@temporary-name/server 1.9.3-alpha.0d2fa3247b6b23bbc2e3097a95f631b86740e4d8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (32) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +31 -0
  3. package/dist/adapters/aws-lambda/index.d.mts +24 -0
  4. package/dist/adapters/aws-lambda/index.d.ts +24 -0
  5. package/dist/adapters/aws-lambda/index.mjs +23 -0
  6. package/dist/adapters/fetch/index.d.mts +102 -0
  7. package/dist/adapters/fetch/index.d.ts +102 -0
  8. package/dist/adapters/fetch/index.mjs +171 -0
  9. package/dist/adapters/node/index.d.mts +77 -0
  10. package/dist/adapters/node/index.d.ts +77 -0
  11. package/dist/adapters/node/index.mjs +136 -0
  12. package/dist/adapters/standard/index.d.mts +16 -0
  13. package/dist/adapters/standard/index.d.ts +16 -0
  14. package/dist/adapters/standard/index.mjs +101 -0
  15. package/dist/helpers/index.d.mts +149 -0
  16. package/dist/helpers/index.d.ts +149 -0
  17. package/dist/helpers/index.mjs +168 -0
  18. package/dist/index.d.mts +705 -0
  19. package/dist/index.d.ts +705 -0
  20. package/dist/index.mjs +618 -0
  21. package/dist/plugins/index.d.mts +160 -0
  22. package/dist/plugins/index.d.ts +160 -0
  23. package/dist/plugins/index.mjs +288 -0
  24. package/dist/shared/server.BEQrAa3A.mjs +207 -0
  25. package/dist/shared/server.Bo94xDTv.d.mts +73 -0
  26. package/dist/shared/server.Btxrgkj5.d.ts +73 -0
  27. package/dist/shared/server.C1YnHvvf.d.mts +192 -0
  28. package/dist/shared/server.C1YnHvvf.d.ts +192 -0
  29. package/dist/shared/server.D6K9uoPI.mjs +35 -0
  30. package/dist/shared/server.DZ5BIITo.mjs +9 -0
  31. package/dist/shared/server.X0YaZxSJ.mjs +13 -0
  32. package/package.json +89 -0
package/dist/helpers/index.mjs ADDED
@@ -0,0 +1,168 @@
1
+ import { serialize, parse } from 'cookie';
2
+
3
+ function encodeBase64url(data) {
4
+ const chunkSize = 8192;
5
+ let binaryString = "";
6
+ for (let i = 0; i < data.length; i += chunkSize) {
7
+ const chunk = data.subarray(i, i + chunkSize);
8
+ binaryString += String.fromCharCode(...chunk);
9
+ }
10
+ const base64 = btoa(binaryString);
11
+ return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
12
+ }
13
+ function decodeBase64url(base64url) {
14
+ try {
15
+ if (typeof base64url !== "string") {
16
+ return void 0;
17
+ }
18
+ let base64 = base64url.replace(/-/g, "+").replace(/_/g, "/");
19
+ while (base64.length % 4) {
20
+ base64 += "=";
21
+ }
22
+ const binaryString = atob(base64);
23
+ const bytes = new Uint8Array(binaryString.length);
24
+ for (let i = 0; i < binaryString.length; i++) {
25
+ bytes[i] = binaryString.charCodeAt(i);
26
+ }
27
+ return bytes;
28
+ } catch {
29
+ return void 0;
30
+ }
31
+ }
32
+
33
+ function setCookie(headers, name, value, options = {}) {
34
+ if (headers === void 0) {
35
+ return;
36
+ }
37
+ const cookieString = serialize(name, value, {
38
+ path: "/",
39
+ ...options
40
+ });
41
+ headers.append("Set-Cookie", cookieString);
42
+ }
43
+ function getCookie(headers, name, options = {}) {
44
+ if (headers === void 0) {
45
+ return void 0;
46
+ }
47
+ const cookieHeader = headers.get("cookie");
48
+ if (cookieHeader === null) {
49
+ return void 0;
50
+ }
51
+ return parse(cookieHeader, options)[name];
52
+ }
53
+ function deleteCookie(headers, name, options = {}) {
54
+ return setCookie(headers, name, "", {
55
+ ...options,
56
+ maxAge: 0
57
+ });
58
+ }
59
+
60
+ const PBKDF2_CONFIG = {
61
+ name: "PBKDF2",
62
+ iterations: 6e4,
63
+ // Recommended minimum iterations per current OWASP guidelines
64
+ hash: "SHA-256"
65
+ };
66
+ const AES_GCM_CONFIG = {
67
+ name: "AES-GCM",
68
+ length: 256
69
+ };
70
+ const CRYPTO_CONSTANTS = {
71
+ SALT_LENGTH: 16,
72
+ IV_LENGTH: 12
73
+ };
74
+ async function encrypt(value, secret) {
75
+ const encoder = new TextEncoder();
76
+ const data = encoder.encode(value);
77
+ const salt = crypto.getRandomValues(new Uint8Array(CRYPTO_CONSTANTS.SALT_LENGTH));
78
+ const keyMaterial = await crypto.subtle.importKey(
79
+ "raw",
80
+ encoder.encode(secret),
81
+ PBKDF2_CONFIG.name,
82
+ false,
83
+ ["deriveKey"]
84
+ );
85
+ const key = await crypto.subtle.deriveKey({ ...PBKDF2_CONFIG, salt }, keyMaterial, AES_GCM_CONFIG, false, [
86
+ "encrypt"
87
+ ]);
88
+ const iv = crypto.getRandomValues(new Uint8Array(CRYPTO_CONSTANTS.IV_LENGTH));
89
+ const encrypted = await crypto.subtle.encrypt({ name: AES_GCM_CONFIG.name, iv }, key, data);
90
+ const result = new Uint8Array(salt.length + iv.length + encrypted.byteLength);
91
+ result.set(salt, 0);
92
+ result.set(iv, salt.length);
93
+ result.set(new Uint8Array(encrypted), salt.length + iv.length);
94
+ return encodeBase64url(result);
95
+ }
96
+ async function decrypt(encrypted, secret) {
97
+ try {
98
+ const data = decodeBase64url(encrypted);
99
+ if (data === void 0) {
100
+ return void 0;
101
+ }
102
+ const encoder = new TextEncoder();
103
+ const decoder = new TextDecoder();
104
+ const salt = data.slice(0, CRYPTO_CONSTANTS.SALT_LENGTH);
105
+ const iv = data.slice(
106
+ CRYPTO_CONSTANTS.SALT_LENGTH,
107
+ CRYPTO_CONSTANTS.SALT_LENGTH + CRYPTO_CONSTANTS.IV_LENGTH
108
+ );
109
+ const encryptedData = data.slice(CRYPTO_CONSTANTS.SALT_LENGTH + CRYPTO_CONSTANTS.IV_LENGTH);
110
+ const keyMaterial = await crypto.subtle.importKey(
111
+ "raw",
112
+ encoder.encode(secret),
113
+ PBKDF2_CONFIG.name,
114
+ false,
115
+ ["deriveKey"]
116
+ );
117
+ const key = await crypto.subtle.deriveKey(
118
+ { ...PBKDF2_CONFIG, salt },
119
+ keyMaterial,
120
+ AES_GCM_CONFIG,
121
+ false,
122
+ ["decrypt"]
123
+ );
124
+ const decrypted = await crypto.subtle.decrypt({ name: AES_GCM_CONFIG.name, iv }, key, encryptedData);
125
+ return decoder.decode(decrypted);
126
+ } catch {
127
+ return void 0;
128
+ }
129
+ }
130
+
131
+ const ALGORITHM = { name: "HMAC", hash: "SHA-256" };
132
+ async function sign(value, secret) {
133
+ const encoder = new TextEncoder();
134
+ const key = await crypto.subtle.importKey("raw", encoder.encode(secret), ALGORITHM, false, ["sign"]);
135
+ const signature = await crypto.subtle.sign(ALGORITHM, key, encoder.encode(value));
136
+ return `${value}.${encodeBase64url(new Uint8Array(signature))}`;
137
+ }
138
+ async function unsign(signedValue, secret) {
139
+ if (typeof signedValue !== "string") {
140
+ return void 0;
141
+ }
142
+ const lastDotIndex = signedValue.lastIndexOf(".");
143
+ if (lastDotIndex === -1) {
144
+ return void 0;
145
+ }
146
+ const value = signedValue.slice(0, lastDotIndex);
147
+ const signatureBase64url = signedValue.slice(lastDotIndex + 1);
148
+ const signature = decodeBase64url(signatureBase64url);
149
+ if (signature === void 0) {
150
+ return void 0;
151
+ }
152
+ const encoder = new TextEncoder();
153
+ const key = await crypto.subtle.importKey("raw", encoder.encode(secret), ALGORITHM, false, ["verify"]);
154
+ const isValid = await crypto.subtle.verify(ALGORITHM, key, signature, encoder.encode(value));
155
+ return isValid ? value : void 0;
156
+ }
157
+ function getSignedValue(signedValue) {
158
+ if (typeof signedValue !== "string") {
159
+ return void 0;
160
+ }
161
+ const lastDotIndex = signedValue.lastIndexOf(".");
162
+ if (lastDotIndex === -1) {
163
+ return void 0;
164
+ }
165
+ return signedValue.slice(0, lastDotIndex);
166
+ }
167
+
168
+ export { decodeBase64url, decrypt, deleteCookie, encodeBase64url, encrypt, getCookie, getSignedValue, setCookie, sign, unsign };