Skip to content

Commit 8698f86

Browse files
brockallenbrockallen
committed
rename JwtUtil to JoseUtil
1 parent 52feb6e commit 8698f86

File tree

4 files changed

+58
-54
lines changed

4 files changed

+58
-54
lines changed

src/JwtUtil.js renamed to src/JoseUtil.js

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -4,10 +4,10 @@
44
import { jws, KEYUTIL as KeyUtil, X509, crypto, hextob64u } from 'jsrsasign';
55
import Log from './Log';
66

7-
export default class JwtUtil {
7+
export default class JoseUtil {
88

99
static parseJwt(jwt) {
10-
Log.info("JwtUtil.parseJwt");
10+
Log.info("JoseUtil.parseJwt");
1111
try {
1212
var token = jws.JWS.parse(jwt);
1313
return {
@@ -21,7 +21,7 @@ export default class JwtUtil {
2121
}
2222

2323
static validateJwt(jwt, key, issuer, audience, now) {
24-
Log.info("JwtUtil.validateJwt");
24+
Log.info("JoseUtil.validateJwt");
2525

2626
try {
2727
if (key.kty === "RSA") {
@@ -67,7 +67,7 @@ export default class JwtUtil {
6767
}
6868

6969
static hashString(value, alg) {
70-
Log.info("JwtUtil.hashString", value, alg);
70+
Log.info("JoseUtil.hashString", value, alg);
7171
try {
7272
return crypto.Util.hashString(value, alg);
7373
}
@@ -77,7 +77,7 @@ export default class JwtUtil {
7777
}
7878

7979
static hexToBase64Url(value) {
80-
Log.info("JwtUtil.hexToBase64Url", value);
80+
Log.info("JoseUtil.hexToBase64Url", value);
8181
try {
8282
return hextob64u(value);
8383
}

src/ResponseValidator.js

Lines changed: 17 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -5,13 +5,13 @@ import Log from './Log';
55
import MetadataService from './MetadataService';
66
import UserInfoService from './UserInfoService';
77
import ErrorResponse from './ErrorResponse';
8-
import JwtUtil from './JwtUtil';
8+
import JoseUtil from './JoseUtil';
99

1010
const ProtocolClaims = ["nonce", "at_hash", "iat", "nbf", "exp", "aud", "iss", "c_hash"];
1111

1212
export default class ResponseValidator {
1313

14-
constructor(settings, MetadataServiceCtor = MetadataService, UserInfoServiceCtor = UserInfoService, jwtUtil = JwtUtil) {
14+
constructor(settings, MetadataServiceCtor = MetadataService, UserInfoServiceCtor = UserInfoService, joseUtil = JoseUtil) {
1515
if (!settings) {
1616
Log.error("No settings passed to ResponseValidator");
1717
throw new Error("settings");
@@ -20,7 +20,7 @@ export default class ResponseValidator {
2020
this._settings = settings;
2121
this._metadataService = new MetadataServiceCtor(this._settings);
2222
this._userInfoService = new UserInfoServiceCtor(this._settings);
23-
this._jwtUtil = jwtUtil;
23+
this._joseUtil = joseUtil;
2424
}
2525

2626
validateSigninResponse(state, response) {
@@ -56,7 +56,7 @@ export default class ResponseValidator {
5656
Log.warn("Response was error", response.error);
5757
return Promise.reject(new ErrorResponse(response));
5858
}
59-
59+
6060
return Promise.resolve(response);
6161
}
6262

@@ -99,10 +99,10 @@ export default class ResponseValidator {
9999
Log.info("response is OIDC, processing claims");
100100

101101
response.profile = this._filterProtocolClaims(response.profile);
102-
102+
103103
if (this._settings.loadUserInfo && response.access_token) {
104104
Log.info("loading user info");
105-
105+
106106
return this._userInfoService.getClaims(response.access_token).then(claims => {
107107

108108
response.profile = this._mergeClaims(response.profile, claims);
@@ -202,7 +202,7 @@ export default class ResponseValidator {
202202
return Promise.reject(new Error("No nonce on state"));
203203
}
204204

205-
let jwt = this._jwtUtil.parseJwt(response.id_token);
205+
let jwt = this._joseUtil.parseJwt(response.id_token);
206206
if (!jwt || !jwt.header || !jwt.payload) {
207207
Log.error("Failed to parse id_token", jwt);
208208
return Promise.reject(new Error("Failed to parse id_token"));
@@ -245,9 +245,9 @@ export default class ResponseValidator {
245245
return Promise.reject(new Error("No key matching kid found in signing keys"));
246246
}
247247

248-
if (!this._jwtUtil.validateJwt(response.id_token, key, issuer, audience)) {
249-
Log.error("Signature failed to validate");
250-
return Promise.reject(new Error("Signature failed to validate"));
248+
if (!this._validateJwt(response.id_token, key, issuer, audience)) {
249+
Log.error("JWT failed to validate");
250+
return Promise.reject(new Error("JWT failed to validate"));
251251
}
252252

253253
response.profile = jwt.payload;
@@ -256,6 +256,10 @@ export default class ResponseValidator {
256256
});
257257
}
258258

259+
_validateJwt(jwt, key, issuer, audience) {
260+
return this._joseUtil.validateJwt(jwt, key, issuer, audience);
261+
}
262+
259263
_validateAccessToken(response) {
260264
Log.info("ResponseValidator._validateAccessToken");
261265

@@ -274,7 +278,7 @@ export default class ResponseValidator {
274278
return Promise.reject(new Error("No id_token"));
275279
}
276280

277-
let jwt = this._jwtUtil.parseJwt(response.id_token);
281+
let jwt = this._joseUtil.parseJwt(response.id_token);
278282
if (!jwt || !jwt.header) {
279283
Log.error("Failed to parse id_token", jwt);
280284
return Promise.reject(new Error("Failed to parse id_token"));
@@ -299,14 +303,14 @@ export default class ResponseValidator {
299303
}
300304

301305
let sha = "sha" + hashBits;
302-
var hash = this._jwtUtil.hashString(response.access_token, sha);
306+
var hash = this._joseUtil.hashString(response.access_token, sha);
303307
if (!hash) {
304308
Log.error("access_token hash failed:", sha);
305309
return Promise.reject(new Error("Failed to validate at_hash"));
306310
}
307311

308312
var left = hash.substr(0, hash.length / 2);
309-
var left_b64u = this._jwtUtil.hexToBase64Url(left);
313+
var left_b64u = this._joseUtil.hexToBase64Url(left);
310314
if (left_b64u !== response.profile.at_hash) {
311315
Log.error("Failed to validate at_hash", left_b64u, response.profile.at_hash);
312316
return Promise.reject(new Error("Failed to validate at_hash"));

test/unit/JwtUtil.spec.js renamed to test/unit/JoseUtil.spec.js

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,15 @@
11
// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
22
// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
33

4-
import JwtUtil from '../../src/JwtUtil';
4+
import JoseUtil from '../../src/JoseUtil';
55
import Log from '../../src/Log';
66

77
import chai from 'chai';
88
chai.should();
99
let assert = chai.assert;
1010
let expect = chai.expect;
1111

12-
describe("JwtUtil", function() {
12+
describe("JoseUtil", function() {
1313

1414
let jwt;
1515
let jwtFromRsa;
@@ -60,7 +60,7 @@ describe("JwtUtil", function() {
6060

6161
it("should parse a jwt", function() {
6262

63-
var result = JwtUtil.parseJwt(jwt);
63+
var result = JoseUtil.parseJwt(jwt);
6464
result.should.be.ok;
6565
result.header.should.be.ok;
6666
result.payload.should.be.ok;
@@ -93,7 +93,7 @@ describe("JwtUtil", function() {
9393

9494
it("should return undefined for an invalid jwt", function() {
9595

96-
var result = JwtUtil.parseJwt("junk");
96+
var result = JoseUtil.parseJwt("junk");
9797
expect(result).to.be.undefined;
9898
});
9999

@@ -107,7 +107,7 @@ describe("JwtUtil", function() {
107107
delete rsaKey.n;
108108
delete rsaKey.e;
109109

110-
var result = JwtUtil.validateJwt(jwtFromRsa, rsaKey, expectedIssuer, expectedAudience, expectedNow);
110+
var result = JoseUtil.validateJwt(jwtFromRsa, rsaKey, expectedIssuer, expectedAudience, expectedNow);
111111
result.should.be.true;
112112

113113
});
@@ -118,7 +118,7 @@ describe("JwtUtil", function() {
118118

119119
delete rsaKey.x5c;
120120

121-
var result = JwtUtil.validateJwt(jwtFromRsa, rsaKey, expectedIssuer, expectedAudience, expectedNow);
121+
var result = JoseUtil.validateJwt(jwtFromRsa, rsaKey, expectedIssuer, expectedAudience, expectedNow);
122122
result.should.be.true;
123123

124124
});
@@ -127,42 +127,42 @@ describe("JwtUtil", function() {
127127

128128
rsaKey.kty = "foo";
129129

130-
var result = JwtUtil.validateJwt(jwtFromRsa, rsaKey, expectedIssuer, expectedAudience, expectedNow);
130+
var result = JoseUtil.validateJwt(jwtFromRsa, rsaKey, expectedIssuer, expectedAudience, expectedNow);
131131
result.should.be.false;
132132

133133
});
134134

135135
it("should fail for mismatched keys", function() {
136136

137-
var result = JwtUtil.validateJwt(jwtFromRsa, ecKey, expectedIssuer, expectedAudience, expectedNow);
137+
var result = JoseUtil.validateJwt(jwtFromRsa, ecKey, expectedIssuer, expectedAudience, expectedNow);
138138
result.should.be.false;
139139

140140
});
141141

142142
it("should not validate after exp", function() {
143143

144-
var result = JwtUtil.validateJwt(jwtFromRsa, rsaKey, expectedIssuer, expectedAudience, expires + 1);
144+
var result = JoseUtil.validateJwt(jwtFromRsa, rsaKey, expectedIssuer, expectedAudience, expires + 1);
145145
result.should.be.false;
146146

147147
});
148148

149149
it("should not validate before nbf", function() {
150150

151-
var result = JwtUtil.validateJwt(jwtFromRsa, rsaKey, expectedIssuer, expectedAudience, notBefore - 1);
151+
var result = JoseUtil.validateJwt(jwtFromRsa, rsaKey, expectedIssuer, expectedAudience, notBefore - 1);
152152
result.should.be.false;
153153

154154
});
155155

156156
it("should not validate for invalid audience", function() {
157157

158-
var result = JwtUtil.validateJwt(jwtFromRsa, rsaKey, expectedIssuer, "invalid aud", expectedNow);
158+
var result = JoseUtil.validateJwt(jwtFromRsa, rsaKey, expectedIssuer, "invalid aud", expectedNow);
159159
result.should.be.false;
160160

161161
});
162162

163163
it("should not validate for invalid issuer", function() {
164164

165-
var result = JwtUtil.validateJwt(jwtFromRsa, rsaKey, "invalid issuer", expectedAudience, expectedNow);
165+
var result = JoseUtil.validateJwt(jwtFromRsa, rsaKey, "invalid issuer", expectedAudience, expectedNow);
166166
result.should.be.false;
167167

168168
});

0 commit comments

Comments
 (0)