jwt-simple - npm Package Compare versions

Comparing version 0.4.1 to 0.5.0

History.md

@@ -0,1 +1,5 @@
+## 0.5.0
+
+Add support for nbf and exp claims #38 @alexjab
+
 ## 0.4.1
@@ -2,0 +6,0 @@

lib/jwt.js

@@ -46,3 +46,3 @@ /*
  */
-jwt.version = '0.4.1';
+jwt.version = '0.5.0';
 
@@ -86,2 +86,12 @@ /**
 
+    // Support for nbf and exp claims.
+    // According to the RFC, they should be in seconds.
+    if (payload.nbf && Date.now() < payload.nbf*1000) {
+      throw new Error('Token not yet active');
+    }
+
+    if (payload.exp && Date.now() > payload.exp*1000) {
+      throw new Error('Token expired');
+    }
+
     // verify signature. `sign` will return base64 string.
@@ -88,0 +98,0 @@ var signingInput = [headerSeg, payloadSeg].join('.');

package.json

 {
   "name": "jwt-simple",
   "description": "JWT(JSON Web Token) encode and decode module",
-  "version": "0.4.1",
+  "version": "0.5.0",
   "author": "Kazuhito Hokamura <k.hokamura@gmail.com>",
@@ -11,12 +11,19 @@ "repository": {
   "devDependencies": {
-    "mocha": "*",
-    "expect.js": "*"
+    "expect.js": "^0.3.1",
+    "istanbul": "^0.4.2",
+    "mocha": "^2.3.4"
   },
   "scripts": {
-    "test": "./node_modules/.bin/mocha test/*.js"
+    "test": "istanbul cover _mocha test/*.js"
   },
   "license": "MIT",
-  "engines": {"node": ">= 0.4.0"},
-  "keywords": ["jwt", "encode", "decode"],
+  "engines": {
+    "node": ">= 0.4.0"
+  },
+  "keywords": [
+    "jwt",
+    "encode",
+    "decode"
+  ],
   "main": "./index"
 }

test/basic.js

@@ -5,9 +5,14 @@ var jwt = require('../index');
 
-describe('method and property', function() {
-  it('jwt has version property', function() {
+var package = require('../package.json');
+
+describe('jwt', function() {
+  it('jwt has `version` property', function() {
     expect(jwt.version).to.be.a('string');
   });
 
-  it('jwt has encode and decode method', function() {
+  it('jwt has `encode` method', function() {
     expect(jwt.encode).to.be.a('function');
+  });
+
+  it('jwt has `decode` method', function() {
     expect(jwt.decode).to.be.a('function');
@@ -17,3 +22,9 @@ });
 
-describe('encode and decode', function() {
+describe('version', function() {
+  it('the version in the library is the same as the one in package.json', function() {
+    expect(jwt.version).to.equal(package.version);
+  });
+});
+
+describe('encode', function() {
   it('encode token', function() {
@@ -25,23 +36,64 @@ var token = jwt.encode({ foo: 'bar' }, 'key');
 
-  it('key is required', function() {
+  it('throw an error when the key is missing', function() {
     var fn = jwt.encode.bind(null, { foo: 'bar' });
-    expect(fn).to.throwException();
+    expect(fn).to.throwError(/Require key/);
   });
 
+  it('throw an error when the specified algorithm is not supported', function() {
+    var fn = jwt.encode.bind(null, { foo: 'bar' }, 'some_key', 'FooBar256');
+    expect(fn).to.throwError(/Algorithm not supported/);
+  });
+});
+
+describe('decode', function() {
+  var key = 'key';
+  var obj = { foo: 'bar' };
+  var token = jwt.encode(obj, key);
+
   it('decode token', function() {
-    var obj = { foo: 'bar' };
-    var key = 'key';
-    var token = jwt.encode(obj, key);
     var obj2 = jwt.decode(token, key);
     expect(obj2).to.eql(obj);
-    expect(jwt.decode.bind(null, token, 'invalid_key')).to.throwException();
   });
 
-  it('decode no verify', function() {
+  it('throw an error when no token is provided', function() {
+    var fn = jwt.decode.bind(null, null, key);
+    expect(fn).to.throwError(/No token supplied/);
+  });
+
+  it('throw an error when the token is not correctly formatted', function() {
+    var fn = jwt.decode.bind(null, 'foo.bar', key);
+    expect(fn).to.throwError(/Not enough or too many segments/);
+  });
+
+  it('throw an error when the specified algorithm is not supported', function() {
+    var fn = jwt.decode.bind(null, token, key, false, 'FooBar256');
+    expect(fn).to.throwError(/Algorithm not supported/);
+  });
+
+  it('throw an error when the signature verification fails', function() {
+    var fn = jwt.decode.bind(null, token, 'invalid_key');
+    expect(fn).to.throwError(/Signature verification failed/);
+  });
+
+  it('throw an error when the token is not yet active (optional nbf claim)', function() {
+    var nbf = (Date.now() + 1000) / 1000;
+    var token = jwt.encode({ foo: 'bar', nbf: nbf }, key);
+    var fn = jwt.decode.bind(null, token, key);
+    expect(fn).to.throwError(/Token not yet active/);
+  });
+
+  it('throw an error when the token has expired (optional exp claim)', function() {
+    var exp = (Date.now() - 1000) / 1000;
+    var token = jwt.encode({ foo: 'bar', exp: exp }, key);
+    var fn = jwt.decode.bind(null, token, key);
+    expect(fn).to.throwError(/Token expired/);
+  });
+
+  it('do not throw any error when verification is disabled', function() {
     var obj = { foo: 'bar' };
     var key = 'key';
     var token = jwt.encode(obj, key);
-    var fn1 = jwt.decode.bind(null, token, null);
-    var fn2 = jwt.decode.bind(null, token, null, true);
-    expect(fn1).to.throwException();
+    var fn1 = jwt.decode.bind(null, token, 'invalid_key1');
+    var fn2 = jwt.decode.bind(null, token, 'invalid_key2', true);
+    expect(fn1).to.throwError(/Signature verification failed/);
     expect(fn2()).to.eql(obj);
@@ -56,7 +108,6 @@ });
     expect(obj2).to.eql(obj);
-    expect(jwt.decode.bind(null, token, key, false, 'HS256')).to.throwException();
-    expect(jwt.decode.bind(null, token, 'invalid_key')).to.throwException();
+    expect(jwt.decode.bind(null, token, key, false, 'HS256')).to.throwError(/Signature verification failed/);
   });
 
-  it('RS256', function() {
+  describe('RS256', function() {
     var obj = { foo: 'bar' };
@@ -66,19 +117,24 @@ var pem = fs.readFileSync(__dirname + '/test.pem').toString('ascii');
     var alg = 'RS256';
-    var token = jwt.encode(obj, pem, alg);
-    var obj2 = jwt.decode(token, cert);
-    expect(obj2).to.eql(obj);
-    expect(jwt.decode.bind(null, token, 'invalid_key')).to.throwException();
-  });
 
-  it('can add jwt header by options.header', function() {
-    var obj = { foo: 'bar' };
-    var pem = fs.readFileSync(__dirname + '/test.pem').toString('ascii');
-    var cert = fs.readFileSync(__dirname + '/test.crt').toString('ascii');
-    var alg = 'RS256';
-    var token = jwt.encode(obj, pem, alg, {header: {kid: 'keyidX'}});
-    var obj2 = jwt.decode(token, cert);
-    expect(obj2).to.eql(obj);
+    it('can add jwt header by options.header', function() {
+      var token = jwt.encode(obj, pem, alg, {header: {kid: 'keyidX'}});
+      var obj2 = jwt.decode(token, cert);
+      expect(obj2).to.eql(obj);
 
-    var jwtHeader = token.split('.')[0];
-    expect(JSON.parse(base64urlDecode(jwtHeader))).to.eql({typ:"JWT",alg:"RS256",kid:"keyidX"});
+      var jwtHeader = token.split('.')[0];
+      expect(JSON.parse(base64urlDecode(jwtHeader))).to.eql({typ:'JWT',alg:alg,kid:'keyidX'});
+    });
+
+
+    it('decode token given RS256 algorithm', function() {
+      var token = jwt.encode(obj, pem, alg);
+      var obj2 = jwt.decode(token, cert);
+      expect(obj2).to.eql(obj);
+    });
+
+    it('throw an error when the key is invalid', function() {
+      var token = jwt.encode(obj, pem, alg);
+      var obj2 = jwt.decode(token, cert);
+      expect(jwt.decode.bind(null, token, 'invalid_key')).to.throwError();
+    });
   });
@@ -85,0 +141,0 @@ });

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

14044

increased by21.56%

Number of package files

11

increased by10%

Lines of code

299

increased by23.55%

Worsened metrics

Dev dependency count

3

increased by50%

No dependency changes