express-jwt
Advanced tools
Comparing version 8.2.0 to 8.2.1
@@ -1,5 +0,5 @@ | ||
export declare type ErrorLike = Error | { | ||
export type ErrorLike = Error | { | ||
message: string; | ||
}; | ||
declare type ErrorCode = 'credentials_bad_scheme' | 'credentials_bad_format' | 'credentials_required' | 'invalid_token' | 'revoked_token'; | ||
type ErrorCode = 'credentials_bad_scheme' | 'credentials_bad_format' | 'credentials_required' | 'invalid_token' | 'revoked_token'; | ||
export declare class UnauthorizedError extends Error { | ||
@@ -6,0 +6,0 @@ readonly status: number; |
@@ -8,24 +8,24 @@ import * as jwt from 'jsonwebtoken'; | ||
*/ | ||
export declare type GetVerificationKey = (req: express.Request, token: jwt.Jwt | undefined) => jwt.Secret | undefined | Promise<jwt.Secret | undefined>; | ||
export type GetVerificationKey = (req: express.Request, token: jwt.Jwt | undefined) => jwt.Secret | undefined | Promise<jwt.Secret | undefined>; | ||
/** | ||
* @deprecated use GetVerificationKey | ||
*/ | ||
export declare type SecretCallback = GetVerificationKey; | ||
export type SecretCallback = GetVerificationKey; | ||
/** | ||
* @deprecated use GetVerificationKey | ||
*/ | ||
export declare type SecretCallbackLong = GetVerificationKey; | ||
export type SecretCallbackLong = GetVerificationKey; | ||
/** | ||
* A function to check if a token is revoked | ||
*/ | ||
export declare type IsRevoked = (req: express.Request, token: jwt.Jwt | undefined) => boolean | Promise<boolean>; | ||
export type IsRevoked = (req: express.Request, token: jwt.Jwt | undefined) => boolean | Promise<boolean>; | ||
/** | ||
* A function to check if a token is revoked | ||
*/ | ||
export declare type ExpirationHandler = (req: express.Request, err: UnauthorizedError) => void | Promise<void>; | ||
export type ExpirationHandler = (req: express.Request, err: UnauthorizedError) => void | Promise<void>; | ||
/** | ||
* A function to customize how a token is retrieved from the express request. | ||
*/ | ||
export declare type TokenGetter = (req: express.Request) => string | Promise<string> | undefined; | ||
export declare type Params = { | ||
export type TokenGetter = (req: express.Request) => string | Promise<string> | undefined; | ||
export type Params = { | ||
/** | ||
@@ -69,3 +69,3 @@ * The Key or a function to retrieve the key used to verify the JWT. | ||
*/ | ||
export declare type ExpressJwtRequest<T = jwt.JwtPayload> = express.Request & { | ||
export type ExpressJwtRequest<T = jwt.JwtPayload> = express.Request & { | ||
auth: T; | ||
@@ -76,3 +76,3 @@ }; | ||
*/ | ||
export declare type ExpressJwtRequestUnrequired<T = jwt.JwtPayload> = express.Request & { | ||
export type ExpressJwtRequestUnrequired<T = jwt.JwtPayload> = express.Request & { | ||
auth?: T; | ||
@@ -83,3 +83,3 @@ }; | ||
*/ | ||
export declare type Request<T = jwt.JwtPayload> = express.Request & { | ||
export type Request<T = jwt.JwtPayload> = express.Request & { | ||
auth?: T; | ||
@@ -86,0 +86,0 @@ }; |
@@ -17,3 +17,3 @@ "use strict"; | ||
if (f) throw new TypeError("Generator is already executing."); | ||
while (_) try { | ||
while (g && (g = 0, op[0] && (_ = 0)), _) try { | ||
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; | ||
@@ -20,0 +20,0 @@ if (y = 0, t) op = [op[0] & 2, t.value]; |
{ | ||
"name": "express-jwt", | ||
"version": "8.2.0", | ||
"version": "8.2.1", | ||
"description": "JWT authentication middleware.", | ||
@@ -36,3 +36,3 @@ "keywords": [ | ||
"dependencies": { | ||
"@types/jsonwebtoken": "^8.5.8", | ||
"@types/jsonwebtoken": "^9", | ||
"express-unless": "^2.1.3", | ||
@@ -39,0 +39,0 @@ "jsonwebtoken": "^9.0.0" |
@@ -181,2 +181,15 @@ # express-jwt | ||
### Secret rotation | ||
The getSecret callback could also be used in cases where the same issuer might issue tokens with different keys at certain point: | ||
```js | ||
var getSecret = async function (req, token) { | ||
const { iss } = token.payload; | ||
const { kid } = token.header; | ||
// get the verification key by a given key-id and issuer. | ||
return verificationKey; | ||
}; | ||
``` | ||
### Revoked tokens | ||
@@ -183,0 +196,0 @@ |
27042
320
+ Added@types/jsonwebtoken@9.0.6(transitive)
- Removed@types/jsonwebtoken@8.5.9(transitive)
Updated@types/jsonwebtoken@^9