@superblocksteam/shared 0.9543.6 → 0.9543.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/jwt/index.d.ts +2 -0
- package/dist/jwt/index.d.ts.map +1 -0
- package/dist/jwt/index.js +18 -0
- package/dist/jwt/index.js.map +1 -0
- package/dist/jwt/verifier.d.ts +36 -0
- package/dist/jwt/verifier.d.ts.map +1 -0
- package/dist/jwt/verifier.js +67 -0
- package/dist/jwt/verifier.js.map +1 -0
- package/dist/jwt/verifier.test.d.ts +2 -0
- package/dist/jwt/verifier.test.d.ts.map +1 -0
- package/dist/jwt/verifier.test.js +106 -0
- package/dist/jwt/verifier.test.js.map +1 -0
- package/dist/socket/protocol.d.ts +3 -0
- package/dist/socket/protocol.d.ts.map +1 -1
- package/dist-esm/index.d.ts +1 -0
- package/dist-esm/index.d.ts.map +1 -1
- package/dist-esm/index.js +1 -0
- package/dist-esm/index.js.map +1 -1
- package/dist-esm/jwt/index.d.ts +2 -0
- package/dist-esm/jwt/index.d.ts.map +1 -0
- package/dist-esm/jwt/index.js +2 -0
- package/dist-esm/jwt/index.js.map +1 -0
- package/dist-esm/jwt/verifier.d.ts +36 -0
- package/dist-esm/jwt/verifier.d.ts.map +1 -0
- package/dist-esm/jwt/verifier.js +63 -0
- package/dist-esm/jwt/verifier.js.map +1 -0
- package/dist-esm/jwt/verifier.test.d.ts +2 -0
- package/dist-esm/jwt/verifier.test.d.ts.map +1 -0
- package/dist-esm/jwt/verifier.test.js +104 -0
- package/dist-esm/jwt/verifier.test.js.map +1 -0
- package/dist-esm/socket/protocol.d.ts +3 -0
- package/dist-esm/socket/protocol.d.ts.map +1 -1
- package/package.json +5 -4
- package/src/index.ts +1 -0
- package/src/jwt/index.ts +1 -0
- package/src/jwt/verifier.test.ts +143 -0
- package/src/jwt/verifier.ts +96 -0
- package/src/socket/protocol.ts +3 -0
package/dist/index.d.ts
CHANGED
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC;AACzB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,cAAc,WAAW,CAAC;AAC1B,cAAc,aAAa,CAAC;AAC5B,cAAc,iBAAiB,CAAC;AAChC,cAAc,aAAa,CAAC;AAC5B,cAAc,kBAAkB,CAAC;AACjC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,SAAS,CAAC;AACxB,cAAc,cAAc,CAAC;AAC7B,cAAc,sBAAsB,CAAC;AACrC,cAAc,UAAU,CAAC;AACzB,cAAc,WAAW,CAAC;AAC1B,cAAc,YAAY,CAAC;AAC3B,cAAc,eAAe,CAAC;AAC9B,cAAc,QAAQ,CAAC;AACvB,cAAc,4BAA4B,CAAC;AAC3C,cAAc,qBAAqB,CAAC;AACpC,cAAc,yBAAyB,CAAC;AACxC,cAAc,0BAA0B,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC;AACzB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,cAAc,WAAW,CAAC;AAC1B,cAAc,aAAa,CAAC;AAC5B,cAAc,iBAAiB,CAAC;AAChC,cAAc,aAAa,CAAC;AAC5B,cAAc,kBAAkB,CAAC;AACjC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,SAAS,CAAC;AACxB,cAAc,cAAc,CAAC;AAC7B,cAAc,sBAAsB,CAAC;AACrC,cAAc,UAAU,CAAC;AACzB,cAAc,WAAW,CAAC;AAC1B,cAAc,YAAY,CAAC;AAC3B,cAAc,eAAe,CAAC;AAC9B,cAAc,QAAQ,CAAC;AACvB,cAAc,4BAA4B,CAAC;AAC3C,cAAc,qBAAqB,CAAC;AACpC,cAAc,yBAAyB,CAAC;AACxC,cAAc,0BAA0B,CAAC;AACzC,cAAc,OAAO,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -36,4 +36,5 @@ __exportStar(require("./utils/tracedEventEmitter"), exports);
|
|
|
36
36
|
__exportStar(require("./utils/unreachable"), exports);
|
|
37
37
|
__exportStar(require("./tracing/methodTracing"), exports);
|
|
38
38
|
__exportStar(require("./tracing/errorSanitizer"), exports);
|
|
39
|
+
__exportStar(require("./jwt"), exports);
|
|
39
40
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAyB;AACzB,0CAAwB;AACxB,0CAAwB;AACxB,0CAAwB;AACxB,4CAA0B;AAC1B,8CAA4B;AAC5B,kDAAgC;AAChC,8CAA4B;AAC5B,mDAAiC;AACjC,iDAA+B;AAC/B,0CAAwB;AACxB,+CAA6B;AAC7B,uDAAqC;AACrC,2CAAyB;AACzB,4CAA0B;AAC1B,6CAA2B;AAC3B,gDAA8B;AAC9B,yCAAuB;AACvB,6DAA2C;AAC3C,sDAAoC;AACpC,0DAAwC;AACxC,2DAAyC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAyB;AACzB,0CAAwB;AACxB,0CAAwB;AACxB,0CAAwB;AACxB,4CAA0B;AAC1B,8CAA4B;AAC5B,kDAAgC;AAChC,8CAA4B;AAC5B,mDAAiC;AACjC,iDAA+B;AAC/B,0CAAwB;AACxB,+CAA6B;AAC7B,uDAAqC;AACrC,2CAAyB;AACzB,4CAA0B;AAC1B,6CAA2B;AAC3B,gDAA8B;AAC9B,yCAAuB;AACvB,6DAA2C;AAC3C,sDAAoC;AACpC,0DAAwC;AACxC,2DAAyC;AACzC,wCAAsB"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/jwt/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
__exportStar(require("./verifier"), exports);
|
|
18
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/jwt/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,6CAA2B"}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
import type { JWTPayload, JWTVerifyOptions } from 'jose';
|
|
2
|
+
/**
|
|
3
|
+
* Verifies JWTs using a JWKS endpoint to resolve signing keys on demand.
|
|
4
|
+
*/
|
|
5
|
+
export declare class JwtVerifier {
|
|
6
|
+
private readonly options;
|
|
7
|
+
constructor(options: JwtVerifierOptions);
|
|
8
|
+
verify<T extends JWTPayload>(token: string, options?: JWTVerifyOptions): Promise<T>;
|
|
9
|
+
private resolveJwkSet;
|
|
10
|
+
}
|
|
11
|
+
/**
|
|
12
|
+
* Options that configure how the verifier fetches and caches JWKS signing keys.
|
|
13
|
+
*/
|
|
14
|
+
export interface JwtVerifierOptions {
|
|
15
|
+
jwksUri: string;
|
|
16
|
+
rateLimit?: boolean;
|
|
17
|
+
cache?: boolean;
|
|
18
|
+
cacheMaxEntries?: number;
|
|
19
|
+
cacheMaxAge?: number;
|
|
20
|
+
jwksRequestsPerMinute?: number;
|
|
21
|
+
proxy?: string;
|
|
22
|
+
requestHeaders?: Headers;
|
|
23
|
+
timeoutMs?: number;
|
|
24
|
+
fetcher?(jwksUri: string): Promise<{
|
|
25
|
+
keys: unknown;
|
|
26
|
+
}>;
|
|
27
|
+
getKeysInterceptor?(): Promise<JwtKey[]>;
|
|
28
|
+
}
|
|
29
|
+
export type Headers = Record<string, string>;
|
|
30
|
+
export interface JwtKey {
|
|
31
|
+
kty: string;
|
|
32
|
+
kid: string;
|
|
33
|
+
alg: string;
|
|
34
|
+
[key: string]: unknown;
|
|
35
|
+
}
|
|
36
|
+
//# sourceMappingURL=verifier.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verifier.d.ts","sourceRoot":"","sources":["../../src/jwt/verifier.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,gBAAgB,EAAuB,MAAM,MAAM,CAAC;AAI9E;;GAEG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAqB;gBACjC,OAAO,EAAE,kBAAkB;IAIjC,MAAM,CAAC,CAAC,SAAS,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,OAAO,CAAC,CAAC,CAAC;YAwB3E,aAAa;CA+B5B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,OAAO,CAAA;KAAE,CAAC,CAAC;IACtD,kBAAkB,CAAC,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;CAC1C;AAED,MAAM,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAE7C,MAAM,WAAW,MAAM;IACrB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB"}
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.JwtVerifier = void 0;
|
|
4
|
+
const jose_1 = require("jose");
|
|
5
|
+
const lodash_1 = require("lodash");
|
|
6
|
+
const errors_1 = require("../errors");
|
|
7
|
+
/**
|
|
8
|
+
* Verifies JWTs using a JWKS endpoint to resolve signing keys on demand.
|
|
9
|
+
*/
|
|
10
|
+
class JwtVerifier {
|
|
11
|
+
constructor(options) {
|
|
12
|
+
this.options = options;
|
|
13
|
+
}
|
|
14
|
+
async verify(token, options) {
|
|
15
|
+
let kid;
|
|
16
|
+
try {
|
|
17
|
+
const header = (0, jose_1.decodeProtectedHeader)(token);
|
|
18
|
+
kid = header.kid;
|
|
19
|
+
}
|
|
20
|
+
catch {
|
|
21
|
+
// Preserve legacy error message relied upon by tests
|
|
22
|
+
throw new Error('Invalid token specified');
|
|
23
|
+
}
|
|
24
|
+
if ((0, lodash_1.isEmpty)(kid)) {
|
|
25
|
+
throw new errors_1.UnauthorizedError('Invalid JWT as kid header is missing.');
|
|
26
|
+
}
|
|
27
|
+
const jwkSet = await this.resolveJwkSet();
|
|
28
|
+
try {
|
|
29
|
+
const result = await (0, jose_1.jwtVerify)(token, jwkSet, options);
|
|
30
|
+
return result.payload;
|
|
31
|
+
}
|
|
32
|
+
catch (err) {
|
|
33
|
+
throw new errors_1.UnauthorizedError(`JWT verification failed: ${err.message}`);
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
async resolveJwkSet() {
|
|
37
|
+
// Prefer interceptor-provided keys for explicit testability and control
|
|
38
|
+
if (this.options.getKeysInterceptor) {
|
|
39
|
+
const keys = await this.options.getKeysInterceptor();
|
|
40
|
+
if ((0, lodash_1.isEmpty)(keys)) {
|
|
41
|
+
throw new errors_1.UnauthorizedError('JWT could not be verified as no corresponding public key was found.');
|
|
42
|
+
}
|
|
43
|
+
return (0, jose_1.createLocalJWKSet)({ keys });
|
|
44
|
+
}
|
|
45
|
+
// Allow custom fetcher to provide JWKS out-of-band
|
|
46
|
+
if (this.options.fetcher) {
|
|
47
|
+
const jwks = await this.options.fetcher(this.options.jwksUri);
|
|
48
|
+
const keys = jwks.keys;
|
|
49
|
+
if (!Array.isArray(keys) || (0, lodash_1.isEmpty)(keys)) {
|
|
50
|
+
throw new errors_1.UnauthorizedError('JWT could not be verified as no corresponding public key was found.');
|
|
51
|
+
}
|
|
52
|
+
return (0, jose_1.createLocalJWKSet)({ keys });
|
|
53
|
+
}
|
|
54
|
+
// Default to remote JWKS. jose v5 supports headers/timeout; pass when provided.
|
|
55
|
+
const url = new URL(this.options.jwksUri);
|
|
56
|
+
const opts = {};
|
|
57
|
+
if (!(0, lodash_1.isEmpty)(this.options.requestHeaders)) {
|
|
58
|
+
opts.headers = this.options.requestHeaders;
|
|
59
|
+
}
|
|
60
|
+
if (!(0, lodash_1.isEmpty)(this.options.timeoutMs)) {
|
|
61
|
+
opts.timeoutDuration = this.options.timeoutMs;
|
|
62
|
+
}
|
|
63
|
+
return (0, jose_1.createRemoteJWKSet)(url, opts);
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
exports.JwtVerifier = JwtVerifier;
|
|
67
|
+
//# sourceMappingURL=verifier.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verifier.js","sourceRoot":"","sources":["../../src/jwt/verifier.ts"],"names":[],"mappings":";;;AAAA,+BAA+F;AAE/F,mCAAiC;AACjC,sCAA8C;AAE9C;;GAEG;AACH,MAAa,WAAW;IAEtB,YAAY,OAA2B;QACrC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,MAAM,CAAuB,KAAa,EAAE,OAA0B;QAC1E,IAAI,GAAuB,CAAC;QAC5B,IAAI;YACF,MAAM,MAAM,GAAG,IAAA,4BAAqB,EAAC,KAAK,CAAC,CAAC;YAC5C,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC;SAClB;QAAC,MAAM;YACN,qDAAqD;YACrD,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;SAC5C;QAED,IAAI,IAAA,gBAAO,EAAC,GAAG,CAAC,EAAE;YAChB,MAAM,IAAI,0BAAiB,CAAC,uCAAuC,CAAC,CAAC;SACtE;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;QAE1C,IAAI;YACF,MAAM,MAAM,GAAG,MAAM,IAAA,gBAAS,EAAI,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;YAC1D,OAAO,MAAM,CAAC,OAAO,CAAC;SACvB;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,0BAAiB,CAAC,4BAA6B,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;SACnF;IACH,CAAC;IAEO,KAAK,CAAC,aAAa;QACzB,wEAAwE;QACxE,IAAI,IAAI,CAAC,OAAO,CAAC,kBAAkB,EAAE;YACnC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,kBAAkB,EAAE,CAAC;YACrD,IAAI,IAAA,gBAAO,EAAC,IAAI,CAAC,EAAE;gBACjB,MAAM,IAAI,0BAAiB,CAAC,qEAAqE,CAAC,CAAC;aACpG;YACD,OAAO,IAAA,wBAAiB,EAAC,EAAE,IAAI,EAAE,CAAC,CAAC;SACpC;QAED,mDAAmD;QACnD,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;YACxB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC9D,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;YACvB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAA,gBAAO,EAAC,IAAI,CAAC,EAAE;gBACzC,MAAM,IAAI,0BAAiB,CAAC,qEAAqE,CAAC,CAAC;aACpG;YACD,OAAO,IAAA,wBAAiB,EAAC,EAAE,IAAI,EAAE,CAAC,CAAC;SACpC;QAED,gFAAgF;QAChF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC1C,MAAM,IAAI,GAAwB,EAAE,CAAC;QACrC,IAAI,CAAC,IAAA,gBAAO,EAAC,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE;YACzC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC;SAC5C;QACD,IAAI,CAAC,IAAA,gBAAO,EAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE;YACpC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC;SAC/C;QACD,OAAO,IAAA,yBAAkB,EAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACvC,CAAC;CACF;AA7DD,kCA6DC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verifier.test.d.ts","sourceRoot":"","sources":["../../src/jwt/verifier.test.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,106 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
const node_crypto_1 = require("node:crypto");
|
|
4
|
+
const jose_1 = require("jose");
|
|
5
|
+
const verifier_1 = require("./verifier");
|
|
6
|
+
const KEY_ID = 'test-key';
|
|
7
|
+
const createSigningMaterial = (kid = KEY_ID) => {
|
|
8
|
+
const { publicKey, privateKey } = (0, node_crypto_1.generateKeyPairSync)('rsa', {
|
|
9
|
+
modulusLength: 2048
|
|
10
|
+
});
|
|
11
|
+
const jwk = {
|
|
12
|
+
...publicKey.export({ format: 'jwk' }),
|
|
13
|
+
kid,
|
|
14
|
+
alg: 'RS256',
|
|
15
|
+
use: 'sig'
|
|
16
|
+
};
|
|
17
|
+
return {
|
|
18
|
+
jwk,
|
|
19
|
+
privateKeyPem: privateKey.export({ type: 'pkcs8', format: 'pem' }).toString()
|
|
20
|
+
};
|
|
21
|
+
};
|
|
22
|
+
const buildJwtVerifier = (jwk) => {
|
|
23
|
+
const getKeysInterceptor = jest.fn(async () => [jwk]);
|
|
24
|
+
const options = {
|
|
25
|
+
jwksUri: 'https://example.com/.well-known/jwks.json',
|
|
26
|
+
cache: false,
|
|
27
|
+
getKeysInterceptor
|
|
28
|
+
};
|
|
29
|
+
return { verifier: new verifier_1.JwtVerifier(options), getKeysInterceptor };
|
|
30
|
+
};
|
|
31
|
+
describe('JwtVerifier', () => {
|
|
32
|
+
let signingMaterial;
|
|
33
|
+
beforeAll(() => {
|
|
34
|
+
signingMaterial = createSigningMaterial();
|
|
35
|
+
});
|
|
36
|
+
it('verifies a token with a matching JWKS entry', async () => {
|
|
37
|
+
const { verifier, getKeysInterceptor } = buildJwtVerifier(signingMaterial.jwk);
|
|
38
|
+
const payload = {
|
|
39
|
+
sub: 'user-123',
|
|
40
|
+
scope: 'read:all'
|
|
41
|
+
};
|
|
42
|
+
const key = await (0, jose_1.importPKCS8)(signingMaterial.privateKeyPem, 'RS256');
|
|
43
|
+
const token = await new jose_1.SignJWT(payload).setProtectedHeader({ alg: 'RS256', kid: signingMaterial.jwk.kid }).sign(key);
|
|
44
|
+
const result = await verifier.verify(token);
|
|
45
|
+
expect(getKeysInterceptor).toHaveBeenCalledTimes(1);
|
|
46
|
+
expect(result.sub).toBe(payload.sub);
|
|
47
|
+
expect(result.scope).toBe(payload.scope);
|
|
48
|
+
});
|
|
49
|
+
it('throws UnauthorizedError when the signature does not match the JWKS entry', async () => {
|
|
50
|
+
const { verifier } = buildJwtVerifier(signingMaterial.jwk);
|
|
51
|
+
const mismatchedKey = createSigningMaterial();
|
|
52
|
+
const invalidKey = await (0, jose_1.importPKCS8)(mismatchedKey.privateKeyPem, 'RS256');
|
|
53
|
+
const invalidToken = await new jose_1.SignJWT({ sub: 'user-456' })
|
|
54
|
+
.setProtectedHeader({ alg: 'RS256', kid: signingMaterial.jwk.kid })
|
|
55
|
+
.sign(invalidKey);
|
|
56
|
+
await expect(verifier.verify(invalidToken)).rejects.toMatchObject({
|
|
57
|
+
status: 401,
|
|
58
|
+
message: expect.stringContaining('signature verification failed')
|
|
59
|
+
});
|
|
60
|
+
});
|
|
61
|
+
it('honors JwtVerifyOptions when audience and issuer match', async () => {
|
|
62
|
+
const { verifier, getKeysInterceptor } = buildJwtVerifier(signingMaterial.jwk);
|
|
63
|
+
const audience = 'target-app';
|
|
64
|
+
const issuer = 'https://issuer.example.com';
|
|
65
|
+
const key = await (0, jose_1.importPKCS8)(signingMaterial.privateKeyPem, 'RS256');
|
|
66
|
+
const token = await new jose_1.SignJWT({ sub: 'user-789' })
|
|
67
|
+
.setProtectedHeader({ alg: 'RS256', kid: signingMaterial.jwk.kid })
|
|
68
|
+
.setAudience(audience)
|
|
69
|
+
.setIssuer(issuer)
|
|
70
|
+
.sign(key);
|
|
71
|
+
const result = await verifier.verify(token, {
|
|
72
|
+
algorithms: ['RS256'],
|
|
73
|
+
audience,
|
|
74
|
+
issuer
|
|
75
|
+
});
|
|
76
|
+
expect(getKeysInterceptor).toHaveBeenCalledTimes(1);
|
|
77
|
+
expect(result.sub).toBe('user-789');
|
|
78
|
+
expect(result.aud).toBe(audience);
|
|
79
|
+
expect(result.iss).toBe(issuer);
|
|
80
|
+
});
|
|
81
|
+
it('rejects when VerifyOptions constraints fail', async () => {
|
|
82
|
+
const { verifier } = buildJwtVerifier(signingMaterial.jwk);
|
|
83
|
+
const audience = 'target-app';
|
|
84
|
+
const issuer = 'https://issuer.example.com';
|
|
85
|
+
const key = await (0, jose_1.importPKCS8)(signingMaterial.privateKeyPem, 'RS256');
|
|
86
|
+
const token = await new jose_1.SignJWT({ sub: 'user-987' })
|
|
87
|
+
.setProtectedHeader({ alg: 'RS256', kid: signingMaterial.jwk.kid })
|
|
88
|
+
.setAudience(audience)
|
|
89
|
+
.setIssuer(issuer)
|
|
90
|
+
.sign(key);
|
|
91
|
+
await expect(verifier.verify(token, {
|
|
92
|
+
algorithms: ['RS256'],
|
|
93
|
+
audience: `${audience}-mismatch`,
|
|
94
|
+
issuer
|
|
95
|
+
})).rejects.toMatchObject({
|
|
96
|
+
status: 401,
|
|
97
|
+
message: expect.stringContaining('unexpected "aud" claim value')
|
|
98
|
+
});
|
|
99
|
+
});
|
|
100
|
+
it('rejects malformed tokens before attempting JWKS lookup', async () => {
|
|
101
|
+
const { verifier, getKeysInterceptor } = buildJwtVerifier(signingMaterial.jwk);
|
|
102
|
+
await expect(verifier.verify('definitely-not-a-jwt')).rejects.toThrow('Invalid token specified');
|
|
103
|
+
expect(getKeysInterceptor).not.toHaveBeenCalled();
|
|
104
|
+
});
|
|
105
|
+
});
|
|
106
|
+
//# sourceMappingURL=verifier.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verifier.test.js","sourceRoot":"","sources":["../../src/jwt/verifier.test.ts"],"names":[],"mappings":";;AAAA,6CAAkD;AAClD,+BAA4C;AAE5C,yCAAqE;AAQrE,MAAM,MAAM,GAAG,UAAU,CAAC;AAE1B,MAAM,qBAAqB,GAAG,CAAC,GAAG,GAAG,MAAM,EAAmB,EAAE;IAC9D,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,IAAA,iCAAmB,EAAC,KAAK,EAAE;QAC3D,aAAa,EAAE,IAAI;KACpB,CAAC,CAAC;IAEH,MAAM,GAAG,GAAG;QACV,GAAG,SAAS,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;QACtC,GAAG;QACH,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,KAAK;KACe,CAAC;IAE5B,OAAO;QACL,GAAG;QACH,aAAa,EAAE,UAAU,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,QAAQ,EAAE;KAC9E,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,gBAAgB,GAAG,CAAC,GAA2B,EAAE,EAAE;IACvD,MAAM,kBAAkB,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAEtD,MAAM,OAAO,GAAuB;QAClC,OAAO,EAAE,2CAA2C;QACpD,KAAK,EAAE,KAAK;QACZ,kBAAkB;KACnB,CAAC;IAEF,OAAO,EAAE,QAAQ,EAAE,IAAI,sBAAW,CAAC,OAAO,CAAC,EAAE,kBAAkB,EAAE,CAAC;AACpE,CAAC,CAAC;AAEF,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;IAC3B,IAAI,eAAgC,CAAC;IACrC,SAAS,CAAC,GAAG,EAAE;QACb,eAAe,GAAG,qBAAqB,EAAE,CAAC;IAC5C,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,6CAA6C,EAAE,KAAK,IAAI,EAAE;QAC3D,MAAM,EAAE,QAAQ,EAAE,kBAAkB,EAAE,GAAG,gBAAgB,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QAI/E,MAAM,OAAO,GAAiB;YAC5B,GAAG,EAAE,UAAU;YACf,KAAK,EAAE,UAAU;SAClB,CAAC;QAEF,MAAM,GAAG,GAAG,MAAM,IAAA,kBAAW,EAAC,eAAe,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QACtE,MAAM,KAAK,GAAG,MAAM,IAAI,cAAO,CAAC,OAAO,CAAC,CAAC,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEtH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAe,KAAK,CAAC,CAAC;QAE1D,MAAM,CAAC,kBAAkB,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QACpD,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2EAA2E,EAAE,KAAK,IAAI,EAAE;QACzF,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QAE3D,MAAM,aAAa,GAAG,qBAAqB,EAAE,CAAC;QAE9C,MAAM,UAAU,GAAG,MAAM,IAAA,kBAAW,EAAC,aAAa,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QAC3E,MAAM,YAAY,GAAG,MAAM,IAAI,cAAO,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC;aACxD,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;aAClE,IAAI,CAAC,UAAU,CAAC,CAAC;QAEpB,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC;YAChE,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,MAAM,CAAC,gBAAgB,CAAC,+BAA+B,CAAC;SAClE,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;QACtE,MAAM,EAAE,QAAQ,EAAE,kBAAkB,EAAE,GAAG,gBAAgB,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QAI/E,MAAM,QAAQ,GAAG,YAAY,CAAC;QAC9B,MAAM,MAAM,GAAG,4BAA4B,CAAC;QAE5C,MAAM,GAAG,GAAG,MAAM,IAAA,kBAAW,EAAC,eAAe,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QACtE,MAAM,KAAK,GAAG,MAAM,IAAI,cAAO,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC;aACjD,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;aAClE,WAAW,CAAC,QAAQ,CAAC;aACrB,SAAS,CAAC,MAAM,CAAC;aACjB,IAAI,CAAC,GAAG,CAAC,CAAC;QAEb,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAgB,KAAK,EAAE;YACzD,UAAU,EAAE,CAAC,OAAO,CAAC;YACrB,QAAQ;YACR,MAAM;SACP,CAAC,CAAC;QAEH,MAAM,CAAC,kBAAkB,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QACpD,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACpC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAClC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6CAA6C,EAAE,KAAK,IAAI,EAAE;QAC3D,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QAE3D,MAAM,QAAQ,GAAG,YAAY,CAAC;QAC9B,MAAM,MAAM,GAAG,4BAA4B,CAAC;QAE5C,MAAM,GAAG,GAAG,MAAM,IAAA,kBAAW,EAAC,eAAe,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QACtE,MAAM,KAAK,GAAG,MAAM,IAAI,cAAO,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC;aACjD,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;aAClE,WAAW,CAAC,QAAQ,CAAC;aACrB,SAAS,CAAC,MAAM,CAAC;aACjB,IAAI,CAAC,GAAG,CAAC,CAAC;QAEb,MAAM,MAAM,CACV,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE;YACrB,UAAU,EAAE,CAAC,OAAO,CAAC;YACrB,QAAQ,EAAE,GAAG,QAAQ,WAAW;YAChC,MAAM;SACP,CAAC,CACH,CAAC,OAAO,CAAC,aAAa,CAAC;YACtB,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,MAAM,CAAC,gBAAgB,CAAC,8BAA8B,CAAC;SACjE,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;QACtE,MAAM,EAAE,QAAQ,EAAE,kBAAkB,EAAE,GAAG,gBAAgB,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QAE/E,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,yBAAyB,CAAC,CAAC;QACjG,MAAM,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;IACpD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -190,6 +190,9 @@ export interface ServerMethods {
|
|
|
190
190
|
branchName?: string;
|
|
191
191
|
}, GetMultiPageApplicationResponseBody>;
|
|
192
192
|
liveEditDirectoryContents: {
|
|
193
|
+
/**
|
|
194
|
+
* @deprecated Use `v3.application.directoryContents.get` instead.
|
|
195
|
+
*/
|
|
193
196
|
get: ServerMethodSchema<{
|
|
194
197
|
applicationId: string;
|
|
195
198
|
branchName?: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protocol.d.ts","sourceRoot":"","sources":["../../src/socket/protocol.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,cAAc,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AAC9F,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,SAAS,EAAE,WAAW,EAAE,8BAA8B,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjI,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAC;AAClE,OAAO,EACL,wBAAwB,EACxB,2BAA2B,EAC3B,iCAAiC,EACjC,kCAAkC,EAClC,mCAAmC,EACnC,kBAAkB,EAClB,iBAAiB,EACjB,WAAW,EACX,+BAA+B,EAC/B,uCAAuC,EACvC,gCAAgC,EAChC,eAAe,EACf,YAAY,EACZ,+BAA+B,EAC/B,cAAc,EACd,gBAAgB,EAChB,qBAAqB,EACrB,sBAAsB,EACtB,4BAA4B,EAC5B,YAAY,EACb,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEvC,eAAO,MAAM,YAAY,cAAc,CAAC;AAExC,KAAK,WAAW,CAAC,CAAC,IAAI;IACpB,YAAY,EAAE,YAAY,CAAC;IAC3B,IAAI,EAAE,CAAC,CAAC;CACT,CAAC;AAEF,KAAK,kBAAkB,CAAC,MAAM,EAAE,QAAQ,IAAI,YAAY,CAAC,MAAM,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC;AAGxF,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE;QACF,IAAI,EAAE,kBAAkB,CAAC;YAAE,OAAO,EAAE,MAAM,CAAA;SAAE,EAAE;YAAE,OAAO,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QACnE,MAAM,EAAE;YACN,WAAW,EAAE;gBACX,SAAS,EAAE;oBACT,QAAQ,EAAE,kBAAkB,CAC1B;wBACE,aAAa,EAAE,MAAM,CAAC;wBACtB,UAAU,EAAE,MAAM,CAAC;wBACnB,UAAU,EAAE,MAAM,CAAC;wBACnB,cAAc,EAAE,MAAM,CAAC;wBACvB,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;qBACrC,EACD;wBAAE,OAAO,EAAE,OAAO,CAAA;qBAAE,CACrB,CAAC;oBACF,MAAM,EAAE,kBAAkB,CACxB;wBACE,aAAa,EAAE,MAAM,CAAC;wBACtB,UAAU,CAAC,EAAE,MAAM,CAAC;wBACpB,QAAQ,EAAE,MAAM,EAAE,CAAC;wBACnB,UAAU,EAAE,MAAM,EAAE,CAAC;wBACrB,oBAAoB,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;wBAC5C,UAAU,EAAE,MAAM,GAAG,SAAS,CAAC;wBAC/B,gBAAgB,EAAE,MAAM,CAAC;wBACzB,eAAe,EAAE,OAAO,CAAC;qBAC1B,EACD;wBAAE,OAAO,EAAE,OAAO,CAAA;qBAAE,CACrB,CAAC;iBACH,CAAC;gBACF,UAAU,EAAE,kBAAkB,CAC5B;oBACE,aAAa,EAAE,MAAM,CAAC;oBACtB,UAAU,EAAE,MAAM,CAAC;oBACnB,QAAQ,EAAE,MAAM,CAAC;oBACjB,aAAa,EAAE,MAAM,CAAC;oBACtB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBACrC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAC9B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;oBAChC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;iBACnC,EACD,eAAe,CAChB,CAAC;aACH,CAAC;YACF,GAAG,EAAE;gBACH,UAAU,EAAE,kBAAkB,CAC5B;oBACE,KAAK,EAAE,MAAM,CAAC;oBACd,UAAU,EAAE,MAAM,CAAC;oBACnB,QAAQ,EAAE,MAAM,CAAC;oBACjB,aAAa,EAAE,MAAM,CAAC;oBACtB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAC/B,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAClC,UAAU,CAAC,EAAE,OAAO,CAAC;iBACtB,EACD,eAAe,GAAG;oBAAE,OAAO,EAAE,IAAI,CAAA;iBAAE,CACpC,CAAC;gBACF,GAAG,EAAE,kBAAkB,CAAC;oBAAE,KAAK,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,QAAQ,EAAE,cAAc,CAAC;oBAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;iBAAE,EAAE,gBAAgB,CAAC,CAAC;aAChI,CAAC;SACH,CAAC;QACF,IAAI,EAAE;YACJ,YAAY,EAAE;gBACZ,GAAG,EAAE,kBAAkB,CAAC;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;gBAChE,SAAS,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;gBAC7F,GAAG,EAAE,kBAAkB,CAAC;oBAAE,QAAQ,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;aACjE,CAAC;YACF,iBAAiB,EAAE;gBACjB,GAAG,EAAE,kBAAkB,CAAC;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,cAAc,EAAE,CAAA;iBAAE,CAAC,CAAC;gBAC1E,SAAS,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,cAAc,EAAE,CAAA;iBAAE,CAAC,CAAC;gBACvG,GAAG,EAAE,kBAAkB,CAAC;oBAAE,QAAQ,EAAE,cAAc,EAAE,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;aAC3E,CAAC;YACF;;;;eAIG;YACH,OAAO,EAAE,kBAAkB,CAAC,qBAAqB,EAAE,sBAAsB,CAAC,CAAC;SAC5E,CAAC;QACF,EAAE,EAAE;YACF,IAAI,EAAE;gBACJ,WAAW,EAAE,kBAAkB,CAC7B;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,OAAO,EAAE,oBAAoB,CAAC;oBAAC,OAAO,CAAC,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;iBAAE,EACtG,IAAI,CACL,CAAC;gBACF,WAAW,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAA;iBAAE,CAAC,CAAC;gBACzH,GAAG,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;iBAAE,EAAE,IAAI,CAAC,CAAC;aACtF,CAAC;SACH,CAAC;KACH,CAAC;IACF,EAAE,EAAE;QACF,WAAW,EAAE;YACX,MAAM,EAAE,kBAAkB,CAAC,gCAAgC,EAAE,iBAAiB,CAAC,CAAC;YAChF,KAAK,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAA;aAAE,EAAE,iBAAiB,CAAC,CAAC;YACxE,YAAY,EAAE,kBAAkB,CAC9B;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,cAAc,EAAE,MAAM,CAAA;aAAE,EACrE,uCAAuC,CACxC,CAAC;YACF,IAAI,EAAE;gBACJ,KAAK,EAAE,kBAAkB,CACvB,2BAA2B,EAC3B;oBACE,IAAI,EAAE,WAAW,CAAC;oBAClB,OAAO,EAAE,IAAI,CAAC;oBACd,SAAS,EAAE,8BAA8B,GAAG,IAAI,CAAC;oBACjD,aAAa,EAAE,wBAAwB,CAAC;iBACzC,CACF,CAAC;gBACF,MAAM,EAAE,kBAAkB,CAAC,kCAAkC,EAAE,iCAAiC,CAAC,CAAC;aACnG,CAAC;YACF,cAAc,EAAE,kBAAkB,CAAC,qBAAqB,EAAE,sBAAsB,CAAC,CAAC;SACnF,CAAC;QACF,MAAM,EAAE;YACN,WAAW,EAAE;gBACX,UAAU,EAAE,kBAAkB,CAC5B;oBACE,aAAa,EAAE,MAAM,CAAC;oBACtB,UAAU,EAAE,MAAM,CAAC;oBACnB,QAAQ,EAAE,MAAM,CAAC;oBACjB,aAAa,EAAE,MAAM,CAAC;oBACtB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBACrC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;oBACjC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;oBAChC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAClC,UAAU,CAAC,EAAE,OAAO,CAAC;iBACtB,EACD,eAAe,GAAG;oBAAE,OAAO,EAAE,IAAI,CAAA;iBAAE,CACpC,CAAC;gBACF,GAAG,EAAE,kBAAkB,CACrB;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,QAAQ,EAAE,cAAc,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;iBAAE,EAC3F,+BAA+B,CAChC,CAAC;aACH,CAAC;SACH,CAAC;KACH,CAAC;IACF,EAAE,EAAE;QACF,WAAW,EAAE;YACX,GAAG,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,CAAC,EAAE,MAAM,CAAA;aAAE,EAAE,mCAAmC,CAAC,CAAC;YAC7G,yBAAyB,EAAE;gBACzB,GAAG,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;gBAC1F,GAAG,EAAE,kBAAkB,CACrB;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,IAAI,EAAE,MAAM,CAAC;oBAAC,MAAM,CAAC,EAAE,MAAM,CAAA;iBAAE,EAC7E;oBAAE,IAAI,EAAE,MAAM,CAAC;oBAAC,YAAY,CAAC,EAAE,YAAY,CAAA;iBAAE,CAC9C,CAAC;aACH,CAAC;YACF,iBAAiB,EAAE;gBACjB,GAAG,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,QAAQ,EAAE,cAAc,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;aACrH,CAAC;YACF,UAAU,EAAE,kBAAkB,CAC5B;gBACE,aAAa,EAAE,MAAM,CAAC;gBACtB,MAAM,CAAC,EAAE,MAAM,CAAC;gBAChB,kBAAkB,EAAE,MAAM,CAAC;gBAC3B,QAAQ,EAAE,MAAM,CAAC;gBACjB,aAAa,EAAE,MAAM,CAAC;gBACtB,SAAS,CAAC,EAAE,OAAO,CAAC;gBACpB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAClC,UAAU,CAAC,EAAE,OAAO,CAAC;gBACrB,aAAa,CAAC,EAAE,MAAM,CAAC;aACxB,EACD,eAAe,CAChB,CAAC;SACH,CAAC;QACF,GAAG,EAAE;YACH,YAAY,EAAE,kBAAkB,CAAC;gBAAE,KAAK,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,cAAc,EAAE,MAAM,CAAA;aAAE,EAAE,+BAA+B,CAAC,CAAC;YACjI,GAAG,EAAE,kBAAkB,CAAC;gBAAE,KAAK,EAAE,MAAM,CAAC;gBAAC,UAAU,CAAC,EAAE,MAAM,CAAA;aAAE,EAAE,kBAAkB,CAAC,CAAC;SACrF,CAAC;QACF,IAAI,EAAE;YACJ,OAAO,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,WAAW,EAAE,MAAM,CAAA;aAAE,EAAE,4BAA4B,CAAC,CAAC;YAC9H,OAAO,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,MAAM,CAAA;aAAE,EAAE,IAAI,CAAC,CAAC;YACjG,IAAI,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,MAAM,CAAA;aAAE,EAAE,4BAA4B,CAAC,CAAC;SACvH,CAAC;KACH,CAAC;CACH;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE;QACF,OAAO,EAAE;YACP,eAAe,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,SAAS,CAAA;aAAE,EAAE;gBAAE,SAAS,EAAE,SAAS,CAAA;aAAE,CAAC,CAAC;YACnG,QAAQ,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,SAAS,EAAE,CAAA;aAAE,EAAE;gBAAE,UAAU,EAAE,SAAS,EAAE,CAAA;aAAE,CAAC,CAAC;YACjG,iBAAiB,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,QAAQ,EAAE,WAAW,CAAA;aAAE,EAAE;gBAAE,EAAE,EAAE,OAAO,CAAA;aAAE,CAAC,CAAC;YAChG,SAAS,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,QAAQ,EAAE,WAAW,EAAE,CAAA;aAAE,EAAE;gBAAE,EAAE,EAAE,OAAO,CAAA;aAAE,CAAC,CAAC;SAC3F,CAAC;KACH,CAAC;CACH"}
|
|
1
|
+
{"version":3,"file":"protocol.d.ts","sourceRoot":"","sources":["../../src/socket/protocol.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,cAAc,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AAC9F,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,SAAS,EAAE,WAAW,EAAE,8BAA8B,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjI,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAC;AAClE,OAAO,EACL,wBAAwB,EACxB,2BAA2B,EAC3B,iCAAiC,EACjC,kCAAkC,EAClC,mCAAmC,EACnC,kBAAkB,EAClB,iBAAiB,EACjB,WAAW,EACX,+BAA+B,EAC/B,uCAAuC,EACvC,gCAAgC,EAChC,eAAe,EACf,YAAY,EACZ,+BAA+B,EAC/B,cAAc,EACd,gBAAgB,EAChB,qBAAqB,EACrB,sBAAsB,EACtB,4BAA4B,EAC5B,YAAY,EACb,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEvC,eAAO,MAAM,YAAY,cAAc,CAAC;AAExC,KAAK,WAAW,CAAC,CAAC,IAAI;IACpB,YAAY,EAAE,YAAY,CAAC;IAC3B,IAAI,EAAE,CAAC,CAAC;CACT,CAAC;AAEF,KAAK,kBAAkB,CAAC,MAAM,EAAE,QAAQ,IAAI,YAAY,CAAC,MAAM,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC;AAGxF,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE;QACF,IAAI,EAAE,kBAAkB,CAAC;YAAE,OAAO,EAAE,MAAM,CAAA;SAAE,EAAE;YAAE,OAAO,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QACnE,MAAM,EAAE;YACN,WAAW,EAAE;gBACX,SAAS,EAAE;oBACT,QAAQ,EAAE,kBAAkB,CAC1B;wBACE,aAAa,EAAE,MAAM,CAAC;wBACtB,UAAU,EAAE,MAAM,CAAC;wBACnB,UAAU,EAAE,MAAM,CAAC;wBACnB,cAAc,EAAE,MAAM,CAAC;wBACvB,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;qBACrC,EACD;wBAAE,OAAO,EAAE,OAAO,CAAA;qBAAE,CACrB,CAAC;oBACF,MAAM,EAAE,kBAAkB,CACxB;wBACE,aAAa,EAAE,MAAM,CAAC;wBACtB,UAAU,CAAC,EAAE,MAAM,CAAC;wBACpB,QAAQ,EAAE,MAAM,EAAE,CAAC;wBACnB,UAAU,EAAE,MAAM,EAAE,CAAC;wBACrB,oBAAoB,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;wBAC5C,UAAU,EAAE,MAAM,GAAG,SAAS,CAAC;wBAC/B,gBAAgB,EAAE,MAAM,CAAC;wBACzB,eAAe,EAAE,OAAO,CAAC;qBAC1B,EACD;wBAAE,OAAO,EAAE,OAAO,CAAA;qBAAE,CACrB,CAAC;iBACH,CAAC;gBACF,UAAU,EAAE,kBAAkB,CAC5B;oBACE,aAAa,EAAE,MAAM,CAAC;oBACtB,UAAU,EAAE,MAAM,CAAC;oBACnB,QAAQ,EAAE,MAAM,CAAC;oBACjB,aAAa,EAAE,MAAM,CAAC;oBACtB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBACrC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAC9B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;oBAChC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;iBACnC,EACD,eAAe,CAChB,CAAC;aACH,CAAC;YACF,GAAG,EAAE;gBACH,UAAU,EAAE,kBAAkB,CAC5B;oBACE,KAAK,EAAE,MAAM,CAAC;oBACd,UAAU,EAAE,MAAM,CAAC;oBACnB,QAAQ,EAAE,MAAM,CAAC;oBACjB,aAAa,EAAE,MAAM,CAAC;oBACtB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAC/B,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAClC,UAAU,CAAC,EAAE,OAAO,CAAC;iBACtB,EACD,eAAe,GAAG;oBAAE,OAAO,EAAE,IAAI,CAAA;iBAAE,CACpC,CAAC;gBACF,GAAG,EAAE,kBAAkB,CAAC;oBAAE,KAAK,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,QAAQ,EAAE,cAAc,CAAC;oBAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;iBAAE,EAAE,gBAAgB,CAAC,CAAC;aAChI,CAAC;SACH,CAAC;QACF,IAAI,EAAE;YACJ,YAAY,EAAE;gBACZ,GAAG,EAAE,kBAAkB,CAAC;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;gBAChE,SAAS,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;gBAC7F,GAAG,EAAE,kBAAkB,CAAC;oBAAE,QAAQ,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;aACjE,CAAC;YACF,iBAAiB,EAAE;gBACjB,GAAG,EAAE,kBAAkB,CAAC;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,cAAc,EAAE,CAAA;iBAAE,CAAC,CAAC;gBAC1E,SAAS,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,cAAc,EAAE,CAAA;iBAAE,CAAC,CAAC;gBACvG,GAAG,EAAE,kBAAkB,CAAC;oBAAE,QAAQ,EAAE,cAAc,EAAE,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;aAC3E,CAAC;YACF;;;;eAIG;YACH,OAAO,EAAE,kBAAkB,CAAC,qBAAqB,EAAE,sBAAsB,CAAC,CAAC;SAC5E,CAAC;QACF,EAAE,EAAE;YACF,IAAI,EAAE;gBACJ,WAAW,EAAE,kBAAkB,CAC7B;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,OAAO,EAAE,oBAAoB,CAAC;oBAAC,OAAO,CAAC,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;iBAAE,EACtG,IAAI,CACL,CAAC;gBACF,WAAW,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAA;iBAAE,CAAC,CAAC;gBACzH,GAAG,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;iBAAE,EAAE,IAAI,CAAC,CAAC;aACtF,CAAC;SACH,CAAC;KACH,CAAC;IACF,EAAE,EAAE;QACF,WAAW,EAAE;YACX,MAAM,EAAE,kBAAkB,CAAC,gCAAgC,EAAE,iBAAiB,CAAC,CAAC;YAChF,KAAK,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAA;aAAE,EAAE,iBAAiB,CAAC,CAAC;YACxE,YAAY,EAAE,kBAAkB,CAC9B;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,cAAc,EAAE,MAAM,CAAA;aAAE,EACrE,uCAAuC,CACxC,CAAC;YACF,IAAI,EAAE;gBACJ,KAAK,EAAE,kBAAkB,CACvB,2BAA2B,EAC3B;oBACE,IAAI,EAAE,WAAW,CAAC;oBAClB,OAAO,EAAE,IAAI,CAAC;oBACd,SAAS,EAAE,8BAA8B,GAAG,IAAI,CAAC;oBACjD,aAAa,EAAE,wBAAwB,CAAC;iBACzC,CACF,CAAC;gBACF,MAAM,EAAE,kBAAkB,CAAC,kCAAkC,EAAE,iCAAiC,CAAC,CAAC;aACnG,CAAC;YACF,cAAc,EAAE,kBAAkB,CAAC,qBAAqB,EAAE,sBAAsB,CAAC,CAAC;SACnF,CAAC;QACF,MAAM,EAAE;YACN,WAAW,EAAE;gBACX,UAAU,EAAE,kBAAkB,CAC5B;oBACE,aAAa,EAAE,MAAM,CAAC;oBACtB,UAAU,EAAE,MAAM,CAAC;oBACnB,QAAQ,EAAE,MAAM,CAAC;oBACjB,aAAa,EAAE,MAAM,CAAC;oBACtB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBACrC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;oBACjC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;oBAChC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAClC,UAAU,CAAC,EAAE,OAAO,CAAC;iBACtB,EACD,eAAe,GAAG;oBAAE,OAAO,EAAE,IAAI,CAAA;iBAAE,CACpC,CAAC;gBACF,GAAG,EAAE,kBAAkB,CACrB;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,QAAQ,EAAE,cAAc,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;iBAAE,EAC3F,+BAA+B,CAChC,CAAC;aACH,CAAC;SACH,CAAC;KACH,CAAC;IACF,EAAE,EAAE;QACF,WAAW,EAAE;YACX,GAAG,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,CAAC,EAAE,MAAM,CAAA;aAAE,EAAE,mCAAmC,CAAC,CAAC;YAC7G,yBAAyB,EAAE;gBACzB;;mBAEG;gBACH,GAAG,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;gBAC1F,GAAG,EAAE,kBAAkB,CACrB;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,IAAI,EAAE,MAAM,CAAC;oBAAC,MAAM,CAAC,EAAE,MAAM,CAAA;iBAAE,EAC7E;oBAAE,IAAI,EAAE,MAAM,CAAC;oBAAC,YAAY,CAAC,EAAE,YAAY,CAAA;iBAAE,CAC9C,CAAC;aACH,CAAC;YACF,iBAAiB,EAAE;gBACjB,GAAG,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,QAAQ,EAAE,cAAc,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;aACrH,CAAC;YACF,UAAU,EAAE,kBAAkB,CAC5B;gBACE,aAAa,EAAE,MAAM,CAAC;gBACtB,MAAM,CAAC,EAAE,MAAM,CAAC;gBAChB,kBAAkB,EAAE,MAAM,CAAC;gBAC3B,QAAQ,EAAE,MAAM,CAAC;gBACjB,aAAa,EAAE,MAAM,CAAC;gBACtB,SAAS,CAAC,EAAE,OAAO,CAAC;gBACpB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAClC,UAAU,CAAC,EAAE,OAAO,CAAC;gBACrB,aAAa,CAAC,EAAE,MAAM,CAAC;aACxB,EACD,eAAe,CAChB,CAAC;SACH,CAAC;QACF,GAAG,EAAE;YACH,YAAY,EAAE,kBAAkB,CAAC;gBAAE,KAAK,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,cAAc,EAAE,MAAM,CAAA;aAAE,EAAE,+BAA+B,CAAC,CAAC;YACjI,GAAG,EAAE,kBAAkB,CAAC;gBAAE,KAAK,EAAE,MAAM,CAAC;gBAAC,UAAU,CAAC,EAAE,MAAM,CAAA;aAAE,EAAE,kBAAkB,CAAC,CAAC;SACrF,CAAC;QACF,IAAI,EAAE;YACJ,OAAO,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,WAAW,EAAE,MAAM,CAAA;aAAE,EAAE,4BAA4B,CAAC,CAAC;YAC9H,OAAO,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,MAAM,CAAA;aAAE,EAAE,IAAI,CAAC,CAAC;YACjG,IAAI,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,MAAM,CAAA;aAAE,EAAE,4BAA4B,CAAC,CAAC;SACvH,CAAC;KACH,CAAC;CACH;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE;QACF,OAAO,EAAE;YACP,eAAe,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,SAAS,CAAA;aAAE,EAAE;gBAAE,SAAS,EAAE,SAAS,CAAA;aAAE,CAAC,CAAC;YACnG,QAAQ,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,SAAS,EAAE,CAAA;aAAE,EAAE;gBAAE,UAAU,EAAE,SAAS,EAAE,CAAA;aAAE,CAAC,CAAC;YACjG,iBAAiB,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,QAAQ,EAAE,WAAW,CAAA;aAAE,EAAE;gBAAE,EAAE,EAAE,OAAO,CAAA;aAAE,CAAC,CAAC;YAChG,SAAS,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,QAAQ,EAAE,WAAW,EAAE,CAAA;aAAE,EAAE;gBAAE,EAAE,EAAE,OAAO,CAAA;aAAE,CAAC,CAAC;SAC3F,CAAC;KACH,CAAC;CACH"}
|
package/dist-esm/index.d.ts
CHANGED
package/dist-esm/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC;AACzB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,cAAc,WAAW,CAAC;AAC1B,cAAc,aAAa,CAAC;AAC5B,cAAc,iBAAiB,CAAC;AAChC,cAAc,aAAa,CAAC;AAC5B,cAAc,kBAAkB,CAAC;AACjC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,SAAS,CAAC;AACxB,cAAc,cAAc,CAAC;AAC7B,cAAc,sBAAsB,CAAC;AACrC,cAAc,UAAU,CAAC;AACzB,cAAc,WAAW,CAAC;AAC1B,cAAc,YAAY,CAAC;AAC3B,cAAc,eAAe,CAAC;AAC9B,cAAc,QAAQ,CAAC;AACvB,cAAc,4BAA4B,CAAC;AAC3C,cAAc,qBAAqB,CAAC;AACpC,cAAc,yBAAyB,CAAC;AACxC,cAAc,0BAA0B,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC;AACzB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,cAAc,WAAW,CAAC;AAC1B,cAAc,aAAa,CAAC;AAC5B,cAAc,iBAAiB,CAAC;AAChC,cAAc,aAAa,CAAC;AAC5B,cAAc,kBAAkB,CAAC;AACjC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,SAAS,CAAC;AACxB,cAAc,cAAc,CAAC;AAC7B,cAAc,sBAAsB,CAAC;AACrC,cAAc,UAAU,CAAC;AACzB,cAAc,WAAW,CAAC;AAC1B,cAAc,YAAY,CAAC;AAC3B,cAAc,eAAe,CAAC;AAC9B,cAAc,QAAQ,CAAC;AACvB,cAAc,4BAA4B,CAAC;AAC3C,cAAc,qBAAqB,CAAC;AACpC,cAAc,yBAAyB,CAAC;AACxC,cAAc,0BAA0B,CAAC;AACzC,cAAc,OAAO,CAAC"}
|
package/dist-esm/index.js
CHANGED
package/dist-esm/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC;AACzB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,cAAc,WAAW,CAAC;AAC1B,cAAc,aAAa,CAAC;AAC5B,cAAc,iBAAiB,CAAC;AAChC,cAAc,aAAa,CAAC;AAC5B,cAAc,kBAAkB,CAAC;AACjC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,SAAS,CAAC;AACxB,cAAc,cAAc,CAAC;AAC7B,cAAc,sBAAsB,CAAC;AACrC,cAAc,UAAU,CAAC;AACzB,cAAc,WAAW,CAAC;AAC1B,cAAc,YAAY,CAAC;AAC3B,cAAc,eAAe,CAAC;AAC9B,cAAc,QAAQ,CAAC;AACvB,cAAc,4BAA4B,CAAC;AAC3C,cAAc,qBAAqB,CAAC;AACpC,cAAc,yBAAyB,CAAC;AACxC,cAAc,0BAA0B,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC;AACzB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,cAAc,WAAW,CAAC;AAC1B,cAAc,aAAa,CAAC;AAC5B,cAAc,iBAAiB,CAAC;AAChC,cAAc,aAAa,CAAC;AAC5B,cAAc,kBAAkB,CAAC;AACjC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,SAAS,CAAC;AACxB,cAAc,cAAc,CAAC;AAC7B,cAAc,sBAAsB,CAAC;AACrC,cAAc,UAAU,CAAC;AACzB,cAAc,WAAW,CAAC;AAC1B,cAAc,YAAY,CAAC;AAC3B,cAAc,eAAe,CAAC;AAC9B,cAAc,QAAQ,CAAC;AACvB,cAAc,4BAA4B,CAAC;AAC3C,cAAc,qBAAqB,CAAC;AACpC,cAAc,yBAAyB,CAAC;AACxC,cAAc,0BAA0B,CAAC;AACzC,cAAc,OAAO,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/jwt/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/jwt/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC"}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
import type { JWTPayload, JWTVerifyOptions } from 'jose';
|
|
2
|
+
/**
|
|
3
|
+
* Verifies JWTs using a JWKS endpoint to resolve signing keys on demand.
|
|
4
|
+
*/
|
|
5
|
+
export declare class JwtVerifier {
|
|
6
|
+
private readonly options;
|
|
7
|
+
constructor(options: JwtVerifierOptions);
|
|
8
|
+
verify<T extends JWTPayload>(token: string, options?: JWTVerifyOptions): Promise<T>;
|
|
9
|
+
private resolveJwkSet;
|
|
10
|
+
}
|
|
11
|
+
/**
|
|
12
|
+
* Options that configure how the verifier fetches and caches JWKS signing keys.
|
|
13
|
+
*/
|
|
14
|
+
export interface JwtVerifierOptions {
|
|
15
|
+
jwksUri: string;
|
|
16
|
+
rateLimit?: boolean;
|
|
17
|
+
cache?: boolean;
|
|
18
|
+
cacheMaxEntries?: number;
|
|
19
|
+
cacheMaxAge?: number;
|
|
20
|
+
jwksRequestsPerMinute?: number;
|
|
21
|
+
proxy?: string;
|
|
22
|
+
requestHeaders?: Headers;
|
|
23
|
+
timeoutMs?: number;
|
|
24
|
+
fetcher?(jwksUri: string): Promise<{
|
|
25
|
+
keys: unknown;
|
|
26
|
+
}>;
|
|
27
|
+
getKeysInterceptor?(): Promise<JwtKey[]>;
|
|
28
|
+
}
|
|
29
|
+
export type Headers = Record<string, string>;
|
|
30
|
+
export interface JwtKey {
|
|
31
|
+
kty: string;
|
|
32
|
+
kid: string;
|
|
33
|
+
alg: string;
|
|
34
|
+
[key: string]: unknown;
|
|
35
|
+
}
|
|
36
|
+
//# sourceMappingURL=verifier.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verifier.d.ts","sourceRoot":"","sources":["../../src/jwt/verifier.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,gBAAgB,EAAuB,MAAM,MAAM,CAAC;AAI9E;;GAEG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAqB;gBACjC,OAAO,EAAE,kBAAkB;IAIjC,MAAM,CAAC,CAAC,SAAS,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,OAAO,CAAC,CAAC,CAAC;YAwB3E,aAAa;CA+B5B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,OAAO,CAAA;KAAE,CAAC,CAAC;IACtD,kBAAkB,CAAC,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;CAC1C;AAED,MAAM,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAE7C,MAAM,WAAW,MAAM;IACrB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB"}
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
import { createLocalJWKSet, createRemoteJWKSet, decodeProtectedHeader, jwtVerify } from 'jose';
|
|
2
|
+
import { isEmpty } from 'lodash';
|
|
3
|
+
import { UnauthorizedError } from '../errors';
|
|
4
|
+
/**
|
|
5
|
+
* Verifies JWTs using a JWKS endpoint to resolve signing keys on demand.
|
|
6
|
+
*/
|
|
7
|
+
export class JwtVerifier {
|
|
8
|
+
constructor(options) {
|
|
9
|
+
this.options = options;
|
|
10
|
+
}
|
|
11
|
+
async verify(token, options) {
|
|
12
|
+
let kid;
|
|
13
|
+
try {
|
|
14
|
+
const header = decodeProtectedHeader(token);
|
|
15
|
+
kid = header.kid;
|
|
16
|
+
}
|
|
17
|
+
catch {
|
|
18
|
+
// Preserve legacy error message relied upon by tests
|
|
19
|
+
throw new Error('Invalid token specified');
|
|
20
|
+
}
|
|
21
|
+
if (isEmpty(kid)) {
|
|
22
|
+
throw new UnauthorizedError('Invalid JWT as kid header is missing.');
|
|
23
|
+
}
|
|
24
|
+
const jwkSet = await this.resolveJwkSet();
|
|
25
|
+
try {
|
|
26
|
+
const result = await jwtVerify(token, jwkSet, options);
|
|
27
|
+
return result.payload;
|
|
28
|
+
}
|
|
29
|
+
catch (err) {
|
|
30
|
+
throw new UnauthorizedError(`JWT verification failed: ${err.message}`);
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
async resolveJwkSet() {
|
|
34
|
+
// Prefer interceptor-provided keys for explicit testability and control
|
|
35
|
+
if (this.options.getKeysInterceptor) {
|
|
36
|
+
const keys = await this.options.getKeysInterceptor();
|
|
37
|
+
if (isEmpty(keys)) {
|
|
38
|
+
throw new UnauthorizedError('JWT could not be verified as no corresponding public key was found.');
|
|
39
|
+
}
|
|
40
|
+
return createLocalJWKSet({ keys });
|
|
41
|
+
}
|
|
42
|
+
// Allow custom fetcher to provide JWKS out-of-band
|
|
43
|
+
if (this.options.fetcher) {
|
|
44
|
+
const jwks = await this.options.fetcher(this.options.jwksUri);
|
|
45
|
+
const keys = jwks.keys;
|
|
46
|
+
if (!Array.isArray(keys) || isEmpty(keys)) {
|
|
47
|
+
throw new UnauthorizedError('JWT could not be verified as no corresponding public key was found.');
|
|
48
|
+
}
|
|
49
|
+
return createLocalJWKSet({ keys });
|
|
50
|
+
}
|
|
51
|
+
// Default to remote JWKS. jose v5 supports headers/timeout; pass when provided.
|
|
52
|
+
const url = new URL(this.options.jwksUri);
|
|
53
|
+
const opts = {};
|
|
54
|
+
if (!isEmpty(this.options.requestHeaders)) {
|
|
55
|
+
opts.headers = this.options.requestHeaders;
|
|
56
|
+
}
|
|
57
|
+
if (!isEmpty(this.options.timeoutMs)) {
|
|
58
|
+
opts.timeoutDuration = this.options.timeoutMs;
|
|
59
|
+
}
|
|
60
|
+
return createRemoteJWKSet(url, opts);
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
//# sourceMappingURL=verifier.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verifier.js","sourceRoot":"","sources":["../../src/jwt/verifier.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AAE/F,OAAO,EAAE,OAAO,EAAE,MAAM,QAAQ,CAAC;AACjC,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAE9C;;GAEG;AACH,MAAM,OAAO,WAAW;IAEtB,YAAY,OAA2B;QACrC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,MAAM,CAAuB,KAAa,EAAE,OAA0B;QAC1E,IAAI,GAAuB,CAAC;QAC5B,IAAI;YACF,MAAM,MAAM,GAAG,qBAAqB,CAAC,KAAK,CAAC,CAAC;YAC5C,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC;SAClB;QAAC,MAAM;YACN,qDAAqD;YACrD,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;SAC5C;QAED,IAAI,OAAO,CAAC,GAAG,CAAC,EAAE;YAChB,MAAM,IAAI,iBAAiB,CAAC,uCAAuC,CAAC,CAAC;SACtE;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;QAE1C,IAAI;YACF,MAAM,MAAM,GAAG,MAAM,SAAS,CAAI,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;YAC1D,OAAO,MAAM,CAAC,OAAO,CAAC;SACvB;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,iBAAiB,CAAC,4BAA6B,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;SACnF;IACH,CAAC;IAEO,KAAK,CAAC,aAAa;QACzB,wEAAwE;QACxE,IAAI,IAAI,CAAC,OAAO,CAAC,kBAAkB,EAAE;YACnC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,kBAAkB,EAAE,CAAC;YACrD,IAAI,OAAO,CAAC,IAAI,CAAC,EAAE;gBACjB,MAAM,IAAI,iBAAiB,CAAC,qEAAqE,CAAC,CAAC;aACpG;YACD,OAAO,iBAAiB,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;SACpC;QAED,mDAAmD;QACnD,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;YACxB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC9D,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;YACvB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,EAAE;gBACzC,MAAM,IAAI,iBAAiB,CAAC,qEAAqE,CAAC,CAAC;aACpG;YACD,OAAO,iBAAiB,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;SACpC;QAED,gFAAgF;QAChF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC1C,MAAM,IAAI,GAAwB,EAAE,CAAC;QACrC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE;YACzC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC;SAC5C;QACD,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE;YACpC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC;SAC/C;QACD,OAAO,kBAAkB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACvC,CAAC;CACF"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verifier.test.d.ts","sourceRoot":"","sources":["../../src/jwt/verifier.test.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,104 @@
|
|
|
1
|
+
import { generateKeyPairSync } from 'node:crypto';
|
|
2
|
+
import { SignJWT, importPKCS8 } from 'jose';
|
|
3
|
+
import { JwtVerifier } from './verifier';
|
|
4
|
+
const KEY_ID = 'test-key';
|
|
5
|
+
const createSigningMaterial = (kid = KEY_ID) => {
|
|
6
|
+
const { publicKey, privateKey } = generateKeyPairSync('rsa', {
|
|
7
|
+
modulusLength: 2048
|
|
8
|
+
});
|
|
9
|
+
const jwk = {
|
|
10
|
+
...publicKey.export({ format: 'jwk' }),
|
|
11
|
+
kid,
|
|
12
|
+
alg: 'RS256',
|
|
13
|
+
use: 'sig'
|
|
14
|
+
};
|
|
15
|
+
return {
|
|
16
|
+
jwk,
|
|
17
|
+
privateKeyPem: privateKey.export({ type: 'pkcs8', format: 'pem' }).toString()
|
|
18
|
+
};
|
|
19
|
+
};
|
|
20
|
+
const buildJwtVerifier = (jwk) => {
|
|
21
|
+
const getKeysInterceptor = jest.fn(async () => [jwk]);
|
|
22
|
+
const options = {
|
|
23
|
+
jwksUri: 'https://example.com/.well-known/jwks.json',
|
|
24
|
+
cache: false,
|
|
25
|
+
getKeysInterceptor
|
|
26
|
+
};
|
|
27
|
+
return { verifier: new JwtVerifier(options), getKeysInterceptor };
|
|
28
|
+
};
|
|
29
|
+
describe('JwtVerifier', () => {
|
|
30
|
+
let signingMaterial;
|
|
31
|
+
beforeAll(() => {
|
|
32
|
+
signingMaterial = createSigningMaterial();
|
|
33
|
+
});
|
|
34
|
+
it('verifies a token with a matching JWKS entry', async () => {
|
|
35
|
+
const { verifier, getKeysInterceptor } = buildJwtVerifier(signingMaterial.jwk);
|
|
36
|
+
const payload = {
|
|
37
|
+
sub: 'user-123',
|
|
38
|
+
scope: 'read:all'
|
|
39
|
+
};
|
|
40
|
+
const key = await importPKCS8(signingMaterial.privateKeyPem, 'RS256');
|
|
41
|
+
const token = await new SignJWT(payload).setProtectedHeader({ alg: 'RS256', kid: signingMaterial.jwk.kid }).sign(key);
|
|
42
|
+
const result = await verifier.verify(token);
|
|
43
|
+
expect(getKeysInterceptor).toHaveBeenCalledTimes(1);
|
|
44
|
+
expect(result.sub).toBe(payload.sub);
|
|
45
|
+
expect(result.scope).toBe(payload.scope);
|
|
46
|
+
});
|
|
47
|
+
it('throws UnauthorizedError when the signature does not match the JWKS entry', async () => {
|
|
48
|
+
const { verifier } = buildJwtVerifier(signingMaterial.jwk);
|
|
49
|
+
const mismatchedKey = createSigningMaterial();
|
|
50
|
+
const invalidKey = await importPKCS8(mismatchedKey.privateKeyPem, 'RS256');
|
|
51
|
+
const invalidToken = await new SignJWT({ sub: 'user-456' })
|
|
52
|
+
.setProtectedHeader({ alg: 'RS256', kid: signingMaterial.jwk.kid })
|
|
53
|
+
.sign(invalidKey);
|
|
54
|
+
await expect(verifier.verify(invalidToken)).rejects.toMatchObject({
|
|
55
|
+
status: 401,
|
|
56
|
+
message: expect.stringContaining('signature verification failed')
|
|
57
|
+
});
|
|
58
|
+
});
|
|
59
|
+
it('honors JwtVerifyOptions when audience and issuer match', async () => {
|
|
60
|
+
const { verifier, getKeysInterceptor } = buildJwtVerifier(signingMaterial.jwk);
|
|
61
|
+
const audience = 'target-app';
|
|
62
|
+
const issuer = 'https://issuer.example.com';
|
|
63
|
+
const key = await importPKCS8(signingMaterial.privateKeyPem, 'RS256');
|
|
64
|
+
const token = await new SignJWT({ sub: 'user-789' })
|
|
65
|
+
.setProtectedHeader({ alg: 'RS256', kid: signingMaterial.jwk.kid })
|
|
66
|
+
.setAudience(audience)
|
|
67
|
+
.setIssuer(issuer)
|
|
68
|
+
.sign(key);
|
|
69
|
+
const result = await verifier.verify(token, {
|
|
70
|
+
algorithms: ['RS256'],
|
|
71
|
+
audience,
|
|
72
|
+
issuer
|
|
73
|
+
});
|
|
74
|
+
expect(getKeysInterceptor).toHaveBeenCalledTimes(1);
|
|
75
|
+
expect(result.sub).toBe('user-789');
|
|
76
|
+
expect(result.aud).toBe(audience);
|
|
77
|
+
expect(result.iss).toBe(issuer);
|
|
78
|
+
});
|
|
79
|
+
it('rejects when VerifyOptions constraints fail', async () => {
|
|
80
|
+
const { verifier } = buildJwtVerifier(signingMaterial.jwk);
|
|
81
|
+
const audience = 'target-app';
|
|
82
|
+
const issuer = 'https://issuer.example.com';
|
|
83
|
+
const key = await importPKCS8(signingMaterial.privateKeyPem, 'RS256');
|
|
84
|
+
const token = await new SignJWT({ sub: 'user-987' })
|
|
85
|
+
.setProtectedHeader({ alg: 'RS256', kid: signingMaterial.jwk.kid })
|
|
86
|
+
.setAudience(audience)
|
|
87
|
+
.setIssuer(issuer)
|
|
88
|
+
.sign(key);
|
|
89
|
+
await expect(verifier.verify(token, {
|
|
90
|
+
algorithms: ['RS256'],
|
|
91
|
+
audience: `${audience}-mismatch`,
|
|
92
|
+
issuer
|
|
93
|
+
})).rejects.toMatchObject({
|
|
94
|
+
status: 401,
|
|
95
|
+
message: expect.stringContaining('unexpected "aud" claim value')
|
|
96
|
+
});
|
|
97
|
+
});
|
|
98
|
+
it('rejects malformed tokens before attempting JWKS lookup', async () => {
|
|
99
|
+
const { verifier, getKeysInterceptor } = buildJwtVerifier(signingMaterial.jwk);
|
|
100
|
+
await expect(verifier.verify('definitely-not-a-jwt')).rejects.toThrow('Invalid token specified');
|
|
101
|
+
expect(getKeysInterceptor).not.toHaveBeenCalled();
|
|
102
|
+
});
|
|
103
|
+
});
|
|
104
|
+
//# sourceMappingURL=verifier.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verifier.test.js","sourceRoot":"","sources":["../../src/jwt/verifier.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,MAAM,CAAC;AAE5C,OAAO,EAAE,WAAW,EAA8B,MAAM,YAAY,CAAC;AAQrE,MAAM,MAAM,GAAG,UAAU,CAAC;AAE1B,MAAM,qBAAqB,GAAG,CAAC,GAAG,GAAG,MAAM,EAAmB,EAAE;IAC9D,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,mBAAmB,CAAC,KAAK,EAAE;QAC3D,aAAa,EAAE,IAAI;KACpB,CAAC,CAAC;IAEH,MAAM,GAAG,GAAG;QACV,GAAG,SAAS,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;QACtC,GAAG;QACH,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,KAAK;KACe,CAAC;IAE5B,OAAO;QACL,GAAG;QACH,aAAa,EAAE,UAAU,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,QAAQ,EAAE;KAC9E,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,gBAAgB,GAAG,CAAC,GAA2B,EAAE,EAAE;IACvD,MAAM,kBAAkB,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAEtD,MAAM,OAAO,GAAuB;QAClC,OAAO,EAAE,2CAA2C;QACpD,KAAK,EAAE,KAAK;QACZ,kBAAkB;KACnB,CAAC;IAEF,OAAO,EAAE,QAAQ,EAAE,IAAI,WAAW,CAAC,OAAO,CAAC,EAAE,kBAAkB,EAAE,CAAC;AACpE,CAAC,CAAC;AAEF,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;IAC3B,IAAI,eAAgC,CAAC;IACrC,SAAS,CAAC,GAAG,EAAE;QACb,eAAe,GAAG,qBAAqB,EAAE,CAAC;IAC5C,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,6CAA6C,EAAE,KAAK,IAAI,EAAE;QAC3D,MAAM,EAAE,QAAQ,EAAE,kBAAkB,EAAE,GAAG,gBAAgB,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QAI/E,MAAM,OAAO,GAAiB;YAC5B,GAAG,EAAE,UAAU;YACf,KAAK,EAAE,UAAU;SAClB,CAAC;QAEF,MAAM,GAAG,GAAG,MAAM,WAAW,CAAC,eAAe,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QACtE,MAAM,KAAK,GAAG,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEtH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAe,KAAK,CAAC,CAAC;QAE1D,MAAM,CAAC,kBAAkB,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QACpD,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2EAA2E,EAAE,KAAK,IAAI,EAAE;QACzF,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QAE3D,MAAM,aAAa,GAAG,qBAAqB,EAAE,CAAC;QAE9C,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,aAAa,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QAC3E,MAAM,YAAY,GAAG,MAAM,IAAI,OAAO,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC;aACxD,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;aAClE,IAAI,CAAC,UAAU,CAAC,CAAC;QAEpB,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC;YAChE,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,MAAM,CAAC,gBAAgB,CAAC,+BAA+B,CAAC;SAClE,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;QACtE,MAAM,EAAE,QAAQ,EAAE,kBAAkB,EAAE,GAAG,gBAAgB,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QAI/E,MAAM,QAAQ,GAAG,YAAY,CAAC;QAC9B,MAAM,MAAM,GAAG,4BAA4B,CAAC;QAE5C,MAAM,GAAG,GAAG,MAAM,WAAW,CAAC,eAAe,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QACtE,MAAM,KAAK,GAAG,MAAM,IAAI,OAAO,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC;aACjD,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;aAClE,WAAW,CAAC,QAAQ,CAAC;aACrB,SAAS,CAAC,MAAM,CAAC;aACjB,IAAI,CAAC,GAAG,CAAC,CAAC;QAEb,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAgB,KAAK,EAAE;YACzD,UAAU,EAAE,CAAC,OAAO,CAAC;YACrB,QAAQ;YACR,MAAM;SACP,CAAC,CAAC;QAEH,MAAM,CAAC,kBAAkB,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QACpD,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACpC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAClC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6CAA6C,EAAE,KAAK,IAAI,EAAE;QAC3D,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QAE3D,MAAM,QAAQ,GAAG,YAAY,CAAC;QAC9B,MAAM,MAAM,GAAG,4BAA4B,CAAC;QAE5C,MAAM,GAAG,GAAG,MAAM,WAAW,CAAC,eAAe,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QACtE,MAAM,KAAK,GAAG,MAAM,IAAI,OAAO,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC;aACjD,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;aAClE,WAAW,CAAC,QAAQ,CAAC;aACrB,SAAS,CAAC,MAAM,CAAC;aACjB,IAAI,CAAC,GAAG,CAAC,CAAC;QAEb,MAAM,MAAM,CACV,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE;YACrB,UAAU,EAAE,CAAC,OAAO,CAAC;YACrB,QAAQ,EAAE,GAAG,QAAQ,WAAW;YAChC,MAAM;SACP,CAAC,CACH,CAAC,OAAO,CAAC,aAAa,CAAC;YACtB,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,MAAM,CAAC,gBAAgB,CAAC,8BAA8B,CAAC;SACjE,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;QACtE,MAAM,EAAE,QAAQ,EAAE,kBAAkB,EAAE,GAAG,gBAAgB,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QAE/E,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,yBAAyB,CAAC,CAAC;QACjG,MAAM,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;IACpD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -190,6 +190,9 @@ export interface ServerMethods {
|
|
|
190
190
|
branchName?: string;
|
|
191
191
|
}, GetMultiPageApplicationResponseBody>;
|
|
192
192
|
liveEditDirectoryContents: {
|
|
193
|
+
/**
|
|
194
|
+
* @deprecated Use `v3.application.directoryContents.get` instead.
|
|
195
|
+
*/
|
|
193
196
|
get: ServerMethodSchema<{
|
|
194
197
|
applicationId: string;
|
|
195
198
|
branchName?: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protocol.d.ts","sourceRoot":"","sources":["../../src/socket/protocol.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,cAAc,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AAC9F,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,SAAS,EAAE,WAAW,EAAE,8BAA8B,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjI,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAC;AAClE,OAAO,EACL,wBAAwB,EACxB,2BAA2B,EAC3B,iCAAiC,EACjC,kCAAkC,EAClC,mCAAmC,EACnC,kBAAkB,EAClB,iBAAiB,EACjB,WAAW,EACX,+BAA+B,EAC/B,uCAAuC,EACvC,gCAAgC,EAChC,eAAe,EACf,YAAY,EACZ,+BAA+B,EAC/B,cAAc,EACd,gBAAgB,EAChB,qBAAqB,EACrB,sBAAsB,EACtB,4BAA4B,EAC5B,YAAY,EACb,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEvC,eAAO,MAAM,YAAY,cAAc,CAAC;AAExC,KAAK,WAAW,CAAC,CAAC,IAAI;IACpB,YAAY,EAAE,YAAY,CAAC;IAC3B,IAAI,EAAE,CAAC,CAAC;CACT,CAAC;AAEF,KAAK,kBAAkB,CAAC,MAAM,EAAE,QAAQ,IAAI,YAAY,CAAC,MAAM,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC;AAGxF,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE;QACF,IAAI,EAAE,kBAAkB,CAAC;YAAE,OAAO,EAAE,MAAM,CAAA;SAAE,EAAE;YAAE,OAAO,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QACnE,MAAM,EAAE;YACN,WAAW,EAAE;gBACX,SAAS,EAAE;oBACT,QAAQ,EAAE,kBAAkB,CAC1B;wBACE,aAAa,EAAE,MAAM,CAAC;wBACtB,UAAU,EAAE,MAAM,CAAC;wBACnB,UAAU,EAAE,MAAM,CAAC;wBACnB,cAAc,EAAE,MAAM,CAAC;wBACvB,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;qBACrC,EACD;wBAAE,OAAO,EAAE,OAAO,CAAA;qBAAE,CACrB,CAAC;oBACF,MAAM,EAAE,kBAAkB,CACxB;wBACE,aAAa,EAAE,MAAM,CAAC;wBACtB,UAAU,CAAC,EAAE,MAAM,CAAC;wBACpB,QAAQ,EAAE,MAAM,EAAE,CAAC;wBACnB,UAAU,EAAE,MAAM,EAAE,CAAC;wBACrB,oBAAoB,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;wBAC5C,UAAU,EAAE,MAAM,GAAG,SAAS,CAAC;wBAC/B,gBAAgB,EAAE,MAAM,CAAC;wBACzB,eAAe,EAAE,OAAO,CAAC;qBAC1B,EACD;wBAAE,OAAO,EAAE,OAAO,CAAA;qBAAE,CACrB,CAAC;iBACH,CAAC;gBACF,UAAU,EAAE,kBAAkB,CAC5B;oBACE,aAAa,EAAE,MAAM,CAAC;oBACtB,UAAU,EAAE,MAAM,CAAC;oBACnB,QAAQ,EAAE,MAAM,CAAC;oBACjB,aAAa,EAAE,MAAM,CAAC;oBACtB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBACrC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAC9B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;oBAChC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;iBACnC,EACD,eAAe,CAChB,CAAC;aACH,CAAC;YACF,GAAG,EAAE;gBACH,UAAU,EAAE,kBAAkB,CAC5B;oBACE,KAAK,EAAE,MAAM,CAAC;oBACd,UAAU,EAAE,MAAM,CAAC;oBACnB,QAAQ,EAAE,MAAM,CAAC;oBACjB,aAAa,EAAE,MAAM,CAAC;oBACtB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAC/B,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAClC,UAAU,CAAC,EAAE,OAAO,CAAC;iBACtB,EACD,eAAe,GAAG;oBAAE,OAAO,EAAE,IAAI,CAAA;iBAAE,CACpC,CAAC;gBACF,GAAG,EAAE,kBAAkB,CAAC;oBAAE,KAAK,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,QAAQ,EAAE,cAAc,CAAC;oBAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;iBAAE,EAAE,gBAAgB,CAAC,CAAC;aAChI,CAAC;SACH,CAAC;QACF,IAAI,EAAE;YACJ,YAAY,EAAE;gBACZ,GAAG,EAAE,kBAAkB,CAAC;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;gBAChE,SAAS,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;gBAC7F,GAAG,EAAE,kBAAkB,CAAC;oBAAE,QAAQ,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;aACjE,CAAC;YACF,iBAAiB,EAAE;gBACjB,GAAG,EAAE,kBAAkB,CAAC;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,cAAc,EAAE,CAAA;iBAAE,CAAC,CAAC;gBAC1E,SAAS,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,cAAc,EAAE,CAAA;iBAAE,CAAC,CAAC;gBACvG,GAAG,EAAE,kBAAkB,CAAC;oBAAE,QAAQ,EAAE,cAAc,EAAE,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;aAC3E,CAAC;YACF;;;;eAIG;YACH,OAAO,EAAE,kBAAkB,CAAC,qBAAqB,EAAE,sBAAsB,CAAC,CAAC;SAC5E,CAAC;QACF,EAAE,EAAE;YACF,IAAI,EAAE;gBACJ,WAAW,EAAE,kBAAkB,CAC7B;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,OAAO,EAAE,oBAAoB,CAAC;oBAAC,OAAO,CAAC,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;iBAAE,EACtG,IAAI,CACL,CAAC;gBACF,WAAW,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAA;iBAAE,CAAC,CAAC;gBACzH,GAAG,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;iBAAE,EAAE,IAAI,CAAC,CAAC;aACtF,CAAC;SACH,CAAC;KACH,CAAC;IACF,EAAE,EAAE;QACF,WAAW,EAAE;YACX,MAAM,EAAE,kBAAkB,CAAC,gCAAgC,EAAE,iBAAiB,CAAC,CAAC;YAChF,KAAK,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAA;aAAE,EAAE,iBAAiB,CAAC,CAAC;YACxE,YAAY,EAAE,kBAAkB,CAC9B;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,cAAc,EAAE,MAAM,CAAA;aAAE,EACrE,uCAAuC,CACxC,CAAC;YACF,IAAI,EAAE;gBACJ,KAAK,EAAE,kBAAkB,CACvB,2BAA2B,EAC3B;oBACE,IAAI,EAAE,WAAW,CAAC;oBAClB,OAAO,EAAE,IAAI,CAAC;oBACd,SAAS,EAAE,8BAA8B,GAAG,IAAI,CAAC;oBACjD,aAAa,EAAE,wBAAwB,CAAC;iBACzC,CACF,CAAC;gBACF,MAAM,EAAE,kBAAkB,CAAC,kCAAkC,EAAE,iCAAiC,CAAC,CAAC;aACnG,CAAC;YACF,cAAc,EAAE,kBAAkB,CAAC,qBAAqB,EAAE,sBAAsB,CAAC,CAAC;SACnF,CAAC;QACF,MAAM,EAAE;YACN,WAAW,EAAE;gBACX,UAAU,EAAE,kBAAkB,CAC5B;oBACE,aAAa,EAAE,MAAM,CAAC;oBACtB,UAAU,EAAE,MAAM,CAAC;oBACnB,QAAQ,EAAE,MAAM,CAAC;oBACjB,aAAa,EAAE,MAAM,CAAC;oBACtB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBACrC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;oBACjC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;oBAChC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAClC,UAAU,CAAC,EAAE,OAAO,CAAC;iBACtB,EACD,eAAe,GAAG;oBAAE,OAAO,EAAE,IAAI,CAAA;iBAAE,CACpC,CAAC;gBACF,GAAG,EAAE,kBAAkB,CACrB;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,QAAQ,EAAE,cAAc,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;iBAAE,EAC3F,+BAA+B,CAChC,CAAC;aACH,CAAC;SACH,CAAC;KACH,CAAC;IACF,EAAE,EAAE;QACF,WAAW,EAAE;YACX,GAAG,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,CAAC,EAAE,MAAM,CAAA;aAAE,EAAE,mCAAmC,CAAC,CAAC;YAC7G,yBAAyB,EAAE;gBACzB,GAAG,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;gBAC1F,GAAG,EAAE,kBAAkB,CACrB;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,IAAI,EAAE,MAAM,CAAC;oBAAC,MAAM,CAAC,EAAE,MAAM,CAAA;iBAAE,EAC7E;oBAAE,IAAI,EAAE,MAAM,CAAC;oBAAC,YAAY,CAAC,EAAE,YAAY,CAAA;iBAAE,CAC9C,CAAC;aACH,CAAC;YACF,iBAAiB,EAAE;gBACjB,GAAG,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,QAAQ,EAAE,cAAc,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;aACrH,CAAC;YACF,UAAU,EAAE,kBAAkB,CAC5B;gBACE,aAAa,EAAE,MAAM,CAAC;gBACtB,MAAM,CAAC,EAAE,MAAM,CAAC;gBAChB,kBAAkB,EAAE,MAAM,CAAC;gBAC3B,QAAQ,EAAE,MAAM,CAAC;gBACjB,aAAa,EAAE,MAAM,CAAC;gBACtB,SAAS,CAAC,EAAE,OAAO,CAAC;gBACpB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAClC,UAAU,CAAC,EAAE,OAAO,CAAC;gBACrB,aAAa,CAAC,EAAE,MAAM,CAAC;aACxB,EACD,eAAe,CAChB,CAAC;SACH,CAAC;QACF,GAAG,EAAE;YACH,YAAY,EAAE,kBAAkB,CAAC;gBAAE,KAAK,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,cAAc,EAAE,MAAM,CAAA;aAAE,EAAE,+BAA+B,CAAC,CAAC;YACjI,GAAG,EAAE,kBAAkB,CAAC;gBAAE,KAAK,EAAE,MAAM,CAAC;gBAAC,UAAU,CAAC,EAAE,MAAM,CAAA;aAAE,EAAE,kBAAkB,CAAC,CAAC;SACrF,CAAC;QACF,IAAI,EAAE;YACJ,OAAO,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,WAAW,EAAE,MAAM,CAAA;aAAE,EAAE,4BAA4B,CAAC,CAAC;YAC9H,OAAO,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,MAAM,CAAA;aAAE,EAAE,IAAI,CAAC,CAAC;YACjG,IAAI,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,MAAM,CAAA;aAAE,EAAE,4BAA4B,CAAC,CAAC;SACvH,CAAC;KACH,CAAC;CACH;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE;QACF,OAAO,EAAE;YACP,eAAe,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,SAAS,CAAA;aAAE,EAAE;gBAAE,SAAS,EAAE,SAAS,CAAA;aAAE,CAAC,CAAC;YACnG,QAAQ,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,SAAS,EAAE,CAAA;aAAE,EAAE;gBAAE,UAAU,EAAE,SAAS,EAAE,CAAA;aAAE,CAAC,CAAC;YACjG,iBAAiB,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,QAAQ,EAAE,WAAW,CAAA;aAAE,EAAE;gBAAE,EAAE,EAAE,OAAO,CAAA;aAAE,CAAC,CAAC;YAChG,SAAS,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,QAAQ,EAAE,WAAW,EAAE,CAAA;aAAE,EAAE;gBAAE,EAAE,EAAE,OAAO,CAAA;aAAE,CAAC,CAAC;SAC3F,CAAC;KACH,CAAC;CACH"}
|
|
1
|
+
{"version":3,"file":"protocol.d.ts","sourceRoot":"","sources":["../../src/socket/protocol.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,cAAc,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AAC9F,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,SAAS,EAAE,WAAW,EAAE,8BAA8B,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjI,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAC;AAClE,OAAO,EACL,wBAAwB,EACxB,2BAA2B,EAC3B,iCAAiC,EACjC,kCAAkC,EAClC,mCAAmC,EACnC,kBAAkB,EAClB,iBAAiB,EACjB,WAAW,EACX,+BAA+B,EAC/B,uCAAuC,EACvC,gCAAgC,EAChC,eAAe,EACf,YAAY,EACZ,+BAA+B,EAC/B,cAAc,EACd,gBAAgB,EAChB,qBAAqB,EACrB,sBAAsB,EACtB,4BAA4B,EAC5B,YAAY,EACb,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEvC,eAAO,MAAM,YAAY,cAAc,CAAC;AAExC,KAAK,WAAW,CAAC,CAAC,IAAI;IACpB,YAAY,EAAE,YAAY,CAAC;IAC3B,IAAI,EAAE,CAAC,CAAC;CACT,CAAC;AAEF,KAAK,kBAAkB,CAAC,MAAM,EAAE,QAAQ,IAAI,YAAY,CAAC,MAAM,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC;AAGxF,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE;QACF,IAAI,EAAE,kBAAkB,CAAC;YAAE,OAAO,EAAE,MAAM,CAAA;SAAE,EAAE;YAAE,OAAO,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QACnE,MAAM,EAAE;YACN,WAAW,EAAE;gBACX,SAAS,EAAE;oBACT,QAAQ,EAAE,kBAAkB,CAC1B;wBACE,aAAa,EAAE,MAAM,CAAC;wBACtB,UAAU,EAAE,MAAM,CAAC;wBACnB,UAAU,EAAE,MAAM,CAAC;wBACnB,cAAc,EAAE,MAAM,CAAC;wBACvB,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;qBACrC,EACD;wBAAE,OAAO,EAAE,OAAO,CAAA;qBAAE,CACrB,CAAC;oBACF,MAAM,EAAE,kBAAkB,CACxB;wBACE,aAAa,EAAE,MAAM,CAAC;wBACtB,UAAU,CAAC,EAAE,MAAM,CAAC;wBACpB,QAAQ,EAAE,MAAM,EAAE,CAAC;wBACnB,UAAU,EAAE,MAAM,EAAE,CAAC;wBACrB,oBAAoB,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;wBAC5C,UAAU,EAAE,MAAM,GAAG,SAAS,CAAC;wBAC/B,gBAAgB,EAAE,MAAM,CAAC;wBACzB,eAAe,EAAE,OAAO,CAAC;qBAC1B,EACD;wBAAE,OAAO,EAAE,OAAO,CAAA;qBAAE,CACrB,CAAC;iBACH,CAAC;gBACF,UAAU,EAAE,kBAAkB,CAC5B;oBACE,aAAa,EAAE,MAAM,CAAC;oBACtB,UAAU,EAAE,MAAM,CAAC;oBACnB,QAAQ,EAAE,MAAM,CAAC;oBACjB,aAAa,EAAE,MAAM,CAAC;oBACtB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBACrC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAC9B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;oBAChC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;iBACnC,EACD,eAAe,CAChB,CAAC;aACH,CAAC;YACF,GAAG,EAAE;gBACH,UAAU,EAAE,kBAAkB,CAC5B;oBACE,KAAK,EAAE,MAAM,CAAC;oBACd,UAAU,EAAE,MAAM,CAAC;oBACnB,QAAQ,EAAE,MAAM,CAAC;oBACjB,aAAa,EAAE,MAAM,CAAC;oBACtB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAC/B,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAClC,UAAU,CAAC,EAAE,OAAO,CAAC;iBACtB,EACD,eAAe,GAAG;oBAAE,OAAO,EAAE,IAAI,CAAA;iBAAE,CACpC,CAAC;gBACF,GAAG,EAAE,kBAAkB,CAAC;oBAAE,KAAK,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,QAAQ,EAAE,cAAc,CAAC;oBAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;iBAAE,EAAE,gBAAgB,CAAC,CAAC;aAChI,CAAC;SACH,CAAC;QACF,IAAI,EAAE;YACJ,YAAY,EAAE;gBACZ,GAAG,EAAE,kBAAkB,CAAC;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;gBAChE,SAAS,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;gBAC7F,GAAG,EAAE,kBAAkB,CAAC;oBAAE,QAAQ,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;aACjE,CAAC;YACF,iBAAiB,EAAE;gBACjB,GAAG,EAAE,kBAAkB,CAAC;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,cAAc,EAAE,CAAA;iBAAE,CAAC,CAAC;gBAC1E,SAAS,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,IAAI,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,cAAc,EAAE,CAAA;iBAAE,CAAC,CAAC;gBACvG,GAAG,EAAE,kBAAkB,CAAC;oBAAE,QAAQ,EAAE,cAAc,EAAE,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;aAC3E,CAAC;YACF;;;;eAIG;YACH,OAAO,EAAE,kBAAkB,CAAC,qBAAqB,EAAE,sBAAsB,CAAC,CAAC;SAC5E,CAAC;QACF,EAAE,EAAE;YACF,IAAI,EAAE;gBACJ,WAAW,EAAE,kBAAkB,CAC7B;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,OAAO,EAAE,oBAAoB,CAAC;oBAAC,OAAO,CAAC,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;iBAAE,EACtG,IAAI,CACL,CAAC;gBACF,WAAW,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;iBAAE,EAAE;oBAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAA;iBAAE,CAAC,CAAC;gBACzH,GAAG,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;iBAAE,EAAE,IAAI,CAAC,CAAC;aACtF,CAAC;SACH,CAAC;KACH,CAAC;IACF,EAAE,EAAE;QACF,WAAW,EAAE;YACX,MAAM,EAAE,kBAAkB,CAAC,gCAAgC,EAAE,iBAAiB,CAAC,CAAC;YAChF,KAAK,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAA;aAAE,EAAE,iBAAiB,CAAC,CAAC;YACxE,YAAY,EAAE,kBAAkB,CAC9B;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,cAAc,EAAE,MAAM,CAAA;aAAE,EACrE,uCAAuC,CACxC,CAAC;YACF,IAAI,EAAE;gBACJ,KAAK,EAAE,kBAAkB,CACvB,2BAA2B,EAC3B;oBACE,IAAI,EAAE,WAAW,CAAC;oBAClB,OAAO,EAAE,IAAI,CAAC;oBACd,SAAS,EAAE,8BAA8B,GAAG,IAAI,CAAC;oBACjD,aAAa,EAAE,wBAAwB,CAAC;iBACzC,CACF,CAAC;gBACF,MAAM,EAAE,kBAAkB,CAAC,kCAAkC,EAAE,iCAAiC,CAAC,CAAC;aACnG,CAAC;YACF,cAAc,EAAE,kBAAkB,CAAC,qBAAqB,EAAE,sBAAsB,CAAC,CAAC;SACnF,CAAC;QACF,MAAM,EAAE;YACN,WAAW,EAAE;gBACX,UAAU,EAAE,kBAAkB,CAC5B;oBACE,aAAa,EAAE,MAAM,CAAC;oBACtB,UAAU,EAAE,MAAM,CAAC;oBACnB,QAAQ,EAAE,MAAM,CAAC;oBACjB,aAAa,EAAE,MAAM,CAAC;oBACtB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBACrC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;oBACjC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;oBAChC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;oBAClC,UAAU,CAAC,EAAE,OAAO,CAAC;iBACtB,EACD,eAAe,GAAG;oBAAE,OAAO,EAAE,IAAI,CAAA;iBAAE,CACpC,CAAC;gBACF,GAAG,EAAE,kBAAkB,CACrB;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,QAAQ,EAAE,cAAc,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;iBAAE,EAC3F,+BAA+B,CAChC,CAAC;aACH,CAAC;SACH,CAAC;KACH,CAAC;IACF,EAAE,EAAE;QACF,WAAW,EAAE;YACX,GAAG,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,CAAC,EAAE,MAAM,CAAA;aAAE,EAAE,mCAAmC,CAAC,CAAC;YAC7G,yBAAyB,EAAE;gBACzB;;mBAEG;gBACH,GAAG,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;gBAC1F,GAAG,EAAE,kBAAkB,CACrB;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,IAAI,EAAE,MAAM,CAAC;oBAAC,MAAM,CAAC,EAAE,MAAM,CAAA;iBAAE,EAC7E;oBAAE,IAAI,EAAE,MAAM,CAAC;oBAAC,YAAY,CAAC,EAAE,YAAY,CAAA;iBAAE,CAC9C,CAAC;aACH,CAAC;YACF,iBAAiB,EAAE;gBACjB,GAAG,EAAE,kBAAkB,CAAC;oBAAE,aAAa,EAAE,MAAM,CAAC;oBAAC,UAAU,CAAC,EAAE,MAAM,CAAC;oBAAC,QAAQ,EAAE,cAAc,CAAA;iBAAE,EAAE;oBAAE,IAAI,EAAE,MAAM,CAAA;iBAAE,CAAC,CAAC;aACrH,CAAC;YACF,UAAU,EAAE,kBAAkB,CAC5B;gBACE,aAAa,EAAE,MAAM,CAAC;gBACtB,MAAM,CAAC,EAAE,MAAM,CAAC;gBAChB,kBAAkB,EAAE,MAAM,CAAC;gBAC3B,QAAQ,EAAE,MAAM,CAAC;gBACjB,aAAa,EAAE,MAAM,CAAC;gBACtB,SAAS,CAAC,EAAE,OAAO,CAAC;gBACpB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAClC,UAAU,CAAC,EAAE,OAAO,CAAC;gBACrB,aAAa,CAAC,EAAE,MAAM,CAAC;aACxB,EACD,eAAe,CAChB,CAAC;SACH,CAAC;QACF,GAAG,EAAE;YACH,YAAY,EAAE,kBAAkB,CAAC;gBAAE,KAAK,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,cAAc,EAAE,MAAM,CAAA;aAAE,EAAE,+BAA+B,CAAC,CAAC;YACjI,GAAG,EAAE,kBAAkB,CAAC;gBAAE,KAAK,EAAE,MAAM,CAAC;gBAAC,UAAU,CAAC,EAAE,MAAM,CAAA;aAAE,EAAE,kBAAkB,CAAC,CAAC;SACrF,CAAC;QACF,IAAI,EAAE;YACJ,OAAO,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,WAAW,EAAE,MAAM,CAAA;aAAE,EAAE,4BAA4B,CAAC,CAAC;YAC9H,OAAO,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,MAAM,CAAA;aAAE,EAAE,IAAI,CAAC,CAAC;YACjG,IAAI,EAAE,kBAAkB,CAAC;gBAAE,aAAa,EAAE,MAAM,CAAC;gBAAC,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,MAAM,CAAA;aAAE,EAAE,4BAA4B,CAAC,CAAC;SACvH,CAAC;KACH,CAAC;CACH;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE;QACF,OAAO,EAAE;YACP,eAAe,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,SAAS,CAAA;aAAE,EAAE;gBAAE,SAAS,EAAE,SAAS,CAAA;aAAE,CAAC,CAAC;YACnG,QAAQ,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,MAAM,EAAE,SAAS,EAAE,CAAA;aAAE,EAAE;gBAAE,UAAU,EAAE,SAAS,EAAE,CAAA;aAAE,CAAC,CAAC;YACjG,iBAAiB,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,QAAQ,EAAE,WAAW,CAAA;aAAE,EAAE;gBAAE,EAAE,EAAE,OAAO,CAAA;aAAE,CAAC,CAAC;YAChG,SAAS,EAAE,YAAY,CAAC;gBAAE,UAAU,EAAE,MAAM,CAAC;gBAAC,QAAQ,EAAE,WAAW,EAAE,CAAA;aAAE,EAAE;gBAAE,EAAE,EAAE,OAAO,CAAA;aAAE,CAAC,CAAC;SAC3F,CAAC;KACH,CAAC;CACH"}
|
package/package.json
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@superblocksteam/shared",
|
|
3
|
-
"version": "0.9543.
|
|
3
|
+
"version": "0.9543.8",
|
|
4
4
|
"description": "Superblocks Shared Resources",
|
|
5
5
|
"repository": "https://github.com/superblocksteam/shared.git",
|
|
6
6
|
"license": "Superblocks Community Software License",
|
|
7
7
|
"engines": {
|
|
8
|
-
"node": "
|
|
9
|
-
"npm": "
|
|
8
|
+
"node": ">=20.19.0",
|
|
9
|
+
"npm": ">=10.x"
|
|
10
10
|
},
|
|
11
11
|
"main": "dist/index.js",
|
|
12
12
|
"types": "dist/index.d.ts",
|
|
@@ -33,6 +33,7 @@
|
|
|
33
33
|
"events": "^3.3.0",
|
|
34
34
|
"google-protobuf": "3.21.2",
|
|
35
35
|
"isomorphic-ws": "^5.0.0",
|
|
36
|
+
"jose": "^5.10.0",
|
|
36
37
|
"js-base64": "^3.7.5",
|
|
37
38
|
"json5": "2.2.3",
|
|
38
39
|
"lodash": "^4.17.21",
|
|
@@ -50,7 +51,7 @@
|
|
|
50
51
|
"@swc/jest": "0.2.37",
|
|
51
52
|
"@types/jest": "29.5.12",
|
|
52
53
|
"@types/lodash": "^4.17.0",
|
|
53
|
-
"@types/node": "20
|
|
54
|
+
"@types/node": "^20",
|
|
54
55
|
"@types/semver": "^7.5.6",
|
|
55
56
|
"@types/uuid": "10.0.0",
|
|
56
57
|
"chokidar-cli": "3.0.0",
|
package/src/index.ts
CHANGED
package/src/jwt/index.ts
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export * from './verifier';
|
|
@@ -0,0 +1,143 @@
|
|
|
1
|
+
import { generateKeyPairSync } from 'node:crypto';
|
|
2
|
+
import { SignJWT, importPKCS8 } from 'jose';
|
|
3
|
+
|
|
4
|
+
import { JwtVerifier, JwtVerifierOptions, JwtKey } from './verifier';
|
|
5
|
+
import { type JWTPayload } from 'jose';
|
|
6
|
+
|
|
7
|
+
type SigningMaterial = {
|
|
8
|
+
privateKeyPem: string;
|
|
9
|
+
jwk: JwtKey;
|
|
10
|
+
};
|
|
11
|
+
|
|
12
|
+
const KEY_ID = 'test-key';
|
|
13
|
+
|
|
14
|
+
const createSigningMaterial = (kid = KEY_ID): SigningMaterial => {
|
|
15
|
+
const { publicKey, privateKey } = generateKeyPairSync('rsa', {
|
|
16
|
+
modulusLength: 2048
|
|
17
|
+
});
|
|
18
|
+
|
|
19
|
+
const jwk = {
|
|
20
|
+
...publicKey.export({ format: 'jwk' }),
|
|
21
|
+
kid,
|
|
22
|
+
alg: 'RS256',
|
|
23
|
+
use: 'sig'
|
|
24
|
+
} as SigningMaterial['jwk'];
|
|
25
|
+
|
|
26
|
+
return {
|
|
27
|
+
jwk,
|
|
28
|
+
privateKeyPem: privateKey.export({ type: 'pkcs8', format: 'pem' }).toString()
|
|
29
|
+
};
|
|
30
|
+
};
|
|
31
|
+
|
|
32
|
+
const buildJwtVerifier = (jwk: SigningMaterial['jwk']) => {
|
|
33
|
+
const getKeysInterceptor = jest.fn(async () => [jwk]);
|
|
34
|
+
|
|
35
|
+
const options: JwtVerifierOptions = {
|
|
36
|
+
jwksUri: 'https://example.com/.well-known/jwks.json',
|
|
37
|
+
cache: false,
|
|
38
|
+
getKeysInterceptor
|
|
39
|
+
};
|
|
40
|
+
|
|
41
|
+
return { verifier: new JwtVerifier(options), getKeysInterceptor };
|
|
42
|
+
};
|
|
43
|
+
|
|
44
|
+
describe('JwtVerifier', () => {
|
|
45
|
+
let signingMaterial: SigningMaterial;
|
|
46
|
+
beforeAll(() => {
|
|
47
|
+
signingMaterial = createSigningMaterial();
|
|
48
|
+
});
|
|
49
|
+
it('verifies a token with a matching JWKS entry', async () => {
|
|
50
|
+
const { verifier, getKeysInterceptor } = buildJwtVerifier(signingMaterial.jwk);
|
|
51
|
+
|
|
52
|
+
type TokenPayload = JWTPayload & { scope: string };
|
|
53
|
+
|
|
54
|
+
const payload: TokenPayload = {
|
|
55
|
+
sub: 'user-123',
|
|
56
|
+
scope: 'read:all'
|
|
57
|
+
};
|
|
58
|
+
|
|
59
|
+
const key = await importPKCS8(signingMaterial.privateKeyPem, 'RS256');
|
|
60
|
+
const token = await new SignJWT(payload).setProtectedHeader({ alg: 'RS256', kid: signingMaterial.jwk.kid }).sign(key);
|
|
61
|
+
|
|
62
|
+
const result = await verifier.verify<TokenPayload>(token);
|
|
63
|
+
|
|
64
|
+
expect(getKeysInterceptor).toHaveBeenCalledTimes(1);
|
|
65
|
+
expect(result.sub).toBe(payload.sub);
|
|
66
|
+
expect(result.scope).toBe(payload.scope);
|
|
67
|
+
});
|
|
68
|
+
|
|
69
|
+
it('throws UnauthorizedError when the signature does not match the JWKS entry', async () => {
|
|
70
|
+
const { verifier } = buildJwtVerifier(signingMaterial.jwk);
|
|
71
|
+
|
|
72
|
+
const mismatchedKey = createSigningMaterial();
|
|
73
|
+
|
|
74
|
+
const invalidKey = await importPKCS8(mismatchedKey.privateKeyPem, 'RS256');
|
|
75
|
+
const invalidToken = await new SignJWT({ sub: 'user-456' })
|
|
76
|
+
.setProtectedHeader({ alg: 'RS256', kid: signingMaterial.jwk.kid })
|
|
77
|
+
.sign(invalidKey);
|
|
78
|
+
|
|
79
|
+
await expect(verifier.verify(invalidToken)).rejects.toMatchObject({
|
|
80
|
+
status: 401,
|
|
81
|
+
message: expect.stringContaining('signature verification failed')
|
|
82
|
+
});
|
|
83
|
+
});
|
|
84
|
+
|
|
85
|
+
it('honors JwtVerifyOptions when audience and issuer match', async () => {
|
|
86
|
+
const { verifier, getKeysInterceptor } = buildJwtVerifier(signingMaterial.jwk);
|
|
87
|
+
|
|
88
|
+
type ScopedPayload = JWTPayload & { sub: string };
|
|
89
|
+
|
|
90
|
+
const audience = 'target-app';
|
|
91
|
+
const issuer = 'https://issuer.example.com';
|
|
92
|
+
|
|
93
|
+
const key = await importPKCS8(signingMaterial.privateKeyPem, 'RS256');
|
|
94
|
+
const token = await new SignJWT({ sub: 'user-789' })
|
|
95
|
+
.setProtectedHeader({ alg: 'RS256', kid: signingMaterial.jwk.kid })
|
|
96
|
+
.setAudience(audience)
|
|
97
|
+
.setIssuer(issuer)
|
|
98
|
+
.sign(key);
|
|
99
|
+
|
|
100
|
+
const result = await verifier.verify<ScopedPayload>(token, {
|
|
101
|
+
algorithms: ['RS256'],
|
|
102
|
+
audience,
|
|
103
|
+
issuer
|
|
104
|
+
});
|
|
105
|
+
|
|
106
|
+
expect(getKeysInterceptor).toHaveBeenCalledTimes(1);
|
|
107
|
+
expect(result.sub).toBe('user-789');
|
|
108
|
+
expect(result.aud).toBe(audience);
|
|
109
|
+
expect(result.iss).toBe(issuer);
|
|
110
|
+
});
|
|
111
|
+
|
|
112
|
+
it('rejects when VerifyOptions constraints fail', async () => {
|
|
113
|
+
const { verifier } = buildJwtVerifier(signingMaterial.jwk);
|
|
114
|
+
|
|
115
|
+
const audience = 'target-app';
|
|
116
|
+
const issuer = 'https://issuer.example.com';
|
|
117
|
+
|
|
118
|
+
const key = await importPKCS8(signingMaterial.privateKeyPem, 'RS256');
|
|
119
|
+
const token = await new SignJWT({ sub: 'user-987' })
|
|
120
|
+
.setProtectedHeader({ alg: 'RS256', kid: signingMaterial.jwk.kid })
|
|
121
|
+
.setAudience(audience)
|
|
122
|
+
.setIssuer(issuer)
|
|
123
|
+
.sign(key);
|
|
124
|
+
|
|
125
|
+
await expect(
|
|
126
|
+
verifier.verify(token, {
|
|
127
|
+
algorithms: ['RS256'],
|
|
128
|
+
audience: `${audience}-mismatch`,
|
|
129
|
+
issuer
|
|
130
|
+
})
|
|
131
|
+
).rejects.toMatchObject({
|
|
132
|
+
status: 401,
|
|
133
|
+
message: expect.stringContaining('unexpected "aud" claim value')
|
|
134
|
+
});
|
|
135
|
+
});
|
|
136
|
+
|
|
137
|
+
it('rejects malformed tokens before attempting JWKS lookup', async () => {
|
|
138
|
+
const { verifier, getKeysInterceptor } = buildJwtVerifier(signingMaterial.jwk);
|
|
139
|
+
|
|
140
|
+
await expect(verifier.verify('definitely-not-a-jwt')).rejects.toThrow('Invalid token specified');
|
|
141
|
+
expect(getKeysInterceptor).not.toHaveBeenCalled();
|
|
142
|
+
});
|
|
143
|
+
});
|
|
@@ -0,0 +1,96 @@
|
|
|
1
|
+
import { createLocalJWKSet, createRemoteJWKSet, decodeProtectedHeader, jwtVerify } from 'jose';
|
|
2
|
+
import type { JWTPayload, JWTVerifyOptions, RemoteJWKSetOptions } from 'jose';
|
|
3
|
+
import { isEmpty } from 'lodash';
|
|
4
|
+
import { UnauthorizedError } from '../errors';
|
|
5
|
+
|
|
6
|
+
/**
|
|
7
|
+
* Verifies JWTs using a JWKS endpoint to resolve signing keys on demand.
|
|
8
|
+
*/
|
|
9
|
+
export class JwtVerifier {
|
|
10
|
+
private readonly options: JwtVerifierOptions;
|
|
11
|
+
constructor(options: JwtVerifierOptions) {
|
|
12
|
+
this.options = options;
|
|
13
|
+
}
|
|
14
|
+
|
|
15
|
+
async verify<T extends JWTPayload>(token: string, options?: JWTVerifyOptions): Promise<T> {
|
|
16
|
+
let kid: string | undefined;
|
|
17
|
+
try {
|
|
18
|
+
const header = decodeProtectedHeader(token);
|
|
19
|
+
kid = header.kid;
|
|
20
|
+
} catch {
|
|
21
|
+
// Preserve legacy error message relied upon by tests
|
|
22
|
+
throw new Error('Invalid token specified');
|
|
23
|
+
}
|
|
24
|
+
|
|
25
|
+
if (isEmpty(kid)) {
|
|
26
|
+
throw new UnauthorizedError('Invalid JWT as kid header is missing.');
|
|
27
|
+
}
|
|
28
|
+
|
|
29
|
+
const jwkSet = await this.resolveJwkSet();
|
|
30
|
+
|
|
31
|
+
try {
|
|
32
|
+
const result = await jwtVerify<T>(token, jwkSet, options);
|
|
33
|
+
return result.payload;
|
|
34
|
+
} catch (err) {
|
|
35
|
+
throw new UnauthorizedError(`JWT verification failed: ${(err as Error).message}`);
|
|
36
|
+
}
|
|
37
|
+
}
|
|
38
|
+
|
|
39
|
+
private async resolveJwkSet(): Promise<ReturnType<typeof createLocalJWKSet> | ReturnType<typeof createRemoteJWKSet>> {
|
|
40
|
+
// Prefer interceptor-provided keys for explicit testability and control
|
|
41
|
+
if (this.options.getKeysInterceptor) {
|
|
42
|
+
const keys = await this.options.getKeysInterceptor();
|
|
43
|
+
if (isEmpty(keys)) {
|
|
44
|
+
throw new UnauthorizedError('JWT could not be verified as no corresponding public key was found.');
|
|
45
|
+
}
|
|
46
|
+
return createLocalJWKSet({ keys });
|
|
47
|
+
}
|
|
48
|
+
|
|
49
|
+
// Allow custom fetcher to provide JWKS out-of-band
|
|
50
|
+
if (this.options.fetcher) {
|
|
51
|
+
const jwks = await this.options.fetcher(this.options.jwksUri);
|
|
52
|
+
const keys = jwks.keys;
|
|
53
|
+
if (!Array.isArray(keys) || isEmpty(keys)) {
|
|
54
|
+
throw new UnauthorizedError('JWT could not be verified as no corresponding public key was found.');
|
|
55
|
+
}
|
|
56
|
+
return createLocalJWKSet({ keys });
|
|
57
|
+
}
|
|
58
|
+
|
|
59
|
+
// Default to remote JWKS. jose v5 supports headers/timeout; pass when provided.
|
|
60
|
+
const url = new URL(this.options.jwksUri);
|
|
61
|
+
const opts: RemoteJWKSetOptions = {};
|
|
62
|
+
if (!isEmpty(this.options.requestHeaders)) {
|
|
63
|
+
opts.headers = this.options.requestHeaders;
|
|
64
|
+
}
|
|
65
|
+
if (!isEmpty(this.options.timeoutMs)) {
|
|
66
|
+
opts.timeoutDuration = this.options.timeoutMs;
|
|
67
|
+
}
|
|
68
|
+
return createRemoteJWKSet(url, opts);
|
|
69
|
+
}
|
|
70
|
+
}
|
|
71
|
+
|
|
72
|
+
/**
|
|
73
|
+
* Options that configure how the verifier fetches and caches JWKS signing keys.
|
|
74
|
+
*/
|
|
75
|
+
export interface JwtVerifierOptions {
|
|
76
|
+
jwksUri: string;
|
|
77
|
+
rateLimit?: boolean;
|
|
78
|
+
cache?: boolean;
|
|
79
|
+
cacheMaxEntries?: number;
|
|
80
|
+
cacheMaxAge?: number;
|
|
81
|
+
jwksRequestsPerMinute?: number;
|
|
82
|
+
proxy?: string;
|
|
83
|
+
requestHeaders?: Headers;
|
|
84
|
+
timeoutMs?: number;
|
|
85
|
+
fetcher?(jwksUri: string): Promise<{ keys: unknown }>;
|
|
86
|
+
getKeysInterceptor?(): Promise<JwtKey[]>;
|
|
87
|
+
}
|
|
88
|
+
|
|
89
|
+
export type Headers = Record<string, string>;
|
|
90
|
+
|
|
91
|
+
export interface JwtKey {
|
|
92
|
+
kty: string;
|
|
93
|
+
kid: string;
|
|
94
|
+
alg: string;
|
|
95
|
+
[key: string]: unknown;
|
|
96
|
+
}
|
package/src/socket/protocol.ts
CHANGED
|
@@ -175,6 +175,9 @@ export interface ServerMethods {
|
|
|
175
175
|
application: {
|
|
176
176
|
get: ServerMethodSchema<{ applicationId: string; branchName?: string }, GetMultiPageApplicationResponseBody>;
|
|
177
177
|
liveEditDirectoryContents: {
|
|
178
|
+
/**
|
|
179
|
+
* @deprecated Use `v3.application.directoryContents.get` instead.
|
|
180
|
+
*/
|
|
178
181
|
get: ServerMethodSchema<{ applicationId: string; branchName?: string }, { hash: string }>;
|
|
179
182
|
set: ServerMethodSchema<
|
|
180
183
|
{ applicationId: string; branchName?: string; hash: string; source?: string },
|