UNPKG

@strongnguyen/oidc-provider

Version:

OAuth 2.0 Authorization Server implementation for Node.js with OpenID Connect

github.com/strongnguyen29/node-oidc-provider.git

strongnguyen29/node-oidc-provider

140 lines (107 loc) 3.46 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
/* eslint-disable max-classes-per-file */ const IN_PAYLOAD = [ 'iat', 'exp', 'jti', 'kind', ]; const { strict: assert } = require('assert'); const snakeCase = require('../helpers/_/snake_case'); const epochTime = require('../helpers/epoch_time'); const pickBy = require('../helpers/_/pick_by'); const instance = require('../helpers/weak_cache'); const { isConstructable } = require('../helpers/type_validators'); const hasFormat = require('./mixins/has_format'); const adapterCache = new WeakMap(); module.exports = function getBaseModel(provider) { function adapter(ctx) { const obj = typeof ctx === 'function' ? ctx : ctx.constructor; if (!adapterCache.has(obj)) { if (isConstructable(instance(provider).Adapter)) { adapterCache.set(obj, new (instance(provider).Adapter)(obj.name)); } else { adapterCache.set(obj, instance(provider).Adapter(obj.name)); } } return adapterCache.get(obj); } class Class { constructor({ jti, kind, ...payload } = {}) { Object.assign(this, pickBy( payload, (val, key) => this.constructor.IN_PAYLOAD.includes(key), )); assert(!kind || kind === this.constructor.name, 'kind mismatch'); this.kind = kind || this.constructor.name; this.jti = jti; } static instantiate(payload) { return new this(payload); } async save(ttl) { if (!this.jti) { this.jti = this.generateTokenId(); } // this is true for all BaseToken descendants if (typeof this.constructor.expiresIn !== 'function') { this.exp = epochTime() + ttl; } const { value, payload } = await this.getValueAndPayload(); if (payload) { await this.adapter.upsert(this.jti, payload, ttl); this.emit('saved'); } else { this.emit('issued'); } return value; } async destroy() { await this.adapter.destroy(this.jti); this.emit('destroyed'); } static get adapter() { return adapter(this); } get adapter() { return adapter(this); } static get IN_PAYLOAD() { return IN_PAYLOAD; } static async find(value, { ignoreExpiration = false } = {}) { if (typeof value !== 'string') { return undefined; } const stored = await this.adapter.find(value); try { assert(stored); const payload = await this.verify(stored, { ignoreExpiration }); return this.instantiate(payload); } catch (err) { return undefined; } } emit(eventName) { provider.emit(`${snakeCase(this.kind)}.${eventName}`, this); } /* * ttlPercentagePassed * returns a Number (0 to 100) with the value being percentage of the token's ttl already * passed. The higher the percentage the older the token is. At 0 the token is fresh, at a 100 * it is expired. */ ttlPercentagePassed() { const now = epochTime(); const percentage = Math.floor(100 * ((now - this.iat) / (this.exp - this.iat))); return Math.max(Math.min(100, percentage), 0); } get isValid() { return !this.isExpired; } get isExpired() { return this.exp <= epochTime(); } get remainingTTL() { if (!this.exp) { return this.expiration; } return this.exp - epochTime(); } } class BaseModel extends hasFormat(provider, 'base', Class) {} return BaseModel; };