@logto/js 1.0.0-alpha.2 → 1.0.0-beta.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +40 -0
- package/lib/index.d.ts +64 -73
- package/lib/index.d.ts.map +1 -1
- package/lib/index.js +46 -86
- package/lib/index.js.map +1 -1
- package/lib/module.js +47 -88
- package/lib/module.js.map +1 -1
- package/package.json +12 -15
package/README.md
ADDED
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
# Logto JS (Core) SDK
|
|
2
|
+
[](https://www.npmjs.com/package/@logto/js)
|
|
3
|
+
[](https://github.com/logto-io/js/actions/workflows/main.yml)
|
|
4
|
+
[](https://app.codecov.io/gh/logto-io/js?branch=master)
|
|
5
|
+
|
|
6
|
+
The Logto JavaScript Core SDK written in TypeScript. Check out our [docs](https://docs.logto.io/JavaScript/js/) for more information.
|
|
7
|
+
|
|
8
|
+
We also provide [文档](https://docs.logto.io/zh-cn/sdk/JavaScript/js/) in Simplified Chinese.
|
|
9
|
+
|
|
10
|
+
## Installation
|
|
11
|
+
|
|
12
|
+
### Using npm
|
|
13
|
+
|
|
14
|
+
```bash
|
|
15
|
+
npm install @logto/js
|
|
16
|
+
```
|
|
17
|
+
|
|
18
|
+
### Using yarn
|
|
19
|
+
|
|
20
|
+
```bash
|
|
21
|
+
yarn add @logto/js
|
|
22
|
+
```
|
|
23
|
+
|
|
24
|
+
### Using pnpm
|
|
25
|
+
|
|
26
|
+
```bash
|
|
27
|
+
pnpm add @logto/js
|
|
28
|
+
```
|
|
29
|
+
|
|
30
|
+
## What is this and how does it work?
|
|
31
|
+
|
|
32
|
+
Logto JavaScript SDK (a.k.a JS core) is the foundation of the entire JavaScript SDK family (Browser, Next.js, React, Vue, etc.). Usually you are not expected to use it directly in your application, as we have released a set of official SDKs to help you integrate Logto with your favorite JavaScript frameworks. [Check this out](https://docs.logto.io/docs/recipes/integrate-logto/) and get started!
|
|
33
|
+
|
|
34
|
+
If Logto does not support your framework and you want to contribute by building a new SDK from scratch, we recommend checking out our [Browser SDK](https://github.com/logto-io/js/tree/master/packages/browser) and [Node.js SDK](https://github.com/logto-io/js/tree/master/packages/node) and start from there.
|
|
35
|
+
|
|
36
|
+
## Resources
|
|
37
|
+
|
|
38
|
+
[](https://logto.io/)
|
|
39
|
+
[](https://docs.logto.io/sdk/JavaScript/js/)
|
|
40
|
+
[](https://discord.gg/UEPaF3j5e6)
|
package/lib/index.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { JWTVerifyGetKey } from "jose";
|
|
1
|
+
import { KeysToCamelCase, NormalizeKeyPaths } from "@silverhand/essentials";
|
|
3
2
|
import * as s from "superstruct";
|
|
3
|
+
import { JWTVerifyGetKey } from "jose";
|
|
4
4
|
export const ContentType: {
|
|
5
5
|
formUrlEncoded: {
|
|
6
6
|
'Content-Type': string;
|
|
@@ -35,6 +35,56 @@ export enum Prompt {
|
|
|
35
35
|
Consent = "consent",
|
|
36
36
|
Login = "login"
|
|
37
37
|
}
|
|
38
|
+
export type LogtoRequestErrorBody = {
|
|
39
|
+
code: string;
|
|
40
|
+
message: string;
|
|
41
|
+
};
|
|
42
|
+
export type Requester = <T>(...args: Parameters<typeof fetch>) => Promise<T>;
|
|
43
|
+
export type FetchTokenByAuthorizationCodeParameters = {
|
|
44
|
+
clientId: string;
|
|
45
|
+
tokenEndpoint: string;
|
|
46
|
+
redirectUri: string;
|
|
47
|
+
codeVerifier: string;
|
|
48
|
+
code: string;
|
|
49
|
+
resource?: string;
|
|
50
|
+
};
|
|
51
|
+
export type FetchTokenByRefreshTokenParameters = {
|
|
52
|
+
clientId: string;
|
|
53
|
+
tokenEndpoint: string;
|
|
54
|
+
refreshToken: string;
|
|
55
|
+
resource?: string;
|
|
56
|
+
scopes?: string[];
|
|
57
|
+
};
|
|
58
|
+
type SnakeCaseCodeTokenResponse = {
|
|
59
|
+
access_token: string;
|
|
60
|
+
refresh_token?: string;
|
|
61
|
+
id_token: string;
|
|
62
|
+
scope: string;
|
|
63
|
+
expires_in: number;
|
|
64
|
+
};
|
|
65
|
+
export type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;
|
|
66
|
+
type SnakeCaseRefreshTokenTokenResponse = {
|
|
67
|
+
access_token: string;
|
|
68
|
+
refresh_token: string;
|
|
69
|
+
id_token?: string;
|
|
70
|
+
scope: string;
|
|
71
|
+
expires_in: number;
|
|
72
|
+
};
|
|
73
|
+
export type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;
|
|
74
|
+
export const fetchTokenByAuthorizationCode: ({ clientId, tokenEndpoint, redirectUri, codeVerifier, code, resource, }: FetchTokenByAuthorizationCodeParameters, requester: Requester) => Promise<CodeTokenResponse>;
|
|
75
|
+
export const fetchTokenByRefreshToken: ({ clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters, requester: Requester) => Promise<RefreshTokenTokenResponse>;
|
|
76
|
+
type OidcConfigSnakeCaseResponse = {
|
|
77
|
+
authorization_endpoint: string;
|
|
78
|
+
token_endpoint: string;
|
|
79
|
+
end_session_endpoint: string;
|
|
80
|
+
revocation_endpoint: string;
|
|
81
|
+
jwks_uri: string;
|
|
82
|
+
issuer: string;
|
|
83
|
+
};
|
|
84
|
+
export const discoveryPath = "/oidc/.well-known/openid-configuration";
|
|
85
|
+
export type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;
|
|
86
|
+
export const fetchOidcConfig: (endpoint: string, requester: Requester) => Promise<OidcConfigResponse>;
|
|
87
|
+
export const revoke: (revocationEndpoint: string, clientId: string, token: string, requester: Requester) => Promise<void>;
|
|
38
88
|
declare const logtoErrorCodes: Readonly<{
|
|
39
89
|
id_token: {
|
|
40
90
|
invalid_iat: string;
|
|
@@ -47,10 +97,8 @@ declare const logtoErrorCodes: Readonly<{
|
|
|
47
97
|
state_mismatched: string;
|
|
48
98
|
missing_code: string;
|
|
49
99
|
};
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
};
|
|
53
|
-
crypto_subtle_unavailable: string;
|
|
100
|
+
crypto_subtle_unavailable: "Crypto.subtle is unavailable in insecure contexts (non-HTTPS).";
|
|
101
|
+
unexpected_response_error: "Unexpected response error from the server.";
|
|
54
102
|
}>;
|
|
55
103
|
export type LogtoErrorCode = NormalizeKeyPaths<typeof logtoErrorCodes>;
|
|
56
104
|
export class LogtoError extends Error {
|
|
@@ -58,34 +106,24 @@ export class LogtoError extends Error {
|
|
|
58
106
|
data: unknown;
|
|
59
107
|
constructor(code: LogtoErrorCode, data?: unknown);
|
|
60
108
|
}
|
|
109
|
+
export const logtoRequestErrorSchema: s.Struct<{
|
|
110
|
+
code: string;
|
|
111
|
+
message: string;
|
|
112
|
+
}, {
|
|
113
|
+
code: s.Struct<string, null>;
|
|
114
|
+
message: s.Struct<string, null>;
|
|
115
|
+
}>;
|
|
61
116
|
export class LogtoRequestError extends Error {
|
|
62
117
|
code: string;
|
|
63
118
|
constructor(code: string, message: string);
|
|
64
119
|
}
|
|
65
120
|
export class OidcError {
|
|
66
121
|
error: string;
|
|
67
|
-
errorDescription?: string;
|
|
68
|
-
constructor(error: string, errorDescription?: string);
|
|
122
|
+
errorDescription?: string | undefined;
|
|
123
|
+
constructor(error: string, errorDescription?: string | undefined);
|
|
69
124
|
}
|
|
70
125
|
export const parseUriParameters: (uri: string) => URLSearchParams;
|
|
71
126
|
export const verifyAndParseCodeFromCallbackUri: (callbackUri: string, redirectUri: string, state: string) => string;
|
|
72
|
-
/**
|
|
73
|
-
* Generates random string for state and encodes them in url safe base64
|
|
74
|
-
*/
|
|
75
|
-
export const generateState: () => string;
|
|
76
|
-
/**
|
|
77
|
-
* Generates code verifier
|
|
78
|
-
*
|
|
79
|
-
* @link [Client Creates a Code Verifier](https://datatracker.ietf.org/doc/html/rfc7636#section-4.1)
|
|
80
|
-
*/
|
|
81
|
-
export const generateCodeVerifier: () => string;
|
|
82
|
-
/**
|
|
83
|
-
* Calculates the S256 PKCE code challenge for an arbitrary code verifier and encodes it in url safe base64
|
|
84
|
-
*
|
|
85
|
-
* @param {String} codeVerifier Code verifier to calculate the S256 code challenge for
|
|
86
|
-
* @link [Client Creates the Code Challenge](https://datatracker.ietf.org/doc/html/rfc7636#section-4.2)
|
|
87
|
-
*/
|
|
88
|
-
export const generateCodeChallenge: (codeVerifier: string) => Promise<string>;
|
|
89
127
|
/**
|
|
90
128
|
* @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)
|
|
91
129
|
*/
|
|
@@ -115,58 +153,11 @@ declare const IdTokenClaimsSchema: s.Struct<{
|
|
|
115
153
|
export type IdTokenClaims = s.Infer<typeof IdTokenClaimsSchema>;
|
|
116
154
|
export const verifyIdToken: (idToken: string, clientId: string, issuer: string, jwks: JWTVerifyGetKey) => Promise<void>;
|
|
117
155
|
export const decodeIdToken: (token: string) => IdTokenClaims;
|
|
118
|
-
export const createRequester: (fetchFunction?: typeof fetch | undefined) => <T>(input: RequestInfo, init?: RequestInit | undefined) => Promise<T>;
|
|
119
|
-
export type Requester = ReturnType<typeof createRequester>;
|
|
120
156
|
/**
|
|
121
157
|
* @param originalScopes
|
|
122
158
|
* @return scopes should contain all reserved scopes ( Logto requires `openid` and `offline_access` )
|
|
123
159
|
*/
|
|
124
|
-
export const withReservedScopes: (originalScopes?: string[]
|
|
125
|
-
export type FetchTokenByAuthorizationCodeParameters = {
|
|
126
|
-
clientId: string;
|
|
127
|
-
tokenEndpoint: string;
|
|
128
|
-
redirectUri: string;
|
|
129
|
-
codeVerifier: string;
|
|
130
|
-
code: string;
|
|
131
|
-
resource?: string;
|
|
132
|
-
};
|
|
133
|
-
export type FetchTokenByRefreshTokenParameters = {
|
|
134
|
-
clientId: string;
|
|
135
|
-
tokenEndpoint: string;
|
|
136
|
-
refreshToken: string;
|
|
137
|
-
resource?: string;
|
|
138
|
-
scopes?: string[];
|
|
139
|
-
};
|
|
140
|
-
type SnakeCaseCodeTokenResponse = {
|
|
141
|
-
access_token: string;
|
|
142
|
-
refresh_token?: string;
|
|
143
|
-
id_token: string;
|
|
144
|
-
scope: string;
|
|
145
|
-
expires_in: number;
|
|
146
|
-
};
|
|
147
|
-
export type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;
|
|
148
|
-
type SnakeCaseRefreshTokenTokenResponse = {
|
|
149
|
-
access_token: string;
|
|
150
|
-
refresh_token: string;
|
|
151
|
-
id_token?: string;
|
|
152
|
-
scope: string;
|
|
153
|
-
expires_in: number;
|
|
154
|
-
};
|
|
155
|
-
export type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;
|
|
156
|
-
export const fetchTokenByAuthorizationCode: ({ clientId, tokenEndpoint, redirectUri, codeVerifier, code, resource, }: FetchTokenByAuthorizationCodeParameters, requester: Requester) => Promise<CodeTokenResponse>;
|
|
157
|
-
export const fetchTokenByRefreshToken: ({ clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters, requester: Requester) => Promise<RefreshTokenTokenResponse>;
|
|
158
|
-
type OidcConfigSnakeCaseResponse = {
|
|
159
|
-
authorization_endpoint: string;
|
|
160
|
-
token_endpoint: string;
|
|
161
|
-
end_session_endpoint: string;
|
|
162
|
-
revocation_endpoint: string;
|
|
163
|
-
jwks_uri: string;
|
|
164
|
-
issuer: string;
|
|
165
|
-
};
|
|
166
|
-
export const discoveryPath = "/oidc/.well-known/openid-configuration";
|
|
167
|
-
export type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;
|
|
168
|
-
export const fetchOidcConfig: (endpoint: string, requester: Requester) => Promise<OidcConfigResponse>;
|
|
169
|
-
export const revoke: (revocationEndpoint: string, clientId: string, token: string, requester: Requester) => Promise<void>;
|
|
160
|
+
export const withReservedScopes: (originalScopes?: string[]) => string;
|
|
170
161
|
export type SignInUriParameters = {
|
|
171
162
|
authorizationEndpoint: string;
|
|
172
163
|
clientId: string;
|
package/lib/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"mappings":";;;AAAA,OAAO,MAAM;;;;CAEZ,CAAC;AAEF;IACE,iBAAiB,uBAAuB;IACxC,YAAY,kBAAkB;CAC/B;AAED;IACE,QAAQ,cAAc;IACtB,IAAI,SAAS;IACb,aAAa,mBAAmB;IAChC,mBAAmB,0BAA0B;IAC7C,YAAY,kBAAkB;IAC9B,KAAK,UAAU;IACf,gBAAgB,sBAAsB;IACtC,SAAS,eAAe;IACxB,OAAO,aAAa;IACpB,WAAW,kBAAkB;IAC7B,qBAAqB,6BAA6B;IAClD,iBAAiB;IACjB,WAAW,iBAAiB;IAC5B,YAAY,kBAAkB;IAC9B,QAAQ,aAAa;IACrB,YAAY,kBAAkB;IAC9B,KAAK,UAAU;IACf,KAAK,UAAU;IACf,KAAK,UAAU;CAChB;AAED;IACE,OAAO,YAAY;IACnB,KAAK,UAAU;CAChB;
|
|
1
|
+
{"mappings":";;;AAAA,OAAO,MAAM;;;;CAEZ,CAAC;AAEF;IACE,iBAAiB,uBAAuB;IACxC,YAAY,kBAAkB;CAC/B;AAED;IACE,QAAQ,cAAc;IACtB,IAAI,SAAS;IACb,aAAa,mBAAmB;IAChC,mBAAmB,0BAA0B;IAC7C,YAAY,kBAAkB;IAC9B,KAAK,UAAU;IACf,gBAAgB,sBAAsB;IACtC,SAAS,eAAe;IACxB,OAAO,aAAa;IACpB,WAAW,kBAAkB;IAC7B,qBAAqB,6BAA6B;IAClD,iBAAiB;IACjB,WAAW,iBAAiB;IAC5B,YAAY,kBAAkB;IAC9B,QAAQ,aAAa;IACrB,YAAY,kBAAkB;IAC9B,KAAK,UAAU;IACf,KAAK,UAAU;IACf,KAAK,UAAU;CAChB;AAED;IACE,OAAO,YAAY;IACnB,KAAK,UAAU;CAChB;AClCD,oCAAoC;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,wBAAwB,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,UAAU,CAAC,OAAO,KAAK,CAAC,KAAK,OAAO,CAAC,CAAC,CAAC,CAAC;ACC7E,sDAAsD;IACpD,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,CAAC;AAEF,iDAAiD;IAC/C,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB,CAAC;AAEF,kCAAkC;IAChC,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,gCAAgC,gBAAgB,0BAA0B,CAAC,CAAC;AAE5E,0CAA0C;IACxC,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,wCAAwC,gBAAgB,kCAAkC,CAAC,CAAC;AAE5F,OAAO,MAAM,yGAQR,uCAAuC,aAC/B,SAAS,KACnB,QAAQ,iBAAiB,CAmB3B,CAAC;AAEF,OAAO,MAAM,wFACkD,kCAAkC,aACpF,SAAS,KACnB,QAAQ,yBAAyB,CAwBnC,CAAC;AChGF,mCAAmC;IACjC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,cAAc,EAAE,MAAM,CAAC;IACvB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,OAAO,MAAM,wDAAwD,CAAC;AAEtE,iCAAiC,gBAAgB,2BAA2B,CAAC,CAAC;AAE9E,OAAO,MAAM,4BACD,MAAM,aACL,SAAS,KACnB,QAAQ,kBAAkB,CAC0C,CAAC;ACnBxE,OAAO,MAAM,6BACS,MAAM,YAChB,MAAM,SACT,MAAM,aACF,SAAS,KACnB,QAAQ,IAAI,CAQX,CAAC;ACZL,QAAA,MAAM;;;;;;;;;;;;;;EAcJ,CAAC;AAEH,6BAA6B,kBAAkB,sBAAsB,CAAC,CAAC;AAavE,uBAAwB,SAAQ,KAAK;IACnC,IAAI,EAAE,cAAc,CAAC;IACrB,IAAI,EAAE,OAAO,CAAC;gBAEF,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,EAAE,OAAO;CAKjD;AAED,OAAO,MAAM;;;;;;EAGX,CAAC;AAEH,8BAA+B,SAAQ,KAAK;IAC1C,IAAI,EAAE,MAAM,CAAC;gBAED,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;CAI1C;AAED;IACqB,KAAK,EAAE,MAAM;IAAS,gBAAgB,CAAC;gBAAvC,KAAK,EAAE,MAAM,EAAS,gBAAgB,CAAC,oBAAQ;CACnE;ACvDD,OAAO,MAAM,0BAA2B,MAAM,oBAI7C,CAAC;AAGF,OAAO,MAAM,iDACE,MAAM,eACN,MAAM,SACZ,MAAM,WAkCd,CAAC;ACzCF;;GAEG;AACH,QAAA,MAAM;;;;;;;;;;;;;;;;;;;;;;EAWJ,CAAC;AAEH,4BAA4B,EAAE,KAAK,CAAC,0BAA0B,CAAC,CAAC;AAEhE,OAAO,MAAM,yBACF,MAAM,YACL,MAAM,UACR,MAAM,QACR,eAAe,kBAOtB,CAAC;AAEF,OAAO,MAAM,uBAAwB,MAAM,KAAG,aAY7C,CAAC;ACnDF;;;GAGG;AACH,OAAO,MAAM,sCAAuC,MAAM,EAAE,KAAG,MAI9D,CAAC;AEFF,kCAAkC;IAChC,qBAAqB,EAAE,MAAM,CAAC;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,OAAO,MAAM,wHASV,mBAAmB,WAiBrB,CAAC;ACzCF,4BAA4B;IAC1B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,qBAAqB,CAAC,EAAE,MAAM,CAAC;CAChC,CAAC;AAEF,OAAO,MAAM,8EAIV,oBAAoB,WAQtB,CAAC","sources":["packages/js/src/src/consts/index.ts","packages/js/src/src/types/index.ts","packages/js/src/src/core/fetch-token.ts","packages/js/src/src/core/oidc-config.ts","packages/js/src/src/core/revoke.ts","packages/js/src/src/utils/errors.ts","packages/js/src/src/utils/callback-uri.ts","packages/js/src/src/utils/id-token.ts","packages/js/src/src/utils/scopes.ts","packages/js/src/src/utils/index.ts","packages/js/src/src/core/sign-in.ts","packages/js/src/src/core/sign-out.ts","packages/js/src/src/core/index.ts","packages/js/src/src/index.ts","packages/js/src/index.ts"],"sourcesContent":[null,null,null,null,null,null,null,null,null,null,null,null,null,null,"/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\nexport * from './types';\n"],"names":[],"version":3,"file":"index.d.ts.map"}
|
package/lib/index.js
CHANGED
|
@@ -1,9 +1,8 @@
|
|
|
1
1
|
var $eVySA$camelcasekeys = require("camelcase-keys");
|
|
2
2
|
var $eVySA$silverhandessentials = require("@silverhand/essentials");
|
|
3
3
|
var $eVySA$lodashget = require("lodash.get");
|
|
4
|
-
var $eVySA$jsbase64 = require("js-base64");
|
|
5
|
-
var $eVySA$jose = require("jose");
|
|
6
4
|
var $eVySA$superstruct = require("superstruct");
|
|
5
|
+
var $eVySA$jose = require("jose");
|
|
7
6
|
|
|
8
7
|
function $parcel$exportWildcard(dest, source) {
|
|
9
8
|
Object.keys(source).forEach(function(key) {
|
|
@@ -45,36 +44,36 @@ const $5c367c11270b61f6$export$e2e108cbe2e4f865 = {
|
|
|
45
44
|
}
|
|
46
45
|
};
|
|
47
46
|
let $5c367c11270b61f6$export$3f2aafdd1ccae76c;
|
|
48
|
-
(function(
|
|
49
|
-
|
|
50
|
-
|
|
47
|
+
(function(TokenGrantType) {
|
|
48
|
+
TokenGrantType["AuthorizationCode"] = "authorization_code";
|
|
49
|
+
TokenGrantType["RefreshToken"] = "refresh_token";
|
|
51
50
|
})($5c367c11270b61f6$export$3f2aafdd1ccae76c || ($5c367c11270b61f6$export$3f2aafdd1ccae76c = {}));
|
|
52
51
|
let $5c367c11270b61f6$export$65f63a8bc3cba53d;
|
|
53
|
-
(function(
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
52
|
+
(function(QueryKey) {
|
|
53
|
+
QueryKey["ClientId"] = "client_id";
|
|
54
|
+
QueryKey["Code"] = "code";
|
|
55
|
+
QueryKey["CodeChallenge"] = "code_challenge";
|
|
56
|
+
QueryKey["CodeChallengeMethod"] = "code_challenge_method";
|
|
57
|
+
QueryKey["CodeVerifier"] = "code_verifier";
|
|
58
|
+
QueryKey["Error"] = "error";
|
|
59
|
+
QueryKey["ErrorDescription"] = "error_description";
|
|
60
|
+
QueryKey["GrantType"] = "grant_type";
|
|
61
|
+
QueryKey["IdToken"] = "id_token";
|
|
62
|
+
QueryKey["IdTokenHint"] = "id_token_hint";
|
|
63
|
+
QueryKey["PostLogoutRedirectUri"] = "post_logout_redirect_uri";
|
|
64
|
+
QueryKey["Prompt"] = "prompt";
|
|
65
|
+
QueryKey["RedirectUri"] = "redirect_uri";
|
|
66
|
+
QueryKey["RefreshToken"] = "refresh_token";
|
|
67
|
+
QueryKey["Resource"] = "resource";
|
|
68
|
+
QueryKey["ResponseType"] = "response_type";
|
|
69
|
+
QueryKey["Scope"] = "scope";
|
|
70
|
+
QueryKey["State"] = "state";
|
|
71
|
+
QueryKey["Token"] = "token";
|
|
73
72
|
})($5c367c11270b61f6$export$65f63a8bc3cba53d || ($5c367c11270b61f6$export$65f63a8bc3cba53d = {}));
|
|
74
73
|
let $5c367c11270b61f6$export$83716a4aa1642908;
|
|
75
|
-
(function(
|
|
76
|
-
|
|
77
|
-
|
|
74
|
+
(function(Prompt) {
|
|
75
|
+
Prompt["Consent"] = "consent";
|
|
76
|
+
Prompt["Login"] = "login";
|
|
78
77
|
})($5c367c11270b61f6$export$83716a4aa1642908 || ($5c367c11270b61f6$export$83716a4aa1642908 = {}));
|
|
79
78
|
|
|
80
79
|
|
|
@@ -146,28 +145,27 @@ $parcel$export($d3a7a037fd1d9433$exports, "verifyAndParseCodeFromCallbackUri", (
|
|
|
146
145
|
var $47fe17290a91cd19$exports = {};
|
|
147
146
|
|
|
148
147
|
$parcel$export($47fe17290a91cd19$exports, "LogtoError", () => $47fe17290a91cd19$export$ba60d77e6748b659);
|
|
148
|
+
$parcel$export($47fe17290a91cd19$exports, "logtoRequestErrorSchema", () => $47fe17290a91cd19$export$cccd51a00718f001);
|
|
149
149
|
$parcel$export($47fe17290a91cd19$exports, "LogtoRequestError", () => $47fe17290a91cd19$export$e6e15b8ba42b9b70);
|
|
150
150
|
$parcel$export($47fe17290a91cd19$exports, "OidcError", () => $47fe17290a91cd19$export$d4832bcf9ce430e0);
|
|
151
151
|
|
|
152
|
+
|
|
152
153
|
const $47fe17290a91cd19$var$logtoErrorCodes = Object.freeze({
|
|
153
154
|
id_token: {
|
|
154
|
-
invalid_iat: "Invalid issued at time",
|
|
155
|
-
invalid_token: "Invalid token"
|
|
155
|
+
invalid_iat: "Invalid issued at time in the ID token",
|
|
156
|
+
invalid_token: "Invalid ID token"
|
|
156
157
|
},
|
|
157
158
|
callback_uri_verification: {
|
|
158
|
-
redirect_uri_mismatched: "
|
|
159
|
-
error_found: "Error found",
|
|
160
|
-
missing_state: "Missing state",
|
|
161
|
-
state_mismatched: "State mismatched",
|
|
162
|
-
missing_code: "Missing code"
|
|
159
|
+
redirect_uri_mismatched: "The callback URI mismatches the redirect URI.",
|
|
160
|
+
error_found: "Error found in the callback URI",
|
|
161
|
+
missing_state: "Missing state in the callback URI",
|
|
162
|
+
state_mismatched: "State mismatched in the callback URI",
|
|
163
|
+
missing_code: "Missing code in the callback URI"
|
|
163
164
|
},
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
},
|
|
167
|
-
crypto_subtle_unavailable: "Crypto.subtle is unavailable in insecure contexts (non-HTTPS)."
|
|
165
|
+
crypto_subtle_unavailable: "Crypto.subtle is unavailable in insecure contexts (non-HTTPS).",
|
|
166
|
+
unexpected_response_error: "Unexpected response error from the server."
|
|
168
167
|
});
|
|
169
168
|
const $47fe17290a91cd19$var$getMessageByErrorCode = (errorCode)=>{
|
|
170
|
-
// TODO: linear issue LOG-1419
|
|
171
169
|
// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
|
|
172
170
|
const message = (0, ($parcel$interopDefault($eVySA$lodashget)))($47fe17290a91cd19$var$logtoErrorCodes, errorCode);
|
|
173
171
|
if (typeof message === "string") return message;
|
|
@@ -180,6 +178,10 @@ class $47fe17290a91cd19$export$ba60d77e6748b659 extends Error {
|
|
|
180
178
|
this.data = data;
|
|
181
179
|
}
|
|
182
180
|
}
|
|
181
|
+
const $47fe17290a91cd19$export$cccd51a00718f001 = $eVySA$superstruct.type({
|
|
182
|
+
code: $eVySA$superstruct.string(),
|
|
183
|
+
message: $eVySA$superstruct.string()
|
|
184
|
+
});
|
|
183
185
|
class $47fe17290a91cd19$export$e6e15b8ba42b9b70 extends Error {
|
|
184
186
|
constructor(code, message){
|
|
185
187
|
super(message);
|
|
@@ -214,31 +216,6 @@ const $d3a7a037fd1d9433$export$dc3fae3c99763885 = (callbackUri, redirectUri, sta
|
|
|
214
216
|
|
|
215
217
|
|
|
216
218
|
|
|
217
|
-
var $06fff6f93a1f66aa$exports = {};
|
|
218
|
-
|
|
219
|
-
$parcel$export($06fff6f93a1f66aa$exports, "generateState", () => $06fff6f93a1f66aa$export$9ccd2716e53a229b);
|
|
220
|
-
$parcel$export($06fff6f93a1f66aa$exports, "generateCodeVerifier", () => $06fff6f93a1f66aa$export$cf1891f923f5943a);
|
|
221
|
-
$parcel$export($06fff6f93a1f66aa$exports, "generateCodeChallenge", () => $06fff6f93a1f66aa$export$414b01b1f867308a);
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
/**
|
|
225
|
-
* @param length The length of the raw random data.
|
|
226
|
-
*/ const $06fff6f93a1f66aa$var$generateRandomString = (length = 64)=>(0, $eVySA$jsbase64.fromUint8Array)(crypto.getRandomValues(new Uint8Array(length)), true);
|
|
227
|
-
const $06fff6f93a1f66aa$export$9ccd2716e53a229b = ()=>$06fff6f93a1f66aa$var$generateRandomString();
|
|
228
|
-
const $06fff6f93a1f66aa$export$cf1891f923f5943a = ()=>$06fff6f93a1f66aa$var$generateRandomString();
|
|
229
|
-
const $06fff6f93a1f66aa$export$414b01b1f867308a = async (codeVerifier)=>{
|
|
230
|
-
// eslint-disable-next-line @typescript-eslint/no-unnecessary-condition
|
|
231
|
-
if (crypto.subtle === undefined) /**
|
|
232
|
-
* `crypto.subtle` is available only in secure contexts (HTTPS) in some or all supporting browsers,
|
|
233
|
-
* https://developer.mozilla.org/en-US/docs/Web/API/Crypto/subtle
|
|
234
|
-
* https://www.chromium.org/blink/webcrypto/#accessing-it
|
|
235
|
-
*/ throw new (0, $47fe17290a91cd19$export$ba60d77e6748b659)("crypto_subtle_unavailable");
|
|
236
|
-
const encodedCodeVerifier = new TextEncoder().encode(codeVerifier);
|
|
237
|
-
const codeChallenge = new Uint8Array(await crypto.subtle.digest("SHA-256", encodedCodeVerifier));
|
|
238
|
-
return (0, $eVySA$jsbase64.fromUint8Array)(codeChallenge, true);
|
|
239
|
-
};
|
|
240
|
-
|
|
241
|
-
|
|
242
219
|
var $c2fd0c04c48199e2$exports = {};
|
|
243
220
|
|
|
244
221
|
$parcel$export($c2fd0c04c48199e2$exports, "verifyIdToken", () => $c2fd0c04c48199e2$export$b5b3317c8aecbcd5);
|
|
@@ -279,25 +256,6 @@ const $c2fd0c04c48199e2$export$aac2d5b7f5cd16d5 = (token)=>{
|
|
|
279
256
|
};
|
|
280
257
|
|
|
281
258
|
|
|
282
|
-
var $4eeb0328a47154bc$exports = {};
|
|
283
|
-
|
|
284
|
-
$parcel$export($4eeb0328a47154bc$exports, "createRequester", () => $4eeb0328a47154bc$export$8d54726fdbf08e0a);
|
|
285
|
-
|
|
286
|
-
|
|
287
|
-
const $4eeb0328a47154bc$export$8d54726fdbf08e0a = (fetchFunction)=>{
|
|
288
|
-
if (!fetchFunction && (0, $eVySA$silverhandessentials.isNode)()) throw new (0, $47fe17290a91cd19$export$ba60d77e6748b659)("requester.not_provide_fetch");
|
|
289
|
-
return async (...args)=>{
|
|
290
|
-
const response = await (fetchFunction ?? fetch)(...args);
|
|
291
|
-
if (!response.ok) {
|
|
292
|
-
// Expected request error from server
|
|
293
|
-
const { code: code , message: message } = await response.json();
|
|
294
|
-
throw new (0, $47fe17290a91cd19$export$e6e15b8ba42b9b70)(code, message);
|
|
295
|
-
}
|
|
296
|
-
return response.json();
|
|
297
|
-
};
|
|
298
|
-
};
|
|
299
|
-
|
|
300
|
-
|
|
301
259
|
var $b85bdeea0b1e81a5$exports = {};
|
|
302
260
|
|
|
303
261
|
$parcel$export($b85bdeea0b1e81a5$exports, "withReservedScopes", () => $b85bdeea0b1e81a5$export$887ed125f549a57);
|
|
@@ -314,9 +272,7 @@ const $b85bdeea0b1e81a5$export$887ed125f549a57 = (originalScopes)=>{
|
|
|
314
272
|
|
|
315
273
|
$parcel$exportWildcard($10615ba3cc8a78f8$exports, $d3a7a037fd1d9433$exports);
|
|
316
274
|
$parcel$exportWildcard($10615ba3cc8a78f8$exports, $47fe17290a91cd19$exports);
|
|
317
|
-
$parcel$exportWildcard($10615ba3cc8a78f8$exports, $06fff6f93a1f66aa$exports);
|
|
318
275
|
$parcel$exportWildcard($10615ba3cc8a78f8$exports, $c2fd0c04c48199e2$exports);
|
|
319
|
-
$parcel$exportWildcard($10615ba3cc8a78f8$exports, $4eeb0328a47154bc$exports);
|
|
320
276
|
$parcel$exportWildcard($10615ba3cc8a78f8$exports, $b85bdeea0b1e81a5$exports);
|
|
321
277
|
|
|
322
278
|
|
|
@@ -360,9 +316,13 @@ $parcel$exportWildcard($a722dce254028e46$exports, $1dac903ccb175f85$exports);
|
|
|
360
316
|
|
|
361
317
|
|
|
362
318
|
|
|
319
|
+
var $1f7598f829ce4be1$exports = {};
|
|
320
|
+
|
|
321
|
+
|
|
363
322
|
$parcel$exportWildcard(module.exports, $a722dce254028e46$exports);
|
|
364
323
|
$parcel$exportWildcard(module.exports, $10615ba3cc8a78f8$exports);
|
|
365
324
|
$parcel$exportWildcard(module.exports, $5c367c11270b61f6$exports);
|
|
325
|
+
$parcel$exportWildcard(module.exports, $1f7598f829ce4be1$exports);
|
|
366
326
|
|
|
367
327
|
|
|
368
328
|
//# sourceMappingURL=index.js.map
|
package/lib/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AEAA;;;;;;;ACAO,MAAM,yCAAW,GAAG;IACzB,cAAc,EAAE;QAAE,cAAc,EAAE,mCAAmC;KAAE;CACxE,AAAC;IAEK,yCAGN;UAHW,eAAc;IAAd,eAAc,CACxB,mBAAiB,IAAG,oBAAoB;IAD9B,eAAc,CAExB,cAAY,IAAG,eAAe;GAFpB,yCAAc,KAAd,yCAAc;IAKnB,yCAoBN;UApBW,SAAQ;IAAR,SAAQ,CAClB,UAAQ,IAAG,WAAW;IADZ,SAAQ,CAElB,MAAI,IAAG,MAAM;IAFH,SAAQ,CAGlB,eAAa,IAAG,gBAAgB;IAHtB,SAAQ,CAIlB,qBAAmB,IAAG,uBAAuB;IAJnC,SAAQ,CAKlB,cAAY,IAAG,eAAe;IALpB,SAAQ,CAMlB,OAAK,IAAG,OAAO;IANL,SAAQ,CAOlB,kBAAgB,IAAG,mBAAmB;IAP5B,SAAQ,CAQlB,WAAS,IAAG,YAAY;IARd,SAAQ,CASlB,SAAO,IAAG,UAAU;IATV,SAAQ,CAUlB,aAAW,IAAG,eAAe;IAVnB,SAAQ,CAWlB,uBAAqB,IAAG,0BAA0B;IAXxC,SAAQ,CAYlB,QAAM,IAAG,QAAQ;IAZP,SAAQ,CAalB,aAAW,IAAG,cAAc;IAblB,SAAQ,CAclB,cAAY,IAAG,eAAe;IAdpB,SAAQ,CAelB,UAAQ,IAAG,UAAU;IAfX,SAAQ,CAgBlB,cAAY,IAAG,eAAe;IAhBpB,SAAQ,CAiBlB,OAAK,IAAG,OAAO;IAjBL,SAAQ,CAkBlB,OAAK,IAAG,OAAO;IAlBL,SAAQ,CAmBlB,OAAK,IAAG,OAAO;GAnBL,yCAAQ,KAAR,yCAAQ;IAsBb,yCAGN;UAHW,OAAM;IAAN,OAAM,CAChB,SAAO,IAAG,SAAS;IADT,OAAM,CAEhB,OAAK,IAAG,OAAO;GAFL,yCAAM,KAAN,yCAAM;;;ADYX,MAAM,yCAA6B,GAAG,OAC3C,YACE,QAAQ,CAAA,iBACR,aAAa,CAAA,eACb,WAAW,CAAA,gBACX,YAAY,CAAA,QACZ,IAAI,CAAA,YACJ,QAAQ,CAAA,EACgC,EAC1C,SAAoB,GACW;IAC/B,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACvC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACrD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,iBAAiB,CAAC,CAAC;IAExE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,MAAM,0BAA0B,GAAG,MAAM,SAAS,CAA6B,aAAa,EAAE;QAC5F,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CAAC,AAAC;IAEH,OAAO,CAAA,GAAA,8CAAa,CAAA,CAAC,0BAA0B,CAAC,CAAC;CAClD,AAAC;AAEK,MAAM,yCAAwB,GAAG,OACtC,YAAE,QAAQ,CAAA,iBAAE,aAAa,CAAA,gBAAE,YAAY,CAAA,YAAE,QAAQ,CAAA,UAAE,MAAM,CAAA,EAAsC,EAC/F,SAAoB,GACmB;IACvC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,YAAY,CAAC,CAAC;IAEnE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,IAAI,MAAM,EAAE,MAAM,EAChB,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAGtD,MAAM,kCAAkC,GAAG,MAAM,SAAS,CACxD,aAAa,EACb;QACE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CACF,AAAC;IAEF,OAAO,CAAA,GAAA,8CAAa,CAAA,CAAC,kCAAkC,CAAC,CAAC;CAC1D,AAAC;;ADrGF;;;;;AGAA;AAcO,MAAM,yCAAa,GAAG,wCAAwC,AAAC;AAI/D,MAAM,yCAAe,GAAG,OAC7B,QAAgB,EAChB,SAAoB,GAEpB,CAAA,GAAA,8CAAa,CAAA,CAAC,MAAM,SAAS,CAA8B,QAAQ,CAAC,CAAC,AAAC;;;;;;ACtBxE;AAGO,MAAM,yCAAM,GAAG,OACpB,kBAA0B,EAC1B,QAAgB,EAChB,KAAa,EACb,SAAoB,GAEpB,SAAS,CAAO,kBAAkB,EAAE;QAClC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,IAAI,eAAe,CAAC;YACxB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;YAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;SACxB,CAAC;KACH,CAAC,AAAC;;;;;;AChBL;;;;;;AEAA;;;;;;;ACAA;AAGA,MAAM,qCAAe,GAAG,MAAM,CAAC,MAAM,CAAC;IACpC,QAAQ,EAAE;QACR,WAAW,EAAE,wBAAwB;QACrC,aAAa,EAAE,eAAe;KAC/B;IACD,yBAAyB,EAAE;QACzB,uBAAuB,EAAE,yBAAyB;QAClD,WAAW,EAAE,aAAa;QAC1B,aAAa,EAAE,eAAe;QAC9B,gBAAgB,EAAE,kBAAkB;QACpC,YAAY,EAAE,cAAc;KAC7B;IACD,SAAS,EAAE;QACT,iBAAiB,EAAE,+CAA+C;KACnE;IACD,yBAAyB,EAAE,gEAAgE;CAC5F,CAAC,AAAC;AAIH,MAAM,2CAAqB,GAAG,CAAC,SAAyB,GAAa;IACnE,8BAA8B;IAC9B,mEAAmE;IACnE,MAAM,OAAO,GAAG,CAAA,GAAA,0CAAG,CAAA,CAAC,qCAAe,EAAE,SAAS,CAAC,AAAC;IAEhD,IAAI,OAAO,OAAO,KAAK,QAAQ,EAC7B,OAAO,OAAO,CAAC;IAGjB,OAAO,SAAS,CAAC;CAClB,AAAC;AAEK,MAAM,yCAAU,SAAS,KAAK;IAInC,YAAY,IAAoB,EAAE,IAAc,CAAE;QAChD,KAAK,CAAC,2CAAqB,CAAC,IAAI,CAAC,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAiB,SAAS,KAAK;IAG1C,YAAY,IAAY,EAAE,OAAe,CAAE;QACzC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAS;IAIpB,YAAY,KAAa,EAAE,gBAAyB,CAAE;QACpD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;KAC1C;CACF;;;AD1DM,MAAM,yCAAkB,GAAG,CAAC,GAAW,GAAK;IACjD,MAAM,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE5C,OAAO,IAAI,eAAe,CAAC,WAAW,CAAC,CAAC;CACzC,AAAC;AAGK,MAAM,yCAAiC,GAAG,CAC/C,WAAmB,EACnB,WAAmB,EACnB,KAAa,GACV;IACH,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,WAAW,CAAC,EACtC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,mDAAmD,CAAC,CAAC;IAE5E,MAAM,aAAa,GAAG,yCAAkB,CAAC,WAAW,CAAC,AAAC;IAEtD,MAAM,KAAK,GAAG,CAAA,GAAA,uCAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,CAAC,AAAC;IAC7D,MAAM,gBAAgB,GAAG,CAAA,GAAA,uCAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,gBAAgB,CAAC,CAAC,AAAC;IAEnF,IAAI,KAAK,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAClB,uCAAuC,EACvC,IAAI,CAAA,GAAA,yCAAS,CAAA,CAAC,KAAK,EAAE,gBAAgB,CAAC,CACvC,CAAC;IAGJ,MAAM,oBAAoB,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,AAAC;IAE/D,IAAI,CAAC,oBAAoB,EACvB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,yCAAyC,CAAC,CAAC;IAGlE,IAAI,oBAAoB,KAAK,KAAK,EAChC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,4CAA4C,CAAC,CAAC;IAGrE,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,CAAC,AAAC;IAE9C,IAAI,CAAC,IAAI,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wCAAwC,CAAC,CAAC;IAGjE,OAAO,IAAI,CAAC;CACb,AAAC;;ADjDF;;;;;;;AGEA;;AAIA;;GAEG,CACH,MAAM,0CAAoB,GAAG,CAAC,MAAM,GAAG,EAAE,GACvC,CAAA,GAAA,8BAAc,CAAA,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,AAAC;AAKhE,MAAM,yCAAa,GAAG,IAAM,0CAAoB,EAAE,AAAC;AAOnD,MAAM,yCAAoB,GAAG,IAAM,0CAAoB,EAAE,AAAC;AAQ1D,MAAM,yCAAqB,GAAG,OAAO,YAAoB,GAAsB;IACpF,uEAAuE;IACvE,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,EAC7B;;;;OAIG,CACH,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,2BAA2B,CAAC,CAAC;IAGpD,MAAM,mBAAmB,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,AAAC;IACnE,MAAM,aAAa,GAAG,IAAI,UAAU,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,mBAAmB,CAAC,CAAC,AAAC;IAEjG,OAAO,CAAA,GAAA,8BAAc,CAAA,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;CAC5C,AAAC;;;;;;;AC7CF;;;;AAMA,MAAM,2CAAqB,GAAG,EAAE,AAAC;AAEjC;;GAEG,CACH,MAAM,yCAAmB,GAAG,uBAAM,CAAC;IACjC,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,OAAO,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IAC3C,IAAI,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IACxC,QAAQ,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IAC5C,MAAM,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IAC1C,UAAU,EAAE,2BAAU,CAAC,2BAAU,CAAC,wBAAO,CAAC,yBAAQ,EAAE,CAAC,CAAC,CAAC;CACxD,CAAC,AAAC;AAII,MAAM,yCAAa,GAAG,OAC3B,OAAe,EACf,QAAgB,EAChB,MAAc,EACd,IAAqB,GAClB;IACH,MAAM,MAAM,GAAG,MAAM,CAAA,GAAA,qBAAS,CAAA,CAAC,OAAO,EAAE,IAAI,EAAE;QAAE,QAAQ,EAAE,QAAQ;gBAAE,MAAM;KAAE,CAAC,AAAC;IAE9E,IAAI,IAAI,CAAC,GAAG,CAAC,AAAC,CAAA,MAAM,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAA,GAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,2CAAqB,EACjF,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,sBAAsB,CAAC,CAAC;CAEhD,AAAC;AAEK,MAAM,yCAAa,GAAG,CAAC,KAAa,GAAoB;IAC7D,MAAM,EAAE,CAAC,EAAE,cAAc,CAAA,EAAE,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE/C,IAAI,CAAC,cAAc,EACjB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wBAAwB,CAAC,CAAC;IAGjD,MAAM,IAAI,GAAG,CAAA,GAAA,yCAAa,CAAA,CAAC,MAAM,CAAC,cAAc,CAAC,AAAC;IAClD,MAAM,aAAa,GAAY,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,AAAC;IAChD,yBAAQ,CAAC,aAAa,EAAE,yCAAmB,CAAC,CAAC;IAE7C,OAAO,aAAa,CAAC;CACtB,AAAC;;;;;;ACnDF;;AASO,MAAM,yCAAe,GAAG,CAAC,aAA4B,GAAK;IAC/D,IAAI,CAAC,aAAa,IAAI,CAAA,GAAA,kCAAM,CAAA,EAAE,EAC5B,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,6BAA6B,CAAC,CAAC;IAGtD,OAAO,OAAU,GAAG,IAAI,AAA0B,GAAiB;QACjE,MAAM,QAAQ,GAAG,MAAM,AAAC,CAAA,aAAa,IAAI,KAAK,CAAA,IAAK,IAAI,CAAC,AAAC;QAEzD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE;YAChB,qCAAqC;YACrC,MAAM,QAAE,IAAI,CAAA,WAAE,OAAO,CAAA,EAAE,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAyB,AAAC;YACvE,MAAM,IAAI,CAAA,GAAA,yCAAiB,CAAA,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;SAC5C;QAED,OAAO,QAAQ,CAAC,IAAI,EAAK,CAAC;KAC3B,CAAC;CACH,AAAC;;;;;;ACrBK,MAAM,wCAAkB,GAAG,CAAC,cAAyB,GAAa;IACvE,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC;QAAC,QAAQ;QAAE,gBAAgB;QAAE,SAAS;WAAM,cAAc,IAAI,EAAE;KAAE,CAAC,AAAC;IAEjG,OAAO,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;CAC3C,AAAC;;;;;;;;;;;APLF,MAAM,yCAAmB,GAAG,MAAM,AAAC;AACnC,MAAM,kCAAY,GAAG,MAAM,AAAC;AAarB,MAAM,yCAAiB,GAAG,CAAC,yBAChC,qBAAqB,CAAA,YACrB,QAAQ,CAAA,eACR,WAAW,CAAA,iBACX,aAAa,CAAA,SACb,KAAK,CAAA,UACL,MAAM,CAAA,aACN,SAAS,CAAA,UACT,MAAM,CAAA,EACc,GAAK;IACzB,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAC9C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;QAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,WAAW;QACnC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,aAAa,CAAC,EAAE,aAAa;QACvC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,mBAAmB,CAAC,EAAE,yCAAmB;QACnD,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;QACvB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,CAAC,EAAE,kCAAY;QACrC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,MAAM,CAAC,EAAE,MAAM,IAAI,CAAA,GAAA,yCAAM,CAAA,CAAC,OAAO;QAC3C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,CAAA,GAAA,wCAAkB,CAAA,CAAC,MAAM,CAAC;KAC7C,CAAC,AAAC;IAEH,KAAK,MAAM,QAAQ,IAAI,SAAS,IAAI,EAAE,CACpC,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAG1D,OAAO,CAAC,EAAE,qBAAqB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CACrE,AAAC;;;;;;AQ3CF;AAQO,MAAM,yCAAkB,GAAG,CAAC,sBACjC,kBAAkB,CAAA,WAClB,OAAO,CAAA,yBACP,qBAAqB,CAAA,EACA,GAAK;IAC1B,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAAE,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,OAAO;KAAE,CAAC,AAAC;IAErF,IAAI,qBAAqB,EACvB,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,qBAAqB,EAAE,qBAAqB,CAAC,CAAC;IAGpF,OAAO,CAAC,EAAE,kBAAkB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CAClE,AAAC;;;;;;;;;AdnBF","sources":["packages/js/src/index.ts","packages/js/src/core/index.ts","packages/js/src/core/fetch-token.ts","packages/js/src/consts/index.ts","packages/js/src/core/oidc-config.ts","packages/js/src/core/revoke.ts","packages/js/src/core/sign-in.ts","packages/js/src/utils/index.ts","packages/js/src/utils/callback-uri.ts","packages/js/src/utils/errors.ts","packages/js/src/utils/generators.ts","packages/js/src/utils/id-token.ts","packages/js/src/utils/requester.ts","packages/js/src/utils/scopes.ts","packages/js/src/core/sign-out.ts"],"sourcesContent":["/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\n","export * from './fetch-token';\nexport * from './oidc-config';\nexport * from './revoke';\nexport * from './sign-in';\nexport * from './sign-out';\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { ContentType, QueryKey, TokenGrantType } from '../consts';\nimport { Requester } from '../utils';\n\nexport type FetchTokenByAuthorizationCodeParameters = {\n clientId: string;\n tokenEndpoint: string;\n redirectUri: string;\n codeVerifier: string;\n code: string;\n resource?: string;\n};\n\nexport type FetchTokenByRefreshTokenParameters = {\n clientId: string;\n tokenEndpoint: string;\n refreshToken: string;\n resource?: string;\n scopes?: string[];\n};\n\ntype SnakeCaseCodeTokenResponse = {\n access_token: string;\n refresh_token?: string;\n id_token: string;\n scope: string;\n expires_in: number;\n};\n\nexport type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;\n\ntype SnakeCaseRefreshTokenTokenResponse = {\n access_token: string;\n refresh_token: string;\n id_token?: string;\n scope: string;\n expires_in: number;\n};\n\nexport type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;\n\nexport const fetchTokenByAuthorizationCode = async (\n {\n clientId,\n tokenEndpoint,\n redirectUri,\n codeVerifier,\n code,\n resource,\n }: FetchTokenByAuthorizationCodeParameters,\n requester: Requester\n): Promise<CodeTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.Code, code);\n parameters.append(QueryKey.CodeVerifier, codeVerifier);\n parameters.append(QueryKey.RedirectUri, redirectUri);\n parameters.append(QueryKey.GrantType, TokenGrantType.AuthorizationCode);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n const snakeCaseCodeTokenResponse = await requester<SnakeCaseCodeTokenResponse>(tokenEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n });\n\n return camelcaseKeys(snakeCaseCodeTokenResponse);\n};\n\nexport const fetchTokenByRefreshToken = async (\n { clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters,\n requester: Requester\n): Promise<RefreshTokenTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.RefreshToken, refreshToken);\n parameters.append(QueryKey.GrantType, TokenGrantType.RefreshToken);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n if (scopes?.length) {\n parameters.append(QueryKey.Scope, scopes.join(' '));\n }\n\n const snakeCaseRefreshTokenTokenResponse = await requester<SnakeCaseRefreshTokenTokenResponse>(\n tokenEndpoint,\n {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n }\n );\n\n return camelcaseKeys(snakeCaseRefreshTokenTokenResponse);\n};\n","export const ContentType = {\n formUrlEncoded: { 'Content-Type': 'application/x-www-form-urlencoded' },\n};\n\nexport enum TokenGrantType {\n AuthorizationCode = 'authorization_code',\n RefreshToken = 'refresh_token',\n}\n\nexport enum QueryKey {\n ClientId = 'client_id',\n Code = 'code',\n CodeChallenge = 'code_challenge',\n CodeChallengeMethod = 'code_challenge_method',\n CodeVerifier = 'code_verifier',\n Error = 'error',\n ErrorDescription = 'error_description',\n GrantType = 'grant_type',\n IdToken = 'id_token',\n IdTokenHint = 'id_token_hint',\n PostLogoutRedirectUri = 'post_logout_redirect_uri',\n Prompt = 'prompt',\n RedirectUri = 'redirect_uri',\n RefreshToken = 'refresh_token',\n Resource = 'resource',\n ResponseType = 'response_type',\n Scope = 'scope',\n State = 'state',\n Token = 'token',\n}\n\nexport enum Prompt {\n Consent = 'consent',\n Login = 'login',\n}\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { Requester } from '../utils';\n\ntype OidcConfigSnakeCaseResponse = {\n authorization_endpoint: string;\n token_endpoint: string;\n end_session_endpoint: string;\n revocation_endpoint: string;\n jwks_uri: string;\n issuer: string;\n};\n\nexport const discoveryPath = '/oidc/.well-known/openid-configuration';\n\nexport type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;\n\nexport const fetchOidcConfig = async (\n endpoint: string,\n requester: Requester\n): Promise<OidcConfigResponse> =>\n camelcaseKeys(await requester<OidcConfigSnakeCaseResponse>(endpoint));\n","import { ContentType, QueryKey } from '../consts';\nimport { Requester } from '../utils';\n\nexport const revoke = async (\n revocationEndpoint: string,\n clientId: string,\n token: string,\n requester: Requester\n): Promise<void> =>\n requester<void>(revocationEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.Token]: token,\n }),\n });\n","import { Prompt, QueryKey } from '../consts';\nimport { withReservedScopes } from '../utils';\n\nconst codeChallengeMethod = 'S256';\nconst responseType = 'code';\n\nexport type SignInUriParameters = {\n authorizationEndpoint: string;\n clientId: string;\n redirectUri: string;\n codeChallenge: string;\n state: string;\n scopes?: string[];\n resources?: string[];\n prompt?: Prompt;\n};\n\nexport const generateSignInUri = ({\n authorizationEndpoint,\n clientId,\n redirectUri,\n codeChallenge,\n state,\n scopes,\n resources,\n prompt,\n}: SignInUriParameters) => {\n const urlSearchParameters = new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.RedirectUri]: redirectUri,\n [QueryKey.CodeChallenge]: codeChallenge,\n [QueryKey.CodeChallengeMethod]: codeChallengeMethod,\n [QueryKey.State]: state,\n [QueryKey.ResponseType]: responseType,\n [QueryKey.Prompt]: prompt ?? Prompt.Consent,\n [QueryKey.Scope]: withReservedScopes(scopes),\n });\n\n for (const resource of resources ?? []) {\n urlSearchParameters.append(QueryKey.Resource, resource);\n }\n\n return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export * from './callback-uri';\nexport * from './errors';\nexport * from './generators';\nexport * from './id-token';\nexport * from './requester';\nexport * from './scopes';\n","import { conditional } from '@silverhand/essentials';\n\nimport { QueryKey } from '../consts';\nimport { LogtoError, OidcError } from './errors';\n\nexport const parseUriParameters = (uri: string) => {\n const [, queryString = ''] = uri.split('?');\n\n return new URLSearchParams(queryString);\n};\n\n// eslint-disable-next-line complexity\nexport const verifyAndParseCodeFromCallbackUri = (\n callbackUri: string,\n redirectUri: string,\n state: string\n) => {\n if (!callbackUri.startsWith(redirectUri)) {\n throw new LogtoError('callback_uri_verification.redirect_uri_mismatched');\n }\n const uriParameters = parseUriParameters(callbackUri);\n\n const error = conditional(uriParameters.get(QueryKey.Error));\n const errorDescription = conditional(uriParameters.get(QueryKey.ErrorDescription));\n\n if (error) {\n throw new LogtoError(\n 'callback_uri_verification.error_found',\n new OidcError(error, errorDescription)\n );\n }\n\n const stateFromCallbackUri = uriParameters.get(QueryKey.State);\n\n if (!stateFromCallbackUri) {\n throw new LogtoError('callback_uri_verification.missing_state');\n }\n\n if (stateFromCallbackUri !== state) {\n throw new LogtoError('callback_uri_verification.state_mismatched');\n }\n\n const code = uriParameters.get(QueryKey.Code);\n\n if (!code) {\n throw new LogtoError('callback_uri_verification.missing_code');\n }\n\n return code;\n};\n","import { NormalizeKeyPaths } from '@silverhand/essentials';\nimport get from 'lodash.get';\n\nconst logtoErrorCodes = Object.freeze({\n id_token: {\n invalid_iat: 'Invalid issued at time',\n invalid_token: 'Invalid token',\n },\n callback_uri_verification: {\n redirect_uri_mismatched: 'Redirect URI mismatched',\n error_found: 'Error found',\n missing_state: 'Missing state',\n state_mismatched: 'State mismatched',\n missing_code: 'Missing code',\n },\n requester: {\n not_provide_fetch: 'Should provide a fetch function under Node.js',\n },\n crypto_subtle_unavailable: 'Crypto.subtle is unavailable in insecure contexts (non-HTTPS).',\n});\n\nexport type LogtoErrorCode = NormalizeKeyPaths<typeof logtoErrorCodes>;\n\nconst getMessageByErrorCode = (errorCode: LogtoErrorCode): string => {\n // TODO: linear issue LOG-1419\n // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment\n const message = get(logtoErrorCodes, errorCode);\n\n if (typeof message === 'string') {\n return message;\n }\n\n return errorCode;\n};\n\nexport class LogtoError extends Error {\n code: LogtoErrorCode;\n data: unknown;\n\n constructor(code: LogtoErrorCode, data?: unknown) {\n super(getMessageByErrorCode(code));\n this.code = code;\n this.data = data;\n }\n}\n\nexport class LogtoRequestError extends Error {\n code: string;\n\n constructor(code: string, message: string) {\n super(message);\n this.code = code;\n }\n}\n\nexport class OidcError {\n error: string;\n errorDescription?: string;\n\n constructor(error: string, errorDescription?: string) {\n this.error = error;\n this.errorDescription = errorDescription;\n }\n}\n","/** @link [Proof Key for Code Exchange by OAuth Public Clients](https://datatracker.ietf.org/doc/html/rfc7636) */\n\nimport { fromUint8Array } from 'js-base64';\n\nimport { LogtoError } from './errors';\n\n/**\n * @param length The length of the raw random data.\n */\nconst generateRandomString = (length = 64) =>\n fromUint8Array(crypto.getRandomValues(new Uint8Array(length)), true);\n\n/**\n * Generates random string for state and encodes them in url safe base64\n */\nexport const generateState = () => generateRandomString();\n\n/**\n * Generates code verifier\n *\n * @link [Client Creates a Code Verifier](https://datatracker.ietf.org/doc/html/rfc7636#section-4.1)\n */\nexport const generateCodeVerifier = () => generateRandomString();\n\n/**\n * Calculates the S256 PKCE code challenge for an arbitrary code verifier and encodes it in url safe base64\n *\n * @param {String} codeVerifier Code verifier to calculate the S256 code challenge for\n * @link [Client Creates the Code Challenge](https://datatracker.ietf.org/doc/html/rfc7636#section-4.2)\n */\nexport const generateCodeChallenge = async (codeVerifier: string): Promise<string> => {\n // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\n if (crypto.subtle === undefined) {\n /**\n * `crypto.subtle` is available only in secure contexts (HTTPS) in some or all supporting browsers,\n * https://developer.mozilla.org/en-US/docs/Web/API/Crypto/subtle\n * https://www.chromium.org/blink/webcrypto/#accessing-it\n */\n throw new LogtoError('crypto_subtle_unavailable');\n }\n\n const encodedCodeVerifier = new TextEncoder().encode(codeVerifier);\n const codeChallenge = new Uint8Array(await crypto.subtle.digest('SHA-256', encodedCodeVerifier));\n\n return fromUint8Array(codeChallenge, true);\n};\n","import { UrlSafeBase64 } from '@silverhand/essentials';\nimport { jwtVerify, JWTVerifyGetKey } from 'jose';\nimport * as s from 'superstruct';\n\nimport { LogtoError } from './errors';\n\nconst issuedAtTimeTolerance = 60;\n\n/**\n * @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\n */\nconst IdTokenClaimsSchema = s.type({\n iss: s.string(),\n sub: s.string(),\n aud: s.string(),\n exp: s.number(),\n iat: s.number(),\n at_hash: s.nullable(s.optional(s.string())),\n name: s.nullable(s.optional(s.string())),\n username: s.nullable(s.optional(s.string())),\n avatar: s.nullable(s.optional(s.string())),\n role_names: s.nullable(s.optional(s.array(s.string()))),\n});\n\nexport type IdTokenClaims = s.Infer<typeof IdTokenClaimsSchema>;\n\nexport const verifyIdToken = async (\n idToken: string,\n clientId: string,\n issuer: string,\n jwks: JWTVerifyGetKey\n) => {\n const result = await jwtVerify(idToken, jwks, { audience: clientId, issuer });\n\n if (Math.abs((result.payload.iat ?? 0) - Date.now() / 1000) > issuedAtTimeTolerance) {\n throw new LogtoError('id_token.invalid_iat');\n }\n};\n\nexport const decodeIdToken = (token: string): IdTokenClaims => {\n const { 1: encodedPayload } = token.split('.');\n\n if (!encodedPayload) {\n throw new LogtoError('id_token.invalid_token');\n }\n\n const json = UrlSafeBase64.decode(encodedPayload);\n const idTokenClaims: unknown = JSON.parse(json);\n s.assert(idTokenClaims, IdTokenClaimsSchema);\n\n return idTokenClaims;\n};\n","import { isNode } from '@silverhand/essentials';\n\nimport { LogtoError, LogtoRequestError } from './errors';\n\ntype LogtoRequestErrorBody = {\n code: string;\n message: string;\n};\n\nexport const createRequester = (fetchFunction?: typeof fetch) => {\n if (!fetchFunction && isNode()) {\n throw new LogtoError('requester.not_provide_fetch');\n }\n\n return async <T>(...args: Parameters<typeof fetch>): Promise<T> => {\n const response = await (fetchFunction ?? fetch)(...args);\n\n if (!response.ok) {\n // Expected request error from server\n const { code, message } = await response.json<LogtoRequestErrorBody>();\n throw new LogtoRequestError(code, message);\n }\n\n return response.json<T>();\n };\n};\n\nexport type Requester = ReturnType<typeof createRequester>;\n","/**\n * @param originalScopes\n * @return scopes should contain all reserved scopes ( Logto requires `openid` and `offline_access` )\n */\nexport const withReservedScopes = (originalScopes?: string[]): string => {\n const uniqueScopes = new Set(['openid', 'offline_access', 'profile', ...(originalScopes ?? [])]);\n\n return Array.from(uniqueScopes).join(' ');\n};\n","import { QueryKey } from '../consts';\n\ntype SignOutUriParameters = {\n endSessionEndpoint: string;\n idToken: string;\n postLogoutRedirectUri?: string;\n};\n\nexport const generateSignOutUri = ({\n endSessionEndpoint,\n idToken,\n postLogoutRedirectUri,\n}: SignOutUriParameters) => {\n const urlSearchParameters = new URLSearchParams({ [QueryKey.IdTokenHint]: idToken });\n\n if (postLogoutRedirectUri) {\n urlSearchParameters.append(QueryKey.PostLogoutRedirectUri, postLogoutRedirectUri);\n }\n\n return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;\n};\n"],"names":[],"version":3,"file":"index.js.map"}
|
|
1
|
+
{"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AEAA;;;;;;;ACAO,MAAM,yCAAW,GAAG;IACzB,cAAc,EAAE;QAAE,cAAc,EAAE,mCAAmC;KAAE;CACxE,AAAC;IAEK,yCAGN;UAHW,cAAc;IAAd,cAAc,CACxB,mBAAiB,IAAG,oBAAoB;IAD9B,cAAc,CAExB,cAAY,IAAG,eAAe;GAFpB,yCAAc,KAAd,yCAAc;IAKnB,yCAoBN;UApBW,QAAQ;IAAR,QAAQ,CAClB,UAAQ,IAAG,WAAW;IADZ,QAAQ,CAElB,MAAI,IAAG,MAAM;IAFH,QAAQ,CAGlB,eAAa,IAAG,gBAAgB;IAHtB,QAAQ,CAIlB,qBAAmB,IAAG,uBAAuB;IAJnC,QAAQ,CAKlB,cAAY,IAAG,eAAe;IALpB,QAAQ,CAMlB,OAAK,IAAG,OAAO;IANL,QAAQ,CAOlB,kBAAgB,IAAG,mBAAmB;IAP5B,QAAQ,CAQlB,WAAS,IAAG,YAAY;IARd,QAAQ,CASlB,SAAO,IAAG,UAAU;IATV,QAAQ,CAUlB,aAAW,IAAG,eAAe;IAVnB,QAAQ,CAWlB,uBAAqB,IAAG,0BAA0B;IAXxC,QAAQ,CAYlB,QAAM,IAAG,QAAQ;IAZP,QAAQ,CAalB,aAAW,IAAG,cAAc;IAblB,QAAQ,CAclB,cAAY,IAAG,eAAe;IAdpB,QAAQ,CAelB,UAAQ,IAAG,UAAU;IAfX,QAAQ,CAgBlB,cAAY,IAAG,eAAe;IAhBpB,QAAQ,CAiBlB,OAAK,IAAG,OAAO;IAjBL,QAAQ,CAkBlB,OAAK,IAAG,OAAO;IAlBL,QAAQ,CAmBlB,OAAK,IAAG,OAAO;GAnBL,yCAAQ,KAAR,yCAAQ;IAsBb,yCAGN;UAHW,MAAM;IAAN,MAAM,CAChB,SAAO,IAAG,SAAS;IADT,MAAM,CAEhB,OAAK,IAAG,OAAO;GAFL,yCAAM,KAAN,yCAAM;;;ADYX,MAAM,yCAA6B,GAAG,OAC3C,YACE,QAAQ,CAAA,iBACR,aAAa,CAAA,eACb,WAAW,CAAA,gBACX,YAAY,CAAA,QACZ,IAAI,CAAA,YACJ,QAAQ,CAAA,EACgC,EAC1C,SAAoB,GACW;IAC/B,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACvC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACrD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,iBAAiB,CAAC,CAAC;IAExE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,MAAM,0BAA0B,GAAG,MAAM,SAAS,CAA6B,aAAa,EAAE;QAC5F,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CAAC,AAAC;IAEH,OAAO,CAAA,GAAA,8CAAa,CAAA,CAAC,0BAA0B,CAAC,CAAC;CAClD,AAAC;AAEK,MAAM,yCAAwB,GAAG,OACtC,YAAE,QAAQ,CAAA,iBAAE,aAAa,CAAA,gBAAE,YAAY,CAAA,YAAE,QAAQ,CAAA,UAAE,MAAM,CAAA,EAAsC,EAC/F,SAAoB,GACmB;IACvC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,YAAY,CAAC,CAAC;IAEnE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,IAAI,MAAM,EAAE,MAAM,EAChB,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAGtD,MAAM,kCAAkC,GAAG,MAAM,SAAS,CACxD,aAAa,EACb;QACE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CACF,AAAC;IAEF,OAAO,CAAA,GAAA,8CAAa,CAAA,CAAC,kCAAkC,CAAC,CAAC;CAC1D,AAAC;;ADrGF;;;;;AGAA;AAcO,MAAM,yCAAa,GAAG,wCAAwC,AAAC;AAI/D,MAAM,yCAAe,GAAG,OAC7B,QAAgB,EAChB,SAAoB,GAEpB,CAAA,GAAA,8CAAa,CAAA,CAAC,MAAM,SAAS,CAA8B,QAAQ,CAAC,CAAC,AAAC;;;;;;ACtBxE;AAGO,MAAM,yCAAM,GAAG,OACpB,kBAA0B,EAC1B,QAAgB,EAChB,KAAa,EACb,SAAoB,GAEpB,SAAS,CAAO,kBAAkB,EAAE;QAClC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,IAAI,eAAe,CAAC;YACxB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;YAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;SACxB,CAAC;KACH,CAAC,AAAC;;;;;;AChBL;;;;;;AEAA;;;;;;;;ACAA;;AAIA,MAAM,qCAAe,GAAG,MAAM,CAAC,MAAM,CAAC;IACpC,QAAQ,EAAE;QACR,WAAW,EAAE,wCAAwC;QACrD,aAAa,EAAE,kBAAkB;KAClC;IACD,yBAAyB,EAAE;QACzB,uBAAuB,EAAE,+CAA+C;QACxE,WAAW,EAAE,iCAAiC;QAC9C,aAAa,EAAE,mCAAmC;QAClD,gBAAgB,EAAE,sCAAsC;QACxD,YAAY,EAAE,kCAAkC;KACjD;IACD,yBAAyB,EAAE,gEAAgE;IAC3F,yBAAyB,EAAE,4CAA4C;CACxE,CAAC,AAAC;AAIH,MAAM,2CAAqB,GAAG,CAAC,SAAyB,GAAa;IACnE,mEAAmE;IACnE,MAAM,OAAO,GAAG,CAAA,GAAA,0CAAG,CAAA,CAAC,qCAAe,EAAE,SAAS,CAAC,AAAC;IAEhD,IAAI,OAAO,OAAO,KAAK,QAAQ,EAC7B,OAAO,OAAO,CAAC;IAGjB,OAAO,SAAS,CAAC;CAClB,AAAC;AAEK,MAAM,yCAAU,SAAS,KAAK;IAInC,YAAY,IAAoB,EAAE,IAAc,CAAE;QAChD,KAAK,CAAC,2CAAqB,CAAC,IAAI,CAAC,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAuB,GAAG,uBAAM,CAAC;IAC5C,IAAI,EAAE,yBAAQ,EAAE;IAChB,OAAO,EAAE,yBAAQ,EAAE;CACpB,CAAC,AAAC;AAEI,MAAM,yCAAiB,SAAS,KAAK;IAG1C,YAAY,IAAY,EAAE,OAAe,CAAE;QACzC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAS;IACpB,YAAmB,KAAa,EAAS,gBAAyB,CAAE;aAAjD,KAAa,GAAb,KAAa;aAAS,gBAAyB,GAAzB,gBAAyB;KAAI;CACvE;;;ADvDM,MAAM,yCAAkB,GAAG,CAAC,GAAW,GAAK;IACjD,MAAM,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE5C,OAAO,IAAI,eAAe,CAAC,WAAW,CAAC,CAAC;CACzC,AAAC;AAGK,MAAM,yCAAiC,GAAG,CAC/C,WAAmB,EACnB,WAAmB,EACnB,KAAa,GACV;IACH,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,WAAW,CAAC,EACtC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,mDAAmD,CAAC,CAAC;IAE5E,MAAM,aAAa,GAAG,yCAAkB,CAAC,WAAW,CAAC,AAAC;IAEtD,MAAM,KAAK,GAAG,CAAA,GAAA,uCAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,CAAC,AAAC;IAC7D,MAAM,gBAAgB,GAAG,CAAA,GAAA,uCAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,gBAAgB,CAAC,CAAC,AAAC;IAEnF,IAAI,KAAK,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAClB,uCAAuC,EACvC,IAAI,CAAA,GAAA,yCAAS,CAAA,CAAC,KAAK,EAAE,gBAAgB,CAAC,CACvC,CAAC;IAGJ,MAAM,oBAAoB,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,AAAC;IAE/D,IAAI,CAAC,oBAAoB,EACvB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,yCAAyC,CAAC,CAAC;IAGlE,IAAI,oBAAoB,KAAK,KAAK,EAChC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,4CAA4C,CAAC,CAAC;IAGrE,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,CAAC,AAAC;IAE9C,IAAI,CAAC,IAAI,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wCAAwC,CAAC,CAAC;IAGjE,OAAO,IAAI,CAAC;CACb,AAAC;;ADjDF;;;;;;AGAA;;;;AAMA,MAAM,2CAAqB,GAAG,EAAE,AAAC;AAEjC;;GAEG,CACH,MAAM,yCAAmB,GAAG,uBAAM,CAAC;IACjC,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,OAAO,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IAC3C,IAAI,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IACxC,QAAQ,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IAC5C,MAAM,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IAC1C,UAAU,EAAE,2BAAU,CAAC,2BAAU,CAAC,wBAAO,CAAC,yBAAQ,EAAE,CAAC,CAAC,CAAC;CACxD,CAAC,AAAC;AAII,MAAM,yCAAa,GAAG,OAC3B,OAAe,EACf,QAAgB,EAChB,MAAc,EACd,IAAqB,GAClB;IACH,MAAM,MAAM,GAAG,MAAM,CAAA,GAAA,qBAAS,CAAA,CAAC,OAAO,EAAE,IAAI,EAAE;QAAE,QAAQ,EAAE,QAAQ;gBAAE,MAAM;KAAE,CAAC,AAAC;IAE9E,IAAI,IAAI,CAAC,GAAG,CAAC,AAAC,CAAA,MAAM,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAA,GAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,2CAAqB,EACjF,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,sBAAsB,CAAC,CAAC;CAEhD,AAAC;AAEK,MAAM,yCAAa,GAAG,CAAC,KAAa,GAAoB;IAC7D,MAAM,EAAE,CAAC,EAAE,cAAc,CAAA,EAAE,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE/C,IAAI,CAAC,cAAc,EACjB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wBAAwB,CAAC,CAAC;IAGjD,MAAM,IAAI,GAAG,CAAA,GAAA,yCAAa,CAAA,CAAC,MAAM,CAAC,cAAc,CAAC,AAAC;IAClD,MAAM,aAAa,GAAY,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,AAAC;IAChD,yBAAQ,CAAC,aAAa,EAAE,yCAAmB,CAAC,CAAC;IAE7C,OAAO,aAAa,CAAC;CACtB,AAAC;;;;;;AC/CK,MAAM,wCAAkB,GAAG,CAAC,cAAyB,GAAa;IACvE,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC;QAAC,QAAQ;QAAE,gBAAgB;QAAE,SAAS;WAAM,cAAc,IAAI,EAAE;KAAE,CAAC,AAAC;IAEjG,OAAO,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;CAC3C,AAAC;;;;;;;;;ALLF,MAAM,yCAAmB,GAAG,MAAM,AAAC;AACnC,MAAM,kCAAY,GAAG,MAAM,AAAC;AAarB,MAAM,yCAAiB,GAAG,CAAC,yBAChC,qBAAqB,CAAA,YACrB,QAAQ,CAAA,eACR,WAAW,CAAA,iBACX,aAAa,CAAA,SACb,KAAK,CAAA,UACL,MAAM,CAAA,aACN,SAAS,CAAA,UACT,MAAM,CAAA,EACc,GAAK;IACzB,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAC9C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;QAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,WAAW;QACnC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,aAAa,CAAC,EAAE,aAAa;QACvC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,mBAAmB,CAAC,EAAE,yCAAmB;QACnD,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;QACvB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,CAAC,EAAE,kCAAY;QACrC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,MAAM,CAAC,EAAE,MAAM,IAAI,CAAA,GAAA,yCAAM,CAAA,CAAC,OAAO;QAC3C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,CAAA,GAAA,wCAAkB,CAAA,CAAC,MAAM,CAAC;KAC7C,CAAC,AAAC;IAEH,KAAK,MAAM,QAAQ,IAAI,SAAS,IAAI,EAAE,CACpC,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAG1D,OAAO,CAAC,EAAE,qBAAqB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CACrE,AAAC;;;;;;AM3CF;AAQO,MAAM,yCAAkB,GAAG,CAAC,sBACjC,kBAAkB,CAAA,WAClB,OAAO,CAAA,yBACP,qBAAqB,CAAA,EACA,GAAK;IAC1B,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAAE,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,OAAO;KAAE,CAAC,AAAC;IAErF,IAAI,qBAAqB,EACvB,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,qBAAqB,EAAE,qBAAqB,CAAC,CAAC;IAGpF,OAAO,CAAC,EAAE,kBAAkB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CAClE,AAAC;;;;;;;;;AZnBF;;;;;","sources":["packages/js/src/index.ts","packages/js/src/core/index.ts","packages/js/src/core/fetch-token.ts","packages/js/src/consts/index.ts","packages/js/src/core/oidc-config.ts","packages/js/src/core/revoke.ts","packages/js/src/core/sign-in.ts","packages/js/src/utils/index.ts","packages/js/src/utils/callback-uri.ts","packages/js/src/utils/errors.ts","packages/js/src/utils/id-token.ts","packages/js/src/utils/scopes.ts","packages/js/src/core/sign-out.ts","packages/js/src/types/index.ts"],"sourcesContent":["/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\nexport * from './types';\n","export * from './fetch-token';\nexport * from './oidc-config';\nexport * from './revoke';\nexport * from './sign-in';\nexport * from './sign-out';\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { ContentType, QueryKey, TokenGrantType } from '../consts';\nimport { Requester } from '../types';\n\nexport type FetchTokenByAuthorizationCodeParameters = {\n clientId: string;\n tokenEndpoint: string;\n redirectUri: string;\n codeVerifier: string;\n code: string;\n resource?: string;\n};\n\nexport type FetchTokenByRefreshTokenParameters = {\n clientId: string;\n tokenEndpoint: string;\n refreshToken: string;\n resource?: string;\n scopes?: string[];\n};\n\ntype SnakeCaseCodeTokenResponse = {\n access_token: string;\n refresh_token?: string;\n id_token: string;\n scope: string;\n expires_in: number;\n};\n\nexport type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;\n\ntype SnakeCaseRefreshTokenTokenResponse = {\n access_token: string;\n refresh_token: string;\n id_token?: string;\n scope: string;\n expires_in: number;\n};\n\nexport type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;\n\nexport const fetchTokenByAuthorizationCode = async (\n {\n clientId,\n tokenEndpoint,\n redirectUri,\n codeVerifier,\n code,\n resource,\n }: FetchTokenByAuthorizationCodeParameters,\n requester: Requester\n): Promise<CodeTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.Code, code);\n parameters.append(QueryKey.CodeVerifier, codeVerifier);\n parameters.append(QueryKey.RedirectUri, redirectUri);\n parameters.append(QueryKey.GrantType, TokenGrantType.AuthorizationCode);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n const snakeCaseCodeTokenResponse = await requester<SnakeCaseCodeTokenResponse>(tokenEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n });\n\n return camelcaseKeys(snakeCaseCodeTokenResponse);\n};\n\nexport const fetchTokenByRefreshToken = async (\n { clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters,\n requester: Requester\n): Promise<RefreshTokenTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.RefreshToken, refreshToken);\n parameters.append(QueryKey.GrantType, TokenGrantType.RefreshToken);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n if (scopes?.length) {\n parameters.append(QueryKey.Scope, scopes.join(' '));\n }\n\n const snakeCaseRefreshTokenTokenResponse = await requester<SnakeCaseRefreshTokenTokenResponse>(\n tokenEndpoint,\n {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n }\n );\n\n return camelcaseKeys(snakeCaseRefreshTokenTokenResponse);\n};\n","export const ContentType = {\n formUrlEncoded: { 'Content-Type': 'application/x-www-form-urlencoded' },\n};\n\nexport enum TokenGrantType {\n AuthorizationCode = 'authorization_code',\n RefreshToken = 'refresh_token',\n}\n\nexport enum QueryKey {\n ClientId = 'client_id',\n Code = 'code',\n CodeChallenge = 'code_challenge',\n CodeChallengeMethod = 'code_challenge_method',\n CodeVerifier = 'code_verifier',\n Error = 'error',\n ErrorDescription = 'error_description',\n GrantType = 'grant_type',\n IdToken = 'id_token',\n IdTokenHint = 'id_token_hint',\n PostLogoutRedirectUri = 'post_logout_redirect_uri',\n Prompt = 'prompt',\n RedirectUri = 'redirect_uri',\n RefreshToken = 'refresh_token',\n Resource = 'resource',\n ResponseType = 'response_type',\n Scope = 'scope',\n State = 'state',\n Token = 'token',\n}\n\nexport enum Prompt {\n Consent = 'consent',\n Login = 'login',\n}\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { Requester } from '../types';\n\ntype OidcConfigSnakeCaseResponse = {\n authorization_endpoint: string;\n token_endpoint: string;\n end_session_endpoint: string;\n revocation_endpoint: string;\n jwks_uri: string;\n issuer: string;\n};\n\nexport const discoveryPath = '/oidc/.well-known/openid-configuration';\n\nexport type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;\n\nexport const fetchOidcConfig = async (\n endpoint: string,\n requester: Requester\n): Promise<OidcConfigResponse> =>\n camelcaseKeys(await requester<OidcConfigSnakeCaseResponse>(endpoint));\n","import { ContentType, QueryKey } from '../consts';\nimport { Requester } from '../types';\n\nexport const revoke = async (\n revocationEndpoint: string,\n clientId: string,\n token: string,\n requester: Requester\n): Promise<void> =>\n requester<void>(revocationEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.Token]: token,\n }),\n });\n","import { Prompt, QueryKey } from '../consts';\nimport { withReservedScopes } from '../utils';\n\nconst codeChallengeMethod = 'S256';\nconst responseType = 'code';\n\nexport type SignInUriParameters = {\n authorizationEndpoint: string;\n clientId: string;\n redirectUri: string;\n codeChallenge: string;\n state: string;\n scopes?: string[];\n resources?: string[];\n prompt?: Prompt;\n};\n\nexport const generateSignInUri = ({\n authorizationEndpoint,\n clientId,\n redirectUri,\n codeChallenge,\n state,\n scopes,\n resources,\n prompt,\n}: SignInUriParameters) => {\n const urlSearchParameters = new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.RedirectUri]: redirectUri,\n [QueryKey.CodeChallenge]: codeChallenge,\n [QueryKey.CodeChallengeMethod]: codeChallengeMethod,\n [QueryKey.State]: state,\n [QueryKey.ResponseType]: responseType,\n [QueryKey.Prompt]: prompt ?? Prompt.Consent,\n [QueryKey.Scope]: withReservedScopes(scopes),\n });\n\n for (const resource of resources ?? []) {\n urlSearchParameters.append(QueryKey.Resource, resource);\n }\n\n return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export * from './callback-uri';\nexport * from './errors';\nexport * from './id-token';\nexport * from './scopes';\n","import { conditional } from '@silverhand/essentials';\n\nimport { QueryKey } from '../consts';\nimport { LogtoError, OidcError } from './errors';\n\nexport const parseUriParameters = (uri: string) => {\n const [, queryString = ''] = uri.split('?');\n\n return new URLSearchParams(queryString);\n};\n\n// eslint-disable-next-line complexity\nexport const verifyAndParseCodeFromCallbackUri = (\n callbackUri: string,\n redirectUri: string,\n state: string\n) => {\n if (!callbackUri.startsWith(redirectUri)) {\n throw new LogtoError('callback_uri_verification.redirect_uri_mismatched');\n }\n const uriParameters = parseUriParameters(callbackUri);\n\n const error = conditional(uriParameters.get(QueryKey.Error));\n const errorDescription = conditional(uriParameters.get(QueryKey.ErrorDescription));\n\n if (error) {\n throw new LogtoError(\n 'callback_uri_verification.error_found',\n new OidcError(error, errorDescription)\n );\n }\n\n const stateFromCallbackUri = uriParameters.get(QueryKey.State);\n\n if (!stateFromCallbackUri) {\n throw new LogtoError('callback_uri_verification.missing_state');\n }\n\n if (stateFromCallbackUri !== state) {\n throw new LogtoError('callback_uri_verification.state_mismatched');\n }\n\n const code = uriParameters.get(QueryKey.Code);\n\n if (!code) {\n throw new LogtoError('callback_uri_verification.missing_code');\n }\n\n return code;\n};\n","import { NormalizeKeyPaths } from '@silverhand/essentials';\nimport get from 'lodash.get';\nimport * as s from 'superstruct';\n\nconst logtoErrorCodes = Object.freeze({\n id_token: {\n invalid_iat: 'Invalid issued at time in the ID token',\n invalid_token: 'Invalid ID token',\n },\n callback_uri_verification: {\n redirect_uri_mismatched: 'The callback URI mismatches the redirect URI.',\n error_found: 'Error found in the callback URI',\n missing_state: 'Missing state in the callback URI',\n state_mismatched: 'State mismatched in the callback URI',\n missing_code: 'Missing code in the callback URI',\n },\n crypto_subtle_unavailable: 'Crypto.subtle is unavailable in insecure contexts (non-HTTPS).',\n unexpected_response_error: 'Unexpected response error from the server.',\n});\n\nexport type LogtoErrorCode = NormalizeKeyPaths<typeof logtoErrorCodes>;\n\nconst getMessageByErrorCode = (errorCode: LogtoErrorCode): string => {\n // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment\n const message = get(logtoErrorCodes, errorCode);\n\n if (typeof message === 'string') {\n return message;\n }\n\n return errorCode;\n};\n\nexport class LogtoError extends Error {\n code: LogtoErrorCode;\n data: unknown;\n\n constructor(code: LogtoErrorCode, data?: unknown) {\n super(getMessageByErrorCode(code));\n this.code = code;\n this.data = data;\n }\n}\n\nexport const logtoRequestErrorSchema = s.type({\n code: s.string(),\n message: s.string(),\n});\n\nexport class LogtoRequestError extends Error {\n code: string;\n\n constructor(code: string, message: string) {\n super(message);\n this.code = code;\n }\n}\n\nexport class OidcError {\n constructor(public error: string, public errorDescription?: string) {}\n}\n","import { UrlSafeBase64 } from '@silverhand/essentials';\nimport { jwtVerify, JWTVerifyGetKey } from 'jose';\nimport * as s from 'superstruct';\n\nimport { LogtoError } from './errors';\n\nconst issuedAtTimeTolerance = 60;\n\n/**\n * @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\n */\nconst IdTokenClaimsSchema = s.type({\n iss: s.string(),\n sub: s.string(),\n aud: s.string(),\n exp: s.number(),\n iat: s.number(),\n at_hash: s.nullable(s.optional(s.string())),\n name: s.nullable(s.optional(s.string())),\n username: s.nullable(s.optional(s.string())),\n avatar: s.nullable(s.optional(s.string())),\n role_names: s.nullable(s.optional(s.array(s.string()))),\n});\n\nexport type IdTokenClaims = s.Infer<typeof IdTokenClaimsSchema>;\n\nexport const verifyIdToken = async (\n idToken: string,\n clientId: string,\n issuer: string,\n jwks: JWTVerifyGetKey\n) => {\n const result = await jwtVerify(idToken, jwks, { audience: clientId, issuer });\n\n if (Math.abs((result.payload.iat ?? 0) - Date.now() / 1000) > issuedAtTimeTolerance) {\n throw new LogtoError('id_token.invalid_iat');\n }\n};\n\nexport const decodeIdToken = (token: string): IdTokenClaims => {\n const { 1: encodedPayload } = token.split('.');\n\n if (!encodedPayload) {\n throw new LogtoError('id_token.invalid_token');\n }\n\n const json = UrlSafeBase64.decode(encodedPayload);\n const idTokenClaims: unknown = JSON.parse(json);\n s.assert(idTokenClaims, IdTokenClaimsSchema);\n\n return idTokenClaims;\n};\n","/**\n * @param originalScopes\n * @return scopes should contain all reserved scopes ( Logto requires `openid` and `offline_access` )\n */\nexport const withReservedScopes = (originalScopes?: string[]): string => {\n const uniqueScopes = new Set(['openid', 'offline_access', 'profile', ...(originalScopes ?? [])]);\n\n return Array.from(uniqueScopes).join(' ');\n};\n","import { QueryKey } from '../consts';\n\ntype SignOutUriParameters = {\n endSessionEndpoint: string;\n idToken: string;\n postLogoutRedirectUri?: string;\n};\n\nexport const generateSignOutUri = ({\n endSessionEndpoint,\n idToken,\n postLogoutRedirectUri,\n}: SignOutUriParameters) => {\n const urlSearchParameters = new URLSearchParams({ [QueryKey.IdTokenHint]: idToken });\n\n if (postLogoutRedirectUri) {\n urlSearchParameters.append(QueryKey.PostLogoutRedirectUri, postLogoutRedirectUri);\n }\n\n return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export type LogtoRequestErrorBody = {\n code: string;\n message: string;\n};\n\nexport type Requester = <T>(...args: Parameters<typeof fetch>) => Promise<T>;\n"],"names":[],"version":3,"file":"index.js.map"}
|
package/lib/module.js
CHANGED
|
@@ -1,9 +1,8 @@
|
|
|
1
1
|
import $lyZgO$camelcasekeys from "camelcase-keys";
|
|
2
|
-
import {conditional as $lyZgO$conditional, UrlSafeBase64 as $lyZgO$UrlSafeBase64
|
|
2
|
+
import {conditional as $lyZgO$conditional, UrlSafeBase64 as $lyZgO$UrlSafeBase64} from "@silverhand/essentials";
|
|
3
3
|
import $lyZgO$lodashget from "lodash.get";
|
|
4
|
-
import {fromUint8Array as $lyZgO$fromUint8Array} from "js-base64";
|
|
5
|
-
import {jwtVerify as $lyZgO$jwtVerify} from "jose";
|
|
6
4
|
import {type as $lyZgO$type, string as $lyZgO$string, number as $lyZgO$number, nullable as $lyZgO$nullable, optional as $lyZgO$optional, array as $lyZgO$array, assert as $lyZgO$assert} from "superstruct";
|
|
5
|
+
import {jwtVerify as $lyZgO$jwtVerify} from "jose";
|
|
7
6
|
|
|
8
7
|
function $parcel$exportWildcard(dest, source) {
|
|
9
8
|
Object.keys(source).forEach(function(key) {
|
|
@@ -42,36 +41,36 @@ const $5422b71ae76f21f1$export$e2e108cbe2e4f865 = {
|
|
|
42
41
|
}
|
|
43
42
|
};
|
|
44
43
|
let $5422b71ae76f21f1$export$3f2aafdd1ccae76c;
|
|
45
|
-
(function(
|
|
46
|
-
|
|
47
|
-
|
|
44
|
+
(function(TokenGrantType) {
|
|
45
|
+
TokenGrantType["AuthorizationCode"] = "authorization_code";
|
|
46
|
+
TokenGrantType["RefreshToken"] = "refresh_token";
|
|
48
47
|
})($5422b71ae76f21f1$export$3f2aafdd1ccae76c || ($5422b71ae76f21f1$export$3f2aafdd1ccae76c = {}));
|
|
49
48
|
let $5422b71ae76f21f1$export$65f63a8bc3cba53d;
|
|
50
|
-
(function(
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
49
|
+
(function(QueryKey) {
|
|
50
|
+
QueryKey["ClientId"] = "client_id";
|
|
51
|
+
QueryKey["Code"] = "code";
|
|
52
|
+
QueryKey["CodeChallenge"] = "code_challenge";
|
|
53
|
+
QueryKey["CodeChallengeMethod"] = "code_challenge_method";
|
|
54
|
+
QueryKey["CodeVerifier"] = "code_verifier";
|
|
55
|
+
QueryKey["Error"] = "error";
|
|
56
|
+
QueryKey["ErrorDescription"] = "error_description";
|
|
57
|
+
QueryKey["GrantType"] = "grant_type";
|
|
58
|
+
QueryKey["IdToken"] = "id_token";
|
|
59
|
+
QueryKey["IdTokenHint"] = "id_token_hint";
|
|
60
|
+
QueryKey["PostLogoutRedirectUri"] = "post_logout_redirect_uri";
|
|
61
|
+
QueryKey["Prompt"] = "prompt";
|
|
62
|
+
QueryKey["RedirectUri"] = "redirect_uri";
|
|
63
|
+
QueryKey["RefreshToken"] = "refresh_token";
|
|
64
|
+
QueryKey["Resource"] = "resource";
|
|
65
|
+
QueryKey["ResponseType"] = "response_type";
|
|
66
|
+
QueryKey["Scope"] = "scope";
|
|
67
|
+
QueryKey["State"] = "state";
|
|
68
|
+
QueryKey["Token"] = "token";
|
|
70
69
|
})($5422b71ae76f21f1$export$65f63a8bc3cba53d || ($5422b71ae76f21f1$export$65f63a8bc3cba53d = {}));
|
|
71
70
|
let $5422b71ae76f21f1$export$83716a4aa1642908;
|
|
72
|
-
(function(
|
|
73
|
-
|
|
74
|
-
|
|
71
|
+
(function(Prompt) {
|
|
72
|
+
Prompt["Consent"] = "consent";
|
|
73
|
+
Prompt["Login"] = "login";
|
|
75
74
|
})($5422b71ae76f21f1$export$83716a4aa1642908 || ($5422b71ae76f21f1$export$83716a4aa1642908 = {}));
|
|
76
75
|
|
|
77
76
|
|
|
@@ -143,28 +142,27 @@ $parcel$export($2cac19d9fad63bff$exports, "verifyAndParseCodeFromCallbackUri", (
|
|
|
143
142
|
var $ab66c74b65acc6a3$exports = {};
|
|
144
143
|
|
|
145
144
|
$parcel$export($ab66c74b65acc6a3$exports, "LogtoError", () => $ab66c74b65acc6a3$export$ba60d77e6748b659);
|
|
145
|
+
$parcel$export($ab66c74b65acc6a3$exports, "logtoRequestErrorSchema", () => $ab66c74b65acc6a3$export$cccd51a00718f001);
|
|
146
146
|
$parcel$export($ab66c74b65acc6a3$exports, "LogtoRequestError", () => $ab66c74b65acc6a3$export$e6e15b8ba42b9b70);
|
|
147
147
|
$parcel$export($ab66c74b65acc6a3$exports, "OidcError", () => $ab66c74b65acc6a3$export$d4832bcf9ce430e0);
|
|
148
148
|
|
|
149
|
+
|
|
149
150
|
const $ab66c74b65acc6a3$var$logtoErrorCodes = Object.freeze({
|
|
150
151
|
id_token: {
|
|
151
|
-
invalid_iat: "Invalid issued at time",
|
|
152
|
-
invalid_token: "Invalid token"
|
|
152
|
+
invalid_iat: "Invalid issued at time in the ID token",
|
|
153
|
+
invalid_token: "Invalid ID token"
|
|
153
154
|
},
|
|
154
155
|
callback_uri_verification: {
|
|
155
|
-
redirect_uri_mismatched: "
|
|
156
|
-
error_found: "Error found",
|
|
157
|
-
missing_state: "Missing state",
|
|
158
|
-
state_mismatched: "State mismatched",
|
|
159
|
-
missing_code: "Missing code"
|
|
156
|
+
redirect_uri_mismatched: "The callback URI mismatches the redirect URI.",
|
|
157
|
+
error_found: "Error found in the callback URI",
|
|
158
|
+
missing_state: "Missing state in the callback URI",
|
|
159
|
+
state_mismatched: "State mismatched in the callback URI",
|
|
160
|
+
missing_code: "Missing code in the callback URI"
|
|
160
161
|
},
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
},
|
|
164
|
-
crypto_subtle_unavailable: "Crypto.subtle is unavailable in insecure contexts (non-HTTPS)."
|
|
162
|
+
crypto_subtle_unavailable: "Crypto.subtle is unavailable in insecure contexts (non-HTTPS).",
|
|
163
|
+
unexpected_response_error: "Unexpected response error from the server."
|
|
165
164
|
});
|
|
166
165
|
const $ab66c74b65acc6a3$var$getMessageByErrorCode = (errorCode)=>{
|
|
167
|
-
// TODO: linear issue LOG-1419
|
|
168
166
|
// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
|
|
169
167
|
const message = (0, $lyZgO$lodashget)($ab66c74b65acc6a3$var$logtoErrorCodes, errorCode);
|
|
170
168
|
if (typeof message === "string") return message;
|
|
@@ -177,6 +175,10 @@ class $ab66c74b65acc6a3$export$ba60d77e6748b659 extends Error {
|
|
|
177
175
|
this.data = data;
|
|
178
176
|
}
|
|
179
177
|
}
|
|
178
|
+
const $ab66c74b65acc6a3$export$cccd51a00718f001 = $lyZgO$type({
|
|
179
|
+
code: $lyZgO$string(),
|
|
180
|
+
message: $lyZgO$string()
|
|
181
|
+
});
|
|
180
182
|
class $ab66c74b65acc6a3$export$e6e15b8ba42b9b70 extends Error {
|
|
181
183
|
constructor(code, message){
|
|
182
184
|
super(message);
|
|
@@ -211,31 +213,6 @@ const $2cac19d9fad63bff$export$dc3fae3c99763885 = (callbackUri, redirectUri, sta
|
|
|
211
213
|
|
|
212
214
|
|
|
213
215
|
|
|
214
|
-
var $2c86a16eb0b4362d$exports = {};
|
|
215
|
-
|
|
216
|
-
$parcel$export($2c86a16eb0b4362d$exports, "generateState", () => $2c86a16eb0b4362d$export$9ccd2716e53a229b);
|
|
217
|
-
$parcel$export($2c86a16eb0b4362d$exports, "generateCodeVerifier", () => $2c86a16eb0b4362d$export$cf1891f923f5943a);
|
|
218
|
-
$parcel$export($2c86a16eb0b4362d$exports, "generateCodeChallenge", () => $2c86a16eb0b4362d$export$414b01b1f867308a);
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
/**
|
|
222
|
-
* @param length The length of the raw random data.
|
|
223
|
-
*/ const $2c86a16eb0b4362d$var$generateRandomString = (length = 64)=>(0, $lyZgO$fromUint8Array)(crypto.getRandomValues(new Uint8Array(length)), true);
|
|
224
|
-
const $2c86a16eb0b4362d$export$9ccd2716e53a229b = ()=>$2c86a16eb0b4362d$var$generateRandomString();
|
|
225
|
-
const $2c86a16eb0b4362d$export$cf1891f923f5943a = ()=>$2c86a16eb0b4362d$var$generateRandomString();
|
|
226
|
-
const $2c86a16eb0b4362d$export$414b01b1f867308a = async (codeVerifier)=>{
|
|
227
|
-
// eslint-disable-next-line @typescript-eslint/no-unnecessary-condition
|
|
228
|
-
if (crypto.subtle === undefined) /**
|
|
229
|
-
* `crypto.subtle` is available only in secure contexts (HTTPS) in some or all supporting browsers,
|
|
230
|
-
* https://developer.mozilla.org/en-US/docs/Web/API/Crypto/subtle
|
|
231
|
-
* https://www.chromium.org/blink/webcrypto/#accessing-it
|
|
232
|
-
*/ throw new (0, $ab66c74b65acc6a3$export$ba60d77e6748b659)("crypto_subtle_unavailable");
|
|
233
|
-
const encodedCodeVerifier = new TextEncoder().encode(codeVerifier);
|
|
234
|
-
const codeChallenge = new Uint8Array(await crypto.subtle.digest("SHA-256", encodedCodeVerifier));
|
|
235
|
-
return (0, $lyZgO$fromUint8Array)(codeChallenge, true);
|
|
236
|
-
};
|
|
237
|
-
|
|
238
|
-
|
|
239
216
|
var $dfd50234d3585f12$exports = {};
|
|
240
217
|
|
|
241
218
|
$parcel$export($dfd50234d3585f12$exports, "verifyIdToken", () => $dfd50234d3585f12$export$b5b3317c8aecbcd5);
|
|
@@ -276,25 +253,6 @@ const $dfd50234d3585f12$export$aac2d5b7f5cd16d5 = (token)=>{
|
|
|
276
253
|
};
|
|
277
254
|
|
|
278
255
|
|
|
279
|
-
var $637ac5b03d2b1bab$exports = {};
|
|
280
|
-
|
|
281
|
-
$parcel$export($637ac5b03d2b1bab$exports, "createRequester", () => $637ac5b03d2b1bab$export$8d54726fdbf08e0a);
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
const $637ac5b03d2b1bab$export$8d54726fdbf08e0a = (fetchFunction)=>{
|
|
285
|
-
if (!fetchFunction && (0, $lyZgO$isNode)()) throw new (0, $ab66c74b65acc6a3$export$ba60d77e6748b659)("requester.not_provide_fetch");
|
|
286
|
-
return async (...args)=>{
|
|
287
|
-
const response = await (fetchFunction ?? fetch)(...args);
|
|
288
|
-
if (!response.ok) {
|
|
289
|
-
// Expected request error from server
|
|
290
|
-
const { code: code , message: message } = await response.json();
|
|
291
|
-
throw new (0, $ab66c74b65acc6a3$export$e6e15b8ba42b9b70)(code, message);
|
|
292
|
-
}
|
|
293
|
-
return response.json();
|
|
294
|
-
};
|
|
295
|
-
};
|
|
296
|
-
|
|
297
|
-
|
|
298
256
|
var $570e2e6b31a027ff$exports = {};
|
|
299
257
|
|
|
300
258
|
$parcel$export($570e2e6b31a027ff$exports, "withReservedScopes", () => $570e2e6b31a027ff$export$887ed125f549a57);
|
|
@@ -311,9 +269,7 @@ const $570e2e6b31a027ff$export$887ed125f549a57 = (originalScopes)=>{
|
|
|
311
269
|
|
|
312
270
|
$parcel$exportWildcard($40555044b252dc61$exports, $2cac19d9fad63bff$exports);
|
|
313
271
|
$parcel$exportWildcard($40555044b252dc61$exports, $ab66c74b65acc6a3$exports);
|
|
314
|
-
$parcel$exportWildcard($40555044b252dc61$exports, $2c86a16eb0b4362d$exports);
|
|
315
272
|
$parcel$exportWildcard($40555044b252dc61$exports, $dfd50234d3585f12$exports);
|
|
316
|
-
$parcel$exportWildcard($40555044b252dc61$exports, $637ac5b03d2b1bab$exports);
|
|
317
273
|
$parcel$exportWildcard($40555044b252dc61$exports, $570e2e6b31a027ff$exports);
|
|
318
274
|
|
|
319
275
|
|
|
@@ -357,7 +313,10 @@ $parcel$exportWildcard($1eda3e9ea5865065$exports, $fcccd93c698efc4f$exports);
|
|
|
357
313
|
|
|
358
314
|
|
|
359
315
|
|
|
316
|
+
var $be59ab5b66bc1c36$exports = {};
|
|
317
|
+
|
|
318
|
+
|
|
360
319
|
|
|
361
320
|
|
|
362
|
-
export {$ce6f2a62716522ae$export$684f740cd70532d4 as fetchTokenByAuthorizationCode, $ce6f2a62716522ae$export$9909137b467efb8b as fetchTokenByRefreshToken, $eefdbfea5ec3abd9$export$815bda5ead26b243 as discoveryPath, $eefdbfea5ec3abd9$export$98242d8e822ad11f as fetchOidcConfig, $7397ba7739ada584$export$573f8dbbf6fbef75 as revoke, $bfba480b8ff41607$export$b01a187f12b774c6 as generateSignInUri, $fcccd93c698efc4f$export$b3c9a2bd2330de28 as generateSignOutUri, $2cac19d9fad63bff$export$4851e69315d5b72c as parseUriParameters, $2cac19d9fad63bff$export$dc3fae3c99763885 as verifyAndParseCodeFromCallbackUri, $ab66c74b65acc6a3$export$ba60d77e6748b659 as LogtoError, $ab66c74b65acc6a3$export$
|
|
321
|
+
export {$ce6f2a62716522ae$export$684f740cd70532d4 as fetchTokenByAuthorizationCode, $ce6f2a62716522ae$export$9909137b467efb8b as fetchTokenByRefreshToken, $eefdbfea5ec3abd9$export$815bda5ead26b243 as discoveryPath, $eefdbfea5ec3abd9$export$98242d8e822ad11f as fetchOidcConfig, $7397ba7739ada584$export$573f8dbbf6fbef75 as revoke, $bfba480b8ff41607$export$b01a187f12b774c6 as generateSignInUri, $fcccd93c698efc4f$export$b3c9a2bd2330de28 as generateSignOutUri, $2cac19d9fad63bff$export$4851e69315d5b72c as parseUriParameters, $2cac19d9fad63bff$export$dc3fae3c99763885 as verifyAndParseCodeFromCallbackUri, $ab66c74b65acc6a3$export$ba60d77e6748b659 as LogtoError, $ab66c74b65acc6a3$export$cccd51a00718f001 as logtoRequestErrorSchema, $ab66c74b65acc6a3$export$e6e15b8ba42b9b70 as LogtoRequestError, $ab66c74b65acc6a3$export$d4832bcf9ce430e0 as OidcError, $dfd50234d3585f12$export$b5b3317c8aecbcd5 as verifyIdToken, $dfd50234d3585f12$export$aac2d5b7f5cd16d5 as decodeIdToken, $570e2e6b31a027ff$export$887ed125f549a57 as withReservedScopes, $5422b71ae76f21f1$export$e2e108cbe2e4f865 as ContentType, $5422b71ae76f21f1$export$3f2aafdd1ccae76c as TokenGrantType, $5422b71ae76f21f1$export$65f63a8bc3cba53d as QueryKey, $5422b71ae76f21f1$export$83716a4aa1642908 as Prompt};
|
|
363
322
|
//# sourceMappingURL=module.js.map
|
package/lib/module.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AEAA;;;;;;;ACAO,MAAM,yCAAW,GAAG;IACzB,cAAc,EAAE;QAAE,cAAc,EAAE,mCAAmC;KAAE;CACxE,AAAC;IAEK,yCAGN;UAHW,eAAc;IAAd,eAAc,CACxB,mBAAiB,IAAG,oBAAoB;IAD9B,eAAc,CAExB,cAAY,IAAG,eAAe;GAFpB,yCAAc,KAAd,yCAAc;IAKnB,yCAoBN;UApBW,SAAQ;IAAR,SAAQ,CAClB,UAAQ,IAAG,WAAW;IADZ,SAAQ,CAElB,MAAI,IAAG,MAAM;IAFH,SAAQ,CAGlB,eAAa,IAAG,gBAAgB;IAHtB,SAAQ,CAIlB,qBAAmB,IAAG,uBAAuB;IAJnC,SAAQ,CAKlB,cAAY,IAAG,eAAe;IALpB,SAAQ,CAMlB,OAAK,IAAG,OAAO;IANL,SAAQ,CAOlB,kBAAgB,IAAG,mBAAmB;IAP5B,SAAQ,CAQlB,WAAS,IAAG,YAAY;IARd,SAAQ,CASlB,SAAO,IAAG,UAAU;IATV,SAAQ,CAUlB,aAAW,IAAG,eAAe;IAVnB,SAAQ,CAWlB,uBAAqB,IAAG,0BAA0B;IAXxC,SAAQ,CAYlB,QAAM,IAAG,QAAQ;IAZP,SAAQ,CAalB,aAAW,IAAG,cAAc;IAblB,SAAQ,CAclB,cAAY,IAAG,eAAe;IAdpB,SAAQ,CAelB,UAAQ,IAAG,UAAU;IAfX,SAAQ,CAgBlB,cAAY,IAAG,eAAe;IAhBpB,SAAQ,CAiBlB,OAAK,IAAG,OAAO;IAjBL,SAAQ,CAkBlB,OAAK,IAAG,OAAO;IAlBL,SAAQ,CAmBlB,OAAK,IAAG,OAAO;GAnBL,yCAAQ,KAAR,yCAAQ;IAsBb,yCAGN;UAHW,OAAM;IAAN,OAAM,CAChB,SAAO,IAAG,SAAS;IADT,OAAM,CAEhB,OAAK,IAAG,OAAO;GAFL,yCAAM,KAAN,yCAAM;;;ADYX,MAAM,yCAA6B,GAAG,OAC3C,YACE,QAAQ,CAAA,iBACR,aAAa,CAAA,eACb,WAAW,CAAA,gBACX,YAAY,CAAA,QACZ,IAAI,CAAA,YACJ,QAAQ,CAAA,EACgC,EAC1C,SAAoB,GACW;IAC/B,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACvC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACrD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,iBAAiB,CAAC,CAAC;IAExE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,MAAM,0BAA0B,GAAG,MAAM,SAAS,CAA6B,aAAa,EAAE;QAC5F,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CAAC,AAAC;IAEH,OAAO,CAAA,GAAA,oBAAa,CAAA,CAAC,0BAA0B,CAAC,CAAC;CAClD,AAAC;AAEK,MAAM,yCAAwB,GAAG,OACtC,YAAE,QAAQ,CAAA,iBAAE,aAAa,CAAA,gBAAE,YAAY,CAAA,YAAE,QAAQ,CAAA,UAAE,MAAM,CAAA,EAAsC,EAC/F,SAAoB,GACmB;IACvC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,YAAY,CAAC,CAAC;IAEnE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,IAAI,MAAM,EAAE,MAAM,EAChB,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAGtD,MAAM,kCAAkC,GAAG,MAAM,SAAS,CACxD,aAAa,EACb;QACE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CACF,AAAC;IAEF,OAAO,CAAA,GAAA,oBAAa,CAAA,CAAC,kCAAkC,CAAC,CAAC;CAC1D,AAAC;;ADrGF;;;;;AGAA;AAcO,MAAM,yCAAa,GAAG,wCAAwC,AAAC;AAI/D,MAAM,yCAAe,GAAG,OAC7B,QAAgB,EAChB,SAAoB,GAEpB,CAAA,GAAA,oBAAa,CAAA,CAAC,MAAM,SAAS,CAA8B,QAAQ,CAAC,CAAC,AAAC;;;;;;ACtBxE;AAGO,MAAM,yCAAM,GAAG,OACpB,kBAA0B,EAC1B,QAAgB,EAChB,KAAa,EACb,SAAoB,GAEpB,SAAS,CAAO,kBAAkB,EAAE;QAClC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,IAAI,eAAe,CAAC;YACxB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;YAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;SACxB,CAAC;KACH,CAAC,AAAC;;;;;;AChBL;;;;;;AEAA;;;;;;;ACAA;AAGA,MAAM,qCAAe,GAAG,MAAM,CAAC,MAAM,CAAC;IACpC,QAAQ,EAAE;QACR,WAAW,EAAE,wBAAwB;QACrC,aAAa,EAAE,eAAe;KAC/B;IACD,yBAAyB,EAAE;QACzB,uBAAuB,EAAE,yBAAyB;QAClD,WAAW,EAAE,aAAa;QAC1B,aAAa,EAAE,eAAe;QAC9B,gBAAgB,EAAE,kBAAkB;QACpC,YAAY,EAAE,cAAc;KAC7B;IACD,SAAS,EAAE;QACT,iBAAiB,EAAE,+CAA+C;KACnE;IACD,yBAAyB,EAAE,gEAAgE;CAC5F,CAAC,AAAC;AAIH,MAAM,2CAAqB,GAAG,CAAC,SAAyB,GAAa;IACnE,8BAA8B;IAC9B,mEAAmE;IACnE,MAAM,OAAO,GAAG,CAAA,GAAA,gBAAG,CAAA,CAAC,qCAAe,EAAE,SAAS,CAAC,AAAC;IAEhD,IAAI,OAAO,OAAO,KAAK,QAAQ,EAC7B,OAAO,OAAO,CAAC;IAGjB,OAAO,SAAS,CAAC;CAClB,AAAC;AAEK,MAAM,yCAAU,SAAS,KAAK;IAInC,YAAY,IAAoB,EAAE,IAAc,CAAE;QAChD,KAAK,CAAC,2CAAqB,CAAC,IAAI,CAAC,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAiB,SAAS,KAAK;IAG1C,YAAY,IAAY,EAAE,OAAe,CAAE;QACzC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAS;IAIpB,YAAY,KAAa,EAAE,gBAAyB,CAAE;QACpD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;KAC1C;CACF;;;AD1DM,MAAM,yCAAkB,GAAG,CAAC,GAAW,GAAK;IACjD,MAAM,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE5C,OAAO,IAAI,eAAe,CAAC,WAAW,CAAC,CAAC;CACzC,AAAC;AAGK,MAAM,yCAAiC,GAAG,CAC/C,WAAmB,EACnB,WAAmB,EACnB,KAAa,GACV;IACH,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,WAAW,CAAC,EACtC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,mDAAmD,CAAC,CAAC;IAE5E,MAAM,aAAa,GAAG,yCAAkB,CAAC,WAAW,CAAC,AAAC;IAEtD,MAAM,KAAK,GAAG,CAAA,GAAA,kBAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,CAAC,AAAC;IAC7D,MAAM,gBAAgB,GAAG,CAAA,GAAA,kBAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,gBAAgB,CAAC,CAAC,AAAC;IAEnF,IAAI,KAAK,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAClB,uCAAuC,EACvC,IAAI,CAAA,GAAA,yCAAS,CAAA,CAAC,KAAK,EAAE,gBAAgB,CAAC,CACvC,CAAC;IAGJ,MAAM,oBAAoB,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,AAAC;IAE/D,IAAI,CAAC,oBAAoB,EACvB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,yCAAyC,CAAC,CAAC;IAGlE,IAAI,oBAAoB,KAAK,KAAK,EAChC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,4CAA4C,CAAC,CAAC;IAGrE,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,CAAC,AAAC;IAE9C,IAAI,CAAC,IAAI,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wCAAwC,CAAC,CAAC;IAGjE,OAAO,IAAI,CAAC;CACb,AAAC;;ADjDF;;;;;;;AGEA;;AAIA;;GAEG,CACH,MAAM,0CAAoB,GAAG,CAAC,MAAM,GAAG,EAAE,GACvC,CAAA,GAAA,qBAAc,CAAA,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,AAAC;AAKhE,MAAM,yCAAa,GAAG,IAAM,0CAAoB,EAAE,AAAC;AAOnD,MAAM,yCAAoB,GAAG,IAAM,0CAAoB,EAAE,AAAC;AAQ1D,MAAM,yCAAqB,GAAG,OAAO,YAAoB,GAAsB;IACpF,uEAAuE;IACvE,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,EAC7B;;;;OAIG,CACH,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,2BAA2B,CAAC,CAAC;IAGpD,MAAM,mBAAmB,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,AAAC;IACnE,MAAM,aAAa,GAAG,IAAI,UAAU,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,mBAAmB,CAAC,CAAC,AAAC;IAEjG,OAAO,CAAA,GAAA,qBAAc,CAAA,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;CAC5C,AAAC;;;;;;;AC7CF;;;;AAMA,MAAM,2CAAqB,GAAG,EAAE,AAAC;AAEjC;;GAEG,CACH,MAAM,yCAAmB,GAAG,WAAM,CAAC;IACjC,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,OAAO,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IAC3C,IAAI,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IACxC,QAAQ,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IAC5C,MAAM,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IAC1C,UAAU,EAAE,eAAU,CAAC,eAAU,CAAC,YAAO,CAAC,aAAQ,EAAE,CAAC,CAAC,CAAC;CACxD,CAAC,AAAC;AAII,MAAM,yCAAa,GAAG,OAC3B,OAAe,EACf,QAAgB,EAChB,MAAc,EACd,IAAqB,GAClB;IACH,MAAM,MAAM,GAAG,MAAM,CAAA,GAAA,gBAAS,CAAA,CAAC,OAAO,EAAE,IAAI,EAAE;QAAE,QAAQ,EAAE,QAAQ;gBAAE,MAAM;KAAE,CAAC,AAAC;IAE9E,IAAI,IAAI,CAAC,GAAG,CAAC,AAAC,CAAA,MAAM,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAA,GAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,2CAAqB,EACjF,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,sBAAsB,CAAC,CAAC;CAEhD,AAAC;AAEK,MAAM,yCAAa,GAAG,CAAC,KAAa,GAAoB;IAC7D,MAAM,EAAE,CAAC,EAAE,cAAc,CAAA,EAAE,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE/C,IAAI,CAAC,cAAc,EACjB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wBAAwB,CAAC,CAAC;IAGjD,MAAM,IAAI,GAAG,CAAA,GAAA,oBAAa,CAAA,CAAC,MAAM,CAAC,cAAc,CAAC,AAAC;IAClD,MAAM,aAAa,GAAY,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,AAAC;IAChD,aAAQ,CAAC,aAAa,EAAE,yCAAmB,CAAC,CAAC;IAE7C,OAAO,aAAa,CAAC;CACtB,AAAC;;;;;;ACnDF;;AASO,MAAM,yCAAe,GAAG,CAAC,aAA4B,GAAK;IAC/D,IAAI,CAAC,aAAa,IAAI,CAAA,GAAA,aAAM,CAAA,EAAE,EAC5B,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,6BAA6B,CAAC,CAAC;IAGtD,OAAO,OAAU,GAAG,IAAI,AAA0B,GAAiB;QACjE,MAAM,QAAQ,GAAG,MAAM,AAAC,CAAA,aAAa,IAAI,KAAK,CAAA,IAAK,IAAI,CAAC,AAAC;QAEzD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE;YAChB,qCAAqC;YACrC,MAAM,QAAE,IAAI,CAAA,WAAE,OAAO,CAAA,EAAE,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAyB,AAAC;YACvE,MAAM,IAAI,CAAA,GAAA,yCAAiB,CAAA,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;SAC5C;QAED,OAAO,QAAQ,CAAC,IAAI,EAAK,CAAC;KAC3B,CAAC;CACH,AAAC;;;;;;ACrBK,MAAM,wCAAkB,GAAG,CAAC,cAAyB,GAAa;IACvE,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC;QAAC,QAAQ;QAAE,gBAAgB;QAAE,SAAS;WAAM,cAAc,IAAI,EAAE;KAAE,CAAC,AAAC;IAEjG,OAAO,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;CAC3C,AAAC;;;;;;;;;;;APLF,MAAM,yCAAmB,GAAG,MAAM,AAAC;AACnC,MAAM,kCAAY,GAAG,MAAM,AAAC;AAarB,MAAM,yCAAiB,GAAG,CAAC,yBAChC,qBAAqB,CAAA,YACrB,QAAQ,CAAA,eACR,WAAW,CAAA,iBACX,aAAa,CAAA,SACb,KAAK,CAAA,UACL,MAAM,CAAA,aACN,SAAS,CAAA,UACT,MAAM,CAAA,EACc,GAAK;IACzB,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAC9C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;QAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,WAAW;QACnC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,aAAa,CAAC,EAAE,aAAa;QACvC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,mBAAmB,CAAC,EAAE,yCAAmB;QACnD,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;QACvB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,CAAC,EAAE,kCAAY;QACrC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,MAAM,CAAC,EAAE,MAAM,IAAI,CAAA,GAAA,yCAAM,CAAA,CAAC,OAAO;QAC3C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,CAAA,GAAA,wCAAkB,CAAA,CAAC,MAAM,CAAC;KAC7C,CAAC,AAAC;IAEH,KAAK,MAAM,QAAQ,IAAI,SAAS,IAAI,EAAE,CACpC,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAG1D,OAAO,CAAC,EAAE,qBAAqB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CACrE,AAAC;;;;;;AQ3CF;AAQO,MAAM,yCAAkB,GAAG,CAAC,sBACjC,kBAAkB,CAAA,WAClB,OAAO,CAAA,yBACP,qBAAqB,CAAA,EACA,GAAK;IAC1B,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAAE,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,OAAO;KAAE,CAAC,AAAC;IAErF,IAAI,qBAAqB,EACvB,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,qBAAqB,EAAE,qBAAqB,CAAC,CAAC;IAGpF,OAAO,CAAC,EAAE,kBAAkB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CAClE,AAAC;;;;;;;;;AdnBF","sources":["packages/js/src/index.ts","packages/js/src/core/index.ts","packages/js/src/core/fetch-token.ts","packages/js/src/consts/index.ts","packages/js/src/core/oidc-config.ts","packages/js/src/core/revoke.ts","packages/js/src/core/sign-in.ts","packages/js/src/utils/index.ts","packages/js/src/utils/callback-uri.ts","packages/js/src/utils/errors.ts","packages/js/src/utils/generators.ts","packages/js/src/utils/id-token.ts","packages/js/src/utils/requester.ts","packages/js/src/utils/scopes.ts","packages/js/src/core/sign-out.ts"],"sourcesContent":["/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\n","export * from './fetch-token';\nexport * from './oidc-config';\nexport * from './revoke';\nexport * from './sign-in';\nexport * from './sign-out';\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { ContentType, QueryKey, TokenGrantType } from '../consts';\nimport { Requester } from '../utils';\n\nexport type FetchTokenByAuthorizationCodeParameters = {\n clientId: string;\n tokenEndpoint: string;\n redirectUri: string;\n codeVerifier: string;\n code: string;\n resource?: string;\n};\n\nexport type FetchTokenByRefreshTokenParameters = {\n clientId: string;\n tokenEndpoint: string;\n refreshToken: string;\n resource?: string;\n scopes?: string[];\n};\n\ntype SnakeCaseCodeTokenResponse = {\n access_token: string;\n refresh_token?: string;\n id_token: string;\n scope: string;\n expires_in: number;\n};\n\nexport type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;\n\ntype SnakeCaseRefreshTokenTokenResponse = {\n access_token: string;\n refresh_token: string;\n id_token?: string;\n scope: string;\n expires_in: number;\n};\n\nexport type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;\n\nexport const fetchTokenByAuthorizationCode = async (\n {\n clientId,\n tokenEndpoint,\n redirectUri,\n codeVerifier,\n code,\n resource,\n }: FetchTokenByAuthorizationCodeParameters,\n requester: Requester\n): Promise<CodeTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.Code, code);\n parameters.append(QueryKey.CodeVerifier, codeVerifier);\n parameters.append(QueryKey.RedirectUri, redirectUri);\n parameters.append(QueryKey.GrantType, TokenGrantType.AuthorizationCode);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n const snakeCaseCodeTokenResponse = await requester<SnakeCaseCodeTokenResponse>(tokenEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n });\n\n return camelcaseKeys(snakeCaseCodeTokenResponse);\n};\n\nexport const fetchTokenByRefreshToken = async (\n { clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters,\n requester: Requester\n): Promise<RefreshTokenTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.RefreshToken, refreshToken);\n parameters.append(QueryKey.GrantType, TokenGrantType.RefreshToken);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n if (scopes?.length) {\n parameters.append(QueryKey.Scope, scopes.join(' '));\n }\n\n const snakeCaseRefreshTokenTokenResponse = await requester<SnakeCaseRefreshTokenTokenResponse>(\n tokenEndpoint,\n {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n }\n );\n\n return camelcaseKeys(snakeCaseRefreshTokenTokenResponse);\n};\n","export const ContentType = {\n formUrlEncoded: { 'Content-Type': 'application/x-www-form-urlencoded' },\n};\n\nexport enum TokenGrantType {\n AuthorizationCode = 'authorization_code',\n RefreshToken = 'refresh_token',\n}\n\nexport enum QueryKey {\n ClientId = 'client_id',\n Code = 'code',\n CodeChallenge = 'code_challenge',\n CodeChallengeMethod = 'code_challenge_method',\n CodeVerifier = 'code_verifier',\n Error = 'error',\n ErrorDescription = 'error_description',\n GrantType = 'grant_type',\n IdToken = 'id_token',\n IdTokenHint = 'id_token_hint',\n PostLogoutRedirectUri = 'post_logout_redirect_uri',\n Prompt = 'prompt',\n RedirectUri = 'redirect_uri',\n RefreshToken = 'refresh_token',\n Resource = 'resource',\n ResponseType = 'response_type',\n Scope = 'scope',\n State = 'state',\n Token = 'token',\n}\n\nexport enum Prompt {\n Consent = 'consent',\n Login = 'login',\n}\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { Requester } from '../utils';\n\ntype OidcConfigSnakeCaseResponse = {\n authorization_endpoint: string;\n token_endpoint: string;\n end_session_endpoint: string;\n revocation_endpoint: string;\n jwks_uri: string;\n issuer: string;\n};\n\nexport const discoveryPath = '/oidc/.well-known/openid-configuration';\n\nexport type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;\n\nexport const fetchOidcConfig = async (\n endpoint: string,\n requester: Requester\n): Promise<OidcConfigResponse> =>\n camelcaseKeys(await requester<OidcConfigSnakeCaseResponse>(endpoint));\n","import { ContentType, QueryKey } from '../consts';\nimport { Requester } from '../utils';\n\nexport const revoke = async (\n revocationEndpoint: string,\n clientId: string,\n token: string,\n requester: Requester\n): Promise<void> =>\n requester<void>(revocationEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.Token]: token,\n }),\n });\n","import { Prompt, QueryKey } from '../consts';\nimport { withReservedScopes } from '../utils';\n\nconst codeChallengeMethod = 'S256';\nconst responseType = 'code';\n\nexport type SignInUriParameters = {\n authorizationEndpoint: string;\n clientId: string;\n redirectUri: string;\n codeChallenge: string;\n state: string;\n scopes?: string[];\n resources?: string[];\n prompt?: Prompt;\n};\n\nexport const generateSignInUri = ({\n authorizationEndpoint,\n clientId,\n redirectUri,\n codeChallenge,\n state,\n scopes,\n resources,\n prompt,\n}: SignInUriParameters) => {\n const urlSearchParameters = new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.RedirectUri]: redirectUri,\n [QueryKey.CodeChallenge]: codeChallenge,\n [QueryKey.CodeChallengeMethod]: codeChallengeMethod,\n [QueryKey.State]: state,\n [QueryKey.ResponseType]: responseType,\n [QueryKey.Prompt]: prompt ?? Prompt.Consent,\n [QueryKey.Scope]: withReservedScopes(scopes),\n });\n\n for (const resource of resources ?? []) {\n urlSearchParameters.append(QueryKey.Resource, resource);\n }\n\n return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export * from './callback-uri';\nexport * from './errors';\nexport * from './generators';\nexport * from './id-token';\nexport * from './requester';\nexport * from './scopes';\n","import { conditional } from '@silverhand/essentials';\n\nimport { QueryKey } from '../consts';\nimport { LogtoError, OidcError } from './errors';\n\nexport const parseUriParameters = (uri: string) => {\n const [, queryString = ''] = uri.split('?');\n\n return new URLSearchParams(queryString);\n};\n\n// eslint-disable-next-line complexity\nexport const verifyAndParseCodeFromCallbackUri = (\n callbackUri: string,\n redirectUri: string,\n state: string\n) => {\n if (!callbackUri.startsWith(redirectUri)) {\n throw new LogtoError('callback_uri_verification.redirect_uri_mismatched');\n }\n const uriParameters = parseUriParameters(callbackUri);\n\n const error = conditional(uriParameters.get(QueryKey.Error));\n const errorDescription = conditional(uriParameters.get(QueryKey.ErrorDescription));\n\n if (error) {\n throw new LogtoError(\n 'callback_uri_verification.error_found',\n new OidcError(error, errorDescription)\n );\n }\n\n const stateFromCallbackUri = uriParameters.get(QueryKey.State);\n\n if (!stateFromCallbackUri) {\n throw new LogtoError('callback_uri_verification.missing_state');\n }\n\n if (stateFromCallbackUri !== state) {\n throw new LogtoError('callback_uri_verification.state_mismatched');\n }\n\n const code = uriParameters.get(QueryKey.Code);\n\n if (!code) {\n throw new LogtoError('callback_uri_verification.missing_code');\n }\n\n return code;\n};\n","import { NormalizeKeyPaths } from '@silverhand/essentials';\nimport get from 'lodash.get';\n\nconst logtoErrorCodes = Object.freeze({\n id_token: {\n invalid_iat: 'Invalid issued at time',\n invalid_token: 'Invalid token',\n },\n callback_uri_verification: {\n redirect_uri_mismatched: 'Redirect URI mismatched',\n error_found: 'Error found',\n missing_state: 'Missing state',\n state_mismatched: 'State mismatched',\n missing_code: 'Missing code',\n },\n requester: {\n not_provide_fetch: 'Should provide a fetch function under Node.js',\n },\n crypto_subtle_unavailable: 'Crypto.subtle is unavailable in insecure contexts (non-HTTPS).',\n});\n\nexport type LogtoErrorCode = NormalizeKeyPaths<typeof logtoErrorCodes>;\n\nconst getMessageByErrorCode = (errorCode: LogtoErrorCode): string => {\n // TODO: linear issue LOG-1419\n // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment\n const message = get(logtoErrorCodes, errorCode);\n\n if (typeof message === 'string') {\n return message;\n }\n\n return errorCode;\n};\n\nexport class LogtoError extends Error {\n code: LogtoErrorCode;\n data: unknown;\n\n constructor(code: LogtoErrorCode, data?: unknown) {\n super(getMessageByErrorCode(code));\n this.code = code;\n this.data = data;\n }\n}\n\nexport class LogtoRequestError extends Error {\n code: string;\n\n constructor(code: string, message: string) {\n super(message);\n this.code = code;\n }\n}\n\nexport class OidcError {\n error: string;\n errorDescription?: string;\n\n constructor(error: string, errorDescription?: string) {\n this.error = error;\n this.errorDescription = errorDescription;\n }\n}\n","/** @link [Proof Key for Code Exchange by OAuth Public Clients](https://datatracker.ietf.org/doc/html/rfc7636) */\n\nimport { fromUint8Array } from 'js-base64';\n\nimport { LogtoError } from './errors';\n\n/**\n * @param length The length of the raw random data.\n */\nconst generateRandomString = (length = 64) =>\n fromUint8Array(crypto.getRandomValues(new Uint8Array(length)), true);\n\n/**\n * Generates random string for state and encodes them in url safe base64\n */\nexport const generateState = () => generateRandomString();\n\n/**\n * Generates code verifier\n *\n * @link [Client Creates a Code Verifier](https://datatracker.ietf.org/doc/html/rfc7636#section-4.1)\n */\nexport const generateCodeVerifier = () => generateRandomString();\n\n/**\n * Calculates the S256 PKCE code challenge for an arbitrary code verifier and encodes it in url safe base64\n *\n * @param {String} codeVerifier Code verifier to calculate the S256 code challenge for\n * @link [Client Creates the Code Challenge](https://datatracker.ietf.org/doc/html/rfc7636#section-4.2)\n */\nexport const generateCodeChallenge = async (codeVerifier: string): Promise<string> => {\n // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\n if (crypto.subtle === undefined) {\n /**\n * `crypto.subtle` is available only in secure contexts (HTTPS) in some or all supporting browsers,\n * https://developer.mozilla.org/en-US/docs/Web/API/Crypto/subtle\n * https://www.chromium.org/blink/webcrypto/#accessing-it\n */\n throw new LogtoError('crypto_subtle_unavailable');\n }\n\n const encodedCodeVerifier = new TextEncoder().encode(codeVerifier);\n const codeChallenge = new Uint8Array(await crypto.subtle.digest('SHA-256', encodedCodeVerifier));\n\n return fromUint8Array(codeChallenge, true);\n};\n","import { UrlSafeBase64 } from '@silverhand/essentials';\nimport { jwtVerify, JWTVerifyGetKey } from 'jose';\nimport * as s from 'superstruct';\n\nimport { LogtoError } from './errors';\n\nconst issuedAtTimeTolerance = 60;\n\n/**\n * @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\n */\nconst IdTokenClaimsSchema = s.type({\n iss: s.string(),\n sub: s.string(),\n aud: s.string(),\n exp: s.number(),\n iat: s.number(),\n at_hash: s.nullable(s.optional(s.string())),\n name: s.nullable(s.optional(s.string())),\n username: s.nullable(s.optional(s.string())),\n avatar: s.nullable(s.optional(s.string())),\n role_names: s.nullable(s.optional(s.array(s.string()))),\n});\n\nexport type IdTokenClaims = s.Infer<typeof IdTokenClaimsSchema>;\n\nexport const verifyIdToken = async (\n idToken: string,\n clientId: string,\n issuer: string,\n jwks: JWTVerifyGetKey\n) => {\n const result = await jwtVerify(idToken, jwks, { audience: clientId, issuer });\n\n if (Math.abs((result.payload.iat ?? 0) - Date.now() / 1000) > issuedAtTimeTolerance) {\n throw new LogtoError('id_token.invalid_iat');\n }\n};\n\nexport const decodeIdToken = (token: string): IdTokenClaims => {\n const { 1: encodedPayload } = token.split('.');\n\n if (!encodedPayload) {\n throw new LogtoError('id_token.invalid_token');\n }\n\n const json = UrlSafeBase64.decode(encodedPayload);\n const idTokenClaims: unknown = JSON.parse(json);\n s.assert(idTokenClaims, IdTokenClaimsSchema);\n\n return idTokenClaims;\n};\n","import { isNode } from '@silverhand/essentials';\n\nimport { LogtoError, LogtoRequestError } from './errors';\n\ntype LogtoRequestErrorBody = {\n code: string;\n message: string;\n};\n\nexport const createRequester = (fetchFunction?: typeof fetch) => {\n if (!fetchFunction && isNode()) {\n throw new LogtoError('requester.not_provide_fetch');\n }\n\n return async <T>(...args: Parameters<typeof fetch>): Promise<T> => {\n const response = await (fetchFunction ?? fetch)(...args);\n\n if (!response.ok) {\n // Expected request error from server\n const { code, message } = await response.json<LogtoRequestErrorBody>();\n throw new LogtoRequestError(code, message);\n }\n\n return response.json<T>();\n };\n};\n\nexport type Requester = ReturnType<typeof createRequester>;\n","/**\n * @param originalScopes\n * @return scopes should contain all reserved scopes ( Logto requires `openid` and `offline_access` )\n */\nexport const withReservedScopes = (originalScopes?: string[]): string => {\n const uniqueScopes = new Set(['openid', 'offline_access', 'profile', ...(originalScopes ?? [])]);\n\n return Array.from(uniqueScopes).join(' ');\n};\n","import { QueryKey } from '../consts';\n\ntype SignOutUriParameters = {\n endSessionEndpoint: string;\n idToken: string;\n postLogoutRedirectUri?: string;\n};\n\nexport const generateSignOutUri = ({\n endSessionEndpoint,\n idToken,\n postLogoutRedirectUri,\n}: SignOutUriParameters) => {\n const urlSearchParameters = new URLSearchParams({ [QueryKey.IdTokenHint]: idToken });\n\n if (postLogoutRedirectUri) {\n urlSearchParameters.append(QueryKey.PostLogoutRedirectUri, postLogoutRedirectUri);\n }\n\n return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;\n};\n"],"names":[],"version":3,"file":"module.js.map"}
|
|
1
|
+
{"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AEAA;;;;;;;ACAO,MAAM,yCAAW,GAAG;IACzB,cAAc,EAAE;QAAE,cAAc,EAAE,mCAAmC;KAAE;CACxE,AAAC;IAEK,yCAGN;UAHW,cAAc;IAAd,cAAc,CACxB,mBAAiB,IAAG,oBAAoB;IAD9B,cAAc,CAExB,cAAY,IAAG,eAAe;GAFpB,yCAAc,KAAd,yCAAc;IAKnB,yCAoBN;UApBW,QAAQ;IAAR,QAAQ,CAClB,UAAQ,IAAG,WAAW;IADZ,QAAQ,CAElB,MAAI,IAAG,MAAM;IAFH,QAAQ,CAGlB,eAAa,IAAG,gBAAgB;IAHtB,QAAQ,CAIlB,qBAAmB,IAAG,uBAAuB;IAJnC,QAAQ,CAKlB,cAAY,IAAG,eAAe;IALpB,QAAQ,CAMlB,OAAK,IAAG,OAAO;IANL,QAAQ,CAOlB,kBAAgB,IAAG,mBAAmB;IAP5B,QAAQ,CAQlB,WAAS,IAAG,YAAY;IARd,QAAQ,CASlB,SAAO,IAAG,UAAU;IATV,QAAQ,CAUlB,aAAW,IAAG,eAAe;IAVnB,QAAQ,CAWlB,uBAAqB,IAAG,0BAA0B;IAXxC,QAAQ,CAYlB,QAAM,IAAG,QAAQ;IAZP,QAAQ,CAalB,aAAW,IAAG,cAAc;IAblB,QAAQ,CAclB,cAAY,IAAG,eAAe;IAdpB,QAAQ,CAelB,UAAQ,IAAG,UAAU;IAfX,QAAQ,CAgBlB,cAAY,IAAG,eAAe;IAhBpB,QAAQ,CAiBlB,OAAK,IAAG,OAAO;IAjBL,QAAQ,CAkBlB,OAAK,IAAG,OAAO;IAlBL,QAAQ,CAmBlB,OAAK,IAAG,OAAO;GAnBL,yCAAQ,KAAR,yCAAQ;IAsBb,yCAGN;UAHW,MAAM;IAAN,MAAM,CAChB,SAAO,IAAG,SAAS;IADT,MAAM,CAEhB,OAAK,IAAG,OAAO;GAFL,yCAAM,KAAN,yCAAM;;;ADYX,MAAM,yCAA6B,GAAG,OAC3C,YACE,QAAQ,CAAA,iBACR,aAAa,CAAA,eACb,WAAW,CAAA,gBACX,YAAY,CAAA,QACZ,IAAI,CAAA,YACJ,QAAQ,CAAA,EACgC,EAC1C,SAAoB,GACW;IAC/B,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACvC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACrD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,iBAAiB,CAAC,CAAC;IAExE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,MAAM,0BAA0B,GAAG,MAAM,SAAS,CAA6B,aAAa,EAAE;QAC5F,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CAAC,AAAC;IAEH,OAAO,CAAA,GAAA,oBAAa,CAAA,CAAC,0BAA0B,CAAC,CAAC;CAClD,AAAC;AAEK,MAAM,yCAAwB,GAAG,OACtC,YAAE,QAAQ,CAAA,iBAAE,aAAa,CAAA,gBAAE,YAAY,CAAA,YAAE,QAAQ,CAAA,UAAE,MAAM,CAAA,EAAsC,EAC/F,SAAoB,GACmB;IACvC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,YAAY,CAAC,CAAC;IAEnE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,IAAI,MAAM,EAAE,MAAM,EAChB,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAGtD,MAAM,kCAAkC,GAAG,MAAM,SAAS,CACxD,aAAa,EACb;QACE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CACF,AAAC;IAEF,OAAO,CAAA,GAAA,oBAAa,CAAA,CAAC,kCAAkC,CAAC,CAAC;CAC1D,AAAC;;ADrGF;;;;;AGAA;AAcO,MAAM,yCAAa,GAAG,wCAAwC,AAAC;AAI/D,MAAM,yCAAe,GAAG,OAC7B,QAAgB,EAChB,SAAoB,GAEpB,CAAA,GAAA,oBAAa,CAAA,CAAC,MAAM,SAAS,CAA8B,QAAQ,CAAC,CAAC,AAAC;;;;;;ACtBxE;AAGO,MAAM,yCAAM,GAAG,OACpB,kBAA0B,EAC1B,QAAgB,EAChB,KAAa,EACb,SAAoB,GAEpB,SAAS,CAAO,kBAAkB,EAAE;QAClC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,IAAI,eAAe,CAAC;YACxB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;YAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;SACxB,CAAC;KACH,CAAC,AAAC;;;;;;AChBL;;;;;;AEAA;;;;;;;;ACAA;;AAIA,MAAM,qCAAe,GAAG,MAAM,CAAC,MAAM,CAAC;IACpC,QAAQ,EAAE;QACR,WAAW,EAAE,wCAAwC;QACrD,aAAa,EAAE,kBAAkB;KAClC;IACD,yBAAyB,EAAE;QACzB,uBAAuB,EAAE,+CAA+C;QACxE,WAAW,EAAE,iCAAiC;QAC9C,aAAa,EAAE,mCAAmC;QAClD,gBAAgB,EAAE,sCAAsC;QACxD,YAAY,EAAE,kCAAkC;KACjD;IACD,yBAAyB,EAAE,gEAAgE;IAC3F,yBAAyB,EAAE,4CAA4C;CACxE,CAAC,AAAC;AAIH,MAAM,2CAAqB,GAAG,CAAC,SAAyB,GAAa;IACnE,mEAAmE;IACnE,MAAM,OAAO,GAAG,CAAA,GAAA,gBAAG,CAAA,CAAC,qCAAe,EAAE,SAAS,CAAC,AAAC;IAEhD,IAAI,OAAO,OAAO,KAAK,QAAQ,EAC7B,OAAO,OAAO,CAAC;IAGjB,OAAO,SAAS,CAAC;CAClB,AAAC;AAEK,MAAM,yCAAU,SAAS,KAAK;IAInC,YAAY,IAAoB,EAAE,IAAc,CAAE;QAChD,KAAK,CAAC,2CAAqB,CAAC,IAAI,CAAC,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAuB,GAAG,WAAM,CAAC;IAC5C,IAAI,EAAE,aAAQ,EAAE;IAChB,OAAO,EAAE,aAAQ,EAAE;CACpB,CAAC,AAAC;AAEI,MAAM,yCAAiB,SAAS,KAAK;IAG1C,YAAY,IAAY,EAAE,OAAe,CAAE;QACzC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAS;IACpB,YAAmB,KAAa,EAAS,gBAAyB,CAAE;aAAjD,KAAa,GAAb,KAAa;aAAS,gBAAyB,GAAzB,gBAAyB;KAAI;CACvE;;;ADvDM,MAAM,yCAAkB,GAAG,CAAC,GAAW,GAAK;IACjD,MAAM,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE5C,OAAO,IAAI,eAAe,CAAC,WAAW,CAAC,CAAC;CACzC,AAAC;AAGK,MAAM,yCAAiC,GAAG,CAC/C,WAAmB,EACnB,WAAmB,EACnB,KAAa,GACV;IACH,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,WAAW,CAAC,EACtC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,mDAAmD,CAAC,CAAC;IAE5E,MAAM,aAAa,GAAG,yCAAkB,CAAC,WAAW,CAAC,AAAC;IAEtD,MAAM,KAAK,GAAG,CAAA,GAAA,kBAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,CAAC,AAAC;IAC7D,MAAM,gBAAgB,GAAG,CAAA,GAAA,kBAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,gBAAgB,CAAC,CAAC,AAAC;IAEnF,IAAI,KAAK,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAClB,uCAAuC,EACvC,IAAI,CAAA,GAAA,yCAAS,CAAA,CAAC,KAAK,EAAE,gBAAgB,CAAC,CACvC,CAAC;IAGJ,MAAM,oBAAoB,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,AAAC;IAE/D,IAAI,CAAC,oBAAoB,EACvB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,yCAAyC,CAAC,CAAC;IAGlE,IAAI,oBAAoB,KAAK,KAAK,EAChC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,4CAA4C,CAAC,CAAC;IAGrE,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,CAAC,AAAC;IAE9C,IAAI,CAAC,IAAI,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wCAAwC,CAAC,CAAC;IAGjE,OAAO,IAAI,CAAC;CACb,AAAC;;ADjDF;;;;;;AGAA;;;;AAMA,MAAM,2CAAqB,GAAG,EAAE,AAAC;AAEjC;;GAEG,CACH,MAAM,yCAAmB,GAAG,WAAM,CAAC;IACjC,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,OAAO,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IAC3C,IAAI,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IACxC,QAAQ,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IAC5C,MAAM,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IAC1C,UAAU,EAAE,eAAU,CAAC,eAAU,CAAC,YAAO,CAAC,aAAQ,EAAE,CAAC,CAAC,CAAC;CACxD,CAAC,AAAC;AAII,MAAM,yCAAa,GAAG,OAC3B,OAAe,EACf,QAAgB,EAChB,MAAc,EACd,IAAqB,GAClB;IACH,MAAM,MAAM,GAAG,MAAM,CAAA,GAAA,gBAAS,CAAA,CAAC,OAAO,EAAE,IAAI,EAAE;QAAE,QAAQ,EAAE,QAAQ;gBAAE,MAAM;KAAE,CAAC,AAAC;IAE9E,IAAI,IAAI,CAAC,GAAG,CAAC,AAAC,CAAA,MAAM,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAA,GAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,2CAAqB,EACjF,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,sBAAsB,CAAC,CAAC;CAEhD,AAAC;AAEK,MAAM,yCAAa,GAAG,CAAC,KAAa,GAAoB;IAC7D,MAAM,EAAE,CAAC,EAAE,cAAc,CAAA,EAAE,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE/C,IAAI,CAAC,cAAc,EACjB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wBAAwB,CAAC,CAAC;IAGjD,MAAM,IAAI,GAAG,CAAA,GAAA,oBAAa,CAAA,CAAC,MAAM,CAAC,cAAc,CAAC,AAAC;IAClD,MAAM,aAAa,GAAY,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,AAAC;IAChD,aAAQ,CAAC,aAAa,EAAE,yCAAmB,CAAC,CAAC;IAE7C,OAAO,aAAa,CAAC;CACtB,AAAC;;;;;;AC/CK,MAAM,wCAAkB,GAAG,CAAC,cAAyB,GAAa;IACvE,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC;QAAC,QAAQ;QAAE,gBAAgB;QAAE,SAAS;WAAM,cAAc,IAAI,EAAE;KAAE,CAAC,AAAC;IAEjG,OAAO,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;CAC3C,AAAC;;;;;;;;;ALLF,MAAM,yCAAmB,GAAG,MAAM,AAAC;AACnC,MAAM,kCAAY,GAAG,MAAM,AAAC;AAarB,MAAM,yCAAiB,GAAG,CAAC,yBAChC,qBAAqB,CAAA,YACrB,QAAQ,CAAA,eACR,WAAW,CAAA,iBACX,aAAa,CAAA,SACb,KAAK,CAAA,UACL,MAAM,CAAA,aACN,SAAS,CAAA,UACT,MAAM,CAAA,EACc,GAAK;IACzB,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAC9C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;QAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,WAAW;QACnC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,aAAa,CAAC,EAAE,aAAa;QACvC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,mBAAmB,CAAC,EAAE,yCAAmB;QACnD,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;QACvB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,CAAC,EAAE,kCAAY;QACrC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,MAAM,CAAC,EAAE,MAAM,IAAI,CAAA,GAAA,yCAAM,CAAA,CAAC,OAAO;QAC3C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,CAAA,GAAA,wCAAkB,CAAA,CAAC,MAAM,CAAC;KAC7C,CAAC,AAAC;IAEH,KAAK,MAAM,QAAQ,IAAI,SAAS,IAAI,EAAE,CACpC,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAG1D,OAAO,CAAC,EAAE,qBAAqB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CACrE,AAAC;;;;;;AM3CF;AAQO,MAAM,yCAAkB,GAAG,CAAC,sBACjC,kBAAkB,CAAA,WAClB,OAAO,CAAA,yBACP,qBAAqB,CAAA,EACA,GAAK;IAC1B,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAAE,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,OAAO;KAAE,CAAC,AAAC;IAErF,IAAI,qBAAqB,EACvB,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,qBAAqB,EAAE,qBAAqB,CAAC,CAAC;IAGpF,OAAO,CAAC,EAAE,kBAAkB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CAClE,AAAC;;;;;;;;;AZnBF;;;;;","sources":["packages/js/src/index.ts","packages/js/src/core/index.ts","packages/js/src/core/fetch-token.ts","packages/js/src/consts/index.ts","packages/js/src/core/oidc-config.ts","packages/js/src/core/revoke.ts","packages/js/src/core/sign-in.ts","packages/js/src/utils/index.ts","packages/js/src/utils/callback-uri.ts","packages/js/src/utils/errors.ts","packages/js/src/utils/id-token.ts","packages/js/src/utils/scopes.ts","packages/js/src/core/sign-out.ts","packages/js/src/types/index.ts"],"sourcesContent":["/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\nexport * from './types';\n","export * from './fetch-token';\nexport * from './oidc-config';\nexport * from './revoke';\nexport * from './sign-in';\nexport * from './sign-out';\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { ContentType, QueryKey, TokenGrantType } from '../consts';\nimport { Requester } from '../types';\n\nexport type FetchTokenByAuthorizationCodeParameters = {\n clientId: string;\n tokenEndpoint: string;\n redirectUri: string;\n codeVerifier: string;\n code: string;\n resource?: string;\n};\n\nexport type FetchTokenByRefreshTokenParameters = {\n clientId: string;\n tokenEndpoint: string;\n refreshToken: string;\n resource?: string;\n scopes?: string[];\n};\n\ntype SnakeCaseCodeTokenResponse = {\n access_token: string;\n refresh_token?: string;\n id_token: string;\n scope: string;\n expires_in: number;\n};\n\nexport type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;\n\ntype SnakeCaseRefreshTokenTokenResponse = {\n access_token: string;\n refresh_token: string;\n id_token?: string;\n scope: string;\n expires_in: number;\n};\n\nexport type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;\n\nexport const fetchTokenByAuthorizationCode = async (\n {\n clientId,\n tokenEndpoint,\n redirectUri,\n codeVerifier,\n code,\n resource,\n }: FetchTokenByAuthorizationCodeParameters,\n requester: Requester\n): Promise<CodeTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.Code, code);\n parameters.append(QueryKey.CodeVerifier, codeVerifier);\n parameters.append(QueryKey.RedirectUri, redirectUri);\n parameters.append(QueryKey.GrantType, TokenGrantType.AuthorizationCode);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n const snakeCaseCodeTokenResponse = await requester<SnakeCaseCodeTokenResponse>(tokenEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n });\n\n return camelcaseKeys(snakeCaseCodeTokenResponse);\n};\n\nexport const fetchTokenByRefreshToken = async (\n { clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters,\n requester: Requester\n): Promise<RefreshTokenTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.RefreshToken, refreshToken);\n parameters.append(QueryKey.GrantType, TokenGrantType.RefreshToken);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n if (scopes?.length) {\n parameters.append(QueryKey.Scope, scopes.join(' '));\n }\n\n const snakeCaseRefreshTokenTokenResponse = await requester<SnakeCaseRefreshTokenTokenResponse>(\n tokenEndpoint,\n {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n }\n );\n\n return camelcaseKeys(snakeCaseRefreshTokenTokenResponse);\n};\n","export const ContentType = {\n formUrlEncoded: { 'Content-Type': 'application/x-www-form-urlencoded' },\n};\n\nexport enum TokenGrantType {\n AuthorizationCode = 'authorization_code',\n RefreshToken = 'refresh_token',\n}\n\nexport enum QueryKey {\n ClientId = 'client_id',\n Code = 'code',\n CodeChallenge = 'code_challenge',\n CodeChallengeMethod = 'code_challenge_method',\n CodeVerifier = 'code_verifier',\n Error = 'error',\n ErrorDescription = 'error_description',\n GrantType = 'grant_type',\n IdToken = 'id_token',\n IdTokenHint = 'id_token_hint',\n PostLogoutRedirectUri = 'post_logout_redirect_uri',\n Prompt = 'prompt',\n RedirectUri = 'redirect_uri',\n RefreshToken = 'refresh_token',\n Resource = 'resource',\n ResponseType = 'response_type',\n Scope = 'scope',\n State = 'state',\n Token = 'token',\n}\n\nexport enum Prompt {\n Consent = 'consent',\n Login = 'login',\n}\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { Requester } from '../types';\n\ntype OidcConfigSnakeCaseResponse = {\n authorization_endpoint: string;\n token_endpoint: string;\n end_session_endpoint: string;\n revocation_endpoint: string;\n jwks_uri: string;\n issuer: string;\n};\n\nexport const discoveryPath = '/oidc/.well-known/openid-configuration';\n\nexport type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;\n\nexport const fetchOidcConfig = async (\n endpoint: string,\n requester: Requester\n): Promise<OidcConfigResponse> =>\n camelcaseKeys(await requester<OidcConfigSnakeCaseResponse>(endpoint));\n","import { ContentType, QueryKey } from '../consts';\nimport { Requester } from '../types';\n\nexport const revoke = async (\n revocationEndpoint: string,\n clientId: string,\n token: string,\n requester: Requester\n): Promise<void> =>\n requester<void>(revocationEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.Token]: token,\n }),\n });\n","import { Prompt, QueryKey } from '../consts';\nimport { withReservedScopes } from '../utils';\n\nconst codeChallengeMethod = 'S256';\nconst responseType = 'code';\n\nexport type SignInUriParameters = {\n authorizationEndpoint: string;\n clientId: string;\n redirectUri: string;\n codeChallenge: string;\n state: string;\n scopes?: string[];\n resources?: string[];\n prompt?: Prompt;\n};\n\nexport const generateSignInUri = ({\n authorizationEndpoint,\n clientId,\n redirectUri,\n codeChallenge,\n state,\n scopes,\n resources,\n prompt,\n}: SignInUriParameters) => {\n const urlSearchParameters = new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.RedirectUri]: redirectUri,\n [QueryKey.CodeChallenge]: codeChallenge,\n [QueryKey.CodeChallengeMethod]: codeChallengeMethod,\n [QueryKey.State]: state,\n [QueryKey.ResponseType]: responseType,\n [QueryKey.Prompt]: prompt ?? Prompt.Consent,\n [QueryKey.Scope]: withReservedScopes(scopes),\n });\n\n for (const resource of resources ?? []) {\n urlSearchParameters.append(QueryKey.Resource, resource);\n }\n\n return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export * from './callback-uri';\nexport * from './errors';\nexport * from './id-token';\nexport * from './scopes';\n","import { conditional } from '@silverhand/essentials';\n\nimport { QueryKey } from '../consts';\nimport { LogtoError, OidcError } from './errors';\n\nexport const parseUriParameters = (uri: string) => {\n const [, queryString = ''] = uri.split('?');\n\n return new URLSearchParams(queryString);\n};\n\n// eslint-disable-next-line complexity\nexport const verifyAndParseCodeFromCallbackUri = (\n callbackUri: string,\n redirectUri: string,\n state: string\n) => {\n if (!callbackUri.startsWith(redirectUri)) {\n throw new LogtoError('callback_uri_verification.redirect_uri_mismatched');\n }\n const uriParameters = parseUriParameters(callbackUri);\n\n const error = conditional(uriParameters.get(QueryKey.Error));\n const errorDescription = conditional(uriParameters.get(QueryKey.ErrorDescription));\n\n if (error) {\n throw new LogtoError(\n 'callback_uri_verification.error_found',\n new OidcError(error, errorDescription)\n );\n }\n\n const stateFromCallbackUri = uriParameters.get(QueryKey.State);\n\n if (!stateFromCallbackUri) {\n throw new LogtoError('callback_uri_verification.missing_state');\n }\n\n if (stateFromCallbackUri !== state) {\n throw new LogtoError('callback_uri_verification.state_mismatched');\n }\n\n const code = uriParameters.get(QueryKey.Code);\n\n if (!code) {\n throw new LogtoError('callback_uri_verification.missing_code');\n }\n\n return code;\n};\n","import { NormalizeKeyPaths } from '@silverhand/essentials';\nimport get from 'lodash.get';\nimport * as s from 'superstruct';\n\nconst logtoErrorCodes = Object.freeze({\n id_token: {\n invalid_iat: 'Invalid issued at time in the ID token',\n invalid_token: 'Invalid ID token',\n },\n callback_uri_verification: {\n redirect_uri_mismatched: 'The callback URI mismatches the redirect URI.',\n error_found: 'Error found in the callback URI',\n missing_state: 'Missing state in the callback URI',\n state_mismatched: 'State mismatched in the callback URI',\n missing_code: 'Missing code in the callback URI',\n },\n crypto_subtle_unavailable: 'Crypto.subtle is unavailable in insecure contexts (non-HTTPS).',\n unexpected_response_error: 'Unexpected response error from the server.',\n});\n\nexport type LogtoErrorCode = NormalizeKeyPaths<typeof logtoErrorCodes>;\n\nconst getMessageByErrorCode = (errorCode: LogtoErrorCode): string => {\n // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment\n const message = get(logtoErrorCodes, errorCode);\n\n if (typeof message === 'string') {\n return message;\n }\n\n return errorCode;\n};\n\nexport class LogtoError extends Error {\n code: LogtoErrorCode;\n data: unknown;\n\n constructor(code: LogtoErrorCode, data?: unknown) {\n super(getMessageByErrorCode(code));\n this.code = code;\n this.data = data;\n }\n}\n\nexport const logtoRequestErrorSchema = s.type({\n code: s.string(),\n message: s.string(),\n});\n\nexport class LogtoRequestError extends Error {\n code: string;\n\n constructor(code: string, message: string) {\n super(message);\n this.code = code;\n }\n}\n\nexport class OidcError {\n constructor(public error: string, public errorDescription?: string) {}\n}\n","import { UrlSafeBase64 } from '@silverhand/essentials';\nimport { jwtVerify, JWTVerifyGetKey } from 'jose';\nimport * as s from 'superstruct';\n\nimport { LogtoError } from './errors';\n\nconst issuedAtTimeTolerance = 60;\n\n/**\n * @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\n */\nconst IdTokenClaimsSchema = s.type({\n iss: s.string(),\n sub: s.string(),\n aud: s.string(),\n exp: s.number(),\n iat: s.number(),\n at_hash: s.nullable(s.optional(s.string())),\n name: s.nullable(s.optional(s.string())),\n username: s.nullable(s.optional(s.string())),\n avatar: s.nullable(s.optional(s.string())),\n role_names: s.nullable(s.optional(s.array(s.string()))),\n});\n\nexport type IdTokenClaims = s.Infer<typeof IdTokenClaimsSchema>;\n\nexport const verifyIdToken = async (\n idToken: string,\n clientId: string,\n issuer: string,\n jwks: JWTVerifyGetKey\n) => {\n const result = await jwtVerify(idToken, jwks, { audience: clientId, issuer });\n\n if (Math.abs((result.payload.iat ?? 0) - Date.now() / 1000) > issuedAtTimeTolerance) {\n throw new LogtoError('id_token.invalid_iat');\n }\n};\n\nexport const decodeIdToken = (token: string): IdTokenClaims => {\n const { 1: encodedPayload } = token.split('.');\n\n if (!encodedPayload) {\n throw new LogtoError('id_token.invalid_token');\n }\n\n const json = UrlSafeBase64.decode(encodedPayload);\n const idTokenClaims: unknown = JSON.parse(json);\n s.assert(idTokenClaims, IdTokenClaimsSchema);\n\n return idTokenClaims;\n};\n","/**\n * @param originalScopes\n * @return scopes should contain all reserved scopes ( Logto requires `openid` and `offline_access` )\n */\nexport const withReservedScopes = (originalScopes?: string[]): string => {\n const uniqueScopes = new Set(['openid', 'offline_access', 'profile', ...(originalScopes ?? [])]);\n\n return Array.from(uniqueScopes).join(' ');\n};\n","import { QueryKey } from '../consts';\n\ntype SignOutUriParameters = {\n endSessionEndpoint: string;\n idToken: string;\n postLogoutRedirectUri?: string;\n};\n\nexport const generateSignOutUri = ({\n endSessionEndpoint,\n idToken,\n postLogoutRedirectUri,\n}: SignOutUriParameters) => {\n const urlSearchParameters = new URLSearchParams({ [QueryKey.IdTokenHint]: idToken });\n\n if (postLogoutRedirectUri) {\n urlSearchParameters.append(QueryKey.PostLogoutRedirectUri, postLogoutRedirectUri);\n }\n\n return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export type LogtoRequestErrorBody = {\n code: string;\n message: string;\n};\n\nexport type Requester = <T>(...args: Parameters<typeof fetch>) => Promise<T>;\n"],"names":[],"version":3,"file":"module.js.map"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@logto/js",
|
|
3
|
-
"version": "1.0.0-
|
|
3
|
+
"version": "1.0.0-beta.4",
|
|
4
4
|
"source": "./src/index.ts",
|
|
5
5
|
"main": "./lib/index.js",
|
|
6
6
|
"exports": {
|
|
@@ -29,36 +29,33 @@
|
|
|
29
29
|
"prepack": "pnpm test"
|
|
30
30
|
},
|
|
31
31
|
"dependencies": {
|
|
32
|
-
"@silverhand/essentials": "^1.
|
|
32
|
+
"@silverhand/essentials": "^1.2.0",
|
|
33
33
|
"camelcase-keys": "^7.0.1",
|
|
34
34
|
"jose": "^4.3.8",
|
|
35
|
-
"js-base64": "^3.7.2",
|
|
36
35
|
"lodash.get": "^4.4.2",
|
|
37
36
|
"superstruct": "^0.16.0"
|
|
38
37
|
},
|
|
39
38
|
"devDependencies": {
|
|
40
39
|
"@jest/types": "^27.5.1",
|
|
41
|
-
"@parcel/core": "^2.
|
|
42
|
-
"@parcel/packager-ts": "^2.
|
|
43
|
-
"@parcel/transformer-typescript-types": "^2.
|
|
44
|
-
"@
|
|
45
|
-
"@silverhand/
|
|
46
|
-
"@silverhand/ts-config": "^0.14.0",
|
|
40
|
+
"@parcel/core": "^2.7.0",
|
|
41
|
+
"@parcel/packager-ts": "^2.7.0",
|
|
42
|
+
"@parcel/transformer-typescript-types": "^2.7.0",
|
|
43
|
+
"@silverhand/eslint-config": "^1.0.0",
|
|
44
|
+
"@silverhand/ts-config": "^1.0.0",
|
|
47
45
|
"@types/jest": "^27.4.1",
|
|
48
46
|
"@types/lodash.get": "^4.4.6",
|
|
49
47
|
"@types/node": "^17.0.19",
|
|
50
|
-
"eslint": "^8.
|
|
48
|
+
"eslint": "^8.23.0",
|
|
51
49
|
"jest": "^27.5.1",
|
|
52
50
|
"jest-matcher-specific-error": "^1.0.0",
|
|
53
51
|
"lint-staged": "^13.0.0",
|
|
54
52
|
"nock": "^13.1.3",
|
|
55
|
-
"
|
|
56
|
-
"
|
|
57
|
-
"prettier": "^2.3.2",
|
|
53
|
+
"parcel": "^2.7.0",
|
|
54
|
+
"prettier": "^2.7.1",
|
|
58
55
|
"text-encoder": "^0.0.4",
|
|
59
56
|
"ts-jest": "^27.0.4",
|
|
60
57
|
"type-fest": "^2.10.0",
|
|
61
|
-
"typescript": "
|
|
58
|
+
"typescript": "4.7.4"
|
|
62
59
|
},
|
|
63
60
|
"eslintConfig": {
|
|
64
61
|
"extends": "@silverhand"
|
|
@@ -67,5 +64,5 @@
|
|
|
67
64
|
"publishConfig": {
|
|
68
65
|
"access": "public"
|
|
69
66
|
},
|
|
70
|
-
"gitHead": "
|
|
67
|
+
"gitHead": "8b0f8947ac211fd8d4b6e2e00ce6acfc9dd344db"
|
|
71
68
|
}
|