@twin.org/web 0.0.1-next.37 → 0.0.1-next.38

package/dist/cjs/index.cjs

@@ -835,20 +835,18 @@ class Jwt {
     }
     /**
      * The default signer for the JWT.
-     * @param alg The algorithm to use.
-     * @param key The key to sign with.
      * @param header The header to sign.
      * @param payload The payload to sign.
+     * @param key The optional key to sign with.
      * @returns The signature.
      */
-    static async defaultSigner(alg, key, header, payload) {
-        core.Guards.defined(Jwt._CLASS_NAME, "key", key);
+    static async defaultSigner(header, payload, key) {
         core.Guards.object(Jwt._CLASS_NAME, "header", header);
         core.Guards.object(Jwt._CLASS_NAME, "payload", payload);
+        core.Guards.defined(Jwt._CLASS_NAME, "key", key);
         const signer = new jose.SignJWT(payload);
-        header.alg = alg;
         signer.setProtectedHeader(header);
-        if (alg === "EdDSA" && core.Is.uint8Array(key)) {
+        if (header.alg === "EdDSA" && core.Is.uint8Array(key)) {
             // crypto.subtle.importKey does not support Ed25519 keys in raw format.
             // We need to convert the key to PKCS8 format before importing.
             // The PKCS8 format is the raw key prefixed with the ASN.1 sequence for an Ed25519 private key.
@@ -884,6 +882,31 @@ class Jwt {
             throw new core.GeneralError(Jwt._CLASS_NAME, "verifyFailed", undefined, err);
         }
     }
+    /**
+     * Create bytes for signing from header and payload.
+     * @param header The header.
+     * @param payload The payload.
+     * @returns The bytes to sign.
+     */
+    static createSignBytes(header, payload) {
+        const segments = [];
+        const headerBytes = core.Converter.utf8ToBytes(JSON.stringify(header));
+        segments.push(core.Converter.bytesToBase64Url(headerBytes));
+        const payloadBytes = core.Converter.utf8ToBytes(JSON.stringify(payload));
+        segments.push(core.Converter.bytesToBase64Url(payloadBytes));
+        return core.Converter.utf8ToBytes(segments.join("."));
+    }
+    /**
+     * Create token from bytes and signature.
+     * @param signedBytes The signed bytes.
+     * @param signature The signature.
+     * @returns The token.
+     */
+    static createTokenFromBytes(signedBytes, signature) {
+        const signedBytesUtf8 = core.Converter.bytesToUtf8(signedBytes);
+        const signatureBase64 = core.Converter.bytesToBase64Url(signature);
+        return `${signedBytesUtf8}.${signatureBase64}`;
+    }
     /**
      * Encode a token.
      * @param header The header to encode.
@@ -899,11 +922,11 @@ class Jwt {
         if (!hasKey && !hasSigner) {
             throw new core.GeneralError(Jwt._CLASS_NAME, "noKeyOrSigner");
         }
-        signer ??= async (alg, k, h, p) => Jwt.defaultSigner(alg, k, h, p);
+        signer ??= async (h, p, k) => Jwt.defaultSigner(h, p, k);
         if (core.Is.undefined(header.typ)) {
             header.typ = "JWT";
         }
-        return signer(header.alg, key, header, payload);
+        return signer(header, payload, key);
     }
 }
 

package/dist/esm/index.mjs

@@ -833,20 +833,18 @@ class Jwt {
     }
     /**
      * The default signer for the JWT.
-     * @param alg The algorithm to use.
-     * @param key The key to sign with.
      * @param header The header to sign.
      * @param payload The payload to sign.
+     * @param key The optional key to sign with.
      * @returns The signature.
      */
-    static async defaultSigner(alg, key, header, payload) {
-        Guards.defined(Jwt._CLASS_NAME, "key", key);
+    static async defaultSigner(header, payload, key) {
         Guards.object(Jwt._CLASS_NAME, "header", header);
         Guards.object(Jwt._CLASS_NAME, "payload", payload);
+        Guards.defined(Jwt._CLASS_NAME, "key", key);
         const signer = new SignJWT(payload);
-        header.alg = alg;
         signer.setProtectedHeader(header);
-        if (alg === "EdDSA" && Is.uint8Array(key)) {
+        if (header.alg === "EdDSA" && Is.uint8Array(key)) {
             // crypto.subtle.importKey does not support Ed25519 keys in raw format.
             // We need to convert the key to PKCS8 format before importing.
             // The PKCS8 format is the raw key prefixed with the ASN.1 sequence for an Ed25519 private key.
@@ -882,6 +880,31 @@ class Jwt {
             throw new GeneralError(Jwt._CLASS_NAME, "verifyFailed", undefined, err);
         }
     }
+    /**
+     * Create bytes for signing from header and payload.
+     * @param header The header.
+     * @param payload The payload.
+     * @returns The bytes to sign.
+     */
+    static createSignBytes(header, payload) {
+        const segments = [];
+        const headerBytes = Converter.utf8ToBytes(JSON.stringify(header));
+        segments.push(Converter.bytesToBase64Url(headerBytes));
+        const payloadBytes = Converter.utf8ToBytes(JSON.stringify(payload));
+        segments.push(Converter.bytesToBase64Url(payloadBytes));
+        return Converter.utf8ToBytes(segments.join("."));
+    }
+    /**
+     * Create token from bytes and signature.
+     * @param signedBytes The signed bytes.
+     * @param signature The signature.
+     * @returns The token.
+     */
+    static createTokenFromBytes(signedBytes, signature) {
+        const signedBytesUtf8 = Converter.bytesToUtf8(signedBytes);
+        const signatureBase64 = Converter.bytesToBase64Url(signature);
+        return `${signedBytesUtf8}.${signatureBase64}`;
+    }
     /**
      * Encode a token.
      * @param header The header to encode.
@@ -897,11 +920,11 @@ class Jwt {
         if (!hasKey && !hasSigner) {
             throw new GeneralError(Jwt._CLASS_NAME, "noKeyOrSigner");
         }
-        signer ??= async (alg, k, h, p) => Jwt.defaultSigner(alg, k, h, p);
+        signer ??= async (h, p, k) => Jwt.defaultSigner(h, p, k);
         if (Is.undefined(header.typ)) {
             header.typ = "JWT";
         }
-        return signer(header.alg, key, header, payload);
+        return signer(header, payload, key);
     }
 }
 

package/dist/types/utils/jwt.d.ts

@@ -12,7 +12,7 @@ export declare class Jwt {
      * @param key The key for signing the token, can be omitted if a signer is provided.
      * @returns The encoded token.
      */
-    static encode<U extends IJwtHeader, T extends IJwtPayload>(header: U, payload: T, key: JwkCryptoKey): Promise<string>;
+    static encode<T extends IJwtHeader, U extends IJwtPayload>(header: T, payload: U, key: JwkCryptoKey): Promise<string>;
     /**
      * Encode a token.
      * @param header The header to encode.
@@ -20,15 +20,15 @@ export declare class Jwt {
      * @param signer Custom signer method.
      * @returns The encoded token.
      */
-    static encodeWithSigner<U extends IJwtHeader, T extends IJwtPayload>(header: U, payload: T, signer: (alg: string, key: JwkCryptoKey | undefined, header: IJwtHeader, payload: IJwtPayload) => Promise<string>): Promise<string>;
+    static encodeWithSigner<T extends IJwtHeader, U extends IJwtPayload>(header: T, payload: U, signer: (header: IJwtHeader, payload: IJwtPayload, key: JwkCryptoKey | undefined) => Promise<string>): Promise<string>;
     /**
      * Decode a token.
      * @param token The token to decode.
      * @returns The decoded payload.
      */
-    static decode<U extends IJwtHeader, T extends IJwtPayload>(token: string): Promise<{
-        header?: U;
-        payload?: T;
+    static decode<T extends IJwtHeader, U extends IJwtPayload>(token: string): Promise<{
+        header?: T;
+        payload?: U;
         signature?: Uint8Array;
     }>;
     /**
@@ -70,13 +70,12 @@ export declare class Jwt {
     }>;
     /**
      * The default signer for the JWT.
-     * @param alg The algorithm to use.
-     * @param key The key to sign with.
      * @param header The header to sign.
      * @param payload The payload to sign.
+     * @param key The optional key to sign with.
      * @returns The signature.
      */
-    static defaultSigner(alg: string, key: JwkCryptoKey | undefined, header: IJwtHeader, payload: IJwtPayload): Promise<string>;
+    static defaultSigner(header: IJwtHeader, payload: IJwtPayload, key: JwkCryptoKey | undefined): Promise<string>;
     /**
      * The default verifier for the JWT.
      * @param token The token to verify.
@@ -87,4 +86,18 @@ export declare class Jwt {
         header: T;
         payload: U;
     }>;
+    /**
+     * Create bytes for signing from header and payload.
+     * @param header The header.
+     * @param payload The payload.
+     * @returns The bytes to sign.
+     */
+    static createSignBytes<T extends IJwtHeader, U extends IJwtPayload>(header: T, payload: U): Uint8Array;
+    /**
+     * Create token from bytes and signature.
+     * @param signedBytes The signed bytes.
+     * @param signature The signature.
+     * @returns The token.
+     */
+    static createTokenFromBytes(signedBytes: Uint8Array, signature: Uint8Array): string;
 }

package/docs/changelog.md

@@ -1,5 +1,5 @@
 # @twin.org/web - Changelog
 
-## 0.0.1-next.37
+## 0.0.1-next.38
 
 - Initial Release

package/docs/reference/classes/Jwt.md

@@ -16,27 +16,27 @@ Class to handle JSON Web Tokens.
 
 ### encode()
 
-> `static` **encode**\<`U`, `T`\>(`header`, `payload`, `key`): `Promise`\<`string`\>
+> `static` **encode**\<`T`, `U`\>(`header`, `payload`, `key`): `Promise`\<`string`\>
 
 Encode a token.
 
 #### Type Parameters
 
-• **U** *extends* [`IJwtHeader`](../interfaces/IJwtHeader.md)
+• **T** *extends* [`IJwtHeader`](../interfaces/IJwtHeader.md)
 
-• **T** *extends* [`IJwtPayload`](../interfaces/IJwtPayload.md)
+• **U** *extends* [`IJwtPayload`](../interfaces/IJwtPayload.md)
 
 #### Parameters
 
 ##### header
 
-`U`
+`T`
 
 The header to encode.
 
 ##### payload
 
-`T`
+`U`
 
 The payload to encode.
 
@@ -56,33 +56,33 @@ The encoded token.
 
 ### encodeWithSigner()
 
-> `static` **encodeWithSigner**\<`U`, `T`\>(`header`, `payload`, `signer`): `Promise`\<`string`\>
+> `static` **encodeWithSigner**\<`T`, `U`\>(`header`, `payload`, `signer`): `Promise`\<`string`\>
 
 Encode a token.
 
 #### Type Parameters
 
-• **U** *extends* [`IJwtHeader`](../interfaces/IJwtHeader.md)
+• **T** *extends* [`IJwtHeader`](../interfaces/IJwtHeader.md)
 
-• **T** *extends* [`IJwtPayload`](../interfaces/IJwtPayload.md)
+• **U** *extends* [`IJwtPayload`](../interfaces/IJwtPayload.md)
 
 #### Parameters
 
 ##### header
 
-`U`
+`T`
 
 The header to encode.
 
 ##### payload
 
-`T`
+`U`
 
 The payload to encode.
 
 ##### signer
 
-(`alg`, `key`, `header`, `payload`) => `Promise`\<`string`\>
+(`header`, `payload`, `key`) => `Promise`\<`string`\>
 
 Custom signer method.
 
@@ -96,15 +96,15 @@ The encoded token.
 
 ### decode()
 
-> `static` **decode**\<`U`, `T`\>(`token`): `Promise`\<\{ `header`: `U`; `payload`: `T`; `signature`: `Uint8Array`; \}\>
+> `static` **decode**\<`T`, `U`\>(`token`): `Promise`\<\{ `header`: `T`; `payload`: `U`; `signature`: `Uint8Array`; \}\>
 
 Decode a token.
 
 #### Type Parameters
 
-• **U** *extends* [`IJwtHeader`](../interfaces/IJwtHeader.md)
+• **T** *extends* [`IJwtHeader`](../interfaces/IJwtHeader.md)
 
-• **T** *extends* [`IJwtPayload`](../interfaces/IJwtPayload.md)
+• **U** *extends* [`IJwtPayload`](../interfaces/IJwtPayload.md)
 
 #### Parameters
 
@@ -116,7 +116,7 @@ The token to decode.
 
 #### Returns
 
-`Promise`\<\{ `header`: `U`; `payload`: `T`; `signature`: `Uint8Array`; \}\>
+`Promise`\<\{ `header`: `T`; `payload`: `U`; `signature`: `Uint8Array`; \}\>
 
 The decoded payload.
 
@@ -232,24 +232,12 @@ True if the parts are verified.
 
 ### defaultSigner()
 
-> `static` **defaultSigner**(`alg`, `key`, `header`, `payload`): `Promise`\<`string`\>
+> `static` **defaultSigner**(`header`, `payload`, `key`): `Promise`\<`string`\>
 
 The default signer for the JWT.
 
 #### Parameters
 
-##### alg
-
-`string`
-
-The algorithm to use.
-
-##### key
-
-The key to sign with.
-
-`undefined` | [`JwkCryptoKey`](../type-aliases/JwkCryptoKey.md)
-
 ##### header
 
 [`IJwtHeader`](../interfaces/IJwtHeader.md)
@@ -262,6 +250,12 @@ The header to sign.
 
 The payload to sign.
 
+##### key
+
+The optional key to sign with.
+
+`undefined` | [`JwkCryptoKey`](../type-aliases/JwkCryptoKey.md)
+
 #### Returns
 
 `Promise`\<`string`\>
@@ -301,3 +295,65 @@ The key to verify with.
 `Promise`\<\{ `header`: `T`; `payload`: `U`; \}\>
 
 True if the signature was verified.
+
+***
+
+### createSignBytes()
+
+> `static` **createSignBytes**\<`T`, `U`\>(`header`, `payload`): `Uint8Array`
+
+Create bytes for signing from header and payload.
+
+#### Type Parameters
+
+• **T** *extends* [`IJwtHeader`](../interfaces/IJwtHeader.md)
+
+• **U** *extends* [`IJwtPayload`](../interfaces/IJwtPayload.md)
+
+#### Parameters
+
+##### header
+
+`T`
+
+The header.
+
+##### payload
+
+`U`
+
+The payload.
+
+#### Returns
+
+`Uint8Array`
+
+The bytes to sign.
+
+***
+
+### createTokenFromBytes()
+
+> `static` **createTokenFromBytes**(`signedBytes`, `signature`): `string`
+
+Create token from bytes and signature.
+
+#### Parameters
+
+##### signedBytes
+
+`Uint8Array`
+
+The signed bytes.
+
+##### signature
+
+`Uint8Array`
+
+The signature.
+
+#### Returns
+
+`string`
+
+The token.

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@twin.org/web",
-	"version": "0.0.1-next.37",
+	"version": "0.0.1-next.38",
 	"description": "Contains classes for use with web operations",
 	"repository": {
 		"type": "git",
@@ -14,8 +14,8 @@
 		"node": ">=20.0.0"
 	},
 	"dependencies": {
-		"@twin.org/core": "0.0.1-next.37",
-		"@twin.org/crypto": "0.0.1-next.37",
+		"@twin.org/core": "0.0.1-next.38",
+		"@twin.org/crypto": "0.0.1-next.38",
 		"@twin.org/nameof": "next",
 		"jose": "6.0.8"
 	},