| b69ab31 | | | 1 | /** |
| b69ab31 | | | 2 | * Copyright (c) Meta Platforms, Inc. and affiliates. |
| b69ab31 | | | 3 | * |
| b69ab31 | | | 4 | * This source code is licensed under the MIT license found in the |
| b69ab31 | | | 5 | * LICENSE file in the root directory of this source tree. |
| b69ab31 | | | 6 | */ |
| b69ab31 | | | 7 | |
| b69ab31 | | | 8 | import {timingSafeEqual} from 'node:crypto'; |
| b69ab31 | | | 9 | |
| b69ab31 | | | 10 | /** |
| b69ab31 | | | 11 | * Timing safe comparison of tokens coming from strings. |
| b69ab31 | | | 12 | */ |
| b69ab31 | | | 13 | export function areTokensEqual(a: string, b: string): boolean { |
| b69ab31 | | | 14 | const aBuf = Buffer.from(a); |
| b69ab31 | | | 15 | const bBuf = Buffer.from(b); |
| b69ab31 | | | 16 | return aBuf.length === bBuf.length && timingSafeEqual(aBuf, bBuf); |
| b69ab31 | | | 17 | } |