verdaccio-okta-oauth 30.3.1 → 31.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/cli.js +9 -11
  2. package/dist/cli.js.map +1 -1
  3. package/dist/index.js +94 -112
  4. package/dist/index.js.map +1 -1
  5. package/dist/secrets.js +23 -24
  6. package/dist/secrets.js.map +1 -1
  7. package/package.json +3 -3
package/dist/cli.js CHANGED
@@ -1,24 +1,21 @@
1
- var _a;
2
- /* eslint-disable @typescript-eslint/naming-convention */
3
- import url from 'url';
1
+ /* eslint-disable @typescript-eslint/naming-convention */ import url from 'url';
4
2
  import http from 'http';
5
3
  import open from 'open';
6
4
  import yargs from 'yargs';
7
5
  import { hideBin } from 'yargs/helpers';
8
6
  import { execSync } from 'child_process';
9
7
  const argv = yargs(hideBin(process.argv)).argv;
10
- const registry = ((_a = argv.registry) !== null && _a !== void 0 ? _a : execSync('npm config get registry').toString())
11
- .trim()
12
- .replace(/\/?$/, '/');
8
+ var _argv_registry;
9
+ const registry = ((_argv_registry = argv.registry) !== null && _argv_registry !== void 0 ? _argv_registry : execSync('npm config get registry').toString()).trim().replace(/\/?$/, '/');
13
10
  if (registry.includes('registry.npmjs.org')) {
14
11
  throw new Error('This is incompatible with the default npm repository.');
15
12
  }
16
13
  open(registry + 'oauth/authorize');
17
- http.createServer((req, res) => {
14
+ http.createServer((req, res)=>{
18
15
  if (!req.url) {
19
16
  throw new Error('Request URL is not defined!');
20
17
  }
21
- const { query: { username, jwt_token, npm_token, redirect_uri }, } = url.parse(req.url, true);
18
+ const { query: { username, jwt_token, npm_token, redirect_uri } } = url.parse(req.url, true);
22
19
  if (typeof username !== 'string') {
23
20
  throw new Error('"username" should be a string value!');
24
21
  }
@@ -36,11 +33,12 @@ http.createServer((req, res) => {
36
33
  res.writeHead(302, {
37
34
  Location: `${redirect_uri}?${new URLSearchParams({
38
35
  username,
39
- token: jwt_token,
40
- }).toString()}`,
36
+ token: jwt_token
37
+ }).toString()}`
41
38
  });
42
- res.end(() => {
39
+ res.end(()=>{
43
40
  process.exit(0);
44
41
  });
45
42
  }).listen(8239);
43
+
46
44
  //# sourceMappingURL=cli.js.map
package/dist/cli.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAAA,yDAAyD;AACzD,OAAO,GAAG,MAAM,KAAK,CAAC;AACtB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,KAAoB,MAAM,OAAO,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAEzC,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAwC,CAAC;AAEnF,MAAM,QAAQ,GAAG,CAAC,MAAA,IAAI,CAAC,QAAQ,mCAAI,QAAQ,CAAC,yBAAyB,CAAC,CAAC,QAAQ,EAAE,CAAC;KAC7E,IAAI,EAAE;KACN,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;AAE1B,IAAI,QAAQ,CAAC,QAAQ,CAAC,oBAAoB,CAAC,EAAE,CAAC;IAC1C,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;AAC7E,CAAC;AAED,IAAI,CAAC,QAAQ,GAAG,iBAAiB,CAAC,CAAC;AAEnC,IAAI,CAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IAC3B,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;IACnD,CAAC;IAED,MAAM,EACF,KAAK,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,YAAY,EAAE,GAC1D,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IAE7B,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC5D,CAAC;IAED,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC7D,CAAC;IAED,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC7D,CAAC;IAED,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC;IAE7C,QAAQ,CAAC,oBAAoB,IAAI,GAAG,QAAQ,gBAAgB,SAAS,GAAG,CAAC,CAAC;IAE1E,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE;QACf,QAAQ,EAAE,GAAG,YAAY,IAAI,IAAI,eAAe,CAAC;YAC7C,QAAQ;YACR,KAAK,EAAE,SAAS;SACnB,CAAC,CAAC,QAAQ,EAAE,EAAE;KAClB,CAAC,CAAC;IACH,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE;QACT,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC,CAAC,CAAC;AACP,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC"}
1
+ {"version":3,"sources":["../src/cli.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/naming-convention */\nimport url from 'url';\nimport http from 'http';\nimport open from 'open';\nimport yargs, { Arguments } from 'yargs';\nimport { hideBin } from 'yargs/helpers';\nimport { execSync } from 'child_process';\n\nconst argv = yargs(hideBin(process.argv)).argv as Arguments<{ registry?: string }>;\n\nconst registry = (argv.registry ?? execSync('npm config get registry').toString())\n .trim()\n .replace(/\\/?$/, '/');\n\nif (registry.includes('registry.npmjs.org')) {\n throw new Error('This is incompatible with the default npm repository.');\n}\n\nopen(registry + 'oauth/authorize');\n\nhttp.createServer((req, res) => {\n if (!req.url) {\n throw new Error('Request URL is not defined!');\n }\n\n const {\n query: { username, jwt_token, npm_token, redirect_uri },\n } = url.parse(req.url, true);\n\n if (typeof username !== 'string') {\n throw new Error('\"username\" should be a string value!');\n }\n\n if (typeof jwt_token !== 'string') {\n throw new Error('\"jwt_token\" should be a string value!');\n }\n\n if (typeof npm_token !== 'string') {\n throw new Error('\"npm_token\" should be a string value!');\n }\n\n if (typeof redirect_uri !== 'string') {\n throw new Error('\"redirect_uri\" should be a string value!');\n }\n\n const { host, pathname } = new URL(registry);\n\n execSync(`npm config set //${host}${pathname}:_authToken \"${npm_token}\"`);\n\n res.writeHead(302, {\n Location: `${redirect_uri}?${new URLSearchParams({\n username,\n token: jwt_token,\n }).toString()}`,\n });\n res.end(() => {\n process.exit(0);\n });\n}).listen(8239);\n"],"names":["url","http","open","yargs","hideBin","execSync","argv","process","registry","toString","trim","replace","includes","Error","createServer","req","res","query","username","jwt_token","npm_token","redirect_uri","parse","host","pathname","URL","writeHead","Location","URLSearchParams","token","end","exit","listen"],"mappings":"AAAA,uDAAuD,GACvD,OAAOA,SAAS,MAAM;AACtB,OAAOC,UAAU,OAAO;AACxB,OAAOC,UAAU,OAAO;AACxB,OAAOC,WAA0B,QAAQ;AACzC,SAASC,OAAO,QAAQ,gBAAgB;AACxC,SAASC,QAAQ,QAAQ,gBAAgB;AAEzC,MAAMC,OAAOH,MAAMC,QAAQG,QAAQD,IAAI,GAAGA,IAAI;IAE5BA;AAAlB,MAAME,WAAW,AAACF,CAAAA,CAAAA,iBAAAA,KAAKE,QAAQ,cAAbF,4BAAAA,iBAAiBD,SAAS,2BAA2BI,QAAQ,EAAC,EAC3EC,IAAI,GACJC,OAAO,CAAC,QAAQ;AAErB,IAAIH,SAASI,QAAQ,CAAC,uBAAuB;IACzC,MAAM,IAAIC,MAAM;AACpB;AAEAX,KAAKM,WAAW;AAEhBP,KAAKa,YAAY,CAAC,CAACC,KAAKC;IACpB,IAAI,CAACD,IAAIf,GAAG,EAAE;QACV,MAAM,IAAIa,MAAM;IACpB;IAEA,MAAM,EACFI,OAAO,EAAEC,QAAQ,EAAEC,SAAS,EAAEC,SAAS,EAAEC,YAAY,EAAE,EAC1D,GAAGrB,IAAIsB,KAAK,CAACP,IAAIf,GAAG,EAAE;IAEvB,IAAI,OAAOkB,aAAa,UAAU;QAC9B,MAAM,IAAIL,MAAM;IACpB;IAEA,IAAI,OAAOM,cAAc,UAAU;QAC/B,MAAM,IAAIN,MAAM;IACpB;IAEA,IAAI,OAAOO,cAAc,UAAU;QAC/B,MAAM,IAAIP,MAAM;IACpB;IAEA,IAAI,OAAOQ,iBAAiB,UAAU;QAClC,MAAM,IAAIR,MAAM;IACpB;IAEA,MAAM,EAAEU,IAAI,EAAEC,QAAQ,EAAE,GAAG,IAAIC,IAAIjB;IAEnCH,SAAS,CAAC,iBAAiB,EAAEkB,OAAOC,SAAS,aAAa,EAAEJ,UAAU,CAAC,CAAC;IAExEJ,IAAIU,SAAS,CAAC,KAAK;QACfC,UAAU,GAAGN,aAAa,CAAC,EAAE,IAAIO,gBAAgB;YAC7CV;YACAW,OAAOV;QACX,GAAGV,QAAQ,IAAI;IACnB;IACAO,IAAIc,GAAG,CAAC;QACJvB,QAAQwB,IAAI,CAAC;IACjB;AACJ,GAAGC,MAAM,CAAC"}
package/dist/index.js CHANGED
@@ -1,114 +1,55 @@
1
- /* eslint-disable @typescript-eslint/naming-convention */
1
+ /* eslint-disable @typescript-eslint/naming-convention */ function _define_property(obj, key, value) {
2
+ if (key in obj) {
3
+ Object.defineProperty(obj, key, {
4
+ value: value,
5
+ enumerable: true,
6
+ configurable: true,
7
+ writable: true
8
+ });
9
+ } else {
10
+ obj[key] = value;
11
+ }
12
+ return obj;
13
+ }
2
14
  import axios from 'axios';
3
15
  import crypto from 'crypto';
4
16
  import Cache from 'node-cache';
5
17
  import { v4 as uuid } from 'uuid';
6
18
  import { Secrets } from './secrets.js';
7
- // eslint-disable-next-line import/no-default-export
8
- export default class OktaOAuth {
9
- constructor({ issuer, client_id, ttl, security, storage }, { logger }) {
10
- var _a, _b;
11
- Object.defineProperty(this, "issuer", {
12
- enumerable: true,
13
- configurable: true,
14
- writable: true,
15
- value: void 0
16
- });
17
- Object.defineProperty(this, "clientId", {
18
- enumerable: true,
19
- configurable: true,
20
- writable: true,
21
- value: void 0
22
- });
23
- Object.defineProperty(this, "cache", {
24
- enumerable: true,
25
- configurable: true,
26
- writable: true,
27
- value: void 0
28
- });
29
- Object.defineProperty(this, "logger", {
30
- enumerable: true,
31
- configurable: true,
32
- writable: true,
33
- value: void 0
34
- });
35
- Object.defineProperty(this, "sign", {
36
- enumerable: true,
37
- configurable: true,
38
- writable: true,
39
- value: void 0
40
- });
41
- Object.defineProperty(this, "storage", {
42
- enumerable: true,
43
- configurable: true,
44
- writable: true,
45
- value: void 0
46
- });
47
- Object.defineProperty(this, "getUserInfo", {
48
- enumerable: true,
49
- configurable: true,
50
- writable: true,
51
- value: async (accessToken) => {
52
- const { issuer } = this;
53
- return (await axios.get(`${issuer}/oauth2/v1/userinfo`, {
54
- headers: { Authorization: `Bearer ${accessToken}` },
55
- })).data;
56
- }
57
- });
58
- Object.defineProperty(this, "getAccessToken", {
59
- enumerable: true,
60
- configurable: true,
61
- writable: true,
62
- value: async (refreshToken) => {
63
- const { clientId, issuer } = this;
64
- return (await axios.post(`${issuer}/oauth2/v1/token`, new URLSearchParams({
65
- client_id: clientId,
66
- grant_type: 'refresh_token',
67
- refresh_token: refreshToken,
68
- }).toString())).data.access_token;
69
- }
70
- });
71
- if (!issuer) {
72
- throw new Error('"issuer" should be defined!');
73
- }
74
- if (!client_id) {
75
- throw new Error('"client_id" should be defined!');
76
- }
77
- this.issuer = issuer;
78
- this.clientId = client_id;
79
- this.cache = new Cache({ stdTTL: ttl !== null && ttl !== void 0 ? ttl : 60 * 60 * 24 });
80
- this.logger = logger;
81
- this.sign = { expiresIn: '7d', ...((_b = (_a = security === null || security === void 0 ? void 0 : security.web) === null || _a === void 0 ? void 0 : _a.sign) !== null && _b !== void 0 ? _b : {}) };
82
- this.storage = storage !== null && storage !== void 0 ? storage : './storage';
83
- }
19
+ class OktaOAuth {
84
20
  async authenticate(user, refreshToken, cb) {
85
21
  if (this.cache.has(user)) {
86
- cb(null, [user]);
22
+ cb(null, [
23
+ user
24
+ ]);
87
25
  return;
88
26
  }
89
27
  try {
90
28
  const accessToken = await this.getAccessToken(refreshToken);
91
29
  const userInfo = await this.getUserInfo(accessToken);
92
30
  this.cache.set(user, userInfo);
93
- cb(null, [user]);
94
- }
95
- catch (_a) {
31
+ cb(null, [
32
+ user
33
+ ]);
34
+ } catch (e) {
96
35
  cb(null, false);
97
36
  }
98
37
  }
99
38
  register_middlewares(app, auth) {
100
39
  const { clientId, issuer } = this;
101
- const getBaseUrl = (req) => {
40
+ const getBaseUrl = (req)=>{
102
41
  return `${req.protocol}://${req.get('host')}`;
103
42
  };
104
- const getCallbackUrl = (req) => {
43
+ const getCallbackUrl = (req)=>{
105
44
  return `${getBaseUrl(req)}/oauth/callback`;
106
45
  };
107
- const secrets = new Secrets({ cwd: this.storage });
46
+ const secrets = new Secrets({
47
+ cwd: this.storage
48
+ });
108
49
  app.enable('trust proxy');
109
- app.use((req, res, next) => {
50
+ app.use((req, res, next)=>{
110
51
  const originalSend = res.send;
111
- res.send = body => {
52
+ res.send = (body)=>{
112
53
  let html = String(body);
113
54
  if (html.includes('__VERDACCIO_BASENAME_UI_OPTIONS')) {
114
55
  const script = [
@@ -121,7 +62,7 @@ export default class OktaOAuth {
121
62
  ` }`,
122
63
  ` window.location.href = '${getBaseUrl(req)}';`,
123
64
  `}`,
124
- `</script>`,
65
+ `</script>`
125
66
  ];
126
67
  html = html.replace(/<\/body>/, script.concat('</body>').join('\n'));
127
68
  }
@@ -129,7 +70,7 @@ export default class OktaOAuth {
129
70
  };
130
71
  next();
131
72
  });
132
- app.use('/oauth/authorize', (req, res) => {
73
+ app.use('/oauth/authorize', (req, res)=>{
133
74
  const state = uuid();
134
75
  const codeVerifier = uuid() + uuid();
135
76
  secrets.set(state, codeVerifier);
@@ -140,17 +81,10 @@ export default class OktaOAuth {
140
81
  scope: 'openid profile email offline_access',
141
82
  redirect_uri: getCallbackUrl(req),
142
83
  code_challenge_method: 'S256',
143
- code_challenge: crypto
144
- .createHash('sha256')
145
- .update(codeVerifier)
146
- .digest('base64')
147
- .replace(/\+/g, '-')
148
- .replace(/\//g, '_')
149
- .replace(/=+$/, ''),
84
+ code_challenge: crypto.createHash('sha256').update(codeVerifier).digest('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '')
150
85
  }).toString()}`);
151
86
  });
152
- app.use('/oauth/callback', async (req, res) => {
153
- var _a;
87
+ app.use('/oauth/callback', async (req, res)=>{
154
88
  const { code, state } = req.query;
155
89
  if (typeof code !== 'string') {
156
90
  this.logger.error('OktaOAuth Middleware: "/oauth/authorize" returned invalid "code"!');
@@ -175,10 +109,9 @@ export default class OktaOAuth {
175
109
  grant_type: 'authorization_code',
176
110
  redirect_uri: getCallbackUrl(req),
177
111
  code_verifier: codeVerifier,
178
- code,
112
+ code
179
113
  }).toString())).data);
180
- }
181
- catch (_b) {
114
+ } catch (e) {
182
115
  this.logger.error('OktaOAuth Middleware: "token" request failed!');
183
116
  res.status(500).end();
184
117
  return;
@@ -186,34 +119,83 @@ export default class OktaOAuth {
186
119
  let userInfo;
187
120
  try {
188
121
  userInfo = await this.getUserInfo(accessToken);
189
- }
190
- catch (_c) {
122
+ } catch (e) {
191
123
  this.logger.error('OktaOAuth Middleware: "userinfo" request failed!');
192
124
  res.status(500).end();
193
125
  return;
194
126
  }
195
127
  const username = userInfo.name;
196
- const groups = [username];
128
+ const groups = [
129
+ username
130
+ ];
197
131
  const defaultLoggedUserRoles = [
198
132
  '$all',
199
133
  '$authenticated',
200
134
  '@all',
201
135
  '@authenticated',
202
- 'all',
136
+ 'all'
203
137
  ];
138
+ var _this_sign;
204
139
  res.redirect(`http://localhost:8239?${new URLSearchParams({
205
140
  username,
206
141
  jwt_token: await auth.jwtEncrypt({
207
142
  name: username,
208
- groups: [...groups, ...defaultLoggedUserRoles],
209
- real_groups: groups,
210
- }, (_a = this.sign) !== null && _a !== void 0 ? _a : {}),
211
- npm_token: auth
212
- .aesEncrypt(Buffer.from(`${username}:${refreshToken}`))
213
- .toString('base64'),
214
- redirect_uri: getBaseUrl(req),
143
+ groups: [
144
+ ...groups,
145
+ ...defaultLoggedUserRoles
146
+ ],
147
+ real_groups: groups
148
+ }, (_this_sign = this.sign) !== null && _this_sign !== void 0 ? _this_sign : {}),
149
+ npm_token: auth.aesEncrypt(Buffer.from(`${username}:${refreshToken}`)).toString('base64'),
150
+ redirect_uri: getBaseUrl(req)
215
151
  }).toString()}`);
216
152
  });
217
153
  }
154
+ constructor({ issuer, client_id, ttl, security, storage }, { logger }){
155
+ var _security_web;
156
+ _define_property(this, "issuer", void 0);
157
+ _define_property(this, "clientId", void 0);
158
+ _define_property(this, "cache", void 0);
159
+ _define_property(this, "logger", void 0);
160
+ _define_property(this, "sign", void 0);
161
+ _define_property(this, "storage", void 0);
162
+ _define_property(this, "getUserInfo", async (accessToken)=>{
163
+ const { issuer } = this;
164
+ return (await axios.get(`${issuer}/oauth2/v1/userinfo`, {
165
+ headers: {
166
+ Authorization: `Bearer ${accessToken}`
167
+ }
168
+ })).data;
169
+ });
170
+ _define_property(this, "getAccessToken", async (refreshToken)=>{
171
+ const { clientId, issuer } = this;
172
+ return (await axios.post(`${issuer}/oauth2/v1/token`, new URLSearchParams({
173
+ client_id: clientId,
174
+ grant_type: 'refresh_token',
175
+ refresh_token: refreshToken
176
+ }).toString())).data.access_token;
177
+ });
178
+ if (!issuer) {
179
+ throw new Error('"issuer" should be defined!');
180
+ }
181
+ if (!client_id) {
182
+ throw new Error('"client_id" should be defined!');
183
+ }
184
+ this.issuer = issuer;
185
+ this.clientId = client_id;
186
+ this.cache = new Cache({
187
+ stdTTL: ttl !== null && ttl !== void 0 ? ttl : 60 * 60 * 24
188
+ });
189
+ this.logger = logger;
190
+ var _security_web_sign;
191
+ this.sign = {
192
+ expiresIn: '7d',
193
+ ...(_security_web_sign = security === null || security === void 0 ? void 0 : (_security_web = security.web) === null || _security_web === void 0 ? void 0 : _security_web.sign) !== null && _security_web_sign !== void 0 ? _security_web_sign : {}
194
+ };
195
+ this.storage = storage !== null && storage !== void 0 ? storage : './storage';
196
+ }
218
197
  }
198
+ // eslint-disable-next-line import/no-default-export
199
+ export { OktaOAuth as default };
200
+
219
201
  //# sourceMappingURL=index.js.map
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,yDAAyD;AACzD,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,KAAK,MAAM,YAAY,CAAC;AAC/B,OAAO,EAAE,EAAE,IAAI,IAAI,EAAE,MAAM,MAAM,CAAC;AAalC,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AA4BvC,oDAAoD;AACpD,MAAM,CAAC,OAAO,OAAO,SAAS;IAW1B,YACI,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAmB,EAC9D,EAAE,MAAM,EAAkC;;QAVtC;;;;;WAAe;QACf;;;;;WAAiB;QAEjB;;;;;WAAa;QACb;;;;;WAAe;QACf;;;;;WAAsB;QACtB;;;;;WAAgB;QAgMhB;;;;mBAAc,KAAK,EAAE,WAAmB,EAAE,EAAE;gBAChD,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;gBAExB,OAAO,CACH,MAAM,KAAK,CAAC,GAAG,CAAW,GAAG,MAAM,qBAAqB,EAAE;oBACtD,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;iBACtD,CAAC,CACL,CAAC,IAAI,CAAC;YACX,CAAC;WAAC;QAEM;;;;mBAAiB,KAAK,EAAE,YAAoB,EAAE,EAAE;gBACpD,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;gBAElC,OAAO,CACH,MAAM,KAAK,CAAC,IAAI,CACZ,GAAG,MAAM,kBAAkB,EAC3B,IAAI,eAAe,CAAC;oBAChB,SAAS,EAAE,QAAQ;oBACnB,UAAU,EAAE,eAAe;oBAC3B,aAAa,EAAE,YAAY;iBAC9B,CAAC,CAAC,QAAQ,EAAE,CAChB,CACJ,CAAC,IAAI,CAAC,YAAY,CAAC;YACxB,CAAC;WAAC;QAjNE,IAAI,CAAC,MAAM,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACnD,CAAC;QAED,IAAI,CAAC,SAAS,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACtD,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC;QAE1B,IAAI,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,EAAE,MAAM,EAAE,GAAG,aAAH,GAAG,cAAH,GAAG,GAAI,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QACxD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,IAAI,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,CAAC,MAAA,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,GAAG,0CAAE,IAAI,mCAAI,EAAE,CAAC,EAAE,CAAC;QAChE,IAAI,CAAC,OAAO,GAAG,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,WAAW,CAAC;IAC1C,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,IAAY,EAAE,YAAoB,EAAE,EAAgB;QACnE,IAAI,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACvB,EAAE,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;YACjB,OAAO;QACX,CAAC;QAED,IAAI,CAAC;YACD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;YAC5D,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;YACrD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;YAC/B,EAAE,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;QACrB,CAAC;QAAC,WAAM,CAAC;YACL,EAAE,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QACpB,CAAC;IACL,CAAC;IAED,oBAAoB,CAAC,GAAY,EAAE,IAAiC;QAChE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QAElC,MAAM,UAAU,GAAG,CAAC,GAAY,EAAE,EAAE;YAChC,OAAO,GAAG,GAAG,CAAC,QAAQ,MAAM,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,CAAC,CAAC;QAEF,MAAM,cAAc,GAAG,CAAC,GAAY,EAAE,EAAE;YACpC,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,iBAAiB,CAAC;QAC/C,CAAC,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;QAEnD,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QAE1B,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;YACvB,MAAM,YAAY,GAAG,GAAG,CAAC,IAAI,CAAC;YAC9B,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,EAAE;gBACd,IAAI,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC;gBAExB,IAAI,IAAI,CAAC,QAAQ,CAAC,iCAAiC,CAAC,EAAE,CAAC;oBACnD,MAAM,MAAM,GAAG;wBACX,UAAU;wBACV,qCAAqC;wBACrC,mEAAmE;wBACnE,iDAAiD;wBACjD,+BAA+B;wBAC/B,kEAAkE;wBAClE,OAAO;wBACP,+BAA+B,UAAU,CAAC,GAAG,CAAC,IAAI;wBAClD,GAAG;wBACH,WAAW;qBACd,CAAC;oBACF,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;gBACzE,CAAC;gBAED,OAAO,YAAY,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YACxC,CAAC,CAAC;YAEF,IAAI,EAAE,CAAC;QACX,CAAC,CAAC,CAAC;QAEH,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;YACrC,MAAM,KAAK,GAAG,IAAI,EAAE,CAAC;YACrB,MAAM,YAAY,GAAG,IAAI,EAAE,GAAG,IAAI,EAAE,CAAC;YAErC,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;YAEjC,GAAG,CAAC,QAAQ,CACR,GAAG,MAAM,wBAAwB,IAAI,eAAe,CAAC;gBACjD,KAAK;gBACL,SAAS,EAAE,QAAQ;gBACnB,aAAa,EAAE,MAAM;gBACrB,KAAK,EAAE,qCAAqC;gBAC5C,YAAY,EAAE,cAAc,CAAC,GAAG,CAAC;gBACjC,qBAAqB,EAAE,MAAM;gBAC7B,cAAc,EAAE,MAAM;qBACjB,UAAU,CAAC,QAAQ,CAAC;qBACpB,MAAM,CAAC,YAAY,CAAC;qBACpB,MAAM,CAAC,QAAQ,CAAC;qBAChB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;qBACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;qBACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;aAC1B,CAAC,CAAC,QAAQ,EAAE,EAAE,CAClB,CAAC;QACN,CAAC,CAAC,CAAC;QAEH,GAAG,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;;YAC1C,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC;YAElC,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC3B,IAAI,CAAC,MAAM,CAAC,KAAK,CACb,mEAAmE,CACtE,CAAC;gBACF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;gBACtB,OAAO;YACX,CAAC;YAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC5B,IAAI,CAAC,MAAM,CAAC,KAAK,CACb,oEAAoE,CACvE,CAAC;gBACF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;gBACtB,OAAO;YACX,CAAC;YAED,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YAExC,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE,CAAC;gBACnC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yDAAyD,CAAC,CAAC;gBAC7E,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;gBACtB,OAAO;YACX,CAAC;YAED,IAAI,WAAmB,EAAE,YAAoB,CAAC;YAC9C,IAAI,CAAC;gBACD,CAAC,EAAE,YAAY,EAAE,WAAW,EAAE,aAAa,EAAE,YAAY,EAAE,GAAG,CAC1D,MAAM,KAAK,CAAC,IAAI,CACZ,GAAG,MAAM,kBAAkB,EAC3B,IAAI,eAAe,CAAC;oBAChB,SAAS,EAAE,QAAQ;oBACnB,UAAU,EAAE,oBAAoB;oBAChC,YAAY,EAAE,cAAc,CAAC,GAAG,CAAC;oBACjC,aAAa,EAAE,YAAY;oBAC3B,IAAI;iBACP,CAAC,CAAC,QAAQ,EAAE,CAChB,CACJ,CAAC,IAAI,CAAC,CAAC;YACZ,CAAC;YAAC,WAAM,CAAC;gBACL,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;gBACnE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;gBACtB,OAAO;YACX,CAAC;YAED,IAAI,QAAkB,CAAC;YACvB,IAAI,CAAC;gBACD,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;YACnD,CAAC;YAAC,WAAM,CAAC;gBACL,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;gBACtE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;gBACtB,OAAO;YACX,CAAC;YAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC;YAC/B,MAAM,MAAM,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC1B,MAAM,sBAAsB,GAAG;gBAC3B,MAAM;gBACN,gBAAgB;gBAChB,MAAM;gBACN,gBAAgB;gBAChB,KAAK;aACR,CAAC;YAEF,GAAG,CAAC,QAAQ,CACR,yBAAyB,IAAI,eAAe,CAAC;gBACzC,QAAQ;gBACR,SAAS,EAAE,MAAM,IAAI,CAAC,UAAU,CAC5B;oBACI,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,CAAC,GAAG,MAAM,EAAE,GAAG,sBAAsB,CAAC;oBAC9C,WAAW,EAAE,MAAM;iBACtB,EACD,MAAA,IAAI,CAAC,IAAI,mCAAI,EAAE,CAClB;gBACD,SAAS,EAAE,IAAI;qBACV,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,QAAQ,IAAI,YAAY,EAAE,CAAC,CAAC;qBACtD,QAAQ,CAAC,QAAQ,CAAC;gBACvB,YAAY,EAAE,UAAU,CAAC,GAAG,CAAC;aAChC,CAAC,CAAC,QAAQ,EAAE,EAAE,CAClB,CAAC;QACN,CAAC,CAAC,CAAC;IACP,CAAC;CA0BJ"}
1
+ {"version":3,"sources":["../src/index.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/naming-convention */\nimport axios from 'axios';\nimport crypto from 'crypto';\nimport Cache from 'node-cache';\nimport { v4 as uuid } from 'uuid';\nimport { Express, Request } from 'express';\nimport {\n Config,\n IPluginAuth,\n IPluginMiddleware,\n JWTSignOptions,\n PluginOptions,\n AuthCallback,\n IBasicAuth,\n Logger,\n} from '@verdaccio/types';\n\nimport { Secrets } from './secrets.js';\n\ndeclare module '@verdaccio/types' {\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n export interface IBasicAuth<T> {\n jwtEncrypt(user: RemoteUser, signOptions: JWTSignOptions): Promise<string>;\n }\n}\n\ninterface UserInfo {\n sub: string;\n name: string;\n locale: string;\n email: string;\n preferred_username: string;\n given_name: string;\n family_name: string;\n zoneinfo: string;\n updated_at: number;\n email_verified: boolean;\n}\n\ninterface OktaOAuthConfig extends Config {\n issuer?: string;\n client_id?: string;\n ttl?: number;\n}\n\n// eslint-disable-next-line import/no-default-export\nexport default class OktaOAuth\n implements IPluginAuth<OktaOAuthConfig>, IPluginMiddleware<OktaOAuthConfig>\n{\n private issuer: string;\n private clientId: string;\n\n private cache: Cache;\n private logger: Logger;\n private sign?: JWTSignOptions;\n private storage: string;\n\n constructor(\n { issuer, client_id, ttl, security, storage }: OktaOAuthConfig,\n { logger }: PluginOptions<OktaOAuthConfig>\n ) {\n if (!issuer) {\n throw new Error('\"issuer\" should be defined!');\n }\n\n if (!client_id) {\n throw new Error('\"client_id\" should be defined!');\n }\n\n this.issuer = issuer;\n this.clientId = client_id;\n\n this.cache = new Cache({ stdTTL: ttl ?? 60 * 60 * 24 });\n this.logger = logger;\n this.sign = { expiresIn: '7d', ...(security?.web?.sign ?? {}) };\n this.storage = storage ?? './storage';\n }\n\n async authenticate(user: string, refreshToken: string, cb: AuthCallback) {\n if (this.cache.has(user)) {\n cb(null, [user]);\n return;\n }\n\n try {\n const accessToken = await this.getAccessToken(refreshToken);\n const userInfo = await this.getUserInfo(accessToken);\n this.cache.set(user, userInfo);\n cb(null, [user]);\n } catch {\n cb(null, false);\n }\n }\n\n register_middlewares(app: Express, auth: IBasicAuth<OktaOAuthConfig>) {\n const { clientId, issuer } = this;\n\n const getBaseUrl = (req: Request) => {\n return `${req.protocol}://${req.get('host')}`;\n };\n\n const getCallbackUrl = (req: Request) => {\n return `${getBaseUrl(req)}/oauth/callback`;\n };\n\n const secrets = new Secrets({ cwd: this.storage });\n\n app.enable('trust proxy');\n\n app.use((req, res, next) => {\n const originalSend = res.send;\n res.send = body => {\n let html = String(body);\n\n if (html.includes('__VERDACCIO_BASENAME_UI_OPTIONS')) {\n const script = [\n `<script>`,\n `const keys = ['username', 'token'];`,\n `const searchParams = new URLSearchParams(window.location.search);`,\n `if (keys.every(key => searchParams.has(key))) {`,\n ` for (const key of keys) {`,\n ` window.localStorage.setItem(key, searchParams.get(key));`,\n ` }`,\n ` window.location.href = '${getBaseUrl(req)}';`,\n `}`,\n `</script>`,\n ];\n html = html.replace(/<\\/body>/, script.concat('</body>').join('\\n'));\n }\n\n return originalSend.call(res, html);\n };\n\n next();\n });\n\n app.use('/oauth/authorize', (req, res) => {\n const state = uuid();\n const codeVerifier = uuid() + uuid();\n\n secrets.set(state, codeVerifier);\n\n res.redirect(\n `${issuer}/oauth2/v1/authorize?${new URLSearchParams({\n state,\n client_id: clientId,\n response_type: 'code',\n scope: 'openid profile email offline_access',\n redirect_uri: getCallbackUrl(req),\n code_challenge_method: 'S256',\n code_challenge: crypto\n .createHash('sha256')\n .update(codeVerifier)\n .digest('base64')\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=+$/, ''),\n }).toString()}`\n );\n });\n\n app.use('/oauth/callback', async (req, res) => {\n const { code, state } = req.query;\n\n if (typeof code !== 'string') {\n this.logger.error(\n 'OktaOAuth Middleware: \"/oauth/authorize\" returned invalid \"code\"!'\n );\n res.status(400).end();\n return;\n }\n\n if (typeof state !== 'string') {\n this.logger.error(\n 'OktaOAuth Middleware: \"/oauth/authorize\" returned invalid \"state\"!'\n );\n res.status(400).end();\n return;\n }\n\n const codeVerifier = secrets.get(state);\n\n if (typeof codeVerifier !== 'string') {\n this.logger.error('OktaOAuth Middleware: your \"code_verifier\" has expired!');\n res.status(440).end();\n return;\n }\n\n let accessToken: string, refreshToken: string;\n try {\n ({ access_token: accessToken, refresh_token: refreshToken } = (\n await axios.post(\n `${issuer}/oauth2/v1/token`,\n new URLSearchParams({\n client_id: clientId,\n grant_type: 'authorization_code',\n redirect_uri: getCallbackUrl(req),\n code_verifier: codeVerifier,\n code,\n }).toString()\n )\n ).data);\n } catch {\n this.logger.error('OktaOAuth Middleware: \"token\" request failed!');\n res.status(500).end();\n return;\n }\n\n let userInfo: UserInfo;\n try {\n userInfo = await this.getUserInfo(accessToken);\n } catch {\n this.logger.error('OktaOAuth Middleware: \"userinfo\" request failed!');\n res.status(500).end();\n return;\n }\n\n const username = userInfo.name;\n const groups = [username];\n const defaultLoggedUserRoles = [\n '$all',\n '$authenticated',\n '@all',\n '@authenticated',\n 'all',\n ];\n\n res.redirect(\n `http://localhost:8239?${new URLSearchParams({\n username,\n jwt_token: await auth.jwtEncrypt(\n {\n name: username,\n groups: [...groups, ...defaultLoggedUserRoles],\n real_groups: groups,\n },\n this.sign ?? {}\n ),\n npm_token: auth\n .aesEncrypt(Buffer.from(`${username}:${refreshToken}`))\n .toString('base64'),\n redirect_uri: getBaseUrl(req),\n }).toString()}`\n );\n });\n }\n\n private getUserInfo = async (accessToken: string) => {\n const { issuer } = this;\n\n return (\n await axios.get<UserInfo>(`${issuer}/oauth2/v1/userinfo`, {\n headers: { Authorization: `Bearer ${accessToken}` },\n })\n ).data;\n };\n\n private getAccessToken = async (refreshToken: string) => {\n const { clientId, issuer } = this;\n\n return (\n await axios.post(\n `${issuer}/oauth2/v1/token`,\n new URLSearchParams({\n client_id: clientId,\n grant_type: 'refresh_token',\n refresh_token: refreshToken,\n }).toString()\n )\n ).data.access_token;\n };\n}\n"],"names":["axios","crypto","Cache","v4","uuid","Secrets","OktaOAuth","authenticate","user","refreshToken","cb","cache","has","accessToken","getAccessToken","userInfo","getUserInfo","set","register_middlewares","app","auth","clientId","issuer","getBaseUrl","req","protocol","get","getCallbackUrl","secrets","cwd","storage","enable","use","res","next","originalSend","send","body","html","String","includes","script","replace","concat","join","call","state","codeVerifier","redirect","URLSearchParams","client_id","response_type","scope","redirect_uri","code_challenge_method","code_challenge","createHash","update","digest","toString","code","query","logger","error","status","end","access_token","refresh_token","post","grant_type","code_verifier","data","username","name","groups","defaultLoggedUserRoles","jwt_token","jwtEncrypt","real_groups","sign","npm_token","aesEncrypt","Buffer","from","constructor","ttl","security","headers","Authorization","Error","stdTTL","expiresIn","web"],"mappings":"AAAA,uDAAuD;;;;;;;;;;;;;AACvD,OAAOA,WAAW,QAAQ;AAC1B,OAAOC,YAAY,SAAS;AAC5B,OAAOC,WAAW,aAAa;AAC/B,SAASC,MAAMC,IAAI,QAAQ,OAAO;AAalC,SAASC,OAAO,QAAQ,eAAe;AA6BxB,MAAMC;IAgCjB,MAAMC,aAAaC,IAAY,EAAEC,YAAoB,EAAEC,EAAgB,EAAE;QACrE,IAAI,IAAI,CAACC,KAAK,CAACC,GAAG,CAACJ,OAAO;YACtBE,GAAG,MAAM;gBAACF;aAAK;YACf;QACJ;QAEA,IAAI;YACA,MAAMK,cAAc,MAAM,IAAI,CAACC,cAAc,CAACL;YAC9C,MAAMM,WAAW,MAAM,IAAI,CAACC,WAAW,CAACH;YACxC,IAAI,CAACF,KAAK,CAACM,GAAG,CAACT,MAAMO;YACrBL,GAAG,MAAM;gBAACF;aAAK;QACnB,EAAE,UAAM;YACJE,GAAG,MAAM;QACb;IACJ;IAEAQ,qBAAqBC,GAAY,EAAEC,IAAiC,EAAE;QAClE,MAAM,EAAEC,QAAQ,EAAEC,MAAM,EAAE,GAAG,IAAI;QAEjC,MAAMC,aAAa,CAACC;YAChB,OAAO,GAAGA,IAAIC,QAAQ,CAAC,GAAG,EAAED,IAAIE,GAAG,CAAC,SAAS;QACjD;QAEA,MAAMC,iBAAiB,CAACH;YACpB,OAAO,GAAGD,WAAWC,KAAK,eAAe,CAAC;QAC9C;QAEA,MAAMI,UAAU,IAAIvB,QAAQ;YAAEwB,KAAK,IAAI,CAACC,OAAO;QAAC;QAEhDX,IAAIY,MAAM,CAAC;QAEXZ,IAAIa,GAAG,CAAC,CAACR,KAAKS,KAAKC;YACf,MAAMC,eAAeF,IAAIG,IAAI;YAC7BH,IAAIG,IAAI,GAAGC,CAAAA;gBACP,IAAIC,OAAOC,OAAOF;gBAElB,IAAIC,KAAKE,QAAQ,CAAC,oCAAoC;oBAClD,MAAMC,SAAS;wBACX,CAAC,QAAQ,CAAC;wBACV,CAAC,mCAAmC,CAAC;wBACrC,CAAC,iEAAiE,CAAC;wBACnE,CAAC,+CAA+C,CAAC;wBACjD,CAAC,6BAA6B,CAAC;wBAC/B,CAAC,gEAAgE,CAAC;wBAClE,CAAC,KAAK,CAAC;wBACP,CAAC,4BAA4B,EAAElB,WAAWC,KAAK,EAAE,CAAC;wBAClD,CAAC,CAAC,CAAC;wBACH,CAAC,SAAS,CAAC;qBACd;oBACDc,OAAOA,KAAKI,OAAO,CAAC,YAAYD,OAAOE,MAAM,CAAC,WAAWC,IAAI,CAAC;gBAClE;gBAEA,OAAOT,aAAaU,IAAI,CAACZ,KAAKK;YAClC;YAEAJ;QACJ;QAEAf,IAAIa,GAAG,CAAC,oBAAoB,CAACR,KAAKS;YAC9B,MAAMa,QAAQ1C;YACd,MAAM2C,eAAe3C,SAASA;YAE9BwB,QAAQX,GAAG,CAAC6B,OAAOC;YAEnBd,IAAIe,QAAQ,CACR,GAAG1B,OAAO,qBAAqB,EAAE,IAAI2B,gBAAgB;gBACjDH;gBACAI,WAAW7B;gBACX8B,eAAe;gBACfC,OAAO;gBACPC,cAAc1B,eAAeH;gBAC7B8B,uBAAuB;gBACvBC,gBAAgBtD,OACXuD,UAAU,CAAC,UACXC,MAAM,CAACV,cACPW,MAAM,CAAC,UACPhB,OAAO,CAAC,OAAO,KACfA,OAAO,CAAC,OAAO,KACfA,OAAO,CAAC,OAAO;YACxB,GAAGiB,QAAQ,IAAI;QAEvB;QAEAxC,IAAIa,GAAG,CAAC,mBAAmB,OAAOR,KAAKS;YACnC,MAAM,EAAE2B,IAAI,EAAEd,KAAK,EAAE,GAAGtB,IAAIqC,KAAK;YAEjC,IAAI,OAAOD,SAAS,UAAU;gBAC1B,IAAI,CAACE,MAAM,CAACC,KAAK,CACb;gBAEJ9B,IAAI+B,MAAM,CAAC,KAAKC,GAAG;gBACnB;YACJ;YAEA,IAAI,OAAOnB,UAAU,UAAU;gBAC3B,IAAI,CAACgB,MAAM,CAACC,KAAK,CACb;gBAEJ9B,IAAI+B,MAAM,CAAC,KAAKC,GAAG;gBACnB;YACJ;YAEA,MAAMlB,eAAenB,QAAQF,GAAG,CAACoB;YAEjC,IAAI,OAAOC,iBAAiB,UAAU;gBAClC,IAAI,CAACe,MAAM,CAACC,KAAK,CAAC;gBAClB9B,IAAI+B,MAAM,CAAC,KAAKC,GAAG;gBACnB;YACJ;YAEA,IAAIpD,aAAqBJ;YACzB,IAAI;gBACC,CAAA,EAAEyD,cAAcrD,WAAW,EAAEsD,eAAe1D,YAAY,EAAE,GAAG,AAC1D,CAAA,MAAMT,MAAMoE,IAAI,CACZ,GAAG9C,OAAO,gBAAgB,CAAC,EAC3B,IAAI2B,gBAAgB;oBAChBC,WAAW7B;oBACXgD,YAAY;oBACZhB,cAAc1B,eAAeH;oBAC7B8C,eAAevB;oBACfa;gBACJ,GAAGD,QAAQ,GACf,EACFY,IAAI,AAAD;YACT,EAAE,UAAM;gBACJ,IAAI,CAACT,MAAM,CAACC,KAAK,CAAC;gBAClB9B,IAAI+B,MAAM,CAAC,KAAKC,GAAG;gBACnB;YACJ;YAEA,IAAIlD;YACJ,IAAI;gBACAA,WAAW,MAAM,IAAI,CAACC,WAAW,CAACH;YACtC,EAAE,UAAM;gBACJ,IAAI,CAACiD,MAAM,CAACC,KAAK,CAAC;gBAClB9B,IAAI+B,MAAM,CAAC,KAAKC,GAAG;gBACnB;YACJ;YAEA,MAAMO,WAAWzD,SAAS0D,IAAI;YAC9B,MAAMC,SAAS;gBAACF;aAAS;YACzB,MAAMG,yBAAyB;gBAC3B;gBACA;gBACA;gBACA;gBACA;aACH;gBAWW;YATZ1C,IAAIe,QAAQ,CACR,CAAC,sBAAsB,EAAE,IAAIC,gBAAgB;gBACzCuB;gBACAI,WAAW,MAAMxD,KAAKyD,UAAU,CAC5B;oBACIJ,MAAMD;oBACNE,QAAQ;2BAAIA;2BAAWC;qBAAuB;oBAC9CG,aAAaJ;gBACjB,GACA,CAAA,aAAA,IAAI,CAACK,IAAI,cAAT,wBAAA,aAAa,CAAC;gBAElBC,WAAW5D,KACN6D,UAAU,CAACC,OAAOC,IAAI,CAAC,GAAGX,SAAS,CAAC,EAAE/D,cAAc,GACpDkD,QAAQ,CAAC;gBACdN,cAAc9B,WAAWC;YAC7B,GAAGmC,QAAQ,IAAI;QAEvB;IACJ;IA5LAyB,YACI,EAAE9D,MAAM,EAAE4B,SAAS,EAAEmC,GAAG,EAAEC,QAAQ,EAAExD,OAAO,EAAmB,EAC9D,EAAEgC,MAAM,EAAkC,CAC5C;YAcqCwB;QAzBvC,uBAAQhE,UAAR,KAAA;QACA,uBAAQD,YAAR,KAAA;QAEA,uBAAQV,SAAR,KAAA;QACA,uBAAQmD,UAAR,KAAA;QACA,uBAAQiB,QAAR,KAAA;QACA,uBAAQjD,WAAR,KAAA;QAgMA,uBAAQd,eAAc,OAAOH;YACzB,MAAM,EAAES,MAAM,EAAE,GAAG,IAAI;YAEvB,OAAO,AACH,CAAA,MAAMtB,MAAM0B,GAAG,CAAW,GAAGJ,OAAO,mBAAmB,CAAC,EAAE;gBACtDiE,SAAS;oBAAEC,eAAe,CAAC,OAAO,EAAE3E,aAAa;gBAAC;YACtD,EAAC,EACH0D,IAAI;QACV;QAEA,uBAAQzD,kBAAiB,OAAOL;YAC5B,MAAM,EAAEY,QAAQ,EAAEC,MAAM,EAAE,GAAG,IAAI;YAEjC,OAAO,AACH,CAAA,MAAMtB,MAAMoE,IAAI,CACZ,GAAG9C,OAAO,gBAAgB,CAAC,EAC3B,IAAI2B,gBAAgB;gBAChBC,WAAW7B;gBACXgD,YAAY;gBACZF,eAAe1D;YACnB,GAAGkD,QAAQ,GACf,EACFY,IAAI,CAACL,YAAY;QACvB;QAjNI,IAAI,CAAC5C,QAAQ;YACT,MAAM,IAAImE,MAAM;QACpB;QAEA,IAAI,CAACvC,WAAW;YACZ,MAAM,IAAIuC,MAAM;QACpB;QAEA,IAAI,CAACnE,MAAM,GAAGA;QACd,IAAI,CAACD,QAAQ,GAAG6B;QAEhB,IAAI,CAACvC,KAAK,GAAG,IAAIT,MAAM;YAAEwF,QAAQL,gBAAAA,iBAAAA,MAAO,KAAK,KAAK;QAAG;QACrD,IAAI,CAACvB,MAAM,GAAGA;YACqBwB;QAAnC,IAAI,CAACP,IAAI,GAAG;YAAEY,WAAW;YAAM,GAAIL,CAAAA,qBAAAA,qBAAAA,gCAAAA,gBAAAA,SAAUM,GAAG,cAAbN,oCAAAA,cAAeP,IAAI,cAAnBO,gCAAAA,qBAAuB,CAAC,CAAC;QAAE;QAC9D,IAAI,CAACxD,OAAO,GAAGA,oBAAAA,qBAAAA,UAAW;IAC9B;AAmMJ;AAlOA,oDAAoD;AACpD,SAAqBxB,uBAiOpB"}
package/dist/secrets.js CHANGED
@@ -1,31 +1,29 @@
1
- import fs from 'fs';
2
- import path from 'path';
3
- export class Secrets {
4
- constructor({ cwd, ttl = 5 * 60 * 1000, checkperiod = 5 * 60 * 1000 }) {
5
- Object.defineProperty(this, "storage", {
1
+ function _define_property(obj, key, value) {
2
+ if (key in obj) {
3
+ Object.defineProperty(obj, key, {
4
+ value: value,
6
5
  enumerable: true,
7
6
  configurable: true,
8
- writable: true,
9
- value: void 0
7
+ writable: true
10
8
  });
11
- Object.defineProperty(this, "get", {
12
- enumerable: true,
13
- configurable: true,
14
- writable: true,
15
- value: (key) => {
16
- if (fs.existsSync(path.join(this.storage, key))) {
17
- return fs.readFileSync(path.join(this.storage, key), 'utf8');
18
- }
19
- return undefined;
9
+ } else {
10
+ obj[key] = value;
11
+ }
12
+ return obj;
13
+ }
14
+ import fs from 'fs';
15
+ import path from 'path';
16
+ export class Secrets {
17
+ constructor({ cwd, ttl = 5 * 60 * 1000, checkperiod = 5 * 60 * 1000 }){
18
+ _define_property(this, "storage", void 0);
19
+ _define_property(this, "get", (key)=>{
20
+ if (fs.existsSync(path.join(this.storage, key))) {
21
+ return fs.readFileSync(path.join(this.storage, key), 'utf8');
20
22
  }
23
+ return undefined;
21
24
  });
22
- Object.defineProperty(this, "set", {
23
- enumerable: true,
24
- configurable: true,
25
- writable: true,
26
- value: (key, value) => {
27
- fs.writeFileSync(path.join(this.storage, key), value, 'utf8');
28
- }
25
+ _define_property(this, "set", (key, value)=>{
26
+ fs.writeFileSync(path.join(this.storage, key), value, 'utf8');
29
27
  });
30
28
  this.storage = path.join(cwd, '.secrets');
31
29
  if (!fs.existsSync(this.storage)) {
@@ -33,7 +31,7 @@ export class Secrets {
33
31
  }
34
32
  const storage = this.storage;
35
33
  setTimeout(function cleanup() {
36
- for (const file of fs.readdirSync(storage)) {
34
+ for (const file of fs.readdirSync(storage)){
37
35
  const { ctimeMs } = fs.statSync(path.join(storage, file));
38
36
  if (Date.now() > ctimeMs + ttl) {
39
37
  fs.rmSync(path.join(storage, file));
@@ -43,4 +41,5 @@ export class Secrets {
43
41
  }, checkperiod);
44
42
  }
45
43
  }
44
+
46
45
  //# sourceMappingURL=secrets.js.map
package/dist/secrets.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"secrets.js","sourceRoot":"","sources":["../src/secrets.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AAQxB,MAAM,OAAO,OAAO;IAGhB,YAAY,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,WAAW,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,EAAkB;QAFrF;;;;;WAAgB;QAuBhB;;;;mBAAM,CAAC,GAAW,EAAE,EAAE;gBAClB,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;oBAC9C,OAAO,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,MAAM,CAAC,CAAC;gBACjE,CAAC;gBAED,OAAO,SAAS,CAAC;YACrB,CAAC;WAAC;QAEF;;;;mBAAM,CAAC,GAAW,EAAE,KAAa,EAAE,EAAE;gBACjC,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;YAClE,CAAC;WAAC;QA9BE,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;QAE1C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC/B,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC/B,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC;QAC7B,UAAU,CAAC,SAAS,OAAO;YACvB,KAAK,MAAM,IAAI,IAAI,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;gBACzC,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;gBAE1D,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,GAAG,GAAG,EAAE,CAAC;oBAC7B,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;gBACxC,CAAC;YACL,CAAC;YAED,UAAU,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;QACrC,CAAC,EAAE,WAAW,CAAC,CAAC;IACpB,CAAC;CAaJ"}
1
+ {"version":3,"sources":["../src/secrets.ts"],"sourcesContent":["import fs from 'fs';\nimport path from 'path';\n\nexport interface SecretsOptions {\n cwd: string;\n ttl?: number;\n checkperiod?: number;\n}\n\nexport class Secrets {\n storage: string;\n\n constructor({ cwd, ttl = 5 * 60 * 1000, checkperiod = 5 * 60 * 1000 }: SecretsOptions) {\n this.storage = path.join(cwd, '.secrets');\n\n if (!fs.existsSync(this.storage)) {\n fs.mkdirSync(this.storage);\n }\n\n const storage = this.storage;\n setTimeout(function cleanup() {\n for (const file of fs.readdirSync(storage)) {\n const { ctimeMs } = fs.statSync(path.join(storage, file));\n\n if (Date.now() > ctimeMs + ttl) {\n fs.rmSync(path.join(storage, file));\n }\n }\n\n setTimeout(cleanup, checkperiod);\n }, checkperiod);\n }\n\n get = (key: string) => {\n if (fs.existsSync(path.join(this.storage, key))) {\n return fs.readFileSync(path.join(this.storage, key), 'utf8');\n }\n\n return undefined;\n };\n\n set = (key: string, value: string) => {\n fs.writeFileSync(path.join(this.storage, key), value, 'utf8');\n };\n}\n"],"names":["fs","path","Secrets","constructor","cwd","ttl","checkperiod","storage","get","key","existsSync","join","readFileSync","undefined","set","value","writeFileSync","mkdirSync","setTimeout","cleanup","file","readdirSync","ctimeMs","statSync","Date","now","rmSync"],"mappings":";;;;;;;;;;;;;AAAA,OAAOA,QAAQ,KAAK;AACpB,OAAOC,UAAU,OAAO;AAQxB,OAAO,MAAMC;IAGTC,YAAY,EAAEC,GAAG,EAAEC,MAAM,IAAI,KAAK,IAAI,EAAEC,cAAc,IAAI,KAAK,IAAI,EAAkB,CAAE;QAFvFC,uBAAAA,WAAAA,KAAAA;QAuBAC,uBAAAA,OAAM,CAACC;YACH,IAAIT,GAAGU,UAAU,CAACT,KAAKU,IAAI,CAAC,IAAI,CAACJ,OAAO,EAAEE,OAAO;gBAC7C,OAAOT,GAAGY,YAAY,CAACX,KAAKU,IAAI,CAAC,IAAI,CAACJ,OAAO,EAAEE,MAAM;YACzD;YAEA,OAAOI;QACX;QAEAC,uBAAAA,OAAM,CAACL,KAAaM;YAChBf,GAAGgB,aAAa,CAACf,KAAKU,IAAI,CAAC,IAAI,CAACJ,OAAO,EAAEE,MAAMM,OAAO;QAC1D;QA9BI,IAAI,CAACR,OAAO,GAAGN,KAAKU,IAAI,CAACP,KAAK;QAE9B,IAAI,CAACJ,GAAGU,UAAU,CAAC,IAAI,CAACH,OAAO,GAAG;YAC9BP,GAAGiB,SAAS,CAAC,IAAI,CAACV,OAAO;QAC7B;QAEA,MAAMA,UAAU,IAAI,CAACA,OAAO;QAC5BW,WAAW,SAASC;YAChB,KAAK,MAAMC,QAAQpB,GAAGqB,WAAW,CAACd,SAAU;gBACxC,MAAM,EAAEe,OAAO,EAAE,GAAGtB,GAAGuB,QAAQ,CAACtB,KAAKU,IAAI,CAACJ,SAASa;gBAEnD,IAAII,KAAKC,GAAG,KAAKH,UAAUjB,KAAK;oBAC5BL,GAAG0B,MAAM,CAACzB,KAAKU,IAAI,CAACJ,SAASa;gBACjC;YACJ;YAEAF,WAAWC,SAASb;QACxB,GAAGA;IACP;AAaJ"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "verdaccio-okta-oauth",
3
- "version": "30.3.1",
3
+ "version": "31.0.0",
4
4
  "description": "",
5
5
  "type": "module",
6
6
  "repository": {
@@ -21,7 +21,7 @@
21
21
  },
22
22
  "dependencies": {
23
23
  "@verdaccio/types": "~10.4.2",
24
- "axios": "^1.9.0",
24
+ "axios": "^1.10.0",
25
25
  "express": "^5.1.0",
26
26
  "node-cache": "~5.1.2",
27
27
  "open": "~10.1.2",
@@ -34,5 +34,5 @@
34
34
  "cli": {
35
35
  "webpack": false
36
36
  },
37
- "gitHead": "4d7f01d86d64fc00160d63a2e2a3448f28aa7a2d"
37
+ "gitHead": "c52e188a1217df74052774a2eea6a5126089e3d5"
38
38
  }