oauth4webapi
Advanced tools
Comparing version 2.4.0 to 2.4.1
@@ -1,7 +0,11 @@ | ||
type JsonObject = { | ||
/** JSON Object */ | ||
export type JsonObject = { | ||
[Key in string]?: JsonValue; | ||
}; | ||
type JsonArray = JsonValue[]; | ||
type JsonPrimitive = string | number | boolean | null; | ||
type JsonValue = JsonPrimitive | JsonObject | JsonArray; | ||
/** JSON Array */ | ||
export type JsonArray = JsonValue[]; | ||
/** JSON Primitives */ | ||
export type JsonPrimitive = string | number | boolean | null; | ||
/** JSON Values */ | ||
export type JsonValue = JsonPrimitive | JsonObject | JsonArray; | ||
/** | ||
@@ -48,4 +52,6 @@ * Interface to pass an asymmetric private key and, optionally, its associated JWK Key ID to be | ||
* | ||
* @example CryptoKey algorithm for the `PS256`, `PS384`, or `PS512` JWS Algorithm Identifiers | ||
* @example | ||
* | ||
* CryptoKey algorithm for the `PS256`, `PS384`, or `PS512` JWS Algorithm Identifiers | ||
* | ||
* ```ts | ||
@@ -68,4 +74,6 @@ * interface PS256 extends RsaHashedKeyAlgorithm { | ||
* | ||
* @example CryptoKey algorithm for the `ES256`, `ES384`, or `ES512` JWS Algorithm Identifiers | ||
* @example | ||
* | ||
* CryptoKey algorithm for the `ES256`, `ES384`, or `ES512` JWS Algorithm Identifiers | ||
* | ||
* ```ts | ||
@@ -88,4 +96,6 @@ * interface ES256 extends EcKeyAlgorithm { | ||
* | ||
* @example CryptoKey algorithm for the `RS256`, `RS384`, or `RS512` JWS Algorithm Identifiers | ||
* @example | ||
* | ||
* CryptoKey algorithm for the `RS256`, `RS384`, or `RS512` JWS Algorithm Identifiers | ||
* | ||
* ```ts | ||
@@ -108,5 +118,7 @@ * interface RS256 extends RsaHashedKeyAlgorithm { | ||
* | ||
* @example CryptoKey algorithm for the `EdDSA` JWS Algorithm Identifier (Experimental) | ||
* @example | ||
* | ||
* Runtime support for this algorithm is very limited, it depends on the [Secure Curves in the Web | ||
* CryptoKey algorithm for the `EdDSA` JWS Algorithm Identifier (Experimental) | ||
* | ||
* Runtime support for this algorithm is limited, it depends on the [Secure Curves in the Web | ||
* Cryptography API](https://wicg.github.io/webcrypto-secure-curves/) proposal which is yet to be | ||
@@ -480,3 +492,3 @@ * widely adopted. If the proposal changes this implementation will follow up with a minor release. | ||
* | ||
* @example Tolerate 30 seconds clock skew when validating JWT claims like `exp` or `nbf`. | ||
* @example Tolerate 30 seconds clock skew when validating JWT claims like exp or nbf. | ||
* | ||
@@ -494,5 +506,7 @@ * ```ts | ||
} | ||
/** @group Errors */ | ||
export declare class UnsupportedOperationError extends Error { | ||
constructor(message?: string); | ||
} | ||
/** @group Errors */ | ||
export declare class OperationProcessingError extends Error { | ||
@@ -508,4 +522,6 @@ constructor(message: string, options?: { | ||
* | ||
* @example A 5000ms timeout AbortSignal for every request | ||
* @example | ||
* | ||
* A 5000ms timeout AbortSignal for every request | ||
* | ||
* ```js | ||
@@ -536,2 +552,5 @@ * const signal = () => AbortSignal.timeout(5_000) // Note: AbortSignal.timeout may not yet be available in all runtimes. | ||
* | ||
* @group Authorization Server Metadata | ||
* @group OpenID Connect (OIDC) Discovery | ||
* | ||
* @see [RFC 8414 - OAuth 2.0 Authorization Server Metadata](https://www.rfc-editor.org/rfc/rfc8414.html#section-3) | ||
@@ -550,2 +569,5 @@ * @see [OpenID Connect Discovery 1.0](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig) | ||
* | ||
* @group Authorization Server Metadata | ||
* @group OpenID Connect (OIDC) Discovery | ||
* | ||
* @see [RFC 8414 - OAuth 2.0 Authorization Server Metadata](https://www.rfc-editor.org/rfc/rfc8414.html#section-3) | ||
@@ -558,2 +580,7 @@ * @see [OpenID Connect Discovery 1.0](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig) | ||
* | ||
* @group Utilities | ||
* @group Authorization Code Grant | ||
* @group Authorization Code Grant w/ OpenID Connect (OIDC) | ||
* @group Proof Key for Code Exchange by OAuth Public Clients (PKCE) | ||
* | ||
* @see [RFC 7636 - Proof Key for Code Exchange by OAuth Public Clients (PKCE)](https://www.rfc-editor.org/rfc/rfc7636.html#section-4) | ||
@@ -565,2 +592,4 @@ */ | ||
* | ||
* @group Utilities | ||
* | ||
* @see [RFC 6749 - The OAuth 2.0 Authorization Framework](https://www.rfc-editor.org/rfc/rfc6749.html#section-4.1.1) | ||
@@ -572,2 +601,4 @@ */ | ||
* | ||
* @group Utilities | ||
* | ||
* @see [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#IDToken) | ||
@@ -582,2 +613,6 @@ */ | ||
* | ||
* @group Authorization Code Grant | ||
* @group Authorization Code Grant w/ OpenID Connect (OIDC) | ||
* @group Proof Key for Code Exchange by OAuth Public Clients (PKCE) | ||
* | ||
* @see [RFC 7636 - Proof Key for Code Exchange by OAuth Public Clients (PKCE)](https://www.rfc-editor.org/rfc/rfc7636.html#section-4) | ||
@@ -623,2 +658,6 @@ */ | ||
* | ||
* @group Authorization Code Grant | ||
* @group Authorization Code Grant w/ OpenID Connect (OIDC) | ||
* @group JWT-Secured Authorization Request (JAR) | ||
* | ||
* @see [RFC 9101 - The OAuth 2.0 Authorization Framework: JWT-Secured Authorization Request (JAR)](https://www.rfc-editor.org/rfc/rfc9101.html#name-request-object-2) | ||
@@ -635,3 +674,5 @@ */ | ||
* | ||
* @see [RFC 9126 - OAuth 2.0 Pushed Authorization Requests](https://www.rfc-editor.org/rfc/rfc9126.html#name-pushed-authorization-reques) | ||
* @group Pushed Authorization Requests (PAR) | ||
* | ||
* @see [RFC 9126 - OAuth 2.0 Pushed Authorization Requests (PAR)](https://www.rfc-editor.org/rfc/rfc9126.html#name-pushed-authorization-reques) | ||
* @see [RFC 9449 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.rfc-editor.org/rfc/rfc9449.html#name-dpop-with-pushed-authorizat) | ||
@@ -653,3 +694,15 @@ */ | ||
} | ||
/** A helper function used to determine if a response processing function returned an OAuth2Error. */ | ||
/** | ||
* A helper function used to determine if a response processing function returned an OAuth2Error. | ||
* | ||
* @group Utilities | ||
* @group Client Credentials Grant | ||
* @group Device Authorization Grant | ||
* @group Authorization Code Grant | ||
* @group Authorization Code Grant w/ OpenID Connect (OIDC) | ||
* @group Token Introspection | ||
* @group Token Revocation | ||
* @group Refreshing an Access Token | ||
* @group Pushed Authorization Requests (PAR) | ||
*/ | ||
export declare function isOAuth2Error(input?: ReturnTypes): input is OAuth2Error; | ||
@@ -664,7 +717,7 @@ export interface WWWAuthenticateChallengeParameters { | ||
/** NOTE: because the parameter names are case insensitive they are always returned lowercased */ | ||
readonly [parameter: string]: string | undefined; | ||
readonly [parameter: Lowercase<string>]: string | undefined; | ||
} | ||
export interface WWWAuthenticateChallenge { | ||
/** NOTE: because the value is case insensitive it is always returned lowercased */ | ||
readonly scheme: string; | ||
readonly scheme: Lowercase<string>; | ||
readonly parameters: WWWAuthenticateChallengeParameters; | ||
@@ -677,2 +730,13 @@ } | ||
* preserved. `undefined` when there wasn't a `WWW-Authenticate` HTTP Header returned. | ||
* | ||
* @group Accessing Protected Resources | ||
* @group Utilities | ||
* @group Client Credentials Grant | ||
* @group Device Authorization Grant | ||
* @group Authorization Code Grant | ||
* @group Authorization Code Grant w/ OpenID Connect (OIDC) | ||
* @group Token Introspection | ||
* @group Token Revocation | ||
* @group Refreshing an Access Token | ||
* @group Pushed Authorization Requests (PAR) | ||
*/ | ||
@@ -692,3 +756,5 @@ export declare function parseWwwAuthenticateChallenges(response: Response): WWWAuthenticateChallenge[] | undefined; | ||
* | ||
* @see [RFC 9126 - OAuth 2.0 Pushed Authorization Requests](https://www.rfc-editor.org/rfc/rfc9126.html#name-pushed-authorization-reques) | ||
* @group Pushed Authorization Requests (PAR) | ||
* | ||
* @see [RFC 9126 - OAuth 2.0 Pushed Authorization Requests (PAR)](https://www.rfc-editor.org/rfc/rfc9126.html#name-pushed-authorization-reques) | ||
*/ | ||
@@ -719,2 +785,4 @@ export declare function processPushedAuthorizationResponse(as: AuthorizationServer, client: Client, response: Response): Promise<PushedAuthorizationResponse | OAuth2Error>; | ||
* | ||
* @group Accessing Protected Resources | ||
* | ||
* @see [RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage](https://www.rfc-editor.org/rfc/rfc6750.html#section-2.1) | ||
@@ -736,2 +804,5 @@ * @see [RFC 9449 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.rfc-editor.org/rfc/rfc9449.html#name-protected-resource-access) | ||
* | ||
* @group Authorization Code Grant w/ OpenID Connect (OIDC) | ||
* @group OpenID Connect (OIDC) UserInfo | ||
* | ||
* @see [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#UserInfo) | ||
@@ -796,2 +867,5 @@ * @see [RFC 9449 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.rfc-editor.org/rfc/rfc9449.html#name-protected-resource-access) | ||
* | ||
* @group Authorization Code Grant w/ OpenID Connect (OIDC) | ||
* @group OpenID Connect (OIDC) UserInfo | ||
* | ||
* @see [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#UserInfo) | ||
@@ -812,2 +886,4 @@ */ | ||
* | ||
* @group Refreshing an Access Token | ||
* | ||
* @see [RFC 6749 - The OAuth 2.0 Authorization Framework](https://www.rfc-editor.org/rfc/rfc6749.html#section-6) | ||
@@ -824,2 +900,4 @@ * @see [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#RefreshTokens) | ||
* @returns JWT Claims Set from an ID Token. | ||
* | ||
* @group Authorization Code Grant w/ OpenID Connect (OIDC) | ||
*/ | ||
@@ -849,2 +927,4 @@ export declare function getValidatedIdTokenClaims(ref: OpenIDTokenEndpointResponse): IDToken; | ||
* | ||
* @group Refreshing an Access Token | ||
* | ||
* @see [RFC 6749 - The OAuth 2.0 Authorization Framework](https://www.rfc-editor.org/rfc/rfc6749.html#section-6) | ||
@@ -865,2 +945,5 @@ * @see [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#RefreshTokens) | ||
* | ||
* @group Authorization Code Grant | ||
* @group Authorization Code Grant w/ OpenID Connect (OIDC) | ||
* | ||
* @see [RFC 6749 - The OAuth 2.0 Authorization Framework](https://www.rfc-editor.org/rfc/rfc6749.html#section-4.1) | ||
@@ -899,3 +982,3 @@ * @see [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth) | ||
/** NOTE: because the value is case insensitive it is always returned lowercased */ | ||
readonly token_type: string; | ||
readonly token_type: 'bearer' | 'dpop' | Lowercase<string>; | ||
readonly [parameter: string]: JsonValue | undefined; | ||
@@ -910,3 +993,3 @@ } | ||
/** NOTE: because the value is case insensitive it is always returned lowercased */ | ||
readonly token_type: string; | ||
readonly token_type: 'bearer' | 'dpop' | Lowercase<string>; | ||
readonly [parameter: string]: JsonValue | undefined; | ||
@@ -921,3 +1004,3 @@ } | ||
/** NOTE: because the value is case insensitive it is always returned lowercased */ | ||
readonly token_type: string; | ||
readonly token_type: 'bearer' | 'dpop' | Lowercase<string>; | ||
readonly [parameter: string]: JsonValue | undefined; | ||
@@ -930,3 +1013,3 @@ } | ||
/** NOTE: because the value is case insensitive it is always returned lowercased */ | ||
readonly token_type: string; | ||
readonly token_type: 'bearer' | 'dpop' | Lowercase<string>; | ||
readonly [parameter: string]: JsonValue | undefined; | ||
@@ -963,2 +1046,4 @@ } | ||
* | ||
* @group Authorization Code Grant w/ OpenID Connect (OIDC) | ||
* | ||
* @see [RFC 6749 - The OAuth 2.0 Authorization Framework](https://www.rfc-editor.org/rfc/rfc6749.html#section-4.1) | ||
@@ -980,2 +1065,4 @@ * @see [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth) | ||
* | ||
* @group Authorization Code Grant | ||
* | ||
* @see [RFC 6749 - The OAuth 2.0 Authorization Framework](https://www.rfc-editor.org/rfc/rfc6749.html#section-4.1) | ||
@@ -993,2 +1080,4 @@ */ | ||
* | ||
* @group Client Credentials Grant | ||
* | ||
* @see [RFC 6749 - The OAuth 2.0 Authorization Framework](https://www.rfc-editor.org/rfc/rfc6749.html#section-4.4) | ||
@@ -1010,2 +1099,4 @@ * @see [RFC 9449 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.rfc-editor.org/rfc/rfc9449.html#name-dpop-access-token-request) | ||
* | ||
* @group Client Credentials Grant | ||
* | ||
* @see [RFC 6749 - The OAuth 2.0 Authorization Framework](https://www.rfc-editor.org/rfc/rfc6749.html#section-4.4) | ||
@@ -1027,2 +1118,4 @@ */ | ||
* | ||
* @group Token Revocation | ||
* | ||
* @see [RFC 7009 - OAuth 2.0 Token Revocation](https://www.rfc-editor.org/rfc/rfc7009.html#section-2) | ||
@@ -1040,2 +1133,4 @@ */ | ||
* | ||
* @group Token Revocation | ||
* | ||
* @see [RFC 7009 - OAuth 2.0 Token Revocation](https://www.rfc-editor.org/rfc/rfc7009.html#section-2) | ||
@@ -1067,2 +1162,4 @@ */ | ||
* | ||
* @group Token Introspection | ||
* | ||
* @see [RFC 7662 - OAuth 2.0 Token Introspection](https://www.rfc-editor.org/rfc/rfc7662.html#section-2) | ||
@@ -1106,2 +1203,4 @@ * @see [draft-ietf-oauth-jwt-introspection-response-12 - JWT Response for OAuth Token Introspection](https://www.ietf.org/archive/id/draft-ietf-oauth-jwt-introspection-response-12.html#section-4) | ||
* | ||
* @group Token Introspection | ||
* | ||
* @see [RFC 7662 - OAuth 2.0 Token Introspection](https://www.rfc-editor.org/rfc/rfc7662.html#section-2) | ||
@@ -1121,2 +1220,6 @@ * @see [draft-ietf-oauth-jwt-introspection-response-12 - JWT Response for OAuth Token Introspection](https://www.ietf.org/archive/id/draft-ietf-oauth-jwt-introspection-response-12.html#section-5) | ||
* | ||
* @group Authorization Code Grant | ||
* @group Authorization Code Grant w/ OpenID Connect (OIDC) | ||
* @group JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) | ||
* | ||
* @see [JWT Secured Authorization Response Mode for OAuth 2.0 (JARM)](https://openid.net/specs/openid-financial-api-jarm.html) | ||
@@ -1153,2 +1256,5 @@ */ | ||
* | ||
* @group Authorization Code Grant | ||
* @group Authorization Code Grant w/ OpenID Connect (OIDC) | ||
* | ||
* @see [RFC 6749 - The OAuth 2.0 Authorization Framework](https://www.rfc-editor.org/rfc/rfc6749.html#section-4.1.2) | ||
@@ -1170,2 +1276,4 @@ * @see [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication) | ||
* | ||
* @group Device Authorization Grant | ||
* | ||
* @see [RFC 8628 - OAuth 2.0 Device Authorization Grant](https://www.rfc-editor.org/rfc/rfc8628.html#section-3.1) | ||
@@ -1195,2 +1303,4 @@ */ | ||
* | ||
* @group Device Authorization Grant | ||
* | ||
* @see [RFC 8628 - OAuth 2.0 Device Authorization Grant](https://www.rfc-editor.org/rfc/rfc8628.html#section-3.1) | ||
@@ -1207,2 +1317,4 @@ */ | ||
* | ||
* @group Device Authorization Grant | ||
* | ||
* @see [RFC 8628 - OAuth 2.0 Device Authorization Grant](https://www.rfc-editor.org/rfc/rfc8628.html#section-3.4) | ||
@@ -1224,2 +1336,4 @@ * @see [RFC 9449 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.rfc-editor.org/rfc/rfc9449.html#name-dpop-access-token-request) | ||
* | ||
* @group Device Authorization Grant | ||
* | ||
* @see [RFC 8628 - OAuth 2.0 Device Authorization Grant](https://www.rfc-editor.org/rfc/rfc8628.html#section-3.4) | ||
@@ -1240,4 +1354,6 @@ */ | ||
* @param alg Supported JWS `alg` Algorithm identifier. | ||
* | ||
* @group Utilities | ||
*/ | ||
export declare function generateKeyPair(alg: JWSAlgorithm, options?: GenerateKeyPairOptions): Promise<CryptoKeyPair>; | ||
export {}; |
let USER_AGENT; | ||
if (typeof navigator === 'undefined' || !navigator.userAgent?.startsWith?.('Mozilla/5.0 ')) { | ||
const NAME = 'oauth4webapi'; | ||
const VERSION = 'v2.4.0'; | ||
const VERSION = 'v2.4.1'; | ||
USER_AGENT = `${NAME}/${VERSION}`; | ||
@@ -197,3 +197,3 @@ } | ||
headers.set('accept', 'application/json'); | ||
return fetch(url.href, { | ||
const request = new Request(url.href, { | ||
headers, | ||
@@ -203,3 +203,4 @@ method: 'GET', | ||
signal: options?.signal ? signal(options.signal) : null, | ||
}).then(processDpopNonce); | ||
}); | ||
return fetch(request).then(processDpopNonce); | ||
} | ||
@@ -659,3 +660,3 @@ function validateString(input) { | ||
} | ||
return fetch(url.href, { | ||
const request = new Request(url.href, { | ||
body, | ||
@@ -666,3 +667,4 @@ headers, | ||
signal: options?.signal ? signal(options.signal) : null, | ||
}).then(processDpopNonce); | ||
}); | ||
return fetch(request).then(processDpopNonce); | ||
} | ||
@@ -827,3 +829,3 @@ export async function userInfoRequest(as, client, accessToken, options) { | ||
headers.set('content-type', 'application/x-www-form-urlencoded;charset=UTF-8'); | ||
return fetch(url.href, { | ||
const request = new Request(url.href, { | ||
body, | ||
@@ -834,3 +836,4 @@ headers, | ||
signal: options?.signal ? signal(options.signal) : null, | ||
}).then(processDpopNonce); | ||
}); | ||
return fetch(request).then(processDpopNonce); | ||
} | ||
@@ -1195,3 +1198,3 @@ async function tokenEndpointRequest(as, client, grantType, parameters, options) { | ||
headers.append('accept', 'application/jwk-set+json'); | ||
return fetch(url.href, { | ||
const request = new Request(url.href, { | ||
headers, | ||
@@ -1201,3 +1204,4 @@ method: 'GET', | ||
signal: options?.signal ? signal(options.signal) : null, | ||
}).then(processDpopNonce); | ||
}); | ||
return fetch(request).then(processDpopNonce); | ||
} | ||
@@ -1204,0 +1208,0 @@ async function processJwksResponse(response) { |
{ | ||
"name": "oauth4webapi", | ||
"version": "2.4.0", | ||
"version": "2.4.1", | ||
"description": "OAuth 2 / OpenID Connect for JavaScript Runtimes", | ||
@@ -66,20 +66,20 @@ "keywords": [ | ||
"devDependencies": { | ||
"@esbuild-kit/esm-loader": "^2.6.5", | ||
"@types/node": "^20.9.0", | ||
"@types/qunit": "^2.19.8", | ||
"@types/node": "^20.10.6", | ||
"@types/qunit": "^2.19.9", | ||
"ava": "^5.3.1", | ||
"edge-runtime": "^2.5.7", | ||
"esbuild": "^0.19.5", | ||
"jose": "^5.1.1", | ||
"esbuild": "^0.19.11", | ||
"jose": "^5.2.0", | ||
"patch-package": "^8.0.0", | ||
"prettier": "^3.1.0", | ||
"prettier-plugin-jsdoc": "^1.1.1", | ||
"prettier": "^3.1.1", | ||
"prettier-plugin-jsdoc": "^1.3.0", | ||
"qunit": "^2.20.0", | ||
"timekeeper": "^2.3.1", | ||
"typedoc": "^0.25.3", | ||
"tsx": "^4.7.0", | ||
"typedoc": "^0.25.6", | ||
"typedoc-plugin-markdown": "^3.17.1", | ||
"typedoc-plugin-mdn-links": "^3.1.0", | ||
"typescript": "^5.2.2", | ||
"undici": "^5.27.2" | ||
"typedoc-plugin-mdn-links": "^3.1.10", | ||
"typescript": "^5.3.3", | ||
"undici": "^5.28.2" | ||
} | ||
} |
@@ -44,3 +44,3 @@ # OAuth 2 / OpenID Connect for JavaScript Runtimes | ||
```js | ||
import * as oauth2 from 'https://deno.land/x/oauth4webapi@v2.4.0/mod.ts' | ||
import * as oauth2 from 'https://deno.land/x/oauth4webapi@v2.4.1/mod.ts' | ||
``` | ||
@@ -47,0 +47,0 @@ |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
127071
2919