@openid4vc/oauth2 0.3.0-alpha-20251029103950 → 0.3.0-alpha-20251030142433
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.mts +275 -2
- package/dist/index.d.ts +275 -2
- package/dist/index.js +90 -0
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +87 -1
- package/dist/index.mjs.map +1 -1
- package/package.json +2 -2
package/dist/index.d.mts
CHANGED
|
@@ -262,6 +262,7 @@ declare const zJwtPayload: z$1.ZodObject<{
|
|
|
262
262
|
nbf: z$1.ZodOptional<z$1.ZodNumber>;
|
|
263
263
|
nonce: z$1.ZodOptional<z$1.ZodString>;
|
|
264
264
|
jti: z$1.ZodOptional<z$1.ZodString>;
|
|
265
|
+
sub: z$1.ZodOptional<z$1.ZodString>;
|
|
265
266
|
cnf: z$1.ZodOptional<z$1.ZodObject<{
|
|
266
267
|
jwk: z$1.ZodOptional<z$1.ZodObject<{
|
|
267
268
|
kty: z$1.ZodString;
|
|
@@ -753,6 +754,7 @@ declare const zClientAttestationPopJwtPayload: z$1.ZodObject<{
|
|
|
753
754
|
nonce: z$1.ZodOptional<z$1.ZodString>;
|
|
754
755
|
iat: z$1.ZodOptional<z$1.ZodNumber>;
|
|
755
756
|
nbf: z$1.ZodOptional<z$1.ZodNumber>;
|
|
757
|
+
sub: z$1.ZodOptional<z$1.ZodString>;
|
|
756
758
|
cnf: z$1.ZodOptional<z$1.ZodObject<{
|
|
757
759
|
jwk: z$1.ZodOptional<z$1.ZodObject<{
|
|
758
760
|
kty: z$1.ZodString;
|
|
@@ -1083,6 +1085,7 @@ declare function verifyClientAttestationPopJwt(options: VerifyClientAttestationP
|
|
|
1083
1085
|
nonce?: string | undefined;
|
|
1084
1086
|
iat?: number | undefined;
|
|
1085
1087
|
nbf?: number | undefined;
|
|
1088
|
+
sub?: string | undefined;
|
|
1086
1089
|
cnf?: {
|
|
1087
1090
|
[x: string]: unknown;
|
|
1088
1091
|
jwk?: {
|
|
@@ -1424,9 +1427,9 @@ declare const zAuthorizationChallengeRequest: z$1.ZodObject<{
|
|
|
1424
1427
|
client_id: z$1.ZodOptional<z$1.ZodString>;
|
|
1425
1428
|
auth_session: z$1.ZodOptional<z$1.ZodString>;
|
|
1426
1429
|
presentation_during_issuance_session: z$1.ZodOptional<z$1.ZodString>;
|
|
1427
|
-
scope: z$1.ZodOptional<z$1.ZodString>;
|
|
1428
1430
|
redirect_uri: z$1.ZodOptional<z$1.ZodURL>;
|
|
1429
1431
|
resource: z$1.ZodOptional<z$1.ZodString>;
|
|
1432
|
+
scope: z$1.ZodOptional<z$1.ZodString>;
|
|
1430
1433
|
state: z$1.ZodOptional<z$1.ZodString>;
|
|
1431
1434
|
issuer_state: z$1.ZodOptional<z$1.ZodString>;
|
|
1432
1435
|
dpop_jkt: z$1.ZodOptional<z$1.ZodBase64URL>;
|
|
@@ -1941,6 +1944,274 @@ declare class Oauth2ServerErrorResponseError extends Oauth2Error {
|
|
|
1941
1944
|
constructor(errorResponse: Oauth2ErrorResponse, options?: Oauth2ServerErrorResponseErrorOptions);
|
|
1942
1945
|
}
|
|
1943
1946
|
//#endregion
|
|
1947
|
+
//#region src/id-token/verify-id-token.d.ts
|
|
1948
|
+
interface VerifyJwtIdTokenOptions {
|
|
1949
|
+
/**
|
|
1950
|
+
* The compact id token.
|
|
1951
|
+
*/
|
|
1952
|
+
idToken: string;
|
|
1953
|
+
/**
|
|
1954
|
+
* Callbacks used for verifying the id token
|
|
1955
|
+
*/
|
|
1956
|
+
callbacks: Pick<CallbackContext, 'verifyJwt' | 'fetch'>;
|
|
1957
|
+
/**
|
|
1958
|
+
* If not provided current time will be used
|
|
1959
|
+
*/
|
|
1960
|
+
now?: Date;
|
|
1961
|
+
/**
|
|
1962
|
+
* Authorization server metadata
|
|
1963
|
+
*/
|
|
1964
|
+
authorizationServer: AuthorizationServerMetadata;
|
|
1965
|
+
/**
|
|
1966
|
+
* The client_id of the Relying Party for which the token was issued.
|
|
1967
|
+
*/
|
|
1968
|
+
clientId: string;
|
|
1969
|
+
/**
|
|
1970
|
+
* Expected nonce in the payload. If not provided the nonce won't be validated.
|
|
1971
|
+
*/
|
|
1972
|
+
expectedNonce?: string;
|
|
1973
|
+
}
|
|
1974
|
+
/**
|
|
1975
|
+
* Verify an ID Token JWT.
|
|
1976
|
+
*/
|
|
1977
|
+
declare function verifyJwtIdToken(options: VerifyJwtIdTokenOptions): Promise<{
|
|
1978
|
+
header: {
|
|
1979
|
+
[x: string]: unknown;
|
|
1980
|
+
alg: string;
|
|
1981
|
+
typ?: string | undefined;
|
|
1982
|
+
kid?: string | undefined;
|
|
1983
|
+
jwk?: {
|
|
1984
|
+
[x: string]: unknown;
|
|
1985
|
+
kty: string;
|
|
1986
|
+
crv?: string | undefined;
|
|
1987
|
+
x?: string | undefined;
|
|
1988
|
+
y?: string | undefined;
|
|
1989
|
+
e?: string | undefined;
|
|
1990
|
+
n?: string | undefined;
|
|
1991
|
+
alg?: string | undefined;
|
|
1992
|
+
d?: string | undefined;
|
|
1993
|
+
dp?: string | undefined;
|
|
1994
|
+
dq?: string | undefined;
|
|
1995
|
+
ext?: boolean | undefined;
|
|
1996
|
+
k?: string | undefined;
|
|
1997
|
+
key_ops?: string[] | undefined;
|
|
1998
|
+
kid?: string | undefined;
|
|
1999
|
+
oth?: {
|
|
2000
|
+
[x: string]: unknown;
|
|
2001
|
+
d?: string | undefined;
|
|
2002
|
+
r?: string | undefined;
|
|
2003
|
+
t?: string | undefined;
|
|
2004
|
+
}[] | undefined;
|
|
2005
|
+
p?: string | undefined;
|
|
2006
|
+
q?: string | undefined;
|
|
2007
|
+
qi?: string | undefined;
|
|
2008
|
+
use?: string | undefined;
|
|
2009
|
+
x5c?: string[] | undefined;
|
|
2010
|
+
x5t?: string | undefined;
|
|
2011
|
+
'x5t#S256'?: string | undefined;
|
|
2012
|
+
x5u?: string | undefined;
|
|
2013
|
+
} | undefined;
|
|
2014
|
+
x5c?: string[] | undefined;
|
|
2015
|
+
trust_chain?: [string, ...string[]] | undefined;
|
|
2016
|
+
};
|
|
2017
|
+
payload: {
|
|
2018
|
+
[x: string]: unknown;
|
|
2019
|
+
iss: string;
|
|
2020
|
+
sub: string;
|
|
2021
|
+
aud: string;
|
|
2022
|
+
exp: number;
|
|
2023
|
+
iat: number;
|
|
2024
|
+
auth_time?: number | undefined;
|
|
2025
|
+
acr?: string | undefined;
|
|
2026
|
+
amr?: string[] | undefined;
|
|
2027
|
+
azp?: string | undefined;
|
|
2028
|
+
name?: string | undefined;
|
|
2029
|
+
given_name?: string | undefined;
|
|
2030
|
+
family_name?: string | undefined;
|
|
2031
|
+
middle_name?: string | undefined;
|
|
2032
|
+
nickname?: string | undefined;
|
|
2033
|
+
preferred_username?: string | undefined;
|
|
2034
|
+
profile?: string | undefined;
|
|
2035
|
+
picture?: string | undefined;
|
|
2036
|
+
website?: string | undefined;
|
|
2037
|
+
email?: string | undefined;
|
|
2038
|
+
email_verified?: boolean | undefined;
|
|
2039
|
+
gender?: string | undefined;
|
|
2040
|
+
birthdate?: string | undefined;
|
|
2041
|
+
zoneinfo?: string | undefined;
|
|
2042
|
+
locale?: string | undefined;
|
|
2043
|
+
phone_number?: string | undefined;
|
|
2044
|
+
phone_number_verified?: boolean | undefined;
|
|
2045
|
+
address?: {
|
|
2046
|
+
[x: string]: unknown;
|
|
2047
|
+
formatted?: string | undefined;
|
|
2048
|
+
street_address?: string | undefined;
|
|
2049
|
+
locality?: string | undefined;
|
|
2050
|
+
region?: string | undefined;
|
|
2051
|
+
postal_code?: string | undefined;
|
|
2052
|
+
country?: string | undefined;
|
|
2053
|
+
} | undefined;
|
|
2054
|
+
updated_at?: number | undefined;
|
|
2055
|
+
nbf?: number | undefined;
|
|
2056
|
+
nonce?: string | undefined;
|
|
2057
|
+
jti?: string | undefined;
|
|
2058
|
+
cnf?: {
|
|
2059
|
+
[x: string]: unknown;
|
|
2060
|
+
jwk?: {
|
|
2061
|
+
[x: string]: unknown;
|
|
2062
|
+
kty: string;
|
|
2063
|
+
crv?: string | undefined;
|
|
2064
|
+
x?: string | undefined;
|
|
2065
|
+
y?: string | undefined;
|
|
2066
|
+
e?: string | undefined;
|
|
2067
|
+
n?: string | undefined;
|
|
2068
|
+
alg?: string | undefined;
|
|
2069
|
+
d?: string | undefined;
|
|
2070
|
+
dp?: string | undefined;
|
|
2071
|
+
dq?: string | undefined;
|
|
2072
|
+
ext?: boolean | undefined;
|
|
2073
|
+
k?: string | undefined;
|
|
2074
|
+
key_ops?: string[] | undefined;
|
|
2075
|
+
kid?: string | undefined;
|
|
2076
|
+
oth?: {
|
|
2077
|
+
[x: string]: unknown;
|
|
2078
|
+
d?: string | undefined;
|
|
2079
|
+
r?: string | undefined;
|
|
2080
|
+
t?: string | undefined;
|
|
2081
|
+
}[] | undefined;
|
|
2082
|
+
p?: string | undefined;
|
|
2083
|
+
q?: string | undefined;
|
|
2084
|
+
qi?: string | undefined;
|
|
2085
|
+
use?: string | undefined;
|
|
2086
|
+
x5c?: string[] | undefined;
|
|
2087
|
+
x5t?: string | undefined;
|
|
2088
|
+
'x5t#S256'?: string | undefined;
|
|
2089
|
+
x5u?: string | undefined;
|
|
2090
|
+
} | undefined;
|
|
2091
|
+
jkt?: string | undefined;
|
|
2092
|
+
} | undefined;
|
|
2093
|
+
status?: Record<string, any> | undefined;
|
|
2094
|
+
trust_chain?: [string, ...string[]] | undefined;
|
|
2095
|
+
};
|
|
2096
|
+
}>;
|
|
2097
|
+
//#endregion
|
|
2098
|
+
//#region src/id-token/z-id-token-jwt.d.ts
|
|
2099
|
+
declare const zIdTokenJwtHeader: z$1.ZodObject<{
|
|
2100
|
+
alg: z$1.ZodString;
|
|
2101
|
+
typ: z$1.ZodOptional<z$1.ZodString>;
|
|
2102
|
+
kid: z$1.ZodOptional<z$1.ZodString>;
|
|
2103
|
+
jwk: z$1.ZodOptional<z$1.ZodObject<{
|
|
2104
|
+
kty: z$1.ZodString;
|
|
2105
|
+
crv: z$1.ZodOptional<z$1.ZodString>;
|
|
2106
|
+
x: z$1.ZodOptional<z$1.ZodString>;
|
|
2107
|
+
y: z$1.ZodOptional<z$1.ZodString>;
|
|
2108
|
+
e: z$1.ZodOptional<z$1.ZodString>;
|
|
2109
|
+
n: z$1.ZodOptional<z$1.ZodString>;
|
|
2110
|
+
alg: z$1.ZodOptional<z$1.ZodString>;
|
|
2111
|
+
d: z$1.ZodOptional<z$1.ZodString>;
|
|
2112
|
+
dp: z$1.ZodOptional<z$1.ZodString>;
|
|
2113
|
+
dq: z$1.ZodOptional<z$1.ZodString>;
|
|
2114
|
+
ext: z$1.ZodOptional<z$1.ZodBoolean>;
|
|
2115
|
+
k: z$1.ZodOptional<z$1.ZodString>;
|
|
2116
|
+
key_ops: z$1.ZodOptional<z$1.ZodArray<z$1.ZodString>>;
|
|
2117
|
+
kid: z$1.ZodOptional<z$1.ZodString>;
|
|
2118
|
+
oth: z$1.ZodOptional<z$1.ZodArray<z$1.ZodObject<{
|
|
2119
|
+
d: z$1.ZodOptional<z$1.ZodString>;
|
|
2120
|
+
r: z$1.ZodOptional<z$1.ZodString>;
|
|
2121
|
+
t: z$1.ZodOptional<z$1.ZodString>;
|
|
2122
|
+
}, z$1.core.$loose>>>;
|
|
2123
|
+
p: z$1.ZodOptional<z$1.ZodString>;
|
|
2124
|
+
q: z$1.ZodOptional<z$1.ZodString>;
|
|
2125
|
+
qi: z$1.ZodOptional<z$1.ZodString>;
|
|
2126
|
+
use: z$1.ZodOptional<z$1.ZodString>;
|
|
2127
|
+
x5c: z$1.ZodOptional<z$1.ZodArray<z$1.ZodString>>;
|
|
2128
|
+
x5t: z$1.ZodOptional<z$1.ZodString>;
|
|
2129
|
+
'x5t#S256': z$1.ZodOptional<z$1.ZodString>;
|
|
2130
|
+
x5u: z$1.ZodOptional<z$1.ZodString>;
|
|
2131
|
+
}, z$1.core.$loose>>;
|
|
2132
|
+
x5c: z$1.ZodOptional<z$1.ZodArray<z$1.ZodString>>;
|
|
2133
|
+
trust_chain: z$1.ZodOptional<z$1.ZodTuple<[z$1.ZodString], z$1.ZodString>>;
|
|
2134
|
+
}, z$1.core.$loose>;
|
|
2135
|
+
type IdTokenJwtHeader = z$1.infer<typeof zIdTokenJwtHeader>;
|
|
2136
|
+
declare const zIdTokenJwtPayload: z$1.ZodObject<{
|
|
2137
|
+
iss: z$1.ZodString;
|
|
2138
|
+
sub: z$1.ZodString;
|
|
2139
|
+
aud: z$1.ZodString;
|
|
2140
|
+
exp: z$1.ZodNumber;
|
|
2141
|
+
iat: z$1.ZodNumber;
|
|
2142
|
+
auth_time: z$1.ZodOptional<z$1.ZodNumber>;
|
|
2143
|
+
acr: z$1.ZodOptional<z$1.ZodString>;
|
|
2144
|
+
amr: z$1.ZodOptional<z$1.ZodArray<z$1.ZodString>>;
|
|
2145
|
+
azp: z$1.ZodOptional<z$1.ZodString>;
|
|
2146
|
+
name: z$1.ZodOptional<z$1.ZodString>;
|
|
2147
|
+
given_name: z$1.ZodOptional<z$1.ZodString>;
|
|
2148
|
+
family_name: z$1.ZodOptional<z$1.ZodString>;
|
|
2149
|
+
middle_name: z$1.ZodOptional<z$1.ZodString>;
|
|
2150
|
+
nickname: z$1.ZodOptional<z$1.ZodString>;
|
|
2151
|
+
preferred_username: z$1.ZodOptional<z$1.ZodString>;
|
|
2152
|
+
profile: z$1.ZodOptional<z$1.ZodURL>;
|
|
2153
|
+
picture: z$1.ZodOptional<z$1.ZodURL>;
|
|
2154
|
+
website: z$1.ZodOptional<z$1.ZodURL>;
|
|
2155
|
+
email: z$1.ZodOptional<z$1.ZodEmail>;
|
|
2156
|
+
email_verified: z$1.ZodOptional<z$1.ZodBoolean>;
|
|
2157
|
+
gender: z$1.ZodOptional<z$1.ZodUnion<[z$1.ZodEnum<{
|
|
2158
|
+
male: "male";
|
|
2159
|
+
female: "female";
|
|
2160
|
+
}>, z$1.ZodString]>>;
|
|
2161
|
+
birthdate: z$1.ZodOptional<z$1.ZodISODate>;
|
|
2162
|
+
zoneinfo: z$1.ZodOptional<z$1.ZodString>;
|
|
2163
|
+
locale: z$1.ZodOptional<z$1.ZodString>;
|
|
2164
|
+
phone_number: z$1.ZodOptional<z$1.ZodString>;
|
|
2165
|
+
phone_number_verified: z$1.ZodOptional<z$1.ZodBoolean>;
|
|
2166
|
+
address: z$1.ZodOptional<z$1.ZodObject<{
|
|
2167
|
+
formatted: z$1.ZodOptional<z$1.ZodString>;
|
|
2168
|
+
street_address: z$1.ZodOptional<z$1.ZodString>;
|
|
2169
|
+
locality: z$1.ZodOptional<z$1.ZodString>;
|
|
2170
|
+
region: z$1.ZodOptional<z$1.ZodString>;
|
|
2171
|
+
postal_code: z$1.ZodOptional<z$1.ZodString>;
|
|
2172
|
+
country: z$1.ZodOptional<z$1.ZodString>;
|
|
2173
|
+
}, z$1.core.$loose>>;
|
|
2174
|
+
updated_at: z$1.ZodOptional<z$1.ZodNumber>;
|
|
2175
|
+
nbf: z$1.ZodOptional<z$1.ZodNumber>;
|
|
2176
|
+
nonce: z$1.ZodOptional<z$1.ZodString>;
|
|
2177
|
+
jti: z$1.ZodOptional<z$1.ZodString>;
|
|
2178
|
+
cnf: z$1.ZodOptional<z$1.ZodObject<{
|
|
2179
|
+
jwk: z$1.ZodOptional<z$1.ZodObject<{
|
|
2180
|
+
kty: z$1.ZodString;
|
|
2181
|
+
crv: z$1.ZodOptional<z$1.ZodString>;
|
|
2182
|
+
x: z$1.ZodOptional<z$1.ZodString>;
|
|
2183
|
+
y: z$1.ZodOptional<z$1.ZodString>;
|
|
2184
|
+
e: z$1.ZodOptional<z$1.ZodString>;
|
|
2185
|
+
n: z$1.ZodOptional<z$1.ZodString>;
|
|
2186
|
+
alg: z$1.ZodOptional<z$1.ZodString>;
|
|
2187
|
+
d: z$1.ZodOptional<z$1.ZodString>;
|
|
2188
|
+
dp: z$1.ZodOptional<z$1.ZodString>;
|
|
2189
|
+
dq: z$1.ZodOptional<z$1.ZodString>;
|
|
2190
|
+
ext: z$1.ZodOptional<z$1.ZodBoolean>;
|
|
2191
|
+
k: z$1.ZodOptional<z$1.ZodString>;
|
|
2192
|
+
key_ops: z$1.ZodOptional<z$1.ZodArray<z$1.ZodString>>;
|
|
2193
|
+
kid: z$1.ZodOptional<z$1.ZodString>;
|
|
2194
|
+
oth: z$1.ZodOptional<z$1.ZodArray<z$1.ZodObject<{
|
|
2195
|
+
d: z$1.ZodOptional<z$1.ZodString>;
|
|
2196
|
+
r: z$1.ZodOptional<z$1.ZodString>;
|
|
2197
|
+
t: z$1.ZodOptional<z$1.ZodString>;
|
|
2198
|
+
}, z$1.core.$loose>>>;
|
|
2199
|
+
p: z$1.ZodOptional<z$1.ZodString>;
|
|
2200
|
+
q: z$1.ZodOptional<z$1.ZodString>;
|
|
2201
|
+
qi: z$1.ZodOptional<z$1.ZodString>;
|
|
2202
|
+
use: z$1.ZodOptional<z$1.ZodString>;
|
|
2203
|
+
x5c: z$1.ZodOptional<z$1.ZodArray<z$1.ZodString>>;
|
|
2204
|
+
x5t: z$1.ZodOptional<z$1.ZodString>;
|
|
2205
|
+
'x5t#S256': z$1.ZodOptional<z$1.ZodString>;
|
|
2206
|
+
x5u: z$1.ZodOptional<z$1.ZodString>;
|
|
2207
|
+
}, z$1.core.$loose>>;
|
|
2208
|
+
jkt: z$1.ZodOptional<z$1.ZodString>;
|
|
2209
|
+
}, z$1.core.$loose>>;
|
|
2210
|
+
status: z$1.ZodOptional<z$1.ZodRecord<z$1.ZodString, z$1.ZodAny>>;
|
|
2211
|
+
trust_chain: z$1.ZodOptional<z$1.ZodTuple<[z$1.ZodString], z$1.ZodString>>;
|
|
2212
|
+
}, z$1.core.$loose>;
|
|
2213
|
+
type IdTokenJwtPayload = z$1.infer<typeof zIdTokenJwtPayload>;
|
|
2214
|
+
//#endregion
|
|
1944
2215
|
//#region src/metadata/authorization-server/authorization-server-metadata.d.ts
|
|
1945
2216
|
/**
|
|
1946
2217
|
* fetch authorization server metadata. It first tries to fetch the oauth-authorization-server metadata. If that returns
|
|
@@ -2318,6 +2589,7 @@ declare class Oauth2AuthorizationServer {
|
|
|
2318
2589
|
exp?: number | undefined;
|
|
2319
2590
|
nbf?: number | undefined;
|
|
2320
2591
|
nonce?: string | undefined;
|
|
2592
|
+
sub?: string | undefined;
|
|
2321
2593
|
cnf?: {
|
|
2322
2594
|
[x: string]: unknown;
|
|
2323
2595
|
jwk?: {
|
|
@@ -2499,6 +2771,7 @@ declare class Oauth2AuthorizationServer {
|
|
|
2499
2771
|
nonce?: string | undefined;
|
|
2500
2772
|
iat?: number | undefined;
|
|
2501
2773
|
nbf?: number | undefined;
|
|
2774
|
+
sub?: string | undefined;
|
|
2502
2775
|
cnf?: {
|
|
2503
2776
|
[x: string]: unknown;
|
|
2504
2777
|
jwk?: {
|
|
@@ -3067,5 +3340,5 @@ declare function verifyResourceRequest(options: VerifyResourceRequestOptions): P
|
|
|
3067
3340
|
authorizationServer: string;
|
|
3068
3341
|
}>;
|
|
3069
3342
|
//#endregion
|
|
3070
|
-
export { type AccessTokenErrorResponse, type AccessTokenProfileJwtPayload, type AccessTokenResponse, type AuthorizationChallengeErrorResponse, type AuthorizationChallengeRequest, type AuthorizationChallengeResponse, type AuthorizationCodeGrantIdentifier, type AuthorizationServerMetadata, type CalculateJwkThumbprintOptions, type CallbackContext, type ClientAttestationJwtHeader, type ClientAttestationJwtPayload, type ClientAttestationPopJwtHeader, type ClientAttestationPopJwtPayload, type ClientAuthenticationCallback, type ClientAuthenticationCallbackOptions, type ClientAuthenticationClientAttestationJwtOptions, type ClientAuthenticationClientSecretBasicOptions, type ClientAuthenticationClientSecretPostOptions, type ClientAuthenticationDynamicOptions, type ClientAuthenticationNoneOptions, type CreateAuthorizationRequestUrlOptions, type CreateClientAttestationJwtOptions, type CreatePkceReturn, type CreatePushedAuthorizationErrorResponseOptions, type CreatePushedAuthorizationResponseOptions, type DecodeJwtHeaderResult, type DecodeJwtOptions, type DecodeJwtResult, type DecryptJweCallback, type DecryptJweCallbackOptions, type EncryptJweCallback, type GenerateRandomCallback, HashAlgorithm, type HashCallback, type HttpMethod, InvalidFetchResponseError, type JweEncryptor, type Jwk, type JwkSet, type JwtHeader, type JwtPayload, type JwtSigner, type JwtSignerCustom, type JwtSignerDid, type JwtSignerJwk, type JwtSignerWithJwk, type JwtSignerX5c, Oauth2AuthorizationServer, type Oauth2AuthorizationServerOptions, Oauth2Client, Oauth2ClientAuthorizationChallengeError, Oauth2ClientErrorResponseError, type Oauth2ClientOptions, Oauth2Error, Oauth2ErrorCodes, type Oauth2ErrorOptions, type Oauth2ErrorResponse, Oauth2JwtParseError, Oauth2JwtVerificationError, Oauth2ResourceServer, type Oauth2ResourceServerOptions, Oauth2ResourceUnauthorizedError, Oauth2ServerErrorResponseError, type Oid4vcTsConfig, type ParseAuthorizationChallengeRequestOptions, type ParseAuthorizationChallengeRequestResult, type ParsePushedAuthorizationRequestOptions, type ParsePushedAuthorizationRequestResult, PkceCodeChallengeMethod, type PreAuthorizedCodeGrantIdentifier, type RefreshTokenGrantIdentifier, type RequestClientAttestationOptions, type RequestDpopOptions, type ResourceRequestOptions, type ResourceRequestResponseNotOk, type ResourceRequestResponseOk, type RetrieveAuthorizationCodeAccessTokenOptions, type RetrievePreAuthorizedCodeAccessTokenOptions, type SignJwtCallback, SupportedAuthenticationScheme, SupportedClientAuthenticationMethod, type TokenIntrospectionResponse, type VerifyAccessTokenRequestReturn, type VerifyAuthorizationChallengeRequestOptions, type VerifyAuthorizationChallengeRequestReturn, type VerifyJwtCallback, type VerifyPushedAuthorizationRequestOptions, type VerifyPushedAuthorizationRequestReturn, type VerifyResourceRequestOptions, type WwwAuthenticateHeaderChallenge, authorizationCodeGrantIdentifier, calculateJwkThumbprint, clientAuthenticationAnonymous, clientAuthenticationClientAttestationJwt, clientAuthenticationClientSecretBasic, clientAuthenticationClientSecretPost, clientAuthenticationDynamic, clientAuthenticationNone, createClientAttestationJwt, decodeJwt, decodeJwtHeader, fetchAuthorizationServerMetadata, fetchJwks, fetchWellKnownMetadata, getAuthorizationServerMetadataFromList, getGlobalConfig, isJwkInSet, jwtHeaderFromJwtSigner, jwtSignerFromJwt, preAuthorizedCodeGrantIdentifier, refreshTokenGrantIdentifier, resourceRequest, setGlobalConfig, verifyJwt, verifyResourceRequest, zAlgValueNotNone, zAuthorizationCodeGrantIdentifier, zAuthorizationServerMetadata, zCompactJwe, zCompactJwt, zJwk, zJwkSet, zJwtHeader, zJwtPayload, zOauth2ErrorResponse, zPreAuthorizedCodeGrantIdentifier, zRefreshTokenGrantIdentifier };
|
|
3343
|
+
export { type AccessTokenErrorResponse, type AccessTokenProfileJwtPayload, type AccessTokenResponse, type AuthorizationChallengeErrorResponse, type AuthorizationChallengeRequest, type AuthorizationChallengeResponse, type AuthorizationCodeGrantIdentifier, type AuthorizationServerMetadata, type CalculateJwkThumbprintOptions, type CallbackContext, type ClientAttestationJwtHeader, type ClientAttestationJwtPayload, type ClientAttestationPopJwtHeader, type ClientAttestationPopJwtPayload, type ClientAuthenticationCallback, type ClientAuthenticationCallbackOptions, type ClientAuthenticationClientAttestationJwtOptions, type ClientAuthenticationClientSecretBasicOptions, type ClientAuthenticationClientSecretPostOptions, type ClientAuthenticationDynamicOptions, type ClientAuthenticationNoneOptions, type CreateAuthorizationRequestUrlOptions, type CreateClientAttestationJwtOptions, type CreatePkceReturn, type CreatePushedAuthorizationErrorResponseOptions, type CreatePushedAuthorizationResponseOptions, type DecodeJwtHeaderResult, type DecodeJwtOptions, type DecodeJwtResult, type DecryptJweCallback, type DecryptJweCallbackOptions, type EncryptJweCallback, type GenerateRandomCallback, HashAlgorithm, type HashCallback, type HttpMethod, IdTokenJwtHeader, IdTokenJwtPayload, InvalidFetchResponseError, type JweEncryptor, type Jwk, type JwkSet, type JwtHeader, type JwtPayload, type JwtSigner, type JwtSignerCustom, type JwtSignerDid, type JwtSignerJwk, type JwtSignerWithJwk, type JwtSignerX5c, Oauth2AuthorizationServer, type Oauth2AuthorizationServerOptions, Oauth2Client, Oauth2ClientAuthorizationChallengeError, Oauth2ClientErrorResponseError, type Oauth2ClientOptions, Oauth2Error, Oauth2ErrorCodes, type Oauth2ErrorOptions, type Oauth2ErrorResponse, Oauth2JwtParseError, Oauth2JwtVerificationError, Oauth2ResourceServer, type Oauth2ResourceServerOptions, Oauth2ResourceUnauthorizedError, Oauth2ServerErrorResponseError, type Oid4vcTsConfig, type ParseAuthorizationChallengeRequestOptions, type ParseAuthorizationChallengeRequestResult, type ParsePushedAuthorizationRequestOptions, type ParsePushedAuthorizationRequestResult, PkceCodeChallengeMethod, type PreAuthorizedCodeGrantIdentifier, type RefreshTokenGrantIdentifier, type RequestClientAttestationOptions, type RequestDpopOptions, type RequestLike, type ResourceRequestOptions, type ResourceRequestResponseNotOk, type ResourceRequestResponseOk, type RetrieveAuthorizationCodeAccessTokenOptions, type RetrievePreAuthorizedCodeAccessTokenOptions, type SignJwtCallback, SupportedAuthenticationScheme, SupportedClientAuthenticationMethod, type TokenIntrospectionResponse, type VerifiedClientAttestationJwt, type VerifyAccessTokenRequestReturn, type VerifyAuthorizationChallengeRequestOptions, type VerifyAuthorizationChallengeRequestReturn, type VerifyJwtCallback, VerifyJwtIdTokenOptions, type VerifyPushedAuthorizationRequestOptions, type VerifyPushedAuthorizationRequestReturn, type VerifyResourceRequestOptions, type WwwAuthenticateHeaderChallenge, authorizationCodeGrantIdentifier, calculateJwkThumbprint, clientAuthenticationAnonymous, clientAuthenticationClientAttestationJwt, clientAuthenticationClientSecretBasic, clientAuthenticationClientSecretPost, clientAuthenticationDynamic, clientAuthenticationNone, createClientAttestationJwt, decodeJwt, decodeJwtHeader, fetchAuthorizationServerMetadata, fetchJwks, fetchWellKnownMetadata, getAuthorizationServerMetadataFromList, getGlobalConfig, isJwkInSet, jwtHeaderFromJwtSigner, jwtSignerFromJwt, preAuthorizedCodeGrantIdentifier, refreshTokenGrantIdentifier, resourceRequest, setGlobalConfig, verifyClientAttestationJwt, verifyJwt, verifyJwtIdToken, verifyResourceRequest, zAlgValueNotNone, zAuthorizationCodeGrantIdentifier, zAuthorizationServerMetadata, zCompactJwe, zCompactJwt, zIdTokenJwtHeader, zIdTokenJwtPayload, zJwk, zJwkSet, zJwtHeader, zJwtPayload, zOauth2ErrorResponse, zPreAuthorizedCodeGrantIdentifier, zRefreshTokenGrantIdentifier };
|
|
3071
3344
|
//# sourceMappingURL=index.d.mts.map
|
package/dist/index.d.ts
CHANGED
|
@@ -262,6 +262,7 @@ declare const zJwtPayload: z$1.ZodObject<{
|
|
|
262
262
|
nbf: z$1.ZodOptional<z$1.ZodNumber>;
|
|
263
263
|
nonce: z$1.ZodOptional<z$1.ZodString>;
|
|
264
264
|
jti: z$1.ZodOptional<z$1.ZodString>;
|
|
265
|
+
sub: z$1.ZodOptional<z$1.ZodString>;
|
|
265
266
|
cnf: z$1.ZodOptional<z$1.ZodObject<{
|
|
266
267
|
jwk: z$1.ZodOptional<z$1.ZodObject<{
|
|
267
268
|
kty: z$1.ZodString;
|
|
@@ -753,6 +754,7 @@ declare const zClientAttestationPopJwtPayload: z$1.ZodObject<{
|
|
|
753
754
|
nonce: z$1.ZodOptional<z$1.ZodString>;
|
|
754
755
|
iat: z$1.ZodOptional<z$1.ZodNumber>;
|
|
755
756
|
nbf: z$1.ZodOptional<z$1.ZodNumber>;
|
|
757
|
+
sub: z$1.ZodOptional<z$1.ZodString>;
|
|
756
758
|
cnf: z$1.ZodOptional<z$1.ZodObject<{
|
|
757
759
|
jwk: z$1.ZodOptional<z$1.ZodObject<{
|
|
758
760
|
kty: z$1.ZodString;
|
|
@@ -1083,6 +1085,7 @@ declare function verifyClientAttestationPopJwt(options: VerifyClientAttestationP
|
|
|
1083
1085
|
nonce?: string | undefined;
|
|
1084
1086
|
iat?: number | undefined;
|
|
1085
1087
|
nbf?: number | undefined;
|
|
1088
|
+
sub?: string | undefined;
|
|
1086
1089
|
cnf?: {
|
|
1087
1090
|
[x: string]: unknown;
|
|
1088
1091
|
jwk?: {
|
|
@@ -1424,9 +1427,9 @@ declare const zAuthorizationChallengeRequest: z$1.ZodObject<{
|
|
|
1424
1427
|
client_id: z$1.ZodOptional<z$1.ZodString>;
|
|
1425
1428
|
auth_session: z$1.ZodOptional<z$1.ZodString>;
|
|
1426
1429
|
presentation_during_issuance_session: z$1.ZodOptional<z$1.ZodString>;
|
|
1427
|
-
scope: z$1.ZodOptional<z$1.ZodString>;
|
|
1428
1430
|
redirect_uri: z$1.ZodOptional<z$1.ZodURL>;
|
|
1429
1431
|
resource: z$1.ZodOptional<z$1.ZodString>;
|
|
1432
|
+
scope: z$1.ZodOptional<z$1.ZodString>;
|
|
1430
1433
|
state: z$1.ZodOptional<z$1.ZodString>;
|
|
1431
1434
|
issuer_state: z$1.ZodOptional<z$1.ZodString>;
|
|
1432
1435
|
dpop_jkt: z$1.ZodOptional<z$1.ZodBase64URL>;
|
|
@@ -1941,6 +1944,274 @@ declare class Oauth2ServerErrorResponseError extends Oauth2Error {
|
|
|
1941
1944
|
constructor(errorResponse: Oauth2ErrorResponse, options?: Oauth2ServerErrorResponseErrorOptions);
|
|
1942
1945
|
}
|
|
1943
1946
|
//#endregion
|
|
1947
|
+
//#region src/id-token/verify-id-token.d.ts
|
|
1948
|
+
interface VerifyJwtIdTokenOptions {
|
|
1949
|
+
/**
|
|
1950
|
+
* The compact id token.
|
|
1951
|
+
*/
|
|
1952
|
+
idToken: string;
|
|
1953
|
+
/**
|
|
1954
|
+
* Callbacks used for verifying the id token
|
|
1955
|
+
*/
|
|
1956
|
+
callbacks: Pick<CallbackContext, 'verifyJwt' | 'fetch'>;
|
|
1957
|
+
/**
|
|
1958
|
+
* If not provided current time will be used
|
|
1959
|
+
*/
|
|
1960
|
+
now?: Date;
|
|
1961
|
+
/**
|
|
1962
|
+
* Authorization server metadata
|
|
1963
|
+
*/
|
|
1964
|
+
authorizationServer: AuthorizationServerMetadata;
|
|
1965
|
+
/**
|
|
1966
|
+
* The client_id of the Relying Party for which the token was issued.
|
|
1967
|
+
*/
|
|
1968
|
+
clientId: string;
|
|
1969
|
+
/**
|
|
1970
|
+
* Expected nonce in the payload. If not provided the nonce won't be validated.
|
|
1971
|
+
*/
|
|
1972
|
+
expectedNonce?: string;
|
|
1973
|
+
}
|
|
1974
|
+
/**
|
|
1975
|
+
* Verify an ID Token JWT.
|
|
1976
|
+
*/
|
|
1977
|
+
declare function verifyJwtIdToken(options: VerifyJwtIdTokenOptions): Promise<{
|
|
1978
|
+
header: {
|
|
1979
|
+
[x: string]: unknown;
|
|
1980
|
+
alg: string;
|
|
1981
|
+
typ?: string | undefined;
|
|
1982
|
+
kid?: string | undefined;
|
|
1983
|
+
jwk?: {
|
|
1984
|
+
[x: string]: unknown;
|
|
1985
|
+
kty: string;
|
|
1986
|
+
crv?: string | undefined;
|
|
1987
|
+
x?: string | undefined;
|
|
1988
|
+
y?: string | undefined;
|
|
1989
|
+
e?: string | undefined;
|
|
1990
|
+
n?: string | undefined;
|
|
1991
|
+
alg?: string | undefined;
|
|
1992
|
+
d?: string | undefined;
|
|
1993
|
+
dp?: string | undefined;
|
|
1994
|
+
dq?: string | undefined;
|
|
1995
|
+
ext?: boolean | undefined;
|
|
1996
|
+
k?: string | undefined;
|
|
1997
|
+
key_ops?: string[] | undefined;
|
|
1998
|
+
kid?: string | undefined;
|
|
1999
|
+
oth?: {
|
|
2000
|
+
[x: string]: unknown;
|
|
2001
|
+
d?: string | undefined;
|
|
2002
|
+
r?: string | undefined;
|
|
2003
|
+
t?: string | undefined;
|
|
2004
|
+
}[] | undefined;
|
|
2005
|
+
p?: string | undefined;
|
|
2006
|
+
q?: string | undefined;
|
|
2007
|
+
qi?: string | undefined;
|
|
2008
|
+
use?: string | undefined;
|
|
2009
|
+
x5c?: string[] | undefined;
|
|
2010
|
+
x5t?: string | undefined;
|
|
2011
|
+
'x5t#S256'?: string | undefined;
|
|
2012
|
+
x5u?: string | undefined;
|
|
2013
|
+
} | undefined;
|
|
2014
|
+
x5c?: string[] | undefined;
|
|
2015
|
+
trust_chain?: [string, ...string[]] | undefined;
|
|
2016
|
+
};
|
|
2017
|
+
payload: {
|
|
2018
|
+
[x: string]: unknown;
|
|
2019
|
+
iss: string;
|
|
2020
|
+
sub: string;
|
|
2021
|
+
aud: string;
|
|
2022
|
+
exp: number;
|
|
2023
|
+
iat: number;
|
|
2024
|
+
auth_time?: number | undefined;
|
|
2025
|
+
acr?: string | undefined;
|
|
2026
|
+
amr?: string[] | undefined;
|
|
2027
|
+
azp?: string | undefined;
|
|
2028
|
+
name?: string | undefined;
|
|
2029
|
+
given_name?: string | undefined;
|
|
2030
|
+
family_name?: string | undefined;
|
|
2031
|
+
middle_name?: string | undefined;
|
|
2032
|
+
nickname?: string | undefined;
|
|
2033
|
+
preferred_username?: string | undefined;
|
|
2034
|
+
profile?: string | undefined;
|
|
2035
|
+
picture?: string | undefined;
|
|
2036
|
+
website?: string | undefined;
|
|
2037
|
+
email?: string | undefined;
|
|
2038
|
+
email_verified?: boolean | undefined;
|
|
2039
|
+
gender?: string | undefined;
|
|
2040
|
+
birthdate?: string | undefined;
|
|
2041
|
+
zoneinfo?: string | undefined;
|
|
2042
|
+
locale?: string | undefined;
|
|
2043
|
+
phone_number?: string | undefined;
|
|
2044
|
+
phone_number_verified?: boolean | undefined;
|
|
2045
|
+
address?: {
|
|
2046
|
+
[x: string]: unknown;
|
|
2047
|
+
formatted?: string | undefined;
|
|
2048
|
+
street_address?: string | undefined;
|
|
2049
|
+
locality?: string | undefined;
|
|
2050
|
+
region?: string | undefined;
|
|
2051
|
+
postal_code?: string | undefined;
|
|
2052
|
+
country?: string | undefined;
|
|
2053
|
+
} | undefined;
|
|
2054
|
+
updated_at?: number | undefined;
|
|
2055
|
+
nbf?: number | undefined;
|
|
2056
|
+
nonce?: string | undefined;
|
|
2057
|
+
jti?: string | undefined;
|
|
2058
|
+
cnf?: {
|
|
2059
|
+
[x: string]: unknown;
|
|
2060
|
+
jwk?: {
|
|
2061
|
+
[x: string]: unknown;
|
|
2062
|
+
kty: string;
|
|
2063
|
+
crv?: string | undefined;
|
|
2064
|
+
x?: string | undefined;
|
|
2065
|
+
y?: string | undefined;
|
|
2066
|
+
e?: string | undefined;
|
|
2067
|
+
n?: string | undefined;
|
|
2068
|
+
alg?: string | undefined;
|
|
2069
|
+
d?: string | undefined;
|
|
2070
|
+
dp?: string | undefined;
|
|
2071
|
+
dq?: string | undefined;
|
|
2072
|
+
ext?: boolean | undefined;
|
|
2073
|
+
k?: string | undefined;
|
|
2074
|
+
key_ops?: string[] | undefined;
|
|
2075
|
+
kid?: string | undefined;
|
|
2076
|
+
oth?: {
|
|
2077
|
+
[x: string]: unknown;
|
|
2078
|
+
d?: string | undefined;
|
|
2079
|
+
r?: string | undefined;
|
|
2080
|
+
t?: string | undefined;
|
|
2081
|
+
}[] | undefined;
|
|
2082
|
+
p?: string | undefined;
|
|
2083
|
+
q?: string | undefined;
|
|
2084
|
+
qi?: string | undefined;
|
|
2085
|
+
use?: string | undefined;
|
|
2086
|
+
x5c?: string[] | undefined;
|
|
2087
|
+
x5t?: string | undefined;
|
|
2088
|
+
'x5t#S256'?: string | undefined;
|
|
2089
|
+
x5u?: string | undefined;
|
|
2090
|
+
} | undefined;
|
|
2091
|
+
jkt?: string | undefined;
|
|
2092
|
+
} | undefined;
|
|
2093
|
+
status?: Record<string, any> | undefined;
|
|
2094
|
+
trust_chain?: [string, ...string[]] | undefined;
|
|
2095
|
+
};
|
|
2096
|
+
}>;
|
|
2097
|
+
//#endregion
|
|
2098
|
+
//#region src/id-token/z-id-token-jwt.d.ts
|
|
2099
|
+
declare const zIdTokenJwtHeader: z$1.ZodObject<{
|
|
2100
|
+
alg: z$1.ZodString;
|
|
2101
|
+
typ: z$1.ZodOptional<z$1.ZodString>;
|
|
2102
|
+
kid: z$1.ZodOptional<z$1.ZodString>;
|
|
2103
|
+
jwk: z$1.ZodOptional<z$1.ZodObject<{
|
|
2104
|
+
kty: z$1.ZodString;
|
|
2105
|
+
crv: z$1.ZodOptional<z$1.ZodString>;
|
|
2106
|
+
x: z$1.ZodOptional<z$1.ZodString>;
|
|
2107
|
+
y: z$1.ZodOptional<z$1.ZodString>;
|
|
2108
|
+
e: z$1.ZodOptional<z$1.ZodString>;
|
|
2109
|
+
n: z$1.ZodOptional<z$1.ZodString>;
|
|
2110
|
+
alg: z$1.ZodOptional<z$1.ZodString>;
|
|
2111
|
+
d: z$1.ZodOptional<z$1.ZodString>;
|
|
2112
|
+
dp: z$1.ZodOptional<z$1.ZodString>;
|
|
2113
|
+
dq: z$1.ZodOptional<z$1.ZodString>;
|
|
2114
|
+
ext: z$1.ZodOptional<z$1.ZodBoolean>;
|
|
2115
|
+
k: z$1.ZodOptional<z$1.ZodString>;
|
|
2116
|
+
key_ops: z$1.ZodOptional<z$1.ZodArray<z$1.ZodString>>;
|
|
2117
|
+
kid: z$1.ZodOptional<z$1.ZodString>;
|
|
2118
|
+
oth: z$1.ZodOptional<z$1.ZodArray<z$1.ZodObject<{
|
|
2119
|
+
d: z$1.ZodOptional<z$1.ZodString>;
|
|
2120
|
+
r: z$1.ZodOptional<z$1.ZodString>;
|
|
2121
|
+
t: z$1.ZodOptional<z$1.ZodString>;
|
|
2122
|
+
}, z$1.core.$loose>>>;
|
|
2123
|
+
p: z$1.ZodOptional<z$1.ZodString>;
|
|
2124
|
+
q: z$1.ZodOptional<z$1.ZodString>;
|
|
2125
|
+
qi: z$1.ZodOptional<z$1.ZodString>;
|
|
2126
|
+
use: z$1.ZodOptional<z$1.ZodString>;
|
|
2127
|
+
x5c: z$1.ZodOptional<z$1.ZodArray<z$1.ZodString>>;
|
|
2128
|
+
x5t: z$1.ZodOptional<z$1.ZodString>;
|
|
2129
|
+
'x5t#S256': z$1.ZodOptional<z$1.ZodString>;
|
|
2130
|
+
x5u: z$1.ZodOptional<z$1.ZodString>;
|
|
2131
|
+
}, z$1.core.$loose>>;
|
|
2132
|
+
x5c: z$1.ZodOptional<z$1.ZodArray<z$1.ZodString>>;
|
|
2133
|
+
trust_chain: z$1.ZodOptional<z$1.ZodTuple<[z$1.ZodString], z$1.ZodString>>;
|
|
2134
|
+
}, z$1.core.$loose>;
|
|
2135
|
+
type IdTokenJwtHeader = z$1.infer<typeof zIdTokenJwtHeader>;
|
|
2136
|
+
declare const zIdTokenJwtPayload: z$1.ZodObject<{
|
|
2137
|
+
iss: z$1.ZodString;
|
|
2138
|
+
sub: z$1.ZodString;
|
|
2139
|
+
aud: z$1.ZodString;
|
|
2140
|
+
exp: z$1.ZodNumber;
|
|
2141
|
+
iat: z$1.ZodNumber;
|
|
2142
|
+
auth_time: z$1.ZodOptional<z$1.ZodNumber>;
|
|
2143
|
+
acr: z$1.ZodOptional<z$1.ZodString>;
|
|
2144
|
+
amr: z$1.ZodOptional<z$1.ZodArray<z$1.ZodString>>;
|
|
2145
|
+
azp: z$1.ZodOptional<z$1.ZodString>;
|
|
2146
|
+
name: z$1.ZodOptional<z$1.ZodString>;
|
|
2147
|
+
given_name: z$1.ZodOptional<z$1.ZodString>;
|
|
2148
|
+
family_name: z$1.ZodOptional<z$1.ZodString>;
|
|
2149
|
+
middle_name: z$1.ZodOptional<z$1.ZodString>;
|
|
2150
|
+
nickname: z$1.ZodOptional<z$1.ZodString>;
|
|
2151
|
+
preferred_username: z$1.ZodOptional<z$1.ZodString>;
|
|
2152
|
+
profile: z$1.ZodOptional<z$1.ZodURL>;
|
|
2153
|
+
picture: z$1.ZodOptional<z$1.ZodURL>;
|
|
2154
|
+
website: z$1.ZodOptional<z$1.ZodURL>;
|
|
2155
|
+
email: z$1.ZodOptional<z$1.ZodEmail>;
|
|
2156
|
+
email_verified: z$1.ZodOptional<z$1.ZodBoolean>;
|
|
2157
|
+
gender: z$1.ZodOptional<z$1.ZodUnion<[z$1.ZodEnum<{
|
|
2158
|
+
male: "male";
|
|
2159
|
+
female: "female";
|
|
2160
|
+
}>, z$1.ZodString]>>;
|
|
2161
|
+
birthdate: z$1.ZodOptional<z$1.ZodISODate>;
|
|
2162
|
+
zoneinfo: z$1.ZodOptional<z$1.ZodString>;
|
|
2163
|
+
locale: z$1.ZodOptional<z$1.ZodString>;
|
|
2164
|
+
phone_number: z$1.ZodOptional<z$1.ZodString>;
|
|
2165
|
+
phone_number_verified: z$1.ZodOptional<z$1.ZodBoolean>;
|
|
2166
|
+
address: z$1.ZodOptional<z$1.ZodObject<{
|
|
2167
|
+
formatted: z$1.ZodOptional<z$1.ZodString>;
|
|
2168
|
+
street_address: z$1.ZodOptional<z$1.ZodString>;
|
|
2169
|
+
locality: z$1.ZodOptional<z$1.ZodString>;
|
|
2170
|
+
region: z$1.ZodOptional<z$1.ZodString>;
|
|
2171
|
+
postal_code: z$1.ZodOptional<z$1.ZodString>;
|
|
2172
|
+
country: z$1.ZodOptional<z$1.ZodString>;
|
|
2173
|
+
}, z$1.core.$loose>>;
|
|
2174
|
+
updated_at: z$1.ZodOptional<z$1.ZodNumber>;
|
|
2175
|
+
nbf: z$1.ZodOptional<z$1.ZodNumber>;
|
|
2176
|
+
nonce: z$1.ZodOptional<z$1.ZodString>;
|
|
2177
|
+
jti: z$1.ZodOptional<z$1.ZodString>;
|
|
2178
|
+
cnf: z$1.ZodOptional<z$1.ZodObject<{
|
|
2179
|
+
jwk: z$1.ZodOptional<z$1.ZodObject<{
|
|
2180
|
+
kty: z$1.ZodString;
|
|
2181
|
+
crv: z$1.ZodOptional<z$1.ZodString>;
|
|
2182
|
+
x: z$1.ZodOptional<z$1.ZodString>;
|
|
2183
|
+
y: z$1.ZodOptional<z$1.ZodString>;
|
|
2184
|
+
e: z$1.ZodOptional<z$1.ZodString>;
|
|
2185
|
+
n: z$1.ZodOptional<z$1.ZodString>;
|
|
2186
|
+
alg: z$1.ZodOptional<z$1.ZodString>;
|
|
2187
|
+
d: z$1.ZodOptional<z$1.ZodString>;
|
|
2188
|
+
dp: z$1.ZodOptional<z$1.ZodString>;
|
|
2189
|
+
dq: z$1.ZodOptional<z$1.ZodString>;
|
|
2190
|
+
ext: z$1.ZodOptional<z$1.ZodBoolean>;
|
|
2191
|
+
k: z$1.ZodOptional<z$1.ZodString>;
|
|
2192
|
+
key_ops: z$1.ZodOptional<z$1.ZodArray<z$1.ZodString>>;
|
|
2193
|
+
kid: z$1.ZodOptional<z$1.ZodString>;
|
|
2194
|
+
oth: z$1.ZodOptional<z$1.ZodArray<z$1.ZodObject<{
|
|
2195
|
+
d: z$1.ZodOptional<z$1.ZodString>;
|
|
2196
|
+
r: z$1.ZodOptional<z$1.ZodString>;
|
|
2197
|
+
t: z$1.ZodOptional<z$1.ZodString>;
|
|
2198
|
+
}, z$1.core.$loose>>>;
|
|
2199
|
+
p: z$1.ZodOptional<z$1.ZodString>;
|
|
2200
|
+
q: z$1.ZodOptional<z$1.ZodString>;
|
|
2201
|
+
qi: z$1.ZodOptional<z$1.ZodString>;
|
|
2202
|
+
use: z$1.ZodOptional<z$1.ZodString>;
|
|
2203
|
+
x5c: z$1.ZodOptional<z$1.ZodArray<z$1.ZodString>>;
|
|
2204
|
+
x5t: z$1.ZodOptional<z$1.ZodString>;
|
|
2205
|
+
'x5t#S256': z$1.ZodOptional<z$1.ZodString>;
|
|
2206
|
+
x5u: z$1.ZodOptional<z$1.ZodString>;
|
|
2207
|
+
}, z$1.core.$loose>>;
|
|
2208
|
+
jkt: z$1.ZodOptional<z$1.ZodString>;
|
|
2209
|
+
}, z$1.core.$loose>>;
|
|
2210
|
+
status: z$1.ZodOptional<z$1.ZodRecord<z$1.ZodString, z$1.ZodAny>>;
|
|
2211
|
+
trust_chain: z$1.ZodOptional<z$1.ZodTuple<[z$1.ZodString], z$1.ZodString>>;
|
|
2212
|
+
}, z$1.core.$loose>;
|
|
2213
|
+
type IdTokenJwtPayload = z$1.infer<typeof zIdTokenJwtPayload>;
|
|
2214
|
+
//#endregion
|
|
1944
2215
|
//#region src/metadata/authorization-server/authorization-server-metadata.d.ts
|
|
1945
2216
|
/**
|
|
1946
2217
|
* fetch authorization server metadata. It first tries to fetch the oauth-authorization-server metadata. If that returns
|
|
@@ -2318,6 +2589,7 @@ declare class Oauth2AuthorizationServer {
|
|
|
2318
2589
|
exp?: number | undefined;
|
|
2319
2590
|
nbf?: number | undefined;
|
|
2320
2591
|
nonce?: string | undefined;
|
|
2592
|
+
sub?: string | undefined;
|
|
2321
2593
|
cnf?: {
|
|
2322
2594
|
[x: string]: unknown;
|
|
2323
2595
|
jwk?: {
|
|
@@ -2499,6 +2771,7 @@ declare class Oauth2AuthorizationServer {
|
|
|
2499
2771
|
nonce?: string | undefined;
|
|
2500
2772
|
iat?: number | undefined;
|
|
2501
2773
|
nbf?: number | undefined;
|
|
2774
|
+
sub?: string | undefined;
|
|
2502
2775
|
cnf?: {
|
|
2503
2776
|
[x: string]: unknown;
|
|
2504
2777
|
jwk?: {
|
|
@@ -3067,5 +3340,5 @@ declare function verifyResourceRequest(options: VerifyResourceRequestOptions): P
|
|
|
3067
3340
|
authorizationServer: string;
|
|
3068
3341
|
}>;
|
|
3069
3342
|
//#endregion
|
|
3070
|
-
export { type AccessTokenErrorResponse, type AccessTokenProfileJwtPayload, type AccessTokenResponse, type AuthorizationChallengeErrorResponse, type AuthorizationChallengeRequest, type AuthorizationChallengeResponse, type AuthorizationCodeGrantIdentifier, type AuthorizationServerMetadata, type CalculateJwkThumbprintOptions, type CallbackContext, type ClientAttestationJwtHeader, type ClientAttestationJwtPayload, type ClientAttestationPopJwtHeader, type ClientAttestationPopJwtPayload, type ClientAuthenticationCallback, type ClientAuthenticationCallbackOptions, type ClientAuthenticationClientAttestationJwtOptions, type ClientAuthenticationClientSecretBasicOptions, type ClientAuthenticationClientSecretPostOptions, type ClientAuthenticationDynamicOptions, type ClientAuthenticationNoneOptions, type CreateAuthorizationRequestUrlOptions, type CreateClientAttestationJwtOptions, type CreatePkceReturn, type CreatePushedAuthorizationErrorResponseOptions, type CreatePushedAuthorizationResponseOptions, type DecodeJwtHeaderResult, type DecodeJwtOptions, type DecodeJwtResult, type DecryptJweCallback, type DecryptJweCallbackOptions, type EncryptJweCallback, type GenerateRandomCallback, HashAlgorithm, type HashCallback, type HttpMethod, InvalidFetchResponseError, type JweEncryptor, type Jwk, type JwkSet, type JwtHeader, type JwtPayload, type JwtSigner, type JwtSignerCustom, type JwtSignerDid, type JwtSignerJwk, type JwtSignerWithJwk, type JwtSignerX5c, Oauth2AuthorizationServer, type Oauth2AuthorizationServerOptions, Oauth2Client, Oauth2ClientAuthorizationChallengeError, Oauth2ClientErrorResponseError, type Oauth2ClientOptions, Oauth2Error, Oauth2ErrorCodes, type Oauth2ErrorOptions, type Oauth2ErrorResponse, Oauth2JwtParseError, Oauth2JwtVerificationError, Oauth2ResourceServer, type Oauth2ResourceServerOptions, Oauth2ResourceUnauthorizedError, Oauth2ServerErrorResponseError, type Oid4vcTsConfig, type ParseAuthorizationChallengeRequestOptions, type ParseAuthorizationChallengeRequestResult, type ParsePushedAuthorizationRequestOptions, type ParsePushedAuthorizationRequestResult, PkceCodeChallengeMethod, type PreAuthorizedCodeGrantIdentifier, type RefreshTokenGrantIdentifier, type RequestClientAttestationOptions, type RequestDpopOptions, type ResourceRequestOptions, type ResourceRequestResponseNotOk, type ResourceRequestResponseOk, type RetrieveAuthorizationCodeAccessTokenOptions, type RetrievePreAuthorizedCodeAccessTokenOptions, type SignJwtCallback, SupportedAuthenticationScheme, SupportedClientAuthenticationMethod, type TokenIntrospectionResponse, type VerifyAccessTokenRequestReturn, type VerifyAuthorizationChallengeRequestOptions, type VerifyAuthorizationChallengeRequestReturn, type VerifyJwtCallback, type VerifyPushedAuthorizationRequestOptions, type VerifyPushedAuthorizationRequestReturn, type VerifyResourceRequestOptions, type WwwAuthenticateHeaderChallenge, authorizationCodeGrantIdentifier, calculateJwkThumbprint, clientAuthenticationAnonymous, clientAuthenticationClientAttestationJwt, clientAuthenticationClientSecretBasic, clientAuthenticationClientSecretPost, clientAuthenticationDynamic, clientAuthenticationNone, createClientAttestationJwt, decodeJwt, decodeJwtHeader, fetchAuthorizationServerMetadata, fetchJwks, fetchWellKnownMetadata, getAuthorizationServerMetadataFromList, getGlobalConfig, isJwkInSet, jwtHeaderFromJwtSigner, jwtSignerFromJwt, preAuthorizedCodeGrantIdentifier, refreshTokenGrantIdentifier, resourceRequest, setGlobalConfig, verifyJwt, verifyResourceRequest, zAlgValueNotNone, zAuthorizationCodeGrantIdentifier, zAuthorizationServerMetadata, zCompactJwe, zCompactJwt, zJwk, zJwkSet, zJwtHeader, zJwtPayload, zOauth2ErrorResponse, zPreAuthorizedCodeGrantIdentifier, zRefreshTokenGrantIdentifier };
|
|
3343
|
+
export { type AccessTokenErrorResponse, type AccessTokenProfileJwtPayload, type AccessTokenResponse, type AuthorizationChallengeErrorResponse, type AuthorizationChallengeRequest, type AuthorizationChallengeResponse, type AuthorizationCodeGrantIdentifier, type AuthorizationServerMetadata, type CalculateJwkThumbprintOptions, type CallbackContext, type ClientAttestationJwtHeader, type ClientAttestationJwtPayload, type ClientAttestationPopJwtHeader, type ClientAttestationPopJwtPayload, type ClientAuthenticationCallback, type ClientAuthenticationCallbackOptions, type ClientAuthenticationClientAttestationJwtOptions, type ClientAuthenticationClientSecretBasicOptions, type ClientAuthenticationClientSecretPostOptions, type ClientAuthenticationDynamicOptions, type ClientAuthenticationNoneOptions, type CreateAuthorizationRequestUrlOptions, type CreateClientAttestationJwtOptions, type CreatePkceReturn, type CreatePushedAuthorizationErrorResponseOptions, type CreatePushedAuthorizationResponseOptions, type DecodeJwtHeaderResult, type DecodeJwtOptions, type DecodeJwtResult, type DecryptJweCallback, type DecryptJweCallbackOptions, type EncryptJweCallback, type GenerateRandomCallback, HashAlgorithm, type HashCallback, type HttpMethod, IdTokenJwtHeader, IdTokenJwtPayload, InvalidFetchResponseError, type JweEncryptor, type Jwk, type JwkSet, type JwtHeader, type JwtPayload, type JwtSigner, type JwtSignerCustom, type JwtSignerDid, type JwtSignerJwk, type JwtSignerWithJwk, type JwtSignerX5c, Oauth2AuthorizationServer, type Oauth2AuthorizationServerOptions, Oauth2Client, Oauth2ClientAuthorizationChallengeError, Oauth2ClientErrorResponseError, type Oauth2ClientOptions, Oauth2Error, Oauth2ErrorCodes, type Oauth2ErrorOptions, type Oauth2ErrorResponse, Oauth2JwtParseError, Oauth2JwtVerificationError, Oauth2ResourceServer, type Oauth2ResourceServerOptions, Oauth2ResourceUnauthorizedError, Oauth2ServerErrorResponseError, type Oid4vcTsConfig, type ParseAuthorizationChallengeRequestOptions, type ParseAuthorizationChallengeRequestResult, type ParsePushedAuthorizationRequestOptions, type ParsePushedAuthorizationRequestResult, PkceCodeChallengeMethod, type PreAuthorizedCodeGrantIdentifier, type RefreshTokenGrantIdentifier, type RequestClientAttestationOptions, type RequestDpopOptions, type RequestLike, type ResourceRequestOptions, type ResourceRequestResponseNotOk, type ResourceRequestResponseOk, type RetrieveAuthorizationCodeAccessTokenOptions, type RetrievePreAuthorizedCodeAccessTokenOptions, type SignJwtCallback, SupportedAuthenticationScheme, SupportedClientAuthenticationMethod, type TokenIntrospectionResponse, type VerifiedClientAttestationJwt, type VerifyAccessTokenRequestReturn, type VerifyAuthorizationChallengeRequestOptions, type VerifyAuthorizationChallengeRequestReturn, type VerifyJwtCallback, VerifyJwtIdTokenOptions, type VerifyPushedAuthorizationRequestOptions, type VerifyPushedAuthorizationRequestReturn, type VerifyResourceRequestOptions, type WwwAuthenticateHeaderChallenge, authorizationCodeGrantIdentifier, calculateJwkThumbprint, clientAuthenticationAnonymous, clientAuthenticationClientAttestationJwt, clientAuthenticationClientSecretBasic, clientAuthenticationClientSecretPost, clientAuthenticationDynamic, clientAuthenticationNone, createClientAttestationJwt, decodeJwt, decodeJwtHeader, fetchAuthorizationServerMetadata, fetchJwks, fetchWellKnownMetadata, getAuthorizationServerMetadataFromList, getGlobalConfig, isJwkInSet, jwtHeaderFromJwtSigner, jwtSignerFromJwt, preAuthorizedCodeGrantIdentifier, refreshTokenGrantIdentifier, resourceRequest, setGlobalConfig, verifyClientAttestationJwt, verifyJwt, verifyJwtIdToken, verifyResourceRequest, zAlgValueNotNone, zAuthorizationCodeGrantIdentifier, zAuthorizationServerMetadata, zCompactJwe, zCompactJwt, zIdTokenJwtHeader, zIdTokenJwtPayload, zJwk, zJwkSet, zJwtHeader, zJwtPayload, zOauth2ErrorResponse, zPreAuthorizedCodeGrantIdentifier, zRefreshTokenGrantIdentifier };
|
|
3071
3344
|
//# sourceMappingURL=index.d.ts.map
|