Untitled


const moment = require('moment');
const fetch = require('request-promise');
const jws = require('jws-jwk');

class Apple {
  async decode(identityToken) {
    const response = await fetch({
      json: true,
      method: 'GET',
      url: 'https://appleid.apple.com/auth/keys'
    });

    let verified = false;

    for (let i = 0; i < response.keys.length; i += 1) {
      const jwk = response.keys[0];

      const verifiedByKey = jws.verify(
        identityToken,
        jwk
      );
      if (verifiedByKey) {
        verified = true;
      }
    }


    if (!verified) {
      throw new Error('Identity token not valid');
    }

    const payload = JSON.parse(jws.decode(identityToken).payload);

    const date = new Date(payload.exp * 1000);

    if (moment(date).isBefore(new Date())) {
      throw new Error('Identity token not valid, time expired');
    }

    return payload;
  }
}

module.exports = Apple;