azure-ad-auth-react-native/src/token/token.js

An React Native module implements Azure AD V2.0 authentication flow

import { Base64 } from '../utils/base64'
import log from '../utils/logger'

function base64DecodeStringUrlSafe(base64IdToken) {
    return decodeURIComponent(Base64.decode(base64IdToken))
}

function isEmptyString(str) {
    return (typeof str === 'undefined' || !str || 0 === str.length)
}

/**
 * Decode ID token from
 *
 * @param {string} encoded IdToken string
 * @returns {Object | null} - in cas of error null is returned
 */
export function extractIdToken(encodedIdToken) {
    // id token will be decoded to get the username
    const decodedToken = _decodeJwt(encodedIdToken)
    if (!decodedToken) {
        return null
    }
    try {
        const base64IdToken = decodedToken.JWSPayload
        const base64Decoded = base64DecodeStringUrlSafe(base64IdToken)
        if (!base64Decoded) {
            log.info('The returned id_token could not be base64 url safe decoded.')
            return null
        }
        return JSON.parse(base64Decoded)
    } catch (err) {
        log.error('The returned id_token could not be decoded', err)
    }

    return null
}

function _decodeJwt(jwtToken) {
    if (isEmptyString(jwtToken)) {
        return null
    }
    const idTokenPartsRegex = /^([^.\s]*)\.([^.\s]+)\.([^.\s]*)$/
    const matches = idTokenPartsRegex.exec(jwtToken)
    if (!matches || matches.length < 4) {
        log.warn('The returned id_token is not parseable.')
        return null
    }
    const crackedToken = {
        header: matches[1],
        JWSPayload: matches[2],
        JWSSig: matches[3]
    }
    return crackedToken
}