UNPKG

msal/lib-commonjs/utils/RequestUtils.js

Version:

8.03 kBJavaScriptView Raw

1"use strict";
2/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
6Object.defineProperty(exports, "__esModule", { value: true });
7exports.RequestUtils = void 0;
8var tslib_1 = require("tslib");
9var Constants_1 = require("./Constants");
10var ClientConfigurationError_1 = require("../error/ClientConfigurationError");
11var ScopeSet_1 = require("../ScopeSet");
12var StringUtils_1 = require("./StringUtils");
13var CryptoUtils_1 = require("./CryptoUtils");
14var TimeUtils_1 = require("./TimeUtils");
15var ClientAuthError_1 = require("../error/ClientAuthError");
16/**
* @hidden
*/
19var RequestUtils = /** @class */ (function () {
  function RequestUtils() {
  }
  /**
   * @ignore
   *
   * @param request
   * @param isLoginCall
   * @param cacheStorage
   * @param clientId
   *
   * validates all request parameters and generates a consumable request object
   */
  RequestUtils.validateRequest = function (request, isLoginCall, clientId, interactionType) {
      // Throw error if request is empty for acquire * calls
      if (!isLoginCall && !request) {
          throw ClientConfigurationError_1.ClientConfigurationError.createEmptyRequestError();
      }
      var scopes;
      var extraQueryParameters;
      if (request) {
          // if extraScopesToConsent is passed in loginCall, append them to the login request; Validate and filter scopes (the validate function will throw if validation fails)
          scopes = isLoginCall ? ScopeSet_1.ScopeSet.appendScopes(request.scopes, request.extraScopesToConsent) : request.scopes;
          ScopeSet_1.ScopeSet.validateInputScope(scopes, !isLoginCall);
          scopes = ScopeSet_1.ScopeSet.translateClientIdIfSingleScope(scopes, clientId);
          // validate prompt parameter
          this.validatePromptParameter(request.prompt);
          // validate extraQueryParameters
          extraQueryParameters = this.validateEQParameters(request.extraQueryParameters, request.claimsRequest);
          // validate claimsRequest
          this.validateClaimsRequest(request.claimsRequest);
      }
      // validate and generate state and correlationId
      var state = this.validateAndGenerateState(request && request.state, interactionType);
      var correlationId = this.validateAndGenerateCorrelationId(request && request.correlationId);
      var validatedRequest = tslib_1.__assign(tslib_1.__assign({}, request), { extraQueryParameters: extraQueryParameters,
          scopes: scopes,
          state: state,
          correlationId: correlationId });
      return validatedRequest;
  };
  /**
   * @ignore
   *
   * Utility to test if valid prompt value is passed in the request
   * @param request
   */
  RequestUtils.validatePromptParameter = function (prompt) {
      if (prompt) {
          if ([Constants_1.PromptState.LOGIN, Constants_1.PromptState.SELECT_ACCOUNT, Constants_1.PromptState.CONSENT, Constants_1.PromptState.NONE].indexOf(prompt) < 0) {
              throw ClientConfigurationError_1.ClientConfigurationError.createInvalidPromptError(prompt);
          }
      }
  };
  /**
   * @ignore
   *
   * Removes unnecessary or duplicate query parameters from extraQueryParameters
   * @param request
   */
  RequestUtils.validateEQParameters = function (extraQueryParameters, claimsRequest) {
      var eQParams = tslib_1.__assign({}, extraQueryParameters);
      if (!eQParams) {
          return null;
      }
      if (claimsRequest) {
          // this.logger.warning("Removed duplicate claims from extraQueryParameters. Please use either the claimsRequest field OR pass as extraQueryParameter - not both.");
          delete eQParams[Constants_1.Constants.claims];
      }
      Constants_1.DisallowedEQParams.forEach(function (param) {
          if (eQParams[param]) {
              // this.logger.warning("Removed duplicate " + param + " from extraQueryParameters. Please use the " + param + " field in request object.");
              delete eQParams[param];
          }
      });
      return eQParams;
  };
  /**
   * @ignore
   *
   * Validates the claims passed in request is a JSON
   * TODO: More validation will be added when the server team tells us how they have actually implemented claims
   * @param claimsRequest
   */
  RequestUtils.validateClaimsRequest = function (claimsRequest) {
      if (!claimsRequest) {
          return;
      }
      try {
          JSON.parse(claimsRequest);
      }
      catch (e) {
          throw ClientConfigurationError_1.ClientConfigurationError.createClaimsRequestParsingError(e);
      }
  };
  /**
   * @ignore
   *
   * generate unique state per request
   * @param userState User-provided state value
   * @returns State string include library state and user state
   */
  RequestUtils.validateAndGenerateState = function (userState, interactionType) {
      return !StringUtils_1.StringUtils.isEmpty(userState) ? "" + RequestUtils.generateLibraryState(interactionType) + Constants_1.Constants.resourceDelimiter + userState : RequestUtils.generateLibraryState(interactionType);
  };
  /**
   * Generates the state value used by the library.
   *
   * @returns Base64 encoded string representing the state
   */
  RequestUtils.generateLibraryState = function (interactionType) {
      var stateObject = {
          id: CryptoUtils_1.CryptoUtils.createNewGuid(),
          ts: TimeUtils_1.TimeUtils.now(),
          method: interactionType
      };
      var stateString = JSON.stringify(stateObject);
      return CryptoUtils_1.CryptoUtils.base64Encode(stateString);
  };
  /**
   * Decodes the state value into a StateObject
   *
   * @param state State value returned in the request
   * @returns Parsed values from the encoded state value
   */
  RequestUtils.parseLibraryState = function (state) {
      var libraryState = decodeURIComponent(state).split(Constants_1.Constants.resourceDelimiter)[0];
      if (CryptoUtils_1.CryptoUtils.isGuid(libraryState)) {
          // If state is guid, assume timestamp is now and is redirect, as redirect should be only method where this can happen.
          return {
              id: libraryState,
              ts: TimeUtils_1.TimeUtils.now(),
              method: Constants_1.Constants.interactionTypeRedirect
          };
      }
      try {
          var stateString = CryptoUtils_1.CryptoUtils.base64Decode(libraryState);
          var stateObject = JSON.parse(stateString);
          return stateObject;
      }
      catch (e) {
          throw ClientAuthError_1.ClientAuthError.createInvalidStateError(state, null);
      }
  };
  /**
   * @ignore
   *
   * validate correlationId and generate if not valid or not set by the user
   * @param correlationId
   */
  RequestUtils.validateAndGenerateCorrelationId = function (correlationId) {
      // validate user set correlationId or set one for the user if null
      if (correlationId && !CryptoUtils_1.CryptoUtils.isGuid(correlationId)) {
          throw ClientConfigurationError_1.ClientConfigurationError.createInvalidCorrelationIdError();
      }
      return CryptoUtils_1.CryptoUtils.isGuid(correlationId) ? correlationId : CryptoUtils_1.CryptoUtils.createNewGuid();
  };
  /**
   * Create a request signature
   * @param request
   */
  RequestUtils.createRequestSignature = function (request) {
      return "" + request.scopes.join(" ").toLowerCase() + Constants_1.Constants.resourceDelimiter + request.authority;
  };
  return RequestUtils;
184}());
185exports.RequestUtils = RequestUtils;
186//# sourceMappingURL=RequestUtils.js.map
\No newline at end of file

1	`"use strict";`
2	`/*`
3	`* Copyright (c) Microsoft Corporation. All rights reserved.`
4	`* Licensed under the MIT License.`
5	`*/`
6	`Object.defineProperty(exports, "__esModule", { value: true });`
7	`exports.RequestUtils = void 0;`
8	`var tslib_1 = require("tslib");`
9	`var Constants_1 = require("./Constants");`
10	`var ClientConfigurationError_1 = require("../error/ClientConfigurationError");`
11	`var ScopeSet_1 = require("../ScopeSet");`
12	`var StringUtils_1 = require("./StringUtils");`
13	`var CryptoUtils_1 = require("./CryptoUtils");`
14	`var TimeUtils_1 = require("./TimeUtils");`
15	`var ClientAuthError_1 = require("../error/ClientAuthError");`
16	`/**`
17	`* @hidden`
18	`*/`
19	`var RequestUtils = /** @class */ (function () {`
20	`function RequestUtils() {`
21	`}`
22	`/**`
23	`* @ignore`
24	`*`
25	`* @param request`
26	`* @param isLoginCall`
27	`* @param cacheStorage`
28	`* @param clientId`
29	`*`
30	`* validates all request parameters and generates a consumable request object`
31	`*/`
32	`RequestUtils.validateRequest = function (request, isLoginCall, clientId, interactionType) {`
33	`// Throw error if request is empty for acquire * calls`
34	`if (!isLoginCall && !request) {`
35	`throw ClientConfigurationError_1.ClientConfigurationError.createEmptyRequestError();`
36	`}`
37	`var scopes;`
38	`var extraQueryParameters;`
39	`if (request) {`
40	`// if extraScopesToConsent is passed in loginCall, append them to the login request; Validate and filter scopes (the validate function will throw if validation fails)`
41	`scopes = isLoginCall ? ScopeSet_1.ScopeSet.appendScopes(request.scopes, request.extraScopesToConsent) : request.scopes;`
42	`ScopeSet_1.ScopeSet.validateInputScope(scopes, !isLoginCall);`
43	`scopes = ScopeSet_1.ScopeSet.translateClientIdIfSingleScope(scopes, clientId);`
44	`// validate prompt parameter`
45	`this.validatePromptParameter(request.prompt);`
46	`// validate extraQueryParameters`
47	`extraQueryParameters = this.validateEQParameters(request.extraQueryParameters, request.claimsRequest);`
48	`// validate claimsRequest`
49	`this.validateClaimsRequest(request.claimsRequest);`
50	`}`
51	`// validate and generate state and correlationId`
52	`var state = this.validateAndGenerateState(request && request.state, interactionType);`
53	`var correlationId = this.validateAndGenerateCorrelationId(request && request.correlationId);`
54	`var validatedRequest = tslib_1.__assign(tslib_1.__assign({}, request), { extraQueryParameters: extraQueryParameters,`
55	`scopes: scopes,`
56	`state: state,`
57	`correlationId: correlationId });`
58	`return validatedRequest;`
59	`};`
60	`/**`
61	`* @ignore`
62	`*`
63	`* Utility to test if valid prompt value is passed in the request`
64	`* @param request`
65	`*/`
66	`RequestUtils.validatePromptParameter = function (prompt) {`
67	`if (prompt) {`
68	`if ([Constants_1.PromptState.LOGIN, Constants_1.PromptState.SELECT_ACCOUNT, Constants_1.PromptState.CONSENT, Constants_1.PromptState.NONE].indexOf(prompt) < 0) {`
69	`throw ClientConfigurationError_1.ClientConfigurationError.createInvalidPromptError(prompt);`
70	`}`
71	`}`
72	`};`
73	`/**`
74	`* @ignore`
75	`*`
76	`* Removes unnecessary or duplicate query parameters from extraQueryParameters`
77	`* @param request`
78	`*/`
79	`RequestUtils.validateEQParameters = function (extraQueryParameters, claimsRequest) {`
80	`var eQParams = tslib_1.__assign({}, extraQueryParameters);`
81	`if (!eQParams) {`
82	`return null;`
83	`}`
84	`if (claimsRequest) {`
85	`// this.logger.warning("Removed duplicate claims from extraQueryParameters. Please use either the claimsRequest field OR pass as extraQueryParameter - not both.");`
86	`delete eQParams[Constants_1.Constants.claims];`
87	`}`
88	`Constants_1.DisallowedEQParams.forEach(function (param) {`
89	`if (eQParams[param]) {`
90	`// this.logger.warning("Removed duplicate " + param + " from extraQueryParameters. Please use the " + param + " field in request object.");`
91	`delete eQParams[param];`
92	`}`
93	`});`
94	`return eQParams;`
95	`};`
96	`/**`
97	`* @ignore`
98	`*`
99	`* Validates the claims passed in request is a JSON`
100	`* TODO: More validation will be added when the server team tells us how they have actually implemented claims`
101	`* @param claimsRequest`
102	`*/`
103	`RequestUtils.validateClaimsRequest = function (claimsRequest) {`
104	`if (!claimsRequest) {`
105	`return;`
106	`}`
107	`try {`
108	`JSON.parse(claimsRequest);`
109	`}`
110	`catch (e) {`
111	`throw ClientConfigurationError_1.ClientConfigurationError.createClaimsRequestParsingError(e);`
112	`}`
113	`};`
114	`/**`
115	`* @ignore`
116	`*`
117	`* generate unique state per request`
118	`* @param userState User-provided state value`
119	`* @returns State string include library state and user state`
120	`*/`
121	`RequestUtils.validateAndGenerateState = function (userState, interactionType) {`
122	`return !StringUtils_1.StringUtils.isEmpty(userState) ? "" + RequestUtils.generateLibraryState(interactionType) + Constants_1.Constants.resourceDelimiter + userState : RequestUtils.generateLibraryState(interactionType);`
123	`};`
124	`/**`
125	`* Generates the state value used by the library.`
126	`*`
127	`* @returns Base64 encoded string representing the state`
128	`*/`
129	`RequestUtils.generateLibraryState = function (interactionType) {`
130	`var stateObject = {`
131	`id: CryptoUtils_1.CryptoUtils.createNewGuid(),`
132	`ts: TimeUtils_1.TimeUtils.now(),`
133	`method: interactionType`
134	`};`
135	`var stateString = JSON.stringify(stateObject);`
136	`return CryptoUtils_1.CryptoUtils.base64Encode(stateString);`
137	`};`
138	`/**`
139	`* Decodes the state value into a StateObject`
140	`*`
141	`* @param state State value returned in the request`
142	`* @returns Parsed values from the encoded state value`
143	`*/`
144	`RequestUtils.parseLibraryState = function (state) {`
145	`var libraryState = decodeURIComponent(state).split(Constants_1.Constants.resourceDelimiter)[0];`
146	`if (CryptoUtils_1.CryptoUtils.isGuid(libraryState)) {`
147	`// If state is guid, assume timestamp is now and is redirect, as redirect should be only method where this can happen.`
148	`return {`
149	`id: libraryState,`
150	`ts: TimeUtils_1.TimeUtils.now(),`
151	`method: Constants_1.Constants.interactionTypeRedirect`
152	`};`
153	`}`
154	`try {`
155	`var stateString = CryptoUtils_1.CryptoUtils.base64Decode(libraryState);`
156	`var stateObject = JSON.parse(stateString);`
157	`return stateObject;`
158	`}`
159	`catch (e) {`
160	`throw ClientAuthError_1.ClientAuthError.createInvalidStateError(state, null);`
161	`}`
162	`};`
163	`/**`
164	`* @ignore`
165	`*`
166	`* validate correlationId and generate if not valid or not set by the user`
167	`* @param correlationId`
168	`*/`
169	`RequestUtils.validateAndGenerateCorrelationId = function (correlationId) {`
170	`// validate user set correlationId or set one for the user if null`
171	`if (correlationId && !CryptoUtils_1.CryptoUtils.isGuid(correlationId)) {`
172	`throw ClientConfigurationError_1.ClientConfigurationError.createInvalidCorrelationIdError();`
173	`}`
174	`return CryptoUtils_1.CryptoUtils.isGuid(correlationId) ? correlationId : CryptoUtils_1.CryptoUtils.createNewGuid();`
175	`};`
176	`/**`
177	`* Create a request signature`
178	`* @param request`
179	`*/`
180	`RequestUtils.createRequestSignature = function (request) {`
181	`return "" + request.scopes.join(" ").toLowerCase() + Constants_1.Constants.resourceDelimiter + request.authority;`
182	`};`
183	`return RequestUtils;`
184	`}());`
185	`exports.RequestUtils = RequestUtils;`
186	`//# sourceMappingURL=RequestUtils.js.map`
\	No newline at end of file