jsonwebtoken
Advanced tools
Comparing version 0.4.1 to 1.0.0
37
index.js
var jws = require('jws'); | ||
module.exports.decode = function (jwt) { | ||
return jws.decode(jwt).payload; | ||
var decoded = jws.decode(jwt, {json: true}); | ||
return decoded && decoded.payload; | ||
}; | ||
@@ -38,7 +39,7 @@ | ||
var parts = jwtString.split('.'); | ||
if (parts.length < 3) | ||
return callback(new Error('jwt malformed')); | ||
if (parts.length !== 3) | ||
return callback(new JsonWebTokenError('jwt malformed')); | ||
if (parts[2].trim() === '' && secretOrPublicKey) | ||
return callback(new Error('jwt signature is required')); | ||
return callback(new JsonWebTokenError('jwt signature is required')); | ||
@@ -54,3 +55,3 @@ var valid; | ||
if (!valid) | ||
return callback(new Error('invalid signature')); | ||
return callback(new JsonWebTokenError('invalid signature')); | ||
@@ -61,8 +62,9 @@ var payload = this.decode(jwtString); | ||
if (Math.round(Date.now()) / 1000 >= payload.exp) | ||
return callback(new Error('jwt expired')); | ||
return callback(new TokenExpiredError('jwt expired', new Date(payload.exp * 1000))); | ||
} | ||
if (options.audience) { | ||
if (payload.aud !== options.audience) | ||
return callback(new Error('jwt audience invalid. expected: ' + payload.aud)); | ||
var audiences = Array.isArray(options.audience)? options.audience : [options.audience]; | ||
if (audiences.indexOf(payload.aud) < 0) | ||
return callback(new JsonWebTokenError('jwt audience invalid. expected: ' + payload.aud)); | ||
} | ||
@@ -72,3 +74,3 @@ | ||
if (payload.iss !== options.issuer) | ||
return callback(new Error('jwt issuer invalid. expected: ' + payload.iss)); | ||
return callback(new JsonWebTokenError('jwt issuer invalid. expected: ' + payload.iss)); | ||
} | ||
@@ -78,1 +80,18 @@ | ||
}; | ||
var JsonWebTokenError = module.exports.JsonWebTokenError = function (message, error) { | ||
Error.call(this, message); | ||
this.name = 'JsonWebTokenError'; | ||
this.message = message; | ||
if (error) this.inner = error; | ||
} | ||
JsonWebTokenError.prototype = Object.create(Error.prototype); | ||
JsonWebTokenError.prototype.constructor = JsonWebTokenError; | ||
var TokenExpiredError = module.exports.TokenExpiredError = function (message, expiredAt) { | ||
JsonWebTokenError.call(this, message); | ||
this.name = 'TokenExpiredError'; | ||
this.expiredAt = expiredAt; | ||
}; | ||
TokenExpiredError.prototype = Object.create(JsonWebTokenError.prototype); | ||
TokenExpiredError.prototype.constructor = TokenExpiredError; |
{ | ||
"name": "jsonwebtoken", | ||
"version": "0.4.1", | ||
"version": "1.0.0", | ||
"description": "JSON Web Token implementation (symmetric and asymmetric)", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -109,2 +109,54 @@ # jsonwebtoken [![Build Status](https://secure.travis-ci.org/auth0/node-jsonwebtoken.png)](http://travis-ci.org/auth0/node-jsonwebtoken) | ||
## Errors & Codes | ||
Possible thrown errors during verification. | ||
Error is the first argument of the verification callback. | ||
### TokenExpiredError | ||
Thrown error if the token is expired. | ||
Error object: | ||
* name: 'TokenExpiredError' | ||
* message: 'jwt expired' | ||
* expiredAt: [ExpDate] | ||
```js | ||
jwt.verify(token, 'shhhhh', function(err, decoded) { | ||
if (err) { | ||
/* | ||
err = { | ||
name: 'TokenExpiredError', | ||
message: 'jwt expired', | ||
expiredAt: 1408621000 | ||
} | ||
*/ | ||
} | ||
}); | ||
``` | ||
### JsonWebTokenError | ||
Error object: | ||
* name: 'JsonWebTokenError' | ||
* message: | ||
* 'jwt malformed' | ||
* 'jwt signature is required' | ||
* 'invalid signature' | ||
* 'jwt audience invalid. expected: [PAYLOAD AUDIENCE]' | ||
* 'jwt issuer invalid. expected: [PAYLOAD ISSUER]' | ||
```js | ||
jwt.verify(token, 'shhhhh', function(err, decoded) { | ||
if (err) { | ||
/* | ||
err = { | ||
name: 'JsonWebTokenError', | ||
message: 'jwt malformed' | ||
} | ||
*/ | ||
} | ||
}); | ||
``` | ||
## Algorithms supported | ||
@@ -111,0 +163,0 @@ |
@@ -40,3 +40,2 @@ var jwt = require('../index'); | ||
describe('when signing a token with expiration', function() { | ||
@@ -60,6 +59,8 @@ var token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256', expiresInMinutes: 10 }); | ||
assert.isNotNull(err); | ||
assert.equal(err.name, 'TokenExpiredError'); | ||
assert.instanceOf(err.expiredAt, Date); | ||
assert.instanceOf(err, jwt.TokenExpiredError); | ||
done(); | ||
}); | ||
}); | ||
}); | ||
@@ -78,2 +79,10 @@ | ||
it('should check audience in array', function(done) { | ||
jwt.verify(token, pub, { audience: ['urn:foo', 'urn:other'] }, function (err, decoded) { | ||
assert.isNotNull(decoded); | ||
assert.isNull(err); | ||
done(); | ||
}); | ||
}); | ||
it('should throw when invalid audience', function(done) { | ||
@@ -83,2 +92,4 @@ jwt.verify(token, pub, { audience: 'urn:wrong' }, function(err, decoded) { | ||
assert.isNotNull(err); | ||
assert.equal(err.name, 'JsonWebTokenError'); | ||
assert.instanceOf(err, jwt.JsonWebTokenError); | ||
done(); | ||
@@ -88,2 +99,12 @@ }); | ||
it('should throw when invalid audience in array', function(done) { | ||
jwt.verify(token, pub, { audience: ['urn:wrong', 'urn:morewrong'] }, function(err, decoded) { | ||
assert.isUndefined(decoded); | ||
assert.isNotNull(err); | ||
assert.equal(err.name, 'JsonWebTokenError'); | ||
assert.instanceOf(err, jwt.JsonWebTokenError); | ||
done(); | ||
}); | ||
}); | ||
}); | ||
@@ -98,2 +119,4 @@ | ||
assert.isNotNull(err); | ||
assert.equal(err.name, 'JsonWebTokenError'); | ||
assert.instanceOf(err, jwt.JsonWebTokenError); | ||
done(); | ||
@@ -103,2 +126,12 @@ }); | ||
it('should check audience in array', function(done) { | ||
jwt.verify(token, pub, { audience: ['urn:wrong', 'urn:morewrong'] }, function(err, decoded) { | ||
assert.isUndefined(decoded); | ||
assert.isNotNull(err); | ||
assert.equal(err.name, 'JsonWebTokenError'); | ||
assert.instanceOf(err, jwt.JsonWebTokenError); | ||
done(); | ||
}); | ||
}); | ||
}); | ||
@@ -120,2 +153,4 @@ | ||
assert.isNotNull(err); | ||
assert.equal(err.name, 'JsonWebTokenError'); | ||
assert.instanceOf(err, jwt.JsonWebTokenError); | ||
}); | ||
@@ -132,2 +167,4 @@ }); | ||
assert.isNotNull(err); | ||
assert.equal(err.name, 'JsonWebTokenError'); | ||
assert.instanceOf(err, jwt.JsonWebTokenError); | ||
}); | ||
@@ -142,2 +179,3 @@ }); | ||
assert.isNotNull(err); | ||
assert.equal(err.name, 'Error'); | ||
done(); | ||
@@ -148,3 +186,31 @@ }); | ||
describe('when decoding a jwt token with additional parts', function() { | ||
var token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256' }); | ||
it('should throw', function(done) { | ||
jwt.verify(token + '.foo', pub, function(err, decoded) { | ||
assert.isUndefined(decoded); | ||
assert.isNotNull(err); | ||
done(); | ||
}); | ||
}); | ||
}); | ||
describe('when decoding a invalid jwt token', function() { | ||
it('should return null', function(done) { | ||
var payload = jwt.decode('whatever.token'); | ||
assert.isNull(payload); | ||
done(); | ||
}); | ||
}); | ||
describe('when decoding a valid jwt token', function() { | ||
it('should return the payload', function(done) { | ||
var obj = { foo: 'bar' }; | ||
var token = jwt.sign(obj, priv, { algorithm: 'RS256' }); | ||
var payload = jwt.decode(token); | ||
assert.deepEqual(payload, obj); | ||
done(); | ||
}); | ||
}); | ||
}); |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
21298
278
1
188