changed jwt.verify to not directly use WebCrypto
This commit is contained in:
parent
695df45a1d
commit
06411918a7
|
@ -213,21 +213,12 @@
|
||||||
|
|
||||||
return { header: jsons[0], payload: jsons[1] };
|
return { header: jsons[0], payload: jsons[1] };
|
||||||
}
|
}
|
||||||
, verify: function (str, pubKey) {
|
, verify: function (jwk, token) {
|
||||||
var parts = str.split(/\./g);
|
var parts = token.split(/\./g);
|
||||||
var data = OAUTH3._binStr.binStrToBuffer(parts.slice(0, 2).join('.'));
|
var data = OAUTH3._binStr.binStrToBuffer(parts.slice(0, 2).join('.'));
|
||||||
var signature = OAUTH3._base64.urlSafeToBuffer(parts[2]);
|
var signature = OAUTH3._base64.urlSafeToBuffer(parts[2]);
|
||||||
|
|
||||||
var keyPromise;
|
return OAUTH3.crypto.core.verify(jwk, data, signature);
|
||||||
if (pubKey instanceof OAUTH3._browser.window.CryptoKey) {
|
|
||||||
keyPromise = OAUTH3.PromiseA.resolve(pubKey);
|
|
||||||
} else {
|
|
||||||
keyPromise = OAUTH3._browser.window.crypto.subtle.importKey('jwk', pubKey, {name: 'ECDSA', namedCurve: pubKey.crv}, false, ['verify']);
|
|
||||||
}
|
|
||||||
|
|
||||||
return keyPromise.then(function (key) {
|
|
||||||
return OAUTH3._browser.window.crypto.subtle.verify({name: 'ECDSA', hash: {name: 'SHA-256'}}, key, signature, data);
|
|
||||||
});
|
|
||||||
}
|
}
|
||||||
, freshness: function (tokenMeta, staletime, _now) {
|
, freshness: function (tokenMeta, staletime, _now) {
|
||||||
staletime = staletime || (15 * 60);
|
staletime = staletime || (15 * 60);
|
||||||
|
|
Loading…
Reference in New Issue