@versini/auth-common 3.3.1 → 4.0.0

package/dist/index.d.ts

@@ -34,9 +34,10 @@ declare const TOKEN_EXPIRATION: {
     REFRESH: string;
 };
 declare const API_TYPE: {
-    AUTHENTICATE: string;
     CODE: string;
     LOGOUT: string;
+    LOGIN: string;
+    REFRESH: string;
 };
 
 declare const verifyAndExtractToken: (token: string) => Promise<jose.JWTVerifyResult<jose.JWTPayload> | undefined>;
@@ -134,4 +135,17 @@ type ScopesGrants = {
  */
 declare const isGranted: (token: string, scopes: ScopesGrants) => Promise<boolean>;
 
-export { API_TYPE, AUTH_TYPES, BODY, type BodyLike, HEADERS, type HeadersLike, JWT, JWT_PUBLIC_KEY, type ScopesGrants, TOKEN_EXPIRATION, decodeToken, generateCodeChallenge, getToken, isGranted, pkceChallengePair, verifyAndExtractToken, verifyChallenge };
+/**
+ * Get a Session Id from a request.
+ *
+ * @param headers An object containing the request headers, usually `req.headers`.
+ * @param clientId The client ID to use.
+ *
+ */
+type GetSessionProps = {
+    clientId: string;
+    headers: HeadersLike;
+};
+declare const getSession: ({ headers, clientId }: GetSessionProps) => string;
+
+export { API_TYPE, AUTH_TYPES, BODY, type BodyLike, HEADERS, type HeadersLike, JWT, JWT_PUBLIC_KEY, type ScopesGrants, TOKEN_EXPIRATION, decodeToken, generateCodeChallenge, getSession, getToken, isGranted, pkceChallengePair, verifyAndExtractToken, verifyChallenge };

package/dist/index.js

@@ -1,28 +1,28 @@
 /*!
-  @versini/auth-common v3.3.1
+  @versini/auth-common v4.0.0
   © 2024 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_COMMON__ || (window.__VERSINI_AUTH_COMMON__ = {
-    version: "3.3.1",
-    buildTime: "08/01/2024 10:23 AM EDT",
+    version: "4.0.0",
+    buildTime: "08/19/2024 06:11 PM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
 } catch {
 }
-const je = {
+const et = {
   ID_TOKEN: "id_token",
   ACCESS_TOKEN: "token",
   ID_AND_ACCESS_TOKEN: "id_token token",
   CODE: "code",
   REFRESH_TOKEN: "refresh_token",
   PASSKEY: "passkey"
-}, et = {
+}, tt = {
   CLIENT_ID: "X-Auth-ClientId"
 }, ne = {
   ACCESS_TOKEN: "access_token"
-}, P = {
+}, I = {
   ALG: "RS256",
   USER_ID_KEY: "sub",
   TOKEN_ID_KEY: "__raw",
@@ -42,15 +42,16 @@ aMwPFOIcJH+rKfFgNcHLcaS5syp7zU1ANwZ+trgR+DifBr8TLVkBynmNeTyhDm2+
 l0haqjMk0UoNPPE8iYBWUHQJJE1Dqstj65d6Eh5g64Pao25y4cmYJbKjiblIGEkE
 sjqybA9mARAqh9k/eiIopecWSiffNQTwVQVd2I9ZH3BalhEXHlqFgrjz51kFqg81
 awIDAQAB
------END PUBLIC KEY-----`, tt = {
+-----END PUBLIC KEY-----`, rt = {
   ACCESS: "5m",
   ID: "90d",
   REFRESH: "90d"
-}, rt = {
-  AUTHENTICATE: "authenticate",
+}, nt = {
   CODE: "code",
-  LOGOUT: "logout"
-}, O = crypto, G = (e) => e instanceof CryptoKey, T = new TextEncoder(), C = new TextDecoder();
+  LOGOUT: "logout",
+  LOGIN: "login",
+  REFRESH: "refresh"
+}, O = crypto, G = (e) => e instanceof CryptoKey, _ = new TextEncoder(), C = new TextDecoder();
 function oe(...e) {
   const t = e.reduce((a, { length: o }) => a + o, 0), r = new Uint8Array(t);
   let n = 0;
@@ -140,7 +141,7 @@ class se extends A {
 function m(e, t = "algorithm.name") {
   return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`);
 }
-function _(e, t) {
+function v(e, t) {
   return e.name === t;
 }
 function W(e) {
@@ -173,7 +174,7 @@ function le(e, t, ...r) {
     case "HS256":
     case "HS384":
     case "HS512": {
-      if (!_(e.algorithm, "HMAC"))
+      if (!v(e.algorithm, "HMAC"))
         throw m("HMAC");
       const n = parseInt(t.slice(2), 10);
       if (W(e.algorithm.hash) !== n)
@@ -183,7 +184,7 @@ function le(e, t, ...r) {
     case "RS256":
     case "RS384":
     case "RS512": {
-      if (!_(e.algorithm, "RSASSA-PKCS1-v1_5"))
+      if (!v(e.algorithm, "RSASSA-PKCS1-v1_5"))
         throw m("RSASSA-PKCS1-v1_5");
       const n = parseInt(t.slice(2), 10);
       if (W(e.algorithm.hash) !== n)
@@ -193,7 +194,7 @@ function le(e, t, ...r) {
     case "PS256":
     case "PS384":
     case "PS512": {
-      if (!_(e.algorithm, "RSA-PSS"))
+      if (!v(e.algorithm, "RSA-PSS"))
         throw m("RSA-PSS");
       const n = parseInt(t.slice(2), 10);
       if (W(e.algorithm.hash) !== n)
@@ -208,7 +209,7 @@ function le(e, t, ...r) {
     case "ES256":
     case "ES384":
     case "ES512": {
-      if (!_(e.algorithm, "ECDSA"))
+      if (!v(e.algorithm, "ECDSA"))
         throw m("ECDSA");
       const n = de(t);
       if (e.algorithm.namedCurve !== n)
@@ -232,7 +233,7 @@ const L = (e, ...t) => q("Key must be ", e, ...t);
 function z(e, t, ...r) {
   return q(`Key for the ${e} algorithm must be `, t, ...r);
 }
-const X = (e) => G(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", R = ["CryptoKey"], fe = (...e) => {
+const X = (e) => G(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", P = ["CryptoKey"], fe = (...e) => {
   const t = e.filter(Boolean);
   if (t.length === 0 || t.length === 1)
     return !0;
@@ -451,26 +452,26 @@ async function be(e, t, r) {
     throw new TypeError('"spki" must be SPKI formatted string');
   return Ae(e, t);
 }
-const I = (e) => e == null ? void 0 : e[Symbol.toStringTag], Ce = (e, t) => {
+const R = (e) => e == null ? void 0 : e[Symbol.toStringTag], Ce = (e, t) => {
   if (!(t instanceof Uint8Array)) {
     if (!X(t))
-      throw new TypeError(z(e, t, ...R, "Uint8Array"));
+      throw new TypeError(z(e, t, ...P, "Uint8Array"));
     if (t.type !== "secret")
-      throw new TypeError(`${I(t)} instances for symmetric algorithms must be of type "secret"`);
+      throw new TypeError(`${R(t)} instances for symmetric algorithms must be of type "secret"`);
   }
-}, Te = (e, t, r) => {
+}, _e = (e, t, r) => {
   if (!X(t))
-    throw new TypeError(z(e, t, ...R));
+    throw new TypeError(z(e, t, ...P));
   if (t.type === "secret")
-    throw new TypeError(`${I(t)} instances for asymmetric algorithms must not be of type "secret"`);
+    throw new TypeError(`${R(t)} instances for asymmetric algorithms must not be of type "secret"`);
   if (t.algorithm && r === "verify" && t.type === "private")
-    throw new TypeError(`${I(t)} instances for asymmetric algorithm verifying must be of type "public"`);
+    throw new TypeError(`${R(t)} instances for asymmetric algorithm verifying must be of type "public"`);
   if (t.algorithm && r === "encrypt" && t.type === "private")
-    throw new TypeError(`${I(t)} instances for asymmetric algorithm encryption must be of type "public"`);
-}, _e = (e, t, r) => {
-  e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? Ce(e, t) : Te(e, t, r);
+    throw new TypeError(`${R(t)} instances for asymmetric algorithm encryption must be of type "public"`);
+}, ve = (e, t, r) => {
+  e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? Ce(e, t) : _e(e, t, r);
 };
-function ve(e, t, r, n, a) {
+function Te(e, t, r, n, a) {
   if (a.crit !== void 0 && (n == null ? void 0 : n.crit) === void 0)
     throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');
   if (!n || n.crit === void 0)
@@ -489,13 +490,13 @@ function ve(e, t, r, n, a) {
   }
   return new Set(n.crit);
 }
-const Ie = (e, t) => {
+const Re = (e, t) => {
   if (t !== void 0 && (!Array.isArray(t) || t.some((r) => typeof r != "string")))
     throw new TypeError(`"${e}" option must be an array of strings`);
   if (t)
     return new Set(t);
 };
-function Pe(e, t) {
+function Ie(e, t) {
   const r = `SHA-${e.slice(-3)}`;
   switch (e) {
     case "HS256":
@@ -520,20 +521,20 @@ function Pe(e, t) {
       throw new w(`alg ${e} is not supported either by JOSE or your javascript runtime`);
   }
 }
-async function Re(e, t, r) {
+async function Pe(e, t, r) {
   if (t = await we.normalizePublicKey(t, e), G(t))
     return le(t, e, r), t;
   if (t instanceof Uint8Array) {
     if (!e.startsWith("HS"))
-      throw new TypeError(L(t, ...R));
+      throw new TypeError(L(t, ...P));
     return O.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [r]);
   }
-  throw new TypeError(L(t, ...R, "Uint8Array"));
+  throw new TypeError(L(t, ...P, "Uint8Array"));
 }
 const Ke = async (e, t, r, n) => {
-  const a = await Re(e, t, "verify");
+  const a = await Pe(e, t, "verify");
   pe(e, a);
-  const o = Pe(e, a.algorithm);
+  const o = Ie(e, a.algorithm);
   try {
     return await O.subtle.verify(o, a, r, n);
   } catch {
@@ -566,14 +567,14 @@ async function Oe(e, t, r) {
   const a = {
     ...n,
     ...e.header
-  }, o = ve(u, /* @__PURE__ */ new Map([["b64", !0]]), r == null ? void 0 : r.crit, n, a);
+  }, o = Te(u, /* @__PURE__ */ new Map([["b64", !0]]), r == null ? void 0 : r.crit, n, a);
   let i = !0;
   if (o.has("b64") && (i = n.b64, typeof i != "boolean"))
     throw new u('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
   const { alg: c } = a;
   if (typeof c != "string" || !c)
     throw new u('JWS "alg" (Algorithm) Header Parameter missing or invalid');
-  const s = r && Ie("algorithms", r.algorithms);
+  const s = r && Re("algorithms", r.algorithms);
   if (s && !s.has(c))
     throw new ce('"alg" (Algorithm) Header Parameter value not allowed');
   if (i) {
@@ -582,8 +583,8 @@ async function Oe(e, t, r) {
   } else if (typeof e.payload != "string" && !(e.payload instanceof Uint8Array))
     throw new u("JWS Payload must be a string or an Uint8Array instance");
   let p = !1;
-  typeof t == "function" && (t = await t(n, e), p = !0), _e(c, t, "verify");
-  const g = oe(T.encode(e.protected ?? ""), T.encode("."), typeof e.payload == "string" ? T.encode(e.payload) : e.payload);
+  typeof t == "function" && (t = await t(n, e), p = !0), ve(c, t, "verify");
+  const g = oe(_.encode(e.protected ?? ""), _.encode("."), typeof e.payload == "string" ? _.encode(e.payload) : e.payload);
   let f;
   try {
     f = b(e.signature);
@@ -599,7 +600,7 @@ async function Oe(e, t, r) {
     } catch {
       throw new u("Failed to base64url decode the payload");
     }
-  else typeof e.payload == "string" ? y = T.encode(e.payload) : y = e.payload;
+  else typeof e.payload == "string" ? y = _.encode(e.payload) : y = e.payload;
   const l = { payload: y };
   return e.protected !== void 0 && (l.protectedHeader = n), e.header !== void 0 && (l.unprotectedHeader = e.header), p ? { ...l, key: t } : l;
 }
@@ -752,14 +753,14 @@ function ke(e) {
 }
 const Me = async (e) => {
   try {
-    const t = P.ALG, n = await be(ae, t);
+    const t = I.ALG, n = await be(ae, t);
     return await $e(e, n, {
-      issuer: P.ISSUER
+      issuer: I.ISSUER
     });
   } catch {
     return;
   }
-}, nt = (e) => {
+}, at = (e) => {
   try {
     return ke(e);
   } catch {
@@ -772,24 +773,24 @@ for (var H = 0; H < 256; ++H)
 function Be(e, t = 0) {
   return (d[e[t + 0]] + d[e[t + 1]] + d[e[t + 2]] + d[e[t + 3]] + "-" + d[e[t + 4]] + d[e[t + 5]] + "-" + d[e[t + 6]] + d[e[t + 7]] + "-" + d[e[t + 8]] + d[e[t + 9]] + "-" + d[e[t + 10]] + d[e[t + 11]] + d[e[t + 12]] + d[e[t + 13]] + d[e[t + 14]] + d[e[t + 15]]).toLowerCase();
 }
-var v, Ye = new Uint8Array(16);
-function Fe() {
-  if (!v && (v = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !v))
+var T, Fe = new Uint8Array(16);
+function Ye() {
+  if (!T && (T = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !T))
     throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
-  return v(Ye);
+  return T(Fe);
 }
 var Ve = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
-const Y = {
+const F = {
   randomUUID: Ve
 };
-function F(e, t, r) {
-  if (Y.randomUUID && !t && !e)
-    return Y.randomUUID();
+function Y(e, t, r) {
+  if (F.randomUUID && !t && !e)
+    return F.randomUUID();
   e = e || {};
-  var n = e.random || (e.rng || Fe)();
+  var n = e.random || (e.rng || Ye)();
   return n[6] = n[6] & 15 | 64, n[8] = n[8] & 63 | 128, Be(n);
 }
-const V = globalThis.crypto, Ge = (e) => `${F()}${F()}`.slice(0, e), qe = (e) => btoa(
+const V = globalThis.crypto, Ge = (e) => `${Y()}${Y()}`.slice(0, e), qe = (e) => btoa(
   [...new Uint8Array(e)].map((t) => String.fromCharCode(t)).join("")
 );
 async function re(e) {
@@ -800,7 +801,7 @@ async function re(e) {
   const t = new TextEncoder().encode(e), r = await V.subtle.digest("SHA-256", t);
   return qe(r).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
 }
-async function at(e) {
+async function ot(e) {
   const t = e || 43;
   if (t < 43 || t > 128)
     throw `Expected a length between 43 and 128. Received ${e}.`;
@@ -810,7 +811,7 @@ async function at(e) {
     code_challenge: n
   };
 }
-async function ot(e, t) {
+async function it(e, t) {
   return t === await re(e);
 }
 const ze = /^Bearer (.+)$/i, Xe = (e) => {
@@ -830,32 +831,40 @@ const ze = /^Bearer (.+)$/i, Xe = (e) => {
   const t = e == null ? void 0 : e[ne.ACCESS_TOKEN];
   if (typeof t == "string")
     return t;
-}, it = ({ headers: e, body: t, clientId: r }) => {
+}, ct = ({ headers: e, body: t, clientId: r }) => {
   const n = Xe(e), a = Qe(e, r);
   return Ze(t) || a || n || "";
-}, ct = async (e, t) => {
+}, st = async (e, t) => {
   var a;
   const r = await Me(e);
-  if (!r || !Array.isArray((a = r.payload) == null ? void 0 : a[P.SCOPES_KEY]))
+  if (!r || !Array.isArray((a = r.payload) == null ? void 0 : a[I.SCOPES_KEY]))
     return !1;
-  const n = r.payload[P.SCOPES_KEY];
+  const n = r.payload[I.SCOPES_KEY];
   return Array.isArray(t) ? t.every((o) => n.includes(o)) : Object.keys(t).some(
     (o) => t[o].every((i) => n.includes(i))
   );
-};
+}, je = (e, t) => {
+  const r = e == null ? void 0 : e.cookie;
+  if (typeof r != "string")
+    return;
+  const n = new RegExp(`auth.${t}.session=(.+?)(?:;|$)`), a = r.match(n);
+  if (a)
+    return a[1];
+}, dt = ({ headers: e, clientId: t }) => je(e, t) || "";
 export {
-  rt as API_TYPE,
-  je as AUTH_TYPES,
+  nt as API_TYPE,
+  et as AUTH_TYPES,
   ne as BODY,
-  et as HEADERS,
-  P as JWT,
+  tt as HEADERS,
+  I as JWT,
   ae as JWT_PUBLIC_KEY,
-  tt as TOKEN_EXPIRATION,
-  nt as decodeToken,
+  rt as TOKEN_EXPIRATION,
+  at as decodeToken,
   re as generateCodeChallenge,
-  it as getToken,
-  ct as isGranted,
-  at as pkceChallengePair,
+  dt as getSession,
+  ct as getToken,
+  st as isGranted,
+  ot as pkceChallengePair,
   Me as verifyAndExtractToken,
-  ot as verifyChallenge
+  it as verifyChallenge
 };

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@versini/auth-common",
-	"version": "3.3.1",
+	"version": "4.0.0",
 	"license": "MIT",
 	"author": "Arno Versini",
 	"publishConfig": {
@@ -33,8 +33,8 @@
 		"test:coverage": "vitest run --coverage"
 	},
 	"dependencies": {
-		"jose": "5.6.3",
+		"jose": "5.7.0",
 		"uuid": "10.0.0"
 	},
-	"gitHead": "01228321ca4f7b62244a5dc9b2b001053fd0bba2"
+	"gitHead": "810b2920c2281e78b52ffbe1db7e52f4fefa8cbe"
 }