jose - npm Package Compare versions

Comparing version 1.18.2 to 1.19.0

CHANGELOG.md

@@ -5,2 +5,11 @@ # Change Log
 
+# [1.19.0](https://github.com/panva/jose/compare/v1.18.2...v1.19.0) (2020-01-13)
+
+
+### Features
+
+* exposed shorthands for JWT verification profiles ([b1864e3](https://github.com/panva/jose/commit/b1864e319d1a7a42eadfa0c4b0145952e7814726))
+
+
+
 ## [1.18.2](https://github.com/panva/jose/compare/v1.18.1...v1.18.2) (2020-01-08)
@@ -7,0 +16,0 @@

lib/jwt/index.js

 const decode = require('./decode')
 const sign = require('./sign')
 const verify = require('./verify')
+const profiles = require('./profiles')
 
@@ -8,3 +9,4 @@ module.exports = {
   sign,
-  verify
+  verify,
+  ...profiles
 }

package.json

 {
   "name": "jose",
-  "version": "1.18.2",
+  "version": "1.19.0",
   "description": "JSON Web Almost Everything - JWA, JWS, JWE, JWK, JWT, JWKS for Node.js with minimal dependencies",
   "keywords": [
+    "access token",
+    "access_token",
     "compact",
     "decode",
     "decrypt",
+    "ec",
+    "ecdsa",
     "eddsa",
@@ -25,6 +29,7 @@ "electron",
     "jwt",
-    "access_token",
-    "access token",
+    "logout token",
     "logout_token",
-    "logout token",
+    "oct",
+    "okp",
+    "rsa",
     "secp256k1",
@@ -31,0 +36,0 @@ "sign",

README.md

@@ -235,12 +235,12 @@ # jose
 ID Token is a JWT, but profiled, there are additional requirements to a JWT to be accepted as an
-ID Token and it is pretty easy to omit some, use the `profile` option of `JWT.verify` to make sure
-what you're accepting is really an ID Token meant to your Client. This will then perform all
-doable validations given the input. See the [documentation][documentation-jwt] for more.
+ID Token and it is pretty easy to omit some, use the `profile` option of `JWT.verify` or the
+`JWT.IdToken.verify` shorthand to make sure what you're accepting is really an ID Token meant to
+your Client. This will then perform all doable validations given the input. See the
+[documentation][documentation-jwt] for more.
 
 ```js
-jose.JWT.verify(
+jose.JWT.IdToken.verify(
   'eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImE1MWNjZjA4ZjRiYmIwNmU4ODcxNWRkYzRiYmI0MWQ4IiwiYXVkIjoidXJuOmV4YW1wbGU6Y2xpZW50X2lkIiwiZXhwIjoxNTYzODg4ODMwLCJpYXQiOjE1NjM4ODUyMzAsImlzcyI6Imh0dHBzOi8vb3AuZXhhbXBsZS5jb20ifQ.RKCZczgICF5G9XdNDSwe4dolGauQHptpFKPzahA2wYGG2HKrKhyC8ZzqpeVc8cbntuqFBgABJVv6_9YICRx_dgwPYydTpZfZYjHnxrdWF9QsIPEGs672mrnhqIXUnXoseZ0TF6GOq6P7Qbf6gk1ru7TAbr_ieyJnNWcJhh5iHpz1k3mFz0TyTh7UNXshtQXftPUipqz4OBni5r9UaZXHw8B3QYOnms8__GJ3owOxaqkr1jgRs_EWqMlBNjPaj7ElVaeBWljDKuoK673tH0heSpgzUmUX_W8IDUVqs33uglpZwAQC7cAA5mGEg2odcRpvpP5M-WaP4RE9dl9jzcYmrw',
-  keystore,
+  keyOrStore,
   {
-    profile: 'id_token',
     issuer: 'https://op.example.com',
@@ -267,12 +267,12 @@ audience: 'urn:example:client_id',
 to be accepted as an Access Token according to the [specification][draft-ietf-oauth-access-token-jwt]
-and it is pretty easy to omit some. Use the `profile` option of `JWT.verify` to make sure
-what you're accepting is really a JWT Access Token meant for your Resource Server. This will then
-perform all doable validations given the input. See the [documentation][documentation-jwt] for more.
+and it is pretty easy to omit some. Use the `profile` option of `JWT.verify` or the
+`JWT.AccessToken.verify` shorthand to make sure what you're accepting is really a JWT Access Token
+meant for your Resource Server. This will then perform all doable validations given the input. See
+the [documentation][documentation-jwt] for more.
 
 ```js
-jose.JWT.verify(
+jose.JWT.AccessToken.verify(
   'eyJhbGciOiJQUzI1NiIsInR5cCI6ImF0K0pXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJjbGllbnRfaWQiOiJ1cm46ZXhhbXBsZTpjbGllbnRfaWQiLCJhdWQiOiJ1cm46ZXhhbXBsZTpyZXNvdXJjZS1zZXJ2ZXIiLCJleHAiOjE1NjM4ODg4MzAsImlzcyI6Imh0dHBzOi8vb3AuZXhhbXBsZS5jb20iLCJzY29wZSI6ImFwaTpyZWFkIn0.UYy8vEGWS0cS24giCYobMMy9-bqI45p807yV1l-2WXX2J4UO-eohV_R58LE2oM88gl414c6XydO6QSYXul5roNPoOs41jpEvreQIP-HmegjbWGutktWJKfvoOblE5FjYwjrwStjLQGUzkq6KWcnDLPGmpFy7n6gZ4LF8YVz4dLEaO335hMNVNrmSPSXYqr7bAWybnLVpLxjDYwNfCO1g0_TlFx8fHh2OftHoOOmJFltFwb8JypkSB-JXVVSEh43IOEjeeMJIG_ylWIOxfLLi5Q7vPWgub83ZTkuGNe4KmlQJKIsH5k0yZSshsLYUOOH0RiXqQ-SA4Ubh3Fowigdu-g',
-  keystore,
+  keyOrStore,
   {
-    profile: 'at+JWT',
     issuer: 'https://op.example.com',
@@ -293,12 +293,12 @@ audience: 'urn:example:resource-server',
 Logout Token is a JWT, but profiled, there are additional requirements to a JWT to be accepted as an
-Logout Token and it is pretty easy to omit some, use the `profile` option of `JWT.verify` to make sure
-what you're accepting is really an Logout Token meant to your Client. This will then perform all
-doable validations given the input. See the [documentation][documentation-jwt] for more.
+Logout Token and it is pretty easy to omit some, use the `profile` option of `JWT.verify` or the
+`JWT.LogoutToken.verify` to make sure what you're accepting is really an Logout Token meant to your
+Client. This will then perform all doable validations given the input. See the
+[documentation][documentation-jwt] for more.
 
 ```js
-jose.JWT.verify(
+jose.JWT.LogoutToken.verify(
   'eyJhbGciOiJQUzI1NiJ9.eyJzdWIiOiJmb28iLCJhdWQiOiJ1cm46ZXhhbXBsZTpjbGllbnRfaWQiLCJpYXQiOjE1NjM4ODg4MzAsImp0aSI6ImhqazMyN2RzYSIsImlzcyI6Imh0dHBzOi8vb3AuZXhhbXBsZS5jb20iLCJldmVudHMiOnsiaHR0cDovL3NjaGVtYXMub3BlbmlkLm5ldC9ldmVudC9iYWNrY2hhbm5lbC1sb2dvdXQiOnt9fX0.SBi7uNUvjHL9TFoFzautGgTQ1MjyeGUNYHL7inpgq3XgTv6xc9EAKuPRtpixmhdNhmInGwUvAeqDSJxomwv1KK1cTndrC9zAMZ7h657BGQAwGhu7nTm41fWMpKQdiLa9sqp3yit5_FNBmqUNeOoMPrYT_Vl9ytsoNO89MUQy2aqCd-Z7BrNJZH0QycdW6dmYlrmZL7w3t3TaAXoJDJ4Hgl2Itkkkb6_6gO-VoPIdVD8sDuf1zQzGhIkmcFrk0fXczVYOkeF2hNYBuvsM8LuO-EPA3oyE2In9djai3M7yceTQetRa1vwlqWkg_xmYS59ry-6wT44aN7-Y6p0TdXm-Zg',
-  keystore,
+  keyOrStore,
   {
-    profile: 'logout_token',
     issuer: 'https://op.example.com',
@@ -305,0 +305,0 @@ audience: 'urn:example:client_id',

types/index.d.ts

@@ -384,3 +384,25 @@ /// <reference types="node" />
   }
+
   function sign(payload: object, key: ProduceKeyInput, options?: SignOptions): string;
+
+  interface VerifyProfileOptions<profile> {
+    issuer: string;
+    audience: string | string[];
+    profile?: profile;
+  }
+
+  namespace IdToken {
+    function verify(jwt: string, key: ConsumeKeyInput, options: VerifyOptions<false> & VerifyProfileOptions<'id_token'>): object;
+    function verify(jwt: string, key: ConsumeKeyInput, options: VerifyOptions<true> & VerifyProfileOptions<'id_token'>): completeResult;
+  }
+
+  namespace LogoutToken {
+    function verify(jwt: string, key: ConsumeKeyInput, options: VerifyOptions<false> & VerifyProfileOptions<'logout_token'>): object;
+    function verify(jwt: string, key: ConsumeKeyInput, options: VerifyOptions<true> & VerifyProfileOptions<'logout_token'>): completeResult;
+  }
+
+  namespace AccessToken {
+    function verify(jwt: string, key: ConsumeKeyInput, options: VerifyOptions<false> & VerifyProfileOptions<'at+JWT'>): object;
+    function verify(jwt: string, key: ConsumeKeyInput, options: VerifyOptions<true> & VerifyProfileOptions<'at+JWT'>): completeResult;
+  }
 }
@@ -387,0 +409,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

223796

increased by0.82%

Number of package files

87

increased by1.16%

Lines of code

4802

increased by0.52%

No dependency changes