| 1 | "use strict";
|
| 2 | var __read = (this && this.__read) || function (o, n) {
|
| 3 | var m = typeof Symbol === "function" && o[Symbol.iterator];
|
| 4 | if (!m) return o;
|
| 5 | var i = m.call(o), r, ar = [], e;
|
| 6 | try {
|
| 7 | while ((n === void 0 || n-- > 0) && !(r = i.next()).done) ar.push(r.value);
|
| 8 | }
|
| 9 | catch (error) { e = { error: error }; }
|
| 10 | finally {
|
| 11 | try {
|
| 12 | if (r && !r.done && (m = i["return"])) m.call(i);
|
| 13 | }
|
| 14 | finally { if (e) throw e.error; }
|
| 15 | }
|
| 16 | return ar;
|
| 17 | };
|
| 18 | Object.defineProperty(exports, "__esModule", { value: true });
|
| 19 | var util_1 = require("util");
|
| 20 | var crypto_1 = require("./crypto");
|
| 21 | var sign_1 = require("./sign");
|
| 22 | var util_2 = require("./util");
|
| 23 | var BrontosaurusToken = (function () {
|
| 24 | function BrontosaurusToken(secret) {
|
| 25 | this._secret = secret;
|
| 26 | }
|
| 27 | BrontosaurusToken.withSecret = function (secret) {
|
| 28 | return new BrontosaurusToken(secret);
|
| 29 | };
|
| 30 | BrontosaurusToken.key = function (token) {
|
| 31 | var decoupled = util_2.decouple(token);
|
| 32 | if (!decoupled) {
|
| 33 | return null;
|
| 34 | }
|
| 35 | var _a = __read(decoupled, 3), serializedHeader = _a[0], serializedObject = _a[1], hash = _a[2];
|
| 36 | try {
|
| 37 | var header = JSON.parse(crypto_1.deserializeString(serializedHeader));
|
| 38 | if (!util_1.isString(header.key)) {
|
| 39 | return null;
|
| 40 | }
|
| 41 | if (header.key) {
|
| 42 | return header.key;
|
| 43 | }
|
| 44 | return null;
|
| 45 | }
|
| 46 | catch (err) {
|
| 47 | return null;
|
| 48 | }
|
| 49 | };
|
| 50 | BrontosaurusToken.prototype.sign = function (key, body) {
|
| 51 | return sign_1.BrontosaurusSign.create(key, body, this._secret);
|
| 52 | };
|
| 53 | BrontosaurusToken.prototype.key = function (token) {
|
| 54 | return BrontosaurusToken.key(token);
|
| 55 | };
|
| 56 | BrontosaurusToken.prototype.clock = function (token, offset, allowDelay) {
|
| 57 | if (allowDelay === void 0) { allowDelay = 0; }
|
| 58 | var decoupled = util_2.decouple(token);
|
| 59 | if (!decoupled) {
|
| 60 | return false;
|
| 61 | }
|
| 62 | var _a = __read(decoupled, 3), serializedHeader = _a[0], serializedObject = _a[1], hash = _a[2];
|
| 63 | try {
|
| 64 | var header = JSON.parse(crypto_1.deserializeString(serializedHeader));
|
| 65 | if (!util_1.isNumber(header.issuedAt) || !util_1.isNumber(header.expireAt) || !util_1.isString(header.key)) {
|
| 66 | return false;
|
| 67 | }
|
| 68 | if (util_2.isExpired(header.expireAt, offset)) {
|
| 69 | return false;
|
| 70 | }
|
| 71 | return header.issuedAt <= (Date.now() + allowDelay);
|
| 72 | }
|
| 73 | catch (err) {
|
| 74 | return false;
|
| 75 | }
|
| 76 | };
|
| 77 | BrontosaurusToken.prototype.body = function (token) {
|
| 78 | var decoupled = util_2.decouple(token);
|
| 79 | if (!decoupled) {
|
| 80 | return null;
|
| 81 | }
|
| 82 | var _a = __read(decoupled, 3), serializedHeader = _a[0], serializedObject = _a[1], hash = _a[2];
|
| 83 | try {
|
| 84 | var body = JSON.parse(crypto_1.deserializeString(serializedObject));
|
| 85 | return body;
|
| 86 | }
|
| 87 | catch (err) {
|
| 88 | return null;
|
| 89 | }
|
| 90 | };
|
| 91 | BrontosaurusToken.prototype.check = function (token) {
|
| 92 | var decoupled = util_2.decouple(token);
|
| 93 | if (!decoupled) {
|
| 94 | return false;
|
| 95 | }
|
| 96 | var _a = __read(decoupled, 3), serializedHeader = _a[0], serializedObject = _a[1], hash = _a[2];
|
| 97 | var serialized = serializedHeader + "." + serializedObject;
|
| 98 | var result = crypto_1.verifyString(serialized, hash, this._secret.public);
|
| 99 | return result;
|
| 100 | };
|
| 101 | BrontosaurusToken.prototype.validate = function (token, offset) {
|
| 102 | return this.clock(token, offset) && this.check(token);
|
| 103 | };
|
| 104 | return BrontosaurusToken;
|
| 105 | }());
|
| 106 | exports.BrontosaurusToken = BrontosaurusToken;
|