UNPKG

@auth0/auth0-spa-js

Version:

Auth0 SDK for Single Page Applications using Authorization Code Grant Flow with PKCE

github.com/auth0/auth0-spa-js

auth0/auth0-spa-js

67 lines (53 loc) 1.46 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
import * as dpopLib from 'dpop'; export const DPOP_NONCE_HEADER = 'dpop-nonce'; const KEY_PAIR_ALGORITHM: dpopLib.JWSAlgorithm = 'ES256'; const SUPPORTED_GRANT_TYPES = [ 'authorization_code', 'refresh_token', 'urn:ietf:params:oauth:grant-type:token-exchange' ]; export type KeyPair = Readonly<dpopLib.KeyPair>; type GenerateProofParams = { keyPair: KeyPair; url: string; method: string; nonce?: string; accessToken?: string; }; export function generateKeyPair(): Promise<KeyPair> { return dpopLib.generateKeyPair(KEY_PAIR_ALGORITHM, { extractable: false }); } export function calculateThumbprint( keyPair: Pick<KeyPair, 'publicKey'> ): Promise<string> { return dpopLib.calculateThumbprint(keyPair.publicKey); } function normalizeUrl(url: string): string { const parsedUrl = new URL(url); /** * "The HTTP target URI (...) without query and fragment parts" * @see {@link https://www.rfc-editor.org/rfc/rfc9449.html#section-4.2-4.6} */ parsedUrl.search = ''; parsedUrl.hash = ''; return parsedUrl.href; } export function generateProof({ keyPair, url, method, nonce, accessToken }: GenerateProofParams): Promise<string> { const normalizedUrl = normalizeUrl(url); return dpopLib.generateProof( keyPair, normalizedUrl, method, nonce, accessToken ); } export function isGrantTypeSupported(grantType: string): boolean { return SUPPORTED_GRANT_TYPES.includes(grantType); }