oidc-spa 7.1.7 → 7.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (25) hide show
  1. package/core/AuthResponse.d.ts +0 -1
  2. package/core/AuthResponse.js +0 -7
  3. package/core/AuthResponse.js.map +1 -1
  4. package/core/createOidc.js +1 -1
  5. package/core/handleOidcCallback.d.ts +2 -0
  6. package/core/handleOidcCallback.js +35 -9
  7. package/core/handleOidcCallback.js.map +1 -1
  8. package/core/iframeMessageProtection.d.ts +20 -0
  9. package/core/iframeMessageProtection.js +135 -0
  10. package/core/iframeMessageProtection.js.map +1 -0
  11. package/core/loginSilent.js +141 -118
  12. package/core/loginSilent.js.map +1 -1
  13. package/entrypoint.d.ts +1 -0
  14. package/entrypoint.js +15 -1
  15. package/entrypoint.js.map +1 -1
  16. package/package.json +9 -1
  17. package/src/core/AuthResponse.ts +0 -9
  18. package/src/core/handleOidcCallback.ts +43 -9
  19. package/src/core/iframeMessageProtection.ts +99 -0
  20. package/src/core/loginSilent.ts +20 -4
  21. package/src/entrypoint.ts +31 -3
  22. package/src/tools/asymmetricEncryption.ts +184 -0
  23. package/tools/asymmetricEncryption.d.ts +18 -0
  24. package/tools/asymmetricEncryption.js +181 -0
  25. package/tools/asymmetricEncryption.js.map +1 -0
package/tools/asymmetricEncryption.js ADDED
@@ -0,0 +1,181 @@
1
+ "use strict";
2
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
+ return new (P || (P = Promise))(function (resolve, reject) {
5
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
9
+ });
10
+ };
11
+ var __generator = (this && this.__generator) || function (thisArg, body) {
12
+ var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g = Object.create((typeof Iterator === "function" ? Iterator : Object).prototype);
13
+ return g.next = verb(0), g["throw"] = verb(1), g["return"] = verb(2), typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
14
+ function verb(n) { return function (v) { return step([n, v]); }; }
15
+ function step(op) {
16
+ if (f) throw new TypeError("Generator is already executing.");
17
+ while (g && (g = 0, op[0] && (_ = 0)), _) try {
18
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
19
+ if (y = 0, t) op = [op[0] & 2, t.value];
20
+ switch (op[0]) {
21
+ case 0: case 1: t = op; break;
22
+ case 4: _.label++; return { value: op[1], done: false };
23
+ case 5: _.label++; y = op[1]; op = [0]; continue;
24
+ case 7: op = _.ops.pop(); _.trys.pop(); continue;
25
+ default:
26
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
27
+ if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
28
+ if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
29
+ if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
30
+ if (t[2]) _.ops.pop();
31
+ _.trys.pop(); continue;
32
+ }
33
+ op = body.call(thisArg, _);
34
+ } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
35
+ if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
36
+ }
37
+ };
38
+ Object.defineProperty(exports, "__esModule", { value: true });
39
+ exports.generateKeys = generateKeys;
40
+ exports.asymmetricEncrypt = asymmetricEncrypt;
41
+ exports.asymmetricDecrypt = asymmetricDecrypt;
42
+ var INFO_LABEL = "oidc-spa/tools/asymmetricEncryption";
43
+ function generateKeys() {
44
+ return __awaiter(this, void 0, void 0, function () {
45
+ var keyPair, publicKeyRaw, privateKeyRaw;
46
+ return __generator(this, function (_a) {
47
+ switch (_a.label) {
48
+ case 0: return [4 /*yield*/, crypto.subtle.generateKey({
49
+ name: "ECDH",
50
+ namedCurve: "P-256"
51
+ }, true, ["deriveKey", "deriveBits"])];
52
+ case 1:
53
+ keyPair = _a.sent();
54
+ return [4 /*yield*/, crypto.subtle.exportKey("jwk", keyPair.publicKey)];
55
+ case 2:
56
+ publicKeyRaw = _a.sent();
57
+ return [4 /*yield*/, crypto.subtle.exportKey("jwk", keyPair.privateKey)];
58
+ case 3:
59
+ privateKeyRaw = _a.sent();
60
+ return [2 /*return*/, {
61
+ publicKey: btoa(JSON.stringify(publicKeyRaw)),
62
+ privateKey: btoa(JSON.stringify(privateKeyRaw))
63
+ }];
64
+ }
65
+ });
66
+ });
67
+ }
68
+ function asymmetricEncrypt(params) {
69
+ return __awaiter(this, void 0, void 0, function () {
70
+ var publicKey, message, importedPublicKey, ephemeralKeyPair, sharedSecret, salt, infoBytes, hkdfKey, derivedKey, iv, encodedMessage, ciphertext, ephemeralPubKeyRaw, payload;
71
+ return __generator(this, function (_a) {
72
+ switch (_a.label) {
73
+ case 0:
74
+ publicKey = params.publicKey, message = params.message;
75
+ return [4 /*yield*/, crypto.subtle.importKey("jwk", JSON.parse(atob(publicKey)), {
76
+ name: "ECDH",
77
+ namedCurve: "P-256"
78
+ }, false, [])];
79
+ case 1:
80
+ importedPublicKey = _a.sent();
81
+ return [4 /*yield*/, crypto.subtle.generateKey({
82
+ name: "ECDH",
83
+ namedCurve: "P-256"
84
+ }, true, ["deriveKey", "deriveBits"])];
85
+ case 2:
86
+ ephemeralKeyPair = _a.sent();
87
+ return [4 /*yield*/, crypto.subtle.deriveBits({
88
+ name: "ECDH",
89
+ public: importedPublicKey
90
+ }, ephemeralKeyPair.privateKey, 256)];
91
+ case 3:
92
+ sharedSecret = _a.sent();
93
+ salt = crypto.getRandomValues(new Uint8Array(16));
94
+ infoBytes = new TextEncoder().encode(INFO_LABEL);
95
+ return [4 /*yield*/, crypto.subtle.importKey("raw", sharedSecret, "HKDF", false, ["deriveKey"])];
96
+ case 4:
97
+ hkdfKey = _a.sent();
98
+ return [4 /*yield*/, crypto.subtle.deriveKey({
99
+ name: "HKDF",
100
+ hash: "SHA-256",
101
+ salt: salt,
102
+ info: infoBytes
103
+ }, hkdfKey, { name: "AES-GCM", length: 256 }, false, ["encrypt"])];
104
+ case 5:
105
+ derivedKey = _a.sent();
106
+ iv = crypto.getRandomValues(new Uint8Array(12));
107
+ encodedMessage = new TextEncoder().encode(message);
108
+ return [4 /*yield*/, crypto.subtle.encrypt({
109
+ name: "AES-GCM",
110
+ iv: iv
111
+ }, derivedKey, encodedMessage)];
112
+ case 6:
113
+ ciphertext = _a.sent();
114
+ return [4 /*yield*/, crypto.subtle.exportKey("jwk", ephemeralKeyPair.publicKey)];
115
+ case 7:
116
+ ephemeralPubKeyRaw = _a.sent();
117
+ payload = {
118
+ ephemeralPubKey: ephemeralPubKeyRaw,
119
+ iv: Array.from(iv),
120
+ salt: Array.from(salt),
121
+ ciphertext: Array.from(new Uint8Array(ciphertext))
122
+ };
123
+ return [2 /*return*/, {
124
+ encryptedMessage: btoa(JSON.stringify(payload))
125
+ }];
126
+ }
127
+ });
128
+ });
129
+ }
130
+ function asymmetricDecrypt(params) {
131
+ return __awaiter(this, void 0, void 0, function () {
132
+ var privateKey, encryptedMessage, _a, ephemeralPubKey, iv, salt, ciphertext, importedPrivateKey, importedEphemeralPubKey, sharedSecret, infoBytes, hkdfKey, derivedKey, decryptedBuffer;
133
+ return __generator(this, function (_b) {
134
+ switch (_b.label) {
135
+ case 0:
136
+ privateKey = params.privateKey, encryptedMessage = params.encryptedMessage;
137
+ _a = JSON.parse(atob(encryptedMessage)), ephemeralPubKey = _a.ephemeralPubKey, iv = _a.iv, salt = _a.salt, ciphertext = _a.ciphertext;
138
+ return [4 /*yield*/, crypto.subtle.importKey("jwk", JSON.parse(atob(privateKey)), {
139
+ name: "ECDH",
140
+ namedCurve: "P-256"
141
+ }, false, ["deriveKey", "deriveBits"])];
142
+ case 1:
143
+ importedPrivateKey = _b.sent();
144
+ return [4 /*yield*/, crypto.subtle.importKey("jwk", ephemeralPubKey, {
145
+ name: "ECDH",
146
+ namedCurve: "P-256"
147
+ }, false, [])];
148
+ case 2:
149
+ importedEphemeralPubKey = _b.sent();
150
+ return [4 /*yield*/, crypto.subtle.deriveBits({
151
+ name: "ECDH",
152
+ public: importedEphemeralPubKey
153
+ }, importedPrivateKey, 256)];
154
+ case 3:
155
+ sharedSecret = _b.sent();
156
+ infoBytes = new TextEncoder().encode(INFO_LABEL);
157
+ return [4 /*yield*/, crypto.subtle.importKey("raw", sharedSecret, "HKDF", false, ["deriveKey"])];
158
+ case 4:
159
+ hkdfKey = _b.sent();
160
+ return [4 /*yield*/, crypto.subtle.deriveKey({
161
+ name: "HKDF",
162
+ hash: "SHA-256",
163
+ salt: new Uint8Array(salt),
164
+ info: infoBytes
165
+ }, hkdfKey, { name: "AES-GCM", length: 256 }, false, ["decrypt"])];
166
+ case 5:
167
+ derivedKey = _b.sent();
168
+ return [4 /*yield*/, crypto.subtle.decrypt({
169
+ name: "AES-GCM",
170
+ iv: new Uint8Array(iv)
171
+ }, derivedKey, new Uint8Array(ciphertext))];
172
+ case 6:
173
+ decryptedBuffer = _b.sent();
174
+ return [2 /*return*/, {
175
+ message: new TextDecoder().decode(decryptedBuffer)
176
+ }];
177
+ }
178
+ });
179
+ });
180
+ }
181
+ //# sourceMappingURL=asymmetricEncryption.js.map
package/tools/asymmetricEncryption.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"asymmetricEncryption.js","sourceRoot":"","sources":["../src/tools/asymmetricEncryption.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAOA,oCAiBC;AAED,8CA6EC;AAED,8CA8EC;AAlLD,IAAM,UAAU,GAAG,qCAAqC,CAAC;AAEzD,SAAsB,YAAY;;;;;wBACd,qBAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAC3C;wBACI,IAAI,EAAE,MAAM;wBACZ,UAAU,EAAE,OAAO;qBACtB,EACD,IAAI,EACJ,CAAC,WAAW,EAAE,YAAY,CAAC,CAC9B,EAAA;;oBAPK,OAAO,GAAG,SAOf;oBAEoB,qBAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,OAAO,CAAC,SAAS,CAAC,EAAA;;oBAAtE,YAAY,GAAG,SAAuD;oBACtD,qBAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,OAAO,CAAC,UAAU,CAAC,EAAA;;oBAAxE,aAAa,GAAG,SAAwD;oBAE9E,sBAAO;4BACH,SAAS,EAAE,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;4BAC7C,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;yBAClD,EAAC;;;;CACL;AAED,SAAsB,iBAAiB,CAAC,MAGvC;;;;;;oBACW,SAAS,GAAc,MAAM,UAApB,EAAE,OAAO,GAAK,MAAM,QAAX,CAAY;oBAEZ,qBAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CACnD,KAAK,EACL,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAC3B;4BACI,IAAI,EAAE,MAAM;4BACZ,UAAU,EAAE,OAAO;yBACtB,EACD,KAAK,EACL,EAAE,CACL,EAAA;;oBATK,iBAAiB,GAAG,SASzB;oBAEwB,qBAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CACpD;4BACI,IAAI,EAAE,MAAM;4BACZ,UAAU,EAAE,OAAO;yBACtB,EACD,IAAI,EACJ,CAAC,WAAW,EAAE,YAAY,CAAC,CAC9B,EAAA;;oBAPK,gBAAgB,GAAG,SAOxB;oBAEoB,qBAAM,MAAM,CAAC,MAAM,CAAC,UAAU,CAC/C;4BACI,IAAI,EAAE,MAAM;4BACZ,MAAM,EAAE,iBAAiB;yBAC5B,EACD,gBAAgB,CAAC,UAAU,EAC3B,GAAG,CACN,EAAA;;oBAPK,YAAY,GAAG,SAOpB;oBAEK,IAAI,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;oBAClD,SAAS,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;oBAEvC,qBAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,WAAW,CAAC,CAAC,EAAA;;oBAA1F,OAAO,GAAG,SAAgF;oBAE7E,qBAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAC5C;4BACI,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,SAAS;4BACf,IAAI,MAAA;4BACJ,IAAI,EAAE,SAAS;yBAClB,EACD,OAAO,EACP,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,EAChC,KAAK,EACL,CAAC,SAAS,CAAC,CACd,EAAA;;oBAXK,UAAU,GAAG,SAWlB;oBAEK,EAAE,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;oBAChD,cAAc,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;oBAEtC,qBAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CAC1C;4BACI,IAAI,EAAE,SAAS;4BACf,EAAE,IAAA;yBACL,EACD,UAAU,EACV,cAAc,CACjB,EAAA;;oBAPK,UAAU,GAAG,SAOlB;oBAE0B,qBAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,gBAAgB,CAAC,SAAS,CAAC,EAAA;;oBAArF,kBAAkB,GAAG,SAAgE;oBAErF,OAAO,GAAG;wBACZ,eAAe,EAAE,kBAAkB;wBACnC,EAAE,EAAE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;wBAClB,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC;wBACtB,UAAU,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC;qBACrD,CAAC;oBAEF,sBAAO;4BACH,gBAAgB,EAAE,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;yBAClD,EAAC;;;;CACL;AAED,SAAsB,iBAAiB,CAAC,MAGvC;;;;;;oBACW,UAAU,GAAuB,MAAM,WAA7B,EAAE,gBAAgB,GAAK,MAAM,iBAAX,CAAY;oBAE1C,KAUF,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,EATlC,eAAe,qBAAA,EACf,EAAE,QAAA,EACF,IAAI,UAAA,EACJ,UAAU,gBAAA,CAMyB;oBAEZ,qBAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CACpD,KAAK,EACL,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAC5B;4BACI,IAAI,EAAE,MAAM;4BACZ,UAAU,EAAE,OAAO;yBACtB,EACD,KAAK,EACL,CAAC,WAAW,EAAE,YAAY,CAAC,CAC9B,EAAA;;oBATK,kBAAkB,GAAG,SAS1B;oBAE+B,qBAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CACzD,KAAK,EACL,eAAe,EACf;4BACI,IAAI,EAAE,MAAM;4BACZ,UAAU,EAAE,OAAO;yBACtB,EACD,KAAK,EACL,EAAE,CACL,EAAA;;oBATK,uBAAuB,GAAG,SAS/B;oBAEoB,qBAAM,MAAM,CAAC,MAAM,CAAC,UAAU,CAC/C;4BACI,IAAI,EAAE,MAAM;4BACZ,MAAM,EAAE,uBAAuB;yBAClC,EACD,kBAAkB,EAClB,GAAG,CACN,EAAA;;oBAPK,YAAY,GAAG,SAOpB;oBAEK,SAAS,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;oBAEvC,qBAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,WAAW,CAAC,CAAC,EAAA;;oBAA1F,OAAO,GAAG,SAAgF;oBAE7E,qBAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAC5C;4BACI,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,SAAS;4BACf,IAAI,EAAE,IAAI,UAAU,CAAC,IAAI,CAAC;4BAC1B,IAAI,EAAE,SAAS;yBAClB,EACD,OAAO,EACP,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,EAChC,KAAK,EACL,CAAC,SAAS,CAAC,CACd,EAAA;;oBAXK,UAAU,GAAG,SAWlB;oBAEuB,qBAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CAC/C;4BACI,IAAI,EAAE,SAAS;4BACf,EAAE,EAAE,IAAI,UAAU,CAAC,EAAE,CAAC;yBACzB,EACD,UAAU,EACV,IAAI,UAAU,CAAC,UAAU,CAAC,CAC7B,EAAA;;oBAPK,eAAe,GAAG,SAOvB;oBAED,sBAAO;4BACH,OAAO,EAAE,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC;yBACrD,EAAC;;;;CACL"}