UNPKG

@asgardeo/javascript

Version:

Framework agnostic JavaScript SDK for Asgardeo.

github.com/asgardeo/javascript/tree/main/packages/javascript

asgardeo/javascript

101 lines (100 loc) 3 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
/** * Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com). * * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except * in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ /** * JWK Model */ export interface JWKInterface { kty: string; e: string; use: string; kid: string; alg: string; n: string; } /** * Cryptographic utility interface for OIDC operations. * Provides methods for encoding, decoding, hashing, and JWT verification * used in OAuth2/OIDC flows. * * @remarks * This interface abstracts cryptographic operations needed for: * - PKCE challenge/verifier generation * - JWT token validation * - Base64URL encoding/decoding * - Secure random number generation * * @example * ```typescript * class MyCrypto implements Crypto<Uint8Array> { * base64URLEncode(value: Uint8Array): string { * // Implementation * } * // ... other implementations * } * ``` */ export interface Crypto<T = any> { /** * Encode the provided data in base64url format. * * @param value - Data to be encoded. * * @returns Encoded data. */ base64URLEncode(value: T): string; /** * Decode the provided data encoded in base64url format. * * @param value - Data to be decoded. * * @returns Decoded data. */ base64URLDecode(value: string): string; /** * Generate random bytes. * * @param length - Length of the random bytes to be generated. * * @returns Random bytes. */ generateRandomBytes(length: number): T; /** * Hash the provided data using SHA-256. * * @param data - Data to be hashed. * * @returns Hashed data. */ hashSha256(data: string): T; /** * Verify the provided JWT. * * @param idToken - ID Token to be verified. * @param jwk - JWK to be used for verification. * @param algorithms - Algorithms to be used for verification. * @param clientId - Client ID to be used for verification. * @param issuer - Issuer to be used for verification. * @param subject - Subject to be used for verification. * @param clockTolerance - Clock tolerance to be used for verification. * * @returns True if the ID Token is valid. * * @throws if the id_token is invalid. */ verifyJwt(idToken: string, jwk: JWKInterface, algorithms: string[], clientId: string, issuer: string, subject: string, clockTolerance?: number, validateJwtIssuer?: boolean): Promise<boolean>; }