UNPKG

@stacks/profile

Version:

Library for Stacks profiles

hiro.so/stacks-js

hirosystems/stacks.js

96 lines 3.33 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
import { decodeToken, SECP256K1Client, TokenSigner, TokenVerifier } from 'jsontokens'; import { nextYear, makeUUID4 } from '@stacks/common'; import { getAddressFromPublicKey } from '@stacks/transactions'; export function signProfileToken(profile, privateKey, subject, issuer, signingAlgorithm = 'ES256K', issuedAt = new Date(), expiresAt = nextYear()) { if (signingAlgorithm !== 'ES256K') { throw new Error('Signing algorithm not supported'); } const publicKey = SECP256K1Client.derivePublicKey(privateKey); if (!subject) { subject = { publicKey }; } if (!issuer) { issuer = { publicKey }; } const tokenSigner = new TokenSigner(signingAlgorithm, privateKey); const payload = { jti: makeUUID4(), iat: issuedAt.toISOString(), exp: expiresAt.toISOString(), subject, issuer, claim: profile, }; return tokenSigner.sign(payload); } export function wrapProfileToken(token) { return { token, decodedToken: decodeToken(token), }; } export function verifyProfileToken(token, publicKeyOrAddress) { const decodedToken = decodeToken(token); const payload = decodedToken.payload; if (typeof payload === 'string') { throw new Error('Unexpected token payload type of string'); } if (payload.hasOwnProperty('subject') && payload.subject) { if (!payload.subject.hasOwnProperty('publicKey')) { throw new Error("Token doesn't have a subject public key"); } } else { throw new Error("Token doesn't have a subject"); } if (payload.hasOwnProperty('issuer') && payload.issuer) { if (!payload.issuer.hasOwnProperty('publicKey')) { throw new Error("Token doesn't have an issuer public key"); } } else { throw new Error("Token doesn't have an issuer"); } if (!payload.hasOwnProperty('claim')) { throw new Error("Token doesn't have a claim"); } const issuerPublicKey = payload.issuer.publicKey; const address = getAddressFromPublicKey(issuerPublicKey); if (publicKeyOrAddress === issuerPublicKey) { } else if (publicKeyOrAddress === address) { } else { throw new Error('Token issuer public key does not match the verifying value'); } const tokenVerifier = new TokenVerifier(decodedToken.header.alg, issuerPublicKey); if (!tokenVerifier) { throw new Error('Invalid token verifier'); } const tokenVerified = tokenVerifier.verify(token); if (!tokenVerified) { throw new Error('Token verification failed'); } return decodedToken; } export function extractProfile(token, publicKeyOrAddress = null) { let decodedToken; if (publicKeyOrAddress) { decodedToken = verifyProfileToken(token, publicKeyOrAddress); } else { decodedToken = decodeToken(token); } let profile = {}; if (decodedToken.hasOwnProperty('payload')) { const payload = decodedToken.payload; if (typeof payload === 'string') { throw new Error('Unexpected token payload type of string'); } if (payload.hasOwnProperty('claim')) { profile = payload.claim; } } return profile; } //# sourceMappingURL=profileTokens.js.map