propylons-client/TokenDecoder.js

Client package for Propylons

"use strict";
/*!
 * Propylons
 * Copyright(c) 2022 Xavier Raffin
 * MIT Licensed
 */
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
const jwt_decode_1 = __importDefault(require("jwt-decode"));
const Token_1 = require("./model/Token");
const TypeChecker_1 = require("./TypeChecker");
const TokenError_1 = require("./TokenError");
class TokenDecoder {
    // https://stackoverflow.com/questions/17382143/create-a-new-object-from-type-parameter-in-generic-class
    constructor(rawTokenType, tokenType) {
        this.rawTokenType = rawTokenType;
        this.tokenType = tokenType;
    }
    getTokenWithoutValidation(tokenString) {
        const rawToken = this.decodeToken(tokenString);
        return new this.tokenType(rawToken);
    }
    decodeToken(tokenString) {
        const unsafeRawToken = (0, jwt_decode_1.default)(tokenString);
        if (unsafeRawToken instanceof Object && unsafeRawToken.constructor.name === "Object") {
            try {
                (0, TypeChecker_1.assertFieldType)(unsafeRawToken, "aud", "string");
                (0, TypeChecker_1.assertFieldType)(unsafeRawToken, "iss", "string");
                (0, TypeChecker_1.assertFieldType)(unsafeRawToken, "exp", "number");
                (0, TypeChecker_1.assertFieldType)(unsafeRawToken, "auth_time", "number");
                (0, TypeChecker_1.assertFieldType)(unsafeRawToken, "tokenType", "string");
                (0, TypeChecker_1.assertFieldType)(unsafeRawToken, "top_level_account_features", "string");
                if (unsafeRawToken["tokenType"] !== Token_1.TokenType.API_KEY) {
                    (0, TypeChecker_1.assertFieldType)(unsafeRawToken, "custom:userId", "string");
                    (0, TypeChecker_1.assertFieldType)(unsafeRawToken, "cognito:username", "string");
                    (0, TypeChecker_1.assertFieldType)(unsafeRawToken, "email", "string");
                    return unsafeRawToken;
                }
                else {
                    return unsafeRawToken;
                }
            }
            catch (err) {
                if (err instanceof TypeChecker_1.MissingPropertyError || err instanceof TypeChecker_1.PropertyTypeMismatchError) {
                    throw new TokenError_1.InvalidTokenError(`${err.message} in token`, TokenError_1.InvalidityReason.tokenMissingFields);
                }
                throw new TokenError_1.InvalidTokenError(TokenError_1.InvalidityReason.tokenWrongFormat);
            }
        }
        throw new TokenError_1.InvalidTokenError(TokenError_1.InvalidityReason.tokenWrongFormat);
    }
}
exports.default = TokenDecoder;
//# sourceMappingURL=TokenDecoder.js.map