Bumped version

.github/workflows/npm-publish.yml

@@ -0,0 +1,30 @@
+name: Publish NPM Package
+
+on:
+  release:
+    types: [created]
+
+jobs:
+  publish-npm:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v1
+        with:
+          node-version: 12
+          registry-url: https://registry.npmjs.org/
+      - run: npm publish --access public
+        env:
+          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
+
+  publish-gpr:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v1
+        with:
+          node-version: 12
+          registry-url: https://npm.pkg.github.com/
+      - run: npm publish --access public
+        env:
+          NODE_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2021 Tobias Schneider
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -18,7 +18,7 @@ const jwt = require('@tsndr/cloudflare-worker-jwt')
 const token = jwt.sign({ name: 'John Doe', email: 'john.doe@gmail.com' }, 'secret')
 
 // Verifing token
-const isValid = jwt.verify(token, secret)
+const isValid = jwt.verify(token, 'secret')
 
 // Decoding token
 const payload = jwt.decode(token)
@@ -29,34 +29,48 @@ const payload = jwt.decode(token)
 
 Signs a payload and returns the token.
 
-#### Parameters
+
 `payload`
-Can be an object, buffer or a string.
+
+The payload object.
+
 
 `secret`
+
 A string which is used to sign the payload.
 
+
 `algorithm` (optional, default: `HS256`)
-The algorithm used to sign the payload, possible values: `HS256`(default) or `HS512`
+
+The algorithm used to sign the payload, possible values: `HS256` or `HS512`
 
 
 ### `jwt.verify(token, secret, [algorithm])`
 
 Verifies the integrity of the token and returns a boolean value.
 
+
 `token`
+
 The token string generated by `jwt.sign()`.
 
+
 `secret`
+
 A string which is used to sign the payload.
 
+
 `algorithm` (optional, default: `HS256`)
-The algorithm used to sign the payload, possible values: `HS256`(default) or `HS512`
+
+The algorithm used to sign the payload, possible values: `HS256` or `HS512`
 
 ### `jwt.decode(token)`
+
 Returns the payload without verifying the integrity of the token.
 
+
 `token`
+
 The token string generated by `jwt.sign()`.
 
 

index.d.ts

@@ -0,0 +1,7 @@
+declare class JWT {
+    sign(payload: object, secret: string, algorithm?: "HS256" | "HS512"): Promise<string>
+    verify(token: string, secret: string, algorithm?: "HS256" | "HS512"): Promise<boolean>
+    decode(token: string): object | null
+}
+declare const _exports: JWT
+export = _exports

index.js

@@ -27,22 +27,20 @@ class JWT {
         }
     }
     utf8ToUint8Array(str) {
-        const chars = []
+        return Base64URL.parse(btoa(unescape(encodeURIComponent(str))))
-        str = btoa(unescape(encodeURIComponent(str)))
-        return Base64URL.parse(str)
     }
-    async sign(payload, secret, alg = 'HS256') {
+    async sign(payload, secret, algorithm = 'HS256') {
         if (payload === null || typeof payload !== 'object')
             throw new Error('payload must be an object')
         if (typeof secret !== 'string')
             throw new Error('secret must be a string')
-        if (typeof alg !== 'string')
+        if (typeof algorithm !== 'string')
-            throw new Error('alg must be a string')
+            throw new Error('algorithm must be a string')
-        const importAlgorithm = this.algorithms[alg]
+        const importAlgorithm = this.algorithms[algorithm]
         if (!importAlgorithm)
             throw new Error('algorithm not found')
         const payloadAsJSON = JSON.stringify(payload)
-        const partialToken = `${Base64URL.stringify(this.utf8ToUint8Array(JSON.stringify({ alg, typ: 'JWT' })))}.${Base64URL.stringify(this.utf8ToUint8Array(payloadAsJSON))}`
+        const partialToken = `${Base64URL.stringify(this.utf8ToUint8Array(JSON.stringify({ alg: algorithm, typ: 'JWT' })))}.${Base64URL.stringify(this.utf8ToUint8Array(payloadAsJSON))}`
         const key = await crypto.subtle.importKey('raw', this.utf8ToUint8Array(secret), importAlgorithm, false, ['sign'])
         const characters = payloadAsJSON.split('')
         const it = this.utf8ToUint8Array(payloadAsJSON).entries()
@@ -56,17 +54,17 @@ class JWT {
         const signature = await crypto.subtle.sign(importAlgorithm.name, key, this.utf8ToUint8Array(partialToken))
         return `${partialToken}.${Base64URL.stringify(new Uint8Array(signature))}`
     }
-    async verify(token, secret, alg = 'HS256') {
+    async verify(token, secret, algorithm = 'HS256') {
         if (typeof token !== 'string')
             throw new Error('token must be a string')
         if (typeof secret !== 'string')
             throw new Error('secret must be a string')
-        if (typeof alg !== 'string')
+        if (typeof algorithm !== 'string')
-            throw new Error('alg must be a string')
+            throw new Error('algorithm must be a string')
         const tokenParts = token.split('.')
         if (tokenParts.length !== 3)
             throw new Error('token must have 3 parts')
-        const importAlgorithm = this.algorithms[alg]
+        const importAlgorithm = this.algorithms[algorithm]
         if (!importAlgorithm)
             throw new Error('algorithm not found')
         const keyData = this.utf8ToUint8Array(secret)

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tsndr/cloudflare-worker-jwt",
-  "version": "1.0.0",
+  "version": "1.0.7",
   "description": "A lightweight JWT implementation with ZERO dependencies for Cloudflare Worker",
   "main": "index.js",
   "scripts": {
@@ -18,7 +18,7 @@
     "cloudflare-worker"
   ],
   "author": "Tobias Schneider",
-  "license": "ISC",
+  "license": "MIT",
   "bugs": {
     "url": "https://github.com/tsndr/cloudflare-worker-jwt/issues"
   },