/* * Copyright (C) Sapphirecode - All Rights Reserved * This file is part of Auth-Server-Helper which is released under MIT. * See file 'LICENSE' for full license details. * Created by Timo Hocker , December 2020 */ import { create_salt, sign_object, verify_signature_get_info } from '@sapphirecode/crypto-helper'; import keystore from './KeyStore'; import blacklist from './Blacklist'; // eslint-disable-next-line no-shadow type TokenType = 'access_token'|'refresh_token'|'part_token'|'none' interface VerificationResult { authorized: boolean; valid: boolean; type: TokenType; next_module?: string; } interface SignatureResult { signature: string; id: string; } class Authority { public verify (key: string): VerificationResult { const result: VerificationResult = { authorized: false, valid: false, type: 'none' }; const data = verify_signature_get_info ( key, (info) => { try { return keystore.get_key (info.iat / 1000); } catch { return ''; } }, (info) => info.valid_for * 1000 ); if (data === null) return result; result.type = data.type; if (!blacklist.is_valid (data.id)) return result; result.valid = true; result.authorized = result.type === 'access_token'; result.next_module = data.obj; return result; } public sign ( type: TokenType, valid_for: number, next_module?: string ): SignatureResult { const time = Date.now (); const key = keystore.get_key (time / 1000, valid_for); const attributes = { id: create_salt (), iat: time, type, valid_for }; const signature = sign_object (next_module, key, attributes); return { id: attributes.id, signature }; } } const auth = (new Authority); export default auth;