id-token - npm Package Compare versions
Comparing version 0.0.5 to 0.0.6
@@ -34,4 +34,6 @@ import path from 'path'; | ||
| authorizationCode: 'Qcb0Orv1zh30vL1MPRsbm-diHiMwcLyZvn1arpZv-Jxf_11jnpEX3Tgfvk', | ||
| kid: '1e9gdk7', | ||
| }); | ||
| const idTokenPayload = jwt.verify(jwtIdToken, publicPem, { algorithms: ['RS256'] }); | ||
| const idTokenHeader = jwt.decode(jwtIdToken, { complete: true }).header; | ||
@@ -136,3 +138,3 @@ it( | ||
| // Additional claim: http://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.3.2.11 | ||
| // Optional claim: http://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.3.2.11 | ||
| it( | ||
@@ -150,3 +152,3 @@ 'at_hash: Access Token hash value. Its value is the base64url encoding of the left-most half of ' + | ||
| // Additional claim: http://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.3.2.11 | ||
| // Optional claim: http://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.3.2.11 | ||
| it( | ||
@@ -163,2 +165,12 @@ 'c_hash: Code hash value. Its value is the base64url encoding of the left-most half of the hash ' + | ||
| }); | ||
| // Optional header parameter: https://tools.ietf.org/html/rfc7515#section-4.1.4 | ||
| it( | ||
| 'kid: (Key ID) Header Parameter. The "kid" (key ID) Header Parameter is a hint indicating which ' + | ||
| 'key was used to secure the JWS. This parameter allows originators to explicitly signal a ' + | ||
| 'change of key to recipients. The structure of the "kid" value is unspecified. Its value ' + | ||
| 'MUST be a case-sensitive string. Use of this Header Parameter is OPTIONAL. When used with a JWK, ' + | ||
| 'the "kid" value is used to match a JWK "kid" parameter value.', () => { | ||
| assert.equal(idTokenHeader.kid, '1e9gdk7'); | ||
| }); | ||
| }); | ||
@@ -182,2 +194,3 @@ | ||
| authorizationCode: 'Qcb0Orv1zh30vL1MPRsbm-diHiMwcLyZvn1arpZv-Jxf_11jnpEX3Tgfvk', | ||
| kid: '1e9gdk7', | ||
| }); | ||
@@ -189,3 +202,7 @@ | ||
| }); | ||
| const idTokenHeader = jwt.decode(jwtIdToken, { complete: true }).header; | ||
| assert.equal(idTokenHeader.alg, 'RS256'); | ||
| assert.equal(idTokenHeader.kid, '1e9gdk7'); | ||
| assert.deepEqual(idTokenPayload, { | ||
@@ -192,0 +209,0 @@ 'iss': 'https://server.example.com', |
@@ -79,2 +79,3 @@ 'use strict'; | ||
| var authorizationCode = _ref.authorizationCode; | ||
| var kid = _ref.kid; | ||
@@ -87,2 +88,3 @@ // Required parameters | ||
| _assert2['default'].ok(!authorizationCode || isNonEmptyString(authorizationCode), 'option "authorizationCode" must be a string'); | ||
| _assert2['default'].ok(!kid || isNonEmptyString(kid), 'option "kid" must be a string'); | ||
@@ -115,3 +117,4 @@ // Required ID Token claims | ||
| expiresIn: expiresIn, | ||
| noTimestamp: !!claims.iat | ||
| noTimestamp: !!claims.iat, | ||
| headers: { kid: kid } | ||
| }; | ||
@@ -118,0 +121,0 @@ return _jsonwebtoken2['default'].sign(claims, privatePem, options); |
| { | ||
| "name": "id-token", | ||
| "version": "0.0.5", | ||
| "version": "0.0.6", | ||
| "description": "OpenID Connect ID Token", | ||
@@ -5,0 +5,0 @@ "author": "Marco Bettiolo <marco@bettiolo.it>", |
@@ -67,3 +67,3 @@ import crypto from 'crypto'; | ||
| createJwt(privatePem, claims = {}, | ||
| { expiresIn, accessToken, authorizationCode } = {}) { | ||
| { expiresIn, accessToken, authorizationCode, kid } = {}) { | ||
| // Required parameters | ||
@@ -78,2 +78,4 @@ assert.ok(isPemRsaKey(privatePem), | ||
| 'option "authorizationCode" must be a string'); | ||
| assert.ok(!kid || isNonEmptyString(kid), | ||
| 'option "kid" must be a string'); | ||
@@ -115,2 +117,3 @@ // Required ID Token claims | ||
| noTimestamp: !!claims.iat, | ||
| headers: { kid }, | ||
| }; | ||
@@ -117,0 +120,0 @@ return jwt.sign(claims, privatePem, options); |
@@ -389,3 +389,16 @@ import path from 'path'; | ||
| }); | ||
| context('Optional header parameter "kid', () => { | ||
| itThrowsErrorWhenOptionIsNotString('kid', | ||
| 'option "kid" must be a string'); | ||
| it('Creates a JWT ID Token with the "kid" header parameter', () => { | ||
| const options = { kid: '12345abc' }; | ||
| const jwtIdToken = idToken.createJwt(privatePem, defaultClaims, options); | ||
| const decodedIdToken = jwt.decode(jwtIdToken, { complete: true }); | ||
| assert.equal(decodedIdToken.header.kid, '12345abc'); | ||
| }); | ||
| }); | ||
| }); | ||
| }); |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by4.2%
42103
- Lines of code
- increased by4.46%
726