@nocobase/plugin-idp-oauth 2.1.0-alpha.10

package/dist/node_modules/oidc-provider/node_modules/statuses/README.md

@@ -0,0 +1,139 @@
+# statuses
+
+[![NPM Version][npm-version-image]][npm-url]
+[![NPM Downloads][npm-downloads-image]][npm-url]
+[![Node.js Version][node-version-image]][node-version-url]
+[![Build Status][ci-image]][ci-url]
+[![Test Coverage][coveralls-image]][coveralls-url]
+[![OpenSSF Scorecard Badge][ossf-scorecard-badge]][ossf-scorecard-visualizer]
+
+HTTP status utility for node.
+
+This module provides a list of status codes and messages sourced from
+a few different projects:
+
+  * The [IANA Status Code Registry](https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml)
+  * The [Node.js project](https://nodejs.org/)
+  * The [NGINX project](https://www.nginx.com/)
+  * The [Apache HTTP Server project](https://httpd.apache.org/)
+
+## Installation
+
+This is a [Node.js](https://nodejs.org/en/) module available through the
+[npm registry](https://www.npmjs.com/). Installation is done using the
+[`npm install` command](https://docs.npmjs.com/getting-started/installing-npm-packages-locally):
+
+```sh
+$ npm install statuses
+```
+
+## API
+
+<!-- eslint-disable no-unused-vars -->
+
+```js
+var status = require('statuses')
+```
+
+### status(code)
+
+Returns the status message string for a known HTTP status code. The code
+may be a number or a string. An error is thrown for an unknown status code.
+
+<!-- eslint-disable no-undef -->
+
+```js
+status(403) // => 'Forbidden'
+status('403') // => 'Forbidden'
+status(306) // throws
+```
+
+### status(msg)
+
+Returns the numeric status code for a known HTTP status message. The message
+is case-insensitive. An error is thrown for an unknown status message.
+
+<!-- eslint-disable no-undef -->
+
+```js
+status('forbidden') // => 403
+status('Forbidden') // => 403
+status('foo') // throws
+```
+
+### status.codes
+
+Returns an array of all the status codes as `Integer`s.
+
+### status.code[msg]
+
+Returns the numeric status code for a known status message (in lower-case),
+otherwise `undefined`.
+
+<!-- eslint-disable no-undef, no-unused-expressions -->
+
+```js
+status['not found'] // => 404
+```
+
+### status.empty[code]
+
+Returns `true` if a status code expects an empty body.
+
+<!-- eslint-disable no-undef, no-unused-expressions -->
+
+```js
+status.empty[200] // => undefined
+status.empty[204] // => true
+status.empty[304] // => true
+```
+
+### status.message[code]
+
+Returns the string message for a known numeric status code, otherwise
+`undefined`. This object is the same format as the
+[Node.js http module `http.STATUS_CODES`](https://nodejs.org/dist/latest/docs/api/http.html#http_http_status_codes).
+
+<!-- eslint-disable no-undef, no-unused-expressions -->
+
+```js
+status.message[404] // => 'Not Found'
+```
+
+### status.redirect[code]
+
+Returns `true` if a status code is a valid redirect status.
+
+<!-- eslint-disable no-undef, no-unused-expressions -->
+
+```js
+status.redirect[200] // => undefined
+status.redirect[301] // => true
+```
+
+### status.retry[code]
+
+Returns `true` if you should retry the rest.
+
+<!-- eslint-disable no-undef, no-unused-expressions -->
+
+```js
+status.retry[501] // => undefined
+status.retry[503] // => true
+```
+
+## License
+
+[MIT](LICENSE)
+
+[ci-image]: https://badgen.net/github/checks/jshttp/statuses/master?label=ci
+[ci-url]: https://github.com/jshttp/statuses/actions?query=workflow%3Aci
+[coveralls-image]: https://badgen.net/coveralls/c/github/jshttp/statuses/master
+[coveralls-url]: https://coveralls.io/r/jshttp/statuses?branch=master
+[node-version-image]: https://badgen.net/npm/node/statuses
+[node-version-url]: https://nodejs.org/en/download
+[npm-downloads-image]: https://badgen.net/npm/dm/statuses
+[npm-url]: https://npmjs.org/package/statuses
+[npm-version-image]: https://badgen.net/npm/v/statuses
+[ossf-scorecard-badge]: https://api.securityscorecards.dev/projects/github.com/jshttp/statuses/badge
+[ossf-scorecard-visualizer]: https://kooltheba.github.io/openssf-scorecard-api-visualizer/#/projects/github.com/jshttp/statuses

package/dist/node_modules/oidc-provider/node_modules/statuses/codes.json

@@ -0,0 +1,65 @@
+{
+  "100": "Continue",
+  "101": "Switching Protocols",
+  "102": "Processing",
+  "103": "Early Hints",
+  "200": "OK",
+  "201": "Created",
+  "202": "Accepted",
+  "203": "Non-Authoritative Information",
+  "204": "No Content",
+  "205": "Reset Content",
+  "206": "Partial Content",
+  "207": "Multi-Status",
+  "208": "Already Reported",
+  "226": "IM Used",
+  "300": "Multiple Choices",
+  "301": "Moved Permanently",
+  "302": "Found",
+  "303": "See Other",
+  "304": "Not Modified",
+  "305": "Use Proxy",
+  "307": "Temporary Redirect",
+  "308": "Permanent Redirect",
+  "400": "Bad Request",
+  "401": "Unauthorized",
+  "402": "Payment Required",
+  "403": "Forbidden",
+  "404": "Not Found",
+  "405": "Method Not Allowed",
+  "406": "Not Acceptable",
+  "407": "Proxy Authentication Required",
+  "408": "Request Timeout",
+  "409": "Conflict",
+  "410": "Gone",
+  "411": "Length Required",
+  "412": "Precondition Failed",
+  "413": "Payload Too Large",
+  "414": "URI Too Long",
+  "415": "Unsupported Media Type",
+  "416": "Range Not Satisfiable",
+  "417": "Expectation Failed",
+  "418": "I'm a Teapot",
+  "421": "Misdirected Request",
+  "422": "Unprocessable Entity",
+  "423": "Locked",
+  "424": "Failed Dependency",
+  "425": "Too Early",
+  "426": "Upgrade Required",
+  "428": "Precondition Required",
+  "429": "Too Many Requests",
+  "431": "Request Header Fields Too Large",
+  "451": "Unavailable For Legal Reasons",
+  "500": "Internal Server Error",
+  "501": "Not Implemented",
+  "502": "Bad Gateway",
+  "503": "Service Unavailable",
+  "504": "Gateway Timeout",
+  "505": "HTTP Version Not Supported",
+  "506": "Variant Also Negotiates",
+  "507": "Insufficient Storage",
+  "508": "Loop Detected",
+  "509": "Bandwidth Limit Exceeded",
+  "510": "Not Extended",
+  "511": "Network Authentication Required"
+}

package/dist/node_modules/oidc-provider/node_modules/statuses/index.js

@@ -0,0 +1,146 @@
+/*!
+ * statuses
+ * Copyright(c) 2014 Jonathan Ong
+ * Copyright(c) 2016 Douglas Christopher Wilson
+ * MIT Licensed
+ */
+
+'use strict'
+
+/**
+ * Module dependencies.
+ * @private
+ */
+
+var codes = require('./codes.json')
+
+/**
+ * Module exports.
+ * @public
+ */
+
+module.exports = status
+
+// status code to message map
+status.message = codes
+
+// status message (lower-case) to code map
+status.code = createMessageToStatusCodeMap(codes)
+
+// array of status codes
+status.codes = createStatusCodeList(codes)
+
+// status codes for redirects
+status.redirect = {
+  300: true,
+  301: true,
+  302: true,
+  303: true,
+  305: true,
+  307: true,
+  308: true
+}
+
+// status codes for empty bodies
+status.empty = {
+  204: true,
+  205: true,
+  304: true
+}
+
+// status codes for when you should retry the request
+status.retry = {
+  502: true,
+  503: true,
+  504: true
+}
+
+/**
+ * Create a map of message to status code.
+ * @private
+ */
+
+function createMessageToStatusCodeMap (codes) {
+  var map = {}
+
+  Object.keys(codes).forEach(function forEachCode (code) {
+    var message = codes[code]
+    var status = Number(code)
+
+    // populate map
+    map[message.toLowerCase()] = status
+  })
+
+  return map
+}
+
+/**
+ * Create a list of all status codes.
+ * @private
+ */
+
+function createStatusCodeList (codes) {
+  return Object.keys(codes).map(function mapCode (code) {
+    return Number(code)
+  })
+}
+
+/**
+ * Get the status code for given message.
+ * @private
+ */
+
+function getStatusCode (message) {
+  var msg = message.toLowerCase()
+
+  if (!Object.prototype.hasOwnProperty.call(status.code, msg)) {
+    throw new Error('invalid status message: "' + message + '"')
+  }
+
+  return status.code[msg]
+}
+
+/**
+ * Get the status message for given code.
+ * @private
+ */
+
+function getStatusMessage (code) {
+  if (!Object.prototype.hasOwnProperty.call(status.message, code)) {
+    throw new Error('invalid status code: ' + code)
+  }
+
+  return status.message[code]
+}
+
+/**
+ * Get the status code.
+ *
+ * Given a number, this will throw if it is not a known status
+ * code, otherwise the code will be returned. Given a string,
+ * the string will be parsed for a number and return the code
+ * if valid, otherwise will lookup the code assuming this is
+ * the status message.
+ *
+ * @param {string|number} code
+ * @returns {number}
+ * @public
+ */
+
+function status (code) {
+  if (typeof code === 'number') {
+    return getStatusMessage(code)
+  }
+
+  if (typeof code !== 'string') {
+    throw new TypeError('code must be a number or string')
+  }
+
+  // '403'
+  var n = parseInt(code, 10)
+  if (!isNaN(n)) {
+    return getStatusMessage(n)
+  }
+
+  return getStatusCode(code)
+}

package/dist/node_modules/oidc-provider/node_modules/statuses/package.json

@@ -0,0 +1,49 @@
+{
+  "name": "statuses",
+  "description": "HTTP status utility",
+  "version": "2.0.2",
+  "contributors": [
+    "Douglas Christopher Wilson <doug@somethingdoug.com>",
+    "Jonathan Ong <me@jongleberry.com> (http://jongleberry.com)"
+  ],
+  "repository": "jshttp/statuses",
+  "license": "MIT",
+  "keywords": [
+    "http",
+    "status",
+    "code"
+  ],
+  "files": [
+    "HISTORY.md",
+    "index.js",
+    "codes.json",
+    "LICENSE"
+  ],
+  "devDependencies": {
+    "csv-parse": "4.16.3",
+    "eslint": "7.19.0",
+    "eslint-config-standard": "14.1.1",
+    "eslint-plugin-import": "2.31.0",
+    "eslint-plugin-markdown": "1.0.2",
+    "eslint-plugin-node": "11.1.0",
+    "eslint-plugin-promise": "4.3.1",
+    "eslint-plugin-standard": "4.1.0",
+    "mocha": "8.4.0",
+    "nyc": "15.1.0",
+    "raw-body": "2.5.2",
+    "stream-to-array": "2.3.0"
+  },
+  "engines": {
+    "node": ">= 0.8"
+  },
+  "scripts": {
+    "build": "node scripts/build.js",
+    "fetch": "node scripts/fetch-apache.js && node scripts/fetch-iana.js && node scripts/fetch-nginx.js && node scripts/fetch-node.js",
+    "lint": "eslint --plugin markdown --ext js,md .",
+    "test": "mocha --reporter spec --check-leaks --bail test/",
+    "test-ci": "nyc --reporter=lcov --reporter=text npm test",
+    "test-cov": "nyc --reporter=html --reporter=text npm test",
+    "update": "npm run fetch && npm run build",
+    "version": "node scripts/version-history.js && git add HISTORY.md"
+  }
+}

package/dist/node_modules/oidc-provider/package.json

@@ -0,0 +1,95 @@
+{
+  "name": "oidc-provider",
+  "version": "9.7.0",
+  "description": "OAuth 2.0 Authorization Server implementation for Node.js with OpenID Connect",
+  "keywords": [
+    "appauth",
+    "auth",
+    "authentication",
+    "authorization",
+    "basic",
+    "certified",
+    "ciba",
+    "config",
+    "connect",
+    "device flow",
+    "dpop",
+    "dynamic",
+    "express",
+    "fapi",
+    "fastify",
+    "hapi",
+    "hybrid",
+    "identity",
+    "implicit",
+    "jar",
+    "jarm",
+    "koa",
+    "mtls",
+    "oauth 2.0",
+    "oauth 2.1",
+    "oauth",
+    "oauth2",
+    "oidc",
+    "openid",
+    "par",
+    "pkce",
+    "provider",
+    "server"
+  ],
+  "homepage": "https://github.com/panva/node-oidc-provider",
+  "repository": "panva/node-oidc-provider",
+  "funding": {
+    "url": "https://github.com/sponsors/panva"
+  },
+  "license": "MIT",
+  "author": "Filip Skokan <panva.ip@gmail.com>",
+  "type": "module",
+  "main": "lib/index.js",
+  "files": [
+    "lib"
+  ],
+  "scripts": {
+    "format": "eslint lib example certification test docs --fix",
+    "test": "node ./test/run",
+    "test-ci": "node ./test/ci"
+  },
+  "dependencies": {
+    "@koa/cors": "^5.0.0",
+    "@koa/router": "^15.3.1",
+    "debug": "^4.4.3",
+    "eta": "^4.5.1",
+    "jose": "^6.2.0",
+    "jsesc": "^3.1.0",
+    "koa": "^3.1.2",
+    "nanoid": "^5.1.6",
+    "quick-lru": "^7.3.0",
+    "raw-body": "^3.0.2",
+    "undici": "^7.22.0"
+  },
+  "devDependencies": {
+    "@fastify/middie": "^9.3.1",
+    "@hapi/hapi": "^21.4.6",
+    "@koa/ejs": "^5.1.0",
+    "base64url": "^3.0.1",
+    "chai": "^6.2.2",
+    "desm": "^1.3.1",
+    "eslint": "^8.57.1",
+    "eslint-config-airbnb-base": "^15.0.0",
+    "eslint-plugin-import": "^2.32.0",
+    "eslint-plugin-redos": "^4.5.0",
+    "express": "^5.2.1",
+    "fastify": "^5.8.1",
+    "helmet": "^8.1.0",
+    "koa-body": "^7.0.1",
+    "koa-mount": "^4.2.0",
+    "lodash": "^4.17.23",
+    "mocha": "^11.7.5",
+    "moment": "^2.30.1",
+    "openid-client": "^6.8.2",
+    "selfsigned": "^5.5.0",
+    "sinon": "^21.0.2",
+    "supertest": "^7.2.2",
+    "timekeeper": "^2.3.1"
+  }
+}

package/dist/node_modules/quick-lru/index.d.ts

@@ -0,0 +1,178 @@
+export type Options<KeyType, ValueType> = {
+	/**
+	The maximum number of milliseconds an item should remain in the cache.
+
+	@default Infinity
+
+	By default, `maxAge` will be `Infinity`, which means that items will never expire.
+	Lazy expiration occurs upon the next write or read call.
+
+	Individual expiration of an item can be specified with the `set(key, value, {maxAge})` method.
+	*/
+	readonly maxAge?: number;
+
+	/**
+	The target maximum number of items before evicting the least recently used items.
+
+	__Note:__ This package uses an [algorithm](https://github.com/sindresorhus/quick-lru#algorithm) which maintains between `maxSize` and `2 × maxSize` items for performance reasons. The cache may temporarily contain up to twice the specified size due to the dual-cache design that avoids expensive delete operations.
+	*/
+	readonly maxSize: number;
+
+	/**
+	Called right before an item is evicted from the cache due to LRU pressure, TTL expiration, or manual eviction via `evict()`.
+
+	Useful for side effects or for items like object URLs that need explicit cleanup (`revokeObjectURL`).
+
+	__Note:__ This callback is not called for manual removals via `delete()` or `clear()`. It fires for automatic evictions and manual evictions via `evict()`.
+	*/
+	onEviction?: (key: KeyType, value: ValueType) => void;
+};
+
+// eslint-disable-next-line @typescript-eslint/naming-convention
+export default class QuickLRU<KeyType, ValueType> extends Map<KeyType, ValueType> implements Iterable<[KeyType, ValueType]> {
+	/**
+	Simple ["Least Recently Used" (LRU) cache](https://en.m.wikipedia.org/wiki/Cache_replacement_policies#Least_Recently_Used_.28LRU.29).
+
+	The instance is an [`Iterable`](https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Iteration_protocols) of `[key, value]` pairs so you can use it directly in a [`for…of`](https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Statements/for...of) loop.
+
+	@example
+	```
+	import QuickLRU from 'quick-lru';
+
+	const lru = new QuickLRU({maxSize: 1000});
+
+	lru.set('🦄', '🌈');
+
+	lru.has('🦄');
+	//=> true
+
+	lru.get('🦄');
+	//=> '🌈'
+	```
+	*/
+	constructor(options: Options<KeyType, ValueType>);
+
+	[Symbol.iterator](): IterableIterator<[KeyType, ValueType]>;
+
+	/**
+	Set an item. Returns the instance.
+
+	Individual expiration of an item can be specified with the `maxAge` option. If not specified, the global `maxAge` value will be used in case it is specified in the constructor; otherwise the item will never expire.
+
+	@returns The cache instance.
+	*/
+	set(key: KeyType, value: ValueType, options?: {maxAge?: number}): this;
+
+	/**
+	Get an item.
+
+	@returns The stored item or `undefined`.
+	*/
+	get(key: KeyType): ValueType | undefined;
+
+	/**
+	Check if an item exists.
+	*/
+	has(key: KeyType): boolean;
+
+	/**
+	Get an item without marking it as recently used.
+
+	@returns The stored item or `undefined`.
+	*/
+	peek(key: KeyType): ValueType | undefined;
+
+	/**
+	Delete an item.
+
+	@returns `true` if the item is removed or `false` if the item doesn't exist.
+	*/
+	delete(key: KeyType): boolean;
+
+	/**
+	Delete all items.
+	*/
+	clear(): void;
+
+	/**
+	Get the remaining time to live (in milliseconds) for the given item, or `undefined` when the item is not in the cache.
+
+	- Does not mark the item as recently used.
+	- Does not trigger lazy expiration or remove the entry when it is expired.
+	- Returns `Infinity` if the item has no expiration.
+	- May return a negative number if the item is already expired but not yet lazily removed.
+
+	@returns Remaining time to live in milliseconds when set, `Infinity` when there is no expiration, or `undefined` when the item does not exist.
+	*/
+	expiresIn(key: KeyType): number | undefined;
+
+	/**
+	Update the `maxSize` in-place, discarding items as necessary. Insertion order is mostly preserved, though this is not a strong guarantee.
+
+	Useful for on-the-fly tuning of cache sizes in live systems.
+	*/
+	resize(maxSize: number): void;
+
+	/**
+	The stored item count.
+	*/
+	get size(): number;
+
+	/**
+	The set max size.
+	*/
+	get maxSize(): number;
+
+	/**
+	The set max age.
+	*/
+	get maxAge(): number;
+
+	/**
+	Iterable for all the keys.
+	*/
+	keys(): IterableIterator<KeyType>;
+
+	/**
+	Iterable for all the values.
+	*/
+	values(): IterableIterator<ValueType>;
+
+	/**
+	Iterable for all entries, starting with the oldest (ascending in recency).
+	*/
+	entriesAscending(): IterableIterator<[KeyType, ValueType]>;
+
+	/**
+	Iterable for all entries, starting with the newest (descending in recency).
+	*/
+	entriesDescending(): IterableIterator<[KeyType, ValueType]>;
+
+	/**
+	Evict the least recently used items from the cache.
+
+	@param count - The number of items to evict. Defaults to 1.
+
+	It will always keep at least one item in the cache.
+
+	@example
+	```
+	import QuickLRU from 'quick-lru';
+
+	const lru = new QuickLRU({maxSize: 10});
+
+	lru.set('a', 1);
+	lru.set('b', 2);
+	lru.set('c', 3);
+
+	lru.evict(2); // Evicts 'a' and 'b'
+
+	console.log(lru.has('a'));
+	//=> false
+
+	console.log(lru.has('c'));
+	//=> true
+	```
+	*/
+	evict(count?: number): void;
+}