oauth4webapi
Advanced tools
Comparing version 2.2.3 to 2.2.4
@@ -626,3 +626,3 @@ type JsonObject = { | ||
* @see [RFC 9126 - OAuth 2.0 Pushed Authorization Requests](https://www.rfc-editor.org/rfc/rfc9126.html#name-pushed-authorization-reques) | ||
* @see [draft-ietf-oauth-dpop-11 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-11.html#name-dpop-with-pushed-authorizat) | ||
* @see [draft-ietf-oauth-dpop-16 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-16.html#name-dpop-with-pushed-authorizat) | ||
*/ | ||
@@ -705,3 +705,3 @@ export declare function pushedAuthorizationRequest(as: AuthorizationServer, client: Client, parameters: URLSearchParams, options?: PushedAuthorizationRequestOptions): Promise<Response>; | ||
* @see [RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage](https://www.rfc-editor.org/rfc/rfc6750.html#section-2.1) | ||
* @see [draft-ietf-oauth-dpop-11 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-11.html#name-protected-resource-access) | ||
* @see [draft-ietf-oauth-dpop-16 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-16.html#name-protected-resource-access) | ||
*/ | ||
@@ -722,3 +722,3 @@ export declare function protectedResourceRequest(accessToken: string, method: 'GET' | 'POST' | 'PUT' | 'DELETE' | 'PATCH' | string, url: URL, headers: Headers, body: RequestInit['body'], options?: ProtectedResourceRequestOptions): Promise<Response>; | ||
* @see [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#UserInfo) | ||
* @see [draft-ietf-oauth-dpop-11 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-11.html#name-protected-resource-access) | ||
* @see [draft-ietf-oauth-dpop-16 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-16.html#name-protected-resource-access) | ||
*/ | ||
@@ -797,3 +797,3 @@ export declare function userInfoRequest(as: AuthorizationServer, client: Client, accessToken: string, options?: UserInfoRequestOptions): Promise<Response>; | ||
* @see [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#RefreshTokens) | ||
* @see [draft-ietf-oauth-dpop-11 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-11.html#name-dpop-access-token-request) | ||
* @see [draft-ietf-oauth-dpop-16 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-16.html#name-dpop-access-token-request) | ||
*/ | ||
@@ -848,5 +848,5 @@ export declare function refreshTokenGrantRequest(as: AuthorizationServer, client: Client, refreshToken: string, options?: TokenEndpointRequestOptions): Promise<Response>; | ||
* @see [RFC 7636 - Proof Key for Code Exchange by OAuth Public Clients (PKCE)](https://www.rfc-editor.org/rfc/rfc7636.html#section-4) | ||
* @see [draft-ietf-oauth-dpop-11 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-11.html#name-dpop-access-token-request) | ||
* @see [draft-ietf-oauth-dpop-16 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-16.html#name-dpop-access-token-request) | ||
*/ | ||
export declare function authorizationCodeGrantRequest(as: AuthorizationServer, client: Client, callbackParameters: CallbackParameters, redirectUri: string, codeVerifier: string, options?: TokenEndpointRequestOptions): Promise<Response>; | ||
export declare function authorizationCodeGrantRequest(as: AuthorizationServer, client: Client, callbackParameters: URLSearchParams, redirectUri: string, codeVerifier: string, options?: TokenEndpointRequestOptions): Promise<Response>; | ||
interface JWTPayload { | ||
@@ -966,3 +966,3 @@ readonly iss?: string; | ||
* @see [RFC 6749 - The OAuth 2.0 Authorization Framework](https://www.rfc-editor.org/rfc/rfc6749.html#section-4.4) | ||
* @see [draft-ietf-oauth-dpop-11 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-11.html#name-dpop-access-token-request) | ||
* @see [draft-ietf-oauth-dpop-16 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-16.html#name-dpop-access-token-request) | ||
*/ | ||
@@ -1085,3 +1085,3 @@ export declare function clientCredentialsGrantRequest(as: AuthorizationServer, client: Client, parameters: URLSearchParams, options?: ClientCredentialsGrantRequestOptions): Promise<Response>; | ||
*/ | ||
export declare function validateJwtAuthResponse(as: AuthorizationServer, client: Client, parameters: URLSearchParams | URL, expectedState?: string | typeof expectNoState | typeof skipStateCheck, options?: HttpRequestOptions): Promise<CallbackParameters | OAuth2Error>; | ||
export declare function validateJwtAuthResponse(as: AuthorizationServer, client: Client, parameters: URLSearchParams | URL, expectedState?: string | typeof expectNoState | typeof skipStateCheck, options?: HttpRequestOptions): Promise<URLSearchParams | OAuth2Error>; | ||
/** | ||
@@ -1103,4 +1103,2 @@ * DANGER ZONE | ||
export declare const expectNoState: unique symbol; | ||
declare class CallbackParameters extends URLSearchParams { | ||
} | ||
/** | ||
@@ -1122,3 +1120,3 @@ * Validates an OAuth 2.0 Authorization Response or Authorization Error Response message returned | ||
*/ | ||
export declare function validateAuthResponse(as: AuthorizationServer, client: Client, parameters: URLSearchParams | URL, expectedState?: string | typeof expectNoState | typeof skipStateCheck): CallbackParameters | OAuth2Error; | ||
export declare function validateAuthResponse(as: AuthorizationServer, client: Client, parameters: URLSearchParams | URL, expectedState?: string | typeof expectNoState | typeof skipStateCheck): URLSearchParams | OAuth2Error; | ||
type ReturnTypes = TokenEndpointResponse | OAuth2TokenEndpointResponse | OpenIDTokenEndpointResponse | ClientCredentialsGrantResponse | DeviceAuthorizationResponse | IntrospectionResponse | OAuth2Error | PushedAuthorizationResponse | URLSearchParams | UserInfoResponse; | ||
@@ -1170,3 +1168,3 @@ export interface DeviceAuthorizationRequestOptions extends HttpRequestOptions, AuthenticatedRequestOptions { | ||
* @see [RFC 8628 - OAuth 2.0 Device Authorization Grant](https://www.rfc-editor.org/rfc/rfc8628.html#section-3.4) | ||
* @see [draft-ietf-oauth-dpop-11 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-11.html#name-dpop-access-token-request) | ||
* @see [draft-ietf-oauth-dpop-16 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-16.html#name-dpop-access-token-request) | ||
*/ | ||
@@ -1173,0 +1171,0 @@ export declare function deviceCodeGrantRequest(as: AuthorizationServer, client: Client, deviceCode: string, options?: TokenEndpointRequestOptions): Promise<Response>; |
let USER_AGENT; | ||
if (typeof navigator === 'undefined' || !navigator.userAgent?.startsWith?.('Mozilla/5.0 ')) { | ||
const NAME = 'oauth4webapi'; | ||
const VERSION = 'v2.2.3'; | ||
const VERSION = 'v2.2.4'; | ||
USER_AGENT = `${NAME}/${VERSION}`; | ||
@@ -971,7 +971,12 @@ } | ||
} | ||
const branded = new WeakSet(); | ||
function brand(searchParams) { | ||
branded.add(searchParams); | ||
return searchParams; | ||
} | ||
export async function authorizationCodeGrantRequest(as, client, callbackParameters, redirectUri, codeVerifier, options) { | ||
assertAs(as); | ||
assertClient(client); | ||
if (!(callbackParameters instanceof CallbackParameters)) { | ||
throw new TypeError('"callbackParameters" must be an instance of CallbackParameters obtained from "validateAuthResponse()", or "validateJwtAuthResponse()'); | ||
if (!branded.has(callbackParameters)) { | ||
throw new TypeError('"callbackParameters" must be an instance of URLSearchParams obtained from "validateAuthResponse()", or "validateJwtAuthResponse()'); | ||
} | ||
@@ -1434,4 +1439,2 @@ if (!validateString(redirectUri)) { | ||
export const expectNoState = Symbol(); | ||
class CallbackParameters extends URLSearchParams { | ||
} | ||
export function validateAuthResponse(as, client, parameters, expectedState) { | ||
@@ -1490,3 +1493,3 @@ assertAs(as); | ||
} | ||
return new CallbackParameters(parameters); | ||
return brand(new URLSearchParams(parameters)); | ||
} | ||
@@ -1493,0 +1496,0 @@ function algToSubtle(alg, crv) { |
{ | ||
"name": "oauth4webapi", | ||
"version": "2.2.3", | ||
"version": "2.2.4", | ||
"description": "OAuth 2 / OpenID Connect for Web Platform API JavaScript runtimes", | ||
@@ -66,14 +66,14 @@ "keywords": [ | ||
"@esbuild-kit/esm-loader": "^2.5.5", | ||
"@types/node": "^18.15.13", | ||
"@types/node": "^18.16.0", | ||
"@types/qunit": "^2.19.4", | ||
"ava": "^5.2.0", | ||
"edge-runtime": "^2.1.4", | ||
"esbuild": "^0.17.17", | ||
"esbuild": "^0.17.18", | ||
"jose": "^4.14.1", | ||
"patch-package": "^6.5.1", | ||
"prettier": "^2.8.7", | ||
"prettier": "^2.8.8", | ||
"prettier-plugin-jsdoc": "^0.4.2", | ||
"qunit": "^2.19.4", | ||
"timekeeper": "^2.2.0", | ||
"typedoc": "^0.24.4", | ||
"typedoc": "^0.24.6", | ||
"typedoc-plugin-markdown": "^3.15.2", | ||
@@ -80,0 +80,0 @@ "typedoc-plugin-mdn-links": "^3.0.3", |
@@ -42,3 +42,3 @@ # OAuth 2 / OpenID Connect for Web Platform API JavaScript runtimes | ||
```js | ||
import * as oauth2 from 'https://deno.land/x/oauth4webapi@v2.2.3/mod.ts' | ||
import * as oauth2 from 'https://deno.land/x/oauth4webapi@v2.2.4/mod.ts' | ||
``` | ||
@@ -45,0 +45,0 @@ |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
2803
124187