Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

jose-node-esm-runtime

Package Overview
Dependencies
Maintainers
1
Versions
132
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

jose-node-esm-runtime - npm Package Compare versions

Comparing version 5.3.0 to 5.4.0

2

dist/node/esm/jwks/remote.js

@@ -12,3 +12,3 @@ import fetchJwks from '../runtime/fetch_jwks.js';

const NAME = 'jose';
const VERSION = 'v5.3.0';
const VERSION = 'v5.4.0';
USER_AGENT = `${NAME}/${VERSION}`;

@@ -15,0 +15,0 @@ }

@@ -9,10 +9,10 @@ import { compactDecrypt } from '../jwe/compact/decrypt.js';

if (protectedHeader.iss !== undefined && protectedHeader.iss !== payload.iss) {
throw new JWTClaimValidationFailed('replicated "iss" claim header parameter mismatch', 'iss', 'mismatch');
throw new JWTClaimValidationFailed('replicated "iss" claim header parameter mismatch', payload, 'iss', 'mismatch');
}
if (protectedHeader.sub !== undefined && protectedHeader.sub !== payload.sub) {
throw new JWTClaimValidationFailed('replicated "sub" claim header parameter mismatch', 'sub', 'mismatch');
throw new JWTClaimValidationFailed('replicated "sub" claim header parameter mismatch', payload, 'sub', 'mismatch');
}
if (protectedHeader.aud !== undefined &&
JSON.stringify(protectedHeader.aud) !== JSON.stringify(payload.aud)) {
throw new JWTClaimValidationFailed('replicated "aud" claim header parameter mismatch', 'aud', 'mismatch');
throw new JWTClaimValidationFailed('replicated "aud" claim header parameter mismatch', payload, 'aud', 'mismatch');
}

@@ -19,0 +19,0 @@ const result = { payload, protectedHeader };

@@ -17,8 +17,2 @@ import { JWTClaimValidationFailed, JWTExpired, JWTInvalid } from '../util/errors.js';

export default (protectedHeader, encodedPayload, options = {}) => {
const { typ } = options;
if (typ &&
(typeof protectedHeader.typ !== 'string' ||
normalizeTyp(protectedHeader.typ) !== normalizeTyp(typ))) {
throw new JWTClaimValidationFailed('unexpected "typ" JWT header value', 'typ', 'check_failed');
}
let payload;

@@ -33,2 +27,8 @@ try {

}
const { typ } = options;
if (typ &&
(typeof protectedHeader.typ !== 'string' ||
normalizeTyp(protectedHeader.typ) !== normalizeTyp(typ))) {
throw new JWTClaimValidationFailed('unexpected "typ" JWT header value', payload, 'typ', 'check_failed');
}
const { requiredClaims = [], issuer, subject, audience, maxTokenAge } = options;

@@ -46,14 +46,14 @@ const presenceCheck = [...requiredClaims];

if (!(claim in payload)) {
throw new JWTClaimValidationFailed(`missing required "${claim}" claim`, claim, 'missing');
throw new JWTClaimValidationFailed(`missing required "${claim}" claim`, payload, claim, 'missing');
}
}
if (issuer && !(Array.isArray(issuer) ? issuer : [issuer]).includes(payload.iss)) {
throw new JWTClaimValidationFailed('unexpected "iss" claim value', 'iss', 'check_failed');
throw new JWTClaimValidationFailed('unexpected "iss" claim value', payload, 'iss', 'check_failed');
}
if (subject && payload.sub !== subject) {
throw new JWTClaimValidationFailed('unexpected "sub" claim value', 'sub', 'check_failed');
throw new JWTClaimValidationFailed('unexpected "sub" claim value', payload, 'sub', 'check_failed');
}
if (audience &&
!checkAudiencePresence(payload.aud, typeof audience === 'string' ? [audience] : audience)) {
throw new JWTClaimValidationFailed('unexpected "aud" claim value', 'aud', 'check_failed');
throw new JWTClaimValidationFailed('unexpected "aud" claim value', payload, 'aud', 'check_failed');
}

@@ -77,10 +77,10 @@ let tolerance;

if ((payload.iat !== undefined || maxTokenAge) && typeof payload.iat !== 'number') {
throw new JWTClaimValidationFailed('"iat" claim must be a number', 'iat', 'invalid');
throw new JWTClaimValidationFailed('"iat" claim must be a number', payload, 'iat', 'invalid');
}
if (payload.nbf !== undefined) {
if (typeof payload.nbf !== 'number') {
throw new JWTClaimValidationFailed('"nbf" claim must be a number', 'nbf', 'invalid');
throw new JWTClaimValidationFailed('"nbf" claim must be a number', payload, 'nbf', 'invalid');
}
if (payload.nbf > now + tolerance) {
throw new JWTClaimValidationFailed('"nbf" claim timestamp check failed', 'nbf', 'check_failed');
throw new JWTClaimValidationFailed('"nbf" claim timestamp check failed', payload, 'nbf', 'check_failed');
}

@@ -90,6 +90,6 @@ }

if (typeof payload.exp !== 'number') {
throw new JWTClaimValidationFailed('"exp" claim must be a number', 'exp', 'invalid');
throw new JWTClaimValidationFailed('"exp" claim must be a number', payload, 'exp', 'invalid');
}
if (payload.exp <= now - tolerance) {
throw new JWTExpired('"exp" claim timestamp check failed', 'exp', 'check_failed');
throw new JWTExpired('"exp" claim timestamp check failed', payload, 'exp', 'check_failed');
}

@@ -101,6 +101,6 @@ }

if (age - tolerance > max) {
throw new JWTExpired('"iat" claim timestamp check failed (too far in the past)', 'iat', 'check_failed');
throw new JWTExpired('"iat" claim timestamp check failed (too far in the past)', payload, 'iat', 'check_failed');
}
if (age < 0 - tolerance) {
throw new JWTClaimValidationFailed('"iat" claim timestamp check failed (it should be in the past)', 'iat', 'check_failed');
throw new JWTClaimValidationFailed('"iat" claim timestamp check failed (it should be in the past)', payload, 'iat', 'check_failed');
}

@@ -107,0 +107,0 @@ }

@@ -19,6 +19,8 @@ export class JOSEError extends Error {

reason;
constructor(message, claim = 'unspecified', reason = 'unspecified') {
payload;
constructor(message, payload, claim = 'unspecified', reason = 'unspecified') {
super(message);
this.claim = claim;
this.reason = reason;
this.payload = payload;
}

@@ -33,6 +35,8 @@ }

reason;
constructor(message, claim = 'unspecified', reason = 'unspecified') {
payload;
constructor(message, payload, claim = 'unspecified', reason = 'unspecified') {
super(message);
this.claim = claim;
this.reason = reason;
this.payload = payload;
}

@@ -39,0 +43,0 @@ }

@@ -1,2 +0,2 @@

import type { KeyLike } from '../types';
import type { JWTPayload, KeyLike } from '../types';
/**

@@ -30,4 +30,6 @@ * A generic Error that all other JOSE specific Error subclasses extend.

reason: string;
/** The parsed JWT payload. */
payload: JWTPayload;
/** @ignore */
constructor(message: string, claim?: string, reason?: string);
constructor(message: string, payload: JWTPayload, claim?: string, reason?: string);
}

@@ -46,4 +48,6 @@ /**

reason: string;
/** The parsed JWT payload. */
payload: JWTPayload;
/** @ignore */
constructor(message: string, claim?: string, reason?: string);
constructor(message: string, payload: JWTPayload, claim?: string, reason?: string);
}

@@ -50,0 +54,0 @@ /**

{
"name": "jose-node-esm-runtime",
"version": "5.3.0",
"version": "5.4.0",
"homepage": "https://github.com/panva/jose",

@@ -5,0 +5,0 @@ "repository": "panva/jose",

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc