@logto/js 1.0.0-beta.4 → 1.0.0-beta.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/index.d.ts +19 -0
- package/lib/index.d.ts.map +1 -1
- package/lib/index.js +12 -1
- package/lib/index.js.map +1 -1
- package/lib/module.js +14 -3
- package/lib/module.js.map +1 -1
- package/package.json +3 -3
package/lib/index.d.ts
CHANGED
|
@@ -76,6 +76,7 @@ export const fetchTokenByRefreshToken: ({ clientId, tokenEndpoint, refreshToken,
|
|
|
76
76
|
type OidcConfigSnakeCaseResponse = {
|
|
77
77
|
authorization_endpoint: string;
|
|
78
78
|
token_endpoint: string;
|
|
79
|
+
userinfo_endpoint: string;
|
|
79
80
|
end_session_endpoint: string;
|
|
80
81
|
revocation_endpoint: string;
|
|
81
82
|
jwks_uri: string;
|
|
@@ -175,5 +176,23 @@ type SignOutUriParameters = {
|
|
|
175
176
|
postLogoutRedirectUri?: string;
|
|
176
177
|
};
|
|
177
178
|
export const generateSignOutUri: ({ endSessionEndpoint, idToken, postLogoutRedirectUri, }: SignOutUriParameters) => string;
|
|
179
|
+
type Identity = {
|
|
180
|
+
userId: string;
|
|
181
|
+
details?: Record<string, unknown>;
|
|
182
|
+
};
|
|
183
|
+
export type UserInfoResponse = {
|
|
184
|
+
sub: string;
|
|
185
|
+
name?: string;
|
|
186
|
+
username?: string;
|
|
187
|
+
picture?: string;
|
|
188
|
+
role_names?: string[];
|
|
189
|
+
email?: string;
|
|
190
|
+
email_verified?: boolean;
|
|
191
|
+
phone_number?: string;
|
|
192
|
+
phone_number_verified?: boolean;
|
|
193
|
+
custom_data?: unknown;
|
|
194
|
+
identities?: Record<string, Identity>;
|
|
195
|
+
};
|
|
196
|
+
export const fetchUserInfo: (userInfoEndpoint: string, accessToken: string, requester: Requester) => Promise<UserInfoResponse>;
|
|
178
197
|
|
|
179
198
|
//# sourceMappingURL=index.d.ts.map
|
package/lib/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"mappings":";;;AAAA,OAAO,MAAM;;;;CAEZ,CAAC;AAEF;IACE,iBAAiB,uBAAuB;IACxC,YAAY,kBAAkB;CAC/B;AAED;IACE,QAAQ,cAAc;IACtB,IAAI,SAAS;IACb,aAAa,mBAAmB;IAChC,mBAAmB,0BAA0B;IAC7C,YAAY,kBAAkB;IAC9B,KAAK,UAAU;IACf,gBAAgB,sBAAsB;IACtC,SAAS,eAAe;IACxB,OAAO,aAAa;IACpB,WAAW,kBAAkB;IAC7B,qBAAqB,6BAA6B;IAClD,iBAAiB;IACjB,WAAW,iBAAiB;IAC5B,YAAY,kBAAkB;IAC9B,QAAQ,aAAa;IACrB,YAAY,kBAAkB;IAC9B,KAAK,UAAU;IACf,KAAK,UAAU;IACf,KAAK,UAAU;CAChB;AAED;IACE,OAAO,YAAY;IACnB,KAAK,UAAU;CAChB;AClCD,oCAAoC;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,wBAAwB,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,UAAU,CAAC,OAAO,KAAK,CAAC,KAAK,OAAO,CAAC,CAAC,CAAC,CAAC;ACC7E,sDAAsD;IACpD,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,CAAC;AAEF,iDAAiD;IAC/C,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB,CAAC;AAEF,kCAAkC;IAChC,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,gCAAgC,gBAAgB,0BAA0B,CAAC,CAAC;AAE5E,0CAA0C;IACxC,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,wCAAwC,gBAAgB,kCAAkC,CAAC,CAAC;AAE5F,OAAO,MAAM,yGAQR,uCAAuC,aAC/B,SAAS,KACnB,QAAQ,iBAAiB,CAmB3B,CAAC;AAEF,OAAO,MAAM,wFACkD,kCAAkC,aACpF,SAAS,KACnB,QAAQ,yBAAyB,CAwBnC,CAAC;AChGF,mCAAmC;IACjC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,cAAc,EAAE,MAAM,CAAC;IACvB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,OAAO,MAAM,wDAAwD,CAAC;AAEtE,iCAAiC,gBAAgB,2BAA2B,CAAC,CAAC;AAE9E,OAAO,MAAM,4BACD,MAAM,aACL,SAAS,KACnB,QAAQ,kBAAkB,CAC0C,CAAC;
|
|
1
|
+
{"mappings":";;;AAAA,OAAO,MAAM;;;;CAEZ,CAAC;AAEF;IACE,iBAAiB,uBAAuB;IACxC,YAAY,kBAAkB;CAC/B;AAED;IACE,QAAQ,cAAc;IACtB,IAAI,SAAS;IACb,aAAa,mBAAmB;IAChC,mBAAmB,0BAA0B;IAC7C,YAAY,kBAAkB;IAC9B,KAAK,UAAU;IACf,gBAAgB,sBAAsB;IACtC,SAAS,eAAe;IACxB,OAAO,aAAa;IACpB,WAAW,kBAAkB;IAC7B,qBAAqB,6BAA6B;IAClD,iBAAiB;IACjB,WAAW,iBAAiB;IAC5B,YAAY,kBAAkB;IAC9B,QAAQ,aAAa;IACrB,YAAY,kBAAkB;IAC9B,KAAK,UAAU;IACf,KAAK,UAAU;IACf,KAAK,UAAU;CAChB;AAED;IACE,OAAO,YAAY;IACnB,KAAK,UAAU;CAChB;AClCD,oCAAoC;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,wBAAwB,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,UAAU,CAAC,OAAO,KAAK,CAAC,KAAK,OAAO,CAAC,CAAC,CAAC,CAAC;ACC7E,sDAAsD;IACpD,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,CAAC;AAEF,iDAAiD;IAC/C,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB,CAAC;AAEF,kCAAkC;IAChC,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,gCAAgC,gBAAgB,0BAA0B,CAAC,CAAC;AAE5E,0CAA0C;IACxC,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,wCAAwC,gBAAgB,kCAAkC,CAAC,CAAC;AAE5F,OAAO,MAAM,yGAQR,uCAAuC,aAC/B,SAAS,KACnB,QAAQ,iBAAiB,CAmB3B,CAAC;AAEF,OAAO,MAAM,wFACkD,kCAAkC,aACpF,SAAS,KACnB,QAAQ,yBAAyB,CAwBnC,CAAC;AChGF,mCAAmC;IACjC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,OAAO,MAAM,wDAAwD,CAAC;AAEtE,iCAAiC,gBAAgB,2BAA2B,CAAC,CAAC;AAE9E,OAAO,MAAM,4BACD,MAAM,aACL,SAAS,KACnB,QAAQ,kBAAkB,CAC0C,CAAC;ACpBxE,OAAO,MAAM,6BACS,MAAM,YAChB,MAAM,SACT,MAAM,aACF,SAAS,KACnB,QAAQ,IAAI,CAQX,CAAC;ACZL,QAAA,MAAM;;;;;;;;;;;;;;EAcJ,CAAC;AAEH,6BAA6B,kBAAkB,sBAAsB,CAAC,CAAC;AAavE,uBAAwB,SAAQ,KAAK;IACnC,IAAI,EAAE,cAAc,CAAC;IACrB,IAAI,EAAE,OAAO,CAAC;gBAEF,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,EAAE,OAAO;CAKjD;AAED,OAAO,MAAM;;;;;;EAGX,CAAC;AAEH,8BAA+B,SAAQ,KAAK;IAC1C,IAAI,EAAE,MAAM,CAAC;gBAED,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;CAI1C;AAED;IACqB,KAAK,EAAE,MAAM;IAAS,gBAAgB,CAAC;gBAAvC,KAAK,EAAE,MAAM,EAAS,gBAAgB,CAAC,oBAAQ;CACnE;ACvDD,OAAO,MAAM,0BAA2B,MAAM,oBAI7C,CAAC;AAGF,OAAO,MAAM,iDACE,MAAM,eACN,MAAM,SACZ,MAAM,WAkCd,CAAC;ACzCF;;GAEG;AACH,QAAA,MAAM;;;;;;;;;;;;;;;;;;;;;;EAWJ,CAAC;AAEH,4BAA4B,EAAE,KAAK,CAAC,0BAA0B,CAAC,CAAC;AAEhE,OAAO,MAAM,yBACF,MAAM,YACL,MAAM,UACR,MAAM,QACR,eAAe,kBAOtB,CAAC;AAEF,OAAO,MAAM,uBAAwB,MAAM,KAAG,aAY7C,CAAC;ACnDF;;;GAGG;AACH,OAAO,MAAM,sCAAuC,MAAM,EAAE,KAAG,MAI9D,CAAC;AEFF,kCAAkC;IAChC,qBAAqB,EAAE,MAAM,CAAC;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,OAAO,MAAM,wHASV,mBAAmB,WAiBrB,CAAC;ACzCF,4BAA4B;IAC1B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,qBAAqB,CAAC,EAAE,MAAM,CAAC;CAChC,CAAC;AAEF,OAAO,MAAM,8EAIV,oBAAoB,WAQtB,CAAC;AClBF,gBAAgB;IACd,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC,CAAC;AAEF,+BAA+B;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;CACvC,CAAC;AAEF,OAAO,MAAM,kCACO,MAAM,eACX,MAAM,aACR,SAAS,KACnB,QAAQ,gBAAgB,CAGvB,CAAC","sources":["packages/js/src/src/consts/index.ts","packages/js/src/src/types/index.ts","packages/js/src/src/core/fetch-token.ts","packages/js/src/src/core/oidc-config.ts","packages/js/src/src/core/revoke.ts","packages/js/src/src/utils/errors.ts","packages/js/src/src/utils/callback-uri.ts","packages/js/src/src/utils/id-token.ts","packages/js/src/src/utils/scopes.ts","packages/js/src/src/utils/index.ts","packages/js/src/src/core/sign-in.ts","packages/js/src/src/core/sign-out.ts","packages/js/src/src/core/user-info.ts","packages/js/src/src/core/index.ts","packages/js/src/src/index.ts","packages/js/src/index.ts"],"sourcesContent":[null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,"/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\nexport * from './types';\n"],"names":[],"version":3,"file":"index.d.ts.map"}
|
package/lib/index.js
CHANGED
|
@@ -249,7 +249,7 @@ const $c2fd0c04c48199e2$export$b5b3317c8aecbcd5 = async (idToken, clientId, issu
|
|
|
249
249
|
const $c2fd0c04c48199e2$export$aac2d5b7f5cd16d5 = (token)=>{
|
|
250
250
|
const { 1: encodedPayload } = token.split(".");
|
|
251
251
|
if (!encodedPayload) throw new (0, $47fe17290a91cd19$export$ba60d77e6748b659)("id_token.invalid_token");
|
|
252
|
-
const json = (0, $eVySA$silverhandessentials.
|
|
252
|
+
const json = (0, $eVySA$silverhandessentials.urlSafeBase64).decode(encodedPayload);
|
|
253
253
|
const idTokenClaims = JSON.parse(json);
|
|
254
254
|
$eVySA$superstruct.assert(idTokenClaims, $c2fd0c04c48199e2$var$IdTokenClaimsSchema);
|
|
255
255
|
return idTokenClaims;
|
|
@@ -307,11 +307,22 @@ const $1dac903ccb175f85$export$b3c9a2bd2330de28 = ({ endSessionEndpoint: endSess
|
|
|
307
307
|
};
|
|
308
308
|
|
|
309
309
|
|
|
310
|
+
var $427c00d1e1cb4e3b$exports = {};
|
|
311
|
+
|
|
312
|
+
$parcel$export($427c00d1e1cb4e3b$exports, "fetchUserInfo", () => $427c00d1e1cb4e3b$export$eee09f98e5b044aa);
|
|
313
|
+
const $427c00d1e1cb4e3b$export$eee09f98e5b044aa = async (userInfoEndpoint, accessToken, requester)=>requester(userInfoEndpoint, {
|
|
314
|
+
headers: {
|
|
315
|
+
Authorization: `Bearer ${accessToken}`
|
|
316
|
+
}
|
|
317
|
+
});
|
|
318
|
+
|
|
319
|
+
|
|
310
320
|
$parcel$exportWildcard($a722dce254028e46$exports, $e6b305c1e572373d$exports);
|
|
311
321
|
$parcel$exportWildcard($a722dce254028e46$exports, $945b1d0ce7f8f44a$exports);
|
|
312
322
|
$parcel$exportWildcard($a722dce254028e46$exports, $de840481123b2c25$exports);
|
|
313
323
|
$parcel$exportWildcard($a722dce254028e46$exports, $1e17092ca3413c94$exports);
|
|
314
324
|
$parcel$exportWildcard($a722dce254028e46$exports, $1dac903ccb175f85$exports);
|
|
325
|
+
$parcel$exportWildcard($a722dce254028e46$exports, $427c00d1e1cb4e3b$exports);
|
|
315
326
|
|
|
316
327
|
|
|
317
328
|
|
package/lib/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AEAA;;;;;;;ACAO,MAAM,yCAAW,GAAG;IACzB,cAAc,EAAE;QAAE,cAAc,EAAE,mCAAmC;KAAE;CACxE,AAAC;IAEK,yCAGN;UAHW,cAAc;IAAd,cAAc,CACxB,mBAAiB,IAAG,oBAAoB;IAD9B,cAAc,CAExB,cAAY,IAAG,eAAe;GAFpB,yCAAc,KAAd,yCAAc;IAKnB,yCAoBN;UApBW,QAAQ;IAAR,QAAQ,CAClB,UAAQ,IAAG,WAAW;IADZ,QAAQ,CAElB,MAAI,IAAG,MAAM;IAFH,QAAQ,CAGlB,eAAa,IAAG,gBAAgB;IAHtB,QAAQ,CAIlB,qBAAmB,IAAG,uBAAuB;IAJnC,QAAQ,CAKlB,cAAY,IAAG,eAAe;IALpB,QAAQ,CAMlB,OAAK,IAAG,OAAO;IANL,QAAQ,CAOlB,kBAAgB,IAAG,mBAAmB;IAP5B,QAAQ,CAQlB,WAAS,IAAG,YAAY;IARd,QAAQ,CASlB,SAAO,IAAG,UAAU;IATV,QAAQ,CAUlB,aAAW,IAAG,eAAe;IAVnB,QAAQ,CAWlB,uBAAqB,IAAG,0BAA0B;IAXxC,QAAQ,CAYlB,QAAM,IAAG,QAAQ;IAZP,QAAQ,CAalB,aAAW,IAAG,cAAc;IAblB,QAAQ,CAclB,cAAY,IAAG,eAAe;IAdpB,QAAQ,CAelB,UAAQ,IAAG,UAAU;IAfX,QAAQ,CAgBlB,cAAY,IAAG,eAAe;IAhBpB,QAAQ,CAiBlB,OAAK,IAAG,OAAO;IAjBL,QAAQ,CAkBlB,OAAK,IAAG,OAAO;IAlBL,QAAQ,CAmBlB,OAAK,IAAG,OAAO;GAnBL,yCAAQ,KAAR,yCAAQ;IAsBb,yCAGN;UAHW,MAAM;IAAN,MAAM,CAChB,SAAO,IAAG,SAAS;IADT,MAAM,CAEhB,OAAK,IAAG,OAAO;GAFL,yCAAM,KAAN,yCAAM;;;ADYX,MAAM,yCAA6B,GAAG,OAC3C,YACE,QAAQ,CAAA,iBACR,aAAa,CAAA,eACb,WAAW,CAAA,gBACX,YAAY,CAAA,QACZ,IAAI,CAAA,YACJ,QAAQ,CAAA,EACgC,EAC1C,SAAoB,GACW;IAC/B,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACvC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACrD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,iBAAiB,CAAC,CAAC;IAExE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,MAAM,0BAA0B,GAAG,MAAM,SAAS,CAA6B,aAAa,EAAE;QAC5F,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CAAC,AAAC;IAEH,OAAO,CAAA,GAAA,8CAAa,CAAA,CAAC,0BAA0B,CAAC,CAAC;CAClD,AAAC;AAEK,MAAM,yCAAwB,GAAG,OACtC,YAAE,QAAQ,CAAA,iBAAE,aAAa,CAAA,gBAAE,YAAY,CAAA,YAAE,QAAQ,CAAA,UAAE,MAAM,CAAA,EAAsC,EAC/F,SAAoB,GACmB;IACvC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,YAAY,CAAC,CAAC;IAEnE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,IAAI,MAAM,EAAE,MAAM,EAChB,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAGtD,MAAM,kCAAkC,GAAG,MAAM,SAAS,CACxD,aAAa,EACb;QACE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CACF,AAAC;IAEF,OAAO,CAAA,GAAA,8CAAa,CAAA,CAAC,kCAAkC,CAAC,CAAC;CAC1D,AAAC;;ADrGF;;;;;AGAA;AAcO,MAAM,yCAAa,GAAG,wCAAwC,AAAC;AAI/D,MAAM,yCAAe,GAAG,OAC7B,QAAgB,EAChB,SAAoB,GAEpB,CAAA,GAAA,8CAAa,CAAA,CAAC,MAAM,SAAS,CAA8B,QAAQ,CAAC,CAAC,AAAC;;;;;;ACtBxE;AAGO,MAAM,yCAAM,GAAG,OACpB,kBAA0B,EAC1B,QAAgB,EAChB,KAAa,EACb,SAAoB,GAEpB,SAAS,CAAO,kBAAkB,EAAE;QAClC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,IAAI,eAAe,CAAC;YACxB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;YAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;SACxB,CAAC;KACH,CAAC,AAAC;;;;;;AChBL;;;;;;AEAA;;;;;;;;ACAA;;AAIA,MAAM,qCAAe,GAAG,MAAM,CAAC,MAAM,CAAC;IACpC,QAAQ,EAAE;QACR,WAAW,EAAE,wCAAwC;QACrD,aAAa,EAAE,kBAAkB;KAClC;IACD,yBAAyB,EAAE;QACzB,uBAAuB,EAAE,+CAA+C;QACxE,WAAW,EAAE,iCAAiC;QAC9C,aAAa,EAAE,mCAAmC;QAClD,gBAAgB,EAAE,sCAAsC;QACxD,YAAY,EAAE,kCAAkC;KACjD;IACD,yBAAyB,EAAE,gEAAgE;IAC3F,yBAAyB,EAAE,4CAA4C;CACxE,CAAC,AAAC;AAIH,MAAM,2CAAqB,GAAG,CAAC,SAAyB,GAAa;IACnE,mEAAmE;IACnE,MAAM,OAAO,GAAG,CAAA,GAAA,0CAAG,CAAA,CAAC,qCAAe,EAAE,SAAS,CAAC,AAAC;IAEhD,IAAI,OAAO,OAAO,KAAK,QAAQ,EAC7B,OAAO,OAAO,CAAC;IAGjB,OAAO,SAAS,CAAC;CAClB,AAAC;AAEK,MAAM,yCAAU,SAAS,KAAK;IAInC,YAAY,IAAoB,EAAE,IAAc,CAAE;QAChD,KAAK,CAAC,2CAAqB,CAAC,IAAI,CAAC,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAuB,GAAG,uBAAM,CAAC;IAC5C,IAAI,EAAE,yBAAQ,EAAE;IAChB,OAAO,EAAE,yBAAQ,EAAE;CACpB,CAAC,AAAC;AAEI,MAAM,yCAAiB,SAAS,KAAK;IAG1C,YAAY,IAAY,EAAE,OAAe,CAAE;QACzC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAS;IACpB,YAAmB,KAAa,EAAS,gBAAyB,CAAE;aAAjD,KAAa,GAAb,KAAa;aAAS,gBAAyB,GAAzB,gBAAyB;KAAI;CACvE;;;ADvDM,MAAM,yCAAkB,GAAG,CAAC,GAAW,GAAK;IACjD,MAAM,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE5C,OAAO,IAAI,eAAe,CAAC,WAAW,CAAC,CAAC;CACzC,AAAC;AAGK,MAAM,yCAAiC,GAAG,CAC/C,WAAmB,EACnB,WAAmB,EACnB,KAAa,GACV;IACH,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,WAAW,CAAC,EACtC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,mDAAmD,CAAC,CAAC;IAE5E,MAAM,aAAa,GAAG,yCAAkB,CAAC,WAAW,CAAC,AAAC;IAEtD,MAAM,KAAK,GAAG,CAAA,GAAA,uCAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,CAAC,AAAC;IAC7D,MAAM,gBAAgB,GAAG,CAAA,GAAA,uCAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,gBAAgB,CAAC,CAAC,AAAC;IAEnF,IAAI,KAAK,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAClB,uCAAuC,EACvC,IAAI,CAAA,GAAA,yCAAS,CAAA,CAAC,KAAK,EAAE,gBAAgB,CAAC,CACvC,CAAC;IAGJ,MAAM,oBAAoB,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,AAAC;IAE/D,IAAI,CAAC,oBAAoB,EACvB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,yCAAyC,CAAC,CAAC;IAGlE,IAAI,oBAAoB,KAAK,KAAK,EAChC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,4CAA4C,CAAC,CAAC;IAGrE,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,CAAC,AAAC;IAE9C,IAAI,CAAC,IAAI,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wCAAwC,CAAC,CAAC;IAGjE,OAAO,IAAI,CAAC;CACb,AAAC;;ADjDF;;;;;;AGAA;;;;AAMA,MAAM,2CAAqB,GAAG,EAAE,AAAC;AAEjC;;GAEG,CACH,MAAM,yCAAmB,GAAG,uBAAM,CAAC;IACjC,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,OAAO,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IAC3C,IAAI,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IACxC,QAAQ,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IAC5C,MAAM,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IAC1C,UAAU,EAAE,2BAAU,CAAC,2BAAU,CAAC,wBAAO,CAAC,yBAAQ,EAAE,CAAC,CAAC,CAAC;CACxD,CAAC,AAAC;AAII,MAAM,yCAAa,GAAG,OAC3B,OAAe,EACf,QAAgB,EAChB,MAAc,EACd,IAAqB,GAClB;IACH,MAAM,MAAM,GAAG,MAAM,CAAA,GAAA,qBAAS,CAAA,CAAC,OAAO,EAAE,IAAI,EAAE;QAAE,QAAQ,EAAE,QAAQ;gBAAE,MAAM;KAAE,CAAC,AAAC;IAE9E,IAAI,IAAI,CAAC,GAAG,CAAC,AAAC,CAAA,MAAM,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAA,GAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,2CAAqB,EACjF,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,sBAAsB,CAAC,CAAC;CAEhD,AAAC;AAEK,MAAM,yCAAa,GAAG,CAAC,KAAa,GAAoB;IAC7D,MAAM,EAAE,CAAC,EAAE,cAAc,CAAA,EAAE,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE/C,IAAI,CAAC,cAAc,EACjB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wBAAwB,CAAC,CAAC;IAGjD,MAAM,IAAI,GAAG,CAAA,GAAA,yCAAa,CAAA,CAAC,MAAM,CAAC,cAAc,CAAC,AAAC;IAClD,MAAM,aAAa,GAAY,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,AAAC;IAChD,yBAAQ,CAAC,aAAa,EAAE,yCAAmB,CAAC,CAAC;IAE7C,OAAO,aAAa,CAAC;CACtB,AAAC;;;;;;AC/CK,MAAM,wCAAkB,GAAG,CAAC,cAAyB,GAAa;IACvE,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC;QAAC,QAAQ;QAAE,gBAAgB;QAAE,SAAS;WAAM,cAAc,IAAI,EAAE;KAAE,CAAC,AAAC;IAEjG,OAAO,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;CAC3C,AAAC;;;;;;;;;ALLF,MAAM,yCAAmB,GAAG,MAAM,AAAC;AACnC,MAAM,kCAAY,GAAG,MAAM,AAAC;AAarB,MAAM,yCAAiB,GAAG,CAAC,yBAChC,qBAAqB,CAAA,YACrB,QAAQ,CAAA,eACR,WAAW,CAAA,iBACX,aAAa,CAAA,SACb,KAAK,CAAA,UACL,MAAM,CAAA,aACN,SAAS,CAAA,UACT,MAAM,CAAA,EACc,GAAK;IACzB,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAC9C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;QAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,WAAW;QACnC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,aAAa,CAAC,EAAE,aAAa;QACvC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,mBAAmB,CAAC,EAAE,yCAAmB;QACnD,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;QACvB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,CAAC,EAAE,kCAAY;QACrC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,MAAM,CAAC,EAAE,MAAM,IAAI,CAAA,GAAA,yCAAM,CAAA,CAAC,OAAO;QAC3C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,CAAA,GAAA,wCAAkB,CAAA,CAAC,MAAM,CAAC;KAC7C,CAAC,AAAC;IAEH,KAAK,MAAM,QAAQ,IAAI,SAAS,IAAI,EAAE,CACpC,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAG1D,OAAO,CAAC,EAAE,qBAAqB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CACrE,AAAC;;;;;;AM3CF;AAQO,MAAM,yCAAkB,GAAG,CAAC,sBACjC,kBAAkB,CAAA,WAClB,OAAO,CAAA,yBACP,qBAAqB,CAAA,EACA,GAAK;IAC1B,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAAE,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,OAAO;KAAE,CAAC,AAAC;IAErF,IAAI,qBAAqB,EACvB,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,qBAAqB,EAAE,qBAAqB,CAAC,CAAC;IAGpF,OAAO,CAAC,EAAE,kBAAkB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CAClE,AAAC;;;;;;;;;AZnBF;;;;;","sources":["packages/js/src/index.ts","packages/js/src/core/index.ts","packages/js/src/core/fetch-token.ts","packages/js/src/consts/index.ts","packages/js/src/core/oidc-config.ts","packages/js/src/core/revoke.ts","packages/js/src/core/sign-in.ts","packages/js/src/utils/index.ts","packages/js/src/utils/callback-uri.ts","packages/js/src/utils/errors.ts","packages/js/src/utils/id-token.ts","packages/js/src/utils/scopes.ts","packages/js/src/core/sign-out.ts","packages/js/src/types/index.ts"],"sourcesContent":["/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\nexport * from './types';\n","export * from './fetch-token';\nexport * from './oidc-config';\nexport * from './revoke';\nexport * from './sign-in';\nexport * from './sign-out';\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { ContentType, QueryKey, TokenGrantType } from '../consts';\nimport { Requester } from '../types';\n\nexport type FetchTokenByAuthorizationCodeParameters = {\n clientId: string;\n tokenEndpoint: string;\n redirectUri: string;\n codeVerifier: string;\n code: string;\n resource?: string;\n};\n\nexport type FetchTokenByRefreshTokenParameters = {\n clientId: string;\n tokenEndpoint: string;\n refreshToken: string;\n resource?: string;\n scopes?: string[];\n};\n\ntype SnakeCaseCodeTokenResponse = {\n access_token: string;\n refresh_token?: string;\n id_token: string;\n scope: string;\n expires_in: number;\n};\n\nexport type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;\n\ntype SnakeCaseRefreshTokenTokenResponse = {\n access_token: string;\n refresh_token: string;\n id_token?: string;\n scope: string;\n expires_in: number;\n};\n\nexport type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;\n\nexport const fetchTokenByAuthorizationCode = async (\n {\n clientId,\n tokenEndpoint,\n redirectUri,\n codeVerifier,\n code,\n resource,\n }: FetchTokenByAuthorizationCodeParameters,\n requester: Requester\n): Promise<CodeTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.Code, code);\n parameters.append(QueryKey.CodeVerifier, codeVerifier);\n parameters.append(QueryKey.RedirectUri, redirectUri);\n parameters.append(QueryKey.GrantType, TokenGrantType.AuthorizationCode);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n const snakeCaseCodeTokenResponse = await requester<SnakeCaseCodeTokenResponse>(tokenEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n });\n\n return camelcaseKeys(snakeCaseCodeTokenResponse);\n};\n\nexport const fetchTokenByRefreshToken = async (\n { clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters,\n requester: Requester\n): Promise<RefreshTokenTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.RefreshToken, refreshToken);\n parameters.append(QueryKey.GrantType, TokenGrantType.RefreshToken);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n if (scopes?.length) {\n parameters.append(QueryKey.Scope, scopes.join(' '));\n }\n\n const snakeCaseRefreshTokenTokenResponse = await requester<SnakeCaseRefreshTokenTokenResponse>(\n tokenEndpoint,\n {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n }\n );\n\n return camelcaseKeys(snakeCaseRefreshTokenTokenResponse);\n};\n","export const ContentType = {\n formUrlEncoded: { 'Content-Type': 'application/x-www-form-urlencoded' },\n};\n\nexport enum TokenGrantType {\n AuthorizationCode = 'authorization_code',\n RefreshToken = 'refresh_token',\n}\n\nexport enum QueryKey {\n ClientId = 'client_id',\n Code = 'code',\n CodeChallenge = 'code_challenge',\n CodeChallengeMethod = 'code_challenge_method',\n CodeVerifier = 'code_verifier',\n Error = 'error',\n ErrorDescription = 'error_description',\n GrantType = 'grant_type',\n IdToken = 'id_token',\n IdTokenHint = 'id_token_hint',\n PostLogoutRedirectUri = 'post_logout_redirect_uri',\n Prompt = 'prompt',\n RedirectUri = 'redirect_uri',\n RefreshToken = 'refresh_token',\n Resource = 'resource',\n ResponseType = 'response_type',\n Scope = 'scope',\n State = 'state',\n Token = 'token',\n}\n\nexport enum Prompt {\n Consent = 'consent',\n Login = 'login',\n}\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { Requester } from '../types';\n\ntype OidcConfigSnakeCaseResponse = {\n authorization_endpoint: string;\n token_endpoint: string;\n end_session_endpoint: string;\n revocation_endpoint: string;\n jwks_uri: string;\n issuer: string;\n};\n\nexport const discoveryPath = '/oidc/.well-known/openid-configuration';\n\nexport type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;\n\nexport const fetchOidcConfig = async (\n endpoint: string,\n requester: Requester\n): Promise<OidcConfigResponse> =>\n camelcaseKeys(await requester<OidcConfigSnakeCaseResponse>(endpoint));\n","import { ContentType, QueryKey } from '../consts';\nimport { Requester } from '../types';\n\nexport const revoke = async (\n revocationEndpoint: string,\n clientId: string,\n token: string,\n requester: Requester\n): Promise<void> =>\n requester<void>(revocationEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.Token]: token,\n }),\n });\n","import { Prompt, QueryKey } from '../consts';\nimport { withReservedScopes } from '../utils';\n\nconst codeChallengeMethod = 'S256';\nconst responseType = 'code';\n\nexport type SignInUriParameters = {\n authorizationEndpoint: string;\n clientId: string;\n redirectUri: string;\n codeChallenge: string;\n state: string;\n scopes?: string[];\n resources?: string[];\n prompt?: Prompt;\n};\n\nexport const generateSignInUri = ({\n authorizationEndpoint,\n clientId,\n redirectUri,\n codeChallenge,\n state,\n scopes,\n resources,\n prompt,\n}: SignInUriParameters) => {\n const urlSearchParameters = new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.RedirectUri]: redirectUri,\n [QueryKey.CodeChallenge]: codeChallenge,\n [QueryKey.CodeChallengeMethod]: codeChallengeMethod,\n [QueryKey.State]: state,\n [QueryKey.ResponseType]: responseType,\n [QueryKey.Prompt]: prompt ?? Prompt.Consent,\n [QueryKey.Scope]: withReservedScopes(scopes),\n });\n\n for (const resource of resources ?? []) {\n urlSearchParameters.append(QueryKey.Resource, resource);\n }\n\n return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export * from './callback-uri';\nexport * from './errors';\nexport * from './id-token';\nexport * from './scopes';\n","import { conditional } from '@silverhand/essentials';\n\nimport { QueryKey } from '../consts';\nimport { LogtoError, OidcError } from './errors';\n\nexport const parseUriParameters = (uri: string) => {\n const [, queryString = ''] = uri.split('?');\n\n return new URLSearchParams(queryString);\n};\n\n// eslint-disable-next-line complexity\nexport const verifyAndParseCodeFromCallbackUri = (\n callbackUri: string,\n redirectUri: string,\n state: string\n) => {\n if (!callbackUri.startsWith(redirectUri)) {\n throw new LogtoError('callback_uri_verification.redirect_uri_mismatched');\n }\n const uriParameters = parseUriParameters(callbackUri);\n\n const error = conditional(uriParameters.get(QueryKey.Error));\n const errorDescription = conditional(uriParameters.get(QueryKey.ErrorDescription));\n\n if (error) {\n throw new LogtoError(\n 'callback_uri_verification.error_found',\n new OidcError(error, errorDescription)\n );\n }\n\n const stateFromCallbackUri = uriParameters.get(QueryKey.State);\n\n if (!stateFromCallbackUri) {\n throw new LogtoError('callback_uri_verification.missing_state');\n }\n\n if (stateFromCallbackUri !== state) {\n throw new LogtoError('callback_uri_verification.state_mismatched');\n }\n\n const code = uriParameters.get(QueryKey.Code);\n\n if (!code) {\n throw new LogtoError('callback_uri_verification.missing_code');\n }\n\n return code;\n};\n","import { NormalizeKeyPaths } from '@silverhand/essentials';\nimport get from 'lodash.get';\nimport * as s from 'superstruct';\n\nconst logtoErrorCodes = Object.freeze({\n id_token: {\n invalid_iat: 'Invalid issued at time in the ID token',\n invalid_token: 'Invalid ID token',\n },\n callback_uri_verification: {\n redirect_uri_mismatched: 'The callback URI mismatches the redirect URI.',\n error_found: 'Error found in the callback URI',\n missing_state: 'Missing state in the callback URI',\n state_mismatched: 'State mismatched in the callback URI',\n missing_code: 'Missing code in the callback URI',\n },\n crypto_subtle_unavailable: 'Crypto.subtle is unavailable in insecure contexts (non-HTTPS).',\n unexpected_response_error: 'Unexpected response error from the server.',\n});\n\nexport type LogtoErrorCode = NormalizeKeyPaths<typeof logtoErrorCodes>;\n\nconst getMessageByErrorCode = (errorCode: LogtoErrorCode): string => {\n // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment\n const message = get(logtoErrorCodes, errorCode);\n\n if (typeof message === 'string') {\n return message;\n }\n\n return errorCode;\n};\n\nexport class LogtoError extends Error {\n code: LogtoErrorCode;\n data: unknown;\n\n constructor(code: LogtoErrorCode, data?: unknown) {\n super(getMessageByErrorCode(code));\n this.code = code;\n this.data = data;\n }\n}\n\nexport const logtoRequestErrorSchema = s.type({\n code: s.string(),\n message: s.string(),\n});\n\nexport class LogtoRequestError extends Error {\n code: string;\n\n constructor(code: string, message: string) {\n super(message);\n this.code = code;\n }\n}\n\nexport class OidcError {\n constructor(public error: string, public errorDescription?: string) {}\n}\n","import { UrlSafeBase64 } from '@silverhand/essentials';\nimport { jwtVerify, JWTVerifyGetKey } from 'jose';\nimport * as s from 'superstruct';\n\nimport { LogtoError } from './errors';\n\nconst issuedAtTimeTolerance = 60;\n\n/**\n * @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\n */\nconst IdTokenClaimsSchema = s.type({\n iss: s.string(),\n sub: s.string(),\n aud: s.string(),\n exp: s.number(),\n iat: s.number(),\n at_hash: s.nullable(s.optional(s.string())),\n name: s.nullable(s.optional(s.string())),\n username: s.nullable(s.optional(s.string())),\n avatar: s.nullable(s.optional(s.string())),\n role_names: s.nullable(s.optional(s.array(s.string()))),\n});\n\nexport type IdTokenClaims = s.Infer<typeof IdTokenClaimsSchema>;\n\nexport const verifyIdToken = async (\n idToken: string,\n clientId: string,\n issuer: string,\n jwks: JWTVerifyGetKey\n) => {\n const result = await jwtVerify(idToken, jwks, { audience: clientId, issuer });\n\n if (Math.abs((result.payload.iat ?? 0) - Date.now() / 1000) > issuedAtTimeTolerance) {\n throw new LogtoError('id_token.invalid_iat');\n }\n};\n\nexport const decodeIdToken = (token: string): IdTokenClaims => {\n const { 1: encodedPayload } = token.split('.');\n\n if (!encodedPayload) {\n throw new LogtoError('id_token.invalid_token');\n }\n\n const json = UrlSafeBase64.decode(encodedPayload);\n const idTokenClaims: unknown = JSON.parse(json);\n s.assert(idTokenClaims, IdTokenClaimsSchema);\n\n return idTokenClaims;\n};\n","/**\n * @param originalScopes\n * @return scopes should contain all reserved scopes ( Logto requires `openid` and `offline_access` )\n */\nexport const withReservedScopes = (originalScopes?: string[]): string => {\n const uniqueScopes = new Set(['openid', 'offline_access', 'profile', ...(originalScopes ?? [])]);\n\n return Array.from(uniqueScopes).join(' ');\n};\n","import { QueryKey } from '../consts';\n\ntype SignOutUriParameters = {\n endSessionEndpoint: string;\n idToken: string;\n postLogoutRedirectUri?: string;\n};\n\nexport const generateSignOutUri = ({\n endSessionEndpoint,\n idToken,\n postLogoutRedirectUri,\n}: SignOutUriParameters) => {\n const urlSearchParameters = new URLSearchParams({ [QueryKey.IdTokenHint]: idToken });\n\n if (postLogoutRedirectUri) {\n urlSearchParameters.append(QueryKey.PostLogoutRedirectUri, postLogoutRedirectUri);\n }\n\n return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export type LogtoRequestErrorBody = {\n code: string;\n message: string;\n};\n\nexport type Requester = <T>(...args: Parameters<typeof fetch>) => Promise<T>;\n"],"names":[],"version":3,"file":"index.js.map"}
|
|
1
|
+
{"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AEAA;;;;;;;ACAO,MAAM,yCAAW,GAAG;IACzB,cAAc,EAAE;QAAE,cAAc,EAAE,mCAAmC;KAAE;CACxE,AAAC;IAEK,yCAGN;UAHW,cAAc;IAAd,cAAc,CACxB,mBAAiB,IAAG,oBAAoB;IAD9B,cAAc,CAExB,cAAY,IAAG,eAAe;GAFpB,yCAAc,KAAd,yCAAc;IAKnB,yCAoBN;UApBW,QAAQ;IAAR,QAAQ,CAClB,UAAQ,IAAG,WAAW;IADZ,QAAQ,CAElB,MAAI,IAAG,MAAM;IAFH,QAAQ,CAGlB,eAAa,IAAG,gBAAgB;IAHtB,QAAQ,CAIlB,qBAAmB,IAAG,uBAAuB;IAJnC,QAAQ,CAKlB,cAAY,IAAG,eAAe;IALpB,QAAQ,CAMlB,OAAK,IAAG,OAAO;IANL,QAAQ,CAOlB,kBAAgB,IAAG,mBAAmB;IAP5B,QAAQ,CAQlB,WAAS,IAAG,YAAY;IARd,QAAQ,CASlB,SAAO,IAAG,UAAU;IATV,QAAQ,CAUlB,aAAW,IAAG,eAAe;IAVnB,QAAQ,CAWlB,uBAAqB,IAAG,0BAA0B;IAXxC,QAAQ,CAYlB,QAAM,IAAG,QAAQ;IAZP,QAAQ,CAalB,aAAW,IAAG,cAAc;IAblB,QAAQ,CAclB,cAAY,IAAG,eAAe;IAdpB,QAAQ,CAelB,UAAQ,IAAG,UAAU;IAfX,QAAQ,CAgBlB,cAAY,IAAG,eAAe;IAhBpB,QAAQ,CAiBlB,OAAK,IAAG,OAAO;IAjBL,QAAQ,CAkBlB,OAAK,IAAG,OAAO;IAlBL,QAAQ,CAmBlB,OAAK,IAAG,OAAO;GAnBL,yCAAQ,KAAR,yCAAQ;IAsBb,yCAGN;UAHW,MAAM;IAAN,MAAM,CAChB,SAAO,IAAG,SAAS;IADT,MAAM,CAEhB,OAAK,IAAG,OAAO;GAFL,yCAAM,KAAN,yCAAM;;;ADYX,MAAM,yCAA6B,GAAG,OAC3C,YACE,QAAQ,CAAA,iBACR,aAAa,CAAA,eACb,WAAW,CAAA,gBACX,YAAY,CAAA,QACZ,IAAI,CAAA,YACJ,QAAQ,CAAA,EACgC,EAC1C,SAAoB,GACW;IAC/B,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACvC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACrD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,iBAAiB,CAAC,CAAC;IAExE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,MAAM,0BAA0B,GAAG,MAAM,SAAS,CAA6B,aAAa,EAAE;QAC5F,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CAAC,AAAC;IAEH,OAAO,CAAA,GAAA,8CAAa,CAAA,CAAC,0BAA0B,CAAC,CAAC;CAClD,AAAC;AAEK,MAAM,yCAAwB,GAAG,OACtC,YAAE,QAAQ,CAAA,iBAAE,aAAa,CAAA,gBAAE,YAAY,CAAA,YAAE,QAAQ,CAAA,UAAE,MAAM,CAAA,EAAsC,EAC/F,SAAoB,GACmB;IACvC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,YAAY,CAAC,CAAC;IAEnE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,IAAI,MAAM,EAAE,MAAM,EAChB,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAGtD,MAAM,kCAAkC,GAAG,MAAM,SAAS,CACxD,aAAa,EACb;QACE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CACF,AAAC;IAEF,OAAO,CAAA,GAAA,8CAAa,CAAA,CAAC,kCAAkC,CAAC,CAAC;CAC1D,AAAC;;ADrGF;;;;;AGAA;AAeO,MAAM,yCAAa,GAAG,wCAAwC,AAAC;AAI/D,MAAM,yCAAe,GAAG,OAC7B,QAAgB,EAChB,SAAoB,GAEpB,CAAA,GAAA,8CAAa,CAAA,CAAC,MAAM,SAAS,CAA8B,QAAQ,CAAC,CAAC,AAAC;;;;;;ACvBxE;AAGO,MAAM,yCAAM,GAAG,OACpB,kBAA0B,EAC1B,QAAgB,EAChB,KAAa,EACb,SAAoB,GAEpB,SAAS,CAAO,kBAAkB,EAAE;QAClC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,IAAI,eAAe,CAAC;YACxB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;YAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;SACxB,CAAC;KACH,CAAC,AAAC;;;;;;AChBL;;;;;;AEAA;;;;;;;;ACAA;;AAIA,MAAM,qCAAe,GAAG,MAAM,CAAC,MAAM,CAAC;IACpC,QAAQ,EAAE;QACR,WAAW,EAAE,wCAAwC;QACrD,aAAa,EAAE,kBAAkB;KAClC;IACD,yBAAyB,EAAE;QACzB,uBAAuB,EAAE,+CAA+C;QACxE,WAAW,EAAE,iCAAiC;QAC9C,aAAa,EAAE,mCAAmC;QAClD,gBAAgB,EAAE,sCAAsC;QACxD,YAAY,EAAE,kCAAkC;KACjD;IACD,yBAAyB,EAAE,gEAAgE;IAC3F,yBAAyB,EAAE,4CAA4C;CACxE,CAAC,AAAC;AAIH,MAAM,2CAAqB,GAAG,CAAC,SAAyB,GAAa;IACnE,mEAAmE;IACnE,MAAM,OAAO,GAAG,CAAA,GAAA,0CAAG,CAAA,CAAC,qCAAe,EAAE,SAAS,CAAC,AAAC;IAEhD,IAAI,OAAO,OAAO,KAAK,QAAQ,EAC7B,OAAO,OAAO,CAAC;IAGjB,OAAO,SAAS,CAAC;CAClB,AAAC;AAEK,MAAM,yCAAU,SAAS,KAAK;IAInC,YAAY,IAAoB,EAAE,IAAc,CAAE;QAChD,KAAK,CAAC,2CAAqB,CAAC,IAAI,CAAC,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAuB,GAAG,uBAAM,CAAC;IAC5C,IAAI,EAAE,yBAAQ,EAAE;IAChB,OAAO,EAAE,yBAAQ,EAAE;CACpB,CAAC,AAAC;AAEI,MAAM,yCAAiB,SAAS,KAAK;IAG1C,YAAY,IAAY,EAAE,OAAe,CAAE;QACzC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAS;IACpB,YAAmB,KAAa,EAAS,gBAAyB,CAAE;aAAjD,KAAa,GAAb,KAAa;aAAS,gBAAyB,GAAzB,gBAAyB;KAAI;CACvE;;;ADvDM,MAAM,yCAAkB,GAAG,CAAC,GAAW,GAAK;IACjD,MAAM,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE5C,OAAO,IAAI,eAAe,CAAC,WAAW,CAAC,CAAC;CACzC,AAAC;AAGK,MAAM,yCAAiC,GAAG,CAC/C,WAAmB,EACnB,WAAmB,EACnB,KAAa,GACV;IACH,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,WAAW,CAAC,EACtC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,mDAAmD,CAAC,CAAC;IAE5E,MAAM,aAAa,GAAG,yCAAkB,CAAC,WAAW,CAAC,AAAC;IAEtD,MAAM,KAAK,GAAG,CAAA,GAAA,uCAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,CAAC,AAAC;IAC7D,MAAM,gBAAgB,GAAG,CAAA,GAAA,uCAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,gBAAgB,CAAC,CAAC,AAAC;IAEnF,IAAI,KAAK,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAClB,uCAAuC,EACvC,IAAI,CAAA,GAAA,yCAAS,CAAA,CAAC,KAAK,EAAE,gBAAgB,CAAC,CACvC,CAAC;IAGJ,MAAM,oBAAoB,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,AAAC;IAE/D,IAAI,CAAC,oBAAoB,EACvB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,yCAAyC,CAAC,CAAC;IAGlE,IAAI,oBAAoB,KAAK,KAAK,EAChC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,4CAA4C,CAAC,CAAC;IAGrE,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,CAAC,AAAC;IAE9C,IAAI,CAAC,IAAI,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wCAAwC,CAAC,CAAC;IAGjE,OAAO,IAAI,CAAC;CACb,AAAC;;ADjDF;;;;;;AGAA;;;;AAMA,MAAM,2CAAqB,GAAG,EAAE,AAAC;AAEjC;;GAEG,CACH,MAAM,yCAAmB,GAAG,uBAAM,CAAC;IACjC,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,GAAG,EAAE,yBAAQ,EAAE;IACf,OAAO,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IAC3C,IAAI,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IACxC,QAAQ,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IAC5C,MAAM,EAAE,2BAAU,CAAC,2BAAU,CAAC,yBAAQ,EAAE,CAAC,CAAC;IAC1C,UAAU,EAAE,2BAAU,CAAC,2BAAU,CAAC,wBAAO,CAAC,yBAAQ,EAAE,CAAC,CAAC,CAAC;CACxD,CAAC,AAAC;AAII,MAAM,yCAAa,GAAG,OAC3B,OAAe,EACf,QAAgB,EAChB,MAAc,EACd,IAAqB,GAClB;IACH,MAAM,MAAM,GAAG,MAAM,CAAA,GAAA,qBAAS,CAAA,CAAC,OAAO,EAAE,IAAI,EAAE;QAAE,QAAQ,EAAE,QAAQ;gBAAE,MAAM;KAAE,CAAC,AAAC;IAE9E,IAAI,IAAI,CAAC,GAAG,CAAC,AAAC,CAAA,MAAM,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAA,GAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,2CAAqB,EACjF,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,sBAAsB,CAAC,CAAC;CAEhD,AAAC;AAEK,MAAM,yCAAa,GAAG,CAAC,KAAa,GAAoB;IAC7D,MAAM,EAAE,CAAC,EAAE,cAAc,CAAA,EAAE,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE/C,IAAI,CAAC,cAAc,EACjB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wBAAwB,CAAC,CAAC;IAGjD,MAAM,IAAI,GAAG,CAAA,GAAA,yCAAa,CAAA,CAAC,MAAM,CAAC,cAAc,CAAC,AAAC;IAClD,MAAM,aAAa,GAAY,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,AAAC;IAChD,yBAAQ,CAAC,aAAa,EAAE,yCAAmB,CAAC,CAAC;IAE7C,OAAO,aAAa,CAAC;CACtB,AAAC;;;;;;AC/CK,MAAM,wCAAkB,GAAG,CAAC,cAAyB,GAAa;IACvE,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC;QAAC,QAAQ;QAAE,gBAAgB;QAAE,SAAS;WAAM,cAAc,IAAI,EAAE;KAAE,CAAC,AAAC;IAEjG,OAAO,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;CAC3C,AAAC;;;;;;;;;ALLF,MAAM,yCAAmB,GAAG,MAAM,AAAC;AACnC,MAAM,kCAAY,GAAG,MAAM,AAAC;AAarB,MAAM,yCAAiB,GAAG,CAAC,yBAChC,qBAAqB,CAAA,YACrB,QAAQ,CAAA,eACR,WAAW,CAAA,iBACX,aAAa,CAAA,SACb,KAAK,CAAA,UACL,MAAM,CAAA,aACN,SAAS,CAAA,UACT,MAAM,CAAA,EACc,GAAK;IACzB,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAC9C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;QAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,WAAW;QACnC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,aAAa,CAAC,EAAE,aAAa;QACvC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,mBAAmB,CAAC,EAAE,yCAAmB;QACnD,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;QACvB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,CAAC,EAAE,kCAAY;QACrC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,MAAM,CAAC,EAAE,MAAM,IAAI,CAAA,GAAA,yCAAM,CAAA,CAAC,OAAO;QAC3C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,CAAA,GAAA,wCAAkB,CAAA,CAAC,MAAM,CAAC;KAC7C,CAAC,AAAC;IAEH,KAAK,MAAM,QAAQ,IAAI,SAAS,IAAI,EAAE,CACpC,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAG1D,OAAO,CAAC,EAAE,qBAAqB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CACrE,AAAC;;;;;;AM3CF;AAQO,MAAM,yCAAkB,GAAG,CAAC,sBACjC,kBAAkB,CAAA,WAClB,OAAO,CAAA,yBACP,qBAAqB,CAAA,EACA,GAAK;IAC1B,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAAE,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,OAAO;KAAE,CAAC,AAAC;IAErF,IAAI,qBAAqB,EACvB,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,qBAAqB,EAAE,qBAAqB,CAAC,CAAC;IAGpF,OAAO,CAAC,EAAE,kBAAkB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CAClE,AAAC;;;;;;ACCK,MAAM,yCAAa,GAAG,OAC3B,gBAAwB,EACxB,WAAmB,EACnB,SAAoB,GAEpB,SAAS,CAAmB,gBAAgB,EAAE;QAC5C,OAAO,EAAE;YAAE,aAAa,EAAE,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;SAAE;KACpD,CAAC,AAAC;;;;;;;;;;Ab3BL;;;;;","sources":["packages/js/src/index.ts","packages/js/src/core/index.ts","packages/js/src/core/fetch-token.ts","packages/js/src/consts/index.ts","packages/js/src/core/oidc-config.ts","packages/js/src/core/revoke.ts","packages/js/src/core/sign-in.ts","packages/js/src/utils/index.ts","packages/js/src/utils/callback-uri.ts","packages/js/src/utils/errors.ts","packages/js/src/utils/id-token.ts","packages/js/src/utils/scopes.ts","packages/js/src/core/sign-out.ts","packages/js/src/core/user-info.ts","packages/js/src/types/index.ts"],"sourcesContent":["/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\nexport * from './types';\n","export * from './fetch-token';\nexport * from './oidc-config';\nexport * from './revoke';\nexport * from './sign-in';\nexport * from './sign-out';\nexport * from './user-info';\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { ContentType, QueryKey, TokenGrantType } from '../consts';\nimport { Requester } from '../types';\n\nexport type FetchTokenByAuthorizationCodeParameters = {\n clientId: string;\n tokenEndpoint: string;\n redirectUri: string;\n codeVerifier: string;\n code: string;\n resource?: string;\n};\n\nexport type FetchTokenByRefreshTokenParameters = {\n clientId: string;\n tokenEndpoint: string;\n refreshToken: string;\n resource?: string;\n scopes?: string[];\n};\n\ntype SnakeCaseCodeTokenResponse = {\n access_token: string;\n refresh_token?: string;\n id_token: string;\n scope: string;\n expires_in: number;\n};\n\nexport type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;\n\ntype SnakeCaseRefreshTokenTokenResponse = {\n access_token: string;\n refresh_token: string;\n id_token?: string;\n scope: string;\n expires_in: number;\n};\n\nexport type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;\n\nexport const fetchTokenByAuthorizationCode = async (\n {\n clientId,\n tokenEndpoint,\n redirectUri,\n codeVerifier,\n code,\n resource,\n }: FetchTokenByAuthorizationCodeParameters,\n requester: Requester\n): Promise<CodeTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.Code, code);\n parameters.append(QueryKey.CodeVerifier, codeVerifier);\n parameters.append(QueryKey.RedirectUri, redirectUri);\n parameters.append(QueryKey.GrantType, TokenGrantType.AuthorizationCode);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n const snakeCaseCodeTokenResponse = await requester<SnakeCaseCodeTokenResponse>(tokenEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n });\n\n return camelcaseKeys(snakeCaseCodeTokenResponse);\n};\n\nexport const fetchTokenByRefreshToken = async (\n { clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters,\n requester: Requester\n): Promise<RefreshTokenTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.RefreshToken, refreshToken);\n parameters.append(QueryKey.GrantType, TokenGrantType.RefreshToken);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n if (scopes?.length) {\n parameters.append(QueryKey.Scope, scopes.join(' '));\n }\n\n const snakeCaseRefreshTokenTokenResponse = await requester<SnakeCaseRefreshTokenTokenResponse>(\n tokenEndpoint,\n {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n }\n );\n\n return camelcaseKeys(snakeCaseRefreshTokenTokenResponse);\n};\n","export const ContentType = {\n formUrlEncoded: { 'Content-Type': 'application/x-www-form-urlencoded' },\n};\n\nexport enum TokenGrantType {\n AuthorizationCode = 'authorization_code',\n RefreshToken = 'refresh_token',\n}\n\nexport enum QueryKey {\n ClientId = 'client_id',\n Code = 'code',\n CodeChallenge = 'code_challenge',\n CodeChallengeMethod = 'code_challenge_method',\n CodeVerifier = 'code_verifier',\n Error = 'error',\n ErrorDescription = 'error_description',\n GrantType = 'grant_type',\n IdToken = 'id_token',\n IdTokenHint = 'id_token_hint',\n PostLogoutRedirectUri = 'post_logout_redirect_uri',\n Prompt = 'prompt',\n RedirectUri = 'redirect_uri',\n RefreshToken = 'refresh_token',\n Resource = 'resource',\n ResponseType = 'response_type',\n Scope = 'scope',\n State = 'state',\n Token = 'token',\n}\n\nexport enum Prompt {\n Consent = 'consent',\n Login = 'login',\n}\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { Requester } from '../types';\n\ntype OidcConfigSnakeCaseResponse = {\n authorization_endpoint: string;\n token_endpoint: string;\n userinfo_endpoint: string;\n end_session_endpoint: string;\n revocation_endpoint: string;\n jwks_uri: string;\n issuer: string;\n};\n\nexport const discoveryPath = '/oidc/.well-known/openid-configuration';\n\nexport type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;\n\nexport const fetchOidcConfig = async (\n endpoint: string,\n requester: Requester\n): Promise<OidcConfigResponse> =>\n camelcaseKeys(await requester<OidcConfigSnakeCaseResponse>(endpoint));\n","import { ContentType, QueryKey } from '../consts';\nimport { Requester } from '../types';\n\nexport const revoke = async (\n revocationEndpoint: string,\n clientId: string,\n token: string,\n requester: Requester\n): Promise<void> =>\n requester<void>(revocationEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.Token]: token,\n }),\n });\n","import { Prompt, QueryKey } from '../consts';\nimport { withReservedScopes } from '../utils';\n\nconst codeChallengeMethod = 'S256';\nconst responseType = 'code';\n\nexport type SignInUriParameters = {\n authorizationEndpoint: string;\n clientId: string;\n redirectUri: string;\n codeChallenge: string;\n state: string;\n scopes?: string[];\n resources?: string[];\n prompt?: Prompt;\n};\n\nexport const generateSignInUri = ({\n authorizationEndpoint,\n clientId,\n redirectUri,\n codeChallenge,\n state,\n scopes,\n resources,\n prompt,\n}: SignInUriParameters) => {\n const urlSearchParameters = new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.RedirectUri]: redirectUri,\n [QueryKey.CodeChallenge]: codeChallenge,\n [QueryKey.CodeChallengeMethod]: codeChallengeMethod,\n [QueryKey.State]: state,\n [QueryKey.ResponseType]: responseType,\n [QueryKey.Prompt]: prompt ?? Prompt.Consent,\n [QueryKey.Scope]: withReservedScopes(scopes),\n });\n\n for (const resource of resources ?? []) {\n urlSearchParameters.append(QueryKey.Resource, resource);\n }\n\n return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export * from './callback-uri';\nexport * from './errors';\nexport * from './id-token';\nexport * from './scopes';\n","import { conditional } from '@silverhand/essentials';\n\nimport { QueryKey } from '../consts';\nimport { LogtoError, OidcError } from './errors';\n\nexport const parseUriParameters = (uri: string) => {\n const [, queryString = ''] = uri.split('?');\n\n return new URLSearchParams(queryString);\n};\n\n// eslint-disable-next-line complexity\nexport const verifyAndParseCodeFromCallbackUri = (\n callbackUri: string,\n redirectUri: string,\n state: string\n) => {\n if (!callbackUri.startsWith(redirectUri)) {\n throw new LogtoError('callback_uri_verification.redirect_uri_mismatched');\n }\n const uriParameters = parseUriParameters(callbackUri);\n\n const error = conditional(uriParameters.get(QueryKey.Error));\n const errorDescription = conditional(uriParameters.get(QueryKey.ErrorDescription));\n\n if (error) {\n throw new LogtoError(\n 'callback_uri_verification.error_found',\n new OidcError(error, errorDescription)\n );\n }\n\n const stateFromCallbackUri = uriParameters.get(QueryKey.State);\n\n if (!stateFromCallbackUri) {\n throw new LogtoError('callback_uri_verification.missing_state');\n }\n\n if (stateFromCallbackUri !== state) {\n throw new LogtoError('callback_uri_verification.state_mismatched');\n }\n\n const code = uriParameters.get(QueryKey.Code);\n\n if (!code) {\n throw new LogtoError('callback_uri_verification.missing_code');\n }\n\n return code;\n};\n","import { NormalizeKeyPaths } from '@silverhand/essentials';\nimport get from 'lodash.get';\nimport * as s from 'superstruct';\n\nconst logtoErrorCodes = Object.freeze({\n id_token: {\n invalid_iat: 'Invalid issued at time in the ID token',\n invalid_token: 'Invalid ID token',\n },\n callback_uri_verification: {\n redirect_uri_mismatched: 'The callback URI mismatches the redirect URI.',\n error_found: 'Error found in the callback URI',\n missing_state: 'Missing state in the callback URI',\n state_mismatched: 'State mismatched in the callback URI',\n missing_code: 'Missing code in the callback URI',\n },\n crypto_subtle_unavailable: 'Crypto.subtle is unavailable in insecure contexts (non-HTTPS).',\n unexpected_response_error: 'Unexpected response error from the server.',\n});\n\nexport type LogtoErrorCode = NormalizeKeyPaths<typeof logtoErrorCodes>;\n\nconst getMessageByErrorCode = (errorCode: LogtoErrorCode): string => {\n // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment\n const message = get(logtoErrorCodes, errorCode);\n\n if (typeof message === 'string') {\n return message;\n }\n\n return errorCode;\n};\n\nexport class LogtoError extends Error {\n code: LogtoErrorCode;\n data: unknown;\n\n constructor(code: LogtoErrorCode, data?: unknown) {\n super(getMessageByErrorCode(code));\n this.code = code;\n this.data = data;\n }\n}\n\nexport const logtoRequestErrorSchema = s.type({\n code: s.string(),\n message: s.string(),\n});\n\nexport class LogtoRequestError extends Error {\n code: string;\n\n constructor(code: string, message: string) {\n super(message);\n this.code = code;\n }\n}\n\nexport class OidcError {\n constructor(public error: string, public errorDescription?: string) {}\n}\n","import { urlSafeBase64 } from '@silverhand/essentials';\nimport { jwtVerify, JWTVerifyGetKey } from 'jose';\nimport * as s from 'superstruct';\n\nimport { LogtoError } from './errors';\n\nconst issuedAtTimeTolerance = 60;\n\n/**\n * @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\n */\nconst IdTokenClaimsSchema = s.type({\n iss: s.string(),\n sub: s.string(),\n aud: s.string(),\n exp: s.number(),\n iat: s.number(),\n at_hash: s.nullable(s.optional(s.string())),\n name: s.nullable(s.optional(s.string())),\n username: s.nullable(s.optional(s.string())),\n avatar: s.nullable(s.optional(s.string())),\n role_names: s.nullable(s.optional(s.array(s.string()))),\n});\n\nexport type IdTokenClaims = s.Infer<typeof IdTokenClaimsSchema>;\n\nexport const verifyIdToken = async (\n idToken: string,\n clientId: string,\n issuer: string,\n jwks: JWTVerifyGetKey\n) => {\n const result = await jwtVerify(idToken, jwks, { audience: clientId, issuer });\n\n if (Math.abs((result.payload.iat ?? 0) - Date.now() / 1000) > issuedAtTimeTolerance) {\n throw new LogtoError('id_token.invalid_iat');\n }\n};\n\nexport const decodeIdToken = (token: string): IdTokenClaims => {\n const { 1: encodedPayload } = token.split('.');\n\n if (!encodedPayload) {\n throw new LogtoError('id_token.invalid_token');\n }\n\n const json = urlSafeBase64.decode(encodedPayload);\n const idTokenClaims: unknown = JSON.parse(json);\n s.assert(idTokenClaims, IdTokenClaimsSchema);\n\n return idTokenClaims;\n};\n","/**\n * @param originalScopes\n * @return scopes should contain all reserved scopes ( Logto requires `openid` and `offline_access` )\n */\nexport const withReservedScopes = (originalScopes?: string[]): string => {\n const uniqueScopes = new Set(['openid', 'offline_access', 'profile', ...(originalScopes ?? [])]);\n\n return Array.from(uniqueScopes).join(' ');\n};\n","import { QueryKey } from '../consts';\n\ntype SignOutUriParameters = {\n endSessionEndpoint: string;\n idToken: string;\n postLogoutRedirectUri?: string;\n};\n\nexport const generateSignOutUri = ({\n endSessionEndpoint,\n idToken,\n postLogoutRedirectUri,\n}: SignOutUriParameters) => {\n const urlSearchParameters = new URLSearchParams({ [QueryKey.IdTokenHint]: idToken });\n\n if (postLogoutRedirectUri) {\n urlSearchParameters.append(QueryKey.PostLogoutRedirectUri, postLogoutRedirectUri);\n }\n\n return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;\n};\n","import { Requester } from '../types';\n\ntype Identity = {\n userId: string;\n details?: Record<string, unknown>;\n};\n\nexport type UserInfoResponse = {\n sub: string;\n name?: string;\n username?: string;\n picture?: string;\n role_names?: string[];\n email?: string;\n email_verified?: boolean;\n phone_number?: string;\n phone_number_verified?: boolean;\n custom_data?: unknown;\n identities?: Record<string, Identity>;\n};\n\nexport const fetchUserInfo = async (\n userInfoEndpoint: string,\n accessToken: string,\n requester: Requester\n): Promise<UserInfoResponse> =>\n requester<UserInfoResponse>(userInfoEndpoint, {\n headers: { Authorization: `Bearer ${accessToken}` },\n });\n","export type LogtoRequestErrorBody = {\n code: string;\n message: string;\n};\n\nexport type Requester = <T>(...args: Parameters<typeof fetch>) => Promise<T>;\n"],"names":[],"version":3,"file":"index.js.map"}
|
package/lib/module.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import $lyZgO$camelcasekeys from "camelcase-keys";
|
|
2
|
-
import {conditional as $lyZgO$conditional,
|
|
2
|
+
import {conditional as $lyZgO$conditional, urlSafeBase64 as $lyZgO$urlSafeBase64} from "@silverhand/essentials";
|
|
3
3
|
import $lyZgO$lodashget from "lodash.get";
|
|
4
4
|
import {type as $lyZgO$type, string as $lyZgO$string, number as $lyZgO$number, nullable as $lyZgO$nullable, optional as $lyZgO$optional, array as $lyZgO$array, assert as $lyZgO$assert} from "superstruct";
|
|
5
5
|
import {jwtVerify as $lyZgO$jwtVerify} from "jose";
|
|
@@ -246,7 +246,7 @@ const $dfd50234d3585f12$export$b5b3317c8aecbcd5 = async (idToken, clientId, issu
|
|
|
246
246
|
const $dfd50234d3585f12$export$aac2d5b7f5cd16d5 = (token)=>{
|
|
247
247
|
const { 1: encodedPayload } = token.split(".");
|
|
248
248
|
if (!encodedPayload) throw new (0, $ab66c74b65acc6a3$export$ba60d77e6748b659)("id_token.invalid_token");
|
|
249
|
-
const json = (0, $lyZgO$
|
|
249
|
+
const json = (0, $lyZgO$urlSafeBase64).decode(encodedPayload);
|
|
250
250
|
const idTokenClaims = JSON.parse(json);
|
|
251
251
|
$lyZgO$assert(idTokenClaims, $dfd50234d3585f12$var$IdTokenClaimsSchema);
|
|
252
252
|
return idTokenClaims;
|
|
@@ -304,11 +304,22 @@ const $fcccd93c698efc4f$export$b3c9a2bd2330de28 = ({ endSessionEndpoint: endSess
|
|
|
304
304
|
};
|
|
305
305
|
|
|
306
306
|
|
|
307
|
+
var $4fde57d99d3b8df5$exports = {};
|
|
308
|
+
|
|
309
|
+
$parcel$export($4fde57d99d3b8df5$exports, "fetchUserInfo", () => $4fde57d99d3b8df5$export$eee09f98e5b044aa);
|
|
310
|
+
const $4fde57d99d3b8df5$export$eee09f98e5b044aa = async (userInfoEndpoint, accessToken, requester)=>requester(userInfoEndpoint, {
|
|
311
|
+
headers: {
|
|
312
|
+
Authorization: `Bearer ${accessToken}`
|
|
313
|
+
}
|
|
314
|
+
});
|
|
315
|
+
|
|
316
|
+
|
|
307
317
|
$parcel$exportWildcard($1eda3e9ea5865065$exports, $ce6f2a62716522ae$exports);
|
|
308
318
|
$parcel$exportWildcard($1eda3e9ea5865065$exports, $eefdbfea5ec3abd9$exports);
|
|
309
319
|
$parcel$exportWildcard($1eda3e9ea5865065$exports, $7397ba7739ada584$exports);
|
|
310
320
|
$parcel$exportWildcard($1eda3e9ea5865065$exports, $bfba480b8ff41607$exports);
|
|
311
321
|
$parcel$exportWildcard($1eda3e9ea5865065$exports, $fcccd93c698efc4f$exports);
|
|
322
|
+
$parcel$exportWildcard($1eda3e9ea5865065$exports, $4fde57d99d3b8df5$exports);
|
|
312
323
|
|
|
313
324
|
|
|
314
325
|
|
|
@@ -318,5 +329,5 @@ var $be59ab5b66bc1c36$exports = {};
|
|
|
318
329
|
|
|
319
330
|
|
|
320
331
|
|
|
321
|
-
export {$ce6f2a62716522ae$export$684f740cd70532d4 as fetchTokenByAuthorizationCode, $ce6f2a62716522ae$export$9909137b467efb8b as fetchTokenByRefreshToken, $eefdbfea5ec3abd9$export$815bda5ead26b243 as discoveryPath, $eefdbfea5ec3abd9$export$98242d8e822ad11f as fetchOidcConfig, $7397ba7739ada584$export$573f8dbbf6fbef75 as revoke, $bfba480b8ff41607$export$b01a187f12b774c6 as generateSignInUri, $fcccd93c698efc4f$export$b3c9a2bd2330de28 as generateSignOutUri, $2cac19d9fad63bff$export$4851e69315d5b72c as parseUriParameters, $2cac19d9fad63bff$export$dc3fae3c99763885 as verifyAndParseCodeFromCallbackUri, $ab66c74b65acc6a3$export$ba60d77e6748b659 as LogtoError, $ab66c74b65acc6a3$export$cccd51a00718f001 as logtoRequestErrorSchema, $ab66c74b65acc6a3$export$e6e15b8ba42b9b70 as LogtoRequestError, $ab66c74b65acc6a3$export$d4832bcf9ce430e0 as OidcError, $dfd50234d3585f12$export$b5b3317c8aecbcd5 as verifyIdToken, $dfd50234d3585f12$export$aac2d5b7f5cd16d5 as decodeIdToken, $570e2e6b31a027ff$export$887ed125f549a57 as withReservedScopes, $5422b71ae76f21f1$export$e2e108cbe2e4f865 as ContentType, $5422b71ae76f21f1$export$3f2aafdd1ccae76c as TokenGrantType, $5422b71ae76f21f1$export$65f63a8bc3cba53d as QueryKey, $5422b71ae76f21f1$export$83716a4aa1642908 as Prompt};
|
|
332
|
+
export {$ce6f2a62716522ae$export$684f740cd70532d4 as fetchTokenByAuthorizationCode, $ce6f2a62716522ae$export$9909137b467efb8b as fetchTokenByRefreshToken, $eefdbfea5ec3abd9$export$815bda5ead26b243 as discoveryPath, $eefdbfea5ec3abd9$export$98242d8e822ad11f as fetchOidcConfig, $7397ba7739ada584$export$573f8dbbf6fbef75 as revoke, $bfba480b8ff41607$export$b01a187f12b774c6 as generateSignInUri, $fcccd93c698efc4f$export$b3c9a2bd2330de28 as generateSignOutUri, $4fde57d99d3b8df5$export$eee09f98e5b044aa as fetchUserInfo, $2cac19d9fad63bff$export$4851e69315d5b72c as parseUriParameters, $2cac19d9fad63bff$export$dc3fae3c99763885 as verifyAndParseCodeFromCallbackUri, $ab66c74b65acc6a3$export$ba60d77e6748b659 as LogtoError, $ab66c74b65acc6a3$export$cccd51a00718f001 as logtoRequestErrorSchema, $ab66c74b65acc6a3$export$e6e15b8ba42b9b70 as LogtoRequestError, $ab66c74b65acc6a3$export$d4832bcf9ce430e0 as OidcError, $dfd50234d3585f12$export$b5b3317c8aecbcd5 as verifyIdToken, $dfd50234d3585f12$export$aac2d5b7f5cd16d5 as decodeIdToken, $570e2e6b31a027ff$export$887ed125f549a57 as withReservedScopes, $5422b71ae76f21f1$export$e2e108cbe2e4f865 as ContentType, $5422b71ae76f21f1$export$3f2aafdd1ccae76c as TokenGrantType, $5422b71ae76f21f1$export$65f63a8bc3cba53d as QueryKey, $5422b71ae76f21f1$export$83716a4aa1642908 as Prompt};
|
|
322
333
|
//# sourceMappingURL=module.js.map
|
package/lib/module.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AEAA;;;;;;;ACAO,MAAM,yCAAW,GAAG;IACzB,cAAc,EAAE;QAAE,cAAc,EAAE,mCAAmC;KAAE;CACxE,AAAC;IAEK,yCAGN;UAHW,cAAc;IAAd,cAAc,CACxB,mBAAiB,IAAG,oBAAoB;IAD9B,cAAc,CAExB,cAAY,IAAG,eAAe;GAFpB,yCAAc,KAAd,yCAAc;IAKnB,yCAoBN;UApBW,QAAQ;IAAR,QAAQ,CAClB,UAAQ,IAAG,WAAW;IADZ,QAAQ,CAElB,MAAI,IAAG,MAAM;IAFH,QAAQ,CAGlB,eAAa,IAAG,gBAAgB;IAHtB,QAAQ,CAIlB,qBAAmB,IAAG,uBAAuB;IAJnC,QAAQ,CAKlB,cAAY,IAAG,eAAe;IALpB,QAAQ,CAMlB,OAAK,IAAG,OAAO;IANL,QAAQ,CAOlB,kBAAgB,IAAG,mBAAmB;IAP5B,QAAQ,CAQlB,WAAS,IAAG,YAAY;IARd,QAAQ,CASlB,SAAO,IAAG,UAAU;IATV,QAAQ,CAUlB,aAAW,IAAG,eAAe;IAVnB,QAAQ,CAWlB,uBAAqB,IAAG,0BAA0B;IAXxC,QAAQ,CAYlB,QAAM,IAAG,QAAQ;IAZP,QAAQ,CAalB,aAAW,IAAG,cAAc;IAblB,QAAQ,CAclB,cAAY,IAAG,eAAe;IAdpB,QAAQ,CAelB,UAAQ,IAAG,UAAU;IAfX,QAAQ,CAgBlB,cAAY,IAAG,eAAe;IAhBpB,QAAQ,CAiBlB,OAAK,IAAG,OAAO;IAjBL,QAAQ,CAkBlB,OAAK,IAAG,OAAO;IAlBL,QAAQ,CAmBlB,OAAK,IAAG,OAAO;GAnBL,yCAAQ,KAAR,yCAAQ;IAsBb,yCAGN;UAHW,MAAM;IAAN,MAAM,CAChB,SAAO,IAAG,SAAS;IADT,MAAM,CAEhB,OAAK,IAAG,OAAO;GAFL,yCAAM,KAAN,yCAAM;;;ADYX,MAAM,yCAA6B,GAAG,OAC3C,YACE,QAAQ,CAAA,iBACR,aAAa,CAAA,eACb,WAAW,CAAA,gBACX,YAAY,CAAA,QACZ,IAAI,CAAA,YACJ,QAAQ,CAAA,EACgC,EAC1C,SAAoB,GACW;IAC/B,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACvC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACrD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,iBAAiB,CAAC,CAAC;IAExE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,MAAM,0BAA0B,GAAG,MAAM,SAAS,CAA6B,aAAa,EAAE;QAC5F,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CAAC,AAAC;IAEH,OAAO,CAAA,GAAA,oBAAa,CAAA,CAAC,0BAA0B,CAAC,CAAC;CAClD,AAAC;AAEK,MAAM,yCAAwB,GAAG,OACtC,YAAE,QAAQ,CAAA,iBAAE,aAAa,CAAA,gBAAE,YAAY,CAAA,YAAE,QAAQ,CAAA,UAAE,MAAM,CAAA,EAAsC,EAC/F,SAAoB,GACmB;IACvC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,YAAY,CAAC,CAAC;IAEnE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,IAAI,MAAM,EAAE,MAAM,EAChB,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAGtD,MAAM,kCAAkC,GAAG,MAAM,SAAS,CACxD,aAAa,EACb;QACE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CACF,AAAC;IAEF,OAAO,CAAA,GAAA,oBAAa,CAAA,CAAC,kCAAkC,CAAC,CAAC;CAC1D,AAAC;;ADrGF;;;;;AGAA;AAcO,MAAM,yCAAa,GAAG,wCAAwC,AAAC;AAI/D,MAAM,yCAAe,GAAG,OAC7B,QAAgB,EAChB,SAAoB,GAEpB,CAAA,GAAA,oBAAa,CAAA,CAAC,MAAM,SAAS,CAA8B,QAAQ,CAAC,CAAC,AAAC;;;;;;ACtBxE;AAGO,MAAM,yCAAM,GAAG,OACpB,kBAA0B,EAC1B,QAAgB,EAChB,KAAa,EACb,SAAoB,GAEpB,SAAS,CAAO,kBAAkB,EAAE;QAClC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,IAAI,eAAe,CAAC;YACxB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;YAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;SACxB,CAAC;KACH,CAAC,AAAC;;;;;;AChBL;;;;;;AEAA;;;;;;;;ACAA;;AAIA,MAAM,qCAAe,GAAG,MAAM,CAAC,MAAM,CAAC;IACpC,QAAQ,EAAE;QACR,WAAW,EAAE,wCAAwC;QACrD,aAAa,EAAE,kBAAkB;KAClC;IACD,yBAAyB,EAAE;QACzB,uBAAuB,EAAE,+CAA+C;QACxE,WAAW,EAAE,iCAAiC;QAC9C,aAAa,EAAE,mCAAmC;QAClD,gBAAgB,EAAE,sCAAsC;QACxD,YAAY,EAAE,kCAAkC;KACjD;IACD,yBAAyB,EAAE,gEAAgE;IAC3F,yBAAyB,EAAE,4CAA4C;CACxE,CAAC,AAAC;AAIH,MAAM,2CAAqB,GAAG,CAAC,SAAyB,GAAa;IACnE,mEAAmE;IACnE,MAAM,OAAO,GAAG,CAAA,GAAA,gBAAG,CAAA,CAAC,qCAAe,EAAE,SAAS,CAAC,AAAC;IAEhD,IAAI,OAAO,OAAO,KAAK,QAAQ,EAC7B,OAAO,OAAO,CAAC;IAGjB,OAAO,SAAS,CAAC;CAClB,AAAC;AAEK,MAAM,yCAAU,SAAS,KAAK;IAInC,YAAY,IAAoB,EAAE,IAAc,CAAE;QAChD,KAAK,CAAC,2CAAqB,CAAC,IAAI,CAAC,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAuB,GAAG,WAAM,CAAC;IAC5C,IAAI,EAAE,aAAQ,EAAE;IAChB,OAAO,EAAE,aAAQ,EAAE;CACpB,CAAC,AAAC;AAEI,MAAM,yCAAiB,SAAS,KAAK;IAG1C,YAAY,IAAY,EAAE,OAAe,CAAE;QACzC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAS;IACpB,YAAmB,KAAa,EAAS,gBAAyB,CAAE;aAAjD,KAAa,GAAb,KAAa;aAAS,gBAAyB,GAAzB,gBAAyB;KAAI;CACvE;;;ADvDM,MAAM,yCAAkB,GAAG,CAAC,GAAW,GAAK;IACjD,MAAM,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE5C,OAAO,IAAI,eAAe,CAAC,WAAW,CAAC,CAAC;CACzC,AAAC;AAGK,MAAM,yCAAiC,GAAG,CAC/C,WAAmB,EACnB,WAAmB,EACnB,KAAa,GACV;IACH,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,WAAW,CAAC,EACtC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,mDAAmD,CAAC,CAAC;IAE5E,MAAM,aAAa,GAAG,yCAAkB,CAAC,WAAW,CAAC,AAAC;IAEtD,MAAM,KAAK,GAAG,CAAA,GAAA,kBAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,CAAC,AAAC;IAC7D,MAAM,gBAAgB,GAAG,CAAA,GAAA,kBAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,gBAAgB,CAAC,CAAC,AAAC;IAEnF,IAAI,KAAK,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAClB,uCAAuC,EACvC,IAAI,CAAA,GAAA,yCAAS,CAAA,CAAC,KAAK,EAAE,gBAAgB,CAAC,CACvC,CAAC;IAGJ,MAAM,oBAAoB,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,AAAC;IAE/D,IAAI,CAAC,oBAAoB,EACvB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,yCAAyC,CAAC,CAAC;IAGlE,IAAI,oBAAoB,KAAK,KAAK,EAChC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,4CAA4C,CAAC,CAAC;IAGrE,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,CAAC,AAAC;IAE9C,IAAI,CAAC,IAAI,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wCAAwC,CAAC,CAAC;IAGjE,OAAO,IAAI,CAAC;CACb,AAAC;;ADjDF;;;;;;AGAA;;;;AAMA,MAAM,2CAAqB,GAAG,EAAE,AAAC;AAEjC;;GAEG,CACH,MAAM,yCAAmB,GAAG,WAAM,CAAC;IACjC,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,OAAO,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IAC3C,IAAI,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IACxC,QAAQ,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IAC5C,MAAM,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IAC1C,UAAU,EAAE,eAAU,CAAC,eAAU,CAAC,YAAO,CAAC,aAAQ,EAAE,CAAC,CAAC,CAAC;CACxD,CAAC,AAAC;AAII,MAAM,yCAAa,GAAG,OAC3B,OAAe,EACf,QAAgB,EAChB,MAAc,EACd,IAAqB,GAClB;IACH,MAAM,MAAM,GAAG,MAAM,CAAA,GAAA,gBAAS,CAAA,CAAC,OAAO,EAAE,IAAI,EAAE;QAAE,QAAQ,EAAE,QAAQ;gBAAE,MAAM;KAAE,CAAC,AAAC;IAE9E,IAAI,IAAI,CAAC,GAAG,CAAC,AAAC,CAAA,MAAM,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAA,GAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,2CAAqB,EACjF,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,sBAAsB,CAAC,CAAC;CAEhD,AAAC;AAEK,MAAM,yCAAa,GAAG,CAAC,KAAa,GAAoB;IAC7D,MAAM,EAAE,CAAC,EAAE,cAAc,CAAA,EAAE,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE/C,IAAI,CAAC,cAAc,EACjB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wBAAwB,CAAC,CAAC;IAGjD,MAAM,IAAI,GAAG,CAAA,GAAA,oBAAa,CAAA,CAAC,MAAM,CAAC,cAAc,CAAC,AAAC;IAClD,MAAM,aAAa,GAAY,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,AAAC;IAChD,aAAQ,CAAC,aAAa,EAAE,yCAAmB,CAAC,CAAC;IAE7C,OAAO,aAAa,CAAC;CACtB,AAAC;;;;;;AC/CK,MAAM,wCAAkB,GAAG,CAAC,cAAyB,GAAa;IACvE,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC;QAAC,QAAQ;QAAE,gBAAgB;QAAE,SAAS;WAAM,cAAc,IAAI,EAAE;KAAE,CAAC,AAAC;IAEjG,OAAO,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;CAC3C,AAAC;;;;;;;;;ALLF,MAAM,yCAAmB,GAAG,MAAM,AAAC;AACnC,MAAM,kCAAY,GAAG,MAAM,AAAC;AAarB,MAAM,yCAAiB,GAAG,CAAC,yBAChC,qBAAqB,CAAA,YACrB,QAAQ,CAAA,eACR,WAAW,CAAA,iBACX,aAAa,CAAA,SACb,KAAK,CAAA,UACL,MAAM,CAAA,aACN,SAAS,CAAA,UACT,MAAM,CAAA,EACc,GAAK;IACzB,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAC9C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;QAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,WAAW;QACnC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,aAAa,CAAC,EAAE,aAAa;QACvC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,mBAAmB,CAAC,EAAE,yCAAmB;QACnD,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;QACvB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,CAAC,EAAE,kCAAY;QACrC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,MAAM,CAAC,EAAE,MAAM,IAAI,CAAA,GAAA,yCAAM,CAAA,CAAC,OAAO;QAC3C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,CAAA,GAAA,wCAAkB,CAAA,CAAC,MAAM,CAAC;KAC7C,CAAC,AAAC;IAEH,KAAK,MAAM,QAAQ,IAAI,SAAS,IAAI,EAAE,CACpC,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAG1D,OAAO,CAAC,EAAE,qBAAqB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CACrE,AAAC;;;;;;AM3CF;AAQO,MAAM,yCAAkB,GAAG,CAAC,sBACjC,kBAAkB,CAAA,WAClB,OAAO,CAAA,yBACP,qBAAqB,CAAA,EACA,GAAK;IAC1B,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAAE,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,OAAO;KAAE,CAAC,AAAC;IAErF,IAAI,qBAAqB,EACvB,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,qBAAqB,EAAE,qBAAqB,CAAC,CAAC;IAGpF,OAAO,CAAC,EAAE,kBAAkB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CAClE,AAAC;;;;;;;;;AZnBF;;;;;","sources":["packages/js/src/index.ts","packages/js/src/core/index.ts","packages/js/src/core/fetch-token.ts","packages/js/src/consts/index.ts","packages/js/src/core/oidc-config.ts","packages/js/src/core/revoke.ts","packages/js/src/core/sign-in.ts","packages/js/src/utils/index.ts","packages/js/src/utils/callback-uri.ts","packages/js/src/utils/errors.ts","packages/js/src/utils/id-token.ts","packages/js/src/utils/scopes.ts","packages/js/src/core/sign-out.ts","packages/js/src/types/index.ts"],"sourcesContent":["/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\nexport * from './types';\n","export * from './fetch-token';\nexport * from './oidc-config';\nexport * from './revoke';\nexport * from './sign-in';\nexport * from './sign-out';\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { ContentType, QueryKey, TokenGrantType } from '../consts';\nimport { Requester } from '../types';\n\nexport type FetchTokenByAuthorizationCodeParameters = {\n clientId: string;\n tokenEndpoint: string;\n redirectUri: string;\n codeVerifier: string;\n code: string;\n resource?: string;\n};\n\nexport type FetchTokenByRefreshTokenParameters = {\n clientId: string;\n tokenEndpoint: string;\n refreshToken: string;\n resource?: string;\n scopes?: string[];\n};\n\ntype SnakeCaseCodeTokenResponse = {\n access_token: string;\n refresh_token?: string;\n id_token: string;\n scope: string;\n expires_in: number;\n};\n\nexport type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;\n\ntype SnakeCaseRefreshTokenTokenResponse = {\n access_token: string;\n refresh_token: string;\n id_token?: string;\n scope: string;\n expires_in: number;\n};\n\nexport type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;\n\nexport const fetchTokenByAuthorizationCode = async (\n {\n clientId,\n tokenEndpoint,\n redirectUri,\n codeVerifier,\n code,\n resource,\n }: FetchTokenByAuthorizationCodeParameters,\n requester: Requester\n): Promise<CodeTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.Code, code);\n parameters.append(QueryKey.CodeVerifier, codeVerifier);\n parameters.append(QueryKey.RedirectUri, redirectUri);\n parameters.append(QueryKey.GrantType, TokenGrantType.AuthorizationCode);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n const snakeCaseCodeTokenResponse = await requester<SnakeCaseCodeTokenResponse>(tokenEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n });\n\n return camelcaseKeys(snakeCaseCodeTokenResponse);\n};\n\nexport const fetchTokenByRefreshToken = async (\n { clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters,\n requester: Requester\n): Promise<RefreshTokenTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.RefreshToken, refreshToken);\n parameters.append(QueryKey.GrantType, TokenGrantType.RefreshToken);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n if (scopes?.length) {\n parameters.append(QueryKey.Scope, scopes.join(' '));\n }\n\n const snakeCaseRefreshTokenTokenResponse = await requester<SnakeCaseRefreshTokenTokenResponse>(\n tokenEndpoint,\n {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n }\n );\n\n return camelcaseKeys(snakeCaseRefreshTokenTokenResponse);\n};\n","export const ContentType = {\n formUrlEncoded: { 'Content-Type': 'application/x-www-form-urlencoded' },\n};\n\nexport enum TokenGrantType {\n AuthorizationCode = 'authorization_code',\n RefreshToken = 'refresh_token',\n}\n\nexport enum QueryKey {\n ClientId = 'client_id',\n Code = 'code',\n CodeChallenge = 'code_challenge',\n CodeChallengeMethod = 'code_challenge_method',\n CodeVerifier = 'code_verifier',\n Error = 'error',\n ErrorDescription = 'error_description',\n GrantType = 'grant_type',\n IdToken = 'id_token',\n IdTokenHint = 'id_token_hint',\n PostLogoutRedirectUri = 'post_logout_redirect_uri',\n Prompt = 'prompt',\n RedirectUri = 'redirect_uri',\n RefreshToken = 'refresh_token',\n Resource = 'resource',\n ResponseType = 'response_type',\n Scope = 'scope',\n State = 'state',\n Token = 'token',\n}\n\nexport enum Prompt {\n Consent = 'consent',\n Login = 'login',\n}\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { Requester } from '../types';\n\ntype OidcConfigSnakeCaseResponse = {\n authorization_endpoint: string;\n token_endpoint: string;\n end_session_endpoint: string;\n revocation_endpoint: string;\n jwks_uri: string;\n issuer: string;\n};\n\nexport const discoveryPath = '/oidc/.well-known/openid-configuration';\n\nexport type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;\n\nexport const fetchOidcConfig = async (\n endpoint: string,\n requester: Requester\n): Promise<OidcConfigResponse> =>\n camelcaseKeys(await requester<OidcConfigSnakeCaseResponse>(endpoint));\n","import { ContentType, QueryKey } from '../consts';\nimport { Requester } from '../types';\n\nexport const revoke = async (\n revocationEndpoint: string,\n clientId: string,\n token: string,\n requester: Requester\n): Promise<void> =>\n requester<void>(revocationEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.Token]: token,\n }),\n });\n","import { Prompt, QueryKey } from '../consts';\nimport { withReservedScopes } from '../utils';\n\nconst codeChallengeMethod = 'S256';\nconst responseType = 'code';\n\nexport type SignInUriParameters = {\n authorizationEndpoint: string;\n clientId: string;\n redirectUri: string;\n codeChallenge: string;\n state: string;\n scopes?: string[];\n resources?: string[];\n prompt?: Prompt;\n};\n\nexport const generateSignInUri = ({\n authorizationEndpoint,\n clientId,\n redirectUri,\n codeChallenge,\n state,\n scopes,\n resources,\n prompt,\n}: SignInUriParameters) => {\n const urlSearchParameters = new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.RedirectUri]: redirectUri,\n [QueryKey.CodeChallenge]: codeChallenge,\n [QueryKey.CodeChallengeMethod]: codeChallengeMethod,\n [QueryKey.State]: state,\n [QueryKey.ResponseType]: responseType,\n [QueryKey.Prompt]: prompt ?? Prompt.Consent,\n [QueryKey.Scope]: withReservedScopes(scopes),\n });\n\n for (const resource of resources ?? []) {\n urlSearchParameters.append(QueryKey.Resource, resource);\n }\n\n return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export * from './callback-uri';\nexport * from './errors';\nexport * from './id-token';\nexport * from './scopes';\n","import { conditional } from '@silverhand/essentials';\n\nimport { QueryKey } from '../consts';\nimport { LogtoError, OidcError } from './errors';\n\nexport const parseUriParameters = (uri: string) => {\n const [, queryString = ''] = uri.split('?');\n\n return new URLSearchParams(queryString);\n};\n\n// eslint-disable-next-line complexity\nexport const verifyAndParseCodeFromCallbackUri = (\n callbackUri: string,\n redirectUri: string,\n state: string\n) => {\n if (!callbackUri.startsWith(redirectUri)) {\n throw new LogtoError('callback_uri_verification.redirect_uri_mismatched');\n }\n const uriParameters = parseUriParameters(callbackUri);\n\n const error = conditional(uriParameters.get(QueryKey.Error));\n const errorDescription = conditional(uriParameters.get(QueryKey.ErrorDescription));\n\n if (error) {\n throw new LogtoError(\n 'callback_uri_verification.error_found',\n new OidcError(error, errorDescription)\n );\n }\n\n const stateFromCallbackUri = uriParameters.get(QueryKey.State);\n\n if (!stateFromCallbackUri) {\n throw new LogtoError('callback_uri_verification.missing_state');\n }\n\n if (stateFromCallbackUri !== state) {\n throw new LogtoError('callback_uri_verification.state_mismatched');\n }\n\n const code = uriParameters.get(QueryKey.Code);\n\n if (!code) {\n throw new LogtoError('callback_uri_verification.missing_code');\n }\n\n return code;\n};\n","import { NormalizeKeyPaths } from '@silverhand/essentials';\nimport get from 'lodash.get';\nimport * as s from 'superstruct';\n\nconst logtoErrorCodes = Object.freeze({\n id_token: {\n invalid_iat: 'Invalid issued at time in the ID token',\n invalid_token: 'Invalid ID token',\n },\n callback_uri_verification: {\n redirect_uri_mismatched: 'The callback URI mismatches the redirect URI.',\n error_found: 'Error found in the callback URI',\n missing_state: 'Missing state in the callback URI',\n state_mismatched: 'State mismatched in the callback URI',\n missing_code: 'Missing code in the callback URI',\n },\n crypto_subtle_unavailable: 'Crypto.subtle is unavailable in insecure contexts (non-HTTPS).',\n unexpected_response_error: 'Unexpected response error from the server.',\n});\n\nexport type LogtoErrorCode = NormalizeKeyPaths<typeof logtoErrorCodes>;\n\nconst getMessageByErrorCode = (errorCode: LogtoErrorCode): string => {\n // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment\n const message = get(logtoErrorCodes, errorCode);\n\n if (typeof message === 'string') {\n return message;\n }\n\n return errorCode;\n};\n\nexport class LogtoError extends Error {\n code: LogtoErrorCode;\n data: unknown;\n\n constructor(code: LogtoErrorCode, data?: unknown) {\n super(getMessageByErrorCode(code));\n this.code = code;\n this.data = data;\n }\n}\n\nexport const logtoRequestErrorSchema = s.type({\n code: s.string(),\n message: s.string(),\n});\n\nexport class LogtoRequestError extends Error {\n code: string;\n\n constructor(code: string, message: string) {\n super(message);\n this.code = code;\n }\n}\n\nexport class OidcError {\n constructor(public error: string, public errorDescription?: string) {}\n}\n","import { UrlSafeBase64 } from '@silverhand/essentials';\nimport { jwtVerify, JWTVerifyGetKey } from 'jose';\nimport * as s from 'superstruct';\n\nimport { LogtoError } from './errors';\n\nconst issuedAtTimeTolerance = 60;\n\n/**\n * @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\n */\nconst IdTokenClaimsSchema = s.type({\n iss: s.string(),\n sub: s.string(),\n aud: s.string(),\n exp: s.number(),\n iat: s.number(),\n at_hash: s.nullable(s.optional(s.string())),\n name: s.nullable(s.optional(s.string())),\n username: s.nullable(s.optional(s.string())),\n avatar: s.nullable(s.optional(s.string())),\n role_names: s.nullable(s.optional(s.array(s.string()))),\n});\n\nexport type IdTokenClaims = s.Infer<typeof IdTokenClaimsSchema>;\n\nexport const verifyIdToken = async (\n idToken: string,\n clientId: string,\n issuer: string,\n jwks: JWTVerifyGetKey\n) => {\n const result = await jwtVerify(idToken, jwks, { audience: clientId, issuer });\n\n if (Math.abs((result.payload.iat ?? 0) - Date.now() / 1000) > issuedAtTimeTolerance) {\n throw new LogtoError('id_token.invalid_iat');\n }\n};\n\nexport const decodeIdToken = (token: string): IdTokenClaims => {\n const { 1: encodedPayload } = token.split('.');\n\n if (!encodedPayload) {\n throw new LogtoError('id_token.invalid_token');\n }\n\n const json = UrlSafeBase64.decode(encodedPayload);\n const idTokenClaims: unknown = JSON.parse(json);\n s.assert(idTokenClaims, IdTokenClaimsSchema);\n\n return idTokenClaims;\n};\n","/**\n * @param originalScopes\n * @return scopes should contain all reserved scopes ( Logto requires `openid` and `offline_access` )\n */\nexport const withReservedScopes = (originalScopes?: string[]): string => {\n const uniqueScopes = new Set(['openid', 'offline_access', 'profile', ...(originalScopes ?? [])]);\n\n return Array.from(uniqueScopes).join(' ');\n};\n","import { QueryKey } from '../consts';\n\ntype SignOutUriParameters = {\n endSessionEndpoint: string;\n idToken: string;\n postLogoutRedirectUri?: string;\n};\n\nexport const generateSignOutUri = ({\n endSessionEndpoint,\n idToken,\n postLogoutRedirectUri,\n}: SignOutUriParameters) => {\n const urlSearchParameters = new URLSearchParams({ [QueryKey.IdTokenHint]: idToken });\n\n if (postLogoutRedirectUri) {\n urlSearchParameters.append(QueryKey.PostLogoutRedirectUri, postLogoutRedirectUri);\n }\n\n return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export type LogtoRequestErrorBody = {\n code: string;\n message: string;\n};\n\nexport type Requester = <T>(...args: Parameters<typeof fetch>) => Promise<T>;\n"],"names":[],"version":3,"file":"module.js.map"}
|
|
1
|
+
{"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AEAA;;;;;;;ACAO,MAAM,yCAAW,GAAG;IACzB,cAAc,EAAE;QAAE,cAAc,EAAE,mCAAmC;KAAE;CACxE,AAAC;IAEK,yCAGN;UAHW,cAAc;IAAd,cAAc,CACxB,mBAAiB,IAAG,oBAAoB;IAD9B,cAAc,CAExB,cAAY,IAAG,eAAe;GAFpB,yCAAc,KAAd,yCAAc;IAKnB,yCAoBN;UApBW,QAAQ;IAAR,QAAQ,CAClB,UAAQ,IAAG,WAAW;IADZ,QAAQ,CAElB,MAAI,IAAG,MAAM;IAFH,QAAQ,CAGlB,eAAa,IAAG,gBAAgB;IAHtB,QAAQ,CAIlB,qBAAmB,IAAG,uBAAuB;IAJnC,QAAQ,CAKlB,cAAY,IAAG,eAAe;IALpB,QAAQ,CAMlB,OAAK,IAAG,OAAO;IANL,QAAQ,CAOlB,kBAAgB,IAAG,mBAAmB;IAP5B,QAAQ,CAQlB,WAAS,IAAG,YAAY;IARd,QAAQ,CASlB,SAAO,IAAG,UAAU;IATV,QAAQ,CAUlB,aAAW,IAAG,eAAe;IAVnB,QAAQ,CAWlB,uBAAqB,IAAG,0BAA0B;IAXxC,QAAQ,CAYlB,QAAM,IAAG,QAAQ;IAZP,QAAQ,CAalB,aAAW,IAAG,cAAc;IAblB,QAAQ,CAclB,cAAY,IAAG,eAAe;IAdpB,QAAQ,CAelB,UAAQ,IAAG,UAAU;IAfX,QAAQ,CAgBlB,cAAY,IAAG,eAAe;IAhBpB,QAAQ,CAiBlB,OAAK,IAAG,OAAO;IAjBL,QAAQ,CAkBlB,OAAK,IAAG,OAAO;IAlBL,QAAQ,CAmBlB,OAAK,IAAG,OAAO;GAnBL,yCAAQ,KAAR,yCAAQ;IAsBb,yCAGN;UAHW,MAAM;IAAN,MAAM,CAChB,SAAO,IAAG,SAAS;IADT,MAAM,CAEhB,OAAK,IAAG,OAAO;GAFL,yCAAM,KAAN,yCAAM;;;ADYX,MAAM,yCAA6B,GAAG,OAC3C,YACE,QAAQ,CAAA,iBACR,aAAa,CAAA,eACb,WAAW,CAAA,gBACX,YAAY,CAAA,QACZ,IAAI,CAAA,YACJ,QAAQ,CAAA,EACgC,EAC1C,SAAoB,GACW;IAC/B,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACvC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACrD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,iBAAiB,CAAC,CAAC;IAExE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,MAAM,0BAA0B,GAAG,MAAM,SAAS,CAA6B,aAAa,EAAE;QAC5F,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CAAC,AAAC;IAEH,OAAO,CAAA,GAAA,oBAAa,CAAA,CAAC,0BAA0B,CAAC,CAAC;CAClD,AAAC;AAEK,MAAM,yCAAwB,GAAG,OACtC,YAAE,QAAQ,CAAA,iBAAE,aAAa,CAAA,gBAAE,YAAY,CAAA,YAAE,QAAQ,CAAA,UAAE,MAAM,CAAA,EAAsC,EAC/F,SAAoB,GACmB;IACvC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,AAAC;IACzC,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/C,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACvD,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,SAAS,EAAE,CAAA,GAAA,yCAAc,CAAA,CAAC,YAAY,CAAC,CAAC;IAEnE,IAAI,QAAQ,EACV,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAGjD,IAAI,MAAM,EAAE,MAAM,EAChB,UAAU,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAGtD,MAAM,kCAAkC,GAAG,MAAM,SAAS,CACxD,aAAa,EACb;QACE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,UAAU;KACjB,CACF,AAAC;IAEF,OAAO,CAAA,GAAA,oBAAa,CAAA,CAAC,kCAAkC,CAAC,CAAC;CAC1D,AAAC;;ADrGF;;;;;AGAA;AAeO,MAAM,yCAAa,GAAG,wCAAwC,AAAC;AAI/D,MAAM,yCAAe,GAAG,OAC7B,QAAgB,EAChB,SAAoB,GAEpB,CAAA,GAAA,oBAAa,CAAA,CAAC,MAAM,SAAS,CAA8B,QAAQ,CAAC,CAAC,AAAC;;;;;;ACvBxE;AAGO,MAAM,yCAAM,GAAG,OACpB,kBAA0B,EAC1B,QAAgB,EAChB,KAAa,EACb,SAAoB,GAEpB,SAAS,CAAO,kBAAkB,EAAE;QAClC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,CAAA,GAAA,yCAAW,CAAA,CAAC,cAAc;QACnC,IAAI,EAAE,IAAI,eAAe,CAAC;YACxB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;YAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;SACxB,CAAC;KACH,CAAC,AAAC;;;;;;AChBL;;;;;;AEAA;;;;;;;;ACAA;;AAIA,MAAM,qCAAe,GAAG,MAAM,CAAC,MAAM,CAAC;IACpC,QAAQ,EAAE;QACR,WAAW,EAAE,wCAAwC;QACrD,aAAa,EAAE,kBAAkB;KAClC;IACD,yBAAyB,EAAE;QACzB,uBAAuB,EAAE,+CAA+C;QACxE,WAAW,EAAE,iCAAiC;QAC9C,aAAa,EAAE,mCAAmC;QAClD,gBAAgB,EAAE,sCAAsC;QACxD,YAAY,EAAE,kCAAkC;KACjD;IACD,yBAAyB,EAAE,gEAAgE;IAC3F,yBAAyB,EAAE,4CAA4C;CACxE,CAAC,AAAC;AAIH,MAAM,2CAAqB,GAAG,CAAC,SAAyB,GAAa;IACnE,mEAAmE;IACnE,MAAM,OAAO,GAAG,CAAA,GAAA,gBAAG,CAAA,CAAC,qCAAe,EAAE,SAAS,CAAC,AAAC;IAEhD,IAAI,OAAO,OAAO,KAAK,QAAQ,EAC7B,OAAO,OAAO,CAAC;IAGjB,OAAO,SAAS,CAAC;CAClB,AAAC;AAEK,MAAM,yCAAU,SAAS,KAAK;IAInC,YAAY,IAAoB,EAAE,IAAc,CAAE;QAChD,KAAK,CAAC,2CAAqB,CAAC,IAAI,CAAC,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAuB,GAAG,WAAM,CAAC;IAC5C,IAAI,EAAE,aAAQ,EAAE;IAChB,OAAO,EAAE,aAAQ,EAAE;CACpB,CAAC,AAAC;AAEI,MAAM,yCAAiB,SAAS,KAAK;IAG1C,YAAY,IAAY,EAAE,OAAe,CAAE;QACzC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;KAClB;CACF;AAEM,MAAM,yCAAS;IACpB,YAAmB,KAAa,EAAS,gBAAyB,CAAE;aAAjD,KAAa,GAAb,KAAa;aAAS,gBAAyB,GAAzB,gBAAyB;KAAI;CACvE;;;ADvDM,MAAM,yCAAkB,GAAG,CAAC,GAAW,GAAK;IACjD,MAAM,GAAG,WAAW,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE5C,OAAO,IAAI,eAAe,CAAC,WAAW,CAAC,CAAC;CACzC,AAAC;AAGK,MAAM,yCAAiC,GAAG,CAC/C,WAAmB,EACnB,WAAmB,EACnB,KAAa,GACV;IACH,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,WAAW,CAAC,EACtC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,mDAAmD,CAAC,CAAC;IAE5E,MAAM,aAAa,GAAG,yCAAkB,CAAC,WAAW,CAAC,AAAC;IAEtD,MAAM,KAAK,GAAG,CAAA,GAAA,kBAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,CAAC,AAAC;IAC7D,MAAM,gBAAgB,GAAG,CAAA,GAAA,kBAAW,CAAA,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,gBAAgB,CAAC,CAAC,AAAC;IAEnF,IAAI,KAAK,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAClB,uCAAuC,EACvC,IAAI,CAAA,GAAA,yCAAS,CAAA,CAAC,KAAK,EAAE,gBAAgB,CAAC,CACvC,CAAC;IAGJ,MAAM,oBAAoB,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,AAAC;IAE/D,IAAI,CAAC,oBAAoB,EACvB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,yCAAyC,CAAC,CAAC;IAGlE,IAAI,oBAAoB,KAAK,KAAK,EAChC,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,4CAA4C,CAAC,CAAC;IAGrE,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,IAAI,CAAC,AAAC;IAE9C,IAAI,CAAC,IAAI,EACP,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wCAAwC,CAAC,CAAC;IAGjE,OAAO,IAAI,CAAC;CACb,AAAC;;ADjDF;;;;;;AGAA;;;;AAMA,MAAM,2CAAqB,GAAG,EAAE,AAAC;AAEjC;;GAEG,CACH,MAAM,yCAAmB,GAAG,WAAM,CAAC;IACjC,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,GAAG,EAAE,aAAQ,EAAE;IACf,OAAO,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IAC3C,IAAI,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IACxC,QAAQ,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IAC5C,MAAM,EAAE,eAAU,CAAC,eAAU,CAAC,aAAQ,EAAE,CAAC,CAAC;IAC1C,UAAU,EAAE,eAAU,CAAC,eAAU,CAAC,YAAO,CAAC,aAAQ,EAAE,CAAC,CAAC,CAAC;CACxD,CAAC,AAAC;AAII,MAAM,yCAAa,GAAG,OAC3B,OAAe,EACf,QAAgB,EAChB,MAAc,EACd,IAAqB,GAClB;IACH,MAAM,MAAM,GAAG,MAAM,CAAA,GAAA,gBAAS,CAAA,CAAC,OAAO,EAAE,IAAI,EAAE;QAAE,QAAQ,EAAE,QAAQ;gBAAE,MAAM;KAAE,CAAC,AAAC;IAE9E,IAAI,IAAI,CAAC,GAAG,CAAC,AAAC,CAAA,MAAM,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAA,GAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,2CAAqB,EACjF,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,sBAAsB,CAAC,CAAC;CAEhD,AAAC;AAEK,MAAM,yCAAa,GAAG,CAAC,KAAa,GAAoB;IAC7D,MAAM,EAAE,CAAC,EAAE,cAAc,CAAA,EAAE,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,AAAC;IAE/C,IAAI,CAAC,cAAc,EACjB,MAAM,IAAI,CAAA,GAAA,yCAAU,CAAA,CAAC,wBAAwB,CAAC,CAAC;IAGjD,MAAM,IAAI,GAAG,CAAA,GAAA,oBAAa,CAAA,CAAC,MAAM,CAAC,cAAc,CAAC,AAAC;IAClD,MAAM,aAAa,GAAY,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,AAAC;IAChD,aAAQ,CAAC,aAAa,EAAE,yCAAmB,CAAC,CAAC;IAE7C,OAAO,aAAa,CAAC;CACtB,AAAC;;;;;;AC/CK,MAAM,wCAAkB,GAAG,CAAC,cAAyB,GAAa;IACvE,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC;QAAC,QAAQ;QAAE,gBAAgB;QAAE,SAAS;WAAM,cAAc,IAAI,EAAE;KAAE,CAAC,AAAC;IAEjG,OAAO,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;CAC3C,AAAC;;;;;;;;;ALLF,MAAM,yCAAmB,GAAG,MAAM,AAAC;AACnC,MAAM,kCAAY,GAAG,MAAM,AAAC;AAarB,MAAM,yCAAiB,GAAG,CAAC,yBAChC,qBAAqB,CAAA,YACrB,QAAQ,CAAA,eACR,WAAW,CAAA,iBACX,aAAa,CAAA,SACb,KAAK,CAAA,UACL,MAAM,CAAA,aACN,SAAS,CAAA,UACT,MAAM,CAAA,EACc,GAAK;IACzB,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAC9C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,CAAC,EAAE,QAAQ;QAC7B,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,WAAW;QACnC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,aAAa,CAAC,EAAE,aAAa;QACvC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,mBAAmB,CAAC,EAAE,yCAAmB;QACnD,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,KAAK;QACvB,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,YAAY,CAAC,EAAE,kCAAY;QACrC,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,MAAM,CAAC,EAAE,MAAM,IAAI,CAAA,GAAA,yCAAM,CAAA,CAAC,OAAO;QAC3C,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,KAAK,CAAC,EAAE,CAAA,GAAA,wCAAkB,CAAA,CAAC,MAAM,CAAC;KAC7C,CAAC,AAAC;IAEH,KAAK,MAAM,QAAQ,IAAI,SAAS,IAAI,EAAE,CACpC,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAG1D,OAAO,CAAC,EAAE,qBAAqB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CACrE,AAAC;;;;;;AM3CF;AAQO,MAAM,yCAAkB,GAAG,CAAC,sBACjC,kBAAkB,CAAA,WAClB,OAAO,CAAA,yBACP,qBAAqB,CAAA,EACA,GAAK;IAC1B,MAAM,mBAAmB,GAAG,IAAI,eAAe,CAAC;QAAE,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,WAAW,CAAC,EAAE,OAAO;KAAE,CAAC,AAAC;IAErF,IAAI,qBAAqB,EACvB,mBAAmB,CAAC,MAAM,CAAC,CAAA,GAAA,yCAAQ,CAAA,CAAC,qBAAqB,EAAE,qBAAqB,CAAC,CAAC;IAGpF,OAAO,CAAC,EAAE,kBAAkB,CAAC,CAAC,EAAE,mBAAmB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;CAClE,AAAC;;;;;;ACCK,MAAM,yCAAa,GAAG,OAC3B,gBAAwB,EACxB,WAAmB,EACnB,SAAoB,GAEpB,SAAS,CAAmB,gBAAgB,EAAE;QAC5C,OAAO,EAAE;YAAE,aAAa,EAAE,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;SAAE;KACpD,CAAC,AAAC;;;;;;;;;;Ab3BL;;;;;","sources":["packages/js/src/index.ts","packages/js/src/core/index.ts","packages/js/src/core/fetch-token.ts","packages/js/src/consts/index.ts","packages/js/src/core/oidc-config.ts","packages/js/src/core/revoke.ts","packages/js/src/core/sign-in.ts","packages/js/src/utils/index.ts","packages/js/src/utils/callback-uri.ts","packages/js/src/utils/errors.ts","packages/js/src/utils/id-token.ts","packages/js/src/utils/scopes.ts","packages/js/src/core/sign-out.ts","packages/js/src/core/user-info.ts","packages/js/src/types/index.ts"],"sourcesContent":["/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\nexport * from './types';\n","export * from './fetch-token';\nexport * from './oidc-config';\nexport * from './revoke';\nexport * from './sign-in';\nexport * from './sign-out';\nexport * from './user-info';\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { ContentType, QueryKey, TokenGrantType } from '../consts';\nimport { Requester } from '../types';\n\nexport type FetchTokenByAuthorizationCodeParameters = {\n clientId: string;\n tokenEndpoint: string;\n redirectUri: string;\n codeVerifier: string;\n code: string;\n resource?: string;\n};\n\nexport type FetchTokenByRefreshTokenParameters = {\n clientId: string;\n tokenEndpoint: string;\n refreshToken: string;\n resource?: string;\n scopes?: string[];\n};\n\ntype SnakeCaseCodeTokenResponse = {\n access_token: string;\n refresh_token?: string;\n id_token: string;\n scope: string;\n expires_in: number;\n};\n\nexport type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;\n\ntype SnakeCaseRefreshTokenTokenResponse = {\n access_token: string;\n refresh_token: string;\n id_token?: string;\n scope: string;\n expires_in: number;\n};\n\nexport type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;\n\nexport const fetchTokenByAuthorizationCode = async (\n {\n clientId,\n tokenEndpoint,\n redirectUri,\n codeVerifier,\n code,\n resource,\n }: FetchTokenByAuthorizationCodeParameters,\n requester: Requester\n): Promise<CodeTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.Code, code);\n parameters.append(QueryKey.CodeVerifier, codeVerifier);\n parameters.append(QueryKey.RedirectUri, redirectUri);\n parameters.append(QueryKey.GrantType, TokenGrantType.AuthorizationCode);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n const snakeCaseCodeTokenResponse = await requester<SnakeCaseCodeTokenResponse>(tokenEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n });\n\n return camelcaseKeys(snakeCaseCodeTokenResponse);\n};\n\nexport const fetchTokenByRefreshToken = async (\n { clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters,\n requester: Requester\n): Promise<RefreshTokenTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.RefreshToken, refreshToken);\n parameters.append(QueryKey.GrantType, TokenGrantType.RefreshToken);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n if (scopes?.length) {\n parameters.append(QueryKey.Scope, scopes.join(' '));\n }\n\n const snakeCaseRefreshTokenTokenResponse = await requester<SnakeCaseRefreshTokenTokenResponse>(\n tokenEndpoint,\n {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n }\n );\n\n return camelcaseKeys(snakeCaseRefreshTokenTokenResponse);\n};\n","export const ContentType = {\n formUrlEncoded: { 'Content-Type': 'application/x-www-form-urlencoded' },\n};\n\nexport enum TokenGrantType {\n AuthorizationCode = 'authorization_code',\n RefreshToken = 'refresh_token',\n}\n\nexport enum QueryKey {\n ClientId = 'client_id',\n Code = 'code',\n CodeChallenge = 'code_challenge',\n CodeChallengeMethod = 'code_challenge_method',\n CodeVerifier = 'code_verifier',\n Error = 'error',\n ErrorDescription = 'error_description',\n GrantType = 'grant_type',\n IdToken = 'id_token',\n IdTokenHint = 'id_token_hint',\n PostLogoutRedirectUri = 'post_logout_redirect_uri',\n Prompt = 'prompt',\n RedirectUri = 'redirect_uri',\n RefreshToken = 'refresh_token',\n Resource = 'resource',\n ResponseType = 'response_type',\n Scope = 'scope',\n State = 'state',\n Token = 'token',\n}\n\nexport enum Prompt {\n Consent = 'consent',\n Login = 'login',\n}\n","import { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { Requester } from '../types';\n\ntype OidcConfigSnakeCaseResponse = {\n authorization_endpoint: string;\n token_endpoint: string;\n userinfo_endpoint: string;\n end_session_endpoint: string;\n revocation_endpoint: string;\n jwks_uri: string;\n issuer: string;\n};\n\nexport const discoveryPath = '/oidc/.well-known/openid-configuration';\n\nexport type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;\n\nexport const fetchOidcConfig = async (\n endpoint: string,\n requester: Requester\n): Promise<OidcConfigResponse> =>\n camelcaseKeys(await requester<OidcConfigSnakeCaseResponse>(endpoint));\n","import { ContentType, QueryKey } from '../consts';\nimport { Requester } from '../types';\n\nexport const revoke = async (\n revocationEndpoint: string,\n clientId: string,\n token: string,\n requester: Requester\n): Promise<void> =>\n requester<void>(revocationEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.Token]: token,\n }),\n });\n","import { Prompt, QueryKey } from '../consts';\nimport { withReservedScopes } from '../utils';\n\nconst codeChallengeMethod = 'S256';\nconst responseType = 'code';\n\nexport type SignInUriParameters = {\n authorizationEndpoint: string;\n clientId: string;\n redirectUri: string;\n codeChallenge: string;\n state: string;\n scopes?: string[];\n resources?: string[];\n prompt?: Prompt;\n};\n\nexport const generateSignInUri = ({\n authorizationEndpoint,\n clientId,\n redirectUri,\n codeChallenge,\n state,\n scopes,\n resources,\n prompt,\n}: SignInUriParameters) => {\n const urlSearchParameters = new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.RedirectUri]: redirectUri,\n [QueryKey.CodeChallenge]: codeChallenge,\n [QueryKey.CodeChallengeMethod]: codeChallengeMethod,\n [QueryKey.State]: state,\n [QueryKey.ResponseType]: responseType,\n [QueryKey.Prompt]: prompt ?? Prompt.Consent,\n [QueryKey.Scope]: withReservedScopes(scopes),\n });\n\n for (const resource of resources ?? []) {\n urlSearchParameters.append(QueryKey.Resource, resource);\n }\n\n return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export * from './callback-uri';\nexport * from './errors';\nexport * from './id-token';\nexport * from './scopes';\n","import { conditional } from '@silverhand/essentials';\n\nimport { QueryKey } from '../consts';\nimport { LogtoError, OidcError } from './errors';\n\nexport const parseUriParameters = (uri: string) => {\n const [, queryString = ''] = uri.split('?');\n\n return new URLSearchParams(queryString);\n};\n\n// eslint-disable-next-line complexity\nexport const verifyAndParseCodeFromCallbackUri = (\n callbackUri: string,\n redirectUri: string,\n state: string\n) => {\n if (!callbackUri.startsWith(redirectUri)) {\n throw new LogtoError('callback_uri_verification.redirect_uri_mismatched');\n }\n const uriParameters = parseUriParameters(callbackUri);\n\n const error = conditional(uriParameters.get(QueryKey.Error));\n const errorDescription = conditional(uriParameters.get(QueryKey.ErrorDescription));\n\n if (error) {\n throw new LogtoError(\n 'callback_uri_verification.error_found',\n new OidcError(error, errorDescription)\n );\n }\n\n const stateFromCallbackUri = uriParameters.get(QueryKey.State);\n\n if (!stateFromCallbackUri) {\n throw new LogtoError('callback_uri_verification.missing_state');\n }\n\n if (stateFromCallbackUri !== state) {\n throw new LogtoError('callback_uri_verification.state_mismatched');\n }\n\n const code = uriParameters.get(QueryKey.Code);\n\n if (!code) {\n throw new LogtoError('callback_uri_verification.missing_code');\n }\n\n return code;\n};\n","import { NormalizeKeyPaths } from '@silverhand/essentials';\nimport get from 'lodash.get';\nimport * as s from 'superstruct';\n\nconst logtoErrorCodes = Object.freeze({\n id_token: {\n invalid_iat: 'Invalid issued at time in the ID token',\n invalid_token: 'Invalid ID token',\n },\n callback_uri_verification: {\n redirect_uri_mismatched: 'The callback URI mismatches the redirect URI.',\n error_found: 'Error found in the callback URI',\n missing_state: 'Missing state in the callback URI',\n state_mismatched: 'State mismatched in the callback URI',\n missing_code: 'Missing code in the callback URI',\n },\n crypto_subtle_unavailable: 'Crypto.subtle is unavailable in insecure contexts (non-HTTPS).',\n unexpected_response_error: 'Unexpected response error from the server.',\n});\n\nexport type LogtoErrorCode = NormalizeKeyPaths<typeof logtoErrorCodes>;\n\nconst getMessageByErrorCode = (errorCode: LogtoErrorCode): string => {\n // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment\n const message = get(logtoErrorCodes, errorCode);\n\n if (typeof message === 'string') {\n return message;\n }\n\n return errorCode;\n};\n\nexport class LogtoError extends Error {\n code: LogtoErrorCode;\n data: unknown;\n\n constructor(code: LogtoErrorCode, data?: unknown) {\n super(getMessageByErrorCode(code));\n this.code = code;\n this.data = data;\n }\n}\n\nexport const logtoRequestErrorSchema = s.type({\n code: s.string(),\n message: s.string(),\n});\n\nexport class LogtoRequestError extends Error {\n code: string;\n\n constructor(code: string, message: string) {\n super(message);\n this.code = code;\n }\n}\n\nexport class OidcError {\n constructor(public error: string, public errorDescription?: string) {}\n}\n","import { urlSafeBase64 } from '@silverhand/essentials';\nimport { jwtVerify, JWTVerifyGetKey } from 'jose';\nimport * as s from 'superstruct';\n\nimport { LogtoError } from './errors';\n\nconst issuedAtTimeTolerance = 60;\n\n/**\n * @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\n */\nconst IdTokenClaimsSchema = s.type({\n iss: s.string(),\n sub: s.string(),\n aud: s.string(),\n exp: s.number(),\n iat: s.number(),\n at_hash: s.nullable(s.optional(s.string())),\n name: s.nullable(s.optional(s.string())),\n username: s.nullable(s.optional(s.string())),\n avatar: s.nullable(s.optional(s.string())),\n role_names: s.nullable(s.optional(s.array(s.string()))),\n});\n\nexport type IdTokenClaims = s.Infer<typeof IdTokenClaimsSchema>;\n\nexport const verifyIdToken = async (\n idToken: string,\n clientId: string,\n issuer: string,\n jwks: JWTVerifyGetKey\n) => {\n const result = await jwtVerify(idToken, jwks, { audience: clientId, issuer });\n\n if (Math.abs((result.payload.iat ?? 0) - Date.now() / 1000) > issuedAtTimeTolerance) {\n throw new LogtoError('id_token.invalid_iat');\n }\n};\n\nexport const decodeIdToken = (token: string): IdTokenClaims => {\n const { 1: encodedPayload } = token.split('.');\n\n if (!encodedPayload) {\n throw new LogtoError('id_token.invalid_token');\n }\n\n const json = urlSafeBase64.decode(encodedPayload);\n const idTokenClaims: unknown = JSON.parse(json);\n s.assert(idTokenClaims, IdTokenClaimsSchema);\n\n return idTokenClaims;\n};\n","/**\n * @param originalScopes\n * @return scopes should contain all reserved scopes ( Logto requires `openid` and `offline_access` )\n */\nexport const withReservedScopes = (originalScopes?: string[]): string => {\n const uniqueScopes = new Set(['openid', 'offline_access', 'profile', ...(originalScopes ?? [])]);\n\n return Array.from(uniqueScopes).join(' ');\n};\n","import { QueryKey } from '../consts';\n\ntype SignOutUriParameters = {\n endSessionEndpoint: string;\n idToken: string;\n postLogoutRedirectUri?: string;\n};\n\nexport const generateSignOutUri = ({\n endSessionEndpoint,\n idToken,\n postLogoutRedirectUri,\n}: SignOutUriParameters) => {\n const urlSearchParameters = new URLSearchParams({ [QueryKey.IdTokenHint]: idToken });\n\n if (postLogoutRedirectUri) {\n urlSearchParameters.append(QueryKey.PostLogoutRedirectUri, postLogoutRedirectUri);\n }\n\n return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;\n};\n","import { Requester } from '../types';\n\ntype Identity = {\n userId: string;\n details?: Record<string, unknown>;\n};\n\nexport type UserInfoResponse = {\n sub: string;\n name?: string;\n username?: string;\n picture?: string;\n role_names?: string[];\n email?: string;\n email_verified?: boolean;\n phone_number?: string;\n phone_number_verified?: boolean;\n custom_data?: unknown;\n identities?: Record<string, Identity>;\n};\n\nexport const fetchUserInfo = async (\n userInfoEndpoint: string,\n accessToken: string,\n requester: Requester\n): Promise<UserInfoResponse> =>\n requester<UserInfoResponse>(userInfoEndpoint, {\n headers: { Authorization: `Bearer ${accessToken}` },\n });\n","export type LogtoRequestErrorBody = {\n code: string;\n message: string;\n};\n\nexport type Requester = <T>(...args: Parameters<typeof fetch>) => Promise<T>;\n"],"names":[],"version":3,"file":"module.js.map"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@logto/js",
|
|
3
|
-
"version": "1.0.0-beta.
|
|
3
|
+
"version": "1.0.0-beta.6",
|
|
4
4
|
"source": "./src/index.ts",
|
|
5
5
|
"main": "./lib/index.js",
|
|
6
6
|
"exports": {
|
|
@@ -29,7 +29,7 @@
|
|
|
29
29
|
"prepack": "pnpm test"
|
|
30
30
|
},
|
|
31
31
|
"dependencies": {
|
|
32
|
-
"@silverhand/essentials": "^1.2.
|
|
32
|
+
"@silverhand/essentials": "^1.2.1",
|
|
33
33
|
"camelcase-keys": "^7.0.1",
|
|
34
34
|
"jose": "^4.3.8",
|
|
35
35
|
"lodash.get": "^4.4.2",
|
|
@@ -64,5 +64,5 @@
|
|
|
64
64
|
"publishConfig": {
|
|
65
65
|
"access": "public"
|
|
66
66
|
},
|
|
67
|
-
"gitHead": "
|
|
67
|
+
"gitHead": "952fed1f1c61d30d539b2256501c8eb7d865c022"
|
|
68
68
|
}
|