oslo - npm Package Compare versions

Comparing version 0.10.3 to 0.10.4

dist/jwt/index.js

@@ -28,6 +28,6 @@ import { ECDSA, HMAC, RSASSAPKCS1v1_5, RSASSAPSS } from "../crypto/index.js";
     const payloadPart = encodeBase64url(textEncoder.encode(JSON.stringify(payloadWithClaims)));
-    const signatureBody = textEncoder.encode([headerPart, payloadPart].join("."));
-    const signature = await getAlgorithm(algorithm).sign(key, signatureBody);
+    const data = textEncoder.encode([headerPart, payloadPart].join("."));
+    const signature = await getAlgorithm(algorithm).sign(key, data);
     const signaturePart = encodeBase64url(signature);
-    return [signatureBody, signaturePart].join(".");
+    return [headerPart, payloadPart, signaturePart].join(".");
 }
@@ -34,0 +34,0 @@ export async function validateJWT(algorithm, key, jwt) {

package.json

 {
   "name": "oslo",
   "type": "module",
-  "version": "0.10.3",
+  "version": "0.10.4",
   "description": "A collection of auth-related utilities",
@@ -6,0 +6,0 @@ "main": "dist/index.js",

README.md

@@ -127,3 +127,3 @@ # `oslo`
 
-const secret = new HMAC("SHA-256").generateKey();
+const secret = await new HMAC("SHA-256").generateKey();
 
@@ -150,3 +150,3 @@ const payload = {
 	// check JWT signature, expiration, and not-before timestamp
-	const { payload, header, expiresAt } = await validateJWT("HS256", jwt, secret);
+	const { payload, header, expiresAt } = await validateJWT("HS256", secret, jwt);
 } catch {
@@ -153,0 +153,0 @@ // invalid JWT

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

91730

No dependency changes