UNPKG

@narangcia-oss/cryptic-auth-client-plain-ts

Version:

A TypeScript client for interacting with a cryptic-auth host web server, crafted by Narangcia OSS.

narangcia-oss/cryptic-auth-clients

82 lines (81 loc) 2.35 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
"use strict"; /** * OAuth utility functions */ Object.defineProperty(exports, "__esModule", { value: true }); exports.generateOAuthState = generateOAuthState; exports.storeOAuthState = storeOAuthState; exports.getStoredOAuthState = getStoredOAuthState; exports.clearOAuthState = clearOAuthState; exports.validateOAuthState = validateOAuthState; exports.extractOAuthParams = extractOAuthParams; exports.isOAuthCallback = isOAuthCallback; exports.cleanOAuthUrl = cleanOAuthUrl; /** * Generates a secure random state for OAuth CSRF protection */ function generateOAuthState() { const state = Math.random().toString(36).substring(2, 15) + Math.random().toString(36).substring(2, 15); console.log("[OAuth] Generated OAuth state:", state); return state; } /** * Stores OAuth state securely for validation */ function storeOAuthState(state) { console.log("[OAuth] Storing OAuth state:", state); sessionStorage.setItem("oauth_state", state); } /** * Retrieves stored OAuth state for validation */ function getStoredOAuthState() { const state = sessionStorage.getItem("oauth_state"); console.log("[OAuth] Retrieved stored OAuth state:", state); return state; } /** * Clears stored OAuth state */ function clearOAuthState() { console.log("[OAuth] Clearing stored OAuth state"); sessionStorage.removeItem("oauth_state"); } /** * Validates OAuth state to prevent CSRF attacks */ function validateOAuthState(receivedState) { const storedState = getStoredOAuthState(); const isValid = receivedState === storedState; console.log("[OAuth] Validating OAuth state:", { receivedState, storedState, isValid, }); return isValid; } /** * Extracts OAuth callback parameters from URL */ function extractOAuthParams() { const urlParams = new URLSearchParams(window.location.search); return { code: urlParams.get("code"), state: urlParams.get("state"), error: urlParams.get("error"), }; } /** * Checks if current URL is an OAuth callback */ function isOAuthCallback() { return (window.location.pathname.includes("/auth/") && window.location.search.includes("code=")); } /** * Cleans OAuth parameters from URL */ function cleanOAuthUrl() { window.history.replaceState({}, document.title, window.location.origin); }