UNPKG

aladinnetwork-blockstack

Version:

The Aladin Javascript library for authentication, identity, and storage.

aladinnetwork.org

112 lines (111 loc) 4.47 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
/** * Checks if the ES256k signature on passed `token` match the claimed public key * in the payload key `public_keys`. * * @param {String} token encoded and signed authentication token * @return {Boolean} Returns `true` if the signature matches the claimed public key * @throws {Error} if `token` contains multiple public keys * @private * @ignore */ export declare function doSignaturesMatchPublicKeys(token: string): boolean; /** * Makes sure that the identity address portion of * the decentralized identifier passed in the issuer `iss` * key of the token matches the public key * * @param {String} token encoded and signed authentication token * @return {Boolean} if the identity address and public keys match * @throws {Error} if ` token` has multiple public keys * @private * @ignore */ export declare function doPublicKeysMatchIssuer(token: string): boolean; /** * Looks up the identity address that owns the claimed username * in `token` using the lookup endpoint provided in `nameLookupURL` * to determine if the username is owned by the identity address * that matches the claimed public key * * @param {String} token encoded and signed authentication token * @param {String} nameLookupURL a URL to the name lookup endpoint of the Aladin Core API * @return {Promise<Boolean>} returns a `Promise` that resolves to * `true` if the username is owned by the public key, otherwise the * `Promise` resolves to `false` * @private * @ignore */ export declare function doPublicKeysMatchUsername(token: string, nameLookupURL: string): Promise<boolean>; /** * Checks if the if the token issuance time and date is after the * current time and date. * * @param {String} token encoded and signed authentication token * @return {Boolean} `true` if the token was issued after the current time, * otherwise returns `false` * @private * @ignore */ export declare function isIssuanceDateValid(token: string): boolean; /** * Checks if the expiration date of the `token` is before the current time * @param {String} token encoded and signed authentication token * @return {Boolean} `true` if the `token` has not yet expired, `false` * if the `token` has expired * * @private * @ignore */ export declare function isExpirationDateValid(token: string): boolean; /** * Makes sure the `manifest_uri` is a same origin absolute URL. * @param {String} token encoded and signed authentication token * @return {Boolean} `true` if valid, otherwise `false` * @private * @ignore */ export declare function isManifestUriValid(token: string): boolean; /** * Makes sure the `redirect_uri` is a same origin absolute URL. * @param {String} token encoded and signed authentication token * @return {Boolean} `true` if valid, otherwise `false` * @private * @ignore */ export declare function isRedirectUriValid(token: string): boolean; /** * Verify authentication request is valid. This function performs a number * of checks on the authentication request token: * * Checks that `token` has a valid issuance date & is not expired * * Checks that `token` has a valid signature that matches the public key it claims * * Checks that both the manifest and redirect URLs are absolute and conform to * the same origin policy * * @param {String} token encoded and signed authentication request token * @return {Promise} that resolves to true if the auth request * is valid and false if it does not. It rejects with a String if the * token is not signed * @private * @ignore */ export declare function verifyAuthRequest(token: string): Promise<boolean>; /** * Verify the authentication request is valid and * fetch the app manifest file if valid. Otherwise, reject the promise. * @param {String} token encoded and signed authentication request token * @return {Promise} that resolves to the app manifest file in JSON format * or rejects if the auth request or app manifest file is invalid * @private * @ignore */ export declare function verifyAuthRequestAndLoadManifest(token: string): Promise<any>; /** * Verify the authentication response is valid * @param {String} token the authentication response token * @param {String} nameLookupURL the url use to verify owner of a username * @return {Promise} that resolves to true if auth response * is valid and false if it does not * @private * @ignore */ export declare function verifyAuthResponse(token: string, nameLookupURL: string): Promise<boolean>;