Comparing version 8.3.1 to 9.0.0
{ | ||
"name": "get-jwks", | ||
"version": "8.3.1", | ||
"version": "9.0.0", | ||
"description": "Fetch utils for JWKS keys", | ||
@@ -5,0 +5,0 @@ "main": "src/get-jwks.js", |
@@ -9,8 +9,11 @@ 'use strict' | ||
const ONE_MINUTE = 60 * 1000 | ||
const FIVE_SECONDS = 5 * 1000 | ||
function ensureTrailingSlash(domain) { | ||
return domain.endsWith('/') ? domain : `${domain}/` | ||
return domain[domain.length - 1] === '/' ? domain : `${domain}/` | ||
} | ||
function ensureNoLeadingSlash(path) { | ||
return path.startsWith('/') ? path.substring(1) : path | ||
return path[0] === '/' ? path.substring(1) : path | ||
} | ||
@@ -20,5 +23,5 @@ | ||
const max = options.max || 100 | ||
const ttl = options.ttl || 60 * 1000 /* 1 minute */ | ||
const timeout = options.timeout || 5 * 1000 /* 5 seconds */ | ||
const issuersWhitelist = (options.issuersWhitelist || options.allowedDomains || []).map(ensureTrailingSlash) | ||
const ttl = options.ttl || ONE_MINUTE | ||
const timeout = options.timeout || FIVE_SECONDS | ||
const issuersWhitelist = (options.issuersWhitelist || []).map(ensureTrailingSlash) | ||
const checkIssuer = options.checkIssuer | ||
@@ -88,3 +91,3 @@ const providerDiscovery = options.providerDiscovery || false | ||
const jwkPromise = retrieveJwk(normalizedDomain, alg, kid).catch( | ||
async err => { | ||
err => { | ||
const stale = staleCache.get(cacheKey) | ||
@@ -124,3 +127,3 @@ | ||
if (!body.keys || body.keys.length === 0) { | ||
if (!body.keys?.length) { | ||
throw new GetJwksError(errorCode.NO_JWKS) | ||
@@ -127,0 +130,0 @@ } |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
193
13994
3