@nsshunt/stsappframework 2.19.164 → 2.19.165
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/authutilsnode.js
CHANGED
|
@@ -22,11 +22,14 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
|
|
|
22
22
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
23
23
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
24
24
|
};
|
|
25
|
-
var _AuthUtilsNode_cookiejar, _AuthUtilsNode_httpsAgent, _AuthUtilsNode_debug,
|
|
25
|
+
var _AuthUtilsNode_cookiejar, _AuthUtilsNode_httpsAgent, _AuthUtilsNode_debug, _AuthUtilsNode_GetHttpsAgent;
|
|
26
26
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
27
27
|
exports.AuthUtilsNode = exports.STSClientID = void 0;
|
|
28
28
|
const tough_cookie_1 = __importDefault(require("tough-cookie"));
|
|
29
29
|
const https_1 = __importDefault(require("https"));
|
|
30
|
+
const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
|
|
31
|
+
const jwt_decode_1 = __importDefault(require("jwt-decode"));
|
|
32
|
+
const jwks_rsa_1 = __importDefault(require("jwks-rsa"));
|
|
30
33
|
const axios_1 = __importDefault(require("axios"));
|
|
31
34
|
const stsconfig_1 = require("@nsshunt/stsconfig");
|
|
32
35
|
const goptions = (0, stsconfig_1.$Options)();
|
|
@@ -57,7 +60,7 @@ class AuthUtilsNode {
|
|
|
57
60
|
_AuthUtilsNode_cookiejar.set(this, void 0);
|
|
58
61
|
_AuthUtilsNode_httpsAgent.set(this, null);
|
|
59
62
|
_AuthUtilsNode_debug.set(this, (0, debug_1.default)(`proc:${process.pid}:AuthUtilsNode`));
|
|
60
|
-
|
|
63
|
+
_AuthUtilsNode_GetHttpsAgent.set(this, () => {
|
|
61
64
|
if (__classPrivateFieldGet(this, _AuthUtilsNode_httpsAgent, "f") === null) {
|
|
62
65
|
// https://nodejs.org/api/http.html#class-httpagent
|
|
63
66
|
__classPrivateFieldSet(this, _AuthUtilsNode_httpsAgent, new https_1.default.Agent({
|
|
@@ -87,7 +90,35 @@ class AuthUtilsNode {
|
|
|
87
90
|
this.GetCookiesFromJar = (endpoint) => __awaiter(this, void 0, void 0, function* () {
|
|
88
91
|
return __classPrivateFieldGet(this, _AuthUtilsNode_cookiejar, "f").getCookies(endpoint);
|
|
89
92
|
});
|
|
90
|
-
this.
|
|
93
|
+
this.ValidateJWT = (token, audience, endpoint) => __awaiter(this, void 0, void 0, function* () {
|
|
94
|
+
const jwksClientUri = (endpoint
|
|
95
|
+
? `${endpoint}${goptions.asoauthapiroot}${goptions.asjwksjsonpath}`
|
|
96
|
+
: `${goptions.asendpoint}:${goptions.asport}${goptions.asoauthapiroot}${goptions.asjwksjsonpath}`);
|
|
97
|
+
const jwks = (0, jwks_rsa_1.default)({
|
|
98
|
+
cache: true,
|
|
99
|
+
cacheMaxEntries: 5,
|
|
100
|
+
cacheMaxAge: 600000,
|
|
101
|
+
rateLimit: true,
|
|
102
|
+
jwksRequestsPerMinute: 10,
|
|
103
|
+
jwksUri: jwksClientUri,
|
|
104
|
+
timeout: 30000,
|
|
105
|
+
requestAgent: __classPrivateFieldGet(this, _AuthUtilsNode_GetHttpsAgent, "f").call(this)
|
|
106
|
+
});
|
|
107
|
+
// Use decode to get the kid
|
|
108
|
+
const decodedRefreshToken = (0, jwt_decode_1.default)(token, { header: true });
|
|
109
|
+
const kid = decodedRefreshToken.kid;
|
|
110
|
+
const key = yield jwks.getSigningKey(kid);
|
|
111
|
+
const signingKey = key.getPublicKey();
|
|
112
|
+
const verifyOptions = {
|
|
113
|
+
issuer: 'https://stsmda.com.au/stsauth/',
|
|
114
|
+
//subject: s,
|
|
115
|
+
audience: audience,
|
|
116
|
+
//expiresIn: 600, // 10 minutes
|
|
117
|
+
algorithm: ["RS256"] // RSASSA [ "RS256", "RS384", "RS512" ]
|
|
118
|
+
};
|
|
119
|
+
return jsonwebtoken_1.default.verify(token, signingKey, verifyOptions);
|
|
120
|
+
});
|
|
121
|
+
this.GetAPITokenFromAuthServer = (clientId, authClientSecret, audience, endPoint) => __awaiter(this, void 0, void 0, function* () {
|
|
91
122
|
try {
|
|
92
123
|
const headers = { 'Content-Type': 'application/json' };
|
|
93
124
|
const payload = {
|
|
@@ -99,13 +130,15 @@ class AuthUtilsNode {
|
|
|
99
130
|
//@@ need scope to be the API identifier
|
|
100
131
|
grant_type: "client_credentials"
|
|
101
132
|
};
|
|
102
|
-
const url =
|
|
133
|
+
const url = (endPoint
|
|
134
|
+
? `${endPoint}${goptions.asoauthapiroot}/token`
|
|
135
|
+
: `${goptions.asendpoint}:${goptions.asport}${goptions.asoauthapiroot}/token`);
|
|
103
136
|
const retVal = yield (0, axios_1.default)({
|
|
104
137
|
url,
|
|
105
138
|
method: 'post',
|
|
106
139
|
data: payload,
|
|
107
140
|
headers: headers,
|
|
108
|
-
httpsAgent: __classPrivateFieldGet(this,
|
|
141
|
+
httpsAgent: __classPrivateFieldGet(this, _AuthUtilsNode_GetHttpsAgent, "f").call(this)
|
|
109
142
|
});
|
|
110
143
|
if (retVal.status) {
|
|
111
144
|
if (retVal.status !== 200) {
|
|
@@ -208,5 +241,5 @@ class AuthUtilsNode {
|
|
|
208
241
|
}
|
|
209
242
|
}
|
|
210
243
|
exports.AuthUtilsNode = AuthUtilsNode;
|
|
211
|
-
_AuthUtilsNode_cookiejar = new WeakMap(), _AuthUtilsNode_httpsAgent = new WeakMap(), _AuthUtilsNode_debug = new WeakMap(),
|
|
244
|
+
_AuthUtilsNode_cookiejar = new WeakMap(), _AuthUtilsNode_httpsAgent = new WeakMap(), _AuthUtilsNode_debug = new WeakMap(), _AuthUtilsNode_GetHttpsAgent = new WeakMap();
|
|
212
245
|
//# sourceMappingURL=authutilsnode.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authutilsnode.js","sourceRoot":"","sources":["../src/authutilsnode.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,gEAAiC;AACjC,kDAAyB;
|
|
1
|
+
{"version":3,"file":"authutilsnode.js","sourceRoot":"","sources":["../src/authutilsnode.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,gEAAiC;AACjC,kDAAyB;AACzB,gEAA+B;AAC/B,4DAAoC;AACpC,wDAAkC;AAElC,kDAA0B;AAE1B,kDAA6C;AAC7C,MAAM,QAAQ,GAAG,IAAA,oBAAQ,GAAE,CAAA;AAE3B,kDAA+B;AAE/B,gDAA+D;AAE/D,gDAA2D;AAE3D,yDAAgD;AAMhD,IAAY,WAgBX;AAhBD,WAAY,WAAW;IACnB,gFAAiE,CAAA;IACjE,8EAA+D,CAAA;IAC/D,6EAA8D,CAAA;IAC9D,sEAAuD,CAAA;IACvD,2EAA4D,CAAA;IAC5D,qFAAsE,CAAA;IACtE,2FAA4E,CAAA;IAC5E,0FAA2E,CAAA;IAC3E,iFAAkE,CAAA;IAClE,gFAAiE,CAAA;IACjE,iFAAkE,CAAA;IAClE,sFAAuE,CAAA;IACvE,qFAAsE,CAAA;IACtE,iFAAkE,CAAA;IAClE,uFAAwE,CAAA;AAC5E,CAAC,EAhBW,WAAW,GAAX,mBAAW,KAAX,mBAAW,QAgBtB;AAED,MAAa,aAAa;IAMtB;QAJA,2CAA4B;QAC5B,oCAAkC,IAAI,EAAC;QACvC,+BAAS,IAAA,eAAW,EAAC,QAAQ,OAAO,CAAC,GAAG,gBAAgB,CAAC,EAAC;QAM1D,uCAAiB,GAAG,EAAE;YAElB,IAAI,uBAAA,IAAI,iCAAY,KAAK,IAAI,EAAE;gBAC3B,mDAAmD;gBACnD,uBAAA,IAAI,6BAAe,IAAI,eAAK,CAAC,KAAK,CAAC;oBAC/B,SAAS,EAAE,QAAQ,CAAC,SAAS;oBAC7B,UAAU,EAAE,QAAQ,CAAC,UAAU;oBAC/B,eAAe,EAAE,QAAQ,CAAC,eAAe;oBACzC,cAAc,EAAE,QAAQ,CAAC,cAAc;oBACvC,OAAO,EAAE,QAAQ,CAAC,OAAO;oBACzB,kBAAkB,EAAE,KAAK;iBAC5B,CAAC,MAAA,CAAC;aACN;YACD,OAAO,uBAAA,IAAI,iCAAY,CAAC;QAC5B,CAAC,EAAA;QA+DD,oBAAe,GAAG,CAAO,OAA4B,EAAE,QAAgB,EAA2B,EAAE;YAEhG,IAAI,OAAO,CAAC,YAAY,CAAC,EAAE;gBACvB,OAAO,CAAC,YAAY,CAAC,CAAC,GAAG,CAAC,CAAC,YAAiB,EAAE,EAAE;oBAC5C,MAAM,MAAM,GAAQ,sBAAK,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;oBACrD,uBAAA,IAAI,gCAAW,CAAC,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;gBACpD,CAAC,CAAC,CAAC;aACN;iBAAM;gBACH,MAAM,MAAM,GAAQ,sBAAK,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC;gBAC9D,uBAAA,IAAI,gCAAW,CAAC,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;aACnD;YAED,OAAO,uBAAA,IAAI,gCAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QAChD,CAAC,CAAA,CAAC;QAEF,sBAAiB,GAAG,CAAO,QAAgB,EAA2B,EAAE;YAEpE,OAAO,uBAAA,IAAI,gCAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QAChD,CAAC,CAAA,CAAC;QAEF,gBAAW,GAAG,CAAO,KAAa,EAAE,QAAgB,EAAE,QAAiB,EAAmB,EAAE;YACxF,MAAM,aAAa,GAAG,CAAC,QAAQ;gBAC3B,CAAC,CAAC,GAAG,QAAQ,GAAG,QAAQ,CAAC,cAAc,GAAG,QAAQ,CAAC,cAAc,EAAE;gBACnE,CAAC,CAAC,GAAG,QAAQ,CAAC,UAAU,IAAI,QAAQ,CAAC,MAAM,GAAG,QAAQ,CAAC,cAAc,GAAG,QAAQ,CAAC,cAAc,EAAE,CAAC,CAAC;YAEvG,MAAM,IAAI,GAAG,IAAA,kBAAU,EAAC;gBACpB,KAAK,EAAE,IAAI;gBACX,eAAe,EAAE,CAAC;gBAClB,WAAW,EAAE,MAAM;gBACnB,SAAS,EAAE,IAAI;gBACf,qBAAqB,EAAE,EAAE;gBACzB,OAAO,EAAE,aAAa;gBACtB,OAAO,EAAE,KAAK;gBACd,YAAY,EAAE,uBAAA,IAAI,oCAAe,MAAnB,IAAI,CAAiB;aACtC,CAAC,CAAC;YAEH,4BAA4B;YAC5B,MAAM,mBAAmB,GAAG,IAAA,oBAAU,EAAa,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;YAC5E,MAAM,GAAG,GAAG,mBAAmB,CAAC,GAAG,CAAC;YAEpC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;YAC1C,MAAM,UAAU,GAAG,GAAG,CAAC,YAAY,EAAE,CAAC;YAEtC,MAAM,aAAa,GAAG;gBAClB,MAAM,EAAG,gCAAgC;gBACzC,cAAc;gBACd,QAAQ,EAAG,QAAQ;gBACnB,gCAAgC;gBAChC,SAAS,EAAG,CAAC,OAAO,CAAC,CAAG,uCAAuC;aAClE,CAAC;YAEF,OAAO,sBAAG,CAAC,MAAM,CAAC,KAAK,EAAE,UAAU,EAAE,aAAa,CAAW,CAAC;QAClE,CAAC,CAAA,CAAA;QAED,8BAAyB,GAAG,CAAO,QAAqB,EAAE,gBAAwB,EAAE,QAAgB,EAAE,QAAiB,EAAmB,EAAE;YACxI,IAAI;gBACA,MAAM,OAAO,GAAG,EAAE,cAAc,EAAE,kBAAkB,EAAC,CAAC;gBACtD,MAAM,OAAO,GAAG;oBACZ,SAAS,EAAE,QAAQ;oBACnB,aAAa,EAAE,gBAAgB;oBAC/B,6EAA6E;oBAC7E,QAAQ,EAAE,QAAQ;oBAClB,oBAAoB;oBACpB,wCAAwC;oBACxC,UAAU,EAAE,oBAAoB;iBACnC,CAAA;gBACD,MAAM,GAAG,GAAG,CAAC,QAAQ;oBACjB,CAAC,CAAC,GAAG,QAAQ,GAAG,QAAQ,CAAC,cAAc,QAAQ;oBAC/C,CAAC,CAAC,GAAG,QAAQ,CAAC,UAAU,IAAI,QAAQ,CAAC,MAAM,GAAG,QAAQ,CAAC,cAAc,QAAQ,CAAC,CAAC;gBACnF,MAAM,MAAM,GAAG,MAAM,IAAA,eAAK,EAAC;oBACvB,GAAG;oBACF,MAAM,EAAE,MAAM;oBACd,IAAI,EAAE,OAAO;oBACb,OAAO,EAAE,OAAO;oBAChB,UAAU,EAAE,uBAAA,IAAI,oCAAe,MAAnB,IAAI,CAAiB;iBACrC,CAAC,CAAC;gBAEH,IAAI,MAAM,CAAC,MAAM,EAAE;oBACf,IAAI,MAAM,CAAC,MAAM,KAAK,GAAG,EAAE;wBACvB,8BAA8B;wBAC9B,uBAAA,IAAI,4BAAO,MAAX,IAAI,EAAQ,+EAA+E,MAAM,CAAC,MAAM,GAAG,CAAC,OAAO,CAAC,CAAC;qBACxH;iBACJ;qBAAM;oBACH,MAAM,GAAG,GAAG,8DAA8D,CAAC,GAAG,CAAA;oBAC9E,uBAAA,IAAI,4BAAO,MAAX,IAAI,EAAQ,GAAG,CAAC,CAAC;oBACjB,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC;iBACxB;gBACD,IAAI,MAAM,CAAC,IAAI,EAAE;oBACb,IAAI,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE;wBAC1B,OAAO,MAAM,CAAC,IAAI,CAAC,YAAsB,CAAC;qBAC7C;yBAAM;wBACH,MAAM,GAAG,GAAG,yEAAyE,CAAC,GAAG,CAAA;wBACzF,uBAAA,IAAI,4BAAO,MAAX,IAAI,EAAQ,GAAG,CAAC,CAAC;wBACjB,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC;qBACxB;iBACJ;qBAAM;oBACH,MAAM,GAAG,GAAG,4DAA4D,CAAC,GAAG,CAAA;oBAC5E,uBAAA,IAAI,4BAAO,MAAX,IAAI,EAAQ,GAAG,CAAC,CAAC;oBACjB,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC;iBACxB;aACJ;YAAC,OAAO,KAAU,EAAE;gBACjB,uBAAA,IAAI,4BAAO,MAAX,IAAI,EAAQ,sDAAsD,KAAK,EAAE,CAAC,GAAG,CAAC,CAAC;gBAC/E,IAAI,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE;oBACvC,uBAAA,IAAI,4BAAO,MAAX,IAAI,EAAQ,aAAa,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;iBACxE;gBACD,MAAM,KAAK,CAAC;aACf;QACL,CAAC,CAAA,CAAA;QA3LG,uBAAA,IAAI,4BAAc,IAAI,sBAAK,CAAC,SAAS,EAAE,MAAA,CAAC;IAC5C,CAAC;IAkBD,8BAA8B,CAAC,OAA8B;QACzD,OAAO,UAAe,GAAQ,EAAE,GAAQ,EAAE,IAAS;;gBAC/C,IAAI,OAAO,CAAC,WAAW,EAAE;oBACrB,MAAM,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;oBACzC,MAAM,mBAAmB,GAAG,EAAG,CAAC;oBAChC,KAAK,IAAI,CAAC,GAAC,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;wBAC/C,MAAM,UAAU,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;wBAC1C,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE;4BAC9B,mBAAmB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;yBACxC;qBACJ;oBACD,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE;wBAChC,MAAM,YAAY,GAAG,IAAA,0BAAe,EAAC,8BAAqB,CAAC,+BAA+B,EAAE,mBAAmB,CAAC,CAAC;wBACjH,GAAG,CAAC,MAAM,CAAC,+BAAW,CAAC,YAAY,CAAC,CAAC,IAAI,CAAE,EAAE,MAAM,EAAE,+BAAW,CAAC,YAAY,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC;wBACtG,OAAO;qBACV;iBACJ;gBACD,IAAI,EAAE,CAAC;YACX,CAAC;SAAA,CAAA;IACL,CAAC;IACD;;;;;;;;;;;;;;;MAeD;IAEO,uBAAuB,CAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;;YAEvD,IAAI,EAAE,CAAC;YACP;;;;;;;;;;;;;;;;;;cAkBJ;QACA,CAAC;KAAA;CAyMJ;AA9RD,sCA8RC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@nsshunt/stsappframework",
|
|
3
|
-
"version": "2.19.
|
|
3
|
+
"version": "2.19.165",
|
|
4
4
|
"description": "",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "./types/index.d.ts",
|
|
@@ -29,6 +29,7 @@
|
|
|
29
29
|
"@types/debug": "^4.1.7",
|
|
30
30
|
"@types/express": "^4.17.17",
|
|
31
31
|
"@types/jest": "^29.5.0",
|
|
32
|
+
"@types/jsonwebtoken": "^9.0.1",
|
|
32
33
|
"@types/pg": "^8.6.6",
|
|
33
34
|
"@types/uuid": "^9.0.1",
|
|
34
35
|
"@typescript-eslint/eslint-plugin": "^5.58.0",
|
|
@@ -54,6 +55,9 @@
|
|
|
54
55
|
"debug": "^4.3.4",
|
|
55
56
|
"express": "^4.18.2",
|
|
56
57
|
"http-status-codes": "^2.2.0",
|
|
58
|
+
"jsonwebtoken": "^9.0.0",
|
|
59
|
+
"jwks-rsa": "^3.0.1",
|
|
60
|
+
"jwt-decode": "^3.1.2",
|
|
57
61
|
"pidusage": "^3.0.2",
|
|
58
62
|
"prom-client": "^14.2.0",
|
|
59
63
|
"socket.io": "^4.6.1",
|
package/src/authutilsnode.ts
CHANGED
|
@@ -1,5 +1,8 @@
|
|
|
1
1
|
import tough from 'tough-cookie';
|
|
2
2
|
import https from 'https'
|
|
3
|
+
import jwt from 'jsonwebtoken';
|
|
4
|
+
import jwt_decode from 'jwt-decode';
|
|
5
|
+
import jwksClient from 'jwks-rsa';
|
|
3
6
|
|
|
4
7
|
import axios from 'axios';
|
|
5
8
|
|
|
@@ -8,7 +11,7 @@ const goptions = $Options()
|
|
|
8
11
|
|
|
9
12
|
import debugModule from 'debug'
|
|
10
13
|
|
|
11
|
-
import { GetErrorPayload } from '@nsshunt/stsutils'
|
|
14
|
+
import { GetErrorPayload, JSONObject } from '@nsshunt/stsutils'
|
|
12
15
|
|
|
13
16
|
import { AppFrameworkErrorCode } from './validation/errors'
|
|
14
17
|
|
|
@@ -46,7 +49,7 @@ export class AuthUtilsNode
|
|
|
46
49
|
this.#cookiejar = new tough.CookieJar();
|
|
47
50
|
}
|
|
48
51
|
|
|
49
|
-
#
|
|
52
|
+
#GetHttpsAgent = () =>
|
|
50
53
|
{
|
|
51
54
|
if (this.#httpsAgent === null) {
|
|
52
55
|
// https://nodejs.org/api/http.html#class-httpagent
|
|
@@ -143,7 +146,41 @@ export class AuthUtilsNode
|
|
|
143
146
|
return this.#cookiejar.getCookies(endpoint);
|
|
144
147
|
};
|
|
145
148
|
|
|
146
|
-
|
|
149
|
+
ValidateJWT = async (token: string, audience: string, endpoint?: string): Promise<string> => {
|
|
150
|
+
const jwksClientUri = (endpoint
|
|
151
|
+
? `${endpoint}${goptions.asoauthapiroot}${goptions.asjwksjsonpath}`
|
|
152
|
+
: `${goptions.asendpoint}:${goptions.asport}${goptions.asoauthapiroot}${goptions.asjwksjsonpath}`);
|
|
153
|
+
|
|
154
|
+
const jwks = jwksClient({
|
|
155
|
+
cache: true, //@@ all config items
|
|
156
|
+
cacheMaxEntries: 5, // Default value
|
|
157
|
+
cacheMaxAge: 600000, // Defaults to 10m
|
|
158
|
+
rateLimit: true,
|
|
159
|
+
jwksRequestsPerMinute: 10, // Default value
|
|
160
|
+
jwksUri: jwksClientUri,
|
|
161
|
+
timeout: 30000, //@@ config
|
|
162
|
+
requestAgent: this.#GetHttpsAgent()
|
|
163
|
+
});
|
|
164
|
+
|
|
165
|
+
// Use decode to get the kid
|
|
166
|
+
const decodedRefreshToken = jwt_decode<JSONObject>(token, { header: true });
|
|
167
|
+
const kid = decodedRefreshToken.kid;
|
|
168
|
+
|
|
169
|
+
const key = await jwks.getSigningKey(kid);
|
|
170
|
+
const signingKey = key.getPublicKey();
|
|
171
|
+
|
|
172
|
+
const verifyOptions = {
|
|
173
|
+
issuer: 'https://stsmda.com.au/stsauth/',
|
|
174
|
+
//subject: s,
|
|
175
|
+
audience: audience,
|
|
176
|
+
//expiresIn: 600, // 10 minutes
|
|
177
|
+
algorithm: ["RS256"] // RSASSA [ "RS256", "RS384", "RS512" ]
|
|
178
|
+
};
|
|
179
|
+
|
|
180
|
+
return jwt.verify(token, signingKey, verifyOptions) as string;
|
|
181
|
+
}
|
|
182
|
+
|
|
183
|
+
GetAPITokenFromAuthServer = async (clientId: STSClientID, authClientSecret: string, audience: string, endPoint?: string): Promise<string> => {
|
|
147
184
|
try {
|
|
148
185
|
const headers = { 'Content-Type': 'application/json'};
|
|
149
186
|
const payload = { //@@ make a type
|
|
@@ -155,13 +192,15 @@ export class AuthUtilsNode
|
|
|
155
192
|
//@@ need scope to be the API identifier
|
|
156
193
|
grant_type: "client_credentials"
|
|
157
194
|
}
|
|
158
|
-
const url =
|
|
195
|
+
const url = (endPoint
|
|
196
|
+
? `${endPoint}${goptions.asoauthapiroot}/token`
|
|
197
|
+
: `${goptions.asendpoint}:${goptions.asport}${goptions.asoauthapiroot}/token`);
|
|
159
198
|
const retVal = await axios({
|
|
160
199
|
url
|
|
161
200
|
,method: 'post'
|
|
162
201
|
,data: payload
|
|
163
202
|
,headers: headers
|
|
164
|
-
,httpsAgent: this.#
|
|
203
|
+
,httpsAgent: this.#GetHttpsAgent()
|
|
165
204
|
});
|
|
166
205
|
|
|
167
206
|
if (retVal.status) {
|
package/types/authutilsnode.d.ts
CHANGED
|
@@ -26,6 +26,7 @@ export declare class AuthUtilsNode {
|
|
|
26
26
|
verifyRequestMiddleware(req: any, res: any, next: any): Promise<void>;
|
|
27
27
|
SetCookiesToJar: (headers: Record<string, any>, endpoint: string) => Promise<tough.Cookie[]>;
|
|
28
28
|
GetCookiesFromJar: (endpoint: string) => Promise<tough.Cookie[]>;
|
|
29
|
-
|
|
29
|
+
ValidateJWT: (token: string, audience: string, endpoint?: string) => Promise<string>;
|
|
30
|
+
GetAPITokenFromAuthServer: (clientId: STSClientID, authClientSecret: string, audience: string, endPoint?: string) => Promise<string>;
|
|
30
31
|
}
|
|
31
32
|
//# sourceMappingURL=authutilsnode.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authutilsnode.d.ts","sourceRoot":"","sources":["../src/authutilsnode.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"authutilsnode.d.ts","sourceRoot":"","sources":["../src/authutilsnode.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,cAAc,CAAC;AAmBjC,MAAM,WAAW,qBAAqB;IAClC,WAAW,EAAE,MAAM,EAAE,CAAA;CACxB;AAED,oBAAY,WAAW;IACnB,gBAAgB,iDAAiD;IACjE,cAAc,iDAAiD;IAC/D,aAAa,iDAAiD;IAC9D,MAAM,iDAAiD;IACvD,WAAW,iDAAiD;IAC5D,qBAAqB,iDAAiD;IACtE,2BAA2B,iDAAiD;IAC5E,0BAA0B,iDAAiD;IAC3E,iBAAiB,iDAAiD;IAClE,gBAAgB,iDAAiD;IACjE,iBAAiB,iDAAiD;IAClE,sBAAsB,iDAAiD;IACvE,qBAAqB,iDAAiD;IACtE,iBAAiB,iDAAiD;IAClE,+BAA+B,yCAAyC;CAC3E;AAED,qBAAa,aAAa;;;IA0BtB,8BAA8B,CAAC,OAAO,EAAE,qBAAqB,SAC9B,GAAG,OAAO,GAAG,QAAQ,GAAG;IAoCjD,uBAAuB,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG;IAwB3D,eAAe,YAAmB,OAAO,MAAM,EAAE,GAAG,CAAC,YAAY,MAAM,KAAG,QAAQ,MAAM,MAAM,EAAE,CAAC,CAa/F;IAEF,iBAAiB,aAAoB,MAAM,KAAG,QAAQ,MAAM,MAAM,EAAE,CAAC,CAGnE;IAEF,WAAW,UAAiB,MAAM,YAAY,MAAM,aAAa,MAAM,KAAG,QAAQ,MAAM,CAAC,CAgCxF;IAED,yBAAyB,aAAoB,WAAW,oBAAoB,MAAM,YAAY,MAAM,aAAa,MAAM,KAAG,QAAQ,MAAM,CAAC,CAqDxI;CA4FJ"}
|