UNPKG

rauth

Version:

Authentication and Authorization library via JWT

github.com/reigndesign/RAuth

reigndesign/RAuth

64 lines 5.35 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
"use strict"; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); // tslint:disable-next-line:max-line-length const jsonwebtoken_1 = require("jsonwebtoken"); const from_key_like_1 = __importDefault(require("jose/jwk/from_key_like")); const crypto_1 = __importDefault(require("crypto")); // tslint:disable-next-line:max-line-length const defaultPrivateKeyRS512 = Buffer.from('LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBbnp5aXMxWmpmTkIwYkJnS0ZNU3Z2a1R0d2x2QnNhSnE3UzV3QStremVWT1ZwVld3CmtXZFZoYTRzMzhYTS9wYS95cjQ3YXY3K3ozVlRtdkRSeUFIY2FUOTJ3aFJFRnBMdjljajVsVGVKU2lieXIvTXIKbS9ZdGpDWlZXZ2FPWUlod3JYd0tMcVByLzExaW5Xc0FrZkl5dHZIV1R4WllFY1hMZ0FYRnVVdWFTM3VGOWdFaQpOUXd6R1RVMXYwRnFrcVRCcjRCOG5XM0hDTjQ3WFV1MHQ4WTBlK2xmNHM0T3hRYXdXRDc5SjkvNWQzUnkwdmJWCjNBbTFGdEdKaUp2T3dSc0lmVkNoRHBZU3RUY0hUQ01xdHZXYlY2TDExQldrcHpHWFNXNEh2NDNxYStHU1lPRDIKUVU2OE1iNTlvU2syT0IrQnRPTHBKb2ZtYkdFR2d2bXd5Q0k5TXdJREFRQUJBb0lCQUNpQVJxMndrbHRqdGNqcwprRnZaN3cxSkFPUkhiRXVmRU8xRXUyN3pPSWxxYmd5QWNBbDdxKy8xYmlwNFoveDFJVkVTODQveVRhTThwMGdvCmFtTWh2Z3J5L21TOHZOaTFCTjJTQVpFbmIvN3hTeGJmbGI3MGJYOVJITEpxS25wNUdaZTJqZXh3K3d5WGx3YU0KK2JjbFVDcmg5ZTFsdEg3SXZVclJyUW5GSmZoK2lzMWZSb245Q285TGkwR3dvTjB4MGJ5cnJuZ1U4QWszWTZEOQpEOEdqUUE0RWxtOTRTVDNpekp2OGlDT0xTREJtenNQc1hmY0NVWmZtVGZaNURiVURNYk14Um5TbzNuUWVvS0dDCjBMajlGa1djZm1MY3BHbFNYVE8rV3cxTDdFR3ErUFQzTnRSYWUxRlpQd2pkZFExLzRWOTA1a3lRRkxhbUFBNVkKbFNwRTJ3a0NnWUVBeTFPUExRY1p0NE5RblF6UHoyU0JKcVFOMlA1dTN2WGwrek5WS1A4dzRlQnYwdld1SkpGKwpoa0dOblN4WFFyVGt2RE9JVWRkU0tPekhIZ1NnNG5ZNkswMmVjeVQwUFBtL1VadnRScFdybkJqY0VWdEhFSk5wCmJVOXBMRDVpWjBKOXNielBVL0x4UG11QVAyQnM4Sm1UbjZhRlJzcEZyUDdXMHMxTm1rMmpzbTBDZ1lFQXlIMFgKK2pwb3F4ajRlZlpma1VyZzVHYlNFaGYrZFpnbGYwdFRPQTViVmc4SVl3dG1Oay9wbmlMRy96STdjK0dsVGM5QgpCd2ZNcjU5RXpCcS9lRk1JNytMZ1hhVlVzTS9zUzRSeSt5ZUs2U0p4L290SU1XdERmcXhzTEQ4Q1BNQ1J2ZWNDCjJQaXA0dVNncmwwTU9lYmw5WEtwNTdHb2FVV1JXUkhxd1Y0WTZoOENnWUFaaEk0bWg0cVp0bmhLalk0VEtEangKUVl1ZlhTZExBaTl2M0Z4bXZjaER3T2duNEwrUFJWZE13RE5tczJic0wwbTV1UG4xMDRFek02dzF2enoxendLego1cFRwUEkwT2pnV04xM1RxOCtQS3ZtLzRHYTJNamdPZ1BXUWtzbHVsTy9vTWNYYlB3V0MzaGNSZHI5dGNRdG45CkltZjluMnNwTC82RURGSWQrSHAvN1FLQmdBcWxXZGlYc1dja2RFMUZuOTEvTkdIc2M4c3lLdmpqazFvbkRjdzAKTnZWaTV2Y2JhOW9HZEVsSlgzZTlteHFVS01ydzdtc0pKdjFNWDhMV3lNUUM1TDZZTllIRGZiUEYxcTVMNGk4ago4bVJleDk3VVZva0pRUlJBNDUyVjJ2Q082UzVFVGdwbmFkMzZkZTNNVXhIZ0NPWDNxTDM4MlF4OS9USFZtYm1hCjNZZlJBb0dBVXhML0V1NXl2TUs4U0F0L2RKSzZGZWRuZ2NNM0pFRk5wbG10TFlWTFdoa0lsTlJHRHdrZzNJNUsKeTE4QWU5bjdkSFZ1ZXlzbHJiNndlcTdkVGtZRGkzaU9ZUlc4SFJrSVFoMDZ3RWRieHQwc2hUekFKdnZDUWZyQgpqZy8zNzQ3V1NzZi96QlRjSGloVFJCZEF2Nk9tZGhWNC9kRDVZQmZMQWtMcmQrbVg3aUU9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0t', 'base64'); // tslint:disable-next-line:max-line-length const defaultPublicKeyRS512 = Buffer.from('LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFuenlpczFaamZOQjBiQmdLRk1Tdgp2a1R0d2x2QnNhSnE3UzV3QStremVWT1ZwVld3a1dkVmhhNHMzOFhNL3BhL3lyNDdhdjcrejNWVG12RFJ5QUhjCmFUOTJ3aFJFRnBMdjljajVsVGVKU2lieXIvTXJtL1l0akNaVldnYU9ZSWh3clh3S0xxUHIvMTFpbldzQWtmSXkKdHZIV1R4WllFY1hMZ0FYRnVVdWFTM3VGOWdFaU5Rd3pHVFUxdjBGcWtxVEJyNEI4blczSENONDdYVXUwdDhZMAplK2xmNHM0T3hRYXdXRDc5SjkvNWQzUnkwdmJWM0FtMUZ0R0ppSnZPd1JzSWZWQ2hEcFlTdFRjSFRDTXF0dldiClY2TDExQldrcHpHWFNXNEh2NDNxYStHU1lPRDJRVTY4TWI1OW9TazJPQitCdE9McEpvZm1iR0VHZ3Ztd3lDSTkKTXdJREFRQUIKLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0t', 'base64'); checkWarningPublicKeyVulnerable.warned = false; function checkWarningPublicKeyVulnerable(secretOrPublicKey) { if (!checkWarningPublicKeyVulnerable.warned && defaultPublicKeyRS512 === secretOrPublicKey) { checkWarningPublicKeyVulnerable.warned = true; process.emitWarning('You are using a vulnerable key.', 'JsonWebTokenControl#secretOrPublicKey'); } return secretOrPublicKey; } class JWTControl { constructor(opts) { this.opts = opts; this.algorithm = this.opts?.algorithm ?? this.opts?.secret ? 'HS512' : 'RS512'; this.signOptions = { algorithm: this.algorithm, ...this.opts?.signOptions, }; this.verifyOptions = { algorithms: [this.algorithm], ...this.opts?.verifyOptions, }; this.secretOrPrivateKey = this.opts?.secret ?? this.opts?.privateKey ?? defaultPrivateKeyRS512; this.secretOrPublicKey = checkWarningPublicKeyVulnerable(this.opts?.secret ?? this.opts?.publicKey ?? defaultPublicKeyRS512); } sign(payload, options) { return jsonwebtoken_1.sign(payload, this.secretOrPrivateKey, { ...this.signOptions, ...options, }); } decode(token, options) { return jsonwebtoken_1.decode(token, options); } verify(token, options) { return jsonwebtoken_1.verify(token, this.secretOrPublicKey, { ...this.verifyOptions, ...options, }); } async toJWK() { return { ...await from_key_like_1.default(crypto_1.default.createPublicKey({ key: this.secretOrPublicKey, format: 'pem', })), alg: this.signOptions.algorithm, kid: this.signOptions.keyid, }; } } exports.JWTControl = JWTControl; //# sourceMappingURL=JWTControl.js.map