azure-ad-verify-token
Advanced tools
azure-ad-verify-token - npm Package Compare versions
Comparing version 1.0.0 to 1.0.1
@@ -5,2 +5,9 @@ # Changelog | ||
| ### [1.0.1](https://github.com/justinlettau/azure-ad-verify-token/compare/v1.0.0...v1.0.1) (2020-03-22) | ||
| ### Bug Fixes | ||
| * export config interface ([f43c49b](https://github.com/justinlettau/azure-ad-verify-token/commit/f43c49bd9e69eb41a3f0522a7a72b5753c1ee79d)) | ||
| ## 1.0.0 (2020-03-22) |
@@ -1,8 +0,2 @@ | ||
| import { VerifyConfig } from './interfaces'; | ||
| /** | ||
| * Verify token. | ||
| * | ||
| * @param token Token to verify. | ||
| * @param config Configuration options. | ||
| */ | ||
| export declare function verify(token: string, config: VerifyConfig): Promise<string | object>; | ||
| export * from './verify'; | ||
| export { VerifyConfig } from './interfaces'; |
| "use strict"; | ||
| var __importDefault = (this && this.__importDefault) || function (mod) { | ||
| return (mod && mod.__esModule) ? mod : { "default": mod }; | ||
| }; | ||
| function __export(m) { | ||
| for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p]; | ||
| } | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| var jsonwebtoken_1 = __importDefault(require("jsonwebtoken")); | ||
| var node_fetch_1 = __importDefault(require("node-fetch")); | ||
| var rsa_pem_from_mod_exp_1 = __importDefault(require("rsa-pem-from-mod-exp")); | ||
| /** | ||
| * Public key cache. | ||
| */ | ||
| var cache = new Map(); | ||
| /** | ||
| * Get public key. | ||
| * | ||
| * @param jwksUri Json web key set URI. | ||
| * @param kid Public key to get. | ||
| */ | ||
| function getPublicKey(jwksUri, kid) { | ||
| var publicKey = cache.get(kid); | ||
| if (publicKey) { | ||
| return Promise.resolve(publicKey); | ||
| } | ||
| return node_fetch_1.default(jwksUri) | ||
| .then(function (res) { return res.json(); }) | ||
| .then(function (res) { | ||
| res.keys.forEach(function (item) { | ||
| cache.set(item.kid, rsa_pem_from_mod_exp_1.default(item.n, item.e)); | ||
| }); | ||
| publicKey = cache.get(kid); | ||
| if (!publicKey) { | ||
| throw new Error('Could not find public key'); | ||
| } | ||
| return publicKey; | ||
| }); | ||
| } | ||
| /** | ||
| * Verify token. | ||
| * | ||
| * @param token Token to verify. | ||
| * @param config Configuration options. | ||
| */ | ||
| function verify(token, config) { | ||
| var jwksUri = config.jwksUri, audience = config.audience, issuer = config.issuer; | ||
| var decoded; | ||
| var kid; | ||
| try { | ||
| decoded = jsonwebtoken_1.default.decode(token, { complete: true, json: true }); | ||
| kid = decoded.header.kid; | ||
| } | ||
| catch (error) { | ||
| return Promise.reject(error); | ||
| } | ||
| return getPublicKey(jwksUri, kid) | ||
| .then(function (key) { return jsonwebtoken_1.default.verify(token, key, { | ||
| algorithms: ['RS256'], | ||
| audience: audience, | ||
| issuer: issuer | ||
| }); }); | ||
| } | ||
| exports.verify = verify; | ||
| ; | ||
| __export(require("./verify")); | ||
| //# sourceMappingURL=index.js.map |
@@ -10,11 +10,11 @@ /** | ||
| /** | ||
| * Azure `jwks_uri` response. | ||
| * Azure json web key set. | ||
| */ | ||
| export interface AzureJwksUri { | ||
| keys: AzureJwksUriKey[]; | ||
| export interface AzureJwks { | ||
| keys: AzureJwk[]; | ||
| } | ||
| /** | ||
| * Azure `jwks_uri` response key. | ||
| * Azure json web key. | ||
| */ | ||
| export interface AzureJwksUriKey { | ||
| export interface AzureJwk { | ||
| kid: string; | ||
@@ -21,0 +21,0 @@ nbf: number; |
| { | ||
| "name": "azure-ad-verify-token", | ||
| "version": "1.0.0", | ||
| "version": "1.0.1", | ||
| "description": "Verify JWT issued by Azure Active Directory B2C.", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
@@ -33,6 +33,6 @@ [](https://badge.fury.io/js/azure-ad-verify-token) | ||
| ```js | ||
| import * as advt from 'azure-ad-verify-token'; | ||
| ```ts | ||
| import { verify, VerifyConfig } from 'azure-ad-verify-token'; | ||
| const config = { | ||
| const config: VerifyConfig = { | ||
| jwksUri: 'https://contoso.b2clogin.com/contoso.onmicrosoft.com/discovery/v2.0/keys?p=b2c_1_signupsignin1', | ||
@@ -43,4 +43,3 @@ issuer: 'https://contoso.b2clogin.com/3285c484-dce5-4abb-a341-bbe4f2bc8554/v2.0/', | ||
| advt | ||
| .verify(token, config) | ||
| verify(token, config) | ||
| .then(decoded => { | ||
@@ -62,8 +61,8 @@ // verified and decoded token | ||
| | `issuer` | `string` | `issuer` value obtained from B2C policy metadata endpoint. | | ||
| | `audience` | `string` | Client ID of the application accessing the tenant. | | ||
| | `audience` | `string` | Application ID of the application accessing the tenant. | | ||
| B2C policy metadata endpoint example: | ||
| Example metadata endpoints: | ||
| - https://login.microsoftonline.com/common/.well-known/openid-configuration | ||
| - https://login.microsoftonline.com/common/discovery/keys | ||
| `https://contoso.b2clogin.com/contoso.onmicrosoft.com/v2.0/.well-known/openid-configuration?p=b2c_1_signupsignin1` | ||
| # References | ||
@@ -70,0 +69,0 @@ |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by6.84%
10905
- Number of package files
- increased by30%
13
- Lines of code
- increased by8.25%
105
Worsened metrics
- Number of lines in readme file
- decreased by-1.28%
77
No dependency changes