Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Socket
Sign inDemoInstall

@octokit/auth-app

Package Overview
Dependencies
Maintainers
4
Versions
97
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@octokit/auth-app - npm Package Compare versions

Comparing version 4.0.7 to 4.0.8

84

dist-node/index.js

@@ -53,7 +53,5 @@ 'use strict';

const result = await cache.get(cacheKey);
if (!result) {
return;
}
const [token, createdAt, expiresAt, repositorySelection, permissionsString, singleFileName] = result.split("|");

@@ -66,3 +64,2 @@ const permissions = options.permissions || permissionsString.split(/,/).reduce((permissions, string) => {

}
return permissions;

@@ -87,3 +84,2 @@ }, {});

}
function optionsToCacheKey({

@@ -132,7 +128,5 @@ installationId,

const installationId = Number(options.installationId || state.installationId);
if (!installationId) {
throw new Error("[@octokit/auth-app] installationId option is required for installation authentication.");
}
if (options.factory) {

@@ -144,16 +138,14 @@ const {

...factoryAuthOptions
} = { ...state,
} = {
...state,
...options
}; // @ts-expect-error if `options.factory` is set, the return type for `auth()` should be `Promise<ReturnType<options.factory>>`
};
// @ts-expect-error if `options.factory` is set, the return type for `auth()` should be `Promise<ReturnType<options.factory>>`
return factory(factoryAuthOptions);
}
const optionsWithInstallationTokenFromState = Object.assign({
installationId
}, options);
if (!options.refresh) {
const result = await get(state.cache, optionsWithInstallationTokenFromState);
if (result) {

@@ -183,3 +175,2 @@ const {

}
const appAuthentication = await getAppAuthentication(state);

@@ -209,6 +200,4 @@ const request = customRequest || state.request;

/* istanbul ignore next - permissions are optional per OpenAPI spec, but we think that is incorrect */
const permissions = permissionsOptional || {};
/* istanbul ignore next - repositorySelection are optional per OpenAPI spec, but we think that is incorrect */
const repositorySelection = repositorySelectionOptional || "all";

@@ -246,7 +235,6 @@ const repositoryIds = repositories ? repositories.map(r => r.id) : void 0;

// @ts-expect-error "oauth" is not supperted in types
case "oauth":
state.log.warn( // @ts-expect-error `log.warn()` expects string
state.log.warn(
// @ts-expect-error `log.warn()` expects string
new deprecation.Deprecation(`[@octokit/auth-app] {type: "oauth"} is deprecated. Use {type: "oauth-app"} instead`));
case "oauth-app":

@@ -256,12 +244,10 @@ return state.oauthApp({

});
case "installation":
return getInstallationAuthentication(state, { ...authOptions,
return getInstallationAuthentication(state, {
...authOptions,
type: "installation"
});
case "oauth-user":
// @ts-expect-error TODO: infer correct auth options type based on type. authOptions should be typed as "WebFlowAuthOptions | OAuthAppDeviceFlowAuthOptions | GitHubAppDeviceFlowAuthOptions"
return state.oauthApp(authOptions);
default:

@@ -273,8 +259,7 @@ // @ts-expect-error type is "never" at this point

const PATHS = ["/app", "/app/hook/config", "/app/hook/deliveries", "/app/hook/deliveries/{delivery_id}", "/app/hook/deliveries/{delivery_id}/attempts", "/app/installations", "/app/installations/{installation_id}", "/app/installations/{installation_id}/access_tokens", "/app/installations/{installation_id}/suspended", "/marketplace_listing/accounts/{account_id}", "/marketplace_listing/plan", "/marketplace_listing/plans", "/marketplace_listing/plans/{plan_id}/accounts", "/marketplace_listing/stubbed/accounts/{account_id}", "/marketplace_listing/stubbed/plan", "/marketplace_listing/stubbed/plans", "/marketplace_listing/stubbed/plans/{plan_id}/accounts", "/orgs/{org}/installation", "/repos/{owner}/{repo}/installation", "/users/{username}/installation"]; // CREDIT: Simon Grondin (https://github.com/SGrondin)
const PATHS = ["/app", "/app/hook/config", "/app/hook/deliveries", "/app/hook/deliveries/{delivery_id}", "/app/hook/deliveries/{delivery_id}/attempts", "/app/installations", "/app/installations/{installation_id}", "/app/installations/{installation_id}/access_tokens", "/app/installations/{installation_id}/suspended", "/marketplace_listing/accounts/{account_id}", "/marketplace_listing/plan", "/marketplace_listing/plans", "/marketplace_listing/plans/{plan_id}/accounts", "/marketplace_listing/stubbed/accounts/{account_id}", "/marketplace_listing/stubbed/plan", "/marketplace_listing/stubbed/plans", "/marketplace_listing/stubbed/plans/{plan_id}/accounts", "/orgs/{org}/installation", "/repos/{owner}/{repo}/installation", "/users/{username}/installation"];
// CREDIT: Simon Grondin (https://github.com/SGrondin)
// https://github.com/octokit/plugin-throttling.js/blob/45c5d7f13b8af448a9dbca468d9c9150a73b3948/lib/route-matcher.js
function routeMatcher(paths) {
// EXAMPLE. For the following paths:
/* [

@@ -284,4 +269,4 @@ "/orgs/{org}/invitations",

] */
const regexes = paths.map(p => p.split("/").map(c => c.startsWith("{") ? "(?:.+?)" : c).join("/")); // 'regexes' would contain:
const regexes = paths.map(p => p.split("/").map(c => c.startsWith("{") ? "(?:.+?)" : c).join("/"));
// 'regexes' would contain:
/* [

@@ -291,5 +276,4 @@ '/orgs/(?:.+?)/invitations',

] */
const regex = `^(?:${regexes.map(r => `(?:${r})`).join("|")})[^/]*$`; // 'regex' would contain:
const regex = `^(?:${regexes.map(r => `(?:${r})`).join("|")})[^/]*$`;
// 'regex' would contain:
/*

@@ -300,6 +284,4 @@ ^(?:(?:\/orgs\/(?:.+?)\/invitations)|(?:\/repos\/(?:.+?)\/(?:.+?)\/collaborators\/(?:.+?)))[^\/]*$

*/
return new RegExp(regex, "i");
}
const REGEX = routeMatcher(PATHS);

@@ -311,15 +293,12 @@ function requiresAppAuth(url) {

const FIVE_SECONDS_IN_MS = 5 * 1000;
function isNotTimeSkewError(error) {
return !(error.message.match(/'Expiration time' claim \('exp'\) must be a numeric value representing the future time at which the assertion expires/) || error.message.match(/'Issued at' claim \('iat'\) must be an Integer representing the time that the assertion was issued/));
}
async function hook(state, request, route, parameters) {
const endpoint = request.endpoint.merge(route, parameters);
const url = endpoint.url; // Do not intercept request to retrieve a new token
const url = endpoint.url;
// Do not intercept request to retrieve a new token
if (/\/login\/oauth\/access_token$/.test(url)) {
return request(endpoint);
}
if (requiresAppAuth(url.replace(request.endpoint.DEFAULTS.baseUrl, ""))) {

@@ -331,3 +310,2 @@ const {

let response;
try {

@@ -340,10 +318,8 @@ response = await request(endpoint);

throw error;
} // If the date header is missing, we can't correct the system time skew.
}
// If the date header is missing, we can't correct the system time skew.
// Throw the error to be handled upstream.
if (typeof error.response.headers.date === "undefined") {
throw error;
}
const diff = Math.floor((Date.parse(error.response.headers.date) - Date.parse(new Date().toString())) / 1000);

@@ -354,3 +330,4 @@ state.log.warn(error.message);

token
} = await getAppAuthentication({ ...state,
} = await getAppAuthentication({
...state,
timeDifference: diff

@@ -361,6 +338,4 @@ });

}
return response;
}
if (authOauthUser.requiresBasicAuth(url)) {

@@ -373,7 +348,7 @@ const authentication = await state.oauthApp({

}
const {
token,
createdAt
} = await getInstallationAuthentication(state, // @ts-expect-error TBD
} = await getInstallationAuthentication(state,
// @ts-expect-error TBD
{}, request);

@@ -390,6 +365,4 @@ endpoint.headers.authorization = `token ${token}`;

*/
async function sendRequestWithRetries(state, request, options, createdAt, retries = 0) {
const timeSinceTokenCreationInMs = +new Date() - +new Date(createdAt);
try {

@@ -401,3 +374,2 @@ return await request(options);

}
if (timeSinceTokenCreationInMs >= FIVE_SECONDS_IN_MS) {

@@ -407,6 +379,4 @@ if (retries > 0) {

}
throw error;
}
++retries;

@@ -420,3 +390,3 @@ const awaitTime = retries * 1000;

const VERSION = "4.0.7";
const VERSION = "4.0.8";

@@ -427,15 +397,11 @@ function createAppAuth(options) {

}
if (!Number.isFinite(+options.appId)) {
throw new Error("[@octokit/auth-app] appId option must be a number or numeric string");
}
if (!options.privateKey) {
throw new Error("[@octokit/auth-app] privateKey option is required");
}
if ("installationId" in options && !options.installationId) {
throw new Error("[@octokit/auth-app] installationId is set to a falsy value");
}
const log = Object.assign({

@@ -462,4 +428,4 @@ warn: console.warn.bind(console)

})
}); // @ts-expect-error not worth the extra code to appease TS
});
// @ts-expect-error not worth the extra code to appease TS
return Object.assign(auth.bind(null, state), {

@@ -466,0 +432,0 @@ hook: hook.bind(null, state)

2

dist-src/version.js

@@ -1,1 +0,1 @@

export const VERSION = "4.0.7";
export const VERSION = "4.0.8";

74

dist-types/types.d.ts
import * as OctokitTypes from "@octokit/types";
import LRUCache from "lru-cache";
import * as OAuthAppAuth from "@octokit/auth-oauth-app";
declare type OAuthStrategyOptions = {
type OAuthStrategyOptions = {
clientId?: string;
clientSecret?: string;
};
declare type CommonStrategyOptions = {
type CommonStrategyOptions = {
appId: number | string;

@@ -19,4 +19,4 @@ privateKey: string;

};
export declare type StrategyOptions = OAuthStrategyOptions & CommonStrategyOptions & Record<string, unknown>;
export declare type AppAuthOptions = {
export type StrategyOptions = OAuthStrategyOptions & CommonStrategyOptions & Record<string, unknown>;
export type AppAuthOptions = {
type: "app";

@@ -30,3 +30,3 @@ };

**/
export declare type InstallationAuthOptions = {
export type InstallationAuthOptions = {
type: "installation";

@@ -41,3 +41,3 @@ installationId?: number | string;

};
export declare type InstallationAuthOptionsWithFactory<T> = {
export type InstallationAuthOptionsWithFactory<T> = {
type: "installation";

@@ -52,7 +52,7 @@ installationId?: number | string;

};
export declare type OAuthAppAuthOptions = OAuthAppAuth.AppAuthOptions;
export declare type OAuthWebFlowAuthOptions = OAuthAppAuth.WebFlowAuthOptions;
export declare type OAuthDeviceFlowAuthOptions = OAuthAppAuth.GitHubAppDeviceFlowAuthOptions;
export declare type Authentication = AppAuthentication | OAuthAppAuthentication | InstallationAccessTokenAuthentication | GitHubAppUserAuthentication | GitHubAppUserAuthenticationWithExpiration;
export declare type FactoryInstallationOptions = StrategyOptions & Omit<InstallationAuthOptions, "type">;
export type OAuthAppAuthOptions = OAuthAppAuth.AppAuthOptions;
export type OAuthWebFlowAuthOptions = OAuthAppAuth.WebFlowAuthOptions;
export type OAuthDeviceFlowAuthOptions = OAuthAppAuth.GitHubAppDeviceFlowAuthOptions;
export type Authentication = AppAuthentication | OAuthAppAuthentication | InstallationAccessTokenAuthentication | GitHubAppUserAuthentication | GitHubAppUserAuthenticationWithExpiration;
export type FactoryInstallationOptions = StrategyOptions & Omit<InstallationAuthOptions, "type">;
export interface FactoryInstallation<T> {

@@ -76,21 +76,21 @@ (options: FactoryInstallationOptions): T;

}
export declare type AnyResponse = OctokitTypes.OctokitResponse<any>;
export declare type EndpointDefaults = OctokitTypes.EndpointDefaults;
export declare type EndpointOptions = OctokitTypes.EndpointOptions;
export declare type RequestParameters = OctokitTypes.RequestParameters;
export declare type Route = OctokitTypes.Route;
export declare type RequestInterface = OctokitTypes.RequestInterface;
export declare type Cache = LRUCache<string, string> | {
export type AnyResponse = OctokitTypes.OctokitResponse<any>;
export type EndpointDefaults = OctokitTypes.EndpointDefaults;
export type EndpointOptions = OctokitTypes.EndpointOptions;
export type RequestParameters = OctokitTypes.RequestParameters;
export type Route = OctokitTypes.Route;
export type RequestInterface = OctokitTypes.RequestInterface;
export type Cache = LRUCache<string, string> | {
get: (key: string) => string;
set: (key: string, value: string) => any;
};
export declare type APP_TYPE = "app";
export declare type TOKEN_TYPE = "token";
export declare type INSTALLATION_TOKEN_TYPE = "installation";
export declare type OAUTH_TOKEN_TYPE = "oauth";
export declare type REPOSITORY_SELECTION = "all" | "selected";
export declare type JWT = string;
export declare type ACCESS_TOKEN = string;
export declare type UTC_TIMESTAMP = string;
export declare type AppAuthentication = {
export type APP_TYPE = "app";
export type TOKEN_TYPE = "token";
export type INSTALLATION_TOKEN_TYPE = "installation";
export type OAUTH_TOKEN_TYPE = "oauth";
export type REPOSITORY_SELECTION = "all" | "selected";
export type JWT = string;
export type ACCESS_TOKEN = string;
export type UTC_TIMESTAMP = string;
export type AppAuthentication = {
type: APP_TYPE;

@@ -101,3 +101,3 @@ token: JWT;

};
export declare type InstallationAccessTokenData = {
export type InstallationAccessTokenData = {
token: ACCESS_TOKEN;

@@ -112,4 +112,4 @@ createdAt: UTC_TIMESTAMP;

};
export declare type CacheData = InstallationAccessTokenData;
export declare type InstallationAccessTokenAuthentication = InstallationAccessTokenData & {
export type CacheData = InstallationAccessTokenData;
export type InstallationAccessTokenAuthentication = InstallationAccessTokenData & {
type: TOKEN_TYPE;

@@ -119,11 +119,11 @@ tokenType: INSTALLATION_TOKEN_TYPE;

};
export declare type OAuthAppAuthentication = OAuthAppAuth.AppAuthentication;
export declare type GitHubAppUserAuthentication = OAuthAppAuth.GitHubAppUserAuthentication;
export declare type GitHubAppUserAuthenticationWithExpiration = OAuthAppAuth.GitHubAppUserAuthenticationWithExpiration;
export declare type FactoryOptions = Required<Omit<StrategyOptions, keyof State>> & State;
export declare type Permissions = Record<string, string>;
export declare type WithInstallationId = {
export type OAuthAppAuthentication = OAuthAppAuth.AppAuthentication;
export type GitHubAppUserAuthentication = OAuthAppAuth.GitHubAppUserAuthentication;
export type GitHubAppUserAuthenticationWithExpiration = OAuthAppAuth.GitHubAppUserAuthenticationWithExpiration;
export type FactoryOptions = Required<Omit<StrategyOptions, keyof State>> & State;
export type Permissions = Record<string, string>;
export type WithInstallationId = {
installationId: number;
};
export declare type State = Required<Omit<CommonStrategyOptions, "installationId">> & {
export type State = Required<Omit<CommonStrategyOptions, "installationId">> & {
installationId?: number;

@@ -130,0 +130,0 @@ } & OAuthStrategyOptions & {

2

dist-types/version.d.ts

@@ -1,1 +0,1 @@

export declare const VERSION = "4.0.7";
export declare const VERSION = "4.0.8";

2

dist-web/index.js

@@ -361,3 +361,3 @@ import { getUserAgent } from 'universal-user-agent';

const VERSION = "4.0.7";
const VERSION = "4.0.8";

@@ -364,0 +364,0 @@ function createAppAuth(options) {

6

package.json
{
"name": "@octokit/auth-app",
"description": "GitHub App authentication for JavaScript",
"version": "4.0.7",
"version": "4.0.8",
"license": "MIT",

@@ -32,3 +32,3 @@ "files": [

"lru-cache": "^6.0.0",
"universal-github-app-jwt": "^1.0.1",
"universal-github-app-jwt": "^1.1.1",
"universal-user-agent": "^6.0.0"

@@ -47,3 +47,3 @@ },

"jest": "^29.0.0",
"prettier": "2.7.1",
"prettier": "2.8.1",
"semantic-release-plugin-update-version-in-files": "^1.0.0",

@@ -50,0 +50,0 @@ "ts-jest": "^29.0.0",

dist-node/index.js.map

Sorry, the diff of this file is not supported yet

dist-web/index.js.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc