@openstax/ts-utils 1.47.0 → 1.48.0

package/dist/esm/misc/hashValue.js

@@ -1,4 +1,4 @@
-import { createHash } from 'crypto';
+import { sha1 } from 'js-sha1';
 /**
  * creates a string hash of lots of different kinds of things.
  *
@@ -10,5 +10,5 @@ export const hashValue = (value) => {
     const allKeys = new Set();
     JSON.stringify(value, (k, v) => (allKeys.add(k), v));
     const strValue = (_a = JSON.stringify(value, Array.from(allKeys).sort())) !== null && _a !== void 0 ? _a : 'undefined';
-    return createHash('sha1').update(strValue).digest('hex');
+    return sha1(strValue);
 };

package/dist/esm/misc/jwks.d.ts

@@ -1,7 +1,10 @@
+import type { webcrypto } from 'crypto';
 import { JwksClient } from 'jwks-rsa';
-import type { JWK } from 'node-jose';
+export type PublicJsonWebKey = webcrypto.JsonWebKey & {
+    kid: string;
+};
 export type JwksFetcher = (uri: string) => Promise<{
-    keys: JWK.RawKey[];
+    keys: PublicJsonWebKey[];
 }>;
 export declare const getJwksClient: (jwksUri: string, fetcher?: JwksFetcher) => JwksClient;
 export declare const getJwksKey: (iss: string, kid?: string, fetcher?: JwksFetcher) => Promise<import("jwks-rsa").SigningKey>;

package/dist/esm/services/apiGateway/index.js

@@ -1,6 +1,5 @@
 import * as pathToRegexp from 'path-to-regexp';
 import queryString from 'query-string';
-import { v4 as uuid } from 'uuid';
 import { resolveConfigValue } from '../../config/index.js';
 import { SessionExpiredError, UnauthorizedError } from '../../errors/index.js';
 import { fetchStatusRetry } from '../../fetch/fetchStatusRetry.js';
@@ -32,7 +31,7 @@ const makeRouteClient = (initializer, config, route, app) => {
         const url = await renderUrl({ params, query });
         const body = payload ? JSON.stringify(payload) : undefined;
         const baseOptions = merge((await ((_a = app === null || app === void 0 ? void 0 : app.authProvider) === null || _a === void 0 ? void 0 : _a.getAuthorizedFetchConfig())) || {}, fetchConfig || {});
-        const requestId = uuid();
+        const requestId = globalThis.crypto.randomUUID();
         const requestLogger = (_b = app === null || app === void 0 ? void 0 : app.logger) === null || _b === void 0 ? void 0 : _b.createSubContext();
         requestLogger === null || requestLogger === void 0 ? void 0 : requestLogger.setContext({ requestId, url, timeStamp: new Date().getTime() });
         const fetcher = fetchStatusRetry(fetch, { retries: 1, status: [502], logger: requestLogger });

package/dist/esm/services/authProvider/index.js

@@ -1,4 +1,4 @@
-import cookie from 'cookie';
+import { parse as parseCookie, serialize as serializeCookie } from 'cookie';
 import { tuple } from '../../misc/helpers.js';
 import { getHeader } from '../../routing/helpers.js';
 export const stubAuthProvider = (user) => {
@@ -15,12 +15,12 @@ export const getAuthTokenOrCookie = (request, cookieName, queryKey = 'auth') =>
     var _a, _b;
     const authParam = request.queryStringParameters ? request.queryStringParameters[queryKey] : undefined;
     const authHeader = getHeader(request.headers, 'authorization');
-    const cookieValue = cookie.parse((_b = (_a = request.cookies) === null || _a === void 0 ? void 0 : _a.join('; ')) !== null && _b !== void 0 ? _b : '')[cookieName];
+    const cookieValue = parseCookie((_b = (_a = request.cookies) === null || _a === void 0 ? void 0 : _a.join('; ')) !== null && _b !== void 0 ? _b : '')[cookieName];
     return typeof authParam === 'string'
         ? tuple(authParam, { Authorization: `Bearer ${authParam}` })
         : authHeader && authHeader.length >= 8 && authHeader.startsWith('Bearer ')
             ? tuple(authHeader.slice(7), { Authorization: authHeader })
             : cookieValue
-                ? tuple(cookieValue, { cookie: cookie.serialize(cookieName, cookieValue) })
+                ? tuple(cookieValue, { cookie: serializeCookie(cookieName, cookieValue) })
                 : tuple(null, {});
 };

package/dist/esm/services/authProvider/utils/userSubrequest.js

@@ -1,6 +1,6 @@
-import cookie from 'cookie';
+import { serialize as serializeCookie } from 'cookie';
 export const loadUserData = (fetch, accountsBase, cookieName, token) => {
-    const headers = { cookie: cookie.serialize(cookieName, token) };
+    const headers = { cookie: serializeCookie(cookieName, token) };
     // this returns `{"error_id":null}` when the token is invalid
     return fetch(accountsBase.replace(/\/+$/, '') + '/api/user', { headers })
         .then(response => response.json())

package/dist/esm/services/fileServer/localFileServer.js

@@ -5,7 +5,6 @@ import https from 'https';
 import path from 'path';
 import { pipeline } from 'stream/promises';
 import Busboy from 'busboy';
-import { v4 as uuid } from 'uuid';
 import { assertString } from '../../assertions/index.js';
 import { resolveConfigValue } from '../../config/index.js';
 import { ifDefined } from '../../guards/index.js';
@@ -39,7 +38,7 @@ const handleUpload = (req, res, uploadDir) => {
     });
     busboy.on('file', (_name, file, info) => {
         originalName = info.filename;
-        tempPath = path.join(uploadDir, uuid());
+        tempPath = path.join(uploadDir, crypto.randomUUID());
         file.pipe(fs.createWriteStream(tempPath));
     });
     busboy.on('finish', async () => {
@@ -133,7 +132,7 @@ export const localFileServer = (initializer) => (configProvider) => {
         return source;
     };
     const getSignedFileUploadConfig = async () => {
-        const prefix = 'uploads/' + uuid();
+        const prefix = 'uploads/' + crypto.randomUUID();
         return {
             url: `https://${await host}:${await port}/`,
             payload: {

package/dist/esm/services/fileServer/s3FileServer.js

@@ -1,9 +1,9 @@
 /* spell-checker: ignore presigner */
+import { randomUUID } from 'crypto';
 import path from 'path';
 import { CopyObjectCommand, GetObjectCommand, HeadObjectCommand, PutObjectCommand, S3Client } from '@aws-sdk/client-s3';
 import { createPresignedPost } from '@aws-sdk/s3-presigned-post';
 import { getSignedUrl } from '@aws-sdk/s3-request-presigner';
-import { v4 as uuid } from 'uuid';
 import { assertDefined } from '../../assertions/index.js';
 import { resolveConfigValue } from '../../config/index.js';
 import { ifDefined } from '../../guards/index.js';
@@ -57,7 +57,7 @@ export const s3FileServer = (initializer) => (configProvider) => {
      * https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-post-example.html
      */
     const getSignedFileUploadConfig = async () => {
-        const prefix = 'uploads/' + uuid();
+        const prefix = 'uploads/' + randomUUID();
         const bucket = (await bucketName());
         const Conditions = [
             { acl: 'private' },

package/dist/esm/services/httpMessage/verifier.d.ts

@@ -1,7 +1,7 @@
 import { APIGatewayProxyEventV2 } from 'aws-lambda';
 import { VerifyConfig } from 'http-message-signatures';
-import { JWK } from 'node-jose';
 import { ConfigProviderForConfig } from '../../config/index.js';
+import { type PublicJsonWebKey } from '../../misc/jwks.js';
 type Config = {
     apiHost: string;
     bypassSignatureVerification: string;
@@ -9,7 +9,7 @@ type Config = {
 interface Initializer<C> {
     configSpace?: C;
     fetcher?: (uri: string) => Promise<{
-        keys: JWK.RawKey[];
+        keys: PublicJsonWebKey[];
     }>;
 }
 export type SignatureAgentVerifier = (signatureAgent: string) => boolean | Promise<boolean>;

package/dist/esm/services/keyStore/index.d.ts

@@ -1,5 +1,5 @@
-import { JWK } from 'node-jose';
 import { ConfigProviderForConfig } from '../../config/index.js';
+import type { PublicJsonWebKey } from '../../misc/jwks.js';
 type Config = {
     privateKey: string;
 };
@@ -8,12 +8,9 @@ export type PrivateKey = {
     pem: string;
 };
 export declare const createKeyStore: (config: ConfigProviderForConfig<Config>) => {
-    getPrivateKey: () => Promise<{
-        kid: string;
-        pem: string;
-    }>;
+    getPrivateKey: () => Promise<PrivateKey>;
     jwks: () => Promise<{
-        keys: JWK.RawKey[];
+        keys: PublicJsonWebKey[];
     }>;
 };
 export type KeyStore = ReturnType<typeof createKeyStore>;

package/dist/esm/services/keyStore/index.js

@@ -1,23 +1,34 @@
-import { JWK } from 'node-jose';
+import { createHash, createPublicKey } from 'crypto';
 import { resolveConfigValue } from '../../config/index.js';
 import { once } from '../../misc/helpers.js';
+// RFC 7638 required members per key type, in lexicographic order
+const thumbprintMembers = {
+    RSA: ['e', 'kty', 'n'],
+    EC: ['crv', 'kty', 'x', 'y'],
+    OKP: ['crv', 'kty', 'x'],
+    oct: ['k', 'kty'],
+};
+const jwkThumbprint = (jwk) => {
+    const members = thumbprintMembers[jwk.kty];
+    const canonical = Object.fromEntries(members.map((m) => [m, jwk[m]]));
+    return createHash('sha256').update(JSON.stringify(canonical)).digest('base64url');
+};
 export const createKeyStore = (config) => {
     const store = once(async () => {
         const pem = await resolveConfigValue(config.privateKey);
-        const keyStore = JWK.createKeyStore();
-        const { kid } = await keyStore.add(pem, 'pem');
-        const keys = [{ kid, pem }];
-        return { keyStore, keys };
+        const publicJwk = createPublicKey(pem).export({ format: 'jwk' });
+        const kid = jwkThumbprint(publicJwk);
+        return { pem, publicJwk, kid };
     });
     return {
         // this method only supports one key for now (always returns the first key)
         getPrivateKey: async () => {
-            const { keys } = await store();
-            return keys[0];
+            const { pem, kid } = await store();
+            return { kid, pem };
         },
         jwks: async () => {
-            const { keyStore } = await store();
-            return keyStore.toJSON(false);
+            const { publicJwk, kid } = await store();
+            return { keys: [{ ...publicJwk, kid }] };
         },
     };
 };

package/dist/esm/services/launchParams/verifier.d.ts

@@ -1,6 +1,6 @@
 import jwt from 'jsonwebtoken';
-import type { JWK } from 'node-jose';
 import { ConfigProviderForConfig } from '../../config/index.js';
+import { type PublicJsonWebKey } from '../../misc/jwks.js';
 type Config = {
     trustedDomain: string;
     bypassSignatureVerification: string;
@@ -8,7 +8,7 @@ type Config = {
 interface Initializer<C> {
     configSpace?: C;
     fetcher?: (uri: string) => Promise<{
-        keys: JWK.RawKey[];
+        keys: PublicJsonWebKey[];
     }>;
 }
 /**

package/dist/esm/services/lrsGateway/addStatementDefaultFields.js

@@ -1,8 +1,7 @@
 import formatISO from 'date-fns/formatISO';
-import { v4 as uuid } from 'uuid';
 import { formatAgent } from './attempt-utils.js';
 export const addStatementDefaultFields = (statement, user) => ({
-    id: uuid(),
+    id: globalThis.crypto.randomUUID(),
     actor: formatAgent(user.uuid),
     timestamp: formatISO(new Date()),
     ...statement,

package/dist/esm/services/lrsGateway/file-system.js

@@ -1,7 +1,7 @@
+import { randomUUID } from 'crypto';
 import * as fsModule from 'fs';
 import path from 'path';
 import formatISO from 'date-fns/formatISO';
-import { v4 as uuid } from 'uuid';
 import { assertDefined } from '../../assertions/index.js';
 import { resolveConfigValue } from '../../config/index.js';
 import { UnauthorizedError } from '../../errors/index.js';
@@ -69,7 +69,7 @@ export const fileSystemLrsGateway = (initializer) => (configProvider) => ({ auth
             : assertDefined(await authProvider.getUser(), new UnauthorizedError);
         const statementsWithDefaults = statements.map(statement => ({
             ...statement,
-            id: uuid(),
+            id: randomUUID(),
             actor: formatAgent(author.uuid),
             timestamp: formatISO(new Date()),
         }));