@mindfulauth/core 2.0.0-beta.6 → 2.0.0-beta.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core/csp.d.ts +19 -0
- package/dist/core/csp.d.ts.map +1 -0
- package/dist/core/csp.js +36 -0
- package/dist/core/index.d.ts +1 -0
- package/dist/core/index.d.ts.map +1 -1
- package/dist/core/index.js +2 -0
- package/package.json +7 -2
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Scans the mindfulauth/astro/ directory at build time and returns SHA-384
|
|
3
|
+
* hashes for all <script is:inline> blocks found in .astro component files.
|
|
4
|
+
*
|
|
5
|
+
* Astro's static CSP analysis cannot resolve dynamically rendered components,
|
|
6
|
+
* so hashes must be declared manually in astro.config.mjs. This function
|
|
7
|
+
* computes them automatically so no manual maintenance is needed.
|
|
8
|
+
*
|
|
9
|
+
* When published as a package, this function resolves the astro/ directory
|
|
10
|
+
* relative to its own location — no consumer configuration required.
|
|
11
|
+
*
|
|
12
|
+
* @example
|
|
13
|
+
* // astro.config.mjs
|
|
14
|
+
* // import { getScriptHashes } from '@mindfulauth/core';
|
|
15
|
+
*
|
|
16
|
+
* scriptDirective: { hashes: getScriptHashes() }
|
|
17
|
+
*/
|
|
18
|
+
export declare function getScriptHashes(): string[];
|
|
19
|
+
//# sourceMappingURL=csp.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"csp.d.ts","sourceRoot":"","sources":["../../src/core/csp.ts"],"names":[],"mappings":"AAWA;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,eAAe,IAAI,MAAM,EAAE,CAS1C"}
|
package/dist/core/csp.js
ADDED
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
// ============================================================================
|
|
2
|
+
// Build-time CSP utilities for Mindful Auth
|
|
3
|
+
// Import this in astro.config.mjs only — not at SSR runtime.
|
|
4
|
+
// ============================================================================
|
|
5
|
+
import { readFileSync, readdirSync } from 'fs';
|
|
6
|
+
import { createHash } from 'crypto';
|
|
7
|
+
import { join, dirname } from 'path';
|
|
8
|
+
import { fileURLToPath } from 'url';
|
|
9
|
+
const __dirname = dirname(fileURLToPath(import.meta.url));
|
|
10
|
+
/**
|
|
11
|
+
* Scans the mindfulauth/astro/ directory at build time and returns SHA-384
|
|
12
|
+
* hashes for all <script is:inline> blocks found in .astro component files.
|
|
13
|
+
*
|
|
14
|
+
* Astro's static CSP analysis cannot resolve dynamically rendered components,
|
|
15
|
+
* so hashes must be declared manually in astro.config.mjs. This function
|
|
16
|
+
* computes them automatically so no manual maintenance is needed.
|
|
17
|
+
*
|
|
18
|
+
* When published as a package, this function resolves the astro/ directory
|
|
19
|
+
* relative to its own location — no consumer configuration required.
|
|
20
|
+
*
|
|
21
|
+
* @example
|
|
22
|
+
* // astro.config.mjs
|
|
23
|
+
* // import { getScriptHashes } from '@mindfulauth/core';
|
|
24
|
+
*
|
|
25
|
+
* scriptDirective: { hashes: getScriptHashes() }
|
|
26
|
+
*/
|
|
27
|
+
export function getScriptHashes() {
|
|
28
|
+
const dir = join(__dirname, '../astro');
|
|
29
|
+
return readdirSync(dir)
|
|
30
|
+
.filter(f => f.endsWith('.astro'))
|
|
31
|
+
.flatMap(file => {
|
|
32
|
+
const content = readFileSync(join(dir, file), 'utf8');
|
|
33
|
+
return [...content.matchAll(/<script\b[^>]*>([\s\S]*?)<\/script>/g)]
|
|
34
|
+
.map((m) => 'sha384-' + createHash('sha384').update(m[1], 'utf8').digest('base64'));
|
|
35
|
+
});
|
|
36
|
+
}
|
package/dist/core/index.d.ts
CHANGED
package/dist/core/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":"AAGA,cAAc,SAAS,CAAC;AAGxB,cAAc,UAAU,CAAC;AAGzB,cAAc,QAAQ,CAAC;AAGvB,cAAc,gBAAgB,CAAC;AAG/B,cAAc,YAAY,CAAC;AAG3B,cAAc,cAAc,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":"AAGA,cAAc,SAAS,CAAC;AAGxB,cAAc,UAAU,CAAC;AAGzB,cAAc,QAAQ,CAAC;AAGvB,cAAc,gBAAgB,CAAC;AAG/B,cAAc,YAAY,CAAC;AAG3B,cAAc,cAAc,CAAC;AAG7B,cAAc,OAAO,CAAC"}
|
package/dist/core/index.js
CHANGED
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@mindfulauth/core",
|
|
3
|
-
"version": "2.0.0-beta.
|
|
3
|
+
"version": "2.0.0-beta.7",
|
|
4
4
|
"description": "Mindful Auth core authentication library for Astro 6",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/core/index.js",
|
|
@@ -26,6 +26,10 @@
|
|
|
26
26
|
"./config": {
|
|
27
27
|
"types": "./dist/core/config.d.ts",
|
|
28
28
|
"import": "./dist/core/config.js"
|
|
29
|
+
},
|
|
30
|
+
"./csp": {
|
|
31
|
+
"types": "./dist/core/csp.d.ts",
|
|
32
|
+
"import": "./dist/core/csp.js"
|
|
29
33
|
}
|
|
30
34
|
},
|
|
31
35
|
"files": [
|
|
@@ -51,7 +55,8 @@
|
|
|
51
55
|
},
|
|
52
56
|
"devDependencies": {
|
|
53
57
|
"@cloudflare/workers-types": "^4.20260307.1",
|
|
58
|
+
"@types/node": "^25.3.5",
|
|
54
59
|
"astro": "^6.0.0-beta.20",
|
|
55
60
|
"typescript": "^5.9.3"
|
|
56
61
|
}
|
|
57
|
-
}
|
|
62
|
+
}
|