@owlmeans/server-oidc-provider 0.1.5 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/iam.d.ts +27 -0
- package/build/iam.d.ts.map +1 -1
- package/build/iam.js +11 -1
- package/build/iam.js.map +1 -1
- package/build/index.d.ts +1 -1
- package/build/index.d.ts.map +1 -1
- package/build/index.js +1 -0
- package/build/index.js.map +1 -1
- package/package.json +9 -9
- package/src/iam.ts +37 -1
- package/src/index.ts +1 -1
package/build/iam.d.ts
CHANGED
|
@@ -1,4 +1,31 @@
|
|
|
1
|
+
import type { ClientMetadata } from 'oidc-provider';
|
|
2
|
+
/** A registered OIDC client stored in the provider's Client adapter. */
|
|
3
|
+
export interface OidcRegisteredClient {
|
|
4
|
+
clientId: string;
|
|
5
|
+
secret: string;
|
|
6
|
+
/** The entity (realm) this client belongs to — used for identity scoping. */
|
|
7
|
+
entityId?: string;
|
|
8
|
+
/** Application display name */
|
|
9
|
+
name?: string;
|
|
10
|
+
redirectUris?: string[];
|
|
11
|
+
grantTypes?: string[];
|
|
12
|
+
responseTypes?: string[];
|
|
13
|
+
scope?: string;
|
|
14
|
+
}
|
|
15
|
+
/** Full oidc-provider ClientMetadata with our entity extension. */
|
|
16
|
+
export type OidcClientMetadata = ClientMetadata & {
|
|
17
|
+
entityId?: string;
|
|
18
|
+
owlEntityId?: string;
|
|
19
|
+
};
|
|
20
|
+
/** Convert an OidcRegisteredClient to the oidc-provider ClientMetadata shape. */
|
|
21
|
+
export declare const toClientMetadata: (client: OidcRegisteredClient) => OidcClientMetadata;
|
|
1
22
|
/** Extension seam for IAM integration into the OIDC provider — Phase 2 fills this */
|
|
2
23
|
export interface OidcProviderIamExtension {
|
|
24
|
+
/** Convert a stored client record to oidc-provider ClientMetadata */
|
|
25
|
+
toClientMetadata: typeof toClientMetadata;
|
|
26
|
+
/** Type of a stored client record */
|
|
27
|
+
OidcRegisteredClient: OidcRegisteredClient;
|
|
28
|
+
/** Extended metadata type */
|
|
29
|
+
OidcClientMetadata: OidcClientMetadata;
|
|
3
30
|
}
|
|
4
31
|
//# sourceMappingURL=iam.d.ts.map
|
package/build/iam.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"iam.d.ts","sourceRoot":"","sources":["../src/iam.ts"],"names":[],"mappings":"AAAA,qFAAqF;AACrF,MAAM,WAAW,wBAAwB;
|
|
1
|
+
{"version":3,"file":"iam.d.ts","sourceRoot":"","sources":["../src/iam.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAgB,MAAM,eAAe,CAAA;AAEjE,wEAAwE;AACxE,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,CAAA;IACd,6EAA6E;IAC7E,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,+BAA+B;IAC/B,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;IACvB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;IACrB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;IACxB,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED,mEAAmE;AACnE,MAAM,MAAM,kBAAkB,GAAG,cAAc,GAAG;IAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAAC,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,CAAA;AAE7F,iFAAiF;AACjF,eAAO,MAAM,gBAAgB,GAAI,QAAQ,oBAAoB,KAAG,kBAS9D,CAAA;AAEF,qFAAqF;AACrF,MAAM,WAAW,wBAAwB;IACvC,qEAAqE;IACrE,gBAAgB,EAAE,OAAO,gBAAgB,CAAA;IACzC,qCAAqC;IACrC,oBAAoB,EAAE,oBAAoB,CAAA;IAC1C,6BAA6B;IAC7B,kBAAkB,EAAE,kBAAkB,CAAA;CACvC"}
|
package/build/iam.js
CHANGED
|
@@ -1,2 +1,12 @@
|
|
|
1
|
-
|
|
1
|
+
/** Convert an OidcRegisteredClient to the oidc-provider ClientMetadata shape. */
|
|
2
|
+
export const toClientMetadata = (client) => ({
|
|
3
|
+
client_id: client.clientId,
|
|
4
|
+
client_secret: client.secret,
|
|
5
|
+
redirect_uris: client.redirectUris ?? [],
|
|
6
|
+
grant_types: client.grantTypes ?? ['authorization_code', 'refresh_token'],
|
|
7
|
+
response_types: (client.responseTypes ?? ['code']),
|
|
8
|
+
token_endpoint_auth_method: 'client_secret_basic',
|
|
9
|
+
scope: client.scope ?? 'openid profile offline_access',
|
|
10
|
+
owlEntityId: client.entityId,
|
|
11
|
+
});
|
|
2
12
|
//# sourceMappingURL=iam.js.map
|
package/build/iam.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"iam.js","sourceRoot":"","sources":["../src/iam.ts"],"names":[],"mappings":""}
|
|
1
|
+
{"version":3,"file":"iam.js","sourceRoot":"","sources":["../src/iam.ts"],"names":[],"mappings":"AAmBA,iFAAiF;AACjF,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,MAA4B,EAAsB,EAAE,CAAC,CAAC;IACrF,SAAS,EAAE,MAAM,CAAC,QAAQ;IAC1B,aAAa,EAAE,MAAM,CAAC,MAAM;IAC5B,aAAa,EAAE,MAAM,CAAC,YAAY,IAAI,EAAE;IACxC,WAAW,EAAE,MAAM,CAAC,UAAU,IAAI,CAAC,oBAAoB,EAAE,eAAe,CAAC;IACzE,cAAc,EAAE,CAAC,MAAM,CAAC,aAAa,IAAI,CAAC,MAAM,CAAC,CAAmB;IACpE,0BAA0B,EAAE,qBAAqB;IACjD,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,+BAA+B;IACtD,WAAW,EAAE,MAAM,CAAC,QAAQ;CAC7B,CAAC,CAAA"}
|
package/build/index.d.ts
CHANGED
package/build/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,mBAAmB,YAAY,CAAA;AAC/B,cAAc,cAAc,CAAA;AAC5B,cAAc,aAAa,CAAA;AAC3B,cAAc,iBAAiB,CAAA;AAC/B,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,mBAAmB,YAAY,CAAA;AAC/B,cAAc,cAAc,CAAA;AAC5B,cAAc,aAAa,CAAA;AAC3B,cAAc,iBAAiB,CAAA;AAC/B,cAAc,UAAU,CAAA"}
|
package/build/index.js
CHANGED
package/build/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAEA,cAAc,cAAc,CAAA;AAC5B,cAAc,aAAa,CAAA;AAC3B,cAAc,iBAAiB,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAEA,cAAc,cAAc,CAAA;AAC5B,cAAc,aAAa,CAAA;AAC3B,cAAc,iBAAiB,CAAA;AAC/B,cAAc,UAAU,CAAA"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@owlmeans/server-oidc-provider",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.6",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"scripts": {
|
|
@@ -23,7 +23,7 @@
|
|
|
23
23
|
},
|
|
24
24
|
"devDependencies": {
|
|
25
25
|
"@owlmeans/dep-config": "workspace:*",
|
|
26
|
-
"@owlmeans/context": "^0.1.
|
|
26
|
+
"@owlmeans/context": "^0.1.6",
|
|
27
27
|
"@types/bun": "^1.3.0",
|
|
28
28
|
"@types/node": "^24.10.1",
|
|
29
29
|
"@types/oidc-provider": "9.5.0",
|
|
@@ -36,13 +36,13 @@
|
|
|
36
36
|
},
|
|
37
37
|
"dependencies": {
|
|
38
38
|
"@noble/hashes": "^1.5.0",
|
|
39
|
-
"@owlmeans/client-entrypoint": "^0.1.
|
|
40
|
-
"@owlmeans/config": "^0.1.
|
|
41
|
-
"@owlmeans/context": "^0.1.
|
|
42
|
-
"@owlmeans/oidc": "^0.1.
|
|
43
|
-
"@owlmeans/route": "^0.1.
|
|
44
|
-
"@owlmeans/server-api": "^0.1.
|
|
45
|
-
"@owlmeans/server-context": "^0.1.
|
|
39
|
+
"@owlmeans/client-entrypoint": "^0.1.6",
|
|
40
|
+
"@owlmeans/config": "^0.1.6",
|
|
41
|
+
"@owlmeans/context": "^0.1.6",
|
|
42
|
+
"@owlmeans/oidc": "^0.1.6",
|
|
43
|
+
"@owlmeans/route": "^0.1.6",
|
|
44
|
+
"@owlmeans/server-api": "^0.1.6",
|
|
45
|
+
"@owlmeans/server-context": "^0.1.6",
|
|
46
46
|
"@scure/base": "^1.1.9",
|
|
47
47
|
"jose": "6.2.3",
|
|
48
48
|
"oidc-provider": "9.8.4"
|
package/src/iam.ts
CHANGED
|
@@ -1,4 +1,40 @@
|
|
|
1
|
+
import type { ClientMetadata, ResponseType } from 'oidc-provider'
|
|
2
|
+
|
|
3
|
+
/** A registered OIDC client stored in the provider's Client adapter. */
|
|
4
|
+
export interface OidcRegisteredClient {
|
|
5
|
+
clientId: string
|
|
6
|
+
secret: string
|
|
7
|
+
/** The entity (realm) this client belongs to — used for identity scoping. */
|
|
8
|
+
entityId?: string
|
|
9
|
+
/** Application display name */
|
|
10
|
+
name?: string
|
|
11
|
+
redirectUris?: string[]
|
|
12
|
+
grantTypes?: string[]
|
|
13
|
+
responseTypes?: string[]
|
|
14
|
+
scope?: string
|
|
15
|
+
}
|
|
16
|
+
|
|
17
|
+
/** Full oidc-provider ClientMetadata with our entity extension. */
|
|
18
|
+
export type OidcClientMetadata = ClientMetadata & { entityId?: string; owlEntityId?: string }
|
|
19
|
+
|
|
20
|
+
/** Convert an OidcRegisteredClient to the oidc-provider ClientMetadata shape. */
|
|
21
|
+
export const toClientMetadata = (client: OidcRegisteredClient): OidcClientMetadata => ({
|
|
22
|
+
client_id: client.clientId,
|
|
23
|
+
client_secret: client.secret,
|
|
24
|
+
redirect_uris: client.redirectUris ?? [],
|
|
25
|
+
grant_types: client.grantTypes ?? ['authorization_code', 'refresh_token'],
|
|
26
|
+
response_types: (client.responseTypes ?? ['code']) as ResponseType[],
|
|
27
|
+
token_endpoint_auth_method: 'client_secret_basic',
|
|
28
|
+
scope: client.scope ?? 'openid profile offline_access',
|
|
29
|
+
owlEntityId: client.entityId,
|
|
30
|
+
})
|
|
31
|
+
|
|
1
32
|
/** Extension seam for IAM integration into the OIDC provider — Phase 2 fills this */
|
|
2
33
|
export interface OidcProviderIamExtension {
|
|
3
|
-
|
|
34
|
+
/** Convert a stored client record to oidc-provider ClientMetadata */
|
|
35
|
+
toClientMetadata: typeof toClientMetadata
|
|
36
|
+
/** Type of a stored client record */
|
|
37
|
+
OidcRegisteredClient: OidcRegisteredClient
|
|
38
|
+
/** Extended metadata type */
|
|
39
|
+
OidcClientMetadata: OidcClientMetadata
|
|
4
40
|
}
|
package/src/index.ts
CHANGED