1 | "use strict";
|
2 |
|
3 |
|
4 |
|
5 |
|
6 |
|
7 |
|
8 |
|
9 |
|
10 |
|
11 |
|
12 |
|
13 |
|
14 |
|
15 | Object.defineProperty(exports, "__esModule", { value: true });
|
16 | exports.InvalidSubjectTokenError = exports.InvalidMessageFieldError = exports.InvalidCodeFieldError = exports.InvalidTokenTypeFieldError = exports.InvalidExpirationTimeFieldError = exports.InvalidSuccessFieldError = exports.InvalidVersionFieldError = exports.ExecutableResponseError = exports.ExecutableResponse = void 0;
|
17 | const SAML_SUBJECT_TOKEN_TYPE = 'urn:ietf:params:oauth:token-type:saml2';
|
18 | const OIDC_SUBJECT_TOKEN_TYPE1 = 'urn:ietf:params:oauth:token-type:id_token';
|
19 | const OIDC_SUBJECT_TOKEN_TYPE2 = 'urn:ietf:params:oauth:token-type:jwt';
|
20 |
|
21 |
|
22 |
|
23 | class ExecutableResponse {
|
24 | |
25 |
|
26 |
|
27 |
|
28 |
|
29 |
|
30 | constructor(responseJson) {
|
31 |
|
32 | if (!responseJson.version) {
|
33 | throw new InvalidVersionFieldError("Executable response must contain a 'version' field.");
|
34 | }
|
35 | if (responseJson.success === undefined) {
|
36 | throw new InvalidSuccessFieldError("Executable response must contain a 'success' field.");
|
37 | }
|
38 | this.version = responseJson.version;
|
39 | this.success = responseJson.success;
|
40 |
|
41 | if (this.success) {
|
42 | this.expirationTime = responseJson.expiration_time;
|
43 | this.tokenType = responseJson.token_type;
|
44 |
|
45 | if (this.tokenType !== SAML_SUBJECT_TOKEN_TYPE &&
|
46 | this.tokenType !== OIDC_SUBJECT_TOKEN_TYPE1 &&
|
47 | this.tokenType !== OIDC_SUBJECT_TOKEN_TYPE2) {
|
48 | throw new InvalidTokenTypeFieldError("Executable response must contain a 'token_type' field when successful " +
|
49 | `and it must be one of ${OIDC_SUBJECT_TOKEN_TYPE1}, ${OIDC_SUBJECT_TOKEN_TYPE2}, or ${SAML_SUBJECT_TOKEN_TYPE}.`);
|
50 | }
|
51 |
|
52 | if (this.tokenType === SAML_SUBJECT_TOKEN_TYPE) {
|
53 | if (!responseJson.saml_response) {
|
54 | throw new InvalidSubjectTokenError(`Executable response must contain a 'saml_response' field when token_type=${SAML_SUBJECT_TOKEN_TYPE}.`);
|
55 | }
|
56 | this.subjectToken = responseJson.saml_response;
|
57 | }
|
58 | else {
|
59 | if (!responseJson.id_token) {
|
60 | throw new InvalidSubjectTokenError("Executable response must contain a 'id_token' field when " +
|
61 | `token_type=${OIDC_SUBJECT_TOKEN_TYPE1} or ${OIDC_SUBJECT_TOKEN_TYPE2}.`);
|
62 | }
|
63 | this.subjectToken = responseJson.id_token;
|
64 | }
|
65 | }
|
66 | else {
|
67 |
|
68 | if (!responseJson.code) {
|
69 | throw new InvalidCodeFieldError("Executable response must contain a 'code' field when unsuccessful.");
|
70 | }
|
71 | if (!responseJson.message) {
|
72 | throw new InvalidMessageFieldError("Executable response must contain a 'message' field when unsuccessful.");
|
73 | }
|
74 | this.errorCode = responseJson.code;
|
75 | this.errorMessage = responseJson.message;
|
76 | }
|
77 | }
|
78 | |
79 |
|
80 |
|
81 |
|
82 | isValid() {
|
83 | return !this.isExpired() && this.success;
|
84 | }
|
85 | |
86 |
|
87 |
|
88 |
|
89 | isExpired() {
|
90 | return (this.expirationTime !== undefined &&
|
91 | this.expirationTime < Math.round(Date.now() / 1000));
|
92 | }
|
93 | }
|
94 | exports.ExecutableResponse = ExecutableResponse;
|
95 |
|
96 |
|
97 |
|
98 | class ExecutableResponseError extends Error {
|
99 | constructor(message) {
|
100 | super(message);
|
101 | Object.setPrototypeOf(this, new.target.prototype);
|
102 | }
|
103 | }
|
104 | exports.ExecutableResponseError = ExecutableResponseError;
|
105 |
|
106 |
|
107 |
|
108 | class InvalidVersionFieldError extends ExecutableResponseError {
|
109 | }
|
110 | exports.InvalidVersionFieldError = InvalidVersionFieldError;
|
111 |
|
112 |
|
113 |
|
114 | class InvalidSuccessFieldError extends ExecutableResponseError {
|
115 | }
|
116 | exports.InvalidSuccessFieldError = InvalidSuccessFieldError;
|
117 |
|
118 |
|
119 |
|
120 | class InvalidExpirationTimeFieldError extends ExecutableResponseError {
|
121 | }
|
122 | exports.InvalidExpirationTimeFieldError = InvalidExpirationTimeFieldError;
|
123 |
|
124 |
|
125 |
|
126 | class InvalidTokenTypeFieldError extends ExecutableResponseError {
|
127 | }
|
128 | exports.InvalidTokenTypeFieldError = InvalidTokenTypeFieldError;
|
129 |
|
130 |
|
131 |
|
132 | class InvalidCodeFieldError extends ExecutableResponseError {
|
133 | }
|
134 | exports.InvalidCodeFieldError = InvalidCodeFieldError;
|
135 |
|
136 |
|
137 |
|
138 | class InvalidMessageFieldError extends ExecutableResponseError {
|
139 | }
|
140 | exports.InvalidMessageFieldError = InvalidMessageFieldError;
|
141 |
|
142 |
|
143 |
|
144 | class InvalidSubjectTokenError extends ExecutableResponseError {
|
145 | }
|
146 | exports.InvalidSubjectTokenError = InvalidSubjectTokenError;
|