n.kolosnaj/SimfonyBasics
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Last commit july 5th

Browse Source
This commit is contained in:
nkolosnjaj
2024-07-05 13:46:23 +02:00
parent dad0d86e8c
commit b0e4dfbb76
24982 changed files with 2621219 additions and 413 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
spa/node_modules/sigstore/dist/identity/index.d.ts generated vendored Normal file
View File

@@ -0,0 +1,20 @@
import { IdentityProvider } from '@sigstore/sign';
/**
* oauthProvider returns a new Provider instance which attempts to retrieve
* an identity token from the configured OAuth2 issuer.
*
* @param issuer Base URL of the issuer
* @param clientID Client ID for the issuer
* @param clientSecret Client secret for the issuer (optional)
* @returns {IdentityProvider}
*/
declare function oauthProvider(options: {
issuer: string;
clientID: string;
clientSecret?: string;
redirectURL?: string;
}): IdentityProvider;
declare const _default: {
oauthProvider: typeof oauthProvider;
};
export default _default;

24
spa/node_modules/sigstore/dist/identity/index.js generated vendored Normal file
View File

@@ -0,0 +1,24 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
const issuer_1 = require("./issuer");
const oauth_1 = require("./oauth");
/**
* oauthProvider returns a new Provider instance which attempts to retrieve
* an identity token from the configured OAuth2 issuer.
*
* @param issuer Base URL of the issuer
* @param clientID Client ID for the issuer
* @param clientSecret Client secret for the issuer (optional)
* @returns {IdentityProvider}
*/
function oauthProvider(options) {
return new oauth_1.OAuthProvider({
issuer: new issuer_1.Issuer(options.issuer),
clientID: options.clientID,
clientSecret: options.clientSecret,
redirectURL: options.redirectURL,
});
}
exports.default = {
oauthProvider,
};

15
spa/node_modules/sigstore/dist/identity/issuer.d.ts generated vendored Normal file
View File

@@ -0,0 +1,15 @@
/**
* The Issuer reperesents a single OAuth2 provider.
*
* The Issuer is configured with a provider's base OAuth2 endpoint which is
* used to retrieve the associated configuration information.
*/
export declare class Issuer {
private baseURL;
private fetch;
private config?;
constructor(baseURL: string);
authEndpoint(): Promise<string>;
tokenEndpoint(): Promise<string>;
private loadOpenIDConfig;
}

53
spa/node_modules/sigstore/dist/identity/issuer.js generated vendored Normal file
View File

@@ -0,0 +1,53 @@
"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.Issuer = void 0;
/*
Copyright 2022 The Sigstore Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
const make_fetch_happen_1 = __importDefault(require("make-fetch-happen"));
// Standard endpoint for retrieving OpenID configuration information
const OPENID_CONFIG_PATH = '/.well-known/openid-configuration';
/**
* The Issuer reperesents a single OAuth2 provider.
*
* The Issuer is configured with a provider's base OAuth2 endpoint which is
* used to retrieve the associated configuration information.
*/
class Issuer {
constructor(baseURL) {
this.baseURL = baseURL;
this.fetch = make_fetch_happen_1.default.defaults({ retry: 2 });
}
async authEndpoint() {
if (!this.config) {
this.config = await this.loadOpenIDConfig();
}
return this.config.authorization_endpoint;
}
async tokenEndpoint() {
if (!this.config) {
this.config = await this.loadOpenIDConfig();
}
return this.config.token_endpoint;
}
async loadOpenIDConfig() {
const url = `${this.baseURL}${OPENID_CONFIG_PATH}`;
return this.fetch(url).then((res) => res.json());
}
}
exports.Issuer = Issuer;

26
spa/node_modules/sigstore/dist/identity/oauth.d.ts generated vendored Normal file
View File

@@ -0,0 +1,26 @@
import { Issuer } from './issuer';
import type { IdentityProvider } from '@sigstore/sign';
interface OAuthProviderOptions {
issuer: Issuer;
clientID: string;
clientSecret?: string;
redirectURL?: string;
}
export declare class OAuthProvider implements IdentityProvider {
private clientID;
private clientSecret;
private issuer;
private codeVerifier;
private state;
private redirectURI?;
constructor(options: OAuthProviderOptions);
getToken(): Promise<string>;
private initiateAuthRequest;
private getIDToken;
private getBasicAuthHeaderValue;
private getAuthRequestURL;
private getAuthRequestParams;
private getCodeChallenge;
private openURL;
}
export {};

197
spa/node_modules/sigstore/dist/identity/oauth.js generated vendored Normal file
View File

@@ -0,0 +1,197 @@
"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.OAuthProvider = void 0;
/*
Copyright 2022 The Sigstore Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
const assert_1 = __importDefault(require("assert"));
const child_process_1 = __importDefault(require("child_process"));
const http_1 = __importDefault(require("http"));
const make_fetch_happen_1 = __importDefault(require("make-fetch-happen"));
const url_1 = require("url");
const util_1 = require("../util");
class OAuthProvider {
constructor(options) {
this.clientID = options.clientID;
this.clientSecret = options.clientSecret || '';
this.issuer = options.issuer;
this.redirectURI = options.redirectURL;
this.codeVerifier = generateRandomString(32);
this.state = generateRandomString(16);
}
async getToken() {
const authCode = await this.initiateAuthRequest();
return this.getIDToken(authCode);
}
// Initates the authorization request. This will start an HTTP server to
// receive the post-auth redirect and then open the user's default browser to
// the provider's authorization page.
async initiateAuthRequest() {
const server = http_1.default.createServer();
const sockets = new Set();
// Start server and wait till it is listening. If a redirect URL was
// provided, use that. Otherwise, use a random port and construct the
// redirect URL.
await new Promise((resolve) => {
if (this.redirectURI) {
const url = new url_1.URL(this.redirectURI);
server.listen(Number(url.port), url.hostname, resolve);
}
else {
server.listen(0, resolve);
// Get port the server is listening on and construct the server URL
const port = server.address().port;
this.redirectURI = `http://localhost:${port}`;
}
});
// Keep track of connections to the server so we can force a shutdown
server.on('connection', (socket) => {
sockets.add(socket);
socket.once('close', () => {
sockets.delete(socket);
});
});
const result = new Promise((resolve, reject) => {
// Set-up handler for post-auth redirect
server.on('request', (req, res) => {
if (!req.url) {
reject('invalid server request');
return;
}
res.writeHead(200);
res.end('Auth Successful');
// Parse incoming request URL
const query = new url_1.URL(req.url, this.redirectURI).searchParams;
// Check to see if the state matches
if (query.get('state') !== this.state) {
reject('invalid state value');
return;
}
const authCode = query.get('code');
// Force-close any open connections to the server so we can get a
// clean shutdown
for (const socket of sockets) {
socket.destroy();
sockets.delete(socket);
}
// Return auth code once we've shutdown server
server.close(() => {
if (!authCode) {
reject('authorization code not found');
}
else {
resolve(authCode);
}
});
});
});
try {
// Open browser to start authorization request
const authBaseURL = await this.issuer.authEndpoint();
const authURL = this.getAuthRequestURL(authBaseURL);
await this.openURL(authURL);
}
catch (err) {
// Prevent leaked server handler on error
server.close();
throw err;
}
return result;
}
// Uses the provided authorization code, to retrieve the ID token from the
// provider
async getIDToken(authCode) {
(0, assert_1.default)(this.redirectURI);
const tokenEndpointURL = await this.issuer.tokenEndpoint();
const params = new url_1.URLSearchParams();
params.append('grant_type', 'authorization_code');
params.append('code', authCode);
params.append('redirect_uri', this.redirectURI);
params.append('code_verifier', this.codeVerifier);
const response = await (0, make_fetch_happen_1.default)(tokenEndpointURL, {
method: 'POST',
headers: { Authorization: `Basic ${this.getBasicAuthHeaderValue()}` },
body: params,
}).then((r) => r.json());
return response.id_token;
}
// Construct the basic auth header value from the client ID and secret
getBasicAuthHeaderValue() {
return util_1.encoding.base64Encode(`${this.clientID}:${this.clientSecret}`);
}
// Generate starting URL for authorization request
getAuthRequestURL(baseURL) {
const params = this.getAuthRequestParams();
return `${baseURL}?${params.toString()}`;
}
// Collect parameters for authorization request
getAuthRequestParams() {
(0, assert_1.default)(this.redirectURI);
const codeChallenge = this.getCodeChallenge();
return new url_1.URLSearchParams({
response_type: 'code',
client_id: this.clientID,
client_secret: this.clientSecret,
scope: 'openid email',
redirect_uri: this.redirectURI,
code_challenge: codeChallenge,
code_challenge_method: 'S256',
state: this.state,
nonce: generateRandomString(16),
});
}
// Generate code challenge for authorization request
getCodeChallenge() {
return util_1.encoding.base64URLEscape(util_1.crypto.hash(this.codeVerifier).toString('base64'));
}
// Open the supplied URL in the user's default browser
async openURL(url) {
return new Promise((resolve, reject) => {
let open = null;
let command = `"${url}"`;
switch (process.platform) {
case 'darwin':
open = 'open';
break;
case 'linux' || 'freebsd' || 'netbsd' || 'openbsd':
open = 'xdg-open';
break;
case 'win32':
open = 'start';
command = `"" ${command}`;
break;
default:
return reject(`OAuth: unsupported platform: ${process.platform}`);
}
console.error(`Your browser will now be opened to: ${url}`);
child_process_1.default.exec(`${open} ${command}`, undefined, (err) => {
if (err) {
reject(err);
}
else {
resolve();
}
});
});
}
}
exports.OAuthProvider = OAuthProvider;
// Generate random code verifier value
function generateRandomString(len) {
return util_1.encoding.base64URLEscape(util_1.crypto.randomBytes(len).toString('base64'));
}