tsndr/cloudflare-worker-jwt
1
0
Fork 0
Code Activity

Compare commits

base: tsndr:v2.2.0
Branches Tags
tsndr:main tsndr:Le0Developer-feat/allow-cryptokey tsndr:feat/allow-cryptokey
tsndr:v3.2.0 tsndr:v3.1.7 tsndr:v3.1.6 tsndr:v3.1.5 tsndr:v3.1.4 tsndr:v3.1.3 tsndr:v3.1.2 tsndr:v3.1.1 tsndr:v3.1.0 tsndr:v3.0.0 tsndr:v2.5.4 tsndr:v2.5.3 tsndr:v2.5.2 tsndr:v2.5.1 tsndr:v2.5.0 tsndr:v2.4.7 tsndr:v2.4.6 tsndr:v2.4.5 tsndr:v2.4.4 tsndr:v2.4.3 tsndr:v2.4.2 tsndr:v2.4.1 tsndr:v2.4.0 tsndr:v2.3.2 tsndr:v2.3.1 tsndr:v2.3.0 tsndr:v2.2.10 tsndr:v2.2.9 tsndr:v2.2.8 tsndr:v2.2.7 tsndr:v2.2.6 tsndr:v2.2.5 tsndr:v2.2.4 tsndr:v2.2.3 tsndr:v2.2.2 tsndr:v2.2.1 tsndr:v2.2.0 tsndr:v2.1.4 tsndr:v2.1.3 tsndr:v2.1.2 tsndr:v2.1.1 tsndr:v2.1.0 tsndr:v2.0.1 tsndr:v2.0.0 tsndr:v1.4.4 tsndr:v1.4.3 tsndr:v1.4.2 tsndr:v1.4.1 tsndr:v1.4.0 tsndr:v1.3.1 tsndr:v1.3.0 tsndr:v1.2.0 tsndr:v1.1.7 tsndr:v1.1.6 tsndr:v1.1.5 tsndr:v1.1.4 tsndr:v1.1.3 tsndr:v1.1.2 tsndr:v1.1.1 tsndr:v1.1.0 tsndr:v1.0.8 tsndr:v1.0.7 tsndr:v1.0.6 tsndr:v1.0.5 tsndr:v1.0.4 tsndr:v1.0.3 tsndr:v1.0.2 tsndr:v1.0.1 tsndr:v1.0.0
...
compare: tsndr:v2.2.5
Branches Tags
tsndr:main tsndr:Le0Developer-feat/allow-cryptokey tsndr:feat/allow-cryptokey
tsndr:v3.2.0 tsndr:v3.1.7 tsndr:v3.1.6 tsndr:v3.1.5 tsndr:v3.1.4 tsndr:v3.1.3 tsndr:v3.1.2 tsndr:v3.1.1 tsndr:v3.1.0 tsndr:v3.0.0 tsndr:v2.5.4 tsndr:v2.5.3 tsndr:v2.5.2 tsndr:v2.5.1 tsndr:v2.5.0 tsndr:v2.4.7 tsndr:v2.4.6 tsndr:v2.4.5 tsndr:v2.4.4 tsndr:v2.4.3 tsndr:v2.4.2 tsndr:v2.4.1 tsndr:v2.4.0 tsndr:v2.3.2 tsndr:v2.3.1 tsndr:v2.3.0 tsndr:v2.2.10 tsndr:v2.2.9 tsndr:v2.2.8 tsndr:v2.2.7 tsndr:v2.2.6 tsndr:v2.2.5 tsndr:v2.2.4 tsndr:v2.2.3 tsndr:v2.2.2 tsndr:v2.2.1 tsndr:v2.2.0 tsndr:v2.1.4 tsndr:v2.1.3 tsndr:v2.1.2 tsndr:v2.1.1 tsndr:v2.1.0 tsndr:v2.0.1 tsndr:v2.0.0 tsndr:v1.4.4 tsndr:v1.4.3 tsndr:v1.4.2 tsndr:v1.4.1 tsndr:v1.4.0 tsndr:v1.3.1 tsndr:v1.3.0 tsndr:v1.2.0 tsndr:v1.1.7 tsndr:v1.1.6 tsndr:v1.1.5 tsndr:v1.1.4 tsndr:v1.1.3 tsndr:v1.1.2 tsndr:v1.1.1 tsndr:v1.1.0 tsndr:v1.0.8 tsndr:v1.0.7 tsndr:v1.0.6 tsndr:v1.0.5 tsndr:v1.0.4 tsndr:v1.0.3 tsndr:v1.0.2 tsndr:v1.0.1 tsndr:v1.0.0

12 Commits
v2.2.0 ... v2.2.5

Author SHA1 Message Date
Toby
7027999975 2.2.5 2023-10-02 23:41:42 +02:00
Toby
166b074782 add .editorconfig 2023-10-02 23:41:30 +02:00
Toby
decbd238e9 2.2.4 2023-10-02 23:37:16 +02:00
Toby
894ac2c9f5 update dependencies 2023-10-02 23:37:01 +02:00
Toby
1394e4e33d 2.2.3 2023-10-02 23:19:51 +02:00
Toby
47028970b4 update readme 2023-10-02 23:18:05 +02:00
Toby
6ac43d493d add skipValidation option for verify 2023-10-02 23:10:45 +02:00
Toby
cc66bd9c47 add .editorconfig 2023-10-02 23:10:20 +02:00
Toby
a8f95f1c6d 2.2.2 2023-08-25 16:01:57 +02:00
Tom Lokhorst
b2886c0778 Allow array in Audience 2023-08-25 16:00:30 +02:00
Toby
76b7fcef27 2.2.1 2023-02-02 16:13:50 +01:00
Toby
3b5d8bcde8 hotfix 2023-02-02 16:13:28 +01:00
7 changed files with 1054 additions and 3403 deletions
Expand all files Collapse all files

10
.editorconfig Normal file
View File

@@ -0,0 +1,10 @@
root = true
[*]
end_of_line = lf
insert_final_newline = false
[src/**/*.ts]
charset = utf-8
indent_style = space
indent_size = 4

3
.npmignore
View File

@@ -3,4 +3,5 @@ src/
test/ test/
.nvmrc .nvmrc
index.test.js index.test.js
tsconfig.json tsconfig.json
.editorconfig

1
.nvmrc
View File

@@ -1 +0,0 @@
v16

2
README.md
View File

@@ -104,7 +104,7 @@ Argument | Type | Status | Default | Description
----------- | -------- | -------- | ------- | ----------- ----------- | -------- | -------- | ------- | -----------
`token` | `string` | required | - | The token string generated by `jwt.sign()`. `token` | `string` | required | - | The token string generated by `jwt.sign()`.
`secret` | `string` | required | - | The string which was used to sign the payload. `secret` | `string` | required | - | The string which was used to sign the payload.
`options` | `object` | optional | `{ algorithm: 'HS256', throwError: false }` | The options object supporting `algorithm` and `throwError`. (See [Available Algorithms](#available-algorithms)) `options` | `object` | optional | `{ algorithm: 'HS256', skipValidation: false, throwError: false }` | The options object supporting `algorithm`, `skipValidation` and `throwError`. (See [Available Algorithms](#available-algorithms))
#### `throws` #### `throws`
If `options.throwError` is `true` and the token is invalid, an error will be thrown. If `options.throwError` is `true` and the token is invalid, an error will be thrown.

4412
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

8
package.json
View File

@@ -1,6 +1,6 @@
{ {
"name": "@tsndr/cloudflare-worker-jwt", "name": "@tsndr/cloudflare-worker-jwt",
"version": "2.2.0", "version": "2.2.5",
"description": "A lightweight JWT implementation with ZERO dependencies for Cloudflare Worker", "description": "A lightweight JWT implementation with ZERO dependencies for Cloudflare Worker",
"main": "index.js", "main": "index.js",
"types": "index.d.ts", "types": "index.d.ts",
@@ -26,8 +26,8 @@
}, },
"homepage": "https://github.com/tsndr/cloudflare-worker-jwt#readme", "homepage": "https://github.com/tsndr/cloudflare-worker-jwt#readme",
"devDependencies": { "devDependencies": {
"@cloudflare/workers-types": "^3.13.0", "@cloudflare/workers-types": "^4.20231002.0",
"jest": "^28.1.1", "jest": "^29.7.0",
"typescript": "^4.7.4" "typescript": "^5.2.2"
} }
} }

21
src/index.ts
View File

@@ -33,7 +33,7 @@ export interface JwtHeader {
* @typedef JwtPayload * @typedef JwtPayload
* @prop {string} [iss] Issuer * @prop {string} [iss] Issuer
* @prop {string} [sub] Subject * @prop {string} [sub] Subject
* @prop {string} [aud] Audience * @prop {string | string[]} [aud] Audience
* @prop {string} [exp] Expiration Time * @prop {string} [exp] Expiration Time
* @prop {string} [nbf] Not Before * @prop {string} [nbf] Not Before
* @prop {string} [iat] Issued At * @prop {string} [iat] Issued At
@@ -47,7 +47,7 @@ export interface JwtPayload {
sub?: string sub?: string
/** Audience */ /** Audience */
aud?: string aud?: string | string[]
/** Expiration Time */ /** Expiration Time */
exp?: number exp?: number
@@ -87,6 +87,11 @@ export interface JwtSignOptions extends JwtOptions {
* @prop {boolean} [throwError=false] If `true` throw error if checks fail. (default: `false`) * @prop {boolean} [throwError=false] If `true` throw error if checks fail. (default: `false`)
*/ */
export interface JwtVerifyOptions extends JwtOptions { export interface JwtVerifyOptions extends JwtOptions {
/**
* If `true` all expiry checks will be skipped
*/
skipValidation?: boolean
/** /**
* If `true` throw error if checks fail. (default: `false`) * If `true` throw error if checks fail. (default: `false`)
* *
@@ -229,11 +234,11 @@ export async function sign(payload: JwtPayload, secret: string | JsonWebKey, opt
* @throws {Error | string} Throws an error `string` if the token is invalid or an `Error-Object` if there's a validation issue. * @throws {Error | string} Throws an error `string` if the token is invalid or an `Error-Object` if there's a validation issue.
* @returns {Promise<boolean>} Returns `true` if signature, `nbf` (if set) and `exp` (if set) are valid, otherwise returns `false`. * @returns {Promise<boolean>} Returns `true` if signature, `nbf` (if set) and `exp` (if set) are valid, otherwise returns `false`.
*/ */
export async function verify(token: string, secret: string | JsonWebKey, options: JwtVerifyOptions | JwtAlgorithm = { algorithm: 'HS256', throwError: false }): Promise<boolean> { export async function verify(token: string, secret: string | JsonWebKey, options: JwtVerifyOptions | JwtAlgorithm = { algorithm: 'HS256', skipValidation: false, throwError: false }): Promise<boolean> {
if (typeof options === 'string') if (typeof options === 'string')
options = { algorithm: options, throwError: false } options = { algorithm: options, throwError: false }
options = { algorithm: 'HS256', throwError: false, ...options } options = { algorithm: 'HS256', skipValidation: false, throwError: false, ...options }
if (typeof token !== 'string') if (typeof token !== 'string')
throw new Error('token must be a string') throw new Error('token must be a string')
@@ -256,21 +261,21 @@ export async function verify(token: string, secret: string | JsonWebKey, options
const { payload } = decode(token) const { payload } = decode(token)
if (!payload) { if (!options.skipValidation && !payload) {
if (options.throwError) if (options.throwError)
throw 'PARSE_ERROR' throw 'PARSE_ERROR'
return false return false
} }
if (payload.nbf && payload.nbf > Math.floor(Date.now() / 1000)) { if (!options.skipValidation && payload.nbf && payload.nbf > Math.floor(Date.now() / 1000)) {
if (options.throwError) if (options.throwError)
throw 'NOT_YET_VALID' throw 'NOT_YET_VALID'
return false return false
} }
if (payload.exp && payload.exp <= Math.floor(Date.now() / 1000)) { if (!options.skipValidation && payload.exp && payload.exp <= Math.floor(Date.now() / 1000)) {
if (options.throwError) if (options.throwError)
throw 'EXPIRED' throw 'EXPIRED'
@@ -283,7 +288,7 @@ export async function verify(token: string, secret: string | JsonWebKey, options
keyFormat = 'jwk'; keyFormat = 'jwk';
keyData = secret; keyData = secret;
} else if (typeof secret === 'string' && secret.startsWith('-----BEGIN')) { } else if (typeof secret === 'string' && secret.startsWith('-----BEGIN')) {
keyFormat = 'pkcs8' keyFormat = 'spki'
keyData = _str2ab(secret.replace(/-----BEGIN.*?-----/g, '').replace(/-----END.*?-----/g, '').replace(/\s/g, '')) keyData = _str2ab(secret.replace(/-----BEGIN.*?-----/g, '').replace(/-----END.*?-----/g, '').replace(/\s/g, ''))
} else } else
keyData = _utf8ToUint8Array(secret) keyData = _utf8ToUint8Array(secret)