@villedemontreal/jwt-validator 5.14.1 → 6.0.0

package/src/jwtValidator.ts

@@ -1,6 +1,8 @@
+/* eslint-disable @typescript-eslint/only-throw-error */
+
 import { utils } from '@villedemontreal/general-utils';
 import * as jwt from 'jsonwebtoken';
-import * as moment from 'moment';
+import { DateTime } from 'luxon';
 import { constants } from './config/constants';
 import { createInvalidAuthHeaderError, createInvalidJwtError } from './models/customError';
 import { IJWTPayload, isJWTPayload } from './models/jwtPayload';
@@ -123,9 +125,9 @@ class JwtValidator implements IJwtValidator {
 
   private validateJwtCreationTimestamp(payload: IJWTPayload, key: IPublicKey) {
     // Check the jwt was not created before the creation date of the key
-    const payloadIat: moment.Moment = moment.utc(payload.iat * 1000);
-    const keyCreatedAt: moment.Moment = moment.utc(key.createdAt);
-    if (payloadIat.diff(keyCreatedAt) < 0) {
+    const payloadIat = DateTime.fromMillis(payload.iat * 1000).toUTC();
+    const keyCreatedAt = DateTime.fromISO(key.createdAt).toUTC();
+    if (payloadIat < keyCreatedAt) {
       throw createInvalidJwtError({
         code: constants.errors.codes.INVALID_VALUE,
         target: 'jwt',
@@ -137,8 +139,8 @@ class JwtValidator implements IJwtValidator {
   private validateJwtExpirationTimestamp(payload: IJWTPayload, key: IPublicKey) {
     // Check expiration date
     if (key.expiresAt) {
-      const keyexpiresAt: moment.Moment = moment.utc(key.expiresAt);
-      if (moment.utc().diff(keyexpiresAt) > 0) {
+      const keyexpiresAt = DateTime.fromISO(key.expiresAt).toUTC();
+      if (DateTime.utc() > keyexpiresAt) {
         throw createInvalidJwtError({
           code: constants.errors.codes.INVALID_VALUE,
           target: 'jwt',
@@ -147,8 +149,8 @@ class JwtValidator implements IJwtValidator {
       }
 
       // Check the jwt was not created after the expiration date of the key
-      const payloadIat: moment.Moment = moment.utc(payload.iat * 1000);
-      if (payloadIat.diff(keyexpiresAt) > 0) {
+      const payloadIat = DateTime.fromMillis(payload.iat * 1000).toUTC();
+      if (payloadIat > keyexpiresAt) {
         throw createInvalidJwtError({
           code: constants.errors.codes.INVALID_VALUE,
           target: 'jwt',

package/src/middleware/jwtMiddleware.test.ts

@@ -1,6 +1,6 @@
 import * as chai from 'chai';
 import { expect } from 'chai';
-import * as chaiAsPromised from 'chai-as-promised';
+import chaiAsPromised from 'chai-as-promised';
 import { Request, Response } from 'express';
 import { createRequest as createRequestMock } from 'node-mocks-http';
 import { SinonSpy, SinonStub, spy, stub } from 'sinon';
@@ -132,7 +132,7 @@ describe('#jwtValidationMiddleware', () => {
 });
 
 async function delay(duration: number): Promise<void> {
-  return new Promise((resolve, reject) => {
+  return new Promise((resolve) => {
     setTimeout(resolve, duration);
   });
 }

package/src/middleware/tokenTransformationMiddleware.ts

@@ -8,7 +8,7 @@ import { ITokenTtransformationMiddlewareConfig } from '../config/tokenTransforma
 import { IInputAccessToken, IInputAccessTokenSource } from '../models/accessToken';
 import { createInvalidJwtError } from '../models/customError';
 import { createLogger } from '../utils/logger';
-import superagent = require('superagent');
+import * as superagent from 'superagent';
 
 const logger = createLogger('Token transformation middleware');
 

package/src/models/publicKey.ts

@@ -23,7 +23,6 @@ export interface IPublicKeys {
 /**
  * Array of public key
  */
-// tslint:disable-next-line:no-empty-interface
 export type IPublicKeysList = Array<IPublicKey>;
 
 /**

package/src/repositories/cachedPublicKeyRepository.ts

@@ -1,6 +1,6 @@
 import { ApiErrorAndInfo } from '@villedemontreal/general-utils/dist/src';
 import { extend } from 'lodash';
-import * as moment from 'moment';
+import { DateTime } from 'luxon';
 import { configs } from '../config/configs';
 import { IPublicKey, IPublicKeys } from '../models/publicKey';
 import { createLogger } from '../utils/logger';
@@ -21,7 +21,7 @@ export class CachedPublicKeyRepository implements ICachedPublicKeyRepository {
   /**
    * Next update
    */
-  private _nextUpdate: moment.Moment;
+  private _nextUpdate: DateTime;
 
   /**
    * Cached public keys
@@ -33,7 +33,7 @@ export class CachedPublicKeyRepository implements ICachedPublicKeyRepository {
    */
   public clearCache(): void {
     this._cachedKeys = {};
-    this._nextUpdate = moment.utc();
+    this._nextUpdate = DateTime.utc();
   }
 
   /**
@@ -101,7 +101,7 @@ export class CachedPublicKeyRepository implements ICachedPublicKeyRepository {
    * @return {boolean}
    */
   private isValidCache(): boolean {
-    if (!this._nextUpdate || moment.utc().diff(this._nextUpdate) >= 0) {
+    if (!this._nextUpdate || DateTime.utc() >= this._nextUpdate) {
       return false;
     }
 
@@ -113,7 +113,7 @@ export class CachedPublicKeyRepository implements ICachedPublicKeyRepository {
    * @return
    */
   private updateNextCacheUpdate(): void {
-    this._nextUpdate = moment.utc().add(configs.getCacheDuration(), 'seconds');
+    this._nextUpdate = DateTime.utc().plus({ seconds: configs.getCacheDuration() });
   }
 }
 

package/src/userValidator.test.ts

@@ -9,6 +9,9 @@ import { cachedPublicKeyRepository } from './repositories/cachedPublicKeyReposit
 import { UserValidator } from './userValidator';
 import { setTestingConfigurations } from './utils/testingConfigurations';
 
+// eslint-disable-next-line @typescript-eslint/no-require-imports
+const mockRequest = require('mock-express-request');
+
 // ==========================================
 // Set Testing configurations
 // ==========================================
@@ -186,8 +189,6 @@ it('User Validator - init app & get jwt public key', async () => {
   assert.isTrue(validator.default.isBase64(key));
 });
 
-const mockRequest = require('mock-express-request');
-
 it('should consider mtlIdentityId field when verifying user', async () => {
   let hasThrown = false;
 
@@ -201,7 +202,7 @@ it('should consider mtlIdentityId field when verifying user', async () => {
 
     const userValidator: UserValidator = new UserValidator(request);
     userValidator.verifyUser(userId);
-  } catch (err) {
+  } catch {
     hasThrown = true;
   }
 
@@ -222,7 +223,7 @@ it('should throw when either fields are matching', async () => {
 
     const userValidator: UserValidator = new UserValidator(request);
     userValidator.verifyUser(userId);
-  } catch (err) {
+  } catch {
     hasThrown = true;
   }
 

package/src/userValidator.ts

@@ -33,7 +33,7 @@ export class UserValidator implements IUserValidator {
    */
   public constructor(req: express.Request) {
     if (!isRequestWithJwt(req)) {
-      throw new Error(`Expecting a request with a '.jwt' here! : ${req}`);
+      throw new Error(`Expecting a request with a '.jwt' here! : ${req.method} ${req.url}`);
     }
     this._request = req;
   }
@@ -44,6 +44,7 @@ export class UserValidator implements IUserValidator {
 
   public verifyUser(userId: string) {
     if (this._request.jwt.sub !== userId && this._request.jwt.mtlIdentityId !== userId) {
+      // eslint-disable-next-line @typescript-eslint/only-throw-error
       throw createInvalidJwtError({
         code: constants.errors.codes.UNAUTHORIZED_ACCESS,
         target: 'jwt',

package/src/utils/jwtMock.ts

@@ -190,7 +190,7 @@ export class JwtMock {
       // Note that we lazy-load the nock module
       // until we really need it, to avoid patching
       // the http module for nothing.
-      nock = require('nock');
+      nock = await import('nock');
     }
     nock(configs.getHost(), options).get(pathRegex).once().reply(200, nockListPublicKeys);