zudoku 0.1.1-dev.50 → 0.1.1-dev.52
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/config/config.d.ts +19 -2
- package/dist/config/validators/auth.d.ts +2 -0
- package/dist/config/validators/auth.js +2 -0
- package/dist/config/validators/auth.js.map +1 -0
- package/dist/config/validators/validate.d.ts +2 -0
- package/dist/config/validators/validate.js +4 -0
- package/dist/config/validators/validate.js.map +1 -0
- package/dist/lib/authentication/Callback.d.ts +4 -0
- package/dist/lib/authentication/Callback.js +20 -0
- package/dist/lib/authentication/Callback.js.map +1 -0
- package/dist/lib/authentication/auth0.d.ts +5 -0
- package/dist/lib/authentication/auth0.js +9 -0
- package/dist/lib/authentication/auth0.js.map +1 -0
- package/dist/lib/authentication/authentication.d.ts +7 -10
- package/dist/lib/authentication/clerk.d.ts +3 -4
- package/dist/lib/authentication/clerk.js +13 -6
- package/dist/lib/authentication/clerk.js.map +1 -1
- package/dist/lib/authentication/openid.d.ts +5 -11
- package/dist/lib/authentication/openid.js +90 -73
- package/dist/lib/authentication/openid.js.map +1 -1
- package/dist/lib/components/DevPortal.d.ts +2 -2
- package/dist/lib/components/DevPortal.js +5 -1
- package/dist/lib/components/DevPortal.js.map +1 -1
- package/dist/lib/components/Layout.js +1 -4
- package/dist/lib/components/Layout.js.map +1 -1
- package/dist/lib/core/DevPortalContext.d.ts +4 -7
- package/dist/lib/core/DevPortalContext.js +6 -6
- package/dist/lib/core/DevPortalContext.js.map +1 -1
- package/dist/lib/core/plugins.d.ts +1 -6
- package/dist/lib/plugins/api-key/index.js +6 -3
- package/dist/lib/plugins/api-key/index.js.map +1 -1
- package/dist/lib/plugins/openapi/MakeRequest.js +9 -4
- package/dist/lib/plugins/openapi/MakeRequest.js.map +1 -1
- package/dist/lib/plugins/openapi/playground/Playground.d.ts +2 -1
- package/dist/lib/plugins/openapi/playground/Playground.js +1 -3
- package/dist/lib/plugins/openapi/playground/Playground.js.map +1 -1
- package/dist/lib/plugins/openapi/playground/QueryParams.js +7 -19
- package/dist/lib/plugins/openapi/playground/QueryParams.js.map +1 -1
- package/dist/vite/config.js +2 -0
- package/dist/vite/config.js.map +1 -1
- package/dist/vite/plugin-auth.js +1 -1
- package/dist/vite/plugin-auth.js.map +1 -1
- package/lib/DevPortalProvider-Dn9HNUG9.js +4559 -0
- package/lib/Spinner-D8DBhJkj.js +7329 -0
- package/lib/zudoku.auth-auth0.js +976 -0
- package/lib/zudoku.auth-clerk.js +21 -12
- package/lib/zudoku.components.js +180 -174
- package/lib/zudoku.plugins.js +6823 -6971
- package/package.json +4 -1
- package/src/lib/authentication/Callback.tsx +31 -0
- package/src/lib/authentication/auth0.tsx +18 -0
- package/src/lib/authentication/authentication.ts +7 -14
- package/src/lib/authentication/{clerk.ts → clerk.tsx} +17 -9
- package/src/lib/authentication/openid.tsx +206 -0
- package/src/lib/components/DevPortal.tsx +10 -3
- package/src/lib/components/Layout.tsx +1 -5
- package/src/lib/core/DevPortalContext.ts +10 -13
- package/src/lib/core/plugins.ts +4 -4
- package/src/lib/plugins/api-key/index.tsx +9 -3
- package/src/lib/plugins/openapi/MakeRequest.tsx +9 -4
- package/src/lib/plugins/openapi/playground/Playground.tsx +3 -4
- package/src/lib/plugins/openapi/playground/QueryParams.tsx +19 -39
- package/dist/lib/core/types/combine.d.ts +0 -4
- package/dist/lib/core/types/combine.js +0 -2
- package/dist/lib/core/types/combine.js.map +0 -1
- package/lib/Spinner-9_-7nYgL.js +0 -11855
- package/src/lib/authentication/openid.ts +0 -194
- package/src/lib/core/types/combine.ts +0 -16
|
@@ -1,194 +0,0 @@
|
|
|
1
|
-
import logger from "loglevel";
|
|
2
|
-
import * as oauth from "oauth4webapi";
|
|
3
|
-
import { DevPortalContext } from "../core/DevPortalContext.js";
|
|
4
|
-
import { type AuthProvider } from "./authentication.js";
|
|
5
|
-
|
|
6
|
-
const algorithm = "oauth2";
|
|
7
|
-
|
|
8
|
-
const getAuthServerByIssuer = async (issuer: string) => {
|
|
9
|
-
const authorizationServer = await oauth
|
|
10
|
-
.discoveryRequest(new URL(issuer), { algorithm })
|
|
11
|
-
.then((response) =>
|
|
12
|
-
oauth.processDiscoveryResponse(new URL(issuer), response),
|
|
13
|
-
);
|
|
14
|
-
|
|
15
|
-
return authorizationServer;
|
|
16
|
-
};
|
|
17
|
-
|
|
18
|
-
export type AuthServerOption = {
|
|
19
|
-
issuer?: string;
|
|
20
|
-
authorizationEndpoint?: string;
|
|
21
|
-
tokenEndpoint?: string;
|
|
22
|
-
};
|
|
23
|
-
|
|
24
|
-
const getAuthServer = async ({
|
|
25
|
-
issuer,
|
|
26
|
-
authorizationEndpoint,
|
|
27
|
-
tokenEndpoint,
|
|
28
|
-
}: AuthServerOption) => {
|
|
29
|
-
return issuer
|
|
30
|
-
? await getAuthServerByIssuer(issuer)
|
|
31
|
-
: ({
|
|
32
|
-
issuer: new URL(authorizationEndpoint!).origin,
|
|
33
|
-
authorization_endpoint: authorizationEndpoint,
|
|
34
|
-
token_endpoint: tokenEndpoint,
|
|
35
|
-
code_challenge_methods_supported: [],
|
|
36
|
-
} satisfies oauth.AuthorizationServer);
|
|
37
|
-
};
|
|
38
|
-
|
|
39
|
-
export const openIdAuth = ({
|
|
40
|
-
clientId,
|
|
41
|
-
clientSecret,
|
|
42
|
-
issuer,
|
|
43
|
-
authorizationEndpoint,
|
|
44
|
-
tokenEndpoint,
|
|
45
|
-
}: {
|
|
46
|
-
clientId: string;
|
|
47
|
-
clientSecret?: string;
|
|
48
|
-
audience?: string;
|
|
49
|
-
} & AuthServerOption): AuthProvider => {
|
|
50
|
-
const client: oauth.Client = {
|
|
51
|
-
client_id: clientId,
|
|
52
|
-
client_secret: clientSecret,
|
|
53
|
-
token_endpoint_auth_method: "none",
|
|
54
|
-
};
|
|
55
|
-
|
|
56
|
-
const redirect_uri = "http://localhost:5173/oauth/callback";
|
|
57
|
-
|
|
58
|
-
return {
|
|
59
|
-
initialize() {
|
|
60
|
-
return Promise.resolve();
|
|
61
|
-
},
|
|
62
|
-
signOut() {},
|
|
63
|
-
login: async (context: DevPortalContext) => {
|
|
64
|
-
const code_challenge_method = "S256";
|
|
65
|
-
const authorizationServer = await getAuthServer({
|
|
66
|
-
issuer,
|
|
67
|
-
authorizationEndpoint,
|
|
68
|
-
tokenEndpoint,
|
|
69
|
-
});
|
|
70
|
-
|
|
71
|
-
if (!authorizationServer.authorization_endpoint) {
|
|
72
|
-
throw new Error("No authorization endpoint");
|
|
73
|
-
}
|
|
74
|
-
|
|
75
|
-
/**
|
|
76
|
-
* The following MUST be generated for every redirect to the authorization_endpoint. You must store
|
|
77
|
-
* the codeVerifier and nonce in the end-user session such that it can be recovered as the user
|
|
78
|
-
* gets redirected from the authorization server back to your application.
|
|
79
|
-
*/
|
|
80
|
-
const codeVerifier = oauth.generateRandomCodeVerifier();
|
|
81
|
-
const codeChallenge =
|
|
82
|
-
await oauth.calculatePKCECodeChallenge(codeVerifier);
|
|
83
|
-
|
|
84
|
-
await context.sessionStorage.set("codeVerifier", codeVerifier);
|
|
85
|
-
|
|
86
|
-
// redirect user to as.authorization_endpoint
|
|
87
|
-
const authorizationUrl = new URL(
|
|
88
|
-
authorizationServer.authorization_endpoint,
|
|
89
|
-
);
|
|
90
|
-
authorizationUrl.searchParams.set("client_id", client.client_id);
|
|
91
|
-
authorizationUrl.searchParams.set("redirect_uri", redirect_uri);
|
|
92
|
-
authorizationUrl.searchParams.set("response_type", "code");
|
|
93
|
-
// authorizationUrl.searchParams.set("scope", "api:read");
|
|
94
|
-
authorizationUrl.searchParams.set("code_challenge", codeChallenge);
|
|
95
|
-
authorizationUrl.searchParams.set(
|
|
96
|
-
"code_challenge_method",
|
|
97
|
-
code_challenge_method,
|
|
98
|
-
);
|
|
99
|
-
|
|
100
|
-
/**
|
|
101
|
-
* We cannot be sure the AS supports PKCE so we're going to use state too. Use of PKCE is
|
|
102
|
-
* backwards compatible even if the AS doesn't support it which is why we're using it regardless.
|
|
103
|
-
*/
|
|
104
|
-
if (
|
|
105
|
-
authorizationServer.code_challenge_methods_supported?.includes(
|
|
106
|
-
"S256",
|
|
107
|
-
) !== true
|
|
108
|
-
) {
|
|
109
|
-
const state = oauth.generateRandomState();
|
|
110
|
-
authorizationUrl.searchParams.set("state", state);
|
|
111
|
-
}
|
|
112
|
-
|
|
113
|
-
// now redirect the user to authorizationUrl.href
|
|
114
|
-
location.href = authorizationUrl.href;
|
|
115
|
-
},
|
|
116
|
-
|
|
117
|
-
handleAuthenticationResponse: async ({ search }, { sessionStorage }) => {
|
|
118
|
-
const searchParams = new URLSearchParams(search);
|
|
119
|
-
const state = searchParams.get("state");
|
|
120
|
-
if (!state) {
|
|
121
|
-
return;
|
|
122
|
-
}
|
|
123
|
-
|
|
124
|
-
// one eternity later, the user lands back on the redirect_uri
|
|
125
|
-
// Authorization Code Grant Request & Response
|
|
126
|
-
const codeVerifier = await sessionStorage.get("codeVerifier");
|
|
127
|
-
|
|
128
|
-
if (!codeVerifier) {
|
|
129
|
-
return;
|
|
130
|
-
}
|
|
131
|
-
|
|
132
|
-
const as = await getAuthServer({
|
|
133
|
-
issuer,
|
|
134
|
-
authorizationEndpoint,
|
|
135
|
-
tokenEndpoint,
|
|
136
|
-
});
|
|
137
|
-
|
|
138
|
-
const params = oauth.validateAuthResponse(
|
|
139
|
-
as,
|
|
140
|
-
client,
|
|
141
|
-
searchParams,
|
|
142
|
-
state,
|
|
143
|
-
);
|
|
144
|
-
if (oauth.isOAuth2Error(params)) {
|
|
145
|
-
logger.error("Error Response", params);
|
|
146
|
-
throw new Error(); // Handle OAuth 2.0 redirect error
|
|
147
|
-
}
|
|
148
|
-
|
|
149
|
-
const response = await oauth.authorizationCodeGrantRequest(
|
|
150
|
-
as,
|
|
151
|
-
client,
|
|
152
|
-
params,
|
|
153
|
-
redirect_uri,
|
|
154
|
-
codeVerifier,
|
|
155
|
-
);
|
|
156
|
-
|
|
157
|
-
// @todo do we need to do these
|
|
158
|
-
// const challenges = oauth.parseWwwAuthenticateChallenges(response);
|
|
159
|
-
// if (challenges) {
|
|
160
|
-
// for (const challenge of challenges) {
|
|
161
|
-
// console.error("WWW-Authenticate Challenge", challenge);
|
|
162
|
-
// }
|
|
163
|
-
// throw new Error(); // Handle WWW-Authenticate Challenges as needed
|
|
164
|
-
// }
|
|
165
|
-
|
|
166
|
-
const oauthResult = await oauth.processAuthorizationCodeOpenIDResponse(
|
|
167
|
-
as,
|
|
168
|
-
client,
|
|
169
|
-
response,
|
|
170
|
-
);
|
|
171
|
-
if (oauth.isOAuth2Error(oauthResult)) {
|
|
172
|
-
logger.error("Error Response", oauthResult);
|
|
173
|
-
throw new Error(oauthResult.error);
|
|
174
|
-
}
|
|
175
|
-
|
|
176
|
-
const userInfoResponse = await oauth.userInfoRequest(
|
|
177
|
-
as,
|
|
178
|
-
client,
|
|
179
|
-
oauthResult.access_token,
|
|
180
|
-
);
|
|
181
|
-
const userInfo = await userInfoResponse.json();
|
|
182
|
-
|
|
183
|
-
// void storage.setProfile({
|
|
184
|
-
// sub: userInfo.sub,
|
|
185
|
-
// email: userInfo.email,
|
|
186
|
-
// name: userInfo.name,
|
|
187
|
-
// email_verified: userInfo.email_verified ?? false,
|
|
188
|
-
// picture: userInfo.picture,
|
|
189
|
-
// id_token: oauthResult.id_token,
|
|
190
|
-
// access_token: oauthResult.access_token,
|
|
191
|
-
// });
|
|
192
|
-
},
|
|
193
|
-
};
|
|
194
|
-
};
|
|
@@ -1,16 +0,0 @@
|
|
|
1
|
-
/* eslint-disable @typescript-eslint/no-explicit-any */
|
|
2
|
-
type UnionToIntersection<U> = (U extends any ? (k: U) => void : never) extends (
|
|
3
|
-
k: infer I,
|
|
4
|
-
) => void
|
|
5
|
-
? I
|
|
6
|
-
: never;
|
|
7
|
-
|
|
8
|
-
type AnyCombination<T, U = T> = T extends any
|
|
9
|
-
? U extends any
|
|
10
|
-
? T | (T & U)
|
|
11
|
-
: never
|
|
12
|
-
: never;
|
|
13
|
-
|
|
14
|
-
export type Combine<T extends any[]> =
|
|
15
|
-
| UnionToIntersection<T[number]>
|
|
16
|
-
| AnyCombination<T[number]>;
|