@tekcify/auth-core-client 1.0.0 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/{src/index.ts → dist/index.d.ts} +1 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +20 -0
- package/dist/index.js.map +1 -0
- package/dist/oauth.d.ts +52 -0
- package/dist/oauth.d.ts.map +1 -0
- package/dist/oauth.js +170 -0
- package/dist/oauth.js.map +1 -0
- package/dist/pkce.d.ts +3 -0
- package/dist/pkce.d.ts.map +1 -0
- package/dist/pkce.js +36 -0
- package/dist/pkce.js.map +1 -0
- package/dist/types.d.ts +35 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +3 -0
- package/dist/types.js.map +1 -0
- package/package.json +7 -4
- package/src/__tests__/pkce.test.ts +0 -31
- package/src/oauth.ts +0 -250
- package/src/pkce.ts +0 -38
- package/src/types.ts +0 -37
- package/tsconfig.json +0 -11
- package/tsconfig.tsbuildinfo +0 -1
- package/vitest.config.ts +0 -9
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAC;AACxB,cAAc,QAAQ,CAAC;AACvB,cAAc,SAAS,CAAC"}
|
package/dist/index.js
ADDED
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
__exportStar(require("./types"), exports);
|
|
18
|
+
__exportStar(require("./pkce"), exports);
|
|
19
|
+
__exportStar(require("./oauth"), exports);
|
|
20
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,0CAAwB;AACxB,yCAAuB;AACvB,0CAAwB"}
|
package/dist/oauth.d.ts
ADDED
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
import type { TokenResponse, UserInfo, IntrospectResult, OAuthConfig } from './types';
|
|
2
|
+
import { generateCodeVerifier, generateCodeChallenge } from './pkce';
|
|
3
|
+
export declare function buildAuthorizeUrl(authServerUrl: string, config: {
|
|
4
|
+
clientId: string;
|
|
5
|
+
redirectUri: string;
|
|
6
|
+
scopes: string[];
|
|
7
|
+
state?: string;
|
|
8
|
+
codeChallenge?: string;
|
|
9
|
+
codeChallengeMethod?: 'plain' | 'S256';
|
|
10
|
+
}): string;
|
|
11
|
+
export declare function exchangeCode(authServerUrl: string, config: {
|
|
12
|
+
code: string;
|
|
13
|
+
clientId: string;
|
|
14
|
+
clientSecret: string;
|
|
15
|
+
redirectUri: string;
|
|
16
|
+
codeVerifier?: string;
|
|
17
|
+
}): Promise<TokenResponse>;
|
|
18
|
+
export declare function refreshAccessToken(authServerUrl: string, config: {
|
|
19
|
+
refreshToken: string;
|
|
20
|
+
clientId: string;
|
|
21
|
+
clientSecret: string;
|
|
22
|
+
}): Promise<TokenResponse>;
|
|
23
|
+
export declare function revokeToken(authServerUrl: string, config: {
|
|
24
|
+
token: string;
|
|
25
|
+
clientId: string;
|
|
26
|
+
clientSecret: string;
|
|
27
|
+
}): Promise<void>;
|
|
28
|
+
export declare function introspectToken(authServerUrl: string, config: {
|
|
29
|
+
token: string;
|
|
30
|
+
clientId?: string;
|
|
31
|
+
clientSecret?: string;
|
|
32
|
+
}): Promise<IntrospectResult>;
|
|
33
|
+
export declare function getUserInfo(authServerUrl: string, accessToken: string): Promise<UserInfo>;
|
|
34
|
+
export declare class OAuthClient {
|
|
35
|
+
private config;
|
|
36
|
+
constructor(config: OAuthConfig);
|
|
37
|
+
buildAuthorizeUrl(options?: {
|
|
38
|
+
state?: string;
|
|
39
|
+
codeChallenge?: string;
|
|
40
|
+
codeChallengeMethod?: 'plain' | 'S256';
|
|
41
|
+
}): Promise<string>;
|
|
42
|
+
exchangeCode(code: string, codeVerifier?: string): Promise<TokenResponse>;
|
|
43
|
+
refreshAccessToken(refreshToken: string): Promise<TokenResponse>;
|
|
44
|
+
revokeToken(token: string): Promise<void>;
|
|
45
|
+
introspectToken(token: string, options?: {
|
|
46
|
+
clientId?: string;
|
|
47
|
+
clientSecret?: string;
|
|
48
|
+
}): Promise<IntrospectResult>;
|
|
49
|
+
getUserInfo(accessToken: string): Promise<UserInfo>;
|
|
50
|
+
}
|
|
51
|
+
export { generateCodeVerifier, generateCodeChallenge };
|
|
52
|
+
//# sourceMappingURL=oauth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../src/oauth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,aAAa,EACb,QAAQ,EACR,gBAAgB,EAChB,WAAW,EACZ,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,MAAM,QAAQ,CAAC;AAErE,wBAAgB,iBAAiB,CAC/B,aAAa,EAAE,MAAM,EACrB,MAAM,EAAE;IACN,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,mBAAmB,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;CACxC,GACA,MAAM,CAmBR;AAED,wBAAsB,YAAY,CAChC,aAAa,EAAE,MAAM,EACrB,MAAM,EAAE;IACN,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,GACA,OAAO,CAAC,aAAa,CAAC,CAwBxB;AAED,wBAAsB,kBAAkB,CACtC,aAAa,EAAE,MAAM,EACrB,MAAM,EAAE;IACN,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;CACtB,GACA,OAAO,CAAC,aAAa,CAAC,CAsBxB;AAED,wBAAsB,WAAW,CAC/B,aAAa,EAAE,MAAM,EACrB,MAAM,EAAE;IACN,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;CACtB,GACA,OAAO,CAAC,IAAI,CAAC,CAmBf;AAED,wBAAsB,eAAe,CACnC,aAAa,EAAE,MAAM,EACrB,MAAM,EAAE;IACN,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,GACA,OAAO,CAAC,gBAAgB,CAAC,CA4B3B;AAED,wBAAsB,WAAW,CAC/B,aAAa,EAAE,MAAM,EACrB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,QAAQ,CAAC,CAgBnB;AAED,qBAAa,WAAW;IACV,OAAO,CAAC,MAAM;gBAAN,MAAM,EAAE,WAAW;IAEjC,iBAAiB,CAAC,OAAO,CAAC,EAAE;QAChC,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,mBAAmB,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;KACxC,GAAG,OAAO,CAAC,MAAM,CAAC;IASb,YAAY,CAChB,IAAI,EAAE,MAAM,EACZ,YAAY,CAAC,EAAE,MAAM,GACpB,OAAO,CAAC,aAAa,CAAC;IAUnB,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAQhE,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAQzC,eAAe,CACnB,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;QAAC,YAAY,CAAC,EAAE,MAAM,CAAA;KAAE,GACrD,OAAO,CAAC,gBAAgB,CAAC;IAQtB,WAAW,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;CAG1D;AAED,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,CAAC"}
|
package/dist/oauth.js
ADDED
|
@@ -0,0 +1,170 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.generateCodeChallenge = exports.generateCodeVerifier = exports.OAuthClient = void 0;
|
|
4
|
+
exports.buildAuthorizeUrl = buildAuthorizeUrl;
|
|
5
|
+
exports.exchangeCode = exchangeCode;
|
|
6
|
+
exports.refreshAccessToken = refreshAccessToken;
|
|
7
|
+
exports.revokeToken = revokeToken;
|
|
8
|
+
exports.introspectToken = introspectToken;
|
|
9
|
+
exports.getUserInfo = getUserInfo;
|
|
10
|
+
const pkce_1 = require("./pkce");
|
|
11
|
+
Object.defineProperty(exports, "generateCodeVerifier", { enumerable: true, get: function () { return pkce_1.generateCodeVerifier; } });
|
|
12
|
+
Object.defineProperty(exports, "generateCodeChallenge", { enumerable: true, get: function () { return pkce_1.generateCodeChallenge; } });
|
|
13
|
+
function buildAuthorizeUrl(authServerUrl, config) {
|
|
14
|
+
const oauthUrl = new URL(`${authServerUrl}/api/oauth/authorize`);
|
|
15
|
+
oauthUrl.searchParams.set('clientId', config.clientId);
|
|
16
|
+
oauthUrl.searchParams.set('redirectUri', config.redirectUri);
|
|
17
|
+
oauthUrl.searchParams.set('scopes', config.scopes.join(' '));
|
|
18
|
+
if (config.state) {
|
|
19
|
+
oauthUrl.searchParams.set('state', config.state);
|
|
20
|
+
}
|
|
21
|
+
if (config.codeChallenge) {
|
|
22
|
+
oauthUrl.searchParams.set('codeChallenge', config.codeChallenge);
|
|
23
|
+
oauthUrl.searchParams.set('codeChallengeMethod', config.codeChallengeMethod ?? 'S256');
|
|
24
|
+
}
|
|
25
|
+
const loginUrl = new URL(`${authServerUrl}/login`);
|
|
26
|
+
loginUrl.searchParams.set('redirect', oauthUrl.toString());
|
|
27
|
+
return loginUrl.toString();
|
|
28
|
+
}
|
|
29
|
+
async function exchangeCode(authServerUrl, config) {
|
|
30
|
+
const response = await fetch(`${authServerUrl}/oauth/token`, {
|
|
31
|
+
method: 'POST',
|
|
32
|
+
headers: {
|
|
33
|
+
'Content-Type': 'application/json',
|
|
34
|
+
},
|
|
35
|
+
body: JSON.stringify({
|
|
36
|
+
grant_type: 'authorization_code',
|
|
37
|
+
code: config.code,
|
|
38
|
+
clientId: config.clientId,
|
|
39
|
+
clientSecret: config.clientSecret,
|
|
40
|
+
redirectUri: config.redirectUri,
|
|
41
|
+
codeVerifier: config.codeVerifier,
|
|
42
|
+
}),
|
|
43
|
+
});
|
|
44
|
+
if (!response.ok) {
|
|
45
|
+
const error = (await response.json().catch(() => ({})));
|
|
46
|
+
throw new Error(error.message ?? 'Failed to exchange authorization code');
|
|
47
|
+
}
|
|
48
|
+
return (await response.json());
|
|
49
|
+
}
|
|
50
|
+
async function refreshAccessToken(authServerUrl, config) {
|
|
51
|
+
const response = await fetch(`${authServerUrl}/oauth/token`, {
|
|
52
|
+
method: 'POST',
|
|
53
|
+
headers: {
|
|
54
|
+
'Content-Type': 'application/json',
|
|
55
|
+
},
|
|
56
|
+
body: JSON.stringify({
|
|
57
|
+
grant_type: 'refresh_token',
|
|
58
|
+
refreshToken: config.refreshToken,
|
|
59
|
+
clientId: config.clientId,
|
|
60
|
+
clientSecret: config.clientSecret,
|
|
61
|
+
}),
|
|
62
|
+
});
|
|
63
|
+
if (!response.ok) {
|
|
64
|
+
const error = (await response.json().catch(() => ({})));
|
|
65
|
+
throw new Error(error.message ?? 'Failed to refresh access token');
|
|
66
|
+
}
|
|
67
|
+
return (await response.json());
|
|
68
|
+
}
|
|
69
|
+
async function revokeToken(authServerUrl, config) {
|
|
70
|
+
const response = await fetch(`${authServerUrl}/oauth/revoke`, {
|
|
71
|
+
method: 'POST',
|
|
72
|
+
headers: {
|
|
73
|
+
'Content-Type': 'application/json',
|
|
74
|
+
},
|
|
75
|
+
body: JSON.stringify({
|
|
76
|
+
token: config.token,
|
|
77
|
+
clientId: config.clientId,
|
|
78
|
+
clientSecret: config.clientSecret,
|
|
79
|
+
}),
|
|
80
|
+
});
|
|
81
|
+
if (!response.ok) {
|
|
82
|
+
const error = (await response.json().catch(() => ({})));
|
|
83
|
+
throw new Error(error.message ?? 'Failed to revoke token');
|
|
84
|
+
}
|
|
85
|
+
}
|
|
86
|
+
async function introspectToken(authServerUrl, config) {
|
|
87
|
+
const body = {
|
|
88
|
+
token: config.token,
|
|
89
|
+
};
|
|
90
|
+
if (config.clientId) {
|
|
91
|
+
body.clientId = config.clientId;
|
|
92
|
+
}
|
|
93
|
+
if (config.clientSecret) {
|
|
94
|
+
body.clientSecret = config.clientSecret;
|
|
95
|
+
}
|
|
96
|
+
const response = await fetch(`${authServerUrl}/oauth/token/introspect`, {
|
|
97
|
+
method: 'POST',
|
|
98
|
+
headers: {
|
|
99
|
+
'Content-Type': 'application/json',
|
|
100
|
+
},
|
|
101
|
+
body: JSON.stringify(body),
|
|
102
|
+
});
|
|
103
|
+
if (!response.ok) {
|
|
104
|
+
const error = (await response.json().catch(() => ({})));
|
|
105
|
+
throw new Error(error.message ?? 'Failed to introspect token');
|
|
106
|
+
}
|
|
107
|
+
return (await response.json());
|
|
108
|
+
}
|
|
109
|
+
async function getUserInfo(authServerUrl, accessToken) {
|
|
110
|
+
const response = await fetch(`${authServerUrl}/oauth/userinfo`, {
|
|
111
|
+
method: 'GET',
|
|
112
|
+
headers: {
|
|
113
|
+
Authorization: `Bearer ${accessToken}`,
|
|
114
|
+
},
|
|
115
|
+
});
|
|
116
|
+
if (!response.ok) {
|
|
117
|
+
const error = (await response.json().catch(() => ({})));
|
|
118
|
+
throw new Error(error.message ?? 'Failed to get user info');
|
|
119
|
+
}
|
|
120
|
+
return (await response.json());
|
|
121
|
+
}
|
|
122
|
+
class OAuthClient {
|
|
123
|
+
config;
|
|
124
|
+
constructor(config) {
|
|
125
|
+
this.config = config;
|
|
126
|
+
}
|
|
127
|
+
async buildAuthorizeUrl(options) {
|
|
128
|
+
return buildAuthorizeUrl(this.config.authServerUrl, {
|
|
129
|
+
clientId: this.config.clientId,
|
|
130
|
+
redirectUri: this.config.redirectUri,
|
|
131
|
+
scopes: this.config.scopes,
|
|
132
|
+
...options,
|
|
133
|
+
});
|
|
134
|
+
}
|
|
135
|
+
async exchangeCode(code, codeVerifier) {
|
|
136
|
+
return exchangeCode(this.config.authServerUrl, {
|
|
137
|
+
code,
|
|
138
|
+
clientId: this.config.clientId,
|
|
139
|
+
clientSecret: this.config.clientSecret,
|
|
140
|
+
redirectUri: this.config.redirectUri,
|
|
141
|
+
codeVerifier,
|
|
142
|
+
});
|
|
143
|
+
}
|
|
144
|
+
async refreshAccessToken(refreshToken) {
|
|
145
|
+
return refreshAccessToken(this.config.authServerUrl, {
|
|
146
|
+
refreshToken,
|
|
147
|
+
clientId: this.config.clientId,
|
|
148
|
+
clientSecret: this.config.clientSecret,
|
|
149
|
+
});
|
|
150
|
+
}
|
|
151
|
+
async revokeToken(token) {
|
|
152
|
+
return revokeToken(this.config.authServerUrl, {
|
|
153
|
+
token,
|
|
154
|
+
clientId: this.config.clientId,
|
|
155
|
+
clientSecret: this.config.clientSecret,
|
|
156
|
+
});
|
|
157
|
+
}
|
|
158
|
+
async introspectToken(token, options) {
|
|
159
|
+
return introspectToken(this.config.authServerUrl, {
|
|
160
|
+
token,
|
|
161
|
+
clientId: options?.clientId ?? this.config.clientId,
|
|
162
|
+
clientSecret: options?.clientSecret ?? this.config.clientSecret,
|
|
163
|
+
});
|
|
164
|
+
}
|
|
165
|
+
async getUserInfo(accessToken) {
|
|
166
|
+
return getUserInfo(this.config.authServerUrl, accessToken);
|
|
167
|
+
}
|
|
168
|
+
}
|
|
169
|
+
exports.OAuthClient = OAuthClient;
|
|
170
|
+
//# sourceMappingURL=oauth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../src/oauth.ts"],"names":[],"mappings":";;;AAQA,8CA6BC;AAED,oCAiCC;AAED,gDA6BC;AAED,kCA0BC;AAED,0CAmCC;AAED,kCAmBC;AAvLD,iCAAqE;AAsP5D,qGAtPA,2BAAoB,OAsPA;AAAE,sGAtPA,4BAAqB,OAsPA;AApPpD,SAAgB,iBAAiB,CAC/B,aAAqB,EACrB,MAOC;IAED,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,aAAa,sBAAsB,CAAC,CAAC;IACjE,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IACvD,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAC7D,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAC7D,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IACnD,CAAC;IACD,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACzB,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;QACjE,QAAQ,CAAC,YAAY,CAAC,GAAG,CACvB,qBAAqB,EACrB,MAAM,CAAC,mBAAmB,IAAI,MAAM,CACrC,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,aAAa,QAAQ,CAAC,CAAC;IACnD,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC3D,OAAO,QAAQ,CAAC,QAAQ,EAAE,CAAC;AAC7B,CAAC;AAEM,KAAK,UAAU,YAAY,CAChC,aAAqB,EACrB,MAMC;IAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,aAAa,cAAc,EAAE;QAC3D,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,UAAU,EAAE,oBAAoB;YAChC,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,YAAY,EAAE,MAAM,CAAC,YAAY;SAClC,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,KAAK,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAErD,CAAC;QACF,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,OAAO,IAAI,uCAAuC,CAAC,CAAC;IAC5E,CAAC;IAED,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAkB,CAAC;AAClD,CAAC;AAEM,KAAK,UAAU,kBAAkB,CACtC,aAAqB,EACrB,MAIC;IAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,aAAa,cAAc,EAAE;QAC3D,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,UAAU,EAAE,eAAe;YAC3B,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,YAAY,EAAE,MAAM,CAAC,YAAY;SAClC,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,KAAK,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAErD,CAAC;QACF,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,OAAO,IAAI,gCAAgC,CAAC,CAAC;IACrE,CAAC;IAED,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAkB,CAAC;AAClD,CAAC;AAEM,KAAK,UAAU,WAAW,CAC/B,aAAqB,EACrB,MAIC;IAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,aAAa,eAAe,EAAE;QAC5D,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,YAAY,EAAE,MAAM,CAAC,YAAY;SAClC,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,KAAK,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAErD,CAAC;QACF,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,OAAO,IAAI,wBAAwB,CAAC,CAAC;IAC7D,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,eAAe,CACnC,aAAqB,EACrB,MAIC;IAED,MAAM,IAAI,GAA2B;QACnC,KAAK,EAAE,MAAM,CAAC,KAAK;KACpB,CAAC;IAEF,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACpB,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;IAClC,CAAC;IACD,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;QACxB,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;IAC1C,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,aAAa,yBAAyB,EAAE;QACtE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;KAC3B,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,KAAK,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAErD,CAAC;QACF,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,OAAO,IAAI,4BAA4B,CAAC,CAAC;IACjE,CAAC;IAED,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAqB,CAAC;AACrD,CAAC;AAEM,KAAK,UAAU,WAAW,CAC/B,aAAqB,EACrB,WAAmB;IAEnB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,aAAa,iBAAiB,EAAE;QAC9D,MAAM,EAAE,KAAK;QACb,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,WAAW,EAAE;SACvC;KACF,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,KAAK,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAErD,CAAC;QACF,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,OAAO,IAAI,yBAAyB,CAAC,CAAC;IAC9D,CAAC;IAED,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAa,CAAC;AAC7C,CAAC;AAED,MAAa,WAAW;IACF;IAApB,YAAoB,MAAmB;QAAnB,WAAM,GAAN,MAAM,CAAa;IAAG,CAAC;IAE3C,KAAK,CAAC,iBAAiB,CAAC,OAIvB;QACC,OAAO,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;YAClD,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,GAAG,OAAO;SACX,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,YAAY,CAChB,IAAY,EACZ,YAAqB;QAErB,OAAO,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;YAC7C,IAAI;YACJ,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;YACtC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,YAAY;SACb,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,YAAoB;QAC3C,OAAO,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;YACnD,YAAY;YACZ,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;SACvC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAAa;QAC7B,OAAO,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;YAC5C,KAAK;YACL,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;SACvC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,eAAe,CACnB,KAAa,EACb,OAAsD;QAEtD,OAAO,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;YAChD,KAAK;YACL,QAAQ,EAAE,OAAO,EAAE,QAAQ,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ;YACnD,YAAY,EAAE,OAAO,EAAE,YAAY,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY;SAChE,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,WAAmB;QACnC,OAAO,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC;IAC7D,CAAC;CACF;AA3DD,kCA2DC"}
|
package/dist/pkce.d.ts
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pkce.d.ts","sourceRoot":"","sources":["../src/pkce.ts"],"names":[],"mappings":"AAuBA,wBAAgB,oBAAoB,IAAI,MAAM,CAG7C;AAED,wBAAsB,qBAAqB,CACzC,QAAQ,EAAE,MAAM,EAChB,MAAM,GAAE,OAAO,GAAG,MAAe,GAChC,OAAO,CAAC,MAAM,CAAC,CAMjB"}
|
package/dist/pkce.js
ADDED
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.generateCodeVerifier = generateCodeVerifier;
|
|
4
|
+
exports.generateCodeChallenge = generateCodeChallenge;
|
|
5
|
+
function generateRandomBytes(length) {
|
|
6
|
+
if (typeof crypto !== 'undefined') {
|
|
7
|
+
return crypto.getRandomValues(new Uint8Array(length));
|
|
8
|
+
}
|
|
9
|
+
throw new Error('crypto.getRandomValues is not available');
|
|
10
|
+
}
|
|
11
|
+
function base64UrlEncode(buffer) {
|
|
12
|
+
const base64 = btoa(String.fromCharCode(...buffer));
|
|
13
|
+
return base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
|
|
14
|
+
}
|
|
15
|
+
function sha256(data) {
|
|
16
|
+
if (typeof crypto !== 'undefined') {
|
|
17
|
+
const encoder = new TextEncoder();
|
|
18
|
+
const dataBuffer = encoder.encode(data);
|
|
19
|
+
return crypto.subtle.digest('SHA-256', dataBuffer).then((hashBuffer) => {
|
|
20
|
+
return new Uint8Array(hashBuffer);
|
|
21
|
+
});
|
|
22
|
+
}
|
|
23
|
+
throw new Error('crypto.subtle is not available');
|
|
24
|
+
}
|
|
25
|
+
function generateCodeVerifier() {
|
|
26
|
+
const randomBytes = generateRandomBytes(32);
|
|
27
|
+
return base64UrlEncode(randomBytes);
|
|
28
|
+
}
|
|
29
|
+
async function generateCodeChallenge(verifier, method = 'S256') {
|
|
30
|
+
if (method === 'plain') {
|
|
31
|
+
return verifier;
|
|
32
|
+
}
|
|
33
|
+
const hash = await sha256(verifier);
|
|
34
|
+
return base64UrlEncode(hash);
|
|
35
|
+
}
|
|
36
|
+
//# sourceMappingURL=pkce.js.map
|
package/dist/pkce.js.map
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pkce.js","sourceRoot":"","sources":["../src/pkce.ts"],"names":[],"mappings":";;AAuBA,oDAGC;AAED,sDASC;AArCD,SAAS,mBAAmB,CAAC,MAAc;IACzC,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;IACxD,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;AAC7D,CAAC;AAED,SAAS,eAAe,CAAC,MAAkB;IACzC,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC;IACpD,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;AAC1E,CAAC;AAED,SAAS,MAAM,CAAC,IAAY;IAC1B,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;QAClC,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACxC,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE;YACrE,OAAO,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;IACL,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;AACpD,CAAC;AAED,SAAgB,oBAAoB;IAClC,MAAM,WAAW,GAAG,mBAAmB,CAAC,EAAE,CAAC,CAAC;IAC5C,OAAO,eAAe,CAAC,WAAW,CAAC,CAAC;AACtC,CAAC;AAEM,KAAK,UAAU,qBAAqB,CACzC,QAAgB,EAChB,SAA2B,MAAM;IAEjC,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;IACpC,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC;AAC/B,CAAC"}
|
package/dist/types.d.ts
ADDED
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
export interface TokenResponse {
|
|
2
|
+
accessToken: string;
|
|
3
|
+
refreshToken: string;
|
|
4
|
+
tokenType: string;
|
|
5
|
+
expiresIn: number;
|
|
6
|
+
scope: string;
|
|
7
|
+
}
|
|
8
|
+
export interface UserInfo {
|
|
9
|
+
sub: string;
|
|
10
|
+
email: string;
|
|
11
|
+
email_verified: boolean;
|
|
12
|
+
given_name: string | null;
|
|
13
|
+
family_name: string | null;
|
|
14
|
+
name: string | null;
|
|
15
|
+
picture: string | null;
|
|
16
|
+
updated_at: number;
|
|
17
|
+
}
|
|
18
|
+
export interface IntrospectResult {
|
|
19
|
+
active: boolean;
|
|
20
|
+
clientId?: string;
|
|
21
|
+
username?: string;
|
|
22
|
+
scope?: string;
|
|
23
|
+
sub?: string;
|
|
24
|
+
exp?: number;
|
|
25
|
+
iat?: number;
|
|
26
|
+
tokenType?: string;
|
|
27
|
+
}
|
|
28
|
+
export interface OAuthConfig {
|
|
29
|
+
authServerUrl: string;
|
|
30
|
+
clientId: string;
|
|
31
|
+
clientSecret: string;
|
|
32
|
+
redirectUri: string;
|
|
33
|
+
scopes: string[];
|
|
34
|
+
}
|
|
35
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,QAAQ;IACvB,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,cAAc,EAAE,OAAO,CAAC;IACxB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,OAAO,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB"}
|
package/dist/types.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@tekcify/auth-core-client",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.2",
|
|
4
4
|
"description": "Core OAuth 2.0 client utilities for Tekcify Auth",
|
|
5
5
|
"author": "Tekcify",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -13,6 +13,10 @@
|
|
|
13
13
|
"url": "https://github.com/tekcify/auth/issues"
|
|
14
14
|
},
|
|
15
15
|
"homepage": "https://github.com/tekcify/auth#readme",
|
|
16
|
+
"files": [
|
|
17
|
+
"dist",
|
|
18
|
+
"README.md"
|
|
19
|
+
],
|
|
16
20
|
"exports": {
|
|
17
21
|
".": {
|
|
18
22
|
"types": "./dist/index.d.ts",
|
|
@@ -21,7 +25,7 @@
|
|
|
21
25
|
}
|
|
22
26
|
},
|
|
23
27
|
"scripts": {
|
|
24
|
-
"build": "tsc",
|
|
28
|
+
"build": "tsc -p tsconfig.build.json",
|
|
25
29
|
"clean": "rm -rf dist",
|
|
26
30
|
"lint": "eslint \"src/**/*.ts\" --max-warnings=0",
|
|
27
31
|
"test": "vitest run",
|
|
@@ -35,8 +39,7 @@
|
|
|
35
39
|
],
|
|
36
40
|
"license": "MIT",
|
|
37
41
|
"devDependencies": {
|
|
38
|
-
"typescript": "^5.
|
|
42
|
+
"typescript": "^5.9.3",
|
|
39
43
|
"vitest": "^4.0.15"
|
|
40
44
|
}
|
|
41
45
|
}
|
|
42
|
-
|
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
import { describe, it, expect } from 'vitest';
|
|
2
|
-
import { generateCodeVerifier, generateCodeChallenge } from '../pkce';
|
|
3
|
-
|
|
4
|
-
describe('PKCE', () => {
|
|
5
|
-
it('should generate a code verifier', () => {
|
|
6
|
-
const verifier = generateCodeVerifier();
|
|
7
|
-
expect(verifier).toBeDefined();
|
|
8
|
-
expect(verifier.length).toBeGreaterThanOrEqual(43);
|
|
9
|
-
expect(verifier.length).toBeLessThanOrEqual(128);
|
|
10
|
-
});
|
|
11
|
-
|
|
12
|
-
it('should generate different verifiers each time', () => {
|
|
13
|
-
const verifier1 = generateCodeVerifier();
|
|
14
|
-
const verifier2 = generateCodeVerifier();
|
|
15
|
-
expect(verifier1).not.toBe(verifier2);
|
|
16
|
-
});
|
|
17
|
-
|
|
18
|
-
it('should generate a code challenge from verifier (S256)', async () => {
|
|
19
|
-
const verifier = generateCodeVerifier();
|
|
20
|
-
const challenge = await generateCodeChallenge(verifier, 'S256');
|
|
21
|
-
expect(challenge).toBeDefined();
|
|
22
|
-
expect(challenge).not.toBe(verifier);
|
|
23
|
-
expect(challenge.length).toBeGreaterThan(0);
|
|
24
|
-
});
|
|
25
|
-
|
|
26
|
-
it('should generate a plain code challenge', async () => {
|
|
27
|
-
const verifier = generateCodeVerifier();
|
|
28
|
-
const challenge = await generateCodeChallenge(verifier, 'plain');
|
|
29
|
-
expect(challenge).toBe(verifier);
|
|
30
|
-
});
|
|
31
|
-
});
|