Skip to content

Commit f679de4

Browse files
committed
chore: use web crypto instead of cryptojs
1 parent b7266eb commit f679de4

14 files changed

Lines changed: 277 additions & 197 deletions

docs/oidc-client-ts.api.md

Lines changed: 47 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ export class CheckSessionIFrame {
4646
}
4747

4848
// @public (undocumented)
49-
export interface CreateSigninRequestArgs extends Omit<SigninRequestArgs, "url" | "authority" | "client_id" | "redirect_uri" | "response_type" | "scope" | "state_data"> {
49+
export interface CreateSigninRequestArgs extends Omit<SigninRequestCreateArgs, "url" | "authority" | "client_id" | "redirect_uri" | "response_type" | "scope" | "state_data"> {
5050
// (undocumented)
5151
redirect_uri?: string;
5252
// (undocumented)
@@ -622,15 +622,16 @@ export type SigninRedirectArgs = RedirectParams & ExtraSigninRequestArgs;
622622

623623
// @public (undocumented)
624624
export class SigninRequest {
625-
constructor({ url, authority, client_id, redirect_uri, response_type, scope, state_data, response_mode, request_type, client_secret, nonce, url_state, resource, skipUserInfo, extraQueryParams, extraTokenParams, disablePKCE, ...optionalParams }: SigninRequestArgs);
625+
// (undocumented)
626+
static create({ url, authority, client_id, redirect_uri, response_type, scope, state_data, response_mode, request_type, client_secret, nonce, url_state, resource, skipUserInfo, extraQueryParams, extraTokenParams, disablePKCE, ...optionalParams }: SigninRequestCreateArgs): Promise<SigninRequest>;
626627
// (undocumented)
627628
readonly state: SigninState;
628629
// (undocumented)
629630
readonly url: string;
630631
}
631632

632633
// @public (undocumented)
633-
export interface SigninRequestArgs {
634+
export interface SigninRequestCreateArgs {
634635
// (undocumented)
635636
acr_values?: string;
636637
// (undocumented)
@@ -731,22 +732,6 @@ export type SigninSilentArgs = IFrameWindowParams & ExtraSigninRequestArgs;
731732

732733
// @public (undocumented)
733734
export class SigninState extends State {
734-
constructor(args: {
735-
id?: string;
736-
data?: unknown;
737-
created?: number;
738-
request_type?: string;
739-
url_state?: string;
740-
code_verifier?: string | boolean;
741-
authority: string;
742-
client_id: string;
743-
redirect_uri: string;
744-
scope: string;
745-
client_secret?: string;
746-
extraTokenParams?: Record<string, unknown>;
747-
response_mode?: "query" | "fragment";
748-
skipUserInfo?: boolean;
749-
});
750735
// (undocumented)
751736
readonly authority: string;
752737
// (undocumented)
@@ -756,9 +741,11 @@ export class SigninState extends State {
756741
readonly code_challenge: string | undefined;
757742
readonly code_verifier: string | undefined;
758743
// (undocumented)
744+
static create(args: SigninStateCreateArgs): Promise<SigninState>;
745+
// (undocumented)
759746
readonly extraTokenParams: Record<string, unknown> | undefined;
760747
// (undocumented)
761-
static fromStorageString(storageString: string): SigninState;
748+
static fromStorageString(storageString: string): Promise<SigninState>;
762749
// (undocumented)
763750
readonly redirect_uri: string;
764751
// (undocumented)
@@ -771,6 +758,45 @@ export class SigninState extends State {
771758
toStorageString(): string;
772759
}
773760

761+
// @public (undocumented)
762+
export interface SigninStateArgs {
763+
// (undocumented)
764+
authority: string;
765+
// (undocumented)
766+
client_id: string;
767+
// (undocumented)
768+
client_secret?: string;
769+
// (undocumented)
770+
code_challenge?: string;
771+
// (undocumented)
772+
code_verifier?: string;
773+
// (undocumented)
774+
created?: number;
775+
// (undocumented)
776+
data?: unknown;
777+
// (undocumented)
778+
extraTokenParams?: Record<string, unknown>;
779+
// (undocumented)
780+
id?: string;
781+
// (undocumented)
782+
redirect_uri: string;
783+
// (undocumented)
784+
request_type?: string;
785+
// (undocumented)
786+
response_mode?: "query" | "fragment";
787+
// (undocumented)
788+
scope: string;
789+
// (undocumented)
790+
skipUserInfo?: boolean;
791+
// (undocumented)
792+
url_state?: string;
793+
}
794+
795+
// @public (undocumented)
796+
export type SigninStateCreateArgs = Omit<SigninStateArgs, "code_verifier"> & {
797+
code_verifier?: string | boolean;
798+
};
799+
774800
// @public (undocumented)
775801
export type SignoutPopupArgs = PopupWindowParams & ExtraSignoutRequestArgs;
776802

@@ -838,7 +864,7 @@ export class State {
838864
readonly created: number;
839865
readonly data?: unknown;
840866
// (undocumented)
841-
static fromStorageString(storageString: string): State;
867+
static fromStorageString(storageString: string): Promise<State>;
842868
// (undocumented)
843869
readonly id: string;
844870
// (undocumented)

package-lock.json

Lines changed: 17 additions & 16 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -39,14 +39,13 @@
3939
"prepare": "husky install"
4040
},
4141
"dependencies": {
42-
"crypto-js": "^4.2.0",
4342
"jwt-decode": "^4.0.0"
4443
},
4544
"devDependencies": {
4645
"@microsoft/api-extractor": "^7.35.0",
4746
"@testing-library/jest-dom": "^6.0.0",
48-
"@types/crypto-js": "^4.1.3",
4947
"@types/jest": "^29.2.3",
48+
"@types/node": "^20.8.2",
5049
"@typescript-eslint/eslint-plugin": "^6.4.1",
5150
"@typescript-eslint/parser": "^6.4.1",
5251
"esbuild": "^0.19.5",

src/OidcClient.test.ts

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -263,15 +263,15 @@ describe("OidcClient", () => {
263263

264264
it("should deserialize stored state and return state and response", async () => {
265265
// arrange
266-
const item = new SigninState({
266+
const item = await SigninState.create({
267267
id: "1",
268268
authority: "authority",
269269
client_id: "client",
270270
redirect_uri: "http://app/cb",
271271
scope: "scope",
272272
request_type: "type",
273-
}).toStorageString();
274-
jest.spyOn(subject.settings.stateStore, "get").mockImplementation(() => Promise.resolve(item));
273+
});
274+
jest.spyOn(subject.settings.stateStore, "get").mockImplementation(() => Promise.resolve(item.toStorageString()));
275275

276276
// act
277277
const { state, response } = await subject.readSigninResponseState("http://app/cb?state=1");
@@ -318,7 +318,7 @@ describe("OidcClient", () => {
318318

319319
it("should deserialize stored state and call validator", async () => {
320320
// arrange
321-
const item = new SigninState({
321+
const item = await SigninState.create({
322322
id: "1",
323323
authority: "authority",
324324
client_id: "client",

src/OidcClient.ts

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ import { type OidcClientSettings, OidcClientSettingsStore } from "./OidcClientSe
77
import { ResponseValidator } from "./ResponseValidator";
88
import { MetadataService } from "./MetadataService";
99
import type { RefreshState } from "./RefreshState";
10-
import { SigninRequest, type SigninRequestArgs } from "./SigninRequest";
10+
import { SigninRequest, type SigninRequestCreateArgs } from "./SigninRequest";
1111
import { SigninResponse } from "./SigninResponse";
1212
import { SignoutRequest, type SignoutRequestArgs } from "./SignoutRequest";
1313
import { SignoutResponse } from "./SignoutResponse";
@@ -20,7 +20,7 @@ import { ClaimsService } from "./ClaimsService";
2020
* @public
2121
*/
2222
export interface CreateSigninRequestArgs
23-
extends Omit<SigninRequestArgs, "url" | "authority" | "client_id" | "redirect_uri" | "response_type" | "scope" | "state_data"> {
23+
extends Omit<SigninRequestCreateArgs, "url" | "authority" | "client_id" | "redirect_uri" | "response_type" | "scope" | "state_data"> {
2424
redirect_uri?: string;
2525
response_type?: string;
2626
scope?: string;
@@ -73,7 +73,7 @@ export class OidcClient {
7373
protected readonly _tokenClient: TokenClient;
7474

7575
public constructor(settings: OidcClientSettings);
76-
public constructor(settings: OidcClientSettingsStore, metadataService: MetadataService);
76+
public constructor(settings: OidcClientSettingsStore, metadataService: MetadataService);
7777
public constructor(settings: OidcClientSettings | OidcClientSettingsStore, metadataService?: MetadataService) {
7878
this.settings = settings instanceof OidcClientSettingsStore ? settings : new OidcClientSettingsStore(settings);
7979

@@ -115,7 +115,7 @@ export class OidcClient {
115115
const url = await this.metadataService.getAuthorizationEndpoint();
116116
logger.debug("Received authorization endpoint", url);
117117

118-
const signinRequest = new SigninRequest({
118+
const signinRequest = await SigninRequest.create({
119119
url,
120120
authority: this.settings.authority,
121121
client_id: this.settings.client_id,
@@ -156,7 +156,7 @@ export class OidcClient {
156156
throw null; // https://github.com/microsoft/TypeScript/issues/46972
157157
}
158158

159-
const state = SigninState.fromStorageString(storedStateString);
159+
const state = await SigninState.fromStorageString(storedStateString);
160160
return { state, response };
161161
}
162162

@@ -286,7 +286,7 @@ export class OidcClient {
286286
throw null; // https://github.com/microsoft/TypeScript/issues/46972
287287
}
288288

289-
const state = State.fromStorageString(storedStateString);
289+
const state = await State.fromStorageString(storedStateString);
290290
return { state, response };
291291
}
292292

0 commit comments

Comments
 (0)