oauth4webapi 2.2.0 → 2.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/build/index.d.ts +27 -23
- package/build/index.js +7 -3
- package/package.json +11 -10
package/README.md
CHANGED
|
@@ -39,7 +39,7 @@ import * as oauth2 from 'oauth4webapi'
|
|
|
39
39
|
**`example`** Deno import
|
|
40
40
|
|
|
41
41
|
```js
|
|
42
|
-
import * as oauth2 from 'https://deno.land/x/oauth4webapi@v2.2.
|
|
42
|
+
import * as oauth2 from 'https://deno.land/x/oauth4webapi@v2.2.2/mod.ts'
|
|
43
43
|
```
|
|
44
44
|
|
|
45
45
|
- Authorization Code Flow - OpenID Connect [source](examples/code.ts), or plain OAuth 2 [source](examples/oauth.ts)
|
package/build/index.d.ts
CHANGED
|
@@ -641,19 +641,20 @@ export interface OAuth2Error {
|
|
|
641
641
|
}
|
|
642
642
|
/** A helper function used to determine if a response processing function returned an OAuth2Error. */
|
|
643
643
|
export declare function isOAuth2Error(input?: ReturnTypes): input is OAuth2Error;
|
|
644
|
+
export interface WWWAuthenticateChallengeParameters {
|
|
645
|
+
readonly realm?: string;
|
|
646
|
+
readonly error?: string;
|
|
647
|
+
readonly error_description?: string;
|
|
648
|
+
readonly error_uri?: string;
|
|
649
|
+
readonly algs?: string;
|
|
650
|
+
readonly scope?: string;
|
|
651
|
+
/** NOTE: because the parameter names are case insensitive they are always returned lowercased */
|
|
652
|
+
readonly [parameter: string]: string | undefined;
|
|
653
|
+
}
|
|
644
654
|
export interface WWWAuthenticateChallenge {
|
|
645
655
|
/** NOTE: because the value is case insensitive it is always returned lowercased */
|
|
646
656
|
readonly scheme: string;
|
|
647
|
-
readonly parameters:
|
|
648
|
-
readonly realm?: string;
|
|
649
|
-
readonly error?: string;
|
|
650
|
-
readonly error_description?: string;
|
|
651
|
-
readonly error_uri?: string;
|
|
652
|
-
readonly algs?: string;
|
|
653
|
-
readonly scope?: string;
|
|
654
|
-
/** NOTE: because the parameter names are case insensitive they are always returned lowercased */
|
|
655
|
-
readonly [parameter: string]: string | undefined;
|
|
656
|
-
};
|
|
657
|
+
readonly parameters: WWWAuthenticateChallengeParameters;
|
|
657
658
|
}
|
|
658
659
|
/**
|
|
659
660
|
* Parses the `WWW-Authenticate` HTTP Header from a Response instance.
|
|
@@ -719,6 +720,15 @@ export interface UserInfoRequestOptions extends HttpRequestOptions, DPoPRequestO
|
|
|
719
720
|
* @see [draft-ietf-oauth-dpop-11 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-11.html#name-protected-resource-access)
|
|
720
721
|
*/
|
|
721
722
|
export declare function userInfoRequest(as: AuthorizationServer, client: Client, accessToken: string, options?: UserInfoRequestOptions): Promise<Response>;
|
|
723
|
+
export interface UserInfoAddress {
|
|
724
|
+
readonly formatted?: string;
|
|
725
|
+
readonly street_address?: string;
|
|
726
|
+
readonly locality?: string;
|
|
727
|
+
readonly region?: string;
|
|
728
|
+
readonly postal_code?: string;
|
|
729
|
+
readonly country?: string;
|
|
730
|
+
readonly [claim: string]: JsonValue | undefined;
|
|
731
|
+
}
|
|
722
732
|
export interface UserInfoResponse {
|
|
723
733
|
readonly sub: string;
|
|
724
734
|
readonly name?: string;
|
|
@@ -738,14 +748,7 @@ export interface UserInfoResponse {
|
|
|
738
748
|
readonly locale?: string;
|
|
739
749
|
readonly phone_number?: string;
|
|
740
750
|
readonly updated_at?: number;
|
|
741
|
-
readonly address?:
|
|
742
|
-
readonly formatted?: string;
|
|
743
|
-
readonly street_address?: string;
|
|
744
|
-
readonly locality?: string;
|
|
745
|
-
readonly region?: string;
|
|
746
|
-
readonly postal_code?: string;
|
|
747
|
-
readonly country?: string;
|
|
748
|
-
};
|
|
751
|
+
readonly address?: UserInfoAddress;
|
|
749
752
|
readonly [claim: string]: JsonValue | undefined;
|
|
750
753
|
}
|
|
751
754
|
/**
|
|
@@ -1024,6 +1027,11 @@ export interface IntrospectionRequestOptions extends HttpRequestOptions, Authent
|
|
|
1024
1027
|
* @see [draft-ietf-oauth-jwt-introspection-response-12 - JWT Response for OAuth Token Introspection](https://www.ietf.org/archive/id/draft-ietf-oauth-jwt-introspection-response-12.html#section-4)
|
|
1025
1028
|
*/
|
|
1026
1029
|
export declare function introspectionRequest(as: AuthorizationServer, client: Client, token: string, options?: IntrospectionRequestOptions): Promise<Response>;
|
|
1030
|
+
export interface IntrospectionConfirmationClaims {
|
|
1031
|
+
readonly 'x5t#S256'?: string;
|
|
1032
|
+
readonly jkt?: string;
|
|
1033
|
+
readonly [claim: string]: JsonValue | undefined;
|
|
1034
|
+
}
|
|
1027
1035
|
export interface IntrospectionResponse {
|
|
1028
1036
|
readonly active: boolean;
|
|
1029
1037
|
readonly client_id?: string;
|
|
@@ -1038,11 +1046,7 @@ export interface IntrospectionResponse {
|
|
|
1038
1046
|
readonly sub?: string;
|
|
1039
1047
|
readonly nbf?: number;
|
|
1040
1048
|
readonly token_type?: string;
|
|
1041
|
-
readonly cnf?:
|
|
1042
|
-
readonly 'x5t#S256'?: string;
|
|
1043
|
-
readonly jkt?: string;
|
|
1044
|
-
readonly [claim: string]: JsonValue | undefined;
|
|
1045
|
-
};
|
|
1049
|
+
readonly cnf?: IntrospectionConfirmationClaims;
|
|
1046
1050
|
readonly [claim: string]: JsonValue | undefined;
|
|
1047
1051
|
}
|
|
1048
1052
|
/**
|
package/build/index.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
let USER_AGENT;
|
|
2
2
|
if (typeof navigator === 'undefined' || !navigator.userAgent?.startsWith?.('Mozilla/5.0 ')) {
|
|
3
3
|
const NAME = 'oauth4webapi';
|
|
4
|
-
const VERSION = 'v2.2.
|
|
4
|
+
const VERSION = 'v2.2.2';
|
|
5
5
|
USER_AGENT = `${NAME}/${VERSION}`;
|
|
6
6
|
}
|
|
7
7
|
export const clockSkew = Symbol();
|
|
@@ -861,10 +861,14 @@ export async function refreshTokenGrantRequest(as, client, refreshToken, options
|
|
|
861
861
|
}
|
|
862
862
|
const idTokenClaims = new WeakMap();
|
|
863
863
|
export function getValidatedIdTokenClaims(ref) {
|
|
864
|
-
if (!
|
|
864
|
+
if (!ref.id_token) {
|
|
865
|
+
return undefined;
|
|
866
|
+
}
|
|
867
|
+
const claims = idTokenClaims.get(ref);
|
|
868
|
+
if (!claims) {
|
|
865
869
|
throw new TypeError('"ref" was already garbage collected or did not resolve from the proper sources');
|
|
866
870
|
}
|
|
867
|
-
return
|
|
871
|
+
return claims;
|
|
868
872
|
}
|
|
869
873
|
async function processGenericAccessTokenResponse(as, client, response, ignoreIdToken = false, ignoreRefreshToken = false) {
|
|
870
874
|
assertAs(as);
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "oauth4webapi",
|
|
3
|
-
"version": "2.2.
|
|
3
|
+
"version": "2.2.2",
|
|
4
4
|
"description": "OAuth 2 / OpenID Connect for Web Platform API JavaScript runtimes",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"auth",
|
|
@@ -63,20 +63,21 @@
|
|
|
63
63
|
},
|
|
64
64
|
"devDependencies": {
|
|
65
65
|
"@esbuild-kit/esm-loader": "^2.5.5",
|
|
66
|
-
"@types/node": "^18.15.
|
|
66
|
+
"@types/node": "^18.15.13",
|
|
67
67
|
"@types/qunit": "^2.19.4",
|
|
68
68
|
"ava": "^5.2.0",
|
|
69
|
-
"edge-runtime": "^2.1.
|
|
70
|
-
"esbuild": "^0.17.
|
|
71
|
-
"jose": "^4.
|
|
69
|
+
"edge-runtime": "^2.1.4",
|
|
70
|
+
"esbuild": "^0.17.17",
|
|
71
|
+
"jose": "^4.14.1",
|
|
72
72
|
"patch-package": "^6.5.1",
|
|
73
|
-
"prettier": "^2.8.
|
|
73
|
+
"prettier": "^2.8.7",
|
|
74
74
|
"prettier-plugin-jsdoc": "^0.4.2",
|
|
75
75
|
"qunit": "^2.19.4",
|
|
76
76
|
"timekeeper": "^2.2.0",
|
|
77
|
-
"typedoc": "^0.
|
|
78
|
-
"typedoc-plugin-markdown": "^3.
|
|
79
|
-
"
|
|
80
|
-
"
|
|
77
|
+
"typedoc": "^0.24.4",
|
|
78
|
+
"typedoc-plugin-markdown": "^3.15.2",
|
|
79
|
+
"typedoc-plugin-mdn-links": "^3.0.3",
|
|
80
|
+
"typescript": "^5.0.4",
|
|
81
|
+
"undici": "^5.22.0"
|
|
81
82
|
}
|
|
82
83
|
}
|