jsonwebtoken
Advanced tools
Comparing version 8.4.0 to 8.5.0
@@ -7,2 +7,21 @@ # Change Log | ||
## 8.5.0 - 2019-02-20 | ||
### New Functionality | ||
- feat: add PS JWA support for applicable node versions (#573) ([eefb9d9c6eec54718fa6e41306bda84788df7bec](https://github.com/auth0/node-jsonwebtoken/commit/eefb9d9c6eec54718fa6e41306bda84788df7bec)), closes [#573](https://github.com/auth0/node-jsonwebtoken/issues/573) | ||
- Add complete option in jwt.verify (#522) ([8737789dd330cf9e7870f4df97fd52479adbac22](https://github.com/auth0/node-jsonwebtoken/commit/8737789dd330cf9e7870f4df97fd52479adbac22)), closes [#522](https://github.com/auth0/node-jsonwebtoken/issues/522) | ||
### Test Improvements | ||
- Add tests for private claims in the payload (#555) ([5147852896755dc1291825e2e40556f964411fb2](https://github.com/auth0/node-jsonwebtoken/commit/5147852896755dc1291825e2e40556f964411fb2)), closes [#555](https://github.com/auth0/node-jsonwebtoken/issues/555) | ||
- Force use_strict during testing (#577) ([7b60c127ceade36c33ff33be066e435802001c94](https://github.com/auth0/node-jsonwebtoken/commit/7b60c127ceade36c33ff33be066e435802001c94)), closes [#577](https://github.com/auth0/node-jsonwebtoken/issues/577) | ||
- Refactor tests related to jti and jwtid (#544) ([7eebbc75ab89e01af5dacf2aae90fe05a13a1454](https://github.com/auth0/node-jsonwebtoken/commit/7eebbc75ab89e01af5dacf2aae90fe05a13a1454)), closes [#544](https://github.com/auth0/node-jsonwebtoken/issues/544) | ||
- ci: remove nsp from tests (#569) ([da8f55c3c7b4dd0bfc07a2df228500fdd050242a](https://github.com/auth0/node-jsonwebtoken/commit/da8f55c3c7b4dd0bfc07a2df228500fdd050242a)), closes [#569](https://github.com/auth0/node-jsonwebtoken/issues/569) | ||
### Docs | ||
- Fix 'cert' token which isn't a cert (#554) ([0c24fe68cd2866cea6322016bf993cd897fefc98](https://github.com/auth0/node-jsonwebtoken/commit/0c24fe68cd2866cea6322016bf993cd897fefc98)), closes [#554](https://github.com/auth0/node-jsonwebtoken/issues/554) | ||
## 8.4.0 - 2018-11-14 | ||
@@ -9,0 +28,0 @@ |
{ | ||
"name": "jsonwebtoken", | ||
"version": "8.4.0", | ||
"version": "8.5.0", | ||
"description": "JSON Web Token implementation (symmetric and asymmetric)", | ||
@@ -23,4 +23,4 @@ "main": "index.js", | ||
"lint": "eslint .", | ||
"coverage": "nyc mocha", | ||
"test": "npm run lint && npm run coverage && nsp check && cost-of-modules" | ||
"coverage": "nyc mocha --use_strict", | ||
"test": "npm run lint && npm run coverage && cost-of-modules" | ||
}, | ||
@@ -40,3 +40,3 @@ "repository": { | ||
"dependencies": { | ||
"jws": "^3.1.5", | ||
"jws": "^3.2.1", | ||
"lodash.includes": "^4.3.0", | ||
@@ -49,3 +49,4 @@ "lodash.isboolean": "^3.0.3", | ||
"lodash.once": "^4.0.0", | ||
"ms": "^2.1.1" | ||
"ms": "^2.1.1", | ||
"semver": "^5.6.0" | ||
}, | ||
@@ -52,0 +53,0 @@ "devDependencies": { |
@@ -75,4 +75,4 @@ # jsonwebtoken | ||
// sign with RSA SHA256 | ||
var cert = fs.readFileSync('private.key'); | ||
var token = jwt.sign({ foo: 'bar' }, cert, { algorithm: 'RS256'}); | ||
var privateKey = fs.readFileSync('private.key'); | ||
var token = jwt.sign({ foo: 'bar' }, privateKey, { algorithm: 'RS256'}); | ||
``` | ||
@@ -82,3 +82,3 @@ | ||
```js | ||
jwt.sign({ foo: 'bar' }, cert, { algorithm: 'RS256' }, function(err, token) { | ||
jwt.sign({ foo: 'bar' }, privateKey, { algorithm: 'RS256' }, function(err, token) { | ||
console.log(token); | ||
@@ -143,2 +143,3 @@ }); | ||
> Eg: `"urn:foo"`, `/urn:f[o]{2}/`, `[/urn:f[o]{2}/, "urn:bar"]` | ||
* `complete`: return an object with the decoded `{ payload, header, signature }` instead of only the usual content of the payload. | ||
* `issuer` (optional): string or array of strings of valid values for the `iss` field. | ||
@@ -345,5 +346,8 @@ * `ignoreExpiration`: if `true` do not validate the expiration of the token. | ||
HS512 | HMAC using SHA-512 hash algorithm | ||
RS256 | RSASSA using SHA-256 hash algorithm | ||
RS384 | RSASSA using SHA-384 hash algorithm | ||
RS512 | RSASSA using SHA-512 hash algorithm | ||
RS256 | RSASSA-PKCS1-v1_5 using SHA-256 hash algorithm | ||
RS384 | RSASSA-PKCS1-v1_5 using SHA-384 hash algorithm | ||
RS512 | RSASSA-PKCS1-v1_5 using SHA-512 hash algorithm | ||
PS256 | RSASSA-PSS using SHA-256 hash algorithm (only node ^6.12.0 || >=8.0.0) | ||
PS384 | RSASSA-PSS using SHA-384 hash algorithm (only node ^6.12.0 || >=8.0.0) | ||
PS512 | RSASSA-PSS using SHA-512 hash algorithm (only node ^6.12.0 || >=8.0.0) | ||
ES256 | ECDSA using P-256 curve and SHA-256 hash algorithm | ||
@@ -350,0 +354,0 @@ ES384 | ECDSA using P-384 curve and SHA-384 hash algorithm |
14
sign.js
var timespan = require('./lib/timespan'); | ||
var PS_SUPPORTED = require('./lib/psSupported'); | ||
var jws = require('jws'); | ||
@@ -11,2 +12,7 @@ var includes = require('lodash.includes'); | ||
var SUPPORTED_ALGS = ['RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'HS256', 'HS384', 'HS512', 'none'] | ||
if (PS_SUPPORTED) { | ||
SUPPORTED_ALGS.splice(3, 0, 'PS256', 'PS384', 'PS512'); | ||
} | ||
var sign_options_schema = { | ||
@@ -16,3 +22,3 @@ expiresIn: { isValid: function(value) { return isInteger(value) || (isString(value) && value); }, message: '"expiresIn" should be a number of seconds or string representing a timespan' }, | ||
audience: { isValid: function(value) { return isString(value) || Array.isArray(value); }, message: '"audience" must be a string or array' }, | ||
algorithm: { isValid: includes.bind(null, ['RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'HS256', 'HS384', 'HS512', 'none']), message: '"algorithm" must be a valid string enum value' }, | ||
algorithm: { isValid: includes.bind(null, SUPPORTED_ALGS), message: '"algorithm" must be a valid string enum value' }, | ||
header: { isValid: isPlainObject, message: '"header" must be an object' }, | ||
@@ -145,6 +151,6 @@ encoding: { isValid: isString, message: '"encoding" must be a string' }, | ||
if (!options.noTimestamp) { | ||
if (options.noTimestamp) { | ||
delete payload.iat; | ||
} else if (isObjectPayload) { | ||
payload.iat = timestamp; | ||
} else { | ||
delete payload.iat; | ||
} | ||
@@ -151,0 +157,0 @@ |
@@ -6,4 +6,14 @@ var JsonWebTokenError = require('./lib/JsonWebTokenError'); | ||
var timespan = require('./lib/timespan'); | ||
var PS_SUPPORTED = require('./lib/psSupported'); | ||
var jws = require('jws'); | ||
var PUB_KEY_ALGS = ['RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512']; | ||
var RSA_KEY_ALGS = ['RS256', 'RS384', 'RS512']; | ||
var HS_ALGS = ['HS256', 'HS384', 'HS512']; | ||
if (PS_SUPPORTED) { | ||
PUB_KEY_ALGS.splice(3, 0, 'PS256', 'PS384', 'PS512'); | ||
RSA_KEY_ALGS.splice(3, 0, 'PS256', 'PS384', 'PS512'); | ||
} | ||
module.exports = function (jwtString, secretOrPublicKey, options, callback) { | ||
@@ -106,7 +116,4 @@ if ((typeof options === 'function') && !callback) { | ||
options.algorithms = ~secretOrPublicKey.toString().indexOf('BEGIN CERTIFICATE') || | ||
~secretOrPublicKey.toString().indexOf('BEGIN PUBLIC KEY') ? | ||
['RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512'] : | ||
~secretOrPublicKey.toString().indexOf('BEGIN RSA PUBLIC KEY') ? | ||
['RS256', 'RS384', 'RS512'] : | ||
['HS256', 'HS384', 'HS512']; | ||
~secretOrPublicKey.toString().indexOf('BEGIN PUBLIC KEY') ? PUB_KEY_ALGS : | ||
~secretOrPublicKey.toString().indexOf('BEGIN RSA PUBLIC KEY') ? RSA_KEY_ALGS : HS_ALGS; | ||
@@ -208,4 +215,14 @@ } | ||
if (options.complete === true) { | ||
var signature = decodedToken.signature; | ||
return done(null, { | ||
header: header, | ||
payload: payload, | ||
signature: signature | ||
}); | ||
} | ||
return done(null, payload); | ||
}); | ||
}; |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
73408
13
437
376
10
+ Addedsemver@^5.6.0
+ Addedsemver@5.7.2(transitive)
Updatedjws@^3.2.1