@versini/auth-common 2.10.1 → 2.12.0

package/dist/index.d.ts

@@ -6,6 +6,7 @@ declare const AUTH_TYPES: {
     ID_AND_ACCESS_TOKEN: string;
     CODE: string;
     REFRESH_TOKEN: string;
+    PASSKEY: string;
 };
 declare const HEADERS: {
     CLIENT_ID: string;
@@ -59,4 +60,18 @@ declare function pkceChallengePair(length?: number): Promise<{
  */
 declare function verifyChallenge(code_verifier: string, expectedChallenge: string): Promise<boolean>;
 
-export { API_TYPE, AUTH_TYPES, HEADERS, JWT, JWT_PUBLIC_KEY, TOKEN_EXPIRATION, decodeToken, generateCodeChallenge, pkceChallengePair, verifyAndExtractToken, verifyChallenge };
+type HeadersLike = Record<string, unknown> & {
+    authorization?: string;
+    "content-type"?: string;
+    cookie?: string;
+};
+/**
+ * Get a Bearer Token from a request.
+ *
+ * @param headers An object containing the request headers, usually `req.headers`.
+ * @param clientId The client ID to use.
+ *
+ */
+declare const getToken: (headers: HeadersLike, clientId: string) => string;
+
+export { API_TYPE, AUTH_TYPES, HEADERS, type HeadersLike, JWT, JWT_PUBLIC_KEY, TOKEN_EXPIRATION, decodeToken, generateCodeChallenge, getToken, pkceChallengePair, verifyAndExtractToken, verifyChallenge };

package/dist/index.js

@@ -1,23 +1,24 @@
 /*!
-  @versini/auth-common v2.10.1
+  @versini/auth-common v2.12.0
   © 2024 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_COMMON__ || (window.__VERSINI_AUTH_COMMON__ = {
-    version: "2.10.1",
-    buildTime: "06/29/2024 01:31 PM EDT",
+    version: "2.12.0",
+    buildTime: "07/15/2024 09:28 AM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
 } catch {
 }
-const Ge = {
+const Qe = {
   ID_TOKEN: "id_token",
   ACCESS_TOKEN: "token",
   ID_AND_ACCESS_TOKEN: "id_token token",
   CODE: "code",
-  REFRESH_TOKEN: "refresh_token"
-}, Ye = {
+  REFRESH_TOKEN: "refresh_token",
+  PASSKEY: "passkey"
+}, Xe = {
   CLIENT_ID: "X-Auth-ClientId"
 }, N = {
   ALG: "RS256",
@@ -34,15 +35,15 @@ aMwPFOIcJH+rKfFgNcHLcaS5syp7zU1ANwZ+trgR+DifBr8TLVkBynmNeTyhDm2+
 l0haqjMk0UoNPPE8iYBWUHQJJE1Dqstj65d6Eh5g64Pao25y4cmYJbKjiblIGEkE
 sjqybA9mARAqh9k/eiIopecWSiffNQTwVQVd2I9ZH3BalhEXHlqFgrjz51kFqg81
 awIDAQAB
------END PUBLIC KEY-----`, ze = {
+-----END PUBLIC KEY-----`, Ze = {
   ACCESS: "5m",
   ID: "90d",
   REFRESH: "90d"
-}, Qe = {
+}, je = {
   AUTHENTICATE: "authenticate",
   CODE: "code",
   LOGOUT: "logout"
-}, x = crypto, G = (e) => e instanceof CryptoKey, v = new TextEncoder(), C = new TextDecoder();
+}, x = crypto, z = (e) => e instanceof CryptoKey, v = new TextEncoder(), C = new TextDecoder();
 function ae(...e) {
   const t = e.reduce((a, { length: i }) => a + i, 0), r = new Uint8Array(t);
   let n = 0;
@@ -73,7 +74,7 @@ class A extends Error {
     super(t), this.code = "ERR_JOSE_GENERIC", this.name = this.constructor.name, (r = Error.captureStackTrace) == null || r.call(Error, this, this.constructor);
   }
 }
-class f extends A {
+class h extends A {
   static get code() {
     return "ERR_JWT_CLAIM_VALIDATION_FAILED";
   }
@@ -156,8 +157,7 @@ function de(e, t) {
     if (t.length > 2) {
       const n = t.pop();
       r += `one of ${t.join(", ")}, or ${n}.`;
-    } else
-      t.length === 2 ? r += `one of ${t[0]} or ${t[1]}.` : r += `${t[0]}.`;
+    } else t.length === 2 ? r += `one of ${t[0]} or ${t[1]}.` : r += `${t[0]}.`;
     throw new TypeError(r);
   }
 }
@@ -213,20 +213,19 @@ function ue(e, t, ...r) {
   }
   de(e, r);
 }
-function Y(e, t, ...r) {
+function G(e, t, ...r) {
   var n;
   if (r.length > 2) {
     const a = r.pop();
     e += `one of type ${r.join(", ")}, or ${a}.`;
-  } else
-    r.length === 2 ? e += `one of type ${r[0]} or ${r[1]}.` : e += `of type ${r[0]}.`;
+  } else r.length === 2 ? e += `one of type ${r[0]} or ${r[1]}.` : e += `of type ${r[0]}.`;
   return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (n = t.constructor) != null && n.name && (e += ` Received an instance of ${t.constructor.name}`), e;
 }
-const L = (e, ...t) => Y("Key must be ", e, ...t);
-function z(e, t, ...r) {
-  return Y(`Key for the ${e} algorithm must be `, t, ...r);
+const L = (e, ...t) => G("Key must be ", e, ...t);
+function Y(e, t, ...r) {
+  return G(`Key for the ${e} algorithm must be `, t, ...r);
 }
-const Q = (e) => G(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", _ = ["CryptoKey"], le = (...e) => {
+const Q = (e) => z(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", _ = ["CryptoKey"], le = (...e) => {
   const t = e.filter(Boolean);
   if (t.length === 0 || t.length === 1)
     return !0;
@@ -245,11 +244,11 @@ const Q = (e) => G(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) === "K
   }
   return !0;
 };
-function he(e) {
+function fe(e) {
   return typeof e == "object" && e !== null;
 }
 function P(e) {
-  if (!he(e) || Object.prototype.toString.call(e) !== "[object Object]")
+  if (!fe(e) || Object.prototype.toString.call(e) !== "[object Object]")
     return !1;
   if (Object.getPrototypeOf(e) === null)
     return !0;
@@ -258,7 +257,7 @@ function P(e) {
     t = Object.getPrototypeOf(t);
   return Object.getPrototypeOf(e) === t;
 }
-const fe = (e, t) => {
+const he = (e, t) => {
   if (e.startsWith("RS") || e.startsWith("PS")) {
     const { modulusLength: r } = t.algorithm;
     if (typeof r != "number" || r < 2048)
@@ -448,13 +447,13 @@ async function Ae(e, t, r) {
 const R = (e) => e == null ? void 0 : e[Symbol.toStringTag], be = (e, t) => {
   if (!(t instanceof Uint8Array)) {
     if (!Q(t))
-      throw new TypeError(z(e, t, ..._, "Uint8Array"));
+      throw new TypeError(Y(e, t, ..._, "Uint8Array"));
     if (t.type !== "secret")
       throw new TypeError(`${R(t)} instances for symmetric algorithms must be of type "secret"`);
   }
 }, Ce = (e, t, r) => {
   if (!Q(t))
-    throw new TypeError(z(e, t, ..._));
+    throw new TypeError(Y(e, t, ..._));
   if (t.type === "secret")
     throw new TypeError(`${R(t)} instances for asymmetric algorithms must not be of type "secret"`);
   if (t.algorithm && r === "verify" && t.type === "private")
@@ -515,7 +514,7 @@ function Re(e, t) {
   }
 }
 async function _e(e, t, r) {
-  if (t = await Ee.normalizePublicKey(t, e), G(t))
+  if (t = await Ee.normalizePublicKey(t, e), z(t))
     return ue(t, e, r), t;
   if (t instanceof Uint8Array) {
     if (!e.startsWith("HS"))
@@ -526,7 +525,7 @@ async function _e(e, t, r) {
 }
 const Pe = async (e, t, r, n) => {
   const a = await _e(e, t, "verify");
-  fe(e, a);
+  he(e, a);
   const i = Re(e, a.algorithm);
   try {
     return await x.subtle.verify(i, a, r, n);
@@ -578,13 +577,13 @@ async function xe(e, t, r) {
   let p = !1;
   typeof t == "function" && (t = await t(n, e), p = !0), ve(c, t, "verify");
   const g = ae(v.encode(e.protected ?? ""), v.encode("."), typeof e.payload == "string" ? v.encode(e.payload) : e.payload);
-  let h;
+  let f;
   try {
-    h = b(e.signature);
+    f = b(e.signature);
   } catch {
     throw new u("Failed to base64url decode the signature");
   }
-  if (!await Pe(c, t, h, g))
+  if (!await Pe(c, t, f, g))
     throw new ce();
   let y;
   if (o)
@@ -593,8 +592,7 @@ async function xe(e, t, r) {
     } catch {
       throw new u("Failed to base64url decode the payload");
     }
-  else
-    typeof e.payload == "string" ? y = v.encode(e.payload) : y = e.payload;
+  else typeof e.payload == "string" ? y = v.encode(e.payload) : y = e.payload;
   const l = { payload: y };
   return e.protected !== void 0 && (l.protectedHeader = n), e.header !== void 0 && (l.unprotectedHeader = e.header), p ? { ...l, key: t } : l;
 }
@@ -607,7 +605,7 @@ async function Ke(e, t, r) {
   const c = await xe({ payload: a, protected: n, signature: i }, t, r), s = { payload: c.payload, protectedHeader: c.protectedHeader };
   return typeof t == "function" ? { ...s, key: c.key } : s;
 }
-const Oe = (e) => Math.floor(e.getTime() / 1e3), ee = 60, te = ee * 60, H = te * 24, We = H * 7, Je = H * 365.25, De = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, V = (e) => {
+const Oe = (e) => Math.floor(e.getTime() / 1e3), ee = 60, te = ee * 60, H = te * 24, We = H * 7, Je = H * 365.25, De = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, k = (e) => {
   const t = De.exec(e);
   if (!t || t[4] && t[1])
     throw new TypeError("Invalid time period format");
@@ -650,7 +648,7 @@ const Oe = (e) => Math.floor(e.getTime() / 1e3), ee = 60, te = ee * 60, H = te *
       break;
   }
   return t[1] === "-" || t[4] === "ago" ? -a : a;
-}, k = (e) => e.toLowerCase().replace(/^application\//, ""), He = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, Ue = (e, t, r = {}) => {
+}, V = (e) => e.toLowerCase().replace(/^application\//, ""), He = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, Ue = (e, t, r = {}) => {
   let n;
   try {
     n = JSON.parse(C.decode(t));
@@ -659,54 +657,54 @@ const Oe = (e) => Math.floor(e.getTime() / 1e3), ee = 60, te = ee * 60, H = te *
   if (!P(n))
     throw new S("JWT Claims Set must be a top-level JSON object");
   const { typ: a } = r;
-  if (a && (typeof e.typ != "string" || k(e.typ) !== k(a)))
-    throw new f('unexpected "typ" JWT header value', n, "typ", "check_failed");
+  if (a && (typeof e.typ != "string" || V(e.typ) !== V(a)))
+    throw new h('unexpected "typ" JWT header value', n, "typ", "check_failed");
   const { requiredClaims: i = [], issuer: o, subject: c, audience: s, maxTokenAge: p } = r, g = [...i];
   p !== void 0 && g.push("iat"), s !== void 0 && g.push("aud"), c !== void 0 && g.push("sub"), o !== void 0 && g.push("iss");
   for (const l of new Set(g.reverse()))
     if (!(l in n))
-      throw new f(`missing required "${l}" claim`, n, l, "missing");
+      throw new h(`missing required "${l}" claim`, n, l, "missing");
   if (o && !(Array.isArray(o) ? o : [o]).includes(n.iss))
-    throw new f('unexpected "iss" claim value', n, "iss", "check_failed");
+    throw new h('unexpected "iss" claim value', n, "iss", "check_failed");
   if (c && n.sub !== c)
-    throw new f('unexpected "sub" claim value', n, "sub", "check_failed");
+    throw new h('unexpected "sub" claim value', n, "sub", "check_failed");
   if (s && !He(n.aud, typeof s == "string" ? [s] : s))
-    throw new f('unexpected "aud" claim value', n, "aud", "check_failed");
-  let h;
+    throw new h('unexpected "aud" claim value', n, "aud", "check_failed");
+  let f;
   switch (typeof r.clockTolerance) {
     case "string":
-      h = V(r.clockTolerance);
+      f = k(r.clockTolerance);
       break;
     case "number":
-      h = r.clockTolerance;
+      f = r.clockTolerance;
       break;
     case "undefined":
-      h = 0;
+      f = 0;
       break;
     default:
       throw new TypeError("Invalid clockTolerance option type");
   }
   const { currentDate: U } = r, y = Oe(U || /* @__PURE__ */ new Date());
   if ((n.iat !== void 0 || p) && typeof n.iat != "number")
-    throw new f('"iat" claim must be a number', n, "iat", "invalid");
+    throw new h('"iat" claim must be a number', n, "iat", "invalid");
   if (n.nbf !== void 0) {
     if (typeof n.nbf != "number")
-      throw new f('"nbf" claim must be a number', n, "nbf", "invalid");
-    if (n.nbf > y + h)
-      throw new f('"nbf" claim timestamp check failed', n, "nbf", "check_failed");
+      throw new h('"nbf" claim must be a number', n, "nbf", "invalid");
+    if (n.nbf > y + f)
+      throw new h('"nbf" claim timestamp check failed', n, "nbf", "check_failed");
   }
   if (n.exp !== void 0) {
     if (typeof n.exp != "number")
-      throw new f('"exp" claim must be a number', n, "exp", "invalid");
-    if (n.exp <= y - h)
+      throw new h('"exp" claim must be a number', n, "exp", "invalid");
+    if (n.exp <= y - f)
       throw new $('"exp" claim timestamp check failed', n, "exp", "check_failed");
   }
   if (p) {
-    const l = y - n.iat, K = typeof p == "number" ? p : V(p);
-    if (l - h > K)
+    const l = y - n.iat, K = typeof p == "number" ? p : k(p);
+    if (l - f > K)
       throw new $('"iat" claim timestamp check failed (too far in the past)', n, "iat", "check_failed");
-    if (l < 0 - h)
-      throw new f('"iat" claim timestamp check failed (it should be in the past)', n, "iat", "check_failed");
+    if (l < 0 - f)
+      throw new h('"iat" claim timestamp check failed (it should be in the past)', n, "iat", "check_failed");
   }
   return n;
 };
@@ -745,7 +743,7 @@ function Le(e) {
     throw new S("Invalid JWT Claims Set");
   return a;
 }
-const Xe = async (e) => {
+const et = async (e) => {
   try {
     const t = N.ALG, n = await Ae(ne, t);
     return await Ne(e, n, {
@@ -754,7 +752,7 @@ const Xe = async (e) => {
   } catch {
     return;
   }
-}, Ze = (e) => {
+}, tt = (e) => {
   try {
     return Le(e);
   } catch {
@@ -767,11 +765,11 @@ for (var D = 0; D < 256; ++D)
 function Me(e, t = 0) {
   return (d[e[t + 0]] + d[e[t + 1]] + d[e[t + 2]] + d[e[t + 3]] + "-" + d[e[t + 4]] + d[e[t + 5]] + "-" + d[e[t + 6]] + d[e[t + 7]] + "-" + d[e[t + 8]] + d[e[t + 9]] + "-" + d[e[t + 10]] + d[e[t + 11]] + d[e[t + 12]] + d[e[t + 13]] + d[e[t + 14]] + d[e[t + 15]]).toLowerCase();
 }
-var I, Ve = new Uint8Array(16);
-function ke() {
+var I, ke = new Uint8Array(16);
+function Ve() {
   if (!I && (I = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !I))
     throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
-  return I(Ve);
+  return I(ke);
 }
 var Be = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
 const B = {
@@ -781,7 +779,7 @@ function F(e, t, r) {
   if (B.randomUUID && !t && !e)
     return B.randomUUID();
   e = e || {};
-  var n = e.random || (e.rng || ke)();
+  var n = e.random || (e.rng || Ve)();
   return n[6] = n[6] & 15 | 64, n[8] = n[8] & 63 | 128, Me(n);
 }
 const q = globalThis.crypto, Fe = (e) => `${F()}${F()}`.slice(0, e), qe = (e) => btoa(
@@ -795,7 +793,7 @@ async function re(e) {
   const t = new TextEncoder().encode(e), r = await q.subtle.digest("SHA-256", t);
   return qe(r).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
 }
-async function je(e) {
+async function rt(e) {
   const t = e || 43;
   if (t < 43 || t > 128)
     throw `Expected a length between 43 and 128. Received ${e}.`;
@@ -805,19 +803,37 @@ async function je(e) {
     code_challenge: n
   };
 }
-async function et(e, t) {
+async function nt(e, t) {
   return t === await re(e);
 }
+const ze = /^Bearer (.+)$/i, Ge = (e) => {
+  if (typeof e.authorization != "string")
+    return;
+  const t = e.authorization.match(ze);
+  if (t)
+    return t[1];
+}, Ye = (e, t) => {
+  const r = e.cookie, n = new RegExp(`auth.${t}=(.+?)(?:;|$)`);
+  if (typeof r != "string")
+    return;
+  const a = r.match(n);
+  if (a)
+    return a[1];
+}, at = (e, t) => {
+  const r = Ge(e), n = Ye(e, t);
+  return !n && !r ? "" : n || r;
+};
 export {
-  Qe as API_TYPE,
-  Ge as AUTH_TYPES,
-  Ye as HEADERS,
+  je as API_TYPE,
+  Qe as AUTH_TYPES,
+  Xe as HEADERS,
   N as JWT,
   ne as JWT_PUBLIC_KEY,
-  ze as TOKEN_EXPIRATION,
-  Ze as decodeToken,
+  Ze as TOKEN_EXPIRATION,
+  tt as decodeToken,
   re as generateCodeChallenge,
-  je as pkceChallengePair,
-  Xe as verifyAndExtractToken,
-  et as verifyChallenge
+  at as getToken,
+  rt as pkceChallengePair,
+  et as verifyAndExtractToken,
+  nt as verifyChallenge
 };

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@versini/auth-common",
-	"version": "2.10.1",
+	"version": "2.12.0",
 	"license": "MIT",
 	"author": "Arno Versini",
 	"publishConfig": {
@@ -29,11 +29,12 @@
 		"lint": "biome lint src",
 		"start": "static-server dist --port 5173",
 		"test:watch": "vitest",
-		"test": "vitest run"
+		"test": "vitest run",
+		"test:coverage": "vitest run --coverage"
 	},
 	"dependencies": {
-		"jose": "5.6.2",
+		"jose": "5.6.3",
 		"uuid": "10.0.0"
 	},
-	"gitHead": "b1190439a142ac9c34d7744273ed3cebbccabc15"
+	"gitHead": "ae50d0965f6c30ea5bb8ace592c3cd99e736803e"
 }