UNPKG

@narangcia-oss/cryptic-auth-client-plain-ts

Version:

A TypeScript client for interacting with a cryptic-auth host web server, crafted by Narangcia OSS.

narangcia-oss/cryptic-auth-clients

87 lines (78 loc) 2.06 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
/** * OAuth utility functions */ /** * Generates a secure random state for OAuth CSRF protection */ export function generateOAuthState(): string { const state = Math.random().toString(36).substring(2, 15) + Math.random().toString(36).substring(2, 15); console.log("[OAuth] Generated OAuth state:", state); return state; } /** * Stores OAuth state securely for validation */ export function storeOAuthState(state: string): void { console.log("[OAuth] Storing OAuth state:", state); sessionStorage.setItem("oauth_state", state); } /** * Retrieves stored OAuth state for validation */ export function getStoredOAuthState(): string | null { const state = sessionStorage.getItem("oauth_state"); console.log("[OAuth] Retrieved stored OAuth state:", state); return state; } /** * Clears stored OAuth state */ export function clearOAuthState(): void { console.log("[OAuth] Clearing stored OAuth state"); sessionStorage.removeItem("oauth_state"); } /** * Validates OAuth state to prevent CSRF attacks */ export function validateOAuthState(receivedState: string): boolean { const storedState = getStoredOAuthState(); const isValid = receivedState === storedState; console.log("[OAuth] Validating OAuth state:", { receivedState, storedState, isValid, }); return isValid; } /** * Extracts OAuth callback parameters from URL */ export function extractOAuthParams(): { code: string | null; state: string | null; error: string | null; } { const urlParams = new URLSearchParams(window.location.search); return { code: urlParams.get("code"), state: urlParams.get("state"), error: urlParams.get("error"), }; } /** * Checks if current URL is an OAuth callback */ export function isOAuthCallback(): boolean { return ( window.location.pathname.includes("/auth/") && window.location.search.includes("code=") ); } /** * Cleans OAuth parameters from URL */ export function cleanOAuthUrl(): void { window.history.replaceState({}, document.title, window.location.origin); }