grannt 5.4.23

package/lib/handler/azure.js

@@ -0,0 +1,53 @@
+
+var qs = require('qs')
+var Grant = require('../grant')
+var Session = require('../session')
+
+
+module.exports = function (args = {}) {
+  var grant = Grant(args.config ? args : {config: args})
+  app.config = grant.config
+
+  var regex = new RegExp([
+    /^https?:\/\/[^/]+/.source,
+    app.config.defaults.prefix,
+    /(?:\/([^\/\?]+?))/.source, // /:provider
+    /(?:\/([^\/\?]+?))?/.source, // /:override?
+    /(?:\/$|\/?\?+.*)?$/.source, // querystring
+  ].join(''), 'i')
+
+  var store = Session(args.session)
+
+  async function app (req, state) {
+    var session = store(req)
+    var match = regex.exec(req.originalUrl)
+    if (!match) {
+      return {session}
+    }
+
+    var {location, session:sess, state} = await grant({
+      method: req.method,
+      params: {provider: match[1], override: match[2]},
+      query: {...req.query, code: req.query.oauth_code},
+      body: req.method === 'POST' ? req.body : {},
+      state,
+      session: (await session.get()).grant
+    })
+
+    await session.set({grant: sess})
+
+    return location
+      ? {session, redirect: redirect(location, session)}
+      : {session, response: state.response || sess.response}
+  }
+
+  return app
+}
+
+var redirect = (location, session) => ({
+  status: 302,
+  headers: {
+    location,
+    'set-cookie': session.headers['set-cookie']
+  }
+})

package/lib/handler/curveball.js

@@ -0,0 +1,46 @@
+
+var qs = require('qs')
+var Grant = require('../grant')
+
+
+module.exports = function (args = {}) {
+  var grant = Grant(args.config ? args : {config: args})
+  app.config = grant.config
+
+  var regex = new RegExp([
+    '^',
+    app.config.defaults.prefix,
+    /(?:\/([^\/\?]+?))/.source, // /:provider
+    /(?:\/([^\/\?]+?))?/.source, // /:override?
+    /(?:\/$|\/?\?+.*)?$/.source, // querystring
+  ].join(''), 'i')
+
+  async function app (ctx, next) {
+    var match = regex.exec(ctx.path)
+    if (!match) {
+      return next()
+    }
+
+    if (!ctx.state.session) {
+      throw new Error('Grant: mount session middleware first')
+    }
+    if (ctx.method === 'POST' && !ctx.request.body) {
+      throw new Error('Grant: mount body parser middleware first')
+    }
+
+    var {location, session, state} = await grant({
+      method: ctx.method,
+      params: {provider: match[1], override: match[2]},
+      query: qs.parse(ctx.request.query),
+      body: qs.parse(ctx.request.body),
+      state: ctx.state.grant,
+      session: ctx.state.session.grant,
+    })
+
+    ctx.state.session.grant = session
+    ctx.state.grant = state
+    location ? ctx.response.redirect(302, location) : await next()
+  }
+
+  return app
+}

package/lib/handler/express-4.js

@@ -0,0 +1,53 @@
+
+var Grant = require('../grant')
+
+
+module.exports = function (args = {}) {
+  var grant = Grant(args.config ? args : {config: args})
+  app.config = grant.config
+
+  var regex = new RegExp([
+    '^',
+    app.config.defaults.prefix,
+    /(?:\/([^\/\?]+?))/.source, // /:provider
+    /(?:\/([^\/\?]+?))?/.source, // /:override?
+    /(?:\/$|\/?\?+.*)?$/.source, // querystring
+  ].join(''), 'i')
+
+  async function app (req, res, next) {
+    var match = regex.exec(req.originalUrl)
+    if (!match) {
+      return next()
+    }
+
+    if (!req.session) {
+      next(new Error('Grant: mount session middleware first'))
+      return
+    }
+    if (req.method === 'POST' && !req.body) {
+      next(new Error('Grant: mount body parser middleware first'))
+      return
+    }
+
+    var {location, session, state} = await grant({
+      method: req.method,
+      params: {provider: match[1], override: match[2]},
+      query: req.query,
+      body: req.body,
+      state: res.locals.grant,
+      session: req.session.grant,
+    })
+
+    req.session.grant = session
+    res.locals.grant = state
+    location ? redirect(req, res, location) : next()
+  }
+
+  return app
+}
+
+var redirect = (req, res, location) =>
+  typeof req.session.save === 'function' &&
+    Object.getPrototypeOf(req.session).save.length
+      ? req.session.save(() => res.redirect(location))
+      : res.redirect(location)

package/lib/handler/fastify.js

@@ -0,0 +1,50 @@
+
+var qs = require('qs')
+var Grant = require('../grant')
+
+
+module.exports = function (args = {}) {
+
+  function app (server, options, next) {
+    args = args.config ? args : {config: args}
+
+    var grant = Grant(args)
+    app.config = grant.config
+
+    var prefix = app.config.defaults.prefix.replace(options.prefix, '')
+
+    server.route({
+      method: ['GET', 'POST'],
+      path: `${prefix}/:provider`,
+      handler
+    })
+    server.route({
+      method: ['GET', 'POST'],
+      path: `${prefix}/:provider/:override`,
+      handler
+    })
+
+    async function handler (req, res) {
+      if (!req.session) {
+        throw new Error('Grant: register session plugin first')
+      }
+
+      var {location, session, state} = await grant({
+        method: req.method,
+        params: req.params,
+        query: qs.parse(req.query),
+        body: qs.parse(req.body),
+        state: req.grant,
+        session: req.session.grant,
+      })
+
+      req.session.grant = session
+      res.grant = state
+      return location ? res.redirect(location) : res.send()
+    }
+
+    next()
+  }
+
+  return app
+}

package/lib/handler/gcloud.js

@@ -0,0 +1,56 @@
+
+var qs = require('qs')
+var Grant = require('../grant')
+var Session = require('../session')
+
+
+module.exports = function (args = {}) {
+  var grant = Grant(args.config ? args : {config: args})
+  app.config = grant.config
+
+  var regex = new RegExp([
+    '^',
+    app.config.defaults.prefix,
+    /(?:\/([^\/\?]+?))/.source, // /:provider
+    /(?:\/([^\/\?]+?))?/.source, // /:override?
+    /(?:\/$|\/?\?+.*)?$/.source, // querystring
+  ].join(''), 'i')
+
+  var store = Session(args.session)
+
+  async function app (req, res, state) {
+    var session = store(req, res)
+    var match = regex.exec(req.url)
+    if (!match) {
+      return {session}
+    }
+
+    var {location, session:sess, state} = await grant({
+      method: req.method,
+      params: {provider: match[1], override: match[2]},
+      query: qs.parse(req.query),
+      body: req.body,
+      state,
+      session: (await session.get()).grant
+    })
+
+    await session.set({grant: sess})
+
+    return location
+      ? (redirect(res, location, session), {session, redirect: true})
+      : {session, response: state.response || sess.response}
+  }
+
+  return app
+}
+
+var redirect = (res, location, session) => {
+  res.setHeader('set-cookie', session.headers['set-cookie'])
+  setImmediate(() => {
+    if (!res.headersSent) {
+      res.statusCode = 302
+      res.setHeader('location', location)
+      res.end()
+    }
+  })
+}

package/lib/handler/hapi-16.js

@@ -0,0 +1,60 @@
+
+var url = require('url')
+var qs = require('qs')
+var Grant = require('../grant')
+
+
+module.exports = function (args = {}) {
+  var app = {}
+
+  function register (server, options, next) {
+    args = args.config ? args : {config: args}
+    args.config = Object.keys(options).length ? options : args.config
+
+    var grant = Grant(args)
+    app.config = grant.config
+
+    var prefix = app.config.defaults.prefix
+      .replace(server.realm.modifiers.route.prefix, '')
+
+    server.route({
+      method: ['GET', 'POST'],
+      path: `${prefix}/{provider}/{override?}`,
+      handler: (req, res) => {
+        if (!(req.session || req.yar)) {
+          throw new Error('Grant: register session plugin first')
+        }
+
+        var query = (parseInt(server.version.split('.')[0]) >= 12)
+          ? qs.parse(url.parse(req.url, false).query) // #2985
+          : req.query
+
+        var body = (parseInt(server.version.split('.')[0]) >= 12)
+          ? qs.parse(req.payload) // #2985
+          : req.payload
+
+        grant({
+          method: req.method,
+          params: req.params,
+          query: query,
+          body: body,
+          state: req.plugins.grant,
+          session: (req.session || req.yar).get('grant'),
+        }).then(({location, session, state}) => {
+          ;(req.session || req.yar).set('grant', session)
+          req.plugins.grant = state
+          location ? res.redirect(location) : res.continue()
+        })
+      }
+    })
+
+    next()
+  }
+
+  register.attributes = {
+    pkg: require('../../package.json')
+  }
+
+  app.register = register
+  return app
+}

package/lib/handler/hapi-17.js

@@ -0,0 +1,47 @@
+
+var qs = require('qs')
+var Grant = require('../grant')
+
+
+module.exports = function (args = {}) {
+  var app = {}
+
+  function register (server, options) {
+    args = args.config ? args : {config: args}
+    args.config = Object.keys(options).length ? options : args.config
+
+    var grant = Grant(args)
+    app.config = grant.config
+
+    var prefix = app.config.defaults.prefix
+      .replace(server.realm.modifiers.route.prefix, '')
+
+    server.route({
+      method: ['GET', 'POST'],
+      path: `${prefix}/{provider}/{override?}`,
+      handler: async (req, res) => {
+        if (!req.yar) {
+          throw new Error('Grant: register session plugin first')
+        }
+
+        var {location, session, state} = await grant({
+          method: req.method,
+          params: req.params,
+          query: qs.parse(req.query),
+          body: qs.parse(req.payload), // #2985
+          state: req.plugins.grant,
+          session: req.yar.get('grant'),
+        })
+
+        req.yar.set('grant', session)
+        req.plugins.grant = state
+        return location ? res.redirect(location) : res.continue
+      }
+    })
+  }
+
+  app.pkg = require('../../package.json')
+
+  app.register = register
+  return app
+}

package/lib/handler/koa-1.js

@@ -0,0 +1,46 @@
+
+var qs = require('qs')
+var Grant = require('../grant')
+
+
+module.exports = function (args) {
+  var grant = Grant((args || {}).config ? args : {config: args})
+  app.config = grant.config
+
+  var regex = new RegExp([
+    '^',
+    app.config.defaults.prefix,
+    /(?:\/([^\/\?]+?))/.source, // /:provider
+    /(?:\/([^\/\?]+?))?/.source, // /:override?
+    /(?:\/$|\/?\?+.*)?$/.source, // querystring
+  ].join(''), 'i')
+
+  function* app (next) {
+    var match = regex.exec(this.request.originalUrl)
+    if (!match) {
+      return yield next
+    }
+
+    if (!this.session) {
+      throw new Error('Grant: mount session middleware first')
+    }
+    if (this.method === 'POST' && !this.request.body) {
+      throw new Error('Grant: mount body parser middleware first')
+    }
+
+    var result = yield grant({
+      method: this.method,
+      params: {provider: match[1], override: match[2]},
+      query: qs.parse(this.request.query),
+      body: this.request.body,
+      state: this.state.grant,
+      session: this.session.grant,
+    })
+
+    this.session.grant = result.session
+    this.state.grant = result.state
+    result.location ? this.response.redirect(result.location) : yield next
+  }
+
+  return app
+}

package/lib/handler/koa-2.js

@@ -0,0 +1,46 @@
+
+var qs = require('qs')
+var Grant = require('../grant')
+
+
+module.exports = function (args = {}) {
+  var grant = Grant(args.config ? args : {config: args})
+  app.config = grant.config
+
+  var regex = new RegExp([
+    '^',
+    app.config.defaults.prefix,
+    /(?:\/([^\/\?]+?))/.source, // /:provider
+    /(?:\/([^\/\?]+?))?/.source, // /:override?
+    /(?:\/$|\/?\?+.*)?$/.source, // querystring
+  ].join(''), 'i')
+
+  async function app (ctx, next) {
+    var match = regex.exec(ctx.originalUrl)
+    if (!match) {
+      return next()
+    }
+
+    if (!ctx.session) {
+      ctx.throw(400, 'Grant: mount session middleware first')
+    }
+    if (ctx.method === 'POST' && !ctx.request.body) {
+      ctx.throw(400, 'Grant: mount body parser middleware first')
+    }
+
+    var {location, session, state} = await grant({
+      method: ctx.method,
+      params: {provider: match[1], override: match[2]},
+      query: qs.parse(ctx.request.query),
+      body: ctx.request.body,
+      state: ctx.state.grant,
+      session: ctx.session.grant,
+    })
+
+    ctx.session.grant = session
+    ctx.state.grant = state
+    location ? ctx.response.redirect(location) : await next()
+  }
+
+  return app
+}

package/lib/handler/node.js

@@ -0,0 +1,62 @@
+
+var qs = require('qs')
+var Grant = require('../grant')
+var Session = require('../session')
+
+
+module.exports = function (args = {}) {
+  var grant = Grant(args.config ? args : {config: args})
+  app.config = grant.config
+
+  var regex = new RegExp([
+    '^',
+    app.config.defaults.prefix,
+    /(?:\/([^\/\?]+?))/.source, // /:provider
+    /(?:\/([^\/\?]+?))?/.source, // /:override?
+    /(?:\/$|\/?\?+(.*))?$/.source, // querystring
+  ].join(''), 'i')
+
+  var store = Session(args.session)
+
+  async function app (req, res, state) {
+    var session = store(req, res)
+    var match = regex.exec(req.url)
+    if (!match) {
+      return {session}
+    }
+
+    var {location, session:sess, state} = await grant({
+      method: req.method,
+      params: {provider: match[1], override: match[2]},
+      query: qs.parse(match[3]),
+      body: req.method === 'POST' ? qs.parse(await buffer(req)) : {},
+      state,
+      session: (await session.get()).grant
+    })
+
+    await session.set({grant: sess})
+
+    return location
+      ? (redirect(res, location, session), {session, redirect: true})
+      : {session, response: state.response || sess.response}
+  }
+
+  return app
+}
+
+var redirect = (res, location, session) => {
+  res.setHeader('set-cookie', session.headers['set-cookie'])
+  setImmediate(() => {
+    if (!res.headersSent) {
+      res.statusCode = 302
+      res.setHeader('location', location)
+      res.end()
+    }
+  })
+}
+
+var buffer = (req, body = []) => new Promise((resolve, reject) => req
+  .on('data', (chunk) => body.push(chunk))
+  .on('end', () => resolve(Buffer.concat(body).toString('utf8')))
+  .on('error', reject)
+)

package/lib/handler/vercel.js

@@ -0,0 +1,56 @@
+
+var qs = require('qs')
+var Grant = require('../grant')
+var Session = require('../session')
+
+
+module.exports = function (args = {}) {
+  var grant = Grant(args.config ? args : {config: args})
+  app.config = grant.config
+
+  var regex = new RegExp([
+    '^',
+    app.config.defaults.prefix,
+    /(?:\/([^\/\?]+?))/.source, // /:provider
+    /(?:\/([^\/\?]+?))?/.source, // /:override?
+    /(?:\/$|\/?\?+.*)?$/.source, // querystring
+  ].join(''), 'i')
+
+  var store = Session(args.session)
+
+  async function app (req, res, state) {
+    var session = store(req, res)
+    var match = regex.exec(req.url)
+    if (!match) {
+      return {session}
+    }
+
+    var {location, session:sess, state} = await grant({
+      method: req.method,
+      params: {provider: match[1], override: match[2]},
+      query: qs.parse(req.query),
+      body: req.body,
+      state,
+      session: (await session.get()).grant
+    })
+
+    await session.set({grant: sess})
+
+    return location
+      ? (redirect(res, location, session), {session, redirect: true})
+      : {session, response: state.response || sess.response}
+  }
+
+  return app
+}
+
+var redirect = (res, location, session) => {
+  res.setHeader('set-cookie', session.headers['set-cookie'])
+  setImmediate(() => {
+    if (!res.headersSent) {
+      res.statusCode = 302
+      res.setHeader('location', location)
+      res.end()
+    }
+  })
+}

package/lib/oidc.js

@@ -0,0 +1,47 @@
+
+var crypto = require('crypto')
+
+
+var base64url = (str) =>
+  str.toString('base64').replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_')
+
+var kid = (jwk) => {
+  if (jwk.kid) {
+    return jwk.kid
+  }
+  var keys =
+    jwk.kty === 'RSA' ? {e: jwk.e, kty: jwk.kty, n: jwk.n} :
+    jwk.kty === 'EC' ? {crv: jwk.crv, kty: jwk.kty, x: jwk.x, y: jwk.y} :
+    jwk.kty === 'oct' ? {k: jwk.k, kty: jwk.kty} : undefined
+  return keys
+    ? base64url(crypto.createHash('sha256').update(JSON.stringify(keys)).digest())
+    : undefined
+}
+
+var x5t = (cert) => {
+  var s1 = cert.replace(/(?:-----(?:BEGIN|END) CERTIFICATE-----|\s)/g, '')
+  var s2 = Buffer.from(s1, 'base64')
+  var s3 = crypto.createHash('sha1').update(s2).digest('hex').toUpperCase()
+  return base64url(Buffer.from(s3, 'hex'))
+}
+
+var pem = (jwk) => {
+  var pem = require('jwk-to-pem')
+  return pem(jwk, {private: true})
+}
+
+var sign = (jwt) => {
+  var jws = require('jws')
+  return jws.sign(jwt)
+}
+
+var jwt = (str) => {
+  var [header, payload, signature] = str.split('.')
+  return {
+    header: JSON.parse(Buffer.from(header, 'base64').toString('binary')),
+    payload: JSON.parse(Buffer.from(payload, 'base64').toString('utf8')),
+    signature,
+  }
+}
+
+module.exports = {base64url, kid, x5t, pem, sign, jwt}