Comparing version 1.23.0 to 1.24.0
@@ -5,2 +5,11 @@ # Change Log | ||
# [1.24.0](https://github.com/panva/jose/compare/v1.23.0...v1.24.0) (2020-02-25) | ||
### Features | ||
* add JWT.verify "typ" option for checking JWT Type Header parameter ([fc08426](https://github.com/panva/jose/commit/fc08426466233709b442ba21232768ddeeb94e56)) | ||
# [1.23.0](https://github.com/panva/jose/compare/v1.22.2...v1.23.0) (2020-02-18) | ||
@@ -7,0 +16,0 @@ |
@@ -0,1 +1,3 @@ | ||
/* global BigInt */ | ||
const { keyObjectSupported } = require('./runtime_support') | ||
@@ -329,3 +331,3 @@ | ||
// special case when private pkcs1 PEM / DER is used with createPublicKey | ||
if (parsed.n === 0n) { | ||
if (parsed.n === BigInt(0)) { | ||
return createPublicKey(createPrivateKey({ key, format, type, passphrase })) | ||
@@ -332,0 +334,0 @@ } |
/* global BigInt */ | ||
const { EOL } = require('os') | ||
@@ -3,0 +4,0 @@ |
@@ -43,3 +43,3 @@ const isObject = require('../help/is_object') | ||
ignoreIat = false, ignoreNbf = false, issuer, jti, maxAuthAge, maxTokenAge, nonce, now = new Date(), | ||
profile, subject | ||
profile, subject, typ | ||
}) => { | ||
@@ -70,2 +70,3 @@ isOptionString(profile, 'options.profile') | ||
isOptionString(clockTolerance, 'options.clockTolerance') | ||
isOptionString(typ, 'options.typ') | ||
@@ -114,2 +115,4 @@ if (audience !== undefined && (isNotString(audience) && isNotArrayOfStrings(audience))) { | ||
typ = ATJWT | ||
break | ||
@@ -148,3 +151,4 @@ case LOGOUTTOKEN: | ||
profile, | ||
subject | ||
subject, | ||
typ | ||
} | ||
@@ -163,11 +167,11 @@ } | ||
isPayloadString(payload.nonce, '"nonce" claim', 'nonce', !!options.nonce) | ||
isPayloadString(payload.iss, '"iss" claim', 'iss', profile === IDTOKEN || profile === ATJWT || profile === LOGOUTTOKEN || !!options.issuer) | ||
isPayloadString(payload.iss, '"iss" claim', 'iss', !!options.issuer) | ||
isPayloadString(payload.sub, '"sub" claim', 'sub', profile === IDTOKEN || profile === ATJWT || !!options.subject) | ||
isStringOrArrayOfStrings(payload.aud, 'aud', profile === IDTOKEN || profile === ATJWT || profile === LOGOUTTOKEN || !!options.audience) | ||
isStringOrArrayOfStrings(payload.aud, 'aud', !!options.audience) | ||
isPayloadString(payload.azp, '"azp" claim', 'azp', profile === IDTOKEN && Array.isArray(payload.aud) && payload.aud.length > 1) | ||
isStringOrArrayOfStrings(payload.amr, 'amr') | ||
isPayloadString(header.typ, '"typ" header parameter', 'typ', !!options.typ) | ||
if (profile === ATJWT) { | ||
isPayloadString(payload.client_id, '"client_id" claim', 'client_id', true) | ||
isPayloadString(header.typ, '"typ" header parameter', 'typ', true) | ||
} | ||
@@ -229,3 +233,3 @@ | ||
algorithms, audience, clockTolerance, complete, crit, ignoreExp, ignoreIat, ignoreNbf, issuer, | ||
jti, maxAuthAge, maxTokenAge, nonce, now, profile, subject | ||
jti, maxAuthAge, maxTokenAge, nonce, now, profile, subject, typ | ||
} = options = validateOptions(options) | ||
@@ -266,2 +270,6 @@ | ||
if (typ && decoded.header.typ !== typ) { | ||
throw new JWTClaimInvalid('unexpected "typ" JWT header value', 'typ', 'check_failed') | ||
} | ||
const tolerance = clockTolerance ? secs(clockTolerance) : 0 | ||
@@ -305,7 +313,3 @@ | ||
if (profile === ATJWT && decoded.header.typ !== ATJWT) { | ||
throw new JWTClaimInvalid('invalid JWT typ header value for the used validation profile', 'typ', 'check_failed') | ||
} | ||
return complete ? decoded : decoded.payload | ||
} |
{ | ||
"name": "jose", | ||
"version": "1.23.0", | ||
"version": "1.24.0", | ||
"description": "JSON Web Almost Everything - JWA, JWS, JWE, JWK, JWT, JWKS for Node.js with minimal dependencies", | ||
@@ -87,3 +87,3 @@ "keywords": [ | ||
"c8": "^7.0.0", | ||
"dtslint": "^2.0.5", | ||
"dtslint": "^3.0.0", | ||
"husky": "^4.0.0", | ||
@@ -90,0 +90,0 @@ "standard": "^14.3.1" |
@@ -434,2 +434,3 @@ /// <reference types="node" /> | ||
nonce?: string; | ||
typ?: string; | ||
now?: Date; | ||
@@ -436,0 +437,0 @@ crit?: string[]; |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
227255
4862