@connectedcars/jwtutils
Advanced tools
Comparing version 1.0.18 to 1.0.19
{ | ||
"name": "@connectedcars/jwtutils", | ||
"version": "1.0.18", | ||
"version": "1.0.19", | ||
"description": "Zero dependency JWT encoding/decoding for Node", | ||
@@ -14,4 +14,5 @@ "main": "src/index.js", | ||
"scripts": { | ||
"test": "nyc --reporter=lcov --reporter=text mocha \"src/**/*.test.js\" \"bin/*.test.js\"", | ||
"coveralls": "nyc report --reporter=text-lcov | coveralls" | ||
"test": "mocha \"src/**/*.test.js\" \"bin/*.test.js\"", | ||
"cov": "nyc --reporter=lcov --reporter=text npm test", | ||
"coveralls": "nyc report --reporter=text-lcov npm test | coveralls" | ||
}, | ||
@@ -32,23 +33,33 @@ "repository": { | ||
"devDependencies": { | ||
"@types/mocha": "^5.2.0", | ||
"@types/node": "^10.1.2", | ||
"@types/mocha": "^5.2.5", | ||
"@types/node": "^10.12.18", | ||
"@types/tmp": "0.0.33", | ||
"babel-eslint": "^8.2.3", | ||
"babel-eslint": "^10.0.1", | ||
"benchmark": "^2.1.4", | ||
"coveralls": "^3.0.1", | ||
"eslint": "^4.19.1", | ||
"eslint-config-prettier": "^2.9.0", | ||
"eslint-plugin-node": "^6.0.1", | ||
"eslint-plugin-prettier": "^2.6.0", | ||
"express": "^4.16.3", | ||
"coveralls": "^3.0.2", | ||
"eslint": "^5.11.1", | ||
"eslint-config-prettier": "^3.3.0", | ||
"eslint-plugin-node": "^8.0.0", | ||
"eslint-plugin-prettier": "^3.0.1", | ||
"express": "^4.16.4", | ||
"microtime": "^2.1.8", | ||
"mocha": "^5.2.0", | ||
"nyc": "^11.8.0", | ||
"prettier": "^1.12.1", | ||
"nyc": "^13.1.0", | ||
"prettier": "^1.15.3", | ||
"r2": "^2.0.1", | ||
"tmp": "0.0.33", | ||
"typescript": "^2.8.3", | ||
"unexpected": "^10.37.7" | ||
"typescript": "^3.2.2", | ||
"unexpected": "^10.40.2" | ||
}, | ||
"dependencies": {} | ||
"dependencies": {}, | ||
"nyc": { | ||
"include": [ | ||
"src/**", | ||
"bin/**" | ||
], | ||
"exclude": [ | ||
"**/*.test.js" | ||
], | ||
"all": true | ||
} | ||
} |
@@ -11,2 +11,3 @@ // @ts-check | ||
const PubkeysHelper = require('./pubkeyshelper') | ||
const JwkUtils = require('./jwkutils') | ||
@@ -18,2 +19,3 @@ module.exports = { | ||
}, | ||
JwkUtils, | ||
PubkeysHelper, | ||
@@ -20,0 +22,0 @@ JwtAuthMiddleware, |
@@ -39,9 +39,2 @@ // SEQUENCE(OBJECT IDENTIFIER = 1.2.840.113549.1.1.1, NULL) - rsaEncryption | ||
/** | ||
* @deprecated since version 1.0.13 | ||
*/ | ||
function jwtToPem(jwk) { | ||
this.jwkToPem(jwk) | ||
} | ||
function jwkToPem(jwk) { | ||
@@ -192,4 +185,3 @@ switch (jwk.kty) { | ||
ecPublicKeyJwkToPem, | ||
jwkToPem, | ||
jwtToPem // Fuckup with naming | ||
jwkToPem | ||
} | ||
@@ -196,0 +188,0 @@ |
@@ -47,2 +47,5 @@ const defaultHttpRequestHandler = require('./defaulthttprequesthandler') | ||
function _fetchJwkKeys(httpRequestHandler, url, options) { | ||
let defaultAlgorithms = options.defaultAlgorithms || [] | ||
delete options.defaultAlgorithms | ||
return httpRequestHandler('GET', url, {}, null).then(response => { | ||
@@ -64,8 +67,11 @@ let pubkeysResponse = JSON.parse( | ||
let publicKeyPem = jwkUtils.jwkToPem(key) | ||
pubKeys[`${key.kid}@${key.alg}`] = Object.assign( | ||
{ | ||
publicKey: publicKeyPem | ||
}, | ||
options | ||
) | ||
let algorithms = key.alg ? [key.alg] : defaultAlgorithms | ||
for (let algorithm of algorithms) { | ||
pubKeys[`${key.kid}@${algorithm}`] = Object.assign( | ||
{ | ||
publicKey: publicKeyPem | ||
}, | ||
options | ||
) | ||
} | ||
} | ||
@@ -72,0 +78,0 @@ return pubKeys |
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
2
3
46016
18
1181