@fastify/jwt
Advanced tools
Comparing version 6.2.1 to 6.3.0
@@ -50,3 +50,3 @@ import { | ||
export type Secret = string | Buffer | KeyFetcher | ||
export type Secret = string | Buffer | KeyFetcher | { key: Secret; passphrase: string } | ||
| ((request: fastify.FastifyRequest, tokenOrHeader: TokenOrHeader, cb: (e: Error | null, secret: string | Buffer | undefined) => void) => void) | ||
@@ -53,0 +53,0 @@ | ((request: fastify.FastifyRequest, tokenOrHeader: TokenOrHeader) => Promise<string | Buffer>) |
38
jwt.js
@@ -8,6 +8,3 @@ 'use strict' | ||
const { parse } = require('@lukeed/ms') | ||
const { | ||
BadRequest, | ||
Unauthorized | ||
} = require('http-errors') | ||
const createError = require('@fastify/error') | ||
@@ -111,2 +108,13 @@ const messages = { | ||
const NoAuthorizationInCookieError = createError('FST_JWT_NO_AUTHORIZATION_IN_COOKIE', messagesOptions.noAuthorizationInCookieMessage, 401) | ||
const AuthorizationTokenExpiredError = createError('FST_JWT_AUTHORIZATION_TOKEN_EXPIRED', messagesOptions.authorizationTokenExpiredMessage, 401) | ||
const AuthorizationTokenUntrustedError = createError('FST_JWT_AUTHORIZATION_TOKEN_UNTRUSTED', messagesOptions.authorizationTokenUntrusted, 401) | ||
const NoAuthorizationInHeaderError = createError('FST_JWT_NO_AUTHORIZATION_IN_HEADER', messagesOptions.noAuthorizationInHeaderMessage, 401) | ||
const AuthorizationTokenInvalidError = createError('FST_JWT_AUTHORIZATION_TOKEN_INVALID', typeof messagesOptions.authorizationTokenInvalid === 'function' | ||
? messagesOptions.authorizationTokenInvalid({ message: '%s' }) | ||
: messagesOptions.authorizationTokenInvalid | ||
, 401) | ||
const BadRequestError = createError('FST_JWT_BAD_REQUEST', messagesOptions.badRequestErrorMessage, 400) | ||
const BadCookieRequestError = createError('FST_JWT_BAD_COOKIE_REQUEST', messagesOptions.badCookieRequestErrorMessage, 400) | ||
if ( | ||
@@ -208,3 +216,3 @@ signOptions && | ||
if (!token) { | ||
throw new BadRequest(messagesOptions.badRequestErrorMessage) | ||
throw new BadRequestError() | ||
} | ||
@@ -218,6 +226,6 @@ } else if ((request.headers && request.headers.authorization) && (!onlyCookie)) { | ||
if (!/^Bearer$/i.test(scheme)) { | ||
throw new BadRequest(messagesOptions.badRequestErrorMessage) | ||
throw new BadRequestError() | ||
} | ||
} else { | ||
throw new BadRequest(messagesOptions.badRequestErrorMessage) | ||
throw new BadRequestError() | ||
} | ||
@@ -231,9 +239,9 @@ } else if (cookie) { | ||
} else { | ||
throw new Unauthorized(messagesOptions.noAuthorizationInCookieMessage) | ||
throw new NoAuthorizationInCookieError() | ||
} | ||
} else { | ||
throw new BadRequest(messagesOptions.badCookieRequestErrorMessage) | ||
throw new BadCookieRequestError() | ||
} | ||
} else { | ||
throw new Unauthorized(messagesOptions.noAuthorizationInHeaderMessage) | ||
throw new NoAuthorizationInHeaderError() | ||
} | ||
@@ -470,3 +478,3 @@ | ||
if (error.code === TokenError.codes.expired) { | ||
return callback(new Unauthorized(messagesOptions.authorizationTokenExpiredMessage)) | ||
return callback(new AuthorizationTokenExpiredError()) | ||
} | ||
@@ -478,3 +486,5 @@ | ||
) { | ||
return callback(new Unauthorized(typeof messagesOptions.authorizationTokenInvalid === 'function' ? messagesOptions.authorizationTokenInvalid(error) : messagesOptions.authorizationTokenInvalid)) | ||
return callback(typeof messagesOptions.authorizationTokenInvalid === 'function' | ||
? new AuthorizationTokenInvalidError(error.message) | ||
: new AuthorizationTokenInvalidError()) | ||
} | ||
@@ -493,7 +503,7 @@ | ||
maybePromise | ||
.then(trusted => trusted ? callback(null, result) : callback(new Unauthorized(messagesOptions.authorizationTokenUntrusted))) | ||
.then(trusted => trusted ? callback(null, result) : callback(new AuthorizationTokenUntrustedError())) | ||
} else if (maybePromise) { | ||
callback(null, maybePromise) | ||
} else { | ||
callback(new Unauthorized(messagesOptions.authorizationTokenUntrusted)) | ||
callback(new AuthorizationTokenUntrustedError()) | ||
} | ||
@@ -500,0 +510,0 @@ } |
{ | ||
"name": "@fastify/jwt", | ||
"version": "6.2.1", | ||
"version": "6.3.0", | ||
"description": "JWT utils for Fastify", | ||
@@ -34,6 +34,6 @@ "main": "jwt.js", | ||
"dependencies": { | ||
"@fastify/error": "^3.0.0", | ||
"@lukeed/ms": "^2.0.0", | ||
"fast-jwt": "^1.5.1", | ||
"fastify-plugin": "^3.0.1", | ||
"http-errors": "^2.0.0", | ||
"fastify-plugin": "^4.0.0", | ||
"steed": "^1.1.3" | ||
@@ -40,0 +40,0 @@ }, |
@@ -77,2 +77,13 @@ import fastify from 'fastify'; | ||
app.register(fastifyJwt, { | ||
secret: { | ||
private: { | ||
key: 'privateKey', | ||
passphrase: 'super secret passphrase', | ||
}, | ||
public: 'publicKey', | ||
}, | ||
sign: { algorithm: 'ES256' }, | ||
}) | ||
// expect jwt and its subsequent methods have merged with the fastify instance | ||
@@ -79,0 +90,0 @@ expectAssignable<object>(app.jwt) |
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
145486
3356
0
+ Added@fastify/error@^3.0.0
+ Added@fastify/error@3.4.1(transitive)
+ Addedfastify-plugin@4.5.1(transitive)
- Removedhttp-errors@^2.0.0
- Removeddepd@2.0.0(transitive)
- Removedfastify-plugin@3.0.1(transitive)
- Removedhttp-errors@2.0.0(transitive)
- Removedsetprototypeof@1.2.0(transitive)
- Removedstatuses@2.0.1(transitive)
- Removedtoidentifier@1.0.1(transitive)
Updatedfastify-plugin@^4.0.0