Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

jose-node-esm-runtime

Package Overview
Dependencies
Maintainers
1
Versions
132
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

jose-node-esm-runtime - npm Package Compare versions

Comparing version 4.3.0 to 4.3.2

28

dist/node/esm/jwks/remote.js

@@ -40,3 +40,7 @@ import fetchJwks from '../runtime/fetch_jwks.js';

}
async getKey(protectedHeader) {
async getKey(protectedHeader, token) {
const joseHeader = {
...protectedHeader,
...token.header,
};
if (!this._jwks) {

@@ -46,8 +50,8 @@ await this.reload();

const candidates = this._jwks.keys.filter((jwk) => {
let candidate = jwk.kty === getKtyFromAlg(protectedHeader.alg);
if (candidate && typeof protectedHeader.kid === 'string') {
candidate = protectedHeader.kid === jwk.kid;
let candidate = jwk.kty === getKtyFromAlg(joseHeader.alg);
if (candidate && typeof joseHeader.kid === 'string') {
candidate = joseHeader.kid === jwk.kid;
}
if (candidate && typeof jwk.alg === 'string') {
candidate = protectedHeader.alg === jwk.alg;
candidate = joseHeader.alg === jwk.alg;
}

@@ -60,7 +64,7 @@ if (candidate && typeof jwk.use === 'string') {

}
if (candidate && protectedHeader.alg === 'EdDSA') {
if (candidate && joseHeader.alg === 'EdDSA') {
candidate = jwk.crv === 'Ed25519' || jwk.crv === 'Ed448';
}
if (candidate) {
switch (protectedHeader.alg) {
switch (joseHeader.alg) {
case 'ES256':

@@ -87,3 +91,3 @@ candidate = jwk.crv === 'P-256';

await this.reload();
return this.getKey(protectedHeader);
return this.getKey(protectedHeader, token);
}

@@ -96,10 +100,10 @@ throw new JWKSNoMatchingKey();

const cached = this._cached.get(jwk) || this._cached.set(jwk, {}).get(jwk);
if (cached[protectedHeader.alg] === undefined) {
const keyObject = await importJWK({ ...jwk, ext: true }, protectedHeader.alg);
if (cached[joseHeader.alg] === undefined) {
const keyObject = await importJWK({ ...jwk, ext: true }, joseHeader.alg);
if (keyObject instanceof Uint8Array || keyObject.type !== 'public') {
throw new JWKSInvalid('JSON Web Key Set members must be public keys');
}
cached[protectedHeader.alg] = keyObject;
cached[joseHeader.alg] = keyObject;
}
return cached[protectedHeader.alg];
return cached[joseHeader.alg];
}

@@ -106,0 +110,0 @@ async reload() {

@@ -45,2 +45,2 @@ export { compactDecrypt } from './jwe/compact/decrypt';

export * as base64url from './util/base64url';
export type { KeyLike, JWK, FlattenedJWSInput, GeneralJWSInput, FlattenedJWS, GeneralJWS, JoseHeaderParameters, JWSHeaderParameters, JWEKeyManagementHeaderParameters, FlattenedJWE, GeneralJWE, JWEHeaderParameters, CritOption, DeflateOption, DecryptOptions, EncryptOptions, JWTClaimVerificationOptions, VerifyOptions, SignOptions, JWTPayload, DeflateFunction, InflateFunction, FlattenedDecryptResult, GeneralDecryptResult, CompactDecryptResult, FlattenedVerifyResult, GeneralVerifyResult, CompactVerifyResult, JWTVerifyResult, JWTDecryptResult, ResolvedKey, } from './types';
export type { KeyLike, JWK, FlattenedJWSInput, GeneralJWSInput, FlattenedJWS, GeneralJWS, JoseHeaderParameters, JWSHeaderParameters, JWEKeyManagementHeaderParameters, FlattenedJWE, GeneralJWE, JWEHeaderParameters, CritOption, DeflateOption, DecryptOptions, EncryptOptions, JWTClaimVerificationOptions, VerifyOptions, SignOptions, JWTPayload, DeflateFunction, InflateFunction, FlattenedDecryptResult, GeneralDecryptResult, CompactDecryptResult, FlattenedVerifyResult, GeneralVerifyResult, CompactVerifyResult, JWTVerifyResult, JWTDecryptResult, ResolvedKey, CompactJWEHeaderParameters, CompactJWSHeaderParameters, JWTHeaderParameters, } from './types';

@@ -1,5 +0,5 @@

import type { KeyLike, DecryptOptions, JWEHeaderParameters, GetKeyFunction, FlattenedJWE, CompactDecryptResult, ResolvedKey } from '../../types';
export interface CompactDecryptGetKey extends GetKeyFunction<JWEHeaderParameters, FlattenedJWE> {
import type { KeyLike, DecryptOptions, CompactJWEHeaderParameters, GetKeyFunction, FlattenedJWE, CompactDecryptResult, ResolvedKey } from '../../types';
export interface CompactDecryptGetKey extends GetKeyFunction<CompactJWEHeaderParameters, FlattenedJWE> {
}
export declare function compactDecrypt(jwe: string | Uint8Array, key: KeyLike | Uint8Array, options?: DecryptOptions): Promise<CompactDecryptResult>;
export declare function compactDecrypt(jwe: string | Uint8Array, getKey: CompactDecryptGetKey, options?: DecryptOptions): Promise<CompactDecryptResult & ResolvedKey>;

@@ -1,2 +0,2 @@

import type { KeyLike, JWEKeyManagementHeaderParameters, JWEHeaderParameters, EncryptOptions } from '../../types';
import type { KeyLike, JWEKeyManagementHeaderParameters, CompactJWEHeaderParameters, EncryptOptions } from '../../types';
export declare class CompactEncrypt {

@@ -7,5 +7,5 @@ private _flattened;

setInitializationVector(iv: Uint8Array): this;
setProtectedHeader(protectedHeader: JWEHeaderParameters): this;
setProtectedHeader(protectedHeader: CompactJWEHeaderParameters): this;
setKeyManagementParameters(parameters: JWEKeyManagementHeaderParameters): this;
encrypt(key: KeyLike | Uint8Array, options?: EncryptOptions): Promise<string>;
}

@@ -1,7 +0,7 @@

import type { JWSHeaderParameters, KeyLike, SignOptions } from '../../types';
import type { CompactJWSHeaderParameters, KeyLike, SignOptions } from '../../types';
export declare class CompactSign {
private _flattened;
constructor(payload: Uint8Array);
setProtectedHeader(protectedHeader: JWSHeaderParameters): this;
setProtectedHeader(protectedHeader: CompactJWSHeaderParameters): this;
sign(key: KeyLike | Uint8Array, options?: SignOptions): Promise<string>;
}

@@ -1,5 +0,5 @@

import type { CompactVerifyResult, FlattenedJWSInput, GetKeyFunction, JWSHeaderParameters, KeyLike, VerifyOptions, ResolvedKey } from '../../types';
export interface CompactVerifyGetKey extends GetKeyFunction<JWSHeaderParameters, FlattenedJWSInput> {
import type { CompactVerifyResult, FlattenedJWSInput, GetKeyFunction, CompactJWSHeaderParameters, KeyLike, VerifyOptions, ResolvedKey } from '../../types';
export interface CompactVerifyGetKey extends GetKeyFunction<CompactJWSHeaderParameters, FlattenedJWSInput> {
}
export declare function compactVerify(jws: string | Uint8Array, key: KeyLike | Uint8Array, options?: VerifyOptions): Promise<CompactVerifyResult>;
export declare function compactVerify(jws: string | Uint8Array, getKey: CompactVerifyGetKey, options?: VerifyOptions): Promise<CompactVerifyResult & ResolvedKey>;

@@ -1,7 +0,7 @@

import type { KeyLike, DecryptOptions, JWTClaimVerificationOptions, GetKeyFunction, JWEHeaderParameters, FlattenedJWE, JWTDecryptResult, ResolvedKey } from '../types';
import type { KeyLike, DecryptOptions, JWTClaimVerificationOptions, GetKeyFunction, CompactJWEHeaderParameters, FlattenedJWE, JWTDecryptResult, ResolvedKey } from '../types';
export interface JWTDecryptOptions extends DecryptOptions, JWTClaimVerificationOptions {
}
export interface JWTDecryptGetKey extends GetKeyFunction<JWEHeaderParameters, FlattenedJWE> {
export interface JWTDecryptGetKey extends GetKeyFunction<CompactJWEHeaderParameters, FlattenedJWE> {
}
export declare function jwtDecrypt(jwt: string | Uint8Array, key: KeyLike | Uint8Array, options?: JWTDecryptOptions): Promise<JWTDecryptResult>;
export declare function jwtDecrypt(jwt: string | Uint8Array, getKey: JWTDecryptGetKey, options?: JWTDecryptOptions): Promise<JWTDecryptResult & ResolvedKey>;

@@ -1,2 +0,2 @@

import type { EncryptOptions, JWEHeaderParameters, JWEKeyManagementHeaderParameters, KeyLike } from '../types';
import type { EncryptOptions, CompactJWEHeaderParameters, JWEKeyManagementHeaderParameters, KeyLike } from '../types';
import { ProduceJWT } from './produce';

@@ -11,3 +11,3 @@ export declare class EncryptJWT extends ProduceJWT {

private _replicateAudienceAsHeader;
setProtectedHeader(protectedHeader: JWEHeaderParameters): this;
setProtectedHeader(protectedHeader: CompactJWEHeaderParameters): this;
setKeyManagementParameters(parameters: JWEKeyManagementHeaderParameters): this;

@@ -14,0 +14,0 @@ setContentEncryptionKey(cek: Uint8Array): this;

@@ -1,7 +0,7 @@

import type { JWSHeaderParameters, KeyLike, SignOptions } from '../types';
import type { JWTHeaderParameters, KeyLike, SignOptions } from '../types';
import { ProduceJWT } from './produce';
export declare class SignJWT extends ProduceJWT {
private _protectedHeader;
setProtectedHeader(protectedHeader: JWSHeaderParameters): this;
setProtectedHeader(protectedHeader: JWTHeaderParameters): this;
sign(key: KeyLike | Uint8Array, options?: SignOptions): Promise<string>;
}

@@ -1,7 +0,7 @@

import type { KeyLike, VerifyOptions, JWTClaimVerificationOptions, JWSHeaderParameters, GetKeyFunction, FlattenedJWSInput, JWTVerifyResult, ResolvedKey } from '../types';
import type { KeyLike, VerifyOptions, JWTClaimVerificationOptions, JWTHeaderParameters, GetKeyFunction, FlattenedJWSInput, JWTVerifyResult, ResolvedKey } from '../types';
export interface JWTVerifyOptions extends VerifyOptions, JWTClaimVerificationOptions {
}
export interface JWTVerifyGetKey extends GetKeyFunction<JWSHeaderParameters, FlattenedJWSInput> {
export interface JWTVerifyGetKey extends GetKeyFunction<JWTHeaderParameters, FlattenedJWSInput> {
}
export declare function jwtVerify(jwt: string | Uint8Array, key: KeyLike | Uint8Array, options?: JWTVerifyOptions): Promise<JWTVerifyResult>;
export declare function jwtVerify(jwt: string | Uint8Array, getKey: JWTVerifyGetKey, options?: JWTVerifyOptions): Promise<JWTVerifyResult & ResolvedKey>;

@@ -261,1 +261,11 @@ /**

}
export interface CompactJWSHeaderParameters extends JWSHeaderParameters {
alg: string
}
export interface JWTHeaderParameters extends CompactJWSHeaderParameters {
b64: never
}
export interface CompactJWEHeaderParameters extends JWEHeaderParameters {
alg: string
enc: string
}
{
"name": "jose-node-esm-runtime",
"version": "4.3.0",
"version": "4.3.2",
"homepage": "https://github.com/panva/jose",

@@ -5,0 +5,0 @@ "repository": "panva/jose",

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc