@onelyid/common 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +54 -0
- package/dist/index.js +362 -0
- package/dist/index.js.map +1 -0
- package/package.json +58 -0
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
import { IncomingMessage } from 'node:http';
|
|
2
|
+
import { Request, Response, NextFunction } from 'express';
|
|
3
|
+
|
|
4
|
+
declare enum Environment {
|
|
5
|
+
Prod = "prod",
|
|
6
|
+
Uat = "uat"
|
|
7
|
+
}
|
|
8
|
+
|
|
9
|
+
declare function assertPath(path?: string): string;
|
|
10
|
+
declare function assertOrigin(origin?: string): string;
|
|
11
|
+
declare function assertRequestMode(mode?: string): Environment | undefined;
|
|
12
|
+
|
|
13
|
+
type BaseDomain = {
|
|
14
|
+
baseDomain: string,
|
|
15
|
+
isLocalhost?: boolean,
|
|
16
|
+
isVerified?: boolean,
|
|
17
|
+
}
|
|
18
|
+
|
|
19
|
+
type AuthOrigin = {
|
|
20
|
+
authOrigin: string,
|
|
21
|
+
isLocalhost?: boolean,
|
|
22
|
+
}
|
|
23
|
+
|
|
24
|
+
declare function getCustomHeaderNames(): {
|
|
25
|
+
readonly proxyOrigin: "X-Onelyid-Proxy-Origin";
|
|
26
|
+
readonly requestMode: "X-Onelyid-Request-Mode";
|
|
27
|
+
};
|
|
28
|
+
declare function getAuthClientMountPath(): string;
|
|
29
|
+
declare function getMainAuthDomainsList(): {
|
|
30
|
+
readonly prod: "atproto.id";
|
|
31
|
+
readonly uat: "atproto.is";
|
|
32
|
+
};
|
|
33
|
+
declare function getOrigin(req: IncomingMessage): string;
|
|
34
|
+
declare function getHost(req: IncomingMessage): string;
|
|
35
|
+
declare function getHostname(req: IncomingMessage): string;
|
|
36
|
+
declare function isLocalHostname(hostname: string): boolean;
|
|
37
|
+
declare function getMainAuthDomain(req: IncomingMessage): "atproto.id" | "atproto.is";
|
|
38
|
+
declare function getMainAuthDomainVariants(req: IncomingMessage): {
|
|
39
|
+
mainAuthDomain: "atproto.id" | "atproto.is";
|
|
40
|
+
isMainAuthDomain: boolean;
|
|
41
|
+
isMainAuthDomainVariant: boolean;
|
|
42
|
+
};
|
|
43
|
+
declare function getBaseDomain(req: IncomingMessage): BaseDomain | undefined;
|
|
44
|
+
declare function getAuthOrigin(req: Request): AuthOrigin | null;
|
|
45
|
+
|
|
46
|
+
declare function packState(obj: object): string;
|
|
47
|
+
declare function unpackState(state: string): any;
|
|
48
|
+
|
|
49
|
+
declare function sealState(obj: object, secretKeyHex32Bytes: string): string;
|
|
50
|
+
declare function openState(sealed: string, secretKeyHex32Bytes: string): any;
|
|
51
|
+
|
|
52
|
+
declare function authBodyParser(req: Request, res: Response, next: NextFunction): Promise<void>;
|
|
53
|
+
|
|
54
|
+
export { Environment, assertOrigin, assertPath, assertRequestMode, authBodyParser, getAuthClientMountPath, getAuthOrigin, getBaseDomain, getCustomHeaderNames, getHost, getHostname, getMainAuthDomain, getMainAuthDomainVariants, getMainAuthDomainsList, getOrigin, isLocalHostname, openState, packState, sealState, unpackState };
|
package/dist/index.js
ADDED
|
@@ -0,0 +1,362 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __create = Object.create;
|
|
3
|
+
var __defProp = Object.defineProperty;
|
|
4
|
+
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
5
|
+
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
6
|
+
var __getProtoOf = Object.getPrototypeOf;
|
|
7
|
+
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
8
|
+
var __export = (target, all) => {
|
|
9
|
+
for (var name in all)
|
|
10
|
+
__defProp(target, name, { get: all[name], enumerable: true });
|
|
11
|
+
};
|
|
12
|
+
var __copyProps = (to, from, except, desc) => {
|
|
13
|
+
if (from && typeof from === "object" || typeof from === "function") {
|
|
14
|
+
for (let key of __getOwnPropNames(from))
|
|
15
|
+
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
16
|
+
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
17
|
+
}
|
|
18
|
+
return to;
|
|
19
|
+
};
|
|
20
|
+
var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
|
|
21
|
+
// If the importer is in node compatibility mode or this is not an ESM
|
|
22
|
+
// file that has been converted to a CommonJS file using a Babel-
|
|
23
|
+
// compatible transform (i.e. "__esModule" has not been set), then set
|
|
24
|
+
// "default" to the CommonJS "module.exports" for node compatibility.
|
|
25
|
+
isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
|
|
26
|
+
mod
|
|
27
|
+
));
|
|
28
|
+
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
29
|
+
|
|
30
|
+
// src/index.ts
|
|
31
|
+
var index_exports = {};
|
|
32
|
+
__export(index_exports, {
|
|
33
|
+
Environment: () => Environment,
|
|
34
|
+
assertOrigin: () => assertOrigin,
|
|
35
|
+
assertPath: () => assertPath,
|
|
36
|
+
assertRequestMode: () => assertRequestMode,
|
|
37
|
+
authBodyParser: () => authBodyParser,
|
|
38
|
+
getAuthClientMountPath: () => getAuthClientMountPath,
|
|
39
|
+
getAuthOrigin: () => getAuthOrigin,
|
|
40
|
+
getBaseDomain: () => getBaseDomain,
|
|
41
|
+
getCustomHeaderNames: () => getCustomHeaderNames,
|
|
42
|
+
getHost: () => getHost,
|
|
43
|
+
getHostname: () => getHostname,
|
|
44
|
+
getMainAuthDomain: () => getMainAuthDomain,
|
|
45
|
+
getMainAuthDomainVariants: () => getMainAuthDomainVariants,
|
|
46
|
+
getMainAuthDomainsList: () => getMainAuthDomainsList,
|
|
47
|
+
getOrigin: () => getOrigin,
|
|
48
|
+
isLocalHostname: () => isLocalHostname,
|
|
49
|
+
openState: () => openState,
|
|
50
|
+
packState: () => packState,
|
|
51
|
+
sealState: () => sealState,
|
|
52
|
+
unpackState: () => unpackState
|
|
53
|
+
});
|
|
54
|
+
module.exports = __toCommonJS(index_exports);
|
|
55
|
+
|
|
56
|
+
// src/const-export.ts
|
|
57
|
+
var Environment = /* @__PURE__ */ ((Environment2) => {
|
|
58
|
+
Environment2["Prod"] = "prod";
|
|
59
|
+
Environment2["Uat"] = "uat";
|
|
60
|
+
return Environment2;
|
|
61
|
+
})(Environment || {});
|
|
62
|
+
|
|
63
|
+
// src/utils.ts
|
|
64
|
+
function assertPath(path) {
|
|
65
|
+
let newPath = path ?? "";
|
|
66
|
+
newPath = newPath.trim();
|
|
67
|
+
if (!newPath) return newPath;
|
|
68
|
+
if (!newPath.startsWith("/")) {
|
|
69
|
+
newPath = `/${newPath}`;
|
|
70
|
+
}
|
|
71
|
+
if (newPath.length > 1 && newPath.endsWith("/")) {
|
|
72
|
+
newPath = newPath.substring(0, newPath.length - 1);
|
|
73
|
+
}
|
|
74
|
+
return newPath;
|
|
75
|
+
}
|
|
76
|
+
function assertOrigin(origin) {
|
|
77
|
+
let newOrigin = origin ?? "";
|
|
78
|
+
newOrigin = newOrigin.trim();
|
|
79
|
+
if (!newOrigin) return newOrigin;
|
|
80
|
+
try {
|
|
81
|
+
const url = new URL(newOrigin);
|
|
82
|
+
const parsedOrigin = `${url.protocol}//${url.host}`;
|
|
83
|
+
if (origin === parsedOrigin) {
|
|
84
|
+
return parsedOrigin;
|
|
85
|
+
}
|
|
86
|
+
} catch (e) {
|
|
87
|
+
}
|
|
88
|
+
return "";
|
|
89
|
+
}
|
|
90
|
+
function assertRequestMode(mode) {
|
|
91
|
+
if (mode === "prod" /* Prod */) {
|
|
92
|
+
return "prod" /* Prod */;
|
|
93
|
+
} else if (mode === "uat" /* Uat */) {
|
|
94
|
+
return "uat" /* Uat */;
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
|
|
98
|
+
// src/host.ts
|
|
99
|
+
var import_node_net = __toESM(require("net"));
|
|
100
|
+
var import_psl = __toESM(require("psl"));
|
|
101
|
+
|
|
102
|
+
// src/const.ts
|
|
103
|
+
var AUTH_CLIENT_MOUNT_PATH = "/@onelyid/client";
|
|
104
|
+
var CUSTOM_HEADERS = {
|
|
105
|
+
proxyOrigin: "X-Onelyid-Proxy-Origin",
|
|
106
|
+
requestMode: "X-Onelyid-Request-Mode"
|
|
107
|
+
};
|
|
108
|
+
var MAIN_AUTH_DOMAINS = {
|
|
109
|
+
["prod" /* Prod */]: "atproto.id",
|
|
110
|
+
["uat" /* Uat */]: "atproto.is"
|
|
111
|
+
};
|
|
112
|
+
var VERIFIED_BASE_AUTH_DOMAINS = new Map(Object.entries({
|
|
113
|
+
"statusphere.dev": "auth.statusphere.dev"
|
|
114
|
+
// 'statusphere.social': 'auth.statusphere.social',
|
|
115
|
+
}));
|
|
116
|
+
for (const value of Object.values(MAIN_AUTH_DOMAINS)) {
|
|
117
|
+
VERIFIED_BASE_AUTH_DOMAINS.delete(value);
|
|
118
|
+
}
|
|
119
|
+
|
|
120
|
+
// src/host.ts
|
|
121
|
+
function getCustomHeaderNames() {
|
|
122
|
+
return CUSTOM_HEADERS;
|
|
123
|
+
}
|
|
124
|
+
function getAuthClientMountPath() {
|
|
125
|
+
return AUTH_CLIENT_MOUNT_PATH;
|
|
126
|
+
}
|
|
127
|
+
function getMainAuthDomainsList() {
|
|
128
|
+
return MAIN_AUTH_DOMAINS;
|
|
129
|
+
}
|
|
130
|
+
function getOrigin(req) {
|
|
131
|
+
const _req = req;
|
|
132
|
+
let proxyOrigin = _req.get(CUSTOM_HEADERS.proxyOrigin);
|
|
133
|
+
proxyOrigin = assertOrigin(proxyOrigin);
|
|
134
|
+
if (proxyOrigin) {
|
|
135
|
+
return proxyOrigin;
|
|
136
|
+
}
|
|
137
|
+
const host = _req.get("host");
|
|
138
|
+
const origin = `${_req.protocol}://${host}`;
|
|
139
|
+
return origin;
|
|
140
|
+
}
|
|
141
|
+
function getHost(req) {
|
|
142
|
+
return new URL(getOrigin(req)).host;
|
|
143
|
+
}
|
|
144
|
+
function getHostname(req) {
|
|
145
|
+
return new URL(getOrigin(req)).hostname;
|
|
146
|
+
}
|
|
147
|
+
function isLocalHostname(hostname) {
|
|
148
|
+
if (!hostname) return false;
|
|
149
|
+
const host = hostname.toLowerCase();
|
|
150
|
+
if (host === "localhost") return true;
|
|
151
|
+
if (host.endsWith(".localhost")) return true;
|
|
152
|
+
const ipType = import_node_net.default.isIP(host);
|
|
153
|
+
if (!ipType) return false;
|
|
154
|
+
if (ipType === 4) {
|
|
155
|
+
return host.startsWith("127.") || // loopback
|
|
156
|
+
host.startsWith("10.") || // private
|
|
157
|
+
host.startsWith("192.168.") || // private
|
|
158
|
+
/^172\.(1[6-9]|2\d|3[0-1])\./.test(host);
|
|
159
|
+
}
|
|
160
|
+
if (ipType === 6) {
|
|
161
|
+
return host === "::1" || // loopback
|
|
162
|
+
host.startsWith("fc") || // unique local
|
|
163
|
+
host.startsWith("fd");
|
|
164
|
+
}
|
|
165
|
+
return false;
|
|
166
|
+
}
|
|
167
|
+
function getMainAuthDomain(req) {
|
|
168
|
+
const _req = req;
|
|
169
|
+
const requestMode = _req.mode;
|
|
170
|
+
if (!requestMode) {
|
|
171
|
+
throw new Error(`Request mode not set! mode: ${requestMode}`);
|
|
172
|
+
}
|
|
173
|
+
const mainAuthDomains = getMainAuthDomainsList();
|
|
174
|
+
const mainAuthDomain = mainAuthDomains[requestMode];
|
|
175
|
+
if (!mainAuthDomain) {
|
|
176
|
+
throw new Error(`Unable to resolve mainAuthDomain! mode: ${requestMode}`);
|
|
177
|
+
}
|
|
178
|
+
return mainAuthDomain;
|
|
179
|
+
}
|
|
180
|
+
function getMainAuthDomainVariants(req) {
|
|
181
|
+
const hostname = getHostname(req);
|
|
182
|
+
const mainAuthDomain = getMainAuthDomain(req);
|
|
183
|
+
const isMainAuthDomain = hostname === mainAuthDomain;
|
|
184
|
+
return {
|
|
185
|
+
mainAuthDomain,
|
|
186
|
+
isMainAuthDomain,
|
|
187
|
+
isMainAuthDomainVariant: isMainAuthDomain || hostname.endsWith(`.${mainAuthDomain}`) || mainAuthDomain.endsWith(`.${hostname}`)
|
|
188
|
+
};
|
|
189
|
+
}
|
|
190
|
+
function getPslBaseAuthDomain(appDomain) {
|
|
191
|
+
if (!import_psl.default.isValid(appDomain)) {
|
|
192
|
+
return null;
|
|
193
|
+
}
|
|
194
|
+
const appDomainObj = import_psl.default.parse(appDomain);
|
|
195
|
+
const pslBaseDomain = appDomainObj.domain;
|
|
196
|
+
if (!pslBaseDomain) {
|
|
197
|
+
return null;
|
|
198
|
+
}
|
|
199
|
+
const authDomain = VERIFIED_BASE_AUTH_DOMAINS.get(pslBaseDomain);
|
|
200
|
+
if (!authDomain) {
|
|
201
|
+
return null;
|
|
202
|
+
}
|
|
203
|
+
const authDomainObj = import_psl.default.parse(authDomain);
|
|
204
|
+
if (!authDomainObj.subdomain || authDomainObj.subdomain.includes(".")) {
|
|
205
|
+
return null;
|
|
206
|
+
}
|
|
207
|
+
if (pslBaseDomain === authDomainObj.domain) {
|
|
208
|
+
return [pslBaseDomain, authDomain];
|
|
209
|
+
}
|
|
210
|
+
return null;
|
|
211
|
+
}
|
|
212
|
+
function getDomainConfig(req) {
|
|
213
|
+
const hostname = getHostname(req);
|
|
214
|
+
if (!hostname) {
|
|
215
|
+
return null;
|
|
216
|
+
}
|
|
217
|
+
if (isLocalHostname(hostname)) {
|
|
218
|
+
return { baseDomain: hostname, authOrigin: getOrigin(req), isLocalhost: true };
|
|
219
|
+
}
|
|
220
|
+
const { mainAuthDomain, isMainAuthDomain, isMainAuthDomainVariant } = getMainAuthDomainVariants(req);
|
|
221
|
+
if (isMainAuthDomainVariant) {
|
|
222
|
+
if (isMainAuthDomain) {
|
|
223
|
+
const authOrigin = null;
|
|
224
|
+
return { baseDomain: mainAuthDomain, authOrigin };
|
|
225
|
+
} else {
|
|
226
|
+
return null;
|
|
227
|
+
}
|
|
228
|
+
}
|
|
229
|
+
const baseAuthPair = getPslBaseAuthDomain(hostname);
|
|
230
|
+
if (baseAuthPair) {
|
|
231
|
+
const [pslBaseDomain, authDomain] = baseAuthPair;
|
|
232
|
+
return { baseDomain: pslBaseDomain, authOrigin: `https://${authDomain}`, isVerified: true };
|
|
233
|
+
}
|
|
234
|
+
return { baseDomain: hostname, authOrigin: `https://${hostname}`, isVerified: false };
|
|
235
|
+
}
|
|
236
|
+
function getBaseDomain(req) {
|
|
237
|
+
const domainConfig = getDomainConfig(req);
|
|
238
|
+
if (!domainConfig) return void 0;
|
|
239
|
+
const { baseDomain, isLocalhost, isVerified } = domainConfig;
|
|
240
|
+
return { baseDomain, isLocalhost, isVerified };
|
|
241
|
+
}
|
|
242
|
+
function getAuthOrigin(req) {
|
|
243
|
+
const domainConfig = getDomainConfig(req);
|
|
244
|
+
if (!domainConfig) return null;
|
|
245
|
+
const { authOrigin, isLocalhost } = domainConfig;
|
|
246
|
+
if (!authOrigin) return null;
|
|
247
|
+
return { authOrigin, isLocalhost };
|
|
248
|
+
}
|
|
249
|
+
|
|
250
|
+
// src/convert.ts
|
|
251
|
+
function toBase64Url(str) {
|
|
252
|
+
return Buffer.from(str).toString("base64url");
|
|
253
|
+
}
|
|
254
|
+
function fromBase64Url(b64url) {
|
|
255
|
+
return Buffer.from(b64url, "base64url").toString();
|
|
256
|
+
}
|
|
257
|
+
function packState(obj) {
|
|
258
|
+
return toBase64Url(JSON.stringify(obj));
|
|
259
|
+
}
|
|
260
|
+
function unpackState(state) {
|
|
261
|
+
return JSON.parse(fromBase64Url(state));
|
|
262
|
+
}
|
|
263
|
+
|
|
264
|
+
// src/crypto.ts
|
|
265
|
+
var import_node_crypto = __toESM(require("crypto"));
|
|
266
|
+
var ALGO = "aes-256-gcm";
|
|
267
|
+
var EXPIRY_DURATION_SEC = 20;
|
|
268
|
+
function sealState(obj, secretKeyHex32Bytes) {
|
|
269
|
+
if (!obj || !secretKeyHex32Bytes) {
|
|
270
|
+
const message = "[sealState] Invalid call!";
|
|
271
|
+
console.error(message, obj, !!secretKeyHex32Bytes);
|
|
272
|
+
throw new Error(message);
|
|
273
|
+
}
|
|
274
|
+
const secret = Buffer.from(secretKeyHex32Bytes, "hex");
|
|
275
|
+
if (secret.length !== 32) {
|
|
276
|
+
throw new Error(`[sealState] Invalid secret key length: ${secret.length}`);
|
|
277
|
+
}
|
|
278
|
+
const iv = import_node_crypto.default.randomBytes(12);
|
|
279
|
+
const cipher = import_node_crypto.default.createCipheriv(ALGO, secret, iv);
|
|
280
|
+
const expiry = Date.now() + EXPIRY_DURATION_SEC * 1e3;
|
|
281
|
+
const encryptedData = Buffer.concat([
|
|
282
|
+
cipher.update(JSON.stringify({ ...obj, expiry })),
|
|
283
|
+
cipher.final()
|
|
284
|
+
]);
|
|
285
|
+
const sealed = Buffer.concat([
|
|
286
|
+
iv,
|
|
287
|
+
cipher.getAuthTag(),
|
|
288
|
+
encryptedData
|
|
289
|
+
]);
|
|
290
|
+
return sealed.toString("base64url");
|
|
291
|
+
}
|
|
292
|
+
function openState(sealed, secretKeyHex32Bytes) {
|
|
293
|
+
if (!sealed || !secretKeyHex32Bytes) {
|
|
294
|
+
const message = "[openState] Invalid call!";
|
|
295
|
+
console.error(message, !!sealed, !!secretKeyHex32Bytes);
|
|
296
|
+
throw new Error(message);
|
|
297
|
+
}
|
|
298
|
+
const secret = Buffer.from(secretKeyHex32Bytes, "hex");
|
|
299
|
+
if (secret.length !== 32) {
|
|
300
|
+
throw new Error(`[openState] Invalid secret key length: ${secret.length}`);
|
|
301
|
+
}
|
|
302
|
+
const buf = Buffer.from(sealed, "base64url");
|
|
303
|
+
const iv = buf.subarray(0, 12);
|
|
304
|
+
const tag = buf.subarray(12, 28);
|
|
305
|
+
const encryptedData = buf.subarray(28);
|
|
306
|
+
const decipher = import_node_crypto.default.createDecipheriv(ALGO, secret, iv);
|
|
307
|
+
decipher.setAuthTag(tag);
|
|
308
|
+
const decrypted = Buffer.concat([
|
|
309
|
+
decipher.update(encryptedData),
|
|
310
|
+
decipher.final()
|
|
311
|
+
]);
|
|
312
|
+
const plaintext = decrypted.toString();
|
|
313
|
+
const obj = JSON.parse(plaintext);
|
|
314
|
+
const expiry = obj.expiry;
|
|
315
|
+
delete obj.expiry;
|
|
316
|
+
const expiresIn = expiry - Date.now();
|
|
317
|
+
if (expiresIn > 0) {
|
|
318
|
+
return obj;
|
|
319
|
+
}
|
|
320
|
+
return null;
|
|
321
|
+
}
|
|
322
|
+
|
|
323
|
+
// src/parser.ts
|
|
324
|
+
var import_express = __toESM(require("express"));
|
|
325
|
+
var jsonParser = import_express.default.json();
|
|
326
|
+
var urlencodedParser = import_express.default.urlencoded({ extended: true });
|
|
327
|
+
async function authBodyParser(req, res, next) {
|
|
328
|
+
if (req.body !== void 0 || req.readableEnded) {
|
|
329
|
+
return next();
|
|
330
|
+
}
|
|
331
|
+
if (req.is("application/json")) {
|
|
332
|
+
return jsonParser(req, res, next);
|
|
333
|
+
}
|
|
334
|
+
if (req.is("application/x-www-form-urlencoded")) {
|
|
335
|
+
return urlencodedParser(req, res, next);
|
|
336
|
+
}
|
|
337
|
+
next();
|
|
338
|
+
}
|
|
339
|
+
// Annotate the CommonJS export names for ESM import in node:
|
|
340
|
+
0 && (module.exports = {
|
|
341
|
+
Environment,
|
|
342
|
+
assertOrigin,
|
|
343
|
+
assertPath,
|
|
344
|
+
assertRequestMode,
|
|
345
|
+
authBodyParser,
|
|
346
|
+
getAuthClientMountPath,
|
|
347
|
+
getAuthOrigin,
|
|
348
|
+
getBaseDomain,
|
|
349
|
+
getCustomHeaderNames,
|
|
350
|
+
getHost,
|
|
351
|
+
getHostname,
|
|
352
|
+
getMainAuthDomain,
|
|
353
|
+
getMainAuthDomainVariants,
|
|
354
|
+
getMainAuthDomainsList,
|
|
355
|
+
getOrigin,
|
|
356
|
+
isLocalHostname,
|
|
357
|
+
openState,
|
|
358
|
+
packState,
|
|
359
|
+
sealState,
|
|
360
|
+
unpackState
|
|
361
|
+
});
|
|
362
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/index.ts","../src/const-export.ts","../src/utils.ts","../src/host.ts","../src/const.ts","../src/convert.ts","../src/crypto.ts","../src/parser.ts"],"sourcesContent":["export * from './const-export'\nexport * from './utils'\nexport * from './host'\nexport * from './convert'\nexport * from './crypto'\nexport * from './parser'\n","export enum Environment {\n Prod = 'prod',\n Uat = 'uat',\n}\n","import { Environment } from './const-export';\n\nexport function assertPath(path?: string) {\n let newPath = path ?? '';\n newPath = newPath.trim();\n if (!newPath) return newPath;\n\n if (!newPath.startsWith('/')) {\n newPath = `/${newPath}`\n }\n if (newPath.length > 1 && newPath.endsWith('/')) {\n newPath = newPath.substring(0, newPath.length-1)\n }\n return newPath;\n}\n\nexport function assertOrigin(origin?: string) {\n let newOrigin = origin ?? '';\n newOrigin = newOrigin.trim();\n if (!newOrigin) return newOrigin;\n\n try {\n const url = new URL(newOrigin)\n const parsedOrigin = `${url.protocol}//${url.host}`\n if (origin === parsedOrigin) {\n return parsedOrigin\n }\n } catch(e) {}\n\n return '';\n}\n\nexport function assertRequestMode(mode?: string): Environment | undefined {\n if (mode === Environment.Prod) {\n return Environment.Prod\n } else if (mode === Environment.Uat) {\n return Environment.Uat\n }\n}\n","import net from 'node:net'\nimport { IncomingMessage } from 'node:http'\nimport type { Request } from 'express'\nimport psl, { type ParsedDomain } from 'psl';\nimport { assertOrigin } from './utils'\nimport { Environment } from './const-export';\nimport { VERIFIED_BASE_AUTH_DOMAINS, AUTH_CLIENT_MOUNT_PATH, MAIN_AUTH_DOMAINS, CUSTOM_HEADERS } from './const'\nimport type { AuthOrigin, BaseDomain, DomainConfig } from './types';\n\nexport function getCustomHeaderNames() {\n return CUSTOM_HEADERS\n}\n\nexport function getAuthClientMountPath() {\n return AUTH_CLIENT_MOUNT_PATH\n}\n\nexport function getMainAuthDomainsList() {\n return MAIN_AUTH_DOMAINS\n}\n\nexport function getOrigin(req: IncomingMessage) {\n const _req = req as Request;\n\n let proxyOrigin = _req.get(CUSTOM_HEADERS.proxyOrigin)\n proxyOrigin = assertOrigin(proxyOrigin)\n if (proxyOrigin) {\n return proxyOrigin\n }\n\n // const host = req.get('X-Forwarded-Host') || req.get('host')\n const host = _req.get('host')\n const origin = `${_req.protocol}://${host}`\n return origin\n}\n\nexport function getHost(req: IncomingMessage) {\n return new URL(getOrigin(req)).host\n}\n\nexport function getHostname(req: IncomingMessage) {\n return new URL(getOrigin(req)).hostname\n}\n\nexport function isLocalHostname(hostname: string): boolean {\n if (!hostname) return false\n\n // Normalize\n const host = hostname.toLowerCase()\n\n // Obvious local hostnames\n if (host === \"localhost\") return true\n if (host.endsWith(\".localhost\")) return true\n\n // Check if it's an IP address\n const ipType = net.isIP(host)\n if (!ipType) return false\n\n // IPv4\n if (ipType === 4) {\n return (\n host.startsWith(\"127.\") || // loopback\n host.startsWith(\"10.\") || // private\n host.startsWith(\"192.168.\") || // private\n /^172\\.(1[6-9]|2\\d|3[0-1])\\./.test(host) // private\n )\n }\n\n // IPv6\n if (ipType === 6) {\n return (\n host === \"::1\" || // loopback\n host.startsWith(\"fc\") || // unique local\n host.startsWith(\"fd\")\n )\n }\n\n return false\n}\n\nexport function getMainAuthDomain(req: IncomingMessage) {\n const _req = req as Request;\n\n const requestMode = (_req as any).mode as Environment\n if (!requestMode) {\n throw new Error(`Request mode not set! mode: ${requestMode}`)\n }\n \n const mainAuthDomains = getMainAuthDomainsList()\n const mainAuthDomain = mainAuthDomains[requestMode]\n if (!mainAuthDomain) {\n throw new Error(`Unable to resolve mainAuthDomain! mode: ${requestMode}`)\n }\n\n return mainAuthDomain\n}\n\nexport function getMainAuthDomainVariants(req: IncomingMessage) {\n const hostname = getHostname(req)\n const mainAuthDomain = getMainAuthDomain(req)\n const isMainAuthDomain = hostname === mainAuthDomain\n return {\n mainAuthDomain,\n isMainAuthDomain,\n isMainAuthDomainVariant: isMainAuthDomain || hostname.endsWith(`.${mainAuthDomain}`) || mainAuthDomain.endsWith(`.${hostname}`),\n }\n}\n\nfunction getPslBaseAuthDomain(appDomain: string): [string, string] | null {\n if (!psl.isValid(appDomain)) { return null; }\n\n const appDomainObj = psl.parse(appDomain) as ParsedDomain\n const pslBaseDomain = appDomainObj.domain\n if (!pslBaseDomain) { return null; }\n\n const authDomain = VERIFIED_BASE_AUTH_DOMAINS.get(pslBaseDomain)\n if (!authDomain) { return null; }\n\n const authDomainObj = psl.parse(authDomain) as ParsedDomain\n if (!authDomainObj.subdomain || authDomainObj.subdomain.includes('.')) {\n return null\n }\n\n if (pslBaseDomain === authDomainObj.domain) {\n return [pslBaseDomain, authDomain]\n }\n return null\n}\n\nfunction getDomainConfig(req: IncomingMessage): DomainConfig | null {\n const hostname = getHostname(req)\n if (!hostname) { return null; }\n\n if (isLocalHostname(hostname)) {\n return { baseDomain: hostname, authOrigin: getOrigin(req), isLocalhost: true }\n }\n\n const { mainAuthDomain, isMainAuthDomain, isMainAuthDomainVariant } = getMainAuthDomainVariants(req)\n if (isMainAuthDomainVariant) {\n if (isMainAuthDomain) {\n // const authOrigin = `https://${mainAuthDomain}`\n const authOrigin = null; // NOTE: Currently, no need to return auth origin for `mainAuthDomain`\n return { baseDomain: mainAuthDomain, authOrigin };\n } else {\n return null;\n }\n }\n\n const baseAuthPair = getPslBaseAuthDomain(hostname)\n if (baseAuthPair) {\n const [pslBaseDomain, authDomain] = baseAuthPair\n return { baseDomain: pslBaseDomain, authOrigin: `https://${authDomain}`, isVerified: true }\n }\n\n return { baseDomain: hostname, authOrigin: `https://${hostname}`, isVerified: false }\n}\n\nexport function getBaseDomain(req: IncomingMessage): BaseDomain | undefined {\n const domainConfig = getDomainConfig(req)\n if (!domainConfig) return undefined\n\n const { baseDomain, isLocalhost, isVerified } = domainConfig\n return { baseDomain, isLocalhost, isVerified }\n}\n\nexport function getAuthOrigin(req: Request): AuthOrigin | null {\n const domainConfig = getDomainConfig(req)\n if (!domainConfig) return null\n\n const { authOrigin, isLocalhost } = domainConfig\n if (!authOrigin) return null\n\n return { authOrigin, isLocalhost }\n}\n","import { Environment } from './const-export';\n\nexport const AUTH_CLIENT_MOUNT_PATH = '/@onelyid/client'\n\nexport const CUSTOM_HEADERS = {\n proxyOrigin: 'X-Onelyid-Proxy-Origin',\n requestMode: 'X-Onelyid-Request-Mode',\n} as const\n\nexport const MAIN_AUTH_DOMAINS = {\n [Environment.Prod]: 'atproto.id',\n [Environment.Uat]: 'atproto.is',\n} as const\n\nexport const VERIFIED_BASE_AUTH_DOMAINS = new Map<string, string>(Object.entries({\n 'statusphere.dev': 'auth.statusphere.dev',\n // 'statusphere.social': 'auth.statusphere.social',\n}));\nfor (const value of Object.values(MAIN_AUTH_DOMAINS)) {\n VERIFIED_BASE_AUTH_DOMAINS.delete(value)\n}\n","function toBase64Url(str: string) {\n return Buffer.from(str).toString('base64url');\n\n // return Buffer.from(str)\n // .toString('base64')\n // .replace(/\\+/g, '-')\n // .replace(/\\//g, '_')\n // .replace(/=+$/, '');\n}\n\nfunction fromBase64Url(b64url: string) {\n return Buffer.from(b64url, 'base64url').toString();\n\n // b64url = b64url.replace(/-/g, '+').replace(/_/g, '/');\n // while (b64url.length % 4) b64url += '=';\n // return Buffer.from(b64url, 'base64').toString();\n}\n\nexport function packState(obj: object) {\n return toBase64Url(JSON.stringify(obj))\n}\n\nexport function unpackState(state: string) {\n return JSON.parse(fromBase64Url(state))\n}\n","import crypto from 'node:crypto';\n\nconst ALGO = 'aes-256-gcm'\nconst EXPIRY_DURATION_SEC = 20\n\n// secret key must be exactly 32 bytes (256 bits)\n// `openssl rand -hex 32`\nexport function sealState(obj: object, secretKeyHex32Bytes: string) {\n if (!obj || !secretKeyHex32Bytes) {\n const message = '[sealState] Invalid call!'\n console.error(message, obj, !!secretKeyHex32Bytes);\n throw new Error(message)\n }\n\n const secret = Buffer.from(secretKeyHex32Bytes, 'hex');\n if (secret.length !== 32) {\n throw new Error(`[sealState] Invalid secret key length: ${secret.length}`)\n }\n\n const iv = crypto.randomBytes(12);\n const cipher = crypto.createCipheriv(ALGO, secret, iv);\n\n const expiry = Date.now() + EXPIRY_DURATION_SEC * 1000;\n const encryptedData = Buffer.concat([\n cipher.update(JSON.stringify({ ...obj, expiry })),\n cipher.final()\n ]);\n\n const sealed = Buffer.concat([\n iv,\n cipher.getAuthTag(),\n encryptedData\n ]);\n\n return sealed.toString('base64url');\n}\n\n// secret key must be exactly 32 bytes (256 bits)\n// `openssl rand -hex 32`\nexport function openState(sealed: string, secretKeyHex32Bytes: string) {\n if (!sealed || !secretKeyHex32Bytes) {\n const message = '[openState] Invalid call!'\n console.error(message, !!sealed, !!secretKeyHex32Bytes);\n throw new Error(message)\n }\n\n const secret = Buffer.from(secretKeyHex32Bytes, 'hex');\n if (secret.length !== 32) {\n throw new Error(`[openState] Invalid secret key length: ${secret.length}`)\n }\n\n const buf = Buffer.from(sealed, 'base64url');\n\n const iv = buf.subarray(0, 12);\n const tag = buf.subarray(12, 28);\n const encryptedData = buf.subarray(28);\n\n const decipher = crypto.createDecipheriv(ALGO, secret, iv);\n decipher.setAuthTag(tag);\n\n const decrypted = Buffer.concat([\n decipher.update(encryptedData),\n decipher.final()\n ]);\n const plaintext = decrypted.toString();\n\n const obj = JSON.parse(plaintext);\n const expiry = obj.expiry;\n delete obj.expiry;\n\n const expiresIn = expiry - Date.now()\n if (expiresIn > 0) {\n return obj;\n }\n return null;\n}\n","import express from 'express'\nimport type { Request, Response, NextFunction } from 'express'\n\nconst jsonParser = express.json();\nconst urlencodedParser = express.urlencoded({ extended: true });\n\nexport async function authBodyParser(req: Request, res: Response, next: NextFunction) {\n if (req.body !== undefined || req.readableEnded) {\n return next();\n }\n\n if (req.is('application/json')) {\n return jsonParser(req, res, next);\n }\n\n if (req.is('application/x-www-form-urlencoded')) {\n return urlencodedParser(req, res, next);\n }\n\n next();\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAO,IAAK,cAAL,kBAAKA,iBAAL;AACL,EAAAA,aAAA,UAAO;AACP,EAAAA,aAAA,SAAM;AAFI,SAAAA;AAAA,GAAA;;;ACEL,SAAS,WAAW,MAAe;AACxC,MAAI,UAAU,QAAQ;AACtB,YAAU,QAAQ,KAAK;AACvB,MAAI,CAAC,QAAS,QAAO;AAErB,MAAI,CAAC,QAAQ,WAAW,GAAG,GAAG;AAC5B,cAAU,IAAI,OAAO;AAAA,EACvB;AACA,MAAI,QAAQ,SAAS,KAAK,QAAQ,SAAS,GAAG,GAAG;AAC/C,cAAU,QAAQ,UAAU,GAAG,QAAQ,SAAO,CAAC;AAAA,EACjD;AACA,SAAO;AACT;AAEO,SAAS,aAAa,QAAiB;AAC5C,MAAI,YAAY,UAAU;AAC1B,cAAY,UAAU,KAAK;AAC3B,MAAI,CAAC,UAAW,QAAO;AAEvB,MAAI;AACF,UAAM,MAAM,IAAI,IAAI,SAAS;AAC7B,UAAM,eAAe,GAAG,IAAI,QAAQ,KAAK,IAAI,IAAI;AACjD,QAAI,WAAW,cAAc;AAC3B,aAAO;AAAA,IACT;AAAA,EACF,SAAQ,GAAG;AAAA,EAAC;AAEZ,SAAO;AACT;AAEO,SAAS,kBAAkB,MAAwC;AACxE,MAAI,4BAA2B;AAC7B;AAAA,EACF,WAAW,0BAA0B;AACnC;AAAA,EACF;AACF;;;ACtCA,sBAAgB;AAGhB,iBAAuC;;;ACDhC,IAAM,yBAAyB;AAE/B,IAAM,iBAAiB;AAAA,EAC5B,aAAa;AAAA,EACb,aAAa;AACf;AAEO,IAAM,oBAAoB;AAAA,EAC/B,kBAAiB,GAAG;AAAA,EACpB,gBAAgB,GAAG;AACrB;AAEO,IAAM,6BAA6B,IAAI,IAAoB,OAAO,QAAQ;AAAA,EAC/E,mBAAmB;AAAA;AAErB,CAAC,CAAC;AACF,WAAW,SAAS,OAAO,OAAO,iBAAiB,GAAG;AACpD,6BAA2B,OAAO,KAAK;AACzC;;;ADXO,SAAS,uBAAuB;AACrC,SAAO;AACT;AAEO,SAAS,yBAAyB;AACvC,SAAO;AACT;AAEO,SAAS,yBAAyB;AACvC,SAAO;AACT;AAEO,SAAS,UAAU,KAAsB;AAC9C,QAAM,OAAO;AAEb,MAAI,cAAc,KAAK,IAAI,eAAe,WAAW;AACrD,gBAAc,aAAa,WAAW;AACtC,MAAI,aAAa;AACf,WAAO;AAAA,EACT;AAGA,QAAM,OAAO,KAAK,IAAI,MAAM;AAC5B,QAAM,SAAS,GAAG,KAAK,QAAQ,MAAM,IAAI;AACzC,SAAO;AACT;AAEO,SAAS,QAAQ,KAAsB;AAC5C,SAAO,IAAI,IAAI,UAAU,GAAG,CAAC,EAAE;AACjC;AAEO,SAAS,YAAY,KAAsB;AAChD,SAAO,IAAI,IAAI,UAAU,GAAG,CAAC,EAAE;AACjC;AAEO,SAAS,gBAAgB,UAA2B;AACzD,MAAI,CAAC,SAAU,QAAO;AAGtB,QAAM,OAAO,SAAS,YAAY;AAGlC,MAAI,SAAS,YAAa,QAAO;AACjC,MAAI,KAAK,SAAS,YAAY,EAAG,QAAO;AAGxC,QAAM,SAAS,gBAAAC,QAAI,KAAK,IAAI;AAC5B,MAAI,CAAC,OAAQ,QAAO;AAGpB,MAAI,WAAW,GAAG;AAChB,WACE,KAAK,WAAW,MAAM;AAAA,IACtB,KAAK,WAAW,KAAK;AAAA,IACrB,KAAK,WAAW,UAAU;AAAA,IAC1B,8BAA8B,KAAK,IAAI;AAAA,EAE3C;AAGA,MAAI,WAAW,GAAG;AAChB,WACE,SAAS;AAAA,IACT,KAAK,WAAW,IAAI;AAAA,IACpB,KAAK,WAAW,IAAI;AAAA,EAExB;AAEA,SAAO;AACT;AAEO,SAAS,kBAAkB,KAAsB;AACtD,QAAM,OAAO;AAEb,QAAM,cAAe,KAAa;AAClC,MAAI,CAAC,aAAa;AAChB,UAAM,IAAI,MAAM,+BAA+B,WAAW,EAAE;AAAA,EAC9D;AAEA,QAAM,kBAAkB,uBAAuB;AAC/C,QAAM,iBAAiB,gBAAgB,WAAW;AAClD,MAAI,CAAC,gBAAgB;AACnB,UAAM,IAAI,MAAM,2CAA2C,WAAW,EAAE;AAAA,EAC1E;AAEA,SAAO;AACT;AAEO,SAAS,0BAA0B,KAAsB;AAC9D,QAAM,WAAW,YAAY,GAAG;AAChC,QAAM,iBAAiB,kBAAkB,GAAG;AAC5C,QAAM,mBAAmB,aAAa;AACtC,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA,yBAAyB,oBAAoB,SAAS,SAAS,IAAI,cAAc,EAAE,KAAK,eAAe,SAAS,IAAI,QAAQ,EAAE;AAAA,EAChI;AACF;AAEA,SAAS,qBAAqB,WAA4C;AACxE,MAAI,CAAC,WAAAC,QAAI,QAAQ,SAAS,GAAG;AAAE,WAAO;AAAA,EAAM;AAE5C,QAAM,eAAe,WAAAA,QAAI,MAAM,SAAS;AACxC,QAAM,gBAAgB,aAAa;AACnC,MAAI,CAAC,eAAe;AAAE,WAAO;AAAA,EAAM;AAEnC,QAAM,aAAa,2BAA2B,IAAI,aAAa;AAC/D,MAAI,CAAC,YAAY;AAAE,WAAO;AAAA,EAAM;AAEhC,QAAM,gBAAgB,WAAAA,QAAI,MAAM,UAAU;AAC1C,MAAI,CAAC,cAAc,aAAa,cAAc,UAAU,SAAS,GAAG,GAAG;AACrE,WAAO;AAAA,EACT;AAEA,MAAI,kBAAkB,cAAc,QAAQ;AAC1C,WAAO,CAAC,eAAe,UAAU;AAAA,EACnC;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,KAA2C;AAClE,QAAM,WAAW,YAAY,GAAG;AAChC,MAAI,CAAC,UAAU;AAAE,WAAO;AAAA,EAAM;AAE9B,MAAI,gBAAgB,QAAQ,GAAG;AAC7B,WAAO,EAAE,YAAY,UAAU,YAAY,UAAU,GAAG,GAAG,aAAa,KAAK;AAAA,EAC/E;AAEA,QAAM,EAAE,gBAAgB,kBAAkB,wBAAwB,IAAI,0BAA0B,GAAG;AACnG,MAAI,yBAAyB;AAC3B,QAAI,kBAAkB;AAEpB,YAAM,aAAa;AACnB,aAAO,EAAE,YAAY,gBAAgB,WAAW;AAAA,IAClD,OAAO;AACL,aAAO;AAAA,IACT;AAAA,EACF;AAEA,QAAM,eAAe,qBAAqB,QAAQ;AAClD,MAAI,cAAc;AAChB,UAAM,CAAC,eAAe,UAAU,IAAI;AACpC,WAAO,EAAE,YAAY,eAAe,YAAY,WAAW,UAAU,IAAI,YAAY,KAAK;AAAA,EAC5F;AAEA,SAAO,EAAE,YAAY,UAAU,YAAY,WAAW,QAAQ,IAAI,YAAY,MAAM;AACtF;AAEO,SAAS,cAAc,KAA8C;AAC1E,QAAM,eAAe,gBAAgB,GAAG;AACxC,MAAI,CAAC,aAAc,QAAO;AAE1B,QAAM,EAAE,YAAY,aAAa,WAAW,IAAI;AAChD,SAAO,EAAE,YAAY,aAAa,WAAW;AAC/C;AAEO,SAAS,cAAc,KAAiC;AAC7D,QAAM,eAAe,gBAAgB,GAAG;AACxC,MAAI,CAAC,aAAc,QAAO;AAE1B,QAAM,EAAE,YAAY,YAAY,IAAI;AACpC,MAAI,CAAC,WAAY,QAAO;AAExB,SAAO,EAAE,YAAY,YAAY;AACnC;;;AE7KA,SAAS,YAAY,KAAa;AAChC,SAAO,OAAO,KAAK,GAAG,EAAE,SAAS,WAAW;AAO9C;AAEA,SAAS,cAAc,QAAgB;AACrC,SAAO,OAAO,KAAK,QAAQ,WAAW,EAAE,SAAS;AAKnD;AAEO,SAAS,UAAU,KAAa;AACrC,SAAO,YAAY,KAAK,UAAU,GAAG,CAAC;AACxC;AAEO,SAAS,YAAY,OAAe;AACzC,SAAO,KAAK,MAAM,cAAc,KAAK,CAAC;AACxC;;;ACxBA,yBAAmB;AAEnB,IAAM,OAAO;AACb,IAAM,sBAAsB;AAIrB,SAAS,UAAU,KAAa,qBAA6B;AAClE,MAAI,CAAC,OAAO,CAAC,qBAAqB;AAChC,UAAM,UAAU;AAChB,YAAQ,MAAM,SAAS,KAAK,CAAC,CAAC,mBAAmB;AACjD,UAAM,IAAI,MAAM,OAAO;AAAA,EACzB;AAEA,QAAM,SAAS,OAAO,KAAK,qBAAqB,KAAK;AACrD,MAAI,OAAO,WAAW,IAAI;AACxB,UAAM,IAAI,MAAM,0CAA0C,OAAO,MAAM,EAAE;AAAA,EAC3E;AAEA,QAAM,KAAK,mBAAAC,QAAO,YAAY,EAAE;AAChC,QAAM,SAAS,mBAAAA,QAAO,eAAe,MAAM,QAAQ,EAAE;AAErD,QAAM,SAAS,KAAK,IAAI,IAAI,sBAAsB;AAClD,QAAM,gBAAgB,OAAO,OAAO;AAAA,IAClC,OAAO,OAAO,KAAK,UAAU,EAAE,GAAG,KAAK,OAAO,CAAC,CAAC;AAAA,IAChD,OAAO,MAAM;AAAA,EACf,CAAC;AAED,QAAM,SAAS,OAAO,OAAO;AAAA,IAC3B;AAAA,IACA,OAAO,WAAW;AAAA,IAClB;AAAA,EACF,CAAC;AAED,SAAO,OAAO,SAAS,WAAW;AACpC;AAIO,SAAS,UAAU,QAAgB,qBAA6B;AACrE,MAAI,CAAC,UAAU,CAAC,qBAAqB;AACnC,UAAM,UAAU;AAChB,YAAQ,MAAM,SAAS,CAAC,CAAC,QAAQ,CAAC,CAAC,mBAAmB;AACtD,UAAM,IAAI,MAAM,OAAO;AAAA,EACzB;AAEA,QAAM,SAAS,OAAO,KAAK,qBAAqB,KAAK;AACrD,MAAI,OAAO,WAAW,IAAI;AACxB,UAAM,IAAI,MAAM,0CAA0C,OAAO,MAAM,EAAE;AAAA,EAC3E;AAEA,QAAM,MAAM,OAAO,KAAK,QAAQ,WAAW;AAE3C,QAAM,KAAK,IAAI,SAAS,GAAG,EAAE;AAC7B,QAAM,MAAM,IAAI,SAAS,IAAI,EAAE;AAC/B,QAAM,gBAAgB,IAAI,SAAS,EAAE;AAErC,QAAM,WAAW,mBAAAA,QAAO,iBAAiB,MAAM,QAAQ,EAAE;AACzD,WAAS,WAAW,GAAG;AAEvB,QAAM,YAAY,OAAO,OAAO;AAAA,IAC9B,SAAS,OAAO,aAAa;AAAA,IAC7B,SAAS,MAAM;AAAA,EACjB,CAAC;AACD,QAAM,YAAY,UAAU,SAAS;AAErC,QAAM,MAAM,KAAK,MAAM,SAAS;AAChC,QAAM,SAAS,IAAI;AACnB,SAAO,IAAI;AAEX,QAAM,YAAY,SAAS,KAAK,IAAI;AACpC,MAAI,YAAY,GAAG;AACjB,WAAO;AAAA,EACT;AACA,SAAO;AACT;;;AC3EA,qBAAoB;AAGpB,IAAM,aAAa,eAAAC,QAAQ,KAAK;AAChC,IAAM,mBAAmB,eAAAA,QAAQ,WAAW,EAAE,UAAU,KAAK,CAAC;AAE9D,eAAsB,eAAe,KAAc,KAAe,MAAoB;AACpF,MAAI,IAAI,SAAS,UAAa,IAAI,eAAe;AAC/C,WAAO,KAAK;AAAA,EACd;AAEA,MAAI,IAAI,GAAG,kBAAkB,GAAG;AAC9B,WAAO,WAAW,KAAK,KAAK,IAAI;AAAA,EAClC;AAEA,MAAI,IAAI,GAAG,mCAAmC,GAAG;AAC/C,WAAO,iBAAiB,KAAK,KAAK,IAAI;AAAA,EACxC;AAEA,OAAK;AACP;","names":["Environment","net","psl","crypto","express"]}
|
package/package.json
ADDED
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@onelyid/common",
|
|
3
|
+
"version": "0.1.0",
|
|
4
|
+
"description": "ATProto OAuth provider",
|
|
5
|
+
"author": "abraj",
|
|
6
|
+
"license": "MIT",
|
|
7
|
+
"publishConfig": {
|
|
8
|
+
"access": "public"
|
|
9
|
+
},
|
|
10
|
+
"main": "dist/index.js",
|
|
11
|
+
"types": "dist/index.d.ts",
|
|
12
|
+
"type": "commonjs",
|
|
13
|
+
"files": [
|
|
14
|
+
"dist"
|
|
15
|
+
],
|
|
16
|
+
"repository": {
|
|
17
|
+
"type": "git",
|
|
18
|
+
"url": "git+https://github.com/baadal/onelyid.git"
|
|
19
|
+
},
|
|
20
|
+
"keywords": [
|
|
21
|
+
"onelyid",
|
|
22
|
+
"atproto",
|
|
23
|
+
"login",
|
|
24
|
+
"auth",
|
|
25
|
+
"authentication",
|
|
26
|
+
"express",
|
|
27
|
+
"bluesky",
|
|
28
|
+
"oauth",
|
|
29
|
+
"oauth2",
|
|
30
|
+
"server",
|
|
31
|
+
"node",
|
|
32
|
+
"backend"
|
|
33
|
+
],
|
|
34
|
+
"dependencies": {
|
|
35
|
+
"psl": "^1.15.0"
|
|
36
|
+
},
|
|
37
|
+
"peerDependencies": {
|
|
38
|
+
"express": "^4.17.2"
|
|
39
|
+
},
|
|
40
|
+
"devDependencies": {
|
|
41
|
+
"@types/express": "^4.17.13",
|
|
42
|
+
"express": "^4.17.2"
|
|
43
|
+
},
|
|
44
|
+
"tsup": {
|
|
45
|
+
"entry": [
|
|
46
|
+
"src/index.ts"
|
|
47
|
+
],
|
|
48
|
+
"splitting": false,
|
|
49
|
+
"sourcemap": true,
|
|
50
|
+
"clean": true
|
|
51
|
+
},
|
|
52
|
+
"scripts": {
|
|
53
|
+
"tsc": "tsc -b",
|
|
54
|
+
"build": "tsup --dts",
|
|
55
|
+
"build:server": "tsup",
|
|
56
|
+
"clean": "rm -rf node_modules dist tsconfig.tsbuildinfo"
|
|
57
|
+
}
|
|
58
|
+
}
|