Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@edgedb/auth-core

Package Overview
Dependencies
Maintainers
3
Versions
209
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@edgedb/auth-core - npm Package Compare versions

Comparing version 0.1.0-alpha.1 to 0.1.0-beta.1

dist/crypto.d.ts
dist/crypto.js

12

dist/core.d.ts
import * as edgedb from "edgedb";
import { BuiltinOAuthProviderNames } from "./consts";
import { type BuiltinOAuthProviderNames } from "./consts";
export interface TokenData {

@@ -19,3 +19,3 @@ auth_token: string;

_post<T extends any = unknown>(path: string, body?: any): Promise<T>;
createPKCESession(): AuthPCKESession;
createPKCESession(): Promise<AuthPCKESession>;
getToken(code: string, verifier: string): Promise<TokenData>;

@@ -25,2 +25,3 @@ signinWithEmailPassword(email: string, password: string): Promise<TokenData>;

status: "complete";
verifier: string;
tokenData: TokenData;

@@ -35,8 +36,9 @@ } | {

email_sent: string;
verifier: string;
}>;
static checkPasswordResetTokenValid(resetToken: string): boolean;
resetPasswordWithResetToken(resetToken: string, password: string): Promise<TokenData>;
resetPasswordWithResetToken(resetToken: string, verifier: string, password: string): Promise<TokenData>;
getProvidersInfo(): Promise<{
oauth: {
name: string;
name: BuiltinOAuthProviderNames;
display_name: string;

@@ -51,3 +53,3 @@ }[];

readonly verifier: string;
constructor(auth: Auth);
constructor(auth: Auth, challenge: string, verifier: string);
getOAuthUrl(providerName: BuiltinOAuthProviderNames, redirectTo: string, redirectToOnSignup?: string): string;

@@ -54,0 +56,0 @@ getHostedUISigninUrl(): string;

33

dist/core.js

@@ -80,4 +80,5 @@ "use strict";

}
createPKCESession() {
return new AuthPCKESession(this);
async createPKCESession() {
const { challenge, verifier } = await pkce.createVerifierChallengePair();
return new AuthPCKESession(this, challenge, verifier);
}

@@ -91,3 +92,3 @@ getToken(code, verifier) {

async signinWithEmailPassword(email, password) {
const { challenge, verifier } = pkce.createVerifierChallengePair();
const { challenge, verifier } = await pkce.createVerifierChallengePair();
const { code } = await this._post("authenticate", {

@@ -102,3 +103,3 @@ provider: consts_1.emailPasswordProviderName,

async signupWithEmailPassword(email, password, verifyUrl) {
const { challenge, verifier } = pkce.createVerifierChallengePair();
const { challenge, verifier } = await pkce.createVerifierChallengePair();
const result = await this._post("register", {

@@ -114,2 +115,3 @@ provider: consts_1.emailPasswordProviderName,

status: "complete",
verifier,
tokenData: await this.getToken(result.code, verifier),

@@ -136,7 +138,12 @@ };

async sendPasswordResetEmail(email, resetUrl) {
return this._post("send-reset-email", {
provider: consts_1.emailPasswordProviderName,
email,
reset_url: resetUrl,
});
const { challenge, verifier } = await pkce.createVerifierChallengePair();
return {
verifier,
...(await this._post("send-reset-email", {
provider: consts_1.emailPasswordProviderName,
challenge,
email,
reset_url: resetUrl,
})),
};
}

@@ -158,4 +165,4 @@ static checkPasswordResetTokenValid(resetToken) {

}
async resetPasswordWithResetToken(resetToken, password) {
return this._post("reset-password", {
async resetPasswordWithResetToken(resetToken, verifier, password) {
const { code } = await this._post("reset-password", {
provider: consts_1.emailPasswordProviderName,

@@ -165,2 +172,3 @@ reset_token: resetToken,

});
return this.getToken(code, verifier);
}

@@ -195,5 +203,4 @@ async getProvidersInfo() {

verifier;
constructor(auth) {
constructor(auth, challenge, verifier) {
this.auth = auth;
const { challenge, verifier } = pkce.createVerifierChallengePair();
this.challenge = challenge;

@@ -200,0 +207,0 @@ this.verifier = verifier;

4

dist/pkce.d.ts

@@ -1,4 +0,4 @@

export declare function createVerifierChallengePair(): {
export declare function createVerifierChallengePair(): Promise<{
verifier: string;
challenge: string;
};
}>;

14

dist/pkce.js
"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.createVerifierChallengePair = void 0;
const node_crypto_1 = __importDefault(require("node:crypto"));
function createVerifierChallengePair() {
const verifier = node_crypto_1.default.randomBytes(32).toString("base64url");
const challenge = node_crypto_1.default
.createHash("sha256")
.update(verifier)
.digest("base64url");
const crypto_1 = require("./crypto");
async function createVerifierChallengePair() {
const verifier = (0, crypto_1.bytesToBase64Url)((0, crypto_1.randomBytes)(32));
const challenge = await (0, crypto_1.sha256)(verifier).then(crypto_1.bytesToBase64Url);
return { verifier, challenge };
}
exports.createVerifierChallengePair = createVerifierChallengePair;

2

package.json
{
"name": "@edgedb/auth-core",
"description": "Core helper library for the EdgeDB Auth extension",
"version": "0.1.0-alpha.1",
"version": "0.1.0-beta.1",
"author": "EdgeDB <info@edgedb.com>",

@@ -6,0 +6,0 @@ "repository": {

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc