@astronautlabs/jwt 1.1.0 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/engine.test.js +37 -19
- package/dist/engine.test.js.map +1 -1
- package/dist/fixtures/hs256.fixture.d.ts +1 -0
- package/dist/fixtures/hs256.fixture.js +2 -1
- package/dist/fixtures/hs256.fixture.js.map +1 -1
- package/dist/node/index.js +2 -0
- package/dist/node/index.js.map +1 -1
- package/package.json +5 -4
- package/src/engine.test.ts +10 -0
- package/src/fixtures/hs256.fixture.ts +1 -0
- package/src/node/index.ts +2 -0
package/dist/engine.test.js
CHANGED
|
@@ -77,10 +77,28 @@ function engineTest(subjectName, engine) {
|
|
|
77
77
|
}
|
|
78
78
|
});
|
|
79
79
|
}); });
|
|
80
|
+
it('rejects tokens with the \'none\' algorithm', function () { return __awaiter(_this, void 0, void 0, function () {
|
|
81
|
+
var e_2;
|
|
82
|
+
return __generator(this, function (_a) {
|
|
83
|
+
switch (_a.label) {
|
|
84
|
+
case 0:
|
|
85
|
+
_a.trys.push([0, 2, , 3]);
|
|
86
|
+
return [4 /*yield*/, engine.validate(HS256Fixtures.SAMPLE_TOKEN_NONE, { algorithm: 'RS256', secretOrKey: RS256Fixtures.SAMPLE_PUBKEY })];
|
|
87
|
+
case 1:
|
|
88
|
+
_a.sent();
|
|
89
|
+
return [3 /*break*/, 3];
|
|
90
|
+
case 2:
|
|
91
|
+
e_2 = _a.sent();
|
|
92
|
+
(0, chai_1.expect)(e_2.message).to.contain('Token has incorrect algorithm');
|
|
93
|
+
return [2 /*return*/];
|
|
94
|
+
case 3: throw new Error("Should not accept token with incorrect algorithm");
|
|
95
|
+
}
|
|
96
|
+
});
|
|
97
|
+
}); });
|
|
80
98
|
});
|
|
81
99
|
describe(': exp', function (it) {
|
|
82
100
|
it('rejects expired tokens by default', function () { return __awaiter(_this, void 0, void 0, function () {
|
|
83
|
-
var options, token,
|
|
101
|
+
var options, token, e_3;
|
|
84
102
|
return __generator(this, function (_a) {
|
|
85
103
|
switch (_a.label) {
|
|
86
104
|
case 0:
|
|
@@ -96,15 +114,15 @@ function engineTest(subjectName, engine) {
|
|
|
96
114
|
_a.sent();
|
|
97
115
|
return [3 /*break*/, 5];
|
|
98
116
|
case 4:
|
|
99
|
-
|
|
100
|
-
(0, chai_1.expect)(
|
|
117
|
+
e_3 = _a.sent();
|
|
118
|
+
(0, chai_1.expect)(e_3.message).to.contain('Token is expired');
|
|
101
119
|
return [2 /*return*/];
|
|
102
120
|
case 5: throw new Error("Should not accept an expired token by default");
|
|
103
121
|
}
|
|
104
122
|
});
|
|
105
123
|
}); });
|
|
106
124
|
it('rejects expired tokens with validate.exp=force', function () { return __awaiter(_this, void 0, void 0, function () {
|
|
107
|
-
var options, token,
|
|
125
|
+
var options, token, e_4;
|
|
108
126
|
return __generator(this, function (_a) {
|
|
109
127
|
switch (_a.label) {
|
|
110
128
|
case 0:
|
|
@@ -120,8 +138,8 @@ function engineTest(subjectName, engine) {
|
|
|
120
138
|
_a.sent();
|
|
121
139
|
return [3 /*break*/, 5];
|
|
122
140
|
case 4:
|
|
123
|
-
|
|
124
|
-
(0, chai_1.expect)(
|
|
141
|
+
e_4 = _a.sent();
|
|
142
|
+
(0, chai_1.expect)(e_4.message).to.contain('Token is expired');
|
|
125
143
|
return [2 /*return*/];
|
|
126
144
|
case 5: throw new Error("Should not accept an expired token with validate.exp=force");
|
|
127
145
|
}
|
|
@@ -145,7 +163,7 @@ function engineTest(subjectName, engine) {
|
|
|
145
163
|
});
|
|
146
164
|
}); });
|
|
147
165
|
it('rejects tokens without exp claim when configured to do so', function () { return __awaiter(_this, void 0, void 0, function () {
|
|
148
|
-
var options, token,
|
|
166
|
+
var options, token, e_5;
|
|
149
167
|
return __generator(this, function (_a) {
|
|
150
168
|
switch (_a.label) {
|
|
151
169
|
case 0:
|
|
@@ -161,8 +179,8 @@ function engineTest(subjectName, engine) {
|
|
|
161
179
|
_a.sent();
|
|
162
180
|
return [3 /*break*/, 5];
|
|
163
181
|
case 4:
|
|
164
|
-
|
|
165
|
-
(0, chai_1.expect)(
|
|
182
|
+
e_5 = _a.sent();
|
|
183
|
+
(0, chai_1.expect)(e_5.message).to.contain('Non-expiring tokens are not acceptable');
|
|
166
184
|
return [2 /*return*/];
|
|
167
185
|
case 5: throw new Error("Should not accept a token without exp claim when configured to require it");
|
|
168
186
|
}
|
|
@@ -210,7 +228,7 @@ function engineTest(subjectName, engine) {
|
|
|
210
228
|
});
|
|
211
229
|
}); });
|
|
212
230
|
it('can detect a forged token', function () { return __awaiter(_this, void 0, void 0, function () {
|
|
213
|
-
var
|
|
231
|
+
var e_6;
|
|
214
232
|
return __generator(this, function (_a) {
|
|
215
233
|
switch (_a.label) {
|
|
216
234
|
case 0:
|
|
@@ -223,15 +241,15 @@ function engineTest(subjectName, engine) {
|
|
|
223
241
|
_a.sent();
|
|
224
242
|
return [3 /*break*/, 3];
|
|
225
243
|
case 2:
|
|
226
|
-
|
|
227
|
-
(0, chai_1.expect)(
|
|
244
|
+
e_6 = _a.sent();
|
|
245
|
+
(0, chai_1.expect)(e_6.message).to.contain('Invalid signature');
|
|
228
246
|
return [2 /*return*/];
|
|
229
247
|
case 3: throw new Error('Engine should have detected forgery');
|
|
230
248
|
}
|
|
231
249
|
});
|
|
232
250
|
}); });
|
|
233
251
|
it('fails to verify a token with wrong key', function () { return __awaiter(_this, void 0, void 0, function () {
|
|
234
|
-
var
|
|
252
|
+
var e_7;
|
|
235
253
|
return __generator(this, function (_a) {
|
|
236
254
|
switch (_a.label) {
|
|
237
255
|
case 0:
|
|
@@ -244,15 +262,15 @@ function engineTest(subjectName, engine) {
|
|
|
244
262
|
_a.sent();
|
|
245
263
|
return [3 /*break*/, 3];
|
|
246
264
|
case 2:
|
|
247
|
-
|
|
248
|
-
(0, chai_1.expect)(
|
|
265
|
+
e_7 = _a.sent();
|
|
266
|
+
(0, chai_1.expect)(e_7.message).to.contain('Invalid signature');
|
|
249
267
|
return [2 /*return*/];
|
|
250
268
|
case 3: throw new Error('Engine should have failed to verify');
|
|
251
269
|
}
|
|
252
270
|
});
|
|
253
271
|
}); });
|
|
254
272
|
it('can sign a token', function () { return __awaiter(_this, void 0, void 0, function () {
|
|
255
|
-
var token, validatedToken,
|
|
273
|
+
var token, validatedToken, e_8;
|
|
256
274
|
return __generator(this, function (_a) {
|
|
257
275
|
switch (_a.label) {
|
|
258
276
|
case 0: return [4 /*yield*/, engine.encode({
|
|
@@ -276,10 +294,10 @@ function engineTest(subjectName, engine) {
|
|
|
276
294
|
(0, chai_1.expect)(validatedToken.claims.iat).to.equal(1598181440);
|
|
277
295
|
return [3 /*break*/, 5];
|
|
278
296
|
case 4:
|
|
279
|
-
|
|
297
|
+
e_8 = _a.sent();
|
|
280
298
|
console.error("Caught error during .sign() test:");
|
|
281
|
-
console.error(
|
|
282
|
-
throw new Error("Should be able to validate signed token '".concat(token.string, "', caught error: ").concat(
|
|
299
|
+
console.error(e_8);
|
|
300
|
+
throw new Error("Should be able to validate signed token '".concat(token.string, "', caught error: ").concat(e_8));
|
|
283
301
|
case 5: return [2 /*return*/];
|
|
284
302
|
}
|
|
285
303
|
});
|
package/dist/engine.test.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"engine.test.js","sourceRoot":"","sources":["../src/engine.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iCAA+B;AAC/B,6BAA8B;AAE9B,wDAA0D;AAC1D,wDAA0D;AAC1D,wDAA0D;AAC1D,wDAA0D;AAC1D,wDAA0D;AAC1D,wDAA0D;AAW1D,IAAM,UAAU,GAAG;IACf,KAAK,EAAE,aAAa;IACpB,KAAK,EAAE,aAAa;IACpB,KAAK,EAAE,aAAa;IACpB,KAAK,EAAE,aAAa;IACpB,KAAK,EAAE,aAAa;IACpB,KAAK,EAAE,aAAa;CACvB,CAAC;AAEF,SAAgB,UAAU,CAAC,WAAoB,EAAE,MAAkB;IAAnE,
|
|
1
|
+
{"version":3,"file":"engine.test.js","sourceRoot":"","sources":["../src/engine.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iCAA+B;AAC/B,6BAA8B;AAE9B,wDAA0D;AAC1D,wDAA0D;AAC1D,wDAA0D;AAC1D,wDAA0D;AAC1D,wDAA0D;AAC1D,wDAA0D;AAW1D,IAAM,UAAU,GAAG;IACf,KAAK,EAAE,aAAa;IACpB,KAAK,EAAE,aAAa;IACpB,KAAK,EAAE,aAAa;IACpB,KAAK,EAAE,aAAa;IACpB,KAAK,EAAE,aAAa;IACpB,KAAK,EAAE,aAAa;CACvB,CAAC;AAEF,SAAgB,UAAU,CAAC,WAAoB,EAAE,MAAkB;IAAnE,iBA0JC;IAzJG,IAAA,cAAK,EAAC,UAAA,QAAQ;QACV,QAAQ,CAAC,WAAW,EAAE,UAAA,EAAE;YACpB,QAAQ,CAAC,cAAc,EAAE,UAAA,EAAE;gBACvB,QAAQ,CAAC,OAAO,EAAE,UAAA,EAAE;oBAChB,EAAE,CAAC,yCAAyC,EAAE;;;;;;oCAEtC,qBAAM,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,aAAa,CAAC,aAAa,EAAE,CAAC,EAAA;;oCAAnH,SAAmH,CAAA;;;;oCAEnH,IAAA,aAAM,EAAC,GAAC,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,+BAA+B,CAAC,CAAC;oCAC9D,sBAAO;wCAGX,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;;;yBACvE,CAAC,CAAC;oBACH,EAAE,CAAC,4CAA4C,EAAE;;;;;;oCAEzC,qBAAM,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,iBAAiB,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,aAAa,CAAC,aAAa,EAAE,CAAC,EAAA;;oCAAxH,SAAwH,CAAA;;;;oCAExH,IAAA,aAAM,EAAC,GAAC,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,+BAA+B,CAAC,CAAC;oCAC9D,sBAAO;wCAGX,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;;;yBACvE,CAAC,CAAC;gBACP,CAAC,CAAC,CAAC;gBAEH,QAAQ,CAAC,OAAO,EAAE,UAAA,EAAE;oBAChB,EAAE,CAAC,mCAAmC,EAAE;;;;;oCAChC,OAAO,GAAG,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,aAAa,CAAC,aAAa,EAAE,CAAC;oCACnE,qBAAM,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,EAAE,EAAE,OAAO,CAAC,EAAA;;oCAAzE,KAAK,GAAG,SAAiE;;;;oCAGzE,qBAAM,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,EAAA;;oCAA5C,SAA4C,CAAA;;;;oCAE5C,IAAA,aAAM,EAAC,GAAC,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;oCACjD,sBAAO;wCAGX,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;;;yBACpE,CAAC,CAAC;oBAEH,EAAE,CAAC,gDAAgD,EAAE;;;;;oCAC7C,OAAO,GAAmB,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,aAAa,CAAC,aAAa,EAAE,QAAQ,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,CAAC;oCAC/G,qBAAM,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,EAAE,EAAE,OAAO,CAAC,EAAA;;oCAAzE,KAAK,GAAG,SAAiE;;;;oCAGzE,qBAAM,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,EAAA;;oCAA5C,SAA4C,CAAA;;;;oCAE5C,IAAA,aAAM,EAAC,GAAC,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;oCACjD,sBAAO;wCAGX,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;;;yBACjF,CAAC,CAAC;oBAEH,EAAE,CAAC,8CAA8C,EAAE;;;;;oCAC3C,OAAO,GAAmB,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,aAAa,CAAC,aAAa,EAAE,QAAQ,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,CAAC;oCAC/G,qBAAM,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,GAAG,IAAI,EAAE,EAAE,OAAO,CAAC,EAAA;;oCAAzF,KAAK,GAAG,SAAiF;oCAExE,qBAAM,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,EAAA;;oCAA7D,cAAc,GAAG,SAA4C;oCACjE,IAAA,aAAM,EAAC,cAAc,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;;;;yBACxD,CAAC,CAAC;oBAEH,EAAE,CAAC,2DAA2D,EAAE;;;;;oCACxD,OAAO,GAAmB,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,aAAa,CAAC,aAAa,EAAE,QAAQ,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,CAAC;oCAC/G,qBAAM,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,EAAE,OAAO,CAAC,EAAA;;oCAAvD,KAAK,GAAG,SAA+C;;;;oCAGvD,qBAAM,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,EAAA;;oCAA5C,SAA4C,CAAA;;;;oCAE5C,IAAA,aAAM,EAAC,GAAC,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,wCAAwC,CAAC,CAAC;oCACvE,sBAAO;wCAGX,MAAM,IAAI,KAAK,CAAC,2EAA2E,CAAC,CAAC;;;yBAChG,CAAC,CAAC;oBAEH,EAAE,CAAC,iDAAiD,EAAE;;;;;oCAC9C,OAAO,GAAmB,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,aAAa,CAAC,aAAa,EAAE,QAAQ,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,EAAE,CAAC;oCAChH,qBAAM,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,EAAE,EAAE,OAAO,CAAC,EAAA;;oCAAxF,KAAK,GAAG,SAAgF;oCACvE,qBAAM,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,EAAA;;oCAA7D,cAAc,GAAG,SAA4C;oCACjE,IAAA,aAAM,EAAC,cAAc,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;;;;yBACxD,CAAC,CAAC;gBACP,CAAC,CAAC,CAAC;YACP,CAAC,CAAC,CAAC;YAEH,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,OAAO,CAAC,UAAA,GAAG,IAAI,OAAA,aAAa,CAAC,GAAG,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,EAAnC,CAAmC,CAAC,CAAC;YAE5E,SAAS,aAAa,CAAC,SAAkB,EAAE,QAA4B;gBAAvE,iBA6DC;gBA5DG,QAAQ,CAAC,sBAAe,SAAS,CAAE,EAAE;;;wBACjC,EAAE,CAAC,oBAAoB,EAAE;;;;4CACT,qBAAM,MAAM,CAAC,QAAQ,CAC7B,QAAQ,CAAC,YAAY,EACrB;4CACI,SAAS,WAAA;4CACT,WAAW,EAAE,QAAQ,CAAC,aAAa;yCACtC,CACJ,EAAA;;wCANG,KAAK,GAAG,SAMX;wCACD,IAAA,aAAM,EAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;wCAChD,IAAA,aAAM,EAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;;;;6BACjD,CAAC,CAAC;wBACH,EAAE,CAAC,2BAA2B,EAAE;;;;;;wCAExB,qBAAM,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,oBAAoB,EAAE;gDACjD,SAAS,WAAA;gDACT,WAAW,EAAE,QAAQ,CAAC,aAAa;6CACtC,CAAC,EAAA;;wCAHF,SAGE,CAAC;;;;wCAEH,IAAA,aAAM,EAAC,GAAC,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;wCAClD,sBAAO;4CAGX,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;;;6BAC1D,CAAC,CAAC;wBACH,EAAE,CAAC,wCAAwC,EAAE;;;;;;wCAErC,qBAAM,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,oBAAoB,EAAE;gDACjD,SAAS,WAAA;gDACT,WAAW,EAAE,QAAQ,CAAC,eAAe;6CACxC,CAAC,EAAA;;wCAHF,SAGE,CAAC;;;;wCAEH,IAAA,aAAM,EAAC,GAAC,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;wCAClD,sBAAO;4CAGX,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;;;6BAC1D,CAAC,CAAC;wBACH,EAAE,CAAC,kBAAkB,EAAE;;;;4CACP,qBAAM,MAAM,CAAC,MAAM,CAAC;4CAC5B,GAAG,EAAE,GAAG;4CACR,GAAG,EAAE,UAAU;yCAClB,EAAE;4CACC,SAAS,WAAA;4CACT,WAAW,EAAE,QAAQ,CAAC,iBAAiB;yCAC1C,CAAC,EAAA;;wCANE,KAAK,GAAG,SAMV;;;;wCAGuB,qBAAM,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,EAAE;gDACrD,SAAS,WAAA;gDACT,WAAW,EAAE,QAAQ,CAAC,aAAa;6CACtC,CAAC,EAAA;;wCAHE,cAAc,GAAG,SAGnB;wCACF,IAAA,aAAM,EAAC,cAAc,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;;;;wCAEvD,OAAO,CAAC,KAAK,CAAC,mCAAmC,CAAC,CAAC;wCACnD,OAAO,CAAC,KAAK,CAAC,GAAC,CAAC,CAAC;wCACjB,MAAM,IAAI,KAAK,CAAC,mDAA4C,KAAK,CAAC,MAAM,8BAAoB,GAAC,CAAE,CAAC,CAAC;;;;6BAExG,CAAC,CAAC;;;qBACN,CAAC,CAAC;YACP,CAAC;QAEL,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;AACP,CAAC;AA1JD,gCA0JC"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
export declare const SAMPLE_TOKEN = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c";
|
|
2
2
|
export declare const SAMPLE_TOKEN_INVALID = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_SNEAKYssw5c";
|
|
3
|
+
export declare const SAMPLE_TOKEN_NONE = "eyJhbGciOiJub25lIn0.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTczNjI5MjEyNH0.";
|
|
3
4
|
export declare const SAMPLE_PUBKEY = "your-256-bit-secret";
|
|
4
5
|
export declare const SAMPLE_PRIVATEKEY = "your-256-bit-secret";
|
|
5
6
|
export declare const SAMPLE_PUBKEY_2 = "wrong-key";
|
|
@@ -1,8 +1,9 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.SAMPLE_PRIVATEKEY_2 = exports.SAMPLE_PUBKEY_2 = exports.SAMPLE_PRIVATEKEY = exports.SAMPLE_PUBKEY = exports.SAMPLE_TOKEN_INVALID = exports.SAMPLE_TOKEN = void 0;
|
|
3
|
+
exports.SAMPLE_PRIVATEKEY_2 = exports.SAMPLE_PUBKEY_2 = exports.SAMPLE_PRIVATEKEY = exports.SAMPLE_PUBKEY = exports.SAMPLE_TOKEN_NONE = exports.SAMPLE_TOKEN_INVALID = exports.SAMPLE_TOKEN = void 0;
|
|
4
4
|
exports.SAMPLE_TOKEN = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c";
|
|
5
5
|
exports.SAMPLE_TOKEN_INVALID = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_SNEAKYssw5c";
|
|
6
|
+
exports.SAMPLE_TOKEN_NONE = "eyJhbGciOiJub25lIn0.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTczNjI5MjEyNH0.";
|
|
6
7
|
exports.SAMPLE_PUBKEY = "your-256-bit-secret";
|
|
7
8
|
exports.SAMPLE_PRIVATEKEY = "your-256-bit-secret";
|
|
8
9
|
exports.SAMPLE_PUBKEY_2 = "wrong-key";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hs256.fixture.js","sourceRoot":"","sources":["../../src/fixtures/hs256.fixture.ts"],"names":[],"mappings":";;;AAAa,QAAA,YAAY,GAAG,6JAA6J,CAAC;AAC7K,QAAA,oBAAoB,GAAG,gKAAgK,CAAC;AACxL,QAAA,aAAa,GAAG,qBAAqB,CAAC;AACtC,QAAA,iBAAiB,GAAG,qBAAqB,CAAC;AAC1C,QAAA,eAAe,GAAG,WAAW,CAAC;AAC9B,QAAA,mBAAmB,GAAG,WAAW,CAAC"}
|
|
1
|
+
{"version":3,"file":"hs256.fixture.js","sourceRoot":"","sources":["../../src/fixtures/hs256.fixture.ts"],"names":[],"mappings":";;;AAAa,QAAA,YAAY,GAAG,6JAA6J,CAAC;AAC7K,QAAA,oBAAoB,GAAG,gKAAgK,CAAC;AACxL,QAAA,iBAAiB,GAAG,kHAAkH,CAAC;AACvI,QAAA,aAAa,GAAG,qBAAqB,CAAC;AACtC,QAAA,iBAAiB,GAAG,qBAAqB,CAAC;AAC1C,QAAA,eAAe,GAAG,WAAW,CAAC;AAC9B,QAAA,mBAAmB,GAAG,WAAW,CAAC"}
|
package/dist/node/index.js
CHANGED
|
@@ -116,6 +116,8 @@ var NodeJWT = /** @class */ (function () {
|
|
|
116
116
|
throw new Error("Cannot validate JWT '".concat(string, "': Invalid signature"));
|
|
117
117
|
else if (e.message === 'invalid algorithm')
|
|
118
118
|
throw new Error("Cannot validate JWT '".concat(string, "': Token has incorrect algorithm"));
|
|
119
|
+
else if (e.message === 'jwt signature is required')
|
|
120
|
+
throw new Error("Cannot validate JWT '".concat(string, "': Token has incorrect algorithm"));
|
|
119
121
|
throw e;
|
|
120
122
|
}
|
|
121
123
|
try {
|
package/dist/node/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/node/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,2CAA6C;AAC7C,oCAAyD;AACzD,4CAA0B;AAE1B;IAAA;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/node/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,2CAA6C;AAC7C,oCAAyD;AACzD,4CAA0B;AAE1B;IAAA;IA2EA,CAAC;IA1EG;;;;;OAKG;IACK,yBAAO,GAAf,UAAgB,KAAc;QAC1B,IAAI,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC7B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAClB,MAAM,IAAI,KAAK,CAAC,yBAAkB,KAAK,0CAAuC,CAAC,CAAC;QAEpF,OAAO;YACH,aAAa,EAAE,KAAK,CAAC,CAAC,CAAC;YACvB,cAAc,EAAE,KAAK,CAAC,CAAC,CAAC;YACxB,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC;YAEnB,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YACrE,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;SACzE,CAAC;IACN,CAAC;IAAA,CAAC;IAEI,iCAAe,GAArB,UAAsB,KAAa;;;;gBAC3B,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;gBAClC,sBAAO;wBACH,MAAM,EAAE,OAAO,CAAC,OAAO;wBACvB,MAAM,EAAE,OAAO,CAAC,MAAM;wBACtB,MAAM,EAAE,KAAK;qBAChB,EAAC;;;KACL;IAEK,wBAAM,GAAZ,UAAa,MAA2B,EAAE,OAAsB;;;;gBACxD,MAAM,GAAG,YAAY,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,WAAW,EAAE;oBACxD,SAAS,EAAO,OAAO,CAAC,SAAS;iBACpC,CAAC,CAAC;gBAEH,sBAAO;wBACH,MAAM,QAAA;wBACN,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM;wBACnC,MAAM,QAAA;qBACT,EAAA;;;KACJ;IAEK,0BAAQ,GAAd,UAAe,MAAe,EAAE,OAAsB;;;;;gBAGlD,IAAI;oBACA,MAAM,GAAuB,YAAY,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,WAAW,EAAE;wBAC1E,UAAU,EAAE,CAAO,OAAO,CAAC,SAAS,CAAE;wBACtC,gBAAgB,EAAE,IAAI;qBACzB,CAAC,CAAC;iBACN;gBAAC,OAAO,CAAC,EAAE;oBACR,IAAI,CAAC,CAAC,OAAO,KAAK,mBAAmB,EAAO,iBAAiB;wBACzD,MAAM,IAAI,KAAK,CAAC,+BAAwB,MAAM,yBAAsB,CAAC,CAAC;yBACrE,IAAI,CAAC,CAAC,OAAO,KAAK,mBAAmB;wBACtC,MAAM,IAAI,KAAK,CAAC,+BAAwB,MAAM,qCAAkC,CAAC,CAAC;yBACjF,IAAI,CAAC,CAAC,OAAO,KAAK,2BAA2B;wBAC9C,MAAM,IAAI,KAAK,CAAC,+BAAwB,MAAM,qCAAkC,CAAC,CAAC;oBAEtF,MAAM,CAAC,CAAC;iBACX;gBAED,IAAI;oBACA,IAAA,uBAAc,EAAC,MAAM,CAAC,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,MAAA,OAAO,CAAC,QAAQ,0CAAE,GAAG,CAAC,CAAC;iBAClE;gBAAC,OAAO,CAAC,EAAE;oBACR,MAAM,IAAI,KAAK,CAAC,+BAAwB,MAAM,gBAAM,CAAC,CAAC,OAAO,CAAE,CAAC,CAAC;iBACpE;gBAED,sBAAO;wBACH,MAAM,QAAA;wBACN,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM;wBACnC,MAAM,QAAA;qBACT,EAAA;;;KACJ;IAEL,cAAC;AAAD,CAAC,AA3ED,IA2EC;AA3EY,0BAAO;AA6EpB,SAAgB,eAAe,KAAiB,OAAO,IAAI,OAAO,EAAE,CAAC,CAAC,CAAC;AAAvE,0CAAuE;AAAA,CAAC;AAC3D,QAAA,GAAG,GAAG,eAAe,EAAE,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@astronautlabs/jwt",
|
|
3
|
-
"version": "1.1.
|
|
3
|
+
"version": "1.1.1",
|
|
4
4
|
"description": "An isomorphic JWT library (works in browser and Node.js)",
|
|
5
5
|
"main": "dist/node/index.js",
|
|
6
6
|
"browser": "dist/browser/index.js",
|
|
@@ -38,8 +38,9 @@
|
|
|
38
38
|
"zone.js": "^0.11.1"
|
|
39
39
|
},
|
|
40
40
|
"dependencies": {
|
|
41
|
-
"
|
|
42
|
-
|
|
43
|
-
|
|
41
|
+
"jsonwebtoken": "^9.0.3"
|
|
42
|
+
},
|
|
43
|
+
"engines": {
|
|
44
|
+
"node": ">=11"
|
|
44
45
|
}
|
|
45
46
|
}
|
package/src/engine.test.ts
CHANGED
|
@@ -39,6 +39,16 @@ export function engineTest(subjectName : string, engine : JWTEngine) {
|
|
|
39
39
|
return;
|
|
40
40
|
}
|
|
41
41
|
|
|
42
|
+
throw new Error(`Should not accept token with incorrect algorithm`);
|
|
43
|
+
});
|
|
44
|
+
it('rejects tokens with the \'none\' algorithm', async () => {
|
|
45
|
+
try {
|
|
46
|
+
await engine.validate(HS256Fixtures.SAMPLE_TOKEN_NONE, { algorithm: 'RS256', secretOrKey: RS256Fixtures.SAMPLE_PUBKEY })
|
|
47
|
+
} catch (e) {
|
|
48
|
+
expect(e.message).to.contain('Token has incorrect algorithm');
|
|
49
|
+
return;
|
|
50
|
+
}
|
|
51
|
+
|
|
42
52
|
throw new Error(`Should not accept token with incorrect algorithm`);
|
|
43
53
|
});
|
|
44
54
|
});
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
export const SAMPLE_TOKEN = `eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c`;
|
|
2
2
|
export const SAMPLE_TOKEN_INVALID = `eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_SNEAKYssw5c`;
|
|
3
|
+
export const SAMPLE_TOKEN_NONE = `eyJhbGciOiJub25lIn0.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTczNjI5MjEyNH0.`;
|
|
3
4
|
export const SAMPLE_PUBKEY = `your-256-bit-secret`;
|
|
4
5
|
export const SAMPLE_PRIVATEKEY = `your-256-bit-secret`;
|
|
5
6
|
export const SAMPLE_PUBKEY_2 = `wrong-key`;
|
package/src/node/index.ts
CHANGED
|
@@ -59,6 +59,8 @@ export class NodeJWT implements JWTEngine {
|
|
|
59
59
|
throw new Error(`Cannot validate JWT '${string}': Invalid signature`);
|
|
60
60
|
else if (e.message === 'invalid algorithm')
|
|
61
61
|
throw new Error(`Cannot validate JWT '${string}': Token has incorrect algorithm`);
|
|
62
|
+
else if (e.message === 'jwt signature is required')
|
|
63
|
+
throw new Error(`Cannot validate JWT '${string}': Token has incorrect algorithm`);
|
|
62
64
|
|
|
63
65
|
throw e;
|
|
64
66
|
}
|