Add Flex Token Verification logic to SDK

gnongsie · gnongsie · commit 3dc8f29c00f1 · 2019-12-10T21:50:00.000+05:30
diff --git a/generator/cybersource-javascript-template/index.mustache b/generator/cybersource-javascript-template/index.mustache
@@ -58,6 +58,8 @@
      */</emitJSDoc>
     <importPath>: <importPath></apis></apiInfo>
   };
+  
+  exports.TokenVerification = require('./utilities/flex/TokenVerification.js');
 
   return exports;<={{ }}=>
 }));
diff --git a/src/utilities/flex/TokenVerification.js b/src/utilities/flex/TokenVerification.js
@@ -0,0 +1,50 @@
+'use strict';
+
+const crypto = require('crypto');
+const jwkToPem = require('jwk-to-pem');
+
+/**
+ * This function has all the merchentConfig properties getters and setters methods
+ * 
+ * @param  result 
+ */
+function TokenVerification() {
+
+}
+
+function isPemFormattedString(input) {
+  	return typeof input === 'string' && /^-----BEGIN PUBLIC KEY-----[\S\s]*-----END PUBLIC KEY-----/.test(input);
+  }
+   
+  function isBase64String(input) {
+  	return typeof input === 'string' && /^[a-zA-Z0-9+/=]*$/g.test(input);
+  }
+   
+  function base64toPem(base64) {
+  	const urlDecoded = base64.replace(/-/g, '+').replace(/_/g, '/');
+   
+  	return [
+  		'-----BEGIN PUBLIC KEY-----',
+  		...urlDecoded.match(/.{1,64}/g),
+  		'-----END PUBLIC KEY-----',
+  	].join('\n');
+  }
+
+TokenVerification.prototype.verifyToken = function verifyToken(publicKey, token) {
+    if (typeof token !== 'object' || !token) throw new Error('Invalid token object');
+	if (!Object.prototype.hasOwnProperty.call(token, 'signature')) throw new Error('token.signature is missing');
+	if (!Object.prototype.hasOwnProperty.call(token, 'signedFields')) throw new Error('token.signedFields is missing');
+ 
+	let pem;
+	if (typeof publicKey === 'object') pem = jwkToPem(publicKey);
+	else if (isPemFormattedString(publicKey)) pem = publicKey;
+	else if (isBase64String(publicKey)) pem = base64toPem(publicKey);
+	else {
+		throw new Error('Invalid publicKey parameter');
+	}
+ 
+	const dataToVerify = token.signedFields.split(',').map(field => token[field]).join(',');
+	return crypto.createVerify('RSA-SHA512').update(dataToVerify).verify(pem, token.signature, 'base64');
+};
+
+module.exports = TokenVerification;
