intuit-oauth-ts - npm Package Compare versions

Comparing version 0.0.3 to 0.0.4

package.json

		{
		"name": "intuit-oauth-ts",
		"version": "0.0.3",
		"version": "0.0.4",
		"description": "Intuit Node.js client for OAuth2.0 and OpenIDConnect",
		@@ -5,0 +5,0 @@ "main": "./src/OAuthClient.js",

src/OAuthClient.d.ts

		@@ -83,3 +83,4 @@ import * as winston from "winston";
		validateIdToken(params?: { id_token: string }): Promise<boolean>;
		getKeyFromJWKsURI(id_token: string, kid: string, request: popsicle.Request): Promise<ReturnType<typeof jwt.verify>>;
		getValidatedIdToken(params?: { id_token: string }): Promise<jwt.JwtPayload>;
		getKeyFromJWKsURI(id_token: string, kid: string, request: popsicle.Request): Promise<jwt.JwtPayload>;
		getPublicKey(): string;
		@@ -86,0 +87,0 @@ getTokenRequest(request: popsicle.Request): Promise<AuthResponse>;

src/OAuthClient.js

		@@ -467,2 +467,73 @@ /* eslint-disable no-undef */
		/**
		* Validate id_token
		* *
		* @param {Object} params(optional)
		* @returns {Promise<AuthResponse>}
		*/
		OAuthClient.prototype.getValidatedIdToken = function getValidatedIdToken(params = {}) {
		return new Promise((resolve) => {
		if (!this.getToken().id_token) throw new Error('The bearer token does not have id_token');

		const id_token = this.getToken().id_token \|\| params.id_token;

		// Decode ID Token
		const token_parts = id_token.split('.');
		const id_token_header = JSON.parse(atob(token_parts[0]));
		const id_token_payload = JSON.parse(atob(token_parts[1]));

		// Step 1 : First check if the issuer is as mentioned in "issuer"
		if (id_token_payload.iss !== 'https://oauth.platform.intuit.com/op/v1') return false;

		// Step 2 : check if the aud field in idToken contains application's clientId
		if (!id_token_payload.aud.find((audience) => audience === this.clientId)) return false;

		// Step 3 : ensure the timestamp has not elapsed
		if (id_token_payload.exp < Date.now() / 1000) return false;

		const request = {
		url: OAuthClient.jwks_uri,
		method: 'GET',
		headers: {
		Accept: AuthResponse._jsonContentType,
		'User-Agent': OAuthClient.user_agent,
		},
		};

		return resolve(this.getKeyFromJWKsURI(id_token, id_token_header.kid, request));
		})
		.then((res) => {
		this.log('info', 'The validateIdToken () response is : ', JSON.stringify(res, null, 2));
		return res;
		})
		.catch((e) => {
		this.log('error', 'The validateIdToken () threw an exception : ', JSON.stringify(e, null, 2));
		throw e;
		});
		};

		OAuthClient.prototype.getIdTokenComponents = async function(params = {}) {
		if (!this.getToken().id_token) {
		throw new Error('The bearer token does not have id_token');
		}
		const id_token = this.getToken().id_token \|\| params.id_token;
		const token_parts = id_token.split('.');
		const id_token_header = JSON.parse(atob(token_parts[0]));
		const id_token_payload = JSON.parse(atob(token_parts[1]));
		if (id_token_payload.iss !== 'https://oauth.platform.intuit.com/op/v1') {
		throw new Error('The issuer is not as mentioned in "issuer"');
		}

		// Step 2 : check if the aud field in idToken contains application's clientId
		if (!id_token_payload.aud.find((audience) => audience === this.clientId)) {
		throw new Error('The aud field in idToken does not contain application\'s clientId')
		}

		// Step 3 : ensure the timestamp has not elapsed
		if (id_token_payload.exp < Date.now() / 1000) {
		throw new Error('The timestamp has elapsed');
		}
		return { id_token_header, id_token_payload };
		}

		/**
		* Get Key from JWKURI
		@@ -469,0 +540,0 @@ * *

intuit-oauth-ts - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics