@berlingske-media/bm.node-module.gateway_jwt
Version:
AuthGateway JWT verification library based on public JWKS endpoint
38 lines • 1.53 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.fastifyJwtSecret = void 0;
const errors_1 = require("../errors");
const JwksClient_1 = require("../JwksClient");
const config_1 = require("./config");
const fastifyJwtSecret = function (options) {
if (options === null || options === undefined) {
throw new errors_1.ArgumentError('An options object must be provided when initializing fastifyJwtSecret');
}
if (!options.jwksUri) {
throw new errors_1.ArgumentError('No JWKS provided. Please provide a jwksUri');
}
const client = new JwksClient_1.JwksClient(options);
return function secretProvider(req, rawJwtToken) {
return req
.jwtDecode({ decode: { complete: true } })
.then(decoded => {
const { kid, alg } = decoded.header;
if (!config_1.supportedAlg.includes(alg)) {
return Promise.reject(new errors_1.ArgumentError(`Unsupported algorithm: ${alg}`));
}
return new Promise((resolve, reject) => {
client.getSigningKey(kid).then((key) => {
const signingKey = key.publicKey || key.rsaPublicKey;
resolve(signingKey);
}).catch((err) => {
reject(err);
});
});
})
.catch((err) => {
return Promise.reject(err);
});
};
};
exports.fastifyJwtSecret = fastifyJwtSecret;
//# sourceMappingURL=fastify.js.map