@elysiajs/jwt 1.3.1 → 1.3.2

package/dist/cjs/index.d.ts

@@ -1,17 +1,86 @@
-import { Elysia } from 'elysia';
-import { type JWTPayload, type JWSHeaderParameters, type CryptoKey, type JWK, type KeyObject } from 'jose';
-import type { Static, TSchema } from '@sinclair/typebox';
+import { Elysia, type TSchema, type UnwrapSchema as Static } from 'elysia';
+import { type CryptoKey, type JWK, type KeyObject, type JoseHeaderParameters } from 'jose';
 type UnwrapSchema<Schema extends TSchema | undefined, Fallback = unknown> = Schema extends TSchema ? Static<NonNullable<Schema>> : Fallback;
+/**
+ * This interface is a specific, strongly-typed representation of the
+ * standard claims found in a JWT payload.
+ *
+ * It is re-declared here to override potentially generic definitions from
+ * third-party libraries, ensuring the compiler knows every expected field.
+ *
+ * This interface can be modified as needed within the plugin to easily
+ * accommodate custom claims for specific use cases.
+ */
 export interface JWTPayloadSpec {
+    /**
+     * JWT Issuer
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1 RFC7519#section-4.1.1}
+     */
     iss?: string;
+    /**
+     * JWT Subject
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-4.1.2 RFC7519#section-4.1.2}
+     */
     sub?: string;
+    /**
+     * JWT Audience
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3 RFC7519#section-4.1.3}
+     */
     aud?: string | string[];
+    /**
+     * JWT ID
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-4.1.7 RFC7519#section-4.1.7}
+     */
     jti?: string;
-    nbf?: number;
-    exp?: number;
-    iat?: number;
+    /**
+     * JWT Not Before
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5 RFC7519#section-4.1.5}
+     */
+    nbf?: string | number;
+    /**
+     * JWT Expiration Time
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4 RFC7519#section-4.1.4}
+     */
+    exp?: string | number;
+    /**
+     * JWT Issued At
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6 RFC7519#section-4.1.6}
+     */
+    iat?: boolean;
+}
+/**
+ * Defines the types for the header parameters of a JWS.
+ *
+ * Much like `JWTPayloadSpec`, this interface is declared to provide strong,
+ * explicit typing, allowing TypeScript to validate the header's structure
+ * and provide accurate autocompletion.
+ *
+ * It can also be modified within the plugin to handle custom header
+ * parameters required for specific development scenarios.
+ */
+export interface JWTHeaderParameters extends JoseHeaderParameters {
+    /**
+     * JWS "alg" (Algorithm) Header Parameter
+     *
+     * @see {@link https://github.com/panva/jose/issues/210#jws-alg Algorithm Key Requirements}
+     */
+    alg?: string;
+    /**
+     * This JWS Extension Header Parameter modifies the JWS Payload representation and the JWS Signing
+     * Input computation as per {@link https://www.rfc-editor.org/rfc/rfc7797 RFC7797}.
+     */
+    b64?: true;
+    /** JWS "crit" (Critical) Header Parameter */
+    crit?: string[];
 }
-export interface JWTOption<Name extends string | undefined = 'jwt', Schema extends TSchema | undefined = undefined> extends JWSHeaderParameters, Omit<JWTPayload, 'nbf' | 'exp'> {
+export interface JWTOption<Name extends string | undefined = 'jwt', Schema extends TSchema | undefined = undefined> extends JWTHeaderParameters, JWTPayloadSpec {
     /**
      * Name to decorate method as
      *
@@ -39,31 +108,13 @@ export interface JWTOption<Name extends string | undefined = 'jwt', Schema exten
      * Type strict validation for JWT payload
      */
     schema?: Schema;
-    /**
-     * JWT Not Before
-     *
-     * @see [RFC7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5)
-     */
-    nbf?: string | number;
-    /**
-     * JWT Expiration Time
-     *
-     * @see [RFC7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4)
-     */
-    exp?: string | number;
 }
-export declare const jwt: <const Name extends string = "jwt", const Schema extends TSchema | undefined = undefined>({ name, secret, alg, crit, schema, nbf, exp, ...payload }: JWTOption<Name, Schema>) => Elysia<"", {
+export declare const jwt: <const Name extends string = "jwt", const Schema extends TSchema | undefined = undefined>({ name, secret, schema, ...defaultValues }: JWTOption<Name, Schema>) => Elysia<"", {
     decorator: { [name in Name extends string ? Name : "jwt"]: {
-        sign(morePayload: UnwrapSchema<Schema, Record<string, string | number>> & Omit<JWTPayloadSpec, "exp" | "nbf"> & {
-            exp?: string | number;
-            nbf?: string | number;
-        }): Promise<string>;
+        sign(data: UnwrapSchema<Schema, Record<string, string | number>> & JWTPayloadSpec): Promise<string>;
         verify(jwt?: string): Promise<(UnwrapSchema<Schema, Record<string, string | number>> & JWTPayloadSpec) | false>;
     }; } extends infer T ? { [K in keyof T]: { [name in Name extends string ? Name : "jwt"]: {
-        sign(morePayload: UnwrapSchema<Schema, Record<string, string | number>> & Omit<JWTPayloadSpec, "exp" | "nbf"> & {
-            exp?: string | number;
-            nbf?: string | number;
-        }): Promise<string>;
+        sign(data: UnwrapSchema<Schema, Record<string, string | number>> & JWTPayloadSpec): Promise<string>;
         verify(jwt?: string): Promise<(UnwrapSchema<Schema, Record<string, string | number>> & JWTPayloadSpec) | false>;
     }; }[K]; } : never;
     store: {};

package/dist/cjs/index.js

@@ -2642,15 +2642,8 @@ var Type = type_exports2;
 var jwt = ({
   name = "jwt",
   secret,
-  // Start JWT Header
-  alg = "HS256",
-  crit,
   schema,
-  // End JWT Header
-  // Start JWT Payload
-  nbf,
-  exp,
-  ...payload
+  ...defaultValues
 }) => {
   if (!secret) throw new Error("Secret can't be empty");
   const key = typeof secret === "string" ? new TextEncoder().encode(secret) : secret;
@@ -2666,7 +2659,7 @@ var jwt = ({
         jti: Type.Optional(Type.String()),
         nbf: Type.Optional(Type.Union([Type.String(), Type.Number()])),
         exp: Type.Optional(Type.Union([Type.String(), Type.Number()])),
-        iat: Type.Optional(Type.String())
+        iat: Type.Optional(Type.Union([Type.Number(), Type.String()]))
       })
     ]),
     {
@@ -2678,32 +2671,56 @@ var jwt = ({
     seed: {
       name,
       secret,
-      alg,
-      crit,
       schema,
-      nbf,
-      exp,
-      ...payload
+      ...defaultValues
     }
   }).decorate(name, {
-    sign(morePayload) {
-      const {
-        exp: morePayloadExp,
-        nbf: morePayloadNbf,
-        ...claimsMorePayload
-      } = morePayload;
-      let jwt2 = new import_jose.SignJWT({
-        ...payload,
-        ...claimsMorePayload
-      }).setProtectedHeader({
-        alg,
-        crit
+    sign(data) {
+      const JWTHeader = {
+        alg: defaultValues.alg ?? "HS256",
+        b64: defaultValues.b64,
+        crit: defaultValues.crit,
+        cty: defaultValues.cty,
+        jku: defaultValues.jku,
+        jwk: defaultValues.jwk,
+        kid: defaultValues.kid,
+        typ: defaultValues.typ ?? "JWT",
+        x5c: defaultValues.x5c,
+        x5t: defaultValues.x5t,
+        x5u: defaultValues.x5u
+      };
+      const JWTPayload = {
+        /**
+         * Audience (aud): Identifies the recipients that the JWT is intended for.
+         */
+        aud: data.aud ?? defaultValues.aud,
+        /**
+         * Issuer (iss): Identifies the principal that issued the JWT.
+         */
+        iss: data.iss ?? defaultValues.iss,
+        /**
+         * JWT ID (jti): Provides a unique identifier for the JWT.
+         */
+        jti: data.jti ?? defaultValues.jti,
+        /**
+         * Subject (sub): Identifies the principal that is the subject of the JWT.
+         */
+        sub: data.sub ?? defaultValues.sub,
+        // Includes all other properties from the data source, both standard and custom.
+        ...data
+      };
+      let jwt2 = new import_jose.SignJWT({ ...JWTPayload }).setProtectedHeader({
+        alg: JWTHeader.alg,
+        ...JWTHeader
       });
-      if (morePayloadNbf !== void 0) {
-        jwt2 = jwt2.setNotBefore(morePayloadNbf);
+      if (data.nbf !== void 0 || defaultValues.nbf !== void 0) {
+        jwt2 = jwt2.setNotBefore(data.nbf ?? defaultValues.nbf);
       }
-      if (morePayloadExp !== void 0) {
-        jwt2 = jwt2.setExpirationTime(morePayloadExp);
+      if (data.exp !== void 0 || defaultValues.exp !== void 0) {
+        jwt2 = jwt2.setExpirationTime(data.exp ?? defaultValues.exp);
+      }
+      if (defaultValues.iat !== false || data.iat !== false) {
+        jwt2 = jwt2.setIssuedAt(/* @__PURE__ */ new Date());
       }
       return jwt2.sign(key);
     },

package/dist/index.d.ts

@@ -1,17 +1,86 @@
-import { Elysia } from 'elysia';
-import { type JWTPayload, type JWSHeaderParameters, type CryptoKey, type JWK, type KeyObject } from 'jose';
-import type { Static, TSchema } from '@sinclair/typebox';
+import { Elysia, type TSchema, type UnwrapSchema as Static } from 'elysia';
+import { type CryptoKey, type JWK, type KeyObject, type JoseHeaderParameters } from 'jose';
 type UnwrapSchema<Schema extends TSchema | undefined, Fallback = unknown> = Schema extends TSchema ? Static<NonNullable<Schema>> : Fallback;
+/**
+ * This interface is a specific, strongly-typed representation of the
+ * standard claims found in a JWT payload.
+ *
+ * It is re-declared here to override potentially generic definitions from
+ * third-party libraries, ensuring the compiler knows every expected field.
+ *
+ * This interface can be modified as needed within the plugin to easily
+ * accommodate custom claims for specific use cases.
+ */
 export interface JWTPayloadSpec {
+    /**
+     * JWT Issuer
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1 RFC7519#section-4.1.1}
+     */
     iss?: string;
+    /**
+     * JWT Subject
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-4.1.2 RFC7519#section-4.1.2}
+     */
     sub?: string;
+    /**
+     * JWT Audience
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3 RFC7519#section-4.1.3}
+     */
     aud?: string | string[];
+    /**
+     * JWT ID
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-4.1.7 RFC7519#section-4.1.7}
+     */
     jti?: string;
-    nbf?: number;
-    exp?: number;
-    iat?: number;
+    /**
+     * JWT Not Before
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5 RFC7519#section-4.1.5}
+     */
+    nbf?: string | number;
+    /**
+     * JWT Expiration Time
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4 RFC7519#section-4.1.4}
+     */
+    exp?: string | number;
+    /**
+     * JWT Issued At
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6 RFC7519#section-4.1.6}
+     */
+    iat?: boolean;
+}
+/**
+ * Defines the types for the header parameters of a JWS.
+ *
+ * Much like `JWTPayloadSpec`, this interface is declared to provide strong,
+ * explicit typing, allowing TypeScript to validate the header's structure
+ * and provide accurate autocompletion.
+ *
+ * It can also be modified within the plugin to handle custom header
+ * parameters required for specific development scenarios.
+ */
+export interface JWTHeaderParameters extends JoseHeaderParameters {
+    /**
+     * JWS "alg" (Algorithm) Header Parameter
+     *
+     * @see {@link https://github.com/panva/jose/issues/210#jws-alg Algorithm Key Requirements}
+     */
+    alg?: string;
+    /**
+     * This JWS Extension Header Parameter modifies the JWS Payload representation and the JWS Signing
+     * Input computation as per {@link https://www.rfc-editor.org/rfc/rfc7797 RFC7797}.
+     */
+    b64?: true;
+    /** JWS "crit" (Critical) Header Parameter */
+    crit?: string[];
 }
-export interface JWTOption<Name extends string | undefined = 'jwt', Schema extends TSchema | undefined = undefined> extends JWSHeaderParameters, Omit<JWTPayload, 'nbf' | 'exp'> {
+export interface JWTOption<Name extends string | undefined = 'jwt', Schema extends TSchema | undefined = undefined> extends JWTHeaderParameters, JWTPayloadSpec {
     /**
      * Name to decorate method as
      *
@@ -39,31 +108,13 @@ export interface JWTOption<Name extends string | undefined = 'jwt', Schema exten
      * Type strict validation for JWT payload
      */
     schema?: Schema;
-    /**
-     * JWT Not Before
-     *
-     * @see [RFC7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5)
-     */
-    nbf?: string | number;
-    /**
-     * JWT Expiration Time
-     *
-     * @see [RFC7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4)
-     */
-    exp?: string | number;
 }
-export declare const jwt: <const Name extends string = "jwt", const Schema extends TSchema | undefined = undefined>({ name, secret, alg, crit, schema, nbf, exp, ...payload }: JWTOption<Name, Schema>) => Elysia<"", {
+export declare const jwt: <const Name extends string = "jwt", const Schema extends TSchema | undefined = undefined>({ name, secret, schema, ...defaultValues }: JWTOption<Name, Schema>) => Elysia<"", {
     decorator: { [name in Name extends string ? Name : "jwt"]: {
-        sign(morePayload: UnwrapSchema<Schema, Record<string, string | number>> & Omit<JWTPayloadSpec, "exp" | "nbf"> & {
-            exp?: string | number;
-            nbf?: string | number;
-        }): Promise<string>;
+        sign(data: UnwrapSchema<Schema, Record<string, string | number>> & JWTPayloadSpec): Promise<string>;
         verify(jwt?: string): Promise<(UnwrapSchema<Schema, Record<string, string | number>> & JWTPayloadSpec) | false>;
     }; } extends infer T ? { [K in keyof T]: { [name in Name extends string ? Name : "jwt"]: {
-        sign(morePayload: UnwrapSchema<Schema, Record<string, string | number>> & Omit<JWTPayloadSpec, "exp" | "nbf"> & {
-            exp?: string | number;
-            nbf?: string | number;
-        }): Promise<string>;
+        sign(data: UnwrapSchema<Schema, Record<string, string | number>> & JWTPayloadSpec): Promise<string>;
         verify(jwt?: string): Promise<(UnwrapSchema<Schema, Record<string, string | number>> & JWTPayloadSpec) | false>;
     }; }[K]; } : never;
     store: {};

package/dist/index.mjs

@@ -5,7 +5,11 @@ var __export = (target, all) => {
 };
 
 // src/index.ts
-import { Elysia, ValidationError, getSchemaValidator } from "elysia";
+import {
+  Elysia,
+  ValidationError,
+  getSchemaValidator
+} from "elysia";
 import {
   SignJWT,
   jwtVerify
@@ -2626,15 +2630,8 @@ var Type = type_exports2;
 var jwt = ({
   name = "jwt",
   secret,
-  // Start JWT Header
-  alg = "HS256",
-  crit,
   schema,
-  // End JWT Header
-  // Start JWT Payload
-  nbf,
-  exp,
-  ...payload
+  ...defaultValues
 }) => {
   if (!secret) throw new Error("Secret can't be empty");
   const key = typeof secret === "string" ? new TextEncoder().encode(secret) : secret;
@@ -2650,7 +2647,7 @@ var jwt = ({
         jti: Type.Optional(Type.String()),
         nbf: Type.Optional(Type.Union([Type.String(), Type.Number()])),
         exp: Type.Optional(Type.Union([Type.String(), Type.Number()])),
-        iat: Type.Optional(Type.String())
+        iat: Type.Optional(Type.Union([Type.Number(), Type.String()]))
       })
     ]),
     {
@@ -2662,32 +2659,56 @@ var jwt = ({
     seed: {
       name,
       secret,
-      alg,
-      crit,
       schema,
-      nbf,
-      exp,
-      ...payload
+      ...defaultValues
     }
   }).decorate(name, {
-    sign(morePayload) {
-      const {
-        exp: morePayloadExp,
-        nbf: morePayloadNbf,
-        ...claimsMorePayload
-      } = morePayload;
-      let jwt2 = new SignJWT({
-        ...payload,
-        ...claimsMorePayload
-      }).setProtectedHeader({
-        alg,
-        crit
+    sign(data) {
+      const JWTHeader = {
+        alg: defaultValues.alg ?? "HS256",
+        b64: defaultValues.b64,
+        crit: defaultValues.crit,
+        cty: defaultValues.cty,
+        jku: defaultValues.jku,
+        jwk: defaultValues.jwk,
+        kid: defaultValues.kid,
+        typ: defaultValues.typ ?? "JWT",
+        x5c: defaultValues.x5c,
+        x5t: defaultValues.x5t,
+        x5u: defaultValues.x5u
+      };
+      const JWTPayload = {
+        /**
+         * Audience (aud): Identifies the recipients that the JWT is intended for.
+         */
+        aud: data.aud ?? defaultValues.aud,
+        /**
+         * Issuer (iss): Identifies the principal that issued the JWT.
+         */
+        iss: data.iss ?? defaultValues.iss,
+        /**
+         * JWT ID (jti): Provides a unique identifier for the JWT.
+         */
+        jti: data.jti ?? defaultValues.jti,
+        /**
+         * Subject (sub): Identifies the principal that is the subject of the JWT.
+         */
+        sub: data.sub ?? defaultValues.sub,
+        // Includes all other properties from the data source, both standard and custom.
+        ...data
+      };
+      let jwt2 = new SignJWT({ ...JWTPayload }).setProtectedHeader({
+        alg: JWTHeader.alg,
+        ...JWTHeader
       });
-      if (morePayloadNbf !== void 0) {
-        jwt2 = jwt2.setNotBefore(morePayloadNbf);
+      if (data.nbf !== void 0 || defaultValues.nbf !== void 0) {
+        jwt2 = jwt2.setNotBefore(data.nbf ?? defaultValues.nbf);
+      }
+      if (data.exp !== void 0 || defaultValues.exp !== void 0) {
+        jwt2 = jwt2.setExpirationTime(data.exp ?? defaultValues.exp);
       }
-      if (morePayloadExp !== void 0) {
-        jwt2 = jwt2.setExpirationTime(morePayloadExp);
+      if (defaultValues.iat !== false || data.iat !== false) {
+        jwt2 = jwt2.setIssuedAt(/* @__PURE__ */ new Date());
       }
       return jwt2.sign(key);
     },

package/package.json

@@ -1,7 +1,7 @@
 {
 	"name": "@elysiajs/jwt",
 	"description": "Plugin for Elysia for using JWT Authentication",
-	"version": "1.3.1",
+	"version": "1.3.2",
 	"author": {
 		"name": "saltyAom",
 		"url": "https://github.com/SaltyAom",