UNPKG

jwks-rsa/lib/JwksClient.js

Version:

5.4 kBJavaScriptView Raw

1'use strict';
2
3Object.defineProperty(exports, "__esModule", {
4  value: true
5});
6exports.JwksClient = undefined;
7
8var _extends = Object.assign || function (target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i]; for (var key in source) { if (Object.prototype.hasOwnProperty.call(source, key)) { target[key] = source[key]; } } } return target; };
9
10var _createClass = function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ("value" in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; }();
11
12var _debug = require('debug');
13
14var _debug2 = _interopRequireDefault(_debug);
15
16var _request = require('request');
17
18var _request2 = _interopRequireDefault(_request);
19
20var _JwksError = require('./errors/JwksError');
21
22var _JwksError2 = _interopRequireDefault(_JwksError);
23
24var _SigningKeyNotFoundError = require('./errors/SigningKeyNotFoundError');
25
26var _SigningKeyNotFoundError2 = _interopRequireDefault(_SigningKeyNotFoundError);
27
28var _utils = require('./utils');
29
30var _wrappers = require('./wrappers');
31
32function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
33
34function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } }
35
36var JwksClient = exports.JwksClient = function () {
37  function JwksClient(options) {
38    var _this = this;
39
40    _classCallCheck(this, JwksClient);
41
42    this.getSigningKey = function (kid, cb) {
43      _this.logger('Fetching signing key for \'' + kid + '\'');
44
45      _this.getSigningKeys(function (err, keys) {
46        if (err) {
47          return cb(err);
48        }
49
50        var key = keys.find(function (k) {
51          return k.kid === kid;
52        });
53        if (key) {
54          return cb(null, key);
55        } else {
56          _this.logger('Unable to find a signing key that matches \'' + kid + '\'');
57          return cb(new _SigningKeyNotFoundError2.default('Unable to find a signing key that matches \'' + kid + '\''));
58        }
59      });
60    };
61
62    this.options = _extends({
63      rateLimit: false,
64      cache: true,
65      strictSsl: true
66    }, options);
67    this.logger = (0, _debug2.default)('jwks');
68
69    // Initialize wrappers.
70    if (this.options.rateLimit) {
71      this.getSigningKey = (0, _wrappers.rateLimitSigningKey)(this, options);
72    }
73    if (this.options.cache) {
74      this.getSigningKey = (0, _wrappers.cacheSigningKey)(this, options);
75    }
76  }
77
78  _createClass(JwksClient, [{
79    key: 'getKeys',
80    value: function getKeys(cb) {
81      var _this2 = this;
82
83      this.logger('Fetching keys from \'' + this.options.jwksUri + '\'');
84      (0, _request2.default)({
85        json: true,
86        uri: this.options.jwksUri,
87        strictSSL: this.options.strictSsl,
88        headers: this.options.requestHeaders,
89        agentOptions: this.options.requestAgentOptions,
90        proxy: this.options.proxy
91      }, function (err, res) {
92        if (err || res.statusCode < 200 || res.statusCode >= 300) {
93          _this2.logger('Failure:', res && res.body || err);
94          if (res) {
95            return cb(new _JwksError2.default(res.body && (res.body.message || res.body) || res.statusMessage || 'Http Error ' + res.statusCode));
96          }
97          return cb(err);
98        }
99
100        _this2.logger('Keys:', res.body.keys);
101        return cb(null, res.body.keys);
102      });
103    }
104  }, {
105    key: 'getSigningKeys',
106    value: function getSigningKeys(cb) {
107      var _this3 = this;
108
109      this.getKeys(function (err, keys) {
110        if (err) {
111          return cb(err);
112        }
113
114        if (!keys || !keys.length) {
115          return cb(new _JwksError2.default('The JWKS endpoint did not contain any keys'));
116        }
117
118        var signingKeys = keys.filter(function (key) {
119          if (key.kty !== 'RSA') {
120            return false;
121          }
122          if (!key.kid) {
123            return false;
124          }
125          if (key.hasOwnProperty('use') && key.use !== 'sig') {
126            return false;
127          }
128          return key.x5c && key.x5c.length || key.n && key.e;
129        }).map(function (key) {
130          var jwk = {
131            kid: key.kid,
132            nbf: key.nbf
133          };
134          var hasCertificateChain = key.x5c && key.x5c.length;
135          if (hasCertificateChain) {
136            jwk.publicKey = (0, _utils.certToPEM)(key.x5c[0]);
137            jwk.getPublicKey = function () {
138              return jwk.publicKey;
139            };
140          } else {
141            jwk.rsaPublicKey = (0, _utils.rsaPublicKeyToPEM)(key.n, key.e);
142            jwk.getPublicKey = function () {
143              return jwk.rsaPublicKey;
144            };
145          }
146          return jwk;
147        });
148
149        if (!signingKeys.length) {
150          return cb(new _JwksError2.default('The JWKS endpoint did not contain any signing keys'));
151        }
152
153        _this3.logger('Signing Keys:', signingKeys);
154        return cb(null, signingKeys);
155      });
156    }
157  }]);
158
159  return JwksClient;
160}();
\No newline at end of file

1	`'use strict';`
2
3	`Object.defineProperty(exports, "__esModule", {`
4	`value: true`
5	`});`
6	`exports.JwksClient = undefined;`
7
8	`var _extends = Object.assign \|\| function (target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i]; for (var key in source) { if (Object.prototype.hasOwnProperty.call(source, key)) { target[key] = source[key]; } } } return target; };`
9
10	var _createClass = function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable \|\| false; descriptor.configurable = true; if ("value" in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; }();
11
12	`var _debug = require('debug');`
13
14	`var _debug2 = _interopRequireDefault(_debug);`
15
16	`var _request = require('request');`
17
18	`var _request2 = _interopRequireDefault(_request);`
19
20	`var _JwksError = require('./errors/JwksError');`
21
22	`var _JwksError2 = _interopRequireDefault(_JwksError);`
23
24	`var _SigningKeyNotFoundError = require('./errors/SigningKeyNotFoundError');`
25
26	`var _SigningKeyNotFoundError2 = _interopRequireDefault(_SigningKeyNotFoundError);`
27
28	`var _utils = require('./utils');`
29
30	`var _wrappers = require('./wrappers');`
31
32	`function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }`
33
34	`function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } }`
35
36	`var JwksClient = exports.JwksClient = function () {`
37	`function JwksClient(options) {`
38	`var _this = this;`
39
40	`_classCallCheck(this, JwksClient);`
41
42	`this.getSigningKey = function (kid, cb) {`
43	`_this.logger('Fetching signing key for \'' + kid + '\'');`
44
45	`_this.getSigningKeys(function (err, keys) {`
46	`if (err) {`
47	`return cb(err);`
48	`}`
49
50	`var key = keys.find(function (k) {`
51	`return k.kid === kid;`
52	`});`
53	`if (key) {`
54	`return cb(null, key);`
55	`} else {`
56	`_this.logger('Unable to find a signing key that matches \'' + kid + '\'');`
57	`return cb(new _SigningKeyNotFoundError2.default('Unable to find a signing key that matches \'' + kid + '\''));`
58	`}`
59	`});`
60	`};`
61
62	`this.options = _extends({`
63	`rateLimit: false,`
64	`cache: true,`
65	`strictSsl: true`
66	`}, options);`
67	`this.logger = (0, _debug2.default)('jwks');`
68
69	`// Initialize wrappers.`
70	`if (this.options.rateLimit) {`
71	`this.getSigningKey = (0, _wrappers.rateLimitSigningKey)(this, options);`
72	`}`
73	`if (this.options.cache) {`
74	`this.getSigningKey = (0, _wrappers.cacheSigningKey)(this, options);`
75	`}`
76	`}`
77
78	`_createClass(JwksClient, [{`
79	`key: 'getKeys',`
80	`value: function getKeys(cb) {`
81	`var _this2 = this;`
82
83	`this.logger('Fetching keys from \'' + this.options.jwksUri + '\'');`
84	`(0, _request2.default)({`
85	`json: true,`
86	`uri: this.options.jwksUri,`
87	`strictSSL: this.options.strictSsl,`
88	`headers: this.options.requestHeaders,`
89	`agentOptions: this.options.requestAgentOptions,`
90	`proxy: this.options.proxy`
91	`}, function (err, res) {`
92	`if (err \|\| res.statusCode < 200 \|\| res.statusCode >= 300) {`
93	`_this2.logger('Failure:', res && res.body \|\| err);`
94	`if (res) {`
95	`return cb(new _JwksError2.default(res.body && (res.body.message \|\| res.body) \|\| res.statusMessage \|\| 'Http Error ' + res.statusCode));`
96	`}`
97	`return cb(err);`
98	`}`
99
100	`_this2.logger('Keys:', res.body.keys);`
101	`return cb(null, res.body.keys);`
102	`});`
103	`}`
104	`}, {`
105	`key: 'getSigningKeys',`
106	`value: function getSigningKeys(cb) {`
107	`var _this3 = this;`
108
109	`this.getKeys(function (err, keys) {`
110	`if (err) {`
111	`return cb(err);`
112	`}`
113
114	`if (!keys \|\| !keys.length) {`
115	`return cb(new _JwksError2.default('The JWKS endpoint did not contain any keys'));`
116	`}`
117
118	`var signingKeys = keys.filter(function (key) {`
119	`if (key.kty !== 'RSA') {`
120	`return false;`
121	`}`
122	`if (!key.kid) {`
123	`return false;`
124	`}`
125	`if (key.hasOwnProperty('use') && key.use !== 'sig') {`
126	`return false;`
127	`}`
128	`return key.x5c && key.x5c.length \|\| key.n && key.e;`
129	`}).map(function (key) {`
130	`var jwk = {`
131	`kid: key.kid,`
132	`nbf: key.nbf`
133	`};`
134	`var hasCertificateChain = key.x5c && key.x5c.length;`
135	`if (hasCertificateChain) {`
136	`jwk.publicKey = (0, _utils.certToPEM)(key.x5c[0]);`
137	`jwk.getPublicKey = function () {`
138	`return jwk.publicKey;`
139	`};`
140	`} else {`
141	`jwk.rsaPublicKey = (0, _utils.rsaPublicKeyToPEM)(key.n, key.e);`
142	`jwk.getPublicKey = function () {`
143	`return jwk.rsaPublicKey;`
144	`};`
145	`}`
146	`return jwk;`
147	`});`
148
149	`if (!signingKeys.length) {`
150	`return cb(new _JwksError2.default('The JWKS endpoint did not contain any signing keys'));`
151	`}`
152
153	`_this3.logger('Signing Keys:', signingKeys);`
154	`return cb(null, signingKeys);`
155	`});`
156	`}`
157	`}]);`
158
159	`return JwksClient;`
160	`}();`
\	No newline at end of file