gbili
/
swissoid-back
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: harden middleware config

Browse Source
master
Guillermo Pages 3 months ago
parent ca30bbecdb
commit e1ec5ebb0c
3 changed files with 280 additions and 0 deletions
Show Stats Download Patch File Download Diff File

277
package-lock.json generated
Unescape Escape View File

@ -14,6 +14,7 @@
"cookie-parser": "^1.4.7",
"di-why": "^0.20.0",
"express": "^4.21.2",
"express-knifey": "^1.1.0",
"ioredis": "^5.7.0",
"jose": "^6.1.0",
"node-fetch": "^3.3.2",
@ -2322,6 +2323,20 @@
"integrity": "sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==",
"license": "MIT"
},
"node_modules/cors": {
"version": "2.8.5",
"resolved": "https://registry.npmjs.org/cors/-/cors-2.8.5.tgz",
"integrity": "sha512-KIHbLJqu73RGr/hnbrO9uBeixNGuvSQjul/jdFvS/KFSIH1hWVd1ng7zOHx+YrEfInLG7q4n6GHQ9cDtxv/P6g==",
"license": "MIT",
"optional": true,
"dependencies": {
"object-assign": "^4",
"vary": "^1"
},
"engines": {
"node": ">= 0.10"
}
},
"node_modules/cross-spawn": {
"version": "7.0.6",
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
@ -2441,6 +2456,19 @@
"integrity": "sha512-rwX3nU/Q2/JgJA3EuJqCS3D6L/PU4UMB2ycnGJuKRO5CFfnJbeAieTlVw7HnUj97QeSfiuvi8FuKdDLrIqEYMg==",
"license": "MIT"
},
"node_modules/dotenv": {
"version": "17.2.2",
"resolved": "https://registry.npmjs.org/dotenv/-/dotenv-17.2.2.tgz",
"integrity": "sha512-Sf2LSQP+bOlhKWWyhFsn0UsfdK/kCWRv1iuA2gXAwt3dyNabr6QSj00I2V10pidqz69soatm9ZwZvpQMTIOd5Q==",
"license": "BSD-2-Clause",
"peer": true,
"engines": {
"node": ">=12"
},
"funding": {
"url": "https://dotenvx.com"
}
},
"node_modules/dunder-proto": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz",
@ -2706,6 +2734,189 @@
"url": "https://opencollective.com/express"
}
},
"node_modules/express-knifey": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/express-knifey/-/express-knifey-1.1.0.tgz",
"integrity": "sha512-xHZw+CVt5Ft+pUtf7keqZV+/hCucYU+shLxVM/6jvxks732glA7v0NlvV5sqRjKnvcFNH9yYLZbhwxAuEIwThQ==",
"license": "MIT",
"optionalDependencies": {
"body-parser": ">=2.2.0",
"cookie-parser": ">=1.4.7",
"cors": ">=2.8.5",
"express-rate-limit": ">=8.1.0"
},
"peerDependencies": {
"di-why": ">=0.20.0",
"dotenv": ">=16.0.0",
"express": ">=4.0.0",
"saylo": ">=0.5.0",
"swiss-army-knifey": ">=1.30.0"
},
"peerDependenciesMeta": {
"body-parser": {
"optional": true
},
"cookie-parser": {
"optional": true
},
"cors": {
"optional": true
},
"express-rate-limit": {
"optional": true
}
}
},
"node_modules/express-knifey/node_modules/body-parser": {
"version": "2.2.0",
"resolved": "https://registry.npmjs.org/body-parser/-/body-parser-2.2.0.tgz",
"integrity": "sha512-02qvAaxv8tp7fBa/mw1ga98OGm+eCbqzJOKoRt70sLmfEEi+jyBYVTDGfCL/k06/4EMk/z01gCe7HoCH/f2LTg==",
"license": "MIT",
"optional": true,
"dependencies": {
"bytes": "^3.1.2",
"content-type": "^1.0.5",
"debug": "^4.4.0",
"http-errors": "^2.0.0",
"iconv-lite": "^0.6.3",
"on-finished": "^2.4.1",
"qs": "^6.14.0",
"raw-body": "^3.0.0",
"type-is": "^2.0.0"
},
"engines": {
"node": ">=18"
}
},
"node_modules/express-knifey/node_modules/iconv-lite": {
"version": "0.6.3",
"resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.6.3.tgz",
"integrity": "sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==",
"license": "MIT",
"optional": true,
"dependencies": {
"safer-buffer": ">= 2.1.2 < 3.0.0"
},
"engines": {
"node": ">=0.10.0"
}
},
"node_modules/express-knifey/node_modules/media-typer": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/media-typer/-/media-typer-1.1.0.tgz",
"integrity": "sha512-aisnrDP4GNe06UcKFnV5bfMNPBUw4jsLGaWwWfnH3v02GnBuXX2MCVn5RbrWo0j3pczUilYblq7fQ7Nw2t5XKw==",
"license": "MIT",
"optional": true,
"engines": {
"node": ">= 0.8"
}
},
"node_modules/express-knifey/node_modules/mime-db": {
"version": "1.54.0",
"resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.54.0.tgz",
"integrity": "sha512-aU5EJuIN2WDemCcAp2vFBfp/m4EAhWJnUNSSw0ixs7/kXbd6Pg64EmwJkNdFhB8aWt1sH2CTXrLxo/iAGV3oPQ==",
"license": "MIT",
"optional": true,
"engines": {
"node": ">= 0.6"
}
},
"node_modules/express-knifey/node_modules/mime-types": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/mime-types/-/mime-types-3.0.1.tgz",
"integrity": "sha512-xRc4oEhT6eaBpU1XF7AjpOFD+xQmXNB5OVKwp4tqCuBpHLS/ZbBDrc07mYTDqVMg6PfxUjjNp85O6Cd2Z/5HWA==",
"license": "MIT",
"optional": true,
"dependencies": {
"mime-db": "^1.54.0"
},
"engines": {
"node": ">= 0.6"
}
},
"node_modules/express-knifey/node_modules/qs": {
"version": "6.14.0",
"resolved": "https://registry.npmjs.org/qs/-/qs-6.14.0.tgz",
"integrity": "sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w==",
"license": "BSD-3-Clause",
"optional": true,
"dependencies": {
"side-channel": "^1.1.0"
},
"engines": {
"node": ">=0.6"
},
"funding": {
"url": "https://github.com/sponsors/ljharb"
}
},
"node_modules/express-knifey/node_modules/raw-body": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/raw-body/-/raw-body-3.0.1.tgz",
"integrity": "sha512-9G8cA+tuMS75+6G/TzW8OtLzmBDMo8p1JRxN5AZ+LAp8uxGA8V8GZm4GQ4/N5QNQEnLmg6SS7wyuSmbKepiKqA==",
"license": "MIT",
"optional": true,
"dependencies": {
"bytes": "3.1.2",
"http-errors": "2.0.0",
"iconv-lite": "0.7.0",
"unpipe": "1.0.0"
},
"engines": {
"node": ">= 0.10"
}
},
"node_modules/express-knifey/node_modules/raw-body/node_modules/iconv-lite": {
"version": "0.7.0",
"resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.7.0.tgz",
"integrity": "sha512-cf6L2Ds3h57VVmkZe+Pn+5APsT7FpqJtEhhieDCvrE2MK5Qk9MyffgQyuxQTm6BChfeZNtcOLHp9IcWRVcIcBQ==",
"license": "MIT",
"optional": true,
"dependencies": {
"safer-buffer": ">= 2.1.2 < 3.0.0"
},
"engines": {
"node": ">=0.10.0"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/express"
}
},
"node_modules/express-knifey/node_modules/type-is": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/type-is/-/type-is-2.0.1.tgz",
"integrity": "sha512-OZs6gsjF4vMp32qrCbiVSkrFmXtG/AZhY3t0iAMrMBiAZyV9oALtXO8hsrHbMXF9x6L3grlFuwW2oAz7cav+Gw==",
"license": "MIT",
"optional": true,
"dependencies": {
"content-type": "^1.0.5",
"media-typer": "^1.1.0",
"mime-types": "^3.0.0"
},
"engines": {
"node": ">= 0.6"
}
},
"node_modules/express-rate-limit": {
"version": "8.1.0",
"resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-8.1.0.tgz",
"integrity": "sha512-4nLnATuKupnmwqiJc27b4dCFmB/T60ExgmtDD7waf4LdrbJ8CPZzZRHYErDYNhoz+ql8fUdYwM/opf90PoPAQA==",
"license": "MIT",
"optional": true,
"dependencies": {
"ip-address": "10.0.1"
},
"engines": {
"node": ">= 16"
},
"funding": {
"url": "https://github.com/sponsors/express-rate-limit"
},
"peerDependencies": {
"express": ">= 4.11"
}
},
"node_modules/express/node_modules/cookie": {
"version": "0.7.1",
"resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.1.tgz",
@ -3245,6 +3456,16 @@
"url": "https://opencollective.com/ioredis"
}
},
"node_modules/ip-address": {
"version": "10.0.1",
"resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.0.1.tgz",
"integrity": "sha512-NWv9YLW4PoW2B7xtzaS3NCot75m6nK7Icdv0o3lfMceJVRfSoQwqD4wEH5rLwoKJwUiZ/rfpiVBhnaF0FK4HoA==",
"license": "MIT",
"optional": true,
"engines": {
"node": ">= 12"
}
},
"node_modules/ipaddr.js": {
"version": "1.9.1",
"resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",
@ -4441,6 +4662,16 @@
"node": ">=8"
}
},
"node_modules/object-assign": {
"version": "4.1.1",
"resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz",
"integrity": "sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==",
"license": "MIT",
"optional": true,
"engines": {
"node": ">=0.10.0"
}
},
"node_modules/object-inspect": {
"version": "1.13.4",
"resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.4.tgz",
@ -4884,6 +5115,13 @@
"integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==",
"license": "MIT"
},
"node_modules/saylo": {
"version": "0.6.2",
"resolved": "https://registry.npmjs.org/saylo/-/saylo-0.6.2.tgz",
"integrity": "sha512-V0sadlkpbfOhvE5y+VKul+xu5IqbWfaAqkLv/nvPHSip8ALjw7AnBXC5gG1+ne0p8x7nRnnigUneZGEzDd7XHQ==",
"license": "MIT",
"peer": true
},
"node_modules/semver": {
"version": "6.3.1",
"resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz",
@ -5122,6 +5360,16 @@
"integrity": "sha512-qoRRSyROncaz1z0mvYqIE4lCd9p2R90i6GxW3uZv5ucSu8tU7B5HXUP1gG8pVZsYNVaXjk8ClXHPttLyxAL48A==",
"license": "MIT"
},
"node_modules/star-events": {
"version": "0.0.6",
"resolved": "https://registry.npmjs.org/star-events/-/star-events-0.0.6.tgz",
"integrity": "sha512-8ifxxj+w9m7aoHFeSLYDYYGwgwZDbZPhhsAa8nrMPdmJLL2ihiQ60JeMDysSbPx9SAJwbAKnENNUVyQTv3B9uQ==",
"license": "MIT",
"peer": true,
"dependencies": {
"saylo": "0.6.2"
}
},
"node_modules/statuses": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz",
@ -5318,6 +5566,35 @@
"node": ">=8"
}
},
"node_modules/swiss-army-knifey": {
"version": "1.36.4",
"resolved": "https://registry.npmjs.org/swiss-army-knifey/-/swiss-army-knifey-1.36.4.tgz",
"integrity": "sha512-rMJypOaSi/hVEw5f+tHn9zjZYTHCnqJ5rrJpP4txQjnSpiziuwBqP/bwQi70lAs3WPSUEMlqSPpSnthDrPxF2Q==",
"license": "MIT",
"peer": true,
"dependencies": {
"dotenv": "^16.5.0",
"saylo": "0.6.2",
"star-events": "^0.0.6"
},
"bin": {
"env-prepare": "build/bin/envPrepare.js",
"env-replace": "build/bin/envReplace.js"
}
},
"node_modules/swiss-army-knifey/node_modules/dotenv": {
"version": "16.6.1",
"resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.6.1.tgz",
"integrity": "sha512-uBq4egWHTcTt33a72vpSG0z3HnPuIl6NqYcTrKEg2azoEyl2hpW0zqlxysq2pK9HlDIHyHyakeYaYnSAwd8bow==",
"license": "BSD-2-Clause",
"peer": true,
"engines": {
"node": ">=12"
},
"funding": {
"url": "https://dotenvx.com"
}
},
"node_modules/synckit": {
"version": "0.11.11",
"resolved": "https://registry.npmjs.org/synckit/-/synckit-0.11.11.tgz",

1
package.json
Unescape Escape View File

@ -25,6 +25,7 @@
"cookie-parser": "^1.4.7",
"di-why": "^0.20.0",
"express": "^4.21.2",
"express-knifey": "^1.1.0",
"ioredis": "^5.7.0",
"jose": "^6.1.0",
"node-fetch": "^3.3.2",

2
src/index.ts
Unescape Escape View File

@ -27,6 +27,7 @@ export { buildOidcConfig } from './oidc/oidcConfigBuilder';
export { SwissOIDSessionService } from './session/SwissOIDSessionService';
export { CookieManager } from './cookies/CookieManager';
export { SwissOIDJWTVerifier } from './jwt/SwissOIDJWTVerifier';
export { SWISSOID_MIDDLEWARE } from './middleware';
// Types
export type {
@ -35,6 +36,7 @@ export type {
DATClaims,
SwissOIDSessionConfig
} from './types/auth.types';
export type { SwissoidMiddlewareHandle } from './middleware';
// Re-export useful types from dependencies
export type { Request, Response, Router } from 'express';

Write Preview
Loading…
Cancel
Save