Processor

.vscode/settings.json

@@ -43,6 +43,7 @@
 		"authly",
 		"cloudly",
 		"cryptly",
+		"Encrypter",
 		"flagly",
 		"gracely",
 		"isly",
@@ -58,6 +59,8 @@
 		"smoothly",
 		"tidily",
 		"transactly",
+		"typedly",
 		"uply"
-	]
+	],
+	"typescript.tsdk": "node_modules/typescript/lib"
 }

Actor.ts

@@ -1,22 +1,12 @@
-import * as Property from "./Property"
-export class Actor<T extends Actor<T>> {
-	protected readonly transformers: Property.Transformer[] = []
-	constructor(readonly id?: string) {}
+import { isoly } from "isoly"
+import { Processor } from "./Processor"
 
-	add(...argument: (Property.Configuration | Property.Transformer | undefined)[]): T {
-		argument.forEach(
-			value =>
-				value && this.transformers.push(Property.Configuration.is(value) ? this.creatableToTransformer(value) : value)
-		)
-		return this as unknown as T
-	}
-
-	private creatableToTransformer(creatable: Property.Configuration): Property.Transformer {
-		return Property.Converter.Configuration.is(creatable)
-			? new Property.Converter(creatable)
-			: Property.Crypto.Configuration.is(creatable)
-			? Property.Crypto.create(creatable[0], ...creatable.slice(1))
-			: new Property.Renamer(creatable)
+export class Actor<T extends Processor.Type.Constraints<T>> {
+	protected constructor(protected readonly processor: Processor<T>) {}
+	protected time(): number {
+		const time = (this.constructor as typeof Actor).staticTime ?? Actor.staticTime
+		return typeof time == "number" ? time : Math.floor(isoly.DateTime.epoch(time ? time : isoly.DateTime.now()) / 1_000)
 	}
+	static staticTime?: isoly.Date | number
 }
 export namespace Actor {}

Algorithm/index.spec.ts

@@ -11,7 +11,7 @@ describe("Algorithm.RS256", () => {
 					"amount=2050&currency=EUR&ip=1.1.1.1&card[pan]=4111111111111111&card[expire_month]=06&card[expire_year]=2022&card[csc]=123"
 			  )
 			: ""
-		const hexadecimalSignature = cryptly.Identifier.toHexadecimal(signature)
+		const hexadecimalSignature = cryptly.Identifier.toBase16(signature)
 		expect(hexadecimalSignature).toEqual(
 			"881de666d7f61c796c1c900784901b1b9bb8298af26bf10f79b2fd59231ab3383d9183ea8120bac3abead1000c4fab63bf6cf1345a31209acfe910c9286e9a3db7d4d15d1ae8e279ef05d5e43184b608ad39741ab04e28095fb8a0c48974e55fd0fe58ac5ef1f6c16670f67fd1c1b9a2a06273b079dc29e0daef6319a2e63545"
 		)

Algorithm/index.ts

@@ -20,16 +20,16 @@ export class Algorithm {
 		return this.signer.verify(data, signature)
 	}
 
-	static create(name: "none"): Algorithm | undefined
+	static create(name: "none"): Algorithm
 	static create(name: AlgorithmName.Symmetric, key: Uint8Array | string): Algorithm
-	static create(name: AlgorithmName.Symmetric, key: Uint8Array | string | undefined): Algorithm | undefined
+	static create(name: AlgorithmName.Symmetric, key: Uint8Array | string | undefined): Algorithm
 	static create(
 		name: AlgorithmName.Asymmetric,
 		publicKey: Uint8Array | string | undefined,
 		privateKey?: Uint8Array | string
-	): Algorithm | undefined
-	static create(name: AlgorithmName, ...keys: (string | Uint8Array)[]): Algorithm | undefined {
-		let result: cryptly.Signer | undefined
+	): Algorithm
+	static create(name: AlgorithmName, ...keys: (string | Uint8Array)[]): Algorithm {
+		let result: cryptly.Signer
 		switch (name) {
 			case "ES256":
 				result = cryptly.Signer.create("ECDSA", "SHA-256", keys[0], keys[1])
@@ -71,9 +71,9 @@ export class Algorithm {
 				result = cryptly.Signer.create("None")
 				break
 		}
-		return result && new Algorithm(name, result)
+		return new Algorithm(name, result)
 	}
-	static none(): Algorithm | undefined {
+	static none(): Algorithm {
 		return Algorithm.create("none")
 	}
 	static HS256(key: Uint8Array | string): Algorithm
@@ -92,58 +92,31 @@ export class Algorithm {
 		return Algorithm.create("HS512", key)
 	}
 
-	static RS256(
-		publicKey: Uint8Array | string | undefined,
-		privateKey?: Uint8Array | string | undefined
-	): Algorithm | undefined {
+	static RS256(publicKey: Uint8Array | string | undefined, privateKey?: Uint8Array | string | undefined): Algorithm {
 		return Algorithm.create("RS256", publicKey, privateKey)
 	}
-	static RS384(
-		publicKey: Uint8Array | string | undefined,
-		privateKey?: Uint8Array | string | undefined
-	): Algorithm | undefined {
+	static RS384(publicKey: Uint8Array | string | undefined, privateKey?: Uint8Array | string | undefined): Algorithm {
 		return Algorithm.create("RS384", publicKey, privateKey)
 	}
-	static RS512(
-		publicKey: Uint8Array | string | undefined,
-		privateKey?: Uint8Array | string | undefined
-	): Algorithm | undefined {
+	static RS512(publicKey: Uint8Array | string | undefined, privateKey?: Uint8Array | string | undefined): Algorithm {
 		return Algorithm.create("RS512", publicKey, privateKey)
 	}
-	static ES256(
-		publicKey: Uint8Array | string | undefined,
-		privateKey?: Uint8Array | string | undefined
-	): Algorithm | undefined {
+	static ES256(publicKey: Uint8Array | string | undefined, privateKey?: Uint8Array | string | undefined): Algorithm {
 		return Algorithm.create("ES256", publicKey, privateKey)
 	}
-	static ES384(
-		publicKey: Uint8Array | string | undefined,
-		privateKey?: Uint8Array | string | undefined
-	): Algorithm | undefined {
+	static ES384(publicKey: Uint8Array | string | undefined, privateKey?: Uint8Array | string | undefined): Algorithm {
 		return Algorithm.create("ES384", publicKey, privateKey)
 	}
-	static ES512(
-		publicKey: Uint8Array | string | undefined,
-		privateKey?: Uint8Array | string | undefined
-	): Algorithm | undefined {
+	static ES512(publicKey: Uint8Array | string | undefined, privateKey?: Uint8Array | string | undefined): Algorithm {
 		return Algorithm.create("ES512", publicKey, privateKey)
 	}
-	static PS256(
-		publicKey: Uint8Array | string | undefined,
-		privateKey?: Uint8Array | string | undefined
-	): Algorithm | undefined {
+	static PS256(publicKey: Uint8Array | string | undefined, privateKey?: Uint8Array | string | undefined): Algorithm {
 		return Algorithm.create("PS256", publicKey, privateKey)
 	}
-	static PS384(
-		publicKey: Uint8Array | string | undefined,
-		privateKey?: Uint8Array | string | undefined
-	): Algorithm | undefined {
+	static PS384(publicKey: Uint8Array | string | undefined, privateKey?: Uint8Array | string | undefined): Algorithm {
 		return Algorithm.create("PS384", publicKey, privateKey)
 	}
-	static PS512(
-		publicKey: Uint8Array | string | undefined,
-		privateKey?: Uint8Array | string | undefined
-	): Algorithm | undefined {
+	static PS512(publicKey: Uint8Array | string | undefined, privateKey?: Uint8Array | string | undefined): Algorithm {
 		return Algorithm.create("PS512", publicKey, privateKey)
 	}
 }

Claims.ts

@@ -0,0 +1,26 @@
+import { isly } from "isly"
+
+/**
+ * JWT public claim names
+ * https://datatracker.ietf.org/doc/html/rfc7519#section-4.1
+ */
+export interface Claims {
+	aud?: string // audience
+	iss?: string // issuer
+	iat?: number // issued at
+	sub?: string // subject
+	exp?: number // expires
+	nbf?: number // not before
+	jti?: string // JWT id
+}
+export namespace Claims {
+	export const type = isly.object<Claims>({
+		aud: isly.string().optional(),
+		iss: isly.string().optional(),
+		iat: isly.number().optional(),
+		sub: isly.string().optional(),
+		exp: isly.number().optional(),
+		nbf: isly.number().optional(),
+		jti: isly.string().optional(),
+	})
+}

Issuer.spec.ts

@@ -0,0 +1,28 @@
+import { authly } from "./index"
+import { Test } from "./Test"
+
+authly.Actor.staticTime = Test.times.issued
+
+describe("authly.Issuer", () => {
+	const issuer: authly.Issuer<Test.Type> = authly.Issuer.create(
+		Test.configuration,
+		"issuer",
+		"audience",
+		authly.Algorithm.RS256(Test.keys.public, Test.keys.private)
+	)
+	it("staticTime", async () => {
+		expect(authly.Issuer.staticTime).toEqual(Test.times.issued)
+	})
+	it("signing", async () => {
+		expect(await issuer.sign(Test.payload)).toEqual(Test.token.signed)
+	})
+	it("unsigned", async () => {
+		const issuer: authly.Issuer<Test.Type> = authly.Issuer.create(
+			Test.configuration,
+			"issuer",
+			"audience",
+			authly.Algorithm.none()
+		)
+		expect(await issuer.sign(Test.payload)).toEqual(Test.token.unsigned)
+	})
+})

Issuer.ts

@@ -1,57 +1,88 @@
 import { cryptly } from "cryptly"
+import { isoly } from "isoly"
 import { Actor } from "./Actor"
 import { Algorithm } from "./Algorithm"
 import { Header } from "./Header"
-import { Payload } from "./Payload"
+import { Processor } from "./Processor"
 import { Token } from "./Token"
 
-export class Issuer<T extends Payload> extends Actor<Issuer<T>> {
-	audience?: string | string[]
-	/** Duration in seconds */
-	duration?: number
-	get header(): Header {
-		return {
-			alg: this.algorithm.name,
-			typ: "JWT",
-			...(this.algorithm.kid && { kid: this.algorithm.kid }),
-		}
+export class Issuer<T extends Processor.Type.Constraints<T>> extends Actor<T> {
+	private readonly header: Header
+	private constructor(
+		processor: Processor<T>,
+		private readonly issuer: string,
+		private readonly audience: string,
+		readonly algorithm: Algorithm
+	) {
+		super(processor)
+		this.header = { alg: algorithm.name, typ: "JWT", ...(algorithm.kid && { kid: algorithm.kid }) }
 	}
-	get payload(): Payload {
-		const result: Payload = { iss: this.id, iat: Issuer.issuedAt }
-		if (this.audience)
-			result.aud = this.audience
-		if (this.duration && result.iat)
-			result.exp = result.iat + this.duration
-		return result
+	private async process(claims: Processor.Type.Payload<T>): Promise<Processor.Type.Claims<T>> {
+		return await this.processor.encode(claims)
 	}
-	private constructor(issuer: string, readonly algorithm: Algorithm) {
-		super(issuer)
+	private issued(issued: isoly.DateTime | number): number {
+		return typeof issued == "number" ? issued : isoly.DateTime.epoch(issued, "seconds")
 	}
-	async sign(payload: T, issuedAt?: Date | number): Promise<Token | undefined> {
-		payload = { ...this.payload, ...payload }
-		if (issuedAt)
-			payload.iat = typeof issuedAt == "number" ? issuedAt : issuedAt.getTime() / 1000
-		const transformed = await this.transformers.reduce(async (p, c) => c.apply(await p), Promise.resolve(payload))
-		const data =
-			transformed &&
-			`${cryptly.Base64.encode(new TextEncoder().encode(JSON.stringify(this.header)), "url")}.${cryptly.Base64.encode(
-				new TextEncoder().encode(JSON.stringify(transformed)),
-				"url"
-			)}`
-		return data && `${data}.${await this.algorithm.sign(data)}`
+	async sign(payload: Processor.Type.Payload.Creatable<T>, { ...options }: Issuer.Options = {}): Promise<Token> {
+		payload = {
+			...payload,
+			...(await (async name => ({
+				[name]: (
+					(await this.processor.decode({
+						iat: options.issued == undefined ? this.time() : this.issued(options.issued),
+					} as Processor.Type.Claims<T>)) as Processor.Type.Payload<T>
+				)[name],
+			}))(this.processor.name("iat"))),
+			...(await (async name => ({
+				[name]: (
+					(await this.processor.decode({
+						iss: this.issuer,
+					} as Processor.Type.Claims<T>)) as Processor.Type.Payload<T>
+				)[name],
+			}))(this.processor.name("iss"))),
+			...(await (async name => ({
+				[name]: (
+					(await this.processor.decode({
+						aud: this.audience,
+					} as Processor.Type.Claims<T>)) as Processor.Type.Payload<T>
+				)[name],
+			}))(this.processor.name("aud"))),
+		}
+		const encoder = new TextEncoder()
+		const result = `${cryptly.Base64.encode(
+			encoder.encode(JSON.stringify(this.header)),
+			"url"
+		)}.${cryptly.Base64.encode(
+			encoder.encode(JSON.stringify(await this.process(payload as any as Processor.Type.Payload<T>))),
+			"url"
+		)}`
+		return `${result}.${await this.algorithm.sign(result)}`
 	}
-	private static get issuedAt(): number {
-		return Issuer.defaultIssuedAt == undefined
-			? Math.floor(Date.now() / 1000)
-			: typeof Issuer.defaultIssuedAt == "number"
-			? Issuer.defaultIssuedAt
-			: Math.floor(Issuer.defaultIssuedAt.getTime() / 1000)
+	static create<T extends Processor.Type.Constraints<T>>(
+		configuration: Processor.Configuration<T>,
+		issuer: string,
+		audience: string,
+		algorithm: Algorithm
+	): Issuer<T>
+	static create<T extends Processor.Type.Constraints<T>>(
+		processor: Processor<T>,
+		issuer: string,
+		audience: string,
+		algorithm: Algorithm
+	): Issuer<T>
+	static create<T extends Processor.Type.Constraints<T>>(
+		source: Processor<T> | Processor.Configuration<T>,
+		issuer: string,
+		audience: string,
+		algorithm: Algorithm
+	): Issuer<T> {
+		return source instanceof Processor
+			? new this(source, issuer, audience, algorithm)
+			: this.create(Processor.create(source), issuer, audience, algorithm)
 	}
-	static defaultIssuedAt: undefined | Date | number
-	static create<T extends Payload>(issuer: string, algorithm: Algorithm): Issuer<T>
-	static create<T extends Payload>(issuer: string, algorithm: Algorithm | undefined): Issuer<T> | undefined
-	static create<T extends Payload>(issuer: string, algorithm: Algorithm | undefined): Issuer<T> | undefined {
-		return (algorithm && new Issuer(issuer, algorithm)) || undefined
+}
+export namespace Issuer {
+	export interface Options {
+		issued?: isoly.DateTime | number
 	}
 }
-export namespace Issuer {}

Processor/Configuration.ts

@@ -0,0 +1,20 @@
+import { typedly } from "typedly"
+import { Converter } from "./Converter"
+import { Type } from "./Type"
+
+export type Configuration<T extends Type.Constraints<T> = Type.Standard> = {
+	[Claim in keyof T]: Configuration.Property<T, Claim>
+}
+export namespace Configuration {
+	export type Property<T extends Type.Constraints<T>, P extends keyof T> = {
+		name: T[P]["name"]
+		encode: (
+			value: T[P]["original"],
+			context: Converter.Context.Encode<Type.Payload<T>, Type.Claims<T>>
+		) => typedly.Promise.Maybe<T[P]["encoded"]>
+		decode: (
+			value: T[P]["encoded"],
+			context: Converter.Context.Decode<Type.Payload<T>, Type.Claims<T>>
+		) => typedly.Promise.Maybe<T[P]["original"]>
+	}
+}