UNPKG

cybersource-rest-client

Version:

Node.js SDK for the CyberSource REST API

51 lines (39 loc) 1.7 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
'use strict'; const crypto = require('crypto'); const jwkToPem = require('jwk-to-pem'); /** * This function has all the merchentConfig properties getters and setters methods * * @param result */ function TokenVerification() { } function isPemFormattedString(input) { return typeof input === 'string' && /^-----BEGIN PUBLIC KEY-----[\S\s]*-----END PUBLIC KEY-----/.test(input); } function isBase64String(input) { return typeof input === 'string' && /^[a-zA-Z0-9+/=]*$/g.test(input); } function base64toPem(base64) { const urlDecoded = base64.replace(/-/g, '+').replace(/_/g, '/'); return [ '-----BEGIN PUBLIC KEY-----', ...urlDecoded.match(/.{1,64}/g), '-----END PUBLIC KEY-----', ].join('\n'); } TokenVerification.prototype.verifyToken = function verifyToken(publicKey, token) { if (typeof token !== 'object' || !token) throw new Error('Invalid token object'); if (!Object.prototype.hasOwnProperty.call(token, 'signature')) throw new Error('token.signature is missing'); if (!Object.prototype.hasOwnProperty.call(token, 'signedFields')) throw new Error('token.signedFields is missing'); let pem; if (typeof publicKey === 'object') pem = jwkToPem(publicKey); else if (isPemFormattedString(publicKey)) pem = publicKey; else if (isBase64String(publicKey)) pem = base64toPem(publicKey); else { throw new Error('Invalid publicKey parameter'); } const dataToVerify = token.signedFields.split(',').map(field => token[field]).join(','); return crypto.createVerify('RSA-SHA512').update(dataToVerify).verify(pem, token.signature, 'base64'); }; module.exports = TokenVerification;