oauth2-cli 0.8.8 → 1.0.0

package/dist/Token/addHelpers.js

@@ -1,44 +0,0 @@
-/**
- * Reaching into the bowels of openid-client to be able to fully de-serialize a
- * serialized token response
- */
-import * as oauth from 'oauth4webapi';
-/** @see https://github.com/panva/openid-client/blob/79386b7f120dc9bdc7606886a26e4ea7d011ee51/src/index.ts#L1981-L2016 */
-function getHelpers(response) {
-    let exp = undefined;
-    if (response.expires_in !== undefined) {
-        const now = new Date();
-        now.setSeconds(now.getSeconds() + response.expires_in);
-        exp = now.getTime();
-    }
-    return {
-        expiresIn: {
-            __proto__: null,
-            value() {
-                if (exp) {
-                    const now = Date.now();
-                    if (exp > now) {
-                        return Math.floor((exp - now) / 1000);
-                    }
-                    return 0;
-                }
-                return undefined;
-            }
-        },
-        claims: {
-            __proto__: null,
-            value() {
-                try {
-                    return oauth.getValidatedIdTokenClaims(this);
-                }
-                catch {
-                    return undefined;
-                }
-            }
-        }
-    };
-}
-/** @see https://github.com/panva/openid-client/blob/79386b7f120dc9bdc7606886a26e4ea7d011ee51/src/index.ts#L2018-L2022 */
-export function addHelpers(response) {
-    Object.defineProperties(response, getHelpers(response));
-}

package/dist/WebServer.d.ts

@@ -1,75 +0,0 @@
-import { PathString } from '@battis/descriptive-types';
-import { Request, Response } from 'express';
-import { Session } from './Session.js';
-export type WebServerOptions = {
-    session: Session;
-    /** See {@link WebServer.setViews setViews()} */
-    views?: PathString;
-    /**
-     * Local web server authorize endpoint
-     *
-     * This is separate and distinct from the OpenID/OAuth server's authorization
-     * endpoint. This endpoint is the first path that the user is directed to in
-     * their browser. It can present an explanation of what is being authorized
-     * and why. By default it redirects to the OpenID/OAuth server's authorization
-     * URL, the first step in the Authorization Code Grant flow.
-     */
-    authorize_endpoint?: PathString;
-    /**
-     * The number of milliseconds of inactivity before a socket is presumed to
-     * have timed out. This can be reduced to limit potential wait times during
-     * interactive authentication, but must still be long enough to allow time for
-     * the authorization code to be exchanged for an access token.
-     *
-     * Defaults to 1000 milliseconds
-     */
-    timeout?: number;
-};
-export declare const DEFAULT_AUTHORIZE_ENDPOINT = "/oauth2-cli/authorize";
-export interface WebServerInterface {
-    /** See {@link WebServerOptions} */
-    readonly authorization_endpoint: PathString;
-    /** Shut down web server */
-    close(): Promise<void>;
-}
-/**
- * Minimal HTTP server running on localhost to handle the redirect step of
- * OpenID/OAuth flows
- */
-export declare class WebServer implements WebServerInterface {
-    private static activePorts;
-    protected readonly session: Session;
-    private views?;
-    private packageViews;
-    protected readonly port: string;
-    readonly authorization_endpoint: PathString;
-    private server;
-    constructor({ session, views, authorize_endpoint, timeout }: WebServerOptions);
-    /**
-     * Set the path to folder of *.ejs templates
-     *
-     * Expected templates include:
-     *
-     * - `authorize.ejs` presents information prior to the authorization to the
-     *   user, and the user must follow `authorize_url` data property to
-     *   interactively initiate authorization
-     * - `complete.ejs` presented to user upon successful completion of
-     *   authorization flow
-     * - `error.ejs` presented to user upon receipt of an error from the server,
-     *   includes `error` as data
-     *
-     * `complete.ejs` and `error.ejs` are included with oauth2-cli and those
-     * templates will be used if `ejs` is imported but no replacement templates
-     * are found.
-     *
-     * @param views Should be an absolute path
-     */
-    setViews(views: PathString): void;
-    protected render(res: Response, template: string, data?: Record<string, unknown>): Promise<boolean>;
-    /** Handles request to `/authorize` */
-    protected handleAuthorizationEndpoint(req: Request, res: Response): Promise<void>;
-    /** Handles request to `redirect_uri` */
-    protected handleRedirect(req: Request, res: Response): Promise<void>;
-    /** Shut down web server */
-    close(): Promise<void>;
-}

package/dist/WebServer.js

@@ -1,123 +0,0 @@
-import express from 'express';
-import * as gcrtl from 'gcrtl';
-import fs from 'node:fs';
-import path from 'node:path';
-import * as requestish from 'requestish';
-let ejs = undefined;
-try {
-    ejs = (await import('ejs')).default;
-}
-catch (_) {
-    // ignore error
-}
-export const DEFAULT_AUTHORIZE_ENDPOINT = '/oauth2-cli/authorize';
-/**
- * Minimal HTTP server running on localhost to handle the redirect step of
- * OpenID/OAuth flows
- */
-export class WebServer {
-    static activePorts = [];
-    session;
-    views;
-    packageViews = '../views';
-    port;
-    authorization_endpoint;
-    server;
-    constructor({ session, views, authorize_endpoint = DEFAULT_AUTHORIZE_ENDPOINT, timeout = 1000 // milliseconds
-     }) {
-        this.session = session;
-        this.authorization_endpoint = authorize_endpoint;
-        this.views = views;
-        const url = requestish.URL.from(this.session.redirect_uri);
-        this.port = url.port;
-        if (WebServer.activePorts.includes(this.port)) {
-            throw new Error(`Another process is already running at http://localhost:${url.port}.`, { cause: { activePorts: WebServer.activePorts } });
-        }
-        WebServer.activePorts.push(this.port);
-        const app = express();
-        app.get(this.authorization_endpoint, this.handleAuthorizationEndpoint.bind(this));
-        app.get(gcrtl.path(url), this.handleRedirect.bind(this));
-        this.server = app.listen(gcrtl.port(url));
-        this.server.timeout = timeout;
-        this.server.keepAliveTimeout = 0;
-        this.server.keepAliveTimeoutBuffer = 0;
-    }
-    /**
-     * Set the path to folder of *.ejs templates
-     *
-     * Expected templates include:
-     *
-     * - `authorize.ejs` presents information prior to the authorization to the
-     *   user, and the user must follow `authorize_url` data property to
-     *   interactively initiate authorization
-     * - `complete.ejs` presented to user upon successful completion of
-     *   authorization flow
-     * - `error.ejs` presented to user upon receipt of an error from the server,
-     *   includes `error` as data
-     *
-     * `complete.ejs` and `error.ejs` are included with oauth2-cli and those
-     * templates will be used if `ejs` is imported but no replacement templates
-     * are found.
-     *
-     * @param views Should be an absolute path
-     */
-    setViews(views) {
-        this.views = views;
-    }
-    async render(res, template, data = {}) {
-        const name = this.session.client.clientName();
-        async function attemptToRender(views) {
-            if (ejs && views) {
-                const viewPath = path.resolve(import.meta.dirname, views, template);
-                if (fs.existsSync(viewPath)) {
-                    res.send(await ejs.renderFile(viewPath, { name, ...data }));
-                    return true;
-                }
-            }
-            return false;
-        }
-        return ((await attemptToRender(this.views)) ||
-            (await attemptToRender(this.packageViews)));
-    }
-    /** Handles request to `/authorize` */
-    async handleAuthorizationEndpoint(req, res) {
-        const authorization_url = await this.session.getAuthorizationUrl();
-        if (!(await this.render(res, 'authorize.ejs', { authorization_url }))) {
-            res.redirect(authorization_url);
-            res.end();
-        }
-    }
-    /** Handles request to `redirect_uri` */
-    async handleRedirect(req, res) {
-        try {
-            await this.session.handleAuthorizationCodeRedirect(req);
-            if (!(await this.render(res, 'complete.ejs'))) {
-                res.send(`${this.session.client.clientName()} authorization complete. You may close this window.`);
-            }
-        }
-        catch (error) {
-            if (!(await this.render(res, 'error.ejs', { error }))) {
-                res.send({
-                    client: this.session.client.clientName(),
-                    error
-                });
-            }
-        }
-    }
-    /** Shut down web server */
-    async close() {
-        return new Promise((resolve, reject) => {
-            this.server.close((cause) => {
-                if (cause) {
-                    reject(new Error(`Error shutting down ${this.session.client.clientName()} out-of-band redirect web server`, {
-                        cause
-                    }));
-                }
-                else {
-                    WebServer.activePorts.splice(WebServer.activePorts.indexOf(this.port), 1);
-                    resolve();
-                }
-            });
-        });
-    }
-}