@scalar/oas-utils 0.2.124 → 0.2.126

package/dist/entities/spec/security.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../../../src/entities/spec/security.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAsBvB,eAAO,MAAM,sBAAsB,wCAAyC,CAAA;AAc5E,eAAO,MAAM,oBAAoB;;;;IAV/B,8EAA8E;;IAE9E,6FAA6F;;;;IAb7F,0EAA0E;;;;;;;;;;;;;;;;;;;;EAqBsC,CAAA;AAClH,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAA;AAkCvE,eAAO,MAAM,kBAAkB;;;;IA3B7B;;;OAGG;;IAOH;;;;OAIG;;;;IA3CH,0EAA0E;;;;;;;;;;;;;;;;;;;;;;;;;;EAwDgC,CAAA;AAC5G,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAA;AAanE,eAAO,MAAM,oBAAoB;;;;IAP/B;;;OAGG;;;;IAlEH,0EAA0E;;;;;;;;;;;;;;EAsEa,CAAA;AACzF,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAA;AAsCvE,0CAA0C;AAC1C,eAAO,MAAM,WAAW,qCAAsC,CAAA;AAiD9D,eAAO,MAAM,mBAAmB;;;;IA5C9B,6FAA6F;;;YA1B7F;;;eAGG;;YAEH;;;eAGG;;;YAGH,oEAAoE;;YAEpE,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;YAbrB;;;eAGG;;YAEH;;;eAGG;;;YAGH,oEAAoE;;YAEpE,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;YAbrB;;;eAGG;;YAEH;;;eAGG;;;YAGH,oEAAoE;;YAEpE,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;YAbrB;;;eAGG;;YAEH;;;eAGG;;;YAGH,oEAAoE;;YAEpE,qBAAqB;;;;;YAwCf;;;;eAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAlJT,0EAA0E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA+JY,CAAA;AAExF,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAA;AACtE,MAAM,MAAM,2BAA2B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAA;AAC7E,MAAM,MAAM,UAAU,GAAG,WAAW,CAClC,oBAAoB,CAAC,OAAO,CAAC,CAAC,mBAAmB,GAAG,mBAAmB,GAAG,UAAU,GAAG,UAAU,CAAC,CACnG,CAAA;AACD,iDAAiD;AACjD,MAAM,MAAM,iBAAiB,GAAG,WAAW,CAAC,2BAA2B,CAAC,OAAO,CAAC,CAAC,CAC7E,mBAAmB,GACnB,mBAAmB,GACnB,UAAU,GACV,UAAU,CAAC,GACb,MAAM,CAAC,KAAK,MAAM,EAAE,EAAE,MAAM,CAAC,CAAA;AAK/B;;;;;;;;;GASG;AACH,eAAO,MAAM,4BAA4B,wFAAmE,CAAA;AAE5G,qCAAqC;AACrC,eAAO,MAAM,uBAAuB;;;;IAnLlC,8EAA8E;;IAE9E,6FAA6F;;;;;;;;;;;;;;;;IAgB7F;;;OAGG;;IAOH;;;;OAIG;;;;;;;;;;;;;;;;IAwEH,6FAA6F;;;YA1B7F;;;eAGG;;YAEH;;;eAGG;;;YAGH,oEAAoE;;YAEpE,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;YAbrB;;;eAGG;;YAEH;;;eAGG;;;YAGH,oEAAoE;;YAEpE,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;YAbrB;;;eAGG;;YAEH;;;eAGG;;;YAGH,oEAAoE;;YAEpE,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;YAbrB;;;eAGG;;YAEH;;;eAGG;;;YAGH,oEAAoE;;YAEpE,qBAAqB;;;;;YAwCf;;;;eAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAnFT;;;OAGG;;;;;;;;;;IAiIH,CAAA;AAEF,oDAAoD;AACpD,eAAO,MAAM,oBAAoB;;;;IA3L/B,8EAA8E;;IAE9E,6FAA6F;;;;IAb7F,0EAA0E;;;;;;;;;;;;;;;;;;;;;;;;IA6B1E;;;OAGG;;IAOH;;;;OAIG;;;;IA3CH,0EAA0E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IA+D1E;;;OAGG;;;;IAlEH,0EAA0E;;;;;;;;;;;;;;;;;;IAmH1E,6FAA6F;;;YA1B7F;;;eAGG;;YAEH;;;eAGG;;;YAGH,oEAAoE;;YAEpE,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;YAbrB;;;eAGG;;YAEH;;;eAGG;;;YAGH,oEAAoE;;YAEpE,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;YAbrB;;;eAGG;;YAEH;;;eAGG;;;YAGH,oEAAoE;;YAEpE,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;YAbrB;;;eAGG;;YAEH;;;eAGG;;;YAGH,oEAAoE;;YAEpE,qBAAqB;;;;;YAwCf;;;;eAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAlJT,0EAA0E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IA2M1E,CAAA;AAEF;;;;GAIG;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAA;AACjE,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAA"}

package/dist/entities/spec/security.js

@@ -1,179 +0,0 @@
-import { z } from 'zod';
-import { nanoidSchema } from '@scalar/types/utils';
-
-// ---------------------------------------------------------------------------
-// COMMON PROPS FOR ALL SECURITY SCHEMES
-/** Some common properties used in all security schemes */
-const commonProps = z.object({
-    /* A description for security scheme. CommonMark syntax MAY be used for rich text representation. */
-    description: z.string().optional(),
-});
-const extendedSecuritySchema = z.object({
-    uid: nanoidSchema.brand(),
-    /** The name key that links a security requirement to a security object */
-    nameKey: z.string().optional().default(''),
-});
-// ---------------------------------------------------------------------------
-// API KEY
-const securitySchemeApiKeyIn = ['query', 'header', 'cookie'];
-const oasSecuritySchemeApiKey = commonProps.extend({
-    type: z.literal('apiKey'),
-    /** REQUIRED. The name of the header, query or cookie parameter to be used. */
-    name: z.string().optional().default(''),
-    /** REQUIRED. The location of the API key. Valid values are "query", "header" or "cookie". */
-    in: z.enum(securitySchemeApiKeyIn).optional().default('header'),
-});
-const apiKeyValueSchema = z.object({
-    value: z.string().default(''),
-});
-const securityApiKeySchema = oasSecuritySchemeApiKey.merge(extendedSecuritySchema).merge(apiKeyValueSchema);
-// ---------------------------------------------------------------------------
-// HTTP
-const oasSecuritySchemeHttp = commonProps.extend({
-    type: z.literal('http'),
-    /**
-     * REQUIRED. The name of the HTTP Authorization scheme to be used in the Authorization header as defined in
-     * [RFC7235]. The values used SHOULD be registered in the IANA Authentication Scheme registry.
-     */
-    scheme: z
-        .string()
-        .toLowerCase()
-        .pipe(z.enum(['basic', 'bearer']))
-        .optional()
-        .default('basic'),
-    /**
-     * A hint to the client to identify how the bearer token is formatted.
-     * Bearer tokens are usually generated by an authorization server, so
-     * this information is primarily for documentation purposes.
-     */
-    bearerFormat: z
-        .union([z.literal('JWT'), z.string()])
-        .optional()
-        .default('JWT'),
-});
-const httpValueSchema = z.object({
-    username: z.string().default(''),
-    password: z.string().default(''),
-    token: z.string().default(''),
-});
-const securityHttpSchema = oasSecuritySchemeHttp.merge(extendedSecuritySchema).merge(httpValueSchema);
-// ---------------------------------------------------------------------------
-// OPENID CONNECT
-const oasSecuritySchemeOpenId = commonProps.extend({
-    type: z.literal('openIdConnect'),
-    /**
-     * REQUIRED. OpenId Connect URL to discover OAuth2 configuration values. This MUST be in the
-     * form of a URL. The OpenID Connect standard requires the use of TLS.
-     */
-    openIdConnectUrl: z.string().optional().default(''),
-});
-const securityOpenIdSchema = oasSecuritySchemeOpenId.merge(extendedSecuritySchema);
-// ---------------------------------------------------------------------------
-/**
- * REQUIRED. The authorization URL to be used for this flow. This MUST be in
- * the form of a URL. The OAuth2 standard requires the use of TLS.
- */
-const authorizationUrl = z.string().default('');
-/**
- * REQUIRED. The token URL to be used for this flow. This MUST be in the
- * form of a URL. The OAuth2 standard requires the use of TLS.
- */
-const tokenUrl = z.string().default('');
-/** Common properties used across all oauth2 flows */
-const flowsCommon = z.object({
-    /**
-     * The URL to be used for obtaining refresh tokens. This MUST be in the form of a
-     * URL. The OAuth2 standard requires the use of TLS.
-     */
-    'refreshUrl': z.string().optional().default(''),
-    /**
-     * REQUIRED. The available scopes for the OAuth2 security scheme. A map
-     * between the scope name and a short description for it. The map MAY be empty.
-     */
-    'scopes': z.record(z.string(), z.string().optional().default('')).optional().default({}).catch({}),
-    'selectedScopes': z.array(z.string()).optional().default([]),
-    /** Extension to save the client Id associated with an oauth flow */
-    'x-scalar-client-id': z.string().optional().default(''),
-    /** The auth token */
-    'token': z.string().default(''),
-});
-/** Setup a default redirect uri if we can */
-const defaultRedirectUri = typeof window !== 'undefined' ? window.location.origin + window.location.pathname : '';
-/** Options for the x-usePkce extension */
-const pkceOptions = ['SHA-256', 'plain', 'no'];
-/** Oauth2 security scheme */
-const oasSecuritySchemeOauth2 = commonProps.extend({
-    type: z.literal('oauth2'),
-    /** REQUIRED. An object containing configuration information for the flow types supported. */
-    flows: z
-        .object({
-        /** Configuration for the OAuth Implicit flow */
-        implicit: flowsCommon.extend({
-            'type': z.literal('implicit'),
-            authorizationUrl,
-            'x-scalar-redirect-uri': z.string().optional().default(defaultRedirectUri),
-        }),
-        /** Configuration for the OAuth Resource Owner Password flow */
-        password: flowsCommon.extend({
-            type: z.literal('password'),
-            tokenUrl,
-            clientSecret: z.string().default(''),
-            username: z.string().default(''),
-            password: z.string().default(''),
-        }),
-        /** Configuration for the OAuth Client Credentials flow. Previously called application in OpenAPI 2.0. */
-        clientCredentials: flowsCommon.extend({
-            type: z.literal('clientCredentials'),
-            tokenUrl,
-            clientSecret: z.string().default(''),
-        }),
-        /** Configuration for the OAuth Authorization Code flow. Previously called accessCode in OpenAPI 2.0.*/
-        authorizationCode: flowsCommon.extend({
-            'type': z.literal('authorizationCode'),
-            authorizationUrl,
-            /**
-             * Whether to use PKCE for the authorization code flow.
-             *
-             * TODO: add docs
-             */
-            'x-usePkce': z.enum(pkceOptions).optional().default('no'),
-            'x-scalar-redirect-uri': z.string().optional().default(defaultRedirectUri),
-            tokenUrl,
-            'clientSecret': z.string().default(''),
-        }),
-    })
-        .partial()
-        .default({
-        implicit: { type: 'implicit', authorizationUrl: 'http://localhost:8080' },
-    }),
-});
-const securityOauthSchema = oasSecuritySchemeOauth2.merge(extendedSecuritySchema);
-// ---------------------------------------------------------------------------
-// Final Types
-/**
- * Security Requirement
- * Lists the required security schemes to execute this operation OR the whole collection/spec.
- * The name used for each property MUST correspond to a security scheme declared in the Security
- * Schemes under the Components Object.
- *
- * The key (name) here will be matched to the key of the securityScheme for linking
- *
- * @see https://spec.openapis.org/oas/latest.html#security-requirement-object
- */
-z.record(z.string(), z.array(z.string()).optional().default([]));
-/** OAS Compliant security schemes */
-z.union([
-    oasSecuritySchemeApiKey,
-    oasSecuritySchemeHttp,
-    oasSecuritySchemeOauth2,
-    oasSecuritySchemeOpenId,
-]);
-/** Extended security schemes for workspace usage */
-const securitySchemeSchema = z.union([
-    securityApiKeySchema,
-    securityHttpSchema,
-    securityOpenIdSchema,
-    securityOauthSchema,
-]);
-
-export { pkceOptions, securityApiKeySchema, securityHttpSchema, securityOauthSchema, securityOpenIdSchema, securitySchemeApiKeyIn, securitySchemeSchema };

package/dist/helpers/fetch-spec-from-url.d.ts

@@ -1,7 +0,0 @@
-/**
- * Fetches an OpenAPI/Swagger specification from a given URL.
- *
- * @throws an error if the fetch fails
- */
-export declare function fetchSpecFromUrl(url: string, proxy?: string, beautify?: boolean): Promise<string>;
-//# sourceMappingURL=fetch-spec-from-url.d.ts.map

package/dist/helpers/fetch-spec-from-url.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"fetch-spec-from-url.d.ts","sourceRoot":"","sources":["../../src/helpers/fetch-spec-from-url.ts"],"names":[],"mappings":"AAQA;;;;GAIG;AACH,wBAAsB,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,EAAE,QAAQ,UAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CA4BpG"}

package/dist/helpers/fetch-spec-from-url.js

@@ -1,36 +0,0 @@
-import { formatJsonOrYamlString } from './parse.js';
-import { redirectToProxy } from './redirect-to-proxy.js';
-
-// Doesn’t work
-const OLD_PROXY_URL = 'https://api.scalar.com/request-proxy';
-// Does work
-const NEW_PROXY_URL = 'https://proxy.scalar.com';
-/**
- * Fetches an OpenAPI/Swagger specification from a given URL.
- *
- * @throws an error if the fetch fails
- */
-async function fetchSpecFromUrl(url, proxy, beautify = true) {
-    // This replaces the OLD_PROXY_URL with the NEW_PROXY_URL on the fly.
-    if (proxy === OLD_PROXY_URL) {
-        // biome-ignore lint/style/noParameterAssign: It’s ok, let’s make an exception here.
-        proxy = NEW_PROXY_URL;
-    }
-    // To use a proxy or not to use a proxy
-    const response = await fetch(proxy ? redirectToProxy(proxy, url) : url);
-    // Looks like the request failed
-    if (response.status !== 200) {
-        console.error(`[fetchSpecFromUrl] Failed to fetch the specification at ${url} (Status: ${response.status})`);
-        if (!proxy) {
-            console.warn(`[fetchSpecFromUrl] Tried to fetch the specification (url: ${url}) without a proxy. Are the CORS headers configured to allow cross-domain requests? https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS`);
-        }
-        throw new Error(`Failed to fetch the specification (Status: ${response.status})`);
-    }
-    // If it’s JSON, make it pretty
-    if (beautify) {
-        return formatJsonOrYamlString(await response.text());
-    }
-    return await response.text();
-}
-
-export { fetchSpecFromUrl };