@nocobase/plugin-idp-oauth 2.1.0-alpha.10

package/dist/node_modules/jose/dist/types/jwt/unsecured.d.ts

@@ -0,0 +1,43 @@
+/**
+ * Unsecured (unsigned & unencrypted) JSON Web Tokens (JWT)
+ *
+ * @module
+ */
+import type * as types from '../types.d.ts';
+/** Result of decoding an Unsecured JWT. */
+export interface UnsecuredResult<PayloadType = types.JWTPayload> {
+    payload: PayloadType & types.JWTPayload;
+    header: types.JWSHeaderParameters;
+}
+/**
+ * The UnsecuredJWT class is a utility for dealing with `{ "alg": "none" }` Unsecured JWTs.
+ *
+ * This class is exported (as a named export) from the main `'jose'` module entry point as well as
+ * from its subpath export `'jose/jwt/unsecured'`.
+ *
+ */
+export declare class UnsecuredJWT implements types.ProduceJWT {
+    #private;
+    /**
+     * {@link UnsecuredJWT} constructor
+     *
+     * @param payload The JWT Claims Set object. Defaults to an empty object.
+     */
+    constructor(payload?: types.JWTPayload);
+    /** Encodes the Unsecured JWT. */
+    encode(): string;
+    setIssuer(issuer: string): this;
+    setSubject(subject: string): this;
+    setAudience(audience: string | string[]): this;
+    setJti(jwtId: string): this;
+    setNotBefore(input: number | string | Date): this;
+    setExpirationTime(input: number | string | Date): this;
+    setIssuedAt(input?: number | string | Date): this;
+    /**
+     * Decodes an unsecured JWT.
+     *
+     * @param jwt Unsecured JWT to decode the payload of.
+     * @param options JWT Claims Set validation options.
+     */
+    static decode<PayloadType = types.JWTPayload>(jwt: string, options?: types.JWTClaimVerificationOptions): UnsecuredResult<PayloadType>;
+}

package/dist/node_modules/jose/dist/types/jwt/verify.d.ts

@@ -0,0 +1,37 @@
+/**
+ * JSON Web Token (JWT) Verification (JWT is in JWS format)
+ *
+ * @module
+ */
+import type * as types from '../types.d.ts';
+/** Combination of JWS Verification options and JWT Claims Set verification options. */
+export interface JWTVerifyOptions extends types.VerifyOptions, types.JWTClaimVerificationOptions {
+}
+/**
+ * Interface for JWT Verification dynamic key resolution. No token components have been verified at
+ * the time of this function call.
+ *
+ * @see {@link jwks/remote.createRemoteJWKSet createRemoteJWKSet} to verify using a remote JSON Web Key Set.
+ */
+export interface JWTVerifyGetKey extends types.GenericGetKeyFunction<types.JWTHeaderParameters, types.FlattenedJWSInput, types.CryptoKey | types.KeyObject | types.JWK | Uint8Array> {
+}
+/**
+ * Verifies the JWT format (to be a JWS Compact format), verifies the JWS signature, validates the
+ * JWT Claims Set.
+ *
+ * This function is exported (as a named export) from the main `'jose'` module entry point as well
+ * as from its subpath export `'jose/jwt/verify'`.
+ *
+ * @param jwt JSON Web Token value (encoded as JWS).
+ * @param key Key to verify the JWT with. See
+ *   {@link https://github.com/panva/jose/issues/210#jws-alg Algorithm Key Requirements}.
+ * @param options JWT Decryption and JWT Claims Set validation options.
+ */
+export declare function jwtVerify<PayloadType = types.JWTPayload>(jwt: string | Uint8Array, key: types.CryptoKey | types.KeyObject | types.JWK | Uint8Array, options?: JWTVerifyOptions): Promise<types.JWTVerifyResult<PayloadType>>;
+/**
+ * @param jwt JSON Web Token value (encoded as JWS).
+ * @param getKey Function resolving a key to verify the JWT with. See
+ *   {@link https://github.com/panva/jose/issues/210#jws-alg Algorithm Key Requirements}.
+ * @param options JWT Decryption and JWT Claims Set validation options.
+ */
+export declare function jwtVerify<PayloadType = types.JWTPayload>(jwt: string | Uint8Array, getKey: JWTVerifyGetKey, options?: JWTVerifyOptions): Promise<types.JWTVerifyResult<PayloadType> & types.ResolvedKey>;

package/dist/node_modules/jose/dist/types/key/export.d.ts

@@ -0,0 +1,33 @@
+/**
+ * Cryptographic key export functions
+ *
+ * @module
+ */
+import type * as types from '../types.d.ts';
+/**
+ * Exports a public {@link !CryptoKey} or {@link !KeyObject} to a PEM-encoded SPKI string format.
+ *
+ * This function is exported (as a named export) from the main `'jose'` module entry point as well
+ * as from its subpath export `'jose/key/export'`.
+ *
+ * @param key Key to export to a PEM-encoded SPKI string format.
+ */
+export declare function exportSPKI(key: types.CryptoKey | types.KeyObject): Promise<string>;
+/**
+ * Exports a private {@link !CryptoKey} or {@link !KeyObject} to a PEM-encoded PKCS8 string format.
+ *
+ * This function is exported (as a named export) from the main `'jose'` module entry point as well
+ * as from its subpath export `'jose/key/export'`.
+ *
+ * @param key Key to export to a PEM-encoded PKCS8 string format.
+ */
+export declare function exportPKCS8(key: types.CryptoKey | types.KeyObject): Promise<string>;
+/**
+ * Exports a {@link !CryptoKey}, {@link !KeyObject}, or {@link !Uint8Array} to a JWK.
+ *
+ * This function is exported (as a named export) from the main `'jose'` module entry point as well
+ * as from its subpath export `'jose/key/export'`.
+ *
+ * @param key Key to export as JWK.
+ */
+export declare function exportJWK(key: types.CryptoKey | types.KeyObject | Uint8Array): Promise<types.JWK>;

package/dist/node_modules/jose/dist/types/key/generate_key_pair.d.ts

@@ -0,0 +1,47 @@
+/**
+ * Asymmetric key generation
+ *
+ * @module
+ */
+import type * as types from '../types.d.ts';
+/** Asymmetric key pair generation function result. */
+export interface GenerateKeyPairResult {
+    /** The generated Private Key. */
+    privateKey: types.CryptoKey;
+    /** Public Key corresponding to the generated Private Key. */
+    publicKey: types.CryptoKey;
+}
+/** Asymmetric key pair generation function options. */
+export interface GenerateKeyPairOptions {
+    /**
+     * The EC "crv" (Curve) or OKP "crv" (Subtype of Key Pair) value to generate. The curve must be
+     * both supported on the runtime as well as applicable for the given JWA algorithm identifier.
+     */
+    crv?: string;
+    /**
+     * A hint for RSA algorithms to generate an RSA key of a given `modulusLength` (Key size in bits).
+     * JOSE requires 2048 bits or larger. Default is 2048.
+     */
+    modulusLength?: number;
+    /**
+     * The value to use as {@link !SubtleCrypto.generateKey} `extractable` argument. Default is false.
+     *
+     */
+    extractable?: boolean;
+}
+/**
+ * Generates a private and a public key for a given JWA algorithm identifier. This can only generate
+ * asymmetric key pairs. For symmetric secrets use the `generateSecret` function.
+ *
+ * > [!NOTE]\
+ * > The `privateKey` is generated with `extractable` set to `false` by default. See
+ * > {@link GenerateKeyPairOptions.extractable} to generate an extractable `privateKey`.
+ *
+ * This function is exported (as a named export) from the main `'jose'` module entry point as well
+ * as from its subpath export `'jose/generate/keypair'`.
+ *
+ * @param alg JWA Algorithm Identifier to be used with the generated key pair. See
+ *   {@link https://github.com/panva/jose/issues/210 Algorithm Key Requirements}.
+ * @param options Additional options passed down to the key pair generation.
+ */
+export declare function generateKeyPair(alg: string, options?: GenerateKeyPairOptions): Promise<GenerateKeyPairResult>;

package/dist/node_modules/jose/dist/types/key/generate_secret.d.ts

@@ -0,0 +1,35 @@
+/**
+ * Symmetric key generation
+ *
+ * @module
+ */
+import type * as types from '../types.d.ts';
+/** Secret generation function options. */
+export interface GenerateSecretOptions {
+    /**
+     * The value to use as {@link !SubtleCrypto.generateKey} `extractable` argument. Default is false.
+     *
+     * > [!NOTE]\
+     * > Because A128CBC-HS256, A192CBC-HS384, and A256CBC-HS512 secrets cannot be represented as
+     * > {@link !CryptoKey} this option has no effect for them.
+     */
+    extractable?: boolean;
+}
+/**
+ * Generates a symmetric secret key for a given JWA algorithm identifier.
+ *
+ * > [!NOTE]\
+ * > The secret key is generated with `extractable` set to `false` by default.
+ *
+ * > [!NOTE]\
+ * > Because A128CBC-HS256, A192CBC-HS384, and A256CBC-HS512 secrets cannot be represented as
+ * > {@link !CryptoKey} this method yields a {@link !Uint8Array} for them instead.
+ *
+ * This function is exported (as a named export) from the main `'jose'` module entry point as well
+ * as from its subpath export `'jose/generate/secret'`.
+ *
+ * @param alg JWA Algorithm Identifier to be used with the generated secret. See
+ *   {@link https://github.com/panva/jose/issues/210 Algorithm Key Requirements}.
+ * @param options Additional options passed down to the secret generation.
+ */
+export declare function generateSecret(alg: string, options?: GenerateSecretOptions): Promise<types.CryptoKey | Uint8Array>;

package/dist/node_modules/jose/dist/types/key/import.d.ts

@@ -0,0 +1,83 @@
+/**
+ * Cryptographic key import functions
+ *
+ * @module
+ */
+import type * as types from '../types.d.ts';
+/** Key Import Function options. */
+export interface KeyImportOptions {
+    /**
+     * The value to use as {@link !SubtleCrypto.importKey} `extractable` argument. Default is false for
+     * private keys, true otherwise.
+     */
+    extractable?: boolean;
+}
+/**
+ * Imports a PEM-encoded SPKI string as a {@link !CryptoKey}.
+ *
+ * > [!NOTE]\
+ * > The OID id-RSASSA-PSS (1.2.840.113549.1.1.10) is not supported in
+ * > {@link https://w3c.github.io/webcrypto/ Web Cryptography API}, use the OID rsaEncryption
+ * > (1.2.840.113549.1.1.1) instead for all RSA algorithms.
+ *
+ * This function is exported (as a named export) from the main `'jose'` module entry point as well
+ * as from its subpath export `'jose/key/import'`.
+ *
+ * @param spki PEM-encoded SPKI string
+ * @param alg JSON Web Algorithm identifier to be used with the imported key. See
+ *   {@link https://github.com/panva/jose/issues/210 Algorithm Key Requirements}.
+ */
+export declare function importSPKI(spki: string, alg: string, options?: KeyImportOptions): Promise<types.CryptoKey>;
+/**
+ * Imports the SPKI from an X.509 string certificate as a {@link !CryptoKey}.
+ *
+ * > [!NOTE]\
+ * > The OID id-RSASSA-PSS (1.2.840.113549.1.1.10) is not supported in
+ * > {@link https://w3c.github.io/webcrypto/ Web Cryptography API}, use the OID rsaEncryption
+ * > (1.2.840.113549.1.1.1) instead for all RSA algorithms.
+ *
+ * This function is exported (as a named export) from the main `'jose'` module entry point as well
+ * as from its subpath export `'jose/key/import'`.
+ *
+ * @param x509 X.509 certificate string
+ * @param alg JSON Web Algorithm identifier to be used with the imported key. See
+ *   {@link https://github.com/panva/jose/issues/210 Algorithm Key Requirements}.
+ */
+export declare function importX509(x509: string, alg: string, options?: KeyImportOptions): Promise<types.CryptoKey>;
+/**
+ * Imports a PEM-encoded PKCS#8 string as a {@link !CryptoKey}.
+ *
+ * > [!NOTE]\
+ * > The OID id-RSASSA-PSS (1.2.840.113549.1.1.10) is not supported in
+ * > {@link https://w3c.github.io/webcrypto/ Web Cryptography API}, use the OID rsaEncryption
+ * > (1.2.840.113549.1.1.1) instead for all RSA algorithms.
+ *
+ * This function is exported (as a named export) from the main `'jose'` module entry point as well
+ * as from its subpath export `'jose/key/import'`.
+ *
+ * @param pkcs8 PEM-encoded PKCS#8 string
+ * @param alg JSON Web Algorithm identifier to be used with the imported key. See
+ *   {@link https://github.com/panva/jose/issues/210 Algorithm Key Requirements}.
+ */
+export declare function importPKCS8(pkcs8: string, alg: string, options?: KeyImportOptions): Promise<types.CryptoKey>;
+/**
+ * Imports a JWK to a {@link !CryptoKey}. Either the JWK "alg" (Algorithm) Parameter, or the optional
+ * "alg" argument, must be present for asymmetric JSON Web Key imports.
+ *
+ * > [!NOTE]\
+ * > The JSON Web Key parameters "use", "key_ops", and "ext" are also used in the {@link !CryptoKey}
+ * > import process.
+ *
+ * > [!NOTE]\
+ * > Symmetric JSON Web Keys (i.e. `kty: "oct"`) yield back an {@link !Uint8Array} instead of a
+ * > {@link !CryptoKey}.
+ *
+ * This function is exported (as a named export) from the main `'jose'` module entry point as well
+ * as from its subpath export `'jose/key/import'`.
+ *
+ * @param jwk JSON Web Key.
+ * @param alg JSON Web Algorithm identifier to be used with the imported key. Default is the "alg"
+ *   property on the JWK. See
+ *   {@link https://github.com/panva/jose/issues/210 Algorithm Key Requirements}.
+ */
+export declare function importJWK(jwk: types.JWK, alg?: string, options?: KeyImportOptions): Promise<types.CryptoKey | Uint8Array>;