-
-
Notifications
You must be signed in to change notification settings - Fork 303
/
verify.ts
90 lines (82 loc) · 2.62 KB
/
verify.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
import { flattenedVerify } from '../flattened/verify.js'
import { JWSInvalid } from '../../util/errors.js'
import { decoder } from '../../lib/buffer_utils.js'
import type {
CompactVerifyResult,
FlattenedJWSInput,
GetKeyFunction,
CompactJWSHeaderParameters,
KeyLike,
VerifyOptions,
ResolvedKey,
} from '../../types.d'
/**
* Interface for Compact JWS Verification dynamic key resolution. No token components have been
* verified at the time of this function call.
*
* See
* [createRemoteJWKSet](../functions/jwks_remote.createRemoteJWKSet.md#function-createremotejwkset)
* to verify using a remote JSON Web Key Set.
*/
export interface CompactVerifyGetKey
extends GetKeyFunction<CompactJWSHeaderParameters, FlattenedJWSInput> {}
/**
* Verifies the signature and format of and afterwards decodes the Compact JWS.
*
* @example Usage
*
* ```js
* const jws =
* 'eyJhbGciOiJFUzI1NiJ9.SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IHlvdXIgZG9vci4.kkAs_gPPxWMI3rHuVlxHaTPfDWDoqdI8jSvuSmqV-8IHIWXg9mcAeC9ggV-45ZHRbiRJ3obUIFo1rHphPA5URg'
*
* const { payload, protectedHeader } = await jose.compactVerify(jws, publicKey)
*
* console.log(protectedHeader)
* console.log(new TextDecoder().decode(payload))
* ```
*
* @param jws Compact JWS.
* @param key Key to verify the JWS with.
* @param options JWS Verify options.
*/
export function compactVerify(
jws: string | Uint8Array,
key: KeyLike | Uint8Array,
options?: VerifyOptions,
): Promise<CompactVerifyResult>
/**
* @param jws Compact JWS.
* @param getKey Function resolving a key to verify the JWS with.
* @param options JWS Verify options.
*/
export function compactVerify<T extends KeyLike = KeyLike>(
jws: string | Uint8Array,
getKey: CompactVerifyGetKey,
options?: VerifyOptions,
): Promise<CompactVerifyResult & ResolvedKey<T>>
export async function compactVerify(
jws: string | Uint8Array,
key: KeyLike | Uint8Array | CompactVerifyGetKey,
options?: VerifyOptions,
) {
if (jws instanceof Uint8Array) {
jws = decoder.decode(jws)
}
if (typeof jws !== 'string') {
throw new JWSInvalid('Compact JWS must be a string or Uint8Array')
}
const { 0: protectedHeader, 1: payload, 2: signature, length } = jws.split('.')
if (length !== 3) {
throw new JWSInvalid('Invalid Compact JWS')
}
const verified = await flattenedVerify(
{ payload, protected: protectedHeader, signature },
<Parameters<typeof flattenedVerify>[1]>key,
options,
)
const result = { payload: verified.payload, protectedHeader: verified.protectedHeader! }
if (typeof key === 'function') {
return { ...result, key: verified.key }
}
return result
}