UNPKG

@quarks/quarks-iam

Version:

A modern authorization server built to authenticate your users and protect your APIs

github.com/anvilresearch/connect

anvilresearch/connect

67 lines (53 loc) 1.27 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
/** * Module dependencies */ var JWT = require('anvil-connect-jwt') var nowSeconds = require('../lib/time-utils').nowSeconds /** * Expires */ function expires (duration) { var fromNow = { day: (60 * 60 * 24), week: (60 * 60 * 24 * 7), month: (60 * 60 * 24 * 30) } return function () { return nowSeconds(fromNow[duration]) } } /** * ID Token */ var IDToken = JWT.define({ // default header header: { alg: 'RS256' }, // permitted headers headers: [ 'alg' ], // modify header schema registeredHeaders: { alg: { format: 'StringOrURI', required: true, enum: ['RS256'] } }, // permitted claims claims: ['iss', 'sub', 'aud', 'exp', 'iat', 'nonce', 'acr', 'at_hash', 'amr'], // modify payload schema registeredClaims: { iss: { format: 'StringOrURI', required: true }, sub: { format: 'StringOrURI', required: true }, aud: { format: 'StringOrURI', required: true }, exp: { format: 'IntDate', required: true, default: expires('day') }, iat: { format: 'IntDate', required: true, default: nowSeconds }, nonce: { format: 'String' }, acr: { format: 'String' }, at_hash: { format: 'String' }, amr: { format: 'String*' } } }) /** * Exports */ module.exports = IDToken