@ifaxity/jwt - npm Package Compare versions

Comparing version 1.1.0 to 1.1.1

package.json

 {
   "name": "@ifaxity/jwt",
-  "version": "1.1.0",
+  "version": "1.1.1",
   "main": "index.js",
@@ -14,6 +14,14 @@ "author": "Christian Norrman <christian@faxity.se>",
   ],
+  "scripts": {
+    "test": "mocha --reporter progress",
+    "coverage": "nyc --reporter=lcov --reporter=text npm run test"
+  },
   "dependencies": {
     "jws": "^3.2.2",
     "ms": "^2.1.2"
+  },
+  "devDependencies": {
+    "mocha": "^6.2.0",
+    "nyc": "^14.1.1"
   }
 }

README.md

@@ -106,3 +106,3 @@ @ifaxity/jwt
 
-  * `clockTolerence {number|string}` - The amount of deadtime where its ok for the `clockTimestamp` to be overdue (in seconds) or a [zeit/ms](https://github.com/zeit/ms) timespan. Default value is 0.
+  * `clockTolerance {number|string}` - The amount of deadtime where its ok for the `clockTimestamp` to be overdue (in seconds) or a [zeit/ms](https://github.com/zeit/ms) timespan. Default value is 0.
 
@@ -109,0 +109,0 @@ * `ignoreExpire {boolean}` - if `true` then expiration validation will be disabled and will accept tokens that are overdue. Not very secure to ignore so use carefully. Default value is `false`.

src/lib/model.js

@@ -78,2 +78,3 @@ /**
       let value = opts[key];
+      let validate = false;
 
@@ -83,4 +84,6 @@ // Set default value (if available)
         const type = typeof obj.default;
+        validate = false;
 
         if (type != 'undefined') {
+          validate = true;
           value = type == 'function' ? obj.default() : obj.default;
@@ -90,3 +93,6 @@ }
 
-      validateProp(key, obj, value);
+      if (validate) {
+        validateProp(key, obj, value);
+      }
+
       acc[key] = value;
@@ -93,0 +99,0 @@ return acc;

src/verify.js

@@ -123,2 +123,12 @@ // Module for signing and verifying JWT tokens
 * @param {object} [opts] - Options to pass to the function
+* @param {Array} [opts.algos] - Algorithms to accept. By default it accepts all available algorithms.
+* @param {string|RegExp|Array} [opts.audience] - Audiences to accept. The array can be an array of strings and/or an array of regular expressions.
+* @param {string|Array} [opts.issuer] - Issuer(s) to accept.
+* @param {string} [opts.subject] - The subject to accept.
+* @param {string} [opts.nonce] - Nonce to check against. Nonce is used in the OpenID tokens. Is really just optional to add.
+* @param {number|string} [opts.maxAge=0] - The maxAge of the token to accept(in seconds) or a zeit/ms timespan. To increase security.
+* @param {number} [opts.clockTimestamp] - The time in which to compare to the timer claims such as maxAge and issued at.
+* @param {number|string} [opts.clockTolerance=0] - The amount of deadtime where its ok for the clockTimestamp to be overdue (in seconds) or a zeit/ms timespan
+* @param {boolean} [opts.ignoreExpire=false] - if true then expiration validation will be disabled and will accept tokens that are overdue. Not very secure to ignore so use carefully.
+* @param {boolean} [opts.ignoreNotBefore=false] - if true then the notBefore claim will not be validated. Not recommended to ignore so use carefully.
 * @returns {Promise} - If resolved the result is the payload.
@@ -125,0 +135,0 @@ */

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

23428

increased by7.11%

Lines of code

432

increased by3.6%

Worsened metrics

Dev dependency count

2

increased byInfinity%

No dependency changes