@strongnguyen/oidc-provider
Version:
OAuth 2.0 Authorization Server implementation for Node.js with OpenID Connect
26 lines (22 loc) • 688 B
JavaScript
const { InvalidRequest, OIDCProviderError } = require('../../helpers/errors');
/*
* Validates the incoming id_token_hint
*
* @throws: invalid_request
*/
module.exports = async function checkIdTokenHint(ctx, next) {
const { oidc } = ctx;
if (oidc.params.id_token_hint !== undefined) {
let idTokenHint;
try {
idTokenHint = await oidc.provider.IdToken.validate(oidc.params.id_token_hint, oidc.client);
} catch (err) {
if (err instanceof OIDCProviderError) {
throw err;
}
throw new InvalidRequest('could not validate id_token_hint', undefined, err.message);
}
ctx.oidc.entity('IdTokenHint', idTokenHint);
}
return next();
};