Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

use web crypto instead of cryptojs #909

Merged
merged 1 commit into from
Nov 15, 2023
Merged

use web crypto instead of cryptojs #909

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
68 changes: 47 additions & 21 deletions docs/oidc-client-ts.api.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ export class CheckSessionIFrame {
}

// @public (undocumented)
export interface CreateSigninRequestArgs extends Omit<SigninRequestArgs, "url" | "authority" | "client_id" | "redirect_uri" | "response_type" | "scope" | "state_data"> {
export interface CreateSigninRequestArgs extends Omit<SigninRequestCreateArgs, "url" | "authority" | "client_id" | "redirect_uri" | "response_type" | "scope" | "state_data"> {
// (undocumented)
redirect_uri?: string;
// (undocumented)
Expand Down Expand Up @@ -622,15 +622,16 @@ export type SigninRedirectArgs = RedirectParams & ExtraSigninRequestArgs;

// @public (undocumented)
export class SigninRequest {
constructor({ url, authority, client_id, redirect_uri, response_type, scope, state_data, response_mode, request_type, client_secret, nonce, url_state, resource, skipUserInfo, extraQueryParams, extraTokenParams, disablePKCE, ...optionalParams }: SigninRequestArgs);
// (undocumented)
static create({ url, authority, client_id, redirect_uri, response_type, scope, state_data, response_mode, request_type, client_secret, nonce, url_state, resource, skipUserInfo, extraQueryParams, extraTokenParams, disablePKCE, ...optionalParams }: SigninRequestCreateArgs): Promise<SigninRequest>;
// (undocumented)
readonly state: SigninState;
// (undocumented)
readonly url: string;
}

// @public (undocumented)
export interface SigninRequestArgs {
export interface SigninRequestCreateArgs {
// (undocumented)
acr_values?: string;
// (undocumented)
Expand Down Expand Up @@ -731,22 +732,6 @@ export type SigninSilentArgs = IFrameWindowParams & ExtraSigninRequestArgs;

// @public (undocumented)
export class SigninState extends State {
constructor(args: {
id?: string;
data?: unknown;
created?: number;
request_type?: string;
url_state?: string;
code_verifier?: string | boolean;
authority: string;
client_id: string;
redirect_uri: string;
scope: string;
client_secret?: string;
extraTokenParams?: Record<string, unknown>;
response_mode?: "query" | "fragment";
skipUserInfo?: boolean;
});
// (undocumented)
readonly authority: string;
// (undocumented)
Expand All @@ -756,9 +741,11 @@ export class SigninState extends State {
readonly code_challenge: string | undefined;
readonly code_verifier: string | undefined;
// (undocumented)
static create(args: SigninStateCreateArgs): Promise<SigninState>;
// (undocumented)
readonly extraTokenParams: Record<string, unknown> | undefined;
// (undocumented)
static fromStorageString(storageString: string): SigninState;
static fromStorageString(storageString: string): Promise<SigninState>;
// (undocumented)
readonly redirect_uri: string;
// (undocumented)
Expand All @@ -771,6 +758,45 @@ export class SigninState extends State {
toStorageString(): string;
}

// @public (undocumented)
export interface SigninStateArgs {
// (undocumented)
authority: string;
// (undocumented)
client_id: string;
// (undocumented)
client_secret?: string;
// (undocumented)
code_challenge?: string;
// (undocumented)
code_verifier?: string;
// (undocumented)
created?: number;
// (undocumented)
data?: unknown;
// (undocumented)
extraTokenParams?: Record<string, unknown>;
// (undocumented)
id?: string;
// (undocumented)
redirect_uri: string;
// (undocumented)
request_type?: string;
// (undocumented)
response_mode?: "query" | "fragment";
// (undocumented)
scope: string;
// (undocumented)
skipUserInfo?: boolean;
// (undocumented)
url_state?: string;
}

// @public (undocumented)
export type SigninStateCreateArgs = Omit<SigninStateArgs, "code_verifier"> & {
code_verifier?: string | boolean;
};

// @public (undocumented)
export type SignoutPopupArgs = PopupWindowParams & ExtraSignoutRequestArgs;

Expand Down Expand Up @@ -838,7 +864,7 @@ export class State {
readonly created: number;
readonly data?: unknown;
// (undocumented)
static fromStorageString(storageString: string): State;
static fromStorageString(storageString: string): Promise<State>;
// (undocumented)
readonly id: string;
// (undocumented)
Expand Down
33 changes: 17 additions & 16 deletions package-lock.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 1 addition & 2 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,14 +39,13 @@
"prepare": "husky install"
},
"dependencies": {
"crypto-js": "^4.2.0",
"jwt-decode": "^4.0.0"
},
"devDependencies": {
"@microsoft/api-extractor": "^7.35.0",
"@testing-library/jest-dom": "^6.0.0",
"@types/crypto-js": "^4.1.3",
"@types/jest": "^29.2.3",
"@types/node": "^20.8.2",
"@typescript-eslint/eslint-plugin": "^6.4.1",
"@typescript-eslint/parser": "^6.4.1",
"esbuild": "^0.19.5",
Expand Down
8 changes: 4 additions & 4 deletions src/OidcClient.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -263,15 +263,15 @@ describe("OidcClient", () => {

it("should deserialize stored state and return state and response", async () => {
// arrange
const item = new SigninState({
const item = await SigninState.create({
id: "1",
authority: "authority",
client_id: "client",
redirect_uri: "http://app/cb",
scope: "scope",
request_type: "type",
}).toStorageString();
jest.spyOn(subject.settings.stateStore, "get").mockImplementation(() => Promise.resolve(item));
});
jest.spyOn(subject.settings.stateStore, "get").mockImplementation(() => Promise.resolve(item.toStorageString()));

// act
const { state, response } = await subject.readSigninResponseState("http://app/cb?state=1");
Expand Down Expand Up @@ -318,7 +318,7 @@ describe("OidcClient", () => {

it("should deserialize stored state and call validator", async () => {
// arrange
const item = new SigninState({
const item = await SigninState.create({
id: "1",
authority: "authority",
client_id: "client",
Expand Down
12 changes: 6 additions & 6 deletions src/OidcClient.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import { type OidcClientSettings, OidcClientSettingsStore } from "./OidcClientSe
import { ResponseValidator } from "./ResponseValidator";
import { MetadataService } from "./MetadataService";
import type { RefreshState } from "./RefreshState";
import { SigninRequest, type SigninRequestArgs } from "./SigninRequest";
import { SigninRequest, type SigninRequestCreateArgs } from "./SigninRequest";
import { SigninResponse } from "./SigninResponse";
import { SignoutRequest, type SignoutRequestArgs } from "./SignoutRequest";
import { SignoutResponse } from "./SignoutResponse";
Expand All @@ -20,7 +20,7 @@ import { ClaimsService } from "./ClaimsService";
* @public
*/
export interface CreateSigninRequestArgs
extends Omit<SigninRequestArgs, "url" | "authority" | "client_id" | "redirect_uri" | "response_type" | "scope" | "state_data"> {
extends Omit<SigninRequestCreateArgs, "url" | "authority" | "client_id" | "redirect_uri" | "response_type" | "scope" | "state_data"> {
redirect_uri?: string;
response_type?: string;
scope?: string;
Expand Down Expand Up @@ -73,7 +73,7 @@ export class OidcClient {
protected readonly _tokenClient: TokenClient;

public constructor(settings: OidcClientSettings);
public constructor(settings: OidcClientSettingsStore, metadataService: MetadataService);
public constructor(settings: OidcClientSettingsStore, metadataService: MetadataService);
public constructor(settings: OidcClientSettings | OidcClientSettingsStore, metadataService?: MetadataService) {
this.settings = settings instanceof OidcClientSettingsStore ? settings : new OidcClientSettingsStore(settings);

Expand Down Expand Up @@ -115,7 +115,7 @@ export class OidcClient {
const url = await this.metadataService.getAuthorizationEndpoint();
logger.debug("Received authorization endpoint", url);

const signinRequest = new SigninRequest({
const signinRequest = await SigninRequest.create({
url,
authority: this.settings.authority,
client_id: this.settings.client_id,
Expand Down Expand Up @@ -156,7 +156,7 @@ export class OidcClient {
throw null; // https://github.com/microsoft/TypeScript/issues/46972
}

const state = SigninState.fromStorageString(storedStateString);
const state = await SigninState.fromStorageString(storedStateString);
return { state, response };
}

Expand Down Expand Up @@ -286,7 +286,7 @@ export class OidcClient {
throw null; // https://github.com/microsoft/TypeScript/issues/46972
}

const state = State.fromStorageString(storedStateString);
const state = await State.fromStorageString(storedStateString);
return { state, response };
}

Expand Down
Loading