UNPKG

@delewis13/appauth

Version:

A general purpose OAuth client. Vendored awaiting PR merge

openid/AppAuth-JS

84 lines 10.8 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
"use strict"; /* * Copyright 2017 Google Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except * in compliance with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software distributed under the * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either * express or implied. See the License for the specific language governing permissions and * limitations under the License. */ Object.defineProperty(exports, "__esModule", { value: true }); exports.DefaultCrypto = exports.textEncodeLite = exports.urlSafe = exports.bufferToString = void 0; var base64 = require("base64-js"); var errors_1 = require("./errors"); var HAS_CRYPTO = typeof window !== 'undefined' && !!window.crypto; var HAS_SUBTLE_CRYPTO = HAS_CRYPTO && !!window.crypto.subtle; var CHARSET = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; function bufferToString(buffer) { var state = []; for (var i = 0; i < buffer.byteLength; i += 1) { var index = buffer[i] % CHARSET.length; state.push(CHARSET[index]); } return state.join(''); } exports.bufferToString = bufferToString; function urlSafe(buffer) { var encoded = base64.fromByteArray(new Uint8Array(buffer)); return encoded.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, ''); } exports.urlSafe = urlSafe; // adapted from source: http://stackoverflow.com/a/11058858 // this is used in place of TextEncode as the api is not yet // well supported: https://caniuse.com/#search=TextEncoder function textEncodeLite(str) { var buf = new ArrayBuffer(str.length); var bufView = new Uint8Array(buf); for (var i = 0; i < str.length; i++) { bufView[i] = str.charCodeAt(i); } return bufView; } exports.textEncodeLite = textEncodeLite; /** * The default implementation of the `Crypto` interface. * This uses the capabilities of the browser. */ var DefaultCrypto = /** @class */ (function () { function DefaultCrypto() { } DefaultCrypto.prototype.generateRandom = function (size) { var buffer = new Uint8Array(size); if (HAS_CRYPTO) { window.crypto.getRandomValues(buffer); } else { // fall back to Math.random() if nothing else is available for (var i = 0; i < size; i += 1) { buffer[i] = (Math.random() * CHARSET.length) | 0; } } return bufferToString(buffer); }; DefaultCrypto.prototype.deriveChallenge = function (code) { if (code.length < 43 || code.length > 128) { return Promise.reject(new errors_1.AppAuthError('Invalid code length.')); } if (!HAS_SUBTLE_CRYPTO) { return Promise.reject(new errors_1.AppAuthError('window.crypto.subtle is unavailable.')); } return new Promise(function (resolve, reject) { crypto.subtle.digest('SHA-256', textEncodeLite(code)).then(function (buffer) { return resolve(urlSafe(new Uint8Array(buffer))); }, function (error) { return reject(error); }); }); }; return DefaultCrypto; }()); exports.DefaultCrypto = DefaultCrypto; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3J5cHRvX3V0aWxzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL2NyeXB0b191dGlscy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUE7Ozs7Ozs7Ozs7OztHQVlHOzs7QUFFSCxrQ0FBb0M7QUFFcEMsbUNBQXNDO0FBRXRDLElBQU0sVUFBVSxHQUFHLE9BQU8sTUFBTSxLQUFLLFdBQVcsSUFBSSxDQUFDLENBQUUsTUFBTSxDQUFDLE1BQWMsQ0FBQztBQUM3RSxJQUFNLGlCQUFpQixHQUFHLFVBQVUsSUFBSSxDQUFDLENBQUUsTUFBTSxDQUFDLE1BQU0sQ0FBQyxNQUFjLENBQUM7QUFDeEUsSUFBTSxPQUFPLEdBQUcsZ0VBQWdFLENBQUM7QUFFakYsU0FBZ0IsY0FBYyxDQUFDLE1BQWtCO0lBQy9DLElBQUksS0FBSyxHQUFHLEVBQUUsQ0FBQztJQUNmLEtBQUssSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsR0FBRyxNQUFNLENBQUMsVUFBVSxFQUFFLENBQUMsSUFBSSxDQUFDLEVBQUU7UUFDN0MsSUFBSSxLQUFLLEdBQUcsTUFBTSxDQUFDLENBQUMsQ0FBQyxHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUM7UUFDdkMsS0FBSyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQztLQUM1QjtJQUNELE9BQU8sS0FBSyxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsQ0FBQztBQUN4QixDQUFDO0FBUEQsd0NBT0M7QUFFRCxTQUFnQixPQUFPLENBQUMsTUFBa0I7SUFDeEMsSUFBTSxPQUFPLEdBQUcsTUFBTSxDQUFDLGFBQWEsQ0FBQyxJQUFJLFVBQVUsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDO0lBQzdELE9BQU8sT0FBTyxDQUFDLE9BQU8sQ0FBQyxLQUFLLEVBQUUsR0FBRyxDQUFDLENBQUMsT0FBTyxDQUFDLEtBQUssRUFBRSxHQUFHLENBQUMsQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxDQUFDO0FBQzNFLENBQUM7QUFIRCwwQkFHQztBQUVELDJEQUEyRDtBQUMzRCw0REFBNEQ7QUFDNUQsMERBQTBEO0FBQzFELFNBQWdCLGNBQWMsQ0FBQyxHQUFXO0lBQ3hDLElBQU0sR0FBRyxHQUFHLElBQUksV0FBVyxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUN4QyxJQUFNLE9BQU8sR0FBRyxJQUFJLFVBQVUsQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUVwQyxLQUFLLElBQUksQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDLEdBQUcsR0FBRyxDQUFDLE1BQU0sRUFBRSxDQUFDLEVBQUUsRUFBRTtRQUNuQyxPQUFPLENBQUMsQ0FBQyxDQUFDLEdBQUcsR0FBRyxDQUFDLFVBQVUsQ0FBQyxDQUFDLENBQUMsQ0FBQztLQUNoQztJQUNELE9BQU8sT0FBTyxDQUFDO0FBQ2pCLENBQUM7QUFSRCx3Q0FRQztBQWNEOzs7R0FHRztBQUNIO0lBQUE7SUE0QkEsQ0FBQztJQTNCQyxzQ0FBYyxHQUFkLFVBQWUsSUFBWTtRQUN6QixJQUFNLE1BQU0sR0FBRyxJQUFJLFVBQVUsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUNwQyxJQUFJLFVBQVUsRUFBRTtZQUNkLE1BQU0sQ0FBQyxNQUFNLENBQUMsZUFBZSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1NBQ3ZDO2FBQU07WUFDTCwwREFBMEQ7WUFDMUQsS0FBSyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxHQUFHLElBQUksRUFBRSxDQUFDLElBQUksQ0FBQyxFQUFFO2dCQUNoQyxNQUFNLENBQUMsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQzthQUNsRDtTQUNGO1FBQ0QsT0FBTyxjQUFjLENBQUMsTUFBTSxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVELHVDQUFlLEdBQWYsVUFBZ0IsSUFBWTtRQUMxQixJQUFJLElBQUksQ0FBQyxNQUFNLEdBQUcsRUFBRSxJQUFJLElBQUksQ0FBQyxNQUFNLEdBQUcsR0FBRyxFQUFFO1lBQ3pDLE9BQU8sT0FBTyxDQUFDLE1BQU0sQ0FBQyxJQUFJLHFCQUFZLENBQUMsc0JBQXNCLENBQUMsQ0FBQyxDQUFDO1NBQ2pFO1FBQ0QsSUFBSSxDQUFDLGlCQUFpQixFQUFFO1lBQ3RCLE9BQU8sT0FBTyxDQUFDLE1BQU0sQ0FBQyxJQUFJLHFCQUFZLENBQUMsc0NBQXNDLENBQUMsQ0FBQyxDQUFDO1NBQ2pGO1FBRUQsT0FBTyxJQUFJLE9BQU8sQ0FBQyxVQUFDLE9BQU8sRUFBRSxNQUFNO1lBQ2pDLE1BQU0sQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLFNBQVMsRUFBRSxjQUFjLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsVUFBQSxNQUFNO2dCQUMvRCxPQUFPLE9BQU8sQ0FBQyxPQUFPLENBQUMsSUFBSSxVQUFVLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO1lBQ2xELENBQUMsRUFBRSxVQUFBLEtBQUssSUFBSSxPQUFBLE1BQU0sQ0FBQyxLQUFLLENBQUMsRUFBYixDQUFhLENBQUMsQ0FBQztRQUM3QixDQUFDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFDSCxvQkFBQztBQUFELENBQUMsQUE1QkQsSUE0QkM7QUE1Qlksc0NBQWEiLCJzb3VyY2VzQ29udGVudCI6WyIvKlxuICogQ29weXJpZ2h0IDIwMTcgR29vZ2xlIEluYy5cbiAqXG4gKiBMaWNlbnNlZCB1bmRlciB0aGUgQXBhY2hlIExpY2Vuc2UsIFZlcnNpb24gMi4wICh0aGUgXCJMaWNlbnNlXCIpOyB5b3UgbWF5IG5vdCB1c2UgdGhpcyBmaWxlIGV4Y2VwdFxuICogaW4gY29tcGxpYW5jZSB3aXRoIHRoZSBMaWNlbnNlLiBZb3UgbWF5IG9idGFpbiBhIGNvcHkgb2YgdGhlIExpY2Vuc2UgYXRcbiAqXG4gKiBodHRwOi8vd3d3LmFwYWNoZS5vcmcvbGljZW5zZXMvTElDRU5TRS0yLjBcbiAqXG4gKiBVbmxlc3MgcmVxdWlyZWQgYnkgYXBwbGljYWJsZSBsYXcgb3IgYWdyZWVkIHRvIGluIHdyaXRpbmcsIHNvZnR3YXJlIGRpc3RyaWJ1dGVkIHVuZGVyIHRoZVxuICogTGljZW5zZSBpcyBkaXN0cmlidXRlZCBvbiBhbiBcIkFTIElTXCIgQkFTSVMsIFdJVEhPVVQgV0FSUkFOVElFUyBPUiBDT05ESVRJT05TIE9GIEFOWSBLSU5ELCBlaXRoZXJcbiAqIGV4cHJlc3Mgb3IgaW1wbGllZC4gU2VlIHRoZSBMaWNlbnNlIGZvciB0aGUgc3BlY2lmaWMgbGFuZ3VhZ2UgZ292ZXJuaW5nIHBlcm1pc3Npb25zIGFuZFxuICogbGltaXRhdGlvbnMgdW5kZXIgdGhlIExpY2Vuc2UuXG4gKi9cblxuaW1wb3J0ICogYXMgYmFzZTY0IGZyb20gJ2Jhc2U2NC1qcyc7XG5cbmltcG9ydCB7QXBwQXV0aEVycm9yfSBmcm9tICcuL2Vycm9ycyc7XG5cbmNvbnN0IEhBU19DUllQVE8gPSB0eXBlb2Ygd2luZG93ICE9PSAndW5kZWZpbmVkJyAmJiAhISh3aW5kb3cuY3J5cHRvIGFzIGFueSk7XG5jb25zdCBIQVNfU1VCVExFX0NSWVBUTyA9IEhBU19DUllQVE8gJiYgISEod2luZG93LmNyeXB0by5zdWJ0bGUgYXMgYW55KTtcbmNvbnN0IENIQVJTRVQgPSAnQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVphYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ejAxMjM0NTY3ODknO1xuXG5leHBvcnQgZnVuY3Rpb24gYnVmZmVyVG9TdHJpbmcoYnVmZmVyOiBVaW50OEFycmF5KSB7XG4gIGxldCBzdGF0ZSA9IFtdO1xuICBmb3IgKGxldCBpID0gMDsgaSA8IGJ1ZmZlci5ieXRlTGVuZ3RoOyBpICs9IDEpIHtcbiAgICBsZXQgaW5kZXggPSBidWZmZXJbaV0gJSBDSEFSU0VULmxlbmd0aDtcbiAgICBzdGF0ZS5wdXNoKENIQVJTRVRbaW5kZXhdKTtcbiAgfVxuICByZXR1cm4gc3RhdGUuam9pbignJyk7XG59XG5cbmV4cG9ydCBmdW5jdGlvbiB1cmxTYWZlKGJ1ZmZlcjogVWludDhBcnJheSk6IHN0cmluZyB7XG4gIGNvbnN0IGVuY29kZWQgPSBiYXNlNjQuZnJvbUJ5dGVBcnJheShuZXcgVWludDhBcnJheShidWZmZXIpKTtcbiAgcmV0dXJuIGVuY29kZWQucmVwbGFjZSgvXFwrL2csICctJykucmVwbGFjZSgvXFwvL2csICdfJykucmVwbGFjZSgvPS9nLCAnJyk7XG59XG5cbi8vIGFkYXB0ZWQgZnJvbSBzb3VyY2U6IGh0dHA6Ly9zdGFja292ZXJmbG93LmNvbS9hLzExMDU4ODU4XG4vLyB0aGlzIGlzIHVzZWQgaW4gcGxhY2Ugb2YgVGV4dEVuY29kZSBhcyB0aGUgYXBpIGlzIG5vdCB5ZXRcbi8vIHdlbGwgc3VwcG9ydGVkOiBodHRwczovL2Nhbml1c2UuY29tLyNzZWFyY2g9VGV4dEVuY29kZXJcbmV4cG9ydCBmdW5jdGlvbiB0ZXh0RW5jb2RlTGl0ZShzdHI6IHN0cmluZykge1xuICBjb25zdCBidWYgPSBuZXcgQXJyYXlCdWZmZXIoc3RyLmxlbmd0aCk7XG4gIGNvbnN0IGJ1ZlZpZXcgPSBuZXcgVWludDhBcnJheShidWYpO1xuXG4gIGZvciAobGV0IGkgPSAwOyBpIDwgc3RyLmxlbmd0aDsgaSsrKSB7XG4gICAgYnVmVmlld1tpXSA9IHN0ci5jaGFyQ29kZUF0KGkpO1xuICB9XG4gIHJldHVybiBidWZWaWV3O1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIENyeXB0byB7XG4gIC8qKlxuICAgKiBHZW5lcmF0ZSBhIHJhbmRvbSBzdHJpbmdcbiAgICovXG4gIGdlbmVyYXRlUmFuZG9tKHNpemU6IG51bWJlcik6IHN0cmluZztcbiAgLyoqXG4gICAqIENvbXB1dGUgdGhlIFNIQTI1NiBvZiBhIGdpdmVuIGNvZGUuXG4gICAqIFRoaXMgaXMgdXNlZnVsIHdoZW4gdXNpbmcgUEtDRS5cbiAgICovXG4gIGRlcml2ZUNoYWxsZW5nZShjb2RlOiBzdHJpbmcpOiBQcm9taXNlPHN0cmluZz47XG59XG5cbi8qKlxuICogVGhlIGRlZmF1bHQgaW1wbGVtZW50YXRpb24gb2YgdGhlIGBDcnlwdG9gIGludGVyZmFjZS5cbiAqIFRoaXMgdXNlcyB0aGUgY2FwYWJpbGl0aWVzIG9mIHRoZSBicm93c2VyLlxuICovXG5leHBvcnQgY2xhc3MgRGVmYXVsdENyeXB0byBpbXBsZW1lbnRzIENyeXB0byB7XG4gIGdlbmVyYXRlUmFuZG9tKHNpemU6IG51bWJlcikge1xuICAgIGNvbnN0IGJ1ZmZlciA9IG5ldyBVaW50OEFycmF5KHNpemUpO1xuICAgIGlmIChIQVNfQ1JZUFRPKSB7XG4gICAgICB3aW5kb3cuY3J5cHRvLmdldFJhbmRvbVZhbHVlcyhidWZmZXIpO1xuICAgIH0gZWxzZSB7XG4gICAgICAvLyBmYWxsIGJhY2sgdG8gTWF0aC5yYW5kb20oKSBpZiBub3RoaW5nIGVsc2UgaXMgYXZhaWxhYmxlXG4gICAgICBmb3IgKGxldCBpID0gMDsgaSA8IHNpemU7IGkgKz0gMSkge1xuICAgICAgICBidWZmZXJbaV0gPSAoTWF0aC5yYW5kb20oKSAqIENIQVJTRVQubGVuZ3RoKSB8IDA7XG4gICAgICB9XG4gICAgfVxuICAgIHJldHVybiBidWZmZXJUb1N0cmluZyhidWZmZXIpO1xuICB9XG5cbiAgZGVyaXZlQ2hhbGxlbmdlKGNvZGU6IHN0cmluZyk6IFByb21pc2U8c3RyaW5nPiB7XG4gICAgaWYgKGNvZGUubGVuZ3RoIDwgNDMgfHwgY29kZS5sZW5ndGggPiAxMjgpIHtcbiAgICAgIHJldHVybiBQcm9taXNlLnJlamVjdChuZXcgQXBwQXV0aEVycm9yKCdJbnZhbGlkIGNvZGUgbGVuZ3RoLicpKTtcbiAgICB9XG4gICAgaWYgKCFIQVNfU1VCVExFX0NSWVBUTykge1xuICAgICAgcmV0dXJuIFByb21pc2UucmVqZWN0KG5ldyBBcHBBdXRoRXJyb3IoJ3dpbmRvdy5jcnlwdG8uc3VidGxlIGlzIHVuYXZhaWxhYmxlLicpKTtcbiAgICB9XG5cbiAgICByZXR1cm4gbmV3IFByb21pc2UoKHJlc29sdmUsIHJlamVjdCkgPT4ge1xuICAgICAgY3J5cHRvLnN1YnRsZS5kaWdlc3QoJ1NIQS0yNTYnLCB0ZXh0RW5jb2RlTGl0ZShjb2RlKSkudGhlbihidWZmZXIgPT4ge1xuICAgICAgICByZXR1cm4gcmVzb2x2ZSh1cmxTYWZlKG5ldyBVaW50OEFycmF5KGJ1ZmZlcikpKTtcbiAgICAgIH0sIGVycm9yID0+IHJlamVjdChlcnJvcikpO1xuICAgIH0pO1xuICB9XG59XG4iXX0=