@pristine-ts/jwt 4.0.3 → 4.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,6 +1,11 @@
1
1
  import { PristineError, Request } from "@pristine-ts/common";
2
2
  /**
3
3
  * This Error is thrown when you try to decode a JWT but the token is invalid.
4
+ *
5
+ * An invalid (missing signature, malformed, wrong issuer, …) token means the caller is
6
+ * not authenticated, so this surfaces as a `401 UNAUTHORIZED` — a client should send the
7
+ * user to login. An *expired* token is handled separately as a `TokenExpiredError`
8
+ * (`401 TOKEN_EXPIRED`) so the client can attempt a refresh instead.
4
9
  */
5
10
  export declare class InvalidJwtError extends PristineError {
6
11
  /**
@@ -1,6 +1,10 @@
1
1
  import { PristineError, Request } from "@pristine-ts/common";
2
2
  /**
3
3
  * This Error is thrown when there's you try to decode a JWT in a request but the AuthorizationHeader is missing.
4
+ *
5
+ * A missing (or malformed) Authorization header means the caller never presented a
6
+ * token, so this surfaces as a `401 UNAUTHORIZED` — the client should send the user to
7
+ * login rather than attempt a token refresh.
4
8
  */
5
9
  export declare class JwtAuthorizationHeaderError extends PristineError {
6
10
  /**
@@ -11,6 +11,13 @@ export declare class JwtProtectedGuard implements GuardInterface {
11
11
  constructor(jwtManager: JwtManagerInterface);
12
12
  /**
13
13
  * Verifies if the JWT is valid and authorizes access if it is.
14
+ *
15
+ * On failure it does NOT swallow the error into a `false`: it propagates the typed error
16
+ * raised by the `JwtManager` (a `TokenExpiredError` → 401 TOKEN_EXPIRED, an
17
+ * `InvalidJwtError`/`JwtAuthorizationHeaderError` → 401 UNAUTHORIZED). The
18
+ * `AuthorizerManager` re-throws those typed auth errors so the client receives the
19
+ * precise code and can tell "refresh the token" from "log in" — a bare `false` would
20
+ * collapse every case into an indistinguishable 403.
14
21
  * @param request
15
22
  * @param identity
16
23
  */
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@pristine-ts/jwt",
3
- "version": "4.0.3",
3
+ "version": "4.0.5",
4
4
  "description": "",
5
5
  "module": "dist/lib/esm/jwt.module.js",
6
6
  "main": "dist/lib/cjs/jwt.module.js",
@@ -20,9 +20,9 @@
20
20
  "access": "public"
21
21
  },
22
22
  "dependencies": {
23
- "@pristine-ts/common": "^4.0.3",
24
- "@pristine-ts/networking": "^4.0.3",
25
- "@pristine-ts/security": "^4.0.3",
23
+ "@pristine-ts/common": "^4.0.5",
24
+ "@pristine-ts/networking": "^4.0.5",
25
+ "@pristine-ts/security": "^4.0.5",
26
26
  "jsonwebtoken": "^9.0.2"
27
27
  },
28
28
  "devDependencies": {
@@ -62,7 +62,7 @@
62
62
  "src/*.{js,ts}"
63
63
  ]
64
64
  },
65
- "gitHead": "c301b556f877d7d16e6e5e8faf049c9e3b99e15a",
65
+ "gitHead": "b22ccadf6f8fae474d1fe8da4f9a35faddb15c3e",
66
66
  "repository": {
67
67
  "type": "git",
68
68
  "url": "https://github.com/magieno/pristine-ts.git",