add unsecured jwt

2017-01-24 13:10:16 -07:00 · 2017-01-24 13:10:16 -07:00 · 6f86d6ea6c
commit 6f86d6ea6c
parent 35f4708d9a
1 changed files with 57 additions and 9 deletions
--- a/oauth3.core.js
+++ b/oauth3.core.js
@ -33,10 +33,10 @@

  // Modified from http://stackoverflow.com/a/7826782
  core.queryparse = function (search) {
-		// parse a query or a hash
-		if (-1 !== ['#', '?'].indexOf(search[0])) {
-			search = search.substring(1);
-		}
+    // parse a query or a hash
+    if (-1 !== ['#', '?'].indexOf(search[0])) {
+      search = search.substring(1);
+    }

    var args = search.split('&');
    var argsParsed = {};
@ -48,15 +48,15 @@

        if (-1 === arg.indexOf('=')) {

-        	argsParsed[decodeURIComponent(arg).trim()] = true;
+          argsParsed[decodeURIComponent(arg).trim()] = true;

        }
        else {

-					kvp = arg.split('=');
-					key = decodeURIComponent(kvp[0]).trim();
-					value = decodeURIComponent(kvp[1]).trim();
-					argsParsed[key] = value;
+          kvp = arg.split('=');
+          key = decodeURIComponent(kvp[0]).trim();
+          value = decodeURIComponent(kvp[1]).trim();
+          argsParsed[key] = value;

        }
    }
@ -64,6 +64,54 @@
    return argsParsed;
  };

+  core.utils = {
+    urlSafeBase64ToBase64: function (b64) {
+      // URL-safe Base64 to Base64
+      b64 = b64.replace(/-/g, '+').replace(/_/g, '/');
+      b64 = (b64 + '===').slice(0, b64.length + (b64.length % 4));
+      return b64;
+    }
+  , base64ToUrlSafeBase64: function (b64) {
+      // Base64 to URL-safe Base64
+      b64 = b64.replace(/\+/g, '-').replace(/\//g, '_');
+      b64 = b64.replace(/=+/g, '');
+      return b64;
+    }
+  };
+  core.jwt = {
+    // decode only (no verification)
+    decode: function (str) {
+
+      // 'abc.qrs.xyz'
+      // [ 'abc', 'qrs', 'xyz' ]
+      // [ {}, {}, 'foo' ]
+      // { header: {}, payload: {}, signature: }
+      var parts = str.split(/\./g);
+      var jsons = parts.slice(0, 2).map(function (b64) {
+        var atob = exports.atob || require('atob');
+        return atob(core.utils.urlSafeBase64ToBase64(b64));
+      });
+
+      return {
+        header: JSON.parse(jsons[0])
+      , payload: JSON.parse(jsons[1])
+      , signature: parts[2]
+      };
+    }
+    // encode-only (no signature)
+  , encode: function (parts) {
+      parts.header = parts.header || { alg: 'none', typ: 'jwt' };
+      parts.signature = parts.signature || '';
+      var result = [
+        core.utils.base64ToUrlSafeBase64(JSON.stringify(parts.header, null))
+      , core.utils.base64ToUrlSafeBase64(JSON.stringify(parts.payload, null))
+      , parts.signature
+      ].join('.');
+
+      return result;
+    }
+  };
+
  core.authorizationCode = function (/*directive, scope, redirectUri, clientId*/) {
    //
    // Example Authorization Code Request