passport-descope/dist/index.esm.js

Passport strategy for Descope authentication service

import e from"@descope/node-sdk";class r{constructor(r){this._options=r,this.name="descope",this._descopeClient=e({projectId:r.projectId,managementKey:r.managementKey}),this._realm=r.realm||"Users",r.scope&&(this._scope=Array.isArray(r.scope)?r.scope:[r.scope])}async authenticate(r,t){const o=this,s=(e=>{var r;const t=null===(r=e.headers)||void 0===r?void 0:r.authorization;if(!t)return null;const o=t.split(" ");if(2==o.length){const e=o[0],r=o[1];if(/^Bearer$/i.test(e))return r}return null})(r)||(r=>{var t;const o={},s=null===(t=r.headers)||void 0===t?void 0:t.cookie;return s?(s.split(";").forEach((e=>{let[r,...t]=e.split("=");if(r=null==r?void 0:r.trim(),!r)return;const s=t.join("=").trim();s&&(o[r]=decodeURIComponent(s))})),o[e.SessionTokenCookieName]):null})(r);let n=null;try{n=await o._descopeClient.validateJwt(s)}catch(e){const r="No valid token provided",t=e instanceof Error?e.message:r;return o.fail(o._challenge(401,t))}o._options.verify(n,(async(e,r,t)=>{if(e)return o.error(e);if(!r)return"string"==typeof t&&(t={message:t}),t=t||{},o.fail(o._challenge(401,"invalid_token",t.message));if(t&&t.userDetails){const e=await o._descopeClient.management.user.loadByUserId(n.token.sub);if(console.log(e),!e.ok)return o.fail(o._challenge(401,e.error.errorDescription,e.error.errorMessage));r=e.data}return o.success(r,t)}),r)}_challenge(e,r,t){let o='Bearer realm="'+this._realm+'"';return this._scope&&(o+=', scope="'+this._scope.join(" ")+'"'),e&&(o+=', error="'+e+'"'),r&&(o+=', error_description="'+r+'"'),t&&(o+=', error_uri="'+t+'"'),o}}export{r as default};
//# sourceMappingURL=index.esm.js.map