oidc-spa 7.1.10 → 7.2.0-rc.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/backend.js +235 -352
- package/backend.js.map +1 -1
- package/core/AuthResponse.js +12 -49
- package/core/AuthResponse.js.map +1 -1
- package/core/Oidc.d.ts +1 -2
- package/core/Oidc.js.map +1 -1
- package/core/OidcInitializationError.d.ts +0 -13
- package/core/OidcInitializationError.js +8 -318
- package/core/OidcInitializationError.js.map +1 -1
- package/core/OidcMetadata.js +1 -1
- package/core/OidcMetadata.js.map +1 -1
- package/core/StateData.d.ts +5 -5
- package/core/StateData.js +25 -25
- package/core/StateData.js.map +1 -1
- package/core/configId.js +1 -1
- package/core/configId.js.map +1 -1
- package/core/createOidc.d.ts +8 -0
- package/core/createOidc.js +1030 -1292
- package/core/createOidc.js.map +1 -1
- package/core/diagnostic.d.ts +14 -0
- package/core/diagnostic.js +214 -0
- package/core/diagnostic.js.map +1 -0
- package/core/evtIsUserActive.js +26 -27
- package/core/evtIsUserActive.js.map +1 -1
- package/core/handleOidcCallback.js +99 -154
- package/core/handleOidcCallback.js.map +1 -1
- package/core/iframeMessageProtection.d.ts +1 -1
- package/core/iframeMessageProtection.js +40 -106
- package/core/iframeMessageProtection.js.map +1 -1
- package/core/index.d.ts +1 -1
- package/core/index.js +3 -3
- package/core/index.js.map +1 -1
- package/core/initialLocationHref.js +1 -1
- package/core/initialLocationHref.js.map +1 -1
- package/core/isNewBrowserSession.js +8 -8
- package/core/isNewBrowserSession.js.map +1 -1
- package/core/loginOrGoToAuthServer.d.ts +1 -1
- package/core/loginOrGoToAuthServer.js +188 -310
- package/core/loginOrGoToAuthServer.js.map +1 -1
- package/core/loginPropagationToOtherTabs.js +15 -16
- package/core/loginPropagationToOtherTabs.js.map +1 -1
- package/core/loginSilent.d.ts +2 -3
- package/core/loginSilent.js +118 -214
- package/core/loginSilent.js.map +1 -1
- package/core/logoutPropagationToOtherTabs.js +15 -16
- package/core/logoutPropagationToOtherTabs.js.map +1 -1
- package/core/oidcClientTsUserToTokens.d.ts +1 -1
- package/core/oidcClientTsUserToTokens.js +75 -72
- package/core/oidcClientTsUserToTokens.js.map +1 -1
- package/core/ongoingLoginOrRefreshProcesses.js +23 -89
- package/core/ongoingLoginOrRefreshProcesses.js.map +1 -1
- package/core/persistedAuthState.js +13 -13
- package/core/persistedAuthState.js.map +1 -1
- package/entrypoint.js +9 -9
- package/entrypoint.js.map +1 -1
- package/esm/core/AuthResponse.d.ts +5 -0
- package/{src/core/AuthResponse.ts → esm/core/AuthResponse.js} +3 -9
- package/esm/core/AuthResponse.js.map +1 -0
- package/esm/core/Oidc.d.ts +126 -0
- package/esm/core/Oidc.js +2 -0
- package/esm/core/Oidc.js.map +1 -0
- package/esm/core/OidcInitializationError.d.ts +7 -0
- package/esm/core/OidcInitializationError.js +17 -0
- package/esm/core/OidcInitializationError.js.map +1 -0
- package/{src/core/OidcMetadata.ts → esm/core/OidcMetadata.d.ts} +0 -5
- package/esm/core/OidcMetadata.js +3 -0
- package/esm/core/OidcMetadata.js.map +1 -0
- package/esm/core/StateData.d.ts +42 -0
- package/esm/core/StateData.js +55 -0
- package/esm/core/StateData.js.map +1 -0
- package/esm/core/configId.d.ts +4 -0
- package/esm/core/configId.js +4 -0
- package/esm/core/configId.js.map +1 -0
- package/esm/core/createOidc.d.ts +132 -0
- package/{src/core/createOidc.ts → esm/core/createOidc.js} +282 -826
- package/esm/core/createOidc.js.map +1 -0
- package/esm/core/diagnostic.d.ts +14 -0
- package/{src/core/OidcInitializationError.ts → esm/core/diagnostic.js} +40 -117
- package/esm/core/diagnostic.js.map +1 -0
- package/esm/core/evtIsUserActive.d.ts +5 -0
- package/{src/core/evtIsUserActive.ts → esm/core/evtIsUserActive.js} +14 -46
- package/esm/core/evtIsUserActive.js.map +1 -0
- package/esm/core/handleOidcCallback.d.ts +13 -0
- package/{src/core/handleOidcCallback.ts → esm/core/handleOidcCallback.js} +56 -131
- package/esm/core/handleOidcCallback.js.map +1 -0
- package/esm/core/iframeMessageProtection.d.ts +20 -0
- package/{src/core/iframeMessageProtection.ts → esm/core/iframeMessageProtection.js} +14 -49
- package/esm/core/iframeMessageProtection.js.map +1 -0
- package/{src/core/index.ts → esm/core/index.d.ts} +1 -1
- package/esm/core/index.js +4 -0
- package/esm/core/index.js.map +1 -0
- package/esm/core/initialLocationHref.d.ts +1 -0
- package/{src/core/initialLocationHref.ts → esm/core/initialLocationHref.js} +1 -1
- package/esm/core/initialLocationHref.js.map +1 -0
- package/esm/core/isNewBrowserSession.d.ts +9 -0
- package/{src/core/isNewBrowserSession.ts → esm/core/isNewBrowserSession.js} +3 -15
- package/esm/core/isNewBrowserSession.js.map +1 -0
- package/esm/core/loginOrGoToAuthServer.d.ts +40 -0
- package/{src/core/loginOrGoToAuthServer.ts → esm/core/loginOrGoToAuthServer.js} +60 -168
- package/esm/core/loginOrGoToAuthServer.js.map +1 -0
- package/esm/core/loginPropagationToOtherTabs.d.ts +8 -0
- package/{src/core/loginPropagationToOtherTabs.ts → esm/core/loginPropagationToOtherTabs.js} +7 -25
- package/esm/core/loginPropagationToOtherTabs.js.map +1 -0
- package/esm/core/loginSilent.d.ts +28 -0
- package/esm/core/loginSilent.js +125 -0
- package/esm/core/loginSilent.js.map +1 -0
- package/esm/core/logoutPropagationToOtherTabs.d.ts +10 -0
- package/{src/core/logoutPropagationToOtherTabs.ts → esm/core/logoutPropagationToOtherTabs.js} +8 -28
- package/esm/core/logoutPropagationToOtherTabs.js.map +1 -0
- package/esm/core/oidcClientTsUserToTokens.d.ts +11 -0
- package/esm/core/oidcClientTsUserToTokens.js +155 -0
- package/esm/core/oidcClientTsUserToTokens.js.map +1 -0
- package/esm/core/ongoingLoginOrRefreshProcesses.d.ts +6 -0
- package/{src/core/ongoingLoginOrRefreshProcesses.ts → esm/core/ongoingLoginOrRefreshProcesses.js} +6 -24
- package/esm/core/ongoingLoginOrRefreshProcesses.js.map +1 -0
- package/esm/core/persistedAuthState.d.ts +28 -0
- package/esm/core/persistedAuthState.js +64 -0
- package/esm/core/persistedAuthState.js.map +1 -0
- package/esm/entrypoint.d.ts +7 -0
- package/{src/entrypoint.ts → esm/entrypoint.js} +3 -26
- package/esm/entrypoint.js.map +1 -0
- package/esm/index.d.ts +1 -0
- package/esm/index.js +2 -0
- package/esm/index.js.map +1 -0
- package/esm/keycloak/index.d.ts +3 -0
- package/esm/keycloak/index.js +3 -0
- package/esm/keycloak/index.js.map +1 -0
- package/esm/keycloak/isKeycloak.d.ts +3 -0
- package/esm/keycloak/isKeycloak.js +17 -0
- package/esm/keycloak/isKeycloak.js.map +1 -0
- package/esm/keycloak/keycloak-js/Keycloak.d.ts +284 -0
- package/esm/keycloak/keycloak-js/Keycloak.js +774 -0
- package/esm/keycloak/keycloak-js/Keycloak.js.map +1 -0
- package/esm/keycloak/keycloak-js/index.d.ts +2 -0
- package/esm/keycloak/keycloak-js/index.js +2 -0
- package/esm/keycloak/keycloak-js/index.js.map +1 -0
- package/esm/keycloak/keycloak-js/types.d.ts +361 -0
- package/esm/keycloak/keycloak-js/types.js +2 -0
- package/esm/keycloak/keycloak-js/types.js.map +1 -0
- package/esm/keycloak/keycloakIssuerUriParsed.d.ts +9 -0
- package/esm/keycloak/keycloakIssuerUriParsed.js +16 -0
- package/esm/keycloak/keycloakIssuerUriParsed.js.map +1 -0
- package/esm/keycloak/keycloakUtils.d.ts +37 -0
- package/esm/keycloak/keycloakUtils.js +44 -0
- package/esm/keycloak/keycloakUtils.js.map +1 -0
- package/esm/keycloak-js.d.ts +1 -0
- package/esm/keycloak-js.js +2 -0
- package/esm/keycloak-js.js.map +1 -0
- package/esm/mock/index.js +2 -0
- package/esm/mock/index.js.map +1 -0
- package/esm/mock/oidc.d.ts +19 -0
- package/{src/mock/oidc.ts → esm/mock/oidc.js} +28 -88
- package/esm/mock/oidc.js.map +1 -0
- package/esm/mock/react.d.ts +58 -0
- package/esm/mock/react.js +7 -0
- package/esm/mock/react.js.map +1 -0
- package/esm/react/index.js +2 -0
- package/esm/react/index.js.map +1 -0
- package/esm/react/react.d.ts +102 -0
- package/esm/react/react.js +221 -0
- package/esm/react/react.js.map +1 -0
- package/esm/tools/Deferred.d.ts +14 -0
- package/esm/tools/Deferred.js +23 -0
- package/esm/tools/Deferred.js.map +1 -0
- package/esm/tools/EphemeralSessionStorage.d.ts +12 -0
- package/{src/tools/EphemeralSessionStorage.ts → esm/tools/EphemeralSessionStorage.js} +30 -112
- package/esm/tools/EphemeralSessionStorage.js.map +1 -0
- package/esm/tools/Evt.d.ts +11 -0
- package/{src/tools/Evt.ts → esm/tools/Evt.js} +7 -25
- package/esm/tools/Evt.js.map +1 -0
- package/esm/tools/StatefulEvt.d.ts +12 -0
- package/esm/tools/StatefulEvt.js +21 -0
- package/esm/tools/StatefulEvt.js.map +1 -0
- package/esm/tools/ValueOrAsyncGetter.js +2 -0
- package/esm/tools/ValueOrAsyncGetter.js.map +1 -0
- package/esm/tools/asymmetricEncryption.d.ts +18 -0
- package/esm/tools/asymmetricEncryption.js +85 -0
- package/esm/tools/asymmetricEncryption.js.map +1 -0
- package/esm/tools/base64.d.ts +2 -0
- package/{src/tools/base64.ts → esm/tools/base64.js} +3 -3
- package/esm/tools/base64.js.map +1 -0
- package/esm/tools/createObjectThatThrowsIfAccessed.d.ts +8 -0
- package/{src/tools/createObjectThatThrowsIfAccessed.ts → esm/tools/createObjectThatThrowsIfAccessed.js} +7 -18
- package/esm/tools/createObjectThatThrowsIfAccessed.js.map +1 -0
- package/esm/tools/decodeJwt.d.ts +25 -0
- package/esm/tools/decodeJwt.js +60 -0
- package/esm/tools/decodeJwt.js.map +1 -0
- package/esm/tools/generateUrlSafeRandom.d.ts +3 -0
- package/{src/tools/generateUrlSafeRandom.ts → esm/tools/generateUrlSafeRandom.js} +5 -8
- package/esm/tools/generateUrlSafeRandom.js.map +1 -0
- package/esm/tools/getDownlinkAndRtt.d.ts +4 -0
- package/{src/tools/getDownlinkAndRtt.ts → esm/tools/getDownlinkAndRtt.js} +6 -10
- package/esm/tools/getDownlinkAndRtt.js.map +1 -0
- package/esm/tools/getIsOnline.d.ts +7 -0
- package/{src/tools/getIsOnline.ts → esm/tools/getIsOnline.js} +3 -9
- package/esm/tools/getIsOnline.js.map +1 -0
- package/esm/tools/getIsValidRemoteJson.d.ts +1 -0
- package/esm/tools/getIsValidRemoteJson.js +15 -0
- package/esm/tools/getIsValidRemoteJson.js.map +1 -0
- package/esm/tools/getPrUserInteraction.d.ts +4 -0
- package/{src/tools/getPrUserInteraction.ts → esm/tools/getPrUserInteraction.js} +2 -6
- package/esm/tools/getPrUserInteraction.js.map +1 -0
- package/esm/tools/getUserEnvironmentInfo.d.ts +1 -0
- package/esm/tools/getUserEnvironmentInfo.js +50 -0
- package/esm/tools/getUserEnvironmentInfo.js.map +1 -0
- package/esm/tools/haveSharedParentDomain.d.ts +4 -0
- package/{src/tools/haveSharedParentDomain.ts → esm/tools/haveSharedParentDomain.js} +3 -5
- package/esm/tools/haveSharedParentDomain.js.map +1 -0
- package/esm/tools/isDev.d.ts +1 -0
- package/{src/tools/isDev.ts → esm/tools/isDev.js} +5 -12
- package/esm/tools/isDev.js.map +1 -0
- package/esm/tools/parseKeycloakIssuerUri.d.ts +30 -0
- package/esm/tools/parseKeycloakIssuerUri.js +33 -0
- package/esm/tools/parseKeycloakIssuerUri.js.map +1 -0
- package/esm/tools/readExpirationTimeInJwt.d.ts +1 -0
- package/{src/tools/readExpirationTimeInJwt.ts → esm/tools/readExpirationTimeInJwt.js} +6 -7
- package/esm/tools/readExpirationTimeInJwt.js.map +1 -0
- package/esm/tools/startCountdown.d.ts +11 -0
- package/{src/tools/startCountdown.ts → esm/tools/startCountdown.js} +6 -17
- package/esm/tools/startCountdown.js.map +1 -0
- package/esm/tools/subscribeToUserInteraction.d.ts +6 -0
- package/{src/tools/subscribeToUserInteraction.ts → esm/tools/subscribeToUserInteraction.js} +4 -13
- package/esm/tools/subscribeToUserInteraction.js.map +1 -0
- package/esm/tools/toFullyQualifiedUrl.d.ts +10 -0
- package/{src/tools/toFullyQualifiedUrl.ts → esm/tools/toFullyQualifiedUrl.js} +7 -25
- package/esm/tools/toFullyQualifiedUrl.js.map +1 -0
- package/esm/tools/toHumanReadableDuration.d.ts +1 -0
- package/{src/tools/toHumanReadableDuration.ts → esm/tools/toHumanReadableDuration.js} +8 -5
- package/esm/tools/toHumanReadableDuration.js.map +1 -0
- package/esm/tools/urlSearchParams.d.ts +19 -0
- package/{src/tools/urlSearchParams.ts → esm/tools/urlSearchParams.js} +24 -70
- package/esm/tools/urlSearchParams.js.map +1 -0
- package/esm/tools/workerTimers.d.ts +5 -0
- package/{src/tools/workerTimers.ts → esm/tools/workerTimers.js} +7 -27
- package/esm/tools/workerTimers.js.map +1 -0
- package/esm/vendor/frontend/oidc-client-ts.d.ts +1 -0
- package/esm/vendor/frontend/oidc-client-ts.js +3636 -0
- package/{src/vendor/frontend/tsafe.ts → esm/vendor/frontend/tsafe.d.ts} +1 -0
- package/esm/vendor/frontend/tsafe.js +1 -0
- package/esm/vendor/frontend/worker-timers.js +1 -0
- package/index.d.ts +1 -1
- package/index.js +1 -2
- package/index.js.map +1 -1
- package/keycloak/index.d.ts +3 -0
- package/keycloak/index.js +8 -0
- package/keycloak/index.js.map +1 -0
- package/keycloak/isKeycloak.d.ts +3 -0
- package/keycloak/isKeycloak.js +20 -0
- package/keycloak/isKeycloak.js.map +1 -0
- package/keycloak/keycloak-js/Keycloak.d.ts +284 -0
- package/keycloak/keycloak-js/Keycloak.js +778 -0
- package/keycloak/keycloak-js/Keycloak.js.map +1 -0
- package/keycloak/keycloak-js/index.d.ts +2 -0
- package/keycloak/keycloak-js/index.js +6 -0
- package/keycloak/keycloak-js/index.js.map +1 -0
- package/keycloak/keycloak-js/types.d.ts +361 -0
- package/keycloak/keycloak-js/types.js +3 -0
- package/keycloak/keycloak-js/types.js.map +1 -0
- package/keycloak/keycloakIssuerUriParsed.d.ts +9 -0
- package/keycloak/keycloakIssuerUriParsed.js +19 -0
- package/keycloak/keycloakIssuerUriParsed.js.map +1 -0
- package/keycloak/keycloakUtils.d.ts +37 -0
- package/keycloak/keycloakUtils.js +47 -0
- package/keycloak/keycloakUtils.js.map +1 -0
- package/keycloak-js.d.ts +1 -0
- package/keycloak-js.js +18 -0
- package/keycloak-js.js.map +1 -0
- package/mock/index.js.map +1 -1
- package/mock/oidc.js +147 -194
- package/mock/oidc.js.map +1 -1
- package/mock/react.js +2 -2
- package/mock/react.js.map +1 -1
- package/package.json +74 -299
- package/react/index.js.map +1 -1
- package/react/react.js +133 -244
- package/react/react.js.map +1 -1
- package/tools/Deferred.js +13 -35
- package/tools/Deferred.js.map +1 -1
- package/tools/EphemeralSessionStorage.js +46 -48
- package/tools/EphemeralSessionStorage.js.map +1 -1
- package/tools/Evt.js +14 -14
- package/tools/Evt.js.map +1 -1
- package/tools/StatefulEvt.js +5 -5
- package/tools/StatefulEvt.js.map +1 -1
- package/tools/ValueOrAsyncGetter.js.map +1 -1
- package/tools/asymmetricEncryption.js +81 -172
- package/tools/asymmetricEncryption.js.map +1 -1
- package/tools/base64.js +2 -2
- package/tools/base64.js.map +1 -1
- package/tools/createObjectThatThrowsIfAccessed.js +13 -61
- package/tools/createObjectThatThrowsIfAccessed.js.map +1 -1
- package/tools/decodeJwt.d.ts +25 -2
- package/tools/decodeJwt.js +61 -3
- package/tools/decodeJwt.js.map +1 -1
- package/tools/generateUrlSafeRandom.js +5 -30
- package/tools/generateUrlSafeRandom.js.map +1 -1
- package/tools/getDownlinkAndRtt.js +8 -30
- package/tools/getDownlinkAndRtt.js.map +1 -1
- package/tools/getIsOnline.js +3 -3
- package/tools/getIsOnline.js.map +1 -1
- package/tools/getIsValidRemoteJson.js +12 -59
- package/tools/getIsValidRemoteJson.js.map +1 -1
- package/tools/getPrUserInteraction.js +4 -4
- package/tools/getPrUserInteraction.js.map +1 -1
- package/tools/getUserEnvironmentInfo.js +17 -12
- package/tools/getUserEnvironmentInfo.js.map +1 -1
- package/tools/haveSharedParentDomain.js +5 -5
- package/tools/haveSharedParentDomain.js.map +1 -1
- package/tools/isDev.js +2 -2
- package/tools/isDev.js.map +1 -1
- package/tools/parseKeycloakIssuerUri.d.ts +2 -0
- package/tools/parseKeycloakIssuerUri.js +11 -42
- package/tools/parseKeycloakIssuerUri.js.map +1 -1
- package/tools/readExpirationTimeInJwt.js +4 -4
- package/tools/readExpirationTimeInJwt.js.map +1 -1
- package/tools/startCountdown.js +17 -65
- package/tools/startCountdown.js.map +1 -1
- package/tools/subscribeToUserInteraction.js +17 -66
- package/tools/subscribeToUserInteraction.js.map +1 -1
- package/tools/toFullyQualifiedUrl.js +7 -7
- package/tools/toFullyQualifiedUrl.js.map +1 -1
- package/tools/toHumanReadableDuration.js +13 -13
- package/tools/toHumanReadableDuration.js.map +1 -1
- package/tools/urlSearchParams.js +28 -50
- package/tools/urlSearchParams.js.map +1 -1
- package/tools/workerTimers.js +10 -10
- package/tools/workerTimers.js.map +1 -1
- package/vendor/frontend/oidc-client-ts.d.ts +1 -0
- package/vendor/frontend/oidc-client-ts.js +3686 -0
- package/vendor/frontend/tsafe.d.ts +1 -0
- package/vendor/frontend/tsafe.js +1 -1
- package/LICENSE +0 -21
- package/README.md +0 -185
- package/core/trustedFetch.d.ts +0 -2
- package/core/trustedFetch.js +0 -12
- package/core/trustedFetch.js.map +0 -1
- package/src/backend.ts +0 -391
- package/src/core/Oidc.ts +0 -141
- package/src/core/StateData.ts +0 -118
- package/src/core/configId.ts +0 -3
- package/src/core/loginSilent.ts +0 -206
- package/src/core/oidcClientTsUserToTokens.ts +0 -229
- package/src/core/persistedAuthState.ts +0 -122
- package/src/core/trustedFetch.ts +0 -9
- package/src/index.ts +0 -7
- package/src/mock/react.tsx +0 -11
- package/src/react/react.tsx +0 -460
- package/src/tools/Deferred.ts +0 -39
- package/src/tools/StatefulEvt.ts +0 -38
- package/src/tools/asymmetricEncryption.ts +0 -184
- package/src/tools/decodeJwt.ts +0 -2
- package/src/tools/getIsValidRemoteJson.ts +0 -18
- package/src/tools/getUserEnvironmentInfo.ts +0 -42
- package/src/tools/parseKeycloakIssuerUri.ts +0 -68
- package/src/vendor/backend/evt.ts +0 -2
- package/src/vendor/backend/jsonwebtoken.ts +0 -1
- package/src/vendor/backend/node-fetch.ts +0 -2
- package/src/vendor/backend/node-jose.ts +0 -1
- package/src/vendor/backend/tsafe.ts +0 -5
- package/src/vendor/backend/zod.ts +0 -1
- package/src/vendor/frontend/oidc-client-ts-and-jwt-decode.ts +0 -4
- package/vendor/frontend/oidc-client-ts-and-jwt-decode.d.ts +0 -3
- package/vendor/frontend/oidc-client-ts-and-jwt-decode.js +0 -3
- /package/{src/mock/index.ts → esm/mock/index.d.ts} +0 -0
- /package/{src/react/index.ts → esm/react/index.d.ts} +0 -0
- /package/{src/tools/ValueOrAsyncGetter.ts → esm/tools/ValueOrAsyncGetter.d.ts} +0 -0
- /package/{src/vendor/frontend/worker-timers.ts → esm/vendor/frontend/worker-timers.d.ts} +0 -0
|
@@ -1,184 +0,0 @@
|
|
|
1
|
-
type AsymmetricKeys = {
|
|
2
|
-
publicKey: string; // base64-encoded JSON export of CryptoKey
|
|
3
|
-
privateKey: string; // base64-encoded JSON export of CryptoKey
|
|
4
|
-
};
|
|
5
|
-
|
|
6
|
-
const INFO_LABEL = "oidc-spa/tools/asymmetricEncryption";
|
|
7
|
-
|
|
8
|
-
export async function generateKeys(): Promise<AsymmetricKeys> {
|
|
9
|
-
const keyPair = await crypto.subtle.generateKey(
|
|
10
|
-
{
|
|
11
|
-
name: "ECDH",
|
|
12
|
-
namedCurve: "P-256"
|
|
13
|
-
},
|
|
14
|
-
true,
|
|
15
|
-
["deriveKey", "deriveBits"]
|
|
16
|
-
);
|
|
17
|
-
|
|
18
|
-
const publicKeyRaw = await crypto.subtle.exportKey("jwk", keyPair.publicKey);
|
|
19
|
-
const privateKeyRaw = await crypto.subtle.exportKey("jwk", keyPair.privateKey);
|
|
20
|
-
|
|
21
|
-
return {
|
|
22
|
-
publicKey: btoa(JSON.stringify(publicKeyRaw)),
|
|
23
|
-
privateKey: btoa(JSON.stringify(privateKeyRaw))
|
|
24
|
-
};
|
|
25
|
-
}
|
|
26
|
-
|
|
27
|
-
export async function asymmetricEncrypt(params: {
|
|
28
|
-
publicKey: string;
|
|
29
|
-
message: string;
|
|
30
|
-
}): Promise<{ encryptedMessage: string }> {
|
|
31
|
-
const { publicKey, message } = params;
|
|
32
|
-
|
|
33
|
-
const importedPublicKey = await crypto.subtle.importKey(
|
|
34
|
-
"jwk",
|
|
35
|
-
JSON.parse(atob(publicKey)),
|
|
36
|
-
{
|
|
37
|
-
name: "ECDH",
|
|
38
|
-
namedCurve: "P-256"
|
|
39
|
-
},
|
|
40
|
-
false,
|
|
41
|
-
[]
|
|
42
|
-
);
|
|
43
|
-
|
|
44
|
-
const ephemeralKeyPair = await crypto.subtle.generateKey(
|
|
45
|
-
{
|
|
46
|
-
name: "ECDH",
|
|
47
|
-
namedCurve: "P-256"
|
|
48
|
-
},
|
|
49
|
-
true,
|
|
50
|
-
["deriveKey", "deriveBits"]
|
|
51
|
-
);
|
|
52
|
-
|
|
53
|
-
const sharedSecret = await crypto.subtle.deriveBits(
|
|
54
|
-
{
|
|
55
|
-
name: "ECDH",
|
|
56
|
-
public: importedPublicKey
|
|
57
|
-
},
|
|
58
|
-
ephemeralKeyPair.privateKey,
|
|
59
|
-
256
|
|
60
|
-
);
|
|
61
|
-
|
|
62
|
-
const salt = crypto.getRandomValues(new Uint8Array(16));
|
|
63
|
-
const infoBytes = new TextEncoder().encode(INFO_LABEL);
|
|
64
|
-
|
|
65
|
-
const hkdfKey = await crypto.subtle.importKey("raw", sharedSecret, "HKDF", false, ["deriveKey"]);
|
|
66
|
-
|
|
67
|
-
const derivedKey = await crypto.subtle.deriveKey(
|
|
68
|
-
{
|
|
69
|
-
name: "HKDF",
|
|
70
|
-
hash: "SHA-256",
|
|
71
|
-
salt,
|
|
72
|
-
info: infoBytes
|
|
73
|
-
},
|
|
74
|
-
hkdfKey,
|
|
75
|
-
{ name: "AES-GCM", length: 256 },
|
|
76
|
-
false,
|
|
77
|
-
["encrypt"]
|
|
78
|
-
);
|
|
79
|
-
|
|
80
|
-
const iv = crypto.getRandomValues(new Uint8Array(12));
|
|
81
|
-
const encodedMessage = new TextEncoder().encode(message);
|
|
82
|
-
|
|
83
|
-
const ciphertext = await crypto.subtle.encrypt(
|
|
84
|
-
{
|
|
85
|
-
name: "AES-GCM",
|
|
86
|
-
iv
|
|
87
|
-
},
|
|
88
|
-
derivedKey,
|
|
89
|
-
encodedMessage
|
|
90
|
-
);
|
|
91
|
-
|
|
92
|
-
const ephemeralPubKeyRaw = await crypto.subtle.exportKey("jwk", ephemeralKeyPair.publicKey);
|
|
93
|
-
|
|
94
|
-
const payload = {
|
|
95
|
-
ephemeralPubKey: ephemeralPubKeyRaw,
|
|
96
|
-
iv: Array.from(iv),
|
|
97
|
-
salt: Array.from(salt),
|
|
98
|
-
ciphertext: Array.from(new Uint8Array(ciphertext))
|
|
99
|
-
};
|
|
100
|
-
|
|
101
|
-
return {
|
|
102
|
-
encryptedMessage: btoa(JSON.stringify(payload))
|
|
103
|
-
};
|
|
104
|
-
}
|
|
105
|
-
|
|
106
|
-
export async function asymmetricDecrypt(params: {
|
|
107
|
-
privateKey: string;
|
|
108
|
-
encryptedMessage: string;
|
|
109
|
-
}): Promise<{ message: string }> {
|
|
110
|
-
const { privateKey, encryptedMessage } = params;
|
|
111
|
-
|
|
112
|
-
const {
|
|
113
|
-
ephemeralPubKey,
|
|
114
|
-
iv,
|
|
115
|
-
salt,
|
|
116
|
-
ciphertext
|
|
117
|
-
}: {
|
|
118
|
-
ephemeralPubKey: JsonWebKey;
|
|
119
|
-
iv: number[];
|
|
120
|
-
salt: number[];
|
|
121
|
-
ciphertext: number[];
|
|
122
|
-
} = JSON.parse(atob(encryptedMessage));
|
|
123
|
-
|
|
124
|
-
const importedPrivateKey = await crypto.subtle.importKey(
|
|
125
|
-
"jwk",
|
|
126
|
-
JSON.parse(atob(privateKey)),
|
|
127
|
-
{
|
|
128
|
-
name: "ECDH",
|
|
129
|
-
namedCurve: "P-256"
|
|
130
|
-
},
|
|
131
|
-
false,
|
|
132
|
-
["deriveKey", "deriveBits"]
|
|
133
|
-
);
|
|
134
|
-
|
|
135
|
-
const importedEphemeralPubKey = await crypto.subtle.importKey(
|
|
136
|
-
"jwk",
|
|
137
|
-
ephemeralPubKey,
|
|
138
|
-
{
|
|
139
|
-
name: "ECDH",
|
|
140
|
-
namedCurve: "P-256"
|
|
141
|
-
},
|
|
142
|
-
false,
|
|
143
|
-
[]
|
|
144
|
-
);
|
|
145
|
-
|
|
146
|
-
const sharedSecret = await crypto.subtle.deriveBits(
|
|
147
|
-
{
|
|
148
|
-
name: "ECDH",
|
|
149
|
-
public: importedEphemeralPubKey
|
|
150
|
-
},
|
|
151
|
-
importedPrivateKey,
|
|
152
|
-
256
|
|
153
|
-
);
|
|
154
|
-
|
|
155
|
-
const infoBytes = new TextEncoder().encode(INFO_LABEL);
|
|
156
|
-
|
|
157
|
-
const hkdfKey = await crypto.subtle.importKey("raw", sharedSecret, "HKDF", false, ["deriveKey"]);
|
|
158
|
-
|
|
159
|
-
const derivedKey = await crypto.subtle.deriveKey(
|
|
160
|
-
{
|
|
161
|
-
name: "HKDF",
|
|
162
|
-
hash: "SHA-256",
|
|
163
|
-
salt: new Uint8Array(salt),
|
|
164
|
-
info: infoBytes
|
|
165
|
-
},
|
|
166
|
-
hkdfKey,
|
|
167
|
-
{ name: "AES-GCM", length: 256 },
|
|
168
|
-
false,
|
|
169
|
-
["decrypt"]
|
|
170
|
-
);
|
|
171
|
-
|
|
172
|
-
const decryptedBuffer = await crypto.subtle.decrypt(
|
|
173
|
-
{
|
|
174
|
-
name: "AES-GCM",
|
|
175
|
-
iv: new Uint8Array(iv)
|
|
176
|
-
},
|
|
177
|
-
derivedKey,
|
|
178
|
-
new Uint8Array(ciphertext)
|
|
179
|
-
);
|
|
180
|
-
|
|
181
|
-
return {
|
|
182
|
-
message: new TextDecoder().decode(decryptedBuffer)
|
|
183
|
-
};
|
|
184
|
-
}
|
package/src/tools/decodeJwt.ts
DELETED
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
export function getIsValidRemoteJson(url: string): Promise<boolean> {
|
|
2
|
-
return fetch(url).then(
|
|
3
|
-
async response => {
|
|
4
|
-
if (!response.ok) {
|
|
5
|
-
return false;
|
|
6
|
-
}
|
|
7
|
-
|
|
8
|
-
try {
|
|
9
|
-
await response.json();
|
|
10
|
-
} catch {
|
|
11
|
-
return false;
|
|
12
|
-
}
|
|
13
|
-
|
|
14
|
-
return true;
|
|
15
|
-
},
|
|
16
|
-
() => false
|
|
17
|
-
);
|
|
18
|
-
}
|
|
@@ -1,42 +0,0 @@
|
|
|
1
|
-
export function getUserEnvironmentInfo(): string {
|
|
2
|
-
function safeGet<T>(getter: () => T, fallback: string = "Unknown"): string {
|
|
3
|
-
try {
|
|
4
|
-
const value = getter();
|
|
5
|
-
return value != null ? String(value) : fallback;
|
|
6
|
-
} catch {
|
|
7
|
-
return fallback;
|
|
8
|
-
}
|
|
9
|
-
}
|
|
10
|
-
|
|
11
|
-
const ua = safeGet(() => navigator.userAgent);
|
|
12
|
-
const platform = safeGet(() => navigator.platform);
|
|
13
|
-
const language = safeGet(() => navigator.language || (navigator as any).userLanguage);
|
|
14
|
-
const screenSize = safeGet(() => `${screen.width}x${screen.height}`);
|
|
15
|
-
const timezone = safeGet(() => Intl.DateTimeFormat().resolvedOptions().timeZone);
|
|
16
|
-
|
|
17
|
-
const browser: string = (() => {
|
|
18
|
-
if (ua.includes("Firefox/")) return "Firefox";
|
|
19
|
-
if (ua.includes("Edg/")) return "Edge";
|
|
20
|
-
if (ua.includes("Chrome/") && !ua.includes("Edg/")) return "Chrome";
|
|
21
|
-
if (ua.includes("Safari/") && !ua.includes("Chrome/")) return "Safari";
|
|
22
|
-
if (ua.includes("OPR/") || ua.includes("Opera/")) return "Opera";
|
|
23
|
-
return "Unknown";
|
|
24
|
-
})();
|
|
25
|
-
|
|
26
|
-
const os: string = (() => {
|
|
27
|
-
if (platform.startsWith("Win")) return "Windows";
|
|
28
|
-
if (platform.startsWith("Mac")) return "macOS";
|
|
29
|
-
if (platform.startsWith("Linux")) return "Linux";
|
|
30
|
-
if (/Android/.test(ua)) return "Android";
|
|
31
|
-
if (/iPhone|iPad|iPod/.test(ua)) return "iOS";
|
|
32
|
-
return "Unknown";
|
|
33
|
-
})();
|
|
34
|
-
|
|
35
|
-
return `Browser: ${browser}
|
|
36
|
-
OS: ${os}
|
|
37
|
-
Platform: ${platform}
|
|
38
|
-
Language: ${language}
|
|
39
|
-
Screen: ${screenSize}
|
|
40
|
-
Timezone: ${timezone}
|
|
41
|
-
User Agent: ${ua}`;
|
|
42
|
-
}
|
|
@@ -1,68 +0,0 @@
|
|
|
1
|
-
import { toFullyQualifiedUrl } from "./toFullyQualifiedUrl";
|
|
2
|
-
|
|
3
|
-
/**
|
|
4
|
-
* Return undefined if the issuerUri doesn't match the expected shape of a Keycloak issuerUri
|
|
5
|
-
*
|
|
6
|
-
* Example:
|
|
7
|
-
*
|
|
8
|
-
* `parseKeycloakIssuerUri("https://auth.my-company.com/auth/realms/myrealm")` returns:
|
|
9
|
-
* {
|
|
10
|
-
* origin: "https://auth.my-company.com",
|
|
11
|
-
* realm: "myrealm",
|
|
12
|
-
* kcHttpRelativePath: "/auth",
|
|
13
|
-
* adminConsoleUrl: "https://auth.my-company.com/auth/admin/myrealm/console",
|
|
14
|
-
* getAccountUrl: ({ thisAppDisplayName, backToAppFromAccountUrl }) =>
|
|
15
|
-
* `https://auth.my-company.com/auth/realms/myrealm/account?referrer=${thisAppDisplayName}&referrer_uri=${backToAppFromAccountUrl}`
|
|
16
|
-
* }
|
|
17
|
-
* */
|
|
18
|
-
export function parseKeycloakIssuerUri(issuerUri: string):
|
|
19
|
-
| undefined
|
|
20
|
-
| {
|
|
21
|
-
origin: string;
|
|
22
|
-
realm: string;
|
|
23
|
-
/** If defined starts with / and end with no `/` */
|
|
24
|
-
kcHttpRelativePath: string | undefined;
|
|
25
|
-
adminConsoleUrl: string;
|
|
26
|
-
adminConsoleUrl_master: string;
|
|
27
|
-
getAccountUrl: (params: {
|
|
28
|
-
clientId: string;
|
|
29
|
-
backToAppFromAccountUrl: string;
|
|
30
|
-
locale?: string;
|
|
31
|
-
}) => string;
|
|
32
|
-
} {
|
|
33
|
-
const url = new URL(issuerUri);
|
|
34
|
-
|
|
35
|
-
const split = url.pathname.split("/realms/");
|
|
36
|
-
|
|
37
|
-
if (split.length !== 2) {
|
|
38
|
-
return undefined;
|
|
39
|
-
}
|
|
40
|
-
|
|
41
|
-
const [kcHttpRelativePath, realm] = split;
|
|
42
|
-
|
|
43
|
-
const getAdminConsoleUrl = (realm: string) =>
|
|
44
|
-
`${url.origin}${kcHttpRelativePath}/admin/${realm}/console`;
|
|
45
|
-
|
|
46
|
-
return {
|
|
47
|
-
origin: url.origin,
|
|
48
|
-
realm,
|
|
49
|
-
kcHttpRelativePath: kcHttpRelativePath === "" ? undefined : kcHttpRelativePath,
|
|
50
|
-
adminConsoleUrl: getAdminConsoleUrl(realm),
|
|
51
|
-
adminConsoleUrl_master: getAdminConsoleUrl("master"),
|
|
52
|
-
getAccountUrl: ({ clientId, backToAppFromAccountUrl, locale }) => {
|
|
53
|
-
const accountUrlObj = new URL(`${url.origin}${kcHttpRelativePath}/realms/${realm}/account`);
|
|
54
|
-
accountUrlObj.searchParams.set("referrer", clientId);
|
|
55
|
-
accountUrlObj.searchParams.set(
|
|
56
|
-
"referrer_uri",
|
|
57
|
-
toFullyQualifiedUrl({
|
|
58
|
-
urlish: backToAppFromAccountUrl,
|
|
59
|
-
doAssertNoQueryParams: false
|
|
60
|
-
})
|
|
61
|
-
);
|
|
62
|
-
if (locale !== undefined) {
|
|
63
|
-
accountUrlObj.searchParams.set("kc_locale", locale);
|
|
64
|
-
}
|
|
65
|
-
return accountUrlObj.href;
|
|
66
|
-
}
|
|
67
|
-
};
|
|
68
|
-
}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
export * from "jsonwebtoken";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
export * from "node-jose";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
export * from "zod";
|