-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathauthIdentityToken.ts
More file actions
49 lines (44 loc) · 1.55 KB
/
authIdentityToken.ts
File metadata and controls
49 lines (44 loc) · 1.55 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
import type { SignedToken, TokenPayload } from '../types.js';
import type { NodeIdEncoded } from '../../ids/types.js';
import * as tokensUtils from '../utils.js';
import * as ids from '../../ids/index.js';
import * as validationErrors from '../../validation/errors.js';
import * as utils from '../../utils/index.js';
interface AuthIdentityToken extends TokenPayload {
iss: NodeIdEncoded;
exp: number;
jti: string;
}
function assertAuthSignedIdentity(
authIdentityToken: unknown,
): asserts authIdentityToken is AuthIdentityToken {
if (!utils.isObject(authIdentityToken)) {
throw new validationErrors.ErrorParse('must be POJO');
}
if (
authIdentityToken['iss'] == null ||
ids.decodeNodeId(authIdentityToken['iss'] == null)
) {
throw new validationErrors.ErrorParse(
'`iss` property must be an encoded node ID',
);
}
if (typeof authIdentityToken['exp'] !== 'number') {
throw new validationErrors.ErrorParse('`exp` property must be a number');
}
if (typeof authIdentityToken['jti'] !== 'string') {
throw new validationErrors.ErrorParse('`jti` property must be a string');
}
}
function parseAuthSignedIdentity(
authIdentityEncoded: unknown,
): SignedToken<AuthIdentityToken> {
const encodedToken =
tokensUtils.parseSignedToken<AuthIdentityToken>(authIdentityEncoded);
const authIdentity =
tokensUtils.parseTokenPayload<AuthIdentityToken>(encodedToken);
assertAuthSignedIdentity(authIdentity);
return encodedToken;
}
export { assertAuthSignedIdentity, parseAuthSignedIdentity };
export type { AuthIdentityToken };