UNPKG

@azure/msal-browser

Version:

Microsoft Authentication Library for js

github.com/AzureAD/microsoft-authentication-library-for-js

AzureAD/microsoft-authentication-library-for-js

77 lines (68 loc) 2.49 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
/* * Copyright (c) Microsoft Corporation. All rights reserved. * Licensed under the MIT License. */ import { CryptoOps } from "./CryptoOps.js"; import { Logger, LoggerOptions, PopTokenGenerator, SignedHttpRequestParameters, } from "@azure/msal-common/browser"; import { version, name } from "../packageMetadata.js"; export type SignedHttpRequestOptions = { loggerOptions: LoggerOptions; }; export class SignedHttpRequest { private popTokenGenerator: PopTokenGenerator; private cryptoOps: CryptoOps; private shrParameters: SignedHttpRequestParameters; private logger: Logger; constructor( shrParameters: SignedHttpRequestParameters, shrOptions?: SignedHttpRequestOptions ) { const loggerOptions = (shrOptions && shrOptions.loggerOptions) || {}; this.logger = new Logger(loggerOptions, name, version); this.cryptoOps = new CryptoOps(this.logger); this.popTokenGenerator = new PopTokenGenerator(this.cryptoOps); this.shrParameters = shrParameters; } /** * Generates and caches a keypair for the given request options. * @returns Public key digest, which should be sent to the token issuer. */ async generatePublicKeyThumbprint(): Promise<string> { const { kid } = await this.popTokenGenerator.generateKid( this.shrParameters ); return kid; } /** * Generates a signed http request for the given payload with the given key. * @param payload Payload to sign (e.g. access token) * @param publicKeyThumbprint Public key digest (from generatePublicKeyThumbprint API) * @param claims Additional claims to include/override in the signed JWT * @returns Pop token signed with the corresponding private key */ async signRequest( payload: string, publicKeyThumbprint: string, claims?: object ): Promise<string> { return this.popTokenGenerator.signPayload( payload, publicKeyThumbprint, this.shrParameters, claims ); } /** * Removes cached keys from browser for given public key thumbprint * @param publicKeyThumbprint Public key digest (from generatePublicKeyThumbprint API) * @returns If keys are properly deleted */ async removeKeys(publicKeyThumbprint: string): Promise<boolean> { return this.cryptoOps.removeTokenBindingKey(publicKeyThumbprint); } }