platform/packages/auth/lib/auth.dart

/*
 * This file is part of the Protevus Platform.
 *
 * (C) Protevus <developers@protevus.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

import 'package:protevus_auth/auth.dart';
import 'package:protevus_hashing/hashing.dart';
import 'package:crypto/crypto.dart';

export 'src/auth_code_controller.dart';
export 'src/auth_controller.dart';
export 'src/auth_redirect_controller.dart';
export 'src/authorization_parser.dart';
export 'src/authorization_server.dart';
export 'src/authorizer.dart';
export 'src/exceptions.dart';
export 'src/objects.dart';
export 'src/protocols.dart';
export 'src/validator.dart';

/// A utility method to generate a password hash using the PBKDF2 scheme.
///
/// This function takes a password and salt as input and generates a secure hash
/// using the PBKDF2 (Password-Based Key Derivation Function 2) algorithm.
String generatePasswordHash(
  String password,
  String salt, {
  int hashRounds = 1000,
  int hashLength = 32,
  Hash? hashFunction,
}) {
  final generator = PBKDF2(hashAlgorithm: hashFunction ?? sha256);
  return generator.generateBase64Key(password, salt, hashRounds, hashLength);
}

/// A utility method to generate a random base64 salt.
///
/// This function generates a random salt encoded as a base64 string.
/// The salt is useful for adding randomness to password hashing processes,
/// making them more resistant to attacks.
String generateRandomSalt({int hashLength = 32}) {
  return generateAsBase64String(hashLength);
}

/// A utility method to generate a ClientID and Client Secret Pair.
///
/// This function creates an [AuthClient] instance, which can be either public or confidential,
/// depending on whether a secret is provided.
///
/// Any client that allows the authorization code flow must include [redirectURI].
///
/// Note that [secret] is hashed with a randomly generated salt, and therefore cannot be retrieved
/// later. The plain-text secret must be stored securely elsewhere.
AuthClient generateAPICredentialPair(
  String clientID,
  String? secret, {
  String? redirectURI,
  int hashLength = 32,
  int hashRounds = 1000,
  Hash? hashFunction,
}) {
  if (secret == null) {
    return AuthClient.public(clientID, redirectURI: redirectURI);
  }

  final salt = generateRandomSalt(hashLength: hashLength);
  final hashed = generatePasswordHash(
    secret,
    salt,
    hashRounds: hashRounds,
    hashLength: hashLength,
    hashFunction: hashFunction,
  );

  return AuthClient.withRedirectURI(clientID, hashed, salt, redirectURI);
}
add(conduit): refactoring conduit core 2024-09-03 20:15:08 +00:00			`/*`
			`* This file is part of the Protevus Platform.`
			`*`
			`* (C) Protevus <developers@protevus.com>`
			`*`
			`* For the full copyright and license information, please view the LICENSE`
			`* file that was distributed with this source code.`
			`*/`

update: updating files with detailed comments 2024-09-06 18:52:59 +00:00			`import 'package:protevus_auth/auth.dart';`
			`import 'package:protevus_hashing/hashing.dart';`
			`import 'package:crypto/crypto.dart';`
add(conduit): refactoring conduit core 2024-09-03 20:15:08 +00:00
			`export 'src/auth_code_controller.dart';`
			`export 'src/auth_controller.dart';`
			`export 'src/auth_redirect_controller.dart';`
			`export 'src/authorization_parser.dart';`
			`export 'src/authorization_server.dart';`
			`export 'src/authorizer.dart';`
			`export 'src/exceptions.dart';`
			`export 'src/objects.dart';`
			`export 'src/protocols.dart';`
			`export 'src/validator.dart';`
update: updating files with detailed comments 2024-09-06 18:52:59 +00:00
			`/// A utility method to generate a password hash using the PBKDF2 scheme.`
			`///`
			`/// This function takes a password and salt as input and generates a secure hash`
			`/// using the PBKDF2 (Password-Based Key Derivation Function 2) algorithm.`
			`String generatePasswordHash(`
			`String password,`
			`String salt, {`
			`int hashRounds = 1000,`
			`int hashLength = 32,`
			`Hash? hashFunction,`
			`}) {`
			`final generator = PBKDF2(hashAlgorithm: hashFunction ?? sha256);`
			`return generator.generateBase64Key(password, salt, hashRounds, hashLength);`
			`}`

			`/// A utility method to generate a random base64 salt.`
			`///`
			`/// This function generates a random salt encoded as a base64 string.`
			`/// The salt is useful for adding randomness to password hashing processes,`
			`/// making them more resistant to attacks.`
			`String generateRandomSalt({int hashLength = 32}) {`
			`return generateAsBase64String(hashLength);`
			`}`

			`/// A utility method to generate a ClientID and Client Secret Pair.`
			`///`
			`/// This function creates an [AuthClient] instance, which can be either public or confidential,`
			`/// depending on whether a secret is provided.`
			`///`
			`/// Any client that allows the authorization code flow must include [redirectURI].`
			`///`
			`/// Note that [secret] is hashed with a randomly generated salt, and therefore cannot be retrieved`
			`/// later. The plain-text secret must be stored securely elsewhere.`
			`AuthClient generateAPICredentialPair(`
			`String clientID,`
			`String? secret, {`
			`String? redirectURI,`
			`int hashLength = 32,`
			`int hashRounds = 1000,`
			`Hash? hashFunction,`
			`}) {`
			`if (secret == null) {`
			`return AuthClient.public(clientID, redirectURI: redirectURI);`
			`}`

			`final salt = generateRandomSalt(hashLength: hashLength);`
			`final hashed = generatePasswordHash(`
			`secret,`
			`salt,`
			`hashRounds: hashRounds,`
			`hashLength: hashLength,`
			`hashFunction: hashFunction,`
			`);`

			`return AuthClient.withRedirectURI(clientID, hashed, salt, redirectURI);`
			`}`