chore[jwt-verifier]: remove configuration validation dep - OKTA-404739

chore: upgrade deps update version & changelog OKTA-404739 <<<Jenkins Check-In of Tested SHA: b87159038280a4f5a84a07184275d63bca7b1570 for [email protected]>>> Artifact: okta-oidc-js Files changed count: 4 PR Link: "okta/okta-oidc-js#1012"
okta · Jun 24, 2021 · fa39e8a · fa39e8a
1 parent 239ebea
commit fa39e8a
Show file tree

Hide file tree

Showing 4 changed files with 1,324 additions and 976 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,9 @@
+# 2.2.0
+
+### Other
+
+- [#1012](https:/okta/okta-oidc-js/pull/1012) Removes @okta/configuration-validation dependency
+
 # 2.1.0
 
 ### Other

diff --git a/lib.js b/lib.js
@@ -13,10 +13,52 @@
 const jwksClient = require('jwks-rsa');
 const nJwt = require('njwt');
 
-const {
- assertIssuer,
- assertClientId,
-} = require('@okta/configuration-validation');
+class ConfigurationValidationError extends Error {}
+
+const findDomainURL = 'https://bit.ly/finding-okta-domain';
+const findAppCredentialsURL = 'https://bit.ly/finding-okta-app-credentials';
+
+const assertIssuer = (issuer, testing = {}) => {
+ const isHttps = new RegExp('^https://');
+ const hasDomainAdmin = /-admin.(okta|oktapreview|okta-emea).com/;
+ const copyMessage = 'You can copy your domain from the Okta Developer ' +
+ 'Console. Follow these instructions to find it: ' + findDomainURL;
+
+ if (testing.disableHttpsCheck) {
+ const httpsWarning = 'Warning: HTTPS check is disabled. ' +
+ 'This allows for insecure configurations and is NOT recommended for production use.';
+ /* eslint-disable-next-line no-console */
+ console.warn(httpsWarning);
+ }
+
+ if (!issuer) {
+ throw new ConfigurationValidationError('Your Okta URL is missing. ' + copyMessage);
+ } else if (!testing.disableHttpsCheck && !issuer.match(isHttps)) {
+ throw new ConfigurationValidationError(
+ 'Your Okta URL must start with https. ' +
+ `Current value: ${issuer}. ${copyMessage}`
+ );
+ } else if (issuer.match(/{yourOktaDomain}/)) {
+ throw new ConfigurationValidationError('Replace {yourOktaDomain} with your Okta domain. ' + copyMessage);
+ } else if (issuer.match(hasDomainAdmin)) {
+ throw new ConfigurationValidationError(
+ 'Your Okta domain should not contain -admin. ' +
+ `Current value: ${issuer}. ${copyMessage}`
+ );
+ }
+};
+
+const assertClientId = (clientId) => {
+ const copyCredentialsMessage = 'You can copy it from the Okta Developer Console ' +
+ 'in the details for the Application you created. ' +
+ `Follow these instructions to find it: ${findAppCredentialsURL}`;
+
+ if (!clientId) {
+ throw new ConfigurationValidationError('Your client ID is missing. ' + copyCredentialsMessage);
+ } else if (clientId.match(/{clientId}/)) {
+ throw new ConfigurationValidationError('Replace {clientId} with the client ID of your Application. ' + copyCredentialsMessage);
+ }
+};
 
 class AssertedClaimsVerifier {
  constructor() {

diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@okta/jwt-verifier",
- "version": "2.1.0",
+ "version": "2.2.0",
  "description": "Easily validate Okta access tokens",
  "repository": "https:/okta/okta-oidc-js",
  "homepage": "https:/okta/okta-oidc-js/tree/master/packages/jwt-verifier",
@@ -37,7 +37,6 @@
  },
  "license": "Apache-2.0",
  "dependencies": {
- "@okta/configuration-validation": "^1.0.0",
  "jwks-rsa": "1.12.1",
  "njwt": "^1.0.0"
  },