UNPKG

@quarks/quarks-iam

Version:

A modern authorization server built to authenticate your users and protect your APIs

github.com/anvilresearch/connect

anvilresearch/connect

73 lines (58 loc) 1.43 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
/** * Module dependencies */ var crypto = require('crypto') var JWT = require('anvil-connect-jwt') var nowSeconds = require('../lib/time-utils').nowSeconds /** * Client Access Token */ var ClientToken = JWT.define({ // default header header: { alg: 'RS256' }, // permitted headers headers: [ 'alg' ], // modify header schema registeredHeaders: { alg: { format: 'StringOrURI', required: true, enum: ['RS256'] } }, // permitted claims claims: ['jti', 'iss', 'sub', 'aud', 'exp', 'iat', 'scope'], // modify payload schema registeredClaims: { jti: { format: 'String', required: true, default: random }, iss: { format: 'StringOrURI', required: true }, sub: { format: 'StringOrURI', required: true }, aud: { format: 'StringOrURI', required: true }, exp: { format: 'IntDate' }, iat: { format: 'IntDate', required: true, default: nowSeconds }, scope: { format: 'String', required: true, default: 'client' } } }) /** * Random */ function random () { return crypto.randomBytes(10).toString('hex') } /** * Issue */ ClientToken.issue = function (claims, privateKey, callback) { try { var token = new ClientToken(claims) var jwt = token.encode(privateKey) return callback(null, jwt) } catch (err) { callback(err) // callback(new Error('Unable to issue client access token')) } } /** * Exports */ module.exports = ClientToken