@arcblock/abt-did - npm Package Compare versions

Comparing version 0.15.0 to 0.15.1

lib/index.js

@@ -230,3 +230,3 @@ const upperFirst = require('lodash/upperFirst');
   const header = headers[type.pk];
-  const headerB64 = base64.escape(base64.encode(JSON.stringify(header)));
+  const headerB64 = base64.escape(base64.encode(stringify(header)));
 
@@ -238,3 +238,3 @@ // make body
       iss: did.indexOf(DID_PREFIX) === 0 ? did : `${DID_PREFIX}${did}`,
-      ist: timestamp,
+      iat: timestamp,
       nbf: timestamp,
@@ -294,3 +294,3 @@ exp: timestamp + 30 * 60,
  */
-const jwtVerify = (token, pk) => {
+const jwtVerify = (token, pk, tolerance = 5) => {
   try {
@@ -315,2 +315,13 @@ const [headerB64, bodyB64] = token.split('.');
 
+    const timestamp = Math.ceil(Date.now() / 1000) + tolerance;
+    if (body.exp && body.exp < timestamp) {
+      return false;
+    }
+    if (body.iat && body.iat > timestamp) {
+      return false;
+    }
+    if (body.nbf && body.nbf > timestamp) {
+      return false;
+    }
+
     const signers = {
@@ -338,2 +349,3 @@ secp256k1: getSigner(types.KeyType.SECP256K1),
 module.exports = {
+  DID_PREFIX,
   types,
@@ -340,0 +352,0 @@ toStrictHex,

package.json

 {
   "name": "@arcblock/abt-did",
-  "version": "0.15.0",
+  "version": "0.15.1",
   "description": "Javascript lib to work with ArcBlock DID",
@@ -50,3 +50,3 @@ "keywords": [
   },
-  "gitHead": "4ef4154c785ba27f71f5af2d66e67270857b4750"
+  "gitHead": "d5527d87709d29ca624450e50128519cbb62a98d"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

15048

increased by2.03%

Lines of code

385

increased by2.94%

No dependency changes