@logto/js 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/lib/index.d.ts +5 -2
  2. package/lib/index.d.ts.map +1 -1
  3. package/lib/index.js +5 -1
  4. package/lib/index.js.map +1 -1
  5. package/lib/module.d.mts +5 -2
  6. package/lib/module.mjs +5 -1
  7. package/lib/module.mjs.map +1 -1
  8. package/package.json +2 -2
package/lib/index.d.ts CHANGED
@@ -28,7 +28,8 @@ export enum QueryKey {
28
28
  ResponseType = "response_type",
29
29
  Scope = "scope",
30
30
  State = "state",
31
- Token = "token"
31
+ Token = "token",
32
+ InteractionMode = "interaction_mode"
32
33
  }
33
34
  export enum Prompt {
34
35
  Consent = "consent",
@@ -78,6 +79,7 @@ export type LogtoRequestErrorBody = {
78
79
  message: string;
79
80
  };
80
81
  export type Requester = <T>(...args: Parameters<typeof fetch>) => Promise<T>;
82
+ export type InteractionMode = 'signIn' | 'signUp';
81
83
  export type FetchTokenByAuthorizationCodeParameters = {
82
84
  clientId: string;
83
85
  tokenEndpoint: string;
@@ -192,8 +194,9 @@ export type SignInUriParameters = {
192
194
  scopes?: string[];
193
195
  resources?: string[];
194
196
  prompt?: Prompt;
197
+ interactionMode?: InteractionMode;
195
198
  };
196
- export const generateSignInUri: ({ authorizationEndpoint, clientId, redirectUri, codeChallenge, state, scopes, resources, prompt, }: SignInUriParameters) => string;
199
+ export const generateSignInUri: ({ authorizationEndpoint, clientId, redirectUri, codeChallenge, state, scopes, resources, prompt, interactionMode, }: SignInUriParameters) => string;
197
200
  type SignOutUriParameters = {
198
201
  endSessionEndpoint: string;
199
202
  clientId: string;
package/lib/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"mappings":";;AAAA,OAAO,MAAM;;;;CAEZ,CAAC;AAEF;IACE,iBAAiB,uBAAuB;IACxC,YAAY,kBAAkB;CAC/B;AAED;IACE,QAAQ,cAAc;IACtB,IAAI,SAAS;IACb,aAAa,mBAAmB;IAChC,mBAAmB,0BAA0B;IAC7C,YAAY,kBAAkB;IAC9B,KAAK,UAAU;IACf,gBAAgB,sBAAsB;IACtC,SAAS,eAAe;IACxB,OAAO,aAAa;IACpB,WAAW,kBAAkB;IAC7B,qBAAqB,6BAA6B;IAClD,iBAAiB;IACjB,WAAW,iBAAiB;IAC5B,YAAY,kBAAkB;IAC9B,QAAQ,aAAa;IACrB,YAAY,kBAAkB;IAC9B,KAAK,UAAU;IACf,KAAK,UAAU;IACf,KAAK,UAAU;CAChB;AAED;IACE,OAAO,YAAY;IACnB,KAAK,UAAU;CAChB;AAGD;IACE,MAAM,WAAW;IACjB,aAAa,mBAAmB;CACjC;AAED;;GAEG;AACH;IACE;;;;OAIG;IACH,OAAO,YAAY;IACnB;;;;OAIG;IACH,KAAK,UAAU;IACf;;;;OAIG;IACH,KAAK,UAAU;IACf;;;;OAIG;IACH,UAAU,gBAAgB;IAC1B;;;;OAIG;IACH,UAAU,eAAe;CAC1B;AC5ED,oCAAoC;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,wBAAwB,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,UAAU,CAAC,OAAO,KAAK,CAAC,KAAK,OAAO,CAAC,CAAC,CAAC,CAAC;ACC7E,sDAAsD;IACpD,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,CAAC;AAEF,iDAAiD;IAC/C,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB,CAAC;AAEF,kCAAkC;IAChC,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,gCAAgC,gBAAgB,0BAA0B,CAAC,CAAC;AAE5E,0CAA0C;IACxC,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,wCAAwC,gBAAgB,kCAAkC,CAAC,CAAC;AAE5F,OAAO,MAAM,yGAQR,uCAAuC,aAC/B,SAAS,KACnB,QAAQ,iBAAiB,CAmB3B,CAAC;AAEF,OAAO,MAAM,wFACkD,kCAAkC,aACpF,SAAS,KACnB,QAAQ,yBAAyB,CAwBnC,CAAC;AChGF,mCAAmC;IACjC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,OAAO,MAAM,wDAAwD,CAAC;AAEtE,iCAAiC,gBAAgB,2BAA2B,CAAC,CAAC;AAE9E,OAAO,MAAM,4BACD,MAAM,aACL,SAAS,KACnB,QAAQ,kBAAkB,CAC0C,CAAC;ACpBxE,OAAO,MAAM,6BACS,MAAM,YAChB,MAAM,SACT,MAAM,aACF,SAAS,KACnB,QAAQ,IAAI,CAQX,CAAC;AChBL,OAAO,MAAM,0BAA2B,OAAO,oCACJ,CAAC;ACI5C,QAAA,MAAM;;;;;;;;;;;;;;EAcJ,CAAC;AAEH,6BAA6B,kBAAkB,sBAAsB,CAAC,CAAC;AAavE,uBAAwB,SAAQ,KAAK;IACnC,IAAI,EAAE,cAAc,CAAC;IACrB,IAAI,EAAE,OAAO,CAAC;gBAEF,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,EAAE,OAAO;CAKjD;AAED,OAAO,MAAM,4BAA6B,OAAO;UAAmB,MAAM;aAAW,MAAM;CAM1F,CAAC;AAEF,8BAA+B,SAAQ,KAAK;IAC1C,IAAI,EAAE,MAAM,CAAC;gBAED,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;CAI1C;AAED;IACqB,KAAK,EAAE,MAAM;IAAS,gBAAgB,CAAC;gBAAvC,KAAK,EAAE,MAAM,EAAS,gBAAgB,CAAC,oBAAQ;CACnE;AC3DD,OAAO,MAAM,0BAA2B,MAAM,oBAI7C,CAAC;AAEF,OAAO,MAAM,iDACE,MAAM,eACN,MAAM,SACZ,MAAM,WAkCd,CAAC;ACtCF,4BAA4B;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IAC3B,IAAI,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IACxB,QAAQ,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IAC5B,OAAO,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IAC3B,KAAK,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IACzB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,YAAY,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IAChC,qBAAqB,CAAC,EAAE,OAAO,CAAC;CACjC,CAAC;AA6CF,OAAO,MAAM,yBACF,MAAM,YACL,MAAM,UACR,MAAM,QACR,eAAe,kBAOtB,CAAC;AAEF,OAAO,MAAM,uBAAwB,MAAM,KAAG,aAY7C,CAAC;AC5FF;;;GAGG;AACH,OAAO,MAAM,qCAAsC,MAAM,EAAE,KAAG,MAK7D,CAAC;AELF,kCAAkC;IAChC,qBAAqB,EAAE,MAAM,CAAC;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,OAAO,MAAM,wHASV,mBAAmB,WAiBrB,CAAC;ACzCF,4BAA4B;IAC1B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,qBAAqB,CAAC,EAAE,MAAM,CAAC;CAChC,CAAC;AAEF,OAAO,MAAM,+EAIV,oBAAoB,WAQtB,CAAC;AChBF,gBAAgB;IACd,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC,CAAC;AAEF,+BAA+B;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IACxB,QAAQ,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IAC5B,OAAO,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IAC3B,KAAK,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IACzB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,YAAY,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IAChC,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;CACvC,CAAC;AAEF,OAAO,MAAM,kCACO,MAAM,eACX,MAAM,aACR,SAAS,KACnB,QAAQ,gBAAgB,CAGvB,CAAC","sources":["packages/js/src/src/consts/index.ts","packages/js/src/src/types/index.ts","packages/js/src/src/core/fetch-token.ts","packages/js/src/src/core/oidc-config.ts","packages/js/src/src/core/revoke.ts","packages/js/src/src/utils/arbitrary-object.ts","packages/js/src/src/utils/errors.ts","packages/js/src/src/utils/callback-uri.ts","packages/js/src/src/utils/id-token.ts","packages/js/src/src/utils/scopes.ts","packages/js/src/src/utils/index.ts","packages/js/src/src/core/sign-in.ts","packages/js/src/src/core/sign-out.ts","packages/js/src/src/core/user-info.ts","packages/js/src/src/core/index.ts","packages/js/src/src/index.ts","packages/js/src/index.ts"],"sourcesContent":[null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,"/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\nexport * from './types';\n"],"names":[],"version":3,"file":"index.d.ts.map"}
1
+ {"mappings":";;AAAA,OAAO,MAAM;;;;CAEZ,CAAC;AAEF;IACE,iBAAiB,uBAAuB;IACxC,YAAY,kBAAkB;CAC/B;AAED;IACE,QAAQ,cAAc;IACtB,IAAI,SAAS;IACb,aAAa,mBAAmB;IAChC,mBAAmB,0BAA0B;IAC7C,YAAY,kBAAkB;IAC9B,KAAK,UAAU;IACf,gBAAgB,sBAAsB;IACtC,SAAS,eAAe;IACxB,OAAO,aAAa;IACpB,WAAW,kBAAkB;IAC7B,qBAAqB,6BAA6B;IAClD,iBAAiB;IACjB,WAAW,iBAAiB;IAC5B,YAAY,kBAAkB;IAC9B,QAAQ,aAAa;IACrB,YAAY,kBAAkB;IAC9B,KAAK,UAAU;IACf,KAAK,UAAU;IACf,KAAK,UAAU;IAEf,eAAe,qBAAqB;CACrC;AAED;IACE,OAAO,YAAY;IACnB,KAAK,UAAU;CAChB;AAGD;IACE,MAAM,WAAW;IACjB,aAAa,mBAAmB;CACjC;AAED;;GAEG;AACH;IACE;;;;OAIG;IACH,OAAO,YAAY;IACnB;;;;OAIG;IACH,KAAK,UAAU;IACf;;;;OAIG;IACH,KAAK,UAAU;IACf;;;;OAIG;IACH,UAAU,gBAAgB;IAC1B;;;;OAIG;IACH,UAAU,eAAe;CAC1B;AC9ED,oCAAoC;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,wBAAwB,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,UAAU,CAAC,OAAO,KAAK,CAAC,KAAK,OAAO,CAAC,CAAC,CAAC,CAAC;AAG7E,8BAA8B,QAAQ,GAAG,QAAQ,CAAC;ACFlD,sDAAsD;IACpD,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,CAAC;AAEF,iDAAiD;IAC/C,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB,CAAC;AAEF,kCAAkC;IAChC,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,gCAAgC,gBAAgB,0BAA0B,CAAC,CAAC;AAE5E,0CAA0C;IACxC,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,wCAAwC,gBAAgB,kCAAkC,CAAC,CAAC;AAE5F,OAAO,MAAM,yGAQR,uCAAuC,aAC/B,SAAS,KACnB,QAAQ,iBAAiB,CAmB3B,CAAC;AAEF,OAAO,MAAM,wFACkD,kCAAkC,aACpF,SAAS,KACnB,QAAQ,yBAAyB,CAwBnC,CAAC;AChGF,mCAAmC;IACjC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,OAAO,MAAM,wDAAwD,CAAC;AAEtE,iCAAiC,gBAAgB,2BAA2B,CAAC,CAAC;AAE9E,OAAO,MAAM,4BACD,MAAM,aACL,SAAS,KACnB,QAAQ,kBAAkB,CAC0C,CAAC;ACpBxE,OAAO,MAAM,6BACS,MAAM,YAChB,MAAM,SACT,MAAM,aACF,SAAS,KACnB,QAAQ,IAAI,CAQX,CAAC;AChBL,OAAO,MAAM,0BAA2B,OAAO,oCACJ,CAAC;ACI5C,QAAA,MAAM;;;;;;;;;;;;;;EAcJ,CAAC;AAEH,6BAA6B,kBAAkB,sBAAsB,CAAC,CAAC;AAavE,uBAAwB,SAAQ,KAAK;IACnC,IAAI,EAAE,cAAc,CAAC;IACrB,IAAI,EAAE,OAAO,CAAC;gBAEF,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,EAAE,OAAO;CAKjD;AAED,OAAO,MAAM,4BAA6B,OAAO;UAAmB,MAAM;aAAW,MAAM;CAM1F,CAAC;AAEF,8BAA+B,SAAQ,KAAK;IAC1C,IAAI,EAAE,MAAM,CAAC;gBAED,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;CAI1C;AAED;IACqB,KAAK,EAAE,MAAM;IAAS,gBAAgB,CAAC;gBAAvC,KAAK,EAAE,MAAM,EAAS,gBAAgB,CAAC,oBAAQ;CACnE;AC3DD,OAAO,MAAM,0BAA2B,MAAM,oBAI7C,CAAC;AAEF,OAAO,MAAM,iDACE,MAAM,eACN,MAAM,SACZ,MAAM,WAkCd,CAAC;ACtCF,4BAA4B;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IAC3B,IAAI,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IACxB,QAAQ,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IAC5B,OAAO,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IAC3B,KAAK,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IACzB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,YAAY,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IAChC,qBAAqB,CAAC,EAAE,OAAO,CAAC;CACjC,CAAC;AA6CF,OAAO,MAAM,yBACF,MAAM,YACL,MAAM,UACR,MAAM,QACR,eAAe,kBAOtB,CAAC;AAEF,OAAO,MAAM,uBAAwB,MAAM,KAAG,aAY7C,CAAC;AC5FF;;;GAGG;AACH,OAAO,MAAM,qCAAsC,MAAM,EAAE,KAAG,MAK7D,CAAC;AEJF,kCAAkC;IAChC,qBAAqB,EAAE,MAAM,CAAC;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,eAAe,CAAC,EAAE,eAAe,CAAC;CACnC,CAAC;AAEF,OAAO,MAAM,yIAUV,mBAAmB,WAsBrB,CAAC;ACjDF,4BAA4B;IAC1B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,qBAAqB,CAAC,EAAE,MAAM,CAAC;CAChC,CAAC;AAEF,OAAO,MAAM,+EAIV,oBAAoB,WAQtB,CAAC;AChBF,gBAAgB;IACd,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC,CAAC;AAEF,+BAA+B;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IACxB,QAAQ,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IAC5B,OAAO,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IAC3B,KAAK,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IACzB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,YAAY,CAAC,EAAE,SAAS,MAAM,CAAC,CAAC;IAChC,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;CACvC,CAAC;AAEF,OAAO,MAAM,kCACO,MAAM,eACX,MAAM,aACR,SAAS,KACnB,QAAQ,gBAAgB,CAGvB,CAAC","sources":["packages/js/src/src/consts/index.ts","packages/js/src/src/types/index.ts","packages/js/src/src/core/fetch-token.ts","packages/js/src/src/core/oidc-config.ts","packages/js/src/src/core/revoke.ts","packages/js/src/src/utils/arbitrary-object.ts","packages/js/src/src/utils/errors.ts","packages/js/src/src/utils/callback-uri.ts","packages/js/src/src/utils/id-token.ts","packages/js/src/src/utils/scopes.ts","packages/js/src/src/utils/index.ts","packages/js/src/src/core/sign-in.ts","packages/js/src/src/core/sign-out.ts","packages/js/src/src/core/user-info.ts","packages/js/src/src/core/index.ts","packages/js/src/src/index.ts","packages/js/src/index.ts"],"sourcesContent":[null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,"/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\nexport * from './types';\n"],"names":[],"version":3,"file":"index.d.ts.map"}
package/lib/index.js CHANGED
@@ -70,6 +70,8 @@ let $5c367c11270b61f6$export$65f63a8bc3cba53d;
70
70
  QueryKey["Scope"] = "scope";
71
71
  QueryKey["State"] = "state";
72
72
  QueryKey["Token"] = "token";
73
+ QueryKey[// Need to align with the OIDC extraParams settings in core
74
+ "InteractionMode"] = "interaction_mode";
73
75
  })($5c367c11270b61f6$export$65f63a8bc3cba53d || ($5c367c11270b61f6$export$65f63a8bc3cba53d = {}));
74
76
  let $5c367c11270b61f6$export$83716a4aa1642908;
75
77
  (function(Prompt) {
@@ -342,7 +344,7 @@ $parcel$exportWildcard($10615ba3cc8a78f8$exports, $30090a6cd317e7f3$exports);
342
344
 
343
345
  const $1e17092ca3413c94$var$codeChallengeMethod = "S256";
344
346
  const $1e17092ca3413c94$var$responseType = "code";
345
- const $1e17092ca3413c94$export$b01a187f12b774c6 = ({ authorizationEndpoint: authorizationEndpoint , clientId: clientId , redirectUri: redirectUri , codeChallenge: codeChallenge , state: state , scopes: scopes , resources: resources , prompt: prompt })=>{
347
+ const $1e17092ca3413c94$export$b01a187f12b774c6 = ({ authorizationEndpoint: authorizationEndpoint , clientId: clientId , redirectUri: redirectUri , codeChallenge: codeChallenge , state: state , scopes: scopes , resources: resources , prompt: prompt , interactionMode: interactionMode })=>{
346
348
  const urlSearchParameters = new URLSearchParams({
347
349
  [(0, $5c367c11270b61f6$export$65f63a8bc3cba53d).ClientId]: clientId,
348
350
  [(0, $5c367c11270b61f6$export$65f63a8bc3cba53d).RedirectUri]: redirectUri,
@@ -354,6 +356,8 @@ const $1e17092ca3413c94$export$b01a187f12b774c6 = ({ authorizationEndpoint: auth
354
356
  [(0, $5c367c11270b61f6$export$65f63a8bc3cba53d).Scope]: (0, $b85bdeea0b1e81a5$export$3cf0748e30b766d7)(scopes)
355
357
  });
356
358
  for (const resource of resources ?? [])urlSearchParameters.append((0, $5c367c11270b61f6$export$65f63a8bc3cba53d).Resource, resource);
359
+ // Set interactionMode to signUp for a create account user experience
360
+ if (interactionMode) urlSearchParameters.append((0, $5c367c11270b61f6$export$65f63a8bc3cba53d).InteractionMode, interactionMode);
357
361
  return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;
358
362
  };
359
363
 
package/lib/index.js.map CHANGED
@@ -1 +1 @@
1
- {"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AEAA;;;;;;;;;ACAO,MAAM,4CAAc;IACzB,gBAAgB;QAAE,gBAAgB;IAAoC;AACxE;IAEO;UAAK,cAAc;IAAd,eACV,uBAAoB;IADV,eAEV,kBAAe;GAFL,8CAAA;IAKL;UAAK,QAAQ;IAAR,SACV,cAAW;IADD,SAEV,UAAO;IAFG,SAGV,mBAAgB;IAHN,SAIV,yBAAsB;IAJZ,SAKV,kBAAe;IALL,SAMV,WAAQ;IANE,SAOV,sBAAmB;IAPT,SAQV,eAAY;IARF,SASV,aAAU;IATA,SAUV,iBAAc;IAVJ,SAWV,2BAAwB;IAXd,SAYV,YAAS;IAZC,SAaV,iBAAc;IAbJ,SAcV,kBAAe;IAdL,SAeV,cAAW;IAfD,SAgBV,kBAAe;IAhBL,SAiBV,WAAQ;IAjBE,SAkBV,WAAQ;IAlBE,SAmBV,WAAQ;GAnBE,8CAAA;IAsBL;UAAK,MAAM;IAAN,OACV,aAAU;IADA,OAEV,WAAQ;GAFE,8CAAA;IAML;UAAK,aAAa;IAAb,cACV,YAAS;IADC,cAEV,mBAAgB;GAFN,6CAAA;IAQL;UAAK,SAAS;IAAT,UACV;;;;GAIC,GACD,aAAU;IANA,UAOV;;;;GAIC,GACD,WAAQ;IAZE,UAaV;;;;GAIC,GACD,WAAQ;IAlBE,UAmBV;;;;GAIC,GACD,gBAAa;IAxBH,UAyBV;;;;GAIC,GACD,gBAAa;GA9BH,8CAAA;;;ADFL,MAAM,4CAAgC,OAC3C,YACE,SAAQ,iBACR,cAAa,eACb,YAAW,gBACX,aAAY,QACZ,KAAI,YACJ,SAAQ,EACgC,EAC1C,YAC+B;IAC/B,MAAM,aAAa,IAAI;IACvB,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,EAAE;IACrC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,IAAI,EAAE;IACjC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,YAAY,EAAE;IACzC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,WAAW,EAAE;IACxC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,SAAS,EAAE,CAAA,GAAA,yCAAc,AAAD,EAAE,iBAAiB;IAEtE,IAAI,UACF,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,QAAQ,EAAE;IAGvC,MAAM,6BAA6B,MAAM,UAAsC,eAAe;QAC5F,QAAQ;QACR,SAAS,CAAA,GAAA,yCAAW,AAAD,EAAE,cAAc;QACnC,MAAM;IACR;IAEA,OAAO,CAAA,GAAA,8CAAY,EAAE;AACvB;AAEO,MAAM,4CAA2B,OACtC,YAAE,SAAQ,iBAAE,cAAa,gBAAE,aAAY,YAAE,SAAQ,UAAE,OAAM,EAAsC,EAC/F,YACuC;IACvC,MAAM,aAAa,IAAI;IACvB,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,EAAE;IACrC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,YAAY,EAAE;IACzC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,SAAS,EAAE,CAAA,GAAA,yCAAc,AAAD,EAAE,YAAY;IAEjE,IAAI,UACF,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,QAAQ,EAAE;IAGvC,IAAI,QAAQ,QACV,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,EAAE,OAAO,IAAI,CAAC;IAGhD,MAAM,qCAAqC,MAAM,UAC/C,eACA;QACE,QAAQ;QACR,SAAS,CAAA,GAAA,yCAAW,AAAD,EAAE,cAAc;QACnC,MAAM;IACR;IAGF,OAAO,CAAA,GAAA,8CAAY,EAAE;AACvB;;ADrGA;;;;;AGAA;AAeO,MAAM,4CAAgB;AAItB,MAAM,4CAAkB,OAC7B,UACA,YAEA,CAAA,GAAA,8CAAa,AAAD,EAAE,MAAM,UAAuC;;;;;;ACvB7D;AAGO,MAAM,4CAAS,OACpB,oBACA,UACA,OACA,YAEA,UAAgB,oBAAoB;QAClC,QAAQ;QACR,SAAS,CAAA,GAAA,yCAAW,AAAD,EAAE,cAAc;QACnC,MAAM,IAAI,gBAAgB;YACxB,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,CAAC,EAAE;YACrB,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,CAAC,EAAE;QACpB;IACF;;;;;;AChBF;;;;;;AEAA;;;;;;;;ACAA;;;;ACAO,MAAM,4CAAoB,CAAC,OAChC,OAAO,SAAS,YAAY,SAAS,IAAI;;;ADI3C,MAAM,wCAAkB,OAAO,MAAM,CAAC;IACpC,UAAU;QACR,aAAa;QACb,eAAe;IACjB;IACA,2BAA2B;QACzB,yBAAyB;QACzB,aAAa;QACb,eAAe;QACf,kBAAkB;QAClB,cAAc;IAChB;IACA,2BAA2B;IAC3B,2BAA2B;AAC7B;AAIA,MAAM,8CAAwB,CAAC,YAAsC;IACnE,mEAAmE;IACnE,MAAM,UAAU,CAAA,GAAA,0CAAE,EAAE,uCAAiB;IAErC,IAAI,OAAO,YAAY,UACrB,OAAO;IAGT,OAAO;AACT;AAEO,MAAM,kDAAmB;IAI9B,YAAY,IAAoB,EAAE,IAAc,CAAE;QAChD,KAAK,CAAC,4CAAsB;QAC5B,IAAI,CAAC,IAAI,GAAG;QACZ,IAAI,CAAC,IAAI,GAAG;IACd;AACF;AAEO,MAAM,4CAAsB,CAAC,OAA6D;IAC/F,IAAI,CAAC,CAAA,GAAA,yCAAiB,AAAD,EAAE,OACrB,OAAO,KAAK;IAGd,OAAO,OAAO,KAAK,IAAI,KAAK,YAAY,OAAO,KAAK,OAAO,KAAK;AAClE;AAEO,MAAM,kDAA0B;IAGrC,YAAY,IAAY,EAAE,OAAe,CAAE;QACzC,KAAK,CAAC;QACN,IAAI,CAAC,IAAI,GAAG;IACd;AACF;AAEO,MAAM;IACX,YAAmB,OAAsB,iBAA2B;qBAAjD;gCAAsB;IAA4B;AACvE;;;AD3DO,MAAM,4CAAqB,CAAC,MAAgB;IACjD,MAAM,GAAG,cAAc,EAAE,CAAC,GAAG,IAAI,KAAK,CAAC;IAEvC,OAAO,IAAI,gBAAgB;AAC7B;AAEO,MAAM,4CAAoC,CAC/C,aACA,aACA,QACG;IACH,IAAI,CAAC,YAAY,UAAU,CAAC,cAC1B,MAAM,IAAI,CAAA,GAAA,yCAAU,AAAD,EAAE,qDAAqD;IAE5E,MAAM,gBAAgB,0CAAmB;IAEzC,MAAM,QAAQ,CAAA,GAAA,uCAAU,EAAE,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,KAAK;IAC1D,MAAM,mBAAmB,CAAA,GAAA,uCAAU,EAAE,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,gBAAgB;IAEhF,IAAI,OACF,MAAM,IAAI,CAAA,GAAA,yCAAU,AAAD,EACjB,yCACA,IAAI,CAAA,GAAA,yCAAS,AAAD,EAAE,OAAO,mBACrB;IAGJ,MAAM,uBAAuB,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK;IAE7D,IAAI,CAAC,sBACH,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,2CAA2C;IAGlE,IAAI,yBAAyB,OAC3B,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,8CAA8C;IAGrE,MAAM,OAAO,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAO,EAAE,IAAI;IAE5C,IAAI,CAAC,MACH,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,0CAA0C;IAGjE,OAAO;AACT;;ADhDA;;;;;;AIAA;;;;AAQA,MAAM,8CAAwB;AAkB9B,6BAA6B,GAC7B;;CAEC,GACD,SAAS,0CAAoB,IAAa,EAAiC;IACzE,IAAI,CAAC,CAAA,GAAA,yCAAgB,EAAE,OACrB,MAAM,IAAI,UAAU,uCAAuC;IAG7D,KAAK,MAAM,OAAO;QAAC;QAAO;QAAO;KAAM,CAAE;QACvC,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,UACvB,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,mBAAmB,CAAC,EAAE;IAEtE;IAEA,KAAK,MAAM,OAAO;QAAC;QAAO;KAAM,CAAE;QAChC,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,UACvB,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,mBAAmB,CAAC,EAAE;IAEtE;IAEA,KAAK,MAAM,OAAO;QAAC;QAAW;QAAQ;QAAY;QAAW;QAAS;KAAe,CAAE;QACrF,IAAI,IAAI,CAAC,IAAI,KAAK,WAChB,QAAS;QAGX,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,YAAY,IAAI,CAAC,IAAI,KAAK,IAAI,EACrD,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,2BAA2B,CAAC,EAAE;IAE9E;IAEA,KAAK,MAAM,OAAO;QAAC;QAAkB;KAAwB,CAAE;QAC7D,IAAI,IAAI,CAAC,IAAI,KAAK,WAChB,QAAS;QAGX,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,WACvB,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,oBAAoB,CAAC,EAAE;IAEvE;AACF;AAGO,MAAM,4CAAgB,OAC3B,SACA,UACA,QACA,OACG;IACH,MAAM,SAAS,MAAM,CAAA,GAAA,qBAAQ,EAAE,SAAS,MAAM;QAAE,UAAU;gBAAU;IAAO;IAE3E,IAAI,KAAK,GAAG,CAAC,AAAC,CAAA,OAAO,OAAO,CAAC,GAAG,IAAI,CAAA,IAAK,KAAK,GAAG,KAAK,QAAQ,6CAC5D,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,wBAAwB;AAEjD;AAEO,MAAM,4CAAgB,CAAC,QAAiC;IAC7D,MAAM,EAAE,GAAG,eAAc,EAAE,GAAG,MAAM,KAAK,CAAC;IAE1C,IAAI,CAAC,gBACH,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,0BAA0B;IAGjD,MAAM,OAAO,CAAA,GAAA,yCAAa,AAAD,EAAE,MAAM,CAAC;IAClC,MAAM,gBAAyB,KAAK,KAAK,CAAC;IAC1C,0CAAoB;IAEpB,OAAO;AACT;;;;;;AC9FA;AAMO,MAAM,4CAAoB,CAAC,iBAAsC;IACtE,MAAM,iBAAiB,OAAO,MAAM,CAAC,CAAA,GAAA,wCAAa,AAAD;IACjD,MAAM,eAAe,IAAI,IAAI;WAAI;QAAgB,CAAA,GAAA,yCAAS,AAAD,EAAE,OAAO;WAAM,kBAAkB,EAAE;KAAE;IAE9F,OAAO,MAAM,IAAI,CAAC,cAAc,IAAI,CAAC;AACvC;;;;;;;;;;;ANRA,MAAM,4CAAsB;AAC5B,MAAM,qCAAe;AAad,MAAM,4CAAoB,CAAC,yBAChC,sBAAqB,YACrB,SAAQ,eACR,YAAW,iBACX,cAAa,SACb,MAAK,UACL,OAAM,aACN,UAAS,UACT,OAAM,EACc,GAAK;IACzB,MAAM,sBAAsB,IAAI,gBAAgB;QAC9C,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,CAAC,EAAE;QACrB,CAAC,CAAA,GAAA,yCAAO,EAAE,WAAW,CAAC,EAAE;QACxB,CAAC,CAAA,GAAA,yCAAO,EAAE,aAAa,CAAC,EAAE;QAC1B,CAAC,CAAA,GAAA,yCAAO,EAAE,mBAAmB,CAAC,EAAE;QAChC,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,CAAC,EAAE;QAClB,CAAC,CAAA,GAAA,yCAAO,EAAE,YAAY,CAAC,EAAE;QACzB,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,MAAM,CAAC,EAAE,UAAU,CAAA,GAAA,yCAAM,AAAD,EAAE,OAAO;QAC3C,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,CAAC,EAAE,CAAA,GAAA,yCAAiB,AAAD,EAAE;IACtC;IAEA,KAAK,MAAM,YAAY,aAAa,EAAE,CACpC,oBAAoB,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,EAAE;IAGhD,OAAO,CAAC,EAAE,sBAAsB,CAAC,EAAE,oBAAoB,QAAQ,GAAG,CAAC;AACrE;;;;;;AO3CA;AAQO,MAAM,4CAAqB,CAAC,sBACjC,mBAAkB,YAClB,SAAQ,yBACR,sBAAqB,EACA,GAAK;IAC1B,MAAM,sBAAsB,IAAI,gBAAgB;QAAE,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,CAAC,EAAE;IAAS;IAEhF,IAAI,uBACF,oBAAoB,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,qBAAqB,EAAE;IAG7D,OAAO,CAAC,EAAE,mBAAmB,CAAC,EAAE,oBAAoB,QAAQ,GAAG,CAAC;AAClE;;;;;;ACEO,MAAM,4CAAgB,OAC3B,kBACA,aACA,YAEA,UAA4B,kBAAkB;QAC5C,SAAS;YAAE,eAAe,CAAC,OAAO,EAAE,YAAY,CAAC;QAAC;IACpD;;;;;;;;;;Ad7BF,wBAAwB,GACxB;;;;;","sources":["packages/js/src/index.ts","packages/js/src/core/index.ts","packages/js/src/core/fetch-token.ts","packages/js/src/consts/index.ts","packages/js/src/core/oidc-config.ts","packages/js/src/core/revoke.ts","packages/js/src/core/sign-in.ts","packages/js/src/utils/index.ts","packages/js/src/utils/callback-uri.ts","packages/js/src/utils/errors.ts","packages/js/src/utils/arbitrary-object.ts","packages/js/src/utils/id-token.ts","packages/js/src/utils/scopes.ts","packages/js/src/core/sign-out.ts","packages/js/src/core/user-info.ts","packages/js/src/types/index.ts"],"sourcesContent":["/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\nexport * from './types';\n","export * from './fetch-token';\nexport * from './oidc-config';\nexport * from './revoke';\nexport * from './sign-in';\nexport * from './sign-out';\nexport * from './user-info';\n","import type { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { ContentType, QueryKey, TokenGrantType } from '../consts';\nimport type { Requester } from '../types';\n\nexport type FetchTokenByAuthorizationCodeParameters = {\n clientId: string;\n tokenEndpoint: string;\n redirectUri: string;\n codeVerifier: string;\n code: string;\n resource?: string;\n};\n\nexport type FetchTokenByRefreshTokenParameters = {\n clientId: string;\n tokenEndpoint: string;\n refreshToken: string;\n resource?: string;\n scopes?: string[];\n};\n\ntype SnakeCaseCodeTokenResponse = {\n access_token: string;\n refresh_token?: string;\n id_token: string;\n scope: string;\n expires_in: number;\n};\n\nexport type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;\n\ntype SnakeCaseRefreshTokenTokenResponse = {\n access_token: string;\n refresh_token: string;\n id_token?: string;\n scope: string;\n expires_in: number;\n};\n\nexport type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;\n\nexport const fetchTokenByAuthorizationCode = async (\n {\n clientId,\n tokenEndpoint,\n redirectUri,\n codeVerifier,\n code,\n resource,\n }: FetchTokenByAuthorizationCodeParameters,\n requester: Requester\n): Promise<CodeTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.Code, code);\n parameters.append(QueryKey.CodeVerifier, codeVerifier);\n parameters.append(QueryKey.RedirectUri, redirectUri);\n parameters.append(QueryKey.GrantType, TokenGrantType.AuthorizationCode);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n const snakeCaseCodeTokenResponse = await requester<SnakeCaseCodeTokenResponse>(tokenEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n });\n\n return camelcaseKeys(snakeCaseCodeTokenResponse);\n};\n\nexport const fetchTokenByRefreshToken = async (\n { clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters,\n requester: Requester\n): Promise<RefreshTokenTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.RefreshToken, refreshToken);\n parameters.append(QueryKey.GrantType, TokenGrantType.RefreshToken);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n if (scopes?.length) {\n parameters.append(QueryKey.Scope, scopes.join(' '));\n }\n\n const snakeCaseRefreshTokenTokenResponse = await requester<SnakeCaseRefreshTokenTokenResponse>(\n tokenEndpoint,\n {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n }\n );\n\n return camelcaseKeys(snakeCaseRefreshTokenTokenResponse);\n};\n","export const ContentType = {\n formUrlEncoded: { 'Content-Type': 'application/x-www-form-urlencoded' },\n};\n\nexport enum TokenGrantType {\n AuthorizationCode = 'authorization_code',\n RefreshToken = 'refresh_token',\n}\n\nexport enum QueryKey {\n ClientId = 'client_id',\n Code = 'code',\n CodeChallenge = 'code_challenge',\n CodeChallengeMethod = 'code_challenge_method',\n CodeVerifier = 'code_verifier',\n Error = 'error',\n ErrorDescription = 'error_description',\n GrantType = 'grant_type',\n IdToken = 'id_token',\n IdTokenHint = 'id_token_hint',\n PostLogoutRedirectUri = 'post_logout_redirect_uri',\n Prompt = 'prompt',\n RedirectUri = 'redirect_uri',\n RefreshToken = 'refresh_token',\n Resource = 'resource',\n ResponseType = 'response_type',\n Scope = 'scope',\n State = 'state',\n Token = 'token',\n}\n\nexport enum Prompt {\n Consent = 'consent',\n Login = 'login',\n}\n\n// TODO: @sijie @charles find a proper way to sync scopes constants with core\nexport enum ReservedScope {\n OpenId = 'openid',\n OfflineAccess = 'offline_access',\n}\n\n/**\n * Scopes for ID Token and Userinfo Endpoint.\n */\nexport enum UserScope {\n /**\n * Scope for basic user info.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Profile = 'profile',\n /**\n * Scope for user email address.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Email = 'email',\n /**\n * Scope for user phone number.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Phone = 'phone',\n /**\n * Scope for user's custom data.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n CustomData = 'custom_data',\n /**\n * Scope for user's social identity details.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Identities = 'identities',\n}\n","import type { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport type { Requester } from '../types';\n\ntype OidcConfigSnakeCaseResponse = {\n authorization_endpoint: string;\n token_endpoint: string;\n userinfo_endpoint: string;\n end_session_endpoint: string;\n revocation_endpoint: string;\n jwks_uri: string;\n issuer: string;\n};\n\nexport const discoveryPath = '/oidc/.well-known/openid-configuration';\n\nexport type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;\n\nexport const fetchOidcConfig = async (\n endpoint: string,\n requester: Requester\n): Promise<OidcConfigResponse> =>\n camelcaseKeys(await requester<OidcConfigSnakeCaseResponse>(endpoint));\n","import { ContentType, QueryKey } from '../consts';\nimport type { Requester } from '../types';\n\nexport const revoke = async (\n revocationEndpoint: string,\n clientId: string,\n token: string,\n requester: Requester\n): Promise<void> =>\n requester<void>(revocationEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.Token]: token,\n }),\n });\n","import { Prompt, QueryKey } from '../consts';\nimport { withDefaultScopes } from '../utils';\n\nconst codeChallengeMethod = 'S256';\nconst responseType = 'code';\n\nexport type SignInUriParameters = {\n authorizationEndpoint: string;\n clientId: string;\n redirectUri: string;\n codeChallenge: string;\n state: string;\n scopes?: string[];\n resources?: string[];\n prompt?: Prompt;\n};\n\nexport const generateSignInUri = ({\n authorizationEndpoint,\n clientId,\n redirectUri,\n codeChallenge,\n state,\n scopes,\n resources,\n prompt,\n}: SignInUriParameters) => {\n const urlSearchParameters = new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.RedirectUri]: redirectUri,\n [QueryKey.CodeChallenge]: codeChallenge,\n [QueryKey.CodeChallengeMethod]: codeChallengeMethod,\n [QueryKey.State]: state,\n [QueryKey.ResponseType]: responseType,\n [QueryKey.Prompt]: prompt ?? Prompt.Consent,\n [QueryKey.Scope]: withDefaultScopes(scopes),\n });\n\n for (const resource of resources ?? []) {\n urlSearchParameters.append(QueryKey.Resource, resource);\n }\n\n return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export * from './callback-uri';\nexport * from './errors';\nexport * from './id-token';\nexport * from './scopes';\nexport * from './arbitrary-object';\n","import { conditional } from '@silverhand/essentials';\n\nimport { QueryKey } from '../consts';\nimport { LogtoError, OidcError } from './errors';\n\nexport const parseUriParameters = (uri: string) => {\n const [, queryString = ''] = uri.split('?');\n\n return new URLSearchParams(queryString);\n};\n\nexport const verifyAndParseCodeFromCallbackUri = (\n callbackUri: string,\n redirectUri: string,\n state: string\n) => {\n if (!callbackUri.startsWith(redirectUri)) {\n throw new LogtoError('callback_uri_verification.redirect_uri_mismatched');\n }\n const uriParameters = parseUriParameters(callbackUri);\n\n const error = conditional(uriParameters.get(QueryKey.Error));\n const errorDescription = conditional(uriParameters.get(QueryKey.ErrorDescription));\n\n if (error) {\n throw new LogtoError(\n 'callback_uri_verification.error_found',\n new OidcError(error, errorDescription)\n );\n }\n\n const stateFromCallbackUri = uriParameters.get(QueryKey.State);\n\n if (!stateFromCallbackUri) {\n throw new LogtoError('callback_uri_verification.missing_state');\n }\n\n if (stateFromCallbackUri !== state) {\n throw new LogtoError('callback_uri_verification.state_mismatched');\n }\n\n const code = uriParameters.get(QueryKey.Code);\n\n if (!code) {\n throw new LogtoError('callback_uri_verification.missing_code');\n }\n\n return code;\n};\n","import type { NormalizeKeyPaths } from '@silverhand/essentials';\nimport get from 'lodash.get';\n\nimport { isArbitraryObject } from './arbitrary-object';\n\nconst logtoErrorCodes = Object.freeze({\n id_token: {\n invalid_iat: 'Invalid issued at time in the ID token',\n invalid_token: 'Invalid ID token',\n },\n callback_uri_verification: {\n redirect_uri_mismatched: 'The callback URI mismatches the redirect URI.',\n error_found: 'Error found in the callback URI',\n missing_state: 'Missing state in the callback URI',\n state_mismatched: 'State mismatched in the callback URI',\n missing_code: 'Missing code in the callback URI',\n },\n crypto_subtle_unavailable: 'Crypto.subtle is unavailable in insecure contexts (non-HTTPS).',\n unexpected_response_error: 'Unexpected response error from the server.',\n});\n\nexport type LogtoErrorCode = NormalizeKeyPaths<typeof logtoErrorCodes>;\n\nconst getMessageByErrorCode = (errorCode: LogtoErrorCode): string => {\n // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment\n const message = get(logtoErrorCodes, errorCode);\n\n if (typeof message === 'string') {\n return message;\n }\n\n return errorCode;\n};\n\nexport class LogtoError extends Error {\n code: LogtoErrorCode;\n data: unknown;\n\n constructor(code: LogtoErrorCode, data?: unknown) {\n super(getMessageByErrorCode(code));\n this.code = code;\n this.data = data;\n }\n}\n\nexport const isLogtoRequestError = (data: unknown): data is { code: string; message: string } => {\n if (!isArbitraryObject(data)) {\n return false;\n }\n\n return typeof data.code === 'string' && typeof data.message === 'string';\n};\n\nexport class LogtoRequestError extends Error {\n code: string;\n\n constructor(code: string, message: string) {\n super(message);\n this.code = code;\n }\n}\n\nexport class OidcError {\n constructor(public error: string, public errorDescription?: string) {}\n}\n","export const isArbitraryObject = (data: unknown): data is Record<string, unknown> =>\n typeof data === 'object' && data !== null;\n","import type { Nullable } from '@silverhand/essentials';\nimport { urlSafeBase64 } from '@silverhand/essentials';\nimport type { JWTVerifyGetKey } from 'jose';\nimport { jwtVerify } from 'jose';\n\nimport { isArbitraryObject } from './arbitrary-object';\nimport { LogtoError } from './errors';\n\nconst issuedAtTimeTolerance = 60;\n\nexport type IdTokenClaims = {\n iss: string;\n sub: string;\n aud: string;\n exp: number;\n iat: number;\n at_hash?: Nullable<string>;\n name?: Nullable<string>;\n username?: Nullable<string>;\n picture?: Nullable<string>;\n email?: Nullable<string>;\n email_verified?: boolean;\n phone_number?: Nullable<string>;\n phone_number_verified?: boolean;\n};\n\n/* eslint-disable complexity */\n/**\n * @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\n */\nfunction assertIdTokenClaims(data: unknown): asserts data is IdTokenClaims {\n if (!isArbitraryObject(data)) {\n throw new TypeError('IdToken is expected to be an object');\n }\n\n for (const key of ['iss', 'sub', 'aud']) {\n if (typeof data[key] !== 'string') {\n throw new TypeError(`At path: IdToken.${key}: expected a string`);\n }\n }\n\n for (const key of ['exp', 'iat']) {\n if (typeof data[key] !== 'number') {\n throw new TypeError(`At path: IdToken.${key}: expected a number`);\n }\n }\n\n for (const key of ['at_hash', 'name', 'username', 'picture', 'email', 'phone_number']) {\n if (data[key] === undefined) {\n continue;\n }\n\n if (typeof data[key] !== 'string' && data[key] !== null) {\n throw new TypeError(`At path: IdToken.${key}: expected null or a string`);\n }\n }\n\n for (const key of ['email_verified', 'phone_number_verified']) {\n if (data[key] === undefined) {\n continue;\n }\n\n if (typeof data[key] !== 'boolean') {\n throw new TypeError(`At path: IdToken.${key}: expected a boolean`);\n }\n }\n}\n/* eslint-enable complexity */\n\nexport const verifyIdToken = async (\n idToken: string,\n clientId: string,\n issuer: string,\n jwks: JWTVerifyGetKey\n) => {\n const result = await jwtVerify(idToken, jwks, { audience: clientId, issuer });\n\n if (Math.abs((result.payload.iat ?? 0) - Date.now() / 1000) > issuedAtTimeTolerance) {\n throw new LogtoError('id_token.invalid_iat');\n }\n};\n\nexport const decodeIdToken = (token: string): IdTokenClaims => {\n const { 1: encodedPayload } = token.split('.');\n\n if (!encodedPayload) {\n throw new LogtoError('id_token.invalid_token');\n }\n\n const json = urlSafeBase64.decode(encodedPayload);\n const idTokenClaims: unknown = JSON.parse(json);\n assertIdTokenClaims(idTokenClaims);\n\n return idTokenClaims;\n};\n","import { ReservedScope, UserScope } from '../consts';\n\n/**\n * @param originalScopes\n * @return scopes should contain all default scopes (`openid`, `offline_access` and `profile`)\n */\nexport const withDefaultScopes = (originalScopes?: string[]): string => {\n const reservedScopes = Object.values(ReservedScope);\n const uniqueScopes = new Set([...reservedScopes, UserScope.Profile, ...(originalScopes ?? [])]);\n\n return Array.from(uniqueScopes).join(' ');\n};\n","import { QueryKey } from '../consts';\n\ntype SignOutUriParameters = {\n endSessionEndpoint: string;\n clientId: string;\n postLogoutRedirectUri?: string;\n};\n\nexport const generateSignOutUri = ({\n endSessionEndpoint,\n clientId,\n postLogoutRedirectUri,\n}: SignOutUriParameters) => {\n const urlSearchParameters = new URLSearchParams({ [QueryKey.ClientId]: clientId });\n\n if (postLogoutRedirectUri) {\n urlSearchParameters.append(QueryKey.PostLogoutRedirectUri, postLogoutRedirectUri);\n }\n\n return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;\n};\n","import type { Nullable } from '@silverhand/essentials';\n\nimport type { Requester } from '../types';\n\ntype Identity = {\n userId: string;\n details?: Record<string, unknown>;\n};\n\nexport type UserInfoResponse = {\n sub: string;\n name?: Nullable<string>;\n username?: Nullable<string>;\n picture?: Nullable<string>;\n email?: Nullable<string>;\n email_verified?: boolean;\n phone_number?: Nullable<string>;\n phone_number_verified?: boolean;\n custom_data?: unknown; // Not null in DB.\n identities?: Record<string, Identity>; // Not null in DB.\n};\n\nexport const fetchUserInfo = async (\n userInfoEndpoint: string,\n accessToken: string,\n requester: Requester\n): Promise<UserInfoResponse> =>\n requester<UserInfoResponse>(userInfoEndpoint, {\n headers: { Authorization: `Bearer ${accessToken}` },\n });\n","export type LogtoRequestErrorBody = {\n code: string;\n message: string;\n};\n\nexport type Requester = <T>(...args: Parameters<typeof fetch>) => Promise<T>;\n"],"names":[],"version":3,"file":"index.js.map"}
1
+ {"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AEAA;;;;;;;;;ACAO,MAAM,4CAAc;IACzB,gBAAgB;QAAE,gBAAgB;IAAoC;AACxE;IAEO;UAAK,cAAc;IAAd,eACV,uBAAoB;IADV,eAEV,kBAAe;GAFL,8CAAA;IAKL;UAAK,QAAQ;IAAR,SACV,cAAW;IADD,SAEV,UAAO;IAFG,SAGV,mBAAgB;IAHN,SAIV,yBAAsB;IAJZ,SAKV,kBAAe;IALL,SAMV,WAAQ;IANE,SAOV,sBAAmB;IAPT,SAQV,eAAY;IARF,SASV,aAAU;IATA,SAUV,iBAAc;IAVJ,SAWV,2BAAwB;IAXd,SAYV,YAAS;IAZC,SAaV,iBAAc;IAbJ,SAcV,kBAAe;IAdL,SAeV,cAAW;IAfD,SAgBV,kBAAe;IAhBL,SAiBV,WAAQ;IAjBE,SAkBV,WAAQ;IAlBE,SAmBV,WAAQ;IAnBE,SAoBV,2DAA2D;IAC3D,qBAAkB;GArBR,8CAAA;IAwBL;UAAK,MAAM;IAAN,OACV,aAAU;IADA,OAEV,WAAQ;GAFE,8CAAA;IAML;UAAK,aAAa;IAAb,cACV,YAAS;IADC,cAEV,mBAAgB;GAFN,6CAAA;IAQL;UAAK,SAAS;IAAT,UACV;;;;GAIC,GACD,aAAU;IANA,UAOV;;;;GAIC,GACD,WAAQ;IAZE,UAaV;;;;GAIC,GACD,WAAQ;IAlBE,UAmBV;;;;GAIC,GACD,gBAAa;IAxBH,UAyBV;;;;GAIC,GACD,gBAAa;GA9BH,8CAAA;;;ADJL,MAAM,4CAAgC,OAC3C,YACE,SAAQ,iBACR,cAAa,eACb,YAAW,gBACX,aAAY,QACZ,KAAI,YACJ,SAAQ,EACgC,EAC1C,YAC+B;IAC/B,MAAM,aAAa,IAAI;IACvB,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,EAAE;IACrC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,IAAI,EAAE;IACjC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,YAAY,EAAE;IACzC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,WAAW,EAAE;IACxC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,SAAS,EAAE,CAAA,GAAA,yCAAc,AAAD,EAAE,iBAAiB;IAEtE,IAAI,UACF,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,QAAQ,EAAE;IAGvC,MAAM,6BAA6B,MAAM,UAAsC,eAAe;QAC5F,QAAQ;QACR,SAAS,CAAA,GAAA,yCAAW,AAAD,EAAE,cAAc;QACnC,MAAM;IACR;IAEA,OAAO,CAAA,GAAA,8CAAY,EAAE;AACvB;AAEO,MAAM,4CAA2B,OACtC,YAAE,SAAQ,iBAAE,cAAa,gBAAE,aAAY,YAAE,SAAQ,UAAE,OAAM,EAAsC,EAC/F,YACuC;IACvC,MAAM,aAAa,IAAI;IACvB,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,EAAE;IACrC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,YAAY,EAAE;IACzC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,SAAS,EAAE,CAAA,GAAA,yCAAc,AAAD,EAAE,YAAY;IAEjE,IAAI,UACF,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,QAAQ,EAAE;IAGvC,IAAI,QAAQ,QACV,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,EAAE,OAAO,IAAI,CAAC;IAGhD,MAAM,qCAAqC,MAAM,UAC/C,eACA;QACE,QAAQ;QACR,SAAS,CAAA,GAAA,yCAAW,AAAD,EAAE,cAAc;QACnC,MAAM;IACR;IAGF,OAAO,CAAA,GAAA,8CAAY,EAAE;AACvB;;ADrGA;;;;;AGAA;AAeO,MAAM,4CAAgB;AAItB,MAAM,4CAAkB,OAC7B,UACA,YAEA,CAAA,GAAA,8CAAa,AAAD,EAAE,MAAM,UAAuC;;;;;;ACvB7D;AAGO,MAAM,4CAAS,OACpB,oBACA,UACA,OACA,YAEA,UAAgB,oBAAoB;QAClC,QAAQ;QACR,SAAS,CAAA,GAAA,yCAAW,AAAD,EAAE,cAAc;QACnC,MAAM,IAAI,gBAAgB;YACxB,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,CAAC,EAAE;YACrB,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,CAAC,EAAE;QACpB;IACF;;;;;;AChBF;;;;;;AEAA;;;;;;;;ACAA;;;;ACAO,MAAM,4CAAoB,CAAC,OAChC,OAAO,SAAS,YAAY,SAAS,IAAI;;;ADI3C,MAAM,wCAAkB,OAAO,MAAM,CAAC;IACpC,UAAU;QACR,aAAa;QACb,eAAe;IACjB;IACA,2BAA2B;QACzB,yBAAyB;QACzB,aAAa;QACb,eAAe;QACf,kBAAkB;QAClB,cAAc;IAChB;IACA,2BAA2B;IAC3B,2BAA2B;AAC7B;AAIA,MAAM,8CAAwB,CAAC,YAAsC;IACnE,mEAAmE;IACnE,MAAM,UAAU,CAAA,GAAA,0CAAE,EAAE,uCAAiB;IAErC,IAAI,OAAO,YAAY,UACrB,OAAO;IAGT,OAAO;AACT;AAEO,MAAM,kDAAmB;IAI9B,YAAY,IAAoB,EAAE,IAAc,CAAE;QAChD,KAAK,CAAC,4CAAsB;QAC5B,IAAI,CAAC,IAAI,GAAG;QACZ,IAAI,CAAC,IAAI,GAAG;IACd;AACF;AAEO,MAAM,4CAAsB,CAAC,OAA6D;IAC/F,IAAI,CAAC,CAAA,GAAA,yCAAiB,AAAD,EAAE,OACrB,OAAO,KAAK;IAGd,OAAO,OAAO,KAAK,IAAI,KAAK,YAAY,OAAO,KAAK,OAAO,KAAK;AAClE;AAEO,MAAM,kDAA0B;IAGrC,YAAY,IAAY,EAAE,OAAe,CAAE;QACzC,KAAK,CAAC;QACN,IAAI,CAAC,IAAI,GAAG;IACd;AACF;AAEO,MAAM;IACX,YAAmB,OAAsB,iBAA2B;qBAAjD;gCAAsB;IAA4B;AACvE;;;AD3DO,MAAM,4CAAqB,CAAC,MAAgB;IACjD,MAAM,GAAG,cAAc,EAAE,CAAC,GAAG,IAAI,KAAK,CAAC;IAEvC,OAAO,IAAI,gBAAgB;AAC7B;AAEO,MAAM,4CAAoC,CAC/C,aACA,aACA,QACG;IACH,IAAI,CAAC,YAAY,UAAU,CAAC,cAC1B,MAAM,IAAI,CAAA,GAAA,yCAAU,AAAD,EAAE,qDAAqD;IAE5E,MAAM,gBAAgB,0CAAmB;IAEzC,MAAM,QAAQ,CAAA,GAAA,uCAAU,EAAE,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,KAAK;IAC1D,MAAM,mBAAmB,CAAA,GAAA,uCAAU,EAAE,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,gBAAgB;IAEhF,IAAI,OACF,MAAM,IAAI,CAAA,GAAA,yCAAU,AAAD,EACjB,yCACA,IAAI,CAAA,GAAA,yCAAS,AAAD,EAAE,OAAO,mBACrB;IAGJ,MAAM,uBAAuB,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK;IAE7D,IAAI,CAAC,sBACH,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,2CAA2C;IAGlE,IAAI,yBAAyB,OAC3B,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,8CAA8C;IAGrE,MAAM,OAAO,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAO,EAAE,IAAI;IAE5C,IAAI,CAAC,MACH,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,0CAA0C;IAGjE,OAAO;AACT;;ADhDA;;;;;;AIAA;;;;AAQA,MAAM,8CAAwB;AAkB9B,6BAA6B,GAC7B;;CAEC,GACD,SAAS,0CAAoB,IAAa,EAAiC;IACzE,IAAI,CAAC,CAAA,GAAA,yCAAgB,EAAE,OACrB,MAAM,IAAI,UAAU,uCAAuC;IAG7D,KAAK,MAAM,OAAO;QAAC;QAAO;QAAO;KAAM,CAAE;QACvC,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,UACvB,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,mBAAmB,CAAC,EAAE;IAEtE;IAEA,KAAK,MAAM,OAAO;QAAC;QAAO;KAAM,CAAE;QAChC,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,UACvB,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,mBAAmB,CAAC,EAAE;IAEtE;IAEA,KAAK,MAAM,OAAO;QAAC;QAAW;QAAQ;QAAY;QAAW;QAAS;KAAe,CAAE;QACrF,IAAI,IAAI,CAAC,IAAI,KAAK,WAChB,QAAS;QAGX,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,YAAY,IAAI,CAAC,IAAI,KAAK,IAAI,EACrD,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,2BAA2B,CAAC,EAAE;IAE9E;IAEA,KAAK,MAAM,OAAO;QAAC;QAAkB;KAAwB,CAAE;QAC7D,IAAI,IAAI,CAAC,IAAI,KAAK,WAChB,QAAS;QAGX,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,WACvB,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,oBAAoB,CAAC,EAAE;IAEvE;AACF;AAGO,MAAM,4CAAgB,OAC3B,SACA,UACA,QACA,OACG;IACH,MAAM,SAAS,MAAM,CAAA,GAAA,qBAAQ,EAAE,SAAS,MAAM;QAAE,UAAU;gBAAU;IAAO;IAE3E,IAAI,KAAK,GAAG,CAAC,AAAC,CAAA,OAAO,OAAO,CAAC,GAAG,IAAI,CAAA,IAAK,KAAK,GAAG,KAAK,QAAQ,6CAC5D,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,wBAAwB;AAEjD;AAEO,MAAM,4CAAgB,CAAC,QAAiC;IAC7D,MAAM,EAAE,GAAG,eAAc,EAAE,GAAG,MAAM,KAAK,CAAC;IAE1C,IAAI,CAAC,gBACH,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,0BAA0B;IAGjD,MAAM,OAAO,CAAA,GAAA,yCAAa,AAAD,EAAE,MAAM,CAAC;IAClC,MAAM,gBAAyB,KAAK,KAAK,CAAC;IAC1C,0CAAoB;IAEpB,OAAO;AACT;;;;;;AC9FA;AAMO,MAAM,4CAAoB,CAAC,iBAAsC;IACtE,MAAM,iBAAiB,OAAO,MAAM,CAAC,CAAA,GAAA,wCAAa,AAAD;IACjD,MAAM,eAAe,IAAI,IAAI;WAAI;QAAgB,CAAA,GAAA,yCAAS,AAAD,EAAE,OAAO;WAAM,kBAAkB,EAAE;KAAE;IAE9F,OAAO,MAAM,IAAI,CAAC,cAAc,IAAI,CAAC;AACvC;;;;;;;;;;;ANPA,MAAM,4CAAsB;AAC5B,MAAM,qCAAe;AAcd,MAAM,4CAAoB,CAAC,yBAChC,sBAAqB,YACrB,SAAQ,eACR,YAAW,iBACX,cAAa,SACb,MAAK,UACL,OAAM,aACN,UAAS,UACT,OAAM,mBACN,gBAAe,EACK,GAAK;IACzB,MAAM,sBAAsB,IAAI,gBAAgB;QAC9C,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,CAAC,EAAE;QACrB,CAAC,CAAA,GAAA,yCAAO,EAAE,WAAW,CAAC,EAAE;QACxB,CAAC,CAAA,GAAA,yCAAO,EAAE,aAAa,CAAC,EAAE;QAC1B,CAAC,CAAA,GAAA,yCAAO,EAAE,mBAAmB,CAAC,EAAE;QAChC,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,CAAC,EAAE;QAClB,CAAC,CAAA,GAAA,yCAAO,EAAE,YAAY,CAAC,EAAE;QACzB,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,MAAM,CAAC,EAAE,UAAU,CAAA,GAAA,yCAAM,AAAD,EAAE,OAAO;QAC3C,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,CAAC,EAAE,CAAA,GAAA,yCAAiB,AAAD,EAAE;IACtC;IAEA,KAAK,MAAM,YAAY,aAAa,EAAE,CACpC,oBAAoB,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,EAAE;IAGhD,qEAAqE;IACrE,IAAI,iBACF,oBAAoB,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,eAAe,EAAE;IAGvD,OAAO,CAAC,EAAE,sBAAsB,CAAC,EAAE,oBAAoB,QAAQ,GAAG,CAAC;AACrE;;;;;;AOnDA;AAQO,MAAM,4CAAqB,CAAC,sBACjC,mBAAkB,YAClB,SAAQ,yBACR,sBAAqB,EACA,GAAK;IAC1B,MAAM,sBAAsB,IAAI,gBAAgB;QAAE,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,CAAC,EAAE;IAAS;IAEhF,IAAI,uBACF,oBAAoB,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,qBAAqB,EAAE;IAG7D,OAAO,CAAC,EAAE,mBAAmB,CAAC,EAAE,oBAAoB,QAAQ,GAAG,CAAC;AAClE;;;;;;ACEO,MAAM,4CAAgB,OAC3B,kBACA,aACA,YAEA,UAA4B,kBAAkB;QAC5C,SAAS;YAAE,eAAe,CAAC,OAAO,EAAE,YAAY,CAAC;QAAC;IACpD;;;;;;;;;;Ad7BF,wBAAwB,GACxB;;;;;","sources":["packages/js/src/index.ts","packages/js/src/core/index.ts","packages/js/src/core/fetch-token.ts","packages/js/src/consts/index.ts","packages/js/src/core/oidc-config.ts","packages/js/src/core/revoke.ts","packages/js/src/core/sign-in.ts","packages/js/src/utils/index.ts","packages/js/src/utils/callback-uri.ts","packages/js/src/utils/errors.ts","packages/js/src/utils/arbitrary-object.ts","packages/js/src/utils/id-token.ts","packages/js/src/utils/scopes.ts","packages/js/src/core/sign-out.ts","packages/js/src/core/user-info.ts","packages/js/src/types/index.ts"],"sourcesContent":["/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\nexport * from './types';\n","export * from './fetch-token';\nexport * from './oidc-config';\nexport * from './revoke';\nexport * from './sign-in';\nexport * from './sign-out';\nexport * from './user-info';\n","import type { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { ContentType, QueryKey, TokenGrantType } from '../consts';\nimport type { Requester } from '../types';\n\nexport type FetchTokenByAuthorizationCodeParameters = {\n clientId: string;\n tokenEndpoint: string;\n redirectUri: string;\n codeVerifier: string;\n code: string;\n resource?: string;\n};\n\nexport type FetchTokenByRefreshTokenParameters = {\n clientId: string;\n tokenEndpoint: string;\n refreshToken: string;\n resource?: string;\n scopes?: string[];\n};\n\ntype SnakeCaseCodeTokenResponse = {\n access_token: string;\n refresh_token?: string;\n id_token: string;\n scope: string;\n expires_in: number;\n};\n\nexport type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;\n\ntype SnakeCaseRefreshTokenTokenResponse = {\n access_token: string;\n refresh_token: string;\n id_token?: string;\n scope: string;\n expires_in: number;\n};\n\nexport type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;\n\nexport const fetchTokenByAuthorizationCode = async (\n {\n clientId,\n tokenEndpoint,\n redirectUri,\n codeVerifier,\n code,\n resource,\n }: FetchTokenByAuthorizationCodeParameters,\n requester: Requester\n): Promise<CodeTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.Code, code);\n parameters.append(QueryKey.CodeVerifier, codeVerifier);\n parameters.append(QueryKey.RedirectUri, redirectUri);\n parameters.append(QueryKey.GrantType, TokenGrantType.AuthorizationCode);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n const snakeCaseCodeTokenResponse = await requester<SnakeCaseCodeTokenResponse>(tokenEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n });\n\n return camelcaseKeys(snakeCaseCodeTokenResponse);\n};\n\nexport const fetchTokenByRefreshToken = async (\n { clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters,\n requester: Requester\n): Promise<RefreshTokenTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.RefreshToken, refreshToken);\n parameters.append(QueryKey.GrantType, TokenGrantType.RefreshToken);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n if (scopes?.length) {\n parameters.append(QueryKey.Scope, scopes.join(' '));\n }\n\n const snakeCaseRefreshTokenTokenResponse = await requester<SnakeCaseRefreshTokenTokenResponse>(\n tokenEndpoint,\n {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n }\n );\n\n return camelcaseKeys(snakeCaseRefreshTokenTokenResponse);\n};\n","export const ContentType = {\n formUrlEncoded: { 'Content-Type': 'application/x-www-form-urlencoded' },\n};\n\nexport enum TokenGrantType {\n AuthorizationCode = 'authorization_code',\n RefreshToken = 'refresh_token',\n}\n\nexport enum QueryKey {\n ClientId = 'client_id',\n Code = 'code',\n CodeChallenge = 'code_challenge',\n CodeChallengeMethod = 'code_challenge_method',\n CodeVerifier = 'code_verifier',\n Error = 'error',\n ErrorDescription = 'error_description',\n GrantType = 'grant_type',\n IdToken = 'id_token',\n IdTokenHint = 'id_token_hint',\n PostLogoutRedirectUri = 'post_logout_redirect_uri',\n Prompt = 'prompt',\n RedirectUri = 'redirect_uri',\n RefreshToken = 'refresh_token',\n Resource = 'resource',\n ResponseType = 'response_type',\n Scope = 'scope',\n State = 'state',\n Token = 'token',\n // Need to align with the OIDC extraParams settings in core\n InteractionMode = 'interaction_mode',\n}\n\nexport enum Prompt {\n Consent = 'consent',\n Login = 'login',\n}\n\n// TODO: @sijie @charles find a proper way to sync scopes constants with core\nexport enum ReservedScope {\n OpenId = 'openid',\n OfflineAccess = 'offline_access',\n}\n\n/**\n * Scopes for ID Token and Userinfo Endpoint.\n */\nexport enum UserScope {\n /**\n * Scope for basic user info.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Profile = 'profile',\n /**\n * Scope for user email address.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Email = 'email',\n /**\n * Scope for user phone number.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Phone = 'phone',\n /**\n * Scope for user's custom data.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n CustomData = 'custom_data',\n /**\n * Scope for user's social identity details.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Identities = 'identities',\n}\n","import type { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport type { Requester } from '../types';\n\ntype OidcConfigSnakeCaseResponse = {\n authorization_endpoint: string;\n token_endpoint: string;\n userinfo_endpoint: string;\n end_session_endpoint: string;\n revocation_endpoint: string;\n jwks_uri: string;\n issuer: string;\n};\n\nexport const discoveryPath = '/oidc/.well-known/openid-configuration';\n\nexport type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;\n\nexport const fetchOidcConfig = async (\n endpoint: string,\n requester: Requester\n): Promise<OidcConfigResponse> =>\n camelcaseKeys(await requester<OidcConfigSnakeCaseResponse>(endpoint));\n","import { ContentType, QueryKey } from '../consts';\nimport type { Requester } from '../types';\n\nexport const revoke = async (\n revocationEndpoint: string,\n clientId: string,\n token: string,\n requester: Requester\n): Promise<void> =>\n requester<void>(revocationEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.Token]: token,\n }),\n });\n","import { Prompt, QueryKey } from '../consts';\nimport type { InteractionMode } from '../types';\nimport { withDefaultScopes } from '../utils';\n\nconst codeChallengeMethod = 'S256';\nconst responseType = 'code';\n\nexport type SignInUriParameters = {\n authorizationEndpoint: string;\n clientId: string;\n redirectUri: string;\n codeChallenge: string;\n state: string;\n scopes?: string[];\n resources?: string[];\n prompt?: Prompt;\n interactionMode?: InteractionMode;\n};\n\nexport const generateSignInUri = ({\n authorizationEndpoint,\n clientId,\n redirectUri,\n codeChallenge,\n state,\n scopes,\n resources,\n prompt,\n interactionMode,\n}: SignInUriParameters) => {\n const urlSearchParameters = new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.RedirectUri]: redirectUri,\n [QueryKey.CodeChallenge]: codeChallenge,\n [QueryKey.CodeChallengeMethod]: codeChallengeMethod,\n [QueryKey.State]: state,\n [QueryKey.ResponseType]: responseType,\n [QueryKey.Prompt]: prompt ?? Prompt.Consent,\n [QueryKey.Scope]: withDefaultScopes(scopes),\n });\n\n for (const resource of resources ?? []) {\n urlSearchParameters.append(QueryKey.Resource, resource);\n }\n\n // Set interactionMode to signUp for a create account user experience\n if (interactionMode) {\n urlSearchParameters.append(QueryKey.InteractionMode, interactionMode);\n }\n\n return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export * from './callback-uri';\nexport * from './errors';\nexport * from './id-token';\nexport * from './scopes';\nexport * from './arbitrary-object';\n","import { conditional } from '@silverhand/essentials';\n\nimport { QueryKey } from '../consts';\nimport { LogtoError, OidcError } from './errors';\n\nexport const parseUriParameters = (uri: string) => {\n const [, queryString = ''] = uri.split('?');\n\n return new URLSearchParams(queryString);\n};\n\nexport const verifyAndParseCodeFromCallbackUri = (\n callbackUri: string,\n redirectUri: string,\n state: string\n) => {\n if (!callbackUri.startsWith(redirectUri)) {\n throw new LogtoError('callback_uri_verification.redirect_uri_mismatched');\n }\n const uriParameters = parseUriParameters(callbackUri);\n\n const error = conditional(uriParameters.get(QueryKey.Error));\n const errorDescription = conditional(uriParameters.get(QueryKey.ErrorDescription));\n\n if (error) {\n throw new LogtoError(\n 'callback_uri_verification.error_found',\n new OidcError(error, errorDescription)\n );\n }\n\n const stateFromCallbackUri = uriParameters.get(QueryKey.State);\n\n if (!stateFromCallbackUri) {\n throw new LogtoError('callback_uri_verification.missing_state');\n }\n\n if (stateFromCallbackUri !== state) {\n throw new LogtoError('callback_uri_verification.state_mismatched');\n }\n\n const code = uriParameters.get(QueryKey.Code);\n\n if (!code) {\n throw new LogtoError('callback_uri_verification.missing_code');\n }\n\n return code;\n};\n","import type { NormalizeKeyPaths } from '@silverhand/essentials';\nimport get from 'lodash.get';\n\nimport { isArbitraryObject } from './arbitrary-object';\n\nconst logtoErrorCodes = Object.freeze({\n id_token: {\n invalid_iat: 'Invalid issued at time in the ID token',\n invalid_token: 'Invalid ID token',\n },\n callback_uri_verification: {\n redirect_uri_mismatched: 'The callback URI mismatches the redirect URI.',\n error_found: 'Error found in the callback URI',\n missing_state: 'Missing state in the callback URI',\n state_mismatched: 'State mismatched in the callback URI',\n missing_code: 'Missing code in the callback URI',\n },\n crypto_subtle_unavailable: 'Crypto.subtle is unavailable in insecure contexts (non-HTTPS).',\n unexpected_response_error: 'Unexpected response error from the server.',\n});\n\nexport type LogtoErrorCode = NormalizeKeyPaths<typeof logtoErrorCodes>;\n\nconst getMessageByErrorCode = (errorCode: LogtoErrorCode): string => {\n // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment\n const message = get(logtoErrorCodes, errorCode);\n\n if (typeof message === 'string') {\n return message;\n }\n\n return errorCode;\n};\n\nexport class LogtoError extends Error {\n code: LogtoErrorCode;\n data: unknown;\n\n constructor(code: LogtoErrorCode, data?: unknown) {\n super(getMessageByErrorCode(code));\n this.code = code;\n this.data = data;\n }\n}\n\nexport const isLogtoRequestError = (data: unknown): data is { code: string; message: string } => {\n if (!isArbitraryObject(data)) {\n return false;\n }\n\n return typeof data.code === 'string' && typeof data.message === 'string';\n};\n\nexport class LogtoRequestError extends Error {\n code: string;\n\n constructor(code: string, message: string) {\n super(message);\n this.code = code;\n }\n}\n\nexport class OidcError {\n constructor(public error: string, public errorDescription?: string) {}\n}\n","export const isArbitraryObject = (data: unknown): data is Record<string, unknown> =>\n typeof data === 'object' && data !== null;\n","import type { Nullable } from '@silverhand/essentials';\nimport { urlSafeBase64 } from '@silverhand/essentials';\nimport type { JWTVerifyGetKey } from 'jose';\nimport { jwtVerify } from 'jose';\n\nimport { isArbitraryObject } from './arbitrary-object';\nimport { LogtoError } from './errors';\n\nconst issuedAtTimeTolerance = 60;\n\nexport type IdTokenClaims = {\n iss: string;\n sub: string;\n aud: string;\n exp: number;\n iat: number;\n at_hash?: Nullable<string>;\n name?: Nullable<string>;\n username?: Nullable<string>;\n picture?: Nullable<string>;\n email?: Nullable<string>;\n email_verified?: boolean;\n phone_number?: Nullable<string>;\n phone_number_verified?: boolean;\n};\n\n/* eslint-disable complexity */\n/**\n * @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\n */\nfunction assertIdTokenClaims(data: unknown): asserts data is IdTokenClaims {\n if (!isArbitraryObject(data)) {\n throw new TypeError('IdToken is expected to be an object');\n }\n\n for (const key of ['iss', 'sub', 'aud']) {\n if (typeof data[key] !== 'string') {\n throw new TypeError(`At path: IdToken.${key}: expected a string`);\n }\n }\n\n for (const key of ['exp', 'iat']) {\n if (typeof data[key] !== 'number') {\n throw new TypeError(`At path: IdToken.${key}: expected a number`);\n }\n }\n\n for (const key of ['at_hash', 'name', 'username', 'picture', 'email', 'phone_number']) {\n if (data[key] === undefined) {\n continue;\n }\n\n if (typeof data[key] !== 'string' && data[key] !== null) {\n throw new TypeError(`At path: IdToken.${key}: expected null or a string`);\n }\n }\n\n for (const key of ['email_verified', 'phone_number_verified']) {\n if (data[key] === undefined) {\n continue;\n }\n\n if (typeof data[key] !== 'boolean') {\n throw new TypeError(`At path: IdToken.${key}: expected a boolean`);\n }\n }\n}\n/* eslint-enable complexity */\n\nexport const verifyIdToken = async (\n idToken: string,\n clientId: string,\n issuer: string,\n jwks: JWTVerifyGetKey\n) => {\n const result = await jwtVerify(idToken, jwks, { audience: clientId, issuer });\n\n if (Math.abs((result.payload.iat ?? 0) - Date.now() / 1000) > issuedAtTimeTolerance) {\n throw new LogtoError('id_token.invalid_iat');\n }\n};\n\nexport const decodeIdToken = (token: string): IdTokenClaims => {\n const { 1: encodedPayload } = token.split('.');\n\n if (!encodedPayload) {\n throw new LogtoError('id_token.invalid_token');\n }\n\n const json = urlSafeBase64.decode(encodedPayload);\n const idTokenClaims: unknown = JSON.parse(json);\n assertIdTokenClaims(idTokenClaims);\n\n return idTokenClaims;\n};\n","import { ReservedScope, UserScope } from '../consts';\n\n/**\n * @param originalScopes\n * @return scopes should contain all default scopes (`openid`, `offline_access` and `profile`)\n */\nexport const withDefaultScopes = (originalScopes?: string[]): string => {\n const reservedScopes = Object.values(ReservedScope);\n const uniqueScopes = new Set([...reservedScopes, UserScope.Profile, ...(originalScopes ?? [])]);\n\n return Array.from(uniqueScopes).join(' ');\n};\n","import { QueryKey } from '../consts';\n\ntype SignOutUriParameters = {\n endSessionEndpoint: string;\n clientId: string;\n postLogoutRedirectUri?: string;\n};\n\nexport const generateSignOutUri = ({\n endSessionEndpoint,\n clientId,\n postLogoutRedirectUri,\n}: SignOutUriParameters) => {\n const urlSearchParameters = new URLSearchParams({ [QueryKey.ClientId]: clientId });\n\n if (postLogoutRedirectUri) {\n urlSearchParameters.append(QueryKey.PostLogoutRedirectUri, postLogoutRedirectUri);\n }\n\n return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;\n};\n","import type { Nullable } from '@silverhand/essentials';\n\nimport type { Requester } from '../types';\n\ntype Identity = {\n userId: string;\n details?: Record<string, unknown>;\n};\n\nexport type UserInfoResponse = {\n sub: string;\n name?: Nullable<string>;\n username?: Nullable<string>;\n picture?: Nullable<string>;\n email?: Nullable<string>;\n email_verified?: boolean;\n phone_number?: Nullable<string>;\n phone_number_verified?: boolean;\n custom_data?: unknown; // Not null in DB.\n identities?: Record<string, Identity>; // Not null in DB.\n};\n\nexport const fetchUserInfo = async (\n userInfoEndpoint: string,\n accessToken: string,\n requester: Requester\n): Promise<UserInfoResponse> =>\n requester<UserInfoResponse>(userInfoEndpoint, {\n headers: { Authorization: `Bearer ${accessToken}` },\n });\n","export type LogtoRequestErrorBody = {\n code: string;\n message: string;\n};\n\nexport type Requester = <T>(...args: Parameters<typeof fetch>) => Promise<T>;\n\n// Need to align with the OIDC extraParams settings in core\nexport type InteractionMode = 'signIn' | 'signUp';\n"],"names":[],"version":3,"file":"index.js.map"}
package/lib/module.d.mts CHANGED
@@ -28,7 +28,8 @@ export enum QueryKey {
28
28
  ResponseType = "response_type",
29
29
  Scope = "scope",
30
30
  State = "state",
31
- Token = "token"
31
+ Token = "token",
32
+ InteractionMode = "interaction_mode"
32
33
  }
33
34
  export enum Prompt {
34
35
  Consent = "consent",
@@ -78,6 +79,7 @@ export type LogtoRequestErrorBody = {
78
79
  message: string;
79
80
  };
80
81
  export type Requester = <T>(...args: Parameters<typeof fetch>) => Promise<T>;
82
+ export type InteractionMode = 'signIn' | 'signUp';
81
83
  export type FetchTokenByAuthorizationCodeParameters = {
82
84
  clientId: string;
83
85
  tokenEndpoint: string;
@@ -192,8 +194,9 @@ export type SignInUriParameters = {
192
194
  scopes?: string[];
193
195
  resources?: string[];
194
196
  prompt?: Prompt;
197
+ interactionMode?: InteractionMode;
195
198
  };
196
- export const generateSignInUri: ({ authorizationEndpoint, clientId, redirectUri, codeChallenge, state, scopes, resources, prompt, }: SignInUriParameters) => string;
199
+ export const generateSignInUri: ({ authorizationEndpoint, clientId, redirectUri, codeChallenge, state, scopes, resources, prompt, interactionMode, }: SignInUriParameters) => string;
197
200
  type SignOutUriParameters = {
198
201
  endSessionEndpoint: string;
199
202
  clientId: string;
package/lib/module.mjs CHANGED
@@ -67,6 +67,8 @@ let $5422b71ae76f21f1$export$65f63a8bc3cba53d;
67
67
  QueryKey["Scope"] = "scope";
68
68
  QueryKey["State"] = "state";
69
69
  QueryKey["Token"] = "token";
70
+ QueryKey[// Need to align with the OIDC extraParams settings in core
71
+ "InteractionMode"] = "interaction_mode";
70
72
  })($5422b71ae76f21f1$export$65f63a8bc3cba53d || ($5422b71ae76f21f1$export$65f63a8bc3cba53d = {}));
71
73
  let $5422b71ae76f21f1$export$83716a4aa1642908;
72
74
  (function(Prompt) {
@@ -339,7 +341,7 @@ $parcel$exportWildcard($40555044b252dc61$exports, $428623a300dc9baf$exports);
339
341
 
340
342
  const $bfba480b8ff41607$var$codeChallengeMethod = "S256";
341
343
  const $bfba480b8ff41607$var$responseType = "code";
342
- const $bfba480b8ff41607$export$b01a187f12b774c6 = ({ authorizationEndpoint: authorizationEndpoint , clientId: clientId , redirectUri: redirectUri , codeChallenge: codeChallenge , state: state , scopes: scopes , resources: resources , prompt: prompt })=>{
344
+ const $bfba480b8ff41607$export$b01a187f12b774c6 = ({ authorizationEndpoint: authorizationEndpoint , clientId: clientId , redirectUri: redirectUri , codeChallenge: codeChallenge , state: state , scopes: scopes , resources: resources , prompt: prompt , interactionMode: interactionMode })=>{
343
345
  const urlSearchParameters = new URLSearchParams({
344
346
  [(0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).ClientId]: clientId,
345
347
  [(0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).RedirectUri]: redirectUri,
@@ -351,6 +353,8 @@ const $bfba480b8ff41607$export$b01a187f12b774c6 = ({ authorizationEndpoint: auth
351
353
  [(0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).Scope]: (0, $570e2e6b31a027ff$export$3cf0748e30b766d7)(scopes)
352
354
  });
353
355
  for (const resource of resources ?? [])urlSearchParameters.append((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).Resource, resource);
356
+ // Set interactionMode to signUp for a create account user experience
357
+ if (interactionMode) urlSearchParameters.append((0, $5422b71ae76f21f1$export$65f63a8bc3cba53d).InteractionMode, interactionMode);
354
358
  return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;
355
359
  };
356
360
 
package/lib/module.mjs.map CHANGED
@@ -1 +1 @@
1
- {"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AEAA;;;;;;;;;ACAO,MAAM,4CAAc;IACzB,gBAAgB;QAAE,gBAAgB;IAAoC;AACxE;IAEO;UAAK,cAAc;IAAd,eACV,uBAAoB;IADV,eAEV,kBAAe;GAFL,8CAAA;IAKL;UAAK,QAAQ;IAAR,SACV,cAAW;IADD,SAEV,UAAO;IAFG,SAGV,mBAAgB;IAHN,SAIV,yBAAsB;IAJZ,SAKV,kBAAe;IALL,SAMV,WAAQ;IANE,SAOV,sBAAmB;IAPT,SAQV,eAAY;IARF,SASV,aAAU;IATA,SAUV,iBAAc;IAVJ,SAWV,2BAAwB;IAXd,SAYV,YAAS;IAZC,SAaV,iBAAc;IAbJ,SAcV,kBAAe;IAdL,SAeV,cAAW;IAfD,SAgBV,kBAAe;IAhBL,SAiBV,WAAQ;IAjBE,SAkBV,WAAQ;IAlBE,SAmBV,WAAQ;GAnBE,8CAAA;IAsBL;UAAK,MAAM;IAAN,OACV,aAAU;IADA,OAEV,WAAQ;GAFE,8CAAA;IAML;UAAK,aAAa;IAAb,cACV,YAAS;IADC,cAEV,mBAAgB;GAFN,6CAAA;IAQL;UAAK,SAAS;IAAT,UACV;;;;GAIC,GACD,aAAU;IANA,UAOV;;;;GAIC,GACD,WAAQ;IAZE,UAaV;;;;GAIC,GACD,WAAQ;IAlBE,UAmBV;;;;GAIC,GACD,gBAAa;IAxBH,UAyBV;;;;GAIC,GACD,gBAAa;GA9BH,8CAAA;;;ADFL,MAAM,4CAAgC,OAC3C,YACE,SAAQ,iBACR,cAAa,eACb,YAAW,gBACX,aAAY,QACZ,KAAI,YACJ,SAAQ,EACgC,EAC1C,YAC+B;IAC/B,MAAM,aAAa,IAAI;IACvB,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,EAAE;IACrC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,IAAI,EAAE;IACjC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,YAAY,EAAE;IACzC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,WAAW,EAAE;IACxC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,SAAS,EAAE,CAAA,GAAA,yCAAc,AAAD,EAAE,iBAAiB;IAEtE,IAAI,UACF,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,QAAQ,EAAE;IAGvC,MAAM,6BAA6B,MAAM,UAAsC,eAAe;QAC5F,QAAQ;QACR,SAAS,CAAA,GAAA,yCAAW,AAAD,EAAE,cAAc;QACnC,MAAM;IACR;IAEA,OAAO,CAAA,GAAA,oBAAY,EAAE;AACvB;AAEO,MAAM,4CAA2B,OACtC,YAAE,SAAQ,iBAAE,cAAa,gBAAE,aAAY,YAAE,SAAQ,UAAE,OAAM,EAAsC,EAC/F,YACuC;IACvC,MAAM,aAAa,IAAI;IACvB,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,EAAE;IACrC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,YAAY,EAAE;IACzC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,SAAS,EAAE,CAAA,GAAA,yCAAc,AAAD,EAAE,YAAY;IAEjE,IAAI,UACF,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,QAAQ,EAAE;IAGvC,IAAI,QAAQ,QACV,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,EAAE,OAAO,IAAI,CAAC;IAGhD,MAAM,qCAAqC,MAAM,UAC/C,eACA;QACE,QAAQ;QACR,SAAS,CAAA,GAAA,yCAAW,AAAD,EAAE,cAAc;QACnC,MAAM;IACR;IAGF,OAAO,CAAA,GAAA,oBAAY,EAAE;AACvB;;ADrGA;;;;;AGAA;AAeO,MAAM,4CAAgB;AAItB,MAAM,4CAAkB,OAC7B,UACA,YAEA,CAAA,GAAA,oBAAa,AAAD,EAAE,MAAM,UAAuC;;;;;;ACvB7D;AAGO,MAAM,4CAAS,OACpB,oBACA,UACA,OACA,YAEA,UAAgB,oBAAoB;QAClC,QAAQ;QACR,SAAS,CAAA,GAAA,yCAAW,AAAD,EAAE,cAAc;QACnC,MAAM,IAAI,gBAAgB;YACxB,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,CAAC,EAAE;YACrB,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,CAAC,EAAE;QACpB;IACF;;;;;;AChBF;;;;;;AEAA;;;;;;;;ACAA;;;;ACAO,MAAM,4CAAoB,CAAC,OAChC,OAAO,SAAS,YAAY,SAAS,IAAI;;;ADI3C,MAAM,wCAAkB,OAAO,MAAM,CAAC;IACpC,UAAU;QACR,aAAa;QACb,eAAe;IACjB;IACA,2BAA2B;QACzB,yBAAyB;QACzB,aAAa;QACb,eAAe;QACf,kBAAkB;QAClB,cAAc;IAChB;IACA,2BAA2B;IAC3B,2BAA2B;AAC7B;AAIA,MAAM,8CAAwB,CAAC,YAAsC;IACnE,mEAAmE;IACnE,MAAM,UAAU,CAAA,GAAA,gBAAE,EAAE,uCAAiB;IAErC,IAAI,OAAO,YAAY,UACrB,OAAO;IAGT,OAAO;AACT;AAEO,MAAM,kDAAmB;IAI9B,YAAY,IAAoB,EAAE,IAAc,CAAE;QAChD,KAAK,CAAC,4CAAsB;QAC5B,IAAI,CAAC,IAAI,GAAG;QACZ,IAAI,CAAC,IAAI,GAAG;IACd;AACF;AAEO,MAAM,4CAAsB,CAAC,OAA6D;IAC/F,IAAI,CAAC,CAAA,GAAA,yCAAiB,AAAD,EAAE,OACrB,OAAO,KAAK;IAGd,OAAO,OAAO,KAAK,IAAI,KAAK,YAAY,OAAO,KAAK,OAAO,KAAK;AAClE;AAEO,MAAM,kDAA0B;IAGrC,YAAY,IAAY,EAAE,OAAe,CAAE;QACzC,KAAK,CAAC;QACN,IAAI,CAAC,IAAI,GAAG;IACd;AACF;AAEO,MAAM;IACX,YAAmB,OAAsB,iBAA2B;qBAAjD;gCAAsB;IAA4B;AACvE;;;AD3DO,MAAM,4CAAqB,CAAC,MAAgB;IACjD,MAAM,GAAG,cAAc,EAAE,CAAC,GAAG,IAAI,KAAK,CAAC;IAEvC,OAAO,IAAI,gBAAgB;AAC7B;AAEO,MAAM,4CAAoC,CAC/C,aACA,aACA,QACG;IACH,IAAI,CAAC,YAAY,UAAU,CAAC,cAC1B,MAAM,IAAI,CAAA,GAAA,yCAAU,AAAD,EAAE,qDAAqD;IAE5E,MAAM,gBAAgB,0CAAmB;IAEzC,MAAM,QAAQ,CAAA,GAAA,kBAAU,EAAE,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,KAAK;IAC1D,MAAM,mBAAmB,CAAA,GAAA,kBAAU,EAAE,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,gBAAgB;IAEhF,IAAI,OACF,MAAM,IAAI,CAAA,GAAA,yCAAU,AAAD,EACjB,yCACA,IAAI,CAAA,GAAA,yCAAS,AAAD,EAAE,OAAO,mBACrB;IAGJ,MAAM,uBAAuB,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK;IAE7D,IAAI,CAAC,sBACH,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,2CAA2C;IAGlE,IAAI,yBAAyB,OAC3B,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,8CAA8C;IAGrE,MAAM,OAAO,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAO,EAAE,IAAI;IAE5C,IAAI,CAAC,MACH,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,0CAA0C;IAGjE,OAAO;AACT;;ADhDA;;;;;;AIAA;;;;AAQA,MAAM,8CAAwB;AAkB9B,6BAA6B,GAC7B;;CAEC,GACD,SAAS,0CAAoB,IAAa,EAAiC;IACzE,IAAI,CAAC,CAAA,GAAA,yCAAgB,EAAE,OACrB,MAAM,IAAI,UAAU,uCAAuC;IAG7D,KAAK,MAAM,OAAO;QAAC;QAAO;QAAO;KAAM,CAAE;QACvC,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,UACvB,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,mBAAmB,CAAC,EAAE;IAEtE;IAEA,KAAK,MAAM,OAAO;QAAC;QAAO;KAAM,CAAE;QAChC,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,UACvB,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,mBAAmB,CAAC,EAAE;IAEtE;IAEA,KAAK,MAAM,OAAO;QAAC;QAAW;QAAQ;QAAY;QAAW;QAAS;KAAe,CAAE;QACrF,IAAI,IAAI,CAAC,IAAI,KAAK,WAChB,QAAS;QAGX,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,YAAY,IAAI,CAAC,IAAI,KAAK,IAAI,EACrD,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,2BAA2B,CAAC,EAAE;IAE9E;IAEA,KAAK,MAAM,OAAO;QAAC;QAAkB;KAAwB,CAAE;QAC7D,IAAI,IAAI,CAAC,IAAI,KAAK,WAChB,QAAS;QAGX,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,WACvB,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,oBAAoB,CAAC,EAAE;IAEvE;AACF;AAGO,MAAM,4CAAgB,OAC3B,SACA,UACA,QACA,OACG;IACH,MAAM,SAAS,MAAM,CAAA,GAAA,gBAAQ,EAAE,SAAS,MAAM;QAAE,UAAU;gBAAU;IAAO;IAE3E,IAAI,KAAK,GAAG,CAAC,AAAC,CAAA,OAAO,OAAO,CAAC,GAAG,IAAI,CAAA,IAAK,KAAK,GAAG,KAAK,QAAQ,6CAC5D,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,wBAAwB;AAEjD;AAEO,MAAM,4CAAgB,CAAC,QAAiC;IAC7D,MAAM,EAAE,GAAG,eAAc,EAAE,GAAG,MAAM,KAAK,CAAC;IAE1C,IAAI,CAAC,gBACH,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,0BAA0B;IAGjD,MAAM,OAAO,CAAA,GAAA,oBAAa,AAAD,EAAE,MAAM,CAAC;IAClC,MAAM,gBAAyB,KAAK,KAAK,CAAC;IAC1C,0CAAoB;IAEpB,OAAO;AACT;;;;;;AC9FA;AAMO,MAAM,4CAAoB,CAAC,iBAAsC;IACtE,MAAM,iBAAiB,OAAO,MAAM,CAAC,CAAA,GAAA,wCAAa,AAAD;IACjD,MAAM,eAAe,IAAI,IAAI;WAAI;QAAgB,CAAA,GAAA,yCAAS,AAAD,EAAE,OAAO;WAAM,kBAAkB,EAAE;KAAE;IAE9F,OAAO,MAAM,IAAI,CAAC,cAAc,IAAI,CAAC;AACvC;;;;;;;;;;;ANRA,MAAM,4CAAsB;AAC5B,MAAM,qCAAe;AAad,MAAM,4CAAoB,CAAC,yBAChC,sBAAqB,YACrB,SAAQ,eACR,YAAW,iBACX,cAAa,SACb,MAAK,UACL,OAAM,aACN,UAAS,UACT,OAAM,EACc,GAAK;IACzB,MAAM,sBAAsB,IAAI,gBAAgB;QAC9C,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,CAAC,EAAE;QACrB,CAAC,CAAA,GAAA,yCAAO,EAAE,WAAW,CAAC,EAAE;QACxB,CAAC,CAAA,GAAA,yCAAO,EAAE,aAAa,CAAC,EAAE;QAC1B,CAAC,CAAA,GAAA,yCAAO,EAAE,mBAAmB,CAAC,EAAE;QAChC,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,CAAC,EAAE;QAClB,CAAC,CAAA,GAAA,yCAAO,EAAE,YAAY,CAAC,EAAE;QACzB,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,MAAM,CAAC,EAAE,UAAU,CAAA,GAAA,yCAAM,AAAD,EAAE,OAAO;QAC3C,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,CAAC,EAAE,CAAA,GAAA,yCAAiB,AAAD,EAAE;IACtC;IAEA,KAAK,MAAM,YAAY,aAAa,EAAE,CACpC,oBAAoB,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,EAAE;IAGhD,OAAO,CAAC,EAAE,sBAAsB,CAAC,EAAE,oBAAoB,QAAQ,GAAG,CAAC;AACrE;;;;;;AO3CA;AAQO,MAAM,4CAAqB,CAAC,sBACjC,mBAAkB,YAClB,SAAQ,yBACR,sBAAqB,EACA,GAAK;IAC1B,MAAM,sBAAsB,IAAI,gBAAgB;QAAE,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,CAAC,EAAE;IAAS;IAEhF,IAAI,uBACF,oBAAoB,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,qBAAqB,EAAE;IAG7D,OAAO,CAAC,EAAE,mBAAmB,CAAC,EAAE,oBAAoB,QAAQ,GAAG,CAAC;AAClE;;;;;;ACEO,MAAM,4CAAgB,OAC3B,kBACA,aACA,YAEA,UAA4B,kBAAkB;QAC5C,SAAS;YAAE,eAAe,CAAC,OAAO,EAAE,YAAY,CAAC;QAAC;IACpD;;;;;;;;;;Ad7BF,wBAAwB,GACxB;;;;;","sources":["packages/js/src/index.ts","packages/js/src/core/index.ts","packages/js/src/core/fetch-token.ts","packages/js/src/consts/index.ts","packages/js/src/core/oidc-config.ts","packages/js/src/core/revoke.ts","packages/js/src/core/sign-in.ts","packages/js/src/utils/index.ts","packages/js/src/utils/callback-uri.ts","packages/js/src/utils/errors.ts","packages/js/src/utils/arbitrary-object.ts","packages/js/src/utils/id-token.ts","packages/js/src/utils/scopes.ts","packages/js/src/core/sign-out.ts","packages/js/src/core/user-info.ts","packages/js/src/types/index.ts"],"sourcesContent":["/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\nexport * from './types';\n","export * from './fetch-token';\nexport * from './oidc-config';\nexport * from './revoke';\nexport * from './sign-in';\nexport * from './sign-out';\nexport * from './user-info';\n","import type { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { ContentType, QueryKey, TokenGrantType } from '../consts';\nimport type { Requester } from '../types';\n\nexport type FetchTokenByAuthorizationCodeParameters = {\n clientId: string;\n tokenEndpoint: string;\n redirectUri: string;\n codeVerifier: string;\n code: string;\n resource?: string;\n};\n\nexport type FetchTokenByRefreshTokenParameters = {\n clientId: string;\n tokenEndpoint: string;\n refreshToken: string;\n resource?: string;\n scopes?: string[];\n};\n\ntype SnakeCaseCodeTokenResponse = {\n access_token: string;\n refresh_token?: string;\n id_token: string;\n scope: string;\n expires_in: number;\n};\n\nexport type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;\n\ntype SnakeCaseRefreshTokenTokenResponse = {\n access_token: string;\n refresh_token: string;\n id_token?: string;\n scope: string;\n expires_in: number;\n};\n\nexport type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;\n\nexport const fetchTokenByAuthorizationCode = async (\n {\n clientId,\n tokenEndpoint,\n redirectUri,\n codeVerifier,\n code,\n resource,\n }: FetchTokenByAuthorizationCodeParameters,\n requester: Requester\n): Promise<CodeTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.Code, code);\n parameters.append(QueryKey.CodeVerifier, codeVerifier);\n parameters.append(QueryKey.RedirectUri, redirectUri);\n parameters.append(QueryKey.GrantType, TokenGrantType.AuthorizationCode);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n const snakeCaseCodeTokenResponse = await requester<SnakeCaseCodeTokenResponse>(tokenEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n });\n\n return camelcaseKeys(snakeCaseCodeTokenResponse);\n};\n\nexport const fetchTokenByRefreshToken = async (\n { clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters,\n requester: Requester\n): Promise<RefreshTokenTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.RefreshToken, refreshToken);\n parameters.append(QueryKey.GrantType, TokenGrantType.RefreshToken);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n if (scopes?.length) {\n parameters.append(QueryKey.Scope, scopes.join(' '));\n }\n\n const snakeCaseRefreshTokenTokenResponse = await requester<SnakeCaseRefreshTokenTokenResponse>(\n tokenEndpoint,\n {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n }\n );\n\n return camelcaseKeys(snakeCaseRefreshTokenTokenResponse);\n};\n","export const ContentType = {\n formUrlEncoded: { 'Content-Type': 'application/x-www-form-urlencoded' },\n};\n\nexport enum TokenGrantType {\n AuthorizationCode = 'authorization_code',\n RefreshToken = 'refresh_token',\n}\n\nexport enum QueryKey {\n ClientId = 'client_id',\n Code = 'code',\n CodeChallenge = 'code_challenge',\n CodeChallengeMethod = 'code_challenge_method',\n CodeVerifier = 'code_verifier',\n Error = 'error',\n ErrorDescription = 'error_description',\n GrantType = 'grant_type',\n IdToken = 'id_token',\n IdTokenHint = 'id_token_hint',\n PostLogoutRedirectUri = 'post_logout_redirect_uri',\n Prompt = 'prompt',\n RedirectUri = 'redirect_uri',\n RefreshToken = 'refresh_token',\n Resource = 'resource',\n ResponseType = 'response_type',\n Scope = 'scope',\n State = 'state',\n Token = 'token',\n}\n\nexport enum Prompt {\n Consent = 'consent',\n Login = 'login',\n}\n\n// TODO: @sijie @charles find a proper way to sync scopes constants with core\nexport enum ReservedScope {\n OpenId = 'openid',\n OfflineAccess = 'offline_access',\n}\n\n/**\n * Scopes for ID Token and Userinfo Endpoint.\n */\nexport enum UserScope {\n /**\n * Scope for basic user info.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Profile = 'profile',\n /**\n * Scope for user email address.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Email = 'email',\n /**\n * Scope for user phone number.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Phone = 'phone',\n /**\n * Scope for user's custom data.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n CustomData = 'custom_data',\n /**\n * Scope for user's social identity details.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Identities = 'identities',\n}\n","import type { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport type { Requester } from '../types';\n\ntype OidcConfigSnakeCaseResponse = {\n authorization_endpoint: string;\n token_endpoint: string;\n userinfo_endpoint: string;\n end_session_endpoint: string;\n revocation_endpoint: string;\n jwks_uri: string;\n issuer: string;\n};\n\nexport const discoveryPath = '/oidc/.well-known/openid-configuration';\n\nexport type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;\n\nexport const fetchOidcConfig = async (\n endpoint: string,\n requester: Requester\n): Promise<OidcConfigResponse> =>\n camelcaseKeys(await requester<OidcConfigSnakeCaseResponse>(endpoint));\n","import { ContentType, QueryKey } from '../consts';\nimport type { Requester } from '../types';\n\nexport const revoke = async (\n revocationEndpoint: string,\n clientId: string,\n token: string,\n requester: Requester\n): Promise<void> =>\n requester<void>(revocationEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.Token]: token,\n }),\n });\n","import { Prompt, QueryKey } from '../consts';\nimport { withDefaultScopes } from '../utils';\n\nconst codeChallengeMethod = 'S256';\nconst responseType = 'code';\n\nexport type SignInUriParameters = {\n authorizationEndpoint: string;\n clientId: string;\n redirectUri: string;\n codeChallenge: string;\n state: string;\n scopes?: string[];\n resources?: string[];\n prompt?: Prompt;\n};\n\nexport const generateSignInUri = ({\n authorizationEndpoint,\n clientId,\n redirectUri,\n codeChallenge,\n state,\n scopes,\n resources,\n prompt,\n}: SignInUriParameters) => {\n const urlSearchParameters = new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.RedirectUri]: redirectUri,\n [QueryKey.CodeChallenge]: codeChallenge,\n [QueryKey.CodeChallengeMethod]: codeChallengeMethod,\n [QueryKey.State]: state,\n [QueryKey.ResponseType]: responseType,\n [QueryKey.Prompt]: prompt ?? Prompt.Consent,\n [QueryKey.Scope]: withDefaultScopes(scopes),\n });\n\n for (const resource of resources ?? []) {\n urlSearchParameters.append(QueryKey.Resource, resource);\n }\n\n return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export * from './callback-uri';\nexport * from './errors';\nexport * from './id-token';\nexport * from './scopes';\nexport * from './arbitrary-object';\n","import { conditional } from '@silverhand/essentials';\n\nimport { QueryKey } from '../consts';\nimport { LogtoError, OidcError } from './errors';\n\nexport const parseUriParameters = (uri: string) => {\n const [, queryString = ''] = uri.split('?');\n\n return new URLSearchParams(queryString);\n};\n\nexport const verifyAndParseCodeFromCallbackUri = (\n callbackUri: string,\n redirectUri: string,\n state: string\n) => {\n if (!callbackUri.startsWith(redirectUri)) {\n throw new LogtoError('callback_uri_verification.redirect_uri_mismatched');\n }\n const uriParameters = parseUriParameters(callbackUri);\n\n const error = conditional(uriParameters.get(QueryKey.Error));\n const errorDescription = conditional(uriParameters.get(QueryKey.ErrorDescription));\n\n if (error) {\n throw new LogtoError(\n 'callback_uri_verification.error_found',\n new OidcError(error, errorDescription)\n );\n }\n\n const stateFromCallbackUri = uriParameters.get(QueryKey.State);\n\n if (!stateFromCallbackUri) {\n throw new LogtoError('callback_uri_verification.missing_state');\n }\n\n if (stateFromCallbackUri !== state) {\n throw new LogtoError('callback_uri_verification.state_mismatched');\n }\n\n const code = uriParameters.get(QueryKey.Code);\n\n if (!code) {\n throw new LogtoError('callback_uri_verification.missing_code');\n }\n\n return code;\n};\n","import type { NormalizeKeyPaths } from '@silverhand/essentials';\nimport get from 'lodash.get';\n\nimport { isArbitraryObject } from './arbitrary-object';\n\nconst logtoErrorCodes = Object.freeze({\n id_token: {\n invalid_iat: 'Invalid issued at time in the ID token',\n invalid_token: 'Invalid ID token',\n },\n callback_uri_verification: {\n redirect_uri_mismatched: 'The callback URI mismatches the redirect URI.',\n error_found: 'Error found in the callback URI',\n missing_state: 'Missing state in the callback URI',\n state_mismatched: 'State mismatched in the callback URI',\n missing_code: 'Missing code in the callback URI',\n },\n crypto_subtle_unavailable: 'Crypto.subtle is unavailable in insecure contexts (non-HTTPS).',\n unexpected_response_error: 'Unexpected response error from the server.',\n});\n\nexport type LogtoErrorCode = NormalizeKeyPaths<typeof logtoErrorCodes>;\n\nconst getMessageByErrorCode = (errorCode: LogtoErrorCode): string => {\n // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment\n const message = get(logtoErrorCodes, errorCode);\n\n if (typeof message === 'string') {\n return message;\n }\n\n return errorCode;\n};\n\nexport class LogtoError extends Error {\n code: LogtoErrorCode;\n data: unknown;\n\n constructor(code: LogtoErrorCode, data?: unknown) {\n super(getMessageByErrorCode(code));\n this.code = code;\n this.data = data;\n }\n}\n\nexport const isLogtoRequestError = (data: unknown): data is { code: string; message: string } => {\n if (!isArbitraryObject(data)) {\n return false;\n }\n\n return typeof data.code === 'string' && typeof data.message === 'string';\n};\n\nexport class LogtoRequestError extends Error {\n code: string;\n\n constructor(code: string, message: string) {\n super(message);\n this.code = code;\n }\n}\n\nexport class OidcError {\n constructor(public error: string, public errorDescription?: string) {}\n}\n","export const isArbitraryObject = (data: unknown): data is Record<string, unknown> =>\n typeof data === 'object' && data !== null;\n","import type { Nullable } from '@silverhand/essentials';\nimport { urlSafeBase64 } from '@silverhand/essentials';\nimport type { JWTVerifyGetKey } from 'jose';\nimport { jwtVerify } from 'jose';\n\nimport { isArbitraryObject } from './arbitrary-object';\nimport { LogtoError } from './errors';\n\nconst issuedAtTimeTolerance = 60;\n\nexport type IdTokenClaims = {\n iss: string;\n sub: string;\n aud: string;\n exp: number;\n iat: number;\n at_hash?: Nullable<string>;\n name?: Nullable<string>;\n username?: Nullable<string>;\n picture?: Nullable<string>;\n email?: Nullable<string>;\n email_verified?: boolean;\n phone_number?: Nullable<string>;\n phone_number_verified?: boolean;\n};\n\n/* eslint-disable complexity */\n/**\n * @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\n */\nfunction assertIdTokenClaims(data: unknown): asserts data is IdTokenClaims {\n if (!isArbitraryObject(data)) {\n throw new TypeError('IdToken is expected to be an object');\n }\n\n for (const key of ['iss', 'sub', 'aud']) {\n if (typeof data[key] !== 'string') {\n throw new TypeError(`At path: IdToken.${key}: expected a string`);\n }\n }\n\n for (const key of ['exp', 'iat']) {\n if (typeof data[key] !== 'number') {\n throw new TypeError(`At path: IdToken.${key}: expected a number`);\n }\n }\n\n for (const key of ['at_hash', 'name', 'username', 'picture', 'email', 'phone_number']) {\n if (data[key] === undefined) {\n continue;\n }\n\n if (typeof data[key] !== 'string' && data[key] !== null) {\n throw new TypeError(`At path: IdToken.${key}: expected null or a string`);\n }\n }\n\n for (const key of ['email_verified', 'phone_number_verified']) {\n if (data[key] === undefined) {\n continue;\n }\n\n if (typeof data[key] !== 'boolean') {\n throw new TypeError(`At path: IdToken.${key}: expected a boolean`);\n }\n }\n}\n/* eslint-enable complexity */\n\nexport const verifyIdToken = async (\n idToken: string,\n clientId: string,\n issuer: string,\n jwks: JWTVerifyGetKey\n) => {\n const result = await jwtVerify(idToken, jwks, { audience: clientId, issuer });\n\n if (Math.abs((result.payload.iat ?? 0) - Date.now() / 1000) > issuedAtTimeTolerance) {\n throw new LogtoError('id_token.invalid_iat');\n }\n};\n\nexport const decodeIdToken = (token: string): IdTokenClaims => {\n const { 1: encodedPayload } = token.split('.');\n\n if (!encodedPayload) {\n throw new LogtoError('id_token.invalid_token');\n }\n\n const json = urlSafeBase64.decode(encodedPayload);\n const idTokenClaims: unknown = JSON.parse(json);\n assertIdTokenClaims(idTokenClaims);\n\n return idTokenClaims;\n};\n","import { ReservedScope, UserScope } from '../consts';\n\n/**\n * @param originalScopes\n * @return scopes should contain all default scopes (`openid`, `offline_access` and `profile`)\n */\nexport const withDefaultScopes = (originalScopes?: string[]): string => {\n const reservedScopes = Object.values(ReservedScope);\n const uniqueScopes = new Set([...reservedScopes, UserScope.Profile, ...(originalScopes ?? [])]);\n\n return Array.from(uniqueScopes).join(' ');\n};\n","import { QueryKey } from '../consts';\n\ntype SignOutUriParameters = {\n endSessionEndpoint: string;\n clientId: string;\n postLogoutRedirectUri?: string;\n};\n\nexport const generateSignOutUri = ({\n endSessionEndpoint,\n clientId,\n postLogoutRedirectUri,\n}: SignOutUriParameters) => {\n const urlSearchParameters = new URLSearchParams({ [QueryKey.ClientId]: clientId });\n\n if (postLogoutRedirectUri) {\n urlSearchParameters.append(QueryKey.PostLogoutRedirectUri, postLogoutRedirectUri);\n }\n\n return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;\n};\n","import type { Nullable } from '@silverhand/essentials';\n\nimport type { Requester } from '../types';\n\ntype Identity = {\n userId: string;\n details?: Record<string, unknown>;\n};\n\nexport type UserInfoResponse = {\n sub: string;\n name?: Nullable<string>;\n username?: Nullable<string>;\n picture?: Nullable<string>;\n email?: Nullable<string>;\n email_verified?: boolean;\n phone_number?: Nullable<string>;\n phone_number_verified?: boolean;\n custom_data?: unknown; // Not null in DB.\n identities?: Record<string, Identity>; // Not null in DB.\n};\n\nexport const fetchUserInfo = async (\n userInfoEndpoint: string,\n accessToken: string,\n requester: Requester\n): Promise<UserInfoResponse> =>\n requester<UserInfoResponse>(userInfoEndpoint, {\n headers: { Authorization: `Bearer ${accessToken}` },\n });\n","export type LogtoRequestErrorBody = {\n code: string;\n message: string;\n};\n\nexport type Requester = <T>(...args: Parameters<typeof fetch>) => Promise<T>;\n"],"names":[],"version":3,"file":"module.mjs.map"}
1
+ {"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AEAA;;;;;;;;;ACAO,MAAM,4CAAc;IACzB,gBAAgB;QAAE,gBAAgB;IAAoC;AACxE;IAEO;UAAK,cAAc;IAAd,eACV,uBAAoB;IADV,eAEV,kBAAe;GAFL,8CAAA;IAKL;UAAK,QAAQ;IAAR,SACV,cAAW;IADD,SAEV,UAAO;IAFG,SAGV,mBAAgB;IAHN,SAIV,yBAAsB;IAJZ,SAKV,kBAAe;IALL,SAMV,WAAQ;IANE,SAOV,sBAAmB;IAPT,SAQV,eAAY;IARF,SASV,aAAU;IATA,SAUV,iBAAc;IAVJ,SAWV,2BAAwB;IAXd,SAYV,YAAS;IAZC,SAaV,iBAAc;IAbJ,SAcV,kBAAe;IAdL,SAeV,cAAW;IAfD,SAgBV,kBAAe;IAhBL,SAiBV,WAAQ;IAjBE,SAkBV,WAAQ;IAlBE,SAmBV,WAAQ;IAnBE,SAoBV,2DAA2D;IAC3D,qBAAkB;GArBR,8CAAA;IAwBL;UAAK,MAAM;IAAN,OACV,aAAU;IADA,OAEV,WAAQ;GAFE,8CAAA;IAML;UAAK,aAAa;IAAb,cACV,YAAS;IADC,cAEV,mBAAgB;GAFN,6CAAA;IAQL;UAAK,SAAS;IAAT,UACV;;;;GAIC,GACD,aAAU;IANA,UAOV;;;;GAIC,GACD,WAAQ;IAZE,UAaV;;;;GAIC,GACD,WAAQ;IAlBE,UAmBV;;;;GAIC,GACD,gBAAa;IAxBH,UAyBV;;;;GAIC,GACD,gBAAa;GA9BH,8CAAA;;;ADJL,MAAM,4CAAgC,OAC3C,YACE,SAAQ,iBACR,cAAa,eACb,YAAW,gBACX,aAAY,QACZ,KAAI,YACJ,SAAQ,EACgC,EAC1C,YAC+B;IAC/B,MAAM,aAAa,IAAI;IACvB,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,EAAE;IACrC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,IAAI,EAAE;IACjC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,YAAY,EAAE;IACzC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,WAAW,EAAE;IACxC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,SAAS,EAAE,CAAA,GAAA,yCAAc,AAAD,EAAE,iBAAiB;IAEtE,IAAI,UACF,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,QAAQ,EAAE;IAGvC,MAAM,6BAA6B,MAAM,UAAsC,eAAe;QAC5F,QAAQ;QACR,SAAS,CAAA,GAAA,yCAAW,AAAD,EAAE,cAAc;QACnC,MAAM;IACR;IAEA,OAAO,CAAA,GAAA,oBAAY,EAAE;AACvB;AAEO,MAAM,4CAA2B,OACtC,YAAE,SAAQ,iBAAE,cAAa,gBAAE,aAAY,YAAE,SAAQ,UAAE,OAAM,EAAsC,EAC/F,YACuC;IACvC,MAAM,aAAa,IAAI;IACvB,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,EAAE;IACrC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,YAAY,EAAE;IACzC,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,SAAS,EAAE,CAAA,GAAA,yCAAc,AAAD,EAAE,YAAY;IAEjE,IAAI,UACF,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,QAAQ,EAAE;IAGvC,IAAI,QAAQ,QACV,WAAW,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,EAAE,OAAO,IAAI,CAAC;IAGhD,MAAM,qCAAqC,MAAM,UAC/C,eACA;QACE,QAAQ;QACR,SAAS,CAAA,GAAA,yCAAW,AAAD,EAAE,cAAc;QACnC,MAAM;IACR;IAGF,OAAO,CAAA,GAAA,oBAAY,EAAE;AACvB;;ADrGA;;;;;AGAA;AAeO,MAAM,4CAAgB;AAItB,MAAM,4CAAkB,OAC7B,UACA,YAEA,CAAA,GAAA,oBAAa,AAAD,EAAE,MAAM,UAAuC;;;;;;ACvB7D;AAGO,MAAM,4CAAS,OACpB,oBACA,UACA,OACA,YAEA,UAAgB,oBAAoB;QAClC,QAAQ;QACR,SAAS,CAAA,GAAA,yCAAW,AAAD,EAAE,cAAc;QACnC,MAAM,IAAI,gBAAgB;YACxB,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,CAAC,EAAE;YACrB,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,CAAC,EAAE;QACpB;IACF;;;;;;AChBF;;;;;;AEAA;;;;;;;;ACAA;;;;ACAO,MAAM,4CAAoB,CAAC,OAChC,OAAO,SAAS,YAAY,SAAS,IAAI;;;ADI3C,MAAM,wCAAkB,OAAO,MAAM,CAAC;IACpC,UAAU;QACR,aAAa;QACb,eAAe;IACjB;IACA,2BAA2B;QACzB,yBAAyB;QACzB,aAAa;QACb,eAAe;QACf,kBAAkB;QAClB,cAAc;IAChB;IACA,2BAA2B;IAC3B,2BAA2B;AAC7B;AAIA,MAAM,8CAAwB,CAAC,YAAsC;IACnE,mEAAmE;IACnE,MAAM,UAAU,CAAA,GAAA,gBAAE,EAAE,uCAAiB;IAErC,IAAI,OAAO,YAAY,UACrB,OAAO;IAGT,OAAO;AACT;AAEO,MAAM,kDAAmB;IAI9B,YAAY,IAAoB,EAAE,IAAc,CAAE;QAChD,KAAK,CAAC,4CAAsB;QAC5B,IAAI,CAAC,IAAI,GAAG;QACZ,IAAI,CAAC,IAAI,GAAG;IACd;AACF;AAEO,MAAM,4CAAsB,CAAC,OAA6D;IAC/F,IAAI,CAAC,CAAA,GAAA,yCAAiB,AAAD,EAAE,OACrB,OAAO,KAAK;IAGd,OAAO,OAAO,KAAK,IAAI,KAAK,YAAY,OAAO,KAAK,OAAO,KAAK;AAClE;AAEO,MAAM,kDAA0B;IAGrC,YAAY,IAAY,EAAE,OAAe,CAAE;QACzC,KAAK,CAAC;QACN,IAAI,CAAC,IAAI,GAAG;IACd;AACF;AAEO,MAAM;IACX,YAAmB,OAAsB,iBAA2B;qBAAjD;gCAAsB;IAA4B;AACvE;;;AD3DO,MAAM,4CAAqB,CAAC,MAAgB;IACjD,MAAM,GAAG,cAAc,EAAE,CAAC,GAAG,IAAI,KAAK,CAAC;IAEvC,OAAO,IAAI,gBAAgB;AAC7B;AAEO,MAAM,4CAAoC,CAC/C,aACA,aACA,QACG;IACH,IAAI,CAAC,YAAY,UAAU,CAAC,cAC1B,MAAM,IAAI,CAAA,GAAA,yCAAU,AAAD,EAAE,qDAAqD;IAE5E,MAAM,gBAAgB,0CAAmB;IAEzC,MAAM,QAAQ,CAAA,GAAA,kBAAU,EAAE,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,KAAK;IAC1D,MAAM,mBAAmB,CAAA,GAAA,kBAAU,EAAE,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,gBAAgB;IAEhF,IAAI,OACF,MAAM,IAAI,CAAA,GAAA,yCAAU,AAAD,EACjB,yCACA,IAAI,CAAA,GAAA,yCAAS,AAAD,EAAE,OAAO,mBACrB;IAGJ,MAAM,uBAAuB,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK;IAE7D,IAAI,CAAC,sBACH,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,2CAA2C;IAGlE,IAAI,yBAAyB,OAC3B,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,8CAA8C;IAGrE,MAAM,OAAO,cAAc,GAAG,CAAC,CAAA,GAAA,yCAAO,EAAE,IAAI;IAE5C,IAAI,CAAC,MACH,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,0CAA0C;IAGjE,OAAO;AACT;;ADhDA;;;;;;AIAA;;;;AAQA,MAAM,8CAAwB;AAkB9B,6BAA6B,GAC7B;;CAEC,GACD,SAAS,0CAAoB,IAAa,EAAiC;IACzE,IAAI,CAAC,CAAA,GAAA,yCAAgB,EAAE,OACrB,MAAM,IAAI,UAAU,uCAAuC;IAG7D,KAAK,MAAM,OAAO;QAAC;QAAO;QAAO;KAAM,CAAE;QACvC,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,UACvB,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,mBAAmB,CAAC,EAAE;IAEtE;IAEA,KAAK,MAAM,OAAO;QAAC;QAAO;KAAM,CAAE;QAChC,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,UACvB,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,mBAAmB,CAAC,EAAE;IAEtE;IAEA,KAAK,MAAM,OAAO;QAAC;QAAW;QAAQ;QAAY;QAAW;QAAS;KAAe,CAAE;QACrF,IAAI,IAAI,CAAC,IAAI,KAAK,WAChB,QAAS;QAGX,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,YAAY,IAAI,CAAC,IAAI,KAAK,IAAI,EACrD,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,2BAA2B,CAAC,EAAE;IAE9E;IAEA,KAAK,MAAM,OAAO;QAAC;QAAkB;KAAwB,CAAE;QAC7D,IAAI,IAAI,CAAC,IAAI,KAAK,WAChB,QAAS;QAGX,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,WACvB,MAAM,IAAI,UAAU,CAAC,iBAAiB,EAAE,IAAI,oBAAoB,CAAC,EAAE;IAEvE;AACF;AAGO,MAAM,4CAAgB,OAC3B,SACA,UACA,QACA,OACG;IACH,MAAM,SAAS,MAAM,CAAA,GAAA,gBAAQ,EAAE,SAAS,MAAM;QAAE,UAAU;gBAAU;IAAO;IAE3E,IAAI,KAAK,GAAG,CAAC,AAAC,CAAA,OAAO,OAAO,CAAC,GAAG,IAAI,CAAA,IAAK,KAAK,GAAG,KAAK,QAAQ,6CAC5D,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,wBAAwB;AAEjD;AAEO,MAAM,4CAAgB,CAAC,QAAiC;IAC7D,MAAM,EAAE,GAAG,eAAc,EAAE,GAAG,MAAM,KAAK,CAAC;IAE1C,IAAI,CAAC,gBACH,MAAM,IAAI,CAAA,GAAA,yCAAS,EAAE,0BAA0B;IAGjD,MAAM,OAAO,CAAA,GAAA,oBAAa,AAAD,EAAE,MAAM,CAAC;IAClC,MAAM,gBAAyB,KAAK,KAAK,CAAC;IAC1C,0CAAoB;IAEpB,OAAO;AACT;;;;;;AC9FA;AAMO,MAAM,4CAAoB,CAAC,iBAAsC;IACtE,MAAM,iBAAiB,OAAO,MAAM,CAAC,CAAA,GAAA,wCAAa,AAAD;IACjD,MAAM,eAAe,IAAI,IAAI;WAAI;QAAgB,CAAA,GAAA,yCAAS,AAAD,EAAE,OAAO;WAAM,kBAAkB,EAAE;KAAE;IAE9F,OAAO,MAAM,IAAI,CAAC,cAAc,IAAI,CAAC;AACvC;;;;;;;;;;;ANPA,MAAM,4CAAsB;AAC5B,MAAM,qCAAe;AAcd,MAAM,4CAAoB,CAAC,yBAChC,sBAAqB,YACrB,SAAQ,eACR,YAAW,iBACX,cAAa,SACb,MAAK,UACL,OAAM,aACN,UAAS,UACT,OAAM,mBACN,gBAAe,EACK,GAAK;IACzB,MAAM,sBAAsB,IAAI,gBAAgB;QAC9C,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,CAAC,EAAE;QACrB,CAAC,CAAA,GAAA,yCAAO,EAAE,WAAW,CAAC,EAAE;QACxB,CAAC,CAAA,GAAA,yCAAO,EAAE,aAAa,CAAC,EAAE;QAC1B,CAAC,CAAA,GAAA,yCAAO,EAAE,mBAAmB,CAAC,EAAE;QAChC,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,CAAC,EAAE;QAClB,CAAC,CAAA,GAAA,yCAAO,EAAE,YAAY,CAAC,EAAE;QACzB,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,MAAM,CAAC,EAAE,UAAU,CAAA,GAAA,yCAAM,AAAD,EAAE,OAAO;QAC3C,CAAC,CAAA,GAAA,yCAAO,EAAE,KAAK,CAAC,EAAE,CAAA,GAAA,yCAAiB,AAAD,EAAE;IACtC;IAEA,KAAK,MAAM,YAAY,aAAa,EAAE,CACpC,oBAAoB,MAAM,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,EAAE;IAGhD,qEAAqE;IACrE,IAAI,iBACF,oBAAoB,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,eAAe,EAAE;IAGvD,OAAO,CAAC,EAAE,sBAAsB,CAAC,EAAE,oBAAoB,QAAQ,GAAG,CAAC;AACrE;;;;;;AOnDA;AAQO,MAAM,4CAAqB,CAAC,sBACjC,mBAAkB,YAClB,SAAQ,yBACR,sBAAqB,EACA,GAAK;IAC1B,MAAM,sBAAsB,IAAI,gBAAgB;QAAE,CAAC,CAAA,GAAA,yCAAO,EAAE,QAAQ,CAAC,EAAE;IAAS;IAEhF,IAAI,uBACF,oBAAoB,MAAM,CAAC,CAAA,GAAA,yCAAQ,AAAD,EAAE,qBAAqB,EAAE;IAG7D,OAAO,CAAC,EAAE,mBAAmB,CAAC,EAAE,oBAAoB,QAAQ,GAAG,CAAC;AAClE;;;;;;ACEO,MAAM,4CAAgB,OAC3B,kBACA,aACA,YAEA,UAA4B,kBAAkB;QAC5C,SAAS;YAAE,eAAe,CAAC,OAAO,EAAE,YAAY,CAAC;QAAC;IACpD;;;;;;;;;;Ad7BF,wBAAwB,GACxB;;;;;","sources":["packages/js/src/index.ts","packages/js/src/core/index.ts","packages/js/src/core/fetch-token.ts","packages/js/src/consts/index.ts","packages/js/src/core/oidc-config.ts","packages/js/src/core/revoke.ts","packages/js/src/core/sign-in.ts","packages/js/src/utils/index.ts","packages/js/src/utils/callback-uri.ts","packages/js/src/utils/errors.ts","packages/js/src/utils/arbitrary-object.ts","packages/js/src/utils/id-token.ts","packages/js/src/utils/scopes.ts","packages/js/src/core/sign-out.ts","packages/js/src/core/user-info.ts","packages/js/src/types/index.ts"],"sourcesContent":["/* istanbul ignore file */\nexport * from './core';\nexport * from './utils';\nexport * from './consts';\nexport * from './types';\n","export * from './fetch-token';\nexport * from './oidc-config';\nexport * from './revoke';\nexport * from './sign-in';\nexport * from './sign-out';\nexport * from './user-info';\n","import type { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport { ContentType, QueryKey, TokenGrantType } from '../consts';\nimport type { Requester } from '../types';\n\nexport type FetchTokenByAuthorizationCodeParameters = {\n clientId: string;\n tokenEndpoint: string;\n redirectUri: string;\n codeVerifier: string;\n code: string;\n resource?: string;\n};\n\nexport type FetchTokenByRefreshTokenParameters = {\n clientId: string;\n tokenEndpoint: string;\n refreshToken: string;\n resource?: string;\n scopes?: string[];\n};\n\ntype SnakeCaseCodeTokenResponse = {\n access_token: string;\n refresh_token?: string;\n id_token: string;\n scope: string;\n expires_in: number;\n};\n\nexport type CodeTokenResponse = KeysToCamelCase<SnakeCaseCodeTokenResponse>;\n\ntype SnakeCaseRefreshTokenTokenResponse = {\n access_token: string;\n refresh_token: string;\n id_token?: string;\n scope: string;\n expires_in: number;\n};\n\nexport type RefreshTokenTokenResponse = KeysToCamelCase<SnakeCaseRefreshTokenTokenResponse>;\n\nexport const fetchTokenByAuthorizationCode = async (\n {\n clientId,\n tokenEndpoint,\n redirectUri,\n codeVerifier,\n code,\n resource,\n }: FetchTokenByAuthorizationCodeParameters,\n requester: Requester\n): Promise<CodeTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.Code, code);\n parameters.append(QueryKey.CodeVerifier, codeVerifier);\n parameters.append(QueryKey.RedirectUri, redirectUri);\n parameters.append(QueryKey.GrantType, TokenGrantType.AuthorizationCode);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n const snakeCaseCodeTokenResponse = await requester<SnakeCaseCodeTokenResponse>(tokenEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n });\n\n return camelcaseKeys(snakeCaseCodeTokenResponse);\n};\n\nexport const fetchTokenByRefreshToken = async (\n { clientId, tokenEndpoint, refreshToken, resource, scopes }: FetchTokenByRefreshTokenParameters,\n requester: Requester\n): Promise<RefreshTokenTokenResponse> => {\n const parameters = new URLSearchParams();\n parameters.append(QueryKey.ClientId, clientId);\n parameters.append(QueryKey.RefreshToken, refreshToken);\n parameters.append(QueryKey.GrantType, TokenGrantType.RefreshToken);\n\n if (resource) {\n parameters.append(QueryKey.Resource, resource);\n }\n\n if (scopes?.length) {\n parameters.append(QueryKey.Scope, scopes.join(' '));\n }\n\n const snakeCaseRefreshTokenTokenResponse = await requester<SnakeCaseRefreshTokenTokenResponse>(\n tokenEndpoint,\n {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: parameters,\n }\n );\n\n return camelcaseKeys(snakeCaseRefreshTokenTokenResponse);\n};\n","export const ContentType = {\n formUrlEncoded: { 'Content-Type': 'application/x-www-form-urlencoded' },\n};\n\nexport enum TokenGrantType {\n AuthorizationCode = 'authorization_code',\n RefreshToken = 'refresh_token',\n}\n\nexport enum QueryKey {\n ClientId = 'client_id',\n Code = 'code',\n CodeChallenge = 'code_challenge',\n CodeChallengeMethod = 'code_challenge_method',\n CodeVerifier = 'code_verifier',\n Error = 'error',\n ErrorDescription = 'error_description',\n GrantType = 'grant_type',\n IdToken = 'id_token',\n IdTokenHint = 'id_token_hint',\n PostLogoutRedirectUri = 'post_logout_redirect_uri',\n Prompt = 'prompt',\n RedirectUri = 'redirect_uri',\n RefreshToken = 'refresh_token',\n Resource = 'resource',\n ResponseType = 'response_type',\n Scope = 'scope',\n State = 'state',\n Token = 'token',\n // Need to align with the OIDC extraParams settings in core\n InteractionMode = 'interaction_mode',\n}\n\nexport enum Prompt {\n Consent = 'consent',\n Login = 'login',\n}\n\n// TODO: @sijie @charles find a proper way to sync scopes constants with core\nexport enum ReservedScope {\n OpenId = 'openid',\n OfflineAccess = 'offline_access',\n}\n\n/**\n * Scopes for ID Token and Userinfo Endpoint.\n */\nexport enum UserScope {\n /**\n * Scope for basic user info.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Profile = 'profile',\n /**\n * Scope for user email address.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Email = 'email',\n /**\n * Scope for user phone number.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Phone = 'phone',\n /**\n * Scope for user's custom data.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n CustomData = 'custom_data',\n /**\n * Scope for user's social identity details.\n *\n * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.\n */\n Identities = 'identities',\n}\n","import type { KeysToCamelCase } from '@silverhand/essentials';\nimport camelcaseKeys from 'camelcase-keys';\n\nimport type { Requester } from '../types';\n\ntype OidcConfigSnakeCaseResponse = {\n authorization_endpoint: string;\n token_endpoint: string;\n userinfo_endpoint: string;\n end_session_endpoint: string;\n revocation_endpoint: string;\n jwks_uri: string;\n issuer: string;\n};\n\nexport const discoveryPath = '/oidc/.well-known/openid-configuration';\n\nexport type OidcConfigResponse = KeysToCamelCase<OidcConfigSnakeCaseResponse>;\n\nexport const fetchOidcConfig = async (\n endpoint: string,\n requester: Requester\n): Promise<OidcConfigResponse> =>\n camelcaseKeys(await requester<OidcConfigSnakeCaseResponse>(endpoint));\n","import { ContentType, QueryKey } from '../consts';\nimport type { Requester } from '../types';\n\nexport const revoke = async (\n revocationEndpoint: string,\n clientId: string,\n token: string,\n requester: Requester\n): Promise<void> =>\n requester<void>(revocationEndpoint, {\n method: 'POST',\n headers: ContentType.formUrlEncoded,\n body: new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.Token]: token,\n }),\n });\n","import { Prompt, QueryKey } from '../consts';\nimport type { InteractionMode } from '../types';\nimport { withDefaultScopes } from '../utils';\n\nconst codeChallengeMethod = 'S256';\nconst responseType = 'code';\n\nexport type SignInUriParameters = {\n authorizationEndpoint: string;\n clientId: string;\n redirectUri: string;\n codeChallenge: string;\n state: string;\n scopes?: string[];\n resources?: string[];\n prompt?: Prompt;\n interactionMode?: InteractionMode;\n};\n\nexport const generateSignInUri = ({\n authorizationEndpoint,\n clientId,\n redirectUri,\n codeChallenge,\n state,\n scopes,\n resources,\n prompt,\n interactionMode,\n}: SignInUriParameters) => {\n const urlSearchParameters = new URLSearchParams({\n [QueryKey.ClientId]: clientId,\n [QueryKey.RedirectUri]: redirectUri,\n [QueryKey.CodeChallenge]: codeChallenge,\n [QueryKey.CodeChallengeMethod]: codeChallengeMethod,\n [QueryKey.State]: state,\n [QueryKey.ResponseType]: responseType,\n [QueryKey.Prompt]: prompt ?? Prompt.Consent,\n [QueryKey.Scope]: withDefaultScopes(scopes),\n });\n\n for (const resource of resources ?? []) {\n urlSearchParameters.append(QueryKey.Resource, resource);\n }\n\n // Set interactionMode to signUp for a create account user experience\n if (interactionMode) {\n urlSearchParameters.append(QueryKey.InteractionMode, interactionMode);\n }\n\n return `${authorizationEndpoint}?${urlSearchParameters.toString()}`;\n};\n","export * from './callback-uri';\nexport * from './errors';\nexport * from './id-token';\nexport * from './scopes';\nexport * from './arbitrary-object';\n","import { conditional } from '@silverhand/essentials';\n\nimport { QueryKey } from '../consts';\nimport { LogtoError, OidcError } from './errors';\n\nexport const parseUriParameters = (uri: string) => {\n const [, queryString = ''] = uri.split('?');\n\n return new URLSearchParams(queryString);\n};\n\nexport const verifyAndParseCodeFromCallbackUri = (\n callbackUri: string,\n redirectUri: string,\n state: string\n) => {\n if (!callbackUri.startsWith(redirectUri)) {\n throw new LogtoError('callback_uri_verification.redirect_uri_mismatched');\n }\n const uriParameters = parseUriParameters(callbackUri);\n\n const error = conditional(uriParameters.get(QueryKey.Error));\n const errorDescription = conditional(uriParameters.get(QueryKey.ErrorDescription));\n\n if (error) {\n throw new LogtoError(\n 'callback_uri_verification.error_found',\n new OidcError(error, errorDescription)\n );\n }\n\n const stateFromCallbackUri = uriParameters.get(QueryKey.State);\n\n if (!stateFromCallbackUri) {\n throw new LogtoError('callback_uri_verification.missing_state');\n }\n\n if (stateFromCallbackUri !== state) {\n throw new LogtoError('callback_uri_verification.state_mismatched');\n }\n\n const code = uriParameters.get(QueryKey.Code);\n\n if (!code) {\n throw new LogtoError('callback_uri_verification.missing_code');\n }\n\n return code;\n};\n","import type { NormalizeKeyPaths } from '@silverhand/essentials';\nimport get from 'lodash.get';\n\nimport { isArbitraryObject } from './arbitrary-object';\n\nconst logtoErrorCodes = Object.freeze({\n id_token: {\n invalid_iat: 'Invalid issued at time in the ID token',\n invalid_token: 'Invalid ID token',\n },\n callback_uri_verification: {\n redirect_uri_mismatched: 'The callback URI mismatches the redirect URI.',\n error_found: 'Error found in the callback URI',\n missing_state: 'Missing state in the callback URI',\n state_mismatched: 'State mismatched in the callback URI',\n missing_code: 'Missing code in the callback URI',\n },\n crypto_subtle_unavailable: 'Crypto.subtle is unavailable in insecure contexts (non-HTTPS).',\n unexpected_response_error: 'Unexpected response error from the server.',\n});\n\nexport type LogtoErrorCode = NormalizeKeyPaths<typeof logtoErrorCodes>;\n\nconst getMessageByErrorCode = (errorCode: LogtoErrorCode): string => {\n // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment\n const message = get(logtoErrorCodes, errorCode);\n\n if (typeof message === 'string') {\n return message;\n }\n\n return errorCode;\n};\n\nexport class LogtoError extends Error {\n code: LogtoErrorCode;\n data: unknown;\n\n constructor(code: LogtoErrorCode, data?: unknown) {\n super(getMessageByErrorCode(code));\n this.code = code;\n this.data = data;\n }\n}\n\nexport const isLogtoRequestError = (data: unknown): data is { code: string; message: string } => {\n if (!isArbitraryObject(data)) {\n return false;\n }\n\n return typeof data.code === 'string' && typeof data.message === 'string';\n};\n\nexport class LogtoRequestError extends Error {\n code: string;\n\n constructor(code: string, message: string) {\n super(message);\n this.code = code;\n }\n}\n\nexport class OidcError {\n constructor(public error: string, public errorDescription?: string) {}\n}\n","export const isArbitraryObject = (data: unknown): data is Record<string, unknown> =>\n typeof data === 'object' && data !== null;\n","import type { Nullable } from '@silverhand/essentials';\nimport { urlSafeBase64 } from '@silverhand/essentials';\nimport type { JWTVerifyGetKey } from 'jose';\nimport { jwtVerify } from 'jose';\n\nimport { isArbitraryObject } from './arbitrary-object';\nimport { LogtoError } from './errors';\n\nconst issuedAtTimeTolerance = 60;\n\nexport type IdTokenClaims = {\n iss: string;\n sub: string;\n aud: string;\n exp: number;\n iat: number;\n at_hash?: Nullable<string>;\n name?: Nullable<string>;\n username?: Nullable<string>;\n picture?: Nullable<string>;\n email?: Nullable<string>;\n email_verified?: boolean;\n phone_number?: Nullable<string>;\n phone_number_verified?: boolean;\n};\n\n/* eslint-disable complexity */\n/**\n * @link [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\n */\nfunction assertIdTokenClaims(data: unknown): asserts data is IdTokenClaims {\n if (!isArbitraryObject(data)) {\n throw new TypeError('IdToken is expected to be an object');\n }\n\n for (const key of ['iss', 'sub', 'aud']) {\n if (typeof data[key] !== 'string') {\n throw new TypeError(`At path: IdToken.${key}: expected a string`);\n }\n }\n\n for (const key of ['exp', 'iat']) {\n if (typeof data[key] !== 'number') {\n throw new TypeError(`At path: IdToken.${key}: expected a number`);\n }\n }\n\n for (const key of ['at_hash', 'name', 'username', 'picture', 'email', 'phone_number']) {\n if (data[key] === undefined) {\n continue;\n }\n\n if (typeof data[key] !== 'string' && data[key] !== null) {\n throw new TypeError(`At path: IdToken.${key}: expected null or a string`);\n }\n }\n\n for (const key of ['email_verified', 'phone_number_verified']) {\n if (data[key] === undefined) {\n continue;\n }\n\n if (typeof data[key] !== 'boolean') {\n throw new TypeError(`At path: IdToken.${key}: expected a boolean`);\n }\n }\n}\n/* eslint-enable complexity */\n\nexport const verifyIdToken = async (\n idToken: string,\n clientId: string,\n issuer: string,\n jwks: JWTVerifyGetKey\n) => {\n const result = await jwtVerify(idToken, jwks, { audience: clientId, issuer });\n\n if (Math.abs((result.payload.iat ?? 0) - Date.now() / 1000) > issuedAtTimeTolerance) {\n throw new LogtoError('id_token.invalid_iat');\n }\n};\n\nexport const decodeIdToken = (token: string): IdTokenClaims => {\n const { 1: encodedPayload } = token.split('.');\n\n if (!encodedPayload) {\n throw new LogtoError('id_token.invalid_token');\n }\n\n const json = urlSafeBase64.decode(encodedPayload);\n const idTokenClaims: unknown = JSON.parse(json);\n assertIdTokenClaims(idTokenClaims);\n\n return idTokenClaims;\n};\n","import { ReservedScope, UserScope } from '../consts';\n\n/**\n * @param originalScopes\n * @return scopes should contain all default scopes (`openid`, `offline_access` and `profile`)\n */\nexport const withDefaultScopes = (originalScopes?: string[]): string => {\n const reservedScopes = Object.values(ReservedScope);\n const uniqueScopes = new Set([...reservedScopes, UserScope.Profile, ...(originalScopes ?? [])]);\n\n return Array.from(uniqueScopes).join(' ');\n};\n","import { QueryKey } from '../consts';\n\ntype SignOutUriParameters = {\n endSessionEndpoint: string;\n clientId: string;\n postLogoutRedirectUri?: string;\n};\n\nexport const generateSignOutUri = ({\n endSessionEndpoint,\n clientId,\n postLogoutRedirectUri,\n}: SignOutUriParameters) => {\n const urlSearchParameters = new URLSearchParams({ [QueryKey.ClientId]: clientId });\n\n if (postLogoutRedirectUri) {\n urlSearchParameters.append(QueryKey.PostLogoutRedirectUri, postLogoutRedirectUri);\n }\n\n return `${endSessionEndpoint}?${urlSearchParameters.toString()}`;\n};\n","import type { Nullable } from '@silverhand/essentials';\n\nimport type { Requester } from '../types';\n\ntype Identity = {\n userId: string;\n details?: Record<string, unknown>;\n};\n\nexport type UserInfoResponse = {\n sub: string;\n name?: Nullable<string>;\n username?: Nullable<string>;\n picture?: Nullable<string>;\n email?: Nullable<string>;\n email_verified?: boolean;\n phone_number?: Nullable<string>;\n phone_number_verified?: boolean;\n custom_data?: unknown; // Not null in DB.\n identities?: Record<string, Identity>; // Not null in DB.\n};\n\nexport const fetchUserInfo = async (\n userInfoEndpoint: string,\n accessToken: string,\n requester: Requester\n): Promise<UserInfoResponse> =>\n requester<UserInfoResponse>(userInfoEndpoint, {\n headers: { Authorization: `Bearer ${accessToken}` },\n });\n","export type LogtoRequestErrorBody = {\n code: string;\n message: string;\n};\n\nexport type Requester = <T>(...args: Parameters<typeof fetch>) => Promise<T>;\n\n// Need to align with the OIDC extraParams settings in core\nexport type InteractionMode = 'signIn' | 'signUp';\n"],"names":[],"version":3,"file":"module.mjs.map"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@logto/js",
3
- "version": "1.0.0",
3
+ "version": "1.1.0",
4
4
  "source": "./src/index.ts",
5
5
  "main": "./lib/index.js",
6
6
  "exports": {
@@ -63,5 +63,5 @@
63
63
  "publishConfig": {
64
64
  "access": "public"
65
65
  },
66
- "gitHead": "fff27b23a74d5bd3a46fc83fbbc2901b6e054c72"
66
+ "gitHead": "f24174a6f840b8db968ad3886878d1b6e92b1b9d"
67
67
  }