feat: support to generate a token from a JSON object (#14)

* feat: support to generate a token from a JSON object

* chore: use generateFromJson in example

Author: birme

readme.md

@@ -208,20 +208,20 @@ const generator = new CAT({
     )
   }
 });
-const base64encoded = await generator.generate(
+const base64encoded = await generator.generateFromJson(
   {
     iss: 'coap://as.example.com',
     sub: 'jonas',
     aud: 'coap://light.example.com',
     exp: 1444064944,
     nbf: 1443944944,
     iat: 1443944944,
-    catr: CommonAccessTokenRenewal.fromDict({
+    catr: {
       type: 'header',
       'header-name': 'cta-common-access-token',
       expadd: 120,
       deadline: 60
-    }).payload
+    }
   },
   {
     type: 'mac',

src/index.test.ts

@@ -48,6 +48,68 @@ describe('CAT', () => {
     });
   });
 
+  test('can generate a token from a JSON object and verify it', async () => {
+    const generator = new CAT({
+      keys: {
+        Symmetric256: Buffer.from(
+          '403697de87af64611c1d32a05dab0fe1fcb715a86ab435f1ec99192d79569388',
+          'hex'
+        )
+      }
+    });
+    const base64encoded = await generator.generateFromJson(
+      {
+        iss: 'coap://as.example.com',
+        exp: Math.floor(Date.now() / 1000) + 60,
+        catr: {
+          type: 'header',
+          'header-name': 'cta-common-access-token',
+          expadd: 120,
+          deadline: 60
+        },
+        catu: {
+          scheme: {
+            'exact-match': 'https'
+          }
+        }
+      },
+      {
+        type: 'mac',
+        alg: 'HS256',
+        kid: 'Symmetric256'
+      }
+    );
+    const validator = new CAT({
+      keys: {
+        Symmetric256: Buffer.from(
+          '403697de87af64611c1d32a05dab0fe1fcb715a86ab435f1ec99192d79569388',
+          'hex'
+        )
+      }
+    });
+    const result = await validator.validate(base64encoded!, 'mac', {
+      issuer: 'coap://as.example.com',
+      url: new URL('https://example.com')
+    });
+    expect(result.error).not.toBeDefined();
+    expect(result.cat).toBeDefined();
+    expect(result.cat!.claims).toEqual({
+      iss: 'coap://as.example.com',
+      catr: {
+        deadline: 60,
+        expadd: 120,
+        'header-name': 'cta-common-access-token',
+        type: 'header'
+      },
+      catu: {
+        scheme: {
+          'exact-match': 'https'
+        }
+      },
+      exp: expect.any(Number)
+    });
+  });
+
   test('can validate a MAC:ed token with standard claims', async () => {
     const base64encoded =
       '0YRDoQEFoQRMU3ltbWV0cmljMjU2eDZkOTAxMDNhMTAxNzU2MzZmNjE3MDNhMmYyZjYxNzMyZTY1Nzg2MTZkNzA2YzY1MmU2MzZmNmRYIDL8dIteq8pMXXX9oL4eo2NX1kQUaselV6p/JHSEVXWX';

src/index.ts

@@ -1,5 +1,9 @@
 import crypto from 'crypto';
-import { CommonAccessToken, CommonAccessTokenFactory } from './cat';
+import {
+  CommonAccessToken,
+  CommonAccessTokenDict,
+  CommonAccessTokenFactory
+} from './cat';
 import { KeyNotFoundError } from './errors';
 
 export { CommonAccessToken } from './cat';
@@ -170,6 +174,29 @@ export class CAT {
     }
   }
 
+  public async generateFromJson(
+    dict: CommonAccessTokenDict,
+    opts?: CatGenerateOptions
+  ) {
+    if (opts?.generateCwtId) {
+      dict['cti'] = crypto.randomBytes(16).toString('hex');
+    }
+    const cat = CommonAccessTokenFactory.fromDict(dict);
+    if (opts && opts.type == 'mac') {
+      const key = this.keys[opts.kid];
+      if (!key) {
+        throw new Error('Key not found');
+      }
+      await cat.mac({ k: key, kid: opts.kid }, opts.alg, {
+        addCwtTag: this.expectCwtTag
+      });
+      if (!cat.raw) {
+        throw new Error('Failed to MAC token');
+      }
+      return cat.raw.toString('base64');
+    }
+  }
+
   public async renewToken(
     cat: CommonAccessToken,
     opts: CatRenewOptions