@lindorm/aegis 0.6.0 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +11 -0
- package/README.md +142 -180
- package/__tests__/jwe-interop.test.ts +3 -2
- package/__tests__/jwt-interop.test.ts +4 -7
- package/dist/classes/Aegis.d.ts +5 -5
- package/dist/classes/Aegis.d.ts.map +1 -1
- package/dist/classes/Aegis.js +35 -39
- package/dist/classes/Aegis.js.map +1 -1
- package/dist/classes/JweKit.d.ts +2 -2
- package/dist/classes/JweKit.d.ts.map +1 -1
- package/dist/classes/JweKit.js +47 -51
- package/dist/classes/JweKit.js.map +1 -1
- package/dist/classes/JwsKit.d.ts +2 -2
- package/dist/classes/JwsKit.d.ts.map +1 -1
- package/dist/classes/JwsKit.js +32 -36
- package/dist/classes/JwsKit.js.map +1 -1
- package/dist/classes/JwtKit.d.ts +3 -3
- package/dist/classes/JwtKit.d.ts.map +1 -1
- package/dist/classes/JwtKit.js +50 -54
- package/dist/classes/JwtKit.js.map +1 -1
- package/dist/classes/SignatureKit.d.ts +2 -2
- package/dist/classes/SignatureKit.d.ts.map +1 -1
- package/dist/classes/SignatureKit.js +13 -17
- package/dist/classes/SignatureKit.js.map +1 -1
- package/dist/classes/index.d.ts +5 -5
- package/dist/classes/index.d.ts.map +1 -1
- package/dist/classes/index.js +5 -21
- package/dist/classes/index.js.map +1 -1
- package/dist/constants/token-type.js +2 -5
- package/dist/constants/token-type.js.map +1 -1
- package/dist/errors/AegisError.js +2 -6
- package/dist/errors/AegisError.js.map +1 -1
- package/dist/errors/JweError.js +2 -6
- package/dist/errors/JweError.js.map +1 -1
- package/dist/errors/JwsError.js +2 -6
- package/dist/errors/JwsError.js.map +1 -1
- package/dist/errors/JwtError.js +2 -6
- package/dist/errors/JwtError.js.map +1 -1
- package/dist/errors/index.d.ts +4 -4
- package/dist/errors/index.d.ts.map +1 -1
- package/dist/errors/index.js +4 -20
- package/dist/errors/index.js.map +1 -1
- package/dist/guards/index.d.ts +2 -2
- package/dist/guards/index.d.ts.map +1 -1
- package/dist/guards/index.js +2 -18
- package/dist/guards/index.js.map +1 -1
- package/dist/guards/is-parsed-jws.d.ts +1 -1
- package/dist/guards/is-parsed-jws.d.ts.map +1 -1
- package/dist/guards/is-parsed-jws.js +1 -5
- package/dist/guards/is-parsed-jws.js.map +1 -1
- package/dist/guards/is-parsed-jwt.d.ts +1 -1
- package/dist/guards/is-parsed-jwt.d.ts.map +1 -1
- package/dist/guards/is-parsed-jwt.js +1 -5
- package/dist/guards/is-parsed-jwt.js.map +1 -1
- package/dist/index.d.ts +6 -7
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +5 -22
- package/dist/index.js.map +1 -1
- package/dist/interfaces/Aegis.d.ts +3 -3
- package/dist/interfaces/Aegis.d.ts.map +1 -1
- package/dist/interfaces/Aegis.js +1 -2
- package/dist/interfaces/JweKit.d.ts +1 -1
- package/dist/interfaces/JweKit.d.ts.map +1 -1
- package/dist/interfaces/JweKit.js +1 -2
- package/dist/interfaces/JwsKit.d.ts +1 -1
- package/dist/interfaces/JwsKit.d.ts.map +1 -1
- package/dist/interfaces/JwsKit.js +1 -2
- package/dist/interfaces/JwtKit.d.ts +2 -2
- package/dist/interfaces/JwtKit.d.ts.map +1 -1
- package/dist/interfaces/JwtKit.js +1 -2
- package/dist/interfaces/index.d.ts +4 -4
- package/dist/interfaces/index.d.ts.map +1 -1
- package/dist/interfaces/index.js +4 -20
- package/dist/interfaces/index.js.map +1 -1
- package/dist/internal/constants/aegis-profile-keys.js +1 -4
- package/dist/internal/constants/aegis-profile-keys.js.map +1 -1
- package/dist/internal/constants/format.js +1 -4
- package/dist/internal/constants/format.js.map +1 -1
- package/dist/internal/constants/header.js +13 -16
- package/dist/internal/constants/header.js.map +1 -1
- package/dist/internal/utils/compute-jwk-thumbprint.js +5 -9
- package/dist/internal/utils/compute-jwk-thumbprint.js.map +1 -1
- package/dist/internal/utils/compute-typ-header.d.ts +2 -2
- package/dist/internal/utils/compute-typ-header.d.ts.map +1 -1
- package/dist/internal/utils/compute-typ-header.js +6 -12
- package/dist/internal/utils/compute-typ-header.js.map +1 -1
- package/dist/internal/utils/create-hash.d.ts +1 -1
- package/dist/internal/utils/create-hash.d.ts.map +1 -1
- package/dist/internal/utils/create-hash.js +10 -17
- package/dist/internal/utils/create-hash.js.map +1 -1
- package/dist/internal/utils/extract-aegis-profile.d.ts +2 -2
- package/dist/internal/utils/extract-aegis-profile.d.ts.map +1 -1
- package/dist/internal/utils/extract-aegis-profile.js +6 -10
- package/dist/internal/utils/extract-aegis-profile.js.map +1 -1
- package/dist/internal/utils/extract-claims.d.ts +7 -7
- package/dist/internal/utils/extract-claims.d.ts.map +1 -1
- package/dist/internal/utils/extract-claims.js +47 -51
- package/dist/internal/utils/extract-claims.js.map +1 -1
- package/dist/internal/utils/extract-token-delegation.d.ts +2 -2
- package/dist/internal/utils/extract-token-delegation.d.ts.map +1 -1
- package/dist/internal/utils/extract-token-delegation.js +3 -7
- package/dist/internal/utils/extract-token-delegation.js.map +1 -1
- package/dist/internal/utils/generate-token-id.js +4 -8
- package/dist/internal/utils/generate-token-id.js.map +1 -1
- package/dist/internal/utils/jose-header.d.ts +1 -1
- package/dist/internal/utils/jose-header.d.ts.map +1 -1
- package/dist/internal/utils/jose-header.js +14 -19
- package/dist/internal/utils/jose-header.js.map +1 -1
- package/dist/internal/utils/jose-signature.d.ts +1 -1
- package/dist/internal/utils/jose-signature.d.ts.map +1 -1
- package/dist/internal/utils/jose-signature.js +7 -12
- package/dist/internal/utils/jose-signature.js.map +1 -1
- package/dist/internal/utils/jwt-payload.d.ts +3 -3
- package/dist/internal/utils/jwt-payload.d.ts.map +1 -1
- package/dist/internal/utils/jwt-payload.js +79 -86
- package/dist/internal/utils/jwt-payload.js.map +1 -1
- package/dist/internal/utils/jwt-validate.d.ts +2 -2
- package/dist/internal/utils/jwt-validate.d.ts.map +1 -1
- package/dist/internal/utils/jwt-validate.js +13 -17
- package/dist/internal/utils/jwt-validate.js.map +1 -1
- package/dist/internal/utils/jwt-verify.d.ts +3 -3
- package/dist/internal/utils/jwt-verify.d.ts.map +1 -1
- package/dist/internal/utils/jwt-verify.js +18 -22
- package/dist/internal/utils/jwt-verify.js.map +1 -1
- package/dist/internal/utils/parse-introspection.d.ts +2 -2
- package/dist/internal/utils/parse-introspection.d.ts.map +1 -1
- package/dist/internal/utils/parse-introspection.js +12 -16
- package/dist/internal/utils/parse-introspection.js.map +1 -1
- package/dist/internal/utils/parse-userinfo.d.ts +2 -2
- package/dist/internal/utils/parse-userinfo.d.ts.map +1 -1
- package/dist/internal/utils/parse-userinfo.js +10 -14
- package/dist/internal/utils/parse-userinfo.js.map +1 -1
- package/dist/internal/utils/resolve-cert-binding.d.ts +2 -2
- package/dist/internal/utils/resolve-cert-binding.d.ts.map +1 -1
- package/dist/internal/utils/resolve-cert-binding.js +3 -7
- package/dist/internal/utils/resolve-cert-binding.js.map +1 -1
- package/dist/internal/utils/token-header.d.ts +1 -1
- package/dist/internal/utils/token-header.d.ts.map +1 -1
- package/dist/internal/utils/token-header.js +15 -20
- package/dist/internal/utils/token-header.js.map +1 -1
- package/dist/internal/utils/validate-actor.d.ts +1 -1
- package/dist/internal/utils/validate-actor.d.ts.map +1 -1
- package/dist/internal/utils/validate-actor.js +1 -5
- package/dist/internal/utils/validate-actor.js.map +1 -1
- package/dist/internal/utils/validate-crit.js +1 -5
- package/dist/internal/utils/validate-crit.js.map +1 -1
- package/dist/internal/utils/validate.d.ts +1 -1
- package/dist/internal/utils/validate.d.ts.map +1 -1
- package/dist/internal/utils/validate.js +6 -10
- package/dist/internal/utils/validate.js.map +1 -1
- package/dist/internal/utils/verify-cert-binding.d.ts +3 -3
- package/dist/internal/utils/verify-cert-binding.d.ts.map +1 -1
- package/dist/internal/utils/verify-cert-binding.js +4 -8
- package/dist/internal/utils/verify-cert-binding.js.map +1 -1
- package/dist/internal/utils/verify-dpop-proof.d.ts +1 -1
- package/dist/internal/utils/verify-dpop-proof.d.ts.map +1 -1
- package/dist/internal/utils/verify-dpop-proof.js +23 -27
- package/dist/internal/utils/verify-dpop-proof.js.map +1 -1
- package/dist/mocks/create-mock-aegis.d.ts +3 -3
- package/dist/mocks/create-mock-aegis.d.ts.map +1 -1
- package/dist/mocks/create-mock-aegis.js +20 -20
- package/dist/mocks/create-mock-aegis.js.map +1 -1
- package/dist/mocks/jest.d.ts +5 -0
- package/dist/mocks/jest.d.ts.map +1 -0
- package/dist/mocks/jest.js +4 -0
- package/dist/mocks/jest.js.map +1 -0
- package/dist/mocks/vitest.d.ts +6 -0
- package/dist/mocks/vitest.d.ts.map +1 -0
- package/dist/mocks/vitest.js +5 -0
- package/dist/mocks/vitest.js.map +1 -0
- package/dist/types/aegis.d.ts +5 -5
- package/dist/types/aegis.d.ts.map +1 -1
- package/dist/types/aegis.js +1 -2
- package/dist/types/claims/act-claim.js +1 -2
- package/dist/types/claims/aegis-introspection.d.ts +6 -6
- package/dist/types/claims/aegis-introspection.d.ts.map +1 -1
- package/dist/types/claims/aegis-introspection.js +1 -2
- package/dist/types/claims/aegis-profile.js +1 -2
- package/dist/types/claims/aegis-userinfo.d.ts +1 -1
- package/dist/types/claims/aegis-userinfo.d.ts.map +1 -1
- package/dist/types/claims/aegis-userinfo.js +1 -2
- package/dist/types/claims/confirmation-claim.d.ts +1 -1
- package/dist/types/claims/confirmation-claim.d.ts.map +1 -1
- package/dist/types/claims/confirmation-claim.js +1 -2
- package/dist/types/claims/delegation-claims.d.ts +1 -1
- package/dist/types/claims/delegation-claims.d.ts.map +1 -1
- package/dist/types/claims/delegation-claims.js +1 -2
- package/dist/types/claims/index.d.ts +12 -12
- package/dist/types/claims/index.d.ts.map +1 -1
- package/dist/types/claims/index.js +12 -28
- package/dist/types/claims/index.js.map +1 -1
- package/dist/types/claims/jwt/act-claim-wire.js +1 -2
- package/dist/types/claims/jwt/confirmation-claim-wire.d.ts +1 -1
- package/dist/types/claims/jwt/confirmation-claim-wire.d.ts.map +1 -1
- package/dist/types/claims/jwt/confirmation-claim-wire.js +1 -2
- package/dist/types/claims/jwt/delegation-claims-wire.d.ts +1 -1
- package/dist/types/claims/jwt/delegation-claims-wire.d.ts.map +1 -1
- package/dist/types/claims/jwt/delegation-claims-wire.js +1 -2
- package/dist/types/claims/jwt/index.d.ts +9 -9
- package/dist/types/claims/jwt/index.d.ts.map +1 -1
- package/dist/types/claims/jwt/index.js +9 -25
- package/dist/types/claims/jwt/index.js.map +1 -1
- package/dist/types/claims/jwt/jwt-claims.d.ts +6 -6
- package/dist/types/claims/jwt/jwt-claims.d.ts.map +1 -1
- package/dist/types/claims/jwt/jwt-claims.js +1 -2
- package/dist/types/claims/jwt/lindorm-claims-wire.d.ts +2 -2
- package/dist/types/claims/jwt/lindorm-claims-wire.d.ts.map +1 -1
- package/dist/types/claims/jwt/lindorm-claims-wire.js +1 -2
- package/dist/types/claims/jwt/oauth-claims-wire.js +1 -2
- package/dist/types/claims/jwt/oidc-claims-wire.js +1 -2
- package/dist/types/claims/jwt/pop-claims-wire.d.ts +1 -1
- package/dist/types/claims/jwt/pop-claims-wire.d.ts.map +1 -1
- package/dist/types/claims/jwt/pop-claims-wire.js +1 -2
- package/dist/types/claims/jwt/std-claims-wire.js +1 -2
- package/dist/types/claims/lindorm-claims.d.ts +1 -1
- package/dist/types/claims/lindorm-claims.d.ts.map +1 -1
- package/dist/types/claims/lindorm-claims.js +1 -2
- package/dist/types/claims/oauth-claims.js +1 -2
- package/dist/types/claims/oidc-claims.js +1 -2
- package/dist/types/claims/pop-claims.d.ts +1 -1
- package/dist/types/claims/pop-claims.d.ts.map +1 -1
- package/dist/types/claims/pop-claims.js +1 -2
- package/dist/types/claims/std-claims.js +1 -2
- package/dist/types/header.d.ts +3 -3
- package/dist/types/header.d.ts.map +1 -1
- package/dist/types/header.js +1 -2
- package/dist/types/header.js.map +1 -1
- package/dist/types/index.d.ts +9 -9
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js +9 -25
- package/dist/types/index.js.map +1 -1
- package/dist/types/jwe/index.d.ts +4 -4
- package/dist/types/jwe/index.d.ts.map +1 -1
- package/dist/types/jwe/index.js +4 -20
- package/dist/types/jwe/index.js.map +1 -1
- package/dist/types/jwe/jwe-decode.d.ts +1 -1
- package/dist/types/jwe/jwe-decode.d.ts.map +1 -1
- package/dist/types/jwe/jwe-decode.js +1 -2
- package/dist/types/jwe/jwe-decrypt.d.ts +3 -3
- package/dist/types/jwe/jwe-decrypt.d.ts.map +1 -1
- package/dist/types/jwe/jwe-decrypt.js +1 -2
- package/dist/types/jwe/jwe-encrypt.d.ts +2 -2
- package/dist/types/jwe/jwe-encrypt.d.ts.map +1 -1
- package/dist/types/jwe/jwe-encrypt.js +1 -2
- package/dist/types/jwe/jwe-kit.d.ts +1 -1
- package/dist/types/jwe/jwe-kit.d.ts.map +1 -1
- package/dist/types/jwe/jwe-kit.js +1 -2
- package/dist/types/jws/index.d.ts +4 -4
- package/dist/types/jws/index.d.ts.map +1 -1
- package/dist/types/jws/index.js +4 -20
- package/dist/types/jws/index.js.map +1 -1
- package/dist/types/jws/jws-decode.d.ts +1 -1
- package/dist/types/jws/jws-decode.d.ts.map +1 -1
- package/dist/types/jws/jws-decode.js +1 -2
- package/dist/types/jws/jws-kit.d.ts +1 -1
- package/dist/types/jws/jws-kit.d.ts.map +1 -1
- package/dist/types/jws/jws-kit.js +1 -2
- package/dist/types/jws/jws-parse.d.ts +3 -3
- package/dist/types/jws/jws-parse.d.ts.map +1 -1
- package/dist/types/jws/jws-parse.js +1 -2
- package/dist/types/jws/jws-sign.d.ts +2 -2
- package/dist/types/jws/jws-sign.d.ts.map +1 -1
- package/dist/types/jws/jws-sign.js +1 -2
- package/dist/types/jwt/index.d.ts +9 -9
- package/dist/types/jwt/index.d.ts.map +1 -1
- package/dist/types/jwt/index.js +9 -25
- package/dist/types/jwt/index.js.map +1 -1
- package/dist/types/jwt/jwt-claim-matchers.d.ts +1 -1
- package/dist/types/jwt/jwt-claim-matchers.d.ts.map +1 -1
- package/dist/types/jwt/jwt-claim-matchers.js +1 -2
- package/dist/types/jwt/jwt-decode.d.ts +3 -3
- package/dist/types/jwt/jwt-decode.d.ts.map +1 -1
- package/dist/types/jwt/jwt-decode.js +1 -2
- package/dist/types/jwt/jwt-delegation.d.ts +1 -1
- package/dist/types/jwt/jwt-delegation.d.ts.map +1 -1
- package/dist/types/jwt/jwt-delegation.js +1 -2
- package/dist/types/jwt/jwt-dpop.js +1 -2
- package/dist/types/jwt/jwt-kit.d.ts +1 -1
- package/dist/types/jwt/jwt-kit.d.ts.map +1 -1
- package/dist/types/jwt/jwt-kit.js +1 -2
- package/dist/types/jwt/jwt-parse.d.ts +7 -7
- package/dist/types/jwt/jwt-parse.d.ts.map +1 -1
- package/dist/types/jwt/jwt-parse.js +1 -2
- package/dist/types/jwt/jwt-sign.d.ts +4 -4
- package/dist/types/jwt/jwt-sign.d.ts.map +1 -1
- package/dist/types/jwt/jwt-sign.js +1 -2
- package/dist/types/jwt/jwt-validate.d.ts +3 -3
- package/dist/types/jwt/jwt-validate.d.ts.map +1 -1
- package/dist/types/jwt/jwt-validate.js +1 -2
- package/dist/types/jwt/jwt-verify.d.ts +2 -2
- package/dist/types/jwt/jwt-verify.d.ts.map +1 -1
- package/dist/types/jwt/jwt-verify.js +1 -2
- package/dist/types/kit.d.ts +3 -3
- package/dist/types/kit.d.ts.map +1 -1
- package/dist/types/kit.js +1 -2
- package/dist/types/level-of-assurance.js +1 -2
- package/dist/types/signature-kit.d.ts +2 -2
- package/dist/types/signature-kit.d.ts.map +1 -1
- package/dist/types/signature-kit.js +1 -2
- package/package.json +33 -33
- package/vitest.config.mjs +6 -0
- package/__tests__/__mocks__/cbor.ts +0 -17
- package/dist/mocks/index.d.ts +0 -2
- package/dist/mocks/index.d.ts.map +0 -1
- package/dist/mocks/index.js +0 -6
- package/dist/mocks/index.js.map +0 -1
- package/jest.config.interop.mjs +0 -27
- package/tsconfig.interop.json +0 -9
|
@@ -1,56 +1,53 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
const
|
|
13
|
-
const extract_claims_1 = require("./extract-claims");
|
|
14
|
-
const generate_token_id_1 = require("./generate-token-id");
|
|
15
|
-
const actClaimToWire = (claim) => (0, utils_1.removeUndefined)({
|
|
1
|
+
import { B64 } from "@lindorm/b64";
|
|
2
|
+
import { snakeKeys } from "@lindorm/case";
|
|
3
|
+
import { expires, getUnixTime } from "@lindorm/date";
|
|
4
|
+
import { isArray, isDate, isFinite, isObject, isString, isUrlLike } from "@lindorm/is";
|
|
5
|
+
import { removeUndefined } from "@lindorm/utils";
|
|
6
|
+
import { B64U } from "../constants/format.js";
|
|
7
|
+
import { JwtError } from "../../errors/index.js";
|
|
8
|
+
import { createAccessTokenHash, createCodeHash, createStateHash } from "./create-hash.js";
|
|
9
|
+
import { extractAegisProfile } from "./extract-aegis-profile.js";
|
|
10
|
+
import { extractDomainClaims } from "./extract-claims.js";
|
|
11
|
+
import { generateTokenId } from "./generate-token-id.js";
|
|
12
|
+
const actClaimToWire = (claim) => removeUndefined({
|
|
16
13
|
sub: claim.subject,
|
|
17
14
|
iss: claim.issuer,
|
|
18
15
|
aud: claim.audience,
|
|
19
16
|
client_id: claim.clientId,
|
|
20
|
-
act:
|
|
17
|
+
act: isObject(claim.act) ? actClaimToWire(claim.act) : undefined,
|
|
21
18
|
});
|
|
22
|
-
const mapJwtContentToClaims = (config, content, options) => {
|
|
23
|
-
if (!
|
|
24
|
-
throw new
|
|
19
|
+
export const mapJwtContentToClaims = (config, content, options) => {
|
|
20
|
+
if (!isString(config.algorithm)) {
|
|
21
|
+
throw new JwtError("Algorithm is required");
|
|
25
22
|
}
|
|
26
|
-
if (!
|
|
27
|
-
throw new
|
|
23
|
+
if (!isUrlLike(config.issuer)) {
|
|
24
|
+
throw new JwtError("Issuer is required");
|
|
28
25
|
}
|
|
29
26
|
if (!content.expires) {
|
|
30
|
-
throw new
|
|
27
|
+
throw new JwtError("Expires is required");
|
|
31
28
|
}
|
|
32
|
-
if (!
|
|
33
|
-
throw new
|
|
29
|
+
if (!isString(content.subject)) {
|
|
30
|
+
throw new JwtError("Subject is required");
|
|
34
31
|
}
|
|
35
|
-
const { expiresOn } =
|
|
36
|
-
const at_hash =
|
|
32
|
+
const { expiresOn } = expires(content.expires);
|
|
33
|
+
const at_hash = isString(options.accessTokenHash)
|
|
37
34
|
? options.accessTokenHash
|
|
38
|
-
:
|
|
39
|
-
?
|
|
35
|
+
: isString(content.accessToken)
|
|
36
|
+
? createAccessTokenHash(config.algorithm, content.accessToken)
|
|
40
37
|
: undefined;
|
|
41
|
-
const c_hash =
|
|
38
|
+
const c_hash = isString(options.codeHash)
|
|
42
39
|
? options.codeHash
|
|
43
|
-
:
|
|
44
|
-
?
|
|
40
|
+
: isString(content.authCode)
|
|
41
|
+
? createCodeHash(config.algorithm, content.authCode)
|
|
45
42
|
: undefined;
|
|
46
|
-
const s_hash =
|
|
43
|
+
const s_hash = isString(options.stateHash)
|
|
47
44
|
? options.stateHash
|
|
48
|
-
:
|
|
49
|
-
?
|
|
45
|
+
: isString(content.authState)
|
|
46
|
+
? createStateHash(config.algorithm, content.authState)
|
|
50
47
|
: undefined;
|
|
51
|
-
const tokenId =
|
|
52
|
-
const cnf =
|
|
53
|
-
?
|
|
48
|
+
const tokenId = isString(options.tokenId) ? options.tokenId : generateTokenId();
|
|
49
|
+
const cnf = isObject(content.confirmation)
|
|
50
|
+
? removeUndefined({
|
|
54
51
|
jkt: content.confirmation.thumbprint,
|
|
55
52
|
"x5t#S256": content.confirmation.mtlsCertThumbprint,
|
|
56
53
|
jwk: content.confirmation.key,
|
|
@@ -58,69 +55,66 @@ const mapJwtContentToClaims = (config, content, options) => {
|
|
|
58
55
|
jku: content.confirmation.jwkSetUri,
|
|
59
56
|
})
|
|
60
57
|
: undefined;
|
|
61
|
-
return
|
|
62
|
-
aal:
|
|
63
|
-
acr:
|
|
64
|
-
act:
|
|
65
|
-
afr:
|
|
66
|
-
amr:
|
|
58
|
+
return removeUndefined({
|
|
59
|
+
aal: isFinite(content.adjustedAccessLevel) ? content.adjustedAccessLevel : undefined,
|
|
60
|
+
acr: isString(content.authContextClass) ? content.authContextClass : undefined,
|
|
61
|
+
act: isObject(content.act) ? actClaimToWire(content.act) : undefined,
|
|
62
|
+
afr: isArray(content.authFactor) ? content.authFactor : undefined,
|
|
63
|
+
amr: isArray(content.authMethods) ? content.authMethods : undefined,
|
|
67
64
|
at_hash,
|
|
68
|
-
aud:
|
|
69
|
-
auth_time:
|
|
70
|
-
azp:
|
|
65
|
+
aud: isArray(content.audience) ? content.audience : undefined,
|
|
66
|
+
auth_time: isDate(content.authTime) ? getUnixTime(content.authTime) : undefined,
|
|
67
|
+
azp: isString(content.authorizedParty) ? content.authorizedParty : undefined,
|
|
71
68
|
c_hash,
|
|
72
|
-
client_id:
|
|
69
|
+
client_id: isString(content.clientId) ? content.clientId : undefined,
|
|
73
70
|
cnf: cnf && Object.keys(cnf).length > 0 ? cnf : undefined,
|
|
74
|
-
entitlements:
|
|
71
|
+
entitlements: isArray(content.entitlements) ? content.entitlements : undefined,
|
|
75
72
|
exp: expiresOn,
|
|
76
|
-
groups:
|
|
77
|
-
gty:
|
|
78
|
-
may_act:
|
|
79
|
-
iat:
|
|
80
|
-
?
|
|
81
|
-
:
|
|
73
|
+
groups: isArray(content.groups) ? content.groups : undefined,
|
|
74
|
+
gty: isString(content.grantType) ? content.grantType : undefined,
|
|
75
|
+
may_act: isObject(content.mayAct) ? actClaimToWire(content.mayAct) : undefined,
|
|
76
|
+
iat: isDate(options.issuedAt)
|
|
77
|
+
? getUnixTime(options.issuedAt)
|
|
78
|
+
: getUnixTime(new Date()),
|
|
82
79
|
iss: config.issuer,
|
|
83
80
|
jti: tokenId,
|
|
84
|
-
loa:
|
|
85
|
-
nbf:
|
|
86
|
-
?
|
|
87
|
-
:
|
|
88
|
-
nonce:
|
|
89
|
-
permissions:
|
|
90
|
-
roles:
|
|
81
|
+
loa: isFinite(content.levelOfAssurance) ? content.levelOfAssurance : undefined,
|
|
82
|
+
nbf: isDate(content.notBefore)
|
|
83
|
+
? getUnixTime(content.notBefore)
|
|
84
|
+
: getUnixTime(new Date()),
|
|
85
|
+
nonce: isString(content.nonce) ? content.nonce : undefined,
|
|
86
|
+
permissions: isArray(content.permissions) ? content.permissions : undefined,
|
|
87
|
+
roles: isArray(content.roles) ? content.roles : undefined,
|
|
91
88
|
s_hash,
|
|
92
|
-
scope:
|
|
93
|
-
sid:
|
|
94
|
-
sih:
|
|
89
|
+
scope: isArray(content.scope) ? content.scope : undefined,
|
|
90
|
+
sid: isString(content.sessionId) ? content.sessionId : undefined,
|
|
91
|
+
sih: isString(content.sessionHint) ? content.sessionHint : undefined,
|
|
95
92
|
sub: content.subject,
|
|
96
|
-
suh:
|
|
97
|
-
tenant_id:
|
|
93
|
+
suh: isString(content.subjectHint) ? content.subjectHint : undefined,
|
|
94
|
+
tenant_id: isString(content.tenantId) ? content.tenantId : undefined,
|
|
98
95
|
});
|
|
99
96
|
};
|
|
100
|
-
|
|
101
|
-
const
|
|
102
|
-
const
|
|
103
|
-
const
|
|
104
|
-
const
|
|
105
|
-
const payload = b64_1.B64.encode(JSON.stringify({ ...claims, ...profileWire, ...(content.claims ?? {}) }), format_1.B64U);
|
|
97
|
+
export const encodeJwtPayload = (config, content, options) => {
|
|
98
|
+
const claims = mapJwtContentToClaims(config, content, options);
|
|
99
|
+
const { expiresAt, expiresIn, expiresOn } = expires(content.expires);
|
|
100
|
+
const profileWire = isObject(content.profile) ? snakeKeys(content.profile) : {};
|
|
101
|
+
const payload = B64.encode(JSON.stringify({ ...claims, ...profileWire, ...(content.claims ?? {}) }), B64U);
|
|
106
102
|
return { expiresAt, expiresIn, expiresOn, payload, tokenId: claims.jti };
|
|
107
103
|
};
|
|
108
|
-
|
|
109
|
-
const
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
if (!(0, is_1.isFinite)(decoded.exp)) {
|
|
113
|
-
throw new errors_1.JwtError("Missing claim: exp");
|
|
104
|
+
export const decodeJwtPayload = (payload) => JSON.parse(B64.toString(payload));
|
|
105
|
+
export const parseTokenPayload = (decoded) => {
|
|
106
|
+
if (!isFinite(decoded.exp)) {
|
|
107
|
+
throw new JwtError("Missing claim: exp");
|
|
114
108
|
}
|
|
115
|
-
if (!
|
|
116
|
-
throw new
|
|
109
|
+
if (!isFinite(decoded.iat)) {
|
|
110
|
+
throw new JwtError("Missing claim: iat");
|
|
117
111
|
}
|
|
118
|
-
if (!
|
|
119
|
-
throw new
|
|
112
|
+
if (!isString(decoded.iss)) {
|
|
113
|
+
throw new JwtError("Missing claim: iss");
|
|
120
114
|
}
|
|
121
|
-
const { claims: domain, rest } =
|
|
122
|
-
const { profile, rest: customClaims } =
|
|
123
|
-
return
|
|
115
|
+
const { claims: domain, rest } = extractDomainClaims(decoded);
|
|
116
|
+
const { profile, rest: customClaims } = extractAegisProfile(rest);
|
|
117
|
+
return removeUndefined({
|
|
124
118
|
...domain,
|
|
125
119
|
issuer: domain.issuer,
|
|
126
120
|
expiresAt: domain.expiresAt,
|
|
@@ -138,5 +132,4 @@ const parseTokenPayload = (decoded) => {
|
|
|
138
132
|
claims: customClaims,
|
|
139
133
|
});
|
|
140
134
|
};
|
|
141
|
-
exports.parseTokenPayload = parseTokenPayload;
|
|
142
135
|
//# sourceMappingURL=jwt-payload.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-payload.js","sourceRoot":"","sources":["../../../src/internal/utils/jwt-payload.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"jwt-payload.js","sourceRoot":"","sources":["../../../src/internal/utils/jwt-payload.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAC1C,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AACrD,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAGvF,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EAAE,IAAI,EAAE,MAAM,wBAAwB,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AASjD,OAAO,EAAE,qBAAqB,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAC1F,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAiBzD,MAAM,cAAc,GAAG,CAAC,KAAe,EAAgB,EAAE,CACvD,eAAe,CAAC;IACd,GAAG,EAAE,KAAK,CAAC,OAAO;IAClB,GAAG,EAAE,KAAK,CAAC,MAAM;IACjB,GAAG,EAAE,KAAK,CAAC,QAAQ;IACnB,SAAS,EAAE,KAAK,CAAC,QAAQ;IACzB,GAAG,EAAE,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS;CACjE,CAAC,CAAC;AAEL,MAAM,CAAC,MAAM,qBAAqB,GAAG,CACnC,MAAc,EACd,OAA0B,EAC1B,OAAuB,EACZ,EAAE;IACb,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC;QAChC,MAAM,IAAI,QAAQ,CAAC,uBAAuB,CAAC,CAAC;IAC9C,CAAC;IACD,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IAC3C,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;QACrB,MAAM,IAAI,QAAQ,CAAC,qBAAqB,CAAC,CAAC;IAC5C,CAAC;IACD,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,QAAQ,CAAC,qBAAqB,CAAC,CAAC;IAC5C,CAAC;IAED,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAE/C,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,eAAe,CAAC;QAC/C,CAAC,CAAC,OAAO,CAAC,eAAe;QACzB,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,WAAW,CAAC;YAC7B,CAAC,CAAC,qBAAqB,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,WAAW,CAAC;YAC9D,CAAC,CAAC,SAAS,CAAC;IAEhB,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC;QACvC,CAAC,CAAC,OAAO,CAAC,QAAQ;QAClB,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC;YAC1B,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,QAAQ,CAAC;YACpD,CAAC,CAAC,SAAS,CAAC;IAEhB,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC;QACxC,CAAC,CAAC,OAAO,CAAC,SAAS;QACnB,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC;YAC3B,CAAC,CAAC,eAAe,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,SAAS,CAAC;YACtD,CAAC,CAAC,SAAS,CAAC;IAEhB,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC;IAEhF,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,CAAC,YAAY,CAAC;QACxC,CAAC,CAAC,eAAe,CAAC;YACd,GAAG,EAAE,OAAO,CAAC,YAAY,CAAC,UAAU;YACpC,UAAU,EAAE,OAAO,CAAC,YAAY,CAAC,kBAAkB;YACnD,GAAG,EAAE,OAAO,CAAC,YAAY,CAAC,GAAG;YAC7B,GAAG,EAAE,OAAO,CAAC,YAAY,CAAC,KAAK;YAC/B,GAAG,EAAE,OAAO,CAAC,YAAY,CAAC,SAAS;SACpC,CAAC;QACJ,CAAC,CAAC,SAAS,CAAC;IAEd,OAAO,eAAe,CAAC;QACrB,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS;QACpF,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS;QAC9E,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS;QACpE,GAAG,EAAE,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;QACjE,GAAG,EAAE,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;QACnE,OAAO;QACP,GAAG,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;QAC7D,SAAS,EAAE,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;QAC/E,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS;QAC5E,MAAM;QACN,SAAS,EAAE,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;QACpE,GAAG,EAAE,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QACzD,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS;QAC9E,GAAG,EAAE,SAAS;QACd,MAAM,EAAE,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;QAC5D,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;QAChE,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS;QAC9E,GAAG,EAAE,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC;YAC3B,CAAC,CAAC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC;YAC/B,CAAC,CAAC,WAAW,CAAC,IAAI,IAAI,EAAE,CAAC;QAC3B,GAAG,EAAE,MAAM,CAAC,MAAM;QAClB,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS;QAC9E,GAAG,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC;YAC5B,CAAC,CAAC,WAAW,CAAC,OAAO,CAAC,SAAS,CAAC;YAChC,CAAC,CAAC,WAAW,CAAC,IAAI,IAAI,EAAE,CAAC;QAC3B,KAAK,EAAE,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;QAC1D,WAAW,EAAE,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;QAC3E,KAAK,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;QACzD,MAAM;QACN,KAAK,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;QACzD,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;QAChE,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;QACpE,GAAG,EAAE,OAAO,CAAC,OAAO;QACpB,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;QACpE,SAAS,EAAE,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;KACrE,CAAC,CAAC;AACL,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAC9B,MAAc,EACd,OAA0B,EAC1B,OAAuB,EACf,EAAE;IACV,MAAM,MAAM,GAAG,qBAAqB,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC/D,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAMrE,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEhF,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CACxB,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,MAAM,EAAE,GAAG,WAAW,EAAE,GAAG,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC,EAAE,CAAC,EACxE,IAAI,CACL,CAAC;IAEF,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,GAAI,EAAE,CAAC;AAC5E,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAC9B,OAAe,EACE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAoB,CAAC;AAE3E,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAC/B,OAAwB,EACH,EAAE;IACvB,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3B,MAAM,IAAI,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IAC3C,CAAC;IACD,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3B,MAAM,IAAI,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IAC3C,CAAC;IACD,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3B,MAAM,IAAI,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IAC3C,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;IAC9D,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;IAIlE,OAAO,eAAe,CAAC;QACrB,GAAG,MAAM;QAET,MAAM,EAAE,MAAM,CAAC,MAAO;QACtB,SAAS,EAAE,MAAM,CAAC,SAAU;QAC5B,QAAQ,EAAE,MAAM,CAAC,QAAS;QAE1B,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,EAAE;QAC/B,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,EAAE;QACrC,YAAY,EAAE,MAAM,CAAC,YAAY,IAAI,EAAE;QACvC,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,EAAE;QAC3B,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,EAAE;QACrC,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,EAAE;QACzB,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,EAAE;QAEzB,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,SAAS;QACpC,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,SAAS;QACpC,OAAO;QACP,MAAM,EAAE,YAAiB;KAC1B,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { Dict, Predicate } from "@lindorm/types";
|
|
2
|
-
import { ValidateJwtOptions } from "../../types";
|
|
1
|
+
import type { Dict, Predicate } from "@lindorm/types";
|
|
2
|
+
import type { ValidateJwtOptions } from "../../types/index.js";
|
|
3
3
|
export declare const createJwtValidate: (validate: ValidateJwtOptions) => Predicate<Dict>;
|
|
4
4
|
//# sourceMappingURL=jwt-validate.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-validate.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/jwt-validate.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,SAAS,EAAqB,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"jwt-validate.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/jwt-validate.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,IAAI,EAAE,SAAS,EAAqB,MAAM,gBAAgB,CAAC;AACzE,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAG/D,eAAO,MAAM,iBAAiB,GAAI,UAAU,kBAAkB,KAAG,SAAS,CAAC,IAAI,CAwC9E,CAAC"}
|
|
@@ -1,39 +1,36 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
const is_1 = require("@lindorm/is");
|
|
5
|
-
const create_hash_1 = require("./create-hash");
|
|
6
|
-
const createJwtValidate = (validate) => {
|
|
1
|
+
import { isArray, isNumber, isObject, isString } from "@lindorm/is";
|
|
2
|
+
import { createAccessTokenHash, createCodeHash, createStateHash } from "./create-hash.js";
|
|
3
|
+
export const createJwtValidate = (validate) => {
|
|
7
4
|
const algorithm = validate.algorithm;
|
|
8
5
|
const predicate = {};
|
|
9
6
|
for (const [key, value] of Object.entries(validate)) {
|
|
10
7
|
if (key === "algorithm")
|
|
11
8
|
continue;
|
|
12
|
-
if (key === "accessToken" && algorithm &&
|
|
13
|
-
predicate[key] = { $eq:
|
|
9
|
+
if (key === "accessToken" && algorithm && isString(value)) {
|
|
10
|
+
predicate[key] = { $eq: createAccessTokenHash(algorithm, value) };
|
|
14
11
|
continue;
|
|
15
12
|
}
|
|
16
|
-
if (key === "authCode" && algorithm &&
|
|
17
|
-
predicate[key] = { $eq:
|
|
13
|
+
if (key === "authCode" && algorithm && isString(value)) {
|
|
14
|
+
predicate[key] = { $eq: createCodeHash(algorithm, value) };
|
|
18
15
|
continue;
|
|
19
16
|
}
|
|
20
|
-
if (key === "authState" && algorithm &&
|
|
21
|
-
predicate[key] = { $eq:
|
|
17
|
+
if (key === "authState" && algorithm && isString(value)) {
|
|
18
|
+
predicate[key] = { $eq: createStateHash(algorithm, value) };
|
|
22
19
|
continue;
|
|
23
20
|
}
|
|
24
|
-
if (
|
|
21
|
+
if (isArray(value)) {
|
|
25
22
|
predicate[key] = { $all: value };
|
|
26
23
|
continue;
|
|
27
24
|
}
|
|
28
|
-
if (
|
|
25
|
+
if (isNumber(value)) {
|
|
29
26
|
predicate[key] = { $eq: value };
|
|
30
27
|
continue;
|
|
31
28
|
}
|
|
32
|
-
if (
|
|
29
|
+
if (isString(value)) {
|
|
33
30
|
predicate[key] = { $eq: value };
|
|
34
31
|
continue;
|
|
35
32
|
}
|
|
36
|
-
if (
|
|
33
|
+
if (isObject(value)) {
|
|
37
34
|
predicate[key] = value;
|
|
38
35
|
continue;
|
|
39
36
|
}
|
|
@@ -41,5 +38,4 @@ const createJwtValidate = (validate) => {
|
|
|
41
38
|
}
|
|
42
39
|
return predicate;
|
|
43
40
|
};
|
|
44
|
-
exports.createJwtValidate = createJwtValidate;
|
|
45
41
|
//# sourceMappingURL=jwt-validate.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-validate.js","sourceRoot":"","sources":["../../../src/internal/utils/jwt-validate.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"jwt-validate.js","sourceRoot":"","sources":["../../../src/internal/utils/jwt-validate.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAGpE,OAAO,EAAE,qBAAqB,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAE1F,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,QAA4B,EAAmB,EAAE;IACjF,MAAM,SAAS,GAAG,QAAQ,CAAC,SAAS,CAAC;IACrC,MAAM,SAAS,GAAoB,EAAE,CAAC;IAEtC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QACpD,IAAI,GAAG,KAAK,WAAW;YAAE,SAAS;QAElC,IAAI,GAAG,KAAK,aAAa,IAAI,SAAS,IAAI,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1D,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,qBAAqB,CAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAClE,SAAS;QACX,CAAC;QACD,IAAI,GAAG,KAAK,UAAU,IAAI,SAAS,IAAI,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACvD,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,cAAc,CAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAC3D,SAAS;QACX,CAAC;QACD,IAAI,GAAG,KAAK,WAAW,IAAI,SAAS,IAAI,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACxD,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,eAAe,CAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAC5D,SAAS;QACX,CAAC;QACD,IAAI,OAAO,CAAS,KAAK,CAAC,EAAE,CAAC;YAC3B,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;YACjC,SAAS;QACX,CAAC;QACD,IAAI,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;YAChC,SAAS;QACX,CAAC;QACD,IAAI,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;YAChC,SAAS;QACX,CAAC;QACD,IAAI,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,GAAG,CAAC,GAAG,KAA+B,CAAC;YACjD,SAAS;QACX,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,sBAAsB,KAAY,aAAa,GAAG,EAAE,CAAC,CAAC;IACxE,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { KryptosAlgorithm } from "@lindorm/kryptos";
|
|
2
|
-
import { Dict, Predicate } from "@lindorm/types";
|
|
3
|
-
import { VerifyJwtOptions } from "../../types";
|
|
1
|
+
import type { KryptosAlgorithm } from "@lindorm/kryptos";
|
|
2
|
+
import type { Dict, Predicate } from "@lindorm/types";
|
|
3
|
+
import type { VerifyJwtOptions } from "../../types/index.js";
|
|
4
4
|
export declare const createJwtVerify: (algorithm: KryptosAlgorithm, verify: VerifyJwtOptions, clockTolerance: number) => Predicate<Dict>;
|
|
5
5
|
//# sourceMappingURL=jwt-verify.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-verify.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/jwt-verify.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"jwt-verify.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/jwt-verify.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACzD,OAAO,KAAK,EAAE,IAAI,EAAE,SAAS,EAAqB,MAAM,gBAAgB,CAAC;AACzE,OAAO,KAAK,EAAa,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AA0DxE,eAAO,MAAM,eAAe,GAC1B,WAAW,gBAAgB,EAC3B,QAAQ,gBAAgB,EACxB,gBAAgB,MAAM,KACrB,SAAS,CAAC,IAAI,CAkFhB,CAAC"}
|
|
@@ -1,9 +1,6 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
const date_1 = require("@lindorm/date");
|
|
5
|
-
const is_1 = require("@lindorm/is");
|
|
6
|
-
const create_hash_1 = require("./create-hash");
|
|
1
|
+
import { addSeconds, subSeconds } from "@lindorm/date";
|
|
2
|
+
import { isArray, isNumber, isObject, isString } from "@lindorm/is";
|
|
3
|
+
import { createAccessTokenHash, createCodeHash, createStateHash } from "./create-hash.js";
|
|
7
4
|
const mapVerify = (key) => {
|
|
8
5
|
switch (key) {
|
|
9
6
|
case "accessToken":
|
|
@@ -58,19 +55,19 @@ const mapVerify = (key) => {
|
|
|
58
55
|
throw new Error(`Unsupported key: ${key} for JWT verification`);
|
|
59
56
|
}
|
|
60
57
|
};
|
|
61
|
-
const createJwtVerify = (algorithm, verify, clockTolerance) => {
|
|
58
|
+
export const createJwtVerify = (algorithm, verify, clockTolerance) => {
|
|
62
59
|
const predicate = {
|
|
63
60
|
iat: {
|
|
64
|
-
$or: [{ $exists: false }, { $lte:
|
|
61
|
+
$or: [{ $exists: false }, { $lte: addSeconds(new Date(), clockTolerance) }],
|
|
65
62
|
},
|
|
66
63
|
nbf: {
|
|
67
|
-
$or: [{ $exists: false }, { $lte:
|
|
64
|
+
$or: [{ $exists: false }, { $lte: addSeconds(new Date(), clockTolerance) }],
|
|
68
65
|
},
|
|
69
66
|
exp: {
|
|
70
|
-
$or: [{ $exists: false }, { $gte:
|
|
67
|
+
$or: [{ $exists: false }, { $gte: subSeconds(new Date(), clockTolerance) }],
|
|
71
68
|
},
|
|
72
69
|
auth_time: {
|
|
73
|
-
$or: [{ $exists: false }, { $lte:
|
|
70
|
+
$or: [{ $exists: false }, { $lte: addSeconds(new Date(), clockTolerance) }],
|
|
74
71
|
},
|
|
75
72
|
};
|
|
76
73
|
const ARRAY_CLAIM_KEYS = new Set([
|
|
@@ -93,27 +90,27 @@ const createJwtVerify = (algorithm, verify, clockTolerance) => {
|
|
|
93
90
|
if (key === "trustBoundThumbprint")
|
|
94
91
|
continue;
|
|
95
92
|
const mapped = mapVerify(key);
|
|
96
|
-
if (mapped === "at_hash" &&
|
|
97
|
-
predicate[mapped] = { $eq:
|
|
93
|
+
if (mapped === "at_hash" && isString(value)) {
|
|
94
|
+
predicate[mapped] = { $eq: createAccessTokenHash(algorithm, value) };
|
|
98
95
|
continue;
|
|
99
96
|
}
|
|
100
|
-
if (mapped === "c_hash" &&
|
|
101
|
-
predicate[mapped] = { $eq:
|
|
97
|
+
if (mapped === "c_hash" && isString(value)) {
|
|
98
|
+
predicate[mapped] = { $eq: createCodeHash(algorithm, value) };
|
|
102
99
|
continue;
|
|
103
100
|
}
|
|
104
|
-
if (mapped === "s_hash" &&
|
|
105
|
-
predicate[mapped] = { $eq:
|
|
101
|
+
if (mapped === "s_hash" && isString(value)) {
|
|
102
|
+
predicate[mapped] = { $eq: createStateHash(algorithm, value) };
|
|
106
103
|
continue;
|
|
107
104
|
}
|
|
108
|
-
if (
|
|
105
|
+
if (isArray(value)) {
|
|
109
106
|
predicate[mapped] = { $all: value };
|
|
110
107
|
continue;
|
|
111
108
|
}
|
|
112
|
-
if (
|
|
109
|
+
if (isNumber(value)) {
|
|
113
110
|
predicate[mapped] = { $eq: value };
|
|
114
111
|
continue;
|
|
115
112
|
}
|
|
116
|
-
if (
|
|
113
|
+
if (isString(value)) {
|
|
117
114
|
if (ARRAY_CLAIM_KEYS.has(mapped)) {
|
|
118
115
|
predicate[mapped] = { $all: [value] };
|
|
119
116
|
continue;
|
|
@@ -121,7 +118,7 @@ const createJwtVerify = (algorithm, verify, clockTolerance) => {
|
|
|
121
118
|
predicate[mapped] = { $eq: value };
|
|
122
119
|
continue;
|
|
123
120
|
}
|
|
124
|
-
if (
|
|
121
|
+
if (isObject(value)) {
|
|
125
122
|
predicate[mapped] = value;
|
|
126
123
|
continue;
|
|
127
124
|
}
|
|
@@ -129,5 +126,4 @@ const createJwtVerify = (algorithm, verify, clockTolerance) => {
|
|
|
129
126
|
}
|
|
130
127
|
return predicate;
|
|
131
128
|
};
|
|
132
|
-
exports.createJwtVerify = createJwtVerify;
|
|
133
129
|
//# sourceMappingURL=jwt-verify.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-verify.js","sourceRoot":"","sources":["../../../src/internal/utils/jwt-verify.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"jwt-verify.js","sourceRoot":"","sources":["../../../src/internal/utils/jwt-verify.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AACvD,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAIpE,OAAO,EAAE,qBAAqB,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAE1F,MAAM,SAAS,GAAG,CAAC,GAA2B,EAAmB,EAAE;IACjE,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,aAAa;YAChB,OAAO,SAAS,CAAC;QACnB,KAAK,qBAAqB;YACxB,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,QAAQ,CAAC;QAClB,KAAK,kBAAkB;YACrB,OAAO,KAAK,CAAC;QACf,KAAK,YAAY;YACf,OAAO,KAAK,CAAC;QACf,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,iBAAiB;YACpB,OAAO,KAAK,CAAC;QACf,KAAK,WAAW;YACd,OAAO,QAAQ,CAAC;QAClB,KAAK,UAAU;YACb,OAAO,WAAW,CAAC;QACrB,KAAK,UAAU;YACb,OAAO,WAAW,CAAC;QACrB,KAAK,cAAc;YACjB,OAAO,cAAc,CAAC;QACxB,KAAK,WAAW;YACd,OAAO,KAAK,CAAC;QACf,KAAK,QAAQ;YACX,OAAO,QAAQ,CAAC;QAClB,KAAK,QAAQ;YACX,OAAO,KAAK,CAAC;QACf,KAAK,kBAAkB;YACrB,OAAO,KAAK,CAAC;QACf,KAAK,OAAO;YACV,OAAO,OAAO,CAAC;QACjB,KAAK,aAAa;YAChB,OAAO,aAAa,CAAC;QACvB,KAAK,OAAO;YACV,OAAO,OAAO,CAAC;QACjB,KAAK,OAAO;YACV,OAAO,OAAO,CAAC;QACjB,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,SAAS;YACZ,OAAO,KAAK,CAAC;QACf,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,WAAW,CAAC;QACrB;YACE,MAAM,IAAI,KAAK,CAAC,oBAAoB,GAAU,uBAAuB,CAAC,CAAC;IAC3E,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAAG,CAC7B,SAA2B,EAC3B,MAAwB,EACxB,cAAsB,EACL,EAAE;IACnB,MAAM,SAAS,GAA6D;QAC1E,GAAG,EAAE;YACH,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,UAAU,CAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;QACD,GAAG,EAAE;YACH,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,UAAU,CAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;QACD,GAAG,EAAE;YACH,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,UAAU,CAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;QACD,SAAS,EAAE;YACT,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,UAAU,CAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;KACF,CAAC;IAMF,MAAM,gBAAgB,GAAwB,IAAI,GAAG,CAAC;QACpD,KAAK;QACL,KAAK;QACL,KAAK;QACL,OAAO;QACP,OAAO;QACP,aAAa;QACb,QAAQ;QACR,cAAc;KACf,CAAC,CAAC;IAEH,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAElD,IAAI,GAAG,KAAK,WAAW;YAAE,SAAS;QAElC,IAAI,GAAG,KAAK,OAAO;YAAE,SAAS;QAE9B,IAAI,GAAG,KAAK,WAAW;YAAE,SAAS;QAElC,IAAI,GAAG,KAAK,sBAAsB;YAAE,SAAS;QAE7C,MAAM,MAAM,GAAG,SAAS,CAAC,GAA6B,CAAC,CAAC;QAExD,IAAI,MAAM,KAAK,SAAS,IAAI,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC5C,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,qBAAqB,CAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YACrE,SAAS;QACX,CAAC;QACD,IAAI,MAAM,KAAK,QAAQ,IAAI,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3C,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,cAAc,CAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAC9D,SAAS;QACX,CAAC;QACD,IAAI,MAAM,KAAK,QAAQ,IAAI,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3C,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,eAAe,CAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAC/D,SAAS;QACX,CAAC;QACD,IAAI,OAAO,CAAS,KAAK,CAAC,EAAE,CAAC;YAC3B,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;YACpC,SAAS;QACX,CAAC;QACD,IAAI,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;YACnC,SAAS;QACX,CAAC;QACD,IAAI,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAGpB,IAAI,gBAAgB,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjC,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC;gBACtC,SAAS;YACX,CAAC;YACD,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;YACnC,SAAS;QACX,CAAC;QACD,IAAI,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,MAAM,CAAC,GAAG,KAA+B,CAAC;YACpD,SAAS;QACX,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,sBAAsB,KAAY,aAAa,GAAG,EAAE,CAAC,CAAC;IACxE,CAAC;IAED,OAAO,SAA4B,CAAC;AACtC,CAAC,CAAC"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { Dict } from "@lindorm/types";
|
|
2
|
-
import { AegisIntrospection } from "../../types";
|
|
1
|
+
import type { Dict } from "@lindorm/types";
|
|
2
|
+
import type { AegisIntrospection } from "../../types/index.js";
|
|
3
3
|
export type IntrospectClaimsInput = Dict & {
|
|
4
4
|
active?: unknown;
|
|
5
5
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parse-introspection.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/parse-introspection.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"parse-introspection.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/parse-introspection.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAG3C,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAO/D,MAAM,MAAM,qBAAqB,GAAG,IAAI,GAAG;IACzC,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,eAAO,MAAM,kBAAkB,GAAI,MAAM,qBAAqB,KAAG,kBAqBhE,CAAC"}
|
|
@@ -1,28 +1,24 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
const
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
const parseIntrospection = (data) => {
|
|
9
|
-
if (!(0, is_1.isBoolean)(data.active)) {
|
|
10
|
-
throw new errors_1.AegisError("Missing active claim");
|
|
1
|
+
import { isBoolean, isString } from "@lindorm/is";
|
|
2
|
+
import { removeUndefined } from "@lindorm/utils";
|
|
3
|
+
import { AegisError } from "../../errors/index.js";
|
|
4
|
+
import { extractDomainClaims } from "./extract-claims.js";
|
|
5
|
+
export const parseIntrospection = (data) => {
|
|
6
|
+
if (!isBoolean(data.active)) {
|
|
7
|
+
throw new AegisError("Missing active claim");
|
|
11
8
|
}
|
|
12
9
|
if (!data.active) {
|
|
13
10
|
return { active: false };
|
|
14
11
|
}
|
|
15
|
-
const { claims } =
|
|
16
|
-
return
|
|
12
|
+
const { claims } = extractDomainClaims(data);
|
|
13
|
+
return removeUndefined({
|
|
17
14
|
...claims,
|
|
18
15
|
active: true,
|
|
19
|
-
tokenType:
|
|
16
|
+
tokenType: isString(data.tokenType)
|
|
20
17
|
? data.tokenType
|
|
21
|
-
:
|
|
18
|
+
: isString(data.token_type)
|
|
22
19
|
? data.token_type
|
|
23
20
|
: undefined,
|
|
24
|
-
username:
|
|
21
|
+
username: isString(data.username) ? data.username : undefined,
|
|
25
22
|
});
|
|
26
23
|
};
|
|
27
|
-
exports.parseIntrospection = parseIntrospection;
|
|
28
24
|
//# sourceMappingURL=parse-introspection.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parse-introspection.js","sourceRoot":"","sources":["../../../src/internal/utils/parse-introspection.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"parse-introspection.js","sourceRoot":"","sources":["../../../src/internal/utils/parse-introspection.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAElD,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAEnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAU1D,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,IAA2B,EAAsB,EAAE;IACpF,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,UAAU,CAAC,sBAAsB,CAAC,CAAC;IAC/C,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QACjB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAC3B,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;IAE7C,OAAO,eAAe,CAAC;QACrB,GAAG,MAAM;QACT,MAAM,EAAE,IAAa;QACrB,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC;YACjC,CAAC,CAAC,IAAI,CAAC,SAAS;YAChB,CAAC,CAAC,QAAQ,CAAE,IAAa,CAAC,UAAU,CAAC;gBACnC,CAAC,CAAG,IAAa,CAAC,UAAqB;gBACvC,CAAC,CAAC,SAAS;QACf,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;KAC9D,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { Dict } from "@lindorm/types";
|
|
2
|
-
import { AegisUserinfo } from "../../types";
|
|
1
|
+
import type { Dict } from "@lindorm/types";
|
|
2
|
+
import type { AegisUserinfo } from "../../types/index.js";
|
|
3
3
|
export type UserinfoClaimsInput = Dict;
|
|
4
4
|
export declare const parseUserinfo: (data: UserinfoClaimsInput) => AegisUserinfo;
|
|
5
5
|
//# sourceMappingURL=parse-userinfo.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parse-userinfo.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/parse-userinfo.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"parse-userinfo.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/parse-userinfo.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAE3C,OAAO,KAAK,EAAgB,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAOxE,MAAM,MAAM,mBAAmB,GAAG,IAAI,CAAC;AAEvC,eAAO,MAAM,aAAa,GAAI,MAAM,mBAAmB,KAAG,aAyBzD,CAAC"}
|
|
@@ -1,26 +1,22 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
const
|
|
6
|
-
const
|
|
7
|
-
const
|
|
8
|
-
const parseUserinfo = (data) => {
|
|
9
|
-
const { claims, rest } = (0, extract_claims_1.extractDomainClaims)(data);
|
|
10
|
-
const preExtractedProfile = (0, is_1.isObject)(rest.profile) && !(0, is_1.isString)(rest.profile)
|
|
1
|
+
import { isObject, isString } from "@lindorm/is";
|
|
2
|
+
import { AegisError } from "../../errors/index.js";
|
|
3
|
+
import { extractAegisProfile } from "./extract-aegis-profile.js";
|
|
4
|
+
import { extractDomainClaims } from "./extract-claims.js";
|
|
5
|
+
export const parseUserinfo = (data) => {
|
|
6
|
+
const { claims, rest } = extractDomainClaims(data);
|
|
7
|
+
const preExtractedProfile = isObject(rest.profile) && !isString(rest.profile)
|
|
11
8
|
? rest.profile
|
|
12
9
|
: undefined;
|
|
13
10
|
if (preExtractedProfile)
|
|
14
11
|
delete rest.profile;
|
|
15
|
-
const { profile: extractedProfile } =
|
|
12
|
+
const { profile: extractedProfile } = extractAegisProfile(rest);
|
|
16
13
|
const profile = preExtractedProfile ?? extractedProfile;
|
|
17
|
-
if (!
|
|
18
|
-
throw new
|
|
14
|
+
if (!isString(claims.subject)) {
|
|
15
|
+
throw new AegisError("Missing subject claim");
|
|
19
16
|
}
|
|
20
17
|
return {
|
|
21
18
|
...(profile ?? {}),
|
|
22
19
|
subject: claims.subject,
|
|
23
20
|
};
|
|
24
21
|
};
|
|
25
|
-
exports.parseUserinfo = parseUserinfo;
|
|
26
22
|
//# sourceMappingURL=parse-userinfo.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parse-userinfo.js","sourceRoot":"","sources":["../../../src/internal/utils/parse-userinfo.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"parse-userinfo.js","sourceRoot":"","sources":["../../../src/internal/utils/parse-userinfo.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEjD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAEnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAO1D,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,IAAyB,EAAiB,EAAE;IACxE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;IAMnD,MAAM,mBAAmB,GACvB,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC;QAC/C,CAAC,CAAE,IAAI,CAAC,OAAwB;QAChC,CAAC,CAAC,SAAS,CAAC;IAEhB,IAAI,mBAAmB;QAAE,OAAO,IAAI,CAAC,OAAO,CAAC;IAE7C,MAAM,EAAE,OAAO,EAAE,gBAAgB,EAAE,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;IAChE,MAAM,OAAO,GAAG,mBAAmB,IAAI,gBAAgB,CAAC;IAExD,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,UAAU,CAAC,uBAAuB,CAAC,CAAC;IAChD,CAAC;IAED,OAAO;QACL,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC;QAClB,OAAO,EAAE,MAAM,CAAC,OAAO;KACxB,CAAC;AACJ,CAAC,CAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { IKryptos } from "@lindorm/kryptos";
|
|
2
|
-
import { BindCertificateMode, CertificateHeaderFields } from "../../types";
|
|
1
|
+
import type { IKryptos } from "@lindorm/kryptos";
|
|
2
|
+
import type { BindCertificateMode, CertificateHeaderFields } from "../../types/index.js";
|
|
3
3
|
export declare const resolveCertBinding: (kryptos: IKryptos, mode: BindCertificateMode | undefined) => CertificateHeaderFields | undefined;
|
|
4
4
|
//# sourceMappingURL=resolve-cert-binding.d.ts.map
|