UNPKG

5.78 kBTypeScriptView Raw
1/// <reference types="node" />
2import { IncomingMessage } from 'http';
3import { JwtPayload } from 'jsonwebtoken';
4import { TokenKey } from './xsuaa-service-types';
5import { Cache } from './cache';
6import type { RegisteredJWTClaimsTenant } from './tenant';
7import type { RegisteredJWTClaimsUser } from './user';
8import { JwtWithPayloadObject } from './jsonwebtoken-type';
9/**
10 * Decode JWT.
11 * @param token - JWT to be decoded
12 * @returns Decoded payload.
13 */
14export declare function decodeJwt(token: string): JwtPayload;
15/**
16 * Decode JWT and return the complete decoded token.
17 * @param token - JWT to be decoded.
18 * @returns Decoded token containing payload, header and signature.
19 * @internal
20 */
21export declare function decodeJwtComplete(token: string): JwtWithPayloadObject;
22/**
23 * Retrieve JWT from a request that is based on the node `IncomingMessage`. Fails if no authorization header is given or has the wrong format. Expected format is 'Bearer <TOKEN>'.
24 * @param req - Request to retrieve the JWT from
25 * @returns JWT found in header
26 */
27export declare function retrieveJwt(req: IncomingMessage): string | undefined;
28/**
29 * Verifies the given JWT and returns the decoded payload.
30 * @param token - JWT to be verified
31 * @param options - Options to control certain aspects of JWT verification behavior.
32 * @returns A Promise to the decoded and verified JWT.
33 */
34export declare function verifyJwt(token: string, options?: VerifyJwtOptions): Promise<JwtPayload>;
35/**
36 * Options to control certain aspects of JWT verification behavior.
37 */
38export interface VerifyJwtOptions {
39 cacheVerificationKeys?: boolean;
40}
41export declare const verificationKeyCache: Cache<TokenKey>;
42/**
43 * Verifies the given JWT with the given key and returns the decoded payload.
44 * @param token - JWT to be verified.
45 * @param key - Key to use for verification.
46 * @returns A Promise to the decoded and verified JWT.
47 */
48export declare function verifyJwtWithKey(token: string, key: string): Promise<JwtPayload>;
49/**
50 * Get the issuer URL of a decoded JWT.
51 * @param decodedToken - Token to read the issuer URL from.
52 * @returns The issuer URL if available.
53 */
54export declare function issuerUrl(decodedToken: JwtPayload): string | undefined;
55/**
56 * Retrieve the audiences of a decoded JWT based on the audiences and scopes in the token.
57 * @param decodedToken - Token to retrieve the audiences from.
58 * @returns A set of audiences.
59 */
60export declare function audiences(decodedToken: JwtPayload): Set<string>;
61/**
62 * Wraps the access token in header's authorization.
63 * @param token - Token to attach in request header
64 * @returns The request header that holds the access token
65 */
66export declare function wrapJwtInHeader(token: string): {
67 headers: {
68 Authorization: string;
69 [key: string]: any;
70 };
71};
72export declare function readPropertyWithWarn(jwtPayload: JwtPayload, property: string): any;
73/**
74 * @deprecated Since v1.46.0. This interface will not be replaced. Use the higher level JWT types directly.
75 * Interface to represent the registered claims of a JWT.
76 */
77export declare type RegisteredJWTClaims = RegisteredJWTClaimsBasic & RegisteredJWTClaimsUser & RegisteredJWTClaimsTenant;
78/**
79 * @deprecated Since v1.46.0. This interface will not be replaced. Use the higher level JWT types directly.
80 * Interface to represent the basic properties like issuer, audience etc.
81 */
82export interface RegisteredJWTClaimsBasic {
83 iss?: string;
84 exp?: number;
85 sub?: string;
86 aud?: string[];
87 nbf?: string;
88 iat?: number;
89 jti?: string;
90}
91/**
92 * @deprecated Since v1.46.0. Use `JwtHeader` instead.
93 * Interface to represent the basic properties of a JWT header.
94 */
95export interface JWTHeader {
96 alg: string;
97 typ: string;
98 jku?: string;
99}
100/**
101 * @deprecated Since v1.20.0. Use [[JWTPayload]] if you want to represent the decoded JWT payload or [[CompleteDecodedJWT]] for the full decoded object.
102 * Interface to represent the payload of a JWT.
103 */
104export interface DecodedJWT extends RegisteredJWTClaims {
105 [otherKey: string]: any;
106}
107/**
108 * @deprecated Since v1.46.0. Use `JwtPayload` instead.
109 * Interface to represent the payload of a JWT.
110 */
111export interface JWTPayload extends RegisteredJWTClaims {
112 [otherKey: string]: any;
113}
114/**
115 * @deprecated Since v1.46.0. Use `Jwt` instead.
116 * Interface to represent header and payload of a JWT.
117 */
118export interface CompleteDecodedJWT extends RegisteredJWTClaims {
119 header: JWTHeader;
120 payload: JWTPayload;
121 signature: string;
122}
123export declare type JwtKeyMapping<InterfaceT, JwtKeysT> = {
124 [key in keyof InterfaceT]: {
125 keyInJwt: JwtKeysT extends string ? JwtKeysT : keyof JwtKeysT;
126 extractorFunction: (jwtPayload: JwtPayload) => any;
127 };
128};
129/**
130 * Checks if a given key is present in the decoded JWT. If not, an error is thrown.
131 * @param key - The key of the representation in typescript
132 * @param mapping - The mapping between the typescript keys and the JWT key
133 * @param jwtPayload - JWT payload to check fo the given key.
134 */
135export declare function checkMandatoryValue<InterfaceT, JwtKeysT>(key: keyof InterfaceT, mapping: JwtKeyMapping<InterfaceT, JwtKeysT>, jwtPayload: JwtPayload): void;
136/**
137 * Object holding a decoded JWT payload received by decoding the encoded string also in this object.
138 */
139export interface JwtPair {
140 decoded: JwtPayload;
141 encoded: string;
142}
143/**
144 * The user JWT can be a full JWT containing user information but also a reduced one setting only the iss value
145 * This method divides the two cases.
146 * @param token - Token to be investigated
147 * @returns Boolean value with true if the input is a UserJwtPair
148 */
149export declare function isUserToken(token: JwtPair | undefined): token is JwtPair;
150//# sourceMappingURL=jwt.d.ts.map
\No newline at end of file