@ebondu/angular2-keycloak/esm2022/lib/util/keycloak.utils.token.mjs

/*
 * Copyright 2018 ebondu and/or its affiliates
 * and other contributors as indicated by the @author tags.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
/**
 * Token utility
 */
import { fromByteArray } from 'base64-js';
import { sha256 } from 'js-sha256';
export class Token {
    static decodeToken(str) {
        str = str.split('.')[1];
        str = str.replace('/-/g', '+');
        str = str.replace('/_/g', '/');
        switch (str.length % 4) {
            case 0:
                break;
            case 2:
                str += '==';
                break;
            case 3:
                str += '=';
                break;
            default:
                throw new Error('Invalid token');
        }
        str = (str + '===').slice(0, str.length + (str.length % 4));
        str = str.replace(/-/g, '+').replace(/_/g, '/');
        str = decodeURIComponent(escape(atob(str)));
        str = JSON.parse(str);
        return str;
    }
    static generateRandomData(len) {
        // use web crypto APIs if possible
        let array = null;
        const crypto = window.crypto;
        if (crypto && crypto.getRandomValues && window.Uint8Array) {
            array = new Uint8Array(len);
            crypto.getRandomValues(array);
            return array;
        }
        // fallback to Math random
        array = new Array(len);
        for (let j = 0; j < array.length; j++) {
            array[j] = Math.floor(256 * Math.random());
        }
        return array;
    }
    static generateCodeVerifier(len) {
        return Token.generateRandomString(len, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789');
    }
    static generateRandomString(len, alphabet) {
        const randomData = this.generateRandomData(len);
        const chars = new Array(len);
        for (let i = 0; i < len; i++) {
            chars[i] = alphabet.charCodeAt(randomData[i] % alphabet.length);
        }
        return String.fromCharCode.apply(null, chars);
    }
    static generatePkceChallenge(pkceMethod, codeVerifier) {
        switch (pkceMethod) {
            // The use of the "plain" method is considered insecure and therefore not supported.
            case 'S256':
                // hash codeVerifier, then encode as url-safe base64 without padding
                const hashBytes = new Uint8Array(sha256.arrayBuffer(codeVerifier));
                const encodedHash = fromByteArray(hashBytes)
                    .replace(/\+/g, '-')
                    .replace(/\//g, '_')
                    .replace(/\=/g, '');
                return encodedHash;
            default:
                throw new Error('Invalid value for pkceMethod');
        }
    }
}
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia2V5Y2xvYWsudXRpbHMudG9rZW4uanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi9wcm9qZWN0cy9lYm9uZHUvYW5ndWxhci1rZXljbG9hay9zcmMvbGliL3V0aWwva2V5Y2xvYWsudXRpbHMudG9rZW4udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7Ozs7Ozs7Ozs7Ozs7OztHQWVHO0FBRUg7O0dBRUc7QUFFSCxPQUFPLEVBQUUsYUFBYSxFQUFFLE1BQU0sV0FBVyxDQUFDO0FBQzFDLE9BQU8sRUFBRSxNQUFNLEVBQUUsTUFBTSxXQUFXLENBQUM7QUFFbkMsTUFBTSxPQUFPLEtBQUs7SUFFaEIsTUFBTSxDQUFDLFdBQVcsQ0FBQyxHQUFXO1FBQzVCLEdBQUcsR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRXhCLEdBQUcsR0FBRyxHQUFHLENBQUMsT0FBTyxDQUFDLE1BQU0sRUFBRSxHQUFHLENBQUMsQ0FBQztRQUMvQixHQUFHLEdBQUcsR0FBRyxDQUFDLE9BQU8sQ0FBQyxNQUFNLEVBQUUsR0FBRyxDQUFDLENBQUM7UUFDL0IsUUFBUSxHQUFHLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO1lBQ3ZCLEtBQUssQ0FBQztnQkFDSixNQUFNO1lBQ1IsS0FBSyxDQUFDO2dCQUNKLEdBQUcsSUFBSSxJQUFJLENBQUM7Z0JBQ1osTUFBTTtZQUNSLEtBQUssQ0FBQztnQkFDSixHQUFHLElBQUksR0FBRyxDQUFDO2dCQUNYLE1BQU07WUFDUjtnQkFDRSxNQUFNLElBQUksS0FBSyxDQUFDLGVBQWUsQ0FBQyxDQUFDO1FBQ3JDLENBQUM7UUFFRCxHQUFHLEdBQUcsQ0FBQyxHQUFHLEdBQUcsS0FBSyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxHQUFHLENBQUMsTUFBTSxHQUFHLENBQUMsR0FBRyxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQzVELEdBQUcsR0FBRyxHQUFHLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxHQUFHLENBQUMsQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLEdBQUcsQ0FBQyxDQUFDO1FBRWhELEdBQUcsR0FBRyxrQkFBa0IsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUU1QyxHQUFHLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUN0QixPQUFPLEdBQUcsQ0FBQztJQUNiLENBQUM7SUFFRCxNQUFNLENBQUMsa0JBQWtCLENBQUMsR0FBRztRQUMzQixrQ0FBa0M7UUFDbEMsSUFBSSxLQUFLLEdBQUcsSUFBSSxDQUFDO1FBQ2pCLE1BQU0sTUFBTSxHQUFHLE1BQU0sQ0FBQyxNQUFNLENBQUM7UUFDN0IsSUFBSSxNQUFNLElBQUksTUFBTSxDQUFDLGVBQWUsSUFBSSxNQUFNLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDMUQsS0FBSyxHQUFHLElBQUksVUFBVSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1lBQzVCLE1BQU0sQ0FBQyxlQUFlLENBQUMsS0FBSyxDQUFDLENBQUM7WUFDOUIsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO1FBRUQsMEJBQTBCO1FBQzFCLEtBQUssR0FBRyxJQUFJLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUN2QixLQUFLLElBQUksQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDLEdBQUcsS0FBSyxDQUFDLE1BQU0sRUFBRSxDQUFDLEVBQUUsRUFBRSxDQUFDO1lBQ3RDLEtBQUssQ0FBQyxDQUFDLENBQUMsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsR0FBRyxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQztRQUM3QyxDQUFDO1FBQ0QsT0FBTyxLQUFLLENBQUM7SUFDZixDQUFDO0lBRUQsTUFBTSxDQUFDLG9CQUFvQixDQUFDLEdBQUc7UUFDN0IsT0FBTyxLQUFLLENBQUMsb0JBQW9CLENBQUMsR0FBRyxFQUFFLGdFQUFnRSxDQUFDLENBQUM7SUFDM0csQ0FBQztJQUVELE1BQU0sQ0FBQyxvQkFBb0IsQ0FBQyxHQUFHLEVBQUUsUUFBUTtRQUN2QyxNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsa0JBQWtCLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDaEQsTUFBTSxLQUFLLEdBQUcsSUFBSSxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDN0IsS0FBSyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxHQUFHLEdBQUcsRUFBRSxDQUFDLEVBQUUsRUFBRSxDQUFDO1lBQzdCLEtBQUssQ0FBQyxDQUFDLENBQUMsR0FBRyxRQUFRLENBQUMsVUFBVSxDQUFDLFVBQVUsQ0FBQyxDQUFDLENBQUMsR0FBRyxRQUFRLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDbEUsQ0FBQztRQUNELE9BQU8sTUFBTSxDQUFDLFlBQVksQ0FBQyxLQUFLLENBQUMsSUFBSSxFQUFFLEtBQUssQ0FBQyxDQUFDO0lBQ2hELENBQUM7SUFFRCxNQUFNLENBQUMscUJBQXFCLENBQUMsVUFBVSxFQUFFLFlBQVk7UUFDbkQsUUFBUSxVQUFVLEVBQUUsQ0FBQztZQUNuQixvRkFBb0Y7WUFDcEYsS0FBSyxNQUFNO2dCQUNULG9FQUFvRTtnQkFDcEUsTUFBTSxTQUFTLEdBQUcsSUFBSSxVQUFVLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDO2dCQUNuRSxNQUFNLFdBQVcsR0FBRyxhQUFhLENBQUMsU0FBUyxDQUFDO3FCQUN6QyxPQUFPLENBQUMsS0FBSyxFQUFFLEdBQUcsQ0FBQztxQkFDbkIsT0FBTyxDQUFDLEtBQUssRUFBRSxHQUFHLENBQUM7cUJBQ25CLE9BQU8sQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7Z0JBQ3RCLE9BQU8sV0FBVyxDQUFDO1lBQ3JCO2dCQUNFLE1BQU0sSUFBSSxLQUFLLENBQUMsOEJBQThCLENBQUMsQ0FBQztRQUNwRCxDQUFDO0lBQ0gsQ0FBQztDQUNGIiwic291cmNlc0NvbnRlbnQiOlsiLypcbiAqIENvcHlyaWdodCAyMDE4IGVib25kdSBhbmQvb3IgaXRzIGFmZmlsaWF0ZXNcbiAqIGFuZCBvdGhlciBjb250cmlidXRvcnMgYXMgaW5kaWNhdGVkIGJ5IHRoZSBAYXV0aG9yIHRhZ3MuXG4gKlxuICogTGljZW5zZWQgdW5kZXIgdGhlIEFwYWNoZSBMaWNlbnNlLCBWZXJzaW9uIDIuMCAodGhlIFwiTGljZW5zZVwiKTtcbiAqIHlvdSBtYXkgbm90IHVzZSB0aGlzIGZpbGUgZXhjZXB0IGluIGNvbXBsaWFuY2Ugd2l0aCB0aGUgTGljZW5zZS5cbiAqIFlvdSBtYXkgb2J0YWluIGEgY29weSBvZiB0aGUgTGljZW5zZSBhdFxuICpcbiAqIGh0dHA6Ly93d3cuYXBhY2hlLm9yZy9saWNlbnNlcy9MSUNFTlNFLTIuMFxuICpcbiAqIFVubGVzcyByZXF1aXJlZCBieSBhcHBsaWNhYmxlIGxhdyBvciBhZ3JlZWQgdG8gaW4gd3JpdGluZywgc29mdHdhcmVcbiAqIGRpc3RyaWJ1dGVkIHVuZGVyIHRoZSBMaWNlbnNlIGlzIGRpc3RyaWJ1dGVkIG9uIGFuIFwiQVMgSVNcIiBCQVNJUyxcbiAqIFdJVEhPVVQgV0FSUkFOVElFUyBPUiBDT05ESVRJT05TIE9GIEFOWSBLSU5ELCBlaXRoZXIgZXhwcmVzcyBvciBpbXBsaWVkLlxuICogU2VlIHRoZSBMaWNlbnNlIGZvciB0aGUgc3BlY2lmaWMgbGFuZ3VhZ2UgZ292ZXJuaW5nIHBlcm1pc3Npb25zIGFuZFxuICogbGltaXRhdGlvbnMgdW5kZXIgdGhlIExpY2Vuc2UuXG4gKi9cblxuLyoqXG4gKiBUb2tlbiB1dGlsaXR5XG4gKi9cblxuaW1wb3J0IHsgZnJvbUJ5dGVBcnJheSB9IGZyb20gJ2Jhc2U2NC1qcyc7XG5pbXBvcnQgeyBzaGEyNTYgfSBmcm9tICdqcy1zaGEyNTYnO1xuXG5leHBvcnQgY2xhc3MgVG9rZW4ge1xuXG4gIHN0YXRpYyBkZWNvZGVUb2tlbihzdHI6IHN0cmluZyk6IHN0cmluZyB7XG4gICAgc3RyID0gc3RyLnNwbGl0KCcuJylbMV07XG5cbiAgICBzdHIgPSBzdHIucmVwbGFjZSgnLy0vZycsICcrJyk7XG4gICAgc3RyID0gc3RyLnJlcGxhY2UoJy9fL2cnLCAnLycpO1xuICAgIHN3aXRjaCAoc3RyLmxlbmd0aCAlIDQpIHtcbiAgICAgIGNhc2UgMDpcbiAgICAgICAgYnJlYWs7XG4gICAgICBjYXNlIDI6XG4gICAgICAgIHN0ciArPSAnPT0nO1xuICAgICAgICBicmVhaztcbiAgICAgIGNhc2UgMzpcbiAgICAgICAgc3RyICs9ICc9JztcbiAgICAgICAgYnJlYWs7XG4gICAgICBkZWZhdWx0OlxuICAgICAgICB0aHJvdyBuZXcgRXJyb3IoJ0ludmFsaWQgdG9rZW4nKTtcbiAgICB9XG5cbiAgICBzdHIgPSAoc3RyICsgJz09PScpLnNsaWNlKDAsIHN0ci5sZW5ndGggKyAoc3RyLmxlbmd0aCAlIDQpKTtcbiAgICBzdHIgPSBzdHIucmVwbGFjZSgvLS9nLCAnKycpLnJlcGxhY2UoL18vZywgJy8nKTtcblxuICAgIHN0ciA9IGRlY29kZVVSSUNvbXBvbmVudChlc2NhcGUoYXRvYihzdHIpKSk7XG5cbiAgICBzdHIgPSBKU09OLnBhcnNlKHN0cik7XG4gICAgcmV0dXJuIHN0cjtcbiAgfVxuXG4gIHN0YXRpYyBnZW5lcmF0ZVJhbmRvbURhdGEobGVuKSB7XG4gICAgLy8gdXNlIHdlYiBjcnlwdG8gQVBJcyBpZiBwb3NzaWJsZVxuICAgIGxldCBhcnJheSA9IG51bGw7XG4gICAgY29uc3QgY3J5cHRvID0gd2luZG93LmNyeXB0bztcbiAgICBpZiAoY3J5cHRvICYmIGNyeXB0by5nZXRSYW5kb21WYWx1ZXMgJiYgd2luZG93LlVpbnQ4QXJyYXkpIHtcbiAgICAgIGFycmF5ID0gbmV3IFVpbnQ4QXJyYXkobGVuKTtcbiAgICAgIGNyeXB0by5nZXRSYW5kb21WYWx1ZXMoYXJyYXkpO1xuICAgICAgcmV0dXJuIGFycmF5O1xuICAgIH1cblxuICAgIC8vIGZhbGxiYWNrIHRvIE1hdGggcmFuZG9tXG4gICAgYXJyYXkgPSBuZXcgQXJyYXkobGVuKTtcbiAgICBmb3IgKGxldCBqID0gMDsgaiA8IGFycmF5Lmxlbmd0aDsgaisrKSB7XG4gICAgICBhcnJheVtqXSA9IE1hdGguZmxvb3IoMjU2ICogTWF0aC5yYW5kb20oKSk7XG4gICAgfVxuICAgIHJldHVybiBhcnJheTtcbiAgfVxuXG4gIHN0YXRpYyBnZW5lcmF0ZUNvZGVWZXJpZmllcihsZW4pIHtcbiAgICByZXR1cm4gVG9rZW4uZ2VuZXJhdGVSYW5kb21TdHJpbmcobGVuLCAnQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVphYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ejAxMjM0NTY3ODknKTtcbiAgfVxuXG4gIHN0YXRpYyBnZW5lcmF0ZVJhbmRvbVN0cmluZyhsZW4sIGFscGhhYmV0KSB7XG4gICAgY29uc3QgcmFuZG9tRGF0YSA9IHRoaXMuZ2VuZXJhdGVSYW5kb21EYXRhKGxlbik7XG4gICAgY29uc3QgY2hhcnMgPSBuZXcgQXJyYXkobGVuKTtcbiAgICBmb3IgKGxldCBpID0gMDsgaSA8IGxlbjsgaSsrKSB7XG4gICAgICBjaGFyc1tpXSA9IGFscGhhYmV0LmNoYXJDb2RlQXQocmFuZG9tRGF0YVtpXSAlIGFscGhhYmV0Lmxlbmd0aCk7XG4gICAgfVxuICAgIHJldHVybiBTdHJpbmcuZnJvbUNoYXJDb2RlLmFwcGx5KG51bGwsIGNoYXJzKTtcbiAgfVxuXG4gIHN0YXRpYyBnZW5lcmF0ZVBrY2VDaGFsbGVuZ2UocGtjZU1ldGhvZCwgY29kZVZlcmlmaWVyKSB7XG4gICAgc3dpdGNoIChwa2NlTWV0aG9kKSB7XG4gICAgICAvLyBUaGUgdXNlIG9mIHRoZSBcInBsYWluXCIgbWV0aG9kIGlzIGNvbnNpZGVyZWQgaW5zZWN1cmUgYW5kIHRoZXJlZm9yZSBub3Qgc3VwcG9ydGVkLlxuICAgICAgY2FzZSAnUzI1Nic6XG4gICAgICAgIC8vIGhhc2ggY29kZVZlcmlmaWVyLCB0aGVuIGVuY29kZSBhcyB1cmwtc2FmZSBiYXNlNjQgd2l0aG91dCBwYWRkaW5nXG4gICAgICAgIGNvbnN0IGhhc2hCeXRlcyA9IG5ldyBVaW50OEFycmF5KHNoYTI1Ni5hcnJheUJ1ZmZlcihjb2RlVmVyaWZpZXIpKTtcbiAgICAgICAgY29uc3QgZW5jb2RlZEhhc2ggPSBmcm9tQnl0ZUFycmF5KGhhc2hCeXRlcylcbiAgICAgICAgICAucmVwbGFjZSgvXFwrL2csICctJylcbiAgICAgICAgICAucmVwbGFjZSgvXFwvL2csICdfJylcbiAgICAgICAgICAucmVwbGFjZSgvXFw9L2csICcnKTtcbiAgICAgICAgcmV0dXJuIGVuY29kZWRIYXNoO1xuICAgICAgZGVmYXVsdDpcbiAgICAgICAgdGhyb3cgbmV3IEVycm9yKCdJbnZhbGlkIHZhbHVlIGZvciBwa2NlTWV0aG9kJyk7XG4gICAgfVxuICB9XG59XG4iXX0=