@edgedb/auth-core
Advanced tools
Comparing version 0.1.0-alpha.1 to 0.1.0-beta.1
import * as edgedb from "edgedb"; | ||
import { BuiltinOAuthProviderNames } from "./consts"; | ||
import { type BuiltinOAuthProviderNames } from "./consts"; | ||
export interface TokenData { | ||
@@ -19,3 +19,3 @@ auth_token: string; | ||
_post<T extends any = unknown>(path: string, body?: any): Promise<T>; | ||
createPKCESession(): AuthPCKESession; | ||
createPKCESession(): Promise<AuthPCKESession>; | ||
getToken(code: string, verifier: string): Promise<TokenData>; | ||
@@ -25,2 +25,3 @@ signinWithEmailPassword(email: string, password: string): Promise<TokenData>; | ||
status: "complete"; | ||
verifier: string; | ||
tokenData: TokenData; | ||
@@ -35,8 +36,9 @@ } | { | ||
email_sent: string; | ||
verifier: string; | ||
}>; | ||
static checkPasswordResetTokenValid(resetToken: string): boolean; | ||
resetPasswordWithResetToken(resetToken: string, password: string): Promise<TokenData>; | ||
resetPasswordWithResetToken(resetToken: string, verifier: string, password: string): Promise<TokenData>; | ||
getProvidersInfo(): Promise<{ | ||
oauth: { | ||
name: string; | ||
name: BuiltinOAuthProviderNames; | ||
display_name: string; | ||
@@ -51,3 +53,3 @@ }[]; | ||
readonly verifier: string; | ||
constructor(auth: Auth); | ||
constructor(auth: Auth, challenge: string, verifier: string); | ||
getOAuthUrl(providerName: BuiltinOAuthProviderNames, redirectTo: string, redirectToOnSignup?: string): string; | ||
@@ -54,0 +56,0 @@ getHostedUISigninUrl(): string; |
@@ -80,4 +80,5 @@ "use strict"; | ||
} | ||
createPKCESession() { | ||
return new AuthPCKESession(this); | ||
async createPKCESession() { | ||
const { challenge, verifier } = await pkce.createVerifierChallengePair(); | ||
return new AuthPCKESession(this, challenge, verifier); | ||
} | ||
@@ -91,3 +92,3 @@ getToken(code, verifier) { | ||
async signinWithEmailPassword(email, password) { | ||
const { challenge, verifier } = pkce.createVerifierChallengePair(); | ||
const { challenge, verifier } = await pkce.createVerifierChallengePair(); | ||
const { code } = await this._post("authenticate", { | ||
@@ -102,3 +103,3 @@ provider: consts_1.emailPasswordProviderName, | ||
async signupWithEmailPassword(email, password, verifyUrl) { | ||
const { challenge, verifier } = pkce.createVerifierChallengePair(); | ||
const { challenge, verifier } = await pkce.createVerifierChallengePair(); | ||
const result = await this._post("register", { | ||
@@ -114,2 +115,3 @@ provider: consts_1.emailPasswordProviderName, | ||
status: "complete", | ||
verifier, | ||
tokenData: await this.getToken(result.code, verifier), | ||
@@ -136,7 +138,12 @@ }; | ||
async sendPasswordResetEmail(email, resetUrl) { | ||
return this._post("send-reset-email", { | ||
provider: consts_1.emailPasswordProviderName, | ||
email, | ||
reset_url: resetUrl, | ||
}); | ||
const { challenge, verifier } = await pkce.createVerifierChallengePair(); | ||
return { | ||
verifier, | ||
...(await this._post("send-reset-email", { | ||
provider: consts_1.emailPasswordProviderName, | ||
challenge, | ||
email, | ||
reset_url: resetUrl, | ||
})), | ||
}; | ||
} | ||
@@ -158,4 +165,4 @@ static checkPasswordResetTokenValid(resetToken) { | ||
} | ||
async resetPasswordWithResetToken(resetToken, password) { | ||
return this._post("reset-password", { | ||
async resetPasswordWithResetToken(resetToken, verifier, password) { | ||
const { code } = await this._post("reset-password", { | ||
provider: consts_1.emailPasswordProviderName, | ||
@@ -165,2 +172,3 @@ reset_token: resetToken, | ||
}); | ||
return this.getToken(code, verifier); | ||
} | ||
@@ -195,5 +203,4 @@ async getProvidersInfo() { | ||
verifier; | ||
constructor(auth) { | ||
constructor(auth, challenge, verifier) { | ||
this.auth = auth; | ||
const { challenge, verifier } = pkce.createVerifierChallengePair(); | ||
this.challenge = challenge; | ||
@@ -200,0 +207,0 @@ this.verifier = verifier; |
@@ -1,4 +0,4 @@ | ||
export declare function createVerifierChallengePair(): { | ||
export declare function createVerifierChallengePair(): Promise<{ | ||
verifier: string; | ||
challenge: string; | ||
}; | ||
}>; |
"use strict"; | ||
var __importDefault = (this && this.__importDefault) || function (mod) { | ||
return (mod && mod.__esModule) ? mod : { "default": mod }; | ||
}; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
exports.createVerifierChallengePair = void 0; | ||
const node_crypto_1 = __importDefault(require("node:crypto")); | ||
function createVerifierChallengePair() { | ||
const verifier = node_crypto_1.default.randomBytes(32).toString("base64url"); | ||
const challenge = node_crypto_1.default | ||
.createHash("sha256") | ||
.update(verifier) | ||
.digest("base64url"); | ||
const crypto_1 = require("./crypto"); | ||
async function createVerifierChallengePair() { | ||
const verifier = (0, crypto_1.bytesToBase64Url)((0, crypto_1.randomBytes)(32)); | ||
const challenge = await (0, crypto_1.sha256)(verifier).then(crypto_1.bytesToBase64Url); | ||
return { verifier, challenge }; | ||
} | ||
exports.createVerifierChallengePair = createVerifierChallengePair; |
{ | ||
"name": "@edgedb/auth-core", | ||
"description": "Core helper library for the EdgeDB Auth extension", | ||
"version": "0.1.0-alpha.1", | ||
"version": "0.1.0-beta.1", | ||
"author": "EdgeDB <info@edgedb.com>", | ||
@@ -6,0 +6,0 @@ "repository": { |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
16914
12
398