3.1.4

update dependencies and address type errors
3.1.3
2025-03-14 14:34:33 +01:00 · 2025-03-14 14:31:50 +01:00 · 2024-10-27 13:45:10 +01:00 · 2024-10-27 13:44:59 +01:00 · 2024-10-27 13:43:25 +01:00
9 changed files with 487 additions and 786 deletions
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -1,4 +1,5 @@
 name: Publish
+run-name: Publish ${{ github.ref_name }}

 on:
  release:
@@ -13,18 +14,27 @@ jobs:
        with:
          node-version: latest
          registry-url: https://registry.npmjs.org/
+
      - name: Install dependencies
        run: npm ci
+
+      - name: Run tests
+        run: npm test
+
      - name: Build
        run: npm run build
+
      - name: Publish to npmjs
-        run: npm publish --tag latest --access public
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+        run: npm publish --tag ${{ contains(github.ref_name, '-') && 'pre' || 'latest' }} --access public
+
      - uses: actions/setup-node@v3
        with:
+          node-version: latest
          registry-url: https://npm.pkg.github.com/
+
      - name: Publish to GPR
-        run: npm publish --tag latest --access public
        env:
          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: npm publish --tag ${{ contains(github.ref_name, '-') && 'pre' || 'latest' }} --access public
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -0,0 +1,31 @@
+name: Release
+run-name: Release ${{ github.ref_name }}
+
+on:
+  push:
+    tags:
+    - 'v*'
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: latest
+          registry-url: https://registry.npmjs.org/
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Run tests
+        run: npm test
+
+      - name: Build
+        run: npm run build
+
+      - name: Create release
+        run: gh release create ${{ github.ref_name }} --draft ${{ contains(github.ref_name, '-') && '--prerelease --latest=false' || '--latest' }}
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -15,7 +15,12 @@ jobs:
        with:
          node-version: latest
          registry-url: https://registry.npmjs.org/
+
      - name: Install dependencies
        run: npm ci
+
      - name: Run tests
        run: npm test
+
+      - name: Build
+        run: npm run build
--- a/README.md
+++ b/README.md
@@ -28,14 +28,14 @@ async () => {
    import jwt from "@tsndr/cloudflare-worker-jwt"

    // Create a token
-    const token = await sign({
+    const token = await jwt.sign({
        sub: "1234",
        name: "John Doe",
        email: "john.doe@gmail.com"
    }, "secret")

    // Verify token
-    const verifiedToken = await verify(token, "secret")
+    const verifiedToken = await jwt.verify(token, "secret")

    // Abort if token isn't valid
    if (!verifiedToken)
@@ -56,7 +56,7 @@ async () => {
    import jwt from "@tsndr/cloudflare-worker-jwt"

    // Create a token
-    const token = await sign({
+    const token = await jwt.sign({
        sub: "1234",
        name: "John Doe",
        email: "john.doe@gmail.com",
@@ -65,7 +65,7 @@ async () => {
    }, "secret")

    // Verify token
-    const verifiedToken = await verify(token, "secret")
+    const verifiedToken = await jwt.verify(token, "secret")

    // Abort if token isn't valid
    if (!verifiedToken)
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@tsndr/cloudflare-worker-jwt",
-  "version": "3.1.2",
+  "version": "3.1.4",
  "description": "A lightweight JWT implementation with ZERO dependencies for Cloudflare Worker",
  "type": "module",
  "exports": "./index.js",
@@ -30,10 +30,10 @@
  },
  "homepage": "https://github.com/tsndr/cloudflare-worker-jwt#readme",
  "devDependencies": {
-    "@cloudflare/workers-types": "^4.20240925.0",
-    "@edge-runtime/vm": "^4.0.3",
-    "esbuild": "^0.24.0",
-    "typescript": "^5.6.2",
-    "vitest": "^2.1.1"
+    "@cloudflare/workers-types": "^4.20250313.0",
+    "@edge-runtime/vm": "^5.0.0",
+    "esbuild": "^0.25.1",
+    "typescript": "^5.8.2",
+    "vitest": "^3.0.8"
  }
 }
--- a/src/index.ts
+++ b/src/index.ts
@@ -1,7 +1,7 @@
 import {
-    textToArrayBuffer,
+    textToUint8Array,
    arrayBufferToBase64Url,
-    base64UrlToArrayBuffer,
+    base64UrlToUint8Array,
    textToBase64Url,
    importKey,
    decodePayload
@@ -169,7 +169,7 @@ export async function sign<Payload = {}, Header = {}>(payload: JwtPayload<Payloa
    const partialToken = `${textToBase64Url(JSON.stringify({ ...options.header, alg: options.algorithm }))}.${textToBase64Url(JSON.stringify(payload))}`

    const key = secret instanceof CryptoKey ? secret : await importKey(secret, algorithm, ["sign"])
-    const signature = await crypto.subtle.sign(algorithm, key, textToArrayBuffer(partialToken))
+    const signature = await crypto.subtle.sign(algorithm, key, textToUint8Array(partialToken))

    return `${partialToken}.${arrayBufferToBase64Url(signature)}`
 }
@@ -225,7 +225,7 @@ export async function verify<Payload = {}, Header = {}>(token: string, secret: s

        const key = secret instanceof CryptoKey ? secret : await importKey(secret, algorithm, ["verify"])

-        if (!await crypto.subtle.verify(algorithm, key, base64UrlToArrayBuffer(tokenParts[2]), textToArrayBuffer(`${tokenParts[0]}.${tokenParts[1]}`)))
+        if (!await crypto.subtle.verify(algorithm, key, base64UrlToUint8Array(tokenParts[2]), textToUint8Array(`${tokenParts[0]}.${tokenParts[1]}`)))
            throw new Error("INVALID_SIGNATURE")

        return decodedToken
--- a/src/utils.ts
+++ b/src/utils.ts
@@ -20,11 +20,11 @@ export function arrayBufferToBase64String(arrayBuffer: ArrayBuffer): string {
    return btoa(bytesToByteString(new Uint8Array(arrayBuffer)))
 }

-export function base64StringToArrayBuffer(b64str: string): ArrayBuffer {
-    return byteStringToBytes(atob(b64str)).buffer
+export function base64StringToUint8Array(b64str: string): Uint8Array {
+    return byteStringToBytes(atob(b64str))
 }

-export function textToArrayBuffer(str: string): ArrayBuffer {
+export function textToUint8Array(str: string): Uint8Array {
    return byteStringToBytes(str)
 }

@@ -36,8 +36,8 @@ export function arrayBufferToBase64Url(arrayBuffer: ArrayBuffer): string {
    return arrayBufferToBase64String(arrayBuffer).replace(/=/g, "").replace(/\+/g, "-").replace(/\//g, "_")
 }

-export function base64UrlToArrayBuffer(b64url: string): ArrayBuffer {
-    return base64StringToArrayBuffer(b64url.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, ""))
+export function base64UrlToUint8Array(b64url: string): Uint8Array {
+    return base64StringToUint8Array(b64url.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, ""))
 }

 export function textToBase64Url(str: string): string {
@@ -48,12 +48,12 @@ export function textToBase64Url(str: string): string {
    return btoa(binaryStr).replace(/=/g, "").replace(/\+/g, "-").replace(/\//g, "_")
 }

-export function pemToBinary(pem: string): ArrayBuffer {
-    return base64StringToArrayBuffer(pem.replace(/-+(BEGIN|END).*/g, "").replace(/\s/g, ""))
+export function pemToBinary(pem: string): Uint8Array {
+    return base64StringToUint8Array(pem.replace(/-+(BEGIN|END).*/g, "").replace(/\s/g, ""))
 }

 export async function importTextSecret(key: string, algorithm: SubtleCryptoImportKeyAlgorithm, keyUsages: KeyUsages[]): Promise<CryptoKey> {
-    return await crypto.subtle.importKey("raw", textToArrayBuffer(key), algorithm, true, keyUsages)
+    return await crypto.subtle.importKey("raw", textToUint8Array(key), algorithm, true, keyUsages)
 }

 export async function importJwk(key: JsonWebKey, algorithm: SubtleCryptoImportKeyAlgorithm, keyUsages: KeyUsages[]): Promise<CryptoKey> {
--- a/tests/utils.spec.ts
+++ b/tests/utils.spec.ts
@@ -3,11 +3,11 @@ import {
    bytesToByteString,
    byteStringToBytes,
    arrayBufferToBase64String,
-    base64StringToArrayBuffer,
-    textToArrayBuffer,
+    base64StringToUint8Array,
+    textToUint8Array,
    arrayBufferToText,
    arrayBufferToBase64Url,
-    base64UrlToArrayBuffer,
+    base64UrlToUint8Array,
    textToBase64Url,
    pemToBinary,
    importTextSecret
@@ -18,7 +18,7 @@ describe("Converters", () => {
    const testByteArray = [ 99, 108, 111, 117, 100, 102, 108, 97, 114, 101, 45, 119, 111, 114, 107, 101, 114, 45, 106, 119, 116 ]
    const testUint8Array = new Uint8Array(testByteArray)
    const testBase64String = "Y2xvdWRmbGFyZS13b3JrZXItand0"
-    const testArrayBuffer = testUint8Array.buffer
+    const testArrayBuffer = testUint8Array

    test("bytesToByteString", () => {
        expect(bytesToByteString(testUint8Array)).toStrictEqual(testString)
@@ -33,11 +33,11 @@ describe("Converters", () => {
    })

    test("base64StringToArrayBuffer", () => {
-        expect(base64StringToArrayBuffer(testBase64String)).toStrictEqual(testArrayBuffer)
+        expect(base64StringToUint8Array(testBase64String)).toStrictEqual(testArrayBuffer)
    })

    test("textToArrayBuffer", () => {
-        expect(textToArrayBuffer(testString)).toStrictEqual(testUint8Array)
+        expect(textToUint8Array(testString)).toStrictEqual(testUint8Array)
    })

    test("arrayBufferToText", () => {
@@ -49,7 +49,7 @@ describe("Converters", () => {
    })

    test("base64UrlToArrayBuffer", () => {
-        expect(base64UrlToArrayBuffer(testBase64String)).toStrictEqual(testArrayBuffer)
+        expect(base64UrlToUint8Array(testBase64String)).toStrictEqual(testArrayBuffer)
    })

    test("textToBase64Url", () => {
Author	SHA1	Message	Date
Toby	95e45e67f6	3.1.4	2025-03-14 14:34:33 +01:00
Toby	5e6af9cf25	update dependencies and address type errors	2025-03-14 14:31:50 +01:00
Toby	d3d7e10b60	3.1.3	2024-10-27 13:45:10 +01:00
Toby	fdaa618f65	update pipelines	2024-10-27 13:44:59 +01:00
Toby	cce5a61777	update readme	2024-10-27 13:43:25 +01:00