New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
jose-browser-runtime
Advanced tools
jose-browser-runtime - npm Package Compare versions
Comparing version 5.6.3 to 5.7.0
@@ -20,3 +20,3 @@ export { compactDecrypt } from './jwe/compact/decrypt.js'; | ||
| export { createLocalJWKSet } from './jwks/local.js'; | ||
| export { createRemoteJWKSet, experimental_jwksCache } from './jwks/remote.js'; | ||
| export { createRemoteJWKSet, jwksCache, experimental_jwksCache } from './jwks/remote.js'; | ||
| export { UnsecuredJWT } from './jwt/unsecured.js'; | ||
@@ -23,0 +23,0 @@ export { exportPKCS8, exportSPKI, exportJWK } from './key/export.js'; |
@@ -13,6 +13,6 @@ import fetchJwks from '../runtime/fetch_jwks.js'; | ||
| const NAME = 'jose'; | ||
| const VERSION = 'v5.6.3'; | ||
| const VERSION = 'v5.7.0'; | ||
| USER_AGENT = `${NAME}/${VERSION}`; | ||
| } | ||
| export const experimental_jwksCache = Symbol(); | ||
| export const jwksCache = Symbol(); | ||
| function isFreshJwksCache(input, cacheMaxAge) { | ||
@@ -45,5 +45,5 @@ if (typeof input !== 'object' || input === null) { | ||
| this._cacheMaxAge = typeof options?.cacheMaxAge === 'number' ? options?.cacheMaxAge : 600000; | ||
| if (options?.[experimental_jwksCache] !== undefined) { | ||
| this._cache = options?.[experimental_jwksCache]; | ||
| if (isFreshJwksCache(options?.[experimental_jwksCache], this._cacheMaxAge)) { | ||
| if (options?.[jwksCache] !== undefined) { | ||
| this._cache = options?.[jwksCache]; | ||
| if (isFreshJwksCache(options?.[jwksCache], this._cacheMaxAge)) { | ||
| this._jwksTimestamp = this._cache.uat; | ||
@@ -141,1 +141,2 @@ this._local = createLocalJWKSet(this._cache.jwks); | ||
| } | ||
| export const experimental_jwksCache = jwksCache; |
@@ -31,3 +31,3 @@ export { compactDecrypt } from './jwe/compact/decrypt'; | ||
| export { createLocalJWKSet } from './jwks/local'; | ||
| export { createRemoteJWKSet, experimental_jwksCache } from './jwks/remote'; | ||
| export { createRemoteJWKSet, jwksCache, experimental_jwksCache } from './jwks/remote'; | ||
| export type { RemoteJWKSetOptions, JWKSCacheInput, ExportedJWKSCache } from './jwks/remote'; | ||
@@ -34,0 +34,0 @@ export { UnsecuredJWT } from './jwt/unsecured'; |
| import type { KeyLike, JWSHeaderParameters, FlattenedJWSInput, JSONWebKeySet } from '../types'; | ||
| /** | ||
| * This is an experimental feature, it is not subject to semantic versioning rules. Non-backward | ||
| * compatible changes or removal may occur in any future release. | ||
| * | ||
| * DANGER ZONE - This option has security implications that must be understood, assessed for | ||
@@ -28,3 +25,3 @@ * applicability, and accepted before use. It is critical that the JSON Web Key Set cache only be | ||
| * - Default to an empty object `{}` instead when there's no previously cached value; | ||
| * - Pass it in as {@link RemoteJWKSetOptions[experimental_jwksCache]}; | ||
| * - Pass it in as {@link RemoteJWKSetOptions[jwksCache]}; | ||
| * - Afterwards, update the key-value storage if the {@link ExportedJWKSCache.uat `uat`} property of | ||
@@ -44,3 +41,3 @@ * the object has changed. | ||
| * const JWKS = jose.createRemoteJWKSet(url, { | ||
| * [jose.experimental_jwksCache]: jwksCache, | ||
| * [jose.jwksCache]: jwksCache, | ||
| * }) | ||
@@ -57,3 +54,3 @@ * | ||
| */ | ||
| export declare const experimental_jwksCache: unique symbol; | ||
| export declare const jwksCache: unique symbol; | ||
| /** Options for the remote JSON Web Key Set. */ | ||
@@ -91,4 +88,4 @@ export interface RemoteJWKSetOptions { | ||
| headers?: Record<string, string>; | ||
| /** See {@link experimental_jwksCache}. */ | ||
| [experimental_jwksCache]?: JWKSCacheInput; | ||
| /** See {@link jwksCache}. */ | ||
| [jwksCache]?: JWKSCacheInput; | ||
| } | ||
@@ -134,1 +131,7 @@ export interface ExportedJWKSCache { | ||
| }; | ||
| /** | ||
| * @ignore | ||
| * | ||
| * @deprecated Use {@link jwksCache}. | ||
| */ | ||
| export declare const experimental_jwksCache: symbol; |
@@ -373,3 +373,7 @@ /** | ||
| export interface JWTClaimVerificationOptions { | ||
| /** Expected JWT "aud" (Audience) Claim value(s). */ | ||
| /** | ||
| * Expected JWT "aud" (Audience) Claim value(s). | ||
| * | ||
| * This option makes the JWT "aud" (Audience) Claim presence required. | ||
| */ | ||
| audience?: string | string[] | ||
@@ -385,3 +389,7 @@ | ||
| /** Expected JWT "iss" (Issuer) Claim value(s). */ | ||
| /** | ||
| * Expected JWT "iss" (Issuer) Claim value(s). | ||
| * | ||
| * This option makes the JWT "iss" (Issuer) Claim presence required. | ||
| */ | ||
| issuer?: string | string[] | ||
@@ -394,9 +402,19 @@ | ||
| * - Parsed as seconds when a string (e.g. "5 seconds", "10 minutes", "2 hours"). | ||
| * | ||
| * This option makes the JWT "iat" (Issued At) Claim presence required. | ||
| */ | ||
| maxTokenAge?: string | number | ||
| /** Expected JWT "sub" (Subject) Claim value. */ | ||
| /** | ||
| * Expected JWT "sub" (Subject) Claim value. | ||
| * | ||
| * This option makes the JWT "sub" (Subject) Claim presence required. | ||
| */ | ||
| subject?: string | ||
| /** Expected JWT "typ" (Type) Header Parameter value. */ | ||
| /** | ||
| * Expected JWT "typ" (Type) Header Parameter value. | ||
| * | ||
| * This option makes the JWT "typ" (Type) Header Parameter presence required. | ||
| */ | ||
| typ?: string | ||
@@ -409,7 +427,9 @@ | ||
| * Array of required Claim Names that must be present in the JWT Claims Set. Default is that: if | ||
| * the {@link JWTClaimVerificationOptions.issuer issuer option} is set, then "iss" must be present; | ||
| * if the {@link JWTClaimVerificationOptions.audience audience option} is set, then "aud" must be | ||
| * present; if the {@link JWTClaimVerificationOptions.subject subject option} is set, then "sub" | ||
| * must be present; if the {@link JWTClaimVerificationOptions.maxTokenAge maxTokenAge option} is | ||
| * set, then "iat" must be present. | ||
| * the {@link JWTClaimVerificationOptions.issuer `issuer` option} is set, then JWT "iss" (Issuer) | ||
| * Claim must be present; if the {@link JWTClaimVerificationOptions.audience `audience` option} is | ||
| * set, then JWT "aud" (Audience) Claim must be present; if the | ||
| * {@link JWTClaimVerificationOptions.subject `subject` option} is set, then JWT "sub" (Subject) | ||
| * Claim must be present; if the | ||
| * {@link JWTClaimVerificationOptions.maxTokenAge `maxTokenAge` option} is set, then JWT "iat" | ||
| * (Issued At) Claim must be present. | ||
| */ | ||
@@ -423,4 +443,5 @@ requiredClaims?: string[] | ||
| * A list of accepted JWS "alg" (Algorithm) Header Parameter values. By default all "alg" | ||
| * (Algorithm) values applicable for the used key/secret are allowed. Note: "none" is never | ||
| * accepted. | ||
| * (Algorithm) values applicable for the used key/secret are allowed. | ||
| * | ||
| * Note: Unsecured JWTs (`{ "alg": "none" }`) are never accepted by this API. | ||
| */ | ||
@@ -427,0 +448,0 @@ algorithms?: string[] |
| { | ||
| "name": "jose-browser-runtime", | ||
| "version": "5.6.3", | ||
| "version": "5.7.0", | ||
| "homepage": "https://github.com/panva/jose", | ||
@@ -5,0 +5,0 @@ "repository": "panva/jose", |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
No alert changes
Improved metrics
- Total package byte prevSize
- increased by0.1%
585821
- Lines of code
- increased by0.23%
12784
No dependency changes