UNPKG

@microsoft/teams.apps

Version:

<p> <a href="https://www.npmjs.com/package/@microsoft/teams.apps" target="_blank"> <img src="https://img.shields.io/npm/v/@microsoft/teams.apps/latest" /> </a> <a href="https://www.npmjs.com/package/@microsoft/teams.apps?activeTab=code

github.com/microsoft/teams.ts

microsoft/teams.ts

46 lines 4.23 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.withJwtValidation = withJwtValidation; const teams_api_1 = require("@microsoft/teams.api"); const teams_common_1 = require("@microsoft/teams.common"); const jwt_validator_1 = require("./auth/jwt-validator"); function withJwtValidation(params) { const { credentials, logger: inputLogger } = params; const logger = inputLogger?.child('jwt-validation-middleware') ?? new teams_common_1.ConsoleLogger('jwt-validation-middleware'); // Create service token validator if credentials are provided let serviceTokenValidator; if (credentials?.clientId) { serviceTokenValidator = (0, jwt_validator_1.createServiceTokenValidator)(credentials.clientId, credentials.tenantId, undefined, logger); } else { logger.debug('No credentials provided, skipping service token validation'); serviceTokenValidator = null; } return async (req, res, next) => { if (!serviceTokenValidator) { logger.debug('No service token validator configured, skipping validation'); next(); return; } const authorization = req.headers.authorization?.replace('Bearer ', ''); if (!authorization) { res.status(401).send('unauthorized'); return; } const activity = req.body; // Use cached validator with per-request service URL validation const validationResult = await serviceTokenValidator.validateAccessToken(authorization, activity.serviceUrl ? { validateServiceUrl: { expectedServiceUrl: activity.serviceUrl } } : undefined); if (validationResult) { logger.debug(`validated service token for activity ${activity.id}`); // Store the validated token in the request for use in subsequent handlers req.validatedToken = new teams_api_1.JsonWebToken(authorization); next(); } else { res.status(401).send('Invalid token'); } }; } //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiand0LXZhbGlkYXRpb24tbWlkZGxld2FyZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9taWRkbGV3YXJlL2p3dC12YWxpZGF0aW9uLW1pZGRsZXdhcmUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFnQkEsOENBbURDO0FBakVELG9EQUFtRjtBQUNuRiwwREFBaUU7QUFFakUsd0RBQWlGO0FBV2pGLFNBQWdCLGlCQUFpQixDQUFDLE1BQTJCO0lBQzNELE1BQU0sRUFBRSxXQUFXLEVBQUUsTUFBTSxFQUFFLFdBQVcsRUFBRSxHQUFHLE1BQU0sQ0FBQztJQUNwRCxNQUFNLE1BQU0sR0FBRyxXQUFXLEVBQUUsS0FBSyxDQUFDLDJCQUEyQixDQUFDLElBQUksSUFBSSw0QkFBYSxDQUFDLDJCQUEyQixDQUFDLENBQUM7SUFFakgsNkRBQTZEO0lBQzdELElBQUkscUJBQTBDLENBQUM7SUFDL0MsSUFBSSxXQUFXLEVBQUUsUUFBUSxFQUFFLENBQUM7UUFDMUIscUJBQXFCLEdBQUcsSUFBQSwyQ0FBMkIsRUFDakQsV0FBVyxDQUFDLFFBQVEsRUFDcEIsV0FBVyxDQUFDLFFBQVEsRUFDcEIsU0FBUyxFQUNULE1BQU0sQ0FDUCxDQUFDO0lBQ0osQ0FBQztTQUFNLENBQUM7UUFDTixNQUFNLENBQUMsS0FBSyxDQUFDLDREQUE0RCxDQUFDLENBQUM7UUFDM0UscUJBQXFCLEdBQUcsSUFBSSxDQUFDO0lBQy9CLENBQUM7SUFFRCxPQUFPLEtBQUssRUFDVixHQUF3QixFQUN4QixHQUFxQixFQUNyQixJQUEwQixFQUMxQixFQUFFO1FBQ0YsSUFBSSxDQUFDLHFCQUFxQixFQUFFLENBQUM7WUFDM0IsTUFBTSxDQUFDLEtBQUssQ0FBQyw0REFBNEQsQ0FBQyxDQUFDO1lBQzNFLElBQUksRUFBRSxDQUFDO1lBQ1AsT0FBTztRQUNULENBQUM7UUFFRCxNQUFNLGFBQWEsR0FBRyxHQUFHLENBQUMsT0FBTyxDQUFDLGFBQWEsRUFBRSxPQUFPLENBQUMsU0FBUyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBQ3hFLElBQUksQ0FBQyxhQUFhLEVBQUUsQ0FBQztZQUNuQixHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQyxjQUFjLENBQUMsQ0FBQztZQUNyQyxPQUFPO1FBQ1QsQ0FBQztRQUdELE1BQU0sUUFBUSxHQUFhLEdBQUcsQ0FBQyxJQUFJLENBQUM7UUFDcEMsK0RBQStEO1FBQy9ELE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxxQkFBcUIsQ0FBQyxtQkFBbUIsQ0FBQyxhQUFhLEVBQUUsUUFBUSxDQUFDLFVBQVUsQ0FBQyxDQUFDLENBQUM7WUFDNUcsa0JBQWtCLEVBQUUsRUFBRSxrQkFBa0IsRUFBRSxRQUFRLENBQUMsVUFBVSxFQUFFO1NBQ2hFLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBRWYsSUFBSSxnQkFBZ0IsRUFBRSxDQUFDO1lBQ3JCLE1BQU0sQ0FBQyxLQUFLLENBQUMsd0NBQXdDLFFBQVEsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1lBQ3BFLDBFQUEwRTtZQUMxRSxHQUFHLENBQUMsY0FBYyxHQUFHLElBQUksd0JBQVksQ0FBQyxhQUFhLENBQUMsQ0FBQztZQUNyRCxJQUFJLEVBQUUsQ0FBQztRQUNULENBQUM7YUFBTSxDQUFDO1lBQ04sR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLENBQUM7UUFDeEMsQ0FBQztJQUNILENBQUMsQ0FBQztBQUNKLENBQUMifQ==