npm - @openstax/ts-utils - Versions diffs - 1.15.5 → 1.16.0 - Mend

@openstax/ts-utils 1.15.5 → 1.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/esm/services/authProvider/decryption.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import type { ConfigProviderForConfig } from '../../config';
-import { CookieAuthProvider } from '.';
+import { AuthProvider, CookieAuthProvider } from '.';
 declare type Config = {
     cookieName: string;
     encryptionPrivateKey: string;
@@ -8,9 +8,12 @@ declare type Config = {
 interface Initializer<C> {
     configSpace?: C;
 }
+export declare type DecryptionAuthProvider = CookieAuthProvider<AuthProvider & {
+    getTokenExpiration: () => Promise<number | undefined>;
+}>;
 export declare const decryptionAuthProvider: <C extends string = "decryption">(initializer: Initializer<C>) => (configProvider: { [key in C]: {
     cookieName: import("../../config").ConfigValueProvider<string>;
     encryptionPrivateKey: import("../../config").ConfigValueProvider<string>;
     signaturePublicKey: import("../../config").ConfigValueProvider<string>;
-}; }) => CookieAuthProvider;
+}; }) => DecryptionAuthProvider;
 export {};

package/dist/esm/services/authProvider/decryption.js CHANGED Viewed

@@ -18,12 +18,18 @@ export const decryptionAuthProvider = (initializer) => (configProvider) => {
             }
             return { headers };
         };
-        const loadUser = async () => {
+        const getPayload = async () => {
             const [token] = getAuthTokenOrCookie(request, await cookieName());
             if (!token) {
                 return undefined;
             }
-            const result = decryptAndVerify(token, await encryptionPrivateKey(), await signaturePublicKey());
+            return decryptAndVerify(token, await encryptionPrivateKey(), await signaturePublicKey());
+        };
+        const loadUser = async () => {
+            const result = await getPayload();
+            if (!result) {
+                return undefined;
+            }
             if ('error' in result && result.error == 'expired token') {
                 throw new SessionExpiredError();
             }
@@ -31,12 +37,16 @@ export const decryptionAuthProvider = (initializer) => (configProvider) => {
         };
         return {
             getAuthorizedFetchConfig,
+            getTokenExpiration: async () => {
+                const result = await getPayload();
+                return result ? result.exp : undefined;
+            },
             getUser: async () => {
                 if (!user) {
                     user = await loadUser();
                 }
                 return user;
-            }
+            },
         };
     };
 };

package/dist/esm/services/authProvider/index.d.ts CHANGED Viewed

@@ -45,9 +45,9 @@ export declare type CookieAuthProviderRequest = {
     headers: HttpHeaders;
     queryStringParameters?: QueryParams;
 };
-export declare type CookieAuthProvider = (inputs: {
+export declare type CookieAuthProvider<T extends AuthProvider = AuthProvider> = (inputs: {
     request: CookieAuthProviderRequest;
-}) => AuthProvider;
+}) => T;
 export declare type StubAuthProvider = (user: User | undefined) => AuthProvider;
 export declare const stubAuthProvider: (user?: User | undefined) => AuthProvider;
 export declare const getAuthTokenOrCookie: (request: CookieAuthProviderRequest, cookieName: string, queryKey?: string) => [string, {

package/dist/esm/services/authProvider/utils/decryptAndVerify.d.ts CHANGED Viewed

@@ -17,11 +17,13 @@ export declare const verifyJws: (jws: string, signaturePublicKey: Buffer | strin
  * @param token the encrypted token
  * @param encryptionPrivateKey the private key used to encrypt the token
  * @param signaturePublicKey the public key used to verify the decrypted token
- * @returns {user: User} (success) or {error: string} (failure)
+ * @returns {user: User; exp: number} (success) or {error: string} (failure)
  */
 export declare const decryptAndVerify: (token: string, encryptionPrivateKey: string, signaturePublicKey: string) => {
     user: User;
+    exp: number;
 } | {
     error: string;
+    exp?: number;
 };
 export {};

package/dist/esm/services/authProvider/utils/decryptAndVerify.js CHANGED Viewed

@@ -57,7 +57,7 @@ export const verifyJws = (jws, signaturePublicKey) => {
  * @param token the encrypted token
  * @param encryptionPrivateKey the private key used to encrypt the token
  * @param signaturePublicKey the public key used to verify the decrypted token
- * @returns {user: User} (success) or {error: string} (failure)
+ * @returns {user: User; exp: number} (success) or {error: string} (failure)
  */
 export const decryptAndVerify = (token, encryptionPrivateKey, signaturePublicKey) => {
     const timestamp = Math.floor(Date.now() / 1000);
@@ -79,7 +79,7 @@ export const decryptAndVerify = (token, encryptionPrivateKey, signaturePublicKey
         return { error: 'invalid token' };
     }
     if (payload.exp < timestamp - clockTolerance) {
-        return { error: 'expired token' };
+        return { error: 'expired token', exp: payload.exp };
     }
-    return { user: payload.sub };
+    return { user: payload.sub, exp: payload.exp };
 };

package/dist/esm/services/launchParams/signer.d.ts CHANGED Viewed

@@ -21,7 +21,7 @@ export declare const createLaunchSigner: <C extends string = "launch">({ configS
     jwks: () => Promise<{
         keys: JWK.RawKey[];
     }>;
-    sign: (subject: string) => Promise<string>;
+    sign: (subject: string, maxExpiresIn?: string | number | undefined) => Promise<string>;
 };
 export declare type LaunchSigner = ReturnType<ReturnType<typeof createLaunchSigner>>;
 export {};

package/dist/esm/services/launchParams/signer.js CHANGED Viewed

@@ -1,4 +1,5 @@
 import jwt from 'jsonwebtoken';
+import ms from 'ms';
 import { JWK } from 'node-jose';
 import { once } from '../..';
 import { resolveConfigValue } from '../../config';
@@ -27,9 +28,17 @@ export const createLaunchSigner = ({ configSpace }) => (configProvider) => {
         return keystore;
     });
     const jwks = async () => (await getKeyStore()).toJSON(false);
-    const sign = async (subject) => {
-        const alg = await getAlg();
+    const getExpiresInWithMax = async (maxExpiresIn) => {
         const expiresIn = await getExpiresIn();
+        const maxExpiresInSeconds = typeof maxExpiresIn === 'number' ? maxExpiresIn :
+            typeof maxExpiresIn === 'string' ? Math.floor(ms(maxExpiresIn) / 1000) :
+                undefined;
+        return maxExpiresInSeconds ? Math.min(Math.floor(ms(expiresIn) / 1000), maxExpiresInSeconds) : expiresIn;
+    };
+    const sign = async (subject, maxExpiresIn) => {
+        const alg = await getAlg();
+        // expiresIn can be a number of seconds or a string like '1h' or '1d'
+        const expiresIn = await getExpiresInWithMax(maxExpiresIn);
         const iss = await getIss();
         const header = { alg, iss };
         return jwt.sign({}, await getPrivateKey(), { algorithm: alg, expiresIn, header, issuer: iss, subject });