UNPKG

@convergence/jwt-util

Version:

A utility for generating JSON Web Tokens for authenticating to Convergence.

convergencelabs.com

convergencelabs/convergence-jwt-util

186 lines (161 loc) • 6.5 kB

JavaScript

/*! © 2021 Convergence Labs, Inc. @version 0.2.0 @license MIT */ "use strict"; function _typeof(obj) { "@babel/helpers - typeof"; if (typeof Symbol === "function" && typeof Symbol.iterator === "symbol") { _typeof = function _typeof(obj) { return typeof obj; }; } else { _typeof = function _typeof(obj) { return obj && typeof Symbol === "function" && obj.constructor === Symbol && obj !== Symbol.prototype ? "symbol" : typeof obj; }; } return _typeof(obj); } Object.defineProperty(exports, "__esModule", { value: true }); exports["default"] = void 0; var jwt = _interopRequireWildcard(require("jsonwebtoken")); function _getRequireWildcardCache() { if (typeof WeakMap !== "function") return null; var cache = new WeakMap(); _getRequireWildcardCache = function _getRequireWildcardCache() { return cache; }; return cache; } function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } if (obj === null || _typeof(obj) !== "object" && typeof obj !== "function") { return { "default": obj }; } var cache = _getRequireWildcardCache(); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj["default"] = obj; if (cache) { cache.set(obj, newObj); } return newObj; } function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } } function _defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ("value" in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } function _createClass(Constructor, protoProps, staticProps) { if (protoProps) _defineProperties(Constructor.prototype, protoProps); if (staticProps) _defineProperties(Constructor, staticProps); return Constructor; } var ISSUER = 'ConvergenceJwtGenerator'; var AUDIENCE = 'Convergence'; var ALGORITHM = 'RS256'; /** * A utility class to help generate valid JSON Web Tokens for Convergence. */ var ConvergenceJwtGenerator = /*#__PURE__*/function () { /** * Creates a new ConvergenceJwtGenerator that will create tokens using a particular public / * private key pair. The private key used must correspond to the public key with the same id * stored in the Convergence Domain. * * @param {string} keyId * The id of the key pair within the convergence domain you are connecting to. * * @param {string} privateKey * The private key to sign the tokens with. */ function ConvergenceJwtGenerator(keyId, privateKey) { _classCallCheck(this, ConvergenceJwtGenerator); this._keyId = keyId; this._key = privateKey; this._expiresIn = "1m"; this._notBefore = "0m"; } /** * Gets amount of time in the future after which the token will no longer be * valid. The time is represented as a string in 'zeit/ms' time. * * @see https://www.npmjs.com/package/ms * * @return {string} * The expiration duration. */ _createClass(ConvergenceJwtGenerator, [{ key: "getExpiresIn", value: function getExpiresIn() { return this._expiresIn; } /** * Sets the amount of time in the future after which the token will no longer be * valid. The time is represented as a string in 'zeit/ms' time. * * @see https://www.npmjs.com/package/ms * * @param expiresIn {string} * The expiration duration. */ }, { key: "setExpiresIn", value: function setExpiresIn(expiresIn) { this._expiresIn = expiresIn; } /** * Gets the amount of time in the future before which the token will not be * valid. The time is represented as a string in 'zeit/ms' time. * * @see https://www.npmjs.com/package/ms * * @returns {string} * The not before duration. */ }, { key: "getNotBefore", value: function getNotBefore() { return this._notBefore; } /** * Sets the amount of time in the future before which the token will not be * valid. The time is represented as a string in 'zeit/ms' time. * * @see https://www.npmjs.com/package/ms * * @param notBefore {string} * The not before duration. */ }, { key: "setNotBefore", value: function setNotBefore(notBefore) { this._notBefore = notBefore; } /** * The PEM encoded private key that will be used to sign the JWT. * * @returns {string} * The private key. */ }, { key: "getPrivateKey", value: function getPrivateKey() { return this._key; } /** * Gets the keyId that will be encoded into the JWT. * * @returns {string} * The key id. */ }, { key: "getKeyId", value: function getKeyId() { return this._keyId; } /** * Creates a token for the given username and encodes specific claims. * * @param {string} username * The username of the domain user that to authenticate. * @param {Object} claims * The claims about the user to assert. * @return {string} * The encoded and signed token. */ }, { key: "generate", value: function generate(username, claims) { if (!claims) { claims = {}; } var reserved = ['aud', 'iat', 'sub', 'jti', 'nbf', 'exp']; var options = { algorithm: ALGORITHM, audience: AUDIENCE, issuer: ISSUER, expiresIn: this._expiresIn, notBefore: this._notBefore, subject: username, header: { kid: this._keyId } }; for (var prop in Object.getOwnPropertyNames(claims)) { if (reserved.indexOf(prop) >= 0) { throw new Error('The claim name ' + prop + ' is reserved.'); } } return jwt.sign(claims, this._key, options); } }]); return ConvergenceJwtGenerator; }(); exports["default"] = ConvergenceJwtGenerator; module.exports = exports.default; //# sourceMappingURL=convergence-jwt.js.map