@naturalcycles/nodejs-lib 12.82.1 → 12.83.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/jwt/jwt.service.d.ts +7 -2
  2. package/dist/jwt/jwt.service.js +6 -3
  3. package/package.json +1 -1
  4. package/src/jwt/jwt.service.ts +8 -2
package/dist/jwt/jwt.service.d.ts CHANGED
@@ -18,6 +18,8 @@ export interface JWTServiceCfg {
18
18
  privateKey?: string | Buffer;
19
19
  /**
20
20
  * Recommended: ES256
21
+ * Keys (private/public) should be generated using proper settings
22
+ * that fit the used Algorithm.
21
23
  */
22
24
  algorithm: Algorithm;
23
25
  /**
@@ -38,7 +40,10 @@ export interface JWTServiceCfg {
38
40
  * Wraps popular `jsonwebtoken` library.
39
41
  * You should create one instance of JWTService for each pair of private/public key.
40
42
  *
41
- * Generate key pair like this:
43
+ * Generate key pair like this.
44
+ * Please note that parameters should be different for different algorithms.
45
+ * For ES256 (default algo in JWTService) key should have `prime256v1` parameter:
46
+ *
42
47
  * openssl ecparam -name prime256v1 -genkey -noout -out key.pem
43
48
  * openssl ec -in key.pem -pubout > key.pub.pem
44
49
  */
@@ -46,7 +51,7 @@ export declare class JWTService {
46
51
  cfg: JWTServiceCfg;
47
52
  constructor(cfg: JWTServiceCfg);
48
53
  sign<T extends AnyObject>(payload: T, schema?: AnySchemaTyped<T>, opt?: SignOptions): JWTString;
49
- verify<T extends AnyObject>(token: JWTString, schema?: AnySchemaTyped<T>, opt?: VerifyOptions): T;
54
+ verify<T extends AnyObject>(token: JWTString, schema?: AnySchemaTyped<T>, opt?: VerifyOptions, publicKey?: string): T;
50
55
  decode<T extends AnyObject>(token: JWTString, schema?: AnySchemaTyped<T>): {
51
56
  header: JwtHeader;
52
57
  payload: T;
package/dist/jwt/jwt.service.js CHANGED
@@ -11,7 +11,10 @@ const joi_validation_util_1 = require("../validation/joi/joi.validation.util");
11
11
  * Wraps popular `jsonwebtoken` library.
12
12
  * You should create one instance of JWTService for each pair of private/public key.
13
13
  *
14
- * Generate key pair like this:
14
+ * Generate key pair like this.
15
+ * Please note that parameters should be different for different algorithms.
16
+ * For ES256 (default algo in JWTService) key should have `prime256v1` parameter:
17
+ *
15
18
  * openssl ecparam -name prime256v1 -genkey -noout -out key.pem
16
19
  * openssl ec -in key.pem -pubout > key.pub.pem
17
20
  */
@@ -31,10 +34,10 @@ class JWTService {
31
34
  ...opt,
32
35
  });
33
36
  }
34
- verify(token, schema, opt = {}) {
37
+ verify(token, schema, opt = {}, publicKey) {
35
38
  (0, js_lib_1._assert)(this.cfg.publicKey, 'JWTService: publicKey is required to be able to verify, but not provided');
36
39
  try {
37
- const data = jsonwebtoken.verify(token, this.cfg.publicKey, {
40
+ const data = jsonwebtoken.verify(token, publicKey || this.cfg.publicKey, {
38
41
  algorithms: [this.cfg.algorithm],
39
42
  ...this.cfg.verifyOptions,
40
43
  ...opt,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@naturalcycles/nodejs-lib",
3
- "version": "12.82.1",
3
+ "version": "12.83.0",
4
4
  "scripts": {
5
5
  "prepare": "husky install",
6
6
  "docs-serve": "vuepress dev docs",
package/src/jwt/jwt.service.ts CHANGED
@@ -28,6 +28,8 @@ export interface JWTServiceCfg {
28
28
 
29
29
  /**
30
30
  * Recommended: ES256
31
+ * Keys (private/public) should be generated using proper settings
32
+ * that fit the used Algorithm.
31
33
  */
32
34
  algorithm: Algorithm
33
35
 
@@ -54,7 +56,10 @@ export interface JWTServiceCfg {
54
56
  * Wraps popular `jsonwebtoken` library.
55
57
  * You should create one instance of JWTService for each pair of private/public key.
56
58
  *
57
- * Generate key pair like this:
59
+ * Generate key pair like this.
60
+ * Please note that parameters should be different for different algorithms.
61
+ * For ES256 (default algo in JWTService) key should have `prime256v1` parameter:
62
+ *
58
63
  * openssl ecparam -name prime256v1 -genkey -noout -out key.pem
59
64
  * openssl ec -in key.pem -pubout > key.pub.pem
60
65
  */
@@ -87,6 +92,7 @@ export class JWTService {
87
92
  token: JWTString,
88
93
  schema?: AnySchemaTyped<T>,
89
94
  opt: VerifyOptions = {},
95
+ publicKey?: string, // allows to override public key
90
96
  ): T {
91
97
  _assert(
92
98
  this.cfg.publicKey,
@@ -94,7 +100,7 @@ export class JWTService {
94
100
  )
95
101
 
96
102
  try {
97
- const data = jsonwebtoken.verify(token, this.cfg.publicKey, {
103
+ const data = jsonwebtoken.verify(token, publicKey || this.cfg.publicKey, {
98
104
  algorithms: [this.cfg.algorithm],
99
105
  ...this.cfg.verifyOptions,
100
106
  ...opt,