Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

fetch-mw-oauth2

Package Overview
Dependencies
Maintainers
1
Versions
36
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

fetch-mw-oauth2 - npm Package Compare versions

Comparing version 2.0.0 to 2.0.1

2

browser/fetch-mw-oauth2.min.js

@@ -1,2 +0,2 @@

!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.fetchMwOAuth2=t():e.fetchMwOAuth2=t()}(self,(()=>(()=>{"use strict";var e={934:(e,t,r)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.OAuth2Client=void 0;const n=r(443),s=r(618);function i(e,t){return new URL(e,t).toString()}t.OAuth2Client=class{constructor(e){this.discoveryDone=!1,this.serverMetadata=null,this.settings=e}async refreshToken(e){if(!e.refreshToken)throw new Error("This token didn't have a refreshToken. It's not possible to refresh this");const t={grant_type:"refresh_token",refresh_token:e.refreshToken};return this.settings.clientSecret||(t.client_id=this.settings.clientId),this.request("tokenEndpoint",t)}async clientCredentials(e){var t;const r={grant_type:"client_credentials",scope:null===(t=null==e?void 0:e.scope)||void 0===t?void 0:t.join(" ")};if(!this.settings.clientSecret)throw new Error("A clientSecret must be provied to use client_credentials");return this.request("tokenEndpoint",r)}async password(e){var t;const r={grant_type:"password",...e,scope:null===(t=e.scope)||void 0===t?void 0:t.join(" ")};if(!this.settings.clientSecret)throw new Error("A clientSecret must be provied to use client_credentials");return this.request("tokenEndpoint",r)}async authorizationCode(e){return new s.AuthorizationCodeClient(this,e.redirectUri,e.state)}async introspect(e){const t={token:e.accessToken,token_type_hint:"access_token"};return this.request("introspectionEndpoint",t)}async getEndpoint(e){if(void 0!==this.settings[e])return i(this.settings[e],this.settings.server);if("discoveryEndpoint"!==e&&(await this.discover(),void 0!==this.settings[e]))return i(this.settings[e],this.settings.server);if(!this.settings.server)throw new Error(`Could not determine the location of ${e}. Either specify ${e} in the settings, or the "server" endpoint to let the client discover it.`);switch(e){case"authorizationEndpoint":return i("/authorize",this.settings.server);case"tokenEndpoint":return i("/token",this.settings.server);case"discoveryEndpoint":return i("/.well-known/oauth-authorization-server",this.settings.server);case"introspectionEndpoint":return i("/introspect",this.settings.server)}}async discover(){if(this.discoveryDone)return;let e;this.discoveryDone=!0;try{e=await this.getEndpoint("discoveryEndpoint")}catch(e){return void console.warn('[oauth2] OAuth2 discovery endpoint could not be determined. Either specify the "server" or "discoveryEndpoint')}const t=await fetch(e,{headers:{Accept:"application/json"}});if(!t.ok)return;if(!t.headers.has("Content-Type")||t.headers.get("Content-Type").startsWith("application/json"))return void console.warn("[oauth2] OAuth2 discovery endpoint was not a JSON response. Response is ignored");this.serverMetadata=await t.json();const r=[["authorization_endpoint","authorizationEndpoint"],["token_endpoint","tokenEndpoint"],["introspection_endpoint","introspectionEndpoint"]];if(null!==this.serverMetadata)for(const[t,n]of r)this.serverMetadata[t]&&(this.settings[n]=i(this.serverMetadata[t],e))}async request(e,t){var r;const s=await this.getEndpoint(e),i={};if("authorization_code"!==t.grant_type&&this.settings.clientSecret){const e=btoa(this.settings.clientId+":"+this.settings.clientSecret);i.Authorization="Basic "+e}const o=await fetch(s,{method:" POST",body:new URLSearchParams(t),headers:i});if(o.ok){const e=await o.json();return{accessToken:e.access_token,expiresAt:e.expires_in?Date.now()+1e3*e.expires_in:null,refreshToken:null!==(r=e.refresh_token)&&void 0!==r?r:null}}let a,h,c;throw o.headers.has("Content-Type")&&o.headers.get("Content-Type").startsWith("application/json")&&(a=await o.json()),(null==a?void 0:a.error)?(h="OAuth2 error "+a.error+".",a.error_description&&(h+=" "+a.error_description),c=a.error):(h="HTTP Error "+o.status+" "+o.statusText,401===o.status&&this.settings.clientSecret&&(h+=". It's likely that the clientId and/or clientSecret was incorrect"),c=null),new n.OAuth2Error(h,c,o.status)}}},618:(e,t,r)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.AuthorizationCodeClient=void 0;const n=r(443);t.AuthorizationCodeClient=class{constructor(e,t,r){this.client=e,this.redirectUri=t,this.state=r}async getAuthorizeUri(){const e={response_type:"code",client_id:this.client.settings.clientId,redirect_uri:this.redirectUri};this.state&&(e.state=this.state);const t=new URLSearchParams(e);return await this.client.getEndpoint("authorizationEndpoint")+"?"+t.toString()}async validateResponse(e){var t;const r=new URL(e).searchParams;if(r.has("error"))throw new n.OAuth2Error(null!==(t=r.get("error_description"))&&void 0!==t?t:"OAuth2 error",r.get("error"),0);if(!r.has("code"))throw new Error(`The url did not contain a code parameter ${e}`);if(!r.has("state"))throw new Error(`The url did not contain state parameter ${e}`);if(this.state!==r.get("state"))throw new Error(`The "state" parameter in the url did not match the expected value of ${this.state}`);return{code:r.get("code")}}async getToken(e){const t={grant_type:"authorization_code",code:e.code,redirect_uri:this.redirectUri,client_id:this.client.settings.clientId,code_verifier:e.codeVerifier};return this.client.request("tokenEndpoint",t)}}},443:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.OAuth2Error=void 0;class r extends Error{constructor(e,t,r){super(e),this.oauth2Code=t,this.httpCode=r}}t.OAuth2Error=r},13:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.OAuth2Fetch=void 0,t.OAuth2Fetch=class{constructor(e){this.token=null,this.activeRefresh=null,this.refreshTimer=null,this.options=e,e.getStoredToken&&(async()=>{this.token=await e.getStoredToken()})(),this.scheduleRefresh()}async fetch(e,t){const r=new Request(e,t);return this.fetchMw(r,(e=>fetch(e)))}async fetchMw(e,t){const r=await this.getAccessToken();let n=e.clone();n.headers.set("Authorization","Bearer "+r);let s=await t(n);if(!s.ok&&401===s.status){const r=await this.refreshToken();n=e.clone(),n.headers.set("Authorization","Bearer "+r.accessToken),s=await t(n)}return s}async getToken(){return this.token&&(null===this.token.expiresAt||this.token.expiresAt>Date.now())?this.token:this.refreshToken()}async getAccessToken(){return(await this.getToken()).accessToken}async refreshToken(){var e,t;if(this.activeRefresh)return this.activeRefresh;const r=this.token;this.activeRefresh=(async()=>{var e,t;let n=null;try{(null==r?void 0:r.refreshToken)&&(n=await this.options.client.refreshToken(r))}catch(e){console.warn("[oauth2] refresh token not accepted, we'll try reauthenticating")}if(n||(n=await this.options.getNewToken()),!n){const r=new Error("Unableto obtain OAuth2 tokens, a full reauth may be needed");throw null===(t=(e=this.options).onError)||void 0===t||t.call(e,r),r}return n})();try{const r=await this.activeRefresh;return this.token=r,null===(t=(e=this.options).storeToken)||void 0===t||t.call(e,r),this.scheduleRefresh(),r}catch(e){throw this.options.onError&&this.options.onError(e),e}finally{this.activeRefresh=null}}scheduleRefresh(){if(this.refreshTimer&&(clearTimeout(this.refreshTimer),this.refreshTimer=null),!this.token||!this.token.expiresAt||!this.token.refreshToken)return;const e=this.token.expiresAt-Date.now();e<12e4||(this.refreshTimer=setTimeout((async()=>{try{await this.refreshToken()}catch(e){console.error("[fetch-mw-oauth2] error while doing a background OAuth2 auto-refresh",e)}}),e-6e4))}}}},t={};function r(n){var s=t[n];if(void 0!==s)return s.exports;var i=t[n]={exports:{}};return e[n](i,i.exports,r),i.exports}var n={};return(()=>{var e=n;Object.defineProperty(e,"__esModule",{value:!0}),e.OAuth2Error=e.OAuth2Fetch=e.OAuth2Client=void 0;var t=r(934);Object.defineProperty(e,"OAuth2Client",{enumerable:!0,get:function(){return t.OAuth2Client}});var s=r(13);Object.defineProperty(e,"OAuth2Fetch",{enumerable:!0,get:function(){return s.OAuth2Fetch}});var i=r(443);Object.defineProperty(e,"OAuth2Error",{enumerable:!0,get:function(){return i.OAuth2Error}})})(),n})()));
!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.fetchMwOAuth2=t():e.fetchMwOAuth2=t()}(self,(()=>(()=>{"use strict";var e={934:(e,t,r)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.OAuth2Client=void 0;const n=r(443),s=r(618);function i(e,t){return new URL(e,t).toString()}t.OAuth2Client=class{constructor(e){this.discoveryDone=!1,this.serverMetadata=null,this.settings=e}async refreshToken(e){if(!e.refreshToken)throw new Error("This token didn't have a refreshToken. It's not possible to refresh this");const t={grant_type:"refresh_token",refresh_token:e.refreshToken};return this.settings.clientSecret||(t.client_id=this.settings.clientId),this.request("tokenEndpoint",t)}async clientCredentials(e){var t;const r={grant_type:"client_credentials",scope:null===(t=null==e?void 0:e.scope)||void 0===t?void 0:t.join(" ")};if(!this.settings.clientSecret)throw new Error("A clientSecret must be provied to use client_credentials");return this.request("tokenEndpoint",r)}async password(e){var t;const r={grant_type:"password",...e,scope:null===(t=e.scope)||void 0===t?void 0:t.join(" ")};if(!this.settings.clientSecret)throw new Error("A clientSecret must be provied to use client_credentials");return this.request("tokenEndpoint",r)}async authorizationCode(e){return new s.AuthorizationCodeClient(this,e.redirectUri,e.state)}async introspect(e){const t={token:e.accessToken,token_type_hint:"access_token"};return this.request("introspectionEndpoint",t)}async getEndpoint(e){if(void 0!==this.settings[e])return i(this.settings[e],this.settings.server);if("discoveryEndpoint"!==e&&(await this.discover(),void 0!==this.settings[e]))return i(this.settings[e],this.settings.server);if(!this.settings.server)throw new Error(`Could not determine the location of ${e}. Either specify ${e} in the settings, or the "server" endpoint to let the client discover it.`);switch(e){case"authorizationEndpoint":return i("/authorize",this.settings.server);case"tokenEndpoint":return i("/token",this.settings.server);case"discoveryEndpoint":return i("/.well-known/oauth-authorization-server",this.settings.server);case"introspectionEndpoint":return i("/introspect",this.settings.server)}}async discover(){if(this.discoveryDone)return;let e;this.discoveryDone=!0;try{e=await this.getEndpoint("discoveryEndpoint")}catch(e){return void console.warn('[oauth2] OAuth2 discovery endpoint could not be determined. Either specify the "server" or "discoveryEndpoint')}const t=await fetch(e,{headers:{Accept:"application/json"}});if(!t.ok)return;if(!t.headers.has("Content-Type")||t.headers.get("Content-Type").startsWith("application/json"))return void console.warn("[oauth2] OAuth2 discovery endpoint was not a JSON response. Response is ignored");this.serverMetadata=await t.json();const r=[["authorization_endpoint","authorizationEndpoint"],["token_endpoint","tokenEndpoint"],["introspection_endpoint","introspectionEndpoint"]];if(null!==this.serverMetadata)for(const[t,n]of r)this.serverMetadata[t]&&(this.settings[n]=i(this.serverMetadata[t],e))}async request(e,t){var r;const s=await this.getEndpoint(e),i={};if("authorization_code"!==t.grant_type&&this.settings.clientSecret){const e=btoa(this.settings.clientId+":"+this.settings.clientSecret);i.Authorization="Basic "+e}const o=await fetch(s,{method:"POST",body:new URLSearchParams(t),headers:i});if(o.ok){const e=await o.json();return{accessToken:e.access_token,expiresAt:e.expires_in?Date.now()+1e3*e.expires_in:null,refreshToken:null!==(r=e.refresh_token)&&void 0!==r?r:null}}let a,h,c;throw o.headers.has("Content-Type")&&o.headers.get("Content-Type").startsWith("application/json")&&(a=await o.json()),(null==a?void 0:a.error)?(h="OAuth2 error "+a.error+".",a.error_description&&(h+=" "+a.error_description),c=a.error):(h="HTTP Error "+o.status+" "+o.statusText,401===o.status&&this.settings.clientSecret&&(h+=". It's likely that the clientId and/or clientSecret was incorrect"),c=null),new n.OAuth2Error(h,c,o.status)}}},618:(e,t,r)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.AuthorizationCodeClient=void 0;const n=r(443);t.AuthorizationCodeClient=class{constructor(e,t,r){this.client=e,this.redirectUri=t,this.state=r}async getAuthorizeUri(){const e={response_type:"code",client_id:this.client.settings.clientId,redirect_uri:this.redirectUri};this.state&&(e.state=this.state);const t=new URLSearchParams(e);return await this.client.getEndpoint("authorizationEndpoint")+"?"+t.toString()}async validateResponse(e){var t;const r=new URL(e).searchParams;if(r.has("error"))throw new n.OAuth2Error(null!==(t=r.get("error_description"))&&void 0!==t?t:"OAuth2 error",r.get("error"),0);if(!r.has("code"))throw new Error(`The url did not contain a code parameter ${e}`);if(!r.has("state"))throw new Error(`The url did not contain state parameter ${e}`);if(this.state!==r.get("state"))throw new Error(`The "state" parameter in the url did not match the expected value of ${this.state}`);return{code:r.get("code")}}async getToken(e){const t={grant_type:"authorization_code",code:e.code,redirect_uri:this.redirectUri,client_id:this.client.settings.clientId,code_verifier:e.codeVerifier};return this.client.request("tokenEndpoint",t)}}},443:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.OAuth2Error=void 0;class r extends Error{constructor(e,t,r){super(e),this.oauth2Code=t,this.httpCode=r}}t.OAuth2Error=r},13:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.OAuth2Fetch=void 0,t.OAuth2Fetch=class{constructor(e){this.token=null,this.activeRefresh=null,this.refreshTimer=null,this.options=e,e.getStoredToken&&(async()=>{this.token=await e.getStoredToken()})(),this.scheduleRefresh()}async fetch(e,t){const r=new Request(e,t);return this.fetchMw(r,(e=>fetch(e)))}async fetchMw(e,t){const r=await this.getAccessToken();let n=e.clone();n.headers.set("Authorization","Bearer "+r);let s=await t(n);if(!s.ok&&401===s.status){const r=await this.refreshToken();n=e.clone(),n.headers.set("Authorization","Bearer "+r.accessToken),s=await t(n)}return s}async getToken(){return this.token&&(null===this.token.expiresAt||this.token.expiresAt>Date.now())?this.token:this.refreshToken()}async getAccessToken(){return(await this.getToken()).accessToken}async refreshToken(){var e,t;if(this.activeRefresh)return this.activeRefresh;const r=this.token;this.activeRefresh=(async()=>{var e,t;let n=null;try{(null==r?void 0:r.refreshToken)&&(n=await this.options.client.refreshToken(r))}catch(e){console.warn("[oauth2] refresh token not accepted, we'll try reauthenticating")}if(n||(n=await this.options.getNewToken()),!n){const r=new Error("Unableto obtain OAuth2 tokens, a full reauth may be needed");throw null===(t=(e=this.options).onError)||void 0===t||t.call(e,r),r}return n})();try{const r=await this.activeRefresh;return this.token=r,null===(t=(e=this.options).storeToken)||void 0===t||t.call(e,r),this.scheduleRefresh(),r}catch(e){throw this.options.onError&&this.options.onError(e),e}finally{this.activeRefresh=null}}scheduleRefresh(){if(this.refreshTimer&&(clearTimeout(this.refreshTimer),this.refreshTimer=null),!this.token||!this.token.expiresAt||!this.token.refreshToken)return;const e=this.token.expiresAt-Date.now();e<12e4||(this.refreshTimer=setTimeout((async()=>{try{await this.refreshToken()}catch(e){console.error("[fetch-mw-oauth2] error while doing a background OAuth2 auto-refresh",e)}}),e-6e4))}}}},t={};function r(n){var s=t[n];if(void 0!==s)return s.exports;var i=t[n]={exports:{}};return e[n](i,i.exports,r),i.exports}var n={};return(()=>{var e=n;Object.defineProperty(e,"__esModule",{value:!0}),e.OAuth2Error=e.OAuth2Fetch=e.OAuth2Client=void 0;var t=r(934);Object.defineProperty(e,"OAuth2Client",{enumerable:!0,get:function(){return t.OAuth2Client}});var s=r(13);Object.defineProperty(e,"OAuth2Fetch",{enumerable:!0,get:function(){return s.OAuth2Fetch}});var i=r(443);Object.defineProperty(e,"OAuth2Error",{enumerable:!0,get:function(){return i.OAuth2Error}})})(),n})()));
//# sourceMappingURL=fetch-mw-oauth2.min.js.map

2

dist/client.js

@@ -153,3 +153,3 @@ "use strict";

const resp = await fetch(uri, {
method: ' POST',
method: 'POST',
body: new URLSearchParams(body),

@@ -156,0 +156,0 @@ headers,

2

package.json
{
"name": "fetch-mw-oauth2",
"version": "2.0.0",
"version": "2.0.1",
"description": "Fetch middleware to add OAuth2 support",

@@ -5,0 +5,0 @@ "main": "dist/index.js",

2

src/client.ts

@@ -270,3 +270,3 @@ import { OAuth2Token } from './token';

const resp = await fetch(uri, {
method:' POST',
method: 'POST',
body: new URLSearchParams(body),

@@ -273,0 +273,0 @@ headers,

browser/fetch-mw-oauth2.min.js.map

Sorry, the diff of this file is not supported yet

dist/client.js.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc