byu-jwt - npm Package Compare versions
Comparing version 1.0.5 to 1.0.6
@@ -18,2 +18,4 @@ /** | ||
| 'use strict' | ||
| const debug = require('debug')('byu-jwt-cache') | ||
| module.exports = Cache | ||
@@ -42,3 +44,5 @@ | ||
| cache.getCache = function() { | ||
| return data.value | ||
| const value = data.value; | ||
| debug('cache retrieved') | ||
| return value | ||
| } | ||
@@ -50,2 +54,3 @@ | ||
| refreshCache(data) | ||
| debug('cache stored') | ||
| } | ||
@@ -67,2 +72,3 @@ } | ||
| function clearCache(data) { | ||
| debug('cache cleared') | ||
| data.value = null | ||
@@ -72,2 +78,3 @@ } | ||
| function refreshCache(data) { | ||
| debug('cache updated') | ||
| const ttl = ttlInMilliseconds(data) | ||
@@ -74,0 +81,0 @@ clearTimeout(data.timeoutId) |
@@ -20,2 +20,3 @@ /** | ||
| const Cache = require('./cache') | ||
| const debug = require('debug')('byu-jwt') | ||
| const jsonWebToken = require('jsonwebtoken') | ||
@@ -32,3 +33,3 @@ const pem = require('pem') | ||
| function ByuJWT(options) { | ||
| const byuJwt = {}; | ||
| const byuJwt = {} | ||
@@ -60,5 +61,7 @@ // normalize options | ||
| byuJwt.authenticateUAPIMiddleware = function(req, res, next) { | ||
| debug('running authenticateUAPIMiddleware') | ||
| byuJwt.authenticate(req.headers) | ||
| .then(verifiedJWTs => { | ||
| req.verifiedJWTs = verifiedJWTs | ||
| debug('completed authenticateUAPIMiddleware') | ||
| next() | ||
@@ -71,2 +74,3 @@ }) | ||
| : { code: 500, message: 'Error determining authentication' } | ||
| debug('failed authenticateUAPIMiddleware: ' + err.stack) | ||
| res.status(response.code).send({ metadata: { validation_response: response } }) | ||
@@ -104,5 +108,5 @@ }) | ||
| }); | ||
| }) | ||
| return byuJwt; | ||
| return byuJwt | ||
| } | ||
@@ -160,7 +164,10 @@ | ||
| if (headers[data.header]) { | ||
| debug('verifying JWT in header ' + data.header) | ||
| const promise = decodeJWT(options, openIdConfig, headers[data.header]) | ||
| .then(decodedJWT => { | ||
| debug('verify JWT complete for header ' + data.header) | ||
| verifiedJWTs[data.key] = decodedJWT | ||
| }) | ||
| .catch(err => { | ||
| debug('verify JWT failed for header ' + data.header + ': ' + err.stack) | ||
| const name = (data.name ? data.name + ' ' : '') | ||
@@ -178,3 +185,6 @@ const prefix = err instanceof jsonWebToken.TokenExpiredError ? 'Expired ' : 'Invalid ' | ||
| .then(() => { | ||
| if (!verifiedJWTs.current) throw new AuthenticationError('Missing expected JWT') | ||
| if (!verifiedJWTs.current) { | ||
| debug('verify JWT missing expected JWT') | ||
| throw new AuthenticationError('Missing expected JWT') | ||
| } | ||
@@ -261,2 +271,3 @@ // extra validation step for production | ||
| debug('decoded JWT') | ||
| return result | ||
@@ -271,2 +282,3 @@ }) | ||
| function getOpenIdConfiguration(cache) { | ||
| debug('get OpenID configuration') | ||
| const promise = request(WELL_KNOWN_URL) | ||
@@ -287,2 +299,3 @@ .catch(err => { | ||
| function getPublicKey(openIdConfig) { | ||
| debug('getting public key') | ||
| return request(openIdConfig["jwks_uri"]) | ||
@@ -299,4 +312,9 @@ .then(result => { | ||
| pem.getPublicKey(cert, (err, data) => { | ||
| if (err) return reject(err) | ||
| resolve(data.publicKey) | ||
| if (err) { | ||
| debug('failed to get public key') | ||
| reject(err) | ||
| } else { | ||
| debug('public key acquired') | ||
| resolve(data.publicKey) | ||
| } | ||
| }) | ||
@@ -327,3 +345,4 @@ }) | ||
| if (options.development) { | ||
| console.error('WARNING: JWT verification skipped in development mode'); | ||
| console.error('WARNING: JWT verification skipped in development mode') | ||
| debug('JWT verification skipped in development mode') | ||
| return Promise.resolve(jsonWebToken.decode(jwt)) | ||
@@ -336,5 +355,11 @@ } | ||
| return new Promise(function(resolve, reject) { | ||
| debug('verifying JWT') | ||
| return jsonWebToken.verify(jwt, publicKey, {algorithms: algorithms}, (err, decoded) => { | ||
| if (err) return reject(err) | ||
| resolve(decoded) | ||
| if (err) { | ||
| debug('failed verifying JWT') | ||
| reject(err) | ||
| } else { | ||
| debug('verified JWT') | ||
| resolve(decoded) | ||
| } | ||
| }) | ||
@@ -341,0 +366,0 @@ }) |
@@ -18,2 +18,3 @@ /** | ||
| 'use strict' | ||
| const debug = require('debug')('byu-jwt-request') | ||
| const http = require('http') | ||
@@ -28,2 +29,3 @@ const https = require('https') | ||
| module.exports = function request(url) { | ||
| debug('making request to ' + url); | ||
| return new Promise((resolve, reject) => { | ||
@@ -38,2 +40,3 @@ const mod = /^https/.test(url) ? https : http | ||
| res.on('end', () => { | ||
| debug('completed request to ' + url); | ||
| try { | ||
@@ -47,4 +50,7 @@ resolve(JSON.parse(data)) | ||
| req.on('error', reject) | ||
| req.on('error', err => { | ||
| debug('failed request to ' + url); | ||
| reject(err) | ||
| }) | ||
| }) | ||
| } |
| { | ||
| "name": "byu-jwt", | ||
| "version": "1.0.5", | ||
| "version": "1.0.6", | ||
| "description": "The byu-jwt module provides helpful functions to retrieve a specified BYU .well-known URL and verify BYU signed JWTs.", | ||
@@ -20,2 +20,3 @@ "main": "index.js", | ||
| "dependencies": { | ||
| "debug": "^4.0.1", | ||
| "jsonwebtoken": "^8.2.1", | ||
@@ -22,0 +23,0 @@ "pem": "^1.13.1" |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by3.26%
42314
- Lines of code
- increased by6.18%
636
Worsened metrics
- Dependency count
- increased by50%
3
Dependency changes
+ Addeddebug@^4.0.1
+ Addeddebug@4.4.0(transitive)