fixup! feat: remove jsrsasign dependancy

Author: Fabian Wiles

projects/lib/src/token-validation/jwks-validation-handler.ts

@@ -107,15 +107,14 @@ export class JwksValidationHandler extends AbstractValidationHandler {
       return Promise.reject(error);
     }
 
-    const pem = jwkToPem(key)
-    try{
+    const pem = jwkToPem(key);
+    try {
       jwt.verify(
         params.idToken,
         pem,
         {algorithms: this.allowedAlgorithms, clockTolerance: this.gracePeriodInSec}
-      )
-    }
-    catch(err) {
+      );
+    } catch (err) {
       return Promise.reject('Signature not valid');
     }
     return Promise.resolve();
@@ -132,11 +131,12 @@ export class JwksValidationHandler extends AbstractValidationHandler {
     }
   }
 
-  calcHash(valueToHash: string, algorithm: string): string {
-    let hashAlg = new rs.KJUR.crypto.MessageDigest({ alg: algorithm });
-    let result = hashAlg.digestString(valueToHash);
-    let byteArrayAsString = this.toByteArrayAsString(result);
-    return byteArrayAsString;
+  async calcHash(valueToHash: string, algorithm: string): Promise<string> {
+    const encoder = new TextEncoder();
+    const valueAsBytes = encoder.encode(valueToHash);
+    const resultBytes = await window.crypto.subtle.digest(algorithm, valueAsBytes);
+    // the returned bytes are encoded as UTF-16
+    return String.fromCharCode.apply(null, new Uint16Array(resultBytes));
   }
 
   toByteArrayAsString(hexString: string) {

projects/lib/src/token-validation/null-validation-handler.ts

@@ -8,7 +8,7 @@ export class NullValidationHandler implements ValidationHandler {
   validateSignature(validationParams: ValidationParams): Promise<any> {
     return Promise.resolve(null);
   }
-  validateAtHash(validationParams: ValidationParams): boolean {
-    return true;
+  validateAtHash(validationParams: ValidationParams): Promise<boolean> {
+    return Promise.resolve(true);
   }
 }

projects/lib/src/token-validation/validation-handler.js

@@ -22,7 +22,7 @@ export abstract class ValidationHandler {
   /**
    * Validates the at_hash in an id_token against the received access_token.
    */
-  public abstract validateAtHash(validationParams: ValidationParams): boolean;
+  public abstract validateAtHash(validationParams: ValidationParams): Promise<boolean>;
 }
 
 /**
@@ -39,10 +39,10 @@ export abstract class AbstractValidationHandler implements ValidationHandler {
   /**
    * Validates the at_hash in an id_token against the received access_token.
    */
-  validateAtHash(params: ValidationParams): boolean {
+  async validateAtHash(params: ValidationParams): Promise<boolean> {
     let hashAlg = this.inferHashAlgorithm(params.idTokenHeader);
 
-    let tokenHash = this.calcHash(params.accessToken, hashAlg); // sha256(accessToken, { asString: true });
+    let tokenHash = await this.calcHash(params.accessToken, hashAlg); // sha256(accessToken, { asString: true });
 
     let leftMostHalf = tokenHash.substr(0, tokenHash.length / 2);
 
@@ -85,5 +85,5 @@ export abstract class AbstractValidationHandler implements ValidationHandler {
    * @param valueToHash
    * @param algorithm
    */
-  protected abstract calcHash(valueToHash: string, algorithm: string): string;
+  protected abstract calcHash(valueToHash: string, algorithm: string): Promise<string>;
 }