babel files

akdombrowski · Apr 23, 2021 · 7ce6e9e · 7ce6e9e
1 parent 2865aa2
commit 7ce6e9e
Showing 1 changed file with 75 additions and 77 deletions.
diff --git a/lib/index.js b/lib/index.js
@@ -3,7 +3,7 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports["default"] = exports.jwtEncode = exports.parsePayloadToJSON = exports.parseHeaderToJSON = exports.createHeaderBase64URL = exports.createPayloadBase64URL = exports.createHeaderPayload = exports.rs256PEMVerify = exports.rs256JWKVerify = exports.rs256PEMSign = exports.rs256JWKSign = exports.hs256Sign = exports.jwtDecode = void 0;
+exports["default"] = exports.jwtEncode = exports.parseToJSON = exports.base64URLEncode = exports.createHeaderPayload = exports.hs256Verify = exports.rs256PEMVerify = exports.rs256JWKVerify = exports.rs256PEMSign = exports.rs256JWKSign = exports.hs256Sign = exports.jwtDecode = void 0;
 
 var _crypto = _interopRequireDefault(require("crypto"));
 
@@ -270,7 +270,8 @@ var rs256JWKVerify = function rs256JWKVerify(jwt, publicKey) {
  *
  * @export
  * @param {*} jwt The JSON web token.
- * @param {*} publicKey The public key used to verify. Must be in PEM format
+ * @param {*} publicKey The public key used to verify. Must be a PEM formatted
+ *                      string.
  *    for this method
  * @returns True if verified, false otherwise.
  */
@@ -302,16 +303,59 @@ var rs256PEMVerify = function rs256PEMVerify(jwt, publicKey) {
   return isVerified;
 };
 /**
- * VCreates the combined header payload portion of the JWT.
+ * Verifies a jwt signed with HS256 (HMAC with SHA256) with a passphrase.
+ *
+ * @export
+ * @param {string} jwt The JSON web token.
+ * @param {string} passphrase The secret or passphrase used to sign the jwt.
+ * @param {string} passphraseEncoding The encoding of the passphrase or secret.
+ *
+ * @returns True if verified, false otherwise.
+ */
+
+
+exports.rs256PEMVerify = rs256PEMVerify;
+
+var hs256Verify = function hs256Verify(jwt, passphrase, passphraseEncoding) {
+  var jwtComponents = jwt.split(".");
+  var headerPayload = jwtComponents[0] + "." + jwtComponents[1];
+  var signature = jwtComponents[2];
+
+  var secret = _crypto["default"].createSecretKey(passphrase, "base64url");
+
+  if (passphraseEncoding && Buffer.isEncoding(passphraseEncoding)) {
+    secret = _crypto["default"].createSecretKey(passphrase, passphraseEncoding);
+  } else {
+    secret = _crypto["default"].createSecretKey(passphrase, "base64url");
+  }
+
+  var hmac = _crypto["default"].createHmac("sha256", secret);
+
+  hmac.update(headerPayload, "ascii");
+  var hmacked = hmac.digest();
+  var base64URLHmacked = Buffer.from(hmacked).toString("base64url"); // Check for equality between the signature in the jwt and what we just created.
+
+  var isVerified = base64URLHmacked === signature; // Could also use this:
+  // const verify = crypto.createVerify("SHA256");
+  // verify.update(headerPayload, "ascii");
+  // verify.end();
+  // verify.verify(keyObject, signature, "base64")
+
+  return isVerified;
+};
+/**
+ * Creates the combined header payload portion of the JWT. Can accept JSON
+ * objects or string literals.
  *
  * @export
  * @param {*} header The decoded header.
  * @param {*} payload The decoded payload.
- * @returns The combined the header payload portion of the JWT.
+ * @returns The combined the header payload portion of the JWT. It is equal to
+ *          base64url(header) + "." + base64url(payload).
  */
 
 
-exports.rs256PEMVerify = rs256PEMVerify;
+exports.hs256Verify = hs256Verify;
 
 var createHeaderPayload = function createHeaderPayload(header, payload) {
   if (Buffer.isEncoding("base64url")) {
@@ -321,16 +365,16 @@ var createHeaderPayload = function createHeaderPayload(header, payload) {
     if (typeof header === "string") {
       headerBase64URL = Buffer.from(header, "ascii").toString("base64url");
     } else {
-      var jsonHeader = parseHeaderToJSON(header);
-      headerBase64URL = createHeaderBase64URL(jsonHeader);
-    } // use string literals
-
+      var jsonHeader = parseToJSON(header);
+      headerBase64URL = base64URLEncode(jsonHeader);
+    }
 
     if (typeof payload === "string") {
+      // use string literals
       payloadBase64URL = Buffer.from(payload, "ascii").toString("base64url");
     } else {
-      var jsonPayload = parsePayloadToJSON(payload);
-      payloadBase64URL = createPayloadBase64URL(jsonPayload);
+      var jsonPayload = parseToJSON(payload);
+      payloadBase64URL = base64URLEncode(jsonPayload);
     }
 
     var headerPayload = "".concat(headerBase64URL, ".").concat(payloadBase64URL);
@@ -340,21 +384,21 @@ var createHeaderPayload = function createHeaderPayload(header, payload) {
   throw new Error("Error: Base64URL encoding isn't available.");
 };
 /**
- * Creates the base64URL encoding of the header. Header must be in JSON format.
- *   Uses JSON stringify to convert jsonHeader input.
+ * Encodes the JSON object input in base64url format. Must be in JSON format.
+ *   Uses JSON stringify to convert jsonObject input.
  *
  * @export
- * @param {*} jsonHeader The header in JSON fromat.
- * @returns The base64URL encoding of the header.
+ * @param {*} jsonObject The header or payload (or anything) in JSON object fromat.
+ * @returns The base64URL encoding of the input.
  */
 
 
 exports.createHeaderPayload = createHeaderPayload;
 
-var createPayloadBase64URL = function createPayloadBase64URL(jsonPayload) {
+var base64URLEncode = function base64URLEncode(jsonObject) {
   if (Buffer.isEncoding("base64url")) {
     // not a string. convert to string
-    var stringifyHeader = JSON.stringify(jsonPayload); // headerBase64URL = base64url.encode(stringifyHeader);
+    var stringifyHeader = JSON.stringify(jsonObject); // headerBase64URL = base64url.encode(stringifyHeader);
 
     var payloadBase64URL = Buffer.from(stringifyHeader, "ascii").toString("base64url");
     return payloadBase64URL;
@@ -363,76 +407,30 @@ var createPayloadBase64URL = function createPayloadBase64URL(jsonPayload) {
   throw new Error("Error: Base64URL encoding isn't available");
 };
 /**
- * Creates the base64URL encoding of the header. Header must be in JSON format.
- *   Uses JSON stringify to convert jsonHeader input.
+ * Converts input into a JSON object.
  *
  * @export
- * @param {*} jsonHeader The header in JSON fromat.
- * @returns The base64URL encoding of the header.
+ * @param {*} input The input to be parsed as JSON. Will try to take string or
+ *                  JSON object.
+ * @returns The input as a JSON object.
  */
 
 
-exports.createPayloadBase64URL = createPayloadBase64URL;
-
-var createHeaderBase64URL = function createHeaderBase64URL(jsonHeader) {
-  if (Buffer.isEncoding("base64url")) {
-    var stringifyHeader = JSON.stringify(jsonHeader);
-    var headerBase64URL = Buffer.from(stringifyHeader).toString("base64url");
-    return headerBase64URL;
-  }
-
-  throw new Error("Error: Base64URL encoding isn't available");
-};
-/**
- * Converts jwt header into a JSON object.
- *
- * @export
- * @param {*} header The jwt header. Will try to take string or JSON object.
- * @returns The header in JSON object format.
- */
+exports.base64URLEncode = base64URLEncode;
 
-
-exports.createHeaderBase64URL = createHeaderBase64URL;
-
-var parseHeaderToJSON = function parseHeaderToJSON(header) {
-  var jsonHeader = header;
+var parseToJSON = function parseToJSON(input) {
+  var json = input;
 
   if (Buffer.isEncoding("base64url")) {
-    if (header instanceof Object) {
-      // not a string. convert to string
-      jsonHeader = header;
-    } else {
-      jsonHeader = JSON.parse(header);
-    }
-
-    return jsonHeader;
-  }
-
-  throw new Error("Error: Base64URL encoding isn't available");
-};
-/**
- * Converts decoded jwt payload into a JSON object.
- *
- * @export
- * @param {*} payload The decoded jwt payload. Will try to take string or JSON object.
- * @returns The decoded payload in JSON object format.
- */
-
-
-exports.parseHeaderToJSON = parseHeaderToJSON;
-
-var parsePayloadToJSON = function parsePayloadToJSON(payload) {
-  var jsonPayload = payload;
-
-  if (Buffer.isEncoding("base64url")) {
-    if (payload instanceof Object) {
-      // not a string. convert to string
-      jsonPayload = payload;
+    if (input instanceof Object) {
+      // already appears to be a JSON object.
+      json = input;
     } else {
-      jsonPayload = JSON.parse(payload);
+      // received a string. convert to json object.
+      json = JSON.parse(input);
     }
 
-    return jsonPayload;
+    return json;
   }
 
   throw new Error("Error: Base64URL encoding isn't available");
@@ -452,7 +450,7 @@ var parsePayloadToJSON = function parsePayloadToJSON(payload) {
  */
 
 
-exports.parsePayloadToJSON = parsePayloadToJSON;
+exports.parseToJSON = parseToJSON;
 
 var jwtEncode = function jwtEncode(header, payload, key, options) {
   var headerBase64URL;