npm - @logto/js - Versions diffs - 0.2.0 → 1.0.0-alpha.1 - Mend

@logto/js 0.2.0 → 1.0.0-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (35) hide show

package/lib/index.d.ts +187 -3
package/lib/index.d.ts.map +1 -0
package/lib/index.js +361 -16
package/lib/index.js.map +1 -0
package/lib/module.js +356 -0
package/lib/module.js.map +1 -0
package/package.json +15 -5
package/lib/consts/index.d.ts +0 -34
package/lib/consts/index.js +0 -38
package/lib/core/fetch-token.d.ts +0 -36
package/lib/core/fetch-token.js +0 -45
package/lib/core/index.d.ts +0 -5
package/lib/core/index.js +0 -17
package/lib/core/oidc-config.d.ts +0 -14
package/lib/core/oidc-config.js +0 -10
package/lib/core/revoke.d.ts +0 -2
package/lib/core/revoke.js +0 -13
package/lib/core/sign-in.d.ts +0 -12
package/lib/core/sign-in.js +0 -24
package/lib/core/sign-out.d.ts +0 -7
package/lib/core/sign-out.js +0 -12
package/lib/utils/callback-uri.d.ts +0 -2
package/lib/utils/callback-uri.js +0 -36
package/lib/utils/errors.d.ts +0 -33
package/lib/utils/errors.js +0 -54
package/lib/utils/generators.d.ts +0 -18
package/lib/utils/generators.js +0 -34
package/lib/utils/id-token.d.ts +0 -32
package/lib/utils/id-token.js +0 -60
package/lib/utils/index.d.ts +0 -6
package/lib/utils/index.js +0 -18
package/lib/utils/requester.d.ts +0 -2
package/lib/utils/requester.js +0 -20
package/lib/utils/scopes.d.ts +0 -5
package/lib/utils/scopes.js +0 -12

package/lib/core/oidc-config.d.ts DELETED Viewed

@@ -1,14 +0,0 @@
-import { KeysToCamelCase } from '@silverhand/essentials';
-import { Requester } from '../utils';
-declare type OidcConfigSnakeCaseResponse = {
-    authorization_endpoint: string;
-    token_endpoint: string;
-    end_session_endpoint: string;
-    revocation_endpoint: string;
-    jwks_uri: string;
-    issuer: string;
-};
-export declare const discoveryPath = "/oidc/.well-known/openid-configuration";
-export declare type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;
-export declare const fetchOidcConfig: (endpoint: string, requester: Requester) => Promise<OidcConfigResponse>;
-export {};

package/lib/core/oidc-config.js DELETED Viewed

@@ -1,10 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.fetchOidcConfig = exports.discoveryPath = void 0;
-const camelcase_keys_1 = __importDefault(require("camelcase-keys"));
-exports.discoveryPath = '/oidc/.well-known/openid-configuration';
-const fetchOidcConfig = async (endpoint, requester) => (0, camelcase_keys_1.default)(await requester(endpoint));
-exports.fetchOidcConfig = fetchOidcConfig;

package/lib/core/revoke.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- import { Requester } from '../utils';
2	- export declare const revoke: (revocationEndpoint: string, clientId: string, token: string, requester: Requester) => Promise<void>;

package/lib/core/revoke.js DELETED Viewed

@@ -1,13 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.revoke = void 0;
-const consts_1 = require("../consts");
-const revoke = async (revocationEndpoint, clientId, token, requester) => requester(revocationEndpoint, {
-    method: 'POST',
-    headers: consts_1.ContentType.formUrlEncoded,
-    body: new URLSearchParams({
-        [consts_1.QueryKey.ClientId]: clientId,
-        [consts_1.QueryKey.Token]: token,
-    }),
-});
-exports.revoke = revoke;

package/lib/core/sign-in.d.ts DELETED Viewed

@@ -1,12 +0,0 @@
-import { Prompt } from '../consts';
-export declare type SignInUriParameters = {
-    authorizationEndpoint: string;
-    clientId: string;
-    redirectUri: string;
-    codeChallenge: string;
-    state: string;
-    scopes?: string[];
-    resources?: string[];
-    prompt?: Prompt;
-};
-export declare const generateSignInUri: ({ authorizationEndpoint, clientId, redirectUri, codeChallenge, state, scopes, resources, prompt, }: SignInUriParameters) => string;

package/lib/core/sign-in.js DELETED Viewed

@@ -1,24 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.generateSignInUri = void 0;
-const consts_1 = require("../consts");
-const utils_1 = require("../utils");
-const codeChallengeMethod = 'S256';
-const responseType = 'code';
-const generateSignInUri = ({ authorizationEndpoint, clientId, redirectUri, codeChallenge, state, scopes, resources, prompt, }) => {
-    const urlSearchParameters = new URLSearchParams({
-        [consts_1.QueryKey.ClientId]: clientId,
-        [consts_1.QueryKey.RedirectUri]: redirectUri,
-        [consts_1.QueryKey.CodeChallenge]: codeChallenge,
-        [consts_1.QueryKey.CodeChallengeMethod]: codeChallengeMethod,
-        [consts_1.QueryKey.State]: state,
-        [consts_1.QueryKey.ResponseType]: responseType,
-        [consts_1.QueryKey.Prompt]: prompt ?? consts_1.Prompt.Consent,
-        [consts_1.QueryKey.Scope]: (0, utils_1.withReservedScopes)(scopes),
-    });
-    for (const resource of resources ?? []) {
-        urlSearchParameters.append(consts_1.QueryKey.Resource, resource);
-    }
-    return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;
-};
-exports.generateSignInUri = generateSignInUri;

package/lib/core/sign-out.d.ts DELETED Viewed

@@ -1,7 +0,0 @@
-declare type SignOutUriParameters = {
-    endSessionEndpoint: string;
-    idToken: string;
-    postLogoutRedirectUri?: string;
-};
-export declare const generateSignOutUri: ({ endSessionEndpoint, idToken, postLogoutRedirectUri, }: SignOutUriParameters) => string;
-export {};

package/lib/core/sign-out.js DELETED Viewed

@@ -1,12 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.generateSignOutUri = void 0;
-const consts_1 = require("../consts");
-const generateSignOutUri = ({ endSessionEndpoint, idToken, postLogoutRedirectUri, }) => {
-    const urlSearchParameters = new URLSearchParams({ [consts_1.QueryKey.IdTokenHint]: idToken });
-    if (postLogoutRedirectUri) {
-        urlSearchParameters.append(consts_1.QueryKey.PostLogoutRedirectUri, postLogoutRedirectUri);
-    }
-    return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;
-};
-exports.generateSignOutUri = generateSignOutUri;

package/lib/utils/callback-uri.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- export declare const parseUriParameters: (uri: string) => URLSearchParams;
2	- export declare const verifyAndParseCodeFromCallbackUri: (callbackUri: string, redirectUri: string, state: string) => string;

package/lib/utils/callback-uri.js DELETED Viewed

@@ -1,36 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.verifyAndParseCodeFromCallbackUri = exports.parseUriParameters = void 0;
-const essentials_1 = require("@silverhand/essentials");
-const consts_1 = require("../consts");
-const errors_1 = require("./errors");
-const parseUriParameters = (uri) => {
-    const [, queryString = ''] = uri.split('?');
-    return new URLSearchParams(queryString);
-};
-exports.parseUriParameters = parseUriParameters;
-// eslint-disable-next-line complexity
-const verifyAndParseCodeFromCallbackUri = (callbackUri, redirectUri, state) => {
-    if (!callbackUri.startsWith(redirectUri)) {
-        throw new errors_1.LogtoError('callback_uri_verification.redirect_uri_mismatched');
-    }
-    const uriParameters = (0, exports.parseUriParameters)(callbackUri);
-    const error = (0, essentials_1.conditional)(uriParameters.get(consts_1.QueryKey.Error));
-    const errorDescription = (0, essentials_1.conditional)(uriParameters.get(consts_1.QueryKey.ErrorDescription));
-    if (error) {
-        throw new errors_1.LogtoError('callback_uri_verification.error_found', new errors_1.OidcError(error, errorDescription));
-    }
-    const stateFromCallbackUri = uriParameters.get(consts_1.QueryKey.State);
-    if (!stateFromCallbackUri) {
-        throw new errors_1.LogtoError('callback_uri_verification.missing_state');
-    }
-    if (stateFromCallbackUri !== state) {
-        throw new errors_1.LogtoError('callback_uri_verification.state_mismatched');
-    }
-    const code = uriParameters.get(consts_1.QueryKey.Code);
-    if (!code) {
-        throw new errors_1.LogtoError('callback_uri_verification.missing_code');
-    }
-    return code;
-};
-exports.verifyAndParseCodeFromCallbackUri = verifyAndParseCodeFromCallbackUri;

package/lib/utils/errors.d.ts DELETED Viewed

@@ -1,33 +0,0 @@
-import { NormalizeKeyPaths } from '@silverhand/essentials';
-declare const logtoErrorCodes: Readonly<{
-    id_token: {
-        invalid_iat: string;
-        invalid_token: string;
-    };
-    callback_uri_verification: {
-        redirect_uri_mismatched: string;
-        error_found: string;
-        missing_state: string;
-        state_mismatched: string;
-        missing_code: string;
-    };
-    requester: {
-        not_provide_fetch: string;
-    };
-}>;
-export declare type LogtoErrorCode = NormalizeKeyPaths<typeof logtoErrorCodes>;
-export declare class LogtoError extends Error {
-    code: LogtoErrorCode;
-    data: unknown;
-    constructor(code: LogtoErrorCode, data?: unknown);
-}
-export declare class LogtoRequestError extends Error {
-    code: string;
-    constructor(code: string, message: string);
-}
-export declare class OidcError {
-    error: string;
-    errorDescription?: string;
-    constructor(error: string, errorDescription?: string);
-}
-export {};

package/lib/utils/errors.js DELETED Viewed

@@ -1,54 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.OidcError = exports.LogtoRequestError = exports.LogtoError = void 0;
-const lodash_get_1 = __importDefault(require("lodash.get"));
-const logtoErrorCodes = Object.freeze({
-    id_token: {
-        invalid_iat: 'Invalid issued at time',
-        invalid_token: 'Invalid token',
-    },
-    callback_uri_verification: {
-        redirect_uri_mismatched: 'Redirect URI mismatched',
-        error_found: 'Error found',
-        missing_state: 'Missing state',
-        state_mismatched: 'State mismatched',
-        missing_code: 'Missing code',
-    },
-    requester: {
-        not_provide_fetch: 'Should provide a fetch function under Node.js',
-    },
-});
-const getMessageByErrorCode = (errorCode) => {
-    // TODO: linear issue LOG-1419
-    // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
-    const message = (0, lodash_get_1.default)(logtoErrorCodes, errorCode);
-    if (typeof message === 'string') {
-        return message;
-    }
-    return errorCode;
-};
-class LogtoError extends Error {
-    constructor(code, data) {
-        super(getMessageByErrorCode(code));
-        this.code = code;
-        this.data = data;
-    }
-}
-exports.LogtoError = LogtoError;
-class LogtoRequestError extends Error {
-    constructor(code, message) {
-        super(message);
-        this.code = code;
-    }
-}
-exports.LogtoRequestError = LogtoRequestError;
-class OidcError {
-    constructor(error, errorDescription) {
-        this.error = error;
-        this.errorDescription = errorDescription;
-    }
-}
-exports.OidcError = OidcError;

package/lib/utils/generators.d.ts DELETED Viewed

@@ -1,18 +0,0 @@
-/** @link [Proof Key for Code Exchange by OAuth Public Clients](https://datatracker.ietf.org/doc/html/rfc7636) */
-/**
- * Generates random string for state and encodes them in url safe base64
- */
-export declare const generateState: () => string;
-/**
- * Generates code verifier
- *
- * @link [Client Creates a Code Verifier](https://datatracker.ietf.org/doc/html/rfc7636#section-4.1)
- */
-export declare const generateCodeVerifier: () => string;
-/**
- * Calculates the S256 PKCE code challenge for an arbitrary code verifier and encodes it in url safe base64
- *
- * @param {String} codeVerifier Code verifier to calculate the S256 code challenge for
- * @link [Client Creates the Code Challenge](https://datatracker.ietf.org/doc/html/rfc7636#section-4.2)
- */
-export declare const generateCodeChallenge: (codeVerifier: string) => Promise<string>;

package/lib/utils/generators.js DELETED Viewed

@@ -1,34 +0,0 @@
-"use strict";
-/** @link [Proof Key for Code Exchange by OAuth Public Clients](https://datatracker.ietf.org/doc/html/rfc7636) */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.generateCodeChallenge = exports.generateCodeVerifier = exports.generateState = void 0;
-const js_base64_1 = require("js-base64");
-/**
- * @param length The length of the raw random data.
- */
-const generateRandomString = (length = 64) => (0, js_base64_1.fromUint8Array)(crypto.getRandomValues(new Uint8Array(length)), true);
-/**
- * Generates random string for state and encodes them in url safe base64
- */
-const generateState = () => generateRandomString();
-exports.generateState = generateState;
-/**
- * Generates code verifier
- *
- * @link [Client Creates a Code Verifier](https://datatracker.ietf.org/doc/html/rfc7636#section-4.1)
- */
-const generateCodeVerifier = () => generateRandomString();
-exports.generateCodeVerifier = generateCodeVerifier;
-/**
- * Calculates the S256 PKCE code challenge for an arbitrary code verifier and encodes it in url safe base64
- *
- * @param {String} codeVerifier Code verifier to calculate the S256 code challenge for
- * @link [Client Creates the Code Challenge](https://datatracker.ietf.org/doc/html/rfc7636#section-4.2)
- */
-const generateCodeChallenge = async (codeVerifier) => {
-    const encodedCodeVerifier = new TextEncoder().encode(codeVerifier);
-    // TODO: crypto related to linear issue LOG-1517
-    const codeChallenge = new Uint8Array(await crypto.subtle.digest('SHA-256', encodedCodeVerifier));
-    return (0, js_base64_1.fromUint8Array)(codeChallenge, true);
-};
-exports.generateCodeChallenge = generateCodeChallenge;

package/lib/utils/id-token.d.ts DELETED Viewed

@@ -1,32 +0,0 @@
-import { JWTVerifyGetKey } from 'jose';
-import * as s from 'superstruct';
-/**
- * @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)
- */
-declare const IdTokenClaimsSchema: s.Struct<{
-    iss: string;
-    sub: string;
-    aud: string;
-    exp: number;
-    iat: number;
-    at_hash?: string | null | undefined;
-    name?: string | null | undefined;
-    username?: string | null | undefined;
-    avatar?: string | null | undefined;
-    role_names?: string[] | null | undefined;
-}, {
-    iss: s.Struct<string, null>;
-    sub: s.Struct<string, null>;
-    aud: s.Struct<string, null>;
-    exp: s.Struct<number, null>;
-    iat: s.Struct<number, null>;
-    at_hash: s.Struct<string | null | undefined, null>;
-    name: s.Struct<string | null | undefined, null>;
-    username: s.Struct<string | null | undefined, null>;
-    avatar: s.Struct<string | null | undefined, null>;
-    role_names: s.Struct<string[] | null | undefined, s.Struct<string, null>>;
-}>;
-export declare type IdTokenClaims = s.Infer<typeof IdTokenClaimsSchema>;
-export declare const verifyIdToken: (idToken: string, clientId: string, issuer: string, jwks: JWTVerifyGetKey) => Promise<void>;
-export declare const decodeIdToken: (token: string) => IdTokenClaims;
-export {};

package/lib/utils/id-token.js DELETED Viewed

@@ -1,60 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.decodeIdToken = exports.verifyIdToken = void 0;
-const essentials_1 = require("@silverhand/essentials");
-const jose_1 = require("jose");
-const s = __importStar(require("superstruct"));
-const errors_1 = require("./errors");
-const issuedAtTimeTolerance = 60;
-/**
- * @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)
- */
-const IdTokenClaimsSchema = s.type({
-    iss: s.string(),
-    sub: s.string(),
-    aud: s.string(),
-    exp: s.number(),
-    iat: s.number(),
-    at_hash: s.nullable(s.optional(s.string())),
-    name: s.nullable(s.optional(s.string())),
-    username: s.nullable(s.optional(s.string())),
-    avatar: s.nullable(s.optional(s.string())),
-    role_names: s.nullable(s.optional(s.array(s.string()))),
-});
-const verifyIdToken = async (idToken, clientId, issuer, jwks) => {
-    const result = await (0, jose_1.jwtVerify)(idToken, jwks, { audience: clientId, issuer });
-    if (Math.abs((result.payload.iat ?? 0) - Date.now() / 1000) > issuedAtTimeTolerance) {
-        throw new errors_1.LogtoError('id_token.invalid_iat');
-    }
-};
-exports.verifyIdToken = verifyIdToken;
-const decodeIdToken = (token) => {
-    const { 1: encodedPayload } = token.split('.');
-    if (!encodedPayload) {
-        throw new errors_1.LogtoError('id_token.invalid_token');
-    }
-    const json = essentials_1.UrlSafeBase64.decode(encodedPayload);
-    const idTokenClaims = JSON.parse(json);
-    s.assert(idTokenClaims, IdTokenClaimsSchema);
-    return idTokenClaims;
-};
-exports.decodeIdToken = decodeIdToken;

package/lib/utils/index.d.ts DELETED Viewed

@@ -1,6 +0,0 @@
-export * from './callback-uri';
-export * from './errors';
-export * from './generators';
-export * from './id-token';
-export * from './requester';
-export * from './scopes';

package/lib/utils/index.js DELETED Viewed

@@ -1,18 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./callback-uri"), exports);
-__exportStar(require("./errors"), exports);
-__exportStar(require("./generators"), exports);
-__exportStar(require("./id-token"), exports);
-__exportStar(require("./requester"), exports);
-__exportStar(require("./scopes"), exports);

package/lib/utils/requester.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- export declare const createRequester: (fetchFunction?: typeof fetch \| undefined) => <T>(input: RequestInfo, init?: RequestInit \| undefined) => Promise<T>;
2	- export declare type Requester = ReturnType<typeof createRequester>;

package/lib/utils/requester.js DELETED Viewed

@@ -1,20 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createRequester = void 0;
-const essentials_1 = require("@silverhand/essentials");
-const errors_1 = require("./errors");
-const createRequester = (fetchFunction) => {
-    if (!fetchFunction && (0, essentials_1.isNode)()) {
-        throw new errors_1.LogtoError('requester.not_provide_fetch');
-    }
-    return async (...args) => {
-        const response = await (fetchFunction ?? fetch)(...args);
-        if (!response.ok) {
-            // Expected request error from server
-            const { code, message } = await response.json();
-            throw new errors_1.LogtoRequestError(code, message);
-        }
-        return response.json();
-    };
-};
-exports.createRequester = createRequester;

package/lib/utils/scopes.d.ts DELETED Viewed

@@ -1,5 +0,0 @@
-/**
- * @param originalScopes
- * @return scopes should contain all reserved scopes ( Logto requires `openid` and `offline_access` )
- */
-export declare const withReservedScopes: (originalScopes?: string[] | undefined) => string;

package/lib/utils/scopes.js DELETED Viewed

@@ -1,12 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.withReservedScopes = void 0;
-/**
- * @param originalScopes
- * @return scopes should contain all reserved scopes ( Logto requires `openid` and `offline_access` )
- */
-const withReservedScopes = (originalScopes) => {
-    const uniqueScopes = new Set(['openid', 'offline_access', 'profile', ...(originalScopes ?? [])]);
-    return Array.from(uniqueScopes).join(' ');
-};
-exports.withReservedScopes = withReservedScopes;