1 | "use strict";
|
2 | var __read = (this && this.__read) || function (o, n) {
|
3 | var m = typeof Symbol === "function" && o[Symbol.iterator];
|
4 | if (!m) return o;
|
5 | var i = m.call(o), r, ar = [], e;
|
6 | try {
|
7 | while ((n === void 0 || n-- > 0) && !(r = i.next()).done) ar.push(r.value);
|
8 | }
|
9 | catch (error) { e = { error: error }; }
|
10 | finally {
|
11 | try {
|
12 | if (r && !r.done && (m = i["return"])) m.call(i);
|
13 | }
|
14 | finally { if (e) throw e.error; }
|
15 | }
|
16 | return ar;
|
17 | };
|
18 | Object.defineProperty(exports, "__esModule", { value: true });
|
19 | var util_1 = require("util");
|
20 | var crypto_1 = require("./crypto");
|
21 | var sign_1 = require("./sign");
|
22 | var util_2 = require("./util");
|
23 | var BrontosaurusToken = (function () {
|
24 | function BrontosaurusToken(secret) {
|
25 | this._secret = secret;
|
26 | }
|
27 | BrontosaurusToken.withSecret = function (secret) {
|
28 | return new BrontosaurusToken(secret);
|
29 | };
|
30 | BrontosaurusToken.key = function (token) {
|
31 | var decoupled = util_2.decouple(token);
|
32 | if (!decoupled) {
|
33 | return null;
|
34 | }
|
35 | var _a = __read(decoupled, 3), serializedHeader = _a[0], serializedObject = _a[1], hash = _a[2];
|
36 | try {
|
37 | var header = JSON.parse(crypto_1.deserializeString(serializedHeader));
|
38 | if (!util_1.isString(header.key)) {
|
39 | return null;
|
40 | }
|
41 | if (header.key) {
|
42 | return header.key;
|
43 | }
|
44 | return null;
|
45 | }
|
46 | catch (err) {
|
47 | return null;
|
48 | }
|
49 | };
|
50 | BrontosaurusToken.prototype.sign = function (key, body) {
|
51 | return sign_1.BrontosaurusSign.create(key, body, this._secret);
|
52 | };
|
53 | BrontosaurusToken.prototype.key = function (token) {
|
54 | return BrontosaurusToken.key(token);
|
55 | };
|
56 | BrontosaurusToken.prototype.clock = function (token, offset, allowDelay) {
|
57 | if (allowDelay === void 0) { allowDelay = 0; }
|
58 | var decoupled = util_2.decouple(token);
|
59 | if (!decoupled) {
|
60 | return false;
|
61 | }
|
62 | var _a = __read(decoupled, 3), serializedHeader = _a[0], serializedObject = _a[1], hash = _a[2];
|
63 | try {
|
64 | var header = JSON.parse(crypto_1.deserializeString(serializedHeader));
|
65 | if (!util_1.isNumber(header.issuedAt) || !util_1.isNumber(header.expireAt) || !util_1.isString(header.key)) {
|
66 | return false;
|
67 | }
|
68 | if (util_2.isExpired(header.expireAt, offset)) {
|
69 | return false;
|
70 | }
|
71 | return header.issuedAt <= (Date.now() + allowDelay);
|
72 | }
|
73 | catch (err) {
|
74 | return false;
|
75 | }
|
76 | };
|
77 | BrontosaurusToken.prototype.body = function (token) {
|
78 | var decoupled = util_2.decouple(token);
|
79 | if (!decoupled) {
|
80 | return null;
|
81 | }
|
82 | var _a = __read(decoupled, 3), serializedHeader = _a[0], serializedObject = _a[1], hash = _a[2];
|
83 | try {
|
84 | var body = JSON.parse(crypto_1.deserializeString(serializedObject));
|
85 | return body;
|
86 | }
|
87 | catch (err) {
|
88 | return null;
|
89 | }
|
90 | };
|
91 | BrontosaurusToken.prototype.check = function (token) {
|
92 | var decoupled = util_2.decouple(token);
|
93 | if (!decoupled) {
|
94 | return false;
|
95 | }
|
96 | var _a = __read(decoupled, 3), serializedHeader = _a[0], serializedObject = _a[1], hash = _a[2];
|
97 | var serialized = serializedHeader + "." + serializedObject;
|
98 | var result = crypto_1.verifyString(serialized, hash, this._secret.public);
|
99 | return result;
|
100 | };
|
101 | BrontosaurusToken.prototype.validate = function (token, offset) {
|
102 | return this.clock(token, offset) && this.check(token);
|
103 | };
|
104 | return BrontosaurusToken;
|
105 | }());
|
106 | exports.BrontosaurusToken = BrontosaurusToken;
|