cognito-srp
Version:
Secure Remote Password protocol implementation compatible with Amazon Cognito.
46 lines (45 loc) • 2.08 kB
JavaScript
;
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
Object.defineProperty(exports, "__esModule", { value: true });
const util_1 = require("./util");
const constants_1 = require("./constants");
const ServerPasswordChallenge_1 = require("./ServerPasswordChallenge");
const ClientPasswordChallenge_1 = require("./ClientPasswordChallenge");
class UserPool {
constructor(poolname) {
this.poolname = poolname;
}
createUser(user, salt) {
return __awaiter(this, void 0, void 0, function* () {
if (!salt) {
salt = (yield util_1.randomBytes(16)).toString('hex');
}
const privateKey = util_1.calculatePrivateKey(this.poolname, user, salt);
const verifier = constants_1.g
.modPow(privateKey, constants_1.N)
.toBuffer(constants_1.Nbytes)
.toString('hex');
return { username: user.username, salt, verifier };
});
}
getServerChallenge(user) {
return __awaiter(this, void 0, void 0, function* () {
const b = yield util_1.randomBytes();
return new ServerPasswordChallenge_1.ServerPasswordChallenge(this.poolname, user, b);
});
}
getClientChallenge(user) {
return __awaiter(this, void 0, void 0, function* () {
const a = yield util_1.randomBytes();
return new ClientPasswordChallenge_1.ClientPasswordChallenge(this.poolname, user, a);
});
}
}
exports.UserPool = UserPool;