2019-02-25 22:54:08 +00:00
|
|
|
'use strict';
|
|
|
|
|
|
|
|
var keyfetch = require('./keyfetch.js');
|
2019-03-09 09:50:14 +00:00
|
|
|
var testIss = "https://example.auth0.com";
|
2019-02-25 22:54:08 +00:00
|
|
|
|
|
|
|
keyfetch.init({});
|
2019-03-09 09:50:14 +00:00
|
|
|
keyfetch.oidcJwks(testIss).then(function (hits) {
|
2019-02-25 23:17:26 +00:00
|
|
|
keyfetch._clear();
|
2019-03-15 19:45:27 +00:00
|
|
|
//console.log(hits);
|
2019-03-09 09:50:14 +00:00
|
|
|
return keyfetch.oidcJwk(hits[0].thumbprint, testIss).then(function () {
|
2019-03-15 19:45:27 +00:00
|
|
|
return keyfetch.oidcJwk(hits[0].thumbprint, testIss).then(function (/*jwk*/) {
|
|
|
|
//console.log(jwk);
|
2019-02-25 23:17:26 +00:00
|
|
|
});
|
2019-02-25 22:54:08 +00:00
|
|
|
});
|
2019-03-15 19:45:27 +00:00
|
|
|
}).then(function () {
|
|
|
|
console.log("Fetching PASSES");
|
2019-02-25 22:54:08 +00:00
|
|
|
}).catch(function (err) {
|
2019-03-15 19:45:27 +00:00
|
|
|
console.error("NONE SHALL PASS!");
|
2019-02-25 22:54:08 +00:00
|
|
|
console.error(err);
|
2019-03-15 19:45:27 +00:00
|
|
|
process.exit(1);
|
2019-02-25 22:54:08 +00:00
|
|
|
});
|
|
|
|
|
2019-03-15 19:45:27 +00:00
|
|
|
/*global Promise*/
|
|
|
|
var keypairs = require('keypairs.js');
|
|
|
|
keypairs.generate().then(function (pair) {
|
|
|
|
return keypairs.signJwt({
|
|
|
|
jwk: pair.private, iss: 'https://example.com/', sub: 'mikey', exp: '1h'
|
|
|
|
}).then(function (jwt) {
|
|
|
|
return Promise.all([
|
|
|
|
keyfetch.jwt.verify(jwt, { jwk: pair.public }).then(function (verified) {
|
|
|
|
if (!(verified.claims && verified.claims.exp)) {
|
|
|
|
throw new Error("malformed decoded token");
|
|
|
|
}
|
|
|
|
})
|
|
|
|
, keyfetch.jwt.verify(keyfetch.jwt.decode(jwt), { jwk: pair.public }).then(function (verified) {
|
|
|
|
if (!(verified.claims && verified.claims.exp)) {
|
|
|
|
throw new Error("malformed decoded token");
|
|
|
|
}
|
|
|
|
})
|
|
|
|
, keyfetch.jwt.verify(jwt, { jwks: [pair.public] })
|
|
|
|
, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://example.com/'] })
|
|
|
|
, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://example.com'] })
|
|
|
|
, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['*'] })
|
|
|
|
, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['http://example.com'] })
|
|
|
|
.then(e("bad scheme")).catch(throwIfNotExpected)
|
|
|
|
, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://www.example.com'] })
|
|
|
|
.then(e("bad prefix")).catch(throwIfNotExpected)
|
|
|
|
, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://wexample.com'] })
|
|
|
|
.then(e("bad sld")).catch(throwIfNotExpected)
|
|
|
|
, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://example.comm'] })
|
|
|
|
.then(e("bad tld")).catch(throwIfNotExpected)
|
|
|
|
, keyfetch.jwt.verify(jwt, { jwk: pair.public, claims: { iss: 'https://example.com/' } })
|
|
|
|
, keyfetch.jwt.verify(jwt, { jwk: pair.public, claims: { iss: 'https://example.com' } })
|
|
|
|
.then(e("inexact claim")).catch(throwIfNotExpected)
|
|
|
|
]).then(function () {
|
|
|
|
console.log("JWT PASSES");
|
|
|
|
}).catch(function (err) {
|
|
|
|
console.error("NONE SHALL PASS!");
|
|
|
|
console.error(err);
|
|
|
|
process.exit(1);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
2019-02-25 22:54:08 +00:00
|
|
|
/*
|
|
|
|
var jwt = '...';
|
|
|
|
keyfetch.verify({ jwt: jwt }).catch(function (err) {
|
|
|
|
console.log(err);
|
|
|
|
});
|
|
|
|
*/
|
2019-03-15 19:45:27 +00:00
|
|
|
|
|
|
|
function e(msg) {
|
|
|
|
return new Error("ETEST: " + msg);
|
|
|
|
}
|
|
|
|
function throwIfNotExpected(err) {
|
|
|
|
if ("ETEST" === err.message.slice(0, 5)) { throw err; }
|
|
|
|
}
|