Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@thream/socketio-jwt

Package Overview
Dependencies
Maintainers
1
Versions
19
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@thream/socketio-jwt - npm Package Compare versions

Comparing version 1.1.0 to 1.1.1

2

build/__test__/fixture/index.js

@@ -28,3 +28,3 @@ "use strict";

else {
keySecret = await options.secret(() => { });
keySecret = await options.secret({ header: { alg: 'RS256' }, payload: '' });
}

@@ -31,0 +31,0 @@ app.post('/login', (_req, res) => {

@@ -15,5 +15,10 @@ import { Algorithm } from 'jsonwebtoken';

declare type SocketIOMiddleware = (socket: Socket, next: (err?: ExtendedError) => void) => void;
declare type SecretCallback = (decodedToken: null | {
[key: string]: any;
} | string) => Promise<string>;
interface CompleteDecodedToken {
header: {
alg: Algorithm;
[key: string]: any;
};
payload: any;
}
declare type SecretCallback = (decodedToken: CompleteDecodedToken) => Promise<string>;
export interface AuthorizeOptions {

@@ -20,0 +25,0 @@ secret: string | SecretCallback;

@@ -36,4 +36,4 @@ "use strict";

else {
decodedToken = jsonwebtoken_1.default.decode(encodedToken, { complete: true });
keySecret = await secret(decodedToken);
const completeDecodedToken = jsonwebtoken_1.default.decode(encodedToken, { complete: true });
keySecret = await secret(completeDecodedToken);
}

@@ -40,0 +40,0 @@ try {

# Changelog
## [1.1.1](https://github.com/Thream/socketio-jwt/compare/v1.1.0...v1.1.1) (2021-01-28)
### Bug Fixes
- **types:** decodedToken in secret callback ([c1a9213](https://github.com/Thream/socketio-jwt/commit/c1a9213a527e4c6188328221372e1f40191a790e)), closes [#21](https://github.com/Thream/socketio-jwt/issues/21)
### Documentation
- update server side usage with `jwks-rsa` : get the secret with `key.getPublicKey()` instead of `key.rsaPublicKey`
## [1.1.0](https://github.com/Thream/socketio-jwt/compare/v1.0.1...v1.1.0) (2021-01-07)

@@ -4,0 +14,0 @@

{
"name": "@thream/socketio-jwt",
"version": "1.1.0",
"version": "1.1.1",
"description": "Authenticate socket.io incoming connections with JWTs.",

@@ -92,10 +92,10 @@ "license": "MIT",

"@release-it/conventional-changelog": "2.0.0",
"@types/express": "4.17.9",
"@types/express": "4.17.11",
"@types/jest": "26.0.20",
"@types/jsonwebtoken": "8.5.0",
"@types/node": "14.14.20",
"@types/node": "14.14.22",
"@types/server-destroy": "1.0.1",
"axios": "0.21.1",
"express": "4.17.1",
"husky": "4.3.7",
"husky": "4.3.8",
"jest": "26.6.3",

@@ -106,4 +106,4 @@ "release-it": "14.2.2",

"snazzy": "9.0.0",
"socket.io": "3.0.5",
"socket.io-client": "3.0.5",
"socket.io": "3.1.0",
"socket.io-client": "3.1.0",
"ts-jest": "26.4.4",

@@ -110,0 +110,0 @@ "ts-standard": "10.0.0",

@@ -78,3 +78,3 @@ <h1 align="center">Thream/socketio-jwt</h1>

const key = await client.getSigningKeyAsync(decodedToken.header.kid)
return key.rsaPublicKey
return key.getPublicKey()
}

@@ -81,0 +81,0 @@ })

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc