express-jwt
Advanced tools
Comparing version 8.2.0 to 8.2.1
@@ -1,5 +0,5 @@ | ||
| export declare type ErrorLike = Error | { | ||
| export type ErrorLike = Error | { | ||
| message: string; | ||
| }; | ||
| declare type ErrorCode = 'credentials_bad_scheme' | 'credentials_bad_format' | 'credentials_required' | 'invalid_token' | 'revoked_token'; | ||
| type ErrorCode = 'credentials_bad_scheme' | 'credentials_bad_format' | 'credentials_required' | 'invalid_token' | 'revoked_token'; | ||
| export declare class UnauthorizedError extends Error { | ||
@@ -6,0 +6,0 @@ readonly status: number; |
@@ -8,24 +8,24 @@ import * as jwt from 'jsonwebtoken'; | ||
| */ | ||
| export declare type GetVerificationKey = (req: express.Request, token: jwt.Jwt | undefined) => jwt.Secret | undefined | Promise<jwt.Secret | undefined>; | ||
| export type GetVerificationKey = (req: express.Request, token: jwt.Jwt | undefined) => jwt.Secret | undefined | Promise<jwt.Secret | undefined>; | ||
| /** | ||
| * @deprecated use GetVerificationKey | ||
| */ | ||
| export declare type SecretCallback = GetVerificationKey; | ||
| export type SecretCallback = GetVerificationKey; | ||
| /** | ||
| * @deprecated use GetVerificationKey | ||
| */ | ||
| export declare type SecretCallbackLong = GetVerificationKey; | ||
| export type SecretCallbackLong = GetVerificationKey; | ||
| /** | ||
| * A function to check if a token is revoked | ||
| */ | ||
| export declare type IsRevoked = (req: express.Request, token: jwt.Jwt | undefined) => boolean | Promise<boolean>; | ||
| export type IsRevoked = (req: express.Request, token: jwt.Jwt | undefined) => boolean | Promise<boolean>; | ||
| /** | ||
| * A function to check if a token is revoked | ||
| */ | ||
| export declare type ExpirationHandler = (req: express.Request, err: UnauthorizedError) => void | Promise<void>; | ||
| export type ExpirationHandler = (req: express.Request, err: UnauthorizedError) => void | Promise<void>; | ||
| /** | ||
| * A function to customize how a token is retrieved from the express request. | ||
| */ | ||
| export declare type TokenGetter = (req: express.Request) => string | Promise<string> | undefined; | ||
| export declare type Params = { | ||
| export type TokenGetter = (req: express.Request) => string | Promise<string> | undefined; | ||
| export type Params = { | ||
| /** | ||
@@ -69,3 +69,3 @@ * The Key or a function to retrieve the key used to verify the JWT. | ||
| */ | ||
| export declare type ExpressJwtRequest<T = jwt.JwtPayload> = express.Request & { | ||
| export type ExpressJwtRequest<T = jwt.JwtPayload> = express.Request & { | ||
| auth: T; | ||
@@ -76,3 +76,3 @@ }; | ||
| */ | ||
| export declare type ExpressJwtRequestUnrequired<T = jwt.JwtPayload> = express.Request & { | ||
| export type ExpressJwtRequestUnrequired<T = jwt.JwtPayload> = express.Request & { | ||
| auth?: T; | ||
@@ -83,3 +83,3 @@ }; | ||
| */ | ||
| export declare type Request<T = jwt.JwtPayload> = express.Request & { | ||
| export type Request<T = jwt.JwtPayload> = express.Request & { | ||
| auth?: T; | ||
@@ -86,0 +86,0 @@ }; |
@@ -17,3 +17,3 @@ "use strict"; | ||
| if (f) throw new TypeError("Generator is already executing."); | ||
| while (_) try { | ||
| while (g && (g = 0, op[0] && (_ = 0)), _) try { | ||
| if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; | ||
@@ -20,0 +20,0 @@ if (y = 0, t) op = [op[0] & 2, t.value]; |
| { | ||
| "name": "express-jwt", | ||
| "version": "8.2.0", | ||
| "version": "8.2.1", | ||
| "description": "JWT authentication middleware.", | ||
@@ -36,3 +36,3 @@ "keywords": [ | ||
| "dependencies": { | ||
| "@types/jsonwebtoken": "^8.5.8", | ||
| "@types/jsonwebtoken": "^9", | ||
| "express-unless": "^2.1.3", | ||
@@ -39,0 +39,0 @@ "jsonwebtoken": "^9.0.0" |
@@ -181,2 +181,15 @@ # express-jwt | ||
| ### Secret rotation | ||
| The getSecret callback could also be used in cases where the same issuer might issue tokens with different keys at certain point: | ||
| ```js | ||
| var getSecret = async function (req, token) { | ||
| const { iss } = token.payload; | ||
| const { kid } = token.header; | ||
| // get the verification key by a given key-id and issuer. | ||
| return verificationKey; | ||
| }; | ||
| ``` | ||
| ### Revoked tokens | ||
@@ -183,0 +196,0 @@ |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by1.1%
27042
- Number of lines in readme file
- increased by4.23%
320
Dependency changes
+ Added@types/jsonwebtoken@9.0.6(transitive)
- Removed@types/jsonwebtoken@8.5.9(transitive)
Updated@types/jsonwebtoken@^9