ecwt 0.2.0-beta.2 → 0.2.0-beta.4

package/README.md

@@ -76,7 +76,8 @@ In our example, we use [valibot](https://valibot.dev) library.
 ```javascript
 import * as v from 'valibot';
 
-const schema = (value) => v.parse(
+const schema = v.parse.bind(
+	null,
 	v.object({
 		user_id: v.number([
 			v.maxValue(10),
@@ -85,7 +86,6 @@ const schema = (value) => v.parse(
 			v.maxLength(10),
 		]),
 	}),
-	value,
 );
 ```
 
@@ -197,6 +197,30 @@ If the token is invalid, throws `EcwtInvalidError` which contains `Ecwt` instanc
 const ecwt = await ecwtFactory.verify(token);
 ```
 
+#### Class method `safeVerify`
+
+```typescript
+safeVerify(
+    token: string,
+): Promise<{
+    success: boolean,
+    ecwt: Ecwt | null,
+}>
+```
+
+The same method as `verify`, but does not throw an error if the token is invalid, expired or revoked.
+
+Property `success` is `true` if the token is valid.
+
+Property `ecwt` is `null` if the token cannot be parsed, otherwise it contains `Ecwt` instance.
+
+```javascript
+const {
+	success,
+	ecwt,
+} = await ecwtFactory.safeVerify(token);
+```
+
 ### `Ecwt`
 
 Represents the token. Its counstructor cannot be called by the user.

package/dist/ecwt.cjs

@@ -229,17 +229,17 @@ var EcwtFactory = class {
    * @param {{ [key: string]: number }} [param0.options.senml_key_map] Payload object keys mapped for their SenML keys.
    */
   constructor({
-    redisClient: redisClient2 = null,
-    lruCache = null,
+    redisClient: redisClient2,
+    lruCache,
     snowflakeFactory,
     options: {
-      namespace = null,
+      namespace,
       key,
       validator,
       senml_key_map
     }
   }) {
-    if (redisClient2 !== null && (redisClient2.constructor.name !== redis_client_constructor_name || getAllKeysList(redisClient2) !== redis_client_keys)) {
+    if (redisClient2 !== void 0 && (redisClient2.constructor.name !== redis_client_constructor_name || getAllKeysList(redisClient2) !== redis_client_keys)) {
       throw new InvalidPackageInstanceError(
         "redisClient",
         "Commander extends RedisClient",
@@ -247,7 +247,7 @@ var EcwtFactory = class {
       );
     }
     this.#redisClient = redisClient2;
-    if (lruCache !== null && lruCache instanceof import_lru_cache.LRUCache !== true) {
+    if (lruCache !== void 0 && lruCache instanceof import_lru_cache.LRUCache !== true) {
       throw new InvalidPackageInstanceError(
         "lruCache",
         "LRUCache",
@@ -277,11 +277,11 @@ var EcwtFactory = class {
    * @async
    * @param {object} data Data to be stored in token.
    * @param {object} [options] -
-   * @param {number} [options.ttl] Time to live in seconds. By default, token will never expire.
+   * @param {number | null} [options.ttl] Time to live in seconds. By default, token will never expire.
    * @returns {Promise<Ecwt>} -
    */
   async create(data, {
-    ttl
+    ttl = null
   } = {}) {
     if (typeof this.#validator === "function") {
       data = this.#validator(data);
@@ -319,6 +319,11 @@ var EcwtFactory = class {
       }
     );
   }
+  /**
+   * Sets data to cache.
+   * @param {string} token String representation of token.
+   * @param {object} data Data to be stored in cache.
+   */
   #setCache(token, data) {
     this.#lruCache?.set(
       token,
@@ -410,6 +415,36 @@ var EcwtFactory = class {
     }
     return ecwt;
   }
+  /**
+   * Parses token without throwing errors.
+   * @async
+   * @param {string} token String representation of token.
+   * @returns {Promise<{ success: boolean, ecwt: Ecwt | null }>} Returns whether token was parsed and verified successfully and Ecwt if parsed.
+   */
+  async safeVerify(token) {
+    let ecwt = null;
+    try {
+      ecwt = await this.verify(token);
+      return {
+        success: true,
+        ecwt
+      };
+    } catch (error) {
+      if (error instanceof EcwtParseError) {
+        return {
+          success: false,
+          ecwt: null
+        };
+      }
+      if (error instanceof EcwtInvalidError) {
+        return {
+          success: false,
+          ecwt
+        };
+      }
+      throw error;
+    }
+  }
   /**
    * Revokes token.
    * @async
@@ -428,12 +463,17 @@ var EcwtFactory = class {
       ttl_initial = ttl_initial ?? Number.MAX_SAFE_INTEGER;
       const ts_ms_expired = ts_ms_created + ttl_initial * 1e3;
       if (ts_ms_expired > Date.now()) {
-        await this.#redisClient.sendCommand([
+        await this.#redisClient.MULTI().addCommand([
           "ZADD",
           this.#redis_keys.revoked,
           String(ts_ms_expired),
           token_id
-        ]);
+        ]).addCommand([
+          "ZREMRANGEBYSCORE",
+          this.#redis_keys.revoked,
+          "-inf",
+          String(Date.now())
+        ]).EXEC();
       }
     } else {
       console.warn("[ecwt] Redis client is not provided. Tokens cannot be revoked.");

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "ecwt",
-	"version": "0.2.0-beta.2",
+	"version": "0.2.0-beta.4",
 	"description": "Encrypted CBOR-encoded Web Token",
 	"main": "src/main.js",
 	"type": "module",
@@ -32,8 +32,8 @@
 		"eslint-plugin-node": "11.1.0",
 		"eslint-plugin-promise": "6.1.1",
 		"eslint-plugin-unicorn": "47.0.0",
-		"valibot": "^0.24.1",
-		"vitest": "1.3.1"
+		"valibot": "0.33",
+		"vitest": "1.6"
 	},
 	"scripts": {
 		"test": "bun run redis-up && bun test && npm run test-node",

package/src/factory.js

@@ -1,4 +1,6 @@
 
+// @ts-check
+
 import { SnowflakeFactory }       from '@kirick/snowflake';
 import {
 	Encoder as CborEncoder,
@@ -13,6 +15,7 @@ import { Ecwt }                   from './token.js';
 import { base62 }                 from './utils/base62.js';
 import {
 	InvalidPackageInstanceError,
+	EcwtInvalidError,
 	EcwtExpiredError,
 	EcwtRevokedError,
     EcwtParseError }              from './utils/errors.js';
@@ -57,18 +60,18 @@ export class EcwtFactory {
 	 * @param {{ [key: string]: number }} [param0.options.senml_key_map] Payload object keys mapped for their SenML keys.
 	 */
 	constructor({
-		redisClient = null,
-		lruCache = null,
+		redisClient,
+		lruCache,
 		snowflakeFactory,
 		options: {
-			namespace = null,
+			namespace,
 			key,
 			validator,
 			senml_key_map,
 		},
 	}) {
 		if (
-			redisClient !== null
+			redisClient !== undefined
 			&& (
 				redisClient.constructor.name !== redis_client_constructor_name
 				|| getAllKeysList(redisClient) !== redis_client_keys
@@ -83,7 +86,7 @@ export class EcwtFactory {
 		this.#redisClient = redisClient;
 
 		if (
-			lruCache !== null
+			lruCache !== undefined
 			&& lruCache instanceof LRUCache !== true
 		) {
 			throw new InvalidPackageInstanceError(
@@ -121,13 +124,13 @@ export class EcwtFactory {
 	 * @async
 	 * @param {object} data Data to be stored in token.
 	 * @param {object} [options] -
-	 * @param {number} [options.ttl] Time to live in seconds. By default, token will never expire.
+	 * @param {number | null} [options.ttl] Time to live in seconds. By default, token will never expire.
 	 * @returns {Promise<Ecwt>} -
 	 */
 	async create(
 		data,
 		{
-			ttl,
+			ttl = null,
 		} = {},
 	) {
 		if (typeof this.#validator === 'function') {
@@ -180,6 +183,11 @@ export class EcwtFactory {
 		);
 	}
 
+	/**
+	 * Sets data to cache.
+	 * @param {string} token String representation of token.
+	 * @param {object} data Data to be stored in cache.
+	 */
 	#setCache(token, data) {
 		this.#lruCache?.set(
 			token,
@@ -299,6 +307,41 @@ export class EcwtFactory {
 		return ecwt;
 	}
 
+	/**
+	 * Parses token without throwing errors.
+	 * @async
+	 * @param {string} token String representation of token.
+	 * @returns {Promise<{ success: boolean, ecwt: Ecwt | null }>} Returns whether token was parsed and verified successfully and Ecwt if parsed.
+	 */
+	async safeVerify(token) {
+		let ecwt = null;
+		try {
+			ecwt = await this.verify(token);
+
+			return {
+				success: true,
+				ecwt,
+			};
+		}
+		catch (error) {
+			if (error instanceof EcwtParseError) {
+				return {
+					success: false,
+					ecwt: null,
+				};
+			}
+
+			if (error instanceof EcwtInvalidError) {
+				return {
+					success: false,
+					ecwt,
+				};
+			}
+
+			throw error;
+		}
+	}
+
 	/**
 	 * Revokes token.
 	 * @async
@@ -318,12 +361,26 @@ export class EcwtFactory {
 
 			const ts_ms_expired = ts_ms_created + (ttl_initial * 1000);
 			if (ts_ms_expired > Date.now()) {
-				await this.#redisClient.sendCommand([
-					'ZADD',
-					this.#redis_keys.revoked,
-					String(ts_ms_expired),
-					token_id,
-				]);
+				// await this.#redisClient.sendCommand([
+				// 	'ZADD',
+				// 	this.#redis_keys.revoked,
+				// 	String(ts_ms_expired),
+				// 	token_id,
+				// ]);
+				await this.#redisClient.MULTI()
+					.addCommand([
+						'ZADD',
+						this.#redis_keys.revoked,
+						String(ts_ms_expired),
+						token_id,
+					])
+					.addCommand([
+						'ZREMRANGEBYSCORE',
+						this.#redis_keys.revoked,
+						'-inf',
+						String(Date.now()),
+					])
+					.EXEC();
 			}
 		}
 		else {

package/src/utils/errors.js

@@ -5,12 +5,18 @@ export class InvalidPackageInstanceError extends TypeError {
 	}
 }
 
+/**
+ * Error thrown when string token cannot be parsed to Ecwt.
+ */
 export class EcwtParseError extends Error {
 	constructor() {
 		super('Cannot parse data to Ecwt token.');
 	}
 }
 
+/**
+ * Error thrown when parsed Ecwt is invalid.
+ */
 export class EcwtInvalidError extends Error {
 	constructor(ecwt) {
 		super('Ecwt token is invalid.');
@@ -19,6 +25,9 @@ export class EcwtInvalidError extends Error {
 	}
 }
 
+/**
+ * Error thrown when parsed Ecwt is expired.
+ */
 export class EcwtExpiredError extends EcwtInvalidError {
 	constructor(ecwt) {
 		super();
@@ -28,6 +37,9 @@ export class EcwtExpiredError extends EcwtInvalidError {
 	}
 }
 
+/**
+ * Error thrown when parsed Ecwt is revoked.
+ */
 export class EcwtRevokedError extends EcwtInvalidError {
 	constructor(ecwt) {
 		super();