Skip to content

Commit

Permalink
Merge pull request #909 from 43081j/webcrypto
Browse files Browse the repository at this point in the history
use web crypto instead of cryptojs
  • Loading branch information
pamapa authored Nov 15, 2023
2 parents 9f94cde + f679de4 commit b236525
Show file tree
Hide file tree
Showing 14 changed files with 277 additions and 197 deletions.
68 changes: 47 additions & 21 deletions docs/oidc-client-ts.api.md
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ export class CheckSessionIFrame {
}

// @public (undocumented)
export interface CreateSigninRequestArgs extends Omit<SigninRequestArgs, "url" | "authority" | "client_id" | "redirect_uri" | "response_type" | "scope" | "state_data"> {
export interface CreateSigninRequestArgs extends Omit<SigninRequestCreateArgs, "url" | "authority" | "client_id" | "redirect_uri" | "response_type" | "scope" | "state_data"> {
// (undocumented)
redirect_uri?: string;
// (undocumented)
Expand Down Expand Up @@ -626,15 +626,16 @@ export type SigninRedirectArgs = RedirectParams & ExtraSigninRequestArgs;

// @public (undocumented)
export class SigninRequest {
constructor({ url, authority, client_id, redirect_uri, response_type, scope, state_data, response_mode, request_type, client_secret, nonce, url_state, resource, skipUserInfo, extraQueryParams, extraTokenParams, disablePKCE, ...optionalParams }: SigninRequestArgs);
// (undocumented)
static create({ url, authority, client_id, redirect_uri, response_type, scope, state_data, response_mode, request_type, client_secret, nonce, url_state, resource, skipUserInfo, extraQueryParams, extraTokenParams, disablePKCE, ...optionalParams }: SigninRequestCreateArgs): Promise<SigninRequest>;
// (undocumented)
readonly state: SigninState;
// (undocumented)
readonly url: string;
}

// @public (undocumented)
export interface SigninRequestArgs {
export interface SigninRequestCreateArgs {
// (undocumented)
acr_values?: string;
// (undocumented)
Expand Down Expand Up @@ -735,22 +736,6 @@ export type SigninSilentArgs = IFrameWindowParams & ExtraSigninRequestArgs;

// @public (undocumented)
export class SigninState extends State {
constructor(args: {
id?: string;
data?: unknown;
created?: number;
request_type?: string;
url_state?: string;
code_verifier?: string | boolean;
authority: string;
client_id: string;
redirect_uri: string;
scope: string;
client_secret?: string;
extraTokenParams?: Record<string, unknown>;
response_mode?: "query" | "fragment";
skipUserInfo?: boolean;
});
// (undocumented)
readonly authority: string;
// (undocumented)
Expand All @@ -760,9 +745,11 @@ export class SigninState extends State {
readonly code_challenge: string | undefined;
readonly code_verifier: string | undefined;
// (undocumented)
static create(args: SigninStateCreateArgs): Promise<SigninState>;
// (undocumented)
readonly extraTokenParams: Record<string, unknown> | undefined;
// (undocumented)
static fromStorageString(storageString: string): SigninState;
static fromStorageString(storageString: string): Promise<SigninState>;
// (undocumented)
readonly redirect_uri: string;
// (undocumented)
Expand All @@ -775,6 +762,45 @@ export class SigninState extends State {
toStorageString(): string;
}

// @public (undocumented)
export interface SigninStateArgs {
// (undocumented)
authority: string;
// (undocumented)
client_id: string;
// (undocumented)
client_secret?: string;
// (undocumented)
code_challenge?: string;
// (undocumented)
code_verifier?: string;
// (undocumented)
created?: number;
// (undocumented)
data?: unknown;
// (undocumented)
extraTokenParams?: Record<string, unknown>;
// (undocumented)
id?: string;
// (undocumented)
redirect_uri: string;
// (undocumented)
request_type?: string;
// (undocumented)
response_mode?: "query" | "fragment";
// (undocumented)
scope: string;
// (undocumented)
skipUserInfo?: boolean;
// (undocumented)
url_state?: string;
}

// @public (undocumented)
export type SigninStateCreateArgs = Omit<SigninStateArgs, "code_verifier"> & {
code_verifier?: string | boolean;
};

// @public (undocumented)
export type SignoutPopupArgs = PopupWindowParams & ExtraSignoutRequestArgs;

Expand Down Expand Up @@ -842,7 +868,7 @@ export class State {
readonly created: number;
readonly data?: unknown;
// (undocumented)
static fromStorageString(storageString: string): State;
static fromStorageString(storageString: string): Promise<State>;
// (undocumented)
readonly id: string;
// (undocumented)
Expand Down
33 changes: 17 additions & 16 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 1 addition & 2 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -39,14 +39,13 @@
"prepare": "husky install"
},
"dependencies": {
"crypto-js": "^4.2.0",
"jwt-decode": "^4.0.0"
},
"devDependencies": {
"@microsoft/api-extractor": "^7.35.0",
"@testing-library/jest-dom": "^6.0.0",
"@types/crypto-js": "^4.1.3",
"@types/jest": "^29.2.3",
"@types/node": "^20.8.2",
"@typescript-eslint/eslint-plugin": "^6.4.1",
"@typescript-eslint/parser": "^6.4.1",
"esbuild": "^0.19.5",
Expand Down
8 changes: 4 additions & 4 deletions src/OidcClient.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -263,15 +263,15 @@ describe("OidcClient", () => {

it("should deserialize stored state and return state and response", async () => {
// arrange
const item = new SigninState({
const item = await SigninState.create({
id: "1",
authority: "authority",
client_id: "client",
redirect_uri: "http://app/cb",
scope: "scope",
request_type: "type",
}).toStorageString();
jest.spyOn(subject.settings.stateStore, "get").mockImplementation(() => Promise.resolve(item));
});
jest.spyOn(subject.settings.stateStore, "get").mockImplementation(() => Promise.resolve(item.toStorageString()));

// act
const { state, response } = await subject.readSigninResponseState("http://app/cb?state=1");
Expand Down Expand Up @@ -318,7 +318,7 @@ describe("OidcClient", () => {

it("should deserialize stored state and call validator", async () => {
// arrange
const item = new SigninState({
const item = await SigninState.create({
id: "1",
authority: "authority",
client_id: "client",
Expand Down
12 changes: 6 additions & 6 deletions src/OidcClient.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import { type OidcClientSettings, OidcClientSettingsStore } from "./OidcClientSe
import { ResponseValidator } from "./ResponseValidator";
import { MetadataService } from "./MetadataService";
import type { RefreshState } from "./RefreshState";
import { SigninRequest, type SigninRequestArgs } from "./SigninRequest";
import { SigninRequest, type SigninRequestCreateArgs } from "./SigninRequest";
import { SigninResponse } from "./SigninResponse";
import { SignoutRequest, type SignoutRequestArgs } from "./SignoutRequest";
import { SignoutResponse } from "./SignoutResponse";
Expand All @@ -20,7 +20,7 @@ import { ClaimsService } from "./ClaimsService";
* @public
*/
export interface CreateSigninRequestArgs
extends Omit<SigninRequestArgs, "url" | "authority" | "client_id" | "redirect_uri" | "response_type" | "scope" | "state_data"> {
extends Omit<SigninRequestCreateArgs, "url" | "authority" | "client_id" | "redirect_uri" | "response_type" | "scope" | "state_data"> {
redirect_uri?: string;
response_type?: string;
scope?: string;
Expand Down Expand Up @@ -73,7 +73,7 @@ export class OidcClient {
protected readonly _tokenClient: TokenClient;

public constructor(settings: OidcClientSettings);
public constructor(settings: OidcClientSettingsStore, metadataService: MetadataService);
public constructor(settings: OidcClientSettingsStore, metadataService: MetadataService);
public constructor(settings: OidcClientSettings | OidcClientSettingsStore, metadataService?: MetadataService) {
this.settings = settings instanceof OidcClientSettingsStore ? settings : new OidcClientSettingsStore(settings);

Expand Down Expand Up @@ -115,7 +115,7 @@ export class OidcClient {
const url = await this.metadataService.getAuthorizationEndpoint();
logger.debug("Received authorization endpoint", url);

const signinRequest = new SigninRequest({
const signinRequest = await SigninRequest.create({
url,
authority: this.settings.authority,
client_id: this.settings.client_id,
Expand Down Expand Up @@ -156,7 +156,7 @@ export class OidcClient {
throw null; // https://github.com/microsoft/TypeScript/issues/46972
}

const state = SigninState.fromStorageString(storedStateString);
const state = await SigninState.fromStorageString(storedStateString);
return { state, response };
}

Expand Down Expand Up @@ -286,7 +286,7 @@ export class OidcClient {
throw null; // https://github.com/microsoft/TypeScript/issues/46972
}

const state = State.fromStorageString(storedStateString);
const state = await State.fromStorageString(storedStateString);
return { state, response };
}

Expand Down
Loading

0 comments on commit b236525

Please sign in to comment.