hono 3.1.1 → 3.1.2

package/dist/cjs/utils/jwt/jwt.js

@@ -104,12 +104,16 @@ const verify = async (token, secret, alg = import_types.AlgorithmTypes.HS256) =>
     throw new import_types2.JwtTokenInvalid(token);
   }
   const { payload } = decode(token);
-  if (payload.nbf && payload.nbf > Math.floor(Date.now() / 1e3)) {
+  const now = Math.floor(Date.now() / 1e3);
+  if (payload.nbf && payload.nbf > now) {
     throw new import_types2.JwtTokenNotBefore(token);
   }
-  if (payload.exp && payload.exp <= Math.floor(Date.now() / 1e3)) {
+  if (payload.exp && payload.exp <= now) {
     throw new import_types2.JwtTokenExpired(token);
   }
+  if (payload.iat && now < payload.iat) {
+    throw new import_types.JwtTokenIssuedAt(now, payload.iat);
+  }
   const signaturePart = tokenParts.slice(0, 2).join(".");
   const signature = await signing(signaturePart, secret, alg);
   const encodedSignature = encodeSignaturePart(signature);

package/dist/cjs/utils/jwt/types.js

@@ -23,6 +23,7 @@ __export(types_exports, {
   JwtAlorithmNotImplemented: () => JwtAlorithmNotImplemented,
   JwtTokenExpired: () => JwtTokenExpired,
   JwtTokenInvalid: () => JwtTokenInvalid,
+  JwtTokenIssuedAt: () => JwtTokenIssuedAt,
   JwtTokenNotBefore: () => JwtTokenNotBefore,
   JwtTokenSignatureMismatched: () => JwtTokenSignatureMismatched
 });
@@ -52,6 +53,12 @@ class JwtTokenExpired extends Error {
     this.name = "JwtTokenExpired";
   }
 }
+class JwtTokenIssuedAt extends Error {
+  constructor(currentTimestamp, iat) {
+    super(`Incorrect "iat" claim must be a older than "${currentTimestamp}" (iat: "${iat}")`);
+    this.name = "JwtTokenIssuedAt";
+  }
+}
 class JwtTokenSignatureMismatched extends Error {
   constructor(token) {
     super(`token(${token}) signature mismatched`);
@@ -71,6 +78,7 @@ var AlgorithmTypes = /* @__PURE__ */ ((AlgorithmTypes2) => {
   JwtAlorithmNotImplemented,
   JwtTokenExpired,
   JwtTokenInvalid,
+  JwtTokenIssuedAt,
   JwtTokenNotBefore,
   JwtTokenSignatureMismatched
 });

package/dist/cjs/utils/url.js

@@ -87,7 +87,7 @@ const getPattern = (label) => {
 const getPathFromURL = (url, strict = true) => {
   const queryIndex = url.indexOf("?", 8);
   const result = url.substring(url.indexOf("/", 8), queryIndex === -1 ? url.length : queryIndex);
-  if (strict === false && result.endsWith("/")) {
+  if (strict === false && /.+\/$/.test(result)) {
     return result.slice(0, -1);
   }
   return result;

package/dist/types/utils/jwt/types.d.ts

@@ -4,7 +4,7 @@ export declare class JwtAlgorithmNotImplemented extends Error {
 /**
  * Export for backward compatibility
  * @deprecated Use JwtAlgorithmNotImplemented instead
-**/
+ **/
 export declare const JwtAlorithmNotImplemented: typeof JwtAlgorithmNotImplemented;
 export declare class JwtTokenInvalid extends Error {
     constructor(token: string);
@@ -15,6 +15,9 @@ export declare class JwtTokenNotBefore extends Error {
 export declare class JwtTokenExpired extends Error {
     constructor(token: string);
 }
+export declare class JwtTokenIssuedAt extends Error {
+    constructor(currentTimestamp: number, iat: number);
+}
 export declare class JwtTokenSignatureMismatched extends Error {
     constructor(token: string);
 }

package/dist/utils/jwt/jwt.js

@@ -1,6 +1,6 @@
 // src/utils/jwt/jwt.ts
 import { encodeBase64Url, decodeBase64Url } from "../../utils/encode.js";
-import { AlgorithmTypes } from "./types.js";
+import { AlgorithmTypes, JwtTokenIssuedAt } from "./types.js";
 import {
   JwtTokenInvalid,
   JwtTokenNotBefore,
@@ -68,12 +68,16 @@ var verify = async (token, secret, alg = AlgorithmTypes.HS256) => {
     throw new JwtTokenInvalid(token);
   }
   const { payload } = decode(token);
-  if (payload.nbf && payload.nbf > Math.floor(Date.now() / 1e3)) {
+  const now = Math.floor(Date.now() / 1e3);
+  if (payload.nbf && payload.nbf > now) {
     throw new JwtTokenNotBefore(token);
   }
-  if (payload.exp && payload.exp <= Math.floor(Date.now() / 1e3)) {
+  if (payload.exp && payload.exp <= now) {
     throw new JwtTokenExpired(token);
   }
+  if (payload.iat && now < payload.iat) {
+    throw new JwtTokenIssuedAt(now, payload.iat);
+  }
   const signaturePart = tokenParts.slice(0, 2).join(".");
   const signature = await signing(signaturePart, secret, alg);
   const encodedSignature = encodeSignaturePart(signature);

package/dist/utils/jwt/types.js

@@ -24,6 +24,12 @@ var JwtTokenExpired = class extends Error {
     this.name = "JwtTokenExpired";
   }
 };
+var JwtTokenIssuedAt = class extends Error {
+  constructor(currentTimestamp, iat) {
+    super(`Incorrect "iat" claim must be a older than "${currentTimestamp}" (iat: "${iat}")`);
+    this.name = "JwtTokenIssuedAt";
+  }
+};
 var JwtTokenSignatureMismatched = class extends Error {
   constructor(token) {
     super(`token(${token}) signature mismatched`);
@@ -42,6 +48,7 @@ export {
   JwtAlorithmNotImplemented,
   JwtTokenExpired,
   JwtTokenInvalid,
+  JwtTokenIssuedAt,
   JwtTokenNotBefore,
   JwtTokenSignatureMismatched
 };

package/dist/utils/url.js

@@ -57,7 +57,7 @@ var getPattern = (label) => {
 var getPathFromURL = (url, strict = true) => {
   const queryIndex = url.indexOf("?", 8);
   const result = url.substring(url.indexOf("/", 8), queryIndex === -1 ? url.length : queryIndex);
-  if (strict === false && result.endsWith("/")) {
+  if (strict === false && /.+\/$/.test(result)) {
     return result.slice(0, -1);
   }
   return result;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "hono",
-  "version": "3.1.1",
+  "version": "3.1.2",
   "description": "Ultrafast web framework for the Edge",
   "main": "dist/cjs/index.js",
   "type": "module",