| 1 | /** |
| 2 | * Copyright (c) Meta Platforms, Inc. and affiliates. |
| 3 | * |
| 4 | * This source code is licensed under the MIT license found in the |
| 5 | * LICENSE file in the root directory of this source tree. |
| 6 | */ |
| 7 | |
| 8 | import {timingSafeEqual} from 'node:crypto'; |
| 9 | |
| 10 | /** |
| 11 | * Timing safe comparison of tokens coming from strings. |
| 12 | */ |
| 13 | export function areTokensEqual(a: string, b: string): boolean { |
| 14 | const aBuf = Buffer.from(a); |
| 15 | const bBuf = Buffer.from(b); |
| 16 | return aBuf.length === bBuf.length && timingSafeEqual(aBuf, bBuf); |
| 17 | } |
| 18 | |