matej/dztps-iskalnik-urejevalnik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial commit

Browse Source
This commit is contained in:
matej
2025-09-01 22:12:29 +02:00
parent b1873f9c1d
commit 02a54f61c0
5598 changed files with 903558 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
server/node_modules/jose/dist/browser/jwt/decrypt.js generated vendored Normal file
View File

@@ -0,0 +1,23 @@
import { compactDecrypt } from '../jwe/compact/decrypt.js';
import jwtPayload from '../lib/jwt_claims_set.js';
import { JWTClaimValidationFailed } from '../util/errors.js';
export async function jwtDecrypt(jwt, key, options) {
const decrypted = await compactDecrypt(jwt, key, options);
const payload = jwtPayload(decrypted.protectedHeader, decrypted.plaintext, options);
const { protectedHeader } = decrypted;
if (protectedHeader.iss !== undefined && protectedHeader.iss !== payload.iss) {
throw new JWTClaimValidationFailed('replicated "iss" claim header parameter mismatch', 'iss', 'mismatch');
}
if (protectedHeader.sub !== undefined && protectedHeader.sub !== payload.sub) {
throw new JWTClaimValidationFailed('replicated "sub" claim header parameter mismatch', 'sub', 'mismatch');
}
if (protectedHeader.aud !== undefined &&
JSON.stringify(protectedHeader.aud) !== JSON.stringify(payload.aud)) {
throw new JWTClaimValidationFailed('replicated "aud" claim header parameter mismatch', 'aud', 'mismatch');
}
const result = { payload, protectedHeader };
if (typeof key === 'function') {
return { ...result, key: decrypted.key };
}
return result;
}

68
server/node_modules/jose/dist/browser/jwt/encrypt.js generated vendored Normal file
View File

@@ -0,0 +1,68 @@
import { CompactEncrypt } from '../jwe/compact/encrypt.js';
import { encoder } from '../lib/buffer_utils.js';
import { ProduceJWT } from './produce.js';
export class EncryptJWT extends ProduceJWT {
setProtectedHeader(protectedHeader) {
if (this._protectedHeader) {
throw new TypeError('setProtectedHeader can only be called once');
}
this._protectedHeader = protectedHeader;
return this;
}
setKeyManagementParameters(parameters) {
if (this._keyManagementParameters) {
throw new TypeError('setKeyManagementParameters can only be called once');
}
this._keyManagementParameters = parameters;
return this;
}
setContentEncryptionKey(cek) {
if (this._cek) {
throw new TypeError('setContentEncryptionKey can only be called once');
}
this._cek = cek;
return this;
}
setInitializationVector(iv) {
if (this._iv) {
throw new TypeError('setInitializationVector can only be called once');
}
this._iv = iv;
return this;
}
replicateIssuerAsHeader() {
this._replicateIssuerAsHeader = true;
return this;
}
replicateSubjectAsHeader() {
this._replicateSubjectAsHeader = true;
return this;
}
replicateAudienceAsHeader() {
this._replicateAudienceAsHeader = true;
return this;
}
async encrypt(key, options) {
const enc = new CompactEncrypt(encoder.encode(JSON.stringify(this._payload)));
if (this._replicateIssuerAsHeader) {
this._protectedHeader = { ...this._protectedHeader, iss: this._payload.iss };
}
if (this._replicateSubjectAsHeader) {
this._protectedHeader = { ...this._protectedHeader, sub: this._payload.sub };
}
if (this._replicateAudienceAsHeader) {
this._protectedHeader = { ...this._protectedHeader, aud: this._payload.aud };
}
enc.setProtectedHeader(this._protectedHeader);
if (this._iv) {
enc.setInitializationVector(this._iv);
}
if (this._cek) {
enc.setContentEncryptionKey(this._cek);
}
if (this._keyManagementParameters) {
enc.setKeyManagementParameters(this._keyManagementParameters);
}
return enc.encrypt(key, options);
}
}

54
server/node_modules/jose/dist/browser/jwt/produce.js generated vendored Normal file
View File

@@ -0,0 +1,54 @@
import epoch from '../lib/epoch.js';
import isObject from '../lib/is_object.js';
import secs from '../lib/secs.js';
export class ProduceJWT {
constructor(payload) {
if (!isObject(payload)) {
throw new TypeError('JWT Claims Set MUST be an object');
}
this._payload = payload;
}
setIssuer(issuer) {
this._payload = { ...this._payload, iss: issuer };
return this;
}
setSubject(subject) {
this._payload = { ...this._payload, sub: subject };
return this;
}
setAudience(audience) {
this._payload = { ...this._payload, aud: audience };
return this;
}
setJti(jwtId) {
this._payload = { ...this._payload, jti: jwtId };
return this;
}
setNotBefore(input) {
if (typeof input === 'number') {
this._payload = { ...this._payload, nbf: input };
}
else {
this._payload = { ...this._payload, nbf: epoch(new Date()) + secs(input) };
}
return this;
}
setExpirationTime(input) {
if (typeof input === 'number') {
this._payload = { ...this._payload, exp: input };
}
else {
this._payload = { ...this._payload, exp: epoch(new Date()) + secs(input) };
}
return this;
}
setIssuedAt(input) {
if (typeof input === 'undefined') {
this._payload = { ...this._payload, iat: epoch(new Date()) };
}
else {
this._payload = { ...this._payload, iat: input };
}
return this;
}
}

21
server/node_modules/jose/dist/browser/jwt/sign.js generated vendored Normal file
View File

@@ -0,0 +1,21 @@
import { CompactSign } from '../jws/compact/sign.js';
import { JWTInvalid } from '../util/errors.js';
import { encoder } from '../lib/buffer_utils.js';
import { ProduceJWT } from './produce.js';
export class SignJWT extends ProduceJWT {
setProtectedHeader(protectedHeader) {
this._protectedHeader = protectedHeader;
return this;
}
async sign(key, options) {
var _a;
const sig = new CompactSign(encoder.encode(JSON.stringify(this._payload)));
sig.setProtectedHeader(this._protectedHeader);
if (Array.isArray((_a = this._protectedHeader) === null || _a === void 0 ? void 0 : _a.crit) &&
this._protectedHeader.crit.includes('b64') &&
this._protectedHeader.b64 === false) {
throw new JWTInvalid('JWTs MUST NOT use unencoded payload');
}
return sig.sign(key, options);
}
}

32
server/node_modules/jose/dist/browser/jwt/unsecured.js generated vendored Normal file
View File

@@ -0,0 +1,32 @@
import * as base64url from '../runtime/base64url.js';
import { decoder } from '../lib/buffer_utils.js';
import { JWTInvalid } from '../util/errors.js';
import jwtPayload from '../lib/jwt_claims_set.js';
import { ProduceJWT } from './produce.js';
export class UnsecuredJWT extends ProduceJWT {
encode() {
const header = base64url.encode(JSON.stringify({ alg: 'none' }));
const payload = base64url.encode(JSON.stringify(this._payload));
return `${header}.${payload}.`;
}
static decode(jwt, options) {
if (typeof jwt !== 'string') {
throw new JWTInvalid('Unsecured JWT must be a string');
}
const { 0: encodedHeader, 1: encodedPayload, 2: signature, length } = jwt.split('.');
if (length !== 3 || signature !== '') {
throw new JWTInvalid('Invalid Unsecured JWT');
}
let header;
try {
header = JSON.parse(decoder.decode(base64url.decode(encodedHeader)));
if (header.alg !== 'none')
throw new Error();
}
catch (_a) {
throw new JWTInvalid('Invalid Unsecured JWT');
}
const payload = jwtPayload(header, base64url.decode(encodedPayload), options);
return { payload, header };
}
}

16
server/node_modules/jose/dist/browser/jwt/verify.js generated vendored Normal file
View File

@@ -0,0 +1,16 @@
import { compactVerify } from '../jws/compact/verify.js';
import jwtPayload from '../lib/jwt_claims_set.js';
import { JWTInvalid } from '../util/errors.js';
export async function jwtVerify(jwt, key, options) {
var _a;
const verified = await compactVerify(jwt, key, options);
if (((_a = verified.protectedHeader.crit) === null || _a === void 0 ? void 0 : _a.includes('b64')) && verified.protectedHeader.b64 === false) {
throw new JWTInvalid('JWTs MUST NOT use unencoded payload');
}
const payload = jwtPayload(verified.protectedHeader, verified.payload, options);
const result = { payload, protectedHeader: verified.protectedHeader };
if (typeof key === 'function') {
return { ...result, key: verified.key };
}
return result;
}