New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

fastify-openid-auth

Package Overview
Dependencies
Maintainers
1
Versions
17
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

fastify-openid-auth - npm Package Compare versions

Comparing version 7.0.0 to 8.0.0

dist/fastify-openid-auth-8.0.0.tgz

14

dist/index.d.ts

@@ -1,7 +0,7 @@

export * from './login';
export * from './logout';
export * from './plugin';
export { default } from './plugin';
export * from './refresh';
export * from './types';
export * from './verify';
export * from './login.js';
export * from './logout.js';
export * from './plugin.js';
export { default } from './plugin.js';
export * from './refresh.js';
export * from './types.js';
export * from './verify.js';

35

dist/index.js

@@ -1,29 +0,8 @@

"use strict";
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __exportStar = (this && this.__exportStar) || function(m, exports) {
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
};
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.default = void 0;
__exportStar(require("./login"), exports);
__exportStar(require("./logout"), exports);
__exportStar(require("./plugin"), exports);
var plugin_1 = require("./plugin");
Object.defineProperty(exports, "default", { enumerable: true, get: function () { return __importDefault(plugin_1).default; } });
__exportStar(require("./refresh"), exports);
__exportStar(require("./types"), exports);
__exportStar(require("./verify"), exports);
export * from './login.js';
export * from './logout.js';
export * from './plugin.js';
export { default } from './plugin.js';
export * from './refresh.js';
export * from './types.js';
export * from './verify.js';
//# sourceMappingURL=index.js.map

11

dist/login.d.ts

@@ -0,5 +1,6 @@

import createError from '@fastify/error';
import { type RouteHandlerMethod } from 'fastify';
import { type AuthorizationParameters, type CallbackExtras, type Client } from 'openid-client';
import { type OpenIDWriteTokens } from './types';
import { type OpenIDVerifyOptions } from './verify';
import { type OpenIDWriteTokens } from './types.js';
import { type OpenIDVerifyOptions } from './verify.js';
declare module 'fastify' {

@@ -24,11 +25,11 @@ interface FastifyRequest {

export type OpenIDLoginHandlerFactory = (client: Client, options?: OpenIDLoginHandlerOptions) => RouteHandlerMethod;
export declare const SessionKeyError: import("@fastify/error").FastifyErrorConstructor<{
export declare const SessionKeyError: createError.FastifyErrorConstructor<{
code: "FST_SESSION_KEY";
statusCode: 500;
}, [any?, any?, any?]>;
export declare const SessionValueError: import("@fastify/error").FastifyErrorConstructor<{
export declare const SessionValueError: createError.FastifyErrorConstructor<{
code: "FST_SESSION_VALUE";
statusCode: 500;
}, [any?, any?, any?]>;
export declare const SupportedMethodError: import("@fastify/error").FastifyErrorConstructor<{
export declare const SupportedMethodError: createError.FastifyErrorConstructor<{
code: "FST_SUPPORTED_METHOD";

@@ -35,0 +36,0 @@ statusCode: 500;

37

dist/login.js

@@ -1,14 +0,8 @@

"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.openIDLoginHandlerFactory = exports.SupportedMethodError = exports.SessionValueError = exports.SessionKeyError = void 0;
/* eslint-disable @typescript-eslint/naming-convention */
const error_1 = __importDefault(require("@fastify/error"));
const openid_client_1 = require("openid-client");
const verify_1 = require("./verify");
exports.SessionKeyError = (0, error_1.default)('FST_SESSION_KEY', 'client must have an issuer with an identifier', 500);
exports.SessionValueError = (0, error_1.default)('FST_SESSION_VALUE', 'did not find expected authorization request details in req.session["%s"]', 500);
exports.SupportedMethodError = (0, error_1.default)('FST_SUPPORTED_METHOD', 'neither code_challenge_method supported by the client is supported by the issuer', 500);
import createError from '@fastify/error';
import { generators } from 'openid-client';
import { openIDJWTVerify } from './verify.js';
export const SessionKeyError = createError('FST_SESSION_KEY', 'client must have an issuer with an identifier', 500);
export const SessionValueError = createError('FST_SESSION_VALUE', 'did not find expected authorization request details in req.session["%s"]', 500);
export const SupportedMethodError = createError('FST_SUPPORTED_METHOD', 'neither code_challenge_method supported by the client is supported by the issuer', 500);
const resolveResponseType = (client) => {

@@ -39,3 +33,3 @@ const { length, 0: value } = client.metadata.response_types ?? [];

else {
throw new exports.SupportedMethodError();
throw new SupportedMethodError();
}

@@ -45,7 +39,7 @@ };

if (issuer.metadata.issuer === undefined) {
throw new exports.SessionKeyError();
throw new SessionKeyError();
}
return `oidc:${new URL(issuer.metadata.issuer).hostname}`;
};
const openIDLoginHandlerFactory = (client, options) => {
export const openIDLoginHandlerFactory = (client, options) => {
const redirect_uri = options?.parameters?.redirect_uri !== undefined

@@ -72,3 +66,3 @@ ? options.parameters.redirect_uri

scope: 'openid',
state: openid_client_1.generators.random(),
state: generators.random(),
redirect_uri,

@@ -80,11 +74,11 @@ response_type,

parameters.response_type === 'code') {
parameters.nonce = openid_client_1.generators.random();
parameters.nonce = generators.random();
}
const callbackChecks = (({ nonce, state, max_age, response_type }) => ({ nonce, state, max_age, response_type }))(parameters);
if (usePKCE !== false && parameters.response_type === 'code') {
const verifier = openid_client_1.generators.random();
const verifier = generators.random();
callbackChecks.code_verifier = verifier;
switch (usePKCE) {
case 'S256':
parameters.code_challenge = openid_client_1.generators.codeChallenge(verifier);
parameters.code_challenge = generators.codeChallenge(verifier);
parameters.code_challenge_method = 'S256';

@@ -106,3 +100,3 @@ break;

Object.keys(callbackChecks).length === 0) {
throw new exports.SessionValueError(sessionKey);
throw new SessionValueError(sessionKey);
}

@@ -112,3 +106,3 @@ request.session.set(sessionKey, undefined);

const verified = verify !== undefined
? await (0, verify_1.openIDJWTVerify)(tokenset, verify)
? await openIDJWTVerify(tokenset, verify)
: undefined;

@@ -120,3 +114,2 @@ request.log.trace('OpenID login callback');

};
exports.openIDLoginHandlerFactory = openIDLoginHandlerFactory;
//# sourceMappingURL=login.js.map

4

dist/logout.d.ts
import { type RouteHandlerMethod } from 'fastify';
import { type Client, type EndSessionParameters } from 'openid-client';
import { type OpenIDReadTokens, type OpenIDWriteTokens } from './types';
import { type OpenIDVerifyOptions } from './verify';
import { type OpenIDReadTokens, type OpenIDWriteTokens } from './types.js';
import { type OpenIDVerifyOptions } from './verify.js';
export interface OpenIDLogoutHandlerOptions {

@@ -6,0 +6,0 @@ parameters?: EndSessionParameters;

10

dist/logout.js

@@ -1,6 +0,3 @@

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.openIDLogoutHandlerFactory = void 0;
const verify_1 = require("./verify");
const openIDLogoutHandlerFactory = (client, { parameters, verify, read, write }) => async function openIDLogoutHandler(request, reply) {
import { openIDJWTVerify } from './verify.js';
export const openIDLogoutHandlerFactory = (client, { parameters, verify, read, write }) => async function openIDLogoutHandler(request, reply) {
const tokenset = await read.call(this, request, reply);

@@ -23,3 +20,3 @@ // #region authentication request

const verified = verify !== undefined
? await (0, verify_1.openIDJWTVerify)(tokenset, verify)
? await openIDJWTVerify(tokenset, verify)
: undefined;

@@ -30,3 +27,2 @@ request.log.trace('OpenID logout callback');

};
exports.openIDLogoutHandlerFactory = openIDLogoutHandlerFactory;
//# sourceMappingURL=logout.js.map

8

dist/plugin.d.ts
import { type FastifyPluginAsync, type RouteHandlerMethod } from 'fastify';
import { type Client } from 'openid-client';
import { type OpenIDLoginHandlerOptions } from './login';
import { type OpenIDLogoutHandlerOptions } from './logout';
import { type OpenIDRefreshHandlerOptions } from './refresh';
import { type OpenIDVerifyHandlerOptions } from './verify';
import { type OpenIDLoginHandlerOptions } from './login.js';
import { type OpenIDLogoutHandlerOptions } from './logout.js';
import { type OpenIDRefreshHandlerOptions } from './refresh.js';
import { type OpenIDVerifyHandlerOptions } from './verify.js';
export interface FastifyOpenIDAuthPluginOptions {

@@ -8,0 +8,0 @@ decorator: string | symbol;

28

dist/plugin.js

@@ -1,19 +0,13 @@

"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.openIDAuthPlugin = void 0;
const fastify_plugin_1 = __importDefault(require("fastify-plugin"));
const login_1 = require("./login");
const logout_1 = require("./logout");
const refresh_1 = require("./refresh");
const verify_1 = require("./verify");
exports.openIDAuthPlugin = (0, fastify_plugin_1.default)(async (fastify, options) => {
import fp from 'fastify-plugin';
import { openIDLoginHandlerFactory } from './login.js';
import { openIDLogoutHandlerFactory } from './logout.js';
import { openIDRefreshHandlerFactory } from './refresh.js';
import { openIDVerifyHandlerFactory } from './verify.js';
export const openIDAuthPlugin = fp(async (fastify, options) => {
const { decorator, client, login, refresh, verify, logout } = options;
const openIDAuthHandlers = {
login: (0, login_1.openIDLoginHandlerFactory)(client, login),
refresh: (0, refresh_1.openIDRefreshHandlerFactory)(client, refresh),
verify: (0, verify_1.openIDVerifyHandlerFactory)(verify),
logout: (0, logout_1.openIDLogoutHandlerFactory)(client, logout)
login: openIDLoginHandlerFactory(client, login),
refresh: openIDRefreshHandlerFactory(client, refresh),
verify: openIDVerifyHandlerFactory(verify),
logout: openIDLogoutHandlerFactory(client, logout)
};

@@ -29,3 +23,3 @@ fastify.log.trace(`decorating \`fastify[${String(decorator)}]\` with OpenIDAuthHandlers`);

});
exports.default = exports.openIDAuthPlugin;
export default openIDAuthPlugin;
//# sourceMappingURL=plugin.js.map

4

dist/refresh.d.ts
import { type RouteHandlerMethod } from 'fastify';
import { type Client, type RefreshExtras } from 'openid-client';
import { type OpenIDReadTokens, type OpenIDWriteTokens } from './types';
import { type OpenIDVerifyOptions } from './verify';
import { type OpenIDReadTokens, type OpenIDWriteTokens } from './types.js';
import { type OpenIDVerifyOptions } from './verify.js';
export interface OpenIDRefreshHandlerOptions {

@@ -6,0 +6,0 @@ extras?: RefreshExtras;

14

dist/refresh.js

@@ -1,8 +0,5 @@

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.openIDRefreshHandlerFactory = void 0;
const openid_client_1 = require("openid-client");
const verify_1 = require("./verify");
const openIDRefreshHandlerFactory = (client, { extras, verify, read, write }) => async function openIDRefreshHandler(request, reply) {
const oldTokenset = new openid_client_1.TokenSet(await read.call(this, request, reply));
import { TokenSet } from 'openid-client';
import { openIDJWTVerify } from './verify.js';
export const openIDRefreshHandlerFactory = (client, { extras, verify, read, write }) => async function openIDRefreshHandler(request, reply) {
const oldTokenset = new TokenSet(await read.call(this, request, reply));
if (oldTokenset.expired()) {

@@ -14,3 +11,3 @@ request.log.trace(`OpenID token expired ${oldTokenset.expires_at !== undefined

const verified = verify !== undefined
? await (0, verify_1.openIDJWTVerify)(newTokenset, verify)
? await openIDJWTVerify(newTokenset, verify)
: undefined;

@@ -21,3 +18,2 @@ request.log.trace('OpenID tokens refreshed');

};
exports.openIDRefreshHandlerFactory = openIDRefreshHandlerFactory;
//# sourceMappingURL=refresh.js.map

3

dist/types.js

@@ -1,3 +0,2 @@

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
export {};
//# sourceMappingURL=types.js.map

2

dist/verify.d.ts
import { type RouteHandlerMethod } from 'fastify';
import { type JWTVerifyGetKey, type JWTVerifyOptions, type KeyLike } from 'jose';
import { type TokenSetParameters } from 'openid-client';
import { type OpenIDJWTVerified, type OpenIDReadTokens, type OpenIDTokens, type OpenIDWriteTokens } from './types';
import { type OpenIDJWTVerified, type OpenIDReadTokens, type OpenIDTokens, type OpenIDWriteTokens } from './types.js';
export interface OpenIDVerifyOptions {

@@ -6,0 +6,0 @@ options?: JWTVerifyOptions;

17

dist/verify.js

@@ -1,6 +0,3 @@

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.openIDVerifyHandlerFactory = exports.openIDJWTVerify = void 0;
const jose_1 = require("jose");
const openIDJWTVerify = async (tokenset, { key, options, tokens }) => {
import { jwtVerify } from 'jose';
export const openIDJWTVerify = async (tokenset, { key, options, tokens }) => {
const verified = {};

@@ -11,4 +8,4 @@ for (const token of tokens) {

const result = key instanceof Function
? await (0, jose_1.jwtVerify)(jwt, key, options)
: await (0, jose_1.jwtVerify)(jwt, key, options);
? await jwtVerify(jwt, key, options)
: await jwtVerify(jwt, key, options);
verified[token] = result;

@@ -19,10 +16,8 @@ }

};
exports.openIDJWTVerify = openIDJWTVerify;
const openIDVerifyHandlerFactory = ({ read, write, ...verify }) => async function openIDVerifyHandler(request, reply) {
export const openIDVerifyHandlerFactory = ({ read, write, ...verify }) => async function openIDVerifyHandler(request, reply) {
const tokenset = await read.call(this, request, reply);
const verified = await (0, exports.openIDJWTVerify)(tokenset, verify);
const verified = await openIDJWTVerify(tokenset, verify);
request.log.trace('OpenID tokens verified');
return await write?.call(this, request, reply, tokenset, verified);
};
exports.openIDVerifyHandlerFactory = openIDVerifyHandlerFactory;
//# sourceMappingURL=verify.js.map

20

package.json
{
"name": "fastify-openid-auth",
"version": "7.0.0",
"version": "8.0.0",
"description": "Fastify auth plugin for openid-client",
"main": "dist/index.js",
"types": "dist/index.d.ts",
"type": "module",
"module": "./dist/index.js",
"types": "./dist/index.d.ts",
"exports": {
".": "./dist/index.js",
"./login": "./dist/login.js",
"./logout": "./dist/logout.js",
"./plugin": "./dist/plugin.js",
"./refresh": "./dist/refresh.js",
"./verify": "./dist/verify.js"
},
"scripts": {

@@ -18,2 +27,5 @@ "test": "echo \"Error: no test specified\" && exit 1",

},
"files": [
"dist/"
],
"keywords": [

@@ -40,2 +52,3 @@ "fastify",

"eslint-config-standard-with-typescript": "^36",
"fastify": "^4",
"semantic-release": "^21",

@@ -46,3 +59,2 @@ "shx": "^0",

"dependencies": {
"fastify": "^4",
"@fastify/error": "^3",

@@ -49,0 +61,0 @@ "fastify-plugin": "^4",

.eslintrc.json
.github/workflows/release.yml
.releaserc.json
CHANGELOG.md
dist/fastify-openid-auth-7.0.0.tgz
src/index.ts
src/login.ts
src/logout.ts
src/plugin.ts
src/refresh.ts
src/types.ts
src/verify.ts
tsconfig.json
dist/index.js.map

Sorry, the diff of this file is not supported yet

dist/login.js.map

Sorry, the diff of this file is not supported yet

dist/logout.js.map

Sorry, the diff of this file is not supported yet

dist/plugin.js.map

Sorry, the diff of this file is not supported yet

dist/refresh.js.map

Sorry, the diff of this file is not supported yet

dist/verify.js.map

Sorry, the diff of this file is not supported yet

LICENSE

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc