supaapps-auth 2.0.0-rc.5 → 2.0.0-rc.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/AuthManager.d.ts +2 -2
- package/dist/AuthManager.js +26 -15
- package/dist/types.d.ts +1 -0
- package/package.json +1 -1
- package/src/AuthManager.ts +35 -22
- package/src/types.ts +1 -0
package/dist/AuthManager.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { AuthManagerEvent } from './types';
|
|
1
|
+
import { AuthManagerEvent, UserTokenPayload } from './types';
|
|
2
2
|
export declare class AuthManager {
|
|
3
3
|
private static instance;
|
|
4
4
|
private authServer;
|
|
@@ -21,6 +21,6 @@ export declare class AuthManager {
|
|
|
21
21
|
private saveTokens;
|
|
22
22
|
loginUsingPkce(code: string): Promise<void>;
|
|
23
23
|
logout(): Promise<void>;
|
|
24
|
-
static validateToken(authServer: string, bearerToken: string): Promise<
|
|
24
|
+
static validateToken(authServer: string, bearerToken: string): Promise<UserTokenPayload>;
|
|
25
25
|
static resetInstance(): void;
|
|
26
26
|
}
|
package/dist/AuthManager.js
CHANGED
|
@@ -192,23 +192,34 @@ class AuthManager {
|
|
|
192
192
|
return __awaiter(this, void 0, void 0, function* () {
|
|
193
193
|
var _a;
|
|
194
194
|
// @todo tests missing for this static validation
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
}
|
|
202
|
-
const { data: publicKey } = yield axios_1.default.get(`${authServer}public/public_key`);
|
|
203
|
-
const { data: algo } = yield axios_1.default.get(`${authServer}public/algo`);
|
|
204
|
-
(0, jsonwebtoken_1.verify)(bearerToken, publicKey, { algorithms: [algo] });
|
|
205
|
-
const { data: revokedIds } = yield axios_1.default.get(`${authServer}public/revoked_ids`);
|
|
206
|
-
// eslint-disable-next-line @typescript-eslint/dot-notation
|
|
207
|
-
return !revokedIds.includes(decodedToken['id']);
|
|
195
|
+
// @todo add caching for public key and algo
|
|
196
|
+
const decodedToken = (_a = (0, jsonwebtoken_1.decode)(bearerToken, {
|
|
197
|
+
complete: true,
|
|
198
|
+
})) === null || _a === void 0 ? void 0 : _a.payload;
|
|
199
|
+
if (!decodedToken) {
|
|
200
|
+
throw new Error('Not a valid jwt token');
|
|
208
201
|
}
|
|
209
|
-
|
|
210
|
-
|
|
202
|
+
const userToken = {
|
|
203
|
+
id: decodedToken['id'],
|
|
204
|
+
iss: decodedToken['iss'],
|
|
205
|
+
sub: parseInt(decodedToken['sub']),
|
|
206
|
+
first_name: decodedToken['first_name'],
|
|
207
|
+
last_name: decodedToken['last_name'],
|
|
208
|
+
email: decodedToken['email'],
|
|
209
|
+
aud: decodedToken['aud'],
|
|
210
|
+
iat: decodedToken['iat'],
|
|
211
|
+
exp: decodedToken['exp'],
|
|
212
|
+
scopes: decodedToken['scopes'],
|
|
213
|
+
realm: decodedToken['realm'],
|
|
214
|
+
};
|
|
215
|
+
const { data: publicKey } = yield axios_1.default.get(`${authServer}public/public_key`);
|
|
216
|
+
const { data: algo } = yield axios_1.default.get(`${authServer}public/algo`);
|
|
217
|
+
(0, jsonwebtoken_1.verify)(bearerToken, publicKey, { algorithms: [algo] });
|
|
218
|
+
const { data: revokedIds } = yield axios_1.default.get(`${authServer}public/revoked_ids`);
|
|
219
|
+
if (revokedIds.includes(decodedToken['id'])) {
|
|
220
|
+
throw new Error('Token is revoked');
|
|
211
221
|
}
|
|
222
|
+
return userToken;
|
|
212
223
|
});
|
|
213
224
|
}
|
|
214
225
|
static resetInstance() {
|
package/dist/types.d.ts
CHANGED
package/package.json
CHANGED
package/src/AuthManager.ts
CHANGED
|
@@ -230,34 +230,47 @@ export class AuthManager {
|
|
|
230
230
|
public static async validateToken(
|
|
231
231
|
authServer: string,
|
|
232
232
|
bearerToken: string,
|
|
233
|
-
): Promise<
|
|
233
|
+
): Promise<UserTokenPayload> {
|
|
234
234
|
// @todo tests missing for this static validation
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
235
|
+
// @todo add caching for public key and algo
|
|
236
|
+
const decodedToken = jwtDecode(bearerToken, {
|
|
237
|
+
complete: true,
|
|
238
|
+
})?.payload;
|
|
239
239
|
|
|
240
|
-
|
|
241
|
-
|
|
242
|
-
|
|
240
|
+
if (!decodedToken) {
|
|
241
|
+
throw new Error('Not a valid jwt token');
|
|
242
|
+
}
|
|
243
243
|
|
|
244
|
-
|
|
245
|
-
|
|
246
|
-
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
|
|
244
|
+
const userToken: UserTokenPayload = {
|
|
245
|
+
id: decodedToken['id'],
|
|
246
|
+
iss: decodedToken['iss'],
|
|
247
|
+
sub: parseInt(decodedToken['sub'] as string),
|
|
248
|
+
first_name: decodedToken['first_name'],
|
|
249
|
+
last_name: decodedToken['last_name'],
|
|
250
|
+
email: decodedToken['email'],
|
|
251
|
+
aud: decodedToken['aud'],
|
|
252
|
+
iat: decodedToken['iat'],
|
|
253
|
+
exp: decodedToken['exp'],
|
|
254
|
+
scopes: decodedToken['scopes'],
|
|
255
|
+
realm: decodedToken['realm'],
|
|
256
|
+
}
|
|
250
257
|
|
|
251
|
-
|
|
258
|
+
const { data: publicKey } = await axios.get(
|
|
259
|
+
`${authServer}public/public_key`,
|
|
260
|
+
);
|
|
261
|
+
const { data: algo } = await axios.get(
|
|
262
|
+
`${authServer}public/algo`,
|
|
263
|
+
);
|
|
252
264
|
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
265
|
+
jwtVerify(bearerToken, publicKey, { algorithms: [algo] });
|
|
266
|
+
|
|
267
|
+
const { data: revokedIds } = await axios.get(
|
|
268
|
+
`${authServer}public/revoked_ids`,
|
|
269
|
+
);
|
|
270
|
+
if(revokedIds.includes(decodedToken['id'])){
|
|
271
|
+
throw new Error('Token is revoked');
|
|
260
272
|
}
|
|
273
|
+
return userToken;
|
|
261
274
|
}
|
|
262
275
|
|
|
263
276
|
public static resetInstance(): void {
|