jose - npm Package Compare versions

Comparing version 1.13.0 to 1.14.0

CHANGELOG.md

@@ -5,2 +5,11 @@ # Change Log
 
+# [1.14.0](https://github.com/panva/jose/compare/v1.13.0...v1.14.0) (2019-11-26)
+
+
+### Features
+
+* allow JWKS.KeyStore .all and .get to filter for key curves ([ea60338](https://github.com/panva/jose/commit/ea60338ca6f58f2626992a38da76812477ce4540))
+
+
+
 # [1.13.0](https://github.com/panva/jose/compare/v1.12.1...v1.13.0) (2019-11-23)
@@ -7,0 +16,0 @@

lib/jwks/keystore.js

@@ -9,3 +9,3 @@ const { deprecate, inspect } = require('util')
 
-const keyscore = (key, { alg, kid, use, ops, x5t, x5t256 }) => {
+const keyscore = (key, { alg, use, ops }) => {
   let score = 0
@@ -17,14 +17,2 @@
 
-  if (kid && key.kid) {
-    score++
-  }
-
-  if (x5t && key.x5t) {
-    score++
-  }
-
-  if (x5t256 && key['x5t#S256']) {
-    score++
-  }
-
   if (use && key.use) {
@@ -69,3 +57,3 @@ score++
 
-  all ({ alg, kid, use, kty, key_ops: ops, x5t, 'x5t#S256': x5t256 } = {}) {
+  all ({ alg, kid, use, kty, key_ops: ops, x5t, 'x5t#S256': x5t256, crv } = {}) {
     if (ops !== undefined && (!Array.isArray(ops) || !ops.length || ops.some(x => typeof x !== 'string'))) {
@@ -75,3 +63,3 @@ throw new TypeError('`key_ops` must be a non-empty array of strings')
 
-    const search = { alg, kid, use, ops, x5t, x5t256 }
+    const search = { alg, use, ops }
     return [...i(this).keys]
@@ -81,6 +69,2 @@ .filter((key) => {
 
-        if (alg !== undefined && !key.algorithms().has(alg)) {
-          candidate = false
-        }
-
         if (candidate && kid !== undefined && key.kid !== kid) {
@@ -102,2 +86,10 @@ candidate = false
 
+        if (candidate && crv !== undefined && (key.crv !== crv)) {
+          candidate = false
+        }
+
+        if (alg !== undefined && !key.algorithms().has(alg)) {
+          candidate = false
+        }
+
         if (candidate && use !== undefined && (key.use !== undefined && key.use !== use)) {
@@ -104,0 +96,0 @@ candidate = false

package.json

 {
   "name": "jose",
-  "version": "1.13.0",
+  "version": "1.14.0",
   "description": "JSON Web Almost Everything - JWA, JWS, JWE, JWK, JWT, JWKS for Node.js with minimal dependencies",
@@ -5,0 +5,0 @@ "keywords": [

types/index.d.ts

@@ -183,2 +183,3 @@ /// <reference types="node" />
     'x5t#S256'?: string;
+    crv?: string;
   }
@@ -185,0 +186,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

208547

increased by0.1%

Worsened metrics

Lines of code

4591

decreased by-0.11%

No dependency changes