@tsndr/cloudflare-worker-jwt - npm Package Compare versions

Comparing version 2.4.7 to 2.5.0

index.d.ts

		@@ -81,2 +81,6 @@ /// <reference types="@cloudflare/workers-types" />
		/**
		* Clock tolerance to help with slightly out of sync systems
		*/
		clockTolerance?: number;
		/**
		* If `true` throw error if checks fail. (default: `false`)
		@@ -83,0 +87,0 @@ *

index.js

		@@ -107,6 +107,6 @@ // src/utils.ts
		}
		async function verify(token, secret, options = { algorithm: "HS256", throwError: false }) {
		async function verify(token, secret, options = "HS256") {
		if (typeof options === "string")
		options = { algorithm: options, throwError: false };
		options = { algorithm: "HS256", throwError: false, ...options };
		options = { algorithm: options };
		options = { algorithm: "HS256", clockTolerance: 0, throwError: false, ...options };
		if (typeof token !== "string")
		@@ -133,5 +133,6 @@ throw new Error("token must be a string");
		throw new Error("PARSE_ERROR");
		if (payload.nbf && payload.nbf > Math.floor(Date.now() / 1e3))
		const now = Math.floor(Date.now() / 1e3);
		if (payload.nbf && Math.abs(payload.nbf - now) > (options.clockTolerance ?? 0))
		throw new Error("NOT_YET_VALID");
		if (payload.exp && payload.exp <= Math.floor(Date.now() / 1e3))
		if (payload.exp && Math.abs(payload.exp - now) > (options.clockTolerance ?? 0))
		throw new Error("EXPIRED");
		@@ -138,0 +139,0 @@ const key = secret instanceof CryptoKey ? secret : await importKey(secret, algorithm, ["verify"]);

package.json

		{
		"name": "@tsndr/cloudflare-worker-jwt",
		"version": "2.4.7",
		"version": "2.5.0",
		"description": "A lightweight JWT implementation with ZERO dependencies for Cloudflare Worker",
		@@ -5,0 +5,0 @@ "type": "module",

README.md

		@@ -87,7 +87,9 @@ # Cloudflare Worker JWT

		Argument \| Type \| Status \| Default \| Description
		----------- \| -------- \| -------- \| ------- \| -----------
		`payload` \| `object` \| required \| - \| The payload object. To use `nbf` (Not Before) and/or `exp` (Expiration Time) add `nbf` and/or `exp` to the payload.
		`secret` \| `string` \| required \| - \| A string which is used to sign the payload.
		`options` \| `object` \| optional \| `{ algorithm: 'HS256' }` \| The options object supporting `algorithm` and `keyid`. (See [Available Algorithms](#available-algorithms))
		Argument \| Type \| Status \| Default \| Description
		------------------------ \| ------------------ \| -------- \| ----------- \| -----------
		`payload` \| `object` \| required \| - \| The payload object. To use `nbf` (Not Before) and/or `exp` (Expiration Time) add `nbf` and/or `exp` to the payload.
		`secret` \| `string` \| required \| - \| A string which is used to sign the payload.
		`options` \| `string`, `object` \| optional \| `HS256` \| Either the `algorithm` string or an object.
		`options.algorithm` \| `string` \| optional \| `HS256` \| See [Available Algorithms](#available-algorithms)
		`options.keyid` \| `string` \| optional \| `undefined` \| The `keyid` or `kid` to be set in the header of the resulting JWT.

		@@ -104,8 +106,12 @@ #### `return`

		Argument \| Type \| Status \| Default \| Description
		----------- \| -------- \| -------- \| ------- \| -----------
		`token` \| `string` \| required \| - \| The token string generated by `jwt.sign()`.
		`secret` \| `string` \| required \| - \| The string which was used to sign the payload.
		`options` \| `object` \| optional \| `{ algorithm: 'HS256', skipValidation: false, throwError: false }` \| The options object supporting `algorithm`, `skipValidation` and `throwError`. (See [Available Algorithms](#available-algorithms))
		Argument \| Type \| Status \| Default \| Description
		------------------------ \| ------------------ \| -------- \| ------- \| -----------
		`token` \| `string` \| required \| - \| The token string generated by `jwt.sign()`.
		`secret` \| `string` \| required \| - \| The string which was used to sign the payload.
		`options` \| `string`, `object` \| optional \| `HS256` \| Either the `algorithm` string or an object.
		`options.algorithm` \| `string` \| optional \| `HS256` \| See [Available Algorithms](#available-algorithms)
		`options.clockTolerance` \| `number` \| optional \| `0` \| Clock tolerance in seconds, to help with slighly out of sync systems.
		`options.throwError` \| `boolean` \| optional \| `false` \| By default this we will only throw implementation errors, only set this to `true` if you want verification errors to be thrown as well.


		#### `throws`
		@@ -152,2 +158,2 @@ If `options.throwError` is `true` and the token is invalid, an error will be thrown.
		- RS384
		- RS512
		- RS512

test.d.ts

		@@ -87,7 +87,9 @@ # Cloudflare Worker JWT

		Argument \| Type \| Status \| Default \| Description
		----------- \| -------- \| -------- \| ------- \| -----------
		`payload` \| `object` \| required \| - \| The payload object. To use `nbf` (Not Before) and/or `exp` (Expiration Time) add `nbf` and/or `exp` to the payload.
		`secret` \| `string` \| required \| - \| A string which is used to sign the payload.
		`options` \| `object` \| optional \| `{ algorithm: 'HS256' }` \| The options object supporting `algorithm` and `keyid`. (See [Available Algorithms](#available-algorithms))
		Argument \| Type \| Status \| Default \| Description
		------------------------ \| ------------------ \| -------- \| ----------- \| -----------
		`payload` \| `object` \| required \| - \| The payload object. To use `nbf` (Not Before) and/or `exp` (Expiration Time) add `nbf` and/or `exp` to the payload.
		`secret` \| `string` \| required \| - \| A string which is used to sign the payload.
		`options` \| `string`, `object` \| optional \| `HS256` \| Either the `algorithm` string or an object.
		`options.algorithm` \| `string` \| optional \| `HS256` \| See [Available Algorithms](#available-algorithms)
		`options.keyid` \| `string` \| optional \| `undefined` \| The `keyid` or `kid` to be set in the header of the resulting JWT.

		@@ -104,8 +106,12 @@ #### `return`

		Argument \| Type \| Status \| Default \| Description
		----------- \| -------- \| -------- \| ------- \| -----------
		`token` \| `string` \| required \| - \| The token string generated by `jwt.sign()`.
		`secret` \| `string` \| required \| - \| The string which was used to sign the payload.
		`options` \| `object` \| optional \| `{ algorithm: 'HS256', skipValidation: false, throwError: false }` \| The options object supporting `algorithm`, `skipValidation` and `throwError`. (See [Available Algorithms](#available-algorithms))
		Argument \| Type \| Status \| Default \| Description
		------------------------ \| ------------------ \| -------- \| ------- \| -----------
		`token` \| `string` \| required \| - \| The token string generated by `jwt.sign()`.
		`secret` \| `string` \| required \| - \| The string which was used to sign the payload.
		`options` \| `string`, `object` \| optional \| `HS256` \| Either the `algorithm` string or an object.
		`options.algorithm` \| `string` \| optional \| `HS256` \| See [Available Algorithms](#available-algorithms)
		`options.clockTolerance` \| `number` \| optional \| `0` \| Clock tolerance in seconds, to help with slighly out of sync systems.
		`options.throwError` \| `boolean` \| optional \| `false` \| By default this we will only throw implementation errors, only set this to `true` if you want verification errors to be thrown as well.


		#### `throws`
		@@ -152,2 +158,2 @@ If `options.throwError` is `true` and the token is invalid, an error will be thrown.
		- RS384
		- RS512
		- RS512

@tsndr/cloudflare-worker-jwt - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics