@theoptimalpartner/jwt-auth-validator/dist/cognito-utils.js

JWT token validation package with offline JWKS validation and Redis-based token revocation support

import { createHmac } from 'crypto';
export function calculateSecretHash(options) {
    const { identifier, clientId, clientSecret } = options;
    if (!clientSecret) {
        console.log("calculateSecretHash - No CLIENT_SECRET configured");
        return "";
    }
    if (!identifier || !clientId) {
        throw new Error("calculateSecretHash - Missing required parameters: identifier and clientId");
    }
    const message = identifier + clientId;
    return createHmac('SHA256', clientSecret)
        .update(message)
        .digest('base64');
}
export function hasClientSecret(clientSecret) {
    return Boolean(clientSecret && clientSecret.trim().length > 0);
}
export function safeCalculateSecretHash(identifier, clientId, clientSecret) {
    if (!hasClientSecret(clientSecret)) {
        return "";
    }
    try {
        return calculateSecretHash({
            identifier,
            clientId,
            clientSecret: clientSecret
        });
    }
    catch (error) {
        console.warn("Failed to calculate secret hash:", error);
        return "";
    }
}
//# sourceMappingURL=cognito-utils.js.map