@openstax/ts-utils 1.47.0 → 1.48.1

package/dist/cjs/misc/hashValue.js

@@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.hashValue = void 0;
-const crypto_1 = require("crypto");
+const js_sha1_1 = require("js-sha1");
 /**
  * creates a string hash of lots of different kinds of things.
  *
@@ -13,6 +13,6 @@ const hashValue = (value) => {
     const allKeys = new Set();
     JSON.stringify(value, (k, v) => (allKeys.add(k), v));
     const strValue = (_a = JSON.stringify(value, Array.from(allKeys).sort())) !== null && _a !== void 0 ? _a : 'undefined';
-    return (0, crypto_1.createHash)('sha1').update(strValue).digest('hex');
+    return (0, js_sha1_1.sha1)(strValue);
 };
 exports.hashValue = hashValue;

package/dist/cjs/misc/jwks.d.ts

@@ -1,7 +1,10 @@
+import type { webcrypto } from 'crypto';
 import { JwksClient } from 'jwks-rsa';
-import type { JWK } from 'node-jose';
+export type PublicJsonWebKey = webcrypto.JsonWebKey & {
+    kid: string;
+};
 export type JwksFetcher = (uri: string) => Promise<{
-    keys: JWK.RawKey[];
+    keys: PublicJsonWebKey[];
 }>;
 export declare const getJwksClient: (jwksUri: string, fetcher?: JwksFetcher) => JwksClient;
 export declare const getJwksKey: (iss: string, kid?: string, fetcher?: JwksFetcher) => Promise<import("jwks-rsa").SigningKey>;

package/dist/cjs/services/apiGateway/index.js

@@ -39,7 +39,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.createApiGateway = exports.loadResponse = void 0;
 const pathToRegexp = __importStar(require("path-to-regexp"));
 const query_string_1 = __importDefault(require("query-string"));
-const uuid_1 = require("uuid");
 const index_js_1 = require("../../config/index.js");
 const index_js_2 = require("../../errors/index.js");
 const fetchStatusRetry_js_1 = require("../../fetch/fetchStatusRetry.js");
@@ -72,7 +71,7 @@ const makeRouteClient = (initializer, config, route, app) => {
         const url = await renderUrl({ params, query });
         const body = payload ? JSON.stringify(payload) : undefined;
         const baseOptions = (0, index_js_3.merge)((await ((_a = app === null || app === void 0 ? void 0 : app.authProvider) === null || _a === void 0 ? void 0 : _a.getAuthorizedFetchConfig())) || {}, fetchConfig || {});
-        const requestId = (0, uuid_1.v4)();
+        const requestId = globalThis.crypto.randomUUID();
         const requestLogger = (_b = app === null || app === void 0 ? void 0 : app.logger) === null || _b === void 0 ? void 0 : _b.createSubContext();
         requestLogger === null || requestLogger === void 0 ? void 0 : requestLogger.setContext({ requestId, url, timeStamp: new Date().getTime() });
         const fetcher = (0, fetchStatusRetry_js_1.fetchStatusRetry)(fetch, { retries: 1, status: [502], logger: requestLogger });

package/dist/cjs/services/authProvider/index.js

@@ -1,10 +1,7 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getAuthTokenOrCookie = exports.stubAuthProvider = void 0;
-const cookie_1 = __importDefault(require("cookie"));
+const cookie_1 = require("cookie");
 const helpers_js_1 = require("../../misc/helpers.js");
 const helpers_js_2 = require("../../routing/helpers.js");
 const stubAuthProvider = (user) => {
@@ -22,13 +19,13 @@ const getAuthTokenOrCookie = (request, cookieName, queryKey = 'auth') => {
     var _a, _b;
     const authParam = request.queryStringParameters ? request.queryStringParameters[queryKey] : undefined;
     const authHeader = (0, helpers_js_2.getHeader)(request.headers, 'authorization');
-    const cookieValue = cookie_1.default.parse((_b = (_a = request.cookies) === null || _a === void 0 ? void 0 : _a.join('; ')) !== null && _b !== void 0 ? _b : '')[cookieName];
+    const cookieValue = (0, cookie_1.parse)((_b = (_a = request.cookies) === null || _a === void 0 ? void 0 : _a.join('; ')) !== null && _b !== void 0 ? _b : '')[cookieName];
     return typeof authParam === 'string'
         ? (0, helpers_js_1.tuple)(authParam, { Authorization: `Bearer ${authParam}` })
         : authHeader && authHeader.length >= 8 && authHeader.startsWith('Bearer ')
             ? (0, helpers_js_1.tuple)(authHeader.slice(7), { Authorization: authHeader })
             : cookieValue
-                ? (0, helpers_js_1.tuple)(cookieValue, { cookie: cookie_1.default.serialize(cookieName, cookieValue) })
+                ? (0, helpers_js_1.tuple)(cookieValue, { cookie: (0, cookie_1.serialize)(cookieName, cookieValue) })
                 : (0, helpers_js_1.tuple)(null, {});
 };
 exports.getAuthTokenOrCookie = getAuthTokenOrCookie;

package/dist/cjs/services/authProvider/utils/userSubrequest.js

@@ -1,12 +1,9 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.loadUserData = void 0;
-const cookie_1 = __importDefault(require("cookie"));
+const cookie_1 = require("cookie");
 const loadUserData = (fetch, accountsBase, cookieName, token) => {
-    const headers = { cookie: cookie_1.default.serialize(cookieName, token) };
+    const headers = { cookie: (0, cookie_1.serialize)(cookieName, token) };
     // this returns `{"error_id":null}` when the token is invalid
     return fetch(accountsBase.replace(/\/+$/, '') + '/api/user', { headers })
         .then(response => response.json())

package/dist/cjs/services/fileServer/localFileServer.js

@@ -11,7 +11,6 @@ const https_1 = __importDefault(require("https"));
 const path_1 = __importDefault(require("path"));
 const promises_1 = require("stream/promises");
 const busboy_1 = __importDefault(require("busboy"));
-const uuid_1 = require("uuid");
 const index_js_1 = require("../../assertions/index.js");
 const index_js_2 = require("../../config/index.js");
 const index_js_3 = require("../../guards/index.js");
@@ -45,7 +44,7 @@ const handleUpload = (req, res, uploadDir) => {
     });
     busboy.on('file', (_name, file, info) => {
         originalName = info.filename;
-        tempPath = path_1.default.join(uploadDir, (0, uuid_1.v4)());
+        tempPath = path_1.default.join(uploadDir, crypto_1.default.randomUUID());
         file.pipe(fs_1.default.createWriteStream(tempPath));
     });
     busboy.on('finish', async () => {
@@ -139,7 +138,7 @@ const localFileServer = (initializer) => (configProvider) => {
         return source;
     };
     const getSignedFileUploadConfig = async () => {
-        const prefix = 'uploads/' + (0, uuid_1.v4)();
+        const prefix = 'uploads/' + crypto_1.default.randomUUID();
         return {
             url: `https://${await host}:${await port}/`,
             payload: {

package/dist/cjs/services/fileServer/s3FileServer.js

@@ -5,11 +5,11 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.s3FileServer = void 0;
 /* spell-checker: ignore presigner */
+const crypto_1 = require("crypto");
 const path_1 = __importDefault(require("path"));
 const client_s3_1 = require("@aws-sdk/client-s3");
 const s3_presigned_post_1 = require("@aws-sdk/s3-presigned-post");
 const s3_request_presigner_1 = require("@aws-sdk/s3-request-presigner");
-const uuid_1 = require("uuid");
 const index_js_1 = require("../../assertions/index.js");
 const index_js_2 = require("../../config/index.js");
 const index_js_3 = require("../../guards/index.js");
@@ -63,7 +63,7 @@ const s3FileServer = (initializer) => (configProvider) => {
      * https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-post-example.html
      */
     const getSignedFileUploadConfig = async () => {
-        const prefix = 'uploads/' + (0, uuid_1.v4)();
+        const prefix = 'uploads/' + (0, crypto_1.randomUUID)();
         const bucket = (await bucketName());
         const Conditions = [
             { acl: 'private' },

package/dist/cjs/services/httpMessage/verifier.d.ts

@@ -1,7 +1,7 @@
 import { APIGatewayProxyEventV2 } from 'aws-lambda';
 import { VerifyConfig } from 'http-message-signatures';
-import { JWK } from 'node-jose';
 import { ConfigProviderForConfig } from '../../config/index.js';
+import { type PublicJsonWebKey } from '../../misc/jwks.js';
 type Config = {
     apiHost: string;
     bypassSignatureVerification: string;
@@ -9,7 +9,7 @@ type Config = {
 interface Initializer<C> {
     configSpace?: C;
     fetcher?: (uri: string) => Promise<{
-        keys: JWK.RawKey[];
+        keys: PublicJsonWebKey[];
     }>;
 }
 export type SignatureAgentVerifier = (signatureAgent: string) => boolean | Promise<boolean>;

package/dist/cjs/services/keyStore/index.d.ts

@@ -1,5 +1,5 @@
-import { JWK } from 'node-jose';
 import { ConfigProviderForConfig } from '../../config/index.js';
+import type { PublicJsonWebKey } from '../../misc/jwks.js';
 type Config = {
     privateKey: string;
 };
@@ -8,12 +8,9 @@ export type PrivateKey = {
     pem: string;
 };
 export declare const createKeyStore: (config: ConfigProviderForConfig<Config>) => {
-    getPrivateKey: () => Promise<{
-        kid: string;
-        pem: string;
-    }>;
+    getPrivateKey: () => Promise<PrivateKey>;
     jwks: () => Promise<{
-        keys: JWK.RawKey[];
+        keys: PublicJsonWebKey[];
     }>;
 };
 export type KeyStore = ReturnType<typeof createKeyStore>;

package/dist/cjs/services/keyStore/index.js

@@ -1,26 +1,37 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.createKeyStore = void 0;
-const node_jose_1 = require("node-jose");
+const crypto_1 = require("crypto");
 const index_js_1 = require("../../config/index.js");
 const helpers_js_1 = require("../../misc/helpers.js");
+// RFC 7638 required members per key type, in lexicographic order
+const thumbprintMembers = {
+    RSA: ['e', 'kty', 'n'],
+    EC: ['crv', 'kty', 'x', 'y'],
+    OKP: ['crv', 'kty', 'x'],
+    oct: ['k', 'kty'],
+};
+const jwkThumbprint = (jwk) => {
+    const members = thumbprintMembers[jwk.kty];
+    const canonical = Object.fromEntries(members.map((m) => [m, jwk[m]]));
+    return (0, crypto_1.createHash)('sha256').update(JSON.stringify(canonical)).digest('base64url');
+};
 const createKeyStore = (config) => {
     const store = (0, helpers_js_1.once)(async () => {
         const pem = await (0, index_js_1.resolveConfigValue)(config.privateKey);
-        const keyStore = node_jose_1.JWK.createKeyStore();
-        const { kid } = await keyStore.add(pem, 'pem');
-        const keys = [{ kid, pem }];
-        return { keyStore, keys };
+        const publicJwk = (0, crypto_1.createPublicKey)(pem).export({ format: 'jwk' });
+        const kid = jwkThumbprint(publicJwk);
+        return { pem, publicJwk, kid };
     });
     return {
         // this method only supports one key for now (always returns the first key)
         getPrivateKey: async () => {
-            const { keys } = await store();
-            return keys[0];
+            const { pem, kid } = await store();
+            return { kid, pem };
         },
         jwks: async () => {
-            const { keyStore } = await store();
-            return keyStore.toJSON(false);
+            const { publicJwk, kid } = await store();
+            return { keys: [{ ...publicJwk, kid }] };
         },
     };
 };

package/dist/cjs/services/launchParams/verifier.d.ts

@@ -1,6 +1,6 @@
 import jwt from 'jsonwebtoken';
-import type { JWK } from 'node-jose';
 import { ConfigProviderForConfig } from '../../config/index.js';
+import { type PublicJsonWebKey } from '../../misc/jwks.js';
 type Config = {
     trustedDomain: string;
     bypassSignatureVerification: string;
@@ -8,7 +8,7 @@ type Config = {
 interface Initializer<C> {
     configSpace?: C;
     fetcher?: (uri: string) => Promise<{
-        keys: JWK.RawKey[];
+        keys: PublicJsonWebKey[];
     }>;
 }
 /**

package/dist/cjs/services/lrsGateway/addStatementDefaultFields.js

@@ -5,10 +5,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.addStatementDefaultFields = void 0;
 const formatISO_1 = __importDefault(require("date-fns/formatISO"));
-const uuid_1 = require("uuid");
 const attempt_utils_js_1 = require("./attempt-utils.js");
 const addStatementDefaultFields = (statement, user) => ({
-    id: (0, uuid_1.v4)(),
+    id: globalThis.crypto.randomUUID(),
     actor: (0, attempt_utils_js_1.formatAgent)(user.uuid),
     timestamp: (0, formatISO_1.default)(new Date()),
     ...statement,

package/dist/cjs/services/lrsGateway/file-system.js

@@ -37,10 +37,10 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.fileSystemLrsGateway = void 0;
+const crypto_1 = require("crypto");
 const fsModule = __importStar(require("fs"));
 const path_1 = __importDefault(require("path"));
 const formatISO_1 = __importDefault(require("date-fns/formatISO"));
-const uuid_1 = require("uuid");
 const index_js_1 = require("../../assertions/index.js");
 const index_js_2 = require("../../config/index.js");
 const index_js_3 = require("../../errors/index.js");
@@ -108,7 +108,7 @@ const fileSystemLrsGateway = (initializer) => (configProvider) => ({ authProvide
             : (0, index_js_1.assertDefined)(await authProvider.getUser(), new index_js_3.UnauthorizedError);
         const statementsWithDefaults = statements.map(statement => ({
             ...statement,
-            id: (0, uuid_1.v4)(),
+            id: (0, crypto_1.randomUUID)(),
             actor: (0, attempt_utils_js_1.formatAgent)(author.uuid),
             timestamp: (0, formatISO_1.default)(new Date()),
         }));