@vardario/cognito-client 0.2.1 → 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cognito-client.d.ts +1 -2
- package/lib/cognito-client.js +14 -15
- package/lib/utils.d.ts +2 -1
- package/lib/utils.js +11 -17
- package/package.json +21 -21
package/lib/cognito-client.d.ts
CHANGED
|
@@ -134,7 +134,6 @@ export interface AuthenticationResult {
|
|
|
134
134
|
AccessToken: string;
|
|
135
135
|
ExpiresIn: number;
|
|
136
136
|
IdToken: string;
|
|
137
|
-
TokenType: string;
|
|
138
137
|
RefreshToken: string;
|
|
139
138
|
}
|
|
140
139
|
export interface AuthenticationResponse {
|
|
@@ -150,6 +149,7 @@ export interface ChallengeResponse {
|
|
|
150
149
|
USER_ID_FOR_SRP: string;
|
|
151
150
|
};
|
|
152
151
|
}
|
|
152
|
+
export declare function authResultToSession(authenticationResult: AuthenticationResult): Session;
|
|
153
153
|
/**
|
|
154
154
|
* Lightweight AWS Cogito client without any AWS SDK dependencies.
|
|
155
155
|
*/
|
|
@@ -161,7 +161,6 @@ export declare class CognitoClient {
|
|
|
161
161
|
constructor({ userPoolId, userPoolClientId, endpoint, oAuth2: oAuth }: CognitoClientProps);
|
|
162
162
|
static getDecodedTokenFromSession(session: Session): DecodedTokens;
|
|
163
163
|
private cognitoRequest;
|
|
164
|
-
private static authResultToSession;
|
|
165
164
|
/**
|
|
166
165
|
*
|
|
167
166
|
* Performs user authentication with username and password through ALLOW_USER_SRP_AUTH .
|
package/lib/cognito-client.js
CHANGED
|
@@ -33,6 +33,14 @@ export var CognitoIdentityProvider;
|
|
|
33
33
|
CognitoIdentityProvider["Amazon"] = "LoginWithAmazon";
|
|
34
34
|
CognitoIdentityProvider["Apple"] = "SignInWithApple";
|
|
35
35
|
})(CognitoIdentityProvider || (CognitoIdentityProvider = {}));
|
|
36
|
+
export function authResultToSession(authenticationResult) {
|
|
37
|
+
return {
|
|
38
|
+
accessToken: authenticationResult.AccessToken,
|
|
39
|
+
idToken: authenticationResult.IdToken,
|
|
40
|
+
expiresIn: new Date().getTime() + authenticationResult.ExpiresIn * 1000,
|
|
41
|
+
refreshToken: authenticationResult.RefreshToken
|
|
42
|
+
};
|
|
43
|
+
}
|
|
36
44
|
/**
|
|
37
45
|
* Lightweight AWS Cogito client without any AWS SDK dependencies.
|
|
38
46
|
*/
|
|
@@ -68,14 +76,6 @@ export class CognitoClient {
|
|
|
68
76
|
}
|
|
69
77
|
return cognitoResponse.json();
|
|
70
78
|
}
|
|
71
|
-
static authResultToSession(authenticationResult) {
|
|
72
|
-
return {
|
|
73
|
-
accessToken: authenticationResult.AccessToken,
|
|
74
|
-
idToken: authenticationResult.IdToken,
|
|
75
|
-
expiresIn: new Date().getMilliseconds() / 1000 + authenticationResult.ExpiresIn,
|
|
76
|
-
refreshToken: authenticationResult.RefreshToken
|
|
77
|
-
};
|
|
78
|
-
}
|
|
79
79
|
/**
|
|
80
80
|
*
|
|
81
81
|
* Performs user authentication with username and password through ALLOW_USER_SRP_AUTH .
|
|
@@ -115,7 +115,7 @@ export class CognitoClient {
|
|
|
115
115
|
ClientMetadata: {}
|
|
116
116
|
};
|
|
117
117
|
const { AuthenticationResult } = await this.cognitoRequest(respondToAuthChallengePayload, CognitoServiceTarget.RespondToAuthChallenge);
|
|
118
|
-
return
|
|
118
|
+
return authResultToSession(AuthenticationResult);
|
|
119
119
|
}
|
|
120
120
|
/**
|
|
121
121
|
*
|
|
@@ -137,7 +137,7 @@ export class CognitoClient {
|
|
|
137
137
|
ClientMetadata: {}
|
|
138
138
|
};
|
|
139
139
|
const { AuthenticationResult } = (await this.cognitoRequest(initiateAuthPayload, CognitoServiceTarget.InitiateAuth));
|
|
140
|
-
const session =
|
|
140
|
+
const session = authResultToSession(AuthenticationResult);
|
|
141
141
|
return session;
|
|
142
142
|
}
|
|
143
143
|
/**
|
|
@@ -160,7 +160,7 @@ export class CognitoClient {
|
|
|
160
160
|
if (!AuthenticationResult.RefreshToken) {
|
|
161
161
|
AuthenticationResult.RefreshToken = refreshToken;
|
|
162
162
|
}
|
|
163
|
-
return
|
|
163
|
+
return authResultToSession(AuthenticationResult);
|
|
164
164
|
}
|
|
165
165
|
/**
|
|
166
166
|
*
|
|
@@ -352,16 +352,15 @@ export class CognitoClient {
|
|
|
352
352
|
},
|
|
353
353
|
body: urlParams.toString()
|
|
354
354
|
});
|
|
355
|
-
const { access_token, refresh_token, id_token, expires_in,
|
|
355
|
+
const { access_token, refresh_token, id_token, expires_in, error } = await response.json();
|
|
356
356
|
if (error) {
|
|
357
357
|
throw new Error(error);
|
|
358
358
|
}
|
|
359
|
-
const session =
|
|
359
|
+
const session = authResultToSession({
|
|
360
360
|
AccessToken: access_token,
|
|
361
361
|
RefreshToken: refresh_token,
|
|
362
362
|
IdToken: id_token,
|
|
363
|
-
ExpiresIn: expires_in
|
|
364
|
-
TokenType: token_type
|
|
363
|
+
ExpiresIn: expires_in
|
|
365
364
|
});
|
|
366
365
|
return session;
|
|
367
366
|
}
|
package/lib/utils.d.ts
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
/// <reference types="node" resolution-mode="require"/>
|
|
2
2
|
import { BigInteger } from 'jsbn';
|
|
3
|
+
import { Buffer } from 'buffer';
|
|
3
4
|
export declare function padHex(bigInt: BigInteger): string;
|
|
4
5
|
export declare function hashHexString(str: string): string;
|
|
5
6
|
export declare function hashBuffer(buffer: Buffer): string;
|
|
@@ -9,7 +10,7 @@ export declare function calculateU(A: BigInteger, B: BigInteger): BigInteger;
|
|
|
9
10
|
export declare function calculateS(X: BigInteger, B: BigInteger, U: BigInteger, smallA: BigInteger): BigInteger;
|
|
10
11
|
export declare function calculateHKDF(ikm: Buffer, salt: Buffer): number[];
|
|
11
12
|
export declare function getPasswordAuthenticationKey(poolName: string, username: string, password: string, B: BigInteger, U: BigInteger, smallA: BigInteger, salt: BigInteger): number[];
|
|
12
|
-
export declare function calculateSignature(poolName: string, userId: string, secretBlock: string, hkdf: number[]): {
|
|
13
|
+
export declare function calculateSignature(poolName: string, userId: string, secretBlock: string, hkdf: number[], date?: Date): {
|
|
13
14
|
signature: string;
|
|
14
15
|
timeStamp: string;
|
|
15
16
|
};
|
package/lib/utils.js
CHANGED
|
@@ -1,6 +1,12 @@
|
|
|
1
1
|
import hashJs from 'hash.js';
|
|
2
2
|
import { BigInteger } from 'jsbn';
|
|
3
|
-
import
|
|
3
|
+
import { Buffer } from 'buffer';
|
|
4
|
+
import formatInTimeZone from 'date-fns-tz/formatInTimeZone';
|
|
5
|
+
let crypto = globalThis.crypto;
|
|
6
|
+
if (!crypto) {
|
|
7
|
+
const nodeCrypto = await import('node:crypto');
|
|
8
|
+
crypto = nodeCrypto.webcrypto;
|
|
9
|
+
}
|
|
4
10
|
const initN = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1' +
|
|
5
11
|
'29024E088A67CC74020BBEA63B139B22514A08798E3404DD' +
|
|
6
12
|
'EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245' +
|
|
@@ -86,8 +92,8 @@ export function getPasswordAuthenticationKey(poolName, username, password, B, U,
|
|
|
86
92
|
const S = calculateS(X, B, U, smallA);
|
|
87
93
|
return calculateHKDF(Buffer.from(padHex(S), 'hex'), Buffer.from(padHex(U), 'hex'));
|
|
88
94
|
}
|
|
89
|
-
export function calculateSignature(poolName, userId, secretBlock, hkdf) {
|
|
90
|
-
const timeStamp = formatTimestamp(
|
|
95
|
+
export function calculateSignature(poolName, userId, secretBlock, hkdf, date = new Date()) {
|
|
96
|
+
const timeStamp = formatTimestamp(date);
|
|
91
97
|
const concatBuffer = Buffer.concat([
|
|
92
98
|
Buffer.from(poolName, 'utf8'),
|
|
93
99
|
Buffer.from(userId, 'utf8'),
|
|
@@ -112,20 +118,8 @@ export function decodeJwt(jwt) {
|
|
|
112
118
|
};
|
|
113
119
|
}
|
|
114
120
|
export async function randomBytes(num) {
|
|
115
|
-
return
|
|
121
|
+
return Buffer.from(crypto.getRandomValues(new Uint8Array(num)));
|
|
116
122
|
}
|
|
117
123
|
export function formatTimestamp(date) {
|
|
118
|
-
return
|
|
119
|
-
weekday: 'short'
|
|
120
|
-
}).format(date)} ${new Intl.DateTimeFormat('default', {
|
|
121
|
-
month: 'short'
|
|
122
|
-
}).format(date)} ${new Intl.DateTimeFormat('default', {
|
|
123
|
-
day: '2-digit'
|
|
124
|
-
}).format(date)} ${new Intl.DateTimeFormat('default', {
|
|
125
|
-
hour: '2-digit',
|
|
126
|
-
minute: '2-digit',
|
|
127
|
-
second: '2-digit'
|
|
128
|
-
}).format(date)} UTC ${new Intl.DateTimeFormat('default', {
|
|
129
|
-
year: 'numeric'
|
|
130
|
-
}).format(date)}`;
|
|
124
|
+
return formatInTimeZone(date, 'UTC', "EEE MMM d HH:mm:ss 'UTC' yyyy");
|
|
131
125
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@vardario/cognito-client",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "1.0.1",
|
|
4
4
|
"description": "",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"author": "Sahin Vardar",
|
|
@@ -22,30 +22,30 @@
|
|
|
22
22
|
},
|
|
23
23
|
"dependencies": {
|
|
24
24
|
"buffer": "^6.0.3",
|
|
25
|
+
"date-fns-tz": "^2.0.0",
|
|
25
26
|
"hash.js": "^1.1.7",
|
|
26
|
-
"jsbn": "^1.1.0"
|
|
27
|
-
"randombytes": "^2.1.0"
|
|
27
|
+
"jsbn": "^1.1.0"
|
|
28
28
|
},
|
|
29
29
|
"devDependencies": {
|
|
30
|
-
"@aws-sdk/client-cognito-identity-provider": "^3.
|
|
31
|
-
"@types/jsbn": "^1.2.
|
|
32
|
-
"@types/jsdom": "^
|
|
33
|
-
"@types/randombytes": "^2.0.
|
|
34
|
-
"@typescript-eslint/eslint-plugin": "^
|
|
35
|
-
"@typescript-eslint/parser": "^
|
|
36
|
-
"eslint": "^8.
|
|
37
|
-
"eslint-config-prettier": "^
|
|
38
|
-
"eslint-plugin-unused-imports": "^
|
|
39
|
-
"husky": "^8.0.
|
|
30
|
+
"@aws-sdk/client-cognito-identity-provider": "^3.454.0",
|
|
31
|
+
"@types/jsbn": "^1.2.33",
|
|
32
|
+
"@types/jsdom": "^21.1.5",
|
|
33
|
+
"@types/randombytes": "^2.0.3",
|
|
34
|
+
"@typescript-eslint/eslint-plugin": "^6.11.0",
|
|
35
|
+
"@typescript-eslint/parser": "^6.11.0",
|
|
36
|
+
"eslint": "^8.54.0",
|
|
37
|
+
"eslint-config-prettier": "^9.0.0",
|
|
38
|
+
"eslint-plugin-unused-imports": "^3.0.0",
|
|
39
|
+
"husky": "^8.0.3",
|
|
40
40
|
"isomorphic-fetch": "^3.0.0",
|
|
41
|
-
"jsdom": "^
|
|
42
|
-
"lint-staged": "^
|
|
43
|
-
"prettier": "^
|
|
41
|
+
"jsdom": "^22.1.0",
|
|
42
|
+
"lint-staged": "^15.1.0",
|
|
43
|
+
"prettier": "^3.1.0",
|
|
44
44
|
"prettier-package-json": "^2.8.0",
|
|
45
|
-
"semantic-release": "^22.0.
|
|
46
|
-
"testcontainers": "^
|
|
47
|
-
"typescript": "^5.
|
|
48
|
-
"vitest": "^0.
|
|
45
|
+
"semantic-release": "^22.0.8",
|
|
46
|
+
"testcontainers": "^10.2.2",
|
|
47
|
+
"typescript": "^5.2.2",
|
|
48
|
+
"vitest": "^0.34.6"
|
|
49
49
|
},
|
|
50
50
|
"lint-staged": {
|
|
51
51
|
"*": [
|
|
@@ -54,5 +54,5 @@
|
|
|
54
54
|
],
|
|
55
55
|
"package.json": "prettier-package-json --write"
|
|
56
56
|
},
|
|
57
|
-
"packageManager": "pnpm@8.
|
|
57
|
+
"packageManager": "pnpm@8.10.5"
|
|
58
58
|
}
|