vestauth 0.3.3 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/package.json +1 -1
  2. package/src/lib/api/postAgentRegister.js +34 -0
  3. package/src/lib/helpers/agentHeaders.js +2 -7
  4. package/src/lib/helpers/agentInit.js +8 -4
  5. package/src/lib/helpers/env.js +11 -0
  6. package/src/lib/helpers/identity.js +15 -0
  7. package/src/lib/helpers/providerVerify.js +2 -2
  8. package/src/lib/helpers/touch.js +3 -1
  9. package/src/lib/helpers/agentAuth.js +0 -50
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "vestauth",
3
- "version": "0.3.3",
3
+ "version": "0.4.2",
4
4
  "description": "auth for agents–from the creator of dotenvx",
5
5
  "keywords": [
6
6
  "vestauth"
package/src/lib/api/postAgentRegister.js ADDED
@@ -0,0 +1,34 @@
1
+ const { http } = require('../helpers/http')
2
+ const buildApiError = require('../helpers/buildApiError')
3
+
4
+ class PostAgentRegister {
5
+ constructor (hostname, publicJwk) {
6
+ this.hostname = hostname || 'https://api.vestauth.com'
7
+ this.publicJwk = publicJwk
8
+ }
9
+
10
+ async run () {
11
+ const url = `${this.hostname}/api/agent/register`
12
+ const publicJwk = this.publicJwk
13
+
14
+ const resp = await http(url, {
15
+ method: 'POST',
16
+ headers: {
17
+ 'Content-Type': 'application/json'
18
+ },
19
+ body: JSON.stringify({
20
+ public_jwk: publicJwk
21
+ })
22
+ })
23
+
24
+ if (resp.statusCode >= 400) {
25
+ const json = await resp.body.json()
26
+ throw buildApiError(resp.statusCode, json)
27
+ }
28
+
29
+ const json = await resp.body.json()
30
+ return json
31
+ }
32
+ }
33
+
34
+ module.exports = PostAgentRegister
package/src/lib/helpers/agentHeaders.js CHANGED
@@ -1,13 +1,8 @@
1
1
  const headers = require('./headers')
2
- const dotenvx = require('@dotenvx/dotenvx')
2
+ const identity = require('./identity')
3
3
 
4
4
  async function agentHeaders (httpMethod, uri, tag = 'vestauth', nonce = null) {
5
- let publicKey = null
6
- let privateKey = null
7
- try { publicKey = dotenvx.get('AGENT_PUBLIC_KEY', { strict: true }) } catch (_e) {}
8
- try { privateKey = dotenvx.get('AGENT_PRIVATE_KEY', { strict: true }) } catch (_e) {}
9
-
10
- if (!publicKey && !privateKey) throw new Error('missing AGENT_PUBLIC_KEY and AGENT_PRIVATE_KEY. Run [vestauth agent init]')
5
+ const { privateKey } = identity()
11
6
 
12
7
  return await headers(httpMethod, uri, privateKey, tag, nonce)
13
8
  }
package/src/lib/helpers/agentInit.js CHANGED
@@ -1,14 +1,14 @@
1
1
  const dotenvx = require('@dotenvx/dotenvx')
2
+ const identity = require('./identity')
2
3
  const keypair = require('./keypair')
3
4
  const touch = require('./touch')
5
+ const PostAgentRegister = require('../api/postAgentRegister')
4
6
 
5
- function agentInit () {
7
+ async function agentInit () {
6
8
  const envPath = '.env'
7
9
 
8
10
  // keypair
9
- let currentPrivateKey = null
10
- try { currentPrivateKey = dotenvx.get('AGENT_PRIVATE_KEY', { strict: true }) } catch (e) {}
11
-
11
+ const currentPrivateKey = identity(false).privateKey
12
12
  const kp = keypair(currentPrivateKey, 'agent')
13
13
 
14
14
  touch(envPath)
@@ -17,6 +17,10 @@ function agentInit () {
17
17
  dotenvx.set('AGENT_PUBLIC_KEY', JSON.stringify(kp.publicKey), { path: envPath, plain: true, quiet: true })
18
18
  dotenvx.set('AGENT_PRIVATE_KEY', JSON.stringify(kp.privateKey), { path: envPath, plain: true, quiet: true })
19
19
 
20
+ // register agent with api
21
+ const postAgentRegister = new PostAgentRegister(null, kp.publicKey)
22
+ await postAgentRegister.run()
23
+
20
24
  return {
21
25
  AGENT_PUBLIC_KEY: kp.publicKey,
22
26
  AGENT_PRIVATE_KEY: kp.privateKey,
package/src/lib/helpers/env.js ADDED
@@ -0,0 +1,11 @@
1
+ const dotenvx = require('@dotenvx/dotenvx')
2
+
3
+ function env (key) {
4
+ try {
5
+ return dotenvx.get(key, { strict: true })
6
+ } catch {
7
+ return null
8
+ }
9
+ }
10
+
11
+ module.exports = env
package/src/lib/helpers/identity.js ADDED
@@ -0,0 +1,15 @@
1
+ const env = require('./env')
2
+
3
+ function identity (raiseError = true) {
4
+ const publicKey = env('AGENT_PUBLIC_KEY')
5
+ const privateKey = env('AGENT_PRIVATE_KEY')
6
+
7
+ if (raiseError && !(publicKey || !privateKey)) throw new Error('missing AGENT_PUBLIC_KEY and AGENT_PRIVATE_KEY. Run [vestauth agent init]')
8
+
9
+ return {
10
+ publicKey,
11
+ privateKey
12
+ }
13
+ }
14
+
15
+ module.exports = identity
package/src/lib/helpers/providerVerify.js CHANGED
@@ -4,13 +4,13 @@ const parseSignatureInputHeader = require('./parseSignatureInputHeader')
4
4
  const stripDictionaryKey = require('./stripDictionaryKey')
5
5
  const authorityMessage = require('./authorityMessage')
6
6
  const edPublicKeyObject = require('./edPublicKeyObject')
7
- const epoch = require('./epoch')
8
7
 
9
8
  function providerVerify (httpMetod, uri, signatureHeader, signatureInputHeader, publicKey) {
10
9
  const { values } = parseSignatureInputHeader(signatureInputHeader)
10
+ const { expires } = values
11
11
 
12
12
  // return early false, since expired
13
- if (values.expires && values.expires < epoch(new Date())) {
13
+ if (expires && expires < (Math.floor(Date.now() / 1000))) {
14
14
  return {
15
15
  success: false
16
16
  }
package/src/lib/helpers/touch.js CHANGED
@@ -1,7 +1,9 @@
1
1
  const fs = require('fs')
2
2
 
3
3
  function touch (filepath) {
4
- fs.closeSync(fs.openSync(filepath, 'a'))
4
+ if (!fs.existsSync(filepath)) {
5
+ fs.writeFileSync(filepath, '# vestauth. auth for agents–from the creator of `dotenvx`\n')
6
+ }
5
7
  }
6
8
 
7
9
  module.exports = touch
package/src/lib/helpers/agentAuth.js DELETED
@@ -1,50 +0,0 @@
1
- const { http } = require('./http')
2
- const sign = require('./sign')
3
- const dotenvx = require('@dotenvx/dotenvx')
4
-
5
- async function agentAuth (website) {
6
- let publicKey = null
7
- let privateKey = null
8
- try { publicKey = dotenvx.get('AGENT_PUBLIC_KEY', { strict: true }) } catch (_e) {}
9
- try { privateKey = dotenvx.get('AGENT_PRIVATE_KEY', { strict: true }) } catch (_e) {}
10
-
11
- if (!publicKey && !privateKey) throw new Error('missing AGENT_PUBLIC_KEY and AGENT_PRIVATE_KEY. Run [vestauth agent init]')
12
-
13
- let signature
14
- const url = `${website}/agent/auth`
15
-
16
- if (!signature) {
17
- const resp = await http(url, {
18
- method: 'POST',
19
- headers: {
20
- Authorization: `Agent ${publicKey}:${signature}`,
21
- 'Content-Type': 'application/json'
22
- },
23
- body: JSON.stringify({})
24
- })
25
-
26
- const json = await resp.body.json()
27
- const challenge = json.challenge // grab challenge
28
- signature = await sign(challenge, privateKey)
29
- }
30
-
31
- const resp = await http(url, {
32
- method: 'POST',
33
- headers: {
34
- Authorization: `Agent ${publicKey}:${signature}`,
35
- 'Content-Type': 'application/json'
36
- },
37
- body: JSON.stringify({})
38
- })
39
-
40
- if (resp.statusCode >= 400) {
41
- const json = await resp.body.json()
42
- return json
43
- }
44
-
45
- const json = await resp.body.json()
46
- // ok and if a success what should i do here? should i store the challenge to the .env file?
47
- return json
48
- }
49
-
50
- module.exports = agentAuth