@sentropic/auth-hono 0.4.0 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js.map +1 -1
- package/dist/oauth/authorize-handler.d.ts.map +1 -1
- package/dist/oauth/authorize-handler.js +46 -1
- package/dist/oauth/authorize-handler.js.map +1 -1
- package/dist/oauth/consent-decision-handler.d.ts.map +1 -1
- package/dist/oauth/consent-decision-handler.js +1 -0
- package/dist/oauth/consent-decision-handler.js.map +1 -1
- package/dist/oauth/dpop.d.ts +7 -4
- package/dist/oauth/dpop.d.ts.map +1 -1
- package/dist/oauth/dpop.js +23 -44
- package/dist/oauth/dpop.js.map +1 -1
- package/dist/oauth/jwks-service.d.ts.map +1 -1
- package/dist/oauth/jwks-service.js +6 -8
- package/dist/oauth/jwks-service.js.map +1 -1
- package/dist/oauth/service-auth-middleware.d.ts.map +1 -1
- package/dist/oauth/service-auth-middleware.js +46 -64
- package/dist/oauth/service-auth-middleware.js.map +1 -1
- package/dist/oauth/state-codec.d.ts +2 -0
- package/dist/oauth/state-codec.d.ts.map +1 -1
- package/dist/oauth/state-codec.js.map +1 -1
- package/dist/oauth/state-store-types.d.ts +12 -0
- package/dist/oauth/state-store-types.d.ts.map +1 -1
- package/dist/oauth/token-handler.d.ts.map +1 -1
- package/dist/oauth/token-handler.js +38 -1
- package/dist/oauth/token-handler.js.map +1 -1
- package/dist/oauth/wellknown-handler.js +1 -1
- package/dist/oauth/wellknown-handler.js.map +1 -1
- package/dist/ports.d.ts +14 -0
- package/dist/ports.d.ts.map +1 -1
- package/package.json +4 -1
- package/src/index.ts +10 -0
- package/src/oauth/authorize-handler.ts +55 -1
- package/src/oauth/consent-decision-handler.ts +1 -0
- package/src/oauth/dpop.ts +30 -67
- package/src/oauth/jwks-service.ts +5 -9
- package/src/oauth/service-auth-middleware.ts +59 -80
- package/src/oauth/state-codec.ts +2 -0
- package/src/oauth/state-store-types.ts +12 -0
- package/src/oauth/token-handler.ts +44 -1
- package/src/oauth/wellknown-handler.ts +1 -1
- package/src/ports.ts +15 -0
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"state-store-types.d.ts","sourceRoot":"","sources":["../../src/oauth/state-store-types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAEzC,MAAM,MAAM,cAAc,GAAG,cAAc,GAAG,UAAU,CAAC;AAEzD,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,uBAAuB,EAAE,qBAAqB,GAAG,MAAM,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IACxE,qBAAqB,EAAE,OAAO,CAAC;IAC/B,WAAW,EAAE,OAAO,CAAC;IACrB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,IAAI,CAAC;IACf,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,SAAS;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,cAAc,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,mBAAmB;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,gBAAgB,EAAE,MAAM,CAAC;IACzB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,qBAAqB,EAAE,OAAO,CAAC;IAC/B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,eAAe,EAAE,IAAI,GAAG,IAAI,CAAC;IAC7B,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,GAAG,IAAI,CAAC;CACxB;AAED,MAAM,WAAW,mBAAmB;IAClC,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC,CAAC;IAChE,iBAAiB,CAAC,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,GAAG,IAAI,CAAC,CAAC;IAC1E,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACpF,eAAe,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC,CAAC;IAC/D,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3E,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IACtD,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC3C,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC9C,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC9D,YAAY,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;CACjC;AAED,MAAM,MAAM,aAAa,GAAG,GAAG,GAAG;IAChC,GAAG,CAAC,EAAE,OAAO,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IAC9B,GAAG,EAAE,SAAS,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IAC/B,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,KAAK,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IAC3B,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IAC5B,CAAC,EAAE,MAAM,CAAC;CACX,CAAC;AAEF,MAAM,WAAW,aAAa;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,OAAO,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IAC7B,GAAG,EAAE,SAAS,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IAC/B,SAAS,EAAE,aAAa,CAAC;IACzB,UAAU,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAClC,MAAM,EAAE,OAAO,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,GAAG,IAAI,CAAC;CACxB;AAED,MAAM,WAAW,QAAQ;IACvB,YAAY,IAAI,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC;IAC9C,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC;IACzD,cAAc,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;CAC5C"}
|
|
1
|
+
{"version":3,"file":"state-store-types.d.ts","sourceRoot":"","sources":["../../src/oauth/state-store-types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAEzC,MAAM,MAAM,cAAc,GAAG,cAAc,GAAG,UAAU,CAAC;AAEzD,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,uBAAuB,EAAE,qBAAqB,GAAG,MAAM,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IACxE,qBAAqB,EAAE,OAAO,CAAC;IAC/B,WAAW,EAAE,OAAO,CAAC;IACrB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,IAAI,CAAC;IACf,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,SAAS;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,cAAc,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,mBAAmB;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,gBAAgB,EAAE,MAAM,CAAC;IACzB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,qBAAqB,EAAE,OAAO,CAAC;IAC/B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,eAAe,EAAE,IAAI,GAAG,IAAI,CAAC;IAC7B,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,GAAG,IAAI,CAAC;CACxB;AAED,MAAM,WAAW,mBAAmB;IAClC,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC,CAAC;IAChE,iBAAiB,CAAC,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,GAAG,IAAI,CAAC,CAAC;IAC1E,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACpF,eAAe,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC,CAAC;IAC/D,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3E,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IACtD,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC3C,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC9C,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC9D,YAAY,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;CACjC;AAED,MAAM,MAAM,aAAa,GAAG,GAAG,GAAG;IAChC,GAAG,CAAC,EAAE,OAAO,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IAC9B,GAAG,EAAE,SAAS,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IAC/B,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,KAAK,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IAC3B,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IAC5B,CAAC,EAAE,MAAM,CAAC;CACX,CAAC;AAEF,MAAM,WAAW,aAAa;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,OAAO,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IAC7B,GAAG,EAAE,SAAS,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IAC/B,SAAS,EAAE,aAAa,CAAC;IACzB,UAAU,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAClC,MAAM,EAAE,OAAO,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,GAAG,IAAI,CAAC;CACxB;AAED,MAAM,WAAW,QAAQ;IACvB,YAAY,IAAI,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC;IAC9C,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC;IACzD,cAAc,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;CAC5C"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token-handler.d.ts","sourceRoot":"","sources":["../../src/oauth/token-handler.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAEpC,OAAO,KAAK,EAAE,aAAa,EAAsB,MAAM,aAAa,CAAC;AASrE,MAAM,WAAW,wBAAwB;IACvC,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,aAAa,CAAC;IACrB,4BAA4B,CAAC,EAAE,MAAM,CAAC;CACvC;AAYD,eAAO,MAAM,uBAAuB,YACxB,wBAAwB,SACxB,OAAO,KAAG,QAAQ,QAAQ,
|
|
1
|
+
{"version":3,"file":"token-handler.d.ts","sourceRoot":"","sources":["../../src/oauth/token-handler.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAEpC,OAAO,KAAK,EAAE,aAAa,EAAsB,MAAM,aAAa,CAAC;AASrE,MAAM,WAAW,wBAAwB;IACvC,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,aAAa,CAAC;IACrB,4BAA4B,CAAC,EAAE,MAAM,CAAC;CACvC;AAYD,eAAO,MAAM,uBAAuB,YACxB,wBAAwB,SACxB,OAAO,KAAG,QAAQ,QAAQ,CAwCnC,CAAC"}
|
|
@@ -25,6 +25,9 @@ export const createOAuthTokenHandler = (options) => async (c) => {
|
|
|
25
25
|
if ((await sha256Base64url(form.get('code_verifier') ?? '')) !== codePayload.codeChallenge) {
|
|
26
26
|
return oauthJsonError(c, 400, 'invalid_grant', 'PKCE verification failed.');
|
|
27
27
|
}
|
|
28
|
+
const resourceError = validateTokenResource(c, form, codePayload);
|
|
29
|
+
if (resourceError)
|
|
30
|
+
return resourceError;
|
|
28
31
|
const dpopJkt = await resolveDpopJkt(c, options, auth.client, codePayload);
|
|
29
32
|
if (dpopJkt instanceof Response)
|
|
30
33
|
return dpopJkt;
|
|
@@ -68,6 +71,26 @@ const parseClientCredentials = (authorization, form) => {
|
|
|
68
71
|
secret: form.get('client_secret') ?? undefined,
|
|
69
72
|
};
|
|
70
73
|
};
|
|
74
|
+
/**
|
|
75
|
+
* RFC 8707 resource validation on the token leg of the `authorization_code` flow (BR-39l Lot 2).
|
|
76
|
+
* - C1 single-aud: more than one `resource` value ⇒ `invalid_target`.
|
|
77
|
+
* - C3 sealing: if the client re-sends `resource` on the token request (the MCP draft requires it
|
|
78
|
+
* on both legs), it MUST equal the value sealed at authorize time, else `invalid_grant`
|
|
79
|
+
* (audience downgrade/upgrade rejection). The `aud` is derived ONLY from the sealed value.
|
|
80
|
+
* No `resource` on the token leg is accepted (the sealed value still governs `aud`).
|
|
81
|
+
*/
|
|
82
|
+
const validateTokenResource = (c, form, codePayload) => {
|
|
83
|
+
const requested = form.getAll('resource').filter((value) => value.length > 0);
|
|
84
|
+
if (requested.length === 0)
|
|
85
|
+
return null;
|
|
86
|
+
if (requested.length > 1) {
|
|
87
|
+
return oauthJsonError(c, 400, 'invalid_target', 'Only a single resource indicator is supported.');
|
|
88
|
+
}
|
|
89
|
+
if (requested[0] !== (codePayload.resource ?? null)) {
|
|
90
|
+
return oauthJsonError(c, 400, 'invalid_grant', 'resource does not match the authorization request.');
|
|
91
|
+
}
|
|
92
|
+
return null;
|
|
93
|
+
};
|
|
71
94
|
const resolveDpopJkt = async (c, options, client, codePayload) => {
|
|
72
95
|
if (!client.dpopBoundAccessTokens)
|
|
73
96
|
return null;
|
|
@@ -215,14 +238,27 @@ const issueTokens = async (options, client, codePayload, user, dpopJkt) => {
|
|
|
215
238
|
const idExpiresAt = options.ports.clock.addSeconds(now, idTokenTtlSeconds);
|
|
216
239
|
const scopes = codePayload.scope.split(/\s+/).filter(Boolean);
|
|
217
240
|
const cnf = dpopJkt ? { jkt: dpopJkt } : undefined;
|
|
241
|
+
// BR-39e: bind the tenant claim to a STILL-`approved` membership at token time (lifecycle
|
|
242
|
+
// gate). If the membership was suspended/revoked between authorize and token exchange, drop
|
|
243
|
+
// the claim so no tenant-scoped token is issued for a non-member.
|
|
244
|
+
let boundTenantId = codePayload.tenantId;
|
|
245
|
+
if (boundTenantId && options.ports.tenant) {
|
|
246
|
+
const stillApproved = await options.ports.tenant.isApprovedMember(codePayload.userId, boundTenantId);
|
|
247
|
+
if (!stillApproved)
|
|
248
|
+
boundTenantId = null;
|
|
249
|
+
}
|
|
218
250
|
const jwks = createJwksService({ clock: options.ports.clock, jwksPort: options.ports.jwks });
|
|
219
251
|
const accessJti = options.ports.random.uuid();
|
|
220
|
-
|
|
252
|
+
// BR-39l Lot 2 (C3/C4): variable RFC 8707 audience. The access-token `aud` is the resource
|
|
253
|
+
// sealed at authorize time (single string), or the userinfo URL by default — byte-identical to
|
|
254
|
+
// auth-hono 0.5.0 when no `resource` was requested. The id_token `aud` (client_id) is untouched.
|
|
255
|
+
const accessAudience = codePayload.resource ?? `${trimTrailingSlash(options.issuer)}/api/v1/auth/oauth/userinfo`;
|
|
221
256
|
const accessToken = await jwks.signJwt({
|
|
222
257
|
acr: codePayload.acr,
|
|
223
258
|
auth_time: toEpochSeconds(codePayload.authTime),
|
|
224
259
|
client_id: client.clientId,
|
|
225
260
|
...(cnf ? { cnf } : {}),
|
|
261
|
+
...(boundTenantId ? { tid: boundTenantId } : {}),
|
|
226
262
|
scope: codePayload.scope,
|
|
227
263
|
}, {
|
|
228
264
|
audience: accessAudience,
|
|
@@ -256,6 +292,7 @@ const issueTokens = async (options, client, codePayload, user, dpopJkt) => {
|
|
|
256
292
|
...(scopes.includes('email') ? { email: user.email, email_verified: user.emailVerified } : {}),
|
|
257
293
|
...(scopes.includes('profile') ? { name: user.displayName } : {}),
|
|
258
294
|
...(codePayload.nonce ? { nonce: codePayload.nonce } : {}),
|
|
295
|
+
...(boundTenantId ? { tid: boundTenantId } : {}),
|
|
259
296
|
}, {
|
|
260
297
|
audience: client.clientId,
|
|
261
298
|
expiresAt: idExpiresAt,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token-handler.js","sourceRoot":"","sources":["../../src/oauth/token-handler.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAC;AAGtE,MAAM,wCAAwC,GAAG,GAAG,CAAC;AAqBrD,MAAM,CAAC,MAAM,uBAAuB,GAClC,CAAC,OAAiC,EAAE,EAAE,CACtC,KAAK,EAAE,CAAU,EAAqB,EAAE;IACtC,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IACrD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IACzC,IAAI,SAAS,KAAK,oBAAoB,EAAE,CAAC;QACvC,OAAO,uBAAuB,CAAC,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;IACD,IAAI,SAAS,KAAK,oBAAoB,EAAE,CAAC;QACvC,OAAO,cAAc,CACnB,CAAC,EACD,GAAG,EACH,wBAAwB,EACxB,sEAAsE,CACvE,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,kBAAkB,CAAC,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;IAC9D,IAAI,IAAI,YAAY,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE1C,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;IAChG,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,QAAQ,KAAK,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClE,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,eAAe,EAAE,gDAAgD,CAAC,CAAC;IACnG,CAAC;IACD,IAAI,IAAI,CAAC,GAAG,CAAC,cAAc,CAAC,KAAK,WAAW,CAAC,WAAW,EAAE,CAAC;QACzD,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,eAAe,EAAE,wDAAwD,CAAC,CAAC;IAC3G,CAAC;IACD,IAAI,CAAC,MAAM,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,WAAW,CAAC,aAAa,EAAE,CAAC;QAC3F,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,eAAe,EAAE,2BAA2B,CAAC,CAAC;IAC9E,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAC3E,IAAI,OAAO,YAAY,QAAQ;QAAE,OAAO,OAAO,CAAC;IAEhD,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IACpE,IAAI,CAAC,IAAI;QAAE,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,eAAe,EAAE,qCAAqC,CAAC,CAAC;IAEjG,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IACnF,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AACxB,CAAC,CAAC;AAEJ,MAAM,kBAAkB,GAAG,KAAK,EAC9B,CAAU,EACV,IAAqB,EACrB,KAAoB,EACsB,EAAE;IAC5C,MAAM,WAAW,GAAG,sBAAsB,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,IAAI,CAAC,CAAC;IAChF,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;QAC1B,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,oCAAoC,CAAC,CAAC;IACxF,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,eAAe,CAAC,UAAU,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IAC5E,IAAI,CAAC,MAAM;QAAE,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,+BAA+B,CAAC,CAAC;IAE9F,IAAI,MAAM,CAAC,uBAAuB,KAAK,MAAM,EAAE,CAAC;QAC9C,OAAO,EAAE,MAAM,EAAE,CAAC;IACpB,CAAC;IAED,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC;QACpD,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,4BAA4B,CAAC,CAAC;IAChF,CAAC;IAED,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IACrE,IAAI,UAAU,KAAK,MAAM,CAAC,gBAAgB,EAAE,CAAC;QAC3C,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,+BAA+B,CAAC,CAAC;IACnF,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,EAAE,CAAC;AAChD,CAAC,CAAC;AAEF,MAAM,sBAAsB,GAAG,CAC7B,aAAiC,EACjC,IAAqB,EACyB,EAAE;IAChD,IAAI,aAAa,EAAE,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QACxC,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;QAC3D,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACvC,OAAO;YACL,QAAQ,EAAE,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,OAAO;YAChE,MAAM,EAAE,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE;SAC3D,CAAC;IACJ,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC;QAC/B,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,SAAS;KAC/C,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,cAAc,GAAG,KAAK,EAC1B,CAAU,EACV,OAAiC,EACjC,MAAyB,EACzB,WAA4B,EACO,EAAE;IACrC,IAAI,CAAC,MAAM,CAAC,qBAAqB;QAAE,OAAO,IAAI,CAAC;IAE/C,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,CAAC,KAAK;QAAE,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,oBAAoB,EAAE,yBAAyB,CAAC,CAAC;IAE3F,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CAAC;YAC1C,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG;YACd,cAAc,EAAE,OAAO,CAAC,kBAAkB;YAC1C,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,KAAK;SACN,CAAC,CAAC;QACH,IAAI,WAAW,CAAC,OAAO,IAAI,WAAW,CAAC,OAAO,KAAK,QAAQ,CAAC,GAAG,EAAE,CAAC;YAChE,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,eAAe,EAAE,iDAAiD,CAAC,CAAC;QACpG,CAAC;QACD,OAAO,QAAQ,CAAC,GAAG,CAAC;IACtB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,mBAAmB,EAAE,CAAC;YACzC,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,oBAAoB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;QACrE,CAAC;QACD,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,uBAAuB,GAAG,KAAK,EACnC,CAAU,EACV,IAAqB,EACrB,OAAiC,EACd,EAAE;IACrB,MAAM,iBAAiB,GAAG,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,iBAAiB,CAAC;IAC1E,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,wBAAwB,EAAE,gDAAgD,CAAC,CAAC;IAC5G,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,yBAAyB,CAAC,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,KAAK,EAAE,iBAAiB,CAAC,CAAC;IACxF,IAAI,IAAI,YAAY,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE1C,MAAM,KAAK,GAAG,mBAAmB,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IACxD,IAAI,KAAK,YAAY,QAAQ;QAAE,OAAO,KAAK,CAAC;IAE5C,MAAM,QAAQ,GAAG,wBAAwB,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IAChE,IAAI,QAAQ,YAAY,QAAQ;QAAE,OAAO,QAAQ,CAAC;IAElD,MAAM,OAAO,GAAG,MAAM,qBAAqB,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IACrE,IAAI,OAAO,YAAY,QAAQ;QAAE,OAAO,OAAO,CAAC;IAEhD,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;IACvF,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AACxB,CAAC,CAAC;AAEF,MAAM,yBAAyB,GAAG,KAAK,EACrC,CAAU,EACV,IAAqB,EACrB,KAAoB,EACpB,iBAAqF,EACpC,EAAE;IACnD,MAAM,WAAW,GAAG,sBAAsB,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,IAAI,CAAC,CAAC;IAChF,IAAI,CAAC,WAAW,CAAC,QAAQ,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC;QACjD,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,oCAAoC,CAAC,CAAC;IACxF,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IAC7D,IAAI,CAAC,MAAM;QAAE,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,+BAA+B,CAAC,CAAC;IAE9F,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IACrE,IAAI,UAAU,KAAK,MAAM,CAAC,gBAAgB,EAAE,CAAC;QAC3C,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,+BAA+B,CAAC,CAAC;IACnF,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,EAAE,CAAC;AAChD,CAAC,CAAC;AAEF,MAAM,mBAAmB,GAAG,CAC1B,CAAU,EACV,IAAqB,EACrB,MAA2B,EACR,EAAE;IACrB,MAAM,SAAS,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACzE,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3B,OAAO,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACxC,CAAC;IACD,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;IAC9C,MAAM,YAAY,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IACtE,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,eAAe,EAAE,sBAAsB,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAClG,CAAC;IACD,OAAO,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC,CAAC;AAEF,MAAM,wBAAwB,GAAG,CAC/B,CAAU,EACV,IAAqB,EACrB,MAA2B,EACR,EAAE;IACrB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACvC,MAAM,UAAU,GAAG,MAAM,CAAC,kBAAkB,CAAC;IAE7C,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YACpC,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,oDAAoD,CAAC,CAAC;QACxG,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,OAAO,UAAU,CAAC,CAAC,CAAC,CAAC;IACvB,CAAC;IACD,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,mDAAmD,CAAC,CAAC;IACvG,CAAC;IACD,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,mEAAmE,CAAC,CAAC;AACvH,CAAC,CAAC;AAEF,MAAM,qBAAqB,GAAG,KAAK,EACjC,CAAU,EACV,OAAiC,EACjC,MAA2B,EACQ,EAAE;IACrC,IAAI,CAAC,MAAM,CAAC,qBAAqB;QAAE,OAAO,IAAI,CAAC;IAE/C,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,CAAC,KAAK;QAAE,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,oBAAoB,EAAE,yBAAyB,CAAC,CAAC;IAE3F,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CAAC;YAC1C,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG;YACd,cAAc,EAAE,OAAO,CAAC,kBAAkB;YAC1C,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,KAAK;SACN,CAAC,CAAC;QACH,OAAO,QAAQ,CAAC,GAAG,CAAC;IACtB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,mBAAmB,EAAE,CAAC;YACzC,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,oBAAoB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;QACrE,CAAC;QACD,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,KAAK,EAC7B,OAAiC,EACjC,MAA2B,EAC3B,KAAa,EACb,QAAgB,EAChB,OAAsB,EACtB,EAAE;IACF,MAAM,UAAU,GAAG,OAAO,CAAC,4BAA4B,IAAI,wCAAwC,CAAC;IACpG,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;IACtC,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;IAClE,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IACnD,MAAM,IAAI,GAAG,iBAAiB,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;IAC7F,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IAC9C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,OAAO,CACpC;QACE,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvB,KAAK;KACN,EACD;QACE,QAAQ,EAAE,QAAQ;QAClB,SAAS;QACT,MAAM,EAAE,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC;QACzC,GAAG,EAAE,SAAS;QACd,OAAO,EAAE,MAAM,CAAC,QAAQ;QACxB,IAAI,EAAE,KAAK;KACZ,CACF,CAAC;IAEF,kFAAkF;IAClF,OAAO;QACL,YAAY,EAAE,WAAW;QACzB,UAAU,EAAE,UAAU;QACtB,KAAK;QACL,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;KACxC,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,WAAW,GAAG,KAAK,EACvB,OAAiC,EACjC,MAAyB,EACzB,WAA4B,EAC5B,IAAwB,EACxB,OAAsB,EACtB,EAAE;IACF,MAAM,qBAAqB,GAAG,OAAO,CAAC,qBAAqB,IAAI,IAAI,CAAC;IACpE,MAAM,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,IAAI,IAAI,CAAC;IAC5D,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;IACtC,MAAM,eAAe,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,EAAE,qBAAqB,CAAC,CAAC;IACnF,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAC;IAC3E,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC9D,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IACnD,MAAM,IAAI,GAAG,iBAAiB,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;IAC7F,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IAC9C,MAAM,cAAc,GAAG,GAAG,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC,6BAA6B,CAAC;IACzF,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,OAAO,CACpC;QACE,GAAG,EAAE,WAAW,CAAC,GAAG;QACpB,SAAS,EAAE,cAAc,CAAC,WAAW,CAAC,QAAQ,CAAC;QAC/C,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvB,KAAK,EAAE,WAAW,CAAC,KAAK;KACzB,EACD;QACE,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,eAAe;QAC1B,MAAM,EAAE,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC;QACzC,GAAG,EAAE,SAAS;QACd,OAAO,EAAE,WAAW,CAAC,MAAM;QAC3B,IAAI,EAAE,KAAK;KACZ,CACF,CAAC;IAEF,MAAM,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,aAAa,CAC/C,SAAS,EACT,SAAS,CAAC;QACR,QAAQ,EAAE,cAAc;QACxB,MAAM;QACN,WAAW;QACX,OAAO;QACP,SAAS,EAAE,eAAe;QAC1B,GAAG,EAAE,SAAS;QACd,SAAS,EAAE,cAAc;KAC1B,CAAC,EACF,qBAAqB,CACtB,CAAC;IAEF,MAAM,QAAQ,GAA4B;QACxC,YAAY,EAAE,WAAW;QACzB,UAAU,EAAE,qBAAqB;QACjC,KAAK,EAAE,WAAW,CAAC,KAAK;QACxB,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;KACxC,CAAC;IAEF,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC9B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAChC;YACE,GAAG,EAAE,WAAW,CAAC,GAAG;YACpB,SAAS,EAAE,cAAc,CAAC,WAAW,CAAC,QAAQ,CAAC;YAC/C,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACvB,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,cAAc,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9F,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACjE,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC3D,EACD;YACE,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,SAAS,EAAE,WAAW;YACtB,MAAM,EAAE,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC;YACzC,GAAG,EAAE,KAAK;YACV,OAAO,EAAE,WAAW,CAAC,MAAM;YAC3B,IAAI,EAAE,KAAK;SACZ,CACF,CAAC;QACF,QAAQ,CAAC,QAAQ,GAAG,OAAO,CAAC;QAC5B,MAAM,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,aAAa,CAC/C,KAAK,EACL,SAAS,CAAC;YACR,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,MAAM;YACN,WAAW;YACX,OAAO;YACP,SAAS,EAAE,WAAW;YACtB,GAAG,EAAE,KAAK;YACV,SAAS,EAAE,UAAU;SACtB,CAAC,EACF,iBAAiB,CAClB,CAAC;IACJ,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAEF,MAAM,SAAS,GAAG,CAAC,KAQlB,EAAa,EAAE,CAAC,CAAC;IAChB,QAAQ,EAAE,KAAK,CAAC,QAAQ;IACxB,QAAQ,EAAE,KAAK,CAAC,MAAM,CAAC,QAAQ;IAC/B,SAAS,EAAE,KAAK,CAAC,WAAW,CAAC,SAAS;IACtC,OAAO,EAAE,KAAK,CAAC,OAAO;IACtB,SAAS,EAAE,KAAK,CAAC,SAAS;IAC1B,GAAG,EAAE,KAAK,CAAC,GAAG;IACd,KAAK,EAAE,KAAK,CAAC,WAAW,CAAC,KAAK;IAC9B,QAAQ,EAAE,KAAK,CAAC,WAAW,CAAC,QAAQ;IACpC,SAAS,EAAE,KAAK,CAAC,SAAS;IAC1B,MAAM,EAAE,KAAK,CAAC,WAAW,CAAC,MAAM;CACjC,CAAC,CAAC;AAEH,MAAM,cAAc,GAAG,CAAC,IAAU,EAAU,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;AAEjF,MAAM,iBAAiB,GAAG,CAAC,KAAa,EAAU,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"token-handler.js","sourceRoot":"","sources":["../../src/oauth/token-handler.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAC;AAGtE,MAAM,wCAAwC,GAAG,GAAG,CAAC;AAqBrD,MAAM,CAAC,MAAM,uBAAuB,GAClC,CAAC,OAAiC,EAAE,EAAE,CACtC,KAAK,EAAE,CAAU,EAAqB,EAAE;IACtC,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IACrD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IACzC,IAAI,SAAS,KAAK,oBAAoB,EAAE,CAAC;QACvC,OAAO,uBAAuB,CAAC,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;IACD,IAAI,SAAS,KAAK,oBAAoB,EAAE,CAAC;QACvC,OAAO,cAAc,CACnB,CAAC,EACD,GAAG,EACH,wBAAwB,EACxB,sEAAsE,CACvE,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,kBAAkB,CAAC,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;IAC9D,IAAI,IAAI,YAAY,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE1C,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;IAChG,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,QAAQ,KAAK,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClE,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,eAAe,EAAE,gDAAgD,CAAC,CAAC;IACnG,CAAC;IACD,IAAI,IAAI,CAAC,GAAG,CAAC,cAAc,CAAC,KAAK,WAAW,CAAC,WAAW,EAAE,CAAC;QACzD,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,eAAe,EAAE,wDAAwD,CAAC,CAAC;IAC3G,CAAC;IACD,IAAI,CAAC,MAAM,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,WAAW,CAAC,aAAa,EAAE,CAAC;QAC3F,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,eAAe,EAAE,2BAA2B,CAAC,CAAC;IAC9E,CAAC;IAED,MAAM,aAAa,GAAG,qBAAqB,CAAC,CAAC,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;IAClE,IAAI,aAAa;QAAE,OAAO,aAAa,CAAC;IAExC,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAC3E,IAAI,OAAO,YAAY,QAAQ;QAAE,OAAO,OAAO,CAAC;IAEhD,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IACpE,IAAI,CAAC,IAAI;QAAE,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,eAAe,EAAE,qCAAqC,CAAC,CAAC;IAEjG,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IACnF,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AACxB,CAAC,CAAC;AAEJ,MAAM,kBAAkB,GAAG,KAAK,EAC9B,CAAU,EACV,IAAqB,EACrB,KAAoB,EACsB,EAAE;IAC5C,MAAM,WAAW,GAAG,sBAAsB,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,IAAI,CAAC,CAAC;IAChF,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;QAC1B,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,oCAAoC,CAAC,CAAC;IACxF,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,eAAe,CAAC,UAAU,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IAC5E,IAAI,CAAC,MAAM;QAAE,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,+BAA+B,CAAC,CAAC;IAE9F,IAAI,MAAM,CAAC,uBAAuB,KAAK,MAAM,EAAE,CAAC;QAC9C,OAAO,EAAE,MAAM,EAAE,CAAC;IACpB,CAAC;IAED,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC;QACpD,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,4BAA4B,CAAC,CAAC;IAChF,CAAC;IAED,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IACrE,IAAI,UAAU,KAAK,MAAM,CAAC,gBAAgB,EAAE,CAAC;QAC3C,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,+BAA+B,CAAC,CAAC;IACnF,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,EAAE,CAAC;AAChD,CAAC,CAAC;AAEF,MAAM,sBAAsB,GAAG,CAC7B,aAAiC,EACjC,IAAqB,EACyB,EAAE;IAChD,IAAI,aAAa,EAAE,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QACxC,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;QAC3D,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACvC,OAAO;YACL,QAAQ,EAAE,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,OAAO;YAChE,MAAM,EAAE,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE;SAC3D,CAAC;IACJ,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC;QAC/B,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,SAAS;KAC/C,CAAC;AACJ,CAAC,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,qBAAqB,GAAG,CAC5B,CAAU,EACV,IAAqB,EACrB,WAA4B,EACX,EAAE;IACnB,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC9E,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACxC,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,gDAAgD,CAAC,CAAC;IACpG,CAAC;IACD,IAAI,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,QAAQ,IAAI,IAAI,CAAC,EAAE,CAAC;QACpD,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,eAAe,EAAE,oDAAoD,CAAC,CAAC;IACvG,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF,MAAM,cAAc,GAAG,KAAK,EAC1B,CAAU,EACV,OAAiC,EACjC,MAAyB,EACzB,WAA4B,EACO,EAAE;IACrC,IAAI,CAAC,MAAM,CAAC,qBAAqB;QAAE,OAAO,IAAI,CAAC;IAE/C,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,CAAC,KAAK;QAAE,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,oBAAoB,EAAE,yBAAyB,CAAC,CAAC;IAE3F,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CAAC;YAC1C,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG;YACd,cAAc,EAAE,OAAO,CAAC,kBAAkB;YAC1C,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,KAAK;SACN,CAAC,CAAC;QACH,IAAI,WAAW,CAAC,OAAO,IAAI,WAAW,CAAC,OAAO,KAAK,QAAQ,CAAC,GAAG,EAAE,CAAC;YAChE,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,eAAe,EAAE,iDAAiD,CAAC,CAAC;QACpG,CAAC;QACD,OAAO,QAAQ,CAAC,GAAG,CAAC;IACtB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,mBAAmB,EAAE,CAAC;YACzC,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,oBAAoB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;QACrE,CAAC;QACD,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,uBAAuB,GAAG,KAAK,EACnC,CAAU,EACV,IAAqB,EACrB,OAAiC,EACd,EAAE;IACrB,MAAM,iBAAiB,GAAG,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,iBAAiB,CAAC;IAC1E,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,wBAAwB,EAAE,gDAAgD,CAAC,CAAC;IAC5G,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,yBAAyB,CAAC,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,KAAK,EAAE,iBAAiB,CAAC,CAAC;IACxF,IAAI,IAAI,YAAY,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE1C,MAAM,KAAK,GAAG,mBAAmB,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IACxD,IAAI,KAAK,YAAY,QAAQ;QAAE,OAAO,KAAK,CAAC;IAE5C,MAAM,QAAQ,GAAG,wBAAwB,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IAChE,IAAI,QAAQ,YAAY,QAAQ;QAAE,OAAO,QAAQ,CAAC;IAElD,MAAM,OAAO,GAAG,MAAM,qBAAqB,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IACrE,IAAI,OAAO,YAAY,QAAQ;QAAE,OAAO,OAAO,CAAC;IAEhD,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;IACvF,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AACxB,CAAC,CAAC;AAEF,MAAM,yBAAyB,GAAG,KAAK,EACrC,CAAU,EACV,IAAqB,EACrB,KAAoB,EACpB,iBAAqF,EACpC,EAAE;IACnD,MAAM,WAAW,GAAG,sBAAsB,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,IAAI,CAAC,CAAC;IAChF,IAAI,CAAC,WAAW,CAAC,QAAQ,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC;QACjD,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,oCAAoC,CAAC,CAAC;IACxF,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IAC7D,IAAI,CAAC,MAAM;QAAE,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,+BAA+B,CAAC,CAAC;IAE9F,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IACrE,IAAI,UAAU,KAAK,MAAM,CAAC,gBAAgB,EAAE,CAAC;QAC3C,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,+BAA+B,CAAC,CAAC;IACnF,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,EAAE,CAAC;AAChD,CAAC,CAAC;AAEF,MAAM,mBAAmB,GAAG,CAC1B,CAAU,EACV,IAAqB,EACrB,MAA2B,EACR,EAAE;IACrB,MAAM,SAAS,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACzE,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3B,OAAO,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACxC,CAAC;IACD,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;IAC9C,MAAM,YAAY,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IACtE,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,eAAe,EAAE,sBAAsB,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAClG,CAAC;IACD,OAAO,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC,CAAC;AAEF,MAAM,wBAAwB,GAAG,CAC/B,CAAU,EACV,IAAqB,EACrB,MAA2B,EACR,EAAE;IACrB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACvC,MAAM,UAAU,GAAG,MAAM,CAAC,kBAAkB,CAAC;IAE7C,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YACpC,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,oDAAoD,CAAC,CAAC;QACxG,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,OAAO,UAAU,CAAC,CAAC,CAAC,CAAC;IACvB,CAAC;IACD,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,mDAAmD,CAAC,CAAC;IACvG,CAAC;IACD,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,mEAAmE,CAAC,CAAC;AACvH,CAAC,CAAC;AAEF,MAAM,qBAAqB,GAAG,KAAK,EACjC,CAAU,EACV,OAAiC,EACjC,MAA2B,EACQ,EAAE;IACrC,IAAI,CAAC,MAAM,CAAC,qBAAqB;QAAE,OAAO,IAAI,CAAC;IAE/C,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,CAAC,KAAK;QAAE,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,oBAAoB,EAAE,yBAAyB,CAAC,CAAC;IAE3F,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CAAC;YAC1C,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG;YACd,cAAc,EAAE,OAAO,CAAC,kBAAkB;YAC1C,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,KAAK;SACN,CAAC,CAAC;QACH,OAAO,QAAQ,CAAC,GAAG,CAAC;IACtB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,mBAAmB,EAAE,CAAC;YACzC,OAAO,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,oBAAoB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;QACrE,CAAC;QACD,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,KAAK,EAC7B,OAAiC,EACjC,MAA2B,EAC3B,KAAa,EACb,QAAgB,EAChB,OAAsB,EACtB,EAAE;IACF,MAAM,UAAU,GAAG,OAAO,CAAC,4BAA4B,IAAI,wCAAwC,CAAC;IACpG,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;IACtC,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;IAClE,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IACnD,MAAM,IAAI,GAAG,iBAAiB,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;IAC7F,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IAC9C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,OAAO,CACpC;QACE,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvB,KAAK;KACN,EACD;QACE,QAAQ,EAAE,QAAQ;QAClB,SAAS;QACT,MAAM,EAAE,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC;QACzC,GAAG,EAAE,SAAS;QACd,OAAO,EAAE,MAAM,CAAC,QAAQ;QACxB,IAAI,EAAE,KAAK;KACZ,CACF,CAAC;IAEF,kFAAkF;IAClF,OAAO;QACL,YAAY,EAAE,WAAW;QACzB,UAAU,EAAE,UAAU;QACtB,KAAK;QACL,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;KACxC,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,WAAW,GAAG,KAAK,EACvB,OAAiC,EACjC,MAAyB,EACzB,WAA4B,EAC5B,IAAwB,EACxB,OAAsB,EACtB,EAAE;IACF,MAAM,qBAAqB,GAAG,OAAO,CAAC,qBAAqB,IAAI,IAAI,CAAC;IACpE,MAAM,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,IAAI,IAAI,CAAC;IAC5D,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;IACtC,MAAM,eAAe,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,EAAE,qBAAqB,CAAC,CAAC;IACnF,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAC;IAC3E,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC9D,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IAEnD,0FAA0F;IAC1F,4FAA4F;IAC5F,kEAAkE;IAClE,IAAI,aAAa,GAAkB,WAAW,CAAC,QAAQ,CAAC;IACxD,IAAI,aAAa,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;QAC1C,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,WAAW,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;QACrG,IAAI,CAAC,aAAa;YAAE,aAAa,GAAG,IAAI,CAAC;IAC3C,CAAC;IAED,MAAM,IAAI,GAAG,iBAAiB,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;IAC7F,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IAC9C,2FAA2F;IAC3F,+FAA+F;IAC/F,iGAAiG;IACjG,MAAM,cAAc,GAClB,WAAW,CAAC,QAAQ,IAAI,GAAG,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC,6BAA6B,CAAC;IAC5F,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,OAAO,CACpC;QACE,GAAG,EAAE,WAAW,CAAC,GAAG;QACpB,SAAS,EAAE,cAAc,CAAC,WAAW,CAAC,QAAQ,CAAC;QAC/C,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvB,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAChD,KAAK,EAAE,WAAW,CAAC,KAAK;KACzB,EACD;QACE,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,eAAe;QAC1B,MAAM,EAAE,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC;QACzC,GAAG,EAAE,SAAS;QACd,OAAO,EAAE,WAAW,CAAC,MAAM;QAC3B,IAAI,EAAE,KAAK;KACZ,CACF,CAAC;IAEF,MAAM,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,aAAa,CAC/C,SAAS,EACT,SAAS,CAAC;QACR,QAAQ,EAAE,cAAc;QACxB,MAAM;QACN,WAAW;QACX,OAAO;QACP,SAAS,EAAE,eAAe;QAC1B,GAAG,EAAE,SAAS;QACd,SAAS,EAAE,cAAc;KAC1B,CAAC,EACF,qBAAqB,CACtB,CAAC;IAEF,MAAM,QAAQ,GAA4B;QACxC,YAAY,EAAE,WAAW;QACzB,UAAU,EAAE,qBAAqB;QACjC,KAAK,EAAE,WAAW,CAAC,KAAK;QACxB,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;KACxC,CAAC;IAEF,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC9B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAChC;YACE,GAAG,EAAE,WAAW,CAAC,GAAG;YACpB,SAAS,EAAE,cAAc,CAAC,WAAW,CAAC,QAAQ,CAAC;YAC/C,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACvB,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,cAAc,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9F,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACjE,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1D,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACjD,EACD;YACE,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,SAAS,EAAE,WAAW;YACtB,MAAM,EAAE,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC;YACzC,GAAG,EAAE,KAAK;YACV,OAAO,EAAE,WAAW,CAAC,MAAM;YAC3B,IAAI,EAAE,KAAK;SACZ,CACF,CAAC;QACF,QAAQ,CAAC,QAAQ,GAAG,OAAO,CAAC;QAC5B,MAAM,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,aAAa,CAC/C,KAAK,EACL,SAAS,CAAC;YACR,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,MAAM;YACN,WAAW;YACX,OAAO;YACP,SAAS,EAAE,WAAW;YACtB,GAAG,EAAE,KAAK;YACV,SAAS,EAAE,UAAU;SACtB,CAAC,EACF,iBAAiB,CAClB,CAAC;IACJ,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAEF,MAAM,SAAS,GAAG,CAAC,KAQlB,EAAa,EAAE,CAAC,CAAC;IAChB,QAAQ,EAAE,KAAK,CAAC,QAAQ;IACxB,QAAQ,EAAE,KAAK,CAAC,MAAM,CAAC,QAAQ;IAC/B,SAAS,EAAE,KAAK,CAAC,WAAW,CAAC,SAAS;IACtC,OAAO,EAAE,KAAK,CAAC,OAAO;IACtB,SAAS,EAAE,KAAK,CAAC,SAAS;IAC1B,GAAG,EAAE,KAAK,CAAC,GAAG;IACd,KAAK,EAAE,KAAK,CAAC,WAAW,CAAC,KAAK;IAC9B,QAAQ,EAAE,KAAK,CAAC,WAAW,CAAC,QAAQ;IACpC,SAAS,EAAE,KAAK,CAAC,SAAS;IAC1B,MAAM,EAAE,KAAK,CAAC,WAAW,CAAC,MAAM;CACjC,CAAC,CAAC;AAEH,MAAM,cAAc,GAAG,CAAC,IAAU,EAAU,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;AAEjF,MAAM,iBAAiB,GAAG,CAAC,KAAa,EAAU,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC"}
|
|
@@ -6,7 +6,7 @@ export const createWellKnownRouter = (options) => {
|
|
|
6
6
|
const oauthPrefix = normalizePathPrefix(options.oauthPathPrefix ?? '/api/v1/auth/oauth');
|
|
7
7
|
router.get('/openid-configuration', (c) => c.json({
|
|
8
8
|
authorization_endpoint: `${issuer}${oauthPrefix}/authorize`,
|
|
9
|
-
claims_supported: ['sub', 'aud', 'iss', 'exp', 'iat', 'nonce', 'auth_time', 'acr', 'email', 'email_verified', 'name'],
|
|
9
|
+
claims_supported: ['sub', 'aud', 'iss', 'exp', 'iat', 'nonce', 'auth_time', 'acr', 'email', 'email_verified', 'name', 'tid'],
|
|
10
10
|
code_challenge_methods_supported: ['S256'],
|
|
11
11
|
dpop_signing_alg_values_supported: ['EdDSA'],
|
|
12
12
|
grant_types_supported: ['authorization_code', 'client_credentials'],
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"wellknown-handler.js","sourceRoot":"","sources":["../../src/oauth/wellknown-handler.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAQtD,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,OAAqC,EAAQ,EAAE;IACnF,MAAM,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;IAC1B,MAAM,MAAM,GAAG,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACjD,MAAM,WAAW,GAAG,mBAAmB,CAAC,OAAO,CAAC,eAAe,IAAI,oBAAoB,CAAC,CAAC;IAEzF,MAAM,CAAC,GAAG,CAAC,uBAAuB,EAAE,CAAC,CAAC,EAAE,EAAE,CACxC,CAAC,CAAC,IAAI,CAAC;QACL,sBAAsB,EAAE,GAAG,MAAM,GAAG,WAAW,YAAY;QAC3D,gBAAgB,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,OAAO,EAAE,gBAAgB,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"wellknown-handler.js","sourceRoot":"","sources":["../../src/oauth/wellknown-handler.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAQtD,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,OAAqC,EAAQ,EAAE;IACnF,MAAM,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;IAC1B,MAAM,MAAM,GAAG,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACjD,MAAM,WAAW,GAAG,mBAAmB,CAAC,OAAO,CAAC,eAAe,IAAI,oBAAoB,CAAC,CAAC;IAEzF,MAAM,CAAC,GAAG,CAAC,uBAAuB,EAAE,CAAC,CAAC,EAAE,EAAE,CACxC,CAAC,CAAC,IAAI,CAAC;QACL,sBAAsB,EAAE,GAAG,MAAM,GAAG,WAAW,YAAY;QAC3D,gBAAgB,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,OAAO,EAAE,gBAAgB,EAAE,MAAM,EAAE,KAAK,CAAC;QAC5H,gCAAgC,EAAE,CAAC,MAAM,CAAC;QAC1C,iCAAiC,EAAE,CAAC,OAAO,CAAC;QAC5C,qBAAqB,EAAE,CAAC,oBAAoB,EAAE,oBAAoB,CAAC;QACnE,qCAAqC,EAAE,CAAC,OAAO,CAAC;QAChD,sBAAsB,EAAE,GAAG,MAAM,GAAG,WAAW,aAAa;QAC5D,MAAM;QACN,QAAQ,EAAE,GAAG,MAAM,wBAAwB;QAC3C,wBAAwB,EAAE,CAAC,MAAM,CAAC;QAClC,mBAAmB,EAAE,GAAG,MAAM,GAAG,WAAW,SAAS;QACrD,gBAAgB,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;QAChD,uBAAuB,EAAE,CAAC,QAAQ,CAAC;QACnC,cAAc,EAAE,GAAG,MAAM,GAAG,WAAW,QAAQ;QAC/C,qCAAqC,EAAE,CAAC,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,CAAC;QAC5F,iBAAiB,EAAE,GAAG,MAAM,GAAG,WAAW,WAAW;KACtD,CAAC,CACH,CAAC;IAEF,MAAM,CAAC,GAAG,CAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACnC,MAAM,IAAI,GAAG,iBAAiB,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QAC7F,CAAC,CAAC,MAAM,CAAC,eAAe,EAAE,qBAAqB,CAAC,CAAC;QACjD,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,CAAC,KAAa,EAAU,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;AAEhF,MAAM,mBAAmB,GAAG,CAAC,KAAa,EAAU,EAAE;IACpD,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;IACjD,OAAO,OAAO,CAAC,CAAC,CAAC,IAAI,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;AACtC,CAAC,CAAC"}
|
package/dist/ports.d.ts
CHANGED
|
@@ -263,6 +263,18 @@ export interface AuthHonoAccountPolicyPort {
|
|
|
263
263
|
resolveSessionRole(user: AuthHonoUserRecord, now: Date): Promise<string> | string;
|
|
264
264
|
afterUserCreated?(user: AuthHonoUserRecord): Promise<void> | void;
|
|
265
265
|
}
|
|
266
|
+
/**
|
|
267
|
+
* BR-39e: tenancy spine. OPTIONAL — when absent, auth-hono keeps the legacy behavior of
|
|
268
|
+
* sourcing the auth-code `tenantId` from the client. When present, the tenant claim (`tid`)
|
|
269
|
+
* is derived ONLY from a VALIDATED `approved` membership (never a raw request parameter),
|
|
270
|
+
* and re-checked at token time (lifecycle gate).
|
|
271
|
+
*/
|
|
272
|
+
export interface AuthHonoTenantPort {
|
|
273
|
+
/** Tenant ids the user is an `approved` member of, for selection + claim derivation. */
|
|
274
|
+
listApprovedTenantIds(userId: string): Promise<string[]>;
|
|
275
|
+
/** True iff (userId, tenantId) is currently an `approved` membership (binding re-check). */
|
|
276
|
+
isApprovedMember(userId: string, tenantId: string): Promise<boolean>;
|
|
277
|
+
}
|
|
266
278
|
export interface AuthHonoPorts {
|
|
267
279
|
users: AuthHonoUserPort;
|
|
268
280
|
credentials: AuthHonoCredentialPort;
|
|
@@ -279,5 +291,7 @@ export interface AuthHonoPorts {
|
|
|
279
291
|
accountPolicy: AuthHonoAccountPolicyPort;
|
|
280
292
|
oauthStateStore: OauthStateStorePort;
|
|
281
293
|
jwks: JwksPort;
|
|
294
|
+
/** BR-39e tenancy spine (optional; legacy behavior when absent). */
|
|
295
|
+
tenant?: AuthHonoTenantPort;
|
|
282
296
|
}
|
|
283
297
|
//# sourceMappingURL=ports.d.ts.map
|
package/dist/ports.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ports.d.ts","sourceRoot":"","sources":["../src/ports.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,mBAAmB,EAAE,MAAM,8BAA8B,CAAC;AAElF,YAAY,EACV,eAAe,EACf,eAAe,EACf,aAAa,EACb,QAAQ,EACR,aAAa,EACb,iBAAiB,EACjB,mBAAmB,EACnB,cAAc,EACd,mBAAmB,EACnB,SAAS,GACV,MAAM,8BAA8B,CAAC;AAEtC,MAAM,MAAM,qBAAqB,GAC7B,QAAQ,GACR,wBAAwB,GACxB,2BAA2B,GAC3B,kBAAkB,GAClB,mBAAmB,GACnB,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;AAElB,MAAM,MAAM,qBAAqB,GAAG,cAAc,GAAG,gBAAgB,CAAC;AAEtE,MAAM,WAAW,kBAAkB;IACjC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,aAAa,EAAE,OAAO,CAAC;IACvB,aAAa,EAAE,qBAAqB,CAAC;IACrC,aAAa,EAAE,IAAI,GAAG,IAAI,CAAC;IAC3B,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,uBAAuB;IACtC,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,aAAa,CAAC,EAAE,qBAAqB,CAAC;IACtC,aAAa,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;CAC7B;AAED,MAAM,WAAW,uBAAuB;IACtC,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,aAAa,CAAC,EAAE,qBAAqB,CAAC;IACtC,aAAa,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAC5B,SAAS,CAAC,EAAE,IAAI,CAAC;CAClB;AAED,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAAC;IAC7D,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAAC;IAC/D,MAAM,CAAC,KAAK,EAAE,uBAAuB,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACpE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,uBAAuB,GAAG,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAAC;IAC3F,KAAK,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;CAC1B;AAED,MAAM,WAAW,wBAAwB;IACvC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,UAAU,GAAG,WAAW,GAAG,MAAM,CAAC;IAC7C,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IAC5B,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,EAAE,OAAO,GAAG,IAAI,CAAC;IACzB,UAAU,EAAE,IAAI,GAAG,IAAI,CAAC;IACxB,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,GAAG,IAAI,CAAC;CACxB;AAED,MAAM,WAAW,6BAA6B;IAC5C,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,UAAU,GAAG,WAAW,GAAG,MAAM,CAAC;IAC7C,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IAC7B,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,QAAQ,CAAC,EAAE,OAAO,GAAG,IAAI,CAAC;CAC3B;AAED,MAAM,WAAW,sBAAsB;IACrC,QAAQ,CAAC,kBAAkB,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,GAAG,IAAI,CAAC,CAAC;IAC/E,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,GAAG,IAAI,CAAC,CAAC;IACnF,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,EAAE,CAAC,CAAC;IACjE,MAAM,CAAC,KAAK,EAAE,6BAA6B,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;IAChF,aAAa,CAAC,YAAY,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACvF,MAAM,CAAC,kBAAkB,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,GAAG,IAAI,CAAC,CAAC;IAC3G,MAAM,CAAC,kBAAkB,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CACtE;AAED,MAAM,WAAW,uBAAuB;IACtC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,IAAI,EAAE,qBAAqB,CAAC;IAC5B,SAAS,EAAE,IAAI,CAAC;IAChB,IAAI,EAAE,OAAO,CAAC;IACd,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,4BAA4B;IAC3C,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,IAAI,EAAE,qBAAqB,CAAC;IAC5B,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,qBAAqB;IACpC,MAAM,CAAC,KAAK,EAAE,4BAA4B,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC;IAC9E,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,qBAAqB,GAAG,OAAO,CAAC,uBAAuB,GAAG,IAAI,CAAC,CAAC;IACnG,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3C,YAAY,CAAC,GAAG,EAAE,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CAC1C;AAED,MAAM,WAAW,qBAAqB;IACpC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,WAAW,EAAE,OAAO,CAAC;IACrB,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;IAChB,cAAc,EAAE,IAAI,CAAC;IACrB,SAAS,EAAE,IAAI,GAAG,IAAI,CAAC;CACxB;AAED,MAAM,WAAW,0BAA0B;IACzC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,UAAU,CAAC,EAAE,kBAAkB,CAAC;IAChC,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,SAAS,EAAE,IAAI,CAAC;IAChB,GAAG,EAAE,IAAI,CAAC;CACX;AAED,MAAM,WAAW,mBAAmB;IAClC,MAAM,CAAC,KAAK,EAAE,0BAA0B,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAAC;IAC1E,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC,CAAC;IACnE,eAAe,CAAC,gBAAgB,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC,CAAC;IACjF,sBAAsB,CAAC,gBAAgB,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC,CAAC;IACxF,KAAK,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACnD,YAAY,CAAC,KAAK,EAAE;QAClB,SAAS,EAAE,IAAI,CAAC;QAChB,gBAAgB,EAAE,MAAM,CAAC;QACzB,SAAS,EAAE,MAAM,CAAC;QAClB,gBAAgB,EAAE,MAAM,CAAC;KAC1B,GAAG,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC5C,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAClD,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,EAAE,CAAC,CAAC;CAC/D;AAED,MAAM,WAAW,+BAA+B;IAC9C,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,SAAS,EAAE,IAAI,CAAC;IAChB,IAAI,EAAE,OAAO,CAAC;IACd,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,6BAA6B;IAC5C,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACzD,UAAU,CAAC,KAAK,EAAE;QAChB,KAAK,EAAE,MAAM,CAAC;QACd,QAAQ,EAAE,MAAM,CAAC;QACjB,SAAS,EAAE,IAAI,CAAC;QAChB,GAAG,EAAE,IAAI,CAAC;KACX,GAAG,OAAO,CAAC,+BAA+B,CAAC,CAAC;IAC7C,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAG,OAAO,CAAC,+BAA+B,GAAG,IAAI,CAAC,CAAC;IACjH,6BAA6B,CAAC,EAAE,EAAE,MAAM,EAAE,iBAAiB,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACpF,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,iBAAiB,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CACpF;AAED,MAAM,WAAW,uBAAuB;IACtC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,SAAS,EAAE,IAAI,CAAC;IAChB,IAAI,EAAE,OAAO,CAAC;IACd,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,qBAAqB;IACpC,MAAM,CAAC,KAAK,EAAE;QACZ,KAAK,EAAE,MAAM,CAAC;QACd,SAAS,EAAE,MAAM,CAAC;QAClB,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QACvB,SAAS,EAAE,IAAI,CAAC;QAChB,GAAG,EAAE,IAAI,CAAC;KACX,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC;IACrC,oBAAoB,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAG,OAAO,CAAC,uBAAuB,GAAG,IAAI,CAAC,CAAC;IAC5F,QAAQ,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC7D;AAED,MAAM,WAAW,yBAAyB;IACxC,oBAAoB,CAAC,KAAK,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,IAAI,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7F,aAAa,CAAC,KAAK,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,IAAI,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACrG;AAED,MAAM,WAAW,kBAAkB;IACjC,gBAAgB,CAAC,OAAO,EAAE,OAAO,GAAG,MAAM,GAAG,IAAI,CAAC;IAClD,gBAAgB,CAAC,OAAO,EAAE,OAAO,GAAG,MAAM,GAAG,IAAI,CAAC;IAClD,sBAAsB,CAAC,KAAK,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,IAAI,CAAA;KAAE,GAAG,MAAM,CAAC;IAC1E,sBAAsB,CAAC,KAAK,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,IAAI,CAAA;KAAE,GAAG,MAAM,CAAC;IAC1E,6BAA6B,IAAI,MAAM,CAAC;IACxC,6BAA6B,IAAI,MAAM,CAAC;CACzC;AAED,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC7B;AAED,MAAM,WAAW,iBAAiB;IAChC,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC;IACrD,gBAAgB,CAAC,MAAM,EAAE,qBAAqB,EAAE,SAAS,EAAE,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAClF,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC,CAAC;IACzE,qBAAqB,CAAC,KAAK,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,IAAI,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CACnF;AAED,MAAM,MAAM,kBAAkB,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;AAErE,MAAM,WAAW,oBAAoB;IACnC,MAAM,CAAC,KAAK,EAAE,kBAAkB,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;CAC1G;AAED,MAAM,WAAW,iBAAiB;IAChC,GAAG,IAAI,IAAI,CAAC;IACZ,UAAU,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/C;AAED,MAAM,WAAW,kBAAkB;IACjC,IAAI,IAAI,MAAM,CAAC;IACf,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,UAAU,CAAC;IAClC,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC;IACpC,KAAK,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC;CAC9B;AAED,MAAM,WAAW,6BAA6B;IAC5C,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,yBAAyB;IACxC,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC;IACtC,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC;IACzC,uBAAuB,CAAC,CAAC,IAAI,EAAE,kBAAkB,GAAG,aAAa,GAAG,WAAW,GAAG,UAAU,CAAC;IAC7F,cAAc,CAAC,KAAK,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,OAAO,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC;IACzF,gBAAgB,CAAC,KAAK,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,OAAO,CAAC;QAAC,GAAG,EAAE,IAAI,CAAA;KAAE,GAAG,OAAO,CAAC;QACnF,aAAa,EAAE,qBAAqB,CAAC;QACrC,aAAa,EAAE,IAAI,GAAG,IAAI,CAAC;KAC5B,CAAC,GAAG;QACH,aAAa,EAAE,qBAAqB,CAAC;QACrC,aAAa,EAAE,IAAI,GAAG,IAAI,CAAC;KAC5B,CAAC;IACF,eAAe,CAAC,IAAI,EAAE,kBAAkB,EAAE,GAAG,EAAE,IAAI,GAAG,OAAO,CAAC,6BAA6B,CAAC,GAAG,6BAA6B,CAAC;IAC7H,kBAAkB,CAAC,IAAI,EAAE,kBAAkB,EAAE,GAAG,EAAE,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC;IAClF,gBAAgB,CAAC,CAAC,IAAI,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;CACnE;AAED,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,gBAAgB,CAAC;IACxB,WAAW,EAAE,sBAAsB,CAAC;IACpC,UAAU,EAAE,qBAAqB,CAAC;IAClC,QAAQ,EAAE,mBAAmB,CAAC;IAC9B,iBAAiB,EAAE,6BAA6B,CAAC;IACjD,UAAU,EAAE,qBAAqB,CAAC;IAClC,aAAa,EAAE,yBAAyB,CAAC;IACzC,OAAO,EAAE,kBAAkB,CAAC;IAC5B,MAAM,EAAE,iBAAiB,CAAC;IAC1B,QAAQ,EAAE,oBAAoB,CAAC;IAC/B,KAAK,EAAE,iBAAiB,CAAC;IACzB,MAAM,EAAE,kBAAkB,CAAC;IAC3B,aAAa,EAAE,yBAAyB,CAAC;IACzC,eAAe,EAAE,mBAAmB,CAAC;IACrC,IAAI,EAAE,QAAQ,CAAC;CAChB"}
|
|
1
|
+
{"version":3,"file":"ports.d.ts","sourceRoot":"","sources":["../src/ports.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,mBAAmB,EAAE,MAAM,8BAA8B,CAAC;AAElF,YAAY,EACV,eAAe,EACf,eAAe,EACf,aAAa,EACb,QAAQ,EACR,aAAa,EACb,iBAAiB,EACjB,mBAAmB,EACnB,cAAc,EACd,mBAAmB,EACnB,SAAS,GACV,MAAM,8BAA8B,CAAC;AAEtC,MAAM,MAAM,qBAAqB,GAC7B,QAAQ,GACR,wBAAwB,GACxB,2BAA2B,GAC3B,kBAAkB,GAClB,mBAAmB,GACnB,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;AAElB,MAAM,MAAM,qBAAqB,GAAG,cAAc,GAAG,gBAAgB,CAAC;AAEtE,MAAM,WAAW,kBAAkB;IACjC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,aAAa,EAAE,OAAO,CAAC;IACvB,aAAa,EAAE,qBAAqB,CAAC;IACrC,aAAa,EAAE,IAAI,GAAG,IAAI,CAAC;IAC3B,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,uBAAuB;IACtC,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,aAAa,CAAC,EAAE,qBAAqB,CAAC;IACtC,aAAa,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;CAC7B;AAED,MAAM,WAAW,uBAAuB;IACtC,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,aAAa,CAAC,EAAE,qBAAqB,CAAC;IACtC,aAAa,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAC5B,SAAS,CAAC,EAAE,IAAI,CAAC;CAClB;AAED,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAAC;IAC7D,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAAC;IAC/D,MAAM,CAAC,KAAK,EAAE,uBAAuB,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACpE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,uBAAuB,GAAG,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAAC;IAC3F,KAAK,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;CAC1B;AAED,MAAM,WAAW,wBAAwB;IACvC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,UAAU,GAAG,WAAW,GAAG,MAAM,CAAC;IAC7C,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IAC5B,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,EAAE,OAAO,GAAG,IAAI,CAAC;IACzB,UAAU,EAAE,IAAI,GAAG,IAAI,CAAC;IACxB,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,GAAG,IAAI,CAAC;CACxB;AAED,MAAM,WAAW,6BAA6B;IAC5C,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,UAAU,GAAG,WAAW,GAAG,MAAM,CAAC;IAC7C,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IAC7B,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,QAAQ,CAAC,EAAE,OAAO,GAAG,IAAI,CAAC;CAC3B;AAED,MAAM,WAAW,sBAAsB;IACrC,QAAQ,CAAC,kBAAkB,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,GAAG,IAAI,CAAC,CAAC;IAC/E,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,GAAG,IAAI,CAAC,CAAC;IACnF,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,EAAE,CAAC,CAAC;IACjE,MAAM,CAAC,KAAK,EAAE,6BAA6B,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;IAChF,aAAa,CAAC,YAAY,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACvF,MAAM,CAAC,kBAAkB,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,GAAG,IAAI,CAAC,CAAC;IAC3G,MAAM,CAAC,kBAAkB,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CACtE;AAED,MAAM,WAAW,uBAAuB;IACtC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,IAAI,EAAE,qBAAqB,CAAC;IAC5B,SAAS,EAAE,IAAI,CAAC;IAChB,IAAI,EAAE,OAAO,CAAC;IACd,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,4BAA4B;IAC3C,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,IAAI,EAAE,qBAAqB,CAAC;IAC5B,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,qBAAqB;IACpC,MAAM,CAAC,KAAK,EAAE,4BAA4B,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC;IAC9E,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,qBAAqB,GAAG,OAAO,CAAC,uBAAuB,GAAG,IAAI,CAAC,CAAC;IACnG,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3C,YAAY,CAAC,GAAG,EAAE,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CAC1C;AAED,MAAM,WAAW,qBAAqB;IACpC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,WAAW,EAAE,OAAO,CAAC;IACrB,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;IAChB,cAAc,EAAE,IAAI,CAAC;IACrB,SAAS,EAAE,IAAI,GAAG,IAAI,CAAC;CACxB;AAED,MAAM,WAAW,0BAA0B;IACzC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,UAAU,CAAC,EAAE,kBAAkB,CAAC;IAChC,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,SAAS,EAAE,IAAI,CAAC;IAChB,GAAG,EAAE,IAAI,CAAC;CACX;AAED,MAAM,WAAW,mBAAmB;IAClC,MAAM,CAAC,KAAK,EAAE,0BAA0B,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAAC;IAC1E,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC,CAAC;IACnE,eAAe,CAAC,gBAAgB,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC,CAAC;IACjF,sBAAsB,CAAC,gBAAgB,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC,CAAC;IACxF,KAAK,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACnD,YAAY,CAAC,KAAK,EAAE;QAClB,SAAS,EAAE,IAAI,CAAC;QAChB,gBAAgB,EAAE,MAAM,CAAC;QACzB,SAAS,EAAE,MAAM,CAAC;QAClB,gBAAgB,EAAE,MAAM,CAAC;KAC1B,GAAG,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC5C,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAClD,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,EAAE,CAAC,CAAC;CAC/D;AAED,MAAM,WAAW,+BAA+B;IAC9C,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,SAAS,EAAE,IAAI,CAAC;IAChB,IAAI,EAAE,OAAO,CAAC;IACd,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,6BAA6B;IAC5C,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACzD,UAAU,CAAC,KAAK,EAAE;QAChB,KAAK,EAAE,MAAM,CAAC;QACd,QAAQ,EAAE,MAAM,CAAC;QACjB,SAAS,EAAE,IAAI,CAAC;QAChB,GAAG,EAAE,IAAI,CAAC;KACX,GAAG,OAAO,CAAC,+BAA+B,CAAC,CAAC;IAC7C,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAG,OAAO,CAAC,+BAA+B,GAAG,IAAI,CAAC,CAAC;IACjH,6BAA6B,CAAC,EAAE,EAAE,MAAM,EAAE,iBAAiB,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACpF,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,iBAAiB,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CACpF;AAED,MAAM,WAAW,uBAAuB;IACtC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,SAAS,EAAE,IAAI,CAAC;IAChB,IAAI,EAAE,OAAO,CAAC;IACd,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,qBAAqB;IACpC,MAAM,CAAC,KAAK,EAAE;QACZ,KAAK,EAAE,MAAM,CAAC;QACd,SAAS,EAAE,MAAM,CAAC;QAClB,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QACvB,SAAS,EAAE,IAAI,CAAC;QAChB,GAAG,EAAE,IAAI,CAAC;KACX,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC;IACrC,oBAAoB,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAG,OAAO,CAAC,uBAAuB,GAAG,IAAI,CAAC,CAAC;IAC5F,QAAQ,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC7D;AAED,MAAM,WAAW,yBAAyB;IACxC,oBAAoB,CAAC,KAAK,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,IAAI,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7F,aAAa,CAAC,KAAK,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,IAAI,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACrG;AAED,MAAM,WAAW,kBAAkB;IACjC,gBAAgB,CAAC,OAAO,EAAE,OAAO,GAAG,MAAM,GAAG,IAAI,CAAC;IAClD,gBAAgB,CAAC,OAAO,EAAE,OAAO,GAAG,MAAM,GAAG,IAAI,CAAC;IAClD,sBAAsB,CAAC,KAAK,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,IAAI,CAAA;KAAE,GAAG,MAAM,CAAC;IAC1E,sBAAsB,CAAC,KAAK,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,IAAI,CAAA;KAAE,GAAG,MAAM,CAAC;IAC1E,6BAA6B,IAAI,MAAM,CAAC;IACxC,6BAA6B,IAAI,MAAM,CAAC;CACzC;AAED,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC7B;AAED,MAAM,WAAW,iBAAiB;IAChC,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC;IACrD,gBAAgB,CAAC,MAAM,EAAE,qBAAqB,EAAE,SAAS,EAAE,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAClF,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,GAAG,IAAI,CAAC,CAAC;IACzE,qBAAqB,CAAC,KAAK,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,IAAI,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CACnF;AAED,MAAM,MAAM,kBAAkB,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;AAErE,MAAM,WAAW,oBAAoB;IACnC,MAAM,CAAC,KAAK,EAAE,kBAAkB,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;CAC1G;AAED,MAAM,WAAW,iBAAiB;IAChC,GAAG,IAAI,IAAI,CAAC;IACZ,UAAU,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/C;AAED,MAAM,WAAW,kBAAkB;IACjC,IAAI,IAAI,MAAM,CAAC;IACf,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,UAAU,CAAC;IAClC,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC;IACpC,KAAK,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC;CAC9B;AAED,MAAM,WAAW,6BAA6B;IAC5C,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,yBAAyB;IACxC,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC;IACtC,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC;IACzC,uBAAuB,CAAC,CAAC,IAAI,EAAE,kBAAkB,GAAG,aAAa,GAAG,WAAW,GAAG,UAAU,CAAC;IAC7F,cAAc,CAAC,KAAK,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,OAAO,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC;IACzF,gBAAgB,CAAC,KAAK,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,OAAO,CAAC;QAAC,GAAG,EAAE,IAAI,CAAA;KAAE,GAAG,OAAO,CAAC;QACnF,aAAa,EAAE,qBAAqB,CAAC;QACrC,aAAa,EAAE,IAAI,GAAG,IAAI,CAAC;KAC5B,CAAC,GAAG;QACH,aAAa,EAAE,qBAAqB,CAAC;QACrC,aAAa,EAAE,IAAI,GAAG,IAAI,CAAC;KAC5B,CAAC;IACF,eAAe,CAAC,IAAI,EAAE,kBAAkB,EAAE,GAAG,EAAE,IAAI,GAAG,OAAO,CAAC,6BAA6B,CAAC,GAAG,6BAA6B,CAAC;IAC7H,kBAAkB,CAAC,IAAI,EAAE,kBAAkB,EAAE,GAAG,EAAE,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC;IAClF,gBAAgB,CAAC,CAAC,IAAI,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;CACnE;AAED;;;;;GAKG;AACH,MAAM,WAAW,kBAAkB;IACjC,wFAAwF;IACxF,qBAAqB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACzD,4FAA4F;IAC5F,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CACtE;AAED,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,gBAAgB,CAAC;IACxB,WAAW,EAAE,sBAAsB,CAAC;IACpC,UAAU,EAAE,qBAAqB,CAAC;IAClC,QAAQ,EAAE,mBAAmB,CAAC;IAC9B,iBAAiB,EAAE,6BAA6B,CAAC;IACjD,UAAU,EAAE,qBAAqB,CAAC;IAClC,aAAa,EAAE,yBAAyB,CAAC;IACzC,OAAO,EAAE,kBAAkB,CAAC;IAC5B,MAAM,EAAE,iBAAiB,CAAC;IAC1B,QAAQ,EAAE,oBAAoB,CAAC;IAC/B,KAAK,EAAE,iBAAiB,CAAC;IACzB,MAAM,EAAE,kBAAkB,CAAC;IAC3B,aAAa,EAAE,yBAAyB,CAAC;IACzC,eAAe,EAAE,mBAAmB,CAAC;IACrC,IAAI,EAAE,QAAQ,CAAC;IACf,oEAAoE;IACpE,MAAM,CAAC,EAAE,kBAAkB,CAAC;CAC7B"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sentropic/auth-hono",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.6.0",
|
|
4
4
|
"description": "Reusable Hono authentication route factories, contracts, and server-side auth helpers for Sentropic-compatible apps.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"license": "MIT",
|
|
@@ -88,6 +88,9 @@
|
|
|
88
88
|
"typecheck": "tsc --noEmit -p tsconfig.json",
|
|
89
89
|
"test": "vitest run tests"
|
|
90
90
|
},
|
|
91
|
+
"dependencies": {
|
|
92
|
+
"@sentropic/oauth-verify": "^0.1.0"
|
|
93
|
+
},
|
|
91
94
|
"peerDependencies": {
|
|
92
95
|
"@hono/zod-validator": "^0.7.5",
|
|
93
96
|
"@simplewebauthn/server": "^13.2.2",
|
package/src/index.ts
CHANGED
|
@@ -1,3 +1,13 @@
|
|
|
1
|
+
// Canonical verify-core claim types are re-exported for back-compat: the shared
|
|
2
|
+
// verification primitives now live in @sentropic/oauth-verify (the 4 duplicate auth-hono
|
|
3
|
+
// verify paths delegate to it). Consumers may keep importing these from @sentropic/auth-hono.
|
|
4
|
+
export type {
|
|
5
|
+
AccessTokenClaims,
|
|
6
|
+
ActClaim,
|
|
7
|
+
IdentityType,
|
|
8
|
+
TokenKeySource,
|
|
9
|
+
} from '@sentropic/oauth-verify';
|
|
10
|
+
|
|
1
11
|
export * from './contracts.js';
|
|
2
12
|
export * from './credential-route-handlers.js';
|
|
3
13
|
export * from './email-verification.js';
|
|
@@ -21,6 +21,7 @@ interface ValidatedAuthorizeRequest {
|
|
|
21
21
|
dpopJkt: string | null;
|
|
22
22
|
nonce: string | null;
|
|
23
23
|
redirectUri: string;
|
|
24
|
+
resource: string | null;
|
|
24
25
|
scope: string;
|
|
25
26
|
state: string | null;
|
|
26
27
|
}
|
|
@@ -129,12 +130,16 @@ const validateAuthorizeRequest = async (
|
|
|
129
130
|
const scopeResult = validateScope(c.req.query('scope') ?? '', client, redirectUri, state, c.req.url);
|
|
130
131
|
if (scopeResult instanceof Response) return scopeResult;
|
|
131
132
|
|
|
133
|
+
const resourceResult = validateResource(c.req.queries('resource'), client, redirectUri, state, c.req.url);
|
|
134
|
+
if (resourceResult instanceof Response) return resourceResult;
|
|
135
|
+
|
|
132
136
|
return {
|
|
133
137
|
client,
|
|
134
138
|
codeChallenge,
|
|
135
139
|
dpopJkt: c.req.query('dpop_jkt') ?? null,
|
|
136
140
|
nonce: c.req.query('nonce') ?? null,
|
|
137
141
|
redirectUri,
|
|
142
|
+
resource: resourceResult,
|
|
138
143
|
scope: scopeResult,
|
|
139
144
|
state,
|
|
140
145
|
};
|
|
@@ -174,6 +179,34 @@ const validateScope = (
|
|
|
174
179
|
return requestedScopes.join(' ');
|
|
175
180
|
};
|
|
176
181
|
|
|
182
|
+
/**
|
|
183
|
+
* RFC 8707 resource indicator validation on the `authorization_code` flow (BR-39l Lot 2).
|
|
184
|
+
* - C1 single-aud: more than one `resource` value ⇒ `invalid_target` (no multi-audience tokens).
|
|
185
|
+
* - C2 default-deny allowlist: a requested `resource` must be in `client.resourceIndicators`,
|
|
186
|
+
* else `invalid_target`. No `resource` ⇒ `null` (default-aud = userinfo, byte-identical to 0.5.0).
|
|
187
|
+
* The validated value is sealed into the continuation and becomes the access-token `aud`.
|
|
188
|
+
*/
|
|
189
|
+
const validateResource = (
|
|
190
|
+
resources: string[] | undefined,
|
|
191
|
+
client: OauthClientRecord,
|
|
192
|
+
redirectUri: string,
|
|
193
|
+
state: string | null,
|
|
194
|
+
baseUrl: string
|
|
195
|
+
): string | null | Response => {
|
|
196
|
+
const requested = (resources ?? []).filter((value) => value.length > 0);
|
|
197
|
+
if (requested.length === 0) return null;
|
|
198
|
+
if (requested.length > 1) {
|
|
199
|
+
return redirectWithOAuthError(redirectUri, 'invalid_target', state, baseUrl);
|
|
200
|
+
}
|
|
201
|
+
|
|
202
|
+
const value = requested[0];
|
|
203
|
+
const allowlist = client.resourceIndicators ?? [];
|
|
204
|
+
if (!allowlist.includes(value)) {
|
|
205
|
+
return redirectWithOAuthError(redirectUri, 'invalid_target', state, baseUrl);
|
|
206
|
+
}
|
|
207
|
+
return value;
|
|
208
|
+
};
|
|
209
|
+
|
|
177
210
|
const sealContinuation = async (
|
|
178
211
|
c: Context,
|
|
179
212
|
options: OAuthAuthorizeHandlerOptions,
|
|
@@ -182,6 +215,26 @@ const sealContinuation = async (
|
|
|
182
215
|
): Promise<string> => {
|
|
183
216
|
const now = options.ports.clock.now();
|
|
184
217
|
const expiresAt = options.ports.clock.addSeconds(now, options.stateTtlSeconds ?? 10 * 60);
|
|
218
|
+
|
|
219
|
+
// BR-39e: derive the tenant bound to this auth code from the user's VALIDATED membership,
|
|
220
|
+
// never from the raw client/param. Legacy behavior (client tenant) when no tenancy spine is
|
|
221
|
+
// wired. An explicit `?tenant=` selection is honored ONLY if it is an approved membership.
|
|
222
|
+
let tenantId: string | null = request.client.tenantId;
|
|
223
|
+
if (options.ports.tenant) {
|
|
224
|
+
tenantId = null;
|
|
225
|
+
if (session?.userId) {
|
|
226
|
+
const approved = await options.ports.tenant.listApprovedTenantIds(session.userId);
|
|
227
|
+
const requested = c.req.query('tenant') ?? null;
|
|
228
|
+
if (requested) {
|
|
229
|
+
tenantId = approved.includes(requested) ? requested : null;
|
|
230
|
+
} else if (approved.length === 1) {
|
|
231
|
+
tenantId = approved[0];
|
|
232
|
+
}
|
|
233
|
+
// 0 or >1 approved tenants without a valid explicit selection → no tenant claim
|
|
234
|
+
// (a multi-tenant selection screen is deferred; the RP may re-request with ?tenant=).
|
|
235
|
+
}
|
|
236
|
+
}
|
|
237
|
+
|
|
185
238
|
return options.stateCodec.seal({
|
|
186
239
|
acr: session?.acr,
|
|
187
240
|
authTime: session?.authTime,
|
|
@@ -193,9 +246,10 @@ const sealContinuation = async (
|
|
|
193
246
|
expiresAt: expiresAt.toISOString(),
|
|
194
247
|
nonce: request.nonce,
|
|
195
248
|
redirectUri: request.redirectUri,
|
|
249
|
+
resource: request.resource,
|
|
196
250
|
scope: request.scope,
|
|
197
251
|
state: request.state,
|
|
198
|
-
tenantId
|
|
252
|
+
tenantId,
|
|
199
253
|
userId: session?.userId,
|
|
200
254
|
});
|
|
201
255
|
};
|
|
@@ -61,6 +61,7 @@ export const createOAuthConsentDecisionHandler =
|
|
|
61
61
|
expiresAt: options.ports.clock.addSeconds(now, options.authorizationCodeTtlSeconds ?? 60),
|
|
62
62
|
nonce: payload.nonce,
|
|
63
63
|
redirectUri: payload.redirectUri,
|
|
64
|
+
resource: payload.resource ?? null,
|
|
64
65
|
scope: payload.scope,
|
|
65
66
|
tenantId: payload.tenantId,
|
|
66
67
|
userId: payload.userId ?? '',
|
package/src/oauth/dpop.ts
CHANGED
|
@@ -1,14 +1,10 @@
|
|
|
1
1
|
import {
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
type JWK,
|
|
7
|
-
type JWTPayload,
|
|
8
|
-
} from 'jose';
|
|
2
|
+
DpopVerifyError,
|
|
3
|
+
verifyDpopProof,
|
|
4
|
+
type VerifiedDpop,
|
|
5
|
+
} from '@sentropic/oauth-verify';
|
|
9
6
|
|
|
10
7
|
import type { AuthHonoPorts } from '../ports.js';
|
|
11
|
-
import { sha256Base64url } from './crypto-utils.js';
|
|
12
8
|
|
|
13
9
|
export interface VerifyDpopProofOptions {
|
|
14
10
|
accessToken?: string;
|
|
@@ -19,10 +15,7 @@ export interface VerifyDpopProofOptions {
|
|
|
19
15
|
proof: string;
|
|
20
16
|
}
|
|
21
17
|
|
|
22
|
-
export
|
|
23
|
-
jkt: string;
|
|
24
|
-
jti: string;
|
|
25
|
-
}
|
|
18
|
+
export type VerifiedDpopProof = VerifiedDpop;
|
|
26
19
|
|
|
27
20
|
export class OAuthDpopProofError extends Error {
|
|
28
21
|
constructor(message: string) {
|
|
@@ -31,63 +24,33 @@ export class OAuthDpopProofError extends Error {
|
|
|
31
24
|
}
|
|
32
25
|
}
|
|
33
26
|
|
|
27
|
+
/**
|
|
28
|
+
* AS-side DPoP proof verification. Thin adapter over `@sentropic/oauth-verify`'s shared
|
|
29
|
+
* `verifyDpopProof`: it binds the IdP's clock + replay store and re-maps verification
|
|
30
|
+
* failures onto `OAuthDpopProofError` for the OAuth handlers (token/userinfo/revoke).
|
|
31
|
+
*/
|
|
34
32
|
export const verifyOAuthDpopProof = async (
|
|
35
33
|
options: VerifyDpopProofOptions
|
|
36
34
|
): Promise<VerifiedDpopProof> => {
|
|
37
|
-
const
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
jkt: await calculateJwkThumbprint(publicJwk),
|
|
58
|
-
jti: String(payload.jti),
|
|
59
|
-
};
|
|
60
|
-
};
|
|
61
|
-
|
|
62
|
-
const validateDpopPayload = async (
|
|
63
|
-
payload: JWTPayload,
|
|
64
|
-
options: VerifyDpopProofOptions
|
|
65
|
-
): Promise<void> => {
|
|
66
|
-
if (payload.htm !== options.htm.toUpperCase()) {
|
|
67
|
-
throw new OAuthDpopProofError('DPoP htm claim does not match the request method.');
|
|
68
|
-
}
|
|
69
|
-
if (payload.htu !== options.htu) {
|
|
70
|
-
throw new OAuthDpopProofError('DPoP htu claim does not match the request URL.');
|
|
71
|
-
}
|
|
72
|
-
if (!payload.jti || typeof payload.jti !== 'string') {
|
|
73
|
-
throw new OAuthDpopProofError('DPoP jti claim is required.');
|
|
74
|
-
}
|
|
75
|
-
if (typeof payload.iat !== 'number') {
|
|
76
|
-
throw new OAuthDpopProofError('DPoP iat claim is required.');
|
|
77
|
-
}
|
|
78
|
-
|
|
79
|
-
const nowSeconds = Math.floor(options.ports.clock.now().getTime() / 1000);
|
|
80
|
-
if (Math.abs(payload.iat - nowSeconds) > (options.iatSkewSeconds ?? 60)) {
|
|
81
|
-
throw new OAuthDpopProofError('DPoP iat claim is outside the allowed skew.');
|
|
82
|
-
}
|
|
83
|
-
|
|
84
|
-
if (options.accessToken) {
|
|
85
|
-
await validateAth(payload, options.accessToken);
|
|
86
|
-
}
|
|
87
|
-
};
|
|
88
|
-
|
|
89
|
-
const validateAth = async (payload: JWTPayload, accessToken: string): Promise<void> => {
|
|
90
|
-
if (payload.ath !== (await sha256Base64url(accessToken))) {
|
|
91
|
-
throw new OAuthDpopProofError('DPoP ath claim does not match the access token.');
|
|
35
|
+
const iatSkewSec = options.iatSkewSeconds ?? 60;
|
|
36
|
+
try {
|
|
37
|
+
return await verifyDpopProof({
|
|
38
|
+
accessToken: options.accessToken,
|
|
39
|
+
htm: options.htm,
|
|
40
|
+
htu: options.htu,
|
|
41
|
+
iatSkewSec,
|
|
42
|
+
now: options.ports.clock.now(),
|
|
43
|
+
proof: options.proof,
|
|
44
|
+
replay: (jti) =>
|
|
45
|
+
options.ports.oauthStateStore.recordDpopJti(
|
|
46
|
+
jti,
|
|
47
|
+
options.ports.clock.addSeconds(options.ports.clock.now(), iatSkewSec)
|
|
48
|
+
),
|
|
49
|
+
});
|
|
50
|
+
} catch (error) {
|
|
51
|
+
if (error instanceof DpopVerifyError) {
|
|
52
|
+
throw new OAuthDpopProofError(error.message);
|
|
53
|
+
}
|
|
54
|
+
throw error;
|
|
92
55
|
}
|
|
93
56
|
};
|
|
@@ -1,6 +1,6 @@
|
|
|
1
|
+
import { fromJwksPort } from '@sentropic/oauth-verify';
|
|
1
2
|
import {
|
|
2
3
|
decodeProtectedHeader,
|
|
3
|
-
importJWK,
|
|
4
4
|
jwtVerify,
|
|
5
5
|
SignJWT,
|
|
6
6
|
type JWTVerifyOptions,
|
|
@@ -85,17 +85,13 @@ export const createJwksService = ({ clock, jwksPort }: CreateJwksServiceOptions)
|
|
|
85
85
|
|
|
86
86
|
async verifyJwt(jwt, options = {}) {
|
|
87
87
|
const protectedHeader = decodeProtectedHeader(jwt);
|
|
88
|
-
|
|
89
|
-
if (!kid) {
|
|
88
|
+
if (!protectedHeader.kid) {
|
|
90
89
|
throw new Error('JWT protected header is missing kid.');
|
|
91
90
|
}
|
|
92
91
|
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
}
|
|
97
|
-
|
|
98
|
-
const publicKey = await importJWK(key.publicJwk, key.alg);
|
|
92
|
+
// Key resolution is shared with @sentropic/oauth-verify (single verify core); the
|
|
93
|
+
// AS-side claim assertions (iss/aud/currentDate) stay here via jose JWTVerifyOptions.
|
|
94
|
+
const publicKey = await fromJwksPort(jwksPort).resolveKey(protectedHeader);
|
|
99
95
|
return jwtVerify(jwt, publicKey, options);
|
|
100
96
|
},
|
|
101
97
|
});
|