oauth4webapi 2.0.0 → 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -2
- package/build/index.js +22 -2
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -39,7 +39,7 @@ import * as oauth2 from 'oauth4webapi'
|
|
|
39
39
|
**`example`** Deno import
|
|
40
40
|
|
|
41
41
|
```js
|
|
42
|
-
import * as oauth2 from 'https://deno.land/x/oauth4webapi/mod.ts'
|
|
42
|
+
import * as oauth2 from 'https://deno.land/x/oauth4webapi@v2.0.1/mod.ts'
|
|
43
43
|
```
|
|
44
44
|
|
|
45
45
|
- Authorization Code Flow - OpenID Connect [source](examples/code.ts), or plain OAuth 2 [source](examples/oauth.ts)
|
|
@@ -71,5 +71,4 @@ These are _(this is not an exhaustive list)_:
|
|
|
71
71
|
- Implicit, Hybrid, and Resource Owner Password Credentials Flows
|
|
72
72
|
- Mutual-TLS Client Authentication and Certificate-Bound Access Tokens
|
|
73
73
|
- JSON Web Encryption (JWE)
|
|
74
|
-
- JSON Web Signature (JWS) rarely used algorithms and HMAC
|
|
75
74
|
- Automatic polyfills of any kind
|
package/build/index.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
let USER_AGENT;
|
|
2
2
|
if (typeof navigator === 'undefined' || !navigator.userAgent?.startsWith?.('Mozilla/5.0 ')) {
|
|
3
3
|
const NAME = 'oauth4webapi';
|
|
4
|
-
const VERSION = 'v2.0.
|
|
4
|
+
const VERSION = 'v2.0.1';
|
|
5
5
|
USER_AGENT = `${NAME}/${VERSION}`;
|
|
6
6
|
}
|
|
7
7
|
const encoder = new TextEncoder();
|
|
@@ -432,6 +432,21 @@ export async function issueRequestObject(as, client, parameters, privateKey) {
|
|
|
432
432
|
resource.length > 1) {
|
|
433
433
|
claims.resource = resource;
|
|
434
434
|
}
|
|
435
|
+
if (parameters.has('claims')) {
|
|
436
|
+
const value = parameters.get('claims');
|
|
437
|
+
if (value === '[object Object]') {
|
|
438
|
+
throw new OPE('"claims" parameter must be passed as a UTF-8 encoded JSON');
|
|
439
|
+
}
|
|
440
|
+
try {
|
|
441
|
+
claims.claims = JSON.parse(value);
|
|
442
|
+
}
|
|
443
|
+
catch {
|
|
444
|
+
throw new OPE('failed to parse the "claims" parameter as JSON');
|
|
445
|
+
}
|
|
446
|
+
if (!isJsonObject(claims.claims)) {
|
|
447
|
+
throw new OPE('"claims" parameter must be a top level object');
|
|
448
|
+
}
|
|
449
|
+
}
|
|
435
450
|
return jwt({
|
|
436
451
|
alg: determineJWSAlgorithm(key),
|
|
437
452
|
typ: 'oauth-authz-req+jwt',
|
|
@@ -469,9 +484,14 @@ async function dpopProofJwt(headers, options, url, htm, accessToken) {
|
|
|
469
484
|
}, privateKey);
|
|
470
485
|
headers.set('dpop', proof);
|
|
471
486
|
}
|
|
487
|
+
const jwkCache = Symbol();
|
|
472
488
|
async function publicJwk(key) {
|
|
489
|
+
if (key[jwkCache]) {
|
|
490
|
+
return key[jwkCache];
|
|
491
|
+
}
|
|
473
492
|
const { kty, e, n, x, y, crv } = await crypto.subtle.exportKey('jwk', key);
|
|
474
|
-
|
|
493
|
+
const jwk = (key[jwkCache] = { kty, e, n, x, y, crv });
|
|
494
|
+
return jwk;
|
|
475
495
|
}
|
|
476
496
|
export async function pushedAuthorizationRequest(as, client, parameters, options) {
|
|
477
497
|
assertAs(as);
|