Server : Apache
System : Linux ks5.tuic.fr 6.1.0-18-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.76-1 (2024-02-01) x86_64
User : pragmatice ( 1003)
PHP Version : 8.2.24
Disable Function : NONE
Directory : /tmp/tsx-1023/
|
Server : Apache System : Linux ks5.tuic.fr 6.1.0-18-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.76-1 (2024-02-01) x86_64 User : pragmatice ( 1003) PHP Version : 8.2.24 Disable Function : NONE Directory : /tmp/tsx-1023/ |
{"code":"(()=>{\nvar __create=Object.create;var __defProp=Object.defineProperty;var __getOwnPropDesc=Object.getOwnPropertyDescriptor;var __getOwnPropNames=Object.getOwnPropertyNames;var __getProtoOf=Object.getPrototypeOf;var __hasOwnProp=Object.prototype.hasOwnProperty;var __name=(target,value)=>__defProp(target,\"name\",{value,configurable:true});var __export=(target,all)=>{for(var name in all)__defProp(target,name,{get:all[name],enumerable:true})};var __copyProps=(to,from,except,desc)=>{if(from&&typeof from===\"object\"||typeof from===\"function\"){for(let key of __getOwnPropNames(from))if(!__hasOwnProp.call(to,key)&&key!==except)__defProp(to,key,{get:()=>from[key],enumerable:!(desc=__getOwnPropDesc(from,key))||desc.enumerable})}return to};var __toESM=(mod,isNodeMode,target)=>(target=mod!=null?__create(__getProtoOf(mod)):{},__copyProps(isNodeMode||!mod||!mod.__esModule?__defProp(target,\"default\",{value:mod,enumerable:true}):target,mod));var __toCommonJS=mod=>__copyProps(__defProp({},\"__esModule\",{value:true}),mod);var registration_exports={};__export(registration_exports,{del:()=>del,get:()=>get,post:()=>post,put:()=>put});module.exports=__toCommonJS(registration_exports);var import_omit_by=__toESM(require(\"../helpers/_/omit_by.js\"));var import_constant_equals=__toESM(require(\"../helpers/constant_equals.js\"));var import_no_cache=__toESM(require(\"../shared/no_cache.js\"));var import_selective_body=require(\"../shared/selective_body.js\");var import_epoch_time=__toESM(require(\"../helpers/epoch_time.js\"));var import_errors=require(\"../helpers/errors.js\");var import_weak_cache=__toESM(require(\"../helpers/weak_cache.js\"));var import_set_www_authenticate=__toESM(require(\"../helpers/set_www_authenticate.js\"));const FORBIDDEN=[\"registration_access_token\",\"registration_client_uri\",\"client_secret_expires_at\",\"client_id_issued_at\"];async function setWWWAuthenticateHeader(ctx,next){try{await next()}catch(err){if(err.expose){(0,import_set_www_authenticate.default)(ctx,\"Bearer\",{realm:ctx.oidc.issuer,...err.error_description!==\"no access token provided\"?{error:err.message,error_description:err.error_description}:void 0})}throw err}}__name(setWWWAuthenticateHeader,\"setWWWAuthenticateHeader\");const validateRegistrationAccessToken=[setWWWAuthenticateHeader,__name(async function validateRegistrationAccessToken2(ctx,next){const regAccessToken=await ctx.oidc.provider.RegistrationAccessToken.find(ctx.oidc.getAccessToken());ctx.assert(regAccessToken,new import_errors.InvalidToken(\"token not found\"));const client=await ctx.oidc.provider.Client.find(ctx.params.clientId);if(!client||client.clientId!==regAccessToken.clientId){await regAccessToken.destroy();throw new import_errors.InvalidToken(\"client mismatch\")}ctx.oidc.entity(\"Client\",client);ctx.oidc.entity(\"RegistrationAccessToken\",regAccessToken);await next()},\"validateRegistrationAccessToken\")];const post=[import_no_cache.default,setWWWAuthenticateHeader,import_selective_body.json,__name(async function validateInitialAccessToken(ctx,next){const{oidc:{provider}}=ctx;const{initialAccessToken}=(0,import_weak_cache.default)(provider).configuration(\"features.registration\");switch(initialAccessToken&&typeof initialAccessToken){case\"boolean\":{const iat=await provider.InitialAccessToken.find(ctx.oidc.getAccessToken());ctx.assert(iat,new import_errors.InvalidToken(\"initial access token not found\"));ctx.oidc.entity(\"InitialAccessToken\",iat);break}case\"string\":{const valid=(0,import_constant_equals.default)(initialAccessToken,ctx.oidc.getAccessToken(),1e3);ctx.assert(valid,new import_errors.InvalidToken(\"invalid initial access token value\"));break}default:}await next()},\"validateInitialAccessToken\"),__name(async function registrationResponse(ctx,next){const{oidc:{provider}}=ctx;const{idFactory,secretFactory,issueRegistrationAccessToken}=(0,import_weak_cache.default)(provider).configuration(\"features.registration\");const properties={};const clientId=idFactory(ctx);let rat;if(issueRegistrationAccessToken===true||typeof issueRegistrationAccessToken===\"function\"&&issueRegistrationAccessToken(ctx)){rat=new provider.RegistrationAccessToken({clientId});ctx.oidc.entity(\"RegistrationAccessToken\",rat)}Object.assign(properties,ctx.oidc.body,{client_id:clientId,client_id_issued_at:(0,import_epoch_time.default)()});const{Client}=provider;const secretRequired=Client.needsSecret(properties);if(secretRequired){Object.assign(properties,{client_secret:await secretFactory(ctx),client_secret_expires_at:0})}else{delete properties.client_secret;delete properties.client_secret_expires_at}if(ctx.oidc.entities.InitialAccessToken?.policies){const{policies}=ctx.oidc.entities.InitialAccessToken;const implementations=(0,import_weak_cache.default)(provider).configuration(\"features.registration.policies\");for(const policy of policies){await implementations[policy](ctx,properties)}if(rat&&!(\"policies\"in rat)){rat.policies=policies}}const client=await(0,import_weak_cache.default)(provider).clientAdd(properties,{store:true,ctx});ctx.oidc.entity(\"Client\",client);ctx.body=client.metadata();if(rat){Object.assign(ctx.body,{registration_client_uri:ctx.oidc.urlFor(\"client\",{clientId:properties.client_id}),registration_access_token:await rat.save()})}ctx.status=201;provider.emit(\"registration_create.success\",ctx,client);await next()},\"registrationResponse\")];const get=[import_no_cache.default,...validateRegistrationAccessToken,__name(async function clientReadResponse(ctx,next){if(ctx.oidc.client.noManage){throw new import_errors.InvalidRequest(\"client does not have permission to read its record\",403)}ctx.body=ctx.oidc.client.metadata();Object.assign(ctx.body,{registration_access_token:ctx.oidc.getAccessToken(),registration_client_uri:ctx.oidc.urlFor(\"client\",{clientId:ctx.params.clientId})});await next()},\"clientReadResponse\")];const put=[import_no_cache.default,...validateRegistrationAccessToken,import_selective_body.json,__name(async function forbiddenFields(ctx,next){const hit=FORBIDDEN.find(field=>ctx.oidc.body[field]!==void 0);ctx.assert(!hit,new import_errors.InvalidRequest(`request MUST NOT include the ${hit} field`));await next()},\"forbiddenFields\"),__name(async function equalChecks(ctx,next){ctx.assert(ctx.oidc.body.client_id===ctx.oidc.client.clientId,new import_errors.InvalidRequest(\"provided client_id does not match the authenticated client's one\"));if(\"client_secret\"in ctx.oidc.body){const clientSecretValid=(0,import_constant_equals.default)(typeof ctx.oidc.body.client_secret===\"string\"?ctx.oidc.body.client_secret:\"\",ctx.oidc.client.clientSecret||\"\",1e3);ctx.assert(clientSecretValid,new import_errors.InvalidRequest(\"provided client_secret does not match the authenticated client's one\"))}await next()},\"equalChecks\"),__name(async function clientUpdateResponse(ctx,next){if(ctx.oidc.client.noManage){throw new import_errors.InvalidRequest(\"client does not have permission to update its record\",403)}const properties=(0,import_omit_by.default)({client_id:ctx.oidc.client.clientId,client_id_issued_at:ctx.oidc.client.clientIdIssuedAt,...ctx.oidc.body},value=>value===null||value===\"\");const{oidc:{provider}}=ctx;const{secretFactory}=(0,import_weak_cache.default)(provider).configuration(\"features.registration\");const secretRequired=!ctx.oidc.client.clientSecret&&provider.Client.needsSecret(properties);if(secretRequired){Object.assign(properties,{client_secret:await secretFactory(ctx),client_secret_expires_at:0})}else{Object.assign(properties,{client_secret:ctx.oidc.client.clientSecret,client_secret_expires_at:ctx.oidc.client.clientSecretExpiresAt})}if(ctx.oidc.entities.RegistrationAccessToken.policies){const{policies}=ctx.oidc.entities.RegistrationAccessToken;const implementations=(0,import_weak_cache.default)(provider).configuration(\"features.registration.policies\");for(const policy of policies){await implementations[policy](ctx,properties)}}const client=await(0,import_weak_cache.default)(provider).clientAdd(properties,{store:true,ctx});ctx.body=client.metadata();Object.assign(ctx.body,{registration_access_token:ctx.oidc.getAccessToken(),registration_client_uri:ctx.oidc.urlFor(\"client\",{clientId:ctx.params.clientId})});const management=(0,import_weak_cache.default)(provider).configuration(\"features.registrationManagement\");if(management.rotateRegistrationAccessToken===true||typeof management.rotateRegistrationAccessToken===\"function\"&&await management.rotateRegistrationAccessToken(ctx)){ctx.oidc.entity(\"RotatedRegistrationAccessToken\",ctx.oidc.entities.RegistrationAccessToken);const rat=new provider.RegistrationAccessToken({client:ctx.oidc.client,policies:ctx.oidc.entities.RegistrationAccessToken.policies});await ctx.oidc.registrationAccessToken.destroy();ctx.oidc.entity(\"RegistrationAccessToken\",rat);ctx.body.registration_access_token=await rat.save()}provider.emit(\"registration_update.success\",ctx,ctx.oidc.client);await next()},\"clientUpdateResponse\")];const del=[import_no_cache.default,...validateRegistrationAccessToken,__name(async function clientRemoveResponse(ctx,next){if(ctx.oidc.client.noManage){throw new import_errors.InvalidRequest(\"client does not have permission to delete its record\",403)}const{oidc:{provider}}=ctx;await(0,import_weak_cache.default)(provider).clientRemove(ctx.oidc.client.clientId);await ctx.oidc.entities.RegistrationAccessToken.destroy();ctx.status=204;provider.emit(\"registration_delete.success\",ctx,ctx.oidc.client);await next()},\"clientRemoveResponse\")];0&&(module.exports={del,get,post,put});\n})()\n","warnings":[],"map":{"version":3,"mappings":";i/BAAA,oLAAmB,4CACnB,2BAA2B,kDAC3B,oBAAoB,0CACpB,0BAAkC,uCAClC,sBAAsB,6CACtB,kBAA6C,gCAC7C,sBAAqB,6CACrB,gCAA+B,uDAE/B,MAAM,UAAY,CAChB,4BACA,0BACA,2BACA,qBACF,EAEA,eAAe,yBAAyB,IAAK,KAAM,CACjD,GAAI,CACF,MAAM,KAAK,CACb,OAAS,IAAK,CACZ,GAAI,IAAI,OAAQ,IACd,4BAAAA,SAAmB,IAAK,SAAU,CAChC,MAAO,IAAI,KAAK,OAChB,GAAI,IAAI,oBAAsB,2BAA6B,CACzD,MAAO,IAAI,QACX,kBAAmB,IAAI,iBACzB,EAAI,MACN,CAAC,CACH,CACA,MAAM,GACR,CACF,CAfe,4DAiBf,MAAM,gCAAkC,CACtC,yBACA,sBAAeC,iCAAgC,IAAK,KAAM,CACxD,MAAM,eAAiB,MAAM,IAAI,KAAK,SAAS,wBAAwB,KACrE,IAAI,KAAK,eAAe,CAC1B,EACA,IAAI,OAAO,eAAgB,IAAI,2BAAa,iBAAiB,CAAC,EAE9D,MAAM,OAAS,MAAM,IAAI,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,EAEtE,GAAI,CAAC,QAAU,OAAO,WAAa,eAAe,SAAU,CAC1D,MAAM,eAAe,QAAQ,EAC7B,MAAM,IAAI,2BAAa,iBAAiB,CAC1C,CAEA,IAAI,KAAK,OAAO,SAAU,MAAM,EAChC,IAAI,KAAK,OAAO,0BAA2B,cAAc,EAEzD,MAAM,KAAK,CACb,EAjBA,kCAkBF,EAEO,MAAM,KAAO,CAClB,gBAAAC,QACA,yBACA,sBAAAC,KACA,sBAAe,2BAA2B,IAAK,KAAM,CACnD,KAAM,CAAE,KAAM,CAAE,QAAS,CAAE,EAAI,IAC/B,KAAM,CAAE,kBAAmB,KAAI,kBAAAC,SAAS,QAAQ,EAAE,cAAc,uBAAuB,EACvF,OAAQ,oBAAsB,OAAO,mBAAoB,CACvD,IAAK,UAAW,CACd,MAAM,IAAM,MAAM,SAAS,mBAAmB,KAAK,IAAI,KAAK,eAAe,CAAC,EAC5E,IAAI,OAAO,IAAK,IAAI,2BAAa,gCAAgC,CAAC,EAClE,IAAI,KAAK,OAAO,qBAAsB,GAAG,EACzC,KACF,CACA,IAAK,SAAU,CACb,MAAM,SAAQ,uBAAAC,SACZ,mBACA,IAAI,KAAK,eAAe,EACxB,GACF,EACA,IAAI,OAAO,MAAO,IAAI,2BAAa,oCAAoC,CAAC,EACxE,KACF,CACA,QACF,CAEA,MAAM,KAAK,CACb,EAvBA,8BAwBA,sBAAe,qBAAqB,IAAK,KAAM,CAC7C,KAAM,CAAE,KAAM,CAAE,QAAS,CAAE,EAAI,IAC/B,KAAM,CAAE,UAAW,cAAe,4BAA6B,KAAI,kBAAAD,SAAS,QAAQ,EAAE,cAAc,uBAAuB,EAC3H,MAAM,WAAa,CAAC,EACpB,MAAM,SAAW,UAAU,GAAG,EAE9B,IAAI,IAEJ,GACE,+BAAiC,MAC7B,OAAO,+BAAiC,YAAc,6BAA6B,GAAG,EAC1F,CACA,IAAM,IAAI,SAAS,wBAAwB,CAAE,QAAS,CAAC,EACvD,IAAI,KAAK,OAAO,0BAA2B,GAAG,CAChD,CAEA,OAAO,OAAO,WAAY,IAAI,KAAK,KAAM,CACvC,UAAW,SACX,uBAAqB,kBAAAE,SAAU,CACjC,CAAC,EAED,KAAM,CAAE,MAAO,EAAI,SACnB,MAAM,eAAiB,OAAO,YAAY,UAAU,EAEpD,GAAI,eAAgB,CAClB,OAAO,OAAO,WAAY,CACxB,cAAe,MAAM,cAAc,GAAG,EACtC,yBAA0B,CAC5B,CAAC,CACH,KAAO,CACL,OAAO,WAAW,cAClB,OAAO,WAAW,wBACpB,CAEA,GACE,IAAI,KAAK,SAAS,oBAAoB,SACtC,CACA,KAAM,CAAE,QAAS,EAAI,IAAI,KAAK,SAAS,mBACvC,MAAM,mBAAkB,kBAAAF,SAAS,QAAQ,EAAE,cAAc,gCAAgC,EACzF,UAAW,UAAU,SAAU,CAC7B,MAAM,gBAAgB,MAAM,EAAE,IAAK,UAAU,CAC/C,CAEA,GAAI,KAAO,EAAE,aAAc,KAAM,CAC/B,IAAI,SAAW,QACjB,CACF,CAEA,MAAM,OAAS,QAAM,kBAAAA,SAAS,QAAQ,EAAE,UAAU,WAAY,CAAE,MAAO,KAAM,GAAI,CAAC,EAClF,IAAI,KAAK,OAAO,SAAU,MAAM,EAEhC,IAAI,KAAO,OAAO,SAAS,EAE3B,GAAI,IAAK,CACP,OAAO,OAAO,IAAI,KAAM,CACtB,wBAAyB,IAAI,KAAK,OAAO,SAAU,CACjD,SAAU,WAAW,SACvB,CAAC,EACD,0BAA2B,MAAM,IAAI,KAAK,CAC5C,CAAC,CACH,CAEA,IAAI,OAAS,IAEb,SAAS,KAAK,8BAA+B,IAAK,MAAM,EAExD,MAAM,KAAK,CACb,EAnEA,uBAoEF,EAEO,MAAM,IAAM,CACjB,gBAAAF,QACA,GAAG,gCAEH,sBAAe,mBAAmB,IAAK,KAAM,CAC3C,GAAI,IAAI,KAAK,OAAO,SAAU,CAC5B,MAAM,IAAI,6BAAe,qDAAsD,GAAG,CACpF,CAEA,IAAI,KAAO,IAAI,KAAK,OAAO,SAAS,EAEpC,OAAO,OAAO,IAAI,KAAM,CACtB,0BAA2B,IAAI,KAAK,eAAe,EACnD,wBAAyB,IAAI,KAAK,OAAO,SAAU,CACjD,SAAU,IAAI,OAAO,QACvB,CAAC,CACH,CAAC,EAED,MAAM,KAAK,CACb,EAfA,qBAgBF,EAEO,MAAM,IAAM,CACjB,gBAAAA,QACA,GAAG,gCACH,sBAAAC,KAEA,sBAAe,gBAAgB,IAAK,KAAM,CACxC,MAAM,IAAM,UAAU,KAAM,OAAU,IAAI,KAAK,KAAK,KAAK,IAAM,MAAS,EACxE,IAAI,OAAO,CAAC,IAAK,IAAI,6BAAe,gCAAgC,GAAG,QAAQ,CAAC,EAChF,MAAM,KAAK,CACb,EAJA,mBAMA,sBAAe,YAAY,IAAK,KAAM,CACpC,IAAI,OAAO,IAAI,KAAK,KAAK,YAAc,IAAI,KAAK,OAAO,SAAU,IAAI,6BAAe,kEAAmE,CAAC,EAExJ,GAAI,kBAAmB,IAAI,KAAK,KAAM,CACpC,MAAM,qBAAoB,uBAAAE,SACxB,OAAO,IAAI,KAAK,KAAK,gBAAkB,SAAW,IAAI,KAAK,KAAK,cAAgB,GAChF,IAAI,KAAK,OAAO,cAAgB,GAChC,GACF,EAEA,IAAI,OAAO,kBAAmB,IAAI,6BAAe,sEAAuE,CAAC,CAC3H,CAEA,MAAM,KAAK,CACb,EAdA,eAgBA,sBAAe,qBAAqB,IAAK,KAAM,CAC7C,GAAI,IAAI,KAAK,OAAO,SAAU,CAC5B,MAAM,IAAI,6BAAe,uDAAwD,GAAG,CACtF,CAEA,MAAM,cAAa,eAAAE,SAAO,CACxB,UAAW,IAAI,KAAK,OAAO,SAC3B,oBAAqB,IAAI,KAAK,OAAO,iBACrC,GAAG,IAAI,KAAK,IACd,EAAI,OAAU,QAAU,MAAQ,QAAU,EAAE,EAE5C,KAAM,CAAE,KAAM,CAAE,QAAS,CAAE,EAAI,IAC/B,KAAM,CAAE,aAAc,KAAI,kBAAAH,SAAS,QAAQ,EAAE,cAAc,uBAAuB,EAElF,MAAM,eAAiB,CAAC,IAAI,KAAK,OAAO,cACnC,SAAS,OAAO,YAAY,UAAU,EAE3C,GAAI,eAAgB,CAClB,OAAO,OAAO,WAAY,CACxB,cAAe,MAAM,cAAc,GAAG,EACtC,yBAA0B,CAC5B,CAAC,CACH,KAAO,CACL,OAAO,OAAO,WAAY,CACxB,cAAe,IAAI,KAAK,OAAO,aAC/B,yBAA0B,IAAI,KAAK,OAAO,qBAC5C,CAAC,CACH,CAEA,GAAI,IAAI,KAAK,SAAS,wBAAwB,SAAU,CACtD,KAAM,CAAE,QAAS,EAAI,IAAI,KAAK,SAAS,wBACvC,MAAM,mBAAkB,kBAAAA,SAAS,QAAQ,EAAE,cAAc,gCAAgC,EACzF,UAAW,UAAU,SAAU,CAC7B,MAAM,gBAAgB,MAAM,EAAE,IAAK,UAAU,CAC/C,CACF,CAEA,MAAM,OAAS,QAAM,kBAAAA,SAAS,QAAQ,EAAE,UAAU,WAAY,CAAE,MAAO,KAAM,GAAI,CAAC,EAElF,IAAI,KAAO,OAAO,SAAS,EAE3B,OAAO,OAAO,IAAI,KAAM,CACtB,0BAA2B,IAAI,KAAK,eAAe,EACnD,wBAAyB,IAAI,KAAK,OAAO,SAAU,CACjD,SAAU,IAAI,OAAO,QACvB,CAAC,CACH,CAAC,EAED,MAAM,cAAa,kBAAAA,SAAS,QAAQ,EAAE,cAAc,iCAAiC,EACrF,GACE,WAAW,gCAAkC,MACzC,OAAO,WAAW,gCAAkC,YAAc,MAAM,WAAW,8BAA8B,GAAG,EACxH,CACA,IAAI,KAAK,OAAO,iCAAkC,IAAI,KAAK,SAAS,uBAAuB,EAC3F,MAAM,IAAM,IAAI,SAAS,wBAAwB,CAC/C,OAAQ,IAAI,KAAK,OACjB,SAAU,IAAI,KAAK,SAAS,wBAAwB,QACtD,CAAC,EAED,MAAM,IAAI,KAAK,wBAAwB,QAAQ,EAE/C,IAAI,KAAK,OAAO,0BAA2B,GAAG,EAC9C,IAAI,KAAK,0BAA4B,MAAM,IAAI,KAAK,CACtD,CAEA,SAAS,KAAK,8BAA+B,IAAK,IAAI,KAAK,MAAM,EAEjE,MAAM,KAAK,CACb,EApEA,uBAqEF,EAEO,MAAM,IAAM,CACjB,gBAAAF,QACA,GAAG,gCAEH,sBAAe,qBAAqB,IAAK,KAAM,CAC7C,GAAI,IAAI,KAAK,OAAO,SAAU,CAC5B,MAAM,IAAI,6BAAe,uDAAwD,GAAG,CACtF,CAEA,KAAM,CAAE,KAAM,CAAE,QAAS,CAAE,EAAI,IAE/B,QAAM,kBAAAE,SAAS,QAAQ,EAAE,aAAa,IAAI,KAAK,OAAO,QAAQ,EAC9D,MAAM,IAAI,KAAK,SAAS,wBAAwB,QAAQ,EAExD,IAAI,OAAS,IAEb,SAAS,KAAK,8BAA+B,IAAK,IAAI,KAAK,MAAM,EAEjE,MAAM,KAAK,CACb,EAfA,uBAgBF","names":["setWWWAuthenticate","validateRegistrationAccessToken","noCache","parseBody","instance","constantEquals","epochTime","omitBy"],"ignoreList":[],"sources":["/home/etherpad/node_modules/.pnpm/oidc-provider@8.4.6/node_modules/oidc-provider/lib/actions/registration.js"],"sourcesContent":[null]}}