| Quellcodebibliothek Statistik Leitseite products/Sources/formale Sprachen/C/Firefox/testing/web-platform/tests/push-api/resources/ (Browser von der Mozilla Stiftung Version 136.0.1©) Datei vom 10.2.2025 mit Größe 3 kB |
|
Quelle vapid.js Sprache: JAVA |
|||||||||||||||
|
function toBase64Url(array) { return btoa([...array].map(c => String.fromCharCode(c)).join('')).replaceAll("+", "-" } class VAPID { #publicKey; #privateKey; constructor(publicKey, privateKey) { this.#publicKey = publicKey; this.#privateKey = privateKey; } get publicKey() { return this.#publicKey; } async #jws(audience) { // https://datatracker.ietf.org/doc/html/rfc7515#section-3.1 // BASE64URL(UTF8(JWS Protected Header)) || '.' || // BASE64URL(JWS Payload) || '.' || // BASE64URL(JWS Signature) // https://datatracker.ietf.org/doc/html/rfc8292#section-2 // ECDSA on the NIST P-256 curve [FIPS186], which is identified as "ES256" [RFC7518]. const rawHeader = { typ: "JWT", alg: "ES256" }; const header = toBase64Url(new TextEncoder().encode(JSON.stringify(rawHeader))); // https://datatracker.ietf.org/doc/html/rfc8292#section-2 const rawPayload = { // An "aud" (Audience) claim in the token MUST include the Unicode // serialization of the origin (Section 6.1 of [RFC6454]) of the push // resource URL. aud: audience, // An "exp" (Expiry) claim MUST be included with the time after which // the token expires. exp: parseInt(new Date().getTime() / 1000) + 24 * 60 * 60, // seconds, 24hr // The "sub" claim SHOULD include a contact URI for the application server as either a // "mailto:" (email) [RFC6068] or an "https:" [RFC2818] URI. sub: "mailto:webpush@example.com", }; const payload = toBase64Url(new TextEncoder().encode(JSON.stringify(rawPayload))); const input = `${header}.${payload}`; // https://datatracker.ietf.org/doc/html/rfc7518#section-3.1 // ES256 | ECDSA using P-256 and SHA-256 const rawSignature = await crypto.subtle.sign({ name: "ECDSA", namedCurve: "P-256", hash: { name: "SHA-256" }, }, this.#privateKey, new TextEncoder().encode(input)); const signature = toBase64Url(new Uint8Array(rawSignature)); return `${input}.${signature}`; } async generateAuthHeader(audience) { // https://datatracker.ietf.org/doc/html/rfc8292#section-3.1 // The "t" parameter of the "vapid" authentication scheme carries a JWT // as described in Section 2. const t = await this.#jws(audience); // https://datatracker.ietf.org/doc/html/rfc8292#section-3.2 // The "k" parameter includes an ECDSA public key [FIPS186] in // uncompressed form [X9.62] that is encoded using base64url encoding // [RFC7515]. const k = toBase64Url(this.#publicKey) return `vapid t=${t},k=${k}`; } }; export async function createVapid() { // https://datatracker.ietf.org/doc/html/rfc8292#section-2 // The signature MUST use ECDSA on the NIST P-256 curve [FIPS186] const keys = await crypto.subtle.generateKey({ name: "ECDSA", namedCurve: "P-256" }, true, const publicKey = new Uint8Array(await crypto.subtle.exportKey("raw", keys.publicKey)) const privateKey = keys.privateKey; return new VAPID(publicKey, privateKey); };
¤ Dauer der Verarbeitung: 0.3 Sekunden ¤*© Formatika GbR, Deutschland |
|
||||||||||||||
2026-04-02