uport - npm Package Compare versions

Comparing version 0.2.0 to 0.2.1

lib/Credentials.js

@@ -59,3 +59,5 @@ 'use strict';
     value: function receive(token) {
-      return (0, _JWT.verifyJWT)(this.settings, token).then(function (_ref) {
+      var callbackUrl = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : null;
+
+      return (0, _JWT.verifyJWT)(this.settings, token, callbackUrl).then(function (_ref) {
         var payload = _ref.payload,
@@ -62,0 +64,0 @@ profile = _ref.profile;

lib/JWT.js

@@ -32,2 +32,3 @@ 'use strict';
       address = _ref2.address;
+  var callbackUrl = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : null;
 
@@ -46,4 +47,18 @@ return new Promise(function (resolve, reject) {
         }
-        if (payload.aud && payload.aud !== address) {
-          return reject(new Error('JWT audience does not match your address'));
+        if (payload.aud) {
+          if (payload.aud.match(/^0x[0-9a-fA-F]+$/)) {
+            if (!address) {
+              return reject(new Error('JWT audience is required but your app address has not been configured'));
+            }
+            if (payload.aud !== address) {
+              return reject(new Error('JWT audience does not match your address'));
+            }
+          } else {
+            if (!callbackUrl) {
+              return reject(new Error('JWT audience matching your callback url is required but one wasn\'t passed in'));
+            }
+            if (payload.aud !== callbackUrl) {
+              return reject(new Error('JWT audience does not match the callback url'));
+            }
+          }
         }
@@ -50,0 +65,0 @@ resolve({ payload: payload, profile: profile });

package.json

 {
   "name": "uport",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "Library for interacting with uport profiles and attestations",
@@ -5,0 +5,0 @@ "main": "lib/index.js",

src/Credentials.js

@@ -24,4 +24,4 @@ import { createJWT, verifyJWT } from './JWT'
   // Receive response token from user and return data to promise
-  receive (token) {
-    return verifyJWT(this.settings, token).then(({payload, profile}) => (
+  receive (token, callbackUrl = null) {
+    return verifyJWT(this.settings, token, callbackUrl).then(({payload, profile}) => (
       {...profile, ...(payload.own || {}), address: payload.iss}
@@ -28,0 +28,0 @@ ))

src/JWT.js

@@ -19,3 +19,3 @@ import { createUnsignedToken, TokenVerifier, decodeToken } from 'jsontokens'
 
-export function verifyJWT ({registry, address}, jwt) {
+export function verifyJWT ({registry, address}, jwt, callbackUrl = null) {
   return new Promise((resolve, reject) => {
@@ -31,4 +31,18 @@ const {payload} = decodeToken(jwt)
         }
-        if (payload.aud && payload.aud !== address) {
-          return reject(new Error('JWT audience does not match your address'))
+        if (payload.aud) {
+          if (payload.aud.match(/^0x[0-9a-fA-F]+$/)) {
+            if (!address) {
+              return reject(new Error('JWT audience is required but your app address has not been configured'))
+            }
+            if (payload.aud !== address) {
+              return reject(new Error('JWT audience does not match your address'))
+            }
+          } else {
+            if (!callbackUrl) {
+              return reject(new Error('JWT audience matching your callback url is required but one wasn\'t passed in'))
+            }
+            if (payload.aud !== callbackUrl) {
+              return reject(new Error('JWT audience does not match the callback url'))
+            }
+          }
         }
@@ -35,0 +49,0 @@ resolve({payload, profile})

No alert changes

Improved metrics

Total package byte prevSize

537086

increased by0.42%

Lines of code

15827

increased by0.29%

No dependency changes