@alanszp/jwt 1.5.4 → 3.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/jwt.d.ts +1 -0
- package/dist/jwt.js +12 -13
- package/dist/jwt.js.map +1 -1
- package/dist/types.d.ts +2 -8
- package/package.json +2 -2
- package/src/jwt.ts +11 -9
- package/src/types.ts +2 -8
package/dist/jwt.d.ts
CHANGED
|
@@ -9,3 +9,4 @@ export declare function withDefaultVerifyOptions(options?: Partial<VerifyOptions
|
|
|
9
9
|
export declare function generateJWT(privateKey: KeyObject | string, user: JWTUser, options?: Partial<SignOptions>): Promise<string>;
|
|
10
10
|
export declare function createTokenPayload(user: JWTUser): JWTPayload;
|
|
11
11
|
export declare function verifyJWT(publicKey: KeyObject | string, token: string, options?: Partial<VerifyOptions>): Promise<JWTUser>;
|
|
12
|
+
export declare function jwtUserHasRoles(jwtUser: JWTUser, roles: string | string[]): boolean;
|
package/dist/jwt.js
CHANGED
|
@@ -9,20 +9,20 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
9
9
|
});
|
|
10
10
|
};
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
-
exports.verifyJWT = exports.createTokenPayload = exports.generateJWT = exports.withDefaultVerifyOptions = exports.withDefaultSignOptions = exports.publicKeyFromPem = exports.privateKeyFromPem = exports.JWT_ALGORITHM = void 0;
|
|
12
|
+
exports.jwtUserHasRoles = exports.verifyJWT = exports.createTokenPayload = exports.generateJWT = exports.withDefaultVerifyOptions = exports.withDefaultSignOptions = exports.publicKeyFromPem = exports.privateKeyFromPem = exports.JWT_ALGORITHM = void 0;
|
|
13
13
|
const crypto_1 = require("crypto");
|
|
14
14
|
const sign_1 = require("jose/jwt/sign");
|
|
15
15
|
const verify_1 = require("jose/jwt/verify");
|
|
16
16
|
exports.JWT_ALGORITHM = "RS512";
|
|
17
17
|
function privateKeyFromPem(key) {
|
|
18
|
-
return crypto_1.createPrivateKey({
|
|
18
|
+
return (0, crypto_1.createPrivateKey)({
|
|
19
19
|
key,
|
|
20
20
|
format: "pem",
|
|
21
21
|
});
|
|
22
22
|
}
|
|
23
23
|
exports.privateKeyFromPem = privateKeyFromPem;
|
|
24
24
|
function publicKeyFromPem(key) {
|
|
25
|
-
return crypto_1.createPublicKey({
|
|
25
|
+
return (0, crypto_1.createPublicKey)({
|
|
26
26
|
key,
|
|
27
27
|
format: "pem",
|
|
28
28
|
});
|
|
@@ -33,7 +33,7 @@ function withDefaultSignOptions(options) {
|
|
|
33
33
|
}
|
|
34
34
|
exports.withDefaultSignOptions = withDefaultSignOptions;
|
|
35
35
|
function withDefaultVerifyOptions(options) {
|
|
36
|
-
return Object.assign({ issuer: "hodor", audience: "web" }, options);
|
|
36
|
+
return Object.assign({ issuer: ["hodor", "long:1"], audience: "web" }, options);
|
|
37
37
|
}
|
|
38
38
|
exports.withDefaultVerifyOptions = withDefaultVerifyOptions;
|
|
39
39
|
function generateJWT(privateKey, user, options) {
|
|
@@ -52,10 +52,7 @@ function generateJWT(privateKey, user, options) {
|
|
|
52
52
|
exports.generateJWT = generateJWT;
|
|
53
53
|
function createTokenPayload(user) {
|
|
54
54
|
return {
|
|
55
|
-
|
|
56
|
-
fnm: user.firstName,
|
|
57
|
-
lnm: user.lastName,
|
|
58
|
-
em: user.email,
|
|
55
|
+
sub: user.id,
|
|
59
56
|
ref: user.employeeReference,
|
|
60
57
|
org: user.organizationReference,
|
|
61
58
|
rls: user.roles,
|
|
@@ -67,17 +64,14 @@ function verifyJWT(publicKey, token, options) {
|
|
|
67
64
|
return __awaiter(this, void 0, void 0, function* () {
|
|
68
65
|
const key = typeof publicKey === "string" ? publicKeyFromPem(publicKey) : publicKey;
|
|
69
66
|
const opts = withDefaultVerifyOptions(options);
|
|
70
|
-
const verify = yield verify_1.jwtVerify(token, key, {
|
|
67
|
+
const verify = yield (0, verify_1.jwtVerify)(token, key, {
|
|
71
68
|
issuer: opts.issuer,
|
|
72
69
|
algorithms: [exports.JWT_ALGORITHM],
|
|
73
70
|
audience: opts.audience,
|
|
74
71
|
});
|
|
75
72
|
const payload = verify.payload;
|
|
76
73
|
return {
|
|
77
|
-
id: payload.
|
|
78
|
-
firstName: payload.fnm,
|
|
79
|
-
lastName: payload.lnm,
|
|
80
|
-
email: payload.em,
|
|
74
|
+
id: payload.sub,
|
|
81
75
|
employeeReference: payload.ref,
|
|
82
76
|
organizationReference: payload.org,
|
|
83
77
|
roles: payload.rls,
|
|
@@ -86,4 +80,9 @@ function verifyJWT(publicKey, token, options) {
|
|
|
86
80
|
});
|
|
87
81
|
}
|
|
88
82
|
exports.verifyJWT = verifyJWT;
|
|
83
|
+
function jwtUserHasRoles(jwtUser, roles) {
|
|
84
|
+
const validateRoles = typeof roles === "string" ? [roles] : roles;
|
|
85
|
+
return validateRoles.some((role) => jwtUser.roles.includes(role));
|
|
86
|
+
}
|
|
87
|
+
exports.jwtUserHasRoles = jwtUserHasRoles;
|
|
89
88
|
//# sourceMappingURL=jwt.js.map
|
package/dist/jwt.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.js","sourceRoot":"","sources":["../src/jwt.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,mCAAsE;AACtE,wCAAwC;AACxC,4CAA4C;AAG/B,QAAA,aAAa,GAAG,OAAO,CAAC;AAErC,SAAgB,iBAAiB,CAAC,GAAW;IAC3C,OAAO,yBAAgB,
|
|
1
|
+
{"version":3,"file":"jwt.js","sourceRoot":"","sources":["../src/jwt.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,mCAAsE;AACtE,wCAAwC;AACxC,4CAA4C;AAG/B,QAAA,aAAa,GAAG,OAAO,CAAC;AAErC,SAAgB,iBAAiB,CAAC,GAAW;IAC3C,OAAO,IAAA,yBAAgB,EAAC;QACtB,GAAG;QACH,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;AACL,CAAC;AALD,8CAKC;AAED,SAAgB,gBAAgB,CAAC,GAAW;IAC1C,OAAO,IAAA,wBAAe,EAAC;QACrB,GAAG;QACH,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;AACL,CAAC;AALD,4CAKC;AAED,SAAgB,sBAAsB,CACpC,OAA8B;IAE9B,uBACE,MAAM,EAAE,OAAO,EACf,QAAQ,EAAE,KAAK,EACf,UAAU,EAAE,KAAK,IACd,OAAO,EACV;AACJ,CAAC;AATD,wDASC;AAED,SAAgB,wBAAwB,CACtC,OAAgC;IAEhC,uBACE,MAAM,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC,EAC3B,QAAQ,EAAE,KAAK,IACZ,OAAO,EACV;AACJ,CAAC;AARD,4DAQC;AAED,SAAsB,WAAW,CAC/B,UAA8B,EAC9B,IAAa,EACb,OAA8B;;QAE9B,MAAM,GAAG,GACP,OAAO,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC;QAE9E,MAAM,IAAI,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAC;QAE7C,OAAO,IAAI,cAAO,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC;aACzC,kBAAkB,CAAC,EAAE,GAAG,EAAE,qBAAa,EAAE,CAAC;aAC1C,WAAW,EAAE;aACb,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC;aACtB,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC;aAC1B,iBAAiB,CAAC,IAAI,CAAC,UAAU,CAAC;aAClC,IAAI,CAAC,GAAG,CAAC,CAAC;IACf,CAAC;CAAA;AAjBD,kCAiBC;AAED,SAAgB,kBAAkB,CAAC,IAAa;IAC9C,OAAO;QACL,GAAG,EAAE,IAAI,CAAC,EAAE;QACZ,GAAG,EAAE,IAAI,CAAC,iBAAiB;QAC3B,GAAG,EAAE,IAAI,CAAC,qBAAqB;QAC/B,GAAG,EAAE,IAAI,CAAC,KAAK;QACf,IAAI,EAAE,IAAI,CAAC,WAAW;KACvB,CAAC;AACJ,CAAC;AARD,gDAQC;AAED,SAAsB,SAAS,CAC7B,SAA6B,EAC7B,KAAa,EACb,OAAgC;;QAEhC,MAAM,GAAG,GACP,OAAO,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAE1E,MAAM,IAAI,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAC;QAE/C,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,KAAK,EAAE,GAAG,EAAE;YACzC,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,UAAU,EAAE,CAAC,qBAAa,CAAC;YAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,MAAM,CAAC,OAAqB,CAAC;QAE7C,OAAO;YACL,EAAE,EAAE,OAAO,CAAC,GAAG;YACf,iBAAiB,EAAE,OAAO,CAAC,GAAG;YAC9B,qBAAqB,EAAE,OAAO,CAAC,GAAG;YAClC,KAAK,EAAE,OAAO,CAAC,GAAG;YAClB,WAAW,EAAE,OAAO,CAAC,IAAI;SAC1B,CAAC;IACJ,CAAC;CAAA;AAzBD,8BAyBC;AAED,SAAgB,eAAe,CAC7B,OAAgB,EAChB,KAAwB;IAExB,MAAM,aAAa,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IAClE,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;AACpE,CAAC;AAND,0CAMC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -1,9 +1,6 @@
|
|
|
1
1
|
import type { JWTPayload as LibPayload } from "jose/jwt/sign";
|
|
2
2
|
export interface JWTPayload extends LibPayload {
|
|
3
|
-
|
|
4
|
-
fnm: string;
|
|
5
|
-
lnm: string;
|
|
6
|
-
em: string;
|
|
3
|
+
sub: string;
|
|
7
4
|
ref: string | null;
|
|
8
5
|
org: string;
|
|
9
6
|
rls: string[];
|
|
@@ -11,9 +8,6 @@ export interface JWTPayload extends LibPayload {
|
|
|
11
8
|
}
|
|
12
9
|
export interface JWTUser {
|
|
13
10
|
id: string;
|
|
14
|
-
firstName: string;
|
|
15
|
-
lastName: string;
|
|
16
|
-
email: string;
|
|
17
11
|
employeeReference: string | null;
|
|
18
12
|
organizationReference: string;
|
|
19
13
|
roles: string[];
|
|
@@ -25,6 +19,6 @@ export interface SignOptions {
|
|
|
25
19
|
expiration: string | number;
|
|
26
20
|
}
|
|
27
21
|
export interface VerifyOptions {
|
|
28
|
-
issuer: string;
|
|
22
|
+
issuer: string | string[];
|
|
29
23
|
audience: string | string[];
|
|
30
24
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@alanszp/jwt",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "3.0.1",
|
|
4
4
|
"description": "Alan's jwt validator & signer.",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"typings": "dist/index.d.ts",
|
|
@@ -25,5 +25,5 @@
|
|
|
25
25
|
"dependencies": {
|
|
26
26
|
"jose": "^3.14.0"
|
|
27
27
|
},
|
|
28
|
-
"gitHead": "
|
|
28
|
+
"gitHead": "ab0cd2ac404901d732278843e406a2c90061c0f5"
|
|
29
29
|
}
|
package/src/jwt.ts
CHANGED
|
@@ -34,7 +34,7 @@ export function withDefaultVerifyOptions(
|
|
|
34
34
|
options?: Partial<VerifyOptions>
|
|
35
35
|
): VerifyOptions {
|
|
36
36
|
return {
|
|
37
|
-
issuer: "hodor",
|
|
37
|
+
issuer: ["hodor", "long:1"],
|
|
38
38
|
audience: "web",
|
|
39
39
|
...options,
|
|
40
40
|
};
|
|
@@ -61,10 +61,7 @@ export async function generateJWT(
|
|
|
61
61
|
|
|
62
62
|
export function createTokenPayload(user: JWTUser): JWTPayload {
|
|
63
63
|
return {
|
|
64
|
-
|
|
65
|
-
fnm: user.firstName,
|
|
66
|
-
lnm: user.lastName,
|
|
67
|
-
em: user.email,
|
|
64
|
+
sub: user.id,
|
|
68
65
|
ref: user.employeeReference,
|
|
69
66
|
org: user.organizationReference,
|
|
70
67
|
rls: user.roles,
|
|
@@ -91,13 +88,18 @@ export async function verifyJWT(
|
|
|
91
88
|
const payload = verify.payload as JWTPayload;
|
|
92
89
|
|
|
93
90
|
return {
|
|
94
|
-
id: payload.
|
|
95
|
-
firstName: payload.fnm,
|
|
96
|
-
lastName: payload.lnm,
|
|
97
|
-
email: payload.em,
|
|
91
|
+
id: payload.sub,
|
|
98
92
|
employeeReference: payload.ref,
|
|
99
93
|
organizationReference: payload.org,
|
|
100
94
|
roles: payload.rls,
|
|
101
95
|
permissions: payload.prms,
|
|
102
96
|
};
|
|
103
97
|
}
|
|
98
|
+
|
|
99
|
+
export function jwtUserHasRoles(
|
|
100
|
+
jwtUser: JWTUser,
|
|
101
|
+
roles: string | string[]
|
|
102
|
+
): boolean {
|
|
103
|
+
const validateRoles = typeof roles === "string" ? [roles] : roles;
|
|
104
|
+
return validateRoles.some((role) => jwtUser.roles.includes(role));
|
|
105
|
+
}
|
package/src/types.ts
CHANGED
|
@@ -1,10 +1,7 @@
|
|
|
1
1
|
import type { JWTPayload as LibPayload } from "jose/jwt/sign";
|
|
2
2
|
|
|
3
3
|
export interface JWTPayload extends LibPayload {
|
|
4
|
-
|
|
5
|
-
fnm: string;
|
|
6
|
-
lnm: string;
|
|
7
|
-
em: string;
|
|
4
|
+
sub: string;
|
|
8
5
|
ref: string | null;
|
|
9
6
|
org: string;
|
|
10
7
|
rls: string[];
|
|
@@ -13,9 +10,6 @@ export interface JWTPayload extends LibPayload {
|
|
|
13
10
|
|
|
14
11
|
export interface JWTUser {
|
|
15
12
|
id: string;
|
|
16
|
-
firstName: string;
|
|
17
|
-
lastName: string;
|
|
18
|
-
email: string;
|
|
19
13
|
employeeReference: string | null;
|
|
20
14
|
organizationReference: string;
|
|
21
15
|
roles: string[];
|
|
@@ -29,6 +23,6 @@ export interface SignOptions {
|
|
|
29
23
|
}
|
|
30
24
|
|
|
31
25
|
export interface VerifyOptions {
|
|
32
|
-
issuer: string;
|
|
26
|
+
issuer: string | string[];
|
|
33
27
|
audience: string | string[];
|
|
34
28
|
}
|