@mft/moneyhub-api-client
Version:
Node.JS client for the Moneyhub API
114 lines • 4.32 kB
JavaScript
;
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod);
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
/* eslint-disable complexity */
/* eslint-disable max-statements */
const openid_client_1 = require("openid-client");
const R = __importStar(require("ramda"));
const ALLOWED_PARAMS = [
"access_token",
"code",
"error",
"error_description",
"error_uri",
"expires_in",
"id_token",
"state",
"token_type",
"session_state",
];
const RESPONSE_TYPE_REQUIRED_PARAMS = {
none: [],
code: ["code"],
id_token: ["id_token"],
token: ["access_token", "token_type"],
};
exports.default = ({ client, redirectUri, }) => ({ paramsFromCallback, localParams, }) => {
const params = R.pick(ALLOWED_PARAMS, paramsFromCallback);
const checks = localParams;
if (client.default_max_age && !checks.max_age)
checks.max_age = client.default_max_age;
if (!params.state && checks.state) {
return Promise.reject(new Error("paramsFromCallback.state is missing"));
}
if (params.state && !checks.state) {
return Promise.reject(new Error("localParams.state argument is missing"));
}
if (checks.state !== params.state) {
return Promise.reject(new Error("state mismatch"));
}
if (params.error) {
return Promise.reject(new Error(params.error));
}
if (!params.code) {
return Promise.reject(new Error("paramsFromCallback.code is missing"));
}
if (checks.response_type) {
for (const type of checks.response_type.split(" ")) {
if (type === "none") {
if (params.code || params.id_token || params.access_token) {
return Promise.reject(new Error("unexpected params encountered for 'none' response"));
}
}
else {
for (const param of RESPONSE_TYPE_REQUIRED_PARAMS[type]) {
if (!params[param]) {
return Promise.reject(new Error(`${param} missing from response`));
}
}
}
}
}
let promise;
if (params.id_token) {
promise = Promise.resolve(new openid_client_1.TokenSet(params))
.then((tokenset) => client.decryptIdToken(tokenset))
.then((tokenset) => client.validateIdToken(tokenset, checks.nonce, "authorization", checks.max_age, checks.state));
}
if (params.code) {
const grantCall = () => client.grant({
grant_type: "authorization_code",
code: params.code,
redirect_uri: redirectUri,
code_verifier: checks.code_verifier,
sub: localParams.sub,
})
.then((tokenset) => client.decryptIdToken(tokenset))
.then((tokenset) => client.validateIdToken(tokenset, checks.nonce, "token", checks.max_age))
.then((tokenset) => {
if (params.session_state)
tokenset.session_state = params.session_state;
return tokenset;
});
if (promise) {
promise = promise.then(grantCall);
}
else {
return grantCall();
}
}
return promise || Promise.resolve(new openid_client_1.TokenSet(params));
};
//# sourceMappingURL=exchange-code-for-token.js.map