@payello-module/jwt 0.2.0 → 1.20240419.1635

package/package.json

@@ -1,29 +1,29 @@
 {
-    "name": "@payello-module/jwt",
-    "version": "0.2.0",
-    "author": "Payello <devsupport@payello.com> (https://payello.com/)",
-    "displayName": "@payello-module/jwt",
-    "description": "JSON Web Token Module",
-    "main": "dist/index.js",
-    "types": "dist/index.d.ts",
-    "scripts": {
-        "build": "tsc --build --clean && tsc",
-        "watch": "tsc --watch",
-        "prepare": "npm run build"
-    },
-    "devDependencies": {
-        "payellodev": "^0.20240413.1813",
-        "typescript": "^5.3.3"
-    },
-    "files": [
-        "dist/*"
-    ],
-    "license": "UNLICENSED",
-    "repository": {
-        "type": "git",
-        "url": "https://git.fuse.hk/payello/dev/payello-module/jwt"
-    },
-    "dependencies": {
-        "@payello-module/encryption": "^0.1.3"
-    }
-}
+  "name": "@payello-module/jwt",
+  "version": "1.20240419.1635",
+  "author": "Payello <devsupport@payello.com> (https://payello.com/)",
+  "displayName": "@payello-module/jwt",
+  "description": "JSON Web Token Module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "scripts": {
+    "build": "tsc --build --clean && tsc",
+    "watch": "tsc --watch",
+    "prepare": "npm run build"
+  },
+  "devDependencies": {
+    "payellodev": "^0.20240413.1813",
+    "typescript": "^5.3.3"
+  },
+  "files": [
+    "dist/*"
+  ],
+  "license": "UNLICENSED",
+  "repository": {
+    "type": "git",
+    "url": "https://git.fuse.hk/payello/dev/payello-module/jwt"
+  },
+  "dependencies": {
+    "@payello-module/encryption": "^0.1.3"
+  }
+}

package/dist/JWT.d.ts

@@ -1,32 +0,0 @@
-import { JwtSignOpts } from "./JwtSignOpts";
-import { JwtExtract } from "./JwtExtract";
-import { JwtExtractOpts } from "./JwtExtractOpts";
-/**
- * Class representing JSON Web Tokens (JWT) functionalities, including signing, extracting components,
- * and verifying the signature of the token.
- */
-export declare class JWT {
-    /**
-     * Signs the given payload and returns a JWT string.
-     * @param payload - The payload of the JWT which is the content that you want to protect.
-     * @param options - The options for signing the JWT, including the private key, public key, and algorithm.
-     * @returns A promise that resolves to the signed JWT string.
-     */
-    static sign(payload: any, options?: JwtSignOpts): Promise<string>;
-    /**
-     * Extracts and returns the header, payload, and signature components from a JWT string.
-     * @param input - The JWT string to be parsed.
-     * @param opts - Optional parameters, including the requirements for the presence of required properties in the payload.
-     * @returns A promise that resolves to an object containing the separated components of the JWT (header, payload, signature).
-     */
-    static extract(input: string, opts?: JwtExtractOpts): Promise<JwtExtract>;
-    /**
-     * Verifies the given JWT string using the secret key fetched by the given issuer.
-     * @param input - The JWT string to be verified.
-     * @param opts - An object containing a function getSecretKey to retrieve the secret key based on the issuer.
-     * @returns A promise that resolves to a boolean indicating whether the JWT has been verified successfully or not.
-     */
-    static verify(input: string, opts: {
-        getSecretKey(issuer: string): Promise<string>;
-    }): Promise<true>;
-}

package/dist/JWT.js

@@ -1,107 +0,0 @@
-import { HmacSha256, HmacSha512 } from "@payello-module/encryption";
-import { JwtError } from "./JwtError";
-/**
- * Class representing JSON Web Tokens (JWT) functionalities, including signing, extracting components,
- * and verifying the signature of the token.
- */
-export class JWT {
-    /**
-     * Signs the given payload and returns a JWT string.
-     * @param payload - The payload of the JWT which is the content that you want to protect.
-     * @param options - The options for signing the JWT, including the private key, public key, and algorithm.
-     * @returns A promise that resolves to the signed JWT string.
-     */
-    static async sign(payload, options = { privKey: '', pubKey: '', algorithm: 'HS512' }) {
-        const _header = {
-            typ: 'JWT',
-            alg: options.algorithm
-        };
-        // Create payload with unique identifier, issued-at time, and incorporate the public key if provided.
-        const _payload = {
-            jti: `jti_${Date.now().valueOf()}`,
-            iat: Math.floor(Date.now().valueOf() / 1000),
-            iss: options.pubKey,
-            ...payload
-        };
-        const _body = btoa(JSON.stringify(_header)) + "." + btoa(JSON.stringify(_payload));
-        let signature = "";
-        // Create signature based on selected algorithm.
-        switch (options.algorithm) {
-            case 'HS256':
-                signature = await HmacSha256.encrypt(_body, options.privKey);
-                break;
-            case 'HS512':
-                signature = await HmacSha512.encrypt(_body, options.privKey);
-                break;
-        }
-        // Returns the final JWT token as a concatenation of header, payload, and signature
-        return _body + "." + signature;
-    }
-    /**
-     * Extracts and returns the header, payload, and signature components from a JWT string.
-     * @param input - The JWT string to be parsed.
-     * @param opts - Optional parameters, including the requirements for the presence of required properties in the payload.
-     * @returns A promise that resolves to an object containing the separated components of the JWT (header, payload, signature).
-     */
-    static async extract(input, opts = {}) {
-        const bits = input.split(".");
-        // Ensures that the JWT string has three parts: header, payload, and signature.
-        if (bits.length !== 3) {
-            throw new JwtError(`Invalid number of parts in JWT string. Expected 3 but got ${bits.length}`);
-        }
-        const header = JSON.parse(bits[0]);
-        if (!header || !header.typ || header.typ !== "JWT") {
-            throw new JwtError("Header invalid or type is not JWT");
-        }
-        const payload = JSON.parse(bits[1]);
-        if (!payload || !payload.jti) {
-            throw new JwtError("Payload invalid or missing jti value");
-        }
-        // Validates the present of required properties in the payload.
-        const requiredProps = opts.requiredProps || ["jti", "iss", "iat"];
-        for (const prop in requiredProps) {
-            if (!payload[prop]) {
-                throw new JwtError(`Payload missing ${prop} value`);
-            }
-        }
-        // Returns an object containing the extracted components of the JWT.
-        return {
-            header: header,
-            payload: payload,
-            signature: bits[2]
-        };
-    }
-    /**
-     * Verifies the given JWT string using the secret key fetched by the given issuer.
-     * @param input - The JWT string to be verified.
-     * @param opts - An object containing a function getSecretKey to retrieve the secret key based on the issuer.
-     * @returns A promise that resolves to a boolean indicating whether the JWT has been verified successfully or not.
-     */
-    static async verify(input, opts) {
-        const extracted = await this.extract(input);
-        // Fetches the secret key based on the issuer in the payload.
-        const secretKey = await opts.getSecretKey(extracted.payload.jti);
-        if (!secretKey) {
-            throw new JwtError(`Public key not found`);
-        }
-        let verify = false;
-        // Preparation of the data to verify the signature.
-        const data = `${btoa(JSON.stringify(extracted.header))}.${btoa(JSON.stringify(extracted.payload))}`;
-        // Verification of the signature based on the algorithm specified in the header.
-        switch (extracted.header.alg) {
-            case 'HS256':
-                verify = await HmacSha256.verify(data, extracted.signature, secretKey);
-                break;
-            case 'HS512':
-                verify = await HmacSha512.verify(data, extracted.signature, secretKey);
-                break;
-            default:
-                throw new JwtError(`Unsupported algorithm`);
-        }
-        if (!verify) {
-            throw new JwtError(`Signature not verified`);
-        }
-        // Returns the result of the verification process.
-        return verify;
-    }
-}

package/dist/JwtError.d.ts

@@ -1,4 +0,0 @@
-export declare class JwtError extends Error {
-    type: "@payello/module-jwt#JwtError";
-    constructor(message: string, options?: ErrorOptions);
-}

package/dist/JwtError.js

@@ -1,6 +0,0 @@
-export class JwtError extends Error {
-    type = "@payello/module-jwt#JwtError";
-    constructor(message, options) {
-        super(message, options);
-    }
-}

package/dist/JwtExtract.d.ts

@@ -1,6 +0,0 @@
-import { JwtHeader } from "./JwtHeader";
-export interface JwtExtract {
-    header: JwtHeader;
-    payload: any;
-    signature: string;
-}

package/dist/JwtExtract.js

@@ -1 +0,0 @@
-export {};

package/dist/JwtExtractOpts.d.ts

@@ -1,3 +0,0 @@
-export interface JwtExtractOpts {
-    requiredProps?: string[];
-}

package/dist/JwtExtractOpts.js

@@ -1 +0,0 @@
-export {};

package/dist/JwtHeader.d.ts

@@ -1,4 +0,0 @@
-export interface JwtHeader {
-    typ: 'JWT';
-    alg: 'HS256' | 'HS512';
-}

package/dist/JwtHeader.js

@@ -1 +0,0 @@
-export {};

package/dist/JwtSignOpts.d.ts

@@ -1,5 +0,0 @@
-export interface JwtSignOpts {
-    privKey: string;
-    pubKey: string;
-    algorithm: "HS256" | "HS512";
-}

package/dist/JwtSignOpts.js

@@ -1 +0,0 @@
-export {};

package/dist/example.d.ts

@@ -1 +0,0 @@
-export {};

package/dist/example.js

@@ -1,13 +0,0 @@
-import { JWT } from "./JWT";
-async function example() {
-    const payload = {
-        exp: Math.floor(Date.now().valueOf() / 1000) + 300 // Expire in 300 seconds
-    };
-    const opts = {
-        privKey: "79c4e267e63845a986e669388fce66e9", // Private/Secret Key
-        pubKey: "f266a28e-5e9a-4fe3-90a8-2e8b2ef0f62d", // Public Key (Issuer ID)
-        algorithm: "HS256" // Possible values: HS256 or HS512
-    };
-    const jwt = await JWT.sign(payload, opts);
-    console.log(jwt);
-}

package/dist/index.d.ts

@@ -1,7 +0,0 @@
-export * from './JWT';
-export * from './JwtError';
-export * from './JwtExtract';
-export * from './JwtExtractOpts';
-export * from './JwtHeader';
-export * from './JwtSignOpts';
-export * from './example';

package/dist/index.js

@@ -1,7 +0,0 @@
-export * from './JWT';
-export * from './JwtError';
-export * from './JwtExtract';
-export * from './JwtExtractOpts';
-export * from './JwtHeader';
-export * from './JwtSignOpts';
-export * from './example';