New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
oidc-token-hash
Advanced tools
oidc-token-hash - npm Package Compare versions
Comparing version 5.0.3 to 5.1.0
@@ -52,4 +52,12 @@ const { strict: assert } = require('assert'); | ||
| case 'ES512': | ||
| case 'Ed25519': | ||
| return createHash('sha512'); | ||
| case 'Ed448': | ||
| if (!shake256) { | ||
| throw new TypeError('Ed448 *_hash calculation is not supported in your Node.js runtime version'); | ||
| } | ||
| return createHash('shake256', { outputLength: 114 }); | ||
| case 'EdDSA': | ||
@@ -56,0 +64,0 @@ switch (crv) { |
| { | ||
| "name": "oidc-token-hash", | ||
| "version": "5.0.3", | ||
| "version": "5.1.0", | ||
| "homepage": "https://github.com/panva/oidc-token-hash", | ||
@@ -22,5 +22,5 @@ "bugs": { | ||
| "devDependencies": { | ||
| "eslint": "^7.2.0", | ||
| "eslint-config-airbnb-base": "^14.2.0", | ||
| "eslint-plugin-import": "^2.21.2", | ||
| "eslint": "^7.32.0", | ||
| "eslint-config-airbnb-base": "^14.2.1", | ||
| "eslint-plugin-import": "^2.28.1", | ||
| "nyc": "^15.1.0" | ||
@@ -27,0 +27,0 @@ }, |
@@ -20,2 +20,4 @@ # oidc-token-hash | ||
| | EdDSA w/ Ed448 curve | shake256 | [connect/issues#1125](https://bitbucket.org/openid/connect/issues/1125) | | ||
| | Ed25519 | sha512 | [connect/issues#1125](https://bitbucket.org/openid/connect/issues/1125) | | ||
| | Ed448 | shake256 | [connect/issues#1125](https://bitbucket.org/openid/connect/issues/1125) | | ||
@@ -32,2 +34,3 @@ ## Usage | ||
| oidcTokenHash.validate({ claim: 'at_hash', source: 'access_token' }, 'EGEAhGYyfuwDaVTifvrWSoD5MSy_5hZPy6I7Vm-7pTQ', access_token, 'EdDSA', 'Ed25519'); // => does not throw | ||
| oidcTokenHash.validate({ claim: 'at_hash', source: 'access_token' }, 'EGEAhGYyfuwDaVTifvrWSoD5MSy_5hZPy6I7Vm-7pTQ', access_token, 'Ed25519'); // => does not throw | ||
| oidcTokenHash.validate({ claim: 'at_hash', source: 'access_token' }, 'x7vk7f6BvQj0jQHYFIk4ag', 'foobar', 'RS256'); // => throws AssertionError, message: at_hash mismatch, expected w6uP8Tcg6K2QR905Rms8iQ, got: x7vk7f6BvQj0jQHYFIk4ag | ||
@@ -42,3 +45,5 @@ ``` | ||
| oidcTokenHash.generate(access_token, 'ES512'); // => 'EGEAhGYyfuwDaVTifvrWSoD5MSy_5hZPy6I7Vm-7pTQ' | ||
| oidcTokenHash.generate(access_token, 'Ed25519'); // => 'EGEAhGYyfuwDaVTifvrWSoD5MSy_5hZPy6I7Vm-7pTQ' | ||
| oidcTokenHash.generate(access_token, 'EdDSA', 'Ed25519'); // => 'EGEAhGYyfuwDaVTifvrWSoD5MSy_5hZPy6I7Vm-7pTQ' | ||
| oidcTokenHash.generate(access_token, 'Ed448'); // => 'jxsy68_eG9-91VnHsZ2VnCr_WqDMv4nspiSuUPRdNZnv1y5lNV3rPVYYWNiY_TbUB1JRwlgiDTzZ' | ||
| oidcTokenHash.generate(access_token, 'EdDSA', 'Ed448'); // => 'jxsy68_eG9-91VnHsZ2VnCr_WqDMv4nspiSuUPRdNZnv1y5lNV3rPVYYWNiY_TbUB1JRwlgiDTzZ' | ||
@@ -48,2 +53,3 @@ ``` | ||
| ## Changelog | ||
| - 5.1.0 - add support for Ed25519 and Ed448 JWS Algorithm Identifiers | ||
| - 5.0.2 - avoid use of deprecated String.prototype.substr | ||
@@ -50,0 +56,0 @@ - 5.0.1 - use `base64url` native encoding in Node.js when available |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by10.61%
9322
- Lines of code
- increased by6.38%
100
- Number of lines in readme file
- increased by10.91%
61
No dependency changes