npm - @optimizely-opal/opal-tool-ocp-sdk - Versions diffs - 0.0.0-beta.10 → 0.0.0-beta.11 - Mend

@optimizely-opal/opal-tool-ocp-sdk 0.0.0-beta.10 → 0.0.0-beta.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (38) hide show

package/README.md +43 -9
package/dist/function/ToolFunction.d.ts +7 -4
package/dist/function/ToolFunction.d.ts.map +1 -1
package/dist/function/ToolFunction.js +10 -39
package/dist/function/ToolFunction.js.map +1 -1
package/dist/function/ToolFunction.test.js +196 -177
package/dist/function/ToolFunction.test.js.map +1 -1
package/dist/index.d.ts +0 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +0 -1
package/dist/index.js.map +1 -1
package/dist/service/Service.d.ts +7 -7
package/dist/service/Service.d.ts.map +1 -1
package/dist/service/Service.js +16 -22
package/dist/service/Service.js.map +1 -1
package/dist/service/Service.test.js +3 -8
package/dist/service/Service.test.js.map +1 -1
package/dist/types/Models.d.ts +5 -5
package/dist/types/Models.d.ts.map +1 -1
package/dist/types/Models.js +9 -9
package/dist/types/Models.js.map +1 -1
package/package.json +3 -5
package/src/function/ToolFunction.test.ts +214 -194
package/src/function/ToolFunction.ts +11 -45
package/src/index.ts +0 -1
package/src/service/Service.test.ts +3 -8
package/src/service/Service.ts +17 -22
package/src/types/Models.ts +4 -4
package/dist/auth/TokenVerifier.d.ts +0 -31
package/dist/auth/TokenVerifier.d.ts.map +0 -1
package/dist/auth/TokenVerifier.js +0 -127
package/dist/auth/TokenVerifier.js.map +0 -1
package/dist/auth/TokenVerifier.test.d.ts +0 -2
package/dist/auth/TokenVerifier.test.d.ts.map +0 -1
package/dist/auth/TokenVerifier.test.js +0 -114
package/dist/auth/TokenVerifier.test.js.map +0 -1
package/src/auth/TokenVerifier.test.ts +0 -152
package/src/auth/TokenVerifier.ts +0 -145

package/src/service/Service.ts CHANGED Viewed

@@ -4,11 +4,6 @@ import * as App from '@zaiusinc/app-sdk';
 import { logger } from '@zaiusinc/app-sdk';
 import { ToolFunction } from '../function/ToolFunction';
-/**
- * Default OptiID authentication requirement that will be enforced for all tools
- */
-const DEFAULT_OPTIID_AUTH = new AuthRequirement('OptiID', 'default', true);
 /**
@@ -48,7 +43,7 @@ export class Tool<TAuthData> {
    * @param parameters Function parameters
    * @param endpoint API endpoint
    * @param handler Function implementing the tool
-   * @param authRequirements Authentication requirements (mandatory - OptiID enforced)
+   * @param authRequirements Authentication requirements (optional)
    */
   public constructor(
     public name: string,
@@ -56,7 +51,7 @@ export class Tool<TAuthData> {
     public parameters: Parameter[],
     public endpoint: string,
     public handler: (functionContext: ToolFunction, params: unknown, authData?: TAuthData) => Promise<unknown>,
-    public authRequirements: AuthRequirement[] = [DEFAULT_OPTIID_AUTH]
+    public authRequirements?: AuthRequirement[]
   ) {}
   /**
@@ -68,10 +63,13 @@ export class Tool<TAuthData> {
       description: this.description,
       parameters: this.parameters.map((p) => p.toJSON()),
       endpoint: this.endpoint,
-      http_method: this.httpMethod,
-      auth_requirements: this.authRequirements.map((auth) => auth.toJSON())
+      http_method: this.httpMethod
     };
+    if (this.authRequirements && this.authRequirements.length > 0) {
+      result.auth_requirements = this.authRequirements.map((auth) => auth.toJSON());
+    }
     return result;
   }
 }
@@ -81,19 +79,18 @@ export class ToolsService {
   private interactions: Map<string, Interaction<any>> = new Map();
   /**
-   * Enforce OptiID authentication for tools by ensuring OptiID auth requirement is present
-   * @param authRequirements Original authentication requirements
-   * @returns Enforced authentication requirements with OptiID
+   * Extract Bearer token from Authorization header
+   * @param headers Request headers (Map-like object or Headers object with get method)
+   * @returns Bearer token string or undefined
    */
-  private enforceOptiIdAuth(authRequirements?: AuthRequirement[]): AuthRequirement[] {
-    const hasOptiIdProvider = authRequirements
-      && authRequirements.some((auth) => auth.provider.toLowerCase() === 'optiid');
+  public extractBearerToken(headers: App.Headers): string | undefined {
+    let bearerToken: string | undefined;
-    if (hasOptiIdProvider) {
-      return authRequirements;
+    const authHeader = headers ? headers.get('authorization') : undefined;
+    if (authHeader && authHeader.startsWith('Bearer ')) {
+      bearerToken = authHeader.substring(7).trim();
     }
-    return [...(authRequirements || []), DEFAULT_OPTIID_AUTH];
+    return bearerToken;
   }
   /**
@@ -113,9 +110,7 @@ export class ToolsService {
     endpoint: string,
     authRequirements?: AuthRequirement[]
   ): void {
-    // Enforce OptiID authentication for all tools
-    const enforcedAuthRequirements = this.enforceOptiIdAuth(authRequirements);
-    const func = new Tool<TAuthData>(name, description, parameters, endpoint, handler, enforcedAuthRequirements);
+    const func = new Tool<TAuthData>(name, description, parameters, endpoint, handler, authRequirements);
     this.functions.set(endpoint, func);
   }

package/src/types/Models.ts CHANGED Viewed

@@ -48,10 +48,10 @@ export class Parameter {
 export class OptiIdAuthDataCredentials {
   public constructor(
-    public customer_id: string,
-    public instance_id: string,
-    public access_token: string,
-    public product_sku: string
+    public customerId: string,
+    public instanceId: string,
+    public accessToken: string,
+    public productSku: string
   ) {}
 }

package/dist/auth/TokenVerifier.d.ts DELETED Viewed

@@ -1,31 +0,0 @@
-export declare class TokenVerifier {
-    private static instance;
-    private jwksUri?;
-    private issuer?;
-    private jwks?;
-    private initialized;
-    /**
-     * Verify the provided Optimizely JWT token string
-     * @param token JWT token string to verify
-     * @returns boolean true if verification successful, false otherwise
-     * @throws Error if token is null, empty, or verifier is not properly configured
-     */
-    verify(token: string | undefined): Promise<boolean>;
-    private static getInstance;
-    /**
-     * Get singleton instance of TokenVerifier and ensure it's initialized
-     * @returns Promise<TokenVerifier> - initialized singleton instance
-     */
-    static getInitializedInstance(): Promise<TokenVerifier>;
-    /**
-     * Initialize the TokenVerifier with discovery document from well-known endpoint
-     */
-    private initialize;
-    /**
-     * Fetch discovery document from well-known endpoint
-     */
-    private fetchDiscoveryDocument;
-    private verifyToken;
-}
-export declare const getTokenVerifier: () => Promise<TokenVerifier>;
-//# sourceMappingURL=TokenVerifier.d.ts.map

package/dist/auth/TokenVerifier.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"TokenVerifier.d.ts","sourceRoot":"","sources":["../../src/auth/TokenVerifier.ts"],"names":[],"mappings":"AAkCA,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAA8B;IACrD,OAAO,CAAC,OAAO,CAAC,CAAS;IACzB,OAAO,CAAC,MAAM,CAAC,CAAS;IACxB,OAAO,CAAC,IAAI,CAAC,CAAwC;IACrD,OAAO,CAAC,WAAW,CAAkB;IAErC;;;;;OAKG;IACU,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC;IAQhE,OAAO,CAAC,MAAM,CAAC,WAAW;IAO1B;;;OAGG;WACiB,sBAAsB,IAAI,OAAO,CAAC,aAAa,CAAC;IAQpE;;OAEG;YACW,UAAU;IAyBxB;;OAEG;YACW,sBAAsB;YAetB,WAAW;CAsB1B;AAED,eAAO,MAAM,gBAAgB,QAAa,OAAO,CAAC,aAAa,CAA2C,CAAC"}

package/dist/auth/TokenVerifier.js DELETED Viewed

@@ -1,127 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getTokenVerifier = exports.TokenVerifier = void 0;
-const jose_1 = require("jose");
-const app_sdk_1 = require("@zaiusinc/app-sdk");
-/**
- * Default JWKS cache expiration time in milliseconds (1 hour)
- */
-const DEFAULT_JWKS_EXPIRES_IN = 60 * 60 * 1000;
-/**
- * Default clock skew tolerance in seconds
- */
-const DEFAULT_LEEWAY = 30;
-/**
- * Expected JWT audience for token validation
- */
-const AUDIENCE = 'api://default';
-/**
- * Prep Base URL for Optimizely OAuth2 endpoints
- */
-const PREP_BASE_URL = 'https://prep.login.optimizely.com/oauth2/default';
-/**
- * Prod Base URL for Optimizely OAuth2 endpoints
- */
-const PROD_BASE_URL = 'https://login.optimizely.com/oauth2/default';
-class TokenVerifier {
-    static instance = null;
-    jwksUri;
-    issuer;
-    jwks;
-    initialized = false;
-    /**
-     * Verify the provided Optimizely JWT token string
-     * @param token JWT token string to verify
-     * @returns boolean true if verification successful, false otherwise
-     * @throws Error if token is null, empty, or verifier is not properly configured
-     */
-    async verify(token) {
-        if (!token || token.trim().length === 0) {
-            throw new Error('Token cannot be null or empty');
-        }
-        return this.verifyToken(token);
-    }
-    static getInstance() {
-        if (!TokenVerifier.instance) {
-            TokenVerifier.instance = new TokenVerifier();
-        }
-        return TokenVerifier.instance;
-    }
-    /**
-     * Get singleton instance of TokenVerifier and ensure it's initialized
-     * @returns Promise<TokenVerifier> - initialized singleton instance
-     */
-    static async getInitializedInstance() {
-        const instance = TokenVerifier.getInstance();
-        if (!instance.initialized) {
-            await instance.initialize();
-        }
-        return instance;
-    }
-    /**
-     * Initialize the TokenVerifier with discovery document from well-known endpoint
-     */
-    async initialize() {
-        if (this.initialized) {
-            return;
-        }
-        try {
-            // Use prep URL when environment variable is set to 'staging', otherwise use prod
-            const environment = process.env.environment || 'production';
-            const baseUrl = environment === 'staging' ? PREP_BASE_URL : PROD_BASE_URL;
-            const discoveryDocument = await this.fetchDiscoveryDocument(baseUrl);
-            this.issuer = discoveryDocument.issuer;
-            this.jwksUri = discoveryDocument.jwks_uri;
-            this.jwks = (0, jose_1.createRemoteJWKSet)(new URL(this.jwksUri), {
-                cacheMaxAge: DEFAULT_JWKS_EXPIRES_IN,
-                cooldownDuration: DEFAULT_JWKS_EXPIRES_IN
-            });
-            this.initialized = true;
-            app_sdk_1.logger.info(`TokenVerifier initialized with issuer: ${this.issuer} (environment: ${environment})`);
-        }
-        catch (error) {
-            app_sdk_1.logger.error('Failed to initialize TokenVerifier', error);
-            // Re-throw the original error to preserve specific error messages for tests
-            throw error;
-        }
-    }
-    /**
-     * Fetch discovery document from well-known endpoint
-     */
-    async fetchDiscoveryDocument(baseUrl) {
-        const wellKnownUrl = `${baseUrl}/.well-known/oauth-authorization-server`;
-        const response = await fetch(wellKnownUrl);
-        if (!response.ok) {
-            throw new Error(`Failed to fetch discovery document: ${response.status} ${response.statusText}`);
-        }
-        const discoveryDocument = await response.json();
-        if (!discoveryDocument.issuer || !discoveryDocument.jwks_uri) {
-            throw new Error('Invalid discovery document: missing issuer or jwks_uri');
-        }
-        return discoveryDocument;
-    }
-    async verifyToken(token) {
-        if (!this.initialized) {
-            throw new Error('TokenVerifier not initialized. Call initialize() first.');
-        }
-        if (!this.jwks || !this.issuer) {
-            throw new Error('TokenVerifier not properly configured.');
-        }
-        try {
-            await (0, jose_1.jwtVerify)(token, this.jwks, {
-                issuer: this.issuer,
-                audience: AUDIENCE,
-                clockTolerance: DEFAULT_LEEWAY,
-            });
-            return true;
-        }
-        catch (error) {
-            app_sdk_1.logger.error('Token verification failed:', error);
-            return false;
-        }
-    }
-}
-exports.TokenVerifier = TokenVerifier;
-const getTokenVerifier = async () => TokenVerifier.getInitializedInstance();
-exports.getTokenVerifier = getTokenVerifier;
-//# sourceMappingURL=TokenVerifier.js.map

package/dist/auth/TokenVerifier.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"TokenVerifier.js","sourceRoot":"","sources":["../../src/auth/TokenVerifier.ts"],"names":[],"mappings":";;;AAAA,+BAAqD;AACrD,+CAA2C;AAE3C;;GAEG;AACH,MAAM,uBAAuB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAE/C;;GAEG;AACH,MAAM,cAAc,GAAG,EAAE,CAAC;AAE1B;;GAEG;AACH,MAAM,QAAQ,GAAG,eAAe,CAAC;AAEjC;;GAEG;AACH,MAAM,aAAa,GAAG,kDAAkD,CAAC;AAEzE;;GAEG;AACH,MAAM,aAAa,GAAG,6CAA6C,CAAC;AAQpE,MAAa,aAAa;IAChB,MAAM,CAAC,QAAQ,GAAyB,IAAI,CAAC;IAC7C,OAAO,CAAU;IACjB,MAAM,CAAU;IAChB,IAAI,CAAyC;IAC7C,WAAW,GAAY,KAAK,CAAC;IAErC;;;;;OAKG;IACI,KAAK,CAAC,MAAM,CAAC,KAAyB;QAC3C,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QACnD,CAAC;QAED,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC;IAEO,MAAM,CAAC,WAAW;QACxB,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC;YAC5B,aAAa,CAAC,QAAQ,GAAG,IAAI,aAAa,EAAE,CAAC;QAC/C,CAAC;QACD,OAAO,aAAa,CAAC,QAAQ,CAAC;IAChC,CAAC;IAED;;;OAGG;IACI,MAAM,CAAC,KAAK,CAAC,sBAAsB;QACxC,MAAM,QAAQ,GAAG,aAAa,CAAC,WAAW,EAAE,CAAC;QAC7C,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;YAC1B,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC;QAC9B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,UAAU;QACtB,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,iFAAiF;YACjF,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,YAAY,CAAC;YAC5D,MAAM,OAAO,GAAG,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC;YAC1E,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;YACrE,IAAI,CAAC,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAC;YACvC,IAAI,CAAC,OAAO,GAAG,iBAAiB,CAAC,QAAQ,CAAC;YAC1C,IAAI,CAAC,IAAI,GAAG,IAAA,yBAAkB,EAAC,IAAI,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;gBACpD,WAAW,EAAE,uBAAuB;gBACpC,gBAAgB,EAAE,uBAAuB;aAC1C,CAAC,CAAC;YACH,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;YACxB,gBAAM,CAAC,IAAI,CAAC,0CAA0C,IAAI,CAAC,MAAM,kBAAkB,WAAW,GAAG,CAAC,CAAC;QACrG,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,gBAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;YAC1D,4EAA4E;YAC5E,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,sBAAsB,CAAC,OAAe;QAClD,MAAM,YAAY,GAAG,GAAG,OAAO,yCAAyC,CAAC;QAEzE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,YAAY,CAAC,CAAC;QAC3C,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,uCAAuC,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;QACnG,CAAC;QACD,MAAM,iBAAiB,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAuB,CAAC;QACrE,IAAI,CAAC,iBAAiB,CAAC,MAAM,IAAI,CAAC,iBAAiB,CAAC,QAAQ,EAAE,CAAC;YAC7D,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;QAC5E,CAAC;QAED,OAAO,iBAAiB,CAAC;IAC3B,CAAC;IAEO,KAAK,CAAC,WAAW,CAAC,KAAa;QACrC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;QAC7E,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAA,gBAAS,EAAC,KAAK,EAAE,IAAI,CAAC,IAAI,EAAE;gBAChC,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,QAAQ,EAAE,QAAQ;gBAClB,cAAc,EAAE,cAAc;aAC/B,CAAC,CAAC;YACH,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,gBAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;YAClD,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;;AA1GH,sCA4GC;AAEM,MAAM,gBAAgB,GAAG,KAAK,IAA4B,EAAE,CAAC,aAAa,CAAC,sBAAsB,EAAE,CAAC;AAA9F,QAAA,gBAAgB,oBAA8E"}

package/dist/auth/TokenVerifier.test.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- export {};
2	- //# sourceMappingURL=TokenVerifier.test.d.ts.map

package/dist/auth/TokenVerifier.test.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"TokenVerifier.test.d.ts","sourceRoot":"","sources":["../../src/auth/TokenVerifier.test.ts"],"names":[],"mappings":""}

package/dist/auth/TokenVerifier.test.js DELETED Viewed

@@ -1,114 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const TokenVerifier_1 = require("./TokenVerifier");
-// Test constants
-const TEST_ISSUER = 'https://prep.login.optimizely.com/oauth2/default';
-const TEST_JWKS_URI = 'https://prep.login.optimizely.com/oauth2/v1/keys';
-// Mock fetch globally
-global.fetch = jest.fn();
-describe('TokenVerifier', () => {
-    beforeEach(() => {
-        // Reset fetch mock
-        global.fetch.mockReset();
-        // Reset singleton instance for each test
-        TokenVerifier_1.TokenVerifier.instance = null;
-    });
-    describe('getInitializedInstance', () => {
-        it('should initialize successfully', async () => {
-            // Mock fetch for OAuth2 authorization server discovery
-            global.fetch.mockResolvedValue({
-                ok: true,
-                json: jest.fn().mockResolvedValue({
-                    issuer: TEST_ISSUER,
-                    jwks_uri: TEST_JWKS_URI
-                })
-            });
-            const tokenVerifier = await TokenVerifier_1.TokenVerifier.getInitializedInstance();
-            expect(tokenVerifier).toBeInstanceOf(TokenVerifier_1.TokenVerifier);
-        });
-        it('should throw error when discovery document is invalid', async () => {
-            global.fetch.mockResolvedValue({
-                ok: true,
-                json: jest.fn().mockResolvedValue({
-                // Missing issuer and jwks_uri
-                })
-            });
-            await expect(TokenVerifier_1.TokenVerifier.getInitializedInstance()).rejects.toThrow('Invalid discovery document: missing issuer or jwks_uri');
-        });
-        it('should throw error when discovery endpoint is unreachable', async () => {
-            global.fetch.mockResolvedValue({
-                ok: false,
-                status: 404,
-                statusText: 'Not Found'
-            });
-            await expect(TokenVerifier_1.TokenVerifier.getInitializedInstance()).rejects.toThrow('Failed to fetch discovery document: 404 Not Found');
-        });
-    });
-    describe('token verification', () => {
-        let tokenVerifier;
-        beforeEach(async () => {
-            // Mock successful initialization
-            global.fetch.mockResolvedValue({
-                ok: true,
-                json: jest.fn().mockResolvedValue({
-                    issuer: TEST_ISSUER,
-                    jwks_uri: TEST_JWKS_URI
-                })
-            });
-            tokenVerifier = await TokenVerifier_1.TokenVerifier.getInitializedInstance();
-        });
-        it('should throw error for empty token', async () => {
-            await expect(tokenVerifier.verify('')).rejects.toThrow('Token cannot be null or empty');
-        });
-        it('should throw error for undefined token', async () => {
-            await expect(tokenVerifier.verify(undefined)).rejects.toThrow('Token cannot be null or empty');
-        });
-        it('should throw error for whitespace-only token', async () => {
-            await expect(tokenVerifier.verify('   ')).rejects.toThrow('Token cannot be null or empty');
-        });
-        it('should return false for invalid token format', async () => {
-            const result = await tokenVerifier.verify('invalid.jwt.token');
-            expect(result).toBe(false);
-        });
-    });
-    describe('singleton pattern', () => {
-        it('should return same instance when called multiple times', async () => {
-            // Mock successful initialization
-            global.fetch.mockResolvedValue({
-                ok: true,
-                json: jest.fn().mockResolvedValue({
-                    issuer: TEST_ISSUER,
-                    jwks_uri: TEST_JWKS_URI
-                })
-            });
-            const instance1 = await TokenVerifier_1.TokenVerifier.getInitializedInstance();
-            const instance2 = await TokenVerifier_1.TokenVerifier.getInitializedInstance();
-            expect(instance1).toBe(instance2);
-        });
-        it('should call correct prod OAuth2 authorization server discovery URL', async () => {
-            const fetchSpy = jest.spyOn(global, 'fetch').mockResolvedValue({
-                ok: true,
-                json: jest.fn().mockResolvedValue({
-                    issuer: TEST_ISSUER,
-                    jwks_uri: TEST_JWKS_URI
-                })
-            });
-            await TokenVerifier_1.TokenVerifier.getInitializedInstance();
-            expect(fetchSpy).toHaveBeenCalledWith('https://login.optimizely.com/oauth2/default/.well-known/oauth-authorization-server');
-        });
-        it('should call correct prep OAuth2 authorization server discovery URL', async () => {
-            // Set environment variable to staging
-            process.env.environment = 'staging';
-            const fetchSpy = jest.spyOn(global, 'fetch').mockResolvedValue({
-                ok: true,
-                json: jest.fn().mockResolvedValue({
-                    issuer: TEST_ISSUER,
-                    jwks_uri: TEST_JWKS_URI
-                })
-            });
-            await TokenVerifier_1.TokenVerifier.getInitializedInstance();
-            expect(fetchSpy).toHaveBeenCalledWith('https://prep.login.optimizely.com/oauth2/default/.well-known/oauth-authorization-server');
-        });
-    });
-});
-//# sourceMappingURL=TokenVerifier.test.js.map

package/dist/auth/TokenVerifier.test.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"TokenVerifier.test.js","sourceRoot":"","sources":["../../src/auth/TokenVerifier.test.ts"],"names":[],"mappings":";;AAAA,mDAAgD;AAEhD,iBAAiB;AACjB,MAAM,WAAW,GAAG,kDAAkD,CAAC;AACvE,MAAM,aAAa,GAAG,kDAAkD,CAAC;AAEzE,sBAAsB;AACtB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC;AAEzB,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,UAAU,CAAC,GAAG,EAAE;QACd,mBAAmB;QAClB,MAAM,CAAC,KAAmB,CAAC,SAAS,EAAE,CAAC;QAExC,yCAAyC;QACxC,6BAAqB,CAAC,QAAQ,GAAG,IAAI,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,wBAAwB,EAAE,GAAG,EAAE;QACtC,EAAE,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;YAC9C,uDAAuD;YACtD,MAAM,CAAC,KAAmB,CAAC,iBAAiB,CAAC;gBAC5C,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;oBAChC,MAAM,EAAE,WAAW;oBACnB,QAAQ,EAAE,aAAa;iBACxB,CAAC;aACH,CAAC,CAAC;YAEH,MAAM,aAAa,GAAG,MAAM,6BAAa,CAAC,sBAAsB,EAAE,CAAC;YACnE,MAAM,CAAC,aAAa,CAAC,CAAC,cAAc,CAAC,6BAAa,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uDAAuD,EAAE,KAAK,IAAI,EAAE;YACpE,MAAM,CAAC,KAAmB,CAAC,iBAAiB,CAAC;gBAC5C,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;gBAChC,8BAA8B;iBAC/B,CAAC;aACH,CAAC,CAAC;YAEH,MAAM,MAAM,CAAC,6BAAa,CAAC,sBAAsB,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAClE,wDAAwD,CACzD,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2DAA2D,EAAE,KAAK,IAAI,EAAE;YACxE,MAAM,CAAC,KAAmB,CAAC,iBAAiB,CAAC;gBAC5C,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,GAAG;gBACX,UAAU,EAAE,WAAW;aACxB,CAAC,CAAC;YAEH,MAAM,MAAM,CAAC,6BAAa,CAAC,sBAAsB,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAClE,mDAAmD,CACpD,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAClC,IAAI,aAA4B,CAAC;QAEjC,UAAU,CAAC,KAAK,IAAI,EAAE;YACpB,iCAAiC;YAChC,MAAM,CAAC,KAAmB,CAAC,iBAAiB,CAAC;gBAC5C,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;oBAChC,MAAM,EAAE,WAAW;oBACnB,QAAQ,EAAE,aAAa;iBACxB,CAAC;aACH,CAAC,CAAC;YAEH,aAAa,GAAG,MAAM,6BAAa,CAAC,sBAAsB,EAAE,CAAC;QAC/D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,oCAAoC,EAAE,KAAK,IAAI,EAAE;YAClD,MAAM,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CACpD,+BAA+B,CAChC,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wCAAwC,EAAE,KAAK,IAAI,EAAE;YACtD,MAAM,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAC3D,+BAA+B,CAChC,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8CAA8C,EAAE,KAAK,IAAI,EAAE;YAC5D,MAAM,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CACvD,+BAA+B,CAChC,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8CAA8C,EAAE,KAAK,IAAI,EAAE;YAC5D,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC;YAC/D,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC7B,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;YACtE,iCAAiC;YAChC,MAAM,CAAC,KAAmB,CAAC,iBAAiB,CAAC;gBAC5C,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;oBAChC,MAAM,EAAE,WAAW;oBACnB,QAAQ,EAAE,aAAa;iBACxB,CAAC;aACH,CAAC,CAAC;YAEH,MAAM,SAAS,GAAG,MAAM,6BAAa,CAAC,sBAAsB,EAAE,CAAC;YAC/D,MAAM,SAAS,GAAG,MAAM,6BAAa,CAAC,sBAAsB,EAAE,CAAC;YAC/D,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;QACH,EAAE,CAAC,oEAAoE,EAAE,KAAK,IAAI,EAAE;YAClF,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,iBAAiB,CAAC;gBAC7D,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;oBAChC,MAAM,EAAE,WAAW;oBACnB,QAAQ,EAAE,aAAa;iBACxB,CAAC;aACoB,CAAC,CAAC;YAE1B,MAAM,6BAAa,CAAC,sBAAsB,EAAE,CAAC;YAE7C,MAAM,CAAC,QAAQ,CAAC,CAAC,oBAAoB,CACnC,oFAAoF,CACrF,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,oEAAoE,EAAE,KAAK,IAAI,EAAE;YAClF,sCAAsC;YACtC,OAAO,CAAC,GAAG,CAAC,WAAW,GAAG,SAAS,CAAC;YAEpC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,iBAAiB,CAAC;gBAC7D,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;oBAChC,MAAM,EAAE,WAAW;oBACnB,QAAQ,EAAE,aAAa;iBACxB,CAAC;aACoB,CAAC,CAAC;YAE1B,MAAM,6BAAa,CAAC,sBAAsB,EAAE,CAAC;YAE7C,MAAM,CAAC,QAAQ,CAAC,CAAC,oBAAoB,CACnC,yFAAyF,CAC1F,CAAC;QAEJ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AAEL,CAAC,CAAC,CAAC"}

package/src/auth/TokenVerifier.test.ts DELETED Viewed

@@ -1,152 +0,0 @@
-import { TokenVerifier } from './TokenVerifier';
-// Test constants
-const TEST_ISSUER = 'https://prep.login.optimizely.com/oauth2/default';
-const TEST_JWKS_URI = 'https://prep.login.optimizely.com/oauth2/v1/keys';
-// Mock fetch globally
-global.fetch = jest.fn();
-describe('TokenVerifier', () => {
-  beforeEach(() => {
-    // Reset fetch mock
-    (global.fetch as jest.Mock).mockReset();
-    // Reset singleton instance for each test
-    (TokenVerifier as any).instance = null;
-  });
-  describe('getInitializedInstance', () => {
-    it('should initialize successfully', async () => {
-      // Mock fetch for OAuth2 authorization server discovery
-      (global.fetch as jest.Mock).mockResolvedValue({
-        ok: true,
-        json: jest.fn().mockResolvedValue({
-          issuer: TEST_ISSUER,
-          jwks_uri: TEST_JWKS_URI
-        })
-      });
-      const tokenVerifier = await TokenVerifier.getInitializedInstance();
-      expect(tokenVerifier).toBeInstanceOf(TokenVerifier);
-    });
-    it('should throw error when discovery document is invalid', async () => {
-      (global.fetch as jest.Mock).mockResolvedValue({
-        ok: true,
-        json: jest.fn().mockResolvedValue({
-          // Missing issuer and jwks_uri
-        })
-      });
-      await expect(TokenVerifier.getInitializedInstance()).rejects.toThrow(
-        'Invalid discovery document: missing issuer or jwks_uri'
-      );
-    });
-    it('should throw error when discovery endpoint is unreachable', async () => {
-      (global.fetch as jest.Mock).mockResolvedValue({
-        ok: false,
-        status: 404,
-        statusText: 'Not Found'
-      });
-      await expect(TokenVerifier.getInitializedInstance()).rejects.toThrow(
-        'Failed to fetch discovery document: 404 Not Found'
-      );
-    });
-  });
-  describe('token verification', () => {
-    let tokenVerifier: TokenVerifier;
-    beforeEach(async () => {
-      // Mock successful initialization
-      (global.fetch as jest.Mock).mockResolvedValue({
-        ok: true,
-        json: jest.fn().mockResolvedValue({
-          issuer: TEST_ISSUER,
-          jwks_uri: TEST_JWKS_URI
-        })
-      });
-      tokenVerifier = await TokenVerifier.getInitializedInstance();
-    });
-    it('should throw error for empty token', async () => {
-      await expect(tokenVerifier.verify('')).rejects.toThrow(
-        'Token cannot be null or empty'
-      );
-    });
-    it('should throw error for undefined token', async () => {
-      await expect(tokenVerifier.verify(undefined)).rejects.toThrow(
-        'Token cannot be null or empty'
-      );
-    });
-    it('should throw error for whitespace-only token', async () => {
-      await expect(tokenVerifier.verify('   ')).rejects.toThrow(
-        'Token cannot be null or empty'
-      );
-    });
-    it('should return false for invalid token format', async () => {
-      const result = await tokenVerifier.verify('invalid.jwt.token');
-      expect(result).toBe(false);
-    });
-  });
-  describe('singleton pattern', () => {
-    it('should return same instance when called multiple times', async () => {
-      // Mock successful initialization
-      (global.fetch as jest.Mock).mockResolvedValue({
-        ok: true,
-        json: jest.fn().mockResolvedValue({
-          issuer: TEST_ISSUER,
-          jwks_uri: TEST_JWKS_URI
-        })
-      });
-      const instance1 = await TokenVerifier.getInitializedInstance();
-      const instance2 = await TokenVerifier.getInitializedInstance();
-      expect(instance1).toBe(instance2);
-    });
-    it('should call correct prod OAuth2 authorization server discovery URL', async () => {
-      const fetchSpy = jest.spyOn(global, 'fetch').mockResolvedValue({
-        ok: true,
-        json: jest.fn().mockResolvedValue({
-          issuer: TEST_ISSUER,
-          jwks_uri: TEST_JWKS_URI
-        })
-      } as unknown as Response);
-      await TokenVerifier.getInitializedInstance();
-      expect(fetchSpy).toHaveBeenCalledWith(
-        'https://login.optimizely.com/oauth2/default/.well-known/oauth-authorization-server'
-      );
-    });
-    it('should call correct prep OAuth2 authorization server discovery URL', async () => {
-      // Set environment variable to staging
-      process.env.environment = 'staging';
-      const fetchSpy = jest.spyOn(global, 'fetch').mockResolvedValue({
-        ok: true,
-        json: jest.fn().mockResolvedValue({
-          issuer: TEST_ISSUER,
-          jwks_uri: TEST_JWKS_URI
-        })
-      } as unknown as Response);
-      await TokenVerifier.getInitializedInstance();
-      expect(fetchSpy).toHaveBeenCalledWith(
-        'https://prep.login.optimizely.com/oauth2/default/.well-known/oauth-authorization-server'
-      );
-    });
-  });
-});