search

magiclabs / magic-admin-js

Magic admin Node.js SDK makes it easy to leverage Decentralized ID tokens to protect routes and restricted resources for your application.
https://docs.magic.link/admin-sdk/node-js
MIT License
75 stars 33 forks source link

Validate 'aud' in DID Token #111

Closed magic-ravi closed 1 year ago

magic-ravi commented 1 year ago

📦 Pull Request

✅ Fixed Issues

N/A

🚨 Test instructions

  1. yarn build && npm link
  2. In new repo run npm link @magic-sdk/admin@1.10.0
  3. Try the following code snippet
const { Magic } = require('@magic-sdk/admin');

const maSecretKey = "";
const mcSecretKey = "";
const maClientId = "";

const DIDT = "";

async function exec() {
    const magicAuth = await Magic.init(maSecretKey);
   magicAuth.token.validate(DIDT);
    console.log("MA Token validated.")
    const metadataResult = await magicAuth.users.getMetadataByToken(DIDT);
    console.log(metadataResult);

   // old constructor way
   const oldMagicAuth = new Magic(maSecretKey);
   oldMagicAuth.token.validate(DIDT);
   console.log(oldMagicAuth.users.getMetadataByToken(DIDT));

    const magicConnect = await Magic.init(mcSecretKey);
    // Should fail
    try {
        await magicConnect.token.validate(DIDT);
    } catch (e) {
       console.log(e);
    }
    try {
        await magicConnect.users.getMetadataByToken(DIDT);
    } catch (e) {
        console.log(e);
    }

    const magicConnectWithClient = await Magic.init(mcSecretKey, {clientId: maClientId});
    await magicConnectWithClient.token.validate(DIDT);
    console.log("MC Token validated with MA client ID.");
}

⚠️ Don't forget to add a semver label!

magiclabsFE commented 1 year ago

:rocket: PR was released in v2.0.0 :rocket: