@arcblock/did
Advanced tools
Comparing version 0.28.0 to 0.28.1
@@ -249,9 +249,9 @@ /** | ||
// make body | ||
const timestamp = Math.floor(Date.now() / 1000); | ||
const now = Math.floor(Date.now() / 1000); | ||
let body = Object.assign( | ||
{ | ||
iss: did.indexOf(DID_PREFIX) === 0 ? did : `${DID_PREFIX}${did}`, | ||
iat: timestamp, | ||
nbf: timestamp, | ||
exp: timestamp + 30 * 60, | ||
iat: now, | ||
nbf: now, | ||
exp: now + 5 * 60, | ||
}, | ||
@@ -311,5 +311,7 @@ payload || {} | ||
* @param {string} pk - hex encoded public key | ||
* @param {number} [tolerance=5] - number of seconds to tolerant expire | ||
* @param {boolean} [verifyTimestamp=true] - whether should be verify timestamps? | ||
* @returns {boolean} | ||
*/ | ||
const jwtVerify = (token, pk, tolerance = 5) => { | ||
const jwtVerify = (token, pk, tolerance = 5, verifyTimestamp = true) => { | ||
try { | ||
@@ -319,5 +321,7 @@ const [headerB64, bodyB64] = token.split('.'); | ||
if (!signature) { | ||
debug('jwtVerify.error.emptySig'); | ||
return false; | ||
} | ||
if (!header.alg) { | ||
debug('jwtVerify.error.emptyAlg'); | ||
return false; | ||
@@ -328,2 +332,3 @@ } | ||
if (!did) { | ||
debug('jwtVerify.error.emptyDid'); | ||
return false; | ||
@@ -333,15 +338,25 @@ } | ||
if (isFromPublicKey(did, pk) === false) { | ||
debug('jwtVerify.error.did_pk_mismatch'); | ||
return false; | ||
} | ||
const timestamp = Math.ceil(Date.now() / 1000) + tolerance; | ||
if (body.exp && body.exp < timestamp) { | ||
return false; | ||
if (verifyTimestamp) { | ||
const now = Math.ceil(Date.now() / 1000) + tolerance; | ||
const exp = Number(body.exp) || 0; | ||
const iat = Number(body.iat) || 0; | ||
const nbf = Number(body.nbf) || 0; | ||
debug('jwtVerify.verifyTimestamp', { now, exp, iat, nbf }); | ||
if (exp && exp < now) { | ||
debug('jwtVerify.error.expired'); | ||
return false; | ||
} | ||
if (iat && iat > now) { | ||
debug('jwtVerify.error.issuedAt'); | ||
return false; | ||
} | ||
if (nbf && nbf > now) { | ||
debug('jwtVerify.error.notBefore'); | ||
return false; | ||
} | ||
} | ||
if (body.iat && body.iat > timestamp) { | ||
return false; | ||
} | ||
if (body.nbf && body.nbf > timestamp) { | ||
return false; | ||
} | ||
@@ -359,4 +374,7 @@ const signers = { | ||
debug('jwtVerify.error.crypto'); | ||
return false; | ||
} catch (err) { | ||
debug('jwtVerify.error.exception'); | ||
if (process.env.NODE_ENV !== 'test') { | ||
@@ -363,0 +381,0 @@ // eslint-disable-next-line |
{ | ||
"name": "@arcblock/did", | ||
"version": "0.28.0", | ||
"version": "0.28.1", | ||
"description": "Javascript lib to work with ArcBlock DID", | ||
@@ -56,3 +56,3 @@ "keywords": [ | ||
}, | ||
"gitHead": "3df54e5095c2100ef61fce8f2a42ebd00d331273" | ||
"gitHead": "e860dd970e1e7ec1b231f30201e789acf0dd251f" | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
17222
470