Comparing version 1.18.2 to 1.19.0
@@ -5,2 +5,11 @@ # Change Log | ||
# [1.19.0](https://github.com/panva/jose/compare/v1.18.2...v1.19.0) (2020-01-13) | ||
### Features | ||
* exposed shorthands for JWT verification profiles ([b1864e3](https://github.com/panva/jose/commit/b1864e319d1a7a42eadfa0c4b0145952e7814726)) | ||
## [1.18.2](https://github.com/panva/jose/compare/v1.18.1...v1.18.2) (2020-01-08) | ||
@@ -7,0 +16,0 @@ |
const decode = require('./decode') | ||
const sign = require('./sign') | ||
const verify = require('./verify') | ||
const profiles = require('./profiles') | ||
@@ -8,3 +9,4 @@ module.exports = { | ||
sign, | ||
verify | ||
verify, | ||
...profiles | ||
} |
{ | ||
"name": "jose", | ||
"version": "1.18.2", | ||
"version": "1.19.0", | ||
"description": "JSON Web Almost Everything - JWA, JWS, JWE, JWK, JWT, JWKS for Node.js with minimal dependencies", | ||
"keywords": [ | ||
"access token", | ||
"access_token", | ||
"compact", | ||
"decode", | ||
"decrypt", | ||
"ec", | ||
"ecdsa", | ||
"eddsa", | ||
@@ -25,6 +29,7 @@ "electron", | ||
"jwt", | ||
"access_token", | ||
"access token", | ||
"logout token", | ||
"logout_token", | ||
"logout token", | ||
"oct", | ||
"okp", | ||
"rsa", | ||
"secp256k1", | ||
@@ -31,0 +36,0 @@ "sign", |
@@ -235,12 +235,12 @@ # jose | ||
ID Token is a JWT, but profiled, there are additional requirements to a JWT to be accepted as an | ||
ID Token and it is pretty easy to omit some, use the `profile` option of `JWT.verify` to make sure | ||
what you're accepting is really an ID Token meant to your Client. This will then perform all | ||
doable validations given the input. See the [documentation][documentation-jwt] for more. | ||
ID Token and it is pretty easy to omit some, use the `profile` option of `JWT.verify` or the | ||
`JWT.IdToken.verify` shorthand to make sure what you're accepting is really an ID Token meant to | ||
your Client. This will then perform all doable validations given the input. See the | ||
[documentation][documentation-jwt] for more. | ||
```js | ||
jose.JWT.verify( | ||
jose.JWT.IdToken.verify( | ||
'eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImE1MWNjZjA4ZjRiYmIwNmU4ODcxNWRkYzRiYmI0MWQ4IiwiYXVkIjoidXJuOmV4YW1wbGU6Y2xpZW50X2lkIiwiZXhwIjoxNTYzODg4ODMwLCJpYXQiOjE1NjM4ODUyMzAsImlzcyI6Imh0dHBzOi8vb3AuZXhhbXBsZS5jb20ifQ.RKCZczgICF5G9XdNDSwe4dolGauQHptpFKPzahA2wYGG2HKrKhyC8ZzqpeVc8cbntuqFBgABJVv6_9YICRx_dgwPYydTpZfZYjHnxrdWF9QsIPEGs672mrnhqIXUnXoseZ0TF6GOq6P7Qbf6gk1ru7TAbr_ieyJnNWcJhh5iHpz1k3mFz0TyTh7UNXshtQXftPUipqz4OBni5r9UaZXHw8B3QYOnms8__GJ3owOxaqkr1jgRs_EWqMlBNjPaj7ElVaeBWljDKuoK673tH0heSpgzUmUX_W8IDUVqs33uglpZwAQC7cAA5mGEg2odcRpvpP5M-WaP4RE9dl9jzcYmrw', | ||
keystore, | ||
keyOrStore, | ||
{ | ||
profile: 'id_token', | ||
issuer: 'https://op.example.com', | ||
@@ -267,12 +267,12 @@ audience: 'urn:example:client_id', | ||
to be accepted as an Access Token according to the [specification][draft-ietf-oauth-access-token-jwt] | ||
and it is pretty easy to omit some. Use the `profile` option of `JWT.verify` to make sure | ||
what you're accepting is really a JWT Access Token meant for your Resource Server. This will then | ||
perform all doable validations given the input. See the [documentation][documentation-jwt] for more. | ||
and it is pretty easy to omit some. Use the `profile` option of `JWT.verify` or the | ||
`JWT.AccessToken.verify` shorthand to make sure what you're accepting is really a JWT Access Token | ||
meant for your Resource Server. This will then perform all doable validations given the input. See | ||
the [documentation][documentation-jwt] for more. | ||
```js | ||
jose.JWT.verify( | ||
jose.JWT.AccessToken.verify( | ||
'eyJhbGciOiJQUzI1NiIsInR5cCI6ImF0K0pXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJjbGllbnRfaWQiOiJ1cm46ZXhhbXBsZTpjbGllbnRfaWQiLCJhdWQiOiJ1cm46ZXhhbXBsZTpyZXNvdXJjZS1zZXJ2ZXIiLCJleHAiOjE1NjM4ODg4MzAsImlzcyI6Imh0dHBzOi8vb3AuZXhhbXBsZS5jb20iLCJzY29wZSI6ImFwaTpyZWFkIn0.UYy8vEGWS0cS24giCYobMMy9-bqI45p807yV1l-2WXX2J4UO-eohV_R58LE2oM88gl414c6XydO6QSYXul5roNPoOs41jpEvreQIP-HmegjbWGutktWJKfvoOblE5FjYwjrwStjLQGUzkq6KWcnDLPGmpFy7n6gZ4LF8YVz4dLEaO335hMNVNrmSPSXYqr7bAWybnLVpLxjDYwNfCO1g0_TlFx8fHh2OftHoOOmJFltFwb8JypkSB-JXVVSEh43IOEjeeMJIG_ylWIOxfLLi5Q7vPWgub83ZTkuGNe4KmlQJKIsH5k0yZSshsLYUOOH0RiXqQ-SA4Ubh3Fowigdu-g', | ||
keystore, | ||
keyOrStore, | ||
{ | ||
profile: 'at+JWT', | ||
issuer: 'https://op.example.com', | ||
@@ -293,12 +293,12 @@ audience: 'urn:example:resource-server', | ||
Logout Token is a JWT, but profiled, there are additional requirements to a JWT to be accepted as an | ||
Logout Token and it is pretty easy to omit some, use the `profile` option of `JWT.verify` to make sure | ||
what you're accepting is really an Logout Token meant to your Client. This will then perform all | ||
doable validations given the input. See the [documentation][documentation-jwt] for more. | ||
Logout Token and it is pretty easy to omit some, use the `profile` option of `JWT.verify` or the | ||
`JWT.LogoutToken.verify` to make sure what you're accepting is really an Logout Token meant to your | ||
Client. This will then perform all doable validations given the input. See the | ||
[documentation][documentation-jwt] for more. | ||
```js | ||
jose.JWT.verify( | ||
jose.JWT.LogoutToken.verify( | ||
'eyJhbGciOiJQUzI1NiJ9.eyJzdWIiOiJmb28iLCJhdWQiOiJ1cm46ZXhhbXBsZTpjbGllbnRfaWQiLCJpYXQiOjE1NjM4ODg4MzAsImp0aSI6ImhqazMyN2RzYSIsImlzcyI6Imh0dHBzOi8vb3AuZXhhbXBsZS5jb20iLCJldmVudHMiOnsiaHR0cDovL3NjaGVtYXMub3BlbmlkLm5ldC9ldmVudC9iYWNrY2hhbm5lbC1sb2dvdXQiOnt9fX0.SBi7uNUvjHL9TFoFzautGgTQ1MjyeGUNYHL7inpgq3XgTv6xc9EAKuPRtpixmhdNhmInGwUvAeqDSJxomwv1KK1cTndrC9zAMZ7h657BGQAwGhu7nTm41fWMpKQdiLa9sqp3yit5_FNBmqUNeOoMPrYT_Vl9ytsoNO89MUQy2aqCd-Z7BrNJZH0QycdW6dmYlrmZL7w3t3TaAXoJDJ4Hgl2Itkkkb6_6gO-VoPIdVD8sDuf1zQzGhIkmcFrk0fXczVYOkeF2hNYBuvsM8LuO-EPA3oyE2In9djai3M7yceTQetRa1vwlqWkg_xmYS59ry-6wT44aN7-Y6p0TdXm-Zg', | ||
keystore, | ||
keyOrStore, | ||
{ | ||
profile: 'logout_token', | ||
issuer: 'https://op.example.com', | ||
@@ -305,0 +305,0 @@ audience: 'urn:example:client_id', |
@@ -384,3 +384,25 @@ /// <reference types="node" /> | ||
} | ||
function sign(payload: object, key: ProduceKeyInput, options?: SignOptions): string; | ||
interface VerifyProfileOptions<profile> { | ||
issuer: string; | ||
audience: string | string[]; | ||
profile?: profile; | ||
} | ||
namespace IdToken { | ||
function verify(jwt: string, key: ConsumeKeyInput, options: VerifyOptions<false> & VerifyProfileOptions<'id_token'>): object; | ||
function verify(jwt: string, key: ConsumeKeyInput, options: VerifyOptions<true> & VerifyProfileOptions<'id_token'>): completeResult; | ||
} | ||
namespace LogoutToken { | ||
function verify(jwt: string, key: ConsumeKeyInput, options: VerifyOptions<false> & VerifyProfileOptions<'logout_token'>): object; | ||
function verify(jwt: string, key: ConsumeKeyInput, options: VerifyOptions<true> & VerifyProfileOptions<'logout_token'>): completeResult; | ||
} | ||
namespace AccessToken { | ||
function verify(jwt: string, key: ConsumeKeyInput, options: VerifyOptions<false> & VerifyProfileOptions<'at+JWT'>): object; | ||
function verify(jwt: string, key: ConsumeKeyInput, options: VerifyOptions<true> & VerifyProfileOptions<'at+JWT'>): completeResult; | ||
} | ||
} | ||
@@ -387,0 +409,0 @@ |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
223796
87
4802