npm - @openid4vc/oauth2 - Versions diffs - 0.3.0-alpha-20250321213505 → 0.3.0-alpha-20250322133827 - Mend

@openid4vc/oauth2 0.3.0-alpha-20250321213505 → 0.3.0-alpha-20250322133827

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.mts CHANGED Viewed

@@ -6388,17 +6388,15 @@ declare function getAuthorizationServerMetadataFromList(authorizationServersMeta
 }, z.ZodTypeAny, "passthrough">;
 /**
- * Fetch JWKs from jwks_uri in authorization server metadata
+ * Fetch JWKs from a provided JWKs URI.
  *
- * Returns null if 404 is returned
  * Returns validated metadata if successfull response
  * Throws error otherwise
  *
  * @throws {ValidationError} if successfull response but validation of response failed
  * @throws {InvalidFetchResponseError} if unsuccesful response
- * @throws {Oauth2Error} if authorization server does not have a jwks_uri
  */
-declare function fetchJwks(authorizationServer: AuthorizationServerMetadata, fetch?: Fetch): Promise<JwkSet>;
+declare function fetchJwks(jwksUrl: string, fetch?: Fetch): Promise<JwkSet>;
 /**
  * Fetch well known metadata and validate the response.

package/dist/index.d.ts CHANGED Viewed

@@ -6388,17 +6388,15 @@ declare function getAuthorizationServerMetadataFromList(authorizationServersMeta
 }, z.ZodTypeAny, "passthrough">;
 /**
- * Fetch JWKs from jwks_uri in authorization server metadata
+ * Fetch JWKs from a provided JWKs URI.
  *
- * Returns null if 404 is returned
  * Returns validated metadata if successfull response
  * Throws error otherwise
  *
  * @throws {ValidationError} if successfull response but validation of response failed
  * @throws {InvalidFetchResponseError} if unsuccesful response
- * @throws {Oauth2Error} if authorization server does not have a jwks_uri
  */
-declare function fetchJwks(authorizationServer: AuthorizationServerMetadata, fetch?: Fetch): Promise<JwkSet>;
+declare function fetchJwks(jwksUrl: string, fetch?: Fetch): Promise<JwkSet>;
 /**
  * Fetch well known metadata and validate the response.

package/dist/index.js CHANGED Viewed

@@ -744,14 +744,8 @@ function getAuthorizationServerMetadataFromList(authorizationServersMetadata, is
 // src/metadata/fetch-jwks-uri.ts
 var import_utils10 = require("@openid4vc/utils");
 var import_utils11 = require("@openid4vc/utils");
-async function fetchJwks(authorizationServer, fetch) {
+async function fetchJwks(jwksUrl, fetch) {
   const fetcher = (0, import_utils10.createZodFetcher)(fetch);
-  const jwksUrl = authorizationServer.jwks_uri;
-  if (!jwksUrl) {
-    throw new Oauth2Error(
-      `Authorization server '${authorizationServer.issuer}' does not have a 'jwks_uri' parameter to fetch JWKs.`
-    );
-  }
   const { result, response } = await fetcher(zJwkSet, import_utils10.ContentType.JwkSet, jwksUrl);
   if (!response.ok) {
     throw new import_utils11.InvalidFetchResponseError(
@@ -858,7 +852,13 @@ async function verifyJwtProfileAccessToken(options) {
       `Access token jwt contains unrecognized authorization server 'iss' value of '${decodedJwt.payload.iss}'`
     );
   }
-  const jwks = await fetchJwks(authorizationServer, options.callbacks.fetch);
+  const jwksUrl = authorizationServer.jwks_uri;
+  if (!jwksUrl) {
+    throw new Oauth2Error(
+      `Authorization server '${authorizationServer.issuer}' does not have a 'jwks_uri' parameter to fetch JWKs.`
+    );
+  }
+  const jwks = await fetchJwks(jwksUrl, options.callbacks.fetch);
   const publicJwk = extractJwkFromJwksForJwt({
     kid: decodedJwt.header.kid,
     jwks,