forked from FormidableLabs/react-native-app-auth
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.js
135 lines (121 loc) · 4.06 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
import invariant from 'invariant';
import { NativeModules, Platform } from 'react-native';
const { RNAppAuth } = NativeModules;
const validateScopes = scopes =>
invariant(scopes && scopes.length, 'Scope error: please add at least one scope');
const validateIssuerOrServiceConfigurationEndpoints = (issuer, serviceConfiguration) =>
invariant(
typeof issuer === 'string' ||
(serviceConfiguration &&
typeof serviceConfiguration.authorizationEndpoint === 'string' &&
typeof serviceConfiguration.tokenEndpoint === 'string'),
'Config error: you must provide either an issuer or a service endpoints'
);
const validateIssuerOrServiceConfigurationRevocationEndpoint = (issuer, serviceConfiguration) =>
invariant(
typeof issuer === 'string' ||
(serviceConfiguration && typeof serviceConfiguration.revocationEndpoint === 'string'),
'Config error: you must provide either an issuer or a revocation endpoint'
);
const validateClientId = clientId =>
invariant(typeof clientId === 'string', 'Config error: clientId must be a string');
const validateRedirectUrl = redirectUrl =>
invariant(typeof redirectUrl === 'string', 'Config error: redirectUrl must be a string');
export const authorize = ({
issuer,
redirectUrl,
clientId,
clientSecret,
scopes,
additionalParameters,
serviceConfiguration,
dangerouslyAllowInsecureHttpRequests = false,
}) => {
validateScopes(scopes);
validateIssuerOrServiceConfigurationEndpoints(issuer, serviceConfiguration);
validateClientId(clientId);
validateRedirectUrl(redirectUrl);
// TODO: validateAdditionalParameters
const nativeMethodArguments = [
issuer,
redirectUrl,
clientId,
clientSecret,
scopes,
additionalParameters,
serviceConfiguration,
];
if (Platform.OS === 'android') {
nativeMethodArguments.push(dangerouslyAllowInsecureHttpRequests);
}
return RNAppAuth.authorize(...nativeMethodArguments);
};
export const refresh = (
{
issuer,
redirectUrl,
clientId,
clientSecret,
scopes,
additionalParameters,
serviceConfiguration,
dangerouslyAllowInsecureHttpRequests = false,
},
{ refreshToken }
) => {
validateScopes(scopes);
validateIssuerOrServiceConfigurationEndpoints(issuer, serviceConfiguration);
validateClientId(clientId);
validateRedirectUrl(redirectUrl);
invariant(refreshToken, 'Please pass in a refresh token');
// TODO: validateAdditionalParameters
const nativeMethodArguments = [
issuer,
redirectUrl,
clientId,
clientSecret,
refreshToken,
scopes,
additionalParameters,
serviceConfiguration,
];
if (Platform.OS === 'android') {
nativeMethodArguments.push(dangerouslyAllowInsecureHttpRequests);
}
return RNAppAuth.refresh(...nativeMethodArguments);
};
export const revoke = async (
{ clientId, issuer, serviceConfiguration },
{ tokenToRevoke, sendClientId = false }
) => {
invariant(tokenToRevoke, 'Please include the token to revoke');
validateClientId(clientId);
validateIssuerOrServiceConfigurationRevocationEndpoint(issuer, serviceConfiguration);
let revocationEndpoint;
if (serviceConfiguration && serviceConfiguration.revocationEndpoint) {
revocationEndpoint = serviceConfiguration.revocationEndpoint;
} else {
const response = await fetch(`${issuer}/.well-known/openid-configuration`);
const openidConfig = await response.json();
invariant(
openidConfig.revocation_endpoint,
'The openid config does not specify a revocation endpoint'
);
revocationEndpoint = openidConfig.revocation_endpoint;
}
/**
Identity Server insists on client_id being passed in the body,
but Google does not. According to the spec, Google is right
so defaulting to no client_id
https://tools.ietf.org/html/rfc7009#section-2.1
**/
return await fetch(revocationEndpoint, {
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
body: `token=${tokenToRevoke}${sendClientId ? `&client_id=${clientId}` : ''}`,
}).catch(error => {
throw new Error('Failed to revoke token', error);
});
};