@lindorm/aegis 0.6.0 → 0.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +17 -0
- package/README.md +142 -180
- package/__tests__/jwe-interop.test.ts +3 -2
- package/__tests__/jwt-interop.test.ts +4 -7
- package/dist/classes/Aegis.d.ts +5 -5
- package/dist/classes/Aegis.d.ts.map +1 -1
- package/dist/classes/Aegis.js +35 -39
- package/dist/classes/Aegis.js.map +1 -1
- package/dist/classes/JweKit.d.ts +2 -2
- package/dist/classes/JweKit.d.ts.map +1 -1
- package/dist/classes/JweKit.js +47 -51
- package/dist/classes/JweKit.js.map +1 -1
- package/dist/classes/JwsKit.d.ts +2 -2
- package/dist/classes/JwsKit.d.ts.map +1 -1
- package/dist/classes/JwsKit.js +32 -36
- package/dist/classes/JwsKit.js.map +1 -1
- package/dist/classes/JwtKit.d.ts +3 -3
- package/dist/classes/JwtKit.d.ts.map +1 -1
- package/dist/classes/JwtKit.js +50 -54
- package/dist/classes/JwtKit.js.map +1 -1
- package/dist/classes/SignatureKit.d.ts +2 -2
- package/dist/classes/SignatureKit.d.ts.map +1 -1
- package/dist/classes/SignatureKit.js +13 -17
- package/dist/classes/SignatureKit.js.map +1 -1
- package/dist/classes/index.d.ts +5 -5
- package/dist/classes/index.d.ts.map +1 -1
- package/dist/classes/index.js +5 -21
- package/dist/classes/index.js.map +1 -1
- package/dist/constants/token-type.js +2 -5
- package/dist/constants/token-type.js.map +1 -1
- package/dist/errors/AegisError.js +2 -6
- package/dist/errors/AegisError.js.map +1 -1
- package/dist/errors/JweError.js +2 -6
- package/dist/errors/JweError.js.map +1 -1
- package/dist/errors/JwsError.js +2 -6
- package/dist/errors/JwsError.js.map +1 -1
- package/dist/errors/JwtError.js +2 -6
- package/dist/errors/JwtError.js.map +1 -1
- package/dist/errors/index.d.ts +4 -4
- package/dist/errors/index.d.ts.map +1 -1
- package/dist/errors/index.js +4 -20
- package/dist/errors/index.js.map +1 -1
- package/dist/guards/index.d.ts +2 -2
- package/dist/guards/index.d.ts.map +1 -1
- package/dist/guards/index.js +2 -18
- package/dist/guards/index.js.map +1 -1
- package/dist/guards/is-parsed-jws.d.ts +1 -1
- package/dist/guards/is-parsed-jws.d.ts.map +1 -1
- package/dist/guards/is-parsed-jws.js +1 -5
- package/dist/guards/is-parsed-jws.js.map +1 -1
- package/dist/guards/is-parsed-jwt.d.ts +1 -1
- package/dist/guards/is-parsed-jwt.d.ts.map +1 -1
- package/dist/guards/is-parsed-jwt.js +1 -5
- package/dist/guards/is-parsed-jwt.js.map +1 -1
- package/dist/index.d.ts +6 -7
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +5 -22
- package/dist/index.js.map +1 -1
- package/dist/interfaces/Aegis.d.ts +3 -3
- package/dist/interfaces/Aegis.d.ts.map +1 -1
- package/dist/interfaces/Aegis.js +1 -2
- package/dist/interfaces/JweKit.d.ts +1 -1
- package/dist/interfaces/JweKit.d.ts.map +1 -1
- package/dist/interfaces/JweKit.js +1 -2
- package/dist/interfaces/JwsKit.d.ts +1 -1
- package/dist/interfaces/JwsKit.d.ts.map +1 -1
- package/dist/interfaces/JwsKit.js +1 -2
- package/dist/interfaces/JwtKit.d.ts +2 -2
- package/dist/interfaces/JwtKit.d.ts.map +1 -1
- package/dist/interfaces/JwtKit.js +1 -2
- package/dist/interfaces/index.d.ts +4 -4
- package/dist/interfaces/index.d.ts.map +1 -1
- package/dist/interfaces/index.js +4 -20
- package/dist/interfaces/index.js.map +1 -1
- package/dist/internal/constants/aegis-profile-keys.js +1 -4
- package/dist/internal/constants/aegis-profile-keys.js.map +1 -1
- package/dist/internal/constants/format.js +1 -4
- package/dist/internal/constants/format.js.map +1 -1
- package/dist/internal/constants/header.js +13 -16
- package/dist/internal/constants/header.js.map +1 -1
- package/dist/internal/utils/compute-jwk-thumbprint.js +5 -9
- package/dist/internal/utils/compute-jwk-thumbprint.js.map +1 -1
- package/dist/internal/utils/compute-typ-header.d.ts +2 -2
- package/dist/internal/utils/compute-typ-header.d.ts.map +1 -1
- package/dist/internal/utils/compute-typ-header.js +6 -12
- package/dist/internal/utils/compute-typ-header.js.map +1 -1
- package/dist/internal/utils/create-hash.d.ts +1 -1
- package/dist/internal/utils/create-hash.d.ts.map +1 -1
- package/dist/internal/utils/create-hash.js +10 -17
- package/dist/internal/utils/create-hash.js.map +1 -1
- package/dist/internal/utils/extract-aegis-profile.d.ts +2 -2
- package/dist/internal/utils/extract-aegis-profile.d.ts.map +1 -1
- package/dist/internal/utils/extract-aegis-profile.js +6 -10
- package/dist/internal/utils/extract-aegis-profile.js.map +1 -1
- package/dist/internal/utils/extract-claims.d.ts +7 -7
- package/dist/internal/utils/extract-claims.d.ts.map +1 -1
- package/dist/internal/utils/extract-claims.js +47 -51
- package/dist/internal/utils/extract-claims.js.map +1 -1
- package/dist/internal/utils/extract-token-delegation.d.ts +2 -2
- package/dist/internal/utils/extract-token-delegation.d.ts.map +1 -1
- package/dist/internal/utils/extract-token-delegation.js +3 -7
- package/dist/internal/utils/extract-token-delegation.js.map +1 -1
- package/dist/internal/utils/generate-token-id.js +4 -8
- package/dist/internal/utils/generate-token-id.js.map +1 -1
- package/dist/internal/utils/jose-header.d.ts +1 -1
- package/dist/internal/utils/jose-header.d.ts.map +1 -1
- package/dist/internal/utils/jose-header.js +14 -19
- package/dist/internal/utils/jose-header.js.map +1 -1
- package/dist/internal/utils/jose-signature.d.ts +1 -1
- package/dist/internal/utils/jose-signature.d.ts.map +1 -1
- package/dist/internal/utils/jose-signature.js +7 -12
- package/dist/internal/utils/jose-signature.js.map +1 -1
- package/dist/internal/utils/jwt-payload.d.ts +3 -3
- package/dist/internal/utils/jwt-payload.d.ts.map +1 -1
- package/dist/internal/utils/jwt-payload.js +79 -86
- package/dist/internal/utils/jwt-payload.js.map +1 -1
- package/dist/internal/utils/jwt-validate.d.ts +2 -2
- package/dist/internal/utils/jwt-validate.d.ts.map +1 -1
- package/dist/internal/utils/jwt-validate.js +13 -17
- package/dist/internal/utils/jwt-validate.js.map +1 -1
- package/dist/internal/utils/jwt-verify.d.ts +3 -3
- package/dist/internal/utils/jwt-verify.d.ts.map +1 -1
- package/dist/internal/utils/jwt-verify.js +18 -22
- package/dist/internal/utils/jwt-verify.js.map +1 -1
- package/dist/internal/utils/parse-introspection.d.ts +2 -2
- package/dist/internal/utils/parse-introspection.d.ts.map +1 -1
- package/dist/internal/utils/parse-introspection.js +12 -16
- package/dist/internal/utils/parse-introspection.js.map +1 -1
- package/dist/internal/utils/parse-userinfo.d.ts +2 -2
- package/dist/internal/utils/parse-userinfo.d.ts.map +1 -1
- package/dist/internal/utils/parse-userinfo.js +10 -14
- package/dist/internal/utils/parse-userinfo.js.map +1 -1
- package/dist/internal/utils/resolve-cert-binding.d.ts +2 -2
- package/dist/internal/utils/resolve-cert-binding.d.ts.map +1 -1
- package/dist/internal/utils/resolve-cert-binding.js +3 -7
- package/dist/internal/utils/resolve-cert-binding.js.map +1 -1
- package/dist/internal/utils/token-header.d.ts +1 -1
- package/dist/internal/utils/token-header.d.ts.map +1 -1
- package/dist/internal/utils/token-header.js +15 -20
- package/dist/internal/utils/token-header.js.map +1 -1
- package/dist/internal/utils/validate-actor.d.ts +1 -1
- package/dist/internal/utils/validate-actor.d.ts.map +1 -1
- package/dist/internal/utils/validate-actor.js +1 -5
- package/dist/internal/utils/validate-actor.js.map +1 -1
- package/dist/internal/utils/validate-crit.js +1 -5
- package/dist/internal/utils/validate-crit.js.map +1 -1
- package/dist/internal/utils/validate.d.ts +1 -1
- package/dist/internal/utils/validate.d.ts.map +1 -1
- package/dist/internal/utils/validate.js +6 -10
- package/dist/internal/utils/validate.js.map +1 -1
- package/dist/internal/utils/verify-cert-binding.d.ts +3 -3
- package/dist/internal/utils/verify-cert-binding.d.ts.map +1 -1
- package/dist/internal/utils/verify-cert-binding.js +4 -8
- package/dist/internal/utils/verify-cert-binding.js.map +1 -1
- package/dist/internal/utils/verify-dpop-proof.d.ts +1 -1
- package/dist/internal/utils/verify-dpop-proof.d.ts.map +1 -1
- package/dist/internal/utils/verify-dpop-proof.js +23 -27
- package/dist/internal/utils/verify-dpop-proof.js.map +1 -1
- package/dist/mocks/create-mock-aegis.d.ts +3 -3
- package/dist/mocks/create-mock-aegis.d.ts.map +1 -1
- package/dist/mocks/create-mock-aegis.js +20 -20
- package/dist/mocks/create-mock-aegis.js.map +1 -1
- package/dist/mocks/jest.d.ts +5 -0
- package/dist/mocks/jest.d.ts.map +1 -0
- package/dist/mocks/jest.js +4 -0
- package/dist/mocks/jest.js.map +1 -0
- package/dist/mocks/vitest.d.ts +6 -0
- package/dist/mocks/vitest.d.ts.map +1 -0
- package/dist/mocks/vitest.js +5 -0
- package/dist/mocks/vitest.js.map +1 -0
- package/dist/types/aegis.d.ts +5 -5
- package/dist/types/aegis.d.ts.map +1 -1
- package/dist/types/aegis.js +1 -2
- package/dist/types/claims/act-claim.js +1 -2
- package/dist/types/claims/aegis-introspection.d.ts +6 -6
- package/dist/types/claims/aegis-introspection.d.ts.map +1 -1
- package/dist/types/claims/aegis-introspection.js +1 -2
- package/dist/types/claims/aegis-profile.js +1 -2
- package/dist/types/claims/aegis-userinfo.d.ts +1 -1
- package/dist/types/claims/aegis-userinfo.d.ts.map +1 -1
- package/dist/types/claims/aegis-userinfo.js +1 -2
- package/dist/types/claims/confirmation-claim.d.ts +1 -1
- package/dist/types/claims/confirmation-claim.d.ts.map +1 -1
- package/dist/types/claims/confirmation-claim.js +1 -2
- package/dist/types/claims/delegation-claims.d.ts +1 -1
- package/dist/types/claims/delegation-claims.d.ts.map +1 -1
- package/dist/types/claims/delegation-claims.js +1 -2
- package/dist/types/claims/index.d.ts +12 -12
- package/dist/types/claims/index.d.ts.map +1 -1
- package/dist/types/claims/index.js +12 -28
- package/dist/types/claims/index.js.map +1 -1
- package/dist/types/claims/jwt/act-claim-wire.js +1 -2
- package/dist/types/claims/jwt/confirmation-claim-wire.d.ts +1 -1
- package/dist/types/claims/jwt/confirmation-claim-wire.d.ts.map +1 -1
- package/dist/types/claims/jwt/confirmation-claim-wire.js +1 -2
- package/dist/types/claims/jwt/delegation-claims-wire.d.ts +1 -1
- package/dist/types/claims/jwt/delegation-claims-wire.d.ts.map +1 -1
- package/dist/types/claims/jwt/delegation-claims-wire.js +1 -2
- package/dist/types/claims/jwt/index.d.ts +9 -9
- package/dist/types/claims/jwt/index.d.ts.map +1 -1
- package/dist/types/claims/jwt/index.js +9 -25
- package/dist/types/claims/jwt/index.js.map +1 -1
- package/dist/types/claims/jwt/jwt-claims.d.ts +6 -6
- package/dist/types/claims/jwt/jwt-claims.d.ts.map +1 -1
- package/dist/types/claims/jwt/jwt-claims.js +1 -2
- package/dist/types/claims/jwt/lindorm-claims-wire.d.ts +2 -2
- package/dist/types/claims/jwt/lindorm-claims-wire.d.ts.map +1 -1
- package/dist/types/claims/jwt/lindorm-claims-wire.js +1 -2
- package/dist/types/claims/jwt/oauth-claims-wire.js +1 -2
- package/dist/types/claims/jwt/oidc-claims-wire.js +1 -2
- package/dist/types/claims/jwt/pop-claims-wire.d.ts +1 -1
- package/dist/types/claims/jwt/pop-claims-wire.d.ts.map +1 -1
- package/dist/types/claims/jwt/pop-claims-wire.js +1 -2
- package/dist/types/claims/jwt/std-claims-wire.js +1 -2
- package/dist/types/claims/lindorm-claims.d.ts +1 -1
- package/dist/types/claims/lindorm-claims.d.ts.map +1 -1
- package/dist/types/claims/lindorm-claims.js +1 -2
- package/dist/types/claims/oauth-claims.js +1 -2
- package/dist/types/claims/oidc-claims.js +1 -2
- package/dist/types/claims/pop-claims.d.ts +1 -1
- package/dist/types/claims/pop-claims.d.ts.map +1 -1
- package/dist/types/claims/pop-claims.js +1 -2
- package/dist/types/claims/std-claims.js +1 -2
- package/dist/types/header.d.ts +3 -3
- package/dist/types/header.d.ts.map +1 -1
- package/dist/types/header.js +1 -2
- package/dist/types/header.js.map +1 -1
- package/dist/types/index.d.ts +9 -9
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js +9 -25
- package/dist/types/index.js.map +1 -1
- package/dist/types/jwe/index.d.ts +4 -4
- package/dist/types/jwe/index.d.ts.map +1 -1
- package/dist/types/jwe/index.js +4 -20
- package/dist/types/jwe/index.js.map +1 -1
- package/dist/types/jwe/jwe-decode.d.ts +1 -1
- package/dist/types/jwe/jwe-decode.d.ts.map +1 -1
- package/dist/types/jwe/jwe-decode.js +1 -2
- package/dist/types/jwe/jwe-decrypt.d.ts +3 -3
- package/dist/types/jwe/jwe-decrypt.d.ts.map +1 -1
- package/dist/types/jwe/jwe-decrypt.js +1 -2
- package/dist/types/jwe/jwe-encrypt.d.ts +2 -2
- package/dist/types/jwe/jwe-encrypt.d.ts.map +1 -1
- package/dist/types/jwe/jwe-encrypt.js +1 -2
- package/dist/types/jwe/jwe-kit.d.ts +1 -1
- package/dist/types/jwe/jwe-kit.d.ts.map +1 -1
- package/dist/types/jwe/jwe-kit.js +1 -2
- package/dist/types/jws/index.d.ts +4 -4
- package/dist/types/jws/index.d.ts.map +1 -1
- package/dist/types/jws/index.js +4 -20
- package/dist/types/jws/index.js.map +1 -1
- package/dist/types/jws/jws-decode.d.ts +1 -1
- package/dist/types/jws/jws-decode.d.ts.map +1 -1
- package/dist/types/jws/jws-decode.js +1 -2
- package/dist/types/jws/jws-kit.d.ts +1 -1
- package/dist/types/jws/jws-kit.d.ts.map +1 -1
- package/dist/types/jws/jws-kit.js +1 -2
- package/dist/types/jws/jws-parse.d.ts +3 -3
- package/dist/types/jws/jws-parse.d.ts.map +1 -1
- package/dist/types/jws/jws-parse.js +1 -2
- package/dist/types/jws/jws-sign.d.ts +2 -2
- package/dist/types/jws/jws-sign.d.ts.map +1 -1
- package/dist/types/jws/jws-sign.js +1 -2
- package/dist/types/jwt/index.d.ts +9 -9
- package/dist/types/jwt/index.d.ts.map +1 -1
- package/dist/types/jwt/index.js +9 -25
- package/dist/types/jwt/index.js.map +1 -1
- package/dist/types/jwt/jwt-claim-matchers.d.ts +1 -1
- package/dist/types/jwt/jwt-claim-matchers.d.ts.map +1 -1
- package/dist/types/jwt/jwt-claim-matchers.js +1 -2
- package/dist/types/jwt/jwt-decode.d.ts +3 -3
- package/dist/types/jwt/jwt-decode.d.ts.map +1 -1
- package/dist/types/jwt/jwt-decode.js +1 -2
- package/dist/types/jwt/jwt-delegation.d.ts +1 -1
- package/dist/types/jwt/jwt-delegation.d.ts.map +1 -1
- package/dist/types/jwt/jwt-delegation.js +1 -2
- package/dist/types/jwt/jwt-dpop.js +1 -2
- package/dist/types/jwt/jwt-kit.d.ts +1 -1
- package/dist/types/jwt/jwt-kit.d.ts.map +1 -1
- package/dist/types/jwt/jwt-kit.js +1 -2
- package/dist/types/jwt/jwt-parse.d.ts +7 -7
- package/dist/types/jwt/jwt-parse.d.ts.map +1 -1
- package/dist/types/jwt/jwt-parse.js +1 -2
- package/dist/types/jwt/jwt-sign.d.ts +4 -4
- package/dist/types/jwt/jwt-sign.d.ts.map +1 -1
- package/dist/types/jwt/jwt-sign.js +1 -2
- package/dist/types/jwt/jwt-validate.d.ts +3 -3
- package/dist/types/jwt/jwt-validate.d.ts.map +1 -1
- package/dist/types/jwt/jwt-validate.js +1 -2
- package/dist/types/jwt/jwt-verify.d.ts +2 -2
- package/dist/types/jwt/jwt-verify.d.ts.map +1 -1
- package/dist/types/jwt/jwt-verify.js +1 -2
- package/dist/types/kit.d.ts +3 -3
- package/dist/types/kit.d.ts.map +1 -1
- package/dist/types/kit.js +1 -2
- package/dist/types/level-of-assurance.js +1 -2
- package/dist/types/signature-kit.d.ts +2 -2
- package/dist/types/signature-kit.d.ts.map +1 -1
- package/dist/types/signature-kit.js +1 -2
- package/package.json +33 -33
- package/vitest.config.mjs +6 -0
- package/__tests__/__mocks__/cbor.ts +0 -17
- package/dist/mocks/index.d.ts +0 -2
- package/dist/mocks/index.d.ts.map +0 -1
- package/dist/mocks/index.js +0 -6
- package/dist/mocks/index.js.map +0 -1
- package/jest.config.interop.mjs +0 -27
- package/tsconfig.interop.json +0 -9
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"create-hash.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/create-hash.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"create-hash.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/create-hash.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAIzD,KAAK,YAAY,GAAG,QAAQ,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAEnD,eAAO,MAAM,YAAY,GAAI,WAAW,gBAAgB,KAAG,YAM1D,CAAC;AAgBF,eAAO,MAAM,qBAAqB,GAChC,WAAW,gBAAgB,EAC3B,MAAM,MAAM,KACX,MAA0C,CAAC;AAE9C,eAAO,MAAM,cAAc,GAAI,WAAW,gBAAgB,EAAE,MAAM,MAAM,KAAG,MACzC,CAAC;AAEnC,eAAO,MAAM,eAAe,GAAI,WAAW,gBAAgB,EAAE,MAAM,MAAM,KAAG,MAC1C,CAAC"}
|
|
@@ -1,10 +1,7 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
const
|
|
5
|
-
const crypto_1 = require("crypto");
|
|
6
|
-
const format_1 = require("../constants/format");
|
|
7
|
-
const shaAlgorithm = (algorithm) => {
|
|
1
|
+
import { B64 } from "@lindorm/b64";
|
|
2
|
+
import { createHash as cryptoHash } from "crypto";
|
|
3
|
+
import { B64U } from "../constants/format.js";
|
|
4
|
+
export const shaAlgorithm = (algorithm) => {
|
|
8
5
|
if (algorithm.endsWith("256"))
|
|
9
6
|
return "SHA256";
|
|
10
7
|
if (algorithm.endsWith("384"))
|
|
@@ -13,19 +10,15 @@ const shaAlgorithm = (algorithm) => {
|
|
|
13
10
|
return "SHA512";
|
|
14
11
|
return "SHA256";
|
|
15
12
|
};
|
|
16
|
-
|
|
17
|
-
const createHashBuffer = (algorithm, data) => (0, crypto_1.createHash)(algorithm).update(data, "utf8").digest();
|
|
13
|
+
const createHashBuffer = (algorithm, data) => cryptoHash(algorithm).update(data, "utf8").digest();
|
|
18
14
|
const getLeftBits = (buffer, bits) => buffer.subarray(0, bits / 8);
|
|
19
15
|
const createHash = (algorithm, data, bits) => {
|
|
20
|
-
const sha =
|
|
16
|
+
const sha = shaAlgorithm(algorithm);
|
|
21
17
|
const buffer = createHashBuffer(sha, data);
|
|
22
18
|
const left = getLeftBits(buffer, bits);
|
|
23
|
-
return
|
|
19
|
+
return B64.encode(left, B64U);
|
|
24
20
|
};
|
|
25
|
-
const createAccessTokenHash = (algorithm, data) => createHash(algorithm, data, 128);
|
|
26
|
-
|
|
27
|
-
const
|
|
28
|
-
exports.createCodeHash = createCodeHash;
|
|
29
|
-
const createStateHash = (algorithm, data) => createHash(algorithm, data, 128);
|
|
30
|
-
exports.createStateHash = createStateHash;
|
|
21
|
+
export const createAccessTokenHash = (algorithm, data) => createHash(algorithm, data, 128);
|
|
22
|
+
export const createCodeHash = (algorithm, data) => createHash(algorithm, data, 256);
|
|
23
|
+
export const createStateHash = (algorithm, data) => createHash(algorithm, data, 128);
|
|
31
24
|
//# sourceMappingURL=create-hash.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"create-hash.js","sourceRoot":"","sources":["../../../src/internal/utils/create-hash.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"create-hash.js","sourceRoot":"","sources":["../../../src/internal/utils/create-hash.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AAEnC,OAAO,EAAE,UAAU,IAAI,UAAU,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,EAAE,IAAI,EAAE,MAAM,wBAAwB,CAAC;AAI9C,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,SAA2B,EAAgB,EAAE;IACxE,IAAI,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,QAAQ,CAAC;IAC/C,IAAI,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,QAAQ,CAAC;IAC/C,IAAI,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,QAAQ,CAAC;IAE/C,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAEF,MAAM,gBAAgB,GAAG,CAAC,SAAuB,EAAE,IAAY,EAAU,EAAE,CACzE,UAAU,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC;AAEtD,MAAM,WAAW,GAAG,CAAC,MAAc,EAAE,IAAY,EAAU,EAAE,CAC3D,MAAM,CAAC,QAAQ,CAAC,CAAC,EAAE,IAAI,GAAG,CAAC,CAAC,CAAC;AAE/B,MAAM,UAAU,GAAG,CAAC,SAA2B,EAAE,IAAY,EAAE,IAAY,EAAU,EAAE;IACrF,MAAM,GAAG,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;IACpC,MAAM,MAAM,GAAG,gBAAgB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,WAAW,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAEvC,OAAO,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;AAChC,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,qBAAqB,GAAG,CACnC,SAA2B,EAC3B,IAAY,EACJ,EAAE,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;AAE9C,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,SAA2B,EAAE,IAAY,EAAU,EAAE,CAClF,UAAU,CAAC,SAAS,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;AAEnC,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,SAA2B,EAAE,IAAY,EAAU,EAAE,CACnF,UAAU,CAAC,SAAS,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { Dict } from "@lindorm/types";
|
|
2
|
-
import { AegisProfile } from "../../types";
|
|
1
|
+
import type { Dict } from "@lindorm/types";
|
|
2
|
+
import type { AegisProfile } from "../../types/index.js";
|
|
3
3
|
export declare const extractAegisProfile: (data: Dict) => {
|
|
4
4
|
profile: AegisProfile | undefined;
|
|
5
5
|
rest: Dict;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"extract-aegis-profile.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/extract-aegis-profile.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"extract-aegis-profile.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/extract-aegis-profile.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAqBzD,eAAO,MAAM,mBAAmB,GAC9B,MAAM,IAAI,KACT;IAAE,OAAO,EAAE,YAAY,GAAG,SAAS,CAAC;IAAC,IAAI,EAAE,IAAI,CAAA;CA6BjD,CAAC"}
|
|
@@ -1,15 +1,12 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
const
|
|
5
|
-
const aegis_profile_keys_1 = require("../constants/aegis-profile-keys");
|
|
6
|
-
const AEGIS_PROFILE_CAMEL_KEYS = new Set(Object.keys((0, case_1.camelKeys)(Object.fromEntries([...aegis_profile_keys_1.AEGIS_PROFILE_WIRE_KEYS].map((k) => [k, 1])))));
|
|
7
|
-
const extractAegisProfile = (data) => {
|
|
1
|
+
import { camelKeys } from "@lindorm/case";
|
|
2
|
+
import { AEGIS_PROFILE_WIRE_KEYS } from "../constants/aegis-profile-keys.js";
|
|
3
|
+
const AEGIS_PROFILE_CAMEL_KEYS = new Set(Object.keys(camelKeys(Object.fromEntries([...AEGIS_PROFILE_WIRE_KEYS].map((k) => [k, 1])))));
|
|
4
|
+
export const extractAegisProfile = (data) => {
|
|
8
5
|
const profileWire = {};
|
|
9
6
|
const profileCamel = {};
|
|
10
7
|
const rest = {};
|
|
11
8
|
for (const [key, value] of Object.entries(data)) {
|
|
12
|
-
if (
|
|
9
|
+
if (AEGIS_PROFILE_WIRE_KEYS.has(key)) {
|
|
13
10
|
profileWire[key] = value;
|
|
14
11
|
}
|
|
15
12
|
else if (AEGIS_PROFILE_CAMEL_KEYS.has(key)) {
|
|
@@ -25,10 +22,9 @@ const extractAegisProfile = (data) => {
|
|
|
25
22
|
return { profile: undefined, rest };
|
|
26
23
|
}
|
|
27
24
|
const merged = {
|
|
28
|
-
...(hasWire ?
|
|
25
|
+
...(hasWire ? camelKeys(profileWire) : {}),
|
|
29
26
|
...profileCamel,
|
|
30
27
|
};
|
|
31
28
|
return { profile: merged, rest };
|
|
32
29
|
};
|
|
33
|
-
exports.extractAegisProfile = extractAegisProfile;
|
|
34
30
|
//# sourceMappingURL=extract-aegis-profile.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"extract-aegis-profile.js","sourceRoot":"","sources":["../../../src/internal/utils/extract-aegis-profile.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"extract-aegis-profile.js","sourceRoot":"","sources":["../../../src/internal/utils/extract-aegis-profile.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAG1C,OAAO,EAAE,uBAAuB,EAAE,MAAM,oCAAoC,CAAC;AAK7E,MAAM,wBAAwB,GAAwB,IAAI,GAAG,CAC3D,MAAM,CAAC,IAAI,CACT,SAAS,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,GAAG,uBAAuB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAC/E,CACF,CAAC;AAWF,MAAM,CAAC,MAAM,mBAAmB,GAAG,CACjC,IAAU,EACyC,EAAE;IACrD,MAAM,WAAW,GAAS,EAAE,CAAC;IAC7B,MAAM,YAAY,GAAS,EAAE,CAAC;IAC9B,MAAM,IAAI,GAAS,EAAE,CAAC;IAEtB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAChD,IAAI,uBAAuB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACrC,WAAW,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC3B,CAAC;aAAM,IAAI,wBAAwB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7C,YAAY,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC5B,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QACpB,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;IAEtD,IAAI,CAAC,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC1B,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;IACtC,CAAC;IAGD,MAAM,MAAM,GAAS;QACnB,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1C,GAAG,YAAY;KAChB,CAAC;IAEF,OAAO,EAAE,OAAO,EAAE,MAAsB,EAAE,IAAI,EAAE,CAAC;AACnD,CAAC,CAAC"}
|
|
@@ -1,10 +1,10 @@
|
|
|
1
|
-
import { Dict } from "@lindorm/types";
|
|
2
|
-
import { LindormClaims } from "../../types/claims/lindorm-claims";
|
|
3
|
-
import { OAuthClaims } from "../../types/claims/oauth-claims";
|
|
4
|
-
import { OidcClaims } from "../../types/claims/oidc-claims";
|
|
5
|
-
import { PopClaims } from "../../types/claims/pop-claims";
|
|
6
|
-
import { DelegationClaims } from "../../types/claims/delegation-claims";
|
|
7
|
-
import { StdClaims } from "../../types/claims/std-claims";
|
|
1
|
+
import type { Dict } from "@lindorm/types";
|
|
2
|
+
import type { LindormClaims } from "../../types/claims/lindorm-claims.js";
|
|
3
|
+
import type { OAuthClaims } from "../../types/claims/oauth-claims.js";
|
|
4
|
+
import type { OidcClaims } from "../../types/claims/oidc-claims.js";
|
|
5
|
+
import type { PopClaims } from "../../types/claims/pop-claims.js";
|
|
6
|
+
import type { DelegationClaims } from "../../types/claims/delegation-claims.js";
|
|
7
|
+
import type { StdClaims } from "../../types/claims/std-claims.js";
|
|
8
8
|
export type DomainClaims = StdClaims & OidcClaims & PopClaims & DelegationClaims & OAuthClaims & LindormClaims;
|
|
9
9
|
export type ExtractClaimsResult = {
|
|
10
10
|
claims: DomainClaims;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"extract-claims.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/extract-claims.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"extract-claims.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/extract-claims.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAI3C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sCAAsC,CAAC;AAC1E,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oCAAoC,CAAC;AACtE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,kCAAkC,CAAC;AAClE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yCAAyC,CAAC;AAChF,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,kCAAkC,CAAC;AAQlE,MAAM,MAAM,YAAY,GAAG,SAAS,GAClC,UAAU,GACV,SAAS,GACT,gBAAgB,GAChB,WAAW,GACX,aAAa,CAAC;AAEhB,MAAM,MAAM,mBAAmB,GAAG;IAChC,MAAM,EAAE,YAAY,CAAC;IACrB,IAAI,EAAE,IAAI,CAAC;CACZ,CAAC;AAwIF,eAAO,MAAM,mBAAmB,GAAI,OAAO,IAAI,KAAG,mBA4GjD,CAAC;AAIF,eAAO,MAAM,iBAAiB,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC,CAI7E,CAAC"}
|
|
@@ -1,8 +1,5 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
exports.DOMAIN_CLAIM_KEYS = exports.extractDomainClaims = void 0;
|
|
4
|
-
const is_1 = require("@lindorm/is");
|
|
5
|
-
const utils_1 = require("@lindorm/utils");
|
|
1
|
+
import { isArray, isFinite, isObject, isString } from "@lindorm/is";
|
|
2
|
+
import { removeUndefined } from "@lindorm/utils";
|
|
6
3
|
const FIELD_KEYS = {
|
|
7
4
|
subject: ["subject", "sub"],
|
|
8
5
|
expiresAt: ["expiresAt", "exp"],
|
|
@@ -44,35 +41,35 @@ const POP_KEYS = {
|
|
|
44
41
|
const toDate = (value) => {
|
|
45
42
|
if (value instanceof Date)
|
|
46
43
|
return value;
|
|
47
|
-
if (
|
|
44
|
+
if (isFinite(value))
|
|
48
45
|
return new Date(value * 1000);
|
|
49
46
|
return undefined;
|
|
50
47
|
};
|
|
51
48
|
const toStringArray = (value) => {
|
|
52
|
-
if (
|
|
49
|
+
if (isArray(value))
|
|
53
50
|
return value;
|
|
54
|
-
if (
|
|
51
|
+
if (isString(value))
|
|
55
52
|
return value.split(" ").filter(Boolean);
|
|
56
53
|
return undefined;
|
|
57
54
|
};
|
|
58
55
|
const toAudience = (value) => {
|
|
59
|
-
if (
|
|
56
|
+
if (isArray(value))
|
|
60
57
|
return value;
|
|
61
|
-
if (
|
|
58
|
+
if (isString(value))
|
|
62
59
|
return [value];
|
|
63
60
|
return undefined;
|
|
64
61
|
};
|
|
65
62
|
const toActClaim = (value) => {
|
|
66
|
-
if (!
|
|
63
|
+
if (!isObject(value))
|
|
67
64
|
return undefined;
|
|
68
65
|
const v = value;
|
|
69
|
-
const result =
|
|
70
|
-
subject:
|
|
71
|
-
issuer:
|
|
66
|
+
const result = removeUndefined({
|
|
67
|
+
subject: isString(v.subject) ? v.subject : isString(v.sub) ? v.sub : undefined,
|
|
68
|
+
issuer: isString(v.issuer) ? v.issuer : isString(v.iss) ? v.iss : undefined,
|
|
72
69
|
audience: toAudience(v.audience ?? v.aud),
|
|
73
|
-
clientId:
|
|
70
|
+
clientId: isString(v.clientId)
|
|
74
71
|
? v.clientId
|
|
75
|
-
:
|
|
72
|
+
: isString(v.client_id)
|
|
76
73
|
? v.client_id
|
|
77
74
|
: undefined,
|
|
78
75
|
act: toActClaim(v.act),
|
|
@@ -80,31 +77,31 @@ const toActClaim = (value) => {
|
|
|
80
77
|
return Object.keys(result).length > 0 ? result : undefined;
|
|
81
78
|
};
|
|
82
79
|
const toConfirmation = (value) => {
|
|
83
|
-
if (!
|
|
80
|
+
if (!isObject(value))
|
|
84
81
|
return undefined;
|
|
85
82
|
const v = value;
|
|
86
|
-
const result =
|
|
87
|
-
thumbprint:
|
|
83
|
+
const result = removeUndefined({
|
|
84
|
+
thumbprint: isString(v.thumbprint)
|
|
88
85
|
? v.thumbprint
|
|
89
|
-
:
|
|
86
|
+
: isString(v.jkt)
|
|
90
87
|
? v.jkt
|
|
91
88
|
: undefined,
|
|
92
|
-
mtlsCertThumbprint:
|
|
89
|
+
mtlsCertThumbprint: isString(v.mtlsCertThumbprint)
|
|
93
90
|
? v.mtlsCertThumbprint
|
|
94
|
-
:
|
|
91
|
+
: isString(v["x5t#S256"])
|
|
95
92
|
? v["x5t#S256"]
|
|
96
93
|
: undefined,
|
|
97
|
-
key:
|
|
94
|
+
key: isObject(v.key)
|
|
98
95
|
? v.key
|
|
99
|
-
:
|
|
96
|
+
: isObject(v.jwk)
|
|
100
97
|
? v.jwk
|
|
101
98
|
: undefined,
|
|
102
|
-
keyId:
|
|
103
|
-
jwkSetUri:
|
|
99
|
+
keyId: isString(v.keyId) ? v.keyId : isString(v.kid) ? v.kid : undefined,
|
|
100
|
+
jwkSetUri: isString(v.jwkSetUri) ? v.jwkSetUri : isString(v.jku) ? v.jku : undefined,
|
|
104
101
|
});
|
|
105
102
|
return Object.keys(result).length > 0 ? result : undefined;
|
|
106
103
|
};
|
|
107
|
-
const extractDomainClaims = (input) => {
|
|
104
|
+
export const extractDomainClaims = (input) => {
|
|
108
105
|
const consumed = new Set();
|
|
109
106
|
const consume = (keys) => {
|
|
110
107
|
for (const key of keys) {
|
|
@@ -147,43 +144,43 @@ const extractDomainClaims = (input) => {
|
|
|
147
144
|
const act = consume(RFC8693_KEYS.act);
|
|
148
145
|
const mayAct = consume(RFC8693_KEYS.mayAct);
|
|
149
146
|
const confirmation = consume(POP_KEYS.confirmation);
|
|
150
|
-
const claims =
|
|
151
|
-
subject:
|
|
147
|
+
const claims = removeUndefined({
|
|
148
|
+
subject: isString(subject) ? subject : undefined,
|
|
152
149
|
expiresAt: toDate(expiresAt),
|
|
153
150
|
issuedAt: toDate(issuedAt),
|
|
154
151
|
notBefore: toDate(notBefore),
|
|
155
|
-
issuer:
|
|
152
|
+
issuer: isString(issuer) ? issuer : undefined,
|
|
156
153
|
audience: toAudience(audience),
|
|
157
|
-
tokenId:
|
|
158
|
-
accessTokenHash:
|
|
159
|
-
authContextClass:
|
|
160
|
-
authMethods:
|
|
161
|
-
authorizedParty:
|
|
154
|
+
tokenId: isString(tokenId) ? tokenId : undefined,
|
|
155
|
+
accessTokenHash: isString(accessTokenHash) ? accessTokenHash : undefined,
|
|
156
|
+
authContextClass: isString(authContextClass) ? authContextClass : undefined,
|
|
157
|
+
authMethods: isArray(authMethods) ? authMethods : undefined,
|
|
158
|
+
authorizedParty: isString(authorizedParty) ? authorizedParty : undefined,
|
|
162
159
|
authTime: toDate(authTime),
|
|
163
|
-
codeHash:
|
|
164
|
-
nonce:
|
|
165
|
-
stateHash:
|
|
160
|
+
codeHash: isString(codeHash) ? codeHash : undefined,
|
|
161
|
+
nonce: isString(nonce) ? nonce : undefined,
|
|
162
|
+
stateHash: isString(stateHash) ? stateHash : undefined,
|
|
166
163
|
confirmation: toConfirmation(confirmation),
|
|
167
164
|
act: toActClaim(act),
|
|
168
165
|
mayAct: toActClaim(mayAct),
|
|
169
|
-
entitlements:
|
|
170
|
-
groups:
|
|
166
|
+
entitlements: isArray(entitlements) ? entitlements : undefined,
|
|
167
|
+
groups: isArray(groups) ? groups : undefined,
|
|
171
168
|
roles: toStringArray(roles),
|
|
172
|
-
adjustedAccessLevel:
|
|
169
|
+
adjustedAccessLevel: isFinite(adjustedAccessLevel)
|
|
173
170
|
? adjustedAccessLevel
|
|
174
171
|
: undefined,
|
|
175
|
-
authFactor:
|
|
176
|
-
clientId:
|
|
177
|
-
grantType:
|
|
178
|
-
levelOfAssurance:
|
|
172
|
+
authFactor: isArray(authFactor) ? authFactor : undefined,
|
|
173
|
+
clientId: isString(clientId) ? clientId : undefined,
|
|
174
|
+
grantType: isString(grantType) ? grantType : undefined,
|
|
175
|
+
levelOfAssurance: isFinite(levelOfAssurance)
|
|
179
176
|
? levelOfAssurance
|
|
180
177
|
: undefined,
|
|
181
178
|
permissions: toStringArray(permissions),
|
|
182
179
|
scope: toStringArray(scope),
|
|
183
|
-
sessionHint:
|
|
184
|
-
sessionId:
|
|
185
|
-
subjectHint:
|
|
186
|
-
tenantId:
|
|
180
|
+
sessionHint: isString(sessionHint) ? sessionHint : undefined,
|
|
181
|
+
sessionId: isString(sessionId) ? sessionId : undefined,
|
|
182
|
+
subjectHint: isString(subjectHint) ? subjectHint : undefined,
|
|
183
|
+
tenantId: isString(tenantId) ? tenantId : undefined,
|
|
187
184
|
});
|
|
188
185
|
const rest = {};
|
|
189
186
|
for (const key of Object.keys(input)) {
|
|
@@ -192,8 +189,7 @@ const extractDomainClaims = (input) => {
|
|
|
192
189
|
}
|
|
193
190
|
return { claims, rest };
|
|
194
191
|
};
|
|
195
|
-
|
|
196
|
-
exports.DOMAIN_CLAIM_KEYS = {
|
|
192
|
+
export const DOMAIN_CLAIM_KEYS = {
|
|
197
193
|
...FIELD_KEYS,
|
|
198
194
|
...RFC8693_KEYS,
|
|
199
195
|
...POP_KEYS,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"extract-claims.js","sourceRoot":"","sources":["../../../src/internal/utils/extract-claims.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"extract-claims.js","sourceRoot":"","sources":["../../../src/internal/utils/extract-claims.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEpE,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAmCjD,MAAM,UAAU,GAA0C;IAExD,OAAO,EAAE,CAAC,SAAS,EAAE,KAAK,CAAC;IAC3B,SAAS,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC;IAC/B,QAAQ,EAAE,CAAC,UAAU,EAAE,KAAK,CAAC;IAC7B,SAAS,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC;IAC/B,MAAM,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC;IACzB,QAAQ,EAAE,CAAC,UAAU,EAAE,KAAK,CAAC;IAC7B,OAAO,EAAE,CAAC,SAAS,EAAE,KAAK,CAAC;IAG3B,eAAe,EAAE,CAAC,iBAAiB,EAAE,SAAS,CAAC;IAC/C,gBAAgB,EAAE,CAAC,kBAAkB,EAAE,KAAK,CAAC;IAC7C,WAAW,EAAE,CAAC,aAAa,EAAE,KAAK,CAAC;IACnC,eAAe,EAAE,CAAC,iBAAiB,EAAE,KAAK,CAAC;IAC3C,QAAQ,EAAE,CAAC,UAAU,EAAE,WAAW,CAAC;IACnC,QAAQ,EAAE,CAAC,UAAU,EAAE,QAAQ,CAAC;IAChC,KAAK,EAAE,CAAC,OAAO,CAAC;IAChB,SAAS,EAAE,CAAC,WAAW,EAAE,QAAQ,CAAC;IAGlC,YAAY,EAAE,CAAC,cAAc,CAAC;IAC9B,MAAM,EAAE,CAAC,QAAQ,CAAC;IAClB,KAAK,EAAE,CAAC,OAAO,CAAC;IAGhB,mBAAmB,EAAE,CAAC,qBAAqB,EAAE,KAAK,CAAC;IACnD,UAAU,EAAE,CAAC,YAAY,EAAE,KAAK,CAAC;IACjC,QAAQ,EAAE,CAAC,UAAU,EAAE,WAAW,CAAC;IACnC,SAAS,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC;IAC/B,gBAAgB,EAAE,CAAC,kBAAkB,EAAE,KAAK,CAAC;IAC7C,WAAW,EAAE,CAAC,aAAa,CAAC;IAC5B,KAAK,EAAE,CAAC,OAAO,CAAC;IAChB,WAAW,EAAE,CAAC,aAAa,EAAE,KAAK,CAAC;IACnC,SAAS,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC;IAC/B,WAAW,EAAE,CAAC,aAAa,EAAE,KAAK,CAAC;IACnC,QAAQ,EAAE,CAAC,UAAU,EAAE,WAAW,CAAC;CACpC,CAAC;AAIF,MAAM,YAAY,GAAG;IACnB,GAAG,EAAE,CAAC,KAAK,CAAC;IACZ,MAAM,EAAE,CAAC,QAAQ,EAAE,SAAS,CAAC;CACrB,CAAC;AAEX,MAAM,QAAQ,GAAG;IACf,YAAY,EAAE,CAAC,cAAc,EAAE,KAAK,CAAC;CAC7B,CAAC;AAEX,MAAM,MAAM,GAAG,CAAC,KAAc,EAAoB,EAAE;IAClD,IAAI,KAAK,YAAY,IAAI;QAAE,OAAO,KAAK,CAAC;IACxC,IAAI,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC;IACnD,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC;AAEF,MAAM,aAAa,GAAG,CAAC,KAAc,EAA6B,EAAE;IAClE,IAAI,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,KAAsB,CAAC;IAClD,IAAI,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC7D,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC;AAEF,MAAM,UAAU,GAAG,CAAC,KAAc,EAA6B,EAAE;IAC/D,IAAI,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,KAAsB,CAAC;IAClD,IAAI,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,CAAC,KAAK,CAAC,CAAC;IACpC,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC;AAIF,MAAM,UAAU,GAAG,CAAC,KAAc,EAAwB,EAAE;IAC1D,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IACvC,MAAM,CAAC,GAAG,KAAK,CAAC;IAChB,MAAM,MAAM,GAAa,eAAe,CAAC;QACvC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QAC9E,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QAC3E,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC;QACzC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC;YAC5B,CAAC,CAAC,CAAC,CAAC,QAAQ;YACZ,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;gBACrB,CAAC,CAAC,CAAC,CAAC,SAAS;gBACb,CAAC,CAAC,SAAS;QACf,GAAG,EAAE,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC;KACvB,CAAC,CAAC;IACH,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;AAC7D,CAAC,CAAC;AAKF,MAAM,cAAc,GAAG,CAAC,KAAc,EAAiC,EAAE;IACvE,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IACvC,MAAM,CAAC,GAAG,KAAK,CAAC;IAChB,MAAM,MAAM,GAAsB,eAAe,CAAC;QAChD,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC;YAChC,CAAC,CAAC,CAAC,CAAC,UAAU;YACd,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC;gBACf,CAAC,CAAC,CAAC,CAAC,GAAG;gBACP,CAAC,CAAC,SAAS;QACf,kBAAkB,EAAE,QAAQ,CAAC,CAAC,CAAC,kBAAkB,CAAC;YAChD,CAAC,CAAC,CAAC,CAAC,kBAAkB;YACtB,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;gBACvB,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC;gBACf,CAAC,CAAC,SAAS;QACf,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC;YAClB,CAAC,CAAE,CAAC,CAAC,GAAgC;YACrC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC;gBACf,CAAC,CAAE,CAAC,CAAC,GAAgC;gBACrC,CAAC,CAAC,SAAS;QACf,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QACxE,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;KACrF,CAAC,CAAC;IACH,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;AAC7D,CAAC,CAAC;AAcF,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,KAAW,EAAuB,EAAE;IACtE,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAU,CAAC;IAEnC,MAAM,OAAO,GAAG,CAAC,IAA2B,EAAW,EAAE;QACvD,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,IAAI,GAAG,IAAI,KAAK,EAAE,CAAC;gBACjB,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAClB,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC;YACpB,CAAC;QACH,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC,CAAC;IAGF,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IAC5C,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IAChD,MAAM,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAC9C,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAC1C,MAAM,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAC9C,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IAE5C,MAAM,eAAe,GAAG,OAAO,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;IAC5D,MAAM,gBAAgB,GAAG,OAAO,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC;IAC9D,MAAM,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;IACpD,MAAM,eAAe,GAAG,OAAO,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;IAC5D,MAAM,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAC9C,MAAM,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAC9C,MAAM,KAAK,GAAG,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;IACxC,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IAEhD,MAAM,YAAY,GAAG,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;IACtD,MAAM,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAC1C,MAAM,KAAK,GAAG,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;IAExC,MAAM,mBAAmB,GAAG,OAAO,CAAC,UAAU,CAAC,mBAAmB,CAAC,CAAC;IACpE,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;IAClD,MAAM,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAC9C,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IAChD,MAAM,gBAAgB,GAAG,OAAO,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC;IAC9D,MAAM,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;IACpD,MAAM,KAAK,GAAG,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;IACxC,MAAM,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;IACpD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IAChD,MAAM,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAE9C,MAAM,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;IACtC,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC5C,MAAM,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;IAEpD,MAAM,MAAM,GAAiB,eAAe,CAAC;QAE3C,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;QAChD,SAAS,EAAE,MAAM,CAAC,SAAS,CAAC;QAC5B,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC;QAC1B,SAAS,EAAE,MAAM,CAAC,SAAS,CAAC;QAC5B,MAAM,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;QAC7C,QAAQ,EAAE,UAAU,CAAC,QAAQ,CAAC;QAC9B,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;QAGhD,eAAe,EAAE,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS;QACxE,gBAAgB,EAAE,QAAQ,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS;QAC3E,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAE,WAA6B,CAAC,CAAC,CAAC,SAAS;QAC9E,eAAe,EAAE,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS;QACxE,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC;QAC1B,QAAQ,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;QACnD,KAAK,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;QAC1C,SAAS,EAAE,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;QAGtD,YAAY,EAAE,cAAc,CAAC,YAAY,CAAC;QAG1C,GAAG,EAAE,UAAU,CAAC,GAAG,CAAC;QACpB,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC;QAG1B,YAAY,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAE,YAA8B,CAAC,CAAC,CAAC,SAAS;QACjF,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAE,MAAwB,CAAC,CAAC,CAAC,SAAS;QAC/D,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC;QAG3B,mBAAmB,EAAE,QAAQ,CAAsB,mBAAmB,CAAC;YACrE,CAAC,CAAC,mBAAmB;YACrB,CAAC,CAAC,SAAS;QACb,UAAU,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAE,UAA4B,CAAC,CAAC,CAAC,SAAS;QAC3E,QAAQ,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;QACnD,SAAS,EAAE,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;QACtD,gBAAgB,EAAE,QAAQ,CAAmB,gBAAgB,CAAC;YAC5D,CAAC,CAAC,gBAAgB;YAClB,CAAC,CAAC,SAAS;QACb,WAAW,EAAE,aAAa,CAAC,WAAW,CAAC;QACvC,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC;QAC3B,WAAW,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;QAC5D,SAAS,EAAE,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;QACtD,WAAW,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;QAC5D,QAAQ,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;KACpD,CAAC,CAAC;IAGH,MAAM,IAAI,GAAS,EAAE,CAAC;IACtB,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QACrC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC;IACjD,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;AAC1B,CAAC,CAAC;AAIF,MAAM,CAAC,MAAM,iBAAiB,GAAoD;IAChF,GAAG,UAAU;IACb,GAAG,YAAY;IACf,GAAG,QAAQ;CACZ,CAAC"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { ActClaimWire } from "../../types/claims/jwt/act-claim-wire";
|
|
2
|
-
import { TokenDelegation } from "../../types/jwt/jwt-delegation";
|
|
1
|
+
import type { ActClaimWire } from "../../types/claims/jwt/act-claim-wire.js";
|
|
2
|
+
import type { TokenDelegation } from "../../types/jwt/jwt-delegation.js";
|
|
3
3
|
export declare const extractTokenDelegation: (payload: {
|
|
4
4
|
act?: ActClaimWire;
|
|
5
5
|
}) => TokenDelegation;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"extract-token-delegation.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/extract-token-delegation.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,YAAY,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"extract-token-delegation.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/extract-token-delegation.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,0CAA0C,CAAC;AAC7E,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAmBzE,eAAO,MAAM,sBAAsB,GAAI,SAAS;IAC9C,GAAG,CAAC,EAAE,YAAY,CAAC;CACpB,KAAG,eAOH,CAAC"}
|
|
@@ -1,12 +1,9 @@
|
|
|
1
|
-
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.extractTokenDelegation = void 0;
|
|
4
|
-
const utils_1 = require("@lindorm/utils");
|
|
1
|
+
import { removeUndefined } from "@lindorm/utils";
|
|
5
2
|
const walkActChain = (act) => {
|
|
6
3
|
const chain = [];
|
|
7
4
|
let current = act;
|
|
8
5
|
while (current) {
|
|
9
|
-
chain.push(
|
|
6
|
+
chain.push(removeUndefined({
|
|
10
7
|
subject: current.sub,
|
|
11
8
|
issuer: current.iss,
|
|
12
9
|
audience: current.aud,
|
|
@@ -16,7 +13,7 @@ const walkActChain = (act) => {
|
|
|
16
13
|
}
|
|
17
14
|
return chain;
|
|
18
15
|
};
|
|
19
|
-
const extractTokenDelegation = (payload) => {
|
|
16
|
+
export const extractTokenDelegation = (payload) => {
|
|
20
17
|
const actorChain = walkActChain(payload.act);
|
|
21
18
|
return {
|
|
22
19
|
currentActor: actorChain[0]?.subject,
|
|
@@ -24,5 +21,4 @@ const extractTokenDelegation = (payload) => {
|
|
|
24
21
|
isDelegated: actorChain.length > 0,
|
|
25
22
|
};
|
|
26
23
|
};
|
|
27
|
-
exports.extractTokenDelegation = extractTokenDelegation;
|
|
28
24
|
//# sourceMappingURL=extract-token-delegation.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"extract-token-delegation.js","sourceRoot":"","sources":["../../../src/internal/utils/extract-token-delegation.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"extract-token-delegation.js","sourceRoot":"","sources":["../../../src/internal/utils/extract-token-delegation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAKjD,MAAM,YAAY,GAAG,CAAC,GAA6B,EAAmB,EAAE;IACtE,MAAM,KAAK,GAAoB,EAAE,CAAC;IAClC,IAAI,OAAO,GAAG,GAAG,CAAC;IAClB,OAAO,OAAO,EAAE,CAAC;QACf,KAAK,CAAC,IAAI,CACR,eAAe,CAAC;YACd,OAAO,EAAE,OAAO,CAAC,GAAG;YACpB,MAAM,EAAE,OAAO,CAAC,GAAG;YACnB,QAAQ,EAAE,OAAO,CAAC,GAAG;YACrB,QAAQ,EAAE,OAAO,CAAC,SAAS;SAC5B,CAAC,CACH,CAAC;QACF,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC;IACxB,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,OAEtC,EAAmB,EAAE;IACpB,MAAM,UAAU,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC7C,OAAO;QACL,YAAY,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,OAAO;QACpC,UAAU;QACV,WAAW,EAAE,UAAU,CAAC,MAAM,GAAG,CAAC;KACnC,CAAC;AACJ,CAAC,CAAC"}
|
|
@@ -1,9 +1,5 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
const
|
|
5
|
-
const crypto_1 = require("crypto");
|
|
6
|
-
const format_1 = require("../constants/format");
|
|
7
|
-
const generateTokenId = () => b64_1.B64.encode((0, crypto_1.randomBytes)(15), format_1.B64U);
|
|
8
|
-
exports.generateTokenId = generateTokenId;
|
|
1
|
+
import { B64 } from "@lindorm/b64";
|
|
2
|
+
import { randomBytes } from "crypto";
|
|
3
|
+
import { B64U } from "../constants/format.js";
|
|
4
|
+
export const generateTokenId = () => B64.encode(randomBytes(15), B64U);
|
|
9
5
|
//# sourceMappingURL=generate-token-id.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generate-token-id.js","sourceRoot":"","sources":["../../../src/internal/utils/generate-token-id.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"generate-token-id.js","sourceRoot":"","sources":["../../../src/internal/utils/generate-token-id.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AACrC,OAAO,EAAE,IAAI,EAAE,MAAM,wBAAwB,CAAC;AA6B9C,MAAM,CAAC,MAAM,eAAe,GAAG,GAAW,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { CertificateHeaderFields, DecodedTokenHeader, TokenHeaderOptions } from "../../types";
|
|
1
|
+
import type { CertificateHeaderFields, DecodedTokenHeader, TokenHeaderOptions } from "../../types/index.js";
|
|
2
2
|
export declare const encodeJoseHeader: (options: TokenHeaderOptions, cert?: CertificateHeaderFields) => string;
|
|
3
3
|
export declare const decodeJoseHeader: (header: string) => DecodedTokenHeader;
|
|
4
4
|
//# sourceMappingURL=jose-header.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jose-header.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/jose-header.ts"],"names":[],"mappings":"AAGA,OAAO,
|
|
1
|
+
{"version":3,"file":"jose-header.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/jose-header.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,uBAAuB,EACvB,kBAAkB,EAElB,kBAAkB,EACnB,MAAM,sBAAsB,CAAC;AAG9B,eAAO,MAAM,gBAAgB,GAC3B,SAAS,kBAAkB,EAC3B,OAAO,uBAAuB,KAC7B,MA6BF,CAAC;AAEF,eAAO,MAAM,gBAAgB,GAAI,QAAQ,MAAM,KAAG,kBAsBjD,CAAC"}
|
|
@@ -1,15 +1,12 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
const
|
|
6
|
-
const header_1 = require("../constants/header");
|
|
7
|
-
const token_header_1 = require("./token-header");
|
|
8
|
-
const encodeJoseHeader = (options, cert) => {
|
|
1
|
+
import { B64 } from "@lindorm/b64";
|
|
2
|
+
import { B64U } from "../constants/format.js";
|
|
3
|
+
import { TOKEN_HEADER_ALGORITHMS } from "../constants/header.js";
|
|
4
|
+
import { mapTokenHeader } from "./token-header.js";
|
|
5
|
+
export const encodeJoseHeader = (options, cert) => {
|
|
9
6
|
if (!options.algorithm) {
|
|
10
7
|
throw new Error("Algorithm is required");
|
|
11
8
|
}
|
|
12
|
-
if (!
|
|
9
|
+
if (!TOKEN_HEADER_ALGORITHMS.includes(options.algorithm)) {
|
|
13
10
|
throw new Error(`Invalid algorithm: ${options.algorithm}`);
|
|
14
11
|
}
|
|
15
12
|
if (!options.headerType) {
|
|
@@ -18,24 +15,23 @@ const encodeJoseHeader = (options, cert) => {
|
|
|
18
15
|
if (!options.keyId) {
|
|
19
16
|
throw new Error("Key ID is required");
|
|
20
17
|
}
|
|
21
|
-
const raw =
|
|
18
|
+
const raw = mapTokenHeader(options, cert);
|
|
22
19
|
const claims = {
|
|
23
20
|
...raw,
|
|
24
21
|
alg: options.algorithm,
|
|
25
|
-
iv: raw.iv ?
|
|
26
|
-
p2s: raw.p2s ?
|
|
27
|
-
tag: raw.tag ?
|
|
22
|
+
iv: raw.iv ? B64.encode(raw.iv, B64U) : undefined,
|
|
23
|
+
p2s: raw.p2s ? B64.encode(raw.p2s, B64U) : undefined,
|
|
24
|
+
tag: raw.tag ? B64.encode(raw.tag, B64U) : undefined,
|
|
28
25
|
};
|
|
29
|
-
return
|
|
26
|
+
return B64.encode(JSON.stringify(claims), B64U);
|
|
30
27
|
};
|
|
31
|
-
|
|
32
|
-
const
|
|
33
|
-
const string = b64_1.B64.toString(header);
|
|
28
|
+
export const decodeJoseHeader = (header) => {
|
|
29
|
+
const string = B64.toString(header);
|
|
34
30
|
const json = JSON.parse(string);
|
|
35
31
|
if (!json.alg || typeof json.alg !== "string") {
|
|
36
32
|
throw new Error("Missing or invalid token header: alg");
|
|
37
33
|
}
|
|
38
|
-
if (!
|
|
34
|
+
if (!TOKEN_HEADER_ALGORITHMS.includes(json.alg)) {
|
|
39
35
|
throw new Error(`Unsupported algorithm: ${json.alg}`);
|
|
40
36
|
}
|
|
41
37
|
if (json.typ !== undefined && typeof json.typ !== "string") {
|
|
@@ -43,5 +39,4 @@ const decodeJoseHeader = (header) => {
|
|
|
43
39
|
}
|
|
44
40
|
return json;
|
|
45
41
|
};
|
|
46
|
-
exports.decodeJoseHeader = decodeJoseHeader;
|
|
47
42
|
//# sourceMappingURL=jose-header.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jose-header.js","sourceRoot":"","sources":["../../../src/internal/utils/jose-header.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"jose-header.js","sourceRoot":"","sources":["../../../src/internal/utils/jose-header.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,IAAI,EAAE,MAAM,wBAAwB,CAAC;AAC9C,OAAO,EAAE,uBAAuB,EAAE,MAAM,wBAAwB,CAAC;AAOjE,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAEnD,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAC9B,OAA2B,EAC3B,IAA8B,EACtB,EAAE;IACV,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAC3C,CAAC;IACD,IAAI,CAAC,uBAAuB,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QACzD,MAAM,IAAI,KAAK,CAAC,sBAAsB,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;IAC7D,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACxC,CAAC;IAED,MAAM,GAAG,GAAG,cAAc,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAM1C,MAAM,MAAM,GAAsB;QAChC,GAAG,GAAG;QACN,GAAG,EAAE,OAAO,CAAC,SAAS;QACtB,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;QACjD,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;QACpD,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;KACrD,CAAC;IAEF,OAAO,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;AAClD,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,MAAc,EAAsB,EAAE;IACrE,MAAM,MAAM,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACpC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAA+B,CAAC;IAE9D,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,OAAO,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC9C,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;IAMD,IAAI,CAAE,uBAAiD,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3E,MAAM,IAAI,KAAK,CAAC,0BAA0B,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IACxD,CAAC;IAED,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,IAAI,OAAO,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC3D,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IAGD,OAAO,IAA0B,CAAC;AACpC,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jose-signature.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/jose-signature.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"jose-signature.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/jose-signature.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAIjD,KAAK,OAAO,GAAG;IACb,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,QAAQ,CAAC;CACnB,CAAC;AAEF,eAAO,MAAM,mBAAmB,GAAI,SAAS,OAAO,KAAG,MAMtD,CAAC;AAEF,eAAO,MAAM,mBAAmB,GAAI,SAAS,QAAQ,EAAE,OAAO,MAAM,KAAG,OAKtE,CAAC"}
|
|
@@ -1,19 +1,14 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
const classes_1 = require("../../classes");
|
|
5
|
-
const format_1 = require("../constants/format");
|
|
6
|
-
const createJoseSignature = (options) => {
|
|
1
|
+
import { SignatureKit } from "../../classes/index.js";
|
|
2
|
+
import { B64U } from "../constants/format.js";
|
|
3
|
+
export const createJoseSignature = (options) => {
|
|
7
4
|
const data = `${options.header}.${options.payload}`;
|
|
8
|
-
return new
|
|
5
|
+
return new SignatureKit({ kryptos: options.kryptos, raw: true })
|
|
9
6
|
.sign(data)
|
|
10
|
-
.toString(
|
|
7
|
+
.toString(B64U);
|
|
11
8
|
};
|
|
12
|
-
|
|
13
|
-
const verifyJoseSignature = (kryptos, token) => {
|
|
9
|
+
export const verifyJoseSignature = (kryptos, token) => {
|
|
14
10
|
const [header, payload, signature] = token.split(".");
|
|
15
11
|
const data = `${header}.${payload}`;
|
|
16
|
-
return new
|
|
12
|
+
return new SignatureKit({ kryptos, encoding: B64U, raw: true }).verify(data, signature);
|
|
17
13
|
};
|
|
18
|
-
exports.verifyJoseSignature = verifyJoseSignature;
|
|
19
14
|
//# sourceMappingURL=jose-signature.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jose-signature.js","sourceRoot":"","sources":["../../../src/internal/utils/jose-signature.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"jose-signature.js","sourceRoot":"","sources":["../../../src/internal/utils/jose-signature.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,IAAI,EAAE,MAAM,wBAAwB,CAAC;AAQ9C,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,OAAgB,EAAU,EAAE;IAC9D,MAAM,IAAI,GAAG,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;IAEpD,OAAO,IAAI,YAAY,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;SAC7D,IAAI,CAAC,IAAI,CAAC;SACV,QAAQ,CAAC,IAAI,CAAC,CAAC;AACpB,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,OAAiB,EAAE,KAAa,EAAW,EAAE;IAC/E,MAAM,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACtD,MAAM,IAAI,GAAG,GAAG,MAAM,IAAI,OAAO,EAAE,CAAC;IAEpC,OAAO,IAAI,YAAY,CAAC,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;AAC1F,CAAC,CAAC"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import { KryptosAlgorithm } from "@lindorm/kryptos";
|
|
2
|
-
import { Dict } from "@lindorm/types";
|
|
3
|
-
import { JwtClaims, ParsedJwtPayload, SignJwtContent, SignJwtOptions } from "../../types";
|
|
1
|
+
import type { KryptosAlgorithm } from "@lindorm/kryptos";
|
|
2
|
+
import type { Dict } from "@lindorm/types";
|
|
3
|
+
import type { JwtClaims, ParsedJwtPayload, SignJwtContent, SignJwtOptions } from "../../types/index.js";
|
|
4
4
|
type Config = {
|
|
5
5
|
algorithm: KryptosAlgorithm;
|
|
6
6
|
issuer: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-payload.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/jwt-payload.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"jwt-payload.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/jwt-payload.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACzD,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAI3C,OAAO,KAAK,EAGV,SAAS,EACT,gBAAgB,EAChB,cAAc,EACd,cAAc,EACf,MAAM,sBAAsB,CAAC;AAM9B,KAAK,MAAM,GAAG;IACZ,SAAS,EAAE,gBAAgB,CAAC;IAC5B,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,KAAK,YAAY,CAAC,CAAC,SAAS,IAAI,GAAG,IAAI,IAAI,SAAS,GAAG,CAAC,CAAC;AAEzD,KAAK,MAAM,GAAG;IACZ,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAWF,eAAO,MAAM,qBAAqB,GAAI,CAAC,SAAS,IAAI,GAAG,IAAI,EACzD,QAAQ,MAAM,EACd,SAAS,cAAc,CAAC,CAAC,CAAC,EAC1B,SAAS,cAAc,KACtB,SAoFF,CAAC;AAEF,eAAO,MAAM,gBAAgB,GAAI,CAAC,SAAS,IAAI,GAAG,IAAI,EACpD,QAAQ,MAAM,EACd,SAAS,cAAc,CAAC,CAAC,CAAC,EAC1B,SAAS,cAAc,KACtB,MAgBF,CAAC;AAEF,eAAO,MAAM,gBAAgB,GAAI,CAAC,SAAS,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,EAC3D,SAAS,MAAM,KACd,YAAY,CAAC,CAAC,CAAyD,CAAC;AAE3E,eAAO,MAAM,iBAAiB,GAAI,CAAC,SAAS,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,EAC5D,SAAS,YAAY,CAAC,CAAC,CAAC,KACvB,gBAAgB,CAAC,CAAC,CAoCpB,CAAC"}
|