did-jwt - npm Package Compare versions

Comparing version 0.2.0-alpha5 to 0.2.0-alpha6

lib/index.esm.js

		@@ -1,2 +0,2 @@
		import{sha256 as r}from"js-sha256";import{keccak_256 as e}from"js-sha3";import{EC as t}from"elliptic-lite";import n from"tweetnacl";import o from"tweetnacl-util";import{Buffer as i}from"buffer";import a from"base64url";import u from"did-resolver";function c(e){return i.from(r.arrayBuffer(e))}function f(r){return"0x"+(t=i.from(r.slice(2),"hex"),i.from(e.buffer(t))).slice(-20).toString("hex");var t}var s=new t;function d(r,e){return void 0===e&&(e=64),r.length===e?r:"0".repeat(e-r.length)+r}var h=new t;function l(r,e){void 0===e&&(e=!1);var t=a.toBuffer(r);if(t.length!==(e?65:64))throw new Error("wrong signature length");var n={r:t.slice(0,32).toString("hex"),s:t.slice(32,64).toString("hex")};return e&&(n.recoveryParam=t[64]),n}var m={ES256K:function(r,e,t){var n=c(r),o=l(e);return t.find(function(r){return h.keyFromPublic(r.publicKeyHex,"hex").verify(n,o)})},"ES256K-R":function(r,e,t){var n=l(e,!0),o=c(r),i=h.recoverPubKey(o,n,n.recoveryParam),a=i.encode("hex"),u=i.encode("hex",!0),s=f(a);return t.find(function(r){var e=r.publicKeyHex;return e===a\|\|e===u\|\|r.ethereumAddress===s})},Ed25519:function(r,e,t){var i=o.decodeUTF8(r),u=o.decodeBase64(a.toBase64(e));return t.find(function(r){return n.sign.detached.verify(i,u,o.decodeBase64(r.publicKeyBase64))})}};function v(r){var e=m[r];if(!e)throw new Error("Unsupported algorithm "+r);return e}function p(r){function e(e){var t=e.r,n=e.s,o=e.recoveryParam,u=i.alloc(r?65:64);if(i.from(t,"hex").copy(u,0),i.from(n,"hex").copy(u,32),r){if(void 0===o)throw new Error("Signer did not return a recoveryParam");u[64]=o}return a.encode(u)}return void 0===r&&(r=!1),function(r,t){try{return Promise.resolve(t(r)).then(e)}catch(r){return Promise.reject(r)}}}v.toSignatureObject=l;var w={ES256K:p(),"ES256K-R":p(!0),Ed25519:function(r,e){try{return Promise.resolve(e(r))}catch(r){return Promise.reject(r)}}},g={ES256K:["Secp256k1VerificationKey2018","Secp256k1SignatureVerificationKey2018","EcdsaPublicKeySecp256k1"],"ES256K-R":["Secp256k1VerificationKey2018","Secp256k1SignatureVerificationKey2018","EcdsaPublicKeySecp256k1"],Ed25519:["ED25519SignatureVerification"]},y={typ:"JWT"};function E(r){return a.encode(JSON.stringify(r))}function b(r){return r.match(/^[123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz]+$/)}function S(r){if(r.match(/^did:/))return r;if(b(r))return"did:uport:"+r;throw new Error("Not a valid DID '"+r+"'")}function P(r){if(!r)throw new Error("Missing JWT");var e=r.match(/^([a-zA-Z0-9_-]+)\.([a-zA-Z0-9_-]+)\.([a-zA-Z0-9_-]+)$/);if(e)return{header:JSON.parse(a.decode(e[1])),payload:JSON.parse(a.decode(e[2])),signature:e[3],data:e[1]+"."+e[2]};throw new Error("Incorrect format JWT")}module.exports={SimpleSigner:function(r){var e=s.keyFromPrivate(r);return function(r){try{var t=e.sign(c(r)),n=t.s,o=t.recoveryParam;return Promise.resolve({r:d(t.r.toString("hex")),s:d(n.toString("hex")),recoveryParam:o})}catch(r){return Promise.reject(r)}}},NaclSigner:function(r){var e=o.decodeBase64(r);return function(r){try{return Promise.resolve(a.encode(n.sign.detached(o.decodeUTF8(r),e)))}catch(r){return Promise.reject(r)}}},verifyJWT:function(r,e){void 0===e&&(e={});try{var t=e.audience?S(e.audience):void 0,n=P(r),o=n.payload,i=n.header,a=n.signature,c=n.data;return Promise.resolve(function(r,e,t){try{var n=g[r];if(!n\|\|0===n.length)throw new Error("No supported signature types for algorithm "+r);var o=S(e);return Promise.resolve(u(o)).then(function(e){if(!e)throw new Error("Unable to resolve DID document for "+o);var i=!t\|\|(e.authentication\|\|[]).map(function(r){return r.publicKey}),a=(e.publicKey\|\|[]).filter(function(r){var e=r.type,o=r.id;return n.find(function(r){return r===e&&(!t\|\|i.indexOf(o)>=0)})});if(t&&(!a\|\|0===a.length))throw new Error("DID document for "+o+" does not have public keys suitable for authenticationg user");if(!a\|\|0===a.length)throw new Error("DID document for "+o+" does not have public keys for "+r);return{authenticators:a,issuer:o,doc:e}})}catch(r){return Promise.reject(r)}}(i.alg,o.iss,e.auth)).then(function(n){var u,f=n.doc,s=n.authenticators,d=n.issuer,h=v(i.alg)(c,a,s),l=Math.floor(Date.now()/1e3);if(h){if(o.iat&&o.iat>l+300)throw new Error("JWT not valid yet (issued in the future): iat: "+o.iat+" > now: "+l);if(o.exp&&o.exp<=l-300)throw new Error("JWT has expired: exp: "+o.exp+" < now: "+l);if(o.aud)if((u=o.aud)&&(u.match(/^did:/)\|\|b(u))){if(!t)throw new Error("JWT audience is required but your app address has not been configured");if(t!==S(o.aud))throw new Error("JWT audience does not match your DID: aud: "+o.aud+" !== yours: "+t)}else{if(!e.callbackUrl)throw new Error("JWT audience matching your callback url is required but one wasn't passed in");if(o.aud!==e.callbackUrl)throw new Error("JWT audience does not match the callback url: aud: "+o.aud+" !== url: "+e.callbackUrl)}return{payload:o,doc:f,issuer:d,signer:h,jwt:r}}throw new Error("Signature invalid for JWT")})}catch(r){return Promise.reject(r)}},createJWT:function(r,e){var t=e.issuer,n=e.signer,o=e.alg,i=e.expiresIn;try{if(!n)throw new Error("No Signer functionality has been configured");if(!t)throw new Error("No issuing DID has been configured");var a=Object.assign({},y,{alg:o\|\|"ES256K"}),u={iat:Math.floor(Date.now()/1e3)};if(i){if("number"!=typeof i)throw new Error("JWT expiresIn is not a number");u.exp=u.iat+Math.floor(i)}var c=[E(a),E(Object.assign({},u,r,{iss:S(t)}))].join("."),f=function(r){var e=w[r];if(!e)throw new Error("Unsupported algorithm "+r);return e}(a.alg);return Promise.resolve(f(c,n)).then(function(r){return[c,r].join(".")})}catch(r){return Promise.reject(r)}},decodeJWT:P,toEthereumAddress:f};
		import r from"hash.js";import{keccak_256 as e}from"js-sha3";import{EC as t}from"elliptic-lite";import n from"tweetnacl";import o from"tweetnacl-util";import{Buffer as i}from"buffer";import a from"base64url";import u from"did-resolver";function c(e){return i.from(r.sha256().update(e).digest())}function s(r){return"0x"+(t=i.from(r.slice(2),"hex"),i.from(e.buffer(t))).slice(-20).toString("hex");var t}var f=new t;function d(r,e){return void 0===e&&(e=64),r.length===e?r:"0".repeat(e-r.length)+r}var h=new t;function l(r,e){void 0===e&&(e=!1);var t=a.toBuffer(r);if(t.length!==(e?65:64))throw new Error("wrong signature length");var n={r:t.slice(0,32).toString("hex"),s:t.slice(32,64).toString("hex")};return e&&(n.recoveryParam=t[64]),n}var m={ES256K:function(r,e,t){var n=c(r),o=l(e);return t.find(function(r){return h.keyFromPublic(r.publicKeyHex,"hex").verify(n,o)})},"ES256K-R":function(r,e,t){var n=l(e,!0),o=c(r),i=h.recoverPubKey(o,n,n.recoveryParam),a=i.encode("hex"),u=i.encode("hex",!0),f=s(a);return t.find(function(r){var e=r.publicKeyHex;return e===a\|\|e===u\|\|r.ethereumAddress===f})},Ed25519:function(r,e,t){var i=o.decodeUTF8(r),u=o.decodeBase64(a.toBase64(e));return t.find(function(r){return n.sign.detached.verify(i,u,o.decodeBase64(r.publicKeyBase64))})}};function v(r){var e=m[r];if(!e)throw new Error("Unsupported algorithm "+r);return e}function p(r){function e(e){var t=e.r,n=e.s,o=e.recoveryParam,u=i.alloc(r?65:64);if(i.from(t,"hex").copy(u,0),i.from(n,"hex").copy(u,32),r){if(void 0===o)throw new Error("Signer did not return a recoveryParam");u[64]=o}return a.encode(u)}return void 0===r&&(r=!1),function(r,t){try{return Promise.resolve(t(r)).then(e)}catch(r){return Promise.reject(r)}}}v.toSignatureObject=l;var w={ES256K:p(),"ES256K-R":p(!0),Ed25519:function(r,e){try{return Promise.resolve(e(r))}catch(r){return Promise.reject(r)}}},g={ES256K:["Secp256k1VerificationKey2018","Secp256k1SignatureVerificationKey2018","EcdsaPublicKeySecp256k1"],"ES256K-R":["Secp256k1VerificationKey2018","Secp256k1SignatureVerificationKey2018","EcdsaPublicKeySecp256k1"],Ed25519:["ED25519SignatureVerification"]},y={typ:"JWT"};function E(r){return a.encode(JSON.stringify(r))}function b(r){return r.match(/^[123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz]+$/)}function S(r){if(r.match(/^did:/))return r;if(b(r))return"did:uport:"+r;throw new Error("Not a valid DID '"+r+"'")}function P(r){if(!r)throw new Error("Missing JWT");var e=r.match(/^([a-zA-Z0-9_-]+)\.([a-zA-Z0-9_-]+)\.([a-zA-Z0-9_-]+)$/);if(e)return{header:JSON.parse(a.decode(e[1])),payload:JSON.parse(a.decode(e[2])),signature:e[3],data:e[1]+"."+e[2]};throw new Error("Incorrect format JWT")}module.exports={SimpleSigner:function(r){var e=f.keyFromPrivate(r);return function(r){try{var t=e.sign(c(r)),n=t.s,o=t.recoveryParam;return Promise.resolve({r:d(t.r.toString("hex")),s:d(n.toString("hex")),recoveryParam:o})}catch(r){return Promise.reject(r)}}},NaclSigner:function(r){var e=o.decodeBase64(r);return function(r){try{return Promise.resolve(a.encode(n.sign.detached(o.decodeUTF8(r),e)))}catch(r){return Promise.reject(r)}}},verifyJWT:function(r,e){void 0===e&&(e={});try{var t=e.audience?S(e.audience):void 0,n=P(r),o=n.payload,i=n.header,a=n.signature,c=n.data;return Promise.resolve(function(r,e,t){try{var n=g[r];if(!n\|\|0===n.length)throw new Error("No supported signature types for algorithm "+r);var o=S(e);return Promise.resolve(u(o)).then(function(e){if(!e)throw new Error("Unable to resolve DID document for "+o);var i=!t\|\|(e.authentication\|\|[]).map(function(r){return r.publicKey}),a=(e.publicKey\|\|[]).filter(function(r){var e=r.type,o=r.id;return n.find(function(r){return r===e&&(!t\|\|i.indexOf(o)>=0)})});if(t&&(!a\|\|0===a.length))throw new Error("DID document for "+o+" does not have public keys suitable for authenticationg user");if(!a\|\|0===a.length)throw new Error("DID document for "+o+" does not have public keys for "+r);return{authenticators:a,issuer:o,doc:e}})}catch(r){return Promise.reject(r)}}(i.alg,o.iss,e.auth)).then(function(n){var u,s=n.doc,f=n.authenticators,d=n.issuer,h=v(i.alg)(c,a,f),l=Math.floor(Date.now()/1e3);if(h){if(o.iat&&o.iat>l+300)throw new Error("JWT not valid yet (issued in the future): iat: "+o.iat+" > now: "+l);if(o.exp&&o.exp<=l-300)throw new Error("JWT has expired: exp: "+o.exp+" < now: "+l);if(o.aud)if((u=o.aud)&&(u.match(/^did:/)\|\|b(u))){if(!t)throw new Error("JWT audience is required but your app address has not been configured");if(t!==S(o.aud))throw new Error("JWT audience does not match your DID: aud: "+o.aud+" !== yours: "+t)}else{if(!e.callbackUrl)throw new Error("JWT audience matching your callback url is required but one wasn't passed in");if(o.aud!==e.callbackUrl)throw new Error("JWT audience does not match the callback url: aud: "+o.aud+" !== url: "+e.callbackUrl)}return{payload:o,doc:s,issuer:d,signer:h,jwt:r}}throw new Error("Signature invalid for JWT")})}catch(r){return Promise.reject(r)}},createJWT:function(r,e){var t=e.issuer,n=e.signer,o=e.alg,i=e.expiresIn;try{if(!n)throw new Error("No Signer functionality has been configured");if(!t)throw new Error("No issuing DID has been configured");var a=Object.assign({},y,{alg:o\|\|"ES256K"}),u={iat:Math.floor(Date.now()/1e3)};if(i){if("number"!=typeof i)throw new Error("JWT expiresIn is not a number");u.exp=u.iat+Math.floor(i)}var c=[E(a),E(Object.assign({},u,r,{iss:S(t)}))].join("."),s=function(r){var e=w[r];if(!e)throw new Error("Unsupported algorithm "+r);return e}(a.alg);return Promise.resolve(s(c,n)).then(function(r){return[c,r].join(".")})}catch(r){return Promise.reject(r)}},decodeJWT:P,toEthereumAddress:s};
		//# sourceMappingURL=index.esm.js.map

lib/index.js

		@@ -1,2 +0,2 @@
		function r(r){return r&&"object"==typeof r&&"default"in r?r.default:r}var e=require("js-sha256"),t=require("js-sha3"),n=require("elliptic-lite"),o=r(require("tweetnacl")),i=r(require("tweetnacl-util")),a=require("buffer"),u=r(require("base64url")),c=r(require("did-resolver"));function f(r){return a.Buffer.from(e.sha256.arrayBuffer(r))}function s(r){return"0x"+(e=a.Buffer.from(r.slice(2),"hex"),a.Buffer.from(t.keccak_256.buffer(e))).slice(-20).toString("hex");var e}var d=new n.EC;function h(r,e){return void 0===e&&(e=64),r.length===e?r:"0".repeat(e-r.length)+r}var l=new n.EC;function v(r,e){void 0===e&&(e=!1);var t=u.toBuffer(r);if(t.length!==(e?65:64))throw new Error("wrong signature length");var n={r:t.slice(0,32).toString("hex"),s:t.slice(32,64).toString("hex")};return e&&(n.recoveryParam=t[64]),n}var w={ES256K:function(r,e,t){var n=f(r),o=v(e);return t.find(function(r){return l.keyFromPublic(r.publicKeyHex,"hex").verify(n,o)})},"ES256K-R":function(r,e,t){var n=v(e,!0),o=f(r),i=l.recoverPubKey(o,n,n.recoveryParam),a=i.encode("hex"),u=i.encode("hex",!0),c=s(a);return t.find(function(r){var e=r.publicKeyHex;return e===a\|\|e===u\|\|r.ethereumAddress===c})},Ed25519:function(r,e,t){var n=i.decodeUTF8(r),a=i.decodeBase64(u.toBase64(e));return t.find(function(r){return o.sign.detached.verify(n,a,i.decodeBase64(r.publicKeyBase64))})}};function y(r){var e=w[r];if(!e)throw new Error("Unsupported algorithm "+r);return e}function g(r){function e(e){var t=e.r,n=e.s,o=e.recoveryParam,i=a.Buffer.alloc(r?65:64);if(a.Buffer.from(t,"hex").copy(i,0),a.Buffer.from(n,"hex").copy(i,32),r){if(void 0===o)throw new Error("Signer did not return a recoveryParam");i[64]=o}return u.encode(i)}return void 0===r&&(r=!1),function(r,t){try{return Promise.resolve(t(r)).then(e)}catch(r){return Promise.reject(r)}}}y.toSignatureObject=v;var m={ES256K:g(),"ES256K-R":g(!0),Ed25519:function(r,e){try{return Promise.resolve(e(r))}catch(r){return Promise.reject(r)}}},p={ES256K:["Secp256k1VerificationKey2018","Secp256k1SignatureVerificationKey2018","EcdsaPublicKeySecp256k1"],"ES256K-R":["Secp256k1VerificationKey2018","Secp256k1SignatureVerificationKey2018","EcdsaPublicKeySecp256k1"],Ed25519:["ED25519SignatureVerification"]},E={typ:"JWT"};function b(r){return u.encode(JSON.stringify(r))}function S(r){return r.match(/^[123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz]+$/)}function P(r){if(r.match(/^did:/))return r;if(S(r))return"did:uport:"+r;throw new Error("Not a valid DID '"+r+"'")}function x(r){if(!r)throw new Error("Missing JWT");var e=r.match(/^([a-zA-Z0-9_-]+)\.([a-zA-Z0-9_-]+)\.([a-zA-Z0-9_-]+)$/);if(e)return{header:JSON.parse(u.decode(e[1])),payload:JSON.parse(u.decode(e[2])),signature:e[3],data:e[1]+"."+e[2]};throw new Error("Incorrect format JWT")}module.exports={SimpleSigner:function(r){var e=d.keyFromPrivate(r);return function(r){try{var t=e.sign(f(r)),n=t.s,o=t.recoveryParam;return Promise.resolve({r:h(t.r.toString("hex")),s:h(n.toString("hex")),recoveryParam:o})}catch(r){return Promise.reject(r)}}},NaclSigner:function(r){var e=i.decodeBase64(r);return function(r){try{return Promise.resolve(u.encode(o.sign.detached(i.decodeUTF8(r),e)))}catch(r){return Promise.reject(r)}}},verifyJWT:function(r,e){void 0===e&&(e={});try{var t=e.audience?P(e.audience):void 0,n=x(r),o=n.payload,i=n.header,a=n.signature,u=n.data;return Promise.resolve(function(r,e,t){try{var n=p[r];if(!n\|\|0===n.length)throw new Error("No supported signature types for algorithm "+r);var o=P(e);return Promise.resolve(c(o)).then(function(e){if(!e)throw new Error("Unable to resolve DID document for "+o);var i=!t\|\|(e.authentication\|\|[]).map(function(r){return r.publicKey}),a=(e.publicKey\|\|[]).filter(function(r){var e=r.type,o=r.id;return n.find(function(r){return r===e&&(!t\|\|i.indexOf(o)>=0)})});if(t&&(!a\|\|0===a.length))throw new Error("DID document for "+o+" does not have public keys suitable for authenticationg user");if(!a\|\|0===a.length)throw new Error("DID document for "+o+" does not have public keys for "+r);return{authenticators:a,issuer:o,doc:e}})}catch(r){return Promise.reject(r)}}(i.alg,o.iss,e.auth)).then(function(n){var c,f=n.doc,s=n.authenticators,d=n.issuer,h=y(i.alg)(u,a,s),l=Math.floor(Date.now()/1e3);if(h){if(o.iat&&o.iat>l+300)throw new Error("JWT not valid yet (issued in the future): iat: "+o.iat+" > now: "+l);if(o.exp&&o.exp<=l-300)throw new Error("JWT has expired: exp: "+o.exp+" < now: "+l);if(o.aud)if((c=o.aud)&&(c.match(/^did:/)\|\|S(c))){if(!t)throw new Error("JWT audience is required but your app address has not been configured");if(t!==P(o.aud))throw new Error("JWT audience does not match your DID: aud: "+o.aud+" !== yours: "+t)}else{if(!e.callbackUrl)throw new Error("JWT audience matching your callback url is required but one wasn't passed in");if(o.aud!==e.callbackUrl)throw new Error("JWT audience does not match the callback url: aud: "+o.aud+" !== url: "+e.callbackUrl)}return{payload:o,doc:f,issuer:d,signer:h,jwt:r}}throw new Error("Signature invalid for JWT")})}catch(r){return Promise.reject(r)}},createJWT:function(r,e){var t=e.issuer,n=e.signer,o=e.alg,i=e.expiresIn;try{if(!n)throw new Error("No Signer functionality has been configured");if(!t)throw new Error("No issuing DID has been configured");var a=Object.assign({},E,{alg:o\|\|"ES256K"}),u={iat:Math.floor(Date.now()/1e3)};if(i){if("number"!=typeof i)throw new Error("JWT expiresIn is not a number");u.exp=u.iat+Math.floor(i)}var c=[b(a),b(Object.assign({},u,r,{iss:P(t)}))].join("."),f=function(r){var e=m[r];if(!e)throw new Error("Unsupported algorithm "+r);return e}(a.alg);return Promise.resolve(f(c,n)).then(function(r){return[c,r].join(".")})}catch(r){return Promise.reject(r)}},decodeJWT:x,toEthereumAddress:s};
		function r(r){return r&&"object"==typeof r&&"default"in r?r.default:r}var e=r(require("hash.js")),t=require("js-sha3"),n=require("elliptic-lite"),i=r(require("tweetnacl")),o=r(require("tweetnacl-util")),a=require("buffer"),u=r(require("base64url")),c=r(require("did-resolver"));function f(r){return a.Buffer.from(e.sha256().update(r).digest())}function s(r){return"0x"+(e=a.Buffer.from(r.slice(2),"hex"),a.Buffer.from(t.keccak_256.buffer(e))).slice(-20).toString("hex");var e}var d=new n.EC;function h(r,e){return void 0===e&&(e=64),r.length===e?r:"0".repeat(e-r.length)+r}var l=new n.EC;function v(r,e){void 0===e&&(e=!1);var t=u.toBuffer(r);if(t.length!==(e?65:64))throw new Error("wrong signature length");var n={r:t.slice(0,32).toString("hex"),s:t.slice(32,64).toString("hex")};return e&&(n.recoveryParam=t[64]),n}var w={ES256K:function(r,e,t){var n=f(r),i=v(e);return t.find(function(r){return l.keyFromPublic(r.publicKeyHex,"hex").verify(n,i)})},"ES256K-R":function(r,e,t){var n=v(e,!0),i=f(r),o=l.recoverPubKey(i,n,n.recoveryParam),a=o.encode("hex"),u=o.encode("hex",!0),c=s(a);return t.find(function(r){var e=r.publicKeyHex;return e===a\|\|e===u\|\|r.ethereumAddress===c})},Ed25519:function(r,e,t){var n=o.decodeUTF8(r),a=o.decodeBase64(u.toBase64(e));return t.find(function(r){return i.sign.detached.verify(n,a,o.decodeBase64(r.publicKeyBase64))})}};function g(r){var e=w[r];if(!e)throw new Error("Unsupported algorithm "+r);return e}function p(r){function e(e){var t=e.r,n=e.s,i=e.recoveryParam,o=a.Buffer.alloc(r?65:64);if(a.Buffer.from(t,"hex").copy(o,0),a.Buffer.from(n,"hex").copy(o,32),r){if(void 0===i)throw new Error("Signer did not return a recoveryParam");o[64]=i}return u.encode(o)}return void 0===r&&(r=!1),function(r,t){try{return Promise.resolve(t(r)).then(e)}catch(r){return Promise.reject(r)}}}g.toSignatureObject=v;var y={ES256K:p(),"ES256K-R":p(!0),Ed25519:function(r,e){try{return Promise.resolve(e(r))}catch(r){return Promise.reject(r)}}},m={ES256K:["Secp256k1VerificationKey2018","Secp256k1SignatureVerificationKey2018","EcdsaPublicKeySecp256k1"],"ES256K-R":["Secp256k1VerificationKey2018","Secp256k1SignatureVerificationKey2018","EcdsaPublicKeySecp256k1"],Ed25519:["ED25519SignatureVerification"]},E={typ:"JWT"};function b(r){return u.encode(JSON.stringify(r))}function S(r){return r.match(/^[123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz]+$/)}function P(r){if(r.match(/^did:/))return r;if(S(r))return"did:uport:"+r;throw new Error("Not a valid DID '"+r+"'")}function x(r){if(!r)throw new Error("Missing JWT");var e=r.match(/^([a-zA-Z0-9_-]+)\.([a-zA-Z0-9_-]+)\.([a-zA-Z0-9_-]+)$/);if(e)return{header:JSON.parse(u.decode(e[1])),payload:JSON.parse(u.decode(e[2])),signature:e[3],data:e[1]+"."+e[2]};throw new Error("Incorrect format JWT")}module.exports={SimpleSigner:function(r){var e=d.keyFromPrivate(r);return function(r){try{var t=e.sign(f(r)),n=t.s,i=t.recoveryParam;return Promise.resolve({r:h(t.r.toString("hex")),s:h(n.toString("hex")),recoveryParam:i})}catch(r){return Promise.reject(r)}}},NaclSigner:function(r){var e=o.decodeBase64(r);return function(r){try{return Promise.resolve(u.encode(i.sign.detached(o.decodeUTF8(r),e)))}catch(r){return Promise.reject(r)}}},verifyJWT:function(r,e){void 0===e&&(e={});try{var t=e.audience?P(e.audience):void 0,n=x(r),i=n.payload,o=n.header,a=n.signature,u=n.data;return Promise.resolve(function(r,e,t){try{var n=m[r];if(!n\|\|0===n.length)throw new Error("No supported signature types for algorithm "+r);var i=P(e);return Promise.resolve(c(i)).then(function(e){if(!e)throw new Error("Unable to resolve DID document for "+i);var o=!t\|\|(e.authentication\|\|[]).map(function(r){return r.publicKey}),a=(e.publicKey\|\|[]).filter(function(r){var e=r.type,i=r.id;return n.find(function(r){return r===e&&(!t\|\|o.indexOf(i)>=0)})});if(t&&(!a\|\|0===a.length))throw new Error("DID document for "+i+" does not have public keys suitable for authenticationg user");if(!a\|\|0===a.length)throw new Error("DID document for "+i+" does not have public keys for "+r);return{authenticators:a,issuer:i,doc:e}})}catch(r){return Promise.reject(r)}}(o.alg,i.iss,e.auth)).then(function(n){var c,f=n.doc,s=n.authenticators,d=n.issuer,h=g(o.alg)(u,a,s),l=Math.floor(Date.now()/1e3);if(h){if(i.iat&&i.iat>l+300)throw new Error("JWT not valid yet (issued in the future): iat: "+i.iat+" > now: "+l);if(i.exp&&i.exp<=l-300)throw new Error("JWT has expired: exp: "+i.exp+" < now: "+l);if(i.aud)if((c=i.aud)&&(c.match(/^did:/)\|\|S(c))){if(!t)throw new Error("JWT audience is required but your app address has not been configured");if(t!==P(i.aud))throw new Error("JWT audience does not match your DID: aud: "+i.aud+" !== yours: "+t)}else{if(!e.callbackUrl)throw new Error("JWT audience matching your callback url is required but one wasn't passed in");if(i.aud!==e.callbackUrl)throw new Error("JWT audience does not match the callback url: aud: "+i.aud+" !== url: "+e.callbackUrl)}return{payload:i,doc:f,issuer:d,signer:h,jwt:r}}throw new Error("Signature invalid for JWT")})}catch(r){return Promise.reject(r)}},createJWT:function(r,e){var t=e.issuer,n=e.signer,i=e.alg,o=e.expiresIn;try{if(!n)throw new Error("No Signer functionality has been configured");if(!t)throw new Error("No issuing DID has been configured");var a=Object.assign({},E,{alg:i\|\|"ES256K"}),u={iat:Math.floor(Date.now()/1e3)};if(o){if("number"!=typeof o)throw new Error("JWT expiresIn is not a number");u.exp=u.iat+Math.floor(o)}var c=[b(a),b(Object.assign({},u,r,{iss:P(t)}))].join("."),f=function(r){var e=y[r];if(!e)throw new Error("Unsupported algorithm "+r);return e}(a.alg);return Promise.resolve(f(c,n)).then(function(r){return[c,r].join(".")})}catch(r){return Promise.reject(r)}},decodeJWT:x,toEthereumAddress:s};
		//# sourceMappingURL=index.js.map

lib/index.umd.js

		@@ -1,2 +0,2 @@
		!function(e,r){"object"==typeof exports&&"undefined"!=typeof module?r(require("js-sha256"),require("js-sha3"),require("elliptic-lite"),require("tweetnacl"),require("tweetnacl-util"),require("buffer"),require("base64url"),require("did-resolver")):"function"==typeof define&&define.amd?define(["js-sha256","js-sha3","elliptic-lite","tweetnacl","tweetnacl-util","buffer","base64url","did-resolver"],r):r(e.jsSha256,e.jsSha3,e.ellipticLite,e.tweetnacl,e.naclutil,e.buffer,e.base64url,e.resolve)}(this,function(e,r,t,n,i,o,a,u){function c(r){return o.Buffer.from(e.sha256.arrayBuffer(r))}function f(e){return"0x"+(t=o.Buffer.from(e.slice(2),"hex"),o.Buffer.from(r.keccak_256.buffer(t))).slice(-20).toString("hex");var t}n=n&&n.hasOwnProperty("default")?n.default:n,i=i&&i.hasOwnProperty("default")?i.default:i,a=a&&a.hasOwnProperty("default")?a.default:a,u=u&&u.hasOwnProperty("default")?u.default:u;var s=new t.EC;function d(e,r){return void 0===r&&(r=64),e.length===r?e:"0".repeat(r-e.length)+e}var l=new t.EC;function h(e,r){void 0===r&&(r=!1);var t=a.toBuffer(e);if(t.length!==(r?65:64))throw new Error("wrong signature length");var n={r:t.slice(0,32).toString("hex"),s:t.slice(32,64).toString("hex")};return r&&(n.recoveryParam=t[64]),n}var v={ES256K:function(e,r,t){var n=c(e),i=h(r);return t.find(function(e){return l.keyFromPublic(e.publicKeyHex,"hex").verify(n,i)})},"ES256K-R":function(e,r,t){var n=h(r,!0),i=c(e),o=l.recoverPubKey(i,n,n.recoveryParam),a=o.encode("hex"),u=o.encode("hex",!0),s=f(a);return t.find(function(e){var r=e.publicKeyHex;return r===a\|\|r===u\|\|e.ethereumAddress===s})},Ed25519:function(e,r,t){var o=i.decodeUTF8(e),u=i.decodeBase64(a.toBase64(r));return t.find(function(e){return n.sign.detached.verify(o,u,i.decodeBase64(e.publicKeyBase64))})}};function w(e){var r=v[e];if(!r)throw new Error("Unsupported algorithm "+e);return r}function p(e){function r(r){var t=r.r,n=r.s,i=r.recoveryParam,u=o.Buffer.alloc(e?65:64);if(o.Buffer.from(t,"hex").copy(u,0),o.Buffer.from(n,"hex").copy(u,32),e){if(void 0===i)throw new Error("Signer did not return a recoveryParam");u[64]=i}return a.encode(u)}return void 0===e&&(e=!1),function(e,t){try{return Promise.resolve(t(e)).then(r)}catch(e){return Promise.reject(e)}}}w.toSignatureObject=h;var y={ES256K:p(),"ES256K-R":p(!0),Ed25519:function(e,r){try{return Promise.resolve(r(e))}catch(e){return Promise.reject(e)}}},m={ES256K:["Secp256k1VerificationKey2018","Secp256k1SignatureVerificationKey2018","EcdsaPublicKeySecp256k1"],"ES256K-R":["Secp256k1VerificationKey2018","Secp256k1SignatureVerificationKey2018","EcdsaPublicKeySecp256k1"],Ed25519:["ED25519SignatureVerification"]},g={typ:"JWT"};function E(e){return a.encode(JSON.stringify(e))}function b(e){return e.match(/^[123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz]+$/)}function S(e){if(e.match(/^did:/))return e;if(b(e))return"did:uport:"+e;throw new Error("Not a valid DID '"+e+"'")}function P(e){if(!e)throw new Error("Missing JWT");var r=e.match(/^([a-zA-Z0-9_-]+)\.([a-zA-Z0-9_-]+)\.([a-zA-Z0-9_-]+)$/);if(r)return{header:JSON.parse(a.decode(r[1])),payload:JSON.parse(a.decode(r[2])),signature:r[3],data:r[1]+"."+r[2]};throw new Error("Incorrect format JWT")}module.exports={SimpleSigner:function(e){var r=s.keyFromPrivate(e);return function(e){try{var t=r.sign(c(e)),n=t.s,i=t.recoveryParam;return Promise.resolve({r:d(t.r.toString("hex")),s:d(n.toString("hex")),recoveryParam:i})}catch(e){return Promise.reject(e)}}},NaclSigner:function(e){var r=i.decodeBase64(e);return function(e){try{return Promise.resolve(a.encode(n.sign.detached(i.decodeUTF8(e),r)))}catch(e){return Promise.reject(e)}}},verifyJWT:function(e,r){void 0===r&&(r={});try{var t=r.audience?S(r.audience):void 0,n=P(e),i=n.payload,o=n.header,a=n.signature,c=n.data;return Promise.resolve(function(e,r,t){try{var n=m[e];if(!n\|\|0===n.length)throw new Error("No supported signature types for algorithm "+e);var i=S(r);return Promise.resolve(u(i)).then(function(r){if(!r)throw new Error("Unable to resolve DID document for "+i);var o=!t\|\|(r.authentication\|\|[]).map(function(e){return e.publicKey}),a=(r.publicKey\|\|[]).filter(function(e){var r=e.type,i=e.id;return n.find(function(e){return e===r&&(!t\|\|o.indexOf(i)>=0)})});if(t&&(!a\|\|0===a.length))throw new Error("DID document for "+i+" does not have public keys suitable for authenticationg user");if(!a\|\|0===a.length)throw new Error("DID document for "+i+" does not have public keys for "+e);return{authenticators:a,issuer:i,doc:r}})}catch(e){return Promise.reject(e)}}(o.alg,i.iss,r.auth)).then(function(n){var u,f=n.doc,s=n.authenticators,d=n.issuer,l=w(o.alg)(c,a,s),h=Math.floor(Date.now()/1e3);if(l){if(i.iat&&i.iat>h+300)throw new Error("JWT not valid yet (issued in the future): iat: "+i.iat+" > now: "+h);if(i.exp&&i.exp<=h-300)throw new Error("JWT has expired: exp: "+i.exp+" < now: "+h);if(i.aud)if((u=i.aud)&&(u.match(/^did:/)\|\|b(u))){if(!t)throw new Error("JWT audience is required but your app address has not been configured");if(t!==S(i.aud))throw new Error("JWT audience does not match your DID: aud: "+i.aud+" !== yours: "+t)}else{if(!r.callbackUrl)throw new Error("JWT audience matching your callback url is required but one wasn't passed in");if(i.aud!==r.callbackUrl)throw new Error("JWT audience does not match the callback url: aud: "+i.aud+" !== url: "+r.callbackUrl)}return{payload:i,doc:f,issuer:d,signer:l,jwt:e}}throw new Error("Signature invalid for JWT")})}catch(e){return Promise.reject(e)}},createJWT:function(e,r){var t=r.issuer,n=r.signer,i=r.alg,o=r.expiresIn;try{if(!n)throw new Error("No Signer functionality has been configured");if(!t)throw new Error("No issuing DID has been configured");var a=Object.assign({},g,{alg:i\|\|"ES256K"}),u={iat:Math.floor(Date.now()/1e3)};if(o){if("number"!=typeof o)throw new Error("JWT expiresIn is not a number");u.exp=u.iat+Math.floor(o)}var c=[E(a),E(Object.assign({},u,e,{iss:S(t)}))].join("."),f=function(e){var r=y[e];if(!r)throw new Error("Unsupported algorithm "+e);return r}(a.alg);return Promise.resolve(f(c,n)).then(function(e){return[c,e].join(".")})}catch(e){return Promise.reject(e)}},decodeJWT:P,toEthereumAddress:f}});
		!function(e,r){"object"==typeof exports&&"undefined"!=typeof module?r(require("hash.js"),require("js-sha3"),require("elliptic-lite"),require("tweetnacl"),require("tweetnacl-util"),require("buffer"),require("base64url"),require("did-resolver")):"function"==typeof define&&define.amd?define(["hash.js","js-sha3","elliptic-lite","tweetnacl","tweetnacl-util","buffer","base64url","did-resolver"],r):r(e.hash,e.jsSha3,e.ellipticLite,e.tweetnacl,e.naclutil,e.buffer,e.base64url,e.resolve)}(this,function(e,r,t,n,i,o,a,u){function c(r){return o.Buffer.from(e.sha256().update(r).digest())}function f(e){return"0x"+(t=o.Buffer.from(e.slice(2),"hex"),o.Buffer.from(r.keccak_256.buffer(t))).slice(-20).toString("hex");var t}e=e&&e.hasOwnProperty("default")?e.default:e,n=n&&n.hasOwnProperty("default")?n.default:n,i=i&&i.hasOwnProperty("default")?i.default:i,a=a&&a.hasOwnProperty("default")?a.default:a,u=u&&u.hasOwnProperty("default")?u.default:u;var s=new t.EC;function d(e,r){return void 0===r&&(r=64),e.length===r?e:"0".repeat(r-e.length)+e}var l=new t.EC;function h(e,r){void 0===r&&(r=!1);var t=a.toBuffer(e);if(t.length!==(r?65:64))throw new Error("wrong signature length");var n={r:t.slice(0,32).toString("hex"),s:t.slice(32,64).toString("hex")};return r&&(n.recoveryParam=t[64]),n}var w={ES256K:function(e,r,t){var n=c(e),i=h(r);return t.find(function(e){return l.keyFromPublic(e.publicKeyHex,"hex").verify(n,i)})},"ES256K-R":function(e,r,t){var n=h(r,!0),i=c(e),o=l.recoverPubKey(i,n,n.recoveryParam),a=o.encode("hex"),u=o.encode("hex",!0),s=f(a);return t.find(function(e){var r=e.publicKeyHex;return r===a\|\|r===u\|\|e.ethereumAddress===s})},Ed25519:function(e,r,t){var o=i.decodeUTF8(e),u=i.decodeBase64(a.toBase64(r));return t.find(function(e){return n.sign.detached.verify(o,u,i.decodeBase64(e.publicKeyBase64))})}};function v(e){var r=w[e];if(!r)throw new Error("Unsupported algorithm "+e);return r}function p(e){function r(r){var t=r.r,n=r.s,i=r.recoveryParam,u=o.Buffer.alloc(e?65:64);if(o.Buffer.from(t,"hex").copy(u,0),o.Buffer.from(n,"hex").copy(u,32),e){if(void 0===i)throw new Error("Signer did not return a recoveryParam");u[64]=i}return a.encode(u)}return void 0===e&&(e=!1),function(e,t){try{return Promise.resolve(t(e)).then(r)}catch(e){return Promise.reject(e)}}}v.toSignatureObject=h;var y={ES256K:p(),"ES256K-R":p(!0),Ed25519:function(e,r){try{return Promise.resolve(r(e))}catch(e){return Promise.reject(e)}}},g={ES256K:["Secp256k1VerificationKey2018","Secp256k1SignatureVerificationKey2018","EcdsaPublicKeySecp256k1"],"ES256K-R":["Secp256k1VerificationKey2018","Secp256k1SignatureVerificationKey2018","EcdsaPublicKeySecp256k1"],Ed25519:["ED25519SignatureVerification"]},m={typ:"JWT"};function E(e){return a.encode(JSON.stringify(e))}function b(e){return e.match(/^[123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz]+$/)}function S(e){if(e.match(/^did:/))return e;if(b(e))return"did:uport:"+e;throw new Error("Not a valid DID '"+e+"'")}function P(e){if(!e)throw new Error("Missing JWT");var r=e.match(/^([a-zA-Z0-9_-]+)\.([a-zA-Z0-9_-]+)\.([a-zA-Z0-9_-]+)$/);if(r)return{header:JSON.parse(a.decode(r[1])),payload:JSON.parse(a.decode(r[2])),signature:r[3],data:r[1]+"."+r[2]};throw new Error("Incorrect format JWT")}module.exports={SimpleSigner:function(e){var r=s.keyFromPrivate(e);return function(e){try{var t=r.sign(c(e)),n=t.s,i=t.recoveryParam;return Promise.resolve({r:d(t.r.toString("hex")),s:d(n.toString("hex")),recoveryParam:i})}catch(e){return Promise.reject(e)}}},NaclSigner:function(e){var r=i.decodeBase64(e);return function(e){try{return Promise.resolve(a.encode(n.sign.detached(i.decodeUTF8(e),r)))}catch(e){return Promise.reject(e)}}},verifyJWT:function(e,r){void 0===r&&(r={});try{var t=r.audience?S(r.audience):void 0,n=P(e),i=n.payload,o=n.header,a=n.signature,c=n.data;return Promise.resolve(function(e,r,t){try{var n=g[e];if(!n\|\|0===n.length)throw new Error("No supported signature types for algorithm "+e);var i=S(r);return Promise.resolve(u(i)).then(function(r){if(!r)throw new Error("Unable to resolve DID document for "+i);var o=!t\|\|(r.authentication\|\|[]).map(function(e){return e.publicKey}),a=(r.publicKey\|\|[]).filter(function(e){var r=e.type,i=e.id;return n.find(function(e){return e===r&&(!t\|\|o.indexOf(i)>=0)})});if(t&&(!a\|\|0===a.length))throw new Error("DID document for "+i+" does not have public keys suitable for authenticationg user");if(!a\|\|0===a.length)throw new Error("DID document for "+i+" does not have public keys for "+e);return{authenticators:a,issuer:i,doc:r}})}catch(e){return Promise.reject(e)}}(o.alg,i.iss,r.auth)).then(function(n){var u,f=n.doc,s=n.authenticators,d=n.issuer,l=v(o.alg)(c,a,s),h=Math.floor(Date.now()/1e3);if(l){if(i.iat&&i.iat>h+300)throw new Error("JWT not valid yet (issued in the future): iat: "+i.iat+" > now: "+h);if(i.exp&&i.exp<=h-300)throw new Error("JWT has expired: exp: "+i.exp+" < now: "+h);if(i.aud)if((u=i.aud)&&(u.match(/^did:/)\|\|b(u))){if(!t)throw new Error("JWT audience is required but your app address has not been configured");if(t!==S(i.aud))throw new Error("JWT audience does not match your DID: aud: "+i.aud+" !== yours: "+t)}else{if(!r.callbackUrl)throw new Error("JWT audience matching your callback url is required but one wasn't passed in");if(i.aud!==r.callbackUrl)throw new Error("JWT audience does not match the callback url: aud: "+i.aud+" !== url: "+r.callbackUrl)}return{payload:i,doc:f,issuer:d,signer:l,jwt:e}}throw new Error("Signature invalid for JWT")})}catch(e){return Promise.reject(e)}},createJWT:function(e,r){var t=r.issuer,n=r.signer,i=r.alg,o=r.expiresIn;try{if(!n)throw new Error("No Signer functionality has been configured");if(!t)throw new Error("No issuing DID has been configured");var a=Object.assign({},m,{alg:i\|\|"ES256K"}),u={iat:Math.floor(Date.now()/1e3)};if(o){if("number"!=typeof o)throw new Error("JWT expiresIn is not a number");u.exp=u.iat+Math.floor(o)}var c=[E(a),E(Object.assign({},u,e,{iss:S(t)}))].join("."),f=function(e){var r=y[e];if(!r)throw new Error("Unsupported algorithm "+e);return r}(a.alg);return Promise.resolve(f(c,n)).then(function(e){return[c,e].join(".")})}catch(e){return Promise.reject(e)}},decodeJWT:P,toEthereumAddress:f}});
		//# sourceMappingURL=index.umd.js.map

package.json

		{
		"name": "did-jwt",
		"version": "0.2.0-alpha5",
		"version": "0.2.0-alpha6",
		"description": "Library for Signing and Verifying JWTs compatible uPort and DID standards",
		@@ -66,3 +66,3 @@ "main": "lib/index.js",
		"elliptic-lite": "^1.0.0-alpha-experimental-1",
		"js-sha256": "^0.9.0",
		"hash.js": "^1.1.7",
		"js-sha3": "^0.8.0",
		@@ -69,0 +69,0 @@ "tweetnacl": "^1.0.1",

src/Digest.js

		@@ -1,2 +0,2 @@
		import { sha256 as sha256js } from 'js-sha256'
		import hash from 'hash.js'
		import { keccak_256 } from 'js-sha3' // eslint-disable-line
		@@ -6,3 +6,3 @@ import { Buffer } from 'buffer'
		export function sha256 (payload) {
		return Buffer.from(sha256js.arrayBuffer(payload))
		return Buffer.from(hash.sha256().update(payload).digest())
		}
		@@ -9,0 +9,0 @@

lib/index.esm.js.map

Sorry, the diff of this file is not supported yet

lib/index.js.map

Sorry, the diff of this file is not supported yet

lib/index.umd.js.map

Sorry, the diff of this file is not supported yet

did-jwt - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Dependency changes