/**
 * Minified by jsDelivr using Terser v5.39.0.
 * Original file: /npm/alexa-verifier@4.0.0/index.js
 *
 * Do NOT use SRI with dynamically generated files! More information: https://www.jsdelivr.com/using-sri-with-dynamic-files
 */
import crypto from"crypto";import fetchCert from"./fetch-cert.js";import url from"url";import validateCert from"./validate-cert.js";import validateCertUri from"./validate-cert-uri.js";import validator from"validator";const TIMESTAMP_TOLERANCE=150,SIGNATURE_FORMAT="base64",CHARACTER_ENCODING="utf8";function getCert(e,t){const r={url:url.parse(e)},i=validateCertUri(r.url);if(!0!==i)return process.nextTick(t,i);fetchCert(r,(function(e,r){return e||(e=validateCert(r))?t(e):void t(e,r)}))}function isValidSignature(e,t,r){const i=crypto.createVerify("RSA-SHA256");return i.update(r,"utf8"),i.verify(e,t,"base64")}function validateTimestamp(e){let t,r,i;try{i=JSON.parse(e)}catch(r){return t=r,"request body invalid json"}if(!i.request||!i.request.timestamp)return"Timestamp field not present in request";const n=new Date(i.request.timestamp),s=(new Date).getTime()-15e4;return n.getTime()<s?"Request is from more than 150 seconds ago":void 0}function verifier(e,t,r,i){if(!e)return process.nextTick(i,"missing certificate url");if(!t)return process.nextTick(i,"missing signature");if(!r)return process.nextTick(i,"missing request (certificate) body");if(!validator.isBase64(t))return process.nextTick(i,"invalid signature (not base64 encoded)");const n=validateTimestamp(r);if(n)return process.nextTick(i,n);getCert(e,(function(e,n){return e?i(e):isValidSignature(n,t,r)?void i():i("invalid signature")}))}export default function alexaVerifier(e,t,r,i){return i?verifier(e,t,r,i):new Promise((function(i,n){verifier(e,t,r,(function(e){if(e)return n(e);i()}))}))}
//# sourceMappingURL=/sm/36986a8fd06388899465f6b94ac64eba0615a7656f0f0fedc5043884e3b4371d.map