🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
Socket
DemoInstallSign in
Socket
DemoInstallSign in

web-auth-library

Package Overview
Dependencies
Maintainers
1
Versions
12
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

web-auth-library - npm Package Compare versions

Comparing version

0.3.0
to
0.3.1

dist/index.d.ts
dist/index.js

12

dist/gcp/auth.d.ts
import { Credentials } from "./credentials.js";
declare type AuthTokenOptions<T extends "accessToken" | "idToken"> = T extends "accessToken" ? {
declare type AccessTokenOptions = {
credentials: Credentials | string;
scope: string[] | string;
audience?: never;
} : {
scope?: string[] | string;
};
declare type IdTokenOptions = {
credentials: Credentials | string;
audience: string;
scope?: never;
};

@@ -33,4 +32,5 @@ declare type AccessToken = {

*/
declare function getAuthToken<T extends AuthTokenOptions<"accessToken"> | AuthTokenOptions<"idToken">>(options: T): Promise<T extends AuthTokenOptions<"accessToken"> ? AccessToken : IdToken>;
declare function getAuthToken(options: AccessTokenOptions): Promise<AccessToken>;
declare function getAuthToken(options: IdTokenOptions): Promise<IdToken>;
export declare function fetchAuthToken(credentials: Credentials, scope: string | undefined): Promise<AccessToken | IdToken>;
export { type AccessToken, type IdToken, getAuthToken };

21

dist/gcp/auth.js

@@ -1,2 +0,2 @@

/* SPDX-FileCopyrightText: 2020-present Kriasoft */
/* SPDX-FileCopyrightText: 2022-present Kriasoft */
/* SPDX-License-Identifier: MIT */

@@ -10,19 +10,10 @@ import QuickLRU from "quick-lru";

});
/**
* Retrieves an authentication token from OAuth 2.0 authorization server.
*
* @example
* const token = await getAuthToken({
* credentials: env.GOOGLE_CLOUD_CREDENTIALS,
* scope: "https://www.googleapis.com/auth/cloud-platform"
* );
* const headers = { Authorization: `Bearer ${token.accessToken}` };
* const res = await fetch(url, { headers });
*/
async function getAuthToken(options) {
// Normalize input arguments
const credentials = getCredentials(options.credentials);
const scope = "scope" in options && Array.isArray(options.scope)
? options.scope.sort().join(" ")
: options.scope ?? options.audience;
const scope = "scope" in options || !("audience" in options)
? Array.isArray(options.scope)
? options.scope.sort().join(" ")
: options.scope
: options.audience;
// Attempt to retrieve the token from the cache

@@ -29,0 +20,0 @@ const keyId = credentials?.private_key_id ?? credentials.client_email;

19

package.json
{
"name": "web-auth-library",
"version": "0.3.0",
"version": "0.3.1",
"packageManager": "yarn@4.0.0-rc.6",

@@ -12,2 +12,19 @@ "description": "Authentication library for the browser environment using Web Crypto API",

},
"contributors": [
{
"name": "Konstantin Tarkus",
"email": "hello@tarkus.me",
"url": "https://github.com/koistya"
}
],
"funding": [
{
"type": "github",
"url": "https://github.com/sponsors/kriasoft"
},
{
"type": "patreon",
"url": "https://www.patreon.com/koistya"
}
],
"repository": "kriasoft/web-auth-library",

@@ -14,0 +31,0 @@ "keywords": [

14

README.md

@@ -53,6 +53,7 @@ # Authentication Library for the Web Environment

#### Generating an ID token for the arbitrary resource
```ts
import { getAuthToken, importKey, sign } from "web-auth-library/gcp";
// Get an ID token for the target resource (audience)
const token = await getAuthToken({

@@ -67,8 +68,11 @@ credentials: env.GOOGLE_CLOUD_CREDENTIALS,

// }
```
// Convert GCP service account key into `CryptoKey` object
const credentials = JSON.parse(env.GOOGLE_CLOUD_CREDENTIALS);
#### Generating a digital signature
```ts
import { getCredentials, importKey, sign } from "web-auth-library/gcp";
const credentials = getCredentials(env.GOOGLE_CLOUD_CREDENTIALS);
const signingKey = await importKey(credentials.private_key, ["sign"]);
// Generate a digital signature
const signature = await sign(signingKey, "xxx");

@@ -75,0 +79,0 @@ ```