refactor(oauth-browser-client): use browser-native base64 serialization when possible

Author: mary-ext

.changeset/easy-parents-rest.md

@@ -0,0 +1,5 @@
+---
+'@atcute/oauth-browser-client': patch
+---
+
+use browser-native base64 serialization when possible

packages/oauth/browser-client/lib/dpop.ts

@@ -1,7 +1,9 @@
+import { fromBase64Url, toBase64Url } from '@atcute/multibase';
+
 import { database } from './environment.js';
 import type { DPoPKey } from './types/dpop.js';
 import { extractContentType } from './utils/response.js';
-import { encoder, fromBase64Url, generateJti, toBase64Url, toSha256 } from './utils/runtime.js';
+import { encoder, generateJti, stringToSha256 } from './utils/runtime.js';
 
 const ES256_ALG = { name: 'ECDSA', namedCurve: 'P-256' } as const;
 
@@ -67,7 +69,7 @@ export const createDPoPFetch = (issuer: string, dpopKey: DPoPKey, isAuthServer?:
 
 		const authorizationHeader = request.headers.get('authorization');
 		const ath = authorizationHeader?.startsWith('DPoP ')
-			? await toSha256(authorizationHeader.slice(5))
+			? await stringToSha256(authorizationHeader.slice(5))
 			: undefined;
 
 		const { method, url } = request;

packages/oauth/browser-client/lib/utils/runtime.ts

@@ -1,37 +1,13 @@
+import { toBase64Url } from '@atcute/multibase';
+import { toSha256 } from '@atcute/uint8array';
+
 export const encoder = new TextEncoder();
 
 export const locks: LockManager | undefined = typeof navigator !== 'undefined' ? navigator.locks : undefined;
 
-export const toBase64Url = (input: Uint8Array): string => {
-	const CHUNK_SIZE = 0x8000;
-	const arr = [];
-
-	for (let i = 0; i < input.byteLength; i += CHUNK_SIZE) {
-		// @ts-expect-error
-		arr.push(String.fromCharCode.apply(null, input.subarray(i, i + CHUNK_SIZE)));
-	}
-
-	return btoa(arr.join('')).replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_');
-};
-
-export const fromBase64Url = (input: string): Uint8Array => {
-	try {
-		const binary = atob(input.replace(/-/g, '+').replace(/_/g, '/').replace(/\s/g, ''));
-		const bytes = new Uint8Array(binary.length);
-
-		for (let i = 0; i < binary.length; i++) {
-			bytes[i] = binary.charCodeAt(i);
-		}
-
-		return bytes;
-	} catch (err) {
-		throw new TypeError(`invalid base64url`, { cause: err });
-	}
-};
-
-export const toSha256 = async (input: string): Promise<string> => {
+export const stringToSha256 = async (input: string): Promise<string> => {
 	const bytes = encoder.encode(input);
-	const digest = await crypto.subtle.digest('SHA-256', bytes);
+	const digest = await toSha256(bytes);
 
 	return toBase64Url(new Uint8Array(digest));
 };
@@ -49,7 +25,7 @@ export const generatePKCE = async (): Promise<{ verifier: string; challenge: str
 
 	return {
 		verifier: verifier,
-		challenge: await toSha256(verifier),
+		challenge: await stringToSha256(verifier),
 		method: 'S256',
 	};
 };

packages/oauth/browser-client/package.json

@@ -24,7 +24,9 @@
 		"prepublish": "rm -rf dist; pnpm run build"
 	},
 	"dependencies": {
-		"@atcute/client": "workspace:^"
+		"@atcute/client": "workspace:^",
+		"@atcute/multibase": "workspace:^",
+		"@atcute/uint8array": "workspace:^"
 	},
 	"devDependencies": {
 		"@types/bun": "^1.2.1"