UNPKG

matrix-js-sdk

Version:

Matrix Client-Server SDK for Javascript

github.com/matrix-org/matrix-js-sdk

matrix-org/matrix-js-sdk

62 lines (52 loc) 2.46 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
/* Copyright 2023 The Matrix.org Foundation C.I.C. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ import { MetadataService, OidcClientSettingsStore, SigningKey } from "oidc-client-ts"; import { IDelegatedAuthConfig } from "../client"; import { isValidatedIssuerMetadata, ValidatedIssuerMetadata, validateWellKnownAuthentication } from "./validate"; /** * @experimental * Discover and validate delegated auth configuration * - m.authentication config is present and valid * - delegated auth issuer openid-configuration is reachable * - delegated auth issuer openid-configuration is configured correctly for us * When successful, validated metadata is returned * @param wellKnown - configuration object as returned * by the .well-known auto-discovery endpoint * @returns validated authentication metadata and optionally signing keys * @throws when delegated auth config is invalid or unreachable */ export const discoverAndValidateAuthenticationConfig = async ( authenticationConfig?: IDelegatedAuthConfig, ): Promise< IDelegatedAuthConfig & { metadata: ValidatedIssuerMetadata; signingKeys?: SigningKey[]; } > => { const homeserverAuthenticationConfig = validateWellKnownAuthentication(authenticationConfig); // create a temporary settings store so we can use metadata service for discovery const settings = new OidcClientSettingsStore({ authority: homeserverAuthenticationConfig.issuer, redirect_uri: "", // Not known yet, this is here to make the type checker happy client_id: "", // Not known yet, this is here to make the type checker happy }); const metadataService = new MetadataService(settings); const metadata = await metadataService.getMetadata(); const signingKeys = (await metadataService.getSigningKeys()) ?? undefined; isValidatedIssuerMetadata(metadata); return { ...homeserverAuthenticationConfig, metadata, signingKeys, }; };