@criipto/verify-passport-jwt
Version:
A Passport strategy for authenticating with a Criipto Verify JWT.
46 lines • 2.11 kB
JavaScript
;
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
Object.defineProperty(exports, "__esModule", { value: true });
const jose_1 = require("jose");
const debug = require('debug')('@criipto/verify-passport-jwt');
class CriiptoVerifyStrategy {
constructor(options, claimsToUser) {
this.options = options;
this.claimsToUser = claimsToUser;
this.jwks = (0, jose_1.createRemoteJWKSet)(new URL(`https://${options.domain}/.well-known/jwks`));
}
authenticate(req, options) {
Promise.resolve().then(() => __awaiter(this, void 0, void 0, function* () {
const jwt = extractBearerToken(req);
if (!jwt)
throw new Error('No bearer token found in request');
const { payload, protectedHeader } = yield (0, jose_1.jwtVerify)(jwt, this.jwks, {
issuer: `https://${this.options.domain}`,
audience: this.options.clientID,
});
return this.claimsToUser(payload);
})).then(this.success)
.catch(err => {
debug(err);
this.fail(err);
});
}
}
exports.default = CriiptoVerifyStrategy;
function extractBearerToken(req) {
if (!req.headers['authorization'])
return null;
const authorization = req.headers['authorization'];
if (!authorization.startsWith('Bearer '))
return null;
return authorization.split('Bearer ')[1] || null;
}
//# sourceMappingURL=index.js.map