67 lines
1.4 KiB
TypeScript
67 lines
1.4 KiB
TypeScript
|
import {
|
||
|
create_salt,
|
||
|
sign_object,
|
||
|
verify_signature_get_info
|
||
|
} from '@sapphirecode/crypto-helper';
|
||
|
import keystore from './KeyStore';
|
||
|
import blacklist from './Blacklist';
|
||
|
|
||
|
// eslint-disable-next-line no-shadow
|
||
|
type TokenType = 'access_token'|'refresh_token'|'part_token'|'none'
|
||
|
|
||
|
interface VerificationResult {
|
||
|
authorized: boolean;
|
||
|
type: TokenType;
|
||
|
next_module: string;
|
||
|
}
|
||
|
|
||
|
interface SignatureResult {
|
||
|
signature: string;
|
||
|
id: string;
|
||
|
}
|
||
|
|
||
|
class Authority {
|
||
|
public verify (key: string): VerificationResult {
|
||
|
const result = { authorized: false, type: 'none', next_module: '' };
|
||
|
const data = verify_signature_get_info (
|
||
|
key,
|
||
|
(info) => keystore.get_key (info.iat / 1000),
|
||
|
(info) => info.valid_for * 1000
|
||
|
);
|
||
|
|
||
|
if (data === null)
|
||
|
return result;
|
||
|
|
||
|
result.type = data.type;
|
||
|
|
||
|
if (!blacklist.is_valid (data.id))
|
||
|
return result;
|
||
|
|
||
|
result.authorized = result.type === 'access_token';
|
||
|
result.next_module = data.obj;
|
||
|
|
||
|
return result;
|
||
|
}
|
||
|
|
||
|
public sign (
|
||
|
type: TokenType,
|
||
|
valid_for: number,
|
||
|
next_module?: string
|
||
|
): SignatureResult {
|
||
|
const time = Date.now ();
|
||
|
const key = keystore.get_key (time / 1000);
|
||
|
const attributes = {
|
||
|
id: create_salt (),
|
||
|
iat: time,
|
||
|
type,
|
||
|
valid_for
|
||
|
};
|
||
|
const signature = sign_object (next_module, key, attributes);
|
||
|
return { id: attributes.id, signature };
|
||
|
}
|
||
|
}
|
||
|
|
||
|
const auth = (new Authority);
|
||
|
|
||
|
export default auth;
|