MCPcopy
hub / github.com/kriasoft/graphql-starter-kit / getIdToken

Function getIdToken

server/core/auth.ts:53–89  ·  view source on GitHub ↗
(req: Request)

Source from the content-addressed store, hash-verified

51const idTokenClients = new Map<string, IdTokenClient>();
52
53export async function getIdToken(req: Request) {
54 try {
55 const idToken = req.headers.get("authorization")?.replace(/^Bearer /i, "");
56 let result: DecodedIdToken | null = null;
57
58 if (idToken) {
59 const certificatesPromise = fetchCertificates();
60 const audience = env.GOOGLE_CLOUD_PROJECT;
61 let idTokenClient = idTokenClients.get(audience);
62
63 if (!idTokenClient) {
64 idTokenClient = await auth.getIdTokenClient(audience);
65 idTokenClients.set(audience, idTokenClient);
66 }
67
68 const ticket = await idTokenClient.verifySignedJwtWithCertsAsync(
69 idToken,
70 await certificatesPromise,
71 audience,
72 [`https://securetoken.google.com/${env.GOOGLE_CLOUD_PROJECT}`],
73 );
74
75 const token = ticket.getPayload();
76
77 if (token) {
78 if ("user_id" in token) delete token.user_id;
79 Object.assign(token, { uid: token.sub });
80 result = token as DecodedIdToken;
81 }
82 }
83
84 return result;
85 } catch (err) {
86 console.log(err);
87 return null;
88 }
89}
90
91// #region Types
92

Callers 1

contextFunction · 0.90

Calls 1

fetchCertificatesFunction · 0.85

Tested by

no test coverage detected