UNPKG

msal

Version:

Microsoft Authentication Library for js

github.com/AzureAD/microsoft-authentication-library-for-js

AzureAD/microsoft-authentication-library-for-js

76 lines 2.65 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
"use strict"; /* * Copyright (c) Microsoft Corporation. All rights reserved. * Licensed under the MIT License. */ Object.defineProperty(exports, "__esModule", { value: true }); exports.TokenUtils = void 0; var CryptoUtils_1 = require("./CryptoUtils"); var StringUtils_1 = require("./StringUtils"); var TimeUtils_1 = require("./TimeUtils"); /** * @hidden */ var TokenUtils = /** @class */ (function () { function TokenUtils() { } /** * decode a JWT * * @param jwtToken */ TokenUtils.decodeJwt = function (jwtToken) { if (StringUtils_1.StringUtils.isEmpty(jwtToken)) { return null; } var idTokenPartsRegex = /^([^\.\s]*)\.([^\.\s]+)\.([^\.\s]*)$/; var matches = idTokenPartsRegex.exec(jwtToken); if (!matches || matches.length < 4) { // this._requestContext.logger.warn("The returned id_token is not parseable."); return null; } var crackedToken = { header: matches[1], JWSPayload: matches[2], JWSSig: matches[3] }; return crackedToken; }; /** * Evaluates whether token cache item expiration is within expiration offset range * @param tokenCacheItem */ TokenUtils.validateExpirationIsWithinOffset = function (expiration, tokenRenewalOffsetSeconds) { var offset = tokenRenewalOffsetSeconds || 300; return expiration && (expiration > TimeUtils_1.TimeUtils.now() + offset); }; /** * Extract IdToken by decoding the RAWIdToken * * @param encodedIdToken */ TokenUtils.extractIdToken = function (encodedIdToken) { // id token will be decoded to get the username var decodedToken = this.decodeJwt(encodedIdToken); if (!decodedToken) { return null; } try { var base64IdToken = decodedToken["JWSPayload"]; var base64Decoded = CryptoUtils_1.CryptoUtils.base64Decode(base64IdToken); if (!base64Decoded) { // this._requestContext.logger.info("The returned id_token could not be base64 url safe decoded."); return null; } // ECMA script has JSON built-in support return JSON.parse(base64Decoded); } catch (err) { // this._requestContext.logger.error("The returned id_token could not be decoded" + err); } return null; }; return TokenUtils; }()); exports.TokenUtils = TokenUtils; //# sourceMappingURL=TokenUtils.js.map