@mediaviz/sdk 0.1.0 → 1.0.60

package/oauth/README.md

@@ -1,76 +0,0 @@
-# @yourorg/oauth-sdk
-
-JavaScript SDK for the OAuth 2.0 Authorization Server. Implements Authorization Code + PKCE flow, token refresh, token revocation, and JWT payload decoding for confidential (server-side) clients.
-
-## Installation
-
-```sh
-npm install @yourorg/oauth-sdk
-```
-
-## Quick start
-
-```js
-const { OAuthClient } = require('@yourorg/oauth-sdk');
-
-const oauthClient = new OAuthClient({
-  baseUrl: 'https://api.example.com',
-  clientId: process.env.OAUTH_CLIENT_ID,
-  clientSecret: process.env.OAUTH_CLIENT_SECRET,
-  redirectUri: 'https://myapp.com/callback',
-});
-
-// Step 1: initiate login
-app.get('/login', (req, res) => {
-  const { url, state, code_verifier } = oauthClient.generateAuthorizationUrl();
-  req.session.oauthState = state;
-  req.session.codeVerifier = code_verifier;
-  res.redirect(url);
-});
-
-// Step 2: handle callback
-app.get('/callback', async (req, res) => {
-  const { code, state } = req.query;
-  if (state !== req.session.oauthState) throw new Error('State mismatch');
-
-  const tokens = await oauthClient.exchangeCode(code, req.session.codeVerifier);
-  const payload = oauthClient.decodeAccessToken(tokens.access_token);
-
-  req.session.userId = payload.user_id;
-  req.session.accessToken = tokens.access_token;
-  req.session.refreshToken = tokens.refresh_token;
-  res.redirect('/dashboard');
-});
-
-// Step 3: make authenticated requests
-app.get('/dashboard', async (req, res) => {
-  const { data, updated_tokens } = await oauthClient.request(
-    'https://api.example.com/me',
-    'GET',
-    req.session.accessToken,
-    req.session.refreshToken,
-  );
-
-  if (updated_tokens) {
-    req.session.accessToken = updated_tokens.access_token;
-    req.session.refreshToken = updated_tokens.refresh_token;
-  }
-
-  res.json(data);
-});
-```
-
-> **Important:** `generateAuthorizationUrl()` returns `{ url, state, code_verifier }`. You **must** persist `state` and `code_verifier` (e.g. in an encrypted server-side session or short-lived encrypted cookie) and pass `code_verifier` back to `exchangeCode()` in the callback handler. The SDK does not store any state between calls.
-
-## Method reference
-
-| Method | Description | Returns |
-|--------|-------------|---------|
-| `generateAuthorizationUrl(state?)` | Generates PKCE verifier + challenge, builds `/oauth/authorize` URL | `AuthorizationUrlResult` |
-| `exchangeCode(code, codeVerifier, redirectUri?)` | Exchanges authorization code for tokens | `Promise<TokenResponse>` |
-| `refreshAccessToken(refreshToken)` | Issues new tokens using a refresh token | `Promise<TokenResponse>` |
-| `revokeToken(token, tokenTypeHint?)` | Revokes an access or refresh token (RFC 7009) | `Promise<void>` |
-| `decodeAccessToken(accessToken)` | Decodes JWT payload without signature verification | `TokenPayload` |
-| `request(url, method, accessToken, refreshToken, body?)` | Authenticated request with automatic 401 retry | `Promise<AuthenticatedResponse>` |
-
-See [spec.md](../../spec.md) for full API documentation.

package/oauth/browser-smoke-test.html

@@ -1,45 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-  <meta charset="UTF-8">
-  <title>OAuth SDK Browser Smoke Test</title>
-</head>
-<body>
-  <pre id="output"></pre>
-  <script src="dist/oauth-sdk.umd.js"></script>
-  <script>
-    (async () => {
-      const log = (msg) => {
-        document.getElementById('output').textContent += msg + '\n';
-        console.log(msg);
-      };
-
-      try {
-        const { OAuthClient } = OAuthSDK;
-        const client = new OAuthClient({
-          baseUrl: 'https://example.com',
-          clientId: 'test-client-id',
-          clientSecret: 'test-client-secret',
-          redirectUri: 'https://example.com/callback',
-        });
-
-        const result = await client.generateAuthorizationUrl();
-
-        if (!result.url.includes('response_type=code')) {
-          throw new Error(`url missing response_type=code: ${result.url}`);
-        }
-        if (result.code_verifier.length !== 64) {
-          throw new Error(`code_verifier length ${result.code_verifier.length} !== 64`);
-        }
-        if (result.state.length !== 32) {
-          throw new Error(`state length ${result.state.length} !== 32`);
-        }
-
-        log('PASS');
-      } catch (err) {
-        log('FAIL: ' + err.message);
-      }
-    })();
-  </script>
-</body>
-</html>

package/oauth/implementation_plan.json

@@ -1,106 +0,0 @@
-[
-  {
-    "id": 1,
-    "description": "Replace Node.js crypto with Web Crypto API in pkce.js. generateCodeVerifier: use globalThis.crypto.getRandomValues(new Uint8Array(48)) + manual base64url encode + slice to 64 chars. generateCodeChallenge: use globalThis.crypto.subtle.digest('SHA-256', TextEncoder) — must become async, returns Promise<string>. generateState: use getRandomValues(new Uint8Array(16)) + hex join. Remove require('crypto'). Keep module.exports unchanged.",
-    "touch_points": [
-      {
-        "file": "sdk/javascript/src/pkce.js",
-        "location": "generateCodeVerifier",
-        "status": "replace crypto.randomBytes with getRandomValues + base64url encode"
-      },
-      {
-        "file": "sdk/javascript/src/pkce.js",
-        "location": "generateCodeChallenge",
-        "status": "make async, replace createHash with crypto.subtle.digest"
-      },
-      {
-        "file": "sdk/javascript/src/pkce.js",
-        "location": "generateState",
-        "status": "replace crypto.randomBytes with getRandomValues + hex join"
-      }
-    ],
-    "completion_status": true
-  },
-  {
-    "id": 2,
-    "description": "Update client.js to await the now-async generateCodeChallenge. In generateAuthorizationUrl, change the call to: const challenge = await generateCodeChallenge(verifier). The method is already async so the public signature is unchanged.",
-    "touch_points": [
-      {
-        "file": "sdk/javascript/src/client.js",
-        "location": "generateAuthorizationUrl",
-        "status": "add await before generateCodeChallenge call"
-      }
-    ],
-    "completion_status": true
-  },
-  {
-    "id": 3,
-    "description": "Update pkce.test.js for async generateCodeChallenge. Change the PKCE test vector assertion to use await: expect(await generateCodeChallenge(verifier)).toBe('E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM'). Mark the test function async. All other tests are sync and unchanged.",
-    "touch_points": [
-      {
-        "file": "sdk/javascript/src/__tests__/pkce.test.js",
-        "location": "test('generateCodeChallenge')",
-        "status": "add async/await to test vector assertion"
-      }
-    ],
-    "completion_status": true
-  },
-  {
-    "id": 4,
-    "description": "Add Rollup build tooling. Install dev dependencies: rollup, @rollup/plugin-node-resolve, @rollup/plugin-terser. Create rollup.config.js at sdk/javascript/ with two outputs: (1) dist/oauth-sdk.umd.js — format: 'umd', name: 'OAuthSDK', exports: 'named', plugins: [terser()]; (2) dist/oauth-sdk.esm.js — format: 'esm'. Input: src/index.js. Use nodeResolve plugin to handle any internal references.",
-    "touch_points": [
-      {
-        "file": "sdk/javascript/package.json",
-        "location": "devDependencies",
-        "status": "add rollup, @rollup/plugin-node-resolve, @rollup/plugin-terser"
-      },
-      {
-        "file": "sdk/javascript/rollup.config.js",
-        "location": "module",
-        "status": "create with umd + esm output config"
-      }
-    ],
-    "completion_status": true
-  },
-  {
-    "id": 5,
-    "description": "Update package.json fields. Add: 'module': 'dist/oauth-sdk.esm.js'; 'browser': 'dist/oauth-sdk.umd.js'; 'files': ['src/', 'dist/']; scripts 'build': 'rollup -c' and 'prepublishOnly': 'npm run build'. Keep 'main': 'src/index.js' for Node.js CJS path.",
-    "touch_points": [
-      {
-        "file": "sdk/javascript/package.json",
-        "location": "root",
-        "status": "add module, browser, files fields and build scripts"
-      }
-    ],
-    "completion_status": true
-  },
-  {
-    "id": 6,
-    "description": "Add dist/ to .gitignore in sdk/javascript/. Update smoke-test.js: add await to generateAuthorizationUrl call (wrap in async IIFE or top-level await if package is ESM). Verify node smoke-test.js still exits 0.",
-    "touch_points": [
-      {
-        "file": "sdk/javascript/.gitignore",
-        "location": "root",
-        "status": "add dist/"
-      },
-      {
-        "file": "sdk/javascript/smoke-test.js",
-        "location": "main assertion block",
-        "status": "confirm generateAuthorizationUrl is awaited (should already be)"
-      }
-    ],
-    "completion_status": true
-  },
-  {
-    "id": 7,
-    "description": "Build verification. Run npm install then npm run build in sdk/javascript/. Confirm dist/oauth-sdk.umd.js and dist/oauth-sdk.esm.js are produced. Run npm test — all tests must pass. Run node smoke-test.js — must exit 0. Create sdk/javascript/browser-smoke-test.html: minimal HTML page that loads dist/oauth-sdk.umd.js via <script>, calls OAuthSDK.OAuthClient with dummy config, calls generateAuthorizationUrl(), asserts url contains 'response_type=code', logs PASS/FAIL to console.",
-    "touch_points": [
-      {
-        "file": "sdk/javascript/browser-smoke-test.html",
-        "location": "script block",
-        "status": "create browser smoke test for UMD bundle"
-      }
-    ],
-    "completion_status": true
-  }
-]