@nestjs/jwt - npm Package Compare versions

Comparing version 6.0.0 to 6.1.0

jest.json

dist/index.js

		@@ -6,3 +6,4 @@ "use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		__export(require("./interfaces"));
		__export(require("./jwt.module"));
		__export(require("./jwt.service"));

dist/interfaces/index.js

		"use strict";
		function __export(m) {
		for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p];
		}
		Object.defineProperty(exports, "__esModule", { value: true });
		__export(require("./jwt-module-options.interface"));

dist/interfaces/jwt-module-options.interface.d.ts

		/// <reference types="node" />
		import { ModuleMetadata, Type } from '@nestjs/common/interfaces';
		import * as jwt from 'jsonwebtoken';
		export declare enum JwtSecretRequestType {
		SIGN = 0,
		VERIFY = 1
		}
		export interface JwtModuleOptions {
		signOptions?: jwt.SignOptions;
		secret?: string \| Buffer;
		publicKey?: string \| Buffer;
		privateKey?: jwt.Secret;
		secretOrPrivateKey?: jwt.Secret;
		publicKey?: string \| Buffer;
		secretOrKeyProvider?: (requestType: JwtSecretRequestType, tokenOrPayload: string \| object \| Buffer, options?: jwt.VerifyOptions \| jwt.SignOptions) => jwt.Secret;
		verifyOptions?: jwt.VerifyOptions;
		@@ -9,0 +16,0 @@ }

dist/interfaces/jwt-module-options.interface.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		var JwtSecretRequestType;
		(function (JwtSecretRequestType) {
		JwtSecretRequestType[JwtSecretRequestType["SIGN"] = 0] = "SIGN";
		JwtSecretRequestType[JwtSecretRequestType["VERIFY"] = 1] = "VERIFY";
		})(JwtSecretRequestType = exports.JwtSecretRequestType \|\| (exports.JwtSecretRequestType = {}));

dist/jwt.service.d.ts

		@@ -6,5 +6,6 @@ /// <reference types="node" />
		private readonly options;
		private readonly logger;
		constructor(options: JwtModuleOptions);
		sign(payload: string \| Object \| Buffer, options?: jwt.SignOptions): string;
		signAsync(payload: string \| Object \| Buffer, options?: jwt.SignOptions): Promise<string>;
		sign(payload: string \| Buffer \| object, options?: jwt.SignOptions): string;
		signAsync(payload: string \| Buffer \| object, options?: jwt.SignOptions): Promise<string>;
		verify<T extends object = any>(token: string, options?: jwt.VerifyOptions): T;
		@@ -15,2 +16,4 @@ verifyAsync<T extends object = any>(token: string, options?: jwt.VerifyOptions): Promise<T>;
		} \| string;
		private mergeJwtOptions;
		private getSecretKey;
		}

dist/jwt.service.js

		@@ -17,2 +17,3 @@ "use strict";
		const jwt = require("jsonwebtoken");
		const jwt_module_options_interface_1 = require("./interfaces/jwt-module-options.interface");
		const jwt_constants_1 = require("./jwt.constants");
		@@ -22,22 +23,23 @@ let JwtService = class JwtService {
		this.options = options;
		this.logger = new common_1.Logger('JwtService');
		}
		sign(payload, options) {
		const signOptions = options
		? Object.assign({}, (this.options.signOptions \|\| {}), options) : this.options.signOptions;
		return jwt.sign(payload, this.options.secretOrPrivateKey, signOptions);
		const signOptions = this.mergeJwtOptions(options, 'signOptions');
		const secret = this.getSecretKey(payload, options, 'privateKey', jwt_module_options_interface_1.JwtSecretRequestType.SIGN);
		return jwt.sign(payload, secret, signOptions);
		}
		signAsync(payload, options) {
		const signOptions = options
		? Object.assign({}, (this.options.signOptions \|\| {}), options) : this.options.signOptions;
		return new Promise((resolve, reject) => jwt.sign(payload, this.options.secretOrPrivateKey, signOptions, (err, encoded) => (err ? reject(err) : resolve(encoded))));
		const signOptions = this.mergeJwtOptions(options, 'signOptions');
		const secret = this.getSecretKey(payload, options, 'privateKey', jwt_module_options_interface_1.JwtSecretRequestType.SIGN);
		return new Promise((resolve, reject) => jwt.sign(payload, secret, signOptions, (err, encoded) => err ? reject(err) : resolve(encoded)));
		}
		verify(token, options) {
		const verifyOptions = options
		? Object.assign({}, (this.options.verifyOptions \|\| {}), options) : this.options.verifyOptions;
		return jwt.verify(token, this.options.publicKey \|\| this.options.secretOrPrivateKey, verifyOptions);
		const verifyOptions = this.mergeJwtOptions(options, 'verifyOptions');
		const secret = this.getSecretKey(token, options, 'publicKey', jwt_module_options_interface_1.JwtSecretRequestType.VERIFY);
		return jwt.verify(token, secret.toString(), verifyOptions);
		}
		verifyAsync(token, options) {
		const verifyOptions = options
		? Object.assign({}, (this.options.verifyOptions \|\| {}), options) : this.options.verifyOptions;
		return new Promise((resolve, reject) => jwt.verify(token, this.options.publicKey \|\| this.options.secretOrPrivateKey, verifyOptions, (err, decoded) => (err ? reject(err) : resolve(decoded))));
		const verifyOptions = this.mergeJwtOptions(options, 'verifyOptions');
		const secret = this.getSecretKey(token, options, 'publicKey', jwt_module_options_interface_1.JwtSecretRequestType.VERIFY);
		return new Promise((resolve, reject) => jwt.verify(token, secret.toString(), verifyOptions, (err, decoded) => err ? reject(err) : resolve(decoded)));
		}
		@@ -47,2 +49,16 @@ decode(token, options) {
		}
		mergeJwtOptions(options, key) {
		return options
		? Object.assign({}, (this.options[key] \|\| {}), options) : this.options[key];
		}
		getSecretKey(token, options, key, secretRequestType) {
		let secret = this.options.secretOrKeyProvider
		? this.options.secretOrKeyProvider(secretRequestType, token, options)
		: this.options.secret \|\| this.options[key];
		if (this.options.secretOrPrivateKey) {
		this.logger.warn(`"secretOrPrivateKey" has been deprecated, please use the new explicit "secretOrKeyProvider" or use "privateKey"/"publicKey" exclusively.`);
		secret = this.options.secretOrPrivateKey;
		}
		return secret;
		}
		};
		@@ -49,0 +65,0 @@ JwtService = __decorate([

package.json

		{
		"name": "@nestjs/jwt",
		"version": "6.0.0",
		"version": "6.1.0",
		"description": "Nest - modern, fast, powerful node.js web framework (@jwt)",
		@@ -8,2 +8,5 @@ "author": "Kamil Mysliwiec",
		"scripts": {
		"test": "jest --config=jest.json",
		"test:watch": "jest --config=jest.json --watch",
		"test:coverage": "jest --config=jest.json --coverage --coverageDirectory=coverage",
		"build": "rm -rf dist && tsc -p tsconfig.json",
		@@ -18,8 +21,14 @@ "precommit": "lint-staged",
		"devDependencies": {
		"@nestjs/common": "6.0.0",
		"@types/node": "7.10.5",
		"jest": "24.8.0",
		"ts-jest": "24.0.2",
		"reflect-metadata": "0.1.13",
		"@nestjs/core": "6.2.0",
		"@nestjs/testing": "6.2.0",
		"@types/jest": "24.0.13",
		"@nestjs/common": "6.2.0",
		"@types/node": "7.10.6",
		"husky": "0.14.3",
		"lint-staged": "8.1.5",
		"prettier": "1.16.4",
		"typescript": "3.3.3333"
		"lint-staged": "8.1.6",
		"prettier": "1.17.1",
		"typescript": "3.4.5"
		},
		@@ -26,0 +35,0 @@ "lint-staged": {

README.md

		@@ -43,3 +43,3 @@ <p align="center">
		@Module({
		imports: [JwtModule.register({ secretOrPrivateKey: 'key' })],
		imports: [JwtModule.register({ secret: 'hard!to-guess_secret' })],
		providers: [...],
		@@ -59,2 +59,38 @@ })

		## Secret / Encryption Key options

		If you want to control secret and key management dynamically you can use the `secretOrKeyProvider` function for that purpose.

		```typescript
		JwtModule.register({
		/* Secret has precedance over keys */
		secret: 'hard!to-guess_secret',

		/* public key used in asymmetric algorithms (required if non other secrets present) */
		publicKey: '...',

		/* private key used in asymmetric algorithms (required if non other secrets present) */
		privateKey: '...'

		/* Dynamic key provider has precedance over static secret or pub/private keys */
		secretOrKeyProvider: (
		requestType: JwtSecretRequestType,
		tokenOrPayload: string \| Object \| Buffer,
		verifyOrSignOrOptions?: jwt.VerifyOptions \| jwt.SignOptions
		) => {
		switch (requestType) {
		case JwtSecretRequestType.SIGN:
		// retrieve signing key dynamically
		return 'privateKey';
		case JwtSecretRequestType.VERIFY:
		// retrieve public key for verification dynamically
		return 'publicKey';
		default:
		// retrieve secret dynamically
		return 'hard!to-guess_secret';
		}
		},
		});
		```

		## Async options
		@@ -69,3 +105,3 @@
		useFactory: () => ({
		secretOrPrivateKey: 'key'
		secret: 'hard!to-guess_secret'
		})
		@@ -81,3 +117,3 @@ });
		useFactory: async (configService: ConfigService) => ({
		secretOrPrivateKey: configService.getString('SECRET_KEY'),
		secret: configService.getString('SECRET'),
		}),
		@@ -102,3 +138,3 @@ inject: [ConfigService],
		return {
		secretOrPrivateKey: 'key'
		secret: 'hard!to-guess_secret'
		};
		@@ -146,6 +182,9 @@ }

		- `secretOrPrivateKey` [read more](https://github.com/auth0/node-jsonwebtoken#jwtsignpayload-secretorprivatekey-options-callback)
		- `secret` is either a string, buffer, or object containing the secret for HMAC algorithms
		- `secretOrKeyProvider` function with the following signature `(requestType, tokenOrPayload, options?) => jwt.Secret` (allows generating either secrets or keys dynamically)
		- `signOptions` [read more](https://github.com/auth0/node-jsonwebtoken#jwtsignpayload-secretorprivatekey-options-callback)
		- `privateKey` PEM encoded private key for RSA and ECDSA with passphrase an object `{ key, passphrase }` [read more](https://github.com/auth0/node-jsonwebtoken#jwtsignpayload-secretorprivatekey-options-callback)
		- `publicKey` PEM encoded public key for RSA and ECDSA
		- `verifyOptions` [read more](https://github.com/auth0/node-jsonwebtoken#jwtverifytoken-secretorpublickey-options-callback)
		- `secretOrPrivateKey` (DEPRECATED!) [read more](https://github.com/auth0/node-jsonwebtoken#jwtsignpayload-secretorprivatekey-options-callback)

		@@ -152,0 +191,0 @@ ## Support

@nestjs/jwt - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics