jose-browser-runtime - npm Package Compare versions

Comparing version 4.3.0 to 4.3.2

dist/browser/jwks/remote.js

@@ -40,3 +40,7 @@ import fetchJwks from '../runtime/fetch_jwks.js';
     }
-    async getKey(protectedHeader) {
+    async getKey(protectedHeader, token) {
+        const joseHeader = {
+            ...protectedHeader,
+            ...token.header,
+        };
         if (!this._jwks) {
@@ -46,8 +50,8 @@ await this.reload();
         const candidates = this._jwks.keys.filter((jwk) => {
-            let candidate = jwk.kty === getKtyFromAlg(protectedHeader.alg);
-            if (candidate && typeof protectedHeader.kid === 'string') {
-                candidate = protectedHeader.kid === jwk.kid;
+            let candidate = jwk.kty === getKtyFromAlg(joseHeader.alg);
+            if (candidate && typeof joseHeader.kid === 'string') {
+                candidate = joseHeader.kid === jwk.kid;
             }
             if (candidate && typeof jwk.alg === 'string') {
-                candidate = protectedHeader.alg === jwk.alg;
+                candidate = joseHeader.alg === jwk.alg;
             }
@@ -60,7 +64,7 @@ if (candidate && typeof jwk.use === 'string') {
             }
-            if (candidate && protectedHeader.alg === 'EdDSA') {
+            if (candidate && joseHeader.alg === 'EdDSA') {
                 candidate = jwk.crv === 'Ed25519' || jwk.crv === 'Ed448';
             }
             if (candidate) {
-                switch (protectedHeader.alg) {
+                switch (joseHeader.alg) {
                     case 'ES256':
@@ -87,3 +91,3 @@ candidate = jwk.crv === 'P-256';
                 await this.reload();
-                return this.getKey(protectedHeader);
+                return this.getKey(protectedHeader, token);
             }
@@ -96,10 +100,10 @@ throw new JWKSNoMatchingKey();
         const cached = this._cached.get(jwk) || this._cached.set(jwk, {}).get(jwk);
-        if (cached[protectedHeader.alg] === undefined) {
-            const keyObject = await importJWK({ ...jwk, ext: true }, protectedHeader.alg);
+        if (cached[joseHeader.alg] === undefined) {
+            const keyObject = await importJWK({ ...jwk, ext: true }, joseHeader.alg);
             if (keyObject instanceof Uint8Array || keyObject.type !== 'public') {
                 throw new JWKSInvalid('JSON Web Key Set members must be public keys');
             }
-            cached[protectedHeader.alg] = keyObject;
+            cached[joseHeader.alg] = keyObject;
         }
-        return cached[protectedHeader.alg];
+        return cached[joseHeader.alg];
     }
@@ -106,0 +110,0 @@ async reload() {

dist/types/index.d.ts

@@ -45,2 +45,2 @@ export { compactDecrypt } from './jwe/compact/decrypt';
 export * as base64url from './util/base64url';
-export type { KeyLike, JWK, FlattenedJWSInput, GeneralJWSInput, FlattenedJWS, GeneralJWS, JoseHeaderParameters, JWSHeaderParameters, JWEKeyManagementHeaderParameters, FlattenedJWE, GeneralJWE, JWEHeaderParameters, CritOption, DeflateOption, DecryptOptions, EncryptOptions, JWTClaimVerificationOptions, VerifyOptions, SignOptions, JWTPayload, DeflateFunction, InflateFunction, FlattenedDecryptResult, GeneralDecryptResult, CompactDecryptResult, FlattenedVerifyResult, GeneralVerifyResult, CompactVerifyResult, JWTVerifyResult, JWTDecryptResult, ResolvedKey, } from './types';
+export type { KeyLike, JWK, FlattenedJWSInput, GeneralJWSInput, FlattenedJWS, GeneralJWS, JoseHeaderParameters, JWSHeaderParameters, JWEKeyManagementHeaderParameters, FlattenedJWE, GeneralJWE, JWEHeaderParameters, CritOption, DeflateOption, DecryptOptions, EncryptOptions, JWTClaimVerificationOptions, VerifyOptions, SignOptions, JWTPayload, DeflateFunction, InflateFunction, FlattenedDecryptResult, GeneralDecryptResult, CompactDecryptResult, FlattenedVerifyResult, GeneralVerifyResult, CompactVerifyResult, JWTVerifyResult, JWTDecryptResult, ResolvedKey, CompactJWEHeaderParameters, CompactJWSHeaderParameters, JWTHeaderParameters, } from './types';

dist/types/jwe/compact/decrypt.d.ts

@@ -1,5 +0,5 @@
-import type { KeyLike, DecryptOptions, JWEHeaderParameters, GetKeyFunction, FlattenedJWE, CompactDecryptResult, ResolvedKey } from '../../types';
-export interface CompactDecryptGetKey extends GetKeyFunction<JWEHeaderParameters, FlattenedJWE> {
+import type { KeyLike, DecryptOptions, CompactJWEHeaderParameters, GetKeyFunction, FlattenedJWE, CompactDecryptResult, ResolvedKey } from '../../types';
+export interface CompactDecryptGetKey extends GetKeyFunction<CompactJWEHeaderParameters, FlattenedJWE> {
 }
 export declare function compactDecrypt(jwe: string | Uint8Array, key: KeyLike | Uint8Array, options?: DecryptOptions): Promise<CompactDecryptResult>;
 export declare function compactDecrypt(jwe: string | Uint8Array, getKey: CompactDecryptGetKey, options?: DecryptOptions): Promise<CompactDecryptResult & ResolvedKey>;

dist/types/jwe/compact/encrypt.d.ts

@@ -1,2 +0,2 @@
-import type { KeyLike, JWEKeyManagementHeaderParameters, JWEHeaderParameters, EncryptOptions } from '../../types';
+import type { KeyLike, JWEKeyManagementHeaderParameters, CompactJWEHeaderParameters, EncryptOptions } from '../../types';
 export declare class CompactEncrypt {
@@ -7,5 +7,5 @@ private _flattened;
     setInitializationVector(iv: Uint8Array): this;
-    setProtectedHeader(protectedHeader: JWEHeaderParameters): this;
+    setProtectedHeader(protectedHeader: CompactJWEHeaderParameters): this;
     setKeyManagementParameters(parameters: JWEKeyManagementHeaderParameters): this;
     encrypt(key: KeyLike | Uint8Array, options?: EncryptOptions): Promise<string>;
 }

dist/types/jws/compact/sign.d.ts

@@ -1,7 +0,7 @@
-import type { JWSHeaderParameters, KeyLike, SignOptions } from '../../types';
+import type { CompactJWSHeaderParameters, KeyLike, SignOptions } from '../../types';
 export declare class CompactSign {
     private _flattened;
     constructor(payload: Uint8Array);
-    setProtectedHeader(protectedHeader: JWSHeaderParameters): this;
+    setProtectedHeader(protectedHeader: CompactJWSHeaderParameters): this;
     sign(key: KeyLike | Uint8Array, options?: SignOptions): Promise<string>;
 }

dist/types/jws/compact/verify.d.ts

@@ -1,5 +0,5 @@
-import type { CompactVerifyResult, FlattenedJWSInput, GetKeyFunction, JWSHeaderParameters, KeyLike, VerifyOptions, ResolvedKey } from '../../types';
-export interface CompactVerifyGetKey extends GetKeyFunction<JWSHeaderParameters, FlattenedJWSInput> {
+import type { CompactVerifyResult, FlattenedJWSInput, GetKeyFunction, CompactJWSHeaderParameters, KeyLike, VerifyOptions, ResolvedKey } from '../../types';
+export interface CompactVerifyGetKey extends GetKeyFunction<CompactJWSHeaderParameters, FlattenedJWSInput> {
 }
 export declare function compactVerify(jws: string | Uint8Array, key: KeyLike | Uint8Array, options?: VerifyOptions): Promise<CompactVerifyResult>;
 export declare function compactVerify(jws: string | Uint8Array, getKey: CompactVerifyGetKey, options?: VerifyOptions): Promise<CompactVerifyResult & ResolvedKey>;

dist/types/jwt/decrypt.d.ts

@@ -1,7 +0,7 @@
-import type { KeyLike, DecryptOptions, JWTClaimVerificationOptions, GetKeyFunction, JWEHeaderParameters, FlattenedJWE, JWTDecryptResult, ResolvedKey } from '../types';
+import type { KeyLike, DecryptOptions, JWTClaimVerificationOptions, GetKeyFunction, CompactJWEHeaderParameters, FlattenedJWE, JWTDecryptResult, ResolvedKey } from '../types';
 export interface JWTDecryptOptions extends DecryptOptions, JWTClaimVerificationOptions {
 }
-export interface JWTDecryptGetKey extends GetKeyFunction<JWEHeaderParameters, FlattenedJWE> {
+export interface JWTDecryptGetKey extends GetKeyFunction<CompactJWEHeaderParameters, FlattenedJWE> {
 }
 export declare function jwtDecrypt(jwt: string | Uint8Array, key: KeyLike | Uint8Array, options?: JWTDecryptOptions): Promise<JWTDecryptResult>;
 export declare function jwtDecrypt(jwt: string | Uint8Array, getKey: JWTDecryptGetKey, options?: JWTDecryptOptions): Promise<JWTDecryptResult & ResolvedKey>;

dist/types/jwt/encrypt.d.ts

@@ -1,2 +0,2 @@
-import type { EncryptOptions, JWEHeaderParameters, JWEKeyManagementHeaderParameters, KeyLike } from '../types';
+import type { EncryptOptions, CompactJWEHeaderParameters, JWEKeyManagementHeaderParameters, KeyLike } from '../types';
 import { ProduceJWT } from './produce';
@@ -11,3 +11,3 @@ export declare class EncryptJWT extends ProduceJWT {
     private _replicateAudienceAsHeader;
-    setProtectedHeader(protectedHeader: JWEHeaderParameters): this;
+    setProtectedHeader(protectedHeader: CompactJWEHeaderParameters): this;
     setKeyManagementParameters(parameters: JWEKeyManagementHeaderParameters): this;
@@ -14,0 +14,0 @@ setContentEncryptionKey(cek: Uint8Array): this;

dist/types/jwt/sign.d.ts

@@ -1,7 +0,7 @@
-import type { JWSHeaderParameters, KeyLike, SignOptions } from '../types';
+import type { JWTHeaderParameters, KeyLike, SignOptions } from '../types';
 import { ProduceJWT } from './produce';
 export declare class SignJWT extends ProduceJWT {
     private _protectedHeader;
-    setProtectedHeader(protectedHeader: JWSHeaderParameters): this;
+    setProtectedHeader(protectedHeader: JWTHeaderParameters): this;
     sign(key: KeyLike | Uint8Array, options?: SignOptions): Promise<string>;
 }

dist/types/jwt/verify.d.ts

@@ -1,7 +0,7 @@
-import type { KeyLike, VerifyOptions, JWTClaimVerificationOptions, JWSHeaderParameters, GetKeyFunction, FlattenedJWSInput, JWTVerifyResult, ResolvedKey } from '../types';
+import type { KeyLike, VerifyOptions, JWTClaimVerificationOptions, JWTHeaderParameters, GetKeyFunction, FlattenedJWSInput, JWTVerifyResult, ResolvedKey } from '../types';
 export interface JWTVerifyOptions extends VerifyOptions, JWTClaimVerificationOptions {
 }
-export interface JWTVerifyGetKey extends GetKeyFunction<JWSHeaderParameters, FlattenedJWSInput> {
+export interface JWTVerifyGetKey extends GetKeyFunction<JWTHeaderParameters, FlattenedJWSInput> {
 }
 export declare function jwtVerify(jwt: string | Uint8Array, key: KeyLike | Uint8Array, options?: JWTVerifyOptions): Promise<JWTVerifyResult>;
 export declare function jwtVerify(jwt: string | Uint8Array, getKey: JWTVerifyGetKey, options?: JWTVerifyOptions): Promise<JWTVerifyResult & ResolvedKey>;

dist/types/types.d.ts

@@ -261,1 +261,11 @@ /**
 }
+export interface CompactJWSHeaderParameters extends JWSHeaderParameters {
+  alg: string
+}
+export interface JWTHeaderParameters extends CompactJWSHeaderParameters {
+  b64: never
+}
+export interface CompactJWEHeaderParameters extends JWEHeaderParameters {
+  alg: string
+  enc: string
+}

package.json

 {
   "name": "jose-browser-runtime",
-  "version": "4.3.0",
+  "version": "4.3.2",
   "homepage": "https://github.com/panva/jose",
@@ -5,0 +5,0 @@ "repository": "panva/jose",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

160217

increased by0.32%

Lines of code

3974

increased by0.35%

No dependency changes