@openid4vc/oauth2 0.3.0-alpha-20250315153009 → 0.3.0-alpha-20250315153126
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +19 -1
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +22 -4
- package/dist/index.mjs.map +1 -1
- package/package.json +2 -2
package/dist/index.mjs
CHANGED
|
@@ -462,7 +462,7 @@ ${JSON.stringify(errorResponse, null, 2)}`,
|
|
|
462
462
|
};
|
|
463
463
|
|
|
464
464
|
// src/metadata/authorization-server/authorization-server-metadata.ts
|
|
465
|
-
import { joinUriParts } from "@openid4vc/utils";
|
|
465
|
+
import { URL, joinUriParts } from "@openid4vc/utils";
|
|
466
466
|
|
|
467
467
|
// src/metadata/fetch-well-known-metadata.ts
|
|
468
468
|
import { ContentType, createZodFetcher } from "@openid4vc/utils";
|
|
@@ -610,7 +610,12 @@ var wellKnownAuthorizationServerSuffix = ".well-known/oauth-authorization-server
|
|
|
610
610
|
var wellKnownOpenIdConfigurationServerSuffix = ".well-known/openid-configuration";
|
|
611
611
|
async function fetchAuthorizationServerMetadata(issuer, fetch) {
|
|
612
612
|
const openIdConfigurationWellKnownMetadataUrl = joinUriParts(issuer, [wellKnownOpenIdConfigurationServerSuffix]);
|
|
613
|
-
const
|
|
613
|
+
const parsedIssuerUrl = new URL(issuer);
|
|
614
|
+
const authorizationServerWellKnownMetadataUrl = joinUriParts(parsedIssuerUrl.origin, [
|
|
615
|
+
wellKnownAuthorizationServerSuffix,
|
|
616
|
+
parsedIssuerUrl.pathname
|
|
617
|
+
]);
|
|
618
|
+
const nonCompliantAuthorizationServerWellKnownMetadataUrl = joinUriParts(issuer, [wellKnownAuthorizationServerSuffix]);
|
|
614
619
|
const authorizationServerResult = await fetchWellKnownMetadata(
|
|
615
620
|
authorizationServerWellKnownMetadataUrl,
|
|
616
621
|
zAuthorizationServerMetadata,
|
|
@@ -624,6 +629,19 @@ async function fetchAuthorizationServerMetadata(issuer, fetch) {
|
|
|
624
629
|
}
|
|
625
630
|
return authorizationServerResult;
|
|
626
631
|
}
|
|
632
|
+
const alternativeAuthorizationServerResult = await fetchWellKnownMetadata(
|
|
633
|
+
nonCompliantAuthorizationServerWellKnownMetadataUrl,
|
|
634
|
+
zAuthorizationServerMetadata,
|
|
635
|
+
fetch
|
|
636
|
+
);
|
|
637
|
+
if (alternativeAuthorizationServerResult) {
|
|
638
|
+
if (alternativeAuthorizationServerResult.issuer !== issuer) {
|
|
639
|
+
throw new Oauth2Error(
|
|
640
|
+
`The 'issuer' parameter '${alternativeAuthorizationServerResult.issuer}' in the well known authorization server metadata at '${nonCompliantAuthorizationServerWellKnownMetadataUrl}' does not match the provided issuer '${issuer}'.`
|
|
641
|
+
);
|
|
642
|
+
}
|
|
643
|
+
return alternativeAuthorizationServerResult;
|
|
644
|
+
}
|
|
627
645
|
const openIdConfigurationResult = await fetchWellKnownMetadata(
|
|
628
646
|
openIdConfigurationWellKnownMetadataUrl,
|
|
629
647
|
zAuthorizationServerMetadata,
|
|
@@ -796,7 +814,7 @@ import { defaultFetcher } from "@openid4vc/utils";
|
|
|
796
814
|
|
|
797
815
|
// src/dpop/dpop.ts
|
|
798
816
|
import {
|
|
799
|
-
URL,
|
|
817
|
+
URL as URL2,
|
|
800
818
|
dateToSeconds as dateToSeconds2,
|
|
801
819
|
decodeUtf8String as decodeUtf8String2,
|
|
802
820
|
encodeToBase64Url as encodeToBase64Url2,
|
|
@@ -925,7 +943,7 @@ async function verifyDpopJwt(options) {
|
|
|
925
943
|
};
|
|
926
944
|
}
|
|
927
945
|
function htuFromRequestUrl(requestUrl) {
|
|
928
|
-
const htu = new
|
|
946
|
+
const htu = new URL2(requestUrl);
|
|
929
947
|
htu.search = "";
|
|
930
948
|
htu.hash = "";
|
|
931
949
|
return htu.toString();
|