node-nlp/examples/microsoft-bot-v4/node_modules/botframework-connector/lib/auth/jwtTokenValidation.js

Library for NLU (Natural Language Understanding) done in Node.js

"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    return new (P || (P = Promise))(function (resolve, reject) {
        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
        function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); }
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
};
Object.defineProperty(exports, "__esModule", { value: true });
const channelValidation_1 = require("./channelValidation");
const claimsIdentity_1 = require("./claimsIdentity");
const emulatorValidation_1 = require("./emulatorValidation");
const enterpriseChannelValidation_1 = require("./enterpriseChannelValidation");
const governmentChannelValidation_1 = require("./governmentChannelValidation");
const governmentConstants_1 = require("./governmentConstants");
const microsoftAppCredentials_1 = require("./microsoftAppCredentials");
var JwtTokenValidation;
(function (JwtTokenValidation) {
    /**
     * Authenticates the request and sets the service url in the set of trusted urls.
     * @param  {Activity} activity The incoming Activity from the Bot Framework or the Emulator
     * @param  {string} authHeader The Bearer token included as part of the request
     * @param  {ICredentialProvider} credentials The set of valid credentials, such as the Bot Application ID
     * @returns {Promise<ClaimsIdentity>} Promise with ClaimsIdentity for the request.
     */
    function authenticateRequest(activity, authHeader, credentials, channelService) {
        return __awaiter(this, void 0, void 0, function* () {
            if (!authHeader.trim()) {
                const isAuthDisabled = yield credentials.isAuthenticationDisabled();
                if (isAuthDisabled) {
                    return new claimsIdentity_1.ClaimsIdentity([], true);
                }
                throw new Error('Unauthorized Access. Request is not authorized');
            }
            const claimsIdentity = yield validateAuthHeader(authHeader, credentials, channelService, activity.channelId, activity.serviceUrl);
            microsoftAppCredentials_1.MicrosoftAppCredentials.trustServiceUrl(activity.serviceUrl);
            return claimsIdentity;
        });
    }
    JwtTokenValidation.authenticateRequest = authenticateRequest;
    function validateAuthHeader(authHeader, credentials, channelService, channelId, serviceUrl = '') {
        return __awaiter(this, void 0, void 0, function* () {
            if (!authHeader.trim()) {
                throw new Error('\'authHeader\' required.');
            }
            const usingEmulator = emulatorValidation_1.EmulatorValidation.isTokenFromEmulator(authHeader);
            if (usingEmulator) {
                return yield emulatorValidation_1.EmulatorValidation.authenticateEmulatorToken(authHeader, credentials, channelId);
            }
            if (isPublicAzure(channelService)) {
                if (serviceUrl.trim()) {
                    return yield channelValidation_1.ChannelValidation.authenticateChannelTokenWithServiceUrl(authHeader, credentials, serviceUrl, channelId);
                }
                return yield channelValidation_1.ChannelValidation.authenticateChannelToken(authHeader, credentials, channelId);
            }
            if (isGovernment(channelService)) {
                if (serviceUrl.trim()) {
                    return yield governmentChannelValidation_1.GovernmentChannelValidation.authenticateChannelTokenWithServiceUrl(authHeader, credentials, serviceUrl, channelId);
                }
                return yield governmentChannelValidation_1.GovernmentChannelValidation.authenticateChannelToken(authHeader, credentials, channelId);
            }
            // Otherwise use Enterprise Channel Validation
            if (serviceUrl.trim()) {
                return yield enterpriseChannelValidation_1.EnterpriseChannelValidation.authenticateChannelTokenWithServiceUrl(authHeader, credentials, serviceUrl, channelId, channelService);
            }
            return yield enterpriseChannelValidation_1.EnterpriseChannelValidation.authenticateChannelToken(authHeader, credentials, channelId, channelService);
        });
    }
    JwtTokenValidation.validateAuthHeader = validateAuthHeader;
    function isPublicAzure(channelService) {
        return !channelService || channelService.length === 0;
    }
    function isGovernment(channelService) {
        return channelService && channelService.toLowerCase() === governmentConstants_1.GovernmentConstants.ChannelService;
    }
    JwtTokenValidation.isGovernment = isGovernment;
})(JwtTokenValidation = exports.JwtTokenValidation || (exports.JwtTokenValidation = {}));
//# sourceMappingURL=jwtTokenValidation.js.map