Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@thream/socketio-jwt

Package Overview
Dependencies
Maintainers
1
Versions
19
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@thream/socketio-jwt - npm Package Compare versions

Comparing version 2.1.0 to 2.1.1

build/__test__/setup.d.ts

102

build/__test__/authorize.test.js

@@ -11,8 +11,10 @@ "use strict";

let token = '';
beforeEach(async (done) => {
jest.setTimeout(15000);
await fixture_1.fixtureStart(async () => {
beforeEach((done) => {
fixture_1.fixtureStart(async () => {
const response = await axios_1.default.post('http://localhost:9000/login');
token = response.data.token;
done();
})
.then(done)
.catch((error) => {
done(error);
});

@@ -62,2 +64,5 @@ });

});
socket.on('connect_error', (err) => {
done(err);
});
});

@@ -70,9 +75,11 @@ });

let token = '';
beforeEach(async (done) => {
jest.setTimeout(15000);
await fixture_1.fixtureStart(async () => {
beforeEach((done) => {
fixture_1.fixtureStart(async () => {
const response = await axios_1.default.post('http://localhost:9000/login');
token = response.data.token;
done();
}, { secret: secretCallback });
}, { secret: secretCallback })
.then(done)
.catch((error) => {
done(error);
});
});

@@ -82,2 +89,33 @@ afterEach((done) => {

});
it('should emit error with no token provided', (done) => {
const socket = socket_io_client_1.io('http://localhost:9000');
socket.on('connect_error', (err) => {
expect(err.data.message).toEqual('no token provided');
expect(err.data.code).toEqual('credentials_required');
socket.close();
done();
});
});
it('should emit error with bad token format', (done) => {
const socket = socket_io_client_1.io('http://localhost:9000', {
auth: { token: 'testing' }
});
socket.on('connect_error', (err) => {
expect(err.data.message).toEqual('Format is Authorization: Bearer [token]');
expect(err.data.code).toEqual('credentials_bad_format');
socket.close();
done();
});
});
it('should emit error with unauthorized handshake', (done) => {
const socket = socket_io_client_1.io('http://localhost:9000', {
auth: { token: 'Bearer testing' }
});
socket.on('connect_error', (err) => {
expect(err.data.message).toEqual('Unauthorized: Token is missing or invalid Bearer');
expect(err.data.code).toEqual('invalid_token');
socket.close();
done();
});
});
it('should connect the user', (done) => {

@@ -91,2 +129,5 @@ const socket = socket_io_client_1.io('http://localhost:9000', {

});
socket.on('connect_error', (err) => {
done(err);
});
});

@@ -97,5 +138,4 @@ });

let wrongToken = '';
beforeEach(async (done) => {
jest.setTimeout(15000);
await fixture_1.fixtureStart(async () => {
beforeEach((done) => {
fixture_1.fixtureStart(async () => {
const response = await axios_1.default.post('http://localhost:9000/login');

@@ -105,3 +145,2 @@ token = response.data.token;

wrongToken = responseWrong.data.token;
done();
}, {

@@ -117,2 +156,6 @@ secret: secretCallback,

}
})
.then(done)
.catch((error) => {
done(error);
});

@@ -123,2 +166,33 @@ });

});
it('should emit error with no token provided', (done) => {
const socket = socket_io_client_1.io('http://localhost:9000');
socket.on('connect_error', (err) => {
expect(err.data.message).toEqual('no token provided');
expect(err.data.code).toEqual('credentials_required');
socket.close();
done();
});
});
it('should emit error with bad token format', (done) => {
const socket = socket_io_client_1.io('http://localhost:9000', {
auth: { token: 'testing' }
});
socket.on('connect_error', (err) => {
expect(err.data.message).toEqual('Format is Authorization: Bearer [token]');
expect(err.data.code).toEqual('credentials_bad_format');
socket.close();
done();
});
});
it('should emit error with unauthorized handshake', (done) => {
const socket = socket_io_client_1.io('http://localhost:9000', {
auth: { token: 'Bearer testing' }
});
socket.on('connect_error', (err) => {
expect(err.data.message).toEqual('Unauthorized: Token is missing or invalid Bearer');
expect(err.data.code).toEqual('invalid_token');
socket.close();
done();
});
});
it('should connect the user', (done) => {

@@ -135,3 +209,3 @@ const socket = socket_io_client_1.io('http://localhost:9000', {

const socketServer = fixture_1.getSocket();
socketServer === null || socketServer === void 0 ? void 0 : socketServer.on('connection', (client) => {
socketServer?.on('connection', (client) => {
expect(client.user.email).toEqual('john@doe.com');

@@ -138,0 +212,0 @@ });

36

build/__test__/fixture/index.js

@@ -19,7 +19,9 @@ "use strict";

let server = null;
const fixtureStart = async (done, options = { secret: 'aaafoo super sercret' }) => {
var _a;
const app = express_1.default();
app.use(express_1.default.json());
let keySecret = 'secret';
const fixtureStart = async (done, options = { secret: 'super secret' }) => {
const profile = {
email: 'john@doe.com',
id: 123,
checkField: true
};
let keySecret = '';
if (typeof options.secret === 'string') {

@@ -29,10 +31,7 @@ keySecret = options.secret;

else {
keySecret = await options.secret({ header: { alg: 'RS256' }, payload: '' });
keySecret = await options.secret({ header: { alg: 'HS256' }, payload: profile });
}
const app = express_1.default();
app.use(express_1.default.json());
app.post('/login', (_req, res) => {
const profile = {
email: 'john@doe.com',
id: 123,
checkField: true
};
const token = jsonwebtoken_1.default.sign(profile, keySecret, {

@@ -44,7 +43,3 @@ expiresIn: 60 * 60 * 5

app.post('/login-wrong', (_req, res) => {
const profile = {
email: 'john@doe.com',
id: 123,
checkField: false
};
profile.checkField = false;
const token = jsonwebtoken_1.default.sign(profile, keySecret, {

@@ -57,3 +52,3 @@ expiresIn: 60 * 60 * 5

socket.init(server);
(_a = socket.io) === null || _a === void 0 ? void 0 : _a.use(index_1.authorize(options));
socket.io?.use(index_1.authorize(options));
server_destroy_1.default(server);

@@ -63,8 +58,7 @@ };

const fixtureStop = (callback) => {
var _a;
(_a = socket.io) === null || _a === void 0 ? void 0 : _a.close();
socket.io?.close();
try {
server === null || server === void 0 ? void 0 : server.destroy();
server?.destroy();
}
catch (err) { }
catch { }
callback();

@@ -71,0 +65,0 @@ };

@@ -23,3 +23,3 @@ import { Algorithm } from 'jsonwebtoken';

}
declare type SecretCallback = (decodedToken: CompleteDecodedToken) => Promise<string>;
declare type SecretCallback = (decodedToken: CompleteDecodedToken) => Promise<string> | string;
export interface AuthorizeOptions {

@@ -26,0 +26,0 @@ secret: string | SecretCallback;

@@ -5,2 +5,4 @@ "use strict";

class UnauthorizedError extends Error {
inner;
data;
constructor(code, error) {

@@ -7,0 +9,0 @@ super(error.message);

{
"name": "@thream/socketio-jwt",
"version": "2.1.0",
"version": "2.1.1",
"description": "Authenticate socket.io incoming connections with JWTs.",

@@ -12,3 +12,3 @@ "license": "MIT",

"engines": {
"node": ">=12"
"node": ">=12.0.0"
},

@@ -29,36 +29,2 @@ "keywords": [

"homepage": "https://github.com/Thream/socketio-jwt#readme",
"release-it": {
"git": {
"commit": false,
"push": false,
"tag": false
},
"github": {
"release": false
},
"npm": {
"publish": false
},
"hooks": {
"before:init": [
"npm run lint",
"npm run markdownlint",
"npm run build",
"npm run test"
]
},
"plugins": {
"@release-it/conventional-changelog": {
"preset": "angular",
"infile": "CHANGELOG.md"
}
}
},
"jest": {
"preset": "ts-jest",
"testEnvironment": "node",
"rootDir": "./src",
"collectCoverage": true,
"coverageDirectory": "../coverage/"
},
"ts-standard": {

@@ -78,5 +44,7 @@ "ignore": [

"build": "rimraf ./build && tsc",
"markdownlint": "markdownlint '**/*.md' --dot --ignore node_modules",
"lint": "ts-standard",
"release": "release-it",
"lint:commit": "commitlint",
"lint:editorconfig": "editorconfig-checker",
"lint:markdown": "markdownlint '**/*.md' --dot --ignore node_modules",
"lint:typescript": "ts-standard",
"release": "semantic-release",
"test": "jest",

@@ -94,25 +62,25 @@ "_postinstall": "husky install",

"devDependencies": {
"@commitlint/cli": "12.0.1",
"@commitlint/config-conventional": "12.0.1",
"@release-it/conventional-changelog": "2.0.1",
"@types/express": "4.17.11",
"@types/jest": "26.0.20",
"@types/jsonwebtoken": "8.5.0",
"@types/node": "14.14.32",
"@commitlint/cli": "12.1.4",
"@commitlint/config-conventional": "12.1.4",
"@types/express": "4.17.13",
"@types/jest": "26.0.24",
"@types/jsonwebtoken": "8.5.4",
"@types/node": "16.4.1",
"@types/server-destroy": "1.0.1",
"axios": "0.21.1",
"editorconfig-checker": "4.0.2",
"express": "4.17.1",
"husky": "5.1.3",
"jest": "26.6.3",
"markdownlint-cli": "0.27.1",
"husky": "7.0.1",
"jest": "27.0.6",
"markdownlint-cli": "0.28.1",
"pinst": "2.1.6",
"release-it": "14.4.1",
"rimraf": "3.0.2",
"semantic-release": "17.4.4",
"server-destroy": "1.0.1",
"socket.io": "3.1.2",
"socket.io-client": "3.1.2",
"ts-jest": "26.5.3",
"socket.io": "4.1.3",
"socket.io-client": "4.1.3",
"ts-jest": "27.0.4",
"ts-standard": "10.0.0",
"typescript": "4.2.3"
"typescript": "4.3.5"
}
}

@@ -8,10 +8,15 @@ <h1 align="center">Thream/socketio-jwt</h1>

<p align="center">
<a href="https://github.com/Thream/socketio-jwt/actions?query=workflow%3A%22Node.js+CI%22"><img src="https://github.com/Thream/socketio-jwt/workflows/Node.js%20CI/badge.svg" alt="Node.js CI" /></a>
<a href="./CONTRIBUTING.md"><img src="https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat" /></a>
<a href="./LICENSE"><img src="https://img.shields.io/badge/licence-MIT-blue.svg" alt="Licence MIT"/></a>
<a href="./CODE_OF_CONDUCT.md"><img src="https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg" alt="Contributor Covenant" /></a>
<a href="https://dependabot.com/"><img src="https://badgen.net/github/dependabot/Thream/socketio-jwt?icon=dependabot" alt="Dependabot badge" /></a>
<br/>
<a href="https://github.com/Thream/socketio-jwt/actions/workflows/build.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/build.yml/badge.svg?branch=develop" /></a>
<a href="https://github.com/Thream/socketio-jwt/actions/workflows/lint.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/lint.yml/badge.svg?branch=develop" /></a>
<a href="https://github.com/Thream/socketio-jwt/actions/workflows/test.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/test.yml/badge.svg?branch=develop" /></a>
<a href="https://codecov.io/gh/Thream/socketio-jwt"><img src="https://codecov.io/gh/Thream/socketio-jwt/branch/develop/graph/badge.svg" alt="codecov" /></a>
<a href="https://dependabot.com/"><img src="https://badgen.net/github/dependabot/Thream/socketio-jwt?icon=dependabot" alt="Dependabot badge" /></a>
<br />
<a href="https://conventionalcommits.org"><img src="https://img.shields.io/badge/Conventional%20Commits-1.0.0-yellow.svg" alt="Conventional Commits" /></a>
<a href="https://github.com/semantic-release/semantic-release"><img src="https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg" alt="semantic-release" /></a>
<a href="https://www.npmjs.com/package/@thream/socketio-jwt"><img src="https://img.shields.io/npm/v/@thream/socketio-jwt.svg" alt="npm version"></a>
<a href="https://www.npmjs.com/package/ts-standard"><img alt="TypeScript Standard Style" src="https://camo.githubusercontent.com/f87caadb70f384c0361ec72ccf07714ef69a5c0a/68747470733a2f2f62616467656e2e6e65742f62616467652f636f64652532307374796c652f74732d7374616e646172642f626c75653f69636f6e3d74797065736372697074"/></a>
<a href="./LICENSE"><img src="https://img.shields.io/badge/licence-MIT-blue.svg" alt="Licence MIT"/></a>
<a href="https://conventionalcommits.org"><img src="https://img.shields.io/badge/Conventional%20Commits-1.0.0-yellow.svg" alt="Conventional Commits" /></a>
<a href="https://github.com/Thream/Thream/blob/master/.github/CODE_OF_CONDUCT.md"><img src="https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg" alt="Contributor Covenant" /></a>
</p>

@@ -18,0 +23,0 @@

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc