Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
netlify-cms-lib-auth
Advanced tools
netlify-cms-lib-auth - npm Package Compare versions
Comparing version 2.3.0 to 2.4.0
@@ -6,2 +6,13 @@ # Change Log | ||
| # [2.4.0](https://github.com/netlify/netlify-cms/tree/master/packages/netlify-cms-lib-auth/compare/netlify-cms-lib-auth@2.3.0...netlify-cms-lib-auth@2.4.0) (2021-04-14) | ||
| ### Features | ||
| * Adds PKCE authentication for GitLab closes [#5236](https://github.com/netlify/netlify-cms/tree/master/packages/netlify-cms-lib-auth/issues/5236) ([#5239](https://github.com/netlify/netlify-cms/tree/master/packages/netlify-cms-lib-auth/issues/5239)) ([829409e](https://github.com/netlify/netlify-cms/tree/master/packages/netlify-cms-lib-auth/commit/829409e0bc03b4591ee6b59d9895adc4e7190037)) | ||
| # [2.3.0](https://github.com/netlify/netlify-cms/tree/master/packages/netlify-cms-lib-auth/compare/netlify-cms-lib-auth@2.2.12...netlify-cms-lib-auth@2.3.0) (2020-11-26) | ||
@@ -8,0 +19,0 @@ |
@@ -1,18 +0,1 @@ | ||
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { | ||
| value: true | ||
| }); | ||
| exports.default = void 0; | ||
| var _immutable = require("immutable"); | ||
| var _trim = _interopRequireDefault(require("lodash/trim")); | ||
| var _trimEnd = _interopRequireDefault(require("lodash/trimEnd")); | ||
| var _v = _interopRequireDefault(require("uuid/v4")); | ||
| function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } | ||
| function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); if (enumerableOnly) symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; }); keys.push.apply(keys, symbols); } return keys; } | ||
@@ -28,21 +11,10 @@ | ||
| function createNonce() { | ||
| const nonce = (0, _v.default)(); | ||
| window.sessionStorage.setItem('netlify-cms-auth', JSON.stringify({ | ||
| nonce | ||
| })); | ||
| return nonce; | ||
| } | ||
| function validateNonce(check) { | ||
| const auth = window.sessionStorage.getItem('netlify-cms-auth'); | ||
| const valid = auth && JSON.parse(auth).nonce; | ||
| window.localStorage.removeItem('netlify-cms-auth'); | ||
| return check === valid; | ||
| } | ||
| class ImplicitAuthenticator { | ||
| import { Map } from 'immutable'; | ||
| import trim from 'lodash/trim'; | ||
| import trimEnd from 'lodash/trimEnd'; | ||
| import { createNonce, validateNonce, isInsecureProtocol } from "./utils"; | ||
| export default class ImplicitAuthenticator { | ||
| constructor(config = {}) { | ||
| const baseURL = (0, _trimEnd.default)(config.base_url, '/'); | ||
| const authEndpoint = (0, _trim.default)(config.auth_endpoint, '/'); | ||
| const baseURL = trimEnd(config.base_url, '/'); | ||
| const authEndpoint = trim(config.auth_endpoint, '/'); | ||
| this.auth_url = `${baseURL}/${authEndpoint}`; | ||
@@ -54,5 +26,3 @@ this.appID = config.app_id; | ||
| authenticate(options, cb) { | ||
| if (document.location.protocol !== 'https:' && // TODO: Is insecure localhost a bad idea as well? I don't think it is, since you are not actually | ||
| // sending the token over the internet in this case, assuming the auth URL is secure. | ||
| document.location.hostname !== 'localhost' && document.location.hostname !== '127.0.0.1') { | ||
| if (isInsecureProtocol()) { | ||
| return cb(new Error('Cannot authenticate over insecure protocol!')); | ||
@@ -96,3 +66,3 @@ } | ||
| this.clearHash(); | ||
| const params = (0, _immutable.Map)(hashParams.entries()); | ||
| const params = Map(hashParams.entries()); | ||
| const { | ||
@@ -124,4 +94,2 @@ nonce | ||
| } | ||
| exports.default = ImplicitAuthenticator; | ||
| } |
@@ -1,30 +0,9 @@ | ||
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { | ||
| value: true | ||
| }); | ||
| Object.defineProperty(exports, "NetlifyAuthenticator", { | ||
| enumerable: true, | ||
| get: function () { | ||
| return _netlifyAuth.default; | ||
| } | ||
| }); | ||
| Object.defineProperty(exports, "ImplicitAuthenticator", { | ||
| enumerable: true, | ||
| get: function () { | ||
| return _implicitOauth.default; | ||
| } | ||
| }); | ||
| exports.NetlifyCmsLibAuth = void 0; | ||
| var _netlifyAuth = _interopRequireDefault(require("./netlify-auth")); | ||
| var _implicitOauth = _interopRequireDefault(require("./implicit-oauth")); | ||
| function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } | ||
| const NetlifyCmsLibAuth = { | ||
| NetlifyAuthenticator: _netlifyAuth.default, | ||
| ImplicitAuthenticator: _implicitOauth.default | ||
| import NetlifyAuthenticator from "./netlify-auth"; | ||
| import ImplicitAuthenticator from "./implicit-oauth"; | ||
| import PkceAuthenticator from "./pkce-oauth"; | ||
| export const NetlifyCmsLibAuth = { | ||
| NetlifyAuthenticator, | ||
| ImplicitAuthenticator, | ||
| PkceAuthenticator | ||
| }; | ||
| exports.NetlifyCmsLibAuth = NetlifyCmsLibAuth; | ||
| export { NetlifyAuthenticator, ImplicitAuthenticator, PkceAuthenticator }; |
@@ -1,14 +0,3 @@ | ||
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { | ||
| value: true | ||
| }); | ||
| exports.default = void 0; | ||
| var _trim = _interopRequireDefault(require("lodash/trim")); | ||
| var _trimEnd = _interopRequireDefault(require("lodash/trimEnd")); | ||
| function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } | ||
| import trim from 'lodash/trim'; | ||
| import trimEnd from 'lodash/trimEnd'; | ||
| const NETLIFY_API = 'https://api.netlify.com'; | ||
@@ -50,4 +39,4 @@ const AUTH_ENDPOINT = 'auth'; | ||
| this.site_id = config.site_id || null; | ||
| this.base_url = (0, _trimEnd.default)(config.base_url, '/') || NETLIFY_API; | ||
| this.auth_endpoint = (0, _trim.default)(config.auth_endpoint, '/') || AUTH_ENDPOINT; | ||
| this.base_url = trimEnd(config.base_url, '/') || NETLIFY_API; | ||
| this.auth_endpoint = trim(config.auth_endpoint, '/') || AUTH_ENDPOINT; | ||
| } | ||
@@ -180,3 +169,2 @@ | ||
| var _default = Authenticator; | ||
| exports.default = _default; | ||
| export default Authenticator; |
@@ -1,2 +0,2 @@ | ||
| !function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e(require("immutable")):"function"==typeof define&&define.amd?define("NetlifyCmsLibAuth",["immutable"],e):"object"==typeof exports?exports.NetlifyCmsLibAuth=e(require("immutable")):t.NetlifyCmsLibAuth=e(t.NetlifyCmsDefaultExports.Immutable)}(window,(function(t){return function(t){var e={};function r(n){if(e[n])return e[n].exports;var o=e[n]={i:n,l:!1,exports:{}};return t[n].call(o.exports,o,o.exports,r),o.l=!0,o.exports}return r.m=t,r.c=e,r.d=function(t,e,n){r.o(t,e)||Object.defineProperty(t,e,{enumerable:!0,get:n})},r.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},r.t=function(t,e){if(1&e&&(t=r(t)),8&e)return t;if(4&e&&"object"==typeof t&&t&&t.__esModule)return t;var n=Object.create(null);if(r.r(n),Object.defineProperty(n,"default",{enumerable:!0,value:t}),2&e&&"string"!=typeof t)for(var o in t)r.d(n,o,function(e){return t[e]}.bind(null,o));return n},r.n=function(t){var e=t&&t.__esModule?function(){return t.default}:function(){return t};return r.d(e,"a",e),e},r.o=function(t,e){return Object.prototype.hasOwnProperty.call(t,e)},r.p="",r(r.s=31)}([function(t,e,r){var n=r(2),o=r(4),i=r(5),u=r(25),s=r(7),a=r(8),c=/^\s+|\s+$/g;t.exports=function(t,e,r){if((t=a(t))&&(r||void 0===e))return t.replace(c,"");if(!t||!(e=n(e)))return t;var f=s(t),l=s(e),p=u(f,l),h=i(f,l)+1;return o(f,p,h).join("")}},function(t,e,r){var n=r(2),o=r(4),i=r(5),u=r(7),s=r(8),a=/\s+$/;t.exports=function(t,e,r){if((t=s(t))&&(r||void 0===e))return t.replace(a,"");if(!t||!(e=n(e)))return t;var c=u(t),f=i(c,u(e))+1;return o(c,0,f).join("")}},function(t,e,r){var n=r(3),o=r(14),i=r(15),u=r(16),s=n?n.prototype:void 0,a=s?s.toString:void 0;t.exports=function t(e){if("string"==typeof e)return e;if(i(e))return o(e,t)+"";if(u(e))return a?a.call(e):"";var r=e+"";return"0"==r&&1/e==-1/0?"-0":r}},function(t,e,r){var n=r(11).Symbol;t.exports=n},function(t,e,r){var n=r(21);t.exports=function(t,e,r){var o=t.length;return r=void 0===r?o:r,!e&&r>=o?t:n(t,e,r)}},function(t,e,r){var n=r(6);t.exports=function(t,e){for(var r=t.length;r--&&n(e,t[r],0)>-1;);return r}},function(t,e,r){var n=r(22),o=r(23),i=r(24);t.exports=function(t,e,r){return e==e?i(t,e,r):n(t,o,r)}},function(t,e,r){var n=r(26),o=r(27),i=r(28);t.exports=function(t){return o(t)?i(t):n(t)}},function(t,e,r){var n=r(2);t.exports=function(t){return null==t?"":n(t)}},function(e,r){e.exports=t},function(t,e,r){var n=r(29),o=r(30);t.exports=function(t,e,r){var i=e&&r||0;"string"==typeof t&&(e="binary"===t?new Array(16):null,t=null);var u=(t=t||{}).random||(t.rng||n)();if(u[6]=15&u[6]|64,u[8]=63&u[8]|128,e)for(var s=0;s<16;++s)e[i+s]=u[s];return e||o(u)}},function(t,e,r){var n=r(12),o="object"==typeof self&&self&&self.Object===Object&&self,i=n||o||Function("return this")();t.exports=i},function(t,e,r){(function(e){var r="object"==typeof e&&e&&e.Object===Object&&e;t.exports=r}).call(this,r(13))},function(t,e){var r;r=function(){return this}();try{r=r||new Function("return this")()}catch(t){"object"==typeof window&&(r=window)}t.exports=r},function(t,e){t.exports=function(t,e){for(var r=-1,n=null==t?0:t.length,o=Array(n);++r<n;)o[r]=e(t[r],r,t);return o}},function(t,e){var r=Array.isArray;t.exports=r},function(t,e,r){var n=r(17),o=r(20);t.exports=function(t){return"symbol"==typeof t||o(t)&&"[object Symbol]"==n(t)}},function(t,e,r){var n=r(3),o=r(18),i=r(19),u=n?n.toStringTag:void 0;t.exports=function(t){return null==t?void 0===t?"[object Undefined]":"[object Null]":u&&u in Object(t)?o(t):i(t)}},function(t,e,r){var n=r(3),o=Object.prototype,i=o.hasOwnProperty,u=o.toString,s=n?n.toStringTag:void 0;t.exports=function(t){var e=i.call(t,s),r=t[s];try{t[s]=void 0;var n=!0}catch(t){}var o=u.call(t);return n&&(e?t[s]=r:delete t[s]),o}},function(t,e){var r=Object.prototype.toString;t.exports=function(t){return r.call(t)}},function(t,e){t.exports=function(t){return null!=t&&"object"==typeof t}},function(t,e){t.exports=function(t,e,r){var n=-1,o=t.length;e<0&&(e=-e>o?0:o+e),(r=r>o?o:r)<0&&(r+=o),o=e>r?0:r-e>>>0,e>>>=0;for(var i=Array(o);++n<o;)i[n]=t[n+e];return i}},function(t,e){t.exports=function(t,e,r,n){for(var o=t.length,i=r+(n?1:-1);n?i--:++i<o;)if(e(t[i],i,t))return i;return-1}},function(t,e){t.exports=function(t){return t!=t}},function(t,e){t.exports=function(t,e,r){for(var n=r-1,o=t.length;++n<o;)if(t[n]===e)return n;return-1}},function(t,e,r){var n=r(6);t.exports=function(t,e){for(var r=-1,o=t.length;++r<o&&n(e,t[r],0)>-1;);return r}},function(t,e){t.exports=function(t){return t.split("")}},function(t,e){var r=RegExp("[\\u200d\\ud800-\\udfff\\u0300-\\u036f\\ufe20-\\ufe2f\\u20d0-\\u20ff\\ufe0e\\ufe0f]");t.exports=function(t){return r.test(t)}},function(t,e){var r="[\\ud800-\\udfff]",n="[\\u0300-\\u036f\\ufe20-\\ufe2f\\u20d0-\\u20ff]",o="\\ud83c[\\udffb-\\udfff]",i="[^\\ud800-\\udfff]",u="(?:\\ud83c[\\udde6-\\uddff]){2}",s="[\\ud800-\\udbff][\\udc00-\\udfff]",a="(?:"+n+"|"+o+")"+"?",c="[\\ufe0e\\ufe0f]?"+a+("(?:\\u200d(?:"+[i,u,s].join("|")+")[\\ufe0e\\ufe0f]?"+a+")*"),f="(?:"+[i+n+"?",n,u,s,r].join("|")+")",l=RegExp(o+"(?="+o+")|"+f+c,"g");t.exports=function(t){return t.match(l)||[]}},function(t,e){var r="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto)||"undefined"!=typeof msCrypto&&"function"==typeof window.msCrypto.getRandomValues&&msCrypto.getRandomValues.bind(msCrypto);if(r){var n=new Uint8Array(16);t.exports=function(){return r(n),n}}else{var o=new Array(16);t.exports=function(){for(var t,e=0;e<16;e++)0==(3&e)&&(t=4294967296*Math.random()),o[e]=t>>>((3&e)<<3)&255;return o}}},function(t,e){for(var r=[],n=0;n<256;++n)r[n]=(n+256).toString(16).substr(1);t.exports=function(t,e){var n=e||0,o=r;return[o[t[n++]],o[t[n++]],o[t[n++]],o[t[n++]],"-",o[t[n++]],o[t[n++]],"-",o[t[n++]],o[t[n++]],"-",o[t[n++]],o[t[n++]],"-",o[t[n++]],o[t[n++]],o[t[n++]],o[t[n++]],o[t[n++]],o[t[n++]]].join("")}},function(t,e,r){"use strict";r.r(e),r.d(e,"NetlifyCmsLibAuth",(function(){return b})),r.d(e,"NetlifyAuthenticator",(function(){return c})),r.d(e,"ImplicitAuthenticator",(function(){return y}));var n=r(0),o=r.n(n),i=r(1),u=r.n(i);class s{constructor(t){this.err=t}toString(){return this.err&&this.err.message}}const a={github:{width:960,height:600},gitlab:{width:960,height:600},bitbucket:{width:960,height:500},email:{width:500,height:400}};var c=class{constructor(t={}){this.site_id=t.site_id||null,this.base_url=u()(t.base_url,"/")||"https://api.netlify.com",this.auth_endpoint=o()(t.auth_endpoint,"/")||"auth"}handshakeCallback(t,e){const r=n=>{if(n.data==="authorizing:"+t.provider&&n.origin===this.base_url)return window.removeEventListener("message",r,!1),window.addEventListener("message",this.authorizeCallback(t,e),!1),this.authWindow.postMessage(n.data,n.origin)};return r}authorizeCallback(t,e){const r=n=>{if(n.origin===this.base_url){if(0===n.data.indexOf("authorization:"+t.provider+":success:")){const o=JSON.parse(n.data.match(new RegExp("^authorization:"+t.provider+":success:(.+)$"))[1]);window.removeEventListener("message",r,!1),this.authWindow.close(),e(null,o)}if(0===n.data.indexOf("authorization:"+t.provider+":error:")){const o=JSON.parse(n.data.match(new RegExp("^authorization:"+t.provider+":error:(.+)$"))[1]);window.removeEventListener("message",r,!1),this.authWindow.close(),e(new s(o))}}};return r}getSiteID(){if(this.site_id)return this.site_id;const t=document.location.host.split(":")[0];return"localhost"===t?"cms.netlify.com":t}authenticate(t,e){const{provider:r}=t,n=this.getSiteID();if(!r)return e(new s({message:"You must specify a provider when calling netlify.authenticate"}));if(!n)return e(new s({message:"You must set a site_id with netlify.configure({site_id: 'your-site-id'}) to make authentication work from localhost"}));const o=a[r]||a.github,i=screen.width/2-o.width/2,u=screen.height/2-o.height/2;window.addEventListener("message",this.handshakeCallback(t,e),!1);let c=`${this.base_url}/${this.auth_endpoint}?provider=${t.provider}&site_id=${n}`;t.scope&&(c+="&scope="+t.scope),!0===t.login&&(c+="&login=true"),t.beta_invite&&(c+="&beta_invite="+t.beta_invite),t.invite_code&&(c+="&invite_code="+t.invite_code),this.authWindow=window.open(c,"Netlify Authorization",`width=${o.width}, height=${o.height}, top=${u}, left=${i}`),this.authWindow.focus()}refresh(t,e){const{provider:r,refresh_token:n}=t,o=this.getSiteID(),i=e||Promise.reject.bind(Promise);if(!r||!n)return i(new s({message:"You must specify a provider and refresh token when calling netlify.refresh"}));if(!o)return i(new s({message:"You must set a site_id with netlify.configure({site_id: 'your-site-id'}) to make token refresh work from localhost"}));const u=`${this.base_url}/${this.auth_endpoint}/refresh?provider=${r}&site_id=${o}&refresh_token=${n}`,a=fetch(u,{method:"POST",body:""}).then(t=>t.json());if(!e)return a;a.then(t=>e(null,t)).catch(e)}},f=r(9),l=r(10),p=r.n(l);function h(t,e){var r=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),r.push.apply(r,n)}return r}function d(t,e,r){return e in t?Object.defineProperty(t,e,{value:r,enumerable:!0,configurable:!0,writable:!0}):t[e]=r,t}function m(t,e){if(null==t)return{};var r,n,o=function(t,e){if(null==t)return{};var r,n,o={},i=Object.keys(t);for(n=0;n<i.length;n++)r=i[n],e.indexOf(r)>=0||(o[r]=t[r]);return o}(t,e);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(t);for(n=0;n<i.length;n++)r=i[n],e.indexOf(r)>=0||Object.prototype.propertyIsEnumerable.call(t,r)&&(o[r]=t[r])}return o}function v(){const t=p()();return window.sessionStorage.setItem("netlify-cms-auth",JSON.stringify({nonce:t})),t}class y{constructor(t={}){const e=u()(t.base_url,"/"),r=o()(t.auth_endpoint,"/");this.auth_url=`${e}/${r}`,this.appID=t.app_id,this.clearHash=t.clearHash}authenticate(t,e){if("https:"!==document.location.protocol&&"localhost"!==document.location.hostname&&"127.0.0.1"!==document.location.hostname)return e(new Error("Cannot authenticate over insecure protocol!"));const r=new URL(this.auth_url);r.searchParams.set("client_id",this.appID),r.searchParams.set("redirect_uri",document.location.origin+document.location.pathname),r.searchParams.set("response_type","token"),r.searchParams.set("scope",t.scope),null!=t.prompt&&null!=t.prompt&&r.searchParams.set("prompt",t.prompt),null!=t.resource&&null!=t.resource&&r.searchParams.set("resource",t.resource);const n=JSON.stringify({auth_type:"implicit",nonce:v()});r.searchParams.set("state",n),document.location.assign(r.href)}completeAuth(t){const e=new URLSearchParams(document.location.hash.replace(/^#?\/?/,""));if(!e.has("access_token")&&!e.has("error"))return;this.clearHash();const r=Object(f.Map)(e.entries()),{nonce:n}=JSON.parse(r.get("state"));if(!function(t){const e=window.sessionStorage.getItem("netlify-cms-auth"),r=e&&JSON.parse(e).nonce;return window.localStorage.removeItem("netlify-cms-auth"),t===r}(n))return t(new Error("Invalid nonce"));if(r.has("error"))return t(new Error(`${r.get("error")}: ${r.get("error_description")}`));if(r.has("access_token")){const e=r.toJS(),{access_token:n}=e;t(null,function(t){for(var e=1;e<arguments.length;e++){var r=null!=arguments[e]?arguments[e]:{};e%2?h(Object(r),!0).forEach((function(e){d(t,e,r[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(r)):h(Object(r)).forEach((function(e){Object.defineProperty(t,e,Object.getOwnPropertyDescriptor(r,e))}))}return t}({token:n},m(e,["access_token"])))}}}const b={NetlifyAuthenticator:c,ImplicitAuthenticator:y}}]).NetlifyCmsLibAuth})); | ||
| !function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e(require("immutable")):"function"==typeof define&&define.amd?define("NetlifyCmsLibAuth",["immutable"],e):"object"==typeof exports?exports.NetlifyCmsLibAuth=e(require("immutable")):t.NetlifyCmsLibAuth=e(t.NetlifyCmsDefaultExports.Immutable)}(window,(function(t){return function(t){var e={};function r(n){if(e[n])return e[n].exports;var o=e[n]={i:n,l:!1,exports:{}};return t[n].call(o.exports,o,o.exports,r),o.l=!0,o.exports}return r.m=t,r.c=e,r.d=function(t,e,n){r.o(t,e)||Object.defineProperty(t,e,{enumerable:!0,get:n})},r.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},r.t=function(t,e){if(1&e&&(t=r(t)),8&e)return t;if(4&e&&"object"==typeof t&&t&&t.__esModule)return t;var n=Object.create(null);if(r.r(n),Object.defineProperty(n,"default",{enumerable:!0,value:t}),2&e&&"string"!=typeof t)for(var o in t)r.d(n,o,function(e){return t[e]}.bind(null,o));return n},r.n=function(t){var e=t&&t.__esModule?function(){return t.default}:function(){return t};return r.d(e,"a",e),e},r.o=function(t,e){return Object.prototype.hasOwnProperty.call(t,e)},r.p="",r(r.s=33)}([function(t,e,r){var n=r(2),o=r(22),i=r(5),s=r(6),a=r(27),c=r(8),u=r(9);t.exports=function(t,e,r){if((t=u(t))&&(r||void 0===e))return o(t);if(!t||!(e=n(e)))return t;var f=c(t),l=c(e),h=a(f,l),p=s(f,l)+1;return i(f,h,p).join("")}},function(t,e,r){var n=r(2),o=r(5),i=r(6),s=r(8),a=r(9),c=r(4);t.exports=function(t,e,r){if((t=a(t))&&(r||void 0===e))return t.slice(0,c(t)+1);if(!t||!(e=n(e)))return t;var u=s(t),f=i(u,s(e))+1;return o(u,0,f).join("")}},function(t,e,r){var n=r(3),o=r(15),i=r(16),s=r(17),a=n?n.prototype:void 0,c=a?a.toString:void 0;t.exports=function t(e){if("string"==typeof e)return e;if(i(e))return o(e,t)+"";if(s(e))return c?c.call(e):"";var r=e+"";return"0"==r&&1/e==-1/0?"-0":r}},function(t,e,r){var n=r(12).Symbol;t.exports=n},function(t,e){var r=/\s/;t.exports=function(t){for(var e=t.length;e--&&r.test(t.charAt(e)););return e}},function(t,e,r){var n=r(23);t.exports=function(t,e,r){var o=t.length;return r=void 0===r?o:r,!e&&r>=o?t:n(t,e,r)}},function(t,e,r){var n=r(7);t.exports=function(t,e){for(var r=t.length;r--&&n(e,t[r],0)>-1;);return r}},function(t,e,r){var n=r(24),o=r(25),i=r(26);t.exports=function(t,e,r){return e==e?i(t,e,r):n(t,o,r)}},function(t,e,r){var n=r(28),o=r(29),i=r(30);t.exports=function(t){return o(t)?i(t):n(t)}},function(t,e,r){var n=r(2);t.exports=function(t){return null==t?"":n(t)}},function(e,r){e.exports=t},function(t,e,r){var n=r(31),o=r(32);t.exports=function(t,e,r){var i=e&&r||0;"string"==typeof t&&(e="binary"===t?new Array(16):null,t=null);var s=(t=t||{}).random||(t.rng||n)();if(s[6]=15&s[6]|64,s[8]=63&s[8]|128,e)for(var a=0;a<16;++a)e[i+a]=s[a];return e||o(s)}},function(t,e,r){var n=r(13),o="object"==typeof self&&self&&self.Object===Object&&self,i=n||o||Function("return this")();t.exports=i},function(t,e,r){(function(e){var r="object"==typeof e&&e&&e.Object===Object&&e;t.exports=r}).call(this,r(14))},function(t,e){var r;r=function(){return this}();try{r=r||new Function("return this")()}catch(t){"object"==typeof window&&(r=window)}t.exports=r},function(t,e){t.exports=function(t,e){for(var r=-1,n=null==t?0:t.length,o=Array(n);++r<n;)o[r]=e(t[r],r,t);return o}},function(t,e){var r=Array.isArray;t.exports=r},function(t,e,r){var n=r(18),o=r(21);t.exports=function(t){return"symbol"==typeof t||o(t)&&"[object Symbol]"==n(t)}},function(t,e,r){var n=r(3),o=r(19),i=r(20),s=n?n.toStringTag:void 0;t.exports=function(t){return null==t?void 0===t?"[object Undefined]":"[object Null]":s&&s in Object(t)?o(t):i(t)}},function(t,e,r){var n=r(3),o=Object.prototype,i=o.hasOwnProperty,s=o.toString,a=n?n.toStringTag:void 0;t.exports=function(t){var e=i.call(t,a),r=t[a];try{t[a]=void 0;var n=!0}catch(t){}var o=s.call(t);return n&&(e?t[a]=r:delete t[a]),o}},function(t,e){var r=Object.prototype.toString;t.exports=function(t){return r.call(t)}},function(t,e){t.exports=function(t){return null!=t&&"object"==typeof t}},function(t,e,r){var n=r(4),o=/^\s+/;t.exports=function(t){return t?t.slice(0,n(t)+1).replace(o,""):t}},function(t,e){t.exports=function(t,e,r){var n=-1,o=t.length;e<0&&(e=-e>o?0:o+e),(r=r>o?o:r)<0&&(r+=o),o=e>r?0:r-e>>>0,e>>>=0;for(var i=Array(o);++n<o;)i[n]=t[n+e];return i}},function(t,e){t.exports=function(t,e,r,n){for(var o=t.length,i=r+(n?1:-1);n?i--:++i<o;)if(e(t[i],i,t))return i;return-1}},function(t,e){t.exports=function(t){return t!=t}},function(t,e){t.exports=function(t,e,r){for(var n=r-1,o=t.length;++n<o;)if(t[n]===e)return n;return-1}},function(t,e,r){var n=r(7);t.exports=function(t,e){for(var r=-1,o=t.length;++r<o&&n(e,t[r],0)>-1;);return r}},function(t,e){t.exports=function(t){return t.split("")}},function(t,e){var r=RegExp("[\\u200d\\ud800-\\udfff\\u0300-\\u036f\\ufe20-\\ufe2f\\u20d0-\\u20ff\\ufe0e\\ufe0f]");t.exports=function(t){return r.test(t)}},function(t,e){var r="[\\ud800-\\udfff]",n="[\\u0300-\\u036f\\ufe20-\\ufe2f\\u20d0-\\u20ff]",o="\\ud83c[\\udffb-\\udfff]",i="[^\\ud800-\\udfff]",s="(?:\\ud83c[\\udde6-\\uddff]){2}",a="[\\ud800-\\udbff][\\udc00-\\udfff]",c="(?:"+n+"|"+o+")"+"?",u="[\\ufe0e\\ufe0f]?"+c+("(?:\\u200d(?:"+[i,s,a].join("|")+")[\\ufe0e\\ufe0f]?"+c+")*"),f="(?:"+[i+n+"?",n,s,a,r].join("|")+")",l=RegExp(o+"(?="+o+")|"+f+u,"g");t.exports=function(t){return t.match(l)||[]}},function(t,e){var r="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto)||"undefined"!=typeof msCrypto&&"function"==typeof window.msCrypto.getRandomValues&&msCrypto.getRandomValues.bind(msCrypto);if(r){var n=new Uint8Array(16);t.exports=function(){return r(n),n}}else{var o=new Array(16);t.exports=function(){for(var t,e=0;e<16;e++)0==(3&e)&&(t=4294967296*Math.random()),o[e]=t>>>((3&e)<<3)&255;return o}}},function(t,e){for(var r=[],n=0;n<256;++n)r[n]=(n+256).toString(16).substr(1);t.exports=function(t,e){var n=e||0,o=r;return[o[t[n++]],o[t[n++]],o[t[n++]],o[t[n++]],"-",o[t[n++]],o[t[n++]],"-",o[t[n++]],o[t[n++]],"-",o[t[n++]],o[t[n++]],"-",o[t[n++]],o[t[n++]],o[t[n++]],o[t[n++]],o[t[n++]],o[t[n++]]].join("")}},function(t,e,r){"use strict";r.r(e),r.d(e,"NetlifyCmsLibAuth",(function(){return P})),r.d(e,"NetlifyAuthenticator",(function(){return u})),r.d(e,"ImplicitAuthenticator",(function(){return v})),r.d(e,"PkceAuthenticator",(function(){return x}));var n=r(0),o=r.n(n),i=r(1),s=r.n(i);class a{constructor(t){this.err=t}toString(){return this.err&&this.err.message}}const c={github:{width:960,height:600},gitlab:{width:960,height:600},bitbucket:{width:960,height:500},email:{width:500,height:400}};var u=class{constructor(t={}){this.site_id=t.site_id||null,this.base_url=s()(t.base_url,"/")||"https://api.netlify.com",this.auth_endpoint=o()(t.auth_endpoint,"/")||"auth"}handshakeCallback(t,e){const r=n=>{if(n.data==="authorizing:"+t.provider&&n.origin===this.base_url)return window.removeEventListener("message",r,!1),window.addEventListener("message",this.authorizeCallback(t,e),!1),this.authWindow.postMessage(n.data,n.origin)};return r}authorizeCallback(t,e){const r=n=>{if(n.origin===this.base_url){if(0===n.data.indexOf("authorization:"+t.provider+":success:")){const o=JSON.parse(n.data.match(new RegExp("^authorization:"+t.provider+":success:(.+)$"))[1]);window.removeEventListener("message",r,!1),this.authWindow.close(),e(null,o)}if(0===n.data.indexOf("authorization:"+t.provider+":error:")){const o=JSON.parse(n.data.match(new RegExp("^authorization:"+t.provider+":error:(.+)$"))[1]);window.removeEventListener("message",r,!1),this.authWindow.close(),e(new a(o))}}};return r}getSiteID(){if(this.site_id)return this.site_id;const t=document.location.host.split(":")[0];return"localhost"===t?"cms.netlify.com":t}authenticate(t,e){const{provider:r}=t,n=this.getSiteID();if(!r)return e(new a({message:"You must specify a provider when calling netlify.authenticate"}));if(!n)return e(new a({message:"You must set a site_id with netlify.configure({site_id: 'your-site-id'}) to make authentication work from localhost"}));const o=c[r]||c.github,i=screen.width/2-o.width/2,s=screen.height/2-o.height/2;window.addEventListener("message",this.handshakeCallback(t,e),!1);let u=`${this.base_url}/${this.auth_endpoint}?provider=${t.provider}&site_id=${n}`;t.scope&&(u+="&scope="+t.scope),!0===t.login&&(u+="&login=true"),t.beta_invite&&(u+="&beta_invite="+t.beta_invite),t.invite_code&&(u+="&invite_code="+t.invite_code),this.authWindow=window.open(u,"Netlify Authorization",`width=${o.width}, height=${o.height}, top=${s}, left=${i}`),this.authWindow.focus()}refresh(t,e){const{provider:r,refresh_token:n}=t,o=this.getSiteID(),i=e||Promise.reject.bind(Promise);if(!r||!n)return i(new a({message:"You must specify a provider and refresh token when calling netlify.refresh"}));if(!o)return i(new a({message:"You must set a site_id with netlify.configure({site_id: 'your-site-id'}) to make token refresh work from localhost"}));const s=`${this.base_url}/${this.auth_endpoint}/refresh?provider=${r}&site_id=${o}&refresh_token=${n}`,c=fetch(s,{method:"POST",body:""}).then(t=>t.json());if(!e)return c;c.then(t=>e(null,t)).catch(e)}},f=r(10),l=r(11),h=r.n(l);function p(){const t=h()();return window.sessionStorage.setItem("netlify-cms-auth",JSON.stringify({nonce:t})),t}function d(t){const e=window.sessionStorage.getItem("netlify-cms-auth"),r=e&&JSON.parse(e).nonce;return window.localStorage.removeItem("netlify-cms-auth"),t===r}function m(){return"https:"!==document.location.protocol&&"localhost"!==document.location.hostname&&"127.0.0.1"!==document.location.hostname}function y(t,e){var r=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),r.push.apply(r,n)}return r}function g(t,e,r){return e in t?Object.defineProperty(t,e,{value:r,enumerable:!0,configurable:!0,writable:!0}):t[e]=r,t}function b(t,e){if(null==t)return{};var r,n,o=function(t,e){if(null==t)return{};var r,n,o={},i=Object.keys(t);for(n=0;n<i.length;n++)r=i[n],e.indexOf(r)>=0||(o[r]=t[r]);return o}(t,e);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(t);for(n=0;n<i.length;n++)r=i[n],e.indexOf(r)>=0||Object.prototype.propertyIsEnumerable.call(t,r)&&(o[r]=t[r])}return o}class v{constructor(t={}){const e=s()(t.base_url,"/"),r=o()(t.auth_endpoint,"/");this.auth_url=`${e}/${r}`,this.appID=t.app_id,this.clearHash=t.clearHash}authenticate(t,e){if(m())return e(new Error("Cannot authenticate over insecure protocol!"));const r=new URL(this.auth_url);r.searchParams.set("client_id",this.appID),r.searchParams.set("redirect_uri",document.location.origin+document.location.pathname),r.searchParams.set("response_type","token"),r.searchParams.set("scope",t.scope),null!=t.prompt&&null!=t.prompt&&r.searchParams.set("prompt",t.prompt),null!=t.resource&&null!=t.resource&&r.searchParams.set("resource",t.resource);const n=JSON.stringify({auth_type:"implicit",nonce:p()});r.searchParams.set("state",n),document.location.assign(r.href)}completeAuth(t){const e=new URLSearchParams(document.location.hash.replace(/^#?\/?/,""));if(!e.has("access_token")&&!e.has("error"))return;this.clearHash();const r=Object(f.Map)(e.entries()),{nonce:n}=JSON.parse(r.get("state"));if(!d(n))return t(new Error("Invalid nonce"));if(r.has("error"))return t(new Error(`${r.get("error")}: ${r.get("error_description")}`));if(r.has("access_token")){const e=r.toJS(),{access_token:n}=e;t(null,function(t){for(var e=1;e<arguments.length;e++){var r=null!=arguments[e]?arguments[e]:{};e%2?y(Object(r),!0).forEach((function(e){g(t,e,r[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(r)):y(Object(r)).forEach((function(e){Object.defineProperty(t,e,Object.getOwnPropertyDescriptor(r,e))}))}return t}({token:n},b(e,["access_token"])))}}}function w(t,e){var r=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),r.push.apply(r,n)}return r}function _(t,e,r){return e in t?Object.defineProperty(t,e,{value:r,enumerable:!0,configurable:!0,writable:!0}):t[e]=r,t}async function O(t){const e=await async function(t){const e=(new TextEncoder).encode(t),r=await window.crypto.subtle.digest("SHA-256",e);return String.fromCharCode(...new Uint8Array(r))}(t);return btoa(e).split("=")[0].replace(/\+/g,"-").replace(/\//g,"_")}function j(){const t=function(){const t="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-.";return Array.from(window.crypto.getRandomValues(new Uint8Array(128))).map(e=>t[e%t.length]).join("")}();return window.sessionStorage.setItem("netlify-cms-pkce-verifier-code",t),t}class x{constructor(t={}){const e=s()(t.base_url,"/"),r=o()(t.auth_endpoint,"/"),n=o()(t.auth_token_endpoint,"/");this.auth_url=`${e}/${r}`,this.auth_token_url=`${e}/${n}`,this.appID=t.app_id}async authenticate(t,e){if(m())return e(new Error("Cannot authenticate over insecure protocol!"));const r=new URL(this.auth_url);r.searchParams.set("client_id",this.appID),r.searchParams.set("redirect_uri",document.location.origin+document.location.pathname),r.searchParams.set("response_type","code"),r.searchParams.set("scope",t.scope);const n=JSON.stringify({auth_type:"pkce",nonce:p()});r.searchParams.set("state",n),r.searchParams.set("code_challenge_method","S256");const o=j(),i=await O(o);r.searchParams.set("code_challenge",i),document.location.assign(r.href)}async completeAuth(t){const e=new URLSearchParams(document.location.search);if(window.history.replaceState(null,"",document.location.pathname),!e.has("code")&&!e.has("error"))return;const{nonce:r}=JSON.parse(e.get("state"));if(!d(r))return t(new Error("Invalid nonce"));if(e.has("error"))return t(new Error(`${e.get("error")}: ${e.get("error_description")}`));if(e.has("code")){const r=e.get("code"),n=new URL(this.auth_token_url);n.searchParams.set("client_id",this.appID),n.searchParams.set("code",r),n.searchParams.set("grant_type","authorization_code"),n.searchParams.set("redirect_uri",document.location.origin+document.location.pathname),n.searchParams.set("code_verifier",window.sessionStorage.getItem("netlify-cms-pkce-verifier-code")),window.sessionStorage.removeItem("netlify-cms-pkce-verifier-code");const o=await fetch(n.href,{method:"POST"}),i=await o.json();t(null,function(t){for(var e=1;e<arguments.length;e++){var r=null!=arguments[e]?arguments[e]:{};e%2?w(Object(r),!0).forEach((function(e){_(t,e,r[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(r)):w(Object(r)).forEach((function(e){Object.defineProperty(t,e,Object.getOwnPropertyDescriptor(r,e))}))}return t}({token:i.access_token},i))}}}const P={NetlifyAuthenticator:u,ImplicitAuthenticator:v,PkceAuthenticator:x}}]).NetlifyCmsLibAuth})); | ||
| //# sourceMappingURL=netlify-cms-lib-auth.js.map |
| { | ||
| "name": "netlify-cms-lib-auth", | ||
| "description": "Shared authentication functionality for Netlify CMS.", | ||
| "version": "2.3.0", | ||
| "version": "2.4.0", | ||
| "repository": "https://github.com/netlify/netlify-cms/tree/master/packages/netlify-cms-lib-auth", | ||
@@ -28,3 +28,3 @@ "bugs": "https://github.com/netlify/netlify-cms/issues", | ||
| }, | ||
| "gitHead": "b8adb92931ea8b9f6e0b319456bc03383c38a730" | ||
| "gitHead": "f70924d99be047a8a00ce6be2398dac7c77d55d5" | ||
| } |
| import { Map } from 'immutable'; | ||
| import trim from 'lodash/trim'; | ||
| import trimEnd from 'lodash/trimEnd'; | ||
| import uuid from 'uuid/v4'; | ||
| import { createNonce, validateNonce, isInsecureProtocol } from './utils'; | ||
| function createNonce() { | ||
| const nonce = uuid(); | ||
| window.sessionStorage.setItem('netlify-cms-auth', JSON.stringify({ nonce })); | ||
| return nonce; | ||
| } | ||
| function validateNonce(check) { | ||
| const auth = window.sessionStorage.getItem('netlify-cms-auth'); | ||
| const valid = auth && JSON.parse(auth).nonce; | ||
| window.localStorage.removeItem('netlify-cms-auth'); | ||
| return check === valid; | ||
| } | ||
| export default class ImplicitAuthenticator { | ||
@@ -29,9 +16,3 @@ constructor(config = {}) { | ||
| authenticate(options, cb) { | ||
| if ( | ||
| document.location.protocol !== 'https:' && | ||
| // TODO: Is insecure localhost a bad idea as well? I don't think it is, since you are not actually | ||
| // sending the token over the internet in this case, assuming the auth URL is secure. | ||
| document.location.hostname !== 'localhost' && | ||
| document.location.hostname !== '127.0.0.1' | ||
| ) { | ||
| if (isInsecureProtocol()) { | ||
| return cb(new Error('Cannot authenticate over insecure protocol!')); | ||
@@ -38,0 +19,0 @@ } |
| import NetlifyAuthenticator from './netlify-auth'; | ||
| import ImplicitAuthenticator from './implicit-oauth'; | ||
| export const NetlifyCmsLibAuth = { NetlifyAuthenticator, ImplicitAuthenticator }; | ||
| export { NetlifyAuthenticator, ImplicitAuthenticator }; | ||
| import PkceAuthenticator from './pkce-oauth'; | ||
| export const NetlifyCmsLibAuth = { NetlifyAuthenticator, ImplicitAuthenticator, PkceAuthenticator }; | ||
| export { NetlifyAuthenticator, ImplicitAuthenticator, PkceAuthenticator }; |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by23.09%
114537
- Number of package files
- increased by33.33%
16
- Lines of code
- increased by37.57%
736
Worsened metrics
- Number of medium supply chain risk alerts
- increased by60%
8
No dependency changes