@payello-module/jwt 0.1.4 → 0.1.6

package/dist/JWT.js

@@ -67,7 +67,9 @@ export class JWT {
         // Returns an object containing the extracted components of the JWT.
         return {
             header: header,
+            headerRaw: bits[0],
             payload: payload,
+            payloadRaw: bits[1],
             signature: bits[2]
         };
     }
@@ -86,14 +88,14 @@ export class JWT {
         }
         let verify = false;
         // Preparation of the data to verify the signature.
-        const data = `${btoa(JSON.stringify(extracted.header))}.${btoa(JSON.stringify(extracted.payload))}`;
+        const data = `${extracted.headerRaw}.${extracted.payloadRaw}`;
         // Verification of the signature based on the algorithm specified in the header.
         switch (extracted.header.alg) {
             case 'HS256':
-                verify = await HmacSha256.verify(data, extracted.signature, secretKey);
+                verify = extracted.signature === btoa(await HmacSha256.encrypt(data, secretKey)).replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '');
                 break;
             case 'HS512':
-                verify = await HmacSha512.verify(data, extracted.signature, secretKey);
+                verify = extracted.signature === btoa(await HmacSha512.encrypt(data, secretKey)).replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '');
                 break;
             default:
                 throw new JwtError(`Unsupported algorithm`);

package/dist/JwtExtract.d.ts

@@ -1,6 +1,8 @@
 import { JwtHeader } from "./JwtHeader";
 export interface JwtExtract {
     header: JwtHeader;
+    headerRaw: string;
     payload: any;
+    payloadRaw: string;
     signature: string;
 }

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@payello-module/jwt",
-    "version": "0.1.4",
+    "version": "0.1.6",
     "author": "Payello <devsupport@payello.com> (https://payello.com/)",
     "displayName": "@payello-module/jwt",
     "description": "JSON Web Token Module",