did-jwt - npm Package Compare versions

Comparing version 6.1.1 to 6.1.2

lib/index.modern.js

@@ -546,3 +546,3 @@ import * as u8a from 'uint8arrays';
 
-    return chain.join(':') === blockchainAccountId;
+    return chain.join(':').toLowerCase() === blockchainAccountId.toLowerCase();
   }
@@ -655,3 +655,3 @@
     const recoveredCompressedPublicKeyHex = recoveredKey.encode('hex', true);
-    const recoveredAddress = toEthereumAddress(recoveredPublicKeyHex);
+    const recoveredAddress = toEthereumAddress(recoveredPublicKeyHex).toLowerCase();
     const signer = authenticators.find(pk => {
@@ -658,0 +658,0 @@ var _pk$ethereumAddress, _pk$blockchainAccount, _pk$blockchainAccount2;

package.json

 {
   "name": "did-jwt",
-  "version": "6.1.1",
+  "version": "6.1.2",
   "description": "Library for Signing and Verifying JWTs that use DIDs as issuers and JWEs that use DIDs as recipients",
@@ -64,2 +64,3 @@ "type": "module",
     "@babel/preset-typescript": "7.17.12",
+    "@ethersproject/address": "5.6.1",
     "@semantic-release/changelog": "6.0.1",
@@ -66,0 +67,0 @@ "@semantic-release/git": "10.0.1",

src/__tests__/JWT.test.ts

@@ -6,2 +6,3 @@ import { hexToBytes, base64ToBytes } from '../util'
 import { fromString } from 'uint8arrays/from-string'
+import { getAddress } from '@ethersproject/address'
 import {
@@ -553,2 +554,23 @@ createJWS,
 
+  it('handles ES256K-R algorithm with checksum address in blockchainAccountId - github #231', async () => {
+    expect.assertions(1)
+    const verificationMethod = {
+      id: `${did}#keys-1`,
+      type: 'EcdsaSecp256k1RecoveryMethod2020',
+      owner: did,
+      blockchainAccountId: `eip155:1:${getAddress(address)}`,
+    }
+    const ethResolver = {
+      resolve: jest.fn().mockReturnValue({
+        didDocument: {
+          id: did,
+          verificationMethod: [verificationMethod],
+        },
+      }),
+    }
+    const jwt = await createJWT({ hello: 'world' }, { issuer: aud, signer: recoverySigner, alg: 'ES256K-R' })
+    const result = await verifyJWT(jwt, { resolver: ethResolver })
+    return expect(result.signer).toEqual(verificationMethod)
+  })
+
   it('accepts a valid exp', async () => {
@@ -555,0 +577,0 @@ expect.assertions(1)

src/blockchains/index.ts

@@ -21,5 +21,5 @@ import { publicKeyToAddress as bip122 } from './bip122'
     }
-    return chain.join(':') === blockchainAccountId
+    return chain.join(':').toLowerCase() === blockchainAccountId.toLowerCase()
   }
   return false
 }

src/VerifierAlgorithm.ts

@@ -115,3 +115,3 @@ import type { SignatureInput } from 'elliptic'
     const recoveredCompressedPublicKeyHex: string = recoveredKey.encode('hex', true)
-    const recoveredAddress: string = toEthereumAddress(recoveredPublicKeyHex)
+    const recoveredAddress: string = toEthereumAddress(recoveredPublicKeyHex).toLowerCase()
 
@@ -118,0 +118,0 @@ const signer: VerificationMethod | undefined = authenticators.find((pk: VerificationMethod) => {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1346143

increased by0.11%

Lines of code

11899

increased by0.18%

Worsened metrics

Dev dependency count

26

increased by4%

No dependency changes