@alexdevco/passport 1.0.7 → 1.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/strategies/hs256.strategy.js +1 -1
  2. package/dist/strategies/rs256.strategy.js +4 -4
  3. package/package.json +1 -1
package/dist/strategies/hs256.strategy.js CHANGED
@@ -36,7 +36,7 @@ class HS256Strategy {
36
36
  const payload = parsed;
37
37
  if (!Number.isFinite(payload.exp))
38
38
  return { valid: false, reason: 'Expired error format' };
39
- if ((0, utils_1.now)() > payload.exp)
39
+ if (Date.now() > payload.exp)
40
40
  return { valid: false, reason: 'Token is expired' };
41
41
  return { valid: true, payload };
42
42
  }
package/dist/strategies/rs256.strategy.js CHANGED
@@ -27,9 +27,9 @@ class RS256Strategy {
27
27
  return { valid: false, reason: 'Invalid format' };
28
28
  const [header64, payload64, mac] = parts;
29
29
  const serialized = (0, utils_1.serialize)([header64, payload64], RS256Strategy.INTERNAL_SEPARATOR);
30
- const expectedMac = this.computeRSA(serialized);
30
+ const signatureBuffer = Buffer.from(mac, 'base64url');
31
31
  const verify = (0, crypto_1.createVerify)(RS256Strategy.JWT_ALG).update(serialized);
32
- if (!verify.verify(this.PUBLIC_KEY, expectedMac))
32
+ if (!verify.verify(this.PUBLIC_KEY, signatureBuffer))
33
33
  return { valid: false, reason: 'Invalid signature' };
34
34
  const parsed = JSON.parse((0, utils_1.base64UrlDecode)(payload64));
35
35
  if (!(0, utils_1.isPayload)(parsed))
@@ -37,7 +37,7 @@ class RS256Strategy {
37
37
  const payload = parsed;
38
38
  if (!Number.isFinite(payload.exp))
39
39
  return { valid: false, reason: 'Expired error format' };
40
- if ((0, utils_1.now)() > payload.exp)
40
+ if (Date.now() > payload.exp)
41
41
  return { valid: false, reason: 'Token is expired' };
42
42
  return { valid: true, payload };
43
43
  }
@@ -45,7 +45,7 @@ class RS256Strategy {
45
45
  const sign = (0, crypto_1.createSign)(RS256Strategy.JWT_ALG)
46
46
  .update(data)
47
47
  .sign(this.SECRET_KEY);
48
- return (0, utils_1.base64UrlEncode)(sign);
48
+ return sign.toString('base64url');
49
49
  }
50
50
  }
51
51
  exports.RS256Strategy = RS256Strategy;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@alexdevco/passport",
3
- "version": "1.0.7",
3
+ "version": "1.0.9",
4
4
  "description": "Lightweight AlexDevCo authentication library",
5
5
  "homepage": "https://github.com/alexdevcoru/passport#readme",
6
6
  "bugs": {