Update docs

.decode() syntax change to support headers
2022-06-04 17:29:50 +02:00 · 2022-06-04 17:23:53 +02:00
5 changed files with 44 additions and 13 deletions
--- a/README.md
+++ b/README.md
@@ -36,7 +36,7 @@ async () => {
        return

    // Decoding token
-    const payload = jwt.decode(token)
+    const { payload } = jwt.decode(token)
 }
 ```

@@ -62,15 +62,20 @@ async () => {
        return

    // Decoding token
-    const payload = jwt.decode(token) // { name: 'John Doe', email: 'john.doe@gmail.com', ... }
+    const { payload } = jwt.decode(token) // { name: 'John Doe', email: 'john.doe@gmail.com', ... }
 }
 ```

 ## Usage

+- [Sign](#sign)
+- [Verify](#verify)
+- [Decode](#decode)
+
 <hr>

-### `jwt.sign(payload, secret, [options])`
+### Sign
+#### `jwt.sign(payload, secret, [options])`

 Signs a payload and returns the token.

@@ -87,7 +92,8 @@ Returns token as a `string`.

 <hr>

-### `jwt.verify(token, secret, [options])`
+### Verify
+#### `jwt.verify(token, secret, [options])`

 Verifies the integrity of the token and returns a boolean value.

@@ -102,7 +108,8 @@ Returns `true` if signature, `nbf` (if set) and `exp` (if set) are valid, otherw

 <hr>

-### `jwt.decode(token)`
+### Decode
+#### `jwt.decode(token)`

 Returns the payload **without** verifying the integrity of the token. Please use `jwt.verify()` first to keep your application secure!

@@ -111,7 +118,19 @@ Argument    | Type     | Satus    | Default | Description
 `token`     | `string` | required | -       | The token string generated by `jwt.sign()`.

 #### `return`
-Returns payload `object`.
+Returns an `object` containing `header` and `payload`:
+```javascript
+{
+    header: {
+        alg: 'HS256',
+        typ: 'JWT'
+    },
+    payload: {
+        name: 'John Doe',
+        email: 'john.doe@gmail.com'
+    }
+}
+```

 ### Available Algorithms
 - ES256
--- a/index.d.ts
+++ b/index.d.ts
@@ -33,9 +33,9 @@ declare class JWT {
     * Returns the payload **without** verifying the integrity of the token. Please use `jwt.verify()` first to keep your application secure!
     * 
     * @param {string} token The token string generated by `jwt.sign()`.
-     * @returns {object | null} Returns payload `object`.
+     * @returns {JWTDecodeReturn} Returns an `object` containing `header` and `payload`.
     */
-    decode(token: string): object | null
+    decode(token: string): JWTDecodeReturn
 }
 declare const _exports: JWT

@@ -52,4 +52,9 @@ type JWTVerifyOptions = {
    throwError?: boolean
 }

+type JWTDecodeReturn = {
+    header: object,
+    payload: object
+}
+
 export = _exports
--- a/index.js
+++ b/index.js
@@ -116,7 +116,10 @@ class JWT {
        return await crypto.subtle.verify(importAlgorithm, key, Base64URL.parse(tokenParts[2]), this._utf8ToUint8Array(`${tokenParts[0]}.${tokenParts[1]}`))
    }
    decode(token) {
-        return this._decodePayload(token.split('.')[1].replace(/-/g, '+').replace(/_/g, '/'))
+        return {
+            header: this._decodePayload(token.split('.')[0].replace(/-/g, '+').replace(/_/g, '/')),
+            payload: this._decodePayload(token.split('.')[1].replace(/-/g, '+').replace(/_/g, '/'))
+        }
    }
 }

--- a/index.test.js
+++ b/index.test.js
@@ -115,12 +115,14 @@ test.each(Object.entries(secrets))(`Self test: %s`, async (algorithm, key) => {
        privateKey = key.private
        publicKey = key.public
    }
+    
    const token = await JWT.sign(testPayload, privateKey, { algorithm })
    expect(token).toMatch(/^[a-zA-Z0-9\-_]+\.[a-zA-Z0-9\-_]+\.[a-zA-Z0-9\-_]+$/)
+    
    const verified = await JWT.verify(token, publicKey, { algorithm })
    expect(verified).toBeTruthy()
-    const payload = JWT.decode(token)
-    expect(payload).toBeTruthy()
+    
+    const { payload } = JWT.decode(token)
    expect({
        sub: payload.sub,
        name: payload.name
@@ -151,9 +153,11 @@ test.each(Object.entries(externalTokens))('Verify external tokens: %s', async (a
        privateKey = key.private
        publicKey = key.public
    }
+    
    const verified = await JWT.verify(token, publicKey, { algorithm })
    expect(verified).toBeTruthy()
-    const payload = JWT.decode(token)
+
+    const { payload } = JWT.decode(token)
    expect({
        sub: payload.sub,
        name: payload.name
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@tsndr/cloudflare-worker-jwt",
-  "version": "1.3.1",
+  "version": "1.4.0",
  "description": "A lightweight JWT implementation with ZERO dependencies for Cloudflare Worker",
  "main": "index.js",
  "scripts": {
Author	SHA1	Message	Date
Tobias Schneider	f846695242	Update docs	2022-06-04 17:29:50 +02:00
Tobias Schneider	695e1c0dfe	`.decode()` syntax change to support headers	2022-06-04 17:23:53 +02:00