validateApplicationLevelSignature | /mod.ts | oauth4webapi@v3.1.2

Module

x/oauth4webapi/mod.ts>validateApplicationLevelSignature

Low-Level OAuth 2 / OpenID Connect Client API for JavaScript Runtimes

panva/oauth4webapi

Latest

build conformance docs examples src tap

mod.ts (default module)

AuthorizationResponseError

OperationProcessingError

ResponseBodyError

UnsupportedOperationError

WWWAuthenticateChallengeError

AuthorizationDetails

AuthorizationServer

Client

ClientCredentialsGrantRequestOptions

ConfirmationClaims

CryptoKeyPair

DeviceAuthorizationRequestOptions

DeviceAuthorizationResponse

DiscoveryRequestOptions

DPoPHandle

DPoPRequestOptions

ExportedJWKSCache

GenerateKeyPairOptions

HttpRequestOptions

IDToken

IntrospectionRequestOptions

IntrospectionResponse

JWK

ModifyAssertionFunction

ModifyAssertionOptions

MTLSEndpointAliases

OAuth2Error

PrivateKey

ProcessAuthorizationCodeResponseOptions

ProtectedResourceRequestOptions

PushedAuthorizationRequestOptions

PushedAuthorizationResponse

RevocationRequestOptions

TokenEndpointRequestOptions

TokenEndpointResponse

UserInfoAddress

UserInfoRequestOptions

UserInfoResponse

ValidateJWTAccessTokenOptions

ValidateSignatureOptions

WWWAuthenticateChallenge

WWWAuthenticateChallengeParameters

ProtectedResourceRequestBody

allowInsecureRequests

AUTHORIZATION_RESPONSE_ERROR

HTTP_REQUEST_FORBIDDEN

INVALID_REQUEST

INVALID_RESPONSE

INVALID_SERVER_METADATA

JSON_ATTRIBUTE_COMPARISON

JWT_USERINFO_EXPECTED

KEY_SELECTION

MISSING_SERVER_METADATA

modifyAssertion

PARSE_ERROR

REQUEST_PROTOCOL_FORBIDDEN

RESPONSE_BODY_ERROR

RESPONSE_IS_NOT_CONFORM

UNSUPPORTED_OPERATION

WWW_AUTHENTICATE_CHALLENGE

authorizationCodeGrantRequest

calculatePKCECodeChallenge

clientCredentialsGrantRequest

ClientSecretBasic

ClientSecretJwt

ClientSecretPost

deviceAuthorizationRequest

deviceCodeGrantRequest

discoveryRequest

DPoP

generateKeyPair

generateRandomCodeVerifier

generateRandomNonce

generateRandomState

genericTokenEndpointRequest

getValidatedIdTokenClaims

processAuthorizationCodeResponse

processClientCredentialsResponse

processDeviceAuthorizationResponse

processDeviceCodeResponse

processDiscoveryResponse

processGenericTokenEndpointResponse

processIntrospectionResponse

processPushedAuthorizationResponse

processRefreshTokenResponse

processRevocationResponse

processUserInfoResponse

protectedResourceRequest

pushedAuthorizationRequest

refreshTokenGrantRequest

revocationRequest

TlsClientAuth

userInfoRequest

validateApplicationLevelSignature

validateAuthResponse

validateCodeIdTokenResponse

validateDetachedSignatureResponse

validateJwtAccessToken

validateJwtAuthResponse

ava.config.mjs

default

function validateApplicationLevelSignature

import { validateApplicationLevelSignature } from "https://deno.land/x/oauth4webapi@v3.1.2/mod.ts";

validateApplicationLevelSignature(

as: AuthorizationServer,

ref: Response,

options?: ValidateSignatureOptions,

): Promise<void>

Validates the JWS Signature of either a JWT !Response.body or TokenEndpointResponse.id_token of a processed !Response

Note: Validating signatures of JWTs received via direct communication between the Client and a TLS-secured Endpoint (which it is here) is not mandatory since the TLS server validation is used to validate the issuer instead of checking the token signature. You only need to use this method for non-repudiation purposes.

Note: Supports only digital signatures.

Parameters

as: AuthorizationServer

Authorization Server Metadata.

ref: Response

Response previously processed by this module that contained an ID Token or its response body was a JWT

optional

options: ValidateSignatureOptions

Returns

Promise<void>

Resolves if the signature validates, rejects otherwise.