(dpopStore: DPoPStore, nonce?: string)
| 210 | } |
| 211 | |
| 212 | async getDpopProof(dpopStore: DPoPStore, nonce?: string): Promise<string> { |
| 213 | let keyPair: CryptoKeyPair; |
| 214 | let dpopState: DPoPState; |
| 215 | |
| 216 | if (!(await dpopStore.getAllKeys()).includes(this.settings.client_id)) { |
| 217 | keyPair = await CryptoUtils.generateDPoPKeys(); |
| 218 | dpopState = new DPoPState(keyPair, nonce); |
| 219 | await dpopStore.set(this.settings.client_id, dpopState); |
| 220 | } else { |
| 221 | dpopState = await dpopStore.get(this.settings.client_id); |
| 222 | |
| 223 | // if the server supplied nonce has changed since the last request, update the nonce |
| 224 | if (dpopState.nonce !== nonce && nonce) { |
| 225 | dpopState.nonce = nonce; |
| 226 | await dpopStore.set(this.settings.client_id, dpopState); |
| 227 | } |
| 228 | } |
| 229 | |
| 230 | return await CryptoUtils.generateDPoPProof({ |
| 231 | url: await this.metadataService.getTokenEndpoint(false), |
| 232 | httpMethod: "POST", |
| 233 | keyPair: dpopState.keys, |
| 234 | nonce: dpopState.nonce, |
| 235 | }); |
| 236 | } |
| 237 | |
| 238 | public async processResourceOwnerPasswordCredentials({ |
| 239 | username, |
no test coverage detected