jwt-js - npm Package Compare versions

Comparing version 0.2.4 to 0.2.6

index.js

@@ -5,3 +5,4 @@ 'use strict'
     Tokenizer: require('./lib/tokenizer'),
-    decodeToken: require('./lib/decode')
+    decodeToken: require('./lib/decode'),
+    MissingParametersError: require('./lib/errors').MissingParametersError
 }

lib/signing-algorithms/ES256k.js

@@ -5,3 +5,4 @@ 'use strict'
     sigFormatter = require('ecdsa-sig-formatter'),
-    crypto = require('crypto')
+    crypto = require('crypto'),
+    MissingParametersError = require('../errors').MissingParametersError
 
@@ -31,2 +32,6 @@ function ES256kClient() {
 ES256kClient.signHash = function(signingInputHash, rawPrivateKey) {
+    // make sure the required parameters are provided
+    if (!(signingInputHash && rawPrivateKey)) {
+        throw new MissingParametersError('a signing input hash and private key are all required')
+    }
     // prepare the private key
@@ -48,2 +53,6 @@ var privateKeyObject = ES256kClient.loadPrivateKey(rawPrivateKey)
 ES256kClient.verifyHash = function(signingInputHash, derSignatureBuffer, rawPublicKey) {
+    // make sure the required parameters are provided
+    if (!(signingInputHash && derSignatureBuffer && rawPublicKey)) {
+        throw new MissingParametersError('a signing input hash, der signature, and public key are all required')
+    }
     // prepare the public key
@@ -50,0 +59,0 @@ var publicKeyObject = ES256kClient.loadPublicKey(rawPublicKey)

lib/tokenizer.js

 'use strict'
 
 var base64url = require('base64url'),
-    decodeToken = require('./decode'),
-    CryptoClients = require('./crypto-clients')
+    CryptoClients = require('./crypto-clients'),
+    decodeToken = require('./decode')
 
@@ -19,3 +19,3 @@ function Tokenizer(signingAlgorithm) {
 Tokenizer.prototype.header = function() {
-    return {'typ': this.tokenType, 'alg': this.cryptoClient.algorithmName}
+    return {typ: this.tokenType, alg: this.cryptoClient.algorithmName}
 }
@@ -22,0 +22,0 @@

package.json

 {
   "name": "jwt-js",
-  "version": "0.2.4",
+  "version": "0.2.6",
   "description": "node.js library for encoding, decoding, and verifying JSON Web Tokens (JWTs)",
@@ -5,0 +5,0 @@ "main": "index.js",

test.js

 'use strict'
 
 var test = require('tape'),
-    Tokenizer = require('./index').Tokenizer
+    Tokenizer = require('./index').Tokenizer,
+    MissingParametersError = require('./index').MissingParametersError
 
@@ -24,4 +25,4 @@ var tokenizer = new Tokenizer('ES256k')
 
-test('testEncode', function(t) {
-    t.plan(4)
+test('testSign', function(t) {
+    t.plan(5)
 
@@ -35,2 +36,8 @@ var encodedToken = tokenizer.sign(sampleDecodedToken.payload, rawPrivateKey)
     t.equal(JSON.stringify(decodedToken.payload), JSON.stringify(sampleDecodedToken.payload), 'decodedToken payload should match the reference payload')
+
+    try {
+      encodedToken = tokenizer.sign(sampleDecodedToken.payload)
+    } catch(err) {
+      t.equal(err.name, 'MissingParametersError', 'token signing without a private key should throw an error')
+    }
 })
@@ -47,6 +54,12 @@
 test('testVerify', function(t) {
-    t.plan(1)
+    t.plan(2)
 
     var tokenVerified = tokenizer.verify(sampleToken, rawPublicKey)
     t.equal(tokenVerified, true, 'token should have been verified')
+
+    try {
+      tokenVerified = tokenizer.verify(sampleToken)
+    } catch(err) {
+      t.equal(err.name, 'MissingParametersError', 'token verification without a public key should throw an error')
+    }
 })

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

13660

increased by10.68%

Number of package files

11

increased by10%

Lines of code

188

increased by17.5%

No dependency changes