oauth4webapi 2.14.0 → 2.15.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/index.d.ts +31 -1
- package/build/index.js +11 -2
- package/package.json +1 -1
package/build/index.d.ts
CHANGED
|
@@ -999,6 +999,9 @@ export interface OAuth2Error {
|
|
|
999
999
|
* @group Token Revocation
|
|
1000
1000
|
* @group Refreshing an Access Token
|
|
1001
1001
|
* @group Pushed Authorization Requests (PAR)
|
|
1002
|
+
* @group JWT Bearer Token Grant Type
|
|
1003
|
+
* @group SAML 2.0 Bearer Assertion Grant Type
|
|
1004
|
+
* @group Token Exchange Grant Type
|
|
1002
1005
|
*/
|
|
1003
1006
|
export declare function isOAuth2Error(input?: TokenEndpointResponse | OAuth2TokenEndpointResponse | OpenIDTokenEndpointResponse | ClientCredentialsGrantResponse | DeviceAuthorizationResponse | IntrospectionResponse | OAuth2Error | PushedAuthorizationResponse | URLSearchParams | UserInfoResponse): input is OAuth2Error;
|
|
1004
1007
|
export interface WWWAuthenticateChallengeParameters {
|
|
@@ -1036,6 +1039,9 @@ export interface WWWAuthenticateChallenge {
|
|
|
1036
1039
|
* @group Token Revocation
|
|
1037
1040
|
* @group Refreshing an Access Token
|
|
1038
1041
|
* @group Pushed Authorization Requests (PAR)
|
|
1042
|
+
* @group JWT Bearer Token Grant Type
|
|
1043
|
+
* @group SAML 2.0 Bearer Assertion Grant Type
|
|
1044
|
+
* @group Token Exchange Grant Type
|
|
1039
1045
|
*/
|
|
1040
1046
|
export declare function parseWwwAuthenticateChallenges(response: Response): WWWAuthenticateChallenge[] | undefined;
|
|
1041
1047
|
/**
|
|
@@ -1252,7 +1258,7 @@ export declare function validateIdTokenSignature(as: AuthorizationServer, ref: O
|
|
|
1252
1258
|
*
|
|
1253
1259
|
* @see [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#UserInfo)
|
|
1254
1260
|
*/
|
|
1255
|
-
export declare function
|
|
1261
|
+
export declare function validateJwtUserInfoSignature(as: AuthorizationServer, ref: Response, options?: ValidateSignatureOptions): Promise<void>;
|
|
1256
1262
|
/**
|
|
1257
1263
|
* Validates the JWS Signature of an JWT {@link !Response} body of responses previously processed by
|
|
1258
1264
|
* {@link processIntrospectionResponse} for non-repudiation purposes.
|
|
@@ -1461,6 +1467,24 @@ export interface ClientCredentialsGrantRequestOptions extends HttpRequestOptions
|
|
|
1461
1467
|
* @see [RFC 9449 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.rfc-editor.org/rfc/rfc9449.html#name-dpop-access-token-request)
|
|
1462
1468
|
*/
|
|
1463
1469
|
export declare function clientCredentialsGrantRequest(as: AuthorizationServer, client: Client, parameters: URLSearchParams | Record<string, string> | string[][], options?: ClientCredentialsGrantRequestOptions): Promise<Response>;
|
|
1470
|
+
/**
|
|
1471
|
+
* Performs any Grant request at the {@link AuthorizationServer.token_endpoint `as.token_endpoint`}.
|
|
1472
|
+
* The purpose is to be able to execute grant requests such as Token Exchange Grant Type, JWT Bearer
|
|
1473
|
+
* Token Grant Type, or SAML 2.0 Bearer Assertion Grant Type.
|
|
1474
|
+
*
|
|
1475
|
+
* @param as Authorization Server Metadata.
|
|
1476
|
+
* @param client Client Metadata.
|
|
1477
|
+
* @param grantType Grant Type.
|
|
1478
|
+
*
|
|
1479
|
+
* @group JWT Bearer Token Grant Type
|
|
1480
|
+
* @group SAML 2.0 Bearer Assertion Grant Type
|
|
1481
|
+
* @group Token Exchange Grant Type
|
|
1482
|
+
*
|
|
1483
|
+
* @see {@link https://www.rfc-editor.org/rfc/rfc8693.html Token Exchange Grant Type}
|
|
1484
|
+
* @see {@link https://www.rfc-editor.org/rfc/rfc7523.html#section-2.1 JWT Bearer Token Grant Type}
|
|
1485
|
+
* @see {@link https://www.rfc-editor.org/rfc/rfc7522.html#section-2.1 SAML 2.0 Bearer Assertion Grant Type}
|
|
1486
|
+
*/
|
|
1487
|
+
export declare function genericTokenEndpointRequest(as: AuthorizationServer, client: Client, grantType: string, parameters: URLSearchParams | Record<string, string> | string[][], options?: Omit<TokenEndpointRequestOptions, 'additionalParameters'>): Promise<Response>;
|
|
1464
1488
|
/**
|
|
1465
1489
|
* Validates Client Credentials Grant {@link !Response} instance to be one coming from the
|
|
1466
1490
|
* {@link AuthorizationServer.token_endpoint `as.token_endpoint`}.
|
|
@@ -1864,6 +1888,12 @@ export declare const experimental_validateDetachedSignatureResponse: (as: Author
|
|
|
1864
1888
|
* @deprecated Use {@link validateJwtAccessToken}.
|
|
1865
1889
|
*/
|
|
1866
1890
|
export declare const experimental_validateJwtAccessToken: (as: AuthorizationServer, request: Request, expectedAudience: string, options?: ValidateJWTAccessTokenOptions | undefined) => ReturnType<typeof validateJwtAccessToken>;
|
|
1891
|
+
/**
|
|
1892
|
+
* @ignore
|
|
1893
|
+
*
|
|
1894
|
+
* @deprecated Use {@link validateJwtUserinfoSignature}.
|
|
1895
|
+
*/
|
|
1896
|
+
export declare const validateJwtUserinfoSignature: (as: AuthorizationServer, ref: Response, options?: ValidateSignatureOptions | undefined) => ReturnType<typeof validateJwtUserInfoSignature>;
|
|
1867
1897
|
/**
|
|
1868
1898
|
* @ignore
|
|
1869
1899
|
*
|
package/build/index.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
let USER_AGENT;
|
|
2
2
|
if (typeof navigator === 'undefined' || !navigator.userAgent?.startsWith?.('Mozilla/5.0 ')) {
|
|
3
3
|
const NAME = 'oauth4webapi';
|
|
4
|
-
const VERSION = 'v2.
|
|
4
|
+
const VERSION = 'v2.15.0';
|
|
5
5
|
USER_AGENT = `${NAME}/${VERSION}`;
|
|
6
6
|
}
|
|
7
7
|
function looseInstanceOf(input, expected) {
|
|
@@ -967,7 +967,7 @@ async function validateJwtResponseSignature(as, ref, options) {
|
|
|
967
967
|
key = await getPublicSigKeyFromIssuerJwksUri(as, options, header);
|
|
968
968
|
await validateJwsSignature(protectedHeader, payload, key, b64u(encodedSignature));
|
|
969
969
|
}
|
|
970
|
-
export function
|
|
970
|
+
export function validateJwtUserInfoSignature(as, ref, options) {
|
|
971
971
|
return validateJwtResponseSignature(as, ref, options);
|
|
972
972
|
}
|
|
973
973
|
export function validateJwtIntrospectionSignature(as, ref, options) {
|
|
@@ -1198,6 +1198,14 @@ export async function clientCredentialsGrantRequest(as, client, parameters, opti
|
|
|
1198
1198
|
assertClient(client);
|
|
1199
1199
|
return tokenEndpointRequest(as, client, 'client_credentials', new URLSearchParams(parameters), options);
|
|
1200
1200
|
}
|
|
1201
|
+
export async function genericTokenEndpointRequest(as, client, grantType, parameters, options) {
|
|
1202
|
+
assertAs(as);
|
|
1203
|
+
assertClient(client);
|
|
1204
|
+
if (!validateString(grantType)) {
|
|
1205
|
+
throw new TypeError('"grantType" must be a non-empty string');
|
|
1206
|
+
}
|
|
1207
|
+
return tokenEndpointRequest(as, client, grantType, new URLSearchParams(parameters), options);
|
|
1208
|
+
}
|
|
1201
1209
|
export async function processClientCredentialsResponse(as, client, response) {
|
|
1202
1210
|
const result = await processGenericAccessTokenResponse(as, client, response, true, true);
|
|
1203
1211
|
if (isOAuth2Error(result)) {
|
|
@@ -2011,4 +2019,5 @@ export const experimentalUseMtlsAlias = useMtlsAlias;
|
|
|
2011
2019
|
export const experimental_useMtlsAlias = useMtlsAlias;
|
|
2012
2020
|
export const experimental_validateDetachedSignatureResponse = (...args) => validateDetachedSignatureResponse(...args);
|
|
2013
2021
|
export const experimental_validateJwtAccessToken = (...args) => validateJwtAccessToken(...args);
|
|
2022
|
+
export const validateJwtUserinfoSignature = (...args) => validateJwtUserInfoSignature(...args);
|
|
2014
2023
|
export const experimental_jwksCache = jwksCache;
|