/jwt-validate.d.ts.map +1 -1
- package/dist/types/jwt/jwt-verify.d.ts +21 -21
- package/dist/types/jwt/jwt-verify.d.ts.map +1 -1
- package/dist/utils/private/auth-tag-length.js.map +1 -1
- package/dist/utils/private/cose/claims.d.ts +3 -3
- package/dist/utils/private/cose/claims.d.ts.map +1 -1
- package/dist/utils/private/cose/claims.js +27 -5
- package/dist/utils/private/cose/claims.js.map +1 -1
- package/dist/utils/private/cose/header.d.ts +3 -3
- package/dist/utils/private/cose/header.d.ts.map +1 -1
- package/dist/utils/private/cose/header.js +19 -26
- package/dist/utils/private/cose/header.js.map +1 -1
- package/dist/utils/private/cose/key.d.ts +1 -1
- package/dist/utils/private/cose/key.d.ts.map +1 -1
- package/dist/utils/private/cose/key.js +16 -12
- package/dist/utils/private/cose/key.js.map +1 -1
- package/dist/utils/private/cose-sign-token.d.ts +1 -2
- package/dist/utils/private/cose-sign-token.d.ts.map +1 -1
- package/dist/utils/private/cose-sign-token.js.map +1 -1
- package/dist/utils/private/index.d.ts +0 -1
- package/dist/utils/private/index.d.ts.map +1 -1
- package/dist/utils/private/index.js +0 -1
- package/dist/utils/private/index.js.map +1 -1
- package/dist/utils/private/jose-header.d.ts.map +1 -1
- package/dist/utils/private/jose-header.js +12 -17
- package/dist/utils/private/jose-header.js.map +1 -1
- package/dist/utils/private/jwt-validate.d.ts +3 -3
- package/dist/utils/private/jwt-validate.d.ts.map +1 -1
- package/dist/utils/private/jwt-validate.js +9 -9
- package/dist/utils/private/jwt-validate.js.map +1 -1
- package/dist/utils/private/jwt-verify.d.ts +3 -3
- package/dist/utils/private/jwt-verify.d.ts.map +1 -1
- package/dist/utils/private/jwt-verify.js +14 -14
- package/dist/utils/private/jwt-verify.js.map +1 -1
- package/dist/utils/private/token-header.d.ts.map +1 -1
- package/dist/utils/private/token-header.js +2 -10
- package/dist/utils/private/token-header.js.map +1 -1
- package/dist/utils/private/validate.d.ts +2 -3
- package/dist/utils/private/validate.d.ts.map +1 -1
- package/dist/utils/private/validate.js +9 -10
- package/dist/utils/private/validate.js.map +1 -1
- package/jest.config.interop.mjs +27 -0
- package/package.json +24 -24
- package/tsconfig.interop.json +9 -0
- package/dist/types/operators.d.ts +0 -27
- package/dist/types/operators.d.ts.map +0 -1
- package/dist/types/operators.js.map +0 -1
- package/dist/utils/private/validate-value.d.ts +0 -3
- package/dist/utils/private/validate-value.d.ts.map +0 -1
- package/dist/utils/private/validate-value.js +0 -91
- package/dist/utils/private/validate-value.js.map +0 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"claims.js","sourceRoot":"","sources":["../../../../src/utils/private/cose/claims.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"claims.js","sourceRoot":"","sources":["../../../../src/utils/private/cose/claims.ts"],"names":[],"mappings":";;;AAAA,oCAA6C;AAE7C,0DAA8D;AAC9D,4CAA6C;AAE7C,iCAA0C;AAC1C,iCAAwD;AAEjD,MAAM,aAAa,GAAG,CAC3B,MAAiB,EACjB,SAAqB,UAAU,EACA,EAAE;IACjC,MAAM,MAAM,GAAG,IAAI,GAAG,EAA4B,CAAC;IAEnD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,IAAI,IAAA,mBAAc,EAAC,GAAG,CAAC,EAAE,CAAC;YACxB,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YAChC,IAAI,KAAK,GAAG,GAAG,EAAE,CAAC;gBAChB,MAAM,IAAI,mBAAU,CAAC,+CAA+C,KAAK,EAAE,CAAC,CAAC;YAC/E,CAAC;YACD,IAAI,MAAM,KAAK,UAAU,EAAE,CAAC;gBAC1B,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACzB,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;YAC3B,CAAC;YACD,SAAS;QACX,CAAC;QAED,MAAM,KAAK,GAAG,IAAA,oBAAa,EAAC,kBAAW,EAAE,GAAG,CAAC,CAAC;QAE9C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACvB,SAAS;QACX,CAAC;QAED,IAAI,MAAM,KAAK,UAAU,IAAI,KAAK,CAAC,KAAK,IAAI,GAAG,EAAE,CAAC;YAChD,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACvB,SAAS;QACX,CAAC;QAED,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,IAAA,aAAM,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QAC9C,SAAS;IACX,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AArCW,QAAA,aAAa,iBAqCxB;AAEF,MAAM,cAAc,GAAG,CACrB,IAA0C,EAChB,EAAE,CAC5B,IAAI,YAAY,GAAG;IACjB,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;AAEpB,MAAM,gBAAgB,GAAG,CAC9B,IAA0C,EAC3B,EAAE;IACjB,MAAM,MAAM,GAAS,EAAE,CAAC;IAExB,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;QAClD,MAAM,KAAK,GAAG,IAAA,sBAAe,EAAC,kBAAW,EAAE,KAAK,CAAC,CAAC;QAElD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC;YACtB,SAAS;QACX,CAAC;QAED,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,IAAA,eAAQ,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAC3C,SAAS;IACX,CAAC;IAED,OAAO,MAAuB,CAAC;AACjC,CAAC,CAAC;AAlBW,QAAA,gBAAgB,oBAkB3B"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { Dict } from "@lindorm/types";
|
|
2
|
-
import { RawTokenHeaderClaims } from "../../../types";
|
|
3
|
-
export declare const mapCoseHeader: (claims: RawTokenHeaderClaims) =>
|
|
4
|
-
export declare const decodeCoseHeader: (cose: Dict) => RawTokenHeaderClaims;
|
|
2
|
+
import { CoseTarget, RawTokenHeaderClaims } from "../../../types";
|
|
3
|
+
export declare const mapCoseHeader: (claims: RawTokenHeaderClaims, target?: CoseTarget) => Map<number | string, unknown>;
|
|
4
|
+
export declare const decodeCoseHeader: (cose: Dict | Map<number | string, unknown>) => RawTokenHeaderClaims;
|
|
5
5
|
//# sourceMappingURL=header.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"header.d.ts","sourceRoot":"","sources":["../../../../src/utils/private/cose/header.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAGtC,OAAO,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"header.d.ts","sourceRoot":"","sources":["../../../../src/utils/private/cose/header.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAGtC,OAAO,EAAE,UAAU,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AAMlE,eAAO,MAAM,aAAa,GACxB,QAAQ,oBAAoB,EAC5B,SAAQ,UAAuB,KAC9B,GAAG,CAAC,MAAM,GAAG,MAAM,EAAE,OAAO,CA0C9B,CAAC;AASF,eAAO,MAAM,gBAAgB,GAC3B,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,GAAG,MAAM,EAAE,OAAO,CAAC,KACzC,oBAqCF,CAAC"}
|
|
@@ -7,17 +7,18 @@ const bstr_1 = require("./bstr");
|
|
|
7
7
|
const crit_1 = require("./crit");
|
|
8
8
|
const find_1 = require("./find");
|
|
9
9
|
const key_1 = require("./key");
|
|
10
|
-
const mapCoseHeader = (claims) => {
|
|
11
|
-
const result =
|
|
12
|
-
if (claims["alg"] && claims["enc"]) {
|
|
13
|
-
throw new errors_1.AegisError("COSE header cannot contain both alg and enc");
|
|
14
|
-
}
|
|
10
|
+
const mapCoseHeader = (claims, target = "internal") => {
|
|
11
|
+
const result = new Map();
|
|
15
12
|
for (const [key, value] of Object.entries(claims)) {
|
|
16
13
|
if (!value)
|
|
17
14
|
continue;
|
|
18
15
|
const claim = (0, find_1.findCoseByKey)(private_1.COSE_HEADER, key);
|
|
19
16
|
if (!claim) {
|
|
20
|
-
result
|
|
17
|
+
result.set(key, value);
|
|
18
|
+
continue;
|
|
19
|
+
}
|
|
20
|
+
if (target === "external" && claim.label >= 400) {
|
|
21
|
+
result.set(key, value);
|
|
21
22
|
continue;
|
|
22
23
|
}
|
|
23
24
|
if (key === "alg") {
|
|
@@ -25,35 +26,29 @@ const mapCoseHeader = (claims) => {
|
|
|
25
26
|
if (!alg) {
|
|
26
27
|
throw new errors_1.AegisError(`Unsupported COSE algorithm: ${value}`);
|
|
27
28
|
}
|
|
28
|
-
result
|
|
29
|
-
continue;
|
|
30
|
-
}
|
|
31
|
-
if (key === "enc") {
|
|
32
|
-
const enc = (0, find_1.findCoseByKey)(private_1.COSE_ENCRYPTION, value);
|
|
33
|
-
if (!enc) {
|
|
34
|
-
console.error("map", { key, value, claim, alg: enc });
|
|
35
|
-
throw new errors_1.AegisError(`Unsupported COSE algorithm: ${value}`);
|
|
36
|
-
}
|
|
37
|
-
result[claim.label] = enc.label;
|
|
29
|
+
result.set(claim.label, alg.label);
|
|
38
30
|
continue;
|
|
39
31
|
}
|
|
40
32
|
if (key === "crit") {
|
|
41
|
-
result
|
|
33
|
+
result.set(claim.label, (0, crit_1.mapCoseCrit)(value));
|
|
42
34
|
continue;
|
|
43
35
|
}
|
|
44
36
|
if (key === "epk" || key === "jwk") {
|
|
45
|
-
result
|
|
37
|
+
result.set(claim.label, (0, key_1.mapCoseKey)(value));
|
|
46
38
|
continue;
|
|
47
39
|
}
|
|
48
|
-
result
|
|
40
|
+
result.set(claim.label, (0, bstr_1.toBstr)(claim, value));
|
|
49
41
|
continue;
|
|
50
42
|
}
|
|
51
43
|
return result;
|
|
52
44
|
};
|
|
53
45
|
exports.mapCoseHeader = mapCoseHeader;
|
|
46
|
+
const iterateEntries = (cose) => cose instanceof Map
|
|
47
|
+
? Array.from(cose.entries()).map(([k, v]) => [String(k), v])
|
|
48
|
+
: Object.entries(cose);
|
|
54
49
|
const decodeCoseHeader = (cose) => {
|
|
55
50
|
const result = {};
|
|
56
|
-
for (const [label, value] of
|
|
51
|
+
for (const [label, value] of iterateEntries(cose)) {
|
|
57
52
|
if (!value)
|
|
58
53
|
continue;
|
|
59
54
|
const claim = (0, find_1.findCoseByLabel)(private_1.COSE_HEADER, label);
|
|
@@ -61,14 +56,12 @@ const decodeCoseHeader = (cose) => {
|
|
|
61
56
|
result[label] = value;
|
|
62
57
|
continue;
|
|
63
58
|
}
|
|
64
|
-
if (claim.key === "alg"
|
|
59
|
+
if (claim.key === "alg") {
|
|
65
60
|
const alg = (0, find_1.findCoseByLabel)(private_1.COSE_ALGORITHM, value);
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
throw new errors_1.AegisError(`Unsupported COSE algorithm/encryption: ${value}`);
|
|
61
|
+
if (!alg) {
|
|
62
|
+
throw new errors_1.AegisError(`Unsupported COSE algorithm: ${String(value)}`);
|
|
69
63
|
}
|
|
70
|
-
|
|
71
|
-
result[calc] = alg?.key ?? enc?.key;
|
|
64
|
+
result["alg"] = alg.key;
|
|
72
65
|
continue;
|
|
73
66
|
}
|
|
74
67
|
if (claim.key === "crit") {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"header.js","sourceRoot":"","sources":["../../../../src/utils/private/cose/header.ts"],"names":[],"mappings":";;;AACA,
|
|
1
|
+
{"version":3,"file":"header.js","sourceRoot":"","sources":["../../../../src/utils/private/cose/header.ts"],"names":[],"mappings":";;;AACA,wDAAyE;AACzE,4CAA6C;AAE7C,iCAA0C;AAC1C,iCAAqD;AACrD,iCAAwD;AACxD,+BAAkD;AAE3C,MAAM,aAAa,GAAG,CAC3B,MAA4B,EAC5B,SAAqB,UAAU,EACA,EAAE;IACjC,MAAM,MAAM,GAAG,IAAI,GAAG,EAA4B,CAAC;IAEnD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,IAAI,CAAC,KAAK;YAAE,SAAS;QAErB,MAAM,KAAK,GAAG,IAAA,oBAAa,EAAC,qBAAW,EAAE,GAAG,CAAC,CAAC;QAE9C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACvB,SAAS;QACX,CAAC;QAED,IAAI,MAAM,KAAK,UAAU,IAAI,KAAK,CAAC,KAAK,IAAI,GAAG,EAAE,CAAC;YAChD,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACvB,SAAS;QACX,CAAC;QAED,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;YAClB,MAAM,GAAG,GAAG,IAAA,oBAAa,EAAC,wBAAc,EAAE,KAAK,CAAC,CAAC;YACjD,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,mBAAU,CAAC,+BAA+B,KAAY,EAAE,CAAC,CAAC;YACtE,CAAC;YACD,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YACnC,SAAS;QACX,CAAC;QAED,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;YACnB,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,IAAA,kBAAW,EAAC,KAAK,CAAC,CAAC,CAAC;YAC5C,SAAS;QACX,CAAC;QAED,IAAI,GAAG,KAAK,KAAK,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;YACnC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,IAAA,gBAAU,EAAC,KAAK,CAAC,CAAC,CAAC;YAC3C,SAAS;QACX,CAAC;QAED,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,IAAA,aAAM,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QAC9C,SAAS;IACX,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AA7CW,QAAA,aAAa,iBA6CxB;AAEF,MAAM,cAAc,GAAG,CACrB,IAA0C,EAChB,EAAE,CAC5B,IAAI,YAAY,GAAG;IACjB,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;AAEpB,MAAM,gBAAgB,GAAG,CAC9B,IAA0C,EACpB,EAAE;IACxB,MAAM,MAAM,GAAS,EAAE,CAAC;IAExB,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;QAClD,IAAI,CAAC,KAAK;YAAE,SAAS;QAErB,MAAM,KAAK,GAAG,IAAA,sBAAe,EAAC,qBAAW,EAAE,KAAK,CAAC,CAAC;QAElD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC;YACtB,SAAS;QACX,CAAC;QAED,IAAI,KAAK,CAAC,GAAG,KAAK,KAAK,EAAE,CAAC;YACxB,MAAM,GAAG,GAAG,IAAA,sBAAe,EAAC,wBAAc,EAAE,KAAK,CAAC,CAAC;YACnD,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,mBAAU,CAAC,+BAA+B,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YACvE,CAAC;YACD,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC;YACxB,SAAS;QACX,CAAC;QAED,IAAI,KAAK,CAAC,GAAG,KAAK,MAAM,EAAE,CAAC;YACzB,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,IAAA,qBAAc,EAAC,KAAK,CAAC,CAAC;YAC1C,SAAS;QACX,CAAC;QAED,IAAI,KAAK,CAAC,GAAG,KAAK,KAAK,IAAI,KAAK,CAAC,GAAG,KAAK,KAAK,EAAE,CAAC;YAC/C,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,IAAA,mBAAa,EAAC,KAAK,CAAC,CAAC;YACzC,SAAS;QACX,CAAC;QAED,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,IAAA,eAAQ,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAC3C,SAAS;IACX,CAAC;IAED,OAAO,MAA8B,CAAC;AACxC,CAAC,CAAC;AAvCW,QAAA,gBAAgB,oBAuC3B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"key.d.ts","sourceRoot":"","sources":["../../../../src/utils/private/cose/key.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAMtC,eAAO,MAAM,UAAU,GAAI,KAAK,GAAG,KAAG,
|
|
1
|
+
{"version":3,"file":"key.d.ts","sourceRoot":"","sources":["../../../../src/utils/private/cose/key.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAMtC,eAAO,MAAM,UAAU,GAAI,KAAK,GAAG,KAAG,GAAG,CAAC,MAAM,GAAG,MAAM,EAAE,OAAO,CA8CjE,CAAC;AAUF,eAAO,MAAM,aAAa,GAAI,MAAM,GAAG,KAAG,IAyCzC,CAAC"}
|
|
@@ -15,43 +15,47 @@ const mapCoseKey = (jwk) => {
|
|
|
15
15
|
throw new errors_1.AegisError("Missing COSE key type", { debug: { jwk } });
|
|
16
16
|
}
|
|
17
17
|
const coseKey = (0, find_1.findSpecificCoseKey)(kty);
|
|
18
|
-
const result =
|
|
18
|
+
const result = new Map();
|
|
19
19
|
for (const [key, value] of Object.entries(jwk)) {
|
|
20
20
|
const claim = (0, find_1.findCoseByKey)(coseKey, key);
|
|
21
21
|
if (!claim) {
|
|
22
|
-
result
|
|
22
|
+
result.set(key, value);
|
|
23
23
|
continue;
|
|
24
24
|
}
|
|
25
25
|
if (key === "crv") {
|
|
26
26
|
const crv = (0, find_1.findCoseByKey)(private_1.COSE_KEY_CURVE, value);
|
|
27
27
|
if (!crv) {
|
|
28
|
-
throw new errors_1.AegisError(`Unsupported COSE key curve: ${value}`);
|
|
28
|
+
throw new errors_1.AegisError(`Unsupported COSE key curve: ${String(value)}`);
|
|
29
29
|
}
|
|
30
|
-
result
|
|
30
|
+
result.set(claim.label, crv.label);
|
|
31
31
|
continue;
|
|
32
32
|
}
|
|
33
33
|
if (key === "kty") {
|
|
34
34
|
const kty = (0, find_1.findCoseByKey)(private_1.COSE_KEY_TYPE, value);
|
|
35
35
|
if (!kty) {
|
|
36
|
-
throw new errors_1.AegisError(`Unsupported COSE key type: ${value}`);
|
|
36
|
+
throw new errors_1.AegisError(`Unsupported COSE key type: ${String(value)}`);
|
|
37
37
|
}
|
|
38
|
-
result
|
|
38
|
+
result.set(claim?.label ?? key, kty.label);
|
|
39
39
|
continue;
|
|
40
40
|
}
|
|
41
|
-
result
|
|
41
|
+
result.set(claim.label, (0, bstr_1.toBstr)(claim, value));
|
|
42
42
|
continue;
|
|
43
43
|
}
|
|
44
44
|
return result;
|
|
45
45
|
};
|
|
46
46
|
exports.mapCoseKey = mapCoseKey;
|
|
47
|
+
const iterateKeyEntries = (cose) => cose instanceof Map
|
|
48
|
+
? Array.from(cose.entries()).map(([k, v]) => [String(k), v])
|
|
49
|
+
: Object.entries(cose);
|
|
50
|
+
const getKeyTypeValue = (cose) => cose instanceof Map ? cose.get(1) : cose[1];
|
|
47
51
|
const decodeCoseKey = (cose) => {
|
|
48
|
-
if (!(0, is_1.isObject)(cose)) {
|
|
52
|
+
if (!(0, is_1.isObject)(cose) && !(cose instanceof Map)) {
|
|
49
53
|
throw new errors_1.AegisError(`Invalid COSE key: ${cose}`);
|
|
50
54
|
}
|
|
51
55
|
const result = {};
|
|
52
|
-
const kty = (0, find_1.findCoseByLabel)(private_1.COSE_KEY_TYPE, cose
|
|
56
|
+
const kty = (0, find_1.findCoseByLabel)(private_1.COSE_KEY_TYPE, getKeyTypeValue(cose));
|
|
53
57
|
const coseKey = (0, find_1.findSpecificCoseKey)(kty.key);
|
|
54
|
-
for (const [label, value] of
|
|
58
|
+
for (const [label, value] of iterateKeyEntries(cose)) {
|
|
55
59
|
const claim = (0, find_1.findCoseByLabel)(coseKey, label);
|
|
56
60
|
if (!claim) {
|
|
57
61
|
result[label] = value;
|
|
@@ -60,7 +64,7 @@ const decodeCoseKey = (cose) => {
|
|
|
60
64
|
if (claim.key === "crv") {
|
|
61
65
|
const crv = (0, find_1.findCoseByLabel)(private_1.COSE_KEY_CURVE, value);
|
|
62
66
|
if (!crv) {
|
|
63
|
-
throw new errors_1.AegisError(`Unsupported COSE key curve: ${value}`);
|
|
67
|
+
throw new errors_1.AegisError(`Unsupported COSE key curve: ${String(value)}`);
|
|
64
68
|
}
|
|
65
69
|
result[claim.key] = crv.key;
|
|
66
70
|
continue;
|
|
@@ -68,7 +72,7 @@ const decodeCoseKey = (cose) => {
|
|
|
68
72
|
if (claim.key === "kty") {
|
|
69
73
|
const kty = (0, find_1.findCoseByLabel)(private_1.COSE_KEY_TYPE, value);
|
|
70
74
|
if (!kty) {
|
|
71
|
-
throw new errors_1.AegisError(`Unsupported COSE key type: ${value}`);
|
|
75
|
+
throw new errors_1.AegisError(`Unsupported COSE key type: ${String(value)}`);
|
|
72
76
|
}
|
|
73
77
|
result[claim.key] = kty.key;
|
|
74
78
|
continue;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"key.js","sourceRoot":"","sources":["../../../../src/utils/private/cose/key.ts"],"names":[],"mappings":";;;AAAA,oCAAuC;AAEvC,wDAA2E;AAC3E,4CAA6C;AAC7C,iCAA0C;AAC1C,iCAA6E;AAEtE,MAAM,UAAU,GAAG,CAAC,GAAQ,
|
|
1
|
+
{"version":3,"file":"key.js","sourceRoot":"","sources":["../../../../src/utils/private/cose/key.ts"],"names":[],"mappings":";;;AAAA,oCAAuC;AAEvC,wDAA2E;AAC3E,4CAA6C;AAC7C,iCAA0C;AAC1C,iCAA6E;AAEtE,MAAM,UAAU,GAAG,CAAC,GAAQ,EAAiC,EAAE;IACpE,IAAI,CAAC,IAAA,aAAQ,EAAC,GAAG,CAAC,EAAE,CAAC;QACnB,MAAM,IAAI,mBAAU,CAAC,qBAAqB,GAAG,EAAE,CAAC,CAAC;IACnD,CAAC;IAED,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;IAEvB,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,mBAAU,CAAC,uBAAuB,EAAE,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IACpE,CAAC;IAED,MAAM,OAAO,GAAG,IAAA,0BAAmB,EAAC,GAAG,CAAC,CAAC;IAEzC,MAAM,MAAM,GAAG,IAAI,GAAG,EAA4B,CAAC;IAEnD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/C,MAAM,KAAK,GAAG,IAAA,oBAAa,EAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAE1C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACvB,SAAS;QACX,CAAC;QAED,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;YAClB,MAAM,GAAG,GAAG,IAAA,oBAAa,EAAC,wBAAc,EAAE,KAAK,CAAC,CAAC;YACjD,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,mBAAU,CAAC,+BAA+B,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YACvE,CAAC;YACD,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YACnC,SAAS;QACX,CAAC;QAED,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;YAClB,MAAM,GAAG,GAAG,IAAA,oBAAa,EAAC,uBAAa,EAAE,KAAK,CAAC,CAAC;YAChD,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,mBAAU,CAAC,8BAA8B,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YACtE,CAAC;YACD,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,KAAK,IAAI,GAAG,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YAC3C,SAAS;QACX,CAAC;QAED,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,IAAA,aAAM,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QAC9C,SAAS;IACX,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AA9CW,QAAA,UAAU,cA8CrB;AAEF,MAAM,iBAAiB,GAAG,CAAC,IAAS,EAA4B,EAAE,CAChE,IAAI,YAAY,GAAG;IACjB,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;AAE3B,MAAM,eAAe,GAAG,CAAC,IAAS,EAAW,EAAE,CAC7C,IAAI,YAAY,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAEvC,MAAM,aAAa,GAAG,CAAC,IAAS,EAAQ,EAAE;IAC/C,IAAI,CAAC,IAAA,aAAQ,EAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;QAC9C,MAAM,IAAI,mBAAU,CAAC,qBAAqB,IAAI,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,MAAM,MAAM,GAAS,EAAE,CAAC;IAExB,MAAM,GAAG,GAAG,IAAA,sBAAe,EAAC,uBAAa,EAAE,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC;IAClE,MAAM,OAAO,GAAG,IAAA,0BAAmB,EAAC,GAAI,CAAC,GAAG,CAAC,CAAC;IAE9C,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC;QACrD,MAAM,KAAK,GAAG,IAAA,sBAAe,EAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAE9C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC;YACtB,SAAS;QACX,CAAC;QAED,IAAI,KAAK,CAAC,GAAG,KAAK,KAAK,EAAE,CAAC;YACxB,MAAM,GAAG,GAAG,IAAA,sBAAe,EAAC,wBAAc,EAAE,KAAK,CAAC,CAAC;YACnD,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,mBAAU,CAAC,+BAA+B,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YACvE,CAAC;YACD,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC;YAC5B,SAAS;QACX,CAAC;QAED,IAAI,KAAK,CAAC,GAAG,KAAK,KAAK,EAAE,CAAC;YACxB,MAAM,GAAG,GAAG,IAAA,sBAAe,EAAC,uBAAa,EAAE,KAAK,CAAC,CAAC;YAClD,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,mBAAU,CAAC,8BAA8B,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YACtE,CAAC;YACD,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC;YAC5B,SAAS;QACX,CAAC;QAED,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,IAAA,eAAQ,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAC3C,SAAS;IACX,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAzCW,QAAA,aAAa,iBAyCxB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cose-sign-token.d.ts","sourceRoot":"","sources":["../../../src/utils/private/cose-sign-token.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"cose-sign-token.d.ts","sourceRoot":"","sources":["../../../src/utils/private/cose-sign-token.ts"],"names":[],"mappings":"AAEA,KAAK,WAAW,GAAG;IACjB,eAAe,EAAE,MAAM,CAAC;IACxB,iBAAiB,EAAE,GAAG,CAAC,MAAM,GAAG,MAAM,EAAE,OAAO,CAAC,CAAC;IACjD,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB,CAAC;AAEF,eAAO,MAAM,mBAAmB,GAAI,SAAS,WAAW,KAAG,MAMvD,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cose-sign-token.js","sourceRoot":"","sources":["../../../src/utils/private/cose-sign-token.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"cose-sign-token.js","sourceRoot":"","sources":["../../../src/utils/private/cose-sign-token.ts"],"names":[],"mappings":";;;AAAA,+BAA8B;AASvB,MAAM,mBAAmB,GAAG,CAAC,OAAoB,EAAU,EAAE,CAClE,IAAA,aAAM,EAAC;IACL,OAAO,CAAC,eAAe;IACvB,OAAO,CAAC,iBAAiB;IACzB,OAAO,CAAC,OAAO;IACf,OAAO,CAAC,SAAS;CAClB,CAAC,CAAC;AANQ,QAAA,mBAAmB,uBAM3B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/utils/private/index.ts"],"names":[],"mappings":"AAAA,cAAc,QAAQ,CAAC;AAEvB,cAAc,mBAAmB,CAAC;AAClC,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AACjC,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,kBAAkB,CAAC;AACjC,cAAc,eAAe,CAAC;AAC9B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,cAAc,CAAC;AAC7B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,YAAY,CAAC
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/utils/private/index.ts"],"names":[],"mappings":"AAAA,cAAc,QAAQ,CAAC;AAEvB,cAAc,mBAAmB,CAAC;AAClC,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AACjC,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,kBAAkB,CAAC;AACjC,cAAc,eAAe,CAAC;AAC9B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,cAAc,CAAC;AAC7B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,YAAY,CAAC"}
|
|
@@ -26,5 +26,4 @@ __exportStar(require("./jwt-validate"), exports);
|
|
|
26
26
|
__exportStar(require("./jwt-verify"), exports);
|
|
27
27
|
__exportStar(require("./token-header"), exports);
|
|
28
28
|
__exportStar(require("./validate"), exports);
|
|
29
|
-
__exportStar(require("./validate-value"), exports);
|
|
30
29
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/utils/private/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,yCAAuB;AAEvB,oDAAkC;AAClC,oDAAkC;AAClC,mDAAiC;AACjC,gDAA8B;AAC9B,gDAA8B;AAC9B,mDAAiC;AACjC,gDAA8B;AAC9B,iDAA+B;AAC/B,+CAA6B;AAC7B,iDAA+B;AAC/B,6CAA2B
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/utils/private/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,yCAAuB;AAEvB,oDAAkC;AAClC,oDAAkC;AAClC,mDAAiC;AACjC,gDAA8B;AAC9B,gDAA8B;AAC9B,mDAAiC;AACjC,gDAA8B;AAC9B,iDAA+B;AAC/B,+CAA6B;AAC7B,iDAA+B;AAC/B,6CAA2B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jose-header.d.ts","sourceRoot":"","sources":["../../../src/utils/private/jose-header.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"jose-header.d.ts","sourceRoot":"","sources":["../../../src/utils/private/jose-header.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,kBAAkB,EAAqB,kBAAkB,EAAE,MAAM,aAAa,CAAC;AAGxF,eAAO,MAAM,gBAAgB,GAAI,SAAS,kBAAkB,KAAG,MAgC9D,CAAC;AAEF,eAAO,MAAM,gBAAgB,GAAI,QAAQ,MAAM,KAAG,kBAcjD,CAAC"}
|
|
@@ -2,7 +2,6 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.decodeJoseHeader = exports.encodeJoseHeader = void 0;
|
|
4
4
|
const b64_1 = require("@lindorm/b64");
|
|
5
|
-
const is_1 = require("@lindorm/is");
|
|
6
5
|
const private_1 = require("../../constants/private");
|
|
7
6
|
const token_header_1 = require("./token-header");
|
|
8
7
|
const encodeJoseHeader = (options) => {
|
|
@@ -21,29 +20,25 @@ const encodeJoseHeader = (options) => {
|
|
|
21
20
|
if (!options.keyId) {
|
|
22
21
|
throw new Error("Key ID is required");
|
|
23
22
|
}
|
|
24
|
-
const
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
23
|
+
const raw = (0, token_header_1.mapTokenHeader)(options);
|
|
24
|
+
const claims = {
|
|
25
|
+
...raw,
|
|
26
|
+
alg: options.algorithm,
|
|
27
|
+
iv: raw.iv ? b64_1.B64.encode(raw.iv, private_1.B64U) : undefined,
|
|
28
|
+
p2s: raw.p2s ? b64_1.B64.encode(raw.p2s, private_1.B64U) : undefined,
|
|
29
|
+
tag: raw.tag ? b64_1.B64.encode(raw.tag, private_1.B64U) : undefined,
|
|
30
|
+
};
|
|
30
31
|
return b64_1.B64.encode(JSON.stringify(claims), private_1.B64U);
|
|
31
32
|
};
|
|
32
33
|
exports.encodeJoseHeader = encodeJoseHeader;
|
|
33
34
|
const decodeJoseHeader = (header) => {
|
|
34
35
|
const string = b64_1.B64.toString(header);
|
|
35
36
|
const json = JSON.parse(string);
|
|
36
|
-
if (!json.alg) {
|
|
37
|
-
throw new Error("Missing token header: alg");
|
|
38
|
-
}
|
|
39
|
-
if (!private_1.TOKEN_HEADER_ALGORITHMS.includes(json.alg)) {
|
|
40
|
-
throw new Error(`Invalid token header: alg: ${json.alg}`);
|
|
41
|
-
}
|
|
42
|
-
if (!json.typ) {
|
|
43
|
-
throw new Error("Missing token header: typ");
|
|
37
|
+
if (!json.alg || typeof json.alg !== "string") {
|
|
38
|
+
throw new Error("Missing or invalid token header: alg");
|
|
44
39
|
}
|
|
45
|
-
if (
|
|
46
|
-
throw new Error(
|
|
40
|
+
if (json.typ !== undefined && typeof json.typ !== "string") {
|
|
41
|
+
throw new Error("Invalid token header: typ must be a string");
|
|
47
42
|
}
|
|
48
43
|
return json;
|
|
49
44
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jose-header.js","sourceRoot":"","sources":["../../../src/utils/private/jose-header.ts"],"names":[],"mappings":";;;AAAA,sCAAmC;AACnC,
|
|
1
|
+
{"version":3,"file":"jose-header.js","sourceRoot":"","sources":["../../../src/utils/private/jose-header.ts"],"names":[],"mappings":";;;AAAA,sCAAmC;AACnC,qDAIiC;AAEjC,iDAAgD;AAEzC,MAAM,gBAAgB,GAAG,CAAC,OAA2B,EAAU,EAAE;IACtE,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAC3C,CAAC;IACD,IAAI,CAAC,iCAAuB,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QACzD,MAAM,IAAI,KAAK,CAAC,sBAAsB,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;IAC7D,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IACD,IAAI,CAAC,4BAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;QACrD,MAAM,IAAI,KAAK,CAAC,wBAAwB,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;IAChE,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACxC,CAAC;IAED,MAAM,GAAG,GAAG,IAAA,6BAAc,EAAC,OAAO,CAAC,CAAC;IAMpC,MAAM,MAAM,GAAsB;QAChC,GAAG,GAAG;QACN,GAAG,EAAE,OAAO,CAAC,SAAS;QACtB,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,SAAG,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,cAAI,CAAC,CAAC,CAAC,CAAC,SAAS;QACjD,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,SAAG,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,cAAI,CAAC,CAAC,CAAC,CAAC,SAAS;QACpD,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,SAAG,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,cAAI,CAAC,CAAC,CAAC,CAAC,SAAS;KACrD,CAAC;IAEF,OAAO,SAAG,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,cAAI,CAAC,CAAC;AAClD,CAAC,CAAC;AAhCW,QAAA,gBAAgB,oBAgC3B;AAEK,MAAM,gBAAgB,GAAG,CAAC,MAAc,EAAsB,EAAE;IACrE,MAAM,MAAM,GAAG,SAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACpC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAA+B,CAAC;IAE9D,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,OAAO,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC9C,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;IAED,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,IAAI,OAAO,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC3D,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IAGD,OAAO,IAA0B,CAAC;AACpC,CAAC,CAAC;AAdW,QAAA,gBAAgB,oBAc3B"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { Dict } from "@lindorm/types";
|
|
2
|
-
import {
|
|
3
|
-
export declare const createJwtValidate: (validate: ValidateJwtOptions) => Dict
|
|
1
|
+
import { Dict, Predicate } from "@lindorm/types";
|
|
2
|
+
import { ValidateJwtOptions } from "../../types";
|
|
3
|
+
export declare const createJwtValidate: (validate: ValidateJwtOptions) => Predicate<Dict>;
|
|
4
4
|
//# sourceMappingURL=jwt-validate.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-validate.d.ts","sourceRoot":"","sources":["../../../src/utils/private/jwt-validate.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"jwt-validate.d.ts","sourceRoot":"","sources":["../../../src/utils/private/jwt-validate.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,SAAS,EAAqB,MAAM,gBAAgB,CAAC;AACpE,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AAGjD,eAAO,MAAM,iBAAiB,GAAI,UAAU,kBAAkB,KAAG,SAAS,CAAC,IAAI,CAwC9E,CAAC"}
|
|
@@ -5,41 +5,41 @@ const is_1 = require("@lindorm/is");
|
|
|
5
5
|
const create_hash_1 = require("./create-hash");
|
|
6
6
|
const createJwtValidate = (validate) => {
|
|
7
7
|
const algorithm = validate.algorithm;
|
|
8
|
-
const
|
|
8
|
+
const predicate = {};
|
|
9
9
|
for (const [key, value] of Object.entries(validate)) {
|
|
10
10
|
if (key === "algorithm")
|
|
11
11
|
continue;
|
|
12
12
|
if (key === "accessToken" && algorithm && (0, is_1.isString)(value)) {
|
|
13
|
-
|
|
13
|
+
predicate[key] = { $eq: (0, create_hash_1.createAccessTokenHash)(algorithm, value) };
|
|
14
14
|
continue;
|
|
15
15
|
}
|
|
16
16
|
if (key === "authCode" && algorithm && (0, is_1.isString)(value)) {
|
|
17
|
-
|
|
17
|
+
predicate[key] = { $eq: (0, create_hash_1.createCodeHash)(algorithm, value) };
|
|
18
18
|
continue;
|
|
19
19
|
}
|
|
20
20
|
if (key === "authState" && algorithm && (0, is_1.isString)(value)) {
|
|
21
|
-
|
|
21
|
+
predicate[key] = { $eq: (0, create_hash_1.createStateHash)(algorithm, value) };
|
|
22
22
|
continue;
|
|
23
23
|
}
|
|
24
24
|
if ((0, is_1.isArray)(value)) {
|
|
25
|
-
|
|
25
|
+
predicate[key] = { $all: value };
|
|
26
26
|
continue;
|
|
27
27
|
}
|
|
28
28
|
if ((0, is_1.isNumber)(value)) {
|
|
29
|
-
|
|
29
|
+
predicate[key] = { $eq: value };
|
|
30
30
|
continue;
|
|
31
31
|
}
|
|
32
32
|
if ((0, is_1.isString)(value)) {
|
|
33
|
-
|
|
33
|
+
predicate[key] = { $eq: value };
|
|
34
34
|
continue;
|
|
35
35
|
}
|
|
36
36
|
if ((0, is_1.isObject)(value)) {
|
|
37
|
-
|
|
37
|
+
predicate[key] = value;
|
|
38
38
|
continue;
|
|
39
39
|
}
|
|
40
40
|
throw new Error(`Unsupported value: ${value} for key: ${key}`);
|
|
41
41
|
}
|
|
42
|
-
return
|
|
42
|
+
return predicate;
|
|
43
43
|
};
|
|
44
44
|
exports.createJwtValidate = createJwtValidate;
|
|
45
45
|
//# sourceMappingURL=jwt-validate.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-validate.js","sourceRoot":"","sources":["../../../src/utils/private/jwt-validate.ts"],"names":[],"mappings":";;;AAAA,oCAAoE;AAGpE,+CAAuF;AAEhF,MAAM,iBAAiB,GAAG,CAAC,QAA4B,EAAmB,EAAE;IACjF,MAAM,SAAS,GAAG,QAAQ,CAAC,SAAS,CAAC;IACrC,MAAM,
|
|
1
|
+
{"version":3,"file":"jwt-validate.js","sourceRoot":"","sources":["../../../src/utils/private/jwt-validate.ts"],"names":[],"mappings":";;;AAAA,oCAAoE;AAGpE,+CAAuF;AAEhF,MAAM,iBAAiB,GAAG,CAAC,QAA4B,EAAmB,EAAE;IACjF,MAAM,SAAS,GAAG,QAAQ,CAAC,SAAS,CAAC;IACrC,MAAM,SAAS,GAAoB,EAAE,CAAC;IAEtC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QACpD,IAAI,GAAG,KAAK,WAAW;YAAE,SAAS;QAElC,IAAI,GAAG,KAAK,aAAa,IAAI,SAAS,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAC1D,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,IAAA,mCAAqB,EAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAClE,SAAS;QACX,CAAC;QACD,IAAI,GAAG,KAAK,UAAU,IAAI,SAAS,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACvD,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,IAAA,4BAAc,EAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAC3D,SAAS;QACX,CAAC;QACD,IAAI,GAAG,KAAK,WAAW,IAAI,SAAS,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACxD,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,IAAA,6BAAe,EAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAC5D,SAAS;QACX,CAAC;QACD,IAAI,IAAA,YAAO,EAAS,KAAK,CAAC,EAAE,CAAC;YAC3B,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;YACjC,SAAS;QACX,CAAC;QACD,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;YAChC,SAAS;QACX,CAAC;QACD,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;YAChC,SAAS;QACX,CAAC;QACD,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,GAAG,CAAC,GAAG,KAA+B,CAAC;YACjD,SAAS;QACX,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,sBAAsB,KAAY,aAAa,GAAG,EAAE,CAAC,CAAC;IACxE,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC;AAxCW,QAAA,iBAAiB,qBAwC5B"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { KryptosAlgorithm } from "@lindorm/kryptos";
|
|
2
|
-
import { Dict } from "@lindorm/types";
|
|
3
|
-
import {
|
|
4
|
-
export declare const createJwtVerify: (algorithm: KryptosAlgorithm, verify: VerifyJwtOptions, clockTolerance: number) => Dict
|
|
2
|
+
import { Dict, Predicate } from "@lindorm/types";
|
|
3
|
+
import { VerifyJwtOptions } from "../../types";
|
|
4
|
+
export declare const createJwtVerify: (algorithm: KryptosAlgorithm, verify: VerifyJwtOptions, clockTolerance: number) => Predicate<Dict>;
|
|
5
5
|
//# sourceMappingURL=jwt-verify.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-verify.d.ts","sourceRoot":"","sources":["../../../src/utils/private/jwt-verify.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"jwt-verify.d.ts","sourceRoot":"","sources":["../../../src/utils/private/jwt-verify.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,IAAI,EAAE,SAAS,EAAqB,MAAM,gBAAgB,CAAC;AACpE,OAAO,EAAa,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAwD1D,eAAO,MAAM,eAAe,GAC1B,WAAW,gBAAgB,EAC3B,QAAQ,gBAAgB,EACxB,gBAAgB,MAAM,KACrB,SAAS,CAAC,IAAI,CAoDhB,CAAC"}
|
|
@@ -53,57 +53,57 @@ const mapVerify = (key) => {
|
|
|
53
53
|
case "tokenType":
|
|
54
54
|
return "token_type";
|
|
55
55
|
default:
|
|
56
|
-
throw new Error(`Unsupported key: ${key}`);
|
|
56
|
+
throw new Error(`Unsupported key: ${key} for JWT verification`);
|
|
57
57
|
}
|
|
58
58
|
};
|
|
59
59
|
const createJwtVerify = (algorithm, verify, clockTolerance) => {
|
|
60
|
-
const
|
|
60
|
+
const predicate = {
|
|
61
61
|
iat: {
|
|
62
|
-
$or: [{ $exists: false }, { $
|
|
62
|
+
$or: [{ $exists: false }, { $lte: (0, date_1.addSeconds)(new Date(), clockTolerance) }],
|
|
63
63
|
},
|
|
64
64
|
nbf: {
|
|
65
|
-
$or: [{ $exists: false }, { $
|
|
65
|
+
$or: [{ $exists: false }, { $lte: (0, date_1.addSeconds)(new Date(), clockTolerance) }],
|
|
66
66
|
},
|
|
67
67
|
exp: {
|
|
68
|
-
$or: [{ $exists: false }, { $
|
|
68
|
+
$or: [{ $exists: false }, { $gte: (0, date_1.subSeconds)(new Date(), clockTolerance) }],
|
|
69
69
|
},
|
|
70
70
|
auth_time: {
|
|
71
|
-
$or: [{ $exists: false }, { $
|
|
71
|
+
$or: [{ $exists: false }, { $lte: (0, date_1.addSeconds)(new Date(), clockTolerance) }],
|
|
72
72
|
},
|
|
73
73
|
};
|
|
74
74
|
for (const [key, value] of Object.entries(verify)) {
|
|
75
75
|
const mapped = mapVerify(key);
|
|
76
76
|
if (mapped === "at_hash" && (0, is_1.isString)(value)) {
|
|
77
|
-
|
|
77
|
+
predicate[mapped] = { $eq: (0, create_hash_1.createAccessTokenHash)(algorithm, value) };
|
|
78
78
|
continue;
|
|
79
79
|
}
|
|
80
80
|
if (mapped === "c_hash" && (0, is_1.isString)(value)) {
|
|
81
|
-
|
|
81
|
+
predicate[mapped] = { $eq: (0, create_hash_1.createCodeHash)(algorithm, value) };
|
|
82
82
|
continue;
|
|
83
83
|
}
|
|
84
84
|
if (mapped === "s_hash" && (0, is_1.isString)(value)) {
|
|
85
|
-
|
|
85
|
+
predicate[mapped] = { $eq: (0, create_hash_1.createStateHash)(algorithm, value) };
|
|
86
86
|
continue;
|
|
87
87
|
}
|
|
88
88
|
if ((0, is_1.isArray)(value)) {
|
|
89
|
-
|
|
89
|
+
predicate[mapped] = { $all: value };
|
|
90
90
|
continue;
|
|
91
91
|
}
|
|
92
92
|
if ((0, is_1.isNumber)(value)) {
|
|
93
|
-
|
|
93
|
+
predicate[mapped] = { $eq: value };
|
|
94
94
|
continue;
|
|
95
95
|
}
|
|
96
96
|
if ((0, is_1.isString)(value)) {
|
|
97
|
-
|
|
97
|
+
predicate[mapped] = { $eq: value };
|
|
98
98
|
continue;
|
|
99
99
|
}
|
|
100
100
|
if ((0, is_1.isObject)(value)) {
|
|
101
|
-
|
|
101
|
+
predicate[mapped] = value;
|
|
102
102
|
continue;
|
|
103
103
|
}
|
|
104
104
|
throw new Error(`Unsupported value: ${value} for key: ${key}`);
|
|
105
105
|
}
|
|
106
|
-
return
|
|
106
|
+
return predicate;
|
|
107
107
|
};
|
|
108
108
|
exports.createJwtVerify = createJwtVerify;
|
|
109
109
|
//# sourceMappingURL=jwt-verify.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-verify.js","sourceRoot":"","sources":["../../../src/utils/private/jwt-verify.ts"],"names":[],"mappings":";;;AAAA,wCAAuD;AACvD,oCAAoE;AAIpE,+CAAuF;AAEvF,MAAM,SAAS,GAAG,CAAC,GAA2B,EAAmB,EAAE;IACjE,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,aAAa;YAChB,OAAO,SAAS,CAAC;QACnB,KAAK,qBAAqB;YACxB,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,QAAQ,CAAC;QAClB,KAAK,kBAAkB;YACrB,OAAO,KAAK,CAAC;QACf,KAAK,YAAY;YACf,OAAO,KAAK,CAAC;QACf,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,iBAAiB;YACpB,OAAO,KAAK,CAAC;QACf,KAAK,WAAW;YACd,OAAO,QAAQ,CAAC;QAClB,KAAK,UAAU;YACb,OAAO,WAAW,CAAC;QACrB,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,WAAW;YACd,OAAO,KAAK,CAAC;QACf,KAAK,QAAQ;YACX,OAAO,KAAK,CAAC;QACf,KAAK,kBAAkB;YACrB,OAAO,KAAK,CAAC;QACf,KAAK,OAAO;YACV,OAAO,OAAO,CAAC;QACjB,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,OAAO;YACV,OAAO,KAAK,CAAC;QACf,KAAK,OAAO;YACV,OAAO,OAAO,CAAC;QACjB,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,SAAS;YACZ,OAAO,KAAK,CAAC;QACf,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,WAAW;YACd,OAAO,YAAY,CAAC;QACtB;YACE,MAAM,IAAI,KAAK,CAAC,oBAAoB,
|
|
1
|
+
{"version":3,"file":"jwt-verify.js","sourceRoot":"","sources":["../../../src/utils/private/jwt-verify.ts"],"names":[],"mappings":";;;AAAA,wCAAuD;AACvD,oCAAoE;AAIpE,+CAAuF;AAEvF,MAAM,SAAS,GAAG,CAAC,GAA2B,EAAmB,EAAE;IACjE,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,aAAa;YAChB,OAAO,SAAS,CAAC;QACnB,KAAK,qBAAqB;YACxB,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,QAAQ,CAAC;QAClB,KAAK,kBAAkB;YACrB,OAAO,KAAK,CAAC;QACf,KAAK,YAAY;YACf,OAAO,KAAK,CAAC;QACf,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,iBAAiB;YACpB,OAAO,KAAK,CAAC;QACf,KAAK,WAAW;YACd,OAAO,QAAQ,CAAC;QAClB,KAAK,UAAU;YACb,OAAO,WAAW,CAAC;QACrB,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,WAAW;YACd,OAAO,KAAK,CAAC;QACf,KAAK,QAAQ;YACX,OAAO,KAAK,CAAC;QACf,KAAK,kBAAkB;YACrB,OAAO,KAAK,CAAC;QACf,KAAK,OAAO;YACV,OAAO,OAAO,CAAC;QACjB,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,OAAO;YACV,OAAO,KAAK,CAAC;QACf,KAAK,OAAO;YACV,OAAO,OAAO,CAAC;QACjB,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,SAAS;YACZ,OAAO,KAAK,CAAC;QACf,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,WAAW;YACd,OAAO,YAAY,CAAC;QACtB;YACE,MAAM,IAAI,KAAK,CAAC,oBAAoB,GAAU,uBAAuB,CAAC,CAAC;IAC3E,CAAC;AACH,CAAC,CAAC;AAEK,MAAM,eAAe,GAAG,CAC7B,SAA2B,EAC3B,MAAwB,EACxB,cAAsB,EACL,EAAE;IACnB,MAAM,SAAS,GAA6D;QAC1E,GAAG,EAAE;YACH,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;QACD,GAAG,EAAE;YACH,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;QACD,GAAG,EAAE;YACH,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;QACD,SAAS,EAAE;YACT,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;KACF,CAAC;IAEF,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,MAAM,MAAM,GAAG,SAAS,CAAC,GAA6B,CAAC,CAAC;QAExD,IAAI,MAAM,KAAK,SAAS,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAC5C,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,IAAA,mCAAqB,EAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YACrE,SAAS;QACX,CAAC;QACD,IAAI,MAAM,KAAK,QAAQ,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAC3C,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,IAAA,4BAAc,EAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAC9D,SAAS;QACX,CAAC;QACD,IAAI,MAAM,KAAK,QAAQ,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAC3C,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,IAAA,6BAAe,EAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAC/D,SAAS;QACX,CAAC;QACD,IAAI,IAAA,YAAO,EAAS,KAAK,CAAC,EAAE,CAAC;YAC3B,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;YACpC,SAAS;QACX,CAAC;QACD,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;YACnC,SAAS;QACX,CAAC;QACD,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;YACnC,SAAS;QACX,CAAC;QACD,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,MAAM,CAAC,GAAG,KAA+B,CAAC;YACpD,SAAS;QACX,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,sBAAsB,KAAY,aAAa,GAAG,EAAE,CAAC,CAAC;IACxE,CAAC;IAED,OAAO,SAA4B,CAAC;AACtC,CAAC,CAAC;AAxDW,QAAA,eAAe,mBAwD1B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token-header.d.ts","sourceRoot":"","sources":["../../../src/utils/private/token-header.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,kBAAkB,EAClB,iBAAiB,EACjB,oBAAoB,EACpB,kBAAkB,EACnB,MAAM,aAAa,CAAC;AAErB,eAAO,MAAM,cAAc,GAAI,SAAS,kBAAkB,KAAG,
|
|
1
|
+
{"version":3,"file":"token-header.d.ts","sourceRoot":"","sources":["../../../src/utils/private/token-header.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,kBAAkB,EAClB,iBAAiB,EACjB,oBAAoB,EACpB,kBAAkB,EACnB,MAAM,aAAa,CAAC;AAErB,eAAO,MAAM,cAAc,GAAI,SAAS,kBAAkB,KAAG,oBAgE5D,CAAC;AAEF,eAAO,MAAM,gBAAgB,GAAI,CAAC,SAAS,iBAAiB,GAAG,iBAAiB,EAC9E,SAAS,kBAAkB,KAC1B,CAiEF,CAAC"}
|
|
@@ -15,8 +15,6 @@ const mapTokenHeader = (options) => {
|
|
|
15
15
|
return "enc";
|
|
16
16
|
case "headerType":
|
|
17
17
|
return "typ";
|
|
18
|
-
case "hkdfSalt":
|
|
19
|
-
return "hkdf_salt";
|
|
20
18
|
case "jwk":
|
|
21
19
|
return "jwk";
|
|
22
20
|
case "jwksUri":
|
|
@@ -44,10 +42,9 @@ const mapTokenHeader = (options) => {
|
|
|
44
42
|
case "x5tS256":
|
|
45
43
|
return "x5t#S256";
|
|
46
44
|
default:
|
|
47
|
-
return
|
|
45
|
+
return key;
|
|
48
46
|
}
|
|
49
47
|
})
|
|
50
|
-
.filter(is_1.isString)
|
|
51
48
|
.sort();
|
|
52
49
|
return (0, utils_1.removeUndefined)({
|
|
53
50
|
alg: options.algorithm,
|
|
@@ -55,7 +52,6 @@ const mapTokenHeader = (options) => {
|
|
|
55
52
|
cty: options.contentType,
|
|
56
53
|
enc: (0, is_1.isString)(options.encryption) ? options.encryption : undefined,
|
|
57
54
|
epk: (0, is_1.isObject)(options.publicEncryptionJwk) ? options.publicEncryptionJwk : undefined,
|
|
58
|
-
hkdf_salt: options.hkdfSalt,
|
|
59
55
|
iv: options.initialisationVector,
|
|
60
56
|
jku: (0, is_1.isUrlLike)(options.jwksUri) ? options.jwksUri : undefined,
|
|
61
57
|
jwk: (0, is_1.isObject)(options.jwk) ? options.jwk : undefined,
|
|
@@ -84,8 +80,6 @@ const parseTokenHeader = (decoded) => {
|
|
|
84
80
|
return "encryption";
|
|
85
81
|
case "epk":
|
|
86
82
|
return "publicEncryptionJwk";
|
|
87
|
-
case "hkdf_salt":
|
|
88
|
-
return "hkdfSalt";
|
|
89
83
|
case "iv":
|
|
90
84
|
return "initialisationVector";
|
|
91
85
|
case "jku":
|
|
@@ -113,10 +107,9 @@ const parseTokenHeader = (decoded) => {
|
|
|
113
107
|
case "x5t#S256":
|
|
114
108
|
return "x5tS256";
|
|
115
109
|
default:
|
|
116
|
-
return
|
|
110
|
+
return key;
|
|
117
111
|
}
|
|
118
112
|
})
|
|
119
|
-
.filter(is_1.isString)
|
|
120
113
|
.sort() ?? [];
|
|
121
114
|
return (0, utils_1.removeUndefined)({
|
|
122
115
|
algorithm: decoded.alg,
|
|
@@ -124,7 +117,6 @@ const parseTokenHeader = (decoded) => {
|
|
|
124
117
|
critical,
|
|
125
118
|
encryption: decoded.enc,
|
|
126
119
|
headerType: decoded.typ,
|
|
127
|
-
hkdfSalt: decoded.hkdf_salt,
|
|
128
120
|
initialisationVector: decoded.iv,
|
|
129
121
|
jwk: decoded.jwk,
|
|
130
122
|
jwksUri: decoded.jku,
|