oslo - npm Package Compare versions

Comparing version 1.0.4 to 1.1.0

dist/encoding/index.d.ts

@@ -1,13 +0,9 @@
-import type { TypedArray } from "../index.js";
-export declare function encodeBase64(data: ArrayBuffer | TypedArray, options?: {
-    padding?: boolean;
-}): string;
-export declare function decodeBase64(data: string): Uint8Array;
-export declare function encodeBase64url(data: ArrayBuffer | TypedArray): string;
-export declare function decodeBase64url(data: string): Uint8Array;
-export declare function encodeHex(data: ArrayBuffer | TypedArray): string;
-export declare function decodeHex(data: string): Uint8Array;
-export declare function encodeBase32(data: ArrayBuffer | TypedArray, options?: {
-    padding?: boolean;
-}): string;
-export declare function decodeBase32(data: string): Uint8Array;
+export { encodeHex, decodeHex } from "./hex.js";
+export { Base32Encoding, base32, base32hex } from "./base32.js";
+export { Base64Encoding, base64, base64url } from "./base64.js";
+export interface Encoding {
+    encode: (data: Uint8Array) => string;
+    decode: (data: string) => Uint8Array;
+}
+export { encodeBase32, decodeBase32 } from "./base32.js";
+export { encodeBase64, encodeBase64url, decodeBase64, decodeBase64url } from "./base64.js";

dist/encoding/index.js

@@ -1,69 +0,5 @@
-import { binaryToInteger, bytesToBinary } from "../bytes.js";
-export function encodeBase64(data, options) {
-    let result = btoa(String.fromCharCode(...new Uint8Array(data)));
-    if (options?.padding === false) {
-        result = result.replaceAll("=", "");
-    }
-    return result;
-}
-export function decodeBase64(data) {
-    return Uint8Array.from(atob(data)
-        .split("")
-        .map((x) => x.charCodeAt(0)));
-}
-export function encodeBase64url(data) {
-    return encodeBase64(data, {
-        padding: false
-    })
-        .replaceAll("+", "-")
-        .replaceAll("/", "_");
-}
-export function decodeBase64url(data) {
-    return decodeBase64(data.replaceAll("-", "+").replaceAll("_", "/"));
-}
-export function encodeHex(data) {
-    const buffer = new Uint8Array(data);
-    let result = "";
-    for (let i = 0; i < buffer.length; i++) {
-        result += buffer[i].toString(16).padStart(2, "0");
-    }
-    return result;
-}
-export function decodeHex(data) {
-    const result = new Uint8Array(data.length / 2);
-    for (let i = 0; i < data.length / 2; i++) {
-        result[i] = parseInt(data.slice(i * 2, i * 2 + 2), 16);
-    }
-    return result;
-}
-export function encodeBase32(data, options) {
-    const bits = bytesToBinary(new Uint8Array(data));
-    const alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";
-    let result = "";
-    for (let i = 0; i < Math.ceil(bits.length / 5); i++) {
-        const key = binaryToInteger(bits.slice(i * 5, (i + 1) * 5).padEnd(5, "0"));
-        const val = alphabet[key];
-        result += val;
-    }
-    const padding = options?.padding ?? true;
-    if (padding) {
-        result = result.padEnd(8 * Math.ceil(result.length / 8), "=");
-    }
-    return result;
-}
-export function decodeBase32(data) {
-    const alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";
-    data = data.replaceAll("=", "");
-    let bits = "";
-    for (let i = 0; i < data.length; i++) {
-        const key = alphabet.indexOf(data[i]);
-        if (key === -1)
-            throw new Error("Invalid input");
-        bits += key.toString(2).padStart(5, "0");
-    }
-    const result = new Uint8Array(bits.length / 8);
-    for (let i = 0; i < bits.length / 8; i++) {
-        result[i] = binaryToInteger(bits.slice(i * 8, (i + 1) * 8).padStart(8, "0"));
-    }
-    return result;
-}
+export { encodeHex, decodeHex } from "./hex.js";
+export { Base32Encoding, base32, base32hex } from "./base32.js";
+export { Base64Encoding, base64, base64url } from "./base64.js";
+export { encodeBase32, decodeBase32 } from "./base32.js";
+export { encodeBase64, encodeBase64url, decodeBase64, decodeBase64url } from "./base64.js";

dist/jwt/index.js

 import { ECDSA, HMAC, RSASSAPKCS1v1_5, RSASSAPSS } from "../crypto/index.js";
-import { decodeBase64url, encodeBase64url } from "../encoding/index.js";
+import { base64url } from "../encoding/index.js";
 import { isWithinExpirationDate } from "../index.js";
@@ -35,7 +35,13 @@ export async function createJWT(algorithm, key, payloadClaims, options) {
     const textEncoder = new TextEncoder();
-    const headerPart = encodeBase64url(textEncoder.encode(JSON.stringify(header)));
-    const payloadPart = encodeBase64url(textEncoder.encode(JSON.stringify(payload)));
+    const headerPart = base64url.encode(textEncoder.encode(JSON.stringify(header)), {
+        includePadding: false
+    });
+    const payloadPart = base64url.encode(textEncoder.encode(JSON.stringify(payload)), {
+        includePadding: false
+    });
     const data = textEncoder.encode([headerPart, payloadPart].join("."));
     const signature = await getAlgorithm(algorithm).sign(key, data);
-    const signaturePart = encodeBase64url(signature);
+    const signaturePart = base64url.encode(new Uint8Array(signature), {
+        includePadding: false
+    });
     const value = [headerPart, payloadPart, signaturePart].join(".");
@@ -58,3 +64,5 @@ return value;
     }
-    const signature = decodeBase64url(parsedJWT.parts[2]);
+    const signature = base64url.decode(parsedJWT.parts[2], {
+        strict: false
+    });
     const data = new TextEncoder().encode(parsedJWT.parts[0] + "." + parsedJWT.parts[1]);
@@ -80,4 +88,8 @@ const validSignature = await getAlgorithm(parsedJWT.algorithm).verify(key, signature, data);
     const textDecoder = new TextDecoder();
-    const rawHeader = decodeBase64url(jwtParts[0]);
-    const rawPayload = decodeBase64url(jwtParts[1]);
+    const rawHeader = base64url.decode(jwtParts[0], {
+        strict: false
+    });
+    const rawPayload = base64url.decode(jwtParts[1], {
+        strict: false
+    });
     const header = JSON.parse(textDecoder.decode(rawHeader));
@@ -84,0 +96,0 @@ if (typeof header !== "object" || header === null) {

dist/oauth2/index.js

 import { sha256 } from "../crypto/index.js";
-import { encodeBase64, encodeBase64url } from "../encoding/index.js";
+import { base64, base64url } from "../encoding/index.js";
 export class OAuth2Client {
@@ -30,3 +30,5 @@ clientId;
             const codeChallengeBuffer = await sha256(new TextEncoder().encode(options.codeVerifier));
-            const codeChallenge = encodeBase64url(codeChallengeBuffer);
+            const codeChallenge = base64url.encode(new Uint8Array(codeChallengeBuffer), {
+                includePadding: false
+            });
             authorizationUrl.searchParams.set("code_challenge_method", "S256");
@@ -69,3 +71,3 @@ authorizationUrl.searchParams.set("code_challenge", codeChallenge);
             if (authenticateWith === "http_basic_auth") {
-                const encodedCredentials = encodeBase64(new TextEncoder().encode(`${this.clientId}:${options.credentials}`));
+                const encodedCredentials = base64.encode(new TextEncoder().encode(`${this.clientId}:${options.credentials}`));
                 headers.set("Authorization", `Basic ${encodedCredentials}`);
@@ -97,3 +99,5 @@ }
     crypto.getRandomValues(randomValues);
-    return encodeBase64url(randomValues);
+    return base64url.encode(randomValues, {
+        includePadding: false
+    });
 }
@@ -103,3 +107,5 @@ export function generateState() {
     crypto.getRandomValues(randomValues);
-    return encodeBase64url(randomValues);
+    return base64url.encode(randomValues, {
+        includePadding: false
+    });
 }
@@ -106,0 +112,0 @@ export class OAuth2RequestError extends Error {

dist/otp/uri.js

@@ -1,2 +0,2 @@
-import { encodeBase32 } from "../encoding/index.js";
+import { base32 } from "../encoding/index.js";
 export function createTOTPKeyURI(issuer, accountName, secret, options) {
@@ -20,4 +20,4 @@ const [baseURI, params] = createKeyURIBase("totp", issuer, accountName, secret, options);
     const params = new URLSearchParams({
-        secret: encodeBase32(secret, {
-            padding: false
+        secret: base32.encode(new Uint8Array(secret), {
+            includePadding: false
         }),
@@ -24,0 +24,0 @@ issuer: encodedIssuer

dist/webauthn/index.js

@@ -1,2 +0,2 @@
-import { encodeBase64url } from "../encoding/index.js";
+import { base64url } from "../encoding/index.js";
 import { compareBytes } from "../bytes.js";
@@ -60,5 +60,11 @@ import { ECDSA, RSASSAPKCS1v1_5 } from "../crypto/index.js";
         }
-        if (!("challenge" in clientData) || clientData.challenge !== encodeBase64url(challenge)) {
+        if (!("challenge" in clientData) || typeof clientData.challenge !== "string") {
             return false;
         }
+        const clientDataChallengeBuffer = base64url.decode(clientData.challenge, {
+            strict: false
+        });
+        if (compareBytes(clientDataChallengeBuffer, challenge)) {
+            return false;
+        }
         if (!("origin" in clientData) || clientData.origin !== this.originURL.origin) {
@@ -65,0 +71,0 @@ return false;

package.json

 {
 	"name": "oslo",
 	"type": "module",
-	"version": "1.0.4",
+	"version": "1.1.0",
 	"description": "A collection of auth-related utilities",
@@ -10,3 +10,3 @@ "main": "dist/index.js",
 	"scripts": {
-		"build": "rm -rf dist/* && tsc",
+		"build": "rm -rf dist/* && tsc --project tsconfig.build.json",
 		"format": "prettier -w .",
@@ -13,0 +13,0 @@ "lint": "eslint src",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

65531

increased by18.32%

Number of package files

55

increased by12.24%

Lines of code

1712

increased by20.82%

No dependency changes