@arcblock/jwt 1.28.9 → 1.29.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +0 -1
  2. package/esm/index.mjs +9 -5
  3. package/lib/index.cjs +9 -5
  4. package/package.json +7 -8
package/README.md CHANGED
@@ -1,6 +1,5 @@
1
1
  ![arcblock-jwt](https://www.arcblock.io/.netlify/functions/badge/?text=arcblock-jwt)
2
2
 
3
- [![styled with prettier](https://img.shields.io/badge/styled_with-prettier-ff69b4.svg)](https://github.com/prettier/prettier)
4
3
  [![docs](https://img.shields.io/badge/powered%20by-arcblock-green.svg)](https://docs.arcblock.io)
5
4
  [![Gitter](https://badges.gitter.im/ArcBlock/community.svg)](https://gitter.im/ArcBlock/community?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge)
6
5
 
package/esm/index.mjs CHANGED
@@ -22,7 +22,7 @@ const hasher = Hasher.SHA3.hash256;
22
22
  async function sign(signer, sk, payload = {}, doSign = true, version = "1.0.0") {
23
23
  if (isValid(signer) === false) throw new Error("Cannot do sign with invalid signer");
24
24
  const type = toTypeInfo(signer);
25
- const header = {
25
+ const headers = {
26
26
  [types.KeyType.SECP256K1]: {
27
27
  alg: "ES256K",
28
28
  type: "JWT"
@@ -39,7 +39,9 @@ async function sign(signer, sk, payload = {}, doSign = true, version = "1.0.0")
39
39
  alg: "Passkey",
40
40
  type: "JWT"
41
41
  }
42
- }[type.pk];
42
+ };
43
+ if (type.pk === void 0) throw new Error("Cannot determine key type from signer");
44
+ const header = headers[type.pk];
43
45
  const headerB64 = toBase64(stringify(header));
44
46
  const now = Math.floor(Date.now() / 1e3);
45
47
  const body = {
@@ -56,7 +58,8 @@ async function sign(signer, sk, payload = {}, doSign = true, version = "1.0.0")
56
58
  const bodyB64 = toBase64(stringify(body));
57
59
  debug("sign.body", body);
58
60
  const msgHex = toHex(`${headerB64}.${bodyB64}`);
59
- const msgHash = semver.gte(semver.coerce(version).version, JWT_VERSION_REQUIRE_HASH_BEFORE_SIGN) ? hasher(msgHex) : msgHex;
61
+ const coercedVersion = semver.coerce(version);
62
+ const msgHash = coercedVersion && semver.gte(coercedVersion.version, JWT_VERSION_REQUIRE_HASH_BEFORE_SIGN) ? hasher(msgHex) : msgHex;
60
63
  // istanbul ignore if
61
64
  if (!doSign) return `${headerB64}.${bodyB64}`;
62
65
  return [
@@ -72,7 +75,7 @@ function decode(token, bodyOnly = true) {
72
75
  const [headerB64, bodyB64, sigB64] = token.split(".");
73
76
  const header = JSON.parse(fromBase64(headerB64).toString());
74
77
  const body = JSON.parse(fromBase64(bodyB64).toString());
75
- const sig = Buffer.from(fromBase64(sigB64)).toString("hex");
78
+ const sig = Buffer.from(Uint8Array.from(fromBase64(sigB64))).toString("hex");
76
79
  if (bodyOnly) return body;
77
80
  return {
78
81
  header,
@@ -160,7 +163,8 @@ async function verify(token, signerPk, options) {
160
163
  const alg = header.alg.toLowerCase();
161
164
  if (signers[alg]) {
162
165
  const msgHex = toHex(`${headerB64}.${bodyB64}`);
163
- const version = body.version && semver.coerce(body.version) ? semver.coerce(body.version).version : "";
166
+ const coercedBodyVersion = body.version ? semver.coerce(body.version) : null;
167
+ const version = coercedBodyVersion ? coercedBodyVersion.version : "";
164
168
  if (version && version === JWT_VERSION_REQUIRE_HASH_BEFORE_SIGN) return signers[alg].verify(hasher(msgHex), signature, signerPk);
165
169
  return signers[alg].verify(msgHex, signature, signerPk);
166
170
  }
package/lib/index.cjs CHANGED
@@ -26,7 +26,7 @@ const hasher = _ocap_mcrypto.Hasher.SHA3.hash256;
26
26
  async function sign(signer, sk, payload = {}, doSign = true, version = "1.0.0") {
27
27
  if ((0, _arcblock_did.isValid)(signer) === false) throw new Error("Cannot do sign with invalid signer");
28
28
  const type = (0, _arcblock_did.toTypeInfo)(signer);
29
- const header = {
29
+ const headers = {
30
30
  [_ocap_mcrypto.types.KeyType.SECP256K1]: {
31
31
  alg: "ES256K",
32
32
  type: "JWT"
@@ -43,7 +43,9 @@ async function sign(signer, sk, payload = {}, doSign = true, version = "1.0.0")
43
43
  alg: "Passkey",
44
44
  type: "JWT"
45
45
  }
46
- }[type.pk];
46
+ };
47
+ if (type.pk === void 0) throw new Error("Cannot determine key type from signer");
48
+ const header = headers[type.pk];
47
49
  const headerB64 = (0, _ocap_util.toBase64)((0, json_stable_stringify.default)(header));
48
50
  const now = Math.floor(Date.now() / 1e3);
49
51
  const body = {
@@ -60,7 +62,8 @@ async function sign(signer, sk, payload = {}, doSign = true, version = "1.0.0")
60
62
  const bodyB64 = (0, _ocap_util.toBase64)((0, json_stable_stringify.default)(body));
61
63
  debug$1("sign.body", body);
62
64
  const msgHex = (0, _ocap_util.toHex)(`${headerB64}.${bodyB64}`);
63
- const msgHash = semver.default.gte(semver.default.coerce(version).version, JWT_VERSION_REQUIRE_HASH_BEFORE_SIGN) ? hasher(msgHex) : msgHex;
65
+ const coercedVersion = semver.default.coerce(version);
66
+ const msgHash = coercedVersion && semver.default.gte(coercedVersion.version, JWT_VERSION_REQUIRE_HASH_BEFORE_SIGN) ? hasher(msgHex) : msgHex;
64
67
  // istanbul ignore if
65
68
  if (!doSign) return `${headerB64}.${bodyB64}`;
66
69
  return [
@@ -76,7 +79,7 @@ function decode(token, bodyOnly = true) {
76
79
  const [headerB64, bodyB64, sigB64] = token.split(".");
77
80
  const header = JSON.parse((0, _ocap_util.fromBase64)(headerB64).toString());
78
81
  const body = JSON.parse((0, _ocap_util.fromBase64)(bodyB64).toString());
79
- const sig = Buffer.from((0, _ocap_util.fromBase64)(sigB64)).toString("hex");
82
+ const sig = Buffer.from(Uint8Array.from((0, _ocap_util.fromBase64)(sigB64))).toString("hex");
80
83
  if (bodyOnly) return body;
81
84
  return {
82
85
  header,
@@ -164,7 +167,8 @@ async function verify(token, signerPk, options) {
164
167
  const alg = header.alg.toLowerCase();
165
168
  if (signers[alg]) {
166
169
  const msgHex = (0, _ocap_util.toHex)(`${headerB64}.${bodyB64}`);
167
- const version = body.version && semver.default.coerce(body.version) ? semver.default.coerce(body.version).version : "";
170
+ const coercedBodyVersion = body.version ? semver.default.coerce(body.version) : null;
171
+ const version = coercedBodyVersion ? coercedBodyVersion.version : "";
168
172
  if (version && version === JWT_VERSION_REQUIRE_HASH_BEFORE_SIGN) return signers[alg].verify(hasher(msgHex), signature, signerPk);
169
173
  return signers[alg].verify(msgHex, signature, signerPk);
170
174
  }
package/package.json CHANGED
@@ -2,7 +2,7 @@
2
2
  "name": "@arcblock/jwt",
3
3
  "description": "JSON Web Token variant for arcblock DID solutions",
4
4
  "type": "module",
5
- "version": "1.28.9",
5
+ "version": "1.29.1",
6
6
  "author": {
7
7
  "name": "wangshijun",
8
8
  "email": "shijun@arcblock.io",
@@ -19,11 +19,11 @@
19
19
  "access": "public"
20
20
  },
21
21
  "dependencies": {
22
- "@arcblock/did": "1.28.9",
23
- "@ocap/mcrypto": "1.28.9",
24
- "@ocap/util": "1.28.9",
25
- "@ocap/wallet": "1.28.9",
26
- "debug": "^4.3.6",
22
+ "@arcblock/did": "1.29.1",
23
+ "@ocap/mcrypto": "1.29.1",
24
+ "@ocap/util": "1.29.1",
25
+ "@ocap/wallet": "1.29.1",
26
+ "debug": "^4.4.3",
27
27
  "json-stable-stringify": "^1.0.1",
28
28
  "semver": "^7.6.3"
29
29
  },
@@ -32,8 +32,7 @@
32
32
  "@types/node": "^22.7.5",
33
33
  "@types/semver": "^7.5.8",
34
34
  "tsdown": "^0.18.4",
35
- "tslib": "^2.4.0",
36
- "typescript": "^5.6.2"
35
+ "tslib": "^2.4.0"
37
36
  },
38
37
  "homepage": "https://github.com/ArcBlock/blockchain/tree/master/did/jwt",
39
38
  "keywords": [