UNPKG

8.76 kBJavaScriptView Raw
1"use strict";
2/*
3 * Copyright (c) Microsoft Corporation. All rights reserved.
4 * Licensed under the MIT License.
5 */
6Object.defineProperty(exports, "__esModule", { value: true });
7exports.ScopeSet = void 0;
8var tslib_1 = require("tslib");
9var ClientConfigurationError_1 = require("./error/ClientConfigurationError");
10var Constants_1 = require("./utils/Constants");
11var ScopeSet = /** @class */ (function () {
12 function ScopeSet() {
13 }
14 /**
15 * Check if there are dup scopes in a given request
16 *
17 * @param cachedScopes
18 * @param scopes
19 */
20 // TODO: Rename this, intersecting scopes isn't a great name for duplicate checker
21 ScopeSet.isIntersectingScopes = function (cachedScopes, scopes) {
22 var convertedCachedScopes = this.trimAndConvertArrayToLowerCase(tslib_1.__spreadArrays(cachedScopes));
23 var requestScopes = this.trimAndConvertArrayToLowerCase(tslib_1.__spreadArrays(scopes));
24 for (var i = 0; i < requestScopes.length; i++) {
25 if (convertedCachedScopes.indexOf(requestScopes[i].toLowerCase()) > -1) {
26 return true;
27 }
28 }
29 return false;
30 };
31 /**
32 * Check if a given scope is present in the request
33 *
34 * @param cachedScopes
35 * @param scopes
36 */
37 ScopeSet.containsScope = function (cachedScopes, scopes) {
38 var convertedCachedScopes = this.trimAndConvertArrayToLowerCase(tslib_1.__spreadArrays(cachedScopes));
39 var requestScopes = this.trimAndConvertArrayToLowerCase(tslib_1.__spreadArrays(scopes));
40 return requestScopes.every(function (value) { return convertedCachedScopes.indexOf(value.toString().toLowerCase()) >= 0; });
41 };
42 /**
43 * Trims and converts string to lower case
44 *
45 * @param scopes
46 */
47 // TODO: Rename this, too generic name for a function that only deals with scopes
48 ScopeSet.trimAndConvertToLowerCase = function (scope) {
49 return scope.trim().toLowerCase();
50 };
51 /**
52 * Performs trimAndConvertToLowerCase on string array
53 * @param scopes
54 */
55 ScopeSet.trimAndConvertArrayToLowerCase = function (scopes) {
56 var _this = this;
57 return scopes.map(function (scope) { return _this.trimAndConvertToLowerCase(scope); });
58 };
59 /**
60 * Trims each scope in scopes array
61 * @param scopes
62 */
63 ScopeSet.trimScopes = function (scopes) {
64 return scopes.map(function (scope) { return scope.trim(); });
65 };
66 /**
67 * Remove one element from a scope array
68 *
69 * @param scopes
70 * @param scope
71 */
72 // TODO: Rename this, too generic name for a function that only deals with scopes
73 ScopeSet.removeElement = function (scopes, scope) {
74 var scopeVal = this.trimAndConvertToLowerCase(scope);
75 return scopes.filter(function (value) { return value !== scopeVal; });
76 };
77 /**
78 * Parse the scopes into a formatted scopeList
79 * @param scopes
80 */
81 ScopeSet.parseScope = function (scopes) {
82 var scopeList = "";
83 if (scopes) {
84 for (var i = 0; i < scopes.length; ++i) {
85 scopeList += (i !== scopes.length - 1) ? scopes[i] + " " : scopes[i];
86 }
87 }
88 return scopeList;
89 };
90 /**
91 * @hidden
92 *
93 * Used to validate the scopes input parameter requested by the developer.
94 * @param {Array<string>} scopes - Developer requested permissions. Not all scopes are guaranteed to be included in the access token returned.
95 * @param {boolean} scopesRequired - Boolean indicating whether the scopes array is required or not
96 * @ignore
97 */
98 ScopeSet.validateInputScope = function (scopes, scopesRequired) {
99 if (!scopes) {
100 if (scopesRequired) {
101 throw ClientConfigurationError_1.ClientConfigurationError.createScopesRequiredError(scopes);
102 }
103 else {
104 return;
105 }
106 }
107 // Check that scopes is an array object (also throws error if scopes == null)
108 if (!Array.isArray(scopes)) {
109 throw ClientConfigurationError_1.ClientConfigurationError.createScopesNonArrayError(scopes);
110 }
111 // Check that scopes is not an empty array
112 if (scopes.length < 1 && scopesRequired) {
113 throw ClientConfigurationError_1.ClientConfigurationError.createEmptyScopesArrayError(scopes.toString());
114 }
115 };
116 /**
117 * @hidden
118 *
119 * Extracts scope value from the state sent with the authentication request.
120 * @param {string} state
121 * @returns {string} scope.
122 * @ignore
123 */
124 ScopeSet.getScopeFromState = function (state) {
125 if (state) {
126 var splitIndex = state.indexOf(Constants_1.Constants.resourceDelimiter);
127 if (splitIndex > -1 && splitIndex + 1 < state.length) {
128 return state.substring(splitIndex + 1);
129 }
130 }
131 return "";
132 };
133 /**
134 * @ignore
135 * Appends extraScopesToConsent if passed
136 * @param {@link AuthenticationParameters}
137 */
138 ScopeSet.appendScopes = function (reqScopes, reqExtraScopesToConsent) {
139 if (reqScopes) {
140 var convertedExtraScopes = reqExtraScopesToConsent ? this.trimAndConvertArrayToLowerCase(tslib_1.__spreadArrays(reqExtraScopesToConsent)) : null;
141 var convertedReqScopes = this.trimAndConvertArrayToLowerCase(tslib_1.__spreadArrays(reqScopes));
142 return convertedExtraScopes ? tslib_1.__spreadArrays(convertedReqScopes, convertedExtraScopes) : convertedReqScopes;
143 }
144 return null;
145 };
146 // #endregion
147 /**
148 * @ignore
149 * Returns true if the scopes array only contains openid and/or profile
150 */
151 ScopeSet.onlyContainsOidcScopes = function (scopes) {
152 var scopesCount = scopes.length;
153 var oidcScopesFound = 0;
154 if (scopes.indexOf(Constants_1.Constants.openidScope) > -1) {
155 oidcScopesFound += 1;
156 }
157 if (scopes.indexOf(Constants_1.Constants.profileScope) > -1) {
158 oidcScopesFound += 1;
159 }
160 return (scopesCount > 0 && scopesCount === oidcScopesFound);
161 };
162 /**
163 * @ignore
164 * Returns true if the scopes array only contains openid and/or profile
165 */
166 ScopeSet.containsAnyOidcScopes = function (scopes) {
167 var containsOpenIdScope = scopes.indexOf(Constants_1.Constants.openidScope) > -1;
168 var containsProfileScope = scopes.indexOf(Constants_1.Constants.profileScope) > -1;
169 return (containsOpenIdScope || containsProfileScope);
170 };
171 /**
172 * @ignore
173 * Returns true if the clientId is the only scope in the array
174 */
175 ScopeSet.onlyContainsClientId = function (scopes, clientId) {
176 // Double negation to force false value returned in case scopes is null
177 return !!scopes && (scopes.indexOf(clientId) > -1 && scopes.length === 1);
178 };
179 /**
180 * @ignore
181 * Adds missing OIDC scopes to scopes array without duplication. Since STS requires OIDC scopes for
182 * all implicit flow requests, 'openid' and 'profile' should always be included in the final request
183 */
184 ScopeSet.appendDefaultScopes = function (scopes) {
185 var extendedScopes = scopes;
186 if (extendedScopes.indexOf(Constants_1.Constants.openidScope) === -1) {
187 extendedScopes.push(Constants_1.Constants.openidScope);
188 }
189 if (extendedScopes.indexOf(Constants_1.Constants.profileScope) === -1) {
190 extendedScopes.push(Constants_1.Constants.profileScope);
191 }
192 return extendedScopes;
193 };
194 /**
195 * @ignore
196 * Removes present OIDC scopes from scopes array.
197 */
198 ScopeSet.removeDefaultScopes = function (scopes) {
199 return scopes.filter(function (scope) {
200 return (scope !== Constants_1.Constants.openidScope && scope !== Constants_1.Constants.profileScope);
201 });
202 };
203 /**
204 * @ignore
205 * Removes clientId from scopes array if included as only scope. If it's not the only scope, it is treated as a resource scope.
206 * @param scopes Array<string>: Pre-normalized scopes array
207 * @param clientId string: The application's clientId that is searched for in the scopes array
208 */
209 ScopeSet.translateClientIdIfSingleScope = function (scopes, clientId) {
210 return this.onlyContainsClientId(scopes, clientId) ? Constants_1.Constants.oidcScopes : scopes;
211 };
212 return ScopeSet;
213}());
214exports.ScopeSet = ScopeSet;
215//# sourceMappingURL=ScopeSet.js.map
\No newline at end of file