@navios/jwt 0.5.0 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +24 -0
- package/README.md +211 -34
- package/dist/src/index.d.mts +51 -0
- package/dist/src/index.d.mts.map +1 -1
- package/dist/src/jwt-service.provider.d.mts +50 -0
- package/dist/src/jwt-service.provider.d.mts.map +1 -1
- package/dist/src/jwt.service.d.mts +170 -0
- package/dist/src/jwt.service.d.mts.map +1 -1
- package/dist/src/options/jwt-service.options.d.mts +106 -0
- package/dist/src/options/jwt-service.options.d.mts.map +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/lib/index.cjs +668 -0
- package/lib/index.cjs.map +1 -0
- package/lib/index.d.cts +936 -0
- package/lib/index.d.cts.map +1 -0
- package/lib/index.d.mts +936 -21
- package/lib/index.d.mts.map +1 -0
- package/lib/index.mjs +610 -270
- package/lib/index.mjs.map +1 -1
- package/package.json +5 -5
- package/project.json +2 -2
- package/src/index.mts +54 -0
- package/src/jwt-service.provider.mts +50 -0
- package/src/jwt.service.mts +170 -0
- package/src/options/jwt-service.options.mts +106 -0
- package/tsdown.config.mts +33 -0
- package/lib/_tsup-dts-rollup.d.mts +0 -624
- package/lib/_tsup-dts-rollup.d.ts +0 -624
- package/lib/index.d.ts +0 -21
- package/lib/index.js +0 -301
- package/lib/index.js.map +0 -1
- package/tsup.config.mts +0 -12
|
@@ -2,11 +2,24 @@ import type { Secret as JwtSecret } from 'jsonwebtoken'
|
|
|
2
2
|
|
|
3
3
|
import { z } from 'zod/v4'
|
|
4
4
|
|
|
5
|
+
/**
|
|
6
|
+
* Request type for secret or key provider functions.
|
|
7
|
+
*
|
|
8
|
+
* Used to distinguish between signing and verification operations when
|
|
9
|
+
* dynamically resolving secrets or keys.
|
|
10
|
+
*/
|
|
5
11
|
export enum RequestType {
|
|
12
|
+
/** Request is for signing a token */
|
|
6
13
|
Sign = 'Sign',
|
|
14
|
+
/** Request is for verifying a token */
|
|
7
15
|
Verify = 'Verify',
|
|
8
16
|
}
|
|
9
17
|
|
|
18
|
+
/**
|
|
19
|
+
* Supported JWT algorithms.
|
|
20
|
+
*
|
|
21
|
+
* Includes symmetric (HMAC) and asymmetric (RSA, ECDSA, EdDSA) algorithms.
|
|
22
|
+
*/
|
|
10
23
|
export const AlgorithmType = z.enum([
|
|
11
24
|
'HS256',
|
|
12
25
|
'HS384',
|
|
@@ -23,6 +36,11 @@ export const AlgorithmType = z.enum([
|
|
|
23
36
|
'none',
|
|
24
37
|
])
|
|
25
38
|
|
|
39
|
+
/**
|
|
40
|
+
* JWT header schema.
|
|
41
|
+
*
|
|
42
|
+
* Defines the structure of the JWT header with standard claims.
|
|
43
|
+
*/
|
|
26
44
|
export const JwtHeaderSchema = z.object({
|
|
27
45
|
alg: AlgorithmType.or(z.string()),
|
|
28
46
|
typ: z.string().optional(),
|
|
@@ -36,8 +54,19 @@ export const JwtHeaderSchema = z.object({
|
|
|
36
54
|
x5c: z.union([z.string(), z.array(z.string())]).optional(),
|
|
37
55
|
})
|
|
38
56
|
|
|
57
|
+
/**
|
|
58
|
+
* JWT header type.
|
|
59
|
+
*
|
|
60
|
+
* Contains algorithm, type, and optional header claims.
|
|
61
|
+
*/
|
|
39
62
|
export type JwtHeader = z.infer<typeof JwtHeaderSchema>
|
|
40
63
|
|
|
64
|
+
/**
|
|
65
|
+
* Schema for JWT signing options.
|
|
66
|
+
*
|
|
67
|
+
* Defines all available options for signing tokens including algorithm,
|
|
68
|
+
* expiration, audience, issuer, and other standard JWT claims.
|
|
69
|
+
*/
|
|
41
70
|
export const SignOptionsSchema = z.object({
|
|
42
71
|
algorithm: AlgorithmType.optional(),
|
|
43
72
|
keyid: z.string().optional(),
|
|
@@ -61,8 +90,19 @@ export const SignOptionsSchema = z.object({
|
|
|
61
90
|
allowInvalidAsymmetricKeyTypes: z.boolean().optional(),
|
|
62
91
|
})
|
|
63
92
|
|
|
93
|
+
/**
|
|
94
|
+
* Options for signing JWT tokens.
|
|
95
|
+
*
|
|
96
|
+
* @see SignOptionsSchema for the complete schema definition
|
|
97
|
+
*/
|
|
64
98
|
export type SignOptions = z.infer<typeof SignOptionsSchema>
|
|
65
99
|
|
|
100
|
+
/**
|
|
101
|
+
* Schema for JWT verification options.
|
|
102
|
+
*
|
|
103
|
+
* Defines all available options for verifying tokens including allowed
|
|
104
|
+
* algorithms, audience, issuer, expiration handling, and other validation rules.
|
|
105
|
+
*/
|
|
66
106
|
export const VerifyOptionsSchema = z.object({
|
|
67
107
|
algorithms: AlgorithmType.array().optional(),
|
|
68
108
|
audience: z
|
|
@@ -85,8 +125,18 @@ export const VerifyOptionsSchema = z.object({
|
|
|
85
125
|
allowInvalidAsymmetricKeyTypes: z.boolean().optional(),
|
|
86
126
|
})
|
|
87
127
|
|
|
128
|
+
/**
|
|
129
|
+
* Options for verifying JWT tokens.
|
|
130
|
+
*
|
|
131
|
+
* @see VerifyOptionsSchema for the complete schema definition
|
|
132
|
+
*/
|
|
88
133
|
export type VerifyOptions = z.infer<typeof VerifyOptionsSchema>
|
|
89
134
|
|
|
135
|
+
/**
|
|
136
|
+
* Schema for JWT secret/key types.
|
|
137
|
+
*
|
|
138
|
+
* Supports string secrets, Buffer objects, and key objects with passphrases.
|
|
139
|
+
*/
|
|
90
140
|
export const SecretSchema = z.union([
|
|
91
141
|
z.string(),
|
|
92
142
|
z.instanceof(Buffer),
|
|
@@ -101,6 +151,11 @@ export const SecretSchema = z.union([
|
|
|
101
151
|
}),
|
|
102
152
|
])
|
|
103
153
|
|
|
154
|
+
/**
|
|
155
|
+
* Secret or key type for JWT operations.
|
|
156
|
+
*
|
|
157
|
+
* Can be a string, Buffer, or an object with key and optional passphrase.
|
|
158
|
+
*/
|
|
104
159
|
export type Secret = z.infer<typeof SecretSchema>
|
|
105
160
|
|
|
106
161
|
export const JwtServiceOptionsSchema = z.object({
|
|
@@ -121,16 +176,67 @@ export const JwtServiceOptionsSchema = z.object({
|
|
|
121
176
|
.optional(),
|
|
122
177
|
})
|
|
123
178
|
|
|
179
|
+
/**
|
|
180
|
+
* Configuration options for the JWT service.
|
|
181
|
+
*
|
|
182
|
+
* @property signOptions - Default options for signing tokens
|
|
183
|
+
* @property secret - Default secret for symmetric algorithms (HS256, HS384, HS512)
|
|
184
|
+
* @property publicKey - Default public key for asymmetric algorithms (RS256, ES256, etc.)
|
|
185
|
+
* @property privateKey - Default private key for asymmetric algorithms
|
|
186
|
+
* @property verifyOptions - Default options for verifying tokens
|
|
187
|
+
* @property secretOrKeyProvider - Optional function to dynamically resolve secrets/keys
|
|
188
|
+
*
|
|
189
|
+
* @example
|
|
190
|
+
* ```ts
|
|
191
|
+
* const options: JwtServiceOptions = {
|
|
192
|
+
* secret: 'your-secret-key',
|
|
193
|
+
* signOptions: {
|
|
194
|
+
* expiresIn: '1h',
|
|
195
|
+
* algorithm: 'HS256',
|
|
196
|
+
* },
|
|
197
|
+
* verifyOptions: {
|
|
198
|
+
* algorithms: ['HS256'],
|
|
199
|
+
* },
|
|
200
|
+
* }
|
|
201
|
+
* ```
|
|
202
|
+
*/
|
|
124
203
|
export type JwtServiceOptions = z.infer<typeof JwtServiceOptionsSchema>
|
|
125
204
|
|
|
205
|
+
/**
|
|
206
|
+
* Options for signing JWT tokens.
|
|
207
|
+
*
|
|
208
|
+
* Extends `SignOptions` with additional properties for specifying
|
|
209
|
+
* the secret or private key to use for signing.
|
|
210
|
+
*
|
|
211
|
+
* @property secret - Secret key for symmetric algorithms (overrides service default)
|
|
212
|
+
* @property privateKey - Private key for asymmetric algorithms (overrides service default)
|
|
213
|
+
*/
|
|
126
214
|
export interface JwtSignOptions extends SignOptions {
|
|
215
|
+
/** Secret key for symmetric algorithms */
|
|
127
216
|
secret?: string | Buffer
|
|
217
|
+
/** Private key for asymmetric algorithms */
|
|
128
218
|
privateKey?: Secret
|
|
129
219
|
}
|
|
130
220
|
|
|
221
|
+
/**
|
|
222
|
+
* Options for verifying JWT tokens.
|
|
223
|
+
*
|
|
224
|
+
* Extends `VerifyOptions` with additional properties for specifying
|
|
225
|
+
* the secret or public key to use for verification.
|
|
226
|
+
*
|
|
227
|
+
* @property secret - Secret key for symmetric algorithms (overrides service default)
|
|
228
|
+
* @property publicKey - Public key for asymmetric algorithms (overrides service default)
|
|
229
|
+
*/
|
|
131
230
|
export interface JwtVerifyOptions extends VerifyOptions {
|
|
231
|
+
/** Secret key for symmetric algorithms */
|
|
132
232
|
secret?: string | Buffer
|
|
233
|
+
/** Public key for asymmetric algorithms */
|
|
133
234
|
publicKey?: string | Buffer
|
|
134
235
|
}
|
|
135
236
|
|
|
237
|
+
/**
|
|
238
|
+
* Result type for secret/key resolution.
|
|
239
|
+
*
|
|
240
|
+
* Represents the possible return types from secret or key provider functions.
|
|
241
|
+
*/
|
|
136
242
|
export type GetSecretKeyResult = string | Buffer | JwtSecret
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
import { withFilter } from 'rolldown/filter'
|
|
2
|
+
import { defineConfig } from 'tsdown'
|
|
3
|
+
import swc from 'unplugin-swc'
|
|
4
|
+
|
|
5
|
+
export default defineConfig({
|
|
6
|
+
entry: ['src/index.mts'],
|
|
7
|
+
outDir: 'lib',
|
|
8
|
+
format: ['esm', 'cjs'],
|
|
9
|
+
clean: true,
|
|
10
|
+
treeshake: true,
|
|
11
|
+
sourcemap: true,
|
|
12
|
+
platform: 'node',
|
|
13
|
+
dts: true,
|
|
14
|
+
target: 'es2022',
|
|
15
|
+
plugins: [
|
|
16
|
+
withFilter(
|
|
17
|
+
swc.rolldown({
|
|
18
|
+
jsc: {
|
|
19
|
+
target: 'es2022',
|
|
20
|
+
parser: {
|
|
21
|
+
syntax: 'typescript',
|
|
22
|
+
decorators: true,
|
|
23
|
+
},
|
|
24
|
+
transform: {
|
|
25
|
+
decoratorVersion: '2022-03',
|
|
26
|
+
},
|
|
27
|
+
},
|
|
28
|
+
}),
|
|
29
|
+
// Only run this transform if the file contains a decorator.
|
|
30
|
+
{ transform: { code: '@' } },
|
|
31
|
+
),
|
|
32
|
+
],
|
|
33
|
+
})
|