SAP-BTP-Spielwiese/app1/node_modules/@sap/xssec/lib/tokeninfo.js

'use strict';

const jwt = require('jsonwebtoken');

//This object is meant only for testing and logging!

//!! Security Alert !!
//parameter validation is also very important for content within this token!!
//So do not trust the information blind! (especially e.g. uris)

function TokenInfo(encoded) {
    var payload = {};
    var header = {};
    var errobj = undefined;

    function decode() {
        if (encoded) {
            var token = jwt.decode(encoded, { complete: true });
            if (!token) {
                errobj = new jwt.JsonWebTokenError("jwt malformed");
                errobj.statuscode = 401;
            } else {
                payload = token.payload;
                header = token.header;
            }
        } else {
            errobj = new jwt.JsonWebTokenError("jwt undefined");
            errobj.statuscode = 400;
        }
    }

    this.reset = function (enc) {
        errobj = undefined;
        payload = {};
        header = {};
        encoded = enc;
        decode();
    }

    this.isDecoded = function () {
        return payload ? true : false;
    }

    this.isValid = function () {
        return errobj ? false : true;
    }

    this.getErrorObject = function () {
        return errobj;
    }

    this.getTokenValue = function () {
        return encoded;
    }

    this.getHeader = function () {
        return header;
    }

    //return the complete payload of the token    
    this.getPayload = function () {
        return payload;
    }

    //Getter for public Claims (see https://tools.ietf.org/html/rfc7519#section-4)
    this.getExpirationDate = function () {
        return payload.exp ? new Date(payload.exp * 1000) : null;
    }

    this.getIssuedAt = function () {
        return payload.iat ? new Date(payload.iat * 1000) : null;
    }

    this.getIssuer = function () {
        let issuer = payload["ias_iss"] ? payload["ias_iss"] : payload.iss;
        if (issuer && issuer.indexOf('http') !== 0) {
            issuer = "https://" + issuer;
        }
        return issuer;
    }

    this.getCustomIssuer = function () {
        return payload["ias_iss"] ? payload.iss : null;
    }

    this.getSubject = function () {
        return payload.sub;
    }

    this.getAudiencesArray = function () {
        if (!payload.aud) {
            return null;
        }
        return Array.isArray(payload.aud) ? payload.aud : [payload.aud];
    }

    this.getUserId = function () {
        if (this.isTokenIssuedByXSUAA()) {
            return payload.user_uuid || payload.sub;
        } else {
            return payload.user_uuid;
        }
    }

    this.getZoneId = function () {
        return this.getAppTID();
    }

    this.getAppTID = function() {
        if (this.isTokenIssuedByXSUAA()) {
          return payload.zid;
        } else {
          return payload.app_tid ? payload.app_tid : payload.zone_uuid;
        }
    }

    this.getClientId = function () {
        var azp = payload.azp;
        if (azp) {
            return azp;
        }
        var aud = this.getAudiencesArray();
        if (!aud || aud.length != 1) {
            return null;
        }

        //make sure it's not an empty string
        return aud[0] ? aud[0] : payload.cid;
    }

    this.getAzp = function() {
        return payload.azp;
    }

    this.isTokenIssuedByXSUAA = function () {
        return payload.ext_attr ? payload.ext_attr.enhancer === "XSUAA" : false;
    }

    this.verify = function (verificationKeySupplier, cb) { 
        return jwt.verify(encoded,
            verificationKeySupplier,
            {
                algorithms: ['RS256'] //XSUAA currently only allow/generate RS256
            },
            function (err) {
                errobj = err;

                if (err) {
                    errobj.statuscode = 401;
                }

                return cb(err, this);
            }.bind(this)
        );
    }

    decode();
};

module.exports = TokenInfo;
completed step 3 from the tutorial you must login with an BTP account in order to see the app 2024-02-08 16:13:36 +01:00			`'use strict';`

			`const jwt = require('jsonwebtoken');`

			`//This object is meant only for testing and logging!`

			`//!! Security Alert !!`
			`//parameter validation is also very important for content within this token!!`
			`//So do not trust the information blind! (especially e.g. uris)`

			`function TokenInfo(encoded) {`
			`var payload = {};`
			`var header = {};`
			`var errobj = undefined;`

			`function decode() {`
			`if (encoded) {`
			`var token = jwt.decode(encoded, { complete: true });`
			`if (!token) {`
			`errobj = new jwt.JsonWebTokenError("jwt malformed");`
			`errobj.statuscode = 401;`
			`} else {`
			`payload = token.payload;`
			`header = token.header;`
			`}`
			`} else {`
			`errobj = new jwt.JsonWebTokenError("jwt undefined");`
			`errobj.statuscode = 400;`
			`}`
			`}`

			`this.reset = function (enc) {`
			`errobj = undefined;`
			`payload = {};`
			`header = {};`
			`encoded = enc;`
			`decode();`
			`}`

			`this.isDecoded = function () {`
			`return payload ? true : false;`
			`}`

			`this.isValid = function () {`
			`return errobj ? false : true;`
			`}`

			`this.getErrorObject = function () {`
			`return errobj;`
			`}`

			`this.getTokenValue = function () {`
			`return encoded;`
			`}`

			`this.getHeader = function () {`
			`return header;`
			`}`

			`//return the complete payload of the token`
			`this.getPayload = function () {`
			`return payload;`
			`}`

			`//Getter for public Claims (see https://tools.ietf.org/html/rfc7519#section-4)`
			`this.getExpirationDate = function () {`
			`return payload.exp ? new Date(payload.exp * 1000) : null;`
			`}`

			`this.getIssuedAt = function () {`
			`return payload.iat ? new Date(payload.iat * 1000) : null;`
			`}`

			`this.getIssuer = function () {`
			`let issuer = payload["ias_iss"] ? payload["ias_iss"] : payload.iss;`
			`if (issuer && issuer.indexOf('http') !== 0) {`
			`issuer = "https://" + issuer;`
			`}`
			`return issuer;`
			`}`

			`this.getCustomIssuer = function () {`
			`return payload["ias_iss"] ? payload.iss : null;`
			`}`

			`this.getSubject = function () {`
			`return payload.sub;`
			`}`

			`this.getAudiencesArray = function () {`
			`if (!payload.aud) {`
			`return null;`
			`}`
			`return Array.isArray(payload.aud) ? payload.aud : [payload.aud];`
			`}`

			`this.getUserId = function () {`
			`if (this.isTokenIssuedByXSUAA()) {`
			`return payload.user_uuid \|\| payload.sub;`
			`} else {`
			`return payload.user_uuid;`
			`}`
			`}`

			`this.getZoneId = function () {`
			`return this.getAppTID();`
			`}`

			`this.getAppTID = function() {`
			`if (this.isTokenIssuedByXSUAA()) {`
			`return payload.zid;`
			`} else {`
			`return payload.app_tid ? payload.app_tid : payload.zone_uuid;`
			`}`
			`}`

			`this.getClientId = function () {`
			`var azp = payload.azp;`
			`if (azp) {`
			`return azp;`
			`}`
			`var aud = this.getAudiencesArray();`
			`if (!aud \|\| aud.length != 1) {`
			`return null;`
			`}`

			`//make sure it's not an empty string`
			`return aud[0] ? aud[0] : payload.cid;`
			`}`

			`this.getAzp = function() {`
			`return payload.azp;`
			`}`

			`this.isTokenIssuedByXSUAA = function () {`
			`return payload.ext_attr ? payload.ext_attr.enhancer === "XSUAA" : false;`
			`}`

			`this.verify = function (verificationKeySupplier, cb) {`
			`return jwt.verify(encoded,`
			`verificationKeySupplier,`
			`{`
			`algorithms: ['RS256'] //XSUAA currently only allow/generate RS256`
			`},`
			`function (err) {`
			`errobj = err;`

			`if (err) {`
			`errobj.statuscode = 401;`
			`}`

			`return cb(err, this);`
			`}.bind(this)`
			`);`
			`}`

			`decode();`
			`};`

			`module.exports = TokenInfo;`