MCPcopy
hub / github.com/vercel/next.js / createPSSKeyVerifier

Function createPSSKeyVerifier

packages/next/src/compiled/jsonwebtoken/index.js:1–1  ·  view source on GitHub ↗
(e)

Source from the content-addressed store, hash-verified

1(()=>{var e={112:(e,r,t)=>{"use strict";var n=t(300).Buffer;var a=t(300).SlowBuffer;e.exports=bufferEq;function bufferEq(e,r){if(!n.isBuffer(e)||!n.isBuffer(r)){return false}if(e.length!==r.length){return false}var t=0;for(var a=0;a<e.length;a++){t|=e[a]^r[a]}return t===0}bufferEq.install=function(){n.prototype.equal=a.prototype.equal=function equal(e){return bufferEq(this,e)}};var i=n.prototype.equal;var s=a.prototype.equal;bufferEq.restore=function(){n.prototype.equal=i;a.prototype.equal=s}},160:(e,r,t)=>{"use strict";var n=t(911).Buffer;var a=t(8);var i=128,s=0,o=32,u=16,l=2,c=u|o|s<<6,f=l|s<<6;function base64Url(e){return e.replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function signatureAsBuffer(e){if(n.isBuffer(e)){return e}else if("string"===typeof e){return n.from(e,"base64")}throw new TypeError("ECDSA signature must be a Base64 string or a Buffer")}function derToJose(e,r){e=signatureAsBuffer(e);var t=a(r);var s=t+1;var o=e.length;var u=0;if(e[u++]!==c){throw new Error('Could not find expected "seq"')}var l=e[u++];if(l===(i|1)){l=e[u++]}if(o-u<l){throw new Error('"seq" specified length of "'+l+'", only "'+(o-u)+'" remaining')}if(e[u++]!==f){throw new Error('Could not find expected "int" for "r"')}var h=e[u++];if(o-u-2<h){throw new Error('"r" specified length of "'+h+'", only "'+(o-u-2)+'" available')}if(s<h){throw new Error('"r" specified length of "'+h+'", max of "'+s+'" is acceptable')}var p=u;u+=h;if(e[u++]!==f){throw new Error('Could not find expected "int" for "s"')}var d=e[u++];if(o-u!==d){throw new Error('"s" specified length of "'+d+'", expected "'+(o-u)+'"')}if(s<d){throw new Error('"s" specified length of "'+d+'", max of "'+s+'" is acceptable')}var y=u;u+=d;if(u!==o){throw new Error('Expected to consume entire buffer, but "'+(o-u)+'" bytes remain')}var g=t-h,v=t-d;var b=n.allocUnsafe(g+h+v+d);for(u=0;u<g;++u){b[u]=0}e.copy(b,u,p+Math.max(-g,0),p+h);u=t;for(var m=u;u<m+v;++u){b[u]=0}e.copy(b,u,y+Math.max(-v,0),y+d);b=b.toString("base64");b=base64Url(b);return b}function countPadding(e,r,t){var n=0;while(r+n<t&&e[r+n]===0){++n}var a=e[r+n]>=i;if(a){--n}return n}function joseToDer(e,r){e=signatureAsBuffer(e);var t=a(r);var s=e.length;if(s!==t*2){throw new TypeError('"'+r+'" signatures must be "'+t*2+'" bytes, saw "'+s+'"')}var o=countPadding(e,0,t);var u=countPadding(e,t,e.length);var l=t-o;var h=t-u;var p=1+1+l+1+1+h;var d=p<i;var y=n.allocUnsafe((d?2:3)+p);var g=0;y[g++]=c;if(d){y[g++]=p}else{y[g++]=i|1;y[g++]=p&255}y[g++]=f;y[g++]=l;if(o<0){y[g++]=0;g+=e.copy(y,g,0,t)}else{g+=e.copy(y,g,o,t)}y[g++]=f;y[g++]=h;if(u<0){y[g++]=0;e.copy(y,g,t)}else{e.copy(y,g,t+u)}return y}e.exports={derToJose:derToJose,joseToDer:joseToDer}},8:e=>{"use strict";function getParamSize(e){var r=(e/8|0)+(e%8===0?0:1);return r}var r={ES256:getParamSize(256),ES384:getParamSize(384),ES512:getParamSize(521)};function getParamBytesForAlg(e){var t=r[e];if(t){return t}throw new Error('Unknown algorithm "'+e+'"')}e.exports=getParamBytesForAlg},443:(e,r,t)=>{var n=t(111);e.exports=function(e,r){r=r||{};var t=n.decode(e,r);if(!t){return null}var a=t.payload;if(typeof a==="string"){try{var i=JSON.parse(a);if(i!==null&&typeof i==="object"){a=i}}catch(e){}}if(r.complete===true){return{header:t.header,payload:a,signature:t.signature}}return a}},773:(e,r,t)=>{e.exports={verify:t(624),sign:t(743),JsonWebTokenError:t(131),NotBeforeError:t(422),TokenExpiredError:t(794)};Object.defineProperty(e.exports,"decode",{enumerable:false,value:t(443)})},131:e=>{var JsonWebTokenError=function(e,r){Error.call(this,e);if(Error.captureStackTrace){Error.captureStackTrace(this,this.constructor)}this.name="JsonWebTokenError";this.message=e;if(r)this.inner=r};JsonWebTokenError.prototype=Object.create(Error.prototype);JsonWebTokenError.prototype.constructor=JsonWebTokenError;e.exports=JsonWebTokenError},422:(e,r,t)=>{var n=t(131);var NotBeforeError=function(e,r){n.call(this,e);this.name="NotBeforeError";this.date=r};NotBeforeError.prototype=Object.create(n.prototype);NotBeforeError.prototype.constructor=NotBeforeError;e.exports=NotBeforeError},794:(e,r,t)=>{var n=t(131);var TokenExpiredError=function(e,r){n.call(this,e);this.name="TokenExpiredError";this.expiredAt=r};TokenExpiredError.prototype=Object.create(n.prototype);TokenExpiredError.prototype.constructor=TokenExpiredError;e.exports=TokenExpiredError},186:(e,r,t)=>{const n=t(521);e.exports=n.satisfies(process.version,">=15.7.0")},900:(e,r,t)=>{var n=t(521);e.exports=n.satisfies(process.version,"^6.12.0 || >=8.0.0")},444:(e,r,t)=>{const n=t(521);e.exports=n.satisfies(process.version,">=16.9.0")},126:(e,r,t)=>{var n=t(958);e.exports=function(e,r){var t=r||Math.floor(Date.now()/1e3);if(typeof e==="string"){var a=n(e);if(typeof a==="undefined"){return}return Math.floor(t+a/1e3)}else if(typeof e==="number"){return t+e}else{return}}},253:(e,r,t)=>{const n=t(186);const a=t(444);const i={ec:["ES256","ES384","ES512"],rsa:["RS256","PS256","RS384","PS384","RS512","PS512"],"rsa-pss":["PS256","PS384","PS512"]};const s={ES256:"prime256v1",ES384:"secp384r1",ES512:"secp521r1"};e.exports=function(e,r){if(!e||!r)return;const t=r.asymmetricKeyType;if(!t)return;const o=i[t];if(!o){throw new Error(`Unknown key type "${t}".`)}if(!o.includes(e)){throw new Error(`"alg" parameter for "${t}" key type must be one of: ${o.join(", ")}.`)}if(n){switch(t){case"ec":const t=r.asymmetricKeyDetails.namedCurve;const n=s[e];if(t!==n){throw new Error(`"alg" parameter "${e}" requires curve "${n}".`)}break;case"rsa-pss":if(a){const t=parseInt(e.slice(-3),10);const{hashAlgorithm:n,mgf1HashAlgorithm:a,saltLength:i}=r.asymmetricKeyDetails;if(n!==`sha${t}`||a!==n){throw new Error(`Invalid key for this operation, its RSA-PSS parameters do not meet the requirements of "alg" ${e}.`)}if(i!==undefined&&i>t>>3){throw new Error(`Invalid key for this operation, its RSA-PSS parameter saltLength does not meet the requirements of "alg" ${e}.`)}}break}}}},743:(e,r,t)=>{const n=t(126);const a=t(900);const i=t(253);const s=t(111);const{includes:o,isBoolean:u,isInteger:l,isNumber:c,isPlainObject:f,isString:h,once:p}=t(536);const{KeyObject:d,createSecretKey:y,createPrivateKey:g}=t(113);const v=["RS256","RS384","RS512","ES256","ES384","ES512","HS256","HS384","HS512","none"];if(a){v.splice(3,0,"PS256","PS384","PS512")}const b={expiresIn:{isValid:function(e){return l(e)||h(e)&&e},message:'"expiresIn" should be a number of seconds or string representing a timespan'},notBefore:{isValid:function(e){return l(e)||h(e)&&e},message:'"notBefore" should be a number of seconds or string representing a timespan'},audience:{isValid:function(e){return h(e)||Array.isArray(e)},message:'"audience" must be a string or array'},algorithm:{isValid:o.bind(null,v),message:'"algorithm" must be a valid string enum value'},header:{isValid:f,message:'"header" must be an object'},encoding:{isValid:h,message:'"encoding" must be a string'},issuer:{isValid:h,message:'"issuer" must be a string'},subject:{isValid:h,message:'"subject" must be a string'},jwtid:{isValid:h,message:'"jwtid" must be a string'},noTimestamp:{isValid:u,message:'"noTimestamp" must be a boolean'},keyid:{isValid:h,message:'"keyid" must be a string'},mutatePayload:{isValid:u,message:'"mutatePayload" must be a boolean'},allowInsecureKeySizes:{isValid:u,message:'"allowInsecureKeySizes" must be a boolean'},allowInvalidAsymmetricKeyTypes:{isValid:u,message:'"allowInvalidAsymmetricKeyTypes" must be a boolean'}};const m={iat:{isValid:c,message:'"iat" should be a number of seconds'},exp:{isValid:c,message:'"exp" should be a number of seconds'},nbf:{isValid:c,message:'"nbf" should be a number of seconds'}};function validate(e,r,t,n){if(!f(t)){throw new Error('Expected "'+n+'" to be a plain object.')}Object.keys(t).forEach((function(a){const i=e[a];if(!i){if(!r){throw new Error('"'+a+'" is not allowed in "'+n+'"')}return}if(!i.isValid(t[a])){throw new Error(i.message)}}))}function validateOptions(e){return validate(b,false,e,"options")}function validatePayload(e){return validate(m,true,e,"payload")}const _={audience:"aud",issuer:"iss",subject:"sub",jwtid:"jti"};const w=["expiresIn","notBefore","noTimestamp","audience","issuer","subject","jwtid"];e.exports=function(e,r,t,a){if(typeof t==="function"){a=t;t={}}else{t=t||{}}const o=typeof e==="object"&&!Buffer.isBuffer(e);const u=Object.assign({alg:t.algorithm||"HS256",typ:o?"JWT":undefined,kid:t.keyid},t.header);function failure(e){if(a){return a(e)}throw e}if(!r&&t.algorithm!=="none"){return failure(new Error("secretOrPrivateKey must have a value"))}if(r!=null&&!(r instanceof d)){try{r=g(r)}catch(e){try{r=y(typeof r==="string"?Buffer.from(r):r)}catch(e){return failure(new Error("secretOrPrivateKey is not valid key material"))}}}if(u.alg.startsWith("HS")&&r.type!=="secret"){return failure(new Error(`secretOrPrivateKey must be a symmetric key when using ${u.alg}`))}else if(/^(?:RS|PS|ES)/.test(u.alg)){if(r.type!=="private"){return failure(new Error(`secretOrPrivateKey must be an asymmetric key when using ${u.alg}`))}if(!t.allowInsecureKeySizes&&!u.alg.startsWith("ES")&&r.asymmetricKeyDetails!==undefined&&r.asymmetricKeyDetails.modulusLength<2048){return failure(new Error(`secretOrPrivateKey has a minimum key size of 2048 bits for ${u.alg}`))}}if(typeof e==="undefined"){return failure(new Error("payload is required"))}else if(o){try{validatePayload(e)}catch(e){return failure(e)}if(!t.mutatePayload){e=Object.assign({},e)}}else{const r=w.filter((function(e){return typeof t[e]!=="undefined"}));if(r.length>0){return failure(new Error("invalid "+r.join(",")+" option for "+typeof e+" payload"))}}if(typeof e.exp!=="undefined"&&typeof t.expiresIn!=="undefined"){return failure(new Error('Bad "options.expiresIn" option the payload already has an "exp" property.'))}if(typeof e.nbf!=="undefined"&&typeof t.notBefore!=="undefined"){return failure(new Error('Bad "options.notBefore" option the payload already has an "nbf" property.'))}try{validateOptions(t)}catch(e){return failure(e)}if(!t.allowInvalidAsymmetricKeyTypes){try{i(u.alg,r)}catch(e){return failure(e)}}const l=e.iat||Math.floor(Date.now()/1e3);if(t.noTimestamp){delete e.iat}else if(o){e.iat=l}if(typeof t.notBefore!=="undefined"){try{e.nbf=n(t.notBefore,l)}catch(e){return failure(e)}if(typeof e.nbf==="undefined"){return failure(new Error('"notBefore" should be a number of seconds or string representing a timespan eg: "1d", "20h", 60'))}}if(typeof t.expiresIn!=="undefined"&&typeof e==="object"){try{e.exp=n(t.expiresIn,l)}catch(e){return failure(e)}if(typeof e.exp==="undefined"){return failure(new Error('"expiresIn" should be a number of seconds or string representing a timespan eg: "1d", "20h", 60'))}}Object.keys(_).forEach((function(r){const n=_[r];if(typeof t[r]!=="undefined"){if(typeof e[n]!=="undefined"){return failure(new Error('Bad "options.'+r+'" option. The payload already has an "'+n+'" property.'))}e[n]=t[r]}}));const c=t.encoding||"utf8";if(typeof a==="function"){a=a&&p(a);s.createSign({header:u,privateKey:r,payload:e,encoding:c}).once("error",a).once("done",(function(e){if(!t.allowInsecureKeySizes&&/^(?:RS|PS)/.test(u.alg)&&e.length<256){return a(new Error(`secretOrPrivateKey has a minimum key size of 2048 bits for ${u.alg}`))}a(null,e)}))}else{let n=s.sign({header:u,payload:e,secret:r,encoding:c});if(!t.allowInsecureKeySizes&&/^(?:RS|PS)/.test(u.alg)&&n.length<256){throw new Error(`secretOrPrivateKey has a minimum key size of 2048 bits for ${u.alg}`)}return n}}},624:(e,r,t)=>{const n=t(131);const a=t(422);const i=t(794);const s=t(443);const o=t(126);const u=t(253);const l=t(900);const c=t(111);const{KeyObject:f,createSecretKey:h,createPublicKey:p}=t(113);const d=["RS256","RS384","RS512"];const y=["ES256","ES384","ES512"];const g=["RS256","RS384","RS512"];const v=["HS256","HS384","HS512"];if(l){d.splice(d.length,0,"PS256","PS384","PS512");g.splice(g.length,0,"PS256","PS384","PS512")}e.exports=function(e,r,t,l){if(typeof t==="function"&&!l){l=t;t={}}if(!t){t={}}t=Object.assign({},t);let b;if(l){b=l}else{b=function(e,r){if(e)throw e;return r}}if(t.clockTimestamp&&typeof t.clockTimestamp!=="number"){return b(new n("clockTimestamp must be a number"))}if(t.nonce!==undefined&&(typeof t.nonce!=="string"||t.nonce.trim()==="")){return b(new n("nonce must be a non-empty string"))}if(t.allowInvalidAsymmetricKeyTypes!==undefined&&typeof t.allowInvalidAsymmetricKeyTypes!=="boolean"){return b(new n("allowInvalidAsymmetricKeyTypes must be a boolean"))}const m=t.clockTimestamp||Math.floor(Date.now()/1e3);if(!e){return b(new n("jwt must be provided"))}if(typeof e!=="string"){return b(new n("jwt must be a string"))}const _=e.split(".");if(_.length!==3){return b(new n("jwt malformed"))}let w;try{w=s(e,{complete:true})}catch(e){return b(e)}if(!w){return b(new n("invalid token"))}const S=w.header;let I;if(typeof r==="function"){if(!l){return b(new n("verify must be called asynchronous if secret or public key is provided as a callback"))}I=r}else{I=function(e,t){return t(null,r)}}return I(S,(function(r,s){if(r){return b(new n("error in secret or public key callback: "+r.message))}const l=_[2].trim()!=="";if(!l&&s){return b(new n("jwt signature is required"))}if(l&&!s){return b(new n("secret or public key must be provided"))}if(!l&&!t.algorithms){return b(new n('please specify "none" in "algorithms" to verify unsigned tokens'))}if(s!=null&&!(s instanceof f)){try{s=p(s)}catch(e){try{s=h(typeof s==="string"?Buffer.from(s):s)}catch(e){return b(new n("secretOrPublicKey is not valid key material"))}}}if(!t.algorithms){if(s.type==="secret"){t.algorithms=v}else if(["rsa","rsa-pss"].includes(s.asymmetricKeyType)){t.algorithms=g}else if(s.asymmetricKeyType==="ec"){t.algorithms=y}else{t.algorithms=d}}if(t.algorithms.indexOf(w.header.alg)===-1){return b(new n("invalid algorithm"))}if(S.alg.startsWith("HS")&&s.type!=="secret"){return b(new n(`secretOrPublicKey must be a symmetric key when using ${S.alg}`))}else if(/^(?:RS|PS|ES)/.test(S.alg)&&s.type!=="public"){return b(new n(`secretOrPublicKey must be an asymmetric key when using ${S.alg}`))}if(!t.allowInvalidAsymmetricKeyTypes){try{u(S.alg,s)}catch(e){return b(e)}}let I;try{I=c.verify(e,w.header.alg,s)}catch(e){return b(e)}if(!I){return b(new n("invalid signature"))}const A=w.payload;if(typeof A.nbf!=="undefined"&&!t.ignoreNotBefore){if(typeof A.nbf!=="number"){return b(new n("invalid nbf value"))}if(A.nbf>m+(t.clockTolerance||0)){return b(new a("jwt not active",new Date(A.nbf*1e3)))}}if(typeof A.exp!=="undefined"&&!t.ignoreExpiration){if(typeof A.exp!=="number"){return b(new n("invalid exp value"))}if(m>=A.exp+(t.clockTolerance||0)){return b(new i("jwt expired",new Date(A.exp*1e3)))}}if(t.audience){const e=Array.isArray(t.audience)?t.audience:[t.audience];const r=Array.isArray(A.aud)?A.aud:[A.aud];const a=r.some((function(r){return e.some((function(e){return e instanceof RegExp?e.test(r):e===r}))}));if(!a){return b(new n("jwt audience invalid. expected: "+e.join(" or ")))}}if(t.issuer){const e=typeof t.issuer==="string"&&A.iss!==t.issuer||Array.isArray(t.issuer)&&t.issuer.indexOf(A.iss)===-1;if(e){return b(new n("jwt issuer invalid. expected: "+t.issuer))}}if(t.subject){if(A.sub!==t.subject){return b(new n("jwt subject invalid. expected: "+t.subject))}}if(t.jwtid){if(A.jti!==t.jwtid){return b(new n("jwt jwtid invalid. expected: "+t.jwtid))}}if(t.nonce){if(A.nonce!==t.nonce){return b(new n("jwt nonce invalid. expected: "+t.nonce))}}if(t.maxAge){if(typeof A.iat!=="number"){return b(new n("iat required when maxAge is specified"))}const e=o(t.maxAge,A.iat);if(typeof e==="undefined"){return b(new n('"maxAge" should be a number of seconds or string representing a timespan eg: "1d", "20h", 60'))}if(m>=e+(t.clockTolerance||0)){return b(new i("maxAge exceeded",new Date(e*1e3)))}}if(t.complete===true){const e=w.signature;return b(null,{header:S,payload:A,signature:e})}return b(null,A)}))}},251:(e,r,t)=>{var n=t(112);var a=t(911).Buffer;var i=t(113);var s=t(160);var o=t(837);var u='"%s" is not a valid algorithm.\n Supported algorithms are:\n "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "PS256", "PS384", "PS512", "ES256", "ES384", "ES512" and "none".';var l="secret must be a string or buffer";var c="key must be a string or a buffer";var f="key must be a string, a buffer or an object";var h=typeof i.createPublicKey==="function";if(h){c+=" or a KeyObject";l+="or a KeyObject"}function checkIsPublicKey(e){if(a.isBuffer(e)){return}if(typeof e==="string"){return}if(!h){throw typeError(c)}if(typeof e!=="object"){throw typeError(c)}if(typeof e.type!=="string"){throw typeError(c)}if(typeof e.asymmetricKeyType!=="string"){throw typeError(c)}if(typeof e.export!=="function"){throw typeError(c)}}function checkIsPrivateKey(e){if(a.isBuffer(e)){return}if(typeof e==="string"){return}if(typeof e==="object"){return}throw typeError(f)}function checkIsSecretKey(e){if(a.isBuffer(e)){return}if(typeof e==="string"){return e}if(!h){throw typeError(l)}if(typeof e!=="object"){throw typeError(l)}if(e.type!=="secret"){throw typeError(l)}if(typeof e.export!=="function"){throw typeError(l)}}function fromBase64(e){return e.replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function toBase64(e){e=e.toString();var r=4-e.length%4;if(r!==4){for(var t=0;t<r;++t){e+="="}}return e.replace(/\-/g,"+").replace(/_/g,"/")}function typeError(e){var r=[].slice.call(arguments,1);var t=o.format.bind(o,e).apply(null,r);return new TypeError(t)}function bufferOrString(e){return a.isBuffer(e)||typeof e==="string"}function normalizeInput(e){if(!bufferOrString(e))e=JSON.stringify(e);return e}function createHmacSigner(e){return function sign(r,t){checkIsSecretKey(t);r=normalizeInput(r);var n=i.createHmac("sha"+e,t);var a=(n.update(r),n.digest("base64"));return fromBase64(a)}}function createHmacVerifier(e){return function verify(r,t,i){var s=createHmacSigner(e)(r,i);return n(a.from(t),a.from(s))}}function createKeySigner(e){return function sign(r,t){checkIsPrivateKey(t);r=normalizeInput(r);var n=i.createSign("RSA-SHA"+e);var a=(n.update(r),n.sign(t,"base64"));return fromBase64(a)}}function createKeyVerifier(e){return function verify(r,t,n){checkIsPublicKey(n);r=normalizeInput(r);t=toBase64(t);var a=i.createVerify("RSA-SHA"+e);a.update(r);return a.verify(n,t,"base64")}}function createPSSKeySigner(e){return function sign(r,t){checkIsPrivateKey(t);r=normalizeInput(r);var n=i.createSign("RSA-SHA"+e);var a=(n.update(r),n.sign({key:t,padding:i.constants.RSA_PKCS1_PSS_PADDING,saltLength:i.constants.RSA_PSS_SALTLEN_DIGEST},"base64"));return fromBase64(a)}}function createPSSKeyVerifier(e){return function verify(r,t,n){checkIsPublicKey(n);r=normalizeInput(r);t=toBase64(t);var a=i.createVerify("RSA-SHA"+e);a.update(r);return a.verify({key:n,padding:i.constants.RSA_PKCS1_PSS_PADDING,saltLength:i.constants.RSA_PSS_SALTLEN_DIGEST},t,"base64")}}function createECDSASigner(e){var r=createKeySigner(e);return function sign(){var t=r.apply(null,arguments);t=s.derToJose(t,"ES"+e);return t}}function createECDSAVerifer(e){var r=createKeyVerifier(e);return function verify(t,n,a){n=s.joseToDer(n,"ES"+e).toString("base64");var i=r(t,n,a);return i}}function createNoneSigner(){return function sign(){return""}}function createNoneVerifier(){return function verify(e,r){return r===""}}e.exports=function jwa(e){var r={hs:createHmacSigner,rs:createKeySigner,ps:createPSSKeySigner,es:createECDSASigner,none:createNoneSigner};var t={hs:createHmacVerifier,rs:createKeyVerifier,ps:createPSSKeyVerifier,es:createECDSAVerifer,none:createNoneVerifier};var n=e.match(/^(RS|PS|ES|HS)(256|384|512)$|^(none)$/i);if(!n)throw typeError(u,e);var a=(n[1]||n[3]).toLowerCase();var i=n[2];return{sign:r[a](i),verify:t[a](i)}}},111:(e,r,t)=>{var n=t(409);var a=t(851);var i=["HS256","HS384","HS512","RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"];r.ALGORITHMS=i;r.sign=n.sign;r.verify=a.verify;r.decode=a.decode;r.isValid=a.isValid;r.createSign=function createSign(e){return new n(e)};r.createVerify=function createVerify(e){return new a(e)}},626:(e,r,t)=>{var n=t(911).Buffer;var a=t(781);var i=t(837);function DataStream(e){this.buffer=null;this.writable=true;this.readable=true;if(!e){this.buffer=n.alloc(0);return this}if(typeof e.pipe==="function"){this.buffer=n.alloc(0);e.pipe(this);return this}if(e.length||typeof e==="object"){this.buffer=e;this.writable=false;process.nextTick(function(){this.emit("end",e);this.readable=false;this.emit("close")}.bind(this));return this}throw new TypeError("Unexpected data type ("+typeof e+")")}i.inherits(DataStream,a);DataStream.prototype.write=function write(e){this.buffer=n.concat([this.buffer,n.from(e)]);this.emit("data",e)};DataStream.prototype.end=function end(e){if(e)this.write(e);this.emit("end",e);this.emit("close");this.writable=false;this.readable=false};e.exports=DataStream},409:(e,r,t)=>{var n=t(911).Buffer;var a=t(626);var i=t(251);var s=t(781);var o=t(730);var u=t(837);function base64url(e,r){return n.from(e,r).toString("base64").replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function jwsSecuredInput(e,r,t){t=t||"utf8";var n=base64url(o(e),"binary");var a=base64url(o(r),t);return u.format("%s.%s",n,a)}function jwsSign(e){var r=e.header;var t=e.payload;var n=e.secret||e.privateKey;var a=e.encoding;var s=i(r.alg);var o=jwsSecuredInput(r,t,a);var l=s.sign(o,n);return u.format("%s.%s",o,l)}function SignStream(e){var r=e.secret||e.privateKey||e.key;var t=new a(r);this.readable=true;this.header=e.header;this.encoding=e.encoding;this.secret=this.privateKey=this.key=t;this.payload=new a(e.payload);this.secret.once("close",function(){if(!this.payload.writable&&this.readable)this.sign()}.bind(this));this.payload.once("close",function(){if(!this.secret.writable&&this.readable)this.sign()}.bind(this))}u.inherits(SignStream,s);SignStream.prototype.sign=function sign(){try{var e=jwsSign({header:this.header,payload:this.payload.buffer,secret:this.secret.buffer,encoding:this.encoding});this.emit("done",e);this.emit("data",e);this.emit("end");this.readable=false;return e}catch(e){this.readable=false;this.emit("error",e);this.emit("close")}};SignStream.sign=jwsSign;e.exports=SignStream},730:(e,r,t)=>{var n=t(300).Buffer;e.exports=function toString(e){if(typeof e==="string")return e;if(typeof e==="number"||n.isBuffer(e))return e.toString();return JSON.stringify(e)}},851:(e,r,t)=>{var n=t(911).Buffer;var a=t(626);var i=t(251);var s=t(781);var o=t(730);var u=t(837);var l=/^[a-zA-Z0-9\-_]+?\.[a-zA-Z0-9\-_]+?\.([a-zA-Z0-9\-_]+)?$/;function isObject(e){return Object.prototype.toString.call(e)==="[object Object]"}function safeJsonParse(e){if(isObject(e))return e;try{return JSON.parse(e)}catch(e){return undefined}}function headerFromJWS(e){var r=e.split(".",1)[0];return safeJsonParse(n.from(r,"base64").toString("binary"))}function securedInputFromJWS(e){return e.split(".",2).join(".")}function signatureFromJWS(e){return e.split(".")[2]}function payloadFromJWS(e,r){r=r||"utf8";var t=e.split(".")[1];return n.from(t,"base64").toString(r)}function isValidJws(e){return l.test(e)&&!!headerFromJWS(e)}function jwsVerify(e,r,t){if(!r){var n=new Error("Missing algorithm parameter for jws.verify");n.code="MISSING_ALGORITHM";throw n}e=o(e);var a=signatureFromJWS(e);var s=securedInputFromJWS(e);var u=i(r);return u.verify(s,a,t)}function jwsDecode(e,r){r=r||{};e=o(e);if(!isValidJws(e))return null;var t=headerFromJWS(e);if(!t)return null;var n=payloadFromJWS(e);if(t.typ==="JWT"||r.json)n=JSON.parse(n,r.encoding);return{header:t,payload:n,signature:signatureFromJWS(e)}}function VerifyStream(e){e=e||{};var r=e.secret||e.publicKey||e.key;var t=new a(r);this.readable=true;this.algorithm=e.algorithm;this.encoding=e.encoding;this.secret=this.publicKey=this.key=t;this.signature=new a(e.signature);this.secret.once("close",function(){if(!this.signature.writable&&this.readable)this.verify()}.bind(this));this.signature.once("close",function(){if(!this.secret.writable&&this.readable)this.verify()}.bind(this))}u.inherits(VerifyStream,s);VerifyStream.prototype.verify=function verify(){try{var e=jwsVerify(this.signature.buffer,this.algorithm,this.key.buffer);var r=jwsDecode(this.signature.buffer,this.encoding);this.emit("done",e,r);this.emit("data",e);this.emit("end");this.readable=false;return e}catch(e){this.readable=false;this.emit("error",e);this.emit("close")}};VerifyStream.decode=jwsDecode;VerifyStream.isValid=isValidJws;VerifyStream.verify=jwsVerify;e.exports=VerifyStream},536:function(e,r,t){e=t.nmd(e);
2/**
3 * @license
4 * Lodash <https://lodash.com/>

Callers

nothing calls this directly

Calls 4

checkIsPublicKeyFunction · 0.70
normalizeInputFunction · 0.70
toBase64Function · 0.70
updateMethod · 0.45

Tested by

no test coverage detected