validateDetachedSignatureResponse | /mod.ts | oauth4webapi@v3.1.2

Module

x/oauth4webapi/mod.ts>validateDetachedSignatureResponse

Low-Level OAuth 2 / OpenID Connect Client API for JavaScript Runtimes

panva/oauth4webapi

Latest

build conformance docs examples src tap

mod.ts (default module)

AuthorizationResponseError

OperationProcessingError

ResponseBodyError

UnsupportedOperationError

WWWAuthenticateChallengeError

AuthorizationDetails

AuthorizationServer

Client

ClientCredentialsGrantRequestOptions

ConfirmationClaims

CryptoKeyPair

DeviceAuthorizationRequestOptions

DeviceAuthorizationResponse

DiscoveryRequestOptions

DPoPHandle

DPoPRequestOptions

ExportedJWKSCache

GenerateKeyPairOptions

HttpRequestOptions

IDToken

IntrospectionRequestOptions

IntrospectionResponse

JWK

ModifyAssertionFunction

ModifyAssertionOptions

MTLSEndpointAliases

OAuth2Error

PrivateKey

ProcessAuthorizationCodeResponseOptions

ProtectedResourceRequestOptions

PushedAuthorizationRequestOptions

PushedAuthorizationResponse

RevocationRequestOptions

TokenEndpointRequestOptions

TokenEndpointResponse

UserInfoAddress

UserInfoRequestOptions

UserInfoResponse

ValidateJWTAccessTokenOptions

ValidateSignatureOptions

WWWAuthenticateChallenge

WWWAuthenticateChallengeParameters

ProtectedResourceRequestBody

allowInsecureRequests

AUTHORIZATION_RESPONSE_ERROR

HTTP_REQUEST_FORBIDDEN

INVALID_REQUEST

INVALID_RESPONSE

INVALID_SERVER_METADATA

JSON_ATTRIBUTE_COMPARISON

JWT_USERINFO_EXPECTED

KEY_SELECTION

MISSING_SERVER_METADATA

modifyAssertion

PARSE_ERROR

REQUEST_PROTOCOL_FORBIDDEN

RESPONSE_BODY_ERROR

RESPONSE_IS_NOT_CONFORM

UNSUPPORTED_OPERATION

WWW_AUTHENTICATE_CHALLENGE

authorizationCodeGrantRequest

calculatePKCECodeChallenge

clientCredentialsGrantRequest

ClientSecretBasic

ClientSecretJwt

ClientSecretPost

deviceAuthorizationRequest

deviceCodeGrantRequest

discoveryRequest

DPoP

generateKeyPair

generateRandomCodeVerifier

generateRandomNonce

generateRandomState

genericTokenEndpointRequest

getValidatedIdTokenClaims

processAuthorizationCodeResponse

processClientCredentialsResponse

processDeviceAuthorizationResponse

processDeviceCodeResponse

processDiscoveryResponse

processGenericTokenEndpointResponse

processIntrospectionResponse

processPushedAuthorizationResponse

processRefreshTokenResponse

processRevocationResponse

processUserInfoResponse

protectedResourceRequest

pushedAuthorizationRequest

refreshTokenGrantRequest

revocationRequest

TlsClientAuth

userInfoRequest

validateApplicationLevelSignature

validateAuthResponse

validateCodeIdTokenResponse

validateDetachedSignatureResponse

validateJwtAccessToken

validateJwtAuthResponse

ava.config.mjs

default

function validateDetachedSignatureResponse

import { validateDetachedSignatureResponse } from "https://deno.land/x/oauth4webapi@v3.1.2/mod.ts";

validateDetachedSignatureResponse(

as: AuthorizationServer,

client: Client,

parameters: URLSearchParams | URL | Request,

expectedNonce: string,

expectedState?: string | expectNoState,

maxAge?: number | skipAuthTimeCheck,

options?: ValidateSignatureOptions & JWEDecryptOptions,

): Promise<URLSearchParams>

Same as validateAuthResponse but for FAPI 1.0 Advanced Detached Signature authorization responses.

Parameters

as: AuthorizationServer

Authorization Server Metadata.

client: Client

Client Metadata.

parameters: URLSearchParams | URL | Request

Authorization Response parameters as URLSearchParams, instance of URL with parameters in a fragment/hash, or a form_post Request instance.

expectedNonce: string

Expected ID Token nonce claim value.

optional

expectedState: string | expectNoState

Expected state parameter value. Default is expectNoState.

optional

maxAge: number | skipAuthTimeCheck

ID Token IDToken.auth_time | auth_time claim value will be checked to be present and conform to the maxAge value. Use of this option is required if you sent a max_age parameter in an authorization request. Default is Client.default_max_age | client.default_max_age and falls back to skipAuthTimeCheck.

optional

options: ValidateSignatureOptions & JWEDecryptOptions

Returns

Promise<URLSearchParams>

Validated Authorization Response parameters. Authorization Error Responses are rejected using AuthorizationResponseError.