qa360 2.3.0 → 2.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +155 -262
- package/{cli/dist → dist}/commands/ai.js +1 -1
- package/{cli/dist → dist}/commands/coverage.js +1 -1
- package/{cli/dist → dist}/commands/crawl.js +2 -2
- package/{cli/dist → dist}/commands/doctor.js +2 -2
- package/{cli/dist → dist}/commands/explain.js +2 -2
- package/{cli/dist → dist}/commands/flakiness.js +1 -1
- package/{cli/dist → dist}/commands/generate.js +1 -1
- package/{cli/dist → dist}/commands/history.js +1 -1
- package/{cli/dist → dist}/commands/monitor.js +3 -3
- package/{cli/dist → dist}/commands/ollama.js +1 -1
- package/{cli/dist → dist}/commands/pack.js +2 -2
- package/{cli/dist → dist}/commands/regression.js +1 -1
- package/{cli/dist → dist}/commands/repair.js +1 -1
- package/{cli/dist → dist}/commands/retry.js +1 -1
- package/{cli/dist → dist}/commands/run.d.ts +1 -1
- package/{cli/dist → dist}/commands/run.js +1 -1
- package/{cli/dist → dist}/commands/secrets.js +1 -1
- package/{cli/dist → dist}/commands/serve.js +1 -1
- package/{cli/dist → dist}/commands/slo.js +1 -1
- package/{cli/dist → dist}/commands/verify.js +1 -1
- package/{cli/dist → dist}/core/adapters/playwright-native-api.d.ts +2 -0
- package/{cli/dist → dist}/core/adapters/playwright-native-api.js +20 -1
- package/{cli/dist → dist}/core/adapters/playwright-ui.d.ts +21 -0
- package/dist/core/adapters/playwright-ui.js +2050 -0
- package/{cli/dist → dist}/core/ai/ollama-provider.js +15 -3
- package/{cli/dist → dist}/core/artifacts/ui-artifacts.js +24 -4
- package/dist/core/auth/backup-codes-provider.d.ts +91 -0
- package/dist/core/auth/backup-codes-provider.js +215 -0
- package/{cli/dist → dist}/core/auth/basic-auth-provider.d.ts +6 -0
- package/{cli/dist → dist}/core/auth/basic-auth-provider.js +24 -6
- package/dist/core/auth/digest-auth-provider.d.ts +116 -0
- package/dist/core/auth/digest-auth-provider.js +244 -0
- package/dist/core/auth/hcaptcha-handler.d.ts +103 -0
- package/dist/core/auth/hcaptcha-handler.js +288 -0
- package/{cli/dist → dist}/core/auth/index.d.ts +81 -4
- package/{cli/dist → dist}/core/auth/index.js +15 -1
- package/dist/core/auth/oauth-handler.d.ts +408 -0
- package/dist/core/auth/oauth-handler.js +636 -0
- package/{cli/dist → dist}/core/auth/oauth2-provider.d.ts +9 -0
- package/dist/core/auth/oauth2-provider.js +227 -0
- package/dist/core/auth/otp-provider.d.ts +93 -0
- package/dist/core/auth/otp-provider.js +288 -0
- package/dist/core/auth/recaptcha-handler.d.ts +119 -0
- package/dist/core/auth/recaptcha-handler.js +301 -0
- package/dist/core/auth/remember-me-handler.d.ts +142 -0
- package/dist/core/auth/remember-me-handler.js +255 -0
- package/dist/core/auth/saml-handler.d.ts +173 -0
- package/dist/core/auth/saml-handler.js +364 -0
- package/dist/core/auth/webauthn-handler.d.ts +182 -0
- package/dist/core/auth/webauthn-handler.js +310 -0
- package/dist/core/crawler/advanced-interactions.d.ts +342 -0
- package/dist/core/crawler/advanced-interactions.js +1069 -0
- package/dist/core/crawler/blob-url-download-handler.d.ts +145 -0
- package/dist/core/crawler/blob-url-download-handler.js +392 -0
- package/dist/core/crawler/consent-handler.d.ts +49 -0
- package/dist/core/crawler/consent-handler.js +258 -0
- package/dist/core/crawler/cookie-manager.d.ts +166 -0
- package/dist/core/crawler/cookie-manager.js +353 -0
- package/dist/core/crawler/coop-coep-handler.d.ts +136 -0
- package/dist/core/crawler/coop-coep-handler.js +338 -0
- package/dist/core/crawler/csp-handler.d.ts +151 -0
- package/dist/core/crawler/csp-handler.js +415 -0
- package/dist/core/crawler/download-handler.d.ts +155 -0
- package/dist/core/crawler/download-handler.js +370 -0
- package/dist/core/crawler/email-testing-handler.d.ts +214 -0
- package/dist/core/crawler/email-testing-handler.js +398 -0
- package/dist/core/crawler/error-tracking-handler.d.ts +177 -0
- package/dist/core/crawler/error-tracking-handler.js +378 -0
- package/dist/core/crawler/form-handler.d.ts +100 -0
- package/dist/core/crawler/form-handler.js +465 -0
- package/dist/core/crawler/framework-wait-handler.d.ts +96 -0
- package/dist/core/crawler/framework-wait-handler.js +464 -0
- package/dist/core/crawler/geolocation-handler.d.ts +112 -0
- package/dist/core/crawler/geolocation-handler.js +276 -0
- package/dist/core/crawler/index.d.ts +78 -0
- package/{cli/dist → dist}/core/crawler/index.js +74 -1
- package/dist/core/crawler/intelligent-selector-generator.d.ts +164 -0
- package/dist/core/crawler/intelligent-selector-generator.js +612 -0
- package/{cli/dist → dist}/core/crawler/journey-generator.js +44 -1
- package/{cli/dist → dist}/core/crawler/page-analyzer.d.ts +16 -1
- package/{cli/dist → dist}/core/crawler/page-analyzer.js +469 -17
- package/dist/core/crawler/permissions-handler.d.ts +112 -0
- package/dist/core/crawler/permissions-handler.js +236 -0
- package/dist/core/crawler/permissions-policy-handler.d.ts +113 -0
- package/dist/core/crawler/permissions-policy-handler.js +402 -0
- package/dist/core/crawler/presets.d.ts +100 -0
- package/dist/core/crawler/presets.js +887 -0
- package/dist/core/crawler/repl-debug-handler.d.ts +105 -0
- package/dist/core/crawler/repl-debug-handler.js +552 -0
- package/dist/core/crawler/reporting-api-handler.d.ts +212 -0
- package/dist/core/crawler/reporting-api-handler.js +344 -0
- package/{cli/dist → dist}/core/crawler/selector-generator.d.ts +9 -0
- package/{cli/dist → dist}/core/crawler/selector-generator.js +99 -23
- package/dist/core/crawler/site-profiler.d.ts +89 -0
- package/dist/core/crawler/site-profiler.js +290 -0
- package/dist/core/crawler/sourcemaps-handler.d.ts +144 -0
- package/dist/core/crawler/sourcemaps-handler.js +420 -0
- package/dist/core/crawler/stacked-modals-handler.d.ts +118 -0
- package/dist/core/crawler/stacked-modals-handler.js +429 -0
- package/dist/core/crawler/trusted-types-handler.d.ts +149 -0
- package/dist/core/crawler/trusted-types-handler.js +413 -0
- package/{cli/dist → dist}/core/crawler/types.d.ts +68 -2
- package/dist/core/crawler/wait-strategies.d.ts +108 -0
- package/dist/core/crawler/wait-strategies.js +399 -0
- package/dist/core/fixtures/factories.d.ts +180 -0
- package/dist/core/fixtures/factories.js +279 -0
- package/dist/core/fixtures/index.d.ts +6 -0
- package/dist/core/fixtures/index.js +6 -0
- package/{cli/dist → dist}/core/generation/crawler-pack-generator.d.ts +13 -3
- package/dist/core/generation/crawler-pack-generator.js +232 -0
- package/{cli/dist → dist}/core/generation/index.d.ts +2 -0
- package/{cli/dist → dist}/core/generation/index.js +2 -0
- package/{cli/dist → dist}/core/index.d.ts +2 -0
- package/{cli/dist → dist}/core/index.js +4 -0
- package/dist/core/network/index.d.ts +7 -0
- package/dist/core/network/index.js +7 -0
- package/dist/core/network/network-manager.d.ts +237 -0
- package/dist/core/network/network-manager.js +343 -0
- package/dist/core/network/network-simulator.d.ts +158 -0
- package/dist/core/network/network-simulator.js +261 -0
- package/{cli/dist → dist}/core/pack/validator.js +2 -2
- package/{cli/dist → dist}/core/pack-v2/migrator.d.ts +5 -0
- package/{cli/dist → dist}/core/pack-v2/migrator.js +81 -6
- package/{cli/dist → dist}/core/pack-v2/validator.js +4 -3
- package/{cli/dist → dist}/core/pom/base-page.js +1 -1
- package/{cli/dist → dist}/core/pom/loader.js +1 -1
- package/dist/core/reporting/index.d.ts +9 -0
- package/dist/core/reporting/index.js +10 -0
- package/dist/core/reporting/junit-reporter.d.ts +114 -0
- package/dist/core/reporting/junit-reporter.js +306 -0
- package/{cli/dist → dist}/core/runner/e2e-helpers.d.ts +1 -1
- package/{cli/dist → dist}/core/runner/e2e-helpers.js +2 -2
- package/{cli/dist → dist}/core/runner/phase3-runner.d.ts +3 -0
- package/{cli/dist → dist}/core/runner/phase3-runner.js +45 -14
- package/dist/core/sharding/test-sharding.d.ts +137 -0
- package/dist/core/sharding/test-sharding.js +233 -0
- package/dist/core/storage/cookie-manager.d.ts +160 -0
- package/dist/core/storage/cookie-manager.js +268 -0
- package/dist/core/storage/index.d.ts +7 -0
- package/dist/core/storage/index.js +7 -0
- package/dist/core/storage/storage-helpers.d.ts +138 -0
- package/dist/core/storage/storage-helpers.js +315 -0
- package/dist/core/test-helpers/index.d.ts +6 -0
- package/dist/core/test-helpers/index.js +6 -0
- package/dist/core/test-helpers/state-reset.d.ts +119 -0
- package/dist/core/test-helpers/state-reset.js +234 -0
- package/{cli/dist → dist}/core/types/pack-v1.d.ts +15 -2
- package/{cli/dist → dist}/core/types/pack-v2.d.ts +1 -1
- package/dist/core/upload/chunked-uploader.d.ts +150 -0
- package/dist/core/upload/chunked-uploader.js +289 -0
- package/dist/core/upload/index.d.ts +11 -0
- package/dist/core/upload/index.js +8 -0
- package/dist/core/upload/mime-validator.d.ts +119 -0
- package/dist/core/upload/mime-validator.js +373 -0
- package/dist/core/upload/presigned-uploader.d.ts +118 -0
- package/dist/core/upload/presigned-uploader.js +274 -0
- package/dist/core/utils/device-emulation.d.ts +194 -0
- package/dist/core/utils/device-emulation.js +380 -0
- package/dist/core/utils/index.d.ts +8 -0
- package/dist/core/utils/index.js +8 -0
- package/dist/core/utils/retry.d.ts +145 -0
- package/dist/core/utils/retry.js +242 -0
- package/dist/core/utils/smart-wait.d.ts +133 -0
- package/dist/core/utils/smart-wait.js +417 -0
- package/dist/core/visual/index.d.ts +7 -0
- package/dist/core/visual/index.js +7 -0
- package/dist/core/visual/pixel-diff.d.ts +87 -0
- package/dist/core/visual/pixel-diff.js +213 -0
- package/dist/core/visual/screenshot-helper.d.ts +130 -0
- package/dist/core/visual/screenshot-helper.js +223 -0
- package/{cli/dist → dist}/utils/config.d.ts +1 -1
- package/examples/README.md +160 -0
- package/examples/accessibility.yml +48 -0
- package/examples/api-basic.yml +27 -0
- package/examples/complete.yml +146 -0
- package/examples/crawler.yml +38 -0
- package/examples/fullstack.yml +78 -0
- package/examples/security.yml +58 -0
- package/examples/ui-advanced.yml +49 -0
- package/examples/ui-basic.yml +24 -0
- package/package.json +33 -67
- package/CHANGELOG.md +0 -330
- package/CONTRIBUTING.md +0 -273
- package/QUICK_START.md +0 -191
- package/cli/CHANGELOG.md +0 -84
- package/cli/LICENSE +0 -24
- package/cli/README.md +0 -222
- package/cli/dist/core/adapters/playwright-ui.js +0 -864
- package/cli/dist/core/auth/oauth2-provider.js +0 -114
- package/cli/dist/core/coverage/analyzer.d.ts +0 -101
- package/cli/dist/core/coverage/analyzer.js +0 -415
- package/cli/dist/core/coverage/collector.d.ts +0 -74
- package/cli/dist/core/coverage/collector.js +0 -459
- package/cli/dist/core/coverage/config.d.ts +0 -37
- package/cli/dist/core/coverage/config.js +0 -156
- package/cli/dist/core/coverage/index.d.ts +0 -11
- package/cli/dist/core/coverage/index.js +0 -15
- package/cli/dist/core/coverage/types.d.ts +0 -267
- package/cli/dist/core/coverage/types.js +0 -6
- package/cli/dist/core/coverage/vault.d.ts +0 -95
- package/cli/dist/core/coverage/vault.js +0 -405
- package/cli/dist/core/crawler/index.d.ts +0 -57
- package/cli/dist/core/fixtures/index.d.ts +0 -8
- package/cli/dist/core/fixtures/index.js +0 -8
- package/cli/dist/core/generation/crawler-pack-generator.js +0 -231
- package/cli/dist/core/reporting/index.d.ts +0 -6
- package/cli/dist/core/reporting/index.js +0 -6
- package/cli/dist/core/visual/index.d.ts +0 -6
- package/cli/dist/core/visual/index.js +0 -6
- package/cli/package.json +0 -76
- package/core/LICENSE +0 -24
- package/core/README.md +0 -105
- package/core/package.json +0 -90
- package/core/schemas/pack.schema.json +0 -236
- /package/{cli/bin → bin}/qa360.js +0 -0
- /package/{cli/dist → dist}/cli-minimal.d.ts +0 -0
- /package/{cli/dist → dist}/cli-minimal.js +0 -0
- /package/{cli/dist → dist}/commands/ai.d.ts +0 -0
- /package/{cli/dist → dist}/commands/ask.d.ts +0 -0
- /package/{cli/dist → dist}/commands/ask.js +0 -0
- /package/{cli/dist → dist}/commands/coverage.d.ts +0 -0
- /package/{cli/dist → dist}/commands/crawl.d.ts +0 -0
- /package/{cli/dist → dist}/commands/doctor.d.ts +0 -0
- /package/{cli/dist → dist}/commands/examples.d.ts +0 -0
- /package/{cli/dist → dist}/commands/examples.js +0 -0
- /package/{cli/dist → dist}/commands/explain.d.ts +0 -0
- /package/{cli/dist → dist}/commands/flakiness.d.ts +0 -0
- /package/{cli/dist → dist}/commands/generate.d.ts +0 -0
- /package/{cli/dist → dist}/commands/history.d.ts +0 -0
- /package/{cli/dist → dist}/commands/init.d.ts +0 -0
- /package/{cli/dist → dist}/commands/init.js +0 -0
- /package/{cli/dist → dist}/commands/monitor.d.ts +0 -0
- /package/{cli/dist → dist}/commands/ollama.d.ts +0 -0
- /package/{cli/dist → dist}/commands/pack.d.ts +0 -0
- /package/{cli/dist → dist}/commands/regression.d.ts +0 -0
- /package/{cli/dist → dist}/commands/repair.d.ts +0 -0
- /package/{cli/dist → dist}/commands/report.d.ts +0 -0
- /package/{cli/dist → dist}/commands/report.js +0 -0
- /package/{cli/dist → dist}/commands/retry.d.ts +0 -0
- /package/{cli/dist → dist}/commands/scan.d.ts +0 -0
- /package/{cli/dist → dist}/commands/scan.js +0 -0
- /package/{cli/dist → dist}/commands/secrets.d.ts +0 -0
- /package/{cli/dist → dist}/commands/serve.d.ts +0 -0
- /package/{cli/dist → dist}/commands/slo.d.ts +0 -0
- /package/{cli/dist → dist}/commands/verify.d.ts +0 -0
- /package/{cli/dist → dist}/core/adapters/gitleaks-secrets.d.ts +0 -0
- /package/{cli/dist → dist}/core/adapters/gitleaks-secrets.js +0 -0
- /package/{cli/dist → dist}/core/adapters/jest-adapter.d.ts +0 -0
- /package/{cli/dist → dist}/core/adapters/jest-adapter.js +0 -0
- /package/{cli/dist → dist}/core/adapters/k6-perf.d.ts +0 -0
- /package/{cli/dist → dist}/core/adapters/k6-perf.js +0 -0
- /package/{cli/dist → dist}/core/adapters/osv-deps.d.ts +0 -0
- /package/{cli/dist → dist}/core/adapters/osv-deps.js +0 -0
- /package/{cli/dist → dist}/core/adapters/playwright-native-adapter.d.ts +0 -0
- /package/{cli/dist → dist}/core/adapters/playwright-native-adapter.js +0 -0
- /package/{cli/dist → dist}/core/adapters/pytest-adapter.d.ts +0 -0
- /package/{cli/dist → dist}/core/adapters/pytest-adapter.js +0 -0
- /package/{cli/dist → dist}/core/adapters/semgrep-sast.d.ts +0 -0
- /package/{cli/dist → dist}/core/adapters/semgrep-sast.js +0 -0
- /package/{cli/dist → dist}/core/adapters/unit-test-types.d.ts +0 -0
- /package/{cli/dist → dist}/core/adapters/unit-test-types.js +0 -0
- /package/{cli/dist → dist}/core/adapters/vitest-adapter.d.ts +0 -0
- /package/{cli/dist → dist}/core/adapters/vitest-adapter.js +0 -0
- /package/{cli/dist → dist}/core/adapters/zap-dast.d.ts +0 -0
- /package/{cli/dist → dist}/core/adapters/zap-dast.js +0 -0
- /package/{cli/dist → dist}/core/ai/anthropic-provider.d.ts +0 -0
- /package/{cli/dist → dist}/core/ai/anthropic-provider.js +0 -0
- /package/{cli/dist → dist}/core/ai/deepseek-provider.d.ts +0 -0
- /package/{cli/dist → dist}/core/ai/deepseek-provider.js +0 -0
- /package/{cli/dist → dist}/core/ai/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/ai/index.js +0 -0
- /package/{cli/dist → dist}/core/ai/llm-client.d.ts +0 -0
- /package/{cli/dist → dist}/core/ai/llm-client.js +0 -0
- /package/{cli/dist → dist}/core/ai/mock-provider.d.ts +0 -0
- /package/{cli/dist → dist}/core/ai/mock-provider.js +0 -0
- /package/{cli/dist → dist}/core/ai/ollama-provider.d.ts +0 -0
- /package/{cli/dist → dist}/core/ai/openai-provider.d.ts +0 -0
- /package/{cli/dist → dist}/core/ai/openai-provider.js +0 -0
- /package/{cli/dist → dist}/core/ai/provider-factory.d.ts +0 -0
- /package/{cli/dist → dist}/core/ai/provider-factory.js +0 -0
- /package/{cli/dist → dist}/core/artifacts/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/artifacts/index.js +0 -0
- /package/{cli/dist → dist}/core/artifacts/ui-artifacts.d.ts +0 -0
- /package/{cli/dist → dist}/core/assertions/engine.d.ts +0 -0
- /package/{cli/dist → dist}/core/assertions/engine.js +0 -0
- /package/{cli/dist → dist}/core/assertions/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/assertions/index.js +0 -0
- /package/{cli/dist → dist}/core/assertions/types.d.ts +0 -0
- /package/{cli/dist → dist}/core/assertions/types.js +0 -0
- /package/{cli/dist → dist}/core/auth/api-key-provider.d.ts +0 -0
- /package/{cli/dist → dist}/core/auth/api-key-provider.js +0 -0
- /package/{cli/dist → dist}/core/auth/aws-iam-provider.d.ts +0 -0
- /package/{cli/dist → dist}/core/auth/aws-iam-provider.js +0 -0
- /package/{cli/dist → dist}/core/auth/azure-ad-provider.d.ts +0 -0
- /package/{cli/dist → dist}/core/auth/azure-ad-provider.js +0 -0
- /package/{cli/dist → dist}/core/auth/gcp-adc-provider.d.ts +0 -0
- /package/{cli/dist → dist}/core/auth/gcp-adc-provider.js +0 -0
- /package/{cli/dist → dist}/core/auth/jwt-provider.d.ts +0 -0
- /package/{cli/dist → dist}/core/auth/jwt-provider.js +0 -0
- /package/{cli/dist → dist}/core/auth/manager.d.ts +0 -0
- /package/{cli/dist → dist}/core/auth/manager.js +0 -0
- /package/{cli/dist → dist}/core/auth/totp-provider.d.ts +0 -0
- /package/{cli/dist → dist}/core/auth/totp-provider.js +0 -0
- /package/{cli/dist → dist}/core/auth/ui-login-provider.d.ts +0 -0
- /package/{cli/dist → dist}/core/auth/ui-login-provider.js +0 -0
- /package/{cli/dist → dist}/core/cache/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/cache/index.js +0 -0
- /package/{cli/dist → dist}/core/cache/lru-cache.d.ts +0 -0
- /package/{cli/dist → dist}/core/cache/lru-cache.js +0 -0
- /package/{cli/dist/core → dist}/core/coverage/analyzer.d.ts +0 -0
- /package/{cli/dist/core → dist}/core/coverage/analyzer.js +0 -0
- /package/{cli/dist/core → dist}/core/coverage/collector.d.ts +0 -0
- /package/{cli/dist/core → dist}/core/coverage/collector.js +0 -0
- /package/{cli/dist/core → dist}/core/coverage/config.d.ts +0 -0
- /package/{cli/dist/core → dist}/core/coverage/config.js +0 -0
- /package/{cli/dist/core → dist}/core/coverage/index.d.ts +0 -0
- /package/{cli/dist/core → dist}/core/coverage/index.js +0 -0
- /package/{cli/dist/core → dist}/core/coverage/types.d.ts +0 -0
- /package/{cli/dist/core → dist}/core/coverage/types.js +0 -0
- /package/{cli/dist/core → dist}/core/coverage/vault.d.ts +0 -0
- /package/{cli/dist/core → dist}/core/coverage/vault.js +0 -0
- /package/{cli/dist → dist}/core/crawler/journey-generator.d.ts +0 -0
- /package/{cli/dist → dist}/core/crawler/types.js +0 -0
- /package/{cli/dist → dist}/core/dashboard/assets.d.ts +0 -0
- /package/{cli/dist → dist}/core/dashboard/assets.js +0 -0
- /package/{cli/dist → dist}/core/dashboard/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/dashboard/index.js +0 -0
- /package/{cli/dist → dist}/core/dashboard/server.d.ts +0 -0
- /package/{cli/dist → dist}/core/dashboard/server.js +0 -0
- /package/{cli/dist → dist}/core/dashboard/types.d.ts +0 -0
- /package/{cli/dist → dist}/core/dashboard/types.js +0 -0
- /package/{cli/dist → dist}/core/discoverer/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/discoverer/index.js +0 -0
- /package/{cli/dist → dist}/core/fixtures/loader.d.ts +0 -0
- /package/{cli/dist → dist}/core/fixtures/loader.js +0 -0
- /package/{cli/dist → dist}/core/fixtures/resolver.d.ts +0 -0
- /package/{cli/dist → dist}/core/fixtures/resolver.js +0 -0
- /package/{cli/dist → dist}/core/fixtures/types.d.ts +0 -0
- /package/{cli/dist → dist}/core/fixtures/types.js +0 -0
- /package/{cli/dist → dist}/core/flakiness/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/flakiness/index.js +0 -0
- /package/{cli/dist → dist}/core/generation/code-formatter.d.ts +0 -0
- /package/{cli/dist → dist}/core/generation/code-formatter.js +0 -0
- /package/{cli/dist → dist}/core/generation/code-generator.d.ts +0 -0
- /package/{cli/dist → dist}/core/generation/code-generator.js +0 -0
- /package/{cli/dist → dist}/core/generation/generator.d.ts +0 -0
- /package/{cli/dist → dist}/core/generation/generator.js +0 -0
- /package/{cli/dist → dist}/core/generation/pack-generator.d.ts +0 -0
- /package/{cli/dist → dist}/core/generation/pack-generator.js +0 -0
- /package/{cli/dist → dist}/core/generation/prompt-builder.d.ts +0 -0
- /package/{cli/dist → dist}/core/generation/prompt-builder.js +0 -0
- /package/{cli/dist → dist}/core/generation/source-analyzer.d.ts +0 -0
- /package/{cli/dist → dist}/core/generation/source-analyzer.js +0 -0
- /package/{cli/dist → dist}/core/generation/test-optimizer.d.ts +0 -0
- /package/{cli/dist → dist}/core/generation/test-optimizer.js +0 -0
- /package/{cli/dist → dist}/core/generation/types.d.ts +0 -0
- /package/{cli/dist → dist}/core/generation/types.js +0 -0
- /package/{cli/dist → dist}/core/hooks/compose.d.ts +0 -0
- /package/{cli/dist → dist}/core/hooks/compose.js +0 -0
- /package/{cli/dist → dist}/core/hooks/runner.d.ts +0 -0
- /package/{cli/dist → dist}/core/hooks/runner.js +0 -0
- /package/{cli/dist → dist}/core/pack/migrator.d.ts +0 -0
- /package/{cli/dist → dist}/core/pack/migrator.js +0 -0
- /package/{cli/dist → dist}/core/pack/validator.d.ts +0 -0
- /package/{cli/dist → dist}/core/pack-v2/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/pack-v2/index.js +0 -0
- /package/{cli/dist → dist}/core/pack-v2/loader.d.ts +0 -0
- /package/{cli/dist → dist}/core/pack-v2/loader.js +0 -0
- /package/{cli/dist → dist}/core/pack-v2/validator.d.ts +0 -0
- /package/{cli/dist → dist}/core/parallel/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/parallel/index.js +0 -0
- /package/{cli/dist → dist}/core/parallel/parallel-runner.d.ts +0 -0
- /package/{cli/dist → dist}/core/parallel/parallel-runner.js +0 -0
- /package/{cli/dist → dist}/core/pom/base-page.d.ts +0 -0
- /package/{cli/dist → dist}/core/pom/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/pom/index.js +0 -0
- /package/{cli/dist → dist}/core/pom/loader.d.ts +0 -0
- /package/{cli/dist → dist}/core/pom/types.d.ts +0 -0
- /package/{cli/dist → dist}/core/pom/types.js +0 -0
- /package/{cli/dist → dist}/core/proof/bundle.d.ts +0 -0
- /package/{cli/dist → dist}/core/proof/bundle.js +0 -0
- /package/{cli/dist → dist}/core/proof/canonicalize.d.ts +0 -0
- /package/{cli/dist → dist}/core/proof/canonicalize.js +0 -0
- /package/{cli/dist → dist}/core/proof/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/proof/index.js +0 -0
- /package/{cli/dist → dist}/core/proof/schema.d.ts +0 -0
- /package/{cli/dist → dist}/core/proof/schema.js +0 -0
- /package/{cli/dist → dist}/core/proof/signer.d.ts +0 -0
- /package/{cli/dist → dist}/core/proof/signer.js +0 -0
- /package/{cli/dist → dist}/core/proof/verifier.d.ts +0 -0
- /package/{cli/dist → dist}/core/proof/verifier.js +0 -0
- /package/{cli/dist → dist}/core/regression/detector.d.ts +0 -0
- /package/{cli/dist → dist}/core/regression/detector.js +0 -0
- /package/{cli/dist → dist}/core/regression/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/regression/index.js +0 -0
- /package/{cli/dist → dist}/core/regression/trend-analyzer.d.ts +0 -0
- /package/{cli/dist → dist}/core/regression/trend-analyzer.js +0 -0
- /package/{cli/dist → dist}/core/regression/types.d.ts +0 -0
- /package/{cli/dist → dist}/core/regression/types.js +0 -0
- /package/{cli/dist → dist}/core/regression/vault.d.ts +0 -0
- /package/{cli/dist → dist}/core/regression/vault.js +0 -0
- /package/{cli/dist → dist}/core/repair/engine/fixer.d.ts +0 -0
- /package/{cli/dist → dist}/core/repair/engine/fixer.js +0 -0
- /package/{cli/dist → dist}/core/repair/engine/suggestion-engine.d.ts +0 -0
- /package/{cli/dist → dist}/core/repair/engine/suggestion-engine.js +0 -0
- /package/{cli/dist → dist}/core/repair/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/repair/index.js +0 -0
- /package/{cli/dist → dist}/core/repair/repairer.d.ts +0 -0
- /package/{cli/dist → dist}/core/repair/repairer.js +0 -0
- /package/{cli/dist → dist}/core/repair/types.d.ts +0 -0
- /package/{cli/dist → dist}/core/repair/types.js +0 -0
- /package/{cli/dist → dist}/core/repair/utils/error-analyzer.d.ts +0 -0
- /package/{cli/dist → dist}/core/repair/utils/error-analyzer.js +0 -0
- /package/{cli/dist → dist}/core/reporting/html-reporter.d.ts +0 -0
- /package/{cli/dist → dist}/core/reporting/html-reporter.js +0 -0
- /package/{cli/dist → dist}/core/retry/flakiness-integration.d.ts +0 -0
- /package/{cli/dist → dist}/core/retry/flakiness-integration.js +0 -0
- /package/{cli/dist → dist}/core/retry/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/retry/index.js +0 -0
- /package/{cli/dist → dist}/core/retry/retry-engine.d.ts +0 -0
- /package/{cli/dist → dist}/core/retry/retry-engine.js +0 -0
- /package/{cli/dist → dist}/core/retry/types.d.ts +0 -0
- /package/{cli/dist → dist}/core/retry/types.js +0 -0
- /package/{cli/dist → dist}/core/retry/vault.d.ts +0 -0
- /package/{cli/dist → dist}/core/retry/vault.js +0 -0
- /package/{cli/dist → dist}/core/schemas/pack.schema.json +0 -0
- /package/{cli/dist → dist}/core/secrets/crypto.d.ts +0 -0
- /package/{cli/dist → dist}/core/secrets/crypto.js +0 -0
- /package/{cli/dist → dist}/core/secrets/manager.d.ts +0 -0
- /package/{cli/dist → dist}/core/secrets/manager.js +0 -0
- /package/{cli/dist → dist}/core/security/redaction-patterns-extended.d.ts +0 -0
- /package/{cli/dist → dist}/core/security/redaction-patterns-extended.js +0 -0
- /package/{cli/dist → dist}/core/security/redactor.d.ts +0 -0
- /package/{cli/dist → dist}/core/security/redactor.js +0 -0
- /package/{cli/dist → dist}/core/self-healing/assertion-healer.d.ts +0 -0
- /package/{cli/dist → dist}/core/self-healing/assertion-healer.js +0 -0
- /package/{cli/dist → dist}/core/self-healing/engine.d.ts +0 -0
- /package/{cli/dist → dist}/core/self-healing/engine.js +0 -0
- /package/{cli/dist → dist}/core/self-healing/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/self-healing/index.js +0 -0
- /package/{cli/dist → dist}/core/self-healing/selector-healer.d.ts +0 -0
- /package/{cli/dist → dist}/core/self-healing/selector-healer.js +0 -0
- /package/{cli/dist → dist}/core/self-healing/types.d.ts +0 -0
- /package/{cli/dist → dist}/core/self-healing/types.js +0 -0
- /package/{cli/dist → dist}/core/serve/diagnostics-collector.d.ts +0 -0
- /package/{cli/dist → dist}/core/serve/diagnostics-collector.js +0 -0
- /package/{cli/dist → dist}/core/serve/health-checker.d.ts +0 -0
- /package/{cli/dist → dist}/core/serve/health-checker.js +0 -0
- /package/{cli/dist → dist}/core/serve/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/serve/index.js +0 -0
- /package/{cli/dist → dist}/core/serve/metrics-collector.d.ts +0 -0
- /package/{cli/dist → dist}/core/serve/metrics-collector.js +0 -0
- /package/{cli/dist → dist}/core/serve/process-manager.d.ts +0 -0
- /package/{cli/dist → dist}/core/serve/process-manager.js +0 -0
- /package/{cli/dist → dist}/core/serve/server.d.ts +0 -0
- /package/{cli/dist → dist}/core/serve/server.js +0 -0
- /package/{cli/dist → dist}/core/slo/config.d.ts +0 -0
- /package/{cli/dist → dist}/core/slo/config.js +0 -0
- /package/{cli/dist → dist}/core/slo/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/slo/index.js +0 -0
- /package/{cli/dist → dist}/core/slo/sli-calculator.d.ts +0 -0
- /package/{cli/dist → dist}/core/slo/sli-calculator.js +0 -0
- /package/{cli/dist → dist}/core/slo/slo-tracker.d.ts +0 -0
- /package/{cli/dist → dist}/core/slo/slo-tracker.js +0 -0
- /package/{cli/dist → dist}/core/slo/types.d.ts +0 -0
- /package/{cli/dist → dist}/core/slo/types.js +0 -0
- /package/{cli/dist → dist}/core/slo/vault.d.ts +0 -0
- /package/{cli/dist → dist}/core/slo/vault.js +0 -0
- /package/{cli/dist → dist}/core/tui/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/tui/index.js +0 -0
- /package/{cli/dist → dist}/core/tui/monitor.d.ts +0 -0
- /package/{cli/dist → dist}/core/tui/monitor.js +0 -0
- /package/{cli/dist → dist}/core/tui/renderer.d.ts +0 -0
- /package/{cli/dist → dist}/core/tui/renderer.js +0 -0
- /package/{cli/dist → dist}/core/tui/types.d.ts +0 -0
- /package/{cli/dist → dist}/core/tui/types.js +0 -0
- /package/{cli/dist → dist}/core/types/pack-v1.js +0 -0
- /package/{cli/dist → dist}/core/types/pack-v2.js +0 -0
- /package/{cli/dist → dist}/core/types/trust-score.d.ts +0 -0
- /package/{cli/dist → dist}/core/types/trust-score.js +0 -0
- /package/{cli/dist → dist}/core/vault/cas.d.ts +0 -0
- /package/{cli/dist → dist}/core/vault/cas.js +0 -0
- /package/{cli/dist → dist}/core/vault/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/vault/index.js +0 -0
- /package/{cli/dist → dist}/core/visual/visual-regression.d.ts +0 -0
- /package/{cli/dist → dist}/core/visual/visual-regression.js +0 -0
- /package/{cli/dist → dist}/core/watch/index.d.ts +0 -0
- /package/{cli/dist → dist}/core/watch/index.js +0 -0
- /package/{cli/dist → dist}/core/watch/watch-mode.d.ts +0 -0
- /package/{cli/dist → dist}/core/watch/watch-mode.js +0 -0
- /package/{cli/dist → dist}/generators/index.d.ts +0 -0
- /package/{cli/dist → dist}/generators/index.js +0 -0
- /package/{cli/dist → dist}/generators/json-reporter.d.ts +0 -0
- /package/{cli/dist → dist}/generators/json-reporter.js +0 -0
- /package/{cli/dist → dist}/generators/test-generator.d.ts +0 -0
- /package/{cli/dist → dist}/generators/test-generator.js +0 -0
- /package/{cli/dist → dist}/index.d.ts +0 -0
- /package/{cli/dist → dist}/index.js +0 -0
- /package/{cli/dist → dist}/scanners/dom-scanner.d.ts +0 -0
- /package/{cli/dist → dist}/scanners/dom-scanner.js +0 -0
- /package/{cli/dist → dist}/scanners/index.d.ts +0 -0
- /package/{cli/dist → dist}/scanners/index.js +0 -0
- /package/{cli/dist → dist}/schemas/pack.schema.json +0 -0
- /package/{cli/dist → dist}/types/scan.d.ts +0 -0
- /package/{cli/dist → dist}/types/scan.js +0 -0
- /package/{cli/dist → dist}/utils/config.js +0 -0
|
@@ -0,0 +1,255 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Remember Me Handler
|
|
3
|
+
*
|
|
4
|
+
* P1 - Persistent session management
|
|
5
|
+
*
|
|
6
|
+
* Supports:
|
|
7
|
+
* - Generating secure remember me tokens
|
|
8
|
+
* - Validating persistent tokens
|
|
9
|
+
* - Token rotation for security
|
|
10
|
+
* - Configurable token expiration
|
|
11
|
+
*
|
|
12
|
+
* @see https://cheatsheetseries.owasp.org/cheatsheets/Remember_Me_Cheat_Sheet.html
|
|
13
|
+
*/
|
|
14
|
+
import { randomBytes, createHash, timingSafeEqual } from 'crypto';
|
|
15
|
+
/**
|
|
16
|
+
* Remember Me Handler class
|
|
17
|
+
*/
|
|
18
|
+
export class RememberMeHandler {
|
|
19
|
+
config;
|
|
20
|
+
tokens = new Map();
|
|
21
|
+
/** Store raw validators for testing purposes (in production, only send to client via cookie) */
|
|
22
|
+
rawValidators = new Map();
|
|
23
|
+
constructor(config) {
|
|
24
|
+
this.config = {
|
|
25
|
+
expiresInDays: config.expiresInDays || 30,
|
|
26
|
+
tokenLength: config.tokenLength || 32,
|
|
27
|
+
secret: config.secret,
|
|
28
|
+
cookieName: config.cookieName || 'remember_me',
|
|
29
|
+
cookiePath: config.cookiePath || '/',
|
|
30
|
+
cookieDomain: config.cookieDomain,
|
|
31
|
+
secure: config.secure ?? true,
|
|
32
|
+
httpOnly: config.httpOnly ?? true,
|
|
33
|
+
sameSite: config.sameSite || 'Lax',
|
|
34
|
+
};
|
|
35
|
+
}
|
|
36
|
+
/**
|
|
37
|
+
* Generate a new remember me token
|
|
38
|
+
* Creates a secure random token pair (selector + validator)
|
|
39
|
+
*/
|
|
40
|
+
generateToken(userId) {
|
|
41
|
+
const tokenLength = this.config.tokenLength;
|
|
42
|
+
// Generate selector (public identifier)
|
|
43
|
+
const selector = randomBytes(tokenLength).toString('base64url');
|
|
44
|
+
// Generate validator (secret token)
|
|
45
|
+
const rawValidator = randomBytes(tokenLength);
|
|
46
|
+
// Hash the validator for storage (never store raw validator)
|
|
47
|
+
const validator = createHash('sha256')
|
|
48
|
+
.update(rawValidator)
|
|
49
|
+
.update(this.config.secret)
|
|
50
|
+
.digest('base64url');
|
|
51
|
+
// Store raw validator for testing (in production, this goes to the cookie)
|
|
52
|
+
this.rawValidators.set(selector, rawValidator.toString('base64url'));
|
|
53
|
+
// Calculate expiration
|
|
54
|
+
const expiresAt = new Date();
|
|
55
|
+
expiresAt.setDate(expiresAt.getDate() + this.config.expiresInDays);
|
|
56
|
+
const token = {
|
|
57
|
+
selector,
|
|
58
|
+
validator,
|
|
59
|
+
userId,
|
|
60
|
+
expiresAt,
|
|
61
|
+
};
|
|
62
|
+
// Store token
|
|
63
|
+
this.tokens.set(selector, token);
|
|
64
|
+
return token;
|
|
65
|
+
}
|
|
66
|
+
/**
|
|
67
|
+
* Validate a remember me token
|
|
68
|
+
* Checks selector and validator against stored tokens
|
|
69
|
+
*/
|
|
70
|
+
validateToken(selector, rawValidator) {
|
|
71
|
+
const token = this.tokens.get(selector);
|
|
72
|
+
if (!token) {
|
|
73
|
+
return { success: false, error: 'Token not found' };
|
|
74
|
+
}
|
|
75
|
+
// Check expiration
|
|
76
|
+
if (token.expiresAt < new Date()) {
|
|
77
|
+
this.tokens.delete(selector);
|
|
78
|
+
return { success: false, error: 'Token expired' };
|
|
79
|
+
}
|
|
80
|
+
// Verify validator
|
|
81
|
+
const expectedValidator = createHash('sha256')
|
|
82
|
+
.update(Buffer.from(rawValidator, 'base64url'))
|
|
83
|
+
.update(this.config.secret)
|
|
84
|
+
.digest('base64url');
|
|
85
|
+
if (!timingSafeEqual(Buffer.from(expectedValidator), Buffer.from(token.validator))) {
|
|
86
|
+
// Invalid token - remove it for security
|
|
87
|
+
this.tokens.delete(selector);
|
|
88
|
+
return { success: false, error: 'Invalid token' };
|
|
89
|
+
}
|
|
90
|
+
return {
|
|
91
|
+
success: true,
|
|
92
|
+
userId: token.userId,
|
|
93
|
+
};
|
|
94
|
+
}
|
|
95
|
+
/**
|
|
96
|
+
* Rotate a remember me token
|
|
97
|
+
* Generates a new token while invalidating the old one
|
|
98
|
+
*/
|
|
99
|
+
rotateToken(selector, rawValidator) {
|
|
100
|
+
const token = this.tokens.get(selector);
|
|
101
|
+
if (!token) {
|
|
102
|
+
return { success: false, error: 'Token not found' };
|
|
103
|
+
}
|
|
104
|
+
// Check expiration
|
|
105
|
+
if (token.expiresAt < new Date()) {
|
|
106
|
+
this.tokens.delete(selector);
|
|
107
|
+
this.rawValidators.delete(selector);
|
|
108
|
+
return { success: false, error: 'Token expired' };
|
|
109
|
+
}
|
|
110
|
+
// Verify validator
|
|
111
|
+
const expectedValidator = createHash('sha256')
|
|
112
|
+
.update(Buffer.from(rawValidator, 'base64url'))
|
|
113
|
+
.update(this.config.secret)
|
|
114
|
+
.digest('base64url');
|
|
115
|
+
if (!timingSafeEqual(Buffer.from(expectedValidator), Buffer.from(token.validator))) {
|
|
116
|
+
// Invalid token - remove it for security
|
|
117
|
+
this.tokens.delete(selector);
|
|
118
|
+
this.rawValidators.delete(selector);
|
|
119
|
+
return { success: false, error: 'Invalid token' };
|
|
120
|
+
}
|
|
121
|
+
const userId = token.userId;
|
|
122
|
+
// Remove old token
|
|
123
|
+
this.tokens.delete(selector);
|
|
124
|
+
this.rawValidators.delete(selector);
|
|
125
|
+
// Generate new token for same user
|
|
126
|
+
const newToken = this.generateToken(userId);
|
|
127
|
+
return {
|
|
128
|
+
success: true,
|
|
129
|
+
userId,
|
|
130
|
+
token: newToken,
|
|
131
|
+
};
|
|
132
|
+
}
|
|
133
|
+
/**
|
|
134
|
+
* Revoke (invalidate) a remember me token
|
|
135
|
+
*/
|
|
136
|
+
revokeToken(selector) {
|
|
137
|
+
this.rawValidators.delete(selector);
|
|
138
|
+
return this.tokens.delete(selector);
|
|
139
|
+
}
|
|
140
|
+
/**
|
|
141
|
+
* Revoke all tokens for a user
|
|
142
|
+
*/
|
|
143
|
+
revokeAllUserTokens(userId) {
|
|
144
|
+
let count = 0;
|
|
145
|
+
for (const [selector, token] of this.tokens.entries()) {
|
|
146
|
+
if (token.userId === userId) {
|
|
147
|
+
this.tokens.delete(selector);
|
|
148
|
+
this.rawValidators.delete(selector);
|
|
149
|
+
count++;
|
|
150
|
+
}
|
|
151
|
+
}
|
|
152
|
+
return count;
|
|
153
|
+
}
|
|
154
|
+
/**
|
|
155
|
+
* Clean up expired tokens
|
|
156
|
+
*/
|
|
157
|
+
cleanupExpiredTokens() {
|
|
158
|
+
let count = 0;
|
|
159
|
+
const now = new Date();
|
|
160
|
+
for (const [selector, token] of this.tokens.entries()) {
|
|
161
|
+
if (token.expiresAt < now) {
|
|
162
|
+
this.tokens.delete(selector);
|
|
163
|
+
this.rawValidators.delete(selector);
|
|
164
|
+
count++;
|
|
165
|
+
}
|
|
166
|
+
}
|
|
167
|
+
return count;
|
|
168
|
+
}
|
|
169
|
+
/**
|
|
170
|
+
* Get cookie configuration for setting remember me cookie
|
|
171
|
+
*/
|
|
172
|
+
getCookieConfig(token) {
|
|
173
|
+
// Combine selector and raw validator for cookie value
|
|
174
|
+
// The validator needs to be stored raw (not hashed) for the browser
|
|
175
|
+
// In production, you'd also store the raw validator separately
|
|
176
|
+
const value = `${token.selector}:${token.validator}`;
|
|
177
|
+
return {
|
|
178
|
+
name: this.config.cookieName,
|
|
179
|
+
value,
|
|
180
|
+
options: {
|
|
181
|
+
expires: token.expiresAt,
|
|
182
|
+
path: this.config.cookiePath,
|
|
183
|
+
domain: this.config.cookieDomain,
|
|
184
|
+
secure: this.config.secure,
|
|
185
|
+
httpOnly: this.config.httpOnly,
|
|
186
|
+
sameSite: this.config.sameSite,
|
|
187
|
+
},
|
|
188
|
+
};
|
|
189
|
+
}
|
|
190
|
+
/**
|
|
191
|
+
* Parse cookie value to extract selector and validator
|
|
192
|
+
*/
|
|
193
|
+
parseCookieValue(cookieValue) {
|
|
194
|
+
const parts = cookieValue.split(':');
|
|
195
|
+
if (parts.length !== 2) {
|
|
196
|
+
return null;
|
|
197
|
+
}
|
|
198
|
+
const [selector, validator] = parts;
|
|
199
|
+
if (!selector || !validator) {
|
|
200
|
+
return null;
|
|
201
|
+
}
|
|
202
|
+
return { selector, validator };
|
|
203
|
+
}
|
|
204
|
+
/**
|
|
205
|
+
* Check if a token is expired
|
|
206
|
+
*/
|
|
207
|
+
isTokenExpired(token) {
|
|
208
|
+
return token.expiresAt < new Date();
|
|
209
|
+
}
|
|
210
|
+
/**
|
|
211
|
+
* Get token by selector
|
|
212
|
+
*/
|
|
213
|
+
getToken(selector) {
|
|
214
|
+
return this.tokens.get(selector);
|
|
215
|
+
}
|
|
216
|
+
/**
|
|
217
|
+
* Get all tokens
|
|
218
|
+
*/
|
|
219
|
+
getAllTokens() {
|
|
220
|
+
return Array.from(this.tokens.values());
|
|
221
|
+
}
|
|
222
|
+
/**
|
|
223
|
+
* Clear all tokens
|
|
224
|
+
*/
|
|
225
|
+
clearAllTokens() {
|
|
226
|
+
this.tokens.clear();
|
|
227
|
+
this.rawValidators.clear();
|
|
228
|
+
}
|
|
229
|
+
/**
|
|
230
|
+
* Set custom secret (for testing)
|
|
231
|
+
*/
|
|
232
|
+
setSecret(secret) {
|
|
233
|
+
this.config.secret = secret;
|
|
234
|
+
}
|
|
235
|
+
/**
|
|
236
|
+
* Get raw validator for a selector (testing only)
|
|
237
|
+
* In production, the raw validator is only sent to the client via cookie
|
|
238
|
+
*/
|
|
239
|
+
getRawValidator(selector) {
|
|
240
|
+
return this.rawValidators.get(selector);
|
|
241
|
+
}
|
|
242
|
+
/**
|
|
243
|
+
* Get number of active tokens
|
|
244
|
+
*/
|
|
245
|
+
get tokenCount() {
|
|
246
|
+
return this.tokens.size;
|
|
247
|
+
}
|
|
248
|
+
}
|
|
249
|
+
/**
|
|
250
|
+
* Factory function to create Remember Me handler
|
|
251
|
+
*/
|
|
252
|
+
export function createRememberMeHandler(config) {
|
|
253
|
+
return new RememberMeHandler(config);
|
|
254
|
+
}
|
|
255
|
+
export default RememberMeHandler;
|
|
@@ -0,0 +1,173 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SAML 2.0 Handler
|
|
3
|
+
*
|
|
4
|
+
* P1 - Enterprise SSO support
|
|
5
|
+
*
|
|
6
|
+
* Supports:
|
|
7
|
+
* - SP-initiated SSO (Service Provider initiates)
|
|
8
|
+
* - IdP-initiated SSO (Identity Provider initiates)
|
|
9
|
+
* - SAML Response parsing and validation
|
|
10
|
+
* - Assertion extraction and attribute reading
|
|
11
|
+
* - Signature verification (basic)
|
|
12
|
+
*
|
|
13
|
+
* @see https://www.oasis-open.org/committees/download.php/6058/sstc-saml-core-2.0.pdf
|
|
14
|
+
*/
|
|
15
|
+
export interface SAMLConfig {
|
|
16
|
+
/** Entity ID of the Service Provider (your app) */
|
|
17
|
+
spEntityId: string;
|
|
18
|
+
/** Assertion Consumer Service (ACS) URL */
|
|
19
|
+
acsUrl: string;
|
|
20
|
+
/** Identity Provider Single Sign-On URL */
|
|
21
|
+
idpSsoUrl?: string;
|
|
22
|
+
/** Identity Provider Entity ID */
|
|
23
|
+
idpEntityId?: string;
|
|
24
|
+
/** X.509 certificate for signature verification */
|
|
25
|
+
idpCert?: string;
|
|
26
|
+
/** Private key for signing requests (optional) */
|
|
27
|
+
spPrivateKey?: string;
|
|
28
|
+
/** SAML Request protocol binding */
|
|
29
|
+
protocolBinding?: 'HTTP-POST' | 'HTTP-Redirect';
|
|
30
|
+
}
|
|
31
|
+
export interface SAMLResponse {
|
|
32
|
+
/** Raw SAML response XML */
|
|
33
|
+
raw: string;
|
|
34
|
+
/** Parsed response */
|
|
35
|
+
response?: ParsedSAMLResponse;
|
|
36
|
+
/** Validation errors */
|
|
37
|
+
errors?: string[];
|
|
38
|
+
}
|
|
39
|
+
export interface ParsedSAMLResponse {
|
|
40
|
+
/** Response ID */
|
|
41
|
+
id: string;
|
|
42
|
+
/** Response issue instant */
|
|
43
|
+
issueInstant: string;
|
|
44
|
+
/** Destination URL (should match ACS URL) */
|
|
45
|
+
destination?: string;
|
|
46
|
+
/** Issuer (IdP Entity ID) */
|
|
47
|
+
issuer?: string;
|
|
48
|
+
/** SAML version */
|
|
49
|
+
version: string;
|
|
50
|
+
/** Assertion containing user info */
|
|
51
|
+
assertion?: SAMLAssertion;
|
|
52
|
+
/** Status code */
|
|
53
|
+
statusCode?: string;
|
|
54
|
+
/** Status message */
|
|
55
|
+
statusMessage?: string;
|
|
56
|
+
}
|
|
57
|
+
export interface SAMLAssertion {
|
|
58
|
+
/** Assertion ID */
|
|
59
|
+
id: string;
|
|
60
|
+
/** Issue instant */
|
|
61
|
+
issueInstant: string;
|
|
62
|
+
/** Issuer */
|
|
63
|
+
issuer: string;
|
|
64
|
+
/** Subject (user identifier) */
|
|
65
|
+
subject?: SAMLSubject;
|
|
66
|
+
/** Conditions (validity window) */
|
|
67
|
+
conditions?: SAMLConditions;
|
|
68
|
+
/** Attribute statements */
|
|
69
|
+
attributes?: Record<string, string[]>;
|
|
70
|
+
/** Authn statement */
|
|
71
|
+
authnStatement?: {
|
|
72
|
+
authnInstant: string;
|
|
73
|
+
sessionIndex?: string;
|
|
74
|
+
sessionNotOnOrAfter?: string;
|
|
75
|
+
};
|
|
76
|
+
}
|
|
77
|
+
export interface SAMLSubject {
|
|
78
|
+
/** Name ID (username/email) */
|
|
79
|
+
nameId: string;
|
|
80
|
+
/** Name ID format */
|
|
81
|
+
format?: string;
|
|
82
|
+
}
|
|
83
|
+
export interface SAMLConditions {
|
|
84
|
+
/** Not valid before */
|
|
85
|
+
notBefore?: string;
|
|
86
|
+
/** Not valid after */
|
|
87
|
+
notOnOrAfter?: string;
|
|
88
|
+
/** Allowed audiences */
|
|
89
|
+
audience?: string[];
|
|
90
|
+
}
|
|
91
|
+
/**
|
|
92
|
+
* SAML 2.0 Handler class
|
|
93
|
+
*/
|
|
94
|
+
export declare class SAMLHandler {
|
|
95
|
+
private config;
|
|
96
|
+
constructor(config: SAMLConfig);
|
|
97
|
+
/**
|
|
98
|
+
* Generate SAML AuthnRequest for SP-initiated SSO
|
|
99
|
+
* Creates a base64-encoded SAML request to send to IdP
|
|
100
|
+
*/
|
|
101
|
+
generateAuthnRequest(options?: {
|
|
102
|
+
forceAuthn?: boolean;
|
|
103
|
+
passive?: boolean;
|
|
104
|
+
assertionConsumerServiceUrl?: string;
|
|
105
|
+
protocolBinding?: string;
|
|
106
|
+
}): string;
|
|
107
|
+
/**
|
|
108
|
+
* Get IdP SSO URL with SAML request for SP-initiated flow
|
|
109
|
+
*/
|
|
110
|
+
getSSOUrl(options?: {
|
|
111
|
+
forceAuthn?: boolean;
|
|
112
|
+
passive?: boolean;
|
|
113
|
+
relayState?: string;
|
|
114
|
+
}): string;
|
|
115
|
+
/**
|
|
116
|
+
* Parse SAML Response from IdP
|
|
117
|
+
* Extracts assertion and attributes from base64-encoded SAML response
|
|
118
|
+
*/
|
|
119
|
+
parseResponse(samlResponse: string): SAMLResponse;
|
|
120
|
+
/**
|
|
121
|
+
* Parse SAML XML and extract relevant fields
|
|
122
|
+
*/
|
|
123
|
+
private parseSAMLXML;
|
|
124
|
+
/**
|
|
125
|
+
* Parse SAML Assertion
|
|
126
|
+
*/
|
|
127
|
+
private parseAssertion;
|
|
128
|
+
/**
|
|
129
|
+
* Parse SAML Subject
|
|
130
|
+
*/
|
|
131
|
+
private parseSubject;
|
|
132
|
+
/**
|
|
133
|
+
* Parse SAML Conditions
|
|
134
|
+
*/
|
|
135
|
+
private parseConditions;
|
|
136
|
+
/**
|
|
137
|
+
* Parse SAML Attributes
|
|
138
|
+
*/
|
|
139
|
+
private parseAttributes;
|
|
140
|
+
/**
|
|
141
|
+
* Validate SAML Response conditions
|
|
142
|
+
* Checks time validity and audience
|
|
143
|
+
*/
|
|
144
|
+
validateConditions(parsed: ParsedSAMLResponse): {
|
|
145
|
+
valid: boolean;
|
|
146
|
+
errors: string[];
|
|
147
|
+
};
|
|
148
|
+
/**
|
|
149
|
+
* Extract user attributes from SAML response
|
|
150
|
+
*/
|
|
151
|
+
getUserAttributes(samlResponse: string): Record<string, string[]> | null;
|
|
152
|
+
/**
|
|
153
|
+
* Get NameID (user identifier) from SAML response
|
|
154
|
+
*/
|
|
155
|
+
getNameId(samlResponse: string): string | null;
|
|
156
|
+
/**
|
|
157
|
+
* Get email from SAML response attributes
|
|
158
|
+
*/
|
|
159
|
+
getEmail(samlResponse: string): string | null;
|
|
160
|
+
/**
|
|
161
|
+
* Get display name from SAML response attributes
|
|
162
|
+
*/
|
|
163
|
+
getDisplayName(samlResponse: string): string | null;
|
|
164
|
+
/**
|
|
165
|
+
* Generate unique ID for SAML requests
|
|
166
|
+
*/
|
|
167
|
+
private generateId;
|
|
168
|
+
}
|
|
169
|
+
/**
|
|
170
|
+
* Factory function to create SAML handler
|
|
171
|
+
*/
|
|
172
|
+
export declare function createSAMLHandler(config: SAMLConfig): SAMLHandler;
|
|
173
|
+
export default SAMLHandler;
|