UNPKG

@oat-sa/tao-core-sdk

Version:

Core libraries of TAO

github.com/oat-sa/tao-core-sdk-fe

oat-sa/tao-core-sdk-fe

81 lines (71 loc) 3.04 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
define(['exports'], function (exports) { 'use strict'; /** * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; under version 2 * of the License (non-upgradable). * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. * * Copyright (c) 2021 (original work) Open Assessment Technologies SA ; */ /** * JWT token helper collection * This is only a minimal set of tools for the parts we currently need * @see https://tools.ietf.org/html/rfc7519 * @module core/jwtToken */ /** * Parse a base64 encoded string to utf8 * It can help decode non-ASCII characters * @see https://oat-sa.atlassian.net/browse/SOLAR-1440?focusedCommentId=304145 * If a jwt token contains non-ASCII characters, the function atob() will not be enough on its own. This can * happen if the user is allowed to enter a custom name for any of the token fields like working profile names, or ORG ids. * @param {String} base64 - base64 encoded string * @returns {String} utf8 decoded string */ function base64ToUtf8(base64) { const binaryStr = atob(base64); const bytes = Uint8Array.from(binaryStr, char => char.charCodeAt(0)); const decoder = new TextDecoder(); return decoder.decode(bytes); } /** * Decodes the payload (middle section) of a JWT token * @param {String} token - JWT token, 'xxxxx.yyyyy.zzzzz' format * @returns {Object} JWT payload */ function parseJwtPayload(token) { try { let base64Payload = token.split('.')[1]; base64Payload = base64Payload.replace(/-/g, '+'); // replace - with + base64Payload = base64Payload.replace(/_/g, '/'); // replace _ with / return JSON.parse(base64ToUtf8(base64Payload)); } catch (e) { return null; } } /** * Calculates TTL of a token based on its claims * @param {Object} payload - parsed JWT object * @param {Number} payload.iat - "issued at time", as timestamp * @param {Number} payload.exp - "expiration", as timestamp * @returns {Number|null} TTL, in ms */ function getJwtTTL(payload) { if (payload && payload.exp && payload.iat) { return (payload.exp - payload.iat) * 1000; } return null; } exports.getJwtTTL = getJwtTTL; exports.parseJwtPayload = parseJwtPayload; Object.defineProperty(exports, '__esModule', { value: true }); });