@berlingske-media/bm.node-module.gateway_jwt
Version:
AuthGateway JWT verification library based on public JWKS endpoint
59 lines • 2.04 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.expressJwtSecret = void 0;
const tslib_1 = require("tslib");
const errors_1 = require("../errors");
const JwksClient_1 = require("../JwksClient");
const config_1 = require("./config");
const handleSigningKeyError = (err, cb) => {
if (err && err.name === 'SigningKeyNotFoundError') {
return cb(null);
}
if (err) {
return cb(err);
}
};
const expressJwtSecret = function (options) {
if (options === null || options === undefined) {
throw new errors_1.ArgumentError('An options object must be provided when initializing expressJwtSecret');
}
const client = new JwksClient_1.JwksClient(options);
const onError = options.handleSigningKeyError || handleSigningKeyError;
const expressJwt7Provider = (req, token) => tslib_1.__awaiter(this, void 0, void 0, function* () {
if (!token) {
return;
}
const { header } = token;
if (!header || !config_1.supportedAlg.includes(header.alg)) {
return;
}
try {
const key = yield client.getSigningKey(header.kid);
return key.publicKey || key.rsaPublicKey;
}
catch (err) {
return new Promise((resolve, reject) => {
onError(err, (newError) => {
if (!newError) {
return resolve();
}
reject(newError);
});
});
}
});
return function secretProvider(req, header, payload, cb) {
if (arguments.length === 4) {
expressJwt7Provider(req, { header })
.then(key => {
setImmediate(cb, null, key);
}).catch(err => {
setImmediate(cb, err);
});
return;
}
return expressJwt7Provider(req, arguments[1]);
};
};
exports.expressJwtSecret = expressJwtSecret;
//# sourceMappingURL=express.js.map