From dada291b4636808e80b9cceec0383443fd20941b Mon Sep 17 00:00:00 2001 From: Stephan Schreiber <30500338+schreibse@users.noreply.github.com> Date: Tue, 25 Jun 2024 06:44:17 -0500 Subject: [PATCH] Replace `js-sha256` dependency with `@noble/hashes` in Keycloak JS (#30667) Closes #15769 Signed-off-by: Stephan Schreiber --- js/libs/keycloak-js/package.json | 2 +- js/libs/keycloak-js/rollup.config.ts | 2 +- js/libs/keycloak-js/src/keycloak.js | 4 ++-- pnpm-lock.yaml | 17 +++++++++-------- 4 files changed, 13 insertions(+), 12 deletions(-) diff --git a/js/libs/keycloak-js/package.json b/js/libs/keycloak-js/package.json index 89ec4ada3c..85d241a80b 100644 --- a/js/libs/keycloak-js/package.json +++ b/js/libs/keycloak-js/package.json @@ -78,7 +78,7 @@ "shx": "^0.3.4" }, "dependencies": { - "js-sha256": "^0.11.0", + "@noble/hashes": "^1.4.0", "jwt-decode": "^4.0.0" } } diff --git a/js/libs/keycloak-js/rollup.config.ts b/js/libs/keycloak-js/rollup.config.ts index 51817df0d5..4e4009787e 100644 --- a/js/libs/keycloak-js/rollup.config.ts +++ b/js/libs/keycloak-js/rollup.config.ts @@ -39,7 +39,7 @@ function defineOptions({ file: path.join(targetDir, `${file}.mjs`), }, ], - external: ["js-sha256", "jwt-decode"], + external: ["@noble/hashes", "jwt-decode"], }, // Legacy Universal Module Definition, or “UMD”, with inlined dependencies. { diff --git a/js/libs/keycloak-js/src/keycloak.js b/js/libs/keycloak-js/src/keycloak.js index 5ad03f510d..f3b46164ca 100755 --- a/js/libs/keycloak-js/src/keycloak.js +++ b/js/libs/keycloak-js/src/keycloak.js @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -import sha256 from 'js-sha256'; +import { sha256 } from '@noble/hashes/sha256'; import { jwtDecode } from 'jwt-decode'; if (typeof Promise === 'undefined') { @@ -382,7 +382,7 @@ function Keycloak (config) { } // hash codeVerifier, then encode as url-safe base64 without padding - const hashBytes = new Uint8Array(sha256.arrayBuffer(codeVerifier)); + const hashBytes = sha256(codeVerifier); const encodedHash = bytesToBase64(hashBytes) .replace(/\+/g, '-') .replace(/\//g, '_') diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index ad7b46a120..818ed2c092 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -356,9 +356,9 @@ importers: js/libs/keycloak-js: dependencies: - js-sha256: - specifier: ^0.11.0 - version: 0.11.0 + '@noble/hashes': + specifier: ^1.4.0 + version: 1.4.0 jwt-decode: specifier: ^4.0.0 version: 4.0.0 @@ -1073,6 +1073,10 @@ packages: react: ^16.8.0 || ^17.0.0 || ^18.0.0 react-dom: ^16.8.0 || ^17.0.0 || ^18.0.0 + '@noble/hashes@1.4.0': + resolution: {integrity: sha512-V1JJ1WTRUqHHrOSh597hURcMqVKVGL/ea3kv0gSnEdsEZ0/+VyPghM1lMNGc00z7CIQorSvbKpuJkxvuHbvdbg==} + engines: {node: '>= 16'} + '@nodelib/fs.scandir@2.1.5': resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==} engines: {node: '>= 8'} @@ -3361,9 +3365,6 @@ packages: jquery@3.7.1: resolution: {integrity: sha512-m4avr8yL8kmFN8psrbFFFmB/If14iN5o9nw/NgnnM+kybDJpRsAynV2BsfpTYrTRysYUdADVD7CkUUizgkpLfg==} - js-sha256@0.11.0: - resolution: {integrity: sha512-6xNlKayMZvds9h1Y1VWc0fQHQ82BxTXizWPEtEeGvmOUYpBRy4gbWroHLpzowe6xiQhHpelCQiE7HEdznyBL9Q==} - js-tokens@4.0.0: resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==} @@ -5571,6 +5572,8 @@ snapshots: react: 18.3.1 react-dom: 18.3.1(react@18.3.1) + '@noble/hashes@1.4.0': {} + '@nodelib/fs.scandir@2.1.5': dependencies: '@nodelib/fs.stat': 2.0.5 @@ -8196,8 +8199,6 @@ snapshots: jquery@3.7.1: {} - js-sha256@0.11.0: {} - js-tokens@4.0.0: {} js-tokens@9.0.0: {}