function _interopDefault (ex) { return (ex && (typeof ex === 'object') && 'default' in ex) ? ex['default'] : ex; }

var crypto = _interopDefault(require('isomorphic-webcrypto'));
var algos = require('jose-algorithms');
var jwkLite = require('jwk-lite');
var b64uLite = require('b64u-lite');
var str2buf = require('str2buf');

function decode(token) {
    if ( token === void 0 ) token = '';

    var parts = token.split('.');
    if (parts.length !== 3) 
        { throw new Error('token must have 3 parts'); }
    return {
        header: JSON.parse(b64uLite.fromBase64Url(parts[0])),
        payload: b64uLite.fromBase64Url(parts[1]),
        signedContent: str2buf.toUint8Array(parts[0] + '.' + parts[1]),
        signature: str2buf.toUint8Array(b64uLite.toBinaryString(parts[2]))
    };
}

function sign(payload, key, header) {
    if ( header === void 0 ) header = {};

    var alg = header.alg;
    return new Promise(function (resolve) {
        header.alg = (alg = alg || key.alg);
        if (!algos[alg]) 
            { throw new Error(("alg must be one of " + (Object.keys(algos)))); }
        resolve(b64uLite.toBase64Url(JSON.stringify(header)) + '.' + b64uLite.toBase64Url(payload));
    }).then(function (payloadString) {
        var buffer = str2buf.toUint8Array(payloadString);
        return jwkLite.importKey(key, {
            alg: alg
        }).then(function (signingKey) {
            var algo = Object.assign({}, algos[alg]);
            delete algo.namedCurve;
            return crypto.subtle.sign(algo, signingKey, buffer);
        }).then(function (signature) { return payloadString + '.' + b64uLite.fromBinaryString(str2buf.fromBuffer(signature)); });
    });
}

function verify(token, key, ref) {
    if ( ref === void 0 ) ref = {};
    var algorithms = ref.algorithms;

    algorithms = algorithms || Object.keys(algos);
    return new Promise(function (resolve) {
        resolve(decode(token));
    }).then(function (jws) {
        if (algorithms && !algorithms.includes(jws.header.alg)) 
            { throw new Error(("alg must be one of " + algorithms)); }
        if (!algos[jws.header.alg]) 
            { throw new Error(("alg must be one of " + (Object.keys(algos)))); }
        return jwkLite.importKey(key, {
            alg: jws.header.alg
        }).then(function (verifyingKey) { return crypto.subtle.verify(algos[jws.header.alg], verifyingKey, jws.signature, jws.signedContent); }).then(function (result) {
            if (!result) 
                { throw new Error('invalid token signature'); }
            return jws.payload;
        });
    });
}

exports.decode = decode;
exports.sign = sign;
exports.verify = verify;
//# sourceMappingURL=jws-lite.js.map