UNPKG

@asgardeo/auth-js

Version:

Asgardeo Auth JS SDK to be used in JavaScript and TypeScript applications.

108 lines (90 loc) 3.94 kB
/** * Copyright (c) 2020, WSO2 LLC. (https://www.wso2.com). All Rights Reserved. * * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except * in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ import { PKCE_CODE_VERIFIER, PKCE_SEPARATOR } from "../constants"; import { DecodedIDTokenPayload } from "../models"; export class AuthenticationUtils { // eslint-disable-next-line @typescript-eslint/no-empty-function private constructor() {} public static filterClaimsFromIDTokenPayload(payload: DecodedIDTokenPayload): any { const optionalizedPayload: Partial<DecodedIDTokenPayload> = { ...payload }; delete optionalizedPayload?.iss; delete optionalizedPayload?.aud; delete optionalizedPayload?.exp; delete optionalizedPayload?.iat; delete optionalizedPayload?.acr; delete optionalizedPayload?.amr; delete optionalizedPayload?.azp; delete optionalizedPayload?.auth_time; delete optionalizedPayload?.nonce; delete optionalizedPayload?.c_hash; delete optionalizedPayload?.at_hash; delete optionalizedPayload?.nbf; delete optionalizedPayload?.isk; delete optionalizedPayload?.sid; const camelCasedPayload : any= {}; Object.entries(optionalizedPayload).forEach(([ key, value ]: [ key: string, value: unknown ]) => { const keyParts: string[] = key.split("_"); const camelCasedKey: string = keyParts .map((key: string, index: number) => { if (index === 0) { return key; } return [ key[ 0 ].toUpperCase(), ...key.slice(1) ].join(""); }) .join(""); camelCasedPayload[camelCasedKey] = value; }); return camelCasedPayload; } /** * @deprecated since v1.0.6 and will be removed with the v2.0.0 release. */ public static getTenantDomainFromIdTokenPayload = ( payload: DecodedIDTokenPayload, uidSeparator: string = "@" ): string => { // Try to extract the tenant domain from the `sub` claim. const uid: string = payload.sub; const tokens: string[] = uid.split(uidSeparator); // This works only when the email is used as the username // and the tenant domain is appended to the`sub` attribute. return tokens.length > 2 ? tokens[tokens.length - 1] : ""; }; public static getTokenRequestHeaders(): HeadersInit { return { Accept: "application/json", "Content-Type": "application/x-www-form-urlencoded" }; } /** * This generates the state param value to be sent with an authorization request. * * @param pkceKey - The PKCE key. * @param state - The state value to be passed. (The correlation ID will be appended to this state value.) * * @returns The state param value. */ public static generateStateParamForRequestCorrelation(pkceKey: string, state?: string): string { const index: number = parseInt(pkceKey.split(PKCE_SEPARATOR)[1]); return state ? `${state}_request_${index}` : `request_${index}`; } public static extractPKCEKeyFromStateParam(stateParam: string): string { const index: number = parseInt(stateParam.split("request_")[1]); return `${PKCE_CODE_VERIFIER}${PKCE_SEPARATOR}${index}`; } }