Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@animo-id/oauth2
Advanced tools
@animo-id/oauth2 - npm Package Compare versions
Comparing version 0.0.2-alpha-20241106081309 to 0.0.2-alpha-20241107055836
| import * as v from 'valibot'; | ||
| import { HttpMethod, FetchHeaders, Fetch, BaseSchema, FetchResponse } from '@animo-id/oauth2-utils'; | ||
| import { HttpMethod, FetchHeaders, ContentType, Fetch, BaseSchema, FetchResponse, FetchRequestInit } from '@animo-id/oauth2-utils'; | ||
@@ -17,3 +17,7 @@ declare enum Oauth2ErrorCodes { | ||
| InvalidSession = "invalid_session", | ||
| InsufficientAuthorization = "insufficient_authorization" | ||
| InsufficientAuthorization = "insufficient_authorization", | ||
| InvalidCredentialRequest = "invalid_credential_request", | ||
| UnsupportedCredentialType = "unsupported_credential_type", | ||
| InvalidProof = "invalid_proof", | ||
| InvalidEncryptionParameters = "invalid_encryption_parameters" | ||
| } | ||
@@ -68,7 +72,2 @@ declare const vOauth2ErrorResponse: v.LooseObjectSchema<{ | ||
| declare enum ContentType { | ||
| XWwwFormUrlencoded = "application/x-www-form-urlencoded", | ||
| Json = "application/json" | ||
| } | ||
| declare const vAuthorizationServerMetadata: v.SchemaWithPipe<[v.LooseObjectSchema<{ | ||
@@ -536,33 +535,2 @@ readonly issuer: v.SchemaWithPipe<[v.StringSchema<undefined>, v.UrlAction<string, undefined>, v.StartsWithAction<string, "https://", undefined>]>; | ||
| } | ||
| interface CreateDpopJwtOptions { | ||
| request: Omit<RequestLike, 'headers'>; | ||
| /** | ||
| * Dpop nonce value | ||
| */ | ||
| nonce?: string; | ||
| /** | ||
| * Creation time of the JWT. If not provided the current date will be used | ||
| */ | ||
| issuedAt?: Date; | ||
| /** | ||
| * Additional payload to include in the dpop jwt payload. Will be applied after | ||
| * any default claims that are included, so add claims with caution. | ||
| */ | ||
| additionalPayload?: Record<string, unknown>; | ||
| /** | ||
| * The access token to which the dpop jwt should be bound. Required | ||
| * when the dpop will be sent along with an access token. | ||
| * | ||
| * If provided, the `hashCallback` parameter also needs to be provided | ||
| */ | ||
| accessToken?: string; | ||
| /** | ||
| * Callback used for dpop | ||
| */ | ||
| callbacks: Pick<CallbackContext, 'generateRandom' | 'hash' | 'signJwt'>; | ||
| /** | ||
| * The signer of the dpop jwt. Only jwk signer allowed. | ||
| */ | ||
| signer: JwtSignerJwk; | ||
| } | ||
@@ -587,3 +555,3 @@ interface Oauth2ErrorOptions { | ||
| interface WwwAuthenticateHeaderChallenge { | ||
| scheme: SupportedAuthenticationScheme; | ||
| scheme: SupportedAuthenticationScheme | (string & {}); | ||
| /** | ||
@@ -605,5 +573,7 @@ * Space delimited scope value that lists scopes required | ||
| } | ||
| declare class Oauth2ResourceUnauthorizedError extends Error { | ||
| readonly wwwAuthenticateHeaders: WwwAuthenticateHeaderChallenge | Array<WwwAuthenticateHeaderChallenge>; | ||
| constructor(internalMessage: string, wwwAuthenticateHeaders: WwwAuthenticateHeaderChallenge | Array<WwwAuthenticateHeaderChallenge>); | ||
| declare class Oauth2ResourceUnauthorizedError extends Oauth2Error { | ||
| readonly wwwAuthenticateHeaders: WwwAuthenticateHeaderChallenge[]; | ||
| constructor(internalMessage: string | undefined, wwwAuthenticateHeaders: WwwAuthenticateHeaderChallenge | Array<WwwAuthenticateHeaderChallenge>); | ||
| static fromHeaderValue(value: string): Oauth2ResourceUnauthorizedError; | ||
| toHeaderValue(): string; | ||
| } | ||
@@ -639,5 +609,5 @@ | ||
| declare class Oauth2ServerErrorResponseError extends Error { | ||
| declare class Oauth2ServerErrorResponseError extends Oauth2Error { | ||
| readonly errorResponse: Oauth2ErrorResponse; | ||
| constructor(errorResponse: Oauth2ErrorResponse, internalMessage?: string); | ||
| constructor(errorResponse: Oauth2ErrorResponse, internalMessage?: string, options?: Oauth2ErrorOptions); | ||
| } | ||
@@ -783,7 +753,15 @@ | ||
| interface ResourceRequestOptions<T> { | ||
| interface ResourceRequestOptions { | ||
| /** | ||
| * DPoP options | ||
| */ | ||
| dpop?: RequestDpopOptions & Pick<CreateDpopJwtOptions, 'request'>; | ||
| dpop?: RequestDpopOptions & { | ||
| /** | ||
| * Whether to retry the request if the server responds with an error indicating | ||
| * the request should be retried with a server provided dpop nonce | ||
| * | ||
| * @default true | ||
| */ | ||
| retryWithNonce?: boolean; | ||
| }; | ||
| /** | ||
@@ -797,18 +775,27 @@ * Callbacks | ||
| accessToken: string; | ||
| url: string; | ||
| requestOptions: FetchRequestInit; | ||
| } | ||
| interface ResourceRequestResponseBase { | ||
| ok: boolean; | ||
| response: FetchResponse; | ||
| /** | ||
| * The original resource request implementation. | ||
| * If the response included a dpop nonce to be used in subsequent requests | ||
| */ | ||
| resourceRequest: (options: { | ||
| headers: Record<string, string>; | ||
| }) => Promise<{ | ||
| response: FetchResponse; | ||
| result: T; | ||
| }>; | ||
| dpop?: { | ||
| nonce: string; | ||
| }; | ||
| } | ||
| declare function resourceRequestWithDpopRetry<T>(options: ResourceRequestOptions<T>): Promise<{ | ||
| dpop: { | ||
| nonce: any; | ||
| } | undefined; | ||
| result: T; | ||
| }>; | ||
| interface ResourceRequestResponseOk extends ResourceRequestResponseBase { | ||
| ok: true; | ||
| } | ||
| interface ResourceRequestResponseNotOk extends ResourceRequestResponseBase { | ||
| ok: false; | ||
| /** | ||
| * If a WWW-Authenticate was included in the headers of the response | ||
| * they will be parsed and added here. | ||
| */ | ||
| wwwAuthenticate?: WwwAuthenticateHeaderChallenge[]; | ||
| } | ||
| declare function resourceRequest(options: ResourceRequestOptions): Promise<ResourceRequestResponseOk | ResourceRequestResponseNotOk>; | ||
@@ -1338,4 +1325,5 @@ interface VerifyResourceRequestOptions { | ||
| retrieveAuthorizationCodeAccessToken({ authorizationServerMetadata, additionalRequestPayload, authorizationCode, pkceCodeVerifier, redirectUri, dpop, }: Omit<RetrieveAuthorizationCodeAccessTokenOptions, 'callbacks'>): Promise<RetrieveAccessTokenReturn>; | ||
| resourceRequest(options: ResourceRequestOptions): Promise<ResourceRequestResponseOk | ResourceRequestResponseNotOk>; | ||
| } | ||
| export { type AccessTokenErrorResponse, type AccessTokenResponse, type AuthorizationCodeGrantIdentifier, type AuthorizationServerMetadata, type CalculateJwkThumbprintOptions, type CallbackContext, type ClientAuthenticationCallback, type ClientAuthenticationClientSecretBasicOptions, type ClientAuthenticationClientSecretPostOptions, ContentType, type CreateAuthorizationRequestUrlOptions, type DecodeJwtOptions, type DecodeJwtResult, type GenerateRandomCallback, type GetClientAuthenticationOptions, HashAlgorithm, type HashCallback, type Jwk, type JwkSet, type JwtSigner, type JwtSignerCustom, type JwtSignerDid, type JwtSignerJwk, type JwtSignerX5c, Oauth2AuthorizationServer, type Oauth2AuthorizationServerOptions, Oauth2Client, Oauth2ClientAuthorizationChallengeError, Oauth2ClientErrorResponseError, type Oauth2ClientOptions, Oauth2Error, Oauth2ErrorCodes, type Oauth2ErrorOptions, type Oauth2ErrorResponse, Oauth2InvalidFetchResponseError, Oauth2JwtVerificationError, Oauth2ResourceServer, type Oauth2ResourceServerOptions, Oauth2ResourceUnauthorizedError, Oauth2ServerErrorResponseError, PkceCodeChallengeMethod, type PreAuthorizedCodeGrantIdentifier, type RequestDpopOptions, type ResourceRequestOptions, type ResponseDpopReturn, type RetrieveAuthorizationCodeAccessTokenOptions, type RetrievePreAuthorizedCodeAccessTokenOptions, type SignJwtCallback, SupportedAuthenticationScheme, type VerifyJwtCallback, type VerifyJwtOptions, type VerifyResourceRequestOptions, type WwwAuthenticateHeaderChallenge, authorizationCodeGrantIdentifier, calculateJwkThumbprint, clientAuthenticationClientSecretBasic, clientAuthenticationClientSecretPost, clientAuthenticationNone, decodeJwt, fetchAuthorizationServerMetadata, fetchJwks, fetchWellKnownMetadata, getAuthorizationServerMetadataFromList, jwtHeaderFromJwtSigner, jwtSignerFromJwt, preAuthorizedCodeGrantIdentifier, resourceRequestWithDpopRetry, vAuthorizationCodeGrantIdentifier, vAuthorizationServerMetadata, vCompactJwt, vJwk, vJwtHeader, vJwtPayload, vOauth2ErrorResponse, vPreAuthorizedCodeGrantIdentifier, verifyJwt, verifyResourceRequest }; | ||
| export { type AccessTokenErrorResponse, type AccessTokenResponse, type AuthorizationCodeGrantIdentifier, type AuthorizationServerMetadata, type CalculateJwkThumbprintOptions, type CallbackContext, type ClientAuthenticationCallback, type ClientAuthenticationClientSecretBasicOptions, type ClientAuthenticationClientSecretPostOptions, type CreateAuthorizationRequestUrlOptions, type DecodeJwtOptions, type DecodeJwtResult, type GenerateRandomCallback, type GetClientAuthenticationOptions, HashAlgorithm, type HashCallback, type Jwk, type JwkSet, type JwtSigner, type JwtSignerCustom, type JwtSignerDid, type JwtSignerJwk, type JwtSignerX5c, Oauth2AuthorizationServer, type Oauth2AuthorizationServerOptions, Oauth2Client, Oauth2ClientAuthorizationChallengeError, Oauth2ClientErrorResponseError, type Oauth2ClientOptions, Oauth2Error, Oauth2ErrorCodes, type Oauth2ErrorOptions, type Oauth2ErrorResponse, Oauth2InvalidFetchResponseError, Oauth2JwtVerificationError, Oauth2ResourceServer, type Oauth2ResourceServerOptions, Oauth2ResourceUnauthorizedError, Oauth2ServerErrorResponseError, PkceCodeChallengeMethod, type PreAuthorizedCodeGrantIdentifier, type RequestDpopOptions, type ResourceRequestOptions, type ResourceRequestResponseNotOk, type ResourceRequestResponseOk, type ResponseDpopReturn, type RetrieveAuthorizationCodeAccessTokenOptions, type RetrievePreAuthorizedCodeAccessTokenOptions, type SignJwtCallback, SupportedAuthenticationScheme, type VerifyJwtCallback, type VerifyJwtOptions, type VerifyResourceRequestOptions, type WwwAuthenticateHeaderChallenge, authorizationCodeGrantIdentifier, calculateJwkThumbprint, clientAuthenticationClientSecretBasic, clientAuthenticationClientSecretPost, clientAuthenticationNone, decodeJwt, fetchAuthorizationServerMetadata, fetchJwks, fetchWellKnownMetadata, getAuthorizationServerMetadataFromList, jwtHeaderFromJwtSigner, jwtSignerFromJwt, preAuthorizedCodeGrantIdentifier, resourceRequest, vAuthorizationCodeGrantIdentifier, vAuthorizationServerMetadata, vCompactJwt, vJwk, vJwtHeader, vJwtPayload, vOauth2ErrorResponse, vPreAuthorizedCodeGrantIdentifier, verifyJwt, verifyResourceRequest }; |
| { | ||
| "name": "@animo-id/oauth2", | ||
| "version": "0.0.2-alpha-20241106081309", | ||
| "version": "0.0.2-alpha-20241107055836", | ||
| "exports": { | ||
@@ -18,3 +18,3 @@ ".": { | ||
| "valibot": "^0.42.1", | ||
| "@animo-id/oauth2-utils": "0.0.2-alpha-20241106081309" | ||
| "@animo-id/oauth2-utils": "0.0.2-alpha-20241107055836" | ||
| }, | ||
@@ -21,0 +21,0 @@ "devDependencies": { |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by1.92%
598758
- Lines of code
- increased by1.25%
5277
Worsened metrics
- Number of medium supply chain risk alerts
- increased by25%
10
Dependency changes
+ Added@animo-id/oauth2-utils@0.0.2-alpha-20241107055836(transitive)
- Removed@animo-id/oauth2-utils@0.0.2-alpha-20241106081309(transitive)