npm - @navios/jwt - Versions diffs - 0.1.0 - Mend

@navios/jwt 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/LICENSE +7 -0
package/README.md +119 -0
package/dist/index.d.mts +1326 -0
package/dist/index.d.ts +1326 -0
package/dist/index.js +365 -0
package/dist/index.js.map +1 -0
package/dist/index.mjs +328 -0
package/dist/index.mjs.map +1 -0
package/package.json +43 -0
package/src/index.mts +8 -0
package/src/jwt-service.provider.mts +37 -0
package/src/jwt.service.mts +202 -0
package/src/options/jwt-service.options.mts +125 -0

package/dist/index.js ADDED Viewed

@@ -0,0 +1,365 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __knownSymbol = (name, symbol) => (symbol = Symbol[name]) ? symbol : Symbol.for("Symbol." + name);
+var __typeError = (msg) => {
+  throw TypeError(msg);
+};
+var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
+var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var __decoratorStart = (base) => [, , , __create((base == null ? void 0 : base[__knownSymbol("metadata")]) ?? null)];
+var __decoratorStrings = ["class", "method", "getter", "setter", "accessor", "field", "value", "get", "set"];
+var __expectFn = (fn) => fn !== void 0 && typeof fn !== "function" ? __typeError("Function expected") : fn;
+var __decoratorContext = (kind, name, done, metadata, fns) => ({ kind: __decoratorStrings[kind], name, metadata, addInitializer: (fn) => done._ ? __typeError("Already initialized") : fns.push(__expectFn(fn || null)) });
+var __decoratorMetadata = (array, target) => __defNormalProp(target, __knownSymbol("metadata"), array[3]);
+var __runInitializers = (array, flags, self, value) => {
+  for (var i = 0, fns = array[flags >> 1], n = fns && fns.length; i < n; i++) flags & 1 ? fns[i].call(self) : value = fns[i].call(self, value);
+  return value;
+};
+var __decorateElement = (array, flags, name, decorators, target, extra) => {
+  var fn, it, done, ctx, access, k = flags & 7, s = !!(flags & 8), p = !!(flags & 16);
+  var j = k > 3 ? array.length + 1 : k ? s ? 1 : 2 : 0, key = __decoratorStrings[k + 5];
+  var initializers = k > 3 && (array[j - 1] = []), extraInitializers = array[j] || (array[j] = []);
+  var desc = k && (!p && !s && (target = target.prototype), k < 5 && (k > 3 || !p) && __getOwnPropDesc(k < 4 ? target : { get [name]() {
+    return __privateGet(this, extra);
+  }, set [name](x) {
+    return __privateSet(this, extra, x);
+  } }, name));
+  k ? p && k < 4 && __name(extra, (k > 2 ? "set " : k > 1 ? "get " : "") + name) : __name(target, name);
+  for (var i = decorators.length - 1; i >= 0; i--) {
+    ctx = __decoratorContext(k, name, done = {}, array[3], extraInitializers);
+    if (k) {
+      ctx.static = s, ctx.private = p, access = ctx.access = { has: p ? (x) => __privateIn(target, x) : (x) => name in x };
+      if (k ^ 3) access.get = p ? (x) => (k ^ 1 ? __privateGet : __privateMethod)(x, target, k ^ 4 ? extra : desc.get) : (x) => x[name];
+      if (k > 2) access.set = p ? (x, y) => __privateSet(x, target, y, k ^ 4 ? extra : desc.set) : (x, y) => x[name] = y;
+    }
+    it = (0, decorators[i])(k ? k < 4 ? p ? extra : desc[key] : k > 4 ? void 0 : { get: desc.get, set: desc.set } : target, ctx), done._ = 1;
+    if (k ^ 4 || it === void 0) __expectFn(it) && (k > 4 ? initializers.unshift(it) : k ? p ? extra = it : desc[key] = it : target = it);
+    else if (typeof it !== "object" || it === null) __typeError("Object expected");
+    else __expectFn(fn = it.get) && (desc.get = fn), __expectFn(fn = it.set) && (desc.set = fn), __expectFn(fn = it.init) && initializers.unshift(fn);
+  }
+  return k || __decoratorMetadata(array, target), desc && __defProp(target, name, desc), p ? k ^ 4 ? extra : desc : target;
+};
+var __accessCheck = (obj, member, msg) => member.has(obj) || __typeError("Cannot " + msg);
+var __privateIn = (member, obj) => Object(obj) !== obj ? __typeError('Cannot use the "in" operator on this value') : member.has(obj);
+var __privateGet = (obj, member, getter) => (__accessCheck(obj, member, "read from private field"), getter ? getter.call(obj) : member.get(obj));
+var __privateSet = (obj, member, value, setter) => (__accessCheck(obj, member, "write to private field"), setter ? setter.call(obj, value) : member.set(obj, value), value);
+var __privateMethod = (obj, member, method) => (__accessCheck(obj, member, "access private method"), method);
+// packages/jwt/src/index.mts
+var src_exports = {};
+__export(src_exports, {
+  AlgorithmType: () => AlgorithmType,
+  JsonWebTokenError: () => import_jsonwebtoken.JsonWebTokenError,
+  JwtHeaderSchema: () => JwtHeaderSchema,
+  JwtService: () => JwtService,
+  JwtServiceFactory: () => JwtServiceFactory,
+  JwtServiceOptionsSchema: () => JwtServiceOptionsSchema,
+  JwtServiceToken: () => JwtServiceToken,
+  NotBeforeError: () => import_jsonwebtoken.NotBeforeError,
+  RequestType: () => RequestType,
+  SecretSchema: () => SecretSchema,
+  SignOptionsSchema: () => SignOptionsSchema,
+  TokenExpiredError: () => import_jsonwebtoken.TokenExpiredError,
+  VerifyOptionsSchema: () => VerifyOptionsSchema,
+  provideJwtService: () => provideJwtService
+});
+module.exports = __toCommonJS(src_exports);
+// packages/jwt/src/options/jwt-service.options.mts
+var import_zod = require("zod");
+var RequestType = /* @__PURE__ */ ((RequestType2) => {
+  RequestType2["Sign"] = "Sign";
+  RequestType2["Verify"] = "Verify";
+  return RequestType2;
+})(RequestType || {});
+var AlgorithmType = import_zod.z.enum([
+  "HS256",
+  "HS384",
+  "HS512",
+  "RS256",
+  "RS384",
+  "RS512",
+  "ES256",
+  "ES384",
+  "ES512",
+  "PS256",
+  "PS384",
+  "PS512",
+  "none"
+]);
+var JwtHeaderSchema = import_zod.z.object({
+  alg: AlgorithmType.or(import_zod.z.string()),
+  typ: import_zod.z.string().optional(),
+  cty: import_zod.z.string().optional(),
+  crit: import_zod.z.string().array().optional(),
+  kid: import_zod.z.string().optional(),
+  jku: import_zod.z.string().optional(),
+  x5u: import_zod.z.union([import_zod.z.string(), import_zod.z.array(import_zod.z.string())]).optional(),
+  "x5t#S256": import_zod.z.string().optional(),
+  x5t: import_zod.z.string().optional(),
+  x5c: import_zod.z.union([import_zod.z.string(), import_zod.z.array(import_zod.z.string())]).optional()
+});
+var SignOptionsSchema = import_zod.z.object({
+  algorithm: AlgorithmType.optional(),
+  keyid: import_zod.z.string().optional(),
+  expiresIn: import_zod.z.union([import_zod.z.string(), import_zod.z.number()]).optional(),
+  notBefore: import_zod.z.union([import_zod.z.string(), import_zod.z.number()]).optional(),
+  audience: import_zod.z.union([import_zod.z.string(), import_zod.z.string().array()]).optional(),
+  subject: import_zod.z.string().optional(),
+  issuer: import_zod.z.string().optional(),
+  jwtid: import_zod.z.string().optional(),
+  mutatePayload: import_zod.z.boolean().optional(),
+  noTimestamp: import_zod.z.boolean().optional(),
+  header: JwtHeaderSchema.optional(),
+  encoding: import_zod.z.string().optional(),
+  allowInsecureKeySizes: import_zod.z.boolean().optional(),
+  allowInvalidAsymmetricKeyTypes: import_zod.z.boolean().optional()
+});
+var VerifyOptionsSchema = import_zod.z.object({
+  algorithms: AlgorithmType.array().optional(),
+  audience: import_zod.z.union([import_zod.z.string(), import_zod.z.instanceof(RegExp), import_zod.z.string().array()]).optional(),
+  clockTimestamp: import_zod.z.number().optional(),
+  clockTolerance: import_zod.z.number().optional(),
+  complete: import_zod.z.boolean().optional(),
+  issuer: import_zod.z.union([import_zod.z.string(), import_zod.z.string().array()]).optional(),
+  ignoreExpiration: import_zod.z.boolean().optional(),
+  ignoreNotBefore: import_zod.z.boolean().optional(),
+  jwtid: import_zod.z.string().optional(),
+  nonce: import_zod.z.string().optional(),
+  subject: import_zod.z.string().optional(),
+  maxAge: import_zod.z.union([import_zod.z.string(), import_zod.z.number()]).optional(),
+  allowInvalidAsymmetricKeyTypes: import_zod.z.boolean().optional()
+});
+var SecretSchema = import_zod.z.union([
+  import_zod.z.string(),
+  import_zod.z.instanceof(Buffer),
+  import_zod.z.object({
+    type: import_zod.z.string()
+  }).passthrough(),
+  import_zod.z.object({
+    key: import_zod.z.union([import_zod.z.string(), import_zod.z.instanceof(Buffer)]),
+    passphrase: import_zod.z.string()
+  })
+]);
+var JwtServiceOptionsSchema = import_zod.z.object({
+  signOptions: SignOptionsSchema.optional(),
+  secret: import_zod.z.string().optional(),
+  publicKey: import_zod.z.union([import_zod.z.string(), import_zod.z.instanceof(Buffer)]).optional(),
+  privateKey: SecretSchema.optional(),
+  verifyOptions: VerifyOptionsSchema.optional(),
+  secretOrKeyProvider: import_zod.z.function().args(
+    import_zod.z.nativeEnum(RequestType),
+    import_zod.z.any(),
+    import_zod.z.union([SignOptionsSchema, VerifyOptionsSchema]).optional()
+  ).returns(import_zod.z.union([SecretSchema, import_zod.z.promise(SecretSchema)])).optional()
+});
+// packages/jwt/src/jwt.service.mts
+var import_core = require("@navios/core");
+var jwt = __toESM(require("jsonwebtoken"), 1);
+var _JwtService_decorators, _init;
+_JwtService_decorators = [(0, import_core.Injectable)()];
+var _JwtService = class _JwtService {
+  constructor(options = {}) {
+    this.options = options;
+  }
+  logger = (0, import_core.syncInject)(import_core.Logger, {
+    context: _JwtService.name
+  });
+  sign(payload, options = {}) {
+    const signOptions = this.mergeJwtOptions(
+      { ...options },
+      "signOptions"
+    );
+    const secret = this.getSecretKey(
+      payload,
+      options,
+      "privateKey",
+      "Sign" /* Sign */
+    );
+    if (secret instanceof Promise) {
+      secret.catch(() => {
+      });
+      this.logger.warn(
+        'For async version of "secretOrKeyProvider", please use "signAsync".'
+      );
+      throw new Error();
+    }
+    const allowedSignOptKeys = ["secret", "privateKey"];
+    const signOptKeys = Object.keys(signOptions);
+    if (typeof payload === "string" && signOptKeys.some((k) => !allowedSignOptKeys.includes(k))) {
+      throw new Error(
+        "Payload as string is not allowed with the following sign options: " + signOptKeys.join(", ")
+      );
+    }
+    return jwt.sign(payload, secret, signOptions);
+  }
+  signAsync(payload, options = {}) {
+    const signOptions = this.mergeJwtOptions(
+      { ...options },
+      "signOptions"
+    );
+    const secret = this.getSecretKey(
+      payload,
+      options,
+      "privateKey",
+      "Sign" /* Sign */
+    );
+    const allowedSignOptKeys = ["secret", "privateKey"];
+    const signOptKeys = Object.keys(signOptions);
+    if (typeof payload === "string" && signOptKeys.some((k) => !allowedSignOptKeys.includes(k))) {
+      throw new Error(
+        "Payload as string is not allowed with the following sign options: " + signOptKeys.join(", ")
+      );
+    }
+    return new Promise(
+      (resolve, reject) => Promise.resolve().then(() => secret).then((scrt) => {
+        jwt.sign(
+          payload,
+          scrt,
+          signOptions,
+          (err, encoded) => err ? reject(err) : resolve(encoded)
+        );
+      })
+    );
+  }
+  verify(token, options = {}) {
+    const verifyOptions = this.mergeJwtOptions({ ...options }, "verifyOptions");
+    const secret = this.getSecretKey(
+      token,
+      options,
+      "publicKey",
+      "Verify" /* Verify */
+    );
+    if (secret instanceof Promise) {
+      secret.catch(() => {
+      });
+      this.logger.warn(
+        'For async version of "secretOrKeyProvider", please use "verifyAsync".'
+      );
+      throw new Error();
+    }
+    return jwt.verify(token, secret, verifyOptions);
+  }
+  verifyAsync(token, options = {}) {
+    const verifyOptions = this.mergeJwtOptions({ ...options }, "verifyOptions");
+    const secret = this.getSecretKey(
+      token,
+      options,
+      "publicKey",
+      "Verify" /* Verify */
+    );
+    return new Promise(
+      (resolve, reject) => Promise.resolve().then(() => secret).then((scrt) => {
+        jwt.verify(
+          token,
+          scrt,
+          verifyOptions,
+          (err, decoded) => err ? reject(err) : resolve(decoded)
+        );
+      }).catch(reject)
+    );
+  }
+  decode(token, options) {
+    return jwt.decode(token, options);
+  }
+  mergeJwtOptions(options, key) {
+    delete options.secret;
+    if (key === "signOptions") {
+      delete options.privateKey;
+    } else {
+      delete options.publicKey;
+    }
+    return options ? {
+      ...this.options[key] || {},
+      ...options
+    } : (
+      // @ts-expect-error We check it
+      this.options[key]
+    );
+  }
+  overrideSecretFromOptions(secret) {
+    return secret;
+  }
+  getSecretKey(token, options, key, secretRequestType) {
+    const secret = this.options.secretOrKeyProvider ? this.options.secretOrKeyProvider(secretRequestType, token, options) : (options == null ? void 0 : options.secret) || this.options.secret || (key === "privateKey" ? (options == null ? void 0 : options.privateKey) || this.options.privateKey : (options == null ? void 0 : options.publicKey) || this.options.publicKey) || this.options[key];
+    return secret;
+  }
+};
+_init = __decoratorStart(null);
+_JwtService = __decorateElement(_init, 0, "JwtService", _JwtService_decorators, _JwtService);
+__runInitializers(_init, 1, _JwtService);
+var JwtService = _JwtService;
+// packages/jwt/src/jwt-service.provider.mts
+var import_core2 = require("@navios/core");
+var JwtServiceToken = import_core2.InjectionToken.create(
+  JwtService,
+  JwtServiceOptionsSchema
+);
+var _JwtServiceFactory_decorators, _init2;
+_JwtServiceFactory_decorators = [(0, import_core2.Injectable)({
+  token: JwtServiceToken,
+  type: import_core2.InjectableType.Factory
+})];
+var JwtServiceFactory = class {
+  create(ctx, args) {
+    return (0, import_core2.resolveService)(ctx, JwtService, [args]);
+  }
+};
+_init2 = __decoratorStart(null);
+JwtServiceFactory = __decorateElement(_init2, 0, "JwtServiceFactory", _JwtServiceFactory_decorators, JwtServiceFactory);
+__runInitializers(_init2, 1, JwtServiceFactory);
+function provideJwtService(config) {
+  if (typeof config === "function") {
+    return import_core2.InjectionToken.factory(JwtServiceToken, config);
+  }
+  return import_core2.InjectionToken.bound(JwtServiceToken, config);
+}
+// packages/jwt/src/index.mts
+var import_jsonwebtoken = require("jsonwebtoken");
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  AlgorithmType,
+  JsonWebTokenError,
+  JwtHeaderSchema,
+  JwtService,
+  JwtServiceFactory,
+  JwtServiceOptionsSchema,
+  JwtServiceToken,
+  NotBeforeError,
+  RequestType,
+  SecretSchema,
+  SignOptionsSchema,
+  TokenExpiredError,
+  VerifyOptionsSchema,
+  provideJwtService
+});
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../../../packages/jwt/src/index.mts","../../../../packages/jwt/src/options/jwt-service.options.mts","../../../../packages/jwt/src/jwt.service.mts","../../../../packages/jwt/src/jwt-service.provider.mts"],"sourcesContent":["export * from './options/jwt-service.options.mjs'\nexport * from './jwt.service.mjs'\nexport * from './jwt-service.provider.mjs'\nexport {\n TokenExpiredError,\n NotBeforeError,\n JsonWebTokenError,\n} from 'jsonwebtoken'\n","import type { Secret as JwtSecret } from 'jsonwebtoken'\n\nimport { z } from 'zod'\n\nexport enum RequestType {\n Sign = 'Sign',\n Verify = 'Verify',\n}\n\nexport const AlgorithmType = z.enum([\n 'HS256',\n 'HS384',\n 'HS512',\n 'RS256',\n 'RS384',\n 'RS512',\n 'ES256',\n 'ES384',\n 'ES512',\n 'PS256',\n 'PS384',\n 'PS512',\n 'none',\n])\n\nexport const JwtHeaderSchema = z.object({\n alg: AlgorithmType.or(z.string()),\n typ: z.string().optional(),\n cty: z.string().optional(),\n crit: z.string().array().optional(),\n kid: z.string().optional(),\n jku: z.string().optional(),\n x5u: z.union([z.string(), z.array(z.string())]).optional(),\n 'x5t#S256': z.string().optional(),\n x5t: z.string().optional(),\n x5c: z.union([z.string(), z.array(z.string())]).optional(),\n})\n\nexport type JwtHeader = z.infer<typeof JwtHeaderSchema>\n\nexport const SignOptionsSchema = z.object({\n algorithm: AlgorithmType.optional(),\n keyid: z.string().optional(),\n expiresIn: z.union([z.string(), z.number()]).optional(),\n notBefore: z.union([z.string(), z.number()]).optional(),\n audience: z.union([z.string(), z.string().array()]).optional(),\n subject: z.string().optional(),\n issuer: z.string().optional(),\n jwtid: z.string().optional(),\n mutatePayload: z.boolean().optional(),\n noTimestamp: z.boolean().optional(),\n header: JwtHeaderSchema.optional(),\n encoding: z.string().optional(),\n allowInsecureKeySizes: z.boolean().optional(),\n allowInvalidAsymmetricKeyTypes: z.boolean().optional(),\n})\n\nexport type SignOptions = z.infer<typeof SignOptionsSchema>\n\nexport const VerifyOptionsSchema = z.object({\n algorithms: AlgorithmType.array().optional(),\n audience: z\n .union([z.string(), z.instanceof(RegExp), z.string().array()])\n .optional(),\n clockTimestamp: z.number().optional(),\n clockTolerance: z.number().optional(),\n complete: z.boolean().optional(),\n issuer: z.union([z.string(), z.string().array()]).optional(),\n ignoreExpiration: z.boolean().optional(),\n ignoreNotBefore: z.boolean().optional(),\n jwtid: z.string().optional(),\n nonce: z.string().optional(),\n subject: z.string().optional(),\n maxAge: z.union([z.string(), z.number()]).optional(),\n allowInvalidAsymmetricKeyTypes: z.boolean().optional(),\n})\n\nexport type VerifyOptions = z.infer<typeof VerifyOptionsSchema>\n\nexport const SecretSchema = z.union([\n z.string(),\n z.instanceof(Buffer),\n z\n .object({\n type: z.string(),\n })\n .passthrough(),\n z.object({\n key: z.union([z.string(), z.instanceof(Buffer)]),\n passphrase: z.string(),\n }),\n])\n\nexport type Secret = z.infer<typeof SecretSchema>\n\nexport const JwtServiceOptionsSchema = z.object({\n signOptions: SignOptionsSchema.optional(),\n secret: z.string().optional(),\n publicKey: z.union([z.string(), z.instanceof(Buffer)]).optional(),\n privateKey: SecretSchema.optional(),\n verifyOptions: VerifyOptionsSchema.optional(),\n secretOrKeyProvider: z\n .function()\n .args(\n z.nativeEnum(RequestType),\n z.any(),\n z.union([SignOptionsSchema, VerifyOptionsSchema]).optional(),\n )\n .returns(z.union([SecretSchema, z.promise(SecretSchema)]))\n .optional(),\n})\n\nexport type JwtServiceOptions = z.infer<typeof JwtServiceOptionsSchema>\n\nexport interface JwtSignOptions extends SignOptions {\n secret?: string | Buffer\n privateKey?: Secret\n}\n\nexport interface JwtVerifyOptions extends VerifyOptions {\n secret?: string | Buffer\n publicKey?: string | Buffer\n}\n\nexport type GetSecretKeyResult = string | Buffer | JwtSecret\n","import { Injectable, Logger, syncInject } from '@navios/core'\n\nimport * as jwt from 'jsonwebtoken'\n\nimport type {\n GetSecretKeyResult,\n JwtServiceOptions,\n JwtSignOptions,\n JwtVerifyOptions,\n SignOptions,\n VerifyOptions,\n} from './options/jwt-service.options.mjs'\n\nimport { RequestType } from './options/jwt-service.options.mjs'\n\n@Injectable()\nexport class JwtService {\n logger = syncInject(Logger, {\n context: JwtService.name,\n })\n\n constructor(private readonly options: JwtServiceOptions = {}) {}\n\n sign(\n payload: string,\n options?: Omit<JwtSignOptions, keyof SignOptions>,\n ): string\n sign(payload: Buffer | object, options?: JwtSignOptions): string\n sign(\n payload: string | Buffer | object,\n options: JwtSignOptions = {},\n ): string {\n const signOptions = this.mergeJwtOptions(\n { ...options },\n 'signOptions',\n ) as jwt.SignOptions\n const secret = this.getSecretKey(\n payload,\n options,\n 'privateKey',\n RequestType.Sign,\n )\n\n if (secret instanceof Promise) {\n secret.catch(() => {}) // suppress rejection from async provider\n this.logger.warn(\n 'For async version of \"secretOrKeyProvider\", please use \"signAsync\".',\n )\n throw new Error()\n }\n\n const allowedSignOptKeys = ['secret', 'privateKey']\n const signOptKeys = Object.keys(signOptions)\n if (\n typeof payload === 'string' &&\n signOptKeys.some((k) => !allowedSignOptKeys.includes(k))\n ) {\n throw new Error(\n 'Payload as string is not allowed with the following sign options: ' +\n signOptKeys.join(', '),\n )\n }\n\n return jwt.sign(payload, secret, signOptions)\n }\n\n signAsync(\n payload: string,\n options?: Omit<JwtSignOptions, keyof jwt.SignOptions>,\n ): Promise<string>\n signAsync(payload: Buffer | object, options?: JwtSignOptions): Promise<string>\n signAsync(\n payload: string | Buffer | object,\n options: JwtSignOptions = {},\n ): Promise<string> {\n const signOptions = this.mergeJwtOptions(\n { ...options },\n 'signOptions',\n ) as jwt.SignOptions\n const secret = this.getSecretKey(\n payload,\n options,\n 'privateKey',\n RequestType.Sign,\n )\n\n const allowedSignOptKeys = ['secret', 'privateKey']\n const signOptKeys = Object.keys(signOptions)\n if (\n typeof payload === 'string' &&\n signOptKeys.some((k) => !allowedSignOptKeys.includes(k))\n ) {\n throw new Error(\n 'Payload as string is not allowed with the following sign options: ' +\n signOptKeys.join(', '),\n )\n }\n\n return new Promise((resolve, reject) =>\n Promise.resolve()\n .then(() => secret)\n .then((scrt: GetSecretKeyResult) => {\n jwt.sign(payload, scrt, signOptions, (err, encoded) =>\n err ? reject(err) : resolve(encoded as string),\n )\n }),\n )\n }\n\n verify<T extends object = any>(\n token: string,\n options: JwtVerifyOptions = {},\n ): T {\n const verifyOptions = this.mergeJwtOptions({ ...options }, 'verifyOptions')\n const secret = this.getSecretKey(\n token,\n options,\n 'publicKey',\n RequestType.Verify,\n )\n\n if (secret instanceof Promise) {\n secret.catch(() => {}) // suppress rejection from async provider\n this.logger.warn(\n 'For async version of \"secretOrKeyProvider\", please use \"verifyAsync\".',\n )\n throw new Error()\n }\n\n return jwt.verify(token, secret, verifyOptions) as unknown as T\n }\n\n verifyAsync<T extends object = any>(\n token: string,\n options: JwtVerifyOptions = {},\n ): Promise<T> {\n const verifyOptions = this.mergeJwtOptions({ ...options }, 'verifyOptions')\n const secret = this.getSecretKey(\n token,\n options,\n 'publicKey',\n RequestType.Verify,\n )\n\n return new Promise((resolve, reject) =>\n Promise.resolve()\n .then(() => secret)\n .then((scrt: GetSecretKeyResult) => {\n jwt.verify(token, scrt, verifyOptions, (err, decoded) =>\n err ? reject(err) : resolve(decoded as T),\n )\n })\n .catch(reject),\n )\n }\n\n decode<T = any>(token: string, options?: jwt.DecodeOptions): T {\n return jwt.decode(token, options) as T\n }\n\n private mergeJwtOptions(\n options: JwtVerifyOptions | JwtSignOptions,\n key: 'verifyOptions' | 'signOptions',\n ): VerifyOptions | SignOptions {\n delete options.secret\n if (key === 'signOptions') {\n delete (options as JwtSignOptions).privateKey\n } else {\n delete (options as JwtVerifyOptions).publicKey\n }\n return options\n ? {\n ...(this.options[key] || {}),\n ...options,\n }\n : // @ts-expect-error We check it\n this.options[key]\n }\n\n private overrideSecretFromOptions(secret: GetSecretKeyResult) {\n return secret\n }\n\n private getSecretKey(\n token: string | object | Buffer,\n options: JwtVerifyOptions | JwtSignOptions,\n key: 'publicKey' | 'privateKey',\n secretRequestType: RequestType,\n ): GetSecretKeyResult | Promise<GetSecretKeyResult> {\n const secret = this.options.secretOrKeyProvider\n ? this.options.secretOrKeyProvider(secretRequestType, token, options)\n : options?.secret ||\n this.options.secret ||\n (key === 'privateKey'\n ? (options as JwtSignOptions)?.privateKey || this.options.privateKey\n : (options as JwtVerifyOptions)?.publicKey ||\n this.options.publicKey) ||\n this.options[key]\n\n return secret as GetSecretKeyResult\n }\n}\n","import type { ServiceLocatorAbstractFactoryContext } from '@navios/core'\n\nimport {\n Injectable,\n InjectableType,\n InjectionToken,\n resolveService,\n} from '@navios/core'\n\nimport type { JwtServiceOptions } from './options/jwt-service.options.mjs'\n\nimport { JwtService } from './jwt.service.mjs'\nimport { JwtServiceOptionsSchema } from './options/jwt-service.options.mjs'\n\nexport const JwtServiceToken = InjectionToken.create(\n JwtService,\n JwtServiceOptionsSchema,\n)\n\n@Injectable({\n token: JwtServiceToken,\n type: InjectableType.Factory,\n})\nexport class JwtServiceFactory {\n create(ctx: ServiceLocatorAbstractFactoryContext, args: JwtServiceOptions) {\n return resolveService(ctx, JwtService, [args])\n }\n}\n\nexport function provideJwtService(\n config: JwtServiceOptions | (() => Promise<JwtServiceOptions>),\n): InjectionToken<JwtService, undefined> {\n if (typeof config === 'function') {\n return InjectionToken.factory(JwtServiceToken, config)\n }\n return InjectionToken.bound(JwtServiceToken, config)\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACEA,iBAAkB;AAEX,IAAK,cAAL,kBAAKA,iBAAL;AACL,EAAAA,aAAA,UAAO;AACP,EAAAA,aAAA,YAAS;AAFC,SAAAA;AAAA,GAAA;AAKL,IAAM,gBAAgB,aAAE,KAAK;AAAA,EAClC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAEM,IAAM,kBAAkB,aAAE,OAAO;AAAA,EACtC,KAAK,cAAc,GAAG,aAAE,OAAO,CAAC;AAAA,EAChC,KAAK,aAAE,OAAO,EAAE,SAAS;AAAA,EACzB,KAAK,aAAE,OAAO,EAAE,SAAS;AAAA,EACzB,MAAM,aAAE,OAAO,EAAE,MAAM,EAAE,SAAS;AAAA,EAClC,KAAK,aAAE,OAAO,EAAE,SAAS;AAAA,EACzB,KAAK,aAAE,OAAO,EAAE,SAAS;AAAA,EACzB,KAAK,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,MAAM,aAAE,OAAO,CAAC,CAAC,CAAC,EAAE,SAAS;AAAA,EACzD,YAAY,aAAE,OAAO,EAAE,SAAS;AAAA,EAChC,KAAK,aAAE,OAAO,EAAE,SAAS;AAAA,EACzB,KAAK,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,MAAM,aAAE,OAAO,CAAC,CAAC,CAAC,EAAE,SAAS;AAC3D,CAAC;AAIM,IAAM,oBAAoB,aAAE,OAAO;AAAA,EACxC,WAAW,cAAc,SAAS;AAAA,EAClC,OAAO,aAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,WAAW,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,OAAO,CAAC,CAAC,EAAE,SAAS;AAAA,EACtD,WAAW,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,OAAO,CAAC,CAAC,EAAE,SAAS;AAAA,EACtD,UAAU,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,OAAO,EAAE,MAAM,CAAC,CAAC,EAAE,SAAS;AAAA,EAC7D,SAAS,aAAE,OAAO,EAAE,SAAS;AAAA,EAC7B,QAAQ,aAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,OAAO,aAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,eAAe,aAAE,QAAQ,EAAE,SAAS;AAAA,EACpC,aAAa,aAAE,QAAQ,EAAE,SAAS;AAAA,EAClC,QAAQ,gBAAgB,SAAS;AAAA,EACjC,UAAU,aAAE,OAAO,EAAE,SAAS;AAAA,EAC9B,uBAAuB,aAAE,QAAQ,EAAE,SAAS;AAAA,EAC5C,gCAAgC,aAAE,QAAQ,EAAE,SAAS;AACvD,CAAC;AAIM,IAAM,sBAAsB,aAAE,OAAO;AAAA,EAC1C,YAAY,cAAc,MAAM,EAAE,SAAS;AAAA,EAC3C,UAAU,aACP,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,WAAW,MAAM,GAAG,aAAE,OAAO,EAAE,MAAM,CAAC,CAAC,EAC5D,SAAS;AAAA,EACZ,gBAAgB,aAAE,OAAO,EAAE,SAAS;AAAA,EACpC,gBAAgB,aAAE,OAAO,EAAE,SAAS;AAAA,EACpC,UAAU,aAAE,QAAQ,EAAE,SAAS;AAAA,EAC/B,QAAQ,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,OAAO,EAAE,MAAM,CAAC,CAAC,EAAE,SAAS;AAAA,EAC3D,kBAAkB,aAAE,QAAQ,EAAE,SAAS;AAAA,EACvC,iBAAiB,aAAE,QAAQ,EAAE,SAAS;AAAA,EACtC,OAAO,aAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,OAAO,aAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,SAAS,aAAE,OAAO,EAAE,SAAS;AAAA,EAC7B,QAAQ,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,OAAO,CAAC,CAAC,EAAE,SAAS;AAAA,EACnD,gCAAgC,aAAE,QAAQ,EAAE,SAAS;AACvD,CAAC;AAIM,IAAM,eAAe,aAAE,MAAM;AAAA,EAClC,aAAE,OAAO;AAAA,EACT,aAAE,WAAW,MAAM;AAAA,EACnB,aACG,OAAO;AAAA,IACN,MAAM,aAAE,OAAO;AAAA,EACjB,CAAC,EACA,YAAY;AAAA,EACf,aAAE,OAAO;AAAA,IACP,KAAK,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,WAAW,MAAM,CAAC,CAAC;AAAA,IAC/C,YAAY,aAAE,OAAO;AAAA,EACvB,CAAC;AACH,CAAC;AAIM,IAAM,0BAA0B,aAAE,OAAO;AAAA,EAC9C,aAAa,kBAAkB,SAAS;AAAA,EACxC,QAAQ,aAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,WAAW,aAAE,MAAM,CAAC,aAAE,OAAO,GAAG,aAAE,WAAW,MAAM,CAAC,CAAC,EAAE,SAAS;AAAA,EAChE,YAAY,aAAa,SAAS;AAAA,EAClC,eAAe,oBAAoB,SAAS;AAAA,EAC5C,qBAAqB,aAClB,SAAS,EACT;AAAA,IACC,aAAE,WAAW,WAAW;AAAA,IACxB,aAAE,IAAI;AAAA,IACN,aAAE,MAAM,CAAC,mBAAmB,mBAAmB,CAAC,EAAE,SAAS;AAAA,EAC7D,EACC,QAAQ,aAAE,MAAM,CAAC,cAAc,aAAE,QAAQ,YAAY,CAAC,CAAC,CAAC,EACxD,SAAS;AACd,CAAC;;;AC9GD,kBAA+C;AAE/C,UAAqB;AAFrB;AAeA,8BAAC,wBAAW;AACL,IAAM,cAAN,MAAM,YAAW;AAAA,EAKtB,YAA6B,UAA6B,CAAC,GAAG;AAAjC;AAAA,EAAkC;AAAA,EAJ/D,aAAS,wBAAW,oBAAQ;AAAA,IAC1B,SAAS,YAAW;AAAA,EACtB,CAAC;AAAA,EASD,KACE,SACA,UAA0B,CAAC,GACnB;AACR,UAAM,cAAc,KAAK;AAAA,MACvB,EAAE,GAAG,QAAQ;AAAA,MACb;AAAA,IACF;AACA,UAAM,SAAS,KAAK;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA;AAAA,IAEF;AAEA,QAAI,kBAAkB,SAAS;AAC7B,aAAO,MAAM,MAAM;AAAA,MAAC,CAAC;AACrB,WAAK,OAAO;AAAA,QACV;AAAA,MACF;AACA,YAAM,IAAI,MAAM;AAAA,IAClB;AAEA,UAAM,qBAAqB,CAAC,UAAU,YAAY;AAClD,UAAM,cAAc,OAAO,KAAK,WAAW;AAC3C,QACE,OAAO,YAAY,YACnB,YAAY,KAAK,CAAC,MAAM,CAAC,mBAAmB,SAAS,CAAC,CAAC,GACvD;AACA,YAAM,IAAI;AAAA,QACR,uEACE,YAAY,KAAK,IAAI;AAAA,MACzB;AAAA,IACF;AAEA,WAAW,SAAK,SAAS,QAAQ,WAAW;AAAA,EAC9C;AAAA,EAOA,UACE,SACA,UAA0B,CAAC,GACV;AACjB,UAAM,cAAc,KAAK;AAAA,MACvB,EAAE,GAAG,QAAQ;AAAA,MACb;AAAA,IACF;AACA,UAAM,SAAS,KAAK;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA;AAAA,IAEF;AAEA,UAAM,qBAAqB,CAAC,UAAU,YAAY;AAClD,UAAM,cAAc,OAAO,KAAK,WAAW;AAC3C,QACE,OAAO,YAAY,YACnB,YAAY,KAAK,CAAC,MAAM,CAAC,mBAAmB,SAAS,CAAC,CAAC,GACvD;AACA,YAAM,IAAI;AAAA,QACR,uEACE,YAAY,KAAK,IAAI;AAAA,MACzB;AAAA,IACF;AAEA,WAAO,IAAI;AAAA,MAAQ,CAAC,SAAS,WAC3B,QAAQ,QAAQ,EACb,KAAK,MAAM,MAAM,EACjB,KAAK,CAAC,SAA6B;AAClC,QAAI;AAAA,UAAK;AAAA,UAAS;AAAA,UAAM;AAAA,UAAa,CAAC,KAAK,YACzC,MAAM,OAAO,GAAG,IAAI,QAAQ,OAAiB;AAAA,QAC/C;AAAA,MACF,CAAC;AAAA,IACL;AAAA,EACF;AAAA,EAEA,OACE,OACA,UAA4B,CAAC,GAC1B;AACH,UAAM,gBAAgB,KAAK,gBAAgB,EAAE,GAAG,QAAQ,GAAG,eAAe;AAC1E,UAAM,SAAS,KAAK;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA;AAAA,IAEF;AAEA,QAAI,kBAAkB,SAAS;AAC7B,aAAO,MAAM,MAAM;AAAA,MAAC,CAAC;AACrB,WAAK,OAAO;AAAA,QACV;AAAA,MACF;AACA,YAAM,IAAI,MAAM;AAAA,IAClB;AAEA,WAAW,WAAO,OAAO,QAAQ,aAAa;AAAA,EAChD;AAAA,EAEA,YACE,OACA,UAA4B,CAAC,GACjB;AACZ,UAAM,gBAAgB,KAAK,gBAAgB,EAAE,GAAG,QAAQ,GAAG,eAAe;AAC1E,UAAM,SAAS,KAAK;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA;AAAA,IAEF;AAEA,WAAO,IAAI;AAAA,MAAQ,CAAC,SAAS,WAC3B,QAAQ,QAAQ,EACb,KAAK,MAAM,MAAM,EACjB,KAAK,CAAC,SAA6B;AAClC,QAAI;AAAA,UAAO;AAAA,UAAO;AAAA,UAAM;AAAA,UAAe,CAAC,KAAK,YAC3C,MAAM,OAAO,GAAG,IAAI,QAAQ,OAAY;AAAA,QAC1C;AAAA,MACF,CAAC,EACA,MAAM,MAAM;AAAA,IACjB;AAAA,EACF;AAAA,EAEA,OAAgB,OAAe,SAAgC;AAC7D,WAAW,WAAO,OAAO,OAAO;AAAA,EAClC;AAAA,EAEQ,gBACN,SACA,KAC6B;AAC7B,WAAO,QAAQ;AACf,QAAI,QAAQ,eAAe;AACzB,aAAQ,QAA2B;AAAA,IACrC,OAAO;AACL,aAAQ,QAA6B;AAAA,IACvC;AACA,WAAO,UACH;AAAA,MACE,GAAI,KAAK,QAAQ,GAAG,KAAK,CAAC;AAAA,MAC1B,GAAG;AAAA,IACL;AAAA;AAAA,MAEA,KAAK,QAAQ,GAAG;AAAA;AAAA,EACtB;AAAA,EAEQ,0BAA0B,QAA4B;AAC5D,WAAO;AAAA,EACT;AAAA,EAEQ,aACN,OACA,SACA,KACA,mBACkD;AAClD,UAAM,SAAS,KAAK,QAAQ,sBACxB,KAAK,QAAQ,oBAAoB,mBAAmB,OAAO,OAAO,KAClE,mCAAS,WACT,KAAK,QAAQ,WACZ,QAAQ,gBACJ,mCAA4B,eAAc,KAAK,QAAQ,cACvD,mCAA8B,cAC/B,KAAK,QAAQ,cACjB,KAAK,QAAQ,GAAG;AAEpB,WAAO;AAAA,EACT;AACF;AAzLO;AAAM,cAAN,0CADP,wBACa;AAAN,4BAAM;AAAN,IAAM,aAAN;;;ACdP,IAAAC,eAKO;AAOA,IAAM,kBAAkB,4BAAe;AAAA,EAC5C;AAAA,EACA;AACF;AAjBA,mCAAAC;AAmBA,qCAAC,yBAAW;AAAA,EACV,OAAO;AAAA,EACP,MAAM,4BAAe;AACvB,CAAC;AACM,IAAM,oBAAN,MAAwB;AAAA,EAC7B,OAAO,KAA2C,MAAyB;AACzE,eAAO,6BAAe,KAAK,YAAY,CAAC,IAAI,CAAC;AAAA,EAC/C;AACF;AAJOA,SAAA;AAAM,oBAAN,kBAAAA,QAAA,wBAJP,+BAIa;AAAN,kBAAAA,QAAA,GAAM;AAMN,SAAS,kBACd,QACuC;AACvC,MAAI,OAAO,WAAW,YAAY;AAChC,WAAO,4BAAe,QAAQ,iBAAiB,MAAM;AAAA,EACvD;AACA,SAAO,4BAAe,MAAM,iBAAiB,MAAM;AACrD;;;AHjCA,0BAIO;","names":["RequestType","import_core","_init"]}