sunuid-sdk 1.0.55 → 1.0.56
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/sunuid-sdk.esm.js +53 -33
- package/dist/sunuid-sdk.esm.js.map +1 -1
- package/dist/sunuid-sdk.js +53 -33
- package/dist/sunuid-sdk.js.map +1 -1
- package/dist/sunuid-sdk.min.js +3 -3
- package/dist/sunuid-sdk.min.js.map +1 -1
- package/package.json +1 -1
package/dist/sunuid-sdk.js
CHANGED
|
@@ -481,7 +481,7 @@
|
|
|
481
481
|
key: "secureInit",
|
|
482
482
|
value: (function () {
|
|
483
483
|
var _secureInit = _asyncToGenerator(/*#__PURE__*/_regenerator().m(function _callee3() {
|
|
484
|
-
var initData, response, result, decodedToken, _t2;
|
|
484
|
+
var _result$response, _result$response2, _result$data, _result$response3, _result$data2, _result$response4, _result$data3, initData, response, result, token, decodedToken, clientId, secretId, apiUrl, _t2;
|
|
485
485
|
return _regenerator().w(function (_context3) {
|
|
486
486
|
while (1) switch (_context3.p = _context3.n) {
|
|
487
487
|
case 0:
|
|
@@ -520,44 +520,56 @@
|
|
|
520
520
|
}
|
|
521
521
|
throw new Error(result.error || 'Erreur lors de l\'initialisation sécurisée');
|
|
522
522
|
case 4:
|
|
523
|
-
//
|
|
524
|
-
|
|
525
|
-
|
|
523
|
+
// Extraire le token depuis différents chemins possibles
|
|
524
|
+
token = (result === null || result === void 0 || (_result$response = result.response) === null || _result$response === void 0 || (_result$response = _result$response.response) === null || _result$response === void 0 ? void 0 : _result$response.token) || (result === null || result === void 0 || (_result$response2 = result.response) === null || _result$response2 === void 0 ? void 0 : _result$response2.token) || (result === null || result === void 0 || (_result$data = result.data) === null || _result$data === void 0 ? void 0 : _result$data.token) || (result === null || result === void 0 ? void 0 : result.token);
|
|
525
|
+
if (!(!token || typeof token !== 'string')) {
|
|
526
|
+
_context3.n = 5;
|
|
527
|
+
break;
|
|
528
|
+
}
|
|
529
|
+
throw new Error('Token non trouvé dans la réponse');
|
|
530
|
+
case 5:
|
|
531
|
+
// Stocker le token
|
|
532
|
+
this.config.token = token;
|
|
526
533
|
|
|
527
534
|
// Décoder le token pour récupérer les credentials
|
|
528
|
-
decodedToken = this.decodeSecureToken(
|
|
535
|
+
decodedToken = this.decodeSecureToken(token);
|
|
529
536
|
if (!decodedToken) {
|
|
530
|
-
_context3.n =
|
|
537
|
+
_context3.n = 6;
|
|
531
538
|
break;
|
|
532
539
|
}
|
|
533
|
-
|
|
534
|
-
|
|
535
|
-
|
|
540
|
+
clientId = decodedToken.clientId || decodedToken.client_id;
|
|
541
|
+
secretId = decodedToken.secretId || decodedToken.secret_id;
|
|
542
|
+
apiUrl = decodedToken.apiUrl || decodedToken.api_url;
|
|
543
|
+
if (clientId) this.config.clientId = clientId;
|
|
544
|
+
if (secretId) this.config.secretId = secretId;
|
|
545
|
+
if (apiUrl) this.config.apiUrl = apiUrl;
|
|
546
|
+
_context3.n = 7;
|
|
536
547
|
break;
|
|
537
|
-
case 5:
|
|
538
|
-
throw new Error('Impossible de décoder le token sécurisé');
|
|
539
548
|
case 6:
|
|
540
|
-
|
|
541
|
-
|
|
549
|
+
throw new Error('Impossible de décoder le token sécurisé');
|
|
550
|
+
case 7:
|
|
551
|
+
// Récupérer expiration et limites depuis la réponse si présentes
|
|
552
|
+
this.config.expiresIn = (result === null || result === void 0 || (_result$response3 = result.response) === null || _result$response3 === void 0 ? void 0 : _result$response3.expires_in) || (result === null || result === void 0 || (_result$data2 = result.data) === null || _result$data2 === void 0 ? void 0 : _result$data2.expires_in) || (result === null || result === void 0 ? void 0 : result.expires_in) || this.config.expiresIn;
|
|
553
|
+
this.config.maxRequests = (result === null || result === void 0 || (_result$response4 = result.response) === null || _result$response4 === void 0 ? void 0 : _result$response4.max_requests) || (result === null || result === void 0 || (_result$data3 = result.data) === null || _result$data3 === void 0 ? void 0 : _result$data3.max_requests) || (result === null || result === void 0 ? void 0 : result.max_requests) || this.config.maxRequests;
|
|
542
554
|
this.config.requestCount = 0;
|
|
543
555
|
this.logSecurityEvent('SECURE_INIT_SUCCESS', {
|
|
544
|
-
expiresIn:
|
|
545
|
-
maxRequests:
|
|
556
|
+
expiresIn: this.config.expiresIn,
|
|
557
|
+
maxRequests: this.config.maxRequests
|
|
546
558
|
});
|
|
547
559
|
console.log('✅ Initialisation sécurisée réussie');
|
|
548
|
-
_context3.n =
|
|
560
|
+
_context3.n = 9;
|
|
549
561
|
break;
|
|
550
|
-
case
|
|
551
|
-
_context3.p =
|
|
562
|
+
case 8:
|
|
563
|
+
_context3.p = 8;
|
|
552
564
|
_t2 = _context3.v;
|
|
553
565
|
this.logSecurityEvent('SECURE_INIT_ERROR', {
|
|
554
566
|
error: _t2.message
|
|
555
567
|
});
|
|
556
568
|
throw new Error("\xC9chec de l'initialisation s\xE9curis\xE9e: ".concat(_t2.message));
|
|
557
|
-
case
|
|
569
|
+
case 9:
|
|
558
570
|
return _context3.a(2);
|
|
559
571
|
}
|
|
560
|
-
}, _callee3, this, [[0,
|
|
572
|
+
}, _callee3, this, [[0, 8]]);
|
|
561
573
|
}));
|
|
562
574
|
function secureInit() {
|
|
563
575
|
return _secureInit.apply(this, arguments);
|
|
@@ -572,21 +584,29 @@
|
|
|
572
584
|
key: "decodeSecureToken",
|
|
573
585
|
value: function decodeSecureToken(token) {
|
|
574
586
|
try {
|
|
575
|
-
|
|
576
|
-
if (parts.length !== 2) {
|
|
577
|
-
console.error('❌ Format de token invalide');
|
|
578
|
-
return null;
|
|
579
|
-
}
|
|
580
|
-
var _parts = _slicedToArray(parts, 2),
|
|
581
|
-
payload = _parts[0],
|
|
582
|
-
signature = _parts[1];
|
|
587
|
+
if (!token || typeof token !== 'string') return null;
|
|
583
588
|
|
|
584
|
-
//
|
|
585
|
-
var
|
|
586
|
-
|
|
589
|
+
// Helper: décodage base64/base64url avec padding
|
|
590
|
+
var decodeBase64Any = function decodeBase64Any(str) {
|
|
591
|
+
var s = String(str).replace(/-/g, '+').replace(/_/g, '/');
|
|
592
|
+
while (s.length % 4 !== 0) s += '=';
|
|
593
|
+
return atob(s);
|
|
594
|
+
};
|
|
595
|
+
var tokenData = null;
|
|
596
|
+
if (token.includes('.')) {
|
|
597
|
+
// JWT-like: header.payload.signature ou header.payload
|
|
598
|
+
var parts = token.split('.');
|
|
599
|
+
var payloadPart = parts.length >= 2 ? parts[1] : parts[0];
|
|
600
|
+
var json = decodeBase64Any(payloadPart);
|
|
601
|
+
tokenData = JSON.parse(json);
|
|
602
|
+
} else {
|
|
603
|
+
// Base64("{json}") simple
|
|
604
|
+
var _json = decodeBase64Any(token);
|
|
605
|
+
tokenData = JSON.parse(_json);
|
|
606
|
+
}
|
|
587
607
|
|
|
588
|
-
// Vérifier l'expiration
|
|
589
|
-
if (tokenData.exp && tokenData.exp < Date.now() / 1000) {
|
|
608
|
+
// Vérifier l'expiration (en secondes)
|
|
609
|
+
if (tokenData && tokenData.exp && Number(tokenData.exp) < Math.floor(Date.now() / 1000)) {
|
|
590
610
|
console.error('❌ Token expiré');
|
|
591
611
|
return null;
|
|
592
612
|
}
|