UNPKG

@mindconnect/mindconnect-nodejs

Version:

NodeJS Library for Siemens Insights Hub Connectivity - TypeScript SDK for Insights Hub and Industrial IoT - Command Line Interface - Insights Hub Development Proxy (Siemens Insights Hub was formerly known as MindSphere)

github.com/mindsphere/mindconnect-nodejs

mindsphere/mindconnect-nodejs

113 lines 3.97 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
"use strict"; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; Object.defineProperty(exports, "__esModule", { value: true }); exports.MqttOpcUaAuth = void 0; const jwt = require("jsonwebtoken"); const utils_1 = require("./utils"); const uuid = require("uuid"); /** * Opc UA via MQTT - Token Rotation * * @export * @class MqttOpcUaAuth * @implements {TokenRotation} */ class MqttOpcUaAuth { /** * Creates an instance of MqttOpcUaAuth. * @param {string} _clientid * @param {string} _rootca * @param {string} _devicecrt * @param {number} _expiration * @param {string} _devicekey * @param {string} [_intermediate] * @param {string} [_passphrase] * @param {string} [_tenant] * * @memberOf MqttOpcUaAuth */ constructor(_clientid, _rootca, _devicecrt, _expiration, _devicekey, _intermediate, _passphrase, _tenant) { this._clientid = _clientid; this._rootca = _rootca; this._devicecrt = _devicecrt; this._expiration = _expiration; this._devicekey = _devicekey; this._intermediate = _intermediate; this._passphrase = _passphrase; this._tenant = _tenant; } GetMqttToken() { if (!this.ValidateToken()) { this._token = undefined; } if (!this._token) { this._token = this.CreateToken(); } return this._token; } ValidateToken() { let result = false; if (this._token) { const token = jwt.decode(this._token); const now = Math.round(new Date().getTime() / 1000); result = now < token.exp; } return result; } CreateToken() { const tokenHeader = { alg: "RS256", x5c: [], typ: "JWT", }; const tokenBody = { aud: ["MQTTBroker"], schemas: ["urn:siemens:mindsphere:v1"], }; tokenBody.iss = this._clientid; tokenBody.sub = this._clientid; tokenHeader.x5c.push((0, utils_1.pruneCert)(this._devicecrt)); this._intermediate && tokenHeader.x5c.push((0, utils_1.pruneCert)(this._intermediate)); tokenHeader.x5c.push((0, utils_1.pruneCert)(this._rootca)); const issuedTime = Math.round(new Date().getTime() / 1000); const expirationTime = issuedTime + this._expiration; tokenBody.jti = uuid.v4().toString(); tokenBody.iat = issuedTime; tokenBody.nbf = issuedTime; tokenBody.exp = expirationTime; tokenBody.ten = `${this._tenant}`; const signOptions = { key: this._devicekey, }; if (this._passphrase) { signOptions.passphrase = `${this._passphrase}`; } const signedJwt = jwt.sign(tokenBody, signOptions, { header: tokenHeader, algorithm: "RS256" }); return signedJwt; } /** * renews the token if expired * * @returns {Promise<boolean>} * * @memberOf MqttOpcUaAuth */ RenewToken() { return __awaiter(this, void 0, void 0, function* () { if (!this.ValidateToken()) { this._token = this.CreateToken(); } return true; }); } } exports.MqttOpcUaAuth = MqttOpcUaAuth; //# sourceMappingURL=mqtt-opcua-auth.js.map