express-oauth2-jwt-bearer
Advanced tools
Comparing version 1.2.0 to 1.3.0
@@ -123,4 +123,4 @@ /// <reference types="node" /> | ||
declare type FunctionValidator = (value: unknown, claims: JWTPayload, header: JWSHeaderParameters) => Promise<boolean> | boolean; | ||
declare type Validator = FunctionValidator | string | false | undefined; | ||
type FunctionValidator = (value: unknown, claims: JWTPayload, header: JWSHeaderParameters) => Promise<boolean> | boolean; | ||
type Validator = FunctionValidator | string | false | undefined; | ||
interface Validators { | ||
@@ -187,8 +187,8 @@ alg: Validator; | ||
declare type JSONPrimitive = string | number | boolean | null; | ||
declare type ClaimChecker = (payload?: JWTPayload) => void; | ||
declare type RequiredScopes<R = ClaimChecker> = (scopes: string | string[]) => R; | ||
declare type ClaimIncludes<R = ClaimChecker> = (claim: string, ...expected: JSONPrimitive[]) => R; | ||
declare type ClaimEquals<R = ClaimChecker> = (claim: string, expected: JSONPrimitive) => R; | ||
declare type ClaimCheck<R = ClaimChecker> = (fn: (payload: JWTPayload) => boolean, errMsg?: string) => R; | ||
type JSONPrimitive = string | number | boolean | null; | ||
type ClaimChecker = (payload?: JWTPayload) => void; | ||
type RequiredScopes<R = ClaimChecker> = (scopes: string | string[]) => R; | ||
type ClaimIncludes<R = ClaimChecker> = (claim: string, ...expected: JSONPrimitive[]) => R; | ||
type ClaimEquals<R = ClaimChecker> = (claim: string, expected: JSONPrimitive) => R; | ||
type ClaimCheck<R = ClaimChecker> = (fn: (payload: JWTPayload) => boolean, errMsg?: string) => R; | ||
@@ -207,3 +207,4 @@ declare global { | ||
declare const requiredScopes: RequiredScopes<Handler>; | ||
declare const scopeIncludesAny: RequiredScopes<Handler>; | ||
export { JwtVerifierOptions as AuthOptions, VerifyJwtResult as AuthResult, FunctionValidator, InsufficientScopeError, InvalidRequestError, InvalidTokenError, JSONPrimitive, JWSHeaderParameters as JWTHeader, JWTPayload, UnauthorizedError, Validator, Validators, auth, claimCheck, claimEquals, claimIncludes, requiredScopes }; | ||
export { JwtVerifierOptions as AuthOptions, VerifyJwtResult as AuthResult, FunctionValidator, InsufficientScopeError, InvalidRequestError, InvalidTokenError, JSONPrimitive, JWSHeaderParameters as JWTHeader, JWTPayload, UnauthorizedError, Validator, Validators, auth, claimCheck, claimEquals, claimIncludes, requiredScopes, scopeIncludesAny }; |
@@ -284,3 +284,3 @@ 'use strict'; | ||
}; | ||
const isClaimIncluded = (claim, expected) => (payload) => { | ||
const isClaimIncluded = (claim, expected, matchAll = true) => (payload) => { | ||
if (!(claim in payload)) { | ||
@@ -297,3 +297,5 @@ throw new InvalidTokenError(`Missing '${claim}' claim`); | ||
actual = new Set(actual); | ||
return expected.every(Set.prototype.has.bind(actual)); | ||
return matchAll | ||
? expected.every(Set.prototype.has.bind(actual)) | ||
: expected.some(Set.prototype.has.bind(actual)); | ||
}; | ||
@@ -318,2 +320,20 @@ const requiredScopes$1 = (scopes) => { | ||
}; | ||
const scopeIncludesAny$1 = (scopes) => { | ||
if (typeof scopes === 'string') { | ||
scopes = scopes.split(' '); | ||
} | ||
else if (!Array.isArray(scopes)) { | ||
throw new TypeError("'scopes' must be a string or array of strings"); | ||
} | ||
const fn = isClaimIncluded('scope', scopes, false); | ||
return claimCheck$1((payload) => { | ||
if (!('scope' in payload)) { | ||
throw new InsufficientScopeError(scopes, "Missing 'scope' claim"); | ||
} | ||
if (!fn(payload)) { | ||
throw new InsufficientScopeError(scopes); | ||
} | ||
return true; | ||
}); | ||
}; | ||
const claimIncludes$1 = (claim, ...expected) => { | ||
@@ -379,2 +399,3 @@ if (typeof claim !== 'string') { | ||
const requiredScopes = (...args) => toHandler(requiredScopes$1(...args)); | ||
const scopeIncludesAny = (...args) => toHandler(scopeIncludesAny$1(...args)); | ||
@@ -390,1 +411,2 @@ exports.InsufficientScopeError = InsufficientScopeError; | ||
exports.requiredScopes = requiredScopes; | ||
exports.scopeIncludesAny = scopeIncludesAny; |
{ | ||
"name": "express-oauth2-jwt-bearer", | ||
"description": "Authentication middleware for Express.js that validates JWT bearer access tokens.", | ||
"version": "1.2.0", | ||
"version": "1.3.0", | ||
"main": "dist/index.js", | ||
@@ -6,0 +6,0 @@ "types": "dist/index.d.ts", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
30430
577