@connectedcars/jwtutils
Advanced tools
Comparing version 1.0.3 to 1.0.4
@@ -78,2 +78,3 @@ 'use strict' | ||
const audiences = ['https://host/oauth/token'] | ||
const pubKeys = { | ||
@@ -105,9 +106,19 @@ 'test@test.com': { | ||
let testToken = jwtUtils.encode( | ||
rsaPrivateKeyEncrypted, | ||
jwtHeader, | ||
jwtBody, | ||
'Qwerty1234' | ||
) | ||
suite | ||
.add('Encrypted RSA key at RS256', () => { | ||
.add('Encode with encrypted RSA key at RS256', () => { | ||
jwtUtils.encode(rsaPrivateKeyEncrypted, jwtHeader, jwtBody, 'Qwerty1234') | ||
}) | ||
.add('Unencrypted RSA key at RS256', () => { | ||
.add('Encode with unencrypted RSA key at RS256', () => { | ||
jwtUtils.encode(rsaPrivateKey, jwtHeader, jwtBody) | ||
}) | ||
.add('Decode encrypted RSA key at RS256', () => { | ||
jwtUtils.decode(testToken, pubKeys, audiences) | ||
}) | ||
// add listeners | ||
@@ -117,6 +128,3 @@ .on('cycle', function(event) { | ||
}) | ||
.on('complete', function() { | ||
console.log('Fastest is ' + this.filter('fastest').map('name')) | ||
}) | ||
// run async | ||
.run({ async: true }) |
{ | ||
"name": "@connectedcars/jwtutils", | ||
"version": "1.0.3", | ||
"version": "1.0.4", | ||
"description": "Zero dependency JWT encoding/decoding for Node", | ||
@@ -5,0 +5,0 @@ "main": "src/index.js", |
@@ -6,4 +6,7 @@ 'use strict' | ||
function jwtAuthMiddleware(pubKeys, audiences) { | ||
function jwtAuthMiddleware(pubKeys, audiences, mapper = null) { | ||
return function(request, response, next) { | ||
if ((request.user || {}).authenticated === true) { | ||
return next() // Skip authentication if we already authenticated | ||
} | ||
if (!(request.headers.authorization || '').startsWith('Bearer ')) { | ||
@@ -19,2 +22,4 @@ return next(new JwtVerifyError('Not allowed')) | ||
request.user = { | ||
audience: decodedJwtBody.aud, | ||
issuer: decodedJwtBody.iss, | ||
subject: decodedJwtBody.sub, | ||
@@ -24,2 +29,6 @@ authenticated: true, | ||
} | ||
if (typeof mapper === 'function') { | ||
mapper(request.user) | ||
} | ||
return next() | ||
@@ -26,0 +35,0 @@ } catch (e) { |
@@ -52,3 +52,10 @@ const express = require('express') | ||
// Register endponts | ||
app.use(jwtAuthMiddleware(pubKeys, ['http://localhost/'])) | ||
app.use( | ||
'/mapped', | ||
jwtAuthMiddleware(pubKeys, ['http://localhost/'], user => { | ||
// Add test e-mail | ||
user.eMail = 'test@domain.tld' | ||
}) | ||
) | ||
app.use('/', jwtAuthMiddleware(pubKeys, ['http://localhost/'])) | ||
app.use((err, req, res, next) => { | ||
@@ -64,2 +71,5 @@ if (err instanceof JwtVerifyError) { | ||
}) | ||
app.get('/mapped', function(req, res) { | ||
res.send(`Hello ${req.user.eMail}`) | ||
}) | ||
@@ -83,2 +93,14 @@ done() | ||
}) | ||
it('should return ok with a new e-mail', () => { | ||
let jwt = jwtUtils.encode(ecPrivateKey, jwtHeader, jwtBody) | ||
let responsePromise = doRequest('GET', 'localhost', port, '/mapped', { | ||
Authorization: 'Bearer ' + jwt, | ||
Accept: 'application/json', | ||
'User-Agent': 'test' | ||
}) | ||
return expect(responsePromise, 'to be fulfilled with value satisfying', { | ||
statusCode: 200, | ||
data: 'Hello test@domain.tld' | ||
}) | ||
}) | ||
it('should fail because of missing sub', () => { | ||
@@ -85,0 +107,0 @@ let customJwtBody = Object.assign({}, jwtBody) |
'use strict' | ||
const crypto = require('crypto') | ||
const base64UrlSafe = require('./base64urlsafe') | ||
const JwtVerifyError = require('./jwtverifyerror') | ||
@@ -22,3 +24,3 @@ | ||
let header = JSON.parse(base64DecodeUrlSafe(parts[0]).toString('utf8')) | ||
let header = JSON.parse(base64UrlSafe.decode(parts[0]).toString('utf8')) | ||
@@ -51,3 +53,3 @@ let algo = null | ||
let body = JSON.parse(base64DecodeUrlSafe(parts[1]).toString('utf8')) | ||
let body = JSON.parse(base64UrlSafe.decode(parts[1]).toString('utf8')) | ||
@@ -63,3 +65,3 @@ if (!body.iss) { | ||
let signature = base64DecodeUrlSafe(parts[2]) | ||
let signature = base64UrlSafe.decode(parts[2]) | ||
@@ -113,15 +115,2 @@ const verifier = crypto.createVerify(algo) | ||
function base64DecodeUrlSafe(base64StringUrlSafe) { | ||
let base64String = base64StringUrlSafe.replace(/-/g, '+').replace(/_/g, '/') | ||
switch (base64String.length % 4) { | ||
case 2: | ||
base64String += '==' | ||
break | ||
case 3: | ||
base64String += '=' | ||
break | ||
} | ||
return Buffer.from(base64String, 'base64') | ||
} | ||
module.exports = jwtDecode |
@@ -5,2 +5,4 @@ 'use strict' | ||
const base64UrlSafe = require('./base64urlsafe') | ||
function jwtEncode(privateKey, header, body, privateKeyPassword = null) { | ||
@@ -46,4 +48,4 @@ if ( | ||
// Base64 encode header and body | ||
let headerBase64 = base64EncodeUrlSafe(Buffer.from(JSON.stringify(header))) | ||
let bodyBase64 = base64EncodeUrlSafe(Buffer.from(JSON.stringify(body))) | ||
let headerBase64 = base64UrlSafe.encode(Buffer.from(JSON.stringify(header))) | ||
let bodyBase64 = base64UrlSafe.encode(Buffer.from(JSON.stringify(body))) | ||
let headerBodyBase64 = headerBase64 + '.' + bodyBase64 | ||
@@ -67,14 +69,6 @@ | ||
// Construct final JWT | ||
let signatureBase64 = base64EncodeUrlSafe(signatureBuffer) | ||
let signatureBase64 = base64UrlSafe.encode(signatureBuffer) | ||
return headerBodyBase64 + '.' + signatureBase64 | ||
} | ||
function base64EncodeUrlSafe(buffer) { | ||
return buffer | ||
.toString('base64') | ||
.replace(/\+/g, '-') // Convert '+' to '-' | ||
.replace(/\//g, '_') // Convert '/' to '_' | ||
.replace(/=+$/, '') // Remove ending '=' | ||
} | ||
module.exports = jwtEncode |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
46850
22
1029