nnanh3-msal-browser
Version:
Thư viện đã custom của azure masl có common kèm trong
143 lines (140 loc) • 6.02 kB
JavaScript
/*! @azure/msal-common v4.5.1 2021-08-02 */
'use strict';
import { CredentialType, CacheType, Constants, Separators } from '../../utils/Constants.js';
import { ClientAuthError } from '../../error/ClientAuthError.js';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* Base type for credentials to be stored in the cache: eg: ACCESS_TOKEN, ID_TOKEN etc
*
* Key:Value Schema:
*
* Key: <home_account_id*>-<environment>-<credential_type>-<client_id>-<realm*>-<target*>
*
* Value Schema:
* {
* homeAccountId: home account identifier for the auth scheme,
* environment: entity that issued the token, represented as a full host
* credentialType: Type of credential as a string, can be one of the following: RefreshToken, AccessToken, IdToken, Password, Cookie, Certificate, Other
* clientId: client ID of the application
* secret: Actual credential as a string
* familyId: Family ID identifier, usually only used for refresh tokens
* realm: Full tenant or organizational identifier that the account belongs to
* target: Permissions that are included in the token, or for refresh tokens, the resource identifier.
* oboAssertion: access token passed in as part of OBO request
* }
*/
var CredentialEntity = /** @class */ (function () {
function CredentialEntity() {
}
/**
* Generate Account Id key component as per the schema: <home_account_id>-<environment>
*/
CredentialEntity.prototype.generateAccountId = function () {
return CredentialEntity.generateAccountIdForCacheKey(this.homeAccountId, this.environment);
};
/**
* Generate Credential Id key component as per the schema: <credential_type>-<client_id>-<realm>
*/
CredentialEntity.prototype.generateCredentialId = function () {
return CredentialEntity.generateCredentialIdForCacheKey(this.credentialType, this.clientId, this.realm, this.familyId);
};
/**
* Generate target key component as per schema: <target>
*/
CredentialEntity.prototype.generateTarget = function () {
return CredentialEntity.generateTargetForCacheKey(this.target);
};
/**
* generates credential key
*/
CredentialEntity.prototype.generateCredentialKey = function () {
return CredentialEntity.generateCredentialCacheKey(this.homeAccountId, this.environment, this.credentialType, this.clientId, this.realm, this.target, this.familyId);
};
/**
* returns the type of the cache (in this case credential)
*/
CredentialEntity.prototype.generateType = function () {
switch (this.credentialType) {
case CredentialType.ID_TOKEN:
return CacheType.ID_TOKEN;
case CredentialType.ACCESS_TOKEN:
return CacheType.ACCESS_TOKEN;
case CredentialType.REFRESH_TOKEN:
return CacheType.REFRESH_TOKEN;
default: {
throw ClientAuthError.createUnexpectedCredentialTypeError();
}
}
};
/**
* helper function to return `CredentialType`
* @param key
*/
CredentialEntity.getCredentialType = function (key) {
// First keyword search will match all "AccessToken" and "AccessToken_With_AuthScheme" credentials
if (key.indexOf(CredentialType.ACCESS_TOKEN.toLowerCase()) !== -1) {
// Perform second search to differentiate between "AccessToken" and "AccessToken_With_AuthScheme" credential types
if (key.indexOf(CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()) !== -1) {
return CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
}
return CredentialType.ACCESS_TOKEN;
}
else if (key.indexOf(CredentialType.ID_TOKEN.toLowerCase()) !== -1) {
return CredentialType.ID_TOKEN;
}
else if (key.indexOf(CredentialType.REFRESH_TOKEN.toLowerCase()) !== -1) {
return CredentialType.REFRESH_TOKEN;
}
return Constants.NOT_DEFINED;
};
/**
* generates credential key
*/
CredentialEntity.generateCredentialCacheKey = function (homeAccountId, environment, credentialType, clientId, realm, target, familyId) {
var credentialKey = [
this.generateAccountIdForCacheKey(homeAccountId, environment),
this.generateCredentialIdForCacheKey(credentialType, clientId, realm, familyId),
this.generateTargetForCacheKey(target),
];
return credentialKey.join(Separators.CACHE_KEY_SEPARATOR).toLowerCase();
};
/**
* generates Account Id for keys
* @param homeAccountId
* @param environment
*/
CredentialEntity.generateAccountIdForCacheKey = function (homeAccountId, environment) {
var accountId = [homeAccountId, environment];
return accountId.join(Separators.CACHE_KEY_SEPARATOR).toLowerCase();
};
/**
* Generates Credential Id for keys
* @param credentialType
* @param realm
* @param clientId
* @param familyId
*/
CredentialEntity.generateCredentialIdForCacheKey = function (credentialType, clientId, realm, familyId) {
var clientOrFamilyId = credentialType === CredentialType.REFRESH_TOKEN
? familyId || clientId
: clientId;
var credentialId = [
credentialType,
clientOrFamilyId,
realm || "",
];
return credentialId.join(Separators.CACHE_KEY_SEPARATOR).toLowerCase();
};
/**
* Generate target key component as per schema: <target>
*/
CredentialEntity.generateTargetForCacheKey = function (scopes) {
return (scopes || "").toLowerCase();
};
return CredentialEntity;
}());
export { CredentialEntity };
//# sourceMappingURL=CredentialEntity.js.map