UNPKG

smartid-calls

Version:

Smart-ID client module for Node.JS with proxy layer

github.com/diidiiman/smartid-calls

diidiiman/smartid-calls

117 lines (116 loc) 6.01 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
"use strict"; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; var __generator = (this && this.__generator) || function (thisArg, body) { var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g; return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g; function verb(n) { return function (v) { return step([n, v]); }; } function step(op) { if (f) throw new TypeError("Generator is already executing."); while (_) try { if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; if (y = 0, t) op = [op[0] & 2, t.value]; switch (op[0]) { case 0: case 1: t = op; break; case 4: _.label++; return { value: op[1], done: false }; case 5: _.label++; y = op[1]; op = [0]; continue; case 7: op = _.ops.pop(); _.trys.pop(); continue; default: if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; } if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; } if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; } if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; } if (t[2]) _.ops.pop(); _.trys.pop(); continue; } op = body.call(thisArg, _); } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; } if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true }; } }; Object.defineProperty(exports, "__esModule", { value: true }); var crypto = require("crypto"); var x509 = require("x509"); var axios_1 = require("axios"); var CERT_BEGIN = '-----BEGIN CERTIFICATE-----\n'; var CERT_END = '\n-----END CERTIFICATE-----'; var Session = /** @class */ (function () { function Session(config, id) { this.config = config; this.id = id; } Session.prototype.pollStatus = function () { return __awaiter(this, void 0, void 0, function () { var response, body, cert; return __generator(this, function (_a) { switch (_a.label) { case 0: return [4 /*yield*/, axios_1.default({ method: 'GET', proxy: this.config.proxy || false, responseType: 'json', validateStatus: function (status) { return status === 200; }, url: this.config.host + '/session/' + this.id + '?timeoutMs=10000' })]; case 1: response = _a.sent(); if (typeof response !== 'object') { throw new Error('Invalid response'); } body = response.data; if (!(body.state && body.state === 'RUNNING')) return [3 /*break*/, 3]; return [4 /*yield*/, this.pollStatus()]; case 2: return [2 /*return*/, _a.sent()]; case 3: if (!body.result) { throw new Error('Invalid response (empty result)'); } else if (body.result.endResult !== 'OK') { throw new Error(body.result.endResult); } else { cert = CERT_BEGIN + body.cert.value + CERT_END; return [2 /*return*/, { data: x509.getSubject(cert), result: body.result, all: body, }]; } return [2 /*return*/]; } }); }); }; Session.prototype.verifyRequest = function (prevRequest, authHash) { return __awaiter(this, void 0, void 0, function () { var cert, verifier, parsedCert, date; return __generator(this, function (_a) { cert = CERT_BEGIN + prevRequest.cert.value + CERT_END; // Check that auth was properly signed if (authHash) { verifier = crypto.createVerify(prevRequest.signature.algorithm); verifier.update(Buffer.from(authHash, 'hex')); if (!verifier.verify(cert, prevRequest.signature.value, 'base64')) { return [2 /*return*/, false]; } } parsedCert = x509.parseCert(cert); date = new Date(); if (parsedCert.notBefore > date) { throw new Error('Certificate is not active yet'); } else if (parsedCert.notAfter < date) { throw new Error('Certificate has expired'); } return [2 /*return*/, true]; }); }); }; return Session; }()); exports.Session = Session;