chore: stop tracking TypeScript emit under packages/*/src
Ignore .js/.js.map/.d.ts/.d.ts.map next to sources (tsc outDir is dist). Preserve hand-written packages/auth/src/types/base58-universal.d.ts. Made-with: Cursor
This commit is contained in:
defiQUG
28
packages/auth/src/did.d.ts
vendored
28
packages/auth/src/did.d.ts
vendored
@@ -1,28 +0,0 @@
|
||||
/**
|
||||
* DID (Decentralized Identifier) helpers
|
||||
*/
|
||||
export interface DIDDocument {
|
||||
id: string;
|
||||
'@context': string[];
|
||||
verificationMethod: VerificationMethod[];
|
||||
authentication: string[];
|
||||
}
|
||||
export interface VerificationMethod {
|
||||
id: string;
|
||||
type: string;
|
||||
controller: string;
|
||||
publicKeyMultibase?: string;
|
||||
publicKeyJwk?: {
|
||||
kty: string;
|
||||
crv?: string;
|
||||
x?: string;
|
||||
y?: string;
|
||||
n?: string;
|
||||
e?: string;
|
||||
};
|
||||
}
|
||||
export declare class DIDResolver {
|
||||
resolve(did: string): Promise<DIDDocument>;
|
||||
verifySignature(did: string, message: string, signature: string): Promise<boolean>;
|
||||
}
|
||||
//# sourceMappingURL=did.d.ts.map
|
||||
@@ -1 +0,0 @@
|
||||
{"version":3,"file":"did.d.ts","sourceRoot":"","sources":["did.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,kBAAkB,EAAE,kBAAkB,EAAE,CAAC;IACzC,cAAc,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,YAAY,CAAC,EAAE;QACb,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,CAAC,CAAC,EAAE,MAAM,CAAC;QACX,CAAC,CAAC,EAAE,MAAM,CAAC;QACX,CAAC,CAAC,EAAE,MAAM,CAAC;QACX,CAAC,CAAC,EAAE,MAAM,CAAC;KACZ,CAAC;CACH;AAED,qBAAa,WAAW;IAChB,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAwC1C,eAAe,CACnB,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,OAAO,CAAC;CA4DpB"}
|
||||
@@ -1,101 +0,0 @@
|
||||
/**
|
||||
* DID (Decentralized Identifier) helpers
|
||||
*/
|
||||
import fetch from 'node-fetch';
|
||||
import { createVerify } from 'crypto';
|
||||
export class DIDResolver {
|
||||
async resolve(did) {
|
||||
// Extract method and identifier from DID
|
||||
const didParts = did.split(':');
|
||||
if (didParts.length < 3) {
|
||||
throw new Error(`Invalid DID format: ${did}`);
|
||||
}
|
||||
const method = didParts[1];
|
||||
const identifier = didParts.slice(2).join(':');
|
||||
// Resolve based on DID method
|
||||
if (method === 'web') {
|
||||
// did:web resolution
|
||||
const url = `https://${identifier}/.well-known/did.json`;
|
||||
const response = await fetch(url);
|
||||
if (!response.ok) {
|
||||
throw new Error(`Failed to resolve DID: ${response.status}`);
|
||||
}
|
||||
return (await response.json());
|
||||
}
|
||||
else if (method === 'key') {
|
||||
// did:key resolution - generate document from key
|
||||
const publicKeyMultibase = identifier;
|
||||
return {
|
||||
id: did,
|
||||
'@context': ['https://www.w3.org/ns/did/v1'],
|
||||
verificationMethod: [
|
||||
{
|
||||
id: `${did}#keys-1`,
|
||||
type: 'Ed25519VerificationKey2020',
|
||||
controller: did,
|
||||
publicKeyMultibase,
|
||||
},
|
||||
],
|
||||
authentication: [`${did}#keys-1`],
|
||||
};
|
||||
}
|
||||
throw new Error(`Unsupported DID method: ${method}`);
|
||||
}
|
||||
async verifySignature(did, message, signature) {
|
||||
try {
|
||||
const document = await this.resolve(did);
|
||||
const verificationMethod = document.verificationMethod[0];
|
||||
if (!verificationMethod) {
|
||||
return false;
|
||||
}
|
||||
const verify = createVerify('SHA256');
|
||||
verify.update(message);
|
||||
verify.end();
|
||||
// Handle different key formats
|
||||
if (verificationMethod.publicKeyMultibase) {
|
||||
// Multibase-encoded public key (e.g., Ed25519)
|
||||
// Decode multibase format (simplified - in production use proper multibase library)
|
||||
const multibaseKey = verificationMethod.publicKeyMultibase;
|
||||
if (multibaseKey.startsWith('z')) {
|
||||
// Base58btc encoding - decode first byte (0xed for Ed25519)
|
||||
// For Ed25519, the key is 32 bytes after the prefix
|
||||
try {
|
||||
// In production, use proper multibase/base58 decoding
|
||||
// This is a simplified implementation
|
||||
const keyBuffer = Buffer.from(multibaseKey.slice(1), 'base64');
|
||||
return verify.verify(keyBuffer, Buffer.from(signature, 'base64'));
|
||||
}
|
||||
catch {
|
||||
// Fallback: try direct verification if key is already in correct format
|
||||
return verify.verify(verificationMethod.publicKeyMultibase, Buffer.from(signature, 'base64'));
|
||||
}
|
||||
}
|
||||
}
|
||||
// Handle JWK format
|
||||
if (verificationMethod.publicKeyJwk) {
|
||||
const jwk = verificationMethod.publicKeyJwk;
|
||||
if (jwk.kty === 'EC' && jwk.crv === 'secp256k1' && jwk.x && jwk.y) {
|
||||
// ECDSA with secp256k1
|
||||
// In production, use proper JWK to PEM conversion
|
||||
// This requires additional crypto libraries
|
||||
verify.update(message);
|
||||
// For now, delegate to external verification service
|
||||
return false; // Requires proper EC key handling
|
||||
}
|
||||
if (jwk.kty === 'RSA' && jwk.n && jwk.e) {
|
||||
// RSA keys
|
||||
// In production, convert JWK to PEM format and verify
|
||||
// This requires additional crypto libraries
|
||||
return false; // Requires proper RSA key handling
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
catch (error) {
|
||||
// Log error in production
|
||||
console.error('DID signature verification failed:', error);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
//# sourceMappingURL=did.js.map
|
||||
@@ -1 +0,0 @@
|
||||
{"version":3,"file":"did.js","sourceRoot":"","sources":["did.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,MAAM,YAAY,CAAC;AAC/B,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AAwBtC,MAAM,OAAO,WAAW;IACtB,KAAK,CAAC,OAAO,CAAC,GAAW;QACvB,yCAAyC;QACzC,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAChC,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,EAAE,CAAC,CAAC;QAChD,CAAC;QAED,MAAM,MAAM,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QAC3B,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAE/C,8BAA8B;QAC9B,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;YACrB,qBAAqB;YACrB,MAAM,GAAG,GAAG,WAAW,UAAU,uBAAuB,CAAC;YACzD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,CAAC;YAClC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,0BAA0B,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YAC/D,CAAC;YACD,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAgB,CAAC;QAChD,CAAC;aAAM,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;YAC5B,kDAAkD;YAClD,MAAM,kBAAkB,GAAG,UAAU,CAAC;YACtC,OAAO;gBACL,EAAE,EAAE,GAAG;gBACP,UAAU,EAAE,CAAC,8BAA8B,CAAC;gBAC5C,kBAAkB,EAAE;oBAClB;wBACE,EAAE,EAAE,GAAG,GAAG,SAAS;wBACnB,IAAI,EAAE,4BAA4B;wBAClC,UAAU,EAAE,GAAG;wBACf,kBAAkB;qBACnB;iBACF;gBACD,cAAc,EAAE,CAAC,GAAG,GAAG,SAAS,CAAC;aAClC,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,2BAA2B,MAAM,EAAE,CAAC,CAAC;IACvD,CAAC;IAED,KAAK,CAAC,eAAe,CACnB,GAAW,EACX,OAAe,EACf,SAAiB;QAEjB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACzC,MAAM,kBAAkB,GAAG,QAAQ,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC;YAC1D,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBACxB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,MAAM,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;YACtC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACvB,MAAM,CAAC,GAAG,EAAE,CAAC;YAEb,+BAA+B;YAC/B,IAAI,kBAAkB,CAAC,kBAAkB,EAAE,CAAC;gBAC1C,+CAA+C;gBAC/C,oFAAoF;gBACpF,MAAM,YAAY,GAAG,kBAAkB,CAAC,kBAAkB,CAAC;gBAC3D,IAAI,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;oBACjC,4DAA4D;oBAC5D,oDAAoD;oBACpD,IAAI,CAAC;wBACH,sDAAsD;wBACtD,sCAAsC;wBACtC,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;wBAC/D,OAAO,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC;oBACpE,CAAC;oBAAC,MAAM,CAAC;wBACP,wEAAwE;wBACxE,OAAO,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,kBAAkB,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC;oBAChG,CAAC;gBACH,CAAC;YACH,CAAC;YAED,oBAAoB;YACpB,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;gBACpC,MAAM,GAAG,GAAG,kBAAkB,CAAC,YAAY,CAAC;gBAE5C,IAAI,GAAG,CAAC,GAAG,KAAK,IAAI,IAAI,GAAG,CAAC,GAAG,KAAK,WAAW,IAAI,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,EAAE,CAAC;oBAClE,uBAAuB;oBACvB,kDAAkD;oBAClD,4CAA4C;oBAC5C,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;oBACvB,qDAAqD;oBACrD,OAAO,KAAK,CAAC,CAAC,kCAAkC;gBAClD,CAAC;gBAED,IAAI,GAAG,CAAC,GAAG,KAAK,KAAK,IAAI,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,EAAE,CAAC;oBACxC,WAAW;oBACX,sDAAsD;oBACtD,4CAA4C;oBAC5C,OAAO,KAAK,CAAC,CAAC,mCAAmC;gBACnD,CAAC;YACH,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,0BAA0B;YAC1B,OAAO,CAAC,KAAK,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;YAC3D,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CACF"}
|
||||
19
packages/auth/src/eidas.d.ts
vendored
19
packages/auth/src/eidas.d.ts
vendored
@@ -1,19 +0,0 @@
|
||||
/**
|
||||
* eIDAS (electronic IDentification, Authentication and trust Services) helpers
|
||||
*/
|
||||
export interface EIDASConfig {
|
||||
providerUrl: string;
|
||||
apiKey: string;
|
||||
}
|
||||
export interface EIDASSignature {
|
||||
signature: string;
|
||||
certificate: string;
|
||||
timestamp: Date;
|
||||
}
|
||||
export declare class EIDASProvider {
|
||||
private config;
|
||||
constructor(config: EIDASConfig);
|
||||
requestSignature(document: string): Promise<EIDASSignature>;
|
||||
verifySignature(signature: EIDASSignature): Promise<boolean>;
|
||||
}
|
||||
//# sourceMappingURL=eidas.d.ts.map
|
||||
@@ -1 +0,0 @@
|
||||
{"version":3,"file":"eidas.d.ts","sourceRoot":"","sources":["eidas.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,MAAM,WAAW,WAAW;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,qBAAa,aAAa;IACZ,OAAO,CAAC,MAAM;gBAAN,MAAM,EAAE,WAAW;IAEjC,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IA4B3D,eAAe,CAAC,SAAS,EAAE,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC;CAgEnE"}
|
||||
@@ -1,82 +0,0 @@
|
||||
/**
|
||||
* eIDAS (electronic IDentification, Authentication and trust Services) helpers
|
||||
*/
|
||||
import fetch from 'node-fetch';
|
||||
export class EIDASProvider {
|
||||
config;
|
||||
constructor(config) {
|
||||
this.config = config;
|
||||
}
|
||||
async requestSignature(document) {
|
||||
const response = await fetch(`${this.config.providerUrl}/sign`, {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'Content-Type': 'application/json',
|
||||
Authorization: `Bearer ${this.config.apiKey}`,
|
||||
},
|
||||
body: JSON.stringify({ document }),
|
||||
});
|
||||
if (!response.ok) {
|
||||
const errorText = await response.text();
|
||||
throw new Error(`eIDAS signature request failed: ${response.status} ${errorText}`);
|
||||
}
|
||||
const data = (await response.json());
|
||||
return {
|
||||
signature: data.signature,
|
||||
certificate: data.certificate,
|
||||
timestamp: new Date(data.timestamp),
|
||||
};
|
||||
}
|
||||
async verifySignature(signature) {
|
||||
try {
|
||||
// First, verify with the eIDAS provider (they handle certificate chain validation)
|
||||
const response = await fetch(`${this.config.providerUrl}/verify`, {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'Content-Type': 'application/json',
|
||||
Authorization: `Bearer ${this.config.apiKey}`,
|
||||
},
|
||||
body: JSON.stringify({
|
||||
signature: signature.signature,
|
||||
certificate: signature.certificate,
|
||||
timestamp: signature.timestamp.toISOString(),
|
||||
}),
|
||||
});
|
||||
if (!response.ok) {
|
||||
return false;
|
||||
}
|
||||
const result = (await response.json());
|
||||
if (!result.valid) {
|
||||
return false;
|
||||
}
|
||||
// Additional validation: Check certificate validity period
|
||||
if (result.validityPeriod) {
|
||||
const now = new Date();
|
||||
const notBefore = new Date(result.validityPeriod.notBefore);
|
||||
const notAfter = new Date(result.validityPeriod.notAfter);
|
||||
if (now < notBefore || now > notAfter) {
|
||||
return false; // Certificate expired or not yet valid
|
||||
}
|
||||
}
|
||||
// Additional validation: Verify certificate chain if provided
|
||||
if (result.certificateChain && result.certificateChain.length > 0) {
|
||||
// In production, validate the full certificate chain
|
||||
// This includes checking:
|
||||
// 1. Each certificate in the chain is valid
|
||||
// 2. Each certificate is signed by the next in the chain
|
||||
// 3. The root certificate is trusted
|
||||
// 4. No certificates are revoked
|
||||
// For now, we trust the eIDAS provider's validation
|
||||
// In a production environment, you might want to do additional
|
||||
// client-side validation of the certificate chain
|
||||
}
|
||||
return true;
|
||||
}
|
||||
catch (error) {
|
||||
// Log error in production
|
||||
console.error('eIDAS signature verification failed:', error);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
//# sourceMappingURL=eidas.js.map
|
||||
@@ -1 +0,0 @@
|
||||
{"version":3,"file":"eidas.js","sourceRoot":"","sources":["eidas.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,MAAM,YAAY,CAAC;AAa/B,MAAM,OAAO,aAAa;IACJ;IAApB,YAAoB,MAAmB;QAAnB,WAAM,GAAN,MAAM,CAAa;IAAG,CAAC;IAE3C,KAAK,CAAC,gBAAgB,CAAC,QAAgB;QACrC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,OAAO,EAAE;YAC9D,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,UAAU,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE;aAC9C;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,CAAC;SACnC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACxC,MAAM,IAAI,KAAK,CAAC,mCAAmC,QAAQ,CAAC,MAAM,IAAI,SAAS,EAAE,CAAC,CAAC;QACrF,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAIlC,CAAC;QAEF,OAAO;YACL,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC;SACpC,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,SAAyB;QAC7C,IAAI,CAAC;YACH,mFAAmF;YACnF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,SAAS,EAAE;gBAChE,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,aAAa,EAAE,UAAU,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE;iBAC9C;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,SAAS,EAAE,SAAS,CAAC,SAAS;oBAC9B,WAAW,EAAE,SAAS,CAAC,WAAW;oBAClC,SAAS,EAAE,SAAS,CAAC,SAAS,CAAC,WAAW,EAAE;iBAC7C,CAAC;aACH,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,MAAM,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAMpC,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBAClB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,2DAA2D;YAC3D,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC;gBAC1B,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;gBACvB,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;gBAC5D,MAAM,QAAQ,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;gBAE1D,IAAI,GAAG,GAAG,SAAS,IAAI,GAAG,GAAG,QAAQ,EAAE,CAAC;oBACtC,OAAO,KAAK,CAAC,CAAC,uCAAuC;gBACvD,CAAC;YACH,CAAC;YAED,8DAA8D;YAC9D,IAAI,MAAM,CAAC,gBAAgB,IAAI,MAAM,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAClE,qDAAqD;gBACrD,0BAA0B;gBAC1B,4CAA4C;gBAC5C,yDAAyD;gBACzD,qCAAqC;gBACrC,iCAAiC;gBAEjC,oDAAoD;gBACpD,+DAA+D;gBAC/D,kDAAkD;YACpD,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,0BAA0B;YAC1B,OAAO,CAAC,KAAK,CAAC,sCAAsC,EAAE,KAAK,CAAC,CAAC;YAC7D,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CACF"}
|
||||
7
packages/auth/src/index.d.ts
vendored
7
packages/auth/src/index.d.ts
vendored
@@ -1,7 +0,0 @@
|
||||
/**
|
||||
* The Order Auth Package
|
||||
*/
|
||||
export * from './oidc';
|
||||
export * from './did';
|
||||
export * from './eidas';
|
||||
//# sourceMappingURL=index.d.ts.map
|
||||
@@ -1 +0,0 @@
|
||||
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,cAAc,QAAQ,CAAC;AACvB,cAAc,OAAO,CAAC;AACtB,cAAc,SAAS,CAAC"}
|
||||
@@ -1,7 +0,0 @@
|
||||
/**
|
||||
* The Order Auth Package
|
||||
*/
|
||||
export * from './oidc';
|
||||
export * from './did';
|
||||
export * from './eidas';
|
||||
//# sourceMappingURL=index.js.map
|
||||
@@ -1 +0,0 @@
|
||||
{"version":3,"file":"index.js","sourceRoot":"","sources":["index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,cAAc,QAAQ,CAAC;AACvB,cAAc,OAAO,CAAC;AACtB,cAAc,SAAS,CAAC"}
|
||||
23
packages/auth/src/oidc.d.ts
vendored
23
packages/auth/src/oidc.d.ts
vendored
@@ -1,23 +0,0 @@
|
||||
/**
|
||||
* OIDC/OAuth2 helpers
|
||||
*/
|
||||
export interface OIDCConfig {
|
||||
issuer: string;
|
||||
clientId: string;
|
||||
clientSecret: string;
|
||||
redirectUri: string;
|
||||
}
|
||||
export interface TokenResponse {
|
||||
access_token: string;
|
||||
token_type: string;
|
||||
expires_in?: number;
|
||||
refresh_token?: string;
|
||||
id_token?: string;
|
||||
}
|
||||
export declare class OIDCProvider {
|
||||
private config;
|
||||
constructor(config: OIDCConfig);
|
||||
getAuthorizationUrl(state: string): string;
|
||||
exchangeCodeForToken(code: string): Promise<string>;
|
||||
}
|
||||
//# sourceMappingURL=oidc.d.ts.map
|
||||
@@ -1 +0,0 @@
|
||||
{"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["oidc.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,aAAa;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,qBAAa,YAAY;IACX,OAAO,CAAC,MAAM;gBAAN,MAAM,EAAE,UAAU;IAEtC,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAWpC,oBAAoB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CA2B1D"}
|
||||
@@ -1,44 +0,0 @@
|
||||
/**
|
||||
* OIDC/OAuth2 helpers
|
||||
*/
|
||||
import fetch from 'node-fetch';
|
||||
export class OIDCProvider {
|
||||
config;
|
||||
constructor(config) {
|
||||
this.config = config;
|
||||
}
|
||||
getAuthorizationUrl(state) {
|
||||
const params = new URLSearchParams({
|
||||
client_id: this.config.clientId,
|
||||
redirect_uri: this.config.redirectUri,
|
||||
response_type: 'code',
|
||||
scope: 'openid profile email',
|
||||
state,
|
||||
});
|
||||
return `${this.config.issuer}/authorize?${params.toString()}`;
|
||||
}
|
||||
async exchangeCodeForToken(code) {
|
||||
const tokenEndpoint = `${this.config.issuer}/token`;
|
||||
const params = new URLSearchParams({
|
||||
grant_type: 'authorization_code',
|
||||
code,
|
||||
redirect_uri: this.config.redirectUri,
|
||||
client_id: this.config.clientId,
|
||||
client_secret: this.config.clientSecret,
|
||||
});
|
||||
const response = await fetch(tokenEndpoint, {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'Content-Type': 'application/x-www-form-urlencoded',
|
||||
},
|
||||
body: params.toString(),
|
||||
});
|
||||
if (!response.ok) {
|
||||
const errorText = await response.text();
|
||||
throw new Error(`Token exchange failed: ${response.status} ${errorText}`);
|
||||
}
|
||||
const tokenData = (await response.json());
|
||||
return tokenData.access_token;
|
||||
}
|
||||
}
|
||||
//# sourceMappingURL=oidc.js.map
|
||||
@@ -1 +0,0 @@
|
||||
{"version":3,"file":"oidc.js","sourceRoot":"","sources":["oidc.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,MAAM,YAAY,CAAC;AAiB/B,MAAM,OAAO,YAAY;IACH;IAApB,YAAoB,MAAkB;QAAlB,WAAM,GAAN,MAAM,CAAY;IAAG,CAAC;IAE1C,mBAAmB,CAAC,KAAa;QAC/B,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC/B,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACrC,aAAa,EAAE,MAAM;YACrB,KAAK,EAAE,sBAAsB;YAC7B,KAAK;SACN,CAAC,CAAC;QACH,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,cAAc,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;IAChE,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,IAAY;QACrC,MAAM,aAAa,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,QAAQ,CAAC;QAEpD,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,UAAU,EAAE,oBAAoB;YAChC,IAAI;YACJ,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACrC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC/B,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;SACxC,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,aAAa,EAAE;YAC1C,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,mCAAmC;aACpD;YACD,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE;SACxB,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACxC,MAAM,IAAI,KAAK,CAAC,0BAA0B,QAAQ,CAAC,MAAM,IAAI,SAAS,EAAE,CAAC,CAAC;QAC5E,CAAC;QAED,MAAM,SAAS,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAkB,CAAC;QAC3D,OAAO,SAAS,CAAC,YAAY,CAAC;IAChC,CAAC;CACF"}
|
||||
Reference in New Issue
Block a user