@fusebit-int/microsoft-bot-framework-connector
Version:
Connector for the Microsoft Bot Framework
61 lines • 2.06 kB
JavaScript
;
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.verifyJwt = void 0;
const jwks_rsa_1 = __importDefault(require("jwks-rsa"));
const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
const urlToKey = {};
async function verifyJwt(token, jwksUri) {
const resolvedSecret = await resolveSecret(token, jwksUri);
return new Promise((resolve, reject) => {
jsonwebtoken_1.default.verify(token, resolvedSecret, {}, (error, verifiedToken) => {
if (error) {
return reject(error);
}
resolve(verifiedToken);
});
});
}
exports.verifyJwt = verifyJwt;
function decodeJwtHeader(token) {
const decoded = jsonwebtoken_1.default.decode(token, { complete: true });
if (decoded && decoded.header) {
return decoded.header;
}
return undefined;
}
function getCachedKey(kid, url) {
const kidsForUrl = urlToKey[url];
if (kidsForUrl) {
return kidsForUrl[kid];
}
return undefined;
}
function setCachedKey(kid, jwksUri, key) {
urlToKey[jwksUri] = {
[kid]: key,
};
}
async function resolveSecret(token, jwksUri) {
const decodedHeader = decodeJwtHeader(token);
const kid = decodedHeader === null || decodedHeader === void 0 ? void 0 : decodedHeader.kid;
if (!kid) {
throw new Error("Unable to resolve secret. Token is missing or its header does not have a 'kid' value.");
}
let key = getCachedKey(kid, jwksUri);
if (!key) {
const client = (0, jwks_rsa_1.default)({
jwksUri,
});
const signingKey = await client.getSigningKey(kid);
if (!signingKey) {
throw new Error(`Unable to resolve secret. Signing key not found for kid ${kid}.`);
}
key = signingKey.getPublicKey();
setCachedKey(kid, jwksUri, key);
}
return key;
}
//# sourceMappingURL=jwt.js.map