UNPKG

remix-auth-oauth2

Version:

A strategy to use and implement OAuth2 framework for authentication with federated services like Google, Facebook, GitHub, etc.

github.com/sergiodxa/remix-auth-oauth2

sergiodxa/remix-auth-oauth2

105 lines 3.62 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
import { Cookie, SetCookie } from "@mjackson/headers"; /** * This class is used to store the state and code verifier for the OAuth2 flow. * * If the user is redirected to the authorization endpoint, we need to store the * state and code verifier in a cookie so we can check that the state matches * when the user is redirected back to the application. * * The problem is that the user can open multiple tabs, and we need to keep * track of the state and code verifier for each tab. This class helps us do * that. * * It's a simple class that stores the state in a Set and the code verifier in a * Map. The state is used as the key to the code verifier, so we can easily * retrieve it when needed. We also have a method to convert the store to a * string, so we can store it in a cookie. * * The class also has a static method to create a new instance from a Request * object, this is useful when we need to get the store from the cookie. */ export class StateStore { states = new Set(); codeVerifiers = new Map(); state; codeVerifier; constructor(params = new URLSearchParams()) { for (let [state, verifier] of params) { if (state === "state") continue; this.states.add(state); this.codeVerifiers.set(state, verifier); } } /** * Append a new state and code verifier to the store */ set(state, verifier) { this.state = state; this.codeVerifier = verifier; this.states.add(state); if (verifier) this.codeVerifiers.set(state, verifier); } /** * Check if the store has the given state */ has(state) { if (state) return this.states.has(state); return this.states.size > 0; } /** * Get the code verifier for the given state */ get(state) { return this.codeVerifiers.get(state); } /** * Convert the store to a string * * This is useful when we need to store the store in a cookie */ toString() { if (!this.state) return ""; if (!this.codeVerifier) return ""; let params = new URLSearchParams(); params.set("state", this.state); params.set(this.state, this.codeVerifier); return params.toString(); } toSetCookie(cookieName = "oauth2", options = {}) { let id = crypto.randomUUID(); return new SetCookie({ value: this.toString(), httpOnly: true, // Prevents JavaScript from accessing the cookie maxAge: 60 * 5, // 5 minutes path: "/", // Allow the cookie to be sent to any path sameSite: "Lax", // Prevents it from being sent in cross-site requests ...options, name: `${cookieName}:${id}`, }); } /** * Create a new instance from a Request object by getting the store from a * cookie with the given name. */ static fromRequest(request, cookieName = "oauth2") { let cookie = new Cookie(request.headers.get("cookie") ?? ""); let params = new URLSearchParams(); for (let name of cookie.names) { if (name.startsWith(cookieName)) { let cookieInstance = cookie.get(name); if (!cookieInstance) continue; for (let [key, value] of new URLSearchParams(cookieInstance)) { params.append(key, value); } } } return new StateStore(params); } } //# sourceMappingURL=store.js.map