kavachos 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth/index.js +28 -10
- package/dist/auth/index.js.map +1 -1
- package/dist/index.js +28 -10
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -1912,8 +1912,16 @@ function getCookie(request, name) {
|
|
|
1912
1912
|
const match = header.match(new RegExp(`(?:^|;\\s*)${name}=([^;]*)`));
|
|
1913
1913
|
return match?.[1] ? decodeURIComponent(match[1]) : null;
|
|
1914
1914
|
}
|
|
1915
|
-
function buildSetCookie(name, value, maxAge, path = "/") {
|
|
1916
|
-
|
|
1915
|
+
function buildSetCookie(name, value, maxAge, path = "/", secure = true) {
|
|
1916
|
+
const parts = [
|
|
1917
|
+
`${name}=${encodeURIComponent(value)}`,
|
|
1918
|
+
"HttpOnly",
|
|
1919
|
+
"SameSite=Lax",
|
|
1920
|
+
`Path=${path}`,
|
|
1921
|
+
`Max-Age=${maxAge}`
|
|
1922
|
+
];
|
|
1923
|
+
if (secure) parts.splice(1, 0, "Secure");
|
|
1924
|
+
return parts.join("; ");
|
|
1917
1925
|
}
|
|
1918
1926
|
function buildClearCookie(name, path = "/") {
|
|
1919
1927
|
return `${name}=; HttpOnly; Secure; SameSite=Lax; Path=${path}; Max-Age=0`;
|
|
@@ -5764,7 +5772,8 @@ function oauth(config) {
|
|
|
5764
5772
|
if (userId !== "__pending__") {
|
|
5765
5773
|
const { session, token } = await sessionManager.create(userId);
|
|
5766
5774
|
const maxAge = Math.floor((session.expiresAt.getTime() - Date.now()) / 1e3);
|
|
5767
|
-
const
|
|
5775
|
+
const isSecure = baseUrl.startsWith("https://");
|
|
5776
|
+
const cookie = buildSetCookie("kavach_session", token, maxAge, "/", isSecure);
|
|
5768
5777
|
const userInfo = encodeURIComponent(JSON.stringify({ id: userId, email }));
|
|
5769
5778
|
const callbackUrl = `${baseUrl}/?auth_user=${userInfo}`;
|
|
5770
5779
|
return new Response(null, {
|
|
@@ -6068,13 +6077,14 @@ function createGithubProvider(config) {
|
|
|
6068
6077
|
});
|
|
6069
6078
|
return `${AUTHORIZATION_URL3}?${params.toString()}`;
|
|
6070
6079
|
}
|
|
6071
|
-
async function exchangeCode(code2,
|
|
6080
|
+
async function exchangeCode(code2, codeVerifier, redirectUri) {
|
|
6072
6081
|
const effectiveRedirectUri = config.redirectUri ?? redirectUri;
|
|
6073
6082
|
const body = new URLSearchParams({
|
|
6074
6083
|
client_id: config.clientId,
|
|
6075
6084
|
client_secret: config.clientSecret,
|
|
6076
6085
|
code: code2,
|
|
6077
|
-
redirect_uri: effectiveRedirectUri
|
|
6086
|
+
redirect_uri: effectiveRedirectUri,
|
|
6087
|
+
code_verifier: codeVerifier
|
|
6078
6088
|
});
|
|
6079
6089
|
const response = await fetch(TOKEN_URL3, {
|
|
6080
6090
|
method: "POST",
|
|
@@ -6370,14 +6380,15 @@ function createLinkedInProvider(config) {
|
|
|
6370
6380
|
});
|
|
6371
6381
|
return `${AUTHORIZATION_URL6}?${params.toString()}`;
|
|
6372
6382
|
}
|
|
6373
|
-
async function exchangeCode(code2,
|
|
6383
|
+
async function exchangeCode(code2, codeVerifier, redirectUri) {
|
|
6374
6384
|
const effectiveRedirectUri = config.redirectUri ?? redirectUri;
|
|
6375
6385
|
const body = new URLSearchParams({
|
|
6376
6386
|
grant_type: "authorization_code",
|
|
6377
6387
|
client_id: config.clientId,
|
|
6378
6388
|
client_secret: config.clientSecret,
|
|
6379
6389
|
code: code2,
|
|
6380
|
-
redirect_uri: effectiveRedirectUri
|
|
6390
|
+
redirect_uri: effectiveRedirectUri,
|
|
6391
|
+
code_verifier: codeVerifier
|
|
6381
6392
|
});
|
|
6382
6393
|
const response = await fetch(TOKEN_URL6, {
|
|
6383
6394
|
method: "POST",
|
|
@@ -6561,14 +6572,15 @@ function createSlackProvider(config) {
|
|
|
6561
6572
|
});
|
|
6562
6573
|
return `${AUTHORIZATION_URL8}?${params.toString()}`;
|
|
6563
6574
|
}
|
|
6564
|
-
async function exchangeCode(code2,
|
|
6575
|
+
async function exchangeCode(code2, codeVerifier, redirectUri) {
|
|
6565
6576
|
const effectiveRedirectUri = config.redirectUri ?? redirectUri;
|
|
6566
6577
|
const body = new URLSearchParams({
|
|
6567
6578
|
grant_type: "authorization_code",
|
|
6568
6579
|
client_id: config.clientId,
|
|
6569
6580
|
client_secret: config.clientSecret,
|
|
6570
6581
|
code: code2,
|
|
6571
|
-
redirect_uri: effectiveRedirectUri
|
|
6582
|
+
redirect_uri: effectiveRedirectUri,
|
|
6583
|
+
code_verifier: codeVerifier
|
|
6572
6584
|
});
|
|
6573
6585
|
const response = await fetch(TOKEN_URL8, {
|
|
6574
6586
|
method: "POST",
|
|
@@ -10680,7 +10692,13 @@ function passkey(config) {
|
|
|
10680
10692
|
status: 200,
|
|
10681
10693
|
headers: {
|
|
10682
10694
|
"Content-Type": "application/json",
|
|
10683
|
-
"Set-Cookie": buildSetCookie(
|
|
10695
|
+
"Set-Cookie": buildSetCookie(
|
|
10696
|
+
"kavach_session",
|
|
10697
|
+
token,
|
|
10698
|
+
maxAge,
|
|
10699
|
+
"/",
|
|
10700
|
+
(ctx.config.baseUrl ?? "").startsWith("https://")
|
|
10701
|
+
)
|
|
10684
10702
|
}
|
|
10685
10703
|
}
|
|
10686
10704
|
);
|