@monocloud/auth-core 0.1.10 → 0.1.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +17 -20
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.mts +1 -1
- package/dist/index.mjs +14 -17
- package/dist/index.mjs.map +1 -1
- package/dist/{types-BVOv1R0s.d.mts → types-Bese50qr.d.mts} +5 -1
- package/dist/utils/index.cjs +7 -7
- package/dist/utils/index.cjs.map +1 -1
- package/dist/utils/index.d.mts +1 -1
- package/dist/utils/index.mjs +5 -5
- package/dist/utils/index.mjs.map +1 -1
- package/dist/utils/internal.cjs +2 -3
- package/dist/utils/internal.cjs.map +1 -1
- package/dist/utils/internal.d.mts +2 -2
- package/dist/utils/internal.mjs +1 -1
- package/dist/utils/internal.mjs.map +1 -1
- package/package.json +3 -3
package/dist/index.cjs
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
|
-
Object.defineProperty(exports, Symbol.toStringTag, { value:
|
|
2
|
-
const require_utils_internal = require(
|
|
3
|
-
const require_utils_index = require(
|
|
4
|
-
|
|
1
|
+
Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
|
|
2
|
+
const require_utils_internal = require("./utils/internal.cjs");
|
|
3
|
+
const require_utils_index = require("./utils/index.cjs");
|
|
5
4
|
//#region src/errors/monocloud-auth-base-error.ts
|
|
6
5
|
/**
|
|
7
6
|
* Base class for all MonoCloud authentication errors.
|
|
@@ -11,7 +10,6 @@ const require_utils_index = require('./utils/index.cjs');
|
|
|
11
10
|
* @category Error Classes
|
|
12
11
|
*/
|
|
13
12
|
var MonoCloudAuthBaseError = class extends Error {};
|
|
14
|
-
|
|
15
13
|
//#endregion
|
|
16
14
|
//#region src/errors/monocloud-op-error.ts
|
|
17
15
|
/**
|
|
@@ -28,7 +26,6 @@ var MonoCloudOPError = class extends MonoCloudAuthBaseError {
|
|
|
28
26
|
this.errorDescription = errorDescription;
|
|
29
27
|
}
|
|
30
28
|
};
|
|
31
|
-
|
|
32
29
|
//#endregion
|
|
33
30
|
//#region src/errors/monocloud-http-error.ts
|
|
34
31
|
/**
|
|
@@ -39,7 +36,6 @@ var MonoCloudOPError = class extends MonoCloudAuthBaseError {
|
|
|
39
36
|
* @category Error Classes
|
|
40
37
|
*/
|
|
41
38
|
var MonoCloudHttpError = class extends MonoCloudAuthBaseError {};
|
|
42
|
-
|
|
43
39
|
//#endregion
|
|
44
40
|
//#region src/errors/monocloud-token-error.ts
|
|
45
41
|
/**
|
|
@@ -48,7 +44,6 @@ var MonoCloudHttpError = class extends MonoCloudAuthBaseError {};
|
|
|
48
44
|
* @category Error Classes
|
|
49
45
|
*/
|
|
50
46
|
var MonoCloudTokenError = class extends MonoCloudAuthBaseError {};
|
|
51
|
-
|
|
52
47
|
//#endregion
|
|
53
48
|
//#region src/errors/monocloud-validation-error.ts
|
|
54
49
|
/**
|
|
@@ -57,10 +52,8 @@ var MonoCloudTokenError = class extends MonoCloudAuthBaseError {};
|
|
|
57
52
|
* @category Error Classes
|
|
58
53
|
*/
|
|
59
54
|
var MonoCloudValidationError = class extends MonoCloudAuthBaseError {};
|
|
60
|
-
|
|
61
55
|
//#endregion
|
|
62
56
|
//#region src/helper.ts
|
|
63
|
-
const JWT_ASSERTION_CLOCK_SKEW = 5;
|
|
64
57
|
function assertMetadataProperty(metadata, property) {
|
|
65
58
|
if (metadata[property] === void 0 || metadata[property] === null) throw new MonoCloudValidationError(`${property} endpoint is required but not available in the issuer metadata`);
|
|
66
59
|
}
|
|
@@ -82,7 +75,6 @@ const deserializeJson = async (res) => {
|
|
|
82
75
|
);
|
|
83
76
|
}
|
|
84
77
|
};
|
|
85
|
-
|
|
86
78
|
//#endregion
|
|
87
79
|
//#region src/monocloud-oidc-client-base.ts
|
|
88
80
|
/**
|
|
@@ -180,7 +172,6 @@ var MonoCloudOidcClientBase = class {
|
|
|
180
172
|
}
|
|
181
173
|
}
|
|
182
174
|
};
|
|
183
|
-
|
|
184
175
|
//#endregion
|
|
185
176
|
//#region src/client-auth.ts
|
|
186
177
|
const algToSubtle = (alg) => {
|
|
@@ -212,6 +203,7 @@ const algToSubtle = (alg) => {
|
|
|
212
203
|
name: "ECDSA",
|
|
213
204
|
namedCurve: "P-521"
|
|
214
205
|
};
|
|
206
|
+
/* v8 ignore next */
|
|
215
207
|
default: throw new Error("unsupported JWS algorithm");
|
|
216
208
|
}
|
|
217
209
|
};
|
|
@@ -220,6 +212,7 @@ const psAlg = (key) => {
|
|
|
220
212
|
case "SHA-256": return "PS256";
|
|
221
213
|
case "SHA-384": return "PS384";
|
|
222
214
|
case "SHA-512": return "PS512";
|
|
215
|
+
/* v8 ignore next */
|
|
223
216
|
default: throw new Error("unsupported RsaHashedKeyAlgorithm hash name");
|
|
224
217
|
}
|
|
225
218
|
};
|
|
@@ -228,6 +221,7 @@ const rsAlg = (key) => {
|
|
|
228
221
|
case "SHA-256": return "RS256";
|
|
229
222
|
case "SHA-384": return "RS384";
|
|
230
223
|
case "SHA-512": return "RS512";
|
|
224
|
+
/* v8 ignore next */
|
|
231
225
|
default: throw new Error("unsupported RsaHashedKeyAlgorithm hash name");
|
|
232
226
|
}
|
|
233
227
|
};
|
|
@@ -236,6 +230,7 @@ const esAlg = (key) => {
|
|
|
236
230
|
case "P-256": return "ES256";
|
|
237
231
|
case "P-384": return "ES384";
|
|
238
232
|
case "P-521": return "ES512";
|
|
233
|
+
/* v8 ignore next */
|
|
239
234
|
default: throw new Error("unsupported EcKeyAlgorithm namedCurve");
|
|
240
235
|
}
|
|
241
236
|
};
|
|
@@ -244,6 +239,7 @@ const hsAlg = (key) => {
|
|
|
244
239
|
case "SHA-256": return "HS256";
|
|
245
240
|
case "SHA-384": return "HS384";
|
|
246
241
|
case "SHA-512": return "HS512";
|
|
242
|
+
/* v8 ignore next */
|
|
247
243
|
default: throw new Error("unsupported HMAC Algorithm hash");
|
|
248
244
|
}
|
|
249
245
|
};
|
|
@@ -253,6 +249,7 @@ const keyToJws = (key) => {
|
|
|
253
249
|
case "RSA-PSS": return psAlg(key);
|
|
254
250
|
case "RSASSA-PKCS1-v1_5": return rsAlg(key);
|
|
255
251
|
case "ECDSA": return esAlg(key);
|
|
252
|
+
/* v8 ignore next */
|
|
256
253
|
default: throw new Error("unsupported CryptoKey algorithm name");
|
|
257
254
|
}
|
|
258
255
|
};
|
|
@@ -267,6 +264,7 @@ const ecdsaHashName = (key) => {
|
|
|
267
264
|
case "P-256": return "SHA-256";
|
|
268
265
|
case "P-384": return "SHA-384";
|
|
269
266
|
case "P-521": return "SHA-512";
|
|
267
|
+
/* v8 ignore next */
|
|
270
268
|
default: throw new Error("unsupported ECDSA namedCurve");
|
|
271
269
|
}
|
|
272
270
|
};
|
|
@@ -286,6 +284,7 @@ const keyToSubtle = (key) => {
|
|
|
286
284
|
name: key.algorithm.name,
|
|
287
285
|
saltLength: parseInt(key.algorithm.hash.name.slice(-3), 10) >> 3
|
|
288
286
|
};
|
|
287
|
+
/* v8 ignore next */
|
|
289
288
|
default: throw new Error("unsupported RSA-PSS hash name");
|
|
290
289
|
}
|
|
291
290
|
case "RSASSA-PKCS1-v1_5":
|
|
@@ -345,7 +344,6 @@ const clientAuth = async (clientId, clientSecret, method, issuer, headers, body,
|
|
|
345
344
|
default: throw new Error("Invalid Client Authentication Method");
|
|
346
345
|
}
|
|
347
346
|
};
|
|
348
|
-
|
|
349
347
|
//#endregion
|
|
350
348
|
//#region src/monocloud-oidc-client.ts
|
|
351
349
|
const FILTER_ID_TOKEN_CLAIMS = [
|
|
@@ -463,7 +461,7 @@ var MonoCloudOidcClient = class MonoCloudOidcClient extends MonoCloudOidcClientB
|
|
|
463
461
|
"content-type": "application/x-www-form-urlencoded",
|
|
464
462
|
accept: "application/json"
|
|
465
463
|
};
|
|
466
|
-
await clientAuth(this.clientId, this.clientSecret, this.authMethod, this.tenantDomain, headers, body,
|
|
464
|
+
await clientAuth(this.clientId, this.clientSecret, this.authMethod, this.tenantDomain, headers, body, 5);
|
|
467
465
|
const metadata = await this.getMetadata();
|
|
468
466
|
assertMetadataProperty(metadata, "pushed_authorization_request_endpoint");
|
|
469
467
|
const response = await innerFetch(metadata.pushed_authorization_request_endpoint, {
|
|
@@ -569,7 +567,7 @@ var MonoCloudOidcClient = class MonoCloudOidcClient extends MonoCloudOidcClientB
|
|
|
569
567
|
"content-type": "application/x-www-form-urlencoded",
|
|
570
568
|
accept: "application/json"
|
|
571
569
|
};
|
|
572
|
-
await clientAuth(this.clientId, this.clientSecret, this.authMethod, this.tenantDomain, headers, body,
|
|
570
|
+
await clientAuth(this.clientId, this.clientSecret, this.authMethod, this.tenantDomain, headers, body, 5);
|
|
573
571
|
const metadata = await this.getMetadata();
|
|
574
572
|
assertMetadataProperty(metadata, "token_endpoint");
|
|
575
573
|
const response = await innerFetch(metadata.token_endpoint, {
|
|
@@ -611,7 +609,7 @@ var MonoCloudOidcClient = class MonoCloudOidcClient extends MonoCloudOidcClientB
|
|
|
611
609
|
"content-type": "application/x-www-form-urlencoded",
|
|
612
610
|
accept: "application/json"
|
|
613
611
|
};
|
|
614
|
-
await clientAuth(this.clientId, this.clientSecret, this.authMethod, this.tenantDomain, headers, body,
|
|
612
|
+
await clientAuth(this.clientId, this.clientSecret, this.authMethod, this.tenantDomain, headers, body, 5);
|
|
615
613
|
const metadata = await this.getMetadata();
|
|
616
614
|
assertMetadataProperty(metadata, "token_endpoint");
|
|
617
615
|
const response = await innerFetch(metadata.token_endpoint, {
|
|
@@ -795,7 +793,7 @@ var MonoCloudOidcClient = class MonoCloudOidcClient extends MonoCloudOidcClientB
|
|
|
795
793
|
body.set("token", token);
|
|
796
794
|
if (tokenType) body.set("token_type_hint", tokenType);
|
|
797
795
|
const headers = { "content-type": "application/x-www-form-urlencoded" };
|
|
798
|
-
await clientAuth(this.clientId, this.clientSecret, this.authMethod, this.tenantDomain, headers, body,
|
|
796
|
+
await clientAuth(this.clientId, this.clientSecret, this.authMethod, this.tenantDomain, headers, body, 5);
|
|
799
797
|
const metadata = await this.getMetadata();
|
|
800
798
|
assertMetadataProperty(metadata, "revocation_endpoint");
|
|
801
799
|
const response = await innerFetch(metadata.revocation_endpoint, {
|
|
@@ -871,7 +869,6 @@ var MonoCloudOidcClient = class MonoCloudOidcClient extends MonoCloudOidcClientB
|
|
|
871
869
|
return claims;
|
|
872
870
|
}
|
|
873
871
|
};
|
|
874
|
-
|
|
875
872
|
//#endregion
|
|
876
873
|
//#region src/monocloud-oidc-backend-client.ts
|
|
877
874
|
/**
|
|
@@ -929,7 +926,7 @@ var MonoCloudOidcBackendClient = class extends MonoCloudOidcClientBase {
|
|
|
929
926
|
"content-type": "application/x-www-form-urlencoded",
|
|
930
927
|
accept: "application/json"
|
|
931
928
|
};
|
|
932
|
-
await clientAuth(this.clientId, this.clientSecret, this.authMethod, this.tenantDomain, headers, body,
|
|
929
|
+
await clientAuth(this.clientId, this.clientSecret, this.authMethod, this.tenantDomain, headers, body, 5);
|
|
933
930
|
const response = await innerFetch(metadata.introspection_endpoint, {
|
|
934
931
|
method: "POST",
|
|
935
932
|
body: body.toString(),
|
|
@@ -1056,7 +1053,6 @@ var MonoCloudOidcBackendClient = class extends MonoCloudOidcClientBase {
|
|
|
1056
1053
|
if (certHash !== clientCertHash) throw new MonoCloudTokenError("The certificate hash in the access token does not match the presented client certificate (certificate binding validation failed)");
|
|
1057
1054
|
}
|
|
1058
1055
|
};
|
|
1059
|
-
|
|
1060
1056
|
//#endregion
|
|
1061
1057
|
exports.MonoCloudAuthBaseError = MonoCloudAuthBaseError;
|
|
1062
1058
|
exports.MonoCloudHttpError = MonoCloudHttpError;
|
|
@@ -1066,4 +1062,5 @@ exports.MonoCloudOidcClient = MonoCloudOidcClient;
|
|
|
1066
1062
|
exports.MonoCloudOidcClientBase = MonoCloudOidcClientBase;
|
|
1067
1063
|
exports.MonoCloudTokenError = MonoCloudTokenError;
|
|
1068
1064
|
exports.MonoCloudValidationError = MonoCloudValidationError;
|
|
1065
|
+
|
|
1069
1066
|
//# sourceMappingURL=index.cjs.map
|