@schemavaults/auth-common 0.8.4 → 0.8.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/AccessTokenCookieNames.d.ts +3 -0
- package/dist/AccessTokenCookieNames.js +7 -0
- package/dist/AccessTokenCookieNames.js.map +1 -0
- package/dist/RefreshTokenCookieNames.d.ts +3 -0
- package/dist/RefreshTokenCookieNames.js +7 -0
- package/dist/RefreshTokenCookieNames.js.map +1 -0
- package/dist/audience-schema.d.ts +2 -2
- package/dist/auth_acquire_tokens_grant_types.d.ts +4 -4
- package/dist/index.d.ts +2 -0
- package/dist/index.js +2 -0
- package/dist/index.js.map +1 -1
- package/dist/request_tokens_result.d.ts +2 -2
- package/dist/token-data/token-expiry.js +3 -2
- package/dist/token-data/token-expiry.js.map +1 -1
- package/package.json +30 -3
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
import type { ApiServerId } from "@schemavaults/app-definitions";
|
|
2
|
+
export declare function AccessTokenCookieName(api_server_id: ApiServerId): `access_token_${ApiServerId}`;
|
|
3
|
+
export declare function AccessTokenExpiryCookieName(api_server_id: ApiServerId): `access_token_expiry_${ApiServerId}`;
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
export function AccessTokenCookieName(api_server_id) {
|
|
2
|
+
return `access_token_${api_server_id}`;
|
|
3
|
+
}
|
|
4
|
+
export function AccessTokenExpiryCookieName(api_server_id) {
|
|
5
|
+
return `access_token_expiry_${api_server_id}`;
|
|
6
|
+
}
|
|
7
|
+
//# sourceMappingURL=AccessTokenCookieNames.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"AccessTokenCookieNames.js","sourceRoot":"","sources":["../src/AccessTokenCookieNames.ts"],"names":[],"mappings":"AAEA,MAAM,UAAU,qBAAqB,CACnC,aAA0B;IAE1B,OAAO,gBAAgB,aAAa,EAAE,CAAC;AACzC,CAAC;AAED,MAAM,UAAU,2BAA2B,CACzC,aAA0B;IAE1B,OAAO,uBAAuB,aAAa,EAAE,CAAC;AAChD,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"RefreshTokenCookieNames.js","sourceRoot":"","sources":["../src/RefreshTokenCookieNames.ts"],"names":[],"mappings":"AAEA,MAAM,UAAU,sBAAsB,CACpC,MAAa;IAEb,OAAO,iBAAiB,MAAM,EAAE,CAAC;AACnC,CAAC;AAED,MAAM,UAAU,4BAA4B,CAC1C,MAAa;IAEb,OAAO,wBAAwB,MAAM,EAAE,CAAC;AAC1C,CAAC"}
|
|
@@ -1,3 +1,3 @@
|
|
|
1
1
|
import { z } from "zod";
|
|
2
|
-
export declare const audienceRefSchema: z.ZodUnion<[z.ZodString, z.
|
|
3
|
-
export declare const audienceSchema: z.ZodUnion<[z.ZodUnion<[z.ZodString, z.
|
|
2
|
+
export declare const audienceRefSchema: z.ZodUnion<[z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-registry", string>]>;
|
|
3
|
+
export declare const audienceSchema: z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-registry", string>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-registry", string>]>, "many">]>;
|
|
@@ -4,7 +4,7 @@ export declare const authorizationCodePOSTbody: z.ZodObject<{
|
|
|
4
4
|
code: z.ZodEffects<z.ZodString, string, string>;
|
|
5
5
|
challenge_time: z.ZodNumber;
|
|
6
6
|
code_verifier: z.ZodEffects<z.ZodString, string, string>;
|
|
7
|
-
audience: z.ZodUnion<[z.ZodUnion<[z.ZodString, z.
|
|
7
|
+
audience: z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-registry", string>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-registry", string>]>, "many">]>;
|
|
8
8
|
client_app_id: z.ZodUnion<readonly [z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-web" | "schemavaults-cli", string>]>;
|
|
9
9
|
grant_type: z.ZodLiteral<"authorization_code">;
|
|
10
10
|
}, "strict", z.ZodTypeAny, {
|
|
@@ -23,7 +23,7 @@ export declare const authorizationCodePOSTbody: z.ZodObject<{
|
|
|
23
23
|
grant_type: "authorization_code";
|
|
24
24
|
}>;
|
|
25
25
|
export declare const refreshTokenPOSTbody: z.ZodObject<{
|
|
26
|
-
audience: z.ZodUnion<[z.ZodUnion<[z.ZodString, z.
|
|
26
|
+
audience: z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-registry", string>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-registry", string>]>, "many">]>;
|
|
27
27
|
client_app_id: z.ZodUnion<readonly [z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-web" | "schemavaults-cli", string>]>;
|
|
28
28
|
grant_type: z.ZodLiteral<"refresh_token">;
|
|
29
29
|
replaceRefreshToo: z.ZodOptional<z.ZodBoolean>;
|
|
@@ -43,7 +43,7 @@ export declare const grantTypePOSTbodySchemaMap: {
|
|
|
43
43
|
code: z.ZodEffects<z.ZodString, string, string>;
|
|
44
44
|
challenge_time: z.ZodNumber;
|
|
45
45
|
code_verifier: z.ZodEffects<z.ZodString, string, string>;
|
|
46
|
-
audience: z.ZodUnion<[z.ZodUnion<[z.ZodString, z.
|
|
46
|
+
audience: z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-registry", string>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-registry", string>]>, "many">]>;
|
|
47
47
|
client_app_id: z.ZodUnion<readonly [z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-web" | "schemavaults-cli", string>]>;
|
|
48
48
|
grant_type: z.ZodLiteral<"authorization_code">;
|
|
49
49
|
}, "strict", z.ZodTypeAny, {
|
|
@@ -62,7 +62,7 @@ export declare const grantTypePOSTbodySchemaMap: {
|
|
|
62
62
|
grant_type: "authorization_code";
|
|
63
63
|
}>;
|
|
64
64
|
readonly refresh_token: z.ZodObject<{
|
|
65
|
-
audience: z.ZodUnion<[z.ZodUnion<[z.ZodString, z.
|
|
65
|
+
audience: z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-registry", string>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-registry", string>]>, "many">]>;
|
|
66
66
|
client_app_id: z.ZodUnion<readonly [z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-web" | "schemavaults-cli", string>]>;
|
|
67
67
|
grant_type: z.ZodLiteral<"refresh_token">;
|
|
68
68
|
replaceRefreshToo: z.ZodOptional<z.ZodBoolean>;
|
package/dist/index.d.ts
CHANGED
|
@@ -20,3 +20,5 @@ export type { InviteCode, InviteCodeDefinition } from "./invite-code";
|
|
|
20
20
|
export { organizationIdSchema, isValidOrganizationID, organizationDefinitionSchema, hardcodedOrgs, SCHEMAVAULTS_ORGANIZATION_ID, MAXIMUM_USER_ORGANIZATIONS, MINIMUM_ORGANIZATION_ID_LENGTH, MAXIMUM_ORGANIZATION_ID_LENGTH, inviteMemberInputModes, inviteMemberFormSchema, organizationInvitationStatusTypes, organizationInvitationStatusSchema, organizationInvitationSchema, } from "./organizations";
|
|
21
21
|
export type { OrganizationID, OrganizationDefinition, InviteMemberInputMode, InviteMemberFormValues, InviteMemberSubmitData, OrganizationInvitationStatus, OrganizationInvitation, UserPendingInvitation, OrganizationInvitationWithUserData, } from "./organizations";
|
|
22
22
|
export { MaximumBrowserCookieSize } from "./MaximumBrowserCookieSize";
|
|
23
|
+
export { RefreshTokenCookieName, RefreshTokenExpiryCookieName, } from "./RefreshTokenCookieNames";
|
|
24
|
+
export { AccessTokenCookieName, AccessTokenExpiryCookieName, } from "./AccessTokenCookieNames";
|
package/dist/index.js
CHANGED
|
@@ -13,4 +13,6 @@ export { audienceSchema, audienceRefSchema } from "./audience-schema";
|
|
|
13
13
|
export { inviteCodeFormatSchema, inviteCodeDefinitionSchema, } from "./invite-code";
|
|
14
14
|
export { organizationIdSchema, isValidOrganizationID, organizationDefinitionSchema, hardcodedOrgs, SCHEMAVAULTS_ORGANIZATION_ID, MAXIMUM_USER_ORGANIZATIONS, MINIMUM_ORGANIZATION_ID_LENGTH, MAXIMUM_ORGANIZATION_ID_LENGTH, inviteMemberInputModes, inviteMemberFormSchema, organizationInvitationStatusTypes, organizationInvitationStatusSchema, organizationInvitationSchema, } from "./organizations";
|
|
15
15
|
export { MaximumBrowserCookieSize } from "./MaximumBrowserCookieSize";
|
|
16
|
+
export { RefreshTokenCookieName, RefreshTokenExpiryCookieName, } from "./RefreshTokenCookieNames";
|
|
17
|
+
export { AccessTokenCookieName, AccessTokenExpiryCookieName, } from "./AccessTokenCookieNames";
|
|
16
18
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAiB,MAAM,aAAa,CAAC;AAE5D,cAAc,eAAe,CAAC;AAG9B,mBAAmB;AACnB,cAAc,cAAc,CAAC;AAM7B,cAAc,cAAc,CAAC;AAG7B,cAAc,QAAQ,CAAC;AAGvB,OAAO,EACL,wBAAwB,GAEzB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EACL,yBAAyB,EAEzB,uCAAuC,GAExC,MAAM,yBAAyB,CAAC;AAEjC,cAAc,mCAAmC,CAAC;AAGlD,OAAO,EAAE,0BAA0B,EAAE,MAAM,+BAA+B,CAAC;AAC3E,OAAO,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAC;AAE5D,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAEtE,OAAO,EACL,sBAAsB,EACtB,0BAA0B,GAC3B,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,oBAAoB,EACpB,qBAAqB,EACrB,4BAA4B,EAC5B,aAAa,EACb,4BAA4B,EAC5B,0BAA0B,EAC1B,8BAA8B,EAC9B,8BAA8B,EAC9B,sBAAsB,EACtB,sBAAsB,EACtB,iCAAiC,EACjC,kCAAkC,EAClC,4BAA4B,GAC7B,MAAM,iBAAiB,CAAC;AAazB,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAiB,MAAM,aAAa,CAAC;AAE5D,cAAc,eAAe,CAAC;AAG9B,mBAAmB;AACnB,cAAc,cAAc,CAAC;AAM7B,cAAc,cAAc,CAAC;AAG7B,cAAc,QAAQ,CAAC;AAGvB,OAAO,EACL,wBAAwB,GAEzB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EACL,yBAAyB,EAEzB,uCAAuC,GAExC,MAAM,yBAAyB,CAAC;AAEjC,cAAc,mCAAmC,CAAC;AAGlD,OAAO,EAAE,0BAA0B,EAAE,MAAM,+BAA+B,CAAC;AAC3E,OAAO,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAC;AAE5D,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAEtE,OAAO,EACL,sBAAsB,EACtB,0BAA0B,GAC3B,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,oBAAoB,EACpB,qBAAqB,EACrB,4BAA4B,EAC5B,aAAa,EACb,4BAA4B,EAC5B,0BAA0B,EAC1B,8BAA8B,EAC9B,8BAA8B,EAC9B,sBAAsB,EACtB,sBAAsB,EACtB,iCAAiC,EACjC,kCAAkC,EAClC,4BAA4B,GAC7B,MAAM,iBAAiB,CAAC;AAazB,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAC;AAEtE,OAAO,EACL,sBAAsB,EACtB,4BAA4B,GAC7B,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EACL,qBAAqB,EACrB,2BAA2B,GAC5B,MAAM,0BAA0B,CAAC"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { z } from "zod";
|
|
2
2
|
export declare const successfullyGeneratedTokensRecordSchema: z.ZodObject<{
|
|
3
|
-
access: z.ZodOptional<z.ZodRecord<z.ZodUnion<[z.ZodString, z.
|
|
3
|
+
access: z.ZodOptional<z.ZodRecord<z.ZodUnion<[z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-registry", string>]>, z.ZodUnion<[z.ZodObject<z.objectUtil.extendShape<{
|
|
4
4
|
type: z.ZodUnion<[z.ZodLiteral<"refresh">, z.ZodLiteral<"access">]>;
|
|
5
5
|
uid: z.ZodString;
|
|
6
6
|
iat: z.ZodNumber;
|
|
@@ -112,7 +112,7 @@ export declare const requestTokensResultSchema: z.ZodUnion<[z.ZodObject<{
|
|
|
112
112
|
success: z.ZodLiteral<true>;
|
|
113
113
|
error: z.ZodLiteral<false>;
|
|
114
114
|
tokens: z.ZodOptional<z.ZodObject<{
|
|
115
|
-
access: z.ZodOptional<z.ZodRecord<z.ZodUnion<[z.ZodString, z.
|
|
115
|
+
access: z.ZodOptional<z.ZodRecord<z.ZodUnion<[z.ZodString, z.ZodEffects<z.ZodString, "schemavaults-auth" | "schemavaults-mail" | "schemavaults-registry", string>]>, z.ZodUnion<[z.ZodObject<z.objectUtil.extendShape<{
|
|
116
116
|
type: z.ZodUnion<[z.ZodLiteral<"refresh">, z.ZodLiteral<"access">]>;
|
|
117
117
|
uid: z.ZodString;
|
|
118
118
|
iat: z.ZodNumber;
|
|
@@ -4,8 +4,9 @@ const oneHour = oneMinute * 60;
|
|
|
4
4
|
const oneDay = oneHour * 24;
|
|
5
5
|
const oneWeek = oneDay * 7;
|
|
6
6
|
// How long refresh tokens are valid for (in seconds)
|
|
7
|
-
export const refreshTokenExpiry = oneWeek;
|
|
8
|
-
|
|
7
|
+
export const refreshTokenExpiry = oneWeek * 2;
|
|
8
|
+
// How long access tokens are valid for (in seconds)
|
|
9
|
+
export const accessTokenExpiry = oneHour * 1.5;
|
|
9
10
|
/**
|
|
10
11
|
* @param type Access or refresh token -- determines the expiry time
|
|
11
12
|
* @returns How many seconds after the token was issued that the token is valid for
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token-expiry.js","sourceRoot":"","sources":["../../src/token-data/token-expiry.ts"],"names":[],"mappings":"AAEA,+BAA+B;AAC/B,MAAM,SAAS,GAAW,EAAW,CAAC;AACtC,MAAM,OAAO,GAAW,SAAS,GAAG,EAAE,CAAC;AACvC,MAAM,MAAM,GAAW,OAAO,GAAG,EAAE,CAAC;AACpC,MAAM,OAAO,GAAW,MAAM,GAAG,CAAC,CAAC;AAEnC,qDAAqD;AACrD,MAAM,CAAC,MAAM,kBAAkB,GAAW,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"token-expiry.js","sourceRoot":"","sources":["../../src/token-data/token-expiry.ts"],"names":[],"mappings":"AAEA,+BAA+B;AAC/B,MAAM,SAAS,GAAW,EAAW,CAAC;AACtC,MAAM,OAAO,GAAW,SAAS,GAAG,EAAE,CAAC;AACvC,MAAM,MAAM,GAAW,OAAO,GAAG,EAAE,CAAC;AACpC,MAAM,OAAO,GAAW,MAAM,GAAG,CAAC,CAAC;AAEnC,qDAAqD;AACrD,MAAM,CAAC,MAAM,kBAAkB,GAAW,OAAO,GAAG,CAAC,CAAC;AAEtD,oDAAoD;AACpD,MAAM,CAAC,MAAM,iBAAiB,GAAW,OAAO,GAAG,GAAG,CAAC;AAEvD;;;GAGG;AACH,SAAS,gBAAgB,CAAC,IAAoB;IAC5C,IAAI,kBAA0B,CAAC;IAC/B,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,SAAS;YACZ,kBAAkB,GAAG,kBAAkB,CAAC;YACxC,MAAM;QACR,KAAK,QAAQ;YACX,kBAAkB,GAAG,iBAAiB,CAAC;YACvC,MAAM;QACR;YACE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAED,qHAAqH;AAErH;;;;;GAKG;AACH,MAAM,UAAU,aAAa,CAAC,IAAoB,EAAE,GAAW;IAC7D,4DAA4D;IAC5D,MAAM,kBAAkB,GAAW,gBAAgB,CAAC,IAAI,CAAC,CAAC;IAC1D,+BAA+B;IAC/B,OAAO,GAAG,GAAG,kBAAkB,GAAG,IAAI,CAAC;AACzC,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,uBAAuB,CAAC,IAAoB;IAC1D,OAAO,GAAG,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC;AACtC,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@schemavaults/auth-common",
|
|
3
3
|
"description": "Types and utility functions for authentication and authorization",
|
|
4
|
-
"version": "0.8.
|
|
4
|
+
"version": "0.8.8",
|
|
5
5
|
"license": "UNLICENSED",
|
|
6
6
|
"private": false,
|
|
7
7
|
"repository": {
|
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
"types": "dist/index.d.ts",
|
|
15
15
|
"dependencies": {
|
|
16
16
|
"zod": "3.23.8",
|
|
17
|
-
"@schemavaults/app-definitions": "0.6.
|
|
17
|
+
"@schemavaults/app-definitions": "0.6.14",
|
|
18
18
|
"crypto-js": "4.2.0"
|
|
19
19
|
},
|
|
20
20
|
"scripts": {
|
|
@@ -40,5 +40,32 @@
|
|
|
40
40
|
"publishConfig": {
|
|
41
41
|
"access": "public"
|
|
42
42
|
},
|
|
43
|
-
"packageManager": "bun@1.3.6"
|
|
43
|
+
"packageManager": "bun@1.3.6",
|
|
44
|
+
"exports": {
|
|
45
|
+
".": {
|
|
46
|
+
"types": "./dist/index.d.ts",
|
|
47
|
+
"import": "./dist/index.js",
|
|
48
|
+
"require": "./dist/index.js"
|
|
49
|
+
},
|
|
50
|
+
"./*": {
|
|
51
|
+
"types": "./dist/*",
|
|
52
|
+
"import": "./dist/*",
|
|
53
|
+
"require": "./dist/*"
|
|
54
|
+
},
|
|
55
|
+
"./dist/*": {
|
|
56
|
+
"types": "./dist/*",
|
|
57
|
+
"import": "./dist/*",
|
|
58
|
+
"require": "./dist/*"
|
|
59
|
+
},
|
|
60
|
+
"./RefreshTokenCookieNames": {
|
|
61
|
+
"types": "./dist/RefreshTokenCookieNames.d.ts",
|
|
62
|
+
"import": "./dist/RefreshTokenCookieNames.js",
|
|
63
|
+
"require": "./dist/RefreshTokenCookieNames.js"
|
|
64
|
+
},
|
|
65
|
+
"./AccessTokenCookieNames": {
|
|
66
|
+
"types": "./dist/AccessTokenCookieNames.d.ts",
|
|
67
|
+
"import": "./dist/AccessTokenCookieNames.js",
|
|
68
|
+
"require": "./dist/AccessTokenCookieNames.js"
|
|
69
|
+
}
|
|
70
|
+
}
|
|
44
71
|
}
|