tsndr/cloudflare-worker-jwt
1
0
Fork 0
Code Activity

add skipValidation option for verify

Browse Source
This commit is contained in:
Toby
2023-10-02 23:10:45 +02:00
parent cc66bd9c47
commit 6ac43d493d
1 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/index.ts
View File

@@ -87,6 +87,11 @@ export interface JwtSignOptions extends JwtOptions {
* @prop {boolean} [throwError=false] If `true` throw error if checks fail. (default: `false`) * @prop {boolean} [throwError=false] If `true` throw error if checks fail. (default: `false`)
*/ */
export interface JwtVerifyOptions extends JwtOptions { export interface JwtVerifyOptions extends JwtOptions {
/**
* If `true` all expiry checks will be skipped
*/
skipValidation?: boolean
/** /**
* If `true` throw error if checks fail. (default: `false`) * If `true` throw error if checks fail. (default: `false`)
* *
@@ -229,11 +234,11 @@ export async function sign(payload: JwtPayload, secret: string | JsonWebKey, opt
* @throws {Error | string} Throws an error `string` if the token is invalid or an `Error-Object` if there's a validation issue. * @throws {Error | string} Throws an error `string` if the token is invalid or an `Error-Object` if there's a validation issue.
* @returns {Promise<boolean>} Returns `true` if signature, `nbf` (if set) and `exp` (if set) are valid, otherwise returns `false`. * @returns {Promise<boolean>} Returns `true` if signature, `nbf` (if set) and `exp` (if set) are valid, otherwise returns `false`.
*/ */
export async function verify(token: string, secret: string | JsonWebKey, options: JwtVerifyOptions | JwtAlgorithm = { algorithm: 'HS256', throwError: false }): Promise<boolean> { export async function verify(token: string, secret: string | JsonWebKey, options: JwtVerifyOptions | JwtAlgorithm = { algorithm: 'HS256', skipValidation: false, throwError: false }): Promise<boolean> {
if (typeof options === 'string') if (typeof options === 'string')
options = { algorithm: options, throwError: false } options = { algorithm: options, throwError: false }
options = { algorithm: 'HS256', throwError: false, ...options } options = { algorithm: 'HS256', skipValidation: false, throwError: false, ...options }
if (typeof token !== 'string') if (typeof token !== 'string')
throw new Error('token must be a string') throw new Error('token must be a string')
@@ -256,21 +261,21 @@ export async function verify(token: string, secret: string | JsonWebKey, options
const { payload } = decode(token) const { payload } = decode(token)
if (!payload) { if (!options.skipValidation && !payload) {
if (options.throwError) if (options.throwError)
throw 'PARSE_ERROR' throw 'PARSE_ERROR'
return false return false
} }
if (payload.nbf && payload.nbf > Math.floor(Date.now() / 1000)) { if (!options.skipValidation && payload.nbf && payload.nbf > Math.floor(Date.now() / 1000)) {
if (options.throwError) if (options.throwError)
throw 'NOT_YET_VALID' throw 'NOT_YET_VALID'
return false return false
} }
if (payload.exp && payload.exp <= Math.floor(Date.now() / 1000)) { if (!options.skipValidation && payload.exp && payload.exp <= Math.floor(Date.now() / 1000)) {
if (options.throwError) if (options.throwError)
throw 'EXPIRED' throw 'EXPIRED'