Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Top 3 Examples of "idtoken-verifier in functional component" in JavaScript

Dive into secure and efficient coding practices with our curated list of the top 10 examples showcasing 'idtoken-verifier' in functional components in JavaScript. Our advanced machine learning engine meticulously scans each line of code, cross-referencing millions of open source libraries to ensure your implementation is not just functional, but also robust and secure. Elevate your React applications to new heights by mastering the art of handling side effects, API calls, and asynchronous operations with confidence and precision.

}
      );
    }

    if (
      validationError.error !== 'invalid_token' ||
      (validationError.errorDescription &&
        validationError.errorDescription.indexOf(
          'Nonce (nonce) claim value mismatch in the ID token'
        ) > -1)
    ) {
      return callback(validationError);
    }

    // if it's an invalid_token error, decode the token
    var decodedToken = new IdTokenVerifier().decode(parsedHash.id_token);

    // if the alg is not HS256, return the raw error
    if (decodedToken.header.alg !== 'HS256') {
      return callback(validationError);
    }

    if ((decodedToken.payload.nonce || null) !== transactionNonce) {
      return callback({
        error: 'invalid_token',
        errorDescription:
          'Nonce (nonce) claim value mismatch in the ID token; expected "' +
          transactionNonce +
          '", found "' +
          decodedToken.payload.nonce +
          '"'
      });
return this.validateToken(parsedHash.id_token, transactionNonce, function(
    validationError,
    payload
  ) {
    if (!validationError) {
      if (!parsedHash.access_token) {
        return callback(null, payload);
      }
      // id_token's generated by non-oidc applications don't have at_hash
      if (!payload.at_hash) {
        return callback(null, payload);
      }
      // here we're absolutely sure that the id_token's alg is RS256
      // and that the id_token is valid, so we can check the access_token
      return new IdTokenVerifier().validateAccessToken(
        parsedHash.access_token,
        'RS256',
        payload.at_hash,
        function(err) {
          if (err) {
            return callback(error.invalidToken(err.message));
          }
          return callback(null, payload);
        }
      );
    }

    if (
      validationError.error !== 'invalid_token' ||
      (validationError.errorDescription &&
        validationError.errorDescription.indexOf(
WebAuth.prototype.validateToken = function(token, nonce, cb) {
  var verifier = new IdTokenVerifier({
    issuer: this.baseOptions.token_issuer,
    jwksURI: this.baseOptions.jwksURI,
    audience: this.baseOptions.clientID,
    leeway: this.baseOptions.leeway || 60,
    maxAge: this.baseOptions.maxAge,
    __clock: this.baseOptions.__clock || defaultClock
  });

  verifier.verify(token, nonce, function(err, payload) {
    if (err) {
      return cb(error.invalidToken(err.message));
    }

    cb(null, payload);
  });
};

Is your System Free of Underlying Vulnerabilities?
Find Out Now