Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

netlify-cms-lib-auth

Package Overview
Dependencies
Maintainers
17
Versions
30
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

netlify-cms-lib-auth - npm Package Compare versions

Comparing version 2.4.0 to 2.4.1

41

dist/esm/implicit-oauth.js

@@ -1,3 +0,20 @@

function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); if (enumerableOnly) symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; }); keys.push.apply(keys, symbols); } return keys; }
"use strict";
Object.defineProperty(exports, "__esModule", {
value: true
});
exports.default = void 0;
var _immutable = require("immutable");
var _trim = _interopRequireDefault(require("lodash/trim"));
var _trimEnd = _interopRequireDefault(require("lodash/trimEnd"));
var _utils = require("./utils");
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); if (enumerableOnly) { symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; }); } keys.push.apply(keys, symbols); } return keys; }
function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i] != null ? arguments[i] : {}; if (i % 2) { ownKeys(Object(source), true).forEach(function (key) { _defineProperty(target, key, source[key]); }); } else if (Object.getOwnPropertyDescriptors) { Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)); } else { ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } } return target; }

@@ -11,10 +28,6 @@

import { Map } from 'immutable';
import trim from 'lodash/trim';
import trimEnd from 'lodash/trimEnd';
import { createNonce, validateNonce, isInsecureProtocol } from "./utils";
export default class ImplicitAuthenticator {
class ImplicitAuthenticator {
constructor(config = {}) {
const baseURL = trimEnd(config.base_url, '/');
const authEndpoint = trim(config.auth_endpoint, '/');
const baseURL = (0, _trimEnd.default)(config.base_url, '/');
const authEndpoint = (0, _trim.default)(config.auth_endpoint, '/');
this.auth_url = `${baseURL}/${authEndpoint}`;

@@ -26,3 +39,3 @@ this.appID = config.app_id;

authenticate(options, cb) {
if (isInsecureProtocol()) {
if ((0, _utils.isInsecureProtocol)()) {
return cb(new Error('Cannot authenticate over insecure protocol!'));

@@ -47,3 +60,3 @@ }

auth_type: 'implicit',
nonce: createNonce()
nonce: (0, _utils.createNonce)()
});

@@ -67,7 +80,7 @@ authURL.searchParams.set('state', state);

this.clearHash();
const params = Map(hashParams.entries());
const params = (0, _immutable.Map)(hashParams.entries());
const {
nonce
} = JSON.parse(params.get('state'));
const validNonce = validateNonce(nonce);
const validNonce = (0, _utils.validateNonce)(nonce);

@@ -95,2 +108,4 @@ if (!validNonce) {

}
}
exports.default = ImplicitAuthenticator;

46

dist/esm/index.js

@@ -1,9 +0,39 @@

import NetlifyAuthenticator from "./netlify-auth";
import ImplicitAuthenticator from "./implicit-oauth";
import PkceAuthenticator from "./pkce-oauth";
export const NetlifyCmsLibAuth = {
NetlifyAuthenticator,
ImplicitAuthenticator,
PkceAuthenticator
"use strict";
Object.defineProperty(exports, "__esModule", {
value: true
});
Object.defineProperty(exports, "NetlifyAuthenticator", {
enumerable: true,
get: function () {
return _netlifyAuth.default;
}
});
Object.defineProperty(exports, "ImplicitAuthenticator", {
enumerable: true,
get: function () {
return _implicitOauth.default;
}
});
Object.defineProperty(exports, "PkceAuthenticator", {
enumerable: true,
get: function () {
return _pkceOauth.default;
}
});
exports.NetlifyCmsLibAuth = void 0;
var _netlifyAuth = _interopRequireDefault(require("./netlify-auth"));
var _implicitOauth = _interopRequireDefault(require("./implicit-oauth"));
var _pkceOauth = _interopRequireDefault(require("./pkce-oauth"));
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
const NetlifyCmsLibAuth = {
NetlifyAuthenticator: _netlifyAuth.default,
ImplicitAuthenticator: _implicitOauth.default,
PkceAuthenticator: _pkceOauth.default
};
export { NetlifyAuthenticator, ImplicitAuthenticator, PkceAuthenticator };
exports.NetlifyCmsLibAuth = NetlifyCmsLibAuth;

22

dist/esm/netlify-auth.js

@@ -1,3 +0,14 @@

import trim from 'lodash/trim';
import trimEnd from 'lodash/trimEnd';
"use strict";
Object.defineProperty(exports, "__esModule", {
value: true
});
exports.default = void 0;
var _trim = _interopRequireDefault(require("lodash/trim"));
var _trimEnd = _interopRequireDefault(require("lodash/trimEnd"));
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
const NETLIFY_API = 'https://api.netlify.com';

@@ -39,4 +50,4 @@ const AUTH_ENDPOINT = 'auth';

this.site_id = config.site_id || null;
this.base_url = trimEnd(config.base_url, '/') || NETLIFY_API;
this.auth_endpoint = trim(config.auth_endpoint, '/') || AUTH_ENDPOINT;
this.base_url = (0, _trimEnd.default)(config.base_url, '/') || NETLIFY_API;
this.auth_endpoint = (0, _trim.default)(config.auth_endpoint, '/') || AUTH_ENDPOINT;
}

@@ -169,2 +180,3 @@

export default Authenticator;
var _default = Authenticator;
exports.default = _default;

39

dist/esm/pkce-oauth.js

@@ -1,3 +0,18 @@

function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); if (enumerableOnly) symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; }); keys.push.apply(keys, symbols); } return keys; }
"use strict";
Object.defineProperty(exports, "__esModule", {
value: true
});
exports.default = void 0;
var _trim = _interopRequireDefault(require("lodash/trim"));
var _trimEnd = _interopRequireDefault(require("lodash/trimEnd"));
var _utils = require("./utils");
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); if (enumerableOnly) { symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; }); } keys.push.apply(keys, symbols); } return keys; }
function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i] != null ? arguments[i] : {}; if (i % 2) { ownKeys(Object(source), true).forEach(function (key) { _defineProperty(target, key, source[key]); }); } else if (Object.getOwnPropertyDescriptors) { Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)); } else { ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } } return target; }

@@ -7,6 +22,2 @@

import trim from 'lodash/trim';
import trimEnd from 'lodash/trimEnd';
import { createNonce, validateNonce, isInsecureProtocol } from "./utils";
async function sha256(text) {

@@ -53,7 +64,7 @@ const encoder = new TextEncoder();

export default class PkceAuthenticator {
class PkceAuthenticator {
constructor(config = {}) {
const baseURL = trimEnd(config.base_url, '/');
const authEndpoint = trim(config.auth_endpoint, '/');
const authTokenEndpoint = trim(config.auth_token_endpoint, '/');
const baseURL = (0, _trimEnd.default)(config.base_url, '/');
const authEndpoint = (0, _trim.default)(config.auth_endpoint, '/');
const authTokenEndpoint = (0, _trim.default)(config.auth_token_endpoint, '/');
this.auth_url = `${baseURL}/${authEndpoint}`;

@@ -65,3 +76,3 @@ this.auth_token_url = `${baseURL}/${authTokenEndpoint}`;

async authenticate(options, cb) {
if (isInsecureProtocol()) {
if ((0, _utils.isInsecureProtocol)()) {
return cb(new Error('Cannot authenticate over insecure protocol!'));

@@ -77,3 +88,3 @@ }

auth_type: 'pkce',
nonce: createNonce()
nonce: (0, _utils.createNonce)()
});

@@ -104,3 +115,3 @@ authURL.searchParams.set('state', state);

} = JSON.parse(params.get('state'));
const validNonce = validateNonce(nonce);
const validNonce = (0, _utils.validateNonce)(nonce);

@@ -135,2 +146,4 @@ if (!validNonce) {

}
}
exports.default = PkceAuthenticator;

24

dist/esm/utils.js

@@ -1,4 +0,16 @@

import uuid from 'uuid/v4';
export function createNonce() {
const nonce = uuid();
"use strict";
Object.defineProperty(exports, "__esModule", {
value: true
});
exports.createNonce = createNonce;
exports.validateNonce = validateNonce;
exports.isInsecureProtocol = isInsecureProtocol;
var _v = _interopRequireDefault(require("uuid/v4"));
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
function createNonce() {
const nonce = (0, _v.default)();
window.sessionStorage.setItem('netlify-cms-auth', JSON.stringify({

@@ -9,3 +21,4 @@ nonce

}
export function validateNonce(check) {
function validateNonce(check) {
const auth = window.sessionStorage.getItem('netlify-cms-auth');

@@ -16,3 +29,4 @@ const valid = auth && JSON.parse(auth).nonce;

}
export function isInsecureProtocol() {
function isInsecureProtocol() {
return document.location.protocol !== 'https:' && // TODO: Is insecure localhost a bad idea as well? I don't think it is, since you are not actually

@@ -19,0 +33,0 @@ // sending the token over the internet in this case, assuming the auth URL is secure.

4

package.json
{
"name": "netlify-cms-lib-auth",
"description": "Shared authentication functionality for Netlify CMS.",
"version": "2.4.0",
"version": "2.4.1",
"repository": "https://github.com/netlify/netlify-cms/tree/master/packages/netlify-cms-lib-auth",

@@ -28,3 +28,3 @@ "bugs": "https://github.com/netlify/netlify-cms/issues",

},
"gitHead": "f70924d99be047a8a00ce6be2398dac7c77d55d5"
"gitHead": "bffea12b920501dea8e37703b0e10b96f6e98d5a"
}

12

README.md

@@ -1,11 +0,3 @@

# Docs coming soon!
# Lib Auth
Netlify CMS was recently converted from a single npm package to a "monorepo" of over 20 packages.
That's over 20 Readme's! We haven't created one for this package yet, but we will soon.
In the meantime, you can:
1. Check out the [main readme](https://github.com/netlify/netlify-cms/#readme) or the [documentation
site](https://www.netlifycms.org) for more info.
2. Reach out to the [community chat](https://netlifycms.org/chat/) if you need help.
3. Help out and [write the readme yourself](https://github.com/netlify/netlify-cms/edit/master/packages/netlify-cms-lib-auth/README.md)!
Shared components to handle OAuth and implicit authentication flows.

5

src/pkce-oauth.js

@@ -29,6 +29,3 @@ import trim from 'lodash/trim';

// https://tools.ietf.org/html/rfc7636#appendix-A
return btoa(sha)
.split('=')[0]
.replace(/\+/g, '-')
.replace(/\//g, '_');
return btoa(sha).split('=')[0].replace(/\+/g, '-').replace(/\//g, '_');
}

@@ -35,0 +32,0 @@ 

CHANGELOG.md
dist/netlify-cms-lib-auth.js.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc