s202226701001/sever-test/node_modules/parse-server/lib/Adapters/Auth/apple.js

"use strict";

// Apple SignIn Auth
// https://developer.apple.com/documentation/signinwithapplerestapi

const Parse = require('parse/node').Parse;
const jwksClient = require('jwks-rsa');
const jwt = require('jsonwebtoken');
const authUtils = require('./utils');
const TOKEN_ISSUER = 'https://appleid.apple.com';
const getAppleKeyByKeyId = async (keyId, cacheMaxEntries, cacheMaxAge) => {
  const client = jwksClient({
    jwksUri: `${TOKEN_ISSUER}/auth/keys`,
    cache: true,
    cacheMaxEntries,
    cacheMaxAge
  });
  let key;
  try {
    key = await authUtils.getSigningKey(client, keyId);
  } catch (error) {
    throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, `Unable to find matching key for Key ID: ${keyId}`);
  }
  return key;
};
const verifyIdToken = async ({
  token,
  id
}, {
  clientId,
  cacheMaxEntries,
  cacheMaxAge
}) => {
  if (!token) {
    throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, `id token is invalid for this user.`);
  }
  const {
    kid: keyId,
    alg: algorithm
  } = authUtils.getHeaderFromToken(token);
  const ONE_HOUR_IN_MS = 3600000;
  let jwtClaims;
  cacheMaxAge = cacheMaxAge || ONE_HOUR_IN_MS;
  cacheMaxEntries = cacheMaxEntries || 5;
  const appleKey = await getAppleKeyByKeyId(keyId, cacheMaxEntries, cacheMaxAge);
  const signingKey = appleKey.publicKey || appleKey.rsaPublicKey;
  try {
    jwtClaims = jwt.verify(token, signingKey, {
      algorithms: algorithm,
      // the audience can be checked against a string, a regular expression or a list of strings and/or regular expressions.
      audience: clientId
    });
  } catch (exception) {
    const message = exception.message;
    throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, `${message}`);
  }
  if (jwtClaims.iss !== TOKEN_ISSUER) {
    throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, `id token not issued by correct OpenID provider - expected: ${TOKEN_ISSUER} | from: ${jwtClaims.iss}`);
  }
  if (jwtClaims.sub !== id) {
    throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, `auth data is invalid for this user.`);
  }
  return jwtClaims;
};

// Returns a promise that fulfills if this id token is valid
function validateAuthData(authData, options = {}) {
  return verifyIdToken(authData, options);
}

// Returns a promise that fulfills if this app id is valid.
function validateAppId() {
  return Promise.resolve();
}
module.exports = {
  validateAppId,
  validateAuthData
};
//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJuYW1lcyI6WyJQYXJzZSIsInJlcXVpcmUiLCJqd2tzQ2xpZW50Iiwiand0IiwiYXV0aFV0aWxzIiwiVE9LRU5fSVNTVUVSIiwiZ2V0QXBwbGVLZXlCeUtleUlkIiwia2V5SWQiLCJjYWNoZU1heEVudHJpZXMiLCJjYWNoZU1heEFnZSIsImNsaWVudCIsImp3a3NVcmkiLCJjYWNoZSIsImtleSIsImdldFNpZ25pbmdLZXkiLCJlcnJvciIsIkVycm9yIiwiT0JKRUNUX05PVF9GT1VORCIsInZlcmlmeUlkVG9rZW4iLCJ0b2tlbiIsImlkIiwiY2xpZW50SWQiLCJraWQiLCJhbGciLCJhbGdvcml0aG0iLCJnZXRIZWFkZXJGcm9tVG9rZW4iLCJPTkVfSE9VUl9JTl9NUyIsImp3dENsYWltcyIsImFwcGxlS2V5Iiwic2lnbmluZ0tleSIsInB1YmxpY0tleSIsInJzYVB1YmxpY0tleSIsInZlcmlmeSIsImFsZ29yaXRobXMiLCJhdWRpZW5jZSIsImV4Y2VwdGlvbiIsIm1lc3NhZ2UiLCJpc3MiLCJzdWIiLCJ2YWxpZGF0ZUF1dGhEYXRhIiwiYXV0aERhdGEiLCJvcHRpb25zIiwidmFsaWRhdGVBcHBJZCIsIlByb21pc2UiLCJyZXNvbHZlIiwibW9kdWxlIiwiZXhwb3J0cyJdLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9BZGFwdGVycy9BdXRoL2FwcGxlLmpzIl0sInNvdXJjZXNDb250ZW50IjpbIi8vIEFwcGxlIFNpZ25JbiBBdXRoXG4vLyBodHRwczovL2RldmVsb3Blci5hcHBsZS5jb20vZG9jdW1lbnRhdGlvbi9zaWduaW53aXRoYXBwbGVyZXN0YXBpXG5cbmNvbnN0IFBhcnNlID0gcmVxdWlyZSgncGFyc2Uvbm9kZScpLlBhcnNlO1xuY29uc3Qgandrc0NsaWVudCA9IHJlcXVpcmUoJ2p3a3MtcnNhJyk7XG5jb25zdCBqd3QgPSByZXF1aXJlKCdqc29ud2VidG9rZW4nKTtcbmNvbnN0IGF1dGhVdGlscyA9IHJlcXVpcmUoJy4vdXRpbHMnKTtcblxuY29uc3QgVE9LRU5fSVNTVUVSID0gJ2h0dHBzOi8vYXBwbGVpZC5hcHBsZS5jb20nO1xuXG5jb25zdCBnZXRBcHBsZUtleUJ5S2V5SWQgPSBhc3luYyAoa2V5SWQsIGNhY2hlTWF4RW50cmllcywgY2FjaGVNYXhBZ2UpID0+IHtcbiAgY29uc3QgY2xpZW50ID0gandrc0NsaWVudCh7XG4gICAgandrc1VyaTogYCR7VE9LRU5fSVNTVUVSfS9hdXRoL2tleXNgLFxuICAgIGNhY2hlOiB0cnVlLFxuICAgIGNhY2hlTWF4RW50cmllcyxcbiAgICBjYWNoZU1heEFnZSxcbiAgfSk7XG5cbiAgbGV0IGtleTtcbiAgdHJ5IHtcbiAgICBrZXkgPSBhd2FpdCBhdXRoVXRpbHMuZ2V0U2lnbmluZ0tleShjbGllbnQsIGtleUlkKTtcbiAgfSBjYXRjaCAoZXJyb3IpIHtcbiAgICB0aHJvdyBuZXcgUGFyc2UuRXJyb3IoXG4gICAgICBQYXJzZS5FcnJvci5PQkpFQ1RfTk9UX0ZPVU5ELFxuICAgICAgYFVuYWJsZSB0byBmaW5kIG1hdGNoaW5nIGtleSBmb3IgS2V5IElEOiAke2tleUlkfWBcbiAgICApO1xuICB9XG4gIHJldHVybiBrZXk7XG59O1xuXG5jb25zdCB2ZXJpZnlJZFRva2VuID0gYXN5bmMgKHsgdG9rZW4sIGlkIH0sIHsgY2xpZW50SWQsIGNhY2hlTWF4RW50cmllcywgY2FjaGVNYXhBZ2UgfSkgPT4ge1xuICBpZiAoIXRva2VuKSB7XG4gICAgdGhyb3cgbmV3IFBhcnNlLkVycm9yKFBhcnNlLkVycm9yLk9CSkVDVF9OT1RfRk9VTkQsIGBpZCB0b2tlbiBpcyBpbnZhbGlkIGZvciB0aGlzIHVzZXIuYCk7XG4gIH1cblxuICBjb25zdCB7IGtpZDoga2V5SWQsIGFsZzogYWxnb3JpdGhtIH0gPSBhdXRoVXRpbHMuZ2V0SGVhZGVyRnJvbVRva2VuKHRva2VuKTtcbiAgY29uc3QgT05FX0hPVVJfSU5fTVMgPSAzNjAwMDAwO1xuICBsZXQgand0Q2xhaW1zO1xuXG4gIGNhY2hlTWF4QWdlID0gY2FjaGVNYXhBZ2UgfHwgT05FX0hPVVJfSU5fTVM7XG4gIGNhY2hlTWF4RW50cmllcyA9IGNhY2hlTWF4RW50cmllcyB8fCA1O1xuXG4gIGNvbnN0IGFwcGxlS2V5ID0gYXdhaXQgZ2V0QXBwbGVLZXlCeUtleUlkKGtleUlkLCBjYWNoZU1heEVudHJpZXMsIGNhY2hlTWF4QWdlKTtcbiAgY29uc3Qgc2lnbmluZ0tleSA9IGFwcGxlS2V5LnB1YmxpY0tleSB8fCBhcHBsZUtleS5yc2FQdWJsaWNLZXk7XG5cbiAgdHJ5IHtcbiAgICBqd3RDbGFpbXMgPSBqd3QudmVyaWZ5KHRva2VuLCBzaWduaW5nS2V5LCB7XG4gICAgICBhbGdvcml0aG1zOiBhbGdvcml0aG0sXG4gICAgICAvLyB0aGUgYXVkaWVuY2UgY2FuIGJlIGNoZWNrZWQgYWdhaW5zdCBhIHN0cmluZywgYSByZWd1bGFyIGV4cHJlc3Npb24gb3IgYSBsaXN0IG9mIHN0cmluZ3MgYW5kL29yIHJlZ3VsYXIgZXhwcmVzc2lvbnMuXG4gICAgICBhdWRpZW5jZTogY2xpZW50SWQsXG4gICAgfSk7XG4gIH0gY2F0Y2ggKGV4Y2VwdGlvbikge1xuICAgIGNvbnN0IG1lc3NhZ2UgPSBleGNlcHRpb24ubWVzc2FnZTtcblxuICAgIHRocm93IG5ldyBQYXJzZS5FcnJvcihQYXJzZS5FcnJvci5PQkpFQ1RfTk9UX0ZPVU5ELCBgJHttZXNzYWdlfWApO1xuICB9XG5cbiAgaWYgKGp3dENsYWltcy5pc3MgIT09IFRPS0VOX0lTU1VFUikge1xuICAgIHRocm93IG5ldyBQYXJzZS5FcnJvcihcbiAgICAgIFBhcnNlLkVycm9yLk9CSkVDVF9OT1RfRk9VTkQsXG4gICAgICBgaWQgdG9rZW4gbm90IGlzc3VlZCBieSBjb3JyZWN0IE9wZW5JRCBwcm92aWRlciAtIGV4cGVjdGVkOiAke1RPS0VOX0lTU1VFUn0gfCBmcm9tOiAke2p3dENsYWltcy5pc3N9YFxuICAgICk7XG4gIH1cblxuICBpZiAoand0Q2xhaW1zLnN1YiAhPT0gaWQpIHtcbiAgICB0aHJvdyBuZXcgUGFyc2UuRXJyb3IoUGFyc2UuRXJyb3IuT0JKRUNUX05PVF9GT1VORCwgYGF1dGggZGF0YSBpcyBpbnZhbGlkIGZvciB0aGlzIHVzZXIuYCk7XG4gIH1cbiAgcmV0dXJuIGp3dENsYWltcztcbn07XG5cbi8vIFJldHVybnMgYSBwcm9taXNlIHRoYXQgZnVsZmlsbHMgaWYgdGhpcyBpZCB0b2tlbiBpcyB2YWxpZFxuZnVuY3Rpb24gdmFsaWRhdGVBdXRoRGF0YShhdXRoRGF0YSwgb3B0aW9ucyA9IHt9KSB7XG4gIHJldHVybiB2ZXJpZnlJZFRva2VuKGF1dGhEYXRhLCBvcHRpb25zKTtcbn1cblxuLy8gUmV0dXJucyBhIHByb21pc2UgdGhhdCBmdWxmaWxscyBpZiB0aGlzIGFwcCBpZCBpcyB2YWxpZC5cbmZ1bmN0aW9uIHZhbGlkYXRlQXBwSWQoKSB7XG4gIHJldHVybiBQcm9taXNlLnJlc29sdmUoKTtcbn1cblxubW9kdWxlLmV4cG9ydHMgPSB7XG4gIHZhbGlkYXRlQXBwSWQsXG4gIHZhbGlkYXRlQXV0aERhdGEsXG59O1xuIl0sIm1hcHBpbmdzIjoiOztBQUFBO0FBQ0E7O0FBRUEsTUFBTUEsS0FBSyxHQUFHQyxPQUFPLENBQUMsWUFBWSxDQUFDLENBQUNELEtBQUs7QUFDekMsTUFBTUUsVUFBVSxHQUFHRCxPQUFPLENBQUMsVUFBVSxDQUFDO0FBQ3RDLE1BQU1FLEdBQUcsR0FBR0YsT0FBTyxDQUFDLGNBQWMsQ0FBQztBQUNuQyxNQUFNRyxTQUFTLEdBQUdILE9BQU8sQ0FBQyxTQUFTLENBQUM7QUFFcEMsTUFBTUksWUFBWSxHQUFHLDJCQUEyQjtBQUVoRCxNQUFNQyxrQkFBa0IsR0FBRyxNQUFBQSxDQUFPQyxLQUFLLEVBQUVDLGVBQWUsRUFBRUMsV0FBVyxLQUFLO0VBQ3hFLE1BQU1DLE1BQU0sR0FBR1IsVUFBVSxDQUFDO0lBQ3hCUyxPQUFPLEVBQUUsR0FBR04sWUFBWSxZQUFZO0lBQ3BDTyxLQUFLLEVBQUUsSUFBSTtJQUNYSixlQUFlO0lBQ2ZDO0VBQ0YsQ0FBQyxDQUFDO0VBRUYsSUFBSUksR0FBRztFQUNQLElBQUk7SUFDRkEsR0FBRyxHQUFHLE1BQU1ULFNBQVMsQ0FBQ1UsYUFBYSxDQUFDSixNQUFNLEVBQUVILEtBQUssQ0FBQztFQUNwRCxDQUFDLENBQUMsT0FBT1EsS0FBSyxFQUFFO0lBQ2QsTUFBTSxJQUFJZixLQUFLLENBQUNnQixLQUFLLENBQ25CaEIsS0FBSyxDQUFDZ0IsS0FBSyxDQUFDQyxnQkFBZ0IsRUFDNUIsMkNBQTJDVixLQUFLLEVBQ2xELENBQUM7RUFDSDtFQUNBLE9BQU9NLEdBQUc7QUFDWixDQUFDO0FBRUQsTUFBTUssYUFBYSxHQUFHLE1BQUFBLENBQU87RUFBRUMsS0FBSztFQUFFQztBQUFHLENBQUMsRUFBRTtFQUFFQyxRQUFRO0VBQUViLGVBQWU7RUFBRUM7QUFBWSxDQUFDLEtBQUs7RUFDekYsSUFBSSxDQUFDVSxLQUFLLEVBQUU7SUFDVixNQUFNLElBQUluQixLQUFLLENBQUNnQixLQUFLLENBQUNoQixLQUFLLENBQUNnQixLQUFLLENBQUNDLGdCQUFnQixFQUFFLG9DQUFvQyxDQUFDO0VBQzNGO0VBRUEsTUFBTTtJQUFFSyxHQUFHLEVBQUVmLEtBQUs7SUFBRWdCLEdBQUcsRUFBRUM7RUFBVSxDQUFDLEdBQUdwQixTQUFTLENBQUNxQixrQkFBa0IsQ0FBQ04sS0FBSyxDQUFDO0VBQzFFLE1BQU1PLGNBQWMsR0FBRyxPQUFPO0VBQzlCLElBQUlDLFNBQVM7RUFFYmxCLFdBQVcsR0FBR0EsV0FBVyxJQUFJaUIsY0FBYztFQUMzQ2xCLGVBQWUsR0FBR0EsZUFBZSxJQUFJLENBQUM7RUFFdEMsTUFBTW9CLFFBQVEsR0FBRyxNQUFNdEIsa0JBQWtCLENBQUNDLEtBQUssRUFBRUMsZUFBZSxFQUFFQyxXQUFXLENBQUM7RUFDOUUsTUFBTW9CLFVBQVUsR0FBR0QsUUFBUSxDQUFDRSxTQUFTLElBQUlGLFFBQVEsQ0FBQ0csWUFBWTtFQUU5RCxJQUFJO0lBQ0ZKLFNBQVMsR0FBR3hCLEdBQUcsQ0FBQzZCLE1BQU0sQ0FBQ2IsS0FBSyxFQUFFVSxVQUFVLEVBQUU7TUFDeENJLFVBQVUsRUFBRVQsU0FBUztNQUNyQjtNQUNBVSxRQUFRLEVBQUViO0lBQ1osQ0FBQyxDQUFDO0VBQ0osQ0FBQyxDQUFDLE9BQU9jLFNBQVMsRUFBRTtJQUNsQixNQUFNQyxPQUFPLEdBQUdELFNBQVMsQ0FBQ0MsT0FBTztJQUVqQyxNQUFNLElBQUlwQyxLQUFLLENBQUNnQixLQUFLLENBQUNoQixLQUFLLENBQUNnQixLQUFLLENBQUNDLGdCQUFnQixFQUFFLEdBQUdtQixPQUFPLEVBQUUsQ0FBQztFQUNuRTtFQUVBLElBQUlULFNBQVMsQ0FBQ1UsR0FBRyxLQUFLaEMsWUFBWSxFQUFFO0lBQ2xDLE1BQU0sSUFBSUwsS0FBSyxDQUFDZ0IsS0FBSyxDQUNuQmhCLEtBQUssQ0FBQ2dCLEtBQUssQ0FBQ0MsZ0JBQWdCLEVBQzVCLDhEQUE4RFosWUFBWSxZQUFZc0IsU0FBUyxDQUFDVSxHQUFHLEVBQ3JHLENBQUM7RUFDSDtFQUVBLElBQUlWLFNBQVMsQ0FBQ1csR0FBRyxLQUFLbEIsRUFBRSxFQUFFO0lBQ3hCLE1BQU0sSUFBSXBCLEtBQUssQ0FBQ2dCLEtBQUssQ0FBQ2hCLEtBQUssQ0FBQ2dCLEtBQUssQ0FBQ0MsZ0JBQWdCLEVBQUUscUNBQXFDLENBQUM7RUFDNUY7RUFDQSxPQUFPVSxTQUFTO0FBQ2xCLENBQUM7O0FBRUQ7QUFDQSxTQUFTWSxnQkFBZ0JBLENBQUNDLFFBQVEsRUFBRUMsT0FBTyxHQUFHLENBQUMsQ0FBQyxFQUFFO0VBQ2hELE9BQU92QixhQUFhLENBQUNzQixRQUFRLEVBQUVDLE9BQU8sQ0FBQztBQUN6Qzs7QUFFQTtBQUNBLFNBQVNDLGFBQWFBLENBQUEsRUFBRztFQUN2QixPQUFPQyxPQUFPLENBQUNDLE9BQU8sQ0FBQyxDQUFDO0FBQzFCO0FBRUFDLE1BQU0sQ0FBQ0MsT0FBTyxHQUFHO0VBQ2ZKLGFBQWE7RUFDYkg7QUFDRixDQUFDIiwiaWdub3JlTGlzdCI6W119