From bb80cdf5a6157ca1f3a276e12e9faae9a4739cb7 Mon Sep 17 00:00:00 2001
From: dh_ackergaul <dh_ackergaul@dh-software.de>
Date: Di, 23 Jun 2026 11:16:18 +0200
Subject: [PATCH] Update emvheya - 23.6.2026, 11:16:10 [JD]

---
 manufacturer/_furnview/furnplan-web/node_modules/jose/dist/webapi/jws/flattened/verify.js |  110 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 110 insertions(+), 0 deletions(-)

diff --git a/manufacturer/_furnview/furnplan-web/node_modules/jose/dist/webapi/jws/flattened/verify.js b/manufacturer/_furnview/furnplan-web/node_modules/jose/dist/webapi/jws/flattened/verify.js
new file mode 100644
index 0000000..3857393
--- /dev/null
+++ b/manufacturer/_furnview/furnplan-web/node_modules/jose/dist/webapi/jws/flattened/verify.js
@@ -0,0 +1,110 @@
+import { decode as b64u } from '../../util/base64url.js';
+import { verify } from '../../lib/signing.js';
+import { JOSEAlgNotAllowed, JWSInvalid, JWSSignatureVerificationFailed } from '../../util/errors.js';
+import { concat, encoder, decoder, encode } from '../../lib/buffer_utils.js';
+import { decodeBase64url } from '../../lib/helpers.js';
+import { isDisjoint } from '../../lib/type_checks.js';
+import { isObject } from '../../lib/type_checks.js';
+import { checkKeyType } from '../../lib/check_key_type.js';
+import { validateCrit } from '../../lib/validate_crit.js';
+import { validateAlgorithms } from '../../lib/validate_algorithms.js';
+import { normalizeKey } from '../../lib/normalize_key.js';
+export async function flattenedVerify(jws, key, options) {
+    if (!isObject(jws)) {
+        throw new JWSInvalid('Flattened JWS must be an object');
+    }
+    if (jws.protected === undefined && jws.header === undefined) {
+        throw new JWSInvalid('Flattened JWS must have either of the "protected" or "header" members');
+    }
+    if (jws.protected !== undefined && typeof jws.protected !== 'string') {
+        throw new JWSInvalid('JWS Protected Header incorrect type');
+    }
+    if (jws.payload === undefined) {
+        throw new JWSInvalid('JWS Payload missing');
+    }
+    if (typeof jws.signature !== 'string') {
+        throw new JWSInvalid('JWS Signature missing or incorrect type');
+    }
+    if (jws.header !== undefined && !isObject(jws.header)) {
+        throw new JWSInvalid('JWS Unprotected Header incorrect type');
+    }
+    let parsedProt = {};
+    if (jws.protected) {
+        try {
+            const protectedHeader = b64u(jws.protected);
+            parsedProt = JSON.parse(decoder.decode(protectedHeader));
+        }
+        catch {
+            throw new JWSInvalid('JWS Protected Header is invalid');
+        }
+    }
+    if (!isDisjoint(parsedProt, jws.header)) {
+        throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint');
+    }
+    const joseHeader = {
+        ...parsedProt,
+        ...jws.header,
+    };
+    const extensions = validateCrit(JWSInvalid, new Map([['b64', true]]), options?.crit, parsedProt, joseHeader);
+    let b64 = true;
+    if (extensions.has('b64')) {
+        b64 = parsedProt.b64;
+        if (typeof b64 !== 'boolean') {
+            throw new JWSInvalid('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
+        }
+    }
+    const { alg } = joseHeader;
+    if (typeof alg !== 'string' || !alg) {
+        throw new JWSInvalid('JWS "alg" (Algorithm) Header Parameter missing or invalid');
+    }
+    const algorithms = options && validateAlgorithms('algorithms', options.algorithms);
+    if (algorithms && !algorithms.has(alg)) {
+        throw new JOSEAlgNotAllowed('"alg" (Algorithm) Header Parameter value not allowed');
+    }
+    if (b64) {
+        if (typeof jws.payload !== 'string') {
+            throw new JWSInvalid('JWS Payload must be a string');
+        }
+    }
+    else if (typeof jws.payload !== 'string' && !(jws.payload instanceof Uint8Array)) {
+        throw new JWSInvalid('JWS Payload must be a string or an Uint8Array instance');
+    }
+    let resolvedKey = false;
+    if (typeof key === 'function') {
+        key = await key(parsedProt, jws);
+        resolvedKey = true;
+    }
+    checkKeyType(alg, key, 'verify');
+    const data = concat(jws.protected !== undefined ? encode(jws.protected) : new Uint8Array(), encode('.'), typeof jws.payload === 'string'
+        ? b64
+            ? encode(jws.payload)
+            : encoder.encode(jws.payload)
+        : jws.payload);
+    const signature = decodeBase64url(jws.signature, 'signature', JWSInvalid);
+    const k = await normalizeKey(key, alg);
+    const verified = await verify(alg, k, signature, data);
+    if (!verified) {
+        throw new JWSSignatureVerificationFailed();
+    }
+    let payload;
+    if (b64) {
+        payload = decodeBase64url(jws.payload, 'payload', JWSInvalid);
+    }
+    else if (typeof jws.payload === 'string') {
+        payload = encoder.encode(jws.payload);
+    }
+    else {
+        payload = jws.payload;
+    }
+    const result = { payload };
+    if (jws.protected !== undefined) {
+        result.protectedHeader = parsedProt;
+    }
+    if (jws.header !== undefined) {
+        result.unprotectedHeader = jws.header;
+    }
+    if (resolvedKey) {
+        return { ...result, key: k };
+    }
+    return result;
+}

--
Gitblit v1.9.3