File size: 3,273 Bytes
10852fa 0caa00d 9592df2 0caa00d 9592df2 10852fa 9592df2 10852fa 9592df2 10852fa 9592df2 10852fa 9592df2 10852fa 9592df2 10852fa 9592df2 10852fa 9592df2 10852fa 9592df2 10852fa 9592df2 10852fa 9592df2 10852fa 9592df2 10852fa 9592df2 10852fa 9592df2 10852fa 9592df2 10852fa 9592df2 10852fa |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 |
import { CompactEncrypt } from '../jwe/compact/encrypt.js';
import { JWTClaimsBuilder } from '../lib/jwt_claims_set.js';
export class EncryptJWT {
#cek;
#iv;
#keyManagementParameters;
#protectedHeader;
#replicateIssuerAsHeader;
#replicateSubjectAsHeader;
#replicateAudienceAsHeader;
#jwt;
constructor(payload = {}) {
this.#jwt = new JWTClaimsBuilder(payload);
}
setIssuer(issuer) {
this.#jwt.iss = issuer;
return this;
}
setSubject(subject) {
this.#jwt.sub = subject;
return this;
}
setAudience(audience) {
this.#jwt.aud = audience;
return this;
}
setJti(jwtId) {
this.#jwt.jti = jwtId;
return this;
}
setNotBefore(input) {
this.#jwt.nbf = input;
return this;
}
setExpirationTime(input) {
this.#jwt.exp = input;
return this;
}
setIssuedAt(input) {
this.#jwt.iat = input;
return this;
}
setProtectedHeader(protectedHeader) {
if (this.#protectedHeader) {
throw new TypeError('setProtectedHeader can only be called once');
}
this.#protectedHeader = protectedHeader;
return this;
}
setKeyManagementParameters(parameters) {
if (this.#keyManagementParameters) {
throw new TypeError('setKeyManagementParameters can only be called once');
}
this.#keyManagementParameters = parameters;
return this;
}
setContentEncryptionKey(cek) {
if (this.#cek) {
throw new TypeError('setContentEncryptionKey can only be called once');
}
this.#cek = cek;
return this;
}
setInitializationVector(iv) {
if (this.#iv) {
throw new TypeError('setInitializationVector can only be called once');
}
this.#iv = iv;
return this;
}
replicateIssuerAsHeader() {
this.#replicateIssuerAsHeader = true;
return this;
}
replicateSubjectAsHeader() {
this.#replicateSubjectAsHeader = true;
return this;
}
replicateAudienceAsHeader() {
this.#replicateAudienceAsHeader = true;
return this;
}
async encrypt(key, options) {
const enc = new CompactEncrypt(this.#jwt.data());
if (this.#protectedHeader &&
(this.#replicateIssuerAsHeader ||
this.#replicateSubjectAsHeader ||
this.#replicateAudienceAsHeader)) {
this.#protectedHeader = {
...this.#protectedHeader,
iss: this.#replicateIssuerAsHeader ? this.#jwt.iss : undefined,
sub: this.#replicateSubjectAsHeader ? this.#jwt.sub : undefined,
aud: this.#replicateAudienceAsHeader ? this.#jwt.aud : undefined,
};
}
enc.setProtectedHeader(this.#protectedHeader);
if (this.#iv) {
enc.setInitializationVector(this.#iv);
}
if (this.#cek) {
enc.setContentEncryptionKey(this.#cek);
}
if (this.#keyManagementParameters) {
enc.setKeyManagementParameters(this.#keyManagementParameters);
}
return enc.encrypt(key, options);
}
}
|