hibp 0.0.0-dev.9896b89a

package/dist/cjs/breachedAccount.js

@@ -0,0 +1,101 @@
+'use strict';
+
+var fetchFromApi = /*#__PURE__*/require('./api/haveibeenpwned/fetchFromApi.js');
+
+/**
+ * Fetches breach data for a specific account.
+ *
+ * ***Warning (July 18, 2019):***
+ *
+ * `haveibeenpwned.com` now requires an API key from
+ * https://haveibeenpwned.com/API/Key for the `breachedaccount` endpoint. The
+ * `apiKey` option here is not explicitly required, but direct requests made
+ * without it (that is, without specifying a `baseUrl` to a proxy that inserts a
+ * valid API key on your behalf) will fail.
+ *
+ * @param {string} account a username or email address
+ * @param {object} [options] a configuration object
+ * @param {string} [options.apiKey] an API key from
+ * https://haveibeenpwned.com/API/Key (default: undefined)
+ * @param {string} [options.domain] a domain by which to filter the results
+ * (default: all domains)
+ * @param {boolean} [options.includeUnverified] include "unverified" breaches in
+ * the results (default: true)
+ * @param {boolean} [options.truncate] truncate the results to only include
+ * the name of each breach (default: true)
+ * @param {string} [options.baseUrl] a custom base URL for the
+ * haveibeenpwned.com API endpoints (default:
+ * `https://haveibeenpwned.com/api/v3`)
+ * @param {string} [options.userAgent] a custom string to send as the User-Agent
+ * field in the request headers (default: `hibp <version>`)
+ * @returns {(Promise<Breach[]> | Promise<null>)} a Promise which resolves to an
+ * array of breach objects (or null if no breaches were found), or rejects with
+ * an Error
+ * @example
+ * breachedAccount('foo', { apiKey: 'my-api-key' })
+ *   .then(data => {
+ *     if (data) {
+ *       // ...
+ *     } else {
+ *       // ...
+ *     }
+ *   })
+ *   .catch(err => {
+ *     // ...
+ *   });
+ * @example
+ * breachedAccount('bar', {
+ *   includeUnverified: false,
+ *   baseUrl: 'https://my-hibp-proxy:8080',
+ * })
+ *   .then(data => {
+ *     if (data) {
+ *       // ...
+ *     } else {
+ *       // ...
+ *     }
+ *   })
+ *   .catch(err => {
+ *     // ...
+ *   });
+ * @example
+ * breachedAccount('baz', {
+ *   apiKey: 'my-api-key',
+ *   domain: 'adobe.com',
+ *   truncate: false,
+ *   userAgent: 'my-app 1.0'
+ * })
+ *   .then(data => {
+ *     if (data) {
+ *       // ...
+ *     } else {
+ *       // ...
+ *     }
+ *   })
+ *   .catch(err => {
+ *     // ...
+ *   });
+ */
+function breachedAccount(account, options = {
+  includeUnverified: true,
+  truncate: true
+}) {
+  const endpoint = `/breachedaccount/${encodeURIComponent(account)}?`;
+  const params = [];
+  if (options.domain) {
+    params.push(`domain=${encodeURIComponent(options.domain)}`);
+  }
+  if (options.includeUnverified === false) {
+    params.push('includeUnverified=false');
+  }
+  if (options.truncate === false) {
+    params.push('truncateResponse=false');
+  }
+  return fetchFromApi.fetchFromApi(`${endpoint}${params.join('&')}`, {
+    apiKey: options.apiKey,
+    baseUrl: options.baseUrl,
+    userAgent: options.userAgent
+  });
+}
+exports.breachedAccount = breachedAccount;
+//# sourceMappingURL=breachedAccount.js.map

package/dist/cjs/breachedAccount.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"breachedAccount.js","sources":["../../src/breachedAccount.ts"],"sourcesContent":["import type { Breach } from './api/haveibeenpwned/types';\nimport { fetchFromApi } from './api/haveibeenpwned';\n\n/**\n * Fetches breach data for a specific account.\n *\n * ***Warning (July 18, 2019):***\n *\n * `haveibeenpwned.com` now requires an API key from\n * https://haveibeenpwned.com/API/Key for the `breachedaccount` endpoint. The\n * `apiKey` option here is not explicitly required, but direct requests made\n * without it (that is, without specifying a `baseUrl` to a proxy that inserts a\n * valid API key on your behalf) will fail.\n *\n * @param {string} account a username or email address\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.domain] a domain by which to filter the results\n * (default: all domains)\n * @param {boolean} [options.includeUnverified] include \"unverified\" breaches in\n * the results (default: true)\n * @param {boolean} [options.truncate] truncate the results to only include\n * the name of each breach (default: true)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<Breach[]> | Promise<null>)} a Promise which resolves to an\n * array of breach objects (or null if no breaches were found), or rejects with\n * an Error\n * @example\n * breachedAccount('foo', { apiKey: 'my-api-key' })\n *   .then(data => {\n *     if (data) {\n *       // ...\n *     } else {\n *       // ...\n *     }\n *   })\n *   .catch(err => {\n *     // ...\n *   });\n * @example\n * breachedAccount('bar', {\n *   includeUnverified: false,\n *   baseUrl: 'https://my-hibp-proxy:8080',\n * })\n *   .then(data => {\n *     if (data) {\n *       // ...\n *     } else {\n *       // ...\n *     }\n *   })\n *   .catch(err => {\n *     // ...\n *   });\n * @example\n * breachedAccount('baz', {\n *   apiKey: 'my-api-key',\n *   domain: 'adobe.com',\n *   truncate: false,\n *   userAgent: 'my-app 1.0'\n * })\n *   .then(data => {\n *     if (data) {\n *       // ...\n *     } else {\n *       // ...\n *     }\n *   })\n *   .catch(err => {\n *     // ...\n *   });\n */\nexport function breachedAccount(\n  account: string,\n  options: {\n    apiKey?: string;\n    domain?: string;\n    includeUnverified?: boolean;\n    truncate?: boolean;\n    baseUrl?: string;\n    userAgent?: string;\n  } = {\n    includeUnverified: true,\n    truncate: true,\n  },\n): Promise<Breach[] | null> {\n  const endpoint = `/breachedaccount/${encodeURIComponent(account)}?`;\n  const params: Array<string> = [];\n  if (options.domain) {\n    params.push(`domain=${encodeURIComponent(options.domain)}`);\n  }\n  if (options.includeUnverified === false) {\n    params.push('includeUnverified=false');\n  }\n  if (options.truncate === false) {\n    params.push('truncateResponse=false');\n  }\n  return fetchFromApi(`${endpoint}${params.join('&')}`, {\n    apiKey: options.apiKey,\n    baseUrl: options.baseUrl,\n    userAgent: options.userAgent,\n  }) as Promise<Breach[] | null>;\n}\n"],"names":["breachedAccount","account","options","includeUnverified","truncate","endpoint","encodeURIComponent","params","domain","push","fetchFromApi","join","apiKey","baseUrl","userAgent"],"mappings":";;;;AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAyEG;AACa,SAAAA,eAAe,CAC7BC,OAAe,EACfC,OAOI,GAAA;EACFC,iBAAiB,EAAE,IAAI;EACvBC,QAAQ,EAAE;AACX,CAAA,EAAA;EAED,MAAMC,QAAQ,GAAuB,oBAAAC,kBAAkB,CAACL,OAAO,IAAI;EACnE,MAAMM,MAAM,GAAkB,EAAE;EAChC,IAAIL,OAAO,CAACM,MAAM,EAAE;IAClBD,MAAM,CAACE,IAAI,CAAC,UAAUH,kBAAkB,CAACJ,OAAO,CAACM,MAAM,CAAG,EAAA,CAAC;EAC5D;EACD,IAAIN,OAAO,CAACC,iBAAiB,KAAK,KAAK,EAAE;IACvCI,MAAM,CAACE,IAAI,CAAC,yBAAyB,CAAC;EACvC;EACD,IAAIP,OAAO,CAACE,QAAQ,KAAK,KAAK,EAAE;IAC9BG,MAAM,CAACE,IAAI,CAAC,wBAAwB,CAAC;EACtC;EACD,OAAOC,YAAY,CAAAA,YAAA,CAAI,GAAAL,QAAW,GAAAE,MAAM,CAACI,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;IACpDC,MAAM,EAAEV,OAAO,CAACU,MAAM;IACtBC,OAAO,EAAEX,OAAO,CAACW,OAAO;IACxBC,SAAS,EAAEZ,OAAO,CAACY;EACpB,CAAA,CAA6B;AAChC;"}

package/dist/cjs/breaches.js

@@ -0,0 +1,55 @@
+'use strict';
+
+var fetchFromApi = /*#__PURE__*/require('./api/haveibeenpwned/fetchFromApi.js');
+
+/**
+ * Fetches all breach events in the system.
+ *
+ * @param {object} [options] a configuration object
+ * @param {string} [options.domain] a domain by which to filter the results
+ * (default: all domains)
+ * @param {string} [options.baseUrl] a custom base URL for the
+ * haveibeenpwned.com API endpoints (default:
+ * `https://haveibeenpwned.com/api/v3`)
+ * @param {string} [options.userAgent] a custom string to send as the User-Agent
+ * field in the request headers (default: `hibp <version>`)
+ * @returns {Promise<Breach[]>} a Promise which resolves to an array of breach
+ * objects (an empty array if no breaches were found), or rejects with an Error
+ * @example
+ * breaches()
+ *   .then(data => {
+ *     if (data) {
+ *       // ...
+ *     } else {
+ *       // ...
+ *     }
+ *   })
+ *   .catch(err => {
+ *     // ...
+ *   });
+ * @example
+ * breaches({ domain: 'adobe.com' })
+ *   .then(data => {
+ *     if (data) {
+ *       // ...
+ *     } else {
+ *       // ...
+ *     }
+ *   })
+ *   .catch(err => {
+ *     // ...
+ *   });
+ */
+function breaches(options = {}) {
+  const endpoint = '/breaches?';
+  const params = [];
+  if (options.domain) {
+    params.push(`domain=${encodeURIComponent(options.domain)}`);
+  }
+  return fetchFromApi.fetchFromApi(`${endpoint}${params.join('&')}`, {
+    baseUrl: options.baseUrl,
+    userAgent: options.userAgent
+  });
+}
+exports.breaches = breaches;
+//# sourceMappingURL=breaches.js.map

package/dist/cjs/breaches.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"breaches.js","sources":["../../src/breaches.ts"],"sourcesContent":["import type { Breach } from './api/haveibeenpwned/types';\nimport { fetchFromApi } from './api/haveibeenpwned';\n\n/**\n * Fetches all breach events in the system.\n *\n * @param {object} [options] a configuration object\n * @param {string} [options.domain] a domain by which to filter the results\n * (default: all domains)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<Breach[]>} a Promise which resolves to an array of breach\n * objects (an empty array if no breaches were found), or rejects with an Error\n * @example\n * breaches()\n *   .then(data => {\n *     if (data) {\n *       // ...\n *     } else {\n *       // ...\n *     }\n *   })\n *   .catch(err => {\n *     // ...\n *   });\n * @example\n * breaches({ domain: 'adobe.com' })\n *   .then(data => {\n *     if (data) {\n *       // ...\n *     } else {\n *       // ...\n *     }\n *   })\n *   .catch(err => {\n *     // ...\n *   });\n */\nexport function breaches(\n  options: {\n    domain?: string;\n    baseUrl?: string;\n    userAgent?: string;\n  } = {},\n): Promise<Breach[]> {\n  const endpoint = '/breaches?';\n  const params: Array<string> = [];\n  if (options.domain) {\n    params.push(`domain=${encodeURIComponent(options.domain)}`);\n  }\n  return fetchFromApi(`${endpoint}${params.join('&')}`, {\n    baseUrl: options.baseUrl,\n    userAgent: options.userAgent,\n  }) as Promise<Breach[]>;\n}\n"],"names":["breaches","options","endpoint","params","domain","push","encodeURIComponent","fetchFromApi","join","baseUrl","userAgent"],"mappings":";;;;AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqCG;AACa,SAAAA,QAAQ,CACtBC,OAAA,GAII,EAAE,EAAA;EAEN,MAAMC,QAAQ,GAAG,YAAY;EAC7B,MAAMC,MAAM,GAAkB,EAAE;EAChC,IAAIF,OAAO,CAACG,MAAM,EAAE;IAClBD,MAAM,CAACE,IAAI,CAAC,UAAUC,kBAAkB,CAACL,OAAO,CAACG,MAAM,CAAG,EAAA,CAAC;EAC5D;EACD,OAAOG,YAAY,CAAAA,YAAA,CAAI,GAAAL,QAAW,GAAAC,MAAM,CAACK,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;IACpDC,OAAO,EAAER,OAAO,CAACQ,OAAO;IACxBC,SAAS,EAAET,OAAO,CAACS;EACpB,CAAA,CAAsB;AACzB;"}

package/dist/cjs/dataClasses.js

@@ -0,0 +1,34 @@
+'use strict';
+
+var fetchFromApi = /*#__PURE__*/require('./api/haveibeenpwned/fetchFromApi.js');
+
+/**
+ * Fetches all data classes in the system.
+ *
+ * @param {object} [options] a configuration object
+ * @param {string} [options.baseUrl] a custom base URL for the
+ * haveibeenpwned.com API endpoints (default:
+ * `https://haveibeenpwned.com/api/v3`)
+ * @param {string} [options.userAgent] a custom string to send as the User-Agent
+ * field in the request headers (default: `hibp <version>`)
+ * @returns {(Promise<string[]> | Promise<null>)} a Promise which resolves to an
+ * array of strings (or null if no data classes were found), or rejects with an
+ * Error
+ * @example
+ * dataClasses()
+ *   .then(data => {
+ *     if (data) {
+ *       // ...
+ *     } else {
+ *       // ...
+ *     }
+ *   })
+ *   .catch(err => {
+ *     // ...
+ *   });
+ */
+function dataClasses(options = {}) {
+  return fetchFromApi.fetchFromApi('/dataclasses', options);
+}
+exports.dataClasses = dataClasses;
+//# sourceMappingURL=dataClasses.js.map

package/dist/cjs/dataClasses.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"dataClasses.js","sources":["../../src/dataClasses.ts"],"sourcesContent":["import { fetchFromApi } from './api/haveibeenpwned';\n\n/**\n * Fetches all data classes in the system.\n *\n * @param {object} [options] a configuration object\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<string[]> | Promise<null>)} a Promise which resolves to an\n * array of strings (or null if no data classes were found), or rejects with an\n * Error\n * @example\n * dataClasses()\n *   .then(data => {\n *     if (data) {\n *       // ...\n *     } else {\n *       // ...\n *     }\n *   })\n *   .catch(err => {\n *     // ...\n *   });\n */\nexport function dataClasses(\n  options: { baseUrl?: string; userAgent?: string } = {},\n): Promise<string[] | null> {\n  return fetchFromApi('/dataclasses', options) as Promise<string[] | null>;\n}\n"],"names":["dataClasses","options","fetchFromApi"],"mappings":";;;;AAEA;;;;;;;;;;;;;;;;;;;;;;;;AAwBG;AACa,SAAAA,WAAW,CACzBC,OAAA,GAAoD,EAAE,EAAA;EAEtD,OAAOC,YAAY,CAAAA,YAAA,CAAC,cAAc,EAAED,OAAO,CAA6B;AAC1E;"}

package/dist/cjs/hibp.js

@@ -0,0 +1,21 @@
+'use strict';
+
+var breach = /*#__PURE__*/require('./breach.js');
+var breachedAccount = /*#__PURE__*/require('./breachedAccount.js');
+var breaches = /*#__PURE__*/require('./breaches.js');
+var dataClasses = /*#__PURE__*/require('./dataClasses.js');
+var pasteAccount = /*#__PURE__*/require('./pasteAccount.js');
+var pwnedPassword = /*#__PURE__*/require('./pwnedPassword.js');
+var pwnedPasswordRange = /*#__PURE__*/require('./pwnedPasswordRange.js');
+var search = /*#__PURE__*/require('./search.js');
+var fetchFromApi = /*#__PURE__*/require('./api/haveibeenpwned/fetchFromApi.js');
+exports.breach = breach.breach;
+exports.breachedAccount = breachedAccount.breachedAccount;
+exports.breaches = breaches.breaches;
+exports.dataClasses = dataClasses.dataClasses;
+exports.pasteAccount = pasteAccount.pasteAccount;
+exports.pwnedPassword = pwnedPassword.pwnedPassword;
+exports.pwnedPasswordRange = pwnedPasswordRange.pwnedPasswordRange;
+exports.search = search.search;
+exports.RateLimitError = fetchFromApi.RateLimitError;
+//# sourceMappingURL=hibp.js.map

package/dist/cjs/hibp.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hibp.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;"}

package/dist/cjs/package.json.js

@@ -0,0 +1,7 @@
+'use strict';
+
+const name = "hibp";
+const version = "0.0.0-dev.9896b89a";
+exports.name = name;
+exports.version = version;
+//# sourceMappingURL=package.json.js.map

package/dist/cjs/package.json.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"package.json.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;"}

package/dist/cjs/pasteAccount.js

@@ -0,0 +1,59 @@
+'use strict';
+
+var fetchFromApi = /*#__PURE__*/require('./api/haveibeenpwned/fetchFromApi.js');
+
+/**
+ * An object representing a paste.
+ *
+ * @typedef {object} Paste
+ * @property {string} Id
+ * @property {string} Source
+ * @property {string} Title
+ * @property {string} Date
+ * @property {number} EmailCount
+ */
+/**
+ * Fetches paste data for a specific account (email address).
+ *
+ * ***Warning (July 18, 2019):***
+ *
+ * `haveibeenpwned.com` now requires an API key from
+ * https://haveibeenpwned.com/API/Key for the `pasteaccount` endpoint. The
+ * `apiKey` option here is not explicitly required, but direct requests made
+ * without it (that is, without specifying a `baseUrl` to a proxy that inserts a
+ * valid API key on your behalf) will fail.
+ *
+ * @param {string} email the email address to query
+ * @param {object} [options] a configuration object
+ * @param {string} [options.apiKey] an API key from
+ * https://haveibeenpwned.com/API/Key
+ * @param {string} [options.baseUrl] a custom base URL for the
+ * haveibeenpwned.com API endpoints (default:
+ * `https://haveibeenpwned.com/api/v3`)
+ * @param {string} [options.userAgent] a custom string to send as the User-Agent
+ * field in the request headers (default: `hibp <version>`)
+ * @returns {(Promise<Paste[]> | Promise<null>)} a Promise which resolves to an
+ * array of paste objects (or null if no pastes were found), or rejects with an
+ * Error
+ * @example
+ * pasteAccount('foo@bar.com', { apiKey: 'my-api-key' })
+ *   .then(data => {
+ *     if (data) {
+ *       // ...
+ *     } else {
+ *       // ...
+ *     }
+ *   })
+ *   .catch(err => {
+ *     // ...
+ *   });
+ */
+function pasteAccount(email, options = {}) {
+  return fetchFromApi.fetchFromApi(`/pasteaccount/${encodeURIComponent(email)}`, {
+    apiKey: options.apiKey,
+    baseUrl: options.baseUrl,
+    userAgent: options.userAgent
+  });
+}
+exports.pasteAccount = pasteAccount;
+//# sourceMappingURL=pasteAccount.js.map

package/dist/cjs/pasteAccount.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pasteAccount.js","sources":["../../src/pasteAccount.ts"],"sourcesContent":["import type { Paste } from './api/haveibeenpwned/types';\nimport { fetchFromApi } from './api/haveibeenpwned';\n\n/**\n * An object representing a paste.\n *\n * @typedef {object} Paste\n * @property {string} Id\n * @property {string} Source\n * @property {string} Title\n * @property {string} Date\n * @property {number} EmailCount\n */\n\n/**\n * Fetches paste data for a specific account (email address).\n *\n * ***Warning (July 18, 2019):***\n *\n * `haveibeenpwned.com` now requires an API key from\n * https://haveibeenpwned.com/API/Key for the `pasteaccount` endpoint. The\n * `apiKey` option here is not explicitly required, but direct requests made\n * without it (that is, without specifying a `baseUrl` to a proxy that inserts a\n * valid API key on your behalf) will fail.\n *\n * @param {string} email the email address to query\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<Paste[]> | Promise<null>)} a Promise which resolves to an\n * array of paste objects (or null if no pastes were found), or rejects with an\n * Error\n * @example\n * pasteAccount('foo@bar.com', { apiKey: 'my-api-key' })\n *   .then(data => {\n *     if (data) {\n *       // ...\n *     } else {\n *       // ...\n *     }\n *   })\n *   .catch(err => {\n *     // ...\n *   });\n */\nexport function pasteAccount(\n  email: string,\n  options: { apiKey?: string; baseUrl?: string; userAgent?: string } = {},\n): Promise<Paste[] | null> {\n  return fetchFromApi(`/pasteaccount/${encodeURIComponent(email)}`, {\n    apiKey: options.apiKey,\n    baseUrl: options.baseUrl,\n    userAgent: options.userAgent,\n  }) as Promise<Paste[] | null>;\n}\n"],"names":["pasteAccount","email","options","fetchFromApi","encodeURIComponent","apiKey","baseUrl","userAgent"],"mappings":";;;;AAGA;;;;;;;;;AASG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmCG;SACaA,YAAY,CAC1BC,KAAa,EACbC,UAAqE,EAAE,EAAA;EAEvE,OAAOC,YAAAA,CAAAA,YAAY,CAAkB,iBAAAC,kBAAkB,CAACH,KAAK,GAAG,EAAE;IAChEI,MAAM,EAAEH,OAAO,CAACG,MAAM;IACtBC,OAAO,EAAEJ,OAAO,CAACI,OAAO;IACxBC,SAAS,EAAEL,OAAO,CAACK;EACpB,CAAA,CAA4B;AAC/B;"}

package/dist/cjs/pwnedPassword.js

@@ -0,0 +1,45 @@
+'use strict';
+
+var JSSHA = /*#__PURE__*/require('jssha/dist/sha1');
+var pwnedPasswordRange = /*#__PURE__*/require('./pwnedPasswordRange.js');
+
+/**
+ * Fetches the number of times the the given password has been exposed in a
+ * breach (0 indicating no exposure). The password is given in plain text, but
+ * only the first 5 characters of its SHA-1 hash will be submitted to the API.
+ *
+ * @param {string} password a password in plain text
+ * @param {object} [options] a configuration object
+ * @param {string} [options.baseUrl] a custom base URL for the
+ * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)
+ * @param {string} [options.userAgent] a custom string to send as the User-Agent
+ * field in the request headers (default: `hibp <version>`)
+ * @returns {Promise<number>} a Promise which resolves to the number of times
+ * the password has been exposed in a breach, or rejects with an Error
+ * @example
+ * pwnedPassword('f00b4r')
+ *   .then(numPwns => {
+ *     // truthy check or numeric condition
+ *     if (numPwns) {
+ *       // ...
+ *     } else {
+ *       // ...
+ *     }
+ *   })
+ *   .catch(err => {
+ *     // ...
+ *   });
+ * @see https://haveibeenpwned.com/api/v3#PwnedPasswords
+ */
+function pwnedPassword(password, options = {}) {
+  const sha1 = new JSSHA('SHA-1', 'TEXT');
+  sha1.update(password);
+  const hash = sha1.getHash('HEX', {
+    outputUpper: true
+  });
+  const prefix = hash.slice(0, 5);
+  const suffix = hash.slice(5);
+  return pwnedPasswordRange.pwnedPasswordRange(prefix, options).then(range => range[suffix] || 0);
+}
+exports.pwnedPassword = pwnedPassword;
+//# sourceMappingURL=pwnedPassword.js.map

package/dist/cjs/pwnedPassword.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pwnedPassword.js","sources":["../../src/pwnedPassword.ts"],"sourcesContent":["import JSSHA from 'jssha/dist/sha1';\nimport { pwnedPasswordRange } from './pwnedPasswordRange';\n\n/**\n * Fetches the number of times the the given password has been exposed in a\n * breach (0 indicating no exposure). The password is given in plain text, but\n * only the first 5 characters of its SHA-1 hash will be submitted to the API.\n *\n * @param {string} password a password in plain text\n * @param {object} [options] a configuration object\n * @param {string} [options.baseUrl] a custom base URL for the\n * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<number>} a Promise which resolves to the number of times\n * the password has been exposed in a breach, or rejects with an Error\n * @example\n * pwnedPassword('f00b4r')\n *   .then(numPwns => {\n *     // truthy check or numeric condition\n *     if (numPwns) {\n *       // ...\n *     } else {\n *       // ...\n *     }\n *   })\n *   .catch(err => {\n *     // ...\n *   });\n * @see https://haveibeenpwned.com/api/v3#PwnedPasswords\n */\nexport function pwnedPassword(\n  password: string,\n  options: { baseUrl?: string; userAgent?: string } = {},\n): Promise<number> {\n  const sha1 = new JSSHA('SHA-1', 'TEXT');\n  sha1.update(password);\n  const hash = sha1.getHash('HEX', { outputUpper: true });\n  const prefix = hash.slice(0, 5);\n  const suffix = hash.slice(5);\n\n  return pwnedPasswordRange(prefix, options).then(\n    (range) => range[suffix] || 0,\n  );\n}\n"],"names":["pwnedPassword","password","options","sha1","JSSHA","update","hash","getHash","outputUpper","prefix","slice","suffix","pwnedPasswordRange","then","range"],"mappings":";;;;;AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;AA2BG;SACaA,aAAa,CAC3BC,QAAgB,EAChBC,UAAoD,EAAE,EAAA;EAEtD,MAAMC,IAAI,GAAG,IAAIC,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC;EACvCD,IAAI,CAACE,MAAM,CAACJ,QAAQ,CAAC;EACrB,MAAMK,IAAI,GAAGH,IAAI,CAACI,OAAO,CAAC,KAAK,EAAE;IAAEC,WAAW,EAAE;EAAI,CAAE,CAAC;EACvD,MAAMC,MAAM,GAAGH,IAAI,CAACI,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;EAC/B,MAAMC,MAAM,GAAGL,IAAI,CAACI,KAAK,CAAC,CAAC,CAAC;EAE5B,OAAOE,qCAAkB,CAACH,MAAM,EAAEP,OAAO,CAAC,CAACW,IAAI,CAC5CC,KAAK,IAAKA,KAAK,CAACH,MAAM,CAAC,IAAI,CAAC,CAC9B;AACH;"}

package/dist/cjs/pwnedPasswordRange.js

@@ -0,0 +1,63 @@
+'use strict';
+
+var fetchFromApi = /*#__PURE__*/require('./api/pwnedpasswords/fetchFromApi.js');
+
+/**
+ * An object mapping an exposed password hash suffix (corresponding to a given
+ * hash prefix) to how many times it occurred in the Pwned Passwords repository.
+ *
+ * @typedef {Object.<string, number>} PwnedPasswordSuffixes
+ */
+/**
+ * Fetches the SHA-1 hash suffixes for the given 5-character SHA-1 hash prefix.
+ *
+ * When a password hash with the same first 5 characters is found in the Pwned
+ * Passwords repository, the API will respond with an HTTP 200 and include the
+ * suffix of every hash beginning with the specified prefix, followed by a count
+ * of how many times it appears in the data set. This function parses the
+ * response and returns a more structured format.
+ *
+ * @param {string} prefix the first 5 characters of a SHA-1 password hash (case
+ * insensitive)
+ * @param {object} [options] a configuration object
+ * @param {string} [options.baseUrl] a custom base URL for the
+ * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)
+ * @param {string} [options.userAgent] a custom string to send as the User-Agent
+ * field in the request headers (default: `hibp <version>`)
+ * @returns {Promise<PwnedPasswordSuffixes>} a Promise which resolves to an
+ * object mapping the `suffix` that when matched with the prefix composes the
+ * complete hash, to the `count` of how many times it appears in the breached
+ * password data set, or rejects with an Error
+ *
+ * @example
+ * pwnedPasswordRange('5BAA6')
+ *   .then(results => {
+ *     // results will have the following shape:
+ *     // {
+ *     //   "003D68EB55068C33ACE09247EE4C639306B": 3,
+ *     //   "012C192B2F16F82EA0EB9EF18D9D539B0DD": 1,
+ *     //   ...
+ *     // }
+ *   })
+ * @example
+ * const suffix = '1E4C9B93F3F0682250B6CF8331B7EE68FD8';
+ * pwnedPasswordRange('5BAA6')
+ *   .then(results => (results[suffix] || 0))
+ *   .catch(err => {
+ *     // ...
+ *   });
+ * @see https://haveibeenpwned.com/api/v3#SearchingPwnedPasswordsByRange
+ */
+function pwnedPasswordRange(prefix, options = {}) {
+  return fetchFromApi.fetchFromApi(`/range/${encodeURIComponent(prefix)}`, options)
+  // create array from lines of text in response body
+  .then(data => data.split('\n').filter(Boolean))
+  // convert into an object mapping suffix to count for each line
+  .then(results => results.reduce((acc, row) => {
+    const [suffix, countString] = row.split(':');
+    acc[suffix] = parseInt(countString, 10);
+    return acc;
+  }, {}));
+}
+exports.pwnedPasswordRange = pwnedPasswordRange;
+//# sourceMappingURL=pwnedPasswordRange.js.map

package/dist/cjs/pwnedPasswordRange.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pwnedPasswordRange.js","sources":["../../src/pwnedPasswordRange.ts"],"sourcesContent":["import { fetchFromApi } from './api/pwnedpasswords';\n\nexport interface PwnedPasswordSuffixes {\n  [suffix: string]: number;\n}\n\n/**\n * An object mapping an exposed password hash suffix (corresponding to a given\n * hash prefix) to how many times it occurred in the Pwned Passwords repository.\n *\n * @typedef {Object.<string, number>} PwnedPasswordSuffixes\n */\n\n/**\n * Fetches the SHA-1 hash suffixes for the given 5-character SHA-1 hash prefix.\n *\n * When a password hash with the same first 5 characters is found in the Pwned\n * Passwords repository, the API will respond with an HTTP 200 and include the\n * suffix of every hash beginning with the specified prefix, followed by a count\n * of how many times it appears in the data set. This function parses the\n * response and returns a more structured format.\n *\n * @param {string} prefix the first 5 characters of a SHA-1 password hash (case\n * insensitive)\n * @param {object} [options] a configuration object\n * @param {string} [options.baseUrl] a custom base URL for the\n * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<PwnedPasswordSuffixes>} a Promise which resolves to an\n * object mapping the `suffix` that when matched with the prefix composes the\n * complete hash, to the `count` of how many times it appears in the breached\n * password data set, or rejects with an Error\n *\n * @example\n * pwnedPasswordRange('5BAA6')\n *   .then(results => {\n *     // results will have the following shape:\n *     // {\n *     //   \"003D68EB55068C33ACE09247EE4C639306B\": 3,\n *     //   \"012C192B2F16F82EA0EB9EF18D9D539B0DD\": 1,\n *     //   ...\n *     // }\n *   })\n * @example\n * const suffix = '1E4C9B93F3F0682250B6CF8331B7EE68FD8';\n * pwnedPasswordRange('5BAA6')\n *   .then(results => (results[suffix] || 0))\n *   .catch(err => {\n *     // ...\n *   });\n * @see https://haveibeenpwned.com/api/v3#SearchingPwnedPasswordsByRange\n */\nexport function pwnedPasswordRange(\n  prefix: string,\n  options: { baseUrl?: string; userAgent?: string } = {},\n): Promise<PwnedPasswordSuffixes> {\n  return (\n    fetchFromApi(`/range/${encodeURIComponent(prefix)}`, options)\n      // create array from lines of text in response body\n      .then((data) => data.split('\\n').filter(Boolean))\n      // convert into an object mapping suffix to count for each line\n      .then((results) =>\n        results.reduce<PwnedPasswordSuffixes>((acc, row) => {\n          const [suffix, countString] = row.split(':');\n          acc[suffix] = parseInt(countString, 10);\n          return acc;\n        }, {}),\n      )\n  );\n}\n"],"names":["pwnedPasswordRange","prefix","options","fetchFromApi","encodeURIComponent","then","data","split","filter","Boolean","results","reduce","acc","row","suffix","countString","parseInt"],"mappings":";;;;AAMA;;;;;AAKG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuCG;SACaA,kBAAkB,CAChCC,MAAc,EACdC,UAAoD,EAAE,EAAA;EAEtD,OACEC,YAAAA,CAAAA,YAAY,CAAW,UAAAC,kBAAkB,CAACH,MAAM,CAAC,EAAE,EAAEC,OAAO;;GAEzDG,IAAI,CAAEC,IAAI,IAAKA,IAAI,CAACC,KAAK,CAAC,IAAI,CAAC,CAACC,MAAM,CAACC,OAAO,CAAC;;GAE/CJ,IAAI,CAAEK,OAAO,IACZA,OAAO,CAACC,MAAM,CAAwB,CAACC,GAAG,EAAEC,GAAG,KAAI;IACjD,MAAM,CAACC,MAAM,EAAEC,WAAW,CAAC,GAAGF,GAAG,CAACN,KAAK,CAAC,GAAG,CAAC;IAC5CK,GAAG,CAACE,MAAM,CAAC,GAAGE,QAAQ,CAACD,WAAW,EAAE,EAAE,CAAC;IACvC,OAAOH,GAAG;EACZ,CAAC,EAAE,CAAA,CAAE,CAAC,CACP;AAEP;"}

package/dist/cjs/search.js

@@ -0,0 +1,97 @@
+'use strict';
+
+var breachedAccount = /*#__PURE__*/require('./breachedAccount.js');
+var pasteAccount = /*#__PURE__*/require('./pasteAccount.js');
+
+/**
+ * An object representing search results.
+ *
+ * @typedef {object} SearchResults
+ * @property {(Breach[] | null)} breaches
+ * @property {(Paste[] | null)} pastes
+ */
+/**
+ * Fetches all breaches and all pastes associated with the provided account
+ * (email address or username). Note that the remote API does not support
+ * querying pastes by username (only email addresses), so in the event the
+ * provided account is not a valid email address, only breach data is queried
+ * and the "pastes" field of the resulting object will always be null. This is
+ * exactly how searching via the current web interface behaves, which this
+ * convenience method is designed to mimic.
+ *
+ * ***Warning (July 18, 2019):***
+ *
+ * `haveibeenpwned.com` now requires an API key from
+ * https://haveibeenpwned.com/API/Key for the `breachedaccount` and
+ * `pasteaccount` endpoints. The  `apiKey` option here is not explicitly
+ * required, but direct requests made without it (that is, without specifying a
+ * `baseUrl` to a proxy that inserts a valid API key on your behalf) will fail.
+ *
+ * @param {string} account an email address or username
+ * @param {object} [breachOptions] a configuration object pertaining to breach
+ * queries
+ * @param {string} [breachOptions.apiKey] an API key from
+ * https://haveibeenpwned.com/API/Key
+ * @param {string} [breachOptions.domain] a domain by which to filter the
+ * results (default: all domains)
+ * @param {boolean} [breachOptions.truncate] truncate the results to only
+ * include the name of each breach (default: true)
+ * @param {string} [breachOptions.baseUrl] a custom base URL for the
+ * haveibeenpwned.com API endpoints (default:
+ * `https://haveibeenpwned.com/api/v3`)
+ * @param {string} [breachOptions.userAgent] a custom string to send as the
+ * User-Agent field in the request headers (default: `hibp <version>`)
+ * @returns {Promise<SearchResults>} a Promise which resolves to an object
+ * containing a "breaches" key (which can be null or an array of breach objects)
+ * and a "pastes" key (which can be null or an array of paste objects), or
+ * rejects with an Error
+ * @example
+ * search('foo', { apiKey: 'my-api-key' })
+ *   .then(data => {
+ *     if (data.breaches || data.pastes) {
+ *       // ...
+ *     } else {
+ *       // ...
+ *     }
+ *   })
+ *   .catch(err => {
+ *     // ...
+ *   });
+ * @example
+ * search('nobody@nowhere.com', { apiKey: 'my-api-key', truncate: false })
+ *   .then(data => {
+ *     if (data.breaches || data.pastes) {
+ *       // ...
+ *     } else {
+ *       // ...
+ *     }
+ *   })
+ *   .catch(err => {
+ *     // ...
+ *   });
+ *
+ * @see https://haveibeenpwned.com/
+ */
+function search(account, breachOptions = {
+  truncate: true
+}) {
+  const {
+    apiKey,
+    baseUrl,
+    userAgent
+  } = breachOptions;
+  return Promise.all([breachedAccount.breachedAccount(account, breachOptions),
+  // This email regex is garbage but it seems to be what the API uses:
+  /^.+@.+$/.test(account) ? pasteAccount.pasteAccount(account, {
+    apiKey,
+    baseUrl,
+    userAgent
+  }) : null]).then(
+  // Avoid array destructuring here to prevent need for Babel helpers
+  promises => ({
+    breaches: promises[0],
+    pastes: promises[1]
+  }));
+}
+exports.search = search;
+//# sourceMappingURL=search.js.map

package/dist/cjs/search.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"search.js","sources":["../../src/search.ts"],"sourcesContent":["import type { Breach, Paste } from './api/haveibeenpwned/types';\nimport { breachedAccount } from './breachedAccount';\nimport { pasteAccount } from './pasteAccount';\n\nexport interface SearchResults {\n  breaches: Breach[] | null;\n  pastes: Paste[] | null;\n}\n\n/**\n * An object representing search results.\n *\n * @typedef {object} SearchResults\n * @property {(Breach[] | null)} breaches\n * @property {(Paste[] | null)} pastes\n */\n\n/**\n * Fetches all breaches and all pastes associated with the provided account\n * (email address or username). Note that the remote API does not support\n * querying pastes by username (only email addresses), so in the event the\n * provided account is not a valid email address, only breach data is queried\n * and the \"pastes\" field of the resulting object will always be null. This is\n * exactly how searching via the current web interface behaves, which this\n * convenience method is designed to mimic.\n *\n * ***Warning (July 18, 2019):***\n *\n * `haveibeenpwned.com` now requires an API key from\n * https://haveibeenpwned.com/API/Key for the `breachedaccount` and\n * `pasteaccount` endpoints. The  `apiKey` option here is not explicitly\n * required, but direct requests made without it (that is, without specifying a\n * `baseUrl` to a proxy that inserts a valid API key on your behalf) will fail.\n *\n * @param {string} account an email address or username\n * @param {object} [breachOptions] a configuration object pertaining to breach\n * queries\n * @param {string} [breachOptions.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key\n * @param {string} [breachOptions.domain] a domain by which to filter the\n * results (default: all domains)\n * @param {boolean} [breachOptions.truncate] truncate the results to only\n * include the name of each breach (default: true)\n * @param {string} [breachOptions.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [breachOptions.userAgent] a custom string to send as the\n * User-Agent field in the request headers (default: `hibp <version>`)\n * @returns {Promise<SearchResults>} a Promise which resolves to an object\n * containing a \"breaches\" key (which can be null or an array of breach objects)\n * and a \"pastes\" key (which can be null or an array of paste objects), or\n * rejects with an Error\n * @example\n * search('foo', { apiKey: 'my-api-key' })\n *   .then(data => {\n *     if (data.breaches || data.pastes) {\n *       // ...\n *     } else {\n *       // ...\n *     }\n *   })\n *   .catch(err => {\n *     // ...\n *   });\n * @example\n * search('nobody@nowhere.com', { apiKey: 'my-api-key', truncate: false })\n *   .then(data => {\n *     if (data.breaches || data.pastes) {\n *       // ...\n *     } else {\n *       // ...\n *     }\n *   })\n *   .catch(err => {\n *     // ...\n *   });\n *\n * @see https://haveibeenpwned.com/\n */\nexport function search(\n  account: string,\n  breachOptions: {\n    apiKey?: string;\n    domain?: string;\n    truncate?: boolean;\n    baseUrl?: string;\n    userAgent?: string;\n  } = {\n    truncate: true,\n  },\n): Promise<SearchResults> {\n  const { apiKey, baseUrl, userAgent } = breachOptions;\n\n  return Promise.all([\n    breachedAccount(account, breachOptions),\n    // This email regex is garbage but it seems to be what the API uses:\n    /^.+@.+$/.test(account)\n      ? pasteAccount(account, { apiKey, baseUrl, userAgent })\n      : null,\n  ]).then(\n    // Avoid array destructuring here to prevent need for Babel helpers\n    (promises) => ({\n      breaches: promises[0],\n      pastes: promises[1],\n    }),\n  );\n}\n"],"names":["search","account","breachOptions","truncate","apiKey","baseUrl","userAgent","Promise","all","breachedAccount","test","pasteAccount","then","promises","breaches","pastes"],"mappings":";;;;;AASA;;;;;;AAMG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA6DG;AACa,SAAAA,MAAM,CACpBC,OAAe,EACfC,aAMI,GAAA;EACFC,QAAQ,EAAE;AACX,CAAA,EAAA;EAED,MAAM;IAAEC,MAAM;IAAEC,OAAO;IAAEC;EAAS,CAAE,GAAGJ,aAAa;EAEpD,OAAOK,OAAO,CAACC,GAAG,CAAC,CACjBC,eAAe,CAAAA,eAAA,CAACR,OAAO,EAAEC,aAAa,CAAC;;EAEvC,SAAS,CAACQ,IAAI,CAACT,OAAO,CAAC,GACnBU,YAAAA,CAAAA,YAAY,CAACV,OAAO,EAAE;IAAEG,MAAM;IAAEC,OAAO;IAAEC;EAAS,CAAE,CAAC,GACrD,IAAI,CACT,CAAC,CAACM,IAAI;;EAEJC,QAAQ,KAAM;IACbC,QAAQ,EAAED,QAAQ,CAAC,CAAC,CAAC;IACrBE,MAAM,EAAEF,QAAQ,CAAC,CAAC;EACnB,CAAA,CAAC,CACH;AACH;"}