Skip to content

Commit 7ce6e9e

Browse files
akdombrowskiakdombrowski
committed
babel files
1 parent 2865aa2 commit 7ce6e9e

File tree

1 file changed

+75
-77
lines changed

1 file changed

+75
-77
lines changed

lib/index.js

Lines changed: 75 additions & 77 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
Object.defineProperty(exports, "__esModule", {
44
value: true
55
});
6-
exports["default"] = exports.jwtEncode = exports.parsePayloadToJSON = exports.parseHeaderToJSON = exports.createHeaderBase64URL = exports.createPayloadBase64URL = exports.createHeaderPayload = exports.rs256PEMVerify = exports.rs256JWKVerify = exports.rs256PEMSign = exports.rs256JWKSign = exports.hs256Sign = exports.jwtDecode = void 0;
6+
exports["default"] = exports.jwtEncode = exports.parseToJSON = exports.base64URLEncode = exports.createHeaderPayload = exports.hs256Verify = exports.rs256PEMVerify = exports.rs256JWKVerify = exports.rs256PEMSign = exports.rs256JWKSign = exports.hs256Sign = exports.jwtDecode = void 0;
77

88
var _crypto = _interopRequireDefault(require("crypto"));
99

@@ -270,7 +270,8 @@ var rs256JWKVerify = function rs256JWKVerify(jwt, publicKey) {
270270
*
271271
* @export
272272
* @param {*} jwt The JSON web token.
273-
* @param {*} publicKey The public key used to verify. Must be in PEM format
273+
* @param {*} publicKey The public key used to verify. Must be a PEM formatted
274+
* string.
274275
* for this method
275276
* @returns True if verified, false otherwise.
276277
*/
@@ -302,16 +303,59 @@ var rs256PEMVerify = function rs256PEMVerify(jwt, publicKey) {
302303
return isVerified;
303304
};
304305
/**
305-
* VCreates the combined header payload portion of the JWT.
306+
* Verifies a jwt signed with HS256 (HMAC with SHA256) with a passphrase.
307+
*
308+
* @export
309+
* @param {string} jwt The JSON web token.
310+
* @param {string} passphrase The secret or passphrase used to sign the jwt.
311+
* @param {string} passphraseEncoding The encoding of the passphrase or secret.
312+
*
313+
* @returns True if verified, false otherwise.
314+
*/
315+
316+
317+
exports.rs256PEMVerify = rs256PEMVerify;
318+
319+
var hs256Verify = function hs256Verify(jwt, passphrase, passphraseEncoding) {
320+
var jwtComponents = jwt.split(".");
321+
var headerPayload = jwtComponents[0] + "." + jwtComponents[1];
322+
var signature = jwtComponents[2];
323+
324+
var secret = _crypto["default"].createSecretKey(passphrase, "base64url");
325+
326+
if (passphraseEncoding && Buffer.isEncoding(passphraseEncoding)) {
327+
secret = _crypto["default"].createSecretKey(passphrase, passphraseEncoding);
328+
} else {
329+
secret = _crypto["default"].createSecretKey(passphrase, "base64url");
330+
}
331+
332+
var hmac = _crypto["default"].createHmac("sha256", secret);
333+
334+
hmac.update(headerPayload, "ascii");
335+
var hmacked = hmac.digest();
336+
var base64URLHmacked = Buffer.from(hmacked).toString("base64url"); // Check for equality between the signature in the jwt and what we just created.
337+
338+
var isVerified = base64URLHmacked === signature; // Could also use this:
339+
// const verify = crypto.createVerify("SHA256");
340+
// verify.update(headerPayload, "ascii");
341+
// verify.end();
342+
// verify.verify(keyObject, signature, "base64")
343+
344+
return isVerified;
345+
};
346+
/**
347+
* Creates the combined header payload portion of the JWT. Can accept JSON
348+
* objects or string literals.
306349
*
307350
* @export
308351
* @param {*} header The decoded header.
309352
* @param {*} payload The decoded payload.
310-
* @returns The combined the header payload portion of the JWT.
353+
* @returns The combined the header payload portion of the JWT. It is equal to
354+
* base64url(header) + "." + base64url(payload).
311355
*/
312356

313357

314-
exports.rs256PEMVerify = rs256PEMVerify;
358+
exports.hs256Verify = hs256Verify;
315359

316360
var createHeaderPayload = function createHeaderPayload(header, payload) {
317361
if (Buffer.isEncoding("base64url")) {
@@ -321,16 +365,16 @@ var createHeaderPayload = function createHeaderPayload(header, payload) {
321365
if (typeof header === "string") {
322366
headerBase64URL = Buffer.from(header, "ascii").toString("base64url");
323367
} else {
324-
var jsonHeader = parseHeaderToJSON(header);
325-
headerBase64URL = createHeaderBase64URL(jsonHeader);
326-
} // use string literals
327-
368+
var jsonHeader = parseToJSON(header);
369+
headerBase64URL = base64URLEncode(jsonHeader);
370+
}
328371

329372
if (typeof payload === "string") {
373+
// use string literals
330374
payloadBase64URL = Buffer.from(payload, "ascii").toString("base64url");
331375
} else {
332-
var jsonPayload = parsePayloadToJSON(payload);
333-
payloadBase64URL = createPayloadBase64URL(jsonPayload);
376+
var jsonPayload = parseToJSON(payload);
377+
payloadBase64URL = base64URLEncode(jsonPayload);
334378
}
335379

336380
var headerPayload = "".concat(headerBase64URL, ".").concat(payloadBase64URL);
@@ -340,21 +384,21 @@ var createHeaderPayload = function createHeaderPayload(header, payload) {
340384
throw new Error("Error: Base64URL encoding isn't available.");
341385
};
342386
/**
343-
* Creates the base64URL encoding of the header. Header must be in JSON format.
344-
* Uses JSON stringify to convert jsonHeader input.
387+
* Encodes the JSON object input in base64url format. Must be in JSON format.
388+
* Uses JSON stringify to convert jsonObject input.
345389
*
346390
* @export
347-
* @param {*} jsonHeader The header in JSON fromat.
348-
* @returns The base64URL encoding of the header.
391+
* @param {*} jsonObject The header or payload (or anything) in JSON object fromat.
392+
* @returns The base64URL encoding of the input.
349393
*/
350394

351395

352396
exports.createHeaderPayload = createHeaderPayload;
353397

354-
var createPayloadBase64URL = function createPayloadBase64URL(jsonPayload) {
398+
var base64URLEncode = function base64URLEncode(jsonObject) {
355399
if (Buffer.isEncoding("base64url")) {
356400
// not a string. convert to string
357-
var stringifyHeader = JSON.stringify(jsonPayload); // headerBase64URL = base64url.encode(stringifyHeader);
401+
var stringifyHeader = JSON.stringify(jsonObject); // headerBase64URL = base64url.encode(stringifyHeader);
358402

359403
var payloadBase64URL = Buffer.from(stringifyHeader, "ascii").toString("base64url");
360404
return payloadBase64URL;
@@ -363,76 +407,30 @@ var createPayloadBase64URL = function createPayloadBase64URL(jsonPayload) {
363407
throw new Error("Error: Base64URL encoding isn't available");
364408
};
365409
/**
366-
* Creates the base64URL encoding of the header. Header must be in JSON format.
367-
* Uses JSON stringify to convert jsonHeader input.
410+
* Converts input into a JSON object.
368411
*
369412
* @export
370-
* @param {*} jsonHeader The header in JSON fromat.
371-
* @returns The base64URL encoding of the header.
413+
* @param {*} input The input to be parsed as JSON. Will try to take string or
414+
* JSON object.
415+
* @returns The input as a JSON object.
372416
*/
373417

374418

375-
exports.createPayloadBase64URL = createPayloadBase64URL;
376-
377-
var createHeaderBase64URL = function createHeaderBase64URL(jsonHeader) {
378-
if (Buffer.isEncoding("base64url")) {
379-
var stringifyHeader = JSON.stringify(jsonHeader);
380-
var headerBase64URL = Buffer.from(stringifyHeader).toString("base64url");
381-
return headerBase64URL;
382-
}
383-
384-
throw new Error("Error: Base64URL encoding isn't available");
385-
};
386-
/**
387-
* Converts jwt header into a JSON object.
388-
*
389-
* @export
390-
* @param {*} header The jwt header. Will try to take string or JSON object.
391-
* @returns The header in JSON object format.
392-
*/
419+
exports.base64URLEncode = base64URLEncode;
393420

394-
395-
exports.createHeaderBase64URL = createHeaderBase64URL;
396-
397-
var parseHeaderToJSON = function parseHeaderToJSON(header) {
398-
var jsonHeader = header;
421+
var parseToJSON = function parseToJSON(input) {
422+
var json = input;
399423

400424
if (Buffer.isEncoding("base64url")) {
401-
if (header instanceof Object) {
402-
// not a string. convert to string
403-
jsonHeader = header;
404-
} else {
405-
jsonHeader = JSON.parse(header);
406-
}
407-
408-
return jsonHeader;
409-
}
410-
411-
throw new Error("Error: Base64URL encoding isn't available");
412-
};
413-
/**
414-
* Converts decoded jwt payload into a JSON object.
415-
*
416-
* @export
417-
* @param {*} payload The decoded jwt payload. Will try to take string or JSON object.
418-
* @returns The decoded payload in JSON object format.
419-
*/
420-
421-
422-
exports.parseHeaderToJSON = parseHeaderToJSON;
423-
424-
var parsePayloadToJSON = function parsePayloadToJSON(payload) {
425-
var jsonPayload = payload;
426-
427-
if (Buffer.isEncoding("base64url")) {
428-
if (payload instanceof Object) {
429-
// not a string. convert to string
430-
jsonPayload = payload;
425+
if (input instanceof Object) {
426+
// already appears to be a JSON object.
427+
json = input;
431428
} else {
432-
jsonPayload = JSON.parse(payload);
429+
// received a string. convert to json object.
430+
json = JSON.parse(input);
433431
}
434432

435-
return jsonPayload;
433+
return json;
436434
}
437435

438436
throw new Error("Error: Base64URL encoding isn't available");
@@ -452,7 +450,7 @@ var parsePayloadToJSON = function parsePayloadToJSON(payload) {
452450
*/
453451

454452

455-
exports.parsePayloadToJSON = parsePayloadToJSON;
453+
exports.parseToJSON = parseToJSON;
456454

457455
var jwtEncode = function jwtEncode(header, payload, key, options) {
458456
var headerBase64URL;

0 commit comments

Comments
 (0)