UNPKG

@oada/lookup

Version:

JavaScript utility library to lookup OADA documents such as Well-Known (RFC 5785) resource, e.g., oada-configuration, openid-configuration, etc, and public OADA client registrations

122 lines 4.72 kB
"use strict"; /** * @license * Copyright 2014-2022 Open Ag Data Alliance * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ Object.defineProperty(exports, "__esModule", { value: true }); exports.trustedCDP = exports.jwks = exports.clientRegistration = exports.wellKnown = void 0; const tslib_1 = require("tslib"); const url_1 = tslib_1.__importDefault(require("url")); const superagent_1 = tslib_1.__importDefault(require("superagent")); const error_1 = require("@oada/error"); // Fetch a Well-Known (RFC 5785) Resource. The hostname will automatically be // parsed from any URL. async function wellKnown(hostname, suffix, { timeout = 1000 } = {}) { // Parse hostname for just hostname parts const parts = url_1.default.parse(hostname, false, true); // Typical use: hostname = agcloud.com --> parts.path == "agcloud.com"... if (!parts.hostname) { parts.hostname = parts.path; } parts.protocol = 'https'; parts.pathname = `/.well-known/${suffix}`; parts.path = null; parts.search = null; parts.query = null; parts.hash = null; const response = await superagent_1.default .get(url_1.default.format(parts)) .accept('application/json') .timeout(timeout); // Make sure request was OK and that it was valid JSON (body was parsed) if (response.ok && Object.keys(response.body).length > 0) { return response.body; } if (response.ok) { throw new Error(`Invalid ${suffix} Well-Known`); } const { error } = response; throw new error_1.OADAError(error.text, error.status, `${suffix} at ${hostname} not found`, error.path); } exports.wellKnown = wellKnown; // Fetch a client registration from an OADA client id. async function clientRegistration(clientId, { timeout = 1000 } = {}) { // Parse client id const cid = clientId.split('@'); if (cid.length !== 2) { throw new Error('Invalid clientId'); } const host = `https://${cid[1]}`; // Get the OADA configuration of where the client is hosted const config = (await wellKnown(host, 'oada-client-discovery', { timeout, })); // Verify the host support client discovery if (!config.client_discovery) { throw new Error('Host does not support client discovery'); } // Discover the clients registration const response = await superagent_1.default .get(config.client_discovery) .query({ clientId }) .accept('application/json') .timeout(timeout); if (response.ok && Object.keys(response.body).length > 0) { return response.body; } if (response.ok) { throw new Error('Invalid client registration'); } const { error } = response; throw new error_1.OADAError(error.text, error.status, 'Client not found', error.path); } exports.clientRegistration = clientRegistration; // Fetch a JSON Web Key Set async function jwks(uri, { timeout = 1000 } = {}) { // Get JWKs document const response = await superagent_1.default .get(uri) .accept('application/json') .timeout(timeout); if (response.ok && Object.keys(response.body).length > 0 && response.body.keys) { return response.body; } if (response.ok) { throw new Error('Invalid JWKs document'); } const { error } = response; throw new error_1.OADAError(error.text, error.status, 'Client public keys not found', error.path); } exports.jwks = jwks; // Fetch trusted client discovery providers list async function trustedCDP({ timeout = 1000 } = {}) { // Get trusted CDP list const response = await superagent_1.default .get('https://oada.github.io/oada-trusted-lists/client-discovery.json') .accept('text/plain') .timeout(timeout); if (response.ok && response.body.length > 0) { return response.body; } if (response.ok) { throw new Error('Invalid trusted client discovery provider list'); } const { error } = response; throw new error_1.OADAError(error.text, error.status, 'Trusted client discovery provider list not found', error.path); } exports.trustedCDP = trustedCDP; //# sourceMappingURL=index.js.map