UNPKG

firebase-admin/lib/utils/jwt.d.ts

Version:

4.24 kBTypeScriptView Raw

1/*! firebase-admin v10.0.0 */
2/*!
* Copyright 2021 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*   http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
17/// <reference types="node" />
18import * as jwt from 'jsonwebtoken';
19import { Agent } from 'http';
20export declare const ALGORITHM_RS256: jwt.Algorithm;
21export declare type Dictionary = {
  [key: string]: any;
23};
24export declare type DecodedToken = {
  header: Dictionary;
  payload: Dictionary;
27};
28export interface SignatureVerifier {
  verify(token: string): Promise<void>;
30}
31interface KeyFetcher {
  fetchPublicKeys(): Promise<{
      [key: string]: string;
  }>;
35}
36export declare class JwksFetcher implements KeyFetcher {
  private publicKeys;
  private publicKeysExpireAt;
  private client;
  constructor(jwksUrl: string);
  fetchPublicKeys(): Promise<{
      [key: string]: string;
  }>;
  private shouldRefresh;
  private refresh;
46}
47/**
* Class to fetch public keys from a client certificates URL.
*/
50export declare class UrlKeyFetcher implements KeyFetcher {
  private clientCertUrl;
  private readonly httpAgent?;
  private publicKeys;
  private publicKeysExpireAt;
  constructor(clientCertUrl: string, httpAgent?: Agent | undefined);
  /**
   * Fetches the public keys for the Google certs.
   *
   * @returns A promise fulfilled with public keys for the Google certs.
   */
  fetchPublicKeys(): Promise<{
      [key: string]: string;
  }>;
  /**
   * Checks if the cached public keys need to be refreshed.
   *
   * @returns Whether the keys should be fetched from the client certs url or not.
   */
  private shouldRefresh;
  private refresh;
71}
72/**
* Class for verifying JWT signature with a public key.
*/
75export declare class PublicKeySignatureVerifier implements SignatureVerifier {
  private keyFetcher;
  constructor(keyFetcher: KeyFetcher);
  static withCertificateUrl(clientCertUrl: string, httpAgent?: Agent): PublicKeySignatureVerifier;
  static withJwksUrl(jwksUrl: string): PublicKeySignatureVerifier;
  verify(token: string): Promise<void>;
  private verifyWithoutKid;
  private verifyWithAllKeys;
83}
84/**
* Class for verifying unsigned (emulator) JWTs.
*/
87export declare class EmulatorSignatureVerifier implements SignatureVerifier {
  verify(token: string): Promise<void>;
89}
90/**
* Verifies the signature of a JWT using the provided secret or a function to fetch
* the secret or public key.
*
* @param token - The JWT to be verified.
* @param secretOrPublicKey - The secret or a function to fetch the secret or public key.
* @param options - JWT verification options.
* @returns A Promise resolving for a token with a valid signature.
*/
99export declare function verifyJwtSignature(token: string, secretOrPublicKey: jwt.Secret | jwt.GetPublicKeyOrSecret, options?: jwt.VerifyOptions): Promise<void>;
100/**
* Decodes general purpose Firebase JWTs.
*
* @param jwtToken - JWT token to be decoded.
* @returns Decoded token containing the header and payload.
*/
106export declare function decodeJwt(jwtToken: string): Promise<DecodedToken>;
107/**
* Jwt error code structure.
*
* @param code - The error code.
* @param message - The error message.
* @constructor
*/
114export declare class JwtError extends Error {
  readonly code: JwtErrorCode;
  readonly message: string;
  constructor(code: JwtErrorCode, message: string);
118}
119/**
* JWT error codes.
*/
122export declare enum JwtErrorCode {
  INVALID_ARGUMENT = "invalid-argument",
  INVALID_CREDENTIAL = "invalid-credential",
  TOKEN_EXPIRED = "token-expired",
  INVALID_SIGNATURE = "invalid-token",
  NO_MATCHING_KID = "no-matching-kid-error",
  NO_KID_IN_HEADER = "no-kid-error",
  KEY_FETCH_ERROR = "key-fetch-error"
130}
131export {};

1	`/! firebase-admin v10.0.0 /`
2	`/*!`
3	`* Copyright 2021 Google Inc.`
4	`*`
5	`* Licensed under the Apache License, Version 2.0 (the "License");`
6	`* you may not use this file except in compliance with the License.`
7	`* You may obtain a copy of the License at`
8	`*`
9	`* http://www.apache.org/licenses/LICENSE-2.0`
10	`*`
11	`* Unless required by applicable law or agreed to in writing, software`
12	`* distributed under the License is distributed on an "AS IS" BASIS,`
13	`* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
14	`* See the License for the specific language governing permissions and`
15	`* limitations under the License.`
16	`*/`
17	`/// <reference types="node" />`
18	`import * as jwt from 'jsonwebtoken';`
19	`import { Agent } from 'http';`
20	`export declare const ALGORITHM_RS256: jwt.Algorithm;`
21	`export declare type Dictionary = {`
22	`[key: string]: any;`
23	`};`
24	`export declare type DecodedToken = {`
25	`header: Dictionary;`
26	`payload: Dictionary;`
27	`};`
28	`export interface SignatureVerifier {`
29	`verify(token: string): Promise<void>;`
30	`}`
31	`interface KeyFetcher {`
32	`fetchPublicKeys(): Promise<{`
33	`[key: string]: string;`
34	`}>;`
35	`}`
36	`export declare class JwksFetcher implements KeyFetcher {`
37	`private publicKeys;`
38	`private publicKeysExpireAt;`
39	`private client;`
40	`constructor(jwksUrl: string);`
41	`fetchPublicKeys(): Promise<{`
42	`[key: string]: string;`
43	`}>;`
44	`private shouldRefresh;`
45	`private refresh;`
46	`}`
47	`/**`
48	`* Class to fetch public keys from a client certificates URL.`
49	`*/`
50	`export declare class UrlKeyFetcher implements KeyFetcher {`
51	`private clientCertUrl;`
52	`private readonly httpAgent?;`
53	`private publicKeys;`
54	`private publicKeysExpireAt;`
55	`constructor(clientCertUrl: string, httpAgent?: Agent \| undefined);`
56	`/**`
57	`* Fetches the public keys for the Google certs.`
58	`*`
59	`* @returns A promise fulfilled with public keys for the Google certs.`
60	`*/`
61	`fetchPublicKeys(): Promise<{`
62	`[key: string]: string;`
63	`}>;`
64	`/**`
65	`* Checks if the cached public keys need to be refreshed.`
66	`*`
67	`* @returns Whether the keys should be fetched from the client certs url or not.`
68	`*/`
69	`private shouldRefresh;`
70	`private refresh;`
71	`}`
72	`/**`
73	`* Class for verifying JWT signature with a public key.`
74	`*/`
75	`export declare class PublicKeySignatureVerifier implements SignatureVerifier {`
76	`private keyFetcher;`
77	`constructor(keyFetcher: KeyFetcher);`
78	`static withCertificateUrl(clientCertUrl: string, httpAgent?: Agent): PublicKeySignatureVerifier;`
79	`static withJwksUrl(jwksUrl: string): PublicKeySignatureVerifier;`
80	`verify(token: string): Promise<void>;`
81	`private verifyWithoutKid;`
82	`private verifyWithAllKeys;`
83	`}`
84	`/**`
85	`* Class for verifying unsigned (emulator) JWTs.`
86	`*/`
87	`export declare class EmulatorSignatureVerifier implements SignatureVerifier {`
88	`verify(token: string): Promise<void>;`
89	`}`
90	`/**`
91	`* Verifies the signature of a JWT using the provided secret or a function to fetch`
92	`* the secret or public key.`
93	`*`
94	`* @param token - The JWT to be verified.`
95	`* @param secretOrPublicKey - The secret or a function to fetch the secret or public key.`
96	`* @param options - JWT verification options.`
97	`* @returns A Promise resolving for a token with a valid signature.`
98	`*/`
99	`export declare function verifyJwtSignature(token: string, secretOrPublicKey: jwt.Secret \| jwt.GetPublicKeyOrSecret, options?: jwt.VerifyOptions): Promise<void>;`
100	`/**`
101	`* Decodes general purpose Firebase JWTs.`
102	`*`
103	`* @param jwtToken - JWT token to be decoded.`
104	`* @returns Decoded token containing the header and payload.`
105	`*/`
106	`export declare function decodeJwt(jwtToken: string): Promise<DecodedToken>;`
107	`/**`
108	`* Jwt error code structure.`
109	`*`
110	`* @param code - The error code.`
111	`* @param message - The error message.`
112	`* @constructor`
113	`*/`
114	`export declare class JwtError extends Error {`
115	`readonly code: JwtErrorCode;`
116	`readonly message: string;`
117	`constructor(code: JwtErrorCode, message: string);`
118	`}`
119	`/**`
120	`* JWT error codes.`
121	`*/`
122	`export declare enum JwtErrorCode {`
123	`INVALID_ARGUMENT = "invalid-argument",`
124	`INVALID_CREDENTIAL = "invalid-credential",`
125	`TOKEN_EXPIRED = "token-expired",`
126	`INVALID_SIGNATURE = "invalid-token",`
127	`NO_MATCHING_KID = "no-matching-kid-error",`
128	`NO_KID_IN_HEADER = "no-kid-error",`
129	`KEY_FETCH_ERROR = "key-fetch-error"`
130	`}`
131	`export {};`